preparation for some possibly killer features

This commit is contained in:
friendica 2012-03-26 17:57:27 -07:00
parent 03b95c9a09
commit b5d0315d55
3 changed files with 23 additions and 15 deletions

View file

@ -7,14 +7,11 @@ require_once('include/crypto.php');
function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) {
// default permissions - anonymous user
if(! strlen($owner_nick))
killme();
$sitefeed = ((strlen($owner_nick)) ? false : true); // not yet implemented, need to rewrite huge chunks of following logic
$public_feed = (($dfrn_id) ? false : true);
$starred = false;
$converse = false;
$starred = false; // not yet implemented, possible security issues
$converse = false;
if($public_feed && $a->argc > 2) {
for($x = 2; $x < $a->argc; $x++) {
@ -25,6 +22,7 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
}
}
// default permissions - anonymous user
$sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' ";

View file

@ -26,21 +26,24 @@ function dfrn_poll_init(&$a) {
$dfrn_id = substr($dfrn_id,2);
}
if(($dfrn_id === '') && (! x($_POST,'dfrn_id')) && ($a->argc > 1)) {
if(($dfrn_id === '') && (! x($_POST,'dfrn_id'))) {
if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
killme();
}
$r = q("SELECT `hidewall` FROM `user` WHERE `user`.`nickname` = '%s' LIMIT 1",
dbesc($a->argv[1])
);
if(count($r) && $r[0]['hidewall'])
killme();
$user = '';
if($a->argc > 1) {
$r = q("SELECT `hidewall` FROM `user` WHERE `user`.`nickname` = '%s' LIMIT 1",
dbesc($a->argv[1])
);
if((! count($r)) || (count($r) && $r[0]['hidewall']))
killme();
$user = $r[0]['nickname'];
}
logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR'] );
logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR'] . ' for ' . $user);
header("Content-type: application/atom+xml");
$o = get_feed_for($a, '', $a->argv[1],$last_update);
echo $o;
echo get_feed_for($a, '', $user,$last_update);
killme();
}

View file

@ -15,6 +15,13 @@ function message_post(&$a) {
$body = ((x($_REQUEST,'body')) ? escape_tags(trim($_REQUEST['body'])) : '');
$recipient = ((x($_REQUEST,'messageto')) ? intval($_REQUEST['messageto']) : 0 );
// Work around doubled linefeeds in Tinymce 3.5b2
$plaintext = intval(get_pconfig(local_user(),'system','plaintext'));
if(! $plaintext) {
$body = str_replace("\r\n","\n",$body);
$body = str_replace("\n\n","\n",$body);
}
$ret = send_message($recipient, $body, $subject, $replyto);
$norecip = false;