+function diaspora_message($importer,$xml,$msg) {
+
+ $a = get_app();
+
+ $msg_guid = notags(unxmlify($xml->guid));
+ $msg_parent_guid = notags(unxmlify($xml->parent_guid));
+ $msg_parent_author_signature = notags(unxmlify($xml->parent_author_signature));
+ $msg_author_signature = notags(unxmlify($xml->author_signature));
+ $msg_text = unxmlify($xml->text);
+ $msg_created_at = datetime_convert('UTC','UTC',notags(unxmlify($xml->created_at)));
+ $msg_diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+ $msg_conversation_guid = notags(unxmlify($xml->conversation_guid));
+
+ $parent_uri = $diaspora_handle . ':' . $msg_parent_guid;
+
+ $contact = diaspora_get_contact_by_handle($importer['uid'],$msg_diaspora_handle);
+ if(! $contact) {
+ logger('diaspora_message: cannot find contact: ' . $msg_diaspora_handle);
+ return;
+ }
+
+ if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) {
+ logger('diaspora_message: Ignoring this author.');
+ return 202;
+ }
+
+ $conversation = null;
+
+ $c = q("select * from conv where uid = %d and guid = '%s' limit 1",
+ intval($importer['uid']),
+ dbesc($msg_conversation_guid)
+ );
+ if(count($c))
+ $conversation = $c[0];
+ else {
+ logger('diaspora_message: conversation not available.');
+ return;
+ }
+
+ $reply = 0;
+
+ $body = diaspora2bb($msg_text);
+ $message_id = $msg_diaspora_handle . ':' . $msg_guid;
+
+ $author_signed_data = $msg_guid . ';' . $msg_parent_guid . ';' . $msg_text . ';' . unxmlify($xml->created_at) . ';' . $msg_diaspora_handle . ';' . $msg_conversation_guid;
+
+
+ $author_signature = base64_decode($msg_author_signature);
+
+ $person = find_diaspora_person_by_handle($msg_diaspora_handle);
+ if(is_array($person) && x($person,'pubkey'))
+ $key = $person['pubkey'];
+ else {
+ logger('diaspora_message: unable to find author details');
+ return;
+ }
+
+ if(! rsa_verify($author_signed_data,$author_signature,$key,'sha256')) {
+ logger('diaspora_message: verification failed.');
+ return;
+ }