you and me babe

[friendica.git] / include / items.php
diff --git a/include/items.php b/include/items.php

index f11293e4a3eba12f37d05d9adb4773a67587a34d..a44bc1feb3b6d7865011832426d98919b181ce2f 100644 (file)
--- a/include/items.php
+++ b/include/items.php
@@ -1,9 +1,9 @@
  <?php
  
+require_once('bbcode.php');
  
-function get_feed_for(&$a, $dfrn_id, $owner_id, $last_update) {
+function get_feed_for(&$a, $dfrn_id, $owner_id, $last_update, $direction = 0) {
  
-       require_once('bbcode.php');
  
         // default permissions - anonymous user
  
@@ -32,13 +32,31 @@ function get_feed_for(&$a, $dfrn_id, $owner_id, $last_update) {
         else
                 killme();
  
-       if($dfrn_id != '*') {
+       if($dfrn_id && $dfrn_id != '*') {
+
+               $sql_extra = '';
+               switch($direction) {
+                       case (-1):
+                               $sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($dfrn_id));
+                               $my_id = $dfrn_id;
+                               break;
+                       case 0:
+                               $sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
+                               $my_id = '1:' . $dfrn_id;
+                               break;
+                       case 1:
+                               $sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
+                               $my_id = '0:' . $dfrn_id;
+                               break;
+                       default:
+                               return false;
+                               break; // NOTREACHED
+               }
  
-               $r = q("SELECT * FROM `contact` WHERE ( `issued-id` = '%s' OR ( `duplex` = 1 AND `dfrn-id` = '%s' )) AND `uid` = %d LIMIT 1",
-                       dbesc($dfrn_id),
-                       dbesc($dfrn_id),
+               $r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `contact`.`uid` = %d $sql_extra LIMIT 1",
                         intval($owner_id)
                 );
+
                 if(! count($r))
                         return false;
  
@@ -66,8 +84,14 @@ function get_feed_for(&$a, $dfrn_id, $owner_id, $last_update) {
                 );
         }
  
+       if($dfrn_id === '' || $dfrn_id === '*')
+               $sort = 'DESC';
+       else
+               $sort = 'ASC';
+
         if(! strlen($last_update))
                 $last_update = 'now - 30 days';
+
         $check_date = datetime_convert('UTC','UTC',$last_update,'Y-m-d H:i:s');
  
         $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, 
@@ -77,23 +101,25 @@ function get_feed_for(&$a, $dfrn_id, $owner_id, $last_update) {
                 `contact`.`id` AS `contact-id`, `contact`.`uid` AS `contact-uid`
                 FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
                 WHERE `item`.`uid` = %d AND `item`.`visible` = 1 
-               AND NOT `item`.`type` IN ( 'remote', 'net-comment' ) AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+               AND `item`.`wall` = 1 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
                 AND ( `item`.`edited` > '%s' OR `item`.`changed` > '%s' )
                 $sql_extra
-               ORDER BY `parent` ASC, `created` ASC LIMIT 0, 300",
+               ORDER BY `parent` %s, `created` ASC LIMIT 0, 300",
                 intval($owner_id),
                 dbesc($check_date),
-               dbesc($check_date)
+               dbesc($check_date),
+               dbesc($sort)
         );
-       if(! count($r))
-               killme();
+
+       // Will check further below if this actually returned results.
+       // We will provide an empty feed in any case.
  
         $items = $r;
  
-       $feed_template = file_get_contents('view/atom_feed.tpl');
-       $tomb_template = file_get_contents('view/atom_tomb.tpl');
-       $item_template = file_get_contents('view/atom_item.tpl');
-       $cmnt_template = file_get_contents('view/atom_cmnt.tpl');
+       $feed_template = load_view_file('view/atom_feed.tpl');
+       $tomb_template = load_view_file('view/atom_tomb.tpl');
+       $item_template = load_view_file('view/atom_item.tpl');
+       $cmnt_template = load_view_file('view/atom_cmnt.tpl');
  
         $atom = '';
  
@@ -111,12 +137,17 @@ function get_feed_for(&$a, $dfrn_id, $owner_id, $last_update) {
                         '$namdate'      => xmlify(datetime_convert('UTC','UTC',$owner['name-date']   . '+00:00' , ATOM_TIME)) 
         ));
  
-       
+
+       if(! count($items)) {
+               $atom .= '</feed>' . "\r\n";
+               return $atom;
+       }
+
         foreach($items as $item) {
  
                 // public feeds get html, our own nodes use bbcode
  
-               if($dfrn_id == '*') {
+               if($dfrn_id === '*') {
                         $item['body'] = bbcode($item['body']);
                         $type = 'html';
                 }
@@ -187,10 +218,23 @@ function construct_verb($item) {
  
  function construct_activity($item) {
  
-       if($item['type'] == 'activity') {
-
-
+       if($item['object']) {
+               $o = '<as:object>' . "\r\n";
+               $r = @simplexml_load_string($item['object']);
+               if($r->type)
+                       $o .= '<as:object-type>' . $r->type . '</as:object-type>' . "\r\n";
+               if($r->id)
+                       $o .= '<id>' . $r->id . '</id>' . "\r\n";
+               if($r->link)
+                       $o .= '<link rel="alternate" type="text/html" href="' . $r->link . '" />' . "\r\n";
+               if($r->title)
+                       $o .= '<title>' . $r->title . '</title>' . "\r\n";
+               if($r->content)
+                       $o .= '<content type="html" >' . bbcode($r->content) . '</content>' . "\r\n";
+               $o .= '</as:object>' . "\r\n";
+               return $o;
         }
+
         return '';
  } 
  
@@ -206,7 +250,7 @@ function get_atom_elements($item) {
  
         $raw_author = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author');
         if($raw_author) {
-               if($raw_author[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'][0]['attribs']['']['rel'] == 'photo')
+               if($raw_author[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'][0]['attribs']['']['rel'] === 'photo')
                 $res['author-avatar'] = unxmlify($raw_author[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'][0]['attribs']['']['href']);
         }
  
@@ -283,7 +327,7 @@ function get_atom_elements($item) {
         elseif($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data'])
                 $res['owner-link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']);
  
-       if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'][0]['attribs']['']['rel'] == 'photo')
+       if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'][0]['attribs']['']['rel'] === 'photo')
                 $res['owner-avatar'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'][0]['attribs']['']['href']);
         elseif($rawowner[0]['child'][NAMESPACE_DFRN]['avatar'][0]['data'])
                 $res['owner-avatar'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['avatar'][0]['data']);
@@ -294,15 +338,48 @@ function get_atom_elements($item) {
                 $res['verb'] = unxmlify($rawverb[0]['data']);
  
         $rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'object');
+
+
         if($rawobj) {
-               $res['object-type'] = $rawobj[0]['object-type'][0]['data'];
-               $res['object'] = $rawobj[0];
+               $res['object'] = '<object>' . "\n";
+               if($rawobj[0]['child'][NAMESPACE_ACTIVITY]['object-type'][0]['data']) {
+                       $res['object-type'] = $rawobj[0]['child'][NAMESPACE_ACTIVITY]['object-type'][0]['data'];
+                       $res['object'] .= '<type>' . $rawobj[0]['child'][NAMESPACE_ACTIVITY]['object-type'][0]['data'] . '</type>' . "\n";
+               }       
+               if($rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'])
+                       $res['object'] .= '<id>' . $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'] . '</id>' . "\n";
+               
+               if($rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'][0]['attribs']['']['rel'] === 'alternate')
+                       $res['object'] .= '<link>' . $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'][0]['attribs']['']['href'] . '</link>' . "\n";
+               if($rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'])
+                       $res['object'] .= '<title>' . $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'] . '</title>' . "\n";
+               if($rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) {
+                       $body = $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data'];
+                       if(! $body)
+                               $body = $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
+                       if(strpos($body,'<')) {
+
+                               $body = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s',
+                                       '[youtube]$1[/youtube]', $body);
+
+                               $config = HTMLPurifier_Config::createDefault();
+                               $config->set('Core.DefinitionCache', null);
+
+                               $purifier = new HTMLPurifier($config);
+                               $body = $purifier->purify($body);
+                       }
+
+                       $body = html2bbcode($body);
+                       $res['object'] .= '<content>' . $body . '</content>' . "\n";
+               }
+
+               $res['object'] .= '</object>' . "\n";
         }
  
         return $res;
  }
  
-function post_remote($a,$arr) {
+function item_store($arr) {
  
  //print_r($arr);
  
@@ -324,14 +401,14 @@ function post_remote($a,$arr) {
         $arr['owner-name'] = notags(trim($arr['owner-name']));
         $arr['owner-link'] = notags(trim($arr['owner-link']));
         $arr['owner-avatar'] = notags(trim($arr['owner-avatar']));
-       $arr['created'] = datetime_convert('UTC','UTC',$arr['created'],'Y-m-d H:i:s');
-       $arr['edited'] = datetime_convert('UTC','UTC',$arr['edited'],'Y-m-d H:i:s');
+       $arr['created'] = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert());
+       $arr['edited']  = ((x($arr,'edited')  !== false) ? datetime_convert('UTC','UTC',$arr['edited'])  : datetime_convert());
         $arr['changed'] = datetime_convert();
         $arr['title'] = notags(trim($arr['title']));
         $arr['location'] = notags(trim($arr['location']));
         $arr['body'] = escape_tags(trim($arr['body']));
         $arr['last-child'] = intval($arr['last-child']);
-       $arr['visible'] = 1;
+       $arr['visible'] = ((x($arr,'visible') !== false) ? intval($arr['visible']) : 1);
         $arr['deleted'] = 0;
         $arr['parent-uri'] = notags(trim($arr['parent-uri']));
         $arr['verb'] = notags(trim($arr['verb']));
@@ -387,3 +464,93 @@ function post_remote($a,$arr) {
  
         return $current_post;
  }
+
+function get_item_contact($item,$contacts) {
+       if(! count($contacts) || (! is_array($item)))
+               return false;
+       foreach($contacts as $contact) {
+               if($contact['id'] == $item['contact-id']) {
+                       return $contact;
+                       break; // NOTREACHED
+               }
+       }
+       return false;
+}
+
+
+function dfrn_deliver($contact,$atom,$debugging = false) {
+
+
+       if((! strlen($contact['dfrn-id'])) && (! $contact['duplex']))
+               return 3;
+
+       $idtosend = $orig_id = (($contact['dfrn-id']) ? $contact['dfrn-id'] : $contact['issued-id']);
+
+       if($contact['duplex'] && $contact['dfrn-id'])
+               $idtosend = '0:' . $orig_id;
+       if($contact['duplex'] && $contact['issued-id'])
+               $idtosend = '1:' . $orig_id;            
+
+       $url = $contact['notify'] . '?dfrn_id=' . $idtosend;
+
+       if($debugging)
+               echo "URL: $url";
+
+       $xml = fetch_url($url);
+
+       if($debugging)
+               echo $xml;
+
+       if(! $xml)
+               return 3;
+
+       $res = simplexml_load_string($xml);
+
+       if((intval($res->status) != 0) || (! strlen($res->challenge)) || (! strlen($res->dfrn_id)))
+               return (($res->status) ? $res->status : 3);
+
+       $postvars     = array();
+       $sent_dfrn_id = hex2bin($res->dfrn_id);
+       $challenge    = hex2bin($res->challenge);
+
+       $final_dfrn_id = '';
+
+       if($contact['duplex'] && strlen($contact['prvkey'])) {
+               openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']);
+               openssl_private_decrypt($challenge,$postvars['challenge'],$contact['prvkey']);
+       }
+       else {
+               openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']);
+               openssl_public_decrypt($challenge,$postvars['challenge'],$contact['pubkey']);
+       }
+
+       $final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
+
+       if(strpos($final_dfrn_id,':') == 1)
+               $final_dfrn_id = substr($final_dfrn_id,2);
+
+       if($final_dfrn_id != $orig_id) {
+               // did not decode properly - cannot trust this site 
+               return 3;
+       }
+
+       $postvars['dfrn_id'] = $idtosend;
+
+
+       if(($contact['rel']) && ($contact['rel'] != REL_FAN) && (! $contact['blocked']) && (! $contact['readonly'])) {
+               $postvars['data'] = $atom;
+       }
+       else {
+               $postvars['data'] = str_replace('<dfrn:comment-allow>1','<dfrn:comment-allow>0',$atom);
+       }
+
+       $xml = post_url($contact['notify'],$postvars);
+
+       if($debugging)
+               echo $xml;
+
+       $res = simplexml_load_string($xml);
+
+       return $res->status;
+ 
+}