X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdfrn_poll.php;h=1e07242875086506355f90822dd338d5122f4fd1;hb=de4a2e6fd03cd0aab94a256eba92ed593931534b;hp=13d443341dae048e4ff52c01a4c9f753613b69e8;hpb=09851331a9dc8601919cd0c9200686b92843d235;p=friendica.git diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php index 13d443341d..1e07242875 100644 --- a/mod/dfrn_poll.php +++ b/mod/dfrn_poll.php @@ -1,12 +1,18 @@ argc > 1) && ($dfrn_id == '') && !strstr($_SERVER["HTTP_USER_AGENT"], 'Friendica')) { + $nickname = $a->argv[1]; + header("Content-type: application/atom+xml"); + echo OStatus::feed($a, $nickname, $last_update, 10); + killme(); + } + $direction = (-1); - if (strpos($dfrn_id,':') == 1) { + if(strpos($dfrn_id,':') == 1) { $direction = intval(substr($dfrn_id,0,1)); $dfrn_id = substr($dfrn_id,2); } $hidewall = false; - if (($dfrn_id === '') && (! x($_POST,'dfrn_id'))) { - if ((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + if(($dfrn_id === '') && (! x($_POST,'dfrn_id'))) { + if((Config::get('system','block_public')) && (! local_user()) && (! remote_user())) { http_status_exit(403); } $user = ''; - if ($a->argc > 1) { + if($a->argc > 1) { $r = q("SELECT `hidewall`,`nickname` FROM `user` WHERE `user`.`nickname` = '%s' LIMIT 1", dbesc($a->argv[1]) ); @@ -47,11 +61,11 @@ function dfrn_poll_init(App $a) { logger('dfrn_poll: public feed request from ' . $_SERVER['REMOTE_ADDR'] . ' for ' . $user); header("Content-type: application/atom+xml"); - echo dfrn::feed('', $user,$last_update, 0, $hidewall); + echo DFRN::feed('', $user,$last_update, 0, $hidewall); killme(); } - if (($type === 'profile') && (! strlen($sec))) { + if(($type === 'profile') && (! strlen($sec))) { $sql_extra = ''; switch($direction) { @@ -68,7 +82,7 @@ function dfrn_poll_init(App $a) { $my_id = '0:' . $dfrn_id; break; default: - goaway(z_root()); + goaway(System::baseUrl()); break; // NOTREACHED } @@ -79,19 +93,19 @@ function dfrn_poll_init(App $a) { dbesc($a->argv[1]) ); - if (dbm::is_result($r)) { + if (DBM::is_result($r)) { $s = fetch_url($r[0]['poll'] . '?dfrn_id=' . $my_id . '&type=profile-check'); logger("dfrn_poll: old profile returns " . $s, LOGGER_DATA); - if (strlen($s)) { + if(strlen($s)) { $xml = parse_xml_string($s); - if ((int) $xml->status == 1) { + if((int) $xml->status == 1) { $_SESSION['authenticated'] = 1; - if (! x($_SESSION,'remote')) + if(! x($_SESSION,'remote')) $_SESSION['remote'] = array(); $_SESSION['remote'][] = array('cid' => $r[0]['id'],'uid' => $r[0]['uid'],'url' => $r[0]['url']); @@ -100,7 +114,7 @@ function dfrn_poll_init(App $a) { $_SESSION['visitor_home'] = $r[0]['url']; $_SESSION['visitor_handle'] = $r[0]['addr']; $_SESSION['visitor_visiting'] = $r[0]['uid']; - if (!$quiet) + if(!$quiet) info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL); // Visitors get 1 day session. $session_id = session_id(); @@ -112,32 +126,32 @@ function dfrn_poll_init(App $a) { } } $profile = $r[0]['nickname']; - goaway((strlen($destination_url)) ? $destination_url : App::get_baseurl() . '/profile/' . $profile); + goaway((strlen($destination_url)) ? $destination_url : System::baseUrl() . '/profile/' . $profile); } - goaway(z_root()); + goaway(System::baseUrl()); } - if ($type === 'profile-check' && $dfrn_version < 2.2 ) { + if($type === 'profile-check' && $dfrn_version < 2.2 ) { - if ((strlen($challenge)) && (strlen($sec))) { + if((strlen($challenge)) && (strlen($sec))) { q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time())); $r = q("SELECT * FROM `profile_check` WHERE `sec` = '%s' ORDER BY `expire` DESC LIMIT 1", dbesc($sec) ); - if (! dbm::is_result($r)) { + if (! DBM::is_result($r)) { xml_status(3, 'No ticket'); // NOTREACHED } $orig_id = $r[0]['dfrn_id']; - if (strpos($orig_id, ':')) + if(strpos($orig_id, ':')) $orig_id = substr($orig_id,2); $c = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", intval($r[0]['cid']) ); - if (! dbm::is_result($c)) { + if (! DBM::is_result($c)) { xml_status(3, 'No profile'); } $contact = $c[0]; @@ -147,7 +161,7 @@ function dfrn_poll_init(App $a) { $final_dfrn_id = ''; - if (($contact['duplex']) && strlen($contact['prvkey'])) { + if(($contact['duplex']) && strlen($contact['prvkey'])) { openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']); openssl_private_decrypt($challenge,$decoded_challenge,$contact['prvkey']); } @@ -158,10 +172,10 @@ function dfrn_poll_init(App $a) { $final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.')); - if (strpos($final_dfrn_id,':') == 1) + if(strpos($final_dfrn_id,':') == 1) $final_dfrn_id = substr($final_dfrn_id,2); - if ($final_dfrn_id != $orig_id) { + if($final_dfrn_id != $orig_id) { logger('profile_check: ' . $final_dfrn_id . ' != ' . $orig_id, LOGGER_DEBUG); // did not decode properly - cannot trust this site xml_status(3, 'Bad decryption'); @@ -190,7 +204,7 @@ function dfrn_poll_init(App $a) { q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time())); $r = q("SELECT * FROM `profile_check` WHERE `dfrn_id` = '%s' ORDER BY `expire` DESC", dbesc($dfrn_id)); - if (dbm::is_result($r)) { + if (DBM::is_result($r)) { xml_status(1); return; // NOTREACHED } @@ -213,9 +227,9 @@ function dfrn_poll_post(App $a) { $dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0); $perm = ((x($_POST,'perm')) ? $_POST['perm'] : 'r'); - if ($ptype === 'profile-check') { + if($ptype === 'profile-check') { - if ((strlen($challenge)) && (strlen($sec))) { + if((strlen($challenge)) && (strlen($sec))) { logger('dfrn_poll: POST: profile-check'); @@ -223,18 +237,18 @@ function dfrn_poll_post(App $a) { $r = q("SELECT * FROM `profile_check` WHERE `sec` = '%s' ORDER BY `expire` DESC LIMIT 1", dbesc($sec) ); - if (! dbm::is_result($r)) { + if (! DBM::is_result($r)) { xml_status(3, 'No ticket'); // NOTREACHED } $orig_id = $r[0]['dfrn_id']; - if (strpos($orig_id, ':')) + if(strpos($orig_id, ':')) $orig_id = substr($orig_id,2); $c = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", intval($r[0]['cid']) ); - if (! dbm::is_result($c)) { + if (! DBM::is_result($c)) { xml_status(3, 'No profile'); } $contact = $c[0]; @@ -244,7 +258,7 @@ function dfrn_poll_post(App $a) { $final_dfrn_id = ''; - if (($contact['duplex']) && strlen($contact['prvkey'])) { + if(($contact['duplex']) && strlen($contact['prvkey'])) { openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']); openssl_private_decrypt($challenge,$decoded_challenge,$contact['prvkey']); } @@ -255,10 +269,10 @@ function dfrn_poll_post(App $a) { $final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.')); - if (strpos($final_dfrn_id,':') == 1) + if(strpos($final_dfrn_id,':') == 1) $final_dfrn_id = substr($final_dfrn_id,2); - if ($final_dfrn_id != $orig_id) { + if($final_dfrn_id != $orig_id) { logger('profile_check: ' . $final_dfrn_id . ' != ' . $orig_id, LOGGER_DEBUG); // did not decode properly - cannot trust this site xml_status(3, 'Bad decryption'); @@ -273,7 +287,7 @@ function dfrn_poll_post(App $a) { } $direction = (-1); - if (strpos($dfrn_id,':') == 1) { + if(strpos($dfrn_id,':') == 1) { $direction = intval(substr($dfrn_id,0,1)); $dfrn_id = substr($dfrn_id,2); } @@ -284,7 +298,7 @@ function dfrn_poll_post(App $a) { dbesc($challenge) ); - if (! dbm::is_result($r)) { + if (! DBM::is_result($r)) { killme(); } @@ -312,7 +326,7 @@ function dfrn_poll_post(App $a) { $my_id = '0:' . $dfrn_id; break; default: - goaway(z_root()); + goaway(System::baseUrl()); break; // NOTREACHED } @@ -320,7 +334,7 @@ function dfrn_poll_post(App $a) { $r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 $sql_extra LIMIT 1"); - if (! dbm::is_result($r)) { + if (! DBM::is_result($r)) { killme(); } @@ -329,7 +343,7 @@ function dfrn_poll_post(App $a) { $contact_id = $r[0]['id']; - if ($type === 'reputation' && strlen($url)) { + if($type === 'reputation' && strlen($url)) { $r = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1", dbesc($url), intval($owner_uid) @@ -337,11 +351,11 @@ function dfrn_poll_post(App $a) { $reputation = 0; $text = ''; - if (dbm::is_result($r)) { + if (DBM::is_result($r)) { $reputation = $r[0]['rating']; $text = $r[0]['reason']; - if ($r[0]['id'] == $contact_id) { // inquiring about own reputation not allowed + if($r[0]['id'] == $contact_id) { // inquiring about own reputation not allowed $reputation = 0; $text = ''; } @@ -361,13 +375,13 @@ function dfrn_poll_post(App $a) { // Update the writable flag if it changed logger('dfrn_poll: post request feed: ' . print_r($_POST,true),LOGGER_DATA); - if ($dfrn_version >= 2.21) { - if ($perm === 'rw') + if($dfrn_version >= 2.21) { + if($perm === 'rw') $writable = 1; else $writable = 0; - if ($writable != $contact['writable']) { + if($writable != $contact['writable']) { q("UPDATE `contact` SET `writable` = %d WHERE `id` = %d", intval($writable), intval($contact_id) @@ -376,7 +390,7 @@ function dfrn_poll_post(App $a) { } header("Content-type: application/atom+xml"); - $o = dfrn::feed($dfrn_id, $a->argv[1], $last_update, $direction); + $o = DFRN::feed($dfrn_id, $a->argv[1], $last_update, $direction); echo $o; killme(); @@ -395,13 +409,13 @@ function dfrn_poll_content(App $a) { $quiet = ((x($_GET,'quiet')) ? true : false); $direction = (-1); - if (strpos($dfrn_id,':') == 1) { + if(strpos($dfrn_id,':') == 1) { $direction = intval(substr($dfrn_id,0,1)); $dfrn_id = substr($dfrn_id,2); } - if ($dfrn_id != '') { + if($dfrn_id != '') { // initial communication from external contact $hash = random_string(); @@ -409,7 +423,7 @@ function dfrn_poll_content(App $a) { $r = q("DELETE FROM `challenge` WHERE `expire` < " . intval(time())); - if ($type !== 'profile') { + if($type !== 'profile') { $r = q("INSERT INTO `challenge` ( `challenge`, `dfrn-id`, `expire` , `type`, `last_update` ) VALUES( '%s', '%s', '%s', '%s', '%s' ) ", dbesc($hash), @@ -422,7 +436,7 @@ function dfrn_poll_content(App $a) { $sql_extra = ''; switch($direction) { case (-1): - if ($type === 'profile') + if($type === 'profile') $sql_extra = sprintf(" AND ( `dfrn-id` = '%s' OR `issued-id` = '%s' ) ", dbesc($dfrn_id),dbesc($dfrn_id)); else $sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($dfrn_id)); @@ -437,7 +451,7 @@ function dfrn_poll_content(App $a) { $my_id = '0:' . $dfrn_id; break; default: - goaway(z_root()); + goaway(System::baseUrl()); break; // NOTREACHED } @@ -450,13 +464,13 @@ function dfrn_poll_content(App $a) { dbesc($nickname) ); - if (dbm::is_result($r)) { + if (DBM::is_result($r)) { $challenge = ''; $encrypted_id = ''; $id_str = $my_id . '.' . mt_rand(1000,9999); - if (($r[0]['duplex'] && strlen($r[0]['pubkey'])) || (! strlen($r[0]['prvkey']))) { + if(($r[0]['duplex'] && strlen($r[0]['pubkey'])) || (! strlen($r[0]['prvkey']))) { openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']); openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']); } @@ -474,11 +488,11 @@ function dfrn_poll_content(App $a) { $encrypted_id = ''; } - if (($type === 'profile') && (strlen($sec))) { + if(($type === 'profile') && (strlen($sec))) { // URL reply - if ($dfrn_version < 2.2) { + if($dfrn_version < 2.2) { $s = fetch_url($r[0]['poll'] . '?dfrn_id=' . $encrypted_id . '&type=profile-check' @@ -497,27 +511,28 @@ function dfrn_poll_content(App $a) { )); } - $profile = ((dbm::is_result($r) && $r[0]['nickname']) ? $r[0]['nickname'] : $nickname); + $profile = ((DBM::is_result($r) && $r[0]['nickname']) ? $r[0]['nickname'] : $nickname); switch($destination_url) { case 'profile': - $dest = App::get_baseurl() . '/profile/' . $profile . '?f=&tab=profile'; + $dest = System::baseUrl() . '/profile/' . $profile . '?f=&tab=profile'; break; case 'photos': - $dest = App::get_baseurl() . '/photos/' . $profile; + $dest = System::baseUrl() . '/photos/' . $profile; break; case 'status': case '': - $dest = App::get_baseurl() . '/profile/' . $profile; + $dest = System::baseUrl() . '/profile/' . $profile; break; default: - $dest = $destination_url . '?f=&redir=1'; + $appendix = (strstr($destination_url, '?') ? '&f=&redir=1' : '?f=&redir=1'); + $dest = $destination_url . $appendix; break; } logger("dfrn_poll: sec profile: " . $s, LOGGER_DATA); - if (strlen($s) && strstr($s,'sec . ' expecting ' . $sec); - if (((int) $xml->status == 0) && ($xml->challenge == $hash) && ($xml->sec == $sec)) { + if(((int) $xml->status == 0) && ($xml->challenge == $hash) && ($xml->sec == $sec)) { $_SESSION['authenticated'] = 1; - if (! x($_SESSION,'remote')) + if(! x($_SESSION,'remote')) $_SESSION['remote'] = array(); $_SESSION['remote'][] = array('cid' => $r[0]['id'],'uid' => $r[0]['uid'],'url' => $r[0]['url']); $_SESSION['visitor_id'] = $r[0]['id']; $_SESSION['visitor_home'] = $r[0]['url']; $_SESSION['visitor_visiting'] = $r[0]['uid']; - if (!$quiet) + if(!$quiet) info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL); // Visitors get 1 day session. $session_id = session_id();