From 704cdf1b5a7f5f6f7c60c2d79792658de9cb6555 Mon Sep 17 00:00:00 2001
From: Michael <heluecht@pirati.ca>
Date: Thu, 26 Sep 2019 04:47:42 +0000
Subject: [PATCH] New function to store the "remote" session value / making the
 changes work

---
 src/Core/Session.php   | 33 ++++++++++++++++++++++-----------
 src/Model/Profile.php  | 12 +-----------
 src/Module/Profile.php | 12 ++++++------
 src/Protocol/DFRN.php  |  8 +++-----
 src/Util/Security.php  |  9 +--------
 5 files changed, 33 insertions(+), 41 deletions(-)

diff --git a/src/Core/Session.php b/src/Core/Session.php
index 8e6e4c4577..55d8e550de 100644
--- a/src/Core/Session.php
+++ b/src/Core/Session.php
@@ -119,19 +119,10 @@ class Session
 			'page_flags'    => $user_record['page-flags'],
 			'my_url'        => $a->getBaseURL() . '/profile/' . $user_record['nickname'],
 			'my_address'    => $user_record['nickname'] . '@' . substr($a->getBaseURL(), strpos($a->getBaseURL(), '://') + 3),
-			'addr'          => defaults($_SERVER, 'REMOTE_ADDR', '0.0.0.0'),
-			'remote'	=> [],
+			'addr'          => defaults($_SERVER, 'REMOTE_ADDR', '0.0.0.0')
 		]);
 
-		$remote_contacts = DBA::select('contact', ['id', 'uid'], ['nurl' => Strings::normaliseLink($_SESSION['my_url']), 'rel' => [Contact::FOLLOWER, Contact::FRIEND], 'self' => false]);
-		while ($contact = DBA::fetch($remote_contacts)) {
-			if (($contact['uid'] == 0) || Contact::isBlockedByUser($contact['id'], $contact['uid'])) {
-				continue;
-			}
-
-			$_SESSION['remote'][$contact['uid']] = $contact['id'];
-		}
-		DBA::close($remote_contacts);
+		self::setVisitorsContacts();
 
 		$member_since = strtotime($user_record['register_date']);
 		self::set('new_member', time() < ($member_since + ( 60 * 60 * 24 * 14)));
@@ -244,4 +235,24 @@ class Session
 
 		return array_search($cid, $_SESSION['remote']);
 	}
+
+	/**
+	 * Set the session variable that contains the contact IDs for the visitor's contact URL
+	 *
+	 * @param string $url Contact URL
+	 */
+	public static function setVisitorsContacts()
+	{
+		$_SESSION['remote'] = [];
+
+		$remote_contacts = DBA::select('contact', ['id', 'uid'], ['nurl' => Strings::normaliseLink($_SESSION['my_url']), 'rel' => [Contact::FOLLOWER, Contact::FRIEND], 'self' => false]);
+		while ($contact = DBA::fetch($remote_contacts)) {
+			if (($contact['uid'] == 0) || Contact::isBlockedByUser($contact['id'], $contact['uid'])) {
+				continue;
+			}
+
+			$_SESSION['remote'][$contact['uid']] = $contact['id'];
+		}
+		DBA::close($remote_contacts);
+	}
 }
diff --git a/src/Model/Profile.php b/src/Model/Profile.php
index 69e73fc80b..1aaa1907ce 100644
--- a/src/Model/Profile.php
+++ b/src/Model/Profile.php
@@ -1116,17 +1116,7 @@ class Profile
 		$_SESSION['visitor_home'] = $visitor['url'];
 		$_SESSION['my_url'] = $visitor['url'];
 
-		/// @todo replace this and the query for this variable with some cleaner functionality
-		$_SESSION['remote'] = [];
-
-		$remote_contacts = DBA::select('contact', ['id', 'uid'], ['nurl' => $visitor['nurl'], 'rel' => [Contact::FOLLOWER, Contact::FRIEND], 'self' => false]);
-		while ($contact = DBA::fetch($remote_contacts)) {
-			if (($contact['uid'] == 0) || Contact::isBlockedByUser($visitor['id'], $contact['uid'])) {
-				continue;
-			}
-
-			$_SESSION['remote'][$contact['uid']] = $contact['id'];
-		}
+		Session::setVisitorsContacts();
 
 		$a->contact = $visitor;
 
diff --git a/src/Module/Profile.php b/src/Module/Profile.php
index d103c614e6..98c504425b 100644
--- a/src/Module/Profile.php
+++ b/src/Module/Profile.php
@@ -86,8 +86,8 @@ class Profile extends BaseModule
 
 			$a->page['htmlhead'] .= "\n";
 
-			$blocked   = !local_user() && !remote_user() && Config::get('system', 'block_public');
-			$userblock = !local_user() && !remote_user() && $a->profile['hidewall'];
+			$blocked   = !local_user() && !remote_user($a->profile['profile_uid']) && Config::get('system', 'block_public');
+			$userblock = !local_user() && !remote_user($a->profile['profile_uid']) && $a->profile['hidewall'];
 
 			if (!empty($a->profile['page-flags']) && $a->profile['page-flags'] == User::PAGE_FLAGS_COMMUNITY) {
 				$a->page['htmlhead'] .= '<meta name="friendica.community" content="true" />' . "\n";
@@ -153,7 +153,7 @@ class Profile extends BaseModule
 
 		$hashtags = defaults($_GET, 'tag', '');
 
-		if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
+		if (Config::get('system', 'block_public') && !local_user() && !remote_user($a->profile['profile_uid'])) {
 			return Login::form();
 		}
 
@@ -169,12 +169,12 @@ class Profile extends BaseModule
 			Nav::setSelected('home');
 		}
 
-		$remote_contact = ContactModel::isFollower(remote_user(), $a->profile['profile_uid']);
+		$remote_contact = remote_user($a->profile['profile_uid']);
 		$is_owner = local_user() == $a->profile['profile_uid'];
-		$last_updated_key = "profile:" . $a->profile['profile_uid'] . ":" . local_user() . ":" . remote_user();
+		$last_updated_key = "profile:" . $a->profile['profile_uid'] . ":" . local_user() . ":" . $remote_contact;
 
 		if ($remote_contact) {
-			$cdata = ContactModel::getPublicAndUserContacID(remote_user(), $a->profile['profile_uid']);
+			$cdata = ContactModel::getPublicAndUserContacID($remote_contact, $a->profile['profile_uid']);
 			if (!empty($cdata['user'])) {
 				$groups = Group::getIdsByContactId($cdata['user']);
 				$remote_cid = $cdata['user'];
diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php
index f55a80a6fd..60f4b43c0e 100644
--- a/src/Protocol/DFRN.php
+++ b/src/Protocol/DFRN.php
@@ -2863,7 +2863,7 @@ class DFRN
 			// because browser may have multiple connections open and load an image on a connection
 			// whose session wasn't updated when a previous redirect authenticated
 			// Leaving commented in case looping reappears
-			//return;
+			// return;
 		}
 
 		if ((! $contact_nick) || ($contact_nick === $a->user['nickname'])) {
@@ -2906,10 +2906,8 @@ class DFRN
 			// and the sense in the $remote[]["cid"] in the session are opposite.
 			// In the session variable the user currently fetching is the contact
 			// while $contact_nick is the nick of tho user who owns the stuff being fetched.
-			foreach (Session::get('remote', []) as $visitor) {
-				if ($visitor['uid'] == $contact_uid && $visitor['cid'] == $r[0]['id']) {
-					return;
-				}
+			if (Session::getVisitorContactIDForUserID($contact_uid) == $r[0]['id']) {
+				return;
 			}
 
 			$r = q("SELECT * FROM contact WHERE nick = '%s'
diff --git a/src/Util/Security.php b/src/Util/Security.php
index 0c09b745d8..5fc38c9409 100644
--- a/src/Util/Security.php
+++ b/src/Util/Security.php
@@ -110,14 +110,7 @@ class Security extends BaseObject
 			 */
 
 			if (!$remote_verified) {
-				$cid = 0;
-
-				foreach (\Friendica\Core\Session::get('remote', []) as $visitor) {
-					if ($visitor['uid'] == $owner_id) {
-						$cid = $visitor['cid'];
-						break;
-					}
-				}
+				$cid = \Friendica\Core\Session::getVisitorContactIDForUserID($owner_id);
 
 				if ($cid && DBA::exists('contact', ['id' => $cid, 'uid' => $owner_id, 'blocked' => false])) {
 					$remote_verified = true;