X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=src%2FProtocol%2FDFRN.php;h=b207c3ca87cde7b4be9d705e936150c26a2c4cac;hb=214407bdc8e7ae126f1b44eaaa1f902e38fb1b9d;hp=e37bfae5603e0aa8ba64560fad3d3bf06edde62a;hpb=7211fc4f1ac33819ed0543ac65f9a075250c3190;p=friendica.git diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php index e37bfae560..b207c3ca87 100644 --- a/src/Protocol/DFRN.php +++ b/src/Protocol/DFRN.php @@ -8,6 +8,8 @@ */ namespace Friendica\Protocol; +use DOMDocument; +use DOMXPath; use Friendica\App; use Friendica\Content\OEmbed; use Friendica\Content\Text\BBCode; @@ -15,26 +17,22 @@ use Friendica\Content\Text\HTML; use Friendica\Core\Addon; use Friendica\Core\Config; use Friendica\Core\L10n; +use Friendica\Core\Protocol; use Friendica\Core\System; -use Friendica\Core\Worker; -use Friendica\Database\DBM; +use Friendica\Database\DBA; use Friendica\Model\Contact; +use Friendica\Model\Conversation; use Friendica\Model\Event; use Friendica\Model\GContact; -use Friendica\Model\Group; use Friendica\Model\Item; +use Friendica\Model\PermissionSet; use Friendica\Model\Profile; use Friendica\Model\User; use Friendica\Object\Image; -use Friendica\Protocol\OStatus; use Friendica\Util\Crypto; use Friendica\Util\DateTimeFormat; use Friendica\Util\Network; use Friendica\Util\XML; -use Friendica\Protocol\Diaspora; -use dba; -use DOMDocument; -use DOMXPath; use HTMLPurifier; use HTMLPurifier_Config; @@ -54,6 +52,46 @@ class DFRN const REPLY = 1; // Regular reply that is stored locally const REPLY_RC = 2; // Reply that will be relayed + /** + * @brief Generates an array of contact and user for DFRN imports + * + * This array contains not only the receiver but also the sender of the message. + * + * @param integer $cid Contact id + * @param integer $uid User id + * + * @return array importer + */ + public static function getImporter($cid, $uid = 0) + { + $condition = ['id' => $cid, 'blocked' => false, 'pending' => false]; + $contact = DBA::selectFirst('contact', [], $condition); + if (!DBA::isResult($contact)) { + return []; + } + + $contact['cpubkey'] = $contact['pubkey']; + $contact['cprvkey'] = $contact['prvkey']; + $contact['senderName'] = $contact['name']; + + if ($uid != 0) { + $condition = ['uid' => $uid, 'account_expired' => false, 'account_removed' => false]; + $user = DBA::selectFirst('user', [], $condition); + if (!DBA::isResult($user)) { + return []; + } + + $user['importer_uid'] = $user['uid']; + $user['uprvkey'] = $user['prvkey']; + } else { + $user = ['importer_uid' => 0, 'uprvkey' => '', 'timezone' => 'UTC', + 'nickname' => '', 'sprvkey' => '', 'spubkey' => '', + 'page-flags' => 0, 'account-type' => 0, 'prvnets' => 0]; + } + + return array_merge($contact, $user); + } + /** * @brief Generates the atom entries for delivery.php * @@ -77,6 +115,11 @@ class DFRN } foreach ($items as $item) { + // These values aren't sent when sending from the queue. + /// @todo Check if we can set these values from the queue or if they are needed at all. + $item["entry:comment-allow"] = defaults($item, "entry:comment-allow", true); + $item["entry:cid"] = defaults($item, "entry:cid", 0); + $entry = self::entry($doc, "text", $item, $owner, $item["entry:comment-allow"], $item["entry:cid"]); $root->appendChild($entry); } @@ -122,16 +165,16 @@ class DFRN // default permissions - anonymous user - $sql_extra = " AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' "; + $sql_extra = " AND NOT `item`.`private` "; $r = q( "SELECT `contact`.*, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags`, `user`.`account-type` FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid` WHERE `contact`.`self` AND `user`.`nickname` = '%s' LIMIT 1", - dbesc($owner_nick) + DBA::escape($owner_nick) ); - if (! DBM::is_result($r)) { + if (! DBA::isResult($r)) { logger(sprintf('No contact found for nickname=%d', $owner_nick), LOGGER_WARNING); killme(); } @@ -146,15 +189,15 @@ class DFRN $sql_extra = ''; switch ($direction) { case (-1): - $sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($dfrn_id)); + $sql_extra = sprintf(" AND `issued-id` = '%s' ", DBA::escape($dfrn_id)); $my_id = $dfrn_id; break; case 0: - $sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id)); + $sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", DBA::escape($dfrn_id)); $my_id = '1:' . $dfrn_id; break; case 1: - $sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id)); + $sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", DBA::escape($dfrn_id)); $my_id = '0:' . $dfrn_id; break; default: @@ -167,37 +210,21 @@ class DFRN intval($owner_id) ); - if (! DBM::is_result($r)) { + if (! DBA::isResult($r)) { logger(sprintf('No contact found for uid=%d', $owner_id), LOGGER_WARNING); killme(); } $contact = $r[0]; include_once 'include/security.php'; - $groups = Group::getIdsByContactId($contact['id']); - if (count($groups)) { - for ($x = 0; $x < count($groups); $x ++) { - $groups[$x] = '<' . intval($groups[$x]) . '>' ; - } + $set = PermissionSet::get($owner_id, $contact['id']); - $gs = implode('|', $groups); + if (!empty($set)) { + $sql_extra = " AND `item`.`psid` IN (" . implode(',', $set) .")"; } else { - $gs = '<<>>' ; // Impossible to match - } - - $sql_extra = sprintf( - " - AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' ) - AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' ) - AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' ) - AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s') - ", - intval($contact['id']), - intval($contact['id']), - dbesc($gs), - dbesc($gs) - ); + $sql_extra = " AND NOT `item`.`private`"; + } } if ($public_feed) { @@ -213,7 +240,7 @@ class DFRN if (isset($category)) { $sql_post_table = sprintf( "INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ", - dbesc(protect_sprintf($category)), + DBA::escape(protect_sprintf($category)), intval(TERM_OBJ_POST), intval(TERM_CATEGORY), intval($owner_id) @@ -235,8 +262,8 @@ class DFRN $sql_extra ORDER BY `item`.`parent` ".$sort.", `item`.`created` ASC LIMIT 0, 300", intval($owner_id), - dbesc($check_date), - dbesc($sort) + DBA::escape($check_date), + DBA::escape($sort) ); $ids = []; @@ -276,7 +303,7 @@ class DFRN /// @TODO This hook can't work anymore // Addon::callHooks('atom_feed', $atom); - if (!DBM::is_result($items) || $onlyheader) { + if (!DBA::isResult($items) || $onlyheader) { $atom = trim($doc->saveXML()); Addon::callHooks('atom_feed_end', $atom); @@ -286,7 +313,7 @@ class DFRN foreach ($items as $item) { // prevent private email from leaking. - if ($item['network'] == NETWORK_MAIL) { + if ($item['network'] == Protocol::MAIL) { continue; } @@ -331,7 +358,7 @@ class DFRN $ret = Item::select(Item::DELIVER_FIELDLIST, $condition); $items = Item::inArray($ret); - if (!DBM::is_result($items)) { + if (!DBA::isResult($items)) { killme(); } @@ -561,14 +588,14 @@ class DFRN } // For backward compatibility we keep this element - if ($owner['page-flags'] == PAGE_COMMUNITY) { + if ($owner['page-flags'] == Contact::PAGE_COMMUNITY) { XML::addElement($doc, $root, "dfrn:community", 1); } // The former element is replaced by this one XML::addElement($doc, $root, "dfrn:account_type", $owner["account-type"]); - /// @todo We need a way to transmit the different page flags like "PAGE_PRVGROUP" + /// @todo We need a way to transmit the different page flags like "Contact::PAGE_PRVGROUP" XML::addElement($doc, $root, "updated", DateTimeFormat::utcNow(DateTimeFormat::ATOM)); @@ -597,7 +624,7 @@ class DFRN WHERE (`hidewall` OR NOT `net-publish`) AND `user`.`uid` = %d", intval($owner['uid']) ); - if (DBM::is_result($r)) { + if (DBA::isResult($r)) { $hidewall = true; } else { $hidewall = false; @@ -656,7 +683,7 @@ class DFRN WHERE `profile`.`is-default` AND NOT `user`.`hidewall` AND `user`.`uid` = %d", intval($owner['uid']) ); - if (DBM::is_result($r)) { + if (DBA::isResult($r)) { $profile = $r[0]; XML::addElement($doc, $author, "poco:displayName", $profile["name"]); @@ -910,7 +937,7 @@ class DFRN $entry->setAttribute("xmlns:statusnet", NAMESPACE_STATUSNET); } - if ($item['allow_cid'] || $item['allow_gid'] || $item['deny_cid'] || $item['deny_gid']) { + if ($item['private']) { $body = Item::fixPrivatePhotos($item['body'], $owner['uid'], $item, $cid); } else { $body = $item['body']; @@ -950,8 +977,8 @@ class DFRN $conversation_uri = $conversation_href; if (isset($parent_item)) { - $conversation = dba::selectFirst('conversation', ['conversation-uri', 'conversation-href'], ['item-uri' => $item['parent-uri']]); - if (DBM::is_result($conversation)) { + $conversation = DBA::selectFirst('conversation', ['conversation-uri', 'conversation-href'], ['item-uri' => $item['parent-uri']]); + if (DBA::isResult($conversation)) { if ($conversation['conversation-uri'] != '') { $conversation_uri = $conversation['conversation-uri']; } @@ -1004,15 +1031,15 @@ class DFRN XML::addElement($doc, $entry, "georss:point", $item['coord']); } - if (($item['private']) || strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])) { - XML::addElement($doc, $entry, "dfrn:private", (($item['private']) ? $item['private'] : 1)); + if ($item['private']) { + XML::addElement($doc, $entry, "dfrn:private", ($item['private'] ? $item['private'] : 1)); } if ($item['extid']) { XML::addElement($doc, $entry, "dfrn:extid", $item['extid']); } - if ($item['bookmark']) { + if ($item['post-type'] == Item::PT_PAGE) { XML::addElement($doc, $entry, "dfrn:bookmark", "true"); } @@ -1069,13 +1096,10 @@ class DFRN } foreach ($mentioned as $mention) { - $r = q( - "SELECT `forum`, `prv` FROM `contact` WHERE `uid` = %d AND `nurl` = '%s'", - intval($owner["uid"]), - dbesc(normalise_link($mention)) - ); + $condition = ['uid' => $owner["uid"], 'nurl' => normalise_link($mention)]; + $contact = DBA::selectFirst('contact', ['forum', 'prv'], $condition); - if (DBM::is_result($r) && ($r[0]["forum"] || $r[0]["prv"])) { + if (DBA::isResult($contact) && ($contact["forum"] || $contact["prv"])) { XML::addElement( $doc, $entry, @@ -1145,10 +1169,12 @@ class DFRN $a = get_app(); // At first try the Diaspora transport layer - $ret = self::transmit($owner, $contact, $atom); - if ($ret >= 200) { - logger('Delivery via Diaspora transport layer was successful with status ' . $ret); - return $ret; + if (!$dissolve) { + $ret = self::transmit($owner, $contact, $atom); + if ($ret >= 200) { + logger('Delivery via Diaspora transport layer was successful with status ' . $ret); + return $ret; + } } $idtosend = $orig_id = (($contact['dfrn-id']) ? $contact['dfrn-id'] : $contact['issued-id']); @@ -1187,7 +1213,7 @@ class DFRN $ret = Network::curl($url); - if ($ret['errno'] == CURLE_OPERATION_TIMEDOUT) { + if (!empty($ret["errno"]) && ($ret['errno'] == CURLE_OPERATION_TIMEDOUT)) { Contact::markForArchival($contact); return -2; // timed out } @@ -1216,9 +1242,16 @@ class DFRN $res = XML::parseString($xml); - if ((intval($res->status) != 0) || !strlen($res->challenge) || !strlen($res->dfrn_id)) { + if (!is_object($res) || (intval($res->status) != 0) || !strlen($res->challenge) || !strlen($res->dfrn_id)) { Contact::markForArchival($contact); - return ($res->status ? $res->status : 3); + + if (empty($res->status)) { + $status = 3; + } else { + $status = $res->status; + } + + return $status; } $postvars = []; @@ -1227,32 +1260,29 @@ class DFRN $perm = (($res->perm) ? $res->perm : null); $dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0); $rino_remote_version = intval($res->rino); - $page = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0); + $page = (($owner['page-flags'] == Contact::PAGE_COMMUNITY) ? 1 : 0); logger("Remote rino version: ".$rino_remote_version." for ".$contact["url"], LOGGER_DEBUG); - if ($owner['page-flags'] == PAGE_PRVGROUP) { + if ($owner['page-flags'] == Contact::PAGE_PRVGROUP) { $page = 2; } $final_dfrn_id = ''; if ($perm) { - if ((($perm == 'rw') && (! intval($contact['writable']))) - || (($perm == 'r') && (intval($contact['writable']))) + if ((($perm == 'rw') && !intval($contact['writable'])) + || (($perm == 'r') && intval($contact['writable'])) ) { - q( - "update contact set writable = %d where id = %d", - intval(($perm == 'rw') ? 1 : 0), - intval($contact['id']) - ); + DBA::update('contact', ['writable' => ($perm == 'rw')], ['id' => $contact['id']]); + $contact['writable'] = (string) 1 - intval($contact['writable']); } } if (($contact['duplex'] && strlen($contact['pubkey'])) - || ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey'])) - || ($contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey'])) + || ($owner['page-flags'] == Contact::PAGE_COMMUNITY && strlen($contact['pubkey'])) + || ($contact['rel'] == Contact::SHARING && strlen($contact['pubkey'])) ) { openssl_public_decrypt($sent_dfrn_id, $final_dfrn_id, $contact['pubkey']); openssl_public_decrypt($challenge, $postvars['challenge'], $contact['pubkey']); @@ -1280,7 +1310,7 @@ class DFRN $postvars['dissolve'] = '1'; } - if ((($contact['rel']) && ($contact['rel'] != CONTACT_IS_SHARING) && (! $contact['blocked'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) { + if ((($contact['rel']) && ($contact['rel'] != Contact::SHARING) && (! $contact['blocked'])) || ($owner['page-flags'] == Contact::PAGE_COMMUNITY)) { $postvars['data'] = $atom; $postvars['perm'] = 'rw'; } else { @@ -1303,6 +1333,7 @@ class DFRN $key = openssl_random_pseudo_bytes(16); $data = self::aesEncrypt($postvars['data'], $key); break; + default: logger("rino: invalid requested version '$rino_remote_version'"); Contact::markForArchival($contact); @@ -1314,15 +1345,15 @@ class DFRN if ($dfrn_version >= 2.1) { if (($contact['duplex'] && strlen($contact['pubkey'])) - || ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey'])) - || ($contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey'])) + || ($owner['page-flags'] == Contact::PAGE_COMMUNITY && strlen($contact['pubkey'])) + || ($contact['rel'] == Contact::SHARING && strlen($contact['pubkey'])) ) { openssl_public_encrypt($key, $postvars['key'], $contact['pubkey']); } else { openssl_private_encrypt($key, $postvars['key'], $contact['prvkey']); } } else { - if (($contact['duplex'] && strlen($contact['prvkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) { + if (($contact['duplex'] && strlen($contact['prvkey'])) || ($owner['page-flags'] == Contact::PAGE_COMMUNITY)) { openssl_private_encrypt($key, $postvars['key'], $contact['prvkey']); } else { openssl_public_encrypt($key, $postvars['key'], $contact['pubkey']); @@ -1399,7 +1430,7 @@ class DFRN if (empty($contact['addr'])) { logger('Empty contact handle for ' . $contact['id'] . ' - ' . $contact['url'] . ' - trying to update it.'); if (Contact::updateFromProbe($contact['id'])) { - $new_contact = dba::selectFirst('contact', ['addr'], ['id' => $contact['id']]); + $new_contact = DBA::selectFirst('contact', ['addr'], ['id' => $contact['id']]); $contact['addr'] = $new_contact['addr']; } @@ -1486,15 +1517,9 @@ class DFRN private static function birthdayEvent($contact, $birthday) { // Check for duplicates - $r = q( - "SELECT `id` FROM `event` WHERE `uid` = %d AND `cid` = %d AND `start` = '%s' AND `type` = '%s' LIMIT 1", - intval($contact['uid']), - intval($contact['id']), - dbesc(DateTimeFormat::utc($birthday)), - dbesc('birthday') - ); - - if (DBM::is_result($r)) { + $condition = ['uid' => $contact['uid'], 'cid' => $contact['id'], + 'start' => DateTimeFormat::utc($birthday), 'type' => 'birthday']; + if (DBA::exists('event', $condition)) { return; } @@ -1508,13 +1533,13 @@ class DFRN VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s') ", intval($contact['uid']), intval($contact['id']), - dbesc(DateTimeFormat::utcNow()), - dbesc(DateTimeFormat::utcNow()), - dbesc(DateTimeFormat::utc($birthday)), - dbesc(DateTimeFormat::utc($birthday . ' + 1 day ')), - dbesc($bdtext), - dbesc($bdtext2), - dbesc('birthday') + DBA::escape(DateTimeFormat::utcNow()), + DBA::escape(DateTimeFormat::utcNow()), + DBA::escape(DateTimeFormat::utc($birthday)), + DBA::escape(DateTimeFormat::utc($birthday . ' + 1 day ')), + DBA::escape($bdtext), + DBA::escape($bdtext2), + DBA::escape('birthday') ); } @@ -1540,10 +1565,10 @@ class DFRN $fields = ['id', 'uid', 'url', 'network', 'avatar-date', 'avatar', 'name-date', 'uri-date', 'addr', 'name', 'nick', 'about', 'location', 'keywords', 'xmpp', 'bdyear', 'bd', 'hidden', 'contact-type']; $condition = ["`uid` = ? AND `nurl` = ? AND `network` != ?", - $importer["importer_uid"], normalise_link($author["link"]), NETWORK_STATUSNET]; - $contact_old = dba::selectFirst('contact', $fields, $condition); + $importer["importer_uid"], normalise_link($author["link"]), Protocol::STATUSNET]; + $contact_old = DBA::selectFirst('contact', $fields, $condition); - if (DBM::is_result($contact_old)) { + if (DBA::isResult($contact_old)) { $author["contact-id"] = $contact_old["id"]; $author["network"] = $contact_old["network"]; } else { @@ -1551,6 +1576,7 @@ class DFRN logger("Contact ".$author["link"]." wasn't found for user ".$importer["importer_uid"]." XML: ".$xml, LOGGER_DEBUG); } + $author["contact-unknown"] = true; $author["contact-id"] = $importer["id"]; $author["network"] = $importer["network"]; $onlyfetch = true; @@ -1585,7 +1611,21 @@ class DFRN $author["avatar"] = current($avatarlist); } - if (DBM::is_result($contact_old) && !$onlyfetch) { + if (empty($author['avatar']) && !empty($author['link'])) { + $cid = Contact::getIdForURL($author['link'], 0); + if (!empty($cid)) { + $contact = DBA::selectFirst('contact', ['avatar'], ['id' => $cid]); + if (DBA::isResult($contact)) { + $author['avatar'] = $contact['avatar']; + } + } + } + + if (empty($author['avatar'])) { + logger('Empty author: ' . $xml); + } + + if (DBA::isResult($contact_old) && !$onlyfetch) { logger("Check if contact details for contact " . $contact_old["id"] . " (" . $contact_old["nick"] . ") have to be updated.", LOGGER_DEBUG); $poco = ["url" => $contact_old["url"]]; @@ -1714,6 +1754,10 @@ class DFRN // Update check for this field has to be done differently $datefields = ["name-date", "uri-date"]; foreach ($datefields as $field) { + // The date fields arrives as '2018-07-17T10:44:45Z' - the database return '2018-07-17 10:44:45' + // The fields have to be in the same format to be comparable, since strtotime does add timezones. + $contact[$field] = DateTimeFormat::utc($contact[$field]); + if (strtotime($contact[$field]) > strtotime($contact_old[$field])) { logger("Difference for contact " . $contact["id"] . " in field '" . $field . "'. New value: '" . $contact[$field] . "', old value '" . $contact_old[$field] . "'", LOGGER_DEBUG); $update = true; @@ -1735,11 +1779,11 @@ class DFRN `addr` = '%s', `keywords` = '%s', `bdyear` = '%s', `bd` = '%s', `hidden` = %d, `xmpp` = '%s', `name-date` = '%s', `uri-date` = '%s' WHERE `id` = %d AND `network` = '%s'", - dbesc($contact["name"]), dbesc($contact["nick"]), dbesc($contact["about"]), dbesc($contact["location"]), - dbesc($contact["addr"]), dbesc($contact["keywords"]), dbesc($contact["bdyear"]), - dbesc($contact["bd"]), intval($contact["hidden"]), dbesc($contact["xmpp"]), - dbesc(DBM::date($contact["name-date"])), dbesc(DBM::date($contact["uri-date"])), - intval($contact["id"]), dbesc($contact["network"]) + DBA::escape($contact["name"]), DBA::escape($contact["nick"]), DBA::escape($contact["about"]), DBA::escape($contact["location"]), + DBA::escape($contact["addr"]), DBA::escape($contact["keywords"]), DBA::escape($contact["bdyear"]), + DBA::escape($contact["bd"]), intval($contact["hidden"]), DBA::escape($contact["xmpp"]), + DBA::escape(DateTimeFormat::utc($contact["name-date"])), DBA::escape(DateTimeFormat::utc($contact["uri-date"])), + intval($contact["id"]), DBA::escape($contact["network"]) ); } @@ -1852,7 +1896,9 @@ class DFRN $msg["seen"] = 0; $msg["replied"] = 0; - dba::insert('mail', $msg); + DBA::insert('mail', $msg); + + $msg["id"] = DBA::lastInsertId(); // send notifications. /// @TODO Arange this mess @@ -1903,13 +1949,6 @@ class DFRN // Does our member already have a friend matching this description? - $r = q( - "SELECT `id` FROM `contact` WHERE `name` = '%s' AND `nurl` = '%s' AND `uid` = %d LIMIT 1", - dbesc($suggest["name"]), - dbesc(normalise_link($suggest["url"])), - intval($suggest["uid"]) - ); - /* * The valid result means the friend we're about to send a friend * suggestion already has them in their contact, which means no further @@ -1917,62 +1956,51 @@ class DFRN * * @see https://github.com/friendica/friendica/pull/3254#discussion_r107315246 */ - if (DBM::is_result($r)) { + $condition = ['name' => $suggest["name"], 'nurl' => normalise_link($suggest["url"]), + 'uid' => $suggest["uid"]]; + if (DBA::exists('contact', $condition)) { return false; } // Do we already have an fcontact record for this person? $fid = 0; - $r = q( - "SELECT `id` FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1", - dbesc($suggest["url"]), - dbesc($suggest["name"]), - dbesc($suggest["request"]) - ); - if (DBM::is_result($r)) { - $fid = $r[0]["id"]; - - // OK, we do. Do we already have an introduction for this person ? - $r = q( - "SELECT `id` FROM `intro` WHERE `uid` = %d AND `fid` = %d LIMIT 1", - intval($suggest["uid"]), - intval($fid) - ); + $condition = ['url' => $suggest["url"], 'name' => $suggest["name"], 'request' => $suggest["request"]]; + $fcontact = DBA::selectFirst('fcontact', ['id'], $condition); + if (DBA::isResult($fcontact)) { + $fid = $fcontact["id"]; - /* - * The valid result means the friend we're about to send a friend - * suggestion already has them in their contact, which means no further - * action is required. - * - * @see https://github.com/friendica/friendica/pull/3254#discussion_r107315246 - */ - if (DBM::is_result($r)) { + // OK, we do. Do we already have an introduction for this person? + if (DBA::exists('intro', ['uid' => $suggest["uid"], 'fid' => $fid])) { + /* + * The valid result means the friend we're about to send a friend + * suggestion already has them in their contact, which means no further + * action is required. + * + * @see https://github.com/friendica/friendica/pull/3254#discussion_r107315246 + */ return false; } } if (!$fid) { $r = q( "INSERT INTO `fcontact` (`name`,`url`,`photo`,`request`) VALUES ('%s', '%s', '%s', '%s')", - dbesc($suggest["name"]), - dbesc($suggest["url"]), - dbesc($suggest["photo"]), - dbesc($suggest["request"]) + DBA::escape($suggest["name"]), + DBA::escape($suggest["url"]), + DBA::escape($suggest["photo"]), + DBA::escape($suggest["request"]) ); } - $r = q( - "SELECT `id` FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1", - dbesc($suggest["url"]), - dbesc($suggest["name"]), - dbesc($suggest["request"]) - ); + + $condition = ['url' => $suggest["url"], 'name' => $suggest["name"], 'request' => $suggest["request"]]; + $fcontact = DBA::selectFirst('fcontact', ['id'], $condition); /* * If no record in fcontact is found, below INSERT statement will not * link an introduction to it. */ - if (!DBM::is_result($r)) { - // database record did not get created. Quietly give up. + if (!DBA::isResult($fcontact)) { + // Database record did not get created. Quietly give up. killme(); } @@ -1986,9 +2014,9 @@ class DFRN intval($suggest["uid"]), intval($fid), intval($suggest["cid"]), - dbesc($suggest["body"]), - dbesc($hash), - dbesc(DateTimeFormat::utcNow()), + DBA::escape($suggest["body"]), + DBA::escape($hash), + DBA::escape(DateTimeFormat::utcNow()), intval(0) ); @@ -2052,12 +2080,12 @@ class DFRN // update contact $r = q( - "SELECT `photo`, `url` FROM `contact` WHERE `id` = %d AND `uid` = %d;", + "SELECT `photo`, `url` FROM `contact` WHERE `id` = %d AND `uid` = %d", intval($importer["id"]), intval($importer["importer_uid"]) ); - if (!DBM::is_result($r)) { + if (!DBA::isResult($r)) { logger("Query failed to execute, no result returned in " . __FUNCTION__); return false; } @@ -2071,7 +2099,7 @@ class DFRN 'url' => $relocate["url"], 'nurl' => normalise_link($relocate["url"]), 'addr' => $relocate["addr"], 'connect' => $relocate["addr"], 'notify' => $relocate["notify"], 'server_url' => $relocate["server_url"]]; - dba::update('gcontact', $fields, ['nurl' => normalise_link($old["url"])]); + DBA::update('gcontact', $fields, ['nurl' => normalise_link($old["url"])]); // Update the contact table. We try to find every entry. $fields = ['name' => $relocate["name"], 'avatar' => $relocate["avatar"], @@ -2081,7 +2109,7 @@ class DFRN 'poll' => $relocate["poll"], 'site-pubkey' => $relocate["sitepubkey"]]; $condition = ["(`id` = ?) OR (`nurl` = ?)", $importer["id"], normalise_link($old["url"])]; - dba::update('contact', $fields, $condition); + DBA::update('contact', $fields, $condition); Contact::updateAvatar($relocate["avatar"], $importer["importer_uid"], $importer["id"], true); @@ -2141,7 +2169,7 @@ class DFRN if ($item["parent-uri"] != $item["uri"]) { $community = false; - if ($importer["page-flags"] == PAGE_COMMUNITY || $importer["page-flags"] == PAGE_PRVGROUP) { + if ($importer["page-flags"] == Contact::PAGE_COMMUNITY || $importer["page-flags"] == Contact::PAGE_PRVGROUP) { $sql_extra = ""; $community = true; logger("possible community action"); @@ -2155,7 +2183,7 @@ class DFRN $is_a_remote_action = false; $parent = Item::selectFirst(['parent-uri'], ['uri' => $item["parent-uri"]]); - if (DBM::is_result($parent)) { + if (DBA::isResult($parent)) { $r = q( "SELECT `item`.`forum_mode`, `item`.`wall` FROM `item` INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id` @@ -2163,12 +2191,12 @@ class DFRN AND `item`.`uid` = %d $sql_extra LIMIT 1", - dbesc($parent["parent-uri"]), - dbesc($parent["parent-uri"]), - dbesc($parent["parent-uri"]), + DBA::escape($parent["parent-uri"]), + DBA::escape($parent["parent-uri"]), + DBA::escape($parent["parent-uri"]), intval($importer["importer_uid"]) ); - if (DBM::is_result($r)) { + if (DBA::isResult($r)) { $is_a_remote_action = true; } } @@ -2225,7 +2253,12 @@ class DFRN } if ($Blink && link_compare($Blink, System::baseUrl() . "/profile/" . $importer["nickname"])) { - $author = dba::selectFirst('contact', ['name', 'thumb', 'url'], ['id' => $item['author-id']]); + $author = DBA::selectFirst('contact', ['name', 'thumb', 'url'], ['id' => $item['author-id']]); + + $item['id'] = $posted_id; + + $parent = Item::selectFirst(['id'], ['uri' => $item['parent-uri'], 'uid' => $importer["importer_uid"]]); + $item["parent"] = $parent['id']; // send a notification notification( @@ -2302,7 +2335,6 @@ class DFRN || ($item["verb"] == ACTIVITY_ATTENDMAYBE) ) { $is_like = true; - $item["type"] = "activity"; $item["gravity"] = GRAVITY_ACTIVITY; // only one like or dislike per person // splitted into two queries for performance issues @@ -2327,7 +2359,8 @@ class DFRN if ($xt->type == ACTIVITY_OBJ_NOTE) { $item_tag = Item::selectFirst(['id', 'tag'], ['uri' => $xt->id, 'uid' => $importer["importer_uid"]]); - if (!DBM::is_result($item_tag)) { + + if (!DBA::isResult($item_tag)) { logger("Query failed to execute, no result returned in " . __FUNCTION__); return false; } @@ -2377,8 +2410,11 @@ class DFRN break; case "enclosure": $enclosure = $href; - if (strlen($item["attach"])) { + + if (!empty($item["attach"])) { $item["attach"] .= ","; + } else { + $item["attach"] = ""; } $item["attach"] .= '[attach]href="' . $href . '" length="' . $length . '" type="' . $type . '" title="' . $title . '"[/attach]'; @@ -2405,7 +2441,7 @@ class DFRN $item = $header; - $item["protocol"] = PROTOCOL_DFRN; + $item["protocol"] = Conversation::PARCEL_DFRN; $item["source"] = $xml; @@ -2418,21 +2454,27 @@ class DFRN ['uri' => $item["uri"], 'uid' => $importer["importer_uid"]] ); // Is there an existing item? - if (DBM::is_result($current) && !self::isEditedTimestampNewer($current, $item)) { + if (DBA::isResult($current) && !self::isEditedTimestampNewer($current, $item)) { logger("Item ".$item["uri"]." (".$item['edited'].") already existed.", LOGGER_DEBUG); return; } // Fetch the owner - $owner = self::fetchauthor($xpath, $entry, $importer, "dfrn:owner", true); + $owner = self::fetchauthor($xpath, $entry, $importer, "dfrn:owner", true, $xml); + $owner_unknown = (isset($owner["contact-unknown"]) && $owner["contact-unknown"]); + + $item["owner-name"] = $owner["name"]; $item["owner-link"] = $owner["link"]; + $item["owner-avatar"] = $owner["avatar"]; $item["owner-id"] = Contact::getIdForURL($owner["link"], 0); // fetch the author - $author = self::fetchauthor($xpath, $entry, $importer, "atom:author", true); + $author = self::fetchauthor($xpath, $entry, $importer, "atom:author", true, $xml); + $item["author-name"] = $author["name"]; $item["author-link"] = $author["link"]; + $item["author-avatar"] = $author["avatar"]; $item["author-id"] = Contact::getIdForURL($author["link"], 0); $item["title"] = XML::getFirstNodeValue($xpath, "atom:title/text()", $entry); @@ -2481,7 +2523,7 @@ class DFRN $item["extid"] = XML::getFirstNodeValue($xpath, "dfrn:extid/text()", $entry); if (XML::getFirstNodeValue($xpath, "dfrn:bookmark/text()", $entry) == "true") { - $item["bookmark"] = true; + $item["post-type"] = Item::PT_PAGE; } $notice_info = $xpath->query("statusnet:notice_info", $entry); @@ -2613,7 +2655,6 @@ class DFRN } if ($entrytype == DFRN::REPLY_RC) { - $item["type"] = "remote-comment"; $item["wall"] = 1; } elseif ($entrytype == DFRN::TOP_LEVEL) { if (!isset($item["object-type"])) { @@ -2621,7 +2662,7 @@ class DFRN } // Is it an event? - if ($item["object-type"] == ACTIVITY_OBJ_EVENT) { + if (($item["object-type"] == ACTIVITY_OBJ_EVENT) && !$owner_unknown) { logger("Item ".$item["uri"]." seems to contain an event.", LOGGER_DEBUG); $ev = Event::fromBBCode($item["body"]); if ((x($ev, "desc") || x($ev, "summary")) && x($ev, "start")) { @@ -2632,14 +2673,12 @@ class DFRN $ev["edited"] = $item["edited"]; $ev["private"] = $item["private"]; $ev["guid"] = $item["guid"]; + $ev["plink"] = $item["plink"]; - $r = q( - "SELECT `id` FROM `event` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", - dbesc($item["uri"]), - intval($importer["importer_uid"]) - ); - if (DBM::is_result($r)) { - $ev["id"] = $r[0]["id"]; + $condition = ['uri' => $item["uri"], 'uid' => $importer["importer_uid"]]; + $event = DBA::selectFirst('event', ['id'], $condition); + if (DBA::isResult($event)) { + $ev["id"] = $event["id"]; } $event_id = Event::store($ev); @@ -2654,8 +2693,15 @@ class DFRN return; } + // This check is done here to be able to receive connection requests in "processVerbs" + if (($entrytype == DFRN::TOP_LEVEL) && $owner_unknown) { + logger("Item won't be stored because user " . $importer["importer_uid"] . " doesn't follow " . $item["owner-link"] . ".", LOGGER_DEBUG); + return; + } + + // Update content if 'updated' changes - if (DBM::is_result($current)) { + if (DBA::isResult($current)) { if (self::updateContent($current, $item, $importer, $entrytype)) { logger("Item ".$item["uri"]." was updated.", LOGGER_DEBUG); } else { @@ -2694,7 +2740,7 @@ class DFRN $item["owner-id"] = Contact::getIdForURL($importer["url"], 0); } - if (($importer["rel"] == CONTACT_IS_FOLLOWER) && (!self::tgroupCheck($importer["importer_uid"], $item))) { + if (($importer["rel"] == Contact::FOLLOWER) && (!self::tgroupCheck($importer["importer_uid"], $item))) { logger("Contact ".$importer["id"]." is only follower and tgroup check was negative.", LOGGER_DEBUG); return; } @@ -2747,7 +2793,7 @@ class DFRN $condition = ['uri' => $uri, 'uid' => $importer["importer_uid"]]; $item = Item::selectFirst(['id', 'parent', 'contact-id', 'file', 'deleted'], $condition); - if (!DBM::is_result($item)) { + if (!DBA::isResult($item)) { logger("Item with uri " . $uri . " for user " . $importer["importer_uid"] . " wasn't found.", LOGGER_DEBUG); return; } @@ -2813,8 +2859,7 @@ class DFRN $header = []; $header["uid"] = $importer["importer_uid"]; - $header["network"] = NETWORK_DFRN; - $header["type"] = "remote"; + $header["network"] = Protocol::DFRN; $header["wall"] = 0; $header["origin"] = 0; $header["contact-id"] = $importer["id"]; @@ -2841,16 +2886,16 @@ class DFRN $accounttype = intval(XML::getFirstNodeValue($xpath, "/atom:feed/dfrn:account_type/text()")); if ($accounttype != $importer["contact-type"]) { - dba::update('contact', ['contact-type' => $accounttype], ['id' => $importer["id"]]); + DBA::update('contact', ['contact-type' => $accounttype], ['id' => $importer["id"]]); } // A forum contact can either have set "forum" or "prv" - but not both - if (($accounttype == ACCOUNT_TYPE_COMMUNITY) && (($forum != $importer["forum"]) || ($forum == $importer["prv"]))) { + if (($accounttype == Contact::ACCOUNT_TYPE_COMMUNITY) && (($forum != $importer["forum"]) || ($forum == $importer["prv"]))) { $condition = ['(`forum` != ? OR `prv` != ?) AND `id` = ?', $forum, !$forum, $importer["id"]]; - dba::update('contact', ['forum' => $forum, 'prv' => !$forum], $condition); + DBA::update('contact', ['forum' => $forum, 'prv' => !$forum], $condition); } } elseif ($forum != $importer["forum"]) { // Deprecated since 3.5.1 $condition = ['`forum` != ? AND `id` = ?', $forum, $importer["id"]]; - dba::update('contact', ['forum' => $forum], $condition); + DBA::update('contact', ['forum' => $forum], $condition); } @@ -2936,23 +2981,23 @@ class DFRN /// @todo Why is there a query for "url" *and* "nurl"? Especially this normalising is strange. $r = q("SELECT `id` FROM `contact` WHERE `uid` = (SELECT `uid` FROM `user` WHERE `nickname` = '%s' LIMIT 1) AND `nick` = '%s' AND NOT `self` AND (`url` LIKE '%%%s%%' OR `nurl` LIKE '%%%s%%') AND NOT `blocked` AND NOT `pending` LIMIT 1", - dbesc($contact_nick), - dbesc($a->user['nickname']), - dbesc($baseurl), - dbesc($nurl) + DBA::escape($contact_nick), + DBA::escape($a->user['nickname']), + DBA::escape($baseurl), + DBA::escape($nurl) ); - if ((! DBM::is_result($r)) || $r[0]['id'] == remote_user()) { + if ((! DBA::isResult($r)) || $r[0]['id'] == remote_user()) { return; } $r = q("SELECT * FROM contact WHERE nick = '%s' AND network = '%s' AND uid = %d AND url LIKE '%%%s%%' LIMIT 1", - dbesc($contact_nick), - dbesc(NETWORK_DFRN), + DBA::escape($contact_nick), + DBA::escape(Protocol::DFRN), intval(local_user()), - dbesc($baseurl) + DBA::escape($baseurl) ); - if (! DBM::is_result($r)) { + if (! DBA::isResult($r)) { return; } @@ -2978,7 +3023,7 @@ class DFRN $sec = random_string(); - dba::insert('profile_check', ['uid' => local_user(), 'cid' => $cid, 'dfrn_id' => $dfrn_id, 'sec' => $sec, 'expire' => time() + 45]); + DBA::insert('profile_check', ['uid' => local_user(), 'cid' => $cid, 'dfrn_id' => $dfrn_id, 'sec' => $sec, 'expire' => time() + 45]); $url = curPageURL(); @@ -3016,23 +3061,21 @@ class DFRN return false; } - $u = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", - intval($uid) - ); - if (!DBM::is_result($u)) { + $user = DBA::selectFirst('user', ['page-flags', 'nickname'], ['uid' => $uid]); + if (!DBA::isResult($user)) { return false; } - $community_page = ($u[0]['page-flags'] == PAGE_COMMUNITY); - $prvgroup = ($u[0]['page-flags'] == PAGE_PRVGROUP); + $community_page = ($user['page-flags'] == Contact::PAGE_COMMUNITY); + $prvgroup = ($user['page-flags'] == Contact::PAGE_PRVGROUP); - $link = normalise_link(System::baseUrl() . '/profile/' . $u[0]['nickname']); + $link = normalise_link(System::baseUrl() . '/profile/' . $user['nickname']); /* * Diaspora uses their own hardwired link URL in @-tags * instead of the one we supply with webfinger */ - $dlink = normalise_link(System::baseUrl() . '/u/' . $u[0]['nickname']); + $dlink = normalise_link(System::baseUrl() . '/u/' . $user['nickname']); $cnt = preg_match_all('/[\@\!]\[url\=(.*?)\](.*?)\[\/url\]/ism', $item['body'], $matches, PREG_SET_ORDER); if ($cnt) {