- goaway($a->get_baseurl());
- $r = q("SELECT `issued-id`, `dfrn-id`, `duplex`, `poll` FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
- intval($a->argv[1]),
- intval($_SESSION['uid']));
- if(! count($r))
- goaway($a->get_baseurl());
-
- $dfrn_id = $r[0]['issued-id'];
- if((! $dfrn_id) && ($r[0]['duplex']))
- $dfrn_id = $r[0]['dfrn-id'];
-
- q("INSERT INTO `profile_check` ( `uid`, `dfrn_id`, `expire`)
- VALUES( %d, '%s', %d )",
- intval($_SESSION['uid']),
+ goaway(z_root());
+ $cid = $a->argv[1];
+ $url = ((x($_GET,'url')) ? $_GET['url'] : '');
+
+ $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ intval($cid),
+ intval(local_user())
+ );
+
+ if((! count($r)) || ($r[0]['network'] !== 'dfrn'))
+ goaway(z_root());
+
+ $dfrn_id = $orig_id = (($r[0]['issued-id']) ? $r[0]['issued-id'] : $r[0]['dfrn-id']);
+
+ if($r[0]['duplex'] && $r[0]['issued-id']) {
+ $orig_id = $r[0]['issued-id'];
+ $dfrn_id = '1:' . $orig_id;
+ }
+ if($r[0]['duplex'] && $r[0]['dfrn-id']) {
+ $orig_id = $r[0]['dfrn-id'];
+ $dfrn_id = '0:' . $orig_id;
+ }
+
+ $sec = random_string();
+
+ q("INSERT INTO `profile_check` ( `uid`, `cid`, `dfrn_id`, `sec`, `expire`)
+ VALUES( %d, %s, '%s', '%s', %d )",
+ intval(local_user()),
+ intval($cid),