aboutsummaryrefslogblamecommitdiffstats
path: root/include/Contact.php
blob: d4d29b2971938ae74606359dad1937afe9de54aa (plain) (tree)
1
2
3
4
5
6
7
8
9
10


     
                                          





                            




                                                                     

                                             









                                                                                      
                                                                            


                                     





                                                                                                                        


                 













                                                                              

 
                       
 

                                                                                                              
 
         
 
                    
 
 
 





























                                                                                                       

















 




                                                                          



                                         




                                                                          





                                                                    
 
                                                                  
                                                                


                                                                       
                                                                
                                                               
                                                                  
                                                               


                                                                   
                                                                
                                                                 

                                                                        
                                                                  

                                                                 
                                                               
                                  

                                                  
                                          

         


                              














                                                                                                               








                                                          


                                                        


                                                  



                                                  


 






























                                                                                                                     







                                                              







                                                                                            



                               

                                                                                    




                                                          




                                                                                          
                                                                


                                                                                





                                                                                                               
 
                                                         








                                                                               
                                                                            




                                             









                                            
                      


















                                                                               
                                                                         

                                                                            

                      
                                        




                                                                



                                        
                                                               




                                                
                             
                                                                                                              



                                                                                          


                  






                                                                                                       


 
                                                           
 




                                                                                                                                                                           
 



                          

                                                                                                                                                                                               
                             
                             

                               
          
 


                  
<?php


function map_perms($entity,$zguid,$zsig) {

	$is_contact = false;
	$is_site    = false;
	$is_network = false;
	$is_anybody = true;


	// To avoid sending the lengthy target_sig with each request,
	// We should provide an array of results for each target
	// and let the sender match the signature.

	if(strlen($zguid) && strlen($zsig)) {
		
		$is_network = true;

		$r = q("select * from contact where guid = '%s' and uid = %d limit 1",
			dbesc($zguid),
			intval($entity['entity_id'])
		);
		if($r && count($r)) {
			$is_contact = true;
			$contact = $r[0];
		}
		$r = q("select * from entity where entity_global_id = '%s'",
			dbesc($zguid)
		);
		if($r && count($r)) {
			foreach($r as $rr) {
				if(base64url_encode(rsa_sign($rr['entity_global_id'],$rr['entity_prvkey'])) === $zsig) {
					$is_site = true;
					break;
				}
			}
		}
	}

	$perms = array(
		'view_stream'   => array('entity_r_stream',  PERMS_R_STREAM ),
		'view_profile'  => array('entity_r_profile', PERMS_R_PROFILE),
		'view_photos'   => array('entity_r_photos',  PERMS_R_PHOTOS),
		'view_contacts' => array('entity_r_abook',   PERMS_R_ABOOK),

		'send_stream'   => array('entity_w_stream',  PERMS_W_STREAM),
		'post_wall'     => array('entity_w_wall',    PERMS_W_WALL),
		'tag_deliver'   => array('entity_w_tagwall', PERMS_W_TAGWALL),
		'post_comments' => array('entity_w_comment', PERMS_W_COMMENT),
		'post_mail'     => array('entity_w_mail',    PERMS_W_MAIL),
		'post_photos'   => array('entity_w_photos',  PERMS_W_PHOTOS),
		'chat'          => array('entity_w_chat',    PERMS_W_CHAT),
	);


	$ret = array();

	foreach($perms as $k => $v) {
		$ret[$k] = z_check_perms($k,$v,$entity,$contact,$is_contact,$is_site,$is_network,$is_anybody);

	}

	return $ret;

}

function z_check_perms($k,$v,$entity,$contact,$is_contact,$is_site,$is_network,$is_anybody) {

	$allow = (($contact['self']) ? true : false);
	
	switch($entity[$v[0]]) {
		case PERMS_PUBLIC:
				if($is_anybody)
					$allow = true;
				break;
		case PERMS_NETWORK:
				if($is_network)
					$allow = true;
				break;
		case PERMS_SITE:
				if($is_site)
					$allow = true;
				break;
		case PERMS_CONTACTS:
				if($is_contact)
					$allow = true;
				break;
		case PERMS_SPECIFIC:
				if($is_contact && is_array($contact) && ($contact['my_perms'] & $v[1]))
					$allow = true;
				break;
		default:
				break;
	}
	return $allow; 
}


















// Included here for completeness, but this is a very dangerous operation.
// It is the caller's responsibility to confirm the requestor's intent and
// authorisation to do this.

function user_remove($uid) {
	if(! $uid)
		return;
	$a = get_app();
	logger('Removing user: ' . $uid);

	$r = q("select * from user where uid = %d limit 1", intval($uid));

	call_hooks('remove_user',$r[0]);

	// save username (actually the nickname as it is guaranteed 
	// unique), so it cannot be re-registered in the future.

	q("insert into userd ( username ) values ( '%s' )",
		$r[0]['nickname']
	);

	q("DELETE FROM `contact` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `gcign` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `group` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `group_member` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `intro` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `event` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `item` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `item_id` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `mail` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `mailacct` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `manage` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `notify` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `photo` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `attach` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `profile` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `profile_check` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `pconfig` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `search` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `spam` WHERE `uid` = %d", intval($uid));
	q("DELETE FROM `user` WHERE `uid` = %d", intval($uid));
	if($uid == local_user()) {
		unset($_SESSION['authenticated']);
		unset($_SESSION['uid']);
		goaway($a->get_baseurl());
	}
}


function contact_remove($id) {

	$r = q("select uid from contact where id = %d limit 1",
		intval($id)
	);
	if((! count($r)) || (! intval($r[0]['uid'])))
		return;

	$archive = get_pconfig($r[0]['uid'], 'system','archive_removed_contacts');
	if($archive) {
		q("update contact set `archive` = 1, `network` = 'none', `writable` = 0 where id = %d limit 1",
			intval($id)
		);
		return;
	}

	q("DELETE FROM `contact` WHERE `id` = %d LIMIT 1",
		intval($id)
	);
	q("DELETE FROM `item` WHERE `contact-id` = %d ",
		intval($id)
	);
	q("DELETE FROM `photo` WHERE `contact-id` = %d ",
		intval($id)
	);
	q("DELETE FROM `mail` WHERE `contact-id` = %d ",
		intval($id)
	);
	q("DELETE FROM `event` WHERE `cid` = %d ",
		intval($id)
	);
	q("DELETE FROM `queue` WHERE `cid` = %d ",
		intval($id)
	);

}


// sends an unfriend message. Does not remove the contact

function terminate_friendship($user,$self,$contact) {


	$a = get_app();

	require_once('include/datetime.php');

	if($contact['network'] === NETWORK_OSTATUS) {

		$slap = replace_macros(get_markup_template('follow_slap.tpl'), array(
			'$name' => $user['username'],
			'$profile_page' => $a->get_baseurl() . '/profile/' . $user['nickname'],
			'$photo' => $self['photo'],
			'$thumb' => $self['thumb'],
			'$published' => datetime_convert('UTC','UTC', 'now', ATOM_TIME),
			'$item_id' => 'urn:X-dfrn:' . $a->get_hostname() . ':unfollow:' . random_string(),
			'$title' => '',
			'$type' => 'text',
			'$content' => t('stopped following'),
			'$nick' => $user['nickname'],
			'$verb' => 'http://ostatus.org/schema/1.0/unfollow', // ACTIVITY_UNFOLLOW,
			'$ostat_follow' => '' // '<as:verb>http://ostatus.org/schema/1.0/unfollow</as:verb>' . "\r\n"
		));

		if((x($contact,'notify')) && (strlen($contact['notify']))) {
			require_once('include/salmon.php');
			slapper($user,$contact['notify'],$slap);
		}
	}
	elseif($contact['network'] === NETWORK_DFRN) {
		require_once('include/items.php');
		dfrn_deliver($user,$contact,'placeholder', 1);
	}

}


// Contact has refused to recognise us as a friend. We will start a countdown.
// If they still don't recognise us in 32 days, the relationship is over,
// and we won't waste any more time trying to communicate with them.
// This provides for the possibility that their database is temporarily messed
// up or some other transient event and that there's a possibility we could recover from it.
 
if(! function_exists('mark_for_death')) {
function mark_for_death($contact) {

	if($contact['archive'])
		return;

	if($contact['term_date'] == '0000-00-00 00:00:00') {
		q("UPDATE `contact` SET `term_date` = '%s' WHERE `id` = %d LIMIT 1",
				dbesc(datetime_convert()),
				intval($contact['id'])
		);
	}
	else {

		// TODO: We really should send a notification to the owner after 2-3 weeks
		// so they won't be surprised when the contact vanishes and can take
		// remedial action if this was a serious mistake or glitch

		$expiry = $contact['term_date'] . ' + 32 days ';
		if(datetime_convert() > datetime_convert('UTC','UTC',$expiry)) {

			// relationship is really truly dead. 
			// archive them rather than delete
			// though if the owner tries to unarchive them we'll start the whole process over again

			q("update contact set `archive` = 1 where id = %d limit 1",
				intval($contact['id'])
			);

			//contact_remove($contact['id']);

		}
	}

}}

if(! function_exists('unmark_for_death')) {
function unmark_for_death($contact) {
	// It's a miracle. Our dead contact has inexplicably come back to life.
	q("UPDATE `contact` SET `term_date` = '%s' WHERE `id` = %d LIMIT 1",
		dbesc('0000-00-00 00:00:00'),
		intval($contact['id'])
	);
}}

if(! function_exists('contact_photo_menu')){
function contact_photo_menu($contact) {

	$a = get_app();
	
	$contact_url="";
	$pm_url="";
	$status_link="";
	$photos_link="";
	$posts_link="";
	$poke_link="";

	$sparkle = false;
	if($contact['network'] === NETWORK_DFRN) {
		$sparkle = true;
		$profile_link = $a->get_baseurl() . '/redir/' . $contact['id'];
	}
	else
		$profile_link = $contact['url'];

	if($profile_link === 'mailbox')
		$profile_link = '';

	if($sparkle) {
		$status_link = $profile_link . "?url=status";
		$photos_link = $profile_link . "?url=photos";
		$profile_link = $profile_link . "?url=profile";
		$pm_url = $a->get_baseurl() . '/message/new/' . $contact['id'];
	}

	$poke_link = $a->get_baseurl() . '/poke/?f=&c=' . $contact['id'];
	$contact_url = $a->get_baseurl() . '/contacts/' . $contact['id'];
	$posts_link = $a->get_baseurl() . '/network/?cid=' . $contact['id'];

	$menu = Array(
		t("Poke") => $poke_link,
		t("View Status") => $status_link,
		t("View Profile") => $profile_link,
		t("View Photos") => $photos_link,		
		t("Network Posts") => $posts_link, 
		t("Edit Contact") => $contact_url,
		t("Send PM") => $pm_url,
	);
	
	
	$args = array('contact' => $contact, 'menu' => &$menu);
	
	call_hooks('contact_photo_menu', $args);
	
	$o = "";
	foreach($menu as $k=>$v){
		if ($v!="") {
			if(($k !== t("Network Posts")) && ($k !== t("Send PM")) && ($k !== t('Edit Contact')))
				$o .= "<li><a target=\"redir\" href=\"$v\">$k</a></li>\n";
			else
				$o .= "<li><a href=\"$v\">$k</a></li>\n";
		}
	}
	return $o;
}}


function random_profile() {
	$r = q("select url from gcontact where url like '%%://%%/profile/%%' order by rand() limit 1");
	if(count($r))
		return dirname($r[0]['url']);
	return '';
}


function contacts_not_grouped($uid,$start = 0,$count = 0) {

	if(! $count) {
		$r = q("select count(*) as total from contact where uid = %d and self = 0 and id not in (select distinct(`contact-id`) from group_member where uid = %d) ",
			intval($uid),
			intval($uid)
		);

		return $r;


	}

	$r = q("select * from contact where uid = %d and self = 0 and id not in (select distinct(`contact-id`) from group_member where uid = %d) and blocked = 0 and pending = 0 limit %d, %d",
		intval($uid),
		intval($uid),
		intval($start),
		intval($count)
	);

	return $r;
}