function create_user($arr)
{
// Required: { username, nickname, email } or { openid_url }
$a = get_app();
$result = array('success' => false, 'user' => null, 'password' => '', 'message' => '');
$using_invites = get_config('system', 'invitation_only');
$num_invites = get_config('system', 'number_invites');
$invite_id = x($arr, 'invite_id') ? notags(trim($arr['invite_id'])) : '';
$username = x($arr, 'username') ? notags(trim($arr['username'])) : '';
$nickname = x($arr, 'nickname') ? notags(trim($arr['nickname'])) : '';
$email = x($arr, 'email') ? notags(trim($arr['email'])) : '';
$openid_url = x($arr, 'openid_url') ? notags(trim($arr['openid_url'])) : '';
$photo = x($arr, 'photo') ? notags(trim($arr['photo'])) : '';
$password = x($arr, 'password') ? trim($arr['password']) : '';
$blocked = x($arr, 'blocked') ? intval($arr['blocked']) : 0;
$verified = x($arr, 'verified') ? intval($arr['verified']) : 0;
$publish = x($arr, 'profile_publish_reg') && intval($arr['profile_publish_reg']) ? 1 : 0;
$netpublish = strlen(get_config('system', 'directory_submit_url')) ? $publish : 0;
$tmp_str = $openid_url;
if ($using_invites) {
if (!$invite_id) {
$result['message'] .= t('An invitation is required.') . EOL;
return $result;
}
$r = q("select * from register where `hash` = '%s' limit 1", dbesc($invite_id));
if (!results($r)) {
$result['message'] .= t('Invitation could not be verified.') . EOL;
return $result;
}
}
if (!x($username) || !x($email) || !x($nickname)) {
if ($openid_url) {
if (!validate_url($tmp_str)) {
$result['message'] .= t('Invalid OpenID url') . EOL;
return $result;
}
$_SESSION['register'] = 1;
$_SESSION['openid'] = $openid_url;
require_once 'library/openid.php';
$openid = new LightOpenID();
$openid->identity = $openid_url;
$openid->returnUrl = $a->get_baseurl() . '/openid';
$openid->required = array('namePerson/friendly', 'contact/email', 'namePerson');
$openid->optional = array('namePerson/first', 'media/image/aspect11', 'media/image/default');
try {
$authurl = $openid->authUrl();
} catch (Exception $e) {
$result['message'] .= t("We encountered a problem while logging in with the OpenID you provided. Please check the correct spelling of the ID.") . EOL . EOL . t("The error message was:") . $e->getMessage() . EOL;
return $result;
}
goaway($authurl);
// NOTREACHED
}
notice(t('Please enter the required information.') . EOL);
return;
}
if (!validate_url($tmp_str)) {
$openid_url = '';
}
$err = '';
// collapse multiple spaces in name
$username = preg_replace('/ +/', ' ', $username);
if (mb_strlen($username) > 48) {
$result['message'] .= t('Please use a shorter name.') . EOL;
}
if (mb_strlen($username) < 3) {
$result['message'] .= t('Name too short.') . EOL;
}
// I don't really like having this rule, but it cuts down
// on the number of auto-registrations by Russian spammers
// Using preg_match was completely unreliable, due to mixed UTF-8 regex support
// $no_utf = get_config('system','no_utf');
// $pat = (($no_utf) ? '/^[a-zA-Z]* [a-zA-Z]*$/' : '/^\p{L}* \p{L}*$/u' );
// So now we are just looking for a space in the full name.
$loose_reg = get_config('system', 'no_regfullname');
if (!$loose_reg) {
$username = mb_convert_case($username, MB_CASE_TITLE, 'UTF-8');
if (!strpos($username, ' ')) {
$result['message'] .= t("That doesn't appear to be your full (First Last) name.") . EOL;
}
}
if (!allowed_email($email)) {
$result['message'] .= t('Your email domain is not among those allowed on this site.') . EOL;
}
if (!valid_email($email) || !validate_email($email)) {
$result['message'] .= t('Not a valid email address.') . EOL;
}
// Disallow somebody creating an account using openid that uses the admin email address,
// since openid bypasses email verification. We'll allow it if there is not yet an admin account.
$adminlist = explode(",", str_replace(" ", "", strtolower($a->config['admin_email'])));
//if((x($a->config,'admin_email')) && (strcasecmp($email,$a->config['admin_email']) == 0) && strlen($openid_url)) {
if (x($a->config, 'admin_email') && in_array(strtolower($email), $adminlist) && strlen($openid_url)) {
$r = q("SELECT * FROM `user` WHERE `email` = '%s' LIMIT 1", dbesc($email));
if (count($r)) {
$result['message'] .= t('Cannot use that email.') . EOL;
}
}
$nickname = $arr['nickname'] = strtolower($nickname);
if (!preg_match("/^[a-z][a-z0-9\\-\\_]*\$/", $nickname)) {
$result['message'] .= t('Your "nickname" can only contain "a-z", "0-9", "-", and "_", and must also begin with a letter.') . EOL;
}
$r = q("SELECT `uid` FROM `user`\n \tWHERE `nickname` = '%s' LIMIT 1", dbesc($nickname));
if (count($r)) {
$result['message'] .= t('Nickname is already registered. Please choose another.') . EOL;
}
// Check deleted accounts that had this nickname. Doesn't matter to us,
// but could be a security issue for federated platforms.
$r = q("SELECT * FROM `userd`\n \tWHERE `username` = '%s' LIMIT 1", dbesc($nickname));
if (count($r)) {
$result['message'] .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL;
}
if (strlen($result['message'])) {
return $result;
}
$new_password = strlen($password) ? $password : autoname(6) . mt_rand(100, 9999);
$new_password_encoded = hash('whirlpool', $new_password);
$result['password'] = $new_password;
require_once 'include/crypto.php';
$keys = new_keypair(4096);
if ($keys === false) {
$result['message'] .= t('SERIOUS ERROR: Generation of security keys failed.') . EOL;
return $result;
}
$default_service_class = get_config('system', 'default_service_class');
if (!$default_service_class) {
$default_service_class = '';
}
$prvkey = $keys['prvkey'];
$pubkey = $keys['pubkey'];
/**
*
* Create another keypair for signing/verifying
* salmon protocol messages. We have to use a slightly
* less robust key because this won't be using openssl
* but the phpseclib. Since it is PHP interpreted code
* it is not nearly as efficient, and the larger keys
* will take several minutes each to process.
*
*/
$sres = new_keypair(512);
$sprvkey = $sres['prvkey'];
$spubkey = $sres['pubkey'];
$r = q("INSERT INTO `user` ( `guid`, `username`, `password`, `email`, `openid`, `nickname`,\n\t\t`pubkey`, `prvkey`, `spubkey`, `sprvkey`, `register_date`, `verified`, `blocked`, `timezone`, `service_class`, `default-location` )\n\t\tVALUES ( '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, 'UTC', '%s', '' )", dbesc(generate_user_guid()), dbesc($username), dbesc($new_password_encoded), dbesc($email), dbesc($openid_url), dbesc($nickname), dbesc($pubkey), dbesc($prvkey), dbesc($spubkey), dbesc($sprvkey), dbesc(datetime_convert()), intval($verified), intval($blocked), dbesc($default_service_class));
if ($r) {
$r = q("SELECT * FROM `user`\n\t\t\tWHERE `username` = '%s' AND `password` = '%s' LIMIT 1", dbesc($username), dbesc($new_password_encoded));
if ($r !== false && count($r)) {
$u = $r[0];
$newuid = intval($r[0]['uid']);
}
} else {
$result['message'] .= t('An error occurred during registration. Please try again.') . EOL;
return $result;
}
/**
* if somebody clicked submit twice very quickly, they could end up with two accounts
* due to race condition. Remove this one.
*/
$r = q("SELECT `uid` FROM `user`\n \tWHERE `nickname` = '%s' ", dbesc($nickname));
if (count($r) > 1 && $newuid) {
$result['message'] .= t('Nickname is already registered. Please choose another.') . EOL;
q("DELETE FROM `user` WHERE `uid` = %d", intval($newuid));
return $result;
}
if (x($newuid) !== false) {
$r = q("INSERT INTO `profile` ( `uid`, `profile-name`, `is-default`, `name`, `photo`, `thumb`, `publish`, `net-publish` )\n\t\t\tVALUES ( %d, '%s', %d, '%s', '%s', '%s', %d, %d ) ", intval($newuid), t('default'), 1, dbesc($username), dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"), intval($publish), intval($netpublish));
if ($r === false) {
$result['message'] .= t('An error occurred creating your default profile. Please try again.') . EOL;
// Start fresh next time.
$r = q("DELETE FROM `user` WHERE `uid` = %d", intval($newuid));
return $result;
}
$r = q("INSERT INTO `contact` ( `uid`, `created`, `self`, `name`, `nick`, `photo`, `thumb`, `micro`, `blocked`, `pending`, `url`, `nurl`,\n\t\t\t`request`, `notify`, `poll`, `confirm`, `poco`, `name-date`, `uri-date`, `avatar-date`, `closeness` )\n\t\t\tVALUES ( %d, '%s', 1, '%s', '%s', '%s', '%s', '%s', 0, 0, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', 0 ) ", intval($newuid), datetime_convert(), dbesc($username), dbesc($nickname), dbesc($a->get_baseurl() . "/photo/profile/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/avatar/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/photo/micro/{$newuid}.jpg"), dbesc($a->get_baseurl() . "/profile/{$nickname}"), dbesc(normalise_link($a->get_baseurl() . "/profile/{$nickname}")), dbesc($a->get_baseurl() . "/dfrn_request/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_notify/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_poll/{$nickname}"), dbesc($a->get_baseurl() . "/dfrn_confirm/{$nickname}"), dbesc($a->get_baseurl() . "/poco/{$nickname}"), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()));
// Create a group with no members. This allows somebody to use it
// right away as a default group for new contacts.
require_once 'include/group.php';
group_add($newuid, t('Friends'));
$r = q("SELECT id FROM `group` WHERE uid = %d AND name = '%s'", intval($newuid), dbesc(t('Friends')));
if ($r && count($r)) {
$def_gid = $r[0]['id'];
q("UPDATE user SET def_gid = %d WHERE uid = %d", intval($r[0]['id']), intval($newuid));
}
if (get_config('system', 'newuser_private') && $def_gid) {
q("UPDATE user SET allow_gid = '%s' WHERE uid = %d", dbesc("<" . $def_gid . ">"), intval($newuid));
}
}
// if we have no OpenID photo try to look up an avatar
if (!strlen($photo)) {
$photo = avatar_img($email);
}
// unless there is no avatar-plugin loaded
if (strlen($photo)) {
require_once 'include/Photo.php';
$photo_failure = false;
$filename = basename($photo);
$img_str = fetch_url($photo, true);
// guess mimetype from headers or filename
$type = guess_image_type($photo, true);
$img = new Photo($img_str, $type);
if ($img->is_valid()) {
$img->scaleImageSquare(175);
$hash = photo_new_resource();
$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 4);
if ($r === false) {
$photo_failure = true;
}
$img->scaleImage(80);
$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 5);
if ($r === false) {
$photo_failure = true;
}
$img->scaleImage(48);
$r = $img->store($newuid, 0, $hash, $filename, t('Profile Photos'), 6);
if ($r === false) {
$photo_failure = true;
}
if (!$photo_failure) {
q("UPDATE `photo` SET `profile` = 1 WHERE `resource-id` = '%s' ", dbesc($hash));
}
}
}
call_hooks('register_account', $newuid);
$result['success'] = true;
$result['user'] = $u;
return $result;
}
function hostxrd_init(&$a)
{
header('Access-Control-Allow-Origin: *');
header("Content-type: text/xml");
$pubkey = get_config('system', 'site_pubkey');
if (!$pubkey) {
$res = new_keypair(1024);
set_config('system', 'site_prvkey', $res['prvkey']);
set_config('system', 'site_pubkey', $res['pubkey']);
}
$tpl = file_get_contents('view/xrd_host.tpl');
echo str_replace(array('$zhost', '$zroot', '$domain', '$zot_post', '$bigkey'), array($a->get_hostname(), z_root(), z_path(), z_root() . '/post', salmon_key(get_config('system', 'site_pubkey'))), $tpl);
session_write_close();
exit;
}
/**
* @brief Create a new channel.
*
* Also creates the related xchan, hubloc, profile, and "self" abook records,
* and an empty "Friends" group/collection for the new channel.
*
* @param array $arr assoziative array with:
* * \e string \b name full name of channel
* * \e string \b nickname "email/url-compliant" nickname
* * \e int \b account_id to attach with this channel
* * [other identity fields as desired]
*
* @returns array
* 'success' => boolean true or false
* 'message' => optional error text if success is false
* 'channel' => if successful the created channel array
*/
function create_identity($arr)
{
$a = get_app();
$ret = array('success' => false);
if (!$arr['account_id']) {
$ret['message'] = t('No account identifier');
return $ret;
}
$ret = identity_check_service_class($arr['account_id']);
if (!$ret['success']) {
return $ret;
}
// save this for auto_friending
$total_identities = $ret['total_identities'];
$nick = mb_strtolower(trim($arr['nickname']));
if (!$nick) {
$ret['message'] = t('Nickname is required.');
return $ret;
}
$name = escape_tags($arr['name']);
$pageflags = x($arr, 'pageflags') ? intval($arr['pageflags']) : PAGE_NORMAL;
$system = x($arr, 'system') ? intval($arr['system']) : 0;
$name_error = validate_channelname($arr['name']);
if ($name_error) {
$ret['message'] = $name_error;
return $ret;
}
if ($nick === 'sys' && !$system) {
$ret['message'] = t('Reserved nickname. Please choose another.');
return $ret;
}
if (check_webbie(array($nick)) !== $nick) {
$ret['message'] = t('Nickname has unsupported characters or is already being used on this site.');
return $ret;
}
$guid = zot_new_uid($nick);
$key = new_keypair(4096);
$sig = base64url_encode(rsa_sign($guid, $key['prvkey']));
$hash = make_xchan_hash($guid, $sig);
// Force a few things on the short term until we can provide a theme or app with choice
$publish = 1;
if (array_key_exists('publish', $arr)) {
$publish = intval($arr['publish']);
}
$primary = true;
if (array_key_exists('primary', $arr)) {
$primary = intval($arr['primary']);
}
$role_permissions = null;
$global_perms = get_perms();
if (array_key_exists('permissions_role', $arr) && $arr['permissions_role']) {
$role_permissions = get_role_perms($arr['permissions_role']);
if ($role_permissions) {
foreach ($role_permissions as $p => $v) {
if (strpos($p, 'channel_') !== false) {
$perms_keys .= ', ' . $p;
$perms_vals .= ', ' . intval($v);
}
if ($p === 'directory_publish') {
$publish = intval($v);
}
}
}
} else {
$defperms = site_default_perms();
foreach ($defperms as $p => $v) {
$perms_keys .= ', ' . $global_perms[$p][0];
$perms_vals .= ', ' . intval($v);
}
}
$expire = 0;
$r = q("insert into channel ( channel_account_id, channel_primary, \n\t\tchannel_name, channel_address, channel_guid, channel_guid_sig,\n\t\tchannel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone {$perms_keys} )\n\t\tvalues ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' {$perms_vals} ) ", intval($arr['account_id']), intval($primary), dbesc($name), dbesc($nick), dbesc($guid), dbesc($sig), dbesc($hash), dbesc($key['prvkey']), dbesc($key['pubkey']), intval($pageflags), intval($system), intval($expire), dbesc($a->timezone));
$r = q("select * from channel where channel_account_id = %d \n\t\tand channel_guid = '%s' limit 1", intval($arr['account_id']), dbesc($guid));
if (!$r) {
$ret['message'] = t('Unable to retrieve created identity');
return $ret;
}
$ret['channel'] = $r[0];
if (intval($arr['account_id'])) {
set_default_login_identity($arr['account_id'], $ret['channel']['channel_id'], false);
}
// Create a verified hub location pointing to this site.
$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_primary, \n\t\thubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_network )\n\t\tvalues ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s' )", dbesc($guid), dbesc($sig), dbesc($hash), dbesc($ret['channel']['channel_address'] . '@' . get_app()->get_hostname()), intval($primary), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(), $ret['channel']['channel_prvkey']))), dbesc(get_app()->get_hostname()), dbesc(z_root() . '/post'), dbesc(get_config('system', 'pubkey')), dbesc('zot'));
if (!$r) {
logger('create_identity: Unable to store hub location');
}
$newuid = $ret['channel']['channel_id'];
$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_l, xchan_photo_m, xchan_photo_s, xchan_addr, xchan_url, xchan_follow, xchan_connurl, xchan_name, xchan_network, xchan_photo_date, xchan_name_date, xchan_system ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)", dbesc($hash), dbesc($guid), dbesc($sig), dbesc($key['pubkey']), dbesc($a->get_baseurl() . "/photo/profile/l/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/s/{$newuid}"), dbesc($ret['channel']['channel_address'] . '@' . get_app()->get_hostname()), dbesc(z_root() . '/channel/' . $ret['channel']['channel_address']), dbesc(z_root() . '/follow?f=&url=%s'), dbesc(z_root() . '/poco/' . $ret['channel']['channel_address']), dbesc($ret['channel']['channel_name']), dbesc('zot'), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($system));
// Not checking return value.
// It's ok for this to fail if it's an imported channel, and therefore the hash is a duplicate
$r = q("INSERT INTO profile ( aid, uid, profile_guid, profile_name, is_default, publish, name, photo, thumb)\n\t\tVALUES ( %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s') ", intval($ret['channel']['channel_account_id']), intval($newuid), dbesc(random_string()), t('Default Profile'), 1, $publish, dbesc($ret['channel']['channel_name']), dbesc($a->get_baseurl() . "/photo/profile/l/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}"));
if ($role_permissions) {
$myperms = array_key_exists('perms_auto', $role_permissions) && $role_permissions['perms_auto'] ? intval($role_permissions['perms_accept']) : 0;
} else {
$myperms = PERMS_R_STREAM | PERMS_R_PROFILE | PERMS_R_PHOTOS | PERMS_R_ABOOK | PERMS_W_STREAM | PERMS_W_WALL | PERMS_W_COMMENT | PERMS_W_MAIL | PERMS_W_CHAT | PERMS_R_STORAGE | PERMS_R_PAGES | PERMS_W_LIKE;
}
$r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_self, abook_my_perms )\n\t\tvalues ( %d, %d, '%s', %d, '%s', '%s', %d, %d ) ", intval($ret['channel']['channel_account_id']), intval($newuid), dbesc($hash), intval(0), dbesc(datetime_convert()), dbesc(datetime_convert()), intval(1), intval($myperms));
if (intval($ret['channel']['channel_account_id'])) {
// Save our permissions role so we can perhaps call it up and modify it later.
if ($role_permissions) {
set_pconfig($newuid, 'system', 'permissions_role', $arr['permissions_role']);
if (array_key_exists('online', $role_permissions)) {
set_pconfig($newuid, 'system', 'hide_presence', 1 - intval($role_permissions['online']));
}
if (array_key_exists('perms_auto', $role_permissions)) {
set_pconfig($newuid, 'system', 'autoperms', $role_permissions['perms_auto'] ? $role_permissions['perms_accept'] : 0);
}
}
// Create a group with yourself as a member. This allows somebody to use it
// right away as a default group for new contacts.
require_once 'include/group.php';
group_add($newuid, t('Friends'));
group_add_member($newuid, t('Friends'), $ret['channel']['channel_hash']);
// if our role_permissions indicate that we're using a default collection ACL, add it.
if (is_array($role_permissions) && $role_permissions['default_collection']) {
$r = q("select hash from groups where uid = %d and name = '%s' limit 1", intval($newuid), dbesc(t('Friends')));
if ($r) {
q("update channel set channel_default_group = '%s', channel_allow_gid = '%s' where channel_id = %d", dbesc($r[0]['hash']), dbesc('<' . $r[0]['hash'] . '>'), intval($newuid));
}
}
if (!$system) {
set_pconfig($ret['channel']['channel_id'], 'system', 'photo_path', '%Y-%m');
set_pconfig($ret['channel']['channel_id'], 'system', 'attach_path', '%Y-%m');
}
// auto-follow any of the hub's pre-configured channel choices.
// Only do this if it's the first channel for this account;
// otherwise it could get annoying. Don't make this list too big
// or it will impact registration time.
$accts = get_config('system', 'auto_follow');
if ($accts && !$total_identities) {
require_once 'include/follow.php';
if (!is_array($accts)) {
$accts = array($accts);
}
foreach ($accts as $acct) {
if (trim($acct)) {
new_contact($newuid, trim($acct), $ret['channel'], false);
}
}
}
call_hooks('create_identity', $newuid);
proc_run('php', 'include/directory.php', $ret['channel']['channel_id']);
}
$ret['success'] = true;
return $ret;
}
function create_account($arr)
{
// Required: { email, password }
$result = array('success' => false, 'email' => '', 'password' => '', 'message' => '');
$invite_code = x($arr, 'invite_code') ? notags(trim($arr['invite_code'])) : '';
$email = x($arr, 'email') ? notags(trim($arr['email'])) : '';
$password = x($arr, 'password') ? trim($arr['password']) : '';
$password2 = x($arr, 'password2') ? trim($arr['password2']) : '';
$parent = x($arr, 'parent') ? intval($arr['parent']) : 0;
$flags = x($arr, 'account_flags') ? intval($arr['account_flags']) : ACCOUNT_OK;
$roles = x($arr, 'account_roles') ? intval($arr['account_roles']) : 0;
$expires = x($arr, 'expires') ? intval($arr['expires']) : NULL_DATE;
$default_service_class = get_config('system', 'default_service_class');
if ($default_service_class === false) {
$default_service_class = '';
}
if (!x($email) || !x($password)) {
$result['message'] = t('Please enter the required information.');
return $result;
}
// prevent form hackery
if ($roles & ACCOUNT_ROLE_ADMIN) {
$admin_result = check_account_admin($arr);
if (!$admin_result) {
$roles = 0;
}
}
// allow the admin_email account to be admin, but only if it's the first account.
$c = account_total();
if ($c === 0 && check_account_admin($arr)) {
$roles |= ACCOUNT_ROLE_ADMIN;
}
// Ensure that there is a host keypair.
if (!get_config('system', 'pubkey') && !get_config('system', 'prvkey')) {
$hostkey = new_keypair(4096);
set_config('system', 'pubkey', $hostkey['pubkey']);
set_config('system', 'prvkey', $hostkey['prvkey']);
}
$invite_result = check_account_invite($invite_code);
if ($invite_result['error']) {
$result['message'] = $invite_result['message'];
return $result;
}
$email_result = check_account_email($email);
if ($email_result['error']) {
$result['message'] = $email_result['message'];
return $result;
}
$password_result = check_account_password($password);
if ($password_result['error']) {
$result['message'] = $password_result['message'];
return $result;
}
$salt = random_string(32);
$password_encoded = hash('whirlpool', $salt . $password);
$r = q("INSERT INTO account \n\t\t\t( account_parent, account_salt, account_password, account_email, account_language, \n\t\t\t account_created, account_flags, account_roles, account_expires, account_service_class )\n\t\tVALUES ( %d, '%s', '%s', '%s', '%s', '%s', %d, %d, '%s', '%s' )", intval($parent), dbesc($salt), dbesc($password_encoded), dbesc($email), dbesc(get_best_language()), dbesc(datetime_convert()), dbesc($flags), dbesc($roles), dbesc($expires), dbesc($default_service_class));
if (!$r) {
logger('create_account: DB INSERT failed.');
$result['message'] = t('Failed to store account information.');
return $result;
}
$r = q("select * from account where account_email = '%s' and account_password = '******' limit 1", dbesc($email), dbesc($password_encoded));
if ($r && count($r)) {
$result['account'] = $r[0];
} else {
logger('create_account: could not retrieve newly created account');
}
// Set the parent record to the current record_id if no parent was provided
if (!$parent) {
$r = q("update account set account_parent = %d where account_id = %d", intval($result['account']['account_id']), intval($result['account']['account_id']));
if (!$r) {
logger('create_account: failed to set parent');
}
$result['account']['parent'] = $result['account']['account_id'];
}
$result['success'] = true;
$result['email'] = $email;
$result['password'] = $password;
call_hooks('register_account', $result);
return $result;
}
function notifier_run(&$argv, &$argc)
{
global $a, $db;
if (is_null($a)) {
$a = new App();
}
if (is_null($db)) {
@(include ".htconfig.php");
require_once "include/dba.php";
$db = new dba($db_host, $db_user, $db_pass, $db_data);
unset($db_host, $db_user, $db_pass, $db_data);
}
require_once "include/session.php";
require_once "include/datetime.php";
require_once 'include/items.php';
require_once 'include/bbcode.php';
require_once 'include/email.php';
load_config('config');
load_config('system');
load_hooks();
if ($argc < 3) {
return;
}
$a->set_baseurl(get_config('system', 'url'));
logger('notifier: invoked: ' . print_r($argv, true), LOGGER_DEBUG);
$cmd = $argv[1];
switch ($cmd) {
case 'mail':
default:
$item_id = intval($argv[2]);
if (!$item_id) {
return;
}
break;
}
$expire = false;
$mail = false;
$fsuggest = false;
$relocate = false;
$top_level = false;
$recipients = array();
$url_recipients = array();
$normal_mode = true;
if ($cmd === 'mail') {
$normal_mode = false;
$mail = true;
$message = q("SELECT * FROM `mail` WHERE `id` = %d LIMIT 1", intval($item_id));
if (!count($message)) {
return;
}
$uid = $message[0]['uid'];
$recipients[] = $message[0]['contact-id'];
$item = $message[0];
} elseif ($cmd === 'expire') {
$normal_mode = false;
$expire = true;
$items = q("SELECT * FROM `item` WHERE `uid` = %d AND `wall` = 1\n\t\t\tAND `deleted` = 1 AND `changed` > UTC_TIMESTAMP() - INTERVAL 10 MINUTE", intval($item_id));
$uid = $item_id;
$item_id = 0;
if (!count($items)) {
return;
}
} elseif ($cmd === 'suggest') {
$normal_mode = false;
$fsuggest = true;
$suggest = q("SELECT * FROM `fsuggest` WHERE `id` = %d LIMIT 1", intval($item_id));
if (!count($suggest)) {
return;
}
$uid = $suggest[0]['uid'];
$recipients[] = $suggest[0]['cid'];
$item = $suggest[0];
} elseif ($cmd === 'removeme') {
$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($item_id));
if (!$r) {
return;
}
$user = $r[0];
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `self` = 1 LIMIT 1", intval($item_id));
if (!$r) {
return;
}
$self = $r[0];
$r = q("SELECT * FROM `contact` WHERE `self` = 0 AND `uid` = %d", intval($item_id));
if (!$r) {
return;
}
require_once 'include/Contact.php';
foreach ($r as $contact) {
terminate_friendship($user, $self, $contact);
}
return;
} elseif ($cmd === 'relocate') {
$normal_mode = false;
$relocate = true;
$uid = $item_id;
} else {
// find ancestors
$r = q("SELECT * FROM `item` WHERE `id` = %d and visible = 1 and moderated = 0 LIMIT 1", intval($item_id));
if (!count($r) || !intval($r[0]['parent'])) {
return;
}
$target_item = $r[0];
$parent_id = intval($r[0]['parent']);
$uid = $r[0]['uid'];
$updated = $r[0]['edited'];
// POSSIBLE CLEANUP --> The following seems superfluous. We've already checked for "if (! intval($r[0]['parent']))" a few lines up
if (!$parent_id) {
return;
}
$items = q("SELECT `item`.*, `sign`.`signed_text`,`sign`.`signature`,`sign`.`signer`\n\t\t\tFROM `item` LEFT JOIN `sign` ON `sign`.`iid` = `item`.`id` WHERE `parent` = %d and visible = 1 and moderated = 0 ORDER BY `id` ASC", intval($parent_id));
if (!count($items)) {
return;
}
// avoid race condition with deleting entries
if ($items[0]['deleted']) {
foreach ($items as $item) {
$item['deleted'] = 1;
}
}
if (count($items) == 1 && $items[0]['id'] === $target_item['id'] && $items[0]['uri'] === $items[0]['parent-uri']) {
logger('notifier: top level post');
$top_level = true;
}
}
$r = q("SELECT `contact`.*, `user`.`pubkey` AS `upubkey`, `user`.`prvkey` AS `uprvkey`,\n\t\t`user`.`timezone`, `user`.`nickname`, `user`.`sprvkey`, `user`.`spubkey`,\n\t\t`user`.`page-flags`, `user`.`prvnets`\n\t\tFROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid`\n\t\tWHERE `contact`.`uid` = %d AND `contact`.`self` = 1 LIMIT 1", intval($uid));
if (!count($r)) {
return;
}
$owner = $r[0];
$walltowall = $top_level && $owner['id'] != $items[0]['contact-id'] ? true : false;
$hub = get_config('system', 'huburl');
// If this is a public conversation, notify the feed hub
$public_message = true;
// Do a PuSH
$push_notify = false;
// fill this in with a single salmon slap if applicable
$slap = '';
if (!($mail || $fsuggest || $relocate)) {
require_once 'include/group.php';
$parent = $items[0];
$thr_parent = q("SELECT `network` FROM `item` WHERE `uri` = '%s' AND `uid` = %d", dbesc($target_item["thr-parent"]), intval($target_item["uid"]));
logger('Parent is ' . $parent['network'] . '. Thread parent is ' . $thr_parent[0]['network'], LOGGER_DEBUG);
// This is IMPORTANT!!!!
// We will only send a "notify owner to relay" or followup message if the referenced post
// originated on our system by virtue of having our hostname somewhere
// in the URI, AND it was a comment (not top_level) AND the parent originated elsewhere.
// if $parent['wall'] == 1 we will already have the parent message in our array
// and we will relay the whole lot.
// expire sends an entire group of expire messages and cannot be forwarded.
// However the conversation owner will be a part of the conversation and will
// be notified during this run.
// Other DFRN conversation members will be alerted during polled updates.
// Diaspora members currently are not notified of expirations, and other networks have
// either limited or no ability to process deletions. We should at least fix Diaspora
// by stringing togther an array of retractions and sending them onward.
$localhost = str_replace('www.', '', $a->get_hostname());
if (strpos($localhost, ':')) {
$localhost = substr($localhost, 0, strpos($localhost, ':'));
}
/**
*
* Be VERY CAREFUL if you make any changes to the following several lines. Seemingly innocuous changes
* have been known to cause runaway conditions which affected several servers, along with
* permissions issues.
*
*/
$relay_to_owner = false;
if (!$top_level && $parent['wall'] == 0 && !$expire && stristr($target_item['uri'], $localhost)) {
$relay_to_owner = true;
}
if ($cmd === 'uplink' && intval($parent['forum_mode']) == 1 && !$top_level) {
$relay_to_owner = true;
}
// until the 'origin' flag has been in use for several months
// we will just use it as a fallback test
// later we will be able to use it as the primary test of whether or not to relay.
if (!$target_item['origin']) {
$relay_to_owner = false;
}
if ($parent['origin']) {
$relay_to_owner = false;
}
if ($relay_to_owner) {
logger('notifier: followup ' . $target_item["guid"], LOGGER_DEBUG);
// local followup to remote post
$followup = true;
$public_message = false;
// not public
$conversant_str = dbesc($parent['contact-id']);
$recipients = array($parent['contact-id']);
if (!$target_item['private'] and $target_item['wall'] and strlen($target_item['allow_cid'] . $target_item['allow_gid'] . $target_item['deny_cid'] . $target_item['deny_gid']) == 0) {
$push_notify = true;
}
// We notify Friendica users in the thread when it is an OStatus thread.
// Hopefully this transfers the messages to the other Friendica servers. (Untested)
if ($thr_parent and $thr_parent[0]['network'] == NETWORK_OSTATUS or $parent['network'] == NETWORK_OSTATUS) {
$push_notify = true;
if ($parent["network"] == NETWORK_OSTATUS) {
$r = q("SELECT `author-link` FROM `item` WHERE `parent` = %d AND `author-link` != '%s'", intval($target_item["parent"]), dbesc($owner['url']));
foreach ($r as $parent_item) {
$probed_contact = probe_url($parent_item["author-link"]);
if ($probed_contact["notify"] != "" and $probed_contact["network"] == NETWORK_DFRN) {
logger('Notify Friendica user ' . $probed_contact["url"] . ': ' . $probed_contact["notify"]);
$url_recipients[$probed_contact["notify"]] = $probed_contact["notify"];
}
}
}
if (count($url_recipients)) {
logger("url_recipients " . print_r($url_recipients, true));
}
}
} else {
$followup = false;
logger('Distributing directly ' . $target_item["guid"], LOGGER_DEBUG);
// don't send deletions onward for other people's stuff
if ($target_item['deleted'] && !intval($target_item['wall'])) {
logger('notifier: ignoring delete notification for non-wall item');
return;
}
if (strlen($parent['allow_cid']) || strlen($parent['allow_gid']) || strlen($parent['deny_cid']) || strlen($parent['deny_gid'])) {
$public_message = false;
// private recipients, not public
}
$allow_people = expand_acl($parent['allow_cid']);
$allow_groups = expand_groups(expand_acl($parent['allow_gid']), true);
$deny_people = expand_acl($parent['deny_cid']);
$deny_groups = expand_groups(expand_acl($parent['deny_gid']));
// if our parent is a public forum (forum_mode == 1), uplink to the origional author causing
// a delivery fork. private groups (forum_mode == 2) do not uplink
if (intval($parent['forum_mode']) == 1 && !$top_level && $cmd !== 'uplink') {
proc_run('php', 'include/notifier.php', 'uplink', $item_id);
}
$conversants = array();
foreach ($items as $item) {
$recipients[] = $item['contact-id'];
$conversants[] = $item['contact-id'];
// pull out additional tagged people to notify (if public message)
if ($public_message && strlen($item['inform'])) {
$people = explode(',', $item['inform']);
foreach ($people as $person) {
if (substr($person, 0, 4) === 'cid:') {
$recipients[] = intval(substr($person, 4));
$conversants[] = intval(substr($person, 4));
} else {
$url_recipients[] = substr($person, 4);
}
}
}
}
if (count($url_recipients)) {
logger('notifier: ' . $target_item["guid"] . ' url_recipients ' . print_r($url_recipients, true));
}
$conversants = array_unique($conversants);
$recipients = array_unique(array_merge($recipients, $allow_people, $allow_groups));
$deny = array_unique(array_merge($deny_people, $deny_groups));
$recipients = array_diff($recipients, $deny);
$conversant_str = dbesc(implode(', ', $conversants));
}
// If the thread parent is OStatus then do some magic to distribute the messages.
// We have not only to look at the parent, since it could be a Friendica thread.
if ($thr_parent and $thr_parent[0]['network'] == NETWORK_OSTATUS or $parent['network'] == NETWORK_OSTATUS) {
logger('Some parent is OStatus for ' . $target_item["guid"], LOGGER_DEBUG);
// Send a salmon notification to every person we mentioned in the post
$arr = explode(',', $target_item['tag']);
foreach ($arr as $x) {
//logger('Checking tag '.$x, LOGGER_DEBUG);
$matches = null;
if (preg_match('/@\\[url=([^\\]]*)\\]/', $x, $matches)) {
$probed_contact = probe_url($matches[1]);
if ($probed_contact["notify"] != "") {
logger('Notify mentioned user ' . $probed_contact["url"] . ': ' . $probed_contact["notify"]);
$url_recipients[$probed_contact["notify"]] = $probed_contact["notify"];
}
}
}
// It only makes sense to distribute answers to OStatus messages to Friendica and OStatus - but not Diaspora
$sql_extra = " AND `network` IN ('" . NETWORK_OSTATUS . "', '" . NETWORK_DFRN . "')";
} else {
$sql_extra = "";
}
$r = q("SELECT * FROM `contact` WHERE `id` IN ({$conversant_str}) AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0" . $sql_extra);
if (count($r)) {
$contacts = $r;
}
}
$feed_template = get_markup_template('atom_feed.tpl');
$mail_template = get_markup_template('atom_mail.tpl');
$atom = '';
$slaps = array();
$hubxml = feed_hublinks();
$birthday = feed_birthday($owner['uid'], $owner['timezone']);
if (strlen($birthday)) {
$birthday = '<dfrn:birthday>' . xmlify($birthday) . '</dfrn:birthday>';
}
$atom .= replace_macros($feed_template, array('$version' => xmlify(FRIENDICA_VERSION), '$feed_id' => xmlify($a->get_baseurl() . '/profile/' . $owner['nickname']), '$feed_title' => xmlify($owner['name']), '$feed_updated' => xmlify(datetime_convert('UTC', 'UTC', $updated . '+00:00', ATOM_TIME)), '$hub' => $hubxml, '$salmon' => '', '$name' => xmlify($owner['name']), '$profile_page' => xmlify($owner['url']), '$photo' => xmlify($owner['photo']), '$thumb' => xmlify($owner['thumb']), '$picdate' => xmlify(datetime_convert('UTC', 'UTC', $owner['avatar-date'] . '+00:00', ATOM_TIME)), '$uridate' => xmlify(datetime_convert('UTC', 'UTC', $owner['uri-date'] . '+00:00', ATOM_TIME)), '$namdate' => xmlify(datetime_convert('UTC', 'UTC', $owner['name-date'] . '+00:00', ATOM_TIME)), '$birthday' => $birthday, '$community' => $owner['page-flags'] == PAGE_COMMUNITY ? '<dfrn:community>1</dfrn:community>' : ''));
if ($mail) {
$public_message = false;
// mail is not public
$body = fix_private_photos($item['body'], $owner['uid'], null, $message[0]['contact-id']);
$atom .= replace_macros($mail_template, array('$name' => xmlify($owner['name']), '$profile_page' => xmlify($owner['url']), '$thumb' => xmlify($owner['thumb']), '$item_id' => xmlify($item['uri']), '$subject' => xmlify($item['title']), '$created' => xmlify(datetime_convert('UTC', 'UTC', $item['created'] . '+00:00', ATOM_TIME)), '$content' => xmlify($body), '$parent_id' => xmlify($item['parent-uri'])));
} elseif ($fsuggest) {
$public_message = false;
// suggestions are not public
$sugg_template = get_markup_template('atom_suggest.tpl');
$atom .= replace_macros($sugg_template, array('$name' => xmlify($item['name']), '$url' => xmlify($item['url']), '$photo' => xmlify($item['photo']), '$request' => xmlify($item['request']), '$note' => xmlify($item['note'])));
// We don't need this any more
q("DELETE FROM `fsuggest` WHERE `id` = %d LIMIT 1", intval($item['id']));
} elseif ($relocate) {
$public_message = false;
// suggestions are not public
$sugg_template = get_markup_template('atom_relocate.tpl');
/* get site pubkey. this could be a new installation with no site keys*/
$pubkey = get_config('system', 'site_pubkey');
if (!$pubkey) {
$res = new_keypair(1024);
set_config('system', 'site_prvkey', $res['prvkey']);
set_config('system', 'site_pubkey', $res['pubkey']);
}
$rp = q("SELECT `resource-id` , `scale`, type FROM `photo` \n\t\t\t\t\t\tWHERE `profile` = 1 AND `uid` = %d ORDER BY scale;", $uid);
$photos = array();
$ext = Photo::supportedTypes();
foreach ($rp as $p) {
$photos[$p['scale']] = $a->get_baseurl() . '/photo/' . $p['resource-id'] . '-' . $p['scale'] . '.' . $ext[$p['type']];
}
unset($rp, $ext);
$atom .= replace_macros($sugg_template, array('$name' => xmlify($owner['name']), '$photo' => xmlify($photos[4]), '$thumb' => xmlify($photos[5]), '$micro' => xmlify($photos[6]), '$url' => xmlify($owner['url']), '$request' => xmlify($owner['request']), '$confirm' => xmlify($owner['confirm']), '$notify' => xmlify($owner['notify']), '$poll' => xmlify($owner['poll']), '$sitepubkey' => xmlify(get_config('system', 'site_pubkey'))));
$recipients_relocate = q("SELECT * FROM contact WHERE uid = %d AND self = 0 AND network = '%s'", intval($uid), NETWORK_DFRN);
unset($photos);
} else {
$slap = ostatus_salmon($target_item, $owner);
//$slap = atom_entry($target_item,'html',null,$owner,false);
if ($followup) {
foreach ($items as $item) {
// there is only one item
if (!$item['parent']) {
continue;
}
if ($item['id'] == $item_id) {
logger('notifier: followup: item: ' . print_r($item, true), LOGGER_DATA);
//$slap = atom_entry($item,'html',null,$owner,false);
$atom .= atom_entry($item, 'text', null, $owner, false);
}
}
} else {
foreach ($items as $item) {
if (!$item['parent']) {
continue;
}
// private emails may be in included in public conversations. Filter them.
if ($public_message && $item['private'] == 1) {
continue;
}
$contact = get_item_contact($item, $contacts);
if (!$contact) {
continue;
}
if ($normal_mode) {
// we only need the current item, but include the parent because without it
// older sites without a corresponding dfrn_notify change may do the wrong thing.
if ($item_id == $item['id'] || $item['id'] == $item['parent']) {
$atom .= atom_entry($item, 'text', null, $owner, true);
}
} else {
$atom .= atom_entry($item, 'text', null, $owner, true);
}
if ($top_level && $public_message && $item['author-link'] === $item['owner-link'] && !$expire) {
$slaps[] = ostatus_salmon($item, $owner);
}
//$slaps[] = atom_entry($item,'html',null,$owner,true);
}
}
}
$atom .= '</feed>' . "\r\n";
logger('notifier: ' . $atom, LOGGER_DATA);
logger('notifier: slaps: ' . print_r($slaps, true), LOGGER_DATA);
// If this is a public message and pubmail is set on the parent, include all your email contacts
$mail_disabled = function_exists('imap_open') && !get_config('system', 'imap_disabled') ? 0 : 1;
if (!$mail_disabled) {
if (!strlen($target_item['allow_cid']) && !strlen($target_item['allow_gid']) && !strlen($target_item['deny_cid']) && !strlen($target_item['deny_gid']) && intval($target_item['pubmail'])) {
$r = q("SELECT * FROM `contact` WHERE `uid` = %d AND `network` = '%s'", intval($uid), dbesc(NETWORK_MAIL));
if (count($r)) {
foreach ($r as $rr) {
$recipients[] = $rr['id'];
}
}
}
}
if ($followup) {
$recip_str = $parent['contact-id'];
} else {
$recip_str = implode(', ', $recipients);
}
if ($relocate) {
$r = $recipients_relocate;
} else {
$r = q("SELECT * FROM `contact` WHERE `id` IN ( %s ) AND `blocked` = 0 AND `pending` = 0 ", dbesc($recip_str));
}
require_once 'include/salmon.php';
$interval = get_config('system', 'delivery_interval') === false ? 2 : intval(get_config('system', 'delivery_interval'));
// If we are using the worker we don't need a delivery interval
if (get_config("system", "worker")) {
$interval = false;
}
// delivery loop
if (count($r)) {
foreach ($r as $contact) {
if (!$mail && !$fsuggest && !$followup && !$relocate && !$contact['self']) {
if ($contact['network'] === NETWORK_DIASPORA && $public_message) {
continue;
}
q("insert into deliverq ( `cmd`,`item`,`contact` ) values ('%s', %d, %d )", dbesc($cmd), intval($item_id), intval($contact['id']));
}
}
// This controls the number of deliveries to execute with each separate delivery process.
// By default we'll perform one delivery per process. Assuming a hostile shared hosting
// provider, this provides the greatest chance of deliveries if processes start getting
// killed. We can also space them out with the delivery_interval to also help avoid them
// getting whacked.
// If $deliveries_per_process > 1, we will chain this number of multiple deliveries
// together into a single process. This will reduce the overall number of processes
// spawned for each delivery, but they will run longer.
// When using the workerqueue, we don't need this functionality.
$deliveries_per_process = intval(get_config('system', 'delivery_batch_count'));
if ($deliveries_per_process <= 0 or get_config("system", "worker")) {
$deliveries_per_process = 1;
}
$this_batch = array();
for ($x = 0; $x < count($r); $x++) {
$contact = $r[$x];
if ($contact['self']) {
continue;
}
logger("Deliver " . $target_item["guid"] . " to " . $contact['url'], LOGGER_DEBUG);
// potentially more than one recipient. Start a new process and space them out a bit.
// we will deliver single recipient types of message and email recipients here.
if (!$mail && !$fsuggest && !$relocate && !$followup) {
$this_batch[] = $contact['id'];
if (count($this_batch) == $deliveries_per_process) {
proc_run('php', 'include/delivery.php', $cmd, $item_id, $this_batch);
$this_batch = array();
if ($interval) {
@time_sleep_until(microtime(true) + (double) $interval);
}
}
continue;
}
// be sure to pick up any stragglers
if (count($this_batch)) {
proc_run('php', 'include/delivery.php', $cmd, $item_id, $this_batch);
}
$deliver_status = 0;
logger("main delivery by notifier: followup={$followup} mail={$mail} fsuggest={$fsuggest} relocate={$relocate}");
switch ($contact['network']) {
case NETWORK_DFRN:
// perform local delivery if we are on the same site
$basepath = implode('/', array_slice(explode('/', $contact['url']), 0, 3));
if (link_compare($basepath, $a->get_baseurl())) {
$nickname = basename($contact['url']);
if ($contact['issued-id']) {
$sql_extra = sprintf(" AND `dfrn-id` = '%s' ", dbesc($contact['issued-id']));
} else {
$sql_extra = sprintf(" AND `issued-id` = '%s' ", dbesc($contact['dfrn-id']));
}
$x = q("SELECT\t`contact`.*, `contact`.`uid` AS `importer_uid`,\n\t\t\t\t\t\t\t`contact`.`pubkey` AS `cpubkey`,\n\t\t\t\t\t\t\t`contact`.`prvkey` AS `cprvkey`,\n\t\t\t\t\t\t\t`contact`.`thumb` AS `thumb`,\n\t\t\t\t\t\t\t`contact`.`url` as `url`,\n\t\t\t\t\t\t\t`contact`.`name` as `senderName`,\n\t\t\t\t\t\t\t`user`.*\n\t\t\t\t\t\t\tFROM `contact`\n\t\t\t\t\t\t\tINNER JOIN `user` ON `contact`.`uid` = `user`.`uid`\n\t\t\t\t\t\t\tWHERE `contact`.`blocked` = 0 AND `contact`.`archive` = 0\n\t\t\t\t\t\t\tAND `contact`.`pending` = 0\n\t\t\t\t\t\t\tAND `contact`.`network` = '%s' AND `user`.`nickname` = '%s'\n\t\t\t\t\t\t\t{$sql_extra}\n\t\t\t\t\t\t\tAND `user`.`account_expired` = 0 AND `user`.`account_removed` = 0 LIMIT 1", dbesc(NETWORK_DFRN), dbesc($nickname));
if ($x && count($x)) {
$write_flag = $x[0]['rel'] && $x[0]['rel'] != CONTACT_IS_SHARING ? true : false;
if (($owner['page-flags'] == PAGE_COMMUNITY || $write_flag) && !$x[0]['writable']) {
q("update contact set writable = 1 where id = %d", intval($x[0]['id']));
$x[0]['writable'] = 1;
}
// if contact's ssl policy changed, which we just determined
// is on our own server, update our contact links
$ssl_policy = get_config('system', 'ssl_policy');
fix_contact_ssl_policy($x[0], $ssl_policy);
// If we are setup as a soapbox we aren't accepting top level posts from this person
if ($x[0]['page-flags'] == PAGE_SOAPBOX and $top_level) {
break;
}
require_once 'library/simplepie/simplepie.inc';
logger('mod-delivery: local delivery');
local_delivery($x[0], $atom);
break;
}
}
logger('notifier: dfrndelivery: ' . $contact['name']);
$deliver_status = dfrn_deliver($owner, $contact, $atom);
logger('notifier: dfrn_delivery returns ' . $deliver_status);
if ($deliver_status == -1) {
logger('notifier: delivery failed: queuing message');
// queue message for redelivery
add_to_queue($contact['id'], NETWORK_DFRN, $atom);
}
break;
case NETWORK_OSTATUS:
// Do not send to ostatus if we are not configured to send to public networks
if ($owner['prvnets']) {
break;
}
if (get_config('system', 'ostatus_disabled') || get_config('system', 'dfrn_only')) {
break;
}
if ($followup && $contact['notify']) {
logger('slapdelivery followup item ' . $item_id . ' to ' . $contact['name']);
$deliver_status = slapper($owner, $contact['notify'], $slap);
if ($deliver_status == -1) {
// queue message for redelivery
add_to_queue($contact['id'], NETWORK_OSTATUS, $slap);
}
} else {
// only send salmon if public - e.g. if it's ok to notify
// a public hub, it's ok to send a salmon
if (count($slaps) && $public_message && !$expire) {
logger('slapdelivery item ' . $item_id . ' to ' . $contact['name']);
foreach ($slaps as $slappy) {
if ($contact['notify']) {
$deliver_status = slapper($owner, $contact['notify'], $slappy);
if ($deliver_status == -1) {
// queue message for redelivery
add_to_queue($contact['id'], NETWORK_OSTATUS, $slappy);
}
}
}
}
}
break;
case NETWORK_MAIL:
case NETWORK_MAIL2:
if (get_config('system', 'dfrn_only')) {
break;
}
// WARNING: does not currently convert to RFC2047 header encodings, etc.
$addr = $contact['addr'];
if (!strlen($addr)) {
break;
}
if ($cmd === 'wall-new' || $cmd === 'comment-new') {
$it = null;
if ($cmd === 'wall-new') {
$it = $items[0];
} else {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($argv[2]), intval($uid));
if (count($r)) {
$it = $r[0];
}
}
if (!$it) {
break;
}
$local_user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($uid));
if (!count($local_user)) {
break;
}
$reply_to = '';
$r1 = q("SELECT * FROM `mailacct` WHERE `uid` = %d LIMIT 1", intval($uid));
if ($r1 && $r1[0]['reply_to']) {
$reply_to = $r1[0]['reply_to'];
}
$subject = $it['title'] ? email_header_encode($it['title'], 'UTF-8') : t("(no subject)");
// only expose our real email address to true friends
if ($contact['rel'] == CONTACT_IS_FRIEND && !$contact['blocked']) {
if ($reply_to) {
$headers = 'From: ' . email_header_encode($local_user[0]['username'], 'UTF-8') . ' <' . $reply_to . '>' . "\n";
$headers .= 'Sender: ' . $local_user[0]['email'] . "\n";
} else {
$headers = 'From: ' . email_header_encode($local_user[0]['username'], 'UTF-8') . ' <' . $local_user[0]['email'] . '>' . "\n";
}
} else {
$headers = 'From: ' . email_header_encode($local_user[0]['username'], 'UTF-8') . ' <' . t('noreply') . '@' . $a->get_hostname() . '>' . "\n";
}
//if($reply_to)
// $headers .= 'Reply-to: ' . $reply_to . "\n";
$headers .= 'Message-Id: <' . iri2msgid($it['uri']) . '>' . "\n";
if ($it['uri'] !== $it['parent-uri']) {
$headers .= "References: <" . iri2msgid($it["parent-uri"]) . ">";
// If Threading is enabled, write down the correct parent
if ($it["thr-parent"] != "" and $it["thr-parent"] != $it["parent-uri"]) {
$headers .= " <" . iri2msgid($it["thr-parent"]) . ">";
}
$headers .= "\n";
if (!$it['title']) {
$r = q("SELECT `title` FROM `item` WHERE `uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($it['parent-uri']), intval($uid));
if (count($r) and $r[0]['title'] != '') {
$subject = $r[0]['title'];
} else {
$r = q("SELECT `title` FROM `item` WHERE `parent-uri` = '%s' AND `uid` = %d LIMIT 1", dbesc($it['parent-uri']), intval($uid));
if (count($r) and $r[0]['title'] != '') {
$subject = $r[0]['title'];
}
}
}
if (strncasecmp($subject, 'RE:', 3)) {
$subject = 'Re: ' . $subject;
}
}
email_send($addr, $subject, $headers, $it);
}
break;
case NETWORK_DIASPORA:
if (get_config('system', 'dfrn_only') || !get_config('system', 'diaspora_enabled')) {
break;
}
if ($mail) {
diaspora_send_mail($item, $owner, $contact);
break;
}
if (!$normal_mode) {
break;
}
// special handling for followup to public post
// all other public posts processed as public batches further below
if ($public_message) {
if ($followup) {
diaspora_send_followup($target_item, $owner, $contact, true);
}
break;
}
if (!$contact['pubkey']) {
break;
}
$unsupported_activities = array(ACTIVITY_DISLIKE, ACTIVITY_ATTEND, ACTIVITY_ATTENDNO, ACTIVITY_ATTENDMAYBE);
//don't transmit activities which are not supported by diaspora
foreach ($unsupported_activities as $act) {
if (activity_match($target_item['verb'], $act)) {
break 2;
}
}
if ($target_item['deleted'] && ($target_item['uri'] === $target_item['parent-uri'] || $followup)) {
// send both top-level retractions and relayable retractions for owner to relay
diaspora_send_retraction($target_item, $owner, $contact);
break;
} elseif ($followup) {
// send comments and likes to owner to relay
diaspora_send_followup($target_item, $owner, $contact);
break;
} elseif ($target_item['uri'] !== $target_item['parent-uri']) {
// we are the relay - send comments, likes and relayable_retractions
// (of comments and likes) to our conversants
diaspora_send_relay($target_item, $owner, $contact);
break;
} elseif ($top_level && !$walltowall) {
// currently no workable solution for sending walltowall
diaspora_send_status($target_item, $owner, $contact);
break;
}
break;
case NETWORK_FEED:
case NETWORK_FACEBOOK:
if (get_config('system', 'dfrn_only')) {
break;
}
case NETWORK_PUMPIO:
if (get_config('system', 'dfrn_only')) {
break;
}
default:
break;
}
}
}
// send additional slaps to mentioned remote tags (@foo@example.com)
//if($slap && count($url_recipients) && ($followup || $top_level) && ($public_message || $push_notify) && (! $expire)) {
if ($slap && count($url_recipients) && ($public_message || $push_notify) && !$expire) {
if (!get_config('system', 'dfrn_only')) {
foreach ($url_recipients as $url) {
if ($url) {
logger('notifier: urldelivery: ' . $url);
$deliver_status = slapper($owner, $url, $slap);
// TODO: redeliver/queue these items on failure, though there is no contact record
}
}
}
}
if ($public_message) {
if (!$followup) {
$r0 = diaspora_fetch_relay();
} else {
$r0 = array();
}
$r1 = q("SELECT DISTINCT(`batch`), `id`, `name`,`network` FROM `contact` WHERE `network` = '%s'\n\t\t\tAND `uid` = %d AND `rel` != %d group by `batch` ORDER BY rand() ", dbesc(NETWORK_DIASPORA), intval($owner['uid']), intval(CONTACT_IS_SHARING));
$r2 = q("SELECT `id`, `name`,`network` FROM `contact`\n\t\t\tWHERE `network` in ( '%s', '%s') AND `uid` = %d AND `blocked` = 0 AND `pending` = 0 AND `archive` = 0\n\t\t\tAND `rel` != %d order by rand() ", dbesc(NETWORK_DFRN), dbesc(NETWORK_MAIL2), intval($owner['uid']), intval(CONTACT_IS_SHARING));
$r = array_merge($r2, $r1, $r0);
if (count($r)) {
logger('pubdeliver: ' . print_r($r, true), LOGGER_DEBUG);
// throw everything into the queue in case we get killed
foreach ($r as $rr) {
if (!$mail && !$fsuggest && !$followup) {
q("insert into deliverq ( `cmd`,`item`,`contact` ) values ('%s', %d, %d )", dbesc($cmd), intval($item_id), intval($rr['id']));
}
}
foreach ($r as $rr) {
// except for Diaspora batch jobs
// Don't deliver to folks who have already been delivered to
if ($rr['network'] !== NETWORK_DIASPORA && in_array($rr['id'], $conversants)) {
logger('notifier: already delivered id=' . $rr['id']);
continue;
}
if (!$mail && !$fsuggest && !$followup) {
logger('notifier: delivery agent: ' . $rr['name'] . ' ' . $rr['id']);
proc_run('php', 'include/delivery.php', $cmd, $item_id, $rr['id']);
if ($interval) {
@time_sleep_until(microtime(true) + (double) $interval);
}
}
}
}
$push_notify = true;
}
if ($push_notify and strlen($hub)) {
$hubs = explode(',', $hub);
if (count($hubs)) {
foreach ($hubs as $h) {
$h = trim($h);
if (!strlen($h)) {
continue;
}
if ($h === '[internal]') {
// Set push flag for PuSH subscribers to this topic,
// they will be notified in queue.php
q("UPDATE `push_subscriber` SET `push` = 1 " . "WHERE `nickname` = '%s'", dbesc($owner['nickname']));
logger('Activating internal PuSH for item ' . $item_id, LOGGER_DEBUG);
} else {
$params = 'hub.mode=publish&hub.url=' . urlencode($a->get_baseurl() . '/dfrn_poll/' . $owner['nickname']);
post_url($h, $params);
logger('publish for item ' . $item_id . ' ' . $h . ' ' . $params . ' returned ' . $a->get_curl_code());
}
if (count($hubs) > 1) {
sleep(7);
}
// try and avoid multiple hubs responding at precisely the same time
}
}
// Handling the pubsubhubbub requests
proc_run('php', 'include/pubsubpublish.php');
}
// If the item was deleted, clean up the `sign` table
if ($target_item['deleted']) {
$r = q("DELETE FROM sign where `retract_iid` = %d", intval($target_item['id']));
}
logger('notifier: calling hooks', LOGGER_DEBUG);
if ($normal_mode) {
call_hooks('notifier_normal', $target_item);
}
call_hooks('notifier_end', $target_item);
return;
}
function dfrn_confirm_post(&$a, $handsfree = null)
{
if (is_array($handsfree)) {
/**
* We were called directly from dfrn_request due to automatic friend acceptance.
* Any $_POST parameters we may require are supplied in the $handsfree array.
*
*/
$node = $handsfree['node'];
$a->interactive = false;
// notice() becomes a no-op since nobody is there to see it
} else {
if ($a->argc > 1) {
$node = $a->argv[1];
}
}
/**
*
* Main entry point. Scenario 1. Our user received a friend request notification (perhaps
* from another site) and clicked 'Approve'.
* $POST['source_url'] is not set. If it is, it indicates Scenario 2.
*
* We may also have been called directly from dfrn_request ($handsfree != null) due to
* this being a page type which supports automatic friend acceptance. That is also Scenario 1
* since we are operating on behalf of our registered user to approve a friendship.
*
*/
if (!x($_POST, 'source_url')) {
$uid = is_array($handsfree) ? $handsfree['uid'] : local_user();
if (!$uid) {
notice(t('Permission denied.') . EOL);
return;
}
$user = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", intval($uid));
if (!$user) {
notice(t('Profile not found.') . EOL);
return;
}
// These data elements may come from either the friend request notification form or $handsfree array.
if (is_array($handsfree)) {
logger('Confirm in handsfree mode');
$dfrn_id = $handsfree['dfrn_id'];
$intro_id = $handsfree['intro_id'];
$duplex = $handsfree['duplex'];
$hidden = array_key_exists('hidden', $handsfree) ? intval($handsfree['hidden']) : 0;
$activity = array_key_exists('activity', $handsfree) ? intval($handsfree['activity']) : 0;
} else {
$dfrn_id = x($_POST, 'dfrn_id') ? notags(trim($_POST['dfrn_id'])) : "";
$intro_id = x($_POST, 'intro_id') ? intval($_POST['intro_id']) : 0;
$duplex = x($_POST, 'duplex') ? intval($_POST['duplex']) : 0;
$cid = x($_POST, 'contact_id') ? intval($_POST['contact_id']) : 0;
$hidden = x($_POST, 'hidden') ? intval($_POST['hidden']) : 0;
$activity = x($_POST, 'activity') ? intval($_POST['activity']) : 0;
}
/**
*
* Ensure that dfrn_id has precedence when we go to find the contact record.
* We only want to search based on contact id if there is no dfrn_id,
* e.g. for OStatus network followers.
*
*/
if (strlen($dfrn_id)) {
$cid = 0;
}
logger('Confirming request for dfrn_id (issued) ' . $dfrn_id);
if ($cid) {
logger('Confirming follower with contact_id: ' . $cid);
}
/**
*
* The other person will have been issued an ID when they first requested friendship.
* Locate their record. At this time, their record will have both pending and blocked set to 1.
* There won't be any dfrn_id if this is a network follower, so use the contact_id instead.
*
*/
$r = q("SELECT * FROM `contact` WHERE ( ( `issued-id` != '' AND `issued-id` = '%s' ) OR ( `id` = %d AND `id` != 0 ) ) AND `uid` = %d AND `duplex` = 0 LIMIT 1", dbesc($dfrn_id), intval($cid), intval($uid));
if (!count($r)) {
logger('Contact not found in DB.');
notice(t('Contact not found.') . EOL);
notice(t('This may occasionally happen if contact was requested by both persons and it has already been approved.') . EOL);
return;
}
$contact = $r[0];
$contact_id = $contact['id'];
$relation = $contact['rel'];
$site_pubkey = $contact['site-pubkey'];
$dfrn_confirm = $contact['confirm'];
$aes_allow = $contact['aes_allow'];
$network = strlen($contact['issued-id']) ? NETWORK_DFRN : NETWORK_OSTATUS;
if ($contact['network']) {
$network = $contact['network'];
}
if ($network === NETWORK_DFRN) {
/**
*
* Generate a key pair for all further communications with this person.
* We have a keypair for every contact, and a site key for unknown people.
* This provides a means to carry on relationships with other people if
* any single key is compromised. It is a robust key. We're much more
* worried about key leakage than anybody cracking it.
*
*/
require_once 'include/crypto.php';
$res = new_keypair(4096);
$private_key = $res['prvkey'];
$public_key = $res['pubkey'];
// Save the private key. Send them the public key.
$r = q("UPDATE `contact` SET `prvkey` = '%s' WHERE `id` = %d AND `uid` = %d", dbesc($private_key), intval($contact_id), intval($uid));
$params = array();
/**
*
* Per the DFRN protocol, we will verify both ends by encrypting the dfrn_id with our
* site private key (person on the other end can decrypt it with our site public key).
* Then encrypt our profile URL with the other person's site public key. They can decrypt
* it with their site private key. If the decryption on the other end fails for either
* item, it indicates tampering or key failure on at least one site and we will not be
* able to provide a secure communication pathway.
*
* If other site is willing to accept full encryption, (aes_allow is 1 AND we have php5.3
* or later) then we encrypt the personal public key we send them using AES-256-CBC and a
* random key which is encrypted with their site public key.
*
*/
$src_aes_key = random_string();
$result = '';
openssl_private_encrypt($dfrn_id, $result, $user[0]['prvkey']);
$params['dfrn_id'] = bin2hex($result);
$params['public_key'] = $public_key;
$my_url = $a->get_baseurl() . '/profile/' . $user[0]['nickname'];
openssl_public_encrypt($my_url, $params['source_url'], $site_pubkey);
$params['source_url'] = bin2hex($params['source_url']);
if ($aes_allow && function_exists('openssl_encrypt')) {
openssl_public_encrypt($src_aes_key, $params['aes_key'], $site_pubkey);
$params['aes_key'] = bin2hex($params['aes_key']);
$params['public_key'] = bin2hex(openssl_encrypt($public_key, 'AES-256-CBC', $src_aes_key));
}
$params['dfrn_version'] = DFRN_PROTOCOL_VERSION;
if ($duplex == 1) {
$params['duplex'] = 1;
}
if ($user[0]['page-flags'] == PAGE_COMMUNITY) {
$params['page'] = 1;
}
if ($user[0]['page-flags'] == PAGE_PRVGROUP) {
$params['page'] = 2;
}
logger('Confirm: posting data to ' . $dfrn_confirm . ': ' . print_r($params, true), LOGGER_DATA);
/**
*
* POST all this stuff to the other site.
* Temporarily raise the network timeout to 120 seconds because the default 60
* doesn't always give the other side quite enough time to decrypt everything.
*
*/
$a->config['system']['curl_timeout'] = 120;
$res = post_url($dfrn_confirm, $params);
logger(' Confirm: received data: ' . $res, LOGGER_DATA);
// Now figure out what they responded. Try to be robust if the remote site is
// having difficulty and throwing up errors of some kind.
$leading_junk = substr($res, 0, strpos($res, '<?xml'));
$res = substr($res, strpos($res, '<?xml'));
if (!strlen($res)) {
// No XML at all, this exchange is messed up really bad.
// We shouldn't proceed, because the xml parser might choke,
// and $status is going to be zero, which indicates success.
// We can hardly call this a success.
notice(t('Response from remote site was not understood.') . EOL);
return;
}
if (strlen($leading_junk) && get_config('system', 'debugging')) {
// This might be more common. Mixed error text and some XML.
// If we're configured for debugging, show the text. Proceed in either case.
notice(t('Unexpected response from remote site: ') . EOL . $leading_junk . EOL);
}
if (stristr($res, "<status") === false) {
// wrong xml! stop here!
notice(t('Unexpected response from remote site: ') . EOL . htmlspecialchars($res) . EOL);
return;
}
$xml = parse_xml_string($res);
$status = (int) $xml->status;
$message = unxmlify($xml->message);
// human readable text of what may have gone wrong.
switch ($status) {
case 0:
info(t("Confirmation completed successfully.") . EOL);
if (strlen($message)) {
notice(t('Remote site reported: ') . $message . EOL);
}
break;
case 1:
// birthday paradox - generate new dfrn-id and fall through.
$new_dfrn_id = random_string();
$r = q("UPDATE contact SET `issued-id` = '%s' WHERE `id` = %d AND `uid` = %d", dbesc($new_dfrn_id), intval($contact_id), intval($uid));
case 2:
notice(t("Temporary failure. Please wait and try again.") . EOL);
if (strlen($message)) {
notice(t('Remote site reported: ') . $message . EOL);
}
break;
case 3:
notice(t("Introduction failed or was revoked.") . EOL);
if (strlen($message)) {
notice(t('Remote site reported: ') . $message . EOL);
}
break;
}
if ($status == 0 && $intro_id) {
// Success. Delete the notification.
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d", intval($intro_id), intval($uid));
}
if ($status != 0) {
return;
}
}
/*
*
* We have now established a relationship with the other site.
* Let's make our own personal copy of their profile photo so we don't have
* to always load it from their site.
*
* We will also update the contact record with the nature and scope of the relationship.
*
*/
require_once 'include/Photo.php';
$photos = import_profile_photo($contact['photo'], $uid, $contact_id);
logger('dfrn_confirm: confirm - imported photos');
if ($network === NETWORK_DFRN) {
$new_relation = CONTACT_IS_FOLLOWER;
if ($relation == CONTACT_IS_SHARING || $duplex) {
$new_relation = CONTACT_IS_FRIEND;
}
if ($relation == CONTACT_IS_SHARING && $duplex) {
$duplex = 0;
}
$r = q("UPDATE `contact` SET\n\t\t\t\t`photo` = '%s',\n\t\t\t\t`thumb` = '%s',\n\t\t\t\t`micro` = '%s',\n\t\t\t\t`rel` = %d,\n\t\t\t\t`name-date` = '%s',\n\t\t\t\t`uri-date` = '%s',\n\t\t\t\t`avatar-date` = '%s',\n\t\t\t\t`blocked` = 0,\n\t\t\t\t`pending` = 0,\n\t\t\t\t`duplex` = %d,\n\t\t\t\t`hidden` = %d,\n\t\t\t\t`network` = '%s' WHERE `id` = %d\n\t\t\t", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), intval($new_relation), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($duplex), intval($hidden), dbesc(NETWORK_DFRN), intval($contact_id));
} else {
// $network !== NETWORK_DFRN
$network = $contact['network'] ? $contact['network'] : NETWORK_OSTATUS;
$notify = $contact['notify'] ? $contact['notify'] : '';
$poll = $contact['poll'] ? $contact['poll'] : '';
if (!$contact['notify'] || !$contact['poll']) {
$arr = lrdd($contact['url']);
if (count($arr)) {
foreach ($arr as $link) {
if ($link['@attributes']['rel'] === 'salmon') {
$notify = $link['@attributes']['href'];
}
if ($link['@attributes']['rel'] === NAMESPACE_FEED) {
$poll = $link['@attributes']['href'];
}
}
}
}
$new_relation = $contact['rel'];
$writable = $contact['writable'];
if ($network === NETWORK_DIASPORA) {
if ($duplex) {
$new_relation = CONTACT_IS_FRIEND;
} else {
$new_relation = CONTACT_IS_FOLLOWER;
}
if ($new_relation != CONTACT_IS_FOLLOWER) {
$writable = 1;
}
}
$r = q("DELETE FROM `intro` WHERE `id` = %d AND `uid` = %d", intval($intro_id), intval($uid));
$r = q("UPDATE `contact` SET `photo` = '%s',\n\t\t\t\t`thumb` = '%s',\n\t\t\t\t`micro` = '%s',\n\t\t\t\t`name-date` = '%s',\n\t\t\t\t`uri-date` = '%s',\n\t\t\t\t`avatar-date` = '%s',\n\t\t\t\t`notify` = '%s',\n\t\t\t\t`poll` = '%s',\n\t\t\t\t`blocked` = 0,\n\t\t\t\t`pending` = 0,\n\t\t\t\t`network` = '%s',\n\t\t\t\t`writable` = %d,\n\t\t\t\t`hidden` = %d,\n\t\t\t\t`rel` = %d\n\t\t\t\tWHERE `id` = %d\n\t\t\t", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc($notify), dbesc($poll), dbesc($network), intval($writable), intval($hidden), intval($new_relation), intval($contact_id));
}
if ($r === false) {
notice(t('Unable to set contact photo.') . EOL);
}
// reload contact info
$r = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", intval($contact_id));
if (count($r)) {
$contact = $r[0];
} else {
$contact = null;
}
if (isset($new_relation) && $new_relation == CONTACT_IS_FRIEND) {
if ($contact && $contact['network'] === NETWORK_DIASPORA) {
require_once 'include/diaspora.php';
$ret = diaspora_share($user[0], $r[0]);
logger('mod_follow: diaspora_share returns: ' . $ret);
}
// Send a new friend post if we are allowed to...
$r = q("SELECT `hide-friends` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1", intval($uid));
if (count($r) && $r[0]['hide-friends'] == 0 && $activity && !$hidden) {
require_once 'include/items.php';
$self = q("SELECT * FROM `contact` WHERE `self` = 1 AND `uid` = %d LIMIT 1", intval($uid));
if (count($self)) {
$arr = array();
$arr['uri'] = $arr['parent-uri'] = item_new_uri($a->get_hostname(), $uid);
$arr['uid'] = $uid;
$arr['contact-id'] = $self[0]['id'];
$arr['wall'] = 1;
$arr['type'] = 'wall';
$arr['gravity'] = 0;
$arr['origin'] = 1;
$arr['author-name'] = $arr['owner-name'] = $self[0]['name'];
$arr['author-link'] = $arr['owner-link'] = $self[0]['url'];
$arr['author-avatar'] = $arr['owner-avatar'] = $self[0]['thumb'];
$A = '[url=' . $self[0]['url'] . ']' . $self[0]['name'] . '[/url]';
$APhoto = '[url=' . $self[0]['url'] . ']' . '[img]' . $self[0]['thumb'] . '[/img][/url]';
$B = '[url=' . $contact['url'] . ']' . $contact['name'] . '[/url]';
$BPhoto = '[url=' . $contact['url'] . ']' . '[img]' . $contact['thumb'] . '[/img][/url]';
$arr['verb'] = ACTIVITY_FRIEND;
$arr['object-type'] = ACTIVITY_OBJ_PERSON;
$arr['body'] = sprintf(t('%1$s is now friends with %2$s'), $A, $B) . "\n\n\n" . $BPhoto;
$arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $contact['name'] . '</title>' . '<id>' . $contact['url'] . '/' . $contact['name'] . '</id>';
$arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $contact['url'] . '" />' . "\n");
$arr['object'] .= xmlify('<link rel="photo" type="image/jpeg" href="' . $contact['thumb'] . '" />' . "\n");
$arr['object'] .= '</link></object>' . "\n";
$arr['last-child'] = 1;
$arr['allow_cid'] = $user[0]['allow_cid'];
$arr['allow_gid'] = $user[0]['allow_gid'];
$arr['deny_cid'] = $user[0]['deny_cid'];
$arr['deny_gid'] = $user[0]['deny_gid'];
$i = item_store($arr);
if ($i) {
proc_run('php', "include/notifier.php", "activity", "{$i}");
}
}
}
}
$g = q("select def_gid from user where uid = %d limit 1", intval($uid));
if ($contact && $g && intval($g[0]['def_gid'])) {
require_once 'include/group.php';
group_add_member($uid, '', $contact['id'], $g[0]['def_gid']);
}
// Let's send our user to the contact editor in case they want to
// do anything special with this new friend.
if ($handsfree === null) {
goaway($a->get_baseurl() . '/contacts/' . intval($contact_id));
} else {
return;
}
//NOTREACHED
}
/**
*
*
* End of Scenario 1. [Local confirmation of remote friend request].
*
* Begin Scenario 2. This is the remote response to the above scenario.
* This will take place on the site that originally initiated the friend request.
* In the section above where the confirming party makes a POST and
* retrieves xml status information, they are communicating with the following code.
*
*/
if (x($_POST, 'source_url')) {
// We are processing an external confirmation to an introduction created by our user.
$public_key = x($_POST, 'public_key') ? $_POST['public_key'] : '';
$dfrn_id = x($_POST, 'dfrn_id') ? hex2bin($_POST['dfrn_id']) : '';
$source_url = x($_POST, 'source_url') ? hex2bin($_POST['source_url']) : '';
$aes_key = x($_POST, 'aes_key') ? $_POST['aes_key'] : '';
$duplex = x($_POST, 'duplex') ? intval($_POST['duplex']) : 0;
$page = x($_POST, 'page') ? intval($_POST['page']) : 0;
$version_id = x($_POST, 'dfrn_version') ? (double) $_POST['dfrn_version'] : 2.0;
$forum = $page == 1 ? 1 : 0;
$prv = $page == 2 ? 1 : 0;
logger('dfrn_confirm: requestee contacted: ' . $node);
logger('dfrn_confirm: request: POST=' . print_r($_POST, true), LOGGER_DATA);
// If $aes_key is set, both of these items require unpacking from the hex transport encoding.
if (x($aes_key)) {
$aes_key = hex2bin($aes_key);
$public_key = hex2bin($public_key);
}
// Find our user's account
$r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", dbesc($node));
if (!count($r)) {
$message = sprintf(t('No user record found for \'%s\' '), $node);
xml_status(3, $message);
// failure
// NOTREACHED
}
$my_prvkey = $r[0]['prvkey'];
$local_uid = $r[0]['uid'];
if (!strstr($my_prvkey, 'PRIVATE KEY')) {
$message = t('Our site encryption key is apparently messed up.');
xml_status(3, $message);
}
// verify everything
$decrypted_source_url = "";
openssl_private_decrypt($source_url, $decrypted_source_url, $my_prvkey);
if (!strlen($decrypted_source_url)) {
$message = t('Empty site URL was provided or URL could not be decrypted by us.');
xml_status(3, $message);
// NOTREACHED
}
$ret = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1", dbesc($decrypted_source_url), intval($local_uid));
if (!count($ret)) {
if (strstr($decrypted_source_url, 'http:')) {
$newurl = str_replace('http:', 'https:', $decrypted_source_url);
} else {
$newurl = str_replace('https:', 'http:', $decrypted_source_url);
}
$ret = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1", dbesc($newurl), intval($local_uid));
if (!count($ret)) {
// this is either a bogus confirmation (?) or we deleted the original introduction.
$message = t('Contact record was not found for you on our site.');
xml_status(3, $message);
return;
// NOTREACHED
}
}
$relation = $ret[0]['rel'];
// Decrypt all this stuff we just received
$foreign_pubkey = $ret[0]['site-pubkey'];
$dfrn_record = $ret[0]['id'];
if (!$foreign_pubkey) {
$message = sprintf(t('Site public key not available in contact record for URL %s.'), $newurl);
xml_status(3, $message);
}
$decrypted_dfrn_id = "";
openssl_public_decrypt($dfrn_id, $decrypted_dfrn_id, $foreign_pubkey);
if (strlen($aes_key)) {
$decrypted_aes_key = "";
openssl_private_decrypt($aes_key, $decrypted_aes_key, $my_prvkey);
$dfrn_pubkey = openssl_decrypt($public_key, 'AES-256-CBC', $decrypted_aes_key);
} else {
$dfrn_pubkey = $public_key;
}
$r = q("SELECT * FROM `contact` WHERE `dfrn-id` = '%s' LIMIT 1", dbesc($decrypted_dfrn_id));
if (count($r)) {
$message = t('The ID provided by your system is a duplicate on our system. It should work if you try again.');
xml_status(1, $message);
// Birthday paradox - duplicate dfrn-id
// NOTREACHED
}
$r = q("UPDATE `contact` SET `dfrn-id` = '%s', `pubkey` = '%s' WHERE `id` = %d", dbesc($decrypted_dfrn_id), dbesc($dfrn_pubkey), intval($dfrn_record));
if (!count($r)) {
$message = t('Unable to set your contact credentials on our system.');
xml_status(3, $message);
}
// It's possible that the other person also requested friendship.
// If it is a duplex relationship, ditch the issued-id if one exists.
if ($duplex) {
$r = q("UPDATE `contact` SET `issued-id` = '' WHERE `id` = %d", intval($dfrn_record));
}
// We're good but now we have to scrape the profile photo and send notifications.
$r = q("SELECT `photo` FROM `contact` WHERE `id` = %d LIMIT 1", intval($dfrn_record));
if (count($r)) {
$photo = $r[0]['photo'];
} else {
$photo = $a->get_baseurl() . '/images/person-175.jpg';
}
require_once "include/Photo.php";
$photos = import_profile_photo($photo, $local_uid, $dfrn_record);
logger('dfrn_confirm: request - photos imported');
$new_relation = CONTACT_IS_SHARING;
if ($relation == CONTACT_IS_FOLLOWER || $duplex) {
$new_relation = CONTACT_IS_FRIEND;
}
if ($relation == CONTACT_IS_FOLLOWER && $duplex) {
$duplex = 0;
}
$r = q("UPDATE `contact` SET\n\t\t\t`photo` = '%s',\n\t\t\t`thumb` = '%s',\n\t\t\t`micro` = '%s',\n\t\t\t`rel` = %d,\n\t\t\t`name-date` = '%s',\n\t\t\t`uri-date` = '%s',\n\t\t\t`avatar-date` = '%s',\n\t\t\t`blocked` = 0,\n\t\t\t`pending` = 0,\n\t\t\t`duplex` = %d,\n\t\t\t`forum` = %d,\n\t\t\t`prv` = %d,\n\t\t\t`network` = '%s' WHERE `id` = %d\n\t\t", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), intval($new_relation), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($duplex), intval($forum), intval($prv), dbesc(NETWORK_DFRN), intval($dfrn_record));
if ($r === false) {
// indicates schema is messed up or total db failure
$message = t('Unable to update your contact profile details on our system');
xml_status(3, $message);
}
// Otherwise everything seems to have worked and we are almost done. Yay!
// Send an email notification
logger('dfrn_confirm: request: info updated');
$r = q("SELECT `contact`.*, `user`.* FROM `contact` LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`\n\t\t\tWHERE `contact`.`id` = %d LIMIT 1", intval($dfrn_record));
if (count($r)) {
$combined = $r[0];
}
if (count($r) && $r[0]['notify-flags'] & NOTIFY_CONFIRM) {
$mutual = $new_relation == CONTACT_IS_FRIEND;
notification(array('type' => NOTIFY_CONFIRM, 'notify_flags' => $r[0]['notify-flags'], 'language' => $r[0]['language'], 'to_name' => $r[0]['username'], 'to_email' => $r[0]['email'], 'uid' => $r[0]['uid'], 'link' => $a->get_baseurl() . '/contacts/' . $dfrn_record, 'source_name' => strlen(stripslashes($r[0]['name'])) ? stripslashes($r[0]['name']) : t('[Name Withheld]'), 'source_link' => $r[0]['url'], 'source_photo' => $r[0]['photo'], 'verb' => $mutual ? ACTIVITY_FRIEND : ACTIVITY_FOLLOW, 'otype' => 'intro'));
}
// Send a new friend post if we are allowed to...
if ($page && intval(get_pconfig($local_uid, 'system', 'post_joingroup'))) {
$r = q("SELECT `hide-friends` FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1", intval($local_uid));
if (count($r) && $r[0]['hide-friends'] == 0) {
require_once 'include/items.php';
$self = q("SELECT * FROM `contact` WHERE `self` = 1 AND `uid` = %d LIMIT 1", intval($local_uid));
if (count($self)) {
$arr = array();
$arr['uri'] = $arr['parent-uri'] = item_new_uri($a->get_hostname(), $local_uid);
$arr['uid'] = $local_uid;
$arr['contact-id'] = $self[0]['id'];
$arr['wall'] = 1;
$arr['type'] = 'wall';
$arr['gravity'] = 0;
$arr['origin'] = 1;
$arr['author-name'] = $arr['owner-name'] = $self[0]['name'];
$arr['author-link'] = $arr['owner-link'] = $self[0]['url'];
$arr['author-avatar'] = $arr['owner-avatar'] = $self[0]['thumb'];
$A = '[url=' . $self[0]['url'] . ']' . $self[0]['name'] . '[/url]';
$APhoto = '[url=' . $self[0]['url'] . ']' . '[img]' . $self[0]['thumb'] . '[/img][/url]';
$B = '[url=' . $combined['url'] . ']' . $combined['name'] . '[/url]';
$BPhoto = '[url=' . $combined['url'] . ']' . '[img]' . $combined['thumb'] . '[/img][/url]';
$arr['verb'] = ACTIVITY_JOIN;
$arr['object-type'] = ACTIVITY_OBJ_GROUP;
$arr['body'] = sprintf(t('%1$s has joined %2$s'), $A, $B) . "\n\n\n" . $BPhoto;
$arr['object'] = '<object><type>' . ACTIVITY_OBJ_GROUP . '</type><title>' . $combined['name'] . '</title>' . '<id>' . $combined['url'] . '/' . $combined['name'] . '</id>';
$arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $combined['url'] . '" />' . "\n");
$arr['object'] .= xmlify('<link rel="photo" type="image/jpeg" href="' . $combined['thumb'] . '" />' . "\n");
$arr['object'] .= '</link></object>' . "\n";
$arr['last-child'] = 1;
$arr['allow_cid'] = $user[0]['allow_cid'];
$arr['allow_gid'] = $user[0]['allow_gid'];
$arr['deny_cid'] = $user[0]['deny_cid'];
$arr['deny_gid'] = $user[0]['deny_gid'];
$i = item_store($arr);
if ($i) {
proc_run('php', "include/notifier.php", "activity", "{$i}");
}
}
}
}
xml_status(0);
// Success
return;
// NOTREACHED
////////////////////// End of this scenario ///////////////////////////////////////////////
}
// somebody arrived here by mistake or they are fishing. Send them to the homepage.
goaway(z_root());
// NOTREACHED
}
/**
* @function create_identity($arr)
* Create a new channel
* Also creates the related xchan, hubloc, profile, and "self" abook records, and an
* empty "Friends" group/collection for the new channel
*
* @param array $arr
* 'name' => full name of channel
* 'nickname' => "email/url-compliant" nickname
* 'account_id' => account_id to attach with this channel
* [other identity fields as desired]
*
* @returns array
* 'success' => boolean true or false
* 'message' => optional error text if success is false
* 'channel' => if successful the created channel array
*/
function create_identity($arr)
{
$a = get_app();
$ret = array('success' => false);
if (!$arr['account_id']) {
$ret['message'] = t('No account identifier');
return $ret;
}
$ret = identity_check_service_class($arr['account_id']);
if (!$ret['success']) {
return $ret;
}
$nick = mb_strtolower(trim($arr['nickname']));
if (!$nick) {
$ret['message'] = t('Nickname is required.');
return $ret;
}
$name = escape_tags($arr['name']);
$pageflags = x($arr, 'pageflags') ? intval($arr['pageflags']) : PAGE_NORMAL;
$xchanflags = x($arr, 'xchanflags') ? intval($arr['xchanflags']) : XCHAN_FLAGS_NORMAL;
$name_error = validate_channelname($arr['name']);
if ($name_error) {
$ret['message'] = $name_error;
return $ret;
}
if ($nick === 'sys' && !($pageflags & PAGE_SYSTEM)) {
$ret['message'] = t('Reserved nickname. Please choose another.');
return $ret;
}
if (check_webbie(array($nick)) !== $nick) {
$ret['message'] = t('Nickname has unsupported characters or is already being used on this site.');
return $ret;
}
$guid = zot_new_uid($nick);
$key = new_keypair(4096);
$sig = base64url_encode(rsa_sign($guid, $key['prvkey']));
$hash = make_xchan_hash($guid, $sig);
// Force a few things on the short term until we can provide a theme or app with choice
$publish = 1;
if (array_key_exists('publish', $arr)) {
$publish = intval($arr['publish']);
}
$primary = true;
if (array_key_exists('primary', $arr)) {
$primary = intval($arr['primary']);
}
$perms_sql = '';
$defperms = site_default_perms();
$global_perms = get_perms();
foreach ($defperms as $p => $v) {
$perms_keys .= ', ' . $global_perms[$p][0];
$perms_vals .= ', ' . intval($v);
}
$expire = get_config('system', 'default_expire_days');
$expire = $expire === false ? '0' : $expire;
$r = q("insert into channel ( channel_account_id, channel_primary, \n\t\tchannel_name, channel_address, channel_guid, channel_guid_sig,\n\t\tchannel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_expire_days {$perms_keys} )\n\t\tvalues ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d {$perms_vals} ) ", intval($arr['account_id']), intval($primary), dbesc($name), dbesc($nick), dbesc($guid), dbesc($sig), dbesc($hash), dbesc($key['prvkey']), dbesc($key['pubkey']), intval($pageflags), intval($expire));
$r = q("select * from channel where channel_account_id = %d \n\t\tand channel_guid = '%s' limit 1", intval($arr['account_id']), dbesc($guid));
if (!$r) {
$ret['message'] = t('Unable to retrieve created identity');
return $ret;
}
$ret['channel'] = $r[0];
if (intval($arr['account_id'])) {
set_default_login_identity($arr['account_id'], $ret['channel']['channel_id'], false);
}
// Create a verified hub location pointing to this site.
$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_flags, \n\t\thubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey )\n\t\tvalues ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s' )", dbesc($guid), dbesc($sig), dbesc($hash), dbesc($ret['channel']['channel_address'] . '@' . get_app()->get_hostname()), intval($primary ? HUBLOC_FLAGS_PRIMARY : 0), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(), $ret['channel']['channel_prvkey']))), dbesc(get_app()->get_hostname()), dbesc(z_root() . '/post'), dbesc(get_config('system', 'pubkey')));
if (!$r) {
logger('create_identity: Unable to store hub location');
}
$newuid = $ret['channel']['channel_id'];
$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_l, xchan_photo_m, xchan_photo_s, xchan_addr, xchan_url, xchan_follow, xchan_connurl, xchan_name, xchan_network, xchan_photo_date, xchan_name_date, xchan_flags ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d)", dbesc($hash), dbesc($guid), dbesc($sig), dbesc($key['pubkey']), dbesc($a->get_baseurl() . "/photo/profile/l/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/s/{$newuid}"), dbesc($ret['channel']['channel_address'] . '@' . get_app()->get_hostname()), dbesc(z_root() . '/channel/' . $ret['channel']['channel_address']), dbesc(z_root() . '/follow?f=&url=%s'), dbesc(z_root() . '/poco/' . $ret['channel']['channel_address']), dbesc($ret['channel']['channel_name']), dbesc('zot'), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($xchanflags));
// Not checking return value.
// It's ok for this to fail if it's an imported channel, and therefore the hash is a duplicate
$r = q("INSERT INTO profile ( aid, uid, profile_guid, profile_name, is_default, publish, name, photo, thumb)\n\t\tVALUES ( %d, %d, '%s', '%s', %d, %d, '%s', '%s', '%s') ", intval($ret['channel']['channel_account_id']), intval($newuid), dbesc(random_string()), t('Default Profile'), 1, $publish, dbesc($ret['channel']['channel_name']), dbesc($a->get_baseurl() . "/photo/profile/l/{$newuid}"), dbesc($a->get_baseurl() . "/photo/profile/m/{$newuid}"));
$r = q("insert into abook ( abook_account, abook_channel, abook_xchan, abook_closeness, abook_created, abook_updated, abook_flags )\n\t\tvalues ( %d, %d, '%s', %d, '%s', '%s', %d ) ", intval($ret['channel']['channel_account_id']), intval($newuid), dbesc($hash), intval(0), dbesc(datetime_convert()), dbesc(datetime_convert()), intval(ABOOK_FLAG_SELF));
if (intval($ret['channel']['channel_account_id'])) {
// Create a group with no members. This allows somebody to use it
// right away as a default group for new contacts.
require_once 'include/group.php';
group_add($newuid, t('Friends'));
call_hooks('register_account', $newuid);
proc_run('php', 'include/directory.php', $ret['channel']['channel_id']);
}
$ret['success'] = true;
return $ret;
}
