Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

269 lines
7.4 KiB

11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
11 years ago
  1. <?php
  2. require_once('simplepie/simplepie.inc');
  3. function get_atom_elements($item) {
  4. $res = array();
  5. $author = $item->get_author();
  6. $res['remote-name'] = $author->get_name();
  7. $res['remote-link'] = $author->get_link();
  8. $res['remote-avatar'] = $author->get_avatar();
  9. $res['remote-id'] = $item->get_id();
  10. $res['title'] = $item->get_title();
  11. $res['body'] = $item->get_content();
  12. if(strlen($res['body']) > 100000)
  13. $res['body'] = substr($res['body'],0,10000) . "\r\n[Extremely large post truncated.]\r\n" ;
  14. $allow = $item->get_item_tags('http://purl.org/macgirvin/dfrn/1.0','comment-allow');
  15. if($allow && $allow[0]['data'] == 1)
  16. $res['last-child'] = 1;
  17. else
  18. $res['last-child'] = 0;
  19. $rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'published');
  20. if($rawcreated)
  21. $res['created'] = $rawcreated[0]['data'];
  22. $rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'updated');
  23. if($rawedited)
  24. $res['edited'] = $rawcreated[0]['data'];
  25. $rawowner = $item->get_item_tags('http://purl.org/macgirvin/dfrn/1.0", 'owner');
  26. if($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['name'][0]['data'])
  27. $res['owner-name'] = rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['name'][0]['data'];
  28. if($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['uri'][0]['data'])
  29. $res['owner-link'] = rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['uri'][0]['data'];
  30. if($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['avatar'][0]['data'])
  31. $res['owner-avatar'] = rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['avatar'][0]['data'];
  32. return $res;
  33. }
  34. function post_remote($arr) {
  35. $arr['hash'] = random_string();
  36. $arr['type'] = 'remote';
  37. $arr['remote-name'] = notags(trim($arr['remote-name']));
  38. $arr['remote-link'] = notags(trim($arr['remote-link']));
  39. $arr['remote-avatar'] = notags(trim($arr['remote-avatar']));
  40. $arr['owner-name'] = notags(trim($arr['owner-name']));
  41. $arr['owner-link'] = notags(trim($arr['owner-link']));
  42. $arr['owner-avatar'] = notags(trim($arr['owner-avatar']));
  43. if(! strlen($arr['remote-avatar']))
  44. $arr['remote-avatar'] = $a->get_baseurl() . '/images/default-profile-sm.jpg';
  45. if(! strlen($arr['owner-avatar']))
  46. $arr['owner-avatar'] = $a->get_baseurl() . '/images/default-profile-sm.jpg';
  47. $arr['created'] = datetime_convert('UTC','UTC',$arr['created'],'Y-m-d H:i:s');
  48. $arr['edited'] = datetime_convert('UTC','UTC',$arr['edited'],'Y-m-d H:i:s');
  49. $arr['title'] = notags(trim($arr['title']));
  50. $arr['body'] = escape_tags(trim($arr['body']));
  51. $arr['last-child'] = intval($arr['last-child']);
  52. $arr['visible'] = 1;
  53. $arr['deleted'] = 0;
  54. $parent = $arr['parent_urn'];
  55. unset($arr['parent_urn']);
  56. $parent_id = 0;
  57. dbesc_array($arr);
  58. $r = q("INSERT INTO `item` (`"
  59. . implode("`, `", array_keys($arr))
  60. . "`) VALUES ('"
  61. . implode("', '", array_values($arr))
  62. . "')" );
  63. $r = q("SELECT `id` FROM `item` WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
  64. dbesc($parent),
  65. intval($arr['uid'])
  66. );
  67. if(count($r))
  68. $parent_id = $r[0]['id'];
  69. $r = q("SELECT `id` FROM `item` WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
  70. $arr['remote-id'],
  71. intval($arr['uid'])
  72. );
  73. if(count($r))
  74. $current_post = $r[0]['id'];
  75. $r = q("UPDATE `item` SET `parent` = %d WHERE `id` = %d LIMIT 1",
  76. intval($parent_id),
  77. intval($current_post)
  78. );
  79. }
  80. function dfrn_notify_post(&$a) {
  81. dbg(3);
  82. $dfrn_id = notags(trim($_POST['dfrn_id']));
  83. $challenge = notags(trim($_POST['challenge']));
  84. $data = $_POST['data'];
  85. $r = q("SELECT * FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
  86. dbesc($dfrn_id),
  87. dbesc($challenge)
  88. );
  89. if(! count($r))
  90. xml_status(3);
  91. $r = q("DELETE FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
  92. dbesc($dfrn_id),
  93. dbesc($challenge)
  94. );
  95. // find the local user who owns this relationship.
  96. $r = q("SELECT `id`, `uid` FROM `contact` WHERE `issued-id` = '%s' LIMIT 1",
  97. dbesc($dfrn_id)
  98. );
  99. if(! count($r))
  100. xml_status(3);
  101. $importer = $r[0];
  102. $feed = new SimplePie();
  103. $feed->set_raw_data($data);
  104. $feed->enable_order_by_date(false);
  105. $feed->init();
  106. foreach($feed->get_items() as $item) {
  107. $rawdelete = $item->get_item_tags("http://purl.org/atompub/tombstones/1.0", 'deleted-entry');
  108. print_r($rawdelete);
  109. if($deleted) {
  110. // pick out ref and when from attribs
  111. // check hasn't happened already, verify ownership and then process it
  112. continue;
  113. }
  114. $is_reply = false;
  115. $item_id = $item->get_id();
  116. $rawthread = $item->get_item_tags("http://purl.org/syndication/thread/1.0",'in-reply-to');
  117. if(isset($rawthread[0]['attribs']['']['ref'])) {
  118. $is_reply = true;
  119. $parent_urn = $rawthread[0]['attribs']['']['ref'];
  120. }
  121. if($is_reply) {
  122. if($x == ($total_items - 1)) {
  123. // remote reply to our post. Import and then notify everybody else.
  124. }
  125. else {
  126. // regular comment that is part of this total conversation. Have we seen it? If not, import it.
  127. $item_id = $item->get_id();
  128. $r = q("SELECT `uid`, `last-child` FROM `item` WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
  129. dbesc($item_id),
  130. intval($importer['uid'])
  131. );
  132. if(count($r)) {
  133. $allow = $item->get_item_tags('http://purl.org/macgirvin/dfrn/1.0','comment-allow');
  134. if($allow && $allow[0]['data'] != $r[0]['last-child']) {
  135. $r = q("UPDATE `item` SET `last-child` = %d WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
  136. intval($allow[0]['data']),
  137. dbesc($item_id)
  138. );
  139. }
  140. continue;
  141. }
  142. $datarray = get_atom_elements($item);
  143. $datarray['parent_urn'] = $parent_urn;
  144. $datarray['uid'] = $importer['uid'];
  145. $datarray['contact-id'] = $importer['id'];
  146. $r = post_remote($datarray);
  147. continue;
  148. }
  149. }
  150. else {
  151. // Head post of a conversation. Have we seen it? If not, import it.
  152. $item_id = $item->get_id();
  153. $r = q("SELECT `uid` FROM `item` WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
  154. dbesc($item_id),
  155. intval($importer['uid'])
  156. );
  157. if(count($r)) {
  158. $allow = $item->get_item_tags('http://purl.org/macgirvin/dfrn/1.0','comment-allow');
  159. if($allow && $allow[0]['data'] != $r[0]['last-child']) {
  160. $r = q("UPDATE `item` SET `last-child` = %d WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
  161. intval($allow[0]['data']),
  162. dbesc($item_id)
  163. );
  164. }
  165. continue;
  166. }
  167. $datarray = get_atom_elements($item);
  168. $datarray['parent_urn'] = $item_id;
  169. $datarray['uid'] = $importer['uid'];
  170. $datarray['contact-id'] = $importer['id'];
  171. $r = post_remote($datarray);
  172. continue;
  173. }
  174. }
  175. killme();
  176. }
  177. function dfrn_notify_content(&$a) {
  178. if(x($_GET,'dfrn_id')) {
  179. // initial communication from external contact
  180. $hash = random_string();
  181. $status = 0;
  182. $r = q("DELETE FROM `challenge` WHERE `expire` < " . intval(time()));
  183. $r = q("INSERT INTO `challenge` ( `challenge`, `dfrn-id`, `expire` )
  184. VALUES( '%s', '%s', '%s') ",
  185. dbesc($hash),
  186. dbesc(notags(trim($_GET['dfrn_id']))),
  187. intval(time() + 60 )
  188. );
  189. $r = q("SELECT * FROM `contact` WHERE `issued-id` = '%s' AND `blocked` = 0 LIMIT 1",
  190. dbesc($_GET['dfrn_id']));
  191. if((! count($r)) || (! strlen($r[0]['prvkey'])))
  192. $status = 1;
  193. $challenge = '';
  194. openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
  195. $challenge = bin2hex($challenge);
  196. echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_notify><status>' .$status . '</status><dfrn_id>' . $_GET['dfrn_id'] . '</dfrn_id>'
  197. . '<challenge>' . $challenge . '</challenge></dfrn_notify>' . "\r\n" ;
  198. session_write_close();
  199. exit;
  200. }
  201. }