diff options
Diffstat (limited to 'include/network.php')
-rw-r--r-- | include/network.php | 764 |
1 files changed, 162 insertions, 602 deletions
diff --git a/include/network.php b/include/network.php index 321eb375f..03faf9957 100644 --- a/include/network.php +++ b/include/network.php @@ -1,195 +1,33 @@ -<?php +<?php /** @file */ -// curl wrapper. If binary flag is true, return binary -// results. -if(! function_exists('fetch_url')) { -function fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accept_content=Null) { - - $a = get_app(); - - $ch = @curl_init($url); - if(($redirects > 8) || (! $ch)) - return false; - - @curl_setopt($ch, CURLOPT_HEADER, true); - - if (!is_null($accept_content)){ - curl_setopt($ch,CURLOPT_HTTPHEADER, array ( - "Accept: " . $accept_content - )); - } - - @curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); - //@curl_setopt($ch, CURLOPT_USERAGENT, "Friendica"); - @curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; Friendica)"); - - - if(intval($timeout)) { - @curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); - } - else { - $curl_time = intval(get_config('system','curl_timeout')); - @curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60)); - } - // by default we will allow self-signed certs - // but you can override this - - $check_cert = get_config('system','verifyssl'); - @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false)); - - $prx = get_config('system','proxy'); - if(strlen($prx)) { - @curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1); - @curl_setopt($ch, CURLOPT_PROXY, $prx); - $prxusr = @get_config('system','proxyuser'); - if(strlen($prxusr)) - @curl_setopt($ch, CURLOPT_PROXYUSERPWD, $prxusr); - } - if($binary) - @curl_setopt($ch, CURLOPT_BINARYTRANSFER,1); - - $a->set_curl_code(0); - - // don't let curl abort the entire application - // if it throws any errors. - - $s = @curl_exec($ch); - - $base = $s; - $curl_info = @curl_getinfo($ch); - $http_code = $curl_info['http_code']; -// logger('fetch_url:' . $http_code . ' data: ' . $s); - $header = ''; - - // Pull out multiple headers, e.g. proxy and continuation headers - // allow for HTTP/2.x without fixing code - - while(preg_match('/^HTTP\/[1-2].+? [1-5][0-9][0-9]/',$base)) { - $chunk = substr($base,0,strpos($base,"\r\n\r\n")+4); - $header .= $chunk; - $base = substr($base,strlen($chunk)); - } - - if($http_code == 301 || $http_code == 302 || $http_code == 303 || $http_code == 307 || $http_code == 308) { - $matches = array(); - preg_match('/(Location:|URI:)(.*?)\n/', $header, $matches); - $newurl = trim(array_pop($matches)); - if(strpos($newurl,'/') === 0) - $newurl = $url . $newurl; - $url_parsed = @parse_url($newurl); - if (isset($url_parsed)) { - $redirects++; - @curl_close($ch); - return fetch_url($newurl,$binary,$redirects,$timeout); - } - } - - $a->set_curl_code($http_code); - - $body = substr($s,strlen($header)); - $a->set_curl_headers($header); - @curl_close($ch); - return($body); -}} - -// post request to $url. $params is an array of post variables. - -if(! function_exists('post_url')) { -function post_url($url,$params, $headers = null, &$redirects = 0, $timeout = 0) { - $a = get_app(); - $ch = curl_init($url); - if(($redirects > 8) || (! $ch)) - return false; - - curl_setopt($ch, CURLOPT_HEADER, true); - curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); - curl_setopt($ch, CURLOPT_POST,1); - curl_setopt($ch, CURLOPT_POSTFIELDS,$params); - curl_setopt($ch, CURLOPT_USERAGENT, "Friendica"); - - if(intval($timeout)) { - curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); - } - else { - $curl_time = intval(get_config('system','curl_timeout')); - curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60)); - } - - if(defined('LIGHTTPD')) { - if(!is_array($headers)) { - $headers = array('Expect:'); - } else { - if(!in_array('Expect:', $headers)) { - array_push($headers, 'Expect:'); - } - } - } - if($headers) - curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); - - $check_cert = get_config('system','verifyssl'); - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false)); - $prx = get_config('system','proxy'); - if(strlen($prx)) { - curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1); - curl_setopt($ch, CURLOPT_PROXY, $prx); - $prxusr = get_config('system','proxyuser'); - if(strlen($prxusr)) - curl_setopt($ch, CURLOPT_PROXYUSERPWD, $prxusr); - } - - $a->set_curl_code(0); - - // don't let curl abort the entire application - // if it throws any errors. - - $s = @curl_exec($ch); - - $base = $s; - $curl_info = curl_getinfo($ch); - $http_code = $curl_info['http_code']; - - $header = ''; - - // Pull out multiple headers, e.g. proxy and continuation headers - // allow for HTTP/2.x without fixing code - - while(preg_match('/^HTTP\/[1-2].+? [1-5][0-9][0-9]/',$base)) { - $chunk = substr($base,0,strpos($base,"\r\n\r\n")+4); - $header .= $chunk; - $base = substr($base,strlen($chunk)); - } - - if($http_code == 301 || $http_code == 302 || $http_code == 303 || $http_code == 307 || $http_code == 308) { - $matches = array(); - preg_match('/(Location:|URI:)(.*?)\n/', $header, $matches); - $newurl = trim(array_pop($matches)); - if(strpos($newurl,'/') === 0) - $newurl = $url . $newurl; - $url_parsed = @parse_url($newurl); - if (isset($url_parsed)) { - $redirects++; - @curl_close($ch); - if($http_code == 303) { - return fetch_url($newurl,false,$redirects,$timeout); - } else { - return post_url($newurl,$params,$redirects,$timeout); - } - } - } - $a->set_curl_code($http_code); - $body = substr($s,strlen($header)); - - $a->set_curl_headers($header); - - curl_close($ch); - return($body); -}} +function get_capath() { + return appdirpath() . '/library/cacert.pem'; +} -if(! function_exists('z_fetch_url')) { -function z_fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accept_content=Null) { +/** + * @function z_fetch_url + * @param string $url + * URL to fetch + * @param boolean $binary = false + * TRUE if asked to return binary results (file download) + * @param int $redirects = 0 + * internal use, recursion counter + * @param array $opts (optional parameters) + * 'accept_content' => supply Accept: header with 'accept_content' as the value + * 'timeout' => int seconds, default system config value or 60 seconds + * 'http_auth' => username:password + * 'novalidate' => do not validate SSL certs, default is to validate using our CA list + * + * @returns array + * 'return_code' => HTTP return code or 0 if timeout or failure + * 'success' => boolean true (if HTTP 2xx result) or false + * 'header' => HTTP headers + * 'body' => fetched content + */ + +function z_fetch_url($url, $binary = false, $redirects = 0, $opts = array()) { $ret = array('return_code' => 0, 'success' => false, 'header' => "", 'body' => ""); @@ -200,26 +38,37 @@ function z_fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accep return false; @curl_setopt($ch, CURLOPT_HEADER, true); + @curl_setopt($ch, CURLOPT_CAINFO, get_capath()); + @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); + @curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); + @curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; Red)"); - if (!is_null($accept_content)){ - curl_setopt($ch,CURLOPT_HTTPHEADER, array ( - "Accept: " . $accept_content + $ciphers = @get_config('system','curl_ssl_ciphers'); + if($ciphers) + @curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, $ciphers); + + if (x($opts,'accept_content')){ + @curl_setopt($ch,CURLOPT_HTTPHEADER, array ( + "Accept: " . $opts['accept_content'] )); } - @curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); - @curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible; Friendica Red)"); - - - if(intval($timeout)) { - @curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); + if(x($opts,'timeout') && intval($opts['timeout'])) { + @curl_setopt($ch, CURLOPT_TIMEOUT, $opts['timeout']); } else { $curl_time = intval(get_config('system','curl_timeout')); @curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60)); } - @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); + if(x($opts,'http_auth')) { + // "username" . ':' . "password" + @curl_setopt($ch, CURLOPT_USERPWD, $opts['http_auth']); + } + + @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, + ((x($opts,'novalidate') && intval($opts['novalidate'])) ? false : true)); + $prx = get_config('system','proxy'); if(strlen($prx)) { @@ -233,7 +82,7 @@ function z_fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accep @curl_setopt($ch, CURLOPT_BINARYTRANSFER,1); - // don't let curl abort the entire application + // don't let curl abort the entire application' // if it throws any errors. $s = @curl_exec($ch); @@ -241,7 +90,7 @@ function z_fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accep $base = $s; $curl_info = @curl_getinfo($ch); $http_code = $curl_info['http_code']; -// logger('fetch_url:' . $http_code . ' data: ' . $s); + //logger('fetch_url:' . $http_code . ' data: ' . $s); $header = ''; // Pull out multiple headers, e.g. proxy and continuation headers @@ -261,68 +110,81 @@ function z_fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0, $accep $newurl = $url . $newurl; $url_parsed = @parse_url($newurl); if (isset($url_parsed)) { - $redirects++; @curl_close($ch); - return z_fetch_url($newurl,$binary,$redirects,$timeout,$accpt_content); + return z_fetch_url($newurl,$binary,$redirects++,$opts); } } $rc = intval($http_code); $ret['return_code'] = $rc; $ret['success'] = (($rc >= 200 && $rc <= 299) ? true : false); + if(! $ret['success']) { + $ret['error'] = curl_error($ch); + $ret['debug'] = $curl_info; + logger('z_fetch_url: error: ' . $url . ': ' . $ret['error'], LOGGER_DEBUG); + logger('z_fetch_url: debug: ' . print_r($curl_info,true), LOGGER_DATA); + } $ret['body'] = substr($s,strlen($header)); $ret['header'] = $header; + @curl_close($ch); return($ret); -}} +} -if(! function_exists('z_post_url')) { -function z_post_url($url,$params, $headers = null, &$redirects = 0, $timeout = 0) { +function z_post_url($url,$params, $redirects = 0, $opts = array()) { + $ret = array('return_code' => 0, 'success' => false, 'header' => "", 'body' => ""); $ch = curl_init($url); if(($redirects > 8) || (! $ch)) return ret; - curl_setopt($ch, CURLOPT_HEADER, true); - curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); - curl_setopt($ch, CURLOPT_POST,1); - curl_setopt($ch, CURLOPT_POSTFIELDS,$params); - curl_setopt($ch, CURLOPT_USERAGENT, "Friendica"); + @curl_setopt($ch, CURLOPT_HEADER, true); + @curl_setopt($ch, CURLOPT_CAINFO, get_capath()); + @curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); + @curl_setopt($ch, CURLOPT_POST,1); + @curl_setopt($ch, CURLOPT_POSTFIELDS,$params); + @curl_setopt($ch, CURLOPT_USERAGENT, "Red"); - if(intval($timeout)) { - curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); + $ciphers = @get_config('system','curl_ssl_ciphers'); + if($ciphers) + @curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, $ciphers); + + + if (x($opts,'accept_content')){ + @curl_setopt($ch,CURLOPT_HTTPHEADER, array ( + "Accept: " . $opts['accept_content'] + )); + } + if(x($opts,'headers')) + @curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['headers']); + + if(x($opts,'timeout') && intval($opts['timeout'])) { + @curl_setopt($ch, CURLOPT_TIMEOUT, $opts['timeout']); } else { $curl_time = intval(get_config('system','curl_timeout')); - curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60)); + @curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60)); } - if(defined('LIGHTTPD')) { - if(!is_array($headers)) { - $headers = array('Expect:'); - } else { - if(!in_array('Expect:', $headers)) { - array_push($headers, 'Expect:'); - } - } + if(x($opts,'http_auth')) { + // "username" . ':' . "password" + @curl_setopt($ch, CURLOPT_USERPWD, $opts['http_auth']); } - if($headers) - curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); - - curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); + @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, + ((x($opts,'novalidate') && intval($opts['novalidate'])) ? false : true)); $prx = get_config('system','proxy'); if(strlen($prx)) { - curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1); - curl_setopt($ch, CURLOPT_PROXY, $prx); + @curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1); + @curl_setopt($ch, CURLOPT_PROXY, $prx); $prxusr = get_config('system','proxyuser'); if(strlen($prxusr)) - curl_setopt($ch, CURLOPT_PROXYUSERPWD, $prxusr); + @curl_setopt($ch, CURLOPT_PROXYUSERPWD, $prxusr); } // don't let curl abort the entire application @@ -331,7 +193,7 @@ function z_post_url($url,$params, $headers = null, &$redirects = 0, $timeout = 0 $s = @curl_exec($ch); $base = $s; - $curl_info = curl_getinfo($ch); + $curl_info = @curl_getinfo($ch); $http_code = $curl_info['http_code']; $header = ''; @@ -353,23 +215,29 @@ function z_post_url($url,$params, $headers = null, &$redirects = 0, $timeout = 0 $newurl = $url . $newurl; $url_parsed = @parse_url($newurl); if (isset($url_parsed)) { - $redirects++; curl_close($ch); if($http_code == 303) { - return z_fetch_url($newurl,false,$headers,$redirects,$timeout); + return z_fetch_url($newurl,false,$redirects++,$opts); } else { - return z_post_url($newurl,$params,$headers,$redirects,$timeout); + return z_post_url($newurl,$params,$redirects++,$opts); } } } $rc = intval($http_code); $ret['return_code'] = $rc; $ret['success'] = (($rc >= 200 && $rc <= 299) ? true : false); + if(! $ret['success']) { + $ret['error'] = curl_error($ch); + $ret['debug'] = $curl_info; + logger('z_post_url: error: ' . $url . ': ' . $ret['error'], LOGGER_DEBUG); + logger('z_post_url: debug: ' . print_r($curl_info,true), LOGGER_DATA); + } + $ret['body'] = substr($s,strlen($header)); $ret['header'] = $header; curl_close($ch); return($ret); -}} +} @@ -385,7 +253,7 @@ function json_return_and_die($x) { // Outputs a basic dfrn XML status structure to STDOUT, with a <status> variable // of $st and an optional text <message> of $message and terminates the current process. -if(! function_exists('xml_status')) { + function xml_status($st, $message = '') { $xml_message = ((strlen($message)) ? "\t<message>" . xmlify($message) . "</message>\r\n" : ''); @@ -397,29 +265,37 @@ function xml_status($st, $message = '') { echo '<?xml version="1.0" encoding="UTF-8"?>'."\r\n"; echo "<result>\r\n\t<status>$st</status>\r\n$xml_message</result>\r\n"; killme(); -}} - +} -if(! function_exists('http_status_exit')) { -function http_status_exit($val) { +/** + * @function http_status_exit + * + * Send HTTP status header and exit + * @param int $val + * integer HTTP status result value + * @param string $msg + * optional message + * @returns (does not return, process is terminated) + */ + +function http_status_exit($val,$msg = '') { $err = ''; if($val >= 400) - $err = 'Error'; + $msg = (($msg) ? $msg : 'Error'); if($val >= 200 && $val < 300) - $err = 'OK'; + $msg = (($msg) ? $msg : 'OK'); - logger('http_status_exit ' . $val); - header($_SERVER["SERVER_PROTOCOL"] . ' ' . $val . ' ' . $err); + logger('http_status_exit ' . $val . ' ' . $msg); + header($_SERVER['SERVER_PROTOCOL'] . ' ' . $val . ' ' . $msg); killme(); - -}} +} // convert an XML document to a normalised, case-corrected array // used by webfinger -if(! function_exists('convert_xml_element_to_array')) { + function convert_xml_element_to_array($xml_element, &$recursion_depth=0) { // If we're getting too deep, bail out @@ -459,7 +335,7 @@ function convert_xml_element_to_array($xml_element, &$recursion_depth=0) { } else { return (trim(strval($xml_element))); } -}} +} // Given an email style address, perform webfinger lookup and // return the resulting DFRN profile URL, or if no DFRN profile URL @@ -473,7 +349,7 @@ function convert_xml_element_to_array($xml_element, &$recursion_depth=0) { // amended 7/9/2011 to return an hcard which could save potentially loading // a lengthy content page to scrape dfrn attributes -if(! function_exists('webfinger_dfrn')) { + function webfinger_dfrn($s,&$hcard) { if(! strstr($s,'@')) { return $s; @@ -493,14 +369,14 @@ function webfinger_dfrn($s,&$hcard) { } } return $profile_link; -}} +} // Given an email style address, perform webfinger lookup and // return the array of link attributes from the personal XRD file. // On error/failure return an empty array. -if(! function_exists('webfinger')) { + function webfinger($s, $debug = false) { $host = ''; if(strstr($s,'@')) { @@ -523,177 +399,8 @@ function webfinger($s, $debug = false) { } } return array(); -}} - -if(! function_exists('lrdd')) { -function lrdd($uri, $debug = false) { - - $a = get_app(); - - // default priority is host priority, host-meta first - - $priority = 'host'; - - // All we have is an email address. Resource-priority is irrelevant - // because our URI isn't directly resolvable. - - if(strstr($uri,'@')) { - return(webfinger($uri)); - } - - // get the host meta file - - $host = @parse_url($uri); - - if($host) { - $url = ((x($host,'scheme')) ? $host['scheme'] : 'http') . '://'; - $url .= $host['host'] . '/.well-known/host-meta' ; - } - else - return array(); - - logger('lrdd: constructed url: ' . $url); - - $xml = fetch_url($url); - $headers = $a->get_curl_headers(); - - if (! $xml) - return array(); - - logger('lrdd: host_meta: ' . $xml, LOGGER_DATA); - - if(! stristr($xml,'<xrd')) - return array(); - - $h = parse_xml_string($xml); - if(! $h) - return array(); - - $arr = convert_xml_element_to_array($h); - - if(isset($arr['xrd']['property'])) { - $property = $arr['crd']['property']; - if(! isset($property[0])) - $properties = array($property); - else - $properties = $property; - foreach($properties as $prop) - if((string) $prop['@attributes'] === 'http://lrdd.net/priority/resource') - $priority = 'resource'; - } - - // save the links in case we need them - - $links = array(); - - if(isset($arr['xrd']['link'])) { - $link = $arr['xrd']['link']; - if(! isset($link[0])) - $links = array($link); - else - $links = $link; - } - - // do we have a template or href? - - if(count($links)) { - foreach($links as $link) { - if($link['@attributes']['rel'] && attribute_contains($link['@attributes']['rel'],'lrdd')) { - if(x($link['@attributes'],'template')) - $tpl = $link['@attributes']['template']; - elseif(x($link['@attributes'],'href')) - $href = $link['@attributes']['href']; - } - } - } - - if((! isset($tpl)) || (! strpos($tpl,'{uri}'))) - $tpl = ''; - - if($priority === 'host') { - if(strlen($tpl)) - $pxrd = str_replace('{uri}', urlencode($uri), $tpl); - elseif(isset($href)) - $pxrd = $href; - if(isset($pxrd)) { - logger('lrdd: (host priority) pxrd: ' . $pxrd); - $links = fetch_xrd_links($pxrd); - return $links; - } - - $lines = explode("\n",$headers); - if(count($lines)) { - foreach($lines as $line) { - if((stristr($line,'link:')) && preg_match('/<([^>].*)>.*rel\=[\'\"]lrdd[\'\"]/',$line,$matches)) { - return(fetch_xrd_links($matches[1])); - break; - } - } - } - } - - - // priority 'resource' - - - $html = fetch_url($uri); - $headers = $a->get_curl_headers(); - logger('lrdd: headers=' . $headers, LOGGER_DEBUG); - - // don't try and parse raw xml as html - if(! strstr($html,'<?xml')) { - require_once('library/HTML5/Parser.php'); - - try { - $dom = HTML5_Parser::parse($html); - } catch (DOMException $e) { - logger('lrdd: parse error: ' . $e); - } - - if(isset($dom) && $dom) { - $items = $dom->getElementsByTagName('link'); - foreach($items as $item) { - $x = $item->getAttribute('rel'); - if($x == "lrdd") { - $pagelink = $item->getAttribute('href'); - break; - } - } - } - } - - if(isset($pagelink)) - return(fetch_xrd_links($pagelink)); - - // next look in HTTP headers - - $lines = explode("\n",$headers); - if(count($lines)) { - foreach($lines as $line) { - // TODO alter the following regex to support multiple relations (space separated) - if((stristr($line,'link:')) && preg_match('/<([^>].*)>.*rel\=[\'\"]lrdd[\'\"]/',$line,$matches)) { - $pagelink = $matches[1]; - break; - } - // don't try and run feeds through the html5 parser - if(stristr($line,'content-type:') && ((stristr($line,'application/atom+xml')) || (stristr($line,'application/rss+xml')))) - return array(); - if(stristr($html,'<rss') || stristr($html,'<feed')) - return array(); - } - } - - if(isset($pagelink)) - return(fetch_xrd_links($pagelink)); - - // If we haven't found any links, return the host xrd links (which we have already fetched) - - if(isset($links)) - return $links; - - return array(); +} -}} @@ -701,7 +408,7 @@ function lrdd($uri, $debug = false) { // host. Returns the LRDD template or an empty string on // error/failure. -if(! function_exists('fetch_lrdd_template')) { + function fetch_lrdd_template($host) { $tpl = ''; @@ -723,65 +430,13 @@ function fetch_lrdd_template($host) { if(! strpos($tpl,'{uri}')) $tpl = ''; return $tpl; -}} - -// Given a URL, retrieve the page as an XRD document. -// Return an array of links. -// on error/failure return empty array. - -if(! function_exists('fetch_xrd_links')) { -function fetch_xrd_links($url) { - - $xrd_timeout = intval(get_config('system','xrd_timeout')); - $redirects = 0; - $xml = fetch_url($url,false,$redirects,(($xrd_timeout) ? $xrd_timeout : 30)); - - logger('fetch_xrd_links: ' . $xml, LOGGER_DATA); - - if ((! $xml) || (! stristr($xml,'<xrd'))) - return array(); - - // fix diaspora's bad xml - $xml = str_replace(array('href="','"/>'),array('href="','"/>'),$xml); - - $arr = xml2array($xml); - - logger('fetch_xrd_links: ' . print_r($arr,true), LOGGER_DATA); - - $links = array(); - - if(isset($arr['xrd']['link'])) { - $link = $arr['xrd']['link']; - if(! isset($link[0])) - $links = array($link); - else - $links = $link; - } - if(isset($arr['xrd']['alias'])) { - $alias = $arr['xrd']['alias']; - if(! isset($alias[0])) - $aliases = array($alias); - else - $aliases = $alias; - if(is_array($aliases) && count($aliases)) { - foreach($aliases as $alias) { - $links[]['@attributes'] = array('rel' => 'alias' , 'href' => $alias); - } - } - } - - logger('fetch_xrd_links: ' . print_r($links,true), LOGGER_DATA); - - return $links; - -}} - +} // Take a URL from the wild, prepend http:// if necessary // and check DNS to see if it's real (or check if is a valid IP address) // return true if it's OK, false if something is wrong with it -if(! function_exists('validate_url')) { + function validate_url(&$url) { // no naked subdomains (allow localhost for tests) @@ -795,11 +450,11 @@ function validate_url(&$url) { return true; } return false; -}} +} // checks that email is an actual resolvable internet address -if(! function_exists('validate_email')) { + function validate_email($addr) { if(get_config('system','disable_email_validation')) @@ -813,14 +468,14 @@ function validate_email($addr) { return true; } return false; -}} +} // Check $url against our list of allowed sites, // wildcards allowed. If allowed_sites is unset return true; // If url is allowed, return true. // otherwise, return false -if(! function_exists('allowed_url')) { + function allowed_url($url) { $h = @parse_url($url); @@ -855,14 +510,14 @@ function allowed_url($url) { } } return $found; -}} +} // check if email address is allowed to register here. // Compare against our list (wildcards allowed). // Returns false if not allowed, true if allowed or if // allowed list is not configured. -if(! function_exists('allowed_email')) { + function allowed_email($email) { @@ -889,10 +544,10 @@ function allowed_email($email) { } } return $found; -}} +} + -if(! function_exists('avatar_img')) { function avatar_img($email) { $a = get_app(); @@ -905,14 +560,14 @@ function avatar_img($email) { call_hooks('avatar_lookup', $avatar); if(! $avatar['success']) - $avatar['url'] = $a->get_baseurl() . '/images/person-175.jpg'; + $avatar['url'] = $a->get_baseurl() . '/' . get_default_profile_photo(); logger('Avatar: ' . $avatar['email'] . ' ' . $avatar['url'], LOGGER_DEBUG); return $avatar['url']; -}} +} + -if(! function_exists('parse_xml_string')) { function parse_xml_string($s,$strict = true) { if($strict) { if(! strstr($s,'<?xml')) @@ -931,63 +586,6 @@ function parse_xml_string($s,$strict = true) { libxml_clear_errors(); } return $x; -}} - -function add_fcontact($arr,$update = false) { - - if($update) { - $r = q("UPDATE `fcontact` SET - `name` = '%s', - `photo` = '%s', - `request` = '%s', - `nick` = '%s', - `addr` = '%s', - `batch` = '%s', - `notify` = '%s', - `poll` = '%s', - `confirm` = '%s', - `alias` = '%s', - `pubkey` = '%s', - `updated` = '%s' - WHERE `url` = '%s' AND `network` = '%s' LIMIT 1", - dbesc($arr['name']), - dbesc($arr['photo']), - dbesc($arr['request']), - dbesc($arr['nick']), - dbesc($arr['addr']), - dbesc($arr['batch']), - dbesc($arr['notify']), - dbesc($arr['poll']), - dbesc($arr['confirm']), - dbesc($arr['alias']), - dbesc($arr['pubkey']), - dbesc(datetime_convert()), - dbesc($arr['url']), - dbesc($arr['network']) - ); - } - else { - $r = q("insert into fcontact ( `url`,`name`,`photo`,`request`,`nick`,`addr`, - `batch`, `notify`,`poll`,`confirm`,`network`,`alias`,`pubkey`,`updated` ) - values('%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s')", - dbesc($arr['url']), - dbesc($arr['name']), - dbesc($arr['photo']), - dbesc($arr['request']), - dbesc($arr['nick']), - dbesc($arr['addr']), - dbesc($arr['batch']), - dbesc($arr['notify']), - dbesc($arr['poll']), - dbesc($arr['confirm']), - dbesc($arr['network']), - dbesc($arr['alias']), - dbesc($arr['pubkey']), - dbesc(datetime_convert()) - ); - } - - return $r; } @@ -996,17 +594,24 @@ function scale_external_images($s, $include_link = true, $scale_replace = false) $a = get_app(); // Picture addresses can contain special characters - $s = htmlspecialchars_decode($s); + $s = htmlspecialchars_decode($s, ENT_COMPAT); $matches = null; - $c = preg_match_all('/\[img.*?\](.*?)\[\/img\]/ism',$s,$matches,PREG_SET_ORDER); + $c = preg_match_all('/\[img(.*?)\](.*?)\[\/img\]/ism',$s,$matches,PREG_SET_ORDER); if($c) { - require_once('include/Photo.php'); + require_once('include/photo/photo_driver.php'); + foreach($matches as $mtch) { - logger('scale_external_image: ' . $mtch[1]); + logger('scale_external_image: ' . $mtch[1] . ' ' . $mtch[2]); + + if(substr($mtch[1],0,1) == '=') { + $owidth = intval(substr($mtch[1],1)); + if(intval($owidth) > 0 && intval($owidth) < 640) + continue; + } $hostname = str_replace('www.','',substr($a->get_baseurl(),strpos($a->get_baseurl(),'://')+3)); - if(stristr($mtch[1],$hostname)) + if(stristr($mtch[2],$hostname)) continue; // $scale_replace, if passed, is an array of two elements. The @@ -1015,22 +620,23 @@ function scale_external_images($s, $include_link = true, $scale_replace = false) // This allows Friendica to display the smaller remote image if // one exists, while still linking to the full-size image if($scale_replace) - $scaled = str_replace($scale_replace[0], $scale_replace[1], $mtch[1]); + $scaled = str_replace($scale_replace[0], $scale_replace[1], $mtch[2]); else - $scaled = $mtch[1]; - $i = fetch_url($scaled); + $scaled = $mtch[2]; + $i = z_fetch_url($scaled); + $cache = get_config('system','itemcache'); if (($cache != '') and is_dir($cache)) { $cachefile = $cache."/".hash("md5", $scaled); - file_put_contents($cachefile, $i); + file_put_contents($cachefile, $i['body']); } // guess mimetype from headers or filename - $type = guess_image_type($mtch[1],true); + $type = guess_image_type($mtch[2],$i['header']); - if($i) { - $ph = new Photo($i, $type); + if($i['success']) { + $ph = photo_factory($i['body'], $type); if($ph->is_valid()) { $orig_width = $ph->getWidth(); $orig_height = $ph->getHeight(); @@ -1043,7 +649,7 @@ function scale_external_images($s, $include_link = true, $scale_replace = false) logger('scale_external_images: ' . $orig_width . '->' . $new_width . 'w ' . $orig_height . '->' . $new_height . 'h' . ' match: ' . $mtch[0], LOGGER_DEBUG); $s = str_replace($mtch[0],'[img=' . $new_width . 'x' . $new_height. ']' . $scaled . '[/img]' . "\n" . (($include_link) - ? '[url=' . $mtch[1] . ']' . t('view full size') . '[/url]' . "\n" + ? '[zrl=' . $mtch[2] . ']' . t('view full size') . '[/zrl]' . "\n" : ''),$s); logger('scale_external_images: new string: ' . $s, LOGGER_DEBUG); } @@ -1059,52 +665,6 @@ function scale_external_images($s, $include_link = true, $scale_replace = false) return $s; } - -function fix_contact_ssl_policy(&$contact,$new_policy) { - - $ssl_changed = false; - if((intval($new_policy) == SSL_POLICY_SELFSIGN || $new_policy === 'self') && strstr($contact['url'],'https:')) { - $ssl_changed = true; - $contact['url'] = str_replace('https:','http:',$contact['url']); - $contact['request'] = str_replace('https:','http:',$contact['request']); - $contact['notify'] = str_replace('https:','http:',$contact['notify']); - $contact['poll'] = str_replace('https:','http:',$contact['poll']); - $contact['confirm'] = str_replace('https:','http:',$contact['confirm']); - $contact['poco'] = str_replace('https:','http:',$contact['poco']); - } - - if((intval($new_policy) == SSL_POLICY_FULL || $new_policy === 'full') && strstr($contact['url'],'http:')) { - $ssl_changed = true; - $contact['url'] = str_replace('http:','https:',$contact['url']); - $contact['request'] = str_replace('http:','https:',$contact['request']); - $contact['notify'] = str_replace('http:','https:',$contact['notify']); - $contact['poll'] = str_replace('http:','https:',$contact['poll']); - $contact['confirm'] = str_replace('http:','https:',$contact['confirm']); - $contact['poco'] = str_replace('http:','https:',$contact['poco']); - } - - if($ssl_changed) { - q("update contact set - url = '%s', - request = '%s', - notify = '%s', - poll = '%s', - confirm = '%s', - poco = '%s' - where id = %d limit 1", - dbesc($contact['url']), - dbesc($contact['request']), - dbesc($contact['notify']), - dbesc($contact['poll']), - dbesc($contact['confirm']), - dbesc($contact['poco']), - intval($contact['id']) - ); - } -} - - - /** * xml2array() will convert the given XML text to an array in the XML structure. * Link: http://www.bin-co.com/php/scripts/xml2array/ @@ -1269,7 +829,7 @@ function xml2array($contents, $namespaces = true, $get_attributes=1, $priority = } -function email_header_encode($in_str, $charset) { +function email_header_encode($in_str, $charset = 'UTF-8') { $out_str = $in_str; $need_to_convert = false; |