Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

354 lines
9.7 KiB

9 years ago
9 years ago
  1. <?php
  2. require_once('include/security.php');
  3. require_once('include/bbcode.php');
  4. require_once('include/items.php');
  5. function like_content(&$a) {
  6. if(! local_user() && ! remote_user()) {
  7. return;
  8. }
  9. $verb = notags(trim($_GET['verb']));
  10. if(! $verb)
  11. $verb = 'like';
  12. switch($verb) {
  13. case 'like':
  14. case 'unlike':
  15. $activity = ACTIVITY_LIKE;
  16. break;
  17. case 'dislike':
  18. case 'undislike':
  19. $activity = ACTIVITY_DISLIKE;
  20. break;
  21. default:
  22. return;
  23. break;
  24. }
  25. $item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
  26. logger('like: verb ' . $verb . ' item ' . $item_id);
  27. $r = q("SELECT * FROM `item` WHERE `id` = '%s' OR `uri` = '%s' LIMIT 1",
  28. dbesc($item_id),
  29. dbesc($item_id)
  30. );
  31. if(! $item_id || (! count($r))) {
  32. logger('like: no item ' . $item_id);
  33. return;
  34. }
  35. $item = $r[0];
  36. $owner_uid = $item['uid'];
  37. if(! can_write_wall($a,$owner_uid)) {
  38. return;
  39. }
  40. $remote_owner = null;
  41. if(! $item['wall']) {
  42. // The top level post may have been written by somebody on another system
  43. $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  44. intval($item['contact-id']),
  45. intval($item['uid'])
  46. );
  47. if(! count($r))
  48. return;
  49. if(! $r[0]['self'])
  50. $remote_owner = $r[0];
  51. }
  52. // this represents the post owner on this system.
  53. $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
  54. WHERE `contact`.`self` = 1 AND `contact`.`uid` = %d LIMIT 1",
  55. intval($owner_uid)
  56. );
  57. if(count($r))
  58. $owner = $r[0];
  59. if(! $owner) {
  60. logger('like: no owner');
  61. return;
  62. }
  63. if(! $remote_owner)
  64. $remote_owner = $owner;
  65. // This represents the person posting
  66. if((local_user()) && (local_user() == $owner_uid)) {
  67. $contact = $owner;
  68. }
  69. else {
  70. $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
  71. intval($_SESSION['visitor_id']),
  72. intval($owner_uid)
  73. );
  74. if(count($r))
  75. $contact = $r[0];
  76. }
  77. if(! $contact) {
  78. return;
  79. }
  80. $r = q("SELECT * FROM `item` WHERE `verb` = '%s' AND `deleted` = 0
  81. AND `contact-id` = %d AND ( `parent` = '%s' OR `parent-uri` = '%s') LIMIT 1",
  82. dbesc($activity),
  83. intval($contact['id']),
  84. dbesc($item_id),
  85. dbesc($item_id)
  86. );
  87. if(count($r)) {
  88. $like_item = $r[0];
  89. // Already voted, undo it
  90. $r = q("UPDATE `item` SET `deleted` = 1, `changed` = '%s' WHERE `id` = %d LIMIT 1",
  91. dbesc(datetime_convert()),
  92. intval($like_item['id'])
  93. );
  94. // Clean up the Diaspora signatures for this like
  95. // Go ahead and do it even if Diaspora support is disabled. We still want to clean up
  96. // if it had been enabled in the past
  97. $r = q("DELETE FROM `sign` WHERE `iid` = %d",
  98. intval($like_item['id'])
  99. );
  100. // Save the author information for the unlike in case we need to relay to Diaspora
  101. store_diaspora_like_retract_sig($activity, $item, $like_item, $contact);
  102. // proc_run('php',"include/notifier.php","like","$post_id"); // $post_id isn't defined here!
  103. $like_item_id = $like_item['id'];
  104. proc_run('php',"include/notifier.php","like","$like_item_id");
  105. return;
  106. }
  107. $uri = item_new_uri($a->get_hostname(),$owner_uid);
  108. $post_type = (($item['resource-id']) ? t('photo') : t('status'));
  109. $objtype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE );
  110. $link = xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ;
  111. $body = $item['body'];
  112. $obj = <<< EOT
  113. <object>
  114. <type>$objtype</type>
  115. <local>1</local>
  116. <id>{$item['uri']}</id>
  117. <link>$link</link>
  118. <title></title>
  119. <content>$body</content>
  120. </object>
  121. EOT;
  122. if($verb === 'like')
  123. $bodyverb = t('%1$s likes %2$s\'s %3$s');
  124. if($verb === 'dislike')
  125. $bodyverb = t('%1$s doesn\'t like %2$s\'s %3$s');
  126. if(! isset($bodyverb))
  127. return;
  128. $arr = array();
  129. $arr['uri'] = $uri;
  130. $arr['uid'] = $owner_uid;
  131. $arr['contact-id'] = $contact['id'];
  132. $arr['type'] = 'activity';
  133. $arr['wall'] = $item['wall'];
  134. $arr['origin'] = 1;
  135. $arr['gravity'] = GRAVITY_LIKE;
  136. $arr['parent'] = $item['id'];
  137. $arr['parent-uri'] = $item['uri'];
  138. $arr['thr-parent'] = $item['uri'];
  139. $arr['owner-name'] = $remote_owner['name'];
  140. $arr['owner-link'] = $remote_owner['url'];
  141. $arr['owner-avatar'] = $remote_owner['thumb'];
  142. $arr['author-name'] = $contact['name'];
  143. $arr['author-link'] = $contact['url'];
  144. $arr['author-avatar'] = $contact['thumb'];
  145. $ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
  146. $alink = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
  147. $plink = '[url=' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . ']' . $post_type . '[/url]';
  148. $arr['body'] = sprintf( $bodyverb, $ulink, $alink, $plink );
  149. $arr['verb'] = $activity;
  150. $arr['object-type'] = $objtype;
  151. $arr['object'] = $obj;
  152. $arr['allow_cid'] = $item['allow_cid'];
  153. $arr['allow_gid'] = $item['allow_gid'];
  154. $arr['deny_cid'] = $item['deny_cid'];
  155. $arr['deny_gid'] = $item['deny_gid'];
  156. $arr['visible'] = 1;
  157. $arr['unseen'] = 1;
  158. $arr['last-child'] = 0;
  159. $post_id = item_store($arr);
  160. if(! $item['visible']) {
  161. $r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1",
  162. intval($item['id']),
  163. intval($owner_uid)
  164. );
  165. }
  166. // Save the author information for the like in case we need to relay to Diaspora
  167. store_diaspora_like_sig($activity, $post_type, $contact, $post_id);
  168. $arr['id'] = $post_id;
  169. call_hooks('post_local_end', $arr);
  170. proc_run('php',"include/notifier.php","like","$post_id");
  171. killme();
  172. // return; // NOTREACHED
  173. }
  174. function store_diaspora_like_retract_sig($activity, $item, $like_item, $contact) {
  175. // Note that we can only create a signature for a user of the local server. We don't have
  176. // a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it
  177. // means we are the relay, and for relayable_retractions, Diaspora
  178. // only checks the parent_author_signature if it doesn't have to relay further
  179. //
  180. // If $item['resource-id'] exists, it means the item is a photo. Diaspora doesn't support
  181. // likes on photos, so don't bother.
  182. $enabled = intval(get_config('system','diaspora_enabled'));
  183. if(! $enabled) {
  184. logger('mod_like: diaspora support disabled, not storing like retraction signature', LOGGER_DEBUG);
  185. return;
  186. }
  187. logger('mod_like: storing diaspora like retraction signature');
  188. if(($activity === ACTIVITY_LIKE) && (! $item['resource-id'])) {
  189. $signed_text = $like_item['guid'] . ';' . 'Like';
  190. // if( $contact['network'] === NETWORK_DIASPORA)
  191. // $diaspora_handle = $contact['addr'];
  192. // else {
  193. // Only works for NETWORK_DFRN
  194. $contact_baseurl_start = strpos($contact['url'],'://') + 3;
  195. $contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start;
  196. $contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length);
  197. $diaspora_handle = $contact['nick'] . '@' . $contact_baseurl;
  198. // Get contact's private key if he's a user of the local Friendica server
  199. $r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1",
  200. dbesc($contact['url'])
  201. );
  202. if( $r) {
  203. $contact_uid = $r['uid'];
  204. $r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1",
  205. intval($contact_uid)
  206. );
  207. if( $r)
  208. $authorsig = base64_encode(rsa_sign($signed_text,$r['prvkey'],'sha256'));
  209. }
  210. // }
  211. if(! isset($authorsig))
  212. $authorsig = '';
  213. q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
  214. intval($like_item['id']),
  215. dbesc($signed_text),
  216. dbesc($authorsig),
  217. dbesc($diaspora_handle)
  218. );
  219. }
  220. return;
  221. }
  222. function store_diaspora_like_sig($activity, $post_type, $contact, $post_id) {
  223. // Note that we can only create a signature for a user of the local server. We don't have
  224. // a key for remote users. That is ok, because if a remote user is "unlike"ing a post, it
  225. // means we are the relay, and for relayable_retractions, Diaspora
  226. // only checks the parent_author_signature if it doesn't have to relay further
  227. $enabled = intval(get_config('system','diaspora_enabled'));
  228. if(! $enabled) {
  229. logger('mod_like: diaspora support disabled, not storing like signature', LOGGER_DEBUG);
  230. return;
  231. }
  232. logger('mod_like: storing diaspora like signature');
  233. if(($activity === ACTIVITY_LIKE) && ($post_type === t('status'))) {
  234. // if( $contact['network'] === NETWORK_DIASPORA)
  235. // $diaspora_handle = $contact['addr'];
  236. // else {
  237. // Only works for NETWORK_DFRN
  238. $contact_baseurl_start = strpos($contact['url'],'://') + 3;
  239. $contact_baseurl_length = strpos($contact['url'],'/profile') - $contact_baseurl_start;
  240. $contact_baseurl = substr($contact['url'], $contact_baseurl_start, $contact_baseurl_length);
  241. $diaspora_handle = $contact['nick'] . '@' . $contact_baseurl;
  242. // Get contact's private key if he's a user of the local Friendica server
  243. $r = q("SELECT `contact`.`uid` FROM `contact` WHERE `url` = '%s' AND `self` = 1 LIMIT 1",
  244. dbesc($contact['url'])
  245. );
  246. if( $r) {
  247. $contact_uid = $r['uid'];
  248. $r = q("SELECT prvkey FROM user WHERE uid = %d LIMIT 1",
  249. intval($contact_uid)
  250. );
  251. if( $r)
  252. $contact_uprvkey = $r['prvkey'];
  253. }
  254. // }
  255. $r = q("SELECT guid, parent FROM `item` WHERE id = %d LIMIT 1",
  256. intval($post_id)
  257. );
  258. if( $r) {
  259. $p = q("SELECT guid FROM `item` WHERE id = %d AND parent = %d LIMIT 1",
  260. intval($r[0]['parent']),
  261. intval($r[0]['parent'])
  262. );
  263. if( $p) {
  264. $signed_text = $r[0]['guid'] . ';Post;' . $p[0]['guid'] . ';true;' . $diaspora_handle;
  265. if(isset($contact_uprvkey))
  266. $authorsig = base64_encode(rsa_sign($signed_text,$contact_uprvkey,'sha256'));
  267. else
  268. $authorsig = '';
  269. q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
  270. intval($post_id),
  271. dbesc($signed_text),
  272. dbesc($authorsig),
  273. dbesc($diaspora_handle)
  274. );
  275. }
  276. }
  277. }
  278. return;
  279. }