From 94f15e355166f0abd3698414948abff2397a7ad0 Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Thu, 20 Apr 2017 20:19:15 -0700
Subject: The rest of the library and backend changes to support client-side
 e2ee and deprecate previous uses of item_obscured.

---
 Zotlabs/Module/Editwebpage.php | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

(limited to 'Zotlabs/Module/Editwebpage.php')

diff --git a/Zotlabs/Module/Editwebpage.php b/Zotlabs/Module/Editwebpage.php
index 03b2aeab9..db33cd1db 100644
--- a/Zotlabs/Module/Editwebpage.php
+++ b/Zotlabs/Module/Editwebpage.php
@@ -100,19 +100,14 @@ class Editwebpage extends \Zotlabs\Web\Controller {
 			intval($owner)
 		);
 
-		if(! $itm) {
+		// don't allow web editing of potentially binary content (item_obscured = 1)
+		// @FIXME how do we do it instead?
+
+		if((! $itm) || intval($itm[0]['item_obscured'])) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
 
-		if(intval($itm[0]['item_obscured'])) {
-			$key = get_config('system','prvkey');
-			if($itm[0]['title'])
-				$itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key);
-			if($itm[0]['body'])
-				$itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key);
-		}
-
 		$item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1",
 			intval($itm[0]['id'])
 		);
-- 
cgit v1.2.3