diff --git a/boot.php b/boot.php index 197b6d2381..e4a13ce92c 100644 --- a/boot.php +++ b/boot.php @@ -1481,7 +1481,7 @@ function validate_url(&$url) { $url = 'http://' . $url; $h = parse_url($url); - if(($h) && (checkdnsrr($h['host'], 'ANY'))) { + if(($h) && (dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR))) { return true; } return false; @@ -1496,7 +1496,7 @@ function validate_email($addr) { return false; $h = substr($addr,strpos($addr,'@') + 1); - if(($h) && (checkdnsrr($h, 'ANY'))) { + if(($h) && (dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR + DNS_MX))) { return true; } return false; diff --git a/index.php b/index.php index f6ea0c9a80..abc02521a2 100644 --- a/index.php +++ b/index.php @@ -127,6 +127,7 @@ else * further processing. */ + if(strlen($a->module)) { if(file_exists("mod/{$a->module}.php")) { include("mod/{$a->module}.php"); diff --git a/library/openid.php b/library/openid.php index eec652bb18..3c58beb8a5 100644 --- a/library/openid.php +++ b/library/openid.php @@ -276,7 +276,7 @@ class LightOpenID protected function request($url, $method='GET', $params=array()) { - if(function_exists('curl_init') && !ini_get('safe_mode')) { + if(function_exists('curl_init') && !ini_get('safe_mode') && (! strlen(ini_get('open_basedir')))) { return $this->request_curl($url, $method, $params); } return $this->request_streams($url, $method, $params); diff --git a/mod/directory.php b/mod/directory.php index 062aae516f..b0cee76cb7 100644 --- a/mod/directory.php +++ b/mod/directory.php @@ -39,14 +39,16 @@ function directory_content(&$a) { $search = dbesc($search); $sql_extra = ((strlen($search)) ? " AND MATCH (`profile`.`name`, `user`.`nickname`, `locality`,`region`,`country-name`,`gender`,`marital`,`sexual`,`about`,`romance`,`work`,`education`,`keywords` ) AGAINST ('$search' IN BOOLEAN MODE) " : ""); + $publish = ((get_config('system','publish_all')) ? '' : " AND `publish` = 1 " ); - $r = q("SELECT COUNT(*) AS `total` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 AND `publish` = 1 AND `user`.`blocked` = 0 $sql_extra "); + + $r = q("SELECT COUNT(*) AS `total` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 $sql_extra "); if(count($r)) $a->set_pager_total($r[0]['total']); - $r = q("SELECT `profile`.*, `profile`.`uid` AS `profile_uid`, `user`.`nickname`, `user`.`timezone` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 AND `publish` = 1 AND `user`.`blocked` = 0 $sql_extra ORDER BY `name` ASC LIMIT %d , %d ", + $r = q("SELECT `profile`.*, `profile`.`uid` AS `profile_uid`, `user`.`nickname`, `user`.`timezone` FROM `profile` LEFT JOIN `user` ON `user`.`uid` = `profile`.`uid` WHERE `is-default` = 1 $publish AND `user`.`blocked` = 0 $sql_extra ORDER BY `name` ASC LIMIT %d , %d ", intval($a->pager['start']), intval($a->pager['itemspage']) ); diff --git a/mod/group.php b/mod/group.php index 01875d01f6..fcdc6a7582 100644 --- a/mod/group.php +++ b/mod/group.php @@ -56,13 +56,14 @@ function group_post(&$a) { notice( t('Group name changed.') . EOL ); } $members = $_POST['group_members_select']; - array_walk($members,'validate_members'); + if(is_array($members)) + array_walk($members,'validate_members'); $r = q("DELETE FROM `group_member` WHERE `gid` = %d AND `uid` = %d", intval($a->argv[1]), intval(local_user()) ); $result = true; - if(count($members)) { + if(is_array($members) && count($members)) { foreach($members as $member) { $r = q("INSERT INTO `group_member` ( `uid`, `gid`, `contact-id`) VALUES ( %d, %d, %d )", diff --git a/mod/install.php b/mod/install.php index 643f9a55cc..dc91f848e6 100644 --- a/mod/install.php +++ b/mod/install.php @@ -19,7 +19,7 @@ function install_post(&$a) { if(mysqli_connect_errno()) { $db = new dba($dbhost, $dbuser, $dbpass, '', true); - if(! mysql_connect_errno()) { + if(! mysqli_connect_errno()) { $r = q("CREATE DATABASE '%s'", dbesc($dbdata) ); diff --git a/mod/profiles.php b/mod/profiles.php index e99e0f288c..1c75dc0eb1 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -265,13 +265,14 @@ function profiles_content(&$a) { dbesc($name), dbesc($r1[0]['name']), dbesc($r1[0]['photo']), - dbesc($ra[0]['thumb']) + dbesc($r1[0]['thumb']) ); $r3 = q("SELECT `id` FROM `profile` WHERE `uid` = %d AND `profile-name` = '%s' LIMIT 1", intval(local_user()), dbesc($name) ); + notice( t('New profile created.') . EOL); if(count($r3) == 1) goaway($a->get_baseurl() . '/profiles/' . $r3[0]['id']); diff --git a/mod/register.php b/mod/register.php index bd169fbbb8..68c7297c90 100644 --- a/mod/register.php +++ b/mod/register.php @@ -123,7 +123,20 @@ function register_post(&$a) { $pkey = openssl_pkey_get_details($res); $pubkey = $pkey["key"]; + /** + * + * Create another keypair for signing/verifying + * salmon protocol messages. We have to use a slightly + * less robust key because this won't be using openssl + * but the phpseclib. Since it is PHP interpreted code + * it is not nearly as efficient, and the larger keys + * will take several minutes each to process. + * + */ + $sres=openssl_pkey_new(array( + 'digest_alg' => 'sha1', + 'private_key_bits' => 512, 'encrypt_key' => false )); // Get private key diff --git a/mod/settings.php b/mod/settings.php index 273e8baa82..0f01807a20 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -117,11 +117,16 @@ function settings_post(&$a) { // If openid has changed or if there's an openid but no openidserver, try and discover it. if($openid != $a->user['openid'] || (strlen($openid) && (! strlen($openidserver)))) { - logger('updating openidserver'); - require_once('library/openid.php'); - $open_id_obj = new LightOpenID; - $open_id_obj->identity = $openid; - $openidserver = $open_id_obj->discover($open_id_obj->identity); + $tmp_str = $openid; + if(strlen($tmp_str) && validate_url($tmp_str)) { + logger('updating openidserver'); + require_once('library/openid.php'); + $open_id_obj = new LightOpenID; + $open_id_obj->identity = $openid; + $openidserver = $open_id_obj->discover($open_id_obj->identity); + } + else + $openidserver = ''; } $r = q("UPDATE `user` SET `username` = '%s', `email` = '%s', `openid` = '%s', `timezone` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `notify-flags` = %d, `page-flags` = %d, `default-location` = '%s', `allow_location` = %d, `theme` = '%s', `maxreq` = %d, `openidserver` = '%s' WHERE `uid` = %d LIMIT 1", @@ -242,13 +247,16 @@ function settings_content(&$a) { } - - - $opt_tpl = load_view_file("view/profile-in-directory.tpl"); - $profile_in_dir = replace_macros($opt_tpl,array( - '$yes_selected' => (($profile['publish']) ? " checked=\"checked\" " : ""), - '$no_selected' => (($profile['publish'] == 0) ? " checked=\"checked\" " : "") - )); + if(get_config('system','publish_all')) { + $profile_in_dir = ''; + } + else { + $opt_tpl = load_view_file("view/profile-in-directory.tpl"); + $profile_in_dir = replace_macros($opt_tpl,array( + '$yes_selected' => (($profile['publish']) ? " checked=\"checked\" " : ""), + '$no_selected' => (($profile['publish'] == 0) ? " checked=\"checked\" " : "") + )); + } if(strlen(get_config('system','directory_submit_url'))) { $opt_tpl = load_view_file("view/profile-in-netdir.tpl"); diff --git a/view/profile_entry.tpl b/view/profile_entry.tpl index db28c0a8fe..5c6952af60 100644 --- a/view/profile_entry.tpl +++ b/view/profile_entry.tpl @@ -4,7 +4,7 @@
-