Friendica Communications Platform (please note that this is a clone of the repository at github, issues are handled there) https://friendi.ca
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

5191 lines
171 KiB

<?php
require_once('include/bbcode.php');
require_once('include/oembed.php');
require_once('include/salmon.php');
require_once('include/crypto.php');
require_once('include/Photo.php');
require_once('include/tags.php');
require_once('include/files.php');
require_once('include/text.php');
require_once('include/email.php');
require_once('include/threads.php');
require_once('include/socgraph.php');
require_once('include/plaintext.php');
require_once('include/ostatus.php');
require_once('include/feed.php');
require_once('mod/share.php');
require_once('library/defuse/php-encryption-1.2.1/Crypto.php');
function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0, $forpubsub = false) {
$sitefeed = ((strlen($owner_nick)) ? false : true); // not yet implemented, need to rewrite huge chunks of following logic
$public_feed = (($dfrn_id) ? false : true);
$starred = false; // not yet implemented, possible security issues
$converse = false;
if($public_feed && $a->argc > 2) {
for($x = 2; $x < $a->argc; $x++) {
if($a->argv[$x] == 'converse')
$converse = true;
if($a->argv[$x] == 'starred')
$starred = true;
if($a->argv[$x] === 'category' && $a->argc > ($x + 1) && strlen($a->argv[$x+1]))
$category = $a->argv[$x+1];
}
}
// default permissions - anonymous user
$sql_extra = " AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' ";
$r = q("SELECT `contact`.*, `user`.`uid` AS `user_uid`, `user`.`nickname`, `user`.`timezone`, `user`.`page-flags`
FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`
WHERE `contact`.`self` = 1 AND `user`.`nickname` = '%s' LIMIT 1",
dbesc($owner_nick)
);
if(! count($r))
killme();
$owner = $r[0];
$owner_id = $owner['user_uid'];
$owner_nick = $owner['nickname'];
$birthday = feed_birthday($owner_id,$owner['timezone']);
$sql_post_table = "";
$visibility = "";
if(! $public_feed) {
$sql_extra = '';
switch($direction) {
case (-1):
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($dfrn_id));
$my_id = $dfrn_id;
break;
case 0:
$sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
$my_id = '1:' . $dfrn_id;
break;
case 1:
$sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
$my_id = '0:' . $dfrn_id;
break;
default:
return false;
break; // NOTREACHED
}
$r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `contact`.`uid` = %d $sql_extra LIMIT 1",
intval($owner_id)
);
if(! count($r))
killme();
$contact = $r[0];
require_once('include/security.php');
$groups = init_groups_visitor($contact['id']);
if(count($groups)) {
for($x = 0; $x < count($groups); $x ++)
$groups[$x] = '<' . intval($groups[$x]) . '>' ;
$gs = implode('|', $groups);
}
else
$gs = '<<>>' ; // Impossible to match
$sql_extra = sprintf("
AND ( `allow_cid` = '' OR `allow_cid` REGEXP '<%d>' )
AND ( `deny_cid` = '' OR NOT `deny_cid` REGEXP '<%d>' )
AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' )
AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s')
",
intval($contact['id']),
intval($contact['id']),
dbesc($gs),
dbesc($gs)
);
}
if($public_feed)
$sort = 'DESC';
else
$sort = 'ASC';
// Include answers to status.net posts in pubsub feeds
if($forpubsub) {
$sql_post_table = "INNER JOIN `thread` ON `thread`.`iid` = `item`.`parent`
LEFT JOIN `item` AS `thritem` ON `thritem`.`uri`=`item`.`thr-parent` AND `thritem`.`uid`=`item`.`uid`";
$visibility = sprintf("AND (`item`.`parent` = `item`.`id`) OR (`item`.`network` = '%s' AND ((`thread`.`network`='%s') OR (`thritem`.`network` = '%s')))",
dbesc(NETWORK_DFRN), dbesc(NETWORK_OSTATUS), dbesc(NETWORK_OSTATUS));
$date_field = "`received`";
$sql_order = "`item`.`received` DESC";
} else {
$date_field = "`changed`";
$sql_order = "`item`.`parent` ".$sort.", `item`.`created` ASC";
}
if(! strlen($last_update))
$last_update = 'now -30 days';
if(isset($category)) {
$sql_post_table = sprintf("INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ",
dbesc(protect_sprintf($category)), intval(TERM_OBJ_POST), intval(TERM_CATEGORY), intval($owner_id));
//$sql_extra .= file_tag_file_query('item',$category,'category');
}
if($public_feed) {
if(! $converse)
$sql_extra .= " AND `contact`.`self` = 1 ";
}
$check_date = datetime_convert('UTC','UTC',$last_update,'Y-m-d H:i:s');
// AND ( `item`.`edited` > '%s' OR `item`.`changed` > '%s' )
// dbesc($check_date),
$r = q("SELECT STRAIGHT_JOIN `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`network`, `contact`.`photo`, `contact`.`url`,
`contact`.`name-date`, `contact`.`uri-date`, `contact`.`avatar-date`,
`contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `contact-id`, `contact`.`uid` AS `contact-uid`,
`sign`.`signed_text`, `sign`.`signature`, `sign`.`signer`
FROM `item` $sql_post_table
INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id`
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`parent` != 0
AND ((`item`.`wall` = 1) $visibility) AND `item`.$date_field > '%s'
$sql_extra
ORDER BY $sql_order LIMIT 0, 300",
intval($owner_id),
dbesc($check_date),
dbesc($sort)
);
// Will check further below if this actually returned results.
// We will provide an empty feed if that is the case.
$items = $r;
$feed_template = get_markup_template(($dfrn_id) ? 'atom_feed_dfrn.tpl' : 'atom_feed.tpl');
$atom = '';
$hubxml = feed_hublinks();
$salmon = feed_salmonlinks($owner_nick);
$alternatelink = $owner['url'];
if(isset($category))
$alternatelink .= "/category/".$category;
$atom .= replace_macros($feed_template, array(
'$version' => xmlify(FRIENDICA_VERSION),
'$feed_id' => xmlify($a->get_baseurl() . '/profile/' . $owner_nick),
'$feed_title' => xmlify($owner['name']),
'$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', 'now' , ATOM_TIME)) ,
'$hub' => $hubxml,
'$salmon' => $salmon,
'$alternatelink' => xmlify($alternatelink),
'$name' => xmlify($owner['name']),
'$profile_page' => xmlify($owner['url']),
'$photo' => xmlify($owner['photo']),
'$thumb' => xmlify($owner['thumb']),
'$picdate' => xmlify(datetime_convert('UTC','UTC',$owner['avatar-date'] . '+00:00' , ATOM_TIME)) ,
'$uridate' => xmlify(datetime_convert('UTC','UTC',$owner['uri-date'] . '+00:00' , ATOM_TIME)) ,
'$namdate' => xmlify(datetime_convert('UTC','UTC',$owner['name-date'] . '+00:00' , ATOM_TIME)) ,
'$birthday' => ((strlen($birthday)) ? '<dfrn:birthday>' . xmlify($birthday) . '</dfrn:birthday>' : ''),
'$community' => (($owner['page-flags'] == PAGE_COMMUNITY) ? '<dfrn:community>1</dfrn:community>' : '')
));
call_hooks('atom_feed', $atom);
if(! count($items)) {
call_hooks('atom_feed_end', $atom);
$atom .= '</feed>' . "\r\n";
return $atom;
}
foreach($items as $item) {
// prevent private email from leaking.
if($item['network'] === NETWORK_MAIL)
continue;
// public feeds get html, our own nodes use bbcode
if($public_feed) {
$type = 'html';
// catch any email that's in a public conversation and make sure it doesn't leak
if($item['private'])
continue;
}
else {
$type = 'text';
}
$atom .= atom_entry($item,$type,null,$owner,true);
}
call_hooks('atom_feed_end', $atom);
$atom .= '</feed>' . "\r\n";
return $atom;
}
function construct_verb($item) {
if($item['verb'])
return $item['verb'];
return ACTIVITY_POST;
}
function construct_activity_object($item) {
if($item['object']) {
$o = '<as:object>' . "\r\n";
$r = parse_xml_string($item['object'],false);
if(! $r)
return '';
if($r->type)
$o .= '<as:object-type>' . xmlify($r->type) . '</as:object-type>' . "\r\n";
if($r->id)
$o .= '<id>' . xmlify($r->id) . '</id>' . "\r\n";
if($r->title)
$o .= '<title>' . xmlify($r->title) . '</title>' . "\r\n";
if($r->link) {
if(substr($r->link,0,1) === '<') {
// patch up some facebook "like" activity objects that got stored incorrectly
// for a couple of months prior to 9-Jun-2011 and generated bad XML.
// we can probably remove this hack here and in the following function in a few months time.
if(strstr($r->link,'&') && (! strstr($r->link,'&amp;')))
$r->link = str_replace('&','&amp;', $r->link);
$r->link = preg_replace('/\<link(.*?)\"\>/','<link$1"/>',$r->link);
$o .= $r->link;
}
else
$o .= '<link rel="alternate" type="text/html" href="' . xmlify($r->link) . '" />' . "\r\n";
}
if($r->content)
$o .= '<content type="html" >' . xmlify(bbcode($r->content)) . '</content>' . "\r\n";
$o .= '</as:object>' . "\r\n";
return $o;
}
return '';
}
function construct_activity_target($item) {
if($item['target']) {
$o = '<as:target>' . "\r\n";
$r = parse_xml_string($item['target'],false);
if(! $r)
return '';
if($r->type)
$o .= '<as:object-type>' . xmlify($r->type) . '</as:object-type>' . "\r\n";
if($r->id)
$o .= '<id>' . xmlify($r->id) . '</id>' . "\r\n";
if($r->title)
$o .= '<title>' . xmlify($r->title) . '</title>' . "\r\n";
if($r->link) {
if(substr($r->link,0,1) === '<') {
if(strstr($r->link,'&') && (! strstr($r->link,'&amp;')))
$r->link = str_replace('&','&amp;', $r->link);
$r->link = preg_replace('/\<link(.*?)\"\>/','<link$1"/>',$r->link);
$o .= $r->link;
}
else
$o .= '<link rel="alternate" type="text/html" href="' . xmlify($r->link) . '" />' . "\r\n";
}
if($r->content)
$o .= '<content type="html" >' . xmlify(bbcode($r->content)) . '</content>' . "\r\n";
$o .= '</as:target>' . "\r\n";
return $o;
}
return '';
}
/* limit_body_size()
*
* The purpose of this function is to apply system message length limits to
* imported messages without including any embedded photos in the length
*/
if(! function_exists('limit_body_size')) {
function limit_body_size($body) {
// logger('limit_body_size: start', LOGGER_DEBUG);
$maxlen = get_max_import_size();
// If the length of the body, including the embedded images, is smaller
// than the maximum, then don't waste time looking for the images
if($maxlen && (strlen($body) > $maxlen)) {
logger('limit_body_size: the total body length exceeds the limit', LOGGER_DEBUG);
$orig_body = $body;
$new_body = '';
$textlen = 0;
$max_found = false;
$img_start = strpos($orig_body, '[img');
$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
$img_end = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
while(($img_st_close !== false) && ($img_end !== false)) {
$img_st_close++; // make it point to AFTER the closing bracket
$img_end += $img_start;
$img_end += strlen('[/img]');
if(! strcmp(substr($orig_body, $img_start + $img_st_close, 5), 'data:')) {
// This is an embedded image
if( ($textlen + $img_start) > $maxlen ) {
if($textlen < $maxlen) {
logger('limit_body_size: the limit happens before an embedded image', LOGGER_DEBUG);
$new_body = $new_body . substr($orig_body, 0, $maxlen - $textlen);
$textlen = $maxlen;
}
}
else {
$new_body = $new_body . substr($orig_body, 0, $img_start);
$textlen += $img_start;
}
$new_body = $new_body . substr($orig_body, $img_start, $img_end - $img_start);
}
else {
if( ($textlen + $img_end) > $maxlen ) {
if($textlen < $maxlen) {
logger('limit_body_size: the limit happens before the end of a non-embedded image', LOGGER_DEBUG);
$new_body = $new_body . substr($orig_body, 0, $maxlen - $textlen);
$textlen = $maxlen;
}
}
else {
$new_body = $new_body . substr($orig_body, 0, $img_end);
$textlen += $img_end;
}
}
$orig_body = substr($orig_body, $img_end);
if($orig_body === false) // in case the body ends on a closing image tag
$orig_body = '';
$img_start = strpos($orig_body, '[img');
$img_st_close = ($img_start !== false ? strpos(substr($orig_body, $img_start), ']') : false);
$img_end = ($img_start !== false ? strpos(substr($orig_body, $img_start), '[/img]') : false);
}
if( ($textlen + strlen($orig_body)) > $maxlen) {
if($textlen < $maxlen) {
logger('limit_body_size: the limit happens after the end of the last image', LOGGER_DEBUG);
$new_body = $new_body . substr($orig_body, 0, $maxlen - $textlen);
$textlen = $maxlen;
}
}
else {
logger('limit_body_size: the text size with embedded images extracted did not violate the limit', LOGGER_DEBUG);
$new_body = $new_body . $orig_body;
$textlen += strlen($orig_body);
}
return $new_body;
}
else
return $body;
}}
function title_is_body($title, $body) {
$title = strip_tags($title);
$title = trim($title);
$title = html_entity_decode($title, ENT_QUOTES, 'UTF-8');
$title = str_replace(array("\n", "\r", "\t", " "), array("","","",""), $title);
$body = strip_tags($body);
$body = trim($body);
$body = html_entity_decode($body, ENT_QUOTES, 'UTF-8');
$body = str_replace(array("\n", "\r", "\t", " "), array("","","",""), $body);
if (strlen($title) < strlen($body))
$body = substr($body, 0, strlen($title));
if (($title != $body) and (substr($title, -3) == "...")) {
$pos = strrpos($title, "...");
if ($pos > 0) {
$title = substr($title, 0, $pos);
$body = substr($body, 0, $pos);
}
}
return($title == $body);
}
function get_atom_elements($feed, $item, $contact = array()) {
require_once('library/HTMLPurifier.auto.php');
require_once('include/html2bbcode.php');
$best_photo = array();
$res = array();
$author = $item->get_author();
if($author) {
$res['author-name'] = unxmlify($author->get_name());
$res['author-link'] = unxmlify($author->get_link());
}
else {
$res['author-name'] = unxmlify($feed->get_title());
$res['author-link'] = unxmlify($feed->get_permalink());
}
$res['uri'] = unxmlify($item->get_id());
$res['title'] = unxmlify($item->get_title());
$res['body'] = unxmlify($item->get_content());
$res['plink'] = unxmlify($item->get_link(0));
if (isset($contact["network"]) AND ($contact["network"] == NETWORK_FEED) AND strstr($res['plink'], ".app.net/")) {
logger("get_atom_elements: detected app.net posting: ".print_r($res, true), LOGGER_DEBUG);
$res['title'] = "";
$res['body'] = nl2br($res['body']);
}
// removing the content of the title if its identically to the body
// This helps with auto generated titles e.g. from tumblr
if (title_is_body($res["title"], $res["body"]))
$res['title'] = "";
if($res['plink'])
$base_url = implode('/', array_slice(explode('/',$res['plink']),0,3));
else
$base_url = '';
// look for a photo. We should check media size and find the best one,
// but for now let's just find any author photo
// Additionally we look for an alternate author link. On OStatus this one is the one we want.
$authorlinks = $item->feed->data["child"][SIMPLEPIE_NAMESPACE_ATOM_10]["feed"][0]["child"][SIMPLEPIE_NAMESPACE_ATOM_10]["author"][0]["child"]["http://www.w3.org/2005/Atom"]["link"];
if (is_array($authorlinks)) {
foreach ($authorlinks as $link) {
$linkdata = array_shift($link["attribs"]);
if ($linkdata["rel"] == "alternate")
$res["author-link"] = $linkdata["href"];
};
}
$rawauthor = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author');
if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
$base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
foreach($base as $link) {
if($link['attribs']['']['rel'] === 'alternate')
$res['author-link'] = unxmlify($link['attribs']['']['href']);
if(!x($res, 'author-avatar') || !$res['author-avatar']) {
if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')
$res['author-avatar'] = unxmlify($link['attribs']['']['href']);
}
}
}
$rawactor = $item->get_item_tags(NAMESPACE_ACTIVITY, 'actor');
if($rawactor && activity_match($rawactor[0]['child'][NAMESPACE_ACTIVITY]['object-type'][0]['data'],ACTIVITY_OBJ_PERSON)) {
$base = $rawactor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
if($base && count($base)) {
foreach($base as $link) {
if($link['attribs']['']['rel'] === 'alternate' && (! $res['author-link']))
$res['author-link'] = unxmlify($link['attribs']['']['href']);
if(!x($res, 'author-avatar') || !$res['author-avatar']) {
if($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo')
$res['author-avatar'] = unxmlify($link['attribs']['']['href']);
}
}
}
}
// No photo/profile-link on the item - look at the feed level
if((! (x($res,'author-link'))) || (! (x($res,'author-avatar')))) {
$rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'author');
if($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
$base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
foreach($base as $link) {
if($link['attribs']['']['rel'] === 'alternate' && (! $res['author-link']))
$res['author-link'] = unxmlify($link['attribs']['']['href']);
if(! $res['author-avatar']) {
if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')
$res['author-avatar'] = unxmlify($link['attribs']['']['href']);
}
}
}
$rawactor = $feed->get_feed_tags(NAMESPACE_ACTIVITY, 'subject');
if($rawactor && activity_match($rawactor[0]['child'][NAMESPACE_ACTIVITY]['object-type'][0]['data'],ACTIVITY_OBJ_PERSON)) {
$base = $rawactor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
if($base && count($base)) {
foreach($base as $link) {
if($link['attribs']['']['rel'] === 'alternate' && (! $res['author-link']))
$res['author-link'] = unxmlify($link['attribs']['']['href']);
if(! (x($res,'author-avatar'))) {
if($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo')
$res['author-avatar'] = unxmlify($link['attribs']['']['href']);
}
}
}
}
}
$apps = $item->get_item_tags(NAMESPACE_STATUSNET,'notice_info');
if($apps && $apps[0]['attribs']['']['source']) {
$res['app'] = strip_tags(unxmlify($apps[0]['attribs']['']['source']));
if($res['app'] === 'web')
$res['app'] = 'OStatus';
}
// base64 encoded json structure representing Diaspora signature
$dsig = $item->get_item_tags(NAMESPACE_DFRN,'diaspora_signature');
if($dsig) {
$res['dsprsig'] = unxmlify($dsig[0]['data']);
}
$dguid = $item->get_item_tags(NAMESPACE_DFRN,'diaspora_guid');
if($dguid)
$res['guid'] = unxmlify($dguid[0]['data']);
$bm = $item->get_item_tags(NAMESPACE_DFRN,'bookmark');
if($bm)
$res['bookmark'] = ((unxmlify($bm[0]['data']) === 'true') ? 1 : 0);
/**
* If there's a copy of the body content which is guaranteed to have survived mangling in transit, use it.
*/
$have_real_body = false;
$rawenv = $item->get_item_tags(NAMESPACE_DFRN, 'env');
if($rawenv) {
$have_real_body = true;
$res['body'] = $rawenv[0]['data'];
$res['body'] = str_replace(array(' ',"\t","\r","\n"), array('','','',''),$res['body']);
// make sure nobody is trying to sneak some html tags by us
$res['body'] = notags(base64url_decode($res['body']));
}
$res['body'] = limit_body_size($res['body']);
// It isn't certain at this point whether our content is plaintext or html and we'd be foolish to trust
// the content type. Our own network only emits text normally, though it might have been converted to
// html if we used a pubsubhubbub transport. But if we see even one html tag in our text, we will
// have to assume it is all html and needs to be purified.
// It doesn't matter all that much security wise - because before this content is used anywhere, we are
// going to escape any tags we find regardless, but this lets us import a limited subset of html from
// the wild, by sanitising it and converting supported tags to bbcode before we rip out any remaining
// html.
if((strpos($res['body'],'<') !== false) && (strpos($res['body'],'>') !== false)) {
$res['body'] = reltoabs($res['body'],$base_url);
$res['body'] = html2bb_video($res['body']);
$res['body'] = oembed_html2bbcode($res['body']);
$config = HTMLPurifier_Config::createDefault();
$config->set('Cache.DefinitionImpl', null);
// we shouldn't need a whitelist, because the bbcode converter
// will strip out any unsupported tags.
$purifier = new HTMLPurifier($config);
$res['body'] = $purifier->purify($res['body']);
$res['body'] = @html2bbcode($res['body']);
}
elseif(! $have_real_body) {
// it's not one of our messages and it has no tags
// so it's probably just text. We'll escape it just to be safe.
$res['body'] = escape_tags($res['body']);
}
// this tag is obsolete but we keep it for really old sites
$allow = $item->get_item_tags(NAMESPACE_DFRN,'comment-allow');
if($allow && $allow[0]['data'] == 1)
$res['last-child'] = 1;
else
$res['last-child'] = 0;
$private = $item->get_item_tags(NAMESPACE_DFRN,'private');
if($private && intval($private[0]['data']) > 0)
$res['private'] = intval($private[0]['data']);
else
$res['private'] = 0;
$extid = $item->get_item_tags(NAMESPACE_DFRN,'extid');
if($extid && $extid[0]['data'])
$res['extid'] = $extid[0]['data'];
$rawlocation = $item->get_item_tags(NAMESPACE_DFRN, 'location');
if($rawlocation)
$res['location'] = unxmlify($rawlocation[0]['data']);
$rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'published');
if($rawcreated)
$res['created'] = unxmlify($rawcreated[0]['data']);
$rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'updated');
if($rawedited)
$res['edited'] = unxmlify($rawedited[0]['data']);
if((x($res,'edited')) && (! (x($res,'created'))))
$res['created'] = $res['edited'];
if(! $res['created'])
$res['created'] = $item->get_date('c');
if(! $res['edited'])
$res['edited'] = $item->get_date('c');
// Disallow time travelling posts
$d1 = strtotime($res['created']);
$d2 = strtotime($res['edited']);
$d3 = strtotime('now');
if($d1 > $d3)
$res['created'] = datetime_convert();
if($d2 > $d3)
$res['edited'] = datetime_convert();
$rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner');
if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data'])
$res['owner-name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']);
elseif($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data'])
$res['owner-name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']);
if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data'])
$res['owner-link'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']);
elseif($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data'])
$res['owner-link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']);
if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
$base = $rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
foreach($base as $link) {
if(!x($res, 'owner-avatar') || !$res['owner-avatar']) {
if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')
$res['owner-avatar'] = unxmlify($link['attribs']['']['href']);
}
}
}
$rawgeo = $item->get_item_tags(NAMESPACE_GEORSS,'point');
if($rawgeo)
$res['coord'] = unxmlify($rawgeo[0]['data']);
if ($contact["network"] == NETWORK_FEED) {
$res['verb'] = ACTIVITY_POST;
$res['object-type'] = ACTIVITY_OBJ_NOTE;
}
$rawverb = $item->get_item_tags(NAMESPACE_ACTIVITY, 'verb');
// select between supported verbs
if($rawverb) {
$res['verb'] = unxmlify($rawverb[0]['data']);
}
// translate OStatus unfollow to activity streams if it happened to get selected
if((x($res,'verb')) && ($res['verb'] === 'http://ostatus.org/schema/1.0/unfollow'))
$res['verb'] = ACTIVITY_UNFOLLOW;
$cats = $item->get_categories();
if($cats) {
$tag_arr = array();
foreach($cats as $cat) {
$term = $cat->get_term();
if(! $term)
$term = $cat->get_label();
$scheme = $cat->get_scheme();
if($scheme && $term && stristr($scheme,'X-DFRN:'))
$tag_arr[] = substr($scheme,7,1) . '[url=' . unxmlify(substr($scheme,9)) . ']' . unxmlify($term) . '[/url]';
elseif($term)
$tag_arr[] = notags(trim($term));
}
$res['tag'] = implode(',', $tag_arr);
}
$attach = $item->get_enclosures();
if($attach) {
$att_arr = array();
foreach($attach as $att) {
$len = intval($att->get_length());
$link = str_replace(array(',','"'),array('%2D','%22'),notags(trim(unxmlify($att->get_link()))));
$title = str_replace(array(',','"'),array('%2D','%22'),notags(trim(unxmlify($att->get_title()))));
$type = str_replace(array(',','"'),array('%2D','%22'),notags(trim(unxmlify($att->get_type()))));
if(strpos($type,';'))
$type = substr($type,0,strpos($type,';'));
if((! $link) || (strpos($link,'http') !== 0))
continue;
if(! $title)
$title = ' ';
if(! $type)
$type = 'application/octet-stream';
$att_arr[] = '[attach]href="' . $link . '" length="' . $len . '" type="' . $type . '" title="' . $title . '"[/attach]';
}
$res['attach'] = implode(',', $att_arr);
}
$rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'object');
if($rawobj) {
$res['object'] = '<object>' . "\n";
$child = $rawobj[0]['child'];
if($child[NAMESPACE_ACTIVITY]['object-type'][0]['data']) {
$res['object-type'] = $child[NAMESPACE_ACTIVITY]['object-type'][0]['data'];
$res['object'] .= '<type>' . $child[NAMESPACE_ACTIVITY]['object-type'][0]['data'] . '</type>' . "\n";
}
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'id') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'])
$res['object'] .= '<id>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'] . '</id>' . "\n";
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'link') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['link'])
$res['object'] .= '<link>' . encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) . '</link>' . "\n";
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'title') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'])
$res['object'] .= '<title>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'] . '</title>' . "\n";
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'content') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) {
$body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data'];
if(! $body)
$body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
// preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events
$res['object'] .= '<orig>' . xmlify($body) . '</orig>' . "\n";
if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) {
$body = html2bb_video($body);
$config = HTMLPurifier_Config::createDefault();
$config->set('Cache.DefinitionImpl', null);
$purifier = new HTMLPurifier($config);
$body = $purifier->purify($body);
$body = html2bbcode($body);
}
$res['object'] .= '<content>' . $body . '</content>' . "\n";
}
$res['object'] .= '</object>' . "\n";
}
$rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'target');
if($rawobj) {
$res['target'] = '<target>' . "\n";
$child = $rawobj[0]['child'];
if($child[NAMESPACE_ACTIVITY]['object-type'][0]['data']) {
$res['target'] .= '<type>' . $child[NAMESPACE_ACTIVITY]['object-type'][0]['data'] . '</type>' . "\n";
}
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'id') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'])
$res['target'] .= '<id>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'] . '</id>' . "\n";
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'link') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['link'])
$res['target'] .= '<link>' . encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) . '</link>' . "\n";
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'data') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'])
$res['target'] .= '<title>' . $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'] . '</title>' . "\n";
if(x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'data') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) {
$body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data'];
if(! $body)
$body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
// preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events
$res['target'] .= '<orig>' . xmlify($body) . '</orig>' . "\n";
if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) {
$body = html2bb_video($body);
$config = HTMLPurifier_Config::createDefault();
$config->set('Cache.DefinitionImpl', null);
$purifier = new HTMLPurifier($config);
$body = $purifier->purify($body);
$body = html2bbcode($body);
}
$res['target'] .= '<content>' . $body . '</content>' . "\n";
}
$res['target'] .= '</target>' . "\n";
}
// This is some experimental stuff. By now retweets are shown with "RT:"
// But: There is data so that the message could be shown similar to native retweets
// There is some better way to parse this array - but it didn't worked for me.
$child = $item->feed->data["child"][SIMPLEPIE_NAMESPACE_ATOM_10]["feed"][0]["child"][SIMPLEPIE_NAMESPACE_ATOM_10]["entry"][0]["child"]["http://activitystrea.ms/spec/1.0/"][object][0]["child"];
if (is_array($child)) {
logger('get_atom_elements: Looking for status.net repeated message');
$message = $child["http://activitystrea.ms/spec/1.0/"]["object"][0]["child"][SIMPLEPIE_NAMESPACE_ATOM_10]["content"][0]["data"];
$orig_id = ostatus_convert_href($child["http://activitystrea.ms/spec/1.0/"]["object"][0]["child"][SIMPLEPIE_NAMESPACE_ATOM_10]["id"][0]["data"]);
$author = $child[SIMPLEPIE_NAMESPACE_ATOM_10]["author"][0]["child"][SIMPLEPIE_NAMESPACE_ATOM_10];
$uri = $author["uri"][0]["data"];
$name = $author["name"][0]["data"];
$avatar = @array_shift($author["link"][2]["attribs"]);
$avatar = $avatar["href"];
if (($name != "") and ($uri != "") and ($avatar != "") and ($message != "")) {
logger('get_atom_elements: fixing sender of repeated message. '.$orig_id, LOGGER_DEBUG);
if (!intval(get_config('system','wall-to-wall_share'))) {
$prefix = share_header($name, $uri, $avatar, "", "", $orig_link);
$res["body"] = $prefix.html2bbcode($message)."[/share]";
} else {
$res["owner-name"] = $res["author-name"];
$res["owner-link"] = $res["author-link"];
$res["owner-avatar"] = $res["author-avatar"];
$res["author-name"] = $name;
$res["author-link"] = $uri;
$res["author-avatar"] = $avatar;
$res["body"] = html2bbcode($message);
}
}
}
if (isset($contact["network"]) AND ($contact["network"] == NETWORK_FEED) AND $contact['fetch_further_information']) {
$preview = "";
// Handle enclosures and treat them as preview picture
if (isset($attach))
foreach ($attach AS $attachment)
if ($attachment->type == "image/jpeg")
$preview = $attachment->link;
$res["body"] = $res["title"].add_page_info($res['plink'], false, $preview, ($contact['fetch_further_information'] == 2), $contact['ffi_keyword_blacklist']);
$res["tag"] = add_page_keywords($res['plink'], false, $preview, ($contact['fetch_further_information'] == 2), $contact['ffi_keyword_blacklist']);
$res["title"] = "";
$res["object-type"] = ACTIVITY_OBJ_BOOKMARK;
unset($res["attach"]);
} elseif (isset($contact["network"]) AND ($contact["network"] == NETWORK_OSTATUS))
$res["body"] = add_page_info_to_body($res["body"]);
elseif (isset($contact["network"]) AND ($contact["network"] == NETWORK_FEED) AND strstr($res['plink'], ".app.net/")) {
$res["body"] = add_page_info_to_body($res["body"]);
}
$arr = array('feed' => $feed, 'item' => $item, 'result' => $res);
call_hooks('parse_atom', $arr);
return $res;
}
function add_page_info_data($data) {
call_hooks('page_info_data', $data);
// It maybe is a rich content, but if it does have everything that a link has,
// then treat it that way
if (($data["type"] == "rich") AND is_string($data["title"]) AND
is_string($data["text"]) AND (sizeof($data["images"]) > 0))
$data["type"] = "link";
if ((($data["type"] != "link") AND ($data["type"] != "video") AND ($data["type"] != "photo")) OR ($data["title"] == $url))
return("");
if ($no_photos AND ($data["type"] == "photo"))
return("");
// If the link contains BBCode stuff, make a short link out of this to avoid parsing problems
if (strpos($data["url"], '[') OR strpos($data["url"], ']')) {
require_once("include/network.php");
$data["url"] = short_link($data["url"]);
}
if (($data["type"] != "photo") AND is_string($data["title"]))
$text .= "[bookmark=".$data["url"]."]".trim($data["title"])."[/bookmark]";
if (($data["type"] != "video") AND ($photo != ""))
$text .= '[img]'.$photo.'[/img]';
elseif (($data["type"] != "video") AND (sizeof($data["images"]) > 0)) {
$imagedata = $data["images"][0];
$text .= '[img]'.$imagedata["src"].'[/img]';
}
if (($data["type"] != "photo") AND is_string($data["text"]))
$text .= "[quote]".$data["text"]."[/quote]";
$hashtags = "";
if (isset($data["keywords"]) AND count($data["keywords"])) {
$a = get_app();
$hashtags = "\n";
foreach ($data["keywords"] AS $keyword) {
$hashtag = str_replace(array(" ", "+", "/", ".", "#", "'"),
array("","", "", "", "", ""), $keyword);
$hashtags .= "#[url=".$a->get_baseurl()."/search?tag=".rawurlencode($hashtag)."]".$hashtag."[/url] ";
}
}
return("\n[class=type-".$data["type"]."]".$text."[/class]".$hashtags);
}
function query_page_info($url, $no_photos = false, $photo = "", $keywords = false, $keyword_blacklist = "") {
require_once("mod/parse_url.php");
$data = Cache::get("parse_url:".$url);
if (is_null($data)){
$data = parseurl_getsiteinfo($url, true);
Cache::set("parse_url:".$url,serialize($data), CACHE_DAY);
} else
$data = unserialize($data);
if ($photo != "")
$data["images"][0]["src"] = $photo;
logger('fetch page info for '.$url.' '.print_r($data, true), LOGGER_DEBUG);
if (!$keywords AND isset($data["keywords"]))
unset($data["keywords"]);
if (($keyword_blacklist != "") AND isset($data["keywords"])) {
$list = explode(",", $keyword_blacklist);
foreach ($list AS $keyword) {
$keyword = trim($keyword);
$index = array_search($keyword, $data["keywords"]);
if ($index !== false)
unset($data["keywords"][$index]);
}
}
return($data);
}
function add_page_keywords($url, $no_photos = false, $photo = "", $keywords = false, $keyword_blacklist = "") {
$data = query_page_info($url, $no_photos, $photo, $keywords, $keyword_blacklist);
$tags = "";
if (isset($data["keywords"]) AND count($data["keywords"])) {
$a = get_app();
foreach ($data["keywords"] AS $keyword) {
$hashtag = str_replace(array(" ", "+", "/", ".", "#", "'"),
array("","", "", "", "", ""), $keyword);
if ($tags != "")
$tags .= ",";
$tags .= "#[url=".$a->get_baseurl()."/search?tag=".rawurlencode($hashtag)."]".$hashtag."[/url]";
}
}
return($tags);
}
function add_page_info($url, $no_photos = false, $photo = "", $keywords = false, $keyword_blacklist = "") {
$data = query_page_info($url, $no_photos, $photo, $keywords, $keyword_blacklist);
$text = add_page_info_data($data);
return($text);
}
function add_page_info_to_body($body, $texturl = false, $no_photos = false) {
logger('add_page_info_to_body: fetch page info for body '.$body, LOGGER_DEBUG);
$URLSearchString = "^\[\]";
// Adding these spaces is a quick hack due to my problems with regular expressions :)
preg_match("/[^!#@]\[url\]([$URLSearchString]*)\[\/url\]/ism", " ".$body, $matches);
if (!$matches)
preg_match("/[^!#@]\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", " ".$body, $matches);
// Convert urls without bbcode elements
if (!$matches AND $texturl) {
preg_match("/([^\]\='".'"'."]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,]+)/ism", " ".$body, $matches);
// Yeah, a hack. I really hate regular expressions :)
if ($matches)
$matches[1] = $matches[2];
}
if ($matches)
$footer = add_page_info($matches[1], $no_photos);
// Remove the link from the body if the link is attached at the end of the post
if (isset($footer) AND (trim($footer) != "") AND (strpos($footer, $matches[1]))) {
$removedlink = trim(str_replace($matches[1], "", $body));
if (($removedlink == "") OR strstr($body, $removedlink))
$body = $removedlink;
$url = str_replace(array('/', '.'), array('\/', '\.'), $matches[1]);
$removedlink = preg_replace("/\[url\=".$url."\](.*?)\[\/url\]/ism", '', $body);
if (($removedlink == "") OR strstr($body, $removedlink))
$body = $removedlink;
}
// Add the page information to the bottom
if (isset($footer) AND (trim($footer) != ""))
$body .= $footer;
return $body;
}
function encode_rel_links($links) {
$o = '';
if(! ((is_array($links)) && (count($links))))
return $o;
foreach($links as $link) {
$o .= '<link ';
if($link['attribs']['']['rel'])
$o .= 'rel="' . $link['attribs']['']['rel'] . '" ';
if($link['attribs']['']['type'])
$o .= 'type="' . $link['attribs']['']['type'] . '" ';
if($link['attribs']['']['href'])
$o .= 'href="' . $link['attribs']['']['href'] . '" ';
if( (x($link['attribs'],NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['width'])
$o .= 'media:width="' . $link['attribs'][NAMESPACE_MEDIA]['width'] . '" ';
if( (x($link['attribs'],NAMESPACE_MEDIA)) && $link['attribs'][NAMESPACE_MEDIA]['height'])
$o .= 'media:height="' . $link['attribs'][NAMESPACE_MEDIA]['height'] . '" ';
$o .= ' />' . "\n" ;
}
return xmlify($o);
}
function add_guid($item) {
$r = q("SELECT `guid` FROM `guid` WHERE `guid` = '%s' LIMIT 1", dbesc($item["guid"]));
if ($r)
return;
q("INSERT INTO `guid` (`guid`,`plink`,`uri`,`network`) VALUES ('%s','%s','%s','%s')",
dbesc($item["guid"]), dbesc($item["plink"]),
dbesc($item["uri"]), dbesc($item["network"]));
}
function item_store($arr,$force_parent = false, $notify = false, $dontcache = false) {
// If it is a posting where users should get notifications, then define it as wall posting
if ($notify) {
$arr['wall'] = 1;
$arr['type'] = 'wall';
$arr['origin'] = 1;
$arr['last-child'] = 1;
$arr['network'] = NETWORK_DFRN;
}
// If a Diaspora signature structure was passed in, pull it out of the
// item array and set it aside for later storage.
$dsprsig = null;
if(x($arr,'dsprsig')) {
$dsprsig = json_decode(base64_decode($arr['dsprsig']));
unset($arr['dsprsig']);
}
// Converting the plink
if ($arr['network'] == NETWORK_OSTATUS) {
if (isset($arr['plink']))
$arr['plink'] = ostatus_convert_href($arr['plink']);
elseif (isset($arr['uri']))
$arr['plink'] = ostatus_convert_href($arr['uri']);
}
if(x($arr, 'gravity'))
$arr['gravity'] = intval($arr['gravity']);
elseif($arr['parent-uri'] === $arr['uri'])
$arr['gravity'] = 0;
elseif(activity_match($arr['verb'],ACTIVITY_POST))
$arr['gravity'] = 6;
else
$arr['gravity'] = 6; // extensible catchall
if(! x($arr,'type'))
$arr['type'] = 'remote';
/* check for create date and expire time */
$uid = intval($arr['uid']);
$r = q("SELECT expire FROM user WHERE uid = %d", intval($uid));
if(count($r)) {
$expire_interval = $r[0]['expire'];
if ($expire_interval>0) {
$expire_date = new DateTime( '- '.$expire_interval.' days', new DateTimeZone('UTC'));
$created_date = new DateTime($arr['created'], new DateTimeZone('UTC'));
if ($created_date < $expire_date) {
logger('item-store: item created ('.$arr['created'].') before expiration time ('.$expire_date->format(DateTime::W3C).'). ignored. ' . print_r($arr,true), LOGGER_DEBUG);
return 0;
}
}
}
// If there is no guid then take the same guid that was taken before for the same uri
if ((trim($arr['guid']) == "") AND (trim($arr['uri']) != "") AND (trim($arr['network']) != "")) {
logger('item_store: checking for an existing guid for uri '.$arr['uri'], LOGGER_DEBUG);
$r = q("SELECT `guid` FROM `guid` WHERE `uri` = '%s' AND `network` = '%s' LIMIT 1",
dbesc(trim($arr['uri'])), dbesc(trim($arr['network'])));
if(count($r)) {
$arr['guid'] = $r[0]["guid"];
logger('item_store: found guid '.$arr['guid'].' for uri '.$arr['uri'], LOGGER_DEBUG);
}
}
// If there is no guid then take the same guid that was taken before for the same plink
if ((trim($arr['guid']) == "") AND (trim($arr['plink']) != "") AND (trim($arr['network']) != "")) {
logger('item_store: checking for an existing guid for plink '.$arr['plink'], LOGGER_DEBUG);
$r = q("SELECT `guid`, `uri` FROM `guid` WHERE `plink` = '%s' AND `network` = '%s' LIMIT 1",
dbesc(trim($arr['plink'])), dbesc(trim($arr['network'])));
if(count($r)) {
$arr['guid'] = $r[0]["guid"];
logger('item_store: found guid '.$arr['guid'].' for plink '.$arr['plink'], LOGGER_DEBUG);
if ($r[0]["uri"] != $arr['uri'])
logger('Different uri for same guid: '.$arr['uri'].' and '.$r[0]["uri"].' - this shouldnt happen!', LOGGER_DEBUG);
}
}
// Shouldn't happen but we want to make absolutely sure it doesn't leak from a plugin.
// Deactivated, since the bbcode parser can handle with it - and it destroys posts with some smileys that contain "<"
//if((strpos($arr['body'],'<') !== false) || (strpos($arr['body'],'>') !== false))
// $arr['body'] = strip_tags($arr['body']);
if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
require_once('library/langdet/Text/LanguageDetect.php');
$naked_body = preg_replace('/\[(.+?)\]/','',$arr['body']);
$l = new Text_LanguageDetect;
//$lng = $l->detectConfidence($naked_body);
//$arr['postopts'] = (($lng['language']) ? 'lang=' . $lng['language'] . ';' . $lng['confidence'] : '');
$lng = $l->detect($naked_body, 3);
if (sizeof($lng) > 0) {
$postopts = "";
foreach ($lng as $language => $score) {
if ($postopts == "")
$postopts = "lang=";
else
$postopts .= ":";
$postopts .= $language.";".$score;
}
$arr['postopts'] = $postopts;
}
}
$arr['wall'] = ((x($arr,'wall')) ? intval($arr['wall']) : 0);
$arr['guid'] = ((x($arr,'guid')) ? notags(trim($arr['guid'])) : get_guid(32, $arr['network']));
$arr['uri'] = ((x($arr,'uri')) ? notags(trim($arr['uri'])) : $arr['guid']);
$arr['extid'] = ((x($arr,'extid')) ? notags(trim($arr['extid'])) : '');
$arr['author-name'] = ((x($arr,'author-name')) ? notags(trim($arr['author-name'])) : '');
$arr['author-link'] = ((x($arr,'author-link')) ? notags(trim($arr['author-link'])) : '');
$arr['author-avatar'] = ((x($arr,'author-avatar')) ? notags(trim($arr['author-avatar'])) : '');
$arr['owner-name'] = ((x($arr,'owner-name')) ? notags(trim($arr['owner-name'])) : '');
$arr['owner-link'] = ((x($arr,'owner-link')) ? notags(trim($arr['owner-link'])) : '');
$arr['owner-avatar'] = ((x($arr,'owner-avatar')) ? notags(trim($arr['owner-avatar'])) : '');
$arr['created'] = ((x($arr,'created') !== false) ? datetime_convert('UTC','UTC',$arr['created']) : datetime_convert());
$arr['edited'] = ((x($arr,'edited') !== false) ? datetime_convert('UTC','UTC',$arr['edited']) : datetime_convert());
$arr['commented'] = ((x($arr,'commented') !== false) ? datetime_convert('UTC','UTC',$arr['commented']) : datetime_convert());
$arr['received'] = ((x($arr,'received') !== false) ? datetime_convert('UTC','UTC',$arr['received']) : datetime_convert());
$arr['changed'] = ((x($arr,'changed') !== false) ? datetime_convert('UTC','UTC',$arr['changed']) : datetime_convert());
$arr['title'] = ((x($arr,'title')) ? notags(trim($arr['title'])) : '');
$arr['location'] = ((x($arr,'location')) ? notags(trim($arr['location'])) : '');
$arr['coord'] = ((x($arr,'coord')) ? notags(trim($arr['coord'])) : '');
$arr['last-child'] = ((x($arr,'last-child')) ? intval($arr['last-child']) : 0 );
$arr['visible'] = ((x($arr,'visible') !== false) ? intval($arr['visible']) : 1 );
$arr['deleted'] = 0;
$arr['parent-uri'] = ((x($arr,'parent-uri')) ? notags(trim($arr['parent-uri'])) : '');
$arr['verb'] = ((x($arr,'verb')) ? notags(trim($arr['verb'])) : '');
$arr['object-type'] = ((x($arr,'object-type')) ? notags(trim($arr['object-type'])) : '');
$arr['object'] = ((x($arr,'object')) ? trim($arr['object']) : '');
$arr['target-type'] = ((x($arr,'target-type')) ? notags(trim($arr['target-type'])) : '');
$arr['target'] = ((x($arr,'target')) ? trim($arr['target']) : '');
$arr['plink'] = ((x($arr,'plink')) ? notags(trim($arr['plink'])) : '');
$arr['allow_cid'] = ((x($arr,'allow_cid')) ? trim($arr['allow_cid']) : '');
$arr['allow_gid'] = ((x($arr,'allow_gid')) ? trim($arr['allow_gid']) : '');
$arr['deny_cid'] = ((x($arr,'deny_cid')) ? trim($arr['deny_cid']) : '');
$arr['deny_gid'] = ((x($arr,'deny_gid')) ? trim($arr['deny_gid']) : '');
$arr['private'] = ((x($arr,'private')) ? intval($arr['private']) : 0 );
$arr['bookmark'] = ((x($arr,'bookmark')) ? intval($arr['bookmark']) : 0 );
$arr['body'] = ((x($arr,'body')) ? trim($arr['body']) : '');
$arr['tag'] = ((x($arr,'tag')) ? notags(trim($arr['tag'])) : '');
$arr['attach'] = ((x($arr,'attach')) ? notags(trim($arr['attach'])) : '');
$arr['app'] = ((x($arr,'app')) ? notags(trim($arr['app'])) : '');
$arr['origin'] = ((x($arr,'origin')) ? intval($arr['origin']) : 0 );
$arr['network'] = ((x($arr,'network')) ? trim($arr['network']) : '');
$arr['postopts'] = ((x($arr,'postopts')) ? trim($arr['postopts']) : '');
$arr['resource-id'] = ((x($arr,'resource-id')) ? trim($arr['resource-id']) : '');
$arr['event-id'] = ((x($arr,'event-id')) ? intval($arr['event-id']) : 0 );
$arr['inform'] = ((x($arr,'inform')) ? trim($arr['inform']) : '');
$arr['file'] = ((x($arr,'file')) ? trim($arr['file']) : '');
if ($arr['plink'] == "") {
$a = get_app();
$arr['plink'] = $a->get_baseurl().'/display/'.urlencode($arr['guid']);
}
if ($arr['network'] == "") {
$r = q("SELECT `network` FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($arr['contact-id']),
intval($arr['uid'])
);
if(count($r))
$arr['network'] = $r[0]["network"];
// Fallback to friendica (why is it empty in some cases?)
if ($arr['network'] == "")
$arr['network'] = NETWORK_DFRN;
logger("item_store: Set network to ".$arr["network"]." for ".$arr["uri"], LOGGER_DEBUG);
}
if ($arr['guid'] != "") {
// Checking if there is already an item with the same guid
logger('checking for an item for user '.$arr['uid'].' on network '.$arr['network'].' with the guid '.$arr['guid'], LOGGER_DEBUG);
$r = q("SELECT `guid` FROM `item` WHERE `guid` = '%s' AND `network` = '%s' AND `uid` = '%d' LIMIT 1",
dbesc($arr['guid']), dbesc($arr['network']), intval($arr['uid']));
if(count($r)) {
logger('found item with guid '.$arr['guid'].' for user '.$arr['uid'].' on network '.$arr['network'], LOGGER_DEBUG);
return 0;
}
}
// Check for hashtags in the body and repair or add hashtag links
item_body_set_hashtags($arr);
$arr['thr-parent'] = $arr['parent-uri'];
if($arr['parent-uri'] === $arr['uri']) {
$parent_id = 0;
$parent_deleted = 0;
$allow_cid = $arr['allow_cid'];
$allow_gid = $arr['allow_gid'];
$deny_cid = $arr['deny_cid'];
$deny_gid = $arr['deny_gid'];
$notify_type = 'wall-new';
}
else {
// find the parent and snarf the item id and ACLs
// and anything else we need to inherit
$r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC LIMIT 1",
dbesc($arr['parent-uri']),
intval($arr['uid'])
);
if(count($r)) {
// is the new message multi-level threaded?
// even though we don't support it now, preserve the info
// and re-attach to the conversation parent.
if($r[0]['uri'] != $r[0]['parent-uri']) {
$arr['parent-uri'] = $r[0]['parent-uri'];
$z = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d
ORDER BY `id` ASC LIMIT 1",
dbesc($r[0]['parent-uri']),
dbesc($r[0]['parent-uri']),
intval($arr['uid'])
);
if($z && count($z))
$r = $z;
}
$parent_id = $r[0]['id'];
$parent_deleted = $r[0]['deleted'];
$allow_cid = $r[0]['allow_cid'];
$allow_gid = $r[0]['allow_gid'];
$deny_cid = $r[0]['deny_cid'];
$deny_gid = $r[0]['deny_gid'];
$arr['wall'] = $r[0]['wall'];
$notify_type = 'comment-new';
// if the parent is private, force privacy for the entire conversation
// This differs from the above settings as it subtly allows comments from
// email correspondents to be private even if the overall thread is not.
if($r[0]['private'])
$arr['private'] = $r[0]['private'];
// Edge case. We host a public forum that was originally posted to privately.
// The original author commented, but as this is a comment, the permissions
// weren't fixed up so it will still show the comment as private unless we fix it here.
if((intval($r[0]['forum_mode']) == 1) && (! $r[0]['private']))
$arr['private'] = 0;
// If its a post from myself then tag the thread as "mention"
logger("item_store: Checking if parent ".$parent_id." has to be tagged as mention for user ".$arr['uid'], LOGGER_DEBUG);
$u = q("select * from user where uid = %d limit 1", intval($arr['uid']));
if(count($u)) {
$a = get_app();
$self = normalise_link($a->get_baseurl() . '/profile/' . $u[0]['nickname']);
logger("item_store: 'myself' is ".$self." for parent ".$parent_id." checking against ".$arr['author-link']." and ".$arr['owner-link'], LOGGER_DEBUG);
if ((normalise_link($arr['author-link']) == $self) OR (normalise_link($arr['owner-link']) == $self)) {
q("UPDATE `thread` SET `mention` = 1 WHERE `iid` = %d", intval($parent_id));
logger("item_store: tagged thread ".$parent_id." as mention for user ".$self, LOGGER_DEBUG);
}
}
}
else {
// Allow one to see reply tweets from status.net even when
// we don't have or can't see the original post.
if($force_parent) {
logger('item_store: $force_parent=true, reply converted to top-level post.');
$parent_id = 0;
$arr['parent-uri'] = $arr['uri'];
$arr['gravity'] = 0;
}
else {
logger('item_store: item parent '.$arr['parent-uri'].' for '.$arr['uid'].' was not found - ignoring item');
return 0;
}
$parent_deleted = 0;
}
}
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `network` = '%s' AND `uid` = %d LIMIT 1",
dbesc($arr['uri']),
dbesc($arr['network']),
intval($arr['uid'])
);
if($r && count($r)) {
logger('duplicated item with the same uri found. ' . print_r($arr,true));
return 0;
}
// Check for an existing post with the same content. There seems to be a problem with OStatus.
$r = q("SELECT `id` FROM `item` WHERE `body` = '%s' AND `network` = '%s' AND `created` = '%s' AND `contact-id` = %d AND `uid` = %d LIMIT 1",
dbesc($arr['body']),
dbesc($arr['network']),
dbesc($arr['created']),
intval($arr['contact-id']),
intval($arr['uid'])
);
if($r && count($r)) {
logger('duplicated item with the same body found. ' . print_r($arr,true));
return 0;
}
// Is this item available in the global items (with uid=0)?
if ($arr["uid"] == 0) {
$arr["global"] = true;
q("UPDATE `item` SET `global` = 1 WHERE `guid` = '%s'", dbesc($arr["guid"]));
} else {
$isglobal = q("SELECT `global` FROM `item` WHERE `uid` = 0 AND `guid` = '%s'", dbesc($arr["guid"]));
$arr["global"] = (count($isglobal) > 0);
}
// Fill the cache field
put_item_in_cache($arr);
call_hooks('post_remote',$arr);
if(x($arr,'cancel')) {
logger('item_store: post cancelled by plugin.');
return 0;
}
// Store the unescaped version
$unescaped = $arr;
dbesc_array($arr);
logger('item_store: ' . print_r($arr,true), LOGGER_DATA);
$r = dbq("INSERT INTO `item` (`"
. implode("`, `", array_keys($arr))
. "`) VALUES ('"
. implode("', '", array_values($arr))
. "')" );
// And restore it
$arr = $unescaped;
// find the item we just created
$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `uid` = %d ORDER BY `id` ASC ",
dbesc($arr['uri']),
intval($arr['uid'])
);
if(count($r)) {
// Store the guid and other relevant data
add_guid($arr);
$current_post = $r[0]['id'];
logger('item_store: created item ' . $current_post);
// Set "success_update" and "last-item" to the date of the last time we heard from this contact
// This can be used to filter for inactive contacts.
// Only do this for public postings to avoid privacy problems, since poco data is public.
// Don't set this value if it isn't from the owner (could be an author that we don't know)
$update = (!$arr['private'] AND (($arr["author-link"] === $arr["owner-link"]) OR ($arr["parent-uri"] === $arr["uri"])));
// Is it a forum? Then we don't care about the rules from above
if (!$update AND ($arr["network"] == NETWORK_DFRN) AND ($arr["parent-uri"] === $arr["uri"])) {
$isforum = q("SELECT `forum` FROM `contact` WHERE `id` = %d AND `forum`",
intval($arr['contact-id']));
if ($isforum)
$update = true;
}
if ($update)
q("UPDATE `contact` SET `success_update` = '%s', `last-item` = '%s' WHERE `id` = %d",
dbesc($arr['received']),
dbesc($arr['received']),
intval($arr['contact-id'])
);
} else {
logger('item_store: could not locate created item');
return 0;
}
if(count($r) > 1) {
logger('item_store: duplicated post occurred. Removing duplicates. uri = '.$arr['uri'].' uid = '.$arr['uid']);
q("DELETE FROM `item` WHERE `uri` = '%s' AND `uid` = %d AND `id` != %d ",
dbesc($arr['uri']),
intval($arr['uid']),
intval($current_post)
);
}
if((! $parent_id) || ($arr['parent-uri'] === $arr['uri']))
$parent_id = $current_post;
if(strlen($allow_cid) || strlen($allow_gid) || strlen($deny_cid) || strlen($deny_gid))
$private = 1;
else
$private = $arr['private'];
// Set parent id - and also make sure to inherit the parent's ACLs.
$r = q("UPDATE `item` SET `parent` = %d, `allow_cid` = '%s', `allow_gid` = '%s',
`deny_cid` = '%s', `deny_gid` = '%s', `private` = %d, `deleted` = %d WHERE `id` = %d",
intval($parent_id),
dbesc($allow_cid),
dbesc($allow_gid),
dbesc($deny_cid),
dbesc($deny_gid),
intval($private),
intval($parent_deleted),
intval($current_post)
);
$arr['id'] = $current_post;
$arr['parent'] = $parent_id;
$arr['allow_cid'] = $allow_cid;
$arr['allow_gid'] = $allow_gid;
$arr['deny_cid'] = $deny_cid;
$arr['deny_gid'] = $deny_gid;
$arr['private'] = $private;
$arr['deleted'] = $parent_deleted;
// update the commented timestamp on the parent
// Only update "commented" if it is really a comment
if (($arr['verb'] == ACTIVITY_POST) OR !get_config("system", "like_no_comment"))
q("UPDATE `item` SET `commented` = '%s', `changed` = '%s' WHERE `id` = %d",
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($parent_id)
);
else
q("UPDATE `item` SET `changed` = '%s' WHERE `id` = %d",
dbesc(datetime_convert()),
intval($parent_id)
);
if($dsprsig) {
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($current_post),
dbesc($dsprsig->signed_text),
dbesc($dsprsig->signature),
dbesc($dsprsig->signer)
);
}
/**
* If this is now the last-child, force all _other_ children of this parent to *not* be last-child
*/
if($arr['last-child']) {
$r = q("UPDATE `item` SET `last-child` = 0 WHERE `parent-uri` = '%s' AND `uid` = %d AND `id` != %d",
dbesc($arr['uri']),
intval($arr['uid']),
intval($current_post)
);
}
$deleted = tag_deliver($arr['uid'],$current_post);
// current post can be deleted if is for a community page and no mention are
// in it.
if (!$deleted AND !$dontcache) {
$r = q('SELECT * FROM `item` WHERE id = %d', intval($current_post));
if (count($r) == 1) {
call_hooks('post_remote_end', $r[0]);
} else
logger('item_store: new item not found in DB, id ' . $current_post);
}
// Add every contact of the post to the global contact table
poco_store($arr);
create_tags_from_item($current_post);
create_files_from_item($current_post);
// Only check for notifications on start posts
if ($arr['parent-uri'] === $arr['uri']) {
add_thread($current_post);
logger('item_store: Check notification for contact '.$arr['contact-id'].' and post '.$current_post, LOGGER_DEBUG);
// Send a notification for every new post?
$r = q("SELECT `notify_new_posts` FROM `contact` WHERE `id` = %d AND `uid` = %d AND `notify_new_posts` LIMIT 1",
intval($arr['contact-id']),
intval($arr['uid'])
);
$send_notification = count($r);
if (!$send_notification) {
$tags = q("SELECT `url` FROM `term` WHERE `otype` = %d AND `oid` = %d AND `type` = %d AND `uid` = %d",
intval(TERM_OBJ_POST), intval($current_post), intval(TERM_MENTION), intval($arr['uid']));
if (count($tags)) {
foreach ($tags AS $tag) {
$r = q("SELECT `id` FROM `contact` WHERE `nurl` = '%s' AND `uid` = %d AND `notify_new_posts`",
normalise_link($tag["url"]), intval($arr['uid']));
if (count($r))
$send_notification = true;
}
}
}
if ($send_notification) {
logger('item_store: Send notification for contact '.$arr['contact-id'].' and post '.$current_post, LOGGER_DEBUG);
$u = q("SELECT * FROM user WHERE uid = %d LIMIT 1",
intval($arr['uid']));
$item = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d",
intval($current_post),
intval($arr['uid'])
);
$a = get_app();
require_once('include/enotify.php');
notification(array(
'type' => NOTIFY_SHARE,
'notify_flags' => $u[0]['notify-flags'],
'language' => $u[0]['language'],
'to_name' => $u[0]['username'],
'to_email' => $u[0]['email'],
'uid' => $u[0]['uid'],
'item' => $item[0],
'link' => $a->get_baseurl().'/display/'.urlencode($arr['guid']),
'source_name' => $item[0]['author-name'],
'source_link' => $item[0]['author-link'],
'source_photo' => $item[0]['author-avatar'],
'verb' => ACTIVITY_TAG,
'otype' => 'item',
'parent' => $arr['parent']
));
logger('item_store: Notification sent for contact '.$arr['contact-id'].' and post '.$current_post, LOGGER_DEBUG);
}
} else {
update_thread($parent_id);
add_shadow_entry($arr);
}
if ($notify)
proc_run('php', "include/notifier.php", $notify_type, $current_post);
return $current_post;
}
function item_body_set_hashtags(&$item) {
$tags = get_tags($item["body"]);
// No hashtags?
if(!count($tags))
return(false);
// This sorting is important when there are hashtags that are part of other hashtags
// Otherwise there could be problems with hashtags like #test and #test2
rsort($tags);
$a = get_app();
$URLSearchString = "^\[\]";
// All hashtags should point to the home server
//$item["body"] = preg_replace("/#\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism",
// "#[url=".$a->get_baseurl()."/search?tag=$2]$2[/url]", $item["body"]);
//$item["tag"] = preg_replace("/#\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism",
// "#[url=".$a->get_baseurl()."/search?tag=$2]$2[/url]", $item["tag"]);
// mask hashtags inside of url, bookmarks and attachments to avoid urls in urls
$item["body"] = preg_replace_callback("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism",
function ($match){
return("[url=".str_replace("#", "&num;", $match[1])."]".str_replace("#", "&num;", $match[2])."[/url]");
},$item["body"]);
$item["body"] = preg_replace_callback("/\[bookmark\=([$URLSearchString]*)\](.*?)\[\/bookmark\]/ism",
function ($match){
return("[bookmark=".str_replace("#", "&num;", $match[1])."]".str_replace("#", "&num;", $match[2])."[/bookmark]");
},$item["body"]);
$item["body"] = preg_replace_callback("/\[attachment (.*)\](.*?)\[\/attachment\]/ism",
function ($match){
return("[attachment ".str_replace("#", "&num;", $match[1])."]".$match[2]."[/attachment]");
},$item["body"]);
// Repair recursive urls
$item["body"] = preg_replace("/&num;\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism",
"&num;$2", $item["body"]);
foreach($tags as $tag) {
if(strpos($tag,'#') !== 0)
continue;
if(strpos($tag,'[url='))
continue;
$basetag = str_replace('_',' ',substr($tag,1));
$newtag = '#[url='.$a->get_baseurl().'/search?tag='.rawurlencode($basetag).']'.$basetag.'[/url]';
$item["body"] = str_replace($tag, $newtag, $item["body"]);
if(!stristr($item["tag"],"/search?tag=".$basetag."]".$basetag."[/url]")) {
if(strlen($item["tag"]))
$item["tag"] = ','.$item["tag"];
$item["tag"] = $newtag.$item["tag"];
}
}
// Convert back the masked hashtags
$item["body"] = str_replace("&num;", "#", $item["body"]);
}
function get_item_guid($id) {
$r = q("SELECT `guid` FROM `item` WHERE `id` = %d LIMIT 1", intval($id));
if (count($r))
return($r[0]["guid"]);
else
return("");
}
function get_item_id($guid, $uid = 0) {
$nick = "";
$id = 0;
if ($uid == 0)
$uid == local_user();
// Does the given user have this item?
if ($uid) {
$r = q("SELECT `item`.`id`, `user`.`nickname` FROM `item` INNER JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
AND `item`.`guid` = '%s' AND `item`.`uid` = %d", dbesc($guid), intval($uid));
if (count($r)) {
$id = $r[0]["id"];
$nick = $r[0]["nickname"];
}
}
// Or is it anywhere on the server?
if ($nick == "") {
$r = q("SELECT `item`.`id`, `user`.`nickname` FROM `item` INNER JOIN `user` ON `user`.`uid` = `item`.`uid`
WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
AND `item`.`private` = 0 AND `item`.`wall` = 1
AND `item`.`guid` = '%s'", dbesc($guid));
if (count($r)) {
$id = $r[0]["id"];
$nick = $r[0]["nickname"];
}
}
return(array("nick" => $nick, "id" => $id));
}
// return - test
function get_item_contact($item,$contacts) {
if(! count($contacts) || (! is_array($item)))
return false;
foreach($contacts as $contact) {
if($contact['id'] == $item['contact-id']) {
return $contact;
break; // NOTREACHED
}
}
return false;
}
/**
* look for mention tags and setup a second delivery chain for forum/community posts if appropriate
* @param int $uid
* @param int $item_id
* @return bool true if item was deleted, else false
*/
function tag_deliver($uid,$item_id) {
//
$a = get_app();
$mention = false;
$u = q("select * from user where uid = %d limit 1",
intval($uid)
);
if(! count($u))
return;
$community_page = (($u[0]['page-flags'] == PAGE_COMMUNITY) ? true : false);
$prvgroup = (($u[0]['page-flags'] == PAGE_PRVGROUP) ? true : false);
$i = q("select * from item where id = %d and uid = %d limit 1",
intval($item_id),
intval($uid)
);
if(! count($i))
return;
$item = $i[0];
$link = normalise_link($a->get_baseurl() . '/profile/' . $u[0]['nickname']);
// Diaspora uses their own hardwired link URL in @-tags
// instead of the one we supply with webfinger
$dlink = normalise_link($a->get_baseurl() . '/u/' . $u[0]['nickname']);
$cnt = preg_match_all('/[\@\!]\[url\=(.*?)\](.*?)\[\/url\]/ism',$item['body'],$matches,PREG_SET_ORDER);
if($cnt) {
foreach($matches as $mtch) {
if(link_compare($link,$mtch[1]) || link_compare($dlink,$mtch[1])) {
$mention = true;
logger('tag_deliver: mention found: ' . $mtch[2]);
}
}
}
if(! $mention){
if ( ($community_page || $prvgroup) &&
(!$item['wall']) && (!$item['origin']) && ($item['id'] == $item['parent'])){
// mmh.. no mention.. community page or private group... no wall.. no origin.. top-post (not a comment)
// delete it!
logger("tag_deliver: no-mention top-level post to communuty or private group. delete.");
q("DELETE FROM item WHERE id = %d and uid = %d",
intval($item_id),
intval($uid)
);
return true;
}
return;
}
// send a notification
// use a local photo if we have one
$r = q("select * from contact where uid = %d and nurl = '%s' limit 1",
intval($u[0]['uid']),
dbesc(normalise_link($item['author-link']))
);
$photo = (($r && count($r)) ? $r[0]['thumb'] : $item['author-avatar']);
require_once('include/enotify.php');
notification(array(
'type' => NOTIFY_TAGSELF,
'notify_flags' => $u[0]['notify-flags'],
'language' => $u[0]['language'],
'to_name' => $u[0]['username'],
'to_email' => $u[0]['email'],
'uid' => $u[0]['uid'],
'item' => $item,
'link' => $a->get_baseurl() . '/display/'.urlencode(get_item_guid($item['id'])),
'source_name' => $item['author-name'],
'source_link' => $item['author-link'],
'source_photo' => $photo,
'verb' => ACTIVITY_TAG,
'otype' => 'item',
'parent' => $item['parent']
));
$arr = array('item' => $item, 'user' => $u[0], 'contact' => $r[0]);
call_hooks('tagged', $arr);
if((! $community_page) && (! $prvgroup))
return;
// tgroup delivery - setup a second delivery chain
// prevent delivery looping - only proceed
// if the message originated elsewhere and is a top-level post
if(($item['wall']) || ($item['origin']) || ($item['id'] != $item['parent']))
return;
// now change this copy of the post to a forum head message and deliver to all the tgroup members
$c = q("select name, url, thumb from contact where self = 1 and uid = %d limit 1",
intval($u[0]['uid'])
);
if(! count($c))
return;
// also reset all the privacy bits to the forum default permissions
$private = ($u[0]['allow_cid'] || $u[0]['allow_gid'] || $u[0]['deny_cid'] || $u[0]['deny_gid']) ? 1 : 0;
$forum_mode = (($prvgroup) ? 2 : 1);
q("update item set wall = 1, origin = 1, forum_mode = %d, `owner-name` = '%s', `owner-link` = '%s', `owner-avatar` = '%s',
`private` = %d, `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' where id = %d",
intval($forum_mode),
dbesc($c[0]['name']),
dbesc($c[0]['url']),
dbesc($c[0]['thumb']),
intval($private),
dbesc($u[0]['allow_cid']),
dbesc($u[0]['allow_gid']),
dbesc($u[0]['deny_cid']),
dbesc($u[0]['deny_gid']),
intval($item_id)
);
update_thread($item_id);
proc_run('php','include/notifier.php','tgroup',$item_id);
}
function tgroup_check($uid,$item) {
$a = get_app();
$mention = false;
// check that the message originated elsewhere and is a top-level post
if(($item['wall']) || ($item['origin']) || ($item['uri'] != $item['parent-uri']))
return false;
$u = q("select * from user where uid = %d limit 1",
intval($uid)
);
if(! count($u))
return false;
$community_page = (($u[0]['page-flags'] == PAGE_COMMUNITY) ? true : false);
$prvgroup = (($u[0]['page-flags'] == PAGE_PRVGROUP) ? true : false);
$link = normalise_link($a->get_baseurl() . '/profile/' . $u[0]['nickname']);
// Diaspora uses their own hardwired link URL in @-tags
// instead of the one we supply with webfinger
$dlink = normalise_link($a->get_baseurl() . '/u/' . $u[0]['nickname']);
$cnt = preg_match_all('/[\@\!]\[url\=(.*?)\](.*?)\[\/url\]/ism',$item['body'],$matches,PREG_SET_ORDER);
if($cnt) {
foreach($matches as $mtch) {
if(link_compare($link,$mtch[1]) || link_compare($dlink,$mtch[1])) {
$mention = true;
logger('tgroup_check: mention found: ' . $mtch[2]);
}
}
}
if(! $mention)
return false;
if((! $community_page) && (! $prvgroup))
return false;
return true;
}
function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
$a = get_app();
$idtosend = $orig_id = (($contact['dfrn-id']) ? $contact['dfrn-id'] : $contact['issued-id']);
if($contact['duplex'] && $contact['dfrn-id'])
$idtosend = '0:' . $orig_id;
if($contact['duplex'] && $contact['issued-id'])
$idtosend = '1:' . $orig_id;
$rino = get_config('system','rino_encrypt');
$rino = intval($rino);
logger("Local rino version: ". $rino, LOGGER_DEBUG);
$ssl_val = intval(get_config('system','ssl_policy'));
$ssl_policy = '';
switch($ssl_val){
case SSL_POLICY_FULL:
$ssl_policy = 'full';
break;
case SSL_POLICY_SELFSIGN:
$ssl_policy = 'self';
break;
case SSL_POLICY_NONE:
default:
$ssl_policy = 'none';
break;
}
$url = $contact['notify'] . '&dfrn_id=' . $idtosend . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . (($rino) ? '&rino='.$rino : '');
logger('dfrn_deliver: ' . $url);
$xml = fetch_url($url);
$curl_stat = $a->get_curl_code();
if(! $curl_stat)
return(-1); // timed out
logger('dfrn_deliver: ' . $xml, LOGGER_DATA);
if(! $xml)
return 3;
if(strpos($xml,'<?xml') === false) {
logger('dfrn_deliver: no valid XML returned');
logger('dfrn_deliver: returned XML: ' . $xml, LOGGER_DATA);
return 3;
}
$res = parse_xml_string($xml);
if((intval($res->status) != 0) || (! strlen($res->challenge)) || (! strlen($res->dfrn_id)))
return (($res->status) ? $res->status : 3);
$postvars = array();
$sent_dfrn_id = hex2bin((string) $res->dfrn_id);
$challenge = hex2bin((string) $res->challenge);
$perm = (($res->perm) ? $res->perm : null);
$dfrn_version = (float) (($res->dfrn_version) ? $res->dfrn_version : 2.0);
$rino_remote_version = intval($res->rino);
$page = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0);
logger("Remote rino version: ".$rino_remote_version." for ".$contact["url"], LOGGER_DEBUG);
if($owner['page-flags'] == PAGE_PRVGROUP)
$page = 2;
$final_dfrn_id = '';
if($perm) {
if((($perm == 'rw') && (! intval($contact['writable'])))
|| (($perm == 'r') && (intval($contact['writable'])))) {
q("update contact set writable = %d where id = %d",
intval(($perm == 'rw') ? 1 : 0),
intval($contact['id'])
);
$contact['writable'] = (string) 1 - intval($contact['writable']);
}
}
if(($contact['duplex'] && strlen($contact['pubkey']))
|| ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey']))
|| ($contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey']))) {
openssl_public_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['pubkey']);
openssl_public_decrypt($challenge,$postvars['challenge'],$contact['pubkey']);
}
else {
openssl_private_decrypt($sent_dfrn_id,$final_dfrn_id,$contact['prvkey']);
openssl_private_decrypt($challenge,$postvars['challenge'],$contact['prvkey']);
}
$final_dfrn_id = substr($final_dfrn_id, 0, strpos($final_dfrn_id, '.'));
if(strpos($final_dfrn_id,':') == 1)
$final_dfrn_id = substr($final_dfrn_id,2);
if($final_dfrn_id != $orig_id) {
logger('dfrn_deliver: wrong dfrn_id.');
// did not decode properly - cannot trust this site
return 3;
}
$postvars['dfrn_id'] = $idtosend;
$postvars['dfrn_version'] = DFRN_PROTOCOL_VERSION;
if($dissolve)
$postvars['dissolve'] = '1';
if((($contact['rel']) && ($contact['rel'] != CONTACT_IS_SHARING) && (! $contact['blocked'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) {
$postvars['data'] = $atom;
$postvars['perm'] = 'rw';
}
else {
$postvars['data'] = str_replace('<dfrn:comment-allow>1','<dfrn:comment-allow>0',$atom);
$postvars['perm'] = 'r';
}
$postvars['ssl_policy'] = $ssl_policy;
if($page)
$postvars['page'] = $page;
if($rino>0 && $rino_remote_version>0 && (! $dissolve)) {
logger('rino version: '. $rino_remote_version);
switch($rino_remote_version) {
case 1:
// Deprecated rino version!
$key = substr(random_string(),0,16);
$data = aes_encrypt($postvars['data'],$key);
break;
case 2:
// RINO 2 based on php-encryption
try {
$key = Crypto::createNewRandomKey();
} catch (CryptoTestFailed $ex) {
logger('Cannot safely create a key');
return -1;
} catch (CannotPerformOperation $ex) {
logger('Cannot safely create a key');
return -1;
}
try {
$data = Crypto::encrypt($postvars['data'], $key);
} catch (CryptoTestFailed $ex) {
logger('Cannot safely perform encryption');
return -1;
} catch (CannotPerformOperation $ex) {
logger('Cannot safely perform encryption');
return -1;
}
break;
default:
logger("rino: invalid requested verision '$rino_remote_version'");
return -1;
}
$postvars['rino'] = $rino_remote_version;
$postvars['data'] = bin2hex($data);
#logger('rino: sent key = ' . $key, LOGGER_DEBUG);
if($dfrn_version >= 2.1) {
if(($contact['duplex'] && strlen($contact['pubkey']))
|| ($owner['page-flags'] == PAGE_COMMUNITY && strlen($contact['pubkey']))
|| ($contact['rel'] == CONTACT_IS_SHARING && strlen($contact['pubkey']))) {
openssl_public_encrypt($key,$postvars['key'],$contact['pubkey']);
}
else {
openssl_private_encrypt($key,$postvars['key'],$contact['prvkey']);
}
}
else {
if(($contact['duplex'] && strlen($contact['prvkey'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) {
openssl_private_encrypt($key,$postvars['key'],$contact['prvkey']);
}
else {
openssl_public_encrypt($key,$postvars['key'],$contact['pubkey']);
}
}
logger('md5 rawkey ' . md5($postvars['key']));
$postvars['key'] = bin2hex($postvars['key']);
}
logger('dfrn_deliver: ' . "SENDING: " . print_r($postvars,true), LOGGER_DATA);
$xml = post_url($contact['notify'],$postvars);
logger('dfrn_deliver: ' . "RECEIVED: " . $xml, LOGGER_DATA);
$curl_stat = $a->get_curl_code();
if((! $curl_stat) || (! strlen($xml)))
return(-1); // timed out
if(($curl_stat == 503) && (stristr($a->get_curl_headers(),'retry-after')))
return(-1);
if(strpos($xml,'<?xml') === false) {
logger('dfrn_deliver: phase 2: no valid XML returned');
logger('dfrn_deliver: phase 2: returned XML: ' . $xml, LOGGER_DATA);
return 3;
}
if($contact['term-date'] != '0000-00-00 00:00:00') {
logger("dfrn_deliver: $url back from the dead - removing mark for death");
require_once('include/Contact.php');
unmark_for_death($contact);
}
$res = parse_xml_string($xml);
return $res->status;
}
/*
This function returns true if $update has an edited timestamp newer
than $existing, i.e. $update contains new data which should override
what's already there. If there is no timestamp yet, the update is