1 files changed, 50 insertions, 31 deletions
diff --git a/Zotlabs/Lib/Libzot.php b/Zotlabs/Lib/Libzot.php
index e03f0173d..31b8f04de 100644
--- a/Zotlabs/Lib/Libzot.php
+++ b/Zotlabs/Lib/Libzot.php
@@ -266,7 +266,7 @@ class Libzot {
 					dbesc($them['xchan_addr'])
 				);
 			}
-			if (!$r) {
+			if (!$r && array_key_exists('xchan_hash', $them) && $them['xchan_hash']) {
 				$r = q("select hubloc_id_url, hubloc_primary from hubloc where hubloc_hash = '%s' order by hubloc_id desc",
 					dbesc($them['xchan_hash'])
 				);
@@ -275,8 +275,8 @@ class Libzot {
 			if ($r) {
 				foreach ($r as $rr) {
 					if (intval($rr['hubloc_primary'])) {
-						$url    = $rr['hubloc_id_url'];
-						$record = $rr;
+						$url = $rr['hubloc_id_url'];
+						break;
 					}
 				}
 				if (!$url) {
@@ -284,13 +284,17 @@ class Libzot {
 				}
 			}
 		}
+
 		if (!$url) {
 			logger('zot_refresh: no url');
 			return false;
 		}
 
+		$m = parse_url($url);
+		$site_url = unparse_url([ 'scheme' => $m['scheme'], 'host' => $m['host'] ]);
+
 		$s = q("select site_dead from site where site_url = '%s' limit 1",
-			dbesc($url)
+			dbesc($site_url)
 		);
 
 		if ($s && intval($s[0]['site_dead']) && (!$force)) {
@@ -299,25 +303,25 @@ class Libzot {
 		}
 
 		$record = Zotfinger::exec($url, $channel);
-		// Check the HTTP signature
 
+		// Check the HTTP signature
 		$hsig = $record['signature'];
-		if ($hsig && $hsig['signer'] === $url && $hsig['header_valid'] === true && $hsig['content_valid'] === true)
+		if ($hsig && $hsig['signer'] === $url && $hsig['header_valid'] === true && $hsig['content_valid'] === true) {
 			$hsig_valid = true;
+		}
 
 		if (!$hsig_valid) {
 			logger('http signature not valid: ' . print_r($hsig, true));
 			return false;
 		}
 
-
 		logger('zot-info: ' . print_r($record, true), LOGGER_DATA, LOG_DEBUG);
 
 		$x = self::import_xchan($record['data'], (($force) ? UPDATE_FLAGS_FORCED : UPDATE_FLAGS_UPDATED));
 
-
-		if (!$x['success'])
+		if (!$x['success']) {
 			return false;
+		}
 
 		if ($channel && $record['data']['permissions']) {
 			$permissions = explode(',', $record['data']['permissions']);
@@ -357,8 +361,9 @@ class Libzot {
 				// we have as we may have updated the year after sending a notification; and resetting
 				// to the one we just received would cause us to create duplicated events.
 
-				if (substr($r[0]['abook_dob'], 5) == substr($next_birthday, 5))
+				if (substr($r[0]['abook_dob'], 5) == substr($next_birthday, 5)) {
 					$next_birthday = $r[0]['abook_dob'];
+				}
 
 				$y = q("update abook set abook_dob = '%s'
 					where abook_xchan = '%s' and abook_channel = %d
@@ -368,17 +373,19 @@ class Libzot {
 					intval($channel['channel_id'])
 				);
 
-				if (!$y)
+				if (!$y) {
 					logger('abook update failed');
+				}
 				else {
 					// if we were just granted read stream permission and didn't have it before, try to pull in some posts
-					if ((!$old_read_stream_perm) && (intval($permissions['view_stream'])))
+					if (!$old_read_stream_perm && intval($permissions['view_stream'])) {
 						Master::Summon(['Onepoll', $r[0]['abook_id']]);
+					}
 				}
 			}
 			else {
 
-				$p        = Permissions::connect_perms($channel['channel_id']);
+				$p = Permissions::connect_perms($channel['channel_id']);
 				$my_perms = $p['perms'];
 
 				$automatic = $p['automatic'];
@@ -419,8 +426,10 @@ class Libzot {
 					);
 
 					if ($new_connection) {
-						if (!Permissions::PermsCompare($new_perms, $previous_perms))
+						if (!Permissions::PermsCompare($new_perms, $previous_perms)) {
 							Master::Summon(['Notifier', 'permission_create', $new_connection[0]['abook_id']]);
+						}
+
 						Enotify::submit(
 							[
 								'type'       => NOTIFY_INTRO,
@@ -432,40 +441,47 @@ class Libzot {
 
 						if (intval($permissions['view_stream'])) {
 							if (intval(get_pconfig($channel['channel_id'], 'perm_limits', 'send_stream') & PERMS_PENDING)
-								|| (!intval($new_connection[0]['abook_pending'])))
+								|| (!intval($new_connection[0]['abook_pending']))) {
 								Master::Summon(['Onepoll', $new_connection[0]['abook_id']]);
+							}
 						}
 
-
 						// If there is a default group for this channel, add this connection to it
-						// for pending connections this will happens at acceptance time.
+						// for pending connections this will happen at acceptance time.
 
 						if (!intval($new_connection[0]['abook_pending'])) {
 							$default_group = $channel['channel_default_group'];
+
 							if ($default_group) {
 								$g = Group::rec_byhash($channel['channel_id'], $default_group);
-								if ($g)
+
+								if ($g) {
 									Group::member_add($channel['channel_id'], '', $x['hash'], $g['id']);
+								}
 							}
 						}
 
 						unset($new_connection[0]['abook_id']);
 						unset($new_connection[0]['abook_account']);
 						unset($new_connection[0]['abook_channel']);
+
 						$abconfig = load_abconfig($channel['channel_id'], $new_connection['abook_xchan']);
-						if ($abconfig)
+
+						if ($abconfig) {
 							$new_connection['abconfig'] = $abconfig;
+						}
 
 						Libsync::build_sync_packet($channel['channel_id'], ['abook' => $new_connection]);
+
 					}
 				}
-
 			}
 			return true;
 		}
 		return false;
 	}
 
+
 	/**
 	 * @brief Look up if channel is known and previously verified.
 	 *
@@ -479,6 +495,7 @@ class Libzot {
 	 *  * \e string \b id_sig => id signed with conversant's private key
 	 *  * \e string \b location => URL of the origination hub of this communication
 	 *  * \e string \b location_sig => URL signed with conversant's private key
+	 *  * \e string \b site_id => URL signed with conversant's private key
 	 * @param boolean $multiple (optional) default false
 	 *
 	 * @return array|null
@@ -488,7 +505,7 @@ class Libzot {
 
 	static function gethub($arr, $multiple = false) {
 
-		if ($arr['id'] && $arr['id_sig'] && $arr['location'] && $arr['location_sig']) {
+		if ($arr['id'] && $arr['id_sig'] && $arr['location'] && $arr['location_sig'] && $arr['site_id']) {
 
 			if (!check_siteallowed($arr['location'])) {
 				logger('blacklisted site: ' . $arr['location']);
@@ -512,9 +529,9 @@ class Libzot {
 				logger('Found', LOGGER_DEBUG);
 				return (($multiple) ? $r : $r[0]);
 			}
+			logger('Not found: ' . print_r($arr, true), LOGGER_DEBUG);
 		}
-		logger('Not found: ' . print_r($arr, true), LOGGER_DEBUG);
-
+		logger('Incomplete array: ' . print_r($arr, true), LOGGER_DEBUG);
 		return false;
 	}
 
@@ -616,7 +633,6 @@ class Libzot {
 	 */
 
 	static function import_xchan($arr, $ud_flags = UPDATE_FLAGS_UPDATED, $ud_arr = null) {
-
 		/**
 		 * @hooks import_xchan
 		 *   Called when processing the result of zot_finger() to store the result
@@ -666,6 +682,7 @@ class Libzot {
 			$arr['connect_url'] = '';
 
 		if ($r) {
+
 			if ($arr['photo'] && array_key_exists('updated', $arr['photo']) && $arr['photo']['updated'] > $r[0]['xchan_photo_date'])
 				$import_photos = true;
 
@@ -1339,7 +1356,7 @@ class Libzot {
 
 	static function find_parent($env, $act) {
 		if ($act) {
-			if (in_array($act->type, ['Like', 'Dislike'])) {
+			if (in_array($act->type, ['Like', 'Dislike']) && is_array($act->obj)) {
 				return $act->obj['id'];
 			}
 			if ($act->parent_id) {
@@ -1469,10 +1486,11 @@ class Libzot {
 	 * @param boolean $relay
 	 * @param boolean $public (optional) default false
 	 * @param boolean $request (optional) default false
+	 * @param boolean $force (optional) default false - should only be set for manual fetch
 	 * @return array
 	 */
 
-	static function process_delivery($sender, $act, $arr, $deliveries, $relay, $public = false, $request = false) {
+	static function process_delivery($sender, $act, $arr, $deliveries, $relay, $public = false, $request = false, $force = false) {
 
 		$result = [];
 
@@ -1574,7 +1592,7 @@ class Libzot {
 
 			if ((!$tag_delivery) && (!$local_public)) {
 				$allowed = (perm_is_allowed($channel['channel_id'], $sender, $perm));
-				if (!$allowed) {
+				if ((!$allowed) && $perm === 'post_comments') {
 					$parent = q("select * from item where mid = '%s' and uid = %d limit 1",
 						dbesc($arr['parent_mid']),
 						intval($channel['channel_id'])
@@ -1600,7 +1618,7 @@ class Libzot {
 					// doesn't exist.
 
 					if ($perm === 'send_stream') {
-						if (get_pconfig($channel['channel_id'], 'system', 'hyperdrive', false) || $arr['verb'] === ACTIVITY_SHARE) {
+						if ($force || get_pconfig($channel['channel_id'], 'system', 'hyperdrive', false) || $arr['verb'] === ACTIVITY_SHARE) {
 							$allowed = true;
 						}
 					}
@@ -1875,7 +1893,7 @@ class Libzot {
 		return $result;
 	}
 
-	static public function fetch_conversation($channel, $mid) {
+	static public function fetch_conversation($channel, $mid, $force = false) {
 
 		// Use Zotfinger to create a signed request
 
@@ -1979,7 +1997,7 @@ class Libzot {
 			logger('FOF Activity received: ' . print_r($arr, true), LOGGER_DATA, LOG_DEBUG);
 			logger('FOF Activity recipient: ' . $channel['channel_hash'], LOGGER_DATA, LOG_DEBUG);
 
-			$result = self::process_delivery($arr['owner_xchan'], $AS, $arr, [$channel['channel_hash']], false, false, true);
+			$result = self::process_delivery($arr['owner_xchan'], $AS, $arr, [$channel['channel_hash']], false, false, true, $force);
 			if ($result) {
 				$ret = array_merge($ret, $result);
 			}
@@ -2880,8 +2898,9 @@ class Libzot {
 		if ($deleted)
 			$ret['deleted'] = $deleted;
 
-		if (intval($e['channel_removed']))
+		if (intval($e['channel_removed'])) {
 			$ret['deleted_locally'] = true;
+		}
 
 		// premium or other channel desiring some contact with potential followers before connecting.
 		// This is a template - %s will be replaced with the follow_url we discover for the return channel.