));
+ call_hooks('atom_feed', $atom);
+
if(! count($items)) {
+
+ call_hooks('atom_feed_end', $atom);
+
$atom .= '</feed>' . "\r\n";
return $atom;
}
$atom .= atom_entry($item,$type,null,$owner,true);
}
+ call_hooks('atom_feed_end', $atom);
+
$atom .= '</feed>' . "\r\n";
+
return $atom;
}
else
$res['last-child'] = 0;
+ $private = $item->get_item_tags(NAMESPACE_DFRN,'private');
+ if($private && $private[0]['data'] == 1)
+ $res['private'] = 1;
+ else
+ $res['private'] = 0;
+
$rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'published');
if($rawcreated)
$res['created'] = unxmlify($rawcreated[0]['data']);
$res['target'] .= '</target>' . "\n";
}
+ $arr = array('feed' => $feed, 'item' => $item, 'result' => $res);
+
+ call_hooks('parse_atom', $arr);
+
return $res;
}
$arr['allow_gid'] = ((x($arr,'allow_gid')) ? trim($arr['allow_gid']) : '');
$arr['deny_cid'] = ((x($arr,'deny_cid')) ? trim($arr['deny_cid']) : '');
$arr['deny_gid'] = ((x($arr,'deny_gid')) ? trim($arr['deny_gid']) : '');
+ $arr['private'] = ((x($arr,'private')) ? intval($arr['private']) : 0 );
$arr['body'] = ((x($arr,'body')) ? escape_tags(trim($arr['body'])) : '');
// The content body has been through a lot of filtering and transport escaping by now.
// We don't want to skip any filters, however a side effect of all this filtering
- // is that ampersands will have been double encoded.
+ // is that ampersands and <> may have been double encoded, depending on which filter chain
+ // they came through.
- $arr['body'] = str_replace('&amp;','&',$arr['body']);
+ $arr['body'] = str_replace(
+ array('&amp;','&gt;','&lt;'),
+ array('&' ,'>' ,'<'),
+ $arr['body']
+ );
);
if(count($r)) {
+
+ // is the new message multi-level threaded?
+ // even though we don't support it now, preserve the info
+ // and re-attach to the conversation parent.
+
+ if($r[0]['uri'] != $r[0]['parent-uri']) {
+ $arr['thr-parent'] = $arr['parent-uri'];
+ $arr['parent-uri'] = $r[0]['parent-uri'];
+ }
+
$parent_id = $r[0]['id'];
$allow_cid = $r[0]['allow_cid'];
$allow_gid = $r[0]['allow_gid'];
}
}
+ call_hooks('post_remote',$arr);
+
dbesc_array($arr);
logger('item_store: ' . print_r($arr,true), LOGGER_DATA);
if($arr['parent-uri'] === $arr['uri'])
$parent_id = $current_post;
+ if(strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid))
+ $private = 1;
+ else
+ $private = $arr['private'];
+
// Set parent id - and also make sure to inherit the parent's ACL's.
$r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',
- `deny_cid` = '%s', `deny_gid` = '%s' WHERE `id` = %d LIMIT 1",
+ `deny_cid` = '%s', `deny_gid` = '%s', `private` = %d WHERE `id` = %d LIMIT 1",
intval($parent_id),
dbesc($allow_cid),
dbesc($allow_gid),
dbesc($deny_cid),
dbesc($deny_gid),
+ intval($private),
intval($current_post)
);
if($contact['duplex'] && $contact['issued-id'])
$idtosend = '1:' . $orig_id;
- $url = $contact['notify'] . '?dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION ;
+ $rino = ((function_exists('mcrypt_encrypt')) ? 1 : 0);
+
+ $rino_enable = get_config('system','rino_encrypt');
+
+ if(! $rino_enable)
+ $rino = 0;
+
+ $url = $contact['notify'] . '?dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino=1' : '');
logger('dfrn_deliver: ' . $url);
$postvars = array();
$sent_dfrn_id = hex2bin($res->dfrn_id);
$challenge = hex2bin($res->challenge);
+ $rino_allowed = ((intval($res->rino) === 1) ? 1 : 0);
$final_dfrn_id = '';
$postvars['data'] = str_replace('<dfrn:comment-allow>1','<dfrn:comment-allow>0',$atom);
}
+ if($rino && $rino_allowed) {
+ $key = substr(random_string(),0,16);
+ $data = bin2hex(aes_encrypt($postvars['data'],$key));
+ $postvars['data'] = $data;
+ logger('rino: sent key = ' . $key);
+
+ if(($contact['duplex'] && strlen($contact['prvkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) {
+ openssl_private_encrypt($key,$postvars['key'],$contact['prvkey']);
+ }
+ else {
+ openssl_public_encrypt($key,$postvars['key'],$contact['pubkey']);
+ }
+
+ logger('md5 rawkey ' . md5($postvars['key']));
+
+ $postvars['key'] = bin2hex($postvars['key']);
+ }
+
+ logger('dfrn_deliver: ' . "SENDING: " . print_r($postvars,true), LOGGER_DATA);
+
$xml = post_url($contact['notify'],$postvars);
- logger('dfrn_deliver: ' . "SENDING: " . print_r($postvars,true) . "\n" . "RECEIVING: " . $xml, LOGGER_DATA);
+ logger('dfrn_deliver: ' . "RECEIVED: " . $xml, LOGGER_DATA);
$curl_stat = $a->get_curl_code();
if((! $curl_stat) || (! strlen($xml)))
* $contact = the person who is sending us stuff. If not set, we MAY be processing a "follow" activity
* from an external network and MAY create an appropriate contact record. Otherwise, we MUST
* have a contact record.
- * $hub = should wefind ahub declation in the feed, pass it back to our calling process, who might (or
+ * $hub = should we find a hub declation in the feed, pass it back to our calling process, who might (or
* might not) try and subscribe to it.
*
*/
$o .= "<uri>$uri</uri>\r\n";
$o .= '<link rel="photo" type="image/jpeg" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n";
$o .= '<link rel="avatar" type="image/jpeg" media:width="' . $w . '" media:height="' . $h . '" href="' . $photo . '" />' . "\r\n";
+
+ call_hooks('atom_author', $o);
+
$o .= "</$tag>\r\n";
return $o;
}
if($item['coord'])
$o .= '<georss:point>' . xmlify($item['coord']) . '</georss:point>' . "\r\n";
+ if(($item['private']) || strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid']))
+ $o .= '<dfrn:private>1</dfrn:private>' . "\r\n";
+
$verb = construct_verb($item);
$o .= '<as:verb>' . xmlify($verb) . '</as:verb>' . "\r\n";
$actobj = construct_activity_object($item);
if($mentioned)
$o .= $mentioned;
+ call_hooks('atom_entry', $o);
+
$o .= '</entry>' . "\r\n";
return $o;