- if(! count($parms)) {
- $_SESSION['sysmsg'] .= 'URL is not valid or does not contain profile information.' . EOL ;
- $failed = true;
- }
- else {
- if(! x($parms,'fn'))
- $_SESSION['sysmsg'] .= 'Warning: DFRN profile has no identifiable owner name.' . EOL ;
- if(! x($parms,'photo'))
- $_SESSION['sysmsg'] .= 'Warning: DFRN profile has no profile photo.' . EOL ;
- $invalid = validate_dfrn($parms);
- if($invalid) {
- echo $invalid . ' required DFRN parameter'
- . (($invalid == 1) ? " was " : "s were " )
- . "not found at the given URL" . '<br />';
-
- $failed = true;
+ $dfrn_url = notags(trim($_POST['dfrn_url']));
+ $aes_allow = (((x($_POST,'aes_allow')) && ($_POST['aes_allow'] == 1)) ? 1 : 0);
+ $confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : "");
+
+ $contact_record = null;
+
+ if(x($dfrn_url)) {
+
+ /**
+ * Lookup the contact based on their URL (which is the only unique thing we have at the moment)
+ */
+
+ $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `url` = '%s' AND `self` = 0 LIMIT 1",
+ intval(local_user()),
+ dbesc($dfrn_url)
+ );
+
+ if(count($r)) {
+ if(strlen($r[0]['dfrn-id'])) {
+
+ /**
+ * We don't need to be here. It has already happened.
+ */
+
+ notice( t("This introduction has already been accepted.") . EOL );
+ return;
+ }
+ else
+ $contact_record = $r[0];
+ }
+
+ if(is_array($contact_record)) {
+ $r = q("UPDATE `contact` SET `ret-aes` = %d WHERE `id` = %d LIMIT 1",
+ intval($aes_allow),
+ intval($contact_record['id'])
+ );
+ }
+ else {
+
+ /**
+ * Scrape the other site's profile page to pick up the dfrn links, key, fn, and photo
+ */
+
+ require_once('Scrape.php');
+
+ $parms = scrape_dfrn($dfrn_url);
+
+ if(! count($parms)) {
+ notice( t('Profile location is not valid or does not contain profile information.') . EOL );
+ return;
+ }
+ else {
+ if(! x($parms,'fn'))
+ notice( t('Warning: profile location has no identifiable owner name.') . EOL );
+ if(! x($parms,'photo'))
+ notice( t('Warning: profile location has no profile photo.') . EOL );
+ $invalid = validate_dfrn($parms);
+ if($invalid) {
+ notice( sprintf( tt("%d required parameter was not found at the given location",
+ "%d required parameters were not found at the given location",
+ $invalid), $invalid) . EOL );
+ return;
+ }
+ }
+
+ $dfrn_request = $parms['dfrn-request'];
+
+ /********* Escape the entire array ********/
+
+ dbesc_array($parms);
+
+ /******************************************/
+
+ /**
+ * Create a contact record on our site for the other person
+ */
+
+ $r = q("INSERT INTO `contact` ( `uid`, `created`,`url`, `name`, `nick`, `photo`, `site-pubkey`,
+ `request`, `confirm`, `notify`, `poll`, `network`, `aes_allow`)
+ VALUES ( %d, '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)",
+ intval(local_user()),
+ datetime_convert(),
+ dbesc($dfrn_url),
+ $parms['fn'],
+ $parms['nick'],
+ $parms['photo'],
+ $parms['key'],
+ $parms['dfrn-request'],
+ $parms['dfrn-confirm'],
+ $parms['dfrn-notify'],
+ $parms['dfrn-poll'],
+ dbesc(NETWORK_DFRN),
+ intval($aes_allow)
+ );