grrr... hashes aren't matching.

5 files changed, 143 insertions, 84 deletions

diff --git a/include/follow.php b/include/follow.php
index e9c6c1ee5..3cf29c733 100644
--- a/include/follow.php
+++ b/include/follow.php
@@ -42,7 +42,7 @@ function new_contact($uid,$url,$channel,$interactive = false) {
 	}
 
 	logger('follow: ' . $url . ' ' . print_r($j,true));
-	killme();
+//	killme();
 
 
 	if(! ($j->success && $j->guid)) {
@@ -68,76 +68,24 @@ function new_contact($uid,$url,$channel,$interactive = false) {
 	// do we have an xchan and hubloc?
 	// If not, create them.	
 
-	$xchan_hash = base64_urlencode(hash('whirlpool',$j->quid . $j->guid_sg, true));
-
-// FIXME - verify the signature
-
-	$r = q("select * from xchan where xchan_hash = '%s' limit 1",
-		dbesc($xchan_hash)
-	);	
-	if(! $r) {
-		$x = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_mimetype,
-				xchan_photo_l, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_photo_date, xchan_name_date)
-				values ( '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
-			dbesc($xchan_hash),
-			dbesc($j->guid),
-			dbesc($j->guid_sig),
-			dbesc($j->key),
-			dbesc($j->photo_mimetype),
-			dbesc($j->photo),
-			dbesc($j->address),
-			dbesc($j->url),
-			dbesc($j->name),
-			dbesc('zot'),
-			dbesc($j->photo_updated),
-			dbesc($j->name_updated)
-		);
+	$x = import_xchan_from_json($j);
 
-		require_once("Photo.php");
+	// Do we already have an abook entry?
+	// go directly to the abook edit page.
 
-		$photos = import_profile_photo($j->photo,0,$contact_id);
-		$r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s' = '%s', xchan_photo_mimetype = '%s'
-				where xchan_hash = '%s' limit 1",
-				dbesc($photos[0]),
-				dbesc($photos[1]),
-				dbesc($photos[2]),
-				dbesc($photos[3]),
-				dbesc($xchan_hash)
-		);
-	}				
-
-	if($j->locations) {
-		foreach($j->locations as $location) {
-			$r = q("select * from hubloc where hubloc_hash = '%s' and hubloc_url = '%s' limit 1",
-				dbesc($xchan_hash),
-				dbesc($location['url'])
-			);
-			if($r)
-				continue;
-			
-// FIXME verify the signature
-
-			$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_flags, hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey)
-					values ( '%s','%s','%s','%s', %d ,'%s','%s','%s','%s','%s')",
-				dbesc($j->guid),
-				dbesc($j->guid_sig),
-				dbesc($xchan_hash),
-				dbesc($location['address']),
-				intval((intval($location['primary'])) ? HUBLOC_FLAGS_PRIMARY : 0),
-				dbesc($location['url']),
-				dbesc($location['url_sig']),
-				dbesc($location['host']),
-				dbesc($location['callback']),
-				dbesc($location['sitekey'])
-			);
-
-		}
+	$their_perms = 0;
 
+	$global_perms = get_perms();
+
+	foreach($j->permissions as $k => $v) {
+		logger('perm: ' . $k . ' = ' . $v);
+		logger('global: ' . print_r($global_perms[$k],true));
+		if($v)
+			$their_perms = $their_perms | intval($global_perms[$k][1]);
 	}
 
+	logger('Permissions: ' . $their_perms);
 
-	// Do we already have an abook entry?
-	// go directly to the abook edit page.
 
 
 	// Else create an entry
diff --git a/include/permissions.php b/include/permissions.php
index 0cb5fe9e5..ef87a31a5 100644
--- a/include/permissions.php
+++ b/include/permissions.php
@@ -1,22 +1,25 @@
 <?php
 
 
+function get_perms() {
 	$global_perms = array(
 		// Read only permissions
-		'view_stream'   => array('channel_r_stream',  PERMS_R_STREAM,  true),
-		'view_profile'  => array('channel_r_profile', PERMS_R_PROFILE, true),
-		'view_photos'   => array('channel_r_photos',  PERMS_R_PHOTOS,  true),
-		'view_contacts' => array('channel_r_abook',   PERMS_R_ABOOK,   true),
+		'view_stream'   => array('channel_r_stream',  intval(PERMS_R_STREAM),  true),
+		'view_profile'  => array('channel_r_profile', intval(PERMS_R_PROFILE), true),
+		'view_photos'   => array('channel_r_photos',  intval(PERMS_R_PHOTOS),  true),
+		'view_contacts' => array('channel_r_abook',   intval(PERMS_R_ABOOK),   true),
 
 		// Write permissions
-		'send_stream'   => array('channel_w_stream',  PERMS_W_STREAM,  false),
-		'post_wall'     => array('channel_w_wall',    PERMS_W_WALL,    false),
-		'tag_deliver'   => array('channel_w_tagwall', PERMS_W_TAGWALL, false),
-		'post_comments' => array('channel_w_comment', PERMS_W_COMMENT, false),
-		'post_mail'     => array('channel_w_mail',    PERMS_W_MAIL,    false),
-		'post_photos'   => array('channel_w_photos',  PERMS_W_PHOTOS,  false),
-		'chat'          => array('channel_w_chat',    PERMS_W_CHAT,    false),
+		'send_stream'   => array('channel_w_stream',  intval(PERMS_W_STREAM),  false),
+		'post_wall'     => array('channel_w_wall',    intval(PERMS_W_WALL),    false),
+		'tag_deliver'   => array('channel_w_tagwall', intval(PERMS_W_TAGWALL), false),
+		'post_comments' => array('channel_w_comment', intval(PERMS_W_COMMENT), false),
+		'post_mail'     => array('channel_w_mail',    intval(PERMS_W_MAIL),    false),
+		'post_photos'   => array('channel_w_photos',  intval(PERMS_W_PHOTOS),  false),
+		'chat'          => array('channel_w_chat',    intval(PERMS_W_CHAT),    false),
 	);
+	return $global_perms;
+}
 
 
 // Since these include the translation function - they couldn't be included
@@ -55,7 +58,7 @@ function perms_text() {
 
 function get_all_perms($uid,$observer,$internal_use = true) {
 
-	global $global_perms;
+	$global_perms = get_perms();
 
 	// Save lots of individual lookups
 
@@ -94,14 +97,16 @@ function get_all_perms($uid,$observer,$internal_use = true) {
 			continue;
 		}
 
-		// If it's an unauthenticated observer, we only need to see if PERMS_PUBLIC is set
+		if($r[0][$channel_perm] & PERMS_PUBLIC) {
+			$ret[$perm_name] = true;
+			continue;
+		}
 
 		if(! $observer) {
-			$ret[$perm_name] = (($r[0][$channel_perm] & PERMS_PUBLIC) ? true : false);
+			$ret[$perm_name] = false;
 			continue;
 		}
 
-
 		// If we're still here, we have an observer, which means they're in the network.
 
 		if($r[0][$channel_perm] & PERMS_NETWORK) {
@@ -188,7 +193,7 @@ function get_all_perms($uid,$observer,$internal_use = true) {
 
 function perm_is_allowed($uid,$observer,$permission) {
 
-	global $global_perms;
+	$global_perms = get_perms();
 
 	// First find out what the channel owner declared permissions to be.
 
@@ -206,10 +211,14 @@ function perm_is_allowed($uid,$observer,$permission) {
 	if($r[0]['channel_hash'] === $observer)
 		return true;
 
+	
+	if($r[0][$channel_perm] & PERMS_PUBLIC)
+		return true;
+
 	// If it's an unauthenticated observer, we only need to see if PERMS_PUBLIC is set
 
 	if(! $observer) {
-		return(($r[0][$channel_perm] & PERMS_PUBLIC) ? true : false);
+		return false;
 	}
 
 	// If we're still here, we have an observer, which means they're in the network.
diff --git a/include/zot.php b/include/zot.php
index 8d3fafcc8..ef4b64e4a 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -179,3 +179,105 @@ function zot_register_hub($arr) {
 	}
 	return $total;
 }
+
+
+// Takes a json array from zot_finger and imports the xchan and hublocs
+// If the xchan already exists, update the name and photo if these have changed.
+// 
+
+
+function import_xchan_from_json($j) {
+
+	$xchan_hash = base64url_encode(hash('whirlpool',$j->quid . $j->guid_sig, true));
+	$import_photos = false;
+
+// FIXME - verify the signature
+
+	$r = q("select * from xchan where xchan_hash = '%s' limit 1",
+		dbesc($xchan_hash)
+	);	
+	if($r) {
+		if($r[0]['xchan_photo_date'] != $j->photo_updated)
+			$update_photos = true;
+		if($r[0]['xchan_name_date'] != $j->name_updated) {
+			$r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s' limit 1",
+				dbesc($j->name),
+				dbesc($j->name_updated),
+				dbesc($xchan_hash)
+			);
+		}
+	}
+	else {
+		$import_photos = true;
+		$x = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_mimetype,
+				xchan_photo_l, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_photo_date, xchan_name_date)
+				values ( '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ",
+			dbesc($xchan_hash),
+			dbesc($j->guid),
+			dbesc($j->guid_sig),
+			dbesc($j->key),
+			dbesc($j->photo_mimetype),
+			dbesc($j->photo),
+			dbesc($j->address),
+			dbesc($j->url),
+			dbesc($j->name),
+			dbesc('zot'),
+			dbesc($j->photo_updated),
+			dbesc($j->name_updated)
+		);
+
+	}				
+
+
+	if($import_photos) {
+
+		require_once("Photo.php");
+
+		$photos = import_profile_photo($j->photo,0,$xchan_hash);
+		$r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s'
+				where xchan_hash = '%s' limit 1",
+				dbesc($j->photo_updated),
+				dbesc($photos[0]),
+				dbesc($photos[1]),
+				dbesc($photos[2]),
+				dbesc($photos[3]),
+				dbesc($xchan_hash)
+		);
+	}
+
+	if($j->locations) {
+		foreach($j->locations as $location) {
+			$r = q("select * from hubloc where hubloc_hash = '%s' and hubloc_url = '%s' limit 1",
+				dbesc($xchan_hash),
+				dbesc($location->url)
+			);
+			if($r) {
+				if(($r[0]['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY) && (! $location->primary)) {
+					$r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d) where hubloc_id = %d limit 1",
+						intval(HUBLOC_FLAGS_PRIMARY),
+						intval($r[0]['hubloc_id'])
+					);
+				}
+				continue;
+			}
+// FIXME verify the signature
+
+			$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_flags, hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey)
+					values ( '%s','%s','%s','%s', %d ,'%s','%s','%s','%s','%s')",
+				dbesc($j->guid),
+				dbesc($j->guid_sig),
+				dbesc($xchan_hash),
+				dbesc($location->address),
+				intval((intval($location->primary)) ? HUBLOC_FLAGS_PRIMARY : 0),
+				dbesc($location->url),
+				dbesc($location->url_sig),
+				dbesc($location->host),
+				dbesc($location->callback),
+				dbesc($location->sitekey)
+			);
+
+		}
+
+	}
+
+}
\ No newline at end of file
diff --git a/mod/abook.php b/mod/abook.php
index 51cebd160..3d73217f1 100644
--- a/mod/abook.php
+++ b/mod/abook.php
@@ -509,7 +509,7 @@ EOT;
 	}
 
 
-	$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_chan = xchan.xchan_hash
+	$r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash
 		WHERE abook_channel = %d and not (abook_flags & %d) $sql_extra $sql_extra2 ORDER BY xchan_name LIMIT %d , %d ",
 		intval(local_user()),
 		intval(ABOOK_FLAG_SELF),
diff --git a/mod/settings.php b/mod/settings.php
index 6c31242f6..3e8134d5c 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -719,7 +719,7 @@ function settings_content(&$a) {
 		$channel = $a->get_channel();
 
 
-		global $global_perms;
+		$global_perms = get_perms();
 
 		$perms = perms_text();
 		$permiss = array();