else
killme();
+
/**
*
* Determine the next birthday, but only if the birthday is published
$atom .= replace_macros($feed_template, array(
+ '$version' => xmlify(FRIENDIKA_VERSION),
'$feed_id' => xmlify($a->get_baseurl() . '/profile/' . $owner_nick),
'$feed_title' => xmlify($owner['name']),
'$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now' , ATOM_TIME)) ,
// It isn't certain at this point whether our content is plaintext or html and we'd be foolish to trust
// the content type. Our own network only emits text normally, though it might have been converted to
- // html if we used a pubsubhubbub transport. But if we see even one html open tag in our text, we will
+ // html if we used a pubsubhubbub transport. But if we see even one html tag in our text, we will
// have to assume it is all html and needs to be purified.
// It doesn't matter all that much security wise - because before this content is used anywhere, we are
// html.
- if(strpos($res['body'],'<')) {
+ if((strpos($res['body'],'<')) || (strpos($res['body'],'>'))) {
$res['body'] = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s',
'[youtube]$1[/youtube]', $res['body']);
$purifier = new HTMLPurifier($config);
$res['body'] = $purifier->purify($res['body']);
- }
+ $res['body'] = html2bbcode($res['body']);
+ }
+ else
+ $res['body'] = escape_tags($res['body']);
- $res['body'] = html2bbcode($res['body']);
-
$allow = $item->get_item_tags(NAMESPACE_DFRN,'comment-allow');
if($allow && $allow[0]['data'] == 1)
$body = $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
// preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events
$res['object'] .= '<orig>' . xmlify($body) . '</orig>' . "\n";
- if(strpos($body,'<')) {
+ if((strpos($body,'<')) || (strpos($body,'>'))) {
$body = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s',
'[youtube]$1[/youtube]', $body);
$purifier = new HTMLPurifier($config);
$body = $purifier->purify($body);
+ $body = html2bbcode($body);
}
+ else
+ $body = escape_tags($body);
- $body = html2bbcode($body);
$res['object'] .= '<content>' . $body . '</content>' . "\n";
}
$body = $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
// preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events
$res['object'] .= '<orig>' . xmlify($body) . '</orig>' . "\n";
- if(strpos($body,'<')) {
+ if((strpos($body,'<')) || (strpos($body,'>'))) {
$body = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s',
'[youtube]$1[/youtube]', $body);
$purifier = new HTMLPurifier($config);
$body = $purifier->purify($body);
+ $body = html2bbcode($body);
}
+ else
+ $body = escape_tags($body);
- $body = html2bbcode($body);
$res['target'] .= '<content>' . $body . '</content>' . "\n";
}
if($link['attribs']['']['type'])
$o .= 'type="' . $link['attribs']['']['type'] . '" ';
if($link['attribs']['']['href'])
- $o .= 'type="' . $link['attribs']['']['href'] . '" ';
+ $o .= 'href="' . $link['attribs']['']['href'] . '" ';
if( (x($link['attribs'],NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['width'])
$o .= 'media:width="' . $link['attribs'][NAMESPACE_MEDIA]['width'] . '" ';
if( (x($link['attribs'],NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['height'])
// they came through.
$arr['body'] = str_replace(
- array('&amp;','&gt;','&lt;'),
- array('&' ,'>' ,'<'),
+ array('&amp;', '&gt;', '&lt;', '&quot;'),
+ array('&' , '>' , '<', '"'),
$arr['body']
);
return (($res->status) ? $res->status : 3);
$postvars = array();
- $sent_dfrn_id = hex2bin($res->dfrn_id);
- $challenge = hex2bin($res->challenge);
+ $sent_dfrn_id = hex2bin((string) $res->dfrn_id);
+ $challenge = hex2bin((string) $res->challenge);
$rino_allowed = ((intval($res->rino) === 1) ? 1 : 0);
$final_dfrn_id = '';
*
*/
-function consume_feed($xml,$importer,$contact, &$hub, $datedir = 0) {
+function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0) {
require_once('simplepie/simplepie.inc');
$new_name = '';
$photo_timestamp = '';
$photo_url = '';
-
+ $birthday = '';
$hubs = $feed->get_links('hub');
$photo_timestamp = datetime_convert('UTC','UTC',$elems['link'][0]['attribs'][NAMESPACE_DFRN]['updated']);
$photo_url = $elems['link'][0]['attribs']['']['href'];
}
+
+ if((x($rawtags[0]['child'], NAMESPACE_DFRN)) && (x($rawtags[0]['child'][NAMESPACE_DFRN],'birthday'))) {
+ $birthday = datetime_convert('UTC','UTC', $rawtags[0]['child'][NAMESPACE_DFRN]['birthday'][0]['data']);
+ }
}
if((is_array($contact)) && ($photo_timestamp) && (strlen($photo_url)) && ($photo_timestamp > $contact['avatar-date'])) {
- logger('Consume feed: Updating photo for ' . $contact['name']);
+ logger('consume_feed: Updating photo for ' . $contact['name']);
require_once("Photo.php");
$photo_failure = false;
$have_photo = false;
);
}
+ if(strlen($birthday)) {
+ if(substr($birthday,0,4) != $contact['bdyear']) {
+ logger('consume_feed: updating birthday: ' . $birthday);
+
+ /**
+ *
+ * Add new birthday event for this person
+ *
+ * $bdtext is just a readable placeholder in case the event is shared
+ * with others. We will replace it during presentation to our $importer
+ * to contain a sparkle link and perhaps a photo.
+ *
+ */
+
+ $bdtext = t('Birthday:') . ' [url=' . $contact['url'] . ']' . $contact['name'] . '[/url]' ;
+
+
+ $r = q("INSERT INTO `event` (`uid`,`cid`,`created`,`edited`,`start`,`finish`,`desc`,`type`)
+ VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s' ) ",
+ intval($contact['uid']),
+ intval($contact['id']),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert('UTC','UTC', $birthday)),
+ dbesc(datetime_convert('UTC','UTC', $birthday . ' + 1 day ')),
+ dbesc($bdtext),
+ dbesc('birthday')
+ );
+
+
+ // update bdyear
+
+ q("UPDATE `contact` SET `bdyear` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1",
+ dbesc(substr($birthday,0,4)),
+ intval($contact['uid']),
+ intval($contact['id'])
+ );
+
+ // This function is called twice without reloading the contact
+ // Make sure we only create one event. This is why &$contact
+ // is a reference var in this function
+
+ $contact['bdyear'] = substr($birthday,0,4);
+ }
+
+ }
+
// Now process the feed
if($feed->get_item_quantity()) {