Esempio n. 1
0
	/**
	* Verify parameters match
	*
	* @var	array
	*
	* @return boolean
	*/
	function verify_pingback_ping(&$pinfo)
	{
		$params = array(
			'string',
			'string',
		);

		require_once(DIR . '/includes/blog_functions_post.php');
		if ($this->build_xmlrpc_array($params, $pinfo))
		{
			// XML-RPC is valid if we are here
			// 1 - Verify that the second URL matches the URL to our blog but don't validate the blogid here
			// 2 - Insert the information into the blog_pinghistory table
			// 3 - Cron script will verify the entries and insert pingbacks
			// This allows us to kill floods for the most part

			if (!empty($this->xmlrpc_array[0]['string']))
			{
				if (preg_match('#^' . preg_quote($this->registry->options['bburl'], '#') . '\/blog(?:_callback)?.php\?b(?:logid)?=(\d+)$#si', trim($this->xmlrpc_array[1]['string']), $matches))
				{
					$blogid = intval($matches[1]);
					$sourcemd5 = md5(trim($this->xmlrpc_array[0]['string']));

					if ($blogid)
					{
						$result = $this->registry->db->query_write("
							INSERT IGNORE INTO " . TABLE_PREFIX . "blog_pinghistory
								(blogid, sourcemd5, sourceurl, dateline)
							VALUES
								($blogid, '$sourcemd5', '" . $this->registry->db->escape_string(trim($this->xmlrpc_array[0]['string'])) . "', " . TIMENOW . ")
						");

						if ($this->registry->db->affected_rows($result))
						{
							$this->build_xml_response('accepted');

							require_once(DIR . '/includes/blog_functions.php');
							if ($bloginfo = fetch_bloginfo($blogid))
							{
								if ($bloginfo['state'] == 'visible')
								{
									cache_permissions($bloginfo, false);
									// verify user has permission to receive pingbacks
									if ($bloginfo['permissions']['vbblog_general_permissions'] & $this->registry->bf_ugp_vbblog_general_permissions['blog_canreceivepingback'])
									{
										$dataman =& datamanager_init('Blog_Trackback', $this->registry, ERRTYPE_ARRAY);
										$dataman->set('blogid', $blogid);
										$dataman->set('url', trim($this->xmlrpc_array[0]['string']));
										$dataman->set('userid', $bloginfo['userid']);
										$dataman->set_info('akismet_key', $bloginfo['akismet_key']);
										$dataman->pre_save();

										if (!empty($dataman->errors))
										{
											write_trackback_log('pingback', 'in', 6, array('GLOBALS' => $GLOBALS['HTTP_RAW_POST_DATA'], 'errors' => $dataman->errors));
										}
										else
										{
											$dataman->save();
											write_trackback_log('pingback', 'in', 0, $GLOBALS['HTTP_RAW_POST_DATA']);
										}
									}
									else
									{
										write_trackback_log('pingback', 'in', 4, $GLOBALS['HTTP_RAW_POST_DATA']);
									}
								}
								else
								{
									write_trackback_log('pingback', 'in', 7, $GLOBALS['HTTP_RAW_POST_DATA']);
								}
							}
							else
							{
								write_trackback_log('pingback', 'in', 5, $GLOBALS['HTTP_RAW_POST_DATA']);
							}

							return true;
						}
						else
						{
							write_trackback_log('pingback', 'in', 3, $GLOBALS['HTTP_RAW_POST_DATA']);
						}
					}
					else
					{
						write_trackback_log('pingback', 'in', 2, $GLOBALS['HTTP_RAW_POST_DATA']);
					}
				}
				else
				{
					write_trackback_log('pingback', 'in', 2, $GLOBALS['HTTP_RAW_POST_DATA']);
				}
			}
			else
			{
				write_trackback_log('pingback', 'in', 1, $GLOBALS['HTTP_RAW_POST_DATA']);
			}
		}
		else
		{
			write_trackback_log('pingback', 'in', 1, $GLOBALS['HTTP_RAW_POST_DATA']);
		}

		$xml_error_struct = $this->build_fault_struct(-32500, $this->faultcodes['-32500']);
		$this->build_xml_response($xml_error_struct, true);

		// $this->build_xmlrpc_array sets build_xml_response() on failure
		return false;
	}
Esempio n. 2
0
/**
* Send a pingback / trackback request
*
* @param	array	Bloginfo
* @param	string	Destination URL
* @param	string	Title of the blog
*
* @return	mixed	error string on failure, true on success or apparent success
*/
function send_ping_notification(&$bloginfo, $desturl, $blogtitle)
{
	global $vbulletin;

	if (!intval($bloginfo['blogid']))
	{
		return false;
	}

	$ourblogurl = $vbulletin->options['bburl'] . '/blog.php?blogid=' . $bloginfo['blogid'];
	$pingback_dest = '';
	$trackback_dest = $desturl;

	require_once(DIR . '/includes/functions_file.php');
	if ($headresult = fetch_head_request($desturl))
	{
		if (!empty($headresult['x-pingback']))
		{
			$pingback_dest = $headresult['x-pingback'];
		}
		else if ($headresult['http-response']['statuscode'] == 200 AND preg_match('#text\/html#si', $headresult['content-type']))
		{
			// Limit to 5KB
			// Consider adding the ability to Kill the transfer on </head>\s+*<body to class_vurl.php
			if ($bodyresult = fetch_body_request($desturl, 5120))
			{
				// search head for <link rel="pingback" href="pingback server">
				if (preg_match('<link rel="pingback" href="([^"]+)" ?/?>', $bodyresult, $matches))
				{
					$pingback_dest = $matches[0];
				}
				else	if (preg_match('#<rdf:Description((?!<\/rdf:RDF>).)*dc:identifier="' . preg_quote($desturl, '#') . '".*<\/rdf:RDF>#siU', $bodyresult))
				{
					if (preg_match('#<rdf:Description(?:(?!<\/rdf:RDF>).)*trackback:ping="([^"]+)".*<\/rdf:RDF>#siU', $bodyresult, $matches))
					{
						$trackback_dest = trim($matches[1]);
					}
				}
			}
		}

		if (!empty($pingback_dest))
		{
			// Client
			require_once(DIR . '/includes/class_xmlrpc.php');
			$xmlrpc = new vB_XMLRPC_Client($vbulletin);
			$xmlrpc->build_xml_call('pingback.ping', $ourblogurl, $desturl);
			if ($pingresult = $xmlrpc->send_xml_call($pingback_dest))
			{
				require_once(DIR . '/includes/class_xmlrpc.php');
				$xmlrpc_server = new vB_XMLRPC_Server($vbulletin);
				$xmlrpc_server->parse_xml($pingresult['body']);
				$xmlrpc_server->parse_xmlrpc();
			}

			// NOT FINSIHED
			write_trackback_log('pingback', 'out', 0, $pingresult, $bloginfo, $desturl);
			// Not always a success but we can't know for sure
			return true;
		}
		else
		{
			// Client
			require_once(DIR . '/includes/class_trackback.php');
			$tb = new vB_Trackback_Client($vbulletin);
			$excerpt = fetch_censored_text(fetch_trimmed_title(strip_bbcode(strip_quotes($bloginfo['pagetext']), false, true), 255));
			if ($result = $tb->send_ping($trackback_dest, $ourblogurl, $bloginfo['title'], $excerpt, $blogtitle))
			{
				require_once(DIR . '/includes/class_xml.php');
				$xml_object = new vB_XML_Parser($result['body']);
				$xml_object->include_first_tag = true;
				if ($xml_object->parse_xml() AND $xml_object->parseddata['response']['error'] === '0')
				{
					write_trackback_log('trackback', 'out', 0, $result, $bloginfo, $desturl);
					return true;
				}
			}

			write_trackback_log('trackback', 'out', 3, $result, $bloginfo, $desturl);
			// Not always a success but we can't know for sure
			return true;
		}
	}

	write_trackback_log('none', 'out', 1, '', $bloginfo, $desturl);

	return false;
}
Esempio n. 3
0
	function send_xml_response()
	{
		require_once(DIR . '/includes/class_xml.php');
		$this->xml_object = new vB_XML_Builder($this->registry);
		$this->xml_object->doc = '';

		$this->xml_object->add_group('response');
		if ($this->sourceurl AND $this->registry->options['vbblog_trackback'])
		{
			$sourcemd5 = md5($this->sourceurl);
			$result = $this->registry->db->query_write("
				INSERT IGNORE INTO " . TABLE_PREFIX . "blog_pinghistory
					(blogid, sourcemd5, sourceurl, dateline)
				VALUES ({$this->blogid}, '$sourcemd5', '" . $this->registry->db->escape_string($this->sourceurl) . "', " . TIMENOW . ")
			");

			require_once(DIR . '/includes/blog_functions_post.php');
			if ($this->registry->db->affected_rows($result))
			{
				require_once(DIR . '/includes/blog_functions.php');
				if ($bloginfo = fetch_bloginfo($this->blogid))
				{
					if ($bloginfo['state'] == 'visible')
					{
						cache_permissions($bloginfo, false);
						if ($bloginfo['permissions']['vbblog_general_permissions'] & $this->registry->bf_ugp_vbblog_general_permissions['blog_canreceivepingback'])
						{
							// verify user has permission to receive trackbacks
							$dataman =& datamanager_init('Blog_Trackback', $this->registry, ERRTYPE_SILENT);
							$dataman->set('blogid', $this->blogid);
							$dataman->set('url', $this->sourceurl);
							$dataman->set('userid', $bloginfo['userid']);
							$dataman->set_info('akismet_key', $bloginfo['akismet_key']);

							if (!empty($dataman->errors))
							{
								write_trackback_log('trackback', 'in', 6, array('GLOBALS' => '', 'errors' => $dataman->errors), $bloginfo, $this->sourceurl);
							}
							else
							{
								$dataman->save();
								write_trackback_log('trackback', 'in', 0, '', $bloginfo, $this->sourceurl);
							}
						}
						else
						{
							write_trackback_log('trackback', 'in', 4, '', $bloginfo, $this->sourceurl);
						}
					}
					else
					{
						write_trackback_log('trackback', 'in', 7, '', $bloginfo, $this->sourceurl);
					}
				}
				else
				{
					write_trackback_log('trackback', 'in', 5, '', array(), $this->sourceurl);
				}

				if (defined('NOSHUTDOWNFUNC'))
				{
					$this->registry->db->close();
				}

				$this->xml_object->add_tag('error', 0);
				$this->xml_object->close_group('response');
				$this->xml_object->send_content_type_header();
				$this->xml_object->send_content_length_header();
				echo $this->xml_object->fetch_xml_tag() . $this->xml_object->output();
				return;
			}
			else
			{
				write_trackback_log('trackback', 'in', 3, '', array(), $this->sourceurl);
			}
		}

		if (defined('NOSHUTDOWNFUNC'))
		{
			$this->registry->db->close();
		}

		$this->xml_object->add_tag('error', 1);
		$this->xml_object->add_tag('message', 'Invalid');
		$this->xml_object->close_group('response');
		$this->xml_object->send_content_type_header();
		$this->xml_object->send_content_length_header();
		echo $this->xml_object->fetch_xml_tag() . $this->xml_object->output();
		return;
	}