friendica/mod/salmon.php

<?php

require_once('include/salmon.php');
require_once('include/ostatus.php');
require_once('include/crypto.php');
require_once('include/items.php');
require_once('include/follow.php');

function salmon_return($val) {

	if($val >= 400)
		$err = 'Error';
	if($val >= 200 && $val < 300)
		$err = 'OK';

	logger('mod-salmon returns ' . $val);
	header($_SERVER["SERVER_PROTOCOL"] . ' ' . $val . ' ' . $err);
	killme();

}

function salmon_post(App $a) {

	$xml = file_get_contents('php://input');

	logger('mod-salmon: new salmon ' . $xml, LOGGER_DATA);

	$nick       = (($a->argc > 1) ? notags(trim($a->argv[1])) : '');
	$mentions   = (($a->argc > 2 && $a->argv[2] === 'mention') ? true : false);

	$r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 AND `account_removed` = 0 LIMIT 1",
		dbesc($nick)
	);
	if (! dbm::is_result($r)) {
		http_status_exit(500);
	}

	$importer = $r[0];

	// parse the xml

	$dom = simplexml_load_string($xml,'SimpleXMLElement',0,NAMESPACE_SALMON_ME);

	// figure out where in the DOM tree our data is hiding

	if($dom->provenance->data)
		$base = $dom->provenance;
	elseif($dom->env->data)
		$base = $dom->env;
	elseif($dom->data)
		$base = $dom;

	if(! $base) {
		logger('mod-salmon: unable to locate salmon data in xml ');
		http_status_exit(400);
	}

	// Stash the signature away for now. We have to find their key or it won't be good for anything.


	$signature = base64url_decode($base->sig);

	// unpack the  data

	// strip whitespace so our data element will return to one big base64 blob
	$data = str_replace(array(" ","\t","\r","\n"),array("","","",""),$base->data);

	// stash away some other stuff for later

	$type = $base->data[0]->attributes()->type[0];
	$keyhash = $base->sig[0]->attributes()->keyhash[0];
	$encoding = $base->encoding;
	$alg = $base->alg;

	// Salmon magic signatures have evolved and there is no way of knowing ahead of time which
	// flavour we have. We'll try and verify it regardless.

	$stnet_signed_data = $data;

	$signed_data = $data  . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg);

	$compliant_format = str_replace('=', '', $signed_data);


	// decode the data
	$data = base64url_decode($data);

	$author = ostatus::salmon_author($data,$importer);
	$author_link = $author["author-link"];

	if(! $author_link) {
		logger('mod-salmon: Could not retrieve author URI.');
		http_status_exit(400);
	}

	// Once we have the author URI, go to the web and try to find their public key

	logger('mod-salmon: Fetching key for ' . $author_link);

	$key = get_salmon_key($author_link,$keyhash);

	if(! $key) {
		logger('mod-salmon: Could not retrieve author key.');
		http_status_exit(400);
	}

	$key_info = explode('.',$key);

	$m = base64url_decode($key_info[1]);
	$e = base64url_decode($key_info[2]);

	logger('mod-salmon: key details: ' . print_r($key_info,true), LOGGER_DEBUG);

	$pubkey = metopem($m,$e);

	// We should have everything we need now. Let's see if it verifies.

	// Try GNU Social format
	$verify = rsa_verify($signed_data, $signature, $pubkey);
	$mode = 1;

	if (! $verify) {
		logger('mod-salmon: message did not verify using protocol. Trying compliant format.');
		$verify = rsa_verify($compliant_format, $signature, $pubkey);
		$mode = 2;
	}

	if (! $verify) {
		logger('mod-salmon: message did not verify using padding. Trying old statusnet format.');
		$verify = rsa_verify($stnet_signed_data, $signature, $pubkey);
		$mode = 3;
	}

	if (! $verify) {
		logger('mod-salmon: Message did not verify. Discarding.');
		http_status_exit(400);
	}

	logger('mod-salmon: Message verified with mode '.$mode);


	/*
	*
	* If we reached this point, the message is good. Now let's figure out if the author is allowed to send us stuff.
	*
	*/

	$r = q("SELECT * FROM `contact` WHERE `network` IN ('%s', '%s')
						AND (`nurl` = '%s' OR `alias` = '%s' OR `alias` = '%s')
						AND `uid` = %d LIMIT 1",
		dbesc(NETWORK_OSTATUS),
		dbesc(NETWORK_DFRN),
		dbesc(normalise_link($author_link)),
		dbesc($author_link),
		dbesc(normalise_link($author_link)),
		intval($importer['uid'])
	);
	if (! dbm::is_result($r)) {
		logger('mod-salmon: Author unknown to us.');
		if(get_pconfig($importer['uid'],'system','ostatus_autofriend')) {
			$result = new_contact($importer['uid'],$author_link);
			if($result['success']) {
				$r = q("SELECT * FROM `contact` WHERE `network` = '%s' AND ( `url` = '%s' OR `alias` = '%s')
					AND `uid` = %d LIMIT 1",
					dbesc(NETWORK_OSTATUS),
					dbesc($author_link),
					dbesc($author_link),
					intval($importer['uid'])
				);
			}
		}
	}

	// Have we ignored the person?
	// If so we can not accept this post.

	//if((dbm::is_result($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) {
	if (dbm::is_result($r) && $r[0]['blocked']) {
		logger('mod-salmon: Ignoring this author.');
		http_status_exit(202);
		// NOTREACHED
	}

	// Placeholder for hub discovery.
	$hub = '';

	$contact_rec = ((dbm::is_result($r)) ? $r[0] : null);

	ostatus::import($data,$importer,$contact_rec, $hub);

	http_status_exit(200);
}
infrastructure for salmon 2010-10-07 04:46:44 +02:00			`<?php`

magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`require_once('include/salmon.php');`
Reworked salmon import 2015-07-13 08:06:51 +02:00			`require_once('include/ostatus.php');`
crypto stuff 2011-08-10 03:55:46 +02:00			`require_once('include/crypto.php');`
Salmon: Don't store contact data before the message was authenticated. 2015-07-13 14:34:28 +02:00			`require_once('include/items.php');`
			`require_once('include/follow.php');`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00
infrastructure for salmon 2010-10-07 04:46:44 +02:00			`function salmon_return($val) {`

Revert "Coding convention applied - part 1" 2017-03-21 17:02:59 +01:00			`if($val >= 400)`
infrastructure for salmon 2010-10-07 04:46:44 +02:00			`$err = 'Error';`
Revert "Coding convention applied - part 1" 2017-03-21 17:02:59 +01:00			`if($val >= 200 && $val < 300)`
infrastructure for salmon 2010-10-07 04:46:44 +02:00			`$err = 'OK';`
rework the logging interface 2010-10-27 07:09:13 +02:00
Caching for scrape, keywords for remote_self, notifications for addresses that aren't in your contact list. 2015-01-20 22:54:25 +01:00			`logger('mod-salmon returns ' . $val);`
infrastructure for salmon 2010-10-07 04:46:44 +02:00			`header($_SERVER["SERVER_PROTOCOL"] . ' ' . $val . ' ' . $err);`
			`killme();`
Revert "Updated modules to allow for partial overrides without errors" This reverts commit db949bb802448184bfe5164d8d3dd86ddf51b187. 2016-02-07 15:11:34 +01:00
infrastructure for salmon 2010-10-07 04:46:44 +02:00			`}`

Normalize App parameter declaration (mod folder, 3 out of 3) 2017-01-09 13:14:55 +01:00			`function salmon_post(App $a) {`
infrastructure for salmon 2010-10-07 04:46:44 +02:00
			`$xml = file_get_contents('php://input');`
rework the logging interface 2010-10-27 07:09:13 +02:00
cripple account when expired 2011-09-19 10:17:12 +02:00			`logger('mod-salmon: new salmon ' . $xml, LOGGER_DATA);`
infrastructure for salmon 2010-10-07 04:46:44 +02:00
			`$nick = (($a->argc > 1) ? notags(trim($a->argv[1])) : '');`
			`$mentions = (($a->argc > 2 && $a->argv[2] === 'mention') ? true : false);`

Changes to make contacts delete all content from the user when a user is deleted. NOTE: I didn't add "AND account_removed = 0" to facebook.php because I don't have a clone of the addons repository. Please someone do that for me. Thanks. Please check carefully. I tested locally on my server, but not with other servers. 2012-11-02 21:43:47 +01:00			$r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 AND `account_removed` = 0 LIMIT 1",
infrastructure for salmon 2010-10-07 04:46:44 +02:00			`dbesc($nick)`
			`);`
Coding convention applied: - space between "if" and brace - curly braces on conditional blocks Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 10:10:33 +01:00			`if (! dbm::is_result($r)) {`
crypto stuff 2011-08-10 03:55:46 +02:00			`http_status_exit(500);`
Coding convention applied: - space between "if" and brace - curly braces on conditional blocks Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 10:10:33 +01:00			`}`
infrastructure for salmon 2010-10-07 04:46:44 +02:00
			`$importer = $r[0];`

magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`// parse the xml`

			`$dom = simplexml_load_string($xml,'SimpleXMLElement',0,NAMESPACE_SALMON_ME);`

			`// figure out where in the DOM tree our data is hiding`

Revert "Coding convention applied - part 1" 2017-03-21 17:02:59 +01:00			`if($dom->provenance->data)`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`$base = $dom->provenance;`
Revert "Coding convention applied - part 1" 2017-03-21 17:02:59 +01:00			`elseif($dom->env->data)`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`$base = $dom->env;`
Revert "Coding convention applied - part 1" 2017-03-21 17:02:59 +01:00			`elseif($dom->data)`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`$base = $dom;`
Caching for scrape, keywords for remote_self, notifications for addresses that aren't in your contact list. 2015-01-20 22:54:25 +01:00
Revert "Coding convention applied - part 1" 2017-03-21 17:02:59 +01:00			`if(! $base) {`
rework the logging interface 2010-10-27 07:09:13 +02:00			`logger('mod-salmon: unable to locate salmon data in xml ');`
crypto stuff 2011-08-10 03:55:46 +02:00			`http_status_exit(400);`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`}`

			`// Stash the signature away for now. We have to find their key or it won't be good for anything.`


			`$signature = base64url_decode($base->sig);`
clean up the salmon consumer bits 2010-10-22 00:32:09 +02:00
			`// unpack the data`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00
clean up the salmon consumer bits 2010-10-22 00:32:09 +02:00			`// strip whitespace so our data element will return to one big base64 blob`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`$data = str_replace(array(" ","\t","\r","\n"),array("","","",""),$base->data);`
clean up the salmon consumer bits 2010-10-22 00:32:09 +02:00
			`// stash away some other stuff for later`

magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`$type = $base->data[0]->attributes()->type[0];`
clean up the salmon consumer bits 2010-10-22 00:32:09 +02:00			`$keyhash = $base->sig[0]->attributes()->keyhash[0];`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`$encoding = $base->encoding;`
			`$alg = $base->alg;`

salmon protocol changes magicsig draft-experimental, fixes to hostxrd 2011-08-05 07:37:45 +02:00			`// Salmon magic signatures have evolved and there is no way of knowing ahead of time which`
			`// flavour we have. We'll try and verify it regardless.`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00
clean up the salmon consumer bits 2010-10-22 00:32:09 +02:00			`$stnet_signed_data = $data;`
salmon protocol changes magicsig draft-experimental, fixes to hostxrd 2011-08-05 07:37:45 +02:00
clean up the salmon consumer bits 2010-10-22 00:32:09 +02:00			`$signed_data = $data . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg);`

Reworked OStatus communication part to better support Mastodon. 2017-04-19 23:37:00 +02:00			`$compliant_format = str_replace('=', '', $signed_data);`
salmon protocol changes magicsig draft-experimental, fixes to hostxrd 2011-08-05 07:37:45 +02:00

clean up the salmon consumer bits 2010-10-22 00:32:09 +02:00			`// decode the data`
			`$data = base64url_decode($data);`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00
New OStatus implementation 2016-03-30 12:43:15 +02:00			`$author = ostatus::salmon_author($data,$importer);`
Reworked salmon import 2015-07-13 08:06:51 +02:00			`$author_link = $author["author-link"];`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00
Revert "Coding convention applied - part 1" 2017-03-21 17:02:59 +01:00			`if(! $author_link) {`
rework the logging interface 2010-10-27 07:09:13 +02:00			`logger('mod-salmon: Could not retrieve author URI.');`
crypto stuff 2011-08-10 03:55:46 +02:00			`http_status_exit(400);`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`}`
infrastructure for salmon 2010-10-07 04:46:44 +02:00
clean up the salmon consumer bits 2010-10-22 00:32:09 +02:00			`// Once we have the author URI, go to the web and try to find their public key`
infrastructure for salmon 2010-10-07 04:46:44 +02:00
Salmon: Don't store contact data before the message was authenticated. 2015-07-13 14:34:28 +02:00			`logger('mod-salmon: Fetching key for ' . $author_link);`
infrastructure for salmon 2010-10-07 04:46:44 +02:00
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`$key = get_salmon_key($author_link,$keyhash);`

Revert "Coding convention applied - part 1" 2017-03-21 17:02:59 +01:00			`if(! $key) {`
rework the logging interface 2010-10-27 07:09:13 +02:00			`logger('mod-salmon: Could not retrieve author key.');`
crypto stuff 2011-08-10 03:55:46 +02:00			`http_status_exit(400);`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`}`

			`$key_info = explode('.',$key);`

			`$m = base64url_decode($key_info[1]);`
			`$e = base64url_decode($key_info[2]);`
clean up the salmon consumer bits 2010-10-22 00:32:09 +02:00
crypto stuff 2011-08-10 03:55:46 +02:00			`logger('mod-salmon: key details: ' . print_r($key_info,true), LOGGER_DEBUG);`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00
crypto stuff 2011-08-10 03:55:46 +02:00			`$pubkey = metopem($m,$e);`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00
			`// We should have everything we need now. Let's see if it verifies.`

Reworked OStatus communication part to better support Mastodon. 2017-04-19 23:37:00 +02:00			`// Try GNU Social format`
			`$verify = rsa_verify($signed_data, $signature, $pubkey);`
			`$mode = 1;`
salmon protocol changes magicsig draft-experimental, fixes to hostxrd 2011-08-05 07:37:45 +02:00
Reworked OStatus communication part to better support Mastodon. 2017-04-19 23:37:00 +02:00			`if (! $verify) {`
			`logger('mod-salmon: message did not verify using protocol. Trying compliant format.');`
			`$verify = rsa_verify($compliant_format, $signature, $pubkey);`
			`$mode = 2;`
Reworked salmon import 2015-07-13 08:06:51 +02:00			`}`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00
Reworked OStatus communication part to better support Mastodon. 2017-04-19 23:37:00 +02:00			`if (! $verify) {`
			`logger('mod-salmon: message did not verify using padding. Trying old statusnet format.');`
			`$verify = rsa_verify($stnet_signed_data, $signature, $pubkey);`
			`$mode = 3;`
Reworked salmon import 2015-07-13 08:06:51 +02:00			`}`
clean up the salmon consumer bits 2010-10-22 00:32:09 +02:00
Reworked OStatus communication part to better support Mastodon. 2017-04-19 23:37:00 +02:00			`if (! $verify) {`
rework the logging interface 2010-10-27 07:09:13 +02:00			`logger('mod-salmon: Message did not verify. Discarding.');`
crypto stuff 2011-08-10 03:55:46 +02:00			`http_status_exit(400);`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`}`

Reworked OStatus communication part to better support Mastodon. 2017-04-19 23:37:00 +02:00			`logger('mod-salmon: Message verified with mode '.$mode);`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00

			`/*`
			`*`
			`* If we reached this point, the message is good. Now let's figure out if the author is allowed to send us stuff.`
			`*`
			`*/`

Reworked salmon import 2015-07-13 08:06:51 +02:00			$r = q("SELECT * FROM `contact` WHERE `network` IN ('%s', '%s')
			AND (`nurl` = '%s' OR `alias` = '%s' OR `alias` = '%s')
			AND `uid` = %d LIMIT 1",
provide ability to autofriend ostatus accounts 2012-06-08 05:20:13 +02:00			`dbesc(NETWORK_OSTATUS),`
Reworked salmon import 2015-07-13 08:06:51 +02:00			`dbesc(NETWORK_DFRN),`
			`dbesc(normalise_link($author_link)),`
workflow for federated/non-dfrn followers 2010-10-25 05:39:24 +02:00			`dbesc($author_link),`
Reworked salmon import 2015-07-13 08:06:51 +02:00			`dbesc(normalise_link($author_link)),`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`intval($importer['uid'])`
			`);`
Coding convention applied: - space between "if" and brace - curly braces on conditional blocks Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-20 10:10:33 +01:00			`if (! dbm::is_result($r)) {`
rework the logging interface 2010-10-27 07:09:13 +02:00			`logger('mod-salmon: Author unknown to us.');`
Revert "Coding convention applied - part 1" 2017-03-21 17:02:59 +01:00			`if(get_pconfig($importer['uid'],'system','ostatus_autofriend')) {`
provide ability to autofriend ostatus accounts 2012-06-08 05:20:13 +02:00			`$result = new_contact($importer['uid'],$author_link);`
Revert "Coding convention applied - part 1" 2017-03-21 17:02:59 +01:00			`if($result['success']) {`
Normalize App parameter declaration (mod folder, 3 out of 3) 2017-01-09 13:14:55 +01:00			$r = q("SELECT * FROM `contact` WHERE `network` = '%s' AND ( `url` = '%s' OR `alias` = '%s')
provide ability to autofriend ostatus accounts 2012-06-08 05:20:13 +02:00			AND `uid` = %d LIMIT 1",
			`dbesc(NETWORK_OSTATUS),`
			`dbesc($author_link),`
			`dbesc($author_link),`
			`intval($importer['uid'])`
			`);`
			`}`
			`}`
Caching for scrape, keywords for remote_self, notifications for addresses that aren't in your contact list. 2015-01-20 22:54:25 +01:00			`}`
statusnet improvements 2011-07-02 02:39:16 +02:00
Salmon: Don't store contact data before the message was authenticated. 2015-07-13 14:34:28 +02:00			`// Have we ignored the person?`
statusnet improvements 2011-07-02 02:39:16 +02:00			`// If so we can not accept this post.`

Revert "Coding convention applied - part 1" 2017-03-21 17:02:59 +01:00			`//if((dbm::is_result($r)) && (($r[0]['readonly']) \|\| ($r[0]['rel'] == CONTACT_IS_FOLLOWER) \|\| ($r[0]['blocked']))) {`
Cleanup for #3010 - added spaces, thanks to @annando . Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-14 09:41:33 +01:00			`if (dbm::is_result($r) && $r[0]['blocked']) {`
rework the logging interface 2010-10-27 07:09:13 +02:00			`logger('mod-salmon: Ignoring this author.');`
crypto stuff 2011-08-10 03:55:46 +02:00			`http_status_exit(202);`
a few more fsw tweaks 2010-10-27 04:01:16 +02:00			`// NOTREACHED`
			`}`

Salmon: Don't store contact data before the message was authenticated. 2015-07-13 14:34:28 +02:00			`// Placeholder for hub discovery.`
magic-envelope verification, status.net appears to do it wrong. Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects. 2010-10-21 13:53:43 +02:00			`$hub = '';`

More usage of dbm::is_result($r) instead of count($r): - count() returns very different results and never a boolean (not even false on error condition). - therefore you should NOT use it in boolean expressions. This still can be done in PHP because of its lazyness. But it is discouraged if it comes to more clean code. Signed-off-by: Roland Häder <roland@mxchange.org> 2016-12-13 10:44:13 +01:00			`$contact_rec = ((dbm::is_result($r)) ? $r[0] : null);`
cannot pass null by reference 2011-01-14 23:56:13 +01:00
New OStatus implementation 2016-03-30 12:43:15 +02:00			`ostatus::import($data,$importer,$contact_rec, $hub);`
infrastructure for salmon 2010-10-07 04:46:44 +02:00
crypto stuff 2011-08-10 03:55:46 +02:00			`http_status_exit(200);`
infrastructure for salmon 2010-10-07 04:46:44 +02:00			`}`