X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fredir.php;h=d29159ed0342c91a2c652932508a7ed90c8382dc;hb=df8b522f6b96bc3a631e608ee430555590e91f0c;hp=3fbbf4c1302f5a8ae12a616f9b8a1444e5c74b54;hpb=ce932dfdaf3c7b96544a67607c2ec9a99c588db0;p=friendica.git diff --git a/include/redir.php b/include/redir.php index 3fbbf4c130..d29159ed03 100644 --- a/include/redir.php +++ b/include/redir.php @@ -2,6 +2,11 @@ function auto_redir(&$a, $contact_nick) { + // prevent looping + + if(x($_REQUEST,'redir') && intval($_REQUEST['redir'])) + return; + if((! $contact_nick) || ($contact_nick === $a->user['nickname'])) return; @@ -15,22 +20,25 @@ function auto_redir(&$a, $contact_nick) { // // We also have to make sure that I'm a legitimate contact--I'm not blocked or pending. - $baseurl = $a->get_baseurl(); + $baseurl = App::get_baseurl(); $domain_st = strpos($baseurl, "://"); if($domain_st === false) return; $baseurl = substr($baseurl, $domain_st + 3); - - $r = q("SELECT id FROM contact WHERE uid = ( SELECT uid FROM user WHERE nickname = '%s' LIMIT 1 ) - AND nick = '%s' AND self = 0 AND url LIKE '%%%s%%' AND blocked = 0 AND pending = 0 LIMIT 1", - dbesc($contact_nick), - dbesc($a->user['nickname']), - dbesc($baseurl) + $nurl = normalise_link($baseurl); + + /// @todo Why is there a query for "url" *and* "nurl"? Especially this normalising is strange. + $r = q("SELECT `id` FROM `contact` WHERE `uid` = (SELECT `uid` FROM `user` WHERE `nickname` = '%s' LIMIT 1) + AND `nick` = '%s' AND NOT `self` AND (`url` LIKE '%%%s%%' OR `nurl` LIKE '%%%s%%') AND NOT `blocked` AND NOT `pending` LIMIT 1", + dbesc($contact_nick), + dbesc($a->user['nickname']), + dbesc($baseurl), + dbesc($nurl) ); - if((!$r) || (! count($r)) || $r[0]['id'] == remote_user()) + if ((! dbm::is_result($r)) || $r[0]['id'] == remote_user()) { return; - + } $r = q("SELECT * FROM contact WHERE nick = '%s' AND network = '%s' AND uid = %d AND url LIKE '%%%s%%' LIMIT 1", @@ -40,8 +48,9 @@ function auto_redir(&$a, $contact_nick) { dbesc($baseurl) ); - if(! ($r && count($r))) + if (! dbm::is_result($r)) { return; + } $cid = $r[0]['id']; @@ -56,6 +65,12 @@ function auto_redir(&$a, $contact_nick) { $dfrn_id = '0:' . $orig_id; } + // ensure that we've got a valid ID. There may be some edge cases with forums and non-duplex mode + // that may have triggered some of the "went to {profile/intro} and got an RSS feed" issues + + if(strlen($dfrn_id) < 3) + return; + $sec = random_string(); q("INSERT INTO `profile_check` ( `uid`, `cid`, `dfrn_id`, `sec`, `expire`)