X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdfrn_request.php;h=067700641d7f74dc5112a75901a8abf4fb312899;hb=d0dfcc71a82ac423db68a12fd2eaf6d13cb18e1f;hp=a11ea1d9e89d1212141cb57c917da54ab0cf852c;hpb=09851331a9dc8601919cd0c9200686b92843d235;p=friendica.git diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index a11ea1d9e8..067700641d 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -12,14 +12,17 @@ * https://github.com/friendica/friendica/blob/master/spec/dfrn2_contact_request.png */ -require_once('include/enotify.php'); -require_once('include/Scrape.php'); -require_once('include/Probe.php'); -require_once('include/group.php'); +use Friendica\App; +use Friendica\Core\System; +use Friendica\Network\Probe; + +require_once 'include/enotify.php'; +require_once 'include/probe.php'; +require_once 'include/group.php'; function dfrn_request_init(App $a) { - if ($a->argc > 1) + if($a->argc > 1) $which = $a->argv[1]; profile_load($a,$which); @@ -44,14 +47,14 @@ function dfrn_request_init(App $a) { */ function dfrn_request_post(App $a) { - if (($a->argc != 2) || (! count($a->profile))) { + if(($a->argc != 2) || (! count($a->profile))) { logger('Wrong count of argc or profiles: argc=' . $a->argc . ',profile()=' . count($a->profile)); return; } - if (x($_POST, 'cancel')) { - goaway(z_root()); + if(x($_POST, 'cancel')) { + goaway(System::baseUrl()); } @@ -63,13 +66,13 @@ function dfrn_request_post(App $a) { * */ - if ((x($_POST,'localconfirm')) && ($_POST['localconfirm'] == 1)) { + if((x($_POST,'localconfirm')) && ($_POST['localconfirm'] == 1)) { /* * Ensure this is a valid request */ - if (local_user() && ($a->user['nickname'] == $a->argv[1]) && (x($_POST,'dfrn_url'))) { + if(local_user() && ($a->user['nickname'] == $a->argv[1]) && (x($_POST,'dfrn_url'))) { $dfrn_url = notags(trim($_POST['dfrn_url'])); @@ -80,7 +83,7 @@ function dfrn_request_post(App $a) { $blocked = 1; $pending = 1; - if (x($dfrn_url)) { + if(x($dfrn_url)) { /* * Lookup the contact based on their URL (which is the only unique thing we have at the moment) @@ -92,7 +95,7 @@ function dfrn_request_post(App $a) { ); if (dbm::is_result($r)) { - if (strlen($r[0]['dfrn-id'])) { + if(strlen($r[0]['dfrn-id'])) { /* * We don't need to be here. It has already happened. @@ -105,7 +108,7 @@ function dfrn_request_post(App $a) { $contact_record = $r[0]; } - if (is_array($contact_record)) { + if(is_array($contact_record)) { $r = q("UPDATE `contact` SET `ret-aes` = %d, hidden = %d WHERE `id` = %d", intval($aes_allow), intval($hidden), @@ -131,7 +134,7 @@ function dfrn_request_post(App $a) { if (! x($parms,'photo')) { notice( t('Warning: profile location has no profile photo.') . EOL ); } - $invalid = Probe::valid_dfrn($parms); + $invalid = Probe::validDfrn($parms); if ($invalid) { notice( sprintf( tt("%d required parameter was not found at the given location", "%d required parameters were not found at the given location", @@ -187,15 +190,15 @@ function dfrn_request_post(App $a) { ); if (dbm::is_result($r)) { $def_gid = get_default_group(local_user(), $r[0]["network"]); - if (intval($def_gid)) + if(intval($def_gid)) group_add_member(local_user(), '', $r[0]['id'], $def_gid); if (isset($photo)) update_contact_avatar($photo, local_user(), $r[0]["id"], true); - $forwardurl = App::get_baseurl()."/contacts/".$r[0]['id']; + $forwardurl = System::baseUrl()."/contacts/".$r[0]['id']; } else { - $forwardurl = App::get_baseurl()."/contacts"; + $forwardurl = System::baseUrl()."/contacts"; } /* @@ -223,7 +226,7 @@ function dfrn_request_post(App $a) { // invalid/bogus request notice( t('Unrecoverable protocol error.') . EOL ); - goaway(z_root()); + goaway(System::baseUrl()); return; // NOTREACHED } @@ -249,7 +252,7 @@ function dfrn_request_post(App $a) { * */ - if (! (is_array($a->profile) && count($a->profile))) { + if(! (is_array($a->profile) && count($a->profile))) { notice( t('Profile unavailable.') . EOL); return; } @@ -265,13 +268,13 @@ function dfrn_request_post(App $a) { $pending = 1; - if ( x($_POST,'dfrn_url')) { + if( x($_POST,'dfrn_url')) { /* * Block friend request spam */ - if ($maxreq) { + if($maxreq) { $r = q("SELECT * FROM `intro` WHERE `datetime` > '%s' AND `uid` = %d", dbesc(datetime_convert('UTC','UTC','now - 24 hours')), intval($uid) @@ -300,7 +303,7 @@ function dfrn_request_post(App $a) { ); if (dbm::is_result($r)) { foreach ($r as $rr) { - if (! $rr['rel']) { + if(! $rr['rel']) { q("DELETE FROM `contact` WHERE `id` = %d AND NOT `self`", intval($rr['cid']) ); @@ -325,7 +328,7 @@ function dfrn_request_post(App $a) { ); if (dbm::is_result($r)) { foreach ($r as $rr) { - if (! $rr['rel']) { + if(! $rr['rel']) { q("DELETE FROM `contact` WHERE `id` = %d AND NOT `self`", intval($rr['cid']) ); @@ -340,16 +343,16 @@ function dfrn_request_post(App $a) { $real_name = (x($_POST,'realname') ? notags(trim($_POST['realname'])) : ''); $url = trim($_POST['dfrn_url']); - if (! strlen($url)) { + if(! strlen($url)) { notice( t("Invalid locator") . EOL ); return; } $hcard = ''; - if ($email_follow) { + if($email_follow) { - if (! validate_email($url)) { + if(! validate_email($url)) { notice( t('Invalid email address.') . EOL); return; } @@ -365,10 +368,10 @@ function dfrn_request_post(App $a) { $rel = CONTACT_IS_FOLLOWER; $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1); - if (get_config('system','dfrn_only')) + if(get_config('system','dfrn_only')) $mail_disabled = 1; - if (! $mail_disabled) { + if(! $mail_disabled) { $failed = false; $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", intval($uid) @@ -453,7 +456,7 @@ function dfrn_request_post(App $a) { $network = $data["network"]; // Canonicalise email-style profile locator - $url = Probe::webfinger_dfrn($url,$hcard); + $url = Probe::webfingerDfrn($url,$hcard); if (substr($url,0,5) === 'stat:') { @@ -470,18 +473,18 @@ function dfrn_request_post(App $a) { logger('dfrn_request: url: ' . $url . ',network=' . $network, LOGGER_DEBUG); - if ($network === NETWORK_DFRN) { + if($network === NETWORK_DFRN) { $ret = q("SELECT * FROM `contact` WHERE `uid` = %d AND `url` = '%s' AND `self` = 0 LIMIT 1", intval($uid), dbesc($url) ); if (dbm::is_result($ret)) { - if (strlen($ret[0]['issued-id'])) { + if(strlen($ret[0]['issued-id'])) { notice( t('You have already introduced yourself here.') . EOL ); return; } - elseif ($ret[0]['rel'] == CONTACT_IS_FRIEND) { + elseif($ret[0]['rel'] == CONTACT_IS_FRIEND) { notice( sprintf( t('Apparently you are already friends with %s.'), $a->profile['name']) . EOL); return; } @@ -493,7 +496,7 @@ function dfrn_request_post(App $a) { $issued_id = random_string(); - if (is_array($contact_record)) { + if(is_array($contact_record)) { // There is a contact record but no issued-id, so this // is a reciprocal introduction from a known contact $r = q("UPDATE `contact` SET `issued-id` = '%s' WHERE `id` = %d", @@ -504,24 +507,27 @@ function dfrn_request_post(App $a) { else { if (! validate_url($url)) { notice( t('Invalid profile URL.') . EOL); - goaway(App::get_baseurl() . '/' . $a->cmd); + goaway(System::baseUrl() . '/' . $a->cmd); return; // NOTREACHED } if (! allowed_url($url)) { notice( t('Disallowed profile URL.') . EOL); - goaway(App::get_baseurl() . '/' . $a->cmd); + goaway(System::baseUrl() . '/' . $a->cmd); return; // NOTREACHED } - - require_once('include/Scrape.php'); + if (blocked_url($url)) { + notice( t('Blocked domain') . EOL); + goaway(System::baseUrl() . '/' . $a->cmd); + return; // NOTREACHED + } $parms = Probe::profile(($hcard) ? $hcard : $url); if (! count($parms)) { notice( t('Profile location is not valid or does not contain profile information.') . EOL ); - goaway(App::get_baseurl() . '/' . $a->cmd); + goaway(System::baseUrl() . '/' . $a->cmd); } else { if (! x($parms,'fn')) { @@ -530,7 +536,7 @@ function dfrn_request_post(App $a) { if (! x($parms,'photo')) { notice( t('Warning: profile location has no profile photo.') . EOL ); } - $invalid = Probe::valid_dfrn($parms); + $invalid = Probe::validDfrn($parms); if ($invalid) { notice( sprintf( tt("%d required parameter was not found at the given location", "%d required parameters were not found at the given location", @@ -611,7 +617,7 @@ function dfrn_request_post(App $a) { // "Homecoming" - send the requestor back to their site to record the introduction. - $dfrn_url = bin2hex(App::get_baseurl() . '/profile/' . $nickname); + $dfrn_url = bin2hex(System::baseUrl() . '/profile/' . $nickname); $aes_allow = ((function_exists('openssl_encrypt')) ? 1 : 0); goaway($parms['dfrn-request'] . "?dfrn_url=$dfrn_url" @@ -621,7 +627,7 @@ function dfrn_request_post(App $a) { ); // NOTREACHED // END $network === NETWORK_DFRN - } elseif (($network != NETWORK_PHANTOM) AND ($url != "")) { + } elseif (($network != NETWORK_PHANTOM) && ($url != "")) { /* * @@ -640,7 +646,7 @@ function dfrn_request_post(App $a) { $uri = urlencode($uri); } else { - $uri = App::get_baseurl().'/profile/'.$nickname; + $uri = System::baseUrl().'/profile/'.$nickname; } $url = str_replace('{uri}', $uri, $url); @@ -688,7 +694,7 @@ function dfrn_request_content(App $a) { $confirm_key = (x($_GET,'confirm_key') ? $_GET['confirm_key'] : ""); // Checking fastlane for validity - if (x($_SESSION, "fastlane") AND (normalise_link($_SESSION["fastlane"]) == normalise_link($dfrn_url))) { + if (x($_SESSION, "fastlane") && (normalise_link($_SESSION["fastlane"]) == normalise_link($dfrn_url))) { $_POST["dfrn_url"] = $dfrn_url; $_POST["confirm_key"] = $confirm_key; $_POST["localconfirm"] = 1; @@ -718,7 +724,7 @@ function dfrn_request_content(App $a) { return $o; } - elseif ((x($_GET,'confirm_key')) && strlen($_GET['confirm_key'])) { + elseif((x($_GET,'confirm_key')) && strlen($_GET['confirm_key'])) { // we are the requestee and it is now safe to send our user their introduction, // We could just unblock it, but first we have to jump through a few hoops to @@ -738,10 +744,10 @@ function dfrn_request_content(App $a) { $auto_confirm = false; if (dbm::is_result($r)) { - if (($r[0]['page-flags'] != PAGE_NORMAL) && ($r[0]['page-flags'] != PAGE_PRVGROUP)) + if(($r[0]['page-flags'] != PAGE_NORMAL) && ($r[0]['page-flags'] != PAGE_PRVGROUP)) $auto_confirm = true; - if (! $auto_confirm) { + if(! $auto_confirm) { notification(array( 'type' => NOTIFY_INTRO, @@ -750,7 +756,7 @@ function dfrn_request_content(App $a) { 'to_name' => $r[0]['username'], 'to_email' => $r[0]['email'], 'uid' => $r[0]['uid'], - 'link' => App::get_baseurl() . '/notifications/intros', + 'link' => System::baseUrl() . '/notifications/intros', 'source_name' => ((strlen(stripslashes($r[0]['name']))) ? stripslashes($r[0]['name']) : t('[Name Withheld]')), 'source_link' => $r[0]['url'], 'source_photo' => $r[0]['photo'], @@ -759,8 +765,8 @@ function dfrn_request_content(App $a) { )); } - if ($auto_confirm) { - require_once('mod/dfrn_confirm.php'); + if($auto_confirm) { + require_once 'mod/dfrn_confirm.php'; $handsfree = array( 'uid' => $r[0]['uid'], 'node' => $r[0]['nickname'], @@ -774,7 +780,7 @@ function dfrn_request_content(App $a) { } - if (! $auto_confirm) { + if(! $auto_confirm) { // If we are auto_confirming, this record will have already been nuked // in dfrn_confirm_post() @@ -794,8 +800,8 @@ function dfrn_request_content(App $a) { * Normal web request. Display our user's introduction form. */ - if ((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { - if (! get_config('system','local_block')) { + if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { + if(! get_config('system','local_block')) { notice( t('Public access denied.') . EOL); return; } @@ -808,22 +814,22 @@ function dfrn_request_content(App $a) { // At first look if an address was provided // Otherwise take the local address - if (x($_GET,'addr') AND ($_GET['addr'] != "")) { + if (x($_GET,'addr') && ($_GET['addr'] != "")) { $myaddr = hex2bin($_GET['addr']); - } elseif (x($_GET,'address') AND ($_GET['address'] != "")) { + } elseif (x($_GET,'address') && ($_GET['address'] != "")) { $myaddr = $_GET['address']; } elseif (local_user()) { if (strlen($a->path)) { - $myaddr = App::get_baseurl() . '/profile/' . $a->user['nickname']; + $myaddr = System::baseUrl() . '/profile/' . $a->user['nickname']; } else { - $myaddr = $a->user['nickname'] . '@' . substr(z_root(), strpos(z_root(),'://') + 3 ); + $myaddr = $a->user['nickname'] . '@' . substr(System::baseUrl(), strpos(System::baseUrl(),'://') + 3 ); } } else { // last, try a zrl $myaddr = get_my_url(); } - $target_addr = $a->profile['nickname'] . '@' . substr(z_root(), strpos(z_root(),'://') + 3 ); + $target_addr = $a->profile['nickname'] . '@' . substr(System::baseUrl(), strpos(System::baseUrl(),'://') + 3 ); /* @@ -872,7 +878,7 @@ function dfrn_request_content(App $a) { '$header' => t('Friend/Connection Request'), '$desc' => t('Examples: jojo@demo.friendica.com, http://demo.friendica.com/profile/jojo, testuser@identi.ca'), '$pls_answer' => t('Please answer the following:'), - '$does_know_you' => array('knowyou', sprintf(t('Does %s know you?'),$a->profile['name']), false, '', array(t('No'),t('Yes'))), + '$does_know_you' => array('knowyou', sprintf(t('Does %s know you?'),$a->profile['name']), false, '', array(t('No'), t('Yes'))), /*'$does_know' => sprintf( t('Does %s know you?'),$a->profile['name']), '$yes' => t('Yes'), '$no' => t('No'), */