X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fredir.php;h=eb9702b0415a31525b5d0e68f691f68f0c207a1a;hb=18c8f4d8b57988ce5e22c261d7ab9d73aa2a3dd5;hp=5c8849ecad5caae5c6a4b1e11cc9f2fd780a03b9;hpb=2c96ad77396b0df2be481c4f90cc61ebaa83bc75;p=friendica.git

diff --git a/mod/redir.php b/mod/redir.php
index 5c8849ecad..eb9702b041 100644
--- a/mod/redir.php
+++ b/mod/redir.php
@@ -3,15 +3,20 @@
 function redir_init(&$a) {
 
 	if((! local_user()) || (! ($a->argc == 2)) || (! intval($a->argv[1])))
-		goaway($a->get_baseurl());
-	$r = q("SELECT `issued-id`, `dfrn-id`, `duplex`, `poll` FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
-		intval($a->argv[1]),
-		intval($_SESSION['uid']));
-	if(! count($r))
-		goaway($a->get_baseurl());
+		goaway(z_root());
+	$cid = $a->argv[1];
+	$url = ((x($_GET,'url')) ? $_GET['url'] : '');
 
+	$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+		intval($cid),
+		intval(local_user())
+	);
+
+	if((! count($r)) || ($r[0]['network'] !== 'dfrn'))
+		goaway(z_root());
+
+	$dfrn_id = $orig_id = (($r[0]['issued-id']) ? $r[0]['issued-id'] : $r[0]['dfrn-id']);
 
-	$dfrn_id = $orig_id = $r[0]['issued-id'];
 	if($r[0]['duplex'] && $r[0]['issued-id']) {
 		$orig_id = $r[0]['issued-id'];
 		$dfrn_id = '1:' . $orig_id;
@@ -20,12 +25,21 @@ function redir_init(&$a) {
 		$orig_id = $r[0]['dfrn-id'];
 		$dfrn_id = '0:' . $orig_id;
 	}
-	q("INSERT INTO `profile_check` ( `uid`, `dfrn_id`, `expire`)
-		VALUES( %d, '%s', %d )",
-		intval($_SESSION['uid']),
+
+	$sec = random_string();
+
+	q("INSERT INTO `profile_check` ( `uid`, `cid`, `dfrn_id`, `sec`, `expire`)
+		VALUES( %d, %s, '%s', '%s', %d )",
+		intval(local_user()),
+		intval($cid),
 		dbesc($dfrn_id),
-		intval(time() + 45));
-	goaway ($r[0]['poll'] . '?dfrn_id=' . $dfrn_id . '&type=profile');
+		dbesc($sec),
+		intval(time() + 45)
+	);
 
+	logger('mod_redir: ' . $r[0]['name'] . ' ' . $sec, LOGGER_DEBUG); 
+	$dest = (($url) ? '&destination_url=' . $url : '');
+	goaway ($r[0]['poll'] . '?dfrn_id=' . $dfrn_id 
+		. '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&type=profile&sec=' . $sec . $dest );
 	
-}
\ No newline at end of file
+}