X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdfrn_request.php;h=c18b1670d0ff41642192145912fe3fa1c63469fe;hb=660bd39efad52b1c69bd8dd0ca27141b81f84ca5;hp=80d27ac308adab0dcf4db8c3e7bf39d333ddf73b;hpb=1370ba5d162c7a1b9931c479e2f95dfd31d13b33;p=friendica.git diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index 80d27ac308..c18b1670d0 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -68,21 +68,21 @@ function dfrn_request_post(&$a) { $dfrn_url = notags(trim($_POST['dfrn_url'])); $aes_allow = (((x($_POST,'aes_allow')) && ($_POST['aes_allow'] == 1)) ? 1 : 0); $confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : ""); - + $hidden = ((x($_POST,'hidden-contact')) ? intval($_POST['hidden-contact']) : 0); $contact_record = null; - + if(x($dfrn_url)) { /** * Lookup the contact based on their URL (which is the only unique thing we have at the moment) */ - + $r = q("SELECT * FROM `contact` WHERE `uid` = %d AND (`url` = '%s' OR `nurl` = '%s') AND `self` = 0 LIMIT 1", intval(local_user()), dbesc($dfrn_url), dbesc(normalise_link($dfrn_url)) ); - + if(count($r)) { if(strlen($r[0]['dfrn-id'])) { @@ -96,20 +96,21 @@ function dfrn_request_post(&$a) { else $contact_record = $r[0]; } - + if(is_array($contact_record)) { - $r = q("UPDATE `contact` SET `ret-aes` = %d WHERE `id` = %d LIMIT 1", + $r = q("UPDATE `contact` SET `ret-aes` = %d, hidden = %d WHERE `id` = %d", intval($aes_allow), + intval($hidden), intval($contact_record['id']) ); } else { - + /** * Scrape the other site's profile page to pick up the dfrn links, key, fn, and photo */ - require_once('Scrape.php'); + require_once('include/Scrape.php'); $parms = scrape_dfrn($dfrn_url); @@ -144,8 +145,8 @@ function dfrn_request_post(&$a) { */ $r = q("INSERT INTO `contact` ( `uid`, `created`,`url`, `nurl`, `name`, `nick`, `photo`, `site-pubkey`, - `request`, `confirm`, `notify`, `poll`, `poco`, `network`, `aes_allow`) - VALUES ( %d, '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)", + `request`, `confirm`, `notify`, `poll`, `poco`, `network`, `aes_allow`, `hidden`) + VALUES ( %d, '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d)", intval(local_user()), datetime_convert(), dbesc($dfrn_url), @@ -160,7 +161,8 @@ function dfrn_request_post(&$a) { $parms['dfrn-poll'], $parms['dfrn-poco'], dbesc(NETWORK_DFRN), - intval($aes_allow) + intval($aes_allow), + intval($hidden) ); } @@ -168,6 +170,21 @@ function dfrn_request_post(&$a) { info( t("Introduction complete.") . EOL); } + $r = q("select id from contact where uid = %d and url = '%s' and `site-pubkey` = '%s' limit 1", + intval(local_user()), + dbesc($dfrn_url), + $parms['key'] // this was already escaped + ); + if(count($r)) { + $g = q("select def_gid from user where uid = %d limit 1", + intval(local_user()) + ); + if($g && intval($g[0]['def_gid'])) { + require_once('include/group.php'); + group_add_member(local_user(),'',$r[0]['id'],$g[0]['def_gid']); + } + } + /** * Allow the blocked remote notification to complete */ @@ -261,16 +278,16 @@ function dfrn_request_post(&$a) { WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0 AND `contact`.`network` != '%s' AND `intro`.`datetime` < UTC_TIMESTAMP() - INTERVAL 30 MINUTE ", - dbesc(NETWORK_MAIL) + dbesc(NETWORK_MAIL2) ); if(count($r)) { foreach($r as $rr) { if(! $rr['rel']) { - q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1", + q("DELETE FROM `contact` WHERE `id` = %d", intval($rr['cid']) ); } - q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1", + q("DELETE FROM `intro` WHERE `id` = %d", intval($rr['iid']) ); } @@ -281,26 +298,28 @@ function dfrn_request_post(&$a) { * Cleanup any old email intros - which will have a greater lifetime */ - $r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel` + $r = q("SELECT `intro`.*, `intro`.`id` AS `iid`, `contact`.`id` AS `cid`, `contact`.`rel` FROM `intro` LEFT JOIN `contact` on `intro`.`contact-id` = `contact`.`id` - WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0 + WHERE `intro`.`blocked` = 1 AND `contact`.`self` = 0 AND `contact`.`network` = '%s' AND `intro`.`datetime` < UTC_TIMESTAMP() - INTERVAL 3 DAY ", - dbesc(NETWORK_MAIL) + dbesc(NETWORK_MAIL2) ); if(count($r)) { foreach($r as $rr) { if(! $rr['rel']) { - q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1", + q("DELETE FROM `contact` WHERE `id` = %d", intval($rr['cid']) ); } - q("DELETE FROM `intro` WHERE `id` = %d LIMIT 1", + q("DELETE FROM `intro` WHERE `id` = %d", intval($rr['iid']) ); } } + $email_follow = (x($_POST,'email_follow') ? intval($_POST['email_follow']) : 0); + $real_name = (x($_POST,'realname') ? notags(trim($_POST['realname'])) : ''); $url = trim($_POST['dfrn_url']); if(! strlen($url)) { @@ -308,23 +327,135 @@ function dfrn_request_post(&$a) { return; } - // Canonicalise email-style profile locator - $hcard = ''; - $url = webfinger_dfrn($url,$hcard); - if(substr($url,0,5) === 'stat:') { - $network = NETWORK_OSTATUS; - $url = substr($url,5); + if($email_follow) { + + if(! validate_email($url)) { + notice( t('Invalid email address.') . EOL); + return; + } + + $addr = $url; + $name = ($realname) ? $realname : $addr; + $nick = substr($addr,0,strpos($addr,'@')); + $url = 'http://' . substr($addr,strpos($addr,'@') + 1); + $nurl = normalise_url($host); + $poll = 'email ' . random_string(); + $notify = 'smtp ' . random_string(); + $blocked = 1; + $pending = 1; + $network = NETWORK_MAIL2; + $rel = CONTACT_IS_FOLLOWER; + + $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1); + if(get_config('system','dfrn_only')) + $mail_disabled = 1; + + if(! $mail_disabled) { + $failed = false; + $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", + intval($uid) + ); + if(! count($r)) { + + notice( t('This account has not been configured for email. Request failed.') . EOL); + return; + } + } + + $r = q("insert into contact ( uid, created, addr, name, nick, url, nurl, poll, notify, blocked, pending, network, rel ) + values( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d ) ", + intval($uid), + dbesc(datetime_convert()), + dbesc($addr), + dbesc($name), + dbesc($nick), + dbesc($url), + dbesc($nurl), + dbesc($poll), + dbesc($notify), + intval($blocked), + intval($pending), + dbesc($network), + intval($rel) + ); + + $r = q("select id from contact where poll = '%s' and uid = %d limit 1", + dbesc($poll), + intval($uid) + ); + if(count($r)) { + $contact_id = $r[0]['id']; + + $g = q("select def_gid from user where uid = %d limit 1", + intval($uid) + ); + if($g && intval($g[0]['def_gid'])) { + require_once('include/group.php'); + group_add_member($uid,'',$contact_id,$g[0]['def_gid']); + } + + $photo = avatar_img($addr); + + $r = q("UPDATE `contact` SET + `photo` = '%s', + `thumb` = '%s', + `micro` = '%s', + `name-date` = '%s', + `uri-date` = '%s', + `avatar-date` = '%s', + `hidden` = 0, + WHERE `id` = %d + ", + dbesc($photos[0]), + dbesc($photos[1]), + dbesc($photos[2]), + dbesc(datetime_convert()), + dbesc(datetime_convert()), + dbesc(datetime_convert()), + intval($contact_id) + ); + } + + // contact is created. Now create an introduction + + $hash = random_string(); + + $r = q("insert into intro ( uid, `contact-id`, knowyou, note, hash, datetime, blocked ) + values( %d , %d, %d, '%s', '%s', '%s', %d ) ", + intval($uid), + intval($contact_id), + ((x($_POST,'knowyou') && ($_POST['knowyou'] == 1)) ? 1 : 0), + dbesc(notags(trim($_POST['dfrn-request-message']))), + dbesc($hash), + dbesc(datetime_convert()), + 1 + ); + + // Next send an email verify form to the requestor. + } + else { - $network = NETWORK_DFRN; + + // Canonicalise email-style profile locator + + $url = webfinger_dfrn($url,$hcard); + + if(substr($url,0,5) === 'stat:') { + $network = NETWORK_OSTATUS; + $url = substr($url,5); + } + else { + $network = NETWORK_DFRN; + } } logger('dfrn_request: url: ' . $url); if(! strlen($url)) { - notice( t("Unable to resolve your name at the provided location.") . EOL); + notice( t("Unable to resolve your name at the provided location.") . EOL); return; } @@ -355,7 +486,7 @@ function dfrn_request_post(&$a) { if(is_array($contact_record)) { // There is a contact record but no issued-id, so this // is a reciprocal introduction from a known contact - $r = q("UPDATE `contact` SET `issued-id` = '%s' WHERE `id` = %d LIMIT 1", + $r = q("UPDATE `contact` SET `issued-id` = '%s' WHERE `id` = %d", dbesc($issued_id), intval($contact_record['id']) ); @@ -374,7 +505,7 @@ function dfrn_request_post(&$a) { } - require_once('Scrape.php'); + require_once('include/Scrape.php'); $parms = scrape_dfrn(($hcard) ? $hcard : $url); @@ -424,17 +555,17 @@ function dfrn_request_post(&$a) { ); // find the contact record we just created - if($r) { - $r = q("SELECT `id` FROM `contact` + if($r) { + $r = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `url` = '%s' AND `issued-id` = '%s' LIMIT 1", intval($uid), $parms['url'], $parms['issued-id'] ); - if(count($r)) + if(count($r)) $contact_record = $r[0]; } - + } if($r === false) { notice( t('Failed to update contact record.') . EOL ); @@ -442,7 +573,7 @@ function dfrn_request_post(&$a) { } $hash = random_string() . (string) time(); // Generate a confirm_key - + if(is_array($contact_record)) { $ret = q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `note`, `hash`, `datetime`) VALUES ( %d, %d, 1, %d, '%s', '%s', '%s' )", @@ -486,7 +617,7 @@ function dfrn_request_post(&$a) { * */ - $url = str_replace('{uri}', $a->get_baseurl() . '/dfrn_poll/' . $nickname, $url); + $url = str_replace('{uri}', $a->get_baseurl() . '/profile/' . $nickname, $url); goaway($url); // NOTREACHED // END $network === NETWORK_OSTATUS @@ -536,6 +667,8 @@ function dfrn_request_content(&$a) { $o = replace_macros($tpl,array( '$dfrn_url' => $dfrn_url, '$aes_allow' => (($aes_allow) ? '' : "" ), + '$hidethem' => t('Hide this contact'), + '$hidechecked' => '', '$confirm_key' => $confirm_key, '$welcome' => sprintf( t('Welcome home %s.'), $a->user['username']), '$please' => sprintf( t('Please confirm your introduction/connection request to %s.'), $dfrn_url), @@ -567,8 +700,8 @@ function dfrn_request_content(&$a) { $auto_confirm = false; if(count($r)) { - if($r[0]['page-flags'] != PAGE_NORMAL) - $auto_confirm = true; + if(($r[0]['page-flags'] != PAGE_NORMAL) && ($r[0]['page-flags'] != PAGE_PRVGROUP)) + $auto_confirm = true; if(! $auto_confirm) { require_once('include/enotify.php'); @@ -595,7 +728,8 @@ function dfrn_request_content(&$a) { 'node' => $r[0]['nickname'], 'dfrn_id' => $r[0]['issued-id'], 'intro_id' => $intro[0]['id'], - 'duplex' => (($r[0]['page-flags'] == PAGE_FREELOVE) ? 1 : 0) + 'duplex' => (($r[0]['page-flags'] == PAGE_FREELOVE) ? 1 : 0), + 'activity' => intval(get_pconfig($r[0]['uid'],'system','post_newfriend')) ); dfrn_confirm_post($a,$handsfree); } @@ -607,7 +741,7 @@ function dfrn_request_content(&$a) { // If we are auto_confirming, this record will have already been nuked // in dfrn_confirm_post() - $r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s' LIMIT 1", + $r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s'", dbesc($_GET['confirm_key']) ); } @@ -623,8 +757,10 @@ function dfrn_request_content(&$a) { */ if((get_config('system','block_public')) && (! local_user()) && (! remote_user())) { - notice( t('Public access denied.') . EOL); - return; + if(! get_config('system','local_block')) { + notice( t('Public access denied.') . EOL); + return; + } } @@ -648,6 +784,11 @@ function dfrn_request_content(&$a) { $myaddr = ((x($_GET,'address')) ? $_GET['address'] : ''); } + // last, try a zrl + if(! strlen($myaddr)) + $myaddr = get_my_url(); + + $target_addr = $a->profile['nickname'] . '@' . substr(z_root(), strpos(z_root(),'://') + 3 );