aboutsummaryrefslogtreecommitdiffstats
path: root/mod
diff options
context:
space:
mode:
Diffstat (limited to 'mod')
-rw-r--r--mod/dfrn_notify.php29
-rw-r--r--mod/dfrn_poll.php43
-rw-r--r--mod/redir.php9
3 files changed, 52 insertions, 29 deletions
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php
index 3e98377e8..7cab98eb8 100644
--- a/mod/dfrn_notify.php
+++ b/mod/dfrn_notify.php
@@ -23,7 +23,10 @@ function dfrn_notify_post(&$a) {
// find the local user who owns this relationship.
- $r = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`, `user`.* FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` WHERE `issued-id` = '%s' LIMIT 1",
+ $r = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`, `user`.* FROM `contact`
+ LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
+ WHERE ( `issued-id` = '%s' OR ( `duplex` = 1 AND `dfrn-id` = '%s' )) LIMIT 1",
+ dbesc($dfrn_id),
dbesc($dfrn_id)
);
@@ -341,20 +344,28 @@ function dfrn_notify_content(&$a) {
intval(time() + 60 )
);
- $r = q("SELECT * FROM `contact` WHERE `issued-id` = '%s' AND `blocked` = 0 AND `pending` = 0 LIMIT 1",
- dbesc($_GET['dfrn_id']));
- if((! count($r)) || (! strlen($r[0]['prvkey'])))
+ $r = q("SELECT * FROM `contact` WHERE ( `issued-id` = '%s' OR ( `duplex` = 1 AND `dfrn-id` = '%s'))
+ AND `blocked` = 0 AND `pending` = 0 LIMIT 1",
+ dbesc($_GET['dfrn_id']),
+ dbesc($_GET['dfrn_id'])
+ );
+ if(! count($r))
$status = 1;
$challenge = '';
-
- openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
- $challenge = bin2hex($challenge);
-
$encrypted_id = '';
$id_str = $_GET['dfrn_id'] . '.' . mt_rand(1000,9999);
- openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
+ if($r[0]['duplex']) {
+ openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']);
+ openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']);
+ }
+ else {
+ openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
+ openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
+ }
+
+ $challenge = bin2hex($challenge);
$encrypted_id = bin2hex($encrypted_id);
echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_notify><status>' .$status . '</status><dfrn_id>' . $encrypted_id . '</dfrn_id>' . '<challenge>' . $challenge . '</challenge></dfrn_notify>' . "\r\n" ;
diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php
index c627c2b41..84cb58da0 100644
--- a/mod/dfrn_poll.php
+++ b/mod/dfrn_poll.php
@@ -25,8 +25,11 @@ function dfrn_poll_init(&$a) {
$r = q("SELECT `contact`.*, `user`.`nickname`
FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
- WHERE `dfrn-id` = '%s' LIMIT 1",
- dbesc($dfrn_id));
+ WHERE ( `dfrn-id` = '%s' OR ( `issued-id` = '%s' AND `duplex `= 1 )) LIMIT 1",
+ dbesc($dfrn_id),
+ dbesc($dfrn_id)
+ );
+
if(count($r)) {
$s = fetch_url($r[0]['poll'] . '?dfrn_id=' . $dfrn_id . '&type=profile-check');
if(strlen($s)) {
@@ -87,9 +90,11 @@ function dfrn_poll_post(&$a) {
);
- $r = q("SELECT * FROM `contact` WHERE `issued-id` = '%s' LIMIT 1",
+ $r = q("SELECT * FROM `contact` WHERE ( `issued-id` = '%s' OR ( `dfrn-id` = '%s' AND `duplex` = 1 )) LIMIT 1",
+ dbesc($dfrn_id),
dbesc($dfrn_id)
);
+
if(! count($r))
killme();
@@ -165,23 +170,32 @@ function dfrn_poll_content(&$a) {
dbesc($last_update)
);
- $r = q("SELECT * FROM `contact` WHERE `issued-id` = '%s' AND `blocked` = 0 AND `pending` = 0 LIMIT 1",
- dbesc($_GET['dfrn_id']));
- if((count($r)) && (strlen($r[0]['prvkey']))) {
+ $r = q("SELECT * FROM `contact` WHERE ( `issued-id` = '%s' OR ( `dfrn-id` = '%s' AND `duplex` = 1 ))
+ AND `blocked` = 0 AND `pending` = 0 LIMIT 1",
+ dbesc($_GET['dfrn_id']),
+ dbesc($_GET['dfrn_id'])
+ );
+ if(count($r)) {
$challenge = '';
-
- openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
- $challenge = bin2hex($challenge);
-
$encrypted_id = '';
$id_str = $_GET['dfrn_id'] . '.' . mt_rand(1000,9999);
- openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
+
+ if($r[0]['duplex']) {
+ openssl_public_encrypt($hash,$challenge,$r[0]['pubkey']);
+ openssl_public_encrypt($id_str,$encrypted_id,$r[0]['pubkey']);
+ }
+ else {
+ openssl_private_encrypt($hash,$challenge,$r[0]['prvkey']);
+ openssl_private_encrypt($id_str,$encrypted_id,$r[0]['prvkey']);
+ }
+
+ $challenge = bin2hex($challenge);
$encrypted_id = bin2hex($encrypted_id);
}
else {
- $status = 1; // key not found
+ $status = 1;
}
echo '<?xml version="1.0" encoding="UTF-8"?><dfrn_poll><status>' .$status . '</status><dfrn_id>' . $encrypted_id . '</dfrn_id>'
@@ -189,11 +203,6 @@ function dfrn_poll_content(&$a) {
session_write_close();
exit;
}
-
-
-
-
-
}
diff --git a/mod/redir.php b/mod/redir.php
index ea1aec6e9..88b291146 100644
--- a/mod/redir.php
+++ b/mod/redir.php
@@ -4,17 +4,20 @@ function redir_init(&$a) {
if((! local_user()) || (! ($a->argc == 2)) || (! intval($a->argv[1])))
goaway($a->get_baseurl());
- $r = q("SELECT `issued-id`, `poll` FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
+ $r = q("SELECT `issued-id`, `dfrn-id`, `duplex`, `poll` FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($a->argv[1]),
intval($_SESSION['uid']));
if(! count($r))
goaway($a->get_baseurl());
+
+ $dfrn_id = (($r[0]['duplex']) ? $r[0]['dfrn-id'] : $r[0]['issued-id']);
+
q("INSERT INTO `profile_check` ( `uid`, `dfrn_id`, `expire`)
VALUES( %d, '%s', %d )",
intval($_SESSION['uid']),
- dbesc($r[0]['issued-id']),
+ dbesc($dfrn_id),
intval(time() + 45));
- goaway ($r[0]['poll'] . '?dfrn_id=' . $r[0]['issued-id'] . '&type=profile');
+ goaway ($r[0]['poll'] . '?dfrn_id=' . $dfrn_id . '&type=profile');