dfrn_poll underway
This commit is contained in:
parent
83ee7909cd
commit
95d0a9e2bf
2 changed files with 114 additions and 1 deletions
|
@ -55,4 +55,112 @@ function dfrn_poll_init(&$a) {
|
|||
return; // NOTREACHED
|
||||
}
|
||||
|
||||
|
||||
if($dfrn_id != '*') {
|
||||
// initial communication from external contact
|
||||
$hash = random_string();
|
||||
|
||||
$status = 0;
|
||||
|
||||
$r = q("DELETE FROM `challenge` WHERE `expire` < " . intval(time()));
|
||||
|
||||
$r = q("INSERT INTO `challenge` ( `challenge`, `dfrn-id`, `expire` , `type`, `last_update` )
|
||||
VALUES( '%s', '%s', '%s', '%s', '%s' ) ",
|
||||
dbesc($hash),
|
||||
dbesc(notags(trim($_GET['dfrn_id']))),
|
||||
intval(time() + 60 ),
|
||||
dbesc($type),
|
||||
dbesc($last_update)
|
||||
);
|
||||
|
||||
$r = q("SELECT * FROM `contact` WHERE `issued-id` = '%s' AND `blocked` = 0 LIMIT 1",
|
||||
dbesc($_GET['dfrn_id']));
|
||||
if((! count($r)) || (! strlen($r[0]['prvkey'])))
|
||||
$status = 1;
|
||||
|
||||
$challenge = '';
|
||||
|
||||
openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
|
||||
$challenge = bin2hex($challenge);
|
||||
echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_poll><status>' .$status . '</status><dfrn_id>' . $_GET['dfrn_id'] . '</dfrn_id>'
|
||||
. '<challenge>' . $challenge . '</challenge></dfrn_poll>' . "\r\n" ;
|
||||
session_write_close();
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
function dfrn_poll_post(&$a) {
|
||||
|
||||
$dfrn_id = notags(trim($_POST['dfrn_id']));
|
||||
$challenge = notags(trim($_POST['challenge']));
|
||||
$url = $_POST['url'];
|
||||
$r = q("SELECT * FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
|
||||
dbesc($dfrn_id),
|
||||
dbesc($challenge)
|
||||
);
|
||||
if(! count($r))
|
||||
xml_status(3);
|
||||
|
||||
$type = $r[0]['type'];
|
||||
$last_update = $r[0]['last_update'];
|
||||
|
||||
$r = q("DELETE FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
|
||||
dbesc($dfrn_id),
|
||||
dbesc($challenge)
|
||||
);
|
||||
|
||||
|
||||
$r = q("SELECT * FROM `contact` WHERE `issued-id` = '%s' LIMIT 1",
|
||||
dbesc($dfrn_id)
|
||||
);
|
||||
if(! count($r))
|
||||
xml_status(3);
|
||||
|
||||
$owner_uid = $r[0]['uid'];
|
||||
$contact_id = $r[0]['id'];
|
||||
|
||||
|
||||
if($type == 'reputation' && strlen($url)) {
|
||||
$r = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1",
|
||||
dbesc($url),
|
||||
intval($owner_uid)
|
||||
);
|
||||
$reputation = 0;
|
||||
$text = '';
|
||||
|
||||
if(count($r)) {
|
||||
$reputation = $r[0]['rating'];
|
||||
$text = $r[0]['reason'];
|
||||
|
||||
if($r[0]['id'] == $contact_id) { // inquiring about own reputation not allowed
|
||||
$reputation = 0;
|
||||
$text = '';
|
||||
}
|
||||
}
|
||||
|
||||
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>
|
||||
<reputation>
|
||||
<url>$url</url>
|
||||
<rating>$reputation</rating>
|
||||
<description>$text</description>
|
||||
</reputation>
|
||||
";
|
||||
killme();
|
||||
return; // NOTREACHED
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
function dfrn_poll_content(&$a) {
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
|
@ -14,3 +14,8 @@ ADD `owner-link` CHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL
|
|||
ADD `owner-avatar` CHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL AFTER `owner-link` ;
|
||||
|
||||
ALTER TABLE `user` ADD `pwdreset` CHAR( 255 ) NOT NULL AFTER `blocked` ;
|
||||
|
||||
ALTER TABLE `challenge` ADD `cmd` CHAR( 255 ) NOT NULL AFTER `expire` ,
|
||||
ADD `url` CHAR( 255 ) NOT NULL AFTER `cmd` ,
|
||||
ADD `last_update` CHAR( 255 ) NOT NULL AFTER `url` ;
|
||||
|
||||
|
|
Loading…
Reference in a new issue