Burn notices, burn

This commit is contained in:
Michael 2018-09-11 04:10:11 +00:00
parent aa2ab3d0e7
commit 8b96a53fba
6 changed files with 36 additions and 30 deletions

View File

@ -30,6 +30,10 @@ function bookmarklet_content(App $a)
$page = normalise_link(System::baseUrl() . "/bookmarklet"); $page = normalise_link(System::baseUrl() . "/bookmarklet");
if (!strstr($referer, $page)) { if (!strstr($referer, $page)) {
if (empty($_REQUEST["url"])) {
System::httpExit(400, ["title" => L10n::t('Bad Request')]);
}
$content = add_page_info($_REQUEST["url"]); $content = add_page_info($_REQUEST["url"]);
$x = [ $x = [

View File

@ -212,7 +212,7 @@ function photos_post(App $a)
} }
// Check if the user has responded to a delete confirmation query // Check if the user has responded to a delete confirmation query
if ($_REQUEST['canceled']) { if (!empty($_REQUEST['canceled'])) {
goaway($_SESSION['photo_return']); goaway($_SESSION['photo_return']);
} }
@ -762,12 +762,14 @@ function photos_post(App $a)
$filesize = $ret['filesize']; $filesize = $ret['filesize'];
$type = $ret['type']; $type = $ret['type'];
$error = UPLOAD_ERR_OK; $error = UPLOAD_ERR_OK;
} else { } elseif (!empty($_FILES['userfile'])) {
$src = $_FILES['userfile']['tmp_name']; $src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']); $filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']); $filesize = intval($_FILES['userfile']['size']);
$type = $_FILES['userfile']['type']; $type = $_FILES['userfile']['type'];
$error = $_FILES['userfile']['error']; $error = $_FILES['userfile']['error'];
} else {
$error = UPLOAD_ERR_NO_FILE;
} }
if ($error !== UPLOAD_ERR_OK) { if ($error !== UPLOAD_ERR_OK) {

View File

@ -41,14 +41,14 @@ function salmon_post(App $a, $xml = '') {
$base = null; $base = null;
// figure out where in the DOM tree our data is hiding // figure out where in the DOM tree our data is hiding
if($dom->provenance->data) if (!empty($dom->provenance->data))
$base = $dom->provenance; $base = $dom->provenance;
elseif($dom->env->data) elseif (!empty($dom->env->data))
$base = $dom->env; $base = $dom->env;
elseif($dom->data) elseif (!empty($dom->data))
$base = $dom; $base = $dom;
if(! $base) { if (empty($base)) {
logger('unable to locate salmon data in xml '); logger('unable to locate salmon data in xml ');
System::httpExit(400); System::httpExit(400);
} }

View File

@ -23,7 +23,7 @@ function webfinger_content(App $a)
$o = '<h3>Webfinger Diagnostic</h3>'; $o = '<h3>Webfinger Diagnostic</h3>';
$o .= '<form action="webfinger" method="get">'; $o .= '<form action="webfinger" method="get">';
$o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . $_GET['addr'] .'" />'; $o .= 'Lookup address: <input type="text" style="width: 250px;" name="addr" value="' . defaults($_GET, 'addr', '') .'" />';
$o .= '<input type="submit" name="submit" value="Submit" /></form>'; $o .= '<input type="submit" name="submit" value="Submit" /></form>';
$o .= '<br /><br />'; $o .= '<br /><br />';

View File

@ -361,7 +361,7 @@ class Profile
if ($r) { if ($r) {
$remote_url = $r[0]['url']; $remote_url = $r[0]['url'];
$message_path = preg_replace('=(.*)/profile/(.*)=ism', '$1/message/new/', $remote_url); $message_path = preg_replace('=(.*)/profile/(.*)=ism', '$1/message/new/', $remote_url);
$wallmessage_link = $message_path . base64_encode($profile['addr']); $wallmessage_link = $message_path . base64_encode(defaults($profile, 'addr', ''));
} else if (!empty($profile['nickname'])) { } else if (!empty($profile['nickname'])) {
$wallmessage_link = 'wallmessage/' . $profile['nickname']; $wallmessage_link = 'wallmessage/' . $profile['nickname'];
} }

View File

@ -967,23 +967,23 @@ class Probe
$hcard_url = ""; $hcard_url = "";
$data = []; $data = [];
foreach ($webfinger["links"] as $link) { foreach ($webfinger["links"] as $link) {
if (($link["rel"] == NAMESPACE_DFRN) && ($link["href"] != "")) { if (($link["rel"] == NAMESPACE_DFRN) && !empty($link["href"])) {
$data["network"] = Protocol::DFRN; $data["network"] = Protocol::DFRN;
} elseif (($link["rel"] == NAMESPACE_FEED) && ($link["href"] != "")) { } elseif (($link["rel"] == NAMESPACE_FEED) && !empty($link["href"])) {
$data["poll"] = $link["href"]; $data["poll"] = $link["href"];
} elseif (($link["rel"] == "http://webfinger.net/rel/profile-page") && ($link["type"] == "text/html") && ($link["href"] != "")) { } elseif (($link["rel"] == "http://webfinger.net/rel/profile-page") && (defaults($link, "type", "") == "text/html") && !empty($link["href"])) {
$data["url"] = $link["href"]; $data["url"] = $link["href"];
} elseif (($link["rel"] == "http://microformats.org/profile/hcard") && ($link["href"] != "")) { } elseif (($link["rel"] == "http://microformats.org/profile/hcard") && !empty($link["href"])) {
$hcard_url = $link["href"]; $hcard_url = $link["href"];
} elseif (($link["rel"] == NAMESPACE_POCO) && ($link["href"] != "")) { } elseif (($link["rel"] == NAMESPACE_POCO) && !empty($link["href"])) {
$data["poco"] = $link["href"]; $data["poco"] = $link["href"];
} elseif (($link["rel"] == "http://webfinger.net/rel/avatar") && ($link["href"] != "")) { } elseif (($link["rel"] == "http://webfinger.net/rel/avatar") && !empty($link["href"])) {
$data["photo"] = $link["href"]; $data["photo"] = $link["href"];
} elseif (($link["rel"] == "http://joindiaspora.com/seed_location") && ($link["href"] != "")) { } elseif (($link["rel"] == "http://joindiaspora.com/seed_location") && !empty($link["href"])) {
$data["baseurl"] = trim($link["href"], '/'); $data["baseurl"] = trim($link["href"], '/');
} elseif (($link["rel"] == "http://joindiaspora.com/guid") && ($link["href"] != "")) { } elseif (($link["rel"] == "http://joindiaspora.com/guid") && !empty($link["href"])) {
$data["guid"] = $link["href"]; $data["guid"] = $link["href"];
} elseif (($link["rel"] == "diaspora-public-key") && ($link["href"] != "")) { } elseif (($link["rel"] == "diaspora-public-key") && !empty($link["href"])) {
$data["pubkey"] = base64_decode($link["href"]); $data["pubkey"] = base64_decode($link["href"]);
//if (strstr($data["pubkey"], 'RSA ') || ($link["type"] == "RSA")) //if (strstr($data["pubkey"], 'RSA ') || ($link["type"] == "RSA"))
@ -1170,21 +1170,21 @@ class Probe
$hcard_url = ""; $hcard_url = "";
$data = []; $data = [];
foreach ($webfinger["links"] as $link) { foreach ($webfinger["links"] as $link) {
if (($link["rel"] == "http://microformats.org/profile/hcard") && ($link["href"] != "")) { if (($link["rel"] == "http://microformats.org/profile/hcard") && !empty($link["href"])) {
$hcard_url = $link["href"]; $hcard_url = $link["href"];
} elseif (($link["rel"] == "http://joindiaspora.com/seed_location") && ($link["href"] != "")) { } elseif (($link["rel"] == "http://joindiaspora.com/seed_location") && !empty($link["href"])) {
$data["baseurl"] = trim($link["href"], '/'); $data["baseurl"] = trim($link["href"], '/');
} elseif (($link["rel"] == "http://joindiaspora.com/guid") && ($link["href"] != "")) { } elseif (($link["rel"] == "http://joindiaspora.com/guid") && !empty($link["href"])) {
$data["guid"] = $link["href"]; $data["guid"] = $link["href"];
} elseif (($link["rel"] == "http://webfinger.net/rel/profile-page") && ($link["type"] == "text/html") && ($link["href"] != "")) { } elseif (($link["rel"] == "http://webfinger.net/rel/profile-page") && (defaults($link, "type", "") == "text/html") && !empty($link["href"])) {
$data["url"] = $link["href"]; $data["url"] = $link["href"];
} elseif (($link["rel"] == NAMESPACE_FEED) && ($link["href"] != "")) { } elseif (($link["rel"] == NAMESPACE_FEED) && !empty($link["href"])) {
$data["poll"] = $link["href"]; $data["poll"] = $link["href"];
} elseif (($link["rel"] == NAMESPACE_POCO) && ($link["href"] != "")) { } elseif (($link["rel"] == NAMESPACE_POCO) && !empty($link["href"])) {
$data["poco"] = $link["href"]; $data["poco"] = $link["href"];
} elseif (($link["rel"] == "salmon") && ($link["href"] != "")) { } elseif (($link["rel"] == "salmon") && !empty($link["href"])) {
$data["notify"] = $link["href"]; $data["notify"] = $link["href"];
} elseif (($link["rel"] == "diaspora-public-key") && ($link["href"] != "")) { } elseif (($link["rel"] == "diaspora-public-key") && !empty($link["href"])) {
$data["pubkey"] = base64_decode($link["href"]); $data["pubkey"] = base64_decode($link["href"]);
//if (strstr($data["pubkey"], 'RSA ') || ($link["type"] == "RSA")) //if (strstr($data["pubkey"], 'RSA ') || ($link["type"] == "RSA"))
@ -1272,15 +1272,15 @@ class Probe
if (is_array($webfinger["links"])) { if (is_array($webfinger["links"])) {
foreach ($webfinger["links"] as $link) { foreach ($webfinger["links"] as $link) {
if (($link["rel"] == "http://webfinger.net/rel/profile-page") if (($link["rel"] == "http://webfinger.net/rel/profile-page")
&& ($link["type"] == "text/html") && (defaults($link, "type", "") == "text/html")
&& ($link["href"] != "") && ($link["href"] != "")
) { ) {
$data["url"] = $link["href"]; $data["url"] = $link["href"];
} elseif (($link["rel"] == "salmon") && ($link["href"] != "")) { } elseif (($link["rel"] == "salmon") && !empty($link["href"])) {
$data["notify"] = $link["href"]; $data["notify"] = $link["href"];
} elseif (($link["rel"] == NAMESPACE_FEED) && ($link["href"] != "")) { } elseif (($link["rel"] == NAMESPACE_FEED) && !empty($link["href"])) {
$data["poll"] = $link["href"]; $data["poll"] = $link["href"];
} elseif (($link["rel"] == "magic-public-key") && ($link["href"] != "")) { } elseif (($link["rel"] == "magic-public-key") && !empty($link["href"])) {
$pubkey = $link["href"]; $pubkey = $link["href"];
if (substr($pubkey, 0, 5) === 'data:') { if (substr($pubkey, 0, 5) === 'data:') {
@ -1436,7 +1436,7 @@ class Probe
$data = []; $data = [];
foreach ($webfinger["links"] as $link) { foreach ($webfinger["links"] as $link) {
if (($link["rel"] == "http://webfinger.net/rel/profile-page") if (($link["rel"] == "http://webfinger.net/rel/profile-page")
&& ($link["type"] == "text/html") && (defaults($link, "type", "") == "text/html")
&& ($link["href"] != "") && ($link["href"] != "")
) { ) {
$data["url"] = $link["href"]; $data["url"] = $link["href"];