X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=index.php;h=ed558e5feb44bfa1da8f429d95610f6f42abf8e7;hb=0360f7197aac062eb2fecf95969658ca56068deb;hp=717ae41c0e53b84f414aed21f4e5f1afeed24219;hpb=1ab965c9440a32ab241c9f5e06bea1f7ebb202fd;p=friendica.git diff --git a/index.php b/index.php index 717ae41c0e..ed558e5feb 100644 --- a/index.php +++ b/index.php @@ -121,25 +121,35 @@ if ((x($_SESSION, 'language')) && ($_SESSION['language'] !== $lang)) { L10n::loadTranslationTable($lang); } -if ((x($_GET, 'zrl')) && $a->mode == App::MODE_NORMAL) { - // Only continue when the given profile link seems valid - // Valid profile links contain a path with "/profile/" and no query parameters - if ((parse_url($_GET['zrl'], PHP_URL_QUERY) == "") - && strstr(parse_url($_GET['zrl'], PHP_URL_PATH), "/profile/") - ) { - $_SESSION['my_url'] = $_GET['zrl']; - $a->query_string = preg_replace('/[\?&]zrl=(.*?)([\?&]|$)/is', '', $a->query_string); - Profile::zrlInit($a); - } else { - // Someone came with an invalid parameter, maybe as a DDoS attempt - // We simply stop processing here - logger("Invalid ZRL parameter ".$_GET['zrl'], LOGGER_DEBUG); - header('HTTP/1.1 403 Forbidden'); - echo "

403 Forbidden

"; - killme(); +if ((x($_GET,'zrl')) && $a->mode == App::MODE_NORMAL) { + $a->query_string = Profile::stripZrls($a->query_string); + if (!local_user()) { + // Only continue when the given profile link seems valid + // Valid profile links contain a path with "/profile/" and no query parameters + if ((parse_url($_GET['zrl'], PHP_URL_QUERY) == "") && + strstr(parse_url($_GET['zrl'], PHP_URL_PATH), "/profile/")) { + if (defaults($_SESSION, "visitor_home", "") != $_GET["zrl"]) { + $_SESSION['my_url'] = $_GET['zrl']; + $_SESSION['authenticated'] = 0; + } + Profile::zrlInit($a); + } else { + // Someone came with an invalid parameter, maybe as a DDoS attempt + // We simply stop processing here + logger("Invalid ZRL parameter " . $_GET['zrl'], LOGGER_DEBUG); + header('HTTP/1.1 403 Forbidden'); + echo "

403 Forbidden

"; + killme(); + } } } +if ((x($_GET,'owt')) && $a->mode == App::MODE_NORMAL) { + $token = $_GET['owt']; + $a->query_string = Profile::stripQueryParam($a->query_string, 'owt'); + Profile::openWebAuthInit($token); +} + /** * For Mozilla auth manager - still needs sorting, and this might conflict with LRDD header. * Apache/PHP lumps the Link: headers into one - and other services might not be able to parse it @@ -322,7 +332,7 @@ if (strlen($a->module)) { /** * Load current theme info */ -$theme_info_file = "view/theme/".current_theme()."/theme.php"; +$theme_info_file = 'view/theme/' . $a->getCurrentTheme() . '/theme.php'; if (file_exists($theme_info_file)) { require_once $theme_info_file; } @@ -355,8 +365,8 @@ if ($a->module_loaded) { $func($a); } - if (function_exists(str_replace('-', '_', current_theme()) . '_init')) { - $func = str_replace('-', '_', current_theme()) . '_init'; + if (function_exists(str_replace('-', '_', $a->getCurrentTheme()) . '_init')) { + $func = str_replace('-', '_', $a->getCurrentTheme()) . '_init'; $func($a); } @@ -394,8 +404,8 @@ if ($a->module_loaded) { $a->page['content'] .= $arr['content']; } - if (function_exists(str_replace('-', '_', current_theme()) . '_content_loaded')) { - $func = str_replace('-', '_', current_theme()) . '_content_loaded'; + if (function_exists(str_replace('-', '_', $a->getCurrentTheme()) . '_content_loaded')) { + $func = str_replace('-', '_', $a->getCurrentTheme()) . '_content_loaded'; $func($a); } } @@ -470,7 +480,7 @@ if ($a->is_mobile || $a->is_tablet) { */ if (!$a->theme['stylesheet']) { - $stylesheet = current_theme_url(); + $stylesheet = $a->getCurrentThemeStylesheetPath(); } else { $stylesheet = $a->theme['stylesheet']; }