From f198c5cff8932bc1d42c34869afecec6dcab2f46 Mon Sep 17 00:00:00 2001
From: Friendika <info@friendika.com>
Date: Wed, 30 Mar 2011 04:07:47 -0700
Subject: [PATCH] secure profile failure

---
 include/items.php    | 2 +-
 mod/dfrn_poll.php    | 4 ++--
 mod/dfrn_request.php | 2 +-
 mod/oexchange.php    | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/include/items.php b/include/items.php
index 0516593218..58fad99272 100644
--- a/include/items.php
+++ b/include/items.php
@@ -762,7 +762,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
 	if(! $rino_enable)
 		$rino = 0;
 
-	$url = $contact['notify'] . '?dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino=1' : '');
+	$url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino=1' : '');
 
 	logger('dfrn_deliver: ' . $url);
 
diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php
index bacfe9b94d..eb499fbd1a 100644
--- a/mod/dfrn_poll.php
+++ b/mod/dfrn_poll.php
@@ -63,7 +63,7 @@ function dfrn_poll_init(&$a) {
 		
 		if(count($r)) {
 
-			$s = fetch_url($r[0]['poll'] . '?dfrn_id=' . $my_id . '&type=profile-check');
+			$s = fetch_url($r[0]['poll'] . '&dfrn_id=' . $my_id . '&type=profile-check');
 
 			logger("dfrn_poll: old profile returns " . $s, LOGGER_DATA);
 
@@ -366,7 +366,7 @@ function dfrn_poll_content(&$a) {
 			// URL reply
 
 			$s = fetch_url($r[0]['poll'] 
-				. '?dfrn_id=' . $encrypted_id 
+				. '&dfrn_id=' . $encrypted_id 
 				. '&type=profile-check'
 				. '&dfrn_version=' . DFRN_PROTOCOL_VERSION
 				. '&challenge=' . $challenge
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php
index 3cd8473cf3..f1af1ce4cb 100644
--- a/mod/dfrn_request.php
+++ b/mod/dfrn_request.php
@@ -172,7 +172,7 @@ function dfrn_request_post(&$a) {
 					$dfrn_request = $contact_record['request'];
 
 				if(strlen($dfrn_request) && strlen($confirm_key))
-					$s = fetch_url($dfrn_request . '?confirm_key=' . $confirm_key);
+					$s = fetch_url($dfrn_request . '&confirm_key=' . $confirm_key);
 				
 				// (ignore reply, nothing we can do it failed)
 
diff --git a/mod/oexchange.php b/mod/oexchange.php
index 8dee1cb996..f97356559e 100644
--- a/mod/oexchange.php
+++ b/mod/oexchange.php
@@ -30,7 +30,7 @@ function oexchange_content(&$a) {
 
 	$url = (((x($_GET,'url')) && strlen($_GET['url'])) ? notags(trim($_GET['url'])) : '');
 
-	$s = fetch_url($a->get_baseurl() . '/parse_url?url=' . $url);
+	$s = fetch_url($a->get_baseurl() . '/parse_url&url=' . $url);
 
 	if(! strlen($s))
 		return;