X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fpubsubhubbub.php;h=53b9c01c157e7ecebda7240d0a118993b95bd630;hb=5c63de1692c5be4ca457e03fc037683909a44348;hp=dceb16ae1f260cf9415e9e7378e54582a35ee182;hpb=f852f7aac0b44f243d3cd812aa92122f7b38067b;p=friendica.git

diff --git a/mod/pubsubhubbub.php b/mod/pubsubhubbub.php
index dceb16ae1f..53b9c01c15 100644
--- a/mod/pubsubhubbub.php
+++ b/mod/pubsubhubbub.php
@@ -1,5 +1,13 @@
 <?php
 
+use Friendica\App;
+use Friendica\Core\Config;
+use Friendica\Core\System;
+use Friendica\Database\dba;
+use Friendica\Database\DBM;
+use Friendica\Model\PushSubscriber;
+use Friendica\Util\Network;
+
 function post_var($name) {
 	return (x($_POST, $name)) ? notags(trim($_POST[$name])) : '';
 }
@@ -7,21 +15,21 @@ function post_var($name) {
 function pubsubhubbub_init(App $a) {
 	// PuSH subscription must be considered "public" so just block it
 	// if public access isn't enabled.
-	if (get_config('system', 'block_public')) {
-		http_status_exit(403);
+	if (Config::get('system', 'block_public')) {
+		System::httpExit(403);
 	}
 
 	// Subscription request from subscriber
 	// https://pubsubhubbub.googlecode.com/git/pubsubhubbub-core-0.4.html#anchor4
 	// Example from GNU Social:
-    // [hub_mode] => subscribe
-    // [hub_callback] => http://status.local/main/push/callback/1
-    // [hub_verify] => sync
-    // [hub_verify_token] => af11...
-    // [hub_secret] => af11...
-    // [hub_topic] => http://friendica.local/dfrn_poll/sazius
-
-	if($_SERVER['REQUEST_METHOD'] === 'POST') {
+	// [hub_mode] => subscribe
+	// [hub_callback] => http://status.local/main/push/callback/1
+	// [hub_verify] => sync
+	// [hub_verify_token] => af11...
+	// [hub_secret] => af11...
+	// [hub_topic] => http://friendica.local/dfrn_poll/sazius
+
+	if ($_SERVER['REQUEST_METHOD'] === 'POST') {
 		$hub_mode = post_var('hub_mode');
 		$hub_callback = post_var('hub_callback');
 		$hub_verify = post_var('hub_verify');
@@ -32,59 +40,56 @@ function pubsubhubbub_init(App $a) {
 		// check for valid hub_mode
 		if ($hub_mode === 'subscribe') {
 			$subscribe = 1;
-		} else if ($hub_mode === 'unsubscribe') {
+		} elseif ($hub_mode === 'unsubscribe') {
 			$subscribe = 0;
 		} else {
-			logger("pubsubhubbub: invalid hub_mode=$hub_mode, ignoring.");
-			http_status_exit(404);
+			logger("Invalid hub_mode=$hub_mode, ignoring.");
+			System::httpExit(404);
 		}
 
-		logger("pubsubhubbub: $hub_mode request from " .
-			   $_SERVER['REMOTE_ADDR']);
+		logger("$hub_mode request from " . $_SERVER['REMOTE_ADDR']);
 
-		// get the nick name from the topic, a bit hacky but needed
+		// get the nick name from the topic, a bit hacky but needed as a fallback
 		$nick = substr(strrchr($hub_topic, "/"), 1);
 
+		// Normally the url should now contain the nick name as last part of the url
+		if ($a->argc > 1) {
+			$nick = $a->argv[1];
+		}
+
 		if (!$nick) {
-			logger('pubsubhubbub: bad hub_topic=$hub_topic, ignoring.');
-			http_status_exit(404);
+			logger('Bad hub_topic=$hub_topic, ignoring.');
+			System::httpExit(404);
 		}
 
 		// fetch user from database given the nickname
-		$r = q("SELECT * FROM `user` WHERE `nickname` = '%s'" .
-			   " AND `account_expired` = 0 AND `account_removed` = 0 LIMIT 1",
-			   dbesc($nick));
-
-		if (!dbm::is_result($r)) {
-			logger('pubsubhubbub: local account not found: ' . $nick);
-			http_status_exit(404);
+		$condition = ['nickname' => $nick, 'account_expired' => false, 'account_removed' => false];
+		$owner = dba::selectFirst('user', ['uid', 'hidewall'], $condition);
+		if (!DBM::is_result($owner)) {
+			logger('Local account not found: ' . $nick . ' - topic: ' . $hub_topic . ' - callback: ' . $hub_callback);
+			System::httpExit(404);
 		}
 
-		$owner = $r[0];
-
 		// abort if user's wall is supposed to be private
-		if ($r[0]['hidewall']) {
-			logger('pubsubhubbub: local user ' . $nick .
-				   'has chosen to hide wall, ignoring.');
-			http_status_exit(403);
+		if ($owner['hidewall']) {
+			logger('Local user ' . $nick . 'has chosen to hide wall, ignoring.');
+			System::httpExit(403);
 		}
 
 		// get corresponding row from contact table
-		$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND NOT `blocked`".
-			   " AND NOT `pending` AND `self` LIMIT 1",
-			   intval($owner['uid']));
-		if (!dbm::is_result($r)) {
-			logger('pubsubhubbub: contact not found.');
-			http_status_exit(404);
+		$condition = ['uid' => $owner['uid'], 'blocked' => false,
+			'pending' => false, 'self' => true];
+		$contact = dba::selectFirst('contact', ['poll'], $condition);
+		if (!DBM::is_result($contact)) {
+			logger('Self contact for user ' . $owner['uid'] . ' not found.');
+			System::httpExit(404);
 		}
 
-		$contact = $r[0];
-
 		// sanity check that topic URLs are the same
-		if(!link_compare($hub_topic, $contact['poll'])) {
-			logger('pubsubhubbub: hub topic ' . $hub_topic . ' != ' .
-				   $contact['poll']);
-			http_status_exit(404);
+		$hub_topic2 = str_replace('/feed/', '/dfrn_poll/', $hub_topic);
+		if (!link_compare($hub_topic, $contact['poll']) && !link_compare($hub_topic2, $contact['poll'])) {
+			logger('Hub topic ' . $hub_topic . ' != ' . $contact['poll']);
+			System::httpExit(404);
 		}
 
 		// do subscriber verification according to the PuSH protocol
@@ -100,63 +105,25 @@ function pubsubhubbub_init(App $a) {
 		// we don't actually enforce the lease time because GNU
 		// Social/StatusNet doesn't honour it (yet)
 
-		$body = fetch_url($hub_callback . "?" . $params);
+		$body = Network::fetchUrl($hub_callback . "?" . $params);
 		$ret = $a->get_curl_code();
 
 		// give up if the HTTP return code wasn't a success (2xx)
 		if ($ret < 200 || $ret > 299) {
-			logger("pubsubhubbub: subscriber verification at $hub_callback ".
-				   "returned $ret, ignoring.");
-			http_status_exit(404);
+			logger("Subscriber verification for $hub_topic at $hub_callback returned $ret, ignoring.");
+			System::httpExit(404);
 		}
 
 		// check that the correct hub_challenge code was echoed back
 		if (trim($body) !== $hub_challenge) {
-			logger("pubsubhubbub: subscriber did not echo back ".
-				   "hub.challenge, ignoring.");
+			logger("Subscriber did not echo back hub.challenge, ignoring.");
 			logger("\"$hub_challenge\" != \"".trim($body)."\"");
-			http_status_exit(404);
+			System::httpExit(404);
 		}
 
-		// fetch the old subscription if it exists
-		$r = q("SELECT * FROM `push_subscriber` WHERE `callback_url` = '%s'",
-		  dbesc($hub_callback));
-
-		// delete old subscription if it exists
-		q("DELETE FROM `push_subscriber` WHERE `callback_url` = '%s'",
-		  dbesc($hub_callback));
-
-		if ($subscribe) {
-			$last_update = datetime_convert('UTC','UTC','now','Y-m-d H:i:s');
-			$push_flag = 0;
-
-			// if we are just updating an old subscription, keep the
-			// old values for push and last_update
-			if (dbm::is_result($r)) {
-				$last_update = $r[0]['last_update'];
-				$push_flag = $r[0]['push'];
-			}
-
-			// subscribe means adding the row to the table
-			q("INSERT INTO `push_subscriber` (`uid`, `callback_url`, " .
-			  "`topic`, `nickname`, `push`, `last_update`, `secret`) values " .
-			  "(%d, '%s', '%s', '%s', %d, '%s', '%s')",
-			  intval($owner['uid']),
-			  dbesc($hub_callback),
-			  dbesc($hub_topic),
-			  dbesc($nick),
-			  intval($push_flag),
-			  dbesc($last_update),
-			  dbesc($hub_secret));
-			logger("pubsubhubbub: successfully subscribed [$hub_callback].");
-		} else {
-			logger("pubsubhubbub: successfully unsubscribed [$hub_callback].");
-			// we do nothing here, since the row was already deleted
-		}
-		http_status_exit(202);
-	}
+		PushSubscriber::renew($owner['uid'], $nick, $subscribe, $hub_callback, $hub_topic, $hub_secret);
 
+		System::httpExit(202);
+	}
 	killme();
 }
-
-?>