From 454ff3c7f0a4729dbf9a9dd116325630a193f0fb Mon Sep 17 00:00:00 2001 From: Friendika Date: Mon, 25 Jul 2011 20:59:25 -0700 Subject: configurable format for date input selectors --- mod/events.php | 12 +++++++++--- mod/profiles.php | 5 ++++- 2 files changed, 13 insertions(+), 4 deletions(-) (limited to 'mod') diff --git a/mod/events.php b/mod/events.php index b0b54601f..27ca69830 100644 --- a/mod/events.php +++ b/mod/events.php @@ -297,6 +297,12 @@ function events_content(&$a) { $fhour = ((x($orig_event)) ? datetime_convert('UTC', $tz, $fdt, 'H') : 0); $fminute = ((x($orig_event)) ? datetime_convert('UTC', $tz, $fdt, 'i') : 0); + $f = get_config('system','event_input_format'); + if(! $f) + $f = 'ymd'; + + $dateformat = datesel_format($f); + $timeformat = t('hour:minute'); require_once('include/acl_selectors.php'); @@ -306,14 +312,14 @@ function events_content(&$a) { '$cid' => $cid, '$uri' => $uri, '$e_text' => t('Event details'), - '$e_desc' => t('Format is year-month-day hour:minute. Starting date and Description are required.'), + '$e_desc' => sprintf( t('Format is %s %s. Starting date and Description are required.'),$dateformat,$timeformat), '$s_text' => t('Event Starts:') . ' * ', - '$s_dsel' => datesel('start',$syear+5,$syear,false,$syear,$smonth,$sday), + '$s_dsel' => datesel($f,'start',$syear+5,$syear,false,$syear,$smonth,$sday), '$s_tsel' => timesel('start',$shour,$sminute), '$n_text' => t('Finish date/time is not known or not relevant'), '$n_checked' => $n_checked, '$f_text' => t('Event Finishes:'), - '$f_dsel' => datesel('finish',$fyear+5,$fyear,false,$fyear,$fmonth,$fday), + '$f_dsel' => datesel($f,'finish',$fyear+5,$fyear,false,$fyear,$fmonth,$fday), '$f_tsel' => timesel('finish',$fhour,$fminute), '$a_text' => t('Adjust for viewer timezone'), '$a_checked' => $a_checked, diff --git a/mod/profiles.php b/mod/profiles.php index 160ca13bc..64fab797f 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -361,6 +361,9 @@ function profiles_content(&$a) { $a->page['htmlhead'] .= replace_macros($tpl, array('$baseurl' => $a->get_baseurl())); $a->page['htmlhead'] .= ""; + $f = get_config('system','birthday_input_format'); + if(! $f) + $f = 'ymd'; $is_default = (($r[0]['is-default']) ? 1 : 0); $tpl = get_markup_template("profile_edit.tpl"); @@ -375,7 +378,7 @@ function profiles_content(&$a) { '$lbl_fullname' => t('Your Full Name:'), '$lbl_title' => t('Title/Description:'), '$lbl_gender' => t('Your Gender:'), - '$lbl_bd' => t("Birthday \x28y/m/d\x29:"), + '$lbl_bd' => sprintf( t("Birthday \x28%s\x29:"),datesel_format($f)), '$lbl_address' => t('Street Address:'), '$lbl_city' => t('Locality/City:'), '$lbl_zip' => t('Postal/Zip Code:'), -- cgit v1.2.3 From b721fabc3c1f6c01e4212e804f6ba6293c4983e1 Mon Sep 17 00:00:00 2001 From: Friendika Date: Wed, 27 Jul 2011 02:21:55 -0700 Subject: show lock icon on private events --- mod/dfrn_notify.php | 1 + 1 file changed, 1 insertion(+) (limited to 'mod') diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 0dc96f8a7..f284b8b38 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -704,6 +704,7 @@ function dfrn_notify_post(&$a) { $ev['uid'] = $importer['uid']; $ev['uri'] = $item_id; $ev['edited'] = $datarray['edited']; + $ev['private'] = $datarray['private']; $r = q("SELECT * FROM `event` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), -- cgit v1.2.3 From 822fea9d9d6ba55fca712c2067616421320e2e9f Mon Sep 17 00:00:00 2001 From: Friendika Date: Wed, 27 Jul 2011 21:48:02 -0700 Subject: installer text changes --- mod/install.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'mod') diff --git a/mod/install.php b/mod/install.php index 970ff6af8..27cc6af84 100644 --- a/mod/install.php +++ b/mod/install.php @@ -123,15 +123,15 @@ function install_content(&$a) { $o .= replace_macros($tpl, array( '$lbl_01' => t('Friendika Social Network'), '$lbl_02' => t('Installation'), - '$lbl_03' => t('In order to install Friendika we need to know how to contact your database.'), + '$lbl_03' => t('In order to install Friendika we need to know how to connect to your database.'), '$lbl_04' => t('Please contact your hosting provider or site administrator if you have questions about these settings.'), - '$lbl_05' => t('The database you specify below must already exist. If it does not, please create it before continuing.'), + '$lbl_05' => t('The database you specify below should already exist. If it does not, please create it before continuing.'), '$lbl_06' => t('Database Server Name'), '$lbl_07' => t('Database Login Name'), '$lbl_08' => t('Database Login Password'), '$lbl_09' => t('Database Name'), '$lbl_10' => t('Please select a default timezone for your website'), - '$lbl_11' => t('Site administrator email address. Your account email address will need match this.'), + '$lbl_11' => t('Site administrator email address. Your account email address must match this in order to use the web admin panel.'), '$baseurl' => $a->get_baseurl(), '$tzselect' => ((x($_POST,'timezone')) ? select_timezone($_POST['timezone']) : select_timezone()), '$submit' => t('Submit'), -- cgit v1.2.3 From c74f0f0cabc774b1dc1719b2ebc7409179d26ca4 Mon Sep 17 00:00:00 2001 From: Friendika Date: Thu, 28 Jul 2011 01:01:19 -0700 Subject: show full size photos for album view even when photo has been used as a profile photo --- mod/photos.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'mod') diff --git a/mod/photos.php b/mod/photos.php index 4a72bb680..2941fa32a 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -903,7 +903,7 @@ function photos_content(&$a) { $album = hex2bin($datum); $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' - $sql_extra GROUP BY `resource-id`", + AND `scale` < 4 $sql_extra GROUP BY `resource-id`", intval($owner_uid), dbesc($album) ); @@ -913,7 +913,7 @@ function photos_content(&$a) { } $r = q("SELECT `resource-id`, `id`, `filename`, max(`scale`) AS `scale`, `desc` FROM `photo` WHERE `uid` = %d AND `album` = '%s' - $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", + AND `scale` < 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", intval($owner_uid), dbesc($album), intval($a->pager['start']), -- cgit v1.2.3 From 04675e3ec3cd5951d651998489a1d04247f1026b Mon Sep 17 00:00:00 2001 From: Friendika Date: Thu, 28 Jul 2011 16:49:43 -0700 Subject: revup --- mod/photos.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'mod') diff --git a/mod/photos.php b/mod/photos.php index 2941fa32a..cb13b7603 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -903,7 +903,7 @@ function photos_content(&$a) { $album = hex2bin($datum); $r = q("SELECT `resource-id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' - AND `scale` < 4 $sql_extra GROUP BY `resource-id`", + AND `scale` <= 4 $sql_extra GROUP BY `resource-id`", intval($owner_uid), dbesc($album) ); @@ -913,7 +913,7 @@ function photos_content(&$a) { } $r = q("SELECT `resource-id`, `id`, `filename`, max(`scale`) AS `scale`, `desc` FROM `photo` WHERE `uid` = %d AND `album` = '%s' - AND `scale` < 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", + AND `scale` <= 4 $sql_extra GROUP BY `resource-id` ORDER BY `created` DESC LIMIT %d , %d", intval($owner_uid), dbesc($album), intval($a->pager['start']), -- cgit v1.2.3 From 9b2ddb2cc28de56f3f4cbbd1d5ff77da72a01e73 Mon Sep 17 00:00:00 2001 From: Friendika Date: Thu, 28 Jul 2011 19:18:07 -0700 Subject: auto-friend profiles showing up in directory as community pages --- mod/profile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/profile.php b/mod/profile.php index f4b6bfaf1..71912458f 100644 --- a/mod/profile.php +++ b/mod/profile.php @@ -21,7 +21,7 @@ function profile_init(&$a) { profile_load($a,$which,$profile); - if((x($a->profile,'page-flags')) && ($a->profile['page-flags'] & PAGE_COMMUNITY)) { + if((x($a->profile,'page-flags')) && ($a->profile['page-flags'] == PAGE_COMMUNITY)) { $a->page['htmlhead'] .= ''; } if(x($a->profile,'openidserver')) -- cgit v1.2.3 From 0111a1231cfa90a2aee5b18fc4b8c3dde9f48b81 Mon Sep 17 00:00:00 2001 From: Fabio Comuni Date: Fri, 29 Jul 2011 17:14:35 +0200 Subject: re-add pending registrations in ping.php, for admin side menu --- mod/ping.php | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'mod') diff --git a/mod/ping.php b/mod/ping.php index 7c31f00c9..924f9ff76 100644 --- a/mod/ping.php +++ b/mod/ping.php @@ -31,11 +31,18 @@ function ping_init(&$a) { intval(local_user()), dbesc($myurl) ); - $mail = $r[0]['total']; + + if ($a->config['register_policy'] == REGISTER_APPROVE && is_site_admin()){ + $r = q("SELECT COUNT(*) AS `total` FROM `register`"); + $register = $r[0]['total']; + } else { + $register = "0"; + } + header("Content-type: text/xml"); - echo "\r\n$intro$mail$network$home\r\n"; + echo "\r\n$intro$mail$network$home$register\r\n"; killme(); } -- cgit v1.2.3 From a61ec584d60013f7845d0999deb550a2149f4e76 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sat, 30 Jul 2011 00:31:00 -0700 Subject: basic diaspora decryption --- mod/receive.php | 134 +++++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 103 insertions(+), 31 deletions(-) (limited to 'mod') diff --git a/mod/receive.php b/mod/receive.php index 6fb68e154..18f323f42 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -43,10 +43,68 @@ function receive_post(&$a) { if(! $xml) receive_return(500); - // parse the xml - $dom = simplexml_load_string($xml,'SimpleXMLElement',0,NAMESPACE_SALMON_ME); + $basedom = parse_xml_string($xml); + if($basedom) + logger('parsed dom'); + + $atom = $basedom->children(NAMESPACE_ATOM1); + + logger('atom: ' . count($atom)); + $encrypted_header = json_decode(base64_decode($atom->encrypted_header)); + + print_r($encrypted_header); + + $encrypted_aes_key_bundle = base64_decode($encrypted_header->aes_key); + $ciphertext = base64_decode($encrypted_header->ciphertext); + + logger('encrypted_aes: ' . print_r($encrypted_aes_key_bundle,true)); + logger('ciphertext: ' . print_r($ciphertext,true)); + + $outer_key_bundle = ''; + openssl_private_decrypt($encrypted_aes_key_bundle,$outer_key_bundle,$localprvkey); + + logger('outer_bundle: ' . print_r($outer_key_bundle,true)); + + $j_outer_key_bundle = json_decode($outer_key_bundle); + + $outer_iv = base64_decode($j_outer_key_bundle->iv); + $outer_key = base64_decode($j_outer_key_bundle->key); + + $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv); + + $decrypted = pkcs5_unpad($decrypted); + + logger('decrypted: ' . print_r($decrypted,true)); + + /** + * $decrypted now contains something like + * + * + * 8e+G2+ET8l5BPuW0sVTnQw== + * UvSMb4puPeB14STkcDWq+4QE302Edu15oaprAQSkLKU= + * + * Ryan Hughes + * acct:galaxor@diaspora.pirateship.org + * + * + */ + + $idom = parse_xml_string($decrypted,false); + + print_r($idom); + $inner_iv = base64_decode($idom->iv); + $inner_aes_key = base64_decode($idom->aes_key); + + logger('inner_iv: ' . $inner_iv); + + $dom = $basedom->children(NAMESPACE_SALMON_ME); + + if($dom) + logger('have dom'); + + logger('dom: ' . count($dom)); // figure out where in the DOM tree our data is hiding if($dom->provenance->data) @@ -58,12 +116,22 @@ function receive_post(&$a) { if(! $base) { logger('mod-diaspora: unable to locate salmon data in xml '); - receive_return(400); + dt_return(400); } + // Stash the signature away for now. We have to find their key or it won't be good for anything. $signature = base64url_decode($base->sig); + logger('signature: ' . bin2hex($signature)); + + openssl_public_encrypt('test',$rrr,$ryanpubkey); + logger('rrr: ' . $rrr); + + $pubdecsig = ''; + openssl_public_decrypt($signature,$pubdecsig,$ryanpubkey); + logger('decsig: ' . bin2hex($pubdecsig)); + // unpack the data // strip whitespace so our data element will return to one big base64 blob @@ -76,40 +144,28 @@ function receive_post(&$a) { $encoding = $base->encoding; $alg = $base->alg; - $signed_data = $data . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg); + $signed_data = $data . "\n" . '.' . base64url_encode($type) . "\n" . '.' . base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n"; + + logger('signed data: ' . $signed_data); // decode the data $data = base64url_decode($data); - // Remove the xml declaration - $data = preg_replace('/\<\?xml[^\?].*\?\>/','',$data); + // Now pull out the inner encrypted blob - // Create a fake feed wrapper so simplepie doesn't choke - $tpl = get_markup_template('fake_feed.tpl'); - - $base = substr($data,strpos($data,''; - logger('mod-diaspora: Processed feed: ' . $feedxml); + $inner_encrypted = base64_decode($data); + + $inner_decrypted = + $inner_decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $inner_encrypted, MCRYPT_MODE_CBC, $inner_iv); + + $inner_decrypted = pkcs5_unpad($inner_decrypted); + + logger('inner_decrypted: ' . $inner_decrypted); + - // Now parse it like a normal atom feed to scrape out the author URI - - $feed = new SimplePie(); - $feed->set_raw_data($feedxml); - $feed->enable_order_by_date(false); - $feed->init(); - - logger('mod-diaspora: Feed parsed.'); - - if($feed->get_item_quantity()) { - foreach($feed->get_items() as $item) { - $author = $item->get_author(); - $author_link = unxmlify($author->get_link()); - break; - } - } if(! $author_link) { logger('mod-diaspora: Could not retrieve author URI.'); @@ -117,17 +173,25 @@ function receive_post(&$a) { } // Once we have the author URI, go to the web and try to find their public key + // *** or look it up locally *** - logger('mod-salmon: Fetching key for ' . $author_link ); + logger('mod-diaspora: Fetching key for ' . $author_link ); +// Get diaspora public key (pkcs#1) and convert to pkcs#8 +// $key = get_diaspora_key($author_link); - $key = get_salmon_key($author_link,$keyhash); +// $key = get_salmon_key($author_link,$keyhash); if(! $key) { logger('mod-salmon: Could not retrieve author key.'); receive_return(400); } +// FIXME +// Use non salmon compliant signature + +/* + // Setup RSA stuff to verify the signature set_include_path(get_include_path() . PATH_SEPARATOR . 'library' . PATH_SEPARATOR . 'phpsec'); @@ -155,6 +219,7 @@ function receive_post(&$a) { logger('mod-diaspora: Message did not verify. Discarding.'); receive_return(400); } +*/ logger('mod-diaspora: Message verified.'); @@ -204,7 +269,14 @@ function receive_post(&$a) { $contact_rec = ((count($r)) ? $r[0] : null); - consume_feed($feedxml,$importer,$contact_rec,$hub); + + + +// figure out what kind of diaspora message we have, and process accordingly. + + + + receive_return(200); } -- cgit v1.2.3 From 01703f3be6fae07d9fbb24f1b57b8c181cb59df9 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sat, 30 Jul 2011 00:51:59 -0700 Subject: get_diaspora_key() --- mod/receive.php | 40 +++++++++++++++++++++++++++++++--------- 1 file changed, 31 insertions(+), 9 deletions(-) (limited to 'mod') diff --git a/mod/receive.php b/mod/receive.php index 18f323f42..86d612dc9 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -6,7 +6,7 @@ require_once('include/salmon.php'); -require_once('library/simplepie/simplepie.inc'); +require_once('include/certfns.php'); function receive_return($val) { @@ -21,6 +21,30 @@ function receive_return($val) { } + +function get_diaspora_key($uri) { + $key = ''; + + logger('Fetching diaspora key for: ' . $uri); + + $arr = lrdd($uri); + + if(is_array($arr)) { + foreach($arr as $a) { + if($a['@attributes']['rel'] === 'diaspora-public-key') { + $key = base64_decode($a['@attributes']['href']); + } + } + } + else { + return ''; + } + + if($key) + return rsatopem($key); + return ''; +} + function receive_post(&$a) { if($a->argc != 3 || $a->argv[1] !== 'users') @@ -125,12 +149,12 @@ function receive_post(&$a) { logger('signature: ' . bin2hex($signature)); - openssl_public_encrypt('test',$rrr,$ryanpubkey); - logger('rrr: ' . $rrr); +// openssl_public_encrypt('test',$rrr,$rpubkey); +// logger('rrr: ' . $rrr); - $pubdecsig = ''; - openssl_public_decrypt($signature,$pubdecsig,$ryanpubkey); - logger('decsig: ' . bin2hex($pubdecsig)); +// $pubdecsig = ''; +// openssl_public_decrypt($signature,$pubdecsig,$rpubkey); +// logger('decsig: ' . bin2hex($pubdecsig)); // unpack the data @@ -178,9 +202,7 @@ function receive_post(&$a) { logger('mod-diaspora: Fetching key for ' . $author_link ); // Get diaspora public key (pkcs#1) and convert to pkcs#8 -// $key = get_diaspora_key($author_link); - -// $key = get_salmon_key($author_link,$keyhash); + $key = get_diaspora_key($author_link); if(! $key) { logger('mod-salmon: Could not retrieve author key.'); -- cgit v1.2.3 From 60caffcd7776043ee89e5939b81d7bd9d948cd4e Mon Sep 17 00:00:00 2001 From: Friendika Date: Sat, 30 Jul 2011 01:03:24 -0700 Subject: convert our native pkcs#8 to pkcs#1 for diaspora-public-key xrd field --- mod/xrd.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/xrd.php b/mod/xrd.php index accc2f68e..4889639f0 100644 --- a/mod/xrd.php +++ b/mod/xrd.php @@ -1,6 +1,7 @@ $a->get_baseurl(), '$dspr_guid' => $r[0]['guid'], - '$dspr_key' => base64_encode($r[0]['pubkey']) + '$dspr_key' => base64_encode(pemtorsa($r[0]['pubkey'])) )); } else -- cgit v1.2.3 From b0a9ec0a73183e48158a4e42db49943c56db9098 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 31 Jul 2011 17:52:36 -0700 Subject: better handling of api comments/replies --- mod/item.php | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) (limited to 'mod') diff --git a/mod/item.php b/mod/item.php index f6f665a18..c4b4351c1 100644 --- a/mod/item.php +++ b/mod/item.php @@ -34,21 +34,34 @@ function item_post(&$a) { call_hooks('post_local_start', $_POST); $parent = ((x($_POST,'parent')) ? intval($_POST['parent']) : 0); + $parent_uri = ((x($_POST,'parent_uri')) ? trim($_POST['parent_uri']) : ''); $parent_item = null; $parent_contact = null; + $r = false; - if($parent) { - $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", - intval($parent) - ); - if(! count($r)) { + if($parent || $parent_uri) { + if($parent) { + $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", + intval($parent) + ); + } + elseif($parent_uri && local_user()) { + // This is coming from an API source, we are logged in + $r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", + dbesc($parent_uri), + intval(local_user()) + ); + } + + if(($r === false) || (! count($r))) { notice( t('Unable to locate original post.') . EOL); if(x($_POST,'return')) goaway($a->get_baseurl() . "/" . $_POST['return'] ); killme(); } $parent_item = $r[0]; + $parent = $r[0]['id']; if($parent_item['contact-id'] && $uid) { $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($parent_item['contact-id']), @@ -59,6 +72,8 @@ function item_post(&$a) { } } + if($parent) logger('mod_post: parent=' . $parent); + $profile_uid = ((x($_POST,'profile_uid')) ? intval($_POST['profile_uid']) : 0); $post_id = ((x($_POST['post_id'])) ? intval($_POST['post_id']) : 0); $app = ((x($_POST['source'])) ? strip_tags($_POST['source']) : ''); -- cgit v1.2.3 From 996425206f86967a50923cf61e18776749a49e52 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 31 Jul 2011 20:01:00 -0700 Subject: api profiles --- mod/item.php | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) (limited to 'mod') diff --git a/mod/item.php b/mod/item.php index c4b4351c1..4b9f3d091 100644 --- a/mod/item.php +++ b/mod/item.php @@ -33,11 +33,18 @@ function item_post(&$a) { call_hooks('post_local_start', $_POST); + + /** + * Is this a reply to something? + */ + $parent = ((x($_POST,'parent')) ? intval($_POST['parent']) : 0); $parent_uri = ((x($_POST,'parent_uri')) ? trim($_POST['parent_uri']) : ''); $parent_item = null; $parent_contact = null; + $thr_parent = ''; + $parid = 0; $r = false; if($parent || $parent_uri) { @@ -47,11 +54,20 @@ function item_post(&$a) { ); } elseif($parent_uri && local_user()) { + $_POST['type'] = 'net-comment'; // This is coming from an API source, we are logged in + // This query will find the immediate parent $r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($parent_uri), intval(local_user()) ); + // now find the real parent of the conversation + if(count($r)) { + $parid = $r[0]['parent']; + $r = q("SELECT * FROM `item` WHERE `id` = `parent` AND `parent` = %d LIMIT 1", + intval($parid) + ); + } } if(($r === false) || (! count($r))) { @@ -62,6 +78,11 @@ function item_post(&$a) { } $parent_item = $r[0]; $parent = $r[0]['id']; + + // multi-level threading - preserve the info but re-parent to our single level threading + if(($parid) && ($parid != $parent)) + $thr_parent = $parent_uri; + if($parent_item['contact-id'] && $uid) { $r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($parent_item['contact-id']), @@ -195,6 +216,8 @@ function item_post(&$a) { $contact_record = $r[0]; } + + $post_type = notags(trim($_POST['type'])); if($post_type === 'net-comment') { @@ -458,6 +481,7 @@ function item_post(&$a) { $datarray['private'] = $private; $datarray['pubmail'] = $pubmail_enable; $datarray['attach'] = $attachments; + $datarray['thr-parent'] = $thr_parent; /** * These fields are for the convenience of plugins... @@ -495,9 +519,9 @@ function item_post(&$a) { $r = q("INSERT INTO `item` (`uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, - `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `received`, `changed`, `uri`, `title`, `body`, `app`, `location`, `coord`, + `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`, `tag`, `inform`, `verb`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach` ) - VALUES( %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s' )", + VALUES( %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s' )", intval($datarray['uid']), dbesc($datarray['type']), intval($datarray['wall']), @@ -514,6 +538,7 @@ function item_post(&$a) { dbesc($datarray['received']), dbesc($datarray['changed']), dbesc($datarray['uri']), + dbesc($datarray['thr-parent']), dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['app']), -- cgit v1.2.3 From 2637831d9056862f7c3db718702116ef4652629a Mon Sep 17 00:00:00 2001 From: Friendika Date: Mon, 1 Aug 2011 21:02:25 -0700 Subject: some more zot changes migrating back to f9a mainline --- mod/dfrn_confirm.php | 2 +- mod/dfrn_poll.php | 8 ++++---- mod/dfrn_request.php | 6 +++--- mod/friendika.php | 4 ++-- mod/lostpass.php | 8 ++++---- mod/notifications.php | 4 ++-- mod/openid.php | 10 +++++----- mod/redir.php | 4 ++-- mod/register.php | 6 +++--- mod/removeme.php | 2 +- 10 files changed, 27 insertions(+), 27 deletions(-) (limited to 'mod') diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index e2094b1f3..91333284b 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -672,7 +672,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { // somebody arrived here by mistake or they are fishing. Send them to the homepage. - goaway($a->get_baseurl()); + goaway(z_root()); // NOTREACHED } diff --git a/mod/dfrn_poll.php b/mod/dfrn_poll.php index 76803ef1b..09f198b81 100644 --- a/mod/dfrn_poll.php +++ b/mod/dfrn_poll.php @@ -61,7 +61,7 @@ function dfrn_poll_init(&$a) { $my_id = '0:' . $dfrn_id; break; default: - goaway($a->get_baseurl()); + goaway(z_root()); break; // NOTREACHED } @@ -100,7 +100,7 @@ function dfrn_poll_init(&$a) { $profile = $r[0]['nickname']; goaway((strlen($destination_url)) ? $destination_url : $a->get_baseurl() . '/profile/' . $profile); } - goaway($a->get_baseurl()); + goaway(z_root()); } @@ -297,7 +297,7 @@ function dfrn_poll_post(&$a) { $my_id = '0:' . $dfrn_id; break; default: - goaway($a->get_baseurl()); + goaway(z_root()); break; // NOTREACHED } @@ -420,7 +420,7 @@ function dfrn_poll_content(&$a) { $my_id = '0:' . $dfrn_id; break; default: - goaway($a->get_baseurl()); + goaway(z_root()); break; // NOTREACHED } diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index c9811fa60..6b9558b86 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -48,7 +48,7 @@ function dfrn_request_post(&$a) { if($_POST['cancel']) { - goaway($a->get_baseurl()); + goaway(z_root()); } @@ -190,7 +190,7 @@ function dfrn_request_post(&$a) { // invalid/bogus request notice( t('Unrecoverable protocol error.') . EOL ); - goaway($a->get_baseurl()); + goaway(z_root()); return; // NOTREACHED } @@ -602,7 +602,7 @@ function dfrn_request_content(&$a) { $myaddr = $a->get_baseurl() . '/profile/' . $a->user['nickname']; } else { - $myaddr = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3 ); + $myaddr = $a->user['nickname'] . '@' . substr(z_root(), strpos(z_root(),'://') + 3 ); } } elseif(x($_GET,'addr')) { diff --git a/mod/friendika.php b/mod/friendika.php index 753a9f478..d0e709c75 100644 --- a/mod/friendika.php +++ b/mod/friendika.php @@ -16,7 +16,7 @@ function friendika_init(&$a) { $data = Array( 'version' => FRIENDIKA_VERSION, - 'url' => $a->get_baseurl(), + 'url' => z_root(), 'plugins' => $a->plugins, 'register_policy' => $register_policy[$a->config['register_policy']], 'admin' => $admin, @@ -40,7 +40,7 @@ function friendika_content(&$a) { $o .= '

'; $o .= t('This is Friendika version') . ' ' . FRIENDIKA_VERSION . ' '; - $o .= t('running at web location') . ' ' . $a->get_baseurl() . '

'; + $o .= t('running at web location') . ' ' . z_root() . '

'; $o .= t('Shared content within the Friendika network is provided under the Creative Commons Attribution 3.0 license') . '

'; diff --git a/mod/lostpass.php b/mod/lostpass.php index 3453a0db4..b71398fa4 100644 --- a/mod/lostpass.php +++ b/mod/lostpass.php @@ -5,7 +5,7 @@ function lostpass_post(&$a) { $email = notags(trim($_POST['login-name'])); if(! $email) - goaway($a->get_baseurl()); + goaway(z_root()); $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) AND `verified` = 1 AND `blocked` = 0 LIMIT 1", dbesc($email), @@ -14,7 +14,7 @@ function lostpass_post(&$a) { if(! count($r)) { notice( t('No valid account found.') . EOL); - goaway($a->get_baseurl()); + goaway(z_root()); } $uid = $r[0]['uid']; @@ -46,7 +46,7 @@ function lostpass_post(&$a) { . 'Content-transfer-encoding: 8bit' ); - goaway($a->get_baseurl()); + goaway(z_root()); } @@ -62,7 +62,7 @@ function lostpass_content(&$a) { ); if(! count($r)) { notice( t("Request could not be verified. \x28You may have previously submitted it.\x29 Password reset failed.") . EOL); - goaway($a->get_baseurl()); + goaway(z_root()); return; } $uid = $r[0]['uid']; diff --git a/mod/notifications.php b/mod/notifications.php index c6f073058..244563adc 100644 --- a/mod/notifications.php +++ b/mod/notifications.php @@ -3,7 +3,7 @@ function notifications_post(&$a) { if(! local_user()) { - goaway($a->get_baseurl()); + goaway(z_root()); } $request_id = (($a->argc > 1) ? $a->argv[1] : 0); @@ -60,7 +60,7 @@ function notifications_content(&$a) { if(! local_user()) { notice( t('Permission denied.') . EOL); - goaway($a->get_baseurl()); + return; } $o = ''; diff --git a/mod/openid.php b/mod/openid.php index 537d84ce3..6fbd013b8 100644 --- a/mod/openid.php +++ b/mod/openid.php @@ -8,7 +8,7 @@ function openid_content(&$a) { $noid = get_config('system','no_openid'); if($noid) - goaway($a->get_baseurl()); + goaway(z_root()); if((x($_GET,'openid_mode')) && (x($_SESSION,'openid'))) { $openid = new LightOpenID; @@ -49,7 +49,7 @@ function openid_content(&$a) { if($a->config['register_policy'] != REGISTER_CLOSED) goaway($a->get_baseurl() . '/register' . $args); else - goaway($a->get_baseurl()); + goaway(z_root()); // NOTREACHED } @@ -60,7 +60,7 @@ function openid_content(&$a) { ); if(! count($r)) { notice( t('Login failed.') . EOL ); - goaway($a->get_baseurl()); + goaway(z_root()); } unset($_SESSION['openid']); @@ -116,10 +116,10 @@ function openid_content(&$a) { if(($a->module !== 'home') && isset($_SESSION['return_url'])) goaway($a->get_baseurl() . '/' . $_SESSION['return_url']); else - goaway($a->get_baseurl()); + goaway(z_root()); } } notice( t('Login failed.') . EOL); - goaway($a->get_baseurl()); + goaway(z_root()); // NOTREACHED } diff --git a/mod/redir.php b/mod/redir.php index 8d0c8f4b3..eb9702b04 100644 --- a/mod/redir.php +++ b/mod/redir.php @@ -3,7 +3,7 @@ function redir_init(&$a) { if((! local_user()) || (! ($a->argc == 2)) || (! intval($a->argv[1]))) - goaway($a->get_baseurl()); + goaway(z_root()); $cid = $a->argv[1]; $url = ((x($_GET,'url')) ? $_GET['url'] : ''); @@ -13,7 +13,7 @@ function redir_init(&$a) { ); if((! count($r)) || ($r[0]['network'] !== 'dfrn')) - goaway($a->get_baseurl()); + goaway(z_root()); $dfrn_id = $orig_id = (($r[0]['issued-id']) ? $r[0]['issued-id'] : $r[0]['dfrn-id']); diff --git a/mod/register.php b/mod/register.php index 0906395d2..a8d81f1f6 100644 --- a/mod/register.php +++ b/mod/register.php @@ -373,7 +373,7 @@ function register_post(&$a) { if($res) { info( t('Registration successful. Please check your email for further instructions.') . EOL ) ; - goaway($a->get_baseurl()); + goaway(z_root()); } else { notice( t('Failed to send email message. Here is the message that failed.') . $email_tpl . EOL ); @@ -382,7 +382,7 @@ function register_post(&$a) { elseif($a->config['register_policy'] == REGISTER_APPROVE) { if(! strlen($a->config['admin_email'])) { notice( t('Your registration can not be processed.') . EOL); - goaway($a->get_baseurl()); + goaway(z_root()); } $hash = random_string(); @@ -428,7 +428,7 @@ function register_post(&$a) { if($res) { info( t('Your registration is pending approval by the site owner.') . EOL ) ; - goaway($a->get_baseurl()); + goaway(z_root()); } } diff --git a/mod/removeme.php b/mod/removeme.php index 6a56963b6..c181ee6ea 100644 --- a/mod/removeme.php +++ b/mod/removeme.php @@ -29,7 +29,7 @@ function removeme_post(&$a) { function removeme_content(&$a) { if(! local_user()) - goaway($a->get_baseurl()); + goaway(z_root()); $hash = random_string(); -- cgit v1.2.3 From e22e823e93756fbfbb175f4f9f182aee64c1f5b1 Mon Sep 17 00:00:00 2001 From: Friendika Date: Tue, 2 Aug 2011 22:39:35 -0700 Subject: allow group selection from contact edit page --- mod/contactgroup.php | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ mod/contacts.php | 21 +++++++++++++-------- 2 files changed, 63 insertions(+), 8 deletions(-) create mode 100644 mod/contactgroup.php (limited to 'mod') diff --git a/mod/contactgroup.php b/mod/contactgroup.php new file mode 100644 index 000000000..bf81afe07 --- /dev/null +++ b/mod/contactgroup.php @@ -0,0 +1,50 @@ +argc > 2) && intval($a->argv[1]) && intval($a->argv[2])) { + $r = q("SELECT `id` FROM `contact` WHERE `id` = %d AND `uid` = %d and `self` = 0 and `blocked` = 0 AND `pending` = 0 LIMIT 1", + intval($a->argv[2]), + intval(local_user()) + ); + if(count($r)) + $change = intval($a->argv[2]); + } + + if(($a->argc > 1) && (intval($a->argv[1]))) { + + $r = q("SELECT * FROM `group` WHERE `id` = %d AND `uid` = %d AND `deleted` = 0 LIMIT 1", + intval($a->argv[1]), + intval(local_user()) + ); + if(! count($r)) { + killme(); + } + + $group = $r[0]; + $members = group_get_members($group['id']); + $preselected = array(); + if(count($members)) { + foreach($members as $member) + $preselected[] = $member['id']; + } + + if($change) { + if(in_array($change,$preselected)) { + group_rmv_member(local_user(),$group['name'],$change); + } + else { + group_add_member(local_user(),$group['name'],$change); + } + } + } + + killme(); +} \ No newline at end of file diff --git a/mod/contacts.php b/mod/contacts.php index 2fc01a0d8..4f5a49acd 100644 --- a/mod/contacts.php +++ b/mod/contacts.php @@ -6,10 +6,22 @@ function contacts_init(&$a) { if(! local_user()) return; + $contact_id = 0; + if(($a->argc == 2) && intval($a->argv[1])) { + $contact_id = intval($a->argv[1]); + $r = q("SELECT * FROM `contact` WHERE `uid` = %d and `id` = %d LIMIT 1", + intval(local_user()), + intval($contact_id) + ); + if(! count($r)) { + $contact_id = 0; + } + } + require_once('include/group.php'); if(! x($a->page,'aside')) $a->page['aside'] = ''; - $a->page['aside'] .= group_side(); + $a->page['aside'] .= group_side('contacts','group',false,0,$contact_id); $inv = '

'; @@ -264,13 +276,6 @@ function contacts_content(&$a) { } $grps = ''; - $member_of = member_of($r[0]['id']); - if(is_array($member_of) && count($member_of)) { - $grps = t('Member of: ') . EOL . ''; - } $insecure = '

' . t('Privacy Unavailable') . ' ' . t('Private communications are not available for this contact.') . '

'; -- cgit v1.2.3 From d0b7723bbcd4e9a4fd5c97370bd1c738fdcdab28 Mon Sep 17 00:00:00 2001 From: Friendika Date: Wed, 3 Aug 2011 16:29:25 -0700 Subject: re-parent api post item with parent_id and no parent_uri --- mod/item.php | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) (limited to 'mod') diff --git a/mod/item.php b/mod/item.php index 4b9f3d091..b71c35041 100644 --- a/mod/item.php +++ b/mod/item.php @@ -6,6 +6,8 @@ * text stuff. This function handles status, wall-to-wall status, * local comments, and remote coments - that are posted on this site * (as opposed to being delivered in a feed). + * Also processed here are posts and comments coming through the + * statusnet/twitter API. * All of these become an "item" which is our basic unit of * information. * Posts that originate externally or do not fall into the above @@ -33,6 +35,7 @@ function item_post(&$a) { call_hooks('post_local_start', $_POST); + $api_source = ((x($_POST,'api_source')) ? true : false); /** * Is this a reply to something? @@ -48,22 +51,26 @@ function item_post(&$a) { $r = false; if($parent || $parent_uri) { + + if(! x($_POST,'type')) + $_POST['type'] = 'net-comment'; + if($parent) { $r = q("SELECT * FROM `item` WHERE `id` = %d LIMIT 1", intval($parent) ); } elseif($parent_uri && local_user()) { - $_POST['type'] = 'net-comment'; - // This is coming from an API source, we are logged in - // This query will find the immediate parent + // This is coming from an API source, and we are logged in $r = q("SELECT * FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($parent_uri), intval(local_user()) ); - // now find the real parent of the conversation - if(count($r)) { - $parid = $r[0]['parent']; + } + // if this isn't the real parent of the conversation, find it + if($r !== false && count($r)) { + $parid = $r[0]['parent']; + if($r[0]['id'] != $r[0]['parent']) { $r = q("SELECT * FROM `item` WHERE `id` = `parent` AND `parent` = %d LIMIT 1", intval($parid) ); @@ -771,12 +778,16 @@ function item_post(&$a) { } logger('post_complete'); + + // figure out how to return, depending on from whence we came + + if($api_source) + return; + if((x($_POST,'return')) && strlen($_POST['return'])) { logger('return: ' . $_POST['return']); goaway($a->get_baseurl() . "/" . $_POST['return'] ); } - if($_POST['api_source']) - return; $json = array('success' => 1); if(x($_POST,'jsreload') && strlen($_POST['jsreload'])) $json['reload'] = $a->get_baseurl() . '/' . $_POST['jsreload']; -- cgit v1.2.3 From ad1e827169d9f57c02746b51c5268bdbe2cd8ac9 Mon Sep 17 00:00:00 2001 From: Friendika Date: Wed, 3 Aug 2011 19:18:58 -0700 Subject: several fixes for attachments --- mod/item.php | 6 +++++- mod/wall_attach.php | 6 +++--- 2 files changed, 8 insertions(+), 4 deletions(-) (limited to 'mod') diff --git a/mod/item.php b/mod/item.php index b71c35041..fd5d405ff 100644 --- a/mod/item.php +++ b/mod/item.php @@ -304,6 +304,10 @@ function item_post(&$a) { if(count($r)) { $r = q("UPDATE `attach` SET `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1", + dbesc($str_contact_allow), + dbesc($str_group_allow), + dbesc($str_contact_deny), + dbesc($str_group_deny), intval($profile_uid), intval($attach) ); @@ -436,7 +440,7 @@ function item_post(&$a) { if(count($r)) { if(strlen($attachments)) $attachments .= ','; - $attachments .= '[attach]href="' . $a->get_baseurl() . '/attach/' . $r[0]['id'] . '" size="' . $r[0]['filesize'] . '" type="' . $r[0]['filetype'] . '" title="' . (($r[0]['filename']) ? $r[0]['filename'] : ' ') . '"[/attach]'; + $attachments .= '[attach]href="' . $a->get_baseurl() . '/attach/' . $r[0]['id'] . '" length="' . $r[0]['filesize'] . '" type="' . $r[0]['filetype'] . '" title="' . (($r[0]['filename']) ? $r[0]['filename'] : '') . '"[/attach]'; } $body = str_replace($match[1],'',$body); } diff --git a/mod/wall_attach.php b/mod/wall_attach.php index f18fd10b7..ef6554df3 100644 --- a/mod/wall_attach.php +++ b/mod/wall_attach.php @@ -60,11 +60,11 @@ function wall_attach_post(&$a) { } $filedata = @file_get_contents($src); - - $mimetype = mime_content_type($src); + $mimetype = z_mime_content_type($filename); + if((! strlen($mimetype)) || ($mimetype === 'application/octet-stream') && function_exists('mime_content_type')) + $mimetype = mime_content_type($filename); $hash = random_string(); $created = datetime_convert(); - $r = q("INSERT INTO `attach` ( `uid`, `hash`, `filename`, `filetype`, `filesize`, `data`, `created`, `edited`, `allow_cid`, `allow_gid`,`deny_cid`, `deny_gid` ) VALUES ( %d, '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", intval($page_owner_uid), -- cgit v1.2.3 From d45a66e700a62626007b05ef1b78dff8f0931210 Mon Sep 17 00:00:00 2001 From: Friendika Date: Wed, 3 Aug 2011 21:05:39 -0700 Subject: allow custom avatar sizes - needed for Diaspora hcard/vcard --- mod/photo.php | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/photo.php b/mod/photo.php index 9809aa418..3994620f8 100644 --- a/mod/photo.php +++ b/mod/photo.php @@ -5,6 +5,11 @@ require_once('include/security.php'); function photo_init(&$a) { switch($a->argc) { + case 4: + $person = $a->argv[3]; + $customres = intval($a->argv[2]); + $type = $a->argv[1]; + break; case 3: $person = $a->argv[2]; $type = $a->argv[1]; @@ -29,6 +34,7 @@ function photo_init(&$a) { switch($type) { case 'profile': + case 'custom': $resolution = 4; break; case 'micro': @@ -113,8 +119,17 @@ function photo_init(&$a) { // NOTREACHED } + if(intval($customres) && $customres > 0 && $customres < 500) { + require_once('include/Photo.php'); + $ph = new Photo($data); + if($ph->is_valid()) { + $ph->scaleImageSquare($customres); + $data = $ph->imageString(); + } + } + header("Content-type: image/jpeg"); echo $data; killme(); // NOTREACHED -} \ No newline at end of file +} -- cgit v1.2.3 From f0af4de4a795ed3914f0e8e8ae3417a315d3dcd3 Mon Sep 17 00:00:00 2001 From: Friendika Date: Thu, 4 Aug 2011 19:19:51 -0700 Subject: wrap text from imported link in [quote] --- mod/parse_url.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/parse_url.php b/mod/parse_url.php index 46c6b46e9..9bb0bc464 100644 --- a/mod/parse_url.php +++ b/mod/parse_url.php @@ -116,7 +116,7 @@ function parse_url_content(&$a) { } if(strlen($text)) { - $text = '

' . $text; + $text = '

' . $text . '

'; } echo sprintf($template,$url,($title) ? $title : $url,$text); -- cgit v1.2.3 From 2abcf76ec17a9a7754c399cdde9a4449308a4b02 Mon Sep 17 00:00:00 2001 From: Friendika Date: Thu, 4 Aug 2011 22:37:45 -0700 Subject: salmon protocol changes magicsig draft-experimental, fixes to hostxrd --- mod/hostxrd.php | 11 +++++++++++ mod/salmon.php | 19 +++++++++++++------ mod/xrd.php | 2 +- 3 files changed, 25 insertions(+), 7 deletions(-) create mode 100644 mod/hostxrd.php (limited to 'mod') diff --git a/mod/hostxrd.php b/mod/hostxrd.php new file mode 100644 index 000000000..c7861d26d --- /dev/null +++ b/mod/hostxrd.php @@ -0,0 +1,11 @@ +encoding; $alg = $base->alg; - // If we're talking to status.net or one of their ilk, they aren't following the magic envelope spec - // and only signed the data element. We'll be nice and let them validate anyway. + // Salmon magic signatures have evolved and there is no way of knowing ahead of time which + // flavour we have. We'll try and verify it regardless. $stnet_signed_data = $data; + $signed_data = $data . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg); + $compliant_format = str_replace('=','',$signed_data); + + // decode the data $data = base64url_decode($data); @@ -150,13 +154,16 @@ function salmon_post(&$a) { $rsa->exponent = new Math_BigInteger($e, 256); // We should have everything we need now. Let's see if it verifies. - // If it fails with the proper data format, try again using just the data - // (e.g. status.net) - $verify = $rsa->verify($signed_data,$signature); + $verify = $rsa->verify($compliant_format,$signature); + + if(! $verify) { + logger('mod-salmon: message did not verify using protocol. Trying padding hack.'); + $verify = $rsa->verify($signed_data,$signature); + } if(! $verify) { - logger('mod-salmon: message did not verify using protocol. Trying statusnet hack.'); + logger('mod-salmon: message did not verify using padding. Trying old statusnet hack.'); $verify = $rsa->verify($stnet_signed_data,$signature); } diff --git a/mod/xrd.php b/mod/xrd.php index 4889639f0..c96c18f3c 100644 --- a/mod/xrd.php +++ b/mod/xrd.php @@ -23,7 +23,7 @@ function xrd_content(&$a) { if(! count($r)) killme(); - $salmon_key = salmon_key($r[0]['spubkey']); + $salmon_key = str_replace('=','',salmon_key($r[0]['spubkey'])); header('Access-Control-Allow-Origin: *'); header("Content-type: text/xml"); -- cgit v1.2.3 From 6eec04b09ca428cd2d125857612f7229e226c606 Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 5 Aug 2011 01:34:32 -0700 Subject: updates to Diaspora decrypt/verify from recent testing --- mod/receive.php | 62 +++++++++++++-------------------------------------------- 1 file changed, 14 insertions(+), 48 deletions(-) (limited to 'mod') diff --git a/mod/receive.php b/mod/receive.php index 86d612dc9..188f55f21 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -117,7 +117,6 @@ function receive_post(&$a) { $idom = parse_xml_string($decrypted,false); - print_r($idom); $inner_iv = base64_decode($idom->iv); $inner_aes_key = base64_decode($idom->aes_key); @@ -149,17 +148,14 @@ function receive_post(&$a) { logger('signature: ' . bin2hex($signature)); -// openssl_public_encrypt('test',$rrr,$rpubkey); -// logger('rrr: ' . $rrr); - -// $pubdecsig = ''; -// openssl_public_decrypt($signature,$pubdecsig,$rpubkey); -// logger('decsig: ' . bin2hex($pubdecsig)); - // unpack the data // strip whitespace so our data element will return to one big base64 blob $data = str_replace(array(" ","\t","\r","\n"),array("","","",""),$base->data); + // Add back the 60 char linefeeds + $lines = str_split($data,60); + $data = implode("\n",$lines); + // stash away some other stuff for later @@ -168,7 +164,7 @@ function receive_post(&$a) { $encoding = $base->encoding; $alg = $base->alg; - $signed_data = $data . "\n" . '.' . base64url_encode($type) . "\n" . '.' . base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n"; + $signed_data = $data . (($data[-1] != "\n") ? "\n" : '') . '.' . base64url_encode($type) . "\n" . '.' . base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n"; logger('signed data: ' . $signed_data); @@ -177,9 +173,6 @@ function receive_post(&$a) { // Now pull out the inner encrypted blob - - - $inner_encrypted = base64_decode($data); $inner_decrypted = @@ -209,52 +202,25 @@ function receive_post(&$a) { receive_return(400); } -// FIXME -// Use non salmon compliant signature - -/* - - // Setup RSA stuff to verify the signature - - set_include_path(get_include_path() . PATH_SEPARATOR . 'library' . PATH_SEPARATOR . 'phpsec'); - require_once('library/phpsec/Crypt/RSA.php'); - - $key_info = explode('.',$key); - - $m = base64url_decode($key_info[1]); - $e = base64url_decode($key_info[2]); - - logger('mod-salmon: key details: ' . print_r($key_info,true)); - - $rsa = new CRYPT_RSA(); - $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1; - $rsa->setHash('sha256'); - - $rsa->modulus = new Math_BigInteger($m, 256); - $rsa->k = strlen($rsa->modulus->toBytes()); - $rsa->exponent = new Math_BigInteger($e, 256); + if (version_compare(PHP_VERSION, '5.3.0', '>=')) { + $verify = openssl_verify($signed_data,$signature,$key,'sha256'); + } + else { + // FIXME + // fallback sha256 verify for PHP < 5.3 - $verify = $rsa->verify($signed_data,$signature); + } if(! $verify) { logger('mod-diaspora: Message did not verify. Discarding.'); receive_return(400); } -*/ logger('mod-diaspora: Message verified.'); - /* decrypt the sucker */ - /* - // TODO - */ - - /* - * - * If we reached this point, the message is good. Now let's figure out if the author is allowed to send us stuff. - * - */ + // If we reached this point, the message is good. + // Now let's figure out if the author is allowed to send us stuff. $r = q("SELECT * FROM `contact` WHERE `network` = 'dspr' AND ( `url` = '%s' OR `alias` = '%s') AND `uid` = %d LIMIT 1", -- cgit v1.2.3 From 5a5a7bfc4cf551f6353358b961399efcaa8269b3 Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 5 Aug 2011 05:37:42 -0700 Subject: fallback sha256 openssl_verify code for php releases prior to 5.3 --- mod/receive.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'mod') diff --git a/mod/receive.php b/mod/receive.php index 188f55f21..f5a2eb7b6 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -194,7 +194,7 @@ function receive_post(&$a) { logger('mod-diaspora: Fetching key for ' . $author_link ); -// Get diaspora public key (pkcs#1) and convert to pkcs#8 + // Get diaspora public key (pkcs#1) and convert to pkcs#8 $key = get_diaspora_key($author_link); if(! $key) { @@ -202,14 +202,17 @@ function receive_post(&$a) { receive_return(400); } + $verify = false; if (version_compare(PHP_VERSION, '5.3.0', '>=')) { $verify = openssl_verify($signed_data,$signature,$key,'sha256'); } else { - // FIXME // fallback sha256 verify for PHP < 5.3 - + $rawsig = ''; + $hash = hash('sha256',$signed_data,true); + openssl_public_decrypt($signature,$rawsig,$key); + $verify = (($rawsig && substr($rawsig,-32) === $hash) ? true : false); } if(! $verify) { -- cgit v1.2.3 From 1d659bd8543c630ff1eda245ab7e9afeec6eebe1 Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 5 Aug 2011 06:42:27 -0700 Subject: move public profile warning to top of page --- mod/profiles.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/profiles.php b/mod/profiles.php index 64fab797f..b269fa30c 100644 --- a/mod/profiles.php +++ b/mod/profiles.php @@ -469,7 +469,7 @@ function profiles_content(&$a) { '$id' => $rr['id'], '$alt' => t('Profile Image'), '$profile_name' => $rr['profile-name'], - '$visible' => (($rr['is-default']) ? '' . t('Visible to everybody') . '' + '$visible' => (($rr['is-default']) ? '' . t('visible to everybody') . '' : '' . t('Edit visibility') . '') )); } -- cgit v1.2.3 From 48ffa880f099b19052f18e399bf6af50780a24b0 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 7 Aug 2011 16:15:54 -0700 Subject: cleanup --- mod/contacts.php | 14 +++++++------- mod/dfrn_confirm.php | 20 ++++++++++---------- mod/dfrn_request.php | 4 ++-- mod/follow.php | 6 +++--- mod/pubsub.php | 4 ++-- mod/receive.php | 2 +- mod/salmon.php | 11 +++++++++-- 7 files changed, 34 insertions(+), 27 deletions(-) (limited to 'mod') diff --git a/mod/contacts.php b/mod/contacts.php index 4f5a49acd..f64709ab6 100644 --- a/mod/contacts.php +++ b/mod/contacts.php @@ -249,16 +249,16 @@ function contacts_content(&$a) { $tpl = get_markup_template("contact_edit.tpl"); switch($r[0]['rel']) { - case REL_BUD: + case CONTACT_IS_FRIEND: $dir_icon = 'images/lrarrow.gif'; $alt_text = t('Mutual Friendship'); break; - case REL_VIP; + case CONTACT_IS_FOLLOWER; $dir_icon = 'images/larrow.gif'; $alt_text = t('is a fan of yours'); break; - case REL_FAN; + case CONTACT_IS_SHARING; $dir_icon = 'images/rarrow.gif'; $alt_text = t('you are a fan of'); break; @@ -368,7 +368,7 @@ function contacts_content(&$a) { $search = dbesc($search.'*'); $sql_extra .= ((strlen($search)) ? " AND MATCH `name` AGAINST ('$search' IN BOOLEAN MODE) " : ""); - $sql_extra2 = ((($sort_type > 0) && ($sort_type <= REL_BUD)) ? sprintf(" AND `rel` = %d ",intval($sort_type)) : ''); + $sql_extra2 = ((($sort_type > 0) && ($sort_type <= CONTACT_IS_FRIEND)) ? sprintf(" AND `rel` = %d ",intval($sort_type)) : ''); $r = q("SELECT COUNT(*) AS `total` FROM `contact` @@ -392,15 +392,15 @@ function contacts_content(&$a) { continue; switch($rr['rel']) { - case REL_BUD: + case CONTACT_IS_FRIEND: $dir_icon = 'images/lrarrow.gif'; $alt_text = t('Mutual Friendship'); break; - case REL_VIP; + case CONTACT_IS_FOLLOWER; $dir_icon = 'images/larrow.gif'; $alt_text = t('is a fan of yours'); break; - case REL_FAN; + case CONTACT_IS_SHARING; $dir_icon = 'images/rarrow.gif'; $alt_text = t('you are a fan of'); break; diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index 91333284b..869bde3bf 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -306,11 +306,11 @@ function dfrn_confirm_post(&$a,$handsfree = null) { if($network === 'dfrn') { - $new_relation = REL_VIP; - if(($relation == REL_FAN) || ($duplex)) - $new_relation = REL_BUD; + $new_relation = CONTACT_IS_FOLLOWER; + if(($relation == CONTACT_IS_SHARING) || ($duplex)) + $new_relation = CONTACT_IS_FRIEND; - if(($relation == REL_FAN) && ($duplex)) + if(($relation == CONTACT_IS_SHARING) && ($duplex)) $duplex = 0; $r = q("UPDATE `contact` SET `photo` = '%s', @@ -401,7 +401,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $r = q("SELECT `hide-friends` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1", intval($uid) ); - if((count($r)) && ($r[0]['hide-friends'] == 0) && (is_array($contact)) && isset($new_relation) && ($new_relation == REL_BUD)) { + if((count($r)) && ($r[0]['hide-friends'] == 0) && (is_array($contact)) && isset($new_relation) && ($new_relation == CONTACT_IS_FRIEND)) { require_once('include/items.php'); @@ -592,11 +592,11 @@ function dfrn_confirm_post(&$a,$handsfree = null) { logger('dfrn_confirm: request - photos imported'); - $new_relation = REL_FAN; - if(($relation == REL_VIP) || ($duplex)) - $new_relation = REL_BUD; + $new_relation = CONTACT_IS_SHARING; + if(($relation == CONTACT_IS_FOLLOWER) || ($duplex)) + $new_relation = CONTACT_IS_FRIEND; - if(($relation == REL_VIP) && ($duplex)) + if(($relation == CONTACT_IS_FOLLOWER) && ($duplex)) $duplex = 0; $r = q("UPDATE `contact` SET @@ -639,7 +639,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { if((count($r)) && ($r[0]['notify-flags'] & NOTIFY_CONFIRM)) { push_lang($r[0]['language']); - $tpl = (($new_relation == REL_BUD) + $tpl = (($new_relation == CONTACT_IS_FRIEND) ? get_intltext_template('friend_complete_eml.tpl') : get_intltext_template('intro_complete_eml.tpl')); diff --git a/mod/dfrn_request.php b/mod/dfrn_request.php index 6b9558b86..79070604b 100644 --- a/mod/dfrn_request.php +++ b/mod/dfrn_request.php @@ -309,7 +309,7 @@ function dfrn_request_post(&$a) { notice( t('You have already introduced yourself here.') . EOL ); return; } - elseif($ret[0]['rel'] == REL_BUD) { + elseif($ret[0]['rel'] == CONTACT_IS_FRIEND) { notice( sprintf( t('Apparently you are already friends with %s.'), $a->profile['name']) . EOL); return; } @@ -445,7 +445,7 @@ function dfrn_request_post(&$a) { * * OStatus network * Check contact existence - * Try and scrape together enough information to create a contact record, with us as REL_VIP + * Try and scrape together enough information to create a contact record, with us as CONTACT_IS_FOLLOWER * Substitute our user's feed URL into $url template * Send the subscriber home to subscribe * diff --git a/mod/follow.php b/mod/follow.php index 830399ff5..925572640 100644 --- a/mod/follow.php +++ b/mod/follow.php @@ -82,9 +82,9 @@ function follow_post(&$a) { if(count($r)) { // update contact - if($r[0]['rel'] == REL_VIP) { + if($r[0]['rel'] == CONTACT_IS_FOLLOWER) { q("UPDATE `contact` SET `rel` = %d , `readonly` = 0 WHERE `id` = %d AND `uid` = %d LIMIT 1", - intval(REL_BUD), + intval(CONTACT_IS_FRIEND), intval($r[0]['id']), intval(local_user()) ); @@ -106,7 +106,7 @@ function follow_post(&$a) { dbesc($ret['nick']), dbesc($ret['photo']), dbesc($ret['network']), - intval(($ret['network'] === NETWORK_MAIL) ? REL_BUD : REL_FAN), + intval(($ret['network'] === NETWORK_MAIL) ? CONTACT_IS_FRIEND : CONTACT_IS_SHARING), intval($ret['priority']), intval($writeable) ); diff --git a/mod/pubsub.php b/mod/pubsub.php index edb0a7fe1..d6e3d378f 100644 --- a/mod/pubsub.php +++ b/mod/pubsub.php @@ -111,8 +111,8 @@ function pubsub_post(&$a) { AND ( `rel` = %d OR `rel` = %d ) AND `blocked` = 0 AND `readonly` = 0 LIMIT 1", intval($contact_id), intval($importer['uid']), - intval(REL_FAN), - intval(REL_BUD) + intval(CONTACT_IS_SHARING), + intval(CONTACT_IS_FRIEND) ); if(! count($r)) { diff --git a/mod/receive.php b/mod/receive.php index f5a2eb7b6..e9af087de 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -238,7 +238,7 @@ function receive_post(&$a) { // is this a follower? Or have we ignored the person? // If so we can not accept this post. - if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == REL_VIP) || ($r[0]['blocked']))) { + if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) { logger('mod-diaspora: Ignoring this author.'); receive_return(202); // NOTREACHED diff --git a/mod/salmon.php b/mod/salmon.php index 300ad8746..514653be3 100644 --- a/mod/salmon.php +++ b/mod/salmon.php @@ -134,7 +134,14 @@ function salmon_post(&$a) { // Setup RSA stuff to verify the signature - set_include_path(get_include_path() . PATH_SEPARATOR . 'library/phpsec'); + require_once('library/phpsec/Crypt/RSA.php'); + + $rsa = new CRYPT_RSA(); + $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1; + $rsa->setHash('sha256'); + $rsa->loadKey($prvkey); + + $sig = $rsa->sign($data); require_once('library/phpsec/Crypt/RSA.php'); @@ -194,7 +201,7 @@ function salmon_post(&$a) { // is this a follower? Or have we ignored the person? // If so we can not accept this post. - if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == REL_VIP) || ($r[0]['blocked']))) { + if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) { logger('mod-salmon: Ignoring this author.'); salmon_return(202); // NOTREACHED -- cgit v1.2.3 From 1eec10329a4764f132b159e7b1bbf37added6c8a Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 7 Aug 2011 16:56:26 -0700 Subject: guid functions --- mod/register.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/register.php b/mod/register.php index a8d81f1f6..fbd21a567 100644 --- a/mod/register.php +++ b/mod/register.php @@ -201,7 +201,7 @@ function register_post(&$a) { $r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`, `pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked` ) VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d )", - dbesc(generate_guid()), + dbesc(generate_user_guid()), dbesc($username), dbesc($new_password_encoded), dbesc($email), -- cgit v1.2.3 From 8812b7f4caa99d01ae0e082c0b29a2ee24aed67d Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 7 Aug 2011 17:29:26 -0700 Subject: item guids --- mod/item.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'mod') diff --git a/mod/item.php b/mod/item.php index fd5d405ff..884e730e6 100644 --- a/mod/item.php +++ b/mod/item.php @@ -506,6 +506,9 @@ function item_post(&$a) { if($orig_post) $datarray['edit'] = true; + else + $datarray['guid'] = get_guid(); + call_hooks('post_local',$datarray); @@ -529,11 +532,12 @@ function item_post(&$a) { $post_id = 0; - $r = q("INSERT INTO `item` (`uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, + $r = q("INSERT INTO `item` (`guid`, `uid`,`type`,`wall`,`gravity`,`contact-id`,`owner-name`,`owner-link`,`owner-avatar`, `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`, `tag`, `inform`, `verb`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach` ) - VALUES( %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s' )", + VALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s' )", intval($datarray['uid']), + dbesc($datarray['guid']), dbesc($datarray['type']), intval($datarray['wall']), intval($datarray['gravity']), -- cgit v1.2.3 From 0745c00b16a6c6c63c0d49f61d7a09c2fabbf41f Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 7 Aug 2011 17:33:13 -0700 Subject: guids on items --- mod/item.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/item.php b/mod/item.php index 884e730e6..62c1d4a87 100644 --- a/mod/item.php +++ b/mod/item.php @@ -536,8 +536,8 @@ function item_post(&$a) { `author-name`, `author-link`, `author-avatar`, `created`, `edited`, `received`, `changed`, `uri`, `thr-parent`, `title`, `body`, `app`, `location`, `coord`, `tag`, `inform`, `verb`, `allow_cid`, `allow_gid`, `deny_cid`, `deny_gid`, `private`, `pubmail`, `attach` ) VALUES( '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, '%s' )", - intval($datarray['uid']), dbesc($datarray['guid']), + intval($datarray['uid']), dbesc($datarray['type']), intval($datarray['wall']), intval($datarray['gravity']), -- cgit v1.2.3 From 7eb7f774131a47212ff9c505d7d497c8c7b76a53 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 7 Aug 2011 19:26:44 -0700 Subject: use separate hcard from profile url --- mod/follow.php | 2 +- mod/hcard.php | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ mod/xrd.php | 1 + 3 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 mod/hcard.php (limited to 'mod') diff --git a/mod/follow.php b/mod/follow.php index 925572640..80226f3b9 100644 --- a/mod/follow.php +++ b/mod/follow.php @@ -58,7 +58,7 @@ function follow_post(&$a) { } if($ret['network'] === NETWORK_OSTATUS && get_config('system','ostatus_disabled')) { - notice( t('Communication options with this network have been restricted.') . EOL); + notice( t('The profile address specified belongs to a network which has been disabled on this site.') . EOL); $ret['notify'] = ''; } diff --git a/mod/hcard.php b/mod/hcard.php new file mode 100644 index 000000000..5505ca08e --- /dev/null +++ b/mod/hcard.php @@ -0,0 +1,50 @@ +argc > 1) + $which = $a->argv[1]; + else { + notice( t('No profile') . EOL ); + $a->error = 404; + return; + } + + $profile = 0; + if((local_user()) && ($a->argc > 2) && ($a->argv[2] === 'view')) { + $which = $a->user['nickname']; + $profile = $a->argv[1]; + } + + profile_load($a,$which,$profile); + + if((x($a->profile,'page-flags')) && ($a->profile['page-flags'] == PAGE_COMMUNITY)) { + $a->page['htmlhead'] .= ''; + } + if(x($a->profile,'openidserver')) + $a->page['htmlhead'] .= '' . "\r\n"; + if(x($a->profile,'openid')) { + $delegate = ((strstr($a->profile['openid'],'://')) ? $a->profile['openid'] : 'http://' . $a->profile['openid']); + $a->page['htmlhead'] .= '' . "\r\n"; + } + + $keywords = ((x($a->profile,'pub_keywords')) ? $a->profile['pub_keywords'] : ''); + $keywords = str_replace(array(',',' ',',,'),array(' ',',',','),$keywords); + if(strlen($keywords)) + $a->page['htmlhead'] .= '' . "\r\n" ; + + $a->page['htmlhead'] .= '' . "\r\n" ; + $a->page['htmlhead'] .= '' . "\r\n" ; + $uri = urlencode('acct:' . $a->profile['nickname'] . '@' . $a->get_hostname() . (($a->path) ? '/' . $a->path : '')); + $a->page['htmlhead'] .= '' . "\r\n"; + header('Link: <' . $a->get_baseurl() . '/xrd/?uri=' . $uri . '>; rel="lrdd"; type="application/xrd+xml"', false); + + $dfrn_pages = array('request', 'confirm', 'notify', 'poll'); + foreach($dfrn_pages as $dfrn) + $a->page['htmlhead'] .= "get_baseurl()."/dfrn_{$dfrn}/{$which}\" />\r\n"; + +} + diff --git a/mod/xrd.php b/mod/xrd.php index c96c18f3c..9021222b7 100644 --- a/mod/xrd.php +++ b/mod/xrd.php @@ -47,6 +47,7 @@ function xrd_content(&$a) { $o = replace_macros($tpl, array( '$accturi' => $uri, '$profile_url' => $a->get_baseurl() . '/profile/' . $r[0]['nickname'], + '$hcard_url' => $a->get_baseurl() . '/hcard/' . $r[0]['nickname'], '$atom' => $a->get_baseurl() . '/dfrn_poll/' . $r[0]['nickname'], '$photo' => $a->get_baseurl() . '/photo/profile/' . $r[0]['uid'] . '.jpg', '$dspr' => $dspr, -- cgit v1.2.3 From 70017ebb8ce0321976a55d686178715885d1b6a9 Mon Sep 17 00:00:00 2001 From: Friendika Date: Tue, 9 Aug 2011 02:53:51 -0700 Subject: diaspora encrypt+decrypt working !! --- mod/receive.php | 204 ++------------------------------------------------------ 1 file changed, 6 insertions(+), 198 deletions(-) (limited to 'mod') diff --git a/mod/receive.php b/mod/receive.php index e9af087de..851437124 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -7,43 +7,9 @@ require_once('include/salmon.php'); require_once('include/certfns.php'); +require_once('include/diaspora.php'); -function receive_return($val) { - if($val >= 400) - $err = 'Error'; - if($val >= 200 && $val < 300) - $err = 'OK'; - - logger('mod-diaspora returns ' . $val); - header($_SERVER["SERVER_PROTOCOL"] . ' ' . $val . ' ' . $err); - killme(); - -} - - -function get_diaspora_key($uri) { - $key = ''; - - logger('Fetching diaspora key for: ' . $uri); - - $arr = lrdd($uri); - - if(is_array($arr)) { - foreach($arr as $a) { - if($a['@attributes']['rel'] === 'diaspora-public-key') { - $key = base64_decode($a['@attributes']['href']); - } - } - } - else { - return ''; - } - - if($key) - return rsatopem($key); - return ''; -} function receive_post(&$a) { @@ -56,7 +22,7 @@ function receive_post(&$a) { dbesc($guid) ); if(! count($r)) - salmon_return(500); + receive_return(500); $importer = $r[0]; @@ -67,160 +33,9 @@ function receive_post(&$a) { if(! $xml) receive_return(500); - - $basedom = parse_xml_string($xml); - - if($basedom) - logger('parsed dom'); - - $atom = $basedom->children(NAMESPACE_ATOM1); - - logger('atom: ' . count($atom)); - $encrypted_header = json_decode(base64_decode($atom->encrypted_header)); - - print_r($encrypted_header); - - $encrypted_aes_key_bundle = base64_decode($encrypted_header->aes_key); - $ciphertext = base64_decode($encrypted_header->ciphertext); - - logger('encrypted_aes: ' . print_r($encrypted_aes_key_bundle,true)); - logger('ciphertext: ' . print_r($ciphertext,true)); - - $outer_key_bundle = ''; - openssl_private_decrypt($encrypted_aes_key_bundle,$outer_key_bundle,$localprvkey); - - logger('outer_bundle: ' . print_r($outer_key_bundle,true)); - - $j_outer_key_bundle = json_decode($outer_key_bundle); - - $outer_iv = base64_decode($j_outer_key_bundle->iv); - $outer_key = base64_decode($j_outer_key_bundle->key); - - $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $outer_key, $ciphertext, MCRYPT_MODE_CBC, $outer_iv); - - $decrypted = pkcs5_unpad($decrypted); - - logger('decrypted: ' . print_r($decrypted,true)); - - /** - * $decrypted now contains something like - * - * - * 8e+G2+ET8l5BPuW0sVTnQw== - * UvSMb4puPeB14STkcDWq+4QE302Edu15oaprAQSkLKU= - * - * Ryan Hughes - * acct:galaxor@diaspora.pirateship.org - * - * - */ - - $idom = parse_xml_string($decrypted,false); - - $inner_iv = base64_decode($idom->iv); - $inner_aes_key = base64_decode($idom->aes_key); - - logger('inner_iv: ' . $inner_iv); - - $dom = $basedom->children(NAMESPACE_SALMON_ME); - - if($dom) - logger('have dom'); - - logger('dom: ' . count($dom)); - // figure out where in the DOM tree our data is hiding - - if($dom->provenance->data) - $base = $dom->provenance; - elseif($dom->env->data) - $base = $dom->env; - elseif($dom->data) - $base = $dom; - - if(! $base) { - logger('mod-diaspora: unable to locate salmon data in xml '); - dt_return(400); - } - - - // Stash the signature away for now. We have to find their key or it won't be good for anything. - $signature = base64url_decode($base->sig); - - logger('signature: ' . bin2hex($signature)); - - // unpack the data - - // strip whitespace so our data element will return to one big base64 blob - $data = str_replace(array(" ","\t","\r","\n"),array("","","",""),$base->data); - // Add back the 60 char linefeeds - $lines = str_split($data,60); - $data = implode("\n",$lines); - - - // stash away some other stuff for later - - $type = $base->data[0]->attributes()->type[0]; - $keyhash = $base->sig[0]->attributes()->keyhash[0]; - $encoding = $base->encoding; - $alg = $base->alg; - - $signed_data = $data . (($data[-1] != "\n") ? "\n" : '') . '.' . base64url_encode($type) . "\n" . '.' . base64url_encode($encoding) . "\n" . '.' . base64url_encode($alg) . "\n"; - - logger('signed data: ' . $signed_data); - - // decode the data - $data = base64url_decode($data); - - // Now pull out the inner encrypted blob - - $inner_encrypted = base64_decode($data); - - $inner_decrypted = - $inner_decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $inner_aes_key, $inner_encrypted, MCRYPT_MODE_CBC, $inner_iv); - - $inner_decrypted = pkcs5_unpad($inner_decrypted); - - logger('inner_decrypted: ' . $inner_decrypted); - - - - if(! $author_link) { - logger('mod-diaspora: Could not retrieve author URI.'); - receive_return(400); - } - - // Once we have the author URI, go to the web and try to find their public key - // *** or look it up locally *** - - logger('mod-diaspora: Fetching key for ' . $author_link ); - - // Get diaspora public key (pkcs#1) and convert to pkcs#8 - $key = get_diaspora_key($author_link); - - if(! $key) { - logger('mod-salmon: Could not retrieve author key.'); - receive_return(400); - } - - $verify = false; - - if (version_compare(PHP_VERSION, '5.3.0', '>=')) { - $verify = openssl_verify($signed_data,$signature,$key,'sha256'); - } - else { - // fallback sha256 verify for PHP < 5.3 - $rawsig = ''; - $hash = hash('sha256',$signed_data,true); - openssl_public_decrypt($signature,$rawsig,$key); - $verify = (($rawsig && substr($rawsig,-32) === $hash) ? true : false); - } - - if(! $verify) { - logger('mod-diaspora: Message did not verify. Discarding.'); - receive_return(400); - } - - logger('mod-diaspora: Message verified.'); + $msg = diaspora_decode($importer,$xml); + if(! $msg) + receive_return(500); // If we reached this point, the message is good. // Now let's figure out if the author is allowed to send us stuff. @@ -261,17 +76,10 @@ function receive_post(&$a) { $contact_rec = ((count($r)) ? $r[0] : null); - - -// figure out what kind of diaspora message we have, and process accordingly. - + receive_return(200); - receive_return(200); } - - - -- cgit v1.2.3 From 1bfe1283aa38454369f29883411a6c012c88df59 Mon Sep 17 00:00:00 2001 From: Friendika Date: Tue, 9 Aug 2011 18:55:46 -0700 Subject: crypto stuff --- mod/receive.php | 2 +- mod/salmon.php | 44 +++++++++++++------------------------------- mod/xrd.php | 14 +++++--------- 3 files changed, 19 insertions(+), 41 deletions(-) (limited to 'mod') diff --git a/mod/receive.php b/mod/receive.php index 851437124..e2c110202 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -6,7 +6,7 @@ require_once('include/salmon.php'); -require_once('include/certfns.php'); +require_once('include/crypto.php'); require_once('include/diaspora.php'); diff --git a/mod/salmon.php b/mod/salmon.php index 514653be3..0264e820d 100644 --- a/mod/salmon.php +++ b/mod/salmon.php @@ -5,6 +5,7 @@ // complicated process to try and sort out. require_once('include/salmon.php'); +require_once('include/crypto.php'); require_once('library/simplepie/simplepie.inc'); function salmon_return($val) { @@ -33,7 +34,7 @@ function salmon_post(&$a) { dbesc($nick) ); if(! count($r)) - salmon_return(500); + http_status_exit(500); $importer = $r[0]; @@ -52,7 +53,7 @@ function salmon_post(&$a) { if(! $base) { logger('mod-salmon: unable to locate salmon data in xml '); - salmon_return(400); + http_status_exit(400); } // Stash the signature away for now. We have to find their key or it won't be good for anything. @@ -117,7 +118,7 @@ function salmon_post(&$a) { if(! $author_link) { logger('mod-salmon: Could not retrieve author URI.'); - salmon_return(400); + http_status_exit(400); } // Once we have the author URI, go to the web and try to find their public key @@ -129,54 +130,35 @@ function salmon_post(&$a) { if(! $key) { logger('mod-salmon: Could not retrieve author key.'); - salmon_return(400); + http_status_exit(400); } - // Setup RSA stuff to verify the signature - - require_once('library/phpsec/Crypt/RSA.php'); - - $rsa = new CRYPT_RSA(); - $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1; - $rsa->setHash('sha256'); - $rsa->loadKey($prvkey); - - $sig = $rsa->sign($data); - - require_once('library/phpsec/Crypt/RSA.php'); - $key_info = explode('.',$key); $m = base64url_decode($key_info[1]); $e = base64url_decode($key_info[2]); - logger('mod-salmon: key details: ' . print_r($key_info,true)); - - $rsa = new CRYPT_RSA(); - $rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1; - $rsa->setHash('sha256'); + logger('mod-salmon: key details: ' . print_r($key_info,true), LOGGER_DEBUG); - $rsa->modulus = new Math_BigInteger($m, 256); - $rsa->k = strlen($rsa->modulus->toBytes()); - $rsa->exponent = new Math_BigInteger($e, 256); + $pubkey = metopem($m,$e); // We should have everything we need now. Let's see if it verifies. - $verify = $rsa->verify($compliant_format,$signature); + $verify = rsa_verify($compliant_format,$signature,$pubkey); if(! $verify) { logger('mod-salmon: message did not verify using protocol. Trying padding hack.'); - $verify = $rsa->verify($signed_data,$signature); + $verify = rsa_verify($signed_data,$signature,$pubkey); } if(! $verify) { logger('mod-salmon: message did not verify using padding. Trying old statusnet hack.'); - $verify = $rsa->verify($stnet_signed_data,$signature); + $verify = rsa_verify($stnet_signed_data,$signature,$pubkey); } if(! $verify) { logger('mod-salmon: Message did not verify. Discarding.'); - salmon_return(400); + http_status_exit(400); } logger('mod-salmon: Message verified.'); @@ -203,7 +185,7 @@ function salmon_post(&$a) { if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) { logger('mod-salmon: Ignoring this author.'); - salmon_return(202); + http_status_exit(202); // NOTREACHED } @@ -225,7 +207,7 @@ function salmon_post(&$a) { consume_feed($feedxml,$importer,$contact_rec,$hub); - salmon_return(200); + http_status_exit(200); } diff --git a/mod/xrd.php b/mod/xrd.php index 9021222b7..fcec74336 100644 --- a/mod/xrd.php +++ b/mod/xrd.php @@ -1,9 +1,8 @@ $a->get_baseurl(), @@ -41,7 +38,6 @@ function xrd_content(&$a) { else $dspr = ''; - $tpl = file_get_contents('view/xrd_person.tpl'); $o = replace_macros($tpl, array( @@ -60,7 +56,7 @@ function xrd_content(&$a) { $arr = array('user' => $r[0], 'xml' => $o); call_hooks('personal_xrd', $arr); - echo $o; + echo $arr['xml']; killme(); } -- cgit v1.2.3 From 72873cd827979aeaf64bf6e0402c9b99fea56416 Mon Sep 17 00:00:00 2001 From: Friendika Date: Wed, 10 Aug 2011 05:10:48 -0700 Subject: diaspora function dispatcher --- mod/receive.php | 59 +++++++++++++++++++++++++++++++++++---------------------- 1 file changed, 36 insertions(+), 23 deletions(-) (limited to 'mod') diff --git a/mod/receive.php b/mod/receive.php index e2c110202..1dfbe59bd 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -14,7 +14,7 @@ require_once('include/diaspora.php'); function receive_post(&$a) { if($a->argc != 3 || $a->argv[1] !== 'users') - receive_return(500); + http_status_exit(500); $guid = $a->argv[2]; @@ -22,7 +22,7 @@ function receive_post(&$a) { dbesc($guid) ); if(! count($r)) - receive_return(500); + http_status_exit(500); $importer = $r[0]; @@ -31,11 +31,16 @@ function receive_post(&$a) { logger('mod-diaspora: new salmon ' . $xml, LOGGER_DATA); if(! $xml) - receive_return(500); + http_status_exit(500); $msg = diaspora_decode($importer,$xml); if(! $msg) - receive_return(500); + http_status_exit(500); + + + $parsed_xml = parse_xml_string($msg); + + $xmlbase = $parsed_xml->post; // If we reached this point, the message is good. // Now let's figure out if the author is allowed to send us stuff. @@ -52,34 +57,42 @@ function receive_post(&$a) { // is this a follower? Or have we ignored the person? // If so we can not accept this post. + // However we will accept a sharing e.g. friend request if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) { - logger('mod-diaspora: Ignoring this author.'); - receive_return(202); - // NOTREACHED + if(! $xmlbase->request) { + logger('mod-diaspora: Ignoring this author.'); + http_status_exit(202); + // NOTREACHED + } } require_once('include/items.php'); - // Placeholder for hub discovery. We shouldn't find any hubs - // since we supplied the fake feed header - and it doesn't have any. - - $hub = ''; - - /** - * - * anti-spam measure: consume_feed will accept a follow activity from - * this person (and nothing else) if there is no existing contact record. - * - */ - - $contact_rec = ((count($r)) ? $r[0] : null); - - - receive_return(200); + $contact = ((count($r)) ? $r[0] : null); + if($xmlbase->request) { + diaspora_request($importer,$contact,$xmlbase->request); + } + elseif($xmlbase->status_message) { + diaspora_post($importer,$contact,$xmlbase->status_message); + } + elseif($xmlbase->comment) { + diaspora_comment($importer,$contact,$xmlbase->comment); + } + elseif($xmlbase->like) { + diaspora_like($importer,$contact,$xmlbase->like); + } + elseif($xmlbase->retraction) { + diaspora_retraction($importer,$contact,$xmlbase->retraction); + } + else { + logger('mod-diaspora: unknown message type: ' . print_r($xmlbase,true)); + } + http_status_exit(200); + // NOTREACHED } -- cgit v1.2.3 From 0db145dafa032a8c1fd68c318afc59f9599f3756 Mon Sep 17 00:00:00 2001 From: Friendika Date: Thu, 11 Aug 2011 04:28:06 -0700 Subject: redirect to home after logging in using login url --- mod/login.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'mod') diff --git a/mod/login.php b/mod/login.php index 58af42d74..10b4d3001 100644 --- a/mod/login.php +++ b/mod/login.php @@ -3,6 +3,8 @@ function login_content(&$a) { if(x($_SESSION,'theme')) unset($_SESSION['theme']); + if(local_user()) + goaway(z_root()); return login(($a->config['register_policy'] == REGISTER_CLOSED) ? false : true); } \ No newline at end of file -- cgit v1.2.3 From fda593caeda997fbd97eed28f69107ce91c16242 Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 12 Aug 2011 02:58:29 -0700 Subject: introduction fails if confirmation differs by http vs https --- mod/dfrn_confirm.php | 20 +++++++++++++++----- mod/probe.php | 23 +++++++++++++++++++++++ mod/webfinger.php | 2 +- 3 files changed, 39 insertions(+), 6 deletions(-) create mode 100644 mod/probe.php (limited to 'mod') diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index 869bde3bf..bcc4e3438 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -528,12 +528,22 @@ function dfrn_confirm_post(&$a,$handsfree = null) { dbesc($decrypted_source_url), intval($local_uid) ); - if(! count($ret)) { - // this is either a bogus confirmation (?) or we deleted the original introduction. - $message = t('Contact record was not found for you on our site.'); - xml_status(3,$message); - return; // NOTREACHED + if(strstr($decrypted_source_url,'http:')) + $newurl = str_replace('http:','https:',$decrypted_source_url); + else + $newurl = str_replace('https:','http:',$decrypted_source_url); + + $ret = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1", + dbesc($newurl), + intval($local_uid) + ); + if(! count($r)) { + // this is either a bogus confirmation (?) or we deleted the original introduction. + $message = t('Contact record was not found for you on our site.'); + xml_status(3,$message); + return; // NOTREACHED + } } $relation = $ret[0]['rel']; diff --git a/mod/probe.php b/mod/probe.php new file mode 100644 index 000000000..221d18650 --- /dev/null +++ b/mod/probe.php @@ -0,0 +1,23 @@ +Probe Diagnostic'; + + $o .= '
'; + $o .= 'Lookup address: '; + $o .= '
'; + + $o .= '

'; + + if(x($_GET,'addr')) { + $addr = trim($_GET['addr']); + $res = probe_url($addr); + $o .= '
';
+		$o .= str_replace("\n",'
',print_r($res,true));
+		$o .= '
'; + } + return $o; +} diff --git a/mod/webfinger.php b/mod/webfinger.php index f6d6026b4..74bd2c954 100644 --- a/mod/webfinger.php +++ b/mod/webfinger.php @@ -23,4 +23,4 @@ function webfinger_content(&$a) { $o .= ''; } return $o; -} \ No newline at end of file +} -- cgit v1.2.3 From aefc6209a3d07d70835422e690f624c72075c410 Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 12 Aug 2011 03:01:11 -0700 Subject: improved diaspora discovery --- mod/receive.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/receive.php b/mod/receive.php index 1dfbe59bd..72d528093 100644 --- a/mod/receive.php +++ b/mod/receive.php @@ -71,7 +71,7 @@ function receive_post(&$a) { $contact = ((count($r)) ? $r[0] : null); - + logger('diaspora msg: ' . $msg, LOGGER_DATA); if($xmlbase->request) { diaspora_request($importer,$contact,$xmlbase->request); -- cgit v1.2.3 From e1db1369664cd4299dd5bdcb463e549c602213f0 Mon Sep 17 00:00:00 2001 From: Friendika Date: Fri, 12 Aug 2011 04:05:20 -0700 Subject: but #118 proxy settings in admin panel --- mod/admin.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'mod') diff --git a/mod/admin.php b/mod/admin.php index f7dde7bcb..1a926443f 100644 --- a/mod/admin.php +++ b/mod/admin.php @@ -192,8 +192,8 @@ function admin_page_site_post(&$a){ $no_community_page = !((x($_POST,'no_community_page')) ? True : False); $verifyssl = ((x($_POST,'verifyssl')) ? True : False); - $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['global_search_url'])) : ''); - $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['global_search_url'])) : ''); + $proxyuser = ((x($_POST,'proxyuser')) ? notags(trim($_POST['proxyuser'])) : ''); + $proxy = ((x($_POST,'proxy')) ? notags(trim($_POST['proxy'])) : ''); $timeout = ((x($_POST,'timeout')) ? intval(trim($_POST['timeout'])) : 60); $dfrn_only = ((x($_POST,'dfrn_only')) ? True : False); $ostatus_disabled = !((x($_POST,'ostatus_disabled')) ? True : False); @@ -234,7 +234,7 @@ function admin_page_site_post(&$a){ set_config('system','no_gravatar', $no_gravatar); set_config('system','no_regfullname', $no_regfullname); set_config('system','no_community_page', $no_community_page); - set_config('system','proxy', $no_utf); + set_config('system','no_utf', $no_utf); set_config('system','verifyssl', $verifyssl); set_config('system','proxyuser', $proxyuser); set_config('system','proxy', $proxy); @@ -322,7 +322,7 @@ function admin_page_site(&$a) { '$no_openid' => array('no_openid', t("OpenID support"), !get_config('system','no_openid'), "OpenID support for registration and logins."), '$no_gravatar' => array('no_gravatar', t("Gravatar support"), !get_config('system','no_gravatar'), "Search new user's photo on Gravatar."), '$no_regfullname' => array('no_regfullname', t("Fullname check"), !get_config('system','no_regfullname'), "Force users to register with a space between firstname and lastname in Full name, as an antispam measure"), - '$no_utf' => array('no_utf', t("UTF-8 Regular expressions"), !get_config('system','proxy'), "Use PHP UTF8 regular expressions"), + '$no_utf' => array('no_utf', t("UTF-8 Regular expressions"), !get_config('system','no_utf'), "Use PHP UTF8 regular expressions"), '$no_community_page' => array('no_community_page', t("Show Community Page"), !get_config('system','no_community_page'), "Display a Community page showing all recent public postings on this site."), '$ostatus_disabled' => array('ostatus_disabled', t("Enable OStatus support"), !get_config('system','ostatus_disable'), "Provide built-in OStatus \x28identi.ca, status.net, etc.\x29 compatibility. All communications in OStatus are public, so privacy warnings will be occasionally displayed."), '$dfrn_only' => array('dfrn_only', t('Only allow Friendika contacts'), get_config('system','dfrn_only'), "All contacts must use Friendika protocols. All other built-in communication protocols disabled."), -- cgit v1.2.3 From bbd545b9caa278d61ad423725dc591b3eb0e61f7 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 14 Aug 2011 04:26:41 -0700 Subject: honour "post to xxx network by default" when using API --- mod/item.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'mod') diff --git a/mod/item.php b/mod/item.php index 62c1d4a87..cc4e1e1a8 100644 --- a/mod/item.php +++ b/mod/item.php @@ -178,6 +178,20 @@ function item_post(&$a) { $pubmail_enable = ((x($_POST,'pubmail_enable') && intval($_POST['pubmail_enable']) && (! $private)) ? 1 : 0); + // if using the API, we won't see pubmail_enable - figure out if it should be set + + if($api_source && $profile_uid && $profile_uid == local_user()) { + $mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1); + if(! $mail_disabled) { + $r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1", + intval(local_user()) + ); + if(count($r) && intval($r[0]['pubmail'])) + $pubmail_enabled = true; + } + } + + if(! strlen($body)) { info( t('Empty post discarded.') . EOL ); if(x($_POST,'return')) -- cgit v1.2.3 From fcf6651299418f834076649f1fad4833476aad76 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 14 Aug 2011 05:23:36 -0700 Subject: add diaspora support to dfrn_confirm (friendship confirmation) --- mod/dfrn_confirm.php | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) (limited to 'mod') diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index bcc4e3438..f0c86910b 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -124,6 +124,8 @@ function dfrn_confirm_post(&$a,$handsfree = null) { $aes_allow = $contact['aes_allow']; $network = ((strlen($contact['issued-id'])) ? 'dfrn' : 'stat'); + if($contact['network']) + $network = $contact['network']; if($network === 'dfrn') { @@ -339,16 +341,18 @@ function dfrn_confirm_post(&$a,$handsfree = null) { else { // $network !== 'dfrn' - $notify = ''; - $poll = ''; - - $arr = lrdd($contact['url']); - if(count($arr)) { - foreach($arr as $link) { - if($link['@attributes']['rel'] === 'salmon') - $notify = $link['@attributes']['href']; - if($link['@attributes']['rel'] === NAMESPACE_FEED) - $poll = $link['@attributes']['href']; + $notify = (($contact['notify']) ? $contact['notify'] : ''); + $poll = (($contact['poll']) ? $contact['poll'] : ''); + + if((! $contact['notify']) || (! $contact['poll'])) { + $arr = lrdd($contact['url']); + if(count($arr)) { + foreach($arr as $link) { + if($link['@attributes']['rel'] === 'salmon') + $notify = $link['@attributes']['href']; + if($link['@attributes']['rel'] === NAMESPACE_FEED) + $poll = $link['@attributes']['href']; + } } } -- cgit v1.2.3 From 3a0727d4961aa5743e1f9365c8a3848cfb24a66b Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 14 Aug 2011 05:26:44 -0700 Subject: set network correctly - dfrn_confirm --- mod/dfrn_confirm.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'mod') diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php index f0c86910b..c4feef8ff 100644 --- a/mod/dfrn_confirm.php +++ b/mod/dfrn_confirm.php @@ -341,6 +341,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { else { // $network !== 'dfrn' + $network = (($contact['network']) ? $contact['network'] : 'stat'); $notify = (($contact['notify']) ? $contact['notify'] : ''); $poll = (($contact['poll']) ? $contact['poll'] : ''); @@ -372,7 +373,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { `poll` = '%s', `blocked` = 0, `pending` = 0, - `network` = 'stat' + `network` = '%s' WHERE `id` = %d LIMIT 1 ", dbesc($photos[0]), @@ -383,6 +384,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) { dbesc(datetime_convert()), dbesc($notify), dbesc($poll), + dbesc($network), intval($contact_id) ); } -- cgit v1.2.3 From 79529612226dc89b90df33ba066a530d0e716a69 Mon Sep 17 00:00:00 2001 From: Friendika Date: Sun, 14 Aug 2011 18:13:52 -0700 Subject: diaspora probe/scrape changes --- mod/probe.php | 1 + 1 file changed, 1 insertion(+) (limited to 'mod') diff --git a/mod/probe.php b/mod/probe.php index 221d18650..c95db291b 100644 --- a/mod/probe.php +++ b/mod/probe.php @@ -13,6 +13,7 @@ function probe_content(&$a) { $o .= '

'; if(x($_GET,'addr')) { + $addr = trim($_GET['addr']); $res = probe_url($addr); $o .= '
';
-- 
cgit v1.2.3


From 0729e205c8149f5634b8622654a09382b50ec678 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Sun, 14 Aug 2011 20:38:31 -0700
Subject: diaspora follow from friendika

---
 mod/follow.php | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

(limited to 'mod')

diff --git a/mod/follow.php b/mod/follow.php
index 80226f3b9..48bccc5aa 100644
--- a/mod/follow.php
+++ b/mod/follow.php
@@ -71,6 +71,7 @@ function follow_post(&$a) {
 		$writeable = 1;
 		
 	}
+
 	// check if we already have a contact
 	// the poll url is more reliable than the profile url, as we may have
 	// indirect links or webfinger links
@@ -175,10 +176,16 @@ function follow_post(&$a) {
 			intval(local_user())
 	);
 
-
-	if((count($r)) && (x($contact,'notify')) && (strlen($contact['notify']))) {
-		require_once('include/salmon.php');
-		slapper($r[0],$contact['notify'],$slap);
+	if(count($r)) {
+		if(($contact['network'] == NETWORK_OSTATUS) && (strlen($contact['notify']))) {
+			require_once('include/salmon.php');
+			slapper($r[0],$contact['notify'],$slap);
+		}
+		if($contact['network'] == NETWORK_DIASPORA) {
+			require_once('include/diaspora.php');
+			$ret = diaspora_share($a->user,$r[0]);
+			logger('mod_follow: diaspora_share returns: ' . $ret);
+		}
 	}
 
 	goaway($_SESSION['return_url']);
-- 
cgit v1.2.3


From 5d6155a9685202b055744549a2cb84e3d8195fd2 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 05:27:24 -0700
Subject: fixes share from diaspora

---
 mod/receive.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'mod')

diff --git a/mod/receive.php b/mod/receive.php
index 72d528093..43f8c7bbc 100644
--- a/mod/receive.php
+++ b/mod/receive.php
@@ -26,7 +26,7 @@ function receive_post(&$a) {
 
 	$importer = $r[0];
 
-	$xml = $_POST['xml'];
+	$xml = urldecode($_POST['xml']);
 
 	logger('mod-diaspora: new salmon ' . $xml, LOGGER_DATA);
 
@@ -38,7 +38,7 @@ function receive_post(&$a) {
 		http_status_exit(500);
 
 
-	$parsed_xml = parse_xml_string($msg);
+	$parsed_xml = parse_xml_string($msg,false);
 
 	$xmlbase = $parsed_xml->post;
 
-- 
cgit v1.2.3


From 44918e27367d00d3625daaf751a05b166ecd2fc1 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 17:14:51 -0700
Subject: turn diaspora posts into x-www-form-urlencoded

---
 mod/receive.php | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

(limited to 'mod')

diff --git a/mod/receive.php b/mod/receive.php
index 43f8c7bbc..46b1f2745 100644
--- a/mod/receive.php
+++ b/mod/receive.php
@@ -26,6 +26,9 @@ function receive_post(&$a) {
 
 	$importer = $r[0];
 
+	// I really don't know why we need urldecode - PHP should be doing this for us.
+	// It is an application/x-www-form-urlencoded
+
 	$xml = urldecode($_POST['xml']);
 
 	logger('mod-diaspora: new salmon ' . $xml, LOGGER_DATA);
@@ -34,6 +37,9 @@ function receive_post(&$a) {
 		http_status_exit(500);
 
 	$msg = diaspora_decode($importer,$xml);
+
+	logger('mod-diaspora: decoded msg: ' . $msg, LOGGER_DATA);
+
 	if(! $msg)
 		http_status_exit(500);
 
@@ -58,21 +64,23 @@ function receive_post(&$a) {
 	// is this a follower? Or have we ignored the person?
 	// If so we can not accept this post.
 	// However we will accept a sharing e.g. friend request
+	// or a retraction of same.
 
-	if((count($r)) && (($r[0]['readonly']) || ($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']))) {
-		if(! $xmlbase->request) {
+
+	$allow_blocked = (($xmlbase->request || ($xmlbase->retraction && $xmlbase->retraction->type == 'Person')) ? true : false);
+
+	if((count($r)) 
+		&& (($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']) || ($r[0]['readonly'])) 
+		&& (! $allow_blocked)) {
 			logger('mod-diaspora: Ignoring this author.');
 			http_status_exit(202);
 			// NOTREACHED
-		}
 	}
 
 	require_once('include/items.php');
 
 	$contact = ((count($r)) ? $r[0] : null);
 
-	logger('diaspora msg: ' . $msg, LOGGER_DATA); 
-
 	if($xmlbase->request) {
 		diaspora_request($importer,$contact,$xmlbase->request);
 	}
-- 
cgit v1.2.3


From a6d88fb8f7a1538f0b6af915107582b5189e25a0 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 18:17:19 -0700
Subject: diaspora friend approvals

---
 mod/dfrn_confirm.php  | 25 +++++++++++++++++++------
 mod/notifications.php | 10 +++++-----
 2 files changed, 24 insertions(+), 11 deletions(-)

(limited to 'mod')

diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php
index c4feef8ff..6ca6d9c5e 100644
--- a/mod/dfrn_confirm.php
+++ b/mod/dfrn_confirm.php
@@ -123,11 +123,12 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 		$dfrn_confirm = $contact['confirm'];
 		$aes_allow    = $contact['aes_allow'];
 
-		$network = ((strlen($contact['issued-id'])) ? 'dfrn' : 'stat');
+		$network = ((strlen($contact['issued-id'])) ? NETWORK_DFRN : NETWORK_OSTATUS);
+
 		if($contact['network'])
 			$network = $contact['network'];
 
-		if($network === 'dfrn') {
+		if($network === NETWORK_DFRN) {
 
 			/**
 			 *
@@ -306,7 +307,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 		
 		logger('dfrn_confirm: confirm - imported photos');
 
-		if($network === 'dfrn') {
+		if($network === NETWORK_DFRN) {
 
 			$new_relation = CONTACT_IS_FOLLOWER;
 			if(($relation == CONTACT_IS_SHARING) || ($duplex))
@@ -339,9 +340,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 			);
 		}
 		else {  
-			// $network !== 'dfrn'
 
-			$network = (($contact['network']) ? $contact['network'] : 'stat');
+			// $network !== NETWORK_DFRN
+
+			$network = (($contact['network']) ? $contact['network'] : NETWORK_OSTATUS);
 			$notify = (($contact['notify']) ? $contact['notify'] : '');
 			$poll   = (($contact['poll']) ? $contact['poll'] : '');
 
@@ -357,6 +359,10 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 				}
 			}
 
+			$new_relation = $contact['rel'];
+			if($network === NETWORK_DIASPORA && $duplex)
+				$new_relation = CONTACT_IS_FRIEND;
+
 			$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d LIMIT 1",
 				intval($intro_id),
 				intval($uid)
@@ -373,7 +379,8 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 				`poll` = '%s',
 				`blocked` = 0, 
 				`pending` = 0,
-				`network` = '%s'
+				`network` = '%s',
+				`rel` = %d
 				WHERE `id` = %d LIMIT 1
 			",
 				dbesc($photos[0]),
@@ -385,6 +392,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 				dbesc($notify),
 				dbesc($poll),
 				dbesc($network),
+				intval($new_relation),
 				intval($contact_id)
 			);			
 		}
@@ -409,6 +417,11 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 		);
 		if((count($r)) && ($r[0]['hide-friends'] == 0) && (is_array($contact)) &&  isset($new_relation) && ($new_relation == CONTACT_IS_FRIEND)) {
 
+			if($r[0]['network'] === NETWORK_DIASPORA) {
+				require_once('include_diaspora.php');
+				diaspora_share($user[0],$r[0]);
+			}
+
 			require_once('include/items.php');
 
 			$self = q("SELECT * FROM `contact` WHERE `self` = 1 AND `uid` = %d LIMIT 1",
diff --git a/mod/notifications.php b/mod/notifications.php
index 244563adc..07403d4b4 100644
--- a/mod/notifications.php
+++ b/mod/notifications.php
@@ -122,14 +122,14 @@ function notifications_content(&$a) {
 				continue;
 
 			}
-			$friend_selected = (($rr['network'] !== 'stat') ? ' checked="checked" ' : ' disabled ');
-			$fan_selected = (($rr['network'] === 'stat') ? ' checked="checked" disabled ' : '');
+			$friend_selected = (($rr['network'] !== NETWORK_OSTATUS) ? ' checked="checked" ' : ' disabled ');
+			$fan_selected = (($rr['network'] === NETWORK_OSTATUS) ? ' checked="checked" disabled ' : '');
 			$dfrn_tpl = get_markup_template('netfriend.tpl');
 
 			$knowyou   = '';
 			$dfrn_text = '';
 						
-			if($rr['network'] !== 'stat') {
+			if($rr['network'] === NETWORK_DFRN) {
 				$knowyou = t('Claims to be known to you: ') . (($rr['knowyou']) ? t('yes') : t('no'));
 
 				$dfrn_text = replace_macros($dfrn_tpl,array(
@@ -138,7 +138,7 @@ function notifications_content(&$a) {
 					'$fan_selected' => $fan_selected,
 					'$approve_as' => t('Approve as: '),
 					'$as_friend' => t('Friend'),
-					'$as_fan' => t('Fan/Admirer')
+					'$as_fan' => (($rr['network'] == NETWORK_DIASPORA) ? t('Sharer') : t('Fan/Admirer'))
 				));
 			}			
 
@@ -146,7 +146,7 @@ function notifications_content(&$a) {
 
 			$o .= replace_macros($tpl,array(
 				'$str_notifytype' => t('Notification type: '),
-				'$notify_type' => (($rr['network'] !== 'stat') ? t('Friend/Connect Request') : t('New Follower')),
+				'$notify_type' => (($rr['network'] !== NETWORK_OSTATUS) ? t('Friend/Connect Request') : t('New Follower')),
 				'$dfrn_text' => $dfrn_text,	
 				'$dfrn_id' => $rr['issued-id'],
 				'$uid' => $_SESSION['uid'],
-- 
cgit v1.2.3


From 240941237a32c9da6cafffdd0ff80ddc1a939f26 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 18:29:49 -0700
Subject: privacy enforcement on pubmail_enable

---
 mod/item.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'mod')

diff --git a/mod/item.php b/mod/item.php
index cc4e1e1a8..54472e268 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -180,7 +180,7 @@ function item_post(&$a) {
 
 		// if using the API, we won't see pubmail_enable - figure out if it should be set
 
-		if($api_source && $profile_uid && $profile_uid == local_user()) {
+		if($api_source && $profile_uid && $profile_uid == local_user() && (! $private)) {
 			$mail_disabled = ((function_exists('imap_open') && (! get_config('system','imap_disabled'))) ? 0 : 1);
 			if(! $mail_disabled) {
 				$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1",
-- 
cgit v1.2.3


From f7a1674cf6a65f9280f9e4e612f2c37cced35580 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 19:15:56 -0700
Subject: set proper relation for diaspora in mod_follow

---
 mod/dfrn_confirm.php |  3 ++-
 mod/follow.php       | 11 +++++++++--
 2 files changed, 11 insertions(+), 3 deletions(-)

(limited to 'mod')

diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php
index 6ca6d9c5e..346d9d445 100644
--- a/mod/dfrn_confirm.php
+++ b/mod/dfrn_confirm.php
@@ -419,7 +419,8 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 
 			if($r[0]['network'] === NETWORK_DIASPORA) {
 				require_once('include_diaspora.php');
-				diaspora_share($user[0],$r[0]);
+				$ret = diaspora_share($user[0],$r[0]);
+				logger('mod_follow: diaspora_share returns: ' . $ret);
 			}
 
 			require_once('include/items.php');
diff --git a/mod/follow.php b/mod/follow.php
index 48bccc5aa..14b2ea46c 100644
--- a/mod/follow.php
+++ b/mod/follow.php
@@ -71,6 +71,8 @@ function follow_post(&$a) {
 		$writeable = 1;
 		
 	}
+	if($ret['network'] === NETWORK_DIASPORA)
+		$writeable = 1;
 
 	// check if we already have a contact
 	// the poll url is more reliable than the profile url, as we may have
@@ -83,7 +85,7 @@ function follow_post(&$a) {
 
 	if(count($r)) {
 		// update contact
-		if($r[0]['rel'] == CONTACT_IS_FOLLOWER) {
+		if($r[0]['rel'] == CONTACT_IS_FOLLOWER || ($network === NETWORK_DIASPORA && $r[0]['rel'] == CONTACT_IS_SHARING)) {
 			q("UPDATE `contact` SET `rel` = %d , `readonly` = 0 WHERE `id` = %d AND `uid` = %d LIMIT 1",
 				intval(CONTACT_IS_FRIEND),
 				intval($r[0]['id']),
@@ -92,6 +94,11 @@ function follow_post(&$a) {
 		}
 	}
 	else {
+
+		$new_relation = (($ret['network'] === NETWORK_MAIL) ? CONTACT_IS_FRIEND : CONTACT_IS_SHARING);
+		if($ret['network'] === NETWORK_DIASPORA)
+			$new_relation = CONTACT_IS_FOLLOWER;
+
 		// create contact record 
 		$r = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `addr`, `alias`, `notify`, `poll`, `name`, `nick`, `photo`, `network`, `rel`, `priority`,
 			`writable`, `blocked`, `readonly`, `pending` )
@@ -107,7 +114,7 @@ function follow_post(&$a) {
 			dbesc($ret['nick']),
 			dbesc($ret['photo']),
 			dbesc($ret['network']),
-			intval(($ret['network'] === NETWORK_MAIL) ? CONTACT_IS_FRIEND : CONTACT_IS_SHARING),
+			intval($new_relation),
 			intval($ret['priority']),
 			intval($writeable)
 		);
-- 
cgit v1.2.3


From 8e3506048a3c8bc6fd8fb86fdbf813ff9fb3adc9 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 19:31:45 -0700
Subject: diaspora confirm cleanup

---
 mod/contacts.php      | 2 +-
 mod/notifications.php | 8 +++++---
 2 files changed, 6 insertions(+), 4 deletions(-)

(limited to 'mod')

diff --git a/mod/contacts.php b/mod/contacts.php
index f64709ab6..f130b74c0 100644
--- a/mod/contacts.php
+++ b/mod/contacts.php
@@ -319,7 +319,7 @@ function contacts_content(&$a) {
 			'$contact_id' => $r[0]['id'],
 			'$block_text' => (($r[0]['blocked']) ? t('Unblock this contact') : t('Block this contact') ),
 			'$ignore_text' => (($r[0]['readonly']) ? t('Unignore this contact') : t('Ignore this contact') ),
-			'$insecure' => (($r[0]['network'] !== NETWORK_DFRN && $r[0]['network'] !== NETWORK_MAIL && $r[0]['network'] !== NETWORK_FACEBOOK) ? $insecure : ''),
+			'$insecure' => (($r[0]['network'] !== NETWORK_DFRN && $r[0]['network'] !== NETWORK_MAIL && $r[0]['network'] !== NETWORK_FACEBOOK && $r[0]['network'] !== NETWORK_DIASPORA) ? $insecure : ''),
 			'$info' => $r[0]['info'],
 			'$blocked' => (($r[0]['blocked']) ? '
' . t('Currently blocked') . '
' : ''),
 			'$ignored' => (($r[0]['readonly']) ? '
' . t('Currently ignored') . '
' : ''),
diff --git a/mod/notifications.php b/mod/notifications.php
index 07403d4b4..8c32ee862 100644
--- a/mod/notifications.php
+++ b/mod/notifications.php
@@ -129,9 +129,11 @@ function notifications_content(&$a) {
 			$knowyou   = '';
 			$dfrn_text = '';
 						
-			if($rr['network'] === NETWORK_DFRN) {
-				$knowyou = t('Claims to be known to you: ') . (($rr['knowyou']) ? t('yes') : t('no'));
-
+			if($rr['network'] === NETWORK_DFRN || $rr['network'] === NETWORK_DIASPORA) {
+				if($rr['network'] === NETWORK_DFRN)
+					$knowyou = t('Claims to be known to you: ') . (($rr['knowyou']) ? t('yes') : t('no'));
+				else
+					$knowyou = '';
 				$dfrn_text = replace_macros($dfrn_tpl,array(
 					'$intro_id' => $rr['intro_id'],
 					'$friend_selected' => $friend_selected,
-- 
cgit v1.2.3


From 37a9a5ea62f817f5e863f45f3967ee74082d6acc Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 20:16:00 -0700
Subject: stupid browsers not honouring meta base

---
 mod/help.php | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'mod')

diff --git a/mod/help.php b/mod/help.php
index 561f5381f..495b4ccc2 100644
--- a/mod/help.php
+++ b/mod/help.php
@@ -9,7 +9,9 @@ function load_doc_file($s) {
 	$d = dirname($s);
 	if(file_exists("$d/$lang/$b"))
 		return file_get_contents("$d/$lang/$b");
-	return file_get_contents($s);
+	if(file_exists($s))
+		return file_get_contents($s);
+	return '';
 }}
 
 
@@ -31,7 +33,12 @@ function help_content(&$a) {
 		$a->page['title'] = t('Help');
 	}
 	
-
+	if(! strlen($text)) {
+		header($_SERVER["SERVER_PROTOCOL"] . ' 404 ' . t('Not Found'));
+		notice( t('Page not found.' ) . EOL);
+		return;
+	}
+	
 	return Markdown($text);
 
 }
\ No newline at end of file
-- 
cgit v1.2.3


From a589e8e3feecbd304da07bcdbc4d398511651b3f Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 20:47:09 -0700
Subject: filename typo

---
 mod/dfrn_confirm.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'mod')

diff --git a/mod/dfrn_confirm.php b/mod/dfrn_confirm.php
index 346d9d445..4088178c0 100644
--- a/mod/dfrn_confirm.php
+++ b/mod/dfrn_confirm.php
@@ -301,7 +301,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 		 *
 		 */
 
-		require_once("Photo.php");
+		require_once('include/Photo.php');
 
 		$photos = import_profile_photo($contact['photo'],$uid,$contact_id);
 		
@@ -418,7 +418,7 @@ function dfrn_confirm_post(&$a,$handsfree = null) {
 		if((count($r)) && ($r[0]['hide-friends'] == 0) && (is_array($contact)) &&  isset($new_relation) && ($new_relation == CONTACT_IS_FRIEND)) {
 
 			if($r[0]['network'] === NETWORK_DIASPORA) {
-				require_once('include_diaspora.php');
+				require_once('include/diaspora.php');
 				$ret = diaspora_share($user[0],$r[0]);
 				logger('mod_follow: diaspora_share returns: ' . $ret);
 			}
-- 
cgit v1.2.3


From 0eb06b3e2d9c5c65b6bad97639f032d5d0a1620f Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 22:23:17 -0700
Subject: cronhooks broken

---
 mod/item.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'mod')

diff --git a/mod/item.php b/mod/item.php
index 54472e268..ef0b232d5 100644
--- a/mod/item.php
+++ b/mod/item.php
@@ -35,7 +35,7 @@ function item_post(&$a) {
 
 	call_hooks('post_local_start', $_POST);
 
-	$api_source = ((x($_POST,'api_source')) ? true : false);
+	$api_source = ((x($_POST,'api_source') && $_POST['api_source']) ? true : false);
 
 	/**
 	 * Is this a reply to something?
-- 
cgit v1.2.3


From c7197b99f919bee81fa2a8f46a3ef744c76bec6c Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Mon, 15 Aug 2011 23:19:17 -0700
Subject: refactor the diaspora contact logic

---
 mod/receive.php | 45 +++++----------------------------------------
 1 file changed, 5 insertions(+), 40 deletions(-)

(limited to 'mod')

diff --git a/mod/receive.php b/mod/receive.php
index 46b1f2745..1a99a9aed 100644
--- a/mod/receive.php
+++ b/mod/receive.php
@@ -9,7 +9,6 @@ require_once('include/salmon.php');
 require_once('include/crypto.php');
 require_once('include/diaspora.php');
 
-
 	
 function receive_post(&$a) {
 
@@ -26,7 +25,6 @@ function receive_post(&$a) {
 
 	$importer = $r[0];
 
-	// I really don't know why we need urldecode - PHP should be doing this for us.
 	// It is an application/x-www-form-urlencoded
 
 	$xml = urldecode($_POST['xml']);
@@ -48,53 +46,20 @@ function receive_post(&$a) {
 
 	$xmlbase = $parsed_xml->post;
 
-	// If we reached this point, the message is good. 
-	// Now let's figure out if the author is allowed to send us stuff.
-
-	$r = q("SELECT * FROM `contact` WHERE `network` = 'dspr' AND ( `url` = '%s' OR `alias` = '%s') 
-		AND `uid` = %d LIMIT 1",
-		dbesc($author_link),
-		dbesc($author_link),
-		intval($importer['uid'])
-	);
-	if(! count($r)) {
-		logger('mod-diaspora: Author unknown to us.');
-	}	
-
-	// is this a follower? Or have we ignored the person?
-	// If so we can not accept this post.
-	// However we will accept a sharing e.g. friend request
-	// or a retraction of same.
-
-
-	$allow_blocked = (($xmlbase->request || ($xmlbase->retraction && $xmlbase->retraction->type == 'Person')) ? true : false);
-
-	if((count($r)) 
-		&& (($r[0]['rel'] == CONTACT_IS_FOLLOWER) || ($r[0]['blocked']) || ($r[0]['readonly'])) 
-		&& (! $allow_blocked)) {
-			logger('mod-diaspora: Ignoring this author.');
-			http_status_exit(202);
-			// NOTREACHED
-	}
-
-	require_once('include/items.php');
-
-	$contact = ((count($r)) ? $r[0] : null);
-
 	if($xmlbase->request) {
-		diaspora_request($importer,$contact,$xmlbase->request);
+		diaspora_request($importer,$xmlbase->request);
 	}
 	elseif($xmlbase->status_message) {
-		diaspora_post($importer,$contact,$xmlbase->status_message);
+		diaspora_post($importer,$xmlbase->status_message);
 	}
 	elseif($xmlbase->comment) {
-		diaspora_comment($importer,$contact,$xmlbase->comment);
+		diaspora_comment($importer,$xmlbase->comment);
 	}
 	elseif($xmlbase->like) {
-		diaspora_like($importer,$contact,$xmlbase->like);
+		diaspora_like($importer,$xmlbase->like);
 	}
 	elseif($xmlbase->retraction) {
-		diaspora_retraction($importer,$contact,$xmlbase->retraction);
+		diaspora_retraction($importer,$xmlbase->retraction);
 	}
 	else {
 		logger('mod-diaspora: unknown message type: ' . print_r($xmlbase,true));
-- 
cgit v1.2.3


From b28b468b2182493b958afecb388501fd66de230f Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 16 Aug 2011 20:05:02 -0700
Subject: cleanup

---
 mod/display.php  | 2 +-
 mod/network.php  | 3 +--
 mod/profile.php  | 3 +--
 mod/register.php | 2 +-
 mod/search.php   | 1 +
 5 files changed, 5 insertions(+), 6 deletions(-)

(limited to 'mod')

diff --git a/mod/display.php b/mod/display.php
index 159ff57ed..52a84e755 100644
--- a/mod/display.php
+++ b/mod/display.php
@@ -114,7 +114,7 @@ function display_content(&$a) {
 
 	}
 
-	$o .= '
' . t('Shared content is covered by the Creative Commons Attribution 3.0 license.') . '
';
+	$o .= cc_license();
 
 	return $o;
 }
diff --git a/mod/network.php b/mod/network.php
index 7bdd3f3f1..05b74b50a 100644
--- a/mod/network.php
+++ b/mod/network.php
@@ -297,9 +297,8 @@ function network_content(&$a, $update = 0) {
 	$o .= conversation($a,$r,$mode,$update);
 
 	if(! $update) {
-
 		$o .= paginate($a);
-		$o .= '
' . t('Shared content is covered by the Creative Commons Attribution 3.0 license.') . '
';
+		$o .= cc_license();
 	}
 
 	return $o;
diff --git a/mod/profile.php b/mod/profile.php
index 71912458f..a4c6ea710 100644
--- a/mod/profile.php
+++ b/mod/profile.php
@@ -236,9 +236,8 @@ function profile_content(&$a, $update = 0) {
 	$o .= conversation($a,$r,'profile',$update);
 
 	if(! $update) {
-		
 		$o .= paginate($a);
-		$o .= '
' . t('Shared content is covered by the Creative Commons Attribution 3.0 license.') . '
';
+		$o .= cc_license();
 	}
 
 	return $o;
diff --git a/mod/register.php b/mod/register.php
index fbd21a567..5fceebd4b 100644
--- a/mod/register.php
+++ b/mod/register.php
@@ -501,7 +501,7 @@ function register_content(&$a) {
 	}
 
 
-	$license = t('Shared content is covered by the Creative Commons Attribution 3.0 license.');
+	$license = cc_license();
 
 
 	$o = get_markup_template("register.tpl");
diff --git a/mod/search.php b/mod/search.php
index 9b465c0e5..88ff9bbb7 100644
--- a/mod/search.php
+++ b/mod/search.php
@@ -91,6 +91,7 @@ function search_content(&$a) {
 	$o .= conversation($a,$r,'search',false);
 
 	$o .= paginate($a);
+	$o .= cc_license();
 
 	return $o;
 }
-- 
cgit v1.2.3


From 673e114bbd6666ffe9350613284e813a38c5f0d7 Mon Sep 17 00:00:00 2001
From: Friendika 
Date: Tue, 16 Aug 2011 22:31:14 -0700
Subject: D* like and start of relay code

---
 mod/receive.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'mod')

diff --git a/mod/receive.php b/mod/receive.php
index 1a99a9aed..19c163967 100644
--- a/mod/receive.php
+++ b/mod/receive.php
@@ -36,13 +36,13 @@ function receive_post(&$a) {
 
 	$msg = diaspora_decode($importer,$xml);
 
-	logger('mod-diaspora: decoded msg: ' . $msg, LOGGER_DATA);
+	logger('mod-diaspora: decoded msg: ' . print_r($msg,true), LOGGER_DATA);
 
-	if(! $msg)
+	if(! is_array($msg))
 		http_status_exit(500);
 
 
-	$parsed_xml = parse_xml_string($msg,false);
+	$parsed_xml = parse_xml_string($msg['message'],false);
 
 	$xmlbase = $parsed_xml->post;
 
@@ -53,13 +53,13 @@ function receive_post(&$a) {
 		diaspora_post($importer,$xmlbase->status_message);
 	}
 	elseif($xmlbase->comment) {
-		diaspora_comment($importer,$xmlbase->comment);
+		diaspora_comment($importer,$xmlbase->comment,$msg);
 	}
 	elseif($xmlbase->like) {
-		diaspora_like($importer,$xmlbase->like);
+		diaspora_like($importer,$xmlbase->like,$msg);
 	}
 	elseif($xmlbase->retraction) {
-		diaspora_retraction($importer,$xmlbase->retraction);
+		diaspora_retraction($importer,$xmlbase->retraction,$msg);
 	}
 	else {
 		logger('mod-diaspora: unknown message type: ' . print_r($xmlbase,true));
-- 
cgit v1.2.3