From 529824d010cf88c409d5ce894b72060caccae580 Mon Sep 17 00:00:00 2001 From: Mario Date: Sat, 4 Sep 2021 08:18:41 +0000 Subject: more unpack_link_id() --- Zotlabs/Module/Hq.php | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) (limited to 'Zotlabs/Module/Hq.php') diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php index 8c126d154..4e9e75357 100644 --- a/Zotlabs/Module/Hq.php +++ b/Zotlabs/Module/Hq.php @@ -31,7 +31,12 @@ class Hq extends \Zotlabs\Web\Controller { } if(isset($_REQUEST['mid'])) { - $item_hash = $_REQUEST['mid']; + $item_hash = unpack_link_id($_REQUEST['mid']); + } + + if($item_hash === false) { + notice(t('Malformed message id.') . EOL); + return; } $item_normal = item_normal(); @@ -45,18 +50,12 @@ class Hq extends \Zotlabs\Web\Controller { intval(local_channel()) ); if($r[0]['mid']) { - $item_hash = 'b64.' . base64url_encode($r[0]['mid']); + $item_hash = $r[0]['mid']; } } if($item_hash) { - if(strpos($item_hash,'b64.') === 0) - $decoded = @base64url_decode(substr($item_hash,4)); - - if($decoded) - $item_hash = $decoded; - $target_item = null; $r = q("select id, uid, mid, parent_mid, thr_parent, verb, item_type, item_deleted, item_blocked from item where mid = '%s' limit 1", @@ -124,10 +123,10 @@ class Hq extends \Zotlabs\Web\Controller { if($target_item) { // if the target item is not a post (eg a like) we want to address its thread parent //$mid = ((($target_item['verb'] == ACTIVITY_LIKE) || ($target_item['verb'] == ACTIVITY_DISLIKE)) ? $target_item['thr_parent'] : $target_item['mid']); - $mid = $target_item['mid']; + // if we got a decoded hash we must encode it again before handing to javascript - if($decoded) - $mid = 'b64.' . base64url_encode($mid); + $mid = gen_link_id($target_item['mid']); + } else { $mid = ''; -- cgit v1.2.3 From 0e1e1cda7ab78baff4f960580c2a0fa92f97c0eb Mon Sep 17 00:00:00 2001 From: Mario Date: Sat, 4 Sep 2021 20:18:59 +0000 Subject: fix regressions in mod hq --- Zotlabs/Module/Hq.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'Zotlabs/Module/Hq.php') diff --git a/Zotlabs/Module/Hq.php b/Zotlabs/Module/Hq.php index 4e9e75357..929f2b758 100644 --- a/Zotlabs/Module/Hq.php +++ b/Zotlabs/Module/Hq.php @@ -23,11 +23,12 @@ class Hq extends \Zotlabs\Web\Controller { function get($update = 0, $load = false) { - if(!local_channel()) + if(!local_channel()) { return; + } if(argc() > 1 && argv(1) !== 'load') { - $item_hash = argv(1); + $item_hash = unpack_link_id(argv(1)); } if(isset($_REQUEST['mid'])) { @@ -46,6 +47,7 @@ class Hq extends \Zotlabs\Web\Controller { $r = q("SELECT mid FROM item WHERE uid = %d $item_normal AND mid = parent_mid + AND item_private IN (0, 1) ORDER BY created DESC LIMIT 1", intval(local_channel()) ); @@ -126,7 +128,6 @@ class Hq extends \Zotlabs\Web\Controller { // if we got a decoded hash we must encode it again before handing to javascript $mid = gen_link_id($target_item['mid']); - } else { $mid = ''; -- cgit v1.2.3