lots of work, 2way friends, comments...
This commit is contained in:
parent
3713a9291c
commit
6817c5d59a
1
boot.php
1
boot.php
|
@ -21,6 +21,7 @@ class App {
|
||||||
public $page;
|
public $page;
|
||||||
public $profile;
|
public $profile;
|
||||||
public $user;
|
public $user;
|
||||||
|
public $cid;
|
||||||
public $content;
|
public $content;
|
||||||
public $error = false;
|
public $error = false;
|
||||||
public $cmd;
|
public $cmd;
|
||||||
|
|
|
@ -8,6 +8,7 @@ if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] == 'login'))) {
|
||||||
unset($_SESSION['uid']);
|
unset($_SESSION['uid']);
|
||||||
unset($_SESSION['visitor_id']);
|
unset($_SESSION['visitor_id']);
|
||||||
unset($_SESSION['administrator']);
|
unset($_SESSION['administrator']);
|
||||||
|
unset($_SESSION['cid']);
|
||||||
$_SESSION['sysmsg'] = "Logged out." . EOL;
|
$_SESSION['sysmsg'] = "Logged out." . EOL;
|
||||||
goaway($a->get_baseurl());
|
goaway($a->get_baseurl());
|
||||||
}
|
}
|
||||||
|
@ -21,6 +22,12 @@ if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] == 'login'))) {
|
||||||
if(strlen($a->user['timezone']))
|
if(strlen($a->user['timezone']))
|
||||||
date_default_timezone_set($a->user['timezone']);
|
date_default_timezone_set($a->user['timezone']);
|
||||||
|
|
||||||
|
$r = q("SELECT * FROM `contact` WHERE `uid` = %s AND `self` = 1 LIMIT 1",
|
||||||
|
intval($_SESSION['uid']));
|
||||||
|
if(count($r)) {
|
||||||
|
$a->cid = $r[0]['id'];
|
||||||
|
$_SESSION['cid'] = $a->cid;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -28,6 +35,7 @@ else {
|
||||||
unset($_SESSION['uid']);
|
unset($_SESSION['uid']);
|
||||||
unset($_SESSION['visitor_id']);
|
unset($_SESSION['visitor_id']);
|
||||||
unset($_SESSION['administrator']);
|
unset($_SESSION['administrator']);
|
||||||
|
unset($_SESSION['cid']);
|
||||||
$encrypted = hash('whirlpool',trim($_POST['password']));
|
$encrypted = hash('whirlpool',trim($_POST['password']));
|
||||||
|
|
||||||
if((x($_POST,'auth-params')) && $_POST['auth-params'] == 'login') {
|
if((x($_POST,'auth-params')) && $_POST['auth-params'] == 'login') {
|
||||||
|
@ -52,6 +60,14 @@ else {
|
||||||
if(strlen($a->user['timezone']))
|
if(strlen($a->user['timezone']))
|
||||||
date_default_timezone_set($a->user['timezone']);
|
date_default_timezone_set($a->user['timezone']);
|
||||||
|
|
||||||
|
$r = q("SELECT * FROM `contact` WHERE `uid` = %s AND `self` = 1 LIMIT 1",
|
||||||
|
intval($_SESSION['uid']));
|
||||||
|
if(count($r)) {
|
||||||
|
$a->cid = $r[0]['id'];
|
||||||
|
$_SESSION['cid'] = $a->cid;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -93,13 +93,13 @@ function contacts_content(&$a) {
|
||||||
|
|
||||||
switch($sort_type) {
|
switch($sort_type) {
|
||||||
case DIRECTION_BOTH :
|
case DIRECTION_BOTH :
|
||||||
$sql_extra = " AND `dfrn-id` != '' AND `ret-id` != '' ";
|
$sql_extra = " AND `dfrn-id` != '' AND `issued-id` != '' ";
|
||||||
break;
|
break;
|
||||||
case DIRECTION_IN :
|
case DIRECTION_IN :
|
||||||
$sql_extra = " AND `dfrn-id` != '' AND `ret-id` = '' ";
|
$sql_extra = " AND `dfrn-id` = '' AND `issued-id` != '' ";
|
||||||
break;
|
break;
|
||||||
case DIRECTION_OUT :
|
case DIRECTION_OUT :
|
||||||
$sql_extra = " AND `dfrn-id` = '' AND `ret-id` != '' ";
|
$sql_extra = " AND `dfrn-id` != '' AND `issued-id` = '' ";
|
||||||
break;
|
break;
|
||||||
case DIRECTION_ANY :
|
case DIRECTION_ANY :
|
||||||
default:
|
default:
|
||||||
|
@ -118,22 +118,22 @@ function contacts_content(&$a) {
|
||||||
if($rr['self'])
|
if($rr['self'])
|
||||||
continue;
|
continue;
|
||||||
$direction = '';
|
$direction = '';
|
||||||
if(strlen($rr['dfrn-id'])) {
|
if(strlen($rr['issued-id'])) {
|
||||||
if(strlen($rr['ret-id'])) {
|
if(strlen($rr['dfrn-id'])) {
|
||||||
$direction = DIRECTION_BOTH;
|
$direction = DIRECTION_BOTH;
|
||||||
$dir_icon = 'images/lrarrow.gif';
|
$dir_icon = 'images/lrarrow.gif';
|
||||||
$alt_text = 'Mutual Friendship';
|
$alt_text = 'Mutual Friendship';
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$direction = DIRECTION_OUT;
|
$direction = DIRECTION_IN;
|
||||||
$dir_icon = 'images/rarrow.gif';
|
$dir_icon = 'images/larrow.gif';
|
||||||
$alt_text = 'You are a fan of';
|
$alt_text = 'is a fan of yours';
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$direction = DIRECTION_IN;
|
$direction = DIRECTION_OUT;
|
||||||
$dir_icon = 'images/larrow.gif';
|
$dir_icon = 'images/rarrow.gif';
|
||||||
$alt_text = 'is a fan of yours';
|
$alt_text = 'you are a fan of';
|
||||||
}
|
}
|
||||||
|
|
||||||
$o .= replace_macros($tpl, array(
|
$o .= replace_macros($tpl, array(
|
||||||
|
|
|
@ -166,7 +166,7 @@ function dfrn_confirm_post(&$a) {
|
||||||
$res = mail($r[0]['email'],"Introduction accepted at {$a->config['sitename']}",
|
$res = mail($r[0]['email'],"Introduction accepted at {$a->config['sitename']}",
|
||||||
$email_tpl,"From: Administrator@{$_SERVER[SERVER_NAME]}");
|
$email_tpl,"From: Administrator@{$_SERVER[SERVER_NAME]}");
|
||||||
if(!$res) {
|
if(!$res) {
|
||||||
$_SESSION['sysmsg'] .= "Email notification failed." . EOL;
|
notice( "Email notification failed." . EOL );
|
||||||
}
|
}
|
||||||
xml_status(0); // Success
|
xml_status(0); // Success
|
||||||
|
|
||||||
|
@ -182,12 +182,12 @@ function dfrn_confirm_post(&$a) {
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|
||||||
// We are processing a local confirmation initiated on this system by our user to an external introduction.
|
// We are processing a local confirmation initiated on this system by our user to an external introduction.
|
||||||
|
|
||||||
$uid = $_SESSION['uid'];
|
$uid = $_SESSION['uid'];
|
||||||
|
|
||||||
if(! $uid) {
|
if(! $uid) {
|
||||||
$_SESSION['sysmsg'] = 'Unauthorised.';
|
notice("Permission denied." . EOL );
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -223,7 +223,7 @@ function dfrn_confirm_post(&$a) {
|
||||||
$pubkey = openssl_pkey_get_details($res);
|
$pubkey = openssl_pkey_get_details($res);
|
||||||
$public_key = $pubkey["key"];
|
$public_key = $pubkey["key"];
|
||||||
|
|
||||||
$r = q("UPDATE `contact` SET `pubkey` = '%s', `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
|
$r = q("UPDATE `contact` SET `issued-pubkey` = '%s', `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1",
|
||||||
dbesc($public_key),
|
dbesc($public_key),
|
||||||
dbesc($private_key),
|
dbesc($private_key),
|
||||||
intval($contact_id),
|
intval($contact_id),
|
||||||
|
|
|
@ -29,76 +29,113 @@ function dfrn_request_post(&$a) {
|
||||||
goaway($a->get_baseurl());
|
goaway($a->get_baseurl());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// callback to local site after remote request and local confirm
|
// callback to local site after remote request and local confirm
|
||||||
|
|
||||||
if((x($_POST,'localconfirm')) && ($_POST['localconfirm'] == 1)
|
if((x($_POST,'localconfirm')) && ($_POST['localconfirm'] == 1)
|
||||||
&& (x($_SESSION,'authenticated')) && (x($_SESSION,'uid'))
|
&& local_user() && ($_SESSION['uid'] == $a->argv[1]) && (x($_POST,'dfrn_url'))) {
|
||||||
&& ($_SESSION['uid'] == $a->argv[1]) && (x($_POST,'dfrn_url'))) {
|
|
||||||
|
// We are the requestor, and we've been sent back to our own site
|
||||||
|
// to confirm the request. We've done so and clicked submit,
|
||||||
|
// which brings us here.
|
||||||
|
|
||||||
|
|
||||||
$dfrn_url = notags(trim($_POST['dfrn_url']));
|
$dfrn_url = notags(trim($_POST['dfrn_url']));
|
||||||
$aes_allow = (((x($_POST,'aes_allow')) && ($_POST['aes_allow'] == 1)) ? 1 : 0);
|
$aes_allow = (((x($_POST,'aes_allow')) && ($_POST['aes_allow'] == 1)) ? 1 : 0);
|
||||||
$confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : "");
|
$confirm_key = ((x($_POST,'confirm_key')) ? $_POST['confirm_key'] : "");
|
||||||
$failed = false;
|
|
||||||
|
|
||||||
require_once('Scrape.php');
|
$contact_record = null;
|
||||||
|
|
||||||
if(x($dfrn_url)) {
|
if(x($dfrn_url)) {
|
||||||
|
|
||||||
$parms = scrape_dfrn($dfrn_url);
|
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `dfrn-url` = '%s' LIMIT 1",
|
||||||
|
intval($_SESSION['uid']),
|
||||||
|
dbesc($dfrn_url)
|
||||||
|
);
|
||||||
|
|
||||||
if(! count($parms)) {
|
if(count($r)) {
|
||||||
$_SESSION['sysmsg'] .= 'URL is not valid or does not contain profile information.' . EOL ;
|
if(strlen($r[0]['dfrn-id'])) {
|
||||||
$failed = true;
|
notice("This introduction has already been accepted." . EOL );
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
$contact_record = $r[0];
|
||||||
|
}
|
||||||
|
|
||||||
|
if(is_array($contact_record)) {
|
||||||
|
$r = q("UPDATE `contact` SET `ret-aes` = %d WHERE `id` = %d LIMIT 1",
|
||||||
|
intval($aes_allow),
|
||||||
|
intval($contact_record['id'])
|
||||||
|
);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if(! x($parms,'fn'))
|
|
||||||
$_SESSION['sysmsg'] .= 'Warning: DFRN profile has no identifiable owner name.' . EOL ;
|
|
||||||
if(! x($parms,'photo'))
|
|
||||||
$_SESSION['sysmsg'] .= 'Warning: DFRN profile has no profile photo.' . EOL ;
|
|
||||||
$invalid = validate_dfrn($parms);
|
|
||||||
if($invalid) {
|
|
||||||
echo $invalid . ' required DFRN parameter'
|
|
||||||
. (($invalid == 1) ? " was " : "s were " )
|
|
||||||
. "not found at the given URL" . '<br />';
|
|
||||||
|
|
||||||
$failed = true;
|
require_once('Scrape.php');
|
||||||
|
|
||||||
|
|
||||||
|
$parms = scrape_dfrn($dfrn_url);
|
||||||
|
|
||||||
|
if(! count($parms)) {
|
||||||
|
notice( 'URL is not valid or does not contain profile information.' . EOL );
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
|
else {
|
||||||
|
if(! x($parms,'fn'))
|
||||||
|
notice( 'Warning: DFRN profile has no identifiable owner name.' . EOL );
|
||||||
|
if(! x($parms,'photo'))
|
||||||
|
notice( 'Warning: DFRN profile has no profile photo.' . EOL );
|
||||||
|
$invalid = validate_dfrn($parms);
|
||||||
|
if($invalid) {
|
||||||
|
notice( $invalid . ' required DFRN parameter'
|
||||||
|
. (($invalid == 1) ? " was " : "s were " )
|
||||||
|
. "not found at the given URL" . EOL );
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
$dfrn_request = $parms['dfrn-request'];
|
||||||
|
|
||||||
|
dbesc_array($parms);
|
||||||
|
|
||||||
|
|
||||||
|
$r = q("INSERT INTO `contact` ( `uid`, `created`,`url`, `name`, `photo`, `site-pubkey`,
|
||||||
|
`request`, `confirm`, `notify`, `poll`, `aes_allow`)
|
||||||
|
VALUES ( %d, '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', %d)",
|
||||||
|
intval($_SESSION['uid']),
|
||||||
|
datetime_convert(),
|
||||||
|
dbesc($dfrn_url),
|
||||||
|
$parms['fn'],
|
||||||
|
$parms['photo'],
|
||||||
|
$parms['key'],
|
||||||
|
$parms['dfrn-request'],
|
||||||
|
$parms['dfrn-confirm'],
|
||||||
|
$parms['dfrn-notify'],
|
||||||
|
$parms['dfrn-poll'],
|
||||||
|
intval($aes_allow)
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
|
||||||
if(! $failed) {
|
|
||||||
|
|
||||||
$dfrn_request = $parms['dfrn-request'];
|
if($r) {
|
||||||
/////////////////////////
|
notice( "Introduction complete." . EOL);
|
||||||
dbesc_array($parms);
|
}
|
||||||
////////////////////////
|
|
||||||
|
|
||||||
$r = q("INSERT INTO `contact` ( `uid`, `created`,`url`, `name`, `photo`, `site-pubkey`,
|
|
||||||
`request`, `confirm`, `notify`, `poll`, `aes_allow`)
|
|
||||||
VALUES ( %d, '%s', '%s', '%s' , '%s', '%s', '%s', '%s', '%s', '%s', %d)",
|
|
||||||
intval($_SESSION['uid']),
|
|
||||||
datetime_convert(),
|
|
||||||
dbesc($dfrn_url),
|
|
||||||
$parms['fn'],
|
|
||||||
$parms['photo'],
|
|
||||||
$parms['key'],
|
|
||||||
$parms['dfrn-request'],
|
|
||||||
$parms['dfrn-confirm'],
|
|
||||||
$parms['dfrn-notify'],
|
|
||||||
$parms['dfrn-poll'],
|
|
||||||
intval($aes_allow)
|
|
||||||
);
|
|
||||||
if($r === false)
|
|
||||||
$_SESSION['sysmsg'] .= "Failed to create contact." . EOL;
|
|
||||||
else
|
|
||||||
$_SESSION['sysmsg'] .= "Introduction complete.";
|
|
||||||
|
|
||||||
// Allow the blocked remote notification to complete
|
// Allow the blocked remote notification to complete
|
||||||
|
|
||||||
|
if(is_array($contact_record))
|
||||||
|
$dfrn_request = $contact_record['request'];
|
||||||
|
|
||||||
if(strlen($dfrn_request) && strlen($confirm_key))
|
if(strlen($dfrn_request) && strlen($confirm_key))
|
||||||
$s = fetch_url($dfrn_request . '?confirm_key=' . $confirm_key);
|
$s = fetch_url($dfrn_request . '?confirm_key=' . $confirm_key);
|
||||||
|
// ignore reply
|
||||||
goaway($dfrn_url);
|
goaway($dfrn_url);
|
||||||
|
// NOTREACHED
|
||||||
|
|
||||||
}
|
}
|
||||||
|
// invalid DFRN-url
|
||||||
|
notice( "Unrecoverable protocol error." . EOL );
|
||||||
|
goaway($a->get_baseurl());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -116,105 +153,128 @@ function dfrn_request_post(&$a) {
|
||||||
|
|
||||||
$uid = $a->profile['uid'];
|
$uid = $a->profile['uid'];
|
||||||
|
|
||||||
|
$contact_record = null;
|
||||||
$failed = false;
|
$failed = false;
|
||||||
|
$parms = null;
|
||||||
|
|
||||||
require_once('Scrape.php');
|
|
||||||
|
|
||||||
if( x($_POST,'dfrn_url')) {
|
if( x($_POST,'dfrn_url')) {
|
||||||
|
|
||||||
$url = trim($_POST['dfrn_url']);
|
$url = trim($_POST['dfrn_url']);
|
||||||
if(x($url)) {
|
if(! strlen($url)) {
|
||||||
$parms = scrape_dfrn($url);
|
notice( "Invalid URL" . EOL );
|
||||||
|
|
||||||
if(! count($parms)) {
|
|
||||||
$_SESSION['sysmsg'] .= 'URL is not valid or does not contain profile information.' . EOL ;
|
|
||||||
$failed = true;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
if(! x($parms,'fn'))
|
|
||||||
$_SESSION['sysmsg'] .= 'Warning: DFRN profile has no identifiable owner name.' . EOL ;
|
|
||||||
if(! x($parms,'photo'))
|
|
||||||
$_SESSION['sysmsg'] .= 'Warning: DFRN profile has no profile photo.' . EOL ;
|
|
||||||
$invalid = validate_dfrn($parms);
|
|
||||||
if($invalid) {
|
|
||||||
echo $invalid . ' required DFRN parameter'
|
|
||||||
. (($invalid == 1) ? " was " : "s were " )
|
|
||||||
. "not found at the given URL" . '<br />';
|
|
||||||
|
|
||||||
$failed = true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$ret = q("SELECT `url` FROM `contact` WHERE `url` = '%s'", dbesc($url));
|
|
||||||
if($ret !== false && count($ret)) {
|
|
||||||
$_SESSION['sysmsg'] .= 'You have already introduced yourself here.' . EOL;
|
|
||||||
$failed = true;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
if(! $failed) {
|
|
||||||
|
|
||||||
$parms['url'] = $url;
|
|
||||||
$parms['issued-id'] = random_string();
|
|
||||||
|
|
||||||
/////////////////////////
|
|
||||||
dbesc_array($parms);
|
|
||||||
////////////////////////
|
|
||||||
|
|
||||||
$ret = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `name`, `issued-id`, `photo`, `site-pubkey`,
|
|
||||||
`request`, `confirm`, `notify`, `poll`, `visible` )
|
|
||||||
VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d )",
|
|
||||||
intval($uid),
|
|
||||||
datetime_convert(),
|
|
||||||
$parms['url'],
|
|
||||||
$parms['fn'],
|
|
||||||
$parms['issued-id'],
|
|
||||||
$parms['photo'],
|
|
||||||
$parms['key'],
|
|
||||||
$parms['dfrn-request'],
|
|
||||||
$parms['dfrn-confirm'],
|
|
||||||
$parms['dfrn-notify'],
|
|
||||||
$parms['dfrn-poll'],
|
|
||||||
((x($_POST,'visible')) ? 1 : 0 )
|
|
||||||
);
|
|
||||||
|
|
||||||
}
|
|
||||||
if($ret === false) {
|
|
||||||
$_SESSION['sysmsg'] .= 'Failed to create contact record.' . EOL;
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$ret = q("SELECT `id` FROM `contact`
|
|
||||||
WHERE `uid` = '%s' AND `url` = '%s' AND `issued-id` = '%s'
|
$ret = q("SELECT * FROM `contact` WHERE `uid` = %d AND `url` = '%s' LIMIT 1",
|
||||||
LIMIT 1",
|
|
||||||
intval($uid),
|
intval($uid),
|
||||||
$parms['url'],
|
dbesc($url)
|
||||||
$parms['issued-id']
|
);
|
||||||
|
|
||||||
|
if(count($ret)) {
|
||||||
|
if(strlen($ret[0]['issued-id'])) {
|
||||||
|
notice( 'You have already introduced yourself here.' . EOL );
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
$contact_record = $ret[0];
|
||||||
|
$parms = array('dfrn-request' => $ret[0]['request']);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
$issued_id = random_string();
|
||||||
|
|
||||||
|
if(is_array($contact_record)) {
|
||||||
|
// There is a contact record but no issued-id, so this
|
||||||
|
// is a reciprocal introduction from a known contact
|
||||||
|
$r = q("UPDATE `contact` SET `issued-id` = '%s', `ret-blocked` = 1 WHERE `id` = %d LIMIT 1",
|
||||||
|
dbesc($issued_id),
|
||||||
|
intval($contact_record['id'])
|
||||||
|
);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
|
||||||
|
require_once('Scrape.php');
|
||||||
|
|
||||||
|
$parms = scrape_dfrn($url);
|
||||||
|
|
||||||
|
if(! count($parms)) {
|
||||||
|
notice( 'URL is not valid or does not contain profile information.' . EOL );
|
||||||
|
killme();
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
if(! x($parms,'fn'))
|
||||||
|
notice( 'Warning: DFRN profile has no identifiable owner name.' . EOL );
|
||||||
|
if(! x($parms,'photo'))
|
||||||
|
notice( 'Warning: DFRN profile has no profile photo.' . EOL );
|
||||||
|
$invalid = validate_dfrn($parms);
|
||||||
|
if($invalid) {
|
||||||
|
notice( $invalid . ' required DFRN parameter'
|
||||||
|
. (($invalid == 1) ? " was " : "s were " )
|
||||||
|
. "not found at the given URL" . EOL) ;
|
||||||
|
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
$parms['url'] = $url;
|
||||||
|
$parms['issued-id'] = $issued_id;
|
||||||
|
|
||||||
|
|
||||||
|
dbesc_array($parms);
|
||||||
|
$r = q("INSERT INTO `contact` ( `uid`, `created`, `url`, `name`, `issued-id`, `photo`, `site-pubkey`,
|
||||||
|
`request`, `confirm`, `notify`, `poll` )
|
||||||
|
VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s' )",
|
||||||
|
intval($uid),
|
||||||
|
datetime_convert(),
|
||||||
|
$parms['url'],
|
||||||
|
$parms['fn'],
|
||||||
|
$parms['issued-id'],
|
||||||
|
$parms['photo'],
|
||||||
|
$parms['key'],
|
||||||
|
$parms['dfrn-request'],
|
||||||
|
$parms['dfrn-confirm'],
|
||||||
|
$parms['dfrn-notify'],
|
||||||
|
$parms['dfrn-poll']
|
||||||
);
|
);
|
||||||
|
|
||||||
if(($ret !== NULL) && (count($ret)))
|
// find the contact record we just created
|
||||||
$contact_id = $ret[0]['id'];
|
if($r) {
|
||||||
|
$r = q("SELECT `id` FROM `contact`
|
||||||
|
WHERE `uid` = '%s' AND `url` = '%s' AND `issued-id` = '%s' LIMIT 1",
|
||||||
|
intval($uid),
|
||||||
|
$parms['url'],
|
||||||
|
$parms['issued-id']
|
||||||
|
);
|
||||||
|
if(count($r))
|
||||||
|
$contact_record = $r[0];
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
if($r === false) {
|
||||||
|
notice( 'Failed to update contact record.' . EOL );
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
$hash = random_string() . (string) time(); // Generate a confirm_key
|
$hash = random_string() . (string) time(); // Generate a confirm_key
|
||||||
|
|
||||||
if($contact_id) {
|
if(is_array($contact_record)) {
|
||||||
$ret = q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `note`, `hash`, `datetime`)
|
$ret = q("INSERT INTO `intro` ( `uid`, `contact-id`, `blocked`, `knowyou`, `note`, `hash`, `datetime`)
|
||||||
VALUES ( %d, %d, 1, %d, '%s', '%s', '%s' )",
|
VALUES ( %d, %d, 1, %d, '%s', '%s', '%s' )",
|
||||||
intval($uid),
|
intval($uid),
|
||||||
intval($contact_id),
|
intval($contact_record['id']),
|
||||||
((x($_POST,'knowyou') && ($_POST['knowyou'] == 1)) ? 1 : 0),
|
((x($_POST,'knowyou') && ($_POST['knowyou'] == 1)) ? 1 : 0),
|
||||||
dbesc(trim($_POST['dfrn-request-message'])),
|
dbesc(trim($_POST['dfrn-request-message'])),
|
||||||
dbesc($hash),
|
dbesc($hash),
|
||||||
dbesc(datetime_convert())
|
dbesc(datetime_convert())
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// TODO: send an email notification if our user wants one
|
// TODO: send an email notification if our user wants one
|
||||||
|
|
||||||
if(! $failed)
|
if(! $failed)
|
||||||
$_SESSION['sysmsg'] .= "Your introduction has been sent." . EOL;
|
notice( "Your introduction has been sent." . EOL );
|
||||||
|
|
||||||
// "Homecoming" - send the requestor back to their site to record the introduction.
|
// "Homecoming" - send the requestor back to their site to record the introduction.
|
||||||
|
|
||||||
|
@ -222,9 +282,10 @@ function dfrn_request_post(&$a) {
|
||||||
$aes_allow = ((function_exists('openssl_encrypt')) ? 1 : 0);
|
$aes_allow = ((function_exists('openssl_encrypt')) ? 1 : 0);
|
||||||
|
|
||||||
goaway($parms['dfrn-request'] . "?dfrn_url=$dfrn_url" . '&confirm_key=' . $hash . (($aes_allow) ? "&aes_allow=1" : ""));
|
goaway($parms['dfrn-request'] . "?dfrn_url=$dfrn_url" . '&confirm_key=' . $hash . (($aes_allow) ? "&aes_allow=1" : ""));
|
||||||
|
// NOTREACHED
|
||||||
|
|
||||||
}
|
}
|
||||||
|
return;
|
||||||
}}
|
}}
|
||||||
|
|
||||||
if(! function_exists('dfrn_request_content')) {
|
if(! function_exists('dfrn_request_content')) {
|
||||||
|
@ -242,8 +303,8 @@ function dfrn_request_content(&$a) {
|
||||||
|
|
||||||
if(x($_GET,'dfrn_url')) {
|
if(x($_GET,'dfrn_url')) {
|
||||||
|
|
||||||
if(! x($_SESSION,'authenticated')) {
|
if(! local_user()) {
|
||||||
$_SESSION['sysmsg'] .= "Please login to confirm introduction." . EOL;
|
notice( "Please login to confirm introduction." . EOL );
|
||||||
return login();
|
return login();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -251,7 +312,7 @@ function dfrn_request_content(&$a) {
|
||||||
// but not as the person who needs to deal with this request.
|
// but not as the person who needs to deal with this request.
|
||||||
|
|
||||||
if (($_SESSION['uid'] != $a->argv[1]) && ($a->user['nickname'] != $a->argv[1])) {
|
if (($_SESSION['uid'] != $a->argv[1]) && ($a->user['nickname'] != $a->argv[1])) {
|
||||||
$_SESSION['sysmsg'] .= "Incorrect identity currently logged in. Please login to <strong>this</strong> profile." . EOL;
|
notice( "Incorrect identity currently logged in. Please login to <strong>this</strong> profile." . EOL);
|
||||||
return login();
|
return login();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -271,12 +332,12 @@ function dfrn_request_content(&$a) {
|
||||||
|
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
// safe to send our user their introduction
|
// we are the requestee and it is now safe to send our user their introduction
|
||||||
if((x($_GET,'confirm_key')) && strlen($_GET['confirm_key'])) {
|
if((x($_GET,'confirm_key')) && strlen($_GET['confirm_key'])) {
|
||||||
$r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s' LIMIT 1",
|
$r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s' LIMIT 1",
|
||||||
dbesc($_GET['confirm_key'])
|
dbesc($_GET['confirm_key'])
|
||||||
);
|
);
|
||||||
return;
|
killme();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -23,7 +23,7 @@ function item_post(&$a) {
|
||||||
intval($_SESSION['uid']));
|
intval($_SESSION['uid']));
|
||||||
if(count($r))
|
if(count($r))
|
||||||
$contact_id = $r[0]['id'];
|
$contact_id = $r[0]['id'];
|
||||||
|
}
|
||||||
if($_POST['type'] == 'jot') {
|
if($_POST['type'] == 'jot') {
|
||||||
|
|
||||||
do {
|
do {
|
||||||
|
@ -35,6 +35,7 @@ function item_post(&$a) {
|
||||||
$dups = true;
|
$dups = true;
|
||||||
} while($dups == true);
|
} while($dups == true);
|
||||||
|
|
||||||
|
|
||||||
$r = q("INSERT INTO `item` (`uid`,`type`,`contact-id`,`created`,`edited`,`hash`,`body`)
|
$r = q("INSERT INTO `item` (`uid`,`type`,`contact-id`,`created`,`edited`,`hash`,`body`)
|
||||||
VALUES( %d, '%s', %d, '%s', '%s', '%s', '%s' )",
|
VALUES( %d, '%s', %d, '%s', '%s', '%s', '%s' )",
|
||||||
intval($profile_uid),
|
intval($profile_uid),
|
||||||
|
|
|
@ -64,15 +64,22 @@ function profile_init(&$a) {
|
||||||
$a->page['htmlhead'] .= "<link rel=\"dfrn-{$dfrn}\" href=\"".$a->get_baseurl()."/dfrn_{$dfrn}/{$which}\" />\r\n";
|
$a->page['htmlhead'] .= "<link rel=\"dfrn-{$dfrn}\" href=\"".$a->get_baseurl()."/dfrn_{$dfrn}/{$which}\" />\r\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
function item_display($item,$template) {
|
function item_display(&$a, $item,$template,$comment) {
|
||||||
|
|
||||||
|
|
||||||
|
$profile_url = $item['url'];
|
||||||
|
|
||||||
|
if(local_user() && ($item['contact-uid'] == $_SESSION['uid']) && (strlen($item['dfrn-id'])) && (! $item['self'] ))
|
||||||
|
$profile_url = $a->get_baseurl() . '/redir/' . $item['cid'] ;
|
||||||
|
|
||||||
$o .= replace_macros($template,array(
|
$o .= replace_macros($template,array(
|
||||||
'$id' => $item['item_id'],
|
'$id' => $item['item_id'],
|
||||||
'$profile_url' => $item['url'],
|
'$profile_url' => $profile_url,
|
||||||
'$name' => $item['name'],
|
'$name' => $item['name'],
|
||||||
'$thumb' => $item['thumb'],
|
'$thumb' => $item['thumb'],
|
||||||
'$body' => bbcode($item['body']),
|
'$body' => bbcode($item['body']),
|
||||||
'$ago' => relative_date($item['created'])
|
'$ago' => relative_date($item['created']),
|
||||||
|
'$comment' => $comment
|
||||||
));
|
));
|
||||||
|
|
||||||
|
|
||||||
|
@ -89,6 +96,17 @@ function profile_content(&$a) {
|
||||||
// $tpl = file_get_contents('view/profile_tabs.tpl');
|
// $tpl = file_get_contents('view/profile_tabs.tpl');
|
||||||
|
|
||||||
|
|
||||||
|
if(remote_user())
|
||||||
|
$contact_id = $_SESSION['visitor_id'];
|
||||||
|
if(local_user()) {
|
||||||
|
$r = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1",
|
||||||
|
$_SESSION['uid']
|
||||||
|
);
|
||||||
|
if(count($r))
|
||||||
|
$contact_id = $r[0]['id'];
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
if(can_write_wall($a,$a->profile['profile_uid'])) {
|
if(can_write_wall($a,$a->profile['profile_uid'])) {
|
||||||
$tpl = file_get_contents('view/jot-header.tpl');
|
$tpl = file_get_contents('view/jot-header.tpl');
|
||||||
|
|
||||||
|
@ -111,7 +129,8 @@ function profile_content(&$a) {
|
||||||
|
|
||||||
// Add comments.
|
// Add comments.
|
||||||
|
|
||||||
$r = q("SELECT `item`.*, `contact`.`name`, `contact`.`photo`, `contact`.`thumb`, `contact`.`id` AS `cid`
|
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, `contact`.`id` AS `cid`,
|
||||||
|
`contact`.`uid` AS `contact-uid`
|
||||||
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
|
FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
|
||||||
WHERE `item`.`uid` = %d AND `item`.`visible` = 1
|
WHERE `item`.`uid` = %d AND `item`.`visible` = 1
|
||||||
AND `contact`.`blocked` = 0
|
AND `contact`.`blocked` = 0
|
||||||
|
@ -121,11 +140,23 @@ function profile_content(&$a) {
|
||||||
intval($a->profile['uid'])
|
intval($a->profile['uid'])
|
||||||
);
|
);
|
||||||
|
|
||||||
|
$template = file_get_contents('view/comment_item.tpl');
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$tpl = file_get_contents('view/wall_item.tpl');
|
$tpl = file_get_contents('view/wall_item.tpl');
|
||||||
|
|
||||||
if(count($r)) {
|
if(count($r)) {
|
||||||
foreach($r as $rr) {
|
foreach($r as $rr) {
|
||||||
$o .= item_display($rr,$tpl);
|
$comment = replace_macros($template,array(
|
||||||
|
'$id' => $rr['item_id'],
|
||||||
|
'$profile_uid' => $a->profile['profile_uid']
|
||||||
|
));
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
$o .= item_display($a,$rr,$tpl,$comment);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -114,7 +114,8 @@ function register_post(&$a) {
|
||||||
dbesc($username),
|
dbesc($username),
|
||||||
dbesc($a->get_baseurl() . '/images/default-profile.jpg'),
|
dbesc($a->get_baseurl() . '/images/default-profile.jpg'),
|
||||||
dbesc($a->get_baseurl() . '/images/default-profile-sm.jpg')
|
dbesc($a->get_baseurl() . '/images/default-profile-sm.jpg')
|
||||||
);
|
|
||||||
|
);
|
||||||
if($r === false) {
|
if($r === false) {
|
||||||
$_SESSION['sysmsg'] .= "An error occurred creating your default profile. Please try again." . EOL ;
|
$_SESSION['sysmsg'] .= "An error occurred creating your default profile. Please try again." . EOL ;
|
||||||
// Start fresh next time.
|
// Start fresh next time.
|
||||||
|
@ -122,13 +123,20 @@ function register_post(&$a) {
|
||||||
intval($newuid));
|
intval($newuid));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
$r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `photo`, `thumb`, `blocked` )
|
$r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `photo`, `thumb`, `blocked`, `url`,
|
||||||
VALUES ( %d, '%s', 1, '%s', '%s', '%s', 0 ) ",
|
`request`, `notify`, `poll`, `confirm` )
|
||||||
|
VALUES ( %d, '%s', 1, '%s', '%s', '%s', 0, '%s', '%s', '%s', '%s', '%s' ) ",
|
||||||
intval($newuid),
|
intval($newuid),
|
||||||
datetime_convert(),
|
datetime_convert(),
|
||||||
dbesc($username),
|
dbesc($username),
|
||||||
dbesc($a->get_baseurl() . '/images/default-profile.jpg'),
|
dbesc($a->get_baseurl() . '/images/default-profile.jpg'),
|
||||||
dbesc($a->get_baseurl() . '/images/default-profile-sm.jpg')
|
dbesc($a->get_baseurl() . '/images/default-profile-sm.jpg'),
|
||||||
|
dbesc($a->get_baseurl() . '/profile/' . intval($newuid)),
|
||||||
|
dbesc($a->get_baseurl() . '/dfrn_request/' . intval($newuid)),
|
||||||
|
dbesc($a->get_baseurl() . '/dfrn_notify/' . intval($newuid)),
|
||||||
|
dbesc($a->get_baseurl() . '/dfrn_poll/' . intval($newuid)),
|
||||||
|
dbesc($a->get_baseurl() . '/dfrn_confirm/' . intval($newuid))
|
||||||
|
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -119,6 +119,18 @@ function settings_post(&$a) {
|
||||||
// FIXME - set to un-verified, blocked and redirect to logout
|
// FIXME - set to un-verified, blocked and redirect to logout
|
||||||
|
|
||||||
}
|
}
|
||||||
|
if($nick_changed) {
|
||||||
|
$r = q ("UPDATE `profile` SET `url` = '%s', `request` = '%s', `notify` = '%s', `poll` = '%s', `confirm` = '%s'
|
||||||
|
WHERE `uid` = %d AND `self` = 1 LIMIT 1",
|
||||||
|
dbesc( $a->get_baseurl() . '/profile/' . $nick ),
|
||||||
|
dbesc( $a->get_baseurl() . '/dfrn_request/' . $nick ),
|
||||||
|
dbesc( $a->get_baseurl() . '/dfrn_notify/' . $nick ),
|
||||||
|
dbesc( $a->get_baseurl() . '/dfrn_poll/' . $nick ),
|
||||||
|
dbesc( $a->get_baseurl() . '/dfrn_confirm/' . $nick ),
|
||||||
|
intval($_SESSION['uid'])
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
// Refresh the content display with new data
|
// Refresh the content display with new data
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
|
||||||
|
<div class="comment-edit" id="comment-edit-$id" onclick="openClose('comment-edit-wrapper-$id');" >Comments</div>
|
||||||
|
<div class="comment-edit-wrapper" id="comment-edit-wrapper-$id" style="display: none;">
|
||||||
|
<form class="comment-edit-form" id="comment-edit-form-$id" action="item" method="post" >
|
||||||
|
<input type="hidden" name="type" value="jot" />
|
||||||
|
<input type="hidden" name="profile_uid" value="$profile_uid" />
|
||||||
|
<input type="hidden" name="parent" value="$id" />
|
||||||
|
<textarea rows="3" cols="40" id="comment-edit-text-$id" name="body" ></textarea>
|
||||||
|
|
||||||
|
|
||||||
|
<div id="comment-edit-submit-wrapper" >
|
||||||
|
<input type="submit" id="comment-edit-submit" name="submit" value="Submit" />
|
||||||
|
</div>
|
||||||
|
<div id="comment-edit-end"></div>
|
||||||
|
</form>
|
||||||
|
</div>
|
|
@ -21,6 +21,20 @@ tinyMCE.init({
|
||||||
|
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
||||||
|
function openClose(theID) {
|
||||||
|
if(document.getElementById(theID).style.display == "block") {
|
||||||
|
document.getElementById(theID).style.display = "none"
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
document.getElementById(theID).style.display = "block"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
function openMenu(theID) {
|
||||||
|
document.getElementById(theID).style.display = "block"
|
||||||
|
}
|
||||||
|
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<!--
|
<!--
|
||||||
|
|
|
@ -15,4 +15,5 @@ What's on your mind?
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
<div id="profile-jot-end"></div>
|
<div id="profile-jot-end"></div>
|
||||||
|
</form>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -1,15 +1,18 @@
|
||||||
|
|
||||||
<form action="register" method="post" />
|
<form action="register" method="post" >
|
||||||
$registertext
|
$registertext
|
||||||
<div id="register-name-wrapper" >
|
<div id="register-name-wrapper" >
|
||||||
<label for="register-name" id="label-register-name" >Your Full Name (e.g. Joe Smith): <label>
|
<label for="register-name" id="label-register-name" >Your Full Name (e.g. Joe Smith): </label>
|
||||||
<input type="text" maxlength="60" size="32" name="username" id="register-name" value="" >
|
<input type="text" maxlength="60" size="32" name="username" id="register-name" value="" >
|
||||||
</div>
|
</div>
|
||||||
|
<div id="register-name-end" ></div>
|
||||||
<div id="register-email-wrapper" >
|
<div id="register-email-wrapper" >
|
||||||
<label for="register-email" id="label-register-email" >Your Email Address: <label>
|
<label for="register-email" id="label-register-email" >Your Email Address: </label>
|
||||||
<input type="text" maxlength="60" size="32" name="email" id="register-email" value="" >
|
<input type="text" maxlength="60" size="32" name="email" id="register-email" value="" >
|
||||||
</div>
|
</div>
|
||||||
|
<div id="register-email-end" ></div>
|
||||||
<div id="register-submit-wrapper">
|
<div id="register-submit-wrapper">
|
||||||
<input type="submit" name="submit" id="register-submit-button" value="Register" />
|
<input type="submit" name="submit" id="register-submit-button" value="Register" />
|
||||||
</div>
|
</div>
|
||||||
|
<div id="register-submit-end" ></div>
|
||||||
</form>
|
</form>
|
||||||
|
|
|
@ -111,9 +111,10 @@ footer {
|
||||||
#register-name, #register-email {
|
#register-name, #register-email {
|
||||||
float: left;
|
float: left;
|
||||||
margin-top: 10px;
|
margin-top: 10px;
|
||||||
|
width: 150px;
|
||||||
}
|
}
|
||||||
|
|
||||||
#register-name-wrapper, #register-email-wrapper, #register-submit-wrapper {
|
#register-name-end, #register-email-end, #register-submit-end {
|
||||||
clear: both;
|
clear: both;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -371,6 +372,14 @@ input#dfrn-url {
|
||||||
border: none;
|
border: none;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.comment-edit {
|
||||||
|
font-size: 0.8em;
|
||||||
|
cursor: pointer;
|
||||||
|
color: #3172BD;
|
||||||
|
margin-top: 15px;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
#profile-jot-submit-wrapper {
|
#profile-jot-submit-wrapper {
|
||||||
margin-top: 15px;
|
margin-top: 15px;
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,6 +7,9 @@
|
||||||
<a href="$profile_url" title="View $name's profile" class="wall-item-name-link"><span class="wall-item-name" id="wall-item-name-$id" >$name</span></a>
|
<a href="$profile_url" title="View $name's profile" class="wall-item-name-link"><span class="wall-item-name" id="wall-item-name-$id" >$name</span></a>
|
||||||
<span class="wall-item-body" id="wall-item-body-$id" >$body</span>
|
<span class="wall-item-body" id="wall-item-body-$id" >$body</span>
|
||||||
<div class="wall-item-ago" id="wall-item-ago-$id">$ago</div>
|
<div class="wall-item-ago" id="wall-item-ago-$id">$ago</div>
|
||||||
|
|
||||||
|
<div class="wall-item-comment-separator"></div>
|
||||||
|
$comment
|
||||||
</div>
|
</div>
|
||||||
<div class="wall-item-wrapper-end"></div>
|
<div class="wall-item-wrapper-end"></div>
|
||||||
</div>
|
</div>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user