]> git.mxchange.org Git - friendica.git/blobdiff - mod/dfrn_request.php
projects / friendica.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Let an item be accssible via the GUI (additionally to uid and item id)
[friendica.git] / mod / dfrn_request.php
diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php
index 80d27ac308adab0dcf4db8c3e7bf39d333ddf73b..c18b1670d0ff41642192145912fe3fa1c63469fe 100644 (file)
--- a/mod/dfrn_request.php
+++ b/mod/dfrn_request.php
@@ -68,21 +68,21 @@ function dfrn_request_post(&$a) {
                        $dfrn_url    = notags(trim($_POST['dfrn_url']));
                        $aes_allow   = (((x($_POST,'aes_allow')) && ($_POST['aes_allow'] == 1)) ? 1 : 0);
                        $confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : "");
-
+                       $hidden = ((x($_POST,'hidden-contact')) ? intval($_POST['hidden-contact']) : 0);
                        $contact_record = null;
-       
+
                        if(x($dfrn_url)) {
 
                                /**
                                 * Lookup the contact based on their URL (which is the only unique thing we have at the moment)
                                 */
-       
+
                                $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND (`url` = '%s' OR `nurl` = '%s') AND `self` = 0 LIMIT 1",
                                        intval(local_user()),
                                        dbesc($dfrn_url),
                                        dbesc(normalise_link($dfrn_url))
                                );
-       
+
                                if(count($r)) {
                                        if(strlen($r[0]['dfrn-id'])) {
 
@@ -96,20 +96,21 @@ function dfrn_request_post(&$a) {
                                        else
                                                $contact_record = $r[0];
                                }
-       
+
                                if(is_array($contact_record)) {
-                                       $r = q("UPDATE `contact` SET `ret-aes` = %d WHERE `id` = %d LIMIT 1",
+                                       $r = q("UPDATE `contact` SET `ret-aes` = %d, hidden = %d WHERE `id` = %d",
                                                intval($aes_allow),
+                                               intval($hidden),
                                                intval($contact_record['id'])
                                        );
                                }
                                else {
-       
+
                                        /**
                                         * Scrape the other site's profile page to pick up the dfrn links, key, fn, and photo
                                         */
 
-                                       require_once('Scrape.php');
+                                       require_once('include/Scrape.php');
        
                                        $parms = scrape_dfrn($dfrn_url);
        
@@ -144,8 +145,8 @@ function dfrn_request_post(&$a) {
                                         */
 
                                        $r = q("INSERT INTO `contact` ( `uid`, `created`,`url`, `nurl`, `name`, `nick`, `photo`, `site-pubkey`,
-                                               `request`, `confirm`, `notify`, `poll`, `poco`, `network`, `aes_allow`) 
-                                               VALUES ( %d, '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)",
+                                               `request`, `confirm`, `notify`, `poll`, `poco`, `network`, `aes_allow`, `hidden`
+                                               VALUES ( %d, '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d)",
                                                intval(local_user()),
                                                datetime_convert(),
                                                dbesc($dfrn_url),
@@ -160,7 +161,8 @@ function dfrn_request_post(&$a) {
                                                $parms['dfrn-poll'],
                                                $parms['dfrn-poco'],
                                                dbesc(NETWORK_DFRN),
-                                               intval($aes_allow)
+                                               intval($aes_allow),
+                                               intval($hidden)
                                        );
                                }
 
@@ -168,6 +170,21 @@ function dfrn_request_post(&$a) {
                                        info( t("Introduction complete.") . EOL);
                                }
 
+                               $r = q("select id from contact where uid = %d and url = '%s' and `site-pubkey` = '%s' limit 1",
+                                       intval(local_user()),
+                                       dbesc($dfrn_url),
+                                       $parms['key'] // this was already escaped
+                               );
+                               if(count($r)) {
+                                       $g = q("select def_gid from user where uid = %d limit 1",
+                                               intval(local_user())
+                                       );
+                                       if($g && intval($g[0]['def_gid'])) {
+                                               require_once('include/group.php');
+                                               group_add_member(local_user(),'',$r[0]['id'],$g[0]['def_gid']);
+                                       }
+                               }
+
                                /**
                                 * Allow the blocked remote notification to complete
                                 */
@@ -261,16 +278,16 @@ function dfrn_request_post(&$a) {
                        WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0 
                        AND `contact`.`network` != '%s'
                        AND `intro`.`datetime` < UTC_TIMESTAMP() - INTERVAL 30 MINUTE ",
-                       dbesc(NETWORK_MAIL)
+                       dbesc(NETWORK_MAIL2)
                );
                if(count($r)) {
                        foreach($r as $rr) {
                                if(! $rr['rel']) {
-                                       q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1",
+                                       q("DELETE FROM `contact` WHERE `id` = %d",
                                                intval($rr['cid'])
                                        );
                                }
-                               q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1",
+                               q("DELETE FROM `intro` WHERE `id` = %d",
                                        intval($rr['iid'])
                                );
                        }
@@ -281,26 +298,28 @@ function dfrn_request_post(&$a) {
                 * Cleanup any old email intros - which will have a greater lifetime
                 */
 
-               $r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel` 
+               $r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel`
                        FROM `intro` LEFT JOIN `contact` on `intro`.`contact-id` = `contact`.`id`
-                       WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0 
+                       WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0
                        AND `contact`.`network` = '%s'
                        AND `intro`.`datetime` < UTC_TIMESTAMP() - INTERVAL 3 DAY ",
-                       dbesc(NETWORK_MAIL)
+                       dbesc(NETWORK_MAIL2)
                );
                if(count($r)) {
                        foreach($r as $rr) {
                                if(! $rr['rel']) {
-                                       q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1",
+                                       q("DELETE FROM `contact` WHERE `id` = %d",
                                                intval($rr['cid'])
                                        );
                                }
-                               q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1",
+                               q("DELETE FROM `intro` WHERE `id` = %d",
                                        intval($rr['iid'])
                                );
                        }
                }
 
+               $email_follow = (x($_POST,'email_follow') ? intval($_POST['email_follow']) : 0);
+               $real_name = (x($_POST,'realname') ? notags(trim($_POST['realname'])) : '');
 
                $url = trim($_POST['dfrn_url']);
                if(! strlen($url)) {
@@ -308,23 +327,135 @@ function dfrn_request_post(&$a) {
                        return;
                }
 
-               // Canonicalise email-style profile locator
-
                $hcard = '';
-               $url = webfinger_dfrn($url,$hcard);
 
-               if(substr($url,0,5) === 'stat:') {
-                       $network = NETWORK_OSTATUS;
-                       $url = substr($url,5);
+               if($email_follow) {
+
+                       if(! validate_email($url)) {
+                               notice( t('Invalid email address.') . EOL);
+                               return;
+                       }
+
+                       $addr    = $url;
+                       $name    = ($realname) ? $realname : $addr;
+                       $nick    = substr($addr,0,strpos($addr,'@'));
+                       $url     = 'http://' . substr($addr,strpos($addr,'@') + 1);
+                       $nurl    = normalise_url($host);
+                       $poll    = 'email ' . random_string();
+                       $notify  = 'smtp ' . random_string();
+                       $blocked = 1;
+                       $pending = 1;
+                       $network = NETWORK_MAIL2;
+                       $rel     = CONTACT_IS_FOLLOWER;
+
+                       $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
+                       if(get_config('system','dfrn_only'))
+                               $mail_disabled = 1;
+
+                       if(! $mail_disabled) {
+                               $failed = false;
+                               $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1",
+                                       intval($uid)
+                               );
+                               if(! count($r)) {
+
+                                       notice( t('This account has not been configured for email. Request failed.') . EOL);
+                                       return;
+                               }
+                       }
+
+                       $r = q("insert into contact ( uid, created, addr, name, nick, url, nurl, poll, notify, blocked, pending, network, rel )
+                               values( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d ) ",
+                               intval($uid),
+                               dbesc(datetime_convert()),
+                               dbesc($addr),
+                               dbesc($name),
+                               dbesc($nick),
+                               dbesc($url),
+                               dbesc($nurl),
+                               dbesc($poll),
+                               dbesc($notify),
+                               intval($blocked),
+                               intval($pending),
+                               dbesc($network),
+                               intval($rel)
+                       );
+
+                       $r = q("select id from contact where poll = '%s' and uid = %d limit 1",
+                               dbesc($poll),
+                               intval($uid)
+                       );
+                       if(count($r)) {
+                               $contact_id = $r[0]['id'];
+
+                               $g = q("select def_gid from user where uid = %d limit 1",
+                                       intval($uid)
+                               );
+                               if($g && intval($g[0]['def_gid'])) {
+                                       require_once('include/group.php');
+                                       group_add_member($uid,'',$contact_id,$g[0]['def_gid']);
+                               }
+
+                               $photo = avatar_img($addr);
+
+                               $r = q("UPDATE `contact` SET 
+                                       `photo` = '%s', 
+                                       `thumb` = '%s',
+                                       `micro` = '%s', 
+                                       `name-date` = '%s', 
+                                       `uri-date` = '%s', 
+                                       `avatar-date` = '%s', 
+                                       `hidden` = 0,
+                                       WHERE `id` = %d
+                               ",
+                                       dbesc($photos[0]),
+                                       dbesc($photos[1]),
+                                       dbesc($photos[2]),
+                                       dbesc(datetime_convert()),
+                                       dbesc(datetime_convert()),
+                                       dbesc(datetime_convert()),
+                                       intval($contact_id)
+                               );
+                       }
+
+                       // contact is created. Now create an introduction
+
+                       $hash = random_string();
+
+                       $r = q("insert into intro ( uid, `contact-id`, knowyou, note, hash, datetime, blocked )
+                               values( %d , %d, %d, '%s', '%s', '%s', %d ) ",
+                               intval($uid),
+                               intval($contact_id),
+                               ((x($_POST,'knowyou') && ($_POST['knowyou'] == 1)) ? 1 : 0),
+                               dbesc(notags(trim($_POST['dfrn-request-message']))),
+                               dbesc($hash),
+                               dbesc(datetime_convert()),
+                               1
+                       );
+                               
+                       // Next send an email verify form to the requestor.
+
                }
+
                else {
-                       $network = NETWORK_DFRN;
+
+                       // Canonicalise email-style profile locator
+
+                       $url = webfinger_dfrn($url,$hcard);
+
+                       if(substr($url,0,5) === 'stat:') {
+                               $network = NETWORK_OSTATUS;
+                               $url = substr($url,5);
+                       }
+                       else {
+                               $network = NETWORK_DFRN;
+                       }
                }
 
                logger('dfrn_request: url: ' . $url);
 
                if(! strlen($url)) {
-                       notice( t("Unable to resolve your name at the provided location.") . EOL);                      
+                       notice( t("Unable to resolve your name at the provided location.") . EOL);
                        return;
                }
 
@@ -355,7 +486,7 @@ function dfrn_request_post(&$a) {
                        if(is_array($contact_record)) {
                                // There is a contact record but no issued-id, so this
                                // is a reciprocal introduction from a known contact
-                               $r = q("UPDATE `contact` SET `issued-id` = '%s' WHERE `id` = %d LIMIT 1",
+                               $r = q("UPDATE `contact` SET `issued-id` = '%s' WHERE `id` = %d",
                                        dbesc($issued_id),
                                        intval($contact_record['id'])
                                );
@@ -374,7 +505,7 @@ function dfrn_request_post(&$a) {
                                }
                        
 
-                               require_once('Scrape.php');
+                               require_once('include/Scrape.php');
 
                                $parms = scrape_dfrn(($hcard) ? $hcard : $url);
 
@@ -424,17 +555,17 @@ function dfrn_request_post(&$a) {
                                );
 
                                // find the contact record we just created
-                               if($r) {        
-                                       $r = q("SELECT `id` FROM `contact` 
+                               if($r) {
+                                       $r = q("SELECT `id` FROM `contact`
                                                WHERE `uid` = %d AND `url` = '%s' AND `issued-id` = '%s' LIMIT 1",
                                                intval($uid),
                                                $parms['url'],
                                                $parms['issued-id']
                                        );
-                                       if(count($r)) 
+                                       if(count($r))
                                                $contact_record = $r[0];
                                }
-       
+
                        }
                        if($r === false) {
                                notice( t('Failed to update contact record.') . EOL );
@@ -442,7 +573,7 @@ function dfrn_request_post(&$a) {
                        }
 
                        $hash = random_string() . (string) time();   // Generate a confirm_key
-       
+
                        if(is_array($contact_record)) {
                                $ret = q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `note`, `hash`, `datetime`)
                                        VALUES ( %d, %d, 1, %d, '%s', '%s', '%s' )",
@@ -486,7 +617,7 @@ function dfrn_request_post(&$a) {
                         *
                         */
 
-                       $url = str_replace('{uri}', $a->get_baseurl() . '/dfrn_poll/' . $nickname, $url);
+                       $url = str_replace('{uri}', $a->get_baseurl() . '/profile/' . $nickname, $url);
                        goaway($url);
                        // NOTREACHED
                        // END $network === NETWORK_OSTATUS
@@ -536,6 +667,8 @@ function dfrn_request_content(&$a) {
                $o  = replace_macros($tpl,array(
                        '$dfrn_url' => $dfrn_url,
                        '$aes_allow' => (($aes_allow) ? '<input type="hidden" name="aes_allow" value="1" />' : "" ),
+                       '$hidethem' => t('Hide this contact'),
+                       '$hidechecked' => '',
                        '$confirm_key' => $confirm_key,
                        '$welcome' => sprintf( t('Welcome home %s.'), $a->user['username']),
                        '$please' => sprintf( t('Please confirm your introduction/connection request to %s.'), $dfrn_url),
@@ -567,8 +700,8 @@ function dfrn_request_content(&$a) {
                        $auto_confirm = false;
 
                        if(count($r)) {
-                               if($r[0]['page-flags'] != PAGE_NORMAL)
-                                       $auto_confirm = true;                           
+                               if(($r[0]['page-flags'] != PAGE_NORMAL) && ($r[0]['page-flags'] != PAGE_PRVGROUP))
+                                       $auto_confirm = true;
 
                                if(! $auto_confirm) {
                                        require_once('include/enotify.php');
@@ -595,7 +728,8 @@ function dfrn_request_content(&$a) {
                                                'node' => $r[0]['nickname'],
                                                'dfrn_id' => $r[0]['issued-id'],
                                                'intro_id' => $intro[0]['id'],
-                                               'duplex' => (($r[0]['page-flags'] == PAGE_FREELOVE) ? 1 : 0)
+                                               'duplex' => (($r[0]['page-flags'] == PAGE_FREELOVE) ? 1 : 0),
+                                               'activity' => intval(get_pconfig($r[0]['uid'],'system','post_newfriend'))
                                        );
                                        dfrn_confirm_post($a,$handsfree);
                                }
@@ -607,7 +741,7 @@ function dfrn_request_content(&$a) {
                                // If we are auto_confirming, this record will have already been nuked
                                // in dfrn_confirm_post()
 
-                               $r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s' LIMIT 1",
+                               $r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s'",
                                        dbesc($_GET['confirm_key'])
                                );
                        }
@@ -623,8 +757,10 @@ function dfrn_request_content(&$a) {
                 */
  
                if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
-                       notice( t('Public access denied.') . EOL);
-                       return;
+                       if(! get_config('system','local_block')) {
+                               notice( t('Public access denied.') . EOL);
+                               return;
+                       }
                }
 
 
@@ -648,6 +784,11 @@ function dfrn_request_content(&$a) {
                        $myaddr = ((x($_GET,'address')) ? $_GET['address'] : '');
                }
 
+               // last, try a zrl
+               if(! strlen($myaddr))
+                       $myaddr = get_my_url();
+
+
                $target_addr = $a->profile['nickname'] . '@' . substr(z_root(), strpos(z_root(),'://') + 3 );
 
 
Unnamed repository; edit this file 'description' to name the repository.