X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdfrn_request.php;h=c18b1670d0ff41642192145912fe3fa1c63469fe;hb=271a184e1e16a53116be8fff676cf0b72afa563c;hp=b809929d7e14b4b506348b3200b437534b35e63f;hpb=6342b3e0bdd5774857a8fca809994f05e0208d25;p=friendica.git diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index b809929d7e..c18b1670d0 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -68,21 +68,21 @@ function dfrn_request_post(&$a) { $dfrn_url = notags(trim($_POST['dfrn_url'])); $aes_allow = (((x($_POST,'aes_allow')) && ($_POST['aes_allow'] == 1)) ? 1 : 0); $confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : ""); - + $hidden = ((x($_POST,'hidden-contact')) ? intval($_POST['hidden-contact']) : 0); $contact_record = null; - + if(x($dfrn_url)) { /** * Lookup the contact based on their URL (which is the only unique thing we have at the moment) */ - + $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND (`url` = '%s' OR `nurl` = '%s') AND `self` = 0 LIMIT 1", intval(local_user()), dbesc($dfrn_url), dbesc(normalise_link($dfrn_url)) ); - + if(count($r)) { if(strlen($r[0]['dfrn-id'])) { @@ -96,20 +96,21 @@ function dfrn_request_post(&$a) { else $contact_record = $r[0]; } - + if(is_array($contact_record)) { - $r = q("UPDATE `contact` SET `ret-aes` = %d WHERE `id` = %d LIMIT 1", + $r = q("UPDATE `contact` SET `ret-aes` = %d, hidden = %d WHERE `id` = %d", intval($aes_allow), + intval($hidden), intval($contact_record['id']) ); } else { - + /** * Scrape the other site's profile page to pick up the dfrn links, key, fn, and photo */ - require_once('Scrape.php'); + require_once('include/Scrape.php'); $parms = scrape_dfrn($dfrn_url); @@ -144,8 +145,8 @@ function dfrn_request_post(&$a) { */ $r = q("INSERT INTO `contact` ( `uid`, `created`,`url`, `nurl`, `name`, `nick`, `photo`, `site-pubkey`, - `request`, `confirm`, `notify`, `poll`, `poco`, `network`, `aes_allow`) - VALUES ( %d, '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)", + `request`, `confirm`, `notify`, `poll`, `poco`, `network`, `aes_allow`, `hidden`) + VALUES ( %d, '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d)", intval(local_user()), datetime_convert(), dbesc($dfrn_url), @@ -160,7 +161,8 @@ function dfrn_request_post(&$a) { $parms['dfrn-poll'], $parms['dfrn-poco'], dbesc(NETWORK_DFRN), - intval($aes_allow) + intval($aes_allow), + intval($hidden) ); } @@ -168,6 +170,21 @@ function dfrn_request_post(&$a) { info( t("Introduction complete.") . EOL); } + $r = q("select id from contact where uid = %d and url = '%s' and `site-pubkey` = '%s' limit 1", + intval(local_user()), + dbesc($dfrn_url), + $parms['key'] // this was already escaped + ); + if(count($r)) { + $g = q("select def_gid from user where uid = %d limit 1", + intval(local_user()) + ); + if($g && intval($g[0]['def_gid'])) { + require_once('include/group.php'); + group_add_member(local_user(),'',$r[0]['id'],$g[0]['def_gid']); + } + } + /** * Allow the blocked remote notification to complete */ @@ -266,11 +283,11 @@ function dfrn_request_post(&$a) { if(count($r)) { foreach($r as $rr) { if(! $rr['rel']) { - q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1", + q("DELETE FROM `contact` WHERE `id` = %d", intval($rr['cid']) ); } - q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1", + q("DELETE FROM `intro` WHERE `id` = %d", intval($rr['iid']) ); } @@ -281,9 +298,9 @@ function dfrn_request_post(&$a) { * Cleanup any old email intros - which will have a greater lifetime */ - $r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel` + $r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel` FROM `intro` LEFT JOIN `contact` on `intro`.`contact-id` = `contact`.`id` - WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0 + WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0 AND `contact`.`network` = '%s' AND `intro`.`datetime` < UTC_TIMESTAMP() - INTERVAL 3 DAY ", dbesc(NETWORK_MAIL2) @@ -291,11 +308,11 @@ function dfrn_request_post(&$a) { if(count($r)) { foreach($r as $rr) { if(! $rr['rel']) { - q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1", + q("DELETE FROM `contact` WHERE `id` = %d", intval($rr['cid']) ); } - q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1", + q("DELETE FROM `intro` WHERE `id` = %d", intval($rr['iid']) ); } @@ -341,6 +358,7 @@ function dfrn_request_post(&$a) { intval($uid) ); if(! count($r)) { + notice( t('This account has not been configured for email. Request failed.') . EOL); return; } @@ -388,7 +406,7 @@ function dfrn_request_post(&$a) { `uri-date` = '%s', `avatar-date` = '%s', `hidden` = 0, - WHERE `id` = %d LIMIT 1 + WHERE `id` = %d ", dbesc($photos[0]), dbesc($photos[1]), @@ -437,7 +455,7 @@ function dfrn_request_post(&$a) { logger('dfrn_request: url: ' . $url); if(! strlen($url)) { - notice( t("Unable to resolve your name at the provided location.") . EOL); + notice( t("Unable to resolve your name at the provided location.") . EOL); return; } @@ -468,7 +486,7 @@ function dfrn_request_post(&$a) { if(is_array($contact_record)) { // There is a contact record but no issued-id, so this // is a reciprocal introduction from a known contact - $r = q("UPDATE `contact` SET `issued-id` = '%s' WHERE `id` = %d LIMIT 1", + $r = q("UPDATE `contact` SET `issued-id` = '%s' WHERE `id` = %d", dbesc($issued_id), intval($contact_record['id']) ); @@ -487,7 +505,7 @@ function dfrn_request_post(&$a) { } - require_once('Scrape.php'); + require_once('include/Scrape.php'); $parms = scrape_dfrn(($hcard) ? $hcard : $url); @@ -537,17 +555,17 @@ function dfrn_request_post(&$a) { ); // find the contact record we just created - if($r) { - $r = q("SELECT `id` FROM `contact` + if($r) { + $r = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `url` = '%s' AND `issued-id` = '%s' LIMIT 1", intval($uid), $parms['url'], $parms['issued-id'] ); - if(count($r)) + if(count($r)) $contact_record = $r[0]; } - + } if($r === false) { notice( t('Failed to update contact record.') . EOL ); @@ -555,7 +573,7 @@ function dfrn_request_post(&$a) { } $hash = random_string() . (string) time(); // Generate a confirm_key - + if(is_array($contact_record)) { $ret = q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `note`, `hash`, `datetime`) VALUES ( %d, %d, 1, %d, '%s', '%s', '%s' )", @@ -599,7 +617,7 @@ function dfrn_request_post(&$a) { * */ - $url = str_replace('{uri}', $a->get_baseurl() . '/dfrn_poll/' . $nickname, $url); + $url = str_replace('{uri}', $a->get_baseurl() . '/profile/' . $nickname, $url); goaway($url); // NOTREACHED // END $network === NETWORK_OSTATUS @@ -649,6 +667,8 @@ function dfrn_request_content(&$a) { $o = replace_macros($tpl,array( '$dfrn_url' => $dfrn_url, '$aes_allow' => (($aes_allow) ? '' : "" ), + '$hidethem' => t('Hide this contact'), + '$hidechecked' => '', '$confirm_key' => $confirm_key, '$welcome' => sprintf( t('Welcome home %s.'), $a->user['username']), '$please' => sprintf( t('Please confirm your introduction/connection request to %s.'), $dfrn_url), @@ -680,8 +700,8 @@ function dfrn_request_content(&$a) { $auto_confirm = false; if(count($r)) { - if($r[0]['page-flags'] != PAGE_NORMAL) - $auto_confirm = true; + if(($r[0]['page-flags'] != PAGE_NORMAL) && ($r[0]['page-flags'] != PAGE_PRVGROUP)) + $auto_confirm = true; if(! $auto_confirm) { require_once('include/enotify.php'); @@ -721,7 +741,7 @@ function dfrn_request_content(&$a) { // If we are auto_confirming, this record will have already been nuked // in dfrn_confirm_post() - $r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s' LIMIT 1", + $r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s'", dbesc($_GET['confirm_key']) ); } @@ -737,8 +757,10 @@ function dfrn_request_content(&$a) { */ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { - notice( t('Public access denied.') . EOL); - return; + if(! get_config('system','local_block')) { + notice( t('Public access denied.') . EOL); + return; + } }