friendica/mod/dfrn_notify.php

<?php

require_once('library/simplepie/simplepie.inc');
require_once('include/items.php');
require_once('include/event.php');


function dfrn_notify_post(&$a) {
    logger(__function__, LOGGER_TRACE);
	$dfrn_id      = ((x($_POST,'dfrn_id'))      ? notags(trim($_POST['dfrn_id']))   : '');
	$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version']    : 2.0);
	$challenge    = ((x($_POST,'challenge'))    ? notags(trim($_POST['challenge'])) : '');
	$data         = ((x($_POST,'data'))         ? $_POST['data']                    : '');
	$key          = ((x($_POST,'key'))          ? $_POST['key']                     : '');
	$dissolve     = ((x($_POST,'dissolve'))     ? intval($_POST['dissolve'])        :  0);
	$perm         = ((x($_POST,'perm'))         ? notags(trim($_POST['perm']))      : 'r');
	$ssl_policy   = ((x($_POST,'ssl_policy'))   ? notags(trim($_POST['ssl_policy'])): 'none');
	$page         = ((x($_POST,'page'))         ? intval($_POST['page'])            :  0);

	$forum = (($page == 1) ? 1 : 0);
	$prv   = (($page == 2) ? 1 : 0);

	$writable = (-1);
	if($dfrn_version >= 2.21) {
		$writable = (($perm === 'rw') ? 1 : 0);
	}

	$direction = (-1);
	if(strpos($dfrn_id,':') == 1) {
		$direction = intval(substr($dfrn_id,0,1));
		$dfrn_id = substr($dfrn_id,2);
	}

	$r = q("SELECT * FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
		dbesc($dfrn_id),
		dbesc($challenge)
	);
	if(! count($r)) {
		logger('dfrn_notify: could not match challenge to dfrn_id ' . $dfrn_id . ' challenge=' . $challenge);
		xml_status(3);
	}

	$r = q("DELETE FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
		dbesc($dfrn_id),
		dbesc($challenge)
	);

	// find the local user who owns this relationship.

	$sql_extra = '';
	switch($direction) {
		case (-1):
			$sql_extra = sprintf(" AND ( `issued-id` = '%s' OR `dfrn-id` = '%s' ) ", dbesc($dfrn_id), dbesc($dfrn_id));
			break;
		case 0:
			$sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
			break;
		case 1:
			$sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
			break;
		default:
			xml_status(3);
			break; // NOTREACHED
	}
		 
	// be careful - $importer will contain both the contact information for the contact
	// sending us the post, and also the user information for the person receiving it.
	// since they are mixed together, it is easy to get them confused.

	$r = q("SELECT	`contact`.*, `contact`.`uid` AS `importer_uid`, 
					`contact`.`pubkey` AS `cpubkey`, 
					`contact`.`prvkey` AS `cprvkey`, 
					`contact`.`thumb` AS `thumb`, 
					`contact`.`url` as `url`,
					`contact`.`name` as `senderName`,
					`user`.* 
			FROM `contact` 
			LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid` 
			WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 
				AND `user`.`nickname` = '%s' AND `user`.`account_expired` = 0 AND `user`.`account_removed` = 0 $sql_extra LIMIT 1",
		dbesc($a->argv[1])
	);

	if(! count($r)) {
		logger('dfrn_notify: contact not found for dfrn_id ' . $dfrn_id);
		xml_status(3);
		//NOTREACHED
	}

	// $importer in this case contains the contact record for the remote contact joined with the user record of our user. 

	$importer = $r[0];

	if((($writable != (-1)) && ($writable != $importer['writable'])) || ($importer['forum'] != $forum) || ($importer['prv'] != $prv)) {
		q("UPDATE `contact` SET `writable` = %d, forum = %d, prv = %d WHERE `id` = %d LIMIT 1",
			intval(($writable == (-1)) ? $importer['writable'] : $writable),
			intval($forum),
			intval($prv),
			intval($importer['id'])
		);
		if($writable != (-1))
			$importer['writable'] = $writable;
		$importer['forum'] = $page;
	}


	// if contact's ssl policy changed, update our links

	fix_contact_ssl_policy($importer,$ssl_policy);

	logger('dfrn_notify: received notify from ' . $importer['name'] . ' for ' . $importer['username']);
	logger('dfrn_notify: data: ' . $data, LOGGER_DATA);

	if($dissolve == 1) {

		/**
		 * Relationship is dissolved permanently
		 */

		require_once('include/Contact.php'); 
		contact_remove($importer['id']);
		logger('relationship dissolved : ' . $importer['name'] . ' dissolved ' . $importer['username']);
		xml_status(0);

	}


	// If we are setup as a soapbox we aren't accepting input from this person

	if($importer['page-flags'] == PAGE_SOAPBOX)
		xml_status(0);


	if(strlen($key)) {
		$rawkey = hex2bin(trim($key));
		logger('rino: md5 raw key: ' . md5($rawkey));
		$final_key = '';

		if($dfrn_version >= 2.1) {
			if((($importer['duplex']) && strlen($importer['cprvkey'])) || (! strlen($importer['cpubkey']))) {
				openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']);
			}
			else {
				openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']);
			}
		}
		else {
			if((($importer['duplex']) && strlen($importer['cpubkey'])) || (! strlen($importer['cprvkey']))) {
				openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']);
			}
			else {
				openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']);
			}
		}

		logger('rino: received key : ' . $final_key);
		$data = aes_decrypt(hex2bin($data),$final_key);
		logger('rino: decrypted data: ' . $data, LOGGER_DATA);
	}


	$ret = local_delivery($importer,$data);
	xml_status($ret);

	// NOTREACHED
}


function dfrn_notify_content(&$a) {

	if(x($_GET,'dfrn_id')) {

		// initial communication from external contact, $direction is their direction.
		// If this is a duplex communication, ours will be the opposite.

		$dfrn_id = notags(trim($_GET['dfrn_id']));
		$dfrn_version = (float) $_GET['dfrn_version'];

		logger('dfrn_notify: new notification dfrn_id=' . $dfrn_id);

		$direction = (-1);
		if(strpos($dfrn_id,':') == 1) {
			$direction = intval(substr($dfrn_id,0,1));
			$dfrn_id = substr($dfrn_id,2);
		}

		$hash = random_string();

		$status = 0;

		$r = q("DELETE FROM `challenge` WHERE `expire` < " . intval(time()));

		$r = q("INSERT INTO `challenge` ( `challenge`, `dfrn-id`, `expire` )
			VALUES( '%s', '%s', %d ) ",
			dbesc($hash),
			dbesc($dfrn_id),
			intval(time() + 90 )
		);

		logger('dfrn_notify: challenge=' . $hash, LOGGER_DEBUG );

		$sql_extra = '';
		switch($direction) {
			case (-1):
				$sql_extra = sprintf(" AND ( `issued-id` = '%s' OR `dfrn-id` = '%s' ) ", dbesc($dfrn_id), dbesc($dfrn_id));
				$my_id = $dfrn_id;
				break;
			case 0:
				$sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
				$my_id = '1:' . $dfrn_id;
				break;
			case 1:
				$sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
				$my_id = '0:' . $dfrn_id;
				break;
			default:
				$status = 1;
				break; // NOTREACHED
		}

		$r = q("SELECT `contact`.*, `user`.`nickname`, `user`.`page-flags` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` 
				WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s' 
				AND `user`.`account_expired` = 0 AND `user`.`account_removed` = 0 $sql_extra LIMIT 1",
				dbesc($a->argv[1])
		);

		if(! count($r))
			$status = 1;

		$challenge = '';
		$encrypted_id = '';
		$id_str = $my_id . '.' . mt_rand(1000,9999);

		$prv_key = trim($r[0]['prvkey']);
		$pub_key = trim($r[0]['pubkey']);
		$dplx = intval($r[0]['duplex']);

		if((($dplx) && (strlen($prv_key))) || ((strlen($prv_key)) && (!(strlen($pub_key))))) {
			openssl_private_encrypt($hash,$challenge,$prv_key);
			openssl_private_encrypt($id_str,$encrypted_id,$prv_key);
		}
		elseif(strlen($pub_key)) {
			openssl_public_encrypt($hash,$challenge,$pub_key);
			openssl_public_encrypt($id_str,$encrypted_id,$pub_key);
		}
		else
			$status = 1;

		$challenge    = bin2hex($challenge);
		$encrypted_id = bin2hex($encrypted_id);

		$rino = ((function_exists('mcrypt_encrypt')) ? 1 : 0);

		$rino_enable = get_config('system','rino_encrypt');

		if(! $rino_enable)
			$rino = 0;

		if((($r[0]['rel']) && ($r[0]['rel'] != CONTACT_IS_SHARING)) || ($r[0]['page-flags'] == PAGE_COMMUNITY)) {
			$perm = 'rw';
		}
		else {
			$perm = 'r';
		}

		header("Content-type: text/xml");

		echo '<?xml version="1.0" encoding="UTF-8"?>' . "\r\n" 
			. '<dfrn_notify>' . "\r\n"
			. "\t" . '<status>' . $status . '</status>' . "\r\n"
			. "\t" . '<dfrn_version>' . DFRN_PROTOCOL_VERSION . '</dfrn_version>' . "\r\n"
			. "\t" . '<rino>' . $rino . '</rino>' . "\r\n"
			. "\t" . '<perm>' . $perm . '</perm>' . "\r\n" 
			. "\t" . '<dfrn_id>' . $encrypted_id . '</dfrn_id>' . "\r\n" 
			. "\t" . '<challenge>' . $challenge . '</challenge>' . "\r\n"
			. '</dfrn_notify>' . "\r\n" ;

		killme();
	}

}
some changes 2010-07-05 03:45:56 +00:00			`<?php`

bug #96 move libraries to library - better alignment of like rotator 2011-06-29 04:11:52 +00:00			`require_once('library/simplepie/simplepie.inc');`
more poll stuff ahead of item revamp 2010-07-19 03:49:10 +00:00			`require_once('include/items.php');`
event sharing, cont. 2011-06-14 02:06:49 +00:00			`require_once('include/event.php');`


mostly done with dfrn-notify 2010-07-16 08:26:42 +00:00			`function dfrn_notify_post(&$a) {`
moveme: first successful relocated user 2012-10-31 16:13:45 +00:00			`logger(__function__, LOGGER_TRACE);`
rino landing 2010-12-01 02:32:34 +00:00			`$dfrn_id = ((x($_POST,'dfrn_id')) ? notags(trim($_POST['dfrn_id'])) : '');`
			`$dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0);`
			`$challenge = ((x($_POST,'challenge')) ? notags(trim($_POST['challenge'])) : '');`
			`$data = ((x($_POST,'data')) ? $_POST['data'] : '');`
			`$key = ((x($_POST,'key')) ? $_POST['key'] : '');`
"unfriend" protocol 2011-01-25 11:57:10 +00:00			`$dissolve = ((x($_POST,'dissolve')) ? intval($_POST['dissolve']) : 0);`
initial dfrn update to pass perms 2011-04-11 01:38:55 +00:00			`$perm = ((x($_POST,'perm')) ? notags(trim($_POST['perm'])) : 'r');`
ssl_policy stuff 2012-03-15 03:36:23 +00:00			`$ssl_policy = ((x($_POST,'ssl_policy')) ? notags(trim($_POST['ssl_policy'])): 'none');`
track whether contact is a community page or not 2012-03-15 23:38:26 +00:00			`$page = ((x($_POST,'page')) ? intval($_POST['page']) : 0);`
initial dfrn update to pass perms 2011-04-11 01:38:55 +00:00
private group tests, cont. 2012-05-30 05:57:15 +00:00			`$forum = (($page == 1) ? 1 : 0);`
			`$prv = (($page == 2) ? 1 : 0);`

initial dfrn update to pass perms 2011-04-11 01:38:55 +00:00			`$writable = (-1);`
			`if($dfrn_version >= 2.21) {`
			`$writable = (($perm === 'rw') ? 1 : 0);`
			`}`
tag each side of the duplex 2010-09-13 04:25:37 +00:00
			`$direction = (-1);`
			`if(strpos($dfrn_id,':') == 1) {`
			`$direction = intval(substr($dfrn_id,0,1));`
			`$dfrn_id = substr($dfrn_id,2);`
			`}`

some changes 2010-07-05 03:45:56 +00:00			$r = q("SELECT * FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
			`dbesc($dfrn_id),`
			`dbesc($challenge)`
			`);`
more logging in dfrn_notify 2010-11-23 23:55:11 +00:00			`if(! count($r)) {`
allow parentless items from SN - add more tracing on notify failures 2011-02-04 01:40:04 +00:00			`logger('dfrn_notify: could not match challenge to dfrn_id ' . $dfrn_id . ' challenge=' . $challenge);`
some changes 2010-07-05 03:45:56 +00:00			`xml_status(3);`
more logging in dfrn_notify 2010-11-23 23:55:11 +00:00			`}`
some changes 2010-07-05 03:45:56 +00:00
			$r = q("DELETE FROM `challenge` WHERE `dfrn-id` = '%s' AND `challenge` = '%s' LIMIT 1",
			`dbesc($dfrn_id),`
			`dbesc($challenge)`
			`);`

mostly done with dfrn-notify 2010-07-16 08:26:42 +00:00			`// find the local user who owns this relationship.`

tag each side of the duplex 2010-09-13 04:25:37 +00:00			`$sql_extra = '';`
			`switch($direction) {`
			`case (-1):`
sorting out the last(?) quirks in group pages. 2010-10-18 23:38:48 +00:00			$sql_extra = sprintf(" AND ( `issued-id` = '%s' OR `dfrn-id` = '%s' ) ", dbesc($dfrn_id), dbesc($dfrn_id));
tag each side of the duplex 2010-09-13 04:25:37 +00:00			`break;`
			`case 0:`
			$sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
			`break;`
			`case 1:`
			$sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
			`break;`
			`default:`
			`xml_status(3);`
			`break; // NOTREACHED`
			`}`

fix warning of self-signed cert for photos of our own contacts in comment notification emails 2011-08-21 01:27:12 +00:00			`// be careful - $importer will contain both the contact information for the contact`
			`// sending us the post, and also the user information for the person receiving it.`
			`// since they are mixed together, it is easy to get them confused.`
tag each side of the duplex 2010-09-13 04:25:37 +00:00
updated private message notification to use HTML, still need the foreign language message notifications updated 2011-02-13 22:55:48 +00:00			$r = q("SELECT `contact`.*, `contact`.`uid` AS `importer_uid`,
			`contact`.`pubkey` AS `cpubkey`,
			`contact`.`prvkey` AS `cprvkey`,
			`contact`.`thumb` AS `thumb`,
			`contact`.`url` as `url`,
			`contact`.`name` as `senderName`,
			`user`.*
			FROM `contact`
			LEFT JOIN `user` ON `contact`.`uid` = `user`.`uid`
			WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0
Changes to make contacts delete all content from the user when a user is deleted. NOTE: I didn't add "AND account_removed = 0" to facebook.php because I don't have a clone of the addons repository. Please someone do that for me. Thanks. Please check carefully. I tested locally on my server, but not with other servers. 2012-11-02 20:43:47 +00:00			AND `user`.`nickname` = '%s' AND `user`.`account_expired` = 0 AND `user`.`account_removed` = 0 $sql_extra LIMIT 1",
sorting out the last(?) quirks in group pages. 2010-10-18 23:38:48 +00:00			`dbesc($a->argv[1])`
mostly done with dfrn-notify 2010-07-16 08:26:42 +00:00			`);`
misc little fixes 2010-08-17 05:05:04 +00:00
working on readonly contact attribute 2010-07-28 05:32:21 +00:00			`if(! count($r)) {`
more logging in dfrn_notify 2010-11-23 23:55:11 +00:00			`logger('dfrn_notify: contact not found for dfrn_id ' . $dfrn_id);`
mostly done with dfrn-notify 2010-07-16 08:26:42 +00:00			`xml_status(3);`
xrd cannot be called before db is open to get language 2010-10-04 11:22:34 +00:00			`//NOTREACHED`
working on readonly contact attribute 2010-07-28 05:32:21 +00:00			`}`
mostly done with dfrn-notify 2010-07-16 08:26:42 +00:00
"unfriend" protocol 2011-01-25 11:57:10 +00:00			`// $importer in this case contains the contact record for the remote contact joined with the user record of our user.`

mostly done with dfrn-notify 2010-07-16 08:26:42 +00:00			`$importer = $r[0];`

private group tests, cont. 2012-05-30 05:57:15 +00:00			`if((($writable != (-1)) && ($writable != $importer['writable'])) \|\| ($importer['forum'] != $forum) \|\| ($importer['prv'] != $prv)) {`
			q("UPDATE `contact` SET `writable` = %d, forum = %d, prv = %d WHERE `id` = %d LIMIT 1",
track whether contact is a community page or not 2012-03-15 23:38:26 +00:00			`intval(($writable == (-1)) ? $importer['writable'] : $writable),`
private group tests, cont. 2012-05-30 05:57:15 +00:00			`intval($forum),`
			`intval($prv),`
set writable flag on dfrn_poll 2011-04-11 02:29:21 +00:00			`intval($importer['id'])`
			`);`
track whether contact is a community page or not 2012-03-15 23:38:26 +00:00			`if($writable != (-1))`
			`$importer['writable'] = $writable;`
			`$importer['forum'] = $page;`
set writable flag on dfrn_poll 2011-04-11 02:29:21 +00:00			`}`

ssl_policy stuff 2012-03-15 03:36:23 +00:00
make contact ssl_policy change a function since it is used in a few places 2012-04-03 06:07:26 +00:00			`// if contact's ssl policy changed, update our links`
ssl_policy stuff 2012-03-15 03:36:23 +00:00
make contact ssl_policy change a function since it is used in a few places 2012-04-03 06:07:26 +00:00			`fix_contact_ssl_policy($importer,$ssl_policy);`
improved rw notifications 2012-03-29 00:21:56 +00:00
more logging in dfrn_notify 2010-11-23 23:55:11 +00:00			`logger('dfrn_notify: received notify from ' . $importer['name'] . ' for ' . $importer['username']);`
			`logger('dfrn_notify: data: ' . $data, LOGGER_DATA);`
xrd cannot be called before db is open to get language 2010-10-04 11:22:34 +00:00
dissolve relationship (new protocol) working 2011-01-26 10:32:00 +00:00			`if($dissolve == 1) {`

			`/**`
			`* Relationship is dissolved permanently`
			`*/`

			`require_once('include/Contact.php');`
			`contact_remove($importer['id']);`
			`logger('relationship dissolved : ' . $importer['name'] . ' dissolved ' . $importer['username']);`
			`xml_status(0);`

			`}`

improved rw notifications 2012-03-29 00:21:56 +00:00
			`// If we are setup as a soapbox we aren't accepting input from this person`

			`if($importer['page-flags'] == PAGE_SOAPBOX)`
			`xml_status(0);`


rino landing 2010-12-01 02:32:34 +00:00			`if(strlen($key)) {`
			`$rawkey = hex2bin(trim($key));`
			`logger('rino: md5 raw key: ' . md5($rawkey));`
			`$final_key = '';`

backward compatibility 2011-02-02 06:45:46 +00:00			`if($dfrn_version >= 2.1) {`
protocol reversal, roll dfrn_version to 2.1 2011-02-02 05:21:47 +00:00			`if((($importer['duplex']) && strlen($importer['cprvkey'])) \|\| (! strlen($importer['cpubkey']))) {`
			`openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']);`
			`}`
			`else {`
			`openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']);`
			`}`
rino landing 2010-12-01 02:32:34 +00:00			`}`
			`else {`
protocol reversal, roll dfrn_version to 2.1 2011-02-02 05:21:47 +00:00			`if((($importer['duplex']) && strlen($importer['cpubkey'])) \|\| (! strlen($importer['cprvkey']))) {`
			`openssl_public_decrypt($rawkey,$final_key,$importer['cpubkey']);`
			`}`
			`else {`
			`openssl_private_decrypt($rawkey,$final_key,$importer['cprvkey']);`
			`}`
rino landing 2010-12-01 02:32:34 +00:00			`}`

			`logger('rino: received key : ' . $final_key);`
			`$data = aes_decrypt(hex2bin($data),$final_key);`
			`logger('rino: decrypted data: ' . $data, LOGGER_DATA);`
			`}`

"unfriend" protocol 2011-01-25 11:57:10 +00:00
local_deliver testing 2011-10-07 02:10:57 +00:00			`$ret = local_delivery($importer,$data);`
			`xml_status($ret);`
mostly done with dfrn-notify 2010-07-16 08:26:42 +00:00
xrd cannot be called before db is open to get language 2010-10-04 11:22:34 +00:00			`// NOTREACHED`
some changes 2010-07-05 03:45:56 +00:00			`}`


			`function dfrn_notify_content(&$a) {`

			`if(x($_GET,'dfrn_id')) {`
tag each side of the duplex 2010-09-13 04:25:37 +00:00
			`// initial communication from external contact, $direction is their direction.`
			`// If this is a duplex communication, ours will be the opposite.`

			`$dfrn_id = notags(trim($_GET['dfrn_id']));`
cleanup to ensure protocol version is passed properly. We will need it if/when any incompatible protocol changes are introduced. 2010-10-13 03:29:04 +00:00			`$dfrn_version = (float) $_GET['dfrn_version'];`

more logging in dfrn_notify 2010-11-23 23:55:11 +00:00			`logger('dfrn_notify: new notification dfrn_id=' . $dfrn_id);`
tag each side of the duplex 2010-09-13 04:25:37 +00:00
			`$direction = (-1);`
			`if(strpos($dfrn_id,':') == 1) {`
			`$direction = intval(substr($dfrn_id,0,1));`
			`$dfrn_id = substr($dfrn_id,2);`
			`}`

some changes 2010-07-05 03:45:56 +00:00			`$hash = random_string();`

			`$status = 0;`

			$r = q("DELETE FROM `challenge` WHERE `expire` < " . intval(time()));

			$r = q("INSERT INTO `challenge` ( `challenge`, `dfrn-id`, `expire` )
allow parentless items from SN - add more tracing on notify failures 2011-02-04 01:40:04 +00:00			`VALUES( '%s', '%s', %d ) ",`
some changes 2010-07-05 03:45:56 +00:00			`dbesc($hash),`
tag each side of the duplex 2010-09-13 04:25:37 +00:00			`dbesc($dfrn_id),`
allow parentless items from SN - add more tracing on notify failures 2011-02-04 01:40:04 +00:00			`intval(time() + 90 )`
some changes 2010-07-05 03:45:56 +00:00			`);`

Check all keys before use 2011-09-19 10:30:59 +00:00			`logger('dfrn_notify: challenge=' . $hash, LOGGER_DEBUG );`
tag each side of the duplex 2010-09-13 04:25:37 +00:00
			`$sql_extra = '';`
			`switch($direction) {`
			`case (-1):`
sorting out the last(?) quirks in group pages. 2010-10-18 23:38:48 +00:00			$sql_extra = sprintf(" AND ( `issued-id` = '%s' OR `dfrn-id` = '%s' ) ", dbesc($dfrn_id), dbesc($dfrn_id));
tag each side of the duplex 2010-09-13 04:25:37 +00:00			`$my_id = $dfrn_id;`
			`break;`
			`case 0:`
			$sql_extra = sprintf(" AND `issued-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
			`$my_id = '1:' . $dfrn_id;`
			`break;`
			`case 1:`
			$sql_extra = sprintf(" AND `dfrn-id` = '%s' AND `duplex` = 1 ", dbesc($dfrn_id));
			`$my_id = '0:' . $dfrn_id;`
			`break;`
			`default:`
			`$status = 1;`
			`break; // NOTREACHED`
			`}`

improved rw notifications 2012-03-29 00:21:56 +00:00			$r = q("SELECT `contact`.*, `user`.`nickname`, `user`.`page-flags` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
cripple account when expired 2011-09-19 08:17:12 +00:00			WHERE `contact`.`blocked` = 0 AND `contact`.`pending` = 0 AND `user`.`nickname` = '%s'
Changes to make contacts delete all content from the user when a user is deleted. NOTE: I didn't add "AND account_removed = 0" to facebook.php because I don't have a clone of the addons repository. Please someone do that for me. Thanks. Please check carefully. I tested locally on my server, but not with other servers. 2012-11-02 20:43:47 +00:00			AND `user`.`account_expired` = 0 AND `user`.`account_removed` = 0 $sql_extra LIMIT 1",
sorting out the last(?) quirks in group pages. 2010-10-18 23:38:48 +00:00			`dbesc($a->argv[1])`
			`);`
tag each side of the duplex 2010-09-13 04:25:37 +00:00
start on 2way comms, 2.0 dev 2010-09-02 07:31:11 +00:00			`if(! count($r))`
some changes 2010-07-05 03:45:56 +00:00			`$status = 1;`

			`$challenge = '';`
reciprocal verification on notify, poll 2010-08-05 09:57:03 +00:00			`$encrypted_id = '';`
tag each side of the duplex 2010-09-13 04:25:37 +00:00			`$id_str = $my_id . '.' . mt_rand(1000,9999);`
reciprocal verification on notify, poll 2010-08-05 09:57:03 +00:00
sorting through key issue 2011-09-20 04:24:16 +00:00			`$prv_key = trim($r[0]['prvkey']);`
			`$pub_key = trim($r[0]['pubkey']);`
			`$dplx = intval($r[0]['duplex']);`

			`if((($dplx) && (strlen($prv_key))) \|\| ((strlen($prv_key)) && (!(strlen($pub_key))))) {`
			`openssl_private_encrypt($hash,$challenge,$prv_key);`
			`openssl_private_encrypt($id_str,$encrypted_id,$prv_key);`
			`}`
keychecks 2011-09-21 12:43:26 +00:00			`elseif(strlen($pub_key)) {`
sorting through key issue 2011-09-20 04:24:16 +00:00			`openssl_public_encrypt($hash,$challenge,$pub_key);`
			`openssl_public_encrypt($id_str,$encrypted_id,$pub_key);`
protocol reversal, roll dfrn_version to 2.1 2011-02-02 05:21:47 +00:00			`}`
keychecks 2011-09-21 12:43:26 +00:00			`else`
			`$status = 1;`
start on 2way comms, 2.0 dev 2010-09-02 07:31:11 +00:00
			`$challenge = bin2hex($challenge);`
reciprocal verification on notify, poll 2010-08-05 09:57:03 +00:00			`$encrypted_id = bin2hex($encrypted_id);`

rino recipient patch 2010-12-01 21:39:00 +00:00			`$rino = ((function_exists('mcrypt_encrypt')) ? 1 : 0);`

			`$rino_enable = get_config('system','rino_encrypt');`

			`if(! $rino_enable)`
			`$rino = 0;`

improved rw notifications 2012-03-29 00:21:56 +00:00			`if((($r[0]['rel']) && ($r[0]['rel'] != CONTACT_IS_SHARING)) \|\| ($r[0]['page-flags'] == PAGE_COMMUNITY)) {`
			`$perm = 'rw';`
			`}`
			`else {`
			`$perm = 'r';`
			`}`
rino recipient patch 2010-12-01 21:39:00 +00:00
cleanup to ensure protocol version is passed properly. We will need it if/when any incompatible protocol changes are introduced. 2010-10-13 03:29:04 +00:00			`header("Content-type: text/xml");`

			`echo '<?xml version="1.0" encoding="UTF-8"?>' . "\r\n"`
			`. '<dfrn_notify>' . "\r\n"`
			`. "\t" . '<status>' . $status . '</status>' . "\r\n"`
			`. "\t" . '<dfrn_version>' . DFRN_PROTOCOL_VERSION . '</dfrn_version>' . "\r\n"`
improved rw notifications 2012-03-29 00:21:56 +00:00			`. "\t" . '<rino>' . $rino . '</rino>' . "\r\n"`
			`. "\t" . '<perm>' . $perm . '</perm>' . "\r\n"`
cleanup to ensure protocol version is passed properly. We will need it if/when any incompatible protocol changes are introduced. 2010-10-13 03:29:04 +00:00			`. "\t" . '<dfrn_id>' . $encrypted_id . '</dfrn_id>' . "\r\n"`
			`. "\t" . '<challenge>' . $challenge . '</challenge>' . "\r\n"`
			`. '</dfrn_notify>' . "\r\n" ;`

xrd cannot be called before db is open to get language 2010-10-04 11:22:34 +00:00			`killme();`
some changes 2010-07-05 03:45:56 +00:00			`}`

xrd cannot be called before db is open to get language 2010-10-04 11:22:34 +00:00			`}`