From 59940e7f053a1bb3fd0588e25d34b5235133dd2b Mon Sep 17 00:00:00 2001 From: Mario Date: Sat, 9 Oct 2021 19:46:27 +0000 Subject: make sure to not include removed channels in xrd or webfinger queries --- Zotlabs/Module/Wfinger.php | 52 +++++++++++++++++++++------------------------- Zotlabs/Module/Xrd.php | 27 ++++++++++++------------ 2 files changed, 37 insertions(+), 42 deletions(-) diff --git a/Zotlabs/Module/Wfinger.php b/Zotlabs/Module/Wfinger.php index 6dedc1ef1..43102f006 100644 --- a/Zotlabs/Module/Wfinger.php +++ b/Zotlabs/Module/Wfinger.php @@ -72,20 +72,16 @@ class Wfinger extends \Zotlabs\Web\Controller { dbesc($channel) ); if($r) { - $r[0] = pchan_to_chan($r[0]); + $r = pchan_to_chan($r[0]); } } else { - $r = q("select * from channel left join xchan on channel_hash = xchan_hash - where channel_address = '%s' limit 1", - dbesc($channel) - ); + $r = channelx_by_nick($channel); } } header('Access-Control-Allow-Origin: *'); - if($root_resource) { $result['subject'] = $resource; $result['properties'] = [ @@ -107,15 +103,15 @@ class Wfinger extends \Zotlabs\Web\Controller { if($resource && $r) { $h = q("select hubloc_addr from hubloc where hubloc_hash = '%s' and hubloc_deleted = 0", - dbesc($r[0]['channel_hash']) + dbesc($r['channel_hash']) ); $result['subject'] = $resource; $aliases = array( - z_root() . (($pchan) ? '/pchan/' : '/channel/') . $r[0]['channel_address'], - z_root() . '/~' . $r[0]['channel_address'], - z_root() . '/@' . $r[0]['channel_address'] + z_root() . (($pchan) ? '/pchan/' : '/channel/') . $r['channel_address'], + z_root() . '/~' . $r['channel_address'], + z_root() . '/@' . $r['channel_address'] ); if($h) { @@ -127,9 +123,9 @@ class Wfinger extends \Zotlabs\Web\Controller { $result['aliases'] = []; $result['properties'] = [ - 'http://webfinger.net/ns/name' => $r[0]['channel_name'], - 'http://xmlns.com/foaf/0.1/name' => $r[0]['channel_name'], - 'https://w3id.org/security/v1#publicKeyPem' => $r[0]['xchan_pubkey'], + 'http://webfinger.net/ns/name' => $r['channel_name'], + 'http://xmlns.com/foaf/0.1/name' => $r['channel_name'], + 'https://w3id.org/security/v1#publicKeyPem' => $r['xchan_pubkey'], 'http://purl.org/zot/federation' => 'zot6,zot' ]; @@ -143,18 +139,18 @@ class Wfinger extends \Zotlabs\Web\Controller { [ 'rel' => 'http://webfinger.net/rel/avatar', - 'type' => $r[0]['xchan_photo_mimetype'], - 'href' => $r[0]['xchan_photo_l'] + 'type' => $r['xchan_photo_mimetype'], + 'href' => $r['xchan_photo_l'] ], [ 'rel' => 'http://webfinger.net/rel/profile-page', - 'href' => $r[0]['xchan_url'], + 'href' => $r['xchan_url'], ], [ 'rel' => 'magic-public-key', - 'href' => 'data:application/magic-public-key,' . Keyutils::salmonKey($r[0]['channel_pubkey']), + 'href' => 'data:application/magic-public-key,' . Keyutils::salmonKey($r['channel_pubkey']), ] ]; @@ -167,14 +163,14 @@ class Wfinger extends \Zotlabs\Web\Controller { [ 'rel' => 'http://webfinger.net/rel/avatar', - 'type' => $r[0]['xchan_photo_mimetype'], - 'href' => $r[0]['xchan_photo_l'] + 'type' => $r['xchan_photo_mimetype'], + 'href' => $r['xchan_photo_l'] ], [ 'rel' => 'http://microformats.org/profile/hcard', 'type' => 'text/html', - 'href' => z_root() . '/hcard/' . $r[0]['channel_address'] + 'href' => z_root() . '/hcard/' . $r['channel_address'] ], [ @@ -184,18 +180,18 @@ class Wfinger extends \Zotlabs\Web\Controller { [ 'rel' => 'http://webfinger.net/rel/profile-page', - 'href' => z_root() . '/profile/' . $r[0]['channel_address'], + 'href' => z_root() . '/profile/' . $r['channel_address'], ], [ 'rel' => 'http://schemas.google.com/g/2010#updates-from', 'type' => 'application/atom+xml', - 'href' => z_root() . '/ofeed/' . $r[0]['channel_address'] + 'href' => z_root() . '/ofeed/' . $r['channel_address'] ], [ 'rel' => 'http://webfinger.net/rel/blog', - 'href' => z_root() . '/channel/' . $r[0]['channel_address'], + 'href' => z_root() . '/channel/' . $r['channel_address'], ], [ @@ -206,12 +202,12 @@ class Wfinger extends \Zotlabs\Web\Controller { [ 'rel' => 'http://purl.org/zot/protocol/6.0', 'type' => 'application/x-zot+json', - 'href' => channel_url($r[0]) + 'href' => channel_url($r) ], [ 'rel' => 'http://purl.org/zot/protocol', - 'href' => z_root() . '/.well-known/zot-info' . '?address=' . $r[0]['xchan_addr'], + 'href' => z_root() . '/.well-known/zot-info' . '?address=' . $r['xchan_addr'], ], [ @@ -222,14 +218,14 @@ class Wfinger extends \Zotlabs\Web\Controller { [ 'rel' => 'magic-public-key', - 'href' => 'data:application/magic-public-key,' . Keyutils::salmonKey($r[0]['channel_pubkey']), + 'href' => 'data:application/magic-public-key,' . Keyutils::salmonKey($r['channel_pubkey']), ] ]; } if($zot) { // get a zotinfo packet and return it with webfinger - $result['zot'] = Libzot::zotinfo( [ 'address' => $r[0]['xchan_addr'] ]); + $result['zot'] = Libzot::zotinfo( [ 'address' => $r['xchan_addr'] ]); } } @@ -238,7 +234,7 @@ class Wfinger extends \Zotlabs\Web\Controller { killme(); } - $arr = [ 'channel' => $r[0], 'pchan' => $pchan, 'request' => $_REQUEST, 'result' => $result ]; + $arr = [ 'channel' => $r, 'pchan' => $pchan, 'request' => $_REQUEST, 'result' => $result ]; call_hooks('webfinger',$arr); json_return_and_die($arr['result'],'application/jrd+json'); diff --git a/Zotlabs/Module/Xrd.php b/Zotlabs/Module/Xrd.php index 21574eb8d..b7868c2cc 100644 --- a/Zotlabs/Module/Xrd.php +++ b/Zotlabs/Module/Xrd.php @@ -28,19 +28,18 @@ class Xrd extends \Zotlabs\Web\Controller { $name = substr($local,0,strpos($local,'@')); } - $r = q("SELECT * FROM channel WHERE channel_address = '%s' LIMIT 1", - dbesc($name) - ); + $r = channelx_by_nick($name); + if(! $r) killme(); - $salmon_key = Keyutils::salmonKey($r[0]['channel_pubkey']); + $salmon_key = Keyutils::salmonKey($r['channel_pubkey']); header('Access-Control-Allow-Origin: *'); header("Content-type: application/xrd+xml"); - $aliases = array('acct:' . channel_reddress($r[0]), z_root() . '/channel/' . $r[0]['channel_address'], z_root() . '/~' . $r[0]['channel_address']); + $aliases = array('acct:' . channel_reddress($r), z_root() . '/channel/' . $r['channel_address'], z_root() . '/~' . $r['channel_address']); for($x = 0; $x < count($aliases); $x ++) { if($aliases[$x] === $resource) @@ -48,23 +47,23 @@ class Xrd extends \Zotlabs\Web\Controller { } $o = replace_macros(get_markup_template('xrd_person.tpl'), array( - '$nick' => $r[0]['channel_address'], + '$nick' => $r['channel_address'], '$accturi' => $resource, '$subject' => $subject, '$aliases' => $aliases, - '$channel_url' => z_root() . '/channel/' . $r[0]['channel_address'], - '$profile_url' => z_root() . '/channel/' . $r[0]['channel_address'], - '$hcard_url' => z_root() . '/hcard/' . $r[0]['channel_address'], - '$atom' => z_root() . '/ofeed/' . $r[0]['channel_address'], - '$zot_post' => z_root() . '/post/' . $r[0]['channel_address'], - '$poco_url' => z_root() . '/poco/' . $r[0]['channel_address'], - '$photo' => z_root() . '/photo/profile/l/' . $r[0]['channel_id'], + '$channel_url' => z_root() . '/channel/' . $r['channel_address'], + '$profile_url' => z_root() . '/channel/' . $r['channel_address'], + '$hcard_url' => z_root() . '/hcard/' . $r['channel_address'], + '$atom' => z_root() . '/ofeed/' . $r['channel_address'], + '$zot_post' => z_root() . '/post/' . $r['channel_address'], + '$poco_url' => z_root() . '/poco/' . $r['channel_address'], + '$photo' => z_root() . '/photo/profile/l/' . $r['channel_id'], '$modexp' => 'data:application/magic-public-key,' . $salmon_key, '$subscribe' => z_root() . '/follow?f=&url={uri}', )); - $arr = array('user' => $r[0], 'xml' => $o); + $arr = array('user' => $r, 'xml' => $o); call_hooks('personal_xrd', $arr); echo $arr['xml']; -- cgit v1.2.3