Public exposure warning on affected network group pages. config-able so a plugin can shut it up.
This commit is contained in:
		
					parent
					
						
							
								b500da74b6
							
						
					
				
			
			
				commit
				
					
						9b50b0e16f
					
				
			
		
					 4 changed files with 26 additions and 7 deletions
				
			
		
							
								
								
									
										4
									
								
								boot.php
									
										
									
									
									
								
							
							
						
						
									
										4
									
								
								boot.php
									
										
									
									
									
								
							|  | @ -2,7 +2,7 @@ | |||
| 
 | ||||
| set_time_limit(0); | ||||
| 
 | ||||
| define ( 'FRIENDIKA_VERSION',      '2.1.936' ); | ||||
| define ( 'FRIENDIKA_VERSION',      '2.1.938' ); | ||||
| define ( 'DFRN_PROTOCOL_VERSION',  '2.2'  ); | ||||
| define ( 'DB_UPDATE_VERSION',      1046   ); | ||||
| 
 | ||||
|  | @ -2022,7 +2022,7 @@ function contact_block() { | |||
| 			intval($shown) | ||||
| 	); | ||||
| 	if(count($r)) { | ||||
| 		$o .= '<h4 class="contact-h4">' .  sprintf(tt('%d Contact','%d Contacts', $total),$total) . '</h4><div id="contact-block">'; | ||||
| 		$o .= '<h4 class="contact-h4">' .  sprintf( tt('%d Contact','%d Contacts', $total),$total) . '</h4><div id="contact-block">'; | ||||
| 		foreach($r as $rr) { | ||||
| 			$redirect_url = $a->get_baseurl() . '/redir/' . $rr['id']; | ||||
| 			if(local_user() && ($rr['uid'] == local_user()) | ||||
|  |  | |||
|  | @ -110,7 +110,7 @@ function group_get_members($gid) { | |||
| 			LEFT JOIN `contact` ON `contact`.`id` = `group_member`.`contact-id`  | ||||
| 			WHERE `gid` = %d AND `group_member`.`uid` = %d",
 | ||||
| 			intval($gid), | ||||
| 			intval($_SESSION['uid']) | ||||
| 			intval(local_user()) | ||||
| 		); | ||||
| 		if(count($r)) | ||||
| 			$ret = $r; | ||||
|  | @ -118,6 +118,21 @@ function group_get_members($gid) { | |||
| 	return $ret; | ||||
| } | ||||
| 
 | ||||
| function group_public_members($gid) { | ||||
| 	$ret = 0; | ||||
| 	if(intval($gid)) { | ||||
| 		$r = q("SELECT `contact`.`id` AS `contact-id` FROM `group_member` 
 | ||||
| 			LEFT JOIN `contact` ON `contact`.`id` = `group_member`.`contact-id`  | ||||
| 			WHERE `gid` = %d AND `group_member`.`uid` = %d AND `contact`.`network` != 'dfrn' ",
 | ||||
| 			intval($gid), | ||||
| 			intval(local_user()) | ||||
| 		);		 | ||||
| 		if(count($r)) | ||||
| 			$ret = count($r); | ||||
| 	} | ||||
| 	return $ret; | ||||
| } | ||||
| 
 | ||||
| 
 | ||||
| 
 | ||||
| function group_side($every="contacts",$each="group") { | ||||
|  |  | |||
|  | @ -42,10 +42,6 @@ if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { | |||
| } else { | ||||
| 	$lang = ((isset($a->config['system']['language'])) ? $a->config['system']['language'] : 'en'); | ||||
| } | ||||
| if(x($_POST,'system_language')) | ||||
| if(x($_SESSION,'language')) | ||||
| 	$lang = $_SESSION['language']; | ||||
| 
 | ||||
| 
 | ||||
| 	 | ||||
| load_translation_table($lang); | ||||
|  |  | |||
|  | @ -54,6 +54,14 @@ function network_content(&$a, $update = 0) { | |||
| 	} | ||||
| 
 | ||||
| 	if(! $update) { | ||||
| 		if(group) { | ||||
| 			if(($t = group_public_members($group)) && (! get_pconfig(local_user(),'system','nowarn_insecure'))) { | ||||
| 				$plural_form = sprintf( tt('%d member', '%d members', $t), $t); | ||||
| 				notice( sprintf( t('Warning: This group contains %s from an insecure network.'), $plural_form ) . EOL); | ||||
| 				notice( t('Private messages to this group are at risk of public disclosure.') . EOL); | ||||
| 			} | ||||
| 		} | ||||
| 
 | ||||
| 		$o .= '<script>	$(document).ready(function() { $(\'#nav-network-link\').addClass(\'nav-selected\'); });</script>'; | ||||
| 
 | ||||
| 		$_SESSION['return_url'] = $a->cmd; | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue