toddy/friendica-addons
1
0
Fork 0
forked from friendica/friendica-addons
Code Pull requests Activity

Merge pull request #460 from MrPetovan/task/3942-add-user-authenticate

Browse source 
Use User::authenticate
This commit is contained in:
Michael Vogel 2017-12-02 09:05:18 +01:00 committed by GitHub
parent 3a1b172d08 eadf7066e0
commit 7a447e507e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 542 additions and 538 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

54
dav/friendica/dav_friendica_auth.inc.php
View file

@ -1,41 +1,41 @@
<?php
class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic {
public function __construct() {
}
use Friendica\Model\User;
class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic
{
/**
* @var Sabre_DAV_Auth_Backend_Std|null
*/
private static $intstance = null;
private static $instance = null;
/**
* @static
* @return Sabre_DAV_Auth_Backend_Std
*/
public static function &getInstance() {
if (is_null(self::$intstance)) {
self::$intstance = new Sabre_DAV_Auth_Backend_Std();
public static function getInstance()
{
if (is_null(self::$instance)) {
self::$instance = new Sabre_DAV_Auth_Backend_Std();
}
return self::$intstance;
return self::$instance;
}
/**
* @return array
*/
public function getUsers() {
return array($this->currentUser);
}
public function getUsers()
{
return array($this->currentUser);
}
/**
* @return null|string
*/
public function getCurrentUser() {
return $this->currentUser;
}
public function getCurrentUser()
{
return $this->currentUser;
}
/**
* Authenticates the user based on the current request.
@ -48,8 +48,8 @@ class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic {
* @throws Sabre_DAV_Exception_NotAuthenticated
* @return bool
*/
public function authenticate(Sabre_DAV_Server $server, $realm) {
public function authenticate(Sabre_DAV_Server $server, $realm)
{
$a = get_app();
if (isset($a->user["uid"])) {
$this->currentUser = strtolower($a->user["nickname"]);
@ -67,7 +67,7 @@ class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic {
}
// Authenticates the user
if (!$this->validateUserPass($userpass[0],$userpass[1])) {
if (!$this->validateUserPass($userpass[0], $userpass[1])) {
$auth->requireLogin();
throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match');
}
@ -75,19 +75,13 @@ class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic {
return true;
}
/**
* @param string $username
* @param string $password
* @return bool
*/
protected function validateUserPass($username, $password) {
$encrypted = hash('whirlpool',trim($password));
$r = q("SELECT COUNT(*) anz FROM `user` WHERE `nickname` = '%s' AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
dbesc(trim($username)),
dbesc($encrypted)
);
return ($r[0]["anz"] == 1);
}
protected function validateUserPass($username, $password)
{
return User::authenticate($username, $password);
}
}

674
jappixmini/jappixmini.php
View file

@ -1,13 +1,12 @@
<?php
/**
* Name: jappixmini
* Description: Provides a Facebook-like chat using Jappix Mini
* Version: 1.0.1
* Author: leberwurscht <leberwurscht@hoegners.de>
*
*/
* Name: jappixmini
* Description: Provides a Facebook-like chat using Jappix Mini
* Version: 1.0.1
* Author: leberwurscht <leberwurscht@hoegners.de>
*
*/
//
// Copyright 2012 "Leberwurscht" <leberwurscht@hoegners.de>
//
@ -16,141 +15,151 @@
/*
Problem:
* jabber password should not be stored on server
* jabber password should not be sent between server and browser as soon as the user is logged in
* jabber password should not be reconstructible from communication between server and browser as soon as the user is logged in
Problem:
* jabber password should not be stored on server
* jabber password should not be sent between server and browser as soon as the user is logged in
* jabber password should not be reconstructible from communication between server and browser as soon as the user is logged in
Solution:
Only store an encrypted version of the jabber password on the server. The encryption key is only available to the browser
and not to the server (at least as soon as the user is logged in). It can be stored using the jappix setDB function.
Solution:
Only store an encrypted version of the jabber password on the server. The encryption key is only available to the browser
and not to the server (at least as soon as the user is logged in). It can be stored using the jappix setDB function.
This encryption key could be the friendica password, but then this password would be stored in the browser in cleartext.
It is better to use a hash of the password.
The server should not be able to reconstruct the password, so we can't take the same hash the server stores. But we can
use hash("some_prefix"+password). This will however not work with OpenID logins, for this type of login the password must
be queried manually.
This encryption key could be the friendica password, but then this password would be stored in the browser in cleartext.
It is better to use a hash of the password.
The server should not be able to reconstruct the password, so we can't take the same hash the server stores. But we can
use hash("some_prefix"+password). This will however not work with OpenID logins, for this type of login the password must
be queried manually.
Problem:
How to discover the jabber addresses of the friendica contacts?
Problem:
How to discover the jabber addresses of the friendica contacts?
Solution:
Each Friendica site with this addon provides a /jappixmini/ module page. We go through our contacts and retrieve
this information every week using a cron hook.
Solution:
Each Friendica site with this addon provides a /jappixmini/ module page. We go through our contacts and retrieve
this information every week using a cron hook.
Problem:
We do not want to make the jabber address public.
Problem:
We do not want to make the jabber address public.
Solution:
When two friendica users connect using DFRN, the relation gets a DFRN ID and a keypair is generated.
Using this keypair, we can provide the jabber address only to contacts:
Solution:
When two friendica users connect using DFRN, the relation gets a DFRN ID and a keypair is generated.
Using this keypair, we can provide the jabber address only to contacts:
Alice:
Alice:
signed_address = openssl_*_encrypt(alice_jabber_address)
send signed_address to Bob, who does
send signed_address to Bob, who does
trusted_address = openssl_*_decrypt(signed_address)
save trusted_address
encrypted_address = openssl_*_encrypt(bob_jabber_address)
reply with encrypted_address to Alice, who does
reply with encrypted_address to Alice, who does
decrypted_address = openssl_*_decrypt(encrypted_address)
save decrypted_address
Interface for this:
GET /jappixmini/?role=%s&signed_address=%s&dfrn_id=%s
Interface for this:
GET /jappixmini/?role=%s&signed_address=%s&dfrn_id=%s
Response:
json({"status":"ok", "encrypted_address":"%s"})
Response:
json({"status":"ok", "encrypted_address":"%s"})
*/
*/
use Friendica\App;
use Friendica\Core\Config;
use Friendica\Core\PConfig;
use Friendica\Model\User;
function jappixmini_install() {
register_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings');
register_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post');
function jappixmini_install()
{
register_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings');
register_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post');
register_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script');
register_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login');
register_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script');
register_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login');
register_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron');
register_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron');
// Jappix source download as required by AGPL
register_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source');
// Jappix source download as required by AGPL
register_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source');
// set standard configuration
$info_text = Config::get("jappixmini", "infotext");
if (!$info_text) set_confConfig::setig("jappixmini", "infotext",
"To get the chat working, you need to know a BOSH host which works with your Jabber account. ".
"An example of a BOSH server that works for all accounts is https://bind.jappix.com/, but keep ".
"in mind that the BOSH server can read along all chat messages. If you know that your Jabber ".
"server also provides an own BOSH server, it is much better to use this one!"
);
// set standard configuration
$info_text = Config::get("jappixmini", "infotext");
if (!$info_text)
set_confConfig::setig("jappixmini", "infotext", "To get the chat working, you need to know a BOSH host which works with your Jabber account. " .
"An example of a BOSH server that works for all accounts is https://bind.jappix.com/, but keep " .
"in mind that the BOSH server can read along all chat messages. If you know that your Jabber " .
"server also provides an own BOSH server, it is much better to use this one!"
);
$bosh_proxy = Config::get("jappixmini", "bosh_proxy");
if ($bosh_proxy==="") Config::set("jappixmini", "bosh_proxy", "1");
$bosh_proxy = Config::get("jappixmini", "bosh_proxy");
if ($bosh_proxy === "") {
Config::set("jappixmini", "bosh_proxy", "1");
}
// set addon version so that safe updates are possible later
$addon_version = Config::get("jappixmini", "version");
if ($addon_version==="") Config::set("jappixmini", "version", "1");
// set addon version so that safe updates are possible later
$addon_version = Config::get("jappixmini", "version");
if ($addon_version === "") {
Config::set("jappixmini", "version", "1");
}
}
function jappixmini_uninstall()
{
unregister_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings');
unregister_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post');
function jappixmini_uninstall() {
unregister_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings');
unregister_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post');
unregister_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script');
unregister_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login');
unregister_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script');
unregister_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login');
unregister_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron');
unregister_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron');
unregister_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source');
unregister_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source');
}
function jappixmini_plugin_admin(&$a, &$o) {
function jappixmini_plugin_admin(App $a, &$o)
{
// display instructions and warnings on addon settings page for admin
if (!file_exists("addon/jappixmini.tgz")) {
$o .= '<p><strong style="color:#fff;background-color:#f00">The source archive jappixmini.tgz does not exist. This is probably a violation of the Jappix License (AGPL).</strong></p>';
}
// warn if cron job has not yet been executed
$cron_run = Config::get("jappixmini", "last_cron_execution");
if (!$cron_run) $o .= "<p><strong>Warning: The cron job has not yet been executed. If this message is still there after some time (usually 10 minutes), this means that autosubscribe and autoaccept will not work.</strong></p>";
if (!$cron_run) {
$o .= "<p><strong>Warning: The cron job has not yet been executed. If this message is still there after some time (usually 10 minutes), this means that autosubscribe and autoaccept will not work.</strong></p>";
}
// bosh proxy
$bosh_proxy = intval(Config::get("jappixmini", "bosh_proxy"));
$bosh_proxy = intval($bosh_proxy) ? ' checked="checked"' : '';
$o .= '<label for="jappixmini-proxy">Activate BOSH proxy</label>';
$o .= ' <input id="jappixmini-proxy" type="checkbox" name="jappixmini-proxy" value="1"'.$bosh_proxy.' /><br />';
$o .= ' <input id="jappixmini-proxy" type="checkbox" name="jappixmini-proxy" value="1"' . $bosh_proxy . ' /><br />';
// bosh address
$bosh_address = Config::get("jappixmini", "bosh_address");
$o .= '<p><label for="jappixmini-address">Adress of the default BOSH proxy. If enabled it overrides the user settings:</label><br />';
$o .= '<input id="jappixmini-address" type="text" name="jappixmini-address" value="'.$bosh_address.'" /></p>';
$o .= '<input id="jappixmini-address" type="text" name="jappixmini-address" value="' . $bosh_address . '" /></p>';
// default server address
$default_server = Config::get("jappixmini", "default_server");
$o .= '<p><label for="jappixmini-server">Adress of the default jabber server:</label><br />';
$o .= '<input id="jappixmini-server" type="text" name="jappixmini-server" value="'.$default_server.'" /></p>';
$o .= '<input id="jappixmini-server" type="text" name="jappixmini-server" value="' . $default_server . '" /></p>';
// default user name to friendica nickname
$default_user = intval(Config::get("jappixmini", "default_user"));
$default_user = intval($default_user) ? ' checked="checked"' : '';
$o .= '<label for="jappixmini-user">Set the default username to the nickname:</label>';
$o .= ' <input id="jappixmini-user" type="checkbox" name="jappixmini-defaultuser" value="1"'.$default_user.' /><br />';
$o .= ' <input id="jappixmini-user" type="checkbox" name="jappixmini-defaultuser" value="1"' . $default_user . ' /><br />';
// info text field
$info_text = Config::get("jappixmini", "infotext");
$o .= '<p><label for="jappixmini-infotext">Info text to help users with configuration (important if you want to provide your own BOSH host!):</label><br />';
$o .= '<textarea id="jappixmini-infotext" name="jappixmini-infotext" rows="5" cols="50">'.htmlentities($info_text).'</textarea></p>';
$o .= '<textarea id="jappixmini-infotext" name="jappixmini-infotext" rows="5" cols="50">' . htmlentities($info_text) . '</textarea></p>';
// submit button
$o .= '<input type="submit" name="jappixmini-admin-settings" value="OK" />';
}
function jappixmini_plugin_admin_post(&$a) {
function jappixmini_plugin_admin_post(App $a)
{
// set info text
$submit = $_REQUEST['jappixmini-admin-settings'];
if ($submit) {
@ -167,29 +176,35 @@ function jappixmini_plugin_admin_post(&$a) {
}
}
function jappixmini_module() {}
function jappixmini_init(&$a) {
// module page where other Friendica sites can submit Jabber addresses to and also can query Jabber addresses
// of local users
function jappixmini_module()
{
}
function jappixmini_init()
{
// module page where other Friendica sites can submit Jabber addresses to and also can query Jabber addresses
// of local users
$dfrn_id = $_REQUEST["dfrn_id"];
if (!$dfrn_id) killme();
if (!$dfrn_id) {
killme();
}
$role = $_REQUEST["role"];
if ($role=="pub") {
$r = q("SELECT * FROM `contact` WHERE LENGTH(`pubkey`) AND `dfrn-id`='%s' LIMIT 1",
dbesc($dfrn_id)
);
if (!count($r)) killme();
if ($role == "pub") {
$r = q("SELECT * FROM `contact` WHERE LENGTH(`pubkey`) AND `dfrn-id`='%s' LIMIT 1", dbesc($dfrn_id));
if (!count($r)) {
killme();
}
$encrypt_func = openssl_public_encrypt;
$decrypt_func = openssl_public_decrypt;
$key = $r[0]["pubkey"];
} else if ($role=="prv") {
$r = q("SELECT * FROM `contact` WHERE LENGTH(`prvkey`) AND `issued-id`='%s' LIMIT 1",
dbesc($dfrn_id)
);
if (!count($r)) killme();
} else if ($role == "prv") {
$r = q("SELECT * FROM `contact` WHERE LENGTH(`prvkey`) AND `issued-id`='%s' LIMIT 1", dbesc($dfrn_id));
if (!count($r)) {
killme();
}
$encrypt_func = openssl_private_encrypt;
$decrypt_func = openssl_private_decrypt;
@ -211,11 +226,14 @@ function jappixmini_init(&$a) {
$now = intval(time());
PConfig::set($uid, "jappixmini", "id:$dfrn_id", "$now:$trusted_address");
} catch (Exception $e) {
}
// do not return an address if user deactivated plugin
$activated = PConfig::get($uid, 'jappixmini', 'activate');
if (!$activated) killme();
if (!$activated) {
killme();
}
// return the requested Jabber address
try {
@ -229,8 +247,8 @@ function jappixmini_init(&$a) {
$encrypted_address_hex = bin2hex($encrypted_address);
$answer = Array(
"status"=>"ok",
"encrypted_address"=>$encrypted_address_hex
"status" => "ok",
"encrypted_address" => $encrypted_address_hex
);
$answer_json = json_encode($answer);
@ -241,118 +259,128 @@ function jappixmini_init(&$a) {
}
}
function jappixmini_settings(&$a, &$s) {
// addon settings for a user
function jappixmini_settings(App $a, &$s)
{
// addon settings for a user
$activate = PConfig::get(local_user(), 'jappixmini', 'activate');
$activate = intval($activate) ? ' checked="checked"' : '';
$dontinsertchat = PConfig::get(local_user(), 'jappixmini', 'dontinsertchat');
$insertchat = !(intval($dontinsertchat) ? ' checked="checked"' : '');
$activate = PConfig::get(local_user(),'jappixmini','activate');
$activate = intval($activate) ? ' checked="checked"' : '';
$dontinsertchat = PConfig::get(local_user(),'jappixmini','dontinsertchat');
$insertchat = !(intval($dontinsertchat) ? ' checked="checked"' : '');
$defaultbosh = Config::get("jappixmini", "bosh_address");
$defaultbosh = Config::get("jappixmini", "bosh_address");
if ($defaultbosh != "") {
PConfig::set(local_user(), 'jappixmini', 'bosh', $defaultbosh);
}
if ($defaultbosh != "")
PConfig::set(local_user(),'jappixmini','bosh', $defaultbosh);
$username = PConfig::get(local_user(), 'jappixmini', 'username');
$username = htmlentities($username);
$server = PConfig::get(local_user(), 'jappixmini', 'server');
$server = htmlentities($server);
$bosh = PConfig::get(local_user(), 'jappixmini', 'bosh');
$bosh = htmlentities($bosh);
$password = PConfig::get(local_user(), 'jappixmini', 'password');
$autosubscribe = PConfig::get(local_user(), 'jappixmini', 'autosubscribe');
$autosubscribe = intval($autosubscribe) ? ' checked="checked"' : '';
$autoapprove = PConfig::get(local_user(), 'jappixmini', 'autoapprove');
$autoapprove = intval($autoapprove) ? ' checked="checked"' : '';
$encrypt = intval(PConfig::get(local_user(), 'jappixmini', 'encrypt'));
$encrypt_checked = $encrypt ? ' checked="checked"' : '';
$encrypt_disabled = $encrypt ? '' : ' disabled="disabled"';
$username = PConfig::get(local_user(),'jappixmini','username');
$username = htmlentities($username);
$server = PConfig::get(local_user(),'jappixmini','server');
$server = htmlentities($server);
$bosh = PConfig::get(local_user(),'jappixmini','bosh');
$bosh = htmlentities($bosh);
$password = PConfig::get(local_user(),'jappixmini','password');
$autosubscribe = PConfig::get(local_user(),'jappixmini','autosubscribe');
$autosubscribe = intval($autosubscribe) ? ' checked="checked"' : '';
$autoapprove = PConfig::get(local_user(),'jappixmini','autoapprove');
$autoapprove = intval($autoapprove) ? ' checked="checked"' : '';
$encrypt = intval(PConfig::get(local_user(),'jappixmini','encrypt'));
$encrypt_checked = $encrypt ? ' checked="checked"' : '';
$encrypt_disabled = $encrypt ? '' : ' disabled="disabled"';
if ($server == "") {
$server = Config::get("jappixmini", "default_server");
}
if ($server == "")
$server = Config::get("jappixmini", "default_server");
if (($username == "") && Config::get("jappixmini", "default_user")) {
$username = $a->user["nickname"];
}
if (($username == "") && Config::get("jappixmini", "default_user"))
$username = $a->user["nickname"];
$info_text = Config::get("jappixmini", "infotext");
$info_text = htmlentities($info_text);
$info_text = str_replace("\n", "<br />", $info_text);
$info_text = Config::get("jappixmini", "infotext");
$info_text = htmlentities($info_text);
$info_text = str_replace("\n", "<br />", $info_text);
// count contacts
$r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%'", local_user());
if (count($r)) {
$contact_cnt = $r[0]["cnt"];
} else {
$contact_cnt = 0;
}
// count contacts
$r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%'", local_user());
if (count($r)) $contact_cnt = $r[0]["cnt"];
else $contact_cnt = 0;
// count jabber addresses
$r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%' AND `v` LIKE '%%@%%'", local_user());
if (count($r)) {
$address_cnt = $r[0]["cnt"];
} else {
$address_cnt = 0;
}
// count jabber addresses
$r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%' AND `v` LIKE '%%@%%'", local_user());
if (count($r)) $address_cnt = $r[0]["cnt"];
else $address_cnt = 0;
if (!$activate) {
// load scripts if not yet activated so that password can be saved
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;g=mini.xml"></script>' . "\r\n";
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=presence.js~caps.js~name.js~roster.js"></script>' . "\r\n";
if (!$activate) {
// load scripts if not yet activated so that password can be saved
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;g=mini.xml"></script>'."\r\n";
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=presence.js~caps.js~name.js~roster.js"></script>'."\r\n";
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>' . "\r\n";
}
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>'."\r\n";
}
$s .= '<span id="settings_jappixmini_inflated" class="settings-block fakelink" style="display: block;" onclick="openClose(\'settings_jappixmini_expanded\'); openClose(\'settings_jappixmini_inflated\');">';
$s .= '<h3>' . t('Jappix Mini') . '</h3>';
$s .= '</span>';
$s .= '<div id="settings_jappixmini_expanded" class="settings-block" style="display: none;">';
$s .= '<span class="fakelink" onclick="openClose(\'settings_jappixmini_expanded\'); openClose(\'settings_jappixmini_inflated\');">';
$s .= '<h3>' . t('Jappix Mini') . '</h3>';
$s .= '</span>';
$s .= '<span id="settings_jappixmini_inflated" class="settings-block fakelink" style="display: block;" onclick="openClose(\'settings_jappixmini_expanded\'); openClose(\'settings_jappixmini_inflated\');">';
$s .= '<h3>'.t('Jappix Mini').'</h3>';
$s .= '</span>';
$s .= '<div id="settings_jappixmini_expanded" class="settings-block" style="display: none;">';
$s .= '<span class="fakelink" onclick="openClose(\'settings_jappixmini_expanded\'); openClose(\'settings_jappixmini_inflated\');">';
$s .= '<h3>'.t('Jappix Mini').'</h3>';
$s .= '</span>';
$s .= '<label for="jappixmini-activate">'.t('Activate addon').'</label>';
$s .= ' <input id="jappixmini-activate" type="checkbox" name="jappixmini-activate" value="1"'.$activate.' />';
$s .= '<br />';
$s .= '<label for"jappixmini-dont-insertchat">'.t('Do <em>not</em> insert the Jappixmini Chat-Widget into the webinterface').'</label>';
$s .= '<input id="jappixmini-dont-insertchat" type="checkbox" name="jappixmini-dont-insertchat" value="1"'.$insertchat.' />';
$s .= '<br />';
$s .= '<label for="jappixmini-username">'.t('Jabber username').'</label>';
$s .= ' <input id="jappixmini-username" type="text" name="jappixmini-username" value="'.$username.'" />';
$s .= '<br />';
$s .= '<label for="jappixmini-server">'.t('Jabber server').'</label>';
$s .= ' <input id="jappixmini-server" type="text" name="jappixmini-server" value="'.$server.'" />';
$s .= '<br />';
if ($defaultbosh == "") {
$s .= '<label for="jappixmini-bosh">'.t('Jabber BOSH host').'</label>';
$s .= ' <input id="jappixmini-bosh" type="text" name="jappixmini-bosh" value="'.$bosh.'" />';
$s .= '<label for="jappixmini-activate">' . t('Activate addon') . '</label>';
$s .= ' <input id="jappixmini-activate" type="checkbox" name="jappixmini-activate" value="1"' . $activate . ' />';
$s .= '<br />';
$s .= '<label for"jappixmini-dont-insertchat">' . t('Do <em>not</em> insert the Jappixmini Chat-Widget into the webinterface') . '</label>';
$s .= '<input id="jappixmini-dont-insertchat" type="checkbox" name="jappixmini-dont-insertchat" value="1"' . $insertchat . ' />';
$s .= '<br />';
$s .= '<label for="jappixmini-username">' . t('Jabber username') . '</label>';
$s .= ' <input id="jappixmini-username" type="text" name="jappixmini-username" value="' . $username . '" />';
$s .= '<br />';
$s .= '<label for="jappixmini-server">' . t('Jabber server') . '</label>';
$s .= ' <input id="jappixmini-server" type="text" name="jappixmini-server" value="' . $server . '" />';
$s .= '<br />';
}
if ($defaultbosh == "") {
$s .= '<label for="jappixmini-bosh">' . t('Jabber BOSH host') . '</label>';
$s .= ' <input id="jappixmini-bosh" type="text" name="jappixmini-bosh" value="' . $bosh . '" />';
$s .= '<br />';
}
$s .= '<label for="jappixmini-password">'.t('Jabber password').'</label>';
$s .= ' <input type="hidden" id="jappixmini-password" name="jappixmini-encrypted-password" value="'.$password.'" />';
$s .= ' <input id="jappixmini-clear-password" type="password" value="" onchange="jappixmini_set_password();" />';
$s .= '<br />';
$onchange = "document.getElementById('jappixmini-friendica-password').disabled = !this.checked;jappixmini_set_password();";
$s .= '<label for="jappixmini-encrypt">'.t('Encrypt Jabber password with Friendica password (recommended)').'</label>';
$s .= ' <input id="jappixmini-encrypt" type="checkbox" name="jappixmini-encrypt" onchange="'.$onchange.'" value="1"'.$encrypt_checked.' />';
$s .= '<br />';
$s .= '<label for="jappixmini-friendica-password">'.t('Friendica password').'</label>';
$s .= ' <input id="jappixmini-friendica-password" name="jappixmini-friendica-password" type="password" onchange="jappixmini_set_password();" value=""'.$encrypt_disabled.' />';
$s .= '<br />';
$s .= '<label for="jappixmini-autoapprove">'.t('Approve subscription requests from Friendica contacts automatically').'</label>';
$s .= ' <input id="jappixmini-autoapprove" type="checkbox" name="jappixmini-autoapprove" value="1"'.$autoapprove.' />';
$s .= '<br />';
$s .= '<label for="jappixmini-autosubscribe">'.t('Subscribe to Friendica contacts automatically').'</label>';
$s .= ' <input id="jappixmini-autosubscribe" type="checkbox" name="jappixmini-autosubscribe" value="1"'.$autosubscribe.' />';
$s .= '<br />';
$s .= '<label for="jappixmini-purge">'.t('Purge internal list of jabber addresses of contacts').'</label>';
$s .= ' <input id="jappixmini-purge" type="checkbox" name="jappixmini-purge" value="1" />';
$s .= '<br />';
if ($info_text) $s .= '<br />Configuration help:<p style="margin-left:2em;">'.$info_text.'</p>';
$s .= '<br />Status:<p style="margin-left:2em;">Addon knows '.$address_cnt.' Jabber addresses of '.$contact_cnt.' Friendica contacts (takes some time, usually 10 minutes, to update).</p>';
$s .= '<input type="submit" name="jappixmini-submit" value="' . t('Save Settings') . '" />';
$s .= ' <input type="button" value="'.t('Add contact').'" onclick="jappixmini_addon_subscribe();" />';
$s .= '<label for="jappixmini-password">' . t('Jabber password') . '</label>';
$s .= ' <input type="hidden" id="jappixmini-password" name="jappixmini-encrypted-password" value="' . $password . '" />';
$s .= ' <input id="jappixmini-clear-password" type="password" value="" onchange="jappixmini_set_password();" />';
$s .= '<br />';
$onchange = "document.getElementById('jappixmini-friendica-password').disabled = !this.checked;jappixmini_set_password();";
$s .= '<label for="jappixmini-encrypt">' . t('Encrypt Jabber password with Friendica password (recommended)') . '</label>';
$s .= ' <input id="jappixmini-encrypt" type="checkbox" name="jappixmini-encrypt" onchange="' . $onchange . '" value="1"' . $encrypt_checked . ' />';
$s .= '<br />';
$s .= '<label for="jappixmini-friendica-password">' . t('Friendica password') . '</label>';
$s .= ' <input id="jappixmini-friendica-password" name="jappixmini-friendica-password" type="password" onchange="jappixmini_set_password();" value=""' . $encrypt_disabled . ' />';
$s .= '<br />';
$s .= '<label for="jappixmini-autoapprove">' . t('Approve subscription requests from Friendica contacts automatically') . '</label>';
$s .= ' <input id="jappixmini-autoapprove" type="checkbox" name="jappixmini-autoapprove" value="1"' . $autoapprove . ' />';
$s .= '<br />';
$s .= '<label for="jappixmini-autosubscribe">' . t('Subscribe to Friendica contacts automatically') . '</label>';
$s .= ' <input id="jappixmini-autosubscribe" type="checkbox" name="jappixmini-autosubscribe" value="1"' . $autosubscribe . ' />';
$s .= '<br />';
$s .= '<label for="jappixmini-purge">' . t('Purge internal list of jabber addresses of contacts') . '</label>';
$s .= ' <input id="jappixmini-purge" type="checkbox" name="jappixmini-purge" value="1" />';
$s .= '<br />';
if ($info_text) {
$s .= '<br />Configuration help:<p style="margin-left:2em;">' . $info_text . '</p>';
}
$s .= '<br />Status:<p style="margin-left:2em;">Addon knows ' . $address_cnt . ' Jabber addresses of ' . $contact_cnt . ' Friendica contacts (takes some time, usually 10 minutes, to update).</p>';
$s .= '<input type="submit" name="jappixmini-submit" value="' . t('Save Settings') . '" />';
$s .= ' <input type="button" value="' . t('Add contact') . '" onclick="jappixmini_addon_subscribe();" />';
$s .= '</div>';
$s .= '</div>';
$a->page['htmlhead'] .= "<script type=\"text/javascript\">
$a->page['htmlhead'] .= "<script type=\"text/javascript\">
function jappixmini_set_password() {
encrypt = document.getElementById('jappixmini-encrypt').checked;
password = document.getElementById('jappixmini-password');
@ -388,22 +416,20 @@ function jappixmini_settings(&$a, &$s) {
</script>";
}
function jappixmini_settings_post(&$a,&$b) {
function jappixmini_settings_post(App $a, &$b)
{
// save addon settings for a user
if(! local_user()) return;
if (!local_user()) {
return;
}
$uid = local_user();
if($_POST['jappixmini-submit']) {
if ($_POST['jappixmini-submit']) {
$encrypt = intval($b['jappixmini-encrypt']);
if ($encrypt) {
// check that Jabber password was encrypted with correct Friendica password
$friendica_password = trim($b['jappixmini-friendica-password']);
$encrypted = hash('whirlpool',$friendica_password);
$r = q("SELECT * FROM `user` WHERE `uid`=$uid AND `password`='%s'",
dbesc($encrypted)
);
if (!count($r)) {
if (!User::authenticate((int) $uid, $friendica_password)) {
info("Wrong friendica password!");
return;
}
@ -412,142 +438,152 @@ function jappixmini_settings_post(&$a,&$b) {
$purge = intval($b['jappixmini-purge']);
$username = trim($b['jappixmini-username']);
$old_username = PConfig::get($uid,'jappixmini','username');
if ($username!=$old_username) $purge = 1;
$old_username = PConfig::get($uid, 'jappixmini', 'username');
if ($username != $old_username) {
$purge = 1;
}
$server = trim($b['jappixmini-server']);
$old_server = PConfig::get($uid,'jappixmini','server');
if ($server!=$old_server) $purge = 1;
$old_server = PConfig::get($uid, 'jappixmini', 'server');
if ($server != $old_server) {
$purge = 1;
}
PConfig::set($uid,'jappixmini','username',$username);
PConfig::set($uid,'jappixmini','server',$server);
PConfig::set($uid,'jappixmini','bosh',trim($b['jappixmini-bosh']));
PConfig::set($uid,'jappixmini','password',trim($b['jappixmini-encrypted-password']));
PConfig::set($uid,'jappixmini','autosubscribe',intval($b['jappixmini-autosubscribe']));
PConfig::set($uid,'jappixmini','autoapprove',intval($b['jappixmini-autoapprove']));
PConfig::set($uid,'jappixmini','activate',intval($b['jappixmini-activate']));
PConfig::set($uid,'jappixmini','dontinsertchat',intval($b['jappixmini-dont-insertchat']));
PConfig::set($uid,'jappixmini','encrypt',$encrypt);
info( 'Jappix Mini settings saved.' );
PConfig::set($uid, 'jappixmini', 'username' , $username);
PConfig::set($uid, 'jappixmini', 'server' , $server);
PConfig::set($uid, 'jappixmini', 'bosh' , trim($b['jappixmini-bosh']));
PConfig::set($uid, 'jappixmini', 'password' , trim($b['jappixmini-encrypted-password']));
PConfig::set($uid, 'jappixmini', 'autosubscribe' , intval($b['jappixmini-autosubscribe']));
PConfig::set($uid, 'jappixmini', 'autoapprove' , intval($b['jappixmini-autoapprove']));
PConfig::set($uid, 'jappixmini', 'activate' , intval($b['jappixmini-activate']));
PConfig::set($uid, 'jappixmini', 'dontinsertchat', intval($b['jappixmini-dont-insertchat']));
PConfig::set($uid, 'jappixmini', 'encrypt' , $encrypt);
info('Jappix Mini settings saved.');
if ($purge) {
q("DELETE FROM `pconfig` WHERE `uid`=$uid AND `cat`='jappixmini' AND `k` LIKE 'id:%%'");
info( 'List of addresses purged.' );
info('List of addresses purged.');
}
}
}
function jappixmini_script(&$a,&$s) {
// adds the script to the page header which starts Jappix Mini
function jappixmini_script(App $a)
{
// adds the script to the page header which starts Jappix Mini
if (!local_user()) {
return;
}
if(! local_user()) return;
if ($_GET["mode"] == "minimal") {
return;
}
if ($_GET["mode"] == "minimal")
return;
$activate = PConfig::get(local_user(), 'jappixmini', 'activate');
$dontinsertchat = PConfig::get(local_user(), 'jappixmini', 'dontinsertchat');
if (!$activate || $dontinsertchat) {
return;
}
$activate = PConfig::get(local_user(),'jappixmini','activate');
$dontinsertchat = PConfig::get(local_user(), 'jappixmini','dontinsertchat');
if (!$activate || $dontinsertchat) return;
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;g=mini.xml"></script>' . "\r\n";
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=presence.js~caps.js~name.js~roster.js"></script>' . "\r\n";
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;g=mini.xml"></script>'."\r\n";
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=presence.js~caps.js~name.js~roster.js"></script>'."\r\n";
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>' . "\r\n";
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>'."\r\n";
$username = PConfig::get(local_user(), 'jappixmini', 'username');
$username = str_replace("'", "\\'", $username);
$server = PConfig::get(local_user(), 'jappixmini', 'server');
$server = str_replace("'", "\\'", $server);
$bosh = PConfig::get(local_user(), 'jappixmini', 'bosh');
$bosh = str_replace("'", "\\'", $bosh);
$encrypt = PConfig::get(local_user(), 'jappixmini', 'encrypt');
$encrypt = intval($encrypt);
$password = PConfig::get(local_user(), 'jappixmini', 'password');
$password = str_replace("'", "\\'", $password);
$username = PConfig::get(local_user(),'jappixmini','username');
$username = str_replace("'", "\\'", $username);
$server = PConfig::get(local_user(),'jappixmini','server');
$server = str_replace("'", "\\'", $server);
$bosh = PConfig::get(local_user(),'jappixmini','bosh');
$bosh = str_replace("'", "\\'", $bosh);
$encrypt = PConfig::get(local_user(),'jappixmini','encrypt');
$encrypt = intval($encrypt);
$password = PConfig::get(local_user(),'jappixmini','password');
$password = str_replace("'", "\\'", $password);
$autoapprove = PConfig::get(local_user(), 'jappixmini', 'autoapprove');
$autoapprove = intval($autoapprove);
$autosubscribe = PConfig::get(local_user(), 'jappixmini', 'autosubscribe');
$autosubscribe = intval($autosubscribe);
$autoapprove = PConfig::get(local_user(),'jappixmini','autoapprove');
$autoapprove = intval($autoapprove);
$autosubscribe = PConfig::get(local_user(),'jappixmini','autosubscribe');
$autosubscribe = intval($autosubscribe);
// set proxy if necessary
$use_proxy = Config::get('jappixmini', 'bosh_proxy');
if ($use_proxy) {
$proxy = $a->get_baseurl() . '/addon/jappixmini/proxy.php';
} else {
$proxy = "";
}
// set proxy if necessary
$use_proxy = Config::get('jappixmini','bosh_proxy');
if ($use_proxy) {
$proxy = $a->get_baseurl().'/addon/jappixmini/proxy.php';
}
else {
$proxy = "";
}
// get a list of jabber accounts of the contacts
$contacts = Array();
$uid = local_user();
$rows = q("SELECT * FROM `pconfig` WHERE `uid`=$uid AND `cat`='jappixmini' AND `k` LIKE 'id:%%'");
foreach ($rows as $row) {
$key = $row['k'];
$pos = strpos($key, ":");
$dfrn_id = substr($key, $pos + 1);
$r = q("SELECT `name` FROM `contact` WHERE `uid`=$uid AND (`dfrn-id`='%s' OR `issued-id`='%s')", dbesc($dfrn_id), dbesc($dfrn_id));
if (count($r))
$name = $r[0]["name"];
// get a list of jabber accounts of the contacts
$contacts = Array();
$uid = local_user();
$rows = q("SELECT * FROM `pconfig` WHERE `uid`=$uid AND `cat`='jappixmini' AND `k` LIKE 'id:%%'");
foreach ($rows as $row) {
$key = $row['k'];
$pos = strpos($key, ":");
$dfrn_id = substr($key, $pos+1);
$r = q("SELECT `name` FROM `contact` WHERE `uid`=$uid AND (`dfrn-id`='%s' OR `issued-id`='%s')",
dbesc($dfrn_id),
dbesc($dfrn_id)
);
if (count($r))
$name = $r[0]["name"];
$value = $row['v'];
$pos = strpos($value, ":");
$address = substr($value, $pos + 1);
if (!$address) {
continue;
}
if (!$name) {
$name = $address;
}
$value = $row['v'];
$pos = strpos($value, ":");
$address = substr($value, $pos+1);
if (!$address) continue;
if (!$name) $name = $address;
$contacts[$address] = $name;
}
$contacts_json = json_encode($contacts);
$contacts_hash = sha1($contacts_json);
$contacts[$address] = $name;
}
$contacts_json = json_encode($contacts);
$contacts_hash = sha1($contacts_json);
// get nickname
$r = q("SELECT `username` FROM `user` WHERE `uid`=$uid");
$nickname = json_encode($r[0]["username"]);
$groupchats = Config::get('jappixmini', 'groupchats');
//if $groupchats has no value jappix_addon_start will produce a syntax error
if (empty($groupchats)) {
$groupchats = "{}";
}
// get nickname
$r = q("SELECT `username` FROM `user` WHERE `uid`=$uid");
$nickname = json_encode($r[0]["username"]);
$groupchats = Config::get('jappixmini','groupchats');
//if $groupchats has no value jappix_addon_start will produce a syntax error
if(empty($groupchats)){
$groupchats = "{}";
}
// add javascript to start Jappix Mini
$a->page['htmlhead'] .= "<script type=\"text/javascript\">
// add javascript to start Jappix Mini
$a->page['htmlhead'] .= "<script type=\"text/javascript\">
jQuery(document).ready(function() {
jappixmini_addon_start('$server', '$username', '$proxy', '$bosh', $encrypt, '$password', $nickname, $contacts_json, '$contacts_hash', $autoapprove, $autosubscribe, $groupchats);
});
</script>";
return;
return;
}
function jappixmini_login(&$a, &$o) {
// create client secret on login to be able to encrypt jabber passwords
function jappixmini_login(App $a, &$o)
{
// create client secret on login to be able to encrypt jabber passwords
// for setDB and str_sha1, needed by jappixmini_addon_set_client_secret
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=datastore.js~jsjac.js"></script>' . "\r\n";
// for setDB and str_sha1, needed by jappixmini_addon_set_client_secret
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=datastore.js~jsjac.js"></script>'."\r\n";
// for jappixmini_addon_set_client_secret
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>' . "\r\n";
// for jappixmini_addon_set_client_secret
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>'."\r\n";
// save hash of password
$o = str_replace("<form ", "<form onsubmit=\"jappixmini_addon_set_client_secret(this.elements['id_password'].value);return true;\" ", $o);
// save hash of password
$o = str_replace("<form ", "<form onsubmit=\"jappixmini_addon_set_client_secret(this.elements['id_password'].value);return true;\" ", $o);
}
function jappixmini_cron(&$a, $d) {
function jappixmini_cron(App $a, $d)
{
// For autosubscribe/autoapprove, we need to maintain a list of jabber addresses of our contacts.
Config::set("jappixmini", "last_cron_execution", $d);
// go through list of users with jabber enabled
$users = q("SELECT `uid` FROM `pconfig` WHERE `cat`='jappixmini' AND (`k`='autosubscribe' OR `k`='autoapprove') AND `v`='1'");
logger("jappixmini: Update list of contacts' jabber accounts for ".count($users)." users.");
logger("jappixmini: Update list of contacts' jabber accounts for " . count($users) . " users.");
if(! count($users))
if (!count($users)) {
return;
}
foreach ($users as $row) {
$uid = $row["uid"];
@ -557,7 +593,9 @@ function jappixmini_cron(&$a, $d) {
intval($uid), dbesc(NETWORK_DFRN));
foreach ($contacts as $contact_row) {
$request = $contact_row["request"];
if (!$request) continue;
if (!$request) {
continue;
}
$dfrn_id = $contact_row["dfrn-id"];
if ($dfrn_id) {
@ -574,7 +612,7 @@ function jappixmini_cron(&$a, $d) {
}
// check if jabber address already present
$present = PConfig::get($uid, "jappixmini", "id:".$dfrn_id);
$present = PConfig::get($uid, "jappixmini", "id:" . $dfrn_id);
$now = intval(time());
if ($present) {
// $present has format "timestamp:jabber_address"
@ -583,22 +621,30 @@ function jappixmini_cron(&$a, $d) {
// do not re-retrieve jabber address if last retrieval
// is not older than a week
if ($now-$timestamp<3600*24*7) continue;
if ($now - $timestamp < 3600 * 24 * 7) {
continue;
}
}
// construct base retrieval address
$pos = strpos($request, "/dfrn_request/");
if ($pos===false) continue;
if ($pos === false) {
continue;
}
$base = substr($request, 0, $pos)."/jappixmini?role=$role";
$base = substr($request, 0, $pos) . "/jappixmini?role=$role";
// construct own address
$username = PConfig::get($uid, 'jappixmini', 'username');
if (!$username) continue;
if (!$username) {
continue;
}
$server = PConfig::get($uid, 'jappixmini', 'server');
if (!$server) continue;
if (!$server) {
continue;
}
$address = $username."@".$server;
$address = $username . "@" . $server;
// sign address
$signed_address = "";
@ -606,7 +652,7 @@ function jappixmini_cron(&$a, $d) {
// construct request url
$signed_address_hex = bin2hex($signed_address);
$url = $base."&signed_address=$signed_address_hex&dfrn_id=".urlencode($dfrn_id);
$url = $base . "&signed_address=$signed_address_hex&dfrn_id=" . urlencode($dfrn_id);
try {
// send request
@ -614,18 +660,26 @@ function jappixmini_cron(&$a, $d) {
// parse answer
$answer = json_decode($answer_json);
if ($answer->status != "ok") throw new Exception();
if ($answer->status != "ok") {
throw new Exception();
}
$encrypted_address_hex = $answer->encrypted_address;
if (!$encrypted_address_hex) throw new Exception();
if (!$encrypted_address_hex) {
throw new Exception();
}
$encrypted_address = hex2bin($encrypted_address_hex);
if (!$encrypted_address) throw new Exception();
if (!$encrypted_address) {
throw new Exception();
}
// decrypt address
$decrypted_address = "";
$decrypt_func($encrypted_address, $decrypted_address, $key);
if (!$decrypted_address) throw new Exception();
if (!$decrypted_address) {
throw new Exception();
}
} catch (Exception $e) {
$decrypted_address = "";
}
@ -636,10 +690,10 @@ function jappixmini_cron(&$a, $d) {
}
}
function jappixmini_download_source(&$a,&$b) {
function jappixmini_download_source(App $a, &$b)
{
// Jappix Mini source download link on About page
$b .= '<h1>Jappix Mini</h1>';
$b .= '<p>This site uses the jappixmini addon, which includes Jappix Mini by the <a href="'.$a->get_baseurl().'/addon/jappixmini/jappix/AUTHORS">Jappix authors</a> and is distributed under the terms of the <a href="'.$a->get_baseurl().'/addon/jappixmini/jappix/COPYING">GNU Affero General Public License</a>.</p>';
$b .= '<p>You can download the <a href="'.$a->get_baseurl().'/addon/jappixmini.tgz">source code of the addon</a>. The rest of Friendica is distributed under compatible licenses and can be retrieved from <a href="https://github.com/friendica/friendica">https://github.com/friendica/friendica</a> and <a href="https://github.com/friendica/friendica-addons">https://github.com/friendica/friendica-addons</a></p>';
$b .= '<p>This site uses the jappixmini addon, which includes Jappix Mini by the <a href="' . $a->get_baseurl() . '/addon/jappixmini/jappix/AUTHORS">Jappix authors</a> and is distributed under the terms of the <a href="' . $a->get_baseurl() . '/addon/jappixmini/jappix/COPYING">GNU Affero General Public License</a>.</p>';
$b .= '<p>You can download the <a href="' . $a->get_baseurl() . '/addon/jappixmini.tgz">source code of the addon</a>. The rest of Friendica is distributed under compatible licenses and can be retrieved from <a href="https://github.com/friendica/friendica">https://github.com/friendica/friendica</a> and <a href="https://github.com/friendica/friendica-addons">https://github.com/friendica/friendica-addons</a></p>';
}

352
windowsphonepush/windowsphonepush.php
View file

@ -1,69 +1,58 @@
<?php
/**
* Name: WindowsPhonePush
* Description: Enable push notification to send information to Friendica Mobile app on Windows phone (count of unread timeline entries, text of last posting - if wished by user)
* Version: 2.0
* Author: Gerhard Seeber <http://friendica.seeber.at/profile/admin>
*
*
*
*
* Pre-requisite: Windows Phone mobile device (at least WP 7.0)
* Friendica mobile app on Windows Phone
*
* When plugin is installed, the system calls the plugin
* name_install() function, located in 'addon/name/name.php',
* where 'name' is the name of the addon.
* If the addon is removed from the configuration list, the
* If the addon is removed from the configuration list, the
* system will call the name_uninstall() function.
*
* Version history:
* 1.1 : addon crashed on php versions >= 5.4 as of removed deprecated call-time
* 1.1 : addon crashed on php versions >= 5.4 as of removed deprecated call-time
* pass-by-reference used in function calls within function windowsphonepush_content
* 2.0 : adaption for supporting emphasizing new entries in app (count on tile cannot be read out,
* so we need to retrieve counter through show_settings secondly). Provide new function for
* so we need to retrieve counter through show_settings secondly). Provide new function for
* calling from app to set the counter back after start (if user starts again before cronjob
* sets the counter back
* count only unseen elements which are not type=activity (likes and dislikes not seen as new elements)
*/
use Friendica\App;
use Friendica\Core\PConfig;
use Friendica\Model\User;
function windowsphonepush_install() {
/**
*
* Our plugin will attach in three places.
* The first is within cron - so the push notifications will be
function windowsphonepush_install()
{
/* Our plugin will attach in three places.
* The first is within cron - so the push notifications will be
* sent every 10 minutes (or whatever is set in crontab).
*
*/
register_hook('cron', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_cron');
/**
*
* Then we'll attach into the plugin settings page, and also the
/* Then we'll attach into the plugin settings page, and also the
* settings post hook so that we can create and update
* user preferences. User shall be able to activate the plugin and
* user preferences. User shall be able to activate the plugin and
* define whether he allows pushing first characters of item text
*
*/
register_hook('plugin_settings', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings');
register_hook('plugin_settings_post', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings_post');
logger("installed windowsphonepush");
}
function windowsphonepush_uninstall() {
/**
*
* uninstall unregisters any hooks created with register_hook
function windowsphonepush_uninstall()
{
/* uninstall unregisters any hooks created with register_hook
* during install. Don't delete data in table `pconfig`.
*
*/
unregister_hook('cron', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_cron');
unregister_hook('plugin_settings', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings');
unregister_hook('plugin_settings_post', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings_post');
@ -71,51 +60,48 @@ function windowsphonepush_uninstall() {
logger("removed windowsphonepush");
}
/* declare the windowsphonepush function so that /windowsphonepush url requests will land here */
function windowsphonepush_module() {}
function windowsphonepush_module()
{
}
/**
*
* Callback from the settings post function.
/* Callback from the settings post function.
* $post contains the $_POST array.
* We will make sure we've got a valid user account
* and if so set our configuration setting for this person.
*
*/
function windowsphonepush_settings_post($a,$post) {
if(! local_user() || (! x($_POST,'windowsphonepush-submit')))
function windowsphonepush_settings_post($a, $post)
{
if (!local_user() || (!x($_POST, 'windowsphonepush-submit'))) {
return;
}
$enable = intval($_POST['windowsphonepush']);
PConfig::set(local_user(),'windowsphonepush','enable',$enable);
PConfig::set(local_user(), 'windowsphonepush', 'enable', $enable);
if($enable) {
PConfig::set(local_user(),'windowsphonepush','counterunseen', 0);
if ($enable) {
PConfig::set(local_user(), 'windowsphonepush', 'counterunseen', 0);
}
PConfig::set(local_user(),'windowsphonepush','senditemtext',intval($_POST['windowsphonepush-senditemtext']));
PConfig::set(local_user(), 'windowsphonepush', 'senditemtext', intval($_POST['windowsphonepush-senditemtext']));
info( t('WindowsPhonePush settings updated.') . EOL);
info(t('WindowsPhonePush settings updated.') . EOL);
}
/**
*
* Called from the Plugin Setting form.
/* Called from the Plugin Setting form.
* Add our own settings info to the page.
*
*/
function windowsphonepush_settings(&$a,&$s) {
if(! local_user())
function windowsphonepush_settings(&$a, &$s)
{
if (!local_user()) {
return;
}
/* Add our stylesheet to the page so we can make our settings look nice */
$a->page['htmlhead'] .= '<link rel="stylesheet" type="text/css" href="' . $a->get_baseurl() . '/addon/windowsphonepush/windowsphonepush.css' . '" media="all" />' . "\r\n";
/* Get the current state of our config variables */
$enabled = PConfig::get(local_user(),'windowsphonepush','enable');
$enabled = PConfig::get(local_user(), 'windowsphonepush', 'enable');
$checked_enabled = (($enabled) ? ' checked="checked" ' : '');
$senditemtext = PConfig::get(local_user(), 'windowsphonepush', 'senditemtext');
@ -137,7 +123,7 @@ function windowsphonepush_settings(&$a,&$s) {
$s .= '<input id="windowsphonepush-senditemtext-chk" type="checkbox" name="windowsphonepush-senditemtext" value="1" ' . $checked_senditemtext . '/>';
$s .= '</div><div class="clear"></div>';
/* provide a submit button - enable und senditemtext can be changed by the user*/
/* provide a submit button - enable und senditemtext can be changed by the user */
$s .= '<div class="settings-submit-wrapper" ><input type="submit" id="windowsphonepush-submit" name="windowsphonepush-submit" class="settings-submit" value="' . t('Save Settings') . '" /></div><div class="clear"></div>';
/* provide further read-only information concerning the addon (useful for */
@ -145,47 +131,40 @@ function windowsphonepush_settings(&$a,&$s) {
$s .= '<label id="windowsphonepush-device_url-label" for="windowsphonepush-device_url-text">Device-URL</label>';
$s .= '<input id="windowsphonepush-device_url-text" type="text" readonly value=' . $device_url . '/>';
$s .= '</div><div class="clear"></div></div>';
return;
return;
}
/**
*
* Cron function used to regularly check all users on the server with active windowsphonepushplugin and send
/* Cron function used to regularly check all users on the server with active windowsphonepushplugin and send
* notifications to the Microsoft servers and consequently to the Windows Phone device
*
*/
function windowsphonepush_cron() {
function windowsphonepush_cron()
{
// retrieve all UID's for which the plugin windowsphonepush is enabled and loop through every user
$r = q("SELECT * FROM `pconfig` WHERE `cat` = 'windowsphonepush' AND `k` = 'enable' AND `v` = 1");
if(count($r)) {
foreach($r as $rr) {
if (count($r)) {
foreach ($r as $rr) {
// load stored information for the user-id of the current loop
$device_url = PConfig::get($rr['uid'], 'windowsphonepush', 'device_url');
$lastpushid = PConfig::get($rr['uid'], 'windowsphonepush', 'lastpushid');
// pushing only possible if device_url (the URI on Microsoft server) is available or not "NA" (which will be sent
// pushing only possible if device_url (the URI on Microsoft server) is available or not "NA" (which will be sent
// by app if user has switched the server setting in app - sending blank not possible as this would return an update error)
if ( ( $device_url == "" ) || ( $device_url == "NA" ) ) {
if (( $device_url == "" ) || ( $device_url == "NA" )) {
// no Device-URL for the user availabe, but plugin is enabled --> write info to Logger
logger("WARN: windowsphonepush is enable for user " . $rr['uid'] . ", but no Device-URL is specified for the user.");
} else {
// retrieve the number of unseen items and the id of the latest one (if there are more than
// retrieve the number of unseen items and the id of the latest one (if there are more than
// one new entries since last poller run, only the latest one will be pushed)
$count = q("SELECT count(`id`) as count, max(`id`) as max FROM `item` WHERE `unseen` = 1 AND `type` <> 'activity' AND `uid` = %d",
intval($rr['uid'])
);
$count = q("SELECT count(`id`) as count, max(`id`) as max FROM `item` WHERE `unseen` = 1 AND `type` <> 'activity' AND `uid` = %d", intval($rr['uid']));
// send number of unseen items to the device (the number will be displayed on Start screen until
// App will be started by user) - this update will be sent every 10 minutes to update the number to 0 if
// send number of unseen items to the device (the number will be displayed on Start screen until
// App will be started by user) - this update will be sent every 10 minutes to update the number to 0 if
// user has loaded the timeline through app or website
$res_tile = send_tile_update($device_url, "", $count[0]['count'], "");
switch (trim($res_tile)) {
case "Received":
// ok, count has been pushed, let's save it in personal settings
// ok, count has been pushed, let's save it in personal settings
PConfig::set($rr['uid'], 'windowsphonepush', 'counterunseen', $count[0]['count']);
break;
case "QueueFull":
@ -212,24 +191,22 @@ function windowsphonepush_cron() {
$senditemtext = PConfig::get($rr['uid'], 'windowsphonepush', 'senditemtext');
if ($senditemtext == 1) {
// load item with the max id
$item = q("SELECT `author-name` as author, `body` as body FROM `item` where `id` = %d",
intval($count[0]['max'])
);
$item = q("SELECT `author-name` as author, `body` as body FROM `item` where `id` = %d", intval($count[0]['max']));
// as user allows to send the item, we want to show the sender of the item in the toast
// toasts are limited to one line, therefore place is limited - author shall be in
// toasts are limited to one line, therefore place is limited - author shall be in
// max. 15 chars (incl. dots); author is displayed in bold font
$author = $item[0]['author'];
$author = ((strlen($author) > 12) ? substr($author, 0, 12) . "..." : $author);
// normally we show the body of the item, however if it is an url or an image we cannot
// show this in the toast (only test), therefore changing to an alternate text
// show this in the toast (only test), therefore changing to an alternate text
// Otherwise BBcode-Tags will be eliminated and plain text cutted to 140 chars (incl. dots)
// BTW: information only possible in English
$body = $item[0]['body'];
if (substr($body, 0, 4) == "[url")
if (substr($body, 0, 4) == "[url") {
$body = "URL/Image ...";
else {
} else {
require_once('include/bbcode.php');
require_once("include/html2plain.php");
$body = bbcode($body, false, false, 2, true);
@ -237,40 +214,37 @@ function windowsphonepush_cron() {
$body = ((strlen($body) > 137) ? substr($body, 0, 137) . "..." : $body);
}
} else {
// if user wishes higher privacy, we only display "Friendica - New timeline entry arrived"
// if user wishes higher privacy, we only display "Friendica - New timeline entry arrived"
$author = "Friendica";
$body = "New timeline entry arrived ...";
}
// only if toast push notification returns the Notification status "Received" we will update th settings with the
// only if toast push notification returns the Notification status "Received" we will update th settings with the
// new indicator max-id is checked against (QueueFull, Suppressed, N/A, Dropped shall qualify to resend
// the push notification some minutes later (BTW: if resulting in Expired for subscription status the
// the push notification some minutes later (BTW: if resulting in Expired for subscription status the
// device_url will be deleted (no further try on this url, see send_push)
// further log information done on count pushing with send_tile (see above)
$res_toast = send_toast($device_url, $author, $body);
if (trim($res_toast) === 'Received') {
PConfig::set($rr['uid'], 'windowsphonepush', 'lastpushid', $count[0]['max']);
}
}
}
}
}
}
}
/*
*
* Tile push notification change the number in the icon of the App in Start Screen of
/* Tile push notification change the number in the icon of the App in Start Screen of
* a Windows Phone Device, Image could be changed, not used for App "Friendica Mobile"
*
*/
function send_tile_update($device_url, $image_url, $count, $title, $priority = 1) {
function send_tile_update($device_url, $image_url, $count, $title, $priority = 1)
{
$msg = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" .
"<wp:Notification xmlns:wp=\"WPNotification\">" .
"<wp:Tile>".
"<wp:BackgroundImage>" . $image_url . "</wp:BackgroundImage>" .
"<wp:Count>" . $count . "</wp:Count>" .
"<wp:Title>" . $title . "</wp:Title>" .
"</wp:Tile> " .
"<wp:Tile>" .
"<wp:BackgroundImage>" . $image_url . "</wp:BackgroundImage>" .
"<wp:Count>" . $count . "</wp:Count>" .
"<wp:Title>" . $title . "</wp:Title>" .
"</wp:Tile> " .
"</wp:Notification>";
$result = send_push($device_url, array(
@ -280,48 +254,42 @@ function send_tile_update($device_url, $image_url, $count, $title, $priority = 1
return $result;
}
/*
*
* Toast push notification send information to the top of the display
/* Toast push notification send information to the top of the display
* if the user is not currently using the Friendica Mobile App, however
* there is only one line for displaying the information
*
*/
function send_toast($device_url, $title, $message, $priority = 2) {
$msg = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" .
function send_toast($device_url, $title, $message, $priority = 2)
{
$msg = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" .
"<wp:Notification xmlns:wp=\"WPNotification\">" .
"<wp:Toast>" .
"<wp:Text1>" . $title . "</wp:Text1>" .
"<wp:Text2>" . $message . "</wp:Text2>" .
"<wp:Param></wp:Param>" .
"</wp:Toast>" .
"<wp:Toast>" .
"<wp:Text1>" . $title . "</wp:Text1>" .
"<wp:Text2>" . $message . "</wp:Text2>" .
"<wp:Param></wp:Param>" .
"</wp:Toast>" .
"</wp:Notification>";
$result = send_push($device_url, array(
'X-WindowsPhone-Target: toast',
'X-NotificationClass: ' . $priority,
'X-NotificationClass: ' . $priority,
), $msg);
return $result;
}
/*
*
* General function to send the push notification via cURL
*
*/
function send_push($device_url, $headers, $msg) {
// General function to send the push notification via cURL
function send_push($device_url, $headers, $msg)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $device_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER,
$headers + array(
'Content-Type: text/xml',
'charset=utf-8',
'Accept: application/*',
)
);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers + array(
'Content-Type: text/xml',
'charset=utf-8',
'Accept: application/*',
)
);
curl_setopt($ch, CURLOPT_POSTFIELDS, $msg);
$output = curl_exec($ch);
@ -331,35 +299,31 @@ function send_push($device_url, $headers, $msg) {
// and log this fact
$subscriptionStatus = get_header_value($output, 'X-SubscriptionStatus');
if ($subscriptionStatus == "Expired") {
PConfig::set(local_user(),'windowsphonepush','device_url', "");
PConfig::set(local_user(), 'windowsphonepush', 'device_url', "");
logger("ERROR: the stored Device-URL " . $device_url . "returned an 'Expired' error, it has been deleted now.");
}
// the notification status shall be returned to windowsphonepush_cron (will
// the notification status shall be returned to windowsphonepush_cron (will
// update settings if 'Received' otherwise keep old value in settings (on QueuedFull. Suppressed, N/A, Dropped)
$notificationStatus = get_header_value($output, 'X-NotificationStatus');
return $notificationStatus;
}
}
/*
* helper function to receive statuses from webresponse of Microsoft server
*/
function get_header_value($content, $header) {
// helper function to receive statuses from webresponse of Microsoft server
function get_header_value($content, $header)
{
return preg_match_all("/$header: (.*)/i", $content, $match) ? $match[1][0] : "";
}
/*
*
* reading information from url and deciding which function to start
/* reading information from url and deciding which function to start
* show_settings = delivering settings to check
* update_settings = set the device_url
* update_counterunseen = set counter for unseen elements to zero
*
*/
function windowsphonepush_content(&$a) {
function windowsphonepush_content(App $a)
{
// Login with the specified Network credentials (like in api.php)
windowsphonepush_login();
windowsphonepush_login($a);
$path = $a->argv[0];
$path2 = $a->argv[1];
@ -371,9 +335,9 @@ function windowsphonepush_content(&$a) {
break;
case "update_settings":
$ret = windowsphonepush_updatesettings($a);
header("Content-Type: application/json; charset=utf-8");
header("Content-Type: application/json; charset=utf-8");
echo json_encode(array('status' => $ret));
killme();
killme();
break;
case "update_counterunseen":
$ret = windowsphonepush_updatecounterunseen();
@ -387,12 +351,12 @@ function windowsphonepush_content(&$a) {
}
}
/*
* return settings for windowsphonepush addon to be able to check them in WP app
*/
function windowsphonepush_showsettings(&$a) {
if(! local_user())
// return settings for windowsphonepush addon to be able to check them in WP app
function windowsphonepush_showsettings()
{
if (!local_user()) {
return;
}
$enable = PConfig::get(local_user(), 'windowsphonepush', 'enable');
$device_url = PConfig::get(local_user(), 'windowsphonepush', 'device_url');
@ -401,34 +365,36 @@ function windowsphonepush_showsettings(&$a) {
$counterunseen = PConfig::get(local_user(), 'windowsphonepush', 'counterunseen');
$addonversion = "2.0";
if (!$device_url)
if (!$device_url) {
$device_url = "";
}
if (!$lastpushid)
if (!$lastpushid) {
$lastpushid = 0;
}
header ("Content-Type: application/json");
echo json_encode(array('uid' => local_user(),
'enable' => $enable,
'device_url' => $device_url,
'senditemtext' => $senditemtext,
'lastpushid' => $lastpushid,
'counterunseen' => $counterunseen,
'addonversion' => $addonversion));
header("Content-Type: application/json");
echo json_encode(array('uid' => local_user(),
'enable' => $enable,
'device_url' => $device_url,
'senditemtext' => $senditemtext,
'lastpushid' => $lastpushid,
'counterunseen' => $counterunseen,
'addonversion' => $addonversion));
}
/*
* update_settings is used to transfer the device_url from WP device to the Friendica server
/* update_settings is used to transfer the device_url from WP device to the Friendica server
* return the status of the operation to the server
*/
function windowsphonepush_updatesettings(&$a) {
if(! local_user()) {
function windowsphonepush_updatesettings()
{
if (!local_user()) {
return "Not Authenticated";
}
// no updating if user hasn't enabled the plugin
$enable = PConfig::get(local_user(), 'windowsphonepush', 'enable');
if(! $enable) {
if (!$enable) {
return "Plug-in not enabled";
}
@ -439,79 +405,69 @@ function windowsphonepush_updatesettings(&$a) {
return "No valid Device-URL specified";
}
// check if sent url is already stored in database for another user, we assume that there was a change of
// check if sent url is already stored in database for another user, we assume that there was a change of
// the user on the Windows Phone device and that device url is no longer true for the other user, so we
// et the device_url for the OTHER user blank (should normally not occur as App should include User/server
// et the device_url for the OTHER user blank (should normally not occur as App should include User/server
// in url request to Microsoft Push Notification server)
$r = q("SELECT * FROM `pconfig` WHERE `uid` <> " . local_user() . " AND
`cat` = 'windowsphonepush' AND
`k` = 'device_url' AND
$r = q("SELECT * FROM `pconfig` WHERE `uid` <> " . local_user() . " AND
`cat` = 'windowsphonepush' AND
`k` = 'device_url' AND
`v` = '" . $device_url . "'");
if(count($r)) {
foreach($r as $rr) {
PConfig::set($rr['uid'], 'windowsphonepush', 'device_url', '');
logger("WARN: the sent URL was already registered with user '" . $rr['uid'] . "'. Deleted for this user as we expect to be correct now for user '" . local_user() . "'.");
if (count($r)) {
foreach ($r as $rr) {
PConfig::set($rr['uid'], 'windowsphonepush', 'device_url', '');
logger("WARN: the sent URL was already registered with user '" . $rr['uid'] . "'. Deleted for this user as we expect to be correct now for user '" . local_user() . "'.");
}
}
PConfig::set(local_user(),'windowsphonepush','device_url', $device_url);
PConfig::set(local_user(), 'windowsphonepush', 'device_url', $device_url);
// output the successfull update of the device URL to the logger for error analysis if necessary
logger("INFO: Device-URL for user '" . local_user() . "' has been updated with '" . $device_url . "'");
return "Device-URL updated successfully!";
}
/*
* update_counterunseen is used to reset the counter to zero from Windows Phone app
*/
function windowsphonepush_updatecounterunseen() {
if(! local_user()) {
// update_counterunseen is used to reset the counter to zero from Windows Phone app
function windowsphonepush_updatecounterunseen()
{
if (!local_user()) {
return "Not Authenticated";
}
// no updating if user hasn't enabled the plugin
$enable = PConfig::get(local_user(), 'windowsphonepush', 'enable');
if(! $enable) {
if (!$enable) {
return "Plug-in not enabled";
}
PConfig::set(local_user(),'windowsphonepush','counterunseen', 0);
PConfig::set(local_user(), 'windowsphonepush', 'counterunseen', 0);
return "Counter set to zero";
}
/*
* helper function to login to the server with the specified Network credentials
/* helper function to login to the server with the specified Network credentials
* (mainly copied from api.php)
*/
function windowsphonepush_login() {
function windowsphonepush_login(App $a)
{
if (!isset($_SERVER['PHP_AUTH_USER'])) {
logger('API_login: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
header('HTTP/1.0 401 Unauthorized');
die('This api requires login');
logger('API_login: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
header('HTTP/1.0 401 Unauthorized');
die('This api requires login');
}
$user = $_SERVER['PHP_AUTH_USER'];
$encrypted = hash('whirlpool',trim($_SERVER['PHP_AUTH_PW']));
$user_id = User::authenticate($_SERVER['PHP_AUTH_USER'], trim($_SERVER['PHP_AUTH_PW']));
// check if user specified by app is available in the user table
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' )
AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1",
dbesc(trim($user)),
dbesc(trim($user)),
dbesc($encrypted)
);
if(count($r)){
$record = $r[0];
if ($user_id) {
$record = dba::select('user', [], ['uid' => $user_id], ['limit' => 1]);
} else {
logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
header('HTTP/1.0 401 Unauthorized');
die('This api requires login');
logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
header('HTTP/1.0 401 Unauthorized');
die('This api requires login');
}
require_once('include/security.php');
authenticate_success($record); $_SESSION["allow_api"] = true;
require_once 'include/security.php';
authenticate_success($record);
$_SESSION["allow_api"] = true;
call_hooks('logged_in', $a->user);
}