Removed obsolete code
This commit is contained in:
parent
3dd94355b7
commit
1ddd2df4b8
|
@ -26,10 +26,6 @@ use Friendica\Util\Temporal;
|
||||||
|
|
||||||
function cal_init(App $a)
|
function cal_init(App $a)
|
||||||
{
|
{
|
||||||
if ($a->argc > 1) {
|
|
||||||
DFRN::autoRedir($a, $a->argv[1]);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
|
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
|
||||||
throw new \Friendica\Network\HTTPException\ForbiddenException(L10n::t('Access denied.'));
|
throw new \Friendica\Network\HTTPException\ForbiddenException(L10n::t('Access denied.'));
|
||||||
}
|
}
|
||||||
|
@ -117,9 +113,7 @@ function cal_content(App $a)
|
||||||
$contact_id = remote_user($a->profile['profile_uid']);
|
$contact_id = remote_user($a->profile['profile_uid']);
|
||||||
}
|
}
|
||||||
|
|
||||||
$groups = [];
|
|
||||||
if ($contact_id) {
|
if ($contact_id) {
|
||||||
$groups = Group::getIdsByContactId($contact_id);
|
|
||||||
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
|
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1",
|
||||||
intval($contact_id),
|
intval($contact_id),
|
||||||
intval($a->profile['profile_uid'])
|
intval($a->profile['profile_uid'])
|
||||||
|
@ -137,7 +131,7 @@ function cal_content(App $a)
|
||||||
}
|
}
|
||||||
|
|
||||||
// get the permissions
|
// get the permissions
|
||||||
$sql_perms = Item::getPermissionsSQLByUserId($owner_uid, $remote_contact, $groups);
|
$sql_perms = Item::getPermissionsSQLByUserId($owner_uid);
|
||||||
// we only want to have the events of the profile owner
|
// we only want to have the events of the profile owner
|
||||||
$sql_extra = " AND `event`.`cid` = 0 " . $sql_perms;
|
$sql_extra = " AND `event`.`cid` = 0 " . $sql_perms;
|
||||||
|
|
||||||
|
|
|
@ -53,16 +53,12 @@ function display_init(App $a)
|
||||||
$nick = $a->user["nickname"];
|
$nick = $a->user["nickname"];
|
||||||
}
|
}
|
||||||
// Is this item private but could be visible to the remove visitor?
|
// Is this item private but could be visible to the remove visitor?
|
||||||
} elseif (remote_user()) {
|
} elseif (remote_user($item['uid'])) {
|
||||||
$item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]);
|
$item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]);
|
||||||
if (DBA::isResult($item)) {
|
if (DBA::isResult($item)) {
|
||||||
if (!Contact::isFollower(remote_user(), $item['uid'])) {
|
|
||||||
$item = null;
|
|
||||||
} else {
|
|
||||||
$item_user = $item['uid'];
|
$item_user = $item['uid'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
// Is it an item with uid=0?
|
// Is it an item with uid=0?
|
||||||
if (!DBA::isResult($item)) {
|
if (!DBA::isResult($item)) {
|
||||||
|
@ -229,9 +225,9 @@ function display_content(App $a, $update = false, $update_uid = 0)
|
||||||
$item_parent = $item["parent"];
|
$item_parent = $item["parent"];
|
||||||
$item_parent_uri = $item['parent-uri'];
|
$item_parent_uri = $item['parent-uri'];
|
||||||
}
|
}
|
||||||
} elseif (remote_user()) {
|
} elseif (remote_user($item['uid'])) {
|
||||||
$item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]);
|
$item = Item::selectFirst($fields, ['guid' => $a->argv[1], 'private' => 1]);
|
||||||
if (DBA::isResult($item) && Contact::isFollower(remote_user(), $item['uid'])) {
|
if (DBA::isResult($item)) {
|
||||||
$item_id = $item["id"];
|
$item_id = $item["id"];
|
||||||
$item_parent = $item["parent"];
|
$item_parent = $item["parent"];
|
||||||
$item_parent_uri = $item['parent-uri'];
|
$item_parent_uri = $item['parent-uri'];
|
||||||
|
@ -269,8 +265,6 @@ function display_content(App $a, $update = false, $update_uid = 0)
|
||||||
['$alternate' => $alternate,
|
['$alternate' => $alternate,
|
||||||
'$conversation' => $conversation]);
|
'$conversation' => $conversation]);
|
||||||
|
|
||||||
$groups = [];
|
|
||||||
$remote_cid = null;
|
|
||||||
$is_remote_contact = false;
|
$is_remote_contact = false;
|
||||||
$item_uid = local_user();
|
$item_uid = local_user();
|
||||||
|
|
||||||
|
@ -279,24 +273,19 @@ function display_content(App $a, $update = false, $update_uid = 0)
|
||||||
if (DBA::isResult($parent)) {
|
if (DBA::isResult($parent)) {
|
||||||
$a->profile['uid'] = defaults($a->profile, 'uid', $parent['uid']);
|
$a->profile['uid'] = defaults($a->profile, 'uid', $parent['uid']);
|
||||||
$a->profile['profile_uid'] = defaults($a->profile, 'profile_uid', $parent['uid']);
|
$a->profile['profile_uid'] = defaults($a->profile, 'profile_uid', $parent['uid']);
|
||||||
$is_remote_contact = Contact::isFollower(remote_user(), $a->profile['profile_uid']);
|
$is_remote_contact = remote_user($a->profile['profile_uid']);
|
||||||
|
|
||||||
if ($is_remote_contact) {
|
if ($is_remote_contact) {
|
||||||
$cdata = Contact::getPublicAndUserContacID(remote_user(), $a->profile['profile_uid']);
|
|
||||||
if (!empty($cdata['user'])) {
|
|
||||||
$groups = Group::getIdsByContactId($cdata['user']);
|
|
||||||
$remote_cid = $cdata['user'];
|
|
||||||
$item_uid = $parent['uid'];
|
$item_uid = $parent['uid'];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
$page_contact = DBA::selectFirst('contact', [], ['self' => true, 'uid' => $a->profile['uid']]);
|
$page_contact = DBA::selectFirst('contact', [], ['self' => true, 'uid' => $a->profile['uid']]);
|
||||||
if (DBA::isResult($page_contact)) {
|
if (DBA::isResult($page_contact)) {
|
||||||
$a->page_contact = $page_contact;
|
$a->page_contact = $page_contact;
|
||||||
}
|
}
|
||||||
|
|
||||||
$is_owner = (local_user() && (in_array($a->profile['profile_uid'], [local_user(), 0])) ? true : false);
|
$is_owner = (local_user() && (in_array($a->profile['profile_uid'], [local_user(), 0])) ? true : false);
|
||||||
|
|
||||||
if (!empty($a->profile['hidewall']) && !$is_owner && !$is_remote_contact) {
|
if (!empty($a->profile['hidewall']) && !$is_owner && !$is_remote_contact) {
|
||||||
|
@ -318,7 +307,7 @@ function display_content(App $a, $update = false, $update_uid = 0)
|
||||||
];
|
];
|
||||||
$o .= status_editor($a, $x, 0, true);
|
$o .= status_editor($a, $x, 0, true);
|
||||||
}
|
}
|
||||||
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid'], $is_remote_contact, $groups, $remote_cid);
|
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid']);
|
||||||
|
|
||||||
if (local_user() && (local_user() == $a->profile['profile_uid'])) {
|
if (local_user() && (local_user() == $a->profile['profile_uid'])) {
|
||||||
$condition = ['parent-uri' => $item_parent_uri, 'uid' => local_user(), 'unseen' => true];
|
$condition = ['parent-uri' => $item_parent_uri, 'uid' => local_user(), 'unseen' => true];
|
||||||
|
|
|
@ -35,10 +35,6 @@ use Friendica\Util\XML;
|
||||||
|
|
||||||
function photos_init(App $a) {
|
function photos_init(App $a) {
|
||||||
|
|
||||||
if ($a->argc > 1) {
|
|
||||||
DFRN::autoRedir($a, $a->argv[1]);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
|
if (Config::get('system', 'block_public') && !local_user() && !remote_user()) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -156,12 +152,9 @@ function photos_post(App $a)
|
||||||
$can_post = true;
|
$can_post = true;
|
||||||
} elseif ($community_page && !empty(remote_user($page_owner_uid))) {
|
} elseif ($community_page && !empty(remote_user($page_owner_uid))) {
|
||||||
$contact_id = remote_user($page_owner_uid);
|
$contact_id = remote_user($page_owner_uid);
|
||||||
|
|
||||||
if (DBA::exists('contact', ['id' => $contact_id, 'uid' => $page_owner_uid, 'blocked' => false, 'pending' => false])) {
|
|
||||||
$can_post = true;
|
$can_post = true;
|
||||||
$visitor = $contact_id;
|
$visitor = $contact_id;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
if (!$can_post) {
|
if (!$can_post) {
|
||||||
notice(L10n::t('Permission denied.') . EOL);
|
notice(L10n::t('Permission denied.') . EOL);
|
||||||
|
@ -892,12 +885,9 @@ function photos_content(App $a)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$groups = [];
|
|
||||||
|
|
||||||
// perhaps they're visiting - but not a community page, so they wouldn't have write access
|
// perhaps they're visiting - but not a community page, so they wouldn't have write access
|
||||||
if (!empty(remote_user($owner_uid)) && !$visitor) {
|
if (!empty(remote_user($owner_uid)) && !$visitor) {
|
||||||
$contact_id = remote_user($owner_uid);
|
$contact_id = remote_user($owner_uid);
|
||||||
$groups = Group::getIdsByContactId($contact_id);
|
|
||||||
|
|
||||||
$contact = DBA::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $owner_uid, 'blocked' => false, 'pending' => false]);
|
$contact = DBA::selectFirst('contact', [], ['id' => $contact_id, 'uid' => $owner_uid, 'blocked' => false, 'pending' => false]);
|
||||||
|
|
||||||
|
@ -914,7 +904,7 @@ function photos_content(App $a)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$sql_extra = Security::getPermissionsSQLByUserId($owner_uid, $remote_contact, $groups);
|
$sql_extra = Security::getPermissionsSQLByUserId($owner_uid, $remote_contact);
|
||||||
|
|
||||||
$o = "";
|
$o = "";
|
||||||
|
|
||||||
|
|
|
@ -22,10 +22,6 @@ use Friendica\Util\Security;
|
||||||
|
|
||||||
function videos_init(App $a)
|
function videos_init(App $a)
|
||||||
{
|
{
|
||||||
if ($a->argc > 1) {
|
|
||||||
DFRN::autoRedir($a, $a->argv[1]);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ((Config::get('system', 'block_public')) && (!local_user()) && (!remote_user())) {
|
if ((Config::get('system', 'block_public')) && (!local_user()) && (!remote_user())) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -156,44 +152,23 @@ function videos_content(App $a)
|
||||||
$can_post = true;
|
$can_post = true;
|
||||||
} elseif ($community_page && !empty(remote_user($owner_uid))) {
|
} elseif ($community_page && !empty(remote_user($owner_uid))) {
|
||||||
$contact_id = remote_user($owner_uid);
|
$contact_id = remote_user($owner_uid);
|
||||||
|
|
||||||
$r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
|
|
||||||
intval($contact_id),
|
|
||||||
intval($owner_uid)
|
|
||||||
);
|
|
||||||
|
|
||||||
if (DBA::isResult($r)) {
|
|
||||||
$can_post = true;
|
$can_post = true;
|
||||||
$remote_contact = true;
|
$remote_contact = true;
|
||||||
$visitor = $contact_id;
|
$visitor = $contact_id;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
$groups = [];
|
|
||||||
|
|
||||||
// perhaps they're visiting - but not a community page, so they wouldn't have write access
|
// perhaps they're visiting - but not a community page, so they wouldn't have write access
|
||||||
if (!empty(remote_user($owner_uid)) && !$visitor) {
|
if (!empty(remote_user($owner_uid)) && !$visitor) {
|
||||||
$contact_id = remote_user($owner_uid);
|
$contact_id = remote_user($owner_uid);
|
||||||
|
|
||||||
if ($contact_id > 0) {
|
|
||||||
$groups = Group::getIdsByContactId($contact_id);
|
|
||||||
$r = q("SELECT * FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
|
|
||||||
intval($contact_id),
|
|
||||||
intval($owner_uid)
|
|
||||||
);
|
|
||||||
|
|
||||||
if (DBA::isResult($r)) {
|
|
||||||
$remote_contact = true;
|
$remote_contact = true;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($a->data['user']['hidewall'] && (local_user() != $owner_uid) && (!$remote_contact)) {
|
if ($a->data['user']['hidewall'] && (local_user() != $owner_uid) && !$remote_contact) {
|
||||||
notice(L10n::t('Access to this item is restricted.') . EOL);
|
notice(L10n::t('Access to this item is restricted.') . EOL);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$sql_extra = Security::getPermissionsSQLByUserId($owner_uid, $remote_contact, $groups);
|
$sql_extra = Security::getPermissionsSQLByUserId($owner_uid);
|
||||||
|
|
||||||
$o = "";
|
$o = "";
|
||||||
|
|
||||||
|
|
|
@ -3260,15 +3260,11 @@ class Item extends BaseObject
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public static function getPermissionsSQLByUserId($owner_id, $remote_verified = false, $groups = null, $remote_cid = null)
|
public static function getPermissionsSQLByUserId($owner_id)
|
||||||
{
|
{
|
||||||
$local_user = local_user();
|
$local_user = local_user();
|
||||||
$remote_user = remote_user($owner_id);
|
$remote_user = remote_user($owner_id);
|
||||||
|
|
||||||
if (is_null($remote_cid)) {
|
|
||||||
$remote_cid = $remote_user;
|
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Construct permissions
|
* Construct permissions
|
||||||
*
|
*
|
||||||
|
@ -3287,7 +3283,7 @@ class Item extends BaseObject
|
||||||
* If pre-verified, the caller is expected to have already
|
* If pre-verified, the caller is expected to have already
|
||||||
* done this and passed the groups into this function.
|
* done this and passed the groups into this function.
|
||||||
*/
|
*/
|
||||||
$set = PermissionSet::get($owner_id, $remote_cid, $groups);
|
$set = PermissionSet::get($owner_id, $remote_user);
|
||||||
|
|
||||||
if (!empty($set)) {
|
if (!empty($set)) {
|
||||||
$sql_set = " OR (`item`.`private` IN (1,2) AND `item`.`wall` AND `item`.`psid` IN (" . implode(',', $set) . "))";
|
$sql_set = " OR (`item`.`private` IN (1,2) AND `item`.`wall` AND `item`.`psid` IN (" . implode(',', $set) . "))";
|
||||||
|
|
|
@ -67,21 +67,20 @@ class PermissionSet extends BaseObject
|
||||||
*
|
*
|
||||||
* @param integer $uid User id whom the items belong
|
* @param integer $uid User id whom the items belong
|
||||||
* @param integer $contact_id Contact id of the visitor
|
* @param integer $contact_id Contact id of the visitor
|
||||||
* @param array $groups Possibly previously fetched group ids for that contact
|
|
||||||
*
|
*
|
||||||
* @return array of permission set ids.
|
* @return array of permission set ids.
|
||||||
* @throws \Exception
|
* @throws \Exception
|
||||||
*/
|
*/
|
||||||
|
static public function get($uid, $contact_id)
|
||||||
static public function get($uid, $contact_id, $groups = null)
|
|
||||||
{
|
{
|
||||||
if (empty($groups) && DBA::exists('contact', ['id' => $contact_id, 'uid' => $uid, 'blocked' => false])) {
|
if (DBA::exists('contact', ['id' => $contact_id, 'uid' => $uid, 'blocked' => false])) {
|
||||||
$groups = Group::getIdsByContactId($contact_id);
|
$groups = Group::getIdsByContactId($contact_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (empty($groups) || !is_array($groups)) {
|
if (empty($groups) || !is_array($groups)) {
|
||||||
return [];
|
return [];
|
||||||
}
|
}
|
||||||
|
|
||||||
$group_str = '<<>>'; // should be impossible to match
|
$group_str = '<<>>'; // should be impossible to match
|
||||||
|
|
||||||
foreach ($groups as $g) {
|
foreach ($groups as $g) {
|
||||||
|
|
|
@ -131,31 +131,17 @@ class Photo extends BaseObject
|
||||||
*/
|
*/
|
||||||
public static function getPhoto($resourceid, $scale = 0)
|
public static function getPhoto($resourceid, $scale = 0)
|
||||||
{
|
{
|
||||||
$r = self::selectFirst(["uid", "allow_cid", "allow_gid", "deny_cid", "deny_gid"], ["resource-id" => $resourceid]);
|
$r = self::selectFirst(["uid"], ["resource-id" => $resourceid]);
|
||||||
if ($r === false) {
|
if (!DBA::isResult($r)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
$uid = $r["uid"];
|
|
||||||
|
|
||||||
// This is the first place, when retrieving just a photo, that we know who owns the photo.
|
$uid = $r["uid"];
|
||||||
// Check if the photo is public (empty allow and deny means public), if so, skip auth attempt, if not
|
|
||||||
// make sure that the requester's session is appropriately authenticated to that user
|
|
||||||
// otherwise permissions checks done by getPermissionsSQLByUserId() won't work correctly
|
|
||||||
if (!empty($r["allow_cid"]) || !empty($r["allow_gid"]) || !empty($r["deny_cid"]) || !empty($r["deny_gid"])) {
|
|
||||||
$r = DBA::selectFirst("user", ["nickname"], ["uid" => $uid], []);
|
|
||||||
// this will either just return (if auth all ok) or will redirect and exit (starting over)
|
|
||||||
DFRN::autoRedir(self::getApp(), $r["nickname"]);
|
|
||||||
}
|
|
||||||
|
|
||||||
$sql_acl = Security::getPermissionsSQLByUserId($uid);
|
$sql_acl = Security::getPermissionsSQLByUserId($uid);
|
||||||
|
|
||||||
$conditions = [
|
$conditions = ["`resource-id` = ? AND `scale` <= ? " . $sql_acl, $resourceid, $scale];
|
||||||
"`resource-id` = ? AND `scale` <= ? " . $sql_acl,
|
|
||||||
$resourceid, $scale
|
|
||||||
];
|
|
||||||
|
|
||||||
$params = ["order" => ["scale" => true]];
|
$params = ["order" => ["scale" => true]];
|
||||||
|
|
||||||
$photo = self::selectFirst([], $conditions, $params);
|
$photo = self::selectFirst([], $conditions, $params);
|
||||||
|
|
||||||
return $photo;
|
return $photo;
|
||||||
|
|
|
@ -48,8 +48,6 @@ class Profile extends BaseModule
|
||||||
if (local_user() && $a->argc > 2 && $a->argv[2] === 'view') {
|
if (local_user() && $a->argc > 2 && $a->argv[2] === 'view') {
|
||||||
self::$which = $a->user['nickname'];
|
self::$which = $a->user['nickname'];
|
||||||
self::$profile = filter_var($a->argv[1], FILTER_SANITIZE_NUMBER_INT);
|
self::$profile = filter_var($a->argv[1], FILTER_SANITIZE_NUMBER_INT);
|
||||||
} else {
|
|
||||||
DFRN::autoRedir($a, self::$which);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -157,9 +155,6 @@ class Profile extends BaseModule
|
||||||
return Login::form();
|
return Login::form();
|
||||||
}
|
}
|
||||||
|
|
||||||
$groups = [];
|
|
||||||
$remote_cid = null;
|
|
||||||
|
|
||||||
$o = '';
|
$o = '';
|
||||||
|
|
||||||
if ($update) {
|
if ($update) {
|
||||||
|
@ -173,14 +168,6 @@ class Profile extends BaseModule
|
||||||
$is_owner = local_user() == $a->profile['profile_uid'];
|
$is_owner = local_user() == $a->profile['profile_uid'];
|
||||||
$last_updated_key = "profile:" . $a->profile['profile_uid'] . ":" . local_user() . ":" . $remote_contact;
|
$last_updated_key = "profile:" . $a->profile['profile_uid'] . ":" . local_user() . ":" . $remote_contact;
|
||||||
|
|
||||||
if ($remote_contact) {
|
|
||||||
$cdata = ContactModel::getPublicAndUserContacID($remote_contact, $a->profile['profile_uid']);
|
|
||||||
if (!empty($cdata['user'])) {
|
|
||||||
$groups = Group::getIdsByContactId($cdata['user']);
|
|
||||||
$remote_cid = $cdata['user'];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!empty($a->profile['hidewall']) && !$is_owner && !$remote_contact) {
|
if (!empty($a->profile['hidewall']) && !$is_owner && !$remote_contact) {
|
||||||
notice(L10n::t('Access to this profile has been restricted.') . EOL);
|
notice(L10n::t('Access to this profile has been restricted.') . EOL);
|
||||||
return '';
|
return '';
|
||||||
|
@ -229,7 +216,7 @@ class Profile extends BaseModule
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
|
// Get permissions SQL - if $remote_contact is true, our remote user has been pre-verified and we already have fetched his/her groups
|
||||||
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid'], $remote_contact, $groups, $remote_cid);
|
$sql_extra = Item::getPermissionsSQLByUserId($a->profile['profile_uid']);
|
||||||
$sql_extra2 = '';
|
$sql_extra2 = '';
|
||||||
|
|
||||||
$last_updated_array = Session::get('last_updated', []);
|
$last_updated_array = Session::get('last_updated', []);
|
||||||
|
|
|
@ -2849,113 +2849,6 @@ class DFRN
|
||||||
return 200;
|
return 200;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* @param App $a App
|
|
||||||
* @param string $contact_nick contact nickname
|
|
||||||
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
|
|
||||||
*/
|
|
||||||
public static function autoRedir(App $a, $contact_nick)
|
|
||||||
{
|
|
||||||
// prevent looping
|
|
||||||
if (!empty($_REQUEST['redir'])) {
|
|
||||||
Logger::log('autoRedir might be looping because redirect has been redirected', Logger::DEBUG);
|
|
||||||
// looping prevention also appears to sometimes prevent authentication for images
|
|
||||||
// because browser may have multiple connections open and load an image on a connection
|
|
||||||
// whose session wasn't updated when a previous redirect authenticated
|
|
||||||
// Leaving commented in case looping reappears
|
|
||||||
// return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ((! $contact_nick) || ($contact_nick === $a->user['nickname'])) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (local_user()) {
|
|
||||||
// We need to find out if $contact_nick is a user on this hub, and if so, if I
|
|
||||||
// am a contact of that user. However, that user may have other contacts with the
|
|
||||||
// same nickname as me on other hubs or other networks. Exclude these by requiring
|
|
||||||
// that the contact have a local URL. I will be the only person with my nickname at
|
|
||||||
// this URL, so if a result is found, then I am a contact of the $contact_nick user.
|
|
||||||
//
|
|
||||||
// We also have to make sure that I'm a legitimate contact--I'm not blocked or pending.
|
|
||||||
|
|
||||||
$baseurl = System::baseUrl();
|
|
||||||
$domain_st = strpos($baseurl, "://");
|
|
||||||
if ($domain_st === false) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
$baseurl = substr($baseurl, $domain_st + 3);
|
|
||||||
$nurl = Strings::normaliseLink($baseurl);
|
|
||||||
|
|
||||||
$r = User::getByNickname($contact_nick, ["uid"]);
|
|
||||||
$contact_uid = $r["uid"];
|
|
||||||
|
|
||||||
/// @todo Why is there a query for "url" *and* "nurl"? Especially this normalising is strange.
|
|
||||||
$r = q("SELECT `id` FROM `contact` WHERE `uid` = (SELECT `uid` FROM `user` WHERE `nickname` = '%s' LIMIT 1)
|
|
||||||
AND `nick` = '%s' AND NOT `self` AND (`url` LIKE '%%%s%%' OR `nurl` LIKE '%%%s%%') AND NOT `blocked` AND NOT `pending` LIMIT 1",
|
|
||||||
DBA::escape($contact_nick),
|
|
||||||
DBA::escape($a->user['nickname']),
|
|
||||||
DBA::escape($baseurl),
|
|
||||||
DBA::escape($nurl)
|
|
||||||
);
|
|
||||||
if ((! DBA::isResult($r))) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
// test if redirect authentication already succeeded
|
|
||||||
// Note that "contact" in the sense used in the $contact_nick argument to this function
|
|
||||||
// and the sense in the $remote[]["cid"] in the session are opposite.
|
|
||||||
// In the session variable the user currently fetching is the contact
|
|
||||||
// while $contact_nick is the nick of tho user who owns the stuff being fetched.
|
|
||||||
if (Session::getVisitorContactIDForUserID($contact_uid) == $r[0]['id']) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$r = q("SELECT * FROM contact WHERE nick = '%s'
|
|
||||||
AND network = '%s' AND uid = %d AND url LIKE '%%%s%%' LIMIT 1",
|
|
||||||
DBA::escape($contact_nick),
|
|
||||||
DBA::escape(Protocol::DFRN),
|
|
||||||
intval(local_user()),
|
|
||||||
DBA::escape($baseurl)
|
|
||||||
);
|
|
||||||
if (! DBA::isResult($r)) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$cid = $r[0]['id'];
|
|
||||||
|
|
||||||
$dfrn_id = (($r[0]['issued-id']) ? $r[0]['issued-id'] : $r[0]['dfrn-id']);
|
|
||||||
|
|
||||||
if ($r[0]['duplex'] && $r[0]['issued-id']) {
|
|
||||||
$orig_id = $r[0]['issued-id'];
|
|
||||||
$dfrn_id = '1:' . $orig_id;
|
|
||||||
}
|
|
||||||
if ($r[0]['duplex'] && $r[0]['dfrn-id']) {
|
|
||||||
$orig_id = $r[0]['dfrn-id'];
|
|
||||||
$dfrn_id = '0:' . $orig_id;
|
|
||||||
}
|
|
||||||
|
|
||||||
// ensure that we've got a valid ID. There may be some edge cases with forums and non-duplex mode
|
|
||||||
// that may have triggered some of the "went to {profile/intro} and got an RSS feed" issues
|
|
||||||
|
|
||||||
if (strlen($dfrn_id) < 3) {
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
$sec = Strings::getRandomHex();
|
|
||||||
|
|
||||||
DBA::insert('profile_check', ['uid' => local_user(), 'cid' => $cid, 'dfrn_id' => $dfrn_id, 'sec' => $sec, 'expire' => time() + 45]);
|
|
||||||
|
|
||||||
$url = curPageURL();
|
|
||||||
|
|
||||||
Logger::log('auto_redir: ' . $r[0]['name'] . ' ' . $sec, Logger::DEBUG);
|
|
||||||
$dest = (($url) ? '&destination_url=' . $url : '');
|
|
||||||
System::externalRedirect($r[0]['poll'] . '?dfrn_id=' . $dfrn_id
|
|
||||||
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION . '&type=profile&sec=' . $sec . $dest);
|
|
||||||
}
|
|
||||||
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Returns the activity verb
|
* @brief Returns the activity verb
|
||||||
*
|
*
|
||||||
|
|
Loading…
Reference in New Issue
Block a user