X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdfrn_poll.php;h=90b3583b8696a7ddf48ee77a4b86c1b713f0f300;hb=bc57d7f64e12c3eaf26d9a9c062e6e010a058aed;hp=5c27889831575a1e8cbd2f88ffff1a70530666cc;hpb=34d268544e565985014ada4369e8673c87883a0a;p=friendica.git

diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php
old mode 100755
new mode 100644
index 5c27889831..90b3583b86
--- a/mod/dfrn_poll.php
+++ b/mod/dfrn_poll.php
@@ -17,6 +17,7 @@ function dfrn_poll_init(&$a) {
 	$sec             = ((x($_GET,'sec'))             ? $_GET['sec']                  : '');
 	$dfrn_version    = ((x($_GET,'dfrn_version'))    ? (float) $_GET['dfrn_version'] : 2.0);
 	$perm            = ((x($_GET,'perm'))            ? $_GET['perm']                 : 'r');
+	$quiet			 = ((x($_GET,'quiet'))			 ? true							 : false);
 
 	$direction = (-1);
 
@@ -28,7 +29,7 @@ function dfrn_poll_init(&$a) {
 
 	if(($dfrn_id === '') && (! x($_POST,'dfrn_id'))) {
 		if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) {
-			killme();
+			http_status_exit(403);
 		}
 
 		$user = '';
@@ -36,8 +37,10 @@ function dfrn_poll_init(&$a) {
 			$r = q("SELECT `hidewall`,`nickname` FROM `user` WHERE `user`.`nickname` = '%s' LIMIT 1",
 				dbesc($a->argv[1])
 			);
-			if((! count($r)) || (count($r) && $r[0]['hidewall']))
-				killme();
+			if(! $r)
+				http_status_exit(404);
+			if(($r[0]['hidewall']) && (! local_user()))
+				http_status_exit(403);
 			$user = $r[0]['nickname'];
 		}
  
@@ -87,11 +90,17 @@ function dfrn_poll_init(&$a) {
 
 				if((int) $xml->status == 1) {
 					$_SESSION['authenticated'] = 1;
+					if(! x($_SESSION,'remote'))
+						$_SESSION['remote'] = array();
+
+					$_SESSION['remote'][] = array('cid' => $r[0]['id'],'uid' => $r[0]['uid'],'url' => $r[0]['url']);
+
 					$_SESSION['visitor_id'] = $r[0]['id'];
 					$_SESSION['visitor_home'] = $r[0]['url'];
 					$_SESSION['visitor_handle'] = $r[0]['addr'];
 					$_SESSION['visitor_visiting'] = $r[0]['uid'];
-					info( sprintf(t('%s welcomes %s'), $r[0]['username'] , $r[0]['name']) . EOL);
+					if(!$quiet)
+						info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
 					// Visitors get 1 day session.
 					$session_id = session_id();
 					$expire = time() + 86400;
@@ -380,6 +389,7 @@ function dfrn_poll_content(&$a) {
 	$sec             = ((x($_GET,'sec'))             ? $_GET['sec']                  : '');
 	$dfrn_version    = ((x($_GET,'dfrn_version'))    ? (float) $_GET['dfrn_version'] : 2.0);
 	$perm            = ((x($_GET,'perm'))            ? $_GET['perm']                 : 'r');
+	$quiet			 = ((x($_GET,'quiet'))			 ? true							 : false);
 
 	$direction = (-1);
 	if(strpos($dfrn_id,':') == 1) {
@@ -428,11 +438,13 @@ function dfrn_poll_content(&$a) {
 				break; // NOTREACHED
 		}
 
+		$nickname = $a->argv[1];
+
 		$r = q("SELECT `contact`.*, `user`.`username`, `user`.`nickname` 
 			FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
 			WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 
 			AND `user`.`nickname` = '%s' $sql_extra LIMIT 1",
-			dbesc($a->argv[1])
+			dbesc($nickname)
 		);
 
 		if(count($r)) {
@@ -441,7 +453,7 @@ function dfrn_poll_content(&$a) {
 			$encrypted_id = '';
 			$id_str = $my_id . '.' . mt_rand(1000,9999);
 
-			if($r[0]['duplex'] && strlen($r[0]['pubkey'])) {
+			if(($r[0]['duplex'] && strlen($r[0]['pubkey'])) || (! strlen($r[0]['prvkey']))) {
 				openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']);
 				openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']);
 			}
@@ -482,11 +494,11 @@ function dfrn_poll_content(&$a) {
 				));
 			}
 			
-			$profile = $r[0]['nickname'];
+			$profile = ((count($r) && $r[0]['nickname']) ? $r[0]['nickname'] : $nickname);
 
 			switch($destination_url) {
 				case 'profile':
-					$dest = $a->get_baseurl() . '/profile/' . $profile . '?tab=profile';
+					$dest = $a->get_baseurl() . '/profile/' . $profile . '?f=&tab=profile';
 					break;
 				case 'photos':
 					$dest = $a->get_baseurl() . '/photos/' . $profile;
@@ -496,7 +508,7 @@ function dfrn_poll_content(&$a) {
 					$dest = $a->get_baseurl() . '/profile/' . $profile;
 					break;		
 				default:
-					$dest = $destination_url;
+					$dest = $destination_url . '?f=&redir=1';
 					break;
 			}
 
@@ -514,10 +526,14 @@ function dfrn_poll_content(&$a) {
 				
 				if(((int) $xml->status == 0) && ($xml->challenge == $hash)  && ($xml->sec == $sec)) {
 					$_SESSION['authenticated'] = 1;
+					if(! x($_SESSION,'remote'))
+						$_SESSION['remote'] = array();
+					$_SESSION['remote'][] = array('cid' => $r[0]['id'],'uid' => $r[0]['uid'],'url' => $r[0]['url']);
 					$_SESSION['visitor_id'] = $r[0]['id'];
 					$_SESSION['visitor_home'] = $r[0]['url'];
 					$_SESSION['visitor_visiting'] = $r[0]['uid'];
-					info( sprintf(t('%s welcomes %s'), $r[0]['username'] , $r[0]['name']) . EOL);
+					if(!$quiet)
+						info( sprintf(t('%1$s welcomes %2$s'), $r[0]['username'] , $r[0]['name']) . EOL);
 					// Visitors get 1 day session.
 					$session_id = session_id();
 					$expire = time() + 86400;