From 37653a376085e7f155ec101b937583f5d08012cc Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 1 Nov 2012 22:23:13 -0700 Subject: grrr... hashes aren't matching. --- include/follow.php | 78 ++++++------------------------------ include/permissions.php | 43 ++++++++++++-------- include/zot.php | 102 ++++++++++++++++++++++++++++++++++++++++++++++++ mod/abook.php | 2 +- mod/settings.php | 2 +- 5 files changed, 143 insertions(+), 84 deletions(-) diff --git a/include/follow.php b/include/follow.php index e9c6c1ee5..3cf29c733 100644 --- a/include/follow.php +++ b/include/follow.php @@ -42,7 +42,7 @@ function new_contact($uid,$url,$channel,$interactive = false) { } logger('follow: ' . $url . ' ' . print_r($j,true)); - killme(); +// killme(); if(! ($j->success && $j->guid)) { @@ -68,76 +68,24 @@ function new_contact($uid,$url,$channel,$interactive = false) { // do we have an xchan and hubloc? // If not, create them. - $xchan_hash = base64_urlencode(hash('whirlpool',$j->quid . $j->guid_sg, true)); - -// FIXME - verify the signature - - $r = q("select * from xchan where xchan_hash = '%s' limit 1", - dbesc($xchan_hash) - ); - if(! $r) { - $x = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_mimetype, - xchan_photo_l, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_photo_date, xchan_name_date) - values ( '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ", - dbesc($xchan_hash), - dbesc($j->guid), - dbesc($j->guid_sig), - dbesc($j->key), - dbesc($j->photo_mimetype), - dbesc($j->photo), - dbesc($j->address), - dbesc($j->url), - dbesc($j->name), - dbesc('zot'), - dbesc($j->photo_updated), - dbesc($j->name_updated) - ); + $x = import_xchan_from_json($j); - require_once("Photo.php"); + // Do we already have an abook entry? + // go directly to the abook edit page. - $photos = import_profile_photo($j->photo,0,$contact_id); - $r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s' = '%s', xchan_photo_mimetype = '%s' - where xchan_hash = '%s' limit 1", - dbesc($photos[0]), - dbesc($photos[1]), - dbesc($photos[2]), - dbesc($photos[3]), - dbesc($xchan_hash) - ); - } - - if($j->locations) { - foreach($j->locations as $location) { - $r = q("select * from hubloc where hubloc_hash = '%s' and hubloc_url = '%s' limit 1", - dbesc($xchan_hash), - dbesc($location['url']) - ); - if($r) - continue; - -// FIXME verify the signature - - $r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_flags, hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey) - values ( '%s','%s','%s','%s', %d ,'%s','%s','%s','%s','%s')", - dbesc($j->guid), - dbesc($j->guid_sig), - dbesc($xchan_hash), - dbesc($location['address']), - intval((intval($location['primary'])) ? HUBLOC_FLAGS_PRIMARY : 0), - dbesc($location['url']), - dbesc($location['url_sig']), - dbesc($location['host']), - dbesc($location['callback']), - dbesc($location['sitekey']) - ); - - } + $their_perms = 0; + $global_perms = get_perms(); + + foreach($j->permissions as $k => $v) { + logger('perm: ' . $k . ' = ' . $v); + logger('global: ' . print_r($global_perms[$k],true)); + if($v) + $their_perms = $their_perms | intval($global_perms[$k][1]); } + logger('Permissions: ' . $their_perms); - // Do we already have an abook entry? - // go directly to the abook edit page. // Else create an entry diff --git a/include/permissions.php b/include/permissions.php index 0cb5fe9e5..ef87a31a5 100644 --- a/include/permissions.php +++ b/include/permissions.php @@ -1,22 +1,25 @@ array('channel_r_stream', PERMS_R_STREAM, true), - 'view_profile' => array('channel_r_profile', PERMS_R_PROFILE, true), - 'view_photos' => array('channel_r_photos', PERMS_R_PHOTOS, true), - 'view_contacts' => array('channel_r_abook', PERMS_R_ABOOK, true), + 'view_stream' => array('channel_r_stream', intval(PERMS_R_STREAM), true), + 'view_profile' => array('channel_r_profile', intval(PERMS_R_PROFILE), true), + 'view_photos' => array('channel_r_photos', intval(PERMS_R_PHOTOS), true), + 'view_contacts' => array('channel_r_abook', intval(PERMS_R_ABOOK), true), // Write permissions - 'send_stream' => array('channel_w_stream', PERMS_W_STREAM, false), - 'post_wall' => array('channel_w_wall', PERMS_W_WALL, false), - 'tag_deliver' => array('channel_w_tagwall', PERMS_W_TAGWALL, false), - 'post_comments' => array('channel_w_comment', PERMS_W_COMMENT, false), - 'post_mail' => array('channel_w_mail', PERMS_W_MAIL, false), - 'post_photos' => array('channel_w_photos', PERMS_W_PHOTOS, false), - 'chat' => array('channel_w_chat', PERMS_W_CHAT, false), + 'send_stream' => array('channel_w_stream', intval(PERMS_W_STREAM), false), + 'post_wall' => array('channel_w_wall', intval(PERMS_W_WALL), false), + 'tag_deliver' => array('channel_w_tagwall', intval(PERMS_W_TAGWALL), false), + 'post_comments' => array('channel_w_comment', intval(PERMS_W_COMMENT), false), + 'post_mail' => array('channel_w_mail', intval(PERMS_W_MAIL), false), + 'post_photos' => array('channel_w_photos', intval(PERMS_W_PHOTOS), false), + 'chat' => array('channel_w_chat', intval(PERMS_W_CHAT), false), ); + return $global_perms; +} // Since these include the translation function - they couldn't be included @@ -55,7 +58,7 @@ function perms_text() { function get_all_perms($uid,$observer,$internal_use = true) { - global $global_perms; + $global_perms = get_perms(); // Save lots of individual lookups @@ -94,14 +97,16 @@ function get_all_perms($uid,$observer,$internal_use = true) { continue; } - // If it's an unauthenticated observer, we only need to see if PERMS_PUBLIC is set + if($r[0][$channel_perm] & PERMS_PUBLIC) { + $ret[$perm_name] = true; + continue; + } if(! $observer) { - $ret[$perm_name] = (($r[0][$channel_perm] & PERMS_PUBLIC) ? true : false); + $ret[$perm_name] = false; continue; } - // If we're still here, we have an observer, which means they're in the network. if($r[0][$channel_perm] & PERMS_NETWORK) { @@ -188,7 +193,7 @@ function get_all_perms($uid,$observer,$internal_use = true) { function perm_is_allowed($uid,$observer,$permission) { - global $global_perms; + $global_perms = get_perms(); // First find out what the channel owner declared permissions to be. @@ -206,10 +211,14 @@ function perm_is_allowed($uid,$observer,$permission) { if($r[0]['channel_hash'] === $observer) return true; + + if($r[0][$channel_perm] & PERMS_PUBLIC) + return true; + // If it's an unauthenticated observer, we only need to see if PERMS_PUBLIC is set if(! $observer) { - return(($r[0][$channel_perm] & PERMS_PUBLIC) ? true : false); + return false; } // If we're still here, we have an observer, which means they're in the network. diff --git a/include/zot.php b/include/zot.php index 8d3fafcc8..ef4b64e4a 100644 --- a/include/zot.php +++ b/include/zot.php @@ -179,3 +179,105 @@ function zot_register_hub($arr) { } return $total; } + + +// Takes a json array from zot_finger and imports the xchan and hublocs +// If the xchan already exists, update the name and photo if these have changed. +// + + +function import_xchan_from_json($j) { + + $xchan_hash = base64url_encode(hash('whirlpool',$j->quid . $j->guid_sig, true)); + $import_photos = false; + +// FIXME - verify the signature + + $r = q("select * from xchan where xchan_hash = '%s' limit 1", + dbesc($xchan_hash) + ); + if($r) { + if($r[0]['xchan_photo_date'] != $j->photo_updated) + $update_photos = true; + if($r[0]['xchan_name_date'] != $j->name_updated) { + $r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s' where xchan_hash = '%s' limit 1", + dbesc($j->name), + dbesc($j->name_updated), + dbesc($xchan_hash) + ); + } + } + else { + $import_photos = true; + $x = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_mimetype, + xchan_photo_l, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_photo_date, xchan_name_date) + values ( '%s', '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ", + dbesc($xchan_hash), + dbesc($j->guid), + dbesc($j->guid_sig), + dbesc($j->key), + dbesc($j->photo_mimetype), + dbesc($j->photo), + dbesc($j->address), + dbesc($j->url), + dbesc($j->name), + dbesc('zot'), + dbesc($j->photo_updated), + dbesc($j->name_updated) + ); + + } + + + if($import_photos) { + + require_once("Photo.php"); + + $photos = import_profile_photo($j->photo,0,$xchan_hash); + $r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' + where xchan_hash = '%s' limit 1", + dbesc($j->photo_updated), + dbesc($photos[0]), + dbesc($photos[1]), + dbesc($photos[2]), + dbesc($photos[3]), + dbesc($xchan_hash) + ); + } + + if($j->locations) { + foreach($j->locations as $location) { + $r = q("select * from hubloc where hubloc_hash = '%s' and hubloc_url = '%s' limit 1", + dbesc($xchan_hash), + dbesc($location->url) + ); + if($r) { + if(($r[0]['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY) && (! $location->primary)) { + $r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d) where hubloc_id = %d limit 1", + intval(HUBLOC_FLAGS_PRIMARY), + intval($r[0]['hubloc_id']) + ); + } + continue; + } +// FIXME verify the signature + + $r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_flags, hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey) + values ( '%s','%s','%s','%s', %d ,'%s','%s','%s','%s','%s')", + dbesc($j->guid), + dbesc($j->guid_sig), + dbesc($xchan_hash), + dbesc($location->address), + intval((intval($location->primary)) ? HUBLOC_FLAGS_PRIMARY : 0), + dbesc($location->url), + dbesc($location->url_sig), + dbesc($location->host), + dbesc($location->callback), + dbesc($location->sitekey) + ); + + } + + } + +} \ No newline at end of file diff --git a/mod/abook.php b/mod/abook.php index 51cebd160..3d73217f1 100644 --- a/mod/abook.php +++ b/mod/abook.php @@ -509,7 +509,7 @@ EOT; } - $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_chan = xchan.xchan_hash + $r = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook.abook_xchan = xchan.xchan_hash WHERE abook_channel = %d and not (abook_flags & %d) $sql_extra $sql_extra2 ORDER BY xchan_name LIMIT %d , %d ", intval(local_user()), intval(ABOOK_FLAG_SELF), diff --git a/mod/settings.php b/mod/settings.php index 6c31242f6..3e8134d5c 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -719,7 +719,7 @@ function settings_content(&$a) { $channel = $a->get_channel(); - global $global_perms; + $global_perms = get_perms(); $perms = perms_text(); $permiss = array(); -- cgit v1.2.3