diff --git a/boot.php b/boot.php
index 754be4812..02c37a93f 100644
--- a/boot.php
+++ b/boot.php
@@ -370,6 +370,11 @@ function xmlify($str) {
return($buffer);
}}
+function unxmlify($s) {
+ $ret = str_replace('&','&', $s);
+ $ret = str_replace(array('<','>','"','''),array('<','>','"',"'"),$ret);
+ return $ret;
+}
function hex2bin($s) {
return(pack("H*",$s));
diff --git a/include/notifier.php b/include/notifier.php
index 37a1e0d30..6d6146a2a 100644
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -1,5 +1,6 @@
xmlify($contact['name']),
- '$profile_page' => xmlify($contact['url']),
- '$thumb' => xmlify($contact['thumb']),
- '$item_id' => xmlify("urn:X-dfrn:$baseurl:{$owner['uid']}:{$item['hash']}"),
- '$title' => xmlify($item['title']),
- '$published' => xmlify(datetime_convert('UTC', 'UTC', $item['created'] . '+00:00' , 'Y-m-d\TH:i:s\Z')),
- '$updated' => xmlify(datetime_convert('UTC', 'UTC', $item['edited'] . '+00:00' , 'Y-m-d\TH:i:s\Z')),
- '$content' =>xmlify($item['body']),
- '$parent_id' => xmlify("{$items[0]['remote-id']}"),
- '$comment_allow' => 0
- ));
+ foreach($items as $item) {
+ if($item['id'] == $item_id) {
+ $atom .= replace_macros($cmnt_template, array(
+ '$name' => xmlify($owner['name']),
+ '$profile_page' => xmlify($owner['url']),
+ '$thumb' => xmlify($owner['thumb']),
+ '$item_id' => xmlify("urn:X-dfrn:$baseurl:{$owner['uid']}:{$item['hash']}"),
+ '$title' => xmlify($item['title']),
+ '$published' => xmlify(datetime_convert('UTC', 'UTC', $item['created'] . '+00:00' , 'Y-m-d\TH:i:s\Z')),
+ '$updated' => xmlify(datetime_convert('UTC', 'UTC', $item['edited'] . '+00:00' , 'Y-m-d\TH:i:s\Z')),
+ '$content' =>xmlify($item['body']),
+ '$parent_id' => xmlify("{$items[0]['remote-id']}"),
+ '$comment_allow' => 0
+ ));
+ }
+ }
}
else {
foreach($items as $item) {
@@ -154,7 +156,7 @@ if($argc < 3)
'$owner_name' => xmlify($item['owner-name']),
'$owner_profile_page' => xmlify($item['owner-link']),
'$owner_thumb' => xmlify($item['owner-avatar']),
- '$item_id' => xmlify("urn:X-dfrn:$baseurl:{$owner['uid']}:{$item['hash']}"),
+ '$item_id' => xmlify(((strlen($item['remote-id'])) ? $item['remote-id'] : "urn:X-dfrn:$baseurl:{$owner['uid']}:{$item['hash']}")),
'$title' => xmlify($contact['name']),
'$published' => xmlify(datetime_convert('UTC', 'UTC', $item['created'] . '+00:00' , 'Y-m-d\TH:i:s\Z')),
'$updated' => xmlify(datetime_convert('UTC', 'UTC', $item['edited'] . '+00:00' , 'Y-m-d\TH:i:s\Z')),
@@ -167,7 +169,7 @@ if($argc < 3)
'$name' => xmlify($contact['name']),
'$profile_page' => xmlify($contact['url']),
'$thumb' => xmlify($contact['thumb']),
- '$item_id' => xmlify("urn:X-dfrn:$baseurl:{$owner['uid']}:{$item['hash']}"),
+ '$item_id' => xmlify(((strlen($item['remote-id'])) ? $item['remote-id'] : "urn:X-dfrn:$baseurl:{$owner['uid']}:{$item['hash']}")),
'$title' => xmlify($item['title']),
'$published' => xmlify(datetime_convert('UTC', 'UTC', $item['created'] . '+00:00' , 'Y-m-d\TH:i:s\Z')),
'$updated' => xmlify(datetime_convert('UTC', 'UTC', $item['edited'] . '+00:00' , 'Y-m-d\TH:i:s\Z')),
@@ -193,6 +195,7 @@ if($argc < 3)
else
$recip_str = implode(', ', $recipients);
+
$r = q("SELECT * FROM `contact` WHERE `id` IN ( %s ) ",
dbesc($recip_str)
);
@@ -202,6 +205,8 @@ if($argc < 3)
// delivery loop
foreach($r as $rr) {
+
+echo "In delivery loop:";
if($rr['self'])
continue;
@@ -230,9 +235,11 @@ if($argc < 3)
$postvars['data'] = $atom;
else
$postvars['data'] = $atom_nowrite;
-
+echo "URL:" . $url;
+echo "POSTVARS:" . print_r($postvars);
$xml = post_url($url,$postvars);
+echo "XML response:" . $xml;
}
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 0f5f5eb6c..f81eb9cfb 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -8,12 +8,12 @@ function get_atom_elements($item) {
$res = array();
$author = $item->get_author();
- $res['remote-name'] = $author->get_name();
- $res['remote-link'] = $author->get_link();
- $res['remote-avatar'] = $author->get_avatar();
- $res['remote-id'] = $item->get_id();
- $res['title'] = $item->get_title();
- $res['body'] = $item->get_content();
+ $res['remote-name'] = unxmlify($author->get_name());
+ $res['remote-link'] = unxmlify($author->get_link());
+ $res['remote-avatar'] = unxmlify($author->get_avatar());
+ $res['remote-id'] = unxmlify($item->get_id());
+ $res['title'] = unxmlify($item->get_title());
+ $res['body'] = unxmlify($item->get_content());
if(strlen($res['body']) > 100000)
$res['body'] = substr($res['body'],0,10000) . "\r\n[Extremely large post truncated.]\r\n" ;
@@ -26,19 +26,19 @@ function get_atom_elements($item) {
$rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'published');
if($rawcreated)
- $res['created'] = $rawcreated[0]['data'];
+ $res['created'] = unxmlify($rawcreated[0]['data']);
$rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'updated');
if($rawedited)
- $res['edited'] = $rawcreated[0]['data'];
+ $res['edited'] = unxmlify($rawcreated[0]['data']);
$rawowner = $item->get_item_tags('http://purl.org/macgirvin/dfrn/1.0', 'owner');
if($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['name'][0]['data'])
- $res['owner-name'] = $rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['name'][0]['data'];
+ $res['owner-name'] = unxmlify($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['name'][0]['data']);
if($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['uri'][0]['data'])
- $res['owner-link'] = $rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['uri'][0]['data'];
+ $res['owner-link'] = unxmlify($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['uri'][0]['data']);
if($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['avatar'][0]['data'])
- $res['owner-avatar'] = $rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['avatar'][0]['data'];
+ $res['owner-avatar'] = unxmlify($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['avatar'][0]['data']);
return $res;
@@ -48,7 +48,8 @@ function get_atom_elements($item) {
function post_remote($a,$arr) {
$arr['hash'] = random_string();
- $arr['type'] = 'remote';
+ if(! x($arr,'type'))
+ $arr['type'] = 'remote';
$arr['remote-name'] = notags(trim($arr['remote-name']));
$arr['remote-link'] = notags(trim($arr['remote-link']));
$arr['remote-avatar'] = notags(trim($arr['remote-avatar']));
@@ -82,7 +83,7 @@ function post_remote($a,$arr) {
$parent_id = 0;
dbesc_array($arr);
-
+dbg(3);
$r = q("INSERT INTO `item` (`"
. implode("`, `", array_keys($arr))
. "`) VALUES ('"
@@ -121,7 +122,7 @@ function post_remote($a,$arr) {
}
function dfrn_notify_post(&$a) {
-
+dbg(3);
$dfrn_id = notags(trim($_POST['dfrn_id']));
$challenge = notags(trim($_POST['challenge']));
$data = $_POST['data'];
@@ -179,15 +180,32 @@ function dfrn_notify_post(&$a) {
// remote reply to our post. Import and then notify everybody else.
$datarray = get_atom_elements($item);
$urn = explode(':',$parent_urn);
- $datarray['parent_hash'] = $urn[4];
+ $datarray['type'] = 'remote-comment';
+ $datarray['parent_hash'] = $urn[5];
$datarray['uid'] = $importer['uid'];
$datarray['contact-id'] = $importer['id'];
- $r = post_remote($a,$datarray);
+ $posted_id = post_remote($a,$datarray);
+
+ $r = q("SELECT `parent` FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ intval($posted_id),
+ intval($importer['uid'])
+ );
+ if(count($r)) {
+ $r1 = q("UPDATE `item` SET `last-child` = 0 WHERE `uid` = %d AND `parent` = %d",
+ intval($importer['uid']),
+ intval($r[0]['parent'])
+ );
+ }
+ $r2 = q("UPDATE `item` SET `last-child` = 1 WHERE `uid` = %d AND `id` = %d LIMIT 1",
+ intval($importer['uid']),
+ intval($posted_id)
+ );
$url = bin2hex($a->get_baseurl());
- proc_close(proc_open("php include/notifier.php $url $notify_type $r > notify.log &", array(),$foo));
+ proc_close(proc_open("php include/notifier.php $url comment-import $posted_id > remote-notify.log &", array(),$foo));
+ xml_status(0);
return;
}
@@ -196,16 +214,18 @@ function dfrn_notify_post(&$a) {
$item_id = $item->get_id();
- $r = q("SELECT `uid`, `last-child` FROM `item` WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
+ $r = q("SELECT `uid`, `last-child`, `edited` FROM `item` WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
dbesc($item_id),
intval($importer['uid'])
);
+ // FIXME update content if 'updated' changes
if(count($r)) {
$allow = $item->get_item_tags('http://purl.org/macgirvin/dfrn/1.0','comment-allow');
if($allow && $allow[0]['data'] != $r[0]['last-child']) {
$r = q("UPDATE `item` SET `last-child` = %d WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
intval($allow[0]['data']),
- dbesc($item_id)
+ dbesc($item_id),
+ intval($importer['uid'])
);
}
continue;
@@ -222,7 +242,7 @@ function dfrn_notify_post(&$a) {
// Head post of a conversation. Have we seen it? If not, import it.
$item_id = $item->get_id();
- $r = q("SELECT `uid` FROM `item` WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
+ $r = q("SELECT `uid`, `last-child`, `edited` FROM `item` WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
dbesc($item_id),
intval($importer['uid'])
);
@@ -231,7 +251,8 @@ function dfrn_notify_post(&$a) {
if($allow && $allow[0]['data'] != $r[0]['last-child']) {
$r = q("UPDATE `item` SET `last-child` = %d WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
intval($allow[0]['data']),
- dbesc($item_id)
+ dbesc($item_id),
+ intval($importer['uid'])
);
}
continue;
@@ -249,7 +270,7 @@ function dfrn_notify_post(&$a) {
}
-
+ xml_status(0);
killme();
}
diff --git a/mod/item.php b/mod/item.php
index 437e6ac59..1584c7ddb 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -72,8 +72,10 @@ function item_post(&$a) {
}
// get contact info for poster
- if((x($_SESSION,'visitor_id')) && (intval($_SESSION['visitor_id'])))
+
+ if((x($_SESSION,'visitor_id')) && (intval($_SESSION['visitor_id']))) {
$contact_id = $_SESSION['visitor_id'];
+ }
else {
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
intval($_SESSION['uid']));
@@ -104,15 +106,16 @@ function item_post(&$a) {
} while($dups == true);
- $r = q("INSERT INTO `item` (`uid`,`type`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, `created`,`edited`,`hash`,`body`,
+ $r = q("INSERT INTO `item` (`uid`,`type`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, `remote-id`, `created`,`edited`,`hash`,`body`,
`allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`)
- VALUES( %d, '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )",
+ VALUES( %d, '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )",
intval($profile_uid),
dbesc($_POST['type']),
intval($contact_id),
dbesc($contact_record['name']),
dbesc($contact_record['url']),
dbesc($contact_record['thumb']),
+ dbesc("urn:X-dfrn:" . $a->get_baseurl() . ':' . intval($profile_uid) . ':' . $hash),
datetime_convert(),
datetime_convert(),
dbesc($hash),
@@ -159,7 +162,7 @@ function item_post(&$a) {
$url = bin2hex($a->get_baseurl());
- proc_close(proc_open("php include/notifier.php $url $notify_type $post_id > notify.log &",
+ proc_close(proc_open("php include/notifier.php \"$url\" \"$notify_type\" \"$post_id\" > notify.log &",
array(),$foo));
}
diff --git a/mod/network.php b/mod/network.php
index 2685959a3..94ea065e9 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -108,6 +108,7 @@ function network_content(&$a) {
if($item['last-child']) {
$comment = replace_macros($cmnt_tpl,array(
+ '$return_path' => $a->cmd,
'$id' => $item['item_id'],
'$parent' => $item['parent'],
'$profile_uid' => $_SESSION['uid'],
diff --git a/mod/profile.php b/mod/profile.php
index 7b54340a9..f14cdbd11 100644
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -196,6 +196,7 @@ function profile_content(&$a) {
if(can_write_wall($a,$a->profile['profile_uid'])) {
if($item['last-child']) {
$comment = replace_macros($cmnt_tpl,array(
+ '$return_path' => $a->cmd,
'$id' => $item['item_id'],
'$parent' => $item['parent'],
'$profile_uid' => $a->profile['profile_uid'],
diff --git a/update.sql b/update.sql
index b3196a1de..0a606e527 100644
--- a/update.sql
+++ b/update.sql
@@ -12,3 +12,5 @@ ADD `remote-avatar` CHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT N
ALTER TABLE `item` ADD `owner-name` CHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL AFTER `contact-id` ,
ADD `owner-link` CHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL AFTER `owner-name` ,
ADD `owner-avatar` CHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL AFTER `owner-link` ;
+
+ALTER TABLE `item` ADD `remote-parent` CHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL AFTER `parent` ;
\ No newline at end of file
diff --git a/view/comment_item.tpl b/view/comment_item.tpl
index 530244e8e..b91be5ab5 100644
--- a/view/comment_item.tpl
+++ b/view/comment_item.tpl
@@ -5,6 +5,7 @@
+