]> git.mxchange.org Git - friendica.git/blob - mod/dfrn_confirm.php
The central item fetch does work now and the API now uses these functions
[friendica.git] / mod / dfrn_confirm.php
1 <?php
2 /**
3  * @file mod/dfrn_confirm.php
4  * @brief Module: dfrn_confirm
5  * Purpose: Friendship acceptance for DFRN contacts
6  *
7  * There are two possible entry points and three scenarios.
8  *
9  *   1. A form was submitted by our user approving a friendship that originated elsewhere.
10  *      This may also be called from dfrn_request to automatically approve a friendship.
11  *
12  *   2. We may be the target or other side of the conversation to scenario 1, and will
13  *      interact with that process on our own user's behalf.
14  *
15  *  @see PDF with dfrn specs: https://github.com/friendica/friendica/blob/master/spec/dfrn2.pdf
16  *    You also find a graphic which describes the confirmation process at
17  *    https://github.com/friendica/friendica/blob/master/spec/dfrn2_contact_confirmation.png
18  */
19
20 use Friendica\App;
21 use Friendica\Core\Config;
22 use Friendica\Core\L10n;
23 use Friendica\Core\PConfig;
24 use Friendica\Core\System;
25 use Friendica\Core\Worker;
26 use Friendica\Database\DBM;
27 use Friendica\Model\Contact;
28 use Friendica\Model\Group;
29 use Friendica\Model\Item;
30 use Friendica\Model\User;
31 use Friendica\Network\Probe;
32 use Friendica\Protocol\Diaspora;
33 use Friendica\Util\Crypto;
34 use Friendica\Util\DateTimeFormat;
35 use Friendica\Util\Network;
36 use Friendica\Util\XML;
37
38 require_once 'include/enotify.php';
39 require_once 'include/items.php';
40
41 function dfrn_confirm_post(App $a, $handsfree = null)
42 {
43         $node = null;
44         if (is_array($handsfree)) {
45                 /*
46                  * We were called directly from dfrn_request due to automatic friend acceptance.
47                  * Any $_POST parameters we may require are supplied in the $handsfree array.
48                  *
49                  */
50                 $node = $handsfree['node'];
51                 $a->interactive = false; // notice() becomes a no-op since nobody is there to see it
52         } elseif ($a->argc > 1) {
53                 $node = $a->argv[1];
54         }
55
56         /*
57          * Main entry point. Scenario 1. Our user received a friend request notification (perhaps
58          * from another site) and clicked 'Approve'.
59          * $POST['source_url'] is not set. If it is, it indicates Scenario 2.
60          *
61          * We may also have been called directly from dfrn_request ($handsfree != null) due to
62          * this being a page type which supports automatic friend acceptance. That is also Scenario 1
63          * since we are operating on behalf of our registered user to approve a friendship.
64          */
65         if (!x($_POST, 'source_url')) {
66                 $uid = defaults($handsfree, 'uid', local_user());
67                 if (!$uid) {
68                         notice(L10n::t('Permission denied.') . EOL);
69                         return;
70                 }
71
72                 $user = dba::selectFirst('user', [], ['uid' => $uid]);
73                 if (!DBM::is_result($user)) {
74                         notice(L10n::t('Profile not found.') . EOL);
75                         return;
76                 }
77
78                 // These data elements may come from either the friend request notification form or $handsfree array.
79                 if (is_array($handsfree)) {
80                         logger('Confirm in handsfree mode');
81                         $dfrn_id  = $handsfree['dfrn_id'];
82                         $intro_id = $handsfree['intro_id'];
83                         $duplex   = $handsfree['duplex'];
84                         $cid      = 0;
85                         $hidden   = intval(defaults($handsfree, 'hidden'  , 0));
86                 } else {
87                         $dfrn_id  = notags(trim(defaults($_POST, 'dfrn_id'   , '')));
88                         $intro_id =      intval(defaults($_POST, 'intro_id'  , 0));
89                         $duplex   =      intval(defaults($_POST, 'duplex'    , 0));
90                         $cid      =      intval(defaults($_POST, 'contact_id', 0));
91                         $hidden   =      intval(defaults($_POST, 'hidden'    , 0));
92                 }
93
94                 /*
95                  * Ensure that dfrn_id has precedence when we go to find the contact record.
96                  * We only want to search based on contact id if there is no dfrn_id,
97                  * e.g. for OStatus network followers.
98                  */
99                 if (strlen($dfrn_id)) {
100                         $cid = 0;
101                 }
102
103                 logger('Confirming request for dfrn_id (issued) ' . $dfrn_id);
104                 if ($cid) {
105                         logger('Confirming follower with contact_id: ' . $cid);
106                 }
107
108                 /*
109                  * The other person will have been issued an ID when they first requested friendship.
110                  * Locate their record. At this time, their record will have both pending and blocked set to 1.
111                  * There won't be any dfrn_id if this is a network follower, so use the contact_id instead.
112                  */
113                 $r = q("SELECT *
114                         FROM `contact`
115                         WHERE (
116                                 (`issued-id` != '' AND `issued-id` = '%s')
117                                 OR
118                                 (`id` = %d AND `id` != 0)
119                         )
120                         AND `uid` = %d
121                         AND `duplex` = 0
122                         LIMIT 1",
123                         dbesc($dfrn_id),
124                         intval($cid),
125                         intval($uid)
126                 );
127                 if (!DBM::is_result($r)) {
128                         logger('Contact not found in DB.');
129                         notice(L10n::t('Contact not found.') . EOL);
130                         notice(L10n::t('This may occasionally happen if contact was requested by both persons and it has already been approved.') . EOL);
131                         return;
132                 }
133
134                 $contact = $r[0];
135
136                 $contact_id   = $contact['id'];
137                 $relation     = $contact['rel'];
138                 $site_pubkey  = $contact['site-pubkey'];
139                 $dfrn_confirm = $contact['confirm'];
140                 $aes_allow    = $contact['aes_allow'];
141
142                 $network = ((strlen($contact['issued-id'])) ? NETWORK_DFRN : NETWORK_OSTATUS);
143
144                 if ($contact['network']) {
145                         $network = $contact['network'];
146                 }
147
148                 if ($network === NETWORK_DFRN) {
149                         /*
150                          * Generate a key pair for all further communications with this person.
151                          * We have a keypair for every contact, and a site key for unknown people.
152                          * This provides a means to carry on relationships with other people if
153                          * any single key is compromised. It is a robust key. We're much more
154                          * worried about key leakage than anybody cracking it.
155                          */
156                         $res = Crypto::newKeypair(4096);
157
158                         $private_key = $res['prvkey'];
159                         $public_key  = $res['pubkey'];
160
161                         // Save the private key. Send them the public key.
162                         q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d",
163                                 dbesc($private_key),
164                                 intval($contact_id),
165                                 intval($uid)
166                         );
167
168                         $params = [];
169
170                         /*
171                          * Per the DFRN protocol, we will verify both ends by encrypting the dfrn_id with our
172                          * site private key (person on the other end can decrypt it with our site public key).
173                          * Then encrypt our profile URL with the other person's site public key. They can decrypt
174                          * it with their site private key. If the decryption on the other end fails for either
175                          * item, it indicates tampering or key failure on at least one site and we will not be
176                          * able to provide a secure communication pathway.
177                          *
178                          * If other site is willing to accept full encryption, (aes_allow is 1 AND we have php5.3
179                          * or later) then we encrypt the personal public key we send them using AES-256-CBC and a
180                          * random key which is encrypted with their site public key.
181                          */
182
183                         $src_aes_key = openssl_random_pseudo_bytes(64);
184
185                         $result = '';
186                         openssl_private_encrypt($dfrn_id, $result, $user['prvkey']);
187
188                         $params['dfrn_id'] = bin2hex($result);
189                         $params['public_key'] = $public_key;
190
191                         $my_url = System::baseUrl() . '/profile/' . $user['nickname'];
192
193                         openssl_public_encrypt($my_url, $params['source_url'], $site_pubkey);
194                         $params['source_url'] = bin2hex($params['source_url']);
195
196                         if ($aes_allow && function_exists('openssl_encrypt')) {
197                                 openssl_public_encrypt($src_aes_key, $params['aes_key'], $site_pubkey);
198                                 $params['aes_key'] = bin2hex($params['aes_key']);
199                                 $params['public_key'] = bin2hex(openssl_encrypt($public_key, 'AES-256-CBC', $src_aes_key));
200                         }
201
202                         $params['dfrn_version'] = DFRN_PROTOCOL_VERSION;
203                         if ($duplex == 1) {
204                                 $params['duplex'] = 1;
205                         }
206
207                         if ($user['page-flags'] == PAGE_COMMUNITY) {
208                                 $params['page'] = 1;
209                         }
210
211                         if ($user['page-flags'] == PAGE_PRVGROUP) {
212                                 $params['page'] = 2;
213                         }
214
215                         logger('Confirm: posting data to ' . $dfrn_confirm . ': ' . print_r($params, true), LOGGER_DATA);
216
217                         /*
218                          *
219                          * POST all this stuff to the other site.
220                          * Temporarily raise the network timeout to 120 seconds because the default 60
221                          * doesn't always give the other side quite enough time to decrypt everything.
222                          *
223                          */
224
225                         $res = Network::post($dfrn_confirm, $params, null, $redirects, 120);
226
227                         logger(' Confirm: received data: ' . $res, LOGGER_DATA);
228
229                         // Now figure out what they responded. Try to be robust if the remote site is
230                         // having difficulty and throwing up errors of some kind.
231
232                         $leading_junk = substr($res, 0, strpos($res, '<?xml'));
233
234                         $res = substr($res, strpos($res, '<?xml'));
235                         if (!strlen($res)) {
236                                 // No XML at all, this exchange is messed up really bad.
237                                 // We shouldn't proceed, because the xml parser might choke,
238                                 // and $status is going to be zero, which indicates success.
239                                 // We can hardly call this a success.
240                                 notice(L10n::t('Response from remote site was not understood.') . EOL);
241                                 return;
242                         }
243
244                         if (strlen($leading_junk) && Config::get('system', 'debugging')) {
245                                 // This might be more common. Mixed error text and some XML.
246                                 // If we're configured for debugging, show the text. Proceed in either case.
247                                 notice(L10n::t('Unexpected response from remote site: ') . EOL . $leading_junk . EOL);
248                         }
249
250                         if (stristr($res, "<status") === false) {
251                                 // wrong xml! stop here!
252                                 notice(L10n::t('Unexpected response from remote site: ') . EOL . htmlspecialchars($res) . EOL);
253                                 return;
254                         }
255
256                         $xml = XML::parseString($res);
257                         $status = (int) $xml->status;
258                         $message = unxmlify($xml->message);   // human readable text of what may have gone wrong.
259                         switch ($status) {
260                                 case 0:
261                                         info(L10n::t("Confirmation completed successfully.") . EOL);
262                                         break;
263                                 case 1:
264                                         // birthday paradox - generate new dfrn-id and fall through.
265                                         $new_dfrn_id = random_string();
266                                         q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d",
267                                                 dbesc($new_dfrn_id),
268                                                 intval($contact_id),
269                                                 intval($uid)
270                                         );
271
272                                 case 2:
273                                         notice(L10n::t("Temporary failure. Please wait and try again.") . EOL);
274                                         break;
275                                 case 3:
276                                         notice(L10n::t("Introduction failed or was revoked.") . EOL);
277                                         break;
278                         }
279
280                         if (strlen($message)) {
281                                 notice(L10n::t('Remote site reported: ') . $message . EOL);
282                         }
283
284                         if (($status == 0) && $intro_id) {
285                                 $intro = dba::selectFirst('intro', ['note'], ['id' => $intro_id]);
286                                 if (DBM::is_result($intro)) {
287                                         dba::update('contact', ['reason' => $intro['note']], ['id' => $contact_id]);
288                                 }
289
290                                 // Success. Delete the notification.
291                                 dba::delete('intro', ['id' => $intro_id]);
292                         }
293
294                         if ($status != 0) {
295                                 return;
296                         }
297                 }
298
299                 /*
300                  * We have now established a relationship with the other site.
301                  * Let's make our own personal copy of their profile photo so we don't have
302                  * to always load it from their site.
303                  *
304                  * We will also update the contact record with the nature and scope of the relationship.
305                  */
306                 Contact::updateAvatar($contact['photo'], $uid, $contact_id);
307
308                 logger('dfrn_confirm: confirm - imported photos');
309
310                 if ($network === NETWORK_DFRN) {
311                         $new_relation = CONTACT_IS_FOLLOWER;
312                         if (($relation == CONTACT_IS_SHARING) || ($duplex)) {
313                                 $new_relation = CONTACT_IS_FRIEND;
314                         }
315
316                         if (($relation == CONTACT_IS_SHARING) && ($duplex)) {
317                                 $duplex = 0;
318                         }
319
320                         $r = q("UPDATE `contact` SET `rel` = %d,
321                                 `name-date` = '%s',
322                                 `uri-date` = '%s',
323                                 `blocked` = 0,
324                                 `pending` = 0,
325                                 `duplex` = %d,
326                                 `hidden` = %d,
327                                 `network` = '%s' WHERE `id` = %d
328                         ",
329                                 intval($new_relation),
330                                 dbesc(DateTimeFormat::utcNow()),
331                                 dbesc(DateTimeFormat::utcNow()),
332                                 intval($duplex),
333                                 intval($hidden),
334                                 dbesc(NETWORK_DFRN),
335                                 intval($contact_id)
336                         );
337                 } else {
338                         // $network !== NETWORK_DFRN
339                         $network = defaults($contact, 'network', NETWORK_OSTATUS);
340
341                         $arr = Probe::uri($contact['url']);
342
343                         $notify  = defaults($contact, 'notify' , $arr['notify']);
344                         $poll    = defaults($contact, 'poll'   , $arr['poll']);
345
346                         $addr = $arr['addr'];
347
348                         $new_relation = $contact['rel'];
349                         $writable = $contact['writable'];
350
351                         if ($network === NETWORK_DIASPORA) {
352                                 if ($duplex) {
353                                         $new_relation = CONTACT_IS_FRIEND;
354                                 } else {
355                                         $new_relation = CONTACT_IS_FOLLOWER;
356                                 }
357
358                                 if ($new_relation != CONTACT_IS_FOLLOWER) {
359                                         $writable = 1;
360                                 }
361                         }
362
363                         dba::delete('intro', ['id' => $intro_id]);
364
365                         $r = q("UPDATE `contact` SET `name-date` = '%s',
366                                 `uri-date` = '%s',
367                                 `addr` = '%s',
368                                 `notify` = '%s',
369                                 `poll` = '%s',
370                                 `blocked` = 0,
371                                 `pending` = 0,
372                                 `network` = '%s',
373                                 `writable` = %d,
374                                 `hidden` = %d,
375                                 `rel` = %d
376                                 WHERE `id` = %d
377                         ",
378                                 dbesc(DateTimeFormat::utcNow()),
379                                 dbesc(DateTimeFormat::utcNow()),
380                                 dbesc($addr),
381                                 dbesc($notify),
382                                 dbesc($poll),
383                                 dbesc($network),
384                                 intval($writable),
385                                 intval($hidden),
386                                 intval($new_relation),
387                                 intval($contact_id)
388                         );
389                 }
390
391                 if (!DBM::is_result($r)) {
392                         notice(L10n::t('Unable to set contact photo.') . EOL);
393                 }
394
395                 // reload contact info
396                 $contact = dba::selectFirst('contact', [], ['id' => $contact_id]);
397                 if ((isset($new_relation) && $new_relation == CONTACT_IS_FRIEND)) {
398                         if (DBM::is_result($contact) && ($contact['network'] === NETWORK_DIASPORA)) {
399                                 $ret = Diaspora::sendShare($user, $contact);
400                                 logger('share returns: ' . $ret);
401                         }
402                 }
403
404                 Group::addMember(User::getDefaultGroup($uid, $contact["network"]), $contact['id']);
405
406                 // Let's send our user to the contact editor in case they want to
407                 // do anything special with this new friend.
408                 if ($handsfree === null) {
409                         goaway(System::baseUrl() . '/contacts/' . intval($contact_id));
410                 } else {
411                         return;
412                 }
413                 //NOTREACHED
414         }
415
416         /*
417          * End of Scenario 1. [Local confirmation of remote friend request].
418          *
419          * Begin Scenario 2. This is the remote response to the above scenario.
420          * This will take place on the site that originally initiated the friend request.
421          * In the section above where the confirming party makes a POST and
422          * retrieves xml status information, they are communicating with the following code.
423          */
424         if (x($_POST, 'source_url')) {
425                 // We are processing an external confirmation to an introduction created by our user.
426                 $public_key =         defaults($_POST, 'public_key', '');
427                 $dfrn_id    = hex2bin(defaults($_POST, 'dfrn_id'   , ''));
428                 $source_url = hex2bin(defaults($_POST, 'source_url', ''));
429                 $aes_key    =         defaults($_POST, 'aes_key'   , '');
430                 $duplex     =  intval(defaults($_POST, 'duplex'    , 0));
431                 $page       =  intval(defaults($_POST, 'page'      , 0));
432
433                 $forum = (($page == 1) ? 1 : 0);
434                 $prv   = (($page == 2) ? 1 : 0);
435
436                 logger('dfrn_confirm: requestee contacted: ' . $node);
437
438                 logger('dfrn_confirm: request: POST=' . print_r($_POST, true), LOGGER_DATA);
439
440                 // If $aes_key is set, both of these items require unpacking from the hex transport encoding.
441
442                 if (x($aes_key)) {
443                         $aes_key = hex2bin($aes_key);
444                         $public_key = hex2bin($public_key);
445                 }
446
447                 // Find our user's account
448                 $user = dba::selectFirst('user', [], ['nickname' => $node]);
449                 if (!DBM::is_result($user)) {
450                         $message = L10n::t('No user record found for \'%s\' ', $node);
451                         System::xmlExit(3, $message); // failure
452                         // NOTREACHED
453                 }
454
455                 $my_prvkey = $user['prvkey'];
456                 $local_uid = $user['uid'];
457
458
459                 if (!strstr($my_prvkey, 'PRIVATE KEY')) {
460                         $message = L10n::t('Our site encryption key is apparently messed up.');
461                         System::xmlExit(3, $message);
462                 }
463
464                 // verify everything
465
466                 $decrypted_source_url = "";
467                 openssl_private_decrypt($source_url, $decrypted_source_url, $my_prvkey);
468
469
470                 if (!strlen($decrypted_source_url)) {
471                         $message = L10n::t('Empty site URL was provided or URL could not be decrypted by us.');
472                         System::xmlExit(3, $message);
473                         // NOTREACHED
474                 }
475
476                 $contact = dba::selectFirst('contact', [], ['url' => $decrypted_source_url, 'uid' => $local_uid]);
477                 if (!DBM::is_result($contact)) {
478                         if (strstr($decrypted_source_url, 'http:')) {
479                                 $newurl = str_replace('http:', 'https:', $decrypted_source_url);
480                         } else {
481                                 $newurl = str_replace('https:', 'http:', $decrypted_source_url);
482                         }
483
484                         $contact = dba::selectFirst('contact', [], ['url' => $newurl, 'uid' => $local_uid]);
485                         if (!DBM::is_result($contact)) {
486                                 // this is either a bogus confirmation (?) or we deleted the original introduction.
487                                 $message = L10n::t('Contact record was not found for you on our site.');
488                                 System::xmlExit(3, $message);
489                                 return; // NOTREACHED
490                         }
491                 }
492
493                 $relation = $contact['rel'];
494
495                 // Decrypt all this stuff we just received
496
497                 $foreign_pubkey = $contact['site-pubkey'];
498                 $dfrn_record = $contact['id'];
499
500                 if (!$foreign_pubkey) {
501                         $message = L10n::t('Site public key not available in contact record for URL %s.', $decrypted_source_url);
502                         System::xmlExit(3, $message);
503                 }
504
505                 $decrypted_dfrn_id = "";
506                 openssl_public_decrypt($dfrn_id, $decrypted_dfrn_id, $foreign_pubkey);
507
508                 if (strlen($aes_key)) {
509                         $decrypted_aes_key = "";
510                         openssl_private_decrypt($aes_key, $decrypted_aes_key, $my_prvkey);
511                         $dfrn_pubkey = openssl_decrypt($public_key, 'AES-256-CBC', $decrypted_aes_key);
512                 } else {
513                         $dfrn_pubkey = $public_key;
514                 }
515
516                 if (dba::exists('contact', ['dfrn-id' => $decrypted_dfrn_id])) {
517                         $message = L10n::t('The ID provided by your system is a duplicate on our system. It should work if you try again.');
518                         System::xmlExit(1, $message); // Birthday paradox - duplicate dfrn-id
519                         // NOTREACHED
520                 }
521
522                 $r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d",
523                         dbesc($decrypted_dfrn_id),
524                         dbesc($dfrn_pubkey),
525                         intval($dfrn_record)
526                 );
527                 if (!DBM::is_result($r)) {
528                         $message = L10n::t('Unable to set your contact credentials on our system.');
529                         System::xmlExit(3, $message);
530                 }
531
532                 // It's possible that the other person also requested friendship.
533                 // If it is a duplex relationship, ditch the issued-id if one exists.
534
535                 if ($duplex) {
536                         q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d",
537                                 intval($dfrn_record)
538                         );
539                 }
540
541                 // We're good but now we have to scrape the profile photo and send notifications.
542                 $contact = dba::selectFirst('contact', ['photo'], ['id' => $dfrn_record]);
543                 if (DBM::is_result($contact)) {
544                         $photo = $contact['photo'];
545                 } else {
546                         $photo = System::baseUrl() . '/images/person-175.jpg';
547                 }
548
549                 Contact::updateAvatar($photo, $local_uid, $dfrn_record);
550
551                 logger('dfrn_confirm: request - photos imported');
552
553                 $new_relation = CONTACT_IS_SHARING;
554                 if (($relation == CONTACT_IS_FOLLOWER) || ($duplex)) {
555                         $new_relation = CONTACT_IS_FRIEND;
556                 }
557
558                 if (($relation == CONTACT_IS_FOLLOWER) && ($duplex)) {
559                         $duplex = 0;
560                 }
561
562                 $r = q("UPDATE `contact` SET
563                         `rel` = %d,
564                         `name-date` = '%s',
565                         `uri-date` = '%s',
566                         `blocked` = 0,
567                         `pending` = 0,
568                         `duplex` = %d,
569                         `forum` = %d,
570                         `prv` = %d,
571                         `network` = '%s' WHERE `id` = %d
572                 ",
573                         intval($new_relation),
574                         dbesc(DateTimeFormat::utcNow()),
575                         dbesc(DateTimeFormat::utcNow()),
576                         intval($duplex),
577                         intval($forum),
578                         intval($prv),
579                         dbesc(NETWORK_DFRN),
580                         intval($dfrn_record)
581                 );
582                 if (!DBM::is_result($r)) {      // indicates schema is messed up or total db failure
583                         $message = L10n::t('Unable to update your contact profile details on our system');
584                         System::xmlExit(3, $message);
585                 }
586
587                 // Otherwise everything seems to have worked and we are almost done. Yay!
588                 // Send an email notification
589
590                 logger('dfrn_confirm: request: info updated');
591
592                 $combined = null;
593                 $r = q("SELECT `contact`.*, `user`.*
594                         FROM `contact`
595                         LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
596                         WHERE `contact`.`id` = %d
597                         LIMIT 1",
598                         intval($dfrn_record)
599                 );
600                 if (DBM::is_result($r)) {
601                         $combined = $r[0];
602
603                         if ($combined['notify-flags'] & NOTIFY_CONFIRM) {
604                                 $mutual = ($new_relation == CONTACT_IS_FRIEND);
605                                 notification([
606                                         'type'         => NOTIFY_CONFIRM,
607                                         'notify_flags' => $combined['notify-flags'],
608                                         'language'     => $combined['language'],
609                                         'to_name'      => $combined['username'],
610                                         'to_email'     => $combined['email'],
611                                         'uid'          => $combined['uid'],
612                                         'link'         => System::baseUrl() . '/contacts/' . $dfrn_record,
613                                         'source_name'  => ((strlen(stripslashes($combined['name']))) ? stripslashes($combined['name']) : L10n::t('[Name Withheld]')),
614                                         'source_link'  => $combined['url'],
615                                         'source_photo' => $combined['photo'],
616                                         'verb'         => ($mutual?ACTIVITY_FRIEND:ACTIVITY_FOLLOW),
617                                         'otype'        => 'intro'
618                                 ]);
619                         }
620                 }
621
622                 System::xmlExit(0); // Success
623                 return; // NOTREACHED
624                 ////////////////////// End of this scenario ///////////////////////////////////////////////
625         }
626
627         // somebody arrived here by mistake or they are fishing. Send them to the homepage.
628         goaway(System::baseUrl());
629         // NOTREACHED
630 }