diff --git a/boot.php b/boot.php index 971762634..ac561edf6 100644 --- a/boot.php +++ b/boot.php @@ -1374,9 +1374,9 @@ if(! function_exists('proc_run')) { if(count($args) && $args[0] === 'php') $args[0] = ((x($a->config,'php_path')) && (strlen($a->config['php_path'])) ? $a->config['php_path'] : 'php'); - foreach ($args as $arg){ - $arg = escapeshellarg($arg); - } + for($x = 0; $x < count($args); $x ++) + $args[$x] = escapeshellarg($args[$x]); + $cmdline = implode($args," "); proc_close(proc_open($cmdline." &",array(),$foo)); } diff --git a/include/plugin.php b/include/plugin.php index c6b61ae6e..3b6faa072 100644 --- a/include/plugin.php +++ b/include/plugin.php @@ -316,3 +316,41 @@ function get_theme_screenshot($theme) { } return($a->get_baseurl() . '/images/blank.png'); } + + +// check service_class restrictions. If there are no service_classes defined, everything is allowed. +// if $usage is supplied, we check against a maximum count and return true if the current usage is +// less than the subscriber plan allows. Otherwise we return boolean true or false if the property +// is allowed (or not) in this subscriber plan. An unset property for this service plan means +// the property is allowed, so it is only necessary to provide negative properties for each plan, +// or what the subscriber is not allowed to do. + + +function service_class_allows($uid,$property,$usage = false) { + + if($uid == local_user()) { + $service_class = $a->user['service_class']; + } + else { + $r = q("select service_class from user where uid = %d limit 1", + intval($uid) + ); + if($r !== false and count($r)) { + $service_class = $r[0]['service_class']; + } + } + if(! x($service_class)) + return true; // everything is allowed + + $arr = get_config('service_class',$service_class); + if(! is_array($arr) || (! count($arr))) + return true; + + if($usage === false) + return ((x($arr[$property])) ? (bool) $arr['property'] : true); + else { + if(! array_key_exists($property,$arr)) + return true; + return (((intval($usage)) < intval($arr[$property])) ? true : false); + } +} \ No newline at end of file diff --git a/include/user.php b/include/user.php index 2477438bf..383a3b3e1 100644 --- a/include/user.php +++ b/include/user.php @@ -147,13 +147,18 @@ function create_user($arr) { require_once('include/crypto.php'); - $keys = new_keypair(1024); + $keys = new_keypair(4096); if($keys === false) { $result['message'] .= t('SERIOUS ERROR: Generation of security keys failed.') . EOL; return $result; } + $default_service_class = get_config('system','default_service_class'); + if(! $default_service_class) + $default_service_class = ''; + + $prvkey = $keys['prvkey']; $pubkey = $keys['pubkey']; @@ -173,8 +178,8 @@ function create_user($arr) { $spubkey = $sres['pubkey']; $r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`, - `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone` ) - VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC' )", + `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone`, `service_class` ) + VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC', '%s' )", dbesc(generate_user_guid()), dbesc($username), dbesc($new_password_encoded), @@ -187,7 +192,8 @@ function create_user($arr) { dbesc($sprvkey), dbesc(datetime_convert()), intval($verified), - intval($blocked) + intval($blocked), + dbesc($default_service_class) ); if($r) { diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index 76b99cbca..8e39f5fd0 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -146,7 +146,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { */ require_once('include/crypto.php'); - $res = new_keypair(1024); + $res = new_keypair(4096); $private_key = $res['prvkey']; $public_key = $res['pubkey'];