mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-20 00:15:51 +00:00
better mail obscuring
This commit is contained in:
parent
c45ebdf97f
commit
c00c550c58
7 changed files with 96 additions and 61 deletions
2
boot.php
2
boot.php
|
@ -43,7 +43,7 @@ require_once('include/taxonomy.php');
|
|||
define ( 'RED_PLATFORM', 'Red Matrix' );
|
||||
define ( 'RED_VERSION', trim(file_get_contents('version.inc')) . 'R');
|
||||
define ( 'ZOT_REVISION', 1 );
|
||||
define ( 'DB_UPDATE_VERSION', 1055 );
|
||||
define ( 'DB_UPDATE_VERSION', 1056 );
|
||||
|
||||
define ( 'EOL', '<br />' . "\r\n" );
|
||||
define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );
|
||||
|
|
|
@ -33,7 +33,7 @@ function notification($params) {
|
|||
|
||||
push_lang($recip['account_language']); // should probably have a channel language
|
||||
|
||||
$banner = t('Red Notification');
|
||||
$banner = t('Red Matrix Notification');
|
||||
$product = RED_PLATFORM;
|
||||
$siteurl = $a->get_baseurl(true);
|
||||
$thanks = t('Thank You,');
|
||||
|
@ -89,7 +89,7 @@ function notification($params) {
|
|||
intval($recip['channel_id'])
|
||||
);
|
||||
if($p) {
|
||||
logger('notification comment already notified');
|
||||
logger('notification: comment already notified');
|
||||
pop_lang();
|
||||
return;
|
||||
}
|
||||
|
@ -168,6 +168,19 @@ function notification($params) {
|
|||
}
|
||||
|
||||
if($params['type'] == NOTIFY_TAGSELF) {
|
||||
|
||||
$p = null;
|
||||
$p = q("select id from notify where link = '%s' and uid = %d limit 1",
|
||||
dbesc($params['link']),
|
||||
intval($recip['channel_id'])
|
||||
);
|
||||
if($p) {
|
||||
logger('enotify: tag: already notified about this post');
|
||||
pop_lang();
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
$subject = sprintf( t('[Red:Notify] %s tagged you') , $sender['xchan_name']);
|
||||
$preamble = sprintf( t('%1$s tagged you at %2$s') , $sender['xchan_name'], $sitename);
|
||||
$epreamble = sprintf( t('%1$s [zrl=%2$s]tagged you[/zrl].') ,
|
||||
|
|
|
@ -491,7 +491,6 @@ function title_is_body($title, $body) {
|
|||
function get_item_elements($x) {
|
||||
|
||||
$arr = array();
|
||||
|
||||
$arr['body'] = (($x['body']) ? htmlentities($x['body'],ENT_COMPAT,'UTF-8',false) : '');
|
||||
|
||||
$arr['created'] = datetime_convert('UTC','UTC',$x['created']);
|
||||
|
@ -804,7 +803,13 @@ function encode_mail($item) {
|
|||
$x = array();
|
||||
$x['type'] = 'mail';
|
||||
|
||||
logger('encode_mail: ' . print_r($item,true));
|
||||
if(array_key_exists('mail_flags',$item) && ($item['mail_flags'] & MAIL_OBSCURED)) {
|
||||
$key = get_config('system','prvkey');
|
||||
if($item['title'])
|
||||
$item['title'] = aes_unencapsulate(json_decode($item['title'],true),$key);
|
||||
if($item['body'])
|
||||
$item['body'] = aes_unencapsulate(json_decode($item['body'],true),$key);
|
||||
}
|
||||
|
||||
$x['message_id'] = $item['mid'];
|
||||
$x['message_parent'] = $item['parent_mid'];
|
||||
|
@ -816,9 +821,6 @@ function encode_mail($item) {
|
|||
|
||||
$x['flags'] = array();
|
||||
|
||||
if($item['mail_flags'] & MAIL_OBSCURED)
|
||||
$x['flags'][] = 'obscured';
|
||||
|
||||
if($item['mail_flags'] & MAIL_RECALLED) {
|
||||
$x['flags'][] = 'recalled';
|
||||
$x['title'] = '';
|
||||
|
@ -845,18 +847,16 @@ function get_mail_elements($x) {
|
|||
if(in_array('recalled',$x['flags'])) {
|
||||
$arr['mail_flags'] |= MAIL_RECALLED;
|
||||
}
|
||||
if(in_array('obscured',$x['flags'])) {
|
||||
|
||||
$arr['mail_flags'] |= MAIL_OBSCURED;
|
||||
$arr['body'] = base64url_decode($arr['body']);
|
||||
$arr['body'] = htmlentities($arr['body'],ENT_COMPAT,'UTF-8',false);
|
||||
$arr['body'] = base64url_encode($arr['body']);
|
||||
$arr['title'] = base64url_decode($arr['title']);
|
||||
$arr['title'] = htmlentities($arr['title'],ENT_COMPAT,'UTF-8',false);
|
||||
$arr['title'] = base64url_encode($arr['title']);
|
||||
}
|
||||
}
|
||||
|
||||
$key = get_config('system','pubkey');
|
||||
$arr['mail_flags'] |= MAIL_OBSCURED;
|
||||
$arr['body'] = htmlentities($arr['body'],ENT_COMPAT,'UTF-8',false);
|
||||
if($arr['body'])
|
||||
$arr['body'] = json_encode(aes_encapsulate($arr['body'],$key));
|
||||
$arr['title'] = htmlentities($arr['title'],ENT_COMPAT,'UTF-8',false);
|
||||
if($arr['title'])
|
||||
$arr['title'] = json_encode(aes_encapsulate($arr['title'],$key));
|
||||
|
||||
if($arr['created'] > datetime_convert())
|
||||
$arr['created'] = datetime_convert();
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
/* Private Message backend API */
|
||||
|
||||
require_once('include/crypto.php');
|
||||
|
||||
// send a private message
|
||||
|
||||
|
@ -56,6 +57,28 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto='
|
|||
$replyto = $mid;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* When a photo was uploaded into the message using the (profile wall) ajax
|
||||
* uploader, The permissions are initially set to disallow anybody but the
|
||||
* owner from seeing it. This is because the permissions may not yet have been
|
||||
* set for the post. If it's private, the photo permissions should be set
|
||||
* appropriately. But we didn't know the final permissions on the post until
|
||||
* now. So now we'll look for links of uploaded messages that are in the
|
||||
* post and set them to the same permissions as the post itself.
|
||||
*
|
||||
*/
|
||||
|
||||
$match = null;
|
||||
$images = null;
|
||||
if(preg_match_all("/\[img\](.*?)\[\/img\]/",$body,$match))
|
||||
$images = $match[1];
|
||||
|
||||
$key = get_config('system','pubkey');
|
||||
if($subject)
|
||||
$subject = json_encode(aes_encapsulate($subject,$key));
|
||||
if($body)
|
||||
$body = json_encode(aes_encapsulate($body,$key));
|
||||
|
||||
$r = q("INSERT INTO mail ( account_id, mail_flags, channel_id, from_xchan, to_xchan, title, body, mid, parent_mid, created )
|
||||
VALUES ( %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' )",
|
||||
|
@ -64,8 +87,8 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto='
|
|||
intval($channel['channel_id']),
|
||||
dbesc($channel['channel_hash']),
|
||||
dbesc($recipient),
|
||||
dbesc(base64url_encode($subject)),
|
||||
dbesc(base64url_encode($body)),
|
||||
dbesc($subject),
|
||||
dbesc($body),
|
||||
dbesc($mid),
|
||||
dbesc($replyto),
|
||||
dbesc(datetime_convert())
|
||||
|
@ -84,35 +107,18 @@ function send_message($uid = 0, $recipient='', $body='', $subject='', $replyto='
|
|||
return $ret;
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* When a photo was uploaded into the message using the (profile wall) ajax
|
||||
* uploader, The permissions are initially set to disallow anybody but the
|
||||
* owner from seeing it. This is because the permissions may not yet have been
|
||||
* set for the post. If it's private, the photo permissions should be set
|
||||
* appropriately. But we didn't know the final permissions on the post until
|
||||
* now. So now we'll look for links of uploaded messages that are in the
|
||||
* post and set them to the same permissions as the post itself.
|
||||
*
|
||||
*/
|
||||
|
||||
$match = null;
|
||||
|
||||
if(preg_match_all("/\[img\](.*?)\[\/img\]/",$body,$match)) {
|
||||
$images = $match[1];
|
||||
if(count($images)) {
|
||||
foreach($images as $image) {
|
||||
if(! stristr($image,$a->get_baseurl() . '/photo/'))
|
||||
continue;
|
||||
$image_uri = substr($image,strrpos($image,'/') + 1);
|
||||
$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
|
||||
$r = q("UPDATE photo SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d and allow_cid = '%s'",
|
||||
dbesc('<' . $recipient . '>'),
|
||||
dbesc($image_uri),
|
||||
intval($channel['channel_id']),
|
||||
dbesc('<' . $channel['channel_hash'] . '>')
|
||||
);
|
||||
}
|
||||
if(count($images)) {
|
||||
foreach($images as $image) {
|
||||
if(! stristr($image,$a->get_baseurl() . '/photo/'))
|
||||
continue;
|
||||
$image_uri = substr($image,strrpos($image,'/') + 1);
|
||||
$image_uri = substr($image_uri,0, strpos($image_uri,'-'));
|
||||
$r = q("UPDATE photo SET allow_cid = '%s' WHERE resource_id = '%s' AND uid = %d and allow_cid = '%s'",
|
||||
dbesc('<' . $recipient . '>'),
|
||||
dbesc($image_uri),
|
||||
intval($channel['channel_id']),
|
||||
dbesc('<' . $channel['channel_hash'] . '>')
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -171,11 +177,14 @@ function private_messages_list($uid, $mailbox = '', $start = 0, $numitems = 0) {
|
|||
$r[$k]['to'] = find_xchan_in_array($rr['to_xchan'],$c);
|
||||
$r[$k]['seen'] = (($rr['mail_flags'] & MAIL_SEEN) ? 1 : 0);
|
||||
if($r[$k]['mail_flags'] & MAIL_OBSCURED) {
|
||||
$r[$k]['title'] = base64url_decode($r[$k]['title']);
|
||||
$r[$k]['body'] = base64url_decode($r[$k]['body']);
|
||||
logger('unencrypting');
|
||||
$key = get_config('system','prvkey');
|
||||
|
||||
if($r[$k]['title'])
|
||||
$r[$k]['title'] = aes_unencapsulate(json_decode($r[$k]['title'],true),$key);
|
||||
if($r[$k]['body'])
|
||||
$r[$k]['body'] = aes_unencapsulate(json_decode($r[$k]['body'],true),$key);
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
return $r;
|
||||
|
@ -209,8 +218,11 @@ function private_messages_fetch_message($channel_id, $messageitem_id, $updatesee
|
|||
$messages[$k]['from'] = find_xchan_in_array($message['from_xchan'],$c);
|
||||
$messages[$k]['to'] = find_xchan_in_array($message['to_xchan'],$c);
|
||||
if($messages[$k]['mail_flags'] & MAIL_OBSCURED) {
|
||||
$messages[$k]['title'] = base64url_decode($messages[$k]['title']);
|
||||
$messages[$k]['body'] = base64url_decode($messages[$k]['body']);
|
||||
$key = get_config('system','prvkey');
|
||||
if($messages[$k]['title'])
|
||||
$messages[$k]['title'] = aes_unencapsulate(json_decode($messages[$k]['title'],true),$key);
|
||||
if($messages[$k]['body'])
|
||||
$messages[$k]['body'] = aes_unencapsulate(json_decode($messages[$k]['body'],true),$key);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -294,10 +306,12 @@ function private_messages_fetch_conversation($channel_id, $messageitem_id, $upda
|
|||
$messages[$k]['from'] = find_xchan_in_array($message['from_xchan'],$c);
|
||||
$messages[$k]['to'] = find_xchan_in_array($message['to_xchan'],$c);
|
||||
if($messages[$k]['mail_flags'] & MAIL_OBSCURED) {
|
||||
$messages[$k]['title'] = base64url_decode($messages[$k]['title']);
|
||||
$messages[$k]['body'] = base64url_decode($messages[$k]['body']);
|
||||
$key = get_config('system','prvkey');
|
||||
if($messages[$k]['title'])
|
||||
$messages[$k]['title'] = aes_unencapsulate(json_decode($messages[$k]['title'],true),$key);
|
||||
if($messages[$k]['body'])
|
||||
$messages[$k]['body'] = aes_unencapsulate(json_decode($messages[$k]['body'],true),$key);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -524,7 +524,7 @@ CREATE TABLE IF NOT EXISTS `mail` (
|
|||
`to_xchan` char(255) NOT NULL DEFAULT '',
|
||||
`account_id` int(10) unsigned NOT NULL DEFAULT '0',
|
||||
`channel_id` int(10) unsigned NOT NULL,
|
||||
`title` char(255) NOT NULL,
|
||||
`title` text NOT NULL,
|
||||
`body` mediumtext NOT NULL,
|
||||
`mid` char(255) NOT NULL,
|
||||
`parent_mid` char(255) NOT NULL,
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
<?php
|
||||
|
||||
define( 'UPDATE_VERSION' , 1055 );
|
||||
define( 'UPDATE_VERSION' , 1056 );
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -648,3 +648,11 @@ function update_r1054() {
|
|||
return UPDATE_SUCCESS;
|
||||
return UPDATE_FAILED;
|
||||
}
|
||||
|
||||
function update_r1055() {
|
||||
$r = q("ALTER TABLE `mail` CHANGE `title` `title` TEXT CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT '' ");
|
||||
if($r)
|
||||
return UPDATE_SUCCESS;
|
||||
return UPDATE_FAILED;
|
||||
}
|
||||
|
||||
|
|
|
@ -1 +1 @@
|
|||
2013-07-30.390
|
||||
2013-07-31.391
|
||||
|
|
Loading…
Reference in a new issue