X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=jappixmini%2Fjappixmini.php;h=23f99f17ad211fabf1278ce96d2d857e57fed0ec;hb=67c1273e08511bba6d5108e66305783deaca752f;hp=08d821128db7c34d3ce0507d2db4c40566ebf593;hpb=6d6e73096afb22e95678c651e055337f1bf5405d;p=friendica-addons.git diff --git a/jappixmini/jappixmini.php b/jappixmini/jappixmini.php index 08d82112..23f99f17 100644 --- a/jappixmini/jappixmini.php +++ b/jappixmini/jappixmini.php @@ -1,13 +1,12 @@ -* -*/ - + * Name: jappixmini + * Description: Provides a Facebook-like chat using Jappix Mini + * Version: 1.0.1 + * Author: leberwurscht + * + */ // // Copyright 2012 "Leberwurscht" // @@ -16,138 +15,154 @@ /* -Problem: -* jabber password should not be stored on server -* jabber password should not be sent between server and browser as soon as the user is logged in -* jabber password should not be reconstructible from communication between server and browser as soon as the user is logged in + Problem: + * jabber password should not be stored on server + * jabber password should not be sent between server and browser as soon as the user is logged in + * jabber password should not be reconstructible from communication between server and browser as soon as the user is logged in -Solution: -Only store an encrypted version of the jabber password on the server. The encryption key is only available to the browser -and not to the server (at least as soon as the user is logged in). It can be stored using the jappix setDB function. + Solution: + Only store an encrypted version of the jabber password on the server. The encryption key is only available to the browser + and not to the server (at least as soon as the user is logged in). It can be stored using the jappix setDB function. -This encryption key could be the friendica password, but then this password would be stored in the browser in cleartext. -It is better to use a hash of the password. -The server should not be able to reconstruct the password, so we can't take the same hash the server stores. But we can - use hash("some_prefix"+password). This will however not work with OpenID logins, for this type of login the password must -be queried manually. + This encryption key could be the friendica password, but then this password would be stored in the browser in cleartext. + It is better to use a hash of the password. + The server should not be able to reconstruct the password, so we can't take the same hash the server stores. But we can + use hash("some_prefix"+password). This will however not work with OpenID logins, for this type of login the password must + be queried manually. -Problem: -How to discover the jabber addresses of the friendica contacts? + Problem: + How to discover the jabber addresses of the friendica contacts? -Solution: -Each Friendica site with this addon provides a /jappixmini/ module page. We go through our contacts and retrieve -this information every week using a cron hook. + Solution: + Each Friendica site with this addon provides a /jappixmini/ module page. We go through our contacts and retrieve + this information every week using a cron hook. -Problem: -We do not want to make the jabber address public. + Problem: + We do not want to make the jabber address public. -Solution: -When two friendica users connect using DFRN, the relation gets a DFRN ID and a keypair is generated. -Using this keypair, we can provide the jabber address only to contacts: + Solution: + When two friendica users connect using DFRN, the relation gets a DFRN ID and a keypair is generated. + Using this keypair, we can provide the jabber address only to contacts: -Alice: + Alice: signed_address = openssl_*_encrypt(alice_jabber_address) -send signed_address to Bob, who does + send signed_address to Bob, who does trusted_address = openssl_*_decrypt(signed_address) save trusted_address encrypted_address = openssl_*_encrypt(bob_jabber_address) -reply with encrypted_address to Alice, who does + reply with encrypted_address to Alice, who does decrypted_address = openssl_*_decrypt(encrypted_address) save decrypted_address -Interface for this: -GET /jappixmini/?role=%s&signed_address=%s&dfrn_id=%s + Interface for this: + GET /jappixmini/?role=%s&signed_address=%s&dfrn_id=%s -Response: -json({"status":"ok", "encrypted_address":"%s"}) + Response: + json({"status":"ok", "encrypted_address":"%s"}) -*/ + */ -function jappixmini_install() { -register_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings'); -register_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post'); +use Friendica\App; +use Friendica\Core\Addon; +use Friendica\Core\Config; +use Friendica\Core\L10n; +use Friendica\Core\PConfig; +use Friendica\Model\User; +use Friendica\Util\Network; -register_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script'); -register_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login'); +function jappixmini_install() +{ + Addon::registerHook('addon_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings'); + Addon::registerHook('addon_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post'); -register_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron'); + Addon::registerHook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script'); + Addon::registerHook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login'); -// Jappix source download as required by AGPL -register_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source'); + Addon::registerHook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron'); -// set standard configuration -$info_text = get_config("jappixmini", "infotext"); -if (!$info_text) set_config("jappixmini", "infotext", - "To get the chat working, you need to know a BOSH host which works with your Jabber account. ". - "An example of a BOSH server that works for all accounts is https://bind.jappix.com/, but keep ". - "in mind that the BOSH server can read along all chat messages. If you know that your Jabber ". - "server also provides an own BOSH server, it is much better to use this one!" -); + // Jappix source download as required by AGPL + Addon::registerHook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source'); -$bosh_proxy = get_config("jappixmini", "bosh_proxy"); -if ($bosh_proxy==="") set_config("jappixmini", "bosh_proxy", "1"); + // set standard configuration + $info_text = Config::get("jappixmini", "infotext"); + if (!$info_text) + set_confConfig::setig("jappixmini", "infotext", "To get the chat working, you need to know a BOSH host which works with your Jabber account. " . + "An example of a BOSH server that works for all accounts is https://bind.jappix.com/, but keep " . + "in mind that the BOSH server can read along all chat messages. If you know that your Jabber " . + "server also provides an own BOSH server, it is much better to use this one!" + ); -// set addon version so that safe updates are possible later -$addon_version = get_config("jappixmini", "version"); -if ($addon_version==="") set_config("jappixmini", "version", "1"); -} + $bosh_proxy = Config::get("jappixmini", "bosh_proxy"); + if ($bosh_proxy === "") { + Config::set("jappixmini", "bosh_proxy", "1"); + } + // set addon version so that safe updates are possible later + $addon_version = Config::get("jappixmini", "version"); + if ($addon_version === "") { + Config::set("jappixmini", "version", "1"); + } +} -function jappixmini_uninstall() { -unregister_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings'); -unregister_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post'); +function jappixmini_uninstall() +{ + Addon::unregisterHook('addon_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings'); + Addon::unregisterHook('addon_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post'); -unregister_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script'); -unregister_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login'); + Addon::unregisterHook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script'); + Addon::unregisterHook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login'); -unregister_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron'); + Addon::unregisterHook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron'); -unregister_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source'); + Addon::unregisterHook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source'); } -function jappixmini_plugin_admin(&$a, &$o) { +function jappixmini_addon_admin(App $a, &$o) +{ // display instructions and warnings on addon settings page for admin - if (!file_exists("addon/jappixmini.tgz")) { $o .= '

The source archive jappixmini.tgz does not exist. This is probably a violation of the Jappix License (AGPL).

'; } // warn if cron job has not yet been executed - $cron_run = get_config("jappixmini", "last_cron_execution"); - if (!$cron_run) $o .= "

Warning: The cron job has not yet been executed. If this message is still there after some time (usually 10 minutes), this means that autosubscribe and autoaccept will not work.

"; + $cron_run = Config::get("jappixmini", "last_cron_execution"); + if (!$cron_run) { + $o .= "

Warning: The cron job has not yet been executed. If this message is still there after some time (usually 10 minutes), this means that autosubscribe and autoaccept will not work.

"; + } // bosh proxy - $bosh_proxy = intval(get_config("jappixmini", "bosh_proxy")); + $bosh_proxy = intval(Config::get("jappixmini", "bosh_proxy")); $bosh_proxy = intval($bosh_proxy) ? ' checked="checked"' : ''; $o .= ''; - $o .= '
'; + $o .= '
'; // bosh address - $bosh_address = get_config("jappixmini", "bosh_address"); + $bosh_address = Config::get("jappixmini", "bosh_address"); $o .= '


'; - $o .= '

'; + $o .= '

'; // default server address - $default_server = get_config("jappixmini", "default_server"); + $default_server = Config::get("jappixmini", "default_server"); $o .= '


'; - $o .= '

'; + $o .= '

'; // default user name to friendica nickname - $default_user = intval(get_config("jappixmini", "default_user")); + $default_user = intval(Config::get("jappixmini", "default_user")); $default_user = intval($default_user) ? ' checked="checked"' : ''; $o .= ''; - $o .= '
'; + $o .= '
'; // info text field - $info_text = get_config("jappixmini", "infotext"); + $info_text = Config::get("jappixmini", "infotext"); $o .= '


'; - $o .= '

'; + $o .= '

'; // submit button $o .= ''; } -function jappixmini_plugin_admin_post(&$a) { +function jappixmini_addon_admin_post(App $a) +{ // set info text $submit = $_REQUEST['jappixmini-admin-settings']; if ($submit) { @@ -156,37 +171,43 @@ function jappixmini_plugin_admin_post(&$a) { $default_user = intval($_REQUEST['jappixmini-defaultuser']); $bosh_address = $_REQUEST['jappixmini-address']; $default_server = $_REQUEST['jappixmini-server']; - set_config("jappixmini", "infotext", $info_text); - set_config("jappixmini", "bosh_proxy", $bosh_proxy); - set_config("jappixmini", "bosh_address", $bosh_address); - set_config("jappixmini", "default_server", $default_server); - set_config("jappixmini", "default_user", $default_user); + Config::set("jappixmini", "infotext", $info_text); + Config::set("jappixmini", "bosh_proxy", $bosh_proxy); + Config::set("jappixmini", "bosh_address", $bosh_address); + Config::set("jappixmini", "default_server", $default_server); + Config::set("jappixmini", "default_user", $default_user); } } -function jappixmini_module() {} -function jappixmini_init(&$a) { - // module page where other Friendica sites can submit Jabber addresses to and also can query Jabber addresses - // of local users +function jappixmini_module() +{ + +} +function jappixmini_init() +{ + // module page where other Friendica sites can submit Jabber addresses to and also can query Jabber addresses + // of local users $dfrn_id = $_REQUEST["dfrn_id"]; - if (!$dfrn_id) killme(); + if (!$dfrn_id) { + killme(); + } $role = $_REQUEST["role"]; - if ($role=="pub") { - $r = q("SELECT * FROM `contact` WHERE LENGTH(`pubkey`) AND `dfrn-id`='%s' LIMIT 1", - dbesc($dfrn_id) - ); - if (!count($r)) killme(); + if ($role == "pub") { + $r = q("SELECT * FROM `contact` WHERE LENGTH(`pubkey`) AND `dfrn-id`='%s' LIMIT 1", dbesc($dfrn_id)); + if (!count($r)) { + killme(); + } $encrypt_func = openssl_public_encrypt; $decrypt_func = openssl_public_decrypt; $key = $r[0]["pubkey"]; - } else if ($role=="prv") { - $r = q("SELECT * FROM `contact` WHERE LENGTH(`prvkey`) AND `issued-id`='%s' LIMIT 1", - dbesc($dfrn_id) - ); - if (!count($r)) killme(); + } else if ($role == "prv") { + $r = q("SELECT * FROM `contact` WHERE LENGTH(`prvkey`) AND `issued-id`='%s' LIMIT 1", dbesc($dfrn_id)); + if (!count($r)) { + killme(); + } $encrypt_func = openssl_private_encrypt; $decrypt_func = openssl_private_decrypt; @@ -206,18 +227,21 @@ function jappixmini_init(&$a) { $decrypt_func($signed_address, $trusted_address, $key); $now = intval(time()); - set_pconfig($uid, "jappixmini", "id:$dfrn_id", "$now:$trusted_address"); + PConfig::set($uid, "jappixmini", "id:$dfrn_id", "$now:$trusted_address"); } catch (Exception $e) { + } - // do not return an address if user deactivated plugin - $activated = get_pconfig($uid, 'jappixmini', 'activate'); - if (!$activated) killme(); + // do not return an address if user deactivated addon + $activated = PConfig::get($uid, 'jappixmini', 'activate'); + if (!$activated) { + killme(); + } // return the requested Jabber address try { - $username = get_pconfig($uid, 'jappixmini', 'username'); - $server = get_pconfig($uid, 'jappixmini', 'server'); + $username = PConfig::get($uid, 'jappixmini', 'username'); + $server = PConfig::get($uid, 'jappixmini', 'server'); $address = "$username@$server"; $encrypted_address = ""; @@ -225,10 +249,10 @@ function jappixmini_init(&$a) { $encrypted_address_hex = bin2hex($encrypted_address); - $answer = Array( - "status"=>"ok", - "encrypted_address"=>$encrypted_address_hex - ); + $answer = [ + "status" => "ok", + "encrypted_address" => $encrypted_address_hex + ]; $answer_json = json_encode($answer); echo $answer_json; @@ -238,118 +262,128 @@ function jappixmini_init(&$a) { } } -function jappixmini_settings(&$a, &$s) { - // addon settings for a user - - $activate = get_pconfig(local_user(),'jappixmini','activate'); - $activate = intval($activate) ? ' checked="checked"' : ''; - $dontinsertchat = get_pconfig(local_user(),'jappixmini','dontinsertchat'); - $insertchat = !(intval($dontinsertchat) ? ' checked="checked"' : ''); - - $defaultbosh = get_config("jappixmini", "bosh_address"); - - if ($defaultbosh != "") - set_pconfig(local_user(),'jappixmini','bosh', $defaultbosh); - - $username = get_pconfig(local_user(),'jappixmini','username'); - $username = htmlentities($username); - $server = get_pconfig(local_user(),'jappixmini','server'); - $server = htmlentities($server); - $bosh = get_pconfig(local_user(),'jappixmini','bosh'); - $bosh = htmlentities($bosh); - $password = get_pconfig(local_user(),'jappixmini','password'); - $autosubscribe = get_pconfig(local_user(),'jappixmini','autosubscribe'); - $autosubscribe = intval($autosubscribe) ? ' checked="checked"' : ''; - $autoapprove = get_pconfig(local_user(),'jappixmini','autoapprove'); - $autoapprove = intval($autoapprove) ? ' checked="checked"' : ''; - $encrypt = intval(get_pconfig(local_user(),'jappixmini','encrypt')); - $encrypt_checked = $encrypt ? ' checked="checked"' : ''; - $encrypt_disabled = $encrypt ? '' : ' disabled="disabled"'; - - if ($server == "") - $server = get_config("jappixmini", "default_server"); - - if (($username == "") and get_config("jappixmini", "default_user")) - $username = $a->user["nickname"]; - - $info_text = get_config("jappixmini", "infotext"); - $info_text = htmlentities($info_text); - $info_text = str_replace("\n", "
", $info_text); - - // count contacts - $r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%'", local_user()); - if (count($r)) $contact_cnt = $r[0]["cnt"]; - else $contact_cnt = 0; - - // count jabber addresses - $r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%' AND `v` LIKE '%%@%%'", local_user()); - if (count($r)) $address_cnt = $r[0]["cnt"]; - else $address_cnt = 0; - - if (!$activate) { - // load scripts if not yet activated so that password can be saved - $a->page['htmlhead'] .= ''."\r\n"; - $a->page['htmlhead'] .= ''."\r\n"; - - $a->page['htmlhead'] .= ''."\r\n"; - } - - $s .= ''; - $s .= '

'.t('Jappix Mini').'

'; - $s .= ''; - $s .= '