+ $url .= $separator . 'zrl=' . urlencode($my_profile);
+ }
+
+ Logger::log('redirecting to ' . $url, Logger::DEBUG);
+ $a->redirect($url);
+}
+
+function redir_magic($a, $cid, $url)
+{
+ $visitor = Profile::getMyURL();
+ if (!empty($visitor)) {
+ Logger::info('Got my url', ['visitor' => $visitor]);
+ }
+
+ $contact = DBA::selectFirst('contact', ['url'], ['id' => $cid]);
+ if (!DBA::isResult($contact)) {
+ Logger::info('Contact not found', ['id' => $cid]);
+ throw new \Friendica\Network\HTTPException\NotFoundException(DI::l10n()->t('Contact not found.'));
+ } else {
+ $contact_url = $contact['url'];
+ redir_check_url($contact_url, $url);
+ $target_url = $url ?: $contact_url;
+ }
+
+ $basepath = Contact::getBasepath($contact_url);
+
+ // We don't use magic auth when there is no visitor, we are on the same system or we visit our own stuff
+ if (empty($visitor) || Strings::compareLink($basepath, DI::baseUrl()) || Strings::compareLink($contact_url, $visitor)) {
+ Logger::info('Redirecting without magic', ['target' => $target_url, 'visitor' => $visitor, 'contact' => $contact_url]);
+ DI::app()->redirect($target_url);
+ }
+
+ // Test for magic auth on the target system
+ $serverret = Network::curl($basepath . '/magic');
+ if ($serverret->isSuccess()) {
+ $separator = strpos($target_url, '?') ? '&' : '?';
+ $target_url .= $separator . 'zrl=' . urlencode($visitor) . '&addr=' . urlencode($contact_url);
+
+ Logger::info('Redirecting with magic', ['target' => $target_url, 'visitor' => $visitor, 'contact' => $contact_url]);
+ System::externalRedirect($target_url);
+ } else {
+ Logger::info('No magic for contact', ['contact' => $contact_url]);
+ }
+}
+
+function redir_check_url(string $contact_url, string $url)
+{
+ if (empty($contact_url) || empty($url)) {
+ return;
+ }
+
+ $url_host = parse_url($url, PHP_URL_HOST);
+ $contact_url_host = parse_url($contact_url, PHP_URL_HOST);