harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

The rest of the library and backend changes to support client-side e2ee and deprecate previous uses of item_obscured.

Browse Source
This commit is contained in:
zotlabs
2017-04-20 20:19:15 -07:00
committed by Mario Vavti
parent d48bda88e6
commit c904bd3a62
6 changed files with 20 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
Zotlabs/Module/Editwebpage.php
View File

@@ -100,19 +100,14 @@ class Editwebpage extends \Zotlabs\Web\Controller {
intval($owner)
);
if(! $itm) {
// don't allow web editing of potentially binary content (item_obscured = 1)
// @FIXME how do we do it instead?
if((! $itm) || intval($itm[0]['item_obscured'])) {
notice( t('Permission denied.') . EOL);
return;
}
if(intval($itm[0]['item_obscured'])) {
$key = get_config('system','prvkey');
if($itm[0]['title'])
$itm[0]['title'] = crypto_unencapsulate(json_decode($itm[0]['title'],true),$key);
if($itm[0]['body'])
$itm[0]['body'] = crypto_unencapsulate(json_decode($itm[0]['body'],true),$key);
}
$item_id = q("select * from iconfig where cat = 'system' and k = 'WEBPAGE' and iid = %d limit 1",
intval($itm[0]['id'])
);