clones/friendica
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge remote branch 'upstream/master'

Browse Source
This commit is contained in:
Michael Vogel
2012-06-04 08:09:15 +02:00
parent 5de91c2a7c ca105f1c66
commit 0353410cd4
62 changed files with 3292 additions and 2385 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/api.php
+2 -2
View File
@@ -997,8 +997,8 @@
else
$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ",
dbesc(protect_sprintf('%' . $myurl)),
dbesc(protect_sprintf('%' . $myurl . '\\]%')),
dbesc(protect_sprintf('%' . $diasp_url . '\\]%'))
dbesc(protect_sprintf('%' . $myurl . ']%')),
dbesc(protect_sprintf('%' . $diasp_url . ']%'))
);
if ($max_id > 0)
include/bbcode.php
+8 -1
View File
@@ -52,6 +52,8 @@ function bb_unspacefy_and_trim($st) {
function bbcode($Text,$preserve_nl = false) {
$a = get_app();
// Hide all [noparse] contained bbtags spacefying them
$Text = preg_replace_callback("/\[noparse\](.*?)\[\/noparse\]/ism", 'bb_spacefy',$Text);
@@ -114,6 +116,11 @@ function bbcode($Text,$preserve_nl = false) {
$Text = preg_replace("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '<a href="$1" target="external-link">$2</a>', $Text);
//$Text = preg_replace("/\[url\=([$URLSearchString]*)\]([$URLSearchString]*)\[\/url\]/ism", '<a href="$1" target="_blank">$2</a>', $Text);
// we may need to restrict this further if it picks up too many strays
// link acct:user@host to a webfinger profile redirector
$Text = preg_replace('/acct:(.*?)@(.*?)([ ,])/', '<a href="' . $a->get_baseurl() . '/acctlink?addr=' . "$1@$2"
. '" target="extlink" >acct:' . "$1@$2$3" . '</a>',$Text);
// Perform MAIL Search
$Text = preg_replace("/\[mail\]([$MAILSearchString]*)\[\/mail\]/", '<a href="mailto:$1">$1</a>', $Text);
@@ -226,7 +233,7 @@ function bbcode($Text,$preserve_nl = false) {
$endlessloop = 0;
while ((strpos($Text, "[/quote]")!== false) and (strpos($Text, "[quote=") !== false) and (++$endlessloop < 20))
$Text = preg_replace("/\[quote=[\"\']*(.*?)[\"\']*\](.*?)\[\/quote\]/ism",
"<br /><strong class=".'"author"'.">" . $t_wrote . "</strong><blockquote class=".'"author"'.">$2</blockquote>",
"<br /><strong class=".'"author"'.">" . $t_wrote . "</strong><blockquote>$2</blockquote>",
$Text);
// [img=widthxheight]image source[/img]
include/conversation.php
+36 -15
View File
@@ -173,6 +173,12 @@ function localize_item(&$item){
$item['body'] = str_replace($mtch[0],'@[url=' . zrl($mtch[1]). ']',$item['body']);
}
}
if(preg_match_all('/\[url=(.*?)\/photos\/(.*?)\/image\/(.*?)\]\[img(.*?)\]h(.*?)\[\/img\]\[\/url\]/is',$item['body'],$matches,PREG_SET_ORDER)) {
logger('matched');
foreach($matches as $mtch) {
$item['body'] = str_replace($mtch[0],'[url=' . zrl($mtch[1] . '/photos/' . $mtch[2] . '/image/' . $mtch[3] ,true) . '][img' . $mtch[4] . ']h' . $mtch[5] . '[/img][/url]',$item['body']);
}
}
}
@@ -496,7 +502,7 @@ function conversation(&$a, $items, $mode, $update, $preview = false) {
// On the network page, I am the owner. On the display page it will be the profile owner.
// This will have been stored in $a->page_contact by our calling page.
// Put this person on the left of the wall-to-wall notice.
// Put this person as the wall owner of the wall-to-wall notice.
$owner_url = zrl($a->page_contact['url']);
$owner_photo = $a->page_contact['thumb'];
@@ -504,23 +510,38 @@ function conversation(&$a, $items, $mode, $update, $preview = false) {
$template = $wallwall;
$commentww = 'ww';
}
if((! $item['wall']) && (strlen($item['owner-link'])) && (! link_compare($item['owner-link'],$item['author-link']))) {
// Could be anybody.
if((! $item['wall']) && $item['owner-link']) {
$owner_url = $item['owner-link'];
$owner_photo = $item['owner-avatar'];
$owner_name = $item['owner-name'];
$template = $wallwall;
$commentww = 'ww';
// If it is our contact, use a friendly redirect link
if((link_compare($item['owner-link'],$item['url']))
&& ($item['network'] === NETWORK_DFRN)) {
$owner_url = $redirect_url;
$osparkle = ' sparkle';
$owner_linkmatch = (($item['owner-link']) && link_compare($item['owner-link'],$item['author-link']));
$alias_linkmatch = (($item['alias']) && link_compare($item['alias'],$item['author-link']));
$owner_namematch = (($item['owner-name']) && $item['owner-name'] == $item['author-name']);
if((! $owner_linkmatch) && (! $alias_linkmatch) && (! $owner_namematch)) {
// The author url doesn't match the owner (typically the contact)
// and also doesn't match the contact alias.
// The name match is a hack to catch several weird cases where URLs are
// all over the park. It can be tricked, but this prevents you from
// seeing "Bob Smith to Bob Smith via Wall-to-wall" and you know darn
// well that it's the same Bob Smith.
// But it could be somebody else with the same name. It just isn't highly likely.
$owner_url = $item['owner-link'];
$owner_photo = $item['owner-avatar'];
$owner_name = $item['owner-name'];
$template = $wallwall;
$commentww = 'ww';
// If it is our contact, use a friendly redirect link
if((link_compare($item['owner-link'],$item['url']))
&& ($item['network'] === NETWORK_DFRN)) {
$owner_url = $redirect_url;
$osparkle = ' sparkle';
}
else
$owner_url = zrl($owner_url);
}
else
$owner_url = zrl($owner_url);
}
}
include/datetime.php
+4 -2
View File
@@ -244,7 +244,7 @@ function timesel($pre,$h,$m) {
// Limited to range of timestamps
if(! function_exists('relative_date')) {
function relative_date($posted_date) {
function relative_date($posted_date,$format = null) {
$localtime = datetime_convert('UTC',date_default_timezone_get(),$posted_date);
@@ -274,7 +274,9 @@ function relative_date($posted_date) {
if ($d >= 1) {
$r = round($d);
// translators - e.g. 22 hours ago, 1 minute ago
return sprintf( t('%1$d %2$s ago'),$r, (($r == 1) ? $str[0] : $str[1]));
if(! $format)
$format = t('%1$d %2$s ago');
return sprintf( $format,$r, (($r == 1) ? $str[0] : $str[1]));
}
}
}}
include/delivery.php
+8 -7
View File
@@ -113,6 +113,7 @@ function delivery_run($argv, $argc){
$uid = $r[0]['uid'];
$updated = $r[0]['edited'];
// The following seems superfluous. We've already checked for "if (! intval($r[0]['parent']))" a few lines up
if(! $parent_id)
continue;
@@ -508,17 +509,17 @@ function delivery_run($argv, $argc){
// unsupported
break;
}
elseif(($target_item['deleted']) && ($target_item['verb'] !== ACTIVITY_LIKE)) {
logger('delivery: diaspora retract: ' . $loc);
// diaspora delete,
elseif(($target_item['deleted']) && ($target_item['uri'] === $target_item['parent-uri'])) {
// top-level retraction
logger('delivery: diaspora retract: ' . $loc);
diaspora_send_retraction($target_item,$owner,$contact,$public_message);
break;
}
elseif($target_item['parent'] != $target_item['id']) {
elseif($target_item['uri'] !== $target_item['parent-uri']) {
// we are the relay - send comments, likes and relayable_retractions to our conversants
logger('delivery: diaspora relay: ' . $loc);
logger('delivery: diaspora relay: ' . $loc);
// we are the relay - send comments, likes and unlikes to our conversants
diaspora_send_relay($target_item,$owner,$contact,$public_message);
break;
}
include/diaspora.php
Regular → Executable
+159 -50
View File
@@ -83,6 +83,9 @@ function diaspora_dispatch($importer,$msg) {
elseif($xmlbase->signed_retraction) {
$ret = diaspora_signed_retraction($importer,$xmlbase->signed_retraction,$msg);
}
elseif($xmlbase->relayable_retraction) {
$ret = diaspora_signed_retraction($importer,$xmlbase->relayable_retraction,$msg);
}
elseif($xmlbase->photo) {
$ret = diaspora_photo($importer,$xmlbase->photo,$msg);
}
@@ -677,7 +680,7 @@ function diaspora_post($importer,$xml) {
return;
}
// allocate a guid on our system - we aren't fixing any collisions.
// allocate a guid on our system - we aren't fixing any collisions.
// we're ignoring them
$g = q("select * from guid where guid = '%s' limit 1",
@@ -844,7 +847,7 @@ function diaspora_reshare($importer,$xml) {
$prefix = '&#x2672; ' . $details . "\n";
// allocate a guid on our system - we aren't fixing any collisions.
// allocate a guid on our system - we aren't fixing any collisions.
// we're ignoring them
$g = q("select * from guid where guid = '%s' limit 1",
@@ -948,7 +951,7 @@ function diaspora_asphoto($importer,$xml) {
return;
}
// allocate a guid on our system - we aren't fixing any collisions.
// allocate a guid on our system - we aren't fixing any collisions.
// we're ignoring them
$g = q("select * from guid where guid = '%s' limit 1",
@@ -1602,22 +1605,28 @@ function diaspora_like($importer,$xml,$msg) {
logger('diaspora_like: duplicate like: ' . $guid);
return;
}
// Note: I don't think "Like" objects with positive = "false" are ever actually used
// It looks like "RelayableRetractions" are used for "unlike" instead
if($positive === 'false') {
q("UPDATE `item` SET `deleted` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1",
logger('diaspora_like: received a like with positive set to "false"...ignoring');
/* q("UPDATE `item` SET `deleted` = 1 WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval($r[0]['id']),
intval($importer['uid'])
);
);*/
// FIXME
// send notification via proc_run()
return;
}
}
// Note: I don't think "Like" objects with positive = "false" are ever actually used
// It looks like "RelayableRetractions" are used for "unlike" instead
if($positive === 'false') {
logger('diaspora_like: unlike received with no corresponding like');
logger('diaspora_like: received a like with positive set to "false"');
logger('diaspora_like: unlike received with no corresponding like...ignoring');
return;
}
$author_signed_data = $guid . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $diaspora_handle;
$signed_data = $guid . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $diaspora_handle;
$author_signature = base64_decode($author_signature);
@@ -1635,20 +1644,20 @@ function diaspora_like($importer,$xml,$msg) {
}
}
if(! rsa_verify($author_signed_data,$author_signature,$key,'sha256')) {
if(! rsa_verify($signed_data,$author_signature,$key,'sha256')) {
logger('diaspora_like: verification failed.');
return;
}
if($parent_author_signature) {
$owner_signed_data = $guid . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $diaspora_handle;
//$owner_signed_data = $guid . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $diaspora_handle;
$parent_author_signature = base64_decode($parent_author_signature);
$key = $msg['key'];
if(! rsa_verify($owner_signed_data,$parent_author_signature,$key,'sha256')) {
if(! rsa_verify($signed_data,$parent_author_signature,$key,'sha256')) {
logger('diaspora_like: owner verification failed.');
return;
}
@@ -1783,38 +1792,89 @@ function diaspora_signed_retraction($importer,$xml,$msg) {
$type = notags(unxmlify($xml->target_type));
$sig = notags(unxmlify($xml->target_author_signature));
$parent_author_signature = (($xml->parent_author_signature) ? notags(unxmlify($xml->parent_author_signature)) : '');
$contact = diaspora_get_contact_by_handle($importer['uid'],$diaspora_handle);
if(! $contact) {
logger('diaspora_signed_retraction: no contact');
return;
}
// this may not yet work for comments. Need to see how the relaying works
// and figure out who signs it.
$signed_data = $guid . ';' . $type ;
$sig = base64_decode($sig);
$sig_decode = base64_decode($sig);
$key = $msg['key'];
if(strcasecmp($diaspora_handle,$msg['author']) == 0) {
$person = $contact;
$key = $msg['key'];
}
else {
$person = find_diaspora_person_by_handle($diaspora_handle);
if(! rsa_verify($signed_data,$sig,$key,'sha256')) {
logger('diaspora_signed_retraction: owner verification failed.' . print_r($msg,true));
if(is_array($person) && x($person,'pubkey'))
$key = $person['pubkey'];
else {
logger('diaspora_signed_retraction: unable to find author details');
return;
}
}
if(! rsa_verify($signed_data,$sig_decode,$key,'sha256')) {
logger('diaspora_signed_retraction: retraction-owner verification failed.' . print_r($msg,true));
return;
}
if($type === 'StatusMessage') {
if($parent_author_signature) {
$parent_author_signature = base64_decode($parent_author_signature);
$key = $msg['key'];
if(! rsa_verify($signed_data,$parent_author_signature,$key,'sha256')) {
logger('diaspora_signed_retraction: failed to verify person relaying the retraction (e.g. owner of a post relaying a retracted comment');
return;
}
}
if($type === 'StatusMessage' || $type === 'Comment' || $type === 'Like') {
$r = q("select * from item where guid = '%s' and uid = %d and not file like '%%[%%' limit 1",
dbesc($guid),
intval($importer['uid'])
);
if(count($r)) {
if(link_compare($r[0]['author-link'],$contact['url'])) {
q("update item set `deleted` = 1, `changed` = '%s' where `id` = %d limit 1",
q("update item set `deleted` = 1, `edited` = '%s', `changed` = '%s', `body` = '' , `title` = '' where `id` = %d limit 1",
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($r[0]['id'])
);
// Now check if the retraction needs to be relayed by us
//
// The first item in the `item` table with the parent id is the parent. However, MySQL doesn't always
// return the items ordered by `item`.`id`, in which case the wrong item is chosen as the parent.
// The only item with `parent` and `id` as the parent id is the parent item.
$p = q("select origin from item where parent = %d and id = %d limit 1",
$r[0]['parent'],
$r[0]['parent']
);
if(count($p)) {
if(($p[0]['origin']) && (! $parent_author_signature)) {
q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
$r[0]['id'],
dbesc($signed_data),
dbesc($sig),
dbesc($diaspora_handle)
);
// the existence of parent_author_signature would have meant the parent_author or owner
// is already relaying.
logger('diaspora_signed_retraction: relaying relayable_retraction');
proc_run('php','include/notifier.php','relayable_retraction',$r[0]['id']);
}
}
}
}
}
@@ -2055,8 +2115,12 @@ function diaspora_send_followup($item,$owner,$contact,$public_batch = false) {
$myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
$theiraddr = $contact['addr'];
$p = q("select guid from item where parent = %d limit 1",
$item['parent']
// The first item in the `item` table with the parent id is the parent. However, MySQL doesn't always
// return the items ordered by `item`.`id`, in which case the wrong item is chosen as the parent.
// The only item with `parent` and `id` as the parent id is the parent item.
$p = q("select guid from item where parent = %d and id = %d limit 1",
intval($item['parent']),
intval($item['parent'])
);
if(count($p))
$parent_guid = $p[0]['guid'];
@@ -2067,7 +2131,11 @@ function diaspora_send_followup($item,$owner,$contact,$public_batch = false) {
$tpl = get_markup_template('diaspora_like.tpl');
$like = true;
$target_type = 'Post';
$positive = (($item['deleted']) ? 'false' : 'true');
// $positive = (($item['deleted']) ? 'false' : 'true');
$positive = 'true';
if(($item['deleted']))
logger('diaspora_send_followup: received deleted "like". Those should go to diaspora_send_retraction');
}
else {
$tpl = get_markup_template('diaspora_comment.tpl');
@@ -2107,41 +2175,51 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
$a = get_app();
$myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
$myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
$theiraddr = $contact['addr'];
$p = q("select guid from item where parent = %d limit 1",
$item['parent']
// The first item in the `item` table with the parent id is the parent. However, MySQL doesn't always
// return the items ordered by `item`.`id`, in which case the wrong item is chosen as the parent.
// The only item with `parent` and `id` as the parent id is the parent item.
$p = q("select guid from item where parent = %d and id = %d limit 1",
intval($item['parent']),
intval($item['parent'])
);
if(count($p))
$parent_guid = $p[0]['guid'];
else
return;
if($item['verb'] === ACTIVITY_LIKE) {
$like = false;
$relay_retract = false;
$sql_sign_id = 'iid';
if( $item['deleted']) {
$tpl = get_markup_template('diaspora_relayable_retraction.tpl');
$relay_retract = true;
$sql_sign_id = 'retract_iid';
$target_type = ( ($item['verb'] === ACTIVITY_LIKE) ? 'Like' : 'Comment');
}
elseif($item['verb'] === ACTIVITY_LIKE) {
$tpl = get_markup_template('diaspora_like_relay.tpl');
$like = true;
$target_type = 'Post';
$positive = (($item['deleted']) ? 'false' : 'true');
// $positive = (($item['deleted']) ? 'false' : 'true');
$positive = 'true';
}
else {
$tpl = get_markup_template('diaspora_comment_relay.tpl');
$like = false;
}
$body = $item['body'];
$text = html_entity_decode(bb2diaspora($body));
// fetch the original signature if somebody sent the post to us to relay
// If we are relaying for a reply originating on our own account, there wasn't a 'send to relay'
// action. It wasn't needed. In that case create the original signature and the
// owner (parent author) signature
// comments from other networks will be relayed under our name, with a brief
// preamble to describe what's happening and noting the real author
$r = q("select * from sign where iid = %d limit 1",
// fetch the original signature if the relayable was created by a Diaspora
// or DFRN user. Relayables for other networks are not supported.
$r = q("select * from sign where " . $sql_sign_id . " = %d limit 1",
intval($item['id'])
);
if(count($r)) {
@@ -2152,6 +2230,12 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
}
else {
// Author signature information (for likes, comments, and retractions of likes or comments,
// whether from Diaspora or Friendica) must be placed in the `sign` table before this
// function is called
logger('diaspora_send_relay: original author signature not found, cannot send relayable');
return;
/*
$itemcontact = q("select * from contact where `id` = %d limit 1",
intval($item['contact-id'])
);
@@ -2160,29 +2244,40 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
$prefix = sprintf( t('[Relayed] Comment authored by %s from network %s'),
'['. $item['author-name'] . ']' . '(' . $item['author-link'] . ')',
network_to_name($itemcontact['network'])) . "\n";
// "$body" was assigned to "$text" above. It isn't used after that, so I don't think
// the following change will do anything
$body = $prefix . $body;
// I think this comment will fail upon reaching Diaspora, because "$signed_text" is not defined
}
}
else {
// I'm confused about this "else." Since it sets "$handle = $myaddr," it seems like it should be for the case
// where the top-level post owner commented on his own post, i.e. "$itemcontact[0]['self']" is true. But it's
// positioned to be for the case where "count($itemcontact)" is 0.
$handle = $myaddr;
if($like)
$signed_text = $item['guid'] . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $myaddr;
$signed_text = $item['guid'] . ';' . $target_type . ';' . $parent_guid . ';' . $positive . ';' . $handle;
elseif($relay_retract)
$signed_text = $item['guid'] . ';' . $target_type;
else
$signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $myaddr;
$signed_text = $item['guid'] . ';' . $parent_guid . ';' . $text . ';' . $handle;
$authorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256'));
q("insert into sign (`iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
q("insert into sign (`" . $sql_sign_id . "`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($item['id']),
dbesc($signed_text),
dbesc(base64_encode($authorsig)),
dbesc($myaddr)
dbesc($authorsig),
dbesc($handle)
);
$handle = $myaddr;
}
*/
}
// sign it
// sign it with the top-level owner's signature
$parentauthorsig = base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256'));
@@ -2190,14 +2285,15 @@ function diaspora_send_relay($item,$owner,$contact,$public_batch = false) {
'$guid' => xmlify($item['guid']),
'$parent_guid' => xmlify($parent_guid),
'$target_type' =>xmlify($target_type),
'$authorsig' => xmlify($orig_sign['signature']),
'$authorsig' => xmlify($authorsig),
'$parentsig' => xmlify($parentauthorsig),
'$body' => xmlify($text),
'$positive' => xmlify($positive),
'$handle' => xmlify($handle)
));
logger('diaspora_relay_comment: base message: ' . $msg, LOGGER_DATA);
logger('diaspora_send_relay: base message: ' . $msg, LOGGER_DATA);
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch)));
@@ -2212,14 +2308,25 @@ function diaspora_send_retraction($item,$owner,$contact,$public_batch = false) {
$a = get_app();
$myaddr = $owner['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
$signed_text = $item['guid'] . ';' . 'StatusMessage';
// Check whether the retraction is for a top-level post or whether it's a relayable
if( $item['uri'] !== $item['parent-uri'] ) {
$tpl = get_markup_template('diaspora_relay_retraction.tpl');
$target_type = (($item['verb'] === ACTIVITY_LIKE) ? 'Like' : 'Comment');
}
else {
$tpl = get_markup_template('diaspora_signed_retract.tpl');
$target_type = 'StatusMessage';
}
$signed_text = $item['guid'] . ';' . $target_type;
$tpl = get_markup_template('diaspora_signed_retract.tpl');
$msg = replace_macros($tpl, array(
'$guid' => $item['guid'],
'$type' => 'StatusMessage',
'$handle' => $myaddr,
'$signature' => base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256'))
'$guid' => xmlify($item['guid']),
'$type' => xmlify($target_type),
'$handle' => xmlify($myaddr),
'$signature' => xmlify(base64_encode(rsa_sign($signed_text,$owner['uprvkey'],'sha256')))
));
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($msg,$owner,$contact,$owner['uprvkey'],$contact['pubkey'],$public_batch)));
@@ -2343,3 +2450,5 @@ function diaspora_transmit($owner,$contact,$slap,$public_batch) {
return(($return_code) ? $return_code : (-1));
}
include/enotify.php
+3
View File
@@ -20,6 +20,9 @@ function notification($params) {
$sender_name = $product;
$hostname = $a->get_hostname();
if(strpos($hostname,':'))
$hostname = substr($hostname,0,strpos($hostname,':'));
$sender_email = t('noreply') . '@' . $hostname;
$additional_mail_header = "";
include/event.php
+11 -6
View File
@@ -42,7 +42,7 @@ function format_event_html($ev) {
return $o;
}
/*
function parse_event($h) {
require_once('include/Scrape.php');
@@ -108,7 +108,7 @@ function parse_event($h) {
return $ret;
}
*/
function format_event_bbcode($ev) {
@@ -162,7 +162,6 @@ function bbtoevent($s) {
$match = '';
if(preg_match("/\[event\-adjust\](.*?)\[\/event\-adjust\]/is",$s,$match))
$ev['adjust'] = $match[1];
$match = '';
$ev['nofinish'] = (((x($ev, 'start') && $ev['start']) && (!x($ev, 'finish') || !$ev['finish'])) ? 1 : 0);
return $ev;
@@ -294,10 +293,14 @@ function event_store($arr) {
intval($arr['uid'])
);
return $r[0]['id'];
$item_id = $r[0]['id'];
}
else
return 0;
$item_id = 0;
call_hooks("event_updated", $arr['id']);
return $item_id;
}
else {
@@ -361,7 +364,7 @@ function event_store($arr) {
$item_arr['body'] = format_event_bbcode($event);
$item_arr['object'] = '<object><type>' . xmlify(ACTIVITY_OBJ_EVENT) . '</type><title></title><id>' . xmlify($uri) . '</id>';
$item_arr['object'] = '<object><type>' . xmlify(ACTIVITY_OBJ_EVENT) . '</type><title></title><id>' . xmlify($arr['uri']) . '</id>';
$item_arr['object'] .= '<content>' . xmlify(format_event_bbcode($event)) . '</content>';
$item_arr['object'] .= '</object>' . "\n";
@@ -383,6 +386,8 @@ function event_store($arr) {
);
}
call_hooks("event_created", $event['id']);
return $item_id;
}
}
include/follow.php
+243
View File
@@ -0,0 +1,243 @@
<?php
//
// Takes a $uid and a url/handle and adds a new contact
// Currently if the contact is DFRN, interactive needs to be true, to redirect to the
// dfrn_request page.
// Otherwise this can be used to bulk add statusnet contacts, twitter contacts, etc.
// Returns an array
// $return['success'] boolean true if successful
// $return['message'] error text if success is false.
function new_contact($uid,$url,$interactive = false) {
$result = array('success' => false,'message' => '');
$a = get_app();
// remove ajax junk, e.g. Twitter
$url = str_replace('/#!/','/',$url);
if(! allowed_url($url)) {
$result['message'] = t('Disallowed profile URL.');
return $result;
}
if(! $url) {
$result['message'] = t('Connect URL missing.');
return $result;
}
$arr = array('url' => $url, 'contact' => array());
call_hooks('follow', $arr);
if(x($arr['contact'],'name'))
$ret = $arr['contact'];
else
$ret = probe_url($url);
if($ret['network'] === NETWORK_DFRN) {
if($interactive) {
if(strlen($a->path))
$myaddr = bin2hex($a->get_baseurl() . '/profile/' . $a->user['nickname']);
else
$myaddr = bin2hex($a->user['nickname'] . '@' . $a->get_hostname());
goaway($ret['request'] . "&addr=$myaddr");
// NOTREACHED
}
}
else {
if(get_config('system','dfrn_only')) {
$result['message'] = t('This site is not configured to allow communications with other networks.') . EOL;
$result['message'] != t('No compatible communication protocols or feeds were discovered.') . EOL;
return $result;
}
}
// This extra param just confuses things, remove it
if($ret['network'] === NETWORK_DIASPORA)
$ret['url'] = str_replace('?absolute=true','',$ret['url']);
// do we have enough information?
if(! ((x($ret,'name')) && (x($ret,'poll')) && ((x($ret,'url')) || (x($ret,'addr'))))) {
$result['message'] .= t('The profile address specified does not provide adequate information.') . EOL;
if(! x($ret,'poll'))
$result['message'] .= t('No compatible communication protocols or feeds were discovered.') . EOL;
if(! x($ret,'name'))
$result['message'] .= t('An author or name was not found.') . EOL;
if(! x($ret,'url'))
$result['message'] .= t('No browser URL could be matched to this address.') . EOL;
if(strpos($url,'@') !== false) {
$result['message'] .= t('Unable to match @-style Identity Address with a known protocol or email contact.') . EOL;
$result['message'] .= t('Use mailto: in front of address to force email check.') . EOL;
}
return $result;
}
if($ret['network'] === NETWORK_OSTATUS && get_config('system','ostatus_disabled')) {
$result['message'] .= t('The profile address specified belongs to a network which has been disabled on this site.') . EOL;
$ret['notify'] = '';
}
if(! $ret['notify']) {
$result['message'] .= t('Limited profile. This person will be unable to receive direct/personal notifications from you.') . EOL;
}
$writeable = ((($ret['network'] === NETWORK_OSTATUS) && ($ret['notify'])) ? 1 : 0);
$hidden = (($ret['network'] === NETWORK_MAIL) ? 1 : 0);
if($ret['network'] === NETWORK_MAIL) {
$writeable = 1;
}
if($ret['network'] === NETWORK_DIASPORA)
$writeable = 1;
// check if we already have a contact
// the poll url is more reliable than the profile url, as we may have
// indirect links or webfinger links
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `poll` = '%s' LIMIT 1",
intval($uid),
dbesc($ret['poll'])
);
if(count($r)) {
// update contact
if($r[0]['rel'] == CONTACT_IS_FOLLOWER || ($network === NETWORK_DIASPORA && $r[0]['rel'] == CONTACT_IS_SHARING)) {
q("UPDATE `contact` SET `rel` = %d , `readonly` = 0 WHERE `id` = %d AND `uid` = %d LIMIT 1",
intval(CONTACT_IS_FRIEND),
intval($r[0]['id']),
intval($uid)
);
}
}
else {
$new_relation = (($ret['network'] === NETWORK_MAIL) ? CONTACT_IS_FRIEND : CONTACT_IS_SHARING);
if($ret['network'] === NETWORK_DIASPORA)
$new_relation = CONTACT_IS_FOLLOWER;
// create contact record
$r = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `nurl`, `addr`, `alias`, `batch`, `notify`, `poll`, `poco`, `name`, `nick`, `photo`, `network`, `pubkey`, `rel`, `priority`,
`writable`, `hidden`, `blocked`, `readonly`, `pending` )
VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, 0, 0, 0 ) ",
intval($uid),
dbesc(datetime_convert()),
dbesc($ret['url']),
dbesc(normalise_link($ret['url'])),
dbesc($ret['addr']),
dbesc($ret['alias']),
dbesc($ret['batch']),
dbesc($ret['notify']),
dbesc($ret['poll']),
dbesc($ret['poco']),
dbesc($ret['name']),
dbesc($ret['nick']),
dbesc($ret['photo']),
dbesc($ret['network']),
dbesc($ret['pubkey']),
intval($new_relation),
intval($ret['priority']),
intval($writeable),
intval($hidden)
);
}
$r = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1",
dbesc($ret['url']),
intval($uid)
);
if(! count($r)) {
$result['message'] .= t('Unable to retrieve contact information.') . EOL;
return $result;
}
$contact = $r[0];
$contact_id = $r[0]['id'];
$g = q("select def_gid from user where uid = %d limit 1",
intval($uid)
);
if($g && intval($g[0]['def_gid'])) {
require_once('include/group.php');
group_add_member($uid,'',$contact_id,$g[0]['def_gid']);
}
require_once("Photo.php");
$photos = import_profile_photo($ret['photo'],$uid,$contact_id);
$r = q("UPDATE `contact` SET `photo` = '%s',
`thumb` = '%s',
`micro` = '%s',
`name-date` = '%s',
`uri-date` = '%s',
`avatar-date` = '%s'
WHERE `id` = %d LIMIT 1
",
dbesc($photos[0]),
dbesc($photos[1]),
dbesc($photos[2]),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
intval($contact_id)
);
// pull feed and consume it, which should subscribe to the hub.
proc_run('php',"include/poller.php","$contact_id");
// create a follow slap
$tpl = get_markup_template('follow_slap.tpl');
$slap = replace_macros($tpl, array(
'$name' => $a->user['username'],
'$profile_page' => $a->get_baseurl() . '/profile/' . $a->user['nickname'],
'$photo' => $a->contact['photo'],
'$thumb' => $a->contact['thumb'],
'$published' => datetime_convert('UTC','UTC', 'now', ATOM_TIME),
'$item_id' => 'urn:X-dfrn:' . $a->get_hostname() . ':follow:' . random_string(),
'$title' => '',
'$type' => 'text',
'$content' => t('following'),
'$nick' => $a->user['nickname'],
'$verb' => ACTIVITY_FOLLOW,
'$ostat_follow' => ''
));
$r = q("SELECT `contact`.*, `user`.* FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
WHERE `user`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1",
intval($uid)
);
if(count($r)) {
if(($contact['network'] == NETWORK_OSTATUS) && (strlen($contact['notify']))) {
require_once('include/salmon.php');
slapper($r[0],$contact['notify'],$slap);
}
if($contact['network'] == NETWORK_DIASPORA) {
require_once('include/diaspora.php');
$ret = diaspora_share($a->user,$contact);
logger('mod_follow: diaspora_share returns: ' . $ret);
}
}
$result['success'] = true;
return $result;
}
include/items.php
Regular → Executable
+47 -8
View File
@@ -180,6 +180,10 @@ function get_feed_for(&$a, $dfrn_id, $owner_nick, $last_update, $direction = 0)
foreach($items as $item) {
// prevent private email from leaking.
if($item['network'] === NETWORK_MAIL)
continue;
// public feeds get html, our own nodes use bbcode
if($public_feed) {
@@ -1063,9 +1067,6 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
$a = get_app();
// if((! strlen($contact['issued-id'])) && (! $contact['duplex']) && (! ($owner['page-flags'] == PAGE_COMMUNITY)))
// return 3;
$idtosend = $orig_id = (($contact['dfrn-id']) ? $contact['dfrn-id'] : $contact['issued-id']);
if($contact['duplex'] && $contact['dfrn-id'])
@@ -1130,6 +1131,9 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
$rino_allowed = ((intval($res->rino) === 1) ? 1 : 0);
$page = (($owner['page-flags'] == PAGE_COMMUNITY) ? 1 : 0);
if($owner['page-flags'] == PAGE_PRVGROUP)
$page = 2;
$final_dfrn_id = '';
if($perm) {
@@ -1183,7 +1187,7 @@ function dfrn_deliver($owner,$contact,$atom, $dissolve = false) {
$postvars['ssl_policy'] = $ssl_policy;
if($page)
$postvars['page'] = '1';
$postvars['page'] = $page;
if($rino && $rino_allowed && (! $dissolve)) {
$key = substr(random_string(),0,16);
@@ -2931,10 +2935,10 @@ function fix_private_photos($s,$uid, $item = null, $cid = 0) {
$a = get_app();
logger('fix_private_photos', LOGGER_DEBUG);
$site = substr($a->get_baseurl(),strpos($a->get_baseurl,'://'));
$site = substr($a->get_baseurl(),strpos($a->get_baseurl(),'://'));
if(preg_match("/\[img\](.*?)\[\/img\]/is",$s,$matches)) {
$image = $matches[1];
if(preg_match("/\[img(.*?)\](.*?)\[\/img\]/is",$s,$matches)) {
$image = $matches[2];
logger('fix_private_photos: found photo ' . $image, LOGGER_DEBUG);
if(stristr($image , $site . '/photo/')) {
$replace = false;
@@ -3274,7 +3278,42 @@ function drop_item($id,$interactive = true) {
q("UPDATE `item` SET `last-child` = 1 WHERE `id` = %d LIMIT 1",
intval($r[0]['id'])
);
}
}
// Add a relayable_retraction signature for Diaspora. Note that we can't add a target_author_signature
// if the comment was deleted by a remote user. That should be ok, because if a remote user is deleting
// the comment, that means we're the home of the post, and Diaspora will only
// check the parent_author_signature of retractions that it doesn't have to relay further
//
// I don't think this function gets called for an "unlike," but I'll check anyway
$signed_text = $item['guid'] . ';' . ( ($item['verb'] === ACTIVITY_LIKE) ? 'Like' : 'Comment');
if(local_user() == $item['uid']) {
$handle = $a->user['nickname'] . '@' . substr($a->get_baseurl(), strpos($a->get_baseurl(),'://') + 3);
$authorsig = base64_encode(rsa_sign($signed_text,$a->user['prvkey'],'sha256'));
}
else {
$r = q("SELECT `nick`, `url` FROM `contact` WHERE `id` = '%d' LIMIT 1",
$item['contact-id']
);
if(count($r)) {
// The below handle only works for NETWORK_DFRN. I think that's ok, because this function
// only handles DFRN deletes
$handle_baseurl_start = strpos($r['url'],'://') + 3;
$handle_baseurl_length = strpos($r['url'],'/profile') - $handle_baseurl_start;
$handle = $r['nick'] . '@' . substr($r['url'], $handle_baseurl_start, $handle_baseurl_length);
$authorsig = '';
}
}
if(isset($handle))
q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ",
intval($item['id']),
dbesc($signed_text),
dbesc($authorsig),
dbesc($handle)
);
}
$drop_id = intval($item['id']);
include/nav.php
+1 -1
View File
@@ -117,7 +117,7 @@ function nav(&$a) {
/* only show friend requests for normal pages. Other page types have automatic friendship. */
if($_SESSION['page_flags'] == PAGE_NORMAL) {
if($_SESSION['page_flags'] == PAGE_NORMAL || $_SESSION['page_flags'] == PAGE_PRVGROUP) {
$nav['introductions'] = array('notifications/intros', t('Introductions'), "", t('Friend Requests'));
$nav['notifications'] = array('notifications', t('Notifications'), "", t('Notifications'));
$nav['notifications']['all']=array('notifications/system', t('See all notifications'), "", "");
include/notifier.php
+15 -6
View File
@@ -125,6 +125,7 @@ function notifier_run($argv, $argc){
$uid = $r[0]['uid'];
$updated = $r[0]['edited'];
// The following seems superfluous. We've already checked for "if (! intval($r[0]['parent']))" a few lines up
if(! $parent_id)
return;
@@ -596,7 +597,7 @@ function notifier_run($argv, $argc){
break;
case NETWORK_OSTATUS:
// Do not send to otatus if we are not configured to send to public networks
// Do not send to ostatus if we are not configured to send to public networks
if($owner['prvnets'])
break;
if(get_config('system','ostatus_disabled') || get_config('system','dfrn_only'))
@@ -737,18 +738,19 @@ function notifier_run($argv, $argc){
// unsupported
break;
}
elseif(($target_item['deleted']) && ($target_item['verb'] !== ACTIVITY_LIKE)) {
// diaspora delete,
elseif(($target_item['deleted']) && (($target_item['uri'] === $target_item['parent-uri']) || $followup)) {
// send both top-level retractions and relayable retractions for owner to relay
diaspora_send_retraction($target_item,$owner,$contact);
break;
}
elseif($followup) {
// send comments, likes and retractions of likes to owner to relay
// send comments and likes to owner to relay
diaspora_send_followup($target_item,$owner,$contact);
break;
}
elseif($target_item['parent'] != $target_item['id']) {
// we are the relay - send comments, likes and unlikes to our conversants
elseif($target_item['uri'] !== $target_item['parent-uri']) {
// we are the relay - send comments, likes and relayable_retractions
// (of comments and likes) to our conversants
diaspora_send_relay($target_item,$owner,$contact);
break;
}
@@ -858,6 +860,13 @@ function notifier_run($argv, $argc){
}
// If the item was deleted, clean up the `sign` table
if($target_item['deleted']) {
$r = q("DELETE FROM sign where `retract_iid` = %d",
intval($target_item['id'])
);
}
logger('notifier: calling hooks', LOGGER_DEBUG);
if($normal_mode)
include/profile_advanced.php
+5
View File
@@ -39,11 +39,16 @@ function advanced_profile(&$a) {
if($a->profile['with']) $profile['marital']['with'] = $a->profile['with'];
if(strlen($a->profile['howlong']) && $a->profile['howlong'] !== '0000-00-00 00:00:00') {
$profile['howlong'] = relative_date($a->profile['howlong'], t('for %1$d %2$s'));
}
if($a->profile['sexual']) $profile['sexual'] = array( t('Sexual Preference:'), $a->profile['sexual'] );
if($a->profile['homepage']) $profile['homepage'] = array( t('Homepage:'), linkify($a->profile['homepage']) );
if($a->profile['hometown']) $profile['hometown'] = array( t('Hometown:'), linkify($a->profile['hometown']) );
if($a->profile['pub_keywords']) $profile['pub_keywords'] = array( t('Tags:'), $a->profile['pub_keywords']);
if($a->profile['politic']) $profile['politic'] = array( t('Political Views:'), $a->profile['politic']);
include/text.php
+5
View File
@@ -742,6 +742,8 @@ function smilies($s, $sample = false) {
':homebrew',
':coffee',
':facepalm',
':like',
':dislike',
'~friendika',
'~friendica'
@@ -778,6 +780,8 @@ function smilies($s, $sample = false) {
'<img src="' . $a->get_baseurl() . '/images/beer_mug.gif" alt=":homebrew" />',
'<img src="' . $a->get_baseurl() . '/images/coffee.gif" alt=":coffee" />',
'<img src="' . $a->get_baseurl() . '/images/smiley-facepalm.gif" alt=":facepalm" />',
'<img src="' . $a->get_baseurl() . '/images/like.gif" alt=":like" />',
'<img src="' . $a->get_baseurl() . '/images/dislike.gif" alt=":dislike" />',
'<a href="http://project.friendika.com">~friendika <img src="' . $a->get_baseurl() . '/images/friendika-16.png" alt="~friendika" /></a>',
'<a href="http://friendica.com">~friendica <img src="' . $a->get_baseurl() . '/images/friendica-16.png" alt="~friendica" /></a>'
);
@@ -887,6 +891,7 @@ function prepare_body($item,$attach = false) {
} else
$s = prepare_text($item['body']);
$prep_arr = array('item' => $item, 'html' => $s);
call_hooks('prepare_body', $prep_arr);
$s = $prep_arr['html'];
include/user.php
+327
View File
@@ -0,0 +1,327 @@
<?php
require_once('include/config.php');
require_once('include/network.php');
require_once('include/plugin.php');
require_once('include/text.php');
require_once('include/pgettext.php');
require_once('include/datetime.php');
function create_user($arr) {
// Required: { username, nickname, email } or { openid_url }
$a = get_app();
$result = array('success' => false, 'user' => null, 'password' => '', 'message' => '');
$using_invites = get_config('system','invitation_only');
$num_invites = get_config('system','number_invites');
$invite_id = ((x($arr,'invite_id')) ? notags(trim($arr['invite_id'])) : '');
$username = ((x($arr,'username')) ? notags(trim($arr['username'])) : '');
$nickname = ((x($arr,'nickname')) ? notags(trim($arr['nickname'])) : '');
$email = ((x($arr,'email')) ? notags(trim($arr['email'])) : '');
$openid_url = ((x($arr,'openid_url')) ? notags(trim($arr['openid_url'])) : '');
$photo = ((x($arr,'photo')) ? notags(trim($arr['photo'])) : '');
$password = ((x($arr,'password')) ? trim($arr['password']) : '');
$blocked = ((x($arr,'blocked')) ? intval($arr['blocked']) : 0);
$verified = ((x($arr,'verified')) ? intval($arr['verified']) : 0);
$publish = ((x($arr,'profile_publish_reg') && intval($arr['profile_publish_reg'])) ? 1 : 0);
$netpublish = ((strlen(get_config('system','directory_submit_url'))) ? $publish : 0);
$tmp_str = $openid_url;
if($using_invites) {
if(! $invite_id) {
$result['message'] .= t('An invitation is required.') . EOL;
return $result;
}
$r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_id));
if(! results($r)) {
$result['message'] .= t('Invitation could not be verified.') . EOL;
return $result;
}
}
if((! x($username)) || (! x($email)) || (! x($nickname))) {
if($openid_url) {
if(! validate_url($tmp_str)) {
$result['message'] .= t('Invalid OpenID url') . EOL;
return $result;
}
$_SESSION['register'] = 1;
$_SESSION['openid'] = $openid_url;
require_once('library/openid.php');
$openid = new LightOpenID;
$openid->identity = $openid_url;
$openid->returnUrl = $a->get_baseurl() . '/openid';
$openid->required = array('namePerson/friendly', 'contact/email', 'namePerson');
$openid->optional = array('namePerson/first','media/image/aspect11','media/image/default');
goaway($openid->authUrl());
// NOTREACHED
}
notice( t('Please enter the required information.') . EOL );
return;
}
if(! validate_url($tmp_str))
$openid_url = '';
$err = '';
// collapse multiple spaces in name
$username = preg_replace('/ +/',' ',$username);
if(mb_strlen($username) > 48)
$result['message'] .= t('Please use a shorter name.') . EOL;
if(mb_strlen($username) < 3)
$result['message'] .= t('Name too short.') . EOL;
// I don't really like having this rule, but it cuts down
// on the number of auto-registrations by Russian spammers
// Using preg_match was completely unreliable, due to mixed UTF-8 regex support
// $no_utf = get_config('system','no_utf');
// $pat = (($no_utf) ? '/^[a-zA-Z]* [a-zA-Z]*$/' : '/^\p{L}* \p{L}*$/u' );
// So now we are just looking for a space in the full name.
$loose_reg = get_config('system','no_regfullname');
if(! $loose_reg) {
$username = mb_convert_case($username,MB_CASE_TITLE,'UTF-8');
if(! strpos($username,' '))
$result['message'] .= t("That doesn't appear to be your full \x28First Last\x29 name.") . EOL;
}
if(! allowed_email($email))
$result['message'] .= t('Your email domain is not among those allowed on this site.') . EOL;
if((! valid_email($email)) || (! validate_email($email)))
$result['message'] .= t('Not a valid email address.') . EOL;
// Disallow somebody creating an account using openid that uses the admin email address,
// since openid bypasses email verification. We'll allow it if there is not yet an admin account.
if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) {
$r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1",
dbesc($email)
);
if(count($r))
$result['message'] .= t('Cannot use that email.') . EOL;
}
$nickname = $arr['nickname'] = strtolower($nickname);
if(! preg_match("/^[a-z][a-z0-9\-\_]*$/",$nickname))
$result['message'] .= t('Your "nickname" can only contain "a-z", "0-9", "-", and "_", and must also begin with a letter.') . EOL;
$r = q("SELECT `uid` FROM `user`
WHERE `nickname` = '%s' LIMIT 1",
dbesc($nickname)
);
if(count($r))
$result['message'] .= t('Nickname is already registered. Please choose another.') . EOL;
// Check deleted accounts that had this nickname. Doesn't matter to us,
// but could be a security issue for federated platforms.
$r = q("SELECT * FROM `userd`
WHERE `username` = '%s' LIMIT 1",
dbesc($nickname)
);
if(count($r))
$result['message'] .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL;
if(strlen($result['message'])) {
return $result;
}
$new_password = ((strlen($password)) ? $password : autoname(6) . mt_rand(100,9999));
$new_password_encoded = hash('whirlpool',$new_password);
$result['password'] = $new_password;
require_once('include/crypto.php');
$keys = new_keypair(1024);
if($keys === false) {
$result['message'] .= t('SERIOUS ERROR: Generation of security keys failed.') . EOL;
return $result;
}
$prvkey = $keys['prvkey'];
$pubkey = $keys['pubkey'];
/**
*
* Create another keypair for signing/verifying
* salmon protocol messages. We have to use a slightly
* less robust key because this won't be using openssl
* but the phpseclib. Since it is PHP interpreted code
* it is not nearly as efficient, and the larger keys
* will take several minutes each to process.
*
*/
$sres = new_keypair(512);
$sprvkey = $sres['prvkey'];
$spubkey = $sres['pubkey'];
$r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,
`pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone` )
VALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC' )",
dbesc(generate_user_guid()),
dbesc($username),
dbesc($new_password_encoded),
dbesc($email),
dbesc($openid_url),
dbesc($nickname),
dbesc($pubkey),
dbesc($prvkey),
dbesc($spubkey),
dbesc($sprvkey),
dbesc(datetime_convert()),
intval($verified),
intval($blocked)
);
if($r) {
$r = q("SELECT * FROM `user`
WHERE `username` = '%s' AND `password` = '%s' LIMIT 1",
dbesc($username),
dbesc($new_password_encoded)
);
if($r !== false && count($r)) {
$u = $r[0];
$newuid = intval($r[0]['uid']);
}
}
else {
$result['message'] .= t('An error occurred during registration. Please try again.') . EOL ;
return $result;
}
/**
* if somebody clicked submit twice very quickly, they could end up with two accounts
* due to race condition. Remove this one.
*/
$r = q("SELECT `uid` FROM `user`
WHERE `nickname` = '%s' ",
dbesc($nickname)
);
if((count($r) > 1) && $newuid) {
$result['message'] .= t('Nickname is already registered. Please choose another.') . EOL;
q("DELETE FROM `user` WHERE `uid` = %d LIMIT 1",
intval($newuid)
);
return $result;
}
if(x($newuid) !== false) {
$r = q("INSERT INTO `profile` ( `uid`, `profile-name`, `is-default`, `name`, `photo`, `thumb`, `publish`, `net-publish` )
VALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, %d ) ",
intval($newuid),
t('default'),
1,
dbesc($username),
dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"),
dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"),
intval($publish),
intval($netpublish)
);
if($r === false) {
$result['message'] .= t('An error occurred creating your default profile. Please try again.') . EOL;
// Start fresh next time.
$r = q("DELETE FROM `user` WHERE `uid` = %d",
intval($newuid));
return $result;
}
$r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`, `nurl`,
`request`, `notify`, `poll`, `confirm`, `poco`, `name-date`, `uri-date`, `avatar-date`, `closeness` )
VALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 0 ) ",
intval($newuid),
datetime_convert(),
dbesc($username),
dbesc($nickname),
dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"),
dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"),
dbesc($a->get_baseurl() . "/photo/micro/{$newuid}.jpg"),
dbesc($a->get_baseurl() . "/profile/$nickname"),
dbesc(normalise_link($a->get_baseurl() . "/profile/$nickname")),
dbesc($a->get_baseurl() . "/dfrn_request/$nickname"),
dbesc($a->get_baseurl() . "/dfrn_notify/$nickname"),
dbesc($a->get_baseurl() . "/dfrn_poll/$nickname"),
dbesc($a->get_baseurl() . "/dfrn_confirm/$nickname"),
dbesc($a->get_baseurl() . "/poco/$nickname"),
dbesc(datetime_convert()),
dbesc(datetime_convert()),
dbesc(datetime_convert())
);
// Create a group with no members. This allows somebody to use it
// right away as a default group for new contacts.
require_once('include/group.php');
group_add($newuid, t('Friends'));
}
// if we have no OpenID photo try to look up an avatar
if(! strlen($photo))
$photo = avatar_img($email);
// unless there is no avatar-plugin loaded
if(strlen($photo)) {
require_once('include/Photo.php');
$photo_failure = false;
$filename = basename($photo);
$img_str = fetch_url($photo,true);
$img = new Photo($img_str);
if($img->is_valid()) {
$img->scaleImageSquare(175);
$hash = photo_new_resource();
$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 4 );
if($r === false)
$photo_failure = true;
$img->scaleImage(80);
$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 5 );
if($r === false)
$photo_failure = true;
$img->scaleImage(48);
$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 6 );
if($r === false)
$photo_failure = true;
if(! $photo_failure) {
q("UPDATE `photo` SET `profile` = 1 WHERE `resource-id` = '%s' ",
dbesc($hash)
);
}
}
}
call_hooks('register_account', $newuid);
$result['success'] = true;
$result['user'] = $u;
return $result;
}