prevent zid's from reaching the DAV core code.

2014-01-16 01:19:58 -08:00 · 2014-01-16 01:19:58 -08:00 · 18a40d0c37
commit 18a40d0c37
parent ec6b8e5cda
3 changed files with 5 additions and 2 deletions
--- a/include/identity.php
+++ b/include/identity.php
@ -1019,7 +1019,7 @@ function zid_init(&$a) {
 		call_hooks('zid_init',$arr);
 		if((! local_user()) && (! remote_user())) {
 			logger('zid_init: not authenticated. Invoking reverse magic-auth for ' . $tmp_str);
-			$r = q("select * from hubloc where hubloc_addr = '%s' order by hubloc_id desc limit 1",
+			$r = q("select * from hubloc where hubloc_addr = '%s' order by hubloc_connected desc limit 1",
 				dbesc($tmp_str)
 			);
 			// try to avoid recursion - but send them home to do a proper magic auth
--- a/mod/cloud.php
+++ b/mod/cloud.php
@ -82,6 +82,9 @@ function cloud_init(&$a) {

 	$auth->setBrowserPlugin($browser);

+	$_SERVER['QUERY_STRING'] = str_replace(array('?f=','&f='),array('',''),$_SERVER['QUERY_STRING']);
+	$_SERVER['QUERY_STRING'] = preg_replace('/[\?&]zid=(.*?)([\?&]|$)/ism','',$_SERVER['QUERY_STRING']);
+
 	$server->addPlugin($browser);


--- a/version.inc
+++ b/version.inc
@ -1 +1 @@
-2014-01-15.558
+2014-01-16.559