aboutsummaryrefslogtreecommitdiffstats
path: root/boot.php
diff options
context:
space:
mode:
authorMike Macgirvin <mike@macgirvin.com>2010-10-21 04:53:43 -0700
committerMike Macgirvin <mike@macgirvin.com>2010-10-21 04:53:43 -0700
commit5edee3c4d1f84c07c1c54775072601188075a542 (patch)
treec3b8167923bbb4c77eee9a727b38b1c93ad3d26b /boot.php
parent39b19cd0890754c947414ed9eb6d688e12702e0d (diff)
downloadvolse-hubzilla-5edee3c4d1f84c07c1c54775072601188075a542.tar.gz
volse-hubzilla-5edee3c4d1f84c07c1c54775072601188075a542.tar.bz2
volse-hubzilla-5edee3c4d1f84c07c1c54775072601188075a542.zip
magic-envelope verification, status.net appears to do it wrong.
Ultimately we need to do it right (or why bother having a spec?), and fallback to doing it wrong if we're talking to a broken system - which ironically seems to include most of the federated social web projects.
Diffstat (limited to 'boot.php')
-rw-r--r--boot.php73
1 files changed, 56 insertions, 17 deletions
diff --git a/boot.php b/boot.php
index 8fec10afa..55c244e82 100644
--- a/boot.php
+++ b/boot.php
@@ -2,7 +2,7 @@
set_time_limit(0);
-define ( 'BUILD_ID', 1010 );
+define ( 'BUILD_ID', 1011 );
define ( 'DFRN_PROTOCOL_VERSION', '2.0' );
define ( 'EOL', "<br />\r\n" );
@@ -116,6 +116,7 @@ class App {
private $db;
private $curl_code;
+ private $curl_headers;
function __construct() {
@@ -204,6 +205,15 @@ class App {
return $this->curl_code;
}
+ function set_curl_headers($headers) {
+ $this->curl_headers = $headers;
+ }
+
+ function get_curl_headers() {
+ return $this->curl_headers;
+ }
+
+
}}
// retrieve the App structure
@@ -339,13 +349,12 @@ function t($s) {
// results.
if(! function_exists('fetch_url')) {
-function fetch_url($url,$binary = false) {
+function fetch_url($url,$binary = false, &$redirects = 0) {
$ch = curl_init($url);
- if(! $ch) return false;
+ if(($redirects > 8) || (! $ch))
+ return false;
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION,true);
- curl_setopt($ch, CURLOPT_MAXREDIRS,8);
+ curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
// by default we will allow self-signed certs
@@ -366,26 +375,41 @@ function fetch_url($url,$binary = false) {
curl_setopt($ch, CURLOPT_BINARYTRANSFER,1);
$s = curl_exec($ch);
- $info = curl_getinfo($ch);
+
+ $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+ $header = substr($s,0,strpos($s,"\r\n\r\n"));
+ if($http_code == 301 || $http_code == 302 || $http_code == 303) {
+ $matches = array();
+ preg_match('/(Location:|URI:)(.*?)\n/', $header, $matches);
+ $url = trim(array_pop($matches));
+ $url_parsed = parse_url($url);
+ if (isset($url_parsed)) {
+ $redirects++;
+ return fetch_url($url,$binary,$redirects);
+ }
+ }
$a = get_app();
- $a->set_curl_code($info['http_code']);
+ $a->set_curl_code($http_code);
+ $body = substr($s,strlen($header)+4);
+ $a->set_curl_headers($header);
+
curl_close($ch);
- return($s);
+ return($body);
}}
// post request to $url. $params is an array of post variables.
if(! function_exists('post_url')) {
-function post_url($url,$params) {
+function post_url($url,$params, &$redirects = 0) {
$ch = curl_init($url);
- if(! $ch) return false;
+ if(($redirects > 8) || (! $ch))
+ return false;
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION,true);
- curl_setopt($ch, CURLOPT_MAXREDIRS,8);
+ curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch, CURLOPT_POST,1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$params);
+
$check_cert = get_config('system','verifyssl');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
$prx = get_config('system','proxy');
@@ -398,11 +422,26 @@ function post_url($url,$params) {
}
$s = curl_exec($ch);
- $info = curl_getinfo($ch);
+
+ $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
+ $header = substr($s,0,strpos($s,"\r\n\r\n"));
+ if($http_code == 301 || $http_code == 302 || $http_code == 303) {
+ $matches = array();
+ preg_match('/(Location:|URI:)(.*?)\n/', $header, $matches);
+ $url = trim(array_pop($matches));
+ $url_parsed = parse_url($url);
+ if (isset($url_parsed)) {
+ $redirects++;
+ return post_url($url,$binary,$redirects);
+ }
+ }
$a = get_app();
- $a->set_curl_code($info['http_code']);
+ $a->set_curl_code($http_code);
+ $body = substr($s,strlen($header)+4);
+ $a->set_curl_headers($header);
+
curl_close($ch);
- return($s);
+ return($body);
}}
// random hash, 64 chars