/**
*xmlify and unxmlify
*/
public function testXmlify()
{
$text = "<tag>I want to break\n this!11!<?hard?></tag>";
$xml = xmlify($text);
$retext = unxmlify($text);
$this->assertEquals($text, $retext);
}
function filer_content(&$a)
{
if (!local_channel()) {
killme();
}
$term = unxmlify(trim($_GET['term']));
$item_id = $a->argc > 1 ? intval($a->argv[1]) : 0;
logger('filer: tag ' . $term . ' item ' . $item_id);
if ($item_id && strlen($term)) {
// file item
store_item_tag(local_channel(), $item_id, TERM_OBJ_POST, TERM_FILE, $term, '');
// protect the entire conversation from periodic expiration
$r = q("select parent from item where id = %d and uid = %d limit 1", intval($item_id), intval(local_channel()));
if ($r) {
$x = q("update item set item_retained = 1 where id = %d and uid = %d", intval($r[0]['parent']), intval(local_channel()));
}
} else {
$filetags = array();
$r = q("select distinct(term) from term where uid = %d and type = %d order by term asc", intval(local_channel()), intval(TERM_FILE));
if (count($r)) {
foreach ($r as $rr) {
$filetags[] = $rr['term'];
}
}
$tpl = get_markup_template("filer_dialog.tpl");
$o = replace_macros($tpl, array('$field' => array('term', t("Save to Folder:"), '', '', $filetags, t('- select -')), '$submit' => t('Save')));
echo $o;
}
killme();
}
function filerm_content(&$a)
{
if (!local_user()) {
killme();
}
$term = unxmlify(trim($_GET['term']));
$cat = unxmlify(trim($_GET['cat']));
$category = $cat ? true : false;
if ($category) {
$term = $cat;
}
$item_id = $a->argc > 1 ? intval($a->argv[1]) : 0;
logger('filerm: tag ' . $term . ' item ' . $item_id);
if ($item_id && strlen($term)) {
file_tag_unsave_file(local_user(), $item_id, $term, $category);
}
if (x($_SESSION, 'return_url')) {
goaway($a->get_baseurl() . '/' . $_SESSION['return_url']);
}
killme();
}
function qcomment_addon_settings(&$a, &$s)
{
if (!local_user()) {
return;
}
/* Add our stylesheet to the page so we can make our settings look nice */
$a->page['htmlhead'] .= '<link rel="stylesheet" type="text/css" href="' . $a->get_baseurl() . '/addon/qcomment/qcomment.css' . '" media="all" />' . "\r\n";
$words = get_pconfig(local_user(), 'qcomment', 'words');
if ($words === false) {
$words = t(':-)') . "\n" . t(':-(') . "\n" . t('lol');
}
$s .= '<div class="settings-block">';
$s .= '<h3>' . t('Quick Comment Settings') . '</h3>';
$s .= '<div id="qcomment-wrapper">';
$s .= '<div id="qcomment-desc">' . t("Quick comments are found near comment boxes, sometimes hidden. Click them to provide simple replies.") . '</div>';
$s .= '<label id="qcomment-label" for="qcomment-words">' . t('Enter quick comments, one per line') . ' </label>';
$s .= '<textarea id="qcomment-words" type="text" name="qcomment-words" >' . htmlspecialchars(unxmlify($words)) . '</textarea>';
$s .= '</div><div class="clear"></div>';
$s .= '<div class="settings-submit-wrapper" ><input type="submit" id="qcomment-submit" name="qcomment-submit" class="settings-submit" value="' . t('Save Settings') . '" /></div>';
$s .= '</div>';
return;
}
function filer_content(&$a)
{
if (!local_user()) {
killme();
}
$term = unxmlify(trim($_GET['term']));
$item_id = $a->argc > 1 ? intval($a->argv[1]) : 0;
logger('filer: tag ' . $term . ' item ' . $item_id);
if ($item_id && strlen($term)) {
// file item
file_tag_save_file(local_user(), $item_id, $term);
} else {
// return filer dialog
$filetags = get_pconfig(local_user(), 'system', 'filetags');
$filetags = file_tag_file_to_list($filetags, 'file');
$filetags = explode(",", $filetags);
$tpl = get_markup_template("filer_dialog.tpl");
$o = replace_macros($tpl, array('$field' => array('term', t("Save to Folder:"), '', '', $filetags, t('- select -')), '$submit' => t('Save')));
echo $o;
}
killme();
}
function dfrn_notify_post(&$a)
{
$dfrn_id = notags(trim($_POST['dfrn_id']));
$challenge = notags(trim($_POST['challenge']));
$data = $_POST['data'];
$r = q("SELECT * FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1", dbesc($dfrn_id), dbesc($challenge));
if (!count($r)) {
xml_status(3);
}
$r = q("DELETE FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1", dbesc($dfrn_id), dbesc($challenge));
// find the local user who owns this relationship.
$r = q("SELECT `contact`.*, `user`.* FROM `contact` LEFT JOIN `user` on `user`.`uid` = 1 \n\t\tWHERE ( `issued-id` = '%s' OR ( `duplex` = 1 AND `dfrn-id` = '%s' )) LIMIT 1", dbesc($dfrn_id), dbesc($dfrn_id));
if (!count($r)) {
xml_status(3);
return;
//NOTREACHED
}
$importer = $r[0];
$feed = new SimplePie();
$feed->set_raw_data($data);
$feed->enable_order_by_date(false);
$feed->init();
$ismail = false;
$rawmail = $feed->get_feed_tags(NAMESPACE_DFRN, 'mail');
if (isset($rawmail[0]['child'][NAMESPACE_DFRN])) {
if ($importer['readonly']) {
// We aren't receiving email from this person. But we will quietly ignore them
// rather than a blatant "go away" message.
xml_status(0);
return;
//NOTREACHED
}
$ismail = true;
$base = $rawmail[0]['child'][NAMESPACE_DFRN];
$msg = array();
$msg['from-name'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['name'][0]['data']));
$msg['from-photo'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['avatar'][0]['data']));
$msg['from-url'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['uri'][0]['data']));
$msg['contact-id'] = $importer['id'];
$msg['title'] = notags(unxmlify($base['subject'][0]['data']));
$msg['body'] = escape_tags(unxmlify($base['content'][0]['data']));
$msg['delivered'] = 1;
$msg['seen'] = 0;
$msg['replied'] = 0;
$msg['uri'] = notags(unxmlify($base['id'][0]['data']));
$msg['parent-uri'] = notags(unxmlify($base['in-reply-to'][0]['data']));
$msg['created'] = datetime_convert(notags(unxmlify('UTC', 'UTC', $base['sentdate'][0]['data'])));
dbesc_array($msg);
$r = q("INSERT INTO `mail` (`" . implode("`, `", array_keys($msg)) . "`) VALUES ('" . implode("', '", array_values($msg)) . "')");
require_once 'bbcode.php';
if ($importer['notify-flags'] & NOTIFY_MAIL) {
$tpl = file_get_contents('view/mail_received_eml.tpl');
$email_tpl = replace_macros($tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => $importer['username'], '$email' => $importer['email'], '$from' => $msg['from-name'], '$title' => $msg['title'], '$body' => strip_tags(bbcode($msg['body']))));
$res = mail($importer['email'], t("New mail received at ") . $a->config['sitename'], $email_tpl, t("From: Administrator@") . $a->get_hostname());
}
xml_status(0);
return;
// NOTREACHED
}
if ($importer['readonly'] && !x($a->config['rockstar'])) {
// This contact is readonly and we're going to ignore him/her, except if we're in
// RockStar configuration. Us rockstars wan't people to talk about us. We just don't
// want to have to deal with them individually. So our "readonly" fans can post to
// our wall and comment, but they can't send us email.
xml_status(0);
return;
// NOTREACHED
}
foreach ($feed->get_items() as $item) {
$deleted = false;
$rawdelete = $item->get_item_tags("http://purl.org/atompub/tombstones/1.0", 'deleted-entry');
if (isset($rawdelete[0]['attribs']['']['ref'])) {
$uri = $rawthread[0]['attribs']['']['ref'];
$deleted = true;
if (isset($rawdelete[0]['attribs']['']['when'])) {
$when = $rawthread[0]['attribs']['']['when'];
$when = datetime_convert('UTC', 'UTC', $when, 'Y-m-d H:i:s');
} else {
$when = datetime_convert('UTC', 'UTC', 'now', 'Y-m-d H:i:s');
}
}
if ($deleted) {
$r = q("SELECT * FROM `item` WHERE `uri` = '%s' LIMIT 1", dbesc($uri));
if (count($r)) {
$item = $r[0];
if ($item['uri'] == $item['parent-uri']) {
$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s' , `changed` = '%s'\n\t\t\t\t\t\tWHERE `parent-uri` = '%s'", dbesc($when), dbesc(datetime_convert()), dbesc($item['uri']));
} else {
$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s' , `changed` = '%s' \n\t\t\t\t\t\tWHERE `uri` = '%s' LIMIT 1", dbesc($when), dbesc(datetime_convert()), dbesc($uri));
}
if ($item['last-child']) {
// ensure that last-child is set in case the comment that had it just got wiped.
$q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' ", dbesc(datetime_convert()), dbesc($item['parent-uri']));
// who is the last child now?
$r = q("SELECT `id` FROM `item` WHERE `parent-uri` = '%s' AND `type` != 'activity' AND `deleted` = 0 \n\t\t\t\t\t\tORDER BY `edited` DESC LIMIT 1", dbesc($item['parent-uri']));
if (count($r)) {
q("UPDATE `item` SET `last-child` = 1 WHERE `id` = %d LIMIT 1", intval($r[0]['id']));
}
}
}
continue;
}
$is_reply = false;
$item_id = $item->get_id();
$rawthread = $item->get_item_tags("http://purl.org/syndication/thread/1.0", 'in-reply-to');
if (isset($rawthread[0]['attribs']['']['ref'])) {
$is_reply = true;
$parent_uri = $rawthread[0]['attribs']['']['ref'];
}
if ($is_reply) {
if ($feed->get_item_quantity() == 1) {
// remote reply to our post. Import and then notify everybody else.
$datarray = get_atom_elements($item);
$datarray['wall'] = 1;
$datarray['type'] = 'remote-comment';
$datarray['parent-uri'] = $parent_uri;
$datarray['contact-id'] = $importer['id'];
$posted_id = post_remote($a, $datarray);
if ($posted_id) {
$r = q("SELECT `parent` FROM `item` WHERE `id` = %d LIMIT 1", intval($posted_id));
if (count($r)) {
$r1 = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent` = %d", dbesc(datetime_convert()), intval($r[0]['parent']));
}
$r2 = q("UPDATE `item` SET `last-child` = 1, `changed` = '%s' WHERE `id` = %d LIMIT 1", dbesc(datetime_convert()), intval($posted_id));
$php_path = strlen($a->config['php_path']) ? $a->config['php_path'] : 'php';
proc_close(proc_open("\"{$php_path}\" \"include/notifier.php\" \"comment-import\" \"{$posted_id}\" &", array(), $foo));
if ($importer['notify-flags'] & NOTIFY_COMMENT && !$importer['self']) {
require_once 'bbcode.php';
$from = stripslashes($datarray['author-name']);
$tpl = file_get_contents('view/cmnt_received_eml.tpl');
$email_tpl = replace_macros($tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => $importer['username'], '$email' => $importer['email'], '$from' => $from, '$body' => strip_tags(bbcode(stripslashes($datarray['body'])))));
$res = mail($importer['email'], $from . t(" commented on your item at ") . $a->config['sitename'], $email_tpl, t("From: Administrator@") . $a->get_hostname());
}
}
xml_status(0);
return;
} else {
// regular comment that is part of this total conversation. Have we seen it? If not, import it.
$item_id = $item->get_id();
$r = q("SELECT `last-child`, `edited` FROM `item` WHERE `uri` = '%s' LIMIT 1", dbesc($item_id));
// FIXME update content if 'updated' changes
if (count($r)) {
$allow = $item->get_item_tags(NAMESPACE_DFRN, 'comment-allow');
if ($allow && $allow[0]['data'] != $r[0]['last-child']) {
$r = q("UPDATE `item` SET `last-child` = %d, `changed` = '%s' WHERE `uri` = '%s' LIMIT 1", intval($allow[0]['data']), dbesc(datetime_convert()), dbesc($item_id));
}
continue;
}
$datarray = get_atom_elements($item);
$datarray['parent-uri'] = $parent_uri;
$datarray['contact-id'] = $importer['id'];
$r = post_remote($a, $datarray);
// find out if our user is involved in this conversation and wants to be notified.
if ($importer['notify-flags'] & NOTIFY_COMMENT) {
$myconv = q("SELECT `author-link` FROM `item` WHERE `parent-uri` = '%s'", dbesc($parent_uri));
if (count($myconv)) {
foreach ($myconv as $conv) {
if ($conv['author-link'] != $importer['url']) {
continue;
}
require_once 'bbcode.php';
$from = stripslashes($datarray['author-name']);
$tpl = file_get_contents('view/cmnt_received_eml.tpl');
$email_tpl = replace_macros($tpl, array('$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$username' => $importer['username'], '$email' => $importer['email'], '$from' => $from, '$body' => strip_tags(bbcode(stripslashes($datarray['body'])))));
$res = mail($importer['email'], $from . t(" commented on an item at ") . $a->config['sitename'], $email_tpl, t("From: Administrator@") . $a->get_hostname());
break;
}
}
}
continue;
}
} else {
// Head post of a conversation. Have we seen it? If not, import it.
$item_id = $item->get_id();
$r = q("SELECT `last-child`, `edited` FROM `item` WHERE `uri` = '%s' LIMIT 1", dbesc($item_id));
if (count($r)) {
$allow = $item->get_item_tags(NAMESPACE_DFRN, 'comment-allow');
if ($allow && $allow[0]['data'] != $r[0]['last-child']) {
$r = q("UPDATE `item` SET `last-child` = %d, `changed` = '%s' WHERE `uri` = '%s' LIMIT 1", intval($allow[0]['data']), dbesc(datetime_convert()), dbesc($item_id));
}
continue;
}
$datarray = get_atom_elements($item);
$datarray['parent-uri'] = $item_id;
$datarray['contact-id'] = $importer['id'];
$r = post_remote($a, $datarray);
continue;
}
}
xml_status(0);
killme();
}
function diaspora_profile($importer, $xml)
{
$a = get_app();
$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
$contact = diaspora_get_contact_by_handle($importer['uid'], $diaspora_handle);
if (!$contact) {
return;
}
if ($contact['blocked']) {
logger('diaspora_post: Ignoring this author.');
return 202;
}
$name = unxmlify($xml->first_name) . (strlen($xml->last_name) ? ' ' . unxmlify($xml->last_name) : '');
$image_url = unxmlify($xml->image_url);
$birthday = unxmlify($xml->birthday);
$r = q("SELECT DISTINCT ( `resource-id` ) FROM `photo` WHERE `uid` = %d AND `contact-id` = %d AND `album` = 'Contact Photos' ", intval($importer['uid']), intval($contact['id']));
$oldphotos = count($r) ? $r : null;
require_once 'include/Photo.php';
$images = import_profile_photo($image_url, $importer['uid'], $contact['id']);
// Generic birthday. We don't know the timezone. The year is irrelevant.
$birthday = str_replace('1000', '1901', $birthday);
$birthday = datetime_convert('UTC', 'UTC', $birthday, 'Y-m-d');
// this is to prevent multiple birthday notifications in a single year
// if we already have a stored birthday and the 'm-d' part hasn't changed, preserve the entry, which will preserve the notify year
if (substr($birthday, 5) === substr($contact['bd'], 5)) {
$birthday = $contact['bd'];
}
$r = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s', `photo` = '%s', `thumb` = '%s', `micro` = '%s', `avatar-date` = '%s' , `bd` = '%s' WHERE `id` = %d AND `uid` = %d LIMIT 1", dbesc($name), dbesc(datetime_convert()), dbesc($images[0]), dbesc($images[1]), dbesc($images[2]), dbesc(datetime_convert()), dbesc($birthday), intval($contact['id']), intval($importer['uid']));
if ($r) {
if ($oldphotos) {
foreach ($oldphotos as $ph) {
q("DELETE FROM `photo` WHERE `uid` = %d AND `contact-id` = %d AND `album` = 'Contact Photos' AND `resource-id` = '%s' ", intval($importer['uid']), intval($contact['id']), dbesc($ph['resource-id']));
}
}
}
return;
}
function network_content(&$a, $update = 0)
{
require_once 'include/conversation.php';
if (!local_user()) {
$_SESSION['return_url'] = $a->query_string;
return login(false);
}
$arr = array('query' => $a->query_string);
call_hooks('network_content_init', $arr);
$o = '';
// item filter tabs
// TODO: fix this logic, reduce duplication
//$a->page['content'] .= '<div class="tabs-wrapper">';
$starred_active = '';
$new_active = '';
$bookmarked_active = '';
$all_active = '';
$search_active = '';
$conv_active = '';
$spam_active = '';
if ($a->argc > 1 && $a->argv[1] === 'new' || $a->argc > 2 && $a->argv[2] === 'new') {
$new_active = 'active';
}
if (x($_GET, 'search')) {
$search_active = 'active';
}
if (x($_GET, 'star')) {
$starred_active = 'active';
}
if (x($_GET, 'bmark')) {
$bookmarked_active = 'active';
}
if (x($_GET, 'conv')) {
$conv_active = 'active';
}
if (x($_GET, 'spam')) {
$spam_active = 'active';
}
if ($new_active == '' && $starred_active == '' && $bookmarked_active == '' && $conv_active == '' && $search_active == '' && $spam_active == '') {
$all_active = 'active';
}
$postord_active = '';
if ($all_active && x($_GET, 'order') && $_GET['order'] !== 'comment') {
$all_active = '';
$postord_active = 'active';
}
// tabs
$tabs = array(array('label' => t('Commented Order'), 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . (x($_GET, 'cid') ? '?f=&cid=' . $_GET['cid'] : ''), 'sel' => $all_active, 'title' => t('Sort by Comment Date')), array('label' => t('Posted Order'), 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . '?f=&order=post' . (x($_GET, 'cid') ? '&cid=' . $_GET['cid'] : ''), 'sel' => $postord_active, 'title' => t('Sort by Post Date')), array('label' => t('Personal'), 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . (x($_GET, 'cid') ? '/?f=&cid=' . $_GET['cid'] : '') . '&conv=1', 'sel' => $conv_active, 'title' => t('Posts that mention or involve you')), array('label' => t('New'), 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . '/new' . (x($_GET, 'cid') ? '/?f=&cid=' . $_GET['cid'] : ''), 'sel' => $new_active, 'title' => t('Activity Stream - by date')), array('label' => t('Starred'), 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . (x($_GET, 'cid') ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1', 'sel' => $starred_active, 'title' => t('Favourite Posts')), array('label' => t('Shared Links'), 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $a->cmd) . (x($_GET, 'cid') ? '/?f=&cid=' . $_GET['cid'] : '') . '&bmark=1', 'sel' => $bookmarked_active, 'title' => t('Interesting Links')));
$arr = array('tabs' => $tabs);
call_hooks('network_tabs', $arr);
$o .= replace_macros(get_markup_template('common_tabs.tpl'), array('$tabs' => $arr['tabs']));
// --- end item filter tabs
$contact_id = $a->cid;
$group = 0;
$nouveau = false;
require_once 'include/acl_selectors.php';
$cid = x($_GET, 'cid') ? intval($_GET['cid']) : 0;
$star = x($_GET, 'star') ? intval($_GET['star']) : 0;
$bmark = x($_GET, 'bmark') ? intval($_GET['bmark']) : 0;
$order = x($_GET, 'order') ? notags($_GET['order']) : 'comment';
$liked = x($_GET, 'liked') ? intval($_GET['liked']) : 0;
$conv = x($_GET, 'conv') ? intval($_GET['conv']) : 0;
$spam = x($_GET, 'spam') ? intval($_GET['spam']) : 0;
$nets = x($_GET, 'nets') ? $_GET['nets'] : '';
$cmin = x($_GET, 'cmin') ? intval($_GET['cmin']) : 0;
$cmax = x($_GET, 'cmax') ? intval($_GET['cmax']) : 99;
$file = x($_GET, 'file') ? $_GET['file'] : '';
if ($a->argc > 2 && $a->argv[2] === 'new') {
$nouveau = true;
}
if ($a->argc > 1) {
if ($a->argv[1] === 'new') {
$nouveau = true;
} else {
$group = intval($a->argv[1]);
$def_acl = array('allow_gid' => '<' . $group . '>');
}
}
if (x($_GET, 'search') || x($_GET, 'file')) {
$nouveau = true;
}
if ($cid) {
$def_acl = array('allow_cid' => '<' . intval($cid) . '>');
}
if ($nets) {
$r = q("select id from contact where uid = %d and network = '%s' and self = 0", intval(local_user()), dbesc($nets));
$str = '';
if (count($r)) {
foreach ($r as $rr) {
$str .= '<' . $rr['id'] . '>';
}
}
if (strlen($str)) {
$def_acl = array('allow_cid' => $str);
}
}
if (!$update) {
if ($group) {
if (($t = group_public_members($group)) && !get_pconfig(local_user(), 'system', 'nowarn_insecure')) {
notice(sprintf(tt('Warning: This group contains %s member from an insecure network.', 'Warning: This group contains %s members from an insecure network.', $t), $t) . EOL);
notice(t('Private messages to this group are at risk of public disclosure.') . EOL);
}
}
nav_set_selected('network');
$celeb = $a->user['page-flags'] == PAGE_SOAPBOX || $a->user['page-flags'] == PAGE_COMMUNITY ? true : false;
$x = array('is_owner' => true, 'allow_location' => $a->user['allow_location'], 'default_location' => $a->user['default-location'], 'nickname' => $a->user['nickname'], 'lockstate' => $group || $cid || $nets || is_array($a->user) && (strlen($a->user['allow_cid']) || strlen($a->user['allow_gid']) || strlen($a->user['deny_cid']) || strlen($a->user['deny_gid'])) ? 'lock' : 'unlock', 'acl' => populate_acl($group || $cid || $nets ? $def_acl : $a->user, $celeb), 'bang' => $group || $cid || $nets ? '!' : '', 'visitor' => 'block', 'profile_uid' => local_user());
$o .= status_editor($a, $x);
}
// We don't have to deal with ACL's on this page. You're looking at everything
// that belongs to you, hence you can see all of it. We will filter by group if
// desired.
$sql_options = $star ? " and starred = 1 " : '';
$sql_options .= $bmark ? " and bookmark = 1 " : '';
$sql_nets = $nets ? sprintf(" and `contact`.`network` = '%s' ", dbesc($nets)) : '';
$sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` {$sql_options} ) ";
if ($group) {
$r = q("SELECT `name`, `id` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($group), intval($_SESSION['uid']));
if (!count($r)) {
if ($update) {
killme();
}
notice(t('No such group') . EOL);
goaway($a->get_baseurl(true) . '/network');
// NOTREACHED
}
$contacts = expand_groups(array($group));
if (is_array($contacts) && count($contacts)) {
$contact_str = implode(',', $contacts);
} else {
$contact_str = ' 0 ';
info(t('Group is empty'));
}
$sql_extra = " AND `item`.`parent` IN ( SELECT DISTINCT(`parent`) FROM `item` WHERE 1 {$sql_options} AND ( `contact-id` IN ( {$contact_str} ) OR `allow_gid` like '" . protect_sprintf('%<' . intval($group) . '>%') . "' ) and deleted = 0 ) ";
$o = '<h2>' . t('Group: ') . $r[0]['name'] . '</h2>' . $o;
} elseif ($cid) {
$r = q("SELECT `id`,`name`,`network`,`writable`,`nurl` FROM `contact` WHERE `id` = %d \n\t\t\t\tAND `blocked` = 0 AND `pending` = 0 LIMIT 1", intval($cid));
if (count($r)) {
$sql_extra = " AND `item`.`parent` IN ( SELECT DISTINCT(`parent`) FROM `item` WHERE 1 {$sql_options} AND `contact-id` = " . intval($cid) . " and deleted = 0 ) ";
$o = '<h2>' . t('Contact: ') . $r[0]['name'] . '</h2>' . $o;
if ($r[0]['network'] === NETWORK_OSTATUS && $r[0]['writable'] && !get_pconfig(local_user(), 'system', 'nowarn_insecure')) {
notice(t('Private messages to this person are at risk of public disclosure.') . EOL);
}
} else {
notice(t('Invalid contact.') . EOL);
goaway($a->get_baseurl(true) . '/network');
// NOTREACHED
}
}
if (!$group && !$cid && !$update) {
$o .= get_birthdays();
$o .= get_events();
}
if (!$update) {
// The special div is needed for liveUpdate to kick in for this page.
// We only launch liveUpdate if you aren't filtering in some incompatible
// way and also you aren't writing a comment (discovered in javascript).
$o .= '<div id="live-network"></div>' . "\r\n";
$o .= "<script> var profile_uid = " . $_SESSION['uid'] . "; var netargs = '" . substr($a->cmd, 8) . '?f=' . (x($_GET, 'cid') ? '&cid=' . $_GET['cid'] : '') . (x($_GET, 'search') ? '&search=' . $_GET['search'] : '') . (x($_GET, 'star') ? '&star=' . $_GET['star'] : '') . (x($_GET, 'order') ? '&order=' . $_GET['order'] : '') . (x($_GET, 'bmark') ? '&bmark=' . $_GET['bmark'] : '') . (x($_GET, 'liked') ? '&liked=' . $_GET['liked'] : '') . (x($_GET, 'conv') ? '&conv=' . $_GET['conv'] : '') . (x($_GET, 'spam') ? '&spam=' . $_GET['spam'] : '') . (x($_GET, 'nets') ? '&nets=' . $_GET['nets'] : '') . (x($_GET, 'cmin') ? '&cmin=' . $_GET['cmin'] : '') . (x($_GET, 'cmax') ? '&cmax=' . $_GET['cmax'] : '') . (x($_GET, 'file') ? '&file=' . $_GET['file'] : '') . "'; var profile_page = " . $a->pager['page'] . "; </script>\r\n";
}
$sql_extra2 = $nouveau ? '' : " AND `item`.`parent` = `item`.`id` ";
if (x($_GET, 'search')) {
$search = escape_tags($_GET['search']);
if (get_config('system', 'use_fulltext_engine')) {
if (strpos($search, '#') === 0) {
$sql_extra .= sprintf(" AND (MATCH(tag) AGAINST ('" . '"%s"' . "' in boolean mode)) ", dbesc(protect_sprintf($search)));
} else {
$sql_extra .= sprintf(" AND (MATCH(`item`.`body`) AGAINST ('" . '"%s"' . "' in boolean mode) or MATCH(tag) AGAINST ('" . '"%s"' . "' in boolean mode)) ", dbesc(protect_sprintf($search)), dbesc(protect_sprintf($search)));
}
} else {
$sql_extra .= sprintf(" AND ( `item`.`body` like '%s' OR `item`.`tag` like '%s' ) ", dbesc(protect_sprintf('%' . $search . '%')), dbesc(protect_sprintf('%]' . $search . '[%')));
}
}
if (strlen($file)) {
$sql_extra .= file_tag_file_query('item', unxmlify($file));
}
if ($conv) {
$myurl = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
$myurl = substr($myurl, strpos($myurl, '://') + 3);
$myurl = str_replace('www.', '', $myurl);
$diasp_url = str_replace('/profile/', '/u/', $myurl);
if (get_config('system', 'use_fulltext_engine')) {
$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where (MATCH(`author-link`) AGAINST ('" . '"%s"' . "' in boolean mode) or MATCH(`tag`) AGAINST ('" . '"%s"' . "' in boolean mode) or MATCH(tag) AGAINST ('" . '"%s"' . "' in boolean mode))) ", dbesc(protect_sprintf($myurl)), dbesc(protect_sprintf($myurl)), dbesc(protect_sprintf($diasp_url)));
} else {
$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ", dbesc(protect_sprintf('%' . $myurl)), dbesc(protect_sprintf('%' . $myurl . ']%')), dbesc(protect_sprintf('%' . $diasp_url . ']%')));
}
}
if ($update) {
// only setup pagination on initial page view
$pager_sql = '';
} else {
$r = q("SELECT COUNT(*) AS `total`\n\t\t\tFROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t{$sql_extra2}\n\t\t\t{$sql_extra} {$sql_nets} ", intval($_SESSION['uid']));
if (count($r)) {
$a->set_pager_total($r[0]['total']);
$itemspage_network = get_pconfig(local_user(), 'system', 'itemspage_network');
$a->set_pager_itemspage(intval($itemspage_network) ? $itemspage_network : 40);
}
$pager_sql = sprintf(" LIMIT %d, %d ", intval($a->pager['start']), intval($a->pager['itemspage']));
}
$simple_update = $update ? " and `item`.`unseen` = 1 " : '';
if ($nouveau) {
// "New Item View" - show all items unthreaded in reverse created date order
$items = q("SELECT `item`.*, `item`.`id` AS `item_id`, \n\t\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`,\n\t\t\t`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,\n\t\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`\n\t\t\tFROM `item`, `contact`\n\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 \n\t\t\tAND `item`.`deleted` = 0 and `item`.`moderated` = 0\n\t\t\t{$simple_update}\n\t\t\tAND `contact`.`id` = `item`.`contact-id`\n\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t{$sql_extra} {$sql_nets}\n\t\t\tORDER BY `item`.`received` DESC {$pager_sql} ", intval($_SESSION['uid']));
} else {
// Normal conversation view
if ($order === 'post') {
$ordering = "`created`";
} else {
$ordering = "`commented`";
}
// Fetch a page full of parent items for this page
if ($update) {
$r = q("SELECT `parent` AS `item_id`, `contact`.`uid` AS `contact_uid`\n\t\t\t\tFROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\t\t\tand `item`.`moderated` = 0 and `item`.`unseen` = 1\n\t\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t\t{$sql_extra} {$sql_nets} ", intval(local_user()));
} else {
$r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact_uid`\n\t\t\t\tFROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\t\t\tAND `item`.`moderated` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t\tAND `item`.`parent` = `item`.`id`\n\t\t\t\t{$sql_extra} {$sql_nets}\n\t\t\t\tORDER BY `item`.{$ordering} DESC {$pager_sql} ", intval(local_user()));
}
// Then fetch all the children of the parents that are on this page
$parents_arr = array();
$parents_str = '';
if (count($r)) {
foreach ($r as $rr) {
if (!in_array($rr['item_id'], $parents_arr)) {
$parents_arr[] = $rr['item_id'];
}
}
$parents_str = implode(', ', $parents_arr);
$items = q("SELECT `item`.*, `item`.`id` AS `item_id`,\n\t\t\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`, `contact`.`writable`,\n\t\t\t\t`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,\n\t\t\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`\n\t\t\t\tFROM `item`, `contact`\n\t\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\t\t\tAND `item`.`moderated` = 0 AND `contact`.`id` = `item`.`contact-id`\n\t\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t\tAND `item`.`parent` IN ( %s )\n\t\t\t\t{$sql_extra} ", intval(local_user()), dbesc($parents_str));
$items = conv_sort($items, $ordering);
} else {
$items = array();
}
}
// We aren't going to try and figure out at the item, group, and page
// level which items you've seen and which you haven't. If you're looking
// at the top level network page just mark everything seen.
if (!$group && !$cid && !$star) {
$r = q("UPDATE `item` SET `unseen` = 0 \n\t\t\tWHERE `unseen` = 1 AND `uid` = %d", intval(local_user()));
}
// Set this so that the conversation function can find out contact info for our wall-wall items
$a->page_contact = $a->contact;
$mode = $nouveau ? 'network-new' : 'network';
$o .= conversation($a, $items, $mode, $update);
if (!$update) {
$o .= paginate($a);
}
return $o;
}
/**
* @param object $feed
* @param array $item
* @param[out] array $author
* @return multitype:multitype: string NULL number Ambigous <NULL, string, number> Ambigous <mixed, string> Ambigous <multitype:multitype:string Ambigous <NULL, string> , multitype:multitype:string unknown > multitype:NULL unknown
*/
function get_atom_elements($feed, $item, &$author)
{
//$best_photo = array();
$res = array();
$found_author = $item->get_author();
if ($found_author) {
$author['author_name'] = unxmlify($found_author->get_name());
$author['author_link'] = unxmlify($found_author->get_link());
$author['author_is_feed'] = false;
} else {
$author['author_name'] = unxmlify($feed->get_title());
$author['author_link'] = unxmlify($feed->get_permalink());
$author['author_is_feed'] = true;
}
if (substr($author['author_link'], -1, 1) == '/') {
$author['author_link'] = substr($author['author_link'], 0, -1);
}
$res['mid'] = base64url_encode(unxmlify($item->get_id()));
$res['title'] = unxmlify($item->get_title());
$res['body'] = unxmlify($item->get_content());
$res['plink'] = unxmlify($item->get_link(0));
$res['item_flags'] = ITEM_RSS;
// removing the content of the title if its identically to the body
// This helps with auto generated titles e.g. from tumblr
if (title_is_body($res["title"], $res["body"])) {
$res['title'] = "";
}
if ($res['plink']) {
$base_url = implode('/', array_slice(explode('/', $res['plink']), 0, 3));
} else {
$base_url = '';
}
// look for a photo. We should check media size and find the best one,
// but for now let's just find any author photo
$rawauthor = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
if ($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
$base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
foreach ($base as $link) {
if (!x($author, 'author_photo') || !$author['author_photo']) {
if ($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') {
$author['author_photo'] = unxmlify($link['attribs']['']['href']);
}
}
}
}
$rawactor = $item->get_item_tags(NAMESPACE_ACTIVITY, 'actor');
if ($rawactor && activity_match($rawactor[0]['child'][NAMESPACE_ACTIVITY]['obj_type'][0]['data'], ACTIVITY_OBJ_PERSON)) {
$base = $rawactor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
if ($base && count($base)) {
foreach ($base as $link) {
if ($link['attribs']['']['rel'] === 'alternate' && !$res['author_link']) {
$author['author_link'] = unxmlify($link['attribs']['']['href']);
}
if (!x($author, 'author_photo') || !$author['author_photo']) {
if ($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo') {
$author['author_photo'] = unxmlify($link['attribs']['']['href']);
}
}
}
}
}
// check for a yahoo media element (github etc.)
if (!$author['author_photo']) {
$rawmedia = $item->get_item_tags(NAMESPACE_YMEDIA, 'thumbnail');
if ($rawmedia && $rawmedia[0]['attribs']['']['url']) {
$author['author_photo'] = strip_tags(unxmlify($rawmedia[0]['attribs']['']['url']));
}
}
// No photo/profile-link on the item - look at the feed level
if (!x($author, 'author_link') || !x($author, 'author_photo')) {
$rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
if ($rawauthor && $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
$base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
foreach ($base as $link) {
if ($link['attribs']['']['rel'] === 'alternate' && !$author['author_link']) {
$author['author_link'] = unxmlify($link['attribs']['']['href']);
$author['author_is_feed'] = true;
}
if (!$author['author_photo']) {
if ($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') {
$author['author_photo'] = unxmlify($link['attribs']['']['href']);
}
}
}
}
$rawactor = $feed->get_feed_tags(NAMESPACE_ACTIVITY, 'subject');
if ($rawactor && activity_match($rawactor[0]['child'][NAMESPACE_ACTIVITY]['obj_type'][0]['data'], ACTIVITY_OBJ_PERSON)) {
$base = $rawactor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
if ($base && count($base)) {
foreach ($base as $link) {
if ($link['attribs']['']['rel'] === 'alternate' && !$res['author_link']) {
$author['author_link'] = unxmlify($link['attribs']['']['href']);
}
if (!x($author, 'author_photo')) {
if ($link['attribs']['']['rel'] === 'avatar' || $link['attribs']['']['rel'] === 'photo') {
$author['author_photo'] = unxmlify($link['attribs']['']['href']);
}
}
}
}
}
}
$apps = $item->get_item_tags(NAMESPACE_STATUSNET, 'notice_info');
if ($apps && $apps[0]['attribs']['']['source']) {
$res['app'] = strip_tags(unxmlify($apps[0]['attribs']['']['source']));
}
/*
* If there's a copy of the body content which is guaranteed to have survived mangling in transit, use it.
*/
$have_real_body = false;
$rawenv = $item->get_item_tags(NAMESPACE_DFRN, 'env');
if ($rawenv) {
$have_real_body = true;
$res['body'] = $rawenv[0]['data'];
$res['body'] = str_replace(array(' ', "\t", "\r", "\n"), array('', '', '', ''), $res['body']);
// make sure nobody is trying to sneak some html tags by us
$res['body'] = notags(base64url_decode($res['body']));
// We could probably turn these old Friendica bbcode bookmarks into bookmark tags but we'd have to
// create a term table item for them. For now just make sure they stay as links.
$res['body'] = preg_replace('/\\[bookmark(.*?)\\](.*?)\\[\\/bookmark\\]/', '[url$1]$2[/url]', $res['body']);
}
$res['body'] = limit_body_size($res['body']);
// It isn't certain at this point whether our content is plaintext or html and we'd be foolish to trust
// the content type. Our own network only emits text normally, though it might have been converted to
// html if we used a pubsubhubbub transport. But if we see even one html tag in our text, we will
// have to assume it is all html and needs to be purified.
// It doesn't matter all that much security wise - because before this content is used anywhere, we are
// going to escape any tags we find regardless, but this lets us import a limited subset of html from
// the wild, by sanitising it and converting supported tags to bbcode before we rip out any remaining
// html.
if (strpos($res['body'], '<') !== false && strpos($res['body'], '>') !== false) {
$res['body'] = reltoabs($res['body'], $base_url);
$res['body'] = html2bb_video($res['body']);
$res['body'] = oembed_html2bbcode($res['body']);
$res['body'] = purify_html($res['body']);
$res['body'] = @html2bbcode($res['body']);
} elseif (!$have_real_body) {
// it's not one of our messages and it has no tags
// so it's probably just text. We'll escape it just to be safe.
$res['body'] = escape_tags($res['body']);
}
if ($res['plink'] && $res['title']) {
$res['body'] = '#^[url=' . $res['plink'] . ']' . $res['title'] . '[/url]' . "\n\n" . $res['body'];
$terms = array();
$terms[] = array('otype' => TERM_OBJ_POST, 'type' => TERM_BOOKMARK, 'url' => $res['plink'], 'term' => $res['title']);
} elseif ($res['plink']) {
$res['body'] = '#^[url]' . $res['plink'] . '[/url]' . "\n\n" . $res['body'];
$terms = array();
$terms[] = array('otype' => TERM_OBJ_POST, 'type' => TERM_BOOKMARK, 'url' => $res['plink'], 'term' => $res['plink']);
}
$private = $item->get_item_tags(NAMESPACE_DFRN, 'private');
if ($private && intval($private[0]['data']) > 0) {
$res['item_private'] = intval($private[0]['data']) ? 1 : 0;
} else {
$res['item_private'] = 0;
}
$rawlocation = $item->get_item_tags(NAMESPACE_DFRN, 'location');
if ($rawlocation) {
$res['location'] = unxmlify($rawlocation[0]['data']);
}
$rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'published');
if ($rawcreated) {
$res['created'] = unxmlify($rawcreated[0]['data']);
}
$rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'updated');
if ($rawedited) {
$res['edited'] = unxmlify($rawedited[0]['data']);
}
if (x($res, 'edited') && !x($res, 'created')) {
$res['created'] = $res['edited'];
}
if (!$res['created']) {
$res['created'] = $item->get_date('c');
}
if (!$res['edited']) {
$res['edited'] = $item->get_date('c');
}
// Disallow time travelling posts
$d1 = strtotime($res['created']);
$d2 = strtotime($res['edited']);
$d3 = strtotime('now');
if ($d1 > $d3) {
$res['created'] = datetime_convert();
}
if ($d2 > $d3) {
$res['edited'] = datetime_convert();
}
$res['created'] = datetime_convert('UTC', 'UTC', $res['created']);
$res['edited'] = datetime_convert('UTC', 'UTC', $res['edited']);
$rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner');
if (!$rawowner) {
$rawowner = $item->get_item_tags(NAMESPACE_ZOT, 'owner');
}
if ($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']) {
$author['owner_name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']);
} elseif ($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']) {
$author['owner_name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']);
}
if ($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']) {
$author['owner_link'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']);
} elseif ($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']) {
$author['owner_link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']);
}
if ($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
$base = $rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
foreach ($base as $link) {
if (!x($author, 'owner_photo') || !$author['owner_photo']) {
if ($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') {
$author['owner_photo'] = unxmlify($link['attribs']['']['href']);
}
}
}
}
$rawgeo = $item->get_item_tags(NAMESPACE_GEORSS, 'point');
if ($rawgeo) {
$res['coord'] = unxmlify($rawgeo[0]['data']);
}
$rawverb = $item->get_item_tags(NAMESPACE_ACTIVITY, 'verb');
// select between supported verbs
if ($rawverb) {
$res['verb'] = unxmlify($rawverb[0]['data']);
}
// translate OStatus unfollow to activity streams if it happened to get selected
if (x($res, 'verb') && $res['verb'] === 'http://ostatus.org/schema/1.0/unfollow') {
$res['verb'] = ACTIVITY_UNFOLLOW;
}
$cats = $item->get_categories();
if ($cats) {
if (is_null($terms)) {
$terms = array();
}
foreach ($cats as $cat) {
$term = $cat->get_term();
if (!$term) {
$term = $cat->get_label();
}
$scheme = $cat->get_scheme();
$termurl = '';
if ($scheme && $term && stristr($scheme, 'X-DFRN:')) {
$termtype = substr($scheme, 7, 1) === '#' ? TERM_HASHTAG : TERM_MENTION;
$termurl = unxmlify(substr($scheme, 9));
} else {
$termtype = TERM_CATEGORY;
}
$termterm = notags(trim(unxmlify($term)));
if ($termterm) {
$terms[] = array('otype' => TERM_OBJ_POST, 'type' => $termtype, 'url' => $termurl, 'term' => $termterm);
}
}
}
if (!is_null($terms)) {
$res['term'] = $terms;
}
$attach = $item->get_enclosures();
if ($attach) {
$res['attach'] = array();
foreach ($attach as $att) {
$len = intval($att->get_length());
$link = str_replace(array(',', '"'), array('%2D', '%22'), notags(trim(unxmlify($att->get_link()))));
$title = str_replace(array(',', '"'), array('%2D', '%22'), notags(trim(unxmlify($att->get_title()))));
$type = str_replace(array(',', '"'), array('%2D', '%22'), notags(trim(unxmlify($att->get_type()))));
if (strpos($type, ';')) {
$type = substr($type, 0, strpos($type, ';'));
}
if (!$link || strpos($link, 'http') !== 0) {
continue;
}
if (!$title) {
$title = ' ';
}
if (!$type) {
$type = 'application/octet-stream';
}
$res['attach'][] = array('href' => $link, 'length' => $len, 'type' => $type, 'title' => $title);
}
}
$rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'object');
if ($rawobj) {
$obj = array();
$child = $rawobj[0]['child'];
if ($child[NAMESPACE_ACTIVITY]['obj_type'][0]['data']) {
$res['obj_type'] = $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data'];
$obj['type'] = $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data'];
}
if (x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'id') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data']) {
$obj['id'] = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'];
}
if (x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'link') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
$obj['link'] = encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']);
}
if (x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'title') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data']) {
$obj['title'] = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'];
}
if (x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'content') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) {
$body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data'];
if (!$body) {
$body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
}
// preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events
$obj['orig'] = xmlify($body);
if (strpos($body, '<') !== false || strpos($body, '>') !== false) {
$body = purify_html($body);
$body = html2bbcode($body);
}
$obj['content'] = $body;
}
$res['object'] = $obj;
}
$rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'target');
if ($rawobj) {
$obj = array();
$child = $rawobj[0]['child'];
if ($child[NAMESPACE_ACTIVITY]['obj_type'][0]['data']) {
$res['tgt_type'] = $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data'];
$obj['type'] = $child[NAMESPACE_ACTIVITY]['obj_type'][0]['data'];
}
if (x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'id') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data']) {
$obj['id'] = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['id'][0]['data'];
}
if (x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'link') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
$obj['link'] = encode_rel_links($child[SIMPLEPIE_NAMESPACE_ATOM_10]['link']);
}
if (x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'title') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data']) {
$obj['title'] = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['title'][0]['data'];
}
if (x($child[SIMPLEPIE_NAMESPACE_ATOM_10], 'content') && $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data']) {
$body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['content'][0]['data'];
if (!$body) {
$body = $child[SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
}
// preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events
$obj['orig'] = xmlify($body);
if (strpos($body, '<') !== false || strpos($body, '>') !== false) {
$body = purify_html($body);
$body = html2bbcode($body);
}
$obj['content'] = $body;
}
$res['target'] = $obj;
}
$res['public_policy'] = 'specific';
$res['comment_policy'] = 'none';
$arr = array('feed' => $feed, 'item' => $item, 'result' => $res);
call_hooks('parse_atom', $arr);
logger('get_atom_elements: author: ' . print_r($author, true), LOGGER_DATA);
logger('get_atom_elements: ' . print_r($res, true), LOGGER_DATA);
return $res;
}
function probe_url($url, $mode = PROBE_NORMAL, $level = 1)
{
require_once 'include/email.php';
$result = array();
if (!$url) {
return $result;
}
$result = Cache::get("probe_url:" . $mode . ":" . $url);
if (!is_null($result)) {
$result = unserialize($result);
return $result;
}
$network = null;
$diaspora = false;
$diaspora_base = '';
$diaspora_guid = '';
$diaspora_key = '';
$has_lrdd = false;
$email_conversant = false;
$connectornetworks = false;
$appnet = false;
if (strpos($url, 'twitter.com')) {
$connectornetworks = true;
$network = NETWORK_TWITTER;
}
// Twitter is deactivated since twitter closed its old API
//$twitter = ((strpos($url,'twitter.com') !== false) ? true : false);
$lastfm = strpos($url, 'last.fm/user') !== false ? true : false;
$at_addr = strpos($url, '@') !== false ? true : false;
if (!$appnet && !$lastfm && !$connectornetworks) {
if (strpos($url, 'mailto:') !== false && $at_addr) {
$url = str_replace('mailto:', '', $url);
$links = array();
} else {
$links = lrdd($url);
}
if (count($links)) {
$has_lrdd = true;
logger('probe_url: found lrdd links: ' . print_r($links, true), LOGGER_DATA);
foreach ($links as $link) {
if ($link['@attributes']['rel'] === NAMESPACE_ZOT) {
$zot = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === NAMESPACE_DFRN) {
$dfrn = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === 'salmon') {
$notify = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === NAMESPACE_FEED) {
$poll = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === 'http://microformats.org/profile/hcard') {
$hcard = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') {
$profile = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === 'http://portablecontacts.net/spec/1.0') {
$poco = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === 'http://joindiaspora.com/seed_location') {
$diaspora_base = unamp($link['@attributes']['href']);
$diaspora = true;
}
if ($link['@attributes']['rel'] === 'http://joindiaspora.com/guid') {
$diaspora_guid = unamp($link['@attributes']['href']);
$diaspora = true;
}
if ($link['@attributes']['rel'] === 'diaspora-public-key') {
$diaspora_key = base64_decode(unamp($link['@attributes']['href']));
if (strstr($diaspora_key, 'RSA ')) {
$pubkey = rsatopem($diaspora_key);
} else {
$pubkey = $diaspora_key;
}
$diaspora = true;
}
if ($link['@attributes']['rel'] === 'http://ostatus.org/schema/1.0/subscribe' and $mode == PROBE_NORMAL) {
$diaspora = false;
}
}
// Status.Net can have more than one profile URL. We need to match the profile URL
// to a contact on incoming messages to prevent spam, and we won't know which one
// to match. So in case of two, one of them is stored as an alias. Only store URL's
// and not webfinger user@host aliases. If they've got more than two non-email style
// aliases, let's hope we're lucky and get one that matches the feed author-uri because
// otherwise we're screwed.
foreach ($links as $link) {
if ($link['@attributes']['rel'] === 'alias') {
if (strpos($link['@attributes']['href'], '@') === false) {
if (isset($profile)) {
if ($link['@attributes']['href'] !== $profile) {
$alias = unamp($link['@attributes']['href']);
}
} else {
$profile = unamp($link['@attributes']['href']);
}
}
}
}
// If the profile is different from the url then the url is abviously an alias
if ($alias == "" and $profile != "" and !$at_addr and normalise_link($profile) != normalise_link($url)) {
$alias = $url;
}
} elseif ($mode == PROBE_NORMAL) {
// Check email
$orig_url = $url;
if (strpos($orig_url, '@') && validate_email($orig_url)) {
$x = q("SELECT `prvkey` FROM `user` WHERE `uid` = %d LIMIT 1", intval(local_user()));
$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1", intval(local_user()));
if (count($x) && count($r)) {
$mailbox = construct_mailbox_name($r[0]);
$password = '';
openssl_private_decrypt(hex2bin($r[0]['pass']), $password, $x[0]['prvkey']);
$mbox = email_connect($mailbox, $r[0]['user'], $password);
if (!$mbox) {
logger('probe_url: email_connect failed.');
}
unset($password);
}
if ($mbox) {
$msgs = email_poll($mbox, $orig_url);
logger('probe_url: searching ' . $orig_url . ', ' . count($msgs) . ' messages found.', LOGGER_DEBUG);
if (count($msgs)) {
$addr = $orig_url;
$network = NETWORK_MAIL;
$name = substr($url, 0, strpos($url, '@'));
$phost = substr($url, strpos($url, '@') + 1);
$profile = 'http://' . $phost;
// fix nick character range
$vcard = array('fn' => $name, 'nick' => $name, 'photo' => avatar_img($url));
$notify = 'smtp ' . random_string();
$poll = 'email ' . random_string();
$priority = 0;
$x = email_msg_meta($mbox, $msgs[0]);
if (stristr($x[0]->from, $orig_url)) {
$adr = imap_rfc822_parse_adrlist($x[0]->from, '');
} elseif (stristr($x[0]->to, $orig_url)) {
$adr = imap_rfc822_parse_adrlist($x[0]->to, '');
}
if (isset($adr)) {
foreach ($adr as $feadr) {
if (strcasecmp($feadr->mailbox, $name) == 0 && strcasecmp($feadr->host, $phost) == 0 && strlen($feadr->personal)) {
$personal = imap_mime_header_decode($feadr->personal);
$vcard['fn'] = "";
foreach ($personal as $perspart) {
if ($perspart->charset != "default") {
$vcard['fn'] .= iconv($perspart->charset, 'UTF-8//IGNORE', $perspart->text);
} else {
$vcard['fn'] .= $perspart->text;
}
}
$vcard['fn'] = notags($vcard['fn']);
}
}
}
}
imap_close($mbox);
}
}
}
}
if ($mode == PROBE_NORMAL) {
if (strlen($zot)) {
$s = fetch_url($zot);
if ($s) {
$j = json_decode($s);
if ($j) {
$network = NETWORK_ZOT;
$vcard = array('fn' => $j->fullname, 'nick' => $j->nickname, 'photo' => $j->photo);
$profile = $j->url;
$notify = $j->post;
$pubkey = $j->pubkey;
$poll = 'N/A';
}
}
}
if (strlen($dfrn)) {
$ret = scrape_dfrn($hcard ? $hcard : $dfrn, true);
if (is_array($ret) && x($ret, 'dfrn-request')) {
$network = NETWORK_DFRN;
$request = $ret['dfrn-request'];
$confirm = $ret['dfrn-confirm'];
$notify = $ret['dfrn-notify'];
$poll = $ret['dfrn-poll'];
$vcard = array();
$vcard['fn'] = $ret['fn'];
$vcard['nick'] = $ret['nick'];
$vcard['photo'] = $ret['photo'];
}
}
}
if ($diaspora && $diaspora_base && $diaspora_guid) {
if ($mode == PROBE_DIASPORA || !$notify) {
$notify = $diaspora_base . 'receive/users/' . $diaspora_guid;
$batch = $diaspora_base . 'receive/public';
}
if (strpos($url, '@')) {
$addr = str_replace('acct:', '', $url);
}
}
if ($network !== NETWORK_ZOT && $network !== NETWORK_DFRN && $network !== NETWORK_MAIL) {
if ($diaspora) {
$network = NETWORK_DIASPORA;
} elseif ($has_lrdd and $notify) {
$network = NETWORK_OSTATUS;
}
if (strpos($url, '@')) {
$addr = str_replace('acct:', '', $url);
}
$priority = 0;
if ($hcard && !$vcard) {
$vcard = scrape_vcard($hcard);
// Google doesn't use absolute url in profile photos
if (x($vcard, 'photo') && substr($vcard['photo'], 0, 1) == '/') {
$h = @parse_url($hcard);
if ($h) {
$vcard['photo'] = $h['scheme'] . '://' . $h['host'] . $vcard['photo'];
}
}
logger('probe_url: scrape_vcard: ' . print_r($vcard, true), LOGGER_DATA);
}
if ($diaspora && $addr) {
// Diaspora returns the name as the nick. As the nick will never be updated,
// let's use the Diaspora nickname (the first part of the handle) as the nick instead
$addr_parts = explode('@', $addr);
$vcard['nick'] = $addr_parts[0];
}
/* if($twitter) {
logger('twitter: setup');
$tid = basename($url);
$tapi = 'https://api.twitter.com/1/statuses/user_timeline.rss';
if(intval($tid))
$poll = $tapi . '?user_id=' . $tid;
else
$poll = $tapi . '?screen_name=' . $tid;
$profile = 'http://twitter.com/#!/' . $tid;
//$vcard['photo'] = 'https://api.twitter.com/1/users/profile_image/' . $tid;
$vcard['photo'] = 'https://api.twitter.com/1/users/profile_image?screen_name=' . $tid . '&size=bigger';
$vcard['nick'] = $tid;
$vcard['fn'] = $tid;
} */
if ($lastfm) {
$profile = $url;
$poll = str_replace(array('www.', 'last.fm/'), array('', 'ws.audioscrobbler.com/1.0/'), $url) . '/recenttracks.rss';
$vcard['nick'] = basename($url);
$vcard['fn'] = $vcard['nick'] . t(' on Last.fm');
$network = NETWORK_FEED;
}
if (!x($vcard, 'fn')) {
if (x($vcard, 'nick')) {
$vcard['fn'] = $vcard['nick'];
}
}
$check_feed = false;
if (stristr($url, 'tumblr.com') && !stristr($url, '/rss')) {
$poll = $url . '/rss';
$check_feed = true;
// Will leave it to others to figure out how to grab the avatar, which is on the $url page in the open graph meta links
}
if ($appnet || !$poll) {
$check_feed = true;
}
if (!isset($vcard) || !x($vcard, 'fn') || !$profile) {
$check_feed = true;
}
if ($at_addr && !count($links)) {
$check_feed = false;
}
if ($connectornetworks) {
$check_feed = false;
}
if ($check_feed) {
$feedret = scrape_feed($poll ? $poll : $url);
logger('probe_url: scrape_feed ' . ($poll ? $poll : $url) . ' returns: ' . print_r($feedret, true), LOGGER_DATA);
if (count($feedret) && ($feedret['feed_atom'] || $feedret['feed_rss'])) {
$poll = x($feedret, 'feed_atom') ? unamp($feedret['feed_atom']) : unamp($feedret['feed_rss']);
if (!x($vcard)) {
$vcard = array();
}
}
if (x($feedret, 'photo') && !x($vcard, 'photo')) {
$vcard['photo'] = $feedret['photo'];
}
require_once 'library/simplepie/simplepie.inc';
$feed = new SimplePie();
$xml = fetch_url($poll);
logger('probe_url: fetch feed: ' . $poll . ' returns: ' . $xml, LOGGER_DATA);
$a = get_app();
logger('probe_url: scrape_feed: headers: ' . $a->get_curl_headers(), LOGGER_DATA);
// Don't try and parse an empty string
$feed->set_raw_data($xml ? $xml : '<?xml version="1.0" encoding="utf-8" ?><xml></xml>');
$feed->init();
if ($feed->error()) {
logger('probe_url: scrape_feed: Error parsing XML: ' . $feed->error());
$network = NETWORK_PHANTOM;
}
if (!x($vcard, 'photo')) {
$vcard['photo'] = $feed->get_image_url();
}
$author = $feed->get_author();
if ($author) {
$vcard['fn'] = unxmlify(trim($author->get_name()));
if (!$vcard['fn']) {
$vcard['fn'] = trim(unxmlify($author->get_email()));
}
if (strpos($vcard['fn'], '@') !== false) {
$vcard['fn'] = substr($vcard['fn'], 0, strpos($vcard['fn'], '@'));
}
$email = unxmlify($author->get_email());
if (!$profile && $author->get_link()) {
$profile = trim(unxmlify($author->get_link()));
}
if (!$vcard['photo']) {
$rawtags = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
if ($rawtags) {
$elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
if (x($elems, 'link') && $elems['link'][0]['attribs']['']['rel'] === 'photo') {
$vcard['photo'] = $elems['link'][0]['attribs']['']['href'];
}
}
}
// Fetch fullname via poco:displayName
$pocotags = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
if ($pocotags) {
$elems = $pocotags[0]['child']['http://portablecontacts.net/spec/1.0'];
if (isset($elems["displayName"])) {
$vcard['fn'] = $elems["displayName"][0]["data"];
}
if (isset($elems["preferredUsername"])) {
$vcard['nick'] = $elems["preferredUsername"][0]["data"];
}
}
} else {
$item = $feed->get_item(0);
if ($item) {
$author = $item->get_author();
if ($author) {
$vcard['fn'] = trim(unxmlify($author->get_name()));
if (!$vcard['fn']) {
$vcard['fn'] = trim(unxmlify($author->get_email()));
}
if (strpos($vcard['fn'], '@') !== false) {
$vcard['fn'] = substr($vcard['fn'], 0, strpos($vcard['fn'], '@'));
}
$email = unxmlify($author->get_email());
if (!$profile && $author->get_link()) {
$profile = trim(unxmlify($author->get_link()));
}
}
if (!$vcard['photo']) {
$rawmedia = $item->get_item_tags('http://search.yahoo.com/mrss/', 'thumbnail');
if ($rawmedia && $rawmedia[0]['attribs']['']['url']) {
$vcard['photo'] = unxmlify($rawmedia[0]['attribs']['']['url']);
}
}
if (!$vcard['photo']) {
$rawtags = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
if ($rawtags) {
$elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
if (x($elems, 'link') && $elems['link'][0]['attribs']['']['rel'] === 'photo') {
$vcard['photo'] = $elems['link'][0]['attribs']['']['href'];
}
}
}
}
}
// Workaround for misconfigured Friendica servers
if ($network == "" and strstr($url, "/profile/")) {
$noscrape = str_replace("/profile/", "/noscrape/", $url);
$noscrapejson = fetch_url($noscrape);
if ($noscrapejson) {
$network = NETWORK_DFRN;
$poco = str_replace("/profile/", "/poco/", $url);
$noscrapedata = json_decode($noscrapejson, true);
if (isset($noscrapedata["addr"])) {
$addr = $noscrapedata["addr"];
}
if (isset($noscrapedata["fn"])) {
$vcard["fn"] = $noscrapedata["fn"];
}
if (isset($noscrapedata["key"])) {
$pubkey = $noscrapedata["key"];
}
if (isset($noscrapedata["photo"])) {
$vcard["photo"] = $noscrapedata["photo"];
}
if (isset($noscrapedata["dfrn-request"])) {
$request = $noscrapedata["dfrn-request"];
}
if (isset($noscrapedata["dfrn-confirm"])) {
$confirm = $noscrapedata["dfrn-confirm"];
}
if (isset($noscrapedata["dfrn-notify"])) {
$notify = $noscrapedata["dfrn-notify"];
}
if (isset($noscrapedata["dfrn-poll"])) {
$poll = $noscrapedata["dfrn-poll"];
}
}
}
if (!$vcard['photo'] && strlen($email)) {
$vcard['photo'] = avatar_img($email);
}
if ($poll === $profile) {
$lnk = $feed->get_permalink();
}
if (isset($lnk) && strlen($lnk)) {
$profile = $lnk;
}
if (!$network) {
$network = NETWORK_FEED;
// If it is a feed, don't take the author name as feed name
unset($vcard['fn']);
}
if (!x($vcard, 'fn')) {
$vcard['fn'] = notags($feed->get_title());
}
if (!x($vcard, 'fn')) {
$vcard['fn'] = notags($feed->get_description());
}
if (strpos($vcard['fn'], 'Twitter / ') !== false) {
$vcard['fn'] = substr($vcard['fn'], strpos($vcard['fn'], '/') + 1);
$vcard['fn'] = trim($vcard['fn']);
}
if (!x($vcard, 'nick')) {
$vcard['nick'] = strtolower(notags(unxmlify($vcard['fn'])));
if (strpos($vcard['nick'], ' ')) {
$vcard['nick'] = trim(substr($vcard['nick'], 0, strpos($vcard['nick'], ' ')));
}
}
if (!$priority) {
$priority = 2;
}
}
}
if (!x($vcard, 'photo')) {
$a = get_app();
$vcard['photo'] = $a->get_baseurl() . '/images/person-175.jpg';
}
if (!$profile) {
$profile = $url;
}
// No human could be associated with this link, use the URL as the contact name
if ($network === NETWORK_FEED && $poll && !x($vcard, 'fn')) {
$vcard['fn'] = $url;
}
if ($notify != "" and $poll != "") {
$baseurl = matching(normalise_link($notify), normalise_link($poll));
$baseurl2 = matching($baseurl, normalise_link($profile));
if ($baseurl2 != "") {
$baseurl = $baseurl2;
}
}
if ($baseurl == "" and $notify != "") {
$baseurl = matching(normalise_link($profile), normalise_link($notify));
}
if ($baseurl == "" and $poll != "") {
$baseurl = matching(normalise_link($profile), normalise_link($poll));
}
$baseurl = rtrim($baseurl, "/");
if (strpos($url, '@') and $addr == "" and $network == NETWORK_DFRN) {
$addr = str_replace('acct:', '', $url);
}
$vcard['fn'] = notags($vcard['fn']);
$vcard['nick'] = str_replace(' ', '', notags($vcard['nick']));
$result['name'] = $vcard['fn'];
$result['nick'] = $vcard['nick'];
$result['url'] = $profile;
$result['addr'] = $addr;
$result['batch'] = $batch;
$result['notify'] = $notify;
$result['poll'] = $poll;
$result['request'] = $request;
$result['confirm'] = $confirm;
$result['poco'] = $poco;
$result['photo'] = $vcard['photo'];
$result['priority'] = $priority;
$result['network'] = $network;
$result['alias'] = $alias;
$result['pubkey'] = $pubkey;
$result['baseurl'] = $baseurl;
logger('probe_url: ' . print_r($result, true), LOGGER_DEBUG);
if ($level == 1) {
// Trying if it maybe a diaspora account
if ($result['network'] == NETWORK_FEED or $result['addr'] == "") {
require_once 'include/bbcode.php';
$address = GetProfileUsername($url, "", true);
$result2 = probe_url($address, $mode, ++$level);
if ($result2['network'] != "") {
$result = $result2;
}
}
// Maybe it's some non standard GNU Social installation (Single user, subfolder or no uri rewrite)
if ($result['network'] == NETWORK_FEED and $result['baseurl'] != "" and $result['nick'] != "") {
$addr = $result['nick'] . '@' . str_replace("http://", "", $result['baseurl']);
$result2 = probe_url($addr, $mode, ++$level);
if ($result2['network'] != "" and $result2['network'] != NETWORK_FEED) {
$result = $result2;
}
}
}
// Only store into the cache if the value seems to be valid
if ($result['network'] != NETWORK_PHANTOM) {
Cache::set("probe_url:" . $mode . ":" . $url, serialize($result), CACHE_DAY);
}
return $result;
}
function diaspora_profile($importer, $xml, $msg)
{
$a = get_app();
$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
if ($diaspora_handle != $msg['author']) {
logger('diaspora_post: Potential forgery. Message handle is not the same as envelope sender.');
return 202;
}
$contact = diaspora_get_contact_by_handle($importer['channel_id'], $diaspora_handle);
if (!$contact) {
return;
}
if ($contact['blocked']) {
logger('diaspora_post: Ignoring this author.');
return 202;
}
$name = unxmlify($xml->first_name) . (strlen($xml->last_name) ? ' ' . unxmlify($xml->last_name) : '');
$image_url = unxmlify($xml->image_url);
$birthday = unxmlify($xml->birthday);
$handle_parts = explode("@", $diaspora_handle);
if ($name === '') {
$name = $handle_parts[0];
}
if (preg_match("|^https?://|", $image_url) === 0) {
$image_url = "http://" . $handle_parts[1] . $image_url;
}
/* $r = q("SELECT DISTINCT ( `resource-id` ) FROM `photo` WHERE `uid` = %d AND `contact-id` = %d AND `album` = 'Contact Photos' ",
intval($importer['channel_id']),
intval($contact['id'])
);
$oldphotos = ((count($r)) ? $r : null);*/
require_once 'include/Photo.php';
$images = import_profile_photo($image_url, $importer['channel_id'], $contact['id']);
// Generic birthday. We don't know the timezone. The year is irrelevant.
$birthday = str_replace('1000', '1901', $birthday);
$birthday = datetime_convert('UTC', 'UTC', $birthday, 'Y-m-d');
// this is to prevent multiple birthday notifications in a single year
// if we already have a stored birthday and the 'm-d' part hasn't changed, preserve the entry, which will preserve the notify year
if (substr($birthday, 5) === substr($contact['bd'], 5)) {
$birthday = $contact['bd'];
}
// TODO: update name on item['author-name'] if the name changed. See consume_feed()
// Not doing this currently because D* protocol is scheduled for revision soon.
$r = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s', `photo` = '%s', `thumb` = '%s', `micro` = '%s', `avatar-date` = '%s' , `bd` = '%s' WHERE `id` = %d AND `uid` = %d", dbesc($name), dbesc(datetime_convert()), dbesc($images[0]), dbesc($images[1]), dbesc($images[2]), dbesc(datetime_convert()), dbesc($birthday), intval($contact['id']), intval($importer['channel_id']));
/* if($r) {
if($oldphotos) {
foreach($oldphotos as $ph) {
q("DELETE FROM `photo` WHERE `uid` = %d AND `contact-id` = %d AND `album` = 'Contact Photos' AND `resource-id` = '%s' ",
intval($importer['channel_id']),
intval($contact['id']),
dbesc($ph['resource-id'])
);
}
}
} */
return;
}
function probe_url($url, $mode = PROBE_NORMAL)
{
require_once 'include/email.php';
$result = array();
if (!$url) {
return $result;
}
$network = null;
$diaspora = false;
$diaspora_base = '';
$diaspora_guid = '';
$diaspora_key = '';
$has_lrdd = false;
$email_conversant = false;
$twitter = strpos($url, 'twitter.com') !== false ? true : false;
$at_addr = strpos($url, '@') !== false ? true : false;
if (!$twitter) {
if (strpos($url, 'mailto:') !== false && $at_addr) {
$url = str_replace('mailto:', '', $url);
$links = array();
} else {
$links = lrdd($url);
}
if (count($links)) {
$has_lrdd = true;
logger('probe_url: found lrdd links: ' . print_r($links, true), LOGGER_DATA);
foreach ($links as $link) {
if ($link['@attributes']['rel'] === NAMESPACE_ZOT) {
$zot = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === NAMESPACE_DFRN) {
$dfrn = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === 'salmon') {
$notify = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === NAMESPACE_FEED) {
$poll = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === 'http://microformats.org/profile/hcard') {
$hcard = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') {
$profile = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === 'http://portablecontacts.net/spec/1.0') {
$poco = unamp($link['@attributes']['href']);
}
if ($link['@attributes']['rel'] === 'http://joindiaspora.com/seed_location') {
$diaspora_base = unamp($link['@attributes']['href']);
$diaspora = true;
}
if ($link['@attributes']['rel'] === 'http://joindiaspora.com/guid') {
$diaspora_guid = unamp($link['@attributes']['href']);
$diaspora = true;
}
if ($link['@attributes']['rel'] === 'diaspora-public-key') {
$diaspora_key = base64_decode(unamp($link['@attributes']['href']));
$pubkey = rsatopem($diaspora_key);
$diaspora = true;
}
}
// Status.Net can have more than one profile URL. We need to match the profile URL
// to a contact on incoming messages to prevent spam, and we won't know which one
// to match. So in case of two, one of them is stored as an alias. Only store URL's
// and not webfinger user@host aliases. If they've got more than two non-email style
// aliases, let's hope we're lucky and get one that matches the feed author-uri because
// otherwise we're screwed.
foreach ($links as $link) {
if ($link['@attributes']['rel'] === 'alias') {
if (strpos($link['@attributes']['href'], '@') === false) {
if (isset($profile)) {
if ($link['@attributes']['href'] !== $profile) {
$alias = unamp($link['@attributes']['href']);
}
} else {
$profile = unamp($link['@attributes']['href']);
}
}
}
}
} elseif ($mode == PROBE_NORMAL) {
// Check email
$orig_url = $url;
if (strpos($orig_url, '@') && validate_email($orig_url)) {
$x = q("SELECT `prvkey` FROM `user` WHERE `uid` = %d LIMIT 1", intval(local_user()));
$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d AND `server` != '' LIMIT 1", intval(local_user()));
if (count($x) && count($r)) {
$mailbox = construct_mailbox_name($r[0]);
$password = '';
openssl_private_decrypt(hex2bin($r[0]['pass']), $password, $x[0]['prvkey']);
$mbox = email_connect($mailbox, $r[0]['user'], $password);
if (!$mbox) {
logger('probe_url: email_connect failed.');
}
unset($password);
}
if ($mbox) {
$msgs = email_poll($mbox, $orig_url);
logger('probe_url: searching ' . $orig_url . ', ' . count($msgs) . ' messages found.', LOGGER_DEBUG);
if (count($msgs)) {
$addr = $orig_url;
$network = NETWORK_MAIL;
$name = substr($url, 0, strpos($url, '@'));
$phost = substr($url, strpos($url, '@') + 1);
$profile = 'http://' . $phost;
// fix nick character range
$vcard = array('fn' => $name, 'nick' => $name, 'photo' => avatar_img($url));
$notify = 'smtp ' . random_string();
$poll = 'email ' . random_string();
$priority = 0;
$x = email_msg_meta($mbox, $msgs[0]);
if (stristr($x->from, $orig_url)) {
$adr = imap_rfc822_parse_adrlist($x->from, '');
} elseif (stristr($x->to, $orig_url)) {
$adr = imap_rfc822_parse_adrlist($x->to, '');
}
if (isset($adr)) {
foreach ($adr as $feadr) {
if (strcasecmp($feadr->mailbox, $name) == 0 && strcasecmp($feadr->host, $phost) == 0 && strlen($feadr->personal)) {
$personal = imap_mime_header_decode($feadr->personal);
$vcard['fn'] = "";
foreach ($personal as $perspart) {
if ($perspart->charset != "default") {
$vcard['fn'] .= iconv($perspart->charset, 'UTF-8//IGNORE', $perspart->text);
} else {
$vcard['fn'] .= $perspart->text;
}
}
$vcard['fn'] = notags($vcard['fn']);
}
}
}
}
imap_close($mbox);
}
}
}
}
if ($mode == PROBE_NORMAL) {
if (strlen($zot)) {
$s = fetch_url($zot);
if ($s) {
$j = json_decode($s);
if ($j) {
$network = NETWORK_ZOT;
$vcard = array('fn' => $j->fullname, 'nick' => $j->nickname, 'photo' => $j->photo);
$profile = $j->url;
$notify = $j->post;
$pubkey = $j->pubkey;
$poll = 'N/A';
}
}
}
if (strlen($dfrn)) {
$ret = scrape_dfrn($hcard ? $hcard : $dfrn);
if (is_array($ret) && x($ret, 'dfrn-request')) {
$network = NETWORK_DFRN;
$request = $ret['dfrn-request'];
$confirm = $ret['dfrn-confirm'];
$notify = $ret['dfrn-notify'];
$poll = $ret['dfrn-poll'];
$vcard = array();
$vcard['fn'] = $ret['fn'];
$vcard['nick'] = $ret['nick'];
$vcard['photo'] = $ret['photo'];
}
}
}
if ($diaspora && $diaspora_base && $diaspora_guid) {
if ($mode == PROBE_DIASPORA || !$notify) {
$notify = $diaspora_base . 'receive/users/' . $diaspora_guid;
$batch = $diaspora_base . 'receive/public';
}
if (strpos($url, '@')) {
$addr = str_replace('acct:', '', $url);
}
}
if ($network !== NETWORK_ZOT && $network !== NETWORK_DFRN && $network !== NETWORK_MAIL) {
if ($diaspora) {
$network = NETWORK_DIASPORA;
} elseif ($has_lrdd) {
$network = NETWORK_OSTATUS;
}
$priority = 0;
if ($hcard && !$vcard) {
$vcard = scrape_vcard($hcard);
// Google doesn't use absolute url in profile photos
if (x($vcard, 'photo') && substr($vcard['photo'], 0, 1) == '/') {
$h = @parse_url($hcard);
if ($h) {
$vcard['photo'] = $h['scheme'] . '://' . $h['host'] . $vcard['photo'];
}
}
logger('probe_url: scrape_vcard: ' . print_r($vcard, true), LOGGER_DATA);
}
if ($twitter) {
logger('twitter: setup');
$tid = basename($url);
$tapi = 'https://api.twitter.com/1/statuses/user_timeline.rss';
if (intval($tid)) {
$poll = $tapi . '?user_id=' . $tid;
} else {
$poll = $tapi . '?screen_name=' . $tid;
}
$profile = 'http://twitter.com/#!/' . $tid;
$vcard['photo'] = 'https://api.twitter.com/1/users/profile_image/' . $tid;
$vcard['nick'] = $tid;
$vcard['fn'] = $tid . '@twitter';
}
if (!x($vcard, 'fn')) {
if (x($vcard, 'nick')) {
$vcard['fn'] = $vcard['nick'];
}
}
$check_feed = false;
if ($twitter || !$poll) {
$check_feed = true;
}
if (!isset($vcard) || !x($vcard, 'fn') || !$profile) {
$check_feed = true;
}
if ($at_addr && !count($links)) {
$check_feed = false;
}
if ($check_feed) {
$feedret = scrape_feed($poll ? $poll : $url);
logger('probe_url: scrape_feed ' . ($poll ? $poll : $url) . ' returns: ' . print_r($feedret, true), LOGGER_DATA);
if (count($feedret) && ($feedret['feed_atom'] || $feedret['feed_rss'])) {
$poll = x($feedret, 'feed_atom') ? unamp($feedret['feed_atom']) : unamp($feedret['feed_rss']);
if (!x($vcard)) {
$vcard = array();
}
}
if (x($feedret, 'photo') && !x($vcard, 'photo')) {
$vcard['photo'] = $feedret['photo'];
}
require_once 'library/simplepie/simplepie.inc';
$feed = new SimplePie();
$xml = fetch_url($poll);
logger('probe_url: fetch feed: ' . $poll . ' returns: ' . $xml, LOGGER_DATA);
$a = get_app();
logger('probe_url: scrape_feed: headers: ' . $a->get_curl_headers(), LOGGER_DATA);
$feed->set_raw_data($xml);
$feed->init();
if ($feed->error()) {
logger('probe_url: scrape_feed: Error parsing XML: ' . $feed->error());
}
if (!x($vcard, 'photo')) {
$vcard['photo'] = $feed->get_image_url();
}
$author = $feed->get_author();
if ($author) {
$vcard['fn'] = unxmlify(trim($author->get_name()));
if (!$vcard['fn']) {
$vcard['fn'] = trim(unxmlify($author->get_email()));
}
if (strpos($vcard['fn'], '@') !== false) {
$vcard['fn'] = substr($vcard['fn'], 0, strpos($vcard['fn'], '@'));
}
$email = unxmlify($author->get_email());
if (!$profile && $author->get_link()) {
$profile = trim(unxmlify($author->get_link()));
}
if (!$vcard['photo']) {
$rawtags = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
if ($rawtags) {
$elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
if (x($elems, 'link') && $elems['link'][0]['attribs']['']['rel'] === 'photo') {
$vcard['photo'] = $elems['link'][0]['attribs']['']['href'];
}
}
}
} else {
$item = $feed->get_item(0);
if ($item) {
$author = $item->get_author();
if ($author) {
$vcard['fn'] = trim(unxmlify($author->get_name()));
if (!$vcard['fn']) {
$vcard['fn'] = trim(unxmlify($author->get_email()));
}
if (strpos($vcard['fn'], '@') !== false) {
$vcard['fn'] = substr($vcard['fn'], 0, strpos($vcard['fn'], '@'));
}
$email = unxmlify($author->get_email());
if (!$profile && $author->get_link()) {
$profile = trim(unxmlify($author->get_link()));
}
}
if (!$vcard['photo']) {
$rawmedia = $item->get_item_tags('http://search.yahoo.com/mrss/', 'thumbnail');
if ($rawmedia && $rawmedia[0]['attribs']['']['url']) {
$vcard['photo'] = unxmlify($rawmedia[0]['attribs']['']['url']);
}
}
if (!$vcard['photo']) {
$rawtags = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
if ($rawtags) {
$elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
if (x($elems, 'link') && $elems['link'][0]['attribs']['']['rel'] === 'photo') {
$vcard['photo'] = $elems['link'][0]['attribs']['']['href'];
}
}
}
}
}
if (!$vcard['photo'] && strlen($email)) {
$vcard['photo'] = avatar_img($email);
}
if ($poll === $profile) {
$lnk = $feed->get_permalink();
}
if (isset($lnk) && strlen($lnk)) {
$profile = $lnk;
}
if (!x($vcard, 'fn')) {
$vcard['fn'] = notags($feed->get_title());
}
if (!x($vcard, 'fn')) {
$vcard['fn'] = notags($feed->get_description());
}
if (strpos($vcard['fn'], 'Twitter / ') !== false) {
$vcard['fn'] = substr($vcard['fn'], strpos($vcard['fn'], '/') + 1);
$vcard['fn'] = trim($vcard['fn']);
}
if (!x($vcard, 'nick')) {
$vcard['nick'] = strtolower(notags(unxmlify($vcard['fn'])));
if (strpos($vcard['nick'], ' ')) {
$vcard['nick'] = trim(substr($vcard['nick'], 0, strpos($vcard['nick'], ' ')));
}
}
if (!$network) {
$network = NETWORK_FEED;
}
if (!$priority) {
$priority = 2;
}
}
}
if (!x($vcard, 'photo')) {
$a = get_app();
$vcard['photo'] = $a->get_baseurl() . '/images/person-175.jpg';
}
if (!$profile) {
$profile = $url;
}
// No human could be associated with this link, use the URL as the contact name
if ($network === NETWORK_FEED && $poll && !x($vcard, 'fn')) {
$vcard['fn'] = $url;
}
$vcard['fn'] = notags($vcard['fn']);
$vcard['nick'] = str_replace(' ', '', notags($vcard['nick']));
$result['name'] = $vcard['fn'];
$result['nick'] = $vcard['nick'];
$result['url'] = $profile;
$result['addr'] = $addr;
$result['batch'] = $batch;
$result['notify'] = $notify;
$result['poll'] = $poll;
$result['request'] = $request;
$result['confirm'] = $confirm;
$result['poco'] = $poco;
$result['photo'] = $vcard['photo'];
$result['priority'] = $priority;
$result['network'] = $network;
$result['alias'] = $alias;
$result['pubkey'] = $pubkey;
logger('probe_url: ' . print_r($result, true), LOGGER_DEBUG);
return $result;
}
function local_delivery($importer, $data)
{
$a = get_app();
if ($importer['readonly']) {
// We aren't receiving stuff from this person. But we will quietly ignore them
// rather than a blatant "go away" message.
logger('local_delivery: ignoring');
return 0;
//NOTREACHED
}
// Consume notification feed. This may differ from consuming a public feed in several ways
// - might contain email or friend suggestions
// - might contain remote followup to our message
// - in which case we need to accept it and then notify other conversants
// - we may need to send various email notifications
$feed = new SimplePie();
$feed->set_raw_data($data);
$feed->enable_order_by_date(false);
$feed->init();
/*
// Currently unsupported - needs a lot of work
$reloc = $feed->get_feed_tags( NAMESPACE_DFRN, 'relocate' );
if(isset($reloc[0]['child'][NAMESPACE_DFRN])) {
$base = $reloc[0]['child'][NAMESPACE_DFRN];
$newloc = array();
$newloc['uid'] = $importer['importer_uid'];
$newloc['cid'] = $importer['id'];
$newloc['name'] = notags(unxmlify($base['name'][0]['data']));
$newloc['photo'] = notags(unxmlify($base['photo'][0]['data']));
$newloc['url'] = notags(unxmlify($base['url'][0]['data']));
$newloc['request'] = notags(unxmlify($base['request'][0]['data']));
$newloc['confirm'] = notags(unxmlify($base['confirm'][0]['data']));
$newloc['notify'] = notags(unxmlify($base['notify'][0]['data']));
$newloc['poll'] = notags(unxmlify($base['poll'][0]['data']));
$newloc['site-pubkey'] = notags(unxmlify($base['site-pubkey'][0]['data']));
$newloc['pubkey'] = notags(unxmlify($base['pubkey'][0]['data']));
$newloc['prvkey'] = notags(unxmlify($base['prvkey'][0]['data']));
// TODO
// merge with current record, current contents have priority
// update record, set url-updated
// update profile photos
// schedule a scan?
}
*/
// handle friend suggestion notification
$sugg = $feed->get_feed_tags(NAMESPACE_DFRN, 'suggest');
if (isset($sugg[0]['child'][NAMESPACE_DFRN])) {
$base = $sugg[0]['child'][NAMESPACE_DFRN];
$fsugg = array();
$fsugg['uid'] = $importer['importer_uid'];
$fsugg['cid'] = $importer['id'];
$fsugg['name'] = notags(unxmlify($base['name'][0]['data']));
$fsugg['photo'] = notags(unxmlify($base['photo'][0]['data']));
$fsugg['url'] = notags(unxmlify($base['url'][0]['data']));
$fsugg['request'] = notags(unxmlify($base['request'][0]['data']));
$fsugg['body'] = escape_tags(unxmlify($base['note'][0]['data']));
// Does our member already have a friend matching this description?
$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `nurl` = '%s' AND `uid` = %d LIMIT 1", dbesc($fsugg['name']), dbesc(normalise_link($fsugg['url'])), intval($fsugg['uid']));
if (count($r)) {
return 0;
}
// Do we already have an fcontact record for this person?
$fid = 0;
$r = q("SELECT * FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1", dbesc($fsugg['url']), dbesc($fsugg['name']), dbesc($fsugg['request']));
if (count($r)) {
$fid = $r[0]['id'];
// OK, we do. Do we already have an introduction for this person ?
$r = q("select id from intro where uid = %d and fid = %d limit 1", intval($fsugg['uid']), intval($fid));
if (count($r)) {
return 0;
}
}
if (!$fid) {
$r = q("INSERT INTO `fcontact` ( `name`,`url`,`photo`,`request` ) VALUES ( '%s', '%s', '%s', '%s' ) ", dbesc($fsugg['name']), dbesc($fsugg['url']), dbesc($fsugg['photo']), dbesc($fsugg['request']));
}
$r = q("SELECT * FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1", dbesc($fsugg['url']), dbesc($fsugg['name']), dbesc($fsugg['request']));
if (count($r)) {
$fid = $r[0]['id'];
} else {
return 0;
}
$hash = random_string();
$r = q("INSERT INTO `intro` ( `uid`, `fid`, `contact-id`, `note`, `hash`, `datetime`, `blocked` )\n\t\t\tVALUES( %d, %d, %d, '%s', '%s', '%s', %d )", intval($fsugg['uid']), intval($fid), intval($fsugg['cid']), dbesc($fsugg['body']), dbesc($hash), dbesc(datetime_convert()), intval(0));
notification(array('type' => NOTIFY_SUGGEST, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $fsugg, 'link' => $a->get_baseurl() . '/notifications/intros', 'source_name' => $importer['name'], 'source_link' => $importer['url'], 'source_photo' => $importer['photo'], 'verb' => ACTIVITY_REQ_FRIEND, 'otype' => 'intro'));
return 0;
}
$ismail = false;
$rawmail = $feed->get_feed_tags(NAMESPACE_DFRN, 'mail');
if (isset($rawmail[0]['child'][NAMESPACE_DFRN])) {
logger('local_delivery: private message received');
$ismail = true;
$base = $rawmail[0]['child'][NAMESPACE_DFRN];
$msg = array();
$msg['uid'] = $importer['importer_uid'];
$msg['from-name'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['name'][0]['data']));
$msg['from-photo'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['avatar'][0]['data']));
$msg['from-url'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['uri'][0]['data']));
$msg['contact-id'] = $importer['id'];
$msg['title'] = notags(unxmlify($base['subject'][0]['data']));
$msg['body'] = escape_tags(unxmlify($base['content'][0]['data']));
$msg['seen'] = 0;
$msg['replied'] = 0;
$msg['uri'] = notags(unxmlify($base['id'][0]['data']));
$msg['parent-uri'] = notags(unxmlify($base['in-reply-to'][0]['data']));
$msg['created'] = datetime_convert(notags(unxmlify('UTC', 'UTC', $base['sentdate'][0]['data'])));
dbesc_array($msg);
$r = dbq("INSERT INTO `mail` (`" . implode("`, `", array_keys($msg)) . "`) VALUES ('" . implode("', '", array_values($msg)) . "')");
// send notifications.
require_once 'include/enotify.php';
$notif_params = array('type' => NOTIFY_MAIL, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $msg, 'source_name' => $msg['from-name'], 'source_link' => $importer['url'], 'source_photo' => $importer['thumb'], 'verb' => ACTIVITY_POST, 'otype' => 'mail');
notification($notif_params);
return 0;
// NOTREACHED
}
$community_page = 0;
$rawtags = $feed->get_feed_tags(NAMESPACE_DFRN, 'community');
if ($rawtags) {
$community_page = intval($rawtags[0]['data']);
}
if (intval($importer['forum']) != $community_page) {
q("update contact set forum = %d where id = %d limit 1", intval($community_page), intval($importer['id']));
$importer['forum'] = (string) $community_page;
}
logger('local_delivery: feed item count = ' . $feed->get_item_quantity());
// process any deleted entries
$del_entries = $feed->get_feed_tags(NAMESPACE_TOMB, 'deleted-entry');
if (is_array($del_entries) && count($del_entries)) {
foreach ($del_entries as $dentry) {
$deleted = false;
if (isset($dentry['attribs']['']['ref'])) {
$uri = $dentry['attribs']['']['ref'];
$deleted = true;
if (isset($dentry['attribs']['']['when'])) {
$when = $dentry['attribs']['']['when'];
$when = datetime_convert('UTC', 'UTC', $when, 'Y-m-d H:i:s');
} else {
$when = datetime_convert('UTC', 'UTC', 'now', 'Y-m-d H:i:s');
}
}
if ($deleted) {
$r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join contact on `item`.`contact-id` = `contact`.`id`\n\t\t\t\t\tWHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1", dbesc($uri), intval($importer['importer_uid']), intval($importer['id']));
if (count($r)) {
$item = $r[0];
if ($item['deleted']) {
continue;
}
logger('local_delivery: deleting item ' . $item['id'] . ' uri=' . $item['uri'], LOGGER_DEBUG);
if ($item['verb'] === ACTIVITY_TAG && $item['object-type'] === ACTIVITY_OBJ_TAGTERM) {
$xo = parse_xml_string($item['object'], false);
$xt = parse_xml_string($item['target'], false);
if ($xt->type === ACTIVITY_OBJ_NOTE) {
$i = q("select * from `item` where uri = '%s' and uid = %d limit 1", dbesc($xt->id), intval($importer['importer_uid']));
if (count($i)) {
// For tags, the owner cannot remove the tag on the author's copy of the post.
$owner_remove = $item['contact-id'] == $i[0]['contact-id'] ? true : false;
$author_remove = $item['origin'] && $item['self'] ? true : false;
$author_copy = $item['origin'] ? true : false;
if ($owner_remove && $author_copy) {
continue;
}
if ($author_remove || $owner_remove) {
$tags = explode(',', $i[0]['tag']);
$newtags = array();
if (count($tags)) {
foreach ($tags as $tag) {
if (trim($tag) !== trim($xo->body)) {
$newtags[] = trim($tag);
}
}
}
q("update item set tag = '%s' where id = %d limit 1", dbesc(implode(',', $newtags)), intval($i[0]['id']));
}
}
}
}
if ($item['uri'] == $item['parent-uri']) {
$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s'\n\t\t\t\t\t\t\tWHERE `parent-uri` = '%s' AND `uid` = %d", dbesc($when), dbesc(datetime_convert()), dbesc($item['uri']), intval($importer['importer_uid']));
} else {
$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s' \n\t\t\t\t\t\t\tWHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($when), dbesc(datetime_convert()), dbesc($uri), intval($importer['importer_uid']));
if ($item['last-child']) {
// ensure that last-child is set in case the comment that had it just got wiped.
q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d ", dbesc(datetime_convert()), dbesc($item['parent-uri']), intval($item['uid']));
// who is the last child now?
$r = q("SELECT `id` FROM `item` WHERE `parent-uri` = '%s' AND `type` != 'activity' AND `deleted` = 0 AND `uid` = %d\n\t\t\t\t\t\t\t\tORDER BY `created` DESC LIMIT 1", dbesc($item['parent-uri']), intval($importer['importer_uid']));
if (count($r)) {
q("UPDATE `item` SET `last-child` = 1 WHERE `id` = %d LIMIT 1", intval($r[0]['id']));
}
}
}
}
}
}
}
foreach ($feed->get_items() as $item) {
$is_reply = false;
$item_id = $item->get_id();
$rawthread = $item->get_item_tags(NAMESPACE_THREAD, 'in-reply-to');
if (isset($rawthread[0]['attribs']['']['ref'])) {
$is_reply = true;
$parent_uri = $rawthread[0]['attribs']['']['ref'];
}
if ($is_reply) {
$community = false;
if ($importer['page-flags'] == PAGE_COMMUNITY || $importer['page-flags'] == PAGE_PRVGROUP) {
$sql_extra = '';
$community = true;
logger('local_delivery: possible community reply');
} else {
$sql_extra = " and contact.self = 1 and item.wall = 1 ";
}
// was the top-level post for this reply written by somebody on this site?
// Specifically, the recipient?
$is_a_remote_comment = false;
$r = q("select `item`.`id`, `item`.`uri`, `item`.`tag`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`, \n\t\t\t\t`contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item` \n\t\t\t\tLEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` \n\t\t\t\tWHERE `item`.`uri` = '%s' AND `item`.`parent-uri` = '%s'\n\t\t\t\tAND `item`.`uid` = %d \n\t\t\t\t{$sql_extra}\n\t\t\t\tLIMIT 1", dbesc($parent_uri), dbesc($parent_uri), intval($importer['importer_uid']));
if ($r && count($r)) {
$is_a_remote_comment = true;
}
// Does this have the characteristics of a community or private group comment?
// If it's a reply to a wall post on a community/prvgroup page it's a
// valid community comment. Also forum_mode makes it valid for sure.
// If neither, it's not.
if ($is_a_remote_comment && $community) {
if (!$r[0]['forum_mode'] && !$r[0]['wall']) {
$is_a_remote_comment = false;
logger('local_delivery: not a community reply');
}
}
if ($is_a_remote_comment) {
logger('local_delivery: received remote comment');
$is_like = false;
// remote reply to our post. Import and then notify everybody else.
$datarray = get_atom_elements($feed, $item);
$r = q("SELECT `id`, `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['importer_uid']));
// Update content if 'updated' changes
if (count($r)) {
$iid = $r[0]['id'];
if (x($datarray, 'edited') !== false && datetime_convert('UTC', 'UTC', $datarray['edited']) !== $r[0]['edited']) {
logger('received updated comment', LOGGER_DEBUG);
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['tag']), dbesc(datetime_convert('UTC', 'UTC', $datarray['edited'])), dbesc($item_id), intval($importer['importer_uid']));
proc_run('php', "include/notifier.php", "comment-import", $iid);
}
continue;
}
// TODO: make this next part work against both delivery threads of a community post
// if((! link_compare($datarray['author-link'],$importer['url'])) && (! $community)) {
// logger('local_delivery: received relay claiming to be from ' . $importer['url'] . ' however comment author url is ' . $datarray['author-link'] );
// they won't know what to do so don't report an error. Just quietly die.
// return 0;
// }
// our user with $importer['importer_uid'] is the owner
$own = q("select name,url,thumb from contact where uid = %d and self = 1 limit 1", intval($importer['importer_uid']));
$datarray['type'] = 'remote-comment';
$datarray['wall'] = 1;
$datarray['parent-uri'] = $parent_uri;
$datarray['uid'] = $importer['importer_uid'];
$datarray['owner-name'] = $own[0]['name'];
$datarray['owner-link'] = $own[0]['url'];
$datarray['owner-avatar'] = $own[0]['thumb'];
$datarray['contact-id'] = $importer['id'];
if ($datarray['verb'] === ACTIVITY_LIKE || $datarray['verb'] === ACTIVITY_DISLIKE) {
$is_like = true;
$datarray['type'] = 'activity';
$datarray['gravity'] = GRAVITY_LIKE;
$datarray['last-child'] = 0;
// only one like or dislike per person
$r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']));
if ($r && count($r)) {
continue;
}
}
if ($datarray['verb'] === ACTIVITY_TAG && $datarray['object-type'] === ACTIVITY_OBJ_TAGTERM) {
$xo = parse_xml_string($datarray['object'], false);
$xt = parse_xml_string($datarray['target'], false);
if ($xt->type == ACTIVITY_OBJ_NOTE && $xt->id) {
// fetch the parent item
$tagp = q("select * from item where uri = '%s' and uid = %d limit 1", dbesc($xt->id), intval($importer['importer_uid']));
if (!count($tagp)) {
continue;
}
// extract tag, if not duplicate, and this user allows tags, add to parent item
if ($xo->id && $xo->content) {
$newtag = '#[url=' . $xo->id . ']' . $xo->content . '[/url]';
if (!stristr($tagp[0]['tag'], $newtag)) {
$i = q("SELECT `blocktags` FROM `user` where `uid` = %d LIMIT 1", intval($importer['importer_uid']));
if (count($i) && !intval($i[0]['blocktags'])) {
q("UPDATE item SET tag = '%s', `edited` = '%s' WHERE id = %d LIMIT 1", dbesc($tagp[0]['tag'] . (strlen($tagp[0]['tag']) ? ',' : '') . $newtag), intval($tagp[0]['id']), dbesc(datetime_convert()));
}
}
}
}
}
// if($community) {
// $newtag = '@[url=' . $a->get_baseurl() . '/profile/' . $importer['nickname'] . ']' . $importer['username'] . '[/url]';
// if(! stristr($datarray['tag'],$newtag)) {
// if(strlen($datarray['tag']))
// $datarray['tag'] .= ',';
// $datarray['tag'] .= $newtag;
// }
// }
$posted_id = item_store($datarray);
$parent = 0;
if ($posted_id) {
$r = q("SELECT `parent` FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($posted_id), intval($importer['importer_uid']));
if (count($r)) {
$parent = $r[0]['parent'];
}
if (!$is_like) {
$r1 = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `uid` = %d AND `parent` = %d", dbesc(datetime_convert()), intval($importer['importer_uid']), intval($r[0]['parent']));
$r2 = q("UPDATE `item` SET `last-child` = 1, `changed` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1", dbesc(datetime_convert()), intval($importer['importer_uid']), intval($posted_id));
}
if ($posted_id && $parent) {
proc_run('php', "include/notifier.php", "comment-import", "{$posted_id}");
if (!$is_like && !$importer['self']) {
require_once 'include/enotify.php';
notification(array('type' => NOTIFY_COMMENT, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $posted_id, 'source_name' => stripslashes($datarray['author-name']), 'source_link' => $datarray['author-link'], 'source_photo' => link_compare($datarray['author-link'], $importer['url']) ? $importer['thumb'] : $datarray['author-avatar'], 'verb' => ACTIVITY_POST, 'otype' => 'item', 'parent' => $parent));
}
}
return 0;
// NOTREACHED
}
} else {
// regular comment that is part of this total conversation. Have we seen it? If not, import it.
$item_id = $item->get_id();
$datarray = get_atom_elements($feed, $item);
$r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['importer_uid']));
// Update content if 'updated' changes
if (count($r)) {
if (x($datarray, 'edited') !== false && datetime_convert('UTC', 'UTC', $datarray['edited']) !== $r[0]['edited']) {
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['tag']), dbesc(datetime_convert('UTC', 'UTC', $datarray['edited'])), dbesc($item_id), intval($importer['importer_uid']));
}
// update last-child if it changes
$allow = $item->get_item_tags(NAMESPACE_DFRN, 'comment-allow');
if ($allow && $allow[0]['data'] != $r[0]['last-child']) {
$r = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d", dbesc(datetime_convert()), dbesc($parent_uri), intval($importer['importer_uid']));
$r = q("UPDATE `item` SET `last-child` = %d , `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", intval($allow[0]['data']), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
}
continue;
}
$datarray['parent-uri'] = $parent_uri;
$datarray['uid'] = $importer['importer_uid'];
$datarray['contact-id'] = $importer['id'];
if ($datarray['verb'] == ACTIVITY_LIKE || $datarray['verb'] == ACTIVITY_DISLIKE) {
$datarray['type'] = 'activity';
$datarray['gravity'] = GRAVITY_LIKE;
// only one like or dislike per person
$r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']));
if ($r && count($r)) {
continue;
}
}
if ($datarray['verb'] === ACTIVITY_TAG && $datarray['object-type'] === ACTIVITY_OBJ_TAGTERM) {
$xo = parse_xml_string($datarray['object'], false);
$xt = parse_xml_string($datarray['target'], false);
if ($xt->type == ACTIVITY_OBJ_NOTE) {
$r = q("select * from item where `uri` = '%s' AND `uid` = %d limit 1", dbesc($xt->id), intval($importer['importer_uid']));
if (!count($r)) {
continue;
}
// extract tag, if not duplicate, add to parent item
if ($xo->content) {
if (!stristr($r[0]['tag'], trim($xo->content))) {
q("UPDATE item SET tag = '%s' WHERE id = %d LIMIT 1", dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[url=' . $xo->id . ']' . $xo->content . '[/url]'), intval($r[0]['id']));
}
}
}
}
$posted_id = item_store($datarray);
// find out if our user is involved in this conversation and wants to be notified.
if (!x($datarray['type']) || $datarray['type'] != 'activity') {
$myconv = q("SELECT `author-link`, `author-avatar`, `parent` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d AND `parent` != 0 AND `deleted` = 0", dbesc($parent_uri), intval($importer['importer_uid']));
if (count($myconv)) {
$importer_url = $a->get_baseurl() . '/profile/' . $importer['nickname'];
// first make sure this isn't our own post coming back to us from a wall-to-wall event
if (!link_compare($datarray['author-link'], $importer_url)) {
foreach ($myconv as $conv) {
// now if we find a match, it means we're in this conversation
if (!link_compare($conv['author-link'], $importer_url)) {
continue;
}
require_once 'include/enotify.php';
$conv_parent = $conv['parent'];
notification(array('type' => NOTIFY_COMMENT, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $posted_id, 'source_name' => stripslashes($datarray['author-name']), 'source_link' => $datarray['author-link'], 'source_photo' => link_compare($datarray['author-link'], $importer['url']) ? $importer['thumb'] : $datarray['author-avatar'], 'verb' => ACTIVITY_POST, 'otype' => 'item', 'parent' => $conv_parent));
// only send one notification
break;
}
}
}
}
continue;
}
} else {
// Head post of a conversation. Have we seen it? If not, import it.
$item_id = $item->get_id();
$datarray = get_atom_elements($feed, $item);
if (x($datarray, 'object-type') && $datarray['object-type'] === ACTIVITY_OBJ_EVENT) {
$ev = bbtoevent($datarray['body']);
if (x($ev, 'desc') && x($ev, 'start')) {
$ev['cid'] = $importer['id'];
$ev['uid'] = $importer['uid'];
$ev['uri'] = $item_id;
$ev['edited'] = $datarray['edited'];
$ev['private'] = $datarray['private'];
$r = q("SELECT * FROM `event` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['uid']));
if (count($r)) {
$ev['id'] = $r[0]['id'];
}
$xyz = event_store($ev);
continue;
}
}
$r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['importer_uid']));
// Update content if 'updated' changes
if (count($r)) {
if (x($datarray, 'edited') !== false && datetime_convert('UTC', 'UTC', $datarray['edited']) !== $r[0]['edited']) {
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['tag']), dbesc(datetime_convert('UTC', 'UTC', $datarray['edited'])), dbesc($item_id), intval($importer['importer_uid']));
}
// update last-child if it changes
$allow = $item->get_item_tags(NAMESPACE_DFRN, 'comment-allow');
if ($allow && $allow[0]['data'] != $r[0]['last-child']) {
$r = q("UPDATE `item` SET `last-child` = %d , `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", intval($allow[0]['data']), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
}
continue;
}
// This is my contact on another system, but it's really me.
// Turn this into a wall post.
if ($importer['remote_self']) {
$datarray['wall'] = 1;
}
$datarray['parent-uri'] = $item_id;
$datarray['uid'] = $importer['importer_uid'];
$datarray['contact-id'] = $importer['id'];
if (!link_compare($datarray['owner-link'], $contact['url'])) {
// The item owner info is not our contact. It's OK and is to be expected if this is a tgroup delivery,
// but otherwise there's a possible data mixup on the sender's system.
// the tgroup delivery code called from item_store will correct it if it's a forum,
// but we're going to unconditionally correct it here so that the post will always be owned by our contact.
logger('local_delivery: Correcting item owner.', LOGGER_DEBUG);
$datarray['owner-name'] = $importer['senderName'];
$datarray['owner-link'] = $importer['url'];
$datarray['owner-avatar'] = $importer['thumb'];
}
$r = item_store($datarray);
continue;
}
}
return 0;
// NOTREACHED
}
function dfrn_confirm_post(&$a, $handsfree = null)
{
if (is_array($handsfree)) {
/**
* We were called directly from dfrn_request due to automatic friend acceptance.
* Any $_POST parameters we may require are supplied in the $handsfree array.
*
*/
$node = $handsfree['node'];
$a->interactive = false;
// notice() becomes a no-op since nobody is there to see it
} else {
if ($a->argc > 1) {
$node = $a->argv[1];
}
}
/**
*
* Main entry point. Scenario 1. Our user received a friend request notification (perhaps
* from another site) and clicked 'Approve'.
* $POST['source_url'] is not set. If it is, it indicates Scenario 2.
*
* We may also have been called directly from dfrn_request ($handsfree != null) due to
* this being a page type which supports automatic friend acceptance. That is also Scenario 1
* since we are operating on behalf of our registered user to approve a friendship.
*
*/
if (!x($_POST, 'source_url')) {
$uid = is_array($handsfree) ? $handsfree['uid'] : local_user();
if (!$uid) {
notice(t('Permission denied.') . EOL);
return;
}
$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($uid));
if (!$user) {
notice(t('Profile not found.') . EOL);
return;
}
// These data elements may come from either the friend request notification form or $handsfree array.
if (is_array($handsfree)) {
logger('Confirm in handsfree mode');
$dfrn_id = $handsfree['dfrn_id'];
$intro_id = $handsfree['intro_id'];
$duplex = $handsfree['duplex'];
$hidden = array_key_exists('hidden', $handsfree) ? intval($handsfree['hidden']) : 0;
$activity = array_key_exists('activity', $handsfree) ? intval($handsfree['activity']) : 0;
} else {
$dfrn_id = x($_POST, 'dfrn_id') ? notags(trim($_POST['dfrn_id'])) : "";
$intro_id = x($_POST, 'intro_id') ? intval($_POST['intro_id']) : 0;
$duplex = x($_POST, 'duplex') ? intval($_POST['duplex']) : 0;
$cid = x($_POST, 'contact_id') ? intval($_POST['contact_id']) : 0;
$hidden = x($_POST, 'hidden') ? intval($_POST['hidden']) : 0;
$activity = x($_POST, 'activity') ? intval($_POST['activity']) : 0;
}
/**
*
* Ensure that dfrn_id has precedence when we go to find the contact record.
* We only want to search based on contact id if there is no dfrn_id,
* e.g. for OStatus network followers.
*
*/
if (strlen($dfrn_id)) {
$cid = 0;
}
logger('Confirming request for dfrn_id (issued) ' . $dfrn_id);
if ($cid) {
logger('Confirming follower with contact_id: ' . $cid);
}
/**
*
* The other person will have been issued an ID when they first requested friendship.
* Locate their record. At this time, their record will have both pending and blocked set to 1.
* There won't be any dfrn_id if this is a network follower, so use the contact_id instead.
*
*/
$r = q("SELECT * FROM `contact` WHERE ( ( `issued-id` != '' AND `issued-id` = '%s' ) OR ( `id` = %d AND `id` != 0 ) ) AND `uid` = %d AND `duplex` = 0 LIMIT 1", dbesc($dfrn_id), intval($cid), intval($uid));
if (!count($r)) {
logger('Contact not found in DB.');
notice(t('Contact not found.') . EOL);
notice(t('This may occasionally happen if contact was requested by both persons and it has already been approved.') . EOL);
return;
}
$contact = $r[0];
$contact_id = $contact['id'];
$relation = $contact['rel'];
$site_pubkey = $contact['site-pubkey'];
$dfrn_confirm = $contact['confirm'];
$aes_allow = $contact['aes_allow'];
$network = strlen($contact['issued-id']) ? NETWORK_DFRN : NETWORK_OSTATUS;
if ($contact['network']) {
$network = $contact['network'];
}
if ($network === NETWORK_DFRN) {
/**
*
* Generate a key pair for all further communications with this person.
* We have a keypair for every contact, and a site key for unknown people.
* This provides a means to carry on relationships with other people if
* any single key is compromised. It is a robust key. We're much more
* worried about key leakage than anybody cracking it.
*
*/
require_once 'include/crypto.php';
$res = new_keypair(4096);
$private_key = $res['prvkey'];
$public_key = $res['pubkey'];
// Save the private key. Send them the public key.
$r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d", dbesc($private_key), intval($contact_id), intval($uid));
$params = array();
/**
*
* Per the DFRN protocol, we will verify both ends by encrypting the dfrn_id with our
* site private key (person on the other end can decrypt it with our site public key).
* Then encrypt our profile URL with the other person's site public key. They can decrypt
* it with their site private key. If the decryption on the other end fails for either
* item, it indicates tampering or key failure on at least one site and we will not be
* able to provide a secure communication pathway.
*
* If other site is willing to accept full encryption, (aes_allow is 1 AND we have php5.3
* or later) then we encrypt the personal public key we send them using AES-256-CBC and a
* random key which is encrypted with their site public key.
*
*/
$src_aes_key = random_string();
$result = '';
openssl_private_encrypt($dfrn_id, $result, $user[0]['prvkey']);
$params['dfrn_id'] = bin2hex($result);
$params['public_key'] = $public_key;
$my_url = $a->get_baseurl() . '/profile/' . $user[0]['nickname'];
openssl_public_encrypt($my_url, $params['source_url'], $site_pubkey);
$params['source_url'] = bin2hex($params['source_url']);
if ($aes_allow && function_exists('openssl_encrypt')) {
openssl_public_encrypt($src_aes_key, $params['aes_key'], $site_pubkey);
$params['aes_key'] = bin2hex($params['aes_key']);
$params['public_key'] = bin2hex(openssl_encrypt($public_key, 'AES-256-CBC', $src_aes_key));
}
$params['dfrn_version'] = DFRN_PROTOCOL_VERSION;
if ($duplex == 1) {
$params['duplex'] = 1;
}
if ($user[0]['page-flags'] == PAGE_COMMUNITY) {
$params['page'] = 1;
}
if ($user[0]['page-flags'] == PAGE_PRVGROUP) {
$params['page'] = 2;
}
logger('Confirm: posting data to ' . $dfrn_confirm . ': ' . print_r($params, true), LOGGER_DATA);
/**
*
* POST all this stuff to the other site.
* Temporarily raise the network timeout to 120 seconds because the default 60
* doesn't always give the other side quite enough time to decrypt everything.
*
*/
$a->config['system']['curl_timeout'] = 120;
$res = post_url($dfrn_confirm, $params);
logger(' Confirm: received data: ' . $res, LOGGER_DATA);
// Now figure out what they responded. Try to be robust if the remote site is
// having difficulty and throwing up errors of some kind.
$leading_junk = substr($res, 0, strpos($res, '<?xml'));
$res = substr($res, strpos($res, '<?xml'));
if (!strlen($res)) {
// No XML at all, this exchange is messed up really bad.
// We shouldn't proceed, because the xml parser might choke,
// and $status is going to be zero, which indicates success.
// We can hardly call this a success.
notice(t('Response from remote site was not understood.') . EOL);
return;
}
if (strlen($leading_junk) && get_config('system', 'debugging')) {
// This might be more common. Mixed error text and some XML.
// If we're configured for debugging, show the text. Proceed in either case.
notice(t('Unexpected response from remote site: ') . EOL . $leading_junk . EOL);
}
if (stristr($res, "<status") === false) {
// wrong xml! stop here!
notice(t('Unexpected response from remote site: ') . EOL . htmlspecialchars($res) . EOL);
return;
}
$xml = parse_xml_string($res);
$status = (int) $xml->status;
$message = unxmlify($xml->message);
// human readable text of what may have gone wrong.
switch ($status) {
case 0:
info(t("Confirmation completed successfully.") . EOL);
if (strlen($message)) {
notice(t('Remote site reported: ') . $message . EOL);
}
break;
case 1:
// birthday paradox - generate new dfrn-id and fall through.
$new_dfrn_id = random_string();
$r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d", dbesc($new_dfrn_id), intval($contact_id), intval($uid));
case 2:
notice(t("Temporary failure. Please wait and try again.") . EOL);
if (strlen($message)) {
notice(t('Remote site reported: ') . $message . EOL);
}
break;
case 3:
notice(t("Introduction failed or was revoked.") . EOL);
if (strlen($message)) {
notice(t('Remote site reported: ') . $message . EOL);
}
break;
}
if ($status == 0 && $intro_id) {
// Success. Delete the notification.
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d", intval($intro_id), intval($uid));
}
if ($status != 0) {
return;
}
}
/*
*
* We have now established a relationship with the other site.
* Let's make our own personal copy of their profile photo so we don't have
* to always load it from their site.
*
* We will also update the contact record with the nature and scope of the relationship.
*
*/
require_once 'include/Photo.php';
$photos = import_profile_photo($contact['photo'], $uid, $contact_id);
logger('dfrn_confirm: confirm - imported photos');
if ($network === NETWORK_DFRN) {
$new_relation = CONTACT_IS_FOLLOWER;
if ($relation == CONTACT_IS_SHARING || $duplex) {
$new_relation = CONTACT_IS_FRIEND;
}
if ($relation == CONTACT_IS_SHARING && $duplex) {
$duplex = 0;
}
$r = q("UPDATE `contact` SET\n\t\t\t\t`photo` = '%s',\n\t\t\t\t`thumb` = '%s',\n\t\t\t\t`micro` = '%s',\n\t\t\t\t`rel` = %d,\n\t\t\t\t`name-date` = '%s',\n\t\t\t\t`uri-date` = '%s',\n\t\t\t\t`avatar-date` = '%s',\n\t\t\t\t`blocked` = 0,\n\t\t\t\t`pending` = 0,\n\t\t\t\t`duplex` = %d,\n\t\t\t\t`hidden` = %d,\n\t\t\t\t`network` = '%s' WHERE `id` = %d\n\t\t\t", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), intval($new_relation), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($duplex), intval($hidden), dbesc(NETWORK_DFRN), intval($contact_id));
} else {
// $network !== NETWORK_DFRN
$network = $contact['network'] ? $contact['network'] : NETWORK_OSTATUS;
$notify = $contact['notify'] ? $contact['notify'] : '';
$poll = $contact['poll'] ? $contact['poll'] : '';
if (!$contact['notify'] || !$contact['poll']) {
$arr = lrdd($contact['url']);
if (count($arr)) {
foreach ($arr as $link) {
if ($link['@attributes']['rel'] === 'salmon') {
$notify = $link['@attributes']['href'];
}
if ($link['@attributes']['rel'] === NAMESPACE_FEED) {
$poll = $link['@attributes']['href'];
}
}
}
}
$new_relation = $contact['rel'];
$writable = $contact['writable'];
if ($network === NETWORK_DIASPORA) {
if ($duplex) {
$new_relation = CONTACT_IS_FRIEND;
} else {
$new_relation = CONTACT_IS_FOLLOWER;
}
if ($new_relation != CONTACT_IS_FOLLOWER) {
$writable = 1;
}
}
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d", intval($intro_id), intval($uid));
$r = q("UPDATE `contact` SET `photo` = '%s',\n\t\t\t\t`thumb` = '%s',\n\t\t\t\t`micro` = '%s',\n\t\t\t\t`name-date` = '%s',\n\t\t\t\t`uri-date` = '%s',\n\t\t\t\t`avatar-date` = '%s',\n\t\t\t\t`notify` = '%s',\n\t\t\t\t`poll` = '%s',\n\t\t\t\t`blocked` = 0,\n\t\t\t\t`pending` = 0,\n\t\t\t\t`network` = '%s',\n\t\t\t\t`writable` = %d,\n\t\t\t\t`hidden` = %d,\n\t\t\t\t`rel` = %d\n\t\t\t\tWHERE `id` = %d\n\t\t\t", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc($notify), dbesc($poll), dbesc($network), intval($writable), intval($hidden), intval($new_relation), intval($contact_id));
}
if ($r === false) {
notice(t('Unable to set contact photo.') . EOL);
}
// reload contact info
$r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", intval($contact_id));
if (count($r)) {
$contact = $r[0];
} else {
$contact = null;
}
if (isset($new_relation) && $new_relation == CONTACT_IS_FRIEND) {
if ($contact && $contact['network'] === NETWORK_DIASPORA) {
require_once 'include/diaspora.php';
$ret = diaspora_share($user[0], $r[0]);
logger('mod_follow: diaspora_share returns: ' . $ret);
}
// Send a new friend post if we are allowed to...
$r = q("SELECT `hide-friends` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1", intval($uid));
if (count($r) && $r[0]['hide-friends'] == 0 && $activity && !$hidden) {
require_once 'include/items.php';
$self = q("SELECT * FROM `contact` WHERE `self` = 1 AND `uid` = %d LIMIT 1", intval($uid));
if (count($self)) {
$arr = array();
$arr['uri'] = $arr['parent-uri'] = item_new_uri($a->get_hostname(), $uid);
$arr['uid'] = $uid;
$arr['contact-id'] = $self[0]['id'];
$arr['wall'] = 1;
$arr['type'] = 'wall';
$arr['gravity'] = 0;
$arr['origin'] = 1;
$arr['author-name'] = $arr['owner-name'] = $self[0]['name'];
$arr['author-link'] = $arr['owner-link'] = $self[0]['url'];
$arr['author-avatar'] = $arr['owner-avatar'] = $self[0]['thumb'];
$A = '[url=' . $self[0]['url'] . ']' . $self[0]['name'] . '[/url]';
$APhoto = '[url=' . $self[0]['url'] . ']' . '[img]' . $self[0]['thumb'] . '[/img][/url]';
$B = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
$BPhoto = '[url=' . $contact['url'] . ']' . '[img]' . $contact['thumb'] . '[/img][/url]';
$arr['verb'] = ACTIVITY_FRIEND;
$arr['object-type'] = ACTIVITY_OBJ_PERSON;
$arr['body'] = sprintf(t('%1$s is now friends with %2$s'), $A, $B) . "\n\n\n" . $BPhoto;
$arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $contact['name'] . '</title>' . '<id>' . $contact['url'] . '/' . $contact['name'] . '</id>';
$arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $contact['url'] . '" />' . "\n");
$arr['object'] .= xmlify('<link rel="photo" type="image/jpeg" href="' . $contact['thumb'] . '" />' . "\n");
$arr['object'] .= '</link></object>' . "\n";
$arr['last-child'] = 1;
$arr['allow_cid'] = $user[0]['allow_cid'];
$arr['allow_gid'] = $user[0]['allow_gid'];
$arr['deny_cid'] = $user[0]['deny_cid'];
$arr['deny_gid'] = $user[0]['deny_gid'];
$i = item_store($arr);
if ($i) {
proc_run('php', "include/notifier.php", "activity", "{$i}");
}
}
}
}
$g = q("select def_gid from user where uid = %d limit 1", intval($uid));
if ($contact && $g && intval($g[0]['def_gid'])) {
require_once 'include/group.php';
group_add_member($uid, '', $contact['id'], $g[0]['def_gid']);
}
// Let's send our user to the contact editor in case they want to
// do anything special with this new friend.
if ($handsfree === null) {
goaway($a->get_baseurl() . '/contacts/' . intval($contact_id));
} else {
return;
}
//NOTREACHED
}
/**
*
*
* End of Scenario 1. [Local confirmation of remote friend request].
*
* Begin Scenario 2. This is the remote response to the above scenario.
* This will take place on the site that originally initiated the friend request.
* In the section above where the confirming party makes a POST and
* retrieves xml status information, they are communicating with the following code.
*
*/
if (x($_POST, 'source_url')) {
// We are processing an external confirmation to an introduction created by our user.
$public_key = x($_POST, 'public_key') ? $_POST['public_key'] : '';
$dfrn_id = x($_POST, 'dfrn_id') ? hex2bin($_POST['dfrn_id']) : '';
$source_url = x($_POST, 'source_url') ? hex2bin($_POST['source_url']) : '';
$aes_key = x($_POST, 'aes_key') ? $_POST['aes_key'] : '';
$duplex = x($_POST, 'duplex') ? intval($_POST['duplex']) : 0;
$page = x($_POST, 'page') ? intval($_POST['page']) : 0;
$version_id = x($_POST, 'dfrn_version') ? (double) $_POST['dfrn_version'] : 2.0;
$forum = $page == 1 ? 1 : 0;
$prv = $page == 2 ? 1 : 0;
logger('dfrn_confirm: requestee contacted: ' . $node);
logger('dfrn_confirm: request: POST=' . print_r($_POST, true), LOGGER_DATA);
// If $aes_key is set, both of these items require unpacking from the hex transport encoding.
if (x($aes_key)) {
$aes_key = hex2bin($aes_key);
$public_key = hex2bin($public_key);
}
// Find our user's account
$r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", dbesc($node));
if (!count($r)) {
$message = sprintf(t('No user record found for \'%s\' '), $node);
xml_status(3, $message);
// failure
// NOTREACHED
}
$my_prvkey = $r[0]['prvkey'];
$local_uid = $r[0]['uid'];
if (!strstr($my_prvkey, 'PRIVATE KEY')) {
$message = t('Our site encryption key is apparently messed up.');
xml_status(3, $message);
}
// verify everything
$decrypted_source_url = "";
openssl_private_decrypt($source_url, $decrypted_source_url, $my_prvkey);
if (!strlen($decrypted_source_url)) {
$message = t('Empty site URL was provided or URL could not be decrypted by us.');
xml_status(3, $message);
// NOTREACHED
}
$ret = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1", dbesc($decrypted_source_url), intval($local_uid));
if (!count($ret)) {
if (strstr($decrypted_source_url, 'http:')) {
$newurl = str_replace('http:', 'https:', $decrypted_source_url);
} else {
$newurl = str_replace('https:', 'http:', $decrypted_source_url);
}
$ret = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1", dbesc($newurl), intval($local_uid));
if (!count($ret)) {
// this is either a bogus confirmation (?) or we deleted the original introduction.
$message = t('Contact record was not found for you on our site.');
xml_status(3, $message);
return;
// NOTREACHED
}
}
$relation = $ret[0]['rel'];
// Decrypt all this stuff we just received
$foreign_pubkey = $ret[0]['site-pubkey'];
$dfrn_record = $ret[0]['id'];
if (!$foreign_pubkey) {
$message = sprintf(t('Site public key not available in contact record for URL %s.'), $newurl);
xml_status(3, $message);
}
$decrypted_dfrn_id = "";
openssl_public_decrypt($dfrn_id, $decrypted_dfrn_id, $foreign_pubkey);
if (strlen($aes_key)) {
$decrypted_aes_key = "";
openssl_private_decrypt($aes_key, $decrypted_aes_key, $my_prvkey);
$dfrn_pubkey = openssl_decrypt($public_key, 'AES-256-CBC', $decrypted_aes_key);
} else {
$dfrn_pubkey = $public_key;
}
$r = q("SELECT * FROM `contact` WHERE `dfrn-id` = '%s' LIMIT 1", dbesc($decrypted_dfrn_id));
if (count($r)) {
$message = t('The ID provided by your system is a duplicate on our system. It should work if you try again.');
xml_status(1, $message);
// Birthday paradox - duplicate dfrn-id
// NOTREACHED
}
$r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d", dbesc($decrypted_dfrn_id), dbesc($dfrn_pubkey), intval($dfrn_record));
if (!count($r)) {
$message = t('Unable to set your contact credentials on our system.');
xml_status(3, $message);
}
// It's possible that the other person also requested friendship.
// If it is a duplex relationship, ditch the issued-id if one exists.
if ($duplex) {
$r = q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d", intval($dfrn_record));
}
// We're good but now we have to scrape the profile photo and send notifications.
$r = q("SELECT `photo` FROM `contact` WHERE `id` = %d LIMIT 1", intval($dfrn_record));
if (count($r)) {
$photo = $r[0]['photo'];
} else {
$photo = $a->get_baseurl() . '/images/person-175.jpg';
}
require_once "include/Photo.php";
$photos = import_profile_photo($photo, $local_uid, $dfrn_record);
logger('dfrn_confirm: request - photos imported');
$new_relation = CONTACT_IS_SHARING;
if ($relation == CONTACT_IS_FOLLOWER || $duplex) {
$new_relation = CONTACT_IS_FRIEND;
}
if ($relation == CONTACT_IS_FOLLOWER && $duplex) {
$duplex = 0;
}
$r = q("UPDATE `contact` SET\n\t\t\t`photo` = '%s',\n\t\t\t`thumb` = '%s',\n\t\t\t`micro` = '%s',\n\t\t\t`rel` = %d,\n\t\t\t`name-date` = '%s',\n\t\t\t`uri-date` = '%s',\n\t\t\t`avatar-date` = '%s',\n\t\t\t`blocked` = 0,\n\t\t\t`pending` = 0,\n\t\t\t`duplex` = %d,\n\t\t\t`forum` = %d,\n\t\t\t`prv` = %d,\n\t\t\t`network` = '%s' WHERE `id` = %d\n\t\t", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), intval($new_relation), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($duplex), intval($forum), intval($prv), dbesc(NETWORK_DFRN), intval($dfrn_record));
if ($r === false) {
// indicates schema is messed up or total db failure
$message = t('Unable to update your contact profile details on our system');
xml_status(3, $message);
}
// Otherwise everything seems to have worked and we are almost done. Yay!
// Send an email notification
logger('dfrn_confirm: request: info updated');
$r = q("SELECT `contact`.*, `user`.* FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`\n\t\t\tWHERE `contact`.`id` = %d LIMIT 1", intval($dfrn_record));
if (count($r)) {
$combined = $r[0];
}
if (count($r) && $r[0]['notify-flags'] & NOTIFY_CONFIRM) {
$mutual = $new_relation == CONTACT_IS_FRIEND;
notification(array('type' => NOTIFY_CONFIRM, 'notify_flags' => $r[0]['notify-flags'], 'language' => $r[0]['language'], 'to_name' => $r[0]['username'], 'to_email' => $r[0]['email'], 'uid' => $r[0]['uid'], 'link' => $a->get_baseurl() . '/contacts/' . $dfrn_record, 'source_name' => strlen(stripslashes($r[0]['name'])) ? stripslashes($r[0]['name']) : t('[Name Withheld]'), 'source_link' => $r[0]['url'], 'source_photo' => $r[0]['photo'], 'verb' => $mutual ? ACTIVITY_FRIEND : ACTIVITY_FOLLOW, 'otype' => 'intro'));
}
// Send a new friend post if we are allowed to...
if ($page && intval(get_pconfig($local_uid, 'system', 'post_joingroup'))) {
$r = q("SELECT `hide-friends` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1", intval($local_uid));
if (count($r) && $r[0]['hide-friends'] == 0) {
require_once 'include/items.php';
$self = q("SELECT * FROM `contact` WHERE `self` = 1 AND `uid` = %d LIMIT 1", intval($local_uid));
if (count($self)) {
$arr = array();
$arr['uri'] = $arr['parent-uri'] = item_new_uri($a->get_hostname(), $local_uid);
$arr['uid'] = $local_uid;
$arr['contact-id'] = $self[0]['id'];
$arr['wall'] = 1;
$arr['type'] = 'wall';
$arr['gravity'] = 0;
$arr['origin'] = 1;
$arr['author-name'] = $arr['owner-name'] = $self[0]['name'];
$arr['author-link'] = $arr['owner-link'] = $self[0]['url'];
$arr['author-avatar'] = $arr['owner-avatar'] = $self[0]['thumb'];
$A = '[url=' . $self[0]['url'] . ']' . $self[0]['name'] . '[/url]';
$APhoto = '[url=' . $self[0]['url'] . ']' . '[img]' . $self[0]['thumb'] . '[/img][/url]';
$B = '[url=' . $combined['url'] . ']' . $combined['name'] . '[/url]';
$BPhoto = '[url=' . $combined['url'] . ']' . '[img]' . $combined['thumb'] . '[/img][/url]';
$arr['verb'] = ACTIVITY_JOIN;
$arr['object-type'] = ACTIVITY_OBJ_GROUP;
$arr['body'] = sprintf(t('%1$s has joined %2$s'), $A, $B) . "\n\n\n" . $BPhoto;
$arr['object'] = '<object><type>' . ACTIVITY_OBJ_GROUP . '</type><title>' . $combined['name'] . '</title>' . '<id>' . $combined['url'] . '/' . $combined['name'] . '</id>';
$arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $combined['url'] . '" />' . "\n");
$arr['object'] .= xmlify('<link rel="photo" type="image/jpeg" href="' . $combined['thumb'] . '" />' . "\n");
$arr['object'] .= '</link></object>' . "\n";
$arr['last-child'] = 1;
$arr['allow_cid'] = $user[0]['allow_cid'];
$arr['allow_gid'] = $user[0]['allow_gid'];
$arr['deny_cid'] = $user[0]['deny_cid'];
$arr['deny_gid'] = $user[0]['deny_gid'];
$i = item_store($arr);
if ($i) {
proc_run('php', "include/notifier.php", "activity", "{$i}");
}
}
}
}
xml_status(0);
// Success
return;
// NOTREACHED
////////////////////// End of this scenario ///////////////////////////////////////////////
}
// somebody arrived here by mistake or they are fishing. Send them to the homepage.
goaway(z_root());
// NOTREACHED
}
function local_delivery($importer, $data)
{
$a = get_app();
if ($importer['readonly']) {
// We aren't receiving stuff from this person. But we will quietly ignore them
// rather than a blatant "go away" message.
logger('local_delivery: ignoring');
return 0;
//NOTREACHED
}
// Consume notification feed. This may differ from consuming a public feed in several ways
// - might contain email or friend suggestions
// - might contain remote followup to our message
// - in which case we need to accept it and then notify other conversants
// - we may need to send various email notifications
$feed = new SimplePie();
$feed->set_raw_data($data);
$feed->enable_order_by_date(false);
$feed->init();
$reloc = $feed->get_feed_tags(NAMESPACE_DFRN, 'relocate');
if (isset($reloc[0]['child'][NAMESPACE_DFRN])) {
$base = $reloc[0]['child'][NAMESPACE_DFRN];
$newloc = array();
$newloc['uid'] = $importer['importer_uid'];
$newloc['cid'] = $importer['id'];
$newloc['name'] = notags(unxmlify($base['name'][0]['data']));
$newloc['photo'] = notags(unxmlify($base['photo'][0]['data']));
$newloc['url'] = notags(unxmlify($base['url'][0]['data']));
$newloc['request'] = notags(unxmlify($base['request'][0]['data']));
$newloc['confirm'] = notags(unxmlify($base['confirm'][0]['data']));
$newloc['notify'] = notags(unxmlify($base['notify'][0]['data']));
$newloc['poll'] = notags(unxmlify($base['poll'][0]['data']));
$newloc['site-pubkey'] = notags(unxmlify($base['site-pubkey'][0]['data']));
$newloc['pubkey'] = notags(unxmlify($base['pubkey'][0]['data']));
$newloc['prvkey'] = notags(unxmlify($base['prvkey'][0]['data']));
// TODO
// merge with current record, current contents have priority
// update record, set url-updated
// update profile photos
// schedule a scan?
}
// handle friend suggestion notification
$sugg = $feed->get_feed_tags(NAMESPACE_DFRN, 'suggest');
if (isset($sugg[0]['child'][NAMESPACE_DFRN])) {
$base = $sugg[0]['child'][NAMESPACE_DFRN];
$fsugg = array();
$fsugg['uid'] = $importer['importer_uid'];
$fsugg['cid'] = $importer['id'];
$fsugg['name'] = notags(unxmlify($base['name'][0]['data']));
$fsugg['photo'] = notags(unxmlify($base['photo'][0]['data']));
$fsugg['url'] = notags(unxmlify($base['url'][0]['data']));
$fsugg['request'] = notags(unxmlify($base['request'][0]['data']));
$fsugg['body'] = escape_tags(unxmlify($base['note'][0]['data']));
// Does our member already have a friend matching this description?
$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `nurl` = '%s' AND `uid` = %d LIMIT 1", dbesc($fsugg['name']), dbesc(normalise_link($fsugg['url'])), intval($fsugg['uid']));
if (count($r)) {
return 0;
}
// Do we already have an fcontact record for this person?
$fid = 0;
$r = q("SELECT * FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1", dbesc($fsugg['url']), dbesc($fsugg['name']), dbesc($fsugg['request']));
if (count($r)) {
$fid = $r[0]['id'];
}
if (!$fid) {
$r = q("INSERT INTO `fcontact` ( `name`,`url`,`photo`,`request` ) VALUES ( '%s', '%s', '%s', '%s' ) ", dbesc($fsugg['name']), dbesc($fsugg['url']), dbesc($fsugg['photo']), dbesc($fsugg['request']));
}
$r = q("SELECT * FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1", dbesc($fsugg['url']), dbesc($fsugg['name']), dbesc($fsugg['request']));
if (count($r)) {
$fid = $r[0]['id'];
} else {
return 0;
}
$hash = random_string();
$r = q("INSERT INTO `intro` ( `uid`, `fid`, `contact-id`, `note`, `hash`, `datetime`, `blocked` )\n\t\t\tVALUES( %d, %d, %d, '%s', '%s', '%s', %d )", intval($fsugg['uid']), intval($fid), intval($fsugg['cid']), dbesc($fsugg['body']), dbesc($hash), dbesc(datetime_convert()), intval(0));
// TODO - send email notify (which may require a new notification preference)
return 0;
}
$ismail = false;
$rawmail = $feed->get_feed_tags(NAMESPACE_DFRN, 'mail');
if (isset($rawmail[0]['child'][NAMESPACE_DFRN])) {
logger('local_delivery: private message received');
$ismail = true;
$base = $rawmail[0]['child'][NAMESPACE_DFRN];
$msg = array();
$msg['uid'] = $importer['importer_uid'];
$msg['from-name'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['name'][0]['data']));
$msg['from-photo'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['avatar'][0]['data']));
$msg['from-url'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['uri'][0]['data']));
$msg['contact-id'] = $importer['id'];
$msg['title'] = notags(unxmlify($base['subject'][0]['data']));
$msg['body'] = escape_tags(unxmlify($base['content'][0]['data']));
$msg['seen'] = 0;
$msg['replied'] = 0;
$msg['uri'] = notags(unxmlify($base['id'][0]['data']));
$msg['parent-uri'] = notags(unxmlify($base['in-reply-to'][0]['data']));
$msg['created'] = datetime_convert(notags(unxmlify('UTC', 'UTC', $base['sentdate'][0]['data'])));
dbesc_array($msg);
$r = dbq("INSERT INTO `mail` (`" . implode("`, `", array_keys($msg)) . "`) VALUES ('" . implode("', '", array_values($msg)) . "')");
// send email notification if requested.
require_once 'bbcode.php';
if ($importer['notify-flags'] & NOTIFY_MAIL) {
push_lang($importer['language']);
// name of the automated email sender
$msg['notificationfromname'] = t('Administrator');
// noreply address to send from
$msg['notificationfromemail'] = t('noreply') . '@' . $a->get_hostname();
// text version
// process the message body to display properly in text mode
// 1) substitute a \n character for the "\" then "n", so it behaves properly (it doesn't come in as a \n character)
// 2) remove escape slashes
// 3) decode any bbcode from the message editor
// 4) decode any encoded html tags
// 5) remove html tags
$msg['textversion'] = strip_tags(html_entity_decode(bbcode(stripslashes(str_replace(array("\\r\\n", "\\r", "\\n"), "\n", $msg['body']))), ENT_QUOTES, 'UTF-8'));
// html version
// process the message body to display properly in text mode
// 1) substitute a <br /> tag for the "\" then "n", so it behaves properly (it doesn't come in as a \n character)
// 2) remove escape slashes
// 3) decode any bbcode from the message editor
// 4) decode any encoded html tags
$msg['htmlversion'] = html_entity_decode(bbcode(stripslashes(str_replace(array("\\r\\n", "\\r", "\\n\\n", "\\n"), "<br />\n", $msg['body']))));
// load the template for private message notifications
$tpl = get_intltext_template('mail_received_html_body_eml.tpl');
$email_html_body_tpl = replace_macros($tpl, array('$username' => $importer['username'], '$siteName' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$thumb' => $importer['thumb'], '$email' => $importer['email'], '$url' => $importer['url'], '$from' => $msg['from-name'], '$title' => stripslashes($msg['title']), '$htmlversion' => $msg['htmlversion'], '$mimeboundary' => $msg['mimeboundary'], '$hostname' => $a->get_hostname()));
// load the template for private message notifications
$tpl = get_intltext_template('mail_received_text_body_eml.tpl');
$email_text_body_tpl = replace_macros($tpl, array('$username' => $importer['username'], '$siteName' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$thumb' => $importer['thumb'], '$email' => $importer['email'], '$url' => $importer['url'], '$from' => $msg['from-name'], '$title' => stripslashes($msg['title']), '$textversion' => $msg['textversion'], '$mimeboundary' => $msg['mimeboundary'], '$hostname' => $a->get_hostname()));
// use the EmailNotification library to send the message
require_once "include/EmailNotification.php";
EmailNotification::sendTextHtmlEmail($msg['notificationfromname'], $msg['notificationfromemail'], $msg['notificationfromemail'], $importer['email'], t('New mail received at ') . $a->config['sitename'], $email_html_body_tpl, $email_text_body_tpl);
pop_lang();
}
return 0;
// NOTREACHED
}
logger('local_delivery: feed item count = ' . $feed->get_item_quantity());
// process any deleted entries
$del_entries = $feed->get_feed_tags(NAMESPACE_TOMB, 'deleted-entry');
if (is_array($del_entries) && count($del_entries)) {
foreach ($del_entries as $dentry) {
$deleted = false;
if (isset($dentry['attribs']['']['ref'])) {
$uri = $dentry['attribs']['']['ref'];
$deleted = true;
if (isset($dentry['attribs']['']['when'])) {
$when = $dentry['attribs']['']['when'];
$when = datetime_convert('UTC', 'UTC', $when, 'Y-m-d H:i:s');
} else {
$when = datetime_convert('UTC', 'UTC', 'now', 'Y-m-d H:i:s');
}
}
if ($deleted) {
$r = q("SELECT `item`.*, `contact`.`self` FROM `item` left join contact on `item`.`contact-id` = `contact`.`id`\n\t\t\t\t\tWHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d LIMIT 1", dbesc($uri), intval($importer['importer_uid']), intval($importer['id']));
if (count($r)) {
$item = $r[0];
if ($item['deleted']) {
continue;
}
logger('local_delivery: deleting item ' . $item['id'] . ' uri=' . $item['uri'], LOGGER_DEBUG);
if ($item['verb'] === ACTIVITY_TAG && $item['object-type'] === ACTVITY_OBJ_TAGTERM) {
$xo = parse_xml_string($item['object'], false);
$xt = parse_xml_string($item['target'], false);
if ($xt->type === ACTIVITY_OBJ_NOTE) {
$i = q("select * from `item` where uri = '%s' and uid = %d limit 1", dbesc($xt->id), intval($importer['importer_uid']));
if (count($i)) {
// For tags, the owner cannot remove the tag on the author's copy of the post.
$owner_remove = $item['contact-id'] == $i[0]['contact-id'] ? true : false;
$author_remove = $item['origin'] && $item['self'] ? true : false;
$author_copy = $item['origin'] ? true : false;
if ($owner_remove && $author_copy) {
continue;
}
if ($author_remove || $owner_remove) {
$tags = explode(',', $i[0]['tag']);
$newtags = array();
if (count($tags)) {
foreach ($tags as $tag) {
if (trim($tag) !== trim($xo->body)) {
$newtags[] = trim($tag);
}
}
}
q("update item set tag = '%s' where id = %d limit 1", dbesc(implode(',', $newtags)), intval($i[0]['id']));
}
}
}
}
if ($item['uri'] == $item['parent-uri']) {
$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s'\n\t\t\t\t\t\t\tWHERE `parent-uri` = '%s' AND `uid` = %d", dbesc($when), dbesc(datetime_convert()), dbesc($item['uri']), intval($importer['importer_uid']));
} else {
$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s' \n\t\t\t\t\t\t\tWHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($when), dbesc(datetime_convert()), dbesc($uri), intval($importer['importer_uid']));
if ($item['last-child']) {
// ensure that last-child is set in case the comment that had it just got wiped.
q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d ", dbesc(datetime_convert()), dbesc($item['parent-uri']), intval($item['uid']));
// who is the last child now?
$r = q("SELECT `id` FROM `item` WHERE `parent-uri` = '%s' AND `type` != 'activity' AND `deleted` = 0 AND `uid` = %d\n\t\t\t\t\t\t\t\tORDER BY `created` DESC LIMIT 1", dbesc($item['parent-uri']), intval($importer['importer_uid']));
if (count($r)) {
q("UPDATE `item` SET `last-child` = 1 WHERE `id` = %d LIMIT 1", intval($r[0]['id']));
}
}
}
}
}
}
}
foreach ($feed->get_items() as $item) {
$is_reply = false;
$item_id = $item->get_id();
$rawthread = $item->get_item_tags(NAMESPACE_THREAD, 'in-reply-to');
if (isset($rawthread[0]['attribs']['']['ref'])) {
$is_reply = true;
$parent_uri = $rawthread[0]['attribs']['']['ref'];
}
if ($is_reply) {
$community = false;
if ($importer['page-flags'] == PAGE_COMMUNITY) {
$sql_extra = '';
$community = true;
logger('local_delivery: community reply');
} else {
$sql_extra = " and contact.self = 1 and item.wall = 1 ";
}
// was the top-level post for this reply written by somebody on this site?
// Specifically, the recipient?
$r = q("select `item`.`id`, `item`.`uri`, `item`.`tag`, \n\t\t\t\t`contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item` \n\t\t\t\tLEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` \n\t\t\t\tWHERE `item`.`uri` = '%s' AND `item`.`parent-uri` = '%s'\n\t\t\t\tAND `item`.`uid` = %d \n\t\t\t\t{$sql_extra}\n\t\t\t\tLIMIT 1", dbesc($parent_uri), dbesc($parent_uri), intval($importer['importer_uid']));
if ($r && count($r)) {
logger('local_delivery: received remote comment');
$is_like = false;
// remote reply to our post. Import and then notify everybody else.
$datarray = get_atom_elements($feed, $item);
// TODO: make this next part work against both delivery threads of a community post
// if((! link_compare($datarray['author-link'],$importer['url'])) && (! $community)) {
// logger('local_delivery: received relay claiming to be from ' . $importer['url'] . ' however comment author url is ' . $datarray['author-link'] );
// they won't know what to do so don't report an error. Just quietly die.
// return 0;
// }
$datarray['type'] = 'remote-comment';
$datarray['wall'] = 1;
$datarray['parent-uri'] = $parent_uri;
$datarray['uid'] = $importer['importer_uid'];
$datarray['owner-name'] = $r[0]['name'];
$datarray['owner-link'] = $r[0]['url'];
$datarray['owner-avatar'] = $r[0]['thumb'];
$datarray['contact-id'] = $importer['id'];
if ($datarray['verb'] === ACTIVITY_LIKE || $datarray['verb'] === ACTIVITY_DISLIKE) {
$is_like = true;
$datarray['type'] = 'activity';
$datarray['gravity'] = GRAVITY_LIKE;
$datarray['last-child'] = 0;
}
if ($datarray['verb'] === ACTIVITY_TAG && $datarray['object-type'] === ACTIVITY_OBJ_TAGTERM) {
$xo = parse_xml_string($datarray['object'], false);
$xt = parse_xml_string($datarray['target'], false);
if ($xt->type == ACTIVITY_OBJ_NOTE && $xt->id == $r[0]['uri']) {
// extract tag, if not duplicate, and this user allows tags, add to parent item
if ($xo->id && $xo->content) {
$newtag = '#[url=' . $xo->id . ']' . $xo->content . '[/url]';
if (!stristr($r[0]['tag'], $newtag)) {
$i = q("SELECT `blocktags` FROM `user` where `uid` = %d LIMIT 1", intval($importer['importer_uid']));
if (count($i) && !$i[0]['blocktags']) {
q("UPDATE item SET tag = '%s' WHERE id = %d LIMIT 1", dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . $newtag), intval($r[0]['id']));
}
}
}
}
}
// if($community) {
// $newtag = '@[url=' . $a->get_baseurl() . '/profile/' . $importer['nickname'] . ']' . $importer['username'] . '[/url]';
// if(! stristr($datarray['tag'],$newtag)) {
// if(strlen($datarray['tag']))
// $datarray['tag'] .= ',';
// $datarray['tag'] .= $newtag;
// }
// }
$posted_id = item_store($datarray);
$parent = 0;
if ($posted_id) {
$r = q("SELECT `parent` FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($posted_id), intval($importer['importer_uid']));
if (count($r)) {
$parent = $r[0]['parent'];
}
if (!$is_like) {
$r1 = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `uid` = %d AND `parent` = %d", dbesc(datetime_convert()), intval($importer['importer_uid']), intval($r[0]['parent']));
$r2 = q("UPDATE `item` SET `last-child` = 1, `changed` = '%s' WHERE `uid` = %d AND `id` = %d LIMIT 1", dbesc(datetime_convert()), intval($importer['importer_uid']), intval($posted_id));
}
if ($posted_id && $parent) {
proc_run('php', "include/notifier.php", "comment-import", "{$posted_id}");
if (!$is_like && $importer['notify-flags'] & NOTIFY_COMMENT && !$importer['self']) {
push_lang($importer['language']);
require_once 'bbcode.php';
$from = stripslashes($datarray['author-name']);
// name of the automated email sender
$msg['notificationfromname'] = stripslashes($datarray['author-name']);
// noreply address to send from
$msg['notificationfromemail'] = t('noreply') . '@' . $a->get_hostname();
// text version
// process the message body to display properly in text mode
$msg['textversion'] = html_entity_decode(strip_tags(bbcode(stripslashes($datarray['body']))), ENT_QUOTES, 'UTF-8');
// html version
// process the message body to display properly in text mode
$msg['htmlversion'] = html_entity_decode(bbcode(stripslashes(str_replace(array("\\r\\n", "\\r", "\\n\\n", "\\n"), "<br />\n", $datarray['body']))));
$imgtouse = link_compare($datarray['author-link'], $importer['url']) ? $importer['thumb'] : $datarray['author-avatar'];
// load the template for private message notifications
$tpl = get_intltext_template('cmnt_received_html_body_eml.tpl');
$email_html_body_tpl = replace_macros($tpl, array('$username' => $importer['username'], '$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$thumb' => $imgtouse, '$email' => $importer['email'], '$url' => $datarray['author-link'], '$from' => $from, '$body' => $msg['htmlversion'], '$display' => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $posted_id));
// load the template for private message notifications
$tpl = get_intltext_template('cmnt_received_text_body_eml.tpl');
$email_text_body_tpl = replace_macros($tpl, array('$username' => $importer['username'], '$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$thumb' => $imgtouse, '$email' => $importer['email'], '$url' => $datarray['author-link'], '$from' => $from, '$body' => $msg['textversion'], '$display' => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $posted_id));
// use the EmailNotification library to send the message
require_once "include/EmailNotification.php";
EmailNotification::sendTextHtmlEmail($msg['notificationfromname'], t("Administrator") . '@' . $a->get_hostname(), t("noreply") . '@' . $a->get_hostname(), $importer['email'], sprintf(t('%s commented on an item at %s'), $from, $a->config['sitename']), $email_html_body_tpl, $email_text_body_tpl);
pop_lang();
}
}
return 0;
// NOTREACHED
}
} else {
// regular comment that is part of this total conversation. Have we seen it? If not, import it.
$item_id = $item->get_id();
$datarray = get_atom_elements($feed, $item);
$r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['importer_uid']));
// Update content if 'updated' changes
if (count($r)) {
if (x($datarray, 'edited') !== false && datetime_convert('UTC', 'UTC', $datarray['edited']) !== $r[0]['edited']) {
$r = q("UPDATE `item` SET `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($datarray['body']), dbesc(datetime_convert('UTC', 'UTC', $datarray['edited'])), dbesc($item_id), intval($importer['importer_uid']));
}
// update last-child if it changes
$allow = $item->get_item_tags(NAMESPACE_DFRN, 'comment-allow');
if ($allow && $allow[0]['data'] != $r[0]['last-child']) {
$r = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d", dbesc(datetime_convert()), dbesc($parent_uri), intval($importer['importer_uid']));
$r = q("UPDATE `item` SET `last-child` = %d , `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", intval($allow[0]['data']), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
}
continue;
}
$datarray['parent-uri'] = $parent_uri;
$datarray['uid'] = $importer['importer_uid'];
$datarray['contact-id'] = $importer['id'];
if ($datarray['verb'] == ACTIVITY_LIKE || $datarray['verb'] == ACTIVITY_DISLIKE) {
$datarray['type'] = 'activity';
$datarray['gravity'] = GRAVITY_LIKE;
}
if ($datarray['verb'] === ACTIVITY_TAG && $datarray['object-type'] === ACTIVITY_OBJ_TAGTERM) {
$xo = parse_xml_string($datarray['object'], false);
$xt = parse_xml_string($datarray['target'], false);
if ($xt->type == ACTIVITY_OBJ_NOTE) {
$r = q("select * from item where `uri` = '%s' AND `uid` = %d limit 1", dbesc($xt->id), intval($importer['importer_uid']));
if (!count($r)) {
continue;
}
// extract tag, if not duplicate, add to parent item
if ($xo->content) {
if (!stristr($r[0]['tag'], trim($xo->content))) {
q("UPDATE item SET tag = '%s' WHERE id = %d LIMIT 1", dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[url=' . $xo->id . ']' . $xo->content . '[/url]'), intval($r[0]['id']));
}
}
}
}
$posted_id = item_store($datarray);
// find out if our user is involved in this conversation and wants to be notified.
if ($datarray['type'] != 'activity' && $importer['notify-flags'] & NOTIFY_COMMENT) {
$myconv = q("SELECT `author-link`, `author-avatar` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d AND `parent` != 0 ", dbesc($parent_uri), intval($importer['importer_uid']));
if (count($myconv)) {
$importer_url = $a->get_baseurl() . '/profile/' . $importer['nickname'];
foreach ($myconv as $conv) {
if (!link_compare($conv['author-link'], $importer_url)) {
continue;
}
push_lang($importer['language']);
require_once 'bbcode.php';
$from = stripslashes($datarray['author-name']);
// name of the automated email sender
$msg['notificationfromname'] = stripslashes($datarray['author-name']);
// noreply address to send from
$msg['notificationfromemail'] = t('noreply') . '@' . $a->get_hostname();
// text version
// process the message body to display properly in text mode
$msg['textversion'] = html_entity_decode(strip_tags(bbcode(stripslashes($datarray['body']))), ENT_QUOTES, 'UTF-8');
// html version
// process the message body to display properly in text mode
$msg['htmlversion'] = html_entity_decode(bbcode(stripslashes(str_replace(array("\\r\\n", "\\r", "\\n\\n", "\\n"), "<br />\n", $datarray['body']))));
$imgtouse = link_compare($datarray['author-link'], $importer['url']) ? $importer['thumb'] : $datarray['author-avatar'];
// load the template for private message notifications
$tpl = get_intltext_template('cmnt_received_html_body_eml.tpl');
$email_html_body_tpl = replace_macros($tpl, array('$username' => $importer['username'], '$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$thumb' => $imgtouse, '$url' => $datarray['author-link'], '$from' => $from, '$body' => $msg['htmlversion'], '$display' => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $posted_id));
// load the template for private message notifications
$tpl = get_intltext_template('cmnt_received_text_body_eml.tpl');
$email_text_body_tpl = replace_macros($tpl, array('$username' => $importer['username'], '$sitename' => $a->config['sitename'], '$siteurl' => $a->get_baseurl(), '$thumb' => $imgtouse, '$url' => $datarray['author-link'], '$from' => $from, '$body' => $msg['textversion'], '$display' => $a->get_baseurl() . '/display/' . $importer['nickname'] . '/' . $posted_id));
// use the EmailNotification library to send the message
require_once "include/EmailNotification.php";
EmailNotification::sendTextHtmlEmail($msg['notificationfromname'], t("Administrator@") . $a->get_hostname(), t("noreply") . '@' . $a->get_hostname(), $importer['email'], sprintf(t('%s commented on an item at %s'), $from, $a->config['sitename']), $email_html_body_tpl, $email_text_body_tpl);
pop_lang();
break;
}
}
}
continue;
}
} else {
// Head post of a conversation. Have we seen it? If not, import it.
$item_id = $item->get_id();
$datarray = get_atom_elements($feed, $item);
if (x($datarray, 'object-type') && $datarray['object-type'] === ACTIVITY_OBJ_EVENT) {
$ev = bbtoevent($datarray['body']);
if (x($ev, 'desc') && x($ev, 'start')) {
$ev['cid'] = $importer['id'];
$ev['uid'] = $importer['uid'];
$ev['uri'] = $item_id;
$ev['edited'] = $datarray['edited'];
$ev['private'] = $datarray['private'];
$r = q("SELECT * FROM `event` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['uid']));
if (count($r)) {
$ev['id'] = $r[0]['id'];
}
$xyz = event_store($ev);
continue;
}
}
$r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['importer_uid']));
// Update content if 'updated' changes
if (count($r)) {
if (x($datarray, 'edited') !== false && datetime_convert('UTC', 'UTC', $datarray['edited']) !== $r[0]['edited']) {
$r = q("UPDATE `item` SET `body` = '%s', `edited` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($datarray['body']), dbesc(datetime_convert('UTC', 'UTC', $datarray['edited'])), dbesc($item_id), intval($importer['importer_uid']));
}
// update last-child if it changes
$allow = $item->get_item_tags(NAMESPACE_DFRN, 'comment-allow');
if ($allow && $allow[0]['data'] != $r[0]['last-child']) {
$r = q("UPDATE `item` SET `last-child` = %d , `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", intval($allow[0]['data']), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
}
continue;
}
// This is my contact on another system, but it's really me.
// Turn this into a wall post.
if ($contact['remote_self']) {
$datarray['wall'] = 1;
}
$datarray['parent-uri'] = $item_id;
$datarray['uid'] = $importer['importer_uid'];
$datarray['contact-id'] = $importer['id'];
$r = item_store($datarray);
continue;
}
}
return 0;
// NOTREACHED
}
function diaspora_get_body($xml)
{
if (array_key_exists('raw_message', $xml)) {
return unxmlify($xml['raw_message']);
} elseif (array_key_exists('text', $xml)) {
return unxmlify($xml['text']);
} else {
return '';
}
}
function content_content(&$a, $update = 0)
{
require_once 'include/conversation.php';
// Currently security is based on the logged in user
if (!local_user()) {
return;
}
$arr = array('query' => $a->query_string);
call_hooks('content_content_init', $arr);
$datequery = $datequery2 = '';
$group = 0;
$nouveau = false;
if ($a->argc > 1) {
for ($x = 1; $x < $a->argc; $x++) {
if (is_a_date_arg($a->argv[$x])) {
if ($datequery) {
$datequery2 = escape_tags($a->argv[$x]);
} else {
$datequery = escape_tags($a->argv[$x]);
$_GET['order'] = 'post';
}
} elseif ($a->argv[$x] === 'new') {
$nouveau = true;
} elseif (intval($a->argv[$x])) {
$group = intval($a->argv[$x]);
$def_acl = array('allow_gid' => '<' . $group . '>');
}
}
}
$o = '';
$contact_id = $a->cid;
require_once 'include/acl_selectors.php';
$cid = x($_GET, 'cid') ? intval($_GET['cid']) : 0;
$star = x($_GET, 'star') ? intval($_GET['star']) : 0;
$bmark = x($_GET, 'bmark') ? intval($_GET['bmark']) : 0;
$order = x($_GET, 'order') ? notags($_GET['order']) : 'comment';
$liked = x($_GET, 'liked') ? intval($_GET['liked']) : 0;
$conv = x($_GET, 'conv') ? intval($_GET['conv']) : 0;
$spam = x($_GET, 'spam') ? intval($_GET['spam']) : 0;
$nets = x($_GET, 'nets') ? $_GET['nets'] : '';
$cmin = x($_GET, 'cmin') ? intval($_GET['cmin']) : 0;
$cmax = x($_GET, 'cmax') ? intval($_GET['cmax']) : 99;
$file = x($_GET, 'file') ? $_GET['file'] : '';
if (x($_GET, 'search') || x($_GET, 'file')) {
$nouveau = true;
}
if ($cid) {
$def_acl = array('allow_cid' => '<' . intval($cid) . '>');
}
if ($nets) {
$r = q("select id from contact where uid = %d and network = '%s' and self = 0", intval(local_user()), dbesc($nets));
$str = '';
if (count($r)) {
foreach ($r as $rr) {
$str .= '<' . $rr['id'] . '>';
}
}
if (strlen($str)) {
$def_acl = array('allow_cid' => $str);
}
}
$sql_options = $star ? " and starred = 1 " : '';
$sql_options .= $bmark ? " and bookmark = 1 " : '';
$sql_nets = $nets ? sprintf(" and `contact`.`network` = '%s' ", dbesc($nets)) : '';
$sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` {$sql_options} ) ";
if ($group) {
$r = q("SELECT `name`, `id` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($group), intval($_SESSION['uid']));
if (!count($r)) {
if ($update) {
killme();
}
notice(t('No such group') . EOL);
goaway($a->get_baseurl(true) . '/network');
// NOTREACHED
}
$contacts = expand_groups(array($group));
if (is_array($contacts) && count($contacts)) {
$contact_str = implode(',', $contacts);
} else {
$contact_str = ' 0 ';
info(t('Group is empty'));
}
$sql_extra = " AND `item`.`parent` IN ( SELECT DISTINCT(`parent`) FROM `item` WHERE 1 {$sql_options} AND ( `contact-id` IN ( {$contact_str} ) OR `allow_gid` like '" . protect_sprintf('%<' . intval($group) . '>%') . "' ) and deleted = 0 ) ";
$o = replace_macros(get_markup_template("section_title.tpl"), array('$title' => sprintf(t('Group: %s'), $r[0]['name']))) . $o;
} elseif ($cid) {
$r = q("SELECT `id`,`name`,`network`,`writable`,`nurl` FROM `contact` WHERE `id` = %d \n\t\t\t\tAND `blocked` = 0 AND `pending` = 0 LIMIT 1", intval($cid));
if (count($r)) {
$sql_extra = " AND `item`.`parent` IN ( SELECT DISTINCT(`parent`) FROM `item` WHERE 1 {$sql_options} AND `contact-id` = " . intval($cid) . " and deleted = 0 ) ";
} else {
killme();
}
}
$sql_extra3 = '';
if ($datequery) {
$sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery))));
}
if ($datequery2) {
$sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2))));
}
$sql_extra2 = $nouveau ? '' : " AND `item`.`parent` = `item`.`id` ";
$sql_extra3 = $nouveau ? '' : $sql_extra3;
$sql_table = "`item`";
if (x($_GET, 'search')) {
$search = escape_tags($_GET['search']);
if (strpos($search, '#') === 0) {
$tag = true;
$search = substr($search, 1);
}
if (get_config('system', 'only_tag_search')) {
$tag = true;
}
if ($tag) {
//$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d ",
// dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
//$sql_table = "`term` INNER JOIN `item` ON `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` ";
$sql_extra = "";
$sql_table = sprintf("`item` INNER JOIN (SELECT `oid` FROM `term` WHERE `term` = '%s' AND `otype` = %d AND `type` = %d AND `uid` = %d ORDER BY `tid` DESC) AS `term` ON `item`.`id` = `term`.`oid` ", dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG), intval(local_user()));
} else {
if (get_config('system', 'use_fulltext_engine')) {
$sql_extra = sprintf(" AND MATCH (`item`.`body`, `item`.`title`) AGAINST ('%s' in boolean mode) ", dbesc(protect_sprintf($search)));
} else {
$sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search))));
}
}
}
if (strlen($file)) {
$sql_extra .= file_tag_file_query('item', unxmlify($file));
}
if ($conv) {
$myurl = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
$myurl = substr($myurl, strpos($myurl, '://') + 3);
$myurl = str_replace('www.', '', $myurl);
$diasp_url = str_replace('/profile/', '/u/', $myurl);
$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where `author-link` IN ('https://%s', 'http://%s') OR `mention`)", dbesc(protect_sprintf($myurl)), dbesc(protect_sprintf($myurl)));
}
$pager_sql = sprintf(" LIMIT %d, %d ", intval($a->pager['start']), intval($a->pager['itemspage']));
if ($nouveau) {
// "New Item View" - show all items unthreaded in reverse created date order
$items = q("SELECT `item`.*, `item`.`id` AS `item_id`,\n\t\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`,\n\t\t\t`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,\n\t\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`\n\t\t\tFROM {$sql_table} INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1\n\t\t\tAND `item`.`deleted` = 0 and `item`.`moderated` = 0\n\t\t\t{$simple_update}\n\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t{$sql_extra} {$sql_nets}\n\t\t\tORDER BY `item`.`received` DESC {$pager_sql} ", intval($_SESSION['uid']));
} else {
// Normal conversation view
if ($order === 'post') {
$ordering = "`created`";
} else {
$ordering = "`commented`";
}
$start = dba_timer();
$r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact_uid`\n\t\t\tFROM {$sql_table} INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\t\tAND `item`.`moderated` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\tAND `item`.`parent` = `item`.`id`\n\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets}\n\t\t\tORDER BY `item`.{$ordering} DESC {$pager_sql} ", intval(local_user()));
$first = dba_timer();
// Then fetch all the children of the parents that are on this page
$parents_arr = array();
$parents_str = '';
if (count($r)) {
foreach ($r as $rr) {
if (!in_array($rr['item_id'], $parents_arr)) {
$parents_arr[] = $rr['item_id'];
}
}
$parents_str = implode(', ', $parents_arr);
$items = q("SELECT `item`.*, `item`.`id` AS `item_id`,\n\t\t\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`, `contact`.`writable`,\n\t\t\t\t`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,\n\t\t\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`\n\t\t\t\tFROM {$sql_table} INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\t\t\tAND `item`.`moderated` = 0\n\t\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t\tAND `item`.`parent` IN ( %s )\n\t\t\t\t{$sql_extra} ", intval(local_user()), dbesc($parents_str));
$second = dba_timer();
$items = conv_sort($items, $ordering);
} else {
$items = array();
}
}
logger('parent dba_timer: ' . sprintf('%01.4f', $first - $start));
logger('child dba_timer: ' . sprintf('%01.4f', $second - $first));
// Set this so that the conversation function can find out contact info for our wall-wall items
$a->page_contact = $a->contact;
$mode = $nouveau ? 'network-new' : 'network';
$o = render_content($a, $items, $mode, false);
header('Content-type: application/json');
echo json_encode($o);
killme();
}
function feed_meta($xml)
{
require_once 'library/simplepie/simplepie.inc';
$ret = array();
if (!strlen($xml)) {
logger('empty input');
return $ret;
}
$feed = new SimplePie();
$feed->set_raw_data($xml);
$feed->init();
if ($feed->error()) {
logger('Error parsing XML: ' . $feed->error());
return $ret;
}
$ret['hubs'] = $feed->get_links('hub');
// logger('consume_feed: hubs: ' . print_r($hubs,true), LOGGER_DATA);
$author = array();
$found_author = $feed->get_author();
if ($found_author) {
$author['author_name'] = unxmlify($found_author->get_name());
$author['author_link'] = unxmlify($found_author->get_link());
$rawauthor = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
logger('rawauthor: ' . print_r($rawauthor, true));
if ($rawauthor) {
if ($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link']) {
$base = $rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'];
foreach ($base as $link) {
if (!x($author, 'author_photo') || !$author['author_photo']) {
if ($link['attribs']['']['rel'] === 'photo' || $link['attribs']['']['rel'] === 'avatar') {
$author['author_photo'] = unxmlify($link['attribs']['']['href']);
break;
}
}
}
}
if ($rawauthor[0]['child'][NAMESPACE_POCO]['displayName'][0]['data']) {
$author['full_name'] = unxmlify($rawauthor[0]['child'][NAMESPACE_POCO]['displayName'][0]['data']);
}
if ($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']) {
$author['author_uri'] = unxmlify($rawauthor[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']);
}
}
}
if (substr($author['author_link'], -1, 1) == '/') {
$author['author_link'] = substr($author['author_link'], 0, -1);
}
$ret['author'] = $author;
return $ret;
}
function local_delivery($importer, $data)
{
$a = get_app();
logger(__FUNCTION__, LOGGER_TRACE);
if ($importer['readonly']) {
// We aren't receiving stuff from this person. But we will quietly ignore them
// rather than a blatant "go away" message.
logger('local_delivery: ignoring');
return 0;
//NOTREACHED
}
// Consume notification feed. This may differ from consuming a public feed in several ways
// - might contain email or friend suggestions
// - might contain remote followup to our message
// - in which case we need to accept it and then notify other conversants
// - we may need to send various email notifications
$feed = new SimplePie();
$feed->set_raw_data($data);
$feed->enable_order_by_date(false);
$feed->init();
if ($feed->error()) {
logger('local_delivery: Error parsing XML: ' . $feed->error());
}
// Check at the feed level for updated contact name and/or photo
$name_updated = '';
$new_name = '';
$photo_timestamp = '';
$photo_url = '';
$contact_updated = '';
$rawtags = $feed->get_feed_tags(NAMESPACE_DFRN, 'owner');
// Fallback should not be needed here. If it isn't DFRN it won't have DFRN updated tags
// if(! $rawtags)
// $rawtags = $feed->get_feed_tags( SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
if ($rawtags) {
$elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
if ($elems['name'][0]['attribs'][NAMESPACE_DFRN]['updated']) {
$name_updated = $elems['name'][0]['attribs'][NAMESPACE_DFRN]['updated'];
$new_name = $elems['name'][0]['data'];
// Manually checking for changed contact names
if ($new_name != $importer['name'] and $new_name != "" and $name_updated <= $importer['name-date']) {
$name_updated = date("c");
$photo_timestamp = date("c");
}
}
if (x($elems, 'link') && $elems['link'][0]['attribs']['']['rel'] === 'photo' && $elems['link'][0]['attribs'][NAMESPACE_DFRN]['updated']) {
if ($photo_timestamp == "") {
$photo_timestamp = datetime_convert('UTC', 'UTC', $elems['link'][0]['attribs'][NAMESPACE_DFRN]['updated']);
}
$photo_url = $elems['link'][0]['attribs']['']['href'];
}
}
if ($photo_timestamp && strlen($photo_url) && $photo_timestamp > $importer['avatar-date']) {
$contact_updated = $photo_timestamp;
logger('local_delivery: Updating photo for ' . $importer['name']);
require_once "include/Photo.php";
$photos = import_profile_photo($photo_url, $importer['importer_uid'], $importer['id']);
q("UPDATE `contact` SET `avatar-date` = '%s', `photo` = '%s', `thumb` = '%s', `micro` = '%s'\n\t\t\tWHERE `uid` = %d AND `id` = %d AND NOT `self`", dbesc(datetime_convert()), dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), intval($importer['importer_uid']), intval($importer['id']));
}
if ($name_updated && strlen($new_name) && $name_updated > $importer['name-date']) {
if ($name_updated > $contact_updated) {
$contact_updated = $name_updated;
}
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `id` = %d LIMIT 1", intval($importer['importer_uid']), intval($importer['id']));
$x = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s' WHERE `uid` = %d AND `id` = %d AND `name` != '%s' AND NOT `self`", dbesc(notags(trim($new_name))), dbesc(datetime_convert()), intval($importer['importer_uid']), intval($importer['id']), dbesc(notags(trim($new_name))));
// do our best to update the name on content items
if (count($r) and notags(trim($new_name)) != $r[0]['name']) {
q("UPDATE `item` SET `author-name` = '%s' WHERE `author-name` = '%s' AND `author-link` = '%s' AND `uid` = %d AND `author-name` != '%s'", dbesc(notags(trim($new_name))), dbesc($r[0]['name']), dbesc($r[0]['url']), intval($importer['importer_uid']), dbesc(notags(trim($new_name))));
}
}
if ($contact_updated and $new_name and $photo_url) {
poco_check($importer['url'], $new_name, NETWORK_DFRN, $photo_url, "", "", "", "", "", $contact_updated, 2, $importer['id'], $importer['importer_uid']);
}
// Currently unsupported - needs a lot of work
$reloc = $feed->get_feed_tags(NAMESPACE_DFRN, 'relocate');
if (isset($reloc[0]['child'][NAMESPACE_DFRN])) {
$base = $reloc[0]['child'][NAMESPACE_DFRN];
$newloc = array();
$newloc['uid'] = $importer['importer_uid'];
$newloc['cid'] = $importer['id'];
$newloc['name'] = notags(unxmlify($base['name'][0]['data']));
$newloc['photo'] = notags(unxmlify($base['photo'][0]['data']));
$newloc['thumb'] = notags(unxmlify($base['thumb'][0]['data']));
$newloc['micro'] = notags(unxmlify($base['micro'][0]['data']));
$newloc['url'] = notags(unxmlify($base['url'][0]['data']));
$newloc['request'] = notags(unxmlify($base['request'][0]['data']));
$newloc['confirm'] = notags(unxmlify($base['confirm'][0]['data']));
$newloc['notify'] = notags(unxmlify($base['notify'][0]['data']));
$newloc['poll'] = notags(unxmlify($base['poll'][0]['data']));
$newloc['sitepubkey'] = notags(unxmlify($base['sitepubkey'][0]['data']));
/** relocated user must have original key pair */
/*$newloc['pubkey'] = notags(unxmlify($base['pubkey'][0]['data']));
$newloc['prvkey'] = notags(unxmlify($base['prvkey'][0]['data']));*/
logger("items:relocate contact " . print_r($newloc, true) . print_r($importer, true), LOGGER_DEBUG);
// update contact
$r = q("SELECT photo, url FROM contact WHERE id=%d AND uid=%d;", intval($importer['id']), intval($importer['importer_uid']));
if ($r === false) {
return 1;
}
$old = $r[0];
$x = q("UPDATE contact SET\n\t\t\t\t\tname = '%s',\n\t\t\t\t\tphoto = '%s',\n\t\t\t\t\tthumb = '%s',\n\t\t\t\t\tmicro = '%s',\n\t\t\t\t\turl = '%s',\n\t\t\t\t\tnurl = '%s',\n\t\t\t\t\trequest = '%s',\n\t\t\t\t\tconfirm = '%s',\n\t\t\t\t\tnotify = '%s',\n\t\t\t\t\tpoll = '%s',\n\t\t\t\t\t`site-pubkey` = '%s'\n\t\t\tWHERE id=%d AND uid=%d;", dbesc($newloc['name']), dbesc($newloc['photo']), dbesc($newloc['thumb']), dbesc($newloc['micro']), dbesc($newloc['url']), dbesc(normalise_link($newloc['url'])), dbesc($newloc['request']), dbesc($newloc['confirm']), dbesc($newloc['notify']), dbesc($newloc['poll']), dbesc($newloc['sitepubkey']), intval($importer['id']), intval($importer['importer_uid']));
if ($x === false) {
return 1;
}
// update items
$fields = array('owner-link' => array($old['url'], $newloc['url']), 'author-link' => array($old['url'], $newloc['url']), 'owner-avatar' => array($old['photo'], $newloc['photo']), 'author-avatar' => array($old['photo'], $newloc['photo']));
foreach ($fields as $n => $f) {
$x = q("UPDATE `item` SET `%s`='%s' WHERE `%s`='%s' AND uid=%d", $n, dbesc($f[1]), $n, dbesc($f[0]), intval($importer['importer_uid']));
if ($x === false) {
return 1;
}
}
// TODO
// merge with current record, current contents have priority
// update record, set url-updated
// update profile photos
// schedule a scan?
return 0;
}
// handle friend suggestion notification
$sugg = $feed->get_feed_tags(NAMESPACE_DFRN, 'suggest');
if (isset($sugg[0]['child'][NAMESPACE_DFRN])) {
$base = $sugg[0]['child'][NAMESPACE_DFRN];
$fsugg = array();
$fsugg['uid'] = $importer['importer_uid'];
$fsugg['cid'] = $importer['id'];
$fsugg['name'] = notags(unxmlify($base['name'][0]['data']));
$fsugg['photo'] = notags(unxmlify($base['photo'][0]['data']));
$fsugg['url'] = notags(unxmlify($base['url'][0]['data']));
$fsugg['request'] = notags(unxmlify($base['request'][0]['data']));
$fsugg['body'] = escape_tags(unxmlify($base['note'][0]['data']));
// Does our member already have a friend matching this description?
$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `nurl` = '%s' AND `uid` = %d LIMIT 1", dbesc($fsugg['name']), dbesc(normalise_link($fsugg['url'])), intval($fsugg['uid']));
if (count($r)) {
return 0;
}
// Do we already have an fcontact record for this person?
$fid = 0;
$r = q("SELECT * FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1", dbesc($fsugg['url']), dbesc($fsugg['name']), dbesc($fsugg['request']));
if (count($r)) {
$fid = $r[0]['id'];
// OK, we do. Do we already have an introduction for this person ?
$r = q("select id from intro where uid = %d and fid = %d limit 1", intval($fsugg['uid']), intval($fid));
if (count($r)) {
return 0;
}
}
if (!$fid) {
$r = q("INSERT INTO `fcontact` ( `name`,`url`,`photo`,`request` ) VALUES ( '%s', '%s', '%s', '%s' ) ", dbesc($fsugg['name']), dbesc($fsugg['url']), dbesc($fsugg['photo']), dbesc($fsugg['request']));
}
$r = q("SELECT * FROM `fcontact` WHERE `url` = '%s' AND `name` = '%s' AND `request` = '%s' LIMIT 1", dbesc($fsugg['url']), dbesc($fsugg['name']), dbesc($fsugg['request']));
if (count($r)) {
$fid = $r[0]['id'];
} else {
return 0;
}
$hash = random_string();
$r = q("INSERT INTO `intro` ( `uid`, `fid`, `contact-id`, `note`, `hash`, `datetime`, `blocked` )\n\t\t\tVALUES( %d, %d, %d, '%s', '%s', '%s', %d )", intval($fsugg['uid']), intval($fid), intval($fsugg['cid']), dbesc($fsugg['body']), dbesc($hash), dbesc(datetime_convert()), intval(0));
notification(array('type' => NOTIFY_SUGGEST, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $fsugg, 'link' => $a->get_baseurl() . '/notifications/intros', 'source_name' => $importer['name'], 'source_link' => $importer['url'], 'source_photo' => $importer['photo'], 'verb' => ACTIVITY_REQ_FRIEND, 'otype' => 'intro'));
return 0;
}
$ismail = false;
$rawmail = $feed->get_feed_tags(NAMESPACE_DFRN, 'mail');
if (isset($rawmail[0]['child'][NAMESPACE_DFRN])) {
logger('local_delivery: private message received');
$ismail = true;
$base = $rawmail[0]['child'][NAMESPACE_DFRN];
$msg = array();
$msg['uid'] = $importer['importer_uid'];
$msg['from-name'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['name'][0]['data']));
$msg['from-photo'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['avatar'][0]['data']));
$msg['from-url'] = notags(unxmlify($base['sender'][0]['child'][NAMESPACE_DFRN]['uri'][0]['data']));
$msg['contact-id'] = $importer['id'];
$msg['title'] = notags(unxmlify($base['subject'][0]['data']));
$msg['body'] = escape_tags(unxmlify($base['content'][0]['data']));
$msg['seen'] = 0;
$msg['replied'] = 0;
$msg['uri'] = notags(unxmlify($base['id'][0]['data']));
$msg['parent-uri'] = notags(unxmlify($base['in-reply-to'][0]['data']));
$msg['created'] = datetime_convert(notags(unxmlify('UTC', 'UTC', $base['sentdate'][0]['data'])));
dbesc_array($msg);
$r = dbq("INSERT INTO `mail` (`" . implode("`, `", array_keys($msg)) . "`) VALUES ('" . implode("', '", array_values($msg)) . "')");
// send notifications.
require_once 'include/enotify.php';
$notif_params = array('type' => NOTIFY_MAIL, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $msg, 'source_name' => $msg['from-name'], 'source_link' => $importer['url'], 'source_photo' => $importer['thumb'], 'verb' => ACTIVITY_POST, 'otype' => 'mail');
notification($notif_params);
return 0;
// NOTREACHED
}
$community_page = 0;
$rawtags = $feed->get_feed_tags(NAMESPACE_DFRN, 'community');
if ($rawtags) {
$community_page = intval($rawtags[0]['data']);
}
if (intval($importer['forum']) != $community_page) {
q("update contact set forum = %d where id = %d", intval($community_page), intval($importer['id']));
$importer['forum'] = (string) $community_page;
}
logger('local_delivery: feed item count = ' . $feed->get_item_quantity());
// process any deleted entries
$del_entries = $feed->get_feed_tags(NAMESPACE_TOMB, 'deleted-entry');
if (is_array($del_entries) && count($del_entries)) {
foreach ($del_entries as $dentry) {
$deleted = false;
if (isset($dentry['attribs']['']['ref'])) {
$uri = $dentry['attribs']['']['ref'];
$deleted = true;
if (isset($dentry['attribs']['']['when'])) {
$when = $dentry['attribs']['']['when'];
$when = datetime_convert('UTC', 'UTC', $when, 'Y-m-d H:i:s');
} else {
$when = datetime_convert('UTC', 'UTC', 'now', 'Y-m-d H:i:s');
}
}
if ($deleted) {
// check for relayed deletes to our conversation
$is_reply = false;
$r = q("select * from item where uri = '%s' and uid = %d limit 1", dbesc($uri), intval($importer['importer_uid']));
if (count($r)) {
$parent_uri = $r[0]['parent-uri'];
if ($r[0]['id'] != $r[0]['parent']) {
$is_reply = true;
}
}
if ($is_reply) {
$community = false;
if ($importer['page-flags'] == PAGE_COMMUNITY || $importer['page-flags'] == PAGE_PRVGROUP) {
$sql_extra = '';
$community = true;
logger('local_delivery: possible community delete');
} else {
$sql_extra = " and contact.self = 1 and item.wall = 1 ";
}
// was the top-level post for this reply written by somebody on this site?
// Specifically, the recipient?
$is_a_remote_delete = false;
// POSSIBLE CLEANUP --> Why select so many fields when only forum_mode and wall are used?
$r = q("select `item`.`id`, `item`.`uri`, `item`.`tag`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`,\n\t\t\t\t\t\t`contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item`\n\t\t\t\t\t\tINNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t\t\t\tWHERE `item`.`uri` = '%s' AND (`item`.`parent-uri` = '%s' or `item`.`thr-parent` = '%s')\n\t\t\t\t\t\tAND `item`.`uid` = %d\n\t\t\t\t\t\t{$sql_extra}\n\t\t\t\t\t\tLIMIT 1", dbesc($parent_uri), dbesc($parent_uri), dbesc($parent_uri), intval($importer['importer_uid']));
if ($r && count($r)) {
$is_a_remote_delete = true;
}
// Does this have the characteristics of a community or private group comment?
// If it's a reply to a wall post on a community/prvgroup page it's a
// valid community comment. Also forum_mode makes it valid for sure.
// If neither, it's not.
if ($is_a_remote_delete && $community) {
if (!$r[0]['forum_mode'] && !$r[0]['wall']) {
$is_a_remote_delete = false;
logger('local_delivery: not a community delete');
}
}
if ($is_a_remote_delete) {
logger('local_delivery: received remote delete');
}
}
$r = q("SELECT `item`.*, `contact`.`self` FROM `item` INNER JOIN contact on `item`.`contact-id` = `contact`.`id`\n\t\t\t\t\tWHERE `uri` = '%s' AND `item`.`uid` = %d AND `contact-id` = %d AND NOT `item`.`file` LIKE '%%[%%' LIMIT 1", dbesc($uri), intval($importer['importer_uid']), intval($importer['id']));
if (count($r)) {
$item = $r[0];
if ($item['deleted']) {
continue;
}
logger('local_delivery: deleting item ' . $item['id'] . ' uri=' . $item['uri'], LOGGER_DEBUG);
if ($item['object-type'] === ACTIVITY_OBJ_EVENT) {
logger("Deleting event " . $item['event-id'], LOGGER_DEBUG);
event_delete($item['event-id']);
}
if ($item['verb'] === ACTIVITY_TAG && $item['object-type'] === ACTIVITY_OBJ_TAGTERM) {
$xo = parse_xml_string($item['object'], false);
$xt = parse_xml_string($item['target'], false);
if ($xt->type === ACTIVITY_OBJ_NOTE) {
$i = q("select * from `item` where uri = '%s' and uid = %d limit 1", dbesc($xt->id), intval($importer['importer_uid']));
if (count($i)) {
// For tags, the owner cannot remove the tag on the author's copy of the post.
$owner_remove = $item['contact-id'] == $i[0]['contact-id'] ? true : false;
$author_remove = $item['origin'] && $item['self'] ? true : false;
$author_copy = $item['origin'] ? true : false;
if ($owner_remove && $author_copy) {
continue;
}
if ($author_remove || $owner_remove) {
$tags = explode(',', $i[0]['tag']);
$newtags = array();
if (count($tags)) {
foreach ($tags as $tag) {
if (trim($tag) !== trim($xo->body)) {
$newtags[] = trim($tag);
}
}
}
q("update item set tag = '%s' where id = %d", dbesc(implode(',', $newtags)), intval($i[0]['id']));
create_tags_from_item($i[0]['id']);
}
}
}
}
if ($item['uri'] == $item['parent-uri']) {
$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s',\n\t\t\t\t\t\t\t`body` = '', `title` = ''\n\t\t\t\t\t\t\tWHERE `parent-uri` = '%s' AND `uid` = %d", dbesc($when), dbesc(datetime_convert()), dbesc($item['uri']), intval($importer['importer_uid']));
create_tags_from_itemuri($item['uri'], $importer['importer_uid']);
create_files_from_itemuri($item['uri'], $importer['importer_uid']);
update_thread_uri($item['uri'], $importer['importer_uid']);
} else {
$r = q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s',\n\t\t\t\t\t\t\t`body` = '', `title` = ''\n\t\t\t\t\t\t\tWHERE `uri` = '%s' AND `uid` = %d", dbesc($when), dbesc(datetime_convert()), dbesc($uri), intval($importer['importer_uid']));
create_tags_from_itemuri($uri, $importer['importer_uid']);
create_files_from_itemuri($uri, $importer['importer_uid']);
update_thread_uri($uri, $importer['importer_uid']);
if ($item['last-child']) {
// ensure that last-child is set in case the comment that had it just got wiped.
q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d ", dbesc(datetime_convert()), dbesc($item['parent-uri']), intval($item['uid']));
// who is the last child now?
$r = q("SELECT `id` FROM `item` WHERE `parent-uri` = '%s' AND `type` != 'activity' AND `deleted` = 0 AND `uid` = %d\n\t\t\t\t\t\t\t\tORDER BY `created` DESC LIMIT 1", dbesc($item['parent-uri']), intval($importer['importer_uid']));
if (count($r)) {
q("UPDATE `item` SET `last-child` = 1 WHERE `id` = %d", intval($r[0]['id']));
}
}
// if this is a relayed delete, propagate it to other recipients
if ($is_a_remote_delete) {
proc_run('php', "include/notifier.php", "drop", $item['id']);
}
}
}
}
}
}
foreach ($feed->get_items() as $item) {
$is_reply = false;
$item_id = $item->get_id();
$rawthread = $item->get_item_tags(NAMESPACE_THREAD, 'in-reply-to');
if (isset($rawthread[0]['attribs']['']['ref'])) {
$is_reply = true;
$parent_uri = $rawthread[0]['attribs']['']['ref'];
}
if ($is_reply) {
$community = false;
if ($importer['page-flags'] == PAGE_COMMUNITY || $importer['page-flags'] == PAGE_PRVGROUP) {
$sql_extra = '';
$community = true;
logger('local_delivery: possible community reply');
} else {
$sql_extra = " and contact.self = 1 and item.wall = 1 ";
}
// was the top-level post for this reply written by somebody on this site?
// Specifically, the recipient?
$is_a_remote_comment = false;
$top_uri = $parent_uri;
$r = q("select `item`.`parent-uri` from `item`\n\t\t\t\tWHERE `item`.`uri` = '%s'\n\t\t\t\tLIMIT 1", dbesc($parent_uri));
if ($r && count($r)) {
$top_uri = $r[0]['parent-uri'];
// POSSIBLE CLEANUP --> Why select so many fields when only forum_mode and wall are used?
$r = q("select `item`.`id`, `item`.`uri`, `item`.`tag`, `item`.`forum_mode`,`item`.`origin`,`item`.`wall`,\n\t\t\t\t\t`contact`.`name`, `contact`.`url`, `contact`.`thumb` from `item`\n\t\t\t\t\tINNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t\t\tWHERE `item`.`uri` = '%s' AND (`item`.`parent-uri` = '%s' or `item`.`thr-parent` = '%s')\n\t\t\t\t\tAND `item`.`uid` = %d\n\t\t\t\t\t{$sql_extra}\n\t\t\t\t\tLIMIT 1", dbesc($top_uri), dbesc($top_uri), dbesc($top_uri), intval($importer['importer_uid']));
if ($r && count($r)) {
$is_a_remote_comment = true;
}
}
// Does this have the characteristics of a community or private group comment?
// If it's a reply to a wall post on a community/prvgroup page it's a
// valid community comment. Also forum_mode makes it valid for sure.
// If neither, it's not.
if ($is_a_remote_comment && $community) {
if (!$r[0]['forum_mode'] && !$r[0]['wall']) {
$is_a_remote_comment = false;
logger('local_delivery: not a community reply');
}
}
if ($is_a_remote_comment) {
logger('local_delivery: received remote comment');
$is_like = false;
// remote reply to our post. Import and then notify everybody else.
$datarray = get_atom_elements($feed, $item);
$r = q("SELECT `id`, `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['importer_uid']));
// Update content if 'updated' changes
if (count($r)) {
$iid = $r[0]['id'];
if (edited_timestamp_is_newer($r[0], $datarray)) {
// do not accept (ignore) an earlier edit than one we currently have.
if (datetime_convert('UTC', 'UTC', $datarray['edited']) < $r[0]['edited']) {
continue;
}
logger('received updated comment', LOGGER_DEBUG);
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s', `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d", dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['tag']), dbesc(datetime_convert('UTC', 'UTC', $datarray['edited'])), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
create_tags_from_itemuri($item_id, $importer['importer_uid']);
proc_run('php', "include/notifier.php", "comment-import", $iid);
}
continue;
}
$own = q("select name,url,thumb from contact where uid = %d and self = 1 limit 1", intval($importer['importer_uid']));
$datarray['type'] = 'remote-comment';
$datarray['wall'] = 1;
$datarray['parent-uri'] = $parent_uri;
$datarray['uid'] = $importer['importer_uid'];
$datarray['owner-name'] = $own[0]['name'];
$datarray['owner-link'] = $own[0]['url'];
$datarray['owner-avatar'] = $own[0]['thumb'];
$datarray['contact-id'] = $importer['id'];
if ($datarray['verb'] === ACTIVITY_LIKE || $datarray['verb'] === ACTIVITY_DISLIKE || $datarray['verb'] === ACTIVITY_ATTEND || $datarray['verb'] === ACTIVITY_ATTENDNO || $datarray['verb'] === ACTIVITY_ATTENDMAYBE) {
$is_like = true;
$datarray['type'] = 'activity';
$datarray['gravity'] = GRAVITY_LIKE;
$datarray['last-child'] = 0;
// only one like or dislike per person
// splitted into two queries for performance issues
$r = q("select id from item where uid = %d and `contact-id` = %d and verb = '%s' and (`parent-uri` = '%s') and deleted = 0 limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']), dbesc($datarray['parent-uri']));
if ($r && count($r)) {
continue;
}
$r = q("select id from item where uid = %d and `contact-id` = %d and verb = '%s' and (`thr-parent` = '%s') and deleted = 0 limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']), dbesc($datarray['parent-uri']));
if ($r && count($r)) {
continue;
}
}
if ($datarray['verb'] === ACTIVITY_TAG && $datarray['object-type'] === ACTIVITY_OBJ_TAGTERM) {
$xo = parse_xml_string($datarray['object'], false);
$xt = parse_xml_string($datarray['target'], false);
if ($xt->type == ACTIVITY_OBJ_NOTE && $xt->id) {
// fetch the parent item
$tagp = q("select * from item where uri = '%s' and uid = %d limit 1", dbesc($xt->id), intval($importer['importer_uid']));
if (!count($tagp)) {
continue;
}
// extract tag, if not duplicate, and this user allows tags, add to parent item
if ($xo->id && $xo->content) {
$newtag = '#[url=' . $xo->id . ']' . $xo->content . '[/url]';
if (!stristr($tagp[0]['tag'], $newtag)) {
$i = q("SELECT `blocktags` FROM `user` where `uid` = %d LIMIT 1", intval($importer['importer_uid']));
if (count($i) && !intval($i[0]['blocktags'])) {
q("UPDATE item SET tag = '%s', `edited` = '%s', `changed` = '%s' WHERE id = %d", dbesc($tagp[0]['tag'] . (strlen($tagp[0]['tag']) ? ',' : '') . $newtag), intval($tagp[0]['id']), dbesc(datetime_convert()), dbesc(datetime_convert()));
create_tags_from_item($tagp[0]['id']);
}
}
}
}
}
$posted_id = item_store($datarray);
$parent = 0;
if ($posted_id) {
$datarray["id"] = $posted_id;
$r = q("SELECT `parent`, `parent-uri` FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($posted_id), intval($importer['importer_uid']));
if (count($r)) {
$parent = $r[0]['parent'];
$parent_uri = $r[0]['parent-uri'];
}
if (!$is_like) {
$r1 = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `uid` = %d AND `parent` = %d", dbesc(datetime_convert()), intval($importer['importer_uid']), intval($r[0]['parent']));
$r2 = q("UPDATE `item` SET `last-child` = 1, `changed` = '%s' WHERE `uid` = %d AND `id` = %d", dbesc(datetime_convert()), intval($importer['importer_uid']), intval($posted_id));
}
if ($posted_id && $parent) {
proc_run('php', "include/notifier.php", "comment-import", "{$posted_id}");
if (!$is_like && !$importer['self']) {
require_once 'include/enotify.php';
notification(array('type' => NOTIFY_COMMENT, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . urlencode(get_item_guid($posted_id)), 'source_name' => stripslashes($datarray['author-name']), 'source_link' => $datarray['author-link'], 'source_photo' => link_compare($datarray['author-link'], $importer['url']) ? $importer['thumb'] : $datarray['author-avatar'], 'verb' => ACTIVITY_POST, 'otype' => 'item', 'parent' => $parent, 'parent_uri' => $parent_uri));
}
}
return 0;
// NOTREACHED
}
} else {
// regular comment that is part of this total conversation. Have we seen it? If not, import it.
$item_id = $item->get_id();
$datarray = get_atom_elements($feed, $item);
if ($importer['rel'] == CONTACT_IS_FOLLOWER) {
continue;
}
$r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['importer_uid']));
// Update content if 'updated' changes
if (count($r)) {
if (edited_timestamp_is_newer($r[0], $datarray)) {
// do not accept (ignore) an earlier edit than one we currently have.
if (datetime_convert('UTC', 'UTC', $datarray['edited']) < $r[0]['edited']) {
continue;
}
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s', `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d", dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['tag']), dbesc(datetime_convert('UTC', 'UTC', $datarray['edited'])), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
create_tags_from_itemuri($item_id, $importer['importer_uid']);
}
// update last-child if it changes
$allow = $item->get_item_tags(NAMESPACE_DFRN, 'comment-allow');
if ($allow && $allow[0]['data'] != $r[0]['last-child']) {
$r = q("UPDATE `item` SET `last-child` = 0, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d", dbesc(datetime_convert()), dbesc($parent_uri), intval($importer['importer_uid']));
$r = q("UPDATE `item` SET `last-child` = %d , `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d", intval($allow[0]['data']), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
}
continue;
}
$datarray['parent-uri'] = $parent_uri;
$datarray['uid'] = $importer['importer_uid'];
$datarray['contact-id'] = $importer['id'];
if ($datarray['verb'] === ACTIVITY_LIKE || $datarray['verb'] === ACTIVITY_DISLIKE || $datarray['verb'] === ACTIVITY_ATTEND || $datarray['verb'] === ACTIVITY_ATTENDNO || $datarray['verb'] === ACTIVITY_ATTENDMAYBE) {
$datarray['type'] = 'activity';
$datarray['gravity'] = GRAVITY_LIKE;
// only one like or dislike per person
// splitted into two queries for performance issues
$r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`parent-uri` = '%s') limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']), dbesc($parent_uri));
if ($r && count($r)) {
continue;
}
$r = q("select id from item where uid = %d and `contact-id` = %d and verb ='%s' and deleted = 0 and (`thr-parent` = '%s') limit 1", intval($datarray['uid']), intval($datarray['contact-id']), dbesc($datarray['verb']), dbesc($parent_uri));
if ($r && count($r)) {
continue;
}
}
if ($datarray['verb'] === ACTIVITY_TAG && $datarray['object-type'] === ACTIVITY_OBJ_TAGTERM) {
$xo = parse_xml_string($datarray['object'], false);
$xt = parse_xml_string($datarray['target'], false);
if ($xt->type == ACTIVITY_OBJ_NOTE) {
$r = q("select * from item where `uri` = '%s' AND `uid` = %d limit 1", dbesc($xt->id), intval($importer['importer_uid']));
if (!count($r)) {
continue;
}
// extract tag, if not duplicate, add to parent item
if ($xo->content) {
if (!stristr($r[0]['tag'], trim($xo->content))) {
q("UPDATE item SET tag = '%s' WHERE id = %d", dbesc($r[0]['tag'] . (strlen($r[0]['tag']) ? ',' : '') . '#[url=' . $xo->id . ']' . $xo->content . '[/url]'), intval($r[0]['id']));
create_tags_from_item($r[0]['id']);
}
}
}
}
$posted_id = item_store($datarray);
// find out if our user is involved in this conversation and wants to be notified.
if (!x($datarray['type']) || $datarray['type'] != 'activity') {
$myconv = q("SELECT `author-link`, `author-avatar`, `parent` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d AND `parent` != 0 AND `deleted` = 0", dbesc($top_uri), intval($importer['importer_uid']));
if (count($myconv)) {
$importer_url = $a->get_baseurl() . '/profile/' . $importer['nickname'];
// first make sure this isn't our own post coming back to us from a wall-to-wall event
if (!link_compare($datarray['author-link'], $importer_url)) {
foreach ($myconv as $conv) {
// now if we find a match, it means we're in this conversation
if (!link_compare($conv['author-link'], $importer_url)) {
continue;
}
require_once 'include/enotify.php';
$conv_parent = $conv['parent'];
notification(array('type' => NOTIFY_COMMENT, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . urlencode(get_item_guid($posted_id)), 'source_name' => stripslashes($datarray['author-name']), 'source_link' => $datarray['author-link'], 'source_photo' => link_compare($datarray['author-link'], $importer['url']) ? $importer['thumb'] : $datarray['author-avatar'], 'verb' => ACTIVITY_POST, 'otype' => 'item', 'parent' => $conv_parent, 'parent_uri' => $parent_uri));
// only send one notification
break;
}
}
}
}
continue;
}
} else {
// Head post of a conversation. Have we seen it? If not, import it.
$item_id = $item->get_id();
$datarray = get_atom_elements($feed, $item);
if (x($datarray, 'object-type') && $datarray['object-type'] === ACTIVITY_OBJ_EVENT) {
$ev = bbtoevent($datarray['body']);
if ((x($ev, 'desc') || x($ev, 'summary')) && x($ev, 'start')) {
$ev['cid'] = $importer['id'];
$ev['uid'] = $importer['uid'];
$ev['uri'] = $item_id;
$ev['edited'] = $datarray['edited'];
$ev['private'] = $datarray['private'];
$ev['guid'] = $datarray['guid'];
$r = q("SELECT * FROM `event` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['uid']));
if (count($r)) {
$ev['id'] = $r[0]['id'];
}
$xyz = event_store($ev);
continue;
}
}
$r = q("SELECT `uid`, `last-child`, `edited`, `body` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($item_id), intval($importer['importer_uid']));
// Update content if 'updated' changes
if (count($r)) {
if (edited_timestamp_is_newer($r[0], $datarray)) {
// do not accept (ignore) an earlier edit than one we currently have.
if (datetime_convert('UTC', 'UTC', $datarray['edited']) < $r[0]['edited']) {
continue;
}
$r = q("UPDATE `item` SET `title` = '%s', `body` = '%s', `tag` = '%s', `edited` = '%s', `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d", dbesc($datarray['title']), dbesc($datarray['body']), dbesc($datarray['tag']), dbesc(datetime_convert('UTC', 'UTC', $datarray['edited'])), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
create_tags_from_itemuri($item_id, $importer['importer_uid']);
update_thread_uri($item_id, $importer['importer_uid']);
}
// update last-child if it changes
$allow = $item->get_item_tags(NAMESPACE_DFRN, 'comment-allow');
if ($allow && $allow[0]['data'] != $r[0]['last-child']) {
$r = q("UPDATE `item` SET `last-child` = %d , `changed` = '%s' WHERE `uri` = '%s' AND `uid` = %d", intval($allow[0]['data']), dbesc(datetime_convert()), dbesc($item_id), intval($importer['importer_uid']));
}
continue;
}
$datarray['parent-uri'] = $item_id;
$datarray['uid'] = $importer['importer_uid'];
$datarray['contact-id'] = $importer['id'];
if (!link_compare($datarray['owner-link'], $importer['url'])) {
// The item owner info is not our contact. It's OK and is to be expected if this is a tgroup delivery,
// but otherwise there's a possible data mixup on the sender's system.
// the tgroup delivery code called from item_store will correct it if it's a forum,
// but we're going to unconditionally correct it here so that the post will always be owned by our contact.
logger('local_delivery: Correcting item owner.', LOGGER_DEBUG);
$datarray['owner-name'] = $importer['senderName'];
$datarray['owner-link'] = $importer['url'];
$datarray['owner-avatar'] = $importer['thumb'];
}
if ($importer['rel'] == CONTACT_IS_FOLLOWER && !tgroup_check($importer['importer_uid'], $datarray)) {
continue;
}
// This is my contact on another system, but it's really me.
// Turn this into a wall post.
$notify = item_is_remote_self($importer, $datarray);
$posted_id = item_store($datarray, false, $notify);
if (stristr($datarray['verb'], ACTIVITY_POKE)) {
$verb = urldecode(substr($datarray['verb'], strpos($datarray['verb'], '#') + 1));
if (!$verb) {
continue;
}
$xo = parse_xml_string($datarray['object'], false);
if ($xo->type == ACTIVITY_OBJ_PERSON && $xo->id) {
// somebody was poked/prodded. Was it me?
$links = parse_xml_string("<links>" . unxmlify($xo->link) . "</links>", false);
foreach ($links->link as $l) {
$atts = $l->attributes();
switch ($atts['rel']) {
case "alternate":
$Blink = $atts['href'];
break;
default:
break;
}
}
if ($Blink && link_compare($Blink, $a->get_baseurl() . '/profile/' . $importer['nickname'])) {
// send a notification
require_once 'include/enotify.php';
notification(array('type' => NOTIFY_POKE, 'notify_flags' => $importer['notify-flags'], 'language' => $importer['language'], 'to_name' => $importer['username'], 'to_email' => $importer['email'], 'uid' => $importer['importer_uid'], 'item' => $datarray, 'link' => $a->get_baseurl() . '/display/' . urlencode(get_item_guid($posted_id)), 'source_name' => stripslashes($datarray['author-name']), 'source_link' => $datarray['author-link'], 'source_photo' => link_compare($datarray['author-link'], $importer['url']) ? $importer['thumb'] : $datarray['author-avatar'], 'verb' => $datarray['verb'], 'otype' => 'person', 'activity' => $verb, 'parent' => $datarray['parent']));
}
}
}
continue;
}
}
return 0;
// NOTREACHED
}
function diaspora_get_recipient($xml)
{
if (array_key_exists('recipient_handle', $xml)) {
return unxmlify($xml['recipient_handle']);
} elseif (array_key_exists('recipient', $xml)) {
return unxmlify($xml['recipient']);
} else {
return '';
}
}
function discover_by_url($url, $arr = null)
{
require_once 'library/HTML5/Parser.php';
$x = scrape_feed($url);
if (!$x) {
if (!$arr) {
return false;
}
$network = $arr['network'] ? $arr['network'] : 'unknown';
$name = $arr['name'] ? $arr['name'] : 'unknown';
$photo = $arr['photo'] ? $arr['photo'] : '';
$addr = $arr['addr'] ? $arr['addr'] : '';
$guid = $url;
}
$profile = $url;
logger('scrape_feed results: ' . print_r($x, true));
if ($x['feed_atom']) {
$guid = $x['feed_atom'];
}
if ($x['feed_rss']) {
$guid = $x['feed_rss'];
}
if (!$guid) {
return false;
}
// try and discover stuff from the feeed
require_once 'library/simplepie/simplepie.inc';
$feed = new SimplePie();
$level = 0;
$x = z_fetch_url($guid, false, $level, array('novalidate' => true));
if (!$x['success']) {
logger('probe_url: feed fetch failed for ' . $poll);
return false;
}
$xml = $x['body'];
logger('probe_url: fetch feed: ' . $guid . ' returns: ' . $xml, LOGGER_DATA);
logger('probe_url: scrape_feed: headers: ' . $x['header'], LOGGER_DATA);
// Don't try and parse an empty string
$feed->set_raw_data($xml ? $xml : '<?xml version="1.0" encoding="utf-8" ?><xml></xml>');
$feed->init();
if ($feed->error()) {
logger('probe_url: scrape_feed: Error parsing XML: ' . $feed->error());
}
$name = unxmlify(trim($feed->get_title()));
$photo = $feed->get_image_url();
$author = $feed->get_author();
if ($author) {
if (!$name) {
$name = unxmlify(trim($author->get_name()));
}
if (!$name) {
$name = trim(unxmlify($author->get_email()));
if (strpos($name, '@') !== false) {
$name = substr($name, 0, strpos($name, '@'));
}
}
if (!$profile && $author->get_link()) {
$profile = trim(unxmlify($author->get_link()));
}
if (!$photo) {
$rawtags = $feed->get_feed_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
if ($rawtags) {
$elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
if (x($elems, 'link') && $elems['link'][0]['attribs']['']['rel'] === 'photo') {
$photo = $elems['link'][0]['attribs']['']['href'];
}
}
}
} else {
$item = $feed->get_item(0);
if ($item) {
$author = $item->get_author();
if ($author) {
if (!$name) {
$name = trim(unxmlify($author->get_name()));
if (!$name) {
$name = trim(unxmlify($author->get_email()));
}
if (strpos($name, '@') !== false) {
$name = substr($name, 0, strpos($name, '@'));
}
}
if (!$profile && $author->get_link()) {
$profile = trim(unxmlify($author->get_link()));
}
}
if (!$photo) {
$rawmedia = $item->get_item_tags('http://search.yahoo.com/mrss/', 'thumbnail');
if ($rawmedia && $rawmedia[0]['attribs']['']['url']) {
$photo = unxmlify($rawmedia[0]['attribs']['']['url']);
}
}
if (!$photo) {
$rawtags = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
if ($rawtags) {
$elems = $rawtags[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10];
if (x($elems, 'link') && $elems['link'][0]['attribs']['']['rel'] === 'photo') {
$photo = $elems['link'][0]['attribs']['']['href'];
}
}
}
}
}
if ($poll === $profile) {
$lnk = $feed->get_permalink();
}
if (isset($lnk) && strlen($lnk)) {
$profile = $lnk;
}
if (!$network) {
$network = 'rss';
}
if (!$name) {
$name = notags($feed->get_description());
}
if (!$guid) {
return false;
}
$r = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($guid));
if ($r) {
return true;
}
if (!$photo) {
$photo = z_root() . '/images/rss_icon.png';
}
$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_pubkey, xchan_addr, xchan_url, xchan_name, xchan_network, xchan_instance_url, xchan_name_date ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s') ", dbesc($guid), dbesc($guid), dbesc($pubkey), dbesc($addr), dbesc($profile), dbesc($name), dbesc($network), dbesc(z_root()), dbesc(datetime_convert()));
$photos = import_xchan_photo($photo, $guid);
$r = q("update xchan set xchan_photo_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s'", dbesc(datetime_convert()), dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), dbesc($photos[3]), dbesc($guid));
return true;
}
/**
* Render actions localized
*/
function localize_item(&$item)
{
$xmlhead = "<" . "?xml version='1.0' encoding='UTF-8' ?" . ">";
if ($item['verb'] === ACTIVITY_LIKE || $item['verb'] === ACTIVITY_DISLIKE) {
$r = q("SELECT * from `item`,`contact` WHERE \n\t\t\t\t`item`.`contact-id`=`contact`.`id` AND `item`.`uri`='%s';", dbesc($item['parent-uri']));
if (count($r) == 0) {
return;
}
$obj = $r[0];
$author = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
$objauthor = '[url=' . $obj['author-link'] . ']' . $obj['author-name'] . '[/url]';
switch ($obj['verb']) {
case ACTIVITY_POST:
switch ($obj['object-type']) {
case ACTIVITY_OBJ_EVENT:
$post_type = t('event');
break;
default:
$post_type = t('status');
}
break;
default:
if ($obj['resource-id']) {
$post_type = t('photo');
$m = array();
preg_match("/\\[url=([^]]*)\\]/", $obj['body'], $m);
$rr['plink'] = $m[1];
} else {
$post_type = t('status');
}
}
$plink = '[url=' . $obj['plink'] . ']' . $post_type . '[/url]';
switch ($item['verb']) {
case ACTIVITY_LIKE:
$bodyverb = t('%1$s likes %2$s\'s %3$s');
break;
case ACTIVITY_DISLIKE:
$bodyverb = t('%1$s doesn\'t like %2$s\'s %3$s');
break;
}
$item['body'] = sprintf($bodyverb, $author, $objauthor, $plink);
}
if ($item['verb'] === ACTIVITY_FRIEND) {
if ($item['object-type'] == "" || $item['object-type'] !== ACTIVITY_OBJ_PERSON) {
return;
}
$Aname = $item['author-name'];
$Alink = $item['author-link'];
$xmlhead = "<" . "?xml version='1.0' encoding='UTF-8' ?" . ">";
$obj = parse_xml_string($xmlhead . $item['object']);
$links = parse_xml_string($xmlhead . "<links>" . unxmlify($obj->link) . "</links>");
$Bname = $obj->title;
$Blink = "";
$Bphoto = "";
foreach ($links->link as $l) {
$atts = $l->attributes();
switch ($atts['rel']) {
case "alternate":
$Blink = $atts['href'];
case "photo":
$Bphoto = $atts['href'];
}
}
$A = '[url=' . $Alink . ']' . $Aname . '[/url]';
$B = '[url=' . $Blink . ']' . $Bname . '[/url]';
if ($Bphoto != "") {
$Bphoto = '[url=' . $Blink . '][img]' . $Bphoto . '[/img][/url]';
}
$item['body'] = sprintf(t('%1$s is now friends with %2$s'), $A, $B) . "\n\n\n" . $Bphoto;
}
if ($item['verb'] === ACTIVITY_TAG) {
$r = q("SELECT * from `item`,`contact` WHERE \n\t\t`item`.`contact-id`=`contact`.`id` AND `item`.`uri`='%s';", dbesc($item['parent-uri']));
if (count($r) == 0) {
return;
}
$obj = $r[0];
$author = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
$objauthor = '[url=' . $obj['author-link'] . ']' . $obj['author-name'] . '[/url]';
switch ($obj['verb']) {
case ACTIVITY_POST:
switch ($obj['object-type']) {
case ACTIVITY_OBJ_EVENT:
$post_type = t('event');
break;
default:
$post_type = t('status');
}
break;
default:
if ($obj['resource-id']) {
$post_type = t('photo');
$m = array();
preg_match("/\\[url=([^]]*)\\]/", $obj['body'], $m);
$rr['plink'] = $m[1];
} else {
$post_type = t('status');
}
}
$plink = '[url=' . $obj['plink'] . ']' . $post_type . '[/url]';
$parsedobj = parse_xml_string($xmlhead . $item['object']);
$tag = sprintf('#[url=%s]%s[/url]', $parsedobj->id, $parsedobj->content);
$item['body'] = sprintf(t('%1$s tagged %2$s\'s %3$s with %4$s'), $author, $objauthor, $plink, $tag);
}
}
function get_atom_elements($item)
{
require_once 'library/HTMLPurifier.auto.php';
require_once 'include/html2bbcode.php';
$res = array();
$raw_author = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'author');
if ($raw_author) {
if ($raw_author[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'][0]['attribs']['']['rel'] == 'photo') {
$res['author-avatar'] = unxmlify($raw_author[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'][0]['attribs']['']['href']);
}
}
$author = $item->get_author();
$res['author-name'] = unxmlify($author->get_name());
$res['author-link'] = unxmlify($author->get_link());
if (!$res['author-avatar']) {
$res['author-avatar'] = unxmlify($author->get_avatar());
}
$res['uri'] = unxmlify($item->get_id());
$res['title'] = unxmlify($item->get_title());
$res['body'] = unxmlify($item->get_content());
$maxlen = get_max_import_size();
if ($maxlen && strlen($res['body']) > $maxlen) {
$res['body'] = substr($res['body'], 0, $maxlen);
}
// It isn't certain at this point whether our content is plaintext or html and we'd be foolish to trust
// the content type. Our own network only emits text normally, though it might have been converted to
// html if we used a pubsubhubbub transport. But if we see even one html open tag in our text, we will
// have to assume it is all html and needs to be purified.
// It doesn't matter all that much security wise - because before this content is used anywhere, we are
// going to escape any tags we find regardless, but this lets us import a limited subset of html from
// the wild, by sanitising it and converting supported tags to bbcode before we rip out any remaining
// html.
if (strpos($res['body'], '<')) {
$res['body'] = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\\-_=]+).+?</object>#s', '[youtube]$1[/youtube]', $res['body']);
$config = HTMLPurifier_Config::createDefault();
$config->set('Core.DefinitionCache', null);
// we shouldn't need a whitelist, because the bbcode converter
// will strip out any unsupported tags.
// $config->set('HTML.Allowed', 'p,b,a[href],i');
$purifier = new HTMLPurifier($config);
$res['body'] = $purifier->purify($res['body']);
}
$res['body'] = html2bbcode($res['body']);
$allow = $item->get_item_tags(NAMESPACE_DFRN, 'comment-allow');
if ($allow && $allow[0]['data'] == 1) {
$res['last-child'] = 1;
} else {
$res['last-child'] = 0;
}
$rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'published');
if ($rawcreated) {
$res['created'] = unxmlify($rawcreated[0]['data']);
}
$rawlocation = $item->get_item_tags(NAMESPACE_DFRN, 'location');
if ($rawlocation) {
$res['location'] = unxmlify($rawlocation[0]['data']);
}
$rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'updated');
if ($rawedited) {
$res['edited'] = unxmlify($rawcreated[0]['data']);
}
$rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner');
if ($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']) {
$res['owner-name'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['name'][0]['data']);
} elseif ($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']) {
$res['owner-name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']);
}
if ($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']) {
$res['owner-link'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['uri'][0]['data']);
} elseif ($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']) {
$res['owner-link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']);
}
if ($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'][0]['attribs']['']['rel'] == 'photo') {
$res['owner-avatar'] = unxmlify($rawowner[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['link'][0]['attribs']['']['href']);
} elseif ($rawowner[0]['child'][NAMESPACE_DFRN]['avatar'][0]['data']) {
$res['owner-avatar'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['avatar'][0]['data']);
}
$rawverb = $item->get_item_tags(NAMESPACE_ACTIVITY, 'verb');
// select between supported verbs
if ($rawverb) {
$res['verb'] = unxmlify($rawverb[0]['data']);
}
$rawobj = $item->get_item_tags(NAMESPACE_ACTIVITY, 'object');
if ($rawobj) {
$res['object-type'] = $rawobj[0]['object-type'][0]['data'];
$res['object'] = $rawobj[0];
}
return $res;
}
function get_atom_elements($item)
{
$res = array();
$author = $item->get_author();
$res['author-name'] = unxmlify($author->get_name());
$res['author-link'] = unxmlify($author->get_link());
$res['author-avatar'] = unxmlify($author->get_avatar());
$res['uri'] = unxmlify($item->get_id());
$res['title'] = unxmlify($item->get_title());
$res['body'] = unxmlify($item->get_content());
$maxlen = get_max_import_size();
if ($maxlen && strlen($res['body']) > $maxlen) {
$res['body'] = substr($res['body'], 0, $maxlen);
}
$allow = $item->get_item_tags(NAMESPACE_DFRN, 'comment-allow');
if ($allow && $allow[0]['data'] == 1) {
$res['last-child'] = 1;
} else {
$res['last-child'] = 0;
}
$rawcreated = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'published');
if ($rawcreated) {
$res['created'] = unxmlify($rawcreated[0]['data']);
}
$rawedited = $item->get_item_tags(SIMPLEPIE_NAMESPACE_ATOM_10, 'updated');
if ($rawedited) {
$res['edited'] = unxmlify($rawcreated[0]['data']);
}
$rawowner = $item->get_item_tags(NAMESPACE_DFRN, 'owner');
if ($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']) {
$res['owner-name'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['name'][0]['data']);
}
if ($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']) {
$res['owner-link'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['uri'][0]['data']);
}
if ($rawowner[0]['child'][NAMESPACE_DFRN]['avatar'][0]['data']) {
$res['owner-avatar'] = unxmlify($rawowner[0]['child'][NAMESPACE_DFRN]['avatar'][0]['data']);
}
return $res;
}
/**
* Render actions localized
*/
function localize_item(&$item)
{
$Text = $item['body'];
$saved_image = '';
$img_start = strpos($Text, '[img]data:');
$img_end = strpos($Text, '[/img]');
if ($img_start !== false && $img_end !== false && $img_end > $img_start) {
$start_fragment = substr($Text, 0, $img_start);
$img_start += strlen('[img]');
$saved_image = substr($Text, $img_start, $img_end - $img_start);
$end_fragment = substr($Text, $img_end + strlen('[/img]'));
$Text = $start_fragment . '[!#saved_image#!]' . $end_fragment;
$search = '/\\[url\\=(.*?)\\]\\[!#saved_image#!\\]\\[\\/url\\]' . '/is';
$replace = '[url=' . z_path() . '/redir/' . $item['contact-id'] . '?f=1&url=' . '$1' . '][!#saved_image#!][/url]';
$Text = preg_replace($search, $replace, $Text);
if (strlen($saved_image)) {
$item['body'] = str_replace('[!#saved_image#!]', '[img]' . $saved_image . '[/img]', $Text);
}
}
$xmlhead = "<" . "?xml version='1.0' encoding='UTF-8' ?" . ">";
if ($item['verb'] === ACTIVITY_LIKE || $item['verb'] === ACTIVITY_DISLIKE) {
$r = q("SELECT * from `item`,`contact` WHERE \n\t\t\t\t`item`.`contact-id`=`contact`.`id` AND `item`.`uri`='%s';", dbesc($item['parent-uri']));
if (count($r) == 0) {
return;
}
$obj = $r[0];
$author = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
$objauthor = '[url=' . $obj['author-link'] . ']' . $obj['author-name'] . '[/url]';
switch ($obj['verb']) {
case ACTIVITY_POST:
switch ($obj['object-type']) {
case ACTIVITY_OBJ_EVENT:
$post_type = t('event');
break;
default:
$post_type = t('status');
}
break;
default:
if ($obj['resource-id']) {
$post_type = t('photo');
$m = array();
preg_match("/\\[url=([^]]*)\\]/", $obj['body'], $m);
$rr['plink'] = $m[1];
} else {
$post_type = t('status');
}
}
$plink = '[url=' . $obj['plink'] . ']' . $post_type . '[/url]';
switch ($item['verb']) {
case ACTIVITY_LIKE:
$bodyverb = t('%1$s likes %2$s\'s %3$s');
break;
case ACTIVITY_DISLIKE:
$bodyverb = t('%1$s doesn\'t like %2$s\'s %3$s');
break;
}
$item['body'] = sprintf($bodyverb, $author, $objauthor, $plink);
}
if ($item['verb'] === ACTIVITY_FRIEND) {
if ($item['object-type'] == "" || $item['object-type'] !== ACTIVITY_OBJ_PERSON) {
return;
}
$Aname = $item['author-name'];
$Alink = $item['author-link'];
$xmlhead = "<" . "?xml version='1.0' encoding='UTF-8' ?" . ">";
$obj = parse_xml_string($xmlhead . $item['object']);
$links = parse_xml_string($xmlhead . "<links>" . unxmlify($obj->link) . "</links>");
$Bname = $obj->title;
$Blink = "";
$Bphoto = "";
foreach ($links->link as $l) {
$atts = $l->attributes();
switch ($atts['rel']) {
case "alternate":
$Blink = $atts['href'];
case "photo":
$Bphoto = $atts['href'];
}
}
$A = '[url=' . zrl($Alink) . ']' . $Aname . '[/url]';
$B = '[url=' . zrl($Blink) . ']' . $Bname . '[/url]';
if ($Bphoto != "") {
$Bphoto = '[url=' . zrl($Blink) . '][img]' . $Bphoto . '[/img][/url]';
}
$item['body'] = sprintf(t('%1$s is now friends with %2$s'), $A, $B) . "\n\n\n" . $Bphoto;
}
if ($item['verb'] === ACTIVITY_TAG) {
$r = q("SELECT * from `item`,`contact` WHERE \n\t\t`item`.`contact-id`=`contact`.`id` AND `item`.`uri`='%s';", dbesc($item['parent-uri']));
if (count($r) == 0) {
return;
}
$obj = $r[0];
$author = '[url=' . zrl($item['author-link']) . ']' . $item['author-name'] . '[/url]';
$objauthor = '[url=' . zrl($obj['author-link']) . ']' . $obj['author-name'] . '[/url]';
switch ($obj['verb']) {
case ACTIVITY_POST:
switch ($obj['object-type']) {
case ACTIVITY_OBJ_EVENT:
$post_type = t('event');
break;
default:
$post_type = t('status');
}
break;
default:
if ($obj['resource-id']) {
$post_type = t('photo');
$m = array();
preg_match("/\\[url=([^]]*)\\]/", $obj['body'], $m);
$rr['plink'] = $m[1];
} else {
$post_type = t('status');
}
}
$plink = '[url=' . $obj['plink'] . ']' . $post_type . '[/url]';
$parsedobj = parse_xml_string($xmlhead . $item['object']);
$tag = sprintf('#[url=%s]%s[/url]', $parsedobj->id, $parsedobj->content);
$item['body'] = sprintf(t('%1$s tagged %2$s\'s %3$s with %4$s'), $author, $objauthor, $plink, $tag);
}
if ($item['verb'] === ACTIVITY_FAVORITE) {
if ($item['object-type'] == "") {
return;
}
$Aname = $item['author-name'];
$Alink = $item['author-link'];
$xmlhead = "<" . "?xml version='1.0' encoding='UTF-8' ?" . ">";
$obj = parse_xml_string($xmlhead . $item['object']);
if (strlen($obj->id)) {
$r = q("select * from item where uri = '%s' and uid = %d limit 1", dbesc($obj->id), intval($item['uid']));
if (count($r) && $r[0]['plink']) {
$target = $r[0];
$Bname = $target['author-name'];
$Blink = $target['author-link'];
$A = '[url=' . zrl($Alink) . ']' . $Aname . '[/url]';
$B = '[url=' . zrl($Blink) . ']' . $Bname . '[/url]';
$P = '[url=' . $target['plink'] . ']' . t('post/item') . '[/url]';
$item['body'] = sprintf(t('%1$s marked %2$s\'s %3$s as favorite'), $A, $B, $P) . "\n";
}
}
}
$matches = null;
if (preg_match_all('/@\\[url=(.*?)\\]/is', $item['body'], $matches, PREG_SET_ORDER)) {
foreach ($matches as $mtch) {
if (!strpos($mtch[1], 'zrl=')) {
$item['body'] = str_replace($mtch[0], '@[url=' . zrl($mtch[1]) . ']', $item['body']);
}
}
}
if (preg_match_all('/\\[url=(.*?)\\/photos\\/(.*?)\\/image\\/(.*?)\\]\\[img(.*?)\\]h(.*?)\\[\\/img\\]\\[\\/url\\]/is', $item['body'], $matches, PREG_SET_ORDER)) {
logger('matched');
foreach ($matches as $mtch) {
$item['body'] = str_replace($mtch[0], '[url=' . zrl($mtch[1] . '/photos/' . $mtch[2] . '/image/' . $mtch[3], true) . '][img' . $mtch[4] . ']h' . $mtch[5] . '[/img][/url]', $item['body']);
}
}
}
function salmon_post(&$a)
{
$xml = file_get_contents('php://input');
logger('mod-salmon: new salmon ' . $xml, LOGGER_DATA);
$nick = $a->argc > 1 ? notags(trim($a->argv[1])) : '';
$mentions = $a->argc > 2 && $a->argv[2] === 'mention' ? true : false;
$r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `account_expired` = 0 AND `account_removed` = 0 LIMIT 1", dbesc($nick));
if (!count($r)) {
http_status_exit(500);
}
$importer = $r[0];
// parse the xml
$dom = simplexml_load_string($xml, 'SimpleXMLElement', 0, NAMESPACE_SALMON_ME);
// figure out where in the DOM tree our data is hiding
if ($dom->provenance->data) {
$base = $dom->provenance;
} elseif ($dom->env->data) {
$base = $dom->env;
} elseif ($dom->data) {
$base = $dom;
}
if (!$base) {
logger('mod-salmon: unable to locate salmon data in xml ');
http_status_exit(400);
}
// Stash the signature away for now. We have to find their key or it won't be good for anything.
$signature = base64url_decode($base->sig);
// unpack the data
// strip whitespace so our data element will return to one big base64 blob
$data = str_replace(array(" ", "\t", "\r", "\n"), array("", "", "", ""), $base->data);
// stash away some other stuff for later
$type = $base->data[0]->attributes()->type[0];
$keyhash = $base->sig[0]->attributes()->keyhash[0];
$encoding = $base->encoding;
$alg = $base->alg;
// Salmon magic signatures have evolved and there is no way of knowing ahead of time which
// flavour we have. We'll try and verify it regardless.
$stnet_signed_data = $data;
$signed_data = $data . '.' . base64url_encode($type) . '.' . base64url_encode($encoding) . '.' . base64url_encode($alg);
$compliant_format = str_replace('=', '', $signed_data);
// decode the data
$data = base64url_decode($data);
// Remove the xml declaration
$data = preg_replace('/\\<\\?xml[^\\?].*\\?\\>/', '', $data);
// Create a fake feed wrapper so simplepie doesn't choke
$tpl = get_markup_template('fake_feed.tpl');
$base = substr($data, strpos($data, '<entry'));
$feedxml = $tpl . $base . '</feed>';
logger('mod-salmon: Processed feed: ' . $feedxml);
// Now parse it like a normal atom feed to scrape out the author URI
$feed = new SimplePie();
$feed->set_raw_data($feedxml);
$feed->enable_order_by_date(false);
$feed->init();
logger('mod-salmon: Feed parsed.');
if ($feed->get_item_quantity()) {
foreach ($feed->get_items() as $item) {
$author = $item->get_author();
$author_link = unxmlify($author->get_link());
break;
}
}
if (!$author_link) {
logger('mod-salmon: Could not retrieve author URI.');
http_status_exit(400);
}
// Once we have the author URI, go to the web and try to find their public key
logger('mod-salmon: Fetching key for ' . $author_link);
$key = get_salmon_key($author_link, $keyhash);
if (!$key) {
logger('mod-salmon: Could not retrieve author key.');
http_status_exit(400);
}
$key_info = explode('.', $key);
$m = base64url_decode($key_info[1]);
$e = base64url_decode($key_info[2]);
logger('mod-salmon: key details: ' . print_r($key_info, true), LOGGER_DEBUG);
$pubkey = metopem($m, $e);
// We should have everything we need now. Let's see if it verifies.
$verify = rsa_verify($compliant_format, $signature, $pubkey);
if (!$verify) {
logger('mod-salmon: message did not verify using protocol. Trying padding hack.');
$verify = rsa_verify($signed_data, $signature, $pubkey);
}
if (!$verify) {
logger('mod-salmon: message did not verify using padding. Trying old statusnet hack.');
$verify = rsa_verify($stnet_signed_data, $signature, $pubkey);
}
if (!$verify) {
logger('mod-salmon: Message did not verify. Discarding.');
http_status_exit(400);
}
logger('mod-salmon: Message verified.');
/*
*
* If we reached this point, the message is good. Now let's figure out if the author is allowed to send us stuff.
*
*/
$r = q("SELECT * FROM `contact` WHERE `network` = '%s' AND ( `url` = '%s' OR `alias` = '%s' ) \n\t\tAND `uid` = %d LIMIT 1", dbesc(NETWORK_OSTATUS), dbesc($author_link), dbesc($author_link), intval($importer['uid']));
if (!count($r)) {
logger('mod-salmon: Author unknown to us.');
if (get_pconfig($importer['uid'], 'system', 'ostatus_autofriend')) {
require_once 'include/follow.php';
$result = new_contact($importer['uid'], $author_link);
if ($result['success']) {
$r = q("SELECT * FROM `contact` WHERE `network` = '%s' AND ( `url` = '%s' OR `alias` = '%s' ) \n\t\t\t\t\tAND `uid` = %d LIMIT 1", dbesc(NETWORK_OSTATUS), dbesc($author_link), dbesc($author_link), intval($importer['uid']));
}
}
}
// is this a follower? Or have we ignored the person?
// If so we can not accept this post.
if (count($r) && ($r[0]['readonly'] || $r[0]['rel'] == CONTACT_IS_FOLLOWER || $r[0]['blocked'])) {
logger('mod-salmon: Ignoring this author.');
http_status_exit(202);
// NOTREACHED
}
require_once 'include/items.php';
// Placeholder for hub discovery. We shouldn't find any hubs
// since we supplied the fake feed header - and it doesn't have any.
$hub = '';
/**
*
* anti-spam measure: consume_feed will accept a follow activity from
* this person (and nothing else) if there is no existing contact record.
*
*/
$contact_rec = count($r) ? $r[0] : null;
consume_feed($feedxml, $importer, $contact_rec, $hub);
http_status_exit(200);
}
/**
* Render actions localized
*/
function localize_item(&$item)
{
$extracted = item_extract_images($item['body']);
if ($extracted['images']) {
$item['body'] = item_redir_and_replace_images($extracted['body'], $extracted['images'], $item['contact-id']);
}
$xmlhead = "<" . "?xml version='1.0' encoding='UTF-8' ?" . ">";
if (activity_match($item['verb'], ACTIVITY_LIKE) || activity_match($item['verb'], ACTIVITY_DISLIKE)) {
$r = q("SELECT * from `item`,`contact` WHERE\n\t\t\t\t`item`.`contact-id`=`contact`.`id` AND `item`.`uri`='%s';", dbesc($item['parent-uri']));
if (count($r) == 0) {
return;
}
$obj = $r[0];
$author = '[url=' . $item['author-link'] . ']' . $item['author-name'] . '[/url]';
$objauthor = '[url=' . $obj['author-link'] . ']' . $obj['author-name'] . '[/url]';
switch ($obj['verb']) {
case ACTIVITY_POST:
switch ($obj['object-type']) {
case ACTIVITY_OBJ_EVENT:
$post_type = t('event');
break;
default:
$post_type = t('status');
}
break;
default:
if ($obj['resource-id']) {
$post_type = t('photo');
$m = array();
preg_match("/\\[url=([^]]*)\\]/", $obj['body'], $m);
$rr['plink'] = $m[1];
} else {
$post_type = t('status');
}
}
$plink = '[url=' . $obj['plink'] . ']' . $post_type . '[/url]';
if (activity_match($item['verb'], ACTIVITY_LIKE)) {
$bodyverb = t('%1$s likes %2$s\'s %3$s');
} elseif (activity_match($item['verb'], ACTIVITY_DISLIKE)) {
$bodyverb = t('%1$s doesn\'t like %2$s\'s %3$s');
}
$item['body'] = sprintf($bodyverb, $author, $objauthor, $plink);
}
if (activity_match($item['verb'], ACTIVITY_FRIEND)) {
if ($item['object-type'] == "" || $item['object-type'] !== ACTIVITY_OBJ_PERSON) {
return;
}
$Aname = $item['author-name'];
$Alink = $item['author-link'];
$xmlhead = "<" . "?xml version='1.0' encoding='UTF-8' ?" . ">";
$obj = parse_xml_string($xmlhead . $item['object']);
$links = parse_xml_string($xmlhead . "<links>" . unxmlify($obj->link) . "</links>");
$Bname = $obj->title;
$Blink = "";
$Bphoto = "";
foreach ($links->link as $l) {
$atts = $l->attributes();
switch ($atts['rel']) {
case "alternate":
$Blink = $atts['href'];
case "photo":
$Bphoto = $atts['href'];
}
}
$A = '[url=' . zrl($Alink) . ']' . $Aname . '[/url]';
$B = '[url=' . zrl($Blink) . ']' . $Bname . '[/url]';
if ($Bphoto != "") {
$Bphoto = '[url=' . zrl($Blink) . '][img]' . $Bphoto . '[/img][/url]';
}
$item['body'] = sprintf(t('%1$s is now friends with %2$s'), $A, $B) . "\n\n\n" . $Bphoto;
}
if (stristr($item['verb'], ACTIVITY_POKE)) {
$verb = urldecode(substr($item['verb'], strpos($item['verb'], '#') + 1));
if (!$verb) {
return;
}
if ($item['object-type'] == "" || $item['object-type'] !== ACTIVITY_OBJ_PERSON) {
return;
}
$Aname = $item['author-name'];
$Alink = $item['author-link'];
$xmlhead = "<" . "?xml version='1.0' encoding='UTF-8' ?" . ">";
$obj = parse_xml_string($xmlhead . $item['object']);
$links = parse_xml_string($xmlhead . "<links>" . unxmlify($obj->link) . "</links>");
$Bname = $obj->title;
$Blink = "";
$Bphoto = "";
foreach ($links->link as $l) {
$atts = $l->attributes();
switch ($atts['rel']) {
case "alternate":
$Blink = $atts['href'];
case "photo":
$Bphoto = $atts['href'];
}
}
$A = '[url=' . zrl($Alink) . ']' . $Aname . '[/url]';
$B = '[url=' . zrl($Blink) . ']' . $Bname . '[/url]';
if ($Bphoto != "") {
$Bphoto = '[url=' . zrl($Blink) . '][img=80x80]' . $Bphoto . '[/img][/url]';
}
// we can't have a translation string with three positions but no distinguishable text
// So here is the translate string.
$txt = t('%1$s poked %2$s');
// now translate the verb
$txt = str_replace(t('poked'), t($verb), $txt);
// then do the sprintf on the translation string
$item['body'] = sprintf($txt, $A, $B) . "\n\n\n" . $Bphoto;
}
if (stristr($item['verb'], ACTIVITY_MOOD)) {
$verb = urldecode(substr($item['verb'], strpos($item['verb'], '#') + 1));
if (!$verb) {
return;
}
$Aname = $item['author-name'];
$Alink = $item['author-link'];
$A = '[url=' . zrl($Alink) . ']' . $Aname . '[/url]';
$txt = t('%1$s is currently %2$s');
$item['body'] = sprintf($txt, $A, t($verb));
}
if (activity_match($item['verb'], ACTIVITY_TAG)) {
$r = q("SELECT * from `item`,`contact` WHERE\n\t\t`item`.`contact-id`=`contact`.`id` AND `item`.`uri`='%s';", dbesc($item['parent-uri']));
if (count($r) == 0) {
return;
}
$obj = $r[0];
$author = '[url=' . zrl($item['author-link']) . ']' . $item['author-name'] . '[/url]';
$objauthor = '[url=' . zrl($obj['author-link']) . ']' . $obj['author-name'] . '[/url]';
switch ($obj['verb']) {
case ACTIVITY_POST:
switch ($obj['object-type']) {
case ACTIVITY_OBJ_EVENT:
$post_type = t('event');
break;
default:
$post_type = t('status');
}
break;
default:
if ($obj['resource-id']) {
$post_type = t('photo');
$m = array();
preg_match("/\\[url=([^]]*)\\]/", $obj['body'], $m);
$rr['plink'] = $m[1];
} else {
$post_type = t('status');
}
}
$plink = '[url=' . $obj['plink'] . ']' . $post_type . '[/url]';
$parsedobj = parse_xml_string($xmlhead . $item['object']);
$tag = sprintf('#[url=%s]%s[/url]', $parsedobj->id, $parsedobj->content);
$item['body'] = sprintf(t('%1$s tagged %2$s\'s %3$s with %4$s'), $author, $objauthor, $plink, $tag);
}
if (activity_match($item['verb'], ACTIVITY_FAVORITE)) {
if ($item['object-type'] == "") {
return;
}
$Aname = $item['author-name'];
$Alink = $item['author-link'];
$xmlhead = "<" . "?xml version='1.0' encoding='UTF-8' ?" . ">";
$obj = parse_xml_string($xmlhead . $item['object']);
if (strlen($obj->id)) {
$r = q("select * from item where uri = '%s' and uid = %d limit 1", dbesc($obj->id), intval($item['uid']));
if (count($r) && $r[0]['plink']) {
$target = $r[0];
$Bname = $target['author-name'];
$Blink = $target['author-link'];
$A = '[url=' . zrl($Alink) . ']' . $Aname . '[/url]';
$B = '[url=' . zrl($Blink) . ']' . $Bname . '[/url]';
$P = '[url=' . $target['plink'] . ']' . t('post/item') . '[/url]';
$item['body'] = sprintf(t('%1$s marked %2$s\'s %3$s as favorite'), $A, $B, $P) . "\n";
}
}
}
$matches = null;
if (preg_match_all('/@\\[url=(.*?)\\]/is', $item['body'], $matches, PREG_SET_ORDER)) {
foreach ($matches as $mtch) {
if (!strpos($mtch[1], 'zrl=')) {
$item['body'] = str_replace($mtch[0], '@[url=' . zrl($mtch[1]) . ']', $item['body']);
}
}
}
// add zrl's to public images
$photo_pattern = "/\\[url=(.*?)\\/photos\\/(.*?)\\/image\\/(.*?)\\]\\[img(.*?)\\]h(.*?)\\[\\/img\\]\\[\\/url\\]/is";
if (preg_match($photo_pattern, $item['body'])) {
$photo_replace = '[url=' . zrl('$1' . '/photos/' . '$2' . '/image/' . '$3', true) . '][img' . '$4' . ']h' . '$5' . '[/img][/url]';
$item['body'] = bb_tag_preg_replace($photo_pattern, $photo_replace, 'url', $item['body']);
}
// add sparkle links to appropriate permalinks
$x = stristr($item['plink'], '/display/');
if ($x) {
$sparkle = false;
$y = best_link_url($item, $sparkle, true);
if (strstr($y, '/redir/')) {
$item['plink'] = $y . '?f=&url=' . $item['plink'];
}
}
}
function diaspora_profile($importer, $xml, $msg)
{
$a = get_app();
$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
if ($diaspora_handle != $msg['author']) {
logger('diaspora_post: Potential forgery. Message handle is not the same as envelope sender.');
return 202;
}
$contact = diaspora_get_contact_by_handle($importer['channel_id'], $diaspora_handle);
if (!$contact) {
return;
}
if ($contact['blocked']) {
logger('diaspora_post: Ignoring this author.');
return 202;
}
$name = unxmlify($xml->first_name) . (strlen($xml->last_name) ? ' ' . unxmlify($xml->last_name) : '');
$image_url = unxmlify($xml->image_url);
$birthday = unxmlify($xml->birthday);
$handle_parts = explode("@", $diaspora_handle);
if ($name === '') {
$name = $handle_parts[0];
}
if (preg_match("|^https?://|", $image_url) === 0) {
$image_url = "http://" . $handle_parts[1] . $image_url;
}
require_once 'include/photo/photo_driver.php';
$images = import_profile_photo($image_url, $contact['xchan_hash']);
// Generic birthday. We don't know the timezone. The year is irrelevant.
$birthday = str_replace('1000', '1901', $birthday);
$birthday = datetime_convert('UTC', 'UTC', $birthday, 'Y-m-d');
// this is to prevent multiple birthday notifications in a single year
// if we already have a stored birthday and the 'm-d' part hasn't changed, preserve the entry, which will preserve the notify year
if (substr($birthday, 5) === substr($contact['bd'], 5)) {
$birthday = $contact['bd'];
}
$r = q("update xchan set xchan_name = '%s', xchan_name_date = '%s', xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s' where xchan_hash = '%s' ", dbesc($name), dbesc(datetime_convert()), dbesc($images[0]), dbesc($images[1]), dbesc($images[2]), dbesc($images[3]), dbesc(datetime_convert()), intval($contact['xchan_hash']));
return;
}
function diaspora_profile($importer, $xml, $msg)
{
$a = get_app();
$diaspora_handle = notags(unxmlify($xml->diaspora_handle));
if ($diaspora_handle != $msg['author']) {
logger('diaspora_post: Potential forgery. Message handle is not the same as envelope sender.');
return 202;
}
$contact = diaspora_get_contact_by_handle($importer['uid'], $diaspora_handle);
if (!$contact) {
return;
}
if ($contact['blocked']) {
logger('diaspora_post: Ignoring this author.');
return 202;
}
$name = unxmlify($xml->first_name) . (strlen($xml->last_name) ? ' ' . unxmlify($xml->last_name) : '');
$image_url = unxmlify($xml->image_url);
$birthday = unxmlify($xml->birthday);
$location = diaspora2bb(unxmlify($xml->location));
$about = diaspora2bb(unxmlify($xml->bio));
$gender = unxmlify($xml->gender);
$tags = unxmlify($xml->tag_string);
$tags = explode("#", $tags);
$keywords = array();
foreach ($tags as $tag) {
$tag = trim(strtolower($tag));
if ($tag != "") {
$keywords[] = $tag;
}
}
$keywords = implode(", ", $keywords);
$handle_parts = explode("@", $diaspora_handle);
if ($name === '') {
$name = $handle_parts[0];
}
if (preg_match("|^https?://|", $image_url) === 0) {
$image_url = "http://" . $handle_parts[1] . $image_url;
}
/* $r = q("SELECT DISTINCT ( `resource-id` ) FROM `photo` WHERE `uid` = %d AND `contact-id` = %d AND `album` = 'Contact Photos' ",
intval($importer['uid']),
intval($contact['id'])
);
$oldphotos = ((count($r)) ? $r : null);*/
require_once 'include/Photo.php';
$images = import_profile_photo($image_url, $importer['uid'], $contact['id']);
// Generic birthday. We don't know the timezone. The year is irrelevant.
$birthday = str_replace('1000', '1901', $birthday);
$birthday = datetime_convert('UTC', 'UTC', $birthday, 'Y-m-d');
// this is to prevent multiple birthday notifications in a single year
// if we already have a stored birthday and the 'm-d' part hasn't changed, preserve the entry, which will preserve the notify year
if (substr($birthday, 5) === substr($contact['bd'], 5)) {
$birthday = $contact['bd'];
}
// TODO: update name on item['author-name'] if the name changed. See consume_feed()
// Not doing this currently because D* protocol is scheduled for revision soon.
$r = q("UPDATE `contact` SET `name` = '%s', `name-date` = '%s', `photo` = '%s', `thumb` = '%s', `micro` = '%s', `avatar-date` = '%s' , `bd` = '%s', `location` = '%s', `about` = '%s', `keywords` = '%s', `gender` = '%s' WHERE `id` = %d AND `uid` = %d", dbesc($name), dbesc(datetime_convert()), dbesc($images[0]), dbesc($images[1]), dbesc($images[2]), dbesc(datetime_convert()), dbesc($birthday), dbesc($location), dbesc($about), dbesc($keywords), dbesc($gender), intval($contact['id']), intval($importer['uid']));
if (unxmlify($xml->searchable) == "true") {
require_once 'include/socgraph.php';
poco_check($contact['url'], $name, NETWORK_DIASPORA, $images[0], $about, $location, $gender, $keywords, "", datetime_convert(), 2, $contact['id'], $importer['uid']);
}
$profileurl = "";
$author = q("SELECT * FROM `unique_contacts` WHERE `url`='%s' LIMIT 1", dbesc(normalise_link($contact['url'])));
if (count($author) == 0) {
q("INSERT INTO `unique_contacts` (`url`, `name`, `avatar`, `location`, `about`) VALUES ('%s', '%s', '%s', '%s', '%s')", dbesc(normalise_link($contact['url'])), dbesc($name), dbesc($location), dbesc($about), dbesc($images[0]));
$author = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1", dbesc(normalise_link($contact['url'])));
} else {
if (normalise_link($contact['url']) . $name . $location . $about != normalise_link($author[0]["url"]) . $author[0]["name"] . $author[0]["location"] . $author[0]["about"]) {
q("UPDATE unique_contacts SET name = '%s', avatar = '%s', `location` = '%s', `about` = '%s' WHERE url = '%s'", dbesc($name), dbesc($images[0]), dbesc($location), dbesc($about), dbesc(normalise_link($contact['url'])));
}
}
/* if($r) {
if($oldphotos) {
foreach($oldphotos as $ph) {
q("DELETE FROM `photo` WHERE `uid` = %d AND `contact-id` = %d AND `album` = 'Contact Photos' AND `resource-id` = '%s' ",
intval($importer['uid']),
intval($contact['id']),
dbesc($ph['resource-id'])
);
}
}
} */
return;
}
function network_content(&$a, $update = 0)
{
require_once 'include/conversation.php';
if (!local_user()) {
$_SESSION['return_url'] = $a->query_string;
return login(false);
}
$arr = array('query' => $a->query_string);
call_hooks('network_content_init', $arr);
$datequery = $datequery2 = '';
$group = 0;
$nouveau = false;
if ($a->argc > 1) {
for ($x = 1; $x < $a->argc; $x++) {
if (is_a_date_arg($a->argv[$x])) {
if ($datequery) {
$datequery2 = escape_tags($a->argv[$x]);
} else {
$datequery = escape_tags($a->argv[$x]);
$_GET['order'] = 'post';
}
} elseif ($a->argv[$x] === 'new') {
$nouveau = true;
} elseif (intval($a->argv[$x])) {
$group = intval($a->argv[$x]);
$def_acl = array('allow_gid' => '<' . $group . '>');
}
}
}
$o = '';
// item filter tabs
// TODO: fix this logic, reduce duplication
//$a->page['content'] .= '<div class="tabs-wrapper">';
list($no_active, $all_active, $postord_active, $conv_active, $new_active, $starred_active, $bookmarked_active, $spam_active) = network_query_get_sel_tab($a);
// if no tabs are selected, defaults to comments
if ($no_active == 'active') {
$all_active = 'active';
}
//echo "<pre>"; var_dump($no_active, $all_active, $postord_active, $conv_active, $new_active, $starred_active, $bookmarked_active, $spam_active); killme();
$cmd = $datequery ? '' : $a->cmd;
$len_naked_cmd = strlen(str_replace('/new', '', $cmd));
// tabs
$tabs = array(array('label' => t('Commented Order'), 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . '?f=&order=comment' . (x($_GET, 'cid') ? '&cid=' . $_GET['cid'] : ''), 'sel' => $all_active, 'title' => t('Sort by Comment Date')), array('label' => t('Posted Order'), 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . '?f=&order=post' . (x($_GET, 'cid') ? '&cid=' . $_GET['cid'] : ''), 'sel' => $postord_active, 'title' => t('Sort by Post Date')));
if (feature_enabled(local_user(), 'personal_tab')) {
$tabs[] = array('label' => t('Personal'), 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . (x($_GET, 'cid') ? '/?f=&cid=' . $_GET['cid'] : '') . '&conv=1', 'sel' => $conv_active, 'title' => t('Posts that mention or involve you'));
}
if (feature_enabled(local_user(), 'new_tab')) {
$tabs[] = array('label' => t('New'), 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . ($len_naked_cmd ? '/' : '') . 'new' . (x($_GET, 'cid') ? '/?f=&cid=' . $_GET['cid'] : ''), 'sel' => $new_active, 'title' => t('Activity Stream - by date'));
}
if (feature_enabled(local_user(), 'link_tab')) {
$tabs[] = array('label' => t('Shared Links'), 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . (x($_GET, 'cid') ? '/?f=&cid=' . $_GET['cid'] : '') . '&bmark=1', 'sel' => $bookmarked_active, 'title' => t('Interesting Links'));
}
if (feature_enabled(local_user(), 'star_posts')) {
$tabs[] = array('label' => t('Starred'), 'url' => $a->get_baseurl(true) . '/' . str_replace('/new', '', $cmd) . (x($_GET, 'cid') ? '/?f=&cid=' . $_GET['cid'] : '') . '&star=1', 'sel' => $starred_active, 'title' => t('Favourite Posts'));
}
// Not yet implemented
/* if(feature_enabled(local_user(),'spam_filter')) {
$tabs[] = array(
'label' => t('Spam'),
'url'=>$a->get_baseurl(true) . '/network?f=&spam=1',
'sel'=> $spam_active,
'title' => t('Posts flagged as SPAM'),
);
}*/
// save selected tab, but only if not in search or file mode
if (!x($_GET, 'search') && !x($_GET, 'file')) {
set_pconfig(local_user(), 'network.view', 'tab.selected', array($all_active, $postord_active, $conv_active, $new_active, $starred_active, $bookmarked_active, $spam_active));
}
$arr = array('tabs' => $tabs);
call_hooks('network_tabs', $arr);
$o .= replace_macros(get_markup_template('common_tabs.tpl'), array('$tabs' => $arr['tabs']));
// --- end item filter tabs
$contact_id = $a->cid;
require_once 'include/acl_selectors.php';
$cid = x($_GET, 'cid') ? intval($_GET['cid']) : 0;
$star = x($_GET, 'star') ? intval($_GET['star']) : 0;
$bmark = x($_GET, 'bmark') ? intval($_GET['bmark']) : 0;
$order = x($_GET, 'order') ? notags($_GET['order']) : 'comment';
$liked = x($_GET, 'liked') ? intval($_GET['liked']) : 0;
$conv = x($_GET, 'conv') ? intval($_GET['conv']) : 0;
$spam = x($_GET, 'spam') ? intval($_GET['spam']) : 0;
$nets = x($_GET, 'nets') ? $_GET['nets'] : '';
$cmin = x($_GET, 'cmin') ? intval($_GET['cmin']) : 0;
$cmax = x($_GET, 'cmax') ? intval($_GET['cmax']) : 99;
$file = x($_GET, 'file') ? $_GET['file'] : '';
if (x($_GET, 'search') || x($_GET, 'file')) {
$nouveau = true;
}
if ($cid) {
$def_acl = array('allow_cid' => '<' . intval($cid) . '>');
}
if ($nets) {
$r = q("select id from contact where uid = %d and network = '%s' and self = 0", intval(local_user()), dbesc($nets));
$str = '';
if (count($r)) {
foreach ($r as $rr) {
$str .= '<' . $rr['id'] . '>';
}
}
if (strlen($str)) {
$def_acl = array('allow_cid' => $str);
}
}
set_pconfig(local_user(), 'network.view', 'net.selected', $nets ? $nets : 'all');
if (!$update) {
if ($group) {
if (($t = group_public_members($group)) && !get_pconfig(local_user(), 'system', 'nowarn_insecure')) {
notice(sprintf(tt('Warning: This group contains %s member from an insecure network.', 'Warning: This group contains %s members from an insecure network.', $t), $t) . EOL);
notice(t('Private messages to this group are at risk of public disclosure.') . EOL);
}
}
nav_set_selected('network');
$celeb = $a->user['page-flags'] == PAGE_SOAPBOX || $a->user['page-flags'] == PAGE_COMMUNITY ? true : false;
$x = array('is_owner' => true, 'allow_location' => $a->user['allow_location'], 'default_location' => $a->user['default-location'], 'nickname' => $a->user['nickname'], 'lockstate' => $group || $cid || $nets || is_array($a->user) && (strlen($a->user['allow_cid']) || strlen($a->user['allow_gid']) || strlen($a->user['deny_cid']) || strlen($a->user['deny_gid'])) ? 'lock' : 'unlock', 'default_perms' => get_acl_permissions($a->user), 'acl' => populate_acl($group || $cid || $nets ? $def_acl : $a->user, $celeb), 'bang' => $group || $cid || $nets ? '!' : '', 'visitor' => 'block', 'profile_uid' => local_user(), 'acl_data' => construct_acl_data($a, $a->user));
$o .= status_editor($a, $x);
}
// We don't have to deal with ACLs on this page. You're looking at everything
// that belongs to you, hence you can see all of it. We will filter by group if
// desired.
$sql_options = $star ? " and starred = 1 " : '';
$sql_options .= $bmark ? " and bookmark = 1 " : '';
$sql_nets = $nets ? sprintf(" and `contact`.`network` = '%s' ", dbesc($nets)) : '';
$sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` {$sql_options} ) ";
if ($group) {
$r = q("SELECT `name`, `id` FROM `group` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($group), intval($_SESSION['uid']));
if (!count($r)) {
if ($update) {
killme();
}
notice(t('No such group') . EOL);
goaway($a->get_baseurl(true) . '/network/0');
// NOTREACHED
}
$contacts = expand_groups(array($group));
if (is_array($contacts) && count($contacts)) {
$contact_str = implode(',', $contacts);
} else {
$contact_str = ' 0 ';
info(t('Group is empty'));
}
$sql_extra = " AND `item`.`parent` IN ( SELECT DISTINCT(`parent`) FROM `item` WHERE 1 {$sql_options} AND ( `contact-id` IN ( {$contact_str} ) OR `allow_gid` like '" . protect_sprintf('%<' . intval($group) . '>%') . "' ) and deleted = 0 ) ";
$o = '<h2>' . t('Group: ') . $r[0]['name'] . '</h2>' . $o;
} elseif ($cid) {
$r = q("SELECT `id`,`name`,`network`,`writable`,`nurl` FROM `contact` WHERE `id` = %d \n\t\t\t\tAND `blocked` = 0 AND `pending` = 0 LIMIT 1", intval($cid));
if (count($r)) {
$sql_extra = " AND `item`.`parent` IN ( SELECT DISTINCT(`parent`) FROM `item` WHERE 1 {$sql_options} AND `contact-id` = " . intval($cid) . " and deleted = 0 ) ";
$o = '<h2>' . t('Contact: ') . $r[0]['name'] . '</h2>' . $o;
if ($r[0]['network'] === NETWORK_OSTATUS && $r[0]['writable'] && !get_pconfig(local_user(), 'system', 'nowarn_insecure')) {
notice(t('Private messages to this person are at risk of public disclosure.') . EOL);
}
} else {
notice(t('Invalid contact.') . EOL);
goaway($a->get_baseurl(true) . '/network');
// NOTREACHED
}
}
if (!$group && !$cid && !$update && !get_config('theme', 'hide_eventlist')) {
$o .= get_birthdays();
$o .= get_events();
}
$sql_extra3 = '';
if ($datequery) {
$sql_extra3 .= protect_sprintf(sprintf(" AND item.created <= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery))));
}
if ($datequery2) {
$sql_extra3 .= protect_sprintf(sprintf(" AND item.created >= '%s' ", dbesc(datetime_convert(date_default_timezone_get(), '', $datequery2))));
}
$sql_extra2 = $nouveau ? '' : " AND `item`.`parent` = `item`.`id` ";
$sql_extra3 = $nouveau ? '' : $sql_extra3;
$sql_table = "`item`";
if (x($_GET, 'search')) {
$search = escape_tags($_GET['search']);
if (strpos($search, '#') === 0) {
$tag = true;
$search = substr($search, 1);
}
if (get_config('system', 'only_tag_search')) {
$tag = true;
}
/*if (get_config('system','use_fulltext_engine')) {
if(strpos($search,'#') === 0)
$sql_extra .= sprintf(" AND (MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode)) ",
dbesc(protect_sprintf($search))
);
else
$sql_extra .= sprintf(" AND (MATCH(`item`.`body`, `item`.`title`) AGAINST ('%s' in boolean mode)) ",
dbesc(protect_sprintf($search)),
dbesc(protect_sprintf($search))
);
} else {
$sql_extra .= sprintf(" AND ( `item`.`body` like '%s' OR `item`.`tag` like '%s' ) ",
dbesc(protect_sprintf('%' . $search . '%')),
dbesc(protect_sprintf('%]' . $search . '[%'))
);
}*/
if ($tag) {
$sql_extra = sprintf(" AND `term`.`term` = '%s' AND `term`.`otype` = %d AND `term`.`type` = %d ", dbesc(protect_sprintf($search)), intval(TERM_OBJ_POST), intval(TERM_HASHTAG));
$sql_table = "`term` LEFT JOIN `item` ON `item`.`id` = `term`.`oid` AND `item`.`uid` = `term`.`uid` ";
} else {
if (get_config('system', 'use_fulltext_engine')) {
$sql_extra = sprintf(" AND MATCH (`item`.`body`, `item`.`title`) AGAINST ('%s' in boolean mode) ", dbesc(protect_sprintf($search)));
} else {
$sql_extra = sprintf(" AND `item`.`body` REGEXP '%s' ", dbesc(protect_sprintf(preg_quote($search))));
}
}
}
if (strlen($file)) {
$sql_extra .= file_tag_file_query('item', unxmlify($file));
}
if ($conv) {
$myurl = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
$myurl = substr($myurl, strpos($myurl, '://') + 3);
$myurl = str_replace('www.', '', $myurl);
$diasp_url = str_replace('/profile/', '/u/', $myurl);
/*if (get_config('system','use_fulltext_engine'))
$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where (MATCH(`author-link`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(`tag`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode))) ",
//$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where (`author-link` IN ('https://%s', 'http://%s') OR MATCH(`tag`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode))) ",
//$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where `author-link` IN ('https://%s', 'http://%s') OR `mention`)",
dbesc(protect_sprintf($myurl)),
dbesc(protect_sprintf($myurl)),
dbesc(protect_sprintf($diasp_url))
);
else
$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ",
dbesc(protect_sprintf('%' . $myurl)),
dbesc(protect_sprintf('%' . $myurl . ']%')),
dbesc(protect_sprintf('%' . $diasp_url . ']%'))
);*/
$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where `author-link` IN ('https://%s', 'http://%s') OR `mention`)", dbesc(protect_sprintf($myurl)), dbesc(protect_sprintf($myurl)));
}
if ($update) {
// only setup pagination on initial page view
$pager_sql = '';
} else {
if (!get_config('alt_pager', 'global') && !get_pconfig(local_user(), 'system', 'alt_pager')) {
$r = q("SELECT COUNT(*) AS `total`\n\t\t\t FROM {$sql_table} LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t WHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\t\t AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t {$sql_extra2} {$sql_extra3}\n\t\t\t {$sql_extra} {$sql_nets} ", intval($_SESSION['uid']));
if (count($r)) {
$a->set_pager_total($r[0]['total']);
}
}
$itemspage_network = get_pconfig(local_user(), 'system', 'itemspage_network');
$itemspage_network = intval($itemspage_network) ? $itemspage_network : 40;
if ($a->force_max_items > 0 && $a->force_max_items < $itemspage_network) {
$itemspage_network = $a->force_max_items;
}
$a->set_pager_itemspage($itemspage_network);
$pager_sql = sprintf(" LIMIT %d, %d ", intval($a->pager['start']), intval($a->pager['itemspage']));
}
$simple_update = $update ? " and `item`.`unseen` = 1 " : '';
if ($nouveau) {
// "New Item View" - show all items unthreaded in reverse created date order
$items = q("SELECT `item`.*, `item`.`id` AS `item_id`, \n\t\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`writable`,\n\t\t\t`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,\n\t\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`\n\t\t\tFROM {$sql_table} LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 \n\t\t\tAND `item`.`deleted` = 0 and `item`.`moderated` = 0\n\t\t\t{$simple_update}\n\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t{$sql_extra} {$sql_nets}\n\t\t\tORDER BY `item`.`received` DESC {$pager_sql} ", intval($_SESSION['uid']));
$update_unseen = ' WHERE uid = ' . intval($_SESSION['uid']) . " AND unseen = 1 {$sql_extra} {$sql_nets}";
} else {
// Normal conversation view
if ($order === 'post') {
$ordering = "`created`";
} else {
$ordering = "`commented`";
}
// Fetch a page full of parent items for this page
if ($update) {
$r = q("SELECT `parent` AS `item_id`, `contact`.`uid` AS `contact_uid`\n\t\t\t\tFROM {$sql_table} LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND\n\t\t\t\t(`item`.`deleted` = 0 OR item.verb = '" . ACTIVITY_LIKE . "' OR item.verb = '" . ACTIVITY_DISLIKE . "')\n\t\t\t\tand `item`.`moderated` = 0 and `item`.`unseen` = 1\n\t\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets} ", intval(local_user()));
} else {
$r = q("SELECT `item`.`id` AS `item_id`, `contact`.`uid` AS `contact_uid`\n\t\t\t\tFROM {$sql_table} LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\t\t\tAND `item`.`moderated` = 0 AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t\tAND `item`.`parent` = `item`.`id`\n\t\t\t\t{$sql_extra3} {$sql_extra} {$sql_nets}\n\t\t\t\tORDER BY `item`.{$ordering} DESC {$pager_sql} ", intval(local_user()));
}
// Then fetch all the children of the parents that are on this page
$parents_arr = array();
$parents_str = '';
if (count($r)) {
foreach ($r as $rr) {
if (!in_array($rr['item_id'], $parents_arr)) {
$parents_arr[] = $rr['item_id'];
}
}
$parents_str = implode(', ', $parents_arr);
$items = q("SELECT `item`.*, `item`.`id` AS `item_id`,\n\t\t\t\t`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`alias`, `contact`.`rel`, `contact`.`writable`,\n\t\t\t\t`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,\n\t\t\t\t`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`\n\t\t\t\tFROM {$sql_table} LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`\n\t\t\t\tWHERE `item`.`uid` = %d AND `item`.`visible` = 1 AND `item`.`deleted` = 0\n\t\t\t\tAND `item`.`moderated` = 0\n\t\t\t\tAND `contact`.`blocked` = 0 AND `contact`.`pending` = 0\n\t\t\t\tAND `item`.`parent` IN ( %s )\n\t\t\t\t{$sql_extra} ", intval(local_user()), dbesc($parents_str));
$items = conv_sort($items, $ordering);
} else {
$items = array();
}
if ($parents_str) {
$update_unseen = ' WHERE uid = ' . intval(local_user()) . ' AND unseen = 1 AND parent IN ( ' . dbesc($parents_str) . ' )';
}
}
// We aren't going to try and figure out at the item, group, and page
// level which items you've seen and which you haven't. If you're looking
// at the top level network page just mark everything seen.
// The $update_unseen is a bit unreliable if you have stuff coming into your stream from a new contact -
// and other feeds that bring in stuff from the past. One can't find it all.
// I'm reviving this block to mark everything seen on page 1 of the network as a temporary measure.
// The correct solution is to implement a network notifications box just like the system notifications popup
// with the ability in the popup to "mark all seen".
// Several people are complaining because there are unseen messages they can't find and as time goes
// on they just get buried deeper. It has happened to me a couple of times also.
if (!$group && !$cid && !$star) {
$r = q("UPDATE `item` SET `unseen` = 0 \n\t\t\tWHERE `unseen` = 1 AND `uid` = %d", intval(local_user()));
} else {
if ($update_unseen) {
$r = q("UPDATE `item` SET `unseen` = 0 {$update_unseen}");
}
}
// Set this so that the conversation function can find out contact info for our wall-wall items
$a->page_contact = $a->contact;
$mode = $nouveau ? 'network-new' : 'network';
$o .= conversation($a, $items, $mode, $update);
if (!$update) {
if (get_config('alt_pager', 'global') || get_pconfig(local_user(), 'system', 'alt_pager')) {
$o .= alt_pager($a, count($items));
} else {
$o .= paginate($a);
}
}
return $o;
}
