mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-23 22:15:12 +00:00
Merge pull request #3 from redmatrix/master
updating from original codebase
This commit is contained in:
commit
5ec3d3e36d
18 changed files with 313 additions and 150 deletions
2
boot.php
2
boot.php
|
@ -50,7 +50,7 @@ define ( 'PLATFORM_NAME', 'hubzilla' );
|
||||||
define ( 'RED_VERSION', trim(file_get_contents('version.inc')) . 'H');
|
define ( 'RED_VERSION', trim(file_get_contents('version.inc')) . 'H');
|
||||||
define ( 'ZOT_REVISION', 1 );
|
define ( 'ZOT_REVISION', 1 );
|
||||||
|
|
||||||
define ( 'DB_UPDATE_VERSION', 1153 );
|
define ( 'DB_UPDATE_VERSION', 1154 );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Constant with a HTML line break.
|
* @brief Constant with a HTML line break.
|
||||||
|
|
|
@ -286,6 +286,7 @@ class Item extends BaseObject {
|
||||||
'body' => $body,
|
'body' => $body,
|
||||||
'text' => strip_tags($body),
|
'text' => strip_tags($body),
|
||||||
'id' => $this->get_id(),
|
'id' => $this->get_id(),
|
||||||
|
'mid' => $item['mid'],
|
||||||
'isevent' => $isevent,
|
'isevent' => $isevent,
|
||||||
'attend' => $attend,
|
'attend' => $attend,
|
||||||
'consensus' => $consensus,
|
'consensus' => $consensus,
|
||||||
|
@ -301,6 +302,7 @@ class Item extends BaseObject {
|
||||||
'vwall' => t('via Wall-To-Wall:'),
|
'vwall' => t('via Wall-To-Wall:'),
|
||||||
'profile_url' => $profile_link,
|
'profile_url' => $profile_link,
|
||||||
'item_photo_menu' => item_photo_menu($item),
|
'item_photo_menu' => item_photo_menu($item),
|
||||||
|
'dreport' => t('Delivery Report'),
|
||||||
'name' => $profile_name,
|
'name' => $profile_name,
|
||||||
'thumb' => $profile_avatar,
|
'thumb' => $profile_avatar,
|
||||||
'osparkle' => $osparkle,
|
'osparkle' => $osparkle,
|
||||||
|
|
|
@ -15,7 +15,10 @@ function deliver_run($argv, $argc) {
|
||||||
|
|
||||||
logger('deliver: invoked: ' . print_r($argv,true), LOGGER_DATA);
|
logger('deliver: invoked: ' . print_r($argv,true), LOGGER_DATA);
|
||||||
|
|
||||||
|
|
||||||
for($x = 1; $x < $argc; $x ++) {
|
for($x = 1; $x < $argc; $x ++) {
|
||||||
|
|
||||||
|
$dresult = null;
|
||||||
$r = q("select * from outq where outq_hash = '%s' limit 1",
|
$r = q("select * from outq where outq_hash = '%s' limit 1",
|
||||||
dbesc($argv[$x])
|
dbesc($argv[$x])
|
||||||
);
|
);
|
||||||
|
@ -98,11 +101,29 @@ function deliver_run($argv, $argc) {
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
$msg = array('body' => json_encode(array('success' => true, 'pickup' => array(array('notify' => $notify,'message' => $m)))));
|
$msg = array('body' => json_encode(array('success' => true, 'pickup' => array(array('notify' => $notify,'message' => $m)))));
|
||||||
zot_import($msg,z_root());
|
$dresult = zot_import($msg,z_root());
|
||||||
}
|
}
|
||||||
$r = q("delete from outq where outq_hash = '%s'",
|
$r = q("delete from outq where outq_hash = '%s'",
|
||||||
dbesc($argv[$x])
|
dbesc($argv[$x])
|
||||||
);
|
);
|
||||||
|
if($dresult && is_array($dresult)) {
|
||||||
|
foreach($dresult as $xx) {
|
||||||
|
if(is_array($xx) && array_key_exists('message_id',$xx)) {
|
||||||
|
q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan ) values ( '%s', '%s','%s','%s','%s','%s' ) ",
|
||||||
|
dbesc($xx['message_id']),
|
||||||
|
dbesc($xx['location']),
|
||||||
|
dbesc($xx['recipient']),
|
||||||
|
dbesc($xx['status']),
|
||||||
|
dbesc(datetime_convert($xx['date'])),
|
||||||
|
dbesc($xx['sender'])
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
q("delete from dreport where dreport_queue = '%s' limit 1",
|
||||||
|
dbesc($argv[$x])
|
||||||
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
|
|
@ -4417,6 +4417,18 @@ function delete_item_lowlevel($item, $stage = DROPITEM_NORMAL, $force = false) {
|
||||||
intval($item['uid'])
|
intval($item['uid'])
|
||||||
);
|
);
|
||||||
|
|
||||||
|
// remove delivery reports
|
||||||
|
|
||||||
|
$c = q("select channel_hash from channel where channel_id = %d limit 1",
|
||||||
|
intval($item['uid'])
|
||||||
|
);
|
||||||
|
if($c) {
|
||||||
|
q("delete from dreport where dreport_xchan = '%s' and dreport_mid = '%s'",
|
||||||
|
dbesc($c[0]['channel_hash']),
|
||||||
|
dbesc($item['mid'])
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
// network deletion request. Keep the message structure so that we can deliver delete notifications.
|
// network deletion request. Keep the message structure so that we can deliver delete notifications.
|
||||||
// Come back after several days (or perhaps a month) to do the lowlevel delete (DROPITEM_PHASE2).
|
// Come back after several days (or perhaps a month) to do the lowlevel delete (DROPITEM_PHASE2).
|
||||||
|
|
||||||
|
|
|
@ -662,6 +662,18 @@ function notifier_run($argv, $argc){
|
||||||
dbesc($n),
|
dbesc($n),
|
||||||
dbesc(json_encode($encoded_item))
|
dbesc(json_encode($encoded_item))
|
||||||
);
|
);
|
||||||
|
// only create delivery reports for normal undeleted items
|
||||||
|
if(array_key_exists('postopts',$target_item) && (! $target_item['item_deleted'])) {
|
||||||
|
q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan, dreport_queue ) values ( '%s','%s','%s','%s','%s','%s','%s' ) ",
|
||||||
|
dbesc($target_item['mid']),
|
||||||
|
dbesc($hub['hubloc_host']),
|
||||||
|
dbesc($hub['hubloc_host']),
|
||||||
|
dbesc('queued'),
|
||||||
|
dbesc(datetime_convert()),
|
||||||
|
dbesc($channel['channel_hash']),
|
||||||
|
dbesc($hash)
|
||||||
|
);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
$deliver[] = $hash;
|
$deliver[] = $hash;
|
||||||
|
|
||||||
|
|
|
@ -201,6 +201,17 @@ function poller_run($argv, $argc){
|
||||||
db_utcnow(), db_quoteinterval('30 DAY')
|
db_utcnow(), db_quoteinterval('30 DAY')
|
||||||
);
|
);
|
||||||
|
|
||||||
|
// expire old delivery reports
|
||||||
|
|
||||||
|
$keep_reports = intval(get_config('system','expire_delivery_reports'));
|
||||||
|
if($keep_reports === 0)
|
||||||
|
$keep_reports = 30;
|
||||||
|
|
||||||
|
q("delete from dreport where dreport_time < %s - INTERVAL %s",
|
||||||
|
db_utcnow(),
|
||||||
|
db_quoteinterval($keep_reports . ' DAY')
|
||||||
|
);
|
||||||
|
|
||||||
// expire any expired accounts
|
// expire any expired accounts
|
||||||
downgrade_accounts();
|
downgrade_accounts();
|
||||||
|
|
||||||
|
|
|
@ -957,6 +957,25 @@ function zot_process_response($hub, $arr, $outq) {
|
||||||
logger('zot_process_response: headers: ' . print_r($arr['header'],true), LOGGER_DATA);
|
logger('zot_process_response: headers: ' . print_r($arr['header'],true), LOGGER_DATA);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(array_key_exists('delivery_report',$x)) {
|
||||||
|
foreach($x['delivery_report'] as $xx) {
|
||||||
|
if(is_array($xx) && array_key_exists('message_id',$xx)) {
|
||||||
|
q("insert into dreport ( dreport_mid, dreport_site, dreport_recip, dreport_result, dreport_time, dreport_xchan ) values ( '%s', '%s','%s','%s','%s','%s' ) ",
|
||||||
|
dbesc($xx['message_id']),
|
||||||
|
dbesc($xx['location']),
|
||||||
|
dbesc($xx['recipient']),
|
||||||
|
dbesc($xx['status']),
|
||||||
|
dbesc(datetime_convert($xx['date'])),
|
||||||
|
dbesc($xx['sender'])
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
q("delete from dreport where dreport_queue = '%s' limit 1",
|
||||||
|
dbesc($outq['outq_hash'])
|
||||||
|
);
|
||||||
|
|
||||||
// update the timestamp for this site
|
// update the timestamp for this site
|
||||||
|
|
||||||
q("update site set site_dead = 0, site_update = '%s' where site_url = '%s'",
|
q("update site set site_dead = 0, site_update = '%s' where site_url = '%s'",
|
||||||
|
@ -1564,6 +1583,13 @@ function process_delivery($sender, $arr, $deliveries, $relay, $public = false, $
|
||||||
$DR->addto_recipient($channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>');
|
$DR->addto_recipient($channel['channel_name'] . ' <' . $channel['channel_address'] . '@' . get_app()->get_hostname() . '>');
|
||||||
|
|
||||||
|
|
||||||
|
if($d['hash'] === $sender['hash']) {
|
||||||
|
$DR->update('self delivery ignored');
|
||||||
|
$result[] = $DR->get();
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
// allow public postings to the sys channel regardless of permissions, but not
|
// allow public postings to the sys channel regardless of permissions, but not
|
||||||
// for comments travelling upstream. Wait and catch them on the way down.
|
// for comments travelling upstream. Wait and catch them on the way down.
|
||||||
// They may have been blocked by the owner.
|
// They may have been blocked by the owner.
|
||||||
|
|
|
@ -359,11 +359,13 @@ CREATE TABLE IF NOT EXISTS `dreport` (
|
||||||
`dreport_result` char(255) NOT NULL DEFAULT '',
|
`dreport_result` char(255) NOT NULL DEFAULT '',
|
||||||
`dreport_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
|
`dreport_time` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
|
||||||
`dreport_xchan` char(255) NOT NULL DEFAULT '',
|
`dreport_xchan` char(255) NOT NULL DEFAULT '',
|
||||||
|
`dreport_queue` char(255) NOT NULL DEFAULT '',
|
||||||
PRIMARY KEY (`dreport_id`),
|
PRIMARY KEY (`dreport_id`),
|
||||||
KEY `dreport_mid` (`dreport_mid`),
|
KEY `dreport_mid` (`dreport_mid`),
|
||||||
KEY `dreport_site` (`dreport_site`),
|
KEY `dreport_site` (`dreport_site`),
|
||||||
KEY `dreport_time` (`dreport_time`),
|
KEY `dreport_time` (`dreport_time`),
|
||||||
KEY `dreport_xchan` (`dreport_xchan`),
|
KEY `dreport_xchan` (`dreport_xchan`),
|
||||||
|
KEY `dreport_queue` (`dreport_queue`),
|
||||||
KEY `dreport_channel` (`dreport_channel`)
|
KEY `dreport_channel` (`dreport_channel`)
|
||||||
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
|
) ENGINE=MyISAM DEFAULT CHARSET=utf8;
|
||||||
|
|
||||||
|
|
|
@ -350,6 +350,7 @@ CREATE TABLE IF NOT EXISTS "dreport" (
|
||||||
"dreport_result" char(255) NOT NULL DEFAULT '',
|
"dreport_result" char(255) NOT NULL DEFAULT '',
|
||||||
"dreport_time" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00',
|
"dreport_time" timestamp NOT NULL DEFAULT '0001-01-01 00:00:00',
|
||||||
"dreport_xchan" char(255) NOT NULL DEFAULT '',
|
"dreport_xchan" char(255) NOT NULL DEFAULT '',
|
||||||
|
"dreport_queue" char(255) NOT NULL DEFAULT '',
|
||||||
PRIMARY KEY ("dreport_id")
|
PRIMARY KEY ("dreport_id")
|
||||||
);
|
);
|
||||||
|
|
||||||
|
@ -357,6 +358,7 @@ create index "dreport_mid" on dreport ("dreport_mid");
|
||||||
create index "dreport_site" on dreport ("dreport_site");
|
create index "dreport_site" on dreport ("dreport_site");
|
||||||
create index "dreport_time" on dreport ("dreport_time");
|
create index "dreport_time" on dreport ("dreport_time");
|
||||||
create index "dreport_xchan" on dreport ("dreport_xchan");
|
create index "dreport_xchan" on dreport ("dreport_xchan");
|
||||||
|
create index "dreport_queue" on dreport ("dreport_queue");
|
||||||
create index "dreport_channel" on dreport ("dreport_channel");
|
create index "dreport_channel" on dreport ("dreport_channel");
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
define( 'UPDATE_VERSION' , 1153 );
|
define( 'UPDATE_VERSION' , 1154 );
|
||||||
|
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
|
@ -1854,3 +1854,14 @@ function update_r1152() {
|
||||||
return UPDATE_FAILED;
|
return UPDATE_FAILED;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function update_r1153() {
|
||||||
|
|
||||||
|
$r1 = q("ALTER TABLE dreport ADD dreport_queue CHAR( 255 ) NOT NULL DEFAULT '' ");
|
||||||
|
$r2 = q("create index dreport_queue on dreport ( dreport_queue) ");
|
||||||
|
if($r1 && $r2)
|
||||||
|
return UPDATE_SUCCESS;
|
||||||
|
return UPDATE_FAILED;
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
|
@ -73,6 +73,8 @@ function cloud_init(&$a) {
|
||||||
|
|
||||||
$server->addPlugin($lockPlugin);
|
$server->addPlugin($lockPlugin);
|
||||||
|
|
||||||
|
/* This next bit should no longer be needed... */
|
||||||
|
|
||||||
// The next section of code allows us to bypass prompting for http-auth if a
|
// The next section of code allows us to bypass prompting for http-auth if a
|
||||||
// FILE is being accessed anonymously and permissions allow this. This way
|
// FILE is being accessed anonymously and permissions allow this. This way
|
||||||
// one can create hotlinks to public media files in their cloud and anonymous
|
// one can create hotlinks to public media files in their cloud and anonymous
|
||||||
|
@ -83,24 +85,24 @@ function cloud_init(&$a) {
|
||||||
// In order to avoid prompting for passwords for viewing a DIRECTORY, add
|
// In order to avoid prompting for passwords for viewing a DIRECTORY, add
|
||||||
// the URL query parameter 'davguest=1'.
|
// the URL query parameter 'davguest=1'.
|
||||||
|
|
||||||
$isapublic_file = false;
|
// $isapublic_file = false;
|
||||||
$davguest = ((x($_SESSION, 'davguest')) ? true : false);
|
// $davguest = ((x($_SESSION, 'davguest')) ? true : false);
|
||||||
|
|
||||||
if ((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) {
|
// if ((! $auth->observer) && ($_SERVER['REQUEST_METHOD'] === 'GET')) {
|
||||||
try {
|
// try {
|
||||||
$x = RedFileData('/' . $a->cmd, $auth);
|
// $x = RedFileData('/' . $a->cmd, $auth);
|
||||||
if($x instanceof RedDAV\RedFile)
|
// if($x instanceof RedDAV\RedFile)
|
||||||
$isapublic_file = true;
|
// $isapublic_file = true;
|
||||||
}
|
// }
|
||||||
catch (Exception $e) {
|
// catch (Exception $e) {
|
||||||
$isapublic_file = false;
|
// $isapublic_file = false;
|
||||||
}
|
// }
|
||||||
}
|
// }
|
||||||
|
|
||||||
if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) {
|
// if ((! $auth->observer) && (! $isapublic_file) && (! $davguest)) {
|
||||||
logger('mod_cloud: auth exception');
|
// logger('mod_cloud: auth exception');
|
||||||
http_status_exit(401, 'Permission denied.');
|
// http_status_exit(401, 'Permission denied.');
|
||||||
}
|
// }
|
||||||
|
|
||||||
require_once('include/RedDAV/RedBrowser.php');
|
require_once('include/RedDAV/RedBrowser.php');
|
||||||
// provide a directory view for the cloud in Hubzilla
|
// provide a directory view for the cloud in Hubzilla
|
||||||
|
|
43
mod/dreport.php
Normal file
43
mod/dreport.php
Normal file
|
@ -0,0 +1,43 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
function dreport_content(&$a) {
|
||||||
|
|
||||||
|
if(! local_channel()) {
|
||||||
|
notice( t('Permission denied') . EOL);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$channel = $a->get_channel();
|
||||||
|
|
||||||
|
$mid = ((argc() > 1) ? argv(1) : '');
|
||||||
|
|
||||||
|
if(! $mid) {
|
||||||
|
notice( t('Invalid message') . EOL);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$r = q("select * from dreport where dreport_xchan = '%s' and dreport_mid = '%s'",
|
||||||
|
dbesc($channel['channel_hash']),
|
||||||
|
dbesc($mid)
|
||||||
|
);
|
||||||
|
|
||||||
|
if(! $r) {
|
||||||
|
notice( t('no results') . EOL);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
$o .= '<h2>' . sprintf( t('Delivery report for %1$s'),substr($mid,0,32)) . '...' . '</h2>';
|
||||||
|
$o .= '<table>';
|
||||||
|
|
||||||
|
foreach($r as $rr) {
|
||||||
|
$name = escape_tags(substr($rr['dreport_recip'],strpos($rr['dreport_recip'],' ')));
|
||||||
|
$o .= '<tr><td>' . $name . '</td><td>' . escape_tags($rr['dreport_result']) . '</td><td>' . escape_tags($rr['dreport_time']) . '</td></tr>';
|
||||||
|
}
|
||||||
|
$o .= '</table>';
|
||||||
|
|
||||||
|
return $o;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
|
@ -641,6 +641,7 @@ function item_post(&$a) {
|
||||||
$item_unseen = ((local_channel() != $profile_uid) ? 1 : 0);
|
$item_unseen = ((local_channel() != $profile_uid) ? 1 : 0);
|
||||||
$item_wall = (($post_type === 'wall' || $post_type === 'wall-comment') ? 1 : 0);
|
$item_wall = (($post_type === 'wall' || $post_type === 'wall-comment') ? 1 : 0);
|
||||||
$item_origin = (($origin) ? 1 : 0);
|
$item_origin = (($origin) ? 1 : 0);
|
||||||
|
$item_consensus = (($consensus) ? 1 : 0);
|
||||||
|
|
||||||
|
|
||||||
// determine if this is a wall post
|
// determine if this is a wall post
|
||||||
|
|
15
mod/locs.php
15
mod/locs.php
|
@ -50,8 +50,17 @@ function locs_post(&$a) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if(intval($r[0]['hubloc_primary'])) {
|
if(intval($r[0]['hubloc_primary'])) {
|
||||||
notice( t('Primary location cannot be removed.') . EOL);
|
$x = q("select hubloc_id from hubloc where hubloc_primary = 1 and hubloc_hash = '%s'",
|
||||||
return;
|
dbesc($channel['channel_hash'])
|
||||||
|
);
|
||||||
|
if(! $x) {
|
||||||
|
notice( t('Location lookup failed.'));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
if(count($x) == 1) {
|
||||||
|
notice( t('Please select another location to become primary before removing the primary location.') . EOL);
|
||||||
|
return;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$r = q("update hubloc set hubloc_deleted = 1 where hubloc_id = %d and hubloc_hash = '%s'",
|
$r = q("update hubloc set hubloc_deleted = 1 where hubloc_id = %d and hubloc_hash = '%s'",
|
||||||
|
@ -91,8 +100,6 @@ function locs_content(&$a) {
|
||||||
$r[$x]['deleted'] = (intval($r[$x]['hubloc_deleted']) ? true : false);
|
$r[$x]['deleted'] = (intval($r[$x]['hubloc_deleted']) ? true : false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
$o = replace_macros(get_markup_template('locmanage.tpl'), array(
|
$o = replace_macros(get_markup_template('locmanage.tpl'), array(
|
||||||
'$header' => t('Manage Channel Locations'),
|
'$header' => t('Manage Channel Locations'),
|
||||||
'$loc' => t('Location (address)'),
|
'$loc' => t('Location (address)'),
|
||||||
|
|
254
mod/post.php
254
mod/post.php
|
@ -117,7 +117,7 @@ function post_init(&$a) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Try and find a hubloc for the person attempting to auth
|
// Try and find a hubloc for the person attempting to auth
|
||||||
$x = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash where hubloc_addr = '%s' order by hubloc_id desc limit 1",
|
$x = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash where hubloc_addr = '%s' order by hubloc_id desc",
|
||||||
dbesc($address)
|
dbesc($address)
|
||||||
);
|
);
|
||||||
|
|
||||||
|
@ -128,7 +128,7 @@ function post_init(&$a) {
|
||||||
$j = json_decode($ret['body'], true);
|
$j = json_decode($ret['body'], true);
|
||||||
if ($j)
|
if ($j)
|
||||||
import_xchan($j);
|
import_xchan($j);
|
||||||
$x = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash where hubloc_addr = '%s' order by hubloc_id desc limit 1",
|
$x = q("select * from hubloc left join xchan on xchan_hash = hubloc_hash where hubloc_addr = '%s' order by hubloc_id desc",
|
||||||
dbesc($address)
|
dbesc($address)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
@ -144,152 +144,159 @@ function post_init(&$a) {
|
||||||
goaway($desturl);
|
goaway($desturl);
|
||||||
}
|
}
|
||||||
|
|
||||||
logger('mod_zot: auth request received from ' . $x[0]['hubloc_addr'] );
|
|
||||||
|
|
||||||
// check credentials and access
|
foreach($x as $xx) {
|
||||||
|
logger('mod_zot: auth request received from ' . $xx['hubloc_addr'] );
|
||||||
|
|
||||||
// If they are already authenticated and haven't changed credentials,
|
// check credentials and access
|
||||||
// we can save an expensive network round trip and improve performance.
|
|
||||||
|
|
||||||
$remote = remote_channel();
|
// If they are already authenticated and haven't changed credentials,
|
||||||
$result = null;
|
// we can save an expensive network round trip and improve performance.
|
||||||
$remote_service_class = '';
|
|
||||||
$remote_level = 0;
|
|
||||||
$remote_hub = $x[0]['hubloc_url'];
|
|
||||||
$DNT = 0;
|
|
||||||
|
|
||||||
// Also check that they are coming from the same site as they authenticated with originally.
|
$remote = remote_channel();
|
||||||
|
$result = null;
|
||||||
|
$remote_service_class = '';
|
||||||
|
$remote_level = 0;
|
||||||
|
$remote_hub = $xx['hubloc_url'];
|
||||||
|
$DNT = 0;
|
||||||
|
|
||||||
$already_authed = ((($remote) && ($x[0]['hubloc_hash'] == $remote) && ($x[0]['hubloc_url'] === $_SESSION['remote_hub'])) ? true : false);
|
// Also check that they are coming from the same site as they authenticated with originally.
|
||||||
if($delegate && $delegate !== $_SESSION['delegate_channel'])
|
|
||||||
$already_authed = false;
|
|
||||||
|
|
||||||
$j = array();
|
$already_authed = ((($remote) && ($xx['hubloc_hash'] == $remote) && ($xx['hubloc_url'] === $_SESSION['remote_hub'])) ? true : false);
|
||||||
|
if($delegate && $delegate !== $_SESSION['delegate_channel'])
|
||||||
|
$already_authed = false;
|
||||||
|
|
||||||
if (! $already_authed) {
|
$j = array();
|
||||||
|
|
||||||
// Auth packets MUST use ultra top-secret hush-hush mode - e.g. the entire packet is encrypted using the site private key
|
if (! $already_authed) {
|
||||||
// The actual channel sending the packet ($c[0]) is not important, but this provides a generic zot packet with a sender
|
|
||||||
// which can be verified
|
|
||||||
|
|
||||||
$p = zot_build_packet($c[0],$type = 'auth_check', array(array('guid' => $x[0]['hubloc_guid'],'guid_sig' => $x[0]['hubloc_guid_sig'])), $x[0]['hubloc_sitekey'], $sec);
|
// Auth packets MUST use ultra top-secret hush-hush mode - e.g. the entire packet is encrypted using the site private key
|
||||||
if ($test) {
|
// The actual channel sending the packet ($c[0]) is not important, but this provides a generic zot packet with a sender
|
||||||
$ret['message'] .= 'auth check packet created using sitekey ' . $x[0]['hubloc_sitekey'] . EOL;
|
// which can be verified
|
||||||
$ret['message'] .= 'packet contents: ' . $p . EOL;
|
|
||||||
}
|
|
||||||
|
|
||||||
$result = zot_zot($x[0]['hubloc_callback'],$p);
|
$p = zot_build_packet($c[0],$type = 'auth_check', array(array('guid' => $xx['hubloc_guid'],'guid_sig' => $xx['hubloc_guid_sig'])), $xx['hubloc_sitekey'], $sec);
|
||||||
|
|
||||||
if (! $result['success']) {
|
|
||||||
logger('mod_zot: auth_check callback failed.');
|
|
||||||
if ($test) {
|
if ($test) {
|
||||||
$ret['message'] .= 'auth check request to your site returned .' . print_r($result, true) . EOL;
|
$ret['message'] .= 'auth check packet created using sitekey ' . $xx['hubloc_sitekey'] . EOL;
|
||||||
json_return_and_die($ret);
|
$ret['message'] .= 'packet contents: ' . $p . EOL;
|
||||||
}
|
}
|
||||||
|
|
||||||
goaway($desturl);
|
$result = zot_zot($xx['hubloc_callback'],$p);
|
||||||
}
|
|
||||||
$j = json_decode($result['body'], true);
|
|
||||||
if (! $j) {
|
|
||||||
logger('mod_zot: auth_check json data malformed.');
|
|
||||||
if($test) {
|
|
||||||
$ret['message'] .= 'json malformed: ' . $result['body'] . EOL;
|
|
||||||
json_return_and_die($ret);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($test) {
|
if (! $result['success']) {
|
||||||
$ret['message'] .= 'auth check request returned .' . print_r($j, true) . EOL;
|
logger('mod_zot: auth_check callback failed.');
|
||||||
}
|
|
||||||
|
|
||||||
if ($already_authed || $j['success']) {
|
|
||||||
if ($j['success']) {
|
|
||||||
// legit response, but we do need to check that this wasn't answered by a man-in-middle
|
|
||||||
if (! rsa_verify($sec . $x[0]['xchan_hash'],base64url_decode($j['confirm']),$x[0]['xchan_pubkey'])) {
|
|
||||||
logger('mod_zot: auth: final confirmation failed.');
|
|
||||||
if ($test) {
|
if ($test) {
|
||||||
$ret['message'] .= 'final confirmation failed. ' . $sec . print_r($j,true) . print_r($x[0],true);
|
$ret['message'] .= 'auth check request to your site returned .' . print_r($result, true) . EOL;
|
||||||
json_return_and_die($ret);
|
continue;
|
||||||
}
|
}
|
||||||
|
continue;
|
||||||
goaway($desturl);
|
|
||||||
}
|
}
|
||||||
if (array_key_exists('service_class',$j))
|
$j = json_decode($result['body'], true);
|
||||||
$remote_service_class = $j['service_class'];
|
if (! $j) {
|
||||||
if (array_key_exists('level',$j))
|
logger('mod_zot: auth_check json data malformed.');
|
||||||
$remote_level = $j['level'];
|
if($test) {
|
||||||
if (array_key_exists('DNT',$j))
|
$ret['message'] .= 'json malformed: ' . $result['body'] . EOL;
|
||||||
$DNT = $j['DNT'];
|
continue;
|
||||||
}
|
|
||||||
// everything is good... maybe
|
|
||||||
if(local_channel()) {
|
|
||||||
|
|
||||||
// tell them to logout if they're logged in locally as anything but the target remote account
|
|
||||||
// in which case just shut up because they don't need to be doing this at all.
|
|
||||||
|
|
||||||
if ($a->channel['channel_hash'] != $x[0]['xchan_hash']) {
|
|
||||||
logger('mod_zot: auth: already authenticated locally as somebody else.');
|
|
||||||
notice( t('Remote authentication blocked. You are logged into this site locally. Please logout and retry.') . EOL);
|
|
||||||
if ($test) {
|
|
||||||
$ret['message'] .= 'already logged in locally with a conflicting identity.' . EOL;
|
|
||||||
json_return_and_die($ret);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
goaway($desturl);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// log them in
|
|
||||||
|
|
||||||
if ($test) {
|
if ($test) {
|
||||||
$ret['success'] = true;
|
$ret['message'] .= 'auth check request returned .' . print_r($j, true) . EOL;
|
||||||
$ret['message'] .= 'Authentication Success!' . EOL;
|
|
||||||
json_return_and_die($ret);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$delegation_success = false;
|
if ($already_authed || $j['success']) {
|
||||||
if ($delegate) {
|
if ($j['success']) {
|
||||||
$r = q("select * from channel left join xchan on channel_hash = xchan_hash where xchan_addr = '%s' limit 1",
|
// legit response, but we do need to check that this wasn't answered by a man-in-middle
|
||||||
dbesc($delegate)
|
if (! rsa_verify($sec . $xx['xchan_hash'],base64url_decode($j['confirm']),$xx['xchan_pubkey'])) {
|
||||||
);
|
logger('mod_zot: auth: final confirmation failed.');
|
||||||
if ($r && intval($r[0]['channel_id'])) {
|
if ($test) {
|
||||||
$allowed = perm_is_allowed($r[0]['channel_id'],$x[0]['xchan_hash'],'delegate');
|
$ret['message'] .= 'final confirmation failed. ' . $sec . print_r($j,true) . print_r($xx,true);
|
||||||
if ($allowed) {
|
continue;
|
||||||
$_SESSION['delegate_channel'] = $r[0]['channel_id'];
|
}
|
||||||
$_SESSION['delegate'] = $x[0]['xchan_hash'];
|
|
||||||
$_SESSION['account_id'] = intval($r[0]['channel_account_id']);
|
continue;
|
||||||
require_once('include/security.php');
|
}
|
||||||
change_channel($r[0]['channel_id']);
|
if (array_key_exists('service_class',$j))
|
||||||
$delegation_success = true;
|
$remote_service_class = $j['service_class'];
|
||||||
|
if (array_key_exists('level',$j))
|
||||||
|
$remote_level = $j['level'];
|
||||||
|
if (array_key_exists('DNT',$j))
|
||||||
|
$DNT = $j['DNT'];
|
||||||
|
}
|
||||||
|
// everything is good... maybe
|
||||||
|
if(local_channel()) {
|
||||||
|
|
||||||
|
// tell them to logout if they're logged in locally as anything but the target remote account
|
||||||
|
// in which case just shut up because they don't need to be doing this at all.
|
||||||
|
|
||||||
|
if ($a->channel['channel_hash'] != $xx['xchan_hash']) {
|
||||||
|
logger('mod_zot: auth: already authenticated locally as somebody else.');
|
||||||
|
notice( t('Remote authentication blocked. You are logged into this site locally. Please logout and retry.') . EOL);
|
||||||
|
if ($test) {
|
||||||
|
$ret['message'] .= 'already logged in locally with a conflicting identity.' . EOL;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
// log them in
|
||||||
|
|
||||||
|
if ($test) {
|
||||||
|
$ret['success'] = true;
|
||||||
|
$ret['message'] .= 'Authentication Success!' . EOL;
|
||||||
|
json_return_and_die($ret);
|
||||||
|
}
|
||||||
|
|
||||||
|
$delegation_success = false;
|
||||||
|
if ($delegate) {
|
||||||
|
$r = q("select * from channel left join xchan on channel_hash = xchan_hash where xchan_addr = '%s' limit 1",
|
||||||
|
dbesc($delegate)
|
||||||
|
);
|
||||||
|
if ($r && intval($r[0]['channel_id'])) {
|
||||||
|
$allowed = perm_is_allowed($r[0]['channel_id'],$xx['xchan_hash'],'delegate');
|
||||||
|
if ($allowed) {
|
||||||
|
$_SESSION['delegate_channel'] = $r[0]['channel_id'];
|
||||||
|
$_SESSION['delegate'] = $xx['xchan_hash'];
|
||||||
|
$_SESSION['account_id'] = intval($r[0]['channel_account_id']);
|
||||||
|
require_once('include/security.php');
|
||||||
|
change_channel($r[0]['channel_id']);
|
||||||
|
$delegation_success = true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$_SESSION['authenticated'] = 1;
|
||||||
|
if (! $delegation_success) {
|
||||||
|
$_SESSION['visitor_id'] = $xx['xchan_hash'];
|
||||||
|
$_SESSION['my_url'] = $xx['xchan_url'];
|
||||||
|
$_SESSION['my_address'] = $address;
|
||||||
|
$_SESSION['remote_service_class'] = $remote_service_class;
|
||||||
|
$_SESSION['remote_level'] = $remote_level;
|
||||||
|
$_SESSION['remote_hub'] = $remote_hub;
|
||||||
|
$_SESSION['DNT'] = $DNT;
|
||||||
|
}
|
||||||
|
|
||||||
|
$arr = array('xchan' => $xx, 'url' => $desturl, 'session' => $_SESSION);
|
||||||
|
call_hooks('magic_auth_success',$arr);
|
||||||
|
$a->set_observer($xx);
|
||||||
|
require_once('include/security.php');
|
||||||
|
$a->set_groups(init_groups_visitor($_SESSION['visitor_id']));
|
||||||
|
info(sprintf( t('Welcome %s. Remote authentication successful.'),$xx['xchan_name']));
|
||||||
|
logger('mod_zot: auth success from ' . $xx['xchan_addr']);
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
if ($test) {
|
||||||
|
$ret['message'] .= 'auth failure. ' . print_r($_REQUEST,true) . print_r($j,true) . EOL;
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
logger('mod_zot: magic-auth failure - not authenticated: ' . $xx['xchan_addr']);
|
||||||
}
|
}
|
||||||
|
|
||||||
$_SESSION['authenticated'] = 1;
|
if ($test) {
|
||||||
if (! $delegation_success) {
|
$ret['message'] .= 'auth failure fallthrough ' . print_r($_REQUEST,true) . print_r($j,true) . EOL;
|
||||||
$_SESSION['visitor_id'] = $x[0]['xchan_hash'];
|
continue;
|
||||||
$_SESSION['my_url'] = $x[0]['xchan_url'];
|
|
||||||
$_SESSION['my_address'] = $address;
|
|
||||||
$_SESSION['remote_service_class'] = $remote_service_class;
|
|
||||||
$_SESSION['remote_level'] = $remote_level;
|
|
||||||
$_SESSION['remote_hub'] = $remote_hub;
|
|
||||||
$_SESSION['DNT'] = $DNT;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
$arr = array('xchan' => $x[0], 'url' => $desturl, 'session' => $_SESSION);
|
|
||||||
call_hooks('magic_auth_success',$arr);
|
|
||||||
$a->set_observer($x[0]);
|
|
||||||
require_once('include/security.php');
|
|
||||||
$a->set_groups(init_groups_visitor($_SESSION['visitor_id']));
|
|
||||||
info(sprintf( t('Welcome %s. Remote authentication successful.'),$x[0]['xchan_name']));
|
|
||||||
logger('mod_zot: auth success from ' . $x[0]['xchan_addr']);
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
if($test) {
|
|
||||||
$ret['message'] .= 'auth failure. ' . print_r($_REQUEST,true) . print_r($j,true) . EOL;
|
|
||||||
json_return_and_die($ret);
|
|
||||||
}
|
|
||||||
logger('mod_zot: magic-auth failure - not authenticated: ' . $x[0]['xchan_addr']);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -299,14 +306,13 @@ function post_init(&$a) {
|
||||||
* But z_root() probably isn't where you really want to go.
|
* But z_root() probably isn't where you really want to go.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if ($test) {
|
|
||||||
$ret['message'] .= 'auth failure fallthrough ' . print_r($_REQUEST,true) . print_r($j,true) . EOL;
|
|
||||||
json_return_and_die($ret);
|
|
||||||
}
|
|
||||||
|
|
||||||
if(strstr($desturl,z_root() . '/rmagic'))
|
if(strstr($desturl,z_root() . '/rmagic'))
|
||||||
goaway(z_root());
|
goaway(z_root());
|
||||||
|
|
||||||
|
if ($test) {
|
||||||
|
json_return_and_die($ret);
|
||||||
|
}
|
||||||
|
|
||||||
goaway($desturl);
|
goaway($desturl);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
2015-09-20.1161
|
2015-09-22.1163
|
||||||
|
|
|
@ -123,6 +123,11 @@
|
||||||
{{if $item.item_photo_menu}}
|
{{if $item.item_photo_menu}}
|
||||||
<li role="presentation" class="divider"></li>
|
<li role="presentation" class="divider"></li>
|
||||||
{{$item.item_photo_menu}}
|
{{$item.item_photo_menu}}
|
||||||
|
|
||||||
|
{{if $item.edpost}}
|
||||||
|
<li role="presentation"><a role="menuitem" href="dreport/{{$item.mid}}">{{$item.dreport}}</a></li>
|
||||||
|
{{/if}}
|
||||||
|
|
||||||
{{/if}}
|
{{/if}}
|
||||||
</ul>
|
</ul>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -19,7 +19,7 @@ function drophub(id) {
|
||||||
|
|
||||||
{{if $hub.primary}}<button class="btn btn-std"><i class="icon-check"></i></button>{{else}}<button class="btn btn-std" onclick="primehub({{$hub.hubloc_id}}); return false;" ><i class="icon-check-empty" ></i></button>{{/if}}
|
{{if $hub.primary}}<button class="btn btn-std"><i class="icon-check"></i></button>{{else}}<button class="btn btn-std" onclick="primehub({{$hub.hubloc_id}}); return false;" ><i class="icon-check-empty" ></i></button>{{/if}}
|
||||||
</td>
|
</td>
|
||||||
<td>{{if $hub.primary}}{{else}}{{if ! $hub.deleted}}<button class="btn btn-std" onclick="drophub({{$hub.hubloc_id}}); return false;"><i class="icon-trash"></i></button>{{/if}}{{/if}}</td>
|
<td>{{if ! $hub.deleted}}<button class="btn btn-std" onclick="drophub({{$hub.hubloc_id}}); return false;"><i class="icon-trash"></i></button>{{/if}}</td>
|
||||||
</tr>
|
</tr>
|
||||||
{{/foreach}}
|
{{/foreach}}
|
||||||
</table>
|
</table>
|
||||||
|
|
Loading…
Reference in a new issue