From 28b0eb9c330261ea6a8cd36248c194b6b153f5e6 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Sun, 17 Nov 2013 14:28:13 -0800
Subject: more work on redmtx.com magic-auth situation

---
 mod/magic.php | 26 ++++++++++++++++++++++----
 1 file changed, 22 insertions(+), 4 deletions(-)

(limited to 'mod/magic.php')

diff --git a/mod/magic.php b/mod/magic.php
index 4794f86a8..21f703192 100644
--- a/mod/magic.php
+++ b/mod/magic.php
@@ -28,16 +28,34 @@ function magic_init(&$a) {
 		);
 	}
 	else {
+
 		// See if we know anybody at the dest site that will unlock the door for us
+		// This is the equivalent of buzzing every apartment in an apartment block
+		// to get inside the front gate. The thing about magic auth is that we're 
+		// authenticating to the other site. Permissions provided by various 
+		// channels will still affect what we can do once authenticated.
+
 		$b = explode('/',$dest);
 
 		if(count($b) >= 2) {
 			$u = $b[0] . '//' . $b[2];
 
-			$x = q("select xchan.xchan_url, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
-				where hubloc_url = '%s' order by hubloc_id desc limit 5",
-				dbesc($u)
-			);
+			if(local_user()) {
+				// first look for a connection or anybody who knows us
+				$x = q("select xchan.xchan_url, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash 
+					left join abook on abook_xchan = hubloc_hash
+					where abook_channel = %d and hubloc_url = '%s' order by hubloc_id desc limit 5",
+					intval(local_user()),
+					dbesc($u)
+				);
+			}
+			if(! $x) {
+				// no luck - ok anybody will do
+				$x = q("select xchan.xchan_url, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
+					where hubloc_url = '%s' order by hubloc_id desc limit 5",
+					dbesc($u)
+				);
+			}
 
 			if($x) {
 				// They must have a valid hubloc_addr
-- 
cgit v1.2.3