<?php
/**
- * @file include/dfrn.php
- * The implementation of the dfrn protocol
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
*
- * @see https://github.com/friendica/friendica/wiki/Protocol and
- * https://github.com/friendica/friendica/blob/master/spec/dfrn2.pdf
*/
+
namespace Friendica\Protocol;
use DOMDocument;
use DOMXPath;
use Friendica\App\BaseURL;
-use Friendica\Content\OEmbed;
use Friendica\Content\Text\BBCode;
-use Friendica\Content\Text\HTML;
-use Friendica\Core\Config;
use Friendica\Core\Hook;
use Friendica\Core\Logger;
use Friendica\Core\Protocol;
use Friendica\Model\Event;
use Friendica\Model\GContact;
use Friendica\Model\Item;
+use Friendica\Model\ItemURI;
use Friendica\Model\Mail;
+use Friendica\Model\Notify\Type;
use Friendica\Model\PermissionSet;
use Friendica\Model\Profile;
+use Friendica\Model\Tag;
+use Friendica\Model\Term;
use Friendica\Model\User;
use Friendica\Network\Probe;
use Friendica\Util\Crypto;
use Friendica\Util\Network;
use Friendica\Util\Strings;
use Friendica\Util\XML;
-use HTMLPurifier;
-use HTMLPurifier_Config;
/**
* This class contain functions to create and send DFRN XML files
// default permissions - anonymous user
- $sql_extra = " AND NOT `item`.`private` ";
+ $sql_extra = sprintf(" AND `item`.`private` != %s ", Item::PRIVATE);
$r = q(
"SELECT `contact`.*, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags`, `user`.`account-type`
if (!empty($set)) {
$sql_extra = " AND `item`.`psid` IN (" . implode(',', $set) .")";
} else {
- $sql_extra = " AND NOT `item`.`private`";
+ $sql_extra = sprintf(" AND `item`.`private` != %s", Item::PRIVATE);
}
}
$sql_post_table = sprintf(
"INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
DBA::escape(Strings::protectSprintf($category)),
- intval(TERM_OBJ_POST),
- intval(TERM_CATEGORY),
+ intval(Term::OBJECT_TYPE_POST),
+ intval(Term::CATEGORY),
intval($owner_id)
);
}
if ($public_feed) {
$type = 'html';
// catch any email that's in a public conversation and make sure it doesn't leak
- if ($item['private']) {
+ if ($item['private'] == Item::PRIVATE) {
continue;
}
} else {
*/
private static function addAuthor(DOMDocument $doc, array $owner, $authorelement, $public)
{
- // Is the profile hidden or shouldn't be published in the net? Then add the "hide" element
- $r = q(
- "SELECT `id` FROM `profile` INNER JOIN `user` ON `user`.`uid` = `profile`.`uid`
- WHERE (`hidewall` OR NOT `net-publish`) AND `user`.`uid` = %d",
- intval($owner['uid'])
- );
- if (DBA::isResult($r)) {
- $hidewall = true;
- } else {
- $hidewall = false;
- }
+ // Should the profile be "unsearchable" in the net? Then add the "hide" element
+ $hide = DBA::exists('profile', ['uid' => $owner['uid'], 'net-publish' => false]);
$author = $doc->createElement($authorelement);
$namdate = DateTimeFormat::utc($owner['name-date'].'+00:00', DateTimeFormat::ATOM);
- $uridate = DateTimeFormat::utc($owner['uri-date'].'+00:00', DateTimeFormat::ATOM);
$picdate = DateTimeFormat::utc($owner['avatar-date'].'+00:00', DateTimeFormat::ATOM);
$attributes = [];
- if (!$public || !$hidewall) {
+ if (!$public || !$hide) {
$attributes = ["dfrn:updated" => $namdate];
}
$attributes = ["rel" => "photo", "type" => "image/jpeg",
"media:width" => 300, "media:height" => 300, "href" => $owner['photo']];
- if (!$public || !$hidewall) {
+ if (!$public || !$hide) {
$attributes["dfrn:updated"] = $picdate;
}
$attributes["rel"] = "avatar";
XML::addElement($doc, $author, "link", "", $attributes);
- if ($hidewall) {
+ if ($hide) {
XML::addElement($doc, $author, "dfrn:hide", "true");
}
`profile`.`pub_keywords`, `profile`.`xmpp`, `profile`.`dob`
FROM `profile`
INNER JOIN `user` ON `user`.`uid` = `profile`.`uid`
- WHERE `profile`.`is-default` AND NOT `user`.`hidewall` AND `user`.`uid` = %d",
+ WHERE NOT `user`.`hidewall` AND `user`.`uid` = %d",
intval($owner['uid'])
);
if (DBA::isResult($r)) {
$entry->setAttribute("xmlns:statusnet", ActivityNamespace::STATUSNET);
}
- if ($item['private']) {
+ if ($item['private'] == Item::PRIVATE) {
$body = Item::fixPrivatePhotos($item['body'], $owner['uid'], $item, $cid);
} else {
$body = $item['body'];
}
if ($item['private']) {
- XML::addElement($doc, $entry, "dfrn:private", ($item['private'] ? $item['private'] : 1));
+ // Friendica versions prior to 2020.3 can't handle "unlisted" properly. So we can only transmit public and private
+ XML::addElement($doc, $entry, "dfrn:private", ($item['private'] == Item::PRIVATE ? Item::PRIVATE : Item::PUBLIC));
+ XML::addElement($doc, $entry, "dfrn:unlisted", $item['private'] == Item::UNLISTED);
}
if ($item['extid']) {
// The signed text contains the content in Markdown, the sender handle and the signatur for the content
// It is needed for relayed comments to Diaspora.
if ($item['signed_text']) {
- $sign = base64_encode(json_encode(['signed_text' => $item['signed_text'],'signature' => $item['signature'],'signer' => $item['signer']]));
+ $sign = base64_encode(json_encode(['signed_text' => $item['signed_text'],'signature' => '','signer' => '']));
XML::addElement($doc, $entry, "dfrn:diaspora_signature", $sign);
}
notification(
[
- 'type' => NOTIFY_SUGGEST,
+ 'type' => Type::SUGGEST,
'notify_flags' => $importer['notify-flags'],
'language' => $importer['language'],
'to_name' => $importer['username'],
// send a notification
notification(
[
- "type" => NOTIFY_POKE,
+ "type" => Type::POKE,
"notify_flags" => $importer["notify-flags"],
"language" => $importer["language"],
"to_name" => $importer["username"],
$xt = XML::parseString($item["target"], false);
if ($xt->type == Activity\ObjectType::NOTE) {
- $item_tag = Item::selectFirst(['id', 'tag'], ['uri' => $xt->id, 'uid' => $importer["importer_uid"]]);
+ $item_tag = Item::selectFirst(['id', 'uri-id', 'tag'], ['uri' => $xt->id, 'uid' => $importer["importer_uid"]]);
if (!DBA::isResult($item_tag)) {
Logger::log("Query failed to execute, no result returned in " . __FUNCTION__);
// extract tag, if not duplicate, add to parent item
if ($xo->content) {
+ Tag::store($item_tag['uri-id'], Tag::HASHTAG, $xo->content);
+
if (!stristr($item_tag["tag"], trim($xo->content))) {
$tag = $item_tag["tag"] . (strlen($item_tag["tag"]) ? ',' : '') . '#[url=' . $xo->id . ']'. $xo->content . '[/url]';
Item::update(['tag' => $tag], ['id' => $item_tag["id"]]);
$item["body"] = XML::getFirstNodeValue($xpath, "dfrn:env/text()", $entry);
$item["body"] = str_replace([' ',"\t","\r","\n"], ['','','',''], $item["body"]);
- // make sure nobody is trying to sneak some html tags by us
+
$item["body"] = Strings::base64UrlDecode($item["body"]);
$item["body"] = BBCode::limitBodySize($item["body"]);
- /// @todo Do we really need this check for HTML elements? (It was copied from the old function)
- if ((strpos($item['body'], '<') !== false) && (strpos($item['body'], '>') !== false)) {
- $base_url = DI::baseUrl()->get();
- $item['body'] = HTML::relToAbs($item['body'], $base_url);
-
- $item['body'] = HTML::toBBCodeVideo($item['body']);
-
- $item['body'] = OEmbed::HTML2BBCode($item['body']);
-
- $config = HTMLPurifier_Config::createDefault();
- $config->set('Cache.DefinitionImpl', null);
-
- // we shouldn't need a whitelist, because the bbcode converter
- // will strip out any unsupported tags.
-
- $purifier = new HTMLPurifier($config);
- $item['body'] = $purifier->purify($item['body']);
-
- $item['body'] = @HTML::toBBCode($item['body']);
- }
-
/// @todo We should check for a repeated post and if we know the repeated author.
// We don't need the content element since "dfrn:env" is always present
$item["private"] = XML::getFirstNodeValue($xpath, "dfrn:private/text()", $entry);
+ $unlisted = XML::getFirstNodeValue($xpath, "dfrn:unlisted/text()", $entry);
+ if (!empty($unlisted) && ($item['private'] != Item::PRIVATE)) {
+ $item['private'] = Item::UNLISTED;
+ }
+
$item["extid"] = XML::getFirstNodeValue($xpath, "dfrn:extid/text()", $entry);
if (XML::getFirstNodeValue($xpath, "dfrn:bookmark/text()", $entry) == "true") {
$item["guid"] = XML::getFirstNodeValue($xpath, "dfrn:diaspora_guid/text()", $entry);
+ $item['uri-id'] = ItemURI::insert(['uri' => $item['uri'], 'guid' => $item['guid']]);
+
+ Tag::storeFromBody($item['uri-id'], $item["body"]);
+
// We store the data from "dfrn:diaspora_signature" in a different table, this is done in "Item::insert"
$dsprsig = XML::unescape(XML::getFirstNodeValue($xpath, "dfrn:diaspora_signature/text()", $entry));
if ($dsprsig != "") {
}
$item["tag"] .= $termhash . "[url=" . $termurl . "]" . $term . "[/url]";
+
+ Tag::store($item['uri-id'], Tag::IMPLICIT_MENTION, $term, $termurl);
}
}
}
Logger::log('deleting item '.$item['id'].' uri='.$uri, Logger::DEBUG);
- Item::delete(['id' => $item['id']]);
+ Item::markForDeletion(['id' => $item['id']]);
}
/**
projects / friendica.git / blobdiff