diff --git a/boot.php b/boot.php index 640c0199f0..3f2a2551b8 100644 --- a/boot.php +++ b/boot.php @@ -2,7 +2,7 @@ set_time_limit(0); -define ( 'BUILD_ID' , 1005 ); +define ( 'BUILD_ID' , 1006 ); define ( 'EOL', "
\r\n"); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); diff --git a/database.sql b/database.sql index 43d6c0041f..24dd9495d4 100644 --- a/database.sql +++ b/database.sql @@ -349,16 +349,14 @@ CREATE TABLE IF NOT EXISTS `user` ( `theme` char(255) NOT NULL, `pubkey` text NOT NULL, `prvkey` text NOT NULL, - `verified` tinyint(1) unsigned NOT NULL DEFAULT '0', - `blocked` tinyint(1) unsigned NOT NULL DEFAULT '0', - `notify-flags` int(11) unsigned NOT NULL DEFAULT '65535', - `pwdreset` char(255) NOT NULL, - `allow_cid` mediumtext NOT NULL, - `allow_gid` mediumtext NOT NULL, - `deny_cid` mediumtext NOT NULL, - `deny_gid` mediumtext NOT NULL, - PRIMARY KEY (`uid`) -) ENGINE=MyISAM DEFAULT CHARSET=utf8; + `spubkey` text NOT NULL, + `sprvkey` text NOT NULL, + `verified` tinyint(1) unsigned NOT NULL DEFAULT '0', `blocked` + tinyint(1) unsigned NOT NULL DEFAULT '0', `notify-flags` int(11) + unsigned NOT NULL DEFAULT '65535', `pwdreset` char(255) NOT NULL, + `allow_cid` mediumtext NOT NULL, `allow_gid` mediumtext NOT NULL, + `deny_cid` mediumtext NOT NULL, `deny_gid` mediumtext NOT NULL, + PRIMARY KEY (`uid`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; CREATE TABLE IF NOT EXISTS `register` ( diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index dd50e82a09..265a62b888 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -290,7 +290,7 @@ function dfrn_confirm_post(&$a) { $source_url = hex2bin($_POST['source_url']); $aes_key = $_POST['aes_key']; $duplex = $_POST['duplex']; - $version_id = $_POST['dfrn_version']; + $version_id = (float) $_POST['dfrn_version']; // If $aes_key is set, both of these items require unpacking from the hex transport encoding. @@ -483,7 +483,7 @@ function dfrn_confirm_post(&$a) { $res = mail($r[0]['email'], t("Connection accepted at ") . $a->config['sitename'], $email_tpl, 'From: ' . t('Administrator') . '@' . $_SERVER[SERVER_NAME] ); if(!$res) { - notice( t("Email notification failed.") . EOL ); + // pointless throwing an error here and confusing the person at the other end of the wire. } } xml_status(0); // Success diff --git a/mod/register.php b/mod/register.php index d65c154a85..a2cae99617 100644 --- a/mod/register.php +++ b/mod/register.php @@ -109,15 +109,31 @@ function register_post(&$a) { $pkey = openssl_pkey_get_details($res); $pubkey = $pkey["key"]; + $sres=openssl_pkey_new(array( + 'encrypt_key' => false )); + + // Get private key + + $sprvkey = ''; + + openssl_pkey_export($sres, $sprvkey); + + // Get public key + + $spkey = openssl_pkey_get_details($sres); + $spubkey = $spkey["key"]; + $r = q("INSERT INTO `user` ( `username`, `password`, `email`, `nickname`, - `pubkey`, `prvkey`, `verified`, `blocked` ) - VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )", + `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `verified`, `blocked` ) + VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )", dbesc($username), dbesc($new_password_encoded), dbesc($email), dbesc($nickname), dbesc($pubkey), dbesc($prvkey), + dbesc($spubkey), + dbesc($sprvkey), intval($verified), intval($blocked) ); diff --git a/update.php b/update.php index 5d2210107c..80ec50bd27 100644 --- a/update.php +++ b/update.php @@ -33,4 +33,11 @@ function update_1003() { function update_1004() { q("ALTER TABLE `contact` ADD `subhub` TINYINT( 1 ) NOT NULL DEFAULT '0' AFTER `usehub`"); +} + +function update_1005() { + + q("ALTER TABLE `user` ADD `spubkey` TEXT NOT NULL AFTER `prvkey` , + ADD `sprvkey` TEXT NOT NULL AFTER `spubkey`"); + } \ No newline at end of file