make sure we get the correct URL. Also redirect back again (essentially perform a no-op) when using reverse magic auth and we can't find a channel.
This commit is contained in:
friendica
parent
b25783b9b6
commit
2a6d3e1f94
49
boot.php
49
boot.php
@ -709,17 +709,8 @@ class App {
|
||||
$scheme = $this->scheme;
|
||||
|
||||
if((x($this->config,'system')) && (x($this->config['system'],'ssl_policy'))) {
|
||||
if(intval($this->config['system']['ssl_policy']) === intval(SSL_POLICY_FULL))
|
||||
if(intval($this->config['system']['ssl_policy']) === intval(SSL_POLICY_FULL)) {
|
||||
$scheme = 'https';
|
||||
|
||||
// Basically, we have $ssl = true on any links which can only be seen by a logged in user
|
||||
// (and also the login link). Anything seen by an outsider will have it turned off.
|
||||
|
||||
if($this->config['system']['ssl_policy'] == SSL_POLICY_SELFSIGN) {
|
||||
if($ssl)
|
||||
$scheme = 'https';
|
||||
else
|
||||
$scheme = 'http';
|
||||
}
|
||||
}
|
||||
|
||||
@ -1094,32 +1085,20 @@ function check_config(&$a) {
|
||||
if(! x($build))
|
||||
$build = set_config('system','db_version',DB_UPDATE_VERSION);
|
||||
|
||||
$saved = get_config('system','urlverify');
|
||||
if(! $saved)
|
||||
set_config('system','urlverify',bin2hex(z_root()));
|
||||
if(($saved) && ($saved != bin2hex(z_root()))) {
|
||||
// our URL changed. Do something.
|
||||
$oldurl = hex2bin($saved);
|
||||
fix_system_urls($oldurl,z_root());
|
||||
set_config('system','urlverify',bin2hex(z_root()));
|
||||
|
||||
}
|
||||
|
||||
|
||||
// $url = get_config('system','baseurl');
|
||||
|
||||
// if the url isn't set or the stored url is radically different
|
||||
// than the currently visited url, store the current value accordingly.
|
||||
// "Radically different" ignores common variations such as http vs https
|
||||
// and www.example.com vs example.com.
|
||||
// We will only change the url to an ip address if there is no existing setting
|
||||
|
||||
// if(! x($url))
|
||||
// $url = set_config('system','baseurl',$a->get_baseurl());
|
||||
// if((! link_compare($url,$a->get_baseurl())) && (! preg_match("/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/",$a->get_hostname)))
|
||||
// $url = set_config('system','baseurl',$a->get_baseurl());
|
||||
$saved = get_config('system','urlverify');
|
||||
if(! $saved)
|
||||
set_config('system','urlverify',bin2hex(z_root()));
|
||||
if(($saved) && ($saved != bin2hex(z_root()))) {
|
||||
// our URL changed. Do something.
|
||||
$oldurl = hex2bin($saved);
|
||||
fix_system_urls($oldurl,z_root());
|
||||
set_config('system','urlverify',bin2hex(z_root()));
|
||||
}
|
||||
|
||||
// This will actually set the url to the one stored in .htconfig, and ignore what
|
||||
// we're passing - unless we are installing and it has never been set.
|
||||
|
||||
$a->set_baseurl($a->get_baseurl());
|
||||
|
||||
if($build != DB_UPDATE_VERSION) {
|
||||
$stored = intval($build);
|
||||
@ -2111,7 +2090,7 @@ function zid_init(&$a) {
|
||||
$dest = '/' . $a->query_string;
|
||||
$dest = str_replace(array('?zid=','&zid='),array('?rzid=','&rzid='),$dest);
|
||||
if($r && ($r[0]['hubloc_url'] != z_root()) && (! strstr($dest,'/magic')) && (! strstr($dest,'/rmagic'))) {
|
||||
goaway($r[0]['hubloc_url'] . '/magic' . '?f=&dest=' . z_root() . $dest);
|
||||
goaway($r[0]['hubloc_url'] . '/magic' . '?f=&rev=1&dest=' . z_root() . $dest);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -7,6 +7,7 @@ function magic_init(&$a) {
|
||||
$addr = ((x($_REQUEST,'addr')) ? $_REQUEST['addr'] : '');
|
||||
$hash = ((x($_REQUEST,'hash')) ? $_REQUEST['hash'] : '');
|
||||
$dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : '');
|
||||
$rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0);
|
||||
|
||||
if($hash) {
|
||||
$x = q("select xchan.xchan_url, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
|
||||
@ -25,18 +26,14 @@ function magic_init(&$a) {
|
||||
else {
|
||||
// See if we know anybody at the dest site that will unlock the door for us
|
||||
$b = explode('/',$dest);
|
||||
$u = '';
|
||||
if(count($b) >= 2)
|
||||
|
||||
if(count($b) >= 2) {
|
||||
$u = $b[0] . '//' . $b[2];
|
||||
logger('mod_magic: fallback: ' . $b . ' -> ' . $u);
|
||||
|
||||
if($u) {
|
||||
$x = q("select xchan.xchan_url, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
|
||||
where hubloc_url = '%s' order by hubloc_id desc limit 1",
|
||||
dbesc($u)
|
||||
);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if(! $x) {
|
||||
@ -59,9 +56,13 @@ function magic_init(&$a) {
|
||||
}
|
||||
|
||||
if(! $x) {
|
||||
logger('mod_magic: channel not found.' . print_r($_REQUEST,true));
|
||||
notice( t('Channel not found.') . EOL);
|
||||
return;
|
||||
if($rev)
|
||||
goaway($dest);
|
||||
else {
|
||||
logger('mod_magic: channel not found.' . print_r($_REQUEST,true));
|
||||
notice( t('Channel not found.') . EOL);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
// This is ready-made for a plugin that provides a blacklist or "ask me" before blindly authenticating.
|
||||
|
||||
Reference in New Issue
Block a user