4 files changed, 52 insertions, 14 deletions

diff --git a/classes/Nonce.php b/classes/Nonce.php
index 2c0edfa14..486a65a3c 100644
--- a/classes/Nonce.php
+++ b/classes/Nonce.php
@@ -4,22 +4,21 @@
  */
 require_once INSTALLDIR.'/classes/Memcached_DataObject.php';
 
-class Nonce extends Memcached_DataObject 
+class Nonce extends Memcached_DataObject
 {
     ###START_AUTOCODE
     /* the code below is auto generated do not remove the above tag */
 
     public $__table = 'nonce';                           // table name
     public $consumer_key;                    // varchar(255)  primary_key not_null
-    public $tok;                             // char(32)  primary_key not_null
+    public $tok;                             // char(32)
     public $nonce;                           // char(32)  primary_key not_null
-    public $ts;                              // datetime()   not_null
+    public $ts;                              // datetime()  primary_key not_null
     public $created;                         // datetime()   not_null
     public $modified;                        // timestamp()   not_null default_CURRENT_TIMESTAMP
 
     /* Static get */
-    function staticGet($k,$v=null)
-    { return Memcached_DataObject::staticGet('Nonce',$k,$v); }
+    function staticGet($k,$v=NULL) { return Memcached_DataObject::staticGet('Nonce',$k,$v); }
 
     /* the code above is auto generated do not remove the tag below */
     ###END_AUTOCODE
diff --git a/classes/Notice.php b/classes/Notice.php
index 9b5194a5c..adeed2796 100644
--- a/classes/Notice.php
+++ b/classes/Notice.php
@@ -122,6 +122,8 @@ class Notice extends Memcached_DataObject
 
         $profile = Profile::staticGet($profile_id);
 
+        $final =  common_shorten_links($content);
+
         if (!$profile) {
             common_log(LOG_ERR, 'Problem saving notice. Unknown user.');
             return _('Problem saving notice. Unknown user.');
@@ -132,7 +134,12 @@ class Notice extends Memcached_DataObject
             return _('Too many notices too fast; take a breather and post again in a few minutes.');
         }
 
-        $banned = common_config('profile', 'banned');
+        if (common_config('site', 'dupelimit') > 0 && !Notice::checkDupes($profile_id, $final)) {
+            common_log(LOG_WARNING, 'Dupe posting by profile #' . $profile_id . '; throttled.');
+			return _('Too many duplicate messages too quickly; take a breather and post again in a few minutes.');
+        }
+
+		$banned = common_config('profile', 'banned');
 
         if ( in_array($profile_id, $banned) || in_array($profile->nickname, $banned)) {
             common_log(LOG_WARNING, "Attempted post from banned user: $profile->nickname (user id = $profile_id).");
@@ -156,11 +163,12 @@ class Notice extends Memcached_DataObject
 
 		$notice->query('BEGIN');
 
-        $notice->created = common_sql_now();
-        $notice->content = common_shorten_links($content);
-        $notice->rendered = common_render_content($notice->content, $notice);
-        $notice->source = $source;
-        $notice->uri = $uri;
+		$notice->reply_to = $reply_to;
+		$notice->created = common_sql_now();
+		$notice->content = $final;
+		$notice->rendered = common_render_content($final, $notice);
+		$notice->source = $source;
+		$notice->uri = $uri;
 
         if (!empty($reply_to)) {
             $reply_notice = Notice::staticGet('id', $reply_to);
@@ -212,6 +220,36 @@ class Notice extends Memcached_DataObject
         return $notice;
     }
 
+    static function checkDupes($profile_id, $content) {
+        $profile = Profile::staticGet($profile_id);
+        if (!$profile) {
+            return false;
+        }
+        $notice = $profile->getNotices(0, NOTICE_CACHE_WINDOW);
+        if ($notice) {
+            $last = 0;
+            while ($notice->fetch()) {
+                if (time() - strtotime($notice->created) >= common_config('site', 'dupelimit')) {
+                    return true;
+                } else if ($notice->content == $content) {
+                    return false;
+                }
+            }
+        }
+        # If we get here, oldest item in cache window is not
+        # old enough for dupe limit; do direct check against DB
+        $notice = new Notice();
+        $notice->profile_id = $profile_id;
+        $notice->content = $content;
+        if (common_config('db','type') == 'pgsql')
+            $notice->whereAdd('extract(epoch from now() - created) < ' . common_config('site', 'dupelimit'));
+        else
+            $notice->whereAdd('now() - created < ' . common_config('site', 'dupelimit'));
+
+        $cnt = $notice->count();
+        return ($cnt == 0);
+    }
+
     static function checkEditThrottle($profile_id) {
         $profile = Profile::staticGet($profile_id);
         if (!$profile) {
diff --git a/classes/User.php b/classes/User.php
index 8b0b9acd5..d9f30bec5 100644
--- a/classes/User.php
+++ b/classes/User.php
@@ -121,7 +121,8 @@ class User extends Memcached_DataObject
         static $blacklist = array('rss', 'xrds', 'doc', 'main',
                                   'settings', 'notice', 'user',
                                   'search', 'avatar', 'tag', 'tags',
-                                  'api', 'message', 'group', 'groups');
+                                  'api', 'message', 'group', 'groups',
+                                  'local');
         $merged = array_merge($blacklist, common_config('nickname', 'blacklist'));
         return !in_array($nickname, $merged);
     }
diff --git a/classes/laconica.ini b/classes/laconica.ini
index aaa7035a4..dd424bbdd 100755
--- a/classes/laconica.ini
+++ b/classes/laconica.ini
@@ -145,7 +145,7 @@ id = N
 
 [nonce]
 consumer_key = 130
-tok = 130
+tok = 2
 nonce = 130
 ts = 142
 created = 142
@@ -153,8 +153,8 @@ modified = 384
 
 [nonce__keys]
 consumer_key = K
-tok = K
 nonce = K
+ts = K
 
 [notice]
 id = 129