X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdfrn_request.php;h=a9e17b34b362decab98f55913894bbfcac387bba;hb=5a15e6bc598f90e0add22f2bd0531619d9e1f584;hp=9f0583711f703b71415b58e6485d38fc2e2ce799;hpb=6bc865ff4d68170c83a675cfc75cdc025a192b15;p=friendica.git

diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php
index 9f0583711f..a9e17b34b3 100644
--- a/mod/dfrn_request.php
+++ b/mod/dfrn_request.php
@@ -19,6 +19,7 @@ use Friendica\Core\Logger;
 use Friendica\Core\Protocol;
 use Friendica\Core\Renderer;
 use Friendica\Core\System;
+use Friendica\Core\Session;
 use Friendica\Database\DBA;
 use Friendica\Model\Contact;
 use Friendica\Model\Group;
@@ -26,6 +27,7 @@ use Friendica\Model\Profile;
 use Friendica\Model\User;
 use Friendica\Module\Login;
 use Friendica\Network\Probe;
+use Friendica\Protocol\Activity;
 use Friendica\Util\DateTimeFormat;
 use Friendica\Util\Network;
 use Friendica\Util\Strings;
@@ -34,9 +36,9 @@ function dfrn_request_init(App $a)
 {
 	if ($a->argc > 1) {
 		$which = $a->argv[1];
+		Profile::load($a, $which);
 	}
 
-	Profile::load($a, $which);
 	return;
 }
 
@@ -54,6 +56,9 @@ function dfrn_request_init(App $a)
  * in order to link our friend request with our own server cell.
  * After logging in, we click 'submit' to approve the linkage.
  *
+ * @param App $a
+ * @throws ImagickException
+ * @throws \Friendica\Network\HTTPException\InternalServerErrorException
  */
 function dfrn_request_post(App $a)
 {
@@ -76,7 +81,7 @@ function dfrn_request_post(App $a)
 		if (local_user() && ($a->user['nickname'] == $a->argv[1]) && !empty($_POST['dfrn_url'])) {
 			$dfrn_url    = Strings::escapeTags(trim($_POST['dfrn_url']));
 			$aes_allow   = !empty($_POST['aes_allow']);
-			$confirm_key = defaults($_POST, 'confirm_key', "");
+			$confirm_key = $_POST['confirm_key'] ?? '';
 			$hidden      = (!empty($_POST['hidden-contact']) ? intval($_POST['hidden-contact']) : 0);
 			$contact_record = null;
 			$blocked     = 1;
@@ -165,7 +170,7 @@ function dfrn_request_post(App $a)
 				$r = q("SELECT `id`, `network` FROM `contact` WHERE `uid` = %d AND `url` = '%s' AND `site-pubkey` = '%s' LIMIT 1",
 					intval(local_user()),
 					DBA::escape($dfrn_url),
-					$parms['key'] // this was already escaped
+					$parms['key'] ?? '' // Potentially missing
 				);
 				if (DBA::isResult($r)) {
 					Group::addMember(User::getDefaultGroup(local_user(), $r[0]["network"]), $r[0]['id']);
@@ -184,8 +189,8 @@ function dfrn_request_post(App $a)
 					$dfrn_request = $contact_record['request'];
 				}
 
-				if (strlen($dfrn_request) && strlen($confirm_key)) {
-					$s = Network::fetchUrl($dfrn_request . '?confirm_key=' . $confirm_key);
+				if (!empty($dfrn_request) && strlen($confirm_key)) {
+					Network::fetchUrl($dfrn_request . '?confirm_key=' . $confirm_key);
 				}
 
 				// (ignore reply, nothing we can do it failed)
@@ -227,7 +232,6 @@ function dfrn_request_post(App $a)
 	}
 
 	$nickname       = $a->profile['nickname'];
-	$notify_flags   = $a->profile['notify-flags'];
 	$uid            = $a->profile['uid'];
 	$maxreq         = intval($a->profile['maxreq']);
 	$contact_record = null;
@@ -268,8 +272,6 @@ function dfrn_request_post(App $a)
 			}
 		}
 
-		$real_name = !empty($_POST['realname']) ? Strings::escapeTags(trim($_POST['realname'])) : '';
-
 		$url = trim($_POST['dfrn_url']);
 		if (!strlen($url)) {
 			notice(L10n::t("Invalid locator") . EOL);
@@ -417,12 +419,12 @@ function dfrn_request_post(App $a)
 			$hash = Strings::getRandomHex() . (string) time();   // Generate a confirm_key
 
 			if (is_array($contact_record)) {
-				$ret = q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `note`, `hash`, `datetime`)
+				q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `note`, `hash`, `datetime`)
 					VALUES ( %d, %d, 1, %d, '%s', '%s', '%s' )",
 					intval($uid),
 					intval($contact_record['id']),
 					intval(!empty($_POST['knowyou'])),
-					DBA::escape(Strings::escapeTags(trim(defaults($_POST, 'dfrn-request-message', '')))),
+					DBA::escape(Strings::escapeTags(trim($_POST['dfrn-request-message'] ?? ''))),
 					DBA::escape($hash),
 					DBA::escape(DateTimeFormat::utcNow())
 				);
@@ -476,7 +478,7 @@ function dfrn_request_post(App $a)
 
 function dfrn_request_content(App $a)
 {
-	if (($a->argc != 2) || (!count($a->profile))) {
+	if ($a->argc != 2 || empty($a->profile)) {
 		return "";
 	}
 
@@ -498,7 +500,7 @@ function dfrn_request_content(App $a)
 
 		$dfrn_url = Strings::escapeTags(trim(hex2bin($_GET['dfrn_url'])));
 		$aes_allow = !empty($_GET['aes_allow']);
-		$confirm_key = defaults($_GET, 'confirm_key', "");
+		$confirm_key = $_GET['confirm_key'] ?? '';
 
 		// Checking fastlane for validity
 		if (!empty($_SESSION['fastlane']) && (Strings::normaliseLink($_SESSION["fastlane"]) == Strings::normaliseLink($dfrn_url))) {
@@ -544,7 +546,7 @@ function dfrn_request_content(App $a)
 			$auto_confirm = false;
 
 			if (DBA::isResult($r)) {
-				if ($r[0]['page-flags'] != Contact::PAGE_NORMAL && $r[0]['page-flags'] != Contact::PAGE_PRVGROUP) {
+				if ($r[0]['page-flags'] != User::PAGE_FLAGS_NORMAL && $r[0]['page-flags'] != User::PAGE_FLAGS_PRVGROUP) {
 					$auto_confirm = true;
 				}
 
@@ -560,7 +562,7 @@ function dfrn_request_content(App $a)
 						'source_name'  => ((strlen(stripslashes($r[0]['name']))) ? stripslashes($r[0]['name']) : L10n::t('[Name Withheld]')),
 						'source_link'  => $r[0]['url'],
 						'source_photo' => $r[0]['photo'],
-						'verb'         => ACTIVITY_REQ_FRIEND,
+						'verb'         => Activity::REQ_FRIEND,
 						'otype'        => 'intro'
 					]);
 				}
@@ -572,7 +574,7 @@ function dfrn_request_content(App $a)
 						'node'     => $r[0]['nickname'],
 						'dfrn_id'  => $r[0]['issued-id'],
 						'intro_id' => $intro[0]['id'],
-						'duplex'   => (($r[0]['page-flags'] == Contact::PAGE_FREELOVE) ? 1 : 0),
+						'duplex'   => (($r[0]['page-flags'] == User::PAGE_FLAGS_FREELOVE) ? 1 : 0),
 					];
 					dfrn_confirm_post($a, $handsfree);
 				}
@@ -583,17 +585,16 @@ function dfrn_request_content(App $a)
 				// If we are auto_confirming, this record will have already been nuked
 				// in dfrn_confirm_post()
 
-				$r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s'",
+				q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s'",
 					DBA::escape($_GET['confirm_key'])
 				);
 			}
 		}
 
-		killme();
-		return; // NOTREACHED
+		exit();
 	} else {
 		// Normal web request. Display our user's introduction form.
-		if ((Config::get('system', 'block_public')) && (!local_user()) && (!remote_user())) {
+		if (Config::get('system', 'block_public') && !Session::isAuthenticated()) {
 			if (!Config::get('system', 'local_block')) {
 				notice(L10n::t('Public access denied.') . EOL);
 				return;
@@ -624,7 +625,7 @@ function dfrn_request_content(App $a)
 		 * because nobody is going to read the comments and
 		 * it doesn't matter if they know you or not.
 		 */
-		if ($a->profile['page-flags'] == Contact::PAGE_NORMAL) {
+		if ($a->profile['page-flags'] == User::PAGE_FLAGS_NORMAL) {
 			$tpl = Renderer::getMarkupTemplate('dfrn_request.tpl');
 		} else {
 			$tpl = Renderer::getMarkupTemplate('auto_request.tpl');
@@ -655,6 +656,4 @@ function dfrn_request_content(App $a)
 		]);
 		return $o;
 	}
-
-	return; // Somebody is fishing.
 }