aboutsummaryrefslogtreecommitdiffstats
path: root/mod/item.php
diff options
context:
space:
mode:
authorFriendika <info@friendika.com>2011-08-28 19:22:27 -0700
committerFriendika <info@friendika.com>2011-08-28 19:22:27 -0700
commitf29f228463d35f574d6d285be0cf337b7d39c541 (patch)
treeaa7e977a25536397506c6c30f8e4d67eb85320d6 /mod/item.php
parent030dcbd467d5faf01e6f62b9cd9b1be6f8974dcc (diff)
downloadvolse-hubzilla-f29f228463d35f574d6d285be0cf337b7d39c541.tar.gz
volse-hubzilla-f29f228463d35f574d6d285be0cf337b7d39c541.tar.bz2
volse-hubzilla-f29f228463d35f574d6d285be0cf337b7d39c541.zip
bring Diaspora message signing back to the source author - whether they like it or not.
Diffstat (limited to 'mod/item.php')
-rw-r--r--mod/item.php29
1 files changed, 29 insertions, 0 deletions
diff --git a/mod/item.php b/mod/item.php
index ef0b232d5..dd42014eb 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -15,6 +15,8 @@
*
*/
+require_once('include/crypto.php');
+
function item_post(&$a) {
if((! local_user()) && (! remote_user()))
@@ -674,6 +676,27 @@ function item_post(&$a) {
pop_lang();
}
+
+ // We won't be able to sign Diaspora comments for authenticated visitors - we don't have their private key
+
+ if($self) {
+ require_once('include/bb2diaspora.php');
+ $signed_body = html_entity_decode(bb2diaspora($datarray['body']));
+ $myaddr = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
+ if($datarray['verb'] === ACTIVITY_LIKE)
+ $signed_text = $datarray['guid'] . ';' . 'Post' . ';' . $parent_item['guid'] . ';' . 'true' . ';' . $myaddr;
+ else
+ $signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr;
+
+ $authorsig = base64_encode(rsa_sign($signed_text,$a->user['prvkey'],'sha'));
+
+ q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
+ intval($post_id),
+ dbesc($signed_text),
+ dbesc(base64_encode($authorsig)),
+ dbesc($myaddr)
+ );
+ }
}
else {
$parent = $post_id;
@@ -799,6 +822,12 @@ function item_post(&$a) {
}
}
+
+
+
+
+
+
logger('post_complete');
// figure out how to return, depending on from whence we came