From fa7e803f73586ca056506a85dbb7b34f26498d2f Mon Sep 17 00:00:00 2001 From: Zach Prezkuta Date: Sat, 16 Jun 2012 21:41:23 -0600 Subject: fix check for parent of StatusNet API post --- mod/item.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod/item.php') diff --git a/mod/item.php b/mod/item.php index c1c0b14ec..54f9fc06a 100644 --- a/mod/item.php +++ b/mod/item.php @@ -108,7 +108,7 @@ function item_post(&$a) { } } - if($parent) logger('mod_post: parent=' . $parent); + if($parent) logger('mod_item: item_post parent=' . $parent); $profile_uid = ((x($_REQUEST,'profile_uid')) ? intval($_REQUEST['profile_uid']) : 0); $post_id = ((x($_REQUEST,'post_id')) ? intval($_REQUEST['post_id']) : 0); -- cgit v1.2.3 From 8bb7ab88fb8a1bfef198f6a2aff53a15e667aa59 Mon Sep 17 00:00:00 2001 From: Zach Prezkuta Date: Sat, 9 Jun 2012 18:39:21 -0600 Subject: Clean up the Diaspora connectivity: - Move Diaspora code into separate functions to make it more modular - Create more checks for whether Diaspora connectivity has been enabled --- mod/item.php | 58 ++++++++++++++++++++++++++++++++++++++++------------------ 1 file changed, 40 insertions(+), 18 deletions(-) (limited to 'mod/item.php') diff --git a/mod/item.php b/mod/item.php index 54f9fc06a..5c179bc7a 100644 --- a/mod/item.php +++ b/mod/item.php @@ -728,26 +728,13 @@ function item_post(&$a) { } - // We won't be able to sign Diaspora comments for authenticated visitors - we don't have their private key - - if($self) { - require_once('include/bb2diaspora.php'); - $signed_body = html_entity_decode(bb2diaspora($datarray['body'])); - $myaddr = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3); - if($datarray['verb'] === ACTIVITY_LIKE) - $signed_text = $datarray['guid'] . ';' . 'Post' . ';' . $parent_item['guid'] . ';' . 'true' . ';' . $myaddr; - else - $signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr; - $authorsig = base64_encode(rsa_sign($signed_text,$a->user['prvkey'],'sha256')); + // Store the comment signature information in case we need to relay to Diaspora + // May want to have this run for remote users too, in which case the function needs to be + // expanded + if($self) + store_diaspora_comment_sig($datarray, $a->user, $a->get_baseurl(), $parent_item, $post_id); - q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", - intval($post_id), - dbesc($signed_text), - dbesc(base64_encode($authorsig)), - dbesc($myaddr) - ); - } } else { $parent = $post_id; @@ -1038,3 +1025,38 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) { return array('replaced' => $replaced, 'contact' => $r[0]); } + + +function store_diaspora_comment_sig($datarray, $user, $baseurl, $parent_item, $post_id) { + // We won't be able to sign Diaspora comments for authenticated visitors - we don't have their private key + + // May want to have this run for remote users too, in which case the function needs to be + // expanded + + $enabled = intval(get_config('system','diaspora_enabled')); + if(! $enabled) { + return; + } + + + logger('mod_item: storing diaspora comment signature'); + + require_once('include/bb2diaspora.php'); + $signed_body = html_entity_decode(bb2diaspora($datarray['body'])); + $myaddr = $user['nickname'] . '@' . substr($baseurl, strpos($baseurl,'://') + 3); + if($datarray['verb'] === ACTIVITY_LIKE) + $signed_text = $datarray['guid'] . ';' . 'Post' . ';' . $parent_item['guid'] . ';' . 'true' . ';' . $myaddr; + else + $signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr; + + $authorsig = base64_encode(rsa_sign($signed_text,$user['prvkey'],'sha256')); + + q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", + intval($post_id), + dbesc($signed_text), + dbesc(base64_encode($authorsig)), + dbesc($myaddr) + ); + + return; +} -- cgit v1.2.3 From 5773241537b09aa411c48b4d67eefcebb1ea9c84 Mon Sep 17 00:00:00 2001 From: Zach Prezkuta Date: Tue, 12 Jun 2012 19:05:01 -0600 Subject: add some debug logging --- mod/item.php | 1 + 1 file changed, 1 insertion(+) (limited to 'mod/item.php') diff --git a/mod/item.php b/mod/item.php index 5c179bc7a..b8afe76d1 100644 --- a/mod/item.php +++ b/mod/item.php @@ -1035,6 +1035,7 @@ function store_diaspora_comment_sig($datarray, $user, $baseurl, $parent_item, $p $enabled = intval(get_config('system','diaspora_enabled')); if(! $enabled) { + logger('mod_item: diaspora support disabled, not storing comment signature', LOGGER_DEBUG); return; } -- cgit v1.2.3 From 9e8573507e311d139ac7c83dff496d85408d9b8d Mon Sep 17 00:00:00 2001 From: Zach Prezkuta Date: Sat, 23 Jun 2012 12:09:01 -0600 Subject: store signature info for remote users too --- mod/item.php | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) (limited to 'mod/item.php') diff --git a/mod/item.php b/mod/item.php index b8afe76d1..000f46644 100644 --- a/mod/item.php +++ b/mod/item.php @@ -730,10 +730,7 @@ function item_post(&$a) { // Store the comment signature information in case we need to relay to Diaspora - // May want to have this run for remote users too, in which case the function needs to be - // expanded - if($self) - store_diaspora_comment_sig($datarray, $a->user, $a->get_baseurl(), $parent_item, $post_id); + store_diaspora_comment_sig($datarray, $author, ($self ? $a->user['prvkey'] : false), $parent_item, $post_id); } else { @@ -1027,12 +1024,9 @@ function handle_tag($a, &$body, &$inform, &$str_tags, $profile_uid, $tag) { } -function store_diaspora_comment_sig($datarray, $user, $baseurl, $parent_item, $post_id) { +function store_diaspora_comment_sig($datarray, $author, $uprvkey, $parent_item, $post_id) { // We won't be able to sign Diaspora comments for authenticated visitors - we don't have their private key - // May want to have this run for remote users too, in which case the function needs to be - // expanded - $enabled = intval(get_config('system','diaspora_enabled')); if(! $enabled) { logger('mod_item: diaspora support disabled, not storing comment signature', LOGGER_DEBUG); @@ -1044,19 +1038,30 @@ function store_diaspora_comment_sig($datarray, $user, $baseurl, $parent_item, $p require_once('include/bb2diaspora.php'); $signed_body = html_entity_decode(bb2diaspora($datarray['body'])); - $myaddr = $user['nickname'] . '@' . substr($baseurl, strpos($baseurl,'://') + 3); - if($datarray['verb'] === ACTIVITY_LIKE) - $signed_text = $datarray['guid'] . ';' . 'Post' . ';' . $parent_item['guid'] . ';' . 'true' . ';' . $myaddr; - else - $signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $myaddr; - $authorsig = base64_encode(rsa_sign($signed_text,$user['prvkey'],'sha256')); +// $myaddr = $user['nickname'] . '@' . substr($baseurl, strpos($baseurl,'://') + 3); + if( $author['network'] === NETWORK_DIASPORA) + $diaspora_handle = $author['addr']; + else { + // Only works for NETWORK_DFRN + $contact_baseurl_start = strpos($author['url'],'://') + 3; + $contact_baseurl_length = strpos($author['url'],'/profile') - $contact_baseurl_start; + $contact_baseurl = substr($author['url'], $contact_baseurl_start, $contact_baseurl_length); + $diaspora_handle = $author['nick'] . '@' . $contact_baseurl; + } + + $signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $diaspora_handle; + + if( $uprvkey !== false ) + $authorsig = base64_encode(rsa_sign($signed_text,$uprvkey,'sha256')); + else + $authorsig = ''; q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($post_id), dbesc($signed_text), dbesc(base64_encode($authorsig)), - dbesc($myaddr) + dbesc($diaspora_handle) ); return; -- cgit v1.2.3 From 28526dbf2179619582bec5ab456b49f6ce3e8bd3 Mon Sep 17 00:00:00 2001 From: Zach Prezkuta Date: Sat, 23 Jun 2012 12:40:53 -0600 Subject: remove possibly unnecessary checks for likes or comments created by Diaspora users --- mod/item.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'mod/item.php') diff --git a/mod/item.php b/mod/item.php index 000f46644..aa022d37d 100644 --- a/mod/item.php +++ b/mod/item.php @@ -1040,15 +1040,15 @@ function store_diaspora_comment_sig($datarray, $author, $uprvkey, $parent_item, $signed_body = html_entity_decode(bb2diaspora($datarray['body'])); // $myaddr = $user['nickname'] . '@' . substr($baseurl, strpos($baseurl,'://') + 3); - if( $author['network'] === NETWORK_DIASPORA) - $diaspora_handle = $author['addr']; - else { - // Only works for NETWORK_DFRN - $contact_baseurl_start = strpos($author['url'],'://') + 3; - $contact_baseurl_length = strpos($author['url'],'/profile') - $contact_baseurl_start; - $contact_baseurl = substr($author['url'], $contact_baseurl_start, $contact_baseurl_length); - $diaspora_handle = $author['nick'] . '@' . $contact_baseurl; - } +// if( $author['network'] === NETWORK_DIASPORA) +// $diaspora_handle = $author['addr']; +// else { + // Only works for NETWORK_DFRN + $contact_baseurl_start = strpos($author['url'],'://') + 3; + $contact_baseurl_length = strpos($author['url'],'/profile') - $contact_baseurl_start; + $contact_baseurl = substr($author['url'], $contact_baseurl_start, $contact_baseurl_length); + $diaspora_handle = $author['nick'] . '@' . $contact_baseurl; +// } $signed_text = $datarray['guid'] . ';' . $parent_item['guid'] . ';' . $signed_body . ';' . $diaspora_handle; -- cgit v1.2.3 From a3edbf7e5d0d89e99c2249cf30657b1fbc57982a Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 28 Jun 2012 17:43:29 -0700 Subject: create third privacy state - public post but not searchable or publicly visible --- mod/item.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod/item.php') diff --git a/mod/item.php b/mod/item.php index aa022d37d..554e97fe4 100644 --- a/mod/item.php +++ b/mod/item.php @@ -228,7 +228,7 @@ function item_post(&$a) { || strlen($parent_item['allow_gid']) || strlen($parent_item['deny_cid']) || strlen($parent_item['deny_gid'])) { - $private = 1; + $private = (($parent_item['private']) ? $parent_item['private'] : 1); } $str_contact_allow = $parent_item['allow_cid']; -- cgit v1.2.3