Merge branch 'master' of git://github.com/friendika/friendika

[friendica.git] / mod / salmon.php

diff --git a/mod/salmon.php b/mod/salmon.php
index 2acb094c31c8b4cc4a9b274aa669e4314f2ee9b5..56ac071b065209aa7a82ced4042790492026b889 100644 (file)
--- a/mod/salmon.php
+++ b/mod/salmon.php
@@ -1,20 +1,17 @@
 <?php
 
 
-// TODO: 
-// add relevant contacts so they can use this
-
 // There is a lot of debug stuff in here because this is quite a
 // complicated process to try and sort out. 
 
 require_once('include/salmon.php');
-require_once('simplepie/simplepie.inc');
+require_once('library/simplepie/simplepie.inc');
 
 function salmon_return($val) {
 
        if($val >= 400)
                $err = 'Error';
-       if($val == 200)
+       if($val >= 200 && $val < 300)
                $err = 'OK';
 
        logger('mod-salmon returns ' . $val);   
@@ -89,7 +86,7 @@ function salmon_post(&$a) {
 
        // Create a fake feed wrapper so simplepie doesn't choke
 
-       $tpl = load_view_file('view/fake_feed.tpl');
+       $tpl = get_markup_template('fake_feed.tpl');
        
        $base = substr($data,strpos($data,'<entry'));
 
@@ -133,9 +130,9 @@ function salmon_post(&$a) {
 
        // Setup RSA stuff to verify the signature
 
-       set_include_path(get_include_path() . PATH_SEPARATOR . 'phpsec');
+       set_include_path(get_include_path() . PATH_SEPARATOR . 'library/phpsec');
 
-       require_once('phpsec/Crypt/RSA.php');
+       require_once('library/phpsec/Crypt/RSA.php');
 
        $key_info = explode('.',$key);
 
@@ -158,8 +155,10 @@ function salmon_post(&$a) {
 
     $verify = $rsa->verify($signed_data,$signature);
 
-       if(! $verify)
+       if(! $verify) {
+               logger('mod-salmon: message did not verify using protocol. Trying statusnet hack.');
            $verify = $rsa->verify($stnet_signed_data,$signature);
+    }
 
        if(! $verify) {
                logger('mod-salmon: Message did not verify. Discarding.');
@@ -175,7 +174,7 @@ function salmon_post(&$a) {
        *
        */
 
-       $r = q("SELECT * FROM `contact` WHERE `network` = 'stat' AND ( `url` = '%s' OR `lrdd` = '%s') 
+       $r = q("SELECT * FROM `contact` WHERE `network` = 'stat' AND ( `url` = '%s' OR `alias` = '%s') 
                AND `uid` = %d LIMIT 1",
                dbesc($author_link),
                dbesc($author_link),
@@ -184,9 +183,13 @@ function salmon_post(&$a) {
        if(! count($r)) {
                logger('mod-salmon: Author unknown to us.');
        }       
-       if((count($r)) && ($r[0]['readonly'])) {
+
+       // is this a follower? Or have we ignored the person?
+       // If so we can not accept this post.
+
+       if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == REL_VIP) || ($r[0]['blocked']))) {
                logger('mod-salmon: Ignoring this author.');
-               salmon_return(200);
+               salmon_return(202);
                // NOTREACHED
        }
 
@@ -197,9 +200,16 @@ function salmon_post(&$a) {
 
        $hub = '';
 
-       // consume_feed will only accept a follow activity from this person if there is no contact record.
+       /**
+        *
+        * anti-spam measure: consume_feed will accept a follow activity from 
+        * this person (and nothing else) if there is no existing contact record.
+        *
+        */
+
+       $contact_rec = ((count($r)) ? $r[0] : null);
 
-       consume_feed($feedxml,$importer,((count($r)) ? $r[0] : null),$hub);
+       consume_feed($feedxml,$importer,$contact_rec,$hub);
 
        salmon_return(200);
 }