X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fredir.php;h=76e30a6eaca2325950db232bfd119fda8f765d38;hb=2952e2b3e47d0d16e89c6ff81353a9059bfe474c;hp=7a4403613197405ab1c3f6fe18692c90d7c5c477;hpb=fcc8bf810529968b1938d195690ff10954493f03;p=friendica.git

diff --git a/include/redir.php b/include/redir.php
index 7a44036131..76e30a6eac 100644
--- a/include/redir.php
+++ b/include/redir.php
@@ -1,6 +1,11 @@
 <?php
 
-function auto_redir(&$a, $contact_nick) {
+function auto_redir(App $a, $contact_nick) {
+
+	// prevent looping
+
+	if(x($_REQUEST,'redir') && intval($_REQUEST['redir']))
+		return;
 
 	if((! $contact_nick) || ($contact_nick === $a->user['nickname']))
 		return;
@@ -12,32 +17,40 @@ function auto_redir(&$a, $contact_nick) {
 		// same nickname as me on other hubs or other networks. Exclude these by requiring
 		// that the contact have a local URL. I will be the only person with my nickname at
 		// this URL, so if a result is found, then I am a contact of the $contact_nick user.
+		//
+		// We also have to make sure that I'm a legitimate contact--I'm not blocked or pending.
 
-		$baseurl = $a->get_baseurl();
+		$baseurl = App::get_baseurl();
 		$domain_st = strpos($baseurl, "://");
 		if($domain_st === false)
 			return;
 		$baseurl = substr($baseurl, $domain_st + 3);
-
-		$r = q("SELECT id FROM contact WHERE uid = ( SELECT uid FROM user WHERE nickname = '%s' LIMIT 1 )
-		        AND nick = '%s' AND self = 0 AND url LIKE '%%%s%%' LIMIT 1",
-			   dbesc($contact_nick),
-			   dbesc($a->user['nickname']),
-		       dbesc($baseurl)
+		$nurl = normalise_link($baseurl);
+
+		/// @todo Why is there a query for "url" *and* "nurl"? Especially this normalising is strange.
+		$r = q("SELECT `id` FROM `contact` WHERE `uid` = (SELECT `uid` FROM `user` WHERE `nickname` = '%s' LIMIT 1)
+		        AND `nick` = '%s' AND NOT `self` AND (`url` LIKE '%%%s%%' OR `nurl` LIKE '%%%s%%') AND NOT `blocked` AND NOT `pending` LIMIT 1",
+				dbesc($contact_nick),
+				dbesc($a->user['nickname']),
+				dbesc($baseurl),
+				dbesc($nurl)
 		);
 
-		if((!$r) || (! count($r)) || $r[0]['id'] == remote_user())
+		if ((! dbm::is_result($r)) || $r[0]['id'] == remote_user()) {
 			return;
+		}
 
-
-		$r = q("SELECT * FROM contact WHERE nick = '%s' AND network = '%s' AND uid = %d LIMIT 1",
+		$r = q("SELECT * FROM contact WHERE nick = '%s'
+		        AND network = '%s' AND uid = %d  AND url LIKE '%%%s%%' LIMIT 1",
 		       dbesc($contact_nick),
 		       dbesc(NETWORK_DFRN),
-		       intval(local_user())
+		       intval(local_user()),
+		       dbesc($baseurl)
 		);
 
-		if(! ($r && count($r)))
+		if (! dbm::is_result($r)) {
 			return;
+		}
 
 		$cid = $r[0]['id'];
 
@@ -52,6 +65,12 @@ function auto_redir(&$a, $contact_nick) {
 			$dfrn_id = '0:' . $orig_id;
 		}
 
+		// ensure that we've got a valid ID. There may be some edge cases with forums and non-duplex mode
+		// that may have triggered some of the "went to {profile/intro} and got an RSS feed" issues
+
+		if(strlen($dfrn_id) < 3)
+			return;
+
 		$sec = random_string();
 
 		q("INSERT INTO `profile_check` ( `uid`, `cid`, `dfrn_id`, `sec`, `expire`)
@@ -65,9 +84,9 @@ function auto_redir(&$a, $contact_nick) {
 
 		$url = curPageURL();
 
-		logger('auto_redir: ' . $r[0]['name'] . ' ' . $sec, LOGGER_DEBUG); 
+		logger('auto_redir: ' . $r[0]['name'] . ' ' . $sec, LOGGER_DEBUG);
 		$dest = (($url) ? '&destination_url=' . $url : '');
-		goaway ($r[0]['poll'] . '?dfrn_id=' . $dfrn_id 
+		goaway ($r[0]['poll'] . '?dfrn_id=' . $dfrn_id
 			. '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&type=profile&sec=' . $sec . $dest );
 	}