From c0749f18d62e9d9fa53a3a60ba580dadffc0ab1b Mon Sep 17 00:00:00 2001 From: Friendika Date: Mon, 25 Jul 2011 18:41:48 -0700 Subject: event ownership issues --- include/conversation.php | 4 ++-- include/notifier.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/conversation.php b/include/conversation.php index 82a107c07..50032cd36 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -347,7 +347,7 @@ function conversation(&$a, $items, $mode, $update) { if(($toplevelpost) && (! $item['self']) && ($mode !== 'profile')) { - if($item['type'] === 'wall') { + if($item['wall']) { // On the network page, I am the owner. On the display page it will be the profile owner. // This will have been stored in $a->page_contact by our calling page. @@ -359,7 +359,7 @@ function conversation(&$a, $items, $mode, $update) { $template = $wallwall; $commentww = 'ww'; } - if(($item['type'] === 'remote') && (strlen($item['owner-link'])) && ($item['owner-link'] != $item['author-link'])) { + if((! $item['wall']) && (strlen($item['owner-link'])) && ($item['owner-link'] != $item['author-link'])) { // Could be anybody. diff --git a/include/notifier.php b/include/notifier.php index 59e573762..77a37b5ea 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -145,7 +145,7 @@ function notifier_run($argv, $argc){ $parent = $items[0]; - if($parent['type'] === 'remote' && (! $expire)) { + if($parent['wall'] != 0 && (! $expire)) { // local followup to remote post $followup = true; $notify_hub = false; // not public -- cgit v1.2.3 From ec52010e1662cd37640096b65d60fd26fbe6c172 Mon Sep 17 00:00:00 2001 From: Friendika Date: Mon, 25 Jul 2011 19:57:17 -0700 Subject: helper functions for Diaspora cert mangling --- include/certfns.php | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 include/certfns.php (limited to 'include') diff --git a/include/certfns.php b/include/certfns.php new file mode 100644 index 000000000..70d2b54a0 --- /dev/null +++ b/include/certfns.php @@ -0,0 +1,52 @@ +SetIntBuffer($Modulus); + $publicExponent = new ASNValue(ASNValue::TAG_INTEGER); + $publicExponent->SetInt($PublicExponent); + $keySequenceItems = array($modulus, $publicExponent); + $keySequence = new ASNValue(ASNValue::TAG_SEQUENCE); + $keySequence->SetSequence($keySequenceItems); + //Encode bit string + $bitStringValue = $keySequence->Encode(); + $bitStringValue = chr(0x00) . $bitStringValue; //Add unused bits byte + $bitString = new ASNValue(ASNValue::TAG_BITSTRING); + $bitString->Value = $bitStringValue; + //Encode body + $bodyValue = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00" . $bitString->Encode(); + $body = new ASNValue(ASNValue::TAG_SEQUENCE); + $body->Value = $bodyValue; + //Get DER encoded public key: + $PublicDER = $body->Encode(); + return $PublicDER; +} + + +function metopem($m,$e) { + $der = pkcs8_emcode($m,$e); + $key = DerToPem($der,true); + return $key; +} + + -- cgit v1.2.3 From 454ff3c7f0a4729dbf9a9dd116325630a193f0fb Mon Sep 17 00:00:00 2001 From: Friendika Date: Mon, 25 Jul 2011 20:59:25 -0700 Subject: configurable format for date input selectors --- include/datetime.php | 109 ++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 78 insertions(+), 31 deletions(-) (limited to 'include') diff --git a/include/datetime.php b/include/datetime.php index a056eaa60..3033b88af 100644 --- a/include/datetime.php +++ b/include/datetime.php @@ -84,12 +84,47 @@ function datetime_convert($from = 'UTC', $to = 'UTC', $s = 'now', $fmt = "Y-m-d function dob($dob) { list($year,$month,$day) = sscanf($dob,'%4d-%2d-%2d'); $y = datetime_convert('UTC',date_default_timezone_get(),'now','Y'); - $o = datesel('',1920,$y,true,$year,$month,$day); + $f = get_config('system','birthday_input_format'); + if(! $f) + $f = 'ymd'; + $o = datesel($f,'',1920,$y,true,$year,$month,$day); + return $o; +} + + +function datesel_format($f) { + + $o = ''; + + if(strlen($f)) { + for($x = 0; $x < strlen($f); $x ++) { + switch($f[$x]) { + case 'y': + if(strlen($o)) + $o .= '-'; + $o .= t('year'); + break; + case 'm': + if(strlen($o)) + $o .= '-'; + $o .= t('month'); + break; + case 'd': + if(strlen($o)) + $o .= '-'; + $o .= t('day'); + break; + default: + break; + } + } + } return $o; } // returns a date selector. +// $f = format string, e.g. 'ymd' or 'mdy' // $pre = prefix (if needed) for HTML name and class fields // $ymin = first year shown in selector dropdown // $ymax = last year shown in selector dropdown @@ -99,40 +134,52 @@ function dob($dob) { // $d = already selected day if(! function_exists('datesel')) { -function datesel($pre,$ymin,$ymax,$allow_blank,$y,$m,$d) { +function datesel($f,$pre,$ymin,$ymax,$allow_blank,$y,$m,$d) { $o = ''; - $o .= ""; + if($allow_blank) { + $sel = (($y == '0000') ? " selected=\"selected\" " : ""); + $o .= ""; + } + + if($ymax > $ymin) { + for($x = $ymax; $x >= $ymin; $x --) { + $sel = (($x == $y) ? " selected=\"selected\" " : ""); + $o .= ""; + } + } + else { + for($x = $ymax; $x <= $ymin; $x ++) { + $sel = (($x == $y) ? " selected=\"selected\" " : ""); + $o .= ""; + } + } + } + elseif($f[$z] == 'm') { - $o .= " "; -- cgit v1.2.3 From c17890ab6211f9d5095fcecbd0ce439ec5d67916 Mon Sep 17 00:00:00 2001 From: Friendika Date: Tue, 26 Jul 2011 22:40:11 -0700 Subject: privacy settings on event item not propagated correctly --- include/event.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'include') diff --git a/include/event.php b/include/event.php index aab195d24..3100c8ac4 100644 --- a/include/event.php +++ b/include/event.php @@ -341,10 +341,10 @@ function event_store($arr) { $item_arr['author-link'] = $contact['url']; $item_arr['author-avatar'] = $contact['thumb']; $item_arr['title'] = ''; - $item_arr['allow_cid'] = $str_contact_allow; - $item_arr['allow_gid'] = $str_group_allow; - $item_arr['deny_cid'] = $str_contact_deny; - $item_arr['deny_gid'] = $str_group_deny; + $item_arr['allow_cid'] = $arr['allow_cid']; + $item_arr['allow_gid'] = $arr['allow_gid']; + $item_arr['deny_cid'] = $arr['deny_cid']; + $item_arr['deny_gid'] = $arr['deny_gid']; $item_arr['last-child'] = 1; $item_arr['visible'] = 1; $item_arr['verb'] = ACTIVITY_POST; -- cgit v1.2.3 From e6c5afdf4f34e45e4f9b1d9ab1990595851a879b Mon Sep 17 00:00:00 2001 From: Friendika Date: Tue, 26 Jul 2011 22:57:48 -0700 Subject: privacy issue introduced yesterday --- include/notifier.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/notifier.php b/include/notifier.php index 77a37b5ea..8cc85d399 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -145,7 +145,7 @@ function notifier_run($argv, $argc){ $parent = $items[0]; - if($parent['wall'] != 0 && (! $expire)) { + if($parent['wall'] == 0 && (! $expire)) { // local followup to remote post $followup = true; $notify_hub = false; // not public -- cgit v1.2.3 From b721fabc3c1f6c01e4212e804f6ba6293c4983e1 Mon Sep 17 00:00:00 2001 From: Friendika Date: Wed, 27 Jul 2011 02:21:55 -0700 Subject: show lock icon on private events --- include/event.php | 5 ++++- include/items.php | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/event.php b/include/event.php index 3100c8ac4..99f685d0b 100644 --- a/include/event.php +++ b/include/event.php @@ -197,6 +197,7 @@ function event_store($arr) { $arr['type'] = (($arr['type']) ? $arr['type'] : 'event' ); $arr['cid'] = ((intval($arr['cid'])) ? intval($arr['cid']) : 0); $arr['uri'] = (x($arr,'uri') ? $arr['uri'] : item_new_uri($a->get_hostname(),$arr['uid'])); + $arr['private'] = ((x($arr,'private')) ? intval($arr['private']) : 0); if($arr['cid']) $c = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", @@ -275,7 +276,7 @@ function event_store($arr) { $object .= '' . "\n"; - q("UPDATE `item` SET `body` = '%s', `object` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `edited` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", + q("UPDATE `item` SET `body` = '%s', `object` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s', `edited` = '%s', `private` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1", dbesc(format_event_bbcode($arr)), dbesc($object), dbesc($arr['allow_cid']), @@ -283,6 +284,7 @@ function event_store($arr) { dbesc($arr['deny_cid']), dbesc($arr['deny_gid']), dbesc($arr['edited']), + intval($arr['private']), intval($r[0]['id']), intval($arr['uid']) ); @@ -345,6 +347,7 @@ function event_store($arr) { $item_arr['allow_gid'] = $arr['allow_gid']; $item_arr['deny_cid'] = $arr['deny_cid']; $item_arr['deny_gid'] = $arr['deny_gid']; + $item_arr['private'] = $arr['private']; $item_arr['last-child'] = 1; $item_arr['visible'] = 1; $item_arr['verb'] = ACTIVITY_POST; diff --git a/include/items.php b/include/items.php index 6593647ba..014d75872 100644 --- a/include/items.php +++ b/include/items.php @@ -1349,6 +1349,7 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $secure_fee $ev['uid'] = $importer['uid']; $ev['uri'] = $item_id; $ev['edited'] = $datarray['edited']; + $ev['private'] = $datarray['private']; if(is_array($contact)) $ev['cid'] = $contact['id']; -- cgit v1.2.3 From 8042f874f305bdc4a02f9b39efea9c9e0f1a82a7 Mon Sep 17 00:00:00 2001 From: Friendika Date: Thu, 28 Jul 2011 18:16:57 -0700 Subject: more progress on key conversion functions --- include/certfns.php | 97 +++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 94 insertions(+), 3 deletions(-) (limited to 'include') diff --git a/include/certfns.php b/include/certfns.php index 70d2b54a0..db0e4645e 100644 --- a/include/certfns.php +++ b/include/certfns.php @@ -19,12 +19,32 @@ function DerToPem($Der, $Private=false) return $result; } +function DerToRsa($Der) +{ + //Encode: + $Der = base64_encode($Der); + //Split lines: + $lines = str_split($Der, 65); + $body = implode("\n", $lines); + //Get title: + $title = 'RSA PUBLIC KEY'; + //Add wrapping: + $result = "-----BEGIN {$title}-----\n"; + $result .= $body . "\n"; + $result .= "-----END {$title}-----\n"; + + return $result; +} + + + + function pkcs8_encode($Modulus,$PublicExponent) { //Encode key sequence $modulus = new ASNValue(ASNValue::TAG_INTEGER); $modulus->SetIntBuffer($Modulus); $publicExponent = new ASNValue(ASNValue::TAG_INTEGER); - $publicExponent->SetInt($PublicExponent); + $publicExponent->SetIntBuffer($PublicExponent); $keySequenceItems = array($modulus, $publicExponent); $keySequence = new ASNValue(ASNValue::TAG_SEQUENCE); $keySequence->SetSequence($keySequenceItems); @@ -43,10 +63,81 @@ function pkcs8_encode($Modulus,$PublicExponent) { } +function pkcs1_encode($Modulus,$PublicExponent) { + //Encode key sequence + $modulus = new ASNValue(ASNValue::TAG_INTEGER); + $modulus->SetIntBuffer($Modulus); + $publicExponent = new ASNValue(ASNValue::TAG_INTEGER); + $publicExponent->SetIntBuffer($PublicExponent); + $keySequenceItems = array($modulus, $publicExponent); + $keySequence = new ASNValue(ASNValue::TAG_SEQUENCE); + $keySequence->SetSequence($keySequenceItems); + //Encode bit string + $bitStringValue = $keySequence->Encode(); + return $bitStringValue; + +// $bitStringValue = chr(0x00) . $bitStringValue; //Add unused bits byte +// $bitString = new ASNValue(ASNValue::TAG_BITSTRING); +// $bitString->Value = $bitStringValue; + //Encode body +// $bodyValue = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00" . $bitString->Encode(); +// $body = new ASNValue(ASNValue::TAG_SEQUENCE); +// $body->Value = $bodyValue; + //Get DER encoded public key: +// $PublicDER = $body->Encode(); +// return $PublicDER; +} + + function metopem($m,$e) { - $der = pkcs8_emcode($m,$e); - $key = DerToPem($der,true); + $der = pkcs8_encode($m,$e); + $key = DerToPem($der,false); return $key; } +function pubrsatome($key,&$m,&$e) { + require_once('library/asn1.php'); + require_once('include/salmon.php'); + + $lines = explode("\n",$key); + unset($lines[0]); + unset($lines[count($lines)]); + $x = base64_decode(implode('',$lines)); + + $r = ASN_BASE::parseASNString($x); + +// print_r($r); + + $m = base64url_decode($r[0]->asnData[0]->asnData); + $e = base64url_decode($r[0]->asnData[1]->asnData); + + +} + + +function rsatopem($key) { + pubrsatome($key,$m,$e); + return(metopem($m,$e)); +} + + +function pemtome($key,&$m,&$e) { + require_once('include/salmon.php'); + $lines = explode("\n",$key); + unset($lines[0]); + unset($lines[count($lines)]); + $x = base64_decode(implode('',$lines)); + + $r = ASN_BASE::parseASNString($x); + + $m = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[0]->asnData); + $e = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[1]->asnData); +} + +function metorsa($m,$e) { + $der = pkcs1_encode($m,$e); + $key = DerToRsa($der); + return $key; +} + -- cgit v1.2.3 From a45b94033eaba3bbddec701c3f87310a6d2a18fe Mon Sep 17 00:00:00 2001 From: Friendika Date: Thu, 28 Jul 2011 19:08:38 -0700 Subject: issue with remote mentions --- include/notifier.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/notifier.php b/include/notifier.php index 8cc85d399..9f5b27148 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -504,7 +504,7 @@ function notifier_run($argv, $argc){ // send additional slaps to mentioned remote tags (@foo@example.com) - if($slap && count($url_recipients) && $followup && $notify_hub && (! $expire)) { + if($slap && count($url_recipients) && ($followup || $top_level) && $notify_hub && (! $expire)) { if(! get_config('system','dfrn_only')) { foreach($url_recipients as $url) { if($url) { -- cgit v1.2.3 From 41c7d71e3b8cc73a8c1e7e79e63753eb99ea6b24 Mon Sep 17 00:00:00 2001 From: Friendika Date: Thu, 28 Jul 2011 20:44:35 -0700 Subject: make profile-jot-desc track lock state changes --- include/acl.js | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'include') diff --git a/include/acl.js b/include/acl.js index a0a1f5dd8..82b631ee9 100644 --- a/include/acl.js +++ b/include/acl.js @@ -153,6 +153,9 @@ ACL.prototype.updateview = function(){ $('#jot-perms-icon').removeClass('lock').addClass('unlock'); $('#jot-public').show(); $('.profile-jot-net input').attr('disabled', false); + if(editor != false) { + $('#profile-jot-desc').html(ispublic); + } } else { that.showall.removeClass("selected"); @@ -160,6 +163,7 @@ ACL.prototype.updateview = function(){ $('#jot-perms-icon').removeClass('unlock').addClass('lock'); $('#jot-public').hide(); $('.profile-jot-net input').attr('disabled', 'disabled'); + $('#profile-jot-desc').html(' '); } $("#acl-list-content .acl-list-item").each(function(){ -- cgit v1.2.3 From f47d582736ddf24528dd514850d4bed76783f589 Mon Sep 17 00:00:00 2001 From: Friendika Date: Thu, 28 Jul 2011 21:56:56 -0700 Subject: api/statusnet/config.xml --- include/api.php | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'include') diff --git a/include/api.php b/include/api.php index 4e5ea43bd..d7c0124d7 100644 --- a/include/api.php +++ b/include/api.php @@ -550,3 +550,30 @@ } api_register_func('api/account/rate_limit_status','api_account_rate_limit_status',true); + + + function api_statusnet_config(&$a,$type) { + $name = $a->config['sitename']; + $server = $a->get_hostname(); + $logo = $a->get_baseurl() . '/images/friendika-64.png'; + $email = $a->config['admin_email']; + $closed = (($a->config['register_policy'] == REGISTER_CLOSED) ? 'true' : 'false'); + $private = (($a->config['system']['block_public']) ? 'true' : 'false'); + $textlimit = (($a->config['max_import_size']) ? $a->config['max_import_size'] : '200000'); + $ssl = (($a->config['system']['have_ssl']) ? 'true' : 'false'); + $sslserver = (($ssl === 'true') ? str_replace('http:','https:',$a->get_baseurl()) : ''); + + $config = array( + 'site' => array('name' => $name,'server' => $server, 'theme' => 'default', 'path' => '', + 'logo' => $logo, 'fancy' => 'true', 'language' => 'en', 'email' => $email, 'broughtby' => '', + 'broughtbyurl' => '', 'timezone' => 'UTC', 'closed' => $closed, 'inviteonly' => 'false', + 'private' => $private, 'textlimit' => $textlimit, 'sslserver' => $sslserver, 'ssl' => $ssl, + 'shorturllength' => '30' + ), + ); + + return api_apply_template('config', $type, array('$config' => $config)); + + } + api_register_func('api/statusnet/config','api_statusnet_config',true); + -- cgit v1.2.3 From b1e766dadb1d4a9e727b2d1d5f32442392ac6bd3 Mon Sep 17 00:00:00 2001 From: Fabio Comuni Date: Fri, 29 Jul 2011 17:21:02 +0200 Subject: allow GET or POST data in statuses/update --- include/api.php | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) (limited to 'include') diff --git a/include/api.php b/include/api.php index 4e5ea43bd..5ebf04bb9 100644 --- a/include/api.php +++ b/include/api.php @@ -323,20 +323,31 @@ api_register_func('api/account/verify_credentials','api_account_verify_credentials', true); + /** + * get data from $_POST or $_GET + */ + function requestdata($k){ + if (isset($_POST[$k])){ + return $_POST[$k]; + } + if (isset($_GET[$k])){ + return $_GET[$k]; + } + return null; + } // TODO - media uploads - function api_statuses_update(&$a, $type) { if (local_user()===false) return false; $user_info = api_get_user($a); // convert $_POST array items to the form we use for web posts. - $_POST['body'] = urldecode($_POST['status']); - $_POST['parent'] = $_POST['in_reply_to_status_id']; - if($_POST['lat'] && $_POST['long']) - $_POST['coord'] = sprintf("%s %s",$_POST['lat'],$_POST['long']); + $_POST['body'] = urldecode(requestdata('status')); + $_POST['parent'] = requestdata('in_reply_to_status_id'); + if(requestdata('lat') && requestdata('long')) + $_POST['coord'] = sprintf("%s %s",requestdata('lat'),requestdata('long')); $_POST['profile_uid'] = local_user(); - if($_POST['parent']) + if(requestdata('parent')) $_POST['type'] = 'net-comment'; else $_POST['type'] = 'wall'; -- cgit v1.2.3 From 829dc2446477fcac0e8d2cde26e3cc4fed52e4fd Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 29 Jul 2011 17:01:57 -0700 Subject: api/statusnet/config does not require login --- include/api.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/api.php b/include/api.php index bc981646d..df15965e7 100644 --- a/include/api.php +++ b/include/api.php @@ -586,5 +586,5 @@ return api_apply_template('config', $type, array('$config' => $config)); } - api_register_func('api/statusnet/config','api_statusnet_config',true); + api_register_func('api/statusnet/config','api_statusnet_config',false); -- cgit v1.2.3 From dbc328368187bca4c0365ab56db57437dfda9f38 Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 29 Jul 2011 18:21:54 -0700 Subject: api/statusnet/version --- include/api.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'include') diff --git a/include/api.php b/include/api.php index df15965e7..2b1a8b0f5 100644 --- a/include/api.php +++ b/include/api.php @@ -588,3 +588,20 @@ } api_register_func('api/statusnet/config','api_statusnet_config',false); + + function api_statusnet_version(&$a,$type) { + + // liar + + if($type === 'xml') { + header("Content-type: application/xml"); + echo '' . "\r\n" . '0.9.7' . "\r\n"; + killme(); + } + elseif($type === 'json') { + header("Content-type: application/json"); + echo '"0.9.7"'; + killme(); + } + } + api_register_func('api/statusnet/version','api_statusnet_version',false); -- cgit v1.2.3 From 60caffcd7776043ee89e5939b81d7bd9d948cd4e Mon Sep 17 00:00:00 2001 From: Friendika Date: Sat, 30 Jul 2011 01:03:24 -0700 Subject: convert our native pkcs#8 to pkcs#1 for diaspora-public-key xrd field --- include/certfns.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'include') diff --git a/include/certfns.php b/include/certfns.php index db0e4645e..ffdc7f0c3 100644 --- a/include/certfns.php +++ b/include/certfns.php @@ -121,6 +121,10 @@ function rsatopem($key) { return(metopem($m,$e)); } +function pemtorsa($key) { + pemtome($key,$m,$e); + return(metorsa($m,$e)); +} function pemtome($key,&$m,&$e) { require_once('include/salmon.php'); -- cgit v1.2.3 From 149d52da8b49893426a584b14b2a48f81d32113b Mon Sep 17 00:00:00 2001 From: Friendika Date: Sat, 30 Jul 2011 20:48:55 -0700 Subject: show correct self profile in api --- include/api.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include') diff --git a/include/api.php b/include/api.php index 2b1a8b0f5..31bf0624b 100644 --- a/include/api.php +++ b/include/api.php @@ -201,7 +201,7 @@ api_login($a); return False; } else { $user = $_SESSION['uid']; - $extra_query = "AND `contact`.`uid` = %d "; + $extra_query = "AND `contact`.`uid` = %d AND `contact`.`self` = 1 "; } } -- cgit v1.2.3 From b96b7d460878c0655e60a4f06cab5cbec103c30e Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 31 Jul 2011 00:53:46 -0700 Subject: get attribution correct in api items --- include/api.php | 47 +++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 45 insertions(+), 2 deletions(-) (limited to 'include') diff --git a/include/api.php b/include/api.php index 31bf0624b..b8dbdd2d3 100644 --- a/include/api.php +++ b/include/api.php @@ -168,9 +168,10 @@ /** * Returns user info array. */ - function api_get_user(&$a, $contact_id=Null){ + function api_get_user(&$a, $contact_id = Null){ $user = null; $extra_query = ""; + if(!is_null($contact_id)){ $user=$contact_id; $extra_query = "AND `contact`.`id` = %d "; @@ -275,6 +276,48 @@ } + function api_item_get_user(&$a, $item) { + if(link_compare($item['url'],$item['author-link'])) + return api_get_user($a,$item['cid']); + $ret = array( + 'uid' => 0, + 'id' => 0, + 'name' => $item['author-name'], + 'screen_name' => '', + 'location' => '', //$uinfo[0]['default-location'], + 'profile_image_url' => $item['author-avatar'], + 'url' => $item['author-link'], + 'contact_url' => 0, + 'protected' => false, # + 'friends_count' => 0, + 'created_at' => '0000-00-00 00:00:00', + 'utc_offset' => 0, #XXX: fix me + 'time_zone' => '', //$uinfo[0]['timezone'], + 'geo_enabled' => false, + 'statuses_count' => 0, + 'lang' => 'en', #XXX: fix me + 'description' => '', + 'followers_count' => 0, + 'favourites_count' => 0, + 'contributors_enabled' => false, + 'follow_request_sent' => false, + 'profile_background_color' => 'cfe8f6', + 'profile_text_color' => '000000', + 'profile_link_color' => 'FF8500', + 'profile_sidebar_fill_color' =>'AD0066', + 'profile_sidebar_border_color' => 'AD0066', + 'profile_background_image_url' => '', + 'profile_background_tile' => false, + 'profile_use_background_image' => false, + 'notifications' => false, + 'verified' => true, #XXX: fix me + 'followers' => '', #XXX: fix me + #'status' => null + ); + + return $ret; + } + /** * apply xmlify() to all values of array $val, recursively */ @@ -503,7 +546,7 @@ $ret = Array(); foreach($r as $item) { - $status_user = (($item['cid']==$user_info['id'])?$user_info: api_get_user($a,$item['cid'])); + $status_user = (($item['cid']==$user_info['id'])?$user_info: api_item_get_user($a,$item)); $status = array( 'created_at'=> api_date($item['created']), 'published' => datetime_convert('UTC','UTC',$item['created'],ATOM_TIME), -- cgit v1.2.3 From 0c9f033505be5dbc2303d8758894e57c616c6534 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 31 Jul 2011 16:35:53 -0700 Subject: some api enhancements --- include/api.php | 154 +++++++++++++++++++++++++++++++++++++++-------- include/conversation.php | 29 +-------- include/items.php | 2 - 3 files changed, 129 insertions(+), 56 deletions(-) (limited to 'include') diff --git a/include/api.php b/include/api.php index b8dbdd2d3..62dc78506 100644 --- a/include/api.php +++ b/include/api.php @@ -10,7 +10,6 @@ $API = Array(); - function api_date($str){ //Wed May 23 06:01:13 +0000 2007 return datetime_convert('UTC', 'UTC', $str, "D M d h:i:s +0000 Y" ); @@ -111,7 +110,10 @@ if ($info['auth']===true && local_user()===false) { api_login($a); } - + + load_contact_links(local_user()); + + logger('API call for ' . $a->user['username'] . ': ' . $a->query_string); $type="json"; if (strpos($a->query_string, ".xml")>0) $type="xml"; if (strpos($a->query_string, ".json")>0) $type="json"; @@ -157,7 +159,9 @@ $arr['$rss'] = array( 'alternate' => $user_info['url'], 'self' => $a->get_baseurl(). "/". $a->query_string, + 'base' => $a->get_baseurl(), 'updated' => api_date(null), + 'atom_updated' => datetime_convert('UTC','UTC','now',ATOM_TIME), 'language' => $user_info['language'], 'logo' => $a->get_baseurl()."/images/friendika-32.png", ); @@ -277,8 +281,18 @@ } function api_item_get_user(&$a, $item) { - if(link_compare($item['url'],$item['author-link'])) + // The author is our direct contact, in a conversation with us. + if(link_compare($item['url'],$item['author-link'])) { return api_get_user($a,$item['cid']); + } + else { + // The author may be a contact of ours, but is replying to somebody else. + // Figure out if we know him/her. + $normalised = normalise_link((strlen($item['author-link'])) ? $item['author-link'] : $item['url']); + if(($normalised != 'mailbox') && (x($a->contacts[$normalised]))) + return api_get_user($a,$a->contacts[$normalised]['id']); + } + // We don't know this person directly. $ret = array( 'uid' => 0, 'id' => 0, @@ -290,7 +304,7 @@ 'contact_url' => 0, 'protected' => false, # 'friends_count' => 0, - 'created_at' => '0000-00-00 00:00:00', + 'created_at' => '', 'utc_offset' => 0, #XXX: fix me 'time_zone' => '', //$uinfo[0]['timezone'], 'geo_enabled' => false, @@ -332,9 +346,11 @@ */ function api_apply_template($templatename, $type, $data){ + $a = get_app(); + switch($type){ - case "rss": case "atom": + case "rss": case "xml": $data = api_xmlify($data); $tpl = get_markup_template("api_".$templatename."_".$type.".tpl"); @@ -527,7 +543,85 @@ $user_info = api_get_user($a); // get last newtork messages - $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` ) "; +// $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` ) "; + + $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, + `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, + `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, + `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` + FROM `item`, `contact` + WHERE `item`.`uid` = %d + AND `item`.`visible` = 1 AND `item`.`deleted` = 0 + AND `contact`.`id` = `item`.`contact-id` + AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + $sql_extra + ORDER BY `item`.`received` DESC LIMIT %d ,%d ", + intval($user_info['uid']), + 0,20 + ); + + $ret = api_format_items($r,$user_info); + + + $data = array('$statuses' => $ret); + switch($type){ + case "atom": + case "rss": + $data = api_rss_extra($a, $data, $user_info); + } + + return api_apply_template("timeline", $type, $data); + } + api_register_func('api/statuses/home_timeline','api_statuses_home_timeline', true); + api_register_func('api/statuses/friends_timeline','api_statuses_home_timeline', true); + + + + function api_statuses_user_timeline(&$a, $type){ + if (local_user()===false) return false; + + $user_info = api_get_user($a); + // get last newtork messages +// $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` ) "; + + $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, + `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, + `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, + `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` + FROM `item`, `contact` + WHERE `item`.`uid` = %d + AND `item`.`visible` = 1 AND `item`.`deleted` = 0 + AND `item`.`wall` = 1 + AND `contact`.`id` = `item`.`contact-id` + AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + $sql_extra + ORDER BY `item`.`received` DESC LIMIT %d ,%d ", + intval($user_info['uid']), + 0,20 + ); + + $ret = api_format_items($r,$user_info); + + + $data = array('$statuses' => $ret); + switch($type){ + case "atom": + case "rss": + $data = api_rss_extra($a, $data, $user_info); + } + + return api_apply_template("timeline", $type, $data); + } + + api_register_func('api/statuses/user_timeline','api_statuses_user_timeline', true); + + + function api_favorites(&$a, $type){ + if (local_user()===false) return false; + + $user_info = api_get_user($a); + // get last newtork messages +// $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` ) "; $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, @@ -536,13 +630,33 @@ FROM `item`, `contact` WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0 + AND `item`.`starred` = 1 AND `contact`.`id` = `item`.`contact-id` AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 $sql_extra - ORDER BY `item`.`created` DESC LIMIT %d ,%d ", + ORDER BY `item`.`received` DESC LIMIT %d ,%d ", intval($user_info['uid']), 0,20 ); + + $ret = api_format_items($r,$user_info); + + + $data = array('$statuses' => $ret); + switch($type){ + case "atom": + case "rss": + $data = api_rss_extra($a, $data, $user_info); + } + + return api_apply_template("timeline", $type, $data); + } + + api_register_func('api/favorites','api_favorites', true); + + + function api_format_items($r,$user_info) { + $a = get_app(); $ret = Array(); foreach($r as $item) { @@ -551,7 +665,7 @@ 'created_at'=> api_date($item['created']), 'published' => datetime_convert('UTC','UTC',$item['created'],ATOM_TIME), 'updated' => datetime_convert('UTC','UTC',$item['edited'],ATOM_TIME), - 'id' => $item['id'], + 'id' => $item['uri'], 'text' => strip_tags(bbcode($item['body'])), 'html' => bbcode($item['body']), 'source' => (($item['app']) ? $item['app'] : 'web'), @@ -568,28 +682,16 @@ 'annotations' => '', 'entities' => '', 'user' => $status_user , - 'objecttype' => $item['object-type'], - 'verb' => $item['verb'], - 'self' => $a->get_baseurl()."/api/statuses/show/".$ite['id'].".".$type, - 'edit' => $a->get_baseurl()."/api/statuses/show/".$ite['id'].".".$type, + 'objecttype' => (($item['object-type']) ? $item['object-type'] : ACTIVITY_OBJ_NOTE), + 'verb' => (($item['verb']) ? $item['verb'] : ACTIVITY_POST), + 'self' => $a->get_baseurl()."/api/statuses/show/".$item['id'].".".$type, + 'edit' => $a->get_baseurl()."/api/statuses/show/".$item['id'].".".$type, ); $ret[]=$status; }; - - $data = array('$statuses' => $ret); - switch($type){ - case "atom": - case "rss": - $data = api_rss_extra($a, $data, $user_info); - } - - return api_apply_template("timeline", $type, $data); + return $ret; } - api_register_func('api/statuses/home_timeline','api_statuses_home_timeline', true); - api_register_func('api/statuses/friends_timeline','api_statuses_home_timeline', true); - api_register_func('api/statuses/user_timeline','api_statuses_home_timeline', true); - # TODO: user_timeline should be profile view - + function api_account_rate_limit_status(&$a,$type) { diff --git a/include/conversation.php b/include/conversation.php index 50032cd36..6b1f64925 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -444,7 +444,7 @@ function conversation(&$a, $items, $mode, $update) { $profile_link = ''; $normalised = normalise_link((strlen($item['author-link'])) ? $item['author-link'] : $item['url']); - if(($normalised != 'mailbox') && (x($a->contacts[$normalised]))) + if(($normalised != 'mailbox') && (x($a->contacts,$normalised))) $profile_avatar = $a->contacts[$normalised]['thumb']; else $profile_avatar = (((strlen($item['author-avatar'])) && $diff_author) ? $item['author-avatar'] : $thumb); @@ -533,33 +533,6 @@ function conversation(&$a, $items, $mode, $update) { return $o; } - -if(! function_exists('load_contact_links')) { -function load_contact_links($uid) { - - $a = get_app(); - - $ret = array(); - - if(! $uid || x($a->contacts,'empty')) - return; - - $r = q("SELECT `id`,`network`,`url`,`thumb` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 ", - intval($uid) - ); - if(count($r)) { - foreach($r as $rr){ - $url = normalise_link($rr['url']); - $ret[$url] = $rr; - } - } - else - $ret['empty'] = true; - $a->contacts = $ret; - return; -}} - - function best_link_url($item,&$sparkle) { $a = get_app(); diff --git a/include/items.php b/include/items.php index 014d75872..6d69c6cc9 100644 --- a/include/items.php +++ b/include/items.php @@ -6,7 +6,6 @@ require_once('include/salmon.php'); function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0) { - // default permissions - anonymous user if(! strlen($owner_nick)) @@ -485,7 +484,6 @@ function get_atom_elements($feed,$item) { if((x($res,'verb')) && ($res['verb'] === 'http://ostatus.org/schema/1.0/unfollow')) $res['verb'] = ACTIVITY_UNFOLLOW; - $cats = $item->get_categories(); if($cats) { $tag_arr = array(); -- cgit v1.2.3 From b0a9ec0a73183e48158a4e42db49943c56db9098 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 31 Jul 2011 17:52:36 -0700 Subject: better handling of api comments/replies --- include/api.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/api.php b/include/api.php index 62dc78506..0d446d1a7 100644 --- a/include/api.php +++ b/include/api.php @@ -401,8 +401,16 @@ // convert $_POST array items to the form we use for web posts. + // logger('api_post: ' . print_r($_POST,true)); + $_POST['body'] = urldecode(requestdata('status')); - $_POST['parent'] = requestdata('in_reply_to_status_id'); + + $parent = requestdata('in_reply_to_status_id'); + if(ctype_digit($parent)) + $_POST['parent'] = $parent; + else + $_POST['parent_uri'] = $parent; + if(requestdata('lat') && requestdata('long')) $_POST['coord'] = sprintf("%s %s",requestdata('lat'),requestdata('long')); $_POST['profile_uid'] = local_user(); -- cgit v1.2.3 From 996425206f86967a50923cf61e18776749a49e52 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 31 Jul 2011 20:01:00 -0700 Subject: api profiles --- include/api.php | 59 ++++++++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 48 insertions(+), 11 deletions(-) (limited to 'include') diff --git a/include/api.php b/include/api.php index 0d446d1a7..45ca6f1a8 100644 --- a/include/api.php +++ b/include/api.php @@ -147,7 +147,26 @@ //echo "
"; var_dump($r); die();
 			}
 		}
-		return false;
+		$r = 'not implemented';
+		switch($type){
+			case "xml":
+				header ("Content-Type: text/xml");
+				return ''."\n".$r;
+				break;
+			case "json": 
+				header ("Content-Type: application/json");  
+			    return json_encode(array('error' => 'not implemented'));
+				break;
+			case "rss":
+				header ("Content-Type: application/rss+xml");
+				return ''."\n".$r;
+				break;
+			case "atom":
+				header ("Content-Type: application/atom+xml");
+				return ''."\n".$r;
+				break;
+				
+		}
 	}
 
 	/**
@@ -222,15 +241,25 @@
 			return False;
 		}
 		
-		// count public wall messages
-		$r = q("SELECT COUNT(`id`) as `count` FROM `item`
-				WHERE  `uid` = %d
-				AND `type`='wall' 
-				AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
-				intval($uinfo[0]['uid'])
-		);
-		$countitms = $r[0]['count'];
-		
+		if($uinfo[0]['self']) {
+			// count public wall messages
+			$r = q("SELECT COUNT(`id`) as `count` FROM `item`
+					WHERE  `uid` = %d
+					AND `type`='wall' 
+					AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
+					intval($uinfo[0]['uid'])
+			);
+			$countitms = $r[0]['count'];
+		}
+		else {
+			$r = q("SELECT COUNT(`id`) as `count` FROM `item`
+					WHERE  `contact-id` = %d
+					AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
+					intval($uinfo[0]['id'])
+			);
+			$countitms = $r[0]['count'];
+		}
+
 		// count friends
 		$r = q("SELECT COUNT(`id`) as `count` FROM `contact`
 				WHERE  `uid` = %d
@@ -238,7 +267,10 @@
 				intval($uinfo[0]['uid'])
 		);
 		$countfriends = $r[0]['count'];
-				
+
+		if(! $uinfo[0]['self']) {
+			$countfriends = 0;
+		}
 
 		$ret = Array(
 			'uid' => $uinfo[0]['uid'],
@@ -664,6 +696,11 @@
 
 	
 	function api_format_items($r,$user_info) {
+
+		//logger('api_format_items: ' . print_r($r,true));
+
+		//logger('api_format_items: ' . print_r($user_info,true));
+
 		$a = get_app();
 		$ret = Array();
 
-- 
cgit v1.2.3


From 823d7ba42ac619010fa786936ad625461e27e56d Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Sun, 31 Jul 2011 22:22:34 -0700
Subject: api/friends/ids, api/followers/ids

---
 include/api.php | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 60 insertions(+), 4 deletions(-)

(limited to 'include')

diff --git a/include/api.php b/include/api.php
index 45ca6f1a8..7b3dd866c 100644
--- a/include/api.php
+++ b/include/api.php
@@ -209,7 +209,7 @@
 			$extra_query = "AND `contact`.`nick` = '%s' ";
 		}
 		
-		if (is_null($user)){
+		if (is_null($user) && $a->argc > 3){
 			list($user, $null) = explode(".",$a->argv[3]);
 			if(is_numeric($user)){
 				$user = intval($user);
@@ -262,14 +262,26 @@
 
 		// count friends
 		$r = q("SELECT COUNT(`id`) as `count` FROM `contact`
-				WHERE  `uid` = %d
+				WHERE  `uid` = %d AND `rel` IN ( %d, %d )
 				AND `self`=0 AND `blocked`=0", 
-				intval($uinfo[0]['uid'])
+				intval($uinfo[0]['uid']),
+				intval(REL_FAN),
+				intval(REL_BUD)
 		);
 		$countfriends = $r[0]['count'];
 
+		$r = q("SELECT COUNT(`id`) as `count` FROM `contact`
+				WHERE  `uid` = %d AND `rel` IN ( %d, %d )
+				AND `self`=0 AND `blocked`=0", 
+				intval($uinfo[0]['uid']),
+				intval(REL_VIP),
+				intval(REL_BUD)
+		);
+		$countfollowers = $r[0]['count'];
+
 		if(! $uinfo[0]['self']) {
 			$countfriends = 0;
+			$countfollowers = 0;
 		}
 
 		$ret = Array(
@@ -290,7 +302,7 @@
 			'statuses_count' => $countitms, #XXX: fix me 
 			'lang' => 'en', #XXX: fix me
 			'description' => '',
-			'followers_count' => $countfriends, #XXX: fix me
+			'followers_count' => $countfollowers, #XXX: fix me
 			'favourites_count' => 0,
 			'contributors_enabled' => false,
 			'follow_request_sent' => false,
@@ -795,3 +807,47 @@
 		}
 	}
 	api_register_func('api/statusnet/version','api_statusnet_version',false);
+
+
+	function api_ff_ids(&$a,$type,$qtype) {
+		if(! local_user())
+			return false;
+
+		if($qtype == 'friends')
+			$sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(REL_FAN), intval(REL_BUD));
+		if($qtype == 'followers')
+			$sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(REL_VIP), intval(REL_BUD));
+ 
+
+		$r = q("SELECT id FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra",
+			intval(local_user())
+		);
+
+		if(is_array($r)) {
+			if($type === 'xml') {
+				header("Content-type: application/xml");
+				echo '' . "\r\n" . '' . "\r\n";
+				foreach($r as $rr)
+					echo '' . $rr['id'] . '' . "\r\n";
+				echo '' . "\r\n";
+				killme();
+			}
+			elseif($type === 'json') {
+				$ret = array();
+				header("Content-type: application/json");
+				foreach($r as $rr) $ret[] = $rr['id'];
+				echo json_encode($ret);
+				killme();
+			}
+		}
+	}
+
+	function api_friends_ids(&$a,$type) {
+		api_ff_ids($a,$type,'friends');
+	}
+	function api_followers_ids(&$a,$type) {
+		api_ff_ids($a,$type,'followers');
+	}
+	api_register_func('api/friends/ids','api_friends_ids',true);
+	api_register_func('api/followers/ids','api_followers_ids',true);
+
-- 
cgit v1.2.3


From 326a873082cd9f31f70bfb703ad2c3e7fde19bb8 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 1 Aug 2011 05:13:59 -0700
Subject: merge diaspora/friendika vcard formats - not yet complete

---
 include/api.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'include')

diff --git a/include/api.php b/include/api.php
index 7b3dd866c..c77c55cef 100644
--- a/include/api.php
+++ b/include/api.php
@@ -114,6 +114,7 @@
 				load_contact_links(local_user());
 
 				logger('API call for ' . $a->user['username'] . ': ' . $a->query_string);		
+				logger('API parameters: ' . print_r($_REQUEST,true));
 				$type="json";		
 				if (strpos($a->query_string, ".xml")>0) $type="xml";
 				if (strpos($a->query_string, ".json")>0) $type="json";
@@ -220,7 +221,7 @@
 			}
 		}
 		
-		if ($user==='') {
+		if (! $user) {
 			if (local_user()===false) {
 				api_login($a); return False;
 			} else {
@@ -230,7 +231,7 @@
 			
 		}
 		
-
+		logger('api_user: ' . $extra_query . ' ' , $user);
 		// user info		
 		$uinfo = q("SELECT *, `contact`.`id` as `cid` FROM `contact`
 				WHERE 1
-- 
cgit v1.2.3


From e76990ae7bffdcc5f1c54146f54fc11729c537b7 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 1 Aug 2011 16:15:37 -0700
Subject: bug #111 - don't parse an @ address as a feed

---
 include/Scrape.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/Scrape.php b/include/Scrape.php
index 6726d0b15..9bf89a49e 100644
--- a/include/Scrape.php
+++ b/include/Scrape.php
@@ -294,6 +294,8 @@ function probe_url($url) {
 
 	$twitter = ((strpos($url,'twitter.com') !== false) ? true : false);
 
+	$at_addr = ((strpos($url,'@') !== false) ? true : false);
+
 	if(! $twitter) {
 		$links = lrdd($url);
 
@@ -452,7 +454,7 @@ function probe_url($url) {
 				$vcard['fn'] = $vcard['nick'];
 
 	
-		if(((! isset($vcard)) && (! $poll)) || ($twitter)) {
+		if(((! isset($vcard)) && (! $poll) && (! $at_addr)) || ($twitter)) {
 
 			$feedret = scrape_feed($url);
 			logger('probe_url: scrape_feed returns: ' . print_r($feedret,true), LOGGER_DATA);
-- 
cgit v1.2.3


From 8b31ff15f51c6936daedf28cc88c753214b569e0 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 1 Aug 2011 16:51:01 -0700
Subject: breaking up boot file (part of zot refactor)

---
 include/config.php  | 205 ++++++++++++
 include/network.php | 669 +++++++++++++++++++++++++++++++++++++
 include/plugin.php  | 199 +++++++++++
 include/salmon.php  |  31 --
 include/text.php    | 933 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 5 files changed, 2006 insertions(+), 31 deletions(-)
 create mode 100644 include/config.php
 create mode 100644 include/network.php
 create mode 100644 include/plugin.php
 create mode 100644 include/text.php

(limited to 'include')

diff --git a/include/config.php b/include/config.php
new file mode 100644
index 000000000..fe675bc33
--- /dev/null
+++ b/include/config.php
@@ -0,0 +1,205 @@
+config[$k] = $rr['v'];
+			} else {
+				$a->config[$family][$k] = $rr['v'];
+			}
+		}
+	}
+}}
+
+// get a particular config variable given the family name
+// and key. Returns false if not set.
+// $instore is only used by the set_config function
+// to determine if the key already exists in the DB
+// If a key is found in the DB but doesn't exist in
+// local config cache, pull it into the cache so we don't have
+// to hit the DB again for this item.
+
+if(! function_exists('get_config')) {
+function get_config($family, $key, $instore = false) {
+
+	global $a;
+
+	if(! $instore) {
+		if(isset($a->config[$family][$key])) {
+			if($a->config[$family][$key] === '!!') {
+				return false;
+			}
+			return $a->config[$family][$key];
+		}
+	}
+	$ret = q("SELECT `v` FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
+		dbesc($family),
+		dbesc($key)
+	);
+	if(count($ret)) {
+		// manage array value
+		$val = (preg_match("|^a:[0-9]+:{.*}$|", $ret[0]['v'])?unserialize( $ret[0]['v']):$ret[0]['v']);
+		$a->config[$family][$key] = $val;
+		return $val;
+	}
+	else {
+		$a->config[$family][$key] = '!!';
+	}
+	return false;
+}}
+
+// Store a config value ($value) in the category ($family)
+// under the key ($key)
+// Return the value, or false if the database update failed
+
+if(! function_exists('set_config')) {
+function set_config($family,$key,$value) {
+	global $a;
+	
+	// manage array value
+	$dbvalue = (is_array($value)?serialize($value):$value);
+
+	if(get_config($family,$key,true) === false) {
+		$a->config[$family][$key] = $value;
+		$ret = q("INSERT INTO `config` ( `cat`, `k`, `v` ) VALUES ( '%s', '%s', '%s' ) ",
+			dbesc($family),
+			dbesc($key),
+			dbesc($dbvalue)
+		);
+		if($ret) 
+			return $value;
+		return $ret;
+	}
+	
+	$ret = q("UPDATE `config` SET `v` = '%s' WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
+		dbesc($dbvalue),
+		dbesc($family),
+		dbesc($key)
+	);
+
+	$a->config[$family][$key] = $value;
+
+	if($ret)
+		return $value;
+	return $ret;
+}}
+
+
+if(! function_exists('load_pconfig')) {
+function load_pconfig($uid,$family) {
+	global $a;
+	$r = q("SELECT * FROM `pconfig` WHERE `cat` = '%s' AND `uid` = %d",
+		dbesc($family),
+		intval($uid)
+	);
+	if(count($r)) {
+		foreach($r as $rr) {
+			$k = $rr['k'];
+			$a->config[$uid][$family][$k] = $rr['v'];
+		}
+	}
+}}
+
+
+
+if(! function_exists('get_pconfig')) {
+function get_pconfig($uid,$family, $key, $instore = false) {
+
+	global $a;
+
+	if(! $instore) {
+		if(isset($a->config[$uid][$family][$key])) {
+			if($a->config[$uid][$family][$key] === '!!') {
+				return false;
+			}
+			return $a->config[$uid][$family][$key];
+		}
+	}
+
+	$ret = q("SELECT `v` FROM `pconfig` WHERE `uid` = %d AND `cat` = '%s' AND `k` = '%s' LIMIT 1",
+		intval($uid),
+		dbesc($family),
+		dbesc($key)
+	);
+
+	if(count($ret)) {
+		$a->config[$uid][$family][$key] = $ret[0]['v'];
+		return $ret[0]['v'];
+	}
+	else {
+		$a->config[$uid][$family][$key] = '!!';
+	}
+	return false;
+}}
+
+if(! function_exists('del_config')) {
+function del_config($family,$key) {
+
+	global $a;
+	if(x($a->config[$family],$key))
+		unset($a->config[$family][$key]);
+	$ret = q("DELETE FROM `config` WHERE `cat` = '%s' AND `k` = '%s' LIMIT 1",
+		dbesc($cat),
+		dbesc($key)
+	);
+	return $ret;
+}}
+
+
+
+// Same as above functions except these are for personal config storage and take an
+// additional $uid argument.
+
+if(! function_exists('set_pconfig')) {
+function set_pconfig($uid,$family,$key,$value) {
+
+	global $a;
+
+	if(get_pconfig($uid,$family,$key,true) === false) {
+		$a->config[$uid][$family][$key] = $value;
+		$ret = q("INSERT INTO `pconfig` ( `uid`, `cat`, `k`, `v` ) VALUES ( %d, '%s', '%s', '%s' ) ",
+			intval($uid),
+			dbesc($family),
+			dbesc($key),
+			dbesc($value)
+		);
+		if($ret) 
+			return $value;
+		return $ret;
+	}
+	$ret = q("UPDATE `pconfig` SET `v` = '%s' WHERE `uid` = %d AND `cat` = '%s' AND `k` = '%s' LIMIT 1",
+		dbesc($value),
+		intval($uid),
+		dbesc($family),
+		dbesc($key)
+	);
+
+	$a->config[$uid][$family][$key] = $value;
+
+	if($ret)
+		return $value;
+	return $ret;
+}}
+
+if(! function_exists('del_pconfig')) {
+function del_pconfig($uid,$family,$key) {
+
+	global $a;
+	if(x($a->config[$uid][$family],$key))
+		unset($a->config[$uid][$family][$key]);
+	$ret = q("DELETE FROM `pconfig` WHERE `uid` = %d AND `cat` = '%s' AND `k` = '%s' LIMIT 1",
+		intval($uid),
+		dbesc($family),
+		dbesc($key)
+	);
+	return $ret;
+}}
diff --git a/include/network.php b/include/network.php
new file mode 100644
index 000000000..48e830e84
--- /dev/null
+++ b/include/network.php
@@ -0,0 +1,669 @@
+ 8) || (! $ch)) 
+		return false;
+
+	curl_setopt($ch, CURLOPT_HEADER, true);
+	curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
+	curl_setopt($ch, CURLOPT_USERAGENT, "Friendika");
+
+	$curl_time = intval(get_config('system','curl_timeout'));
+	curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60));
+
+	// by default we will allow self-signed certs
+	// but you can override this
+
+	$check_cert = get_config('system','verifyssl');
+	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
+
+	$prx = get_config('system','proxy');
+	if(strlen($prx)) {
+		curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
+		curl_setopt($ch, CURLOPT_PROXY, $prx);
+		$prxusr = get_config('system','proxyuser');
+		if(strlen($prxusr))
+			curl_setopt($ch, CURLOPT_PROXYUSERPWD, $prxusr);
+	}
+	if($binary)
+		curl_setopt($ch, CURLOPT_BINARYTRANSFER,1);
+
+	$a->set_curl_code(0);
+
+	// don't let curl abort the entire application
+	// if it throws any errors.
+
+	$s = @curl_exec($ch);
+
+	$base = $s;
+	$curl_info = curl_getinfo($ch);
+	$http_code = $curl_info['http_code'];
+
+	$header = '';
+
+	// Pull out multiple headers, e.g. proxy and continuation headers
+	// allow for HTTP/2.x without fixing code
+
+	while(preg_match('/^HTTP\/[1-2].+? [1-5][0-9][0-9]/',$base)) {
+		$chunk = substr($base,0,strpos($base,"\r\n\r\n")+4);
+		$header .= $chunk;
+		$base = substr($base,strlen($chunk));
+	}
+
+	if($http_code == 301 || $http_code == 302 || $http_code == 303 || $http_code == 307) {
+        $matches = array();
+        preg_match('/(Location:|URI:)(.*?)\n/', $header, $matches);
+        $url = trim(array_pop($matches));
+        $url_parsed = @parse_url($url);
+        if (isset($url_parsed)) {
+            $redirects++;
+            return fetch_url($url,$binary,$redirects);
+        }
+    }
+
+	$a->set_curl_code($http_code);
+
+	$body = substr($s,strlen($header));
+
+	$a->set_curl_headers($header);
+
+	curl_close($ch);
+	return($body);
+}}
+
+// post request to $url. $params is an array of post variables.
+
+if(! function_exists('post_url')) {
+function post_url($url,$params, $headers = null, &$redirects = 0) {
+	$a = get_app();
+	$ch = curl_init($url);
+	if(($redirects > 8) || (! $ch)) 
+		return false;
+
+	curl_setopt($ch, CURLOPT_HEADER, true);
+	curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
+	curl_setopt($ch, CURLOPT_POST,1);
+	curl_setopt($ch, CURLOPT_POSTFIELDS,$params);
+	curl_setopt($ch, CURLOPT_USERAGENT, "Friendika");
+
+	$curl_time = intval(get_config('system','curl_timeout'));
+	curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60));
+
+	if(defined('LIGHTTPD')) {
+		if(!is_array($headers)) {
+			$headers = array('Expect:');
+		} else {
+			if(!in_array('Expect:', $headers)) {
+				array_push($headers, 'Expect:');
+			}
+		}
+	}
+	if($headers)
+		curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
+
+	$check_cert = get_config('system','verifyssl');
+	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, (($check_cert) ? true : false));
+	$prx = get_config('system','proxy');
+	if(strlen($prx)) {
+		curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, 1);
+		curl_setopt($ch, CURLOPT_PROXY, $prx);
+		$prxusr = get_config('system','proxyuser');
+		if(strlen($prxusr))
+			curl_setopt($ch, CURLOPT_PROXYUSERPWD, $prxusr);
+	}
+
+	$a->set_curl_code(0);
+
+	// don't let curl abort the entire application
+	// if it throws any errors.
+
+	$s = @curl_exec($ch);
+
+	$base = $s;
+	$curl_info = curl_getinfo($ch);
+	$http_code = $curl_info['http_code'];
+
+	$header = '';
+
+	// Pull out multiple headers, e.g. proxy and continuation headers
+	// allow for HTTP/2.x without fixing code
+
+	while(preg_match('/^HTTP\/[1-2].+? [1-5][0-9][0-9]/',$base)) {
+		$chunk = substr($base,0,strpos($base,"\r\n\r\n")+4);
+		$header .= $chunk;
+		$base = substr($base,strlen($chunk));
+	}
+
+	if($http_code == 301 || $http_code == 302 || $http_code == 303) {
+        $matches = array();
+        preg_match('/(Location:|URI:)(.*?)\n/', $header, $matches);
+        $url = trim(array_pop($matches));
+        $url_parsed = @parse_url($url);
+        if (isset($url_parsed)) {
+            $redirects++;
+            return post_url($url,$binary,$headers,$redirects);
+        }
+    }
+	$a->set_curl_code($http_code);
+	$body = substr($s,strlen($header));
+
+	$a->set_curl_headers($header);
+
+	curl_close($ch);
+	return($body);
+}}
+
+// Generic XML return
+// Outputs a basic dfrn XML status structure to STDOUT, with a  variable 
+// of $st and an optional text  of $message and terminates the current process. 
+
+if(! function_exists('xml_status')) {
+function xml_status($st, $message = '') {
+
+	$xml_message = ((strlen($message)) ? "\t" . xmlify($message) . "\r\n" : '');
+
+	if($st)
+		logger('xml_status returning non_zero: ' . $st . " message=" . $message);
+
+	header( "Content-type: text/xml" );
+	echo ''."\r\n";
+	echo "\r\n\t$st\r\n$xml_message\r\n";
+	killme();
+}}
+
+
+
+// convert an XML document to a normalised, case-corrected array
+// used by webfinger
+
+if(! function_exists('convert_xml_element_to_array')) {
+function convert_xml_element_to_array($xml_element, &$recursion_depth=0) {
+
+        // If we're getting too deep, bail out
+        if ($recursion_depth > 512) {
+                return(null);
+        }
+
+        if (!is_string($xml_element) &&
+        !is_array($xml_element) &&
+        (get_class($xml_element) == 'SimpleXMLElement')) {
+                $xml_element_copy = $xml_element;
+                $xml_element = get_object_vars($xml_element);
+        }
+
+        if (is_array($xml_element)) {
+                $result_array = array();
+                if (count($xml_element) <= 0) {
+                        return (trim(strval($xml_element_copy)));
+                }
+
+                foreach($xml_element as $key=>$value) {
+
+                        $recursion_depth++;
+                        $result_array[strtolower($key)] =
+                convert_xml_element_to_array($value, $recursion_depth);
+                        $recursion_depth--;
+                }
+                if ($recursion_depth == 0) {
+                        $temp_array = $result_array;
+                        $result_array = array(
+                                strtolower($xml_element_copy->getName()) => $temp_array,
+                        );
+                }
+
+                return ($result_array);
+
+        } else {
+                return (trim(strval($xml_element)));
+        }
+}}
+
+// Given an email style address, perform webfinger lookup and 
+// return the resulting DFRN profile URL, or if no DFRN profile URL
+// is located, returns an OStatus subscription template (prefixed 
+// with the string 'stat:' to identify it as on OStatus template).
+// If this isn't an email style address just return $s.
+// Return an empty string if email-style addresses but webfinger fails,
+// or if the resultant personal XRD doesn't contain a supported 
+// subscription/friend-request attribute.
+
+if(! function_exists('webfinger_dfrn')) {
+function webfinger_dfrn($s) {
+	if(! strstr($s,'@')) {
+		return $s;
+	}
+	$links = webfinger($s);
+	logger('webfinger_dfrn: ' . $s . ':' . print_r($links,true), LOGGER_DATA);
+	if(count($links)) {
+		foreach($links as $link)
+			if($link['@attributes']['rel'] === NAMESPACE_DFRN)
+				return $link['@attributes']['href'];
+		foreach($links as $link)
+			if($link['@attributes']['rel'] === NAMESPACE_OSTATUSSUB)
+				return 'stat:' . $link['@attributes']['template'];		
+	}
+	return '';
+}}
+
+// Given an email style address, perform webfinger lookup and 
+// return the array of link attributes from the personal XRD file.
+// On error/failure return an empty array.
+
+
+if(! function_exists('webfinger')) {
+function webfinger($s) {
+	$host = '';
+	if(strstr($s,'@')) {
+		$host = substr($s,strpos($s,'@') + 1);
+	}
+	if(strlen($host)) {
+		$tpl = fetch_lrdd_template($host);
+		logger('webfinger: lrdd template: ' . $tpl);
+		if(strlen($tpl)) {
+			$pxrd = str_replace('{uri}', urlencode('acct:' . $s), $tpl);
+			logger('webfinger: pxrd: ' . $pxrd);
+			$links = fetch_xrd_links($pxrd);
+			if(! count($links)) {
+				// try with double slashes
+				$pxrd = str_replace('{uri}', urlencode('acct://' . $s), $tpl);
+				logger('webfinger: pxrd: ' . $pxrd);
+				$links = fetch_xrd_links($pxrd);
+			}
+			return $links;
+		}
+	}
+	return array();
+}}
+
+if(! function_exists('lrdd')) {
+function lrdd($uri) {
+
+	$a = get_app();
+
+	// default priority is host priority, host-meta first
+
+	$priority = 'host';
+
+	// All we have is an email address. Resource-priority is irrelevant
+	// because our URI isn't directly resolvable.
+
+	if(strstr($uri,'@')) {	
+		return(webfinger($uri));
+	}
+
+	// get the host meta file
+
+	$host = @parse_url($uri);
+
+	if($host) {
+		$url  = ((x($host,'scheme')) ? $host['scheme'] : 'http') . '://';
+		$url .= $host['host'] . '/.well-known/host-meta' ;
+	}
+	else
+		return array();
+
+	logger('lrdd: constructed url: ' . $url);
+
+	$xml = fetch_url($url);
+	$headers = $a->get_curl_headers();
+
+	if (! $xml)
+		return array();
+
+	logger('lrdd: host_meta: ' . $xml, LOGGER_DATA);
+
+	$h = parse_xml_string($xml);
+	if(! $h)
+		return array();
+
+	$arr = convert_xml_element_to_array($h);
+
+	if(isset($arr['xrd']['property'])) {
+		$property = $arr['crd']['property'];
+		if(! isset($property[0]))
+			$properties = array($property);
+		else
+			$properties = $property;
+		foreach($properties as $prop)
+			if((string) $prop['@attributes'] === 'http://lrdd.net/priority/resource')
+				$priority = 'resource';
+	} 
+
+	// save the links in case we need them
+
+	$links = array();
+
+	if(isset($arr['xrd']['link'])) {
+		$link = $arr['xrd']['link'];
+		if(! isset($link[0]))
+			$links = array($link);
+		else
+			$links = $link;
+	}
+
+	// do we have a template or href?
+
+	if(count($links)) {
+		foreach($links as $link) {
+			if($link['@attributes']['rel'] && attribute_contains($link['@attributes']['rel'],'lrdd')) {
+				if(x($link['@attributes'],'template'))
+					$tpl = $link['@attributes']['template'];
+				elseif(x($link['@attributes'],'href'))
+					$href = $link['@attributes']['href'];
+			}
+		}		
+	}
+
+	if((! isset($tpl)) || (! strpos($tpl,'{uri}')))
+		$tpl = '';
+
+	if($priority === 'host') {
+		if(strlen($tpl)) 
+			$pxrd = str_replace('{uri}', urlencode($uri), $tpl);
+		elseif(isset($href))
+			$pxrd = $href;
+		if(isset($pxrd)) {
+			logger('lrdd: (host priority) pxrd: ' . $pxrd);
+			$links = fetch_xrd_links($pxrd);
+			return $links;
+		}
+
+		$lines = explode("\n",$headers);
+		if(count($lines)) {
+			foreach($lines as $line) {				
+				if((stristr($line,'link:')) && preg_match('/<([^>].*)>.*rel\=[\'\"]lrdd[\'\"]/',$line,$matches)) {
+					return(fetch_xrd_links($matches[1]));
+					break;
+				}
+			}
+		}
+	}
+
+
+	// priority 'resource'
+
+
+	$html = fetch_url($uri);
+	$headers = $a->get_curl_headers();
+	logger('lrdd: headers=' . $headers, LOGGER_DEBUG);
+
+	// don't try and parse raw xml as html
+	if(! strstr($html,'getElementsByTagName('link');
+			foreach($items as $item) {
+				$x = $item->getAttribute('rel');
+				if($x == "lrdd") {
+					$pagelink = $item->getAttribute('href');
+					break;
+				}
+			}
+		}
+	}
+
+	if(isset($pagelink))
+		return(fetch_xrd_links($pagelink));
+
+	// next look in HTTP headers
+
+	$lines = explode("\n",$headers);
+	if(count($lines)) {
+		foreach($lines as $line) {				
+			// TODO alter the following regex to support multiple relations (space separated)
+			if((stristr($line,'link:')) && preg_match('/<([^>].*)>.*rel\=[\'\"]lrdd[\'\"]/',$line,$matches)) {
+				$pagelink = $matches[1];
+				break;
+			}
+			// don't try and run feeds through the html5 parser
+			if(stristr($line,'content-type:') && ((stristr($line,'application/atom+xml')) || (stristr($line,'application/rss+xml'))))
+				return array();
+			if(stristr($html,' 'alias' , 'href' => $alias);
+		}
+	}
+
+	logger('fetch_xrd_links: ' . print_r($links,true), LOGGER_DATA);
+
+	return $links;
+
+}}
+
+
+// Take a URL from the wild, prepend http:// if necessary
+// and check DNS to see if it's real
+// return true if it's OK, false if something is wrong with it
+
+if(! function_exists('validate_url')) {
+function validate_url(&$url) {
+	if(substr($url,0,4) != 'http')
+		$url = 'http://' . $url;
+	$h = @parse_url($url);
+
+	if(($h) && (dns_get_record($h['host'], DNS_A + DNS_CNAME + DNS_PTR))) {
+		return true;
+	}
+	return false;
+}}
+
+// checks that email is an actual resolvable internet address
+
+if(! function_exists('validate_email')) {
+function validate_email($addr) {
+
+	if(! strpos($addr,'@'))
+		return false;
+	$h = substr($addr,strpos($addr,'@') + 1);
+
+	if(($h) && (dns_get_record($h, DNS_A + DNS_CNAME + DNS_PTR + DNS_MX))) {
+		return true;
+	}
+	return false;
+}}
+
+// Check $url against our list of allowed sites,
+// wildcards allowed. If allowed_sites is unset return true;
+// If url is allowed, return true.
+// otherwise, return false
+
+if(! function_exists('allowed_url')) {
+function allowed_url($url) {
+
+	$h = @parse_url($url);
+
+	if(! $h) {
+		return false;
+	}
+
+	$str_allowed = get_config('system','allowed_sites');
+	if(! $str_allowed)
+		return true;
+
+	$found = false;
+
+	$host = strtolower($h['host']);
+
+	// always allow our own site
+
+	if($host == strtolower($_SERVER['SERVER_NAME']))
+		return true;
+
+	$fnmatch = function_exists('fnmatch');
+	$allowed = explode(',',$str_allowed);
+
+	if(count($allowed)) {
+		foreach($allowed as $a) {
+			$pat = strtolower(trim($a));
+			if(($fnmatch && fnmatch($pat,$host)) || ($pat == $host)) {
+				$found = true; 
+				break;
+			}
+		}
+	}
+	return $found;
+}}
+
+// check if email address is allowed to register here.
+// Compare against our list (wildcards allowed).
+// Returns false if not allowed, true if allowed or if
+// allowed list is not configured.
+
+if(! function_exists('allowed_email')) {
+function allowed_email($email) {
+
+
+	$domain = strtolower(substr($email,strpos($email,'@') + 1));
+	if(! $domain)
+		return false;
+
+	$str_allowed = get_config('system','allowed_email');
+	if(! $str_allowed)
+		return true;
+
+	$found = false;
+
+	$fnmatch = function_exists('fnmatch');
+	$allowed = explode(',',$str_allowed);
+
+	if(count($allowed)) {
+		foreach($allowed as $a) {
+			$pat = strtolower(trim($a));
+			if(($fnmatch && fnmatch($pat,$domain)) || ($pat == $domain)) {
+				$found = true; 
+				break;
+			}
+		}
+	}
+	return $found;
+}}
+
+
+if(! function_exists('gravatar_img')) {
+function gravatar_img($email) {
+	$size = 175;
+	$opt = 'identicon';   // psuedo-random geometric pattern if not found
+	$rating = 'pg';
+	$hash = md5(trim(strtolower($email)));
+	
+	$url = 'http://www.gravatar.com/avatar/' . $hash . '.jpg' 
+		. '?s=' . $size . '&d=' . $opt . '&r=' . $rating;
+
+	logger('gravatar: ' . $email . ' ' . $url);
+	return $url;
+}}
+
+
+if(! function_exists('parse_xml_string')) {
+function parse_xml_string($s,$strict = true) {
+	if($strict) {
+		if(! strstr($s,'code." at ".$err->line.":".$err->column." : ".$err->message, LOGGER_DATA);
+		libxml_clear_errors();
+	}
+	return $x;
+}}
diff --git a/include/plugin.php b/include/plugin.php
new file mode 100644
index 000000000..9f2832981
--- /dev/null
+++ b/include/plugin.php
@@ -0,0 +1,199 @@
+hooks = array();
+	$r = q("SELECT * FROM `hook` WHERE 1");
+	if(count($r)) {
+		foreach($r as $rr) {
+			$a->hooks[] = array($rr['hook'], $rr['file'], $rr['function']);
+		}
+	}
+}}
+
+
+if(! function_exists('call_hooks')) {
+function call_hooks($name, &$data = null) {
+	$a = get_app();
+
+	if(count($a->hooks)) {
+		foreach($a->hooks as $hook) {
+			if($hook[HOOK_HOOK] === $name) {
+				@include_once($hook[HOOK_FILE]);
+				if(function_exists($hook[HOOK_FUNCTION])) {
+					$func = $hook[HOOK_FUNCTION];
+					$func($a,$data);
+				}
+			}
+		}
+	}
+}}
+
+
+/*
+ * parse plugin comment in search of plugin infos.
+ * like
+ * 	
+ * 	 * Name: Plugin
+ *   * Description: A plugin which plugs in
+ * 	 * Version: 1.2.3
+ *   * Author: John 
+ *   * Author: Jane 
+ *   *
+ */
+
+if (! function_exists('get_plugin_info')){
+function get_plugin_info($plugin){
+	if (!is_file("addon/$plugin/$plugin.php")) return false;
+	
+	$f = file_get_contents("addon/$plugin/$plugin.php");
+	$r = preg_match("|/\*.*\*/|msU", $f, $m);
+	
+	$info=Array(
+		'name' => $plugin,
+		'description' => "",
+		'author' => array(),
+		'version' => ""
+	);
+	
+	if ($r){
+		$ll = explode("\n", $m[0]);
+		foreach( $ll as $l ) {
+			$l = trim($l,"\t\n\r */");
+			if ($l!=""){
+				list($k,$v) = array_map("trim", explode(":",$l,2));
+				$k= strtolower($k);
+				if ($k=="author"){
+					$r=preg_match("|([^<]+)<([^>]+)>|", $v, $m);
+					if ($r) {
+						$info['author'][] = array('name'=>$m[1], 'link'=>$m[2]);
+					} else {
+						$info['author'][] = array('name'=>$v);
+					}
+				} else {
+					if (array_key_exists($k,$info)){
+						$info[$k]=$v;
+					}
+				}
+				
+			}
+		}
+		
+	}
+	return $info;
+}}
+
diff --git a/include/salmon.php b/include/salmon.php
index 473432f25..4994655df 100644
--- a/include/salmon.php
+++ b/include/salmon.php
@@ -18,37 +18,6 @@ function salmon_key($pubkey) {
 }
 
 
-function base64url_encode($s, $strip_padding = false) {
-
-	$s = strtr(base64_encode($s),'+/','-_');
-
-	if($strip_padding)
-		$s = str_replace('=','',$s);
-
-	return $s;
-}
-
-function base64url_decode($s) {
-
-/*
- *  // Placeholder for new rev of salmon which strips base64 padding.
- *  // PHP base64_decode handles the un-padded input without requiring this step
- *  // Uncomment if you find you need it.
- *
- *	$l = strlen($s);
- *	if(! strpos($s,'=')) {
- *		$m = $l % 4;
- *		if($m == 2)
- *			$s .= '==';
- *		if($m == 3)
- *			$s .= '=';
- *	}
- *
- */
-
-	return base64_decode(strtr($s,'-_','+/'));
-}
-
 function get_salmon_key($uri,$keyhash) {
 	$ret = array();
 
diff --git a/include/text.php b/include/text.php
new file mode 100644
index 000000000..d65c77872
--- /dev/null
+++ b/include/text.php
@@ -0,0 +1,933 @@
+ replace)
+// returns substituted string.
+// WARNING: this is pretty basic, and doesn't properly handle search strings that are substrings of each other.
+// For instance if 'test' => "foo" and 'testing' => "bar", testing could become either bar or fooing, 
+// depending on the order in which they were declared in the array.   
+
+require_once("include/template_processor.php");
+
+if(! function_exists('replace_macros')) {  
+function replace_macros($s,$r) {
+	global $t;
+	
+	return $t->replace($s,$r);
+
+}}
+
+
+// random hash, 64 chars
+
+if(! function_exists('random_string')) {
+function random_string() {
+	return(hash('sha256',uniqid(rand(),true)));
+}}
+
+/**
+ * This is our primary input filter. 
+ *
+ * The high bit hack only involved some old IE browser, forget which (IE5/Mac?)
+ * that had an XSS attack vector due to stripping the high-bit on an 8-bit character
+ * after cleansing, and angle chars with the high bit set could get through as markup.
+ * 
+ * This is now disabled because it was interfering with some legitimate unicode sequences 
+ * and hopefully there aren't a lot of those browsers left. 
+ *
+ * Use this on any text input where angle chars are not valid or permitted
+ * They will be replaced with safer brackets. This may be filtered further
+ * if these are not allowed either.   
+ *
+ */
+
+if(! function_exists('notags')) {
+function notags($string) {
+
+	return(str_replace(array("<",">"), array('[',']'), $string));
+
+//  High-bit filter no longer used
+//	return(str_replace(array("<",">","\xBA","\xBC","\xBE"), array('[',']','','',''), $string));
+}}
+
+// use this on "body" or "content" input where angle chars shouldn't be removed,
+// and allow them to be safely displayed.
+
+if(! function_exists('escape_tags')) {
+function escape_tags($string) {
+
+	return(htmlspecialchars($string));
+}}
+
+
+// generate a string that's random, but usually pronounceable. 
+// used to generate initial passwords
+
+if(! function_exists('autoname')) {
+function autoname($len) {
+
+	$vowels = array('a','a','ai','au','e','e','e','ee','ea','i','ie','o','ou','u'); 
+	if(mt_rand(0,5) == 4)
+		$vowels[] = 'y';
+
+	$cons = array(
+			'b','bl','br',
+			'c','ch','cl','cr',
+			'd','dr',
+			'f','fl','fr',
+			'g','gh','gl','gr',
+			'h',
+			'j',
+			'k','kh','kl','kr',
+			'l',
+			'm',
+			'n',
+			'p','ph','pl','pr',
+			'qu',
+			'r','rh',
+			's','sc','sh','sm','sp','st',
+			't','th','tr',
+			'v',
+			'w','wh',
+			'x',
+			'z','zh'
+			);
+
+	$midcons = array('ck','ct','gn','ld','lf','lm','lt','mb','mm', 'mn','mp',
+				'nd','ng','nk','nt','rn','rp','rt');
+
+	$noend = array('bl', 'br', 'cl','cr','dr','fl','fr','gl','gr',
+				'kh', 'kl','kr','mn','pl','pr','rh','tr','qu','wh');
+
+	$start = mt_rand(0,2);
+  	if($start == 0)
+    		$table = $vowels;
+  	else
+    		$table = $cons;
+
+	$word = '';
+
+	for ($x = 0; $x < $len; $x ++) {
+  		$r = mt_rand(0,count($table) - 1);
+  		$word .= $table[$r];
+  
+  		if($table == $vowels)
+    			$table = array_merge($cons,$midcons);
+  		else
+    			$table = $vowels;
+
+	}
+
+	$word = substr($word,0,$len);
+
+	foreach($noend as $noe) {
+  		if((strlen($word) > 2) && (substr($word,-2) == $noe)) {
+    			$word = substr($word,0,-1);
+    			break;
+  		}
+	}
+	if(substr($word,-1) == 'q')
+		$word = substr($word,0,-1);    
+	return $word;
+}}
+
+
+// escape text ($str) for XML transport
+// returns escaped text.
+
+if(! function_exists('xmlify')) {
+function xmlify($str) {
+	$buffer = '';
+	
+	for($x = 0; $x < strlen($str); $x ++) {
+		$char = $str[$x];
+        
+		switch( $char ) {
+
+			case "\r" :
+				break;
+			case "&" :
+				$buffer .= '&';
+				break;
+			case "'" :
+				$buffer .= ''';
+				break;
+			case "\"" :
+				$buffer .= '"';
+				break;
+			case '<' :
+				$buffer .= '<';
+				break;
+			case '>' :
+				$buffer .= '>';
+				break;
+			case "\n" :
+				$buffer .= "\n";
+				break;
+			default :
+				$buffer .= $char;
+				break;
+		}	
+	}
+	$buffer = trim($buffer);
+	return($buffer);
+}}
+
+// undo an xmlify
+// pass xml escaped text ($s), returns unescaped text
+
+if(! function_exists('unxmlify')) {
+function unxmlify($s) {
+	$ret = str_replace('&','&', $s);
+	$ret = str_replace(array('<','>','"','''),array('<','>','"',"'"),$ret);
+	return $ret;	
+}}
+
+// convenience wrapper, reverse the operation "bin2hex"
+
+if(! function_exists('hex2bin')) {
+function hex2bin($s) {
+	if(! ctype_xdigit($s)) {
+		logger('hex2bin: illegal input: ' . print_r(debug_backtrace(), true));
+		return($s);
+	}
+
+	return(pack("H*",$s));
+}}
+
+// Automatic pagination.
+// To use, get the count of total items.
+// Then call $a->set_pager_total($number_items);
+// Optionally call $a->set_pager_itemspage($n) to the number of items to display on each page
+// Then call paginate($a) after the end of the display loop to insert the pager block on the page
+// (assuming there are enough items to paginate).
+// When using with SQL, the setting LIMIT %d, %d => $a->pager['start'],$a->pager['itemspage']
+// will limit the results to the correct items for the current page. 
+// The actual page handling is then accomplished at the application layer. 
+
+if(! function_exists('paginate')) {
+function paginate(&$a) {
+	$o = '';
+	$stripped = preg_replace('/(&page=[0-9]*)/','',$a->query_string);
+	$stripped = str_replace('q=','',$stripped);
+	$stripped = trim($stripped,'/');
+	$pagenum = $a->pager['page'];
+	$url = $a->get_baseurl() . '/' . $stripped;
+
+
+	  if($a->pager['total'] > $a->pager['itemspage']) {
+		$o .= '
';
+    		if($a->pager['page'] != 1)
+			$o .= ''."pager['page'] - 1).'">' . t('prev') . ' ';
+
+		$o .=  "" . t('first') . " ";
+
+    		$numpages = $a->pager['total'] / $a->pager['itemspage'];
+
+			$numstart = 1;
+    		$numstop = $numpages;
+
+    		if($numpages > 14) {
+      			$numstart = (($pagenum > 7) ? ($pagenum - 7) : 1);
+      			$numstop = (($pagenum > ($numpages - 7)) ? $numpages : ($numstart + 14));
+    		}
+   
+		for($i = $numstart; $i <= $numstop; $i++){
+      			if($i == $a->pager['page'])
+				$o .= ''.(($i < 10) ? ' '.$i : $i);
+			else
+				$o .= "".(($i < 10) ? ' '.$i : $i)."";
+			$o .= ' ';
+		}
+
+		if(($a->pager['total'] % $a->pager['itemspage']) != 0) {
+			if($i == $a->pager['page'])
+				$o .= ''.(($i < 10) ? ' '.$i : $i);
+			else
+				$o .= "".(($i < 10) ? ' '.$i : $i)."";
+			$o .= ' ';
+		}
+
+		$lastpage = (($numpages > intval($numpages)) ? intval($numpages)+1 : $numpages);
+		$o .= "" . t('last') . " ";
+
+    		if(($a->pager['total'] - ($a->pager['itemspage'] * $a->pager['page'])) > 0)
+			$o .= ''."pager['page'] + 1).'">' . t('next') . '';
+		$o .= '
'."\r\n";
+	}
+	return $o;
+}}
+
+// Turn user/group ACLs stored as angle bracketed text into arrays
+
+if(! function_exists('expand_acl')) {
+function expand_acl($s) {
+	// turn string array of angle-bracketed elements into numeric array
+	// e.g. "<1><2><3>" => array(1,2,3);
+	$ret = array();
+
+	if(strlen($s)) {
+		$t = str_replace('<','',$s);
+		$a = explode('>',$t);
+		foreach($a as $aa) {
+			if(intval($aa))
+				$ret[] = intval($aa);
+		}
+	}
+	return $ret;
+}}		
+
+// Used to wrap ACL elements in angle brackets for storage 
+
+if(! function_exists('sanitise_acl')) {
+function sanitise_acl(&$item) {
+	if(intval($item))
+		$item = '<' . intval(notags(trim($item))) . '>';
+	else
+		unset($item);
+}}
+
+
+// Convert an ACL array to a storable string
+
+if(! function_exists('perms2str')) {
+function perms2str($p) {
+	$ret = '';
+	$tmp = $p;
+	if(is_array($tmp)) {
+		array_walk($tmp,'sanitise_acl');
+		$ret = implode('',$tmp);
+	}
+	return $ret;
+}}
+
+// generate a guaranteed unique (for this domain) item ID for ATOM
+// safe from birthday paradox
+
+if(! function_exists('item_new_uri')) {
+function item_new_uri($hostname,$uid) {
+
+	do {
+		$dups = false;
+		$hash = random_string();
+
+		$uri = "urn:X-dfrn:" . $hostname . ':' . $uid . ':' . $hash;
+
+		$r = q("SELECT `id` FROM `item` WHERE `uri` = '%s' LIMIT 1",
+			dbesc($uri));
+		if(count($r))
+			$dups = true;
+	} while($dups == true);
+	return $uri;
+}}
+
+// Generate a guaranteed unique photo ID.
+// safe from birthday paradox
+
+if(! function_exists('photo_new_resource')) {
+function photo_new_resource() {
+
+	do {
+		$found = false;
+		$resource = hash('md5',uniqid(mt_rand(),true));
+		$r = q("SELECT `id` FROM `photo` WHERE `resource-id` = '%s' LIMIT 1",
+			dbesc($resource)
+		);
+		if(count($r))
+			$found = true;
+	} while($found == true);
+	return $resource;
+}}
+
+
+// wrapper to load a view template, checking for alternate
+// languages before falling back to the default
+
+// obsolete, deprecated.
+
+if(! function_exists('load_view_file')) {
+function load_view_file($s) {
+	global $lang, $a;
+	if(! isset($lang))
+		$lang = 'en';
+	$b = basename($s);
+	$d = dirname($s);
+	if(file_exists("$d/$lang/$b"))
+		return file_get_contents("$d/$lang/$b");
+	
+	$theme = current_theme();
+	
+	if(file_exists("$d/theme/$theme/$b"))
+		return file_get_contents("$d/theme/$theme/$b");
+			
+	return file_get_contents($s);
+}}
+
+if(! function_exists('get_intltext_template')) {
+function get_intltext_template($s) {
+	global $lang;
+
+	if(! isset($lang))
+		$lang = 'en';
+
+	if(file_exists("view/$lang/$s"))
+		return file_get_contents("view/$lang/$s");
+	elseif(file_exists("view/en/$s"))
+		return file_get_contents("view/en/$s");
+	else
+		return file_get_contents("view/$s");
+}}
+
+if(! function_exists('get_markup_template')) {
+function get_markup_template($s) {
+
+	$theme = current_theme();
+	
+	if(file_exists("view/theme/$theme/$s"))
+		return file_get_contents("view/theme/$theme/$s");
+	else
+		return file_get_contents("view/$s");
+
+}}
+
+
+
+
+
+// for html,xml parsing - let's say you've got
+// an attribute foobar="class1 class2 class3"
+// and you want to find out if it contains 'class3'.
+// you can't use a normal sub string search because you
+// might match 'notclass3' and a regex to do the job is 
+// possible but a bit complicated. 
+// pass the attribute string as $attr and the attribute you 
+// are looking for as $s - returns true if found, otherwise false
+
+if(! function_exists('attribute_contains')) {
+function attribute_contains($attr,$s) {
+	$a = explode(' ', $attr);
+	if(count($a) && in_array($s,$a))
+		return true;
+	return false;
+}}
+
+if(! function_exists('logger')) {
+function logger($msg,$level = 0) {
+	$debugging = get_config('system','debugging');
+	$loglevel  = intval(get_config('system','loglevel'));
+	$logfile   = get_config('system','logfile');
+
+	if((! $debugging) || (! $logfile) || ($level > $loglevel))
+		return;
+	
+	@file_put_contents($logfile, datetime_convert() . ':' . session_id() . ' ' . $msg . "\n", FILE_APPEND);
+	return;
+}}
+
+
+if(! function_exists('activity_match')) {
+function activity_match($haystack,$needle) {
+	if(($haystack === $needle) || ((basename($needle) === $haystack) && strstr($needle,NAMESPACE_ACTIVITY_SCHEMA)))
+		return true;
+	return false;
+}}
+
+
+// Pull out all #hashtags and @person tags from $s;
+// We also get @person@domain.com - which would make 
+// the regex quite complicated as tags can also
+// end a sentence. So we'll run through our results
+// and strip the period from any tags which end with one.
+// Returns array of tags found, or empty array.
+
+
+if(! function_exists('get_tags')) {
+function get_tags($s) {
+	$ret = array();
+
+	// ignore anything in a code block
+
+	$s = preg_replace('/\[code\](.*?)\[\/code\]/sm','',$s);
+
+	// Match full names against @tags including the space between first and last
+	// We will look these up afterward to see if they are full names or not recognisable.
+
+	if(preg_match_all('/(@[^ \x0D\x0A,:?]+ [^ \x0D\x0A,:?]+)([ \x0D\x0A,:?]|$)/',$s,$match)) {
+		foreach($match[1] as $mtch) {
+			if(strstr($mtch,"]")) {
+				// we might be inside a bbcode color tag - leave it alone
+				continue;
+			}
+			if(substr($mtch,-1,1) === '.')
+				$ret[] = substr($mtch,0,-1);
+			else
+				$ret[] = $mtch;
+		}
+	}
+
+	// Otherwise pull out single word tags. These can be @nickname, @first_last
+	// and #hash tags.
+
+	if(preg_match_all('/([@#][^ \x0D\x0A,:?]+)([ \x0D\x0A,:?]|$)/',$s,$match)) {
+		foreach($match[1] as $mtch) {
+			if(strstr($mtch,"]")) {
+				// we might be inside a bbcode color tag - leave it alone
+				continue;
+			}
+			// ignore strictly numeric tags like #1
+			if((strpos($mtch,'#') === 0) && ctype_digit(substr($mtch,1)))
+				continue;
+			if(substr($mtch,-1,1) === '.')
+				$ret[] = substr($mtch,0,-1);
+			else
+				$ret[] = $mtch;
+		}
+	}
+	return $ret;
+}}
+
+
+// quick and dirty quoted_printable encoding
+
+if(! function_exists('qp')) {
+function qp($s) {
+return str_replace ("%","=",rawurlencode($s));
+}} 
+
+
+
+if(! function_exists('get_mentions')) {
+function get_mentions($item) {
+	$o = '';
+	if(! strlen($item['tag']))
+		return $o;
+
+	$arr = explode(',',$item['tag']);
+	foreach($arr as $x) {
+		$matches = null;
+		if(preg_match('/@\[url=([^\]]*)\]/',$x,$matches)) {
+			$o .= "\t\t" . '' . "\r\n";
+			$o .= "\t\t" . '' . "\r\n";
+		}
+	}
+	return $o;
+}}
+
+if(! function_exists('contact_block')) {
+function contact_block() {
+	$o = '';
+	$a = get_app();
+
+	$shown = get_pconfig($a->profile['uid'],'system','display_friend_count');
+	if(! $shown)
+		$shown = 24;
+
+	if((! is_array($a->profile)) || ($a->profile['hide-friends']))
+		return $o;
+	$r = q("SELECT COUNT(*) AS `total` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 and `pending` = 0",
+			intval($a->profile['uid'])
+	);
+	if(count($r)) {
+		$total = intval($r[0]['total']);
+	}
+	if(! $total) {
+		$o .= '
' . t('No contacts') . '
';
+		return $o;
+	}
+	$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 and `pending` = 0 ORDER BY RAND() LIMIT %d",
+			intval($a->profile['uid']),
+			intval($shown)
+	);
+	if(count($r)) {
+		$o .= '
' .  sprintf( tt('%d Contact','%d Contacts', $total),$total) . '
';
+		foreach($r as $rr) {
+			$o .= micropro($rr,true,'mpfriend');
+		}
+		$o .= '
';
+		$o .=  '';
+		
+	}
+
+	$arr = array('contacts' => $r, 'output' => $o);
+
+	call_hooks('contact_block_end', $arr);
+	return $o;
+
+}}
+
+if(! function_exists('micropro')) {
+function micropro($contact, $redirect = false, $class = '', $textmode = false) {
+
+	if($class)
+		$class = ' ' . $class;
+
+	$url = $contact['url'];
+	$sparkle = '';
+
+	if($redirect) {
+		$a = get_app();
+		$redirect_url = $a->get_baseurl() . '/redir/' . $contact['id'];
+		if(local_user() && ($contact['uid'] == local_user()) && ($contact['network'] === 'dfrn')) {
+			$url = $redirect_url;
+			$sparkle = ' sparkle';
+		}
+	}
+	$click = ((x($contact,'click')) ? ' onclick="' . $contact['click'] . '" ' : '');
+	if($click)
+		$url = '';
+	if($textmode) {
+		return '
'. $contact['name'] . '
' . "\r\n";
+	}
+	else {
+		return '
' . $contact['name'] 
+			. '
' . "\r\n";
+	}
+}}
+
+
+
+if(! function_exists('search')) {
+function search($s,$id='search-box',$url='/search') {
+	$a = get_app();
+	$o  = '
';
+	$o .= '
';
+	$o .= '';
+	$o .= ''; 
+	$o .= '
';
+	return $o;
+}}
+
+if(! function_exists('valid_email')) {
+function valid_email($x){
+	if(preg_match('/^[_a-zA-Z0-9-]+(\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)+$/',$x))
+		return true;
+	return false;
+}}
+
+
+if(! function_exists('aes_decrypt')) {
+function aes_decrypt($val,$ky)
+{
+    $key="\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+    for($a=0;$a=0 and ord(substr($dec, strlen($dec)-1,1))<=16)? chr(ord( substr($dec,strlen($dec)-1,1))):null));
+}}
+
+
+if(! function_exists('aes_encrypt')) {
+function aes_encrypt($val,$ky)
+{
+    $key="\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
+    for($a=0;$a$1', $s);
+	return($s);
+}}
+
+
+/**
+ * 
+ * Function: smilies
+ *
+ * Description:
+ * Replaces text emoticons with graphical images
+ *
+ * @Parameter: string $s
+ *
+ * Returns string
+ */
+
+if(! function_exists('smilies')) {
+function smilies($s) {
+	$a = get_app();
+
+	return str_replace(
+	array( '<3', '</3', '<\\3', ':-)', ':)', ';-)', ':-(', ':(', ':-P', ':P', ':-"', ':-x', ':-X', ':-D', '8-|', '8-O'),
+	array(
+		'<3',
+		'</3',
+		'<\\3',
+		':-)',
+		':)',
+		';-)',
+		':-(',
+		':(',
+		':-P',
+		':P',
+		':-\',
+		':-x',
+		':-X',
+		':-D',
+		'8-|',
+		'8-O'
+	), $s);
+}}
+
+
+
+if(! function_exists('day_translate')) {
+function day_translate($s) {
+	$ret = str_replace(array('Monday','Tuesday','Wednesday','Thursday','Friday','Saturday','Sunday'),
+		array( t('Monday'), t('Tuesday'), t('Wednesday'), t('Thursday'), t('Friday'), t('Saturday'), t('Sunday')),
+		$s);
+
+	$ret = str_replace(array('January','February','March','April','May','June','July','August','September','October','November','December'),
+		array( t('January'), t('February'), t('March'), t('April'), t('May'), t('June'), t('July'), t('August'), t('September'), t('October'), t('November'), t('December')),
+		$ret);
+
+	return $ret;
+}}
+
+
+if(! function_exists('normalise_link')) {
+function normalise_link($url) {
+	$ret = str_replace(array('https:','//www.'), array('http:','//'), $url);
+	return(rtrim($ret,'/'));
+}}
+
+/**
+ *
+ * Compare two URLs to see if they are the same, but ignore
+ * slight but hopefully insignificant differences such as if one 
+ * is https and the other isn't, or if one is www.something and 
+ * the other isn't - and also ignore case differences.
+ *
+ * Return true if the URLs match, otherwise false.
+ *
+ */
+
+if(! function_exists('link_compare')) {
+function link_compare($a,$b) {
+	if(strcasecmp(normalise_link($a),normalise_link($b)) === 0)
+		return true;
+	return false;
+}}
+
+
+if(! function_exists('prepare_body')) {
+function prepare_body($item,$attach = false) {
+
+	$s = prepare_text($item['body']);
+	if(! $attach)
+		return $s;
+
+	$arr = explode(',',$item['attach']);
+	if(count($arr)) {
+		$s .= '
';
+		foreach($arr as $r) {
+			$matches = false;
+			$icon = '';
+			$cnt = preg_match('|\[attach\]href=\"(.*?)\" size=\"(.*?)\" type=\"(.*?)\" title=\"(.*?)\"\[\/attach\]|',$r,$matches);
+			if($cnt) {
+				$icontype = strtolower(substr($matches[3],0,strpos($matches[3],'/')));
+				switch($icontype) {
+					case 'video':
+					case 'audio':
+					case 'image':
+					case 'text':
+						$icon = '
';
+						break;
+					default:
+						$icon = '
';
+						break;
+				}
+				$title = ((strlen(trim($matches[4]))) ? escape_tags(trim($matches[4])) : escape_tags($matches[1]));
+				$title .= ' ' . $matches[2] . ' ' . t('bytes');
+
+				$s .= '' . $icon . '';
+			}
+		}
+		$s .= '
';
+	}
+	return $s;
+}}
+
+if(! function_exists('prepare_text')) {
+function prepare_text($text) {
+
+	require_once('include/bbcode.php');
+
+	$s = smilies(bbcode($text));
+
+	return $s;
+}}
+
+
+/**
+ * return atom link elements for all of our hubs
+ */
+
+if(! function_exists('feed_hublinks')) {
+function feed_hublinks() {
+
+	$hub = get_config('system','huburl');
+
+	$hubxml = '';
+	if(strlen($hub)) {
+		$hubs = explode(',', $hub);
+		if(count($hubs)) {
+			foreach($hubs as $h) {
+				$h = trim($h);
+				if(! strlen($h))
+					continue;
+				$hubxml .= '' . "\n" ;
+			}
+		}
+	}
+	return $hubxml;
+}}
+
+/* return atom link elements for salmon endpoints */
+
+if(! function_exists('feed_salmonlinks')) {
+function feed_salmonlinks($nick) {
+
+	$a = get_app();
+
+	$salmon  = '' . "\n" ;
+
+	// old style links that status.net still needed as of 12/2010 
+
+	$salmon .= '  ' . "\n" ; 
+	$salmon .= '  ' . "\n" ; 
+	return $salmon;
+}}
+
+if(! function_exists('get_plink')) {
+function get_plink($item) {
+	$a = get_app();	
+	$plink = (((x($item,'plink')) && (! $item['private'])) ? '
' : '');
+	return $plink;
+}}
+
+if(! function_exists('unamp')) {
+function unamp($s) {
+	return str_replace('&', '&', $s);
+}}
+
+
+
+
+if(! function_exists('lang_selector')) {
+function lang_selector() {
+	global $lang;
+	$o = '
';
+	$o .= '';
+	return $o;
+}}
+
+
+if(! function_exists('return_bytes')) {
+function return_bytes ($size_str) {
+    switch (substr ($size_str, -1))
+    {
+        case 'M': case 'm': return (int)$size_str * 1048576;
+        case 'K': case 'k': return (int)$size_str * 1024;
+        case 'G': case 'g': return (int)$size_str * 1073741824;
+        default: return $size_str;
+    }
+}}
+
+function generate_guid() {
+	$found = true;
+	do {
+		$guid = substr(random_string(),0,16);
+		$x = q("SELECT `uid` FROM `user` WHERE `guid` = '%s' LIMIT 1",
+			dbesc($guid)
+		);
+		if(! count($x))
+			$found = false;
+	} while ($found == true );
+	return $guid;
+}
+
+
+function pkcs5_pad ($text, $blocksize)
+{
+    $pad = $blocksize - (strlen($text) % $blocksize);
+    return $text . str_repeat(chr($pad), $pad);
+}
+
+function pkcs5_unpad($text)
+{
+    $pad = ord($text{strlen($text)-1});
+    if ($pad > strlen($text)) return false;
+    if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) return false;
+    return substr($text, 0, -1 * $pad);
+} 
+
+
+function base64url_encode($s, $strip_padding = false) {
+
+	$s = strtr(base64_encode($s),'+/','-_');
+
+	if($strip_padding)
+		$s = str_replace('=','',$s);
+
+	return $s;
+}
+
+function base64url_decode($s) {
+
+/*
+ *  // Placeholder for new rev of salmon which strips base64 padding.
+ *  // PHP base64_decode handles the un-padded input without requiring this step
+ *  // Uncomment if you find you need it.
+ *
+ *	$l = strlen($s);
+ *	if(! strpos($s,'=')) {
+ *		$m = $l % 4;
+ *		if($m == 2)
+ *			$s .= '==';
+ *		if($m == 3)
+ *			$s .= '=';
+ *	}
+ *
+ */
+
+	return base64_decode(strtr($s,'-_','+/'));
+}
-- 
cgit v1.2.3


From 2637831d9056862f7c3db718702116ef4652629a Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 1 Aug 2011 21:02:25 -0700
Subject: some more zot changes migrating back to f9a mainline

---
 include/auth.php    | 12 ++++++------
 include/hostxrd.php |  5 ++---
 2 files changed, 8 insertions(+), 9 deletions(-)

(limited to 'include')

diff --git a/include/auth.php b/include/auth.php
index d1eb9d131..768af626f 100644
--- a/include/auth.php
+++ b/include/auth.php
@@ -25,7 +25,7 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
 
 		nuke_session();
 		info( t('Logged out.') . EOL);
-		goaway($a->get_baseurl());
+		goaway(z_root());
 	}
 
 	if(x($_SESSION,'visitor_id') && (! x($_SESSION,'uid'))) {
@@ -45,7 +45,7 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
 		// extra paranoia - if the IP changed, log them out
 		if($check && ($_SESSION['addr'] != $_SERVER['REMOTE_ADDR'])) {
 			nuke_session();
-			goaway($a->get_baseurl());
+			goaway(z_root());
 		}
 
 		$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
@@ -54,7 +54,7 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p
 
 		if(! count($r)) {
 			nuke_session();
-			goaway($a->get_baseurl());
+			goaway(z_root());
 		}
 
 		// initialise user environment
@@ -118,7 +118,7 @@ else {
 			if(($noid) || (strpos($temp_string,'@')) || (! validate_url($temp_string))) {
 				$a = get_app();
 				notice( t('Login failed.') . EOL);
-				goaway($a->get_baseurl());
+				goaway(z_root());
 				// NOTREACHED
 			}
 
@@ -143,7 +143,7 @@ else {
 				if($a->config['register_policy'] == REGISTER_CLOSED) {
 					$a = get_app();
 					notice( t('Login failed.') . EOL);
-					goaway($a->get_baseurl());
+					goaway(z_root());
 					// NOTREACHED
 				}
 				// new account
@@ -196,7 +196,7 @@ else {
 		if((! $record) || (! count($record))) {
 			logger('authenticate: failed login attempt: ' . trim($_POST['openid_url'])); 
 			notice( t('Login failed.') . EOL );
-			goaway($a->get_baseurl());
+			goaway(z_root());
   		}
 
 		$_SESSION['uid'] = $record['uid'];
diff --git a/include/hostxrd.php b/include/hostxrd.php
index 7040f927d..18c3e4b1e 100644
--- a/include/hostxrd.php
+++ b/include/hostxrd.php
@@ -1,11 +1,10 @@
 
Date: Tue, 2 Aug 2011 20:02:07 -0700
Subject: api compatibility fixes

---
 include/api.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'include')

diff --git a/include/api.php b/include/api.php
index c77c55cef..082da55b3 100644
--- a/include/api.php
+++ b/include/api.php
@@ -723,7 +723,8 @@
 				'created_at'=> api_date($item['created']),
 				'published' => datetime_convert('UTC','UTC',$item['created'],ATOM_TIME),
 				'updated'   => datetime_convert('UTC','UTC',$item['edited'],ATOM_TIME),
-				'id'		=> $item['uri'],
+				'id'		=> $item['id'],
+				'message_id' => $item['uri'],
 				'text'		=> strip_tags(bbcode($item['body'])),
 				'html'		=> bbcode($item['body']),
 				'source'    => (($item['app']) ? $item['app'] : 'web'),
@@ -773,7 +774,7 @@
 		$email = $a->config['admin_email'];
 		$closed = (($a->config['register_policy'] == REGISTER_CLOSED) ? 'true' : 'false');
 		$private = (($a->config['system']['block_public']) ? 'true' : 'false');
-		$textlimit = (($a->config['max_import_size']) ? $a->config['max_import_size'] : '200000');
+		$textlimit = (string) (($a->config['max_import_size']) ? $a->config['max_import_size'] : 200000);
 		$ssl = (($a->config['system']['have_ssl']) ? 'true' : 'false');
 		$sslserver = (($ssl === 'true') ? str_replace('http:','https:',$a->get_baseurl()) : '');
 
-- 
cgit v1.2.3


From 6bf800c6c8ea90d86cadb58b862ecddcf40e7b2a Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 2 Aug 2011 20:08:40 -0700
Subject: Provide a way to lie about textlimit as far as API is concerned.

---
 include/api.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'include')

diff --git a/include/api.php b/include/api.php
index 082da55b3..8644c839c 100644
--- a/include/api.php
+++ b/include/api.php
@@ -775,6 +775,8 @@
 		$closed = (($a->config['register_policy'] == REGISTER_CLOSED) ? 'true' : 'false');
 		$private = (($a->config['system']['block_public']) ? 'true' : 'false');
 		$textlimit = (string) (($a->config['max_import_size']) ? $a->config['max_import_size'] : 200000);
+		if($a->config['api_import_size'])
+			$texlimit = string($a->config['api_import_size']);
 		$ssl = (($a->config['system']['have_ssl']) ? 'true' : 'false');
 		$sslserver = (($ssl === 'true') ? str_replace('http:','https:',$a->get_baseurl()) : '');
 
-- 
cgit v1.2.3


From e22e823e93756fbfbb175f4f9f182aee64c1f5b1 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 2 Aug 2011 22:39:35 -0700
Subject: allow group selection from contact edit page

---
 include/group.php | 28 ++++++++++++++++++++++++++--
 include/main.js   |  8 ++++++++
 2 files changed, 34 insertions(+), 2 deletions(-)

(limited to 'include')

diff --git a/include/group.php b/include/group.php
index e16c900d9..8ee7face6 100644
--- a/include/group.php
+++ b/include/group.php
@@ -136,7 +136,7 @@ function group_public_members($gid) {
 
 
 
-function group_side($every="contacts",$each="group",$edit = false, $group_id = 0) {
+function group_side($every="contacts",$each="group",$edit = false, $group_id = 0, $cid = 0) {
 
 	$o = '';
 
@@ -160,10 +160,19 @@ EOT;
 	$r = q("SELECT * FROM `group` WHERE `deleted` = 0 AND `uid` = %d ORDER BY `name` ASC",
 		intval($_SESSION['uid'])
 	);
+	if($cid) {
+		$member_of = groups_containing(local_user(),$cid);
+	} 
+
 	if(count($r)) {
 		foreach($r as $rr) {
 			$selected = (($group_id == $rr['id']) ? ' class="group-selected" ' : '');
-			$o .= '	
  • ' . (($edit) ? "\"" " : "") . "{$rr['name']}
    • \r\n";
+			$o .= '	
  • ' 
+			. (($edit) ? "\"" " : "") 
+			. (($cid) ? '' : '')
+			. "{$rr['name']}
    • \r\n";
 		}
 	}
 	$o .= "	\r\n	";
@@ -204,3 +213,18 @@ function member_of($c) {
 
 }
 
+function groups_containing($uid,$c) {
+
+	$r = q("SELECT `gid` FROM `group_member` WHERE `uid` = %d AND `group_member`.`contact-id` = %d ",
+		intval($uid),
+		intval($c)
+	);
+
+	$ret = array();
+	if(count($r)) {
+		foreach($r as $rr)
+			$ret[] = $rr['gid'];
+	}
+
+	return $ret;
+}
\ No newline at end of file
diff --git a/include/main.js b/include/main.js
index d17d923e4..e5c78a065 100644
--- a/include/main.js
+++ b/include/main.js
@@ -341,6 +341,14 @@
 		});
 	}
 
+	function contactgroupChangeMember(gid,cid) {
+		$('body').css('cursor', 'wait');
+		$.get('contactgroup/' + gid + '/' + cid, function(data) {
+				$('body').css('cursor', 'auto');				
+		});
+	}
+
+
 function checkboxhighlight(box) {
   if($(box).is(':checked')) {
 	$(box).addClass('checkeditem');
-- 
cgit v1.2.3


From ad1e827169d9f57c02746b51c5268bdbe2cd8ac9 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Wed, 3 Aug 2011 19:18:58 -0700
Subject: several fixes for attachments

---
 include/attach.php | 11 ++++++-----
 include/items.php  |  6 +++---
 include/text.php   |  2 +-
 3 files changed, 10 insertions(+), 9 deletions(-)

(limited to 'include')

diff --git a/include/attach.php b/include/attach.php
index ca53081d9..4001d2af1 100644
--- a/include/attach.php
+++ b/include/attach.php
@@ -1,7 +1,7 @@
  'application/vnd.oasis.opendocument.spreadsheet',
 	);
 
-	if(strpos($filename,'.') !== false) {
-		$ext = strtolower(array_pop(explode('.',$filename)));
+	$dot = strpos($filename,'.');
+	if($dot !== false) {
+		$ext = strtolower(substr($filename,$dot+1));
 		if (array_key_exists($ext, $mime_types)) {
 			return $mime_types[$ext];
 		}
@@ -76,5 +77,5 @@ function mime_content_type($filename) {
 	else {
 		return 'application/octet-stream';
 	}
-}}
+}
 
diff --git a/include/items.php b/include/items.php
index 6d69c6cc9..8c6134f94 100644
--- a/include/items.php
+++ b/include/items.php
@@ -518,7 +518,7 @@ function get_atom_elements($feed,$item) {
 			if(! $type)
 				$type = 'application/octet-stream';
 
-			$att_arr[] = '[attach]href="' . $link . '" size="' . $len . '" type="' . $type . '" title="' . $title . '"[/attach]'; 
+			$att_arr[] = '[attach]href="' . $link . '" length="' . $len . '" type="' . $type . '" title="' . $title . '"[/attach]'; 
 		}
 		$res['attach'] = implode(',', $att_arr);
 	}
@@ -1725,11 +1725,11 @@ function item_getfeedattach($item) {
 	if(count($arr)) {
 		foreach($arr as $r) {
 			$matches = false;
-			$cnt = preg_match('|\[attach\]href=\"(.*?)\" size=\"(.*?)\" type=\"(.*?)\" title=\"(.*?)\"\[\/attach\]|',$r,$matches);
+			$cnt = preg_match('|\[attach\]href=\"(.*?)\" length=\"(.*?)\" type=\"(.*?)\" title=\"(.*?)\"\[\/attach\]|',$r,$matches);
 			if($cnt) {
 				$ret .= '
Date: Wed, 3 Aug 2011 21:05:39 -0700
Subject: allow custom avatar sizes - needed for Diaspora hcard/vcard

---
 include/items.php | 5 +++++
 include/text.php  | 6 ++++++
 2 files changed, 11 insertions(+)

(limited to 'include')

diff --git a/include/items.php b/include/items.php
index 8c6134f94..047dd4442 100644
--- a/include/items.php
+++ b/include/items.php
@@ -995,6 +995,11 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $secure_fee
 
 	require_once('library/simplepie/simplepie.inc');
 
+	if(! strlen($xml)) {
+		logger('consume_feed: empty input');
+		return;
+	}
+		
 	$feed = new SimplePie();
 	$feed->set_raw_data($xml);
 	if($datedir)
diff --git a/include/text.php b/include/text.php
index a568b7a94..d53a2ceb9 100644
--- a/include/text.php
+++ b/include/text.php
@@ -732,6 +732,9 @@ function link_compare($a,$b) {
 	return false;
 }}
 
+// Given an item array, convert the body element from bbcode to html and add smilie icons.
+// If attach is true, also add icons for item attachments
+
 
 if(! function_exists('prepare_body')) {
 function prepare_body($item,$attach = false) {
@@ -771,6 +774,9 @@ function prepare_body($item,$attach = false) {
 	return $s;
 }}
 
+
+// Given a text string, convert from bbcode to html and add smilie icons.
+
 if(! function_exists('prepare_text')) {
 function prepare_text($text) {
 
-- 
cgit v1.2.3


From 12d5482fc1703b66024ec432994c87ee9c1ea432 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Thu, 4 Aug 2011 19:47:45 -0700
Subject: some fields in API timeline JSON must be int

---
 include/api.php | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

(limited to 'include')

diff --git a/include/api.php b/include/api.php
index 8644c839c..9382f82c4 100644
--- a/include/api.php
+++ b/include/api.php
@@ -286,8 +286,8 @@
 		}
 
 		$ret = Array(
-			'uid' => $uinfo[0]['uid'],
-			'id' => $uinfo[0]['cid'],
+			'uid' => intval($uinfo[0]['uid']),
+			'id' => intval($uinfo[0]['cid']),
 			'name' => $uinfo[0]['name'],
 			'screen_name' => $uinfo[0]['nick'],
 			'location' => '', //$uinfo[0]['default-location'],
@@ -295,15 +295,15 @@
 			'url' => $uinfo[0]['url'],
 			'contact_url' => $a->get_baseurl()."/contacts/".$uinfo[0]['cid'],
 			'protected' => false,	#
-			'friends_count' => $countfriends,
+			'friends_count' => intval($countfriends),
 			'created_at' => api_date($uinfo[0]['name-date']),
 			'utc_offset' => 0, #XXX: fix me
 			'time_zone' => '', //$uinfo[0]['timezone'],
 			'geo_enabled' => false,
-			'statuses_count' => $countitms, #XXX: fix me 
+			'statuses_count' => intval($countitms), #XXX: fix me 
 			'lang' => 'en', #XXX: fix me
 			'description' => '',
-			'followers_count' => $countfollowers, #XXX: fix me
+			'followers_count' => intval($countfollowers), #XXX: fix me
 			'favourites_count' => 0,
 			'contributors_enabled' => false,
 			'follow_request_sent' => false,
@@ -723,16 +723,16 @@
 				'created_at'=> api_date($item['created']),
 				'published' => datetime_convert('UTC','UTC',$item['created'],ATOM_TIME),
 				'updated'   => datetime_convert('UTC','UTC',$item['edited'],ATOM_TIME),
-				'id'		=> $item['id'],
+				'id'		=> intval($item['id']),
 				'message_id' => $item['uri'],
 				'text'		=> strip_tags(bbcode($item['body'])),
 				'html'		=> bbcode($item['body']),
 				'source'    => (($item['app']) ? $item['app'] : 'web'),
 				'url'		=> ($item['plink']!=''?$item['plink']:$item['author-link']),
 				'truncated' => False,
-				'in_reply_to_status_id' => ($item['parent']!=$item['id']?$item['parent']:''),
+				'in_reply_to_status_id' => ($item['parent']!=$item['id']? intval($item['parent']):''),
 				'in_reply_to_user_id' => '',
-				'favorited' => false,
+				'favorited' => $item['starred'] ? true : false,
 				'in_reply_to_screen_name' => '',
 				'geo' => '',
 				'coordinates' => $item['coord'],
-- 
cgit v1.2.3


From 2abcf76ec17a9a7754c399cdde9a4449308a4b02 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Thu, 4 Aug 2011 22:37:45 -0700
Subject: salmon protocol changes magicsig draft-experimental, fixes to hostxrd

---
 include/hostxrd.php | 11 -----------
 include/salmon.php  | 37 ++++++++++++++++++++++++++++++++-----
 2 files changed, 32 insertions(+), 16 deletions(-)
 delete mode 100644 include/hostxrd.php

(limited to 'include')

diff --git a/include/hostxrd.php b/include/hostxrd.php
deleted file mode 100644
index 18c3e4b1e..000000000
--- a/include/hostxrd.php
+++ /dev/null
@@ -1,11 +0,0 @@
-sign($data . $precomputed));
+	$signature   = base64url_encode($rsa->sign(str_replace('=','',$data . $precomputed),true));
 
-	$signature2  = base64url_encode($rsa->sign($data));
+	$signature2  = base64url_encode($rsa->sign($data . $precomputed));
+
+	$signature3  = base64url_encode($rsa->sign($data));
 
 	$salmon_tpl = get_markup_template('magicsig.tpl');
+
 	$salmon = replace_macros($salmon_tpl,array(
 		'$data'      => $data,
 		'$encoding'  => $encoding,
@@ -153,11 +156,11 @@ EOT;
 
 	if($return_code > 299) {
 
-		logger('slapper: compliant salmon failed. Falling back to status.net hack');
+		logger('slapper: compliant salmon failed. Falling back to status.net hack2');
 
 		// Entirely likely that their salmon implementation is
 		// non-compliant. Let's try once more, this time only signing
-		// the data, without the precomputed blob 
+		// the data, without stripping '=' chars
 
 		$salmon = replace_macros($salmon_tpl,array(
 			'$data'      => $data,
@@ -174,6 +177,30 @@ EOT;
 		));
 		$return_code = $a->get_curl_code();
 
+
+		if($return_code > 299) {
+
+			logger('slapper: compliant salmon failed. Falling back to status.net hack3');
+
+			// Entirely likely that their salmon implementation is
+			// non-compliant. Let's try once more, this time only signing
+			// the data, without the precomputed blob 
+
+			$salmon = replace_macros($salmon_tpl,array(
+				'$data'      => $data,
+				'$encoding'  => $encoding,
+				'$algorithm' => $algorithm,
+				'$keyhash'   => $keyhash,
+				'$signature' => $signature3
+			));
+
+			// slap them 
+			post_url($url,$salmon, array(
+				'Content-type: application/magic-envelope+xml',
+				'Content-length: ' . strlen($salmon)
+			));
+			$return_code = $a->get_curl_code();
+		}
 	}
 	logger('slapper returned ' . $return_code); 
 	if(! $return_code)
-- 
cgit v1.2.3


From b8592dba8ac86358d3608bcac416965dbf12c21b Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Fri, 5 Aug 2011 01:02:12 -0700
Subject: integer values don't show up in xml api results

---
 include/api.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/api.php b/include/api.php
index 9382f82c4..ffdcdfdd6 100644
--- a/include/api.php
+++ b/include/api.php
@@ -383,7 +383,7 @@
 	function api_xmlify($val){
 		if (is_bool($val)) return $val?"true":"false";
 		if (is_array($val)) return array_map('api_xmlify', $val);
-		return xmlify($val);
+		return xmlify((string) $val);
 	}
 
 	/**
-- 
cgit v1.2.3


From 112fc59e3190d29d95139fda3e861818f828b0d0 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Fri, 5 Aug 2011 05:17:18 -0700
Subject: more api tweaks

---
 include/api.php | 30 ++++++++++++++++++++++--------
 1 file changed, 22 insertions(+), 8 deletions(-)

(limited to 'include')

diff --git a/include/api.php b/include/api.php
index ffdcdfdd6..6cd3318ef 100644
--- a/include/api.php
+++ b/include/api.php
@@ -243,6 +243,13 @@
 		}
 		
 		if($uinfo[0]['self']) {
+			$usr = q("select * from user where uid = %d limit 1",
+				intval(local_user())
+			);
+			$profile = q("select * from profile where uid = %d and `is-default` = 1 limit 1",
+				intval(local_user())
+			);
+
 			// count public wall messages
 			$r = q("SELECT COUNT(`id`) as `count` FROM `item`
 					WHERE  `uid` = %d
@@ -280,9 +287,16 @@
 		);
 		$countfollowers = $r[0]['count'];
 
+		$r = q("SELECT count(`id`) as `count` FROM item where starred = 1 and uid = %d and deleted = 0",
+			intval($uinfo[0]['uid'])
+		);
+		$starred = $r[0]['count'];
+	
+
 		if(! $uinfo[0]['self']) {
 			$countfriends = 0;
 			$countfollowers = 0;
+			$starred = 0;
 		}
 
 		$ret = Array(
@@ -290,21 +304,21 @@
 			'id' => intval($uinfo[0]['cid']),
 			'name' => $uinfo[0]['name'],
 			'screen_name' => $uinfo[0]['nick'],
-			'location' => '', //$uinfo[0]['default-location'],
+			'location' => ($usr) ? $usr[0]['default-location'] : '',
 			'profile_image_url' => $uinfo[0]['micro'],
 			'url' => $uinfo[0]['url'],
 			'contact_url' => $a->get_baseurl()."/contacts/".$uinfo[0]['cid'],
-			'protected' => false,	#
+			'protected' => false,	
 			'friends_count' => intval($countfriends),
 			'created_at' => api_date($uinfo[0]['name-date']),
-			'utc_offset' => 0, #XXX: fix me
-			'time_zone' => '', //$uinfo[0]['timezone'],
+			'utc_offset' => "+00:00",
+			'time_zone' => 'UTC', //$uinfo[0]['timezone'],
 			'geo_enabled' => false,
 			'statuses_count' => intval($countitms), #XXX: fix me 
 			'lang' => 'en', #XXX: fix me
-			'description' => '',
-			'followers_count' => intval($countfollowers), #XXX: fix me
-			'favourites_count' => 0,
+			'description' => (($profile) ? $profile[0]['pdesc'] : ''),
+			'followers_count' => intval($countfollowers),
+			'favourites_count' => intval($starred),
 			'contributors_enabled' => false,
 			'follow_request_sent' => false,
 			'profile_background_color' => 'cfe8f6',
@@ -316,8 +330,8 @@
 			'profile_background_tile' => false,
 			'profile_use_background_image' => false,
 			'notifications' => false,
+			'following' => '', #XXX: fix me
 			'verified' => true, #XXX: fix me
-			'followers' => '', #XXX: fix me
 			#'status' => null
 		);
 	
-- 
cgit v1.2.3


From 8ae0a8a94c359769662b1907abb518b3f51912aa Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Fri, 5 Aug 2011 07:26:54 -0700
Subject: fix statusnet_html timelines on api

---
 include/api.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/api.php b/include/api.php
index 6cd3318ef..3c692cf74 100644
--- a/include/api.php
+++ b/include/api.php
@@ -740,7 +740,7 @@
 				'id'		=> intval($item['id']),
 				'message_id' => $item['uri'],
 				'text'		=> strip_tags(bbcode($item['body'])),
-				'html'		=> bbcode($item['body']),
+				'statusnet_html'		=> bbcode($item['body']),
 				'source'    => (($item['app']) ? $item['app'] : 'web'),
 				'url'		=> ($item['plink']!=''?$item['plink']:$item['author-link']),
 				'truncated' => False,
-- 
cgit v1.2.3


From aa3a14ec36db5f9df9d0ec27c607a994451fc845 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Fri, 5 Aug 2011 21:30:12 -0700
Subject: bug #117, use realname for screen_name in API if nickname missing

---
 include/api.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'include')

diff --git a/include/api.php b/include/api.php
index 3c692cf74..2a02458d7 100644
--- a/include/api.php
+++ b/include/api.php
@@ -303,7 +303,7 @@
 			'uid' => intval($uinfo[0]['uid']),
 			'id' => intval($uinfo[0]['cid']),
 			'name' => $uinfo[0]['name'],
-			'screen_name' => $uinfo[0]['nick'],
+			'screen_name' => (($uinfo[0]['nick']) ? $uinfo[0]['nick'] : $uinfo[0]['name']),
 			'location' => ($usr) ? $usr[0]['default-location'] : '',
 			'profile_image_url' => $uinfo[0]['micro'],
 			'url' => $uinfo[0]['url'],
@@ -356,7 +356,7 @@
 			'uid' => 0,
 			'id' => 0,
 			'name' => $item['author-name'],
-			'screen_name' => '',
+			'screen_name' => $item['author_name'],
 			'location' => '', //$uinfo[0]['default-location'],
 			'profile_image_url' => $item['author-avatar'],
 			'url' => $item['author-link'],
-- 
cgit v1.2.3


From 48ffa880f099b19052f18e399bf6af50780a24b0 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Sun, 7 Aug 2011 16:15:54 -0700
Subject: cleanup

---
 include/acl_selectors.php |  4 ++--
 include/api.php           | 12 ++++++------
 include/certfns.php       | 17 -----------------
 include/items.php         | 14 +++++++-------
 include/notifier.php      |  2 +-
 include/poller.php        | 10 +++++-----
 include/salmon.php        |  2 --
 include/security.php      |  4 ++--
 8 files changed, 23 insertions(+), 42 deletions(-)

(limited to 'include')

diff --git a/include/acl_selectors.php b/include/acl_selectors.php
index 99de67d64..48ba77a88 100644
--- a/include/acl_selectors.php
+++ b/include/acl_selectors.php
@@ -96,7 +96,7 @@ function contact_selector($selname, $selclass, $preselected = false, $options) {
 	$sql_extra = '';
 
 	if($x['mutual']) {
-		$sql_extra .= sprintf(" AND `rel` = %d ", intval(REL_BUD));
+		$sql_extra .= sprintf(" AND `rel` = %d ", intval(CONTACT_IS_FRIEND));
 	}
 
 	if(intval($x['exclude']))
@@ -163,7 +163,7 @@ function contact_select($selname, $selclass, $preselected = false, $size = 4, $p
 	$sql_extra = '';
 
 	if($privmail || $celeb) {
-		$sql_extra .= sprintf(" AND `rel` = %d ", intval(REL_BUD));
+		$sql_extra .= sprintf(" AND `rel` = %d ", intval(CONTACT_IS_FRIEND));
 	}
 
 	if($privmail) {
diff --git a/include/api.php b/include/api.php
index 2a02458d7..cf7d0304f 100644
--- a/include/api.php
+++ b/include/api.php
@@ -273,8 +273,8 @@
 				WHERE  `uid` = %d AND `rel` IN ( %d, %d )
 				AND `self`=0 AND `blocked`=0", 
 				intval($uinfo[0]['uid']),
-				intval(REL_FAN),
-				intval(REL_BUD)
+				intval(CONTACT_IS_SHARING),
+				intval(CONTACT_IS_FRIEND)
 		);
 		$countfriends = $r[0]['count'];
 
@@ -282,8 +282,8 @@
 				WHERE  `uid` = %d AND `rel` IN ( %d, %d )
 				AND `self`=0 AND `blocked`=0", 
 				intval($uinfo[0]['uid']),
-				intval(REL_VIP),
-				intval(REL_BUD)
+				intval(CONTACT_IS_FOLLOWER),
+				intval(CONTACT_IS_FRIEND)
 		);
 		$countfollowers = $r[0]['count'];
 
@@ -832,9 +832,9 @@
 			return false;
 
 		if($qtype == 'friends')
-			$sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(REL_FAN), intval(REL_BUD));
+			$sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_SHARING), intval(CONTACT_IS_FRIEND));
 		if($qtype == 'followers')
-			$sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(REL_VIP), intval(REL_BUD));
+			$sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_FOLLOWER), intval(CONTACT_IS_FRIEND));
  
 
 		$r = q("SELECT id FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra",
diff --git a/include/certfns.php b/include/certfns.php
index ffdc7f0c3..aa84cfeb6 100644
--- a/include/certfns.php
+++ b/include/certfns.php
@@ -37,8 +37,6 @@ function DerToRsa($Der)
 }
 
 
-
-
 function pkcs8_encode($Modulus,$PublicExponent) {
 	//Encode key sequence
 	$modulus = new ASNValue(ASNValue::TAG_INTEGER);
@@ -75,17 +73,6 @@ function pkcs1_encode($Modulus,$PublicExponent) {
 	//Encode bit string
 	$bitStringValue = $keySequence->Encode();
 	return $bitStringValue;
-
-//	$bitStringValue = chr(0x00) . $bitStringValue; //Add unused bits byte
-//	$bitString = new ASNValue(ASNValue::TAG_BITSTRING);
-//	$bitString->Value = $bitStringValue;
-	//Encode body
-//	$bodyValue = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00" . $bitString->Encode();
-//	$body = new ASNValue(ASNValue::TAG_SEQUENCE);
-//	$body->Value = $bodyValue;
-	//Get DER encoded public key:
-//	$PublicDER = $body->Encode();
-//	return $PublicDER;
 }
 
 
@@ -107,12 +94,8 @@ function pubrsatome($key,&$m,&$e) {
 
 	$r = ASN_BASE::parseASNString($x);
 
-//	print_r($r);
-
 	$m = base64url_decode($r[0]->asnData[0]->asnData);
 	$e = base64url_decode($r[0]->asnData[1]->asnData);
-
-
 }
 
 
diff --git a/include/items.php b/include/items.php
index 047dd4442..4c0e8312c 100644
--- a/include/items.php
+++ b/include/items.php
@@ -915,7 +915,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
 		$postvars['dissolve'] = '1';
 
 
-	if((($contact['rel']) && ($contact['rel'] != REL_FAN) && (! $contact['blocked'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) {
+	if((($contact['rel']) && ($contact['rel'] != CONTACT_IS_SHARING) && (! $contact['blocked'])) || ($owner['page-flags'] == PAGE_COMMUNITY)) {
 		$postvars['data'] = $atom;
 		$postvars['perm'] = 'rw';
 	}
@@ -1448,9 +1448,9 @@ function new_follower($importer,$contact,$datarray,$item) {
 		$nick = $rawtag[0]['child'][NAMESPACE_POCO]['preferredUsername'][0]['data'];
 
 	if(is_array($contact)) {
-		if($contact['network'] == 'stat' && $contact['rel'] == REL_FAN) {
+		if($contact['network'] == 'stat' && $contact['rel'] == CONTACT_IS_SHARING) {
 			$r = q("UPDATE `contact` SET `rel` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
-				intval(REL_BUD),
+				intval(CONTACT_IS_FRIEND),
 				intval($contact['id']),
 				intval($importer['uid'])
 			);
@@ -1472,12 +1472,12 @@ function new_follower($importer,$contact,$datarray,$item) {
 			dbesc($nick),
 			dbesc($photo),
 			dbesc('stat'),
-			intval(REL_VIP)
+			intval(CONTACT_IS_FOLLOWER)
 		);
 		$r = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `url` = '%s' AND `pending` = 1 AND `rel` = %d LIMIT 1",
 				intval($importer['uid']),
 				dbesc($url),
-				intval(REL_VIP)
+				intval(CONTACT_IS_FOLLOWER)
 		);
 		if(count($r))
 				$contact_record = $r[0];
@@ -1522,9 +1522,9 @@ function new_follower($importer,$contact,$datarray,$item) {
 
 function lose_follower($importer,$contact,$datarray,$item) {
 
-	if(($contact['rel'] == REL_BUD) || ($contact['rel'] == REL_FAN)) {
+	if(($contact['rel'] == CONTACT_IS_FRIEND) || ($contact['rel'] == CONTACT_IS_SHARING)) {
 		q("UPDATE `contact` SET `rel` = %d WHERE `id` = %d LIMIT 1",
-			intval(REL_FAN),
+			intval(CONTACT_IS_SHARING),
 			intval($contact['id'])
 		);
 	}
diff --git a/include/notifier.php b/include/notifier.php
index 9f5b27148..e1bb29eaf 100644
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -555,7 +555,7 @@ function notifier_run($argv, $argc){
 			WHERE `network` = 'dfrn' AND `uid` = %d AND `blocked` = 0 AND `pending` = 0
 			AND `rel` != %d ",
 			intval($owner['uid']),
-			intval(REL_FAN)
+			intval(CONTACT_IS_SHARING)
 		);
 
 		if((count($r)) && (($max_allowed == 0) || (count($r) < $max_allowed))) {
diff --git a/include/poller.php b/include/poller.php
index 569eb59d1..c88db6e6b 100644
--- a/include/poller.php
+++ b/include/poller.php
@@ -87,8 +87,8 @@ function poller_run($argv, $argc){
 		WHERE ( `rel` = %d OR `rel` = %d ) AND `poll` != ''
 		$sql_extra 
 		AND `self` = 0 AND `blocked` = 0 AND `readonly` = 0 ORDER BY RAND()",
-		intval(REL_FAN),
-		intval(REL_BUD)
+		intval(CONTACT_IS_SHARING),
+		intval(CONTACT_IS_FRIEND)
 	);
 
 	if(! count($contacts)) {
@@ -312,7 +312,7 @@ function poller_run($argv, $argc){
 				// Will only do this once per notify-enabled OStatus contact
 				// or if relationship changes
 
-				$stat_writeable = ((($contact['notify']) && ($contact['rel'] == REL_VIP || $contact['rel'] == REL_BUD)) ? 1 : 0);
+				$stat_writeable = ((($contact['notify']) && ($contact['rel'] == CONTACT_IS_FOLLOWER || $contact['rel'] == CONTACT_IS_FRIEND)) ? 1 : 0);
 
 				if($stat_writeable != $contact['writable']) {
 					q("UPDATE `contact` SET `writable` = %d WHERE `id` = %d LIMIT 1",
@@ -323,7 +323,7 @@ function poller_run($argv, $argc){
 
 				// Are we allowed to import from this person?
 
-				if($contact['rel'] == REL_VIP || $contact['blocked'] || $contact['readonly'])
+				if($contact['rel'] == CONTACT_IS_FOLLOWER || $contact['blocked'] || $contact['readonly'])
 					continue;
 
 				$xml = fetch_url($contact['poll']);
@@ -463,7 +463,7 @@ function poller_run($argv, $argc){
 				consume_feed($xml,$importer,$contact,$hub,1);
 
 
-				if((strlen($hub)) && ($hub_update) && (($contact['rel'] == REL_BUD) || (($contact['network'] === NETWORK_OSTATUS) && (! $contact['readonly'])))) {
+				if((strlen($hub)) && ($hub_update) && (($contact['rel'] == CONTACT_IS_FRIEND) || (($contact['network'] === NETWORK_OSTATUS) && (! $contact['readonly'])))) {
 					logger('poller: subscribing to hub(s) : ' . $hub . ' contact name : ' . $contact['name'] . ' local user : ' . $importer['name']);
 					$hubs = explode(',', $hub);
 					if(count($hubs)) {
diff --git a/include/salmon.php b/include/salmon.php
index f1cef0a49..3ccae2756 100644
--- a/include/salmon.php
+++ b/include/salmon.php
@@ -114,8 +114,6 @@ EOT;
 
 	// Setup RSA stuff to PKCS#1 sign the data
 
-	set_include_path(get_include_path() . PATH_SEPARATOR . 'library/phpsec');
-
 	require_once('library/phpsec/Crypt/RSA.php');
 
     $rsa = new CRYPT_RSA();
diff --git a/include/security.php b/include/security.php
index 789e47db2..6fbdd697f 100644
--- a/include/security.php
+++ b/include/security.php
@@ -28,8 +28,8 @@ function can_write_wall(&$a,$owner) {
 				AND `user`.`blockwall` = 0 AND `readonly` = 0  AND ( `contact`.`rel` IN ( %d , %d ) OR `user`.`page-flags` = %d ) LIMIT 1",
 				intval($owner),
 				intval(remote_user()),
-				intval(REL_VIP),
-				intval(REL_BUD),
+				intval(CONTACT_IS_FOLLOWER),
+				intval(CONTACT_IS_FRIEND),
 				intval(PAGE_COMMUNITY)
 			);
 			if(count($r)) {
-- 
cgit v1.2.3


From 1eec10329a4764f132b159e7b1bbf37added6c8a Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Sun, 7 Aug 2011 16:56:26 -0700
Subject: guid functions

---
 include/text.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'include')

diff --git a/include/text.php b/include/text.php
index d53a2ceb9..297383602 100644
--- a/include/text.php
+++ b/include/text.php
@@ -19,11 +19,11 @@ function replace_macros($s,$r) {
 }}
 
 
-// random hash, 64 chars
+// random hex string, 64 chars max
 
 if(! function_exists('random_string')) {
-function random_string() {
-	return(hash('sha256',uniqid(rand(),true)));
+function random_string($size = 64) {
+	return(substr(hash('sha256',uniqid(rand(),true)),0,$size));
 }}
 
 /**
@@ -878,7 +878,7 @@ function return_bytes ($size_str) {
     }
 }}
 
-function generate_guid() {
+function generate_user_guid() {
 	$found = true;
 	do {
 		$guid = substr(random_string(),0,16);
-- 
cgit v1.2.3


From 8812b7f4caa99d01ae0e082c0b29a2ee24aed67d Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Sun, 7 Aug 2011 17:29:26 -0700
Subject: item guids

---
 include/items.php | 2 ++
 include/text.php  | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/items.php b/include/items.php
index 4c0e8312c..50d7bd68c 100644
--- a/include/items.php
+++ b/include/items.php
@@ -747,6 +747,8 @@ function item_store($arr,$force_parent = false) {
 		}
 	}
 
+	$arr['guid'] = get_guid();
+
 	call_hooks('post_remote',$arr);
 
 	dbesc_array($arr);
diff --git a/include/text.php b/include/text.php
index 297383602..adc94b458 100644
--- a/include/text.php
+++ b/include/text.php
@@ -881,7 +881,7 @@ function return_bytes ($size_str) {
 function generate_user_guid() {
 	$found = true;
 	do {
-		$guid = substr(random_string(),0,16);
+		$guid = random_string(16);
 		$x = q("SELECT `uid` FROM `user` WHERE `guid` = '%s' LIMIT 1",
 			dbesc($guid)
 		);
-- 
cgit v1.2.3


From 6be5da67b1a0290da3938b87bebc71fd429f4414 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 8 Aug 2011 19:10:36 -0700
Subject: reparenting imported item was only partially reparenting.

---
 include/items.php | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'include')

diff --git a/include/items.php b/include/items.php
index 50d7bd68c..a378a632c 100644
--- a/include/items.php
+++ b/include/items.php
@@ -718,6 +718,13 @@ function item_store($arr,$force_parent = false) {
 			if($r[0]['uri'] != $r[0]['parent-uri']) {
 				$arr['thr-parent'] = $arr['parent-uri'];
 				$arr['parent-uri'] = $r[0]['parent-uri'];
+				$z = q("SELECT `id` FROM `item` WHERE `uri` = '%s' AND `parent-uri` = '%s' AND `uid` = %d LIMIT 1",
+					dbesc($r[0]['parent-uri']),
+					dbesc($r[0]['parent-uri']),
+					intval($arr['uid'])
+				);
+				if($z && count($z))
+					$r = $z;
 			}
 
 			$parent_id      = $r[0]['id'];
-- 
cgit v1.2.3


From df3062c612c3322f9aee8096b2cd92b19357d12d Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 8 Aug 2011 21:44:29 -0700
Subject: basic diaspora encryption

---
 include/diaspora.php | 90 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 90 insertions(+)
 create mode 100644 include/diaspora.php

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
new file mode 100644
index 000000000..eedcad719
--- /dev/null
+++ b/include/diaspora.php
@@ -0,0 +1,90 @@
+get_baseurl(), strpos('://') + 3);
+
+	$padded_data = pkcs5_pad($msg);
+	$inner_encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $padded_data, MCRYPT_MODE_CBC, $inner_iv);
+
+	$b64_data = base64_encode($inner_encrypted);
+	$b64url_data = base64url_encode($b64_data);
+	$b64url_stripped = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data);
+    $lines = str_split($b64url_stripped,60);
+    $data = implode("\n",$lines);
+	$data = $data . (($data[-1] != "\n") ? "\n" : '') ;
+	$type = 'application/atom+xml';
+	$encoding = 'base64url';
+	$alg = 'RSA-SHA256';
+
+	$signable_data = $data  . '.' . base64url_encode($type) . "\n" . '.' 
+		. base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n";
+
+	$signature = '';
+	$result = openssl_sign($signable_data,$signature,$prvkey,'SHA256');
+
+	$sig = base64url_encode($signature);
+
+$decrypted_header = <<< EOT
+
+  $b_inner_iv
+  $b_inner_aes_key
+  
+    {$contact['name']}
+    $handle
+  
+
+EOT;
+
+	$decrypted_header = pkcs5_pad($decrypted_header);
+	$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $outer_aes_key, $decrypted_header, MCRYPT_MODE_CBC, $outer_iv);
+
+	$outer_json = json_encode(array('iv' => $b64_outer_iv,'key' => $b64_outer_aes_key));
+	$encrypted_outer_key_bundle = '';
+	openssl_public_encrypt($outer_json,$encrypted_outer_key_bundle,$pubkey);
+	
+	$b64_encrypted_outer_key_bundle = base64_encode($encrypted_outer_key_bundle);
+	$encrypted_header_json_object = json_encode(array('aes_key' => base64_encode($encrypted_outer_key_bundle), 
+		'ciphertext' => base64_encode($ciphertext)));
+	$encrypted_header = '' . base64_encode($encrypted_header_json_object) . '';
+
+$magicenv = <<< EOT
+
+
+  $encrypted_header
+  
+    base64url
+    RSA-SHA256
+    $data
+    $sig
+  
+
+EOT;
+
+	return $magic_env;
+
+}
\ No newline at end of file
-- 
cgit v1.2.3


From 07c48191b6bbb140d9fca12e50856e62f0d8b6d1 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 8 Aug 2011 21:51:56 -0700
Subject: AES_256_CBC

---
 include/diaspora.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index eedcad719..316105999 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -16,14 +16,14 @@ function diaspora_base_message($type,$data) {
 function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey) {
 	$a = get_app();
 
-	$inner_aes_key = random_string(16);
+	$inner_aes_key = random_string(32);
 	$b_inner_aes_key = base64_encode($inner_aes_key);
-	$inner_iv = random_string(16);
+	$inner_iv = random_string(32);
 	$b_inner_iv = base64_encode($inner_iv);
 
-	$outer_aes_key = random_string(16);
+	$outer_aes_key = random_string(32);
 	$b_outer_aes_key = base64_encode($outer_aes_key);
-	$outer_iv = random_string(16);
+	$outer_iv = random_string(32);
 	$b_outer_iv = base64_encode($outer_iv);
 	
 	$handle = 'acct:' . $user['nickname'] . '@' . substr($a->get_baseurl(), strpos('://') + 3);
-- 
cgit v1.2.3


From 70017ebb8ce0321976a55d686178715885d1b6a9 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 9 Aug 2011 02:53:51 -0700
Subject: diaspora encrypt+decrypt working !!

---
 include/diaspora.php | 227 +++++++++++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 221 insertions(+), 6 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index 316105999..6862074c6 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -1,6 +1,43 @@
 = 400)
+		$err = 'Error';
+	if($val >= 200 && $val < 300)
+		$err = 'OK';
+
+	logger('mod-diaspora returns ' . $val);	
+	header($_SERVER["SERVER_PROTOCOL"] . ' ' . $val . ' ' . $err);
+	killme();
+
+}
+
+
+function get_diaspora_key($uri) {
+	$key = '';
+
+	logger('Fetching diaspora key for: ' . $uri);
+
+	$arr = lrdd($uri);
+
+	if(is_array($arr)) {
+		foreach($arr as $a) {
+			if($a['@attributes']['rel'] === 'diaspora-public-key') {
+				$key = base64_decode($a['@attributes']['href']);
+			}
+		}
+	}
+	else {
+		return '';
+	}
+
+	if($key)
+		return rsatopem($key);
+	return '';
+}
 
 
 function diaspora_base_message($type,$data) {
@@ -26,12 +63,14 @@ function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey) {
 	$outer_iv = random_string(32);
 	$b_outer_iv = base64_encode($outer_iv);
 	
-	$handle = 'acct:' . $user['nickname'] . '@' . substr($a->get_baseurl(), strpos('://') + 3);
+	$handle = 'acct:' . $user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
 
-	$padded_data = pkcs5_pad($msg);
+	$padded_data = pkcs5_pad($msg,16);
 	$inner_encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $padded_data, MCRYPT_MODE_CBC, $inner_iv);
 
 	$b64_data = base64_encode($inner_encrypted);
+echo "inner: $b64_data";
+
 	$b64url_data = base64url_encode($b64_data);
 	$b64url_stripped = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data);
     $lines = str_split($b64url_stripped,60);
@@ -60,10 +99,15 @@ $decrypted_header = <<< EOT
 
 EOT;
 
-	$decrypted_header = pkcs5_pad($decrypted_header);
+	$decrypted_header = pkcs5_pad($decrypted_header,16);
+logger("decrypted_header: $decrypted_header");
 	$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $outer_aes_key, $decrypted_header, MCRYPT_MODE_CBC, $outer_iv);
 
-	$outer_json = json_encode(array('iv' => $b64_outer_iv,'key' => $b64_outer_aes_key));
+logger( "encrypted_ciphertext: " . base64_encode($ciphertext));
+	logger("encrypt_outer_key: $b_outer_aes_key");
+	logger("ecnrypt_outer_iv: $b_outer_iv");
+
+	$outer_json = json_encode(array('iv' => $b_outer_iv,'key' => $b_outer_aes_key));
 	$encrypted_outer_key_bundle = '';
 	openssl_public_encrypt($outer_json,$encrypted_outer_key_bundle,$pubkey);
 	
@@ -72,7 +116,7 @@ EOT;
 		'ciphertext' => base64_encode($ciphertext)));
 	$encrypted_header = '' . base64_encode($encrypted_header_json_object) . '';
 
-$magicenv = <<< EOT
+$magic_env = <<< EOT
 
 
   $encrypted_header
@@ -87,4 +131,175 @@ EOT;
 
 	return $magic_env;
 
-}
\ No newline at end of file
+}
+
+
+function diaspora_decode($importer,$xml) {
+	$basedom = parse_xml_string($xml);
+
+	if($basedom)
+		logger('parsed dom');
+
+	$atom = $basedom->children(NAMESPACE_ATOM1);
+
+	logger('atom: ' . count($atom));
+	$encrypted_header = json_decode(base64_decode($atom->encrypted_header));
+
+	print_r($encrypted_header);
+	
+	$encrypted_aes_key_bundle = base64_decode($encrypted_header->aes_key);
+	$ciphertext = base64_decode($encrypted_header->ciphertext);
+
+	logger('encrypted_aes: ' . print_r($encrypted_aes_key_bundle,true));
+	logger('ciphertext: ' . print_r($ciphertext,true));
+
+	$outer_key_bundle = '';
+	openssl_private_decrypt($encrypted_aes_key_bundle,$outer_key_bundle,$importer['prvkey']);
+
+	logger('outer_bundle: ' . print_r($outer_key_bundle,true));
+
+	$j_outer_key_bundle = json_decode($outer_key_bundle);
+
+	$outer_iv = base64_decode($j_outer_key_bundle->iv);
+	$outer_key = base64_decode($j_outer_key_bundle->key);
+
+	logger("outer_iv: $outer_iv");
+	logger("outer_key: $outer_key");
+	logger("ciphertext: " . base64_encode($ciphertext));
+
+	$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv);
+
+	$decrypted = pkcs5_unpad($decrypted);
+
+	logger('decrypted: ' . print_r($decrypted,true));
+
+	/**
+	 * $decrypted now contains something like
+	 *
+	 *  
+	 *     8e+G2+ET8l5BPuW0sVTnQw==
+	 *     UvSMb4puPeB14STkcDWq+4QE302Edu15oaprAQSkLKU=
+	 *     
+	 *       Ryan Hughes
+	 *       acct:galaxor@diaspora.pirateship.org
+	 *     
+	 *  
+	 */
+
+	$idom = parse_xml_string($decrypted,false);
+
+	$inner_iv = base64_decode($idom->iv);
+	$inner_aes_key = base64_decode($idom->aes_key);
+logger('idom: ' . print_r($idom,true));
+
+	$author_link = str_replace('acct:','',$idom->author->uri);
+
+	logger('inner_iv: ' . $inner_iv);
+
+	$dom = $basedom->children(NAMESPACE_SALMON_ME);
+
+	if($dom)
+		logger('have dom');
+
+	logger('dom: ' . count($dom));
+	// figure out where in the DOM tree our data is hiding
+
+	if($dom->provenance->data)
+		$base = $dom->provenance;
+	elseif($dom->env->data)
+		$base = $dom->env;
+	elseif($dom->data)
+		$base = $dom;
+	
+	if(! $base) {
+		logger('mod-diaspora: unable to locate salmon data in xml ');
+		dt_return(400);
+	}
+
+
+	// Stash the signature away for now. We have to find their key or it won't be good for anything.
+	$signature = base64url_decode($base->sig);
+
+	logger('signature: ' . bin2hex($signature));
+
+	// unpack the  data
+
+	// strip whitespace so our data element will return to one big base64 blob
+	$data = str_replace(array(" ","\t","\r","\n"),array("","","",""),$base->data);
+	// Add back the 60 char linefeeds
+    $lines = str_split($data,60);
+    $data = implode("\n",$lines);
+
+
+	// stash away some other stuff for later
+
+	$type = $base->data[0]->attributes()->type[0];
+	$keyhash = $base->sig[0]->attributes()->keyhash[0];
+	$encoding = $base->encoding;
+	$alg = $base->alg;
+
+	$signed_data = $data  . (($data[-1] != "\n") ? "\n" : '') . '.' . base64url_encode($type) . "\n" . '.' . base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n";
+
+	logger('signed data: ' . $signed_data);
+
+	// decode the data
+	$data = base64url_decode($data);
+
+	// Now pull out the inner encrypted blob
+
+	$inner_encrypted = base64_decode($data);
+
+	$inner_decrypted = 
+	$inner_decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $inner_encrypted, MCRYPT_MODE_CBC, $inner_iv);
+
+	$inner_decrypted = pkcs5_unpad($inner_decrypted);
+
+	logger('inner_decrypted: ' . $inner_decrypted);
+
+
+
+	if(! $author_link) {
+		logger('mod-diaspora: Could not retrieve author URI.');
+		receive_return(400);
+	}
+
+	// Once we have the author URI, go to the web and try to find their public key
+	// *** or look it up locally ***
+
+	logger('mod-diaspora: Fetching key for ' . $author_link );
+
+	// Get diaspora public key (pkcs#1) and convert to pkcs#8
+ 	$key = get_diaspora_key($author_link);
+
+	if(! $key) {
+		logger('mod-salmon: Could not retrieve author key.');
+		receive_return(400);
+	}
+
+	$verify = false;
+
+	if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
+    	$verify = openssl_verify($signed_data,$signature,$key,'sha256');
+	}
+	else {
+		// fallback sha256 verify for PHP < 5.3
+		$rawsig = '';
+		$hash = hash('sha256',$signed_data,true);
+		openssl_public_decrypt($signature,$rawsig,$key);
+		$verify = (($rawsig && substr($rawsig,-32) === $hash) ? true : false);
+	}
+
+	if(! $verify) {
+		logger('mod-diaspora: Message did not verify. Discarding.');
+		receive_return(400);
+	}
+
+	logger('mod-diaspora: Message verified.');
+
+	return $inner_decrypted;
+
+}
+
+
+
+
-- 
cgit v1.2.3


From 49be3941828668e762141972afa1324045805f20 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 9 Aug 2011 06:40:28 -0700
Subject: diaspora - remove debugging code on encrypt/decrypt

---
 include/diaspora.php | 42 ++++--------------------------------------
 1 file changed, 4 insertions(+), 38 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index 6862074c6..d25137bf3 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -69,7 +69,7 @@ function diaspora_msg_build($msg,$user,$contact,$prvkey,$pubkey) {
 	$inner_encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $padded_data, MCRYPT_MODE_CBC, $inner_iv);
 
 	$b64_data = base64_encode($inner_encrypted);
-echo "inner: $b64_data";
+
 
 	$b64url_data = base64url_encode($b64_data);
 	$b64url_stripped = str_replace(array("\n","\r"," ","\t"),array('','','',''),$b64url_data);
@@ -100,12 +100,8 @@ $decrypted_header = <<< EOT
 EOT;
 
 	$decrypted_header = pkcs5_pad($decrypted_header,16);
-logger("decrypted_header: $decrypted_header");
-	$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $outer_aes_key, $decrypted_header, MCRYPT_MODE_CBC, $outer_iv);
 
-logger( "encrypted_ciphertext: " . base64_encode($ciphertext));
-	logger("encrypt_outer_key: $b_outer_aes_key");
-	logger("ecnrypt_outer_iv: $b_outer_iv");
+	$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $outer_aes_key, $decrypted_header, MCRYPT_MODE_CBC, $outer_iv);
 
 	$outer_json = json_encode(array('iv' => $b_outer_iv,'key' => $b_outer_aes_key));
 	$encrypted_outer_key_bundle = '';
@@ -135,44 +131,28 @@ EOT;
 
 
 function diaspora_decode($importer,$xml) {
-	$basedom = parse_xml_string($xml);
 
-	if($basedom)
-		logger('parsed dom');
+	$basedom = parse_xml_string($xml);
 
 	$atom = $basedom->children(NAMESPACE_ATOM1);
 
-	logger('atom: ' . count($atom));
 	$encrypted_header = json_decode(base64_decode($atom->encrypted_header));
-
-	print_r($encrypted_header);
 	
 	$encrypted_aes_key_bundle = base64_decode($encrypted_header->aes_key);
 	$ciphertext = base64_decode($encrypted_header->ciphertext);
 
-	logger('encrypted_aes: ' . print_r($encrypted_aes_key_bundle,true));
-	logger('ciphertext: ' . print_r($ciphertext,true));
-
 	$outer_key_bundle = '';
 	openssl_private_decrypt($encrypted_aes_key_bundle,$outer_key_bundle,$importer['prvkey']);
 
-	logger('outer_bundle: ' . print_r($outer_key_bundle,true));
-
 	$j_outer_key_bundle = json_decode($outer_key_bundle);
 
 	$outer_iv = base64_decode($j_outer_key_bundle->iv);
 	$outer_key = base64_decode($j_outer_key_bundle->key);
 
-	logger("outer_iv: $outer_iv");
-	logger("outer_key: $outer_key");
-	logger("ciphertext: " . base64_encode($ciphertext));
-
 	$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv);
 
 	$decrypted = pkcs5_unpad($decrypted);
 
-	logger('decrypted: ' . print_r($decrypted,true));
-
 	/**
 	 * $decrypted now contains something like
 	 *
@@ -190,18 +170,11 @@ function diaspora_decode($importer,$xml) {
 
 	$inner_iv = base64_decode($idom->iv);
 	$inner_aes_key = base64_decode($idom->aes_key);
-logger('idom: ' . print_r($idom,true));
 
 	$author_link = str_replace('acct:','',$idom->author->uri);
 
-	logger('inner_iv: ' . $inner_iv);
-
 	$dom = $basedom->children(NAMESPACE_SALMON_ME);
 
-	if($dom)
-		logger('have dom');
-
-	logger('dom: ' . count($dom));
 	// figure out where in the DOM tree our data is hiding
 
 	if($dom->provenance->data)
@@ -220,8 +193,6 @@ logger('idom: ' . print_r($idom,true));
 	// Stash the signature away for now. We have to find their key or it won't be good for anything.
 	$signature = base64url_decode($base->sig);
 
-	logger('signature: ' . bin2hex($signature));
-
 	// unpack the  data
 
 	// strip whitespace so our data element will return to one big base64 blob
@@ -240,7 +211,6 @@ logger('idom: ' . print_r($idom,true));
 
 	$signed_data = $data  . (($data[-1] != "\n") ? "\n" : '') . '.' . base64url_encode($type) . "\n" . '.' . base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n";
 
-	logger('signed data: ' . $signed_data);
 
 	// decode the data
 	$data = base64url_decode($data);
@@ -254,10 +224,6 @@ logger('idom: ' . print_r($idom,true));
 
 	$inner_decrypted = pkcs5_unpad($inner_decrypted);
 
-	logger('inner_decrypted: ' . $inner_decrypted);
-
-
-
 	if(! $author_link) {
 		logger('mod-diaspora: Could not retrieve author URI.');
 		receive_return(400);
@@ -272,7 +238,7 @@ logger('idom: ' . print_r($idom,true));
  	$key = get_diaspora_key($author_link);
 
 	if(! $key) {
-		logger('mod-salmon: Could not retrieve author key.');
+		logger('mod-diaspora: Could not retrieve author key.');
 		receive_return(400);
 	}
 
-- 
cgit v1.2.3


From 1bfe1283aa38454369f29883411a6c012c88df59 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 9 Aug 2011 18:55:46 -0700
Subject: crypto stuff

---
 include/certfns.php  | 130 ------------------------------------
 include/crypto.php   | 184 +++++++++++++++++++++++++++++++++++++++++++++++++++
 include/diaspora.php |  25 ++-----
 include/network.php  |  14 ++++
 include/salmon.php   |  31 ++-------
 include/text.php     |   6 +-
 6 files changed, 212 insertions(+), 178 deletions(-)
 delete mode 100644 include/certfns.php
 create mode 100644 include/crypto.php

(limited to 'include')

diff --git a/include/certfns.php b/include/certfns.php
deleted file mode 100644
index aa84cfeb6..000000000
--- a/include/certfns.php
+++ /dev/null
@@ -1,130 +0,0 @@
-SetIntBuffer($Modulus);
-	$publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
-	$publicExponent->SetIntBuffer($PublicExponent);
-	$keySequenceItems = array($modulus, $publicExponent);
-	$keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
-	$keySequence->SetSequence($keySequenceItems);
-	//Encode bit string
-	$bitStringValue = $keySequence->Encode();
-	$bitStringValue = chr(0x00) . $bitStringValue; //Add unused bits byte
-	$bitString = new ASNValue(ASNValue::TAG_BITSTRING);
-	$bitString->Value = $bitStringValue;
-	//Encode body
-	$bodyValue = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00" . $bitString->Encode();
-	$body = new ASNValue(ASNValue::TAG_SEQUENCE);
-	$body->Value = $bodyValue;
-	//Get DER encoded public key:
-	$PublicDER = $body->Encode();
-	return $PublicDER;
-}
-
-
-function pkcs1_encode($Modulus,$PublicExponent) {
-	//Encode key sequence
-	$modulus = new ASNValue(ASNValue::TAG_INTEGER);
-	$modulus->SetIntBuffer($Modulus);
-	$publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
-	$publicExponent->SetIntBuffer($PublicExponent);
-	$keySequenceItems = array($modulus, $publicExponent);
-	$keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
-	$keySequence->SetSequence($keySequenceItems);
-	//Encode bit string
-	$bitStringValue = $keySequence->Encode();
-	return $bitStringValue;
-}
-
-
-function metopem($m,$e) {
-	$der = pkcs8_encode($m,$e);
-	$key = DerToPem($der,false);
-	return $key;
-}	
-
-
-function pubrsatome($key,&$m,&$e) {
-	require_once('library/asn1.php');
-	require_once('include/salmon.php');
-
-	$lines = explode("\n",$key);
-	unset($lines[0]);
-	unset($lines[count($lines)]);
-	$x = base64_decode(implode('',$lines));
-
-	$r = ASN_BASE::parseASNString($x);
-
-	$m = base64url_decode($r[0]->asnData[0]->asnData);
-	$e = base64url_decode($r[0]->asnData[1]->asnData);
-}
-
-
-function rsatopem($key) {
-	pubrsatome($key,$m,$e);
-	return(metopem($m,$e));
-}
-
-function pemtorsa($key) {
-	pemtome($key,$m,$e);
-	return(metorsa($m,$e));
-}
-
-function pemtome($key,&$m,&$e) {
-	require_once('include/salmon.php');
-	$lines = explode("\n",$key);
-	unset($lines[0]);
-	unset($lines[count($lines)]);
-	$x = base64_decode(implode('',$lines));
-
-	$r = ASN_BASE::parseASNString($x);
-
-	$m = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[0]->asnData);
-	$e = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[1]->asnData);
-}
-
-function metorsa($m,$e) {
-	$der = pkcs1_encode($m,$e);
-	$key = DerToRsa($der);
-	return $key;
-}	
-
diff --git a/include/crypto.php b/include/crypto.php
new file mode 100644
index 000000000..1ab9e7b25
--- /dev/null
+++ b/include/crypto.php
@@ -0,0 +1,184 @@
+=')) {
+		openssl_sign($data,$sig,$key,'sha256');
+    }
+    else {
+		if(strlen($key) < 1024 || extension_loaded('gmp')) {
+			require_once('library/phpsec/Crypt/RSA.php');
+			$rsa = new CRYPT_RSA();
+			$rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1;
+			$rsa->setHash('sha256');
+			$rsa->loadKey($key);
+			$sig = $rsa->sign($data);
+		}
+		else {
+			logger('rsa_sign: insecure algorithm used. Please upgrade PHP to 5.3');
+			openssl_private_encrypt(hex2bin('3031300d060960864801650304020105000420') . hash('sha256',$data,true), $sig, $key);
+		}
+	}
+	return $sig;
+}
+
+function rsa_verify($data,$sig,$key) {
+
+	if (version_compare(PHP_VERSION, '5.3.0', '>=')) {
+		$verify = openssl_verify($data,$sig,$key,'sha256');
+    }
+    else {
+		if(strlen($key) <= 300 || extension_loaded('gmp')) {
+			require_once('library/phpsec/Crypt/RSA.php');
+			$rsa = new CRYPT_RSA();
+			$rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1;
+			$rsa->setHash('sha256');
+			$rsa->loadKey($key);
+			$verify = $rsa->verify($data,$sig);
+		}
+		else {
+			// fallback sha256 verify for PHP < 5.3 and large key lengths
+			$rawsig = '';
+        	openssl_public_decrypt($sig,$rawsig,$key);
+	        $verify = (($rawsig && substr($rawsig,-32) === hash('sha256',$data,true)) ? true : false);
+    	}
+	}
+	return $verify;
+}
+
+
+function DerToPem($Der, $Private=false)
+{
+    //Encode:
+    $Der = base64_encode($Der);
+    //Split lines:
+    $lines = str_split($Der, 65);
+    $body = implode("\n", $lines);
+    //Get title:
+    $title = $Private? 'RSA PRIVATE KEY' : 'PUBLIC KEY';
+    //Add wrapping:
+    $result = "-----BEGIN {$title}-----\n";
+    $result .= $body . "\n";
+    $result .= "-----END {$title}-----\n";
+ 
+    return $result;
+}
+
+function DerToRsa($Der)
+{
+    //Encode:
+    $Der = base64_encode($Der);
+    //Split lines:
+    $lines = str_split($Der, 65);
+    $body = implode("\n", $lines);
+    //Get title:
+    $title = 'RSA PUBLIC KEY';
+    //Add wrapping:
+    $result = "-----BEGIN {$title}-----\n";
+    $result .= $body . "\n";
+    $result .= "-----END {$title}-----\n";
+ 
+    return $result;
+}
+
+
+function pkcs8_encode($Modulus,$PublicExponent) {
+	//Encode key sequence
+	$modulus = new ASNValue(ASNValue::TAG_INTEGER);
+	$modulus->SetIntBuffer($Modulus);
+	$publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
+	$publicExponent->SetIntBuffer($PublicExponent);
+	$keySequenceItems = array($modulus, $publicExponent);
+	$keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
+	$keySequence->SetSequence($keySequenceItems);
+	//Encode bit string
+	$bitStringValue = $keySequence->Encode();
+	$bitStringValue = chr(0x00) . $bitStringValue; //Add unused bits byte
+	$bitString = new ASNValue(ASNValue::TAG_BITSTRING);
+	$bitString->Value = $bitStringValue;
+	//Encode body
+	$bodyValue = "\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01\x05\x00" . $bitString->Encode();
+	$body = new ASNValue(ASNValue::TAG_SEQUENCE);
+	$body->Value = $bodyValue;
+	//Get DER encoded public key:
+	$PublicDER = $body->Encode();
+	return $PublicDER;
+}
+
+
+function pkcs1_encode($Modulus,$PublicExponent) {
+	//Encode key sequence
+	$modulus = new ASNValue(ASNValue::TAG_INTEGER);
+	$modulus->SetIntBuffer($Modulus);
+	$publicExponent = new ASNValue(ASNValue::TAG_INTEGER);
+	$publicExponent->SetIntBuffer($PublicExponent);
+	$keySequenceItems = array($modulus, $publicExponent);
+	$keySequence = new ASNValue(ASNValue::TAG_SEQUENCE);
+	$keySequence->SetSequence($keySequenceItems);
+	//Encode bit string
+	$bitStringValue = $keySequence->Encode();
+	return $bitStringValue;
+}
+
+
+function metopem($m,$e) {
+	$der = pkcs8_encode($m,$e);
+	$key = DerToPem($der,false);
+	return $key;
+}	
+
+
+function pubrsatome($key,&$m,&$e) {
+	require_once('library/asn1.php');
+	require_once('include/salmon.php');
+
+	$lines = explode("\n",$key);
+	unset($lines[0]);
+	unset($lines[count($lines)]);
+	$x = base64_decode(implode('',$lines));
+
+	$r = ASN_BASE::parseASNString($x);
+
+	$m = base64url_decode($r[0]->asnData[0]->asnData);
+	$e = base64url_decode($r[0]->asnData[1]->asnData);
+}
+
+
+function rsatopem($key) {
+	pubrsatome($key,$m,$e);
+	return(metopem($m,$e));
+}
+
+function pemtorsa($key) {
+	pemtome($key,$m,$e);
+	return(metorsa($m,$e));
+}
+
+function pemtome($key,&$m,&$e) {
+	require_once('include/salmon.php');
+	$lines = explode("\n",$key);
+	unset($lines[0]);
+	unset($lines[count($lines)]);
+	$x = base64_decode(implode('',$lines));
+
+	$r = ASN_BASE::parseASNString($x);
+
+	$m = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[0]->asnData);
+	$e = base64url_decode($r[0]->asnData[1]->asnData[0]->asnData[1]->asnData);
+}
+
+function metorsa($m,$e) {
+	$der = pkcs1_encode($m,$e);
+	$key = DerToRsa($der);
+	return $key;
+}	
+
+function salmon_key($pubkey) {
+	pemtome($pubkey,$m,$e);
+	return 'RSA' . '.' . base64url_encode($m,true) . '.' . base64url_encode($e,true) ;
+}
diff --git a/include/diaspora.php b/include/diaspora.php
index d25137bf3..e39617aa3 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -1,6 +1,6 @@
 =')) {
-    	$verify = openssl_verify($signed_data,$signature,$key,'sha256');
-	}
-	else {
-		// fallback sha256 verify for PHP < 5.3
-		$rawsig = '';
-		$hash = hash('sha256',$signed_data,true);
-		openssl_public_decrypt($signature,$rawsig,$key);
-		$verify = (($rawsig && substr($rawsig,-32) === $hash) ? true : false);
-	}
+	$verify = rsa_verify($signed_data,$signature,$key);
 
 	if(! $verify) {
 		logger('mod-diaspora: Message did not verify. Discarding.');
-		receive_return(400);
+		http_status_exit(400);
 	}
 
 	logger('mod-diaspora: Message verified.');
diff --git a/include/network.php b/include/network.php
index 48e830e84..ddfc34977 100644
--- a/include/network.php
+++ b/include/network.php
@@ -181,6 +181,20 @@ function xml_status($st, $message = '') {
 }}
 
 
+if(! function_exists('http_status_exit')) {
+function http_status_exit($val) {
+
+	if($val >= 400)
+		$err = 'Error';
+	if($val >= 200 && $val < 300)
+		$err = 'OK';
+
+	logger('http_status_exit ' . $val);	
+	header($_SERVER["SERVER_PROTOCOL"] . ' ' . $val . ' ' . $err);
+	killme();
+
+}}
+
 
 // convert an XML document to a normalised, case-corrected array
 // used by webfinger
diff --git a/include/salmon.php b/include/salmon.php
index 3ccae2756..4043b4f1d 100644
--- a/include/salmon.php
+++ b/include/salmon.php
@@ -1,21 +1,7 @@
 asnData[1]->asnData[0]->asnData[0]->asnData;
-	$e = $r[0]->asnData[1]->asnData[0]->asnData[1]->asnData;
-
-
-	return 'RSA' . '.' . $m . '.' . $e ;
-}
 
 
 function get_salmon_key($uri,$keyhash) {
@@ -112,24 +98,15 @@ EOT;
 	$algorithm = 'RSA-SHA256';
 	$keyhash   = base64url_encode(hash('sha256',salmon_key($owner['spubkey'])),true);
 
-	// Setup RSA stuff to PKCS#1 sign the data
-
-	require_once('library/phpsec/Crypt/RSA.php');
-
-    $rsa = new CRYPT_RSA();
-    $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1;
-    $rsa->setHash('sha256');
-	$rsa->loadKey($owner['sprvkey']);
-
 	// precomputed base64url encoding of data_type, encoding, algorithm concatenated with periods
 
 	$precomputed = '.YXBwbGljYXRpb24vYXRvbSt4bWw=.YmFzZTY0dXJs.UlNBLVNIQTI1Ng==';
 
-	$signature   = base64url_encode($rsa->sign(str_replace('=','',$data . $precomputed),true));
+	$signature   = base64url_encode(rsa_sign(str_replace('=','',$data . $precomputed),true),$owner['sprvkey']);
 
-	$signature2  = base64url_encode($rsa->sign($data . $precomputed));
+	$signature2  = base64url_encode(rsa_sign($data . $precomputed),$owner['sprvkey']);
 
-	$signature3  = base64url_encode($rsa->sign($data));
+	$signature3  = base64url_encode(rsa_sign($data),$owner['sprvkey']);
 
 	$salmon_tpl = get_markup_template('magicsig.tpl');
 
diff --git a/include/text.php b/include/text.php
index adc94b458..7b43cd340 100644
--- a/include/text.php
+++ b/include/text.php
@@ -671,7 +671,7 @@ function smilies($s) {
 	$a = get_app();
 
 	return str_replace(
-	array( '<3', '</3', '<\\3', ':-)', ':)', ';-)', ':-(', ':(', ':-P', ':P', ':-"', ':-x', ':-X', ':-D', '8-|', '8-O'),
+	array( '<3', '</3', '<\\3', ':-)', ':)', ';-)', ':-(', ':(', ':-P', ':P', ':-"', ':-x', ':-X', ':-D', '8-|', '8-O', '~friendika' ),
 	array(
 		'<3',
 		'</3',
@@ -688,7 +688,9 @@ function smilies($s) {
 		':-X',
 		':-D',
 		'8-|',
-		'8-O'
+		'8-O',
+		'~friendika ~friendika',
+
 	), $s);
 }}
 
-- 
cgit v1.2.3


From cbfb40c43fd63d149ed3d4aa1b056bccb437cc32 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 9 Aug 2011 22:11:01 -0700
Subject: use mailto: to specify a new email contact and over-rider webfinger

---
 include/Scrape.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/Scrape.php b/include/Scrape.php
index 9bf89a49e..ef5d7dcae 100644
--- a/include/Scrape.php
+++ b/include/Scrape.php
@@ -297,7 +297,13 @@ function probe_url($url) {
 	$at_addr = ((strpos($url,'@') !== false) ? true : false);
 
 	if(! $twitter) {
-		$links = lrdd($url);
+
+		if(strpos($url,'mailto:') !== false && $at_addr) {
+			$url = str_replace('mailto:','',$url);
+			$links = array();
+		}
+		else
+			$links = lrdd($url);
 
 		if(count($links)) {
 			logger('probe_url: found lrdd links: ' . print_r($links,true), LOGGER_DATA);
-- 
cgit v1.2.3


From ee6806d82b8a174f5922b396fbe473a8f3ed883f Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Wed, 10 Aug 2011 01:19:27 -0700
Subject: never enough comments

---
 include/config.php | 13 +++++++++++++
 include/poller.php |  3 ++-
 2 files changed, 15 insertions(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/config.php b/include/config.php
index fe675bc33..f565ab117 100644
--- a/include/config.php
+++ b/include/config.php
@@ -1,5 +1,18 @@
 
Date: Wed, 10 Aug 2011 05:10:48 -0700
Subject: diaspora function dispatcher

---
 include/diaspora.php | 34 ++++++++++++++++++++--------------
 1 file changed, 20 insertions(+), 14 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index e39617aa3..f799b6a49 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -2,20 +2,6 @@
 
 require_once('include/crypto.php');
 
-function receive_return($val) {
-
-	if($val >= 400)
-		$err = 'Error';
-	if($val >= 200 && $val < 300)
-		$err = 'OK';
-
-	logger('mod-diaspora returns ' . $val);	
-	header($_SERVER["SERVER_PROTOCOL"] . ' ' . $val . ' ' . $err);
-	killme();
-
-}
-
-
 function get_diaspora_key($uri) {
 	$key = '';
 
@@ -256,3 +242,23 @@ function diaspora_decode($importer,$xml) {
 
 
 
+function diaspora_request($importer,$contact,$xml) {
+
+}
+
+function diaspora_post($importer,$contact,$xml) {
+
+}
+
+function diaspora_comment($importer,$contact,$xml) {
+
+}
+
+function diaspora_like($importer,$contact,$xml) {
+
+}
+
+function diaspora_retraction($importer,$contact,$xml) {
+
+}
+
-- 
cgit v1.2.3


From 06408664db04cd1cac255d21e7bab54e6ba0c047 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Wed, 10 Aug 2011 05:28:39 -0700
Subject: Diaspora logo

---
 include/text.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/text.php b/include/text.php
index 7b43cd340..0641689d5 100644
--- a/include/text.php
+++ b/include/text.php
@@ -671,7 +671,8 @@ function smilies($s) {
 	$a = get_app();
 
 	return str_replace(
-	array( '<3', '</3', '<\\3', ':-)', ':)', ';-)', ':-(', ':(', ':-P', ':P', ':-"', ':-x', ':-X', ':-D', '8-|', '8-O', '~friendika' ),
+	array( '<3', '</3', '<\\3', ':-)', ':)', ';-)', ':-(', ':(', ':-P', ':P', ':-"', ':-x', ':-X', ':-D', '8-|', '8-O', 
+		'~friendika', 'Diaspora*' ),
 	array(
 		'<3',
 		'</3',
@@ -690,6 +691,7 @@ function smilies($s) {
 		'8-|',
 		'8-O',
 		'~friendika ~friendika',
+		'DiasporaDiaspora*',
 
 	), $s);
 }}
-- 
cgit v1.2.3


From 684ebd2ed8a2b225860b59256bf81146b1867d6a Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Wed, 10 Aug 2011 21:06:35 -0700
Subject: enhance random_string, block public email replies

---
 include/group.php  |  2 +-
 include/main.js    |  3 ++-
 include/poller.php |  2 ++
 include/text.php   | 13 ++++++++++---
 4 files changed, 15 insertions(+), 5 deletions(-)

(limited to 'include')

diff --git a/include/group.php b/include/group.php
index 8ee7face6..1ebae7b7b 100644
--- a/include/group.php
+++ b/include/group.php
@@ -170,7 +170,7 @@ EOT;
 			$o .= '	
  • ' 
 			. (($edit) ? "\"" " : "") 
-			. (($cid) ? '' : '')
 			. "{$rr['name']}
    • \r\n";
 		}
diff --git a/include/main.js b/include/main.js
index e5c78a065..6db1f4179 100644
--- a/include/main.js
+++ b/include/main.js
@@ -344,7 +344,7 @@
 	function contactgroupChangeMember(gid,cid) {
 		$('body').css('cursor', 'wait');
 		$.get('contactgroup/' + gid + '/' + cid, function(data) {
-				$('body').css('cursor', 'auto');				
+				$('body').css('cursor', 'auto');
 		});
 	}
 
@@ -402,3 +402,4 @@ Array.prototype.remove = function(item) {
   this.length = from < 0 ? this.length + from : from;
   return this.push.apply(this, rest);
 };
+
diff --git a/include/poller.php b/include/poller.php
index 611dd20bf..6ac99fc7d 100644
--- a/include/poller.php
+++ b/include/poller.php
@@ -421,6 +421,8 @@ function poller_run($argv, $argc){
 							$datarray['contact-id'] = $contact['id'];
 							if($datarray['parent-uri'] === $datarray['uri'])
 								$datarray['private'] = 1;
+							if(! get_pconfig($importer_uid,'system','allow_public_email_replies'))
+								$datarray['private'] = 1;
 							$datarray['author-name'] = $contact['name'];
 							$datarray['author-link'] = 'mailbox';
 							$datarray['author-avatar'] = $contact['photo'];
diff --git a/include/text.php b/include/text.php
index 0641689d5..aeb20bb0f 100644
--- a/include/text.php
+++ b/include/text.php
@@ -19,11 +19,18 @@ function replace_macros($s,$r) {
 }}
 
 
-// random hex string, 64 chars max
+// random string, there are 86 characters max in text mode, 128 for hex
+// output is urlsafe
+
+define('RANDOM_STRING_HEX',  0x00 );
+define('RANDOM_STRING_TEXT', 0x01 );
 
 if(! function_exists('random_string')) {
-function random_string($size = 64) {
-	return(substr(hash('sha256',uniqid(rand(),true)),0,$size));
+function random_string($size = 64,$type = RANDOM_STRING_HEX) {
+	// generate a bit of entropy and run it through the whirlpool
+	$s = hash('whirlpool', (string) rand() . uniqid(rand(),true) . (string) rand(),(($type == RANDOM_STRING_TEXT) ? true : false));
+	$s = (($type == RANDOM_STRING_TEXT) ? str_replace("\n","",base64url_encode($s,true)) : $s);
+	return(substr($s,0,$size));
 }}
 
 /**
-- 
cgit v1.2.3


From ac4ce27e88fa8d5c5298e2a35538215fed596dd4 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Wed, 10 Aug 2011 21:46:19 -0700
Subject: keep private emails out of any offsite feeds

---
 include/items.php    | 3 +++
 include/notifier.php | 5 +++++
 2 files changed, 8 insertions(+)

(limited to 'include')

diff --git a/include/items.php b/include/items.php
index a378a632c..be231f34d 100644
--- a/include/items.php
+++ b/include/items.php
@@ -153,6 +153,9 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
 
 		if($dfrn_id === '') {
 			$type = 'html';
+			// catch any email that's in a public conversation and make sure it doesn't leak
+			if($item['private'])
+				continue;
 		}
 		else {
 			$type = 'text';
diff --git a/include/notifier.php b/include/notifier.php
index e1bb29eaf..bd78d7560 100644
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -289,6 +289,11 @@ function notifier_run($argv, $argc){
 				if(! $item['parent'])
 					continue;
 
+				// private emails may be in included in public conversations. Filter them.
+
+				if(($notify_hub) && $item['private'])
+					continue;
+
 				$contact = get_item_contact($item,$contacts);
 				if(! $contact)
 					continue;
-- 
cgit v1.2.3


From 3f61f9f2c56a13170c03610665727b5ec17c841b Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Wed, 10 Aug 2011 22:20:59 -0700
Subject: comment box premature close due to race condition with liveupdate

---
 include/main.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/main.js b/include/main.js
index 6db1f4179..d59c99223 100644
--- a/include/main.js
+++ b/include/main.js
@@ -174,7 +174,8 @@
 				else { 
 
 					$('#' + ident + ' ' + '.wall-item-ago').replaceWith($(this).find('.wall-item-ago')); 
-					$('#' + ident + ' ' + '.wall-item-comment-wrapper').replaceWith($(this).find('.wall-item-comment-wrapper'));
+					if($('#' + ident + ' ' + '.comment-edit-text-empty').length)
+						$('#' + ident + ' ' + '.wall-item-comment-wrapper').replaceWith($(this).find('.wall-item-comment-wrapper'));
 					$('#' + ident + ' ' + '.wall-item-like').replaceWith($(this).find('.wall-item-like'));
 					$('#' + ident + ' ' + '.wall-item-dislike').replaceWith($(this).find('.wall-item-dislike'));
 					$('#' + ident + ' ' + '.my-comment-photo').each(function() {
-- 
cgit v1.2.3


From 04b59ac49ae20cadc20c06663451359b98de73f5 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Thu, 11 Aug 2011 01:52:31 -0700
Subject: enhanced email privacy

---
 include/conversation.php | 13 ++++++++-----
 include/poller.php       |  4 +++-
 2 files changed, 11 insertions(+), 6 deletions(-)

(limited to 'include')

diff --git a/include/conversation.php b/include/conversation.php
index 6b1f64925..0d901a3c0 100644
--- a/include/conversation.php
+++ b/include/conversation.php
@@ -283,14 +283,14 @@ function conversation(&$a, $items, $mode, $update) {
 				continue;
 
 			$toplevelpost = (($item['id'] == $item['parent']) ? true : false);
-
+			$toplevelprivate = false;
 
 			// Take care of author collapsing and comment collapsing
 			// If a single author has more than 3 consecutive top-level posts, squash the remaining ones.
 			// If there are more than two comments, squash all but the last 2.
-
+		
 			if($toplevelpost) {
-
+				$toplevelprivate = (($toplevelpost && $item['private']) ? true : false);
 				$item_writeable = (($item['writable'] || $item['self']) ? true : false);
 
 				if($blowhard == $item['cid'] && (! $item['self']) && ($mode != 'profile') && ($mode != 'notes')) {
@@ -312,9 +312,12 @@ function conversation(&$a, $items, $mode, $update) {
 				$comments_seen = 0;
 				$comments_collapsed = false;
 			}
-			else
+			else {
+				// prevent private email from leaking into public conversation
+				if((! $toplevelpost) && (! toplevelprivate) && ($item['private']) && ($profile_owner != local_user()))
+					continue;
 				$comments_seen ++;
-
+			}	
 
 			$override_comment_box = ((($page_writeable) && ($item_writeable)) ? true : false);
 			$show_comment_box = ((($page_writeable) && ($item_writeable) && ($comments_seen == $comments[$item['parent']])) ? true : false);
diff --git a/include/poller.php b/include/poller.php
index 6ac99fc7d..86bb8ad55 100644
--- a/include/poller.php
+++ b/include/poller.php
@@ -421,8 +421,10 @@ function poller_run($argv, $argc){
 							$datarray['contact-id'] = $contact['id'];
 							if($datarray['parent-uri'] === $datarray['uri'])
 								$datarray['private'] = 1;
-							if(! get_pconfig($importer_uid,'system','allow_public_email_replies'))
+							if(! get_pconfig($importer_uid,'system','allow_public_email_replies')) {
 								$datarray['private'] = 1;
+								$datarray['allow_cid'] = '<' . $contact['id'] . '>';
+							}
 							$datarray['author-name'] = $contact['name'];
 							$datarray['author-link'] = 'mailbox';
 							$datarray['author-avatar'] = $contact['photo'];
-- 
cgit v1.2.3


From aefc6209a3d07d70835422e690f624c72075c410 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Fri, 12 Aug 2011 03:01:11 -0700
Subject: improved diaspora discovery

---
 include/Scrape.php   | 41 ++++++++++++++++++++++++++++++++++++-----
 include/diaspora.php | 33 +++++++++++++++++++++++++++++++++
 2 files changed, 69 insertions(+), 5 deletions(-)

(limited to 'include')

diff --git a/include/Scrape.php b/include/Scrape.php
index ef5d7dcae..c4882243d 100644
--- a/include/Scrape.php
+++ b/include/Scrape.php
@@ -1,6 +1,7 @@
 getElementsByTagName('*');
 	foreach($items as $item) {
 		if(attribute_contains($item->getAttribute('class'), 'vcard')) {
@@ -179,8 +182,13 @@ function scrape_vcard($url) {
 				if(attribute_contains($x->getAttribute('class'),'fn'))
 					$ret['fn'] = $x->textContent;
 				if((attribute_contains($x->getAttribute('class'),'photo'))
-					|| (attribute_contains($x->getAttribute('class'),'avatar')))
-					$ret['photo'] = $x->getAttribute('src');
+					|| (attribute_contains($x->getAttribute('class'),'avatar'))) {
+					$size = intval($x->getAttribute('width'));
+					if(($size > $largest_photo) || (! $largest_photo)) {
+						$ret['photo'] = $x->getAttribute('src');
+						$largest_photo = $size;
+					}
+				}
 				if((attribute_contains($x->getAttribute('class'),'nickname'))
 					|| (attribute_contains($x->getAttribute('class'),'uid')))
 					$ret['nick'] = $x->textContent;
@@ -289,7 +297,10 @@ function probe_url($url) {
 	if(! $url)
 		return $result;
 
-	$diaspora = false;	
+	$diaspora = false;
+	$diaspora_base = '';
+	$diaspora_guid = '';	
+	$diaspora_key = '';
 	$email_conversant = false;
 
 	$twitter = ((strpos($url,'twitter.com') !== false) ? true : false);
@@ -320,8 +331,19 @@ function probe_url($url) {
 					$hcard = unamp($link['@attributes']['href']);
 				if($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page')
 					$profile = unamp($link['@attributes']['href']);
-				if($link['@attributes']['rel'] === 'http://joindiaspora.com/seed_location')
+				if($link['@attributes']['rel'] === 'http://joindiaspora.com/seed_location') {
+					$diaspora_base = unamp($link['@attributes']['href']);
+					$diaspora = true;
+				}
+				if($link['@attributes']['rel'] === 'http://joindiaspora.com/guid') {
+					$diaspora_guid = unamp($link['@attributes']['href']);
 					$diaspora = true;
+				}
+				if($link['@attributes']['rel'] === 'diaspora-public-key') {
+					$diaspora_key = base64_decode(unamp($link['@attributes']['href']));
+					$pubkey = rsatopem($diaspora_key);
+					$diaspora = true;
+				}
 			}
 
 			// Status.Net can have more than one profile URL. We need to match the profile URL
@@ -419,8 +441,17 @@ function probe_url($url) {
 		}
 	}
 
+	if($diaspora && $diaspora_base && $diaspora_guid) {
+		$notify = $diaspora_base . 'receive/post/' . $diaspora_guid;
+		if(strpos($url,'@'))
+			$addr = str_replace('acct:', '', $url);
+	}			
+
 	if($network !== NETWORK_ZOT && $network !== NETWORK_DFRN && $network !== NETWORK_MAIL) {
-		$network  = NETWORK_OSTATUS;
+		if($diaspora)
+			$network = NETWORK_DIASPORA;
+		else
+			$network  = NETWORK_OSTATUS;
 		$priority = 0;
 
 		if($hcard) {
diff --git a/include/diaspora.php b/include/diaspora.php
index f799b6a49..d4e9c530c 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -244,6 +244,39 @@ function diaspora_decode($importer,$xml) {
 
 function diaspora_request($importer,$contact,$xml) {
 
+	$sender_handle = $xml->sender_handle;
+	$recipient_handle = $xml->recipient_handle;
+
+	if(! $sender_handle || ! $recipient_handle)
+		return;
+	
+	if($contact) {
+		q("UPDATE `contact` SET `rel` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
+			intval(CONTACT_IS_FRIEND),
+			intval($contact['id']),
+			intval($importer['uid'])
+		);
+		// send notification
+		return;
+	}
+	
+	require_once('include/Scrape.php');
+	$ret = probe_url($sender_handle);
+	$errors = false;
+	if((! count($ret)) || ($ret['network'] != NETWORK_DIASPORA)) {
+		logger('diaspora_request: Cannot resolve diaspora handle ' . $sender_handle . ' for ' . $recipient_handle);
+		$errors = true;
+	}
+
+
+	if($errors)
+		return;
+
+
+
+
+
+
 }
 
 function diaspora_post($importer,$contact,$xml) {
-- 
cgit v1.2.3


From e15e18e0d1499a91f6e3d20553a09af534c471f7 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Fri, 12 Aug 2011 21:01:51 -0700
Subject: hopefully fix statusnet bug by altering our feed format slightly

---
 include/items.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'include')

diff --git a/include/items.php b/include/items.php
index be231f34d..ec519ad9b 100644
--- a/include/items.php
+++ b/include/items.php
@@ -112,7 +112,7 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
 
 	$items = $r;
 
-	$feed_template = get_markup_template('atom_feed.tpl');
+	$feed_template = get_markup_template(($dfrn_id) ? 'atom_feed_dfrn.tpl' : 'atom_feed.tpl');
 
 	$atom = '';
 
@@ -1038,7 +1038,9 @@ function consume_feed($xml,$importer,&$contact, &$hub, $datedir = 0, $secure_fee
 	if(count($hubs))
 		$hub = implode(',', $hubs);
 
-	$rawtags = $feed->get_feed_tags( SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
+	$rawtags = $feed->get_feed_tags( NAMESPACE_DFRN, 'owner');
+	if(! $rawtags)
+		$rawtags = $feed->get_feed_tags( SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
 	if($rawtags) {
 		$elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
 		if($elems['name'][0]['attribs'][NAMESPACE_DFRN]['updated']) {
-- 
cgit v1.2.3


From 88f94325a412d2ef39ac57c6419507ace6b3f8bb Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Sat, 13 Aug 2011 06:52:33 -0700
Subject: incoming diaspora share notification turned into Friendika friend
 request

---
 include/diaspora.php | 56 +++++++++++++++++++++++++++++++++++++++++++---------
 1 file changed, 47 insertions(+), 9 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index d4e9c530c..90fa09b25 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -250,7 +250,7 @@ function diaspora_request($importer,$contact,$xml) {
 	if(! $sender_handle || ! $recipient_handle)
 		return;
 	
-	if($contact) {
+	if($contact && ($contact['rel'] == CONTACT_IS_FOLLOWER || $contact['rel'] == CONTACT_IS_FRIEND)) {
 		q("UPDATE `contact` SET `rel` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
 			intval(CONTACT_IS_FRIEND),
 			intval($contact['id']),
@@ -262,20 +262,58 @@ function diaspora_request($importer,$contact,$xml) {
 	
 	require_once('include/Scrape.php');
 	$ret = probe_url($sender_handle);
-	$errors = false;
+
 	if((! count($ret)) || ($ret['network'] != NETWORK_DIASPORA)) {
 		logger('diaspora_request: Cannot resolve diaspora handle ' . $sender_handle . ' for ' . $recipient_handle);
-		$errors = true;
-	}
-
-
-	if($errors)
 		return;
+	}
 
+	$r = q("INSERT INTO `contact` (`uid`, `network`,`addr`,`created`,`url`,`name`,`nick`,`photo`,`pubkey`,`notify`,`poll`,`blocked`,`priority`)
+		VALUES ( %d, '%s', '%s', '%s','%s','%s','%s','%s','%s','%s','%s',%d,%d) ",
+		intval($importer['uid']),
+		dbesc($ret['network']),
+		dbesc($ret['addr']),
+		datetime_convert(),
+		dbesc($ret['url']),
+		dbesc($ret['name']),
+		dbesc($ret['nick']),
+		dbesc($ret['photo']),
+		dbesc($ret['pubkey']),
+		dbesc($ret['notify']),
+		dbesc($ret['poll']),
+		1,
+		2
+	);
+		 
+	// find the contact record we just created
+	$contact_record = null;
+	if($r) {	
+		$r = q("SELECT `id` FROM `contact` 
+				WHERE `uid` = %d AND `addr` = '%s' AND `poll` = '%s' LIMIT 1",
+				intval($importer['uid']),
+				$ret['addr'],
+				$ret['poll']
+		);
+		if(count($r)) 
+			$contact_record = $r[0];
+	}
 
+	$hash = random_string() . (string) time();   // Generate a confirm_key
+	
+	if(is_array($contact_record)) {
+		$ret = q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `note`, `hash`, `datetime`)
+			VALUES ( %d, %d, 1, %d, '%s', '%s', '%s' )",
+			intval($importer['uid']),
+			intval($contact_record['id']),
+			0,
+			dbesc( t('Sharing notification from Diaspora network')),
+			dbesc($hash),
+			dbesc(datetime_convert())
+		);
+	}
+	
 
-
-
+	return;
 
 }
 
-- 
cgit v1.2.3


From 4b4ff75b7273194d2bea2b39ff878835738cd2b1 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Sat, 13 Aug 2011 16:39:59 -0700
Subject: basic post message from diaspora (untested)

---
 include/diaspora.php | 73 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 73 insertions(+)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index 90fa09b25..847bec73d 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -319,6 +319,79 @@ function diaspora_request($importer,$contact,$xml) {
 
 function diaspora_post($importer,$contact,$xml) {
 
+	$guid = notags(unxmlify($xml->guid));
+	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+	$message_id = $diaspora_handle . ':' . $guid;
+	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `guid` = '%s' LIMIT 1",
+		intval($importer['uid']),
+		dbesc($message_id),
+		dbesc($guid)
+	);
+	if(count($r))
+		return;
+
+	$owner = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
+		intval($importer['uid'])
+	);
+	if(! count($owner))
+		return;
+
+	$created = unxmlify($xml->created_at);
+	$private = ((unxmlify($xml->public) == 'false') ? 1 : 0);
+
+	$body = unxmlify($xml->raw_message);
+
+	require_once('library/HTMLPurifier.auto.php');
+	require_once('include/html2bbcode.php');
+
+	$maxlen = get_max_import_size();
+	if($maxlen && (strlen($body) > $maxlen))
+		$body = substr($body,0, $maxlen);
+
+	if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) {
+
+		$body = preg_replace('#]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?#s',
+			'[youtube]$1[/youtube]', $body);
+
+		$body = preg_replace('#].+?' . 'http://www.youtube.com/embed/([A-Za-z0-9\-_=]+).+?#s',
+			'[youtube]$1[/youtube]', $body);
+
+		$body = oembed_html2bbcode($body);
+
+		$config = HTMLPurifier_Config::createDefault();
+		$config->set('Cache.DefinitionImpl', null);
+
+		// we shouldn't need a whitelist, because the bbcode converter
+		// will strip out any unsupported tags.
+		// $config->set('HTML.Allowed', 'p,b,a[href],i'); 
+
+		$purifier = new HTMLPurifier($config);
+		$body = $purifier->purify($body);
+
+		$body = html2bbcode($body);
+	}
+
+	$datarray = array();
+	$datarray['uid'] = $importer['uid'];
+	$datarray['contact-id'] = $contact['id'];
+	$datarray['wall'] = 0;
+	$datarray['guid'] = $guid;
+	$datarray['uri'] = $message_id;
+	$dattarray['created'] = $datarray['edited'] = datetime_convert('UTC','UTC',$created);
+	$dattarray['private'] = $private;
+	$dattarray['parent'] = 0;
+	$datarray['owner-name'] = $owner[0]['name'];
+	$datarray['owner-link'] = $owner[0]['url'];
+	$datarray['owner-avatar'] = $owner[0]['thumb'];
+	$datarray['author-name'] = $contact['name'];
+	$datarray['author-link'] = $contact['url'];
+	$datarray['author-avatar'] = $contact['thumb'];
+
+	item_store($datarray);
+
+	return;
+
+
 }
 
 function diaspora_comment($importer,$contact,$xml) {
-- 
cgit v1.2.3


From 025485ea69a8c40ae0357987c285c47d51a7b284 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Sat, 13 Aug 2011 19:03:59 -0700
Subject: partially fill in diaspora stub functions for comments and likes -
 these both need lots more work

---
 include/diaspora.php | 137 ++++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 125 insertions(+), 12 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index 847bec73d..3310e6d32 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -330,11 +330,18 @@ function diaspora_post($importer,$contact,$xml) {
 	if(count($r))
 		return;
 
-	$owner = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
-		intval($importer['uid'])
+    // allocate a guid on our system - we aren't fixing any collisions.
+	// we're ignoring them
+
+	$g = q("select * from guid where guid = '%s' limit 1",
+		dbesc($guid)
 	);
-	if(! count($owner))
-		return;
+	if(! count($g)) {
+		q("insert into guid ( guid ) values ( '%s' )",
+			dbesc($guid)
+		);
+	}
+
 
 	$created = unxmlify($xml->created_at);
 	$private = ((unxmlify($xml->public) == 'false') ? 1 : 0);
@@ -360,11 +367,6 @@ function diaspora_post($importer,$contact,$xml) {
 
 		$config = HTMLPurifier_Config::createDefault();
 		$config->set('Cache.DefinitionImpl', null);
-
-		// we shouldn't need a whitelist, because the bbcode converter
-		// will strip out any unsupported tags.
-		// $config->set('HTML.Allowed', 'p,b,a[href],i'); 
-
 		$purifier = new HTMLPurifier($config);
 		$body = $purifier->purify($body);
 
@@ -380,9 +382,9 @@ function diaspora_post($importer,$contact,$xml) {
 	$dattarray['created'] = $datarray['edited'] = datetime_convert('UTC','UTC',$created);
 	$dattarray['private'] = $private;
 	$dattarray['parent'] = 0;
-	$datarray['owner-name'] = $owner[0]['name'];
-	$datarray['owner-link'] = $owner[0]['url'];
-	$datarray['owner-avatar'] = $owner[0]['thumb'];
+	$datarray['owner-name'] = $contact['name'];
+	$datarray['owner-link'] = $contact['url'];
+	$datarray['owner-avatar'] = $contact['thumb'];
 	$datarray['author-name'] = $contact['name'];
 	$datarray['author-link'] = $contact['url'];
 	$datarray['author-avatar'] = $contact['thumb'];
@@ -395,11 +397,122 @@ function diaspora_post($importer,$contact,$xml) {
 }
 
 function diaspora_comment($importer,$contact,$xml) {
+	$guid = notags(unxmlify($xml->guid));
+	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+	$message_id = $diaspora_handle . ':' . $guid;
+	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `guid` = '%s' LIMIT 1",
+		intval($importer['uid']),
+		dbesc($message_id),
+		dbesc($guid)
+	);
+	if(count($r))
+		return;
+
+	$owner = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
+		intval($importer['uid'])
+	);
+	if(! count($owner))
+		return;
+
+	$created = unxmlify($xml->created_at);
+	$private = ((unxmlify($xml->public) == 'false') ? 1 : 0);
 
 }
 
 function diaspora_like($importer,$contact,$xml) {
 
+	$guid = notags(unxmlify($xml->guid));
+	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+	$message_id = $diaspora_handle . ':' . $guid;
+	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `guid` = '%s' LIMIT 1",
+		intval($importer['uid']),
+		dbesc($message_id),
+		dbesc($guid)
+	);
+	if(count($r))
+		return;
+
+	$owner = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
+		intval($importer['uid'])
+	);
+	if(! count($owner))
+		return;
+
+	$created = unxmlify($xml->created_at);
+	$private = ((unxmlify($xml->public) == 'false') ? 1 : 0);
+
+	$uri = item_new_uri($a->get_hostname(),$owner_uid);
+
+	$post_type = (($item['resource-id']) ? t('photo') : t('status'));
+	$objtype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); 
+	$link = xmlify('' . "\n") ;
+	$body = $item['body'];
+
+	$obj = <<< EOT
+
+	
+		$objtype
+		1
+		{$item['uri']}
+		$link
+		
+		$body
+	
+EOT;
+	if($verb === 'like')
+		$bodyverb = t('%1$s likes %2$s\'s %3$s');
+	if($verb === 'dislike')
+		$bodyverb = t('%1$s doesn\'t like %2$s\'s %3$s');
+
+	if(! isset($bodyverb))
+			return; 
+
+	$arr = array();
+
+	$arr['uri'] = $uri;
+	$arr['uid'] = $owner_uid;
+	$arr['contact-id'] = $contact['id'];
+	$arr['type'] = 'activity';
+	$arr['wall'] = 1;
+	$arr['gravity'] = GRAVITY_LIKE;
+	$arr['parent'] = $item['id'];
+	$arr['parent-uri'] = $item['uri'];
+	$arr['owner-name'] = $owner['name'];
+	$arr['owner-link'] = $owner['url'];
+	$arr['owner-avatar'] = $owner['thumb'];
+	$arr['author-name'] = $contact['name'];
+	$arr['author-link'] = $contact['url'];
+	$arr['author-avatar'] = $contact['thumb'];
+	
+	$ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
+	$alink = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
+	$plink = '[url=' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . ']' . $post_type . '[/url]';
+	$arr['body'] =  sprintf( $bodyverb, $ulink, $alink, $plink );
+
+	$arr['verb'] = $activity;
+	$arr['object-type'] = $objtype;
+	$arr['object'] = $obj;
+	$arr['allow_cid'] = $item['allow_cid'];
+	$arr['allow_gid'] = $item['allow_gid'];
+	$arr['deny_cid'] = $item['deny_cid'];
+	$arr['deny_gid'] = $item['deny_gid'];
+	$arr['visible'] = 1;
+	$arr['unseen'] = 1;
+	$arr['last-child'] = 0;
+
+	$post_id = item_store($arr);	
+
+	if(! $item['visible']) {
+		$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1",
+			intval($item['id']),
+			intval($owner_uid)
+		);
+	}			
+
+	$arr['id'] = $post_id;
+
+
+
 }
 
 function diaspora_retraction($importer,$contact,$xml) {
-- 
cgit v1.2.3


From 79529612226dc89b90df33ba066a530d0e716a69 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Sun, 14 Aug 2011 18:13:52 -0700
Subject: diaspora probe/scrape changes

---
 include/Scrape.php | 35 +++++++++++++++++++++++------------
 1 file changed, 23 insertions(+), 12 deletions(-)

(limited to 'include')

diff --git a/include/Scrape.php b/include/Scrape.php
index c4882243d..b32d7283e 100644
--- a/include/Scrape.php
+++ b/include/Scrape.php
@@ -468,13 +468,6 @@ function probe_url($url) {
 			logger('probe_url: scrape_vcard: ' . print_r($vcard,true), LOGGER_DATA);
 		}
 
-		if(! $profile) {
-			if($diaspora)
-				$profile = $hcard;
-			else
-				$profile = $url;
-		}
-
 		if($twitter) {		
 			logger('twitter: setup');
 			$tid = basename($url);
@@ -490,8 +483,16 @@ function probe_url($url) {
 			if(x($vcard,'nick'))
 				$vcard['fn'] = $vcard['nick'];
 
-	
-		if(((! isset($vcard)) && (! $poll) && (! $at_addr)) || ($twitter)) {
+		$check_feed = false;
+
+		if($twitter || ! $poll)
+			$check_feed = true;
+		if((! isset($vcard)) || (! $profile))
+			$check_feed = true;
+		if(($at_addr) && (! count($links)))
+			$check_feed = false;
+
+		if($check_feed) {
 
 			$feedret = scrape_feed($url);
 			logger('probe_url: scrape_feed returns: ' . print_r($feedret,true), LOGGER_DATA);
@@ -527,6 +528,8 @@ function probe_url($url) {
 				if(strpos($vcard['fn'],'@') !== false)
 					$vcard['fn'] = substr($vcard['fn'],0,strpos($vcard['fn'],'@'));
 				$email = unxmlify($author->get_email());
+				if(! $profile && $author->get_link())
+					$profile = trim(unxmlify($author->get_link()));
 				if(! $vcard['photo']) {
 					$rawtags = $feed->get_feed_tags( SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
     				if($rawtags) {
@@ -547,6 +550,8 @@ function probe_url($url) {
 						if(strpos($vcard['fn'],'@') !== false)
 							$vcard['fn'] = substr($vcard['fn'],0,strpos($vcard['fn'],'@'));
 						$email = unxmlify($author->get_email());
+						if(! $profile && $author->get_link())
+							$profile = trim(unxmlify($author->get_link()));
 					}
 					if(! $vcard['photo']) {
 						$rawmedia = $item->get_item_tags('http://search.yahoo.com/mrss/','thumbnail');
@@ -584,8 +589,10 @@ function probe_url($url) {
 				if(strpos($vcard['nick'],' '))
 					$vcard['nick'] = trim(substr($vcard['nick'],0,strpos($vcard['nick'],' ')));
 			}
-			$network = 'feed';
-			$priority = 2;
+			if(! $network)
+				$network = 'feed';
+			if(! $priority)
+				$priority = 2;
 		}
 	}
 
@@ -593,8 +600,12 @@ function probe_url($url) {
 		$a = get_app();
 		$vcard['photo'] = $a->get_baseurl() . '/images/default-profile.jpg' ; 
 	}
+
+	if(! $profile)
+		$profile = $url;
+
 	$vcard['fn'] = notags($vcard['fn']);
-	$vcard['nick'] = notags($vcard['nick']);
+	$vcard['nick'] = str_replace(' ','',notags($vcard['nick']));
 
 
 	$result['name'] = $vcard['fn'];
-- 
cgit v1.2.3


From 0729e205c8149f5634b8622654a09382b50ec678 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Sun, 14 Aug 2011 20:38:31 -0700
Subject: diaspora follow from friendika

---
 include/diaspora.php | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index 3310e6d32..d8be2b2cc 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -77,7 +77,7 @@ $decrypted_header = <<< EOT
   $b_inner_iv
   $b_inner_aes_key
   
-    {$contact['name']}
+    {$user['username']}
     $handle
   
 
@@ -170,7 +170,7 @@ function diaspora_decode($importer,$xml) {
 	
 	if(! $base) {
 		logger('mod-diaspora: unable to locate salmon data in xml ');
-		dt_return(400);
+		http_status_exit(400);
 	}
 
 
@@ -519,3 +519,24 @@ function diaspora_retraction($importer,$contact,$xml) {
 
 }
 
+function diaspora_share($me,$contact) {
+	$a = get_app();
+	$myaddr = $me['nickname'] . '@' .  substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
+	$theiraddr = $contact['addr'];
+
+	$tpl = get_markup_template('diaspora_share.tpl');
+	$msg = replace_macros($tpl, array(
+		'$sender' => myaddr,
+		'$recipient' => $theiraddr
+	));
+
+	$slap = diaspora_msg_build($msg,$me,$contact,$me['prvkey'],$contact['pubkey']);
+
+	post_url($contact['notify'],$slap, array(
+		'Content-type: application/magic-envelope+xml',
+		'Content-length: ' . strlen($slap)
+	));
+	$return_code = $a->get_curl_code();
+	return $return_code;
+}
+
-- 
cgit v1.2.3


From d723ff47708843893956bf30669b4762a6360bcd Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Sun, 14 Aug 2011 21:23:02 -0700
Subject: diaspora top level status posts, string update

---
 include/diaspora.php | 35 +++++++++++++++++++++++++++++++++++
 include/notifier.php | 24 +++++++++++++++++-------
 2 files changed, 52 insertions(+), 7 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index d8be2b2cc..38ee8c1e5 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -540,3 +540,38 @@ function diaspora_share($me,$contact) {
 	return $return_code;
 }
 
+function diaspora_send_status($item,$owner,$contact) {
+
+	$a = get_app();
+	$myaddr = $owner['nickname'] . '@' .  substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
+	$theiraddr = $contact['addr'];
+	require_once('include/bbcode.php');
+
+	$body = xmlify(bbcode($item['body']));
+	$public = (($item['private']) ? 'false' : 'true');
+
+	require_once('include/datetime.php');
+	$created = datetime_convert('UTC','UTC',$item['created'],'Y-m-d h:i:s \U\T\C');
+
+	$tpl = get_markup_template('diaspora_post.tpl');
+	$msg = replace_macros($tpl, array(
+		'$body' => $body,
+		'$guid' => $item['guid'],
+		'$handle' => xmlify($myaddr),
+		'$public' => $public,
+		'$created' => $created
+	));
+
+	logger('diaspora_send_status: base message: ' . $msg, LOGGER_DATA);
+
+	$slap = diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey']);
+
+	post_url($contact['notify'],$slap, array(
+		'Content-type: application/magic-envelope+xml',
+		'Content-length: ' . strlen($slap)
+	));
+	$return_code = $a->get_curl_code();
+	logger('diaspora_send_status: returns: ' . $return_code);
+	return $return_code;
+}
+
diff --git a/include/notifier.php b/include/notifier.php
index bd78d7560..332cd19e3 100644
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -119,7 +119,8 @@ function notifier_run($argv, $argc){
 			$top_level = true;
 	}
 
-	$r = q("SELECT `contact`.*, `user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`, 
+	$r = q("SELECT `contact`.*, `user`.`pubkey` AS `upubkey`, `user`.`prvkey` AS `uprvkey`, 
+		`user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`, 
 		`user`.`page-flags`, `user`.`prvnets`
 		FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` 
 		WHERE `contact`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1",
@@ -351,7 +352,7 @@ function notifier_run($argv, $argc){
 			$deliver_status = 0;
 
 			switch($contact['network']) {
-				case 'dfrn':
+				case NETWORK_DFRN:
 					logger('notifier: dfrndelivery: ' . $contact['name']);
 					$deliver_status = dfrn_deliver($owner,$contact,$atom);
 
@@ -369,7 +370,7 @@ function notifier_run($argv, $argc){
 						);
 					}
 					break;
-				case 'stat':
+				case NETWORK_OSTATUS:
 
 					// Do not send to otatus if we are not configured to send to public networks
 					if($owner['prvnets'])
@@ -419,7 +420,7 @@ function notifier_run($argv, $argc){
 					}
 					break;
 
-				case 'mail':
+				case NETWORK_MAIL:
 						
 					if(get_config('system','dfrn_only'))
 						break;
@@ -496,9 +497,18 @@ function notifier_run($argv, $argc){
 						mail($addr, $subject, $message, $headers);
 					}
 					break;
-				case 'feed':
-				case 'face':
-				case 'dspr':
+				case NETWORK_DIASPORA:
+					if(get_config('system','dfrn_only') || (! get_config('diaspora_enabled')))
+						break;
+					if($top_level) {
+						diaspora_send_status($parent_item,$owner,$contact);
+						break;
+					}
+
+					break;
+
+				case NETWORK_FEED:
+				case NETWORK_FACEBOOK:
 					if(get_config('system','dfrn_only'))
 						break;
 				default:
-- 
cgit v1.2.3


From 5b24050875bc0b2edfee92005bba7c5ef7a17cab Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Sun, 14 Aug 2011 22:59:34 -0700
Subject: split off facebook and other cron hooks from poller

---
 include/cronhooks.php | 41 +++++++++++++++++++++++++++++++++++++++++
 include/poller.php    |  5 ++---
 2 files changed, 43 insertions(+), 3 deletions(-)
 create mode 100644 include/cronhooks.php

(limited to 'include')

diff --git a/include/cronhooks.php b/include/cronhooks.php
new file mode 100644
index 000000000..a4eb5fbb3
--- /dev/null
+++ b/include/cronhooks.php
@@ -0,0 +1,41 @@
+require_once("boot.php");
+
+
+function cronhooks_run($argv, $argc){
+	global $a, $db;
+
+	if(is_null($a)) {
+		$a = new App;
+	}
+  
+	if(is_null($db)) {
+	    @include(".htconfig.php");
+    	require_once("dba.php");
+	    $db = new dba($db_host, $db_user, $db_pass, $db_data);
+    	unset($db_host, $db_user, $db_pass, $db_data);
+  	};
+
+	require_once('include/session.php');
+	require_once('include/datetime.php');
+
+	load_config('config');
+	load_config('system');
+
+	$a->set_baseurl(get_config('system','url'));
+
+	load_hooks();
+
+	logger('cronhooks: start');
+	
+
+	$d = datetime_convert();
+
+	call_hooks('cron', $d);
+
+	return;
+}
+
+if (array_search(__file__,get_included_files())===0){
+  cronhooks_run($argv,$argc);
+  killme();
+}
diff --git a/include/poller.php b/include/poller.php
index 86bb8ad55..651736a99 100644
--- a/include/poller.php
+++ b/include/poller.php
@@ -80,8 +80,7 @@ function poller_run($argv, $argc){
 	$d = datetime_convert();
 
 	if(! $restart)
-		call_hooks('cron', $d);
-
+		proc_run('php','include/cronhooks.php');
 
 	$contacts = q("SELECT `id` FROM `contact` 
 		WHERE ( `rel` = %d OR `rel` = %d ) AND `poll` != ''
@@ -101,7 +100,7 @@ function poller_run($argv, $argc){
 			intval($c['id'])
 		);
 
-		if(! count($res))
+		if((! $res) || (! count($res)))
 			continue;
 
 		foreach($res as $contact) {
-- 
cgit v1.2.3


From 9cd77b56ab8253b9c664fe18b8cf6def647f9ca8 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 01:29:58 -0700
Subject: temporarily disable oembed

---
 include/oembed.php | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'include')

diff --git a/include/oembed.php b/include/oembed.php
index 06a37d8e4..e86275e61 100644
--- a/include/oembed.php
+++ b/include/oembed.php
@@ -7,6 +7,7 @@ function oembed_replacecb($matches){
 
 
 function oembed_fetch_url($embedurl){
+return;
 	$r = q("SELECT v FROM `cache` WHERE k='%s'",
 				dbesc($embedurl));
 				
@@ -17,6 +18,8 @@ function oembed_fetch_url($embedurl){
 		
 		// try oembed autodiscovery
 		$html_text = fetch_url($embedurl);
+		if(! $html_text)
+			return;
 		$dom = @DOMDocument::loadHTML($html_text);
 		if ($dom){
 			$xpath = new DOMXPath($dom);
-- 
cgit v1.2.3


From 5d6155a9685202b055744549a2cb84e3d8195fd2 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 05:27:24 -0700
Subject: fixes share from diaspora

---
 include/Scrape.php   | 2 +-
 include/diaspora.php | 9 ++++++---
 2 files changed, 7 insertions(+), 4 deletions(-)

(limited to 'include')

diff --git a/include/Scrape.php b/include/Scrape.php
index b32d7283e..bfe795e19 100644
--- a/include/Scrape.php
+++ b/include/Scrape.php
@@ -494,7 +494,7 @@ function probe_url($url) {
 
 		if($check_feed) {
 
-			$feedret = scrape_feed($url);
+			$feedret = scrape_feed(($poll) ? $poll : $url);
 			logger('probe_url: scrape_feed returns: ' . print_r($feedret,true), LOGGER_DATA);
 			if(count($feedret) && ($feedret['feed_atom'] || $feedret['feed_rss'])) {
 				$poll = ((x($feedret,'feed_atom')) ? unamp($feedret['feed_atom']) : unamp($feedret['feed_rss']));
diff --git a/include/diaspora.php b/include/diaspora.php
index 38ee8c1e5..edb273d3c 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -116,6 +116,8 @@ EOT;
 
 function diaspora_decode($importer,$xml) {
 
+
+
 	$basedom = parse_xml_string($xml);
 
 	$atom = $basedom->children(NAMESPACE_ATOM1);
@@ -129,7 +131,7 @@ function diaspora_decode($importer,$xml) {
 	openssl_private_decrypt($encrypted_aes_key_bundle,$outer_key_bundle,$importer['prvkey']);
 
 	$j_outer_key_bundle = json_decode($outer_key_bundle);
-
+logger('outer: ' . $j_outer_key_bundle);
 	$outer_iv = base64_decode($j_outer_key_bundle->iv);
 	$outer_key = base64_decode($j_outer_key_bundle->key);
 
@@ -150,6 +152,7 @@ function diaspora_decode($importer,$xml) {
 	 *  
 	 */
 
+	logger('decrypted: ' . $decrypted);
 	$idom = parse_xml_string($decrypted,false);
 
 	$inner_iv = base64_decode($idom->iv);
@@ -301,8 +304,8 @@ function diaspora_request($importer,$contact,$xml) {
 	$hash = random_string() . (string) time();   // Generate a confirm_key
 	
 	if(is_array($contact_record)) {
-		$ret = q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `note`, `hash`, `datetime`)
-			VALUES ( %d, %d, 1, %d, '%s', '%s', '%s' )",
+		$ret = q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `note`, `hash`, `datetime`,`blocked`)
+			VALUES ( %d, %d, 1, %d, '%s', '%s', '%s', 0 )",
 			intval($importer['uid']),
 			intval($contact_record['id']),
 			0,
-- 
cgit v1.2.3


From 805770521eebdd0bc6ddfb2f174a76e0646557fc Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 06:27:17 -0700
Subject: errant debug statement

---
 include/diaspora.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index edb273d3c..74aa32f5c 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -131,7 +131,7 @@ function diaspora_decode($importer,$xml) {
 	openssl_private_decrypt($encrypted_aes_key_bundle,$outer_key_bundle,$importer['prvkey']);
 
 	$j_outer_key_bundle = json_decode($outer_key_bundle);
-logger('outer: ' . $j_outer_key_bundle);
+
 	$outer_iv = base64_decode($j_outer_key_bundle->iv);
 	$outer_key = base64_decode($j_outer_key_bundle->key);
 
-- 
cgit v1.2.3


From 44918e27367d00d3625daaf751a05b166ecd2fc1 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 17:14:51 -0700
Subject: turn diaspora posts into x-www-form-urlencoded

---
 include/diaspora.php | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index 74aa32f5c..dd0debe69 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -533,12 +533,9 @@ function diaspora_share($me,$contact) {
 		'$recipient' => $theiraddr
 	));
 
-	$slap = diaspora_msg_build($msg,$me,$contact,$me['prvkey'],$contact['pubkey']);
+	$slap = 'xml=' . urlencode(diaspora_msg_build($msg,$me,$contact,$me['prvkey'],$contact['pubkey']));
 
-	post_url($contact['notify'],$slap, array(
-		'Content-type: application/magic-envelope+xml',
-		'Content-length: ' . strlen($slap)
-	));
+	post_url($contact['notify'],$slap);
 	$return_code = $a->get_curl_code();
 	return $return_code;
 }
@@ -567,12 +564,9 @@ function diaspora_send_status($item,$owner,$contact) {
 
 	logger('diaspora_send_status: base message: ' . $msg, LOGGER_DATA);
 
-	$slap = diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey']);
+	$slap = 'xml=' . urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey']));
 
-	post_url($contact['notify'],$slap, array(
-		'Content-type: application/magic-envelope+xml',
-		'Content-length: ' . strlen($slap)
-	));
+	post_url($contact['notify'],$slap);
 	$return_code = $a->get_curl_code();
 	logger('diaspora_send_status: returns: ' . $return_code);
 	return $return_code;
-- 
cgit v1.2.3


From a93b6757b1b48f268db8f6d2f05bc875c91264a0 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 19:39:49 -0700
Subject: set parent-uri for top level posts

---
 include/diaspora.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index dd0debe69..87626cb63 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -381,7 +381,7 @@ function diaspora_post($importer,$contact,$xml) {
 	$datarray['contact-id'] = $contact['id'];
 	$datarray['wall'] = 0;
 	$datarray['guid'] = $guid;
-	$datarray['uri'] = $message_id;
+	$datarray['uri'] = $datarray['parent-uri'] = $message_id;
 	$dattarray['created'] = $datarray['edited'] = datetime_convert('UTC','UTC',$created);
 	$dattarray['private'] = $private;
 	$dattarray['parent'] = 0;
-- 
cgit v1.2.3


From 9634bb514f3c431027a51baa39647681db598987 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 19:46:47 -0700
Subject: doh! add body to the item

---
 include/diaspora.php | 1 +
 1 file changed, 1 insertion(+)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index 87626cb63..ada7f63ab 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -391,6 +391,7 @@ function diaspora_post($importer,$contact,$xml) {
 	$datarray['author-name'] = $contact['name'];
 	$datarray['author-link'] = $contact['url'];
 	$datarray['author-avatar'] = $contact['thumb'];
+	$datarray['body'] = $body;
 
 	item_store($datarray);
 
-- 
cgit v1.2.3


From d0c8f11dfffab4a200e57f71c81aa4f7372ccc1e Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 21:01:44 -0700
Subject: typos

---
 include/diaspora.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index ada7f63ab..fb5c69e70 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -382,9 +382,9 @@ function diaspora_post($importer,$contact,$xml) {
 	$datarray['wall'] = 0;
 	$datarray['guid'] = $guid;
 	$datarray['uri'] = $datarray['parent-uri'] = $message_id;
-	$dattarray['created'] = $datarray['edited'] = datetime_convert('UTC','UTC',$created);
-	$dattarray['private'] = $private;
-	$dattarray['parent'] = 0;
+	$datarray['created'] = $datarray['edited'] = datetime_convert('UTC','UTC',$created);
+	$datarray['private'] = $private;
+	$datarray['parent'] = 0;
 	$datarray['owner-name'] = $contact['name'];
 	$datarray['owner-link'] = $contact['url'];
 	$datarray['owner-avatar'] = $contact['thumb'];
-- 
cgit v1.2.3


From 3d45f9f133a7da9fec34d17c81f8c804c5a9deff Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 21:46:52 -0700
Subject: remove disable oembed

---
 include/oembed.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/oembed.php b/include/oembed.php
index e86275e61..b325a766e 100644
--- a/include/oembed.php
+++ b/include/oembed.php
@@ -7,7 +7,7 @@ function oembed_replacecb($matches){
 
 
 function oembed_fetch_url($embedurl){
-return;
+
 	$r = q("SELECT v FROM `cache` WHERE k='%s'",
 				dbesc($embedurl));
 				
-- 
cgit v1.2.3


From 0eb06b3e2d9c5c65b6bad97639f032d5d0a1620f Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 22:23:17 -0700
Subject: cronhooks broken

---
 include/cronhooks.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'include')

diff --git a/include/cronhooks.php b/include/cronhooks.php
index a4eb5fbb3..37541f013 100644
--- a/include/cronhooks.php
+++ b/include/cronhooks.php
@@ -1,3 +1,5 @@
+
Date: Mon, 15 Aug 2011 23:19:17 -0700
Subject: refactor the diaspora contact logic

---
 include/diaspora.php | 95 ++++++++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 81 insertions(+), 14 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index fb5c69e70..95673996f 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -1,6 +1,7 @@
 sender_handle;
 	$recipient_handle = $xml->recipient_handle;
 
 	if(! $sender_handle || ! $recipient_handle)
 		return;
-	
-	if($contact && ($contact['rel'] == CONTACT_IS_FOLLOWER || $contact['rel'] == CONTACT_IS_FRIEND)) {
-		q("UPDATE `contact` SET `rel` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
-			intval(CONTACT_IS_FRIEND),
-			intval($contact['id']),
-			intval($importer['uid'])
-		);
-		// send notification
+	 
+	$contact = diaspora_get_contact_by_handle($importer['uid'],$sender_handle);
+
+	if($contact) {
+		if($contact['rel'] == CONTACT_IS_FOLLOWER) {
+			q("UPDATE `contact` SET `rel` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
+				intval(CONTACT_IS_FRIEND),
+				intval($contact['id']),
+				intval($importer['uid'])
+			);
+		}
+		// send notification?
 		return;
 	}
 	
@@ -320,10 +334,21 @@ function diaspora_request($importer,$contact,$xml) {
 
 }
 
-function diaspora_post($importer,$contact,$xml) {
+function diaspora_post($importer,$xml) {
 
 	$guid = notags(unxmlify($xml->guid));
 	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+
+	$contact = diaspora_get_contact_by_handle($importer['uid'],$diaspora_handle);
+	if(! $contact)
+		return;
+
+	if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { 
+		logger('diaspora_post: Ignoring this author.');
+		http_status_exit(202);
+		// NOTREACHED
+	}
+
 	$message_id = $diaspora_handle . ':' . $guid;
 	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `guid` = '%s' LIMIT 1",
 		intval($importer['uid']),
@@ -400,9 +425,23 @@ function diaspora_post($importer,$contact,$xml) {
 
 }
 
-function diaspora_comment($importer,$contact,$xml) {
+function diaspora_comment($importer,$xml) {
 	$guid = notags(unxmlify($xml->guid));
 	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+
+
+	$contact = diaspora_get_contact_by_handle($importer['uid'],$diaspora_handle);
+	if(! $contact)
+		return;
+
+	if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { 
+		logger('diaspora_comment: Ignoring this author.');
+		http_status_exit(202);
+		// NOTREACHED
+	}
+
+
+
 	$message_id = $diaspora_handle . ':' . $guid;
 	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `guid` = '%s' LIMIT 1",
 		intval($importer['uid']),
@@ -423,10 +462,23 @@ function diaspora_comment($importer,$contact,$xml) {
 
 }
 
-function diaspora_like($importer,$contact,$xml) {
+function diaspora_like($importer,$xml) {
 
 	$guid = notags(unxmlify($xml->guid));
 	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+
+
+	$contact = diaspora_get_contact_by_handle($importer['uid'],$diaspora_handle);
+	if(! $contact)
+		return;
+
+	if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { 
+		logger('diaspora_like: Ignoring this author.');
+		http_status_exit(202);
+		// NOTREACHED
+	}
+
+
 	$message_id = $diaspora_handle . ':' . $guid;
 	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `guid` = '%s' LIMIT 1",
 		intval($importer['uid']),
@@ -519,7 +571,22 @@ EOT;
 
 }
 
-function diaspora_retraction($importer,$contact,$xml) {
+function diaspora_retraction($importer,$xml) {
+
+	$guid = notags(unxmlify($xml->guid));
+	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+
+	$contact = diaspora_get_contact_by_handle($importer['uid'],$diaspora_handle);
+	if(! $contact)
+		return;
+
+//	if(($contact['rel'] == CONTACT_IS_FOLLOWER) || ($contact['blocked']) || ($contact['readonly'])) { 
+//		logger('diaspora_retraction: Ignoring this author.');
+//		http_status_exit(202);
+//		// NOTREACHED
+//	}
+
+
 
 }
 
-- 
cgit v1.2.3


From 2c0404fdc88081f68af18a788d2f285e5c059f47 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 16 Aug 2011 00:52:34 -0700
Subject: cleanup after refactor

---
 include/diaspora.php | 23 +++++------------------
 1 file changed, 5 insertions(+), 18 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index 95673996f..69d2dff19 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -257,8 +257,8 @@ function diaspora_get_contact_by_handle($uid,$handle) {
 
 function diaspora_request($importer,$xml) {
 
-	$sender_handle = $xml->sender_handle;
-	$recipient_handle = $xml->recipient_handle;
+	$sender_handle = unxmlify($xml->sender_handle);
+	$recipient_handle = unxmlify($xml->recipient_handle);
 
 	if(! $sender_handle || ! $recipient_handle)
 		return;
@@ -303,21 +303,12 @@ function diaspora_request($importer,$xml) {
 	);
 		 
 	// find the contact record we just created
-	$contact_record = null;
-	if($r) {	
-		$r = q("SELECT `id` FROM `contact` 
-				WHERE `uid` = %d AND `addr` = '%s' AND `poll` = '%s' LIMIT 1",
-				intval($importer['uid']),
-				$ret['addr'],
-				$ret['poll']
-		);
-		if(count($r)) 
-			$contact_record = $r[0];
-	}
+
+	$contact_record = diaspora_get_contact_by_handle($importer['uid'],$sender_handle);
 
 	$hash = random_string() . (string) time();   // Generate a confirm_key
 	
-	if(is_array($contact_record)) {
+	if($contact_record) {
 		$ret = q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `note`, `hash`, `datetime`,`blocked`)
 			VALUES ( %d, %d, 1, %d, '%s', '%s', '%s', 0 )",
 			intval($importer['uid']),
@@ -328,10 +319,8 @@ function diaspora_request($importer,$xml) {
 			dbesc(datetime_convert())
 		);
 	}
-	
 
 	return;
-
 }
 
 function diaspora_post($importer,$xml) {
@@ -370,7 +359,6 @@ function diaspora_post($importer,$xml) {
 		);
 	}
 
-
 	$created = unxmlify($xml->created_at);
 	$private = ((unxmlify($xml->public) == 'false') ? 1 : 0);
 
@@ -422,7 +410,6 @@ function diaspora_post($importer,$xml) {
 
 	return;
 
-
 }
 
 function diaspora_comment($importer,$xml) {
-- 
cgit v1.2.3


From 98cdf5d3153ce3b4b7bc1bd505851f4ed5c73406 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 16 Aug 2011 04:55:38 -0700
Subject: fix API time - wrong format string

---
 include/api.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'include')

diff --git a/include/api.php b/include/api.php
index cf7d0304f..7a44cf023 100644
--- a/include/api.php
+++ b/include/api.php
@@ -12,7 +12,7 @@
 
 	function api_date($str){
 		//Wed May 23 06:01:13 +0000 2007
-		return datetime_convert('UTC', 'UTC', $str, "D M d h:i:s +0000 Y" );
+		return datetime_convert('UTC', 'UTC', $str, "D M d H:i:s +0000 Y" );
 	}
 	 
 	
-- 
cgit v1.2.3


From b28b468b2182493b958afecb388501fd66de230f Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 16 Aug 2011 20:05:02 -0700
Subject: cleanup

---
 include/network.php  | 32 +++++++++++++++++++++-----------
 include/notifier.php |  4 ++--
 include/oembed.php   |  3 ++-
 include/text.php     |  4 ++++
 4 files changed, 29 insertions(+), 14 deletions(-)

(limited to 'include')

diff --git a/include/network.php b/include/network.php
index ddfc34977..9871b9edc 100644
--- a/include/network.php
+++ b/include/network.php
@@ -5,7 +5,7 @@
 // results. 
 
 if(! function_exists('fetch_url')) {
-function fetch_url($url,$binary = false, &$redirects = 0) {
+function fetch_url($url,$binary = false, &$redirects = 0, $timeout = 0) {
 
 	$a = get_app();
 
@@ -17,9 +17,13 @@ function fetch_url($url,$binary = false, &$redirects = 0) {
 	curl_setopt($ch, CURLOPT_RETURNTRANSFER,true);
 	curl_setopt($ch, CURLOPT_USERAGENT, "Friendika");
 
-	$curl_time = intval(get_config('system','curl_timeout'));
-	curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60));
-
+	if(intval($timeout)) {
+		curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
+	}
+	else {
+		$curl_time = intval(get_config('system','curl_timeout'));
+		curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60));
+	}
 	// by default we will allow self-signed certs
 	// but you can override this
 
@@ -66,7 +70,7 @@ function fetch_url($url,$binary = false, &$redirects = 0) {
         $url_parsed = @parse_url($url);
         if (isset($url_parsed)) {
             $redirects++;
-            return fetch_url($url,$binary,$redirects);
+            return fetch_url($url,$binary,$redirects,$timeout);
         }
     }
 
@@ -83,7 +87,7 @@ function fetch_url($url,$binary = false, &$redirects = 0) {
 // post request to $url. $params is an array of post variables.
 
 if(! function_exists('post_url')) {
-function post_url($url,$params, $headers = null, &$redirects = 0) {
+function post_url($url,$params, $headers = null, &$redirects = 0, $timeout = 0) {
 	$a = get_app();
 	$ch = curl_init($url);
 	if(($redirects > 8) || (! $ch)) 
@@ -95,8 +99,13 @@ function post_url($url,$params, $headers = null, &$redirects = 0) {
 	curl_setopt($ch, CURLOPT_POSTFIELDS,$params);
 	curl_setopt($ch, CURLOPT_USERAGENT, "Friendika");
 
-	$curl_time = intval(get_config('system','curl_timeout'));
-	curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60));
+	if(intval($timeout)) {
+		curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
+	}
+	else {
+		$curl_time = intval(get_config('system','curl_timeout'));
+		curl_setopt($ch, CURLOPT_TIMEOUT, (($curl_time !== false) ? $curl_time : 60));
+	}
 
 	if(defined('LIGHTTPD')) {
 		if(!is_array($headers)) {
@@ -150,7 +159,7 @@ function post_url($url,$params, $headers = null, &$redirects = 0) {
         $url_parsed = @parse_url($url);
         if (isset($url_parsed)) {
             $redirects++;
-            return post_url($url,$binary,$headers,$redirects);
+            return post_url($url,$params,$headers,$redirects,$timeout);
         }
     }
 	$a->set_curl_code($http_code);
@@ -497,8 +506,9 @@ function fetch_lrdd_template($host) {
 if(! function_exists('fetch_xrd_links')) {
 function fetch_xrd_links($url) {
 
-
-	$xml = fetch_url($url);
+	$xrd_timeout = intval(get_config('system','xrd_timeout'));
+	$redirects = 0;
+	$xml = fetch_url($url,false,$redirects,(($xrd_timeout) ? $xrd_timeout : 30));
 
 	logger('fetch_xrd_links: ' . $xml, LOGGER_DATA);
 
diff --git a/include/notifier.php b/include/notifier.php
index 332cd19e3..b8aa07dc7 100644
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -557,7 +557,7 @@ function notifier_run($argv, $argc){
 		 *
 		 */
 
-		$max_allowed = ((get_config('system','maxpubdeliver') === false) ? 150 : intval(get_config('system','maxpubdeliver')));
+		$max_allowed = ((get_config('system','maxpubdeliver') === false) ? 999 : intval(get_config('system','maxpubdeliver')));
 				
 		/**
 		 *
@@ -567,7 +567,7 @@ function notifier_run($argv, $argc){
 		 */
 
 		$r = q("SELECT `id`, `name` FROM `contact` 
-			WHERE `network` = 'dfrn' AND `uid` = %d AND `blocked` = 0 AND `pending` = 0
+			WHERE `network` = NETWORK_DFRN AND `uid` = %d AND `blocked` = 0 AND `pending` = 0
 			AND `rel` != %d ",
 			intval($owner['uid']),
 			intval(CONTACT_IS_SHARING)
diff --git a/include/oembed.php b/include/oembed.php
index b325a766e..06f71a3b3 100644
--- a/include/oembed.php
+++ b/include/oembed.php
@@ -17,7 +17,8 @@ function oembed_fetch_url($embedurl){
 		$txt = "";
 		
 		// try oembed autodiscovery
-		$html_text = fetch_url($embedurl);
+		$redirects = 0;
+		$html_text = fetch_url($embedurl, false, $redirects, 15);
 		if(! $html_text)
 			return;
 		$dom = @DOMDocument::loadHTML($html_text);
diff --git a/include/text.php b/include/text.php
index aeb20bb0f..803bf0e51 100644
--- a/include/text.php
+++ b/include/text.php
@@ -948,3 +948,7 @@ function base64url_decode($s) {
 
 	return base64_decode(strtr($s,'-_','+/'));
 }
+
+function cc_license() {
+return '
    ' . t('Shared content is covered by the Creative Commons Attribution 3.0 license.') . '
    ';
+}
-- 
cgit v1.2.3


From fafcab70e1e56327ef39f22ccd915f41b75b81f2 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 16 Aug 2011 20:43:34 -0700
Subject: fill in framework for d* outgoing

---
 include/network.php  |  6 ++++--
 include/notifier.php | 36 ++++++++++++++++++++++++++++--------
 2 files changed, 32 insertions(+), 10 deletions(-)

(limited to 'include')

diff --git a/include/network.php b/include/network.php
index 9871b9edc..bbf1d6a63 100644
--- a/include/network.php
+++ b/include/network.php
@@ -536,8 +536,10 @@ function fetch_xrd_links($url) {
 			$aliases = array($alias);
 		else
 			$aliases = $alias;
-		foreach($aliases as $alias) {
-			$links[]['@attributes'] = array('rel' => 'alias' , 'href' => $alias);
+		if(count($aliases)) {
+			foreach($aliases as $alias) {
+				$links[]['@attributes'] = array('rel' => 'alias' , 'href' => $alias);
+			}
 		}
 	}
 
diff --git a/include/notifier.php b/include/notifier.php
index b8aa07dc7..15fb38534 100644
--- a/include/notifier.php
+++ b/include/notifier.php
@@ -50,8 +50,10 @@ function notifier_run($argv, $argc){
 	$recipients = array();
 	$url_recipients = array();
 
-	if($cmd === 'mail') {
+	$normal_mode = true;
 
+	if($cmd === 'mail') {
+		$normal_mode = false;
 		$message = q("SELECT * FROM `mail` WHERE `id` = %d LIMIT 1",
 				intval($item_id)
 		);
@@ -64,6 +66,7 @@ function notifier_run($argv, $argc){
 
 	}
 	elseif($cmd === 'expire') {
+		$normal_mode = false;
 		$expire = true;
 		$items = q("SELECT * FROM `item` WHERE `uid` = %d AND `wall` = 1 
 			AND `deleted` = 1 AND `changed` > UTC_TIMESTAMP - INTERVAL 10 MINUTE",
@@ -75,6 +78,7 @@ function notifier_run($argv, $argc){
 			return;
 	}
 	elseif($cmd === 'suggest') {
+		$normal_mode = false;
 		$suggest = q("SELECT * FROM `fsuggest` WHERE `id` = %d LIMIT 1",
 			intval($item_id)
 		);
@@ -95,7 +99,7 @@ function notifier_run($argv, $argc){
 			return;
 		}
 
-		$parent_item = $r[0];
+		$target_item = $r[0];
 		$parent_id = intval($r[0]['parent']);
 		$uid = $r[0]['uid'];
 		$updated = $r[0]['edited'];
@@ -317,9 +321,9 @@ function notifier_run($argv, $argc){
 	$mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
 
 	if(! $mail_disabled) {
-		if((! strlen($parent_item['allow_cid'])) && (! strlen($parent_item['allow_gid'])) 
-			&& (! strlen($parent_item['deny_cid'])) && (! strlen($parent_item['deny_gid'])) 
-			&& (intval($parent_item['pubmail']))) {
+		if((! strlen($target_item['allow_cid'])) && (! strlen($target_item['allow_gid'])) 
+			&& (! strlen($target_item['deny_cid'])) && (! strlen($target_item['deny_gid'])) 
+			&& (intval($target_item['pubmail']))) {
 			$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `network` = '%s'",
 				intval($uid),
 				dbesc(NETWORK_MAIL)
@@ -498,10 +502,26 @@ function notifier_run($argv, $argc){
 					}
 					break;
 				case NETWORK_DIASPORA:
-					if(get_config('system','dfrn_only') || (! get_config('diaspora_enabled')))
+					if(get_config('system','dfrn_only') || (! get_config('diaspora_enabled')) || (! $normal_mode))
+						break;
+
+					if($target_item['deleted']) {
+						// diaspora delete, (check for like)
+
+						break;
+					}
+					elseif($followup) {
+						// send to owner to relay
+
+						break;
+					}
+					elseif($target_item['parent'] != $target_item['id']) {
+						// we are the relay
+
 						break;
-					if($top_level) {
-						diaspora_send_status($parent_item,$owner,$contact);
+					}		
+					elseif($top_level) {
+						diaspora_send_status($target_item,$owner,$contact);
 						break;
 					}
 
-- 
cgit v1.2.3


From 673e114bbd6666ffe9350613284e813a38c5f0d7 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 16 Aug 2011 22:31:14 -0700
Subject: D* like and start of relay code

---
 include/diaspora.php | 146 +++++++++++++++++++++++++++++++++------------------
 1 file changed, 94 insertions(+), 52 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index 69d2dff19..0764dfa4a 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -223,6 +223,7 @@ function diaspora_decode($importer,$xml) {
 	logger('mod-diaspora: Fetching key for ' . $author_link );
 
 	// Get diaspora public key (pkcs#1) and convert to pkcs#8
+
  	$key = get_diaspora_key($author_link);
 
 	if(! $key) {
@@ -239,7 +240,7 @@ function diaspora_decode($importer,$xml) {
 
 	logger('mod-diaspora: Message verified.');
 
-	return $inner_decrypted;
+	return array('message' => $inner_decrypted, 'author' => $author_link, 'key' => $key);
 
 }
 
@@ -412,7 +413,7 @@ function diaspora_post($importer,$xml) {
 
 }
 
-function diaspora_comment($importer,$xml) {
+function diaspora_comment($importer,$xml,$msg) {
 	$guid = notags(unxmlify($xml->guid));
 	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
 
@@ -430,12 +431,11 @@ function diaspora_comment($importer,$xml) {
 
 
 	$message_id = $diaspora_handle . ':' . $guid;
-	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `guid` = '%s' LIMIT 1",
+	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
 		intval($importer['uid']),
-		dbesc($message_id),
 		dbesc($guid)
 	);
-	if(count($r))
+	if(! count($r))
 		return;
 
 	$owner = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
@@ -449,13 +449,21 @@ function diaspora_comment($importer,$xml) {
 
 }
 
-function diaspora_like($importer,$xml) {
+function diaspora_like($importer,$xml,$msg) {
 
 	$guid = notags(unxmlify($xml->guid));
+	$parent_guid = notags(unxmlify($xml->parent_guid));
 	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+	$target_type = notags(unxmlify($xml->target_type));
+	$positive = notags(unxmlify($xml->positive));
 
+	$parent_author_signature = (($xml->parent_author_signature) ? notags(unxmlify($xml->parent_author_signature)) : '');
 
-	$contact = diaspora_get_contact_by_handle($importer['uid'],$diaspora_handle);
+	// likes on comments not supported here
+	if($target_type !== 'Post')
+		return;
+
+	$contact = diaspora_get_contact_by_handle($importer['uid'],$msg->author);
 	if(! $contact)
 		return;
 
@@ -465,95 +473,129 @@ function diaspora_like($importer,$xml) {
 		// NOTREACHED
 	}
 
-
-	$message_id = $diaspora_handle . ':' . $guid;
-	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' AND `guid` = '%s' LIMIT 1",
+	$r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
 		intval($importer['uid']),
-		dbesc($message_id),
-		dbesc($guid)
+		dbesc($parent_guid)
 	);
-	if(count($r))
+	if(! count($r)) {
+		logger('diaspora_like: parent item not found: ' . $guid);
 		return;
+	}
 
-	$owner = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
-		intval($importer['uid'])
+	$parent_item = $r[0];
+
+	$r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '$s' LIMIT 1",
+		intval($importer['uid']),
+		dbesc($guid)
 	);
-	if(! count($owner))
+	if(count($r)) {
+		if($positive === 'true') {
+			logger('diaspora_like: duplicate like: ' . $guid);
+			return;
+		} 
+		if($positive === 'false') {
+			q("UPDATE `item` SET `deleted` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1",
+				intval($r[0]['id']),
+				intval($importer['uid'])
+			);
+			// FIXME
+			//  send notification via proc_run()
+			return;
+		}
+	}
+	if($positive === 'false') {
+		logger('diaspora_like: unlike received with no corresponding like');
+		return;	
+	}
+
+	$author_signed_data = $guid . ';' . $parent_guid . ';' . $target_type . ';' . $positive . ';' . $diaspora_handle;
+
+	$author_signature = base64_decode($author_signature);
+
+	if(stricmp($diaspora_handle,$msg['author']) == 0)
+		$key = $msg['key'];
+	else
+		$key = get_diaspora_key($diaspora_handle);
+
+	if(! rsa_verify($author_signed_data,$author_signature,$key)) {
+		logger('diaspora_like: verification failed.');
 		return;
+	}
 
-	$created = unxmlify($xml->created_at);
-	$private = ((unxmlify($xml->public) == 'false') ? 1 : 0);
+	if($parent_author_signature) {
+		$owner_signed_data = $guid . ';' . $parent_guid . ';' . $target_type . ';' . $positive . ';' . $msg['author'];
 
-	$uri = item_new_uri($a->get_hostname(),$owner_uid);
+		$parent_author_signature = base64_decode($parent_author_signature);
 
-	$post_type = (($item['resource-id']) ? t('photo') : t('status'));
-	$objtype = (($item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); 
-	$link = xmlify('' . "\n") ;
-	$body = $item['body'];
+		$key = $msg['key'];
+
+		if(! rsa_verify($owner_signed_data,$parent_author_signature,$key)) {
+			logger('diaspora_like: owner verification failed.');
+			return;
+		}
+	}
+
+	// Phew! Everything checks out. Now create an item.
+
+	$uri = $diaspora_handle . ':' . $guid;
+
+	$post_type = (($parent_item['resource-id']) ? t('photo') : t('status'));
+	$objtype = (($parent_item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); 
+	$link = xmlify('' . "\n") ;
+	$body = $parent_item['body'];
 
 	$obj = <<< EOT
 
 	
 		$objtype
 		1
-		{$item['uri']}
+		{$parent_item['uri']}
 		$link
 		
 		$body
 	
 EOT;
-	if($verb === 'like')
-		$bodyverb = t('%1$s likes %2$s\'s %3$s');
-	if($verb === 'dislike')
-		$bodyverb = t('%1$s doesn\'t like %2$s\'s %3$s');
-
-	if(! isset($bodyverb))
-			return; 
+	$bodyverb = t('%1$s likes %2$s\'s %3$s');
 
 	$arr = array();
 
 	$arr['uri'] = $uri;
-	$arr['uid'] = $owner_uid;
+	$arr['uid'] = $importer['uid'];
 	$arr['contact-id'] = $contact['id'];
 	$arr['type'] = 'activity';
-	$arr['wall'] = 1;
+	$arr['wall'] = $parent_item['wall'];
 	$arr['gravity'] = GRAVITY_LIKE;
-	$arr['parent'] = $item['id'];
-	$arr['parent-uri'] = $item['uri'];
-	$arr['owner-name'] = $owner['name'];
-	$arr['owner-link'] = $owner['url'];
-	$arr['owner-avatar'] = $owner['thumb'];
+	$arr['parent'] = $parent_item['id'];
+	$arr['parent-uri'] = $parent_item['uri'];
+
+//	$arr['owner-name'] = $owner['name']; // FIXME
+//	$arr['owner-link'] = $owner['url'];
+//	$arr['owner-avatar'] = $owner['thumb'];
+
 	$arr['author-name'] = $contact['name'];
 	$arr['author-link'] = $contact['url'];
 	$arr['author-avatar'] = $contact['thumb'];
 	
 	$ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
-	$alink = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
-	$plink = '[url=' . $a->get_baseurl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . ']' . $post_type . '[/url]';
+	$alink = '[url=' . $parent_item['author-link'] . ']' . $parent_item['author-name'] . '[/url]';
+	$plink = '[url=' . $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $parent_item['id'] . ']' . $post_type . '[/url]';
 	$arr['body'] =  sprintf( $bodyverb, $ulink, $alink, $plink );
 
 	$arr['verb'] = $activity;
 	$arr['object-type'] = $objtype;
 	$arr['object'] = $obj;
-	$arr['allow_cid'] = $item['allow_cid'];
-	$arr['allow_gid'] = $item['allow_gid'];
-	$arr['deny_cid'] = $item['deny_cid'];
-	$arr['deny_gid'] = $item['deny_gid'];
+	$arr['allow_cid'] = $parent_item['allow_cid'];
+	$arr['allow_gid'] = $parent_item['allow_gid'];
+	$arr['deny_cid'] = $parent_item['deny_cid'];
+	$arr['deny_gid'] = $parent_item['deny_gid'];
 	$arr['visible'] = 1;
 	$arr['unseen'] = 1;
 	$arr['last-child'] = 0;
 
 	$post_id = item_store($arr);	
 
-	if(! $item['visible']) {
-		$r = q("UPDATE `item` SET `visible` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1",
-			intval($item['id']),
-			intval($owner_uid)
-		);
-	}			
-
-	$arr['id'] = $post_id;
 
+	// FIXME send notification
 
 
 }
-- 
cgit v1.2.3


From db03b1ab173d61b1ee75271dac1e48f3475ad42c Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Wed, 17 Aug 2011 04:24:26 -0700
Subject: diaspora continued...

---
 include/diaspora.php | 204 +++++++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 174 insertions(+), 30 deletions(-)

(limited to 'include')

diff --git a/include/diaspora.php b/include/diaspora.php
index 0764dfa4a..e089e3f04 100644
--- a/include/diaspora.php
+++ b/include/diaspora.php
@@ -114,15 +114,29 @@ EOT;
 
 }
 
-
-function diaspora_decode($importer,$xml) {
+/**
+ *
+ * diaspora_decode($importer,$xml)
+ *   array $importer -> from user table
+ *   string $xml -> urldecoded Diaspora salmon 
+ *
+ * Returns array
+ * 'message' -> decoded Diaspora XML message
+ * 'author' -> author diaspora handle
+ * 'key' -> author public key (converted to pkcs#8)
+ *
+ * Author and key are used elsewhere to save a lookup for verifying replies and likes
+ */
 
 
+function diaspora_decode($importer,$xml) {
 
 	$basedom = parse_xml_string($xml);
 
 	$atom = $basedom->children(NAMESPACE_ATOM1);
 
+	// Diaspora devs: This is kind of sucky - 'encrypted_header' does not belong in the atom namespace
+
 	$encrypted_header = json_decode(base64_decode($atom->encrypted_header));
 	
 	$encrypted_aes_key_bundle = base64_decode($encrypted_header->aes_key);
@@ -185,7 +199,14 @@ function diaspora_decode($importer,$xml) {
 
 	// strip whitespace so our data element will return to one big base64 blob
 	$data = str_replace(array(" ","\t","\r","\n"),array("","","",""),$base->data);
+
 	// Add back the 60 char linefeeds
+
+	// Diaspora devs: This completely violates the entire principle of salmon magic signatures,
+	// which was to have a message signing format that was completely ambivalent to linefeeds 
+	// and transport whitespace mangling, and base64 wrapping rules. Guess what? PHP and Ruby 
+	// use different linelengths for base64 output. 
+
     $lines = str_split($data,60);
     $data = implode("\n",$lines);
 
@@ -197,6 +218,8 @@ function diaspora_decode($importer,$xml) {
 	$encoding = $base->encoding;
 	$alg = $base->alg;
 
+	// Diaspora devs: I can't even begin to tell you how sucky this is. Read the freaking spec.
+
 	$signed_data = $data  . (($data[-1] != "\n") ? "\n" : '') . '.' . base64url_encode($type) . "\n" . '.' . base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n";
 
 
@@ -255,6 +278,20 @@ function diaspora_get_contact_by_handle($uid,$handle) {
 	return false;
 }
 
+function find_person_by_handle($handle) {
+		// we don't care about the uid, we just want to save an expensive webfinger probe
+		$r = q("select * from contact where network = '%s' and addr = '%s' LIMIT 1",
+			dbesc(NETWORK_DIASPORA),
+			dbesc($handle)
+		);
+		if(count($r))
+			return $r[0];
+		$r = probe_url($handle);
+		// need to cached this, perhaps in fcontact
+		if(count($r))
+			return ($r);
+		return false;
+}
 
 function diaspora_request($importer,$xml) {
 
@@ -266,7 +303,12 @@ function diaspora_request($importer,$xml) {
 	 
 	$contact = diaspora_get_contact_by_handle($importer['uid'],$sender_handle);
 
+
 	if($contact) {
+
+		// perhaps we were already sharing with this person. Now they're sharing with us.
+		// That makes us friends.
+
 		if($contact['rel'] == CONTACT_IS_FOLLOWER) {
 			q("UPDATE `contact` SET `rel` = %d WHERE `id` = %d AND `uid` = %d LIMIT 1",
 				intval(CONTACT_IS_FRIEND),
@@ -414,11 +456,19 @@ function diaspora_post($importer,$xml) {
 }
 
 function diaspora_comment($importer,$xml,$msg) {
+
 	$guid = notags(unxmlify($xml->guid));
+	$parent_guid = notags(unxmlify($xml->parent_guid));
 	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
+	$target_type = notags(unxmlify($xml->target_type));
+	$text = unxmlify($xml->text);
+	$author_signature = notags(unxmlify($xml->author_signature));
 
+	$parent_author_signature = (($xml->parent_author_signature) ? notags(unxmlify($xml->parent_author_signature)) : '');
 
-	$contact = diaspora_get_contact_by_handle($importer['uid'],$diaspora_handle);
+	$text = $xml->text;
+
+	$contact = diaspora_get_contact_by_handle($importer['uid'],$msg['author']);
 	if(! $contact)
 		return;
 
@@ -428,24 +478,109 @@ function diaspora_comment($importer,$xml,$msg) {
 		// NOTREACHED
 	}
 
-
-
-	$message_id = $diaspora_handle . ':' . $guid;
-	$r = q("SELECT `id` FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
+	$r = q("SELECT * FROM `item` WHERE `uid` = %d AND `guid` = '%s' LIMIT 1",
 		intval($importer['uid']),
-		dbesc($guid)
+		dbesc($parent_guid)
 	);
-	if(! count($r))
+	if(! count($r)) {
+		logger('diaspora_comment: parent item not found: ' . $guid);
 		return;
+	}
+	$parent_item = $r[0];
 
-	$owner = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
-		intval($importer['uid'])
-	);
-	if(! count($owner))
+	$author_signed_data = $guid . ';' . $parent_guid . ';' . $text . ';' . $diaspora_handle;
+
+	$author_signature = base64_decode($author_signature);
+
+	if(stricmp($diaspora_handle,$msg['author']) == 0) {
+		$person = $contact;
+		$key = $msg['key'];
+	}
+	else {
+		$person = find_person_by_handle($diaspora_handle);	
+
+		if(is_array($person) && x($person,'pubkey'))
+			$key = $person['pubkey'];
+		else {
+			logger('diaspora_comment: unable to find author details');
+			return;
+		}
+	}
+
+	if(! rsa_verify($author_signed_data,$author_signature,$key)) {
+		logger('diaspora_comment: verification failed.');
 		return;
+	}
 
-	$created = unxmlify($xml->created_at);
-	$private = ((unxmlify($xml->public) == 'false') ? 1 : 0);
+	if($parent_author_signature) {
+		$owner_signed_data = $guid . ';' . $parent_guid . ';' . $text . ';' . $msg['author'];
+
+		$parent_author_signature = base64_decode($parent_author_signature);
+
+		$key = $msg['key'];
+
+		if(! rsa_verify($owner_signed_data,$parent_author_signature,$key)) {
+			logger('diaspora_comment: owner verification failed.');
+			return;
+		}
+	}
+
+	// Phew! Everything checks out. Now create an item.
+
+	require_once('library/HTMLPurifier.auto.php');
+	require_once('include/html2bbcode.php');
+
+	$body = $text;
+
+	$maxlen = get_max_import_size();
+	if($maxlen && (strlen($body) > $maxlen))
+		$body = substr($body,0, $maxlen);
+
+	if((strpos($body,'<') !== false) || (strpos($body,'>') !== false)) {
+
+		$body = preg_replace('#]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?#s',
+			'[youtube]$1[/youtube]', $body);
+
+		$body = preg_replace('#].+?' . 'http://www.youtube.com/embed/([A-Za-z0-9\-_=]+).+?#s',
+			'[youtube]$1[/youtube]', $body);
+
+		$body = oembed_html2bbcode($body);
+
+		$config = HTMLPurifier_Config::createDefault();
+		$config->set('Cache.DefinitionImpl', null);
+		$purifier = new HTMLPurifier($config);
+		$body = $purifier->purify($body);
+
+		$body = html2bbcode($body);
+	}
+
+	$message_id = $diaspora_handle . ':' . $guid;
+
+	$datarray = array();
+	$datarray['uid'] = $importer['uid'];
+	$datarray['contact-id'] = $contact['id'];
+	$datarray['wall'] = $parent_item['wall'];
+	$datarray['gravity'] = GRAVITY_COMMENT;
+	$datarray['guid'] = $guid;
+	$datarray['uri'] = $message_id;
+	$datarray['parent-uri'] = $parent_item['uri'];
+
+	// No timestamps for comments? OK, we'll the use current time.
+	$datarray['created'] = $datarray['edited'] = datetime_convert();
+	$datarray['private'] = $parent_item['private'];
+
+	$datarray['owner-name'] = $contact['name'];
+	$datarray['owner-link'] = $contact['url'];
+	$datarray['owner-avatar'] = $contact['thumb'];
+
+	$datarray['author-name'] = $person['name'];
+	$datarray['author-link'] = $person['url'];
+	$datarray['author-avatar'] = ((x($person,'thumb')) ? $person['thumb'] : $person['photo']);
+	$datarray['body'] = $body;
+
+	item_store($datarray);
+
+	return;
 
 }
 
@@ -456,14 +591,16 @@ function diaspora_like($importer,$xml,$msg) {
 	$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
 	$target_type = notags(unxmlify($xml->target_type));
 	$positive = notags(unxmlify($xml->positive));
+	$author_signature = notags(unxmlify($xml->author_signature));
 
 	$parent_author_signature = (($xml->parent_author_signature) ? notags(unxmlify($xml->parent_author_signature)) : '');
 
-	// likes on comments not supported here
+	// likes on comments not supported here and likes on photos not supported by Diaspora
+
 	if($target_type !== 'Post')
 		return;
 
-	$contact = diaspora_get_contact_by_handle($importer['uid'],$msg->author);
+	$contact = diaspora_get_contact_by_handle($importer['uid'],$msg['author']);
 	if(! $contact)
 		return;
 
@@ -512,10 +649,19 @@ function diaspora_like($importer,$xml,$msg) {
 
 	$author_signature = base64_decode($author_signature);
 
-	if(stricmp($diaspora_handle,$msg['author']) == 0)
+	if(stricmp($diaspora_handle,$msg['author']) == 0) {
+		$person = $contact;
 		$key = $msg['key'];
-	else
-		$key = get_diaspora_key($diaspora_handle);
+	}
+	else {
+		$person = find_person_by_handle($diaspora_handle);	
+		if(is_array($person) && x($person,'pubkey'))
+			$key = $person['pubkey'];
+		else {
+			logger('diaspora_comment: unable to find author details');
+			return;
+		}
+	}
 
 	if(! rsa_verify($author_signed_data,$author_signature,$key)) {
 		logger('diaspora_like: verification failed.');
@@ -539,6 +685,7 @@ function diaspora_like($importer,$xml,$msg) {
 
 	$uri = $diaspora_handle . ':' . $guid;
 
+	$activity = ACTIVITY_LIKE;
 	$post_type = (($parent_item['resource-id']) ? t('photo') : t('status'));
 	$objtype = (($parent_item['resource-id']) ? ACTIVITY_OBJ_PHOTO : ACTIVITY_OBJ_NOTE ); 
 	$link = xmlify('' . "\n") ;
@@ -568,26 +715,23 @@ EOT;
 	$arr['parent'] = $parent_item['id'];
 	$arr['parent-uri'] = $parent_item['uri'];
 
-//	$arr['owner-name'] = $owner['name']; // FIXME
-//	$arr['owner-link'] = $owner['url'];
-//	$arr['owner-avatar'] = $owner['thumb'];
+	$datarray['owner-name'] = $contact['name'];
+	$datarray['owner-link'] = $contact['url'];
+	$datarray['owner-avatar'] = $contact['thumb'];
 
-	$arr['author-name'] = $contact['name'];
-	$arr['author-link'] = $contact['url'];
-	$arr['author-avatar'] = $contact['thumb'];
+	$datarray['author-name'] = $person['name'];
+	$datarray['author-link'] = $person['url'];
+	$datarray['author-avatar'] = ((x($person,'thumb')) ? $person['thumb'] : $person['photo']);
 	
 	$ulink = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
 	$alink = '[url=' . $parent_item['author-link'] . ']' . $parent_item['author-name'] . '[/url]';
 	$plink = '[url=' . $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $parent_item['id'] . ']' . $post_type . '[/url]';
 	$arr['body'] =  sprintf( $bodyverb, $ulink, $alink, $plink );
 
+	$arr['private'] = $parent_item['private'];
 	$arr['verb'] = $activity;
 	$arr['object-type'] = $objtype;
 	$arr['object'] = $obj;
-	$arr['allow_cid'] = $parent_item['allow_cid'];
-	$arr['allow_gid'] = $parent_item['allow_gid'];
-	$arr['deny_cid'] = $parent_item['deny_cid'];
-	$arr['deny_gid'] = $parent_item['deny_gid'];
 	$arr['visible'] = 1;
 	$arr['unseen'] = 1;
 	$arr['last-child'] = 0;
-- 
cgit v1.2.3