enhance random_string, block public email replies

This commit is contained in:
Friendika 2011-08-10 21:06:35 -07:00
parent 06408664db
commit 684ebd2ed8
5 changed files with 16 additions and 6 deletions

View file

@ -7,7 +7,7 @@ require_once('include/text.php');
require_once("include/pgettext.php"); require_once("include/pgettext.php");
define ( 'FRIENDIKA_VERSION', '2.2.1067' ); define ( 'FRIENDIKA_VERSION', '2.2.1068' );
define ( 'DFRN_PROTOCOL_VERSION', '2.21' ); define ( 'DFRN_PROTOCOL_VERSION', '2.21' );
define ( 'DB_UPDATE_VERSION', 1079 ); define ( 'DB_UPDATE_VERSION', 1079 );

View file

@ -170,7 +170,7 @@ EOT;
$o .= ' <li class="sidebar-group-li">' $o .= ' <li class="sidebar-group-li">'
. (($edit) ? "<a href=\"group/{$rr['id']}\" title=\"" . t('Edit') . (($edit) ? "<a href=\"group/{$rr['id']}\" title=\"" . t('Edit')
. "\" ><img src=\"images/spencil.gif\" alt=\"" . t('Edit') . "\"></a> " : "") . "\" ><img src=\"images/spencil.gif\" alt=\"" . t('Edit') . "\"></a> " : "")
. (($cid) ? '<input type="checkbox" onclick="contactgroupChangeMember(' . $rr['id'] . ',' . $cid . ');return true;" ' . (($cid) ? '<input type="checkbox" class="' . (($selected) ? 'ticked' : 'unticked') . '" onclick="contactgroupChangeMember(' . $rr['id'] . ',' . $cid . ');return true;" '
. ((in_array($rr['id'],$member_of)) ? ' checked="checked" ' : '') . '/>' : '') . ((in_array($rr['id'],$member_of)) ? ' checked="checked" ' : '') . '/>' : '')
. "<a href=\"$each/{$rr['id']}\" $selected >{$rr['name']}</a></li>\r\n"; . "<a href=\"$each/{$rr['id']}\" $selected >{$rr['name']}</a></li>\r\n";
} }

View file

@ -402,3 +402,4 @@ Array.prototype.remove = function(item) {
this.length = from < 0 ? this.length + from : from; this.length = from < 0 ? this.length + from : from;
return this.push.apply(this, rest); return this.push.apply(this, rest);
}; };

View file

@ -421,6 +421,8 @@ function poller_run($argv, $argc){
$datarray['contact-id'] = $contact['id']; $datarray['contact-id'] = $contact['id'];
if($datarray['parent-uri'] === $datarray['uri']) if($datarray['parent-uri'] === $datarray['uri'])
$datarray['private'] = 1; $datarray['private'] = 1;
if(! get_pconfig($importer_uid,'system','allow_public_email_replies'))
$datarray['private'] = 1;
$datarray['author-name'] = $contact['name']; $datarray['author-name'] = $contact['name'];
$datarray['author-link'] = 'mailbox'; $datarray['author-link'] = 'mailbox';
$datarray['author-avatar'] = $contact['photo']; $datarray['author-avatar'] = $contact['photo'];

View file

@ -19,11 +19,18 @@ function replace_macros($s,$r) {
}} }}
// random hex string, 64 chars max // random string, there are 86 characters max in text mode, 128 for hex
// output is urlsafe
define('RANDOM_STRING_HEX', 0x00 );
define('RANDOM_STRING_TEXT', 0x01 );
if(! function_exists('random_string')) { if(! function_exists('random_string')) {
function random_string($size = 64) { function random_string($size = 64,$type = RANDOM_STRING_HEX) {
return(substr(hash('sha256',uniqid(rand(),true)),0,$size)); // generate a bit of entropy and run it through the whirlpool
$s = hash('whirlpool', (string) rand() . uniqid(rand(),true) . (string) rand(),(($type == RANDOM_STRING_TEXT) ? true : false));
$s = (($type == RANDOM_STRING_TEXT) ? str_replace("\n","",base64url_encode($s,true)) : $s);
return(substr($s,0,$size));
}} }}
/** /**