harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix some privacy leakage in logs

Browse Source
This commit is contained in:
friendica
2013-07-31 18:57:14 -07:00
parent c00c550c58
commit 0d22e1eefb
3 changed files with 29 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
include/items.php
View File

@@ -532,6 +532,21 @@ function get_item_elements($x) {
$arr['item_private'] = ((array_key_exists('flags',$x) && is_array($x['flags']) && in_array('private',$x['flags'])) ? 1 : 0);
$arr['item_flags'] = 0;
// if it's a private post, encrypt it in the DB.
// We have to do that here because we need to cleanse the input and prevent bad stuff from getting in,
// and we need plaintext to do that.
if(intval($arr['item_private'])) {
$arr['item_flags'] = $arr['item_flags'] | ITEM_OBSCURED;
$key = get_config('system','pubkey');
if($arr['title'])
$arr['title'] = json_encode(aes_encapsulate($arr['title'],$key));
if($arr['body'])
$arr['body'] = json_encode(aes_encapsulate($arr['body'],$key));
}
if(array_key_exists('flags',$x) && in_array('deleted',$x['flags']))
$arr['item_restrict'] = ITEM_DELETED;