From 08f054130f5a57e2928e129131e7609271ec7f40 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 24 Feb 2015 16:36:27 -0800 Subject: require access token to view, query, or join directories in private realms, if the realm is so configured. --- mod/dirsearch.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'mod/dirsearch.php') diff --git a/mod/dirsearch.php b/mod/dirsearch.php index 5a0a7cee8..12abfafb8 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -13,7 +13,6 @@ function dirsearch_content(&$a) { $ret = array('success' => false); - $dirmode = intval(get_config('system','directory_mode')); if($dirmode == DIRECTORY_MODE_NORMAL) { @@ -21,6 +20,15 @@ function dirsearch_content(&$a) { json_return_and_die($ret); } + $access_token = $_REQUEST['t']; + + $token = get_config('system','realm_token'); + if($token && $access_token != $token) { + $result['message'] = t('This directory server requires an access token'); + return; + } + + if(argc() > 1 && argv(1) === 'sites') { $ret = list_public_sites(); json_return_and_die($ret); -- cgit v1.2.3 From bd4d2f3b44face9d265c28c84e9ca9eb85d1ee7d Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 5 Mar 2015 19:16:50 -0800 Subject: make alpahabetic searches start with A --- mod/dirsearch.php | 41 ++++++++++++++++++++++++++++++++++++----- 1 file changed, 36 insertions(+), 5 deletions(-) (limited to 'mod/dirsearch.php') diff --git a/mod/dirsearch.php b/mod/dirsearch.php index 12abfafb8..01cbccbed 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -186,8 +186,10 @@ function dirsearch_content(&$a) { } - if($sort_order == 'normal') + if($sort_order == 'normal') { $order = " order by xchan_name asc "; + $safesql .= " and ascii(substr(xchan_name FROM 1 FOR 1)) > 64 "; + } elseif($sort_order == 'reverse') $order = " order by xchan_name desc "; elseif($sort_order == 'reversedate') @@ -238,15 +240,44 @@ function dirsearch_content(&$a) { json_return_and_die($spkt); } else { - $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and xchan_network = 'zot' and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 $safesql $order $qlimit ", + + // The query mangling is designed to make alphabetic searches start with 'A' and not precede real names + // with those containing a bunch of punctuation + + if($sort_order == 'normal') { + $sql = $safesql .= " and ascii(substr(xchan_name FROM 1 FOR 1)) > 64 "; + } + else { + $sql = $safesql; + } + + $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and xchan_network = 'zot' and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 $sql $order $qlimit ", intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_DELETED) ); - } - $ret['page'] = $page + 1; - $ret['records'] = count($r); + $ret['page'] = $page + 1; + $ret['records'] = count($r); + + + if(! $r) { + + if($sort_order == 'normal') { + $sql = $safesql .= " and ascii(substr(xchan_name FROM 1 FOR 1)) <= 64 "; + + $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and xchan_network = 'zot' and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 $sql $order $qlimit ", + intval(XCHAN_FLAGS_HIDDEN), + intval(XCHAN_FLAGS_ORPHAN), + intval(XCHAN_FLAGS_DELETED) + ); + + $ret['page'] = $page + 1; + $ret['records'] = count($r); + + } + } + } if($r) { -- cgit v1.2.3 From f6da235a7d0eae48f7b691a139825708b99dcd75 Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 5 Mar 2015 23:31:01 -0800 Subject: major cleanup of directory options --- mod/dirsearch.php | 42 ++++++++++-------------------------------- 1 file changed, 10 insertions(+), 32 deletions(-) (limited to 'mod/dirsearch.php') diff --git a/mod/dirsearch.php b/mod/dirsearch.php index 01cbccbed..e734423a6 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -119,7 +119,7 @@ function dirsearch_content(&$a) { $sql_extra .= dir_query_build($joiner,'xprof_keywords',$keywords); if($forums) - $sql_extra .= dir_flag_build($joiner,'xprof_flags',XCHAN_FLAGS_PUBFORUM, $forums); + $sql_extra .= dir_flag_build(' AND ','xchan_flags',XCHAN_FLAGS_PUBFORUM, $forums); // we only support an age range currently. You must set both agege @@ -188,6 +188,11 @@ function dirsearch_content(&$a) { if($sort_order == 'normal') { $order = " order by xchan_name asc "; + + // Start the alphabetic search at 'A' + // This will make a handful of channels whose names begin with + // punctuation un-searchable in this mode + $safesql .= " and ascii(substr(xchan_name FROM 1 FOR 1)) > 64 "; } elseif($sort_order == 'reverse') @@ -241,49 +246,22 @@ function dirsearch_content(&$a) { } else { - // The query mangling is designed to make alphabetic searches start with 'A' and not precede real names - // with those containing a bunch of punctuation - - if($sort_order == 'normal') { - $sql = $safesql .= " and ascii(substr(xchan_name FROM 1 FOR 1)) > 64 "; - } - else { - $sql = $safesql; - } - - $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and xchan_network = 'zot' and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 $sql $order $qlimit ", + $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and xchan_network = 'zot' and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 $safesql $order $qlimit ", intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_DELETED) ); + $ret['page'] = $page + 1; $ret['records'] = count($r); - - - if(! $r) { - - if($sort_order == 'normal') { - $sql = $safesql .= " and ascii(substr(xchan_name FROM 1 FOR 1)) <= 64 "; - - $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and xchan_network = 'zot' and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 $sql $order $qlimit ", - intval(XCHAN_FLAGS_HIDDEN), - intval(XCHAN_FLAGS_ORPHAN), - intval(XCHAN_FLAGS_DELETED) - ); - - $ret['page'] = $page + 1; - $ret['records'] = count($r); - - } - } } + if($r) { $entries = array(); - foreach($r as $rr) { $entry = array(); @@ -348,7 +326,7 @@ function dir_query_build($joiner,$field,$s) { } function dir_flag_build($joiner,$field,$bit,$s) { - return dbesc($joiner) . " ( " . dbesc('xchan_flags') . " & " . intval($bit) . " ) " . ((intval($s)) ? '>' : '=' ) . " 0 "; + return dbesc($joiner) . " ( " . dbesc($field) . " & " . intval($bit) . " ) " . ((intval($s)) ? '>' : '=' ) . " 0 "; } -- cgit v1.2.3 From aac4affe656176f0538513435a4fdd8a69f244fc Mon Sep 17 00:00:00 2001 From: friendica Date: Sat, 7 Mar 2015 15:21:23 -0800 Subject: directory: fix public forum listing --- mod/dirsearch.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'mod/dirsearch.php') diff --git a/mod/dirsearch.php b/mod/dirsearch.php index e734423a6..b4154c1eb 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -12,6 +12,8 @@ function dirsearch_content(&$a) { $ret = array('success' => false); +// logger('request: ' . print_r($_REQUEST,true)); + $dirmode = intval(get_config('system','directory_mode')); @@ -119,7 +121,7 @@ function dirsearch_content(&$a) { $sql_extra .= dir_query_build($joiner,'xprof_keywords',$keywords); if($forums) - $sql_extra .= dir_flag_build(' AND ','xchan_flags',XCHAN_FLAGS_PUBFORUM, $forums); + $safesql .= dir_flag_build(' AND ','xchan_flags',XCHAN_FLAGS_PUBFORUM, $forums); // we only support an age range currently. You must set both agege @@ -165,9 +167,9 @@ function dirsearch_content(&$a) { } - $safesql = (($safe > 0) ? " and not ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " )>0 " : ''); + $safesql .= (($safe > 0) ? " and not ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " )>0 " : ''); if($safe < 0) - $safesql = " and ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " )>0 "; + $safesql .= " and ( xchan_flags & " . intval(XCHAN_FLAGS_CENSORED|XCHAN_FLAGS_SELFCENSORED) . " )>0 "; if($limit) $qlimit = " LIMIT $limit "; -- cgit v1.2.3 From 1578c49976110c6c4c0a0dcf63ba40be4529045c Mon Sep 17 00:00:00 2001 From: Habeas Codice Date: Thu, 12 Mar 2015 00:28:49 -0700 Subject: substr() is a mysql alias for substring(). substring() is in the SQL standard and is supported by both databases. --- mod/dirsearch.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod/dirsearch.php') diff --git a/mod/dirsearch.php b/mod/dirsearch.php index b4154c1eb..07621aaef 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -195,7 +195,7 @@ function dirsearch_content(&$a) { // This will make a handful of channels whose names begin with // punctuation un-searchable in this mode - $safesql .= " and ascii(substr(xchan_name FROM 1 FOR 1)) > 64 "; + $safesql .= " and ascii(substring(xchan_name FROM 1 FOR 1)) > 64 "; } elseif($sort_order == 'reverse') $order = " order by xchan_name desc "; -- cgit v1.2.3 From 04959a095f46272ecfee225e1dd85796f4e0676f Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 6 Apr 2015 16:14:12 -0700 Subject: make the findpeople widget honour the local/global directory setting --- mod/dirsearch.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod/dirsearch.php') diff --git a/mod/dirsearch.php b/mod/dirsearch.php index 07621aaef..c741d31a3 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -100,7 +100,7 @@ function dirsearch_content(&$a) { if($name) $sql_extra .= dir_query_build($joiner,'xchan_name',$name); if($hub) - $sql_extra .= " $joiner xchan_hash in (select hubloc_hash from hubloc where hubloc_host = '" . protect_sprintf(dbesc($hub)) . "') "; + $sql_extra .= " and xchan_hash in (select hubloc_hash from hubloc where hubloc_host = '" . protect_sprintf(dbesc($hub)) . "') "; if($address) $sql_extra .= dir_query_build($joiner,'xchan_addr',$address); if($city) -- cgit v1.2.3 From 558246257c4cbc91b55884b3d6252e41858b9955 Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 7 Apr 2015 13:51:51 -0700 Subject: separate the hub query since it changes the logic default and cannot easily be grouped --- mod/dirsearch.php | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'mod/dirsearch.php') diff --git a/mod/dirsearch.php b/mod/dirsearch.php index c741d31a3..d997020b2 100644 --- a/mod/dirsearch.php +++ b/mod/dirsearch.php @@ -91,6 +91,12 @@ function dirsearch_content(&$a) { else $sync = false; + + if($hub) + $hub_query = " and xchan_hash in (select hubloc_hash from hubloc where hubloc_host = '" . protect_sprintf(dbesc($hub)) . "') "; + else + $hub_query = ''; + $sort_order = ((x($_REQUEST,'order')) ? $_REQUEST['order'] : ''); $joiner = ' OR '; @@ -99,8 +105,6 @@ function dirsearch_content(&$a) { if($name) $sql_extra .= dir_query_build($joiner,'xchan_name',$name); - if($hub) - $sql_extra .= " and xchan_hash in (select hubloc_hash from hubloc where hubloc_host = '" . protect_sprintf(dbesc($hub)) . "') "; if($address) $sql_extra .= dir_query_build($joiner,'xchan_addr',$address); if($city) @@ -248,13 +252,12 @@ function dirsearch_content(&$a) { } else { - $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) and xchan_network = 'zot' and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 $safesql $order $qlimit ", + $r = q("SELECT xchan.*, xprof.* from xchan left join xprof on xchan_hash = xprof_hash where ( $logic $sql_extra ) $hub_query and xchan_network = 'zot' and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 and not ( xchan_flags & %d )>0 $safesql $order $qlimit ", intval(XCHAN_FLAGS_HIDDEN), intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_DELETED) ); - $ret['page'] = $page + 1; $ret['records'] = count($r); } -- cgit v1.2.3