From 7639157a4907e9dbdffe6dd24f4f687f4cce6f01 Mon Sep 17 00:00:00 2001
From: Mario <mario@mariovavti.com>
Date: Sat, 21 Nov 2020 20:15:05 +0000
Subject: restrict returned html usage to local_channel() until some issues
 will be worked out

---
 Zotlabs/Module/Item.php |  28 +++++++++-----
 Zotlabs/Module/Like.php | 101 +++++++++++++++++++++++++-----------------------
 2 files changed, 70 insertions(+), 59 deletions(-)

(limited to 'Zotlabs')

diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php
index 66c18fefd..ce344ee82 100644
--- a/Zotlabs/Module/Item.php
+++ b/Zotlabs/Module/Item.php
@@ -1374,16 +1374,24 @@ class Item extends Controller {
 			goaway(z_root() . "/" . $return_path);
 		}
 
-		$item[] = $datarray;
-		$item[0]['owner'] = $owner_xchan;
-		$item[0]['author'] = $observer;
-		$item[0]['attach'] = json_encode($datarray['attach']);
-
-		$json = [
-			'success' => 1,
-			'id' => $post_id,
-			'html' => conversation($item,'network',true,'r_preview'),
-		];
+
+		if(local_channel()) {
+			$item[] = $datarray;
+			$item[0]['owner'] = $owner_xchan;
+			$item[0]['author'] = $observer;
+			$item[0]['attach'] = json_encode($datarray['attach']);
+
+			$json = [
+				'success' => 1,
+				'id' => $post_id,
+				'html' => conversation($item,'network',true,'r_preview'),
+			];
+		}
+		else {
+			$json = [
+				'success' => 1
+			];
+		}
 
 		if(x($_REQUEST,'jsreload') && strlen($_REQUEST['jsreload']))
 			$json['reload'] = z_root() . '/' . $_REQUEST['jsreload'];
diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php
index 638ec6a78..02fc87756 100644
--- a/Zotlabs/Module/Like.php
+++ b/Zotlabs/Module/Like.php
@@ -368,31 +368,33 @@ class Like extends \Zotlabs\Web\Controller {
 					return;
 	
 				if(! $multi_undo) {
-					$item_normal = item_normal();
-					$activities = q("SELECT item.*, item.id AS item_id FROM item
-						WHERE uid = %d $item_normal
-						AND thr_parent = '%s'
-						AND verb IN ('%s', '%s', '%s', '%s', '%s')",
-						intval($owner_uid),
-						dbesc($item['mid']),
-						dbesc(ACTIVITY_LIKE),
-						dbesc(ACTIVITY_DISLIKE),
-						dbesc(ACTIVITY_ATTEND),
-						dbesc(ACTIVITY_ATTENDNO),
-						dbesc(ACTIVITY_ATTENDMAYBE)
-					);
-					xchan_query($activities,true);
-					$convitems[] = $item;
-					$convitems = array_merge($convitems, $activities);
-
-					$json = [
-						'success' => 1,
-						'orig_id' => $item_id,
-						'id' => $item['id'],
-						'html' => conversation($convitems,'network',true,'r_preview'),
-					];
-
-					echo json_encode($json);
+					if(local_channel()) {
+						$item_normal = item_normal();
+						$activities = q("SELECT item.*, item.id AS item_id FROM item
+							WHERE uid = %d $item_normal
+							AND thr_parent = '%s'
+							AND verb IN ('%s', '%s', '%s', '%s', '%s')",
+							intval($owner_uid),
+							dbesc($item['mid']),
+							dbesc(ACTIVITY_LIKE),
+							dbesc(ACTIVITY_DISLIKE),
+							dbesc(ACTIVITY_ATTEND),
+							dbesc(ACTIVITY_ATTENDNO),
+							dbesc(ACTIVITY_ATTENDMAYBE)
+						);
+						xchan_query($activities,true);
+						$convitems[] = $item;
+						$convitems = array_merge($convitems, $activities);
+
+						$json = [
+							'success' => 1,
+							'orig_id' => $item_id,
+							'id' => $item['id'],
+							'html' => conversation($convitems,'network',true,'r_preview'),
+						];
+
+						echo json_encode($json);
+					}
 					killme();
 				}
 
@@ -531,33 +533,34 @@ class Like extends \Zotlabs\Web\Controller {
 	
 		call_hooks('post_local',$arr);
 
-	
 		$post = item_store($arr);	
 		$post_id = $post['item_id'];
 
-		$item_normal = item_normal();
-		$activities = q("SELECT item.*, item.id AS item_id FROM item
-			WHERE uid = %d $item_normal
-			AND thr_parent = '%s'
-			AND verb IN ('%s', '%s', '%s', '%s', '%s')",
-			intval($owner_uid),
-			dbesc($item['mid']),
-			dbesc(ACTIVITY_LIKE),
-			dbesc(ACTIVITY_DISLIKE),
-			dbesc(ACTIVITY_ATTEND),
-			dbesc(ACTIVITY_ATTENDNO),
-			dbesc(ACTIVITY_ATTENDMAYBE)
-		);
-		xchan_query($activities,true);
-		$convitems[] = $item;
-		$convitems = array_merge($convitems, $activities);
-
-		$json = [
-			'success' => 1,
-			'orig_id' => $item_id, //this is required for pubstream where $item_id != $item['id']
-			'id' => $item['id'],
-			'html' => conversation($convitems,'network',true,'r_preview'),
-		];
+		if(local_channel()) {
+			$item_normal = item_normal();
+			$activities = q("SELECT item.*, item.id AS item_id FROM item
+				WHERE uid = %d $item_normal
+				AND thr_parent = '%s'
+				AND verb IN ('%s', '%s', '%s', '%s', '%s')",
+				intval($owner_uid),
+				dbesc($item['mid']),
+				dbesc(ACTIVITY_LIKE),
+				dbesc(ACTIVITY_DISLIKE),
+				dbesc(ACTIVITY_ATTEND),
+				dbesc(ACTIVITY_ATTENDNO),
+				dbesc(ACTIVITY_ATTENDMAYBE)
+			);
+			xchan_query($activities,true);
+			$convitems[] = $item;
+			$convitems = array_merge($convitems, $activities);
+
+			$json = [
+				'success' => 1,
+				'orig_id' => $item_id, //this is required for pubstream where $item_id != $item['id']
+				'id' => $item['id'],
+				'html' => conversation($convitems,'network',true,'r_preview'),
+			];
+		}
 
 		// save the conversation from expiration
 
-- 
cgit v1.2.3