statianzo
/
honk
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

allow resigned content from trusted honkers.

Browse Source 
but keep a log of their deceptions.
master
Ted Unangst 5 years ago
parent cf9a144a6c
commit 86764b327f
2 changed files with 20 additions and 4 deletions
Show Stats Download Patch File Download Diff File

19
fun.go
Unescape View File

@ -328,6 +328,21 @@ func thoudostbitethythumb(userid int64, who string) bool {
return true
}
func keymatch(keyname string, actor string) bool {
return strings.HasPrefix(keyname, actor)
func keymatch(keyname string, actor string, userid int64) bool {
hash := strings.IndexByte(keyname, '#')
if hash == -1 {
hash = len(keyname)
}
owner := keyname[0:hash]
if owner == actor {
return true
}
row := stmtHasHonker.QueryRow(owner, userid)
var id int64
err := row.Scan(&id)
if err == nil {
log.Printf("allowing resigned content by %s", keyname)
return true
}
return false
}

5
honk.go
Unescape View File

@ -320,7 +320,7 @@ func inbox(w http.ResponseWriter, r *http.Request) {
return
}
who, _ := jsongetstring(j, "actor")
if !keymatch(keyname, who) {
if !keymatch(keyname, who, user.ID) {
log.Printf("keyname actor mismatch: %s <> %s", keyname, who)
return
}
@ -1158,7 +1158,7 @@ var stmtHonksForUser, stmtHonksForMe, stmtDeleteHonk, stmtSaveDub *sql.Stmt
var stmtHonksByHonker, stmtSaveHonk, stmtFileData, stmtWhatAbout *sql.Stmt
var stmtFindXonk, stmtSaveDonk, stmtFindFile, stmtSaveFile *sql.Stmt
var stmtAddDoover, stmtGetDoovers, stmtLoadDoover, stmtZapDoover *sql.Stmt
var stmtThumbBiter, stmtZonkIt *sql.Stmt
var stmtHasHonker, stmtThumbBiter, stmtZonkIt *sql.Stmt
func preparetodie(db *sql.DB, s string) *sql.Stmt {
stmt, err := db.Prepare(s)
@ -1172,6 +1172,7 @@ func prepareStatements(db *sql.DB) {
stmtHonkers = preparetodie(db, "select honkerid, userid, name, xid, flavor, combos from honkers where userid = ? and flavor = 'sub' or flavor = 'peep'")
stmtSaveHonker = preparetodie(db, "insert into honkers (userid, name, xid, flavor, combos) values (?, ?, ?, ?, ?)")
stmtUpdateHonker = preparetodie(db, "update honkers set combos = ? where honkerid = ? and userid = ?")
stmtHasHonker = preparetodie(db, "select honkerid from honkers where xid = ? and userid = ?")
stmtDubbers = preparetodie(db, "select honkerid, userid, name, xid, flavor from honkers where userid = ? and flavor = 'dub'")
stmtOneXonk = preparetodie(db, "select honkid, honks.userid, users.username, what, honker, xid, rid, dt, url, audience, noise, convoy from honks join users on honks.userid = users.userid where xid = ?")
stmtHonks = preparetodie(db, "select honkid, honks.userid, users.username, what, honker, xid, rid, dt, url, audience, noise, convoy from honks join users on honks.userid = users.userid where honker = '' order by honkid desc limit 50")

Write Preview
Loading…
Cancel
Save