From 771163e86056b92713577e55d0b5a3de7299cca4 Mon Sep 17 00:00:00 2001 From: Adam Magness Date: Sat, 13 Jan 2018 09:36:21 -0500 Subject: [PATCH] Move auto_redir function move function into dfrn, rename and update a db insert --- src/Protocol/DFRN.php | 91 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+) diff --git a/src/Protocol/DFRN.php b/src/Protocol/DFRN.php index 509d05e6c..094c37717 100644 --- a/src/Protocol/DFRN.php +++ b/src/Protocol/DFRN.php @@ -8,6 +8,7 @@ */ namespace Friendica\Protocol; +use Friendica\App; use Friendica\Content\OEmbed; use Friendica\Core\Config; use Friendica\Core\System; @@ -3080,4 +3081,94 @@ class DFRN logger("Import done for user " . $importer["uid"] . " from contact " . $importer["id"], LOGGER_DEBUG); return 200; } + + /** + * @param App $a App + * @param string $contact_nick contact nickname + */ + public static function autoRedir(App $a, $contact_nick) + { + // prevent looping + if (x($_REQUEST, 'redir') && intval($_REQUEST['redir'])) { + return; + } + + if ((! $contact_nick) || ($contact_nick === $a->user['nickname'])) { + return; + } + + if (local_user()) { + // We need to find out if $contact_nick is a user on this hub, and if so, if I + // am a contact of that user. However, that user may have other contacts with the + // same nickname as me on other hubs or other networks. Exclude these by requiring + // that the contact have a local URL. I will be the only person with my nickname at + // this URL, so if a result is found, then I am a contact of the $contact_nick user. + // + // We also have to make sure that I'm a legitimate contact--I'm not blocked or pending. + + $baseurl = System::baseUrl(); + $domain_st = strpos($baseurl, "://"); + if ($domain_st === false) { + return; + } + $baseurl = substr($baseurl, $domain_st + 3); + $nurl = normalise_link($baseurl); + + /// @todo Why is there a query for "url" *and* "nurl"? Especially this normalising is strange. + $r = q("SELECT `id` FROM `contact` WHERE `uid` = (SELECT `uid` FROM `user` WHERE `nickname` = '%s' LIMIT 1) + AND `nick` = '%s' AND NOT `self` AND (`url` LIKE '%%%s%%' OR `nurl` LIKE '%%%s%%') AND NOT `blocked` AND NOT `pending` LIMIT 1", + dbesc($contact_nick), + dbesc($a->user['nickname']), + dbesc($baseurl), + dbesc($nurl) + ); + if ((! DBM::is_result($r)) || $r[0]['id'] == remote_user()) { + return; + } + + $r = q("SELECT * FROM contact WHERE nick = '%s' + AND network = '%s' AND uid = %d AND url LIKE '%%%s%%' LIMIT 1", + dbesc($contact_nick), + dbesc(NETWORK_DFRN), + intval(local_user()), + dbesc($baseurl) + ); + if (! DBM::is_result($r)) { + return; + } + + $cid = $r[0]['id']; + + $dfrn_id = (($r[0]['issued-id']) ? $r[0]['issued-id'] : $r[0]['dfrn-id']); + + if ($r[0]['duplex'] && $r[0]['issued-id']) { + $orig_id = $r[0]['issued-id']; + $dfrn_id = '1:' . $orig_id; + } + if ($r[0]['duplex'] && $r[0]['dfrn-id']) { + $orig_id = $r[0]['dfrn-id']; + $dfrn_id = '0:' . $orig_id; + } + + // ensure that we've got a valid ID. There may be some edge cases with forums and non-duplex mode + // that may have triggered some of the "went to {profile/intro} and got an RSS feed" issues + + if (strlen($dfrn_id) < 3) { + return; + } + + $sec = random_string(); + + dba::insert('profile_check', ['uid' => local_user(), 'cid' => $cid, 'dfrn_id' => $dfrn_id, 'sec' => $sec, 'expire' => time() + 45]); + + $url = curPageURL(); + + logger('auto_redir: ' . $r[0]['name'] . ' ' . $sec, LOGGER_DEBUG); + $dest = (($url) ? '&destination_url=' . $url : ''); + goaway($r[0]['poll'] . '?dfrn_id=' . $dfrn_id + . '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&type=profile&sec=' . $sec . $dest); + } + + return; + } }