CSRF protection in user registration

[quix0rs-gnu-social.git] / lib / jabber.php

diff --git a/lib/jabber.php b/lib/jabber.php
index 01ec8da43951b8c8a2893a23695b761bc44a1bc9..1202aa32227505f4d0682389063c695728f6fa73 100644 (file)
--- a/lib/jabber.php
+++ b/lib/jabber.php
@@ -271,8 +271,9 @@ function jabber_broadcast_notice($notice) {
        $public = common_config('xmpp', 'public');
        
        # FIXME PRIV don't send out private messages here
+       # XXX: should we send out non-local messages if public,localonly = false? I think not
        
-       if ($public) {
+       if ($public && $notice->is_local) {
                foreach ($public as $address) {
                                common_log(LOG_INFO,
                                                   'Sending notice ' . $notice->id . ' to public listener ' . $address,