aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/acl_selectors.php97
-rw-r--r--include/bbcode.php12
-rw-r--r--include/channel.php4
-rw-r--r--include/conversation.php2
-rw-r--r--include/crypto.php81
-rw-r--r--include/datetime.php97
-rwxr-xr-xinclude/dba/dba_driver.php82
-rwxr-xr-xinclude/dba/dba_mysql.php67
-rwxr-xr-xinclude/dba/dba_mysqli.php86
-rwxr-xr-xinclude/dba/dba_pdo.php43
-rw-r--r--include/dba/dba_postgres.php117
-rw-r--r--include/feedutils.php245
-rwxr-xr-xinclude/items.php18
-rw-r--r--include/js_strings.php14
-rw-r--r--include/nav.php4
-rw-r--r--include/network.php4
-rwxr-xr-xinclude/plugin.php72
-rw-r--r--include/queue_fn.php29
-rw-r--r--include/text.php55
-rw-r--r--include/zot.php199
20 files changed, 595 insertions, 733 deletions
diff --git a/include/acl_selectors.php b/include/acl_selectors.php
index 4e203074b..bada3e528 100644
--- a/include/acl_selectors.php
+++ b/include/acl_selectors.php
@@ -5,104 +5,9 @@
* @package acl_selectors
*/
-/**
- * @brief
- *
- * @param string $selname
- * @param string $selclass
- * @param mixed $preselected
- * @param number $size
- * @return string
- */
-function group_select($selname, $selclass, $preselected = false, $size = 4) {
-
- $o = '';
-
- $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\">\r\n";
-
- $r = q("SELECT * FROM groups WHERE deleted = 0 AND uid = %d ORDER BY gname ASC",
- intval(local_channel())
- );
-
-
- $arr = array('group' => $r, 'entry' => $o);
-
- // e.g. 'network_pre_group_deny', 'profile_pre_group_allow'
-
- call_hooks(App::$module . '_pre_' . $selname, $arr);
-
- if($r) {
- foreach($r as $rr) {
- if((is_array($preselected)) && in_array($rr['id'], $preselected))
- $selected = " selected=\"selected\" ";
- else
- $selected = '';
- $trimmed = mb_substr($rr['gname'],0,12);
-
- $o .= "<option value=\"{$rr['id']}\" $selected title=\"{$rr['name']}\" >$trimmed</option>\r\n";
- }
-
- }
- $o .= "</select>\r\n";
-
- call_hooks(App::$module . '_post_' . $selname, $o);
-
- return $o;
-}
-
-function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false, $tabindex = null) {
-
- $o = '';
-
- // When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector
- // to one recipient. By default our selector allows multiple selects amongst all contacts.
-
- $sql_extra = '';
-
- $tabindex = ($tabindex > 0 ? 'tabindex="$tabindex"' : '');
-
- if($privmail)
- $o .= "<select name=\"$selname\" id=\"$selclass\" class=\"$selclass\" size=\"$size\" $tabindex >\r\n";
- else
- $o .= "<select name=\"{$selname}[]\" id=\"$selclass\" class=\"$selclass\" multiple=\"multiple\" size=\"$size\" $tabindex>\r\n";
-
- $r = q("SELECT abook_id, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash
- where abook_self = 0 and abook_channel = %d
- $sql_extra
- ORDER BY xchan_name ASC",
- intval(local_channel())
- );
-
-
- $arr = array('contact' => $r, 'entry' => $o);
-
- // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow'
-
- call_hooks(App::$module . '_pre_' . $selname, $arr);
-
- if($r) {
- foreach($r as $rr) {
- if((is_array($preselected)) && in_array($rr['id'], $preselected))
- $selected = ' selected="selected" ';
- else
- $selected = '';
-
- $trimmed = mb_substr($rr['xchan_name'], 0, 20);
-
- $o .= "<option value=\"{$rr['abook_id']}\" $selected title=\"{$rr['xchan_name']}|{$rr['xchan_url']}\" >$trimmed</option>\r\n";
- }
- }
-
- $o .= "</select>\r\n";
-
- call_hooks(App::$module . '_post_' . $selname, $o);
-
- return $o;
-}
-
function fixacl(&$item) {
- $item = str_replace(array('<', '>'), array('', ''), $item);
+ $item = str_replace( [ '<', '>' ], [ '', '' ], $item);
}
/**
diff --git a/include/bbcode.php b/include/bbcode.php
index 0c85a0a4e..03a46444b 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -438,7 +438,7 @@ function bb_summary($match) {
$rnd3 = mt_rand();
$rnd4 = mt_rand();
- return $match[1] . '<div style="display: block;" id="opendiv-' . $rnd2 . '">' . $match[2] . '</div><div style="display: block;" id="opendiv-' . $rnd3 . '" onclick="openClose(\'opendiv-' . $rnd1 . '\'); openClose(\'opendiv-' . $rnd2 . '\'); openClose(\'opendiv-' . $rnd3 . '\'); openClose(\'opendiv-' . $rnd4 . '\'); return false;" class="fakelink">' . t('View article') . '</div><div style="display: none;" id="opendiv-' . $rnd4 . '" onclick="openClose(\'opendiv-' . $rnd1 . '\'); openClose(\'opendiv-' . $rnd2 . '\'); openClose(\'opendiv-' . $rnd3 . '\'); openClose(\'opendiv-' . $rnd4 . '\'); return false;" class="fakelink">' . t('View summary') . '</div><div id="opendiv-' . $rnd1 . '" style="display: none;">' . $match[3] . '</div>';
+ return $match[1] . '<div style="display: block;" id="opendiv-' . $rnd2 . '">' . $match[2] . '</div><div style="display: block;" id="opendiv-' . $rnd3 . '" onclick="openClose(\'opendiv-' . $rnd1 . '\'); openClose(\'opendiv-' . $rnd2 . '\'); openClose(\'opendiv-' . $rnd3 . '\'); openClose(\'opendiv-' . $rnd4 . '\'); return false;" class="fakelink view-article">' . t('View article') . '</div><div style="display: none;" id="opendiv-' . $rnd4 . '" onclick="openClose(\'opendiv-' . $rnd1 . '\'); openClose(\'opendiv-' . $rnd2 . '\'); openClose(\'opendiv-' . $rnd3 . '\'); openClose(\'opendiv-' . $rnd4 . '\'); return false;" class="fakelink view-summary">' . t('View summary') . '</div><div id="opendiv-' . $rnd1 . '" style="display: none;">' . $match[3] . '</div>';
}
@@ -628,7 +628,7 @@ function bb_code_unprotect_sub($match) {
function bb_code($match) {
if(strpos($match[0], "<br />"))
- return '<code>' . bb_code_protect(trim($match[1])) . '</code>';
+ return '<pre><code>' . bb_code_protect(trim($match[1])) . '</code></pre>';
else
return '<code class="inline-code">' . bb_code_protect(trim($match[1])) . '</code>';
}
@@ -636,15 +636,21 @@ function bb_code($match) {
function bb_code_options($match) {
if(strpos($match[0], "<br />")) {
$class = "";
+ $pre = true;
} else {
$class = "inline-code";
+ $pre = false;
}
if(strpos($match[1], 'nowrap')) {
$style = "overflow-x: auto; white-space: pre;";
} else {
$style = "";
}
- return '<code class="'. $class .'" style="'. $style .'">' . bb_code_protect(trim($match[2])) . '</code>';
+ if($pre) {
+ return '<pre><code class="'. $class .'" style="'. $style .'">' . bb_code_protect(trim($match[2])) . '</code></pre>';
+ } else {
+ return '<code class="'. $class .'" style="'. $style .'">' . bb_code_protect(trim($match[2])) . '</code>';
+ }
}
function bb_highlight($match) {
diff --git a/include/channel.php b/include/channel.php
index b9adc588b..625ce16c8 100644
--- a/include/channel.php
+++ b/include/channel.php
@@ -2553,10 +2553,10 @@ function channel_remove($channel_id, $local = true, $unset_session = false) {
q("DELETE FROM profile WHERE uid = %d", intval($channel_id));
q("DELETE FROM src WHERE src_channel_id = %d", intval($channel_id));
- $r = q("select resource_id FROM attach WHERE uid = %d", intval($channel_id));
+ $r = q("select hash FROM attach WHERE uid = %d", intval($channel_id));
if($r) {
foreach($r as $rv) {
- attach_delete($channel_id,$rv['resource_id']);
+ attach_delete($channel_id,$rv['hash']);
}
}
diff --git a/include/conversation.php b/include/conversation.php
index 77694deb3..0bb9c769a 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -974,7 +974,7 @@ function author_is_pmable($xchan, $abook) {
if($x['result'] !== 'unset')
return $x['result'];
- if($xchan['xchan_network'] === 'zot')
+ if($xchan['xchan_network'] === 'zot' && get_observer_hash())
return true;
return false;
diff --git a/include/crypto.php b/include/crypto.php
index b990b18d9..ab33ba096 100644
--- a/include/crypto.php
+++ b/include/crypto.php
@@ -31,19 +31,6 @@ function rsa_verify($data,$sig,$key,$alg = 'sha256') {
return (($verify > 0) ? true : false);
}
-function pkcs5_pad ($text, $blocksize)
-{
- $pad = $blocksize - (strlen($text) % $blocksize);
- return $text . str_repeat(chr($pad), $pad);
-}
-
-function pkcs5_unpad($text)
-{
- $pad = ord($text{strlen($text)-1});
- if ($pad > strlen($text)) return false;
- if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
- return substr($text, 0, -1 * $pad);
-}
function AES256CBC_encrypt($data,$key,$iv) {
@@ -135,7 +122,18 @@ function other_encapsulate($data,$pubkey,$alg) {
if(! $pubkey)
logger('no key. data: ' . $data);
- $fn = strtoupper($alg) . '_encrypt';
+ $oaep = false;
+
+ if(strpos($alg,'.oaep')) {
+ $oaep = true;
+ $subalg = substr($alg,0,-5);
+ }
+ else {
+ $subalg = $alg;
+ }
+
+
+ $fn = strtoupper($subalg) . '_encrypt';
if(function_exists($fn)) {
// A bit hesitant to use openssl_random_pseudo_bytes() as we know
@@ -153,14 +151,14 @@ function other_encapsulate($data,$pubkey,$alg) {
$iv = openssl_random_pseudo_bytes(256);
$result['data'] = base64url_encode($fn($data,$key,$iv),true);
// log the offending call so we can track it down
- if(! openssl_public_encrypt($key,$k,$pubkey)) {
+ if(! openssl_public_encrypt($key,$k,$pubkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING))) {
$x = debug_backtrace();
logger('RSA failed. ' . print_r($x[0],true));
}
$result['alg'] = $alg;
$result['key'] = base64url_encode($k,true);
- openssl_public_encrypt($iv,$i,$pubkey);
+ openssl_public_encrypt($iv,$i,$pubkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING));
$result['iv'] = base64url_encode($i,true);
return $result;
}
@@ -179,7 +177,7 @@ function crypto_methods() {
// The actual methods are responsible for deriving the actual key/iv from the provided parameters;
// possibly by truncation or segmentation - though many other methods could be used.
- $r = [ 'aes256ctr', 'camellia256cfb', 'cast5cfb', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
+ $r = [ 'aes256ctr.oaep', 'camellia256cfb.oaep', 'cast5cfb.oaep', 'aes256ctr', 'camellia256cfb', 'cast5cfb', 'aes256cbc', 'aes128cbc', 'cast5cbc' ];
call_hooks('crypto_methods',$r);
return $r;
@@ -220,6 +218,7 @@ function aes_encapsulate($data,$pubkey) {
function crypto_unencapsulate($data,$prvkey) {
if(! $data)
return;
+
$alg = ((array_key_exists('alg',$data)) ? $data['alg'] : 'aes256cbc');
if($alg === 'aes256cbc')
return aes_unencapsulate($data,$prvkey);
@@ -229,10 +228,21 @@ function crypto_unencapsulate($data,$prvkey) {
}
function other_unencapsulate($data,$prvkey,$alg) {
- $fn = strtoupper($alg) . '_decrypt';
+
+ $oaep = false;
+
+ if(strpos($alg,'.oaep')) {
+ $oaep = true;
+ $subalg = substr($alg,0,-5);
+ }
+ else {
+ $subalg = $alg;
+ }
+
+ $fn = strtoupper($subalg) . '_decrypt';
if(function_exists($fn)) {
- openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey);
- openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey);
+ openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING));
+ openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING));
return $fn(base64url_decode($data['data']),$k,$i);
}
else {
@@ -282,37 +292,6 @@ function new_keypair($bits) {
}
-function pkcs1to8($oldkey,$len) {
-
- if($len == 4096)
- $c = 'g';
- if($len == 2048)
- $c = 'Q';
-
- if(strstr($oldkey,'BEGIN PUBLIC'))
- return $oldkey;
-
- $oldkey = str_replace('-----BEGIN RSA PUBLIC KEY-----', '', $oldkey);
- $oldkey = trim(str_replace('-----END RSA PUBLIC KEY-----', '', $oldkey));
- $key = 'MIICIjANBgkqhkiG9w0BAQEFAAOCA' . $c . '8A' . str_replace("\n", '', $oldkey);
- $key = "-----BEGIN PUBLIC KEY-----\n" . wordwrap($key, 64, "\n", true) . "\n-----END PUBLIC KEY-----";
- return $key;
-}
-
-function pkcs8to1($oldkey,$len) {
-
- if(strstr($oldkey,'BEGIN RSA'))
- return $oldkey;
-
- $oldkey = str_replace('-----BEGIN PUBLIC KEY-----', '', $oldkey);
- $oldkey = trim(str_replace('-----END PUBLIC KEY-----', '', $oldkey));
- $key = str_replace("\n",'',$oldkey);
- $key = substr($key,32);
- $key = "-----BEGIN RSA PUBLIC KEY-----\n" . wordwrap($key, 64, "\n", true) . "\n-----END RSA PUBLIC KEY-----";
- return $key;
-}
-
-
function DerToPem($Der, $Private=false)
{
//Encode:
diff --git a/include/datetime.php b/include/datetime.php
index 0fcd957be..1e9a1fa51 100644
--- a/include/datetime.php
+++ b/include/datetime.php
@@ -93,16 +93,6 @@ function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d
return $d->format($fmt);
}
- // Slight hackish adjustment so that 'zero' datetime actually returns what is intended
- // otherwise we end up with -0001-11-30 ...
- // add 32 days so that we at least get year 00, and then hack around the fact that
- // months and days always start with 1.
-
-// if(substr($s,0,10) == '0000-00-00') {
-// $d = new DateTime($s . ' + 32 days', new DateTimeZone('UTC'));
-// return str_replace('1', '0', $d->format($fmt));
-// }
-
try {
$from_obj = new DateTimeZone($from);
} catch(Exception $e) {
@@ -135,70 +125,20 @@ function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d
*/
function dob($dob) {
- list($year, $month, $day) = sscanf($dob, '%4d-%2d-%2d');
- $f = get_config('system', 'birthday_input_format');
- if (! $f)
- $f = 'ymd';
-
if ($dob === '0000-00-00')
$value = '';
else
$value = (($year) ? datetime_convert('UTC','UTC',$dob,'Y-m-d') : datetime_convert('UTC','UTC',$dob,'m-d'));
- $o = replace_macros(get_markup_template("field_input.tpl"), array('$field' => array(
- 'dob',
- t('Birthday'),
- $value,
- ((intval($value)) ? t('Age: ') . age($value,App::$user['timezone'],App::$user['timezone']) : ''),
- '',
- 'placeholder="' . t('YYYY-MM-DD or MM-DD') .'"'
- )));
-
+ $o = replace_macros(get_markup_template("field_input.tpl"), [
+ '$field' => [ 'dob', t('Birthday'), $value, ((intval($value)) ? t('Age: ') . age($value,App::$user['timezone'],App::$user['timezone']) : ''), '', 'placeholder="' . t('YYYY-MM-DD or MM-DD') .'"' ]
+ ]);
-// if ($dob && $dob != '0000-00-00')
-// $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),mktime(0,0,0,$month,$day,$year),'dob');
-// else
-// $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),false,'dob');
return $o;
}
/**
- * @brief Returns a date selector.
- *
- * @see datetimesel()
- * @param string $format
- * format string, e.g. 'ymd' or 'mdy'. Not currently supported
- * @param DateTime $min
- * unix timestamp of minimum date
- * @param DateTime $max
- * unix timestap of maximum date
- * @param DateTime $default
- * unix timestamp of default date
- * @param string $id
- * id and name of datetimepicker (defaults to "datetimepicker")
- */
-function datesel($format, $min, $max, $default, $id = 'datepicker') {
- return datetimesel($format, $min, $max, $default, '', $id, true, false, '', '');
-}
-
-/**
- * @brief Returns a time selector.
- *
- * @param string $format
- * format string, e.g. 'ymd' or 'mdy'. Not currently supported
- * @param string $h
- * already selected hour
- * @param string $m
- * already selected minute
- * @param string $id
- * id and name of datetimepicker (defaults to "timepicker")
- */
-function timesel($format, $h, $m, $id='timepicker') {
- return datetimesel($format, new DateTime(), new DateTime(), new DateTime("$h:$m"), '', $id, false, true);
-}
-
-/**
* @brief Returns a datetime selector.
*
* @param string $format
@@ -449,12 +389,7 @@ function cal($y = 0, $m = 0, $links = false, $class='') {
// month table - start at 1 to match human usage.
- $mtab = array(' ',
- 'January','February','March',
- 'April','May','June',
- 'July','August','September',
- 'October','November','December'
- );
+ $mtab = [ ' ', 'January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December' ];
$thisyear = datetime_convert('UTC',date_default_timezone_get(),'now','Y');
$thismonth = datetime_convert('UTC',date_default_timezone_get(),'now','m');
@@ -463,7 +398,7 @@ function cal($y = 0, $m = 0, $links = false, $class='') {
if (! $m)
$m = intval($thismonth);
- $dn = array('Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday');
+ $dn = [ 'Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday' ];
$f = get_first_dim($y, $m);
$l = get_dim($y, $m);
$d = 1;
@@ -569,17 +504,17 @@ function update_birthdays() {
if (! perm_is_allowed($rr['abook_channel'], $rr['xchan_hash'], 'send_stream'))
continue;
- $ev = array();
- $ev['uid'] = $rr['abook_channel'];
- $ev['account'] = $rr['abook_account'];
- $ev['event_xchan'] = $rr['xchan_hash'];
- $ev['dtstart'] = datetime_convert('UTC', 'UTC', $rr['abook_dob']);
- $ev['dtend'] = datetime_convert('UTC', 'UTC', $rr['abook_dob'] . ' + 1 day ');
- $ev['adjust'] = intval(feature_enabled($rr['abook_channel'],'smart_birthdays'));
- $ev['summary'] = sprintf( t('%1$s\'s birthday'), $rr['xchan_name']);
- $ev['description'] = sprintf( t('Happy Birthday %1$s'),
- '[zrl=' . $rr['xchan_url'] . ']' . $rr['xchan_name'] . '[/zrl]') ;
- $ev['etype'] = 'birthday';
+ $ev = [
+ 'uid' => $rr['abook_channel'],
+ 'account' => $rr['abook_account'],
+ 'event_xchan' => $rr['xchan_hash'],
+ 'dtstart' => datetime_convert('UTC', 'UTC', $rr['abook_dob']),
+ 'dtend' => datetime_convert('UTC', 'UTC', $rr['abook_dob'] . ' + 1 day '),
+ 'adjust' => intval(feature_enabled($rr['abook_channel'],'smart_birthdays')),
+ 'summary' => sprintf( t('%1$s\'s birthday'), $rr['xchan_name']),
+ 'description' => sprintf( t('Happy Birthday %1$s'), '[zrl=' . $rr['xchan_url'] . ']' . $rr['xchan_name'] . '[/zrl]'),
+ 'etype' => 'birthday',
+ ];
$z = event_store_event($ev);
if ($z) {
diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php
index deec9adfd..b3298b673 100755
--- a/include/dba/dba_driver.php
+++ b/include/dba/dba_driver.php
@@ -1,15 +1,20 @@
<?php
+/**
+ * @file dba_driver.php
+ * @brief Some database related functions and database classes.
+ *
+ * This file contains the abstract database driver class dba_driver, the
+ * database class DBA and some functions for working with databases.
+ */
+/**
+ * @brief Database classs with database factory method.
+ *
+ * The factory will return a database driver which is an implementation of the
+ * abstract dba_driver class.
+ */
class DBA {
- /**
- * @file dba_driver.php
- * @brief some database related functions and abstract driver class.
- *
- * This file contains the abstract database driver class dba_driver and some
- * functions for working with databases.
- */
-
static public $dba = null;
static public $dbtype = null;
static public $scheme = 'mysql';
@@ -21,7 +26,6 @@ class DBA {
static public $tquot = "`";
-
/**
* @brief Returns the database driver object.
*
@@ -34,14 +38,11 @@ class DBA {
* @param bool $install Defaults to false
* @return null|dba_driver A database driver object (dba_pdo) or null if no driver found.
*/
-
static public function dba_factory($server,$port,$user,$pass,$db,$dbtype,$install = false) {
self::$dba = null;
-
self::$dbtype = intval($dbtype);
-
if(self::$dbtype == DBTYPE_POSTGRES) {
if(!($port))
$port = 5432;
@@ -50,7 +51,6 @@ class DBA {
self::$utc_now = "now() at time zone 'UTC'";
self::$tquot = '"';
self::$scheme = 'pgsql';
-
}
else {
@@ -66,40 +66,27 @@ class DBA {
require_once('include/dba/dba_pdo.php');
self::$dba = new dba_pdo($server,self::$scheme,$port,$user,$pass,$db,$install);
-
- if(is_object(self::$dba) && self::$dba->connected) {
-
- if(strpbrk($server,':;')) {
- $dsn = $server;
- }
- else {
- $dsn = self::$scheme . ':host=' . $server . (intval($port) ? '' : ';port=' . $port);
- }
- $dsn .= ';dbname=' . $db;
-
-
- self::$dba->pdo_set(array($dsn,$user,$pass));
- }
define('NULL_DATE', self::$null_date);
define('ACTIVE_DBTYPE', self::$dbtype);
define('TQUOT', self::$tquot);
+
return self::$dba;
}
}
/**
- * @brief abstract database driver class.
+ * @brief Abstract database driver class.
*
- * This class gets extended by the real database driver classes, e.g. dba_mysql,
- * dba_mysqli.
+ * This class gets extended by the real database driver class. We used to have
+ * dba_mysql, dba_mysqli or dba_postgres, but we moved to PDO and the only
+ * implemented driver is dba_pdo.
*/
abstract class dba_driver {
// legacy behavior
public $db;
- protected $pdo = array();
public $debug = 0;
public $connected = false;
@@ -111,6 +98,7 @@ abstract class dba_driver {
* This abstract function needs to be implemented in the real driver.
*
* @param string $server DB server name
+ * @param string $scheme DB scheme
* @param string $port DB port
* @param string $user DB username
* @param string $pass DB password
@@ -166,6 +154,7 @@ abstract class dba_driver {
$platform_name = \Zotlabs\Lib\System::get_platform_name();
if(file_exists('install/' . $platform_name . '/' . \DBA::$install_script))
return 'install/' . $platform_name . '/' . \DBA::$install_script;
+
return 'install/' . \DBA::$install_script;
}
@@ -173,7 +162,6 @@ abstract class dba_driver {
return \DBA::$tquot;
}
-
function utcnow() {
return \DBA::$utc_now;
}
@@ -232,19 +220,12 @@ abstract class dba_driver {
return $str;
}
- function pdo_set($x) {
- $this->pdo = $x;
- }
-
- function pdo_get() {
- return $this->pdo;
- }
-
} // end abstract dba_driver class
-
+//
// Procedural functions
+//
function printable($s) {
$s = preg_replace("~([\x01-\x08\x0E-\x0F\x10-\x1F\x7F-\xFF])~",".", $s);
@@ -275,7 +256,7 @@ function dbg($state) {
* wrapping with intval().
*
* @param string $str A string to pass to a DB query
- * @return Return an escaped string of the value to pass to a DB query.
+ * @return string Return an escaped string of the value to pass to a DB query.
*/
function dbesc($str) {
@@ -298,6 +279,7 @@ function dbunescbin($str) {
function dbescdate($date) {
if(is_null_date($date))
return \DBA::$dba->escape(NULL_DATE);
+
return \DBA::$dba->escape($date);
}
@@ -330,17 +312,17 @@ function db_use_index($str) {
*
* printf style arguments %s and %d are replaced with variable arguments, which
* should each be appropriately dbesc() or intval().
+ *
* SELECT queries return an array of results or false if SQL or DB error. Other
* queries return true if the command was successful or false if it wasn't.
*
* Example:
- * $r = q("SELECT * FROM %s WHERE `uid` = %d",
- * 'user', 1);
+ * @code{.php}$r = q("SELECT * FROM %s WHERE `uid` = %d",
+ * 'user', 1);@endcode
*
* @param string $sql The SQL query to execute
* @return bool|array
*/
-
function q($sql) {
$args = func_get_args();
@@ -359,8 +341,8 @@ function q($sql) {
}
/*
- * This will happen occasionally trying to store the
- * session data after abnormal program termination
+ * This will happen occasionally trying to store the
+ * session data after abnormal program termination
*/
db_logger('dba: no database: ' . print_r($args,true),LOGGER_NORMAL,LOG_CRIT);
@@ -389,8 +371,8 @@ function dbq($sql) {
// Caller is responsible for ensuring that any integer arguments to
// dbesc_array are actually integers and not malformed strings containing
-// SQL injection vectors. All integer array elements should be specifically
-// cast to int to avoid trouble.
+// SQL injection vectors. All integer array elements should be specifically
+// cast to int to avoid trouble.
function dbesc_array_cb(&$item, $key) {
if(is_string($item)) {
@@ -423,7 +405,7 @@ function dbesc_array(&$arr) {
function db_getfunc($f) {
$lookup = array(
'rand'=>array(
- DBTYPE_MYSQL=>'RAND()',
+ DBTYPE_MYSQL=>'RAND()',
DBTYPE_POSTGRES=>'RANDOM()'
),
'utc_timestamp'=>array(
diff --git a/include/dba/dba_mysql.php b/include/dba/dba_mysql.php
deleted file mode 100755
index 8b51cf578..000000000
--- a/include/dba/dba_mysql.php
+++ /dev/null
@@ -1,67 +0,0 @@
-<?php
-
-require_once('include/dba/dba_driver.php');
-
-
-class dba_mysql extends dba_driver {
-
- function connect($server, $scheme, $port, $user,$pass,$db) {
- $this->db = mysql_connect($server.":".$port,$user,$pass);
- if($this->db && mysql_select_db($db,$this->db)) {
- $this->connected = true;
- }
- if($this->connected) {
- return true;
- }
- return false;
- }
-
-
- function q($sql) {
- if((! $this->db) || (! $this->connected))
- return false;
-
- $this->error = '';
- $result = @mysql_query($sql,$this->db);
-
-
- if(mysql_errno($this->db))
- $this->error = mysql_error($this->db);
-
- if($result === false || $this->error) {
- logger('dba_mysql: ' . printable($sql) . ' returned false.' . "\n" . $this->error);
- if(file_exists('dbfail.out'))
- file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND);
- }
-
- if(($result === true) || ($result === false))
- return $result;
-
- $r = array();
- if(mysql_num_rows($result)) {
- while($x = mysql_fetch_array($result,MYSQL_ASSOC))
- $r[] = $x;
- mysql_free_result($result);
- if($this->debug)
- logger('dba_mysql: ' . printable(print_r($r,true)));
- }
- return $r;
- }
-
- function escape($str) {
- if($this->db && $this->connected) {
- return @mysql_real_escape_string($str,$this->db);
- }
- }
-
- function close() {
- if($this->db)
- mysql_close($this->db);
- $this->connected = false;
- }
-
- function getdriver() {
- return 'mysql';
- }
-
-}
diff --git a/include/dba/dba_mysqli.php b/include/dba/dba_mysqli.php
deleted file mode 100755
index 165c8e969..000000000
--- a/include/dba/dba_mysqli.php
+++ /dev/null
@@ -1,86 +0,0 @@
-<?php /** @file */
-
-require_once('include/dba/dba_driver.php');
-
-class dba_mysqli extends dba_driver {
-
- function connect($server,$scheme,$port,$user,$pass,$db) {
- if($port)
- $this->db = new mysqli($server,$user,$pass,$db, $port);
- else
- $this->db = new mysqli($server,$user,$pass,$db);
-
- if($this->db->connect_error) {
- $this->connected = false;
- $this->error = $this->db->connect_error;
-
- if(file_exists('dbfail.out')) {
- file_put_contents('dbfail.out', datetime_convert() . "\nConnect: " . $this->error . "\n", FILE_APPEND);
- }
-
- return false;
- }
- else {
- $this->connected = true;
- return true;
- }
- }
-
- function q($sql) {
- if((! $this->db) || (! $this->connected))
- return false;
-
- $this->error = '';
- $result = $this->db->query($sql);
-
- if($this->db->errno)
- $this->error = $this->db->error;
-
-
- if($this->error) {
- db_logger('dba_mysqli: ERROR: ' . printable($sql) . "\n" . $this->error, LOGGER_NORMAL, LOG_ERR);
- if(file_exists('dbfail.out')) {
- file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . "\n" . $this->error . "\n", FILE_APPEND);
- }
- }
-
- if(($result === true) || ($result === false)) {
- if($this->debug) {
- db_logger('dba_mysqli: DEBUG: ' . printable($sql) . ' returns ' . (($result) ? 'true' : 'false'), LOGGER_NORMAL,(($result) ? LOG_INFO : LOG_ERR));
- }
- return $result;
- }
-
- if($this->debug) {
- db_logger('dba_mysqli: DEBUG: ' . printable($sql) . ' returned ' . $result->num_rows . ' results.', LOGGER_NORMAL, LOG_INFO);
- }
-
- $r = array();
- if($result->num_rows) {
- while($x = $result->fetch_array(MYSQLI_ASSOC))
- $r[] = $x;
- $result->free_result();
- if($this->debug) {
- db_logger('dba_mysqli: ' . printable(print_r($r,true)), LOGGER_NORMAL, LOG_INFO);
- }
- }
- return $r;
- }
-
- function escape($str) {
- if($this->db && $this->connected) {
- return @$this->db->real_escape_string($str);
- }
- }
-
- function close() {
- if($this->db)
- $this->db->close();
- $this->connected = false;
- }
-
- function getdriver() {
- return 'mysqli';
- }
-
-} \ No newline at end of file
diff --git a/include/dba/dba_pdo.php b/include/dba/dba_pdo.php
index a9d824a50..f24c5381a 100755
--- a/include/dba/dba_pdo.php
+++ b/include/dba/dba_pdo.php
@@ -1,14 +1,21 @@
-<?php /** @file */
+<?php
-require_once('include/dba/dba_driver.php');
+require_once 'include/dba/dba_driver.php';
+/**
+ * @brief PDO based database driver.
+ *
+ */
class dba_pdo extends dba_driver {
-
public $driver_dbtype = null;
- function connect($server,$scheme,$port,$user,$pass,$db) {
-
+ /**
+ * {@inheritDoc}
+ * @see dba_driver::connect()
+ */
+ function connect($server, $scheme, $port, $user, $pass, $db) {
+
$this->driver_dbtype = $scheme;
if(strpbrk($server,':;')) {
@@ -17,7 +24,7 @@ class dba_pdo extends dba_driver {
else {
$dsn = $this->driver_dbtype . ':host=' . $server . (intval($port) ? ';port=' . $port : '');
}
-
+
$dsn .= ';dbname=' . $db;
try {
@@ -36,10 +43,19 @@ class dba_pdo extends dba_driver {
$this->q("SET standard_conforming_strings = 'off'; SET backslash_quote = 'on';");
$this->connected = true;
- return true;
+ return true;
}
+ /**
+ * {@inheritDoc}
+ * @see dba_driver::q()
+ *
+ * @return bool|array|PDOStatement
+ * - \b false if not connected or PDOException occured on query
+ * - \b array with results on a SELECT query
+ * - \b PDOStatement on a non SELECT SQL query
+ */
function q($sql) {
if((! $this->db) || (! $this->connected))
return false;
@@ -50,14 +66,15 @@ class dba_pdo extends dba_driver {
}
}
+ $result = null;
$this->error = '';
- $select = ((stripos($sql,'select') === 0) ? true : false);
+ $select = ((stripos($sql, 'select') === 0) ? true : false);
try {
$result = $this->db->query($sql, PDO::FETCH_ASSOC);
}
catch(PDOException $e) {
-
+
$this->error = $e->getMessage();
if($this->error) {
db_logger('dba_pdo: ERROR: ' . printable($sql) . "\n" . $this->error, LOGGER_NORMAL, LOG_ERR);
@@ -82,11 +99,10 @@ class dba_pdo extends dba_driver {
}
if($this->debug) {
- db_logger('dba_pdo: DEBUG: ' . printable($sql) . ' returned ' . count($r) . ' results.', LOGGER_NORMAL, LOG_INFO);
+ db_logger('dba_pdo: DEBUG: ' . printable($sql) . ' returned ' . count($r) . ' results.', LOGGER_NORMAL, LOG_INFO);
db_logger('dba_pdo: ' . printable(print_r($r,true)), LOGGER_NORMAL, LOG_INFO);
}
-
return (($this->error) ? false : $r);
}
@@ -99,9 +115,10 @@ class dba_pdo extends dba_driver {
function close() {
if($this->db)
$this->db = null;
+
$this->connected = false;
}
-
+
function concat($fld,$sep) {
if($this->driver_dbtype === 'pgsql') {
return 'string_agg(' . $fld . ',\'' . $sep . '\')';
@@ -140,7 +157,7 @@ class dba_pdo extends dba_driver {
return $this->escape($str);
}
}
-
+
function unescapebin($str) {
if($this->driver_dbtype === 'pgsql' && (! is_null($str))) {
$x = '';
diff --git a/include/dba/dba_postgres.php b/include/dba/dba_postgres.php
deleted file mode 100644
index 560d8da60..000000000
--- a/include/dba/dba_postgres.php
+++ /dev/null
@@ -1,117 +0,0 @@
-<?php
-
-require_once('include/dba/dba_driver.php');
-
-
-class dba_postgres extends dba_driver {
- const INSTALL_SCRIPT='install/schema_postgres.sql';
- const NULL_DATE = '0001-01-01 00:00:00';
- const UTC_NOW = "now() at time zone 'UTC'";
- const TQUOT = '"';
-
- function connect($server,$scheme,$port,$user,$pass,$db) {
- if(!$port) $port = 5432;
- $connstr = 'host=' . $server . ' port='.$port . ' user=' . $user . ' password=' . $pass . ' dbname='. $db;
- $this->db = pg_connect($connstr);
- if($this->db !== false) {
- $this->connected = true;
- } else {
- $this->connected = false;
- }
- $this->q("SET standard_conforming_strings = 'off'; SET backslash_quote = 'on';"); // emulate mysql string escaping to prevent massive code-clobber
- return $this->connected;
- }
-
- function q($sql) {
- if((! $this->db) || (! $this->connected))
- return false;
-
- if(!strpos($sql, ';'))
- $sql .= ';';
-
- if(strpos($sql, '`')) // this is a hack. quoted identifiers should be replaced everywhere in the code with dbesc_identifier(), remove this once it is
- $sql = str_replace('`', '"', $sql);
-
- $this->error = '';
- $result = @pg_query($this->db, $sql);
- if(file_exists('db-allqueries.out')) {
- $bt = debug_backtrace();
- $trace = array();
- foreach($bt as $frame) {
- if(!empty($frame['file']) && @strstr($frame['file'], $_SERVER['DOCUMENT_ROOT']))
- $frame['file'] = substr($frame['file'], strlen($_SERVER['DOCUMENT_ROOT'])+1);
-
- $trace[] = $frame['file'] . ':' . $frame['function'] . '():' . $frame['line'] ;
- }
- $compact = join(', ', $trace);
- file_put_contents('db-allqueries.out', datetime_convert() . ": " . $sql . ' is_resource: '.var_export(is_resource($result), true).', backtrace: '.$compact."\n\n", FILE_APPEND);
- }
-
- if($result === false)
- $this->error = pg_last_error($this->db);
-
- if($result === false || $this->error) {
- //db_logger('dba_postgres: ' . printable($sql) . ' returned false.' . "\n" . $this->error);
- if(file_exists('dbfail.out'))
- file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND);
- }
-
- if(($result === true) || ($result === false))
- return $result;
-
- if(pg_result_status($result) == PGSQL_COMMAND_OK)
- return true;
-
- $r = array();
- if(pg_num_rows($result)) {
- while($x = pg_fetch_array($result, null, PGSQL_ASSOC))
- $r[] = $x;
- pg_free_result($result);
- if($this->debug)
- db_logger('dba_postgres: ' . printable(print_r($r,true)));
- }
- return $r;
- }
-
- function escape($str) {
- if($this->db && $this->connected) {
- $x = @pg_escape_string($this->db, $str);
- return $x;
- }
- }
-
- function escapebin($str) {
- return pg_escape_bytea($str);
- }
-
- function unescapebin($str) {
- return pg_unescape_bytea($str);
- }
-
- function close() {
- if($this->db)
- pg_close($this->db);
- $this->connected = false;
- }
-
- function quote_interval($txt) {
- return "'$txt'";
- }
-
- function escape_identifier($str) {
- return pg_escape_identifier($this->db, $str);
- }
-
- function optimize_table($table) {
- // perhaps do some equivalent thing here, vacuum, etc? I think this is the DBA's domain anyway. Applications should not need to muss with this.
- // for now do nothing without a compelling reason. function overrides default legacy mysql.
- }
-
- function concat($fld, $sep) {
- return 'string_agg(' . $fld . ',\'' . $sep . '\')';
- }
-
- function getdriver() {
- return 'pgsql';
- }
-} \ No newline at end of file
diff --git a/include/feedutils.php b/include/feedutils.php
index 5ef45a6cd..369193fce 100644
--- a/include/feedutils.php
+++ b/include/feedutils.php
@@ -253,19 +253,18 @@ function construct_activity_target($item) {
return '';
}
+
/**
- * @brief Return an array with a parsed atom item.
+ * @brief Return an array with a parsed atom author.
*
* @param SimplePie $feed
- * @param array $item
- * @param[out] array $author
- * @return array Associative array with the parsed item data
+ * @param SimplePie $item
+ * @return array $author
*/
-function get_atom_elements($feed, $item, &$author) {
- require_once('include/html2bbcode.php');
+function get_atom_author($feed, $item) {
- $res = array();
+ $author = [];
$found_author = $item->get_author();
if($found_author) {
@@ -290,52 +289,6 @@ function get_atom_elements($feed, $item, &$author) {
if(substr($author['author_link'],-1,1) == '/')
$author['author_link'] = substr($author['author_link'],0,-1);
- $res['mid'] = normalise_id(unxmlify($item->get_id()));
- $res['title'] = unxmlify($item->get_title());
- $res['body'] = unxmlify($item->get_content());
- $res['plink'] = unxmlify($item->get_link(0));
- $res['item_rss'] = 1;
-
-
- $summary = unxmlify($item->get_description(true));
-
- // removing the content of the title if its identically to the body
- // This helps with auto generated titles e.g. from tumblr
-
- if (title_is_body($res['title'], $res['body']))
- $res['title'] = "";
-
- if($res['plink'])
- $base_url = implode('/', array_slice(explode('/',$res['plink']),0,3));
- else
- $base_url = '';
-
-
- $rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'published');
- if($rawcreated)
- $res['created'] = unxmlify($rawcreated[0]['data']);
-
- $rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'updated');
- if($rawedited)
- $res['edited'] = unxmlify($rawedited[0]['data']);
-
- if((x($res,'edited')) && (! (x($res,'created'))))
- $res['created'] = $res['edited'];
-
- if(! $res['created'])
- $res['created'] = $item->get_date('c');
-
- if(! $res['edited'])
- $res['edited'] = $item->get_date('c');
-
- $rawverb = $item->get_item_tags(NAMESPACE_ACTIVITY, 'verb');
-
- // select between supported verbs
-
- if($rawverb) {
- $res['verb'] = unxmlify($rawverb[0]['data']);
- }
-
// look for a photo. We should check media size and find the best one,
// but for now let's just find any author photo
@@ -414,6 +367,122 @@ function get_atom_elements($feed, $item, &$author) {
}
}
+ $rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner');
+ if(! $rawowner)
+ $rawowner = $item->get_item_tags(NAMESPACE_ZOT, 'owner');
+
+ if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data'])
+ $author['owner_name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']);
+ elseif($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data'])
+ $author['owner_name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']);
+ if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data'])
+ $author['owner_link'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']);
+ elseif($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data'])
+ $author['owner_link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']);
+
+ if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
+ $base = $rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
+
+ foreach($base as $link) {
+ if(!x($author, 'owner_photo') || ! $author['owner_photo']) {
+ if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')
+ $author['owner_photo'] = unxmlify($link['attribs']['']['href']);
+ }
+ }
+ }
+
+ // build array to pass to hook
+ $arr = [
+ 'feed' => $feed,
+ 'item' => $item,
+ 'author' => $author
+ ];
+ /**
+ * @hooks parse_atom
+ * * \e SimplePie \b feed - The original SimplePie feed
+ * * \e SimplePie \b item
+ * * \e array \b result - the result array that will also get returned
+ */
+ call_hooks('parse_atom_author', $arr);
+
+ logger('author: ' . print_r($arr['author'], true), LOGGER_DATA);
+
+ return $arr['author'];
+}
+
+
+/**
+ * @brief Return an array with a parsed atom item.
+ *
+ * @param SimplePie $feed
+ * @param SimplePie $item
+ * @param[out] array $author
+ * @return array Associative array with the parsed item data
+ */
+
+function get_atom_elements($feed, $item) {
+
+ require_once('include/html2bbcode.php');
+
+ $res = array();
+
+
+ $res['mid'] = normalise_id(unxmlify($item->get_id()));
+ $res['title'] = unxmlify($item->get_title());
+ $res['body'] = unxmlify($item->get_content());
+ $res['plink'] = unxmlify($item->get_link(0));
+ $res['item_rss'] = 1;
+
+
+ $summary = unxmlify($item->get_description(true));
+
+ if($summary === $res['body'])
+ $summary = '';
+
+ if(($summary) && ((strpos($summary,'<') !== false) || (strpos($summary,'>') !== false))) {
+ $summary = purify_html($summary);
+ $summary = html2bbcode($summary);
+ }
+
+
+
+ // removing the content of the title if its identically to the body
+ // This helps with auto generated titles e.g. from tumblr
+
+ if (title_is_body($res['title'], $res['body']))
+ $res['title'] = "";
+
+ if($res['plink'])
+ $base_url = implode('/', array_slice(explode('/',$res['plink']),0,3));
+ else
+ $base_url = '';
+
+
+ $rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'published');
+ if($rawcreated)
+ $res['created'] = unxmlify($rawcreated[0]['data']);
+
+ $rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'updated');
+ if($rawedited)
+ $res['edited'] = unxmlify($rawedited[0]['data']);
+
+ if((x($res,'edited')) && (! (x($res,'created'))))
+ $res['created'] = $res['edited'];
+
+ if(! $res['created'])
+ $res['created'] = $item->get_date('c');
+
+ if(! $res['edited'])
+ $res['edited'] = $item->get_date('c');
+
+ $rawverb = $item->get_item_tags(NAMESPACE_ACTIVITY, 'verb');
+
+ // select between supported verbs
+
+ if($rawverb) {
+ $res['verb'] = unxmlify($rawverb[0]['data']);
+ }
+
$rawcnv = $item->get_item_tags(NAMESPACE_OSTATUS, 'conversation');
if($rawcnv) {
// new style
@@ -428,7 +497,7 @@ function get_atom_elements($feed, $item, &$author) {
}
}
- $ostatus_protocol = (($ostatus_conversation) ? true : false);
+ $ostatus_protocol = (($ostatus_conversation || $res['verb']) ? true : false);
$mastodon = (($item->get_item_tags('http://mastodon.social/schema/1.0','scope')) ? true : false);
if($mastodon) {
@@ -437,6 +506,8 @@ function get_atom_elements($feed, $item, &$author) {
$res['item_private'] = 1;
}
+ logger('ostatus_protocol: ' . intval($ostatus_protocol), LOGGER_DEBUG);
+
$apps = $item->get_item_tags(NAMESPACE_STATUSNET, 'notice_info');
if($apps && $apps[0]['attribs']['']['source']) {
$res['app'] = strip_tags(unxmlify($apps[0]['attribs']['']['source']));
@@ -540,9 +611,8 @@ function get_atom_elements($feed, $item, &$author) {
);
}
- // turn Mastodon content warning into a #nsfw hashtag
- if($mastodon && $summary) {
- $res['body'] = $summary . "\n\n" . $res['body'] . "\n\n#ContentWarning\n";
+ if($summary && $res['body']) {
+ $res['body'] = '[summary]' . $summary . '[/summary]' . $res['body'];
}
@@ -571,29 +641,6 @@ function get_atom_elements($feed, $item, &$author) {
$res['created'] = datetime_convert('UTC','UTC',$res['created']);
$res['edited'] = datetime_convert('UTC','UTC',$res['edited']);
- $rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner');
- if(! $rawowner)
- $rawowner = $item->get_item_tags(NAMESPACE_ZOT, 'owner');
-
- if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data'])
- $author['owner_name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']);
- elseif($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data'])
- $author['owner_name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']);
- if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data'])
- $author['owner_link'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']);
- elseif($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data'])
- $author['owner_link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']);
-
- if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
- $base = $rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
-
- foreach($base as $link) {
- if(!x($author, 'owner_photo') || ! $author['owner_photo']) {
- if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar')
- $author['owner_photo'] = unxmlify($link['attribs']['']['href']);
- }
- }
- }
$rawgeo = $item->get_item_tags(NAMESPACE_GEORSS, 'point');
if($rawgeo)
@@ -756,20 +803,17 @@ function get_atom_elements($feed, $item, &$author) {
$arr = [
'feed' => $feed,
'item' => $item,
- 'author' => $author,
'result' => $res
];
/**
* @hooks parse_atom
* * \e SimplePie \b feed - The original SimplePie feed
- * * \e array \b item
- * * \e array \b author
+ * * \e SimplePie \b item
* * \e array \b result - the result array that will also get returned
*/
call_hooks('parse_atom', $arr);
- logger('author: ' .print_r($arr['author'], true), LOGGER_DATA);
- logger('result: ' .print_r($arr['result'], true), LOGGER_DATA);
+ logger('result: ' . print_r($arr['result'], true), LOGGER_DATA);
return $arr['result'];
}
@@ -968,9 +1012,9 @@ function process_feed_tombstones($feed,$importer,$contact,$pass) {
* @param string $xml
* The (atom) feed to consume - RSS isn't as fully supported but may work for simple feeds.
* @param array $importer
- * The contact_record (joined to user_record) of the local user who owns this
+ * The channel record of the local user who owns this
* relationship. It is this person's stuff that is going to be updated.
- * @param[in,out] array $contact
+ * @param[in,out] array $contact (abook record joined to xchan record)
* The person who is sending us stuff. If not set, we MAY be processing a "follow" activity
* from an external network and MAY create an appropriate contact record. Otherwise, we MUST
* have a contact record.
@@ -1057,8 +1101,8 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) {
// Have we seen it? If not, import it.
- $author = array();
- $datarray = get_atom_elements($feed,$item,$author);
+ $author = get_atom_author($feed,$item);
+ $datarray = get_atom_elements($feed,$item);
if(! $datarray['mid'])
continue;
@@ -1310,8 +1354,8 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) {
// Head post of a conversation. Have we seen it? If not, import it.
- $author = array();
- $datarray = get_atom_elements($feed,$item,$author);
+ $author = get_atom_author($feed,$item);
+ $datarray = get_atom_elements($feed,$item);
if(! $datarray['mid'])
continue;
@@ -1513,11 +1557,11 @@ function normalise_id($id) {
*/
function process_salmon_feed($xml, $importer) {
- $ret = array();
+ $ret = [];
if(! strlen($xml)) {
logger('process_feed: empty input');
- return;
+ return $ret;
}
$feed = new SimplePie();
@@ -1531,8 +1575,10 @@ function process_salmon_feed($xml, $importer) {
$feed->init();
- if($feed->error())
+ if($feed->error()) {
logger('Error parsing XML: ' . $feed->error());
+ return $ret;
+ }
$permalink = $feed->get_permalink();
@@ -1559,16 +1605,13 @@ function process_salmon_feed($xml, $importer) {
if($is_reply)
$ret['parent_mid'] = $parent_mid;
- $ret['author'] = array();
-
- $datarray = get_atom_elements($feed, $item, $ret['author']);
+ $ret['author'] = get_atom_author($feed,$item);
+ $ret['item'] = get_atom_elements($feed,$item);
// reset policies which are restricted by default for RSS connections
// This item is likely coming from GNU-social via salmon and allows public interaction
- $datarray['public_policy'] = '';
- $datarray['comment_policy'] = 'authenticated';
-
- $ret['item'] = $datarray;
+ $ret['item']['public_policy'] = '';
+ $ret['item']['comment_policy'] = 'authenticated';
}
}
diff --git a/include/items.php b/include/items.php
index c7206458e..68fa4c3b2 100755
--- a/include/items.php
+++ b/include/items.php
@@ -2327,6 +2327,16 @@ function send_status_notifications($post_id,$item) {
$parent = 0;
+ if(array_key_exists('verb',$item) && (activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE))) {
+
+ $r = q("select id from item where mid = '%s' and uid = %d limit 1",
+ dbesc($item['thr_parent']),
+ intval($item['uid'])
+ );
+
+ $thr_parent_id = $r[0]['id'];
+ }
+
$r = q("select channel_hash from channel where channel_id = %d limit 1",
intval($item['uid'])
);
@@ -2392,10 +2402,10 @@ function send_status_notifications($post_id,$item) {
'to_xchan' => $r[0]['channel_hash'],
'item' => $item,
'link' => $link,
- 'verb' => ACTIVITY_POST,
+ 'verb' => $item['verb'],
'otype' => 'item',
- 'parent' => $parent,
- 'parent_mid' => $item['parent_mid']
+ 'parent' => $thr_parent_id ? $thr_parent_id : $parent,
+ 'parent_mid' => $thr_parent_id ? $item['thr_parent'] : $item['parent_mid']
));
}
@@ -3653,7 +3663,7 @@ function delete_item_lowlevel($item, $stage = DROPITEM_NORMAL, $force = false) {
$linked_item = (($item['resource_id']) ? true : false);
- logger('item: ' . $item . ' stage: ' . $stage . ' force: ' . $force, LOGGER_DATA);
+ logger('item: ' . $item['id'] . ' stage: ' . $stage . ' force: ' . $force, LOGGER_DATA);
switch($stage) {
case DROPITEM_PHASE2:
diff --git a/include/js_strings.php b/include/js_strings.php
index 1b4668061..936594291 100644
--- a/include/js_strings.php
+++ b/include/js_strings.php
@@ -24,10 +24,16 @@ function js_strings() {
'$leavethispage' => t('Unsaved changes. Are you sure you wish to leave this page?'),
'$location' => t('Location'),
- '$t01' => ((t('timeago.prefixAgo') != 'timeago.prefixAgo') ? t('timeago.prefixAgo') : ''),
- '$t02' => ((t('timeago.prefixFromNow') != 'timeago.prefixFromNow') ? t('timeago.prefixFromNow') : ''),
- '$t03' => t('ago'),
- '$t04' => t('from now'),
+ // translatable prefix and suffix strings for jquery.timeago -
+ // using the defaults set below if left untranslated, empty strings if
+ // translated to "NONE" and the corresponding language strings
+ // if translated to anything else
+ '$t01' => ((t('timeago.prefixAgo') == 'timeago.prefixAgo') ? '' : ((t('timeago.prefixAgo') == 'NONE') ? '' : t('timeago.prefixAgo'))),
+ '$t02' => ((t('timeago.prefixFromNow') == 'timeago.prefixFromNow') ? '' : ((t('timeago.prefixFromNow') == 'NONE') ? '' : t('timeago.prefixFromNow'))),
+ '$t03' => ((t('timeago.suffixAgo') == 'timeago.suffixAgo') ? 'ago' : ((t('timeago.suffixAgo') == 'NONE') ? '' : t('timeago.suffixAgo'))),
+ '$t04' => ((t('timeago.suffixFromNow') == 'timeago.suffixFromNow') ? 'from now' : ((t('timeago.suffixFromNow') == 'NONE') ? '' : t('timeago.suffixFromNow'))),
+
+ // translatable main strings for jquery.timeago
'$t05' => t('less than a minute'),
'$t06' => t('about a minute'),
'$t07' => t('%d minutes'),
diff --git a/include/nav.php b/include/nav.php
index 9c88541d1..df58ee96f 100644
--- a/include/nav.php
+++ b/include/nav.php
@@ -73,9 +73,7 @@ EOT;
// nav links: array of array('href', 'text', 'extra css classes', 'title')
$nav = [];
- $disable_discover_tab = get_config('system','disable_discover_tab') || get_config('system','disable_discover_tab') === false;
-
- if(! $disable_discover_tab)
+ if(can_view_public_stream())
$nav['pubs'] = true;
/**
diff --git a/include/network.php b/include/network.php
index 2ac430e82..0824183f7 100644
--- a/include/network.php
+++ b/include/network.php
@@ -1605,10 +1605,10 @@ function get_site_info() {
'commit' => $commit,
'plugins' => $visible_plugins,
'register_policy' => $register_policy[get_config('system','register_policy')],
- 'invitation_only' => intval(get_config('system','invitation_only')),
+ 'invitation_only' => (bool) intval(get_config('system','invitation_only')),
'directory_mode' => $directory_mode[get_config('system','directory_mode')],
'language' => get_config('system','language'),
- 'rss_connections' => intval(get_config('system','feed_contacts')),
+ 'rss_connections' => (bool) intval(get_config('system','feed_contacts')),
'expiration' => $site_expire,
'default_service_restrictions' => $service_class,
'locked_features' => $locked_features,
diff --git a/include/plugin.php b/include/plugin.php
index 67157dee7..62d443ab8 100755
--- a/include/plugin.php
+++ b/include/plugin.php
@@ -179,14 +179,84 @@ function reload_plugins() {
}
+function plugins_installed_list() {
+
+ $r = q("select * from addon where installed = 1 order by aname asc");
+ return(($r) ? ids_to_array($r,'aname') : []);
+}
+
+
+function plugins_sync() {
+
+ /**
+ *
+ * Synchronise plugins:
+ *
+ * App::$config['system']['addon'] contains a comma-separated list of names
+ * of plugins/addons which are used on this system.
+ * Go through the database list of already installed addons, and if we have
+ * an entry, but it isn't in the config list, call the unload procedure
+ * and mark it uninstalled in the database (for now we'll remove it).
+ * Then go through the config list and if we have a plugin that isn't installed,
+ * call the install procedure and add it to the database.
+ *
+ */
+
+ $installed = plugins_installed_list();
+
+ $plugins = get_config('system', 'addon', '');
+
+ $plugins_arr = explode(',', $plugins);
+
+ // array_trim is in include/text.php
+
+ if(! array_walk($plugins_arr,'array_trim'))
+ return;
+
+ App::$plugins = $plugins_arr;
+
+ $installed_arr = [];
+
+ if(count($installed)) {
+ foreach($installed as $i) {
+ if(! in_array($i, $plugins_arr)) {
+ unload_plugin($i);
+ }
+ else {
+ $installed_arr[] = $i;
+ }
+ }
+ }
+
+ if(count($plugins_arr)) {
+ foreach($plugins_arr as $p) {
+ if(! in_array($p, $installed_arr)) {
+ load_plugin($p);
+ }
+ }
+ }
+
+}
+
+
/**
* @brief Get a list of non hidden addons.
*
* @return array
*/
function visible_plugin_list() {
+
$r = q("select * from addon where hidden = 0 order by aname asc");
- return(($r) ? ids_to_array($r,'aname') : array());
+ $x = (($r) ? ids_to_array($r,'aname') : array());
+ $y = [];
+ if($x) {
+ foreach($x as $xv) {
+ if(is_dir('addon/' . $xv)) {
+ $y[] = $xv;
+ }
+ }
+ }
+ return $y;
}
diff --git a/include/queue_fn.php b/include/queue_fn.php
index 5fb0d5f1e..798ac36db 100644
--- a/include/queue_fn.php
+++ b/include/queue_fn.php
@@ -121,7 +121,7 @@ function queue_deliver($outq, $immediate = false) {
$base = null;
$h = parse_url($outq['outq_posturl']);
- if($h)
+ if($h !== false)
$base = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : '');
if(($base) && ($base !== z_root()) && ($immediate)) {
@@ -160,6 +160,9 @@ function queue_deliver($outq, $immediate = false) {
+
+
+
$arr = array('outq' => $outq, 'base' => $base, 'handled' => false, 'immediate' => $immediate);
call_hooks('queue_deliver',$arr);
if($arr['handled'])
@@ -216,7 +219,29 @@ function queue_deliver($outq, $immediate = false) {
// normal zot delivery
logger('deliver: dest: ' . $outq['outq_posturl'], LOGGER_DEBUG);
- $result = zot_zot($outq['outq_posturl'],$outq['outq_notify']);
+
+ $channel = null;
+
+ if($outq['outq_msg'] && $outq['outq_channel']) {
+ $channel = channelx_by_n($outq['outq_channel']);
+ }
+
+ $host_crypto = null;
+
+ if($channel && $base) {
+ $h = q("select hubloc_sitekey, site_crypto from hubloc left join site on hubloc_url = site_url where site_url = '%s' order by hubloc_id desc limit 1",
+ dbesc($base)
+ );
+ if($h) {
+ $host_crypto = $h[0];
+ }
+ }
+
+ $msg = $outq['outq_notify'];
+
+ $result = zot_zot($outq['outq_posturl'],$msg,$channel,$host_crypto);
+
+
if($result['success']) {
logger('deliver: remote zot delivery succeeded to ' . $outq['outq_posturl']);
zot_process_response($outq['outq_posturl'],$result, $outq);
diff --git a/include/text.php b/include/text.php
index 10bbc751a..35a367d43 100644
--- a/include/text.php
+++ b/include/text.php
@@ -2160,6 +2160,35 @@ function ids_to_querystr($arr,$idx = 'id',$quote = false) {
}
/**
+ * @brief array_elm_to_str($arr,$elm,$delim = ',') extract unique individual elements from an array of arrays and return them as a string separated by a delimiter
+ * similar to ids_to_querystr, but allows a different delimiter instead of a db-quote option
+ * empty elements (evaluated after trim()) are ignored.
+ * @param $arr array
+ * @param $elm array key to extract from sub-array
+ * @param $delim string default ','
+ * @returns string
+ */
+
+function array_elm_to_str($arr,$elm,$delim = ',') {
+
+ $tmp = [];
+ if($arr && is_array($arr)) {
+ foreach($arr as $x) {
+ if(is_array($x) && array_key_exists($elm,$x)) {
+ $z = trim($x[$elm]);
+ if(($z) && (! in_array($z,$tmp))) {
+ $tmp[] = $z;
+ }
+ }
+ }
+ }
+ return implode($delim,$tmp);
+}
+
+
+
+
+/**
* @brief Fetches xchan and hubloc data for an array of items with only an
* author_xchan and owner_xchan.
*
@@ -3263,29 +3292,3 @@ function purify_filename($s) {
}
-/**
- * @brief array_elm_to_str($arr,$elm,$delim = ',') extract unique individual elements from an array of arrays and return them as a string separated by a delimiter
- *
- * empty elements (evaluated after trim()) are ignored.
- * @param $arr array
- * @param $elm array key to extract from sub-array
- * @param $delim string default ','
- * @returns string
- */
-
-function array_elm_to_str($arr,$elm,$delim = ',') {
-
- $tmp = [];
- if($arr && is_array($arr)) {
- foreach($arr as $x) {
- if(is_array($x) && array_key_exists($elm,$x)) {
- $z = trim($x[$elm]);
- if(($z) && (! in_array($z,$tmp))) {
- $tmp[] = $z;
- }
- }
- }
- }
- return implode($tmp,$delim);
-}
-
diff --git a/include/zot.php b/include/zot.php
index 8e3d03ad8..d28e584a1 100644
--- a/include/zot.php
+++ b/include/zot.php
@@ -158,6 +158,85 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot
return json_encode($data);
}
+
+/**
+ * @brief Builds a zot6 notification packet.
+ *
+ * Builds a zot6 notification packet that you can either store in the queue with
+ * a message array or call zot_zot to immediately zot it to the other side.
+ *
+ * @param array $channel
+ * sender channel structure
+ * @param string $type
+ * packet type: one of 'ping', 'pickup', 'purge', 'refresh', 'keychange', 'force_refresh', 'notify', 'auth_check'
+ * @param array $recipients
+ * envelope information, array ( 'guid' => string, 'guid_sig' => string ); empty for public posts
+ * @param string $remote_key
+ * optional public site key of target hub used to encrypt entire packet
+ * NOTE: remote_key and encrypted packets are required for 'auth_check' packets, optional for all others
+ * @param string $methods
+ * optional comma separated list of encryption methods @ref zot_best_algorithm()
+ * @param string $secret
+ * random string, required for packets which require verification/callback
+ * e.g. 'pickup', 'purge', 'notify', 'auth_check'. Packet types 'ping', 'force_refresh', and 'refresh' do not require verification
+ * @param string $extra
+ * @returns string json encoded zot packet
+ */
+function zot6_build_packet($channel, $type = 'notify', $recipients = null, $msg = '', $remote_key = null, $methods = '', $secret = null, $extra = null) {
+
+ $sig_method = get_config('system','signature_algorithm','sha256');
+
+ $data = [
+ 'type' => $type,
+ 'sender' => [
+ 'guid' => $channel['channel_guid'],
+ 'guid_sig' => base64url_encode(rsa_sign($channel['channel_guid'],$channel['channel_prvkey'],$sig_method)),
+ 'url' => z_root(),
+ 'url_sig' => base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'],$sig_method)),
+ 'sitekey' => get_config('system','pubkey')
+ ],
+ 'callback' => '/post',
+ 'version' => Zotlabs\Lib\System::get_zot_revision(),
+ 'encryption' => crypto_methods(),
+ 'signing' => signing_methods()
+ ];
+
+ if ($recipients) {
+ for ($x = 0; $x < count($recipients); $x ++)
+ unset($recipients[$x]['hash']);
+
+ $data['recipients'] = $recipients;
+ }
+
+ if($msg) {
+ $data['msg'] = $msg;
+ }
+
+ if ($secret) {
+ $data['secret'] = preg_replace('/[^0-9a-fA-F]/','',$secret);
+ $data['secret_sig'] = base64url_encode(rsa_sign($secret,$channel['channel_prvkey'],$sig_method));
+ }
+
+ if ($extra) {
+ foreach ($extra as $k => $v)
+ $data[$k] = $v;
+ }
+
+ logger('zot6_build_packet: ' . print_r($data,true), LOGGER_DATA, LOG_DEBUG);
+
+ // Hush-hush ultra top-secret mode
+
+ if($remote_key) {
+ $algorithm = zot_best_algorithm($methods);
+ $data = crypto_encapsulate(json_encode($data),$remote_key, $algorithm);
+ }
+
+ return json_encode($data);
+}
+
+
+
+
/**
* @brief Choose best encryption function from those available on both sites.
*
@@ -209,10 +288,23 @@ function zot_best_algorithm($methods) {
*
* @param string $url
* @param array $data
+ * @param array $channel (optional if using zot6 delivery)
+ * @param array $crypto (optional if encrypted httpsig, requires hubloc_sitekey and site_crypto elements)
* @return array see z_post_url() for returned data format
*/
-function zot_zot($url, $data) {
- return z_post_url($url, array('data' => $data));
+function zot_zot($url, $data, $channel = null,$crypto = null) {
+
+ $headers = [];
+
+ if($channel) {
+ $headers['X-Zot-Token'] = random_string();
+ $hash = \Zotlabs\Web\HTTPSig::generate_digest($data,false);
+ $headers['X-Zot-Digest'] = 'SHA-256=' . $hash;
+ $h = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,false,'sha512',(($crypto) ? $crypto['hubloc_sitekey'] : ''), (($crypto) ? zot_best_algorithm($crypto['site_crypto']) : ''));
+ }
+
+ $redirects = 0;
+ return z_post_url($url, array('data' => $data),$redirects,((empty($h)) ? [] : [ 'headers' => $h ]));
}
/**
@@ -1060,7 +1152,12 @@ function zot_process_response($hub, $arr, $outq) {
* @brief
*
* We received a notification packet (in mod_post) that a message is waiting for us, and we've verified the sender.
- * Now send back a pickup message, using our message tracking ID ($arr['secret']), which we will sign with our site
+ * Check if the site is using zot6 delivery and includes a verified HTTP Signature, signed content, and a 'msg' field,
+ * and also that the signer and the sender match.
+ * If that happens, we do not need to fetch/pickup the message - we have it already and it is verified.
+ * Translate it into the form we need for zot_import() and import it.
+ *
+ * Otherwise send back a pickup message, using our message tracking ID ($arr['secret']), which we will sign with our site
* private key.
* The entire pickup message is encrypted with the remote site's public key.
* If everything checks out on the remote end, we will receive back a packet containing one or more messages,
@@ -1078,38 +1175,61 @@ function zot_fetch($arr) {
$url = $arr['sender']['url'] . $arr['callback'];
- // set $multiple param on zot_gethub() to return all matching hubs
- // This allows us to recover from re-installs when a redundant (but invalid) hubloc for
- // this identity is widely dispersed throughout the network.
+ $import = null;
+ $hubs = null;
+
+ $zret = zot6_check_sig();
- $ret_hubs = zot_gethub($arr['sender'],true);
- if(! $ret_hubs) {
+ if($zret['success'] && $zret['hubloc'] && $zret['hubloc']['hubloc_guid'] === $data['sender']['guid'] && $data['msg']) {
+ logger('zot6_delivery',LOGGER_DEBUG);
+ logger('zot6_data: ' . print_r($data,true),LOGGER_DATA);
+
+ $ret['collected'] = true;
+
+ $import = [ 'success' => true, 'body' => json_encode( [ 'success' => true, 'pickup' => [ [ 'notify' => $data, 'message' => json_decode($data['msg'],true) ] ] ] ) ];
+ $hubs = [ $zret['hubloc'] ] ;
+ }
+
+ if(! $hubs) {
+ // set $multiple param on zot_gethub() to return all matching hubs
+ // This allows us to recover from re-installs when a redundant (but invalid) hubloc for
+ // this identity is widely dispersed throughout the network.
+
+ $hubs = zot_gethub($arr['sender'],true);
+ }
+
+ if(! $hubs) {
logger('No hub: ' . print_r($arr['sender'],true));
return;
}
- foreach($ret_hubs as $ret_hub) {
+ foreach($hubs as $hub) {
- $secret = substr(preg_replace('/[^0-9a-fA-F]/','',$arr['secret']),0,64);
+ if(! $import) {
+ $secret = substr(preg_replace('/[^0-9a-fA-F]/','',$arr['secret']),0,64);
- $data = [
- 'type' => 'pickup',
- 'url' => z_root(),
- 'callback_sig' => base64url_encode(rsa_sign(z_root() . '/post', get_config('system','prvkey'))),
- 'callback' => z_root() . '/post',
- 'secret' => $secret,
- 'secret_sig' => base64url_encode(rsa_sign($secret, get_config('system','prvkey')))
- ];
+ $data = [
+ 'type' => 'pickup',
+ 'url' => z_root(),
+ 'callback_sig' => base64url_encode(rsa_sign(z_root() . '/post', get_config('system','prvkey'))),
+ 'callback' => z_root() . '/post',
+ 'secret' => $secret,
+ 'secret_sig' => base64url_encode(rsa_sign($secret, get_config('system','prvkey')))
+ ];
- $algorithm = zot_best_algorithm($ret_hub['site_crypto']);
- $datatosend = json_encode(crypto_encapsulate(json_encode($data),$ret_hub['hubloc_sitekey'], $algorithm));
+ $algorithm = zot_best_algorithm($hub['site_crypto']);
+ $datatosend = json_encode(crypto_encapsulate(json_encode($data),$hub['hubloc_sitekey'], $algorithm));
- $fetch = zot_zot($url,$datatosend);
+ $import = zot_zot($url,$datatosend);
+ }
+ else {
+ $algorithm = zot_best_algorithm($hub['site_crypto']);
+ }
- $result = zot_import($fetch, $arr['sender']['url']);
+ $result = zot_import($import, $arr['sender']['url']);
if($result) {
- $result = crypto_encapsulate(json_encode($result),$ret_hub['hubloc_sitekey'], $algorithm);
+ $result = crypto_encapsulate(json_encode($result),$hub['hubloc_sitekey'], $algorithm);
return $result;
}
@@ -4967,6 +5087,39 @@ function zot_reply_refresh($sender, $recipients) {
}
+function zot6_check_sig() {
+
+ $ret = [ 'success' => false ];
+
+ logger('server: ' . print_r($_SERVER,true), LOGGER_DATA);
+
+ if(array_key_exists('HTTP_SIGNATURE',$_SERVER)) {
+ $sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER['HTTP_SIGNATURE']);
+ if($sigblock) {
+ $keyId = $sigblock['keyId'];
+
+ if($keyId) {
+ $r = q("select hubloc.*, site_crypto from hubloc left join site on hubloc_url = site_url
+ where hubloc_addr = '%s' ",
+ dbesc(str_replace('acct:','',$keyId))
+ );
+ if($r) {
+ foreach($r as $hubloc) {
+ $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']);
+ if($verified && $verified['header_signed'] && $verified['header_valid'] && $verified['content_signed'] && $verified['content_valid']) {
+ $ret['hubloc'] = $hubloc;
+ $ret['success'] = true;
+ return $ret;
+ }
+ }
+ }
+ }
+ }
+ }
+
+ return $ret;
+}
+
function zot_reply_notify($data) {
$ret = array('success' => false);