]> git.mxchange.org Git - friendica.git/blob - include/items.php
don't make -desc so obnoxious looking
[friendica.git] / include / items.php
1 <?php
2
3 require_once('include/bbcode.php');
4 require_once('include/oembed.php');
5 require_once('include/salmon.php');
6 require_once('include/crypto.php');
7
8 function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) {
9
10
11         $sitefeed    = ((strlen($owner_nick)) ? false : true); // not yet implemented, need to rewrite huge chunks of following logic
12         $public_feed = (($dfrn_id) ? false : true);
13         $starred     = false;   // not yet implemented, possible security issues
14         $converse    = false;
15
16         if($public_feed && $a->argc > 2) {
17                 for($x = 2; $x < $a->argc; $x++) {
18                         if($a->argv[$x] == 'converse')
19                                 $converse = true;
20                         if($a->argv[$x] == 'starred')
21                                 $starred = true;
22                         if($a->argv[$x] === 'category' && $a->argc > ($x + 1) && strlen($a->argv[$x+1]))
23                                 $category = $a->argv[$x+1];
24                 }
25
26
27         }
28
29         
30
31         // default permissions - anonymous user
32
33         $sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid`  = '' AND `deny_gid`  = '' ";
34
35         $r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags`
36                 FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
37                 WHERE `contact`.`self` = 1 AND `user`.`nickname` = '%s' LIMIT 1",
38                 dbesc($owner_nick)
39         );
40
41         if(! count($r))
42                 killme();
43
44         $owner = $r[0];
45         $owner_id = $owner['user_uid'];
46         $owner_nick = $owner['nickname'];
47
48         $birthday = feed_birthday($owner_id,$owner['timezone']);
49
50         if(! $public_feed) {
51
52                 $sql_extra = '';
53                 switch($direction) {
54                         case (-1):
55                                 $sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($dfrn_id));
56                                 $my_id = $dfrn_id;
57                                 break;
58                         case 0:
59                                 $sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
60                                 $my_id = '1:' . $dfrn_id;
61                                 break;
62                         case 1:
63                                 $sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
64                                 $my_id = '0:' . $dfrn_id;
65                                 break;
66                         default:
67                                 return false;
68                                 break; // NOTREACHED
69                 }
70
71                 $r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `contact`.`uid` = %d $sql_extra LIMIT 1",
72                         intval($owner_id)
73                 );
74
75                 if(! count($r))
76                         killme();
77
78                 $contact = $r[0];
79                 $groups = init_groups_visitor($contact['id']);
80
81                 if(count($groups)) {
82                         for($x = 0; $x < count($groups); $x ++) 
83                                 $groups[$x] = '<' . intval($groups[$x]) . '>' ;
84                         $gs = implode('|', $groups);
85                 }
86                 else
87                         $gs = '<<>>' ; // Impossible to match 
88
89                 $sql_extra = sprintf(" 
90                         AND ( `allow_cid` = '' OR     `allow_cid` REGEXP '<%d>' ) 
91                         AND ( `deny_cid`  = '' OR NOT `deny_cid`  REGEXP '<%d>' ) 
92                         AND ( `allow_gid` = '' OR     `allow_gid` REGEXP '%s' )
93                         AND ( `deny_gid`  = '' OR NOT `deny_gid`  REGEXP '%s') 
94                 ",
95                         intval($contact['id']),
96                         intval($contact['id']),
97                         dbesc($gs),
98                         dbesc($gs)
99                 );
100         }
101
102         if($public_feed)
103                 $sort = 'DESC';
104         else
105                 $sort = 'ASC';
106
107         if(! strlen($last_update))
108                 $last_update = 'now -30 days';
109
110         if(isset($category)) {
111                 $sql_extra .= file_tag_file_query('item',$category,'category');
112         }
113
114         if($public_feed) {
115                 if(! $converse)
116                         $sql_extra .= " AND `contact`.`self` = 1 ";
117         }
118
119         $check_date = datetime_convert('UTC','UTC',$last_update,'Y-m-d H:i:s');
120
121         $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, 
122                 `contact`.`name`, `contact`.`photo`, `contact`.`url`, 
123                 `contact`.`name-date`, `contact`.`uri-date`, `contact`.`avatar-date`,
124                 `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, 
125                 `contact`.`id` AS `contact-id`, `contact`.`uid` AS `contact-uid`,
126                 `sign`.`signed_text`, `sign`.`signature`, `sign`.`signer`
127                 FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
128                 LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id`
129                 WHERE `item`.`uid` = %d AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`parent` != 0 
130                 AND `item`.`wall` = 1 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
131                 AND ( `item`.`edited` > '%s' OR `item`.`changed` > '%s' )
132                 $sql_extra
133                 ORDER BY `parent` %s, `created` ASC LIMIT 0, 300",
134                 intval($owner_id),
135                 dbesc($check_date),
136                 dbesc($check_date),
137                 dbesc($sort)
138         );
139
140         // Will check further below if this actually returned results.
141         // We will provide an empty feed if that is the case.
142
143         $items = $r;
144
145         $feed_template = get_markup_template(($dfrn_id) ? 'atom_feed_dfrn.tpl' : 'atom_feed.tpl');
146
147         $atom = '';
148
149         $hubxml = feed_hublinks();
150
151         $salmon = feed_salmonlinks($owner_nick);
152
153         $atom .= replace_macros($feed_template, array(
154                 '$version'      => xmlify(FRIENDICA_VERSION),
155                 '$feed_id'      => xmlify($a->get_baseurl() . '/profile/' . $owner_nick),
156                 '$feed_title'   => xmlify($owner['name']),
157                 '$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now' , ATOM_TIME)) ,
158                 '$hub'          => $hubxml,
159                 '$salmon'       => $salmon,
160                 '$name'         => xmlify($owner['name']),
161                 '$profile_page' => xmlify($owner['url']),
162                 '$photo'        => xmlify($owner['photo']),
163                 '$thumb'        => xmlify($owner['thumb']),
164                 '$picdate'      => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) ,
165                 '$uridate'      => xmlify(datetime_convert('UTC','UTC',$owner['uri-date']    . '+00:00' , ATOM_TIME)) ,
166                 '$namdate'      => xmlify(datetime_convert('UTC','UTC',$owner['name-date']   . '+00:00' , ATOM_TIME)) , 
167                 '$birthday'     => ((strlen($birthday)) ? '<dfrn:birthday>' . xmlify($birthday) . '</dfrn:birthday>' : ''),
168                 '$community'    => (($owner['page-flags'] == PAGE_COMMUNITY) ? '<dfrn:community>1</dfrn:community>' : '')
169         ));
170
171         call_hooks('atom_feed', $atom);
172
173         if(! count($items)) {
174
175                 call_hooks('atom_feed_end', $atom);
176
177                 $atom .= '</feed>' . "\r\n";
178                 return $atom;
179         }
180
181         foreach($items as $item) {
182
183                 // public feeds get html, our own nodes use bbcode
184
185                 if($public_feed) {
186                         $type = 'html';
187                         // catch any email that's in a public conversation and make sure it doesn't leak
188                         if($item['private'])
189                                 continue;
190                 }
191                 else {
192                         $type = 'text';
193                 }
194
195                 $atom .= atom_entry($item,$type,null,$owner,true);
196         }
197
198         call_hooks('atom_feed_end', $atom);
199
200         $atom .= '</feed>' . "\r\n";
201
202         return $atom;
203 }
204
205
206 function construct_verb($item) {
207         if($item['verb'])
208                 return $item['verb'];
209         return ACTIVITY_POST;
210 }
211
212 function construct_activity_object($item) {
213
214         if($item['object']) {
215                 $o = '<as:object>' . "\r\n";
216                 $r = parse_xml_string($item['object'],false);
217
218
219                 if(! $r)
220                         return '';
221                 if($r->type)
222                         $o .= '<as:object-type>' . xmlify($r->type) . '</as:object-type>' . "\r\n";
223                 if($r->id)
224                         $o .= '<id>' . xmlify($r->id) . '</id>' . "\r\n";
225                 if($r->title)
226                         $o .= '<title>' . xmlify($r->title) . '</title>' . "\r\n";
227                 if($r->link) {
228                         if(substr($r->link,0,1) === '<') {
229                                 // patch up some facebook "like" activity objects that got stored incorrectly
230                                 // for a couple of months prior to 9-Jun-2011 and generated bad XML.
231                                 // we can probably remove this hack here and in the following function in a few months time.
232                                 if(strstr($r->link,'&') && (! strstr($r->link,'&amp;')))
233                                         $r->link = str_replace('&','&amp;', $r->link);
234                                 $r->link = preg_replace('/\<link(.*?)\"\>/','<link$1"/>',$r->link);
235                                 $o .= $r->link;
236                         }                                       
237                         else
238                                 $o .= '<link rel="alternate" type="text/html" href="' . xmlify($r->link) . '" />' . "\r\n";
239                 }
240                 if($r->content)
241                         $o .= '<content type="html" >' . xmlify(bbcode($r->content)) . '</content>' . "\r\n";
242                 $o .= '</as:object>' . "\r\n";
243                 return $o;
244         }
245
246         return '';
247
248
249 function construct_activity_target($item) {
250
251         if($item['target']) {
252                 $o = '<as:target>' . "\r\n";
253                 $r = parse_xml_string($item['target'],false);
254                 if(! $r)
255                         return '';
256                 if($r->type)
257                         $o .= '<as:object-type>' . xmlify($r->type) . '</as:object-type>' . "\r\n";
258                 if($r->id)
259                         $o .= '<id>' . xmlify($r->id) . '</id>' . "\r\n";
260                 if($r->title)
261                         $o .= '<title>' . xmlify($r->title) . '</title>' . "\r\n";
262                 if($r->link) {
263                         if(substr($r->link,0,1) === '<') {
264                                 if(strstr($r->link,'&') && (! strstr($r->link,'&amp;')))
265                                         $r->link = str_replace('&','&amp;', $r->link);
266                                 $r->link = preg_replace('/\<link(.*?)\"\>/','<link$1"/>',$r->link);
267                                 $o .= $r->link;
268                         }                                       
269                         else
270                                 $o .= '<link rel="alternate" type="text/html" href="' . xmlify($r->link) . '" />' . "\r\n";
271                 }
272                 if($r->content)
273                         $o .= '<content type="html" >' . xmlify(bbcode($r->content)) . '</content>' . "\r\n";
274                 $o .= '</as:target>' . "\r\n";
275                 return $o;
276         }
277
278         return '';
279
280
281
282
283
284 function get_atom_elements($feed,$item) {
285
286         require_once('library/HTMLPurifier.auto.php');
287         require_once('include/html2bbcode.php');
288
289         $best_photo = array();
290
291         $res = array();
292
293         $author = $item->get_author();
294         if($author) { 
295                 $res['author-name'] = unxmlify($author->get_name());
296                 $res['author-link'] = unxmlify($author->get_link());
297         }
298         else {
299                 $res['author-name'] = unxmlify($feed->get_title());
300                 $res['author-link'] = unxmlify($feed->get_permalink());
301         }
302         $res['uri'] = unxmlify($item->get_id());
303         $res['title'] = unxmlify($item->get_title());
304         $res['body'] = unxmlify($item->get_content());
305         $res['plink'] = unxmlify($item->get_link(0));
306
307         if($res['plink'])
308                 $base_url = implode('/', array_slice(explode('/',$res['plink']),0,3));
309         else
310                 $base_url = '';
311
312         // look for a photo. We should check media size and find the best one,
313         // but for now let's just find any author photo
314
315         $rawauthor = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author');
316
317         if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
318                 $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
319                 foreach($base as $link) {
320                         if(!x($res, 'author-avatar') || !$res['author-avatar']) {
321                                 if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')
322                                         $res['author-avatar'] = unxmlify($link['attribs']['']['href']);
323                         }
324                 }
325         }                       
326
327         $rawactor = $item->get_item_tags(NAMESPACE_ACTIVITY, 'actor');
328
329         if($rawactor && activity_match($rawactor[0]['child'][NAMESPACE_ACTIVITY]['object-type'][0]['data'],ACTIVITY_OBJ_PERSON)) {
330                 $base = $rawactor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
331                 if($base && count($base)) {
332                         foreach($base as $link) {
333                                 if($link['attribs']['']['rel'] === 'alternate' && (! $res['author-link']))
334                                         $res['author-link'] = unxmlify($link['attribs']['']['href']);
335                                 if(!x($res, 'author-avatar') || !$res['author-avatar']) {
336                                         if($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo')
337                                                 $res['author-avatar'] = unxmlify($link['attribs']['']['href']);
338                                 }
339                         }
340                 }
341         }
342
343         // No photo/profile-link on the item - look at the feed level
344
345         if((! (x($res,'author-link'))) || (! (x($res,'author-avatar')))) {
346                 $rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author');
347                 if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
348                         $base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
349                         foreach($base as $link) {
350                                 if($link['attribs']['']['rel'] === 'alternate' && (! $res['author-link']))
351                                         $res['author-link'] = unxmlify($link['attribs']['']['href']);
352                                 if(! $res['author-avatar']) {
353                                         if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')
354                                                 $res['author-avatar'] = unxmlify($link['attribs']['']['href']);
355                                 }
356                         }
357                 }                       
358
359                 $rawactor = $feed->get_feed_tags(NAMESPACE_ACTIVITY, 'subject');
360
361                 if($rawactor && activity_match($rawactor[0]['child'][NAMESPACE_ACTIVITY]['object-type'][0]['data'],ACTIVITY_OBJ_PERSON)) {
362                         $base = $rawactor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
363
364                         if($base && count($base)) {
365                                 foreach($base as $link) {
366                                         if($link['attribs']['']['rel'] === 'alternate' && (! $res['author-link']))
367                                                 $res['author-link'] = unxmlify($link['attribs']['']['href']);
368                                         if(! (x($res,'author-avatar'))) {
369                                                 if($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo')
370                                                         $res['author-avatar'] = unxmlify($link['attribs']['']['href']);
371                                         }
372                                 }
373                         }
374                 }
375         }
376
377         $apps = $item->get_item_tags(NAMESPACE_STATUSNET,'notice_info');
378         if($apps && $apps[0]['attribs']['']['source']) {
379                 $res['app'] = strip_tags(unxmlify($apps[0]['attribs']['']['source']));
380                 if($res['app'] === 'web')
381                         $res['app'] = 'OStatus';
382         }                  
383
384         // base64 encoded json structure representing Diaspora signature
385
386         $dsig = $item->get_item_tags(NAMESPACE_DFRN,'diaspora_signature');
387         if($dsig) {
388                 $res['dsprsig'] = unxmlify($dsig[0]['data']);
389         }
390
391         $dguid = $item->get_item_tags(NAMESPACE_DFRN,'diaspora_guid');
392         if($dguid)
393                 $res['guid'] = unxmlify($dguid[0]['data']);
394
395         $bm = $item->get_item_tags(NAMESPACE_DFRN,'bookmark');
396         if($bm)
397                 $res['bookmark'] = ((unxmlify($bm[0]['data']) === 'true') ? 1 : 0);
398
399
400         /**
401          * If there's a copy of the body content which is guaranteed to have survived mangling in transit, use it.
402          */
403
404         $have_real_body = false;
405
406         $rawenv = $item->get_item_tags(NAMESPACE_DFRN, 'env');
407         if($rawenv) {
408                 $have_real_body = true;
409                 $res['body'] = $rawenv[0]['data'];
410                 $res['body'] = str_replace(array(' ',"\t","\r","\n"), array('','','',''),$res['body']);
411                 // make sure nobody is trying to sneak some html tags by us
412                 $res['body'] = notags(base64url_decode($res['body']));
413         }
414
415         $maxlen = get_max_import_size();
416         if($maxlen && (strlen($res['body']) > $maxlen))
417                 $res['body'] = substr($res['body'],0, $maxlen);
418
419         // It isn't certain at this point whether our content is plaintext or html and we'd be foolish to trust 
420         // the content type. Our own network only emits text normally, though it might have been converted to 
421         // html if we used a pubsubhubbub transport. But if we see even one html tag in our text, we will
422         // have to assume it is all html and needs to be purified.
423
424         // It doesn't matter all that much security wise - because before this content is used anywhere, we are 
425         // going to escape any tags we find regardless, but this lets us import a limited subset of html from 
426         // the wild, by sanitising it and converting supported tags to bbcode before we rip out any remaining 
427         // html.
428
429         if((strpos($res['body'],'<') !== false) && (strpos($res['body'],'>') !== false)) {
430
431                 $res['body'] = reltoabs($res['body'],$base_url);
432
433                 $res['body'] = html2bb_video($res['body']);
434
435                 $res['body'] = oembed_html2bbcode($res['body']);
436
437                 $config = HTMLPurifier_Config::createDefault();
438                 $config->set('Cache.DefinitionImpl', null);
439
440                 // we shouldn't need a whitelist, because the bbcode converter
441                 // will strip out any unsupported tags.
442
443                 $purifier = new HTMLPurifier($config);
444                 $res['body'] = $purifier->purify($res['body']);
445
446                 $res['body'] = @html2bbcode($res['body']);
447         }
448         elseif(! $have_real_body) {
449
450                 // it's not one of our messages and it has no tags
451                 // so it's probably just text. We'll escape it just to be safe.
452
453                 $res['body'] = escape_tags($res['body']);
454         }
455
456         // this tag is obsolete but we keep it for really old sites
457
458         $allow = $item->get_item_tags(NAMESPACE_DFRN,'comment-allow');
459         if($allow && $allow[0]['data'] == 1)
460                 $res['last-child'] = 1;
461         else
462                 $res['last-child'] = 0;
463
464         $private = $item->get_item_tags(NAMESPACE_DFRN,'private');
465         if($private && $private[0]['data'] == 1)
466                 $res['private'] = 1;
467         else
468                 $res['private'] = 0;
469
470         $extid = $item->get_item_tags(NAMESPACE_DFRN,'extid');
471         if($extid && $extid[0]['data'])
472                 $res['extid'] = $extid[0]['data'];
473
474         $rawlocation = $item->get_item_tags(NAMESPACE_DFRN, 'location');
475         if($rawlocation)
476                 $res['location'] = unxmlify($rawlocation[0]['data']);
477
478
479         $rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'published');
480         if($rawcreated)
481                 $res['created'] = unxmlify($rawcreated[0]['data']);
482
483
484         $rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'updated');
485         if($rawedited)
486                 $res['edited'] = unxmlify($rawedited[0]['data']);
487
488         if((x($res,'edited')) && (! (x($res,'created'))))
489                 $res['created'] = $res['edited']; 
490
491         if(! $res['created'])
492                 $res['created'] = $item->get_date('c');
493
494         if(! $res['edited'])
495                 $res['edited'] = $item->get_date('c');
496
497
498         // Disallow time travelling posts
499
500         $d1 = strtotime($res['created']);
501         $d2 = strtotime($res['edited']);
502         $d3 = strtotime('now');
503
504         if($d1 > $d3)
505                 $res['created'] = datetime_convert();
506         if($d2 > $d3)
507                 $res['edited'] = datetime_convert();
508
509         $rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner');
510         if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data'])
511                 $res['owner-name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']);
512         elseif($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data'])
513                 $res['owner-name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']);
514         if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data'])
515                 $res['owner-link'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']);
516         elseif($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data'])
517                 $res['owner-link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']);
518
519         if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
520                 $base = $rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
521
522                 foreach($base as $link) {
523                         if(!x($res, 'owner-avatar') || !$res['owner-avatar']) {
524                                 if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')                 
525                                         $res['owner-avatar'] = unxmlify($link['attribs']['']['href']);
526                         }
527                 }
528         }
529
530         $rawgeo = $item->get_item_tags(NAMESPACE_GEORSS,'point');
531         if($rawgeo)
532                 $res['coord'] = unxmlify($rawgeo[0]['data']);
533
534
535         $rawverb = $item->get_item_tags(NAMESPACE_ACTIVITY, 'verb');
536
537         // select between supported verbs
538
539         if($rawverb) {
540                 $res['verb'] = unxmlify($rawverb[0]['data']);
541         }
542
543         // translate OStatus unfollow to activity streams if it happened to get selected
544                 
545         if((x($res,'verb')) && ($res['verb'] === 'http://ostatus.org/schema/1.0/unfollow'))
546                 $res['verb'] = ACTIVITY_UNFOLLOW;
547
548         $cats = $item->get_categories();
549         if($cats) {
550                 $tag_arr = array();
551                 foreach($cats as $cat) {
552                         $term = $cat->get_term();
553                         if(! $term)
554                                 $term = $cat->get_label();
555                         $scheme = $cat->get_scheme();
556                         if($scheme && $term && stristr($scheme,'X-DFRN:'))
557                                 $tag_arr[] = substr($scheme,7,1) . '[url=' . unxmlify(substr($scheme,9)) . ']' . unxmlify($term) . '[/url]';
558                         elseif($term)
559                                 $tag_arr[] = notags(trim($term));
560                 }
561                 $res['tag'] =  implode(',', $tag_arr);
562         }
563
564         $attach = $item->get_enclosures();
565         if($attach) {
566                 $att_arr = array();
567                 foreach($attach as $att) {
568                         $len   = intval($att->get_length());
569                         $link  = str_replace(array(',','"'),array('%2D','%22'),notags(trim(unxmlify($att->get_link()))));
570                         $title = str_replace(array(',','"'),array('%2D','%22'),notags(trim(unxmlify($att->get_title()))));
571                         $type  = str_replace(array(',','"'),array('%2D','%22'),notags(trim(unxmlify($att->get_type()))));
572                         if(strpos($type,';'))
573                                 $type = substr($type,0,strpos($type,';'));
574                         if((! $link) || (strpos($link,'http') !== 0))
575                                 continue;
576
577                         if(! $title)
578                                 $title = ' ';
579                         if(! $type)
580                                 $type = 'application/octet-stream';
581
582                         $att_arr[] = '[attach]href="' . $link . '" length="' . $len . '" type="' . $type . '" title="' . $title . '"[/attach]'; 
583                 }
584                 $res['attach'] = implode(',', $att_arr);
585         }
586
587         $rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'object');
588
589         if($rawobj) {
590                 $res['object'] = '<object>' . "\n";
591                 $child = $rawobj[0]['child'];
592                 if($child[NAMESPACE_ACTIVITY]['object-type'][0]['data']) {
593                         $res['object-type'] = $child[NAMESPACE_ACTIVITY]['object-type'][0]['data'];
594                         $res['object'] .= '<type>' . $child[NAMESPACE_ACTIVITY]['object-type'][0]['data'] . '</type>' . "\n";
595                 }       
596                 if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'id') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'])
597                         $res['object'] .= '<id>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'] . '</id>' . "\n";
598                 if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'link') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['link'])
599                         $res['object'] .= '<link>' . encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) . '</link>' . "\n";
600                 if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'title') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'])
601                         $res['object'] .= '<title>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'] . '</title>' . "\n";
602                 if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'content') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) {
603                         $body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data'];
604                         if(! $body)
605                                 $body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
606                         // preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events
607                         $res['object'] .= '<orig>' . xmlify($body) . '</orig>' . "\n";
608                         if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) {
609
610                                 $body = html2bb_video($body);
611
612                                 $config = HTMLPurifier_Config::createDefault();
613                                 $config->set('Cache.DefinitionImpl', null);
614
615                                 $purifier = new HTMLPurifier($config);
616                                 $body = $purifier->purify($body);
617                                 $body = html2bbcode($body);
618                         }
619
620                         $res['object'] .= '<content>' . $body . '</content>' . "\n";
621                 }
622
623                 $res['object'] .= '</object>' . "\n";
624         }
625
626         $rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'target');
627
628         if($rawobj) {
629                 $res['target'] = '<target>' . "\n";
630                 $child = $rawobj[0]['child'];
631                 if($child[NAMESPACE_ACTIVITY]['object-type'][0]['data']) {
632                         $res['target'] .= '<type>' . $child[NAMESPACE_ACTIVITY]['object-type'][0]['data'] . '</type>' . "\n";
633                 }       
634                 if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'id') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'])
635                         $res['target'] .= '<id>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'] . '</id>' . "\n";
636                 if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'link') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['link'])
637                         $res['target'] .= '<link>' . encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) . '</link>' . "\n";
638                 if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'data') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'])
639                         $res['target'] .= '<title>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'] . '</title>' . "\n";
640                 if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'data') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) {
641                         $body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data'];
642                         if(! $body)
643                                 $body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
644                         // preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events
645                         $res['target'] .= '<orig>' . xmlify($body) . '</orig>' . "\n";
646                         if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) {
647
648                                 $body = html2bb_video($body);
649
650                                 $config = HTMLPurifier_Config::createDefault();
651                                 $config->set('Cache.DefinitionImpl', null);
652
653                                 $purifier = new HTMLPurifier($config);
654                                 $body = $purifier->purify($body);
655                                 $body = html2bbcode($body);
656                         }
657
658                         $res['target'] .= '<content>' . $body . '</content>' . "\n";
659                 }
660
661                 $res['target'] .= '</target>' . "\n";
662         }
663
664         $arr = array('feed' => $feed, 'item' => $item, 'result' => $res);
665
666         call_hooks('parse_atom', $arr);
667
668         return $res;
669 }
670
671 function encode_rel_links($links) {
672         $o = '';
673         if(! ((is_array($links)) && (count($links))))
674                 return $o;
675         foreach($links as $link) {
676                 $o .= '<link ';
677                 if($link['attribs']['']['rel'])
678                         $o .= 'rel="' . $link['attribs']['']['rel'] . '" ';
679                 if($link['attribs']['']['type'])
680                         $o .= 'type="' . $link['attribs']['']['type'] . '" ';
681                 if($link['attribs']['']['href'])
682                         $o .= 'href="' . $link['attribs']['']['href'] . '" ';
683                 if( (x($link['attribs'],NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['width'])
684                         $o .= 'media:width="' . $link['attribs'][NAMESPACE_MEDIA]['width'] . '" ';
685                 if( (x($link['attribs'],NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['height'])
686                         $o .= 'media:height="' . $link['attribs'][NAMESPACE_MEDIA]['height'] . '" ';
687                 $o .= ' />' . "\n" ;
688         }
689         return xmlify($o);
690 }
691
692 function item_store($arr,$force_parent = false) {
693
694         // If a Diaspora signature structure was passed in, pull it out of the 
695         // item array and set it aside for later storage.
696
697         $dsprsig = null;
698         if(x($arr,'dsprsig')) {
699                 $dsprsig = json_decode(base64_decode($arr['dsprsig']));
700                 unset($arr['dsprsig']);
701         }
702
703         if(x($arr, 'gravity'))
704                 $arr['gravity'] = intval($arr['gravity']);
705         elseif($arr['parent-uri'] === $arr['uri'])
706                 $arr['gravity'] = 0;
707         elseif(activity_match($arr['verb'],ACTIVITY_POST))
708                 $arr['gravity'] = 6;
709         else      
710                 $arr['gravity'] = 6;   // extensible catchall
711
712         if(! x($arr,'type'))
713                 $arr['type']      = 'remote';
714
715         // Shouldn't happen but we want to make absolutely sure it doesn't leak from a plugin.
716
717         if((strpos($arr['body'],'<') !== false) || (strpos($arr['body'],'>') !== false)) 
718                 $arr['body'] = strip_tags($arr['body']);
719
720
721         $arr['wall']          = ((x($arr,'wall'))          ? intval($arr['wall'])                : 0);
722         $arr['uri']           = ((x($arr,'uri'))           ? notags(trim($arr['uri']))           : random_string());
723         $arr['extid']         = ((x($arr,'extid'))         ? notags(trim($arr['extid']))         : '');
724         $arr['author-name']   = ((x($arr,'author-name'))   ? notags(trim($arr['author-name']))   : '');
725         $arr['author-link']   = ((x($arr,'author-link'))   ? notags(trim($arr['author-link']))   : '');
726         $arr['author-avatar'] = ((x($arr,'author-avatar')) ? notags(trim($arr['author-avatar'])) : '');
727         $arr['owner-name']    = ((x($arr,'owner-name'))    ? notags(trim($arr['owner-name']))    : '');
728         $arr['owner-link']    = ((x($arr,'owner-link'))    ? notags(trim($arr['owner-link']))    : '');
729         $arr['owner-avatar']  = ((x($arr,'owner-avatar'))  ? notags(trim($arr['owner-avatar']))  : '');
730         $arr['created']       = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert());
731         $arr['edited']        = ((x($arr,'edited')  !== false) ? datetime_convert('UTC','UTC',$arr['edited'])  : datetime_convert());
732         $arr['commented']     = datetime_convert();
733         $arr['received']      = datetime_convert();
734         $arr['changed']       = datetime_convert();
735         $arr['title']         = ((x($arr,'title'))         ? notags(trim($arr['title']))         : '');
736         $arr['location']      = ((x($arr,'location'))      ? notags(trim($arr['location']))      : '');
737         $arr['coord']         = ((x($arr,'coord'))         ? notags(trim($arr['coord']))         : '');
738         $arr['last-child']    = ((x($arr,'last-child'))    ? intval($arr['last-child'])          : 0 );
739         $arr['visible']       = ((x($arr,'visible') !== false) ? intval($arr['visible'])         : 1 );
740         $arr['deleted']       = 0;
741         $arr['parent-uri']    = ((x($arr,'parent-uri'))    ? notags(trim($arr['parent-uri']))    : '');
742         $arr['verb']          = ((x($arr,'verb'))          ? notags(trim($arr['verb']))          : '');
743         $arr['object-type']   = ((x($arr,'object-type'))   ? notags(trim($arr['object-type']))   : '');
744         $arr['object']        = ((x($arr,'object'))        ? trim($arr['object'])                : '');
745         $arr['target-type']   = ((x($arr,'target-type'))   ? notags(trim($arr['target-type']))   : '');
746         $arr['target']        = ((x($arr,'target'))        ? trim($arr['target'])                : '');
747         $arr['plink']         = ((x($arr,'plink'))         ? notags(trim($arr['plink']))         : '');
748         $arr['allow_cid']     = ((x($arr,'allow_cid'))     ? trim($arr['allow_cid'])             : '');
749         $arr['allow_gid']     = ((x($arr,'allow_gid'))     ? trim($arr['allow_gid'])             : '');
750         $arr['deny_cid']      = ((x($arr,'deny_cid'))      ? trim($arr['deny_cid'])              : '');
751         $arr['deny_gid']      = ((x($arr,'deny_gid'))      ? trim($arr['deny_gid'])              : '');
752         $arr['private']       = ((x($arr,'private'))       ? intval($arr['private'])             : 0 );
753         $arr['bookmark']      = ((x($arr,'bookmark'))      ? intval($arr['bookmark'])            : 0 );
754         $arr['body']          = ((x($arr,'body'))          ? trim($arr['body'])                  : '');
755         $arr['tag']           = ((x($arr,'tag'))           ? notags(trim($arr['tag']))           : '');
756         $arr['attach']        = ((x($arr,'attach'))        ? notags(trim($arr['attach']))        : '');
757         $arr['app']           = ((x($arr,'app'))           ? notags(trim($arr['app']))           : '');
758         $arr['origin']        = ((x($arr,'origin'))        ? intval($arr['origin'])              : 0 );
759         $arr['guid']          = ((x($arr,'guid'))          ? notags(trim($arr['guid']))          : get_guid());
760
761         if($arr['parent-uri'] === $arr['uri']) {
762                 $parent_id = 0;
763                 $parent_deleted = 0;
764                 $allow_cid = $arr['allow_cid'];
765                 $allow_gid = $arr['allow_gid'];
766                 $deny_cid  = $arr['deny_cid'];
767                 $deny_gid  = $arr['deny_gid'];
768         }
769         else { 
770
771                 // find the parent and snarf the item id and ACL's
772                 // and anything else we need to inherit
773
774                 $r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC LIMIT 1",
775                         dbesc($arr['parent-uri']),
776                         intval($arr['uid'])
777                 );
778
779                 if(count($r)) {
780
781                         // is the new message multi-level threaded?
782                         // even though we don't support it now, preserve the info
783                         // and re-attach to the conversation parent.
784
785                         if($r[0]['uri'] != $r[0]['parent-uri']) {
786                                 $arr['thr-parent'] = $arr['parent-uri'];
787                                 $arr['parent-uri'] = $r[0]['parent-uri'];
788                                 $z = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d 
789                                         ORDER BY `id` ASC LIMIT 1",
790                                         dbesc($r[0]['parent-uri']),
791                                         dbesc($r[0]['parent-uri']),
792                                         intval($arr['uid'])
793                                 );
794                                 if($z && count($z))
795                                         $r = $z;
796                         }
797
798                         $parent_id      = $r[0]['id'];
799                         $parent_deleted = $r[0]['deleted'];
800                         $allow_cid      = $r[0]['allow_cid'];
801                         $allow_gid      = $r[0]['allow_gid'];
802                         $deny_cid       = $r[0]['deny_cid'];
803                         $deny_gid       = $r[0]['deny_gid'];
804                         $arr['wall']    = $r[0]['wall'];
805                 }
806                 else {
807
808                         // Allow one to see reply tweets from status.net even when
809                         // we don't have or can't see the original post.
810
811                         if($force_parent) {
812                                 logger('item_store: $force_parent=true, reply converted to top-level post.');
813                                 $parent_id = 0;
814                                 $arr['thr-parent'] = $arr['parent-uri'];
815                                 $arr['parent-uri'] = $arr['uri'];
816                                 $arr['gravity'] = 0;
817                         }
818                         else {
819                                 logger('item_store: item parent was not found - ignoring item');
820                                 return 0;
821                         }
822                         
823                         $parent_deleted = 0;
824                 }
825         }
826
827         $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
828                 dbesc($arr['uri']),
829                 intval($arr['uid'])
830         );
831         if($r && count($r)) {
832                 logger('item-store: duplicate item ignored. ' . print_r($arr,true));
833                 return 0;
834         }
835
836         call_hooks('post_remote',$arr);
837
838         if(x($arr,'cancel')) {
839                 logger('item_store: post cancelled by plugin.');
840                 return 0;
841         }
842
843         dbesc_array($arr);
844
845         logger('item_store: ' . print_r($arr,true), LOGGER_DATA);
846
847         $r = dbq("INSERT INTO `item` (`" 
848                         . implode("`, `", array_keys($arr)) 
849                         . "`) VALUES ('" 
850                         . implode("', '", array_values($arr)) 
851                         . "')" );
852
853         // find the item we just created
854
855         $r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC ",
856                 $arr['uri'],           // already dbesc'd
857                 intval($arr['uid'])
858         );
859
860         if(count($r)) {
861                 $current_post = $r[0]['id'];
862                 logger('item_store: created item ' . $current_post);
863         }
864         else {
865                 logger('item_store: could not locate created item');
866                 return 0;
867         }
868         if(count($r) > 1) {
869                 logger('item_store: duplicated post occurred. Removing duplicates.');
870                 q("DELETE FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `id` != %d ",
871                         $arr['uri'],
872                         intval($arr['uid']),
873                         intval($current_post)
874                 );
875         }
876
877         if((! $parent_id) || ($arr['parent-uri'] === $arr['uri']))      
878                 $parent_id = $current_post;
879
880         if(strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid))
881                 $private = 1;
882         else
883                 $private = $arr['private']; 
884
885         // Set parent id - and also make sure to inherit the parent's ACL's.
886
887         $r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',
888                 `deny_cid` = '%s', `deny_gid` = '%s', `private` = %d, `deleted` = %d WHERE `id` = %d LIMIT 1",
889                 intval($parent_id),
890                 dbesc($allow_cid),
891                 dbesc($allow_gid),
892                 dbesc($deny_cid),
893                 dbesc($deny_gid),
894                 intval($private),
895                 intval($parent_deleted),
896                 intval($current_post)
897         );
898
899         // update the commented timestamp on the parent
900
901         q("UPDATE `item` set `commented` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1",
902                 dbesc(datetime_convert()),
903                 dbesc(datetime_convert()),
904                 intval($parent_id)
905         );
906
907         if($dsprsig) {
908                 q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
909                         intval($current_post),
910                         dbesc($dsprsig->signed_text),
911                         dbesc($dsprsig->signature),
912                         dbesc($dsprsig->signer)
913                 );
914         }
915
916
917         /**
918          * If this is now the last-child, force all _other_ children of this parent to *not* be last-child
919          */
920
921         if($arr['last-child']) {
922                 $r = q("UPDATE `item` SET `last-child` = 0 WHERE `parent-uri` = '%s' AND `uid` = %d AND `id` != %d",
923                         dbesc($arr['uri']),
924                         intval($arr['uid']),
925                         intval($current_post)
926                 );
927         }
928
929         tag_deliver($arr['uid'],$current_post);
930
931         return $current_post;
932 }
933
934 function get_item_contact($item,$contacts) {
935         if(! count($contacts) || (! is_array($item)))
936                 return false;
937         foreach($contacts as $contact) {
938                 if($contact['id'] == $item['contact-id']) {
939                         return $contact;
940                         break; // NOTREACHED
941                 }
942         }
943         return false;
944 }
945
946
947 function tag_deliver($uid,$item_id) {
948
949         // look for mention tags and setup a second delivery chain for forum/community posts if appropriate
950
951         $a = get_app();
952
953         $mention = false;
954
955         $u = q("select * from user where uid = %d limit 1",
956                 intval($uid)
957         );
958         if(! count($u))
959                 return;
960
961         $community_page = (($u[0]['page-flags'] == PAGE_COMMUNITY) ? true : false);
962
963         $i = q("select * from item where id = %d and uid = %d limit 1",
964                 intval($item_id),
965                 intval($uid)
966         );
967         if(! count($i))
968                 return;
969
970         $item = $i[0];
971
972         $link = normalise_link($a->get_baseurl() . '/profile/' . $u[0]['nickname']);
973
974         // Diaspora uses their own hardwired link URL in @-tags
975         // instead of the one we supply with webfinger
976
977         $dlink = normalise_link($a->get_baseurl() . '/u/' . $u[0]['nickname']);
978
979         $cnt = preg_match_all('/[\@\!]\[url\=(.*?)\](.*?)\[\/url\]/ism',$item['body'],$matches,PREG_SET_ORDER);
980         if($cnt) {
981                 foreach($matches as $mtch) {
982                         if(link_compare($link,$mtch[1]) || link_compare($dlink,$mtch[1])) {
983                                 $mention = true;
984                                 logger('tag_deliver: mention found: ' . $mtch[2]);
985                         }
986                 }
987         }
988
989         if(! $mention)
990                 return;
991
992         // send a notification
993
994         require_once('include/enotify.php');
995         notification(array(
996                 'type'         => NOTIFY_TAGSELF,
997                 'notify_flags' => $u[0]['notify-flags'],
998                 'language'     => $u[0]['language'],
999                 'to_name'      => $u[0]['username'],
1000                 'to_email'     => $u[0]['email'],
1001                 'uid'          => $u[0]['uid'],
1002                 'item'         => $item,
1003                 'link'         => $a->get_baseurl() . '/display/' . $u[0]['nickname'] . '/' . $item['id'],
1004                 'source_name'  => $item['author-name'],
1005                 'source_link'  => $item['author-link'],
1006                 'source_photo' => $item['author-avatar'],
1007                 'verb'         => ACTIVITY_TAG,
1008                 'otype'        => 'item'
1009         ));
1010
1011         if(! $community_page)
1012                 return;
1013
1014         // tgroup delivery - setup a second delivery chain
1015         // prevent delivery looping - only proceed
1016         // if the message originated elsewhere and is a top-level post
1017
1018         if(($item['wall']) || ($item['origin']) || ($item['id'] != $item['parent']))
1019                 return;
1020
1021         // now change this copy of the post to a forum head message and deliver to all the tgroup members
1022
1023
1024         $c = q("select name, url, thumb from contact where self = 1 and uid = %d limit 1",
1025                 intval($u[0]['uid'])
1026         );
1027         if(! count($c))
1028                 return;
1029
1030         // also reset all the privacy bits to the forum default permissions
1031
1032         $private = ($u[0]['allow_cid'] || $u[0]['allow_gid'] || $u[0]['deny_cid'] || $u[0]['deny_gid']) ? 1 : 0;
1033
1034         q("update item set wall = 1, origin = 1, forum_mode = 1, `owner-name` = '%s', `owner-link` = '%s', `owner-avatar` = '%s', 
1035                 `private` = %d, `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s'  where id = %d limit 1",
1036                 dbesc($c[0]['name']),
1037                 dbesc($c[0]['url']),
1038                 dbesc($c[0]['thumb']),
1039                 intval($private),
1040                 dbesc($u[0]['allow_cid']),
1041                 dbesc($u[0]['allow_gid']),
1042                 dbesc($u[0]['deny_cid']),
1043                 dbesc($u[0]['deny_gid']),
1044                 intval($item_id)
1045         );
1046
1047         proc_run('php','include/notifier.php','tgroup',$item_id);                       
1048
1049 }
1050
1051
1052
1053
1054
1055
1056 function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
1057
1058         $a = get_app();
1059
1060 //      if((! strlen($contact['issued-id'])) && (! $contact['duplex']) && (! ($owner['page-flags'] == PAGE_COMMUNITY)))
1061 //              return 3;
1062
1063         $idtosend = $orig_id = (($contact['dfrn-id']) ? $contact['dfrn-id'] : $contact['issued-id']);
1064
1065         if($contact['duplex'] && $contact['dfrn-id'])
1066                 $idtosend = '0:' . $orig_id;
1067         if($contact['duplex'] && $contact['issued-id'])
1068                 $idtosend = '1:' . $orig_id;            
1069
1070         $rino = ((function_exists('mcrypt_encrypt')) ? 1 : 0);
1071
1072         $rino_enable = get_config('system','rino_encrypt');
1073
1074         if(! $rino_enable)
1075                 $rino = 0;
1076
1077         $ssl_val = intval(get_config('system','ssl_policy'));
1078         $ssl_policy = '';
1079
1080         switch($ssl_val){
1081                 case SSL_POLICY_FULL:
1082                         $ssl_policy = 'full';
1083                         break;
1084                 case SSL_POLICY_SELFSIGN:
1085                         $ssl_policy = 'self';
1086                         break;                  
1087                 case SSL_POLICY_NONE:
1088                 default:
1089                         $ssl_policy = 'none';
1090                         break;
1091         }
1092
1093         $url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino=1' : '');
1094
1095         logger('dfrn_deliver: ' . $url);
1096
1097         $xml = fetch_url($url);
1098
1099         $curl_stat = $a->get_curl_code();
1100         if(! $curl_stat)
1101                 return(-1); // timed out
1102
1103         logger('dfrn_deliver: ' . $xml, LOGGER_DATA);
1104
1105         if(! $xml)
1106                 return 3;
1107
1108         if(strpos($xml,'<?xml') === false) {
1109                 logger('dfrn_deliver: no valid XML returned');
1110                 logger('dfrn_deliver: returned XML: ' . $xml, LOGGER_DATA);
1111                 return 3;
1112         }
1113
1114         $res = parse_xml_string($xml);
1115
1116         if((intval($res->status) != 0) || (! strlen($res->challenge)) || (! strlen($res->dfrn_id)))
1117                 return (($res->status) ? $res->status : 3);
1118
1119         $postvars     = array();
1120         $sent_dfrn_id = hex2bin((string) $res->dfrn_id);
1121         $challenge    = hex2bin((string) $res->challenge);
1122         $perm         = (($res->perm) ? $res->perm : null);
1123         $dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0);
1124         $rino_allowed = ((intval($res->rino) === 1) ? 1 : 0);
1125         $page         = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0);
1126
1127         $final_dfrn_id = '';
1128
1129         if($perm) {
1130                 if((($perm == 'rw') && (! intval($contact['writable']))) 
1131                 || (($perm == 'r') && (intval($contact['writable'])))) {
1132                         q("update contact set writable = %d where id = %d limit 1",
1133                                 intval(($perm == 'rw') ? 1 : 0),
1134                                 intval($contact['id'])
1135                         );
1136                         $contact['writable'] = (string) 1 - intval($contact['writable']);                       
1137                 }
1138         }
1139
1140         if(($contact['duplex'] && strlen($contact['pubkey'])) 
1141                 || ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey']))
1142                 || ($contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey']))) {
1143                 openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']);
1144                 openssl_public_decrypt($challenge,$postvars['challenge'],$contact['pubkey']);
1145         }
1146         else {
1147                 openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']);
1148                 openssl_private_decrypt($challenge,$postvars['challenge'],$contact['prvkey']);
1149         }
1150
1151         $final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
1152
1153         if(strpos($final_dfrn_id,':') == 1)
1154                 $final_dfrn_id = substr($final_dfrn_id,2);
1155
1156         if($final_dfrn_id != $orig_id) {
1157                 logger('dfrn_deliver: wrong dfrn_id.');
1158                 // did not decode properly - cannot trust this site 
1159                 return 3;
1160         }
1161
1162         $postvars['dfrn_id']      = $idtosend;
1163         $postvars['dfrn_version'] = DFRN_PROTOCOL_VERSION;
1164         if($dissolve)
1165                 $postvars['dissolve'] = '1';
1166
1167
1168         if((($contact['rel']) && ($contact['rel'] != CONTACT_IS_SHARING) && (! $contact['blocked'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) {
1169                 $postvars['data'] = $atom;
1170                 $postvars['perm'] = 'rw';
1171         }
1172         else {
1173                 $postvars['data'] = str_replace('<dfrn:comment-allow>1','<dfrn:comment-allow>0',$atom);
1174                 $postvars['perm'] = 'r';
1175         }
1176
1177         $postvars['ssl_policy'] = $ssl_policy;
1178
1179         if($page)
1180                 $postvars['page'] = '1';
1181         
1182         if($rino && $rino_allowed && (! $dissolve)) {
1183                 $key = substr(random_string(),0,16);
1184                 $data = bin2hex(aes_encrypt($postvars['data'],$key));
1185                 $postvars['data'] = $data;
1186                 logger('rino: sent key = ' . $key, LOGGER_DEBUG);       
1187
1188
1189                 if($dfrn_version >= 2.1) {      
1190                         if(($contact['duplex'] && strlen($contact['pubkey'])) 
1191                                 || ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey']))
1192                                 || ($contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey']))) {
1193
1194                                 openssl_public_encrypt($key,$postvars['key'],$contact['pubkey']);
1195                         }
1196                         else {
1197                                 openssl_private_encrypt($key,$postvars['key'],$contact['prvkey']);
1198                         }
1199                 }
1200                 else {
1201                         if(($contact['duplex'] && strlen($contact['prvkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) {
1202                                 openssl_private_encrypt($key,$postvars['key'],$contact['prvkey']);
1203                         }
1204                         else {
1205                                 openssl_public_encrypt($key,$postvars['key'],$contact['pubkey']);
1206                         }
1207                 }
1208
1209                 logger('md5 rawkey ' . md5($postvars['key']));
1210
1211                 $postvars['key'] = bin2hex($postvars['key']);
1212         }
1213
1214         logger('dfrn_deliver: ' . "SENDING: " . print_r($postvars,true), LOGGER_DATA);
1215
1216         $xml = post_url($contact['notify'],$postvars);
1217
1218         logger('dfrn_deliver: ' . "RECEIVED: " . $xml, LOGGER_DATA);
1219
1220         $curl_stat = $a->get_curl_code();
1221         if((! $curl_stat) || (! strlen($xml)))
1222                 return(-1); // timed out
1223
1224         if(($curl_stat == 503) && (stristr($a->get_curl_headers(),'retry-after')))
1225                 return(-1);
1226
1227         if(strpos($xml,'<?xml') === false) {
1228                 logger('dfrn_deliver: phase 2: no valid XML returned');
1229                 logger('dfrn_deliver: phase 2: returned XML: ' . $xml, LOGGER_DATA);
1230                 return 3;
1231         }
1232
1233         $res = parse_xml_string($xml);
1234
1235         return $res->status; 
1236 }
1237
1238
1239 /**
1240  *
1241  * consume_feed - process atom feed and update anything/everything we might need to update
1242  *
1243  * $xml = the (atom) feed to consume - RSS isn't as fully supported but may work for simple feeds.
1244  *
1245  * $importer = the contact_record (joined to user_record) of the local user who owns this relationship.
1246  *             It is this person's stuff that is going to be updated.
1247  * $contact =  the person who is sending us stuff. If not set, we MAY be processing a "follow" activity
1248  *             from an external network and MAY create an appropriate contact record. Otherwise, we MUST 
1249  *             have a contact record.
1250  * $hub = should we find a hub declation in the feed, pass it back to our calling process, who might (or 
1251  *        might not) try and subscribe to it.
1252  * $datedir sorts in reverse order
1253  * $pass - by default ($pass = 0) we cannot guarantee that a parent item has been 
1254  *      imported prior to its children being seen in the stream unless we are certain
1255  *      of how the feed is arranged/ordered.
1256  * With $pass = 1, we only pull parent items out of the stream.
1257  * With $pass = 2, we only pull children (comments/likes).
1258  *
1259  * So running this twice, first with pass 1 and then with pass 2 will do the right
1260  * thing regardless of feed ordering. This won't be adequate in a fully-threaded
1261  * model where comments can have sub-threads. That would require some massive sorting
1262  * to get all the feed items into a mostly linear ordering, and might still require
1263  * recursion.  
1264  */
1265
1266 function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $pass = 0) {
1267
1268         require_once('library/simplepie/simplepie.inc');
1269
1270         if(! strlen($xml)) {
1271                 logger('consume_feed: empty input');
1272                 return;
1273         }
1274                 
1275         $feed = new SimplePie();
1276         $feed->set_raw_data($xml);
1277         if($datedir)
1278                 $feed->enable_order_by_date(true);
1279         else
1280                 $feed->enable_order_by_date(false);
1281         $feed->init();
1282
1283         if($feed->error())
1284                 logger('consume_feed: Error parsing XML: ' . $feed->error());
1285
1286         $permalink = $feed->get_permalink();
1287
1288         // Check at the feed level for updated contact name and/or photo
1289
1290         $name_updated  = '';
1291         $new_name = '';
1292         $photo_timestamp = '';
1293         $photo_url = '';
1294         $birthday = '';
1295
1296         $hubs = $feed->get_links('hub');
1297
1298         if(count($hubs))
1299                 $hub = implode(',', $hubs);
1300
1301         $rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'owner');
1302         if(! $rawtags)
1303                 $rawtags = $feed->get_feed_tags( SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
1304         if($rawtags) {
1305                 $elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
1306                 if($elems['name'][0]['attribs'][NAMESPACE_DFRN]['updated']) {
1307                         $name_updated = $elems['name'][0]['attribs'][NAMESPACE_DFRN]['updated'];
1308                         $new_name = $elems['name'][0]['data'];
1309                 } 
1310                 if((x($elems,'link')) && ($elems['link'][0]['attribs']['']['rel'] === 'photo') && ($elems['link'][0]['attribs'][NAMESPACE_DFRN]['updated'])) {
1311                         $photo_timestamp = datetime_convert('UTC','UTC',$elems['link'][0]['attribs'][NAMESPACE_DFRN]['updated']);
1312                         $photo_url = $elems['link'][0]['attribs']['']['href'];
1313                 }
1314
1315                 if((x($rawtags[0]['child'], NAMESPACE_DFRN)) && (x($rawtags[0]['child'][NAMESPACE_DFRN],'birthday'))) {
1316                         $birthday = datetime_convert('UTC','UTC', $rawtags[0]['child'][NAMESPACE_DFRN]['birthday'][0]['data']);
1317                 }
1318         }
1319
1320         if((is_array($contact)) && ($photo_timestamp) && (strlen($photo_url)) && ($photo_timestamp > $contact['avatar-date'])) {
1321                 logger('consume_feed: Updating photo for ' . $contact['name']);
1322                 require_once("Photo.php");
1323                 $photo_failure = false;
1324                 $have_photo = false;
1325
1326                 $r = q("SELECT `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d LIMIT 1",
1327                         intval($contact['id']),
1328                         intval($contact['uid'])
1329                 );
1330                 if(count($r)) {
1331                         $resource_id = $r[0]['resource-id'];
1332                         $have_photo = true;
1333                 }
1334                 else {
1335                         $resource_id = photo_new_resource();
1336                 }
1337                         
1338                 $img_str = fetch_url($photo_url,true);
1339                 $img = new Photo($img_str);
1340                 if($img->is_valid()) {
1341                         if($have_photo) {
1342                                 q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `contact-id` = %d AND `uid` = %d",
1343                                         dbesc($resource_id),
1344                                         intval($contact['id']),
1345                                         intval($contact['uid'])
1346                                 );
1347                         }
1348                                 
1349                         $img->scaleImageSquare(175);
1350                                 
1351                         $hash = $resource_id;
1352                         $r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 4);
1353                                 
1354                         $img->scaleImage(80);
1355                         $r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 5);
1356
1357                         $img->scaleImage(48);
1358                         $r = $img->store($contact['uid'], $contact['id'], $hash, basename($photo_url), 'Contact Photos', 6);
1359
1360                         $a = get_app();
1361
1362                         q("UPDATE `contact` SET `avatar-date` = '%s', `photo` = '%s', `thumb` = '%s', `micro` = '%s'  
1363                                 WHERE `uid` = %d AND `id` = %d LIMIT 1",
1364                                 dbesc(datetime_convert()),
1365                                 dbesc($a->get_baseurl() . '/photo/' . $hash . '-4.jpg'),
1366                                 dbesc($a->get_baseurl() . '/photo/' . $hash . '-5.jpg'),
1367                                 dbesc($a->get_baseurl() . '/photo/' . $hash . '-6.jpg'),
1368                                 intval($contact['uid']),
1369                                 intval($contact['id'])
1370                         );
1371                 }
1372         }
1373
1374         if((is_array($contact)) && ($name_updated) && (strlen($new_name)) && ($name_updated > $contact['name-date'])) {
1375                 $r = q("select * from contact where uid = %d and id = %d limit 1",
1376                         intval($contact['uid']),
1377                         intval($contact['id'])
1378                 );
1379
1380                 $x = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
1381                         dbesc(notags(trim($new_name))),
1382                         dbesc(datetime_convert()),
1383                         intval($contact['uid']),
1384                         intval($contact['id'])
1385                 );
1386
1387                 // do our best to update the name on content items
1388
1389                 if(count($r)) {
1390                         q("update item set `author-name` = '%s' where `author-name` = '%s' and `author-link` = '%s' and uid = %d",
1391                                 dbesc(notags(trim($new_name))),
1392                                 dbesc($r[0]['name']),
1393                                 dbesc($r[0]['url']),
1394                                 intval($contact['uid'])
1395                         );
1396                 }
1397         }
1398
1399         if(strlen($birthday)) {
1400                 if(substr($birthday,0,4) != $contact['bdyear']) {
1401                         logger('consume_feed: updating birthday: ' . $birthday);
1402
1403                         /**
1404                          *
1405                          * Add new birthday event for this person
1406                          *
1407                          * $bdtext is just a readable placeholder in case the event is shared
1408                          * with others. We will replace it during presentation to our $importer
1409                          * to contain a sparkle link and perhaps a photo. 
1410                          *
1411                          */
1412                          
1413                         $bdtext = t('Birthday:') . ' [url=' . $contact['url'] . ']' . $contact['name'] . '[/url]' ;
1414
1415
1416                         $r = q("INSERT INTO `event` (`uid`,`cid`,`created`,`edited`,`start`,`finish`,`desc`,`type`)
1417                                 VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s' ) ",
1418                                 intval($contact['uid']),
1419                                 intval($contact['id']),
1420                                 dbesc(datetime_convert()),
1421                                 dbesc(datetime_convert()),
1422                                 dbesc(datetime_convert('UTC','UTC', $birthday)),
1423                                 dbesc(datetime_convert('UTC','UTC', $birthday . ' + 1 day ')),
1424                                 dbesc($bdtext),
1425                                 dbesc('birthday')
1426                         );
1427                         
1428
1429                         // update bdyear
1430
1431                         q("UPDATE `contact` SET `bdyear` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
1432                                 dbesc(substr($birthday,0,4)),
1433                                 intval($contact['uid']),
1434                                 intval($contact['id'])
1435                         );
1436
1437                         // This function is called twice without reloading the contact
1438                         // Make sure we only create one event. This is why &$contact 
1439                         // is a reference var in this function
1440
1441                         $contact['bdyear'] = substr($birthday,0,4);
1442                 }
1443
1444         }
1445
1446         $community_page = 0;
1447         $rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'community');
1448         if($rawtags) {
1449                 $community_page = intval($rawtags[0]['data']);
1450         }
1451         if(is_array($contact) && intval($contact['forum']) != $community_page) {
1452                 q("update contact set forum = %d where id = %d limit 1",
1453                         intval($community_page),
1454                         intval($contact['id'])
1455                 );
1456                 $contact['forum'] = (string) $community_page;
1457         }
1458
1459
1460         // process any deleted entries
1461
1462         $del_entries = $feed->get_feed_tags(NAMESPACE_TOMB, 'deleted-entry');
1463         if(is_array($del_entries) && count($del_entries) && $pass != 2) {
1464                 foreach($del_entries as $dentry) {
1465                         $deleted = false;
1466                         if(isset($dentry['attribs']['']['ref'])) {
1467                                 $uri = $dentry['attribs']['']['ref'];
1468                                 $deleted = true;
1469                                 if(isset($dentry['attribs']['']['when'])) {
1470                                         $when = $dentry['attribs']['']['when'];
1471                                         $when = datetime_convert('UTC','UTC', $when, 'Y-m-d H:i:s');
1472                                 }
1473                                 else
1474                                         $when = datetime_convert('UTC','UTC','now','Y-m-d H:i:s');
1475                         }
1476                         if($deleted && is_array($contact)) {
1477                                 $r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join `contact` on `item`.`contact-id` = `contact`.`id` 
1478                                         WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1",
1479                                         dbesc($uri),
1480                                         intval($importer['uid']),
1481                                         intval($contact['id'])
1482                                 );
1483                                 if(count($r)) {
1484                                         $item = $r[0];
1485
1486                                         if(! $item['deleted'])
1487                                                 logger('consume_feed: deleting item ' . $item['id'] . ' uri=' . $item['uri'], LOGGER_DEBUG);
1488
1489                                         if(($item['verb'] === ACTIVITY_TAG) && ($item['object-type'] === ACTIVITY_OBJ_TAGTERM)) {
1490                                                 $xo = parse_xml_string($item['object'],false);
1491                                                 $xt = parse_xml_string($item['target'],false);
1492                                                 if($xt->type === ACTIVITY_OBJ_NOTE) {
1493                                                         $i = q("select * from `item` where uri = '%s' and uid = %d limit 1",
1494                                                                 dbesc($xt->id),
1495                                                                 intval($importer['importer_uid'])
1496                                                         );
1497                                                         if(count($i)) {
1498
1499                                                                 // For tags, the owner cannot remove the tag on the author's copy of the post.
1500
1501                                                                 $owner_remove = (($item['contact-id'] == $i[0]['contact-id']) ? true: false);
1502                                                                 $author_remove = (($item['origin'] && $item['self']) ? true : false);
1503                                                                 $author_copy = (($item['origin']) ? true : false);
1504
1505                                                                 if($owner_remove && $author_copy)
1506                                                                         continue;
1507                                                                 if($author_remove || $owner_remove) {
1508                                                                         $tags = explode(',',$i[0]['tag']);
1509                                                                         $newtags = array();
1510                                                                         if(count($tags)) {
1511                                                                                 foreach($tags as $tag)
1512                                                                                         if(trim($tag) !== trim($xo->body))
1513                                                                                                 $newtags[] = trim($tag);
1514                                                                         }
1515                                                                         q("update item set tag = '%s' where id = %d limit 1",
1516                                                                                 dbesc(implode(',',$newtags)),
1517                                                                                 intval($i[0]['id'])
1518                                                                         );
1519                                                                 }
1520                                                         }
1521                                                 }
1522                                         }
1523
1524                                         if($item['uri'] == $item['parent-uri']) {
1525                                                 $r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s',
1526                                                         `body` = '', `title` = ''
1527                                                         WHERE `parent-uri` = '%s' AND `uid` = %d",
1528                                                         dbesc($when),
1529                                                         dbesc(datetime_convert()),
1530                                                         dbesc($item['uri']),
1531                                                         intval($importer['uid'])
1532                                                 );
1533                                         }
1534                                         else {
1535                                                 $r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s',
1536                                                         `body` = '', `title` = '' 
1537                                                         WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
1538                                                         dbesc($when),
1539                                                         dbesc(datetime_convert()),
1540                                                         dbesc($uri),
1541                                                         intval($importer['uid'])
1542                                                 );
1543                                                 if($item['last-child']) {
1544                                                         // ensure that last-child is set in case the comment that had it just got wiped.
1545                                                         q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d ",
1546                                                                 dbesc(datetime_convert()),
1547                                                                 dbesc($item['parent-uri']),
1548                                                                 intval($item['uid'])
1549                                                         );
1550                                                         // who is the last child now? 
1551                                                         $r = q("SELECT `id` FROM `item` WHERE `parent-uri` = '%s' AND `type` != 'activity' AND `deleted` = 0 AND `moderated` = 0 AND `uid` = %d 
1552                                                                 ORDER BY `created` DESC LIMIT 1",
1553                                                                         dbesc($item['parent-uri']),
1554                                                                         intval($importer['uid'])
1555                                                         );
1556                                                         if(count($r)) {
1557                                                                 q("UPDATE `item` SET `last-child` = 1 WHERE `id` = %d LIMIT 1",
1558                                                                         intval($r[0]['id'])
1559                                                                 );
1560                                                         }
1561                                                 }       
1562                                         }
1563                                 }       
1564                         }
1565                 }
1566         }
1567
1568         // Now process the feed
1569
1570         if($feed->get_item_quantity()) {                
1571
1572                 logger('consume_feed: feed item count = ' . $feed->get_item_quantity());
1573
1574         // in inverse date order
1575                 if ($datedir)
1576                         $items = array_reverse($feed->get_items());
1577                 else
1578                         $items = $feed->get_items();
1579
1580
1581                 foreach($items as $item) {
1582
1583                         $is_reply = false;              
1584                         $item_id = $item->get_id();
1585                         $rawthread = $item->get_item_tags( NAMESPACE_THREAD,'in-reply-to');
1586                         if(isset($rawthread[0]['attribs']['']['ref'])) {
1587                                 $is_reply = true;
1588                                 $parent_uri = $rawthread[0]['attribs']['']['ref'];
1589                         }
1590
1591                         if(($is_reply) && is_array($contact)) {
1592
1593                                 if($pass == 1)
1594                                         continue;
1595
1596                                 // Have we seen it? If not, import it.
1597         
1598                                 $item_id  = $item->get_id();
1599                                 $datarray = get_atom_elements($feed,$item);
1600
1601
1602                                 if((! x($datarray,'author-name')) && ($contact['network'] != NETWORK_DFRN))
1603                                         $datarray['author-name'] = $contact['name'];
1604                                 if((! x($datarray,'author-link')) && ($contact['network'] != NETWORK_DFRN))
1605                                         $datarray['author-link'] = $contact['url'];
1606                                 if((! x($datarray,'author-avatar')) && ($contact['network'] != NETWORK_DFRN))
1607                                         $datarray['author-avatar'] = $contact['thumb'];
1608
1609                                 if((! x($datarray,'author-name')) || (! x($datarray,'author-link'))) {
1610                                         logger('consume_feed: no author information! ' . print_r($datarray,true));
1611                                         continue;
1612                                 }
1613
1614                                 $r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
1615                                         dbesc($item_id),
1616                                         intval($importer['uid'])
1617                                 );
1618
1619                                 // Update content if 'updated' changes
1620
1621                                 if(count($r)) {
1622                                         if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {  
1623                                                 $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
1624                                                         dbesc($datarray['title']),
1625                                                         dbesc($datarray['body']),
1626                                                         dbesc($datarray['tag']),
1627                                                         dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
1628                                                         dbesc($item_id),
1629                                                         intval($importer['uid'])
1630                                                 );
1631                                         }
1632
1633                                         // update last-child if it changes
1634
1635                                         $allow = $item->get_item_tags( NAMESPACE_DFRN, 'comment-allow');
1636                                         if(($allow) && ($allow[0]['data'] != $r[0]['last-child'])) {
1637                                                 $r = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d",
1638                                                         dbesc(datetime_convert()),
1639                                                         dbesc($parent_uri),
1640                                                         intval($importer['uid'])
1641                                                 );
1642                                                 $r = q("UPDATE `item` SET `last-child` = %d , `changed` = '%s'  WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
1643                                                         intval($allow[0]['data']),
1644                                                         dbesc(datetime_convert()),
1645                                                         dbesc($item_id),
1646                                                         intval($importer['uid'])
1647                                                 );
1648                                         }
1649                                         continue;
1650                                 }
1651
1652                                 $force_parent = false;
1653                                 if($contact['network'] === NETWORK_OSTATUS || stristr($contact['url'],'twitter.com')) {
1654                                         if($contact['network'] === NETWORK_OSTATUS)
1655                                                 $force_parent = true;
1656                                         if(strlen($datarray['title']))
1657                                                 unset($datarray['title']);
1658                                         $r = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d",
1659                                                 dbesc(datetime_convert()),
1660                                                 dbesc($parent_uri),
1661                                                 intval($importer['uid'])
1662                                         );
1663                                         $datarray['last-child'] = 1;
1664                                 }
1665
1666                                 if(($contact['network'] === NETWORK_FEED) || (! strlen($contact['notify']))) {
1667                                         // one way feed - no remote comment ability
1668                                         $datarray['last-child'] = 0;
1669                                 }
1670                                 $datarray['parent-uri'] = $parent_uri;
1671                                 $datarray['uid'] = $importer['uid'];
1672                                 $datarray['contact-id'] = $contact['id'];
1673                                 if((activity_match($datarray['verb'],ACTIVITY_LIKE)) || (activity_match($datarray['verb'],ACTIVITY_DISLIKE))) {
1674                                         $datarray['type'] = 'activity';
1675                                         $datarray['gravity'] = GRAVITY_LIKE;
1676                                         // only one like or dislike per person
1677                                         $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 limit 1",
1678                                                 intval($datarray['uid']),
1679                                                 intval($datarray['contact-id']),
1680                                                 dbesc($datarray['verb'])
1681                                         );
1682                                         if($r && count($r))
1683                                                 continue; 
1684                                 }
1685
1686                                 if(($datarray['verb'] === ACTIVITY_TAG) && ($datarray['object-type'] === ACTIVITY_OBJ_TAGTERM)) {
1687                                         $xo = parse_xml_string($datarray['object'],false);
1688                                         $xt = parse_xml_string($datarray['target'],false);
1689
1690                                         if($xt->type == ACTIVITY_OBJ_NOTE) {
1691                                                 $r = q("select * from item where `uri` = '%s' AND `uid` = %d limit 1",
1692                                                         dbesc($xt->id),
1693                                                         intval($importer['importer_uid'])
1694                                                 );
1695                                                 if(! count($r))
1696                                                         continue;
1697
1698                                                 // extract tag, if not duplicate, add to parent item
1699                                                 if($xo->id && $xo->content) {
1700                                                         $newtag = '#[url=' . $xo->id . ']'. $xo->content . '[/url]';
1701                                                         if(! (stristr($r[0]['tag'],$newtag))) {
1702                                                                 q("UPDATE item SET tag = '%s' WHERE id = %d LIMIT 1",
1703                                                                         dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . $newtag),
1704                                                                         intval($r[0]['id'])
1705                                                                 );
1706                                                         }
1707                                                 }
1708                                         }
1709                                 }
1710
1711                                 $r = item_store($datarray,$force_parent);
1712                                 continue;
1713                         }
1714
1715                         else {
1716
1717                                 // Head post of a conversation. Have we seen it? If not, import it.
1718
1719                                 $item_id  = $item->get_id();
1720
1721                                 $datarray = get_atom_elements($feed,$item);
1722
1723                                 if(is_array($contact)) {
1724                                         if((! x($datarray,'author-name')) && ($contact['network'] != NETWORK_DFRN))
1725                                                 $datarray['author-name'] = $contact['name'];
1726                                         if((! x($datarray,'author-link')) && ($contact['network'] != NETWORK_DFRN))
1727                                                 $datarray['author-link'] = $contact['url'];
1728                                         if((! x($datarray,'author-avatar')) && ($contact['network'] != NETWORK_DFRN))
1729                                                 $datarray['author-avatar'] = $contact['thumb'];
1730                                 }
1731
1732                                 if((! x($datarray,'author-name')) || (! x($datarray,'author-link'))) {
1733                                         logger('consume_feed: no author information! ' . print_r($datarray,true));
1734                                         continue;
1735                                 }
1736
1737                                 // special handling for events
1738
1739                                 if((x($datarray,'object-type')) && ($datarray['object-type'] === ACTIVITY_OBJ_EVENT)) {
1740                                         $ev = bbtoevent($datarray['body']);
1741                                         if(x($ev,'desc') && x($ev,'start')) {
1742                                                 $ev['uid'] = $importer['uid'];
1743                                                 $ev['uri'] = $item_id;
1744                                                 $ev['edited'] = $datarray['edited'];
1745                                                 $ev['private'] = $datarray['private'];
1746
1747                                                 if(is_array($contact))
1748                                                         $ev['cid'] = $contact['id'];
1749                                                 $r = q("SELECT * FROM `event` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
1750                                                         dbesc($item_id),
1751                                                         intval($importer['uid'])
1752                                                 );
1753                                                 if(count($r))
1754                                                         $ev['id'] = $r[0]['id'];
1755                                                 $xyz = event_store($ev);
1756                                                 continue;
1757                                         }
1758                                 }
1759
1760                                 $r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
1761                                         dbesc($item_id),
1762                                         intval($importer['uid'])
1763                                 );
1764
1765                                 // Update content if 'updated' changes
1766
1767                                 if(count($r)) {
1768                                         if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {  
1769                                                 $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
1770                                                         dbesc($datarray['title']),
1771                                                         dbesc($datarray['body']),
1772                                                         dbesc($datarray['tag']),
1773                                                         dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
1774                                                         dbesc($item_id),
1775                                                         intval($importer['uid'])
1776                                                 );
1777                                         }
1778
1779                                         // update last-child if it changes
1780
1781                                         $allow = $item->get_item_tags( NAMESPACE_DFRN, 'comment-allow');
1782                                         if($allow && $allow[0]['data'] != $r[0]['last-child']) {
1783                                                 $r = q("UPDATE `item` SET `last-child` = %d , `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
1784                                                         intval($allow[0]['data']),
1785                                                         dbesc(datetime_convert()),
1786                                                         dbesc($item_id),
1787                                                         intval($importer['uid'])
1788                                                 );
1789                                         }
1790                                         continue;
1791                                 }
1792
1793                                 if(activity_match($datarray['verb'],ACTIVITY_FOLLOW)) {
1794                                         logger('consume-feed: New follower');
1795                                         new_follower($importer,$contact,$datarray,$item);
1796                                         return;
1797                                 }
1798                                 if(activity_match($datarray['verb'],ACTIVITY_UNFOLLOW))  {
1799                                         lose_follower($importer,$contact,$datarray,$item);
1800                                         return;
1801                                 }
1802
1803                                 if(activity_match($datarray['verb'],ACTIVITY_REQ_FRIEND)) {
1804                                         logger('consume-feed: New friend request');
1805                                         new_follower($importer,$contact,$datarray,$item,true);
1806                                         return;
1807                                 }
1808                                 if(activity_match($datarray['verb'],ACTIVITY_UNFRIEND))  {
1809                                         lose_sharer($importer,$contact,$datarray,$item);
1810                                         return;
1811                                 }
1812
1813
1814                                 if(! is_array($contact))
1815                                         return;
1816
1817                                 if($contact['network'] === NETWORK_OSTATUS || stristr($contact['url'],'twitter.com')) {
1818                                         if(strlen($datarray['title']))
1819                                                 unset($datarray['title']);
1820                                         $datarray['last-child'] = 1;
1821                                 }
1822
1823                                 if(($contact['network'] === NETWORK_FEED) || (! strlen($contact['notify']))) {
1824                                         // one way feed - no remote comment ability
1825                                         $datarray['last-child'] = 0;
1826                                 }
1827
1828                                 // This is my contact on another system, but it's really me.
1829                                 // Turn this into a wall post.
1830
1831                                 if($contact['remote_self'])
1832                                         $datarray['wall'] = 1;
1833
1834                                 $datarray['parent-uri'] = $item_id;
1835                                 $datarray['uid'] = $importer['uid'];
1836                                 $datarray['contact-id'] = $contact['id'];
1837
1838                                 if(! link_compare($datarray['owner-link'],$contact['url'])) {
1839                                         // The item owner info is not our contact. It's OK and is to be expected if this is a tgroup delivery, 
1840                                         // but otherwise there's a possible data mixup on the sender's system.
1841                                         // the tgroup delivery code called from item_store will correct it if it's a forum,
1842                                         // but we're going to unconditionally correct it here so that the post will always be owned by our contact. 
1843                                         logger('consume_feed: Correcting item owner.', LOGGER_DEBUG);
1844                                         $datarray['owner-name']   = $contact['name'];
1845                                         $datarray['owner-link']   = $contact['url'];
1846                                         $datarray['owner-avatar'] = $contact['thumb'];
1847                                 }
1848
1849                                 $r = item_store($datarray);
1850                                 continue;
1851
1852                         }
1853                 }
1854         }
1855 }
1856
1857 function local_delivery($importer,$data) {
1858
1859         $a = get_app();
1860
1861         if($importer['readonly']) {
1862                 // We aren't receiving stuff from this person. But we will quietly ignore them
1863                 // rather than a blatant "go away" message.
1864                 logger('local_delivery: ignoring');
1865                 return 0;
1866                 //NOTREACHED
1867         }
1868
1869         // Consume notification feed. This may differ from consuming a public feed in several ways
1870         // - might contain email or friend suggestions
1871         // - might contain remote followup to our message
1872         //              - in which case we need to accept it and then notify other conversants
1873         // - we may need to send various email notifications
1874
1875         $feed = new SimplePie();
1876         $feed->set_raw_data($data);
1877         $feed->enable_order_by_date(false);
1878         $feed->init();
1879
1880 /*
1881         // Currently unsupported - needs a lot of work
1882         $reloc = $feed->get_feed_tags( NAMESPACE_DFRN, 'relocate' );
1883         if(isset($reloc[0]['child'][NAMESPACE_DFRN])) {
1884                 $base = $reloc[0]['child'][NAMESPACE_DFRN];
1885                 $newloc = array();
1886                 $newloc['uid'] = $importer['importer_uid'];
1887                 $newloc['cid'] = $importer['id'];
1888                 $newloc['name'] = notags(unxmlify($base['name'][0]['data']));
1889                 $newloc['photo'] = notags(unxmlify($base['photo'][0]['data']));
1890                 $newloc['url'] = notags(unxmlify($base['url'][0]['data']));
1891                 $newloc['request'] = notags(unxmlify($base['request'][0]['data']));
1892                 $newloc['confirm'] = notags(unxmlify($base['confirm'][0]['data']));
1893                 $newloc['notify'] = notags(unxmlify($base['notify'][0]['data']));
1894                 $newloc['poll'] = notags(unxmlify($base['poll'][0]['data']));
1895                 $newloc['site-pubkey'] = notags(unxmlify($base['site-pubkey'][0]['data']));
1896                 $newloc['pubkey'] = notags(unxmlify($base['pubkey'][0]['data']));
1897                 $newloc['prvkey'] = notags(unxmlify($base['prvkey'][0]['data']));
1898                 
1899                 // TODO
1900                 // merge with current record, current contents have priority
1901                 // update record, set url-updated
1902                 // update profile photos
1903                 // schedule a scan?
1904
1905         }
1906 */
1907
1908         // handle friend suggestion notification
1909
1910         $sugg = $feed->get_feed_tags( NAMESPACE_DFRN, 'suggest' );
1911         if(isset($sugg[0]['child'][NAMESPACE_DFRN])) {
1912                 $base = $sugg[0]['child'][NAMESPACE_DFRN];
1913                 $fsugg = array();
1914                 $fsugg['uid'] = $importer['importer_uid'];
1915                 $fsugg['cid'] = $importer['id'];
1916                 $fsugg['name'] = notags(unxmlify($base['name'][0]['data']));
1917                 $fsugg['photo'] = notags(unxmlify($base['photo'][0]['data']));
1918                 $fsugg['url'] = notags(unxmlify($base['url'][0]['data']));
1919                 $fsugg['request'] = notags(unxmlify($base['request'][0]['data']));
1920                 $fsugg['body'] = escape_tags(unxmlify($base['note'][0]['data']));
1921
1922                 // Does our member already have a friend matching this description?
1923
1924                 $r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `nurl` = '%s' AND `uid` = %d LIMIT 1",
1925                         dbesc($fsugg['name']),
1926                         dbesc(normalise_link($fsugg['url'])),
1927                         intval($fsugg['uid'])
1928                 );
1929                 if(count($r))
1930                         return 0;
1931
1932                 // Do we already have an fcontact record for this person?
1933
1934                 $fid = 0;
1935                 $r = q("SELECT * FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1",
1936                         dbesc($fsugg['url']),
1937                         dbesc($fsugg['name']),
1938                         dbesc($fsugg['request'])
1939                 );
1940                 if(count($r)) {
1941                         $fid = $r[0]['id'];
1942
1943                         // OK, we do. Do we already have an introduction for this person ?
1944                         $r = q("select id from intro where uid = %d and fid = %d limit 1",
1945                                 intval($fsugg['uid']),
1946                                 intval($fid)
1947                         );
1948                         if(count($r))
1949                                 return 0;
1950                 }
1951                 if(! $fid)
1952                         $r = q("INSERT INTO `fcontact` ( `name`,`url`,`photo`,`request` ) VALUES ( '%s', '%s', '%s', '%s' ) ",
1953                         dbesc($fsugg['name']),
1954                         dbesc($fsugg['url']),
1955                         dbesc($fsugg['photo']),
1956                         dbesc($fsugg['request'])
1957                 );
1958                 $r = q("SELECT * FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1",
1959                         dbesc($fsugg['url']),
1960                         dbesc($fsugg['name']),
1961                         dbesc($fsugg['request'])
1962                 );
1963                 if(count($r)) {
1964                         $fid = $r[0]['id'];
1965                 }
1966                 // database record did not get created. Quietly give up.
1967                 else
1968                         return 0;
1969
1970
1971                 $hash = random_string();
1972  
1973                 $r = q("INSERT INTO `intro` ( `uid`, `fid`, `contact-id`, `note`, `hash`, `datetime`, `blocked` )
1974                         VALUES( %d, %d, %d, '%s', '%s', '%s', %d )",
1975                         intval($fsugg['uid']),
1976                         intval($fid),
1977                         intval($fsugg['cid']),
1978                         dbesc($fsugg['body']),
1979                         dbesc($hash),
1980                         dbesc(datetime_convert()),
1981                         intval(0)
1982                 );
1983
1984                 notification(array(
1985                         'type'         => NOTIFY_SUGGEST,
1986                         'notify_flags' => $importer['notify-flags'],
1987                         'language'     => $importer['language'],
1988                         'to_name'      => $importer['username'],
1989                         'to_email'     => $importer['email'],
1990                         'uid'          => $importer['importer_uid'],
1991                         'item'         => $fsugg,
1992                         'link'         => $a->get_baseurl() . '/notifications/intros',
1993                         'source_name'  => $importer['name'],
1994                         'source_link'  => $importer['url'],
1995                         'source_photo' => $importer['photo'],
1996                         'verb'         => ACTIVITY_REQ_FRIEND,
1997                         'otype'        => 'intro'
1998                 ));
1999
2000                 return 0;
2001         }
2002
2003         $ismail = false;
2004
2005         $rawmail = $feed->get_feed_tags( NAMESPACE_DFRN, 'mail' );
2006         if(isset($rawmail[0]['child'][NAMESPACE_DFRN])) {
2007
2008                 logger('local_delivery: private message received');
2009
2010                 $ismail = true;
2011                 $base = $rawmail[0]['child'][NAMESPACE_DFRN];
2012
2013                 $msg = array();
2014                 $msg['uid'] = $importer['importer_uid'];
2015                 $msg['from-name'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['name'][0]['data']));
2016                 $msg['from-photo'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['avatar'][0]['data']));
2017                 $msg['from-url'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['uri'][0]['data']));
2018                 $msg['contact-id'] = $importer['id'];
2019                 $msg['title'] = notags(unxmlify($base['subject'][0]['data']));
2020                 $msg['body'] = escape_tags(unxmlify($base['content'][0]['data']));
2021                 $msg['seen'] = 0;
2022                 $msg['replied'] = 0;
2023                 $msg['uri'] = notags(unxmlify($base['id'][0]['data']));
2024                 $msg['parent-uri'] = notags(unxmlify($base['in-reply-to'][0]['data']));
2025                 $msg['created'] = datetime_convert(notags(unxmlify('UTC','UTC',$base['sentdate'][0]['data'])));
2026                 
2027                 dbesc_array($msg);
2028
2029                 $r = dbq("INSERT INTO `mail` (`" . implode("`, `", array_keys($msg)) 
2030                         . "`) VALUES ('" . implode("', '", array_values($msg)) . "')" );
2031
2032                 // send notifications.
2033
2034                 require_once('include/enotify.php');
2035
2036                 $notif_params = array(
2037                         'type' => NOTIFY_MAIL,
2038                         'notify_flags' => $importer['notify-flags'],
2039                         'language' => $importer['language'],
2040                         'to_name' => $importer['username'],
2041                         'to_email' => $importer['email'],
2042                         'uid' => $importer['importer_uid'],
2043                         'item' => $msg,
2044                         'source_name' => $msg['from-name'],
2045                         'source_link' => $importer['url'],
2046                         'source_photo' => $importer['thumb'],
2047                         'verb' => ACTIVITY_POST,
2048                         'otype' => 'mail'
2049                 );
2050                         
2051                 notification($notif_params);
2052                 return 0;
2053
2054                 // NOTREACHED
2055         }       
2056
2057         $community_page = 0;
2058         $rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'community');
2059         if($rawtags) {
2060                 $community_page = intval($rawtags[0]['data']);
2061         }
2062         if(intval($importer['forum']) != $community_page) {
2063                 q("update contact set forum = %d where id = %d limit 1",
2064                         intval($community_page),
2065                         intval($importer['id'])
2066                 );
2067                 $importer['forum'] = (string) $community_page;
2068         }
2069         
2070         logger('local_delivery: feed item count = ' . $feed->get_item_quantity());
2071
2072         // process any deleted entries
2073
2074         $del_entries = $feed->get_feed_tags(NAMESPACE_TOMB, 'deleted-entry');
2075         if(is_array($del_entries) && count($del_entries)) {
2076                 foreach($del_entries as $dentry) {
2077                         $deleted = false;
2078                         if(isset($dentry['attribs']['']['ref'])) {
2079                                 $uri = $dentry['attribs']['']['ref'];
2080                                 $deleted = true;
2081                                 if(isset($dentry['attribs']['']['when'])) {
2082                                         $when = $dentry['attribs']['']['when'];
2083                                         $when = datetime_convert('UTC','UTC', $when, 'Y-m-d H:i:s');
2084                                 }
2085                                 else
2086                                         $when = datetime_convert('UTC','UTC','now','Y-m-d H:i:s');
2087                         }
2088                         if($deleted) {
2089
2090                                 $r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join contact on `item`.`contact-id` = `contact`.`id`
2091                                         WHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1",
2092                                         dbesc($uri),
2093                                         intval($importer['importer_uid']),
2094                                         intval($importer['id'])
2095                                 );
2096
2097                                 if(count($r)) {
2098                                         $item = $r[0];
2099
2100                                         if($item['deleted'])
2101                                                 continue;
2102
2103                                         logger('local_delivery: deleting item ' . $item['id'] . ' uri=' . $item['uri'], LOGGER_DEBUG);
2104
2105                                         if(($item['verb'] === ACTIVITY_TAG) && ($item['object-type'] === ACTIVITY_OBJ_TAGTERM)) {
2106                                                 $xo = parse_xml_string($item['object'],false);
2107                                                 $xt = parse_xml_string($item['target'],false);
2108
2109                                                 if($xt->type === ACTIVITY_OBJ_NOTE) {
2110                                                         $i = q("select * from `item` where uri = '%s' and uid = %d limit 1",
2111                                                                 dbesc($xt->id),
2112                                                                 intval($importer['importer_uid'])
2113                                                         );
2114                                                         if(count($i)) {
2115
2116                                                                 // For tags, the owner cannot remove the tag on the author's copy of the post.
2117                                                                 
2118                                                                 $owner_remove = (($item['contact-id'] == $i[0]['contact-id']) ? true: false);
2119                                                                 $author_remove = (($item['origin'] && $item['self']) ? true : false);
2120                                                                 $author_copy = (($item['origin']) ? true : false); 
2121
2122                                                                 if($owner_remove && $author_copy)
2123                                                                         continue;
2124                                                                 if($author_remove || $owner_remove) {                                                           
2125                                                                         $tags = explode(',',$i[0]['tag']);
2126                                                                         $newtags = array();
2127                                                                         if(count($tags)) {
2128                                                                                 foreach($tags as $tag)
2129                                                                                         if(trim($tag) !== trim($xo->body))
2130                                                                                                 $newtags[] = trim($tag);
2131                                                                         }
2132                                                                         q("update item set tag = '%s' where id = %d limit 1",
2133                                                                                 dbesc(implode(',',$newtags)),
2134                                                                                 intval($i[0]['id'])
2135                                                                         );
2136                                                                 }
2137                                                         }
2138                                                 }
2139                                         }
2140
2141                                         if($item['uri'] == $item['parent-uri']) {
2142                                                 $r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s'
2143                                                         WHERE `parent-uri` = '%s' AND `uid` = %d",
2144                                                         dbesc($when),
2145                                                         dbesc(datetime_convert()),
2146                                                         dbesc($item['uri']),
2147                                                         intval($importer['importer_uid'])
2148                                                 );
2149                                         }
2150                                         else {
2151                                                 $r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s' 
2152                                                         WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
2153                                                         dbesc($when),
2154                                                         dbesc(datetime_convert()),
2155                                                         dbesc($uri),
2156                                                         intval($importer['importer_uid'])
2157                                                 );
2158                                                 if($item['last-child']) {
2159                                                         // ensure that last-child is set in case the comment that had it just got wiped.
2160                                                         q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d ",
2161                                                                 dbesc(datetime_convert()),
2162                                                                 dbesc($item['parent-uri']),
2163                                                                 intval($item['uid'])
2164                                                         );
2165                                                         // who is the last child now? 
2166                                                         $r = q("SELECT `id` FROM `item` WHERE `parent-uri` = '%s' AND `type` != 'activity' AND `deleted` = 0 AND `uid` = %d
2167                                                                 ORDER BY `created` DESC LIMIT 1",
2168                                                                         dbesc($item['parent-uri']),
2169                                                                         intval($importer['importer_uid'])
2170                                                         );
2171                                                         if(count($r)) {
2172                                                                 q("UPDATE `item` SET `last-child` = 1 WHERE `id` = %d LIMIT 1",
2173                                                                         intval($r[0]['id'])
2174                                                                 );
2175                                                         }       
2176                                                 }
2177                                         }       
2178                                 }
2179                         }
2180                 }
2181         }
2182
2183
2184         foreach($feed->get_items() as $item) {
2185
2186                 $is_reply = false;              
2187                 $item_id = $item->get_id();
2188                 $rawthread = $item->get_item_tags( NAMESPACE_THREAD, 'in-reply-to');
2189                 if(isset($rawthread[0]['attribs']['']['ref'])) {
2190                         $is_reply = true;
2191                         $parent_uri = $rawthread[0]['attribs']['']['ref'];
2192                 }
2193
2194                 if($is_reply) {
2195                         $community = false;
2196
2197                         if($importer['page-flags'] == PAGE_COMMUNITY) {
2198                                 $sql_extra = '';
2199                                 $community = true;
2200                                 logger('local_delivery: possible community reply');
2201                         }
2202                         else
2203                                 $sql_extra = " and contact.self = 1 and item.wall = 1 ";
2204  
2205                         // was the top-level post for this reply written by somebody on this site? 
2206                         // Specifically, the recipient? 
2207
2208                         $is_a_remote_comment = false;
2209
2210                         $r = q("select `item`.`id`, `item`.`uri`, `item`.`tag`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`, 
2211                                 `contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item` 
2212                                 LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` 
2213                                 WHERE `item`.`uri` = '%s' AND `item`.`parent-uri` = '%s'
2214                                 AND `item`.`uid` = %d 
2215                                 $sql_extra
2216                                 LIMIT 1",
2217                                 dbesc($parent_uri),
2218                                 dbesc($parent_uri),
2219                                 intval($importer['importer_uid'])
2220                         );
2221                         if($r && count($r))
2222                                 $is_a_remote_comment = true;                    
2223
2224                         // Does this have the characteristics of a community comment?
2225                         // If it's a reply to a wall post on a community page it's a 
2226                         // valid community comment. Also forum_mode makes it valid for sure. 
2227                         // If neither, it's not.
2228
2229                         if($is_a_remote_comment && $community) {
2230                                 if((! $r[0]['forum_mode']) && (! $r[0]['wall'])) {
2231                                         $is_a_remote_comment = false;
2232                                         logger('local_delivery: not a community reply');
2233                                 }
2234                         }
2235
2236                         if($is_a_remote_comment) {
2237                                 logger('local_delivery: received remote comment');
2238                                 $is_like = false;
2239                                 // remote reply to our post. Import and then notify everybody else.
2240
2241                                 $datarray = get_atom_elements($feed,$item);
2242
2243                                 $r = q("SELECT `id`, `uid`, `last-child`, `edited`, `body`  FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
2244                                         dbesc($item_id),
2245                                         intval($importer['importer_uid'])
2246                                 );
2247
2248                                 // Update content if 'updated' changes
2249
2250                                 if(count($r)) {
2251                                         $iid = $r[0]['id'];
2252                                         if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {  
2253                                                 logger('received updated comment' , LOGGER_DEBUG);
2254                                                 $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
2255                                                         dbesc($datarray['title']),
2256                                                         dbesc($datarray['body']),
2257                                                         dbesc($datarray['tag']),
2258                                                         dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
2259                                                         dbesc($item_id),
2260                                                         intval($importer['importer_uid'])
2261                                                 );
2262
2263                                                 proc_run('php',"include/notifier.php","comment-import",$iid);
2264
2265                                         }
2266
2267                                         continue;
2268                                 }
2269
2270
2271                                 // TODO: make this next part work against both delivery threads of a community post
2272
2273 //                              if((! link_compare($datarray['author-link'],$importer['url'])) && (! $community)) {
2274 //                                      logger('local_delivery: received relay claiming to be from ' . $importer['url'] . ' however comment author url is ' . $datarray['author-link'] ); 
2275                                         // they won't know what to do so don't report an error. Just quietly die.
2276 //                                      return 0;
2277 //                              }                                       
2278
2279                                 // our user with $importer['importer_uid'] is the owner
2280
2281                                 $own = q("select name,url,thumb from contact where uid = %d and self = 1 limit 1",
2282                                         intval($importer['importer_uid'])
2283                                 );
2284
2285
2286                                 $datarray['type'] = 'remote-comment';
2287                                 $datarray['wall'] = 1;
2288                                 $datarray['parent-uri'] = $parent_uri;
2289                                 $datarray['uid'] = $importer['importer_uid'];
2290                                 $datarray['owner-name'] = $own[0]['name'];
2291                                 $datarray['owner-link'] = $own[0]['url'];
2292                                 $datarray['owner-avatar'] = $own[0]['thumb'];
2293                                 $datarray['contact-id'] = $importer['id'];
2294
2295                                 if(($datarray['verb'] === ACTIVITY_LIKE) || ($datarray['verb'] === ACTIVITY_DISLIKE)) {
2296                                         $is_like = true;
2297                                         $datarray['type'] = 'activity';
2298                                         $datarray['gravity'] = GRAVITY_LIKE;
2299                                         $datarray['last-child'] = 0;
2300                                         // only one like or dislike per person
2301                                         $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 limit 1",
2302                                                 intval($datarray['uid']),
2303                                                 intval($datarray['contact-id']),
2304                                                 dbesc($datarray['verb'])
2305                                         );
2306                                         if($r && count($r))
2307                                                 continue; 
2308                                 }
2309
2310                                 if(($datarray['verb'] === ACTIVITY_TAG) && ($datarray['object-type'] === ACTIVITY_OBJ_TAGTERM)) {
2311                                         
2312                                         $xo = parse_xml_string($datarray['object'],false);
2313                                         $xt = parse_xml_string($datarray['target'],false);
2314
2315                                         if(($xt->type == ACTIVITY_OBJ_NOTE) && ($xt->id)) {
2316
2317                                                 // fetch the parent item
2318
2319                                                 $tagp = q("select * from item where uri = '%s' and uid = %d limit 1",
2320                                                         dbesc($xt->id),
2321                                                         intval($importer['importer_uid'])
2322                                                 );
2323                                                 if(! count($tagp))
2324                                                         continue;       
2325
2326                                                 // extract tag, if not duplicate, and this user allows tags, add to parent item                                         
2327
2328                                                 if($xo->id && $xo->content) {
2329                                                         $newtag = '#[url=' . $xo->id . ']'. $xo->content . '[/url]';
2330                                                         if(! (stristr($tagp[0]['tag'],$newtag))) {
2331                                                                 $i = q("SELECT `blocktags` FROM `user` where `uid` = %d LIMIT 1",
2332                                                                         intval($importer['importer_uid'])
2333                                                                 );
2334                                                                 if(count($i) && ! intval($i[0]['blocktags'])) {
2335                                                                         q("UPDATE item SET tag = '%s', `edited` = '%s' WHERE id = %d LIMIT 1",
2336                                                                                 dbesc($tagp[0]['tag'] . (strlen($tagp[0]['tag']) ? ',' : '') . $newtag),
2337                                                                                 intval($tagp[0]['id']),
2338                                                                                 dbesc(datetime_convert())
2339                                                                         );
2340                                                                 }
2341                                                         }
2342                                                 }                                                                                                       
2343                                         }
2344                                 }
2345
2346 //                              if($community) {
2347 //                                      $newtag = '@[url=' . $a->get_baseurl() . '/profile/' . $importer['nickname'] . ']' . $importer['username'] . '[/url]';
2348 //                                      if(! stristr($datarray['tag'],$newtag)) {
2349 //                                              if(strlen($datarray['tag']))
2350 //                                                      $datarray['tag'] .= ',';
2351 //                                              $datarray['tag'] .= $newtag;
2352 //                                      }
2353 //                              }
2354
2355
2356                                 $posted_id = item_store($datarray);
2357                                 $parent = 0;
2358
2359                                 if($posted_id) {
2360                                         $r = q("SELECT `parent` FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
2361                                                 intval($posted_id),
2362                                                 intval($importer['importer_uid'])
2363                                         );
2364                                         if(count($r))
2365                                                 $parent = $r[0]['parent'];
2366                         
2367                                         if(! $is_like) {
2368                                                 $r1 = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `uid` = %d AND `parent` = %d",
2369                                                         dbesc(datetime_convert()),
2370                                                         intval($importer['importer_uid']),
2371                                                         intval($r[0]['parent'])
2372                                                 );
2373
2374                                                 $r2 = q("UPDATE `item` SET `last-child` = 1, `changed` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
2375                                                         dbesc(datetime_convert()),
2376                                                         intval($importer['importer_uid']),
2377                                                         intval($posted_id)
2378                                                 );
2379                                         }
2380
2381                                         if($posted_id && $parent) {
2382                                 
2383                                                 proc_run('php',"include/notifier.php","comment-import","$posted_id");
2384                                         
2385                                                 if((! $is_like) && (! $importer['self'])) {
2386
2387                                                         require_once('include/enotify.php');
2388
2389                                                         notification(array(
2390                                                                 'type'         => NOTIFY_COMMENT,
2391                                                                 'notify_flags' => $importer['notify-flags'],
2392                                                                 'language'     => $importer['language'],
2393                                                                 'to_name'      => $importer['username'],
2394                                                                 'to_email'     => $importer['email'],
2395                                                                 'uid'          => $importer['importer_uid'],
2396                                                                 'item'         => $datarray,
2397                                                                 'link'             => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $posted_id,
2398                                                                 'source_name'  => stripslashes($datarray['author-name']),
2399                                                                 'source_link'  => $datarray['author-link'],
2400                                                                 'source_photo' => ((link_compare($datarray['author-link'],$importer['url'])) 
2401                                                                         ? $importer['thumb'] : $datarray['author-avatar']),
2402                                                                 'verb'         => ACTIVITY_POST,
2403                                                                 'otype'        => 'item',
2404                                                                 'parent'       => $parent,
2405
2406                                                         ));
2407
2408                                                 }
2409                                         }
2410
2411                                         return 0;
2412                                         // NOTREACHED
2413                                 }
2414                         }
2415                         else {
2416
2417                                 // regular comment that is part of this total conversation. Have we seen it? If not, import it.
2418
2419                                 $item_id  = $item->get_id();
2420                                 $datarray = get_atom_elements($feed,$item);
2421
2422                                 $r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
2423                                         dbesc($item_id),
2424                                         intval($importer['importer_uid'])
2425                                 );
2426
2427                                 // Update content if 'updated' changes
2428
2429                                 if(count($r)) {
2430                                         if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {  
2431                                                 $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
2432                                                         dbesc($datarray['title']),
2433                                                         dbesc($datarray['body']),
2434                                                         dbesc($datarray['tag']),
2435                                                         dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
2436                                                         dbesc($item_id),
2437                                                         intval($importer['importer_uid'])
2438                                                 );
2439                                         }
2440
2441                                         // update last-child if it changes
2442
2443                                         $allow = $item->get_item_tags( NAMESPACE_DFRN, 'comment-allow');
2444                                         if(($allow) && ($allow[0]['data'] != $r[0]['last-child'])) {
2445                                                 $r = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d",
2446                                                         dbesc(datetime_convert()),
2447                                                         dbesc($parent_uri),
2448                                                         intval($importer['importer_uid'])
2449                                                 );
2450                                                 $r = q("UPDATE `item` SET `last-child` = %d , `changed` = '%s'  WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
2451                                                         intval($allow[0]['data']),
2452                                                         dbesc(datetime_convert()),
2453                                                         dbesc($item_id),
2454                                                         intval($importer['importer_uid'])
2455                                                 );
2456                                         }
2457                                         continue;
2458                                 }
2459
2460                                 $datarray['parent-uri'] = $parent_uri;
2461                                 $datarray['uid'] = $importer['importer_uid'];
2462                                 $datarray['contact-id'] = $importer['id'];
2463                                 if(($datarray['verb'] == ACTIVITY_LIKE) || ($datarray['verb'] == ACTIVITY_DISLIKE)) {
2464                                         $datarray['type'] = 'activity';
2465                                         $datarray['gravity'] = GRAVITY_LIKE;
2466                                         // only one like or dislike per person
2467                                         $r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 limit 1",
2468                                                 intval($datarray['uid']),
2469                                                 intval($datarray['contact-id']),
2470                                                 dbesc($datarray['verb'])
2471                                         );
2472                                         if($r && count($r))
2473                                                 continue; 
2474
2475                                 }
2476
2477                                 if(($datarray['verb'] === ACTIVITY_TAG) && ($datarray['object-type'] === ACTIVITY_OBJ_TAGTERM)) {
2478
2479                                         $xo = parse_xml_string($datarray['object'],false);
2480                                         $xt = parse_xml_string($datarray['target'],false);
2481
2482                                         if($xt->type == ACTIVITY_OBJ_NOTE) {
2483                                                 $r = q("select * from item where `uri` = '%s' AND `uid` = %d limit 1",
2484                                                         dbesc($xt->id),
2485                                                         intval($importer['importer_uid'])
2486                                                 );
2487                                                 if(! count($r))
2488                                                         continue;                               
2489
2490                                                 // extract tag, if not duplicate, add to parent item                                            
2491                                                 if($xo->content) {
2492                                                         if(! (stristr($r[0]['tag'],trim($xo->content)))) {
2493                                                                 q("UPDATE item SET tag = '%s' WHERE id = %d LIMIT 1",
2494                                                                         dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[url=' . $xo->id . ']'. $xo->content . '[/url]'),
2495                                                                         intval($r[0]['id'])
2496                                                                 );
2497                                                         }
2498                                                 }                                                                                                       
2499                                         }
2500                                 }
2501
2502                                 $posted_id = item_store($datarray);
2503
2504                                 // find out if our user is involved in this conversation and wants to be notified.
2505                         
2506                                 if(!x($datarray['type']) || $datarray['type'] != 'activity') {
2507
2508                                         $myconv = q("SELECT `author-link`, `author-avatar`, `parent` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d AND `parent` != 0 AND `deleted` = 0",
2509                                                 dbesc($parent_uri),
2510                                                 intval($importer['importer_uid'])
2511                                         );
2512
2513                                         if(count($myconv)) {
2514                                                 $importer_url = $a->get_baseurl() . '/profile/' . $importer['nickname'];
2515
2516                                                 // first make sure this isn't our own post coming back to us from a wall-to-wall event
2517                                                 if(! link_compare($datarray['author-link'],$importer_url)) {
2518
2519                                                         
2520                                                         foreach($myconv as $conv) {
2521
2522                                                                 // now if we find a match, it means we're in this conversation
2523         
2524                                                                 if(! link_compare($conv['author-link'],$importer_url))
2525                                                                         continue;
2526
2527                                                                 require_once('include/enotify.php');
2528                                                                 
2529                                                                 $conv_parent = $conv['parent'];
2530
2531                                                                 notification(array(
2532                                                                         'type'         => NOTIFY_COMMENT,
2533                                                                         'notify_flags' => $importer['notify-flags'],
2534                                                                         'language'     => $importer['language'],
2535                                                                         'to_name'      => $importer['username'],
2536                                                                         'to_email'     => $importer['email'],
2537                                                                         'uid'          => $importer['importer_uid'],
2538                                                                         'item'         => $datarray,
2539                                                                         'link'             => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $posted_id,
2540                                                                         'source_name'  => stripslashes($datarray['author-name']),
2541                                                                         'source_link'  => $datarray['author-link'],
2542                                                                         'source_photo' => ((link_compare($datarray['author-link'],$importer['url'])) 
2543                                                                                 ? $importer['thumb'] : $datarray['author-avatar']),
2544                                                                         'verb'         => ACTIVITY_POST,
2545                                                                         'otype'        => 'item',
2546                                                                         'parent'       => $conv_parent,
2547
2548                                                                 ));
2549
2550                                                                 // only send one notification
2551                                                                 break;
2552                                                         }
2553                                                 }
2554                                         }
2555                                 }
2556                                 continue;
2557                         }
2558                 }
2559
2560                 else {
2561
2562                         // Head post of a conversation. Have we seen it? If not, import it.
2563
2564
2565                         $item_id  = $item->get_id();
2566                         $datarray = get_atom_elements($feed,$item);
2567
2568                         if((x($datarray,'object-type')) && ($datarray['object-type'] === ACTIVITY_OBJ_EVENT)) {
2569                                 $ev = bbtoevent($datarray['body']);
2570                                 if(x($ev,'desc') && x($ev,'start')) {
2571                                         $ev['cid'] = $importer['id'];
2572                                         $ev['uid'] = $importer['uid'];
2573                                         $ev['uri'] = $item_id;
2574                                         $ev['edited'] = $datarray['edited'];
2575                                         $ev['private'] = $datarray['private'];
2576
2577                                         $r = q("SELECT * FROM `event` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
2578                                                 dbesc($item_id),
2579                                                 intval($importer['uid'])
2580                                         );
2581                                         if(count($r))
2582                                                 $ev['id'] = $r[0]['id'];
2583                                         $xyz = event_store($ev);
2584                                         continue;
2585                                 }
2586                         }
2587
2588                         $r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
2589                                 dbesc($item_id),
2590                                 intval($importer['importer_uid'])
2591                         );
2592
2593                         // Update content if 'updated' changes
2594
2595                         if(count($r)) {
2596                                 if((x($datarray,'edited') !== false) && (datetime_convert('UTC','UTC',$datarray['edited']) !== $r[0]['edited'])) {  
2597                                         $r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
2598                                                 dbesc($datarray['title']),
2599                                                 dbesc($datarray['body']),
2600                                                 dbesc($datarray['tag']),
2601                                                 dbesc(datetime_convert('UTC','UTC',$datarray['edited'])),
2602                                                 dbesc($item_id),
2603                                                 intval($importer['importer_uid'])
2604                                         );
2605                                 }
2606
2607                                 // update last-child if it changes
2608
2609                                 $allow = $item->get_item_tags( NAMESPACE_DFRN, 'comment-allow');
2610                                 if($allow && $allow[0]['data'] != $r[0]['last-child']) {
2611                                         $r = q("UPDATE `item` SET `last-child` = %d , `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1",
2612                                                 intval($allow[0]['data']),
2613                                                 dbesc(datetime_convert()),
2614                                                 dbesc($item_id),
2615                                                 intval($importer['importer_uid'])
2616                                         );
2617                                 }
2618                                 continue;
2619                         }
2620
2621                         // This is my contact on another system, but it's really me.
2622                         // Turn this into a wall post.
2623
2624                         if($importer['remote_self'])
2625                                 $datarray['wall'] = 1;
2626
2627                         $datarray['parent-uri'] = $item_id;
2628                         $datarray['uid'] = $importer['importer_uid'];
2629                         $datarray['contact-id'] = $importer['id'];
2630
2631                         if(! link_compare($datarray['owner-link'],$contact['url'])) {
2632                                 // The item owner info is not our contact. It's OK and is to be expected if this is a tgroup delivery, 
2633                                 // but otherwise there's a possible data mixup on the sender's system.
2634                                 // the tgroup delivery code called from item_store will correct it if it's a forum,
2635                                 // but we're going to unconditionally correct it here so that the post will always be owned by our contact. 
2636                                 logger('local_delivery: Correcting item owner.', LOGGER_DEBUG);
2637                                 $datarray['owner-name']   = $importer['senderName'];
2638                                 $datarray['owner-link']   = $importer['url'];
2639                                 $datarray['owner-avatar'] = $importer['thumb'];
2640                         }
2641
2642                         $r = item_store($datarray);
2643                         continue;
2644                 }
2645         }
2646
2647         return 0;
2648         // NOTREACHED
2649
2650 }
2651
2652
2653 function new_follower($importer,$contact,$datarray,$item,$sharing = false) {
2654         $url = notags(trim($datarray['author-link']));
2655         $name = notags(trim($datarray['author-name']));
2656         $photo = notags(trim($datarray['author-avatar']));
2657
2658         $rawtag = $item->get_item_tags(NAMESPACE_ACTIVITY,'actor');
2659         if($rawtag && $rawtag[0]['child'][NAMESPACE_POCO]['preferredUsername'][0]['data'])
2660                 $nick = $rawtag[0]['child'][NAMESPACE_POCO]['preferredUsername'][0]['data'];
2661
2662         if(is_array($contact)) {
2663                 if(($contact['network'] == NETWORK_OSTATUS && $contact['rel'] == CONTACT_IS_SHARING)
2664                         || ($sharing && $contact['rel'] == CONTACT_IS_FOLLOWER)) {
2665                         $r = q("UPDATE `contact` SET `rel` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
2666                                 intval(CONTACT_IS_FRIEND),
2667                                 intval($contact['id']),
2668                                 intval($importer['uid'])
2669                         );
2670                 }
2671                 // send email notification to owner?
2672         }
2673         else {
2674         
2675                 // create contact record
2676
2677                 $r = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `nurl`, `name`, `nick`, `photo`, `network`, `rel`, 
2678                         `blocked`, `readonly`, `pending`, `writable` )
2679                         VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, 0, 0, 1, 1 ) ",
2680                         intval($importer['uid']),
2681                         dbesc(datetime_convert()),
2682                         dbesc($url),
2683                         dbesc(normalise_link($url)),
2684                         dbesc($name),
2685                         dbesc($nick),
2686                         dbesc($photo),
2687                         dbesc(($sharing) ? NETWORK_ZOT : NETWORK_OSTATUS),
2688                         intval(($sharing) ? CONTACT_IS_SHARING : CONTACT_IS_FOLLOWER)
2689                 );
2690                 $r = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `url` = '%s' AND `pending` = 1 LIMIT 1",
2691                                 intval($importer['uid']),
2692                                 dbesc($url)
2693                 );
2694                 if(count($r))
2695                                 $contact_record = $r[0];
2696
2697                 // create notification  
2698                 $hash = random_string();
2699
2700                 if(is_array($contact_record)) {
2701                         $ret = q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `hash`, `datetime`)
2702                                 VALUES ( %d, %d, 0, 0, '%s', '%s' )",
2703                                 intval($importer['uid']),
2704                                 intval($contact_record['id']),
2705                                 dbesc($hash),
2706                                 dbesc(datetime_convert())
2707                         );
2708                 }
2709                 $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
2710                         intval($importer['uid'])
2711                 );
2712                 $a = get_app();
2713                 if(count($r)) {
2714                         if(($r[0]['notify-flags'] & NOTIFY_INTRO) && ($r[0]['page-flags'] == PAGE_NORMAL)) {
2715                                 $email_tpl = get_intltext_template('follow_notify_eml.tpl');
2716                                 $email = replace_macros($email_tpl, array(
2717                                         '$requestor' => ((strlen($name)) ? $name : t('[Name Withheld]')),
2718                                         '$url' => $url,
2719                                         '$myname' => $r[0]['username'],
2720                                         '$siteurl' => $a->get_baseurl(),
2721                                         '$sitename' => $a->config['sitename']
2722                                 ));
2723                                 $res = mail($r[0]['email'], 
2724                                         (($sharing) ? t('A new person is sharing with you at ') : t("You have a new follower at ")) . $a->config['sitename'],
2725                                         $email,
2726                                         'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
2727                                         . 'Content-type: text/plain; charset=UTF-8' . "\n"
2728                                         . 'Content-transfer-encoding: 8bit' );
2729                         
2730                         }
2731                 }
2732         }
2733 }
2734
2735 function lose_follower($importer,$contact,$datarray,$item) {
2736
2737         if(($contact['rel'] == CONTACT_IS_FRIEND) || ($contact['rel'] == CONTACT_IS_SHARING)) {
2738                 q("UPDATE `contact` SET `rel` = %d WHERE `id` = %d LIMIT 1",
2739                         intval(CONTACT_IS_SHARING),
2740                         intval($contact['id'])
2741                 );
2742         }
2743         else {
2744                 contact_remove($contact['id']);
2745         }
2746 }
2747
2748 function lose_sharer($importer,$contact,$datarray,$item) {
2749
2750         if(($contact['rel'] == CONTACT_IS_FRIEND) || ($contact['rel'] == CONTACT_IS_FOLLOWER)) {
2751                 q("UPDATE `contact` SET `rel` = %d WHERE `id` = %d LIMIT 1",
2752                         intval(CONTACT_IS_FOLLOWER),
2753                         intval($contact['id'])
2754                 );
2755         }
2756         else {
2757                 contact_remove($contact['id']);
2758         }
2759 }
2760
2761
2762 function subscribe_to_hub($url,$importer,$contact,$hubmode = 'subscribe') {
2763
2764         if(is_array($importer)) {
2765                 $r = q("SELECT `nickname` FROM `user` WHERE `uid` = %d LIMIT 1",
2766                         intval($importer['uid'])
2767                 );
2768         }
2769
2770         // Diaspora has different message-ids in feeds than they do 
2771         // through the direct Diaspora protocol. If we try and use
2772         // the feed, we'll get duplicates. So don't.
2773
2774         if((! count($r)) || $contact['network'] === NETWORK_DIASPORA)
2775                 return;
2776
2777         $push_url = get_config('system','url') . '/pubsub/' . $r[0]['nickname'] . '/' . $contact['id'];
2778
2779         // Use a single verify token, even if multiple hubs
2780
2781         $verify_token = ((strlen($contact['hub-verify'])) ? $contact['hub-verify'] : random_string());
2782
2783         $params= 'hub.mode=' . $hubmode . '&hub.callback=' . urlencode($push_url) . '&hub.topic=' . urlencode($contact['poll']) . '&hub.verify=async&hub.verify_token=' . $verify_token;
2784
2785         logger('subscribe_to_hub: ' . $hubmode . ' ' . $contact['name'] . ' to hub ' . $url . ' endpoint: '  . $push_url . ' with verifier ' . $verify_token);
2786
2787         if(! strlen($contact['hub-verify'])) {
2788                 $r = q("UPDATE `contact` SET `hub-verify` = '%s' WHERE `id` = %d LIMIT 1",
2789                         dbesc($verify_token),
2790                         intval($contact['id'])
2791                 );
2792         }
2793
2794         post_url($url,$params);                 
2795         return;
2796
2797 }
2798
2799
2800 function atom_author($tag,$name,$uri,$h,$w,$photo) {
2801         $o = '';
2802         if(! $tag)
2803                 return $o;
2804         $name = xmlify($name);
2805         $uri = xmlify($uri);
2806         $h = intval($h);
2807         $w = intval($w);
2808         $photo = xmlify($photo);
2809
2810
2811         $o .= "<$tag>\r\n";
2812         $o .= "<name>$name</name>\r\n";
2813         $o .= "<uri>$uri</uri>\r\n";
2814         $o .= '<link rel="photo"  type="image/jpeg" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n";
2815         $o .= '<link rel="avatar" type="image/jpeg" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n";
2816
2817         call_hooks('atom_author', $o);
2818
2819         $o .= "</$tag>\r\n";
2820         return $o;
2821 }
2822
2823 function atom_entry($item,$type,$author,$owner,$comment = false) {
2824
2825         $a = get_app();
2826
2827         if(! $item['parent'])
2828                 return;
2829
2830         if($item['deleted'])
2831                 return '<at:deleted-entry ref="' . xmlify($item['uri']) . '" when="' . xmlify(datetime_convert('UTC','UTC',$item['edited'] . '+00:00',ATOM_TIME)) . '" />' . "\r\n";
2832
2833
2834         if($item['allow_cid'] || $item['allow_gid'] || $item['deny_cid'] || $item['deny_gid'])
2835                 $body = fix_private_photos($item['body'],$owner['uid']);
2836         else
2837                 $body = $item['body'];
2838
2839
2840         $o = "\r\n\r\n<entry>\r\n";
2841
2842         if(is_array($author))
2843                 $o .= atom_author('author',$author['name'],$author['url'],80,80,$author['thumb']);
2844         else
2845                 $o .= atom_author('author',(($item['author-name']) ? $item['author-name'] : $item['name']),(($item['author-link']) ? $item['author-link'] : $item['url']),80,80,(($item['author-avatar']) ? $item['author-avatar'] : $item['thumb']));
2846         if(strlen($item['owner-name']))
2847                 $o .= atom_author('dfrn:owner',$item['owner-name'],$item['owner-link'],80,80,$item['owner-avatar']);
2848
2849         if(($item['parent'] != $item['id']) || ($item['parent-uri'] !== $item['uri']))
2850                 $o .= '<thr:in-reply-to ref="' . xmlify($item['parent-uri']) . '" type="text/html" href="' .  xmlify($a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['parent']) . '" />' . "\r\n";
2851
2852         $o .= '<id>' . xmlify($item['uri']) . '</id>' . "\r\n";
2853         $o .= '<title>' . xmlify($item['title']) . '</title>' . "\r\n";
2854         $o .= '<published>' . xmlify(datetime_convert('UTC','UTC',$item['created'] . '+00:00',ATOM_TIME)) . '</published>' . "\r\n";
2855         $o .= '<updated>' . xmlify(datetime_convert('UTC','UTC',$item['edited'] . '+00:00',ATOM_TIME)) . '</updated>' . "\r\n";
2856         $o .= '<dfrn:env>' . base64url_encode($body, true) . '</dfrn:env>' . "\r\n";
2857         $o .= '<content type="' . $type . '" >' . xmlify((($type === 'html') ? bbcode($body) : $body)) . '</content>' . "\r\n";
2858         $o .= '<link rel="alternate" type="text/html" href="' . xmlify($a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id']) . '" />' . "\r\n";
2859         if($comment)
2860                 $o .= '<dfrn:comment-allow>' . intval($item['last-child']) . '</dfrn:comment-allow>' . "\r\n";
2861
2862         if($item['location']) {
2863                 $o .= '<dfrn:location>' . xmlify($item['location']) . '</dfrn:location>' . "\r\n";
2864                 $o .= '<poco:address><poco:formatted>' . xmlify($item['location']) . '</poco:formatted></poco:address>' . "\r\n";
2865         }
2866
2867         if($item['coord'])
2868                 $o .= '<georss:point>' . xmlify($item['coord']) . '</georss:point>' . "\r\n";
2869
2870         if(($item['private']) || strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid']))
2871                 $o .= '<dfrn:private>1</dfrn:private>' . "\r\n";
2872
2873         if($item['extid'])
2874                 $o .= '<dfrn:extid>' . xmlify($item['extid']) . '</dfrn:extid>' . "\r\n";
2875         if($item['bookmark'])
2876                 $o .= '<dfrn:bookmark>true</dfrn:bookmark>' . "\r\n";
2877
2878         if($item['app'])
2879                 $o .= '<statusnet:notice_info local_id="' . $item['id'] . '" source="' . xmlify($item['app']) . '" ></statusnet:notice_info>' . "\r\n";
2880
2881         if($item['guid'])
2882                 $o .= '<dfrn:diaspora_guid>' . $item['guid'] . '</dfrn:diaspora_guid>' . "\r\n";
2883
2884         if($item['signed_text']) {
2885                 $sign = base64_encode(json_encode(array('signed_text' => $item['signed_text'],'signature' => $item['signature'],'signer' => $item['signer'])));
2886                 $o .= '<dfrn:diaspora_signature>' . xmlify($sign) . '</dfrn:diaspora_signature>' . "\r\n";
2887         }
2888
2889         $verb = construct_verb($item);
2890         $o .= '<as:verb>' . xmlify($verb) . '</as:verb>' . "\r\n";
2891         $actobj = construct_activity_object($item);
2892         if(strlen($actobj))
2893                 $o .= $actobj;
2894         $actarg = construct_activity_target($item);
2895         if(strlen($actarg))
2896                 $o .= $actarg;
2897
2898         $tags = item_getfeedtags($item);
2899         if(count($tags)) {
2900                 foreach($tags as $t) {
2901                         $o .= '<category scheme="X-DFRN:' . xmlify($t[0]) . ':' . xmlify($t[1]) . '" term="' . xmlify($t[2]) . '" />' . "\r\n";
2902                 }
2903         }
2904
2905         $o .= item_getfeedattach($item);
2906
2907         $mentioned = get_mentions($item);
2908         if($mentioned)
2909                 $o .= $mentioned;
2910         
2911         call_hooks('atom_entry', $o);
2912
2913         $o .= '</entry>' . "\r\n";
2914         
2915         return $o;
2916 }
2917
2918 function fix_private_photos($s,$uid) {
2919         $a = get_app();
2920         logger('fix_private_photos');
2921
2922         if(preg_match("/\[img\](.*?)\[\/img\]/is",$s,$matches)) {
2923                 $image = $matches[1];
2924                 logger('fix_private_photos: found photo ' . $image);
2925                 if(stristr($image ,$a->get_baseurl() . '/photo/')) {
2926                         $i = basename($image);
2927                         $i = str_replace('.jpg','',$i);
2928                         $x = strpos($i,'-');
2929                         if($x) {
2930                                 $res = substr($i,$x+1);
2931                                 $i = substr($i,0,$x);
2932                                 $r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `scale` = %d AND `uid` = %d",
2933                                         dbesc($i),
2934                                         intval($res),
2935                                         intval($uid)
2936                                 );
2937                                 if(count($r)) {
2938                                         logger('replacing photo');
2939                                         $s = str_replace($image, 'data:image/jpg;base64,' . base64_encode($r[0]['data']), $s);
2940                                 }
2941                         }
2942                         logger('fix_private_photos: replaced: ' . $s, LOGGER_DATA);
2943                 }       
2944         }
2945         return($s);
2946 }
2947
2948
2949
2950 function item_getfeedtags($item) {
2951         $ret = array();
2952         $matches = false;
2953         $cnt = preg_match_all('|\#\[url\=(.*?)\](.*?)\[\/url\]|',$item['tag'],$matches);
2954         if($cnt) {
2955                 for($x = 0; $x < $cnt; $x ++) {
2956                         if($matches[1][$x])
2957                                 $ret[] = array('#',$matches[1][$x], $matches[2][$x]);
2958                 }
2959         }
2960         $matches = false; 
2961         $cnt = preg_match_all('|\@\[url\=(.*?)\](.*?)\[\/url\]|',$item['tag'],$matches);
2962         if($cnt) {
2963                 for($x = 0; $x < $cnt; $x ++) {
2964                         if($matches[1][$x])
2965                                 $ret[] = array('@',$matches[1][$x], $matches[2][$x]);
2966                 }
2967         } 
2968         return $ret;
2969 }
2970
2971 function item_getfeedattach($item) {
2972         $ret = '';
2973         $arr = explode(',',$item['attach']);
2974         if(count($arr)) {
2975                 foreach($arr as $r) {
2976                         $matches = false;
2977                         $cnt = preg_match('|\[attach\]href=\"(.*?)\" length=\"(.*?)\" type=\"(.*?)\" title=\"(.*?)\"\[\/attach\]|',$r,$matches);
2978                         if($cnt) {
2979                                 $ret .= '<link rel="enclosure" href="' . xmlify($matches[1]) . '" type="' . xmlify($matches[3]) . '" ';
2980                                 if(intval($matches[2]))
2981                                         $ret .= 'length="' . intval($matches[2]) . '" ';
2982                                 if($matches[4] !== ' ')
2983                                         $ret .= 'title="' . xmlify(trim($matches[4])) . '" ';
2984                                 $ret .= ' />' . "\r\n";
2985                         }
2986                 }
2987         }
2988         return $ret;
2989 }
2990
2991
2992         
2993 function item_expire($uid,$days) {
2994
2995         if((! $uid) || (! $days))
2996                 return;
2997
2998         $r = q("SELECT * FROM `item` 
2999                 WHERE `uid` = %d 
3000                 AND `created` < UTC_TIMESTAMP() - INTERVAL %d DAY 
3001                 AND `id` = `parent` 
3002                 AND `deleted` = 0",
3003                 intval($uid),
3004                 intval($days)
3005         );
3006
3007         if(! count($r))
3008                 return;
3009
3010         $expire_items = get_pconfig($uid, 'expire','items');
3011         $expire_items = (($expire_items===false)?1:intval($expire_items)); // default if not set: 1
3012         
3013         $expire_notes = get_pconfig($uid, 'expire','notes');
3014         $expire_notes = (($expire_notes===false)?1:intval($expire_notes)); // default if not set: 1
3015
3016         $expire_starred = get_pconfig($uid, 'expire','starred');
3017         $expire_starred = (($expire_starred===false)?1:intval($expire_starred)); // default if not set: 1
3018         
3019         $expire_photos = get_pconfig($uid, 'expire','photos');
3020         $expire_photos = (($expire_photos===false)?0:intval($expire_photos)); // default if not set: 0
3021  
3022         logger('expire: # items=' . count($r). "; expire items: $expire_items, expire notes: $expire_notes, expire starred: $expire_starred, expire photos: $expire_photos");
3023
3024         foreach($r as $item) {
3025
3026                 // don't expire filed items
3027
3028                 if(strpos($item['file'],'[') !== false)
3029                         continue;
3030
3031                 // Only expire posts, not photos and photo comments
3032
3033                 if($expire_photos==0 && strlen($item['resource-id']))
3034                         continue;
3035                 if($expire_starred==0 && intval($item['starred']))
3036                         continue;
3037                 if($expire_notes==0 && $item['type']=='note')
3038                         continue;
3039                 if($expire_items==0 && $item['type']!='note')
3040                         continue;
3041
3042                 drop_item($item['id'],false);
3043         }
3044
3045         proc_run('php',"include/notifier.php","expire","$uid");
3046         
3047 }
3048
3049
3050 function drop_items($items) {
3051         $uid = 0;
3052
3053         if(! local_user() && ! remote_user())
3054                 return;
3055
3056         if(count($items)) {
3057                 foreach($items as $item) {
3058                         $owner = drop_item($item,false);
3059                         if($owner && ! $uid)
3060                                 $uid = $owner;
3061                 }
3062         }
3063
3064         // multiple threads may have been deleted, send an expire notification
3065
3066         if($uid)
3067                 proc_run('php',"include/notifier.php","expire","$uid");
3068 }
3069
3070
3071 function drop_item($id,$interactive = true) {
3072
3073         $a = get_app();
3074
3075         // locate item to be deleted
3076
3077         $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1",
3078                 intval($id)
3079         );
3080
3081         if(! count($r)) {
3082                 if(! $interactive)
3083                         return 0;
3084                 notice( t('Item not found.') . EOL);
3085                 goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
3086         }
3087
3088         $item = $r[0];
3089
3090         $owner = $item['uid'];
3091
3092         // check if logged in user is either the author or owner of this item
3093
3094         if((local_user() == $item['uid']) || (remote_user() == $item['contact-id'])) {
3095
3096                 // delete the item
3097
3098                 $r = q("UPDATE `item` SET `deleted` = 1, `title` = '', `body` = '', `edited` = '%s', `changed` = '%s' WHERE `id` = %d LIMIT 1",
3099                         dbesc(datetime_convert()),
3100                         dbesc(datetime_convert()),
3101                         intval($item['id'])
3102                 );
3103
3104                 // clean up categories and tags so they don't end up as orphans
3105
3106                 $matches = false;
3107                 $cnt = preg_match_all('/<(.*?)>/',$item['file'],$matches,PREG_SET_ORDER);
3108                 if($cnt) {
3109                         foreach($matches as $mtch) {
3110                                 file_tag_unsave_file($item['uid'],$item['id'],$mtch[1],true);
3111                         }
3112                 }
3113
3114                 $matches = false;
3115
3116                 $cnt = preg_match_all('/\[(.*?)\]/',$item['file'],$matches,PREG_SET_ORDER);
3117                 if($cnt) {
3118                         foreach($matches as $mtch) {
3119                                 file_tag_unsave_file($item['uid'],$item['id'],$mtch[1],false);
3120                         }
3121                 }
3122
3123                 // If item is a link to a photo resource, nuke all the associated photos 
3124                 // (visitors will not have photo resources)
3125                 // This only applies to photos uploaded from the photos page. Photos inserted into a post do not
3126                 // generate a resource-id and therefore aren't intimately linked to the item. 
3127
3128                 if(strlen($item['resource-id'])) {
3129                         q("DELETE FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ",
3130                                 dbesc($item['resource-id']),
3131                                 intval($item['uid'])
3132                         );
3133                         // ignore the result
3134                 }
3135
3136                 // If item is a link to an event, nuke the event record.
3137
3138                 if(intval($item['event-id'])) {
3139                         q("DELETE FROM `event` WHERE `id` = %d AND `uid` = %d LIMIT 1",
3140                                 intval($item['event-id']),
3141                                 intval($item['uid'])
3142                         );
3143                         // ignore the result
3144                 }
3145
3146                 // clean up item_id and sign meta-data tables
3147
3148                 $r = q("DELETE FROM item_id where iid in (select id from item where parent = %d and uid = %d)",
3149                         intval($item['id']),
3150                         intval($item['uid'])
3151                 );
3152
3153                 $r = q("DELETE FROM sign where iid in (select id from item where parent = %d and uid = %d)",
3154                         intval($item['id']),
3155                         intval($item['uid'])
3156                 );
3157
3158                 // If it's the parent of a comment thread, kill all the kids
3159
3160                 if($item['uri'] == $item['parent-uri']) {
3161                         $r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s', `body` = '' , `title` = ''
3162                                 WHERE `parent-uri` = '%s' AND `uid` = %d ",
3163                                 dbesc(datetime_convert()),
3164                                 dbesc(datetime_convert()),
3165                                 dbesc($item['parent-uri']),
3166                                 intval($item['uid'])
3167                         );
3168                         // ignore the result
3169                 }
3170                 else {
3171                         // ensure that last-child is set in case the comment that had it just got wiped.
3172                         q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d ",
3173                                 dbesc(datetime_convert()),
3174                                 dbesc($item['parent-uri']),
3175                                 intval($item['uid'])
3176                         );
3177                         // who is the last child now? 
3178                         $r = q("SELECT `id` FROM `item` WHERE `parent-uri` = '%s' AND `type` != 'activity' AND `deleted` = 0 AND `uid` = %d ORDER BY `edited` DESC LIMIT 1",
3179                                 dbesc($item['parent-uri']),
3180                                 intval($item['uid'])
3181                         );
3182                         if(count($r)) {
3183                                 q("UPDATE `item` SET `last-child` = 1 WHERE `id` = %d LIMIT 1",
3184                                         intval($r[0]['id'])
3185                                 );
3186                         }       
3187                 }
3188                 $drop_id = intval($item['id']);
3189
3190                 // send the notification upstream/downstream as the case may be
3191
3192                 if(! $interactive)
3193                         return $owner;
3194
3195                 proc_run('php',"include/notifier.php","drop","$drop_id");
3196                 goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
3197                 //NOTREACHED
3198         }
3199         else {
3200                 if(! $interactive)
3201                         return 0;
3202                 notice( t('Permission denied.') . EOL);
3203                 goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
3204                 //NOTREACHED
3205         }
3206         
3207 }