X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdfrn_confirm.php;h=6ebde734e6ace3dfae9c610c521371afcaab1300;hb=2c11e91e657611dcc81389a98b6152227f702267;hp=ba8e27431fc31b675cb6784e839f595f399352ef;hpb=c0cc65304b06b027219a9f162deaab90fe2a0487;p=friendica.git diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index ba8e27431f..6ebde734e6 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -18,11 +18,13 @@ * https://github.com/friendica/friendica/blob/master/spec/dfrn2_contact_confirmation.png */ +use Friendica\App; + require_once('include/enotify.php'); require_once('include/group.php'); require_once('include/Probe.php'); -function dfrn_confirm_post(&$a,$handsfree = null) { +function dfrn_confirm_post(App $a, $handsfree = null) { if(is_array($handsfree)) { @@ -185,10 +187,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) { * */ - $src_aes_key = random_string(); + $src_aes_key = openssl_random_pseudo_bytes(64); $result = ''; - openssl_private_encrypt($dfrn_id,$result,$user[0]['prvkey']); + openssl_private_encrypt($dfrn_id, $result, $user[0]['prvkey']); $params['dfrn_id'] = bin2hex($result); $params['public_key'] = $public_key; @@ -224,9 +226,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { * */ - $a->config['system']['curl_timeout'] = 120; - - $res = post_url($dfrn_confirm,$params); + $res = post_url($dfrn_confirm, $params, null, $redirects, 120); logger(' Confirm: received data: ' . $res, LOGGER_DATA); @@ -436,7 +436,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { if (($contact) && ($contact['network'] === NETWORK_DIASPORA)) { require_once('include/diaspora.php'); - $ret = diaspora::send_share($user[0],$r[0]); + $ret = Diaspora::send_share($user[0],$r[0]); logger('share returns: ' . $ret); } @@ -506,10 +506,11 @@ function dfrn_confirm_post(&$a,$handsfree = null) { // Let's send our user to the contact editor in case they want to // do anything special with this new friend. - if($handsfree === null) + if ($handsfree === null) { goaway(App::get_baseurl() . '/contacts/' . intval($contact_id)); - else + } else { return; + } //NOTREACHED } @@ -525,7 +526,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { * */ - if(x($_POST,'source_url')) { + if (x($_POST,'source_url')) { // We are processing an external confirmation to an introduction created by our user. @@ -546,7 +547,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { // If $aes_key is set, both of these items require unpacking from the hex transport encoding. - if(x($aes_key)) { + if (x($aes_key)) { $aes_key = hex2bin($aes_key); $public_key = hex2bin($public_key); } @@ -587,17 +588,18 @@ function dfrn_confirm_post(&$a,$handsfree = null) { dbesc($decrypted_source_url), intval($local_uid) ); - if(! dbm::is_result($ret)) { - if(strstr($decrypted_source_url,'http:')) + if (!dbm::is_result($ret)) { + if (strstr($decrypted_source_url,'http:')) { $newurl = str_replace('http:','https:',$decrypted_source_url); - else + } else { $newurl = str_replace('https:','http:',$decrypted_source_url); + } $ret = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1", dbesc($newurl), intval($local_uid) ); - if(! dbm::is_result($ret)) { + if (!dbm::is_result($ret)) { // this is either a bogus confirmation (?) or we deleted the original introduction. $message = t('Contact record was not found for you on our site.'); xml_status(3,$message); @@ -612,7 +614,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $foreign_pubkey = $ret[0]['site-pubkey']; $dfrn_record = $ret[0]['id']; - if(! $foreign_pubkey) { + if (! $foreign_pubkey) { $message = sprintf( t('Site public key not available in contact record for URL %s.'), $newurl); xml_status(3,$message); } @@ -620,7 +622,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $decrypted_dfrn_id = ""; openssl_public_decrypt($dfrn_id,$decrypted_dfrn_id,$foreign_pubkey); - if(strlen($aes_key)) { + if (strlen($aes_key)) { $decrypted_aes_key = ""; openssl_private_decrypt($aes_key,$decrypted_aes_key,$my_prvkey); $dfrn_pubkey = openssl_decrypt($public_key,'AES-256-CBC',$decrypted_aes_key);