X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdfrn_confirm.php;h=d5dbab951eabc0fc4065339a1710485780b2f802;hb=e5a6d91cc4dc8f8546580c656ed6acc7016d4a28;hp=8e1fc76e9a76ac9b8d856cbdb6de6fac37ce715f;hpb=6e7bd68ebb027b90398eee4fcc3bd73912a881e3;p=friendica.git diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index 8e1fc76e9a..d5dbab951e 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -9,11 +9,13 @@ * 1. A form was submitted by our user approving a friendship that originated elsewhere. * This may also be called from dfrn_request to automatically approve a friendship. * - * 2. We may be the target or other side of the conversation to scenario 1, and will + * 2. We may be the target or other side of the conversation to scenario 1, and will * interact with that process on our own user's behalf. - * + * */ +require_once('include/enotify.php'); + function dfrn_confirm_post(&$a,$handsfree = null) { if(is_array($handsfree)) { @@ -35,11 +37,11 @@ function dfrn_confirm_post(&$a,$handsfree = null) { /** * - * Main entry point. Scenario 1. Our user received a friend request notification (perhaps - * from another site) and clicked 'Approve'. + * Main entry point. Scenario 1. Our user received a friend request notification (perhaps + * from another site) and clicked 'Approve'. * $POST['source_url'] is not set. If it is, it indicates Scenario 2. * - * We may also have been called directly from dfrn_request ($handsfree != null) due to + * We may also have been called directly from dfrn_request ($handsfree != null) due to * this being a page type which supports automatic friend acceptance. That is also Scenario 1 * since we are operating on behalf of our registered user to approve a friendship. * @@ -67,7 +69,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { // These data elements may come from either the friend request notification form or $handsfree array. if(is_array($handsfree)) { - logger('dfrn_confirm: Confirm in handsfree mode'); + logger('Confirm in handsfree mode'); $dfrn_id = $handsfree['dfrn_id']; $intro_id = $handsfree['intro_id']; $duplex = $handsfree['duplex']; @@ -86,7 +88,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { /** * * Ensure that dfrn_id has precedence when we go to find the contact record. - * We only want to search based on contact id if there is no dfrn_id, + * We only want to search based on contact id if there is no dfrn_id, * e.g. for OStatus network followers. * */ @@ -94,15 +96,15 @@ function dfrn_confirm_post(&$a,$handsfree = null) { if(strlen($dfrn_id)) $cid = 0; - logger('dfrn_confirm: Confirming request for dfrn_id (issued) ' . $dfrn_id); + logger('Confirming request for dfrn_id (issued) ' . $dfrn_id); if($cid) - logger('dfrn_confirm: Confirming follower with contact_id: ' . $cid); + logger('Confirming follower with contact_id: ' . $cid); /** * * The other person will have been issued an ID when they first requested friendship. - * Locate their record. At this time, their record will have both pending and blocked set to 1. + * Locate their record. At this time, their record will have both pending and blocked set to 1. * There won't be any dfrn_id if this is a network follower, so use the contact_id instead. * */ @@ -114,7 +116,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { ); if(! count($r)) { - logger('dfrn_confirm: Contact not found in DB.'); + logger('Contact not found in DB.'); notice( t('Contact not found.') . EOL ); notice( t('This may occasionally happen if contact was requested by both persons and it has already been approved.') . EOL ); return; @@ -127,7 +129,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $site_pubkey = $contact['site-pubkey']; $dfrn_confirm = $contact['confirm']; $aes_allow = $contact['aes_allow']; - + $network = ((strlen($contact['issued-id'])) ? NETWORK_DFRN : NETWORK_OSTATUS); if($contact['network']) @@ -139,15 +141,16 @@ function dfrn_confirm_post(&$a,$handsfree = null) { * * Generate a key pair for all further communications with this person. * We have a keypair for every contact, and a site key for unknown people. - * This provides a means to carry on relationships with other people if - * any single key is compromised. It is a robust key. We're much more - * worried about key leakage than anybody cracking it. + * This provides a means to carry on relationships with other people if + * any single key is compromised. It is a robust key. We're much more + * worried about key leakage than anybody cracking it. * */ require_once('include/crypto.php'); $res = new_keypair(4096); + $private_key = $res['prvkey']; $public_key = $res['pubkey']; @@ -156,23 +159,23 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d", dbesc($private_key), intval($contact_id), - intval($uid) + intval($uid) ); $params = array(); /** * - * Per the DFRN protocol, we will verify both ends by encrypting the dfrn_id with our + * Per the DFRN protocol, we will verify both ends by encrypting the dfrn_id with our * site private key (person on the other end can decrypt it with our site public key). * Then encrypt our profile URL with the other person's site public key. They can decrypt * it with their site private key. If the decryption on the other end fails for either - * item, it indicates tampering or key failure on at least one site and we will not be + * item, it indicates tampering or key failure on at least one site and we will not be * able to provide a secure communication pathway. * - * If other site is willing to accept full encryption, (aes_allow is 1 AND we have php5.3 - * or later) then we encrypt the personal public key we send them using AES-256-CBC and a - * random key which is encrypted with their site public key. + * If other site is willing to accept full encryption, (aes_allow is 1 AND we have php5.3 + * or later) then we encrypt the personal public key we send them using AES-256-CBC and a + * random key which is encrypted with their site public key. * */ @@ -205,7 +208,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { if($user[0]['page-flags'] == PAGE_PRVGROUP) $params['page'] = 2; - logger('dfrn_confirm: Confirm: posting data to ' . $dfrn_confirm . ': ' . print_r($params,true), LOGGER_DATA); + logger('Confirm: posting data to ' . $dfrn_confirm . ': ' . print_r($params,true), LOGGER_DATA); /** * @@ -219,10 +222,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $res = post_url($dfrn_confirm,$params); - logger('dfrn_confirm: Confirm: received data: ' . $res, LOGGER_DATA); + logger(' Confirm: received data: ' . $res, LOGGER_DATA); - // Now figure out what they responded. Try to be robust if the remote site is - // having difficulty and throwing up errors of some kind. + // Now figure out what they responded. Try to be robust if the remote site is + // having difficulty and throwing up errors of some kind. $leading_junk = substr($res,0,strpos($res,'status; $message = unxmlify($xml->message); // human readable text of what may have gone wrong. @@ -261,7 +270,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d", dbesc($new_dfrn_id), intval($contact_id), - intval($uid) + intval($uid) ); case 2: @@ -307,7 +316,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { require_once('include/Photo.php'); $photos = import_profile_photo($contact['photo'],$uid,$contact_id); - + logger('dfrn_confirm: confirm - imported photos'); if($network === NETWORK_DFRN) { @@ -331,7 +340,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { `pending` = 0, `duplex` = %d, `hidden` = %d, - `network` = 'dfrn' WHERE `id` = %d + `network` = '%s' WHERE `id` = %d ", dbesc($photos[0]), dbesc($photos[1]), @@ -342,6 +351,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { dbesc(datetime_convert()), intval($duplex), intval($hidden), + dbesc(NETWORK_DFRN), intval($contact_id) ); } @@ -372,7 +382,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { if($duplex) $new_relation = CONTACT_IS_FRIEND; else - $new_relation = CONTACT_IS_SHARING; + $new_relation = CONTACT_IS_FOLLOWER; if($new_relation != CONTACT_IS_FOLLOWER) $writable = 1; @@ -455,7 +465,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { if(count($self)) { $arr = array(); - $arr['uri'] = $arr['parent-uri'] = item_new_uri($a->get_hostname(), $uid); + $arr['uri'] = $arr['parent-uri'] = item_new_uri($a->get_hostname(), $uid); $arr['uid'] = $uid; $arr['contact-id'] = $self[0]['id']; $arr['wall'] = 1; @@ -522,7 +532,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { * * Begin Scenario 2. This is the remote response to the above scenario. * This will take place on the site that originally initiated the friend request. - * In the section above where the confirming party makes a POST and + * In the section above where the confirming party makes a POST and * retrieves xml status information, they are communicating with the following code. * */ @@ -603,7 +613,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { // this is either a bogus confirmation (?) or we deleted the original introduction. $message = t('Contact record was not found for you on our site.'); xml_status(3,$message); - return; // NOTREACHED + return; // NOTREACHED } } @@ -731,33 +741,21 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $combined = $r[0]; if((count($r)) && ($r[0]['notify-flags'] & NOTIFY_CONFIRM)) { - - push_lang($r[0]['language']); - $tpl = (($new_relation == CONTACT_IS_FRIEND) - ? get_intltext_template('friend_complete_eml.tpl') - : get_intltext_template('intro_complete_eml.tpl')); - - $email_tpl = replace_macros($tpl, array( - '$sitename' => $a->config['sitename'], - '$siteurl' => $a->get_baseurl(), - '$username' => $r[0]['username'], - '$email' => $r[0]['email'], - '$fn' => $r[0]['name'], - '$dfrn_url' => $r[0]['url'], - '$uid' => $newuid ) - ); - require_once('include/email.php'); - - $res = mail($r[0]['email'], email_header_encode( sprintf( t("Connection accepted at %s") , $a->config['sitename']),'UTF-8'), - $email_tpl, - 'From: ' . 'Administrator' . '@' . $_SERVER['SERVER_NAME'] . "\n" - . 'Content-type: text/plain; charset=UTF-8' . "\n" - . 'Content-transfer-encoding: 8bit' ); - - if(!$res) { - // pointless throwing an error here and confusing the person at the other end of the wire. - } - pop_lang(); + $mutual = ($new_relation == CONTACT_IS_FRIEND); + notification(array( + 'type' => NOTIFY_CONFIRM, + 'notify_flags' => $r[0]['notify-flags'], + 'language' => $r[0]['language'], + 'to_name' => $r[0]['username'], + 'to_email' => $r[0]['email'], + 'uid' => $r[0]['uid'], + 'link' => $a->get_baseurl() . '/contacts/' . $dfrn_record, + 'source_name' => ((strlen(stripslashes($r[0]['name']))) ? stripslashes($r[0]['name']) : t('[Name Withheld]')), + 'source_link' => $r[0]['url'], + 'source_photo' => $r[0]['photo'], + 'verb' => ($mutual?ACTIVITY_FRIEND:ACTIVITY_FOLLOW), + 'otype' => 'intro' + )); } // Send a new friend post if we are allowed to... @@ -778,7 +776,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { if(count($self)) { $arr = array(); - $arr['uri'] = $arr['parent-uri'] = item_new_uri($a->get_hostname(), $local_uid); + $arr['uri'] = $arr['parent-uri'] = item_new_uri($a->get_hostname(), $local_uid); $arr['uid'] = $local_uid; $arr['contact-id'] = $self[0]['id']; $arr['wall'] = 1;