function dfrn_request_content(&$a)
{
if ($a->argc != 2 || !count($a->profile)) {
return "";
}
// "Homecoming". Make sure we're logged in to this site as the correct user. Then offer a confirm button
// to send us to the post section to record the introduction.
if (x($_GET, 'dfrn_url')) {
if (!local_user()) {
info(t("Please login to confirm introduction.") . EOL);
/* setup the return URL to come back to this page if they use openid */
$stripped = str_replace('q=', '', $a->query_string);
$_SESSION['return_url'] = trim($stripped, '/');
return login();
}
// Edge case, but can easily happen in the wild. This person is authenticated,
// but not as the person who needs to deal with this request.
if ($a->user['nickname'] != $a->argv[1]) {
notice(t("Incorrect identity currently logged in. Please login to <strong>this</strong> profile.") . EOL);
return login();
}
$dfrn_url = notags(trim(hex2bin($_GET['dfrn_url'])));
$aes_allow = x($_GET, 'aes_allow') && $_GET['aes_allow'] == 1 ? 1 : 0;
$confirm_key = x($_GET, 'confirm_key') ? $_GET['confirm_key'] : "";
$tpl = get_markup_template("dfrn_req_confirm.tpl");
$o = replace_macros($tpl, array('$dfrn_url' => $dfrn_url, '$aes_allow' => $aes_allow ? '<input type="hidden" name="aes_allow" value="1" />' : "", '$confirm_key' => $confirm_key, '$welcome' => sprintf(t('Welcome home %s.'), $a->user['username']), '$please' => sprintf(t('Please confirm your introduction/connection request to %s.'), $dfrn_url), '$submit' => t('Confirm'), '$uid' => $_SESSION['uid'], '$nickname' => $a->user['nickname'], 'dfrn_rawurl' => $_GET['dfrn_url']));
return $o;
} elseif (x($_GET, 'confirm_key') && strlen($_GET['confirm_key'])) {
// we are the requestee and it is now safe to send our user their introduction,
// We could just unblock it, but first we have to jump through a few hoops to
// send an email, or even to find out if we need to send an email.
$intro = q("SELECT * FROM `intro` WHERE `hash` = '%s' LIMIT 1", dbesc($_GET['confirm_key']));
if (count($intro)) {
$r = q("SELECT `contact`.*, `user`.* FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`\n\t\t\t\tWHERE `contact`.`id` = %d LIMIT 1", intval($intro[0]['contact-id']));
$auto_confirm = false;
if (count($r)) {
if ($r[0]['page-flags'] != PAGE_NORMAL) {
$auto_confirm = true;
}
if (!$auto_confirm) {
require_once 'include/enotify.php';
notification(array('type' => NOTIFY_INTRO, 'notify_flags' => $r[0]['notify-flags'], 'language' => $r[0]['language'], 'to_name' => $r[0]['username'], 'to_email' => $r[0]['email'], 'link' => $a->get_baseurl() . '/notifications/intros', 'source_name' => strlen(stripslashes($r[0]['name'])) ? stripslashes($r[0]['name']) : t('[Name Withheld]'), 'source_link' => $r[0]['url'], 'source_photo' => $r[0]['photo'], 'verb' => ACTIVITY_REQ_FRIEND, 'otype' => 'intro'));
}
if ($auto_confirm) {
require_once 'mod/dfrn_confirm.php';
$handsfree = array('uid' => $r[0]['uid'], 'node' => $r[0]['nickname'], 'dfrn_id' => $r[0]['issued-id'], 'intro_id' => $intro[0]['id'], 'duplex' => $r[0]['page-flags'] == PAGE_FREELOVE ? 1 : 0);
dfrn_confirm_post($a, $handsfree);
}
}
if (!$auto_confirm) {
// If we are auto_confirming, this record will have already been nuked
// in dfrn_confirm_post()
$r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s' LIMIT 1", dbesc($_GET['confirm_key']));
}
}
killme();
return;
// NOTREACHED
} else {
/**
* Normal web request. Display our user's introduction form.
*/
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
notice(t('Public access denied.') . EOL);
return;
}
/**
* Try to auto-fill the profile address
*/
if (local_user()) {
if (strlen($a->path)) {
$myaddr = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
} else {
$myaddr = $a->user['nickname'] . '@' . substr(z_root(), strpos(z_root(), '://') + 3);
}
} elseif (x($_GET, 'addr')) {
$myaddr = hex2bin($_GET['addr']);
} else {
/* $_GET variables are already urldecoded */
$myaddr = x($_GET, 'address') ? $_GET['address'] : '';
}
$target_addr = $a->profile['nickname'] . '@' . substr(z_root(), strpos(z_root(), '://') + 3);
/**
*
* The auto_request form only has the profile address
* because nobody is going to read the comments and
* it doesn't matter if they know you or not.
*
*/
if ($a->profile['page-flags'] == PAGE_NORMAL) {
$tpl = get_markup_template('dfrn_request.tpl');
} else {
$tpl = get_markup_template('auto_request.tpl');
}
$page_desc = sprintf(t('Diaspora members: Please do not use this form. Instead, enter "%s" into your Diaspora search bar.'), $target_addr) . EOL . EOL;
$page_desc .= t("Please enter your 'Identity Address' from one of the following supported social networks:");
$o .= replace_macros($tpl, array('$header' => t('Friend/Connection Request'), '$desc' => t('Examples: jojo@demo.friendica.com, http://demo.friendica.com/profile/jojo, testuser@identi.ca'), '$pls_answer' => t('Please answer the following:'), '$does_know' => sprintf(t('Does %s know you?'), $a->profile['name']), '$yes' => t('Yes'), '$no' => t('No'), '$add_note' => t('Add a personal note:'), '$page_desc' => $page_desc, '$friendika' => t('Friendica'), '$statusnet' => t('StatusNet/Federated Social Web'), '$diaspora' => t('Diaspora'), '$diasnote' => t('- please share from your own site as noted above'), '$your_address' => t('Your Identity Address:'), '$submit' => t('Submit Request'), '$cancel' => t('Cancel'), '$nickname' => $a->argv[1], '$name' => $a->profile['name'], '$myaddr' => $myaddr));
return $o;
}
return;
// Somebody is fishing.
}
function dfrn_request_content(&$a)
{
if ($a->argc != 2 || !count($a->profile)) {
return "";
}
// "Homecoming". Make sure we're logged in to this site as the correct user. Then offer a confirm button
// to send us to the post section to record the introduction.
if (x($_GET, 'dfrn_url')) {
if (!local_user()) {
info(t("Please login to confirm introduction.") . EOL);
/* setup the return URL to come back to this page if they use openid */
$_SESSION['return_url'] = $a->query_string;
return login();
}
// Edge case, but can easily happen in the wild. This person is authenticated,
// but not as the person who needs to deal with this request.
if ($a->user['nickname'] != $a->argv[1]) {
notice(t("Incorrect identity currently logged in. Please login to <strong>this</strong> profile.") . EOL);
return login();
}
$dfrn_url = notags(trim(hex2bin($_GET['dfrn_url'])));
$aes_allow = x($_GET, 'aes_allow') && $_GET['aes_allow'] == 1 ? 1 : 0;
$confirm_key = x($_GET, 'confirm_key') ? $_GET['confirm_key'] : "";
// Checking fastlane for validity
if (x($_SESSION, "fastlane") and normalise_link($_SESSION["fastlane"]) == normalise_link($dfrn_url)) {
$_POST["dfrn_url"] = $dfrn_url;
$_POST["confirm_key"] = $confirm_key;
$_POST["localconfirm"] = 1;
$_POST["hidden-contact"] = 0;
$_POST["submit"] = t('Confirm');
dfrn_request_post($a);
killme();
return;
// NOTREACHED
}
$tpl = get_markup_template("dfrn_req_confirm.tpl");
$o = replace_macros($tpl, array('$dfrn_url' => $dfrn_url, '$aes_allow' => $aes_allow ? '<input type="hidden" name="aes_allow" value="1" />' : "", '$hidethem' => t('Hide this contact'), '$hidechecked' => '', '$confirm_key' => $confirm_key, '$welcome' => sprintf(t('Welcome home %s.'), $a->user['username']), '$please' => sprintf(t('Please confirm your introduction/connection request to %s.'), $dfrn_url), '$submit' => t('Confirm'), '$uid' => $_SESSION['uid'], '$nickname' => $a->user['nickname'], 'dfrn_rawurl' => $_GET['dfrn_url']));
return $o;
} elseif (x($_GET, 'confirm_key') && strlen($_GET['confirm_key'])) {
// we are the requestee and it is now safe to send our user their introduction,
// We could just unblock it, but first we have to jump through a few hoops to
// send an email, or even to find out if we need to send an email.
$intro = q("SELECT * FROM `intro` WHERE `hash` = '%s' LIMIT 1", dbesc($_GET['confirm_key']));
if (count($intro)) {
$r = q("SELECT `contact`.*, `user`.* FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`\n\t\t\t\tWHERE `contact`.`id` = %d LIMIT 1", intval($intro[0]['contact-id']));
$auto_confirm = false;
if (count($r)) {
if ($r[0]['page-flags'] != PAGE_NORMAL && $r[0]['page-flags'] != PAGE_PRVGROUP) {
$auto_confirm = true;
}
if (!$auto_confirm) {
notification(array('type' => NOTIFY_INTRO, 'notify_flags' => $r[0]['notify-flags'], 'language' => $r[0]['language'], 'to_name' => $r[0]['username'], 'to_email' => $r[0]['email'], 'uid' => $r[0]['uid'], 'link' => $a->get_baseurl() . '/notifications/intros', 'source_name' => strlen(stripslashes($r[0]['name'])) ? stripslashes($r[0]['name']) : t('[Name Withheld]'), 'source_link' => $r[0]['url'], 'source_photo' => $r[0]['photo'], 'verb' => ACTIVITY_REQ_FRIEND, 'otype' => 'intro'));
}
if ($auto_confirm) {
require_once 'mod/dfrn_confirm.php';
$handsfree = array('uid' => $r[0]['uid'], 'node' => $r[0]['nickname'], 'dfrn_id' => $r[0]['issued-id'], 'intro_id' => $intro[0]['id'], 'duplex' => $r[0]['page-flags'] == PAGE_FREELOVE ? 1 : 0, 'activity' => intval(get_pconfig($r[0]['uid'], 'system', 'post_newfriend')));
dfrn_confirm_post($a, $handsfree);
}
}
if (!$auto_confirm) {
// If we are auto_confirming, this record will have already been nuked
// in dfrn_confirm_post()
$r = q("UPDATE `intro` SET `blocked` = 0 WHERE `hash` = '%s'", dbesc($_GET['confirm_key']));
}
}
killme();
return;
// NOTREACHED
} else {
/**
* Normal web request. Display our user's introduction form.
*/
if (get_config('system', 'block_public') && !local_user() && !remote_user()) {
if (!get_config('system', 'local_block')) {
notice(t('Public access denied.') . EOL);
return;
}
}
/**
* Try to auto-fill the profile address
*/
// At first look if an address was provided
// Otherwise take the local address
if (x($_GET, 'addr') and $_GET['addr'] != "") {
$myaddr = hex2bin($_GET['addr']);
} elseif (x($_GET, 'address') and $_GET['address'] != "") {
$myaddr = $_GET['address'];
} elseif (local_user()) {
if (strlen($a->path)) {
$myaddr = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
} else {
$myaddr = $a->user['nickname'] . '@' . substr(z_root(), strpos(z_root(), '://') + 3);
}
} else {
// last, try a zrl
$myaddr = get_my_url();
}
$target_addr = $a->profile['nickname'] . '@' . substr(z_root(), strpos(z_root(), '://') + 3);
/**
*
* The auto_request form only has the profile address
* because nobody is going to read the comments and
* it doesn't matter if they know you or not.
*
*/
if ($a->profile['page-flags'] == PAGE_NORMAL) {
$tpl = get_markup_template('dfrn_request.tpl');
} else {
$tpl = get_markup_template('auto_request.tpl');
}
$page_desc .= t("Please enter your 'Identity Address' from one of the following supported communications networks:");
// see if we are allowed to have NETWORK_MAIL2 contacts
$mail_disabled = function_exists('imap_open') && !get_config('system', 'imap_disabled') ? 0 : 1;
if (get_config('system', 'dfrn_only')) {
$mail_disabled = 1;
}
if (!$mail_disabled) {
$r = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", intval($a->profile['uid']));
if (!count($r)) {
$mail_disabled = 1;
}
}
// "coming soon" is disabled for now
//$emailnet = (($mail_disabled) ? '' : t("<strike>Connect as an email follower</strike> \x28Coming soon\x29"));
$emailnet = "";
$invite_desc = sprintf(t('If you are not yet a member of the free social web, <a href="%s/siteinfo">follow this link to find a public Friendica site and join us today</a>.'), get_server());
$o .= replace_macros($tpl, array('$header' => t('Friend/Connection Request'), '$desc' => t('Examples: jojo@demo.friendica.com, http://demo.friendica.com/profile/jojo, testuser@identi.ca'), '$pls_answer' => t('Please answer the following:'), '$does_know_you' => array('knowyou', sprintf(t('Does %s know you?'), $a->profile['name']), false, '', array(t('No'), t('Yes'))), '$add_note' => t('Add a personal note:'), '$page_desc' => $page_desc, '$friendica' => t('Friendica'), '$statusnet' => t('StatusNet/Federated Social Web'), '$diaspora' => t('Diaspora'), '$diasnote' => sprintf(t(' - please do not use this form. Instead, enter %s into your Diaspora search bar.'), $target_addr), '$your_address' => t('Your Identity Address:'), '$invite_desc' => $invite_desc, '$emailnet' => $emailnet, '$submit' => t('Submit Request'), '$cancel' => t('Cancel'), '$nickname' => $a->argv[1], '$name' => $a->profile['name'], '$myaddr' => $myaddr));
return $o;
}
return;
// Somebody is fishing.
}