This commit is contained in:
Friendika 2010-11-07 15:46:49 -08:00
parent 82d9783c35
commit d825db3649
5 changed files with 26 additions and 28 deletions

View file

@ -89,7 +89,7 @@ if(stristr($_SESSION['sysmsg'], t('Permission denied'))) {
if(x($_SESSION,'sysmsg')) { if(x($_SESSION,'sysmsg')) {
$a->page['content'] = "<div id=\"sysmsg\" class=\"error-message\">{$_SESSION['sysmsg']}</div>\r\n" $a->page['content'] = "<div id=\"sysmsg\" class=\"error-message\">{$_SESSION['sysmsg']}</div>\r\n"
. $a->page['content']; . ((x($a->page,'content')) ? $a->page['content'] : '');
unset($_SESSION['sysmsg']); unset($_SESSION['sysmsg']);
} }

View file

@ -507,7 +507,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
); );
$res = mail($r[0]['email'], t("Connection accepted at ") . $a->config['sitename'], $res = mail($r[0]['email'], t("Connection accepted at ") . $a->config['sitename'],
$email_tpl, 'From: ' . t('Administrator') . '@' . $_SERVER[SERVER_NAME] ); $email_tpl, 'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] );
if(!$res) { if(!$res) {
// pointless throwing an error here and confusing the person at the other end of the wire. // pointless throwing an error here and confusing the person at the other end of the wire.
} }

View file

@ -14,10 +14,10 @@ function message_post(&$a) {
return; return;
} }
$replyto = notags(trim($_POST['replyto'])); $replyto = ((x($_POST,'replyto')) ? notags(trim($_POST['replyto'])) : '');
$recipient = intval($_POST['messageto']); $subject = ((x($_POST,'subject')) ? notags(trim($_POST['subject'])) : '');
$subject = notags(trim($_POST['subject'])); $body = ((x($_POST,'body')) ? escape_tags(trim($_POST['body'])) : '');
$body = escape_tags(trim($_POST['body'])); $recipient = ((x($_POST,'messageto')) ? intval($_POST['messageto']) : 0 );
if(! $recipient) { if(! $recipient) {
notice( t('No recipient selected.') . EOL ); notice( t('No recipient selected.') . EOL );
@ -28,11 +28,11 @@ function message_post(&$a) {
$subject = t('[no subject]'); $subject = t('[no subject]');
$me = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", $me = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
intval($_SESSION['uid']) intval(local_user())
); );
$contact = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", $contact = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($recipient), intval($recipient),
intval($_SESSION['uid']) intval(local_user())
); );
if(! (count($me) && (count($contact)))) { if(! (count($me) && (count($contact)))) {
@ -41,7 +41,7 @@ function message_post(&$a) {
} }
$hash = random_string(); $hash = random_string();
$uri = 'urn:X-dfrn:' . $a->get_baseurl() . ':' . $_SESSION['uid'] . ':' . $hash ; $uri = 'urn:X-dfrn:' . $a->get_baseurl() . ':' . local_user() . ':' . $hash ;
if(! strlen($replyto)) if(! strlen($replyto))
$replyto = $uri; $replyto = $uri;
@ -49,7 +49,7 @@ function message_post(&$a) {
$r = q("INSERT INTO `mail` ( `uid`, `from-name`, `from-photo`, `from-url`, $r = q("INSERT INTO `mail` ( `uid`, `from-name`, `from-photo`, `from-url`,
`contact-id`, `title`, `body`, `delivered`, `seen`, `replied`, `uri`, `parent-uri`, `created`) `contact-id`, `title`, `body`, `delivered`, `seen`, `replied`, `uri`, `parent-uri`, `created`)
VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, %d, '%s', '%s', '%s' )", VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', %d, %d, %d, '%s', '%s', '%s' )",
intval($_SESSION['uid']), intval(local_user()),
dbesc($me[0]['name']), dbesc($me[0]['name']),
dbesc($me[0]['thumb']), dbesc($me[0]['thumb']),
dbesc($me[0]['url']), dbesc($me[0]['url']),
@ -65,7 +65,7 @@ function message_post(&$a) {
); );
$r = q("SELECT * FROM `mail` WHERE `uri` = '%s' and `uid` = %d LIMIT 1", $r = q("SELECT * FROM `mail` WHERE `uri` = '%s' and `uid` = %d LIMIT 1",
dbesc($uri), dbesc($uri),
intval($_SESSION['uid']) intval(local_user())
); );
if(count($r)) if(count($r))
$post_id = $r[0]['id']; $post_id = $r[0]['id'];
@ -113,7 +113,7 @@ function message_content(&$a) {
if($cmd === 'drop') { if($cmd === 'drop') {
$r = q("DELETE FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("DELETE FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]), intval($a->argv[2]),
intval($_SESSION['uid']) intval(local_user())
); );
if($r) { if($r) {
notice( t('Message deleted.') . EOL ); notice( t('Message deleted.') . EOL );
@ -123,13 +123,13 @@ function message_content(&$a) {
else { else {
$r = q("SELECT `parent-uri` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1", $r = q("SELECT `parent-uri` FROM `mail` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[2]), intval($a->argv[2]),
intval($_SESSION['uid']) intval(local_user())
); );
if(count($r)) { if(count($r)) {
$parent = $r[0]['parent-uri']; $parent = $r[0]['parent-uri'];
$r = q("DELETE FROM `mail` WHERE `parent-uri` = '%s' AND `uid` = %d ", $r = q("DELETE FROM `mail` WHERE `parent-uri` = '%s' AND `uid` = %d ",
dbesc($parent), dbesc($parent),
intval($_SESSION['uid']) intval(local_user())
); );
if($r) if($r)
notice( t('Conversation removed.') . EOL ); notice( t('Conversation removed.') . EOL );
@ -186,7 +186,7 @@ function message_content(&$a) {
$r = q("SELECT count(*) AS `total` FROM `mail` $r = q("SELECT count(*) AS `total` FROM `mail`
WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC", WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC",
intval($_SESSION['uid']), intval(local_user()),
dbesc($myprofile) dbesc($myprofile)
); );
if(count($r)) if(count($r))
@ -196,7 +196,7 @@ function message_content(&$a) {
`mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb` `mail`.* , `contact`.`name`, `contact`.`url`, `contact`.`thumb`
FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id` FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC LIMIT %d , %d ", WHERE `mail`.`uid` = %d AND `from-url` $eq '%s' GROUP BY `parent-uri` ORDER BY `created` DESC LIMIT %d , %d ",
intval($_SESSION['uid']), intval(local_user()),
dbesc($myprofile), dbesc($myprofile),
intval($a->pager['start']), intval($a->pager['start']),
intval($a->pager['itemspage']) intval($a->pager['itemspage'])
@ -232,7 +232,7 @@ function message_content(&$a) {
$r = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb` $r = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb`
FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id` FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
WHERE `mail`.`uid` = %d AND `mail`.`id` = %d LIMIT 1", WHERE `mail`.`uid` = %d AND `mail`.`id` = %d LIMIT 1",
intval($_SESSION['uid']), intval(local_user()),
intval($a->argv[1]) intval($a->argv[1])
); );
if(count($r)) { if(count($r)) {
@ -240,7 +240,7 @@ function message_content(&$a) {
$messages = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb` $messages = q("SELECT `mail`.*, `contact`.`name`, `contact`.`url`, `contact`.`thumb`
FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id` FROM `mail` LEFT JOIN `contact` ON `mail`.`contact-id` = `contact`.`id`
WHERE `mail`.`uid` = %d AND `mail`.`parent-uri` = '%s' ORDER BY `mail`.`created` ASC", WHERE `mail`.`uid` = %d AND `mail`.`parent-uri` = '%s' ORDER BY `mail`.`created` ASC",
intval($_SESSION['uid']), intval(local_user()),
dbesc($r[0]['parent-uri']) dbesc($r[0]['parent-uri'])
); );
} }
@ -251,7 +251,7 @@ function message_content(&$a) {
$r = q("UPDATE `mail` SET `seen` = 1 WHERE `parent-uri` = '%s' AND `uid` = %d", $r = q("UPDATE `mail` SET `seen` = 1 WHERE `parent-uri` = '%s' AND `uid` = %d",
dbesc($r[0]['parent-uri']), dbesc($r[0]['parent-uri']),
intval($_SESSION['uid']) intval(local_user())
); );
require_once("include/bbcode.php"); require_once("include/bbcode.php");

View file

@ -13,7 +13,7 @@ function photo_init(&$a) {
case 1: case 1:
default: default:
killme(); killme();
return; // NOTREACHED // NOTREACHED
} }
$default = 'images/default-profile.jpg'; $default = 'images/default-profile.jpg';
@ -111,15 +111,13 @@ function photo_init(&$a) {
} }
} }
if(x($data) === false) { if(! isset($data)) {
killme(); killme();
return; // NOTREACHED // NOTREACHED
} }
header("Content-type: image/jpeg"); header("Content-type: image/jpeg");
header('Expires: ' . datetime_convert('UTC','UTC', 'now + 3 months', 'D, d M Y H:i:s' . ' GMT')); echo $data;
// header("Cache-Control: max-age=36000, only-if-cached");
echo $data;
killme(); killme();
return; //NOTREACHED // NOTREACHED
} }

View file

@ -195,7 +195,7 @@ function register_post(&$a) {
'$uid' => $newuid )); '$uid' => $newuid ));
$res = mail($email, t('Registration details for ') . $a->config['sitename'], $res = mail($email, t('Registration details for ') . $a->config['sitename'],
$email_tpl, 'From: ' . t('Administrator@') . $_SERVER[SERVER_NAME]); $email_tpl, 'From: ' . t('Administrator@') . $_SERVER['SERVER_NAME']);
if($res) { if($res) {