From 46e09b05440fac8984ffc777b1dff4a765fcabf6 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Fri, 1 Dec 2017 22:55:48 -0500 Subject: [PATCH 1/2] Fix formatting - dav - jappixmini - windowsphonepush --- dav/friendica/dav_friendica_auth.inc.php | 39 +- jappixmini/jappixmini.php | 668 ++++++++++++----------- windowsphonepush/windowsphonepush.php | 337 +++++------- 3 files changed, 533 insertions(+), 511 deletions(-) diff --git a/dav/friendica/dav_friendica_auth.inc.php b/dav/friendica/dav_friendica_auth.inc.php index acc33fa1e..31a88b688 100644 --- a/dav/friendica/dav_friendica_auth.inc.php +++ b/dav/friendica/dav_friendica_auth.inc.php @@ -1,41 +1,41 @@ currentUser); - } + public function getUsers() + { + return array($this->currentUser); + } /** * @return null|string */ - public function getCurrentUser() { - return $this->currentUser; - } + public function getCurrentUser() + { + return $this->currentUser; + } /** * Authenticates the user based on the current request. @@ -48,8 +48,8 @@ class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic { * @throws Sabre_DAV_Exception_NotAuthenticated * @return bool */ - public function authenticate(Sabre_DAV_Server $server, $realm) { - + public function authenticate(Sabre_DAV_Server $server, $realm) + { $a = get_app(); if (isset($a->user["uid"])) { $this->currentUser = strtolower($a->user["nickname"]); @@ -75,7 +75,6 @@ class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic { return true; } - /** * @param string $username * @param string $password diff --git a/jappixmini/jappixmini.php b/jappixmini/jappixmini.php index 904991534..ba82a0762 100644 --- a/jappixmini/jappixmini.php +++ b/jappixmini/jappixmini.php @@ -1,13 +1,12 @@ -* -*/ - + * Name: jappixmini + * Description: Provides a Facebook-like chat using Jappix Mini + * Version: 1.0.1 + * Author: leberwurscht + * + */ // // Copyright 2012 "Leberwurscht" // @@ -16,141 +15,151 @@ /* -Problem: -* jabber password should not be stored on server -* jabber password should not be sent between server and browser as soon as the user is logged in -* jabber password should not be reconstructible from communication between server and browser as soon as the user is logged in + Problem: + * jabber password should not be stored on server + * jabber password should not be sent between server and browser as soon as the user is logged in + * jabber password should not be reconstructible from communication between server and browser as soon as the user is logged in -Solution: -Only store an encrypted version of the jabber password on the server. The encryption key is only available to the browser -and not to the server (at least as soon as the user is logged in). It can be stored using the jappix setDB function. + Solution: + Only store an encrypted version of the jabber password on the server. The encryption key is only available to the browser + and not to the server (at least as soon as the user is logged in). It can be stored using the jappix setDB function. -This encryption key could be the friendica password, but then this password would be stored in the browser in cleartext. -It is better to use a hash of the password. -The server should not be able to reconstruct the password, so we can't take the same hash the server stores. But we can - use hash("some_prefix"+password). This will however not work with OpenID logins, for this type of login the password must -be queried manually. + This encryption key could be the friendica password, but then this password would be stored in the browser in cleartext. + It is better to use a hash of the password. + The server should not be able to reconstruct the password, so we can't take the same hash the server stores. But we can + use hash("some_prefix"+password). This will however not work with OpenID logins, for this type of login the password must + be queried manually. -Problem: -How to discover the jabber addresses of the friendica contacts? + Problem: + How to discover the jabber addresses of the friendica contacts? -Solution: -Each Friendica site with this addon provides a /jappixmini/ module page. We go through our contacts and retrieve -this information every week using a cron hook. + Solution: + Each Friendica site with this addon provides a /jappixmini/ module page. We go through our contacts and retrieve + this information every week using a cron hook. -Problem: -We do not want to make the jabber address public. + Problem: + We do not want to make the jabber address public. -Solution: -When two friendica users connect using DFRN, the relation gets a DFRN ID and a keypair is generated. -Using this keypair, we can provide the jabber address only to contacts: + Solution: + When two friendica users connect using DFRN, the relation gets a DFRN ID and a keypair is generated. + Using this keypair, we can provide the jabber address only to contacts: -Alice: + Alice: signed_address = openssl_*_encrypt(alice_jabber_address) -send signed_address to Bob, who does + send signed_address to Bob, who does trusted_address = openssl_*_decrypt(signed_address) save trusted_address encrypted_address = openssl_*_encrypt(bob_jabber_address) -reply with encrypted_address to Alice, who does + reply with encrypted_address to Alice, who does decrypted_address = openssl_*_decrypt(encrypted_address) save decrypted_address -Interface for this: -GET /jappixmini/?role=%s&signed_address=%s&dfrn_id=%s + Interface for this: + GET /jappixmini/?role=%s&signed_address=%s&dfrn_id=%s -Response: -json({"status":"ok", "encrypted_address":"%s"}) + Response: + json({"status":"ok", "encrypted_address":"%s"}) -*/ + */ +use Friendica\App; use Friendica\Core\Config; use Friendica\Core\PConfig; +use Friendica\Model\User; -function jappixmini_install() { -register_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings'); -register_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post'); +function jappixmini_install() +{ + register_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings'); + register_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post'); -register_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script'); -register_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login'); + register_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script'); + register_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login'); -register_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron'); + register_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron'); -// Jappix source download as required by AGPL -register_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source'); + // Jappix source download as required by AGPL + register_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source'); -// set standard configuration -$info_text = Config::get("jappixmini", "infotext"); -if (!$info_text) set_confConfig::setig("jappixmini", "infotext", - "To get the chat working, you need to know a BOSH host which works with your Jabber account. ". - "An example of a BOSH server that works for all accounts is https://bind.jappix.com/, but keep ". - "in mind that the BOSH server can read along all chat messages. If you know that your Jabber ". - "server also provides an own BOSH server, it is much better to use this one!" -); + // set standard configuration + $info_text = Config::get("jappixmini", "infotext"); + if (!$info_text) + set_confConfig::setig("jappixmini", "infotext", "To get the chat working, you need to know a BOSH host which works with your Jabber account. " . + "An example of a BOSH server that works for all accounts is https://bind.jappix.com/, but keep " . + "in mind that the BOSH server can read along all chat messages. If you know that your Jabber " . + "server also provides an own BOSH server, it is much better to use this one!" + ); -$bosh_proxy = Config::get("jappixmini", "bosh_proxy"); -if ($bosh_proxy==="") Config::set("jappixmini", "bosh_proxy", "1"); + $bosh_proxy = Config::get("jappixmini", "bosh_proxy"); + if ($bosh_proxy === "") { + Config::set("jappixmini", "bosh_proxy", "1"); + } -// set addon version so that safe updates are possible later -$addon_version = Config::get("jappixmini", "version"); -if ($addon_version==="") Config::set("jappixmini", "version", "1"); + // set addon version so that safe updates are possible later + $addon_version = Config::get("jappixmini", "version"); + if ($addon_version === "") { + Config::set("jappixmini", "version", "1"); + } } +function jappixmini_uninstall() +{ + unregister_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings'); + unregister_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post'); -function jappixmini_uninstall() { -unregister_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings'); -unregister_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post'); + unregister_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script'); + unregister_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login'); -unregister_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script'); -unregister_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login'); + unregister_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron'); -unregister_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron'); - -unregister_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source'); + unregister_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source'); } -function jappixmini_plugin_admin(&$a, &$o) { +function jappixmini_plugin_admin(App $a, &$o) +{ // display instructions and warnings on addon settings page for admin - if (!file_exists("addon/jappixmini.tgz")) { $o .= '

The source archive jappixmini.tgz does not exist. This is probably a violation of the Jappix License (AGPL).

'; } // warn if cron job has not yet been executed $cron_run = Config::get("jappixmini", "last_cron_execution"); - if (!$cron_run) $o .= "

Warning: The cron job has not yet been executed. If this message is still there after some time (usually 10 minutes), this means that autosubscribe and autoaccept will not work.

"; + if (!$cron_run) { + $o .= "

Warning: The cron job has not yet been executed. If this message is still there after some time (usually 10 minutes), this means that autosubscribe and autoaccept will not work.

"; + } // bosh proxy $bosh_proxy = intval(Config::get("jappixmini", "bosh_proxy")); $bosh_proxy = intval($bosh_proxy) ? ' checked="checked"' : ''; $o .= ''; - $o .= '
'; + $o .= '
'; // bosh address $bosh_address = Config::get("jappixmini", "bosh_address"); $o .= '


'; - $o .= '

'; + $o .= '

'; // default server address $default_server = Config::get("jappixmini", "default_server"); $o .= '


'; - $o .= '

'; + $o .= '

'; // default user name to friendica nickname $default_user = intval(Config::get("jappixmini", "default_user")); $default_user = intval($default_user) ? ' checked="checked"' : ''; $o .= ''; - $o .= '
'; + $o .= '
'; // info text field $info_text = Config::get("jappixmini", "infotext"); $o .= '


'; - $o .= '

'; + $o .= '

'; // submit button $o .= ''; } -function jappixmini_plugin_admin_post(&$a) { +function jappixmini_plugin_admin_post(App $a) +{ // set info text $submit = $_REQUEST['jappixmini-admin-settings']; if ($submit) { @@ -167,29 +176,35 @@ function jappixmini_plugin_admin_post(&$a) { } } -function jappixmini_module() {} -function jappixmini_init(&$a) { - // module page where other Friendica sites can submit Jabber addresses to and also can query Jabber addresses - // of local users +function jappixmini_module() +{ +} + +function jappixmini_init() +{ + // module page where other Friendica sites can submit Jabber addresses to and also can query Jabber addresses + // of local users $dfrn_id = $_REQUEST["dfrn_id"]; - if (!$dfrn_id) killme(); + if (!$dfrn_id) { + killme(); + } $role = $_REQUEST["role"]; - if ($role=="pub") { - $r = q("SELECT * FROM `contact` WHERE LENGTH(`pubkey`) AND `dfrn-id`='%s' LIMIT 1", - dbesc($dfrn_id) - ); - if (!count($r)) killme(); + if ($role == "pub") { + $r = q("SELECT * FROM `contact` WHERE LENGTH(`pubkey`) AND `dfrn-id`='%s' LIMIT 1", dbesc($dfrn_id)); + if (!count($r)) { + killme(); + } $encrypt_func = openssl_public_encrypt; $decrypt_func = openssl_public_decrypt; $key = $r[0]["pubkey"]; - } else if ($role=="prv") { - $r = q("SELECT * FROM `contact` WHERE LENGTH(`prvkey`) AND `issued-id`='%s' LIMIT 1", - dbesc($dfrn_id) - ); - if (!count($r)) killme(); + } else if ($role == "prv") { + $r = q("SELECT * FROM `contact` WHERE LENGTH(`prvkey`) AND `issued-id`='%s' LIMIT 1", dbesc($dfrn_id)); + if (!count($r)) { + killme(); + } $encrypt_func = openssl_private_encrypt; $decrypt_func = openssl_private_decrypt; @@ -211,11 +226,14 @@ function jappixmini_init(&$a) { $now = intval(time()); PConfig::set($uid, "jappixmini", "id:$dfrn_id", "$now:$trusted_address"); } catch (Exception $e) { + } // do not return an address if user deactivated plugin $activated = PConfig::get($uid, 'jappixmini', 'activate'); - if (!$activated) killme(); + if (!$activated) { + killme(); + } // return the requested Jabber address try { @@ -229,8 +247,8 @@ function jappixmini_init(&$a) { $encrypted_address_hex = bin2hex($encrypted_address); $answer = Array( - "status"=>"ok", - "encrypted_address"=>$encrypted_address_hex + "status" => "ok", + "encrypted_address" => $encrypted_address_hex ); $answer_json = json_encode($answer); @@ -241,118 +259,128 @@ function jappixmini_init(&$a) { } } -function jappixmini_settings(&$a, &$s) { - // addon settings for a user +function jappixmini_settings(App $a, &$s) +{ + // addon settings for a user + $activate = PConfig::get(local_user(), 'jappixmini', 'activate'); + $activate = intval($activate) ? ' checked="checked"' : ''; + $dontinsertchat = PConfig::get(local_user(), 'jappixmini', 'dontinsertchat'); + $insertchat = !(intval($dontinsertchat) ? ' checked="checked"' : ''); - $activate = PConfig::get(local_user(),'jappixmini','activate'); - $activate = intval($activate) ? ' checked="checked"' : ''; - $dontinsertchat = PConfig::get(local_user(),'jappixmini','dontinsertchat'); - $insertchat = !(intval($dontinsertchat) ? ' checked="checked"' : ''); + $defaultbosh = Config::get("jappixmini", "bosh_address"); - $defaultbosh = Config::get("jappixmini", "bosh_address"); + if ($defaultbosh != "") { + PConfig::set(local_user(), 'jappixmini', 'bosh', $defaultbosh); + } - if ($defaultbosh != "") - PConfig::set(local_user(),'jappixmini','bosh', $defaultbosh); + $username = PConfig::get(local_user(), 'jappixmini', 'username'); + $username = htmlentities($username); + $server = PConfig::get(local_user(), 'jappixmini', 'server'); + $server = htmlentities($server); + $bosh = PConfig::get(local_user(), 'jappixmini', 'bosh'); + $bosh = htmlentities($bosh); + $password = PConfig::get(local_user(), 'jappixmini', 'password'); + $autosubscribe = PConfig::get(local_user(), 'jappixmini', 'autosubscribe'); + $autosubscribe = intval($autosubscribe) ? ' checked="checked"' : ''; + $autoapprove = PConfig::get(local_user(), 'jappixmini', 'autoapprove'); + $autoapprove = intval($autoapprove) ? ' checked="checked"' : ''; + $encrypt = intval(PConfig::get(local_user(), 'jappixmini', 'encrypt')); + $encrypt_checked = $encrypt ? ' checked="checked"' : ''; + $encrypt_disabled = $encrypt ? '' : ' disabled="disabled"'; - $username = PConfig::get(local_user(),'jappixmini','username'); - $username = htmlentities($username); - $server = PConfig::get(local_user(),'jappixmini','server'); - $server = htmlentities($server); - $bosh = PConfig::get(local_user(),'jappixmini','bosh'); - $bosh = htmlentities($bosh); - $password = PConfig::get(local_user(),'jappixmini','password'); - $autosubscribe = PConfig::get(local_user(),'jappixmini','autosubscribe'); - $autosubscribe = intval($autosubscribe) ? ' checked="checked"' : ''; - $autoapprove = PConfig::get(local_user(),'jappixmini','autoapprove'); - $autoapprove = intval($autoapprove) ? ' checked="checked"' : ''; - $encrypt = intval(PConfig::get(local_user(),'jappixmini','encrypt')); - $encrypt_checked = $encrypt ? ' checked="checked"' : ''; - $encrypt_disabled = $encrypt ? '' : ' disabled="disabled"'; + if ($server == "") { + $server = Config::get("jappixmini", "default_server"); + } - if ($server == "") - $server = Config::get("jappixmini", "default_server"); + if (($username == "") && Config::get("jappixmini", "default_user")) { + $username = $a->user["nickname"]; + } - if (($username == "") && Config::get("jappixmini", "default_user")) - $username = $a->user["nickname"]; + $info_text = Config::get("jappixmini", "infotext"); + $info_text = htmlentities($info_text); + $info_text = str_replace("\n", "
", $info_text); - $info_text = Config::get("jappixmini", "infotext"); - $info_text = htmlentities($info_text); - $info_text = str_replace("\n", "
", $info_text); + // count contacts + $r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%'", local_user()); + if (count($r)) { + $contact_cnt = $r[0]["cnt"]; + } else { + $contact_cnt = 0; + } - // count contacts - $r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%'", local_user()); - if (count($r)) $contact_cnt = $r[0]["cnt"]; - else $contact_cnt = 0; + // count jabber addresses + $r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%' AND `v` LIKE '%%@%%'", local_user()); + if (count($r)) { + $address_cnt = $r[0]["cnt"]; + } else { + $address_cnt = 0; + } - // count jabber addresses - $r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%' AND `v` LIKE '%%@%%'", local_user()); - if (count($r)) $address_cnt = $r[0]["cnt"]; - else $address_cnt = 0; + if (!$activate) { + // load scripts if not yet activated so that password can be saved + $a->page['htmlhead'] .= '' . "\r\n"; + $a->page['htmlhead'] .= '' . "\r\n"; - if (!$activate) { - // load scripts if not yet activated so that password can be saved - $a->page['htmlhead'] .= ''."\r\n"; - $a->page['htmlhead'] .= ''."\r\n"; + $a->page['htmlhead'] .= '' . "\r\n"; + } - $a->page['htmlhead'] .= ''."\r\n"; - } + $s .= ''; + $s .= '

' . t('Jappix Mini') . '

'; + $s .= '
'; + $s .= ''; - $a->page['htmlhead'] .= ""; } -function jappixmini_settings_post(&$a,&$b) { +function jappixmini_settings_post(App $a, &$b) +{ // save addon settings for a user - - if(! local_user()) return; + if (!local_user()) { + return; + } $uid = local_user(); - if($_POST['jappixmini-submit']) { + if ($_POST['jappixmini-submit']) { $encrypt = intval($b['jappixmini-encrypt']); if ($encrypt) { // check that Jabber password was encrypted with correct Friendica password @@ -412,142 +442,152 @@ function jappixmini_settings_post(&$a,&$b) { $purge = intval($b['jappixmini-purge']); $username = trim($b['jappixmini-username']); - $old_username = PConfig::get($uid,'jappixmini','username'); - if ($username!=$old_username) $purge = 1; + $old_username = PConfig::get($uid, 'jappixmini', 'username'); + if ($username != $old_username) { + $purge = 1; + } $server = trim($b['jappixmini-server']); - $old_server = PConfig::get($uid,'jappixmini','server'); - if ($server!=$old_server) $purge = 1; + $old_server = PConfig::get($uid, 'jappixmini', 'server'); + if ($server != $old_server) { + $purge = 1; + } - PConfig::set($uid,'jappixmini','username',$username); - PConfig::set($uid,'jappixmini','server',$server); - PConfig::set($uid,'jappixmini','bosh',trim($b['jappixmini-bosh'])); - PConfig::set($uid,'jappixmini','password',trim($b['jappixmini-encrypted-password'])); - PConfig::set($uid,'jappixmini','autosubscribe',intval($b['jappixmini-autosubscribe'])); - PConfig::set($uid,'jappixmini','autoapprove',intval($b['jappixmini-autoapprove'])); - PConfig::set($uid,'jappixmini','activate',intval($b['jappixmini-activate'])); - PConfig::set($uid,'jappixmini','dontinsertchat',intval($b['jappixmini-dont-insertchat'])); - PConfig::set($uid,'jappixmini','encrypt',$encrypt); - info( 'Jappix Mini settings saved.' ); + PConfig::set($uid, 'jappixmini', 'username' , $username); + PConfig::set($uid, 'jappixmini', 'server' , $server); + PConfig::set($uid, 'jappixmini', 'bosh' , trim($b['jappixmini-bosh'])); + PConfig::set($uid, 'jappixmini', 'password' , trim($b['jappixmini-encrypted-password'])); + PConfig::set($uid, 'jappixmini', 'autosubscribe' , intval($b['jappixmini-autosubscribe'])); + PConfig::set($uid, 'jappixmini', 'autoapprove' , intval($b['jappixmini-autoapprove'])); + PConfig::set($uid, 'jappixmini', 'activate' , intval($b['jappixmini-activate'])); + PConfig::set($uid, 'jappixmini', 'dontinsertchat', intval($b['jappixmini-dont-insertchat'])); + PConfig::set($uid, 'jappixmini', 'encrypt' , $encrypt); + info('Jappix Mini settings saved.'); if ($purge) { q("DELETE FROM `pconfig` WHERE `uid`=$uid AND `cat`='jappixmini' AND `k` LIKE 'id:%%'"); - info( 'List of addresses purged.' ); + info('List of addresses purged.'); } } } -function jappixmini_script(&$a,&$s) { - // adds the script to the page header which starts Jappix Mini +function jappixmini_script(App $a) +{ + // adds the script to the page header which starts Jappix Mini + if (!local_user()) { + return; + } - if(! local_user()) return; + if ($_GET["mode"] == "minimal") { + return; + } - if ($_GET["mode"] == "minimal") - return; + $activate = PConfig::get(local_user(), 'jappixmini', 'activate'); + $dontinsertchat = PConfig::get(local_user(), 'jappixmini', 'dontinsertchat'); + if (!$activate || $dontinsertchat) { + return; + } - $activate = PConfig::get(local_user(),'jappixmini','activate'); - $dontinsertchat = PConfig::get(local_user(), 'jappixmini','dontinsertchat'); - if (!$activate || $dontinsertchat) return; + $a->page['htmlhead'] .= '' . "\r\n"; + $a->page['htmlhead'] .= '' . "\r\n"; - $a->page['htmlhead'] .= ''."\r\n"; - $a->page['htmlhead'] .= ''."\r\n"; + $a->page['htmlhead'] .= '' . "\r\n"; - $a->page['htmlhead'] .= ''."\r\n"; + $username = PConfig::get(local_user(), 'jappixmini', 'username'); + $username = str_replace("'", "\\'", $username); + $server = PConfig::get(local_user(), 'jappixmini', 'server'); + $server = str_replace("'", "\\'", $server); + $bosh = PConfig::get(local_user(), 'jappixmini', 'bosh'); + $bosh = str_replace("'", "\\'", $bosh); + $encrypt = PConfig::get(local_user(), 'jappixmini', 'encrypt'); + $encrypt = intval($encrypt); + $password = PConfig::get(local_user(), 'jappixmini', 'password'); + $password = str_replace("'", "\\'", $password); - $username = PConfig::get(local_user(),'jappixmini','username'); - $username = str_replace("'", "\\'", $username); - $server = PConfig::get(local_user(),'jappixmini','server'); - $server = str_replace("'", "\\'", $server); - $bosh = PConfig::get(local_user(),'jappixmini','bosh'); - $bosh = str_replace("'", "\\'", $bosh); - $encrypt = PConfig::get(local_user(),'jappixmini','encrypt'); - $encrypt = intval($encrypt); - $password = PConfig::get(local_user(),'jappixmini','password'); - $password = str_replace("'", "\\'", $password); + $autoapprove = PConfig::get(local_user(), 'jappixmini', 'autoapprove'); + $autoapprove = intval($autoapprove); + $autosubscribe = PConfig::get(local_user(), 'jappixmini', 'autosubscribe'); + $autosubscribe = intval($autosubscribe); - $autoapprove = PConfig::get(local_user(),'jappixmini','autoapprove'); - $autoapprove = intval($autoapprove); - $autosubscribe = PConfig::get(local_user(),'jappixmini','autosubscribe'); - $autosubscribe = intval($autosubscribe); + // set proxy if necessary + $use_proxy = Config::get('jappixmini', 'bosh_proxy'); + if ($use_proxy) { + $proxy = $a->get_baseurl() . '/addon/jappixmini/proxy.php'; + } else { + $proxy = ""; + } - // set proxy if necessary - $use_proxy = Config::get('jappixmini','bosh_proxy'); - if ($use_proxy) { - $proxy = $a->get_baseurl().'/addon/jappixmini/proxy.php'; - } - else { - $proxy = ""; - } + // get a list of jabber accounts of the contacts + $contacts = Array(); + $uid = local_user(); + $rows = q("SELECT * FROM `pconfig` WHERE `uid`=$uid AND `cat`='jappixmini' AND `k` LIKE 'id:%%'"); + foreach ($rows as $row) { + $key = $row['k']; + $pos = strpos($key, ":"); + $dfrn_id = substr($key, $pos + 1); + $r = q("SELECT `name` FROM `contact` WHERE `uid`=$uid AND (`dfrn-id`='%s' OR `issued-id`='%s')", dbesc($dfrn_id), dbesc($dfrn_id)); + if (count($r)) + $name = $r[0]["name"]; - // get a list of jabber accounts of the contacts - $contacts = Array(); - $uid = local_user(); - $rows = q("SELECT * FROM `pconfig` WHERE `uid`=$uid AND `cat`='jappixmini' AND `k` LIKE 'id:%%'"); - foreach ($rows as $row) { - $key = $row['k']; - $pos = strpos($key, ":"); - $dfrn_id = substr($key, $pos+1); - $r = q("SELECT `name` FROM `contact` WHERE `uid`=$uid AND (`dfrn-id`='%s' OR `issued-id`='%s')", - dbesc($dfrn_id), - dbesc($dfrn_id) - ); - if (count($r)) - $name = $r[0]["name"]; + $value = $row['v']; + $pos = strpos($value, ":"); + $address = substr($value, $pos + 1); + if (!$address) { + continue; + } + if (!$name) { + $name = $address; + } - $value = $row['v']; - $pos = strpos($value, ":"); - $address = substr($value, $pos+1); - if (!$address) continue; - if (!$name) $name = $address; + $contacts[$address] = $name; + } + $contacts_json = json_encode($contacts); + $contacts_hash = sha1($contacts_json); - $contacts[$address] = $name; - } - $contacts_json = json_encode($contacts); - $contacts_hash = sha1($contacts_json); + // get nickname + $r = q("SELECT `username` FROM `user` WHERE `uid`=$uid"); + $nickname = json_encode($r[0]["username"]); + $groupchats = Config::get('jappixmini', 'groupchats'); + //if $groupchats has no value jappix_addon_start will produce a syntax error + if (empty($groupchats)) { + $groupchats = "{}"; + } - // get nickname - $r = q("SELECT `username` FROM `user` WHERE `uid`=$uid"); - $nickname = json_encode($r[0]["username"]); - $groupchats = Config::get('jappixmini','groupchats'); - //if $groupchats has no value jappix_addon_start will produce a syntax error - if(empty($groupchats)){ - $groupchats = "{}"; - } - - // add javascript to start Jappix Mini - $a->page['htmlhead'] .= ""; - return; + return; } -function jappixmini_login(&$a, &$o) { - // create client secret on login to be able to encrypt jabber passwords +function jappixmini_login(App $a, &$o) +{ + // create client secret on login to be able to encrypt jabber passwords + // for setDB and str_sha1, needed by jappixmini_addon_set_client_secret + $a->page['htmlhead'] .= '' . "\r\n"; - // for setDB and str_sha1, needed by jappixmini_addon_set_client_secret - $a->page['htmlhead'] .= ''."\r\n"; + // for jappixmini_addon_set_client_secret + $a->page['htmlhead'] .= '' . "\r\n"; - // for jappixmini_addon_set_client_secret - $a->page['htmlhead'] .= ''."\r\n"; - - // save hash of password - $o = str_replace("
status != "ok") throw new Exception(); + if ($answer->status != "ok") { + throw new Exception(); + } $encrypted_address_hex = $answer->encrypted_address; - if (!$encrypted_address_hex) throw new Exception(); + if (!$encrypted_address_hex) { + throw new Exception(); + } $encrypted_address = hex2bin($encrypted_address_hex); - if (!$encrypted_address) throw new Exception(); + if (!$encrypted_address) { + throw new Exception(); + } // decrypt address $decrypted_address = ""; $decrypt_func($encrypted_address, $decrypted_address, $key); - if (!$decrypted_address) throw new Exception(); + if (!$decrypted_address) { + throw new Exception(); + } } catch (Exception $e) { $decrypted_address = ""; } @@ -636,10 +694,10 @@ function jappixmini_cron(&$a, $d) { } } -function jappixmini_download_source(&$a,&$b) { +function jappixmini_download_source(App $a, &$b) +{ // Jappix Mini source download link on About page - $b .= '

Jappix Mini

'; - $b .= '

This site uses the jappixmini addon, which includes Jappix Mini by the Jappix authors and is distributed under the terms of the GNU Affero General Public License.

'; - $b .= '

You can download the source code of the addon. The rest of Friendica is distributed under compatible licenses and can be retrieved from https://github.com/friendica/friendica and https://github.com/friendica/friendica-addons

'; + $b .= '

This site uses the jappixmini addon, which includes Jappix Mini by the Jappix authors and is distributed under the terms of the GNU Affero General Public License.

'; + $b .= '

You can download the source code of the addon. The rest of Friendica is distributed under compatible licenses and can be retrieved from https://github.com/friendica/friendica and https://github.com/friendica/friendica-addons

'; } diff --git a/windowsphonepush/windowsphonepush.php b/windowsphonepush/windowsphonepush.php index 53bf83b87..ffebd410c 100644 --- a/windowsphonepush/windowsphonepush.php +++ b/windowsphonepush/windowsphonepush.php @@ -1,69 +1,58 @@ - * - * + * + * * Pre-requisite: Windows Phone mobile device (at least WP 7.0) * Friendica mobile app on Windows Phone * * When plugin is installed, the system calls the plugin * name_install() function, located in 'addon/name/name.php', * where 'name' is the name of the addon. - * If the addon is removed from the configuration list, the + * If the addon is removed from the configuration list, the * system will call the name_uninstall() function. * * Version history: - * 1.1 : addon crashed on php versions >= 5.4 as of removed deprecated call-time + * 1.1 : addon crashed on php versions >= 5.4 as of removed deprecated call-time * pass-by-reference used in function calls within function windowsphonepush_content * 2.0 : adaption for supporting emphasizing new entries in app (count on tile cannot be read out, - * so we need to retrieve counter through show_settings secondly). Provide new function for + * so we need to retrieve counter through show_settings secondly). Provide new function for * calling from app to set the counter back after start (if user starts again before cronjob * sets the counter back * count only unseen elements which are not type=activity (likes and dislikes not seen as new elements) */ - +use Friendica\App; use Friendica\Core\PConfig; +use Friendica\Model\User; -function windowsphonepush_install() { - - /** - * - * Our plugin will attach in three places. - * The first is within cron - so the push notifications will be +function windowsphonepush_install() +{ + /* Our plugin will attach in three places. + * The first is within cron - so the push notifications will be * sent every 10 minutes (or whatever is set in crontab). - * */ - register_hook('cron', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_cron'); - /** - * - * Then we'll attach into the plugin settings page, and also the + /* Then we'll attach into the plugin settings page, and also the * settings post hook so that we can create and update - * user preferences. User shall be able to activate the plugin and + * user preferences. User shall be able to activate the plugin and * define whether he allows pushing first characters of item text - * */ - register_hook('plugin_settings', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings'); register_hook('plugin_settings_post', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings_post'); logger("installed windowsphonepush"); } - -function windowsphonepush_uninstall() { - - /** - * - * uninstall unregisters any hooks created with register_hook +function windowsphonepush_uninstall() +{ + /* uninstall unregisters any hooks created with register_hook * during install. Don't delete data in table `pconfig`. - * */ - unregister_hook('cron', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_cron'); unregister_hook('plugin_settings', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings'); unregister_hook('plugin_settings_post', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings_post'); @@ -71,51 +60,48 @@ function windowsphonepush_uninstall() { logger("removed windowsphonepush"); } - /* declare the windowsphonepush function so that /windowsphonepush url requests will land here */ -function windowsphonepush_module() {} +function windowsphonepush_module() +{ +} -/** - * - * Callback from the settings post function. +/* Callback from the settings post function. * $post contains the $_POST array. * We will make sure we've got a valid user account * and if so set our configuration setting for this person. - * */ -function windowsphonepush_settings_post($a,$post) { - if(! local_user() || (! x($_POST,'windowsphonepush-submit'))) +function windowsphonepush_settings_post($a, $post) +{ + if (!local_user() || (!x($_POST, 'windowsphonepush-submit'))) { return; + } $enable = intval($_POST['windowsphonepush']); - PConfig::set(local_user(),'windowsphonepush','enable',$enable); + PConfig::set(local_user(), 'windowsphonepush', 'enable', $enable); - if($enable) { - PConfig::set(local_user(),'windowsphonepush','counterunseen', 0); + if ($enable) { + PConfig::set(local_user(), 'windowsphonepush', 'counterunseen', 0); } - PConfig::set(local_user(),'windowsphonepush','senditemtext',intval($_POST['windowsphonepush-senditemtext'])); + PConfig::set(local_user(), 'windowsphonepush', 'senditemtext', intval($_POST['windowsphonepush-senditemtext'])); - info( t('WindowsPhonePush settings updated.') . EOL); + info(t('WindowsPhonePush settings updated.') . EOL); } - -/** - * - * Called from the Plugin Setting form. +/* Called from the Plugin Setting form. * Add our own settings info to the page. - * */ -function windowsphonepush_settings(&$a,&$s) { - - if(! local_user()) +function windowsphonepush_settings(&$a, &$s) +{ + if (!local_user()) { return; + } /* Add our stylesheet to the page so we can make our settings look nice */ $a->page['htmlhead'] .= '' . "\r\n"; /* Get the current state of our config variables */ - $enabled = PConfig::get(local_user(),'windowsphonepush','enable'); + $enabled = PConfig::get(local_user(), 'windowsphonepush', 'enable'); $checked_enabled = (($enabled) ? ' checked="checked" ' : ''); $senditemtext = PConfig::get(local_user(), 'windowsphonepush', 'senditemtext'); @@ -137,7 +123,7 @@ function windowsphonepush_settings(&$a,&$s) { $s .= ''; $s .= '
'; - /* provide a submit button - enable und senditemtext can be changed by the user*/ + /* provide a submit button - enable und senditemtext can be changed by the user */ $s .= '
'; /* provide further read-only information concerning the addon (useful for */ @@ -145,47 +131,40 @@ function windowsphonepush_settings(&$a,&$s) { $s .= ''; $s .= ''; $s .= '
'; - - return; + return; } - -/** - * - * Cron function used to regularly check all users on the server with active windowsphonepushplugin and send +/* Cron function used to regularly check all users on the server with active windowsphonepushplugin and send * notifications to the Microsoft servers and consequently to the Windows Phone device - * */ - -function windowsphonepush_cron() { +function windowsphonepush_cron() +{ // retrieve all UID's for which the plugin windowsphonepush is enabled and loop through every user $r = q("SELECT * FROM `pconfig` WHERE `cat` = 'windowsphonepush' AND `k` = 'enable' AND `v` = 1"); - if(count($r)) { - foreach($r as $rr) { + if (count($r)) { + foreach ($r as $rr) { // load stored information for the user-id of the current loop $device_url = PConfig::get($rr['uid'], 'windowsphonepush', 'device_url'); $lastpushid = PConfig::get($rr['uid'], 'windowsphonepush', 'lastpushid'); - // pushing only possible if device_url (the URI on Microsoft server) is available or not "NA" (which will be sent + // pushing only possible if device_url (the URI on Microsoft server) is available or not "NA" (which will be sent // by app if user has switched the server setting in app - sending blank not possible as this would return an update error) - if ( ( $device_url == "" ) || ( $device_url == "NA" ) ) { + if (( $device_url == "" ) || ( $device_url == "NA" )) { // no Device-URL for the user availabe, but plugin is enabled --> write info to Logger logger("WARN: windowsphonepush is enable for user " . $rr['uid'] . ", but no Device-URL is specified for the user."); } else { - // retrieve the number of unseen items and the id of the latest one (if there are more than + // retrieve the number of unseen items and the id of the latest one (if there are more than // one new entries since last poller run, only the latest one will be pushed) - $count = q("SELECT count(`id`) as count, max(`id`) as max FROM `item` WHERE `unseen` = 1 AND `type` <> 'activity' AND `uid` = %d", - intval($rr['uid']) - ); + $count = q("SELECT count(`id`) as count, max(`id`) as max FROM `item` WHERE `unseen` = 1 AND `type` <> 'activity' AND `uid` = %d", intval($rr['uid'])); - // send number of unseen items to the device (the number will be displayed on Start screen until - // App will be started by user) - this update will be sent every 10 minutes to update the number to 0 if + // send number of unseen items to the device (the number will be displayed on Start screen until + // App will be started by user) - this update will be sent every 10 minutes to update the number to 0 if // user has loaded the timeline through app or website $res_tile = send_tile_update($device_url, "", $count[0]['count'], ""); switch (trim($res_tile)) { case "Received": - // ok, count has been pushed, let's save it in personal settings + // ok, count has been pushed, let's save it in personal settings PConfig::set($rr['uid'], 'windowsphonepush', 'counterunseen', $count[0]['count']); break; case "QueueFull": @@ -212,24 +191,22 @@ function windowsphonepush_cron() { $senditemtext = PConfig::get($rr['uid'], 'windowsphonepush', 'senditemtext'); if ($senditemtext == 1) { // load item with the max id - $item = q("SELECT `author-name` as author, `body` as body FROM `item` where `id` = %d", - intval($count[0]['max']) - ); + $item = q("SELECT `author-name` as author, `body` as body FROM `item` where `id` = %d", intval($count[0]['max'])); // as user allows to send the item, we want to show the sender of the item in the toast - // toasts are limited to one line, therefore place is limited - author shall be in + // toasts are limited to one line, therefore place is limited - author shall be in // max. 15 chars (incl. dots); author is displayed in bold font $author = $item[0]['author']; $author = ((strlen($author) > 12) ? substr($author, 0, 12) . "..." : $author); // normally we show the body of the item, however if it is an url or an image we cannot - // show this in the toast (only test), therefore changing to an alternate text + // show this in the toast (only test), therefore changing to an alternate text // Otherwise BBcode-Tags will be eliminated and plain text cutted to 140 chars (incl. dots) // BTW: information only possible in English $body = $item[0]['body']; - if (substr($body, 0, 4) == "[url") + if (substr($body, 0, 4) == "[url") { $body = "URL/Image ..."; - else { + } else { require_once('include/bbcode.php'); require_once("include/html2plain.php"); $body = bbcode($body, false, false, 2, true); @@ -237,40 +214,37 @@ function windowsphonepush_cron() { $body = ((strlen($body) > 137) ? substr($body, 0, 137) . "..." : $body); } } else { - // if user wishes higher privacy, we only display "Friendica - New timeline entry arrived" + // if user wishes higher privacy, we only display "Friendica - New timeline entry arrived" $author = "Friendica"; $body = "New timeline entry arrived ..."; } - // only if toast push notification returns the Notification status "Received" we will update th settings with the + // only if toast push notification returns the Notification status "Received" we will update th settings with the // new indicator max-id is checked against (QueueFull, Suppressed, N/A, Dropped shall qualify to resend - // the push notification some minutes later (BTW: if resulting in Expired for subscription status the + // the push notification some minutes later (BTW: if resulting in Expired for subscription status the // device_url will be deleted (no further try on this url, see send_push) // further log information done on count pushing with send_tile (see above) $res_toast = send_toast($device_url, $author, $body); if (trim($res_toast) === 'Received') { PConfig::set($rr['uid'], 'windowsphonepush', 'lastpushid', $count[0]['max']); - } + } } } } } } - -/* - * - * Tile push notification change the number in the icon of the App in Start Screen of +/* Tile push notification change the number in the icon of the App in Start Screen of * a Windows Phone Device, Image could be changed, not used for App "Friendica Mobile" - * */ -function send_tile_update($device_url, $image_url, $count, $title, $priority = 1) { +function send_tile_update($device_url, $image_url, $count, $title, $priority = 1) +{ $msg = "" . "" . - "". - "" . $image_url . "" . - "" . $count . "" . - "" . $title . "" . - " " . + "" . + "" . $image_url . "" . + "" . $count . "" . + "" . $title . "" . + " " . ""; $result = send_push($device_url, array( @@ -280,48 +254,42 @@ function send_tile_update($device_url, $image_url, $count, $title, $priority = 1 return $result; } -/* - * - * Toast push notification send information to the top of the display +/* Toast push notification send information to the top of the display * if the user is not currently using the Friendica Mobile App, however * there is only one line for displaying the information - * */ -function send_toast($device_url, $title, $message, $priority = 2) { - $msg = "" . +function send_toast($device_url, $title, $message, $priority = 2) +{ + $msg = "" . "" . - "" . - "" . $title . "" . - "" . $message . "" . - "" . - "" . + "" . + "" . $title . "" . + "" . $message . "" . + "" . + "" . ""; $result = send_push($device_url, array( 'X-WindowsPhone-Target: toast', - 'X-NotificationClass: ' . $priority, + 'X-NotificationClass: ' . $priority, ), $msg); return $result; } -/* - * - * General function to send the push notification via cURL - * - */ -function send_push($device_url, $headers, $msg) { +// General function to send the push notification via cURL +function send_push($device_url, $headers, $msg) +{ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $device_url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, true); - curl_setopt($ch, CURLOPT_HEADER, true); - curl_setopt($ch, CURLOPT_HTTPHEADER, - $headers + array( - 'Content-Type: text/xml', - 'charset=utf-8', - 'Accept: application/*', - ) - ); + curl_setopt($ch, CURLOPT_HEADER, true); + curl_setopt($ch, CURLOPT_HTTPHEADER, $headers + array( + 'Content-Type: text/xml', + 'charset=utf-8', + 'Accept: application/*', + ) + ); curl_setopt($ch, CURLOPT_POSTFIELDS, $msg); $output = curl_exec($ch); @@ -331,35 +299,31 @@ function send_push($device_url, $headers, $msg) { // and log this fact $subscriptionStatus = get_header_value($output, 'X-SubscriptionStatus'); if ($subscriptionStatus == "Expired") { - PConfig::set(local_user(),'windowsphonepush','device_url', ""); + PConfig::set(local_user(), 'windowsphonepush', 'device_url', ""); logger("ERROR: the stored Device-URL " . $device_url . "returned an 'Expired' error, it has been deleted now."); } - // the notification status shall be returned to windowsphonepush_cron (will + // the notification status shall be returned to windowsphonepush_cron (will // update settings if 'Received' otherwise keep old value in settings (on QueuedFull. Suppressed, N/A, Dropped) $notificationStatus = get_header_value($output, 'X-NotificationStatus'); return $notificationStatus; - } +} -/* - * helper function to receive statuses from webresponse of Microsoft server - */ -function get_header_value($content, $header) { +// helper function to receive statuses from webresponse of Microsoft server +function get_header_value($content, $header) +{ return preg_match_all("/$header: (.*)/i", $content, $match) ? $match[1][0] : ""; } - -/* - * - * reading information from url and deciding which function to start +/* reading information from url and deciding which function to start * show_settings = delivering settings to check * update_settings = set the device_url * update_counterunseen = set counter for unseen elements to zero - * */ -function windowsphonepush_content(&$a) { +function windowsphonepush_content(App $a) +{ // Login with the specified Network credentials (like in api.php) - windowsphonepush_login(); + windowsphonepush_login($a); $path = $a->argv[0]; $path2 = $a->argv[1]; @@ -371,9 +335,9 @@ function windowsphonepush_content(&$a) { break; case "update_settings": $ret = windowsphonepush_updatesettings($a); - header("Content-Type: application/json; charset=utf-8"); + header("Content-Type: application/json; charset=utf-8"); echo json_encode(array('status' => $ret)); - killme(); + killme(); break; case "update_counterunseen": $ret = windowsphonepush_updatecounterunseen(); @@ -387,12 +351,12 @@ function windowsphonepush_content(&$a) { } } -/* - * return settings for windowsphonepush addon to be able to check them in WP app - */ -function windowsphonepush_showsettings(&$a) { - if(! local_user()) +// return settings for windowsphonepush addon to be able to check them in WP app +function windowsphonepush_showsettings() +{ + if (!local_user()) { return; + } $enable = PConfig::get(local_user(), 'windowsphonepush', 'enable'); $device_url = PConfig::get(local_user(), 'windowsphonepush', 'device_url'); @@ -401,34 +365,36 @@ function windowsphonepush_showsettings(&$a) { $counterunseen = PConfig::get(local_user(), 'windowsphonepush', 'counterunseen'); $addonversion = "2.0"; - if (!$device_url) + if (!$device_url) { $device_url = ""; + } - if (!$lastpushid) + if (!$lastpushid) { $lastpushid = 0; + } - header ("Content-Type: application/json"); - echo json_encode(array('uid' => local_user(), - 'enable' => $enable, - 'device_url' => $device_url, - 'senditemtext' => $senditemtext, - 'lastpushid' => $lastpushid, - 'counterunseen' => $counterunseen, - 'addonversion' => $addonversion)); + header("Content-Type: application/json"); + echo json_encode(array('uid' => local_user(), + 'enable' => $enable, + 'device_url' => $device_url, + 'senditemtext' => $senditemtext, + 'lastpushid' => $lastpushid, + 'counterunseen' => $counterunseen, + 'addonversion' => $addonversion)); } -/* - * update_settings is used to transfer the device_url from WP device to the Friendica server +/* update_settings is used to transfer the device_url from WP device to the Friendica server * return the status of the operation to the server */ -function windowsphonepush_updatesettings(&$a) { - if(! local_user()) { +function windowsphonepush_updatesettings() +{ + if (!local_user()) { return "Not Authenticated"; } // no updating if user hasn't enabled the plugin $enable = PConfig::get(local_user(), 'windowsphonepush', 'enable'); - if(! $enable) { + if (!$enable) { return "Plug-in not enabled"; } @@ -439,55 +405,54 @@ function windowsphonepush_updatesettings(&$a) { return "No valid Device-URL specified"; } - // check if sent url is already stored in database for another user, we assume that there was a change of + // check if sent url is already stored in database for another user, we assume that there was a change of // the user on the Windows Phone device and that device url is no longer true for the other user, so we - // et the device_url for the OTHER user blank (should normally not occur as App should include User/server + // et the device_url for the OTHER user blank (should normally not occur as App should include User/server // in url request to Microsoft Push Notification server) - $r = q("SELECT * FROM `pconfig` WHERE `uid` <> " . local_user() . " AND - `cat` = 'windowsphonepush' AND - `k` = 'device_url' AND + $r = q("SELECT * FROM `pconfig` WHERE `uid` <> " . local_user() . " AND + `cat` = 'windowsphonepush' AND + `k` = 'device_url' AND `v` = '" . $device_url . "'"); - if(count($r)) { - foreach($r as $rr) { - PConfig::set($rr['uid'], 'windowsphonepush', 'device_url', ''); - logger("WARN: the sent URL was already registered with user '" . $rr['uid'] . "'. Deleted for this user as we expect to be correct now for user '" . local_user() . "'."); + if (count($r)) { + foreach ($r as $rr) { + PConfig::set($rr['uid'], 'windowsphonepush', 'device_url', ''); + logger("WARN: the sent URL was already registered with user '" . $rr['uid'] . "'. Deleted for this user as we expect to be correct now for user '" . local_user() . "'."); } } - PConfig::set(local_user(),'windowsphonepush','device_url', $device_url); + PConfig::set(local_user(), 'windowsphonepush', 'device_url', $device_url); // output the successfull update of the device URL to the logger for error analysis if necessary logger("INFO: Device-URL for user '" . local_user() . "' has been updated with '" . $device_url . "'"); return "Device-URL updated successfully!"; } -/* - * update_counterunseen is used to reset the counter to zero from Windows Phone app - */ -function windowsphonepush_updatecounterunseen() { - if(! local_user()) { +// update_counterunseen is used to reset the counter to zero from Windows Phone app +function windowsphonepush_updatecounterunseen() +{ + if (!local_user()) { return "Not Authenticated"; } // no updating if user hasn't enabled the plugin $enable = PConfig::get(local_user(), 'windowsphonepush', 'enable'); - if(! $enable) { + if (!$enable) { return "Plug-in not enabled"; } - PConfig::set(local_user(),'windowsphonepush','counterunseen', 0); + PConfig::set(local_user(), 'windowsphonepush', 'counterunseen', 0); return "Counter set to zero"; } -/* - * helper function to login to the server with the specified Network credentials +/* helper function to login to the server with the specified Network credentials * (mainly copied from api.php) */ -function windowsphonepush_login() { +function windowsphonepush_login(App $a) +{ if (!isset($_SERVER['PHP_AUTH_USER'])) { - logger('API_login: ' . print_r($_SERVER, true), LOGGER_DEBUG); - header('WWW-Authenticate: Basic realm="Friendica"'); - header('HTTP/1.0 401 Unauthorized'); - die('This api requires login'); + logger('API_login: ' . print_r($_SERVER, true), LOGGER_DEBUG); + header('WWW-Authenticate: Basic realm="Friendica"'); + header('HTTP/1.0 401 Unauthorized'); + die('This api requires login'); } $user = $_SERVER['PHP_AUTH_USER']; @@ -504,14 +469,14 @@ function windowsphonepush_login() { if(count($r)){ $record = $r[0]; } else { - logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG); - header('WWW-Authenticate: Basic realm="Friendica"'); - header('HTTP/1.0 401 Unauthorized'); - die('This api requires login'); + logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG); + header('WWW-Authenticate: Basic realm="Friendica"'); + header('HTTP/1.0 401 Unauthorized'); + die('This api requires login'); } - require_once('include/security.php'); - authenticate_success($record); $_SESSION["allow_api"] = true; + require_once 'include/security.php'; + authenticate_success($record); + $_SESSION["allow_api"] = true; call_hooks('logged_in', $a->user); } - From eadf7066e0e9ed55fac7f54b06780ec5389c9bf1 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Fri, 1 Dec 2017 23:03:49 -0500 Subject: [PATCH 2/2] Use User::authenticate in addons - dav - jappixmini - windowsphonepush --- dav/friendica/dav_friendica_auth.inc.php | 15 +++++---------- jappixmini/jappixmini.php | 6 +----- windowsphonepush/windowsphonepush.php | 15 +++------------ 3 files changed, 9 insertions(+), 27 deletions(-) diff --git a/dav/friendica/dav_friendica_auth.inc.php b/dav/friendica/dav_friendica_auth.inc.php index 31a88b688..9b42ab8a8 100644 --- a/dav/friendica/dav_friendica_auth.inc.php +++ b/dav/friendica/dav_friendica_auth.inc.php @@ -67,7 +67,7 @@ class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic } // Authenticates the user - if (!$this->validateUserPass($userpass[0],$userpass[1])) { + if (!$this->validateUserPass($userpass[0], $userpass[1])) { $auth->requireLogin(); throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match'); } @@ -80,13 +80,8 @@ class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic * @param string $password * @return bool */ - protected function validateUserPass($username, $password) { - $encrypted = hash('whirlpool',trim($password)); - $r = q("SELECT COUNT(*) anz FROM `user` WHERE `nickname` = '%s' AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", - dbesc(trim($username)), - dbesc($encrypted) - ); - return ($r[0]["anz"] == 1); - } - + protected function validateUserPass($username, $password) + { + return User::authenticate($username, $password); + } } diff --git a/jappixmini/jappixmini.php b/jappixmini/jappixmini.php index ba82a0762..faac6a815 100644 --- a/jappixmini/jappixmini.php +++ b/jappixmini/jappixmini.php @@ -429,11 +429,7 @@ function jappixmini_settings_post(App $a, &$b) if ($encrypt) { // check that Jabber password was encrypted with correct Friendica password $friendica_password = trim($b['jappixmini-friendica-password']); - $encrypted = hash('whirlpool',$friendica_password); - $r = q("SELECT * FROM `user` WHERE `uid`=$uid AND `password`='%s'", - dbesc($encrypted) - ); - if (!count($r)) { + if (!User::authenticate((int) $uid, $friendica_password)) { info("Wrong friendica password!"); return; } diff --git a/windowsphonepush/windowsphonepush.php b/windowsphonepush/windowsphonepush.php index ffebd410c..baa4c656e 100644 --- a/windowsphonepush/windowsphonepush.php +++ b/windowsphonepush/windowsphonepush.php @@ -455,19 +455,10 @@ function windowsphonepush_login(App $a) die('This api requires login'); } - $user = $_SERVER['PHP_AUTH_USER']; - $encrypted = hash('whirlpool',trim($_SERVER['PHP_AUTH_PW'])); + $user_id = User::authenticate($_SERVER['PHP_AUTH_USER'], trim($_SERVER['PHP_AUTH_PW'])); - // check if user specified by app is available in the user table - $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) - AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1", - dbesc(trim($user)), - dbesc(trim($user)), - dbesc($encrypted) - ); - - if(count($r)){ - $record = $r[0]; + if ($user_id) { + $record = dba::select('user', [], ['uid' => $user_id], ['limit' => 1]); } else { logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG); header('WWW-Authenticate: Basic realm="Friendica"');