Public exposure warning on affected network group pages. config-able so a plugin can shut it up.
This commit is contained in:
parent
b500da74b6
commit
9b50b0e16f
4 changed files with 26 additions and 7 deletions
4
boot.php
4
boot.php
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
set_time_limit(0);
|
set_time_limit(0);
|
||||||
|
|
||||||
define ( 'FRIENDIKA_VERSION', '2.1.936' );
|
define ( 'FRIENDIKA_VERSION', '2.1.938' );
|
||||||
define ( 'DFRN_PROTOCOL_VERSION', '2.2' );
|
define ( 'DFRN_PROTOCOL_VERSION', '2.2' );
|
||||||
define ( 'DB_UPDATE_VERSION', 1046 );
|
define ( 'DB_UPDATE_VERSION', 1046 );
|
||||||
|
|
||||||
|
@ -2022,7 +2022,7 @@ function contact_block() {
|
||||||
intval($shown)
|
intval($shown)
|
||||||
);
|
);
|
||||||
if(count($r)) {
|
if(count($r)) {
|
||||||
$o .= '<h4 class="contact-h4">' . sprintf(tt('%d Contact','%d Contacts', $total),$total) . '</h4><div id="contact-block">';
|
$o .= '<h4 class="contact-h4">' . sprintf( tt('%d Contact','%d Contacts', $total),$total) . '</h4><div id="contact-block">';
|
||||||
foreach($r as $rr) {
|
foreach($r as $rr) {
|
||||||
$redirect_url = $a->get_baseurl() . '/redir/' . $rr['id'];
|
$redirect_url = $a->get_baseurl() . '/redir/' . $rr['id'];
|
||||||
if(local_user() && ($rr['uid'] == local_user())
|
if(local_user() && ($rr['uid'] == local_user())
|
||||||
|
|
|
@ -110,7 +110,7 @@ function group_get_members($gid) {
|
||||||
LEFT JOIN `contact` ON `contact`.`id` = `group_member`.`contact-id`
|
LEFT JOIN `contact` ON `contact`.`id` = `group_member`.`contact-id`
|
||||||
WHERE `gid` = %d AND `group_member`.`uid` = %d",
|
WHERE `gid` = %d AND `group_member`.`uid` = %d",
|
||||||
intval($gid),
|
intval($gid),
|
||||||
intval($_SESSION['uid'])
|
intval(local_user())
|
||||||
);
|
);
|
||||||
if(count($r))
|
if(count($r))
|
||||||
$ret = $r;
|
$ret = $r;
|
||||||
|
@ -118,6 +118,21 @@ function group_get_members($gid) {
|
||||||
return $ret;
|
return $ret;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function group_public_members($gid) {
|
||||||
|
$ret = 0;
|
||||||
|
if(intval($gid)) {
|
||||||
|
$r = q("SELECT `contact`.`id` AS `contact-id` FROM `group_member`
|
||||||
|
LEFT JOIN `contact` ON `contact`.`id` = `group_member`.`contact-id`
|
||||||
|
WHERE `gid` = %d AND `group_member`.`uid` = %d AND `contact`.`network` != 'dfrn' ",
|
||||||
|
intval($gid),
|
||||||
|
intval(local_user())
|
||||||
|
);
|
||||||
|
if(count($r))
|
||||||
|
$ret = count($r);
|
||||||
|
}
|
||||||
|
return $ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
function group_side($every="contacts",$each="group") {
|
function group_side($every="contacts",$each="group") {
|
||||||
|
|
|
@ -42,10 +42,6 @@ if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])) {
|
||||||
} else {
|
} else {
|
||||||
$lang = ((isset($a->config['system']['language'])) ? $a->config['system']['language'] : 'en');
|
$lang = ((isset($a->config['system']['language'])) ? $a->config['system']['language'] : 'en');
|
||||||
}
|
}
|
||||||
if(x($_POST,'system_language'))
|
|
||||||
if(x($_SESSION,'language'))
|
|
||||||
$lang = $_SESSION['language'];
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
load_translation_table($lang);
|
load_translation_table($lang);
|
||||||
|
|
|
@ -54,6 +54,14 @@ function network_content(&$a, $update = 0) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if(! $update) {
|
if(! $update) {
|
||||||
|
if(group) {
|
||||||
|
if(($t = group_public_members($group)) && (! get_pconfig(local_user(),'system','nowarn_insecure'))) {
|
||||||
|
$plural_form = sprintf( tt('%d member', '%d members', $t), $t);
|
||||||
|
notice( sprintf( t('Warning: This group contains %s from an insecure network.'), $plural_form ) . EOL);
|
||||||
|
notice( t('Private messages to this group are at risk of public disclosure.') . EOL);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
$o .= '<script> $(document).ready(function() { $(\'#nav-network-link\').addClass(\'nav-selected\'); });</script>';
|
$o .= '<script> $(document).ready(function() { $(\'#nav-network-link\').addClass(\'nav-selected\'); });</script>';
|
||||||
|
|
||||||
$_SESSION['return_url'] = $a->cmd;
|
$_SESSION['return_url'] = $a->cmd;
|
||||||
|
|
Loading…
Reference in a new issue