aboutsummaryrefslogtreecommitdiffstats
path: root/mod/magic.php
diff options
context:
space:
mode:
Diffstat (limited to 'mod/magic.php')
-rw-r--r--mod/magic.php78
1 files changed, 17 insertions, 61 deletions
diff --git a/mod/magic.php b/mod/magic.php
index e3b14db62..29d16eec5 100644
--- a/mod/magic.php
+++ b/mod/magic.php
@@ -13,64 +13,20 @@ function magic_init(&$a) {
$dest = ((x($_REQUEST,'dest')) ? $_REQUEST['dest'] : '');
$rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0);
- if($hash) {
- $x = q("select xchan.xchan_url, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
- where hubloc_hash = '%s' and (hubloc_flags & %d) order by hubloc_id desc limit 1",
- dbesc($hash),
- intval(HUBLOC_FLAGS_PRIMARY)
- );
- }
- elseif($addr) {
- $x = q("select hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
- where xchan_addr = '%s' and (hubloc_flags & %d) order by hubloc_id desc limit 1",
- dbesc($addr),
- intval(HUBLOC_FLAGS_PRIMARY)
- );
- }
- else {
-
- // See if we know anybody at the dest site that will unlock the door for us
- // This is the equivalent of buzzing every apartment in an apartment block
- // to get inside the front gate. The thing about magic auth is that we're
- // authenticating to the other site. Permissions provided by various
- // channels will still affect what we can do once authenticated.
-
- $b = explode('/',$dest);
-
- if(count($b) >= 2) {
- $u = $b[0] . '//' . $b[2];
-
- if(local_user()) {
- // first look for a connection or anybody who knows us
- $x = q("select xchan.xchan_url, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
- left join abook on abook_xchan = hubloc_hash
- where abook_channel = %d and hubloc_url = '%s' order by hubloc_id desc limit 5",
- intval(local_user()),
- dbesc($u)
- );
- }
- if(! $x) {
- // no luck - ok anybody will do
- $x = q("select xchan.xchan_url, hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
- where hubloc_url = '%s' order by hubloc_id desc limit 5",
- dbesc($u)
- );
- }
-
- if($x) {
- // They must have a valid hubloc_addr
- while(! strpos($x[0]['hubloc_addr'],'@')) {
- array_shift($x);
- }
- }
+ $parsed = parse_url($dest);
+ if(! $parsed)
+ goaway($dest);
- }
- }
+ $basepath = $parsed['scheme'] . '://' . $parsed['host'] . (($parsed['port']) ? ':' . $parsed['port'] : '');
+ $x = q("select * from hubloc where hubloc_url = '%s' order by hubloc_connected desc limit 1"
+ dbesc($basepath)
+ );
+
if(! $x) {
- // Finger them if they've never been seen here before
+ // Somebody new? Finger them if they've never been seen here before
if($addr) {
$ret = zot_finger($addr,null);
@@ -78,10 +34,11 @@ function magic_init(&$a) {
$j = json_decode($ret['body'],true);
if($j)
import_xchan($j);
- $x = q("select hubloc.* from xchan left join hubloc on xchan_hash = hubloc_hash
- where xchan_addr = '%s' and (hubloc_flags & %d) order by hubloc_id desc limit 1",
- dbesc($addr),
- intval(HUBLOC_FLAGS_PRIMARY)
+
+ // Now try again
+
+ $x = q("select * from hubloc where hubloc_url = '%s' order by hubloc_connected desc limit 1"
+ dbesc($basepath)
);
}
}
@@ -112,7 +69,7 @@ function magic_init(&$a) {
if(! $arr['proceed'])
goaway($dest);
- if($x[0]['hubloc_url'] === z_root()) {
+ if((get_observer_hash()) && ($x[0]['hubloc_url'] === z_root())) {
// We are already authenticated on this site and a registered observer.
// Just redirect.
goaway($dest);
@@ -143,7 +100,6 @@ function magic_init(&$a) {
. '&sec=' . $token . '&dest=' . urlencode($dest) . '&version=' . ZOT_REVISION);
}
- if(strpos($dest,'/'))
- goaway($dest);
- goaway(z_root());
+ goaway($dest);
+
}