X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=lib%2Factivityimporter.php;h=51ea8ddf6bdca3d3871e03f103ca81a0f9a04cd3;hb=d6b28c64830f632bb2f4b6f3c9369b9e56ad217a;hp=1c34b64d35db8b84826b8bcaf1734fae32e7eeb2;hpb=220b51d8be61e9bd316567f3ad03fffdbc4b7526;p=quix0rs-gnu-social.git diff --git a/lib/activityimporter.php b/lib/activityimporter.php index 1c34b64d35..51ea8ddf6b 100644 --- a/lib/activityimporter.php +++ b/lib/activityimporter.php @@ -28,11 +28,7 @@ * @link http://status.net/ */ -if (!defined('STATUSNET')) { - // This check helps protect against security problems; - // your code file can't be executed directly from the web. - exit(1); -} +if (!defined('GNUSOCIAL')) { exit(1); } /** * Class comment @@ -104,29 +100,30 @@ class ActivityImporter extends QueueHandler $other = $activity->actor; $otherUser = User::getKV('uri', $other->id); - if (!empty($otherUser)) { - $otherProfile = $otherUser->getProfile(); - } else { + if (!$otherUser instanceof User) { // TRANS: Client exception thrown when trying to force a remote user to subscribe. throw new Exception(_('Cannot force remote user to subscribe.')); } + $otherProfile = $otherUser->getProfile(); + // XXX: don't do this for untrusted input! - Subscription::start($otherProfile, $profile); + Subscription::ensureStart($otherProfile, $profile); } else if (empty($activity->actor) || $activity->actor->id == $author->id) { $other = $activity->objects[0]; - $otherProfile = Profile::fromUri($other->id); - - if (empty($otherProfile)) { + try { + $otherProfile = Profile::fromUri($other->id); // TRANS: Client exception thrown when trying to subscribe to an unknown profile. + } catch (UnknownUriException $e) { + // Let's convert it to a client exception instead of server. throw new ClientException(_('Unknown profile.')); } - Subscription::start($profile, $otherProfile); + Subscription::ensureStart($profile, $otherProfile); } else { // TRANS: Client exception thrown when trying to import an event not related to the importing user. throw new Exception(_('This activity seems unrelated to our user.')); @@ -141,7 +138,7 @@ class ActivityImporter extends QueueHandler $group = User_group::getKV('uri', $uri); - if (empty($group)) { + if (!$group instanceof User_group) { $oprofile = Ostatus_profile::ensureActivityObjectProfile($activity->objects[0]); if (!$oprofile->isGroup()) { // TRANS: Client exception thrown when trying to join a remote group that is not a group. @@ -170,7 +167,7 @@ class ActivityImporter extends QueueHandler $notice = Notice::getKV('uri', $sourceUri); - if (!empty($notice)) { + if ($notice instanceof Notice) { common_log(LOG_INFO, "Notice {$sourceUri} already exists."); @@ -180,8 +177,8 @@ class ActivityImporter extends QueueHandler $uri = $profile->getUri(); - if ($uri == $author->id) { - common_log(LOG_INFO, "Updating notice author from $author->id to $user->uri"); + if ($uri === $author->id) { + common_log(LOG_INFO, sprintf('Updating notice author from %s to %s', $author->id, $user->getUri())); $orig = clone($notice); $notice->profile_id = $user->id; $notice->update($orig); @@ -216,8 +213,8 @@ class ActivityImporter extends QueueHandler // Get (safe!) HTML and text versions of the content - $rendered = $this->purify($sourceContent); - $content = html_entity_decode(strip_tags($rendered), ENT_QUOTES, 'UTF-8'); + $rendered = common_purify($sourceContent); + $content = common_strip_html($rendered); $shortened = $user->shortenLinks($content); @@ -244,9 +241,8 @@ class ActivityImporter extends QueueHandler // Maintain direct reply associations // @fixme what about conversation ID? if (!empty($activity->context->replyToID)) { - $orig = Notice::getKV('uri', - $activity->context->replyToID); - if (!empty($orig)) { + $orig = Notice::getKV('uri', $activity->context->replyToID); + if ($orig instanceof Notice) { $options['reply_to'] = $orig->id; } } @@ -310,7 +306,7 @@ class ActivityImporter extends QueueHandler // Is the recipient a remote group? $oprofile = Ostatus_profile::ensureProfileURI($recipient); - if ($oprofile) { + if ($oprofile instanceof Ostatus_profile) { if (!$oprofile->isGroup()) { // may be canonicalized or something $replies[] = $oprofile->uri; @@ -325,10 +321,11 @@ class ActivityImporter extends QueueHandler if ($id) { $group = User_group::getKV('id', $id); - if ($group) { + if ($group instanceof User_group) { // Deliver to all members of this local group if allowed. - $profile = $sender->localProfile(); - if ($profile->isMember($group)) { + $profile = Profile::getKV('id', $recipient); + + if (($profile instanceof Profile) && ($profile->isMember($group))) { $groups[] = $group->id; } else { common_log(LOG_INFO, "Skipping reply to local group {$group->nickname} as sender {$profile->id} is not a member"); @@ -342,15 +339,4 @@ class ActivityImporter extends QueueHandler return array($groups, $replies); } - - - function purify($content) - { - require_once INSTALLDIR.'/extlib/htmLawed/htmLawed.php'; - - $config = array('safe' => 1, - 'deny_attribute' => 'id,style,on*'); - - return htmLawed($content, $config); - } }