]> git.mxchange.org Git - friendica.git/blobdiff - mod/dfrn_poll.php
projects / friendica.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
bug in main.js for VideoJS on initial page load
[friendica.git] / mod / dfrn_poll.php
diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php
index 7d8568188e71cb7cfe2b9ad1038667251519deaa..90b3583b8696a7ddf48ee77a4b86c1b713f0f300 100644 (file)
--- a/mod/dfrn_poll.php
+++ b/mod/dfrn_poll.php
@@ -17,6 +17,7 @@ function dfrn_poll_init(&$a) {
        $sec             = ((x($_GET,'sec'))             ? $_GET['sec']                  : '');
        $dfrn_version    = ((x($_GET,'dfrn_version'))    ? (float) $_GET['dfrn_version'] : 2.0);
        $perm            = ((x($_GET,'perm'))            ? $_GET['perm']                 : 'r');
+       $quiet                   = ((x($_GET,'quiet'))                   ? true                                                  : false);
 
        $direction = (-1);
 
@@ -26,21 +27,26 @@ function dfrn_poll_init(&$a) {
                $dfrn_id   = substr($dfrn_id,2);
        }
 
-       if(($dfrn_id === '') && (! x($_POST,'dfrn_id')) && ($a->argc > 1)) {
+       if(($dfrn_id === '') && (! x($_POST,'dfrn_id'))) {
                if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
-                       killme();
+                       http_status_exit(403);
                }
 
-               $r = q("SELECT `hidewall` FROM `profile` LEFT JOIN `user` ON `profile`.`uid` = `user`.`uid` WHERE `user`.`nickname` = '%s' AND `profile`.`is-default` = 1 LIMIT 1",
-                       dbesc($a->argv[1])
-               );
-               if(count($r) && $r[0]['hidewall'])
-                       killme();
+               $user = '';
+               if($a->argc > 1) {
+                       $r = q("SELECT `hidewall`,`nickname` FROM `user` WHERE `user`.`nickname` = '%s' LIMIT 1",
+                               dbesc($a->argv[1])
+                       );
+                       if(! $r)
+                               http_status_exit(404);
+                       if(($r[0]['hidewall']) && (! local_user()))
+                               http_status_exit(403);
+                       $user = $r[0]['nickname'];
+               }
  
-               logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR'] );
+               logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR'] . ' for ' . $user);
                header("Content-type: application/atom+xml");
-               $o = get_feed_for($a, '', $a->argv[1],$last_update);
-               echo $o;
+               echo get_feed_for($a, '', $user,$last_update);
                killme();
        }
 
@@ -61,7 +67,7 @@ function dfrn_poll_init(&$a) {
                                $my_id = '0:' . $dfrn_id;
                                break;
                        default:
-                               goaway($a->get_baseurl());
+                               goaway(z_root());
                                break; // NOTREACHED
                }
 
@@ -84,10 +90,17 @@ function dfrn_poll_init(&$a) {
 
                                if((int) $xml->status == 1) {
                                        $_SESSION['authenticated'] = 1;
+                                       if(! x($_SESSION,'remote'))
+                                               $_SESSION['remote'] = array();
+
+                                       $_SESSION['remote'][] = array('cid' => $r[0]['id'],'uid' => $r[0]['uid'],'url' => $r[0]['url']);
+
                                        $_SESSION['visitor_id'] = $r[0]['id'];
                                        $_SESSION['visitor_home'] = $r[0]['url'];
+                                       $_SESSION['visitor_handle'] = $r[0]['addr'];
                                        $_SESSION['visitor_visiting'] = $r[0]['uid'];
-                                       info( sprintf(t('%s welcomes %s'), $r[0]['username'] , $r[0]['name']) . EOL);
+                                       if(!$quiet)
+                                               info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
                                        // Visitors get 1 day session.
                                        $session_id = session_id();
                                        $expire = time() + 86400;
@@ -100,7 +113,7 @@ function dfrn_poll_init(&$a) {
                        $profile = $r[0]['nickname'];
                        goaway((strlen($destination_url)) ? $destination_url : $a->get_baseurl() . '/profile/' . $profile);
                }
-               goaway($a->get_baseurl());
+               goaway(z_root());
 
        }
 
@@ -198,7 +211,7 @@ function dfrn_poll_post(&$a) {
        $ptype        = ((x($_POST,'type'))         ? $_POST['type']                 : '');
        $dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
        $perm         = ((x($_POST,'perm'))         ? $_POST['perm']                 : 'r');
-
+          
        if($ptype === 'profile-check') {
 
                if((strlen($challenge)) && (strlen($sec))) {
@@ -297,7 +310,7 @@ function dfrn_poll_post(&$a) {
                        $my_id = '0:' . $dfrn_id;
                        break;
                default:
-                       goaway($a->get_baseurl());
+                       goaway(z_root());
                        break; // NOTREACHED
        }
 
@@ -357,8 +370,8 @@ function dfrn_poll_post(&$a) {
                                        intval($contact_id)
                                );
                        }
-               }                               
-
+               }
+                               
                header("Content-type: application/atom+xml");
                $o = get_feed_for($a,$dfrn_id, $a->argv[1], $last_update, $direction);
                echo $o;
@@ -376,6 +389,7 @@ function dfrn_poll_content(&$a) {
        $sec             = ((x($_GET,'sec'))             ? $_GET['sec']                  : '');
        $dfrn_version    = ((x($_GET,'dfrn_version'))    ? (float) $_GET['dfrn_version'] : 2.0);
        $perm            = ((x($_GET,'perm'))            ? $_GET['perm']                 : 'r');
+       $quiet                   = ((x($_GET,'quiet'))                   ? true                                                  : false);
 
        $direction = (-1);
        if(strpos($dfrn_id,':') == 1) {
@@ -420,15 +434,17 @@ function dfrn_poll_content(&$a) {
                                $my_id = '0:' . $dfrn_id;
                                break;
                        default:
-                               goaway($a->get_baseurl());
+                               goaway(z_root());
                                break; // NOTREACHED
                }
 
+               $nickname = $a->argv[1];
+
                $r = q("SELECT `contact`.*, `user`.`username`, `user`.`nickname` 
                        FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
                        WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 
                        AND `user`.`nickname` = '%s' $sql_extra LIMIT 1",
-                       dbesc($a->argv[1])
+                       dbesc($nickname)
                );
 
                if(count($r)) {
@@ -437,7 +453,7 @@ function dfrn_poll_content(&$a) {
                        $encrypted_id = '';
                        $id_str = $my_id . '.' . mt_rand(1000,9999);
 
-                       if($r[0]['duplex'] && strlen($r[0]['pubkey'])) {
+                       if(($r[0]['duplex'] && strlen($r[0]['pubkey'])) || (! strlen($r[0]['prvkey']))) {
                                openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']);
                                openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']);
                        }
@@ -478,11 +494,11 @@ function dfrn_poll_content(&$a) {
                                ));
                        }
                        
-                       $profile = $r[0]['nickname'];
+                       $profile = ((count($r) && $r[0]['nickname']) ? $r[0]['nickname'] : $nickname);
 
                        switch($destination_url) {
                                case 'profile':
-                                       $dest = $a->get_baseurl() . '/profile/' . $profile . '?tab=profile';
+                                       $dest = $a->get_baseurl() . '/profile/' . $profile . '?f=&tab=profile';
                                        break;
                                case 'photos':
                                        $dest = $a->get_baseurl() . '/photos/' . $profile;
@@ -492,7 +508,7 @@ function dfrn_poll_content(&$a) {
                                        $dest = $a->get_baseurl() . '/profile/' . $profile;
                                        break;          
                                default:
-                                       $dest = $destination_url;
+                                       $dest = $destination_url . '?f=&redir=1';
                                        break;
                        }
 
@@ -510,10 +526,14 @@ function dfrn_poll_content(&$a) {
                                
                                if(((int) $xml->status == 0) && ($xml->challenge == $hash)  && ($xml->sec == $sec)) {
                                        $_SESSION['authenticated'] = 1;
+                                       if(! x($_SESSION,'remote'))
+                                               $_SESSION['remote'] = array();
+                                       $_SESSION['remote'][] = array('cid' => $r[0]['id'],'uid' => $r[0]['uid'],'url' => $r[0]['url']);
                                        $_SESSION['visitor_id'] = $r[0]['id'];
                                        $_SESSION['visitor_home'] = $r[0]['url'];
                                        $_SESSION['visitor_visiting'] = $r[0]['uid'];
-                                       info( sprintf(t('%s welcomes %s'), $r[0]['username'] , $r[0]['name']) . EOL);
+                                       if(!$quiet)
+                                               info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
                                        // Visitors get 1 day session.
                                        $session_id = session_id();
                                        $expire = time() + 86400;
Unnamed repository; edit this file 'description' to name the repository.