Merge pull request #1873 from annando/1508-admin-settings

[friendica.git] / include / items.php

diff --git a/include/items.php b/include/items.php
index 2ff7bffbe3adccbafe7511c0bbcfddd3d796694e..cc03a776462d1165f83e1bbc512bc9d89a564858 100644 (file)
--- a/include/items.php
+++ b/include/items.php
@@ -15,6 +15,9 @@ require_once('include/plaintext.php');
 require_once('include/ostatus.php');
 require_once('mod/share.php');
 
+require_once('library/defuse/php-encryption-1.2.1/Crypto.php');
+
+
 function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0, $forpubsub = false) {
 
 
@@ -966,7 +969,7 @@ function query_page_info($url, $no_photos = false, $photo = "", $keywords = fals
        $data = Cache::get("parse_url:".$url);
        if (is_null($data)){
                $data = parseurl_getsiteinfo($url, true);
-               Cache::set("parse_url:".$url,serialize($data));
+               Cache::set("parse_url:".$url,serialize($data), CACHE_DAY);
        } else
                $data = unserialize($data);
 
@@ -1207,7 +1210,8 @@ function item_store($arr,$force_parent = false, $notify = false, $dontcache = fa
        }
 
        $arr['wall']          = ((x($arr,'wall'))          ? intval($arr['wall'])                : 0);
-       $arr['uri']           = ((x($arr,'uri'))           ? notags(trim($arr['uri']))           : random_string());
+       $arr['guid']          = ((x($arr,'guid'))          ? notags(trim($arr['guid']))          : get_guid(32, $arr['network']));
+       $arr['uri']           = ((x($arr,'uri'))           ? notags(trim($arr['uri']))           : $arr['guid']);
        $arr['extid']         = ((x($arr,'extid'))         ? notags(trim($arr['extid']))         : '');
        $arr['author-name']   = ((x($arr,'author-name'))   ? notags(trim($arr['author-name']))   : '');
        $arr['author-link']   = ((x($arr,'author-link'))   ? notags(trim($arr['author-link']))   : '');
@@ -1245,7 +1249,6 @@ function item_store($arr,$force_parent = false, $notify = false, $dontcache = fa
        $arr['app']           = ((x($arr,'app'))           ? notags(trim($arr['app']))           : '');
        $arr['origin']        = ((x($arr,'origin'))        ? intval($arr['origin'])              : 0 );
        $arr['network']       = ((x($arr,'network'))       ? trim($arr['network'])               : '');
-       $arr['guid']          = ((x($arr,'guid'))          ? notags(trim($arr['guid']))          : get_guid(32, $arr['network']));
        $arr['postopts']      = ((x($arr,'postopts'))      ? trim($arr['postopts'])              : '');
        $arr['resource-id']   = ((x($arr,'resource-id'))   ? trim($arr['resource-id'])           : '');
        $arr['event-id']      = ((x($arr,'event-id'))      ? intval($arr['event-id'])            : 0 );
@@ -1983,12 +1986,11 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
        if($contact['duplex'] && $contact['issued-id'])
                $idtosend = '1:' . $orig_id;
 
-       $rino = ((function_exists('mcrypt_encrypt')) ? 1 : 0);
 
-       $rino_enable = get_config('system','rino_encrypt');
+       $rino = get_config('system','rino_encrypt');
+       $rino = intval($rino);
 
-       if(! $rino_enable)
-               $rino = 0;
+       logger("Local rino version: ". $rino, LOGGER_DEBUG);
 
        $ssl_val = intval(get_config('system','ssl_policy'));
        $ssl_policy = '';
@@ -2006,7 +2008,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
                        break;
        }
 
-       $url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino=1' : '');
+       $url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino='.$rino : '');
 
        logger('dfrn_deliver: ' . $url);
 
@@ -2037,9 +2039,11 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
        $challenge    = hex2bin((string) $res->challenge);
        $perm         = (($res->perm) ? $res->perm : null);
        $dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0);
-       $rino_allowed = ((intval($res->rino) === 1) ? 1 : 0);
+       $rino_remote_version = intval($res->rino);
        $page         = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0);
 
+       logger("Remote rino version: ".$rino_remote_version." for ".$contact["url"], LOGGER_DEBUG);
+
        if($owner['page-flags'] == PAGE_PRVGROUP)
                $page = 2;
 
@@ -2098,11 +2102,46 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
        if($page)
                $postvars['page'] = $page;
 
-       if($rino && $rino_allowed && (! $dissolve)) {
-               $key = substr(random_string(),0,16);
-               $data = bin2hex(aes_encrypt($postvars['data'],$key));
-               $postvars['data'] = $data;
-               logger('rino: sent key = ' . $key, LOGGER_DEBUG);
+
+       if($rino>0 && $rino_remote_version>0 && (! $dissolve)) {
+               logger('rino version: '. $rino_remote_version);
+
+               switch($rino_remote_version) {
+                       case 1:
+                               // Deprecated rino version!
+                               $key = substr(random_string(),0,16);
+                               $data = aes_encrypt($postvars['data'],$key);
+                               break;
+                       case 2:
+                               // RINO 2 based on php-encryption
+                               try {
+                                       $key = Crypto::createNewRandomKey();
+                               } catch (CryptoTestFailed $ex) {
+                                       logger('Cannot safely create a key');
+                                       return -1;
+                               } catch (CannotPerformOperation $ex) {
+                                       logger('Cannot safely create a key');
+                                       return -1;
+                               }
+                               try {
+                                       $data = Crypto::encrypt($postvars['data'], $key);
+                               } catch (CryptoTestFailed $ex) {
+                                       logger('Cannot safely perform encryption');
+                                       return -1;
+                               } catch (CannotPerformOperation $ex) {
+                                       logger('Cannot safely perform encryption');
+                                       return -1;
+                               }
+                               break;
+                       default:
+                               logger("rino: invalid requested verision '$rino_remote_version'");
+                               return -1;
+               }
+
+               $postvars['rino'] = $rino_remote_version;
+               $postvars['data'] = bin2hex($data);
+
+               #logger('rino: sent key = ' . $key, LOGGER_DEBUG);
 
 
                if($dfrn_version >= 2.1) {
@@ -2130,6 +2169,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
                $postvars['key'] = bin2hex($postvars['key']);
        }
 
+
        logger('dfrn_deliver: ' . "SENDING: " . print_r($postvars,true), LOGGER_DATA);
 
        $xml = post_url($contact['notify'],$postvars);
@@ -2929,7 +2969,7 @@ function item_is_remote_self($contact, &$datarray) {
                if ($contact['network'] != NETWORK_FEED) {
                        $datarray["guid"] = get_guid(32);
                        unset($datarray["plink"]);
-                       $datarray["uri"] = item_new_uri($a->get_hostname(),$contact['uid']);
+                       $datarray["uri"] = item_new_uri($a->get_hostname(),$contact['uid'], $datarray["guid"]);
                        $datarray["parent-uri"] = $datarray["uri"];
                        $datarray["extid"] = $contact['network'];
                        $urlpart = parse_url($datarray2['author-link']);
@@ -2938,9 +2978,6 @@ function item_is_remote_self($contact, &$datarray) {
                        $datarray['private'] = 0;
        }
 
-       //if (!isset($datarray["app"]) OR ($datarray["app"] == ""))
-       //      $datarray["app"] = network_to_name($contact['network']);
-
        if ($contact['network'] != NETWORK_FEED) {
                // Store the original post
                $r = item_store($datarray2, false, false);
@@ -4120,9 +4157,12 @@ function new_follower($importer,$contact,$datarray,$item,$sharing = false) {
        $name = notags(trim($datarray['author-name']));
        $photo = notags(trim($datarray['author-avatar']));
 
-       $rawtag = $item->get_item_tags(NAMESPACE_ACTIVITY,'actor');
-       if($rawtag && $rawtag[0]['child'][NAMESPACE_POCO]['preferredUsername'][0]['data'])
-               $nick = $rawtag[0]['child'][NAMESPACE_POCO]['preferredUsername'][0]['data'];
+       if (is_object($item)) {
+               $rawtag = $item->get_item_tags(NAMESPACE_ACTIVITY,'actor');
+               if($rawtag && $rawtag[0]['child'][NAMESPACE_POCO]['preferredUsername'][0]['data'])
+                       $nick = $rawtag[0]['child'][NAMESPACE_POCO]['preferredUsername'][0]['data'];
+       } else
+               $nick = $item;
 
        if(is_array($contact)) {
                if(($contact['network'] == NETWORK_OSTATUS && $contact['rel'] == CONTACT_IS_SHARING)
@@ -4364,8 +4404,9 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) {
                $o .= atom_author('dfrn:owner',$item['owner-name'],$item['owner-link'],80,80,$item['owner-avatar']);
 
        if(($item['parent'] != $item['id']) || ($item['parent-uri'] !== $item['uri']) || (($item['thr-parent'] !== '') && ($item['thr-parent'] !== $item['uri']))) {
+               $parent = q("SELECT `guid` FROM `item` WHERE `id` = %d", intval($item["parent"]));
                $parent_item = (($item['thr-parent']) ? $item['thr-parent'] : $item['parent-uri']);
-               $o .= '<thr:in-reply-to ref="' . xmlify($parent_item) . '" type="text/html" href="' .  xmlify($a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['parent']) . '" />' . "\r\n";
+               $o .= '<thr:in-reply-to ref="'.xmlify($parent_item).'" type="text/html" href="'.xmlify($a->get_baseurl().'/display/'.$parent[0]['guid']).'" />'."\r\n";
        }
 
        $htmlbody = $body;
@@ -4373,7 +4414,6 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) {
        if ($item['title'] != "")
                $htmlbody = "[b]".$item['title']."[/b]\n\n".$htmlbody;
 
-       //$htmlbody = bbcode(bb_remove_share_information($htmlbody), false, false, 7);
        $htmlbody = bbcode($htmlbody, false, false, 7);
 
        $o .= '<id>' . xmlify($item['uri']) . '</id>' . "\r\n";
@@ -4382,8 +4422,7 @@ function atom_entry($item,$type,$author,$owner,$comment = false,$cid = 0) {
        $o .= '<updated>' . xmlify(datetime_convert('UTC','UTC',$item['edited'] . '+00:00',ATOM_TIME)) . '</updated>' . "\r\n";
        $o .= '<dfrn:env>' . base64url_encode($body, true) . '</dfrn:env>' . "\r\n";
        $o .= '<content type="' . $type . '" >' . xmlify((($type === 'html') ? $htmlbody : $body)) . '</content>' . "\r\n";
-       $o .= '<link rel="alternate" type="text/html" href="' . xmlify($a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id']) . '" />' . "\r\n";
-
+       $o .= '<link rel="alternate" type="text/html" href="'.xmlify($a->get_baseurl().'/display/'.$item['guid']).'" />'."\r\n";
 
        $o .= '<status_net notice_id="'.$item['id'].'"></status_net>'."\r\n";