* @file include/network.php
*/
-use \Friendica\Core\Config;
+use Friendica\App;
+use Friendica\Core\System;
+use Friendica\Core\Config;
+use Friendica\Network\Probe;
require_once("include/xml.php");
-require_once('include/Probe.php');
/**
* @brief Curl wrapper
* string 'header' => HTTP headers
* string 'body' => fetched content
*/
-function z_fetch_url($url,$binary = false, &$redirects = 0, $opts=array()) {
-
- $ret = array('return_code' => 0, 'success' => false, 'header' => "", 'body' => "");
-
+function z_fetch_url($url, $binary = false, &$redirects = 0, $opts = array()) {
+ $ret = array('return_code' => 0, 'success' => false, 'header' => '', 'info' => '', 'body' => '');
$stamp1 = microtime(true);
$a = get_app();
+ if (blocked_url($url)) {
+ logger('z_fetch_url: domain of ' . $url . ' is blocked', LOGGER_DATA);
+ return $ret;
+ }
+
$ch = @curl_init($url);
- if(($redirects > 8) || (! $ch)) {
+
+ if (($redirects > 8) || (!$ch)) {
return $ret;
}
@curl_setopt($ch, CURLOPT_HEADER, true);
- if (x($opts,"cookiejar")) {
+ if (x($opts, "cookiejar")) {
curl_setopt($ch, CURLOPT_COOKIEJAR, $opts["cookiejar"]);
curl_setopt($ch, CURLOPT_COOKIEFILE, $opts["cookiejar"]);
}
// @curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
// @curl_setopt($ch, CURLOPT_MAXREDIRS, 5);
- if (x($opts,'accept_content')){
- curl_setopt($ch,CURLOPT_HTTPHEADER, array (
- "Accept: " . $opts['accept_content']
+ if (x($opts, 'accept_content')) {
+ curl_setopt($ch, CURLOPT_HTTPHEADER, array(
+ 'Accept: ' . $opts['accept_content']
));
}
- @curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
+ @curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
@curl_setopt($ch, CURLOPT_USERAGENT, $a->get_useragent());
$range = intval(Config::get('system', 'curl_range_bytes', 0));
+
if ($range > 0) {
- @curl_setopt($ch, CURLOPT_RANGE, '0-'.$range);
+ @curl_setopt($ch, CURLOPT_RANGE, '0-' . $range);
}
- if (x($opts,'headers')){
+ // Without this setting it seems as if some webservers send compressed content
+ // This seems to confuse curl so that it shows this uncompressed.
+ /// @todo We could possibly set this value to "gzip" or something similar
+ curl_setopt($ch, CURLOPT_ENCODING, '');
+
+ if (x($opts, 'headers')) {
@curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']);
}
- if (x($opts,'nobody')){
+
+ if (x($opts, 'nobody')) {
@curl_setopt($ch, CURLOPT_NOBODY, $opts['nobody']);
}
- if (x($opts,'timeout')){
+
+ if (x($opts, 'timeout')) {
@curl_setopt($ch, CURLOPT_TIMEOUT, $opts['timeout']);
} else {
- $curl_time = intval(get_config('system','curl_timeout'));
+ $curl_time = intval(Config::get('system', 'curl_timeout'));
@curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60));
}
// by default we will allow self-signed certs
// but you can override this
- $check_cert = get_config('system','verifyssl');
+ $check_cert = Config::get('system', 'verifyssl');
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
+
if ($check_cert) {
@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
}
- $prx = get_config('system','proxy');
- if (strlen($prx)) {
+ $proxy = Config::get('system', 'proxy');
+
+ if (strlen($proxy)) {
@curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
- @curl_setopt($ch, CURLOPT_PROXY, $prx);
- $prxusr = @get_config('system','proxyuser');
- if (strlen($prxusr))
- @curl_setopt($ch, CURLOPT_PROXYUSERPWD, $prxusr);
+ @curl_setopt($ch, CURLOPT_PROXY, $proxy);
+ $proxyuser = @Config::get('system', 'proxyuser');
+
+ if (strlen($proxyuser)) {
+ @curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyuser);
+ }
+ }
+
+ if (Config::get('system', 'ipv4_resolve', false)) {
+ curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
+ }
+
+ if ($binary) {
+ @curl_setopt($ch, CURLOPT_BINARYTRANSFER, 1);
}
- if ($binary)
- @curl_setopt($ch, CURLOPT_BINARYTRANSFER,1);
$a->set_curl_code(0);
// if it throws any errors.
$s = @curl_exec($ch);
+ $curl_info = @curl_getinfo($ch);
+
+ // Special treatment for HTTP Code 416
+ // See https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/416
+ if (($curl_info['http_code'] == 416) && ($range > 0)) {
+ @curl_setopt($ch, CURLOPT_RANGE, '');
+ $s = @curl_exec($ch);
+ $curl_info = @curl_getinfo($ch);
+ }
+
if (curl_errno($ch) !== CURLE_OK) {
- logger('fetch_url error fetching '.$url.': '.curl_error($ch), LOGGER_NORMAL);
+ logger('fetch_url error fetching ' . $url . ': ' . curl_error($ch), LOGGER_NORMAL);
}
$ret['errno'] = curl_errno($ch);
$base = $s;
- $curl_info = @curl_getinfo($ch);
+ $ret['info'] = $curl_info;
$http_code = $curl_info['http_code'];
- logger('fetch_url '.$url.': '.$http_code." ".$s, LOGGER_DATA);
+
+ logger('fetch_url ' . $url . ': ' . $http_code . " " . $s, LOGGER_DATA);
$header = '';
// Pull out multiple headers, e.g. proxy and continuation headers
// allow for HTTP/2.x without fixing code
- while (preg_match('/^HTTP\/[1-2].+? [1-5][0-9][0-9]/',$base)) {
- $chunk = substr($base,0,strpos($base,"\r\n\r\n")+4);
+ while (preg_match('/^HTTP\/[1-2].+? [1-5][0-9][0-9]/', $base)) {
+ $chunk = substr($base, 0, strpos($base,"\r\n\r\n") + 4);
$header .= $chunk;
- $base = substr($base,strlen($chunk));
+ $base = substr($base, strlen($chunk));
}
$a->set_curl_code($http_code);
$a->set_curl_headers($header);
if ($http_code == 301 || $http_code == 302 || $http_code == 303 || $http_code == 307) {
- $new_location_info = @parse_url($curl_info["redirect_url"]);
- $old_location_info = @parse_url($curl_info["url"]);
+ $new_location_info = @parse_url($curl_info['redirect_url']);
+ $old_location_info = @parse_url($curl_info['url']);
- $newurl = $curl_info["redirect_url"];
+ $newurl = $curl_info['redirect_url'];
- if (($new_location_info["path"] == "") AND ($new_location_info["host"] != ""))
- $newurl = $new_location_info["scheme"]."://".$new_location_info["host"].$old_location_info["path"];
+ if (($new_location_info['path'] == '') && ( $new_location_info['host'] != '')) {
+ $newurl = $new_location_info['scheme'] . '://' . $new_location_info['host'] . $old_location_info['path'];
+ }
$matches = array();
+
if (preg_match('/(Location:|URI:)(.*?)\n/i', $header, $matches)) {
$newurl = trim(array_pop($matches));
}
- if (strpos($newurl,'/') === 0)
+ if (strpos($newurl,'/') === 0) {
$newurl = $old_location_info["scheme"]."://".$old_location_info["host"].$newurl;
+ }
+
if (filter_var($newurl, FILTER_VALIDATE_URL)) {
$redirects++;
@curl_close($ch);
- return z_fetch_url($newurl,$binary, $redirects, $opts);
+ return z_fetch_url($newurl, $binary, $redirects, $opts);
}
}
-
$a->set_curl_code($http_code);
$a->set_curl_content_type($curl_info['content_type']);
- $body = substr($s,strlen($header));
-
-
+ $body = substr($s, strlen($header));
$rc = intval($http_code);
$ret['return_code'] = $rc;
$ret['success'] = (($rc >= 200 && $rc <= 299) ? true : false);
$ret['redirect_url'] = $url;
- if (! $ret['success']) {
+
+ if (!$ret['success']) {
$ret['error'] = curl_error($ch);
$ret['debug'] = $curl_info;
- logger('z_fetch_url: error: ' . $url . ': ' . $ret['error'], LOGGER_DEBUG);
- logger('z_fetch_url: debug: ' . print_r($curl_info,true), LOGGER_DATA);
+ logger('z_fetch_url: error: '.$url.': '.$ret['return_code'].' - '.$ret['error'], LOGGER_DEBUG);
+ logger('z_fetch_url: debug: '.print_r($curl_info, true), LOGGER_DATA);
}
- $ret['body'] = substr($s,strlen($header));
+
+ $ret['body'] = substr($s, strlen($header));
$ret['header'] = $header;
- if (x($opts,'debug')) {
+
+ if (x($opts, 'debug')) {
$ret['debug'] = $curl_info;
}
+
@curl_close($ch);
- $a->save_timestamp($stamp1, "network");
+ $a->save_timestamp($stamp1, 'network');
return($ret);
-
}
-// post request to $url. $params is an array of post variables.
-
/**
- * @brief Post request to $url
+ * @brief Send POST request to $url
*
* @param string $url URL to post
- * @param mixed $params
+ * @param mixed $params array of POST variables
* @param string $headers HTTP headers
* @param integer $redirects Recursion counter for internal use - default = 0
* @param integer $timeout The timeout in seconds, default system config value or 60 seconds
*
* @return string The content
*/
-function post_url($url,$params, $headers = null, &$redirects = 0, $timeout = 0) {
+function post_url($url, $params, $headers = null, &$redirects = 0, $timeout = 0) {
$stamp1 = microtime(true);
+ if (blocked_url($url)) {
+ logger('post_url: domain of ' . $url . ' is blocked', LOGGER_DATA);
+ return false;
+ }
+
$a = get_app();
$ch = curl_init($url);
- if (($redirects > 8) || (! $ch))
+
+ if (($redirects > 8) || (!$ch)) {
return false;
+ }
- logger("post_url: start ".$url, LOGGER_DATA);
+ logger('post_url: start ' . $url, LOGGER_DATA);
curl_setopt($ch, CURLOPT_HEADER, true);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
- curl_setopt($ch, CURLOPT_POST,1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,$params);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+ curl_setopt($ch, CURLOPT_POST, 1);
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
curl_setopt($ch, CURLOPT_USERAGENT, $a->get_useragent());
+ if (Config::get('system', 'ipv4_resolve', false)) {
+ curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
+ }
+
if (intval($timeout)) {
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
- }
- else {
- $curl_time = intval(get_config('system','curl_timeout'));
+ } else {
+ $curl_time = intval(Config::get('system', 'curl_timeout'));
curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60));
}
}
}
}
- if ($headers)
+
+ if ($headers) {
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
+ }
- $check_cert = get_config('system','verifyssl');
+ $check_cert = Config::get('system', 'verifyssl');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
+
if ($check_cert) {
@curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
}
- $prx = get_config('system','proxy');
- if (strlen($prx)) {
+
+ $proxy = Config::get('system', 'proxy');
+
+ if (strlen($proxy)) {
curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
- curl_setopt($ch, CURLOPT_PROXY, $prx);
- $prxusr = get_config('system','proxyuser');
- if (strlen($prxusr))
- curl_setopt($ch, CURLOPT_PROXYUSERPWD, $prxusr);
+ curl_setopt($ch, CURLOPT_PROXY, $proxy);
+ $proxyuser = Config::get('system', 'proxyuser');
+ if (strlen($proxyuser)) {
+ curl_setopt($ch, CURLOPT_PROXYUSERPWD, $proxyuser);
+ }
}
$a->set_curl_code(0);
$curl_info = curl_getinfo($ch);
$http_code = $curl_info['http_code'];
- logger("post_url: result ".$http_code." - ".$url, LOGGER_DATA);
+ logger('post_url: result ' . $http_code . ' - ' . $url, LOGGER_DATA);
$header = '';
// Pull out multiple headers, e.g. proxy and continuation headers
// allow for HTTP/2.x without fixing code
- while (preg_match('/^HTTP\/[1-2].+? [1-5][0-9][0-9]/',$base)) {
- $chunk = substr($base,0,strpos($base,"\r\n\r\n")+4);
+ while (preg_match('/^HTTP\/[1-2].+? [1-5][0-9][0-9]/', $base)) {
+ $chunk = substr($base, 0, strpos($base, "\r\n\r\n") + 4);
$header .= $chunk;
- $base = substr($base,strlen($chunk));
+ $base = substr($base, strlen($chunk));
}
if ($http_code == 301 || $http_code == 302 || $http_code == 303 || $http_code == 307) {
$matches = array();
preg_match('/(Location:|URI:)(.*?)\n/', $header, $matches);
$newurl = trim(array_pop($matches));
- if (strpos($newurl,'/') === 0)
+
+ if (strpos($newurl, '/') === 0) {
$newurl = $old_location_info["scheme"] . "://" . $old_location_info["host"] . $newurl;
+ }
+
if (filter_var($newurl, FILTER_VALIDATE_URL)) {
$redirects++;
- logger("post_url: redirect ".$url." to ".$newurl);
- return post_url($newurl,$params, $headers, $redirects, $timeout);
- //return fetch_url($newurl,false,$redirects,$timeout);
+ logger('post_url: redirect ' . $url . ' to ' . $newurl);
+ return post_url($newurl, $params, $headers, $redirects, $timeout);
}
}
+
$a->set_curl_code($http_code);
- $body = substr($s,strlen($header));
+
+ $body = substr($s, strlen($header));
$a->set_curl_headers($header);
curl_close($ch);
- $a->save_timestamp($stamp1, "network");
+ $a->save_timestamp($stamp1, 'network');
- logger("post_url: end ".$url, LOGGER_DATA);
+ logger('post_url: end ' . $url, LOGGER_DATA);
- return($body);
+ return $body;
}
// Generic XML return
function xml_status($st, $message = '') {
- $xml_message = ((strlen($message)) ? "\t<message>" . xmlify($message) . "</message>\r\n" : '');
+ $result = array('status' => $st);
- if ($st)
+ if ($message != '') {
+ $result['message'] = $message;
+ }
+
+ if ($st) {
logger('xml_status returning non_zero: ' . $st . " message=" . $message);
+ }
+
+ header("Content-type: text/xml");
+
+ $xmldata = array("result" => $result);
+
+ echo xml::from_array($xmldata, $xml);
- header( "Content-type: text/xml" );
- echo '<?xml version="1.0" encoding="UTF-8"?>'."\r\n";
- echo "<result>\r\n\t<status>$st</status>\r\n$xml_message</result>\r\n";
killme();
}
* @return boolean True if it's a valid URL, fals if something wrong with it
*/
function validate_url(&$url) {
- if (get_config('system','disable_url_validation'))
+ if (Config::get('system','disable_url_validation'))
return true;
// no naked subdomains (allow localhost for tests)
*/
function validate_email($addr) {
- if (get_config('system','disable_email_validation'))
+ if (Config::get('system','disable_email_validation'))
return true;
if (! strpos($addr,'@'))
return false;
}
- $str_allowed = get_config('system','allowed_sites');
- if (! $str_allowed)
+ $str_allowed = Config::get('system', 'allowed_sites');
+ if (! $str_allowed) {
return true;
+ }
$found = false;
$host = strtolower($h['host']);
// always allow our own site
-
- if ($host == strtolower($_SERVER['SERVER_NAME']))
+ if ($host == strtolower($_SERVER['SERVER_NAME'])) {
return true;
+ }
$fnmatch = function_exists('fnmatch');
- $allowed = explode(',',$str_allowed);
+ $allowed = explode(',', $str_allowed);
if (count($allowed)) {
foreach ($allowed as $a) {
$pat = strtolower(trim($a));
- if (($fnmatch && fnmatch($pat,$host)) || ($pat == $host)) {
+ if (($fnmatch && fnmatch($pat, $host)) || ($pat == $host)) {
$found = true;
break;
}
return $found;
}
+/**
+ * Checks if the provided url domain is on the domain blocklist.
+ * Returns true if it is or malformed URL, false if not.
+ *
+ * @param string $url The url to check the domain from
+ * @return boolean
+ */
+function blocked_url($url) {
+ $h = @parse_url($url);
+
+ if (! $h) {
+ return true;
+ }
+
+ $domain_blocklist = Config::get('system', 'blocklist', array());
+ if (! $domain_blocklist) {
+ return false;
+ }
+
+ $host = strtolower($h['host']);
+
+ foreach ($domain_blocklist as $domain_block) {
+ if (strtolower($domain_block['domain']) == $host) {
+ return true;
+ }
+ }
+
+ return false;
+}
+
/**
* @brief Check if email address is allowed to register here.
*
return false;
}
- $str_allowed = get_config('system','allowed_email');
+ $str_allowed = Config::get('system','allowed_email');
if (! $str_allowed) {
return true;
}
call_hooks('avatar_lookup', $avatar);
if (! $avatar['success']) {
- $avatar['url'] = App::get_baseurl() . '/images/person-175.jpg';
+ $avatar['url'] = System::baseUrl() . '/images/person-175.jpg';
}
logger('Avatar: ' . $avatar['email'] . ' ' . $avatar['url'], LOGGER_DEBUG);
}
-function parse_xml_string($s,$strict = true) {
+function parse_xml_string($s, $strict = true) {
+ // the "strict" parameter is deactivated
+
/// @todo Move this function to the xml class
- if ($strict) {
- if (! strstr($s,'<?xml'))
- return false;
- $s2 = substr($s,strpos($s,'<?xml'));
- }
- else
- $s2 = $s;
libxml_use_internal_errors(true);
- $x = @simplexml_load_string($s2);
- if (! $x) {
- logger('libxml: parse: error: ' . $s2, LOGGER_DATA);
+ $x = @simplexml_load_string($s);
+ if (!$x) {
+ logger('libxml: parse: error: ' . $s, LOGGER_DATA);
foreach (libxml_get_errors() as $err) {
logger('libxml: parse: ' . $err->code." at ".$err->line.":".$err->column." : ".$err->message, LOGGER_DATA);
}
function scale_external_images($srctext, $include_link = true, $scale_replace = false) {
// Suppress "view full size"
- if (intval(get_config('system','no_view_full_size'))) {
+ if (intval(Config::get('system','no_view_full_size'))) {
$include_link = false;
}
foreach ($matches as $mtch) {
logger('scale_external_image: ' . $mtch[1]);
- $hostname = str_replace('www.','',substr(App::get_baseurl(),strpos(App::get_baseurl(),'://')+3));
+ $hostname = str_replace('www.','',substr(System::baseUrl(),strpos(System::baseUrl(),'://')+3));
if (stristr($mtch[1],$hostname)) {
continue;
}
}
if ($ssl_changed) {
- q("UPDATE `contact` SET
- `url` = '%s',
- `request` = '%s',
- `notify` = '%s',
- `poll` = '%s',
- `confirm` = '%s',
- `poco` = '%s'
- WHERE `id` = %d LIMIT 1",
- dbesc($contact['url']),
- dbesc($contact['request']),
- dbesc($contact['notify']),
- dbesc($contact['poll']),
- dbesc($contact['confirm']),
- dbesc($contact['poco']),
- intval($contact['id'])
- );
+ $fields = array('url' => $contact['url'], 'request' => $contact['request'],
+ 'notify' => $contact['notify'], 'poll' => $contact['poll'],
+ 'confirm' => $contact['confirm'], 'poco' => $contact['poco']);
+ dba::update('contact', $fields, array('id' => $contact['id']));
}
}
if ($http_code == 0)
return($url);
- if ((($curl_info['http_code'] == "301") OR ($curl_info['http_code'] == "302"))
- AND (($curl_info['redirect_url'] != "") OR ($curl_info['location'] != ""))) {
+ if ((($curl_info['http_code'] == "301") || ($curl_info['http_code'] == "302"))
+ && (($curl_info['redirect_url'] != "") || ($curl_info['location'] != ""))) {
if ($curl_info['redirect_url'] != "")
return(original_url($curl_info['redirect_url'], ++$depth, $fetchbody));
else
return($url);
// if it isn't a HTML file then exit
- if (($curl_info["content_type"] != "") AND !strstr(strtolower($curl_info["content_type"]),"html"))
+ if (($curl_info["content_type"] != "") && !strstr(strtolower($curl_info["content_type"]),"html"))
return($url);
$stamp1 = microtime(true);
function short_link($url) {
require_once('library/slinky.php');
$slinky = new Slinky($url);
- $yourls_url = get_config('yourls','url1');
+ $yourls_url = Config::get('yourls','url1');
if ($yourls_url) {
- $yourls_username = get_config('yourls','username1');
- $yourls_password = get_config('yourls', 'password1');
- $yourls_ssl = get_config('yourls', 'ssl1');
+ $yourls_username = Config::get('yourls','username1');
+ $yourls_password = Config::get('yourls', 'password1');
+ $yourls_ssl = Config::get('yourls', 'ssl1');
$yourls = new Slinky_YourLS();
$yourls->set('username', $yourls_username);
$yourls->set('password', $yourls_password);
*/
function matching_url($url1, $url2) {
- if (($url1 == "") OR ($url2 == ""))
+ if (($url1 == "") || ($url2 == ""))
return "";
$url1 = normalise_link($url1);
$parts1 = parse_url($url1);
$parts2 = parse_url($url2);
- if (!isset($parts1["host"]) OR !isset($parts2["host"]))
+ if (!isset($parts1["host"]) || !isset($parts2["host"]))
return "";
if ($parts1["scheme"] != $parts2["scheme"])
if ($path1 == $path2)
$path .= $path1."/";
- } while (($path1 == $path2) AND ($i++ <= count($pathparts1)));
+ } while (($path1 == $path2) && ($i++ <= count($pathparts1)));
$match .= $path;
return normalise_link($match);
}
+
+/**
+ * @brief Glue url parts together
+ *
+ * @param array $parsed URL parts
+ *
+ * @return string The glued URL
+ */
+function unParseUrl($parsed) {
+ $get = function ($key) use ($parsed) {
+ return isset($parsed[$key]) ? $parsed[$key] : null;
+ };
+
+ $pass = $get('pass');
+ $user = $get('user');
+ $userinfo = $pass !== null ? "$user:$pass" : $user;
+ $port = $get('port');
+ $scheme = $get('scheme');
+ $query = $get('query');
+ $fragment = $get('fragment');
+ $authority =
+ ($userinfo !== null ? $userinfo."@" : '') .
+ $get('host') .
+ ($port ? ":$port" : '');
+
+ return (strlen($scheme) ? $scheme.":" : '') .
+ (strlen($authority) ? "//".$authority : '') .
+ $get('path') .
+ (strlen($query) ? "?".$query : '') .
+ (strlen($fragment) ? "#".$fragment : '');
+}
projects / friendica.git / blobdiff