friendica
/
friendica
mirror of https://github.com/friendica/friendica.git
2
4
Fork 3
Code Issues Releases 12 Wiki Activity
Browse Source

tag each side of the duplex

pull/1/head
Mike Macgirvin 11 years ago
parent
19661d4c25
commit
2c96ad7739
5 changed files with 225 additions and 61 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 17
      include/notifier.php
  2. 21
      include/poller.php
  3. 74
      mod/dfrn_notify.php
  4. 162
      mod/dfrn_poll.php
  5. 12
      mod/redir.php

17
include/notifier.php
View File

@ -278,10 +278,19 @@
if((! strlen($rr['dfrn-id'])) && (! $rr['duplex']))
continue;
$idtosend = (($rr['dfrn-id']) ? $rr['dfrn-id'] : $rr['issued-id']);
$idtosend = $orig_id = (($rr['dfrn-id']) ? $rr['dfrn-id'] : $rr['issued-id']);
if($rr['duplex'] && $rr['dfrn-id'])
$idtosend = '0:' . $orig_id;
if($rr['duplex'] && $rr['issued-id'])
$idtosend = '1:' . $orig_id;
$url = $rr['notify'] . '?dfrn_id=' . $idtosend;
if($debugging)
echo "URL: $url";
$xml = fetch_url($url);
if($debugging)
@ -312,7 +321,11 @@
}
$final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
if($final_dfrn_id != $idtosend) {
if(strpos($final_dfrn_id,':') == 1)
$final_dfrn_id = substr($final_dfrn_id,2);
if($final_dfrn_id != $orig_id) {
// did not decode properly - cannot trust this site
continue;
}

21
include/poller.php
View File

@ -79,10 +79,16 @@
? datetime_convert('UTC','UTC','now - 30 days','Y-m-d\TH:i:s\Z')
: datetime_convert('UTC','UTC',$contact['last-update'],'Y-m-d\TH:i:s\Z'));
$idtosend = (($contact['dfrn-id']) ? $contact['dfrn-id'] : $contact['issued-id']);
$url = $contact['poll'] . '?dfrn_id=' . $idtosend . '&type=data&last_update=' . $last_update ;
$idtosend = $orig_id = (($contact['dfrn-id']) ? $contact['dfrn-id'] : $contact['issued-id']);
if(intval($contact['duplex']) && $contact['dfrn-id'])
$idtosend = '0:' . $orig_id;
if(intval($contact['duplex']) && $contact['issued-id'])
$idtosend = '1:' . $orig_id;
$url = $contact['poll'] . '?dfrn_id=' . $idtosend . '&type=data&last_update=' . $last_update ;
$xml = fetch_url($url);
if($debugging) {
@ -93,6 +99,8 @@
if(! $xml)
continue;
$res = simplexml_load_string($xml);
if(intval($res->status) == 1)
@ -122,13 +130,20 @@
}
$final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
if($final_dfrn_id != $idtosend) {
if(strpos($final_dfrn_id,':') == 1)
$final_dfrn_id = substr($final_dfrn_id,2);
if($final_dfrn_id != $orig_id) {
// did not decode properly - cannot trust this site
continue;
}
$postvars['dfrn_id'] = $idtosend;
$xml = post_url($contact['poll'],$postvars);
if($debugging) {

74
mod/dfrn_notify.php
View File

@ -9,6 +9,13 @@ function dfrn_notify_post(&$a) {
$dfrn_id = notags(trim($_POST['dfrn_id']));
$challenge = notags(trim($_POST['challenge']));
$data = $_POST['data'];
$direction = (-1);
if(strpos($dfrn_id,':') == 1) {
$direction = intval(substr($dfrn_id,0,1));
$dfrn_id = substr($dfrn_id,2);
}
$r = q("SELECT * FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
dbesc($dfrn_id),
dbesc($challenge)
@ -23,11 +30,26 @@ function dfrn_notify_post(&$a) {
// find the local user who owns this relationship.
$sql_extra = '';
switch($direction) {
case (-1):
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($dfrn_id));
break;
case 0:
$sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
break;
case 1:
$sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
break;
default:
xml_status(3);
break; // NOTREACHED
}
$r = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`, `user`.* FROM `contact`
LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
WHERE ( `issued-id` = '%s' OR ( `duplex` = 1 AND `dfrn-id` = '%s' )) LIMIT 1",
dbesc($dfrn_id),
dbesc($dfrn_id)
WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 $sql_extra LIMIT 1"
);
if(! count($r)) {
@ -336,7 +358,18 @@ function dfrn_notify_post(&$a) {
function dfrn_notify_content(&$a) {
if(x($_GET,'dfrn_id')) {
// initial communication from external contact
// initial communication from external contact, $direction is their direction.
// If this is a duplex communication, ours will be the opposite.
$dfrn_id = notags(trim($_GET['dfrn_id']));
$direction = (-1);
if(strpos($dfrn_id,':') == 1) {
$direction = intval(substr($dfrn_id,0,1));
$dfrn_id = substr($dfrn_id,2);
}
$hash = random_string();
$status = 0;
@ -346,21 +379,40 @@ function dfrn_notify_content(&$a) {
$r = q("INSERT INTO `challenge` ( `challenge`, `dfrn-id`, `expire` )
VALUES( '%s', '%s', '%s') ",
dbesc($hash),
dbesc(notags(trim($_GET['dfrn_id']))),
dbesc($dfrn_id),
intval(time() + 60 )
);
$r = q("SELECT * FROM `contact` WHERE ( `issued-id` = '%s' OR ( `duplex` = 1 AND `dfrn-id` = '%s'))
AND `blocked` = 0 AND `pending` = 0 LIMIT 1",
dbesc($_GET['dfrn_id']),
dbesc($_GET['dfrn_id'])
);
$sql_extra = '';
switch($direction) {
case (-1):
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($dfrn_id));
$my_id = $dfrn_id;
break;
case 0:
$sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
$my_id = '1:' . $dfrn_id;
break;
case 1:
$sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
$my_id = '0:' . $dfrn_id;
break;
default:
$status = 1;
break; // NOTREACHED
}
$r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 $sql_extra LIMIT 1");
if(! count($r))
$status = 1;
$challenge = '';
$encrypted_id = '';
$id_str = $_GET['dfrn_id'] . '.' . mt_rand(1000,9999);
$id_str = $my_id . '.' . mt_rand(1000,9999);
if(($r[0]['duplex']) && strlen($r[0]['pubkey'])) {
openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']);

162
mod/dfrn_poll.php
View File

@ -17,51 +17,69 @@ function dfrn_poll_init(&$a) {
$dfrn_version = ((x($_GET,'dfrn_version')) ? $_GET['dfrn_version'] : '1.0');
$destination_url = ((x($_GET,'destination_url')) ? $_GET['destination_url'] : '');
$direction = (-1);
if(strpos($dfrn_id,':') == 1) {
$direction = intval(substr($dfrn_id,0,1));
$dfrn_id = substr($dfrn_id,2);
}
if(($dfrn_id == '') && (! x($_POST,'dfrn_id')) && ($a->argc > 1)) {
$o = get_feed_for($a,'*', $a->argv[1],$last_update);
$o = get_feed_for($a, '*', $a->argv[1],$last_update);
echo $o;
killme();
}
if((x($type)) && ($type == 'profile')) {
$sql_extra = '';
switch($direction) {
case (-1):
$sql_extra = sprintf(" AND `dfrn-id` = '%s' ", dbesc($dfrn_id));
$my_id = $dfrn_id;
break;
case 0:
$sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
$my_id = '1:' . $dfrn_id;
break;
case 1:
$sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
$my_id = '0:' . $dfrn_id;
break;
default:
goaway($a->get_baseurl());
break; // NOTREACHED
}
$r = q("SELECT `contact`.*, `user`.`nickname`
FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
WHERE ( `dfrn-id` = '%s' OR ( `issued-id` = '%s' AND `duplex` = 1 )) ",
dbesc($dfrn_id),
dbesc($dfrn_id)
);
WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 $sql_extra LIMIT 1");
if(count($r)) {
foreach($r as $rr) {
// On a multi-user site, the query above *may* have returned two results.
// One of those could be the logged-in user who is now visiting "this" cell,
// as both share the dfrn_id. We will skip that entry if it unfortunately
// happens to come up first.
if(local_user() && ($rr['uid'] == get_uid()))
continue;
$s = fetch_url($rr['poll'] . '?dfrn_id=' . $dfrn_id . '&type=profile-check');
if(strlen($s)) {
$xml = simplexml_load_string($s);
if((int) $xml->status == 1) {
$_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $rr['id'];
notice( t('Hi ') . $rr['name'] . EOL);
// Visitors get 1 day session.
$session_id = session_id();
$expire = time() + 86400;
q("UPDATE `session` SET `expire` = '%s' WHERE `sid` = '%s' LIMIT 1",
dbesc($expire),
dbesc($session_id)
);
}
$s = fetch_url($r[0]['poll'] . '?dfrn_id=' . $my_id . '&type=profile-check');
if(strlen($s)) {
$xml = simplexml_load_string($s);
if((int) $xml->status == 1) {
$_SESSION['authenticated'] = 1;
$_SESSION['visitor_id'] = $r[0]['id'];
notice( t('Hi ') . $r[0]['name'] . EOL);
// Visitors get 1 day session.
$session_id = session_id();
$expire = time() + 86400;
q("UPDATE `session` SET `expire` = '%s' WHERE `sid` = '%s' LIMIT 1",
dbesc($expire),
dbesc($session_id)
);
}
$profile = $rr['nickname'];
goaway((strlen($destination_url)) ? $destination_url : $a->get_baseurl() . '/profile/' . $profile);
}
$profile = $r[0]['nickname'];
goaway((strlen($destination_url)) ? $destination_url : $a->get_baseurl() . '/profile/' . $profile);
}
goaway($a->get_baseurl());
@ -69,6 +87,16 @@ function dfrn_poll_init(&$a) {
if((x($type)) && ($type == 'profile-check')) {
switch($direction) {
case 1:
$dfrn_id = '0:' . $dfrn_id;
break;
case 0:
$dfrn_id = '1:' . $dfrn_id;
break;
default:
break;
}
q("DELETE FROM `profile_check` WHERE `expire` < " . intval(time()));
$r = q("SELECT * FROM `profile_check` WHERE `dfrn_id` = '%s' ORDER BY `expire` DESC",
dbesc($dfrn_id));
@ -91,6 +119,12 @@ function dfrn_poll_post(&$a) {
$challenge = notags(trim($_POST['challenge']));
$url = $_POST['url'];
$direction = (-1);
if(strpos($dfrn_id,':') == 1) {
$direction = intval(substr($dfrn_id,0,1));
$dfrn_id = substr($dfrn_id,2);
}
$r = q("SELECT * FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
dbesc($dfrn_id),
dbesc($challenge)
@ -107,10 +141,28 @@ function dfrn_poll_post(&$a) {
);
$r = q("SELECT * FROM `contact` WHERE ( `issued-id` = '%s' OR ( `dfrn-id` = '%s' AND `duplex` = 1 )) LIMIT 1",
dbesc($dfrn_id),
dbesc($dfrn_id)
);
$sql_extra = '';
switch($direction) {
case (-1):
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($dfrn_id));
$my_id = $dfrn_id;
break;
case 0:
$sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
$my_id = '1:' . $dfrn_id;
break;
case 1:
$sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
$my_id = '0:' . $dfrn_id;
break;
default:
goaway($a->get_baseurl());
break; // NOTREACHED
}
$r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 $sql_extra LIMIT 1");
if(! count($r))
killme();
@ -169,6 +221,12 @@ function dfrn_poll_content(&$a) {
if(x($_GET,'last_update'))
$last_update = $a->config['dfrn_poll_last_update'] = $_GET['last_update'];
$direction = (-1);
if(strpos($dfrn_id,':') == 1) {
$direction = intval(substr($dfrn_id,0,1));
$dfrn_id = substr($dfrn_id,2);
}
if($dfrn_id != '') {
// initial communication from external contact
@ -187,16 +245,36 @@ function dfrn_poll_content(&$a) {
dbesc($last_update)
);
$r = q("SELECT * FROM `contact` WHERE ( `issued-id` = '%s' OR ( `dfrn-id` = '%s' AND `duplex` = 1 ))
AND `blocked` = 0 AND `pending` = 0 LIMIT 1",
dbesc($_GET['dfrn_id']),
dbesc($_GET['dfrn_id'])
);
$sql_extra = '';
switch($direction) {
case (-1):
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($dfrn_id));
$my_id = $dfrn_id;
break;
case 0:
$sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
$my_id = '1:' . $dfrn_id;
break;
case 1:
$sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
$my_id = '0:' . $dfrn_id;
break;
default:
goaway($a->get_baseurl());
break; // NOTREACHED
}
$r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 $sql_extra LIMIT 1");
if(count($r)) {
$challenge = '';
$encrypted_id = '';
$id_str = $_GET['dfrn_id'] . '.' . mt_rand(1000,9999);
$id_str = $my_id . '.' . mt_rand(1000,9999);
if($r[0]['duplex'] && strlen($r[0]['pubkey'])) {

12
mod/redir.php
View File

@ -10,10 +10,16 @@ function redir_init(&$a) {
if(! count($r))
goaway($a->get_baseurl());
$dfrn_id = $r[0]['issued-id'];
if((! $dfrn_id) && ($r[0]['duplex']))
$dfrn_id = $r[0]['dfrn-id'];
$dfrn_id = $orig_id = $r[0]['issued-id'];
if($r[0]['duplex'] && $r[0]['issued-id']) {
$orig_id = $r[0]['issued-id'];
$dfrn_id = '1:' . $orig_id;
}
if($r[0]['duplex'] && $r[0]['dfrn-id']) {
$orig_id = $r[0]['dfrn-id'];
$dfrn_id = '0:' . $orig_id;
}
q("INSERT INTO `profile_check` ( `uid`, `dfrn_id`, `expire`)
VALUES( %d, '%s', %d )",
intval($_SESSION['uid']),

Write Preview
Loading…
Cancel
Save