Values are sanitized, messages are not relayed when there is no signature
This commit is contained in:
parent
79fb05ff80
commit
b84ed78f8f
|
@ -221,7 +221,9 @@ class diaspora {
|
||||||
|
|
||||||
logger('Message verified.');
|
logger('Message verified.');
|
||||||
|
|
||||||
return array('message' => $inner_decrypted, 'author' => $author_link, 'key' => $key);
|
return array('message' => (string)$inner_decrypted,
|
||||||
|
'author' => unxmlify($author_link),
|
||||||
|
'key' => (string)$key);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1801,7 +1803,8 @@ class diaspora {
|
||||||
|
|
||||||
if ($data->photo) {
|
if ($data->photo) {
|
||||||
foreach ($data->photo AS $photo)
|
foreach ($data->photo AS $photo)
|
||||||
$body = "[img]".$photo->remote_photo_path.$photo->remote_photo_name."[/img]\n".$body;
|
$body = "[img]".unxmlify($photo->remote_photo_path).
|
||||||
|
unxmlify($photo->remote_photo_name)."[/img]\n".$body;
|
||||||
|
|
||||||
$datarray["object-type"] = ACTIVITY_OBJ_PHOTO;
|
$datarray["object-type"] = ACTIVITY_OBJ_PHOTO;
|
||||||
} else {
|
} else {
|
||||||
|
@ -2355,8 +2358,10 @@ class diaspora {
|
||||||
$r = q("SELECT `signed_text`, `signature`, `signer` FROM `sign` WHERE `".$sql_sign_id."` = %d LIMIT 1",
|
$r = q("SELECT `signed_text`, `signature`, `signer` FROM `sign` WHERE `".$sql_sign_id."` = %d LIMIT 1",
|
||||||
intval($item["id"]));
|
intval($item["id"]));
|
||||||
|
|
||||||
if (!$r)
|
if (!$r) {
|
||||||
return self::send_followup($item, $owner, $contact, $public_batch);
|
logger("Couldn't fetch signatur for contact ".$contact["addr"]." at item ".$item["guid"]." (".$item["id"].")", LOGGER_DEBUG);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
$signature = $r[0];
|
$signature = $r[0];
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user