aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--boot.php18
-rw-r--r--htconfig.php5
-rw-r--r--include/items.php147
-rw-r--r--mod/dfrn_notify.php127
-rw-r--r--mod/dfrn_poll.php80
-rw-r--r--mod/network.php2
-rw-r--r--update.sql5
-rw-r--r--view/atom_feed.tpl1
8 files changed, 213 insertions, 172 deletions
diff --git a/boot.php b/boot.php
index 02c37a93f..1ecd6e677 100644
--- a/boot.php
+++ b/boot.php
@@ -33,6 +33,7 @@ class App {
private $scheme;
private $hostname;
private $path;
+ private $baseurl;
private $db;
function __construct() {
@@ -69,12 +70,20 @@ class App {
}
function get_baseurl($ssl = false) {
-
- return (($ssl) ? 'https' : $this->scheme) . "://" . $this->hostname
+ if(strlen($this->baseurl))
+ return $this->baseurl;
+
+ $this->baseurl = (($ssl) ? 'https' : $this->scheme) . "://" . $this->hostname
. ((isset($this->path) && strlen($this->path))
? '/' . $this->path : '' );
+ return $this->baseurl;
+ }
+
+ function set_baseurl($url) {
+ $this->baseurl = $url;
}
+
function set_path($p) {
$this->path = ltrim(trim($p),'/');
}
@@ -330,6 +339,11 @@ function notice($s) {
}}
+if(! function_exists('get_max_import_size')) {
+function get_max_import_size() {
+ global $a;
+ return ((x($a->config,'max_import_size')) ? $a->config['max_import_size'] : 0 );
+}}
if(! function_exists('xmlify')) {
function xmlify($str) {
diff --git a/htconfig.php b/htconfig.php
index cf52b396a..ef3855978 100644
--- a/htconfig.php
+++ b/htconfig.php
@@ -22,3 +22,8 @@ $a->config['sitename'] = "DFRN developer";
// first before you close it.
$a->config['register_policy'] = REGISTER_OPEN;
+
+
+// Maximum size of an imported message, 0 is unlimited.
+
+$a->config['max_import_size'] = 10000; \ No newline at end of file
diff --git a/include/items.php b/include/items.php
index d0ec64fb9..e6a78f9ec 100644
--- a/include/items.php
+++ b/include/items.php
@@ -7,6 +7,14 @@ function get_feed_for(&$a,$dfrn_id,$owner_id,$last_update) {
$sql_extra = " AND `allow_cid` = '' AND `allow_gid` = '' AND `deny_cid` = '' AND `deny_gid` = '' ";
+ if(strlen($owner_id) && ! intval($owner_id)) {
+ $r = q("SELECT `uid` FROM `user` WHERE `nickname` = '%s' LIMIT 1",
+ dbesc($owner_id)
+ );
+ if(count($r))
+ $owner_id = $r[0]['uid'];
+ }
+
$r = q("SELECT * FROM `contact` WHERE `self` = 1 AND `uid` = %d LIMIT 1",
intval($owner_id)
);
@@ -38,8 +46,8 @@ function get_feed_for(&$a,$dfrn_id,$owner_id,$last_update) {
AND ( `allow_gid` = '' OR `allow_gid` REGEXP '%s' )
AND ( `deny_gid` = '' OR NOT `deny_gid` REGEXP '%s') ",
- intval($_SESSION['visitor_id']),
- intval($_SESSION['visitor_id']),
+ intval($contact['id']),
+ intval($contact['id']),
dbesc($gs),
dbesc($gs)
);
@@ -58,7 +66,7 @@ function get_feed_for(&$a,$dfrn_id,$owner_id,$last_update) {
AND `item`.`type` != 'remote' AND `contact`.`blocked` = 0
AND `item`.`edited` > '%s'
$sql_extra
- ORDER BY `parent` DESC, `id` ASC LIMIT 0, 300",
+ ORDER BY `parent` ASC, `created` ASC LIMIT 0, 300",
intval($owner_id),
dbesc($check_date)
);
@@ -87,7 +95,7 @@ function get_feed_for(&$a,$dfrn_id,$owner_id,$last_update) {
foreach($items as $item) {
if($item['deleted']) {
$atom .= replace_macros($tomb_template, array(
- '$id' => xmlify(((strlen($item['remote-id'])) ? $item['remote-id'] : "urn:X-dfrn:$baseurl:{$owner['uid']}:{$item['hash']}")),
+ '$id' => xmlify(((strlen($item['remote-id'])) ? $item['remote-id'] : "urn:X-dfrn:" . $a->get_baseurl() . ":{$owner['uid']}:{$item['hash']}")),
'$updated' => xmlify(datetime_convert('UTC', 'UTC', $item['edited'] . '+00:00' , 'Y-m-d\TH:i:s\Z'))
));
}
@@ -101,7 +109,7 @@ function get_feed_for(&$a,$dfrn_id,$owner_id,$last_update) {
'$owner_name' => xmlify($item['owner-name']),
'$owner_profile_page' => xmlify($item['owner-link']),
'$owner_thumb' => xmlify($item['owner-avatar']),
- '$item_id' => xmlify(((strlen($item['remote-id'])) ? $item['remote-id'] : "urn:X-dfrn:$baseurl:{$owner['uid']}:{$item['hash']}")),
+ '$item_id' => xmlify(((strlen($item['remote-id'])) ? $item['remote-id'] : "urn:X-dfrn:" . $a->get_baseurl() . ":{$owner['uid']}:{$item['hash']}")),
'$title' => xmlify($item['name']),
'$published' => xmlify(datetime_convert('UTC', 'UTC', $item['created'] . '+00:00' , 'Y-m-d\TH:i:s\Z')),
'$updated' => xmlify(datetime_convert('UTC', 'UTC', $item['edited'] . '+00:00' , 'Y-m-d\TH:i:s\Z')),
@@ -114,20 +122,141 @@ function get_feed_for(&$a,$dfrn_id,$owner_id,$last_update) {
'$name' => xmlify($item['name']),
'$profile_page' => xmlify($item['url']),
'$thumb' => xmlify($item['thumb']),
- '$item_id' => xmlify(((strlen($item['remote-id'])) ? $item['remote-id'] : "urn:X-dfrn:$baseurl:{$owner['uid']}:{$item['hash']}")),
+ '$item_id' => xmlify(((strlen($item['remote-id'])) ? $item['remote-id'] : "urn:X-dfrn:" . $a->get_baseurl() . ":{$owner['uid']}:{$item['hash']}")),
'$title' => xmlify($item['title']),
'$published' => xmlify(datetime_convert('UTC', 'UTC', $item['created'] . '+00:00' , 'Y-m-d\TH:i:s\Z')),
'$updated' => xmlify(datetime_convert('UTC', 'UTC', $item['edited'] . '+00:00' , 'Y-m-d\TH:i:s\Z')),
'$content' =>xmlify($item['body']),
- '$parent_id' => xmlify("urn:X-dfrn:$baseurl:{$owner['uid']}:{$items[0]['hash']}"),
+
+ // ......this is wrong!!!!
+ '$parent_id' => xmlify("urn:X-dfrn:" . $a->get_baseurl() . ":{$owner['uid']}:{$items[0]['hash']}"),
'$comment_allow' => (($item['last-child']) ? 1 : 0)
));
}
}
}
-
$atom .= "</feed>\r\n";
return $atom;
-} \ No newline at end of file
+}
+
+
+
+
+function get_atom_elements($item) {
+
+ $res = array();
+
+ $author = $item->get_author();
+ $res['remote-name'] = unxmlify($author->get_name());
+ $res['remote-link'] = unxmlify($author->get_link());
+ $res['remote-avatar'] = unxmlify($author->get_avatar());
+ $res['remote-id'] = unxmlify($item->get_id());
+ $res['title'] = unxmlify($item->get_title());
+ $res['body'] = unxmlify($item->get_content());
+
+ $maxlen = get_max_import_size();
+ if($maxlen && (strlen($res['body']) > $maxlen))
+ $res['body'] = substr($res['body'],0, $maxlen);
+
+ $allow = $item->get_item_tags('http://purl.org/macgirvin/dfrn/1.0','comment-allow');
+ if($allow && $allow[0]['data'] == 1)
+ $res['last-child'] = 1;
+ else
+ $res['last-child'] = 0;
+
+ $rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'published');
+ if($rawcreated)
+ $res['created'] = unxmlify($rawcreated[0]['data']);
+
+ $rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'updated');
+ if($rawedited)
+ $res['edited'] = unxmlify($rawcreated[0]['data']);
+
+ $rawowner = $item->get_item_tags('http://purl.org/macgirvin/dfrn/1.0', 'owner');
+ if($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['name'][0]['data'])
+ $res['owner-name'] = unxmlify($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['name'][0]['data']);
+ if($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['uri'][0]['data'])
+ $res['owner-link'] = unxmlify($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['uri'][0]['data']);
+ if($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['avatar'][0]['data'])
+ $res['owner-avatar'] = unxmlify($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['avatar'][0]['data']);
+
+ return $res;
+}
+
+function post_remote($a,$arr) {
+
+ $arr['hash'] = random_string();
+ if(! x($arr,'type'))
+ $arr['type'] = 'remote';
+ $arr['remote-name'] = notags(trim($arr['remote-name']));
+ $arr['remote-link'] = notags(trim($arr['remote-link']));
+ $arr['remote-avatar'] = notags(trim($arr['remote-avatar']));
+ $arr['owner-name'] = notags(trim($arr['owner-name']));
+ $arr['owner-link'] = notags(trim($arr['owner-link']));
+ $arr['owner-avatar'] = notags(trim($arr['owner-avatar']));
+ if(! strlen($arr['remote-avatar']))
+ $arr['remote-avatar'] = $a->get_baseurl() . '/images/default-profile-sm.jpg';
+ if(! strlen($arr['owner-avatar']))
+ $arr['owner-avatar'] = $a->get_baseurl() . '/images/default-profile-sm.jpg';
+ $arr['created'] = datetime_convert('UTC','UTC',$arr['created'],'Y-m-d H:i:s');
+ $arr['edited'] = datetime_convert('UTC','UTC',$arr['edited'],'Y-m-d H:i:s');
+ $arr['title'] = notags(trim($arr['title']));
+ $arr['body'] = escape_tags(trim($arr['body']));
+ $arr['last-child'] = intval($arr['last-child']);
+ $arr['visible'] = 1;
+ $arr['deleted'] = 0;
+
+ $local_parent = false;
+
+ if(isset($arr['parent_hash'])) {
+ $local_parent = true;
+ $parent = $arr['parent_hash'];
+ unset($arr['parent_hash']);
+ }
+ else {
+ $parent = $arr['parent_urn'];
+ unset($arr['parent_urn']);
+ }
+
+ $parent_id = 0;
+
+ dbesc_array($arr);
+dbg(3);
+ $r = q("INSERT INTO `item` (`"
+ . implode("`, `", array_keys($arr))
+ . "`) VALUES ('"
+ . implode("', '", array_values($arr))
+ . "')" );
+
+ if($local_parent) {
+ $r = q("SELECT `id` FROM `item` WHERE `hash` = '%s' AND `uid` = %d LIMIT 1",
+ dbesc($parent),
+ intval($arr['uid'])
+ );
+ }
+ else {
+ $r = q("SELECT `id` FROM `item` WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
+ dbesc($parent),
+ intval($arr['uid'])
+ );
+ }
+ if(count($r))
+ $parent_id = $r[0]['id'];
+
+
+ $r = q("SELECT `id` FROM `item` WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
+ $arr['remote-id'],
+ intval($arr['uid'])
+ );
+ if(count($r))
+ $current_post = $r[0]['id'];
+
+ $r = q("UPDATE `item` SET `parent` = %d WHERE `id` = %d LIMIT 1",
+ intval($parent_id),
+ intval($current_post)
+ );
+
+ return $current_post;
+}
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index f81eb9cfb..ed2222d6a 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -1,126 +1,9 @@
<?php
require_once('simplepie/simplepie.inc');
+require_once('include/items.php');
-function get_atom_elements($item) {
-
- $res = array();
-
- $author = $item->get_author();
- $res['remote-name'] = unxmlify($author->get_name());
- $res['remote-link'] = unxmlify($author->get_link());
- $res['remote-avatar'] = unxmlify($author->get_avatar());
- $res['remote-id'] = unxmlify($item->get_id());
- $res['title'] = unxmlify($item->get_title());
- $res['body'] = unxmlify($item->get_content());
-
- if(strlen($res['body']) > 100000)
- $res['body'] = substr($res['body'],0,10000) . "\r\n[Extremely large post truncated.]\r\n" ;
-
- $allow = $item->get_item_tags('http://purl.org/macgirvin/dfrn/1.0','comment-allow');
- if($allow && $allow[0]['data'] == 1)
- $res['last-child'] = 1;
- else
- $res['last-child'] = 0;
-
- $rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'published');
- if($rawcreated)
- $res['created'] = unxmlify($rawcreated[0]['data']);
-
- $rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10,'updated');
- if($rawedited)
- $res['edited'] = unxmlify($rawcreated[0]['data']);
-
- $rawowner = $item->get_item_tags('http://purl.org/macgirvin/dfrn/1.0', 'owner');
- if($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['name'][0]['data'])
- $res['owner-name'] = unxmlify($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['name'][0]['data']);
- if($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['uri'][0]['data'])
- $res['owner-link'] = unxmlify($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['uri'][0]['data']);
- if($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['avatar'][0]['data'])
- $res['owner-avatar'] = unxmlify($rawowner[0]['child']['http://purl.org/macgirvin/dfrn/1.0']['avatar'][0]['data']);
-
-
- return $res;
-
-}
-
-function post_remote($a,$arr) {
-
- $arr['hash'] = random_string();
- if(! x($arr,'type'))
- $arr['type'] = 'remote';
- $arr['remote-name'] = notags(trim($arr['remote-name']));
- $arr['remote-link'] = notags(trim($arr['remote-link']));
- $arr['remote-avatar'] = notags(trim($arr['remote-avatar']));
- $arr['owner-name'] = notags(trim($arr['owner-name']));
- $arr['owner-link'] = notags(trim($arr['owner-link']));
- $arr['owner-avatar'] = notags(trim($arr['owner-avatar']));
- if(! strlen($arr['remote-avatar']))
- $arr['remote-avatar'] = $a->get_baseurl() . '/images/default-profile-sm.jpg';
- if(! strlen($arr['owner-avatar']))
- $arr['owner-avatar'] = $a->get_baseurl() . '/images/default-profile-sm.jpg';
- $arr['created'] = datetime_convert('UTC','UTC',$arr['created'],'Y-m-d H:i:s');
- $arr['edited'] = datetime_convert('UTC','UTC',$arr['edited'],'Y-m-d H:i:s');
- $arr['title'] = notags(trim($arr['title']));
- $arr['body'] = escape_tags(trim($arr['body']));
- $arr['last-child'] = intval($arr['last-child']);
- $arr['visible'] = 1;
- $arr['deleted'] = 0;
-
- $local_parent = false;
-
- if(isset($arr['parent_hash'])) {
- $local_parent = true;
- $parent = $arr['parent_hash'];
- unset($arr['parent_hash']);
- }
- else {
- $parent = $arr['parent_urn'];
- unset($arr['parent_urn']);
- }
-
- $parent_id = 0;
-
- dbesc_array($arr);
-dbg(3);
- $r = q("INSERT INTO `item` (`"
- . implode("`, `", array_keys($arr))
- . "`) VALUES ('"
- . implode("', '", array_values($arr))
- . "')" );
-
- if($local_parent) {
- $r = q("SELECT `id` FROM `item` WHERE `hash` = '%s' AND `uid` = %d LIMIT 1",
- dbesc($parent),
- intval($arr['uid'])
- );
- }
- else {
- $r = q("SELECT `id` FROM `item` WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
- dbesc($parent),
- intval($arr['uid'])
- );
- }
- if(count($r))
- $parent_id = $r[0]['id'];
-
-
- $r = q("SELECT `id` FROM `item` WHERE `remote-id` = '%s' AND `uid` = %d LIMIT 1",
- $arr['remote-id'],
- intval($arr['uid'])
- );
- if(count($r))
- $current_post = $r[0]['id'];
-
- $r = q("UPDATE `item` SET `parent` = %d WHERE `id` = %d LIMIT 1",
- intval($parent_id),
- intval($current_post)
- );
-
- return $current_post;
-}
-
function dfrn_notify_post(&$a) {
dbg(3);
$dfrn_id = notags(trim($_POST['dfrn_id']));
@@ -276,14 +159,6 @@ dbg(3);
}
-
-
-
-
-
-
-
-
function dfrn_notify_content(&$a) {
if(x($_GET,'dfrn_id')) {
diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php
index ae3dc892d..6b4c50ad2 100644
--- a/mod/dfrn_poll.php
+++ b/mod/dfrn_poll.php
@@ -1,6 +1,8 @@
<?php
require_once('include/items.php');
+require_once('include/auth.php');
+
function dfrn_poll_init(&$a) {
@@ -63,37 +65,6 @@ function dfrn_poll_init(&$a) {
}
- if($dfrn_id != '*') {
- // initial communication from external contact
- $hash = random_string();
-
- $status = 0;
-
- $r = q("DELETE FROM `challenge` WHERE `expire` < " . intval(time()));
-
- $r = q("INSERT INTO `challenge` ( `challenge`, `dfrn-id`, `expire` , `type`, `last_update` )
- VALUES( '%s', '%s', '%s', '%s', '%s' ) ",
- dbesc($hash),
- dbesc(notags(trim($_GET['dfrn_id']))),
- intval(time() + 60 ),
- dbesc($type),
- dbesc($last_update)
- );
-
- $r = q("SELECT * FROM `contact` WHERE `issued-id` = '%s' AND `blocked` = 0 LIMIT 1",
- dbesc($_GET['dfrn_id']));
- if((! count($r)) || (! strlen($r[0]['prvkey'])))
- $status = 1;
-
- $challenge = '';
-
- openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
- $challenge = bin2hex($challenge);
- echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_poll><status>' .$status . '</status><dfrn_id>' . $_GET['dfrn_id'] . '</dfrn_id>'
- . '<challenge>' . $challenge . '</challenge></dfrn_poll>' . "\r\n" ;
- session_write_close();
- exit;
- }
}
@@ -103,6 +74,7 @@ function dfrn_poll_post(&$a) {
$dfrn_id = notags(trim($_POST['dfrn_id']));
$challenge = notags(trim($_POST['challenge']));
$url = $_POST['url'];
+
$r = q("SELECT * FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
dbesc($dfrn_id),
dbesc($challenge)
@@ -166,6 +138,52 @@ function dfrn_poll_post(&$a) {
}
}
+function dfrn_poll_content(&$a) {
+
+ if(x($_GET,'dfrn_id'))
+ $dfrn_id = $a->config['dfrn_poll_dfrn_id'] = $_GET['dfrn_id'];
+ if(x($_GET,'type'))
+ $type = $a->config['dfrn_poll_type'] = $_GET['type'];
+ if(x($_GET,'last_update'))
+ $last_update = $a->config['dfrn_poll_last_update'] = $_GET['last_update'];
+
+
+ if($dfrn_id != '*') {
+ // initial communication from external contact
+ $hash = random_string();
+
+ $status = 0;
+
+ $r = q("DELETE FROM `challenge` WHERE `expire` < " . intval(time()));
+
+ $r = q("INSERT INTO `challenge` ( `challenge`, `dfrn-id`, `expire` , `type`, `last_update` )
+ VALUES( '%s', '%s', '%s', '%s', '%s' ) ",
+ dbesc($hash),
+ dbesc(notags(trim($_GET['dfrn_id']))),
+ intval(time() + 60 ),
+ dbesc($type),
+ dbesc($last_update)
+ );
+ $r = q("SELECT * FROM `contact` WHERE `issued-id` = '%s' AND `blocked` = 0 LIMIT 1",
+ dbesc($_GET['dfrn_id']));
+ if((! count($r)) || (! strlen($r[0]['prvkey'])))
+ $status = 1;
+
+ $challenge = '';
+
+ openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
+ $challenge = bin2hex($challenge);
+ echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_poll><status>' .$status . '</status><dfrn_id>' . $_GET['dfrn_id'] . '</dfrn_id>'
+ . '<challenge>' . $challenge . '</challenge></dfrn_poll>' . "\r\n" ;
+ session_write_close();
+ exit;
+ }
+
+
+
+
+
+}
diff --git a/mod/network.php b/mod/network.php
index 94ea065e9..aa662c79c 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -56,7 +56,7 @@ function network_content(&$a) {
WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0
AND `contact`.`blocked` = 0
$sql_extra
- ORDER BY `parent` DESC, `id` ASC LIMIT %d ,%d ",
+ ORDER BY `parent` DESC, `created` ASC LIMIT %d ,%d ",
intval($_SESSION['uid']),
intval($a->pager['start']),
intval($a->pager['itemspage'])
diff --git a/update.sql b/update.sql
index be6a6a36c..a576adb88 100644
--- a/update.sql
+++ b/update.sql
@@ -15,8 +15,7 @@ ADD `owner-avatar` CHAR( 255 ) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NU
ALTER TABLE `user` ADD `pwdreset` CHAR( 255 ) NOT NULL AFTER `blocked` ;
- ALTER TABLE `challenge` ADD `cmd` CHAR( 255 ) NOT NULL AFTER `expire` ,
-ADD `url` CHAR( 255 ) NOT NULL AFTER `cmd` ,
-ADD `last_update` CHAR( 255 ) NOT NULL AFTER `url` ;
+ ALTER TABLE `challenge` ADD `type` CHAR( 255 ) NOT NULL AFTER `expire` ,
+ADD `last_update` CHAR( 255 ) NOT NULL AFTER `type` ;
ALTER TABLE `contact` ADD `last-update` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00' AFTER `ret-pubkey` ;
diff --git a/view/atom_feed.tpl b/view/atom_feed.tpl
index c283ad8f7..00ac6c406 100644
--- a/view/atom_feed.tpl
+++ b/view/atom_feed.tpl
@@ -1,3 +1,4 @@
+<?xml version="1.0" encoding="utf-8" ?>
<feed xmlns="http://www.w3.org/2005/Atom"
xmlns:thr="http://purl.org/syndication/thread/1.0"
xmlns:at="http://purl.org/atompub/tombstones/1.0"