7 function dfrn_notify_post(&$a) {
9 $dfrn_id = notags(trim($_POST['dfrn_id']));
10 $challenge = notags(trim($_POST['challenge']));
11 $data = $_POST['data'];
13 $r = q("SELECT * FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
20 $r = q("DELETE FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
44 function dfrn_notify_content(&$a) {
46 if(x($_GET,'dfrn_id')) {
47 // initial communication from external contact
48 $hash = random_string();
52 $r = q("DELETE FROM `challenge` WHERE `expire` < " . intval(time()));
54 $r = q("INSERT INTO `challenge` ( `challenge`, `dfrn-id`, `expire` )
55 VALUES( '%s', '%s', '%s') ",
57 dbesc(notags(trim($_GET['dfrn_id']))),
61 $r = q("SELECT * FROM `contact` WHERE `issued-id` = '%s' AND `blocked` = 0 LIMIT 1",
62 dbesc($_GET['dfrn_id']));
63 if((! count($r)) || (! strlen($r[0]['prvkey'])))
68 openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
69 $challenge = bin2hex($challenge);
70 echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_notify><status>' .$status . '</status><dfrn_id>' . $_GET['dfrn_id'] . '</dfrn_id>'
71 . '<challenge>' . $challenge . '</challenge></dfrn_notify>' . "\r\n" ;
72 session_write_close();