<?php
/**
- * @file include/dfrn.php
- * The implementation of the dfrn protocol
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
*
- * @see https://github.com/friendica/friendica/wiki/Protocol and
- * https://github.com/friendica/friendica/blob/master/spec/dfrn2.pdf
*/
+
namespace Friendica\Protocol;
use DOMDocument;
use Friendica\Content\OEmbed;
use Friendica\Content\Text\BBCode;
use Friendica\Content\Text\HTML;
-use Friendica\Core\Config;
use Friendica\Core\Hook;
use Friendica\Core\Logger;
use Friendica\Core\Protocol;
use Friendica\Model\GContact;
use Friendica\Model\Item;
use Friendica\Model\Mail;
+use Friendica\Model\Notify\Type;
use Friendica\Model\PermissionSet;
use Friendica\Model\Profile;
use Friendica\Model\User;
// default permissions - anonymous user
- $sql_extra = " AND NOT `item`.`private` ";
+ $sql_extra = sprintf(" AND `item`.`private` != %s ", Item::PRIVATE);
$r = q(
"SELECT `contact`.*, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags`, `user`.`account-type`
if (!empty($set)) {
$sql_extra = " AND `item`.`psid` IN (" . implode(',', $set) .")";
} else {
- $sql_extra = " AND NOT `item`.`private`";
+ $sql_extra = sprintf(" AND `item`.`private` != %s", Item::PRIVATE);
}
}
if ($public_feed) {
$type = 'html';
// catch any email that's in a public conversation and make sure it doesn't leak
- if ($item['private']) {
+ if ($item['private'] == Item::PRIVATE) {
continue;
}
} else {
$pubkey = DI::config()->get('system', 'site_pubkey');
if (! $pubkey) {
$res = Crypto::newKeypair(1024);
- Config::set('system', 'site_prvkey', $res['prvkey']);
- Config::set('system', 'site_pubkey', $res['pubkey']);
+ DI::config()->set('system', 'site_prvkey', $res['prvkey']);
+ DI::config()->set('system', 'site_pubkey', $res['pubkey']);
}
$rp = q(
*/
private static function addAuthor(DOMDocument $doc, array $owner, $authorelement, $public)
{
- // Is the profile hidden or shouldn't be published in the net? Then add the "hide" element
- $r = q(
- "SELECT `id` FROM `profile` INNER JOIN `user` ON `user`.`uid` = `profile`.`uid`
- WHERE (`hidewall` OR NOT `net-publish`) AND `user`.`uid` = %d",
- intval($owner['uid'])
- );
- if (DBA::isResult($r)) {
- $hidewall = true;
- } else {
- $hidewall = false;
- }
+ // Should the profile be "unsearchable" in the net? Then add the "hide" element
+ $hide = DBA::exists('profile', ['uid' => $owner['uid'], 'net-publish' => false]);
$author = $doc->createElement($authorelement);
$namdate = DateTimeFormat::utc($owner['name-date'].'+00:00', DateTimeFormat::ATOM);
- $uridate = DateTimeFormat::utc($owner['uri-date'].'+00:00', DateTimeFormat::ATOM);
$picdate = DateTimeFormat::utc($owner['avatar-date'].'+00:00', DateTimeFormat::ATOM);
$attributes = [];
- if (!$public || !$hidewall) {
+ if (!$public || !$hide) {
$attributes = ["dfrn:updated" => $namdate];
}
$attributes = ["rel" => "photo", "type" => "image/jpeg",
"media:width" => 300, "media:height" => 300, "href" => $owner['photo']];
- if (!$public || !$hidewall) {
+ if (!$public || !$hide) {
$attributes["dfrn:updated"] = $picdate;
}
$attributes["rel"] = "avatar";
XML::addElement($doc, $author, "link", "", $attributes);
- if ($hidewall) {
+ if ($hide) {
XML::addElement($doc, $author, "dfrn:hide", "true");
}
`profile`.`pub_keywords`, `profile`.`xmpp`, `profile`.`dob`
FROM `profile`
INNER JOIN `user` ON `user`.`uid` = `profile`.`uid`
- WHERE `profile`.`is-default` AND NOT `user`.`hidewall` AND `user`.`uid` = %d",
+ WHERE NOT `user`.`hidewall` AND `user`.`uid` = %d",
intval($owner['uid'])
);
if (DBA::isResult($r)) {
$entry->setAttribute("xmlns:statusnet", ActivityNamespace::STATUSNET);
}
- if ($item['private']) {
+ if ($item['private'] == Item::PRIVATE) {
$body = Item::fixPrivatePhotos($item['body'], $owner['uid'], $item, $cid);
} else {
$body = $item['body'];
}
if ($item['private']) {
- XML::addElement($doc, $entry, "dfrn:private", ($item['private'] ? $item['private'] : 1));
+ // Friendica versions prior to 2020.3 can't handle "unlisted" properly. So we can only transmit public and private
+ XML::addElement($doc, $entry, "dfrn:private", ($item['private'] == Item::PRIVATE ? Item::PRIVATE : Item::PUBLIC));
+ XML::addElement($doc, $entry, "dfrn:unlisted", $item['private'] == Item::UNLISTED);
}
if ($item['extid']) {
notification(
[
- 'type' => NOTIFY_SUGGEST,
+ 'type' => Type::SUGGEST,
'notify_flags' => $importer['notify-flags'],
'language' => $importer['language'],
'to_name' => $importer['username'],
// send a notification
notification(
[
- "type" => NOTIFY_POKE,
+ "type" => Type::POKE,
"notify_flags" => $importer["notify-flags"],
"language" => $importer["language"],
"to_name" => $importer["username"],
$item["body"] = XML::getFirstNodeValue($xpath, "dfrn:env/text()", $entry);
$item["body"] = str_replace([' ',"\t","\r","\n"], ['','','',''], $item["body"]);
- // make sure nobody is trying to sneak some html tags by us
+
$item["body"] = Strings::base64UrlDecode($item["body"]);
$item["body"] = BBCode::limitBodySize($item["body"]);
- /// @todo Do we really need this check for HTML elements? (It was copied from the old function)
- if ((strpos($item['body'], '<') !== false) && (strpos($item['body'], '>') !== false)) {
- $base_url = DI::baseUrl()->get();
- $item['body'] = HTML::relToAbs($item['body'], $base_url);
-
- $item['body'] = HTML::toBBCodeVideo($item['body']);
-
- $item['body'] = OEmbed::HTML2BBCode($item['body']);
-
- $config = HTMLPurifier_Config::createDefault();
- $config->set('Cache.DefinitionImpl', null);
-
- // we shouldn't need a whitelist, because the bbcode converter
- // will strip out any unsupported tags.
-
- $purifier = new HTMLPurifier($config);
- $item['body'] = $purifier->purify($item['body']);
-
- $item['body'] = @HTML::toBBCode($item['body']);
- }
-
/// @todo We should check for a repeated post and if we know the repeated author.
// We don't need the content element since "dfrn:env" is always present
$item["private"] = XML::getFirstNodeValue($xpath, "dfrn:private/text()", $entry);
+ $unlisted = XML::getFirstNodeValue($xpath, "dfrn:unlisted/text()", $entry);
+ if (!empty($unlisted) && ($item['private'] != Item::PRIVATE)) {
+ $item['private'] = Item::UNLISTED;
+ }
+
$item["extid"] = XML::getFirstNodeValue($xpath, "dfrn:extid/text()", $entry);
if (XML::getFirstNodeValue($xpath, "dfrn:bookmark/text()", $entry) == "true") {
Logger::log('deleting item '.$item['id'].' uri='.$uri, Logger::DEBUG);
- Item::delete(['id' => $item['id']]);
+ Item::markForDeletion(['id' => $item['id']]);
}
/**
projects / friendica.git / blobdiff