function new_dm($user_id, $type, $remote_name, $remote_profile,
        $remote_avatar, $remote_message, $remote_time)
    {
        $users = instance_model('users');
        $users->verify_user_id($user_id);

        if(!($type == "public" || $type == 'private'))
            throw new invalid_dm_type_exception();

        validate_username($remote_name);
        validate_url($remote_profile);
        validate_avatar($remote_avatar);
        validate_message($remote_message);

        $query = "INSERT INTO `direct-message`
            (`User_ID`, `Type`, `Remote_name`, `Remote_profile`,
                `Remote_avatar`, `Remote_message`, `Remote_time`)
            VALUES ('@v','@v','@v','@v','@v', '@v', '@v')";

        $this->query($query, $user_id, $type, $remote_name,
            $remote_profile, $remote_avatar, $remote_message, $remote_time);
    }
コード例 #2
0
    function create_following($id, $remote_url, $remote_name,
        $remote_profile, $remote_avatar, $relation_pingback, $message_pingback)
    {

        $users = instance_model('users');
        $user = $users->verify_user_id($id);

        validate_url($remote_url);
        validate_username($remote_name);
        validate_url($remote_profile);
        validate_avatar($remote_avatar);
        validate_url($relation_pingback);
        validate_url($message_pingback);

        $query = "INSERT INTO `following` 
            (`User_ID`, `Remote_URL`, `Remote_name`, `Remote_profile`,
            `Remote_avatar`, `Relation_pingback`, `Message_pingback`)
            VALUES ('@v', '@v', '@v', '@v', '@v', '@v', '@v')";

        $this->query($query, $id, $remote_url, $remote_name,
            $remote_profile, $remote_avatar, $relation_pingback,
            $message_pingback);
    }
コード例 #3
0
ファイル: users.php プロジェクト: robehickman/Scripts
    function update_avatar($id, $new_avatar)
    {
        $this->verify_user_id($id);
        validate_avatar($new_avatar);

        $query = "UPDATE `users` SET
            `Avatar` = '@v'
            WHERE `ID` = '@v' LIMIT 1";

        $this->query($query, $new_avatar, $id);
    }
コード例 #4
0
    function new_item($remote_url, $remote_name, $remote_profile,
        $remote_avatar, $time, $message)
    {
        validate_url($remote_url);
        validate_url($remote_profile);
        validate_avatar($remote_avatar);
        validate_username($remote_name);
        validate_message($message);

        $query = "INSERT INTO `message-cache` (`Remote_URL`,
            `Remote_name`, `Remote_profile`, `Remote_avatar`,
            `Remote_time`, `Remote_message`) VALUES
            ('@v','@v','@v','@v','@v', '@v')";

        $this->query($query, $remote_url, $remote_name,
            $remote_profile, $remote_avatar, $time, $message);
    }
コード例 #5
0
    function get_message_stream($remote_url, $test = "",
        $check_signiture = true)
    {
        if($test == "")
            $xml = $this->http_request($remote_url);
        else
            $xml = $test;

        if($test == 'User does not exist on this node')
            throw new no_such_user_exception();

        $parsed_xml = @simplexml_load_string($xml);

        if(!$parsed_xml)
            throw new malformed_xml_exception();

    // Protocol version number must be numeric and have a decimal point
        if(!preg_match("/[0-9]+\.[0-9]+/", $parsed_xml->protocol_version))
            throw new invalid_protocol_version_exception();

    // check protocol version tag exitsts
        if($parsed_xml->protocol_version > PROTOCOL_VERSION)
            throw new messages_from_the_future_exception();

        $parsed_xml->head->by_user           = base64_decode($parsed_xml->head->by_user);
        $parsed_xml->head->user_pub_key      = base64_decode($parsed_xml->head->user_pub_key);
        $parsed_xml->head->user_bio          = base64_decode($parsed_xml->head->user_bio);
        $parsed_xml->head->user_avatar       = base64_decode($parsed_xml->head->user_avatar);
        $parsed_xml->head->user_profile      = base64_decode($parsed_xml->head->user_profile);
        $parsed_xml->head->message_pingback  = base64_decode($parsed_xml->head->message_pingback);
        $parsed_xml->head->relation_pingback = base64_decode($parsed_xml->head->relation_pingback);

        for($i = 0; $i < count($parsed_xml->message); $i ++)
        {
            $parsed_xml->message[$i]->time    = base64_decode($parsed_xml->message[$i]->time);
            $parsed_xml->message[$i]->message = base64_decode($parsed_xml->message[$i]->message);
        }

    // Varify stream signature
        if($check_signiture == true)
        {
            $signature_str = $parsed_xml->protocol_version . $parsed_xml->head->by_user .
                $parsed_xml->head->user_bio . $parsed_xml->head->user_avatar .
                $parsed_xml->head->user_profile . $parsed_xml->head->message_pingback .
                $parsed_xml->head->relation_pingback;

            foreach($parsed_xml->message as $message)
                $signature_str .= ($message->time . $message->message);

            validate_pub_key($parsed_xml->head->user_pub_key);

            $pubkeyid = openssl_get_publickey($parsed_xml->head->user_pub_key);
            $result = openssl_verify($signature_str, base64_decode($parsed_xml->head->data_sig), $pubkeyid); 
            openssl_free_key($pubkeyid);

            if($result != 1)
                throw new stream_signature_error_exception();
        }
       
    // Varify user info
        validate_username($parsed_xml->head->by_user);
        validate_bio($parsed_xml->head->user_bio);
        validate_avatar($parsed_xml->head->user_avatar);

    // Validate URL's
        validate_url($parsed_xml->head->user_profile);
        validate_url($parsed_xml->head->message_pingback);
        validate_url($parsed_xml->head->relation_pingback);

    // Check that all URL's point to the same host name
        $remote   = parse_url($remote_url);

        $profile  = parse_url($parsed_xml->head->user_profile);
        $message  = parse_url($parsed_xml->head->message_pingback);
        $relation = parse_url($parsed_xml->head->relation_pingback);

        if( $profile['host']  != $remote['host'] ||
            $message['host']  != $remote['host'] ||
            $relation['host'] != $remote['host'])
            throw new exception('Invalid message stream');

        return $parsed_xml;
    }
コード例 #6
0
    function test_validate_avatar_wrong_size()
    {
        $this->setExpectedException('invalid_avatar_exception');

        validate_avatar(APP_ROOT . 'tests/models/files/bad_avatar.jpg');
    }