aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/post.php58
-rw-r--r--mod/zfinger.php25
2 files changed, 65 insertions, 18 deletions
diff --git a/mod/post.php b/mod/post.php
index fb8885b93..82ffb5817 100644
--- a/mod/post.php
+++ b/mod/post.php
@@ -9,16 +9,25 @@ require_once('include/zot.php');
function post_post(&$a) {
- $ret = array('result' => false, 'message' => '');
+ $ret = array('result' => false);
- $msgtype = ((array_key_exists('type',$_REQUEST)) ? $_REQUEST['type'] : '');
+ if(array_key_exists('iv',$_REQUEST)) {
+ // hush-hush ultra top secret mode
+ $data = aes_unencapsulate($_REQUEST,get_config('system','site_prvkey'));
+ }
+ else {
+ $data = $_REQUEST;
+ }
- if(array_key_exists('sender',$_REQUEST)) {
- $j_sender = json_decode($_REQUEST['sender']);
+ $msgtype = ((array_key_exists('type',$data)) ? $data['type'] : '');
+
+ if(array_key_exists('sender',$data)) {
+ $j_sender = json_decode($data['sender']);
}
$hub = zot_gethub($j_sender);
if(! $hub) {
+ // (!!) this will validate the sender
$result = zot_register_hub($j_sender);
if((! $result['success']) || (! zot_gethub($j_sender))) {
$ret['message'] = 'Hub not available.';
@@ -26,27 +35,54 @@ function post_post(&$a) {
}
}
- // check which hub is primary and take action if mismatched
+ // TODO: check which hub is primary and take action if mismatched
+ if(array_key_exists('recipients',$data))
+ $j_recipients = json_decode($data['recipients']);
if($msgtype === 'refresh') {
- // Need to pass the recipient in the message
+ // remote channel info (such as permissions or photo or something)
+ // has been updated. Grab a fresh copy and sync it.
- // look up recipient
+ if($j_recipients) {
- // format args
- // $r = zot_refresh($them,$channel);
+ // This would be a permissions update, typically for one connection
- return;
+ foreach($j_recipients as $recip) {
+ $r = q("select channel.*,xchan.* from channel
+ left join xchan on channel_hash = xchan_hash
+ where channel_guid = '%s' and channel_guid_sig = '%s' limit 1",
+ dbesc($recip->guid),
+ dbesc($recip->guid_sig)
+ );
+ $x = zot_refresh(array(
+ 'xchan_guid' => $j_sender->guid,
+ 'xchan_guid_sig' => $j_sender->guid_sig,
+ 'hubloc_url' => $j_sender->url
+ ),$r[0]);
+ }
+ }
+ else {
+
+ // system wide refresh
+
+ $x = zot_refresh(array(
+ 'xchan_guid' => $j_sender->guid,
+ 'xchan_guid_sig' => $j_sender->guid_sig,
+ 'hubloc_url' => $j_sender->url
+ ),null);
+ }
+ $ret['result'] = true;
+ json_return_and_die($ret);
}
if($msgtype === 'notify') {
// add to receive queue
- // qreceive_add($_REQUEST);
+ // qreceive_add($data);
$ret['result'] = true;
json_return_and_die($ret);
diff --git a/mod/zfinger.php b/mod/zfinger.php
index cc4b8cdd3..e1afdeba4 100644
--- a/mod/zfinger.php
+++ b/mod/zfinger.php
@@ -7,11 +7,13 @@ function zfinger_init(&$a) {
$ret = array('success' => false);
- $zhash = ((x($_REQUEST,'guid_hash')) ? $_REQUEST['guid_hash'] : '');
- $zaddr = ((x($_REQUEST,'address')) ? $_REQUEST['address'] : '');
- $ztarget = ((x($_REQUEST,'target')) ? $_REQUEST['target'] : '');
- $zsig = ((x($_REQUEST,'target_sig')) ? $_REQUEST['target_sig'] : '');
- $zkey = ((x($_REQUEST,'key')) ? $_REQUEST['key'] : '');
+ $zhash = ((x($_REQUEST,'guid_hash')) ? $_REQUEST['guid_hash'] : '');
+ $zguid = ((x($_REQUEST,'guid')) ? $_REQUEST['guid'] : '');
+ $zguid_sig = ((x($_REQUEST,'guid_sig')) ? $_REQUEST['guid_sig'] : '');
+ $zaddr = ((x($_REQUEST,'address')) ? $_REQUEST['address'] : '');
+ $ztarget = ((x($_REQUEST,'target')) ? $_REQUEST['target'] : '');
+ $zsig = ((x($_REQUEST,'target_sig')) ? $_REQUEST['target_sig'] : '');
+ $zkey = ((x($_REQUEST,'key')) ? $_REQUEST['key'] : '');
if($ztarget) {
if((! $zkey) || (! $zsig) || (! rsa_verify($ztarget,base64url_decode($zsig),$zkey))) {
@@ -23,12 +25,19 @@ function zfinger_init(&$a) {
$r = null;
- if(strlen($zguid)) {
+ if(strlen($zhash)) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
where channel_hash = '%s' limit 1",
dbesc($zhash)
);
}
+ if(strlen($zguid) && strlen($zguid_sig)) {
+ $r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
+ where channel_guid = '%s' and channel_guid_sig = '%s' limit 1",
+ dbesc($zguid),
+ dbesc($zguid_sig)
+ );
+ }
elseif(strlen($zaddr)) {
$r = q("select channel.*, xchan.* from channel left join xchan on channel_hash = xchan_hash
where channel_address = '%s' limit 1",
@@ -40,7 +49,7 @@ function zfinger_init(&$a) {
json_return_and_die($ret);
}
- if(! ($r && count($r))) {
+ if(! $r) {
$ret['message'] = 'Item not found.';
json_return_and_die($ret);
}
@@ -48,6 +57,8 @@ function zfinger_init(&$a) {
$e = $r[0];
$id = $e['channel_id'];
+
+// This is for birthdays and keywords, but must check access permissions
// $r = q("select contact.*, profile.*
// from contact left join profile on contact.uid = profile.uid
// where contact.uid = %d && contact.self = 1 and profile.is_default = 1 limit 1",