diff options
| author | Mike Macgirvin <mike@macgirvin.com> | 2010-10-05 19:56:09 -0700 |
|---|---|---|
| committer | Mike Macgirvin <mike@macgirvin.com> | 2010-10-05 19:56:09 -0700 |
| commit | 036964de4d86f0109ece00cc9394b2a044c06c1e (patch) | |
| tree | 33984d7f196e3e2ca04feeee786e36338883b814 | |
| parent | 1b3501899289fc6cdbb04a0a0b918e151b4fe853 (diff) | |
| download | volse-hubzilla-036964de4d86f0109ece00cc9394b2a044c06c1e.tar.gz volse-hubzilla-036964de4d86f0109ece00cc9394b2a044c06c1e.tar.bz2 volse-hubzilla-036964de4d86f0109ece00cc9394b2a044c06c1e.zip | |
friend acceptance sets up lots of important stuff, so we
need to be absolutely bulletproof when (not if) things go wrong.
| -rw-r--r-- | boot.php | 4 | ||||
| -rw-r--r-- | mod/dfrn_confirm.php | 33 |
2 files changed, 28 insertions, 9 deletions
@@ -248,7 +248,9 @@ function check_config(&$a) { // $s is the string requiring macro substitution. // $r is an array of key value pairs (search => replace) // returns substituted string. - +// WARNING: this is pretty basic, and doesn't properly handle search strings that are substrings of each other. +// For instance if 'test' => "foo" and 'testing' => "bar", testing could become either bar or fooing, +// depending on the order in which they were declared in the array. if(! function_exists('replace_macros')) { function replace_macros($s,$r) { diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index 43e28aef8..5d551355b 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -270,12 +270,30 @@ function dfrn_confirm_post(&$a) { $res = post_url($dfrn_confirm,$params); -// uncomment the following two lines and comment the following xml/status lines -// to debug the remote confirmation section (when both confirmations -// and responses originate on this system) + // Try to be robust if the remote site is having difficulty and throwing up + // errors of some kind. -// echo $res; -// $status = 0; + $leading_junk = substr($res,0,strpos($res,'<?xml')); + + $res = substr($res,strpos($res,'<?xml')); + if(! strlen($res)) { + + // No XML at all, this exchange is messed up really bad. + // We shouldn't proceed, because the xml parser might choke, + // and $status is going to be zero, which indicates success. + // We can hardly call this a success. + + notice( t('Response from remote site was not understood.') . EOL); + return; + } + + if(strlen($leading_junk) && get_config('system','debugging')) { + + // This might be more common. Mixed error text and some XML. + // If we're configured for debugging, show the text. Proceed in either case. + + notice( t('Unexpected response from remote site: ') . EOL . $leading_junk . EOL ); + } $xml = simplexml_load_string($res); $status = (int) $xml->status; @@ -284,9 +302,7 @@ function dfrn_confirm_post(&$a) { notice( t("Confirmation completed successfully") . EOL); break; case 1: - // birthday paradox - generate new dfrn-id and fall through. - $new_dfrn_id = random_string(); $r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", dbesc($new_dfrn_id), @@ -302,7 +318,7 @@ function dfrn_confirm_post(&$a) { case 3: notice( t("Introduction failed or was revoked. Cannot complete.") . EOL); break; - } + } if(($status == 0 || $status == 3) && ($intro_id)) { @@ -314,6 +330,7 @@ function dfrn_confirm_post(&$a) { ); } + if($status != 0) return; |