/**
* @brief
*
* @param array $x
* @return boolean|string return false or a hash
*/
function import_author_zot($x)
{
$hash = make_xchan_hash($x['guid'], $x['guid_sig']);
$r = q("select hubloc_url from hubloc where hubloc_guid = '%s' and hubloc_guid_sig = '%s' and hubloc_primary = 1 limit 1", dbesc($x['guid']), dbesc($x['guid_sig']));
if ($r) {
logger('import_author_zot: in cache', LOGGER_DEBUG);
return $hash;
}
logger('import_author_zot: entry not in cache - probing: ' . print_r($x, true), LOGGER_DEBUG);
$them = array('hubloc_url' => $x['url'], 'xchan_guid' => $x['guid'], 'xchan_guid_sig' => $x['guid_sig']);
if (zot_refresh($them)) {
return $hash;
}
return false;
}
function zot_reply_refresh($sender, $recipients)
{
$ret = array('success' => false);
// remote channel info (such as permissions or photo or something)
// has been updated. Grab a fresh copy and sync it.
// The difference between refresh and force_refresh is that
// force_refresh unconditionally creates a directory update record,
// even if no changes were detected upon processing.
if ($recipients) {
// This would be a permissions update, typically for one connection
foreach ($recipients as $recip) {
$r = q("select channel.*,xchan.* from channel \n\t\t\t\tleft join xchan on channel_hash = xchan_hash\n\t\t\t\twhere channel_guid = '%s' and channel_guid_sig = '%s' limit 1", dbesc($recip['guid']), dbesc($recip['guid_sig']));
$x = zot_refresh(array('xchan_guid' => $sender['guid'], 'xchan_guid_sig' => $sender['guid_sig'], 'hubloc_url' => $sender['url']), $r[0], $msgtype === 'force_refresh' ? true : false);
}
} else {
// system wide refresh
$x = zot_refresh(array('xchan_guid' => $sender['guid'], 'xchan_guid_sig' => $sender['guid_sig'], 'hubloc_url' => $sender['url']), null, $msgtype === 'force_refresh' ? true : false);
}
$ret['success'] = true;
json_return_and_die($ret);
}
public static function run($argc, $argv)
{
logger('onepoll: start');
if ($argc > 1 && intval($argv[1])) {
$contact_id = intval($argv[1]);
}
if (!$contact_id) {
logger('onepoll: no contact');
return;
}
$d = datetime_convert();
$contacts = q("SELECT abook.*, xchan.*, account.*\n\t\t\tFROM abook LEFT JOIN account on abook_account = account_id left join xchan on xchan_hash = abook_xchan \n\t\t\twhere abook_id = %d\n\t\t\tand abook_pending = 0 and abook_archived = 0 and abook_blocked = 0 and abook_ignored = 0\n\t\t\tAND (( account_flags = %d ) OR ( account_flags = %d )) limit 1", intval($contact_id), intval(ACCOUNT_OK), intval(ACCOUNT_UNVERIFIED));
if (!$contacts) {
logger('onepoll: abook_id not found: ' . $contact_id);
return;
}
$contact = $contacts[0];
$t = $contact['abook_updated'];
$importer_uid = $contact['abook_channel'];
$r = q("SELECT * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1", intval($importer_uid));
if (!$r) {
return;
}
$importer = $r[0];
logger("onepoll: poll: ({$contact['id']}) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
$last_update = $contact['abook_updated'] === $contact['abook_created'] || $contact['abook_updated'] <= NULL_DATE ? datetime_convert('UTC', 'UTC', 'now - 7 days') : datetime_convert('UTC', 'UTC', $contact['abook_updated'] . ' - 2 days');
if ($contact['xchan_network'] === 'rss') {
logger('onepoll: processing feed ' . $contact['xchan_name'], LOGGER_DEBUG);
handle_feed($importer['channel_id'], $contact_id, $contact['xchan_hash']);
q("update abook set abook_connected = '%s' where abook_id = %d", dbesc(datetime_convert()), intval($contact['abook_id']));
return;
}
if ($contact['xchan_network'] !== 'zot') {
return;
}
// update permissions
$x = zot_refresh($contact, $importer);
$responded = false;
$updated = datetime_convert();
$connected = datetime_convert();
if (!$x) {
// mark for death by not updating abook_connected, this is caught in include/poller.php
q("update abook set abook_updated = '%s' where abook_id = %d", dbesc($updated), intval($contact['abook_id']));
} else {
q("update abook set abook_updated = '%s', abook_connected = '%s' where abook_id = %d", dbesc($updated), dbesc($connected), intval($contact['abook_id']));
$responded = true;
}
if (!$responded) {
return;
}
if ($contact['xchan_connurl']) {
$fetch_feed = true;
$x = null;
// They haven't given us permission to see their stream
$can_view_stream = intval(get_abconfig($importer_uid, $contact['abook_xchan'], 'their_perms', 'view_stream'));
if (!$can_view_stream) {
$fetch_feed = false;
}
// we haven't given them permission to send us their stream
$can_send_stream = intval(get_abconfig($importer_uid, $contact['abook_xchan'], 'my_perms', 'send_stream'));
if (!$can_send_stream) {
$fetch_feed = false;
}
if ($fetch_feed) {
$feedurl = str_replace('/poco/', '/zotfeed/', $contact['xchan_connurl']);
$feedurl .= '?f=&mindate=' . urlencode($last_update);
$x = z_fetch_url($feedurl);
logger('feed_update: ' . print_r($x, true), LOGGER_DATA);
}
if ($x && $x['success']) {
$total = 0;
logger('onepoll: feed update ' . $contact['xchan_name'] . ' ' . $feedurl);
$j = json_decode($x['body'], true);
if ($j['success'] && $j['messages']) {
foreach ($j['messages'] as $message) {
$results = process_delivery(array('hash' => $contact['xchan_hash']), get_item_elements($message), array(array('hash' => $importer['xchan_hash'])), false);
logger('onepoll: feed_update: process_delivery: ' . print_r($results, true), LOGGER_DATA);
$total++;
}
logger("onepoll: {$total} messages processed");
}
}
}
// update the poco details for this connection
if ($contact['xchan_connurl']) {
$r = q("SELECT xlink_id from xlink \n\t\t\t\twhere xlink_xchan = '%s' and xlink_updated > %s - INTERVAL %s and xlink_static = 0 limit 1", intval($contact['xchan_hash']), db_utcnow(), db_quoteinterval('1 DAY'));
if (!$r) {
poco_load($contact['xchan_hash'], $contact['xchan_connurl']);
}
}
return;
}
/**
* @function post_post(&$a)
* zot communications and messaging
*
* Sender HTTP posts to this endpoint ($site/post typically) with 'data' parameter set to json zot message packet.
* This packet is optionally encrypted, which we will discover if the json has an 'iv' element.
* $contents => array( 'alg' => 'aes256cbc', 'iv' => initialisation vector, 'key' => decryption key, 'data' => encrypted data);
* $contents->iv and $contents->key are random strings encrypted with this site's RSA public key and then base64url encoded.
* Currently only 'aes256cbc' is used, but this is extensible should that algorithm prove inadequate.
*
* Once decrypted, one will find the normal json_encoded zot message packet.
*
* Defined packet types are: notify, purge, refresh, force_refresh, auth_check, ping, and pickup
*
* Standard packet: (used by notify, purge, refresh, force_refresh, and auth_check)
*
* {
* "type": "notify",
* "sender":{
* "guid":"kgVFf_1...",
* "guid_sig":"PT9-TApzp...",
* "url":"http:\/\/podunk.edu",
* "url_sig":"T8Bp7j5...",
* },
* "recipients": { optional recipient array },
* "callback":"\/post",
* "version":1,
* "secret":"1eaa...",
* "secret_sig": "df89025470fac8..."
* }
*
* Signature fields are all signed with the sender channel private key and base64url encoded.
* Recipients are arrays of guid and guid_sig, which were previously signed with the recipients private
* key and base64url encoded and later obtained via channel discovery. Absence of recipients indicates
* a public message or visible to all potential listeners on this site.
*
* "pickup" packet:
* The pickup packet is sent in response to a notify packet from another site
*
* {
* "type":"pickup",
* "url":"http:\/\/example.com",
* "callback":"http:\/\/example.com\/post",
* "callback_sig":"teE1_fLI...",
* "secret":"1eaa...",
* "secret_sig":"O7nB4_..."
* }
*
* In the pickup packet, the sig fields correspond to the respective data element signed with this site's system
* private key and then base64url encoded.
* The "secret" is the same as the original secret from the notify packet.
*
* If verification is successful, a json structure is returned
* containing a success indicator and an array of type 'pickup'.
* Each pickup element contains the original notify request and a message field whose contents are
* dependent on the message type
*
* This JSON array is AES encapsulated using the site public key of the site that sent the initial zot pickup packet.
* Using the above example, this would be example.com.
*
*
* {
* "success":1,
* "pickup":{
* "notify":{
* "type":"notify",
* "sender":{
* "guid":"kgVFf_...",
* "guid_sig":"PT9-TApz...",
* "url":"http:\/\/z.podunk.edu",
* "url_sig":"T8Bp7j5D..."
* },
* "callback":"\/post",
* "version":1,
* "secret":"1eaa661..."
* },
* "message":{
* "type":"activity",
* "message_id":"*****@*****.**",
* "message_top":"*****@*****.**",
* "message_parent":"*****@*****.**",
* "created":"2012-11-20 04:04:16",
* "edited":"2012-11-20 04:04:16",
* "title":"",
* "body":"Hi Nickordo",
* "app":"",
* "verb":"post",
* "object_type":"",
* "target_type":"",
* "permalink":"",
* "location":"",
* "longlat":"",
* "owner":{
* "name":"Indigo",
* "address":"*****@*****.**",
* "url":"http:\/\/podunk.edu",
* "photo":{
* "mimetype":"image\/jpeg",
* "src":"http:\/\/podunk.edu\/photo\/profile\/m\/5"
* },
* "guid":"kgVFf_...",
* "guid_sig":"PT9-TAp...",
* },
* "author":{
* "name":"Indigo",
* "address":"*****@*****.**",
* "url":"http:\/\/podunk.edu",
* "photo":{
* "mimetype":"image\/jpeg",
* "src":"http:\/\/podunk.edu\/photo\/profile\/m\/5"
* },
* "guid":"kgVFf_...",
* "guid_sig":"PT9-TAp..."
* }
* }
* }
*}
*
* Currently defined message types are 'activity', 'mail', 'profile' and 'channel_sync', which each have
* different content schemas.
*
* Ping packet:
* A ping packet does not require any parameters except the type. It may or may not be encrypted.
*
* {
* "type": "ping"
* }
*
* On receipt of a ping packet a ping response will be returned:
*
* {
* "success" : 1,
* "site" {
* "url":"http:\/\/podunk.edu",
* "url_sig":"T8Bp7j5...",
* "sitekey": "-----BEGIN PUBLIC KEY-----
* MIICIjANBgkqhkiG9w0BAQE..."
* }
* }
*
* The ping packet can be used to verify that a site has not been re-installed, and to
* initiate corrective action if it has. The url_sig is signed with the site private key
* and base64url encoded - and this should verify with the enclosed sitekey. Failure to
* verify indicates the site is corrupt or otherwise unable to communicate using zot.
* This return packet is not otherwise verified, so should be compared with other
* results obtained from this site which were verified prior to taking action. For instance
* if you have one verified result with this signature and key, and other records for this
* url which have different signatures and keys, it indicates that the site was re-installed
* and corrective action may commence (remove or mark invalid any entries with different
* signatures).
* If you have no records which match this url_sig and key - no corrective action should
* be taken as this packet may have been returned by an imposter.
*
*/
function post_post(&$a)
{
$encrypted_packet = false;
$ret = array('success' => false);
$data = json_decode($_REQUEST['data'], true);
/**
* Many message packets will arrive encrypted. The existence of an 'iv' element
* tells us we need to unencapsulate the AES-256-CBC content using the site private key
*/
if (array_key_exists('iv', $data)) {
$encrypted_packet = true;
$data = crypto_unencapsulate($data, get_config('system', 'prvkey'));
logger('mod_zot: decrypt1: ' . $data, LOGGER_DATA);
$data = json_decode($data, true);
}
if (!$data) {
// possible Bleichenbacher's attack, just treat it as a
// message we have no handler for. It should fail a bit
// further along with "no hub". Our public key is public
// knowledge. There's no reason why anybody should get the
// encryption wrong unless they're fishing or hacking. If
// they're developing and made a goof, this can be discovered
// in the logs of the destination site. If they're fishing or
// hacking, the bottom line is we can't verify their hub.
// That's all we're going to tell them.
$data = array('type' => 'bogus');
}
$msgtype = array_key_exists('type', $data) ? $data['type'] : '';
if ($msgtype === 'ping') {
// Useful to get a health check on a remote site.
// This will let us know if any important communication details
// that we may have stored are no longer valid, regardless of xchan details.
logger('POST: got ping send pong now back: ' . z_root(), LOGGER_DEBUG);
$ret['success'] = true;
$ret['site'] = array();
$ret['site']['url'] = z_root();
$ret['site']['url_sig'] = base64url_encode(rsa_sign(z_root(), get_config('system', 'prvkey')));
$ret['site']['sitekey'] = get_config('system', 'pubkey');
json_return_and_die($ret);
}
if ($msgtype === 'pickup') {
/**
* The 'pickup' message arrives with a tracking ID which is associated with a particular outq_hash
* First verify that that the returned signatures verify, then check that we have an outbound queue item
* with the correct hash.
* If everything verifies, find any/all outbound messages in the queue for this hubloc and send them back
*
*/
if (!$data['secret'] || !$data['secret_sig']) {
$ret['message'] = 'no verification signature';
logger('mod_zot: pickup: ' . $ret['message'], LOGGER_DEBUG);
json_return_and_die($ret);
}
$r = q("select distinct hubloc_sitekey from hubloc where hubloc_url = '%s' and hubloc_callback = '%s' and hubloc_sitekey != '' group by hubloc_sitekey ", dbesc($data['url']), dbesc($data['callback']));
if (!$r) {
$ret['message'] = 'site not found';
logger('mod_zot: pickup: ' . $ret['message']);
json_return_and_die($ret);
}
foreach ($r as $hubsite) {
// verify the url_sig
// If the server was re-installed at some point, there could be multiple hubs with the same url and callback.
// Only one will have a valid key.
$forgery = true;
$secret_fail = true;
$sitekey = $hubsite['hubloc_sitekey'];
logger('mod_zot: Checking sitekey: ' . $sitekey, LOGGER_DATA);
if (rsa_verify($data['callback'], base64url_decode($data['callback_sig']), $sitekey)) {
$forgery = false;
}
if (rsa_verify($data['secret'], base64url_decode($data['secret_sig']), $sitekey)) {
$secret_fail = false;
}
if (!$forgery && !$secret_fail) {
break;
}
}
if ($forgery) {
$ret['message'] = 'possible site forgery';
logger('mod_zot: pickup: ' . $ret['message']);
json_return_and_die($ret);
}
if ($secret_fail) {
$ret['message'] = 'secret validation failed';
logger('mod_zot: pickup: ' . $ret['message']);
json_return_and_die($ret);
}
/**
* If we made it to here, the signatures verify, but we still don't know if the tracking ID is valid.
* It wouldn't be an error if the tracking ID isn't found, because we may have sent this particular
* queue item with another pickup (after the tracking ID for the other pickup was verified).
*/
$r = q("select outq_posturl from outq where outq_hash = '%s' and outq_posturl = '%s' limit 1", dbesc($data['secret']), dbesc($data['callback']));
if (!$r) {
$ret['message'] = 'nothing to pick up';
logger('mod_zot: pickup: ' . $ret['message']);
json_return_and_die($ret);
}
/**
* Everything is good if we made it here, so find all messages that are going to this location
* and send them all.
*/
$r = q("select * from outq where outq_posturl = '%s'", dbesc($data['callback']));
if ($r) {
logger('mod_zot: succesful pickup message received from ' . $data['callback'] . ' ' . count($r) . ' message(s) picked up', LOGGER_DEBUG);
$ret['success'] = true;
$ret['pickup'] = array();
foreach ($r as $rr) {
$ret['pickup'][] = array('notify' => json_decode($rr['outq_notify'], true), 'message' => json_decode($rr['outq_msg'], true));
$x = q("delete from outq where outq_hash = '%s' limit 1", dbesc($rr['outq_hash']));
}
}
$encrypted = crypto_encapsulate(json_encode($ret), $sitekey);
json_return_and_die($encrypted);
/** pickup: end */
}
/**
* All other message types require us to verify the sender. This is a generic check, so we
* will do it once here and bail if anything goes wrong.
*/
if (array_key_exists('sender', $data)) {
$sender = $data['sender'];
}
/** Check if the sender is already verified here */
$hub = zot_gethub($sender);
if (!$hub) {
/** Have never seen this guid or this guid coming from this location. Check it and register it. */
// (!!) this will validate the sender
$result = zot_register_hub($sender);
if (!$result['success'] || !($hub = zot_gethub($sender))) {
$ret['message'] = 'Hub not available.';
logger('mod_zot: no hub');
json_return_and_die($ret);
}
}
// Update our DB to show when we last communicated successfully with this hub
// This will allow us to prune dead hubs from using up resources
$r = q("update hubloc set hubloc_connected = '%s' where hubloc_id = %d limit 1", dbesc(datetime_convert()), intval($hub['hubloc_id']));
// a dead hub came back to life - reset any tombstones we might have
if ($hub['hubloc_status'] & HUBLOC_OFFLINE) {
q("update hubloc set hubloc_status = (hubloc_status ^ %d) where hubloc_id = %d limit 1", intval(HUBLOC_OFFLINE), intval($hub['hubloc_id']));
if ($r[0]['hubloc_flags'] & HUBLOC_FLAGS_ORPHANCHECK) {
q("update hubloc set hubloc_flags = (hubloc_flags ^ %d) where hubloc_id = %d limit 1", intval(HUBLOC_FLAGS_ORPHANCHECK), intval($hub['hubloc_id']));
}
q("update xchan set xchan_flags = (xchan_flags ^ %d) where (xchan_flags & %d) and xchan_hash = '%s' limit 1", intval(XCHAN_FLAGS_ORPHAN), intval(XCHAN_FLAGS_ORPHAN), dbesc($hub['hubloc_hash']));
}
/**
* This hub has now been proven to be valid.
* Any hub with the same URL and a different sitekey cannot be valid.
* Get rid of them (mark them deleted). There's a good chance they were re-installs.
*
*/
q("update hubloc set hubloc_flags = ( hubloc_flags | %d ) where hubloc_url = '%s' and hubloc_sitekey != '%s' ", intval(HUBLOC_FLAGS_DELETED), dbesc($hub['hubloc_url']), dbesc($hub['hubloc_sitekey']));
// TODO: check which hub is primary and take action if mismatched
if (array_key_exists('recipients', $data)) {
$recipients = $data['recipients'];
}
if ($msgtype === 'auth_check') {
/**
* Requestor visits /magic/?dest=somewhere on their own site with a browser
* magic redirects them to $destsite/post [with auth args....]
* $destsite sends an auth_check packet to originator site
* The auth_check packet is handled here by the originator's site
* - the browser session is still waiting
* inside $destsite/post for everything to verify
* If everything checks out we'll return a token to $destsite
* and then $destsite will verify the token, authenticate the browser
* session and then redirect to the original destination.
* If authentication fails, the redirection to the original destination
* will still take place but without authentication.
*/
logger('mod_zot: auth_check', LOGGER_DEBUG);
if (!$encrypted_packet) {
logger('mod_zot: auth_check packet was not encrypted.');
$ret['message'] .= 'no packet encryption' . EOL;
json_return_and_die($ret);
}
$arr = $data['sender'];
$sender_hash = make_xchan_hash($arr['guid'], $arr['guid_sig']);
// garbage collect any old unused notifications
q("delete from verify where type = 'auth' and created < UTC_TIMESTAMP() - INTERVAL 10 MINUTE");
$y = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1", dbesc($sender_hash));
// We created a unique hash in mod/magic.php when we invoked remote auth, and stored it in
// the verify table. It is now coming back to us as 'secret' and is signed by a channel at the other end.
// First verify their signature. We will have obtained a zot-info packet from them as part of the sender
// verification.
if (!$y || !rsa_verify($data['secret'], base64url_decode($data['secret_sig']), $y[0]['xchan_pubkey'])) {
logger('mod_zot: auth_check: sender not found or secret_sig invalid.');
$ret['message'] .= 'sender not found or sig invalid ' . print_r($y, true) . EOL;
json_return_and_die($ret);
}
// There should be exactly one recipient, the original auth requestor
$ret['message'] .= 'recipients ' . print_r($recipients, true) . EOL;
if ($data['recipients']) {
$arr = $data['recipients'][0];
$recip_hash = make_xchan_hash($arr['guid'], $arr['guid_sig']);
$c = q("select channel_id, channel_account_id, channel_prvkey from channel where channel_hash = '%s' limit 1", dbesc($recip_hash));
if (!$c) {
logger('mod_zot: auth_check: recipient channel not found.');
$ret['message'] .= 'recipient not found.' . EOL;
json_return_and_die($ret);
}
$confirm = base64url_encode(rsa_sign($data['secret'] . $recip_hash, $c[0]['channel_prvkey']));
// This additionally checks for forged sites since we already stored the expected result in meta
// and we've already verified that this is them via zot_gethub() and that their key signed our token
$z = q("select id from verify where channel = %d and type = 'auth' and token = '%s' and meta = '%s' limit 1", intval($c[0]['channel_id']), dbesc($data['secret']), dbesc($data['sender']['url']));
if (!$z) {
logger('mod_zot: auth_check: verification key not found.');
$ret['message'] .= 'verification key not found' . EOL;
json_return_and_die($ret);
}
$r = q("delete from verify where id = %d limit 1", intval($z[0]['id']));
$u = q("select account_service_class from account where account_id = %d limit 1", intval($c[0]['channel_account_id']));
logger('mod_zot: auth_check: success', LOGGER_DEBUG);
$ret['success'] = true;
$ret['confirm'] = $confirm;
if ($u && $u[0]['account_service_class']) {
$ret['service_class'] = $u[0]['account_service_class'];
}
// Set "do not track" flag if this site or this channel's profile is restricted
if (intval(get_config('system', 'block_public'))) {
$ret['DNT'] = true;
}
if (!perm_is_allowed($c[0]['channel_id'], '', 'view_profile')) {
$ret['DNT'] = true;
}
if (get_pconfig($c[0]['channel_id'], 'system', 'do_not_track')) {
$ret['DNT'] = true;
}
json_return_and_die($ret);
}
json_return_and_die($ret);
}
if ($msgtype === 'purge') {
if ($recipients) {
// basically this means "unfriend"
foreach ($recipients as $recip) {
$r = q("select channel.*,xchan.* from channel \n\t\t\t\t\tleft join xchan on channel_hash = xchan_hash\n\t\t\t\t\twhere channel_guid = '%s' and channel_guid_sig = '%s' limit 1", dbesc($recip['guid']), dbesc($recip['guid_sig']));
if ($r) {
$r = q("select abook_id from abook where uid = %d and abook_xchan = '%s' limit 1", intval($r[0]['channel_id']), dbesc(make_xchan_hash($sender['guid'], $sender['guid_sig'])));
if ($r) {
contact_remove($r[0]['channel_id'], $r[0]['abook_id']);
}
}
}
} else {
// Unfriend everybody - basically this means the channel has committed suicide
$arr = $data['sender'];
$sender_hash = make_xchan_hash($arr['guid'], $arr['guid_sig']);
require_once 'include/Contact.php';
remove_all_xchan_resources($sender_hash);
$ret['success'] = true;
json_return_and_die($ret);
}
}
if ($msgtype === 'refresh' || $msgtype === 'force_refresh') {
// remote channel info (such as permissions or photo or something)
// has been updated. Grab a fresh copy and sync it.
// The difference between refresh and force_refresh is that
// force_refresh unconditionally creates a directory update record,
// even if no changes were detected upon processing.
if ($recipients) {
// This would be a permissions update, typically for one connection
foreach ($recipients as $recip) {
$r = q("select channel.*,xchan.* from channel \n\t\t\t\t\tleft join xchan on channel_hash = xchan_hash\n\t\t\t\t\twhere channel_guid = '%s' and channel_guid_sig = '%s' limit 1", dbesc($recip['guid']), dbesc($recip['guid_sig']));
$x = zot_refresh(array('xchan_guid' => $sender['guid'], 'xchan_guid_sig' => $sender['guid_sig'], 'hubloc_url' => $sender['url']), $r[0], $msgtype === 'force_refresh' ? true : false);
}
} else {
// system wide refresh
$x = zot_refresh(array('xchan_guid' => $sender['guid'], 'xchan_guid_sig' => $sender['guid_sig'], 'hubloc_url' => $sender['url']), null, $msgtype === 'force_refresh' ? true : false);
}
$ret['success'] = true;
json_return_and_die($ret);
}
if ($msgtype === 'notify') {
$async = get_config('system', 'queued_fetch');
if ($async) {
// add to receive queue
// qreceive_add($data);
} else {
$x = zot_fetch($data);
$ret['delivery_report'] = $x;
}
$ret['success'] = true;
json_return_and_die($ret);
}
// catchall
json_return_and_die($ret);
}
function get()
{
$sort_type = 0;
$o = '';
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return login();
}
$channel = \App::get_channel();
$my_perms = get_channel_default_perms(local_channel());
$role = get_pconfig(local_channel(), 'system', 'permissions_role');
if ($role) {
$x = get_role_perms($role);
if ($x['perms_accept']) {
$my_perms = $x['perms_accept'];
}
}
$yes_no = array(t('No'), t('Yes'));
if ($my_perms) {
$o .= "<script>function connectDefaultShare() {\n\t\t\t\$('.abook-edit-me').each(function() {\n\t\t\t\tif(! \$(this).is(':disabled'))\n\t\t\t\t\t\$(this).prop('checked', false);\n\t\t\t});\n\n";
$perms = get_perms();
foreach ($perms as $p => $v) {
if ($my_perms & $v[1]) {
$o .= "\$('#me_id_perms_" . $p . "').prop('checked', true); \n";
}
}
$o .= " }\n</script>\n";
}
if (argc() == 3) {
$contact_id = intval(argv(1));
if (!$contact_id) {
return;
}
$cmd = argv(2);
$orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash\n\t\t\t\tWHERE abook_id = %d AND abook_channel = %d AND abook_self = 0 LIMIT 1", intval($contact_id), intval(local_channel()));
if (!count($orig_record)) {
notice(t('Could not access address book record.') . EOL);
goaway(z_root() . '/connections');
}
if ($cmd === 'update') {
// pull feed and consume it, which should subscribe to the hub.
proc_run('php', "include/poller.php", "{$contact_id}");
goaway(z_root() . '/connedit/' . $contact_id);
}
if ($cmd === 'refresh') {
if ($orig_record[0]['xchan_network'] === 'zot') {
if (!zot_refresh($orig_record[0], \App::get_channel())) {
notice(t('Refresh failed - channel is currently unavailable.'));
}
} else {
// if you are on a different network we'll force a refresh of the connection basic info
proc_run('php', 'include/notifier.php', 'permission_update', $contact_id);
}
goaway(z_root() . '/connedit/' . $contact_id);
}
if ($cmd === 'block') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_BLOCKED)) {
$this->connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway(z_root() . '/connedit/' . $contact_id);
}
if ($cmd === 'ignore') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_IGNORED)) {
$this->connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway(z_root() . '/connedit/' . $contact_id);
}
if ($cmd === 'archive') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_ARCHIVED)) {
$this->connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway(z_root() . '/connedit/' . $contact_id);
}
if ($cmd === 'hide') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_HIDDEN)) {
$this->connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway(z_root() . '/connedit/' . $contact_id);
}
// We'll prevent somebody from unapproving an already approved contact.
// Though maybe somebody will want this eventually (??)
if ($cmd === 'approve') {
if (intval($orig_record[0]['abook_pending'])) {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_PENDING)) {
$this->connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
}
goaway(z_root() . '/connedit/' . $contact_id);
}
if ($cmd === 'drop') {
require_once 'include/Contact.php';
// FIXME
// We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
// The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs
// in the background there could be a race condition preventing this packet from being sent in all cases.
// PLACEHOLDER
contact_remove(local_channel(), $orig_record[0]['abook_id']);
build_sync_packet(0, array('abook' => array(array('abook_xchan' => $orig_record[0]['abook_xchan'], 'entry_deleted' => true))));
info(t('Connection has been removed.') . EOL);
if (x($_SESSION, 'return_url')) {
goaway(z_root() . '/' . $_SESSION['return_url']);
}
goaway(z_root() . '/contacts');
}
}
if (\App::$poi) {
$contact_id = \App::$poi['abook_id'];
$contact = \App::$poi;
$tools = array('view' => array('label' => t('View Profile'), 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf(t('View %s\'s profile'), $contact['xchan_name'])), 'refresh' => array('label' => t('Refresh Permissions'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/refresh', 'sel' => '', 'title' => t('Fetch updated permissions')), 'recent' => array('label' => t('Recent Activity'), 'url' => z_root() . '/network/?f=&cid=' . $contact['abook_id'], 'sel' => '', 'title' => t('View recent posts and comments')), 'block' => array('label' => intval($contact['abook_blocked']) ? t('Unblock') : t('Block'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/block', 'sel' => intval($contact['abook_blocked']) ? 'active' : '', 'title' => t('Block (or Unblock) all communications with this connection'), 'info' => intval($contact['abook_blocked']) ? t('This connection is blocked!') : ''), 'ignore' => array('label' => intval($contact['abook_ignored']) ? t('Unignore') : t('Ignore'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/ignore', 'sel' => intval($contact['abook_ignored']) ? 'active' : '', 'title' => t('Ignore (or Unignore) all inbound communications from this connection'), 'info' => intval($contact['abook_ignored']) ? t('This connection is ignored!') : ''), 'archive' => array('label' => intval($contact['abook_archived']) ? t('Unarchive') : t('Archive'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/archive', 'sel' => intval($contact['abook_archived']) ? 'active' : '', 'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content'), 'info' => intval($contact['abook_archived']) ? t('This connection is archived!') : ''), 'hide' => array('label' => intval($contact['abook_hidden']) ? t('Unhide') : t('Hide'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/hide', 'sel' => intval($contact['abook_hidden']) ? 'active' : '', 'title' => t('Hide or Unhide this connection from your other connections'), 'info' => intval($contact['abook_hidden']) ? t('This connection is hidden!') : ''), 'delete' => array('label' => t('Delete'), 'url' => z_root() . '/connedit/' . $contact['abook_id'] . '/drop', 'sel' => '', 'title' => t('Delete this connection')));
$self = false;
if (intval($contact['abook_self'])) {
$self = true;
}
require_once 'include/contact_selectors.php';
$tpl = get_markup_template("abook_edit.tpl");
if (feature_enabled(local_channel(), 'affinity')) {
$labels = array(t('Me'), t('Family'), t('Friends'), t('Acquaintances'), t('All'));
call_hooks('affinity_labels', $labels);
$label_str = '';
if ($labels) {
foreach ($labels as $l) {
if ($label_str) {
$label_str .= ", '|'";
$label_str .= ", '" . $l . "'";
} else {
$label_str .= "'" . $l . "'";
}
}
}
$slider_tpl = get_markup_template('contact_slider.tpl');
$slide = replace_macros($slider_tpl, array('$min' => 1, '$val' => $contact['abook_closeness'] ? $contact['abook_closeness'] : 99, '$labels' => $label_str));
}
$rating_val = 0;
$rating_text = '';
$xl = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", dbesc($channel['channel_hash']), dbesc($contact['xchan_hash']));
if ($xl) {
$rating_val = intval($xl[0]['xlink_rating']);
$rating_text = $xl[0]['xlink_rating_text'];
}
$poco_rating = get_config('system', 'poco_rating_enable');
// if unset default to enabled
if ($poco_rating === false) {
$poco_rating = true;
}
if ($poco_rating) {
$rating = replace_macros(get_markup_template('rating_slider.tpl'), array('$min' => -10, '$val' => $rating_val));
} else {
$rating = false;
}
$perms = array();
$channel = \App::get_channel();
$global_perms = get_perms();
$existing = get_all_perms(local_channel(), $contact['abook_xchan']);
$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'), array(t('No'), 'Yes'));
$multiprofs = feature_enabled(local_channel(), 'multi_profiles') ? true : false;
if ($slide && !$multiprofs) {
$affinity = t('Set Affinity');
}
if (!$slide && $multiprofs) {
$affinity = t('Set Profile');
}
if ($slide && $multiprofs) {
$affinity = t('Set Affinity & Profile');
}
foreach ($global_perms as $k => $v) {
$thisperm = $contact['abook_my_perms'] & $v[1] ? "1" : '';
$checkinherited = $channel[$v[0]] && $channel[$v[0]] != PERMS_SPECIFIC ? "1" : '';
// For auto permissions (when $self is true) we don't want to look at existing
// permissions because they are enabled for the channel owner
if (!$self && $existing[$k]) {
$thisperm = "1";
}
$perms[] = array('perms_' . $k, $v[3], $contact['abook_their_perms'] & $v[1] ? "1" : "", $thisperm, $v[1], $channel[$v[0]] == PERMS_SPECIFIC ? '' : '1', $v[4], $checkinherited);
}
$locstr = '';
$locs = q("select hubloc_addr as location from hubloc left join site on hubloc_url = site_url where hubloc_hash = '%s'\n\t\t\t\tand hubloc_deleted = 0 and site_dead = 0", dbesc($contact['xchan_hash']));
if ($locs) {
foreach ($locs as $l) {
if (!$l['location']) {
continue;
}
if (strpos($locstr, $l['location']) !== false) {
continue;
}
if (strlen($locstr)) {
$locstr .= ', ';
}
$locstr .= $l['location'];
}
} else {
$locstr = t('none');
}
$o .= replace_macros($tpl, array('$header' => $self ? t('Connection Default Permissions') : sprintf(t('Connection: %s'), $contact['xchan_name']), '$autoperms' => array('autoperms', t('Apply these permissions automatically'), get_pconfig(local_channel(), 'system', 'autoperms') ? 1 : 0, t('Connection requests will be approved without your interaction'), $yes_no), '$addr' => $contact['xchan_addr'], '$addr_text' => t('This connection\'s primary address is'), '$loc_text' => t('Available locations:'), '$locstr' => $locstr, '$notself' => $self ? '' : '1', '$self' => $self ? '1' : '', '$autolbl' => t('The permissions indicated on this page will be applied to all new connections.'), '$tools_label' => t('Connection Tools'), '$tools' => $self ? '' : $tools, '$lbl_slider' => t('Slide to adjust your degree of friendship'), '$lbl_rating' => t('Rating'), '$lbl_rating_label' => t('Slide to adjust your rating'), '$lbl_rating_txt' => t('Optionally explain your rating'), '$connfilter' => feature_enabled(local_channel(), 'connfilter'), '$connfilter_label' => t('Custom Filter'), '$incl' => array('abook_incl', t('Only import posts with this text'), $contact['abook_incl'], t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')), '$excl' => array('abook_excl', t('Do not import posts with this text'), $contact['abook_excl'], t('words one per line or #tags or /patterns/ or lang=xx, leave blank to import all posts')), '$rating_text' => array('rating_text', t('Optionally explain your rating'), $rating_text, ''), '$rating_info' => t('This information is public!'), '$rating' => $rating, '$rating_val' => $rating_val, '$slide' => $slide, '$affinity' => $affinity, '$pending_label' => t('Connection Pending Approval'), '$is_pending' => intval($contact['abook_pending']) ? 1 : '', '$unapproved' => $unapproved, '$inherited' => t('inherited'), '$submit' => t('Submit'), '$lbl_vis2' => sprintf(t('Please choose the profile you would like to display to %s when viewing your profile securely.'), $contact['xchan_name']), '$close' => $contact['abook_closeness'], '$them' => t('Their Settings'), '$me' => t('My Settings'), '$perms' => $perms, '$permlbl' => t('Individual Permissions'), '$permnote' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can <strong>not</strong> change those settings here.'), '$permnote_self' => t('Some permissions may be inherited from your channel\'s <a href="settings"><strong>privacy settings</strong></a>, which have higher priority than individual settings. You can change those settings here but they wont have any impact unless the inherited setting changes.'), '$lastupdtext' => t('Last update:'), '$last_update' => relative_date($contact['abook_connected']), '$profile_select' => contact_profile_assign($contact['abook_profile']), '$multiprofs' => $multiprofs, '$contact_id' => $contact['abook_id'], '$name' => $contact['xchan_name']));
$arr = array('contact' => $contact, 'output' => $o);
call_hooks('contact_edit', $arr);
return $arr['output'];
}
}
function connedit_content(&$a)
{
$sort_type = 0;
$o = '';
// this triggers some javascript to set Full Sharing by default after
// completing a "follow" - which can be changed to something else before
// form submission, but this gives us something useable
if ($_GET['follow'] == 1) {
$o .= '<script>var after_following = 1;</script>';
}
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return login();
}
if (argc() == 3) {
$contact_id = intval(argv(1));
if (!$contact_id) {
return;
}
$cmd = argv(2);
$orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash\n\t\t\tWHERE abook_id = %d AND abook_channel = %d AND NOT ( abook_flags & %d ) LIMIT 1", intval($contact_id), intval(local_user()), intval(ABOOK_FLAG_SELF));
if (!count($orig_record)) {
notice(t('Could not access address book record.') . EOL);
goaway($a->get_baseurl(true) . '/connections');
}
if ($cmd === 'update') {
// pull feed and consume it, which should subscribe to the hub.
proc_run('php', "include/poller.php", "{$contact_id}");
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'refresh') {
if (!zot_refresh($orig_record[0], get_app()->get_channel())) {
notice(t('Refresh failed - channel is currently unavailable.'));
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'block') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_BLOCKED)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_BLOCKED ? t('Channel has been unblocked') : t('Channel has been blocked')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'ignore') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_IGNORED)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_IGNORED ? t('Channel has been unignored') : t('Channel has been ignored')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'archive') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_ARCHIVED)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_ARCHIVED ? t('Channel has been unarchived') : t('Channel has been archived')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'hide') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_HIDDEN)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_HIDDEN ? t('Channel has been unhidden') : t('Channel has been hidden')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
// We'll prevent somebody from unapproving an already approved contact.
// Though maybe somebody will want this eventually (??)
if ($cmd === 'approve') {
if ($orig_record[0]['abook_flags'] & ABOOK_FLAG_PENDING) {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_PENDING)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_PENDING ? t('Channel has been approved') : t('Channel has been unapproved')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'drop') {
require_once 'include/Contact.php';
// FIXME
// We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
// The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs
// in the background there could be a race condition preventing this packet from being sent in all cases.
// PLACEHOLDER
contact_remove(local_user(), $orig_record[0]['abook_id']);
build_sync_packet(0, array('abook' => array('abook_xchan' => $orig_record[0]['abook_xchan'], 'entry_deleted' => true)));
info(t('Connection has been removed.') . EOL);
if (x($_SESSION, 'return_url')) {
goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
}
goaway($a->get_baseurl(true) . '/contacts');
}
}
if ($a->poi) {
$contact_id = $a->poi['abook_id'];
$contact = $a->poi;
$tabs = array(array('label' => t('View Profile'), 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf(t('View %s\'s profile'), $contact['xchan_name'])), array('label' => t('Refresh Permissions'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/refresh', 'sel' => '', 'title' => t('Fetch updated permissions')), array('label' => t('Recent Activity'), 'url' => $a->get_baseurl(true) . '/network/?f=&cid=' . $contact['abook_id'], 'sel' => '', 'title' => t('View recent posts and comments')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_BLOCKED ? t('Unblock') : t('Block'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/block', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_BLOCKED ? 'active' : '', 'title' => t('Block or Unblock this connection')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_IGNORED ? t('Unignore') : t('Ignore'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/ignore', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_IGNORED ? 'active' : '', 'title' => t('Ignore or Unignore this connection')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_ARCHIVED ? t('Unarchive') : t('Archive'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/archive', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_ARCHIVED ? 'active' : '', 'title' => t('Archive or Unarchive this connection')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_HIDDEN ? t('Unhide') : t('Hide'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/hide', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_HIDDEN ? 'active' : '', 'title' => t('Hide or Unhide this connection')), array('label' => t('Delete'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/drop', 'sel' => '', 'title' => t('Delete this connection')));
$self = false;
if (!($contact['abook_flags'] & ABOOK_FLAG_SELF)) {
$tab_tpl = get_markup_template('common_tabs.tpl');
$t = replace_macros($tab_tpl, array('$tabs' => $tabs));
} else {
$self = true;
}
$a->page['htmlhead'] .= replace_macros(get_markup_template('contact_head.tpl'), array('$baseurl' => $a->get_baseurl(true), '$editselect' => $editselect));
require_once 'include/contact_selectors.php';
$tpl = get_markup_template("abook_edit.tpl");
if (feature_enabled(local_user(), 'affinity')) {
$slider_tpl = get_markup_template('contact_slider.tpl');
$slide = replace_macros($slider_tpl, array('$me' => t('Me'), '$val' => $contact['abook_closeness'] ? $contact['abook_closeness'] : 99, '$intimate' => t('Best Friends'), '$friends' => t('Friends'), '$oldfriends' => t('Former Friends'), '$acquaintances' => t('Acquaintances'), '$world' => t('Unknown')));
}
$perms = array();
$channel = $a->get_channel();
$global_perms = get_perms();
$existing = get_all_perms(local_user(), $contact['abook_xchan']);
$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'));
foreach ($global_perms as $k => $v) {
$thisperm = $contact['abook_my_perms'] & $v[1] ? "1" : '';
// For auto permissions (when $self is true) we don't want to look at existing
// permissions because they are enabled for the channel owner
if (!$self && $existing[$k]) {
$thisperm = "1";
}
$perms[] = array('perms_' . $k, $v[3], $contact['abook_their_perms'] & $v[1] ? "1" : "", $thisperm, $v[1], $channel[$v[0]] == PERMS_SPECIFIC ? '' : '1', $v[4]);
}
$o .= replace_macros($tpl, array('$header' => $self ? t('Automatic Permissions Settings') : sprintf(t('Connections: settings for %s'), $contact['xchan_name']), '$addr' => $contact['xchan_addr'], '$notself' => $self ? '' : '1', '$self' => $self ? '1' : '', '$autolbl' => t('When receiving a channel introduction, any permissions provided here will be applied to the new connection automatically and the introduction approved. Leave this page if you do not wish to use this feature.'), '$viewprof' => t('View Profile'), '$lbl_slider' => t('Slide to adjust your degree of friendship'), '$slide' => $slide, '$tabs' => $t, '$tab_str' => $tab_str, '$is_pending' => $contact['abook_flags'] & ABOOK_FLAG_PENDING ? 1 : '', '$unapproved' => $unapproved, '$inherited' => t('inherited'), '$approve' => t('Approve this connection'), '$noperms' => !$self && !$contact['abook_my_perms'] ? t('Connection has no individual permissions!') : '', '$noperm_desc' => !$self && !$contact['abook_my_perms'] ? t('This may be appropriate based on your <a href="settings">privacy settings</a>, though you may wish to review the "Advanced Permissions".') : '', '$submit' => t('Submit'), '$lbl_vis1' => t('Profile Visibility'), '$lbl_vis2' => sprintf(t('Please choose the profile you would like to display to %s when viewing your profile securely.'), $contact['xchan_name']), '$lbl_info1' => t('Contact Information / Notes'), '$infedit' => t('Edit contact notes'), '$close' => $contact['abook_closeness'], '$them' => t('Their Settings'), '$me' => t('My Settings'), '$perms' => $perms, '$clear' => t('Clear/Disable Automatic Permissions'), '$forum' => t('Forum Members'), '$soapbox' => t('Soapbox'), '$full' => t('Full Sharing (typical social network permissions)'), '$cautious' => t('Cautious Sharing '), '$follow' => t('Follow Only'), '$permlbl' => t('Individual Permissions'), '$permnote' => t('Some permissions may be inherited from your channel <a href="settings">privacy settings</a>, which have higher priority than individual settings. Changing those inherited settings on this page will have no effect.'), '$advanced' => t('Advanced Permissions'), '$quick' => t('Simple Permissions (select one and submit)'), '$common_link' => $a->get_baseurl(true) . '/common/loc/' . local_user() . '/' . $contact['id'], '$all_friends' => $all_friends, '$relation_text' => $relation_text, '$visit' => sprintf(t('Visit %s\'s profile - %s'), $contact['xchan_name'], $contact['xchan_url']), '$blockunblock' => t('Block/Unblock contact'), '$ignorecont' => t('Ignore contact'), '$lblcrepair' => t("Repair URL settings"), '$lblrecent' => t('View conversations'), '$lblsuggest' => $lblsuggest, '$delete' => t('Delete contact'), '$poll_interval' => contact_poll_interval($contact['priority'], !$poll_enabled), '$poll_enabled' => $poll_enabled, '$lastupdtext' => t('Last update:'), '$lost_contact' => $lost_contact, '$updpub' => t('Update public posts'), '$last_update' => relative_date($contact['abook_connected']), '$udnow' => t('Update now'), '$profile_select' => contact_profile_assign($contact['abook_profile']), '$multiprofs' => feature_enabled(local_user(), 'multi_profiles'), '$contact_id' => $contact['abook_id'], '$block_text' => $contact['blocked'] ? t('Unblock') : t('Block'), '$ignore_text' => $contact['readonly'] ? t('Unignore') : t('Ignore'), '$blocked' => $contact['blocked'] ? t('Currently blocked') : '', '$ignored' => $contact['readonly'] ? t('Currently ignored') : '', '$archived' => $contact['archive'] ? t('Currently archived') : '', '$pending' => $contact['archive'] ? t('Currently pending') : '', '$hidden' => array('hidden', t('Hide this contact from others'), $contact['hidden'] == 1, t('Replies/likes to your public posts <strong>may</strong> still be visible')), '$photo' => $contact['photo'], '$name' => $contact['name'], '$dir_icon' => $dir_icon, '$alt_text' => $alt_text, '$sparkle' => $sparkle, '$url' => $url));
$arr = array('contact' => $contact, 'output' => $o);
call_hooks('contact_edit', $arr);
return $arr['output'];
}
}
function connedit_content(&$a)
{
$sort_type = 0;
$o = '';
if (!local_channel()) {
notice(t('Permission denied.') . EOL);
return login();
}
$channel = $a->get_channel();
$my_perms = get_channel_default_perms(local_channel());
$role = get_pconfig(local_channel(), 'system', 'permissions_role');
if ($role) {
$x = get_role_perms($role);
if ($x['perms_accept']) {
$my_perms = $x['perms_accept'];
}
}
if ($my_perms) {
$o .= "<script>function connectDefaultShare() {\n\t\t\$('.abook-edit-me').each(function() {\n\t\t\tif(! \$(this).is(':disabled'))\n\t\t\t\t\$(this).removeAttr('checked');\n\t\t});\n\n";
$perms = get_perms();
foreach ($perms as $p => $v) {
if ($my_perms & $v[1]) {
$o .= "\$('#me_id_perms_" . $p . "').attr('checked','checked'); \n";
}
}
$o .= " }\n</script>\n";
}
if (argc() == 3) {
$contact_id = intval(argv(1));
if (!$contact_id) {
return;
}
$cmd = argv(2);
$orig_record = q("SELECT abook.*, xchan.* FROM abook left join xchan on abook_xchan = xchan_hash\n\t\t\tWHERE abook_id = %d AND abook_channel = %d AND NOT ( abook_flags & %d )>0 LIMIT 1", intval($contact_id), intval(local_channel()), intval(ABOOK_FLAG_SELF));
if (!count($orig_record)) {
notice(t('Could not access address book record.') . EOL);
goaway($a->get_baseurl(true) . '/connections');
}
if ($cmd === 'update') {
// pull feed and consume it, which should subscribe to the hub.
proc_run('php', "include/poller.php", "{$contact_id}");
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'refresh') {
if (!zot_refresh($orig_record[0], get_app()->get_channel())) {
notice(t('Refresh failed - channel is currently unavailable.'));
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'block') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_BLOCKED)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_BLOCKED ? t('Channel has been unblocked') : t('Channel has been blocked')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'ignore') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_IGNORED)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_IGNORED ? t('Channel has been unignored') : t('Channel has been ignored')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'archive') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_ARCHIVED)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_ARCHIVED ? t('Channel has been unarchived') : t('Channel has been archived')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'hide') {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_HIDDEN)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_HIDDEN ? t('Channel has been unhidden') : t('Channel has been hidden')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
// We'll prevent somebody from unapproving an already approved contact.
// Though maybe somebody will want this eventually (??)
if ($cmd === 'approve') {
if ($orig_record[0]['abook_flags'] & ABOOK_FLAG_PENDING) {
if (abook_toggle_flag($orig_record[0], ABOOK_FLAG_PENDING)) {
info(($orig_record[0]['abook_flags'] & ABOOK_FLAG_PENDING ? t('Channel has been approved') : t('Channel has been unapproved')) . EOL);
connedit_clone($a);
} else {
notice(t('Unable to set address book parameters.') . EOL);
}
}
goaway($a->get_baseurl(true) . '/connedit/' . $contact_id);
}
if ($cmd === 'drop') {
require_once 'include/Contact.php';
// FIXME
// We need to send either a purge or a refresh packet to the other side (the channel being unfriended).
// The issue is that the abook DB record _may_ get destroyed when we call contact_remove. As the notifier runs
// in the background there could be a race condition preventing this packet from being sent in all cases.
// PLACEHOLDER
contact_remove(local_channel(), $orig_record[0]['abook_id']);
build_sync_packet(0, array('abook' => array(array('abook_xchan' => $orig_record[0]['abook_xchan'], 'entry_deleted' => true))));
info(t('Connection has been removed.') . EOL);
if (x($_SESSION, 'return_url')) {
goaway($a->get_baseurl(true) . '/' . $_SESSION['return_url']);
}
goaway($a->get_baseurl(true) . '/contacts');
}
}
if ($a->poi) {
$contact_id = $a->poi['abook_id'];
$contact = $a->poi;
$tabs = array(array('label' => t('View Profile'), 'url' => chanlink_cid($contact['abook_id']), 'sel' => '', 'title' => sprintf(t('View %s\'s profile'), $contact['xchan_name'])), array('label' => t('Refresh Permissions'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/refresh', 'sel' => '', 'title' => t('Fetch updated permissions')), array('label' => t('Recent Activity'), 'url' => $a->get_baseurl(true) . '/network/?f=&cid=' . $contact['abook_id'], 'sel' => '', 'title' => t('View recent posts and comments')));
$buttons = array(array('label' => $contact['abook_flags'] & ABOOK_FLAG_BLOCKED ? t('Unblock') : t('Block'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/block', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_BLOCKED ? 'active' : '', 'title' => t('Block (or Unblock) all communications with this connection')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_IGNORED ? t('Unignore') : t('Ignore'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/ignore', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_IGNORED ? 'active' : '', 'title' => t('Ignore (or Unignore) all inbound communications from this connection')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_ARCHIVED ? t('Unarchive') : t('Archive'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/archive', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_ARCHIVED ? 'active' : '', 'title' => t('Archive (or Unarchive) this connection - mark channel dead but keep content')), array('label' => $contact['abook_flags'] & ABOOK_FLAG_HIDDEN ? t('Unhide') : t('Hide'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/hide', 'sel' => $contact['abook_flags'] & ABOOK_FLAG_HIDDEN ? 'active' : '', 'title' => t('Hide or Unhide this connection from your other connections')), array('label' => t('Delete'), 'url' => $a->get_baseurl(true) . '/connedit/' . $contact['abook_id'] . '/drop', 'sel' => '', 'title' => t('Delete this connection')));
$self = false;
if (!($contact['abook_flags'] & ABOOK_FLAG_SELF)) {
$tab_tpl = get_markup_template('common_tabs.tpl');
$t = replace_macros($tab_tpl, array('$tabs' => $tabs));
} else {
$self = true;
}
$a->page['htmlhead'] .= replace_macros(get_markup_template('contact_head.tpl'), array('$baseurl' => $a->get_baseurl(true), '$editselect' => $editselect));
require_once 'include/contact_selectors.php';
$tpl = get_markup_template("abook_edit.tpl");
if (feature_enabled(local_channel(), 'affinity')) {
$slider_tpl = get_markup_template('contact_slider.tpl');
$slide = replace_macros($slider_tpl, array('$me' => t('Me'), '$min' => 1, '$val' => $contact['abook_closeness'] ? $contact['abook_closeness'] : 99, '$intimate' => t('Best Friends'), '$friends' => t('Friends'), '$oldfriends' => t('Former Friends'), '$acquaintances' => t('Acquaintances'), '$world' => t('Unknown')));
}
$rating_val = 0;
$rating_text = '';
$xl = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1", dbesc($channel['channel_hash']), dbesc($contact['xchan_hash']));
if ($xl) {
$rating_val = intval($xl[0]['xlink_rating']);
$rating_text = $xl[0]['xlink_rating_text'];
}
$poco_rating = get_config('system', 'poco_rating_enable');
// if unset default to enabled
if ($poco_rating === false) {
$poco_rating = true;
}
if ($poco_rating) {
$rating = replace_macros(get_markup_template('rating_slider.tpl'), array('$min' => -10, '$val' => $rating_val));
} else {
$rating = false;
}
$perms = array();
$channel = $a->get_channel();
$global_perms = get_perms();
$existing = get_all_perms(local_channel(), $contact['abook_xchan']);
$unapproved = array('pending', t('Approve this connection'), '', t('Accept connection to allow communication'));
foreach ($global_perms as $k => $v) {
$thisperm = $contact['abook_my_perms'] & $v[1] ? "1" : '';
// For auto permissions (when $self is true) we don't want to look at existing
// permissions because they are enabled for the channel owner
if (!$self && $existing[$k]) {
$thisperm = "1";
}
$perms[] = array('perms_' . $k, $v[3], $contact['abook_their_perms'] & $v[1] ? "1" : "", $thisperm, $v[1], $channel[$v[0]] == PERMS_SPECIFIC || $self ? '' : '1', $v[4]);
}
$o .= replace_macros($tpl, array('$header' => $self ? t('Connection Default Permissions') : sprintf(t('Connections: settings for %s'), $contact['xchan_name']), '$autoperms' => array('autoperms', t('Apply these permissions automatically'), get_pconfig(local_channel(), 'system', 'autoperms') ? 1 : 0, ''), '$addr' => $contact['xchan_addr'], '$notself' => $self ? '' : '1', '$self' => $self ? '1' : '', '$autolbl' => t('Apply the permissions indicated on this page to all new connections.'), '$buttons' => $self ? '' : $buttons, '$viewprof' => t('View Profile'), '$clickme' => t('Click to open/close'), '$lbl_slider' => t('Slide to adjust your degree of friendship'), '$lbl_rating' => t('Rating (this information is public)'), '$lbl_rating_txt' => t('Optionally explain your rating (this information is public)'), '$rating_txt' => $rating_text, '$rating' => $rating, '$rating_val' => $rating_val, '$slide' => $slide, '$tabs' => $t, '$tab_str' => $tab_str, '$perms_step1' => t('Default permissions for your channel type have (just) been applied. They have not yet been submitted. Please review the permissions on this page and make any desired changes at this time. This new connection may <em>not</em> be able to communicate with you until you submit this page, which will install and apply the selected permissions.'), '$is_pending' => $contact['abook_flags'] & ABOOK_FLAG_PENDING ? 1 : '', '$unapproved' => $unapproved, '$inherited' => t('inherited'), '$approve' => t('Approve this connection'), '$noperms' => $contact['abook_my_perms'] ? false : true, '$no_perms' => !$self && !$contact['abook_my_perms'] ? t('Connection has no individual permissions!') : '', '$noperm_desc' => !$self && !$contact['abook_my_perms'] ? t('This may be appropriate based on your <a href="settings">privacy settings</a>, though you may wish to review the "Advanced Permissions".') : '', '$submit' => t('Submit'), '$lbl_vis1' => t('Profile Visibility'), '$lbl_vis2' => sprintf(t('Please choose the profile you would like to display to %s when viewing your profile securely.'), $contact['xchan_name']), '$lbl_info1' => t('Contact Information / Notes'), '$infedit' => t('Edit contact notes'), '$close' => $contact['abook_closeness'], '$them' => t('Their Settings'), '$me' => t('My Settings'), '$perms' => $perms, '$perms_new' => t('Default permissions for this channel type have (just) been applied. They have <em>not</em> been saved and there are currently no stored default permissions. Please review/edit the applied settings and click [Submit] to finalize.'), '$clear' => t('Clear/Disable Automatic Permissions'), '$forum' => t('Forum Members'), '$soapbox' => t('Soapbox'), '$full' => t('Full Sharing (typical social network permissions)'), '$cautious' => t('Cautious Sharing '), '$follow' => t('Follow Only'), '$permlbl' => t('Individual Permissions'), '$permnote' => t('Some permissions may be inherited from your channel <a href="settings">privacy settings</a>, which have higher priority than individual settings. Changing those inherited settings on this page will have no effect.'), '$advanced' => t('Advanced Permissions'), '$quick' => t('Simple Permissions (select one and submit)'), '$common_link' => $a->get_baseurl(true) . '/common/loc/' . local_channel() . '/' . $contact['id'], '$all_friends' => $all_friends, '$relation_text' => $relation_text, '$visit' => sprintf(t('Visit %s\'s profile - %s'), $contact['xchan_name'], $contact['xchan_url']), '$blockunblock' => t('Block/Unblock contact'), '$ignorecont' => t('Ignore contact'), '$lblcrepair' => t("Repair URL settings"), '$lblrecent' => t('View conversations'), '$lblsuggest' => $lblsuggest, '$delete' => t('Delete contact'), '$poll_interval' => contact_poll_interval($contact['priority'], !$poll_enabled), '$poll_enabled' => $poll_enabled, '$lastupdtext' => t('Last update:'), '$lost_contact' => $lost_contact, '$updpub' => t('Update public posts'), '$last_update' => relative_date($contact['abook_connected']), '$udnow' => t('Update now'), '$profile_select' => contact_profile_assign($contact['abook_profile']), '$multiprofs' => feature_enabled(local_channel(), 'multi_profiles'), '$contact_id' => $contact['abook_id'], '$block_text' => $contact['blocked'] ? t('Unblock') : t('Block'), '$ignore_text' => $contact['readonly'] ? t('Unignore') : t('Ignore'), '$blocked' => $contact['blocked'] ? t('Currently blocked') : '', '$ignored' => $contact['readonly'] ? t('Currently ignored') : '', '$archived' => $contact['archive'] ? t('Currently archived') : '', '$pending' => $contact['archive'] ? t('Currently pending') : '', '$name' => $contact['name'], '$alt_text' => $alt_text, '$url' => $url));
$arr = array('contact' => $contact, 'output' => $o);
call_hooks('contact_edit', $arr);
return $arr['output'];
}
}
function onepoll_run($argv, $argc)
{
cli_startup();
$a = get_app();
logger('onepoll: start');
$manual_id = 0;
$generation = 0;
$force = false;
$restart = false;
if ($argc > 1 && intval($argv[1])) {
$contact_id = intval($argv[1]);
}
if (!$contact_id) {
logger('onepoll: no contact');
return;
}
$d = datetime_convert();
$contacts = q("SELECT abook.*, xchan.*, account.*\n\t\tFROM abook LEFT JOIN account on abook_account = account_id left join xchan on xchan_hash = abook_xchan \n\t\twhere abook_id = %d\n\t\tAND (( abook_flags & %d ) OR ( abook_flags = %d ))\n\t\tAND NOT ( abook_flags & %d )\n\t\tAND (( account_flags = %d ) OR ( account_flags = %d )) limit 1", intval($contact_id), intval(ABOOK_FLAG_HIDDEN | ABOOK_FLAG_PENDING | ABOOK_FLAG_UNCONNECTED | ABOOK_FLAG_FEED), intval(0), intval(ABOOK_FLAG_ARCHIVED | ABOOK_FLAG_BLOCKED | ABOOK_FLAG_IGNORED), intval(ACCOUNT_OK), intval(ACCOUNT_UNVERIFIED));
if (!$contacts) {
logger('onepoll: abook_id not found: ' . $contact_id);
return;
}
$contact = $contacts[0];
$t = $contact['abook_updated'];
$importer_uid = $contact['abook_channel'];
$r = q("SELECT * from channel left join xchan on channel_hash = xchan_hash where channel_id = %d limit 1", intval($importer_uid));
if (!$r) {
return;
}
$importer = $r[0];
logger("onepoll: poll: ({$contact['id']}) IMPORTER: {$importer['xchan_name']}, CONTACT: {$contact['xchan_name']}");
$last_update = $contact['abook_updated'] === $contact['abook_created'] || $contact['abook_updated'] === NULL_DATE ? datetime_convert('UTC', 'UTC', 'now - 7 days') : datetime_convert('UTC', 'UTC', $contact['abook_updated'] . ' - 2 days');
if ($contact['xchan_network'] === 'rss') {
logger('onepoll: processing feed ' . $contact['xchan_name'], LOGGER_DEBUG);
handle_feed($importer['channel_id'], $contact_id, $contact['xchan_hash']);
q("update abook set abook_connected = '%s' where abook_id = %d limit 1", dbesc(datetime_convert()), intval($contact['abook_id']));
return;
}
if ($contact['xchan_network'] !== 'zot') {
return;
}
// update permissions
$x = zot_refresh($contact, $importer);
$responded = false;
$updated = datetime_convert();
if (!$x) {
// mark for death by not updating abook_connected, this is caught in include/poller.php
q("update abook set abook_updated = '%s' where abook_id = %d limit 1", dbesc($updated), intval($contact['abook_id']));
} else {
q("update abook set abook_updated = '%s', abook_connected = '%s' where abook_id = %d limit 1", dbesc($updated), dbesc($updated), intval($contact['abook_id']));
$responded = true;
}
if (!$responded) {
return;
}
if ($contact['xchan_connurl']) {
$fetch_feed = true;
$x = null;
if (!($contact['abook_their_perms'] & PERMS_R_STREAM)) {
$fetch_feed = false;
}
if ($fetch_feed) {
$feedurl = str_replace('/poco/', '/zotfeed/', $contact['xchan_connurl']);
$x = z_fetch_url($feedurl . '?f=&mindate=' . urlencode($last_update));
logger('feed_update: ' . print_r($x, true), LOGGER_DATA);
}
if ($x && $x['success']) {
$total = 0;
logger('onepoll: feed update ' . $contact['xchan_name']);
$j = json_decode($x['body'], true);
if ($j['success'] && $j['messages']) {
foreach ($j['messages'] as $message) {
$results = process_delivery(array('hash' => $contact['xchan_hash']), get_item_elements($message), array(array('hash' => $importer['xchan_hash'])), false);
logger('onepoll: feed_update: process_delivery: ' . print_r($results, true));
$total++;
}
logger("onepoll: {$total} messages processed");
}
}
}
// fetch some items
// set last updated timestamp
if ($contact['xchan_connurl']) {
$r = q("SELECT xlink_id from xlink \n\t\t\twhere xlink_xchan = '%s' and xlink_updated > UTC_TIMESTAMP() - INTERVAL 1 DAY limit 1", intval($contact['xchan_hash']));
if (!$r) {
poco_load($contact['xchan_hash'], $contact['xchan_connurl']);
}
}
return;
}
