From 9e19eef1941fff3e2a8785e5daa6d978e9de4900 Mon Sep 17 00:00:00 2001 From: Friendika Date: Thu, 21 Apr 2011 17:29:47 -0700 Subject: [PATCH] "firewall" setting - block all public pages from the public if configured to do so --- boot.php | 2 +- mod/dfrn_poll.php | 4 ++++ mod/directory.php | 6 ++++++ mod/display.php | 5 +++++ mod/photos.php | 10 ++++++++++ mod/profile.php | 10 ++++++++++ mod/search.php | 5 +++++ 7 files changed, 41 insertions(+), 1 deletion(-) diff --git a/boot.php b/boot.php index 2713f3dcea..13d6a36d2f 100644 --- a/boot.php +++ b/boot.php @@ -2,7 +2,7 @@ set_time_limit(0); -define ( 'FRIENDIKA_VERSION', '2.1.955' ); +define ( 'FRIENDIKA_VERSION', '2.1.956' ); define ( 'DFRN_PROTOCOL_VERSION', '2.21' ); define ( 'DB_UPDATE_VERSION', 1053 ); diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php index f8c726c1af..718aa165c6 100644 --- a/mod/dfrn_poll.php +++ b/mod/dfrn_poll.php @@ -27,6 +27,10 @@ function dfrn_poll_init(&$a) { } if(($dfrn_id === '') && (! x($_POST,'dfrn_id')) && ($a->argc > 1)) { + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + killme(); + } + logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR'] ); header("Content-type: application/atom+xml"); $o = get_feed_for($a, '', $a->argv[1],$last_update); diff --git a/mod/directory.php b/mod/directory.php index a02a4a4a57..95ddbda21a 100644 --- a/mod/directory.php +++ b/mod/directory.php @@ -13,6 +13,12 @@ function directory_post(&$a) { function directory_content(&$a) { + + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + notice( t('Public access denied.') . EOL); + return; + } + $o = ''; $o .= ''; if(x($_SESSION,'theme')) diff --git a/mod/display.php b/mod/display.php index c8496160f5..fdb93e480c 100644 --- a/mod/display.php +++ b/mod/display.php @@ -3,6 +3,11 @@ function display_content(&$a) { + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + notice( t('Public access denied.') . EOL); + return; + } + require_once("include/bbcode.php"); require_once('include/security.php'); require_once('include/conversation.php'); diff --git a/mod/photos.php b/mod/photos.php index 186873a7b8..324ce898d2 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -6,6 +6,10 @@ require_once('include/bbcode.php'); function photos_init(&$a) { + + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + return; + } $o = ''; if($a->argc > 1) { @@ -657,6 +661,12 @@ function photos_content(&$a) { // photos/name/image/xxxxx/edit + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + notice( t('Public access denied.') . EOL); + return; + } + + require_once('include/bbcode.php'); require_once('include/security.php'); require_once('include/conversation.php'); diff --git a/mod/profile.php b/mod/profile.php index dfa5649e08..c350aa0879 100644 --- a/mod/profile.php +++ b/mod/profile.php @@ -2,6 +2,9 @@ function profile_init(&$a) { + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) + return; + if($a->argc > 1) $which = $a->argv[1]; else { @@ -48,6 +51,13 @@ function profile_init(&$a) { function profile_content(&$a, $update = 0) { + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + notice( t('Public access denied.') . EOL); + return; + } + + + require_once("include/bbcode.php"); require_once('include/security.php'); require_once('include/conversation.php'); diff --git a/mod/search.php b/mod/search.php index 793a8c2bb2..33032e1832 100644 --- a/mod/search.php +++ b/mod/search.php @@ -9,6 +9,11 @@ function search_post(&$a) { function search_content(&$a) { + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + notice( t('Public access denied.') . EOL); + return; + } + require_once("include/bbcode.php"); require_once('include/security.php'); require_once('include/conversation.php');