From 0f7832dc30fb4d8aedd24b6ad8a9e48876a77dd0 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 13 Mar 2017 16:19:47 -0700 Subject: code_allowed is a real mess. Start the cleanup by remving the account level code allow and limiting to specific channels only. This reduces the possibility of cross channel security issues coming into play. Then provide a single function for checking the code permission. This is only partially done as we often need to check against the observer or logged in channel as well as the resource owner to ensure that this only returns true for local channels which also own the requested resource. --- boot.php | 1 - 1 file changed, 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index edd483e82..6c6078173 100755 --- a/boot.php +++ b/boot.php @@ -549,7 +549,6 @@ define ( 'ACCOUNT_PENDING', 0x0010 ); * Account roles */ -define ( 'ACCOUNT_ROLE_ALLOWCODE', 0x0001 ); define ( 'ACCOUNT_ROLE_SYSTEM', 0x0002 ); define ( 'ACCOUNT_ROLE_DEVELOPER', 0x0004 ); define ( 'ACCOUNT_ROLE_ADMIN', 0x1000 ); -- cgit v1.2.3 From 8d72cea2d1008dd73ff5f4c7442a4cc0c718eb5c Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 14 Mar 2017 00:22:57 -0700 Subject: get rid of some cruft in boot.php --- boot.php | 79 ++++++++++++++-------------------------------------------------- 1 file changed, 17 insertions(+), 62 deletions(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 6c6078173..131699153 100755 --- a/boot.php +++ b/boot.php @@ -5,14 +5,13 @@ */ /** - * Hubzilla. * - * Hubzilla is an open source decentralised communications + * This is an open source decentralised communications * platform combined with a decentralised identity/authentication framework * wrapped in an extensible content management system, providing website designers * the ability to embed fully decentralised communications and social tools * into many traditional website designs (blogs, forums, small business - * websites, charitable organisations, etc.). Hubzilla also provides DNS mobility + * websites, charitable organisations, etc.). Also provided is DNS mobility * and internet scale privacy/access control. * * This allows any individual website to participate in a matrix of linked @@ -126,7 +125,9 @@ define ( 'LANGUAGE_DETECT_MIN_CONFIDENCE', 0.01 ); * either more or less restrictive. */ -define ( 'STORAGE_DEFAULT_PERMISSIONS', 0770 ); +if(! defined('STORAGE_DEFAULT_PERMISSIONS')) { + define ( 'STORAGE_DEFAULT_PERMISSIONS', 0770 ); +} /** @@ -148,12 +149,6 @@ define ( 'STORAGE_DEFAULT_PERMISSIONS', 0770 ); define ( 'MAX_IMAGE_LENGTH', -1 ); -/** - * Not yet used - */ - -define ( 'DEFAULT_DB_ENGINE', 'MyISAM' ); - /** * log levels */ @@ -191,15 +186,6 @@ define ( 'ACCESS_PAID', 1 ); define ( 'ACCESS_FREE', 2 ); define ( 'ACCESS_TIERED', 3 ); -/** - * relationship types - */ - -define ( 'CONTACT_IS_FOLLOWER', 1); -define ( 'CONTACT_IS_SHARING', 2); -define ( 'CONTACT_IS_FRIEND', 3); - - /** * DB update return values */ @@ -526,14 +512,6 @@ define ( 'ACTIVITY_OBJ_THING', NAMESPACE_ZOT . '/activity/thing' ); define ( 'ACTIVITY_OBJ_LOCATION',NAMESPACE_ZOT . '/activity/location' ); define ( 'ACTIVITY_OBJ_FILE', NAMESPACE_ZOT . '/activity/file' ); -/** - * item weight for query ordering - */ - -define ( 'GRAVITY_PARENT', 0); -define ( 'GRAVITY_LIKE', 3); -define ( 'GRAVITY_COMMENT', 6); - /** * Account Flags */ @@ -558,16 +536,16 @@ define ( 'ACCOUNT_ROLE_ADMIN', 0x1000 ); */ define ( 'ITEM_VISIBLE', 0x0000); -//define ( 'ITEM_HIDDEN', 0x0001); +define ( 'ITEM_HIDDEN', 0x0001); define ( 'ITEM_BLOCKED', 0x0002); define ( 'ITEM_MODERATED', 0x0004); define ( 'ITEM_SPAM', 0x0008); -//define ( 'ITEM_DELETED', 0x0010); +define ( 'ITEM_DELETED', 0x0010); define ( 'ITEM_UNPUBLISHED', 0x0020); -//define ( 'ITEM_WEBPAGE', 0x0040); // is a static web page, not a conversational item +define ( 'ITEM_WEBPAGE', 0x0040); // is a static web page, not a conversational item define ( 'ITEM_DELAYED_PUBLISH', 0x0080); define ( 'ITEM_BUILDBLOCK', 0x0100); // Named thusly to make sure nobody confuses this with ITEM_BLOCKED -//define ( 'ITEM_PDL', 0x0200); // Page Description Language - e.g. Comanche +define ( 'ITEM_PDL', 0x0200); // Page Description Language - e.g. Comanche define ( 'ITEM_BUG', 0x0400); // Is a bug, can be used by the internal bug tracker define ( 'ITEM_PENDING_REMOVE', 0x0800); // deleted, notification period has lapsed define ( 'ITEM_DOC', 0x1000); // hubzilla only, define here so that item import does the right thing @@ -726,6 +704,7 @@ function startup() { * which is now static (although currently constructed at startup). We are only converting * 'system' config settings. */ + class miniApp { public $config = array('system' => array()); @@ -1822,18 +1801,6 @@ function local_channel() { return false; } -/** - * local_user() got deprecated and replaced by local_channel(). - * - * @deprecated since v2.1, use local_channel() - * @see local_channel() - */ -function local_user() { - logger('local_user() is DEPRECATED, use local_channel()'); - return local_channel(); -} - - /** * @brief Returns a xchan_hash (visitor_id) of remote authenticated visitor * or false. @@ -1855,18 +1822,6 @@ function remote_channel() { return false; } -/** - * remote_user() got deprecated and replaced by remote_channel(). - * - * @deprecated since v2.1, use remote_channel() - * @see remote_channel() - */ -function remote_user() { - logger('remote_user() is DEPRECATED, use remote_channel()'); - return remote_channel(); -} - - /** * Contents of $s are displayed prominently on the page the next time * a page is loaded. Usually used for errors or alerts. @@ -2356,7 +2311,7 @@ function construct_page(&$a) { } /** - * @brief Returns Hubzilla's root directory. + * @brief Returns appplication root directory. * * @return string */ @@ -2372,7 +2327,7 @@ function appdirpath() { function head_set_icon($icon) { App::$data['pageicon'] = $icon; -// logger('head_set_icon: ' . $icon); + } /** @@ -2448,10 +2403,10 @@ function z_get_temp_dir() { function z_check_cert() { if(strpos(z_root(),'https://') !== false) { - $x = z_fetch_url(z_root() . '/siteinfo/json'); + $x = z_fetch_url(z_root() . '/siteinfo.json'); if(! $x['success']) { $recurse = 0; - $y = z_fetch_url(z_root() . '/siteinfo/json',false,$recurse,array('novalidate' => true)); + $y = z_fetch_url(z_root() . '/siteinfo.json',false,$recurse,array('novalidate' => true)); if($y['success']) cert_bad_email(); } @@ -2462,9 +2417,9 @@ function z_check_cert() { /** * @brief Send email to admin if server has an invalid certificate. * - * If a Hubzilla hub is available over https it must have a publicly valid - * certificate. + * If a hub is available over https it must have a publicly valid certificate. */ + function cert_bad_email() { $email_tpl = get_intltext_template("cert_bad_eml.tpl"); @@ -2474,7 +2429,7 @@ function cert_bad_email() { '$error' => t('Website SSL certificate is not valid. Please correct.') )); - $subject = email_header_encode(sprintf(t('[hubzilla] Website SSL error for %s'), App::get_hostname())); + $subject = email_header_encode(sprintf(t('[$Projectname] Website SSL error for %s'), App::get_hostname())); mail(App::$config['system']['admin_email'], $subject, $email_msg, 'From: Administrator' . '@' . App::get_hostname() . "\n" . 'Content-type: text/plain; charset=UTF-8' . "\n" -- cgit v1.2.3 From 954176cfc3e5c49e9ed74749bd52d2c8ff3c3852 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Wed, 29 Mar 2017 14:22:37 +0200 Subject: bump version --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 131699153..07d21fd06 100755 --- a/boot.php +++ b/boot.php @@ -49,7 +49,7 @@ require_once('include/hubloc.php'); define ( 'PLATFORM_NAME', 'hubzilla' ); -define ( 'STD_VERSION', '2.3.1' ); +define ( 'STD_VERSION', '2.3.2' ); define ( 'ZOT_REVISION', '1.2' ); define ( 'DB_UPDATE_VERSION', 1188 ); -- cgit v1.2.3 From 3b6a0d8e5cb787bace27aee67f7ae0f4130e3132 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Wed, 29 Mar 2017 15:55:21 +0200 Subject: remove hubzilla.site from directory fallback servers until further notice --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 07d21fd06..b9c5bfd89 100755 --- a/boot.php +++ b/boot.php @@ -81,7 +81,7 @@ define ( 'DIRECTORY_REALM', 'RED_GLOBAL'); define ( 'DIRECTORY_FALLBACK_MASTER', 'https://gravizot.de'); $DIRECTORY_FALLBACK_SERVERS = array( - 'https://hubzilla.site', + //'https://hubzilla.site', 'https://hubzilla.zottel.net', 'https://my.federated.social', 'https://hubzilla.nl', -- cgit v1.2.3