if (strlen($listenee) > 255) {
throw new OAuthException("Listenee URI '$listenee' too long");
}
+
+ $other = User::staticGet('uri', $listenee);
+ if ($other) {
+ throw new OAuthException("Listenee URI '$listenee' is local user");
+ }
+
$remote = Remote_profile::staticGet('uri', $listenee);
if ($remote) {
$sub = new Subscription();
if (!common_valid_http_url($profile)) {
throw new OAuthException("Invalid profile URL '$profile'.");
}
+
+ if ($profile == common_local_url('showstream', array('nickname' => $nickname))) {
+ throw new OAuthException("Profile URL '$profile' is for a local user.");
+ }
+
$license = $req->get_parameter('omb_listenee_license');
if (!common_valid_http_url($license)) {
throw new OAuthException("Invalid license URL '$license'.");
if ($callback && !common_valid_http_url($callback)) {
throw new OAuthException("Invalid callback URL '$callback'");
}
+ if ($callback && $callback == common_local_url('finishremotesubscribe')) {
+ throw new OAuthException("Callback URL '$callback' is for local site.");
+ }
}
# Snagged from OAuthServer
projects / quix0rs-gnu-social.git / blobdiff