X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdfrn_confirm.php;h=8e1fc76e9a76ac9b8d856cbdb6de6fac37ce715f;hb=660bd39efad52b1c69bd8dd0ca27141b81f84ca5;hp=2b25095fde2209314ff65b7d71a8eb51fb108e00;hpb=3c0cf727161d824dd166d3c9cd8bc42248780590;p=friendica.git

diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php
index 2b25095fde..8e1fc76e9a 100644
--- a/mod/dfrn_confirm.php
+++ b/mod/dfrn_confirm.php
@@ -52,7 +52,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 		if(! $uid) {
 			notice( t('Permission denied.') . EOL );
 			return;
-		}	
+		}
 
 		$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
 			intval($uid)
@@ -61,7 +61,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 		if(! $user) {
 			notice( t('Profile not found.') . EOL );
 			return;
-		}	
+		}
 
 
 		// These data elements may come from either the friend request notification form or $handsfree array.
@@ -144,23 +144,16 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 			 * worried about key leakage than anybody cracking it.  
 			 *
 			 */
+			require_once('include/crypto.php');
 
-			$res = openssl_pkey_new(array(
-				'digest_alg' => 'sha1',
-				'private_key_bits' => 4096,
-				'encrypt_key' => false )
-			);
-
-			$private_key = '';
+			$res = new_keypair(4096);
 
-			openssl_pkey_export($res, $private_key);
-
-			$pubkey = openssl_pkey_get_details($res);
-			$public_key = $pubkey["key"];
+			$private_key = $res['prvkey'];
+			$public_key  = $res['pubkey'];
 
 			// Save the private key. Send them the public key.
 
-			$r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
+			$r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d",
 				dbesc($private_key),
 				intval($contact_id),
 				intval($uid) 
@@ -209,6 +202,8 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 
 			if($user[0]['page-flags'] == PAGE_COMMUNITY)
 				$params['page'] = 1;
+			if($user[0]['page-flags'] == PAGE_PRVGROUP)
+				$params['page'] = 2;
 
 			logger('dfrn_confirm: Confirm: posting data to ' . $dfrn_confirm . ': ' . print_r($params,true), LOGGER_DATA);
 
@@ -263,7 +258,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 				case 1:
 					// birthday paradox - generate new dfrn-id and fall through.
 					$new_dfrn_id = random_string();
-					$r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
+					$r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d",
 						dbesc($new_dfrn_id),
 						intval($contact_id),
 						intval($uid) 
@@ -284,17 +279,17 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 				}
 
 			if(($status == 0) && ($intro_id)) {
-	
+
 				// Success. Delete the notification.
-	
-				$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+
+				$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d",
 					intval($intro_id),
 					intval($uid)
 				);
-				
+
 			}
 
-			if($status != 0) 
+			if($status != 0)
 				return;
 		}
 
@@ -324,19 +319,19 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 			if(($relation == CONTACT_IS_SHARING) && ($duplex))
 				$duplex = 0;
 
-			$r = q("UPDATE `contact` SET 
-				`photo` = '%s', 
+			$r = q("UPDATE `contact` SET
+				`photo` = '%s',
 				`thumb` = '%s',
-				`micro` = '%s', 
-				`rel` = %d, 
-				`name-date` = '%s', 
-				`uri-date` = '%s', 
-				`avatar-date` = '%s', 
-				`blocked` = 0, 
+				`micro` = '%s',
+				`rel` = %d,
+				`name-date` = '%s',
+				`uri-date` = '%s',
+				`avatar-date` = '%s',
+				`blocked` = 0,
 				`pending` = 0,
 				`duplex` = %d,
 				`hidden` = %d,
-				`network` = 'dfrn' WHERE `id` = %d LIMIT 1
+				`network` = 'dfrn' WHERE `id` = %d
 			",
 				dbesc($photos[0]),
 				dbesc($photos[1]),
@@ -350,7 +345,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 				intval($contact_id)
 			);
 		}
-		else {  
+		else {
 
 			// $network !== NETWORK_DFRN
 
@@ -383,27 +378,27 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 					$writable = 1;
 			}
 
-			$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+			$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d",
 				intval($intro_id),
 				intval($uid)
 			);
 
 
-			$r = q("UPDATE `contact` SET `photo` = '%s', 
+			$r = q("UPDATE `contact` SET `photo` = '%s',
 				`thumb` = '%s',
-				`micro` = '%s', 
-				`name-date` = '%s', 
-				`uri-date` = '%s', 
-				`avatar-date` = '%s', 
+				`micro` = '%s',
+				`name-date` = '%s',
+				`uri-date` = '%s',
+				`avatar-date` = '%s',
 				`notify` = '%s',
 				`poll` = '%s',
-				`blocked` = 0, 
+				`blocked` = 0,
 				`pending` = 0,
 				`network` = '%s',
 				`writable` = %d,
 				`hidden` = %d,
 				`rel` = %d
-				WHERE `id` = %d LIMIT 1
+				WHERE `id` = %d
 			",
 				dbesc($photos[0]),
 				dbesc($photos[1]),
@@ -418,7 +413,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 				intval($hidden),
 				intval($new_relation),
 				intval($contact_id)
-			);			
+			);
 		}
 
 		if($r === false)
@@ -500,13 +495,23 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 				}
 			}
 		}
+
+
+		$g = q("select def_gid from user where uid = %d limit 1",
+			intval($uid)
+		);
+		if($contact && $g && intval($g[0]['def_gid'])) {
+			require_once('include/group.php');
+			group_add_member($uid,'',$contact['id'],$g[0]['def_gid']);
+		}
+
 		// Let's send our user to the contact editor in case they want to
 		// do anything special with this new friend.
 
 		if($handsfree === null)
 			goaway($a->get_baseurl() . '/contacts/' . intval($contact_id));
 		else
-			return;  
+			return;
 		//NOTREACHED
 	}
 
@@ -533,7 +538,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 		$duplex     = ((x($_POST,'duplex'))       ? intval($_POST['duplex'])       : 0 );
 		$page       = ((x($_POST,'page'))         ? intval($_POST['page'])         : 0 );
 		$version_id = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);
-	
+
+		$forum = (($page == 1) ? 1 : 0);
+		$prv   = (($page == 2) ? 1 : 0);
+
 		logger('dfrn_confirm: requestee contacted: ' . $node);
 
 		logger('dfrn_confirm: request: POST=' . print_r($_POST,true), LOGGER_DATA);
@@ -632,7 +640,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 			// NOTREACHED
 		}
 
-		$r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d LIMIT 1",
+		$r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d",
 			dbesc($decrypted_dfrn_id),
 			dbesc($dfrn_pubkey),
 			intval($dfrn_record)
@@ -643,10 +651,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 		}
 
 		// It's possible that the other person also requested friendship.
-		// If it is a duplex relationship, ditch the issued-id if one exists. 
+		// If it is a duplex relationship, ditch the issued-id if one exists.
 
 		if($duplex) {
-			$r = q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d LIMIT 1",
+			$r = q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d",
 				intval($dfrn_record)
 			);
 		}
@@ -662,8 +670,8 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 			$photo = $r[0]['photo'];
 		else
 			$photo = $a->get_baseurl() . '/images/person-175.jpg';
-				
-		require_once("Photo.php");
+
+		require_once("include/Photo.php");
 
 		$photos = import_profile_photo($photo,$local_uid,$dfrn_record);
 
@@ -676,19 +684,20 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 		if(($relation == CONTACT_IS_FOLLOWER) && ($duplex))
 			$duplex = 0;
 
-		$r = q("UPDATE `contact` SET 
-			`photo` = '%s', 
-			`thumb` = '%s', 
+		$r = q("UPDATE `contact` SET
+			`photo` = '%s',
+			`thumb` = '%s',
 			`micro` = '%s',
-			`rel` = %d, 
-			`name-date` = '%s', 
-			`uri-date` = '%s', 
-			`avatar-date` = '%s', 
-			`blocked` = 0, 
+			`rel` = %d,
+			`name-date` = '%s',
+			`uri-date` = '%s',
+			`avatar-date` = '%s',
+			`blocked` = 0,
 			`pending` = 0,
-			`duplex` = %d, 
+			`duplex` = %d,
 			`forum` = %d,
-			`network` = '%s' WHERE `id` = %d LIMIT 1
+			`prv` = %d,
+			`network` = '%s' WHERE `id` = %d
 		",
 			dbesc($photos[0]),
 			dbesc($photos[1]),
@@ -698,7 +707,8 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 			dbesc(datetime_convert()),
 			dbesc(datetime_convert()),
 			intval($duplex),
-			intval($page),
+			intval($forum),
+			intval($prv),
 			dbesc(NETWORK_DFRN),
 			intval($dfrn_record)
 		);
@@ -723,10 +733,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 		if((count($r)) && ($r[0]['notify-flags'] & NOTIFY_CONFIRM)) {
 
 			push_lang($r[0]['language']);
-			$tpl = (($new_relation == CONTACT_IS_FRIEND) 
+			$tpl = (($new_relation == CONTACT_IS_FRIEND)
 				? get_intltext_template('friend_complete_eml.tpl')
 				: get_intltext_template('intro_complete_eml.tpl'));
-		
+
 			$email_tpl = replace_macros($tpl, array(
 				'$sitename' => $a->config['sitename'],
 				'$siteurl' =>  $a->get_baseurl(),
@@ -736,10 +746,11 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 				'$dfrn_url' => $r[0]['url'],
 				'$uid' => $newuid )
 			);
-	
-			$res = mail($r[0]['email'], sprintf( t("Connection accepted at %s") , $a->config['sitename']),
+			require_once('include/email.php');
+
+			$res = mail($r[0]['email'], email_header_encode( sprintf( t("Connection accepted at %s") , $a->config['sitename']),'UTF-8'),
 				$email_tpl,
-				'From: ' . t('Administrator') . '@' . $_SERVER['SERVER_NAME'] . "\n"
+				'From: ' . 'Administrator' . '@' . $_SERVER['SERVER_NAME'] . "\n"
 				. 'Content-type: text/plain; charset=UTF-8' . "\n"
 				. 'Content-transfer-encoding: 8bit' );