From 2de1285121b5f0260699a93249bab11dc74edec5 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 16 Jan 2018 18:15:58 -0800 Subject: z6 deliver --- include/queue_fn.php | 19 ++++++++++++- include/zot.php | 79 ++++++++++++++++++++++++++++++++++++++++++++++------ 2 files changed, 89 insertions(+), 9 deletions(-) (limited to 'include') diff --git a/include/queue_fn.php b/include/queue_fn.php index 5fb0d5f1e..88da90479 100644 --- a/include/queue_fn.php +++ b/include/queue_fn.php @@ -216,7 +216,24 @@ function queue_deliver($outq, $immediate = false) { // normal zot delivery logger('deliver: dest: ' . $outq['outq_posturl'], LOGGER_DEBUG); - $result = zot_zot($outq['outq_posturl'],$outq['outq_notify']); + + + + $msg = $outq['outq_notify']; + $channel = null; + + if($outq['outq_msg']) { + $tmp = json_decode($msg,true); + $tmp['pickup'] = json_decode($outq['outq_msg'],true); + $msg = json_encode($tmp); + if($outq['outq_channel']) { + $channel = channelx_by_n($outq['outq_channel']); + } + } + + $result = zot_zot($outq['outq_posturl'],$msg,$channel); + + if($result['success']) { logger('deliver: remote zot delivery succeeded to ' . $outq['outq_posturl']); zot_process_response($outq['outq_posturl'],$result, $outq); diff --git a/include/zot.php b/include/zot.php index 8e3d03ad8..1ab858480 100644 --- a/include/zot.php +++ b/include/zot.php @@ -211,8 +211,19 @@ function zot_best_algorithm($methods) { * @param array $data * @return array see z_post_url() for returned data format */ -function zot_zot($url, $data) { - return z_post_url($url, array('data' => $data)); +function zot_zot($url, $data, $channel = null) { + + $headers = []; + + if($channel) { + $headers['X-Zot-Token'] = random_string(); + $hash = \Zotlabs\Web\HTTPSig::generate_digest($data,false); + $headers['X-Zot-Digest'] = 'SHA-256=' . $hash; + \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,true,'sha512'); + } + + $redirects = 0; + return z_post_url($url, array('data' => $data),$redirects,((is_empty($headers)) ? [] : [ 'headers' => $headers ])); } /** @@ -4967,21 +4978,73 @@ function zot_reply_refresh($sender, $recipients) { } +function zot6_check_sig() { + + $ret = [ 'success' => false ]; + + foreach([ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $head) { + if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') { + if($head !== 'HTTP_AUTHORIZATION') { + $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER[$head]; + continue; + } + + $sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]); + if($sigblock) { + $keyId = $sigblock['keyId']; + + if($keyId) { + $r = q("select hubloc.*, site_crypto from hubloc left join site on hubloc_url = site_url + where hubloc_addr = '%s' ", + dbesc(str_replace('acct:','',$keyId)) + ); + if($r) { + foreach($r as $hubloc) { + $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); + if($verified && $verified['header_signed'] && $verified['header_valid'] && $verified['content_signed'] && $verified['content_valid']) { + $ret['hubloc'] = $hubloc; + $ret['success'] = true; + return $ret; + } + } + } + } + } + } + } + + return $ret; +} + function zot_reply_notify($data) { $ret = array('success' => false); logger('notify received from ' . $data['sender']['url']); - $async = get_config('system','queued_fetch'); + // handle zot6 delivery - if($async) { - // add to receive queue - // qreceive_add($data); + $zret = zot6_check_sig(); + if($zret['success'] && $zret['hubloc'] && $zret['hubloc']['hubloc_guid'] === $data['sender']['guid']) { + logger('zot6_delivery'); + logger('zot6_data: ' . print_r($data,true),LOGGER_DATA); + $x = zot_import($data,$data['sender']['url']); + if($x) { + $x = crypto_encapsulate(json_encode($x),$zret['hubloc']['hubloc_sitekey'],zot_best_algorithm($zret['hubloc']['site_crypto'])); + $ret['delivery_report'] = $x; + } } else { - $x = zot_fetch($data); - $ret['delivery_report'] = $x; + $async = get_config('system','queued_fetch'); + + if($async) { + // add to receive queue + // qreceive_add($data); + } + else { + $x = zot_fetch($data); + $ret['delivery_report'] = $x; + } } $ret['success'] = true; -- cgit v1.2.3 From 05de59d4ad174cb106c3a5b5890732af51730384 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 16 Jan 2018 20:08:10 -0800 Subject: initial z6 delivery --- include/queue_fn.php | 12 ++++++------ include/zot.php | 50 +++++++++++++++++++++++--------------------------- 2 files changed, 29 insertions(+), 33 deletions(-) (limited to 'include') diff --git a/include/queue_fn.php b/include/queue_fn.php index 88da90479..d1c50de67 100644 --- a/include/queue_fn.php +++ b/include/queue_fn.php @@ -217,19 +217,19 @@ function queue_deliver($outq, $immediate = false) { logger('deliver: dest: ' . $outq['outq_posturl'], LOGGER_DEBUG); - - - $msg = $outq['outq_notify']; $channel = null; if($outq['outq_msg']) { - $tmp = json_decode($msg,true); - $tmp['pickup'] = json_decode($outq['outq_msg'],true); - $msg = json_encode($tmp); + $msg = json_decode($outq['outq_notify'],true); + $msg['pickup'] = [ 'notify' => json_decode($outq['outq_notify'],true), 'message' => json_decode($outq['outq_msg'],true) ]; + $msg = json_encode($msg); if($outq['outq_channel']) { $channel = channelx_by_n($outq['outq_channel']); } } + else { + $msg = $outq['outq_notify']; + } $result = zot_zot($outq['outq_posturl'],$msg,$channel); diff --git a/include/zot.php b/include/zot.php index 1ab858480..d97fe8113 100644 --- a/include/zot.php +++ b/include/zot.php @@ -219,11 +219,11 @@ function zot_zot($url, $data, $channel = null) { $headers['X-Zot-Token'] = random_string(); $hash = \Zotlabs\Web\HTTPSig::generate_digest($data,false); $headers['X-Zot-Digest'] = 'SHA-256=' . $hash; - \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,true,'sha512'); + $h = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,false,'sha512'); } $redirects = 0; - return z_post_url($url, array('data' => $data),$redirects,((is_empty($headers)) ? [] : [ 'headers' => $headers ])); + return z_post_url($url, array('data' => $data),$redirects,((empty($h)) ? [] : [ 'headers' => $h ])); } /** @@ -4982,30 +4982,26 @@ function zot6_check_sig() { $ret = [ 'success' => false ]; - foreach([ 'REDIRECT_REMOTE_USER', 'HTTP_AUTHORIZATION' ] as $head) { - if(array_key_exists($head,$_SERVER) && substr(trim($_SERVER[$head]),0,9) === 'Signature') { - if($head !== 'HTTP_AUTHORIZATION') { - $_SERVER['HTTP_AUTHORIZATION'] = $_SERVER[$head]; - continue; - } - - $sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER[$head]); - if($sigblock) { - $keyId = $sigblock['keyId']; - - if($keyId) { - $r = q("select hubloc.*, site_crypto from hubloc left join site on hubloc_url = site_url - where hubloc_addr = '%s' ", - dbesc(str_replace('acct:','',$keyId)) - ); - if($r) { - foreach($r as $hubloc) { - $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); - if($verified && $verified['header_signed'] && $verified['header_valid'] && $verified['content_signed'] && $verified['content_valid']) { - $ret['hubloc'] = $hubloc; - $ret['success'] = true; - return $ret; - } +logger('server: ' . print_r($_SERVER,true)); + + if(array_key_exists('HTTP_SIGNATURE',$_SERVER)) { +logger('parsing signature header'); + $sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER['HTTP_SIGNATURE']); + if($sigblock) { + $keyId = $sigblock['keyId']; + + if($keyId) { + $r = q("select hubloc.*, site_crypto from hubloc left join site on hubloc_url = site_url + where hubloc_addr = '%s' ", + dbesc(str_replace('acct:','',$keyId)) + ); + if($r) { + foreach($r as $hubloc) { + $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); + if($verified && $verified['header_signed'] && $verified['header_valid'] && $verified['content_signed'] && $verified['content_valid']) { + $ret['hubloc'] = $hubloc; + $ret['success'] = true; + return $ret; } } } @@ -5028,7 +5024,7 @@ function zot_reply_notify($data) { if($zret['success'] && $zret['hubloc'] && $zret['hubloc']['hubloc_guid'] === $data['sender']['guid']) { logger('zot6_delivery'); logger('zot6_data: ' . print_r($data,true),LOGGER_DATA); - $x = zot_import($data,$data['sender']['url']); + $x = zot_import([ 'body' => json_encode($data) ],$data['sender']['url']); if($x) { $x = crypto_encapsulate(json_encode($x),$zret['hubloc']['hubloc_sitekey'],zot_best_algorithm($zret['hubloc']['site_crypto'])); $ret['delivery_report'] = $x; -- cgit v1.2.3 From 509844fd7e08ebccec4d924845d0f2a60f5768e5 Mon Sep 17 00:00:00 2001 From: Klaus Weidenbach Date: Fri, 8 Dec 2017 00:26:00 +0100 Subject: :fire: Cleanup old database related files. Remove non used database drivers, remove unused methods. Improve documentation. --- include/dba/dba_driver.php | 82 ++++++++++++------------------ include/dba/dba_mysql.php | 67 ------------------------- include/dba/dba_mysqli.php | 86 ------------------------------- include/dba/dba_pdo.php | 40 ++++++++++----- include/dba/dba_postgres.php | 117 ------------------------------------------- 5 files changed, 60 insertions(+), 332 deletions(-) delete mode 100755 include/dba/dba_mysql.php delete mode 100755 include/dba/dba_mysqli.php delete mode 100644 include/dba/dba_postgres.php (limited to 'include') diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php index deec9adfd..b3298b673 100755 --- a/include/dba/dba_driver.php +++ b/include/dba/dba_driver.php @@ -1,15 +1,20 @@ connected) { - - if(strpbrk($server,':;')) { - $dsn = $server; - } - else { - $dsn = self::$scheme . ':host=' . $server . (intval($port) ? '' : ';port=' . $port); - } - $dsn .= ';dbname=' . $db; - - - self::$dba->pdo_set(array($dsn,$user,$pass)); - } define('NULL_DATE', self::$null_date); define('ACTIVE_DBTYPE', self::$dbtype); define('TQUOT', self::$tquot); + return self::$dba; } } /** - * @brief abstract database driver class. + * @brief Abstract database driver class. * - * This class gets extended by the real database driver classes, e.g. dba_mysql, - * dba_mysqli. + * This class gets extended by the real database driver class. We used to have + * dba_mysql, dba_mysqli or dba_postgres, but we moved to PDO and the only + * implemented driver is dba_pdo. */ abstract class dba_driver { // legacy behavior public $db; - protected $pdo = array(); public $debug = 0; public $connected = false; @@ -111,6 +98,7 @@ abstract class dba_driver { * This abstract function needs to be implemented in the real driver. * * @param string $server DB server name + * @param string $scheme DB scheme * @param string $port DB port * @param string $user DB username * @param string $pass DB password @@ -166,6 +154,7 @@ abstract class dba_driver { $platform_name = \Zotlabs\Lib\System::get_platform_name(); if(file_exists('install/' . $platform_name . '/' . \DBA::$install_script)) return 'install/' . $platform_name . '/' . \DBA::$install_script; + return 'install/' . \DBA::$install_script; } @@ -173,7 +162,6 @@ abstract class dba_driver { return \DBA::$tquot; } - function utcnow() { return \DBA::$utc_now; } @@ -232,19 +220,12 @@ abstract class dba_driver { return $str; } - function pdo_set($x) { - $this->pdo = $x; - } - - function pdo_get() { - return $this->pdo; - } - } // end abstract dba_driver class - +// // Procedural functions +// function printable($s) { $s = preg_replace("~([\x01-\x08\x0E-\x0F\x10-\x1F\x7F-\xFF])~",".", $s); @@ -275,7 +256,7 @@ function dbg($state) { * wrapping with intval(). * * @param string $str A string to pass to a DB query - * @return Return an escaped string of the value to pass to a DB query. + * @return string Return an escaped string of the value to pass to a DB query. */ function dbesc($str) { @@ -298,6 +279,7 @@ function dbunescbin($str) { function dbescdate($date) { if(is_null_date($date)) return \DBA::$dba->escape(NULL_DATE); + return \DBA::$dba->escape($date); } @@ -330,17 +312,17 @@ function db_use_index($str) { * * printf style arguments %s and %d are replaced with variable arguments, which * should each be appropriately dbesc() or intval(). + * * SELECT queries return an array of results or false if SQL or DB error. Other * queries return true if the command was successful or false if it wasn't. * * Example: - * $r = q("SELECT * FROM %s WHERE `uid` = %d", - * 'user', 1); + * @code{.php}$r = q("SELECT * FROM %s WHERE `uid` = %d", + * 'user', 1);@endcode * * @param string $sql The SQL query to execute * @return bool|array */ - function q($sql) { $args = func_get_args(); @@ -359,8 +341,8 @@ function q($sql) { } /* - * This will happen occasionally trying to store the - * session data after abnormal program termination + * This will happen occasionally trying to store the + * session data after abnormal program termination */ db_logger('dba: no database: ' . print_r($args,true),LOGGER_NORMAL,LOG_CRIT); @@ -389,8 +371,8 @@ function dbq($sql) { // Caller is responsible for ensuring that any integer arguments to // dbesc_array are actually integers and not malformed strings containing -// SQL injection vectors. All integer array elements should be specifically -// cast to int to avoid trouble. +// SQL injection vectors. All integer array elements should be specifically +// cast to int to avoid trouble. function dbesc_array_cb(&$item, $key) { if(is_string($item)) { @@ -423,7 +405,7 @@ function dbesc_array(&$arr) { function db_getfunc($f) { $lookup = array( 'rand'=>array( - DBTYPE_MYSQL=>'RAND()', + DBTYPE_MYSQL=>'RAND()', DBTYPE_POSTGRES=>'RANDOM()' ), 'utc_timestamp'=>array( diff --git a/include/dba/dba_mysql.php b/include/dba/dba_mysql.php deleted file mode 100755 index 8b51cf578..000000000 --- a/include/dba/dba_mysql.php +++ /dev/null @@ -1,67 +0,0 @@ -db = mysql_connect($server.":".$port,$user,$pass); - if($this->db && mysql_select_db($db,$this->db)) { - $this->connected = true; - } - if($this->connected) { - return true; - } - return false; - } - - - function q($sql) { - if((! $this->db) || (! $this->connected)) - return false; - - $this->error = ''; - $result = @mysql_query($sql,$this->db); - - - if(mysql_errno($this->db)) - $this->error = mysql_error($this->db); - - if($result === false || $this->error) { - logger('dba_mysql: ' . printable($sql) . ' returned false.' . "\n" . $this->error); - if(file_exists('dbfail.out')) - file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND); - } - - if(($result === true) || ($result === false)) - return $result; - - $r = array(); - if(mysql_num_rows($result)) { - while($x = mysql_fetch_array($result,MYSQL_ASSOC)) - $r[] = $x; - mysql_free_result($result); - if($this->debug) - logger('dba_mysql: ' . printable(print_r($r,true))); - } - return $r; - } - - function escape($str) { - if($this->db && $this->connected) { - return @mysql_real_escape_string($str,$this->db); - } - } - - function close() { - if($this->db) - mysql_close($this->db); - $this->connected = false; - } - - function getdriver() { - return 'mysql'; - } - -} diff --git a/include/dba/dba_mysqli.php b/include/dba/dba_mysqli.php deleted file mode 100755 index 165c8e969..000000000 --- a/include/dba/dba_mysqli.php +++ /dev/null @@ -1,86 +0,0 @@ -db = new mysqli($server,$user,$pass,$db, $port); - else - $this->db = new mysqli($server,$user,$pass,$db); - - if($this->db->connect_error) { - $this->connected = false; - $this->error = $this->db->connect_error; - - if(file_exists('dbfail.out')) { - file_put_contents('dbfail.out', datetime_convert() . "\nConnect: " . $this->error . "\n", FILE_APPEND); - } - - return false; - } - else { - $this->connected = true; - return true; - } - } - - function q($sql) { - if((! $this->db) || (! $this->connected)) - return false; - - $this->error = ''; - $result = $this->db->query($sql); - - if($this->db->errno) - $this->error = $this->db->error; - - - if($this->error) { - db_logger('dba_mysqli: ERROR: ' . printable($sql) . "\n" . $this->error, LOGGER_NORMAL, LOG_ERR); - if(file_exists('dbfail.out')) { - file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . "\n" . $this->error . "\n", FILE_APPEND); - } - } - - if(($result === true) || ($result === false)) { - if($this->debug) { - db_logger('dba_mysqli: DEBUG: ' . printable($sql) . ' returns ' . (($result) ? 'true' : 'false'), LOGGER_NORMAL,(($result) ? LOG_INFO : LOG_ERR)); - } - return $result; - } - - if($this->debug) { - db_logger('dba_mysqli: DEBUG: ' . printable($sql) . ' returned ' . $result->num_rows . ' results.', LOGGER_NORMAL, LOG_INFO); - } - - $r = array(); - if($result->num_rows) { - while($x = $result->fetch_array(MYSQLI_ASSOC)) - $r[] = $x; - $result->free_result(); - if($this->debug) { - db_logger('dba_mysqli: ' . printable(print_r($r,true)), LOGGER_NORMAL, LOG_INFO); - } - } - return $r; - } - - function escape($str) { - if($this->db && $this->connected) { - return @$this->db->real_escape_string($str); - } - } - - function close() { - if($this->db) - $this->db->close(); - $this->connected = false; - } - - function getdriver() { - return 'mysqli'; - } - -} \ No newline at end of file diff --git a/include/dba/dba_pdo.php b/include/dba/dba_pdo.php index a9d824a50..719f23c4b 100755 --- a/include/dba/dba_pdo.php +++ b/include/dba/dba_pdo.php @@ -1,14 +1,21 @@ -driver_dbtype = $scheme; if(strpbrk($server,':;')) { @@ -17,7 +24,7 @@ class dba_pdo extends dba_driver { else { $dsn = $this->driver_dbtype . ':host=' . $server . (intval($port) ? ';port=' . $port : ''); } - + $dsn .= ';dbname=' . $db; try { @@ -36,10 +43,19 @@ class dba_pdo extends dba_driver { $this->q("SET standard_conforming_strings = 'off'; SET backslash_quote = 'on';"); $this->connected = true; - return true; + return true; } + /** + * {@inheritDoc} + * @see dba_driver::q() + * + * @return bool|array|PDOStatement + * - \b false if not connected or PDOException occured on query + * - \b array with results on a SELECT query + * - \b PDOStatement on a non SELECT SQL query + */ function q($sql) { if((! $this->db) || (! $this->connected)) return false; @@ -57,7 +73,7 @@ class dba_pdo extends dba_driver { $result = $this->db->query($sql, PDO::FETCH_ASSOC); } catch(PDOException $e) { - + $this->error = $e->getMessage(); if($this->error) { db_logger('dba_pdo: ERROR: ' . printable($sql) . "\n" . $this->error, LOGGER_NORMAL, LOG_ERR); @@ -82,11 +98,10 @@ class dba_pdo extends dba_driver { } if($this->debug) { - db_logger('dba_pdo: DEBUG: ' . printable($sql) . ' returned ' . count($r) . ' results.', LOGGER_NORMAL, LOG_INFO); + db_logger('dba_pdo: DEBUG: ' . printable($sql) . ' returned ' . count($r) . ' results.', LOGGER_NORMAL, LOG_INFO); db_logger('dba_pdo: ' . printable(print_r($r,true)), LOGGER_NORMAL, LOG_INFO); } - return (($this->error) ? false : $r); } @@ -99,9 +114,10 @@ class dba_pdo extends dba_driver { function close() { if($this->db) $this->db = null; + $this->connected = false; } - + function concat($fld,$sep) { if($this->driver_dbtype === 'pgsql') { return 'string_agg(' . $fld . ',\'' . $sep . '\')'; @@ -140,7 +156,7 @@ class dba_pdo extends dba_driver { return $this->escape($str); } } - + function unescapebin($str) { if($this->driver_dbtype === 'pgsql' && (! is_null($str))) { $x = ''; diff --git a/include/dba/dba_postgres.php b/include/dba/dba_postgres.php deleted file mode 100644 index 560d8da60..000000000 --- a/include/dba/dba_postgres.php +++ /dev/null @@ -1,117 +0,0 @@ -db = pg_connect($connstr); - if($this->db !== false) { - $this->connected = true; - } else { - $this->connected = false; - } - $this->q("SET standard_conforming_strings = 'off'; SET backslash_quote = 'on';"); // emulate mysql string escaping to prevent massive code-clobber - return $this->connected; - } - - function q($sql) { - if((! $this->db) || (! $this->connected)) - return false; - - if(!strpos($sql, ';')) - $sql .= ';'; - - if(strpos($sql, '`')) // this is a hack. quoted identifiers should be replaced everywhere in the code with dbesc_identifier(), remove this once it is - $sql = str_replace('`', '"', $sql); - - $this->error = ''; - $result = @pg_query($this->db, $sql); - if(file_exists('db-allqueries.out')) { - $bt = debug_backtrace(); - $trace = array(); - foreach($bt as $frame) { - if(!empty($frame['file']) && @strstr($frame['file'], $_SERVER['DOCUMENT_ROOT'])) - $frame['file'] = substr($frame['file'], strlen($_SERVER['DOCUMENT_ROOT'])+1); - - $trace[] = $frame['file'] . ':' . $frame['function'] . '():' . $frame['line'] ; - } - $compact = join(', ', $trace); - file_put_contents('db-allqueries.out', datetime_convert() . ": " . $sql . ' is_resource: '.var_export(is_resource($result), true).', backtrace: '.$compact."\n\n", FILE_APPEND); - } - - if($result === false) - $this->error = pg_last_error($this->db); - - if($result === false || $this->error) { - //db_logger('dba_postgres: ' . printable($sql) . ' returned false.' . "\n" . $this->error); - if(file_exists('dbfail.out')) - file_put_contents('dbfail.out', datetime_convert() . "\n" . printable($sql) . ' returned false' . "\n" . $this->error . "\n", FILE_APPEND); - } - - if(($result === true) || ($result === false)) - return $result; - - if(pg_result_status($result) == PGSQL_COMMAND_OK) - return true; - - $r = array(); - if(pg_num_rows($result)) { - while($x = pg_fetch_array($result, null, PGSQL_ASSOC)) - $r[] = $x; - pg_free_result($result); - if($this->debug) - db_logger('dba_postgres: ' . printable(print_r($r,true))); - } - return $r; - } - - function escape($str) { - if($this->db && $this->connected) { - $x = @pg_escape_string($this->db, $str); - return $x; - } - } - - function escapebin($str) { - return pg_escape_bytea($str); - } - - function unescapebin($str) { - return pg_unescape_bytea($str); - } - - function close() { - if($this->db) - pg_close($this->db); - $this->connected = false; - } - - function quote_interval($txt) { - return "'$txt'"; - } - - function escape_identifier($str) { - return pg_escape_identifier($this->db, $str); - } - - function optimize_table($table) { - // perhaps do some equivalent thing here, vacuum, etc? I think this is the DBA's domain anyway. Applications should not need to muss with this. - // for now do nothing without a compelling reason. function overrides default legacy mysql. - } - - function concat($fld, $sep) { - return 'string_agg(' . $fld . ',\'' . $sep . '\')'; - } - - function getdriver() { - return 'pgsql'; - } -} \ No newline at end of file -- cgit v1.2.3 From 4bf0c9e36a4a89d6b84c6bf8a74124603add9d9e Mon Sep 17 00:00:00 2001 From: Klaus Weidenbach Date: Mon, 22 Jan 2018 22:59:13 +0100 Subject: :white_check_mark: Add tests for non existent tables. Prevent PHP warnings "Undefined variable" in dba_pdo::q(); --- include/dba/dba_pdo.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/dba/dba_pdo.php b/include/dba/dba_pdo.php index 719f23c4b..f24c5381a 100755 --- a/include/dba/dba_pdo.php +++ b/include/dba/dba_pdo.php @@ -66,8 +66,9 @@ class dba_pdo extends dba_driver { } } + $result = null; $this->error = ''; - $select = ((stripos($sql,'select') === 0) ? true : false); + $select = ((stripos($sql, 'select') === 0) ? true : false); try { $result = $this->db->query($sql, PDO::FETCH_ASSOC); -- cgit v1.2.3 From 3e7dffb6765f1d3120fd8fb58bb38c70c9dddcd6 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 3 Feb 2018 12:50:07 -0800 Subject: decomplicate cont. --- include/plugin.php | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) (limited to 'include') diff --git a/include/plugin.php b/include/plugin.php index 67157dee7..f452d8342 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -179,6 +179,66 @@ function reload_plugins() { } +function plugins_installed_list() { + + $r = q("select * from addon where installed = 1 order by aname asc"); + return(($r) ? ids_to_array($r,'aname') : []); +} + + +function plugins_sync() { + + /** + * + * Synchronise plugins: + * + * App::$config['system']['addon'] contains a comma-separated list of names + * of plugins/addons which are used on this system. + * Go through the database list of already installed addons, and if we have + * an entry, but it isn't in the config list, call the unload procedure + * and mark it uninstalled in the database (for now we'll remove it). + * Then go through the config list and if we have a plugin that isn't installed, + * call the install procedure and add it to the database. + * + */ + + $installed = plugins_installed_list(); + + $plugins = get_config('system', 'addon', ''); + + $plugins_arr = explode(',', $plugins); + + // array_trim is in include/text.php + + if(! array_walk($plugins_arr,'array_trim')) + return; + + App::$plugins = $plugins_arr; + + $installed_arr = []; + + if(count($installed)) { + foreach($installed as $i) { + if(! in_array($i, $plugins_arr)) { + unload_plugin($i); + } + else { + $installed_arr[] = $i; + } + } + } + + if(count($plugins_arr)) { + foreach($plugins_arr as $p) { + if(! in_array($p, $installed_arr)) { + load_plugin($p); + } + } + } + +} + + /** * @brief Get a list of non hidden addons. * -- cgit v1.2.3 From f15fd93f905520fa7f58e7365c838edd382b227c Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 4 Feb 2018 17:01:59 -0800 Subject: implode can take its arguments in either order, but let's try to be consistent --- include/text.php | 55 +++++++++++++++++++++++++++++-------------------------- 1 file changed, 29 insertions(+), 26 deletions(-) (limited to 'include') diff --git a/include/text.php b/include/text.php index 10bbc751a..35a367d43 100644 --- a/include/text.php +++ b/include/text.php @@ -2159,6 +2159,35 @@ function ids_to_querystr($arr,$idx = 'id',$quote = false) { return(implode(',', $t)); } +/** + * @brief array_elm_to_str($arr,$elm,$delim = ',') extract unique individual elements from an array of arrays and return them as a string separated by a delimiter + * similar to ids_to_querystr, but allows a different delimiter instead of a db-quote option + * empty elements (evaluated after trim()) are ignored. + * @param $arr array + * @param $elm array key to extract from sub-array + * @param $delim string default ',' + * @returns string + */ + +function array_elm_to_str($arr,$elm,$delim = ',') { + + $tmp = []; + if($arr && is_array($arr)) { + foreach($arr as $x) { + if(is_array($x) && array_key_exists($elm,$x)) { + $z = trim($x[$elm]); + if(($z) && (! in_array($z,$tmp))) { + $tmp[] = $z; + } + } + } + } + return implode($delim,$tmp); +} + + + + /** * @brief Fetches xchan and hubloc data for an array of items with only an * author_xchan and owner_xchan. @@ -3263,29 +3292,3 @@ function purify_filename($s) { } -/** - * @brief array_elm_to_str($arr,$elm,$delim = ',') extract unique individual elements from an array of arrays and return them as a string separated by a delimiter - * - * empty elements (evaluated after trim()) are ignored. - * @param $arr array - * @param $elm array key to extract from sub-array - * @param $delim string default ',' - * @returns string - */ - -function array_elm_to_str($arr,$elm,$delim = ',') { - - $tmp = []; - if($arr && is_array($arr)) { - foreach($arr as $x) { - if(is_array($x) && array_key_exists($elm,$x)) { - $z = trim($x[$elm]); - if(($z) && (! in_array($z,$tmp))) { - $tmp[] = $z; - } - } - } - } - return implode($tmp,$delim); -} - -- cgit v1.2.3 From 930e1fdbdc798868760f8a4e03f32fc3f42e8bc9 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 5 Feb 2018 15:14:57 -0800 Subject: feedutils: separate the parsing of author information from the parsing of item/activity information --- include/feedutils.php | 220 +++++++++++++++++++++++++++++--------------------- 1 file changed, 126 insertions(+), 94 deletions(-) (limited to 'include') diff --git a/include/feedutils.php b/include/feedutils.php index 5ef45a6cd..504f65092 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -253,19 +253,18 @@ function construct_activity_target($item) { return ''; } + /** - * @brief Return an array with a parsed atom item. + * @brief Return an array with a parsed atom author. * * @param SimplePie $feed - * @param array $item - * @param[out] array $author - * @return array Associative array with the parsed item data + * @param SimplePie $item + * @return array $author */ -function get_atom_elements($feed, $item, &$author) { - require_once('include/html2bbcode.php'); +function get_atom_author($feed, $item) { - $res = array(); + $author = []; $found_author = $item->get_author(); if($found_author) { @@ -290,52 +289,6 @@ function get_atom_elements($feed, $item, &$author) { if(substr($author['author_link'],-1,1) == '/') $author['author_link'] = substr($author['author_link'],0,-1); - $res['mid'] = normalise_id(unxmlify($item->get_id())); - $res['title'] = unxmlify($item->get_title()); - $res['body'] = unxmlify($item->get_content()); - $res['plink'] = unxmlify($item->get_link(0)); - $res['item_rss'] = 1; - - - $summary = unxmlify($item->get_description(true)); - - // removing the content of the title if its identically to the body - // This helps with auto generated titles e.g. from tumblr - - if (title_is_body($res['title'], $res['body'])) - $res['title'] = ""; - - if($res['plink']) - $base_url = implode('/', array_slice(explode('/',$res['plink']),0,3)); - else - $base_url = ''; - - - $rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'published'); - if($rawcreated) - $res['created'] = unxmlify($rawcreated[0]['data']); - - $rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'updated'); - if($rawedited) - $res['edited'] = unxmlify($rawedited[0]['data']); - - if((x($res,'edited')) && (! (x($res,'created')))) - $res['created'] = $res['edited']; - - if(! $res['created']) - $res['created'] = $item->get_date('c'); - - if(! $res['edited']) - $res['edited'] = $item->get_date('c'); - - $rawverb = $item->get_item_tags(NAMESPACE_ACTIVITY, 'verb'); - - // select between supported verbs - - if($rawverb) { - $res['verb'] = unxmlify($rawverb[0]['data']); - } - // look for a photo. We should check media size and find the best one, // but for now let's just find any author photo @@ -414,6 +367,112 @@ function get_atom_elements($feed, $item, &$author) { } } + $rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner'); + if(! $rawowner) + $rawowner = $item->get_item_tags(NAMESPACE_ZOT, 'owner'); + + if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']) + $author['owner_name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']); + elseif($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']) + $author['owner_name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']); + if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']) + $author['owner_link'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']); + elseif($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']) + $author['owner_link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']); + + if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { + $base = $rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; + + foreach($base as $link) { + if(!x($author, 'owner_photo') || ! $author['owner_photo']) { + if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') + $author['owner_photo'] = unxmlify($link['attribs']['']['href']); + } + } + } + + // build array to pass to hook + $arr = [ + 'feed' => $feed, + 'item' => $item, + 'author' => $author + ]; + /** + * @hooks parse_atom + * * \e SimplePie \b feed - The original SimplePie feed + * * \e SimplePie \b item + * * \e array \b result - the result array that will also get returned + */ + call_hooks('parse_atom_author', $arr); + + logger('author: ' . print_r($arr['author'], true), LOGGER_DATA); + + return $arr['author']; +} + + +/** + * @brief Return an array with a parsed atom item. + * + * @param SimplePie $feed + * @param SimplePie $item + * @param[out] array $author + * @return array Associative array with the parsed item data + */ + +function get_atom_elements($feed, $item) { + + require_once('include/html2bbcode.php'); + + $res = array(); + + + $res['mid'] = normalise_id(unxmlify($item->get_id())); + $res['title'] = unxmlify($item->get_title()); + $res['body'] = unxmlify($item->get_content()); + $res['plink'] = unxmlify($item->get_link(0)); + $res['item_rss'] = 1; + + + $summary = unxmlify($item->get_description(true)); + + // removing the content of the title if its identically to the body + // This helps with auto generated titles e.g. from tumblr + + if (title_is_body($res['title'], $res['body'])) + $res['title'] = ""; + + if($res['plink']) + $base_url = implode('/', array_slice(explode('/',$res['plink']),0,3)); + else + $base_url = ''; + + + $rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'published'); + if($rawcreated) + $res['created'] = unxmlify($rawcreated[0]['data']); + + $rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'updated'); + if($rawedited) + $res['edited'] = unxmlify($rawedited[0]['data']); + + if((x($res,'edited')) && (! (x($res,'created')))) + $res['created'] = $res['edited']; + + if(! $res['created']) + $res['created'] = $item->get_date('c'); + + if(! $res['edited']) + $res['edited'] = $item->get_date('c'); + + $rawverb = $item->get_item_tags(NAMESPACE_ACTIVITY, 'verb'); + + // select between supported verbs + + if($rawverb) { + $res['verb'] = unxmlify($rawverb[0]['data']); + } + $rawcnv = $item->get_item_tags(NAMESPACE_OSTATUS, 'conversation'); if($rawcnv) { // new style @@ -571,29 +630,6 @@ function get_atom_elements($feed, $item, &$author) { $res['created'] = datetime_convert('UTC','UTC',$res['created']); $res['edited'] = datetime_convert('UTC','UTC',$res['edited']); - $rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner'); - if(! $rawowner) - $rawowner = $item->get_item_tags(NAMESPACE_ZOT, 'owner'); - - if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']) - $author['owner_name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']); - elseif($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']) - $author['owner_name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']); - if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']) - $author['owner_link'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']); - elseif($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']) - $author['owner_link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']); - - if($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) { - $base = $rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']; - - foreach($base as $link) { - if(!x($author, 'owner_photo') || ! $author['owner_photo']) { - if($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') - $author['owner_photo'] = unxmlify($link['attribs']['']['href']); - } - } - } $rawgeo = $item->get_item_tags(NAMESPACE_GEORSS, 'point'); if($rawgeo) @@ -756,19 +792,16 @@ function get_atom_elements($feed, $item, &$author) { $arr = [ 'feed' => $feed, 'item' => $item, - 'author' => $author, 'result' => $res ]; /** * @hooks parse_atom * * \e SimplePie \b feed - The original SimplePie feed - * * \e array \b item - * * \e array \b author + * * \e SimplePie \b item * * \e array \b result - the result array that will also get returned */ call_hooks('parse_atom', $arr); - logger('author: ' .print_r($arr['author'], true), LOGGER_DATA); logger('result: ' .print_r($arr['result'], true), LOGGER_DATA); return $arr['result']; @@ -1057,8 +1090,8 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { // Have we seen it? If not, import it. - $author = array(); - $datarray = get_atom_elements($feed,$item,$author); + $author = get_atom_author($feed,$item); + $datarray = get_atom_elements($feed,$item); if(! $datarray['mid']) continue; @@ -1310,8 +1343,8 @@ function consume_feed($xml, $importer, &$contact, $pass = 0) { // Head post of a conversation. Have we seen it? If not, import it. - $author = array(); - $datarray = get_atom_elements($feed,$item,$author); + $author = get_atom_author($feed,$item); + $datarray = get_atom_elements($feed,$item); if(! $datarray['mid']) continue; @@ -1513,11 +1546,11 @@ function normalise_id($id) { */ function process_salmon_feed($xml, $importer) { - $ret = array(); + $ret = []; if(! strlen($xml)) { logger('process_feed: empty input'); - return; + return $ret; } $feed = new SimplePie(); @@ -1531,8 +1564,10 @@ function process_salmon_feed($xml, $importer) { $feed->init(); - if($feed->error()) + if($feed->error()) { logger('Error parsing XML: ' . $feed->error()); + return $ret; + } $permalink = $feed->get_permalink(); @@ -1559,16 +1594,13 @@ function process_salmon_feed($xml, $importer) { if($is_reply) $ret['parent_mid'] = $parent_mid; - $ret['author'] = array(); - - $datarray = get_atom_elements($feed, $item, $ret['author']); + $ret['author'] = get_atom_author($feed,$item); + $ret['item'] = get_atom_elements($feed,$item); // reset policies which are restricted by default for RSS connections // This item is likely coming from GNU-social via salmon and allows public interaction - $datarray['public_policy'] = ''; - $datarray['comment_policy'] = 'authenticated'; - - $ret['item'] = $datarray; + $ret['item']['public_policy'] = ''; + $ret['item']['comment_policy'] = 'authenticated'; } } -- cgit v1.2.3 From 5e94187d03e1622761c4f25f965e9746bf2b735d Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 5 Feb 2018 20:31:24 -0800 Subject: remove dead code --- include/acl_selectors.php | 97 +---------------------------------------------- 1 file changed, 1 insertion(+), 96 deletions(-) (limited to 'include') diff --git a/include/acl_selectors.php b/include/acl_selectors.php index 4e203074b..bada3e528 100644 --- a/include/acl_selectors.php +++ b/include/acl_selectors.php @@ -5,104 +5,9 @@ * @package acl_selectors */ -/** - * @brief - * - * @param string $selname - * @param string $selclass - * @param mixed $preselected - * @param number $size - * @return string - */ -function group_select($selname, $selclass, $preselected = false, $size = 4) { - - $o = ''; - - $o .= "\r\n"; - - call_hooks(App::$module . '_post_' . $selname, $o); - - return $o; -} - -function contact_select($selname, $selclass, $preselected = false, $size = 4, $privmail = false, $celeb = false, $privatenet = false, $tabindex = null) { - - $o = ''; - - // When used for private messages, we limit correspondence to mutual DFRN/Friendica friends and the selector - // to one recipient. By default our selector allows multiple selects amongst all contacts. - - $sql_extra = ''; - - $tabindex = ($tabindex > 0 ? 'tabindex="$tabindex"' : ''); - - if($privmail) - $o .= "\r\n"; - - $r = q("SELECT abook_id, xchan_name, xchan_url, xchan_photo_s from abook left join xchan on abook_xchan = xchan_hash - where abook_self = 0 and abook_channel = %d - $sql_extra - ORDER BY xchan_name ASC", - intval(local_channel()) - ); - - - $arr = array('contact' => $r, 'entry' => $o); - - // e.g. 'network_pre_contact_deny', 'profile_pre_contact_allow' - - call_hooks(App::$module . '_pre_' . $selname, $arr); - - if($r) { - foreach($r as $rr) { - if((is_array($preselected)) && in_array($rr['id'], $preselected)) - $selected = ' selected="selected" '; - else - $selected = ''; - - $trimmed = mb_substr($rr['xchan_name'], 0, 20); - - $o .= "\r\n"; - } - } - - $o .= "\r\n"; - - call_hooks(App::$module . '_post_' . $selname, $o); - - return $o; -} - function fixacl(&$item) { - $item = str_replace(array('<', '>'), array('', ''), $item); + $item = str_replace( [ '<', '>' ], [ '', '' ], $item); } /** -- cgit v1.2.3 From cb042e32bc6d521050c48a5e4fe6c74f7a33ed4f Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 5 Feb 2018 20:57:07 -0800 Subject: code cleanup --- include/datetime.php | 97 +++++++++------------------------------------------- 1 file changed, 16 insertions(+), 81 deletions(-) (limited to 'include') diff --git a/include/datetime.php b/include/datetime.php index 0fcd957be..1e9a1fa51 100644 --- a/include/datetime.php +++ b/include/datetime.php @@ -93,16 +93,6 @@ function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d return $d->format($fmt); } - // Slight hackish adjustment so that 'zero' datetime actually returns what is intended - // otherwise we end up with -0001-11-30 ... - // add 32 days so that we at least get year 00, and then hack around the fact that - // months and days always start with 1. - -// if(substr($s,0,10) == '0000-00-00') { -// $d = new DateTime($s . ' + 32 days', new DateTimeZone('UTC')); -// return str_replace('1', '0', $d->format($fmt)); -// } - try { $from_obj = new DateTimeZone($from); } catch(Exception $e) { @@ -135,69 +125,19 @@ function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d */ function dob($dob) { - list($year, $month, $day) = sscanf($dob, '%4d-%2d-%2d'); - $f = get_config('system', 'birthday_input_format'); - if (! $f) - $f = 'ymd'; - if ($dob === '0000-00-00') $value = ''; else $value = (($year) ? datetime_convert('UTC','UTC',$dob,'Y-m-d') : datetime_convert('UTC','UTC',$dob,'m-d')); - $o = replace_macros(get_markup_template("field_input.tpl"), array('$field' => array( - 'dob', - t('Birthday'), - $value, - ((intval($value)) ? t('Age: ') . age($value,App::$user['timezone'],App::$user['timezone']) : ''), - '', - 'placeholder="' . t('YYYY-MM-DD or MM-DD') .'"' - ))); - + $o = replace_macros(get_markup_template("field_input.tpl"), [ + '$field' => [ 'dob', t('Birthday'), $value, ((intval($value)) ? t('Age: ') . age($value,App::$user['timezone'],App::$user['timezone']) : ''), '', 'placeholder="' . t('YYYY-MM-DD or MM-DD') .'"' ] + ]); -// if ($dob && $dob != '0000-00-00') -// $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),mktime(0,0,0,$month,$day,$year),'dob'); -// else -// $o = datesel($f,mktime(0,0,0,0,0,1900),mktime(),false,'dob'); return $o; } -/** - * @brief Returns a date selector. - * - * @see datetimesel() - * @param string $format - * format string, e.g. 'ymd' or 'mdy'. Not currently supported - * @param DateTime $min - * unix timestamp of minimum date - * @param DateTime $max - * unix timestap of maximum date - * @param DateTime $default - * unix timestamp of default date - * @param string $id - * id and name of datetimepicker (defaults to "datetimepicker") - */ -function datesel($format, $min, $max, $default, $id = 'datepicker') { - return datetimesel($format, $min, $max, $default, '', $id, true, false, '', ''); -} - -/** - * @brief Returns a time selector. - * - * @param string $format - * format string, e.g. 'ymd' or 'mdy'. Not currently supported - * @param string $h - * already selected hour - * @param string $m - * already selected minute - * @param string $id - * id and name of datetimepicker (defaults to "timepicker") - */ -function timesel($format, $h, $m, $id='timepicker') { - return datetimesel($format, new DateTime(), new DateTime(), new DateTime("$h:$m"), '', $id, false, true); -} - /** * @brief Returns a datetime selector. * @@ -449,12 +389,7 @@ function cal($y = 0, $m = 0, $links = false, $class='') { // month table - start at 1 to match human usage. - $mtab = array(' ', - 'January','February','March', - 'April','May','June', - 'July','August','September', - 'October','November','December' - ); + $mtab = [ ' ', 'January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December' ]; $thisyear = datetime_convert('UTC',date_default_timezone_get(),'now','Y'); $thismonth = datetime_convert('UTC',date_default_timezone_get(),'now','m'); @@ -463,7 +398,7 @@ function cal($y = 0, $m = 0, $links = false, $class='') { if (! $m) $m = intval($thismonth); - $dn = array('Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday'); + $dn = [ 'Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday' ]; $f = get_first_dim($y, $m); $l = get_dim($y, $m); $d = 1; @@ -569,17 +504,17 @@ function update_birthdays() { if (! perm_is_allowed($rr['abook_channel'], $rr['xchan_hash'], 'send_stream')) continue; - $ev = array(); - $ev['uid'] = $rr['abook_channel']; - $ev['account'] = $rr['abook_account']; - $ev['event_xchan'] = $rr['xchan_hash']; - $ev['dtstart'] = datetime_convert('UTC', 'UTC', $rr['abook_dob']); - $ev['dtend'] = datetime_convert('UTC', 'UTC', $rr['abook_dob'] . ' + 1 day '); - $ev['adjust'] = intval(feature_enabled($rr['abook_channel'],'smart_birthdays')); - $ev['summary'] = sprintf( t('%1$s\'s birthday'), $rr['xchan_name']); - $ev['description'] = sprintf( t('Happy Birthday %1$s'), - '[zrl=' . $rr['xchan_url'] . ']' . $rr['xchan_name'] . '[/zrl]') ; - $ev['etype'] = 'birthday'; + $ev = [ + 'uid' => $rr['abook_channel'], + 'account' => $rr['abook_account'], + 'event_xchan' => $rr['xchan_hash'], + 'dtstart' => datetime_convert('UTC', 'UTC', $rr['abook_dob']), + 'dtend' => datetime_convert('UTC', 'UTC', $rr['abook_dob'] . ' + 1 day '), + 'adjust' => intval(feature_enabled($rr['abook_channel'],'smart_birthdays')), + 'summary' => sprintf( t('%1$s\'s birthday'), $rr['xchan_name']), + 'description' => sprintf( t('Happy Birthday %1$s'), '[zrl=' . $rr['xchan_url'] . ']' . $rr['xchan_name'] . '[/zrl]'), + 'etype' => 'birthday', + ]; $z = event_store_event($ev); if ($z) { -- cgit v1.2.3 From 4171854e2fdcf30592025cc67815e032ea97fc06 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 6 Feb 2018 17:00:56 -0800 Subject: slight improvement in ostatus protocol detection from xml feed --- include/feedutils.php | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'include') diff --git a/include/feedutils.php b/include/feedutils.php index 504f65092..644e205a6 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -487,7 +487,7 @@ function get_atom_elements($feed, $item) { } } - $ostatus_protocol = (($ostatus_conversation) ? true : false); + $ostatus_protocol = (($ostatus_conversation || $res['verb']) ? true : false); $mastodon = (($item->get_item_tags('http://mastodon.social/schema/1.0','scope')) ? true : false); if($mastodon) { @@ -496,6 +496,8 @@ function get_atom_elements($feed, $item) { $res['item_private'] = 1; } + logger('ostatus_protocol: ' . intval($ostatus_protocol)); + $apps = $item->get_item_tags(NAMESPACE_STATUSNET, 'notice_info'); if($apps && $apps[0]['attribs']['']['source']) { $res['app'] = strip_tags(unxmlify($apps[0]['attribs']['']['source'])); @@ -599,9 +601,8 @@ function get_atom_elements($feed, $item) { ); } - // turn Mastodon content warning into a #nsfw hashtag - if($mastodon && $summary) { - $res['body'] = $summary . "\n\n" . $res['body'] . "\n\n#ContentWarning\n"; + if($summary && $res['body']) { + $res['body'] = '[summary]' . $summary . '[/summary]' . $res['body']; } @@ -802,7 +803,7 @@ function get_atom_elements($feed, $item) { */ call_hooks('parse_atom', $arr); - logger('result: ' .print_r($arr['result'], true), LOGGER_DATA); + logger('result: ' . print_r($arr['result'], true), LOGGER_DATA); return $arr['result']; } @@ -1001,9 +1002,9 @@ function process_feed_tombstones($feed,$importer,$contact,$pass) { * @param string $xml * The (atom) feed to consume - RSS isn't as fully supported but may work for simple feeds. * @param array $importer - * The contact_record (joined to user_record) of the local user who owns this + * The channel record of the local user who owns this * relationship. It is this person's stuff that is going to be updated. - * @param[in,out] array $contact + * @param[in,out] array $contact (abook record joined to xchan record) * The person who is sending us stuff. If not set, we MAY be processing a "follow" activity * from an external network and MAY create an appropriate contact record. Otherwise, we MUST * have a contact record. -- cgit v1.2.3 From b512780e37deb0b9a422ae8b1604e9c3454694a9 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Wed, 7 Feb 2018 10:27:00 +0100 Subject: do not spam the log --- include/feedutils.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/feedutils.php b/include/feedutils.php index 644e205a6..07350a340 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -496,7 +496,7 @@ function get_atom_elements($feed, $item) { $res['item_private'] = 1; } - logger('ostatus_protocol: ' . intval($ostatus_protocol)); + logger('ostatus_protocol: ' . intval($ostatus_protocol), LOGGER_DEBUG); $apps = $item->get_item_tags(NAMESPACE_STATUSNET, 'notice_info'); if($apps && $apps[0]['attribs']['']['source']) { -- cgit v1.2.3 From dc88ccdc0b8af8c9af033b3eaf325cee0c195ff8 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 7 Feb 2018 17:53:54 -0800 Subject: remove dead code --- include/crypto.php | 44 -------------------------------------------- 1 file changed, 44 deletions(-) (limited to 'include') diff --git a/include/crypto.php b/include/crypto.php index b990b18d9..105c1c54f 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -31,19 +31,6 @@ function rsa_verify($data,$sig,$key,$alg = 'sha256') { return (($verify > 0) ? true : false); } -function pkcs5_pad ($text, $blocksize) -{ - $pad = $blocksize - (strlen($text) % $blocksize); - return $text . str_repeat(chr($pad), $pad); -} - -function pkcs5_unpad($text) -{ - $pad = ord($text{strlen($text)-1}); - if ($pad > strlen($text)) return false; - if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false; - return substr($text, 0, -1 * $pad); -} function AES256CBC_encrypt($data,$key,$iv) { @@ -282,37 +269,6 @@ function new_keypair($bits) { } -function pkcs1to8($oldkey,$len) { - - if($len == 4096) - $c = 'g'; - if($len == 2048) - $c = 'Q'; - - if(strstr($oldkey,'BEGIN PUBLIC')) - return $oldkey; - - $oldkey = str_replace('-----BEGIN RSA PUBLIC KEY-----', '', $oldkey); - $oldkey = trim(str_replace('-----END RSA PUBLIC KEY-----', '', $oldkey)); - $key = 'MIICIjANBgkqhkiG9w0BAQEFAAOCA' . $c . '8A' . str_replace("\n", '', $oldkey); - $key = "-----BEGIN PUBLIC KEY-----\n" . wordwrap($key, 64, "\n", true) . "\n-----END PUBLIC KEY-----"; - return $key; -} - -function pkcs8to1($oldkey,$len) { - - if(strstr($oldkey,'BEGIN RSA')) - return $oldkey; - - $oldkey = str_replace('-----BEGIN PUBLIC KEY-----', '', $oldkey); - $oldkey = trim(str_replace('-----END PUBLIC KEY-----', '', $oldkey)); - $key = str_replace("\n",'',$oldkey); - $key = substr($key,32); - $key = "-----BEGIN RSA PUBLIC KEY-----\n" . wordwrap($key, 64, "\n", true) . "\n-----END RSA PUBLIC KEY-----"; - return $key; -} - - function DerToPem($Der, $Private=false) { //Encode: -- cgit v1.2.3 From 3a0db39fa05668831e7661ac6edaabfd09d864e2 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 7 Feb 2018 18:38:10 -0800 Subject: more zot6 delivery work --- include/queue_fn.php | 14 +++------ include/zot.php | 86 +++++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 89 insertions(+), 11 deletions(-) (limited to 'include') diff --git a/include/queue_fn.php b/include/queue_fn.php index d1c50de67..d31e41b61 100644 --- a/include/queue_fn.php +++ b/include/queue_fn.php @@ -219,18 +219,12 @@ function queue_deliver($outq, $immediate = false) { $channel = null; - if($outq['outq_msg']) { - $msg = json_decode($outq['outq_notify'],true); - $msg['pickup'] = [ 'notify' => json_decode($outq['outq_notify'],true), 'message' => json_decode($outq['outq_msg'],true) ]; - $msg = json_encode($msg); - if($outq['outq_channel']) { - $channel = channelx_by_n($outq['outq_channel']); - } - } - else { - $msg = $outq['outq_notify']; + if($outq['outq_msg'] && $outq['outq_channel']) { + $channel = channelx_by_n($outq['outq_channel']); } + $msg = $outq['outq_notify']; + $result = zot_zot($outq['outq_posturl'],$msg,$channel); diff --git a/include/zot.php b/include/zot.php index d97fe8113..e8ed827e2 100644 --- a/include/zot.php +++ b/include/zot.php @@ -158,6 +158,85 @@ function zot_build_packet($channel, $type = 'notify', $recipients = null, $remot return json_encode($data); } + +/** + * @brief Builds a zot6 notification packet. + * + * Builds a zot6 notification packet that you can either store in the queue with + * a message array or call zot_zot to immediately zot it to the other side. + * + * @param array $channel + * sender channel structure + * @param string $type + * packet type: one of 'ping', 'pickup', 'purge', 'refresh', 'keychange', 'force_refresh', 'notify', 'auth_check' + * @param array $recipients + * envelope information, array ( 'guid' => string, 'guid_sig' => string ); empty for public posts + * @param string $remote_key + * optional public site key of target hub used to encrypt entire packet + * NOTE: remote_key and encrypted packets are required for 'auth_check' packets, optional for all others + * @param string $methods + * optional comma separated list of encryption methods @ref zot_best_algorithm() + * @param string $secret + * random string, required for packets which require verification/callback + * e.g. 'pickup', 'purge', 'notify', 'auth_check'. Packet types 'ping', 'force_refresh', and 'refresh' do not require verification + * @param string $extra + * @returns string json encoded zot packet + */ +function zot6_build_packet($channel, $type = 'notify', $recipients = null, $msg = '', $remote_key = null, $methods = '', $secret = null, $extra = null) { + + $sig_method = get_config('system','signature_algorithm','sha256'); + + $data = [ + 'type' => $type, + 'sender' => [ + 'guid' => $channel['channel_guid'], + 'guid_sig' => base64url_encode(rsa_sign($channel['channel_guid'],$channel['channel_prvkey'],$sig_method)), + 'url' => z_root(), + 'url_sig' => base64url_encode(rsa_sign(z_root(),$channel['channel_prvkey'],$sig_method)), + 'sitekey' => get_config('system','pubkey') + ], + 'callback' => '/post', + 'version' => Zotlabs\Lib\System::get_zot_revision(), + 'encryption' => crypto_methods(), + 'signing' => signing_methods() + ]; + + if ($recipients) { + for ($x = 0; $x < count($recipients); $x ++) + unset($recipients[$x]['hash']); + + $data['recipients'] = $recipients; + } + + if($msg) { + $data['msg'] = $msg; + } + + if ($secret) { + $data['secret'] = preg_replace('/[^0-9a-fA-F]/','',$secret); + $data['secret_sig'] = base64url_encode(rsa_sign($secret,$channel['channel_prvkey'],$sig_method)); + } + + if ($extra) { + foreach ($extra as $k => $v) + $data[$k] = $v; + } + + logger('zot6_build_packet: ' . print_r($data,true), LOGGER_DATA, LOG_DEBUG); + + // Hush-hush ultra top-secret mode + + if($remote_key) { + $algorithm = zot_best_algorithm($methods); + $data = crypto_encapsulate(json_encode($data),$remote_key, $algorithm); + } + + return json_encode($data); +} + + + + /** * @brief Choose best encryption function from those available on both sites. * @@ -5024,7 +5103,12 @@ function zot_reply_notify($data) { if($zret['success'] && $zret['hubloc'] && $zret['hubloc']['hubloc_guid'] === $data['sender']['guid']) { logger('zot6_delivery'); logger('zot6_data: ' . print_r($data,true),LOGGER_DATA); - $x = zot_import([ 'body' => json_encode($data) ],$data['sender']['url']); + $import = [ 'pickup' => [ [ 'notify' => $data, 'message' => $data['msg'] ] ] ]; + unset($import['pickup'][0]['notify']['msg']); + + logger('import: ' . print_r($import,true), LOGGER_DATA); + + $x = zot_import([ 'body' => json_encode($import) ],$data['sender']['url']); if($x) { $x = crypto_encapsulate(json_encode($x),$zret['hubloc']['hubloc_sitekey'],zot_best_algorithm($zret['hubloc']['site_crypto'])); $ret['delivery_report'] = $x; -- cgit v1.2.3 From 5057a4bd4cfa34ef9821889e8b11707f495d64f0 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 7 Feb 2018 19:15:56 -0800 Subject: zot6 delivery work --- include/zot.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index e8ed827e2..b44991fab 100644 --- a/include/zot.php +++ b/include/zot.php @@ -5101,10 +5101,10 @@ function zot_reply_notify($data) { $zret = zot6_check_sig(); if($zret['success'] && $zret['hubloc'] && $zret['hubloc']['hubloc_guid'] === $data['sender']['guid']) { - logger('zot6_delivery'); + logger('zot6_delivery',LOGGER_DEBUG); logger('zot6_data: ' . print_r($data,true),LOGGER_DATA); - $import = [ 'pickup' => [ [ 'notify' => $data, 'message' => $data['msg'] ] ] ]; - unset($import['pickup'][0]['notify']['msg']); + $import = [ 'success' => true, 'pickup' => [ [ 'notify' => $data, 'message' => json_decode($data['msg'],true) ] ] ]; + // unset($import['pickup'][0]['notify']['msg']); logger('import: ' . print_r($import,true), LOGGER_DATA); -- cgit v1.2.3 From b21a5c3ce902c4c88b2bb3dcae5d63a93e25479c Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 7 Feb 2018 20:17:32 -0800 Subject: compatibility: fallback to legacy zot if OWA succeeds but no data['msg'] is present --- include/zot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index b44991fab..5fb18d5a7 100644 --- a/include/zot.php +++ b/include/zot.php @@ -5100,7 +5100,7 @@ function zot_reply_notify($data) { // handle zot6 delivery $zret = zot6_check_sig(); - if($zret['success'] && $zret['hubloc'] && $zret['hubloc']['hubloc_guid'] === $data['sender']['guid']) { + if($zret['success'] && $zret['hubloc'] && $zret['hubloc']['hubloc_guid'] === $data['sender']['guid'] && $data['msg']) { logger('zot6_delivery',LOGGER_DEBUG); logger('zot6_data: ' . print_r($data,true),LOGGER_DATA); $import = [ 'success' => true, 'pickup' => [ [ 'notify' => $data, 'message' => json_decode($data['msg'],true) ] ] ]; -- cgit v1.2.3 From 6cf2e9945a08451e3d53b6e79002843e9cdb8dc6 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 7 Feb 2018 21:53:47 -0800 Subject: encrypt the httpsig for zot6 transport --- include/queue_fn.php | 22 ++++++++++++++++++++-- include/zot.php | 6 ++++-- 2 files changed, 24 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/queue_fn.php b/include/queue_fn.php index d31e41b61..e50d58dd7 100644 --- a/include/queue_fn.php +++ b/include/queue_fn.php @@ -121,7 +121,7 @@ function queue_deliver($outq, $immediate = false) { $base = null; $h = parse_url($outq['outq_posturl']); - if($h) + if($h !== false) $base = $h['scheme'] . '://' . $h['host'] . (($h['port']) ? ':' . $h['port'] : ''); if(($base) && ($base !== z_root()) && ($immediate)) { @@ -160,6 +160,9 @@ function queue_deliver($outq, $immediate = false) { + + + $arr = array('outq' => $outq, 'base' => $base, 'handled' => false, 'immediate' => $immediate); call_hooks('queue_deliver',$arr); if($arr['handled']) @@ -223,9 +226,24 @@ function queue_deliver($outq, $immediate = false) { $channel = channelx_by_n($outq['outq_channel']); } + $host_crypto = null; + + if($channel && $base) { + $h = q("select hubloc_sitekey, site_crypto from hubloc left join site on hubloc_url = site_url where site_url = '%s' order by hubloc_id desc limit 1", + dbesc($base) + ); + if($h) { + $host_crypto = $h[0]; + } + } + + + + + $msg = $outq['outq_notify']; - $result = zot_zot($outq['outq_posturl'],$msg,$channel); + $result = zot_zot($outq['outq_posturl'],$msg,$channel,$host_crypto); if($result['success']) { diff --git a/include/zot.php b/include/zot.php index 5fb18d5a7..c00caebb4 100644 --- a/include/zot.php +++ b/include/zot.php @@ -288,9 +288,11 @@ function zot_best_algorithm($methods) { * * @param string $url * @param array $data + * @param array $channel (optional if using zot6 delivery) + * @param array $crypto (optional if encrypted httpsig, requires hubloc_sitekey and site_crypto elements) * @return array see z_post_url() for returned data format */ -function zot_zot($url, $data, $channel = null) { +function zot_zot($url, $data, $channel = null,$crypto = null) { $headers = []; @@ -298,7 +300,7 @@ function zot_zot($url, $data, $channel = null) { $headers['X-Zot-Token'] = random_string(); $hash = \Zotlabs\Web\HTTPSig::generate_digest($data,false); $headers['X-Zot-Digest'] = 'SHA-256=' . $hash; - $h = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,false,'sha512'); + $h = \Zotlabs\Web\HTTPSig::create_sig('',$headers,$channel['channel_prvkey'],'acct:' . $channel['channel_address'] . '@' . \App::get_hostname(),false,false,'sha512',(($crypto) ? $crypto['hubloc_sitekey'] : ''), (($crypto) ? zot_best_algorithm($crypto['site_crypto']) : '')); } $redirects = 0; -- cgit v1.2.3 From 635c5e532bd945fe50dc3fae73e4da005158e3de Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 8 Feb 2018 15:32:54 -0800 Subject: z6 testing --- include/queue_fn.php | 4 ---- include/zot.php | 2 ++ 2 files changed, 2 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/queue_fn.php b/include/queue_fn.php index e50d58dd7..798ac36db 100644 --- a/include/queue_fn.php +++ b/include/queue_fn.php @@ -237,10 +237,6 @@ function queue_deliver($outq, $immediate = false) { } } - - - - $msg = $outq['outq_notify']; $result = zot_zot($outq['outq_posturl'],$msg,$channel,$host_crypto); diff --git a/include/zot.php b/include/zot.php index c00caebb4..16b0a1c8e 100644 --- a/include/zot.php +++ b/include/zot.php @@ -296,6 +296,8 @@ function zot_zot($url, $data, $channel = null,$crypto = null) { $headers = []; +logger('crypto: ' . print_r($crypto,true)); + if($channel) { $headers['X-Zot-Token'] = random_string(); $hash = \Zotlabs\Web\HTTPSig::generate_digest($data,false); -- cgit v1.2.3 From cd1e5d417167836ee5ac64d042815b377c22b694 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 8 Feb 2018 16:22:10 -0800 Subject: zot6 testing --- include/zot.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index 16b0a1c8e..331ec35e3 100644 --- a/include/zot.php +++ b/include/zot.php @@ -296,8 +296,6 @@ function zot_zot($url, $data, $channel = null,$crypto = null) { $headers = []; -logger('crypto: ' . print_r($crypto,true)); - if($channel) { $headers['X-Zot-Token'] = random_string(); $hash = \Zotlabs\Web\HTTPSig::generate_digest($data,false); @@ -5107,18 +5105,24 @@ function zot_reply_notify($data) { if($zret['success'] && $zret['hubloc'] && $zret['hubloc']['hubloc_guid'] === $data['sender']['guid'] && $data['msg']) { logger('zot6_delivery',LOGGER_DEBUG); logger('zot6_data: ' . print_r($data,true),LOGGER_DATA); + + $ret['collected'] = true; + $import = [ 'success' => true, 'pickup' => [ [ 'notify' => $data, 'message' => json_decode($data['msg'],true) ] ] ]; - // unset($import['pickup'][0]['notify']['msg']); + unset($import['pickup'][0]['notify']['msg']); logger('import: ' . print_r($import,true), LOGGER_DATA); - $x = zot_import([ 'body' => json_encode($import) ],$data['sender']['url']); + $x = zot_import([ 'success' => true, 'body' => json_encode($import) ], $data['sender']['url']); if($x) { $x = crypto_encapsulate(json_encode($x),$zret['hubloc']['hubloc_sitekey'],zot_best_algorithm($zret['hubloc']['site_crypto'])); $ret['delivery_report'] = $x; } } else { + + // handle traditional zot delivery + $async = get_config('system','queued_fetch'); if($async) { -- cgit v1.2.3 From 9f5d44fa32b1ef9e103f98dcf7d68bfef1fdd94f Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 8 Feb 2018 16:30:44 -0800 Subject: turn the logs down again --- include/zot.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index 331ec35e3..1a9909de1 100644 --- a/include/zot.php +++ b/include/zot.php @@ -5063,10 +5063,9 @@ function zot6_check_sig() { $ret = [ 'success' => false ]; -logger('server: ' . print_r($_SERVER,true)); + logger('server: ' . print_r($_SERVER,true), LOGGER_DATA); if(array_key_exists('HTTP_SIGNATURE',$_SERVER)) { -logger('parsing signature header'); $sigblock = \Zotlabs\Web\HTTPSig::parse_sigheader($_SERVER['HTTP_SIGNATURE']); if($sigblock) { $keyId = $sigblock['keyId']; -- cgit v1.2.3 From 3dfafb710c901cd78b75681e39156a9f018b1ac9 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Thu, 8 Feb 2018 21:32:18 -0800 Subject: cosmetic --- include/zot.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index 1a9909de1..1042f09d9 100644 --- a/include/zot.php +++ b/include/zot.php @@ -5108,9 +5108,8 @@ function zot_reply_notify($data) { $ret['collected'] = true; $import = [ 'success' => true, 'pickup' => [ [ 'notify' => $data, 'message' => json_decode($data['msg'],true) ] ] ]; - unset($import['pickup'][0]['notify']['msg']); - logger('import: ' . print_r($import,true), LOGGER_DATA); + logger('zot6_import: ' . print_r($import,true), LOGGER_DATA); $x = zot_import([ 'success' => true, 'body' => json_encode($import) ], $data['sender']['url']); if($x) { -- cgit v1.2.3 From c6b2652c013b7a331f077f34e222b6d6df6bf042 Mon Sep 17 00:00:00 2001 From: phellmes Date: Sun, 11 Feb 2018 16:08:34 +0100 Subject: add flexibility to prefix/suffix string translations for jquery.timeago In addition to use the defaults or any other translated strings this allows now to force an empty string by setting the translation to NONE. Translators can choose to either use prefixes only, suffixes only, none of them or both of them - whatever sounds best in their language. --- include/js_strings.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/js_strings.php b/include/js_strings.php index 1b4668061..936594291 100644 --- a/include/js_strings.php +++ b/include/js_strings.php @@ -24,10 +24,16 @@ function js_strings() { '$leavethispage' => t('Unsaved changes. Are you sure you wish to leave this page?'), '$location' => t('Location'), - '$t01' => ((t('timeago.prefixAgo') != 'timeago.prefixAgo') ? t('timeago.prefixAgo') : ''), - '$t02' => ((t('timeago.prefixFromNow') != 'timeago.prefixFromNow') ? t('timeago.prefixFromNow') : ''), - '$t03' => t('ago'), - '$t04' => t('from now'), + // translatable prefix and suffix strings for jquery.timeago - + // using the defaults set below if left untranslated, empty strings if + // translated to "NONE" and the corresponding language strings + // if translated to anything else + '$t01' => ((t('timeago.prefixAgo') == 'timeago.prefixAgo') ? '' : ((t('timeago.prefixAgo') == 'NONE') ? '' : t('timeago.prefixAgo'))), + '$t02' => ((t('timeago.prefixFromNow') == 'timeago.prefixFromNow') ? '' : ((t('timeago.prefixFromNow') == 'NONE') ? '' : t('timeago.prefixFromNow'))), + '$t03' => ((t('timeago.suffixAgo') == 'timeago.suffixAgo') ? 'ago' : ((t('timeago.suffixAgo') == 'NONE') ? '' : t('timeago.suffixAgo'))), + '$t04' => ((t('timeago.suffixFromNow') == 'timeago.suffixFromNow') ? 'from now' : ((t('timeago.suffixFromNow') == 'NONE') ? '' : t('timeago.suffixFromNow'))), + + // translatable main strings for jquery.timeago '$t05' => t('less than a minute'), '$t06' => t('about a minute'), '$t07' => t('%d minutes'), -- cgit v1.2.3 From 3fa809ae7986d710912bb948d828eb35db75d910 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Sun, 11 Feb 2018 20:53:27 +0100 Subject: this might seem rediculous but it helps mysql to find the better index for this query --- include/items.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index c7206458e..8091252d6 100755 --- a/include/items.php +++ b/include/items.php @@ -3467,7 +3467,7 @@ function item_expire($uid,$days) { AND item_thread_top = 1 AND resource_type = '' AND item_starred = 0 - $sql_extra $item_normal LIMIT $expire_limit ", + $sql_extra $item_normal ORDER BY created ASC LIMIT $expire_limit ", intval($uid), db_utcnow(), db_quoteinterval(intval($days).' DAY') -- cgit v1.2.3 From 0dbb024c99d2e27f579522a1efb2d3fe567a46fe Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 11 Feb 2018 14:12:24 -0800 Subject: purify summary --- include/feedutils.php | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'include') diff --git a/include/feedutils.php b/include/feedutils.php index 644e205a6..986248c53 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -436,6 +436,13 @@ function get_atom_elements($feed, $item) { $summary = unxmlify($item->get_description(true)); + if(($summary) && ((strpos($summary,'<') !== false) || (strpos($summary,'>') !== false))) { + $summary = purify_html($summary); + $summary = html2bbcode($summary); + } + + + // removing the content of the title if its identically to the body // This helps with auto generated titles e.g. from tumblr -- cgit v1.2.3 From a31331bfd9500ad7dab117692b2c118d99c5c2f0 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sun, 11 Feb 2018 18:02:28 -0800 Subject: hubzilla issue #972 - provide system toggle to allow/disallow anonymous comments --- include/items.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index c7206458e..42f147eec 100755 --- a/include/items.php +++ b/include/items.php @@ -3653,7 +3653,7 @@ function delete_item_lowlevel($item, $stage = DROPITEM_NORMAL, $force = false) { $linked_item = (($item['resource_id']) ? true : false); - logger('item: ' . $item . ' stage: ' . $stage . ' force: ' . $force, LOGGER_DATA); + logger('item: ' . $item['id'] . ' stage: ' . $stage . ' force: ' . $force, LOGGER_DATA); switch($stage) { case DROPITEM_PHASE2: -- cgit v1.2.3 From b221c68e4b4da59ec9405a1c1bac87ceba7eb2ca Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Tue, 13 Feb 2018 10:29:32 +0100 Subject: fix parent id for likes in status notifications. --- include/items.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index 6a6308da1..6fe9a6041 100755 --- a/include/items.php +++ b/include/items.php @@ -2327,6 +2327,16 @@ function send_status_notifications($post_id,$item) { $parent = 0; + if(array_key_exists('verb',$item) && (activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE))) { + + $r = q("select id from item where mid = '%s' and uid = %d limit 1", + dbesc($item['thr_parent']), + intval($item['uid']) + ); + + $thr_parent_id = $r[0]['id']; + } + $r = q("select channel_hash from channel where channel_id = %d limit 1", intval($item['uid']) ); @@ -2394,8 +2404,8 @@ function send_status_notifications($post_id,$item) { 'link' => $link, 'verb' => ACTIVITY_POST, 'otype' => 'item', - 'parent' => $parent, - 'parent_mid' => $item['parent_mid'] + 'parent' => $thr_parent_id ? $thr_parent_id : $parent, + 'parent_mid' => $thr_parent_id ? $item['thr_parent'] : $item['parent_mid'] )); } -- cgit v1.2.3 From d826515ba8d2d1d78abed6701df3c2c3550e87df Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Tue, 13 Feb 2018 11:01:58 +0100 Subject: since we only save the parent mid in notify we must look for thr_parent when dealing with likes --- include/items.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index 6fe9a6041..04962ec76 100755 --- a/include/items.php +++ b/include/items.php @@ -2402,7 +2402,7 @@ function send_status_notifications($post_id,$item) { 'to_xchan' => $r[0]['channel_hash'], 'item' => $item, 'link' => $link, - 'verb' => ACTIVITY_POST, + 'verb' => $item['verb'], 'otype' => 'item', 'parent' => $thr_parent_id ? $thr_parent_id : $parent, 'parent_mid' => $thr_parent_id ? $item['thr_parent'] : $item['parent_mid'] -- cgit v1.2.3 From 465d89129caaaa0240229f8d6f81d68f26eb60b0 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Wed, 14 Feb 2018 15:32:33 -0800 Subject: provide option to block the public stream unless authenticated, since there could be legal issues with unmoderated content --- include/conversation.php | 2 +- include/nav.php | 4 +--- 2 files changed, 2 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index 77694deb3..0bb9c769a 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -974,7 +974,7 @@ function author_is_pmable($xchan, $abook) { if($x['result'] !== 'unset') return $x['result']; - if($xchan['xchan_network'] === 'zot') + if($xchan['xchan_network'] === 'zot' && get_observer_hash()) return true; return false; diff --git a/include/nav.php b/include/nav.php index 9c88541d1..df58ee96f 100644 --- a/include/nav.php +++ b/include/nav.php @@ -73,9 +73,7 @@ EOT; // nav links: array of array('href', 'text', 'extra css classes', 'title') $nav = []; - $disable_discover_tab = get_config('system','disable_discover_tab') || get_config('system','disable_discover_tab') === false; - - if(! $disable_discover_tab) + if(can_view_public_stream()) $nav['pubs'] = true; /** -- cgit v1.2.3 From 46cb45d94b6d7892a10b043e036da09cc72cbe98 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Fri, 16 Feb 2018 18:45:15 -0800 Subject: crypto improvements (use pkcs1_oaep_padding instead of the older pkcs1_padding) --- include/crypto.php | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) (limited to 'include') diff --git a/include/crypto.php b/include/crypto.php index 105c1c54f..b732b17ad 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -122,6 +122,14 @@ function other_encapsulate($data,$pubkey,$alg) { if(! $pubkey) logger('no key. data: ' . $data); + $oaep = false; + + if(strpos($alg,'.oaep')) { + $oaep = true; + $alg = substr($alg,0,-5); + } + + $fn = strtoupper($alg) . '_encrypt'; if(function_exists($fn)) { @@ -140,14 +148,14 @@ function other_encapsulate($data,$pubkey,$alg) { $iv = openssl_random_pseudo_bytes(256); $result['data'] = base64url_encode($fn($data,$key,$iv),true); // log the offending call so we can track it down - if(! openssl_public_encrypt($key,$k,$pubkey)) { + if(! openssl_public_encrypt($key,$k,$pubkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING))) { $x = debug_backtrace(); logger('RSA failed. ' . print_r($x[0],true)); } $result['alg'] = $alg; $result['key'] = base64url_encode($k,true); - openssl_public_encrypt($iv,$i,$pubkey); + openssl_public_encrypt($iv,$i,$pubkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING)); $result['iv'] = base64url_encode($i,true); return $result; } @@ -166,7 +174,7 @@ function crypto_methods() { // The actual methods are responsible for deriving the actual key/iv from the provided parameters; // possibly by truncation or segmentation - though many other methods could be used. - $r = [ 'aes256ctr', 'camellia256cfb', 'cast5cfb', 'aes256cbc', 'aes128cbc', 'cast5cbc' ]; + $r = [ 'aes256ctr.oaep', 'camellia256cfb.oaep', 'cast5cfb.oaep', 'aes256ctr', 'camellia256cfb', 'cast5cfb', 'aes256cbc', 'aes128cbc', 'cast5cbc' ]; call_hooks('crypto_methods',$r); return $r; @@ -216,10 +224,19 @@ function crypto_unencapsulate($data,$prvkey) { } function other_unencapsulate($data,$prvkey,$alg) { + + $oaep = false; + + if(strpos($alg,'.oaep')) { + $oaep = true; + $alg = substr($alg,0,-5); + } + + $fn = strtoupper($alg) . '_decrypt'; if(function_exists($fn)) { - openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey); - openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey); + openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING)); + openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING)); return $fn(base64url_decode($data['data']),$k,$i); } else { -- cgit v1.2.3 From c444e40c016c0faaec604335093b19661b3585b7 Mon Sep 17 00:00:00 2001 From: Andrew Manning Date: Sun, 18 Feb 2018 10:09:05 -0500 Subject: Update code tag styling so bbcode [code] blocks and wiki markdown inline code render nicely. --- include/bbcode.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/bbcode.php b/include/bbcode.php index 0c85a0a4e..86fd24696 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -628,7 +628,7 @@ function bb_code_unprotect_sub($match) { function bb_code($match) { if(strpos($match[0], "
")) - return '' . bb_code_protect(trim($match[1])) . ''; + return '
' . bb_code_protect(trim($match[1])) . '
'; else return '' . bb_code_protect(trim($match[1])) . ''; } @@ -636,15 +636,21 @@ function bb_code($match) { function bb_code_options($match) { if(strpos($match[0], "
")) { $class = ""; + $pre = true; } else { $class = "inline-code"; + $pre = false; } if(strpos($match[1], 'nowrap')) { $style = "overflow-x: auto; white-space: pre;"; } else { $style = ""; } - return '' . bb_code_protect(trim($match[2])) . ''; + if($pre) { + return '
' . bb_code_protect(trim($match[2])) . '
'; + } else { + return '' . bb_code_protect(trim($match[2])) . ''; + } } function bb_highlight($match) { -- cgit v1.2.3 From 43992dc463575655a5767fcb1a8dcb18a1d4ffdf Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 19 Feb 2018 14:11:58 +0100 Subject: do not show summary if it is equal to body and some styling for the summary/article toggle links --- include/bbcode.php | 2 +- include/feedutils.php | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/bbcode.php b/include/bbcode.php index 86fd24696..03a46444b 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -438,7 +438,7 @@ function bb_summary($match) { $rnd3 = mt_rand(); $rnd4 = mt_rand(); - return $match[1] . '
' . $match[2] . '
'; + return $match[1] . '
' . $match[2] . '
' . t('View article') . '
'; } diff --git a/include/feedutils.php b/include/feedutils.php index c4e9790de..369193fce 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -436,6 +436,9 @@ function get_atom_elements($feed, $item) { $summary = unxmlify($item->get_description(true)); + if($summary === $res['body']) + $summary = ''; + if(($summary) && ((strpos($summary,'<') !== false) || (strpos($summary,'>') !== false))) { $summary = purify_html($summary); $summary = html2bbcode($summary); -- cgit v1.2.3 From 67069beddcb8765164485fb7e59749663313aa19 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 19 Feb 2018 14:27:27 -0800 Subject: add logging --- include/zot.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index 1042f09d9..5f969cdaa 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1235,6 +1235,8 @@ function zot_fetch($arr) { */ function zot_import($arr, $sender_url) { + logger('arr: ' . print_r($arr,true)); + $data = json_decode($arr['body'], true); if(! $data) { -- cgit v1.2.3 From a310cb2fbb35ca8445a395513c88e09db17516d4 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 19 Feb 2018 14:37:49 -0800 Subject: more logging --- include/zot.php | 1 + 1 file changed, 1 insertion(+) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index 5f969cdaa..b88b7495e 100644 --- a/include/zot.php +++ b/include/zot.php @@ -5080,6 +5080,7 @@ function zot6_check_sig() { if($r) { foreach($r as $hubloc) { $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); + logger('verified: ' . print_r($verified,true)); if($verified && $verified['header_signed'] && $verified['header_valid'] && $verified['content_signed'] && $verified['content_valid']) { $ret['hubloc'] = $hubloc; $ret['success'] = true; -- cgit v1.2.3 From b6b4827680d14bcb0062bba4a272f661bbb33d8c Mon Sep 17 00:00:00 2001 From: zotlabs Date: Mon, 19 Feb 2018 15:44:18 -0800 Subject: OAEP padding mismatch on some newer encryption methods --- include/crypto.php | 13 +++++++------ include/zot.php | 3 --- 2 files changed, 7 insertions(+), 9 deletions(-) (limited to 'include') diff --git a/include/crypto.php b/include/crypto.php index b732b17ad..f9cf20deb 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -126,11 +126,11 @@ function other_encapsulate($data,$pubkey,$alg) { if(strpos($alg,'.oaep')) { $oaep = true; - $alg = substr($alg,0,-5); + $subalg = substr($alg,0,-5); } - $fn = strtoupper($alg) . '_encrypt'; + $fn = strtoupper($subalg) . '_encrypt'; if(function_exists($fn)) { // A bit hesitant to use openssl_random_pseudo_bytes() as we know @@ -160,7 +160,7 @@ function other_encapsulate($data,$pubkey,$alg) { return $result; } else { - $x = [ 'data' => $data, 'pubkey' => $pubkey, 'alg' => $alg, 'result' => $data ]; + $x = [ 'data' => $data, 'pubkey' => $pubkey, 'alg' => $subalg, 'result' => $data ]; call_hooks('other_encapsulate', $x); return $x['result']; } @@ -215,6 +215,7 @@ function aes_encapsulate($data,$pubkey) { function crypto_unencapsulate($data,$prvkey) { if(! $data) return; + $alg = ((array_key_exists('alg',$data)) ? $data['alg'] : 'aes256cbc'); if($alg === 'aes256cbc') return aes_unencapsulate($data,$prvkey); @@ -229,18 +230,18 @@ function other_unencapsulate($data,$prvkey,$alg) { if(strpos($alg,'.oaep')) { $oaep = true; - $alg = substr($alg,0,-5); + $subalg = substr($alg,0,-5); } - $fn = strtoupper($alg) . '_decrypt'; + $fn = strtoupper($subalg) . '_decrypt'; if(function_exists($fn)) { openssl_private_decrypt(base64url_decode($data['key']),$k,$prvkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING)); openssl_private_decrypt(base64url_decode($data['iv']),$i,$prvkey,(($oaep) ? OPENSSL_PKCS1_OAEP_PADDING : OPENSSL_PKCS1_PADDING)); return $fn(base64url_decode($data['data']),$k,$i); } else { - $x = [ 'data' => $data, 'prvkey' => $prvkey, 'alg' => $alg, 'result' => $data ]; + $x = [ 'data' => $data, 'prvkey' => $prvkey, 'alg' => $subalg, 'result' => $data ]; call_hooks('other_unencapsulate',$x); return $x['result']; } diff --git a/include/zot.php b/include/zot.php index b88b7495e..1042f09d9 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1235,8 +1235,6 @@ function zot_fetch($arr) { */ function zot_import($arr, $sender_url) { - logger('arr: ' . print_r($arr,true)); - $data = json_decode($arr['body'], true); if(! $data) { @@ -5080,7 +5078,6 @@ function zot6_check_sig() { if($r) { foreach($r as $hubloc) { $verified = \Zotlabs\Web\HTTPSig::verify('',$hubloc['xchan_pubkey']); - logger('verified: ' . print_r($verified,true)); if($verified && $verified['header_signed'] && $verified['header_valid'] && $verified['content_signed'] && $verified['content_valid']) { $ret['hubloc'] = $hubloc; $ret['success'] = true; -- cgit v1.2.3 From 41da5af721824a952abaf67187d81a8ca7154f9f Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Tue, 20 Feb 2018 10:36:05 +0100 Subject: remove order by clause --- include/items.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/items.php b/include/items.php index 04962ec76..68fa4c3b2 100755 --- a/include/items.php +++ b/include/items.php @@ -3477,7 +3477,7 @@ function item_expire($uid,$days) { AND item_thread_top = 1 AND resource_type = '' AND item_starred = 0 - $sql_extra $item_normal ORDER BY created ASC LIMIT $expire_limit ", + $sql_extra $item_normal LIMIT $expire_limit ", intval($uid), db_utcnow(), db_quoteinterval(intval($days).' DAY') -- cgit v1.2.3 From ae8623e3afb5fe6f6693f0b5b520735a7afce12f Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 20 Feb 2018 11:51:59 -0800 Subject: encrypt/decrypt function not found --- include/crypto.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/crypto.php b/include/crypto.php index f9cf20deb..11654564e 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -128,6 +128,9 @@ function other_encapsulate($data,$pubkey,$alg) { $oaep = true; $subalg = substr($alg,0,-5); } + else { + $subalg = $alg; + } $fn = strtoupper($subalg) . '_encrypt'; @@ -232,7 +235,9 @@ function other_unencapsulate($data,$prvkey,$alg) { $oaep = true; $subalg = substr($alg,0,-5); } - + else { + $subalg = $alg; + } $fn = strtoupper($subalg) . '_decrypt'; if(function_exists($fn)) { -- cgit v1.2.3 From dbeee4707b73c87684146fefa15c2caaf323f921 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 20 Feb 2018 11:56:51 -0800 Subject: don't try to handle OAEP for plugin crypto methods; let them do it if desired --- include/crypto.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/crypto.php b/include/crypto.php index 11654564e..ab33ba096 100644 --- a/include/crypto.php +++ b/include/crypto.php @@ -163,7 +163,7 @@ function other_encapsulate($data,$pubkey,$alg) { return $result; } else { - $x = [ 'data' => $data, 'pubkey' => $pubkey, 'alg' => $subalg, 'result' => $data ]; + $x = [ 'data' => $data, 'pubkey' => $pubkey, 'alg' => $alg, 'result' => $data ]; call_hooks('other_encapsulate', $x); return $x['result']; } @@ -246,7 +246,7 @@ function other_unencapsulate($data,$prvkey,$alg) { return $fn(base64url_decode($data['data']),$k,$i); } else { - $x = [ 'data' => $data, 'prvkey' => $prvkey, 'alg' => $subalg, 'result' => $data ]; + $x = [ 'data' => $data, 'prvkey' => $prvkey, 'alg' => $alg, 'result' => $data ]; call_hooks('other_unencapsulate',$x); return $x['result']; } -- cgit v1.2.3 From 441cdeff3fb93a23fbaea7e19caca622fcc9c45d Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 20 Feb 2018 16:13:43 -0800 Subject: zot6 delivery cleanup --- include/zot.php | 99 ++++++++++++++++++++++++++++----------------------------- 1 file changed, 49 insertions(+), 50 deletions(-) (limited to 'include') diff --git a/include/zot.php b/include/zot.php index 1042f09d9..10550fd69 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1170,38 +1170,61 @@ function zot_fetch($arr) { $url = $arr['sender']['url'] . $arr['callback']; - // set $multiple param on zot_gethub() to return all matching hubs - // This allows us to recover from re-installs when a redundant (but invalid) hubloc for - // this identity is widely dispersed throughout the network. + $import = null; + $hubs = null; - $ret_hubs = zot_gethub($arr['sender'],true); - if(! $ret_hubs) { + $zret = zot6_check_sig(); + + if($zret['success'] && $zret['hubloc'] && $zret['hubloc']['hubloc_guid'] === $data['sender']['guid'] && $data['msg']) { + logger('zot6_delivery',LOGGER_DEBUG); + logger('zot6_data: ' . print_r($data,true),LOGGER_DATA); + + $ret['collected'] = true; + + $import = [ 'success' => true, 'body' => json_encode( [ 'success' => true, 'pickup' => [ [ 'notify' => $data, 'message' => json_decode($data['msg'],true) ] ] ] ) ]; + $hubs = [ $zret['hubloc'] ] ; + } + + if(! $hubs) { + // set $multiple param on zot_gethub() to return all matching hubs + // This allows us to recover from re-installs when a redundant (but invalid) hubloc for + // this identity is widely dispersed throughout the network. + + $hubs = zot_gethub($arr['sender'],true); + } + + if(! $hubs) { logger('No hub: ' . print_r($arr['sender'],true)); return; } - foreach($ret_hubs as $ret_hub) { + foreach($hubs as $hub) { - $secret = substr(preg_replace('/[^0-9a-fA-F]/','',$arr['secret']),0,64); + if(! $import) { + $secret = substr(preg_replace('/[^0-9a-fA-F]/','',$arr['secret']),0,64); - $data = [ - 'type' => 'pickup', - 'url' => z_root(), - 'callback_sig' => base64url_encode(rsa_sign(z_root() . '/post', get_config('system','prvkey'))), - 'callback' => z_root() . '/post', - 'secret' => $secret, - 'secret_sig' => base64url_encode(rsa_sign($secret, get_config('system','prvkey'))) - ]; + $data = [ + 'type' => 'pickup', + 'url' => z_root(), + 'callback_sig' => base64url_encode(rsa_sign(z_root() . '/post', get_config('system','prvkey'))), + 'callback' => z_root() . '/post', + 'secret' => $secret, + 'secret_sig' => base64url_encode(rsa_sign($secret, get_config('system','prvkey'))) + ]; - $algorithm = zot_best_algorithm($ret_hub['site_crypto']); - $datatosend = json_encode(crypto_encapsulate(json_encode($data),$ret_hub['hubloc_sitekey'], $algorithm)); + $algorithm = zot_best_algorithm($hub['site_crypto']); + $datatosend = json_encode(crypto_encapsulate(json_encode($data),$hub['hubloc_sitekey'], $algorithm)); - $fetch = zot_zot($url,$datatosend); + $import = zot_zot($url,$datatosend); + } + else { + $algorithm = zot_best_algorithm($hub['site_crypto']); + } - $result = zot_import($fetch, $arr['sender']['url']); + $result = zot_import($import, $arr['sender']['url']); if($result) { - $result = crypto_encapsulate(json_encode($result),$ret_hub['hubloc_sitekey'], $algorithm); + $result = crypto_encapsulate(json_encode($result),$hub['hubloc_sitekey'], $algorithm); return $result; } @@ -5098,39 +5121,15 @@ function zot_reply_notify($data) { logger('notify received from ' . $data['sender']['url']); - // handle zot6 delivery + $async = get_config('system','queued_fetch'); - $zret = zot6_check_sig(); - if($zret['success'] && $zret['hubloc'] && $zret['hubloc']['hubloc_guid'] === $data['sender']['guid'] && $data['msg']) { - logger('zot6_delivery',LOGGER_DEBUG); - logger('zot6_data: ' . print_r($data,true),LOGGER_DATA); - - $ret['collected'] = true; - - $import = [ 'success' => true, 'pickup' => [ [ 'notify' => $data, 'message' => json_decode($data['msg'],true) ] ] ]; - - logger('zot6_import: ' . print_r($import,true), LOGGER_DATA); - - $x = zot_import([ 'success' => true, 'body' => json_encode($import) ], $data['sender']['url']); - if($x) { - $x = crypto_encapsulate(json_encode($x),$zret['hubloc']['hubloc_sitekey'],zot_best_algorithm($zret['hubloc']['site_crypto'])); - $ret['delivery_report'] = $x; - } + if($async) { + // add to receive queue + // qreceive_add($data); } else { - - // handle traditional zot delivery - - $async = get_config('system','queued_fetch'); - - if($async) { - // add to receive queue - // qreceive_add($data); - } - else { - $x = zot_fetch($data); - $ret['delivery_report'] = $x; - } + $x = zot_fetch($data); + $ret['delivery_report'] = $x; } $ret['success'] = true; -- cgit v1.2.3 From 02575f46a6d288cd2c1168bbbe52be2c7863cb46 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 20 Feb 2018 17:18:08 -0800 Subject: move the zot6 delivery to zot_fetch where it makes more sense. Exhaustively hand tested. --- include/channel.php | 4 ++-- include/zot.php | 7 ++++++- 2 files changed, 8 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/channel.php b/include/channel.php index b9adc588b..625ce16c8 100644 --- a/include/channel.php +++ b/include/channel.php @@ -2553,10 +2553,10 @@ function channel_remove($channel_id, $local = true, $unset_session = false) { q("DELETE FROM profile WHERE uid = %d", intval($channel_id)); q("DELETE FROM src WHERE src_channel_id = %d", intval($channel_id)); - $r = q("select resource_id FROM attach WHERE uid = %d", intval($channel_id)); + $r = q("select hash FROM attach WHERE uid = %d", intval($channel_id)); if($r) { foreach($r as $rv) { - attach_delete($channel_id,$rv['resource_id']); + attach_delete($channel_id,$rv['hash']); } } diff --git a/include/zot.php b/include/zot.php index 10550fd69..d28e584a1 100644 --- a/include/zot.php +++ b/include/zot.php @@ -1152,7 +1152,12 @@ function zot_process_response($hub, $arr, $outq) { * @brief * * We received a notification packet (in mod_post) that a message is waiting for us, and we've verified the sender. - * Now send back a pickup message, using our message tracking ID ($arr['secret']), which we will sign with our site + * Check if the site is using zot6 delivery and includes a verified HTTP Signature, signed content, and a 'msg' field, + * and also that the signer and the sender match. + * If that happens, we do not need to fetch/pickup the message - we have it already and it is verified. + * Translate it into the form we need for zot_import() and import it. + * + * Otherwise send back a pickup message, using our message tracking ID ($arr['secret']), which we will sign with our site * private key. * The entire pickup message is encrypted with the remote site's public key. * If everything checks out on the remote end, we will receive back a packet containing one or more messages, -- cgit v1.2.3 From b6d34bffccc42a9367d1108144824970946532e8 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Tue, 20 Feb 2018 21:31:40 -0800 Subject: trim non-existent/deprecated plugins from siteinfo plugin list --- include/network.php | 4 ++-- include/plugin.php | 12 +++++++++++- 2 files changed, 13 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/network.php b/include/network.php index 2ac430e82..0824183f7 100644 --- a/include/network.php +++ b/include/network.php @@ -1605,10 +1605,10 @@ function get_site_info() { 'commit' => $commit, 'plugins' => $visible_plugins, 'register_policy' => $register_policy[get_config('system','register_policy')], - 'invitation_only' => intval(get_config('system','invitation_only')), + 'invitation_only' => (bool) intval(get_config('system','invitation_only')), 'directory_mode' => $directory_mode[get_config('system','directory_mode')], 'language' => get_config('system','language'), - 'rss_connections' => intval(get_config('system','feed_contacts')), + 'rss_connections' => (bool) intval(get_config('system','feed_contacts')), 'expiration' => $site_expire, 'default_service_restrictions' => $service_class, 'locked_features' => $locked_features, diff --git a/include/plugin.php b/include/plugin.php index f452d8342..62d443ab8 100755 --- a/include/plugin.php +++ b/include/plugin.php @@ -245,8 +245,18 @@ function plugins_sync() { * @return array */ function visible_plugin_list() { + $r = q("select * from addon where hidden = 0 order by aname asc"); - return(($r) ? ids_to_array($r,'aname') : array()); + $x = (($r) ? ids_to_array($r,'aname') : array()); + $y = []; + if($x) { + foreach($x as $xv) { + if(is_dir('addon/' . $xv)) { + $y[] = $xv; + } + } + } + return $y; } -- cgit v1.2.3