+ }
+
+ $created = unxmlify($xml->created_at);
+ $private = ((unxmlify($xml->public) == 'false') ? 1 : 0);
+
+ $body = diaspora2bb($xml->raw_message);
+
+ $datarray = array();
+ $datarray['uid'] = $importer['uid'];
+ $datarray['contact-id'] = $contact['id'];
+ $datarray['wall'] = 0;
+ $datarray['guid'] = $guid;
+ $datarray['uri'] = $datarray['parent-uri'] = $message_id;
+ $datarray['created'] = $datarray['edited'] = datetime_convert('UTC','UTC',$created);
+ $datarray['private'] = $private;
+ $datarray['parent'] = 0;
+ $datarray['owner-name'] = $contact['name'];
+ $datarray['owner-link'] = $contact['url'];
+ $datarray['owner-avatar'] = $contact['thumb'];
+ $datarray['author-name'] = $contact['name'];
+ $datarray['author-link'] = $contact['url'];
+ $datarray['author-avatar'] = $contact['thumb'];
+ $datarray['body'] = $body;
+ $datarray['app'] = 'Diaspora';
+
+ $message_id = item_store($datarray);
+
+ if($message_id) {
+ q("update item set plink = '%s' where id = %d limit 1",
+ dbesc($a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id),
+ intval($message_id)
+ );
+ }
+
+ return;
+
+}
+
+function diaspora_comment($importer,$xml,$msg) {
+
+ $a = get_app();
+ $guid = notags(unxmlify($xml->guid));
+ $parent_guid = notags(unxmlify($xml->parent_guid));
+ $diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+ $target_type = notags(unxmlify($xml->target_type));
+ $text = unxmlify($xml->text);
+ $author_signature = notags(unxmlify($xml->author_signature));
+
+ $parent_author_signature = (($xml->parent_author_signature) ? notags(unxmlify($xml->parent_author_signature)) : '');
+
+ $text = $xml->text;
+
+ $contact = diaspora_get_contact_by_handle($importer['uid'],$msg['author']);
+ if(! $contact) {
+ logger('diaspora_comment: cannot find contact: ' . $msg['author']);
+ return;
+ }
+
+ if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) {
+ logger('diaspora_comment: Ignoring this author.');
+ return 202;
+ }
+
+ $r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
+ intval($importer['uid']),
+ dbesc($guid)
+ );
+ if(count($r)) {
+ logger('diaspora_comment: our comment just got relayed back to us (or there was a guid collision) : ' . $guid);
+ return;
+ }
+
+ $r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
+ intval($importer['uid']),
+ dbesc($parent_guid)
+ );
+ if(! count($r)) {
+ logger('diaspora_comment: parent item not found: parent: ' . $parent_guid . ' item: ' . $guid);
+ return;
+ }
+ $parent_item = $r[0];
+
+ $author_signed_data = $guid . ';' . $parent_guid . ';' . $text . ';' . $diaspora_handle;
+
+ $author_signature = base64_decode($author_signature);
+
+ if(strcasecmp($diaspora_handle,$msg['author']) == 0) {
+ $person = $contact;
+ $key = $msg['key'];
+ }
+ else {
+ $person = find_diaspora_person_by_handle($diaspora_handle);
+
+ if(is_array($person) && x($person,'pubkey'))
+ $key = $person['pubkey'];
+ else {
+ logger('diaspora_comment: unable to find author details');
+ return;
+ }
+ }
+
+ if(! rsa_verify($author_signed_data,$author_signature,$key,'sha256')) {
+ logger('diaspora_comment: verification failed.');
+ return;
+ }
+
+
+ if($parent_author_signature) {
+ $owner_signed_data = $guid . ';' . $parent_guid . ';' . $text . ';' . $diaspora_handle;
+
+ $parent_author_signature = base64_decode($parent_author_signature);
+
+ $key = $msg['key'];
+
+ if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha256')) {
+ logger('diaspora_comment: owner verification failed.');
+ return;
+ }
+ }
+
+ // Phew! Everything checks out. Now create an item.
+
+ $body = diaspora2bb($text);
+
+ $message_id = $diaspora_handle . ':' . $guid;
+
+ $datarray = array();
+ $datarray['uid'] = $importer['uid'];
+ $datarray['contact-id'] = $contact['id'];
+ $datarray['wall'] = $parent_item['wall'];
+ $datarray['gravity'] = GRAVITY_COMMENT;
+ $datarray['guid'] = $guid;
+ $datarray['uri'] = $message_id;
+ $datarray['parent-uri'] = $parent_item['uri'];
+
+ // No timestamps for comments? OK, we'll the use current time.
+ $datarray['created'] = $datarray['edited'] = datetime_convert();
+ $datarray['private'] = $parent_item['private'];
+
+ $datarray['owner-name'] = $contact['name'];
+ $datarray['owner-link'] = $contact['url'];
+ $datarray['owner-avatar'] = $contact['thumb'];
+
+ $datarray['author-name'] = $person['name'];
+ $datarray['author-link'] = $person['url'];
+ $datarray['author-avatar'] = ((x($person,'thumb')) ? $person['thumb'] : $person['photo']);
+ $datarray['body'] = $body;
+ $datarray['app'] = 'Diaspora';
+
+ $message_id = item_store($datarray);
+
+ if($message_id) {
+ q("update item set plink = '%s' where id = %d limit 1",
+ dbesc($a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $message_id),
+ intval($message_id)
+ );
+ }
+
+ if(! $parent_author_signature) {
+ q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
+ intval($message_id),
+ dbesc($author_signed_data),
+ dbesc(base64_encode($author_signature)),
+ dbesc($diaspora_handle)
+ );
+
+ // if the message isn't already being relayed, notify others
+ // the existence of parent_author_signature means the parent_author or owner
+ // is already relaying.
+
+ proc_run('php','include/notifier.php','comment',$message_id);
+ }
+ return;
+}
+
+function diaspora_photo($importer,$xml,$msg) {
+
+ $a = get_app();
+ $remote_photo_path = notags(unxmlify($xml->remote_photo_path));
+
+ $remote_photo_name = notags(unxmlify($xml->remote_photo_name));
+
+ $status_message_guid = notags(unxmlify($xml->status_message_guid));
+
+ $guid = notags(unxmlify($xml->guid));
+
+ $diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+
+ $public = notags(unxmlify($xml->public));
+
+ $created_at = notags(unxmlify($xml_created_at));
+
+
+ $contact = diaspora_get_contact_by_handle($importer['uid'],$msg['author']);
+ if(! $contact)
+ return;
+
+ if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) {
+ logger('diaspora_photo: Ignoring this author.');
+ return 202;
+ }
+
+ $r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
+ intval($importer['uid']),
+ dbesc($status_message_guid)
+ );
+ if(! count($r)) {
+ logger('diaspora_photo: parent item not found: parent: ' . $parent_guid . ' item: ' . $guid);