Merge pull request #460 from MrPetovan/task/3942-add-user-authenticate

Use User::authenticate
This commit is contained in:
Michael Vogel 2017-12-02 09:05:18 +01:00 committed by GitHub
commit 7a447e507e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 542 additions and 538 deletions

View file

@ -1,39 +1,39 @@
<?php <?php
class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic { use Friendica\Model\User;
public function __construct() {
}
class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic
{
/** /**
* @var Sabre_DAV_Auth_Backend_Std|null * @var Sabre_DAV_Auth_Backend_Std|null
*/ */
private static $intstance = null; private static $instance = null;
/** /**
* @static * @static
* @return Sabre_DAV_Auth_Backend_Std * @return Sabre_DAV_Auth_Backend_Std
*/ */
public static function &getInstance() { public static function getInstance()
if (is_null(self::$intstance)) { {
self::$intstance = new Sabre_DAV_Auth_Backend_Std(); if (is_null(self::$instance)) {
self::$instance = new Sabre_DAV_Auth_Backend_Std();
} }
return self::$intstance; return self::$instance;
} }
/** /**
* @return array * @return array
*/ */
public function getUsers() { public function getUsers()
{
return array($this->currentUser); return array($this->currentUser);
} }
/** /**
* @return null|string * @return null|string
*/ */
public function getCurrentUser() { public function getCurrentUser()
{
return $this->currentUser; return $this->currentUser;
} }
@ -48,8 +48,8 @@ class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic {
* @throws Sabre_DAV_Exception_NotAuthenticated * @throws Sabre_DAV_Exception_NotAuthenticated
* @return bool * @return bool
*/ */
public function authenticate(Sabre_DAV_Server $server, $realm) { public function authenticate(Sabre_DAV_Server $server, $realm)
{
$a = get_app(); $a = get_app();
if (isset($a->user["uid"])) { if (isset($a->user["uid"])) {
$this->currentUser = strtolower($a->user["nickname"]); $this->currentUser = strtolower($a->user["nickname"]);
@ -75,19 +75,13 @@ class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic {
return true; return true;
} }
/** /**
* @param string $username * @param string $username
* @param string $password * @param string $password
* @return bool * @return bool
*/ */
protected function validateUserPass($username, $password) { protected function validateUserPass($username, $password)
$encrypted = hash('whirlpool',trim($password)); {
$r = q("SELECT COUNT(*) anz FROM `user` WHERE `nickname` = '%s' AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", return User::authenticate($username, $password);
dbesc(trim($username)),
dbesc($encrypted)
);
return ($r[0]["anz"] == 1);
} }
} }

View file

@ -7,7 +7,6 @@
* Author: leberwurscht <leberwurscht@hoegners.de> * Author: leberwurscht <leberwurscht@hoegners.de>
* *
*/ */
// //
// Copyright 2012 "Leberwurscht" <leberwurscht@hoegners.de> // Copyright 2012 "Leberwurscht" <leberwurscht@hoegners.de>
// //
@ -63,10 +62,13 @@ json({"status":"ok", "encrypted_address":"%s"})
*/ */
use Friendica\App;
use Friendica\Core\Config; use Friendica\Core\Config;
use Friendica\Core\PConfig; use Friendica\Core\PConfig;
use Friendica\Model\User;
function jappixmini_install() { function jappixmini_install()
{
register_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings'); register_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings');
register_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post'); register_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post');
@ -80,23 +82,27 @@ register_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_downl
// set standard configuration // set standard configuration
$info_text = Config::get("jappixmini", "infotext"); $info_text = Config::get("jappixmini", "infotext");
if (!$info_text) set_confConfig::setig("jappixmini", "infotext", if (!$info_text)
"To get the chat working, you need to know a BOSH host which works with your Jabber account. ". set_confConfig::setig("jappixmini", "infotext", "To get the chat working, you need to know a BOSH host which works with your Jabber account. " .
"An example of a BOSH server that works for all accounts is https://bind.jappix.com/, but keep " . "An example of a BOSH server that works for all accounts is https://bind.jappix.com/, but keep " .
"in mind that the BOSH server can read along all chat messages. If you know that your Jabber " . "in mind that the BOSH server can read along all chat messages. If you know that your Jabber " .
"server also provides an own BOSH server, it is much better to use this one!" "server also provides an own BOSH server, it is much better to use this one!"
); );
$bosh_proxy = Config::get("jappixmini", "bosh_proxy"); $bosh_proxy = Config::get("jappixmini", "bosh_proxy");
if ($bosh_proxy==="") Config::set("jappixmini", "bosh_proxy", "1"); if ($bosh_proxy === "") {
Config::set("jappixmini", "bosh_proxy", "1");
}
// set addon version so that safe updates are possible later // set addon version so that safe updates are possible later
$addon_version = Config::get("jappixmini", "version"); $addon_version = Config::get("jappixmini", "version");
if ($addon_version==="") Config::set("jappixmini", "version", "1"); if ($addon_version === "") {
Config::set("jappixmini", "version", "1");
}
} }
function jappixmini_uninstall()
function jappixmini_uninstall() { {
unregister_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings'); unregister_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings');
unregister_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post'); unregister_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post');
@ -108,16 +114,18 @@ unregister_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron');
unregister_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source'); unregister_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source');
} }
function jappixmini_plugin_admin(&$a, &$o) { function jappixmini_plugin_admin(App $a, &$o)
{
// display instructions and warnings on addon settings page for admin // display instructions and warnings on addon settings page for admin
if (!file_exists("addon/jappixmini.tgz")) { if (!file_exists("addon/jappixmini.tgz")) {
$o .= '<p><strong style="color:#fff;background-color:#f00">The source archive jappixmini.tgz does not exist. This is probably a violation of the Jappix License (AGPL).</strong></p>'; $o .= '<p><strong style="color:#fff;background-color:#f00">The source archive jappixmini.tgz does not exist. This is probably a violation of the Jappix License (AGPL).</strong></p>';
} }
// warn if cron job has not yet been executed // warn if cron job has not yet been executed
$cron_run = Config::get("jappixmini", "last_cron_execution"); $cron_run = Config::get("jappixmini", "last_cron_execution");
if (!$cron_run) $o .= "<p><strong>Warning: The cron job has not yet been executed. If this message is still there after some time (usually 10 minutes), this means that autosubscribe and autoaccept will not work.</strong></p>"; if (!$cron_run) {
$o .= "<p><strong>Warning: The cron job has not yet been executed. If this message is still there after some time (usually 10 minutes), this means that autosubscribe and autoaccept will not work.</strong></p>";
}
// bosh proxy // bosh proxy
$bosh_proxy = intval(Config::get("jappixmini", "bosh_proxy")); $bosh_proxy = intval(Config::get("jappixmini", "bosh_proxy"));
@ -150,7 +158,8 @@ function jappixmini_plugin_admin(&$a, &$o) {
$o .= '<input type="submit" name="jappixmini-admin-settings" value="OK" />'; $o .= '<input type="submit" name="jappixmini-admin-settings" value="OK" />';
} }
function jappixmini_plugin_admin_post(&$a) { function jappixmini_plugin_admin_post(App $a)
{
// set info text // set info text
$submit = $_REQUEST['jappixmini-admin-settings']; $submit = $_REQUEST['jappixmini-admin-settings'];
if ($submit) { if ($submit) {
@ -167,29 +176,35 @@ function jappixmini_plugin_admin_post(&$a) {
} }
} }
function jappixmini_module() {} function jappixmini_module()
function jappixmini_init(&$a) { {
}
function jappixmini_init()
{
// module page where other Friendica sites can submit Jabber addresses to and also can query Jabber addresses // module page where other Friendica sites can submit Jabber addresses to and also can query Jabber addresses
// of local users // of local users
$dfrn_id = $_REQUEST["dfrn_id"]; $dfrn_id = $_REQUEST["dfrn_id"];
if (!$dfrn_id) killme(); if (!$dfrn_id) {
killme();
}
$role = $_REQUEST["role"]; $role = $_REQUEST["role"];
if ($role == "pub") { if ($role == "pub") {
$r = q("SELECT * FROM `contact` WHERE LENGTH(`pubkey`) AND `dfrn-id`='%s' LIMIT 1", $r = q("SELECT * FROM `contact` WHERE LENGTH(`pubkey`) AND `dfrn-id`='%s' LIMIT 1", dbesc($dfrn_id));
dbesc($dfrn_id) if (!count($r)) {
); killme();
if (!count($r)) killme(); }
$encrypt_func = openssl_public_encrypt; $encrypt_func = openssl_public_encrypt;
$decrypt_func = openssl_public_decrypt; $decrypt_func = openssl_public_decrypt;
$key = $r[0]["pubkey"]; $key = $r[0]["pubkey"];
} else if ($role == "prv") { } else if ($role == "prv") {
$r = q("SELECT * FROM `contact` WHERE LENGTH(`prvkey`) AND `issued-id`='%s' LIMIT 1", $r = q("SELECT * FROM `contact` WHERE LENGTH(`prvkey`) AND `issued-id`='%s' LIMIT 1", dbesc($dfrn_id));
dbesc($dfrn_id) if (!count($r)) {
); killme();
if (!count($r)) killme(); }
$encrypt_func = openssl_private_encrypt; $encrypt_func = openssl_private_encrypt;
$decrypt_func = openssl_private_decrypt; $decrypt_func = openssl_private_decrypt;
@ -211,11 +226,14 @@ function jappixmini_init(&$a) {
$now = intval(time()); $now = intval(time());
PConfig::set($uid, "jappixmini", "id:$dfrn_id", "$now:$trusted_address"); PConfig::set($uid, "jappixmini", "id:$dfrn_id", "$now:$trusted_address");
} catch (Exception $e) { } catch (Exception $e) {
} }
// do not return an address if user deactivated plugin // do not return an address if user deactivated plugin
$activated = PConfig::get($uid, 'jappixmini', 'activate'); $activated = PConfig::get($uid, 'jappixmini', 'activate');
if (!$activated) killme(); if (!$activated) {
killme();
}
// return the requested Jabber address // return the requested Jabber address
try { try {
@ -241,9 +259,9 @@ function jappixmini_init(&$a) {
} }
} }
function jappixmini_settings(&$a, &$s) { function jappixmini_settings(App $a, &$s)
{
// addon settings for a user // addon settings for a user
$activate = PConfig::get(local_user(), 'jappixmini', 'activate'); $activate = PConfig::get(local_user(), 'jappixmini', 'activate');
$activate = intval($activate) ? ' checked="checked"' : ''; $activate = intval($activate) ? ' checked="checked"' : '';
$dontinsertchat = PConfig::get(local_user(), 'jappixmini', 'dontinsertchat'); $dontinsertchat = PConfig::get(local_user(), 'jappixmini', 'dontinsertchat');
@ -251,8 +269,9 @@ function jappixmini_settings(&$a, &$s) {
$defaultbosh = Config::get("jappixmini", "bosh_address"); $defaultbosh = Config::get("jappixmini", "bosh_address");
if ($defaultbosh != "") if ($defaultbosh != "") {
PConfig::set(local_user(), 'jappixmini', 'bosh', $defaultbosh); PConfig::set(local_user(), 'jappixmini', 'bosh', $defaultbosh);
}
$username = PConfig::get(local_user(), 'jappixmini', 'username'); $username = PConfig::get(local_user(), 'jappixmini', 'username');
$username = htmlentities($username); $username = htmlentities($username);
@ -269,11 +288,13 @@ function jappixmini_settings(&$a, &$s) {
$encrypt_checked = $encrypt ? ' checked="checked"' : ''; $encrypt_checked = $encrypt ? ' checked="checked"' : '';
$encrypt_disabled = $encrypt ? '' : ' disabled="disabled"'; $encrypt_disabled = $encrypt ? '' : ' disabled="disabled"';
if ($server == "") if ($server == "") {
$server = Config::get("jappixmini", "default_server"); $server = Config::get("jappixmini", "default_server");
}
if (($username == "") && Config::get("jappixmini", "default_user")) if (($username == "") && Config::get("jappixmini", "default_user")) {
$username = $a->user["nickname"]; $username = $a->user["nickname"];
}
$info_text = Config::get("jappixmini", "infotext"); $info_text = Config::get("jappixmini", "infotext");
$info_text = htmlentities($info_text); $info_text = htmlentities($info_text);
@ -281,13 +302,19 @@ function jappixmini_settings(&$a, &$s) {
// count contacts // count contacts
$r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%'", local_user()); $r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%'", local_user());
if (count($r)) $contact_cnt = $r[0]["cnt"]; if (count($r)) {
else $contact_cnt = 0; $contact_cnt = $r[0]["cnt"];
} else {
$contact_cnt = 0;
}
// count jabber addresses // count jabber addresses
$r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%' AND `v` LIKE '%%@%%'", local_user()); $r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%' AND `v` LIKE '%%@%%'", local_user());
if (count($r)) $address_cnt = $r[0]["cnt"]; if (count($r)) {
else $address_cnt = 0; $address_cnt = $r[0]["cnt"];
} else {
$address_cnt = 0;
}
if (!$activate) { if (!$activate) {
// load scripts if not yet activated so that password can be saved // load scripts if not yet activated so that password can be saved
@ -324,7 +351,6 @@ function jappixmini_settings(&$a, &$s) {
$s .= '<br />'; $s .= '<br />';
} }
$s .= '<label for="jappixmini-password">' . t('Jabber password') . '</label>'; $s .= '<label for="jappixmini-password">' . t('Jabber password') . '</label>';
$s .= ' <input type="hidden" id="jappixmini-password" name="jappixmini-encrypted-password" value="' . $password . '" />'; $s .= ' <input type="hidden" id="jappixmini-password" name="jappixmini-encrypted-password" value="' . $password . '" />';
$s .= ' <input id="jappixmini-clear-password" type="password" value="" onchange="jappixmini_set_password();" />'; $s .= ' <input id="jappixmini-clear-password" type="password" value="" onchange="jappixmini_set_password();" />';
@ -345,7 +371,9 @@ function jappixmini_settings(&$a, &$s) {
$s .= '<label for="jappixmini-purge">' . t('Purge internal list of jabber addresses of contacts') . '</label>'; $s .= '<label for="jappixmini-purge">' . t('Purge internal list of jabber addresses of contacts') . '</label>';
$s .= ' <input id="jappixmini-purge" type="checkbox" name="jappixmini-purge" value="1" />'; $s .= ' <input id="jappixmini-purge" type="checkbox" name="jappixmini-purge" value="1" />';
$s .= '<br />'; $s .= '<br />';
if ($info_text) $s .= '<br />Configuration help:<p style="margin-left:2em;">'.$info_text.'</p>'; if ($info_text) {
$s .= '<br />Configuration help:<p style="margin-left:2em;">' . $info_text . '</p>';
}
$s .= '<br />Status:<p style="margin-left:2em;">Addon knows ' . $address_cnt . ' Jabber addresses of ' . $contact_cnt . ' Friendica contacts (takes some time, usually 10 minutes, to update).</p>'; $s .= '<br />Status:<p style="margin-left:2em;">Addon knows ' . $address_cnt . ' Jabber addresses of ' . $contact_cnt . ' Friendica contacts (takes some time, usually 10 minutes, to update).</p>';
$s .= '<input type="submit" name="jappixmini-submit" value="' . t('Save Settings') . '" />'; $s .= '<input type="submit" name="jappixmini-submit" value="' . t('Save Settings') . '" />';
$s .= ' <input type="button" value="' . t('Add contact') . '" onclick="jappixmini_addon_subscribe();" />'; $s .= ' <input type="button" value="' . t('Add contact') . '" onclick="jappixmini_addon_subscribe();" />';
@ -388,10 +416,12 @@ function jappixmini_settings(&$a, &$s) {
</script>"; </script>";
} }
function jappixmini_settings_post(&$a,&$b) { function jappixmini_settings_post(App $a, &$b)
{
// save addon settings for a user // save addon settings for a user
if (!local_user()) {
if(! local_user()) return; return;
}
$uid = local_user(); $uid = local_user();
if ($_POST['jappixmini-submit']) { if ($_POST['jappixmini-submit']) {
@ -399,11 +429,7 @@ function jappixmini_settings_post(&$a,&$b) {
if ($encrypt) { if ($encrypt) {
// check that Jabber password was encrypted with correct Friendica password // check that Jabber password was encrypted with correct Friendica password
$friendica_password = trim($b['jappixmini-friendica-password']); $friendica_password = trim($b['jappixmini-friendica-password']);
$encrypted = hash('whirlpool',$friendica_password); if (!User::authenticate((int) $uid, $friendica_password)) {
$r = q("SELECT * FROM `user` WHERE `uid`=$uid AND `password`='%s'",
dbesc($encrypted)
);
if (!count($r)) {
info("Wrong friendica password!"); info("Wrong friendica password!");
return; return;
} }
@ -413,11 +439,15 @@ function jappixmini_settings_post(&$a,&$b) {
$username = trim($b['jappixmini-username']); $username = trim($b['jappixmini-username']);
$old_username = PConfig::get($uid, 'jappixmini', 'username'); $old_username = PConfig::get($uid, 'jappixmini', 'username');
if ($username!=$old_username) $purge = 1; if ($username != $old_username) {
$purge = 1;
}
$server = trim($b['jappixmini-server']); $server = trim($b['jappixmini-server']);
$old_server = PConfig::get($uid, 'jappixmini', 'server'); $old_server = PConfig::get($uid, 'jappixmini', 'server');
if ($server!=$old_server) $purge = 1; if ($server != $old_server) {
$purge = 1;
}
PConfig::set($uid, 'jappixmini', 'username' , $username); PConfig::set($uid, 'jappixmini', 'username' , $username);
PConfig::set($uid, 'jappixmini', 'server' , $server); PConfig::set($uid, 'jappixmini', 'server' , $server);
@ -437,17 +467,22 @@ function jappixmini_settings_post(&$a,&$b) {
} }
} }
function jappixmini_script(&$a,&$s) { function jappixmini_script(App $a)
{
// adds the script to the page header which starts Jappix Mini // adds the script to the page header which starts Jappix Mini
if (!local_user()) {
if(! local_user()) return;
if ($_GET["mode"] == "minimal")
return; return;
}
if ($_GET["mode"] == "minimal") {
return;
}
$activate = PConfig::get(local_user(), 'jappixmini', 'activate'); $activate = PConfig::get(local_user(), 'jappixmini', 'activate');
$dontinsertchat = PConfig::get(local_user(), 'jappixmini', 'dontinsertchat'); $dontinsertchat = PConfig::get(local_user(), 'jappixmini', 'dontinsertchat');
if (!$activate || $dontinsertchat) return; if (!$activate || $dontinsertchat) {
return;
}
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;g=mini.xml"></script>' . "\r\n"; $a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;g=mini.xml"></script>' . "\r\n";
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=presence.js~caps.js~name.js~roster.js"></script>' . "\r\n"; $a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=presence.js~caps.js~name.js~roster.js"></script>' . "\r\n";
@ -474,8 +509,7 @@ function jappixmini_script(&$a,&$s) {
$use_proxy = Config::get('jappixmini', 'bosh_proxy'); $use_proxy = Config::get('jappixmini', 'bosh_proxy');
if ($use_proxy) { if ($use_proxy) {
$proxy = $a->get_baseurl() . '/addon/jappixmini/proxy.php'; $proxy = $a->get_baseurl() . '/addon/jappixmini/proxy.php';
} } else {
else {
$proxy = ""; $proxy = "";
} }
@ -487,18 +521,19 @@ function jappixmini_script(&$a,&$s) {
$key = $row['k']; $key = $row['k'];
$pos = strpos($key, ":"); $pos = strpos($key, ":");
$dfrn_id = substr($key, $pos + 1); $dfrn_id = substr($key, $pos + 1);
$r = q("SELECT `name` FROM `contact` WHERE `uid`=$uid AND (`dfrn-id`='%s' OR `issued-id`='%s')", $r = q("SELECT `name` FROM `contact` WHERE `uid`=$uid AND (`dfrn-id`='%s' OR `issued-id`='%s')", dbesc($dfrn_id), dbesc($dfrn_id));
dbesc($dfrn_id),
dbesc($dfrn_id)
);
if (count($r)) if (count($r))
$name = $r[0]["name"]; $name = $r[0]["name"];
$value = $row['v']; $value = $row['v'];
$pos = strpos($value, ":"); $pos = strpos($value, ":");
$address = substr($value, $pos + 1); $address = substr($value, $pos + 1);
if (!$address) continue; if (!$address) {
if (!$name) $name = $address; continue;
}
if (!$name) {
$name = $address;
}
$contacts[$address] = $name; $contacts[$address] = $name;
} }
@ -524,9 +559,9 @@ function jappixmini_script(&$a,&$s) {
return; return;
} }
function jappixmini_login(&$a, &$o) { function jappixmini_login(App $a, &$o)
{
// create client secret on login to be able to encrypt jabber passwords // create client secret on login to be able to encrypt jabber passwords
// for setDB and str_sha1, needed by jappixmini_addon_set_client_secret // for setDB and str_sha1, needed by jappixmini_addon_set_client_secret
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=datastore.js~jsjac.js"></script>' . "\r\n"; $a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=datastore.js~jsjac.js"></script>' . "\r\n";
@ -537,17 +572,18 @@ function jappixmini_login(&$a, &$o) {
$o = str_replace("<form ", "<form onsubmit=\"jappixmini_addon_set_client_secret(this.elements['id_password'].value);return true;\" ", $o); $o = str_replace("<form ", "<form onsubmit=\"jappixmini_addon_set_client_secret(this.elements['id_password'].value);return true;\" ", $o);
} }
function jappixmini_cron(&$a, $d) { function jappixmini_cron(App $a, $d)
{
// For autosubscribe/autoapprove, we need to maintain a list of jabber addresses of our contacts. // For autosubscribe/autoapprove, we need to maintain a list of jabber addresses of our contacts.
Config::set("jappixmini", "last_cron_execution", $d); Config::set("jappixmini", "last_cron_execution", $d);
// go through list of users with jabber enabled // go through list of users with jabber enabled
$users = q("SELECT `uid` FROM `pconfig` WHERE `cat`='jappixmini' AND (`k`='autosubscribe' OR `k`='autoapprove') AND `v`='1'"); $users = q("SELECT `uid` FROM `pconfig` WHERE `cat`='jappixmini' AND (`k`='autosubscribe' OR `k`='autoapprove') AND `v`='1'");
logger("jappixmini: Update list of contacts' jabber accounts for " . count($users) . " users."); logger("jappixmini: Update list of contacts' jabber accounts for " . count($users) . " users.");
if(! count($users)) if (!count($users)) {
return; return;
}
foreach ($users as $row) { foreach ($users as $row) {
$uid = $row["uid"]; $uid = $row["uid"];
@ -557,7 +593,9 @@ function jappixmini_cron(&$a, $d) {
intval($uid), dbesc(NETWORK_DFRN)); intval($uid), dbesc(NETWORK_DFRN));
foreach ($contacts as $contact_row) { foreach ($contacts as $contact_row) {
$request = $contact_row["request"]; $request = $contact_row["request"];
if (!$request) continue; if (!$request) {
continue;
}
$dfrn_id = $contact_row["dfrn-id"]; $dfrn_id = $contact_row["dfrn-id"];
if ($dfrn_id) { if ($dfrn_id) {
@ -583,20 +621,28 @@ function jappixmini_cron(&$a, $d) {
// do not re-retrieve jabber address if last retrieval // do not re-retrieve jabber address if last retrieval
// is not older than a week // is not older than a week
if ($now-$timestamp<3600*24*7) continue; if ($now - $timestamp < 3600 * 24 * 7) {
continue;
}
} }
// construct base retrieval address // construct base retrieval address
$pos = strpos($request, "/dfrn_request/"); $pos = strpos($request, "/dfrn_request/");
if ($pos===false) continue; if ($pos === false) {
continue;
}
$base = substr($request, 0, $pos) . "/jappixmini?role=$role"; $base = substr($request, 0, $pos) . "/jappixmini?role=$role";
// construct own address // construct own address
$username = PConfig::get($uid, 'jappixmini', 'username'); $username = PConfig::get($uid, 'jappixmini', 'username');
if (!$username) continue; if (!$username) {
continue;
}
$server = PConfig::get($uid, 'jappixmini', 'server'); $server = PConfig::get($uid, 'jappixmini', 'server');
if (!$server) continue; if (!$server) {
continue;
}
$address = $username . "@" . $server; $address = $username . "@" . $server;
@ -614,18 +660,26 @@ function jappixmini_cron(&$a, $d) {
// parse answer // parse answer
$answer = json_decode($answer_json); $answer = json_decode($answer_json);
if ($answer->status != "ok") throw new Exception(); if ($answer->status != "ok") {
throw new Exception();
}
$encrypted_address_hex = $answer->encrypted_address; $encrypted_address_hex = $answer->encrypted_address;
if (!$encrypted_address_hex) throw new Exception(); if (!$encrypted_address_hex) {
throw new Exception();
}
$encrypted_address = hex2bin($encrypted_address_hex); $encrypted_address = hex2bin($encrypted_address_hex);
if (!$encrypted_address) throw new Exception(); if (!$encrypted_address) {
throw new Exception();
}
// decrypt address // decrypt address
$decrypted_address = ""; $decrypted_address = "";
$decrypt_func($encrypted_address, $decrypted_address, $key); $decrypt_func($encrypted_address, $decrypted_address, $key);
if (!$decrypted_address) throw new Exception(); if (!$decrypted_address) {
throw new Exception();
}
} catch (Exception $e) { } catch (Exception $e) {
$decrypted_address = ""; $decrypted_address = "";
} }
@ -636,9 +690,9 @@ function jappixmini_cron(&$a, $d) {
} }
} }
function jappixmini_download_source(&$a,&$b) { function jappixmini_download_source(App $a, &$b)
{
// Jappix Mini source download link on About page // Jappix Mini source download link on About page
$b .= '<h1>Jappix Mini</h1>'; $b .= '<h1>Jappix Mini</h1>';
$b .= '<p>This site uses the jappixmini addon, which includes Jappix Mini by the <a href="' . $a->get_baseurl() . '/addon/jappixmini/jappix/AUTHORS">Jappix authors</a> and is distributed under the terms of the <a href="' . $a->get_baseurl() . '/addon/jappixmini/jappix/COPYING">GNU Affero General Public License</a>.</p>'; $b .= '<p>This site uses the jappixmini addon, which includes Jappix Mini by the <a href="' . $a->get_baseurl() . '/addon/jappixmini/jappix/AUTHORS">Jappix authors</a> and is distributed under the terms of the <a href="' . $a->get_baseurl() . '/addon/jappixmini/jappix/COPYING">GNU Affero General Public License</a>.</p>';
$b .= '<p>You can download the <a href="' . $a->get_baseurl() . '/addon/jappixmini.tgz">source code of the addon</a>. The rest of Friendica is distributed under compatible licenses and can be retrieved from <a href="https://github.com/friendica/friendica">https://github.com/friendica/friendica</a> and <a href="https://github.com/friendica/friendica-addons">https://github.com/friendica/friendica-addons</a></p>'; $b .= '<p>You can download the <a href="' . $a->get_baseurl() . '/addon/jappixmini.tgz">source code of the addon</a>. The rest of Friendica is distributed under compatible licenses and can be retrieved from <a href="https://github.com/friendica/friendica">https://github.com/friendica/friendica</a> and <a href="https://github.com/friendica/friendica-addons">https://github.com/friendica/friendica-addons</a></p>';

View file

@ -1,4 +1,5 @@
<?php <?php
/** /**
* Name: WindowsPhonePush * Name: WindowsPhonePush
* Description: Enable push notification to send information to Friendica Mobile app on Windows phone (count of unread timeline entries, text of last posting - if wished by user) * Description: Enable push notification to send information to Friendica Mobile app on Windows phone (count of unread timeline entries, text of last posting - if wished by user)
@ -24,46 +25,34 @@
* sets the counter back * sets the counter back
* count only unseen elements which are not type=activity (likes and dislikes not seen as new elements) * count only unseen elements which are not type=activity (likes and dislikes not seen as new elements)
*/ */
use Friendica\App;
use Friendica\Core\PConfig; use Friendica\Core\PConfig;
use Friendica\Model\User;
function windowsphonepush_install() { function windowsphonepush_install()
{
/** /* Our plugin will attach in three places.
*
* Our plugin will attach in three places.
* The first is within cron - so the push notifications will be * The first is within cron - so the push notifications will be
* sent every 10 minutes (or whatever is set in crontab). * sent every 10 minutes (or whatever is set in crontab).
*
*/ */
register_hook('cron', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_cron'); register_hook('cron', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_cron');
/** /* Then we'll attach into the plugin settings page, and also the
*
* Then we'll attach into the plugin settings page, and also the
* settings post hook so that we can create and update * settings post hook so that we can create and update
* user preferences. User shall be able to activate the plugin and * user preferences. User shall be able to activate the plugin and
* define whether he allows pushing first characters of item text * define whether he allows pushing first characters of item text
*
*/ */
register_hook('plugin_settings', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings'); register_hook('plugin_settings', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings');
register_hook('plugin_settings_post', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings_post'); register_hook('plugin_settings_post', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings_post');
logger("installed windowsphonepush"); logger("installed windowsphonepush");
} }
function windowsphonepush_uninstall()
function windowsphonepush_uninstall() { {
/* uninstall unregisters any hooks created with register_hook
/**
*
* uninstall unregisters any hooks created with register_hook
* during install. Don't delete data in table `pconfig`. * during install. Don't delete data in table `pconfig`.
*
*/ */
unregister_hook('cron', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_cron'); unregister_hook('cron', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_cron');
unregister_hook('plugin_settings', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings'); unregister_hook('plugin_settings', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings');
unregister_hook('plugin_settings_post', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings_post'); unregister_hook('plugin_settings_post', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings_post');
@ -71,22 +60,22 @@ function windowsphonepush_uninstall() {
logger("removed windowsphonepush"); logger("removed windowsphonepush");
} }
/* declare the windowsphonepush function so that /windowsphonepush url requests will land here */ /* declare the windowsphonepush function so that /windowsphonepush url requests will land here */
function windowsphonepush_module() {} function windowsphonepush_module()
{
}
/** /* Callback from the settings post function.
*
* Callback from the settings post function.
* $post contains the $_POST array. * $post contains the $_POST array.
* We will make sure we've got a valid user account * We will make sure we've got a valid user account
* and if so set our configuration setting for this person. * and if so set our configuration setting for this person.
*
*/ */
function windowsphonepush_settings_post($a,$post) { function windowsphonepush_settings_post($a, $post)
if(! local_user() || (! x($_POST,'windowsphonepush-submit'))) {
if (!local_user() || (!x($_POST, 'windowsphonepush-submit'))) {
return; return;
}
$enable = intval($_POST['windowsphonepush']); $enable = intval($_POST['windowsphonepush']);
PConfig::set(local_user(), 'windowsphonepush', 'enable', $enable); PConfig::set(local_user(), 'windowsphonepush', 'enable', $enable);
@ -99,17 +88,14 @@ function windowsphonepush_settings_post($a,$post) {
info(t('WindowsPhonePush settings updated.') . EOL); info(t('WindowsPhonePush settings updated.') . EOL);
} }
/* Called from the Plugin Setting form.
/**
*
* Called from the Plugin Setting form.
* Add our own settings info to the page. * Add our own settings info to the page.
*
*/ */
function windowsphonepush_settings(&$a,&$s) { function windowsphonepush_settings(&$a, &$s)
{
if(! local_user()) if (!local_user()) {
return; return;
}
/* Add our stylesheet to the page so we can make our settings look nice */ /* Add our stylesheet to the page so we can make our settings look nice */
$a->page['htmlhead'] .= '<link rel="stylesheet" type="text/css" href="' . $a->get_baseurl() . '/addon/windowsphonepush/windowsphonepush.css' . '" media="all" />' . "\r\n"; $a->page['htmlhead'] .= '<link rel="stylesheet" type="text/css" href="' . $a->get_baseurl() . '/addon/windowsphonepush/windowsphonepush.css' . '" media="all" />' . "\r\n";
@ -147,18 +133,13 @@ function windowsphonepush_settings(&$a,&$s) {
$s .= '</div><div class="clear"></div></div>'; $s .= '</div><div class="clear"></div></div>';
return; return;
} }
/* Cron function used to regularly check all users on the server with active windowsphonepushplugin and send
/**
*
* Cron function used to regularly check all users on the server with active windowsphonepushplugin and send
* notifications to the Microsoft servers and consequently to the Windows Phone device * notifications to the Microsoft servers and consequently to the Windows Phone device
*
*/ */
function windowsphonepush_cron()
function windowsphonepush_cron() { {
// retrieve all UID's for which the plugin windowsphonepush is enabled and loop through every user // retrieve all UID's for which the plugin windowsphonepush is enabled and loop through every user
$r = q("SELECT * FROM `pconfig` WHERE `cat` = 'windowsphonepush' AND `k` = 'enable' AND `v` = 1"); $r = q("SELECT * FROM `pconfig` WHERE `cat` = 'windowsphonepush' AND `k` = 'enable' AND `v` = 1");
if (count($r)) { if (count($r)) {
@ -175,9 +156,7 @@ function windowsphonepush_cron() {
} else { } else {
// retrieve the number of unseen items and the id of the latest one (if there are more than // retrieve the number of unseen items and the id of the latest one (if there are more than
// one new entries since last poller run, only the latest one will be pushed) // one new entries since last poller run, only the latest one will be pushed)
$count = q("SELECT count(`id`) as count, max(`id`) as max FROM `item` WHERE `unseen` = 1 AND `type` <> 'activity' AND `uid` = %d", $count = q("SELECT count(`id`) as count, max(`id`) as max FROM `item` WHERE `unseen` = 1 AND `type` <> 'activity' AND `uid` = %d", intval($rr['uid']));
intval($rr['uid'])
);
// send number of unseen items to the device (the number will be displayed on Start screen until // send number of unseen items to the device (the number will be displayed on Start screen until
// App will be started by user) - this update will be sent every 10 minutes to update the number to 0 if // App will be started by user) - this update will be sent every 10 minutes to update the number to 0 if
@ -212,9 +191,7 @@ function windowsphonepush_cron() {
$senditemtext = PConfig::get($rr['uid'], 'windowsphonepush', 'senditemtext'); $senditemtext = PConfig::get($rr['uid'], 'windowsphonepush', 'senditemtext');
if ($senditemtext == 1) { if ($senditemtext == 1) {
// load item with the max id // load item with the max id
$item = q("SELECT `author-name` as author, `body` as body FROM `item` where `id` = %d", $item = q("SELECT `author-name` as author, `body` as body FROM `item` where `id` = %d", intval($count[0]['max']));
intval($count[0]['max'])
);
// as user allows to send the item, we want to show the sender of the item in the toast // as user allows to send the item, we want to show the sender of the item in the toast
// toasts are limited to one line, therefore place is limited - author shall be in // toasts are limited to one line, therefore place is limited - author shall be in
@ -227,9 +204,9 @@ function windowsphonepush_cron() {
// Otherwise BBcode-Tags will be eliminated and plain text cutted to 140 chars (incl. dots) // Otherwise BBcode-Tags will be eliminated and plain text cutted to 140 chars (incl. dots)
// BTW: information only possible in English // BTW: information only possible in English
$body = $item[0]['body']; $body = $item[0]['body'];
if (substr($body, 0, 4) == "[url") if (substr($body, 0, 4) == "[url") {
$body = "URL/Image ..."; $body = "URL/Image ...";
else { } else {
require_once('include/bbcode.php'); require_once('include/bbcode.php');
require_once("include/html2plain.php"); require_once("include/html2plain.php");
$body = bbcode($body, false, false, 2, true); $body = bbcode($body, false, false, 2, true);
@ -256,14 +233,11 @@ function windowsphonepush_cron() {
} }
} }
/* Tile push notification change the number in the icon of the App in Start Screen of
/*
*
* Tile push notification change the number in the icon of the App in Start Screen of
* a Windows Phone Device, Image could be changed, not used for App "Friendica Mobile" * a Windows Phone Device, Image could be changed, not used for App "Friendica Mobile"
*
*/ */
function send_tile_update($device_url, $image_url, $count, $title, $priority = 1) { function send_tile_update($device_url, $image_url, $count, $title, $priority = 1)
{
$msg = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" . $msg = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" .
"<wp:Notification xmlns:wp=\"WPNotification\">" . "<wp:Notification xmlns:wp=\"WPNotification\">" .
"<wp:Tile>" . "<wp:Tile>" .
@ -280,14 +254,12 @@ function send_tile_update($device_url, $image_url, $count, $title, $priority = 1
return $result; return $result;
} }
/* /* Toast push notification send information to the top of the display
*
* Toast push notification send information to the top of the display
* if the user is not currently using the Friendica Mobile App, however * if the user is not currently using the Friendica Mobile App, however
* there is only one line for displaying the information * there is only one line for displaying the information
*
*/ */
function send_toast($device_url, $title, $message, $priority = 2) { function send_toast($device_url, $title, $message, $priority = 2)
{
$msg = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" . $msg = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" .
"<wp:Notification xmlns:wp=\"WPNotification\">" . "<wp:Notification xmlns:wp=\"WPNotification\">" .
"<wp:Toast>" . "<wp:Toast>" .
@ -304,19 +276,15 @@ function send_toast($device_url, $title, $message, $priority = 2) {
return $result; return $result;
} }
/* // General function to send the push notification via cURL
* function send_push($device_url, $headers, $msg)
* General function to send the push notification via cURL {
*
*/
function send_push($device_url, $headers, $msg) {
$ch = curl_init(); $ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $device_url); curl_setopt($ch, CURLOPT_URL, $device_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, curl_setopt($ch, CURLOPT_HTTPHEADER, $headers + array(
$headers + array(
'Content-Type: text/xml', 'Content-Type: text/xml',
'charset=utf-8', 'charset=utf-8',
'Accept: application/*', 'Accept: application/*',
@ -341,25 +309,21 @@ function send_push($device_url, $headers, $msg) {
return $notificationStatus; return $notificationStatus;
} }
/* // helper function to receive statuses from webresponse of Microsoft server
* helper function to receive statuses from webresponse of Microsoft server function get_header_value($content, $header)
*/ {
function get_header_value($content, $header) {
return preg_match_all("/$header: (.*)/i", $content, $match) ? $match[1][0] : ""; return preg_match_all("/$header: (.*)/i", $content, $match) ? $match[1][0] : "";
} }
/* reading information from url and deciding which function to start
/*
*
* reading information from url and deciding which function to start
* show_settings = delivering settings to check * show_settings = delivering settings to check
* update_settings = set the device_url * update_settings = set the device_url
* update_counterunseen = set counter for unseen elements to zero * update_counterunseen = set counter for unseen elements to zero
*
*/ */
function windowsphonepush_content(&$a) { function windowsphonepush_content(App $a)
{
// Login with the specified Network credentials (like in api.php) // Login with the specified Network credentials (like in api.php)
windowsphonepush_login(); windowsphonepush_login($a);
$path = $a->argv[0]; $path = $a->argv[0];
$path2 = $a->argv[1]; $path2 = $a->argv[1];
@ -387,12 +351,12 @@ function windowsphonepush_content(&$a) {
} }
} }
/* // return settings for windowsphonepush addon to be able to check them in WP app
* return settings for windowsphonepush addon to be able to check them in WP app function windowsphonepush_showsettings()
*/ {
function windowsphonepush_showsettings(&$a) { if (!local_user()) {
if(! local_user())
return; return;
}
$enable = PConfig::get(local_user(), 'windowsphonepush', 'enable'); $enable = PConfig::get(local_user(), 'windowsphonepush', 'enable');
$device_url = PConfig::get(local_user(), 'windowsphonepush', 'device_url'); $device_url = PConfig::get(local_user(), 'windowsphonepush', 'device_url');
@ -401,11 +365,13 @@ function windowsphonepush_showsettings(&$a) {
$counterunseen = PConfig::get(local_user(), 'windowsphonepush', 'counterunseen'); $counterunseen = PConfig::get(local_user(), 'windowsphonepush', 'counterunseen');
$addonversion = "2.0"; $addonversion = "2.0";
if (!$device_url) if (!$device_url) {
$device_url = ""; $device_url = "";
}
if (!$lastpushid) if (!$lastpushid) {
$lastpushid = 0; $lastpushid = 0;
}
header("Content-Type: application/json"); header("Content-Type: application/json");
echo json_encode(array('uid' => local_user(), echo json_encode(array('uid' => local_user(),
@ -417,11 +383,11 @@ function windowsphonepush_showsettings(&$a) {
'addonversion' => $addonversion)); 'addonversion' => $addonversion));
} }
/* /* update_settings is used to transfer the device_url from WP device to the Friendica server
* update_settings is used to transfer the device_url from WP device to the Friendica server
* return the status of the operation to the server * return the status of the operation to the server
*/ */
function windowsphonepush_updatesettings(&$a) { function windowsphonepush_updatesettings()
{
if (!local_user()) { if (!local_user()) {
return "Not Authenticated"; return "Not Authenticated";
} }
@ -460,10 +426,9 @@ function windowsphonepush_updatesettings(&$a) {
return "Device-URL updated successfully!"; return "Device-URL updated successfully!";
} }
/* // update_counterunseen is used to reset the counter to zero from Windows Phone app
* update_counterunseen is used to reset the counter to zero from Windows Phone app function windowsphonepush_updatecounterunseen()
*/ {
function windowsphonepush_updatecounterunseen() {
if (!local_user()) { if (!local_user()) {
return "Not Authenticated"; return "Not Authenticated";
} }
@ -478,11 +443,11 @@ function windowsphonepush_updatecounterunseen() {
return "Counter set to zero"; return "Counter set to zero";
} }
/* /* helper function to login to the server with the specified Network credentials
* helper function to login to the server with the specified Network credentials
* (mainly copied from api.php) * (mainly copied from api.php)
*/ */
function windowsphonepush_login() { function windowsphonepush_login(App $a)
{
if (!isset($_SERVER['PHP_AUTH_USER'])) { if (!isset($_SERVER['PHP_AUTH_USER'])) {
logger('API_login: ' . print_r($_SERVER, true), LOGGER_DEBUG); logger('API_login: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"'); header('WWW-Authenticate: Basic realm="Friendica"');
@ -490,19 +455,10 @@ function windowsphonepush_login() {
die('This api requires login'); die('This api requires login');
} }
$user = $_SERVER['PHP_AUTH_USER']; $user_id = User::authenticate($_SERVER['PHP_AUTH_USER'], trim($_SERVER['PHP_AUTH_PW']));
$encrypted = hash('whirlpool',trim($_SERVER['PHP_AUTH_PW']));
// check if user specified by app is available in the user table if ($user_id) {
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) $record = dba::select('user', [], ['uid' => $user_id], ['limit' => 1]);
AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1",
dbesc(trim($user)),
dbesc(trim($user)),
dbesc($encrypted)
);
if(count($r)){
$record = $r[0];
} else { } else {
logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG); logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"'); header('WWW-Authenticate: Basic realm="Friendica"');
@ -510,8 +466,8 @@ function windowsphonepush_login() {
die('This api requires login'); die('This api requires login');
} }
require_once('include/security.php'); require_once 'include/security.php';
authenticate_success($record); $_SESSION["allow_api"] = true; authenticate_success($record);
$_SESSION["allow_api"] = true;
call_hooks('logged_in', $a->user); call_hooks('logged_in', $a->user);
} }