From 07da99fcde8cf44da60c45c6ee1bbf385c837b68 Mon Sep 17 00:00:00 2001 From: Terence Eden Date: Tue, 5 Mar 2024 19:42:02 +0000 Subject: [PATCH] Change logging Only log on succes / failure - not every damned thing. Better Lemmy support --- index.php | 72 +++++++++++++++++++------------------------------------ 1 file changed, 24 insertions(+), 48 deletions(-) diff --git a/index.php b/index.php index 003d57c..d0fc7b1 100644 --- a/index.php +++ b/index.php @@ -61,55 +61,14 @@ if( !is_dir( $directory ) ) { mkdir( $data ); mkdir( $directory ); } } - // Logging: - // ActivityPub is a "chatty" protocol. - // This takes all the requests your server receives and saves them as a datestamped text file. - - // Get all headers and requests sent to this server - $headers = print_r( getallheaders(), true ); - $postData = print_r( $_POST, true ); - $getData = print_r( $_GET, true ); - $filesData = print_r( $_FILES, true ); + // Get the information sent to this server $input = file_get_contents( "php://input" ); $body = json_decode( $input,true ); $bodyData = print_r( $body, true ); - $requestData = print_r( $_REQUEST, true ); - $serverData = print_r( $_SERVER, true ); + // If the root has been requested, manually set the path to `/` !empty( $_GET["path"] ) ? $path = $_GET["path"] : $path = "/"; - // Get the type of request - used in the log filename - if ( isset( $body["type"] ) ) { - // Sanitise before using it in a filename - $type = urlencode( $body["type"] ); - } else { - // Sanitise the path requested - $type = urlencode( $path ); - } - - // Create a timestamp for the filename. - // This format has milliseconds, so should avoid logs being overwritten. - // If you have > 1000 requests per second, please use a different server. - $timestamp = ( new DateTime() )->format( DATE_RFC3339_EXTENDED ); - - // Alternatively, use a UUID. These retain the date as hex encoded UNIX seconds. - // This means the log files will never clash - but it does make the filenames harder to read. - // $timestamp = uuid(); - - // Filename for the log - $filename = "{$timestamp}.{$type}.txt"; - - // Save headers and request data to the timestamped file in the logs directory - file_put_contents( $directories["logs"] . "/{$filename}", - "Headers: \n$headers \n\n" . - "Body Data: \n$bodyData \n\n" . - "POST Data: \n$postData \n\n" . - "GET Data: \n$getData \n\n" . - "Files Data: \n$filesData \n\n" . - "Request Data:\n$requestData\n\n" . - "Server Data: \n$serverData \n\n" - ); - // Routing: // The .htaccess changes /whatever to /?path=whatever // This runs the function of the path requested. @@ -275,21 +234,38 @@ function inbox() { global $body, $server, $username, $key_private, $directories; - // Validate HTTP Message Signature - // This logs whether the signature was validated or not - if ( !verifyHTTPSignature() ) { die(); } - // Get the message and type $inbox_message = $body; $inbox_type = $inbox_message["type"]; + // Messages to ignore. + // Some servers are very chatty. They send lots of irrelevant messages. + // Before even bothering to validate them, we can delete them. + + // Lemmy sends lots of announce messages. The object contains details of what the message is. + if ( is_array( $inbox_message["object"] ) ) { + + if ( match( $inbox_message["object"]["type"] ) { + "Follow", "Undo", "Dislike", "Like" => true, + default => false, + } ) { + // Discard it, no further processing. + die(); + } + } + // Save any Follow, Create, Update, Announce, Like messages // This ignores Delete, Undo, and anything else if ( match( $inbox_type ) { "Follow", "Create", "Update", "Announce", "Like" => true, default => false, } ) { - // Save the message in `/data/inbox/` + + // Validate HTTP Message Signature + // This logs whether the signature was validated or not + if ( !verifyHTTPSignature() ) { die(); } + + // If the message is valid, save the message in `/data/inbox/` $uuid = uuid(); $inbox_filename = $uuid . "." . urlencode( $inbox_type ) . ".json"; file_put_contents( $directories["inbox"] . "/{$inbox_filename}", json_encode( $inbox_message ) );