bitPickups/friendica_2020-09-1_sharedHosting
1
0
Fork 0
Code Pull requests Activity

Merge remote-tracking branch 'friendika/master' into newui

Browse source
This commit is contained in:
Fabio Comuni 2011-08-30 11:00:23 +02:00
commit d0926240a8
45 changed files with 4569 additions and 960 deletions
Download patch file Download diff file Expand all files Collapse all files

52
include/Contact.php
View file

@ -85,3 +85,55 @@ function unmark_for_death($contact) {
);
}}
if(! function_exists('contact_photo_menu')){
function contact_photo_menu($contact) {
$a = get_app();
$contact_url="";
$pm_url="";
$status_link="";
$photos_link="";
$posts_link="";
$sparkle = false;
if($contact['network'] === NETWORK_DFRN) {
$sparkle = true;
$profile_link = $a->get_baseurl() . '/redir/' . $contact['id'];
}
else
$profile_link = $contact['url'];
if($profile_link === 'mailbox')
$profile_link = '';
if($sparkle) {
$status_link = $profile_link . "?url=status";
$photos_link = $profile_link . "?url=photos";
$profile_link = $profile_link . "?url=profile";
$pm_url = $a->get_baseurl() . '/message/new/' . $contact['id'];
}
$contact_url = $a->get_baseurl() . '/contacts/' . $contact['id'];
$posts_link = $a->get_baseurl() . '/network/?cid=' . $contact['id'];
$menu = Array(
t("View status") => $status_link,
t("View profile") => $profile_link,
t("View photos") => $photos_link,
t("View recent") => $posts_link,
t("Edit contact") => $contact_url,
t("Send PM") => $pm_url,
);
$args = array('contact' => $contact, 'menu' => $menu);
call_hooks('contact_photo_menu', $args);
$o = "";
foreach($menu as $k=>$v){
if ($v!="") $o .= "<li><a href='$v'>$k</a></li>\n";
}
return $o;
}}

13
include/Photo.php
View file

@ -185,11 +185,20 @@ class Photo {
public function store($uid, $cid, $rid, $filename, $album, $scale, $profile = 0, $allow_cid = '', $allow_gid = '', $deny_cid = '', $deny_gid = '') {
$r = q("select `guid` from photo where `resource-id` = '%s' and `guid` != '' limit 1",
dbesc($rid)
);
if(count($r))
$guid = $r[0]['guid'];
else
$guid = get_guid();
$r = q("INSERT INTO `photo`
( `uid`, `contact-id`, `resource-id`, `created`, `edited`, `filename`, `album`, `height`, `width`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` )
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, '%s', '%s', '%s', '%s' )",
( `uid`, `contact-id`, `guid`, `resource-id`, `created`, `edited`, `filename`, `album`, `height`, `width`, `data`, `scale`, `profile`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid` )
VALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', %d, %d, '%s', '%s', '%s', '%s' )",
intval($uid),
intval($cid),
dbesc($guid),
dbesc($rid),
dbesc(datetime_convert()),
dbesc(datetime_convert()),

2
include/acl_selectors.php
View file

@ -170,7 +170,7 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
$sql_extra .= " AND `network` IN ( 'dfrn' ) ";
}
elseif($privatenet) {
$sql_extra .= " AND `network` IN ( 'dfrn', 'mail', 'face' ) ";
$sql_extra .= " AND `network` IN ( 'dfrn', 'mail', 'face', 'dspr' ) ";
}

115
include/api.php
View file

@ -1,6 +1,7 @@
<?php
require_once("bbcode.php");
require_once("datetime.php");
require_once("conversation.php");
/*
* Twitter-Like API
@ -8,7 +9,7 @@
*/
$API = Array();
$called_api = Null;
function api_date($str){
//Wed May 23 06:01:13 +0000 2007
@ -103,9 +104,10 @@
* MAIN API ENTRY POINT *
**************************/
function api_call(&$a){
GLOBAL $API;
GLOBAL $API, $called_api;
foreach ($API as $p=>$info){
if (strpos($a->query_string, $p)===0){
$called_api= explode("/",$p);
#unset($_SERVER['PHP_AUTH_USER']);
if ($info['auth']===true && local_user()===false) {
api_login($a);
@ -131,7 +133,7 @@
return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
break;
case "json":
header ("Content-Type: application/json");
//header ("Content-Type: application/json");
foreach($r as $rr)
return json_encode($rr);
break;
@ -193,6 +195,7 @@
* Returns user info array.
*/
function api_get_user(&$a, $contact_id = Null){
global $called_api;
$user = null;
$extra_query = "";
@ -209,16 +212,20 @@
if(is_null($user) && x($_GET, 'screen_name')) {
$user = dbesc($_GET['screen_name']);
$extra_query = "AND `contact`.`nick` = '%s' ";
if (local_user()!==false) $extra_query .= "AND `contact`.`uid`=".intval(local_user());
}
if (is_null($user) && $a->argc > 3){
list($user, $null) = explode(".",$a->argv[3]);
if (is_null($user) && $a->argc > (count($called_api)-1)){
$argid = count($called_api);
list($user, $null) = explode(".",$a->argv[$argid]);
if(is_numeric($user)){
$user = intval($user);
$extra_query = "AND `contact`.`id` = %d ";
} else {
$user = dbesc($user);
$extra_query = "AND `contact`.`nick` = '%s' ";
if (local_user()!==false) $extra_query .= "AND `contact`.`uid`=".intval(local_user());
}
}
@ -301,6 +308,7 @@
}
$ret = Array(
'self' => intval($uinfo[0]['self']),
'uid' => intval($uinfo[0]['uid']),
'id' => intval($uinfo[0]['cid']),
'name' => $uinfo[0]['name'],
@ -321,7 +329,7 @@
'followers_count' => intval($countfollowers),
'favourites_count' => intval($starred),
'contributors_enabled' => false,
'follow_request_sent' => false,
'follow_request_sent' => true,
'profile_background_color' => 'cfe8f6',
'profile_text_color' => '000000',
'profile_link_color' => 'FF8500',
@ -616,6 +624,7 @@
$user_info = api_get_user($a);
// get last newtork messages
// params
$count = (x($_REQUEST,'count')?$_REQUEST['count']:20);
$page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
@ -664,6 +673,12 @@
$user_info = api_get_user($a);
// get last newtork messages
logger("api_statuses_user_timeline: local_user: ". local_user() .
"\nuser_info: ".print_r($user_info, true) .
"\n_REQUEST: ".print_r($_REQUEST, true),
LOGGER_DEBUG);
// params
$count = (x($_REQUEST,'count')?$_REQUEST['count']:20);
$page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
@ -672,6 +687,7 @@
$start = $page*$count;
if ($user_info['self']==1) $sql_extra = "AND `item`.`wall` = 1 ";
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
@ -679,14 +695,15 @@
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item`, `contact`
WHERE `item`.`uid` = %d
AND `item`.`contact-id` = %d
AND `item`.`visible` = 1 AND `item`.`deleted` = 0
AND `item`.`wall` = 1
AND `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$sql_extra
AND `item`.`id`>%d
ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
intval($user_info['uid']),
intval(local_user()),
intval($user_info['id']),
intval($since_id),
intval($start), intval($count)
);
@ -711,33 +728,41 @@
if (local_user()===false) return false;
$user_info = api_get_user($a);
// get last newtork messages
// in friendika starred item are private
// return favorites only for self
logger('api_favorites: self:' . $user_info['self']);
// params
$count = (x($_GET,'count')?$_GET['count']:20);
$page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
if ($page<0) $page=0;
if ($user_info['self']==0) {
$ret = array();
} else {
// params
$count = (x($_GET,'count')?$_GET['count']:20);
$page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
if ($page<0) $page=0;
$start = $page*$count;
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item`, `contact`
WHERE `item`.`uid` = %d
AND `item`.`visible` = 1 AND `item`.`deleted` = 0
AND `item`.`starred` = 1
AND `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$sql_extra
ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
intval($user_info['uid']),
intval($start), intval($count)
);
$ret = api_format_items($r,$user_info);
$start = $page*$count;
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item`, `contact`
WHERE `item`.`uid` = %d
AND `item`.`visible` = 1 AND `item`.`deleted` = 0
AND `item`.`starred` = 1
AND `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$sql_extra
ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
intval($user_info['uid']),
intval($start), intval($count)
);
$ret = api_format_items($r,$user_info);
}
$data = array('$statuses' => $ret);
switch($type){
@ -762,6 +787,7 @@
$ret = Array();
foreach($r as $item) {
localize_item($item);
$status_user = (($item['cid']==$user_info['id'])?$user_info: api_item_get_user($a,$item));
$status = array(
'created_at'=> api_date($item['created']),
@ -819,15 +845,21 @@
if (local_user()===false) return false;
$user_info = api_get_user($a);
// friends and followers only for self
if ($user_info['self']==0){
return false;
}
if (x($_GET,'cursor') && $_GET['cursor']=='undefined'){
/* this is to stop Hotot to load friends multiple times
* I'm not sure if I'm missing return something or
* is a bug in hotot. Workaround, meantime
*/
$ret=Array();
$data = array('$users' => $ret);
return api_apply_template("friends", $type, $data);
/*$ret=Array();
return array('$users' => $ret);*/
return false;
}
if($qtype == 'friends')
@ -845,15 +877,18 @@
}
$data = array('$users' => $ret);
return api_apply_template("friends", $type, $data);
return array('$users' => $ret);
}
function api_statuses_friends(&$a, $type){
return api_statuses_f($a,$type,"friends");
$data = api_statuses_f($a,$type,"friends");
if ($data===false) return false;
return api_apply_template("friends", $type, $data);
}
function api_statuses_followers(&$a, $type){
return api_statuses_f($a,$type,"followers");
$data = api_statuses_f($a,$type,"followers");
if ($data===false) return false;
return api_apply_template("friends", $type, $data);
}
api_register_func('api/statuses/friends','api_statuses_friends',true);
api_register_func('api/statuses/followers','api_statuses_followers',true);

6
include/auth.php
View file

@ -48,7 +48,8 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
goaway(z_root());
}
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
$r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
FROM `user` WHERE `uid` = %d LIMIT 1",
intval($_SESSION['uid'])
);
@ -183,7 +184,8 @@ else {
// process normal login request
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' )
$r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey`
FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' )
AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
dbesc(trim($_POST['openid_url'])),
dbesc(trim($_POST['openid_url'])),

178
include/bb2diaspora.php Normal file
View file

@ -0,0 +1,178 @@
<?php
require_once("include/oembed.php");
require_once('include/event.php');
function diaspora2bb($s) {
$s = str_replace(array('\\**','\\__','\\*','\\_'), array('-^doublestar^-','-^doublescore-^','-^star^-','-^score^-'),$s);
$s = preg_replace("/\*\*\*(.+?)\*\*\*/", '[b][i]$1[/i][/b]', $s);
$s = preg_replace("/\_\_\_(.+?)\_\_\_/", '[b][i]$1[/i][/b]', $s);
$s = preg_replace("/\*\*(.+?)\*\*/", '[b]$1[/b]', $s);
$s = preg_replace("/\_\_(.+?)\_\_/", '[b]$1[/b]', $s);
$s = preg_replace("/\*(.+?)\*/", '[i]$1[/i]', $s);
$s = preg_replace("/\_(.+?)\_/", '[i]$1[/i]', $s);
$s = str_replace(array('-^doublestar^-','-^doublescore-^','-^star^-','-^score^-'), array('**','__','*','_'), $s);
$s = preg_replace('/\[(.+?)\]\((.+?)\)/','[url=$2]$1[/url]',$s);
$s = escape_tags($s);
return $s;
}
function stripdcode_br_cb($s) {
return '[code]' . str_replace('<br />', '', $s[1]) . '[/code]';
}
// BBcode 2 HTML was written by WAY2WEB.net
// extended to work with Mistpark/Friendika - Mike Macgirvin
function bb2diaspora($Text,$preserve_nl = false) {
// Replace any html brackets with HTML Entities to prevent executing HTML or script
// Don't use strip_tags here because it breaks [url] search by replacing & with amp
$Text = str_replace("<", "&lt;", $Text);
$Text = str_replace(">", "&gt;", $Text);
if($preserve_nl)
$Text = str_replace(array("\n","\r"), array('',''),$Text);
// Set up the parameters for a URL search string
$URLSearchString = "^\[\]";
// Set up the parameters for a MAIL search string
$MAILSearchString = $URLSearchString;
// Perform URL Search
// [img]pathtoimage[/img]
$Text = preg_replace("/\[url\]([$URLSearchString]*)\[\/url\]/", '[$1]($1)', $Text);
$Text = preg_replace("(\[url\=([$URLSearchString]*)\](.*?)\[/url\])", '[$2]($1)', $Text);
// $Text = preg_replace("/\[img\](.*?)\[\/img\]/", t('Image/photo: ') . '$1', $Text);
// $Text = preg_replace("/\[img\](.*?)\[\/img\]/", t('image/photo'), $Text);
// Perform MAIL Search
$Text = preg_replace("(\[mail\]([$MAILSearchString]*)\[/mail\])", '[$1](mailto:$1)', $Text);
$Text = preg_replace("/\[mail\=([$MAILSearchString]*)\](.*?)\[\/mail\]/", '[$2](mailto:$1)', $Text);
$Text = str_replace('*', '\\*', $Text);
$Text = str_replace('_', '\\_', $Text);
$Text = str_replace('`','\\`', $Text);
// Check for bold text
$Text = preg_replace("(\[b\](.*?)\[\/b\])is",'**$1**',$Text);
// Check for Italics text
$Text = preg_replace("(\[i\](.*?)\[\/i\])is",'_$1_',$Text);
// Check for Underline text
// $Text = preg_replace("(\[u\](.*?)\[\/u\])is",'<u>$1</u>',$Text);
// Check for strike-through text
// $Text = preg_replace("(\[s\](.*?)\[\/s\])is",'<strike>$1</strike>',$Text);
// Check for over-line text
// $Text = preg_replace("(\[o\](.*?)\[\/o\])is",'<span class="overline">$1</span>',$Text);
// Check for colored text
// $Text = preg_replace("(\[color=(.*?)\](.*?)\[\/color\])is","<span style=\"color: $1;\">$2</span>",$Text);
// Check for sized text
// $Text = preg_replace("(\[size=(.*?)\](.*?)\[\/size\])is","<span style=\"font-size: $1;\">$2</span>",$Text);
// Check for list text
// $Text = preg_replace("/\[list\](.*?)\[\/list\]/is", '<ul class="listbullet">$1</ul>' ,$Text);
// $Text = preg_replace("/\[list=1\](.*?)\[\/list\]/is", '<ul class="listdecimal">$1</ul>' ,$Text);
// $Text = preg_replace("/\[list=i\](.*?)\[\/list\]/s",'<ul class="listlowerroman">$1</ul>' ,$Text);
// $Text = preg_replace("/\[list=I\](.*?)\[\/list\]/s", '<ul class="listupperroman">$1</ul>' ,$Text);
// $Text = preg_replace("/\[list=a\](.*?)\[\/list\]/s", '<ul class="listloweralpha">$1</ul>' ,$Text);
// $Text = preg_replace("/\[list=A\](.*?)\[\/list\]/s", '<ul class="listupperalpha">$1</ul>' ,$Text);
// $Text = preg_replace("/\[li\](.*?)\[\/li\]/s", '<li>$1</li>' ,$Text);
// $Text = preg_replace("/\[td\](.*?)\[\/td\]/s", '<td>$1</td>' ,$Text);
// $Text = preg_replace("/\[tr\](.*?)\[\/tr\]/s", '<tr>$1</tr>' ,$Text);
// $Text = preg_replace("/\[table\](.*?)\[\/table\]/s", '<table>$1</table>' ,$Text);
// $Text = preg_replace("/\[table border=1\](.*?)\[\/table\]/s", '<table border="1" >$1</table>' ,$Text);
// $Text = preg_replace("/\[table border=0\](.*?)\[\/table\]/s", '<table border="0" >$1</table>' ,$Text);
// $Text = str_replace("[*]", "<li>", $Text);
// Check for font change text
// $Text = preg_replace("(\[font=(.*?)\](.*?)\[\/font\])","<span style=\"font-family: $1;\">$2</span>",$Text);
// Declare the format for [code] layout
$Text = preg_replace_callback("/\[code\](.*?)\[\/code\]/is",'stripdcode_br_cb',$Text);
// $CodeLayout = '<code>$1</code>';
// Check for [code] text
$Text = preg_replace("/\[code\](.*?)\[\/code\]/is","```$1```", $Text);
// Declare the format for [quote] layout
// $QuoteLayout = '<blockquote>$1</blockquote>';
// Check for [quote] text
// $Text = preg_replace("/\[quote\](.*?)\[\/quote\]/is","$QuoteLayout", $Text);
// Images
// html5 video and audio
// $Text = preg_replace("/\[video\](.*?)\[\/video\]/", '<video src="$1" controls="controls" width="425" height="350"><a href="$1">$1</a></video>', $Text);
// $Text = preg_replace("/\[audio\](.*?)\[\/audio\]/", '<audio src="$1" controls="controls"><a href="$1">$1</a></audio>', $Text);
// $Text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/", '<iframe src="$1" width="425" height="350"><a href="$1">$1</a></iframe>', $Text);
// [img=widthxheight]image source[/img]
// $Text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/", '<img src="$3" style="height:{$2}px; width:{$1}px;" >', $Text);
// if (get_pconfig(local_user(), 'oembed', 'use_for_youtube' )==1){
// // use oembed for youtube links
// $Text = preg_replace("/\[youtube\]/",'[embed]',$Text);
// $Text = preg_replace("/\[\/youtube\]/",'[/embed]',$Text);
// } else {
// // Youtube extensions
// $Text = preg_replace("/\[youtube\]https?:\/\/www.youtube.com\/watch\?v\=(.*?)\[\/youtube\]/",'[youtube]$1[/youtube]',$Text);
// $Text = preg_replace("/\[youtube\]https?:\/\/youtu.be\/(.*?)\[\/youtube\]/",'[youtube]$1[/youtube]',$Text);
// $Text = preg_replace("/\[youtube\](.*?)\[\/youtube\]/", '<iframe width="425" height="349" src="http://www.youtube.com/embed/$1" frameborder="0" allowfullscreen></iframe>', $Text);
// }
// $Text = preg_replace("/\[youtube\](.*?)\[\/youtube\]/", '<object width="425" height="350" type="application/x-shockwave-flash" data="http://www.youtube.com/v/$1" ><param name="movie" value="http://www.youtube.com/v/$1"></param><!--[if IE]><embed src="http://www.youtube.com/v/$1" type="application/x-shockwave-flash" width="425" height="350" /><![endif]--></object>', $Text);
// oembed tag
// $Text = oembed_bbcode2html($Text);
// If we found an event earlier, strip out all the event code and replace with a reformatted version.
// if(x($ev,'desc') && x($ev,'start')) {
// $sub = format_event_html($ev);
// $Text = preg_replace("/\[event\-description\](.*?)\[\/event\-description\]/is",$sub,$Text);
//$Text = preg_replace("/\[event\-start\](.*?)\[\/event\-start\]/is",'',$Text);
// $Text = preg_replace("/\[event\-finish\](.*?)\[\/event\-finish\]/is",'',$Text);
// $Text = preg_replace("/\[event\-location\](.*?)\[\/event\-location\]/is",'',$Text);
// $Text = preg_replace("/\[event\-adjust\](.*?)\[\/event\-adjust\]/is",'',$Text);
// }
call_hooks('bb2diaspora',$Text);
return $Text;
}

4
include/bbcode.php
View file

@ -41,7 +41,7 @@ function bbcode($Text,$preserve_nl = false) {
// Perform URL Search
$Text = preg_replace("/([^\]\=]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\.\=\_\~\#\'\%\$\!\+\,]+)/", ' <a href="$2" target="external-link">$2</a>', $Text);
$Text = preg_replace("/([^\]\=]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\.\=\_\~\#\%\$\!\+\,]+)/", '$1<a href="$2" target="external-link">$2</a>', $Text);
$Text = preg_replace("/\[url\]([$URLSearchString]*)\[\/url\]/", '<a href="$1" target="external-link">$1</a>', $Text);
$Text = preg_replace("(\[url\=([$URLSearchString]*)\](.*?)\[/url\])", '<a href="$1" target="external-link">$2</a>', $Text);
@ -134,7 +134,7 @@ function bbcode($Text,$preserve_nl = false) {
// Youtube extensions
$Text = preg_replace("/\[youtube\]https?:\/\/www.youtube.com\/watch\?v\=(.*?)\[\/youtube\]/",'[youtube]$1[/youtube]',$Text);
$Text = preg_replace("/\[youtube\]https?:\/\/youtu.be\/(.*?)\[\/youtube\]/",'[youtube]$1[/youtube]',$Text);
$Text = preg_replace("/\[youtube\](.*?)\[\/youtube\]/", '<iframe width="425" height="349" src="http://www.youtube.com/embed/$1" frameborder="0" allowfullscreen></iframe>', $Text);
$Text = preg_replace("/\[youtube\](.*?)\[\/youtube\]/", '<iframe width="425" height="349" src="http://www.youtube.com/embed/$1" frameborder="0" ></iframe>', $Text);
}
// $Text = preg_replace("/\[youtube\](.*?)\[\/youtube\]/", '<object width="425" height="350" type="application/x-shockwave-flash" data="http://www.youtube.com/v/$1" ><param name="movie" value="http://www.youtube.com/v/$1"></param><!--[if IE]><embed src="http://www.youtube.com/v/$1" type="application/x-shockwave-flash" width="425" height="350" /><![endif]--></object>', $Text);

15
include/contact_selectors.php
View file

@ -46,10 +46,11 @@ function contact_reputation($current) {
}
function contact_poll_interval($current) {
function contact_poll_interval($current, $disabled = false) {
$dis = (($disabled) ? ' disabled="disabled" ' : '');
$o = '';
$o .= '<select id="contact-poll-interval" name="poll" />' . "\r\n";
$o .= "<select id=\"contact-poll-interval\" name=\"poll\" $dis />" . "\r\n";
$rep = array(
0 => t('Frequently'),
@ -67,3 +68,13 @@ function contact_poll_interval($current) {
$o .= "</select>\r\n";
return $o;
}
function network_to_name($s) {
call_hooks('network_to_name', $s);
return str_replace(array(NETWORK_DFRN,NETWORK_OSTATUS,NETWORK_FEED,NETWORK_MAIL,NETWORK_DIASPORA,NETWORK_FACEBOOK,NETWORK_ZOT),
array(t('Friendika'),t('OStatus'),t('RSS/Atom'),t('Email'),t('Diaspora'),t('Facebook'),t('Zot!')),$s);
}

3
include/conversation.php
View file

@ -80,6 +80,9 @@ function localize_item(&$item){
}
// fix bad embeds
$item['body'] = str_replace('http://www.youtube.com/embed/http:','http:',$item['body']);
}
/**

65
include/crypto.php
View file

@ -225,3 +225,68 @@ function pkcs5_unpad($text)
if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
return substr($text, 0, -1 * $pad);
}
function AES256CBC_encrypt($data,$key,$iv) {
return mcrypt_encrypt(
MCRYPT_RIJNDAEL_128,
str_pad($key,32,"\0"),
pkcs5_pad($data,16),
MCRYPT_MODE_CBC,
str_pad($iv,16,"\0"));
}
function AES256CBC_decrypt($data,$key,$iv) {
return pkcs5_unpad(mcrypt_decrypt(
MCRYPT_RIJNDAEL_128,
str_pad($key,32,"\0"),
$data,
MCRYPT_MODE_CBC,
str_pad($iv,16,"\0")));
}
function aes_encapsulate($data,$pubkey) {
$key = random_string(32,RANDOM_STRING_TEXT);
$iv = random_string(16,RANDOM_STRING_TEXT);
$result['data'] = base64url_encode(AES256CBC_encrypt($data,$key,$iv),true);
openssl_public_encrypt($key,$k,$pubkey);
$result['key'] = base64url_encode($k,true);
openssl_public_encrypt($iv,$i,$pubkey);
$result['iv'] = base64url_encode($i,true);
return $result;
}
function aes_unencapsulate($data,$prvkey) {
openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey);
openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey);
return AES256CBC_decrypt(base64url_decode($data['data']),$k,$i);
}
function zot_encapsulate($data,$sender,$pubkey) {
$res = aes_encapsulate($data,$pubkey);
openssl_public_encrypt($sender,$s,$pubkey);
$s1 = base64url_encode($s,true);
return <<< EOT
<?xml version='1.0' encoding='UTF-8'?>
<zot:env xmlns:zot='http://purl.org/zot/1.0'>
<zot:key>{$res['key']}</zot:key>
<zot:iv>{$res['iv']}</zot:iv>
<zot:sender>$s1</zot:sender>
<zot:alg>AES-256-CBC</zot:alg>
<zot:data type='application/magic-envelope+xml'>{$res['data']}</zot:data>
</zot:env>
EOT;
}
function zot_unencapsulate($data,$prvkey) {
$ret = array();
$c = array();
$x = parse_xml_string($data);
$c = array('key' => $x->key,'iv' => $x->iv,'data' => $x->data);
openssl_private_decrypt(base64url_decode($x->sender),$s,$prvkey);
$ret['sender'] = $s;
$ret['data'] = aes_unencapsulate($x,$prvkey);
return $ret;
}

444
include/delivery.php Normal file
View file

@ -0,0 +1,444 @@
<?php
require_once("boot.php");
function delivery_run($argv, $argc){
global $a, $db;
if(is_null($a)){
$a = new App;
}
if(is_null($db)) {
@include(".htconfig.php");
require_once("dba.php");
$db = new dba($db_host, $db_user, $db_pass, $db_data);
unset($db_host, $db_user, $db_pass, $db_data);
}
require_once("session.php");
require_once("datetime.php");
require_once('include/items.php');
require_once('include/bbcode.php');
require_once('include/diaspora.php');
load_config('config');
load_config('system');
load_hooks();
if($argc < 3)
return;
$a->set_baseurl(get_config('system','url'));
logger('delivery: invoked: ' . print_r($argv,true));
$cmd = $argv[1];
$item_id = intval($argv[2]);
$contact_id = intval($argv[3]);
// Some other process may have delivered this item already.
$r = q("select * from deliverq where cmd = '%s' and item = %d and contact = %d limit 1",
dbesc($cmd),
dbesc($item_id),
dbesc($contact_id)
);
if(! count($r)) {
return;
}
// It's ours to deliver. Remove it from the queue.
q("delete from deliverq where cmd = '%s' and item = %d and contact = %d limit 1",
dbesc($cmd),
dbesc($item_id),
dbesc($contact_id)
);
if((! $item_id) || (! $contact_id))
return;
$expire = false;
$top_level = false;
$recipients = array();
$url_recipients = array();
$normal_mode = true;
$recipients[] = $contact_id;
if($cmd === 'expire') {
$normal_mode = false;
$expire = true;
$items = q("SELECT * FROM `item` WHERE `uid` = %d AND `wall` = 1
AND `deleted` = 1 AND `changed` > UTC_TIMESTAMP - INTERVAL 30 MINUTE",
intval($item_id)
);
$uid = $item_id;
$item_id = 0;
if(! count($items))
return;
}
else {
// find ancestors
$r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1",
intval($item_id)
);
if((! count($r)) || (! intval($r[0]['parent']))) {
return;
}
$target_item = $r[0];
$parent_id = intval($r[0]['parent']);
$uid = $r[0]['uid'];
$updated = $r[0]['edited'];
$items = q("SELECT `item`.*, `sign`.`signed_text`,`sign`.`signature`,`sign`.`signer`
FROM `item` LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id` WHERE `parent` = %d ORDER BY `id` ASC",
intval($parent_id)
);
if(! count($items)) {
return;
}
$icontacts = q("SELECT * FROM `contact` WHERE `id` IN ( SELECT distinct(`contact-id`) FROM `item` where `parent` = %d ) ",
intval($parent_id)
);
if(! count($icontacts))
return;
// avoid race condition with deleting entries
if($items[0]['deleted']) {
foreach($items as $item)
$item['deleted'] = 1;
}
if((count($items) == 1) && ($items[0]['uri'] === $items[0]['parent-uri'])) {
logger('delivery: top level post');
$top_level = true;
}
}
$r = q("SELECT `contact`.*, `user`.`pubkey` AS `upubkey`, `user`.`prvkey` AS `uprvkey`,
`user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`,
`user`.`page-flags`, `user`.`prvnets`
FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
WHERE `contact`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1",
intval($uid)
);
if(! count($r))
return;
$owner = $r[0];
$public_message = true;
// fill this in with a single salmon slap if applicable
$slap = '';
require_once('include/group.php');
$parent = $items[0];
// This is IMPORTANT!!!!
// We will only send a "notify owner to relay" or followup message if the referenced post
// originated on our system by virtue of having our hostname somewhere
// in the URI, AND it was a comment (not top_level) AND the parent originated elsewhere.
// if $parent['wall'] == 1 we will already have the parent message in our array
// and we will relay the whole lot.
// expire sends an entire group of expire messages and cannot be forwarded.
// However the conversation owner will be a part of the conversation and will
// be notified during this run.
// Other DFRN conversation members will be alerted during polled updates.
// Diaspora members currently are not notified of expirations, and other networks have
// either limited or no ability to process deletions. We should at least fix Diaspora
// by stringing togther an array of retractions and sending them onward.
$localhost = $a->get_hostname();
if(strpos($localhost,':'))
$localhost = substr($localhost,0,strpos($localhost,':'));
/**
*
* Be VERY CAREFUL if you make any changes to the following line. Seemingly innocuous changes
* have been known to cause runaway conditions which affected several servers, along with
* permissions issues.
*
*/
if((! $top_level) && ($parent['wall'] == 0) && (! $expire) && (stristr($target_item['uri'],$localhost))) {
logger('relay denied for delivery agent.');
/* no relay allowed for direct contact delivery */
return;
}
if((strlen($parent['allow_cid']))
|| (strlen($parent['allow_gid']))
|| (strlen($parent['deny_cid']))
|| (strlen($parent['deny_gid']))) {
$public_message = false; // private recipients, not public
}
$conversant_str = intval($contact_id);
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `blocked` = 0 AND `pending` = 0",
intval($contact_id)
);
if(count($r))
$contact = $r[0];
$feed_template = get_markup_template('atom_feed.tpl');
$mail_template = get_markup_template('atom_mail.tpl');
$atom = '';
$slaps = array();
$hubxml = feed_hublinks();
$birthday = feed_birthday($owner['uid'],$owner['timezone']);
if(strlen($birthday))
$birthday = '<dfrn:birthday>' . xmlify($birthday) . '</dfrn:birthday>';
$atom .= replace_macros($feed_template, array(
'$version' => xmlify(FRIENDIKA_VERSION),
'$feed_id' => xmlify($a->get_baseurl() . '/profile/' . $owner['nickname'] ),
'$feed_title' => xmlify($owner['name']),
'$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', $updated . '+00:00' , ATOM_TIME)) ,
'$hub' => $hubxml,
'$salmon' => '', // private feed, we don't use salmon here
'$name' => xmlify($owner['name']),
'$profile_page' => xmlify($owner['url']),
'$photo' => xmlify($owner['photo']),
'$thumb' => xmlify($owner['thumb']),
'$picdate' => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) ,
'$uridate' => xmlify(datetime_convert('UTC','UTC',$owner['uri-date'] . '+00:00' , ATOM_TIME)) ,
'$namdate' => xmlify(datetime_convert('UTC','UTC',$owner['name-date'] . '+00:00' , ATOM_TIME)) ,
'$birthday' => $birthday
));
foreach($items as $item) {
if(! $item['parent'])
continue;
// private emails may be in included in public conversations. Filter them.
if(($public_message) && $item['private'])
continue;
$item_contact = get_item_contact($item,$icontacts);
if(! $item_contact)
continue;
$atom .= atom_entry($item,'text',$item_contact,$owner,true);
if(($top_level) && ($public_message) && ($item['author-link'] === $item['owner-link']) && (! $expire))
$slaps[] = atom_entry($item,'html',$item_contact,$owner,true);
}
$atom .= '</feed>' . "\r\n";
logger('notifier: ' . $atom, LOGGER_DATA);
logger('notifier: slaps: ' . print_r($slaps,true), LOGGER_DATA);
require_once('include/salmon.php');
if($contact['self'])
return;
$deliver_status = 0;
switch($contact['network']) {
case NETWORK_DFRN :
logger('notifier: dfrndelivery: ' . $contact['name']);
$deliver_status = dfrn_deliver($owner,$contact,$atom);
logger('notifier: dfrn_delivery returns ' . $deliver_status);
if($deliver_status == (-1)) {
logger('notifier: delivery failed: queuing message');
// queue message for redelivery
q("INSERT INTO `queue` ( `cid`, `created`, `last`, `content`)
VALUES ( %d, '%s', '%s', '%s') ",
intval($contact['id']),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc($atom)
);
}
break;
case NETWORK_OSTATUS :
// Do not send to otatus if we are not configured to send to public networks
if($owner['prvnets'])
break;
if(get_config('system','ostatus_disabled') || get_config('system','dfrn_only'))
break;
// only send salmon if public - e.g. if it's ok to notify
// a public hub, it's ok to send a salmon
if((count($slaps)) && ($public_message) && (! $expire)) {
logger('notifier: slapdelivery: ' . $contact['name']);
foreach($slaps as $slappy) {
if($contact['notify']) {
$deliver_status = slapper($owner,$contact['notify'],$slappy);
if($deliver_status == (-1)) {
// queue message for redelivery
q("INSERT INTO `queue` ( `cid`, `created`, `last`, `content`)
VALUES ( %d, '%s', '%s', '%s') ",
intval($contact['id']),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc($slappy)
);
}
}
}
}
break;
case NETWORK_MAIL :
if(get_config('system','dfrn_only'))
break;
// WARNING: does not currently convert to RFC2047 header encodings, etc.
$addr = $contact['addr'];
if(! strlen($addr))
break;
if($cmd === 'wall-new' || $cmd === 'comment-new') {
$it = null;
if($cmd === 'wall-new')
$it = $items[0];
else {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($argv[2]),
intval($uid)
);
if(count($r))
$it = $r[0];
}
if(! $it)
break;
$local_user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
intval($uid)
);
if(! count($local_user))
break;
$reply_to = '';
$r1 = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1",
intval($uid)
);
if($r1 && $r1[0]['reply_to'])
$reply_to = $r1[0]['reply_to'];
$subject = (($it['title']) ? $it['title'] : t("\x28no subject\x29")) ;
$headers = 'From: ' . $local_user[0]['username'] . ' <' . $local_user[0]['email'] . '>' . "\n";
if($reply_to)
$headers .= 'Reply-to: ' . $reply_to . "\n";
$headers .= 'Message-id: <' . $it['uri'] . '>' . "\n";
if($it['uri'] !== $it['parent-uri']) {
$header .= 'References: <' . $it['parent-uri'] . '>' . "\n";
if(! strlen($it['title'])) {
$r = q("SELECT `title` FROM `item` WHERE `parent-uri` = '%s' LIMIT 1",
dbesc($it['parent-uri'])
);
if(count($r)) {
$subtitle = $r[0]['title'];
if($subtitle) {
if(strncasecmp($subtitle,'RE:',3))
$subject = $subtitle;
else
$subject = 'Re: ' . $subtitle;
}
}
}
}
$headers .= 'MIME-Version: 1.0' . "\n";
$headers .= 'Content-Type: text/html; charset=UTF-8' . "\n";
$headers .= 'Content-Transfer-Encoding: 8bit' . "\n\n";
$html = prepare_body($it);
$message = '<html><body>' . $html . '</body></html>';
logger('notifier: email delivery to ' . $addr);
mail($addr, $subject, $message, $headers);
}
break;
case NETWORK_DIASPORA :
logger('delivery: diaspora deliver: ' . $contact['name']);
if(get_config('system','dfrn_only') || (! get_config('system','diaspora_enabled')) || (! $normal_mode))
break;
if(! $contact['pubkey'])
break;
if($target_item['verb'] === ACTIVITY_DISLIKE) {
// unsupported
break;
}
elseif(($target_item['deleted']) && ($target_item['verb'] !== ACTIVITY_LIKE)) {
logger('delivery: diaspora retract: ' . $contact['name']);
// diaspora delete,
diaspora_send_retraction($target_item,$owner,$contact);
break;
}
elseif($target_item['parent'] != $target_item['id']) {
logger('delivery: diaspora relay: ' . $contact['name']);
// we are the relay - send comments, likes and unlikes to our conversants
diaspora_send_relay($target_item,$owner,$contact);
break;
}
elseif($top_level) {
logger('delivery: diaspora status: ' . $contact['name']);
diaspora_send_status($target_item,$owner,$contact);
break;
}
logger('delivery: diaspora unknown mode: ' . $contact['name']);
break;
case NETWORK_FEED :
case NETWORK_FACEBOOK :
if(get_config('system','dfrn_only'))
break;
default:
break;
}
return;
}
if (array_search(__file__,get_included_files())===0){
delivery_run($argv,$argc);
killme();
}

524
include/diaspora.php
View file

@ -2,6 +2,75 @@
require_once('include/crypto.php');
require_once('include/items.php');
require_once('include/bb2diaspora.php');
require_once('include/contact_selectors.php');
function diaspora_dispatch($importer,$msg) {
$parsed_xml = parse_xml_string($msg['message'],false);
$xmlbase = $parsed_xml->post;
if($xmlbase->request) {
diaspora_request($importer,$xmlbase->request);
}
elseif($xmlbase->status_message) {
diaspora_post($importer,$xmlbase->status_message);
}
elseif($xmlbase->comment) {
diaspora_comment($importer,$xmlbase->comment,$msg);
}
elseif($xmlbase->like) {
diaspora_like($importer,$xmlbase->like,$msg);
}
elseif($xmlbase->retraction) {
diaspora_retraction($importer,$xmlbase->retraction,$msg);
}
elseif($xmlbase->photo) {
diaspora_photo($importer,$xmlbase->photo,$msg);
}
else {
logger('diaspora_dispatch: unknown message type: ' . print_r($xmlbase,true));
}
return;
}
function diaspora_get_contact_by_handle($uid,$handle) {
$r = q("SELECT * FROM `contact` WHERE `network` = '%s' AND `uid` = %d AND `addr` = '%s' LIMIT 1",
dbesc(NETWORK_DIASPORA),
intval($uid),
dbesc($handle)
);
if($r && count($r))
return $r[0];
return false;
}
function find_diaspora_person_by_handle($handle) {
$r = q("select * from fcontact where network = '%s' and addr = '%s' limit 1",
dbesc(NETWORK_DIASPORA),
dbesc($handle)
);
if(count($r)) {
// update record occasionally so it doesn't get stale
$d = strtotime($r[0]['updated'] . ' +00:00');
if($d < strtotime('now - 14 days')) {
q("delete from fcontact where id = %d limit 1",
intval($r[0]['id'])
);
}
else
return $r[0];
}
require_once('include/Scrape.php');
$r = probe_url($handle, PROBE_DIASPORA);
if((count($r)) && ($r['network'] === NETWORK_DIASPORA)) {
add_fcontact($r);
return ($r);
}
return false;
}
function get_diaspora_key($uri) {
logger('Fetching diaspora key for: ' . $uri);
@ -13,16 +82,6 @@ function get_diaspora_key($uri) {
}
function diaspora_base_message($type,$data) {
$tpl = get_markup_template('diaspora_' . $type . '.tpl');
if(! $tpl)
return '';
return replace_macros($tpl,$data);
}
function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey) {
$a = get_app();
@ -81,10 +140,9 @@ EOT;
$encrypted_outer_key_bundle = '';
openssl_public_encrypt($outer_json,$encrypted_outer_key_bundle,$pubkey);
logger('outer_bundle_encrypt: ' . openssl_error_string());
$b64_encrypted_outer_key_bundle = base64_encode($encrypted_outer_key_bundle);
logger('outer_bundle: ' . $b64_encrypted_outer_key_bundle . ' key: ' . $pubkey);
logger('outer_bundle: ' . $b64_encrypted_outer_key_bundle . ' key: ' . $pubkey, LOGGER_DATA);
$encrypted_header_json_object = json_encode(array('aes_key' => base64_encode($encrypted_outer_key_bundle),
'ciphertext' => base64_encode($ciphertext)));
@ -164,7 +222,7 @@ function diaspora_decode($importer,$xml) {
* </decrypted_header>
*/
logger('decrypted: ' . $decrypted);
logger('decrypted: ' . $decrypted, LOGGER_DEBUG);
$idom = parse_xml_string($decrypted,false);
$inner_iv = base64_decode($idom->iv);
@ -262,42 +320,6 @@ function diaspora_decode($importer,$xml) {
}
function diaspora_get_contact_by_handle($uid,$handle) {
$r = q("SELECT * FROM `contact` WHERE `network` = '%s' AND `uid` = %d AND `addr` = '%s' LIMIT 1",
dbesc(NETWORK_DIASPORA),
intval($uid),
dbesc($handle)
);
if($r && count($r))
return $r[0];
return false;
}
function find_diaspora_person_by_handle($handle) {
$r = q("select * from fcontact where network = '%s' and addr = '%s' limit 1",
dbesc(NETWORK_DIASPORA),
dbesc($handle)
);
if(count($r)) {
// update record occasionally so it doesn't get stale
$d = strtotime($r[0]['updated'] . ' +00:00');
if($d < strtotime('now - 14 days')) {
q("delete from fcontact where id = %d limit 1",
intval($r[0]['id'])
);
}
else
return $r[0];
}
require_once('include/Scrape.php');
$r = probe_url($handle, PROBE_DIASPORA);
if((count($r)) && ($r['network'] === NETWORK_DIASPORA)) {
add_fcontact($r);
return ($r);
}
return false;
}
function diaspora_request($importer,$xml) {
@ -395,8 +417,10 @@ function diaspora_post($importer,$xml) {
dbesc($message_id),
dbesc($guid)
);
if(count($r))
if(count($r)) {
logger('diaspora_post: message exists: ' . $guid);
return;
}
// allocate a guid on our system - we aren't fixing any collisions.
// we're ignoring them
@ -413,32 +437,7 @@ function diaspora_post($importer,$xml) {
$created = unxmlify($xml->created_at);
$private = ((unxmlify($xml->public) == 'false') ? 1 : 0);
$body = unxmlify($xml->raw_message);
require_once('library/HTMLPurifier.auto.php');
require_once('include/html2bbcode.php');
$maxlen = get_max_import_size();
if($maxlen && (strlen($body) > $maxlen))
$body = substr($body,0, $maxlen);
if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) {
$body = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s',
'[youtube]$1[/youtube]', $body);
$body = preg_replace('#<iframe[^>].+?' . 'http://www.youtube.com/embed/([A-Za-z0-9\-_=]+).+?</iframe>#s',
'[youtube]$1[/youtube]', $body);
$body = oembed_html2bbcode($body);
$config = HTMLPurifier_Config::createDefault();
$config->set('Cache.DefinitionImpl', null);
$purifier = new HTMLPurifier($config);
$body = $purifier->purify($body);
$body = html2bbcode($body);
}
$body = diaspora2bb($xml->raw_message);
$datarray = array();
$datarray['uid'] = $importer['uid'];
@ -456,6 +455,7 @@ function diaspora_post($importer,$xml) {
$datarray['author-link'] = $contact['url'];
$datarray['author-avatar'] = $contact['thumb'];
$datarray['body'] = $body;
$datarray['app'] = 'Diaspora';
item_store($datarray);
@ -477,8 +477,10 @@ function diaspora_comment($importer,$xml,$msg) {
$text = $xml->text;
$contact = diaspora_get_contact_by_handle($importer['uid'],$msg['author']);
if(! $contact)
if(! $contact) {
logger('diaspora_comment: cannot find contact: ' . $msg['author']);
return;
}
if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) {
logger('diaspora_comment: Ignoring this author.');
@ -486,6 +488,15 @@ function diaspora_comment($importer,$xml,$msg) {
// NOTREACHED
}
$r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
intval($importer['uid']),
dbesc($guid)
);
if(count($r)) {
logger('diaspora_comment: our comment just got relayed back to us (or there was a guid collision) : ' . $guid);
return;
}
$r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
intval($importer['uid']),
dbesc($parent_guid)
@ -522,7 +533,7 @@ function diaspora_comment($importer,$xml,$msg) {
if($parent_author_signature) {
$owner_signed_data = $guid . ';' . $parent_guid . ';' . $text . ';' . $msg['author'];
$owner_signed_data = $guid . ';' . $parent_guid . ';' . $text . ';' . $diaspora_handle;
$parent_author_signature = base64_decode($parent_author_signature);
@ -536,32 +547,7 @@ function diaspora_comment($importer,$xml,$msg) {
// Phew! Everything checks out. Now create an item.
require_once('library/HTMLPurifier.auto.php');
require_once('include/html2bbcode.php');
$body = $text;
$maxlen = get_max_import_size();
if($maxlen && (strlen($body) > $maxlen))
$body = substr($body,0, $maxlen);
if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) {
$body = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s',
'[youtube]$1[/youtube]', $body);
$body = preg_replace('#<iframe[^>].+?' . 'http://www.youtube.com/embed/([A-Za-z0-9\-_=]+).+?</iframe>#s',
'[youtube]$1[/youtube]', $body);
$body = oembed_html2bbcode($body);
$config = HTMLPurifier_Config::createDefault();
$config->set('Cache.DefinitionImpl', null);
$purifier = new HTMLPurifier($config);
$body = $purifier->purify($body);
$body = html2bbcode($body);
}
$body = diaspora2bb($text);
$message_id = $diaspora_handle . ':' . $guid;
@ -586,6 +572,7 @@ function diaspora_comment($importer,$xml,$msg) {
$datarray['author-link'] = $person['url'];
$datarray['author-avatar'] = ((x($person,'thumb')) ? $person['thumb'] : $person['photo']);
$datarray['body'] = $body;
$datarray['app'] = 'Diaspora';
$message_id = item_store($datarray);
@ -596,13 +583,67 @@ function diaspora_comment($importer,$xml,$msg) {
dbesc(base64_encode($author_signature)),
dbesc($diaspora_handle)
);
// if the message isn't already being relayed, notify others
// the existence of parent_author_signature means the parent_author or owner
// is already relaying.
proc_run('php','include/notifier.php','comment',$message_id);
}
return;
}
function diaspora_photo($importer,$xml,$msg) {
$remote_photo_path = notags(unxmlify($xml->remote_photo_path));
$remote_photo_name = notags(unxmlify($xml->remote_photo_name));
$status_message_guid = notags(unxmlify($xml->status_message_guid));
$guid = notags(unxmlify($xml->guid));
$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
$public = notags(unxmlify($xml->public));
$created_at = notags(unxmlify($xml_created_at));
$contact = diaspora_get_contact_by_handle($importer['uid'],$msg['author']);
if(! $contact)
return;
if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) {
logger('diaspora_photo: Ignoring this author.');
http_status_exit(202);
// NOTREACHED
}
// notify others
return;
$r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
intval($importer['uid']),
dbesc($status_message_guid)
);
if(! count($r)) {
logger('diaspora_photo: parent item not found: parent: ' . $parent_guid . ' item: ' . $guid);
return;
}
$parent_item = $r[0];
$link_text = '[img]' . $remote_photo_path . $remote_photo_name . '[/img]' . "\n";
$r = q("update item set `body` = '%s' where `id` = %d and `uid` = %d limit 1",
dbesc($link_text . $parent_item['body']),
intval($parent_item['id']),
intval($parent_item['uid'])
);
return;
}
function diaspora_like($importer,$xml,$msg) {
$a = get_app();
@ -621,8 +662,10 @@ function diaspora_like($importer,$xml,$msg) {
return;
$contact = diaspora_get_contact_by_handle($importer['uid'],$msg['author']);
if(! $contact)
if(! $contact) {
logger('diaspora_like: cannot find contact: ' . $msg['author']);
return;
}
if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) {
logger('diaspora_like: Ignoring this author.');
@ -689,7 +732,8 @@ function diaspora_like($importer,$xml,$msg) {
}
if($parent_author_signature) {
$owner_signed_data = $guid . ';' . $parent_guid . ';' . $target_type . ';' . $positive . ';' . $msg['author'];
// $owner_signed_data = $guid . ';' . $parent_guid . ';' . $target_type . ';' . $positive . ';' . $msg['author'];
$owner_signed_data = $guid . ';' . $parent_guid . ';' . $target_type . ';' . $positive . ';' . $diaspora_handle;
$parent_author_signature = base64_decode($parent_author_signature);
@ -749,6 +793,8 @@ EOT;
$plink = '[url=' . $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $parent_item['id'] . ']' . $post_type . '[/url]';
$arr['body'] = sprintf( $bodyverb, $ulink, $alink, $plink );
$arr['app'] = 'Diaspora';
$arr['private'] = $parent_item['private'];
$arr['verb'] = $activity;
$arr['object-type'] = $objtype;
@ -768,7 +814,12 @@ EOT;
);
}
// FIXME send notification
// if the message isn't already being relayed, notify others
// the existence of parent_author_signature means the parent_author or owner
// is already relaying.
if(! $parent_author_signature)
proc_run('php','include/notifier.php','comment',$message_id);
return;
}
@ -777,19 +828,32 @@ function diaspora_retraction($importer,$xml) {
$guid = notags(unxmlify($xml->guid));
$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
$type = notags(unxmlify($xml->type));
$contact = diaspora_get_contact_by_handle($importer['uid'],$diaspora_handle);
if(! $contact)
return;
// if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) {
// logger('diaspora_retraction: Ignoring this author.');
// http_status_exit(202);
// // NOTREACHED
// }
if($type === 'Person') {
contact_remove($contact['id']);
}
elseif($type === 'Post') {
$r = q("select * from item where guid = '%s' and uid = %d limit 1",
dbesc('guid'),
intval($importer['uid'])
);
if(count($r)) {
if(link_compare($r[0]['author-link'],$contact['url'])) {
q("update item set `deleted` = 1, `changed` = '%s' where `id` = %d limit 1",
dbesc(datetime_convert()),
intval($r[0]['id'])
);
}
}
}
http_exit_status(202);
// NOTREACHED
}
function diaspora_share($me,$contact) {
@ -805,24 +869,59 @@ function diaspora_share($me,$contact) {
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$me,$contact,$me['prvkey'],$contact['pubkey'])));
post_url($contact['notify'] . '/',$slap);
$return_code = $a->get_curl_code();
logger('diaspora_send_share: returns: ' . $return_code);
return $return_code;
return(diaspora_transmit($owner,$contact,$slap));
}
function diaspora_unshare($me,$contact) {
$a = get_app();
$myaddr = $me['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
$tpl = get_markup_template('diaspora_retract.tpl');
$msg = replace_macros($tpl, array(
'$guid' => $me['guid'],
'$type' => 'Person',
'$handle' => $myaddr
));
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$me,$contact,$me['prvkey'],$contact['pubkey'])));
return(diaspora_transmit($owner,$contact,$slap));
}
function diaspora_send_status($item,$owner,$contact) {
$a = get_app();
$myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
$theiraddr = $contact['addr'];
require_once('include/bbcode.php');
$body = xmlify(bbcode($item['body']));
$images = array();
$body = $item['body'];
$cnt = preg_match_all('|\[img\](.*?)\[\/img\]|',$body,$matches,PREG_SET_ORDER);
if($cnt) {
foreach($matches as $mtch) {
$detail = array();
$detail['str'] = $mtch[0];
$detail['path'] = dirname($mtch[1]) . '/';
$detail['file'] = basename($mtch[1]);
$detail['guid'] = $item['guid'];
$detail['handle'] = $myaddr;
$images[] = $detail;
$body = str_replace($detail['str'],t('link'),$body);
}
}
$body = xmlify(html_entity_decode(bb2diaspora($body)));
$public = (($item['private']) ? 'false' : 'true');
require_once('include/datetime.php');
$created = datetime_convert('UTC','UTC',$item['created'],'Y-m-d h:i:s \U\T\C');
$created = datetime_convert('UTC','UTC',$item['created'],'Y-m-d H:i:s \U\T\C');
$tpl = get_markup_template('diaspora_post.tpl');
$msg = replace_macros($tpl, array(
@ -833,17 +932,59 @@ function diaspora_send_status($item,$owner,$contact) {
'$created' => $created
));
logger('diaspora_send_status: base message: ' . $msg, LOGGER_DATA);
logger('diaspora_send_status: ' . $owner['username'] . ' -> ' . $contact['name'] . ' base message: ' . $msg, LOGGER_DATA);
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'])));
post_url($contact['notify'] . '/',$slap);
$return_code = $a->get_curl_code();
logger('diaspora_send_status: returns: ' . $return_code);
$return_code = diaspora_transmit($owner,$contact,$slap);
if(count($images)) {
diaspora_send_images($item,$owner,$contact,$images);
}
return $return_code;
}
function diaspora_send_images($item,$owner,$contact,$images) {
$a = get_app();
if(! count($images))
return;
$mysite = substr($a->get_baseurl(),strpos($a->get_baseurl(),'://') + 3) . '/photo';
$tpl = get_markup_template('diaspora_photo.tpl');
foreach($images as $image) {
if(! stristr($image['path'],$mysite))
continue;
$resource = str_replace('.jpg','',$image['file']);
$resource = substr($resource,0,strpos($resource,'-'));
$r = q("select * from photo where `resource-id` = '%s' and `uid` = %d limit 1",
dbesc($resource),
intval($owner['uid'])
);
if(! count($r))
continue;
$public = (($r[0]['allow_cid'] || $r[0]['allow_gid'] || $r[0]['deny_cid'] || $r[0]['deny_gid']) ? 'false' : 'true' );
$msg = replace_macros($tpl,array(
'$path' => xmlify($image['path']),
'$filename' => xmlify($image['file']),
'$msg_guid' => xmlify($image['guid']),
'$guid' => xmlify($r[0]['guid']),
'$handle' => xmlify($image['handle']),
'$public' => xmlify($public),
'$created_at' => xmlify(datetime_convert('UTC','UTC',$r[0]['created'],'Y-m-d H:i:s \U\T\C'))
));
logger('diaspora_send_photo: base message: ' . $msg, LOGGER_DATA);
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'])));
diaspora_transmit($owner,$contact,$slap);
}
}
function diaspora_send_followup($item,$owner,$contact) {
$a = get_app();
@ -869,16 +1010,16 @@ function diaspora_send_followup($item,$owner,$contact) {
$like = false;
}
$text = bbcode($item['body']);
$text = html_entity_decode(bb2diaspora($item['body']));
// sign it
if($like)
$signed_text = $item['guid'] . ';' . $target_type . ';' . $positive . ';' . $myaddr;
$signed_text = $item['guid'] . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $myaddr;
else
$signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $myaddr;
$authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey']),'sha');
$authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha'));
$msg = replace_macros($tpl,array(
'$guid' => xmlify($item['guid']),
@ -894,11 +1035,7 @@ function diaspora_send_followup($item,$owner,$contact) {
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'])));
post_url($contact['notify'] . '/',$slap);
$return_code = $a->get_curl_code();
logger('diaspora_send_followup: returns: ' . $return_code);
return $return_code;
return(diaspora_transmit($owner,$contact,$slap));
}
@ -918,14 +1055,6 @@ function diaspora_send_relay($item,$owner,$contact) {
else
return;
// fetch the original signature
$r = q("select * from sign where iid = %d limit 1",
intval($item['id'])
);
if(! count($r))
return;
$orig_sign = $r[0];
if($item['verb'] === ACTIVITY_LIKE) {
$tpl = get_markup_template('diaspora_like_relay.tpl');
$like = true;
@ -937,15 +1066,60 @@ function diaspora_send_relay($item,$owner,$contact) {
$like = false;
}
$text = bbcode($item['body']);
$body = $item['body'];
$text = html_entity_decode(bb2diaspora($body));
// fetch the original signature if somebody sent the post to us to relay
// If we are relaying for a reply originating on our own account, there wasn't a 'send to relay'
// action. It wasn't needed. In that case create the original signature and the
// owner (parent author) signature
// comments from other networks will be relayed under our name, with a brief
// preamble to describe what's happening and noting the real author
$r = q("select * from sign where iid = %d limit 1",
intval($item['id'])
);
if(count($r)) {
$orig_sign = $r[0];
$signed_text = $orig_sign['signed_text'];
$authorsig = $orig_sign['signature'];
$handle = $orig_sign['signer'];
}
else {
$itemcontact = q("select * from contact where `id` = %d limit 1",
intval($item['contact-id'])
);
if(count($itemcontact)) {
if(! $itemcontact[0]['self']) {
$prefix = sprintf( t('[Relayed] Comment authored by %s from network %s'),
'['. $item['author-name'] . ']' . '(' . $item['author-link'] . ')',
network_to_name($itemcontact['network'])) . "\n";
$body = $prefix . $body;
}
}
else {
if($like)
$signed_text = $item['guid'] . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $myaddr;
else
$signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $myaddr;
$authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha'));
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($item['id']),
dbesc($signed_text),
dbesc(base64_encode($authorsig)),
dbesc($myaddr)
);
$handle = $myaddr;
}
}
// sign it
if($like)
$parent_signed_text = $orig_sign['signed_text'];
else
$parent_signed_text = $orig_sign['signed_text'];
$parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha'));
$msg = replace_macros($tpl,array(
@ -954,26 +1128,16 @@ function diaspora_send_relay($item,$owner,$contact) {
'$target_type' =>xmlify($target_type),
'$authorsig' => xmlify($orig_sign['signature']),
'$parentsig' => xmlify($parentauthorsig),
'$text' => xmlify($text),
'$body' => xmlify($text),
'$positive' => xmlify($positive),
'$diaspora_handle' => xmlify($myaddr)
'$handle' => xmlify($handle)
));
// fetch the original signature
$r = q("select * from sign where iid = %d limit 1",
intval($item['id'])
);
if(! count($r))
return;
logger('diaspora_relay_comment: base message: ' . $msg, LOGGER_DATA);
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'])));
post_url($contact['notify'] . '/',$slap);
$return_code = $a->get_curl_code();
logger('diaspora_send_relay: returns: ' . $return_code);
return $return_code;
return(diaspora_transmit($owner,$contact,$slap));
}
@ -981,8 +1145,42 @@ function diaspora_send_relay($item,$owner,$contact) {
function diaspora_send_retraction($item,$owner,$contact) {
$a = get_app();
$myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
$tpl = get_markup_template('diaspora_retract.tpl');
$msg = replace_macros($tpl, array(
'$guid' => $item['guid'],
'$type' => 'Post',
'$handle' => $myaddr
));
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'])));
return(diaspora_transmit($owner,$contact,$slap));
}
function diaspora_transmit($owner,$contact,$slap) {
}
$a = get_app();
post_url($contact['notify'] . '/',$slap);
$return_code = $a->get_curl_code();
logger('diaspora_transmit: returns: ' . $return_code);
if(! $return_code) {
logger('diaspora_transmit: queue message');
// queue message for redelivery
q("INSERT INTO `queue` ( `cid`, `created`, `last`, `content`)
VALUES ( %d, '%s', '%s', '%s') ",
intval($contact['id']),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc($slap)
);
}
return(($return_code) ? $return_code : (-1));
}

5
include/group.php
View file

@ -124,9 +124,10 @@ function group_public_members($gid) {
$r = q("SELECT `contact`.`id` AS `contact-id` FROM `group_member`
LEFT JOIN `contact` ON `contact`.`id` = `group_member`.`contact-id`
WHERE `gid` = %d AND `group_member`.`uid` = %d
AND `contact`.`network` != 'dfrn' AND `contact`.`network` != 'mail' AND `contact`.`network` != 'face' ",
AND ( `contact`.`network` = '%s' OR `contact`.`notify` = '' )",
intval($gid),
intval(local_user())
intval(local_user()),
dbesc(NETWORK_OSTATUS)
);
if(count($r))
$ret = count($r);

77
include/items.php
View file

@ -12,6 +12,18 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
if(! strlen($owner_nick))
killme();
$public_feed = (($dfrn_id) ? false : true);
$starred = false;
$converse = false;
if($public_feed && $a->argc > 2) {
for($x = 2; $x < $a->argc; $x++) {
if($a->argv[$x] == 'converse')
$converse = true;
}
}
$sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' ";
$r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone`
@ -29,7 +41,7 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
$birthday = feed_birthday($owner_id,$owner['timezone']);
if(strlen($dfrn_id)) {
if(! $public_feed) {
$sql_extra = '';
switch($direction) {
@ -81,7 +93,7 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
);
}
if($dfrn_id === '' || $dfrn_id === '*')
if($public_feed)
$sort = 'DESC';
else
$sort = 'ASC';
@ -89,14 +101,21 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
if(! strlen($last_update))
$last_update = 'now -30 days';
if($public_feed) {
if(! $converse)
$sql_extra .= " AND `contact`.`self` = 1 ";
}
$check_date = datetime_convert('UTC','UTC',$last_update,'Y-m-d H:i:s');
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`,
`contact`.`name-date`, `contact`.`uri-date`, `contact`.`avatar-date`,
`contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `contact-id`, `contact`.`uid` AS `contact-uid`
`contact`.`id` AS `contact-id`, `contact`.`uid` AS `contact-uid`,
`sign`.`signed_text`, `sign`.`signature`, `sign`.`signer`
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`parent` != 0
AND `item`.`wall` = 1 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
AND ( `item`.`edited` > '%s' OR `item`.`changed` > '%s' )
@ -152,7 +171,7 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
// public feeds get html, our own nodes use bbcode
if($dfrn_id === '') {
if($public_feed) {
$type = 'html';
// catch any email that's in a public conversation and make sure it doesn't leak
if($item['private'])
@ -346,6 +365,18 @@ function get_atom_elements($feed,$item) {
$res['app'] = 'OStatus';
}
// base64 encoded json structure representing Diaspora signature
$dsig = $item->get_item_tags(NAMESPACE_DFRN,'diaspora_signature');
if($dsig) {
$res['dsprsig'] = unxmlify($dsig[0]['data']);
}
$dguid = $item->get_item_tags(NAMESPACE_DFRN,'diaspora_guid');
if($dguid)
$res['guid'] = unxmlify($dguid[0]['data']);
/**
* If there's a copy of the body content which is guaranteed to have survived mangling in transit, use it.
*/
@ -642,6 +673,15 @@ function encode_rel_links($links) {
function item_store($arr,$force_parent = false) {
// If a Diaspora signature structure was passed in, pull it out of the
// item array and set it aside for later storage.
$dsprsig = null;
if(x($arr,'dsprsig')) {
$dsprsig = json_decode(base64_decode($arr['dsprsig']));
unset($arr['dsprsig']);
}
if($arr['gravity'])
$arr['gravity'] = intval($arr['gravity']);
elseif($arr['parent-uri'] == $arr['uri'])
@ -818,6 +858,16 @@ function item_store($arr,$force_parent = false) {
intval($current_post)
);
if($dsprsig) {
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($current_post),
dbesc($dsprsig->signed_text),
dbesc($dsprsig->signature),
dbesc($dsprsig->signer)
);
}
/**
* If this is now the last-child, force all _other_ children of this parent to *not* be last-child
*/
@ -877,7 +927,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
if(! $curl_stat)
return(-1); // timed out
logger('dfrn_deliver: ' . $xml);
logger('dfrn_deliver: ' . $xml, LOGGER_DATA);
if(! $xml)
return 3;
@ -941,7 +991,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
$key = substr(random_string(),0,16);
$data = bin2hex(aes_encrypt($postvars['data'],$key));
$postvars['data'] = $data;
logger('rino: sent key = ' . $key);
logger('rino: sent key = ' . $key, LOGGER_DEBUG);
if($dfrn_version >= 2.1) {
@ -1556,7 +1606,7 @@ function subscribe_to_hub($url,$importer,$contact) {
intval($importer['uid'])
);
}
if(! count($r))
if((! count($r)) || $contact['network'] === NETWORK_DIASPORA)
return;
$push_url = get_config('system','url') . '/pubsub/' . $r[0]['nickname'] . '/' . $contact['id'];
@ -1653,10 +1703,19 @@ function atom_entry($item,$type,$author,$owner,$comment = false) {
$o .= '<dfrn:private>1</dfrn:private>' . "\r\n";
if($item['extid'])
$o .= '<dfrn:extid>' . $item['extid'] . '</dfrn:extid>' . "\r\n";
$o .= '<dfrn:extid>' . xmlify($item['extid']) . '</dfrn:extid>' . "\r\n";
if($item['app'])
$o .= '<statusnet:notice_info local_id="' . $item['id'] . '" source="' . $item['app'] . '" ></statusnet:notice_info>';
$o .= '<statusnet:notice_info local_id="' . $item['id'] . '" source="' . xmlify($item['app']) . '" ></statusnet:notice_info>' . "\r\n";
if($item['guid'])
$o .= '<dfrn:diaspora_guid>' . $item['guid'] . '</dfrn:diaspora_guid>' . "\r\n";
if($item['signed_text']) {
$sign = base64_encode(json_encode(array('signed_text' => $item['signed_text'],'signature' => $item['signature'],'signer' => $item['signer'])));
$o .= '<dfrn:diaspora_signature>' . xmlify($sign) . '</dfrn:diaspora_signature>' . "\r\n";
}
$verb = construct_verb($item);
$o .= '<as:verb>' . xmlify($verb) . '</as:verb>' . "\r\n";
$actobj = construct_activity_object($item);

32
include/network.php
View file

@ -9,37 +9,37 @@ function fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0) {
$a = get_app();
$ch = curl_init($url);
$ch = @curl_init($url);
if(($redirects > 8) || (! $ch))
return false;
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch, CURLOPT_USERAGENT, "Friendika");
@curl_setopt($ch, CURLOPT_HEADER, true);
@curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
@curl_setopt($ch, CURLOPT_USERAGENT, "Friendika");
if(intval($timeout)) {
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
@curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
}
else {
$curl_time = intval(get_config('system','curl_timeout'));
curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60));
@curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60));
}
// by default we will allow self-signed certs
// but you can override this
$check_cert = get_config('system','verifyssl');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
@curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
$prx = get_config('system','proxy');
if(strlen($prx)) {
curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
curl_setopt($ch, CURLOPT_PROXY, $prx);
$prxusr = get_config('system','proxyuser');
@curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
@curl_setopt($ch, CURLOPT_PROXY, $prx);
$prxusr = @get_config('system','proxyuser');
if(strlen($prxusr))
curl_setopt($ch, CURLOPT_PROXYUSERPWD, $prxusr);
@curl_setopt($ch, CURLOPT_PROXYUSERPWD, $prxusr);
}
if($binary)
curl_setopt($ch, CURLOPT_BINARYTRANSFER,1);
@curl_setopt($ch, CURLOPT_BINARYTRANSFER,1);
$a->set_curl_code(0);
@ -49,7 +49,7 @@ function fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0) {
$s = @curl_exec($ch);
$base = $s;
$curl_info = curl_getinfo($ch);
$curl_info = @curl_getinfo($ch);
$http_code = $curl_info['http_code'];
$header = '';
@ -80,7 +80,7 @@ function fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0) {
$a->set_curl_headers($header);
curl_close($ch);
@curl_close($ch);
return($body);
}}
@ -508,7 +508,7 @@ function fetch_xrd_links($url) {
$xrd_timeout = intval(get_config('system','xrd_timeout'));
$redirects = 0;
$xml = fetch_url($url,false,$redirects,(($xrd_timeout) ? $xrd_timeout : 30));
$xml = fetch_url($url,false,$redirects,(($xrd_timeout) ? $xrd_timeout : 20));
logger('fetch_xrd_links: ' . $xml, LOGGER_DATA);
@ -536,7 +536,7 @@ function fetch_xrd_links($url) {
$aliases = array($alias);
else
$aliases = $alias;
if($aliases && count($aliases)) {
if(is_array($aliases) && count($aliases)) {
foreach($aliases as $alias) {
$links[]['@attributes'] = array('rel' => 'alias' , 'href' => $alias);
}

200
include/notifier.php
View file

@ -1,4 +1,5 @@
<?php
require_once("boot.php");
function notifier_run($argv, $argc){
@ -35,7 +36,6 @@ function notifier_run($argv, $argc){
$cmd = $argv[1];
switch($cmd) {
case 'mail':
default:
$item_id = intval($argv[2]);
@ -46,6 +46,8 @@ function notifier_run($argv, $argc){
}
$expire = false;
$mail = false;
$fsuggest = false;
$top_level = false;
$recipients = array();
$url_recipients = array();
@ -54,6 +56,7 @@ function notifier_run($argv, $argc){
if($cmd === 'mail') {
$normal_mode = false;
$mail = true;
$message = q("SELECT * FROM `mail` WHERE `id` = %d LIMIT 1",
intval($item_id)
);
@ -79,6 +82,8 @@ function notifier_run($argv, $argc){
}
elseif($cmd === 'suggest') {
$normal_mode = false;
$fsuggest = true;
$suggest = q("SELECT * FROM `fsuggest` WHERE `id` = %d LIMIT 1",
intval($item_id)
);
@ -104,7 +109,8 @@ function notifier_run($argv, $argc){
$uid = $r[0]['uid'];
$updated = $r[0]['edited'];
$items = q("SELECT * FROM `item` WHERE `parent` = %d ORDER BY `id` ASC",
$items = q("SELECT `item`.*, `sign`.`signed_text`,`sign`.`signature`,`sign`.`signer`
FROM `item` LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id` WHERE `parent` = %d ORDER BY `id` ASC",
intval($parent_id)
);
@ -119,8 +125,10 @@ function notifier_run($argv, $argc){
$item['deleted'] = 1;
}
if(count($items) == 1 && $items[0]['uri'] === $items[0]['parent-uri'])
if((count($items) == 1) && ($items[0]['uri'] === $items[0]['parent-uri'])) {
logger('notifier: top level post');
$top_level = true;
}
}
$r = q("SELECT `contact`.*, `user`.`pubkey` AS `upubkey`, `user`.`prvkey` AS `uprvkey`,
@ -139,21 +147,51 @@ function notifier_run($argv, $argc){
$hub = get_config('system','huburl');
// If this is a public conversation, notify the feed hub
$notify_hub = true;
$public_message = true;
// fill this in with a single salmon slap if applicable
$slap = '';
if($cmd != 'mail' && $cmd != 'suggest') {
if(! ($mail || $fsuggest)) {
require_once('include/group.php');
$parent = $items[0];
if($parent['wall'] == 0 && (! $expire)) {
// This is IMPORTANT!!!!
// We will only send a "notify owner to relay" or followup message if the referenced post
// originated on our system by virtue of having our hostname somewhere
// in the URI, AND it was a comment (not top_level) AND the parent originated elsewhere.
// if $parent['wall'] == 1 we will already have the parent message in our array
// and we will relay the whole lot.
// expire sends an entire group of expire messages and cannot be forwarded.
// However the conversation owner will be a part of the conversation and will
// be notified during this run.
// Other DFRN conversation members will be alerted during polled updates.
// Diaspora members currently are not notified of expirations, and other networks have
// either limited or no ability to process deletions. We should at least fix Diaspora
// by stringing togther an array of retractions and sending them onward.
$localhost = $a->get_hostname();
if(strpos($localhost,':'))
$localhost = substr($localhost,0,strpos($localhost,':'));
/**
*
* Be VERY CAREFUL if you make any changes to the following line. Seemingly innocuous changes
* have been known to cause runaway conditions which affected several servers, along with
* permissions issues.
*
*/
if((! $top_level) && ($parent['wall'] == 0) && (! $expire) && (stristr($target_item['uri'],$localhost))) {
// local followup to remote post
$followup = true;
$notify_hub = false; // not public
$public_message = false; // not public
$conversant_str = dbesc($parent['contact-id']);
}
else {
@ -163,7 +201,7 @@ function notifier_run($argv, $argc){
|| (strlen($parent['allow_gid']))
|| (strlen($parent['deny_cid']))
|| (strlen($parent['deny_gid']))) {
$notify_hub = false; // private recipients, not public
$public_message = false; // private recipients, not public
}
$allow_people = expand_acl($parent['allow_cid']);
@ -177,7 +215,7 @@ function notifier_run($argv, $argc){
$recipients[] = $item['contact-id'];
$conversants[] = $item['contact-id'];
// pull out additional tagged people to notify (if public message)
if($notify_hub && strlen($item['inform'])) {
if($public_message && strlen($item['inform'])) {
$people = explode(',',$item['inform']);
foreach($people as $person) {
if(substr($person,0,4) === 'cid:') {
@ -205,7 +243,6 @@ function notifier_run($argv, $argc){
$r = q("SELECT * FROM `contact` WHERE `id` IN ( $conversant_str ) AND `blocked` = 0 AND `pending` = 0");
if(count($r))
$contacts = $r;
}
@ -240,8 +277,8 @@ function notifier_run($argv, $argc){
'$birthday' => $birthday
));
if($cmd === 'mail') {
$notify_hub = false; // mail is not public
if($mail) {
$public_message = false; // mail is not public
$body = fix_private_photos($item['body'],$owner['uid']);
@ -256,8 +293,8 @@ function notifier_run($argv, $argc){
'$parent_id' => xmlify($item['parent-uri'])
));
}
elseif($cmd === 'suggest') {
$notify_hub = false; // suggestions are not public
elseif($fsuggest) {
$public_message = false; // suggestions are not public
$sugg_template = get_markup_template('atom_suggest.tpl');
@ -296,7 +333,7 @@ function notifier_run($argv, $argc){
// private emails may be in included in public conversations. Filter them.
if(($notify_hub) && $item['private'])
if(($public_message) && $item['private'])
continue;
$contact = get_item_contact($item,$contacts);
@ -305,7 +342,7 @@ function notifier_run($argv, $argc){
$atom .= atom_entry($item,'text',$contact,$owner,true);
if(($top_level) && ($notify_hub) && ($item['author-link'] === $item['owner-link']) && (! $expire))
if(($top_level) && ($public_message) && ($item['author-link'] === $item['owner-link']) && (! $expire))
$slaps[] = atom_entry($item,'html',$contact,$owner,true);
}
}
@ -344,17 +381,43 @@ function notifier_run($argv, $argc){
dbesc($recip_str)
);
// delivery loop
require_once('include/salmon.php');
$interval = ((get_config('system','delivery_interval') === false) ? 2 : intval(get_config('system','delivery_interval')));
// delivery loop
if(count($r)) {
foreach($r as $contact) {
if((! $mail) && (! $fsuggest) && (! $followup) && (! $contact['self'])) {
q("insert into deliverq ( `cmd`,`item`,`contact` ) values ('%s', %d, %d )",
dbesc($cmd),
intval($item_id),
intval($contact['id'])
);
}
}
foreach($r as $contact) {
if($contact['self'])
continue;
// potentially more than one recipient. Start a new process and space them out a bit.
// we will deliver single recipient types of message and email receipients here.
if((! $mail) && (! $fsuggest) && (! $followup)) {
proc_run('php','include/delivery.php',$cmd,$item_id,$contact['id']);
if($interval)
@time_sleep_until(microtime(true) + (float) $interval);
continue;
}
$deliver_status = 0;
logger("main delivery by notifier: followup=$followup mail=$mail fsuggest=$fsuggest");
switch($contact['network']) {
case NETWORK_DFRN:
logger('notifier: dfrndelivery: ' . $contact['name']);
@ -403,7 +466,7 @@ function notifier_run($argv, $argc){
// only send salmon if public - e.g. if it's ok to notify
// a public hub, it's ok to send a salmon
if((count($slaps)) && ($notify_hub) && (! $expire)) {
if((count($slaps)) && ($public_message) && (! $expire)) {
logger('notifier: slapdelivery: ' . $contact['name']);
foreach($slaps as $slappy) {
if($contact['notify']) {
@ -505,12 +568,15 @@ function notifier_run($argv, $argc){
require_once('include/diaspora.php');
if(get_config('system','dfrn_only') || (! get_config('system','diaspora_enabled')) || (! $normal_mode))
break;
if(! $contact['pubkey'])
break;
if($target_item['verb'] === ACTIVITY_DISLIKE) {
// unsupported
break;
}
elseif($target_item['deleted'] && (! $parent_item['verb'] === ACTIVITY_LIKE)) {
elseif(($target_item['deleted']) && ($target_item['verb'] !== ACTIVITY_LIKE)) {
// diaspora delete,
diaspora_send_retraction($target_item,$owner,$contact);
break;
@ -544,7 +610,7 @@ function notifier_run($argv, $argc){
// send additional slaps to mentioned remote tags (@foo@example.com)
if($slap && count($url_recipients) && ($followup || $top_level) && $notify_hub && (! $expire)) {
if($slap && count($url_recipients) && ($followup || $top_level) && $public_message && (! $expire)) {
if(! get_config('system','dfrn_only')) {
foreach($url_recipients as $url) {
if($url) {
@ -556,72 +622,68 @@ function notifier_run($argv, $argc){
}
}
if((strlen($hub)) && ($notify_hub)) {
$hubs = explode(',', $hub);
if(count($hubs)) {
foreach($hubs as $h) {
$h = trim($h);
if(! strlen($h))
continue;
$params = 'hub.mode=publish&hub.url=' . urlencode($a->get_baseurl() . '/dfrn_poll/' . $owner['nickname'] );
post_url($h,$params);
logger('pubsub: publish: ' . $h . ' ' . $params . ' returned ' . $a->get_curl_code());
if(count($hubs) > 1)
sleep(7); // try and avoid multiple hubs responding at precisely the same time
}
}
}
if($notify_hub) {
/**
*
* If you have less than 999 dfrn friends and it's a public message,
* we'll just go ahead and push them out securely with dfrn/rino.
* If you've got more than that, you'll have to rely on PuSH delivery.
*
*/
$max_allowed = ((get_config('system','maxpubdeliver') === false) ? 999 : intval(get_config('system','maxpubdeliver')));
/**
*
* Only get the bare essentials and go back for the full record.
* If you've got a lot of friends and we grab all the details at once it could exhaust memory.
*
*/
if($public_message) {
$r = q("SELECT `id`, `name` FROM `contact`
WHERE `network` = '%s' AND `uid` = %d AND `blocked` = 0 AND `pending` = 0
AND `rel` != %d ",
WHERE `network` in ('%s','%s') AND `uid` = %d AND `blocked` = 0 AND `pending` = 0
AND `rel` != %d order by rand() ",
dbesc(NETWORK_DFRN),
dbesc(NETWORK_DIASPORA),
intval($owner['uid']),
intval(CONTACT_IS_SHARING)
);
if((count($r)) && (($max_allowed == 0) || (count($r) < $max_allowed))) {
if(count($r)) {
logger('pubdeliver: ' . print_r($r,true));
// throw everything into the queue in case we get killed
foreach($r as $rr) {
if((! $mail) && (! $fsuggest) && (! $followup)) {
q("insert into deliverq ( `cmd`,`item`,`contact` ) values ('%s', %d, %d )",
dbesc($cmd),
intval($item_id),
intval($rr['id'])
);
}
}
foreach($r as $rr) {
/* Don't deliver to folks who have already been delivered to */
if(! in_array($rr['id'], $conversants)) {
$n = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1",
intval($rr['id'])
);
if(count($n)) {
logger('notifier: dfrnpubdelivery: ' . $n[0]['name']);
$deliver_status = dfrn_deliver($owner,$n[0],$atom);
}
if(in_array($rr['id'],$conversants)) {
logger('notifier: already delivered id=' . $rr['id']);
continue;
}
if((! $mail) && (! $fsuggest) && (! $followup)) {
logger('notifier: delivery agent: ' . $rr['name'] . ' ' . $rr['id']);
proc_run('php','include/delivery.php',$cmd,$item_id,$rr['id']);
if($interval)
@time_sleep_until(microtime(true) + (float) $interval);
}
else
logger('notifier: dfrnpubdelivery: ignoring ' . $rr['name']);
}
}
if(strlen($hub)) {
$hubs = explode(',', $hub);
if(count($hubs)) {
foreach($hubs as $h) {
$h = trim($h);
if(! strlen($h))
continue;
$params = 'hub.mode=publish&hub.url=' . urlencode($a->get_baseurl() . '/dfrn_poll/' . $owner['nickname'] );
post_url($h,$params);
logger('pubsub: publish: ' . $h . ' ' . $params . ' returned ' . $a->get_curl_code());
if(count($hubs) > 1)
sleep(7); // try and avoid multiple hubs responding at precisely the same time
}
}
}
}
return;

8
include/poller.php
View file

@ -82,12 +82,18 @@ function poller_run($argv, $argc){
if(! $restart)
proc_run('php','include/cronhooks.php');
// Only poll from those with suitable relationships,
// and which have a polling address and ignore Diaspora since
// we are unable to match those posts with a Diaspora GUID and prevent duplicates.
$contacts = q("SELECT `id` FROM `contact`
WHERE ( `rel` = %d OR `rel` = %d ) AND `poll` != ''
AND `network` != '%s'
$sql_extra
AND `self` = 0 AND `blocked` = 0 AND `readonly` = 0 ORDER BY RAND()",
intval(CONTACT_IS_SHARING),
intval(CONTACT_IS_FRIEND)
intval(CONTACT_IS_FRIEND),
dbesc(NETWORK_DIASPORA)
);
if(! count($contacts)) {

76
include/queue.php
View file

@ -3,18 +3,18 @@ require_once("boot.php");
require_once('include/queue_fn.php');
function queue_run($argv, $argc){
global $a, $db;
global $a, $db;
if(is_null($a)){
$a = new App;
}
if(is_null($a)){
$a = new App;
}
if(is_null($db)){
@include(".htconfig.php");
require_once("dba.php");
$db = new dba($db_host, $db_user, $db_pass, $db_data);
unset($db_host, $db_user, $db_pass, $db_data);
};
if(is_null($db)){
@include(".htconfig.php");
require_once("dba.php");
$db = new dba($db_host, $db_user, $db_pass, $db_data);
unset($db_host, $db_user, $db_pass, $db_data);
};
require_once("session.php");
@ -29,10 +29,27 @@ function queue_run($argv, $argc){
load_hooks();
if($argc > 1)
$queue_id = intval($argv[1]);
else
$queue_id = 0;
$deadguys = array();
logger('queue: start');
$interval = ((get_config('system','delivery_interval') === false) ? 2 : intval(get_config('system','delivery_interval')));
$r = q("select * from deliverq where 1");
if(count($r)) {
foreach($r as $rr) {
logger('queue: deliverq');
proc_run('php','include/delivery.php',$rr['cmd'],$rr['item'],$rr['contact']);
if($interval)
@time_sleep_until(microtime(true) + (float) $interval);
}
}
$r = q("SELECT `queue`.*, `contact`.`name`, `contact`.`uid` FROM `queue`
LEFT JOIN `contact` ON `queue`.`cid` = `contact`.`id`
WHERE `queue`.`created` < UTC_TIMESTAMP() - INTERVAL 3 DAY");
@ -44,27 +61,41 @@ function queue_run($argv, $argc){
q("DELETE FROM `queue` WHERE `created` < UTC_TIMESTAMP() - INTERVAL 3 DAY");
}
$r = q("SELECT `id` FROM `queue` WHERE `last` < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ");
if($queue_id)
$r = q("SELECT `id` FROM `queue` WHERE `id` = %d LIMIT 1",
intval($queue_id)
);
else
$r = q("SELECT `id` FROM `queue` WHERE `last` < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ");
if(! count($r)){
return;
}
call_hooks('queue_predeliver', $a, $r);
if(! $queue_id)
call_hooks('queue_predeliver', $a, $r);
// delivery loop
require_once('include/salmon.php');
require_once('include/diaspora.php');
foreach($r as $q_item) {
// queue_predeliver hooks may have changed the queue db details,
// so check again if this entry still needs processing
$qi = q("SELECT * FROM `queue` WHERE `id` = %d AND `last` < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ",
intval($q_item['id'])
);
if($queue_id) {
$qi = q("select * from queue where `id` = %d limit 1",
intval($queue_id)
);
}
else {
$qi = q("SELECT * FROM `queue` WHERE `id` = %d AND `last` < UTC_TIMESTAMP() - INTERVAL 15 MINUTE ",
intval($q_item['id'])
);
}
if(! count($qi))
continue;
@ -82,7 +113,8 @@ function queue_run($argv, $argc){
continue;
}
$u = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
$u = q("SELECT `user`.*, `user`.`pubkey` AS `upubkey`, `user`.`prvkey` AS `uprvkey`
FROM `user` WHERE `uid` = %d LIMIT 1",
intval($c[0]['uid'])
);
if(! count($u)) {
@ -120,6 +152,18 @@ function queue_run($argv, $argc){
remove_queue_item($q_item['id']);
}
break;
case NETWORK_DIASPORA:
if($contact['notify']) {
logger('queue: diaspora_delivery: item ' . $q_item['id'] . ' for ' . $contact['name']);
$deliver_status = diaspora_transmit($owner,$contact,$data);
if($deliver_status == (-1))
update_queue_time($q_item['id']);
else
remove_queue_item($q_item['id']);
}
break;
default:
$params = array('owner' => $owner, 'contact' => $contact, 'queue' => $q_item, 'result' => false);
call_hooks('queue_deliver', $a, $params);

13
include/salmon.php
View file

@ -73,6 +73,13 @@ function slapper($owner,$url,$slap) {
if(! strlen($url))
return;
if(! $owner['sprvkey']) {
logger(sprintf("slapper: user '%s' (%d) does not have a salmon private key. Send failed.",
$owner['username'],$owner['uid']));
return;
}
// add all namespaces to item
$namespaces = <<< EOT
@ -102,11 +109,11 @@ EOT;
$precomputed = '.YXBwbGljYXRpb24vYXRvbSt4bWw=.YmFzZTY0dXJs.UlNBLVNIQTI1Ng==';
$signature = base64url_encode(rsa_sign(str_replace('=','',$data . $precomputed),true),$owner['sprvkey']);
$signature = base64url_encode(rsa_sign(str_replace('=','',$data . $precomputed),$owner['sprvkey']));
$signature2 = base64url_encode(rsa_sign($data . $precomputed),$owner['sprvkey']);
$signature2 = base64url_encode(rsa_sign($data . $precomputed,$owner['sprvkey']));
$signature3 = base64url_encode(rsa_sign($data),$owner['sprvkey']);
$signature3 = base64url_encode(rsa_sign($data,$owner['sprvkey']));
$salmon_tpl = get_markup_template('magicsig.tpl');