Merge pull request #460 from MrPetovan/task/3942-add-user-authenticate

Use User::authenticate
pull/463/head
Michael Vogel 2017-12-02 09:05:18 +01:00 committed by GitHub
commit 7a447e507e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 542 additions and 538 deletions

View File

@ -1,39 +1,39 @@
<?php <?php
class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic { use Friendica\Model\User;
public function __construct() {
}
class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic
{
/** /**
* @var Sabre_DAV_Auth_Backend_Std|null * @var Sabre_DAV_Auth_Backend_Std|null
*/ */
private static $intstance = null; private static $instance = null;
/** /**
* @static * @static
* @return Sabre_DAV_Auth_Backend_Std * @return Sabre_DAV_Auth_Backend_Std
*/ */
public static function &getInstance() { public static function getInstance()
if (is_null(self::$intstance)) { {
self::$intstance = new Sabre_DAV_Auth_Backend_Std(); if (is_null(self::$instance)) {
self::$instance = new Sabre_DAV_Auth_Backend_Std();
} }
return self::$intstance; return self::$instance;
} }
/** /**
* @return array * @return array
*/ */
public function getUsers() { public function getUsers()
{
return array($this->currentUser); return array($this->currentUser);
} }
/** /**
* @return null|string * @return null|string
*/ */
public function getCurrentUser() { public function getCurrentUser()
{
return $this->currentUser; return $this->currentUser;
} }
@ -48,8 +48,8 @@ class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic {
* @throws Sabre_DAV_Exception_NotAuthenticated * @throws Sabre_DAV_Exception_NotAuthenticated
* @return bool * @return bool
*/ */
public function authenticate(Sabre_DAV_Server $server, $realm) { public function authenticate(Sabre_DAV_Server $server, $realm)
{
$a = get_app(); $a = get_app();
if (isset($a->user["uid"])) { if (isset($a->user["uid"])) {
$this->currentUser = strtolower($a->user["nickname"]); $this->currentUser = strtolower($a->user["nickname"]);
@ -67,7 +67,7 @@ class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic {
} }
// Authenticates the user // Authenticates the user
if (!$this->validateUserPass($userpass[0],$userpass[1])) { if (!$this->validateUserPass($userpass[0], $userpass[1])) {
$auth->requireLogin(); $auth->requireLogin();
throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match'); throw new Sabre_DAV_Exception_NotAuthenticated('Username or password does not match');
} }
@ -75,19 +75,13 @@ class Sabre_DAV_Auth_Backend_Std extends Sabre_DAV_Auth_Backend_AbstractBasic {
return true; return true;
} }
/** /**
* @param string $username * @param string $username
* @param string $password * @param string $password
* @return bool * @return bool
*/ */
protected function validateUserPass($username, $password) { protected function validateUserPass($username, $password)
$encrypted = hash('whirlpool',trim($password)); {
$r = q("SELECT COUNT(*) anz FROM `user` WHERE `nickname` = '%s' AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", return User::authenticate($username, $password);
dbesc(trim($username)),
dbesc($encrypted)
);
return ($r[0]["anz"] == 1);
} }
} }

View File

@ -1,13 +1,12 @@
<?php <?php
/** /**
* Name: jappixmini * Name: jappixmini
* Description: Provides a Facebook-like chat using Jappix Mini * Description: Provides a Facebook-like chat using Jappix Mini
* Version: 1.0.1 * Version: 1.0.1
* Author: leberwurscht <leberwurscht@hoegners.de> * Author: leberwurscht <leberwurscht@hoegners.de>
* *
*/ */
// //
// Copyright 2012 "Leberwurscht" <leberwurscht@hoegners.de> // Copyright 2012 "Leberwurscht" <leberwurscht@hoegners.de>
// //
@ -16,141 +15,151 @@
/* /*
Problem: Problem:
* jabber password should not be stored on server * jabber password should not be stored on server
* jabber password should not be sent between server and browser as soon as the user is logged in * jabber password should not be sent between server and browser as soon as the user is logged in
* jabber password should not be reconstructible from communication between server and browser as soon as the user is logged in * jabber password should not be reconstructible from communication between server and browser as soon as the user is logged in
Solution: Solution:
Only store an encrypted version of the jabber password on the server. The encryption key is only available to the browser Only store an encrypted version of the jabber password on the server. The encryption key is only available to the browser
and not to the server (at least as soon as the user is logged in). It can be stored using the jappix setDB function. and not to the server (at least as soon as the user is logged in). It can be stored using the jappix setDB function.
This encryption key could be the friendica password, but then this password would be stored in the browser in cleartext. This encryption key could be the friendica password, but then this password would be stored in the browser in cleartext.
It is better to use a hash of the password. It is better to use a hash of the password.
The server should not be able to reconstruct the password, so we can't take the same hash the server stores. But we can The server should not be able to reconstruct the password, so we can't take the same hash the server stores. But we can
use hash("some_prefix"+password). This will however not work with OpenID logins, for this type of login the password must use hash("some_prefix"+password). This will however not work with OpenID logins, for this type of login the password must
be queried manually. be queried manually.
Problem: Problem:
How to discover the jabber addresses of the friendica contacts? How to discover the jabber addresses of the friendica contacts?
Solution: Solution:
Each Friendica site with this addon provides a /jappixmini/ module page. We go through our contacts and retrieve Each Friendica site with this addon provides a /jappixmini/ module page. We go through our contacts and retrieve
this information every week using a cron hook. this information every week using a cron hook.
Problem: Problem:
We do not want to make the jabber address public. We do not want to make the jabber address public.
Solution: Solution:
When two friendica users connect using DFRN, the relation gets a DFRN ID and a keypair is generated. When two friendica users connect using DFRN, the relation gets a DFRN ID and a keypair is generated.
Using this keypair, we can provide the jabber address only to contacts: Using this keypair, we can provide the jabber address only to contacts:
Alice: Alice:
signed_address = openssl_*_encrypt(alice_jabber_address) signed_address = openssl_*_encrypt(alice_jabber_address)
send signed_address to Bob, who does send signed_address to Bob, who does
trusted_address = openssl_*_decrypt(signed_address) trusted_address = openssl_*_decrypt(signed_address)
save trusted_address save trusted_address
encrypted_address = openssl_*_encrypt(bob_jabber_address) encrypted_address = openssl_*_encrypt(bob_jabber_address)
reply with encrypted_address to Alice, who does reply with encrypted_address to Alice, who does
decrypted_address = openssl_*_decrypt(encrypted_address) decrypted_address = openssl_*_decrypt(encrypted_address)
save decrypted_address save decrypted_address
Interface for this: Interface for this:
GET /jappixmini/?role=%s&signed_address=%s&dfrn_id=%s GET /jappixmini/?role=%s&signed_address=%s&dfrn_id=%s
Response: Response:
json({"status":"ok", "encrypted_address":"%s"}) json({"status":"ok", "encrypted_address":"%s"})
*/ */
use Friendica\App;
use Friendica\Core\Config; use Friendica\Core\Config;
use Friendica\Core\PConfig; use Friendica\Core\PConfig;
use Friendica\Model\User;
function jappixmini_install() { function jappixmini_install()
register_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings'); {
register_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post'); register_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings');
register_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post');
register_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script'); register_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script');
register_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login'); register_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login');
register_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron'); register_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron');
// Jappix source download as required by AGPL // Jappix source download as required by AGPL
register_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source'); register_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source');
// set standard configuration // set standard configuration
$info_text = Config::get("jappixmini", "infotext"); $info_text = Config::get("jappixmini", "infotext");
if (!$info_text) set_confConfig::setig("jappixmini", "infotext", if (!$info_text)
"To get the chat working, you need to know a BOSH host which works with your Jabber account. ". set_confConfig::setig("jappixmini", "infotext", "To get the chat working, you need to know a BOSH host which works with your Jabber account. " .
"An example of a BOSH server that works for all accounts is https://bind.jappix.com/, but keep ". "An example of a BOSH server that works for all accounts is https://bind.jappix.com/, but keep " .
"in mind that the BOSH server can read along all chat messages. If you know that your Jabber ". "in mind that the BOSH server can read along all chat messages. If you know that your Jabber " .
"server also provides an own BOSH server, it is much better to use this one!" "server also provides an own BOSH server, it is much better to use this one!"
); );
$bosh_proxy = Config::get("jappixmini", "bosh_proxy"); $bosh_proxy = Config::get("jappixmini", "bosh_proxy");
if ($bosh_proxy==="") Config::set("jappixmini", "bosh_proxy", "1"); if ($bosh_proxy === "") {
Config::set("jappixmini", "bosh_proxy", "1");
}
// set addon version so that safe updates are possible later // set addon version so that safe updates are possible later
$addon_version = Config::get("jappixmini", "version"); $addon_version = Config::get("jappixmini", "version");
if ($addon_version==="") Config::set("jappixmini", "version", "1"); if ($addon_version === "") {
Config::set("jappixmini", "version", "1");
}
} }
function jappixmini_uninstall()
{
unregister_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings');
unregister_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post');
function jappixmini_uninstall() { unregister_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script');
unregister_hook('plugin_settings', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings'); unregister_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login');
unregister_hook('plugin_settings_post', 'addon/jappixmini/jappixmini.php', 'jappixmini_settings_post');
unregister_hook('page_end', 'addon/jappixmini/jappixmini.php', 'jappixmini_script'); unregister_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron');
unregister_hook('authenticate', 'addon/jappixmini/jappixmini.php', 'jappixmini_login');
unregister_hook('cron', 'addon/jappixmini/jappixmini.php', 'jappixmini_cron'); unregister_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source');
unregister_hook('about_hook', 'addon/jappixmini/jappixmini.php', 'jappixmini_download_source');
} }
function jappixmini_plugin_admin(&$a, &$o) { function jappixmini_plugin_admin(App $a, &$o)
{
// display instructions and warnings on addon settings page for admin // display instructions and warnings on addon settings page for admin
if (!file_exists("addon/jappixmini.tgz")) { if (!file_exists("addon/jappixmini.tgz")) {
$o .= '<p><strong style="color:#fff;background-color:#f00">The source archive jappixmini.tgz does not exist. This is probably a violation of the Jappix License (AGPL).</strong></p>'; $o .= '<p><strong style="color:#fff;background-color:#f00">The source archive jappixmini.tgz does not exist. This is probably a violation of the Jappix License (AGPL).</strong></p>';
} }
// warn if cron job has not yet been executed // warn if cron job has not yet been executed
$cron_run = Config::get("jappixmini", "last_cron_execution"); $cron_run = Config::get("jappixmini", "last_cron_execution");
if (!$cron_run) $o .= "<p><strong>Warning: The cron job has not yet been executed. If this message is still there after some time (usually 10 minutes), this means that autosubscribe and autoaccept will not work.</strong></p>"; if (!$cron_run) {
$o .= "<p><strong>Warning: The cron job has not yet been executed. If this message is still there after some time (usually 10 minutes), this means that autosubscribe and autoaccept will not work.</strong></p>";
}
// bosh proxy // bosh proxy
$bosh_proxy = intval(Config::get("jappixmini", "bosh_proxy")); $bosh_proxy = intval(Config::get("jappixmini", "bosh_proxy"));
$bosh_proxy = intval($bosh_proxy) ? ' checked="checked"' : ''; $bosh_proxy = intval($bosh_proxy) ? ' checked="checked"' : '';
$o .= '<label for="jappixmini-proxy">Activate BOSH proxy</label>'; $o .= '<label for="jappixmini-proxy">Activate BOSH proxy</label>';
$o .= ' <input id="jappixmini-proxy" type="checkbox" name="jappixmini-proxy" value="1"'.$bosh_proxy.' /><br />'; $o .= ' <input id="jappixmini-proxy" type="checkbox" name="jappixmini-proxy" value="1"' . $bosh_proxy . ' /><br />';
// bosh address // bosh address
$bosh_address = Config::get("jappixmini", "bosh_address"); $bosh_address = Config::get("jappixmini", "bosh_address");
$o .= '<p><label for="jappixmini-address">Adress of the default BOSH proxy. If enabled it overrides the user settings:</label><br />'; $o .= '<p><label for="jappixmini-address">Adress of the default BOSH proxy. If enabled it overrides the user settings:</label><br />';
$o .= '<input id="jappixmini-address" type="text" name="jappixmini-address" value="'.$bosh_address.'" /></p>'; $o .= '<input id="jappixmini-address" type="text" name="jappixmini-address" value="' . $bosh_address . '" /></p>';
// default server address // default server address
$default_server = Config::get("jappixmini", "default_server"); $default_server = Config::get("jappixmini", "default_server");
$o .= '<p><label for="jappixmini-server">Adress of the default jabber server:</label><br />'; $o .= '<p><label for="jappixmini-server">Adress of the default jabber server:</label><br />';
$o .= '<input id="jappixmini-server" type="text" name="jappixmini-server" value="'.$default_server.'" /></p>'; $o .= '<input id="jappixmini-server" type="text" name="jappixmini-server" value="' . $default_server . '" /></p>';
// default user name to friendica nickname // default user name to friendica nickname
$default_user = intval(Config::get("jappixmini", "default_user")); $default_user = intval(Config::get("jappixmini", "default_user"));
$default_user = intval($default_user) ? ' checked="checked"' : ''; $default_user = intval($default_user) ? ' checked="checked"' : '';
$o .= '<label for="jappixmini-user">Set the default username to the nickname:</label>'; $o .= '<label for="jappixmini-user">Set the default username to the nickname:</label>';
$o .= ' <input id="jappixmini-user" type="checkbox" name="jappixmini-defaultuser" value="1"'.$default_user.' /><br />'; $o .= ' <input id="jappixmini-user" type="checkbox" name="jappixmini-defaultuser" value="1"' . $default_user . ' /><br />';
// info text field // info text field
$info_text = Config::get("jappixmini", "infotext"); $info_text = Config::get("jappixmini", "infotext");
$o .= '<p><label for="jappixmini-infotext">Info text to help users with configuration (important if you want to provide your own BOSH host!):</label><br />'; $o .= '<p><label for="jappixmini-infotext">Info text to help users with configuration (important if you want to provide your own BOSH host!):</label><br />';
$o .= '<textarea id="jappixmini-infotext" name="jappixmini-infotext" rows="5" cols="50">'.htmlentities($info_text).'</textarea></p>'; $o .= '<textarea id="jappixmini-infotext" name="jappixmini-infotext" rows="5" cols="50">' . htmlentities($info_text) . '</textarea></p>';
// submit button // submit button
$o .= '<input type="submit" name="jappixmini-admin-settings" value="OK" />'; $o .= '<input type="submit" name="jappixmini-admin-settings" value="OK" />';
} }
function jappixmini_plugin_admin_post(&$a) { function jappixmini_plugin_admin_post(App $a)
{
// set info text // set info text
$submit = $_REQUEST['jappixmini-admin-settings']; $submit = $_REQUEST['jappixmini-admin-settings'];
if ($submit) { if ($submit) {
@ -167,29 +176,35 @@ function jappixmini_plugin_admin_post(&$a) {
} }
} }
function jappixmini_module() {} function jappixmini_module()
function jappixmini_init(&$a) { {
}
function jappixmini_init()
{
// module page where other Friendica sites can submit Jabber addresses to and also can query Jabber addresses // module page where other Friendica sites can submit Jabber addresses to and also can query Jabber addresses
// of local users // of local users
$dfrn_id = $_REQUEST["dfrn_id"]; $dfrn_id = $_REQUEST["dfrn_id"];
if (!$dfrn_id) killme(); if (!$dfrn_id) {
killme();
}
$role = $_REQUEST["role"]; $role = $_REQUEST["role"];
if ($role=="pub") { if ($role == "pub") {
$r = q("SELECT * FROM `contact` WHERE LENGTH(`pubkey`) AND `dfrn-id`='%s' LIMIT 1", $r = q("SELECT * FROM `contact` WHERE LENGTH(`pubkey`) AND `dfrn-id`='%s' LIMIT 1", dbesc($dfrn_id));
dbesc($dfrn_id) if (!count($r)) {
); killme();
if (!count($r)) killme(); }
$encrypt_func = openssl_public_encrypt; $encrypt_func = openssl_public_encrypt;
$decrypt_func = openssl_public_decrypt; $decrypt_func = openssl_public_decrypt;
$key = $r[0]["pubkey"]; $key = $r[0]["pubkey"];
} else if ($role=="prv") { } else if ($role == "prv") {
$r = q("SELECT * FROM `contact` WHERE LENGTH(`prvkey`) AND `issued-id`='%s' LIMIT 1", $r = q("SELECT * FROM `contact` WHERE LENGTH(`prvkey`) AND `issued-id`='%s' LIMIT 1", dbesc($dfrn_id));
dbesc($dfrn_id) if (!count($r)) {
); killme();
if (!count($r)) killme(); }
$encrypt_func = openssl_private_encrypt; $encrypt_func = openssl_private_encrypt;
$decrypt_func = openssl_private_decrypt; $decrypt_func = openssl_private_decrypt;
@ -211,11 +226,14 @@ function jappixmini_init(&$a) {
$now = intval(time()); $now = intval(time());
PConfig::set($uid, "jappixmini", "id:$dfrn_id", "$now:$trusted_address"); PConfig::set($uid, "jappixmini", "id:$dfrn_id", "$now:$trusted_address");
} catch (Exception $e) { } catch (Exception $e) {
} }
// do not return an address if user deactivated plugin // do not return an address if user deactivated plugin
$activated = PConfig::get($uid, 'jappixmini', 'activate'); $activated = PConfig::get($uid, 'jappixmini', 'activate');
if (!$activated) killme(); if (!$activated) {
killme();
}
// return the requested Jabber address // return the requested Jabber address
try { try {
@ -229,8 +247,8 @@ function jappixmini_init(&$a) {
$encrypted_address_hex = bin2hex($encrypted_address); $encrypted_address_hex = bin2hex($encrypted_address);
$answer = Array( $answer = Array(
"status"=>"ok", "status" => "ok",
"encrypted_address"=>$encrypted_address_hex "encrypted_address" => $encrypted_address_hex
); );
$answer_json = json_encode($answer); $answer_json = json_encode($answer);
@ -241,39 +259,42 @@ function jappixmini_init(&$a) {
} }
} }
function jappixmini_settings(&$a, &$s) { function jappixmini_settings(App $a, &$s)
{
// addon settings for a user // addon settings for a user
$activate = PConfig::get(local_user(), 'jappixmini', 'activate');
$activate = PConfig::get(local_user(),'jappixmini','activate');
$activate = intval($activate) ? ' checked="checked"' : ''; $activate = intval($activate) ? ' checked="checked"' : '';
$dontinsertchat = PConfig::get(local_user(),'jappixmini','dontinsertchat'); $dontinsertchat = PConfig::get(local_user(), 'jappixmini', 'dontinsertchat');
$insertchat = !(intval($dontinsertchat) ? ' checked="checked"' : ''); $insertchat = !(intval($dontinsertchat) ? ' checked="checked"' : '');
$defaultbosh = Config::get("jappixmini", "bosh_address"); $defaultbosh = Config::get("jappixmini", "bosh_address");
if ($defaultbosh != "") if ($defaultbosh != "") {
PConfig::set(local_user(),'jappixmini','bosh', $defaultbosh); PConfig::set(local_user(), 'jappixmini', 'bosh', $defaultbosh);
}
$username = PConfig::get(local_user(),'jappixmini','username'); $username = PConfig::get(local_user(), 'jappixmini', 'username');
$username = htmlentities($username); $username = htmlentities($username);
$server = PConfig::get(local_user(),'jappixmini','server'); $server = PConfig::get(local_user(), 'jappixmini', 'server');
$server = htmlentities($server); $server = htmlentities($server);
$bosh = PConfig::get(local_user(),'jappixmini','bosh'); $bosh = PConfig::get(local_user(), 'jappixmini', 'bosh');
$bosh = htmlentities($bosh); $bosh = htmlentities($bosh);
$password = PConfig::get(local_user(),'jappixmini','password'); $password = PConfig::get(local_user(), 'jappixmini', 'password');
$autosubscribe = PConfig::get(local_user(),'jappixmini','autosubscribe'); $autosubscribe = PConfig::get(local_user(), 'jappixmini', 'autosubscribe');
$autosubscribe = intval($autosubscribe) ? ' checked="checked"' : ''; $autosubscribe = intval($autosubscribe) ? ' checked="checked"' : '';
$autoapprove = PConfig::get(local_user(),'jappixmini','autoapprove'); $autoapprove = PConfig::get(local_user(), 'jappixmini', 'autoapprove');
$autoapprove = intval($autoapprove) ? ' checked="checked"' : ''; $autoapprove = intval($autoapprove) ? ' checked="checked"' : '';
$encrypt = intval(PConfig::get(local_user(),'jappixmini','encrypt')); $encrypt = intval(PConfig::get(local_user(), 'jappixmini', 'encrypt'));
$encrypt_checked = $encrypt ? ' checked="checked"' : ''; $encrypt_checked = $encrypt ? ' checked="checked"' : '';
$encrypt_disabled = $encrypt ? '' : ' disabled="disabled"'; $encrypt_disabled = $encrypt ? '' : ' disabled="disabled"';
if ($server == "") if ($server == "") {
$server = Config::get("jappixmini", "default_server"); $server = Config::get("jappixmini", "default_server");
}
if (($username == "") && Config::get("jappixmini", "default_user")) if (($username == "") && Config::get("jappixmini", "default_user")) {
$username = $a->user["nickname"]; $username = $a->user["nickname"];
}
$info_text = Config::get("jappixmini", "infotext"); $info_text = Config::get("jappixmini", "infotext");
$info_text = htmlentities($info_text); $info_text = htmlentities($info_text);
@ -281,74 +302,81 @@ function jappixmini_settings(&$a, &$s) {
// count contacts // count contacts
$r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%'", local_user()); $r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%'", local_user());
if (count($r)) $contact_cnt = $r[0]["cnt"]; if (count($r)) {
else $contact_cnt = 0; $contact_cnt = $r[0]["cnt"];
} else {
$contact_cnt = 0;
}
// count jabber addresses // count jabber addresses
$r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%' AND `v` LIKE '%%@%%'", local_user()); $r = q("SELECT COUNT(1) as `cnt` FROM `pconfig` WHERE `uid`=%d AND `cat`='jappixmini' AND `k` LIKE 'id:%%' AND `v` LIKE '%%@%%'", local_user());
if (count($r)) $address_cnt = $r[0]["cnt"]; if (count($r)) {
else $address_cnt = 0; $address_cnt = $r[0]["cnt"];
} else {
$address_cnt = 0;
}
if (!$activate) { if (!$activate) {
// load scripts if not yet activated so that password can be saved // load scripts if not yet activated so that password can be saved
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;g=mini.xml"></script>'."\r\n"; $a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;g=mini.xml"></script>' . "\r\n";
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=presence.js~caps.js~name.js~roster.js"></script>'."\r\n"; $a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=presence.js~caps.js~name.js~roster.js"></script>' . "\r\n";
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>'."\r\n"; $a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>' . "\r\n";
} }
$s .= '<span id="settings_jappixmini_inflated" class="settings-block fakelink" style="display: block;" onclick="openClose(\'settings_jappixmini_expanded\'); openClose(\'settings_jappixmini_inflated\');">'; $s .= '<span id="settings_jappixmini_inflated" class="settings-block fakelink" style="display: block;" onclick="openClose(\'settings_jappixmini_expanded\'); openClose(\'settings_jappixmini_inflated\');">';
$s .= '<h3>'.t('Jappix Mini').'</h3>'; $s .= '<h3>' . t('Jappix Mini') . '</h3>';
$s .= '</span>'; $s .= '</span>';
$s .= '<div id="settings_jappixmini_expanded" class="settings-block" style="display: none;">'; $s .= '<div id="settings_jappixmini_expanded" class="settings-block" style="display: none;">';
$s .= '<span class="fakelink" onclick="openClose(\'settings_jappixmini_expanded\'); openClose(\'settings_jappixmini_inflated\');">'; $s .= '<span class="fakelink" onclick="openClose(\'settings_jappixmini_expanded\'); openClose(\'settings_jappixmini_inflated\');">';
$s .= '<h3>'.t('Jappix Mini').'</h3>'; $s .= '<h3>' . t('Jappix Mini') . '</h3>';
$s .= '</span>'; $s .= '</span>';
$s .= '<label for="jappixmini-activate">'.t('Activate addon').'</label>'; $s .= '<label for="jappixmini-activate">' . t('Activate addon') . '</label>';
$s .= ' <input id="jappixmini-activate" type="checkbox" name="jappixmini-activate" value="1"'.$activate.' />'; $s .= ' <input id="jappixmini-activate" type="checkbox" name="jappixmini-activate" value="1"' . $activate . ' />';
$s .= '<br />'; $s .= '<br />';
$s .= '<label for"jappixmini-dont-insertchat">'.t('Do <em>not</em> insert the Jappixmini Chat-Widget into the webinterface').'</label>'; $s .= '<label for"jappixmini-dont-insertchat">' . t('Do <em>not</em> insert the Jappixmini Chat-Widget into the webinterface') . '</label>';
$s .= '<input id="jappixmini-dont-insertchat" type="checkbox" name="jappixmini-dont-insertchat" value="1"'.$insertchat.' />'; $s .= '<input id="jappixmini-dont-insertchat" type="checkbox" name="jappixmini-dont-insertchat" value="1"' . $insertchat . ' />';
$s .= '<br />'; $s .= '<br />';
$s .= '<label for="jappixmini-username">'.t('Jabber username').'</label>'; $s .= '<label for="jappixmini-username">' . t('Jabber username') . '</label>';
$s .= ' <input id="jappixmini-username" type="text" name="jappixmini-username" value="'.$username.'" />'; $s .= ' <input id="jappixmini-username" type="text" name="jappixmini-username" value="' . $username . '" />';
$s .= '<br />'; $s .= '<br />';
$s .= '<label for="jappixmini-server">'.t('Jabber server').'</label>'; $s .= '<label for="jappixmini-server">' . t('Jabber server') . '</label>';
$s .= ' <input id="jappixmini-server" type="text" name="jappixmini-server" value="'.$server.'" />'; $s .= ' <input id="jappixmini-server" type="text" name="jappixmini-server" value="' . $server . '" />';
$s .= '<br />'; $s .= '<br />';
if ($defaultbosh == "") { if ($defaultbosh == "") {
$s .= '<label for="jappixmini-bosh">'.t('Jabber BOSH host').'</label>'; $s .= '<label for="jappixmini-bosh">' . t('Jabber BOSH host') . '</label>';
$s .= ' <input id="jappixmini-bosh" type="text" name="jappixmini-bosh" value="'.$bosh.'" />'; $s .= ' <input id="jappixmini-bosh" type="text" name="jappixmini-bosh" value="' . $bosh . '" />';
$s .= '<br />'; $s .= '<br />';
} }
$s .= '<label for="jappixmini-password">' . t('Jabber password') . '</label>';
$s .= '<label for="jappixmini-password">'.t('Jabber password').'</label>'; $s .= ' <input type="hidden" id="jappixmini-password" name="jappixmini-encrypted-password" value="' . $password . '" />';
$s .= ' <input type="hidden" id="jappixmini-password" name="jappixmini-encrypted-password" value="'.$password.'" />';
$s .= ' <input id="jappixmini-clear-password" type="password" value="" onchange="jappixmini_set_password();" />'; $s .= ' <input id="jappixmini-clear-password" type="password" value="" onchange="jappixmini_set_password();" />';
$s .= '<br />'; $s .= '<br />';
$onchange = "document.getElementById('jappixmini-friendica-password').disabled = !this.checked;jappixmini_set_password();"; $onchange = "document.getElementById('jappixmini-friendica-password').disabled = !this.checked;jappixmini_set_password();";
$s .= '<label for="jappixmini-encrypt">'.t('Encrypt Jabber password with Friendica password (recommended)').'</label>'; $s .= '<label for="jappixmini-encrypt">' . t('Encrypt Jabber password with Friendica password (recommended)') . '</label>';
$s .= ' <input id="jappixmini-encrypt" type="checkbox" name="jappixmini-encrypt" onchange="'.$onchange.'" value="1"'.$encrypt_checked.' />'; $s .= ' <input id="jappixmini-encrypt" type="checkbox" name="jappixmini-encrypt" onchange="' . $onchange . '" value="1"' . $encrypt_checked . ' />';
$s .= '<br />'; $s .= '<br />';
$s .= '<label for="jappixmini-friendica-password">'.t('Friendica password').'</label>'; $s .= '<label for="jappixmini-friendica-password">' . t('Friendica password') . '</label>';
$s .= ' <input id="jappixmini-friendica-password" name="jappixmini-friendica-password" type="password" onchange="jappixmini_set_password();" value=""'.$encrypt_disabled.' />'; $s .= ' <input id="jappixmini-friendica-password" name="jappixmini-friendica-password" type="password" onchange="jappixmini_set_password();" value=""' . $encrypt_disabled . ' />';
$s .= '<br />'; $s .= '<br />';
$s .= '<label for="jappixmini-autoapprove">'.t('Approve subscription requests from Friendica contacts automatically').'</label>'; $s .= '<label for="jappixmini-autoapprove">' . t('Approve subscription requests from Friendica contacts automatically') . '</label>';
$s .= ' <input id="jappixmini-autoapprove" type="checkbox" name="jappixmini-autoapprove" value="1"'.$autoapprove.' />'; $s .= ' <input id="jappixmini-autoapprove" type="checkbox" name="jappixmini-autoapprove" value="1"' . $autoapprove . ' />';
$s .= '<br />'; $s .= '<br />';
$s .= '<label for="jappixmini-autosubscribe">'.t('Subscribe to Friendica contacts automatically').'</label>'; $s .= '<label for="jappixmini-autosubscribe">' . t('Subscribe to Friendica contacts automatically') . '</label>';
$s .= ' <input id="jappixmini-autosubscribe" type="checkbox" name="jappixmini-autosubscribe" value="1"'.$autosubscribe.' />'; $s .= ' <input id="jappixmini-autosubscribe" type="checkbox" name="jappixmini-autosubscribe" value="1"' . $autosubscribe . ' />';
$s .= '<br />'; $s .= '<br />';
$s .= '<label for="jappixmini-purge">'.t('Purge internal list of jabber addresses of contacts').'</label>'; $s .= '<label for="jappixmini-purge">' . t('Purge internal list of jabber addresses of contacts') . '</label>';
$s .= ' <input id="jappixmini-purge" type="checkbox" name="jappixmini-purge" value="1" />'; $s .= ' <input id="jappixmini-purge" type="checkbox" name="jappixmini-purge" value="1" />';
$s .= '<br />'; $s .= '<br />';
if ($info_text) $s .= '<br />Configuration help:<p style="margin-left:2em;">'.$info_text.'</p>'; if ($info_text) {
$s .= '<br />Status:<p style="margin-left:2em;">Addon knows '.$address_cnt.' Jabber addresses of '.$contact_cnt.' Friendica contacts (takes some time, usually 10 minutes, to update).</p>'; $s .= '<br />Configuration help:<p style="margin-left:2em;">' . $info_text . '</p>';
}
$s .= '<br />Status:<p style="margin-left:2em;">Addon knows ' . $address_cnt . ' Jabber addresses of ' . $contact_cnt . ' Friendica contacts (takes some time, usually 10 minutes, to update).</p>';
$s .= '<input type="submit" name="jappixmini-submit" value="' . t('Save Settings') . '" />'; $s .= '<input type="submit" name="jappixmini-submit" value="' . t('Save Settings') . '" />';
$s .= ' <input type="button" value="'.t('Add contact').'" onclick="jappixmini_addon_subscribe();" />'; $s .= ' <input type="button" value="' . t('Add contact') . '" onclick="jappixmini_addon_subscribe();" />';
$s .= '</div>'; $s .= '</div>';
@ -388,22 +416,20 @@ function jappixmini_settings(&$a, &$s) {
</script>"; </script>";
} }
function jappixmini_settings_post(&$a,&$b) { function jappixmini_settings_post(App $a, &$b)
{
// save addon settings for a user // save addon settings for a user
if (!local_user()) {
if(! local_user()) return; return;
}
$uid = local_user(); $uid = local_user();
if($_POST['jappixmini-submit']) { if ($_POST['jappixmini-submit']) {
$encrypt = intval($b['jappixmini-encrypt']); $encrypt = intval($b['jappixmini-encrypt']);
if ($encrypt) { if ($encrypt) {
// check that Jabber password was encrypted with correct Friendica password // check that Jabber password was encrypted with correct Friendica password
$friendica_password = trim($b['jappixmini-friendica-password']); $friendica_password = trim($b['jappixmini-friendica-password']);
$encrypted = hash('whirlpool',$friendica_password); if (!User::authenticate((int) $uid, $friendica_password)) {
$r = q("SELECT * FROM `user` WHERE `uid`=$uid AND `password`='%s'",
dbesc($encrypted)
);
if (!count($r)) {
info("Wrong friendica password!"); info("Wrong friendica password!");
return; return;
} }
@ -412,70 +438,78 @@ function jappixmini_settings_post(&$a,&$b) {
$purge = intval($b['jappixmini-purge']); $purge = intval($b['jappixmini-purge']);
$username = trim($b['jappixmini-username']); $username = trim($b['jappixmini-username']);
$old_username = PConfig::get($uid,'jappixmini','username'); $old_username = PConfig::get($uid, 'jappixmini', 'username');
if ($username!=$old_username) $purge = 1; if ($username != $old_username) {
$purge = 1;
}
$server = trim($b['jappixmini-server']); $server = trim($b['jappixmini-server']);
$old_server = PConfig::get($uid,'jappixmini','server'); $old_server = PConfig::get($uid, 'jappixmini', 'server');
if ($server!=$old_server) $purge = 1; if ($server != $old_server) {
$purge = 1;
}
PConfig::set($uid,'jappixmini','username',$username); PConfig::set($uid, 'jappixmini', 'username' , $username);
PConfig::set($uid,'jappixmini','server',$server); PConfig::set($uid, 'jappixmini', 'server' , $server);
PConfig::set($uid,'jappixmini','bosh',trim($b['jappixmini-bosh'])); PConfig::set($uid, 'jappixmini', 'bosh' , trim($b['jappixmini-bosh']));
PConfig::set($uid,'jappixmini','password',trim($b['jappixmini-encrypted-password'])); PConfig::set($uid, 'jappixmini', 'password' , trim($b['jappixmini-encrypted-password']));
PConfig::set($uid,'jappixmini','autosubscribe',intval($b['jappixmini-autosubscribe'])); PConfig::set($uid, 'jappixmini', 'autosubscribe' , intval($b['jappixmini-autosubscribe']));
PConfig::set($uid,'jappixmini','autoapprove',intval($b['jappixmini-autoapprove'])); PConfig::set($uid, 'jappixmini', 'autoapprove' , intval($b['jappixmini-autoapprove']));
PConfig::set($uid,'jappixmini','activate',intval($b['jappixmini-activate'])); PConfig::set($uid, 'jappixmini', 'activate' , intval($b['jappixmini-activate']));
PConfig::set($uid,'jappixmini','dontinsertchat',intval($b['jappixmini-dont-insertchat'])); PConfig::set($uid, 'jappixmini', 'dontinsertchat', intval($b['jappixmini-dont-insertchat']));
PConfig::set($uid,'jappixmini','encrypt',$encrypt); PConfig::set($uid, 'jappixmini', 'encrypt' , $encrypt);
info( 'Jappix Mini settings saved.' ); info('Jappix Mini settings saved.');
if ($purge) { if ($purge) {
q("DELETE FROM `pconfig` WHERE `uid`=$uid AND `cat`='jappixmini' AND `k` LIKE 'id:%%'"); q("DELETE FROM `pconfig` WHERE `uid`=$uid AND `cat`='jappixmini' AND `k` LIKE 'id:%%'");
info( 'List of addresses purged.' ); info('List of addresses purged.');
} }
} }
} }
function jappixmini_script(&$a,&$s) { function jappixmini_script(App $a)
{
// adds the script to the page header which starts Jappix Mini // adds the script to the page header which starts Jappix Mini
if (!local_user()) {
if(! local_user()) return;
if ($_GET["mode"] == "minimal")
return; return;
}
$activate = PConfig::get(local_user(),'jappixmini','activate'); if ($_GET["mode"] == "minimal") {
$dontinsertchat = PConfig::get(local_user(), 'jappixmini','dontinsertchat'); return;
if (!$activate || $dontinsertchat) return; }
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;g=mini.xml"></script>'."\r\n"; $activate = PConfig::get(local_user(), 'jappixmini', 'activate');
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=presence.js~caps.js~name.js~roster.js"></script>'."\r\n"; $dontinsertchat = PConfig::get(local_user(), 'jappixmini', 'dontinsertchat');
if (!$activate || $dontinsertchat) {
return;
}
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>'."\r\n"; $a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;g=mini.xml"></script>' . "\r\n";
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=presence.js~caps.js~name.js~roster.js"></script>' . "\r\n";
$username = PConfig::get(local_user(),'jappixmini','username'); $a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>' . "\r\n";
$username = PConfig::get(local_user(), 'jappixmini', 'username');
$username = str_replace("'", "\\'", $username); $username = str_replace("'", "\\'", $username);
$server = PConfig::get(local_user(),'jappixmini','server'); $server = PConfig::get(local_user(), 'jappixmini', 'server');
$server = str_replace("'", "\\'", $server); $server = str_replace("'", "\\'", $server);
$bosh = PConfig::get(local_user(),'jappixmini','bosh'); $bosh = PConfig::get(local_user(), 'jappixmini', 'bosh');
$bosh = str_replace("'", "\\'", $bosh); $bosh = str_replace("'", "\\'", $bosh);
$encrypt = PConfig::get(local_user(),'jappixmini','encrypt'); $encrypt = PConfig::get(local_user(), 'jappixmini', 'encrypt');
$encrypt = intval($encrypt); $encrypt = intval($encrypt);
$password = PConfig::get(local_user(),'jappixmini','password'); $password = PConfig::get(local_user(), 'jappixmini', 'password');
$password = str_replace("'", "\\'", $password); $password = str_replace("'", "\\'", $password);
$autoapprove = PConfig::get(local_user(),'jappixmini','autoapprove'); $autoapprove = PConfig::get(local_user(), 'jappixmini', 'autoapprove');
$autoapprove = intval($autoapprove); $autoapprove = intval($autoapprove);
$autosubscribe = PConfig::get(local_user(),'jappixmini','autosubscribe'); $autosubscribe = PConfig::get(local_user(), 'jappixmini', 'autosubscribe');
$autosubscribe = intval($autosubscribe); $autosubscribe = intval($autosubscribe);
// set proxy if necessary // set proxy if necessary
$use_proxy = Config::get('jappixmini','bosh_proxy'); $use_proxy = Config::get('jappixmini', 'bosh_proxy');
if ($use_proxy) { if ($use_proxy) {
$proxy = $a->get_baseurl().'/addon/jappixmini/proxy.php'; $proxy = $a->get_baseurl() . '/addon/jappixmini/proxy.php';
} } else {
else {
$proxy = ""; $proxy = "";
} }
@ -486,19 +520,20 @@ function jappixmini_script(&$a,&$s) {
foreach ($rows as $row) { foreach ($rows as $row) {
$key = $row['k']; $key = $row['k'];
$pos = strpos($key, ":"); $pos = strpos($key, ":");
$dfrn_id = substr($key, $pos+1); $dfrn_id = substr($key, $pos + 1);
$r = q("SELECT `name` FROM `contact` WHERE `uid`=$uid AND (`dfrn-id`='%s' OR `issued-id`='%s')", $r = q("SELECT `name` FROM `contact` WHERE `uid`=$uid AND (`dfrn-id`='%s' OR `issued-id`='%s')", dbesc($dfrn_id), dbesc($dfrn_id));
dbesc($dfrn_id),
dbesc($dfrn_id)
);
if (count($r)) if (count($r))
$name = $r[0]["name"]; $name = $r[0]["name"];
$value = $row['v']; $value = $row['v'];
$pos = strpos($value, ":"); $pos = strpos($value, ":");
$address = substr($value, $pos+1); $address = substr($value, $pos + 1);
if (!$address) continue; if (!$address) {
if (!$name) $name = $address; continue;
}
if (!$name) {
$name = $address;
}
$contacts[$address] = $name; $contacts[$address] = $name;
} }
@ -508,9 +543,9 @@ function jappixmini_script(&$a,&$s) {
// get nickname // get nickname
$r = q("SELECT `username` FROM `user` WHERE `uid`=$uid"); $r = q("SELECT `username` FROM `user` WHERE `uid`=$uid");
$nickname = json_encode($r[0]["username"]); $nickname = json_encode($r[0]["username"]);
$groupchats = Config::get('jappixmini','groupchats'); $groupchats = Config::get('jappixmini', 'groupchats');
//if $groupchats has no value jappix_addon_start will produce a syntax error //if $groupchats has no value jappix_addon_start will produce a syntax error
if(empty($groupchats)){ if (empty($groupchats)) {
$groupchats = "{}"; $groupchats = "{}";
} }
@ -524,30 +559,31 @@ function jappixmini_script(&$a,&$s) {
return; return;
} }
function jappixmini_login(&$a, &$o) { function jappixmini_login(App $a, &$o)
{
// create client secret on login to be able to encrypt jabber passwords // create client secret on login to be able to encrypt jabber passwords
// for setDB and str_sha1, needed by jappixmini_addon_set_client_secret // for setDB and str_sha1, needed by jappixmini_addon_set_client_secret
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=datastore.js~jsjac.js"></script>'."\r\n"; $a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/jappix/php/get.php?t=js&amp;f=datastore.js~jsjac.js"></script>' . "\r\n";
// for jappixmini_addon_set_client_secret // for jappixmini_addon_set_client_secret
$a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>'."\r\n"; $a->page['htmlhead'] .= '<script type="text/javascript" src="' . $a->get_baseurl() . '/addon/jappixmini/lib.js"></script>' . "\r\n";
// save hash of password // save hash of password
$o = str_replace("<form ", "<form onsubmit=\"jappixmini_addon_set_client_secret(this.elements['id_password'].value);return true;\" ", $o); $o = str_replace("<form ", "<form onsubmit=\"jappixmini_addon_set_client_secret(this.elements['id_password'].value);return true;\" ", $o);
} }
function jappixmini_cron(&$a, $d) { function jappixmini_cron(App $a, $d)
{
// For autosubscribe/autoapprove, we need to maintain a list of jabber addresses of our contacts. // For autosubscribe/autoapprove, we need to maintain a list of jabber addresses of our contacts.
Config::set("jappixmini", "last_cron_execution", $d); Config::set("jappixmini", "last_cron_execution", $d);
// go through list of users with jabber enabled // go through list of users with jabber enabled
$users = q("SELECT `uid` FROM `pconfig` WHERE `cat`='jappixmini' AND (`k`='autosubscribe' OR `k`='autoapprove') AND `v`='1'"); $users = q("SELECT `uid` FROM `pconfig` WHERE `cat`='jappixmini' AND (`k`='autosubscribe' OR `k`='autoapprove') AND `v`='1'");
logger("jappixmini: Update list of contacts' jabber accounts for ".count($users)." users."); logger("jappixmini: Update list of contacts' jabber accounts for " . count($users) . " users.");
if(! count($users)) if (!count($users)) {
return; return;
}
foreach ($users as $row) { foreach ($users as $row) {
$uid = $row["uid"]; $uid = $row["uid"];
@ -557,7 +593,9 @@ function jappixmini_cron(&$a, $d) {
intval($uid), dbesc(NETWORK_DFRN)); intval($uid), dbesc(NETWORK_DFRN));
foreach ($contacts as $contact_row) { foreach ($contacts as $contact_row) {
$request = $contact_row["request"]; $request = $contact_row["request"];
if (!$request) continue; if (!$request) {
continue;
}
$dfrn_id = $contact_row["dfrn-id"]; $dfrn_id = $contact_row["dfrn-id"];
if ($dfrn_id) { if ($dfrn_id) {
@ -574,7 +612,7 @@ function jappixmini_cron(&$a, $d) {
} }
// check if jabber address already present // check if jabber address already present
$present = PConfig::get($uid, "jappixmini", "id:".$dfrn_id); $present = PConfig::get($uid, "jappixmini", "id:" . $dfrn_id);
$now = intval(time()); $now = intval(time());
if ($present) { if ($present) {
// $present has format "timestamp:jabber_address" // $present has format "timestamp:jabber_address"
@ -583,22 +621,30 @@ function jappixmini_cron(&$a, $d) {
// do not re-retrieve jabber address if last retrieval // do not re-retrieve jabber address if last retrieval
// is not older than a week // is not older than a week
if ($now-$timestamp<3600*24*7) continue; if ($now - $timestamp < 3600 * 24 * 7) {
continue;
}
} }
// construct base retrieval address // construct base retrieval address
$pos = strpos($request, "/dfrn_request/"); $pos = strpos($request, "/dfrn_request/");
if ($pos===false) continue; if ($pos === false) {
continue;
}
$base = substr($request, 0, $pos)."/jappixmini?role=$role"; $base = substr($request, 0, $pos) . "/jappixmini?role=$role";
// construct own address // construct own address
$username = PConfig::get($uid, 'jappixmini', 'username'); $username = PConfig::get($uid, 'jappixmini', 'username');
if (!$username) continue; if (!$username) {
continue;
}
$server = PConfig::get($uid, 'jappixmini', 'server'); $server = PConfig::get($uid, 'jappixmini', 'server');
if (!$server) continue; if (!$server) {
continue;
}
$address = $username."@".$server; $address = $username . "@" . $server;
// sign address // sign address
$signed_address = ""; $signed_address = "";
@ -606,7 +652,7 @@ function jappixmini_cron(&$a, $d) {
// construct request url // construct request url
$signed_address_hex = bin2hex($signed_address); $signed_address_hex = bin2hex($signed_address);
$url = $base."&signed_address=$signed_address_hex&dfrn_id=".urlencode($dfrn_id); $url = $base . "&signed_address=$signed_address_hex&dfrn_id=" . urlencode($dfrn_id);
try { try {
// send request // send request
@ -614,18 +660,26 @@ function jappixmini_cron(&$a, $d) {
// parse answer // parse answer
$answer = json_decode($answer_json); $answer = json_decode($answer_json);
if ($answer->status != "ok") throw new Exception(); if ($answer->status != "ok") {
throw new Exception();
}
$encrypted_address_hex = $answer->encrypted_address; $encrypted_address_hex = $answer->encrypted_address;
if (!$encrypted_address_hex) throw new Exception(); if (!$encrypted_address_hex) {
throw new Exception();
}
$encrypted_address = hex2bin($encrypted_address_hex); $encrypted_address = hex2bin($encrypted_address_hex);
if (!$encrypted_address) throw new Exception(); if (!$encrypted_address) {
throw new Exception();
}
// decrypt address // decrypt address
$decrypted_address = ""; $decrypted_address = "";
$decrypt_func($encrypted_address, $decrypted_address, $key); $decrypt_func($encrypted_address, $decrypted_address, $key);
if (!$decrypted_address) throw new Exception(); if (!$decrypted_address) {
throw new Exception();
}
} catch (Exception $e) { } catch (Exception $e) {
$decrypted_address = ""; $decrypted_address = "";
} }
@ -636,10 +690,10 @@ function jappixmini_cron(&$a, $d) {
} }
} }
function jappixmini_download_source(&$a,&$b) { function jappixmini_download_source(App $a, &$b)
{
// Jappix Mini source download link on About page // Jappix Mini source download link on About page
$b .= '<h1>Jappix Mini</h1>'; $b .= '<h1>Jappix Mini</h1>';
$b .= '<p>This site uses the jappixmini addon, which includes Jappix Mini by the <a href="'.$a->get_baseurl().'/addon/jappixmini/jappix/AUTHORS">Jappix authors</a> and is distributed under the terms of the <a href="'.$a->get_baseurl().'/addon/jappixmini/jappix/COPYING">GNU Affero General Public License</a>.</p>'; $b .= '<p>This site uses the jappixmini addon, which includes Jappix Mini by the <a href="' . $a->get_baseurl() . '/addon/jappixmini/jappix/AUTHORS">Jappix authors</a> and is distributed under the terms of the <a href="' . $a->get_baseurl() . '/addon/jappixmini/jappix/COPYING">GNU Affero General Public License</a>.</p>';
$b .= '<p>You can download the <a href="'.$a->get_baseurl().'/addon/jappixmini.tgz">source code of the addon</a>. The rest of Friendica is distributed under compatible licenses and can be retrieved from <a href="https://github.com/friendica/friendica">https://github.com/friendica/friendica</a> and <a href="https://github.com/friendica/friendica-addons">https://github.com/friendica/friendica-addons</a></p>'; $b .= '<p>You can download the <a href="' . $a->get_baseurl() . '/addon/jappixmini.tgz">source code of the addon</a>. The rest of Friendica is distributed under compatible licenses and can be retrieved from <a href="https://github.com/friendica/friendica">https://github.com/friendica/friendica</a> and <a href="https://github.com/friendica/friendica-addons">https://github.com/friendica/friendica-addons</a></p>';
} }

View File

@ -1,4 +1,5 @@
<?php <?php
/** /**
* Name: WindowsPhonePush * Name: WindowsPhonePush
* Description: Enable push notification to send information to Friendica Mobile app on Windows phone (count of unread timeline entries, text of last posting - if wished by user) * Description: Enable push notification to send information to Friendica Mobile app on Windows phone (count of unread timeline entries, text of last posting - if wished by user)
@ -24,46 +25,34 @@
* sets the counter back * sets the counter back
* count only unseen elements which are not type=activity (likes and dislikes not seen as new elements) * count only unseen elements which are not type=activity (likes and dislikes not seen as new elements)
*/ */
use Friendica\App;
use Friendica\Core\PConfig; use Friendica\Core\PConfig;
use Friendica\Model\User;
function windowsphonepush_install() { function windowsphonepush_install()
{
/** /* Our plugin will attach in three places.
*
* Our plugin will attach in three places.
* The first is within cron - so the push notifications will be * The first is within cron - so the push notifications will be
* sent every 10 minutes (or whatever is set in crontab). * sent every 10 minutes (or whatever is set in crontab).
*
*/ */
register_hook('cron', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_cron'); register_hook('cron', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_cron');
/** /* Then we'll attach into the plugin settings page, and also the
*
* Then we'll attach into the plugin settings page, and also the
* settings post hook so that we can create and update * settings post hook so that we can create and update
* user preferences. User shall be able to activate the plugin and * user preferences. User shall be able to activate the plugin and
* define whether he allows pushing first characters of item text * define whether he allows pushing first characters of item text
*
*/ */
register_hook('plugin_settings', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings'); register_hook('plugin_settings', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings');
register_hook('plugin_settings_post', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings_post'); register_hook('plugin_settings_post', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings_post');
logger("installed windowsphonepush"); logger("installed windowsphonepush");
} }
function windowsphonepush_uninstall()
function windowsphonepush_uninstall() { {
/* uninstall unregisters any hooks created with register_hook
/**
*
* uninstall unregisters any hooks created with register_hook
* during install. Don't delete data in table `pconfig`. * during install. Don't delete data in table `pconfig`.
*
*/ */
unregister_hook('cron', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_cron'); unregister_hook('cron', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_cron');
unregister_hook('plugin_settings', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings'); unregister_hook('plugin_settings', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings');
unregister_hook('plugin_settings_post', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings_post'); unregister_hook('plugin_settings_post', 'addon/windowsphonepush/windowsphonepush.php', 'windowsphonepush_settings_post');
@ -71,51 +60,48 @@ function windowsphonepush_uninstall() {
logger("removed windowsphonepush"); logger("removed windowsphonepush");
} }
/* declare the windowsphonepush function so that /windowsphonepush url requests will land here */ /* declare the windowsphonepush function so that /windowsphonepush url requests will land here */
function windowsphonepush_module() {} function windowsphonepush_module()
{
}
/** /* Callback from the settings post function.
*
* Callback from the settings post function.
* $post contains the $_POST array. * $post contains the $_POST array.
* We will make sure we've got a valid user account * We will make sure we've got a valid user account
* and if so set our configuration setting for this person. * and if so set our configuration setting for this person.
*
*/ */
function windowsphonepush_settings_post($a,$post) { function windowsphonepush_settings_post($a, $post)
if(! local_user() || (! x($_POST,'windowsphonepush-submit'))) {
if (!local_user() || (!x($_POST, 'windowsphonepush-submit'))) {
return; return;
}
$enable = intval($_POST['windowsphonepush']); $enable = intval($_POST['windowsphonepush']);
PConfig::set(local_user(),'windowsphonepush','enable',$enable); PConfig::set(local_user(), 'windowsphonepush', 'enable', $enable);
if($enable) { if ($enable) {
PConfig::set(local_user(),'windowsphonepush','counterunseen', 0); PConfig::set(local_user(), 'windowsphonepush', 'counterunseen', 0);
} }
PConfig::set(local_user(),'windowsphonepush','senditemtext',intval($_POST['windowsphonepush-senditemtext'])); PConfig::set(local_user(), 'windowsphonepush', 'senditemtext', intval($_POST['windowsphonepush-senditemtext']));
info( t('WindowsPhonePush settings updated.') . EOL); info(t('WindowsPhonePush settings updated.') . EOL);
} }
/* Called from the Plugin Setting form.
/**
*
* Called from the Plugin Setting form.
* Add our own settings info to the page. * Add our own settings info to the page.
*
*/ */
function windowsphonepush_settings(&$a,&$s) { function windowsphonepush_settings(&$a, &$s)
{
if(! local_user()) if (!local_user()) {
return; return;
}
/* Add our stylesheet to the page so we can make our settings look nice */ /* Add our stylesheet to the page so we can make our settings look nice */
$a->page['htmlhead'] .= '<link rel="stylesheet" type="text/css" href="' . $a->get_baseurl() . '/addon/windowsphonepush/windowsphonepush.css' . '" media="all" />' . "\r\n"; $a->page['htmlhead'] .= '<link rel="stylesheet" type="text/css" href="' . $a->get_baseurl() . '/addon/windowsphonepush/windowsphonepush.css' . '" media="all" />' . "\r\n";
/* Get the current state of our config variables */ /* Get the current state of our config variables */
$enabled = PConfig::get(local_user(),'windowsphonepush','enable'); $enabled = PConfig::get(local_user(), 'windowsphonepush', 'enable');
$checked_enabled = (($enabled) ? ' checked="checked" ' : ''); $checked_enabled = (($enabled) ? ' checked="checked" ' : '');
$senditemtext = PConfig::get(local_user(), 'windowsphonepush', 'senditemtext'); $senditemtext = PConfig::get(local_user(), 'windowsphonepush', 'senditemtext');
@ -137,7 +123,7 @@ function windowsphonepush_settings(&$a,&$s) {
$s .= '<input id="windowsphonepush-senditemtext-chk" type="checkbox" name="windowsphonepush-senditemtext" value="1" ' . $checked_senditemtext . '/>'; $s .= '<input id="windowsphonepush-senditemtext-chk" type="checkbox" name="windowsphonepush-senditemtext" value="1" ' . $checked_senditemtext . '/>';
$s .= '</div><div class="clear"></div>'; $s .= '</div><div class="clear"></div>';
/* provide a submit button - enable und senditemtext can be changed by the user*/ /* provide a submit button - enable und senditemtext can be changed by the user */
$s .= '<div class="settings-submit-wrapper" ><input type="submit" id="windowsphonepush-submit" name="windowsphonepush-submit" class="settings-submit" value="' . t('Save Settings') . '" /></div><div class="clear"></div>'; $s .= '<div class="settings-submit-wrapper" ><input type="submit" id="windowsphonepush-submit" name="windowsphonepush-submit" class="settings-submit" value="' . t('Save Settings') . '" /></div><div class="clear"></div>';
/* provide further read-only information concerning the addon (useful for */ /* provide further read-only information concerning the addon (useful for */
@ -147,37 +133,30 @@ function windowsphonepush_settings(&$a,&$s) {
$s .= '</div><div class="clear"></div></div>'; $s .= '</div><div class="clear"></div></div>';
return; return;
} }
/* Cron function used to regularly check all users on the server with active windowsphonepushplugin and send
/**
*
* Cron function used to regularly check all users on the server with active windowsphonepushplugin and send
* notifications to the Microsoft servers and consequently to the Windows Phone device * notifications to the Microsoft servers and consequently to the Windows Phone device
*
*/ */
function windowsphonepush_cron()
function windowsphonepush_cron() { {
// retrieve all UID's for which the plugin windowsphonepush is enabled and loop through every user // retrieve all UID's for which the plugin windowsphonepush is enabled and loop through every user
$r = q("SELECT * FROM `pconfig` WHERE `cat` = 'windowsphonepush' AND `k` = 'enable' AND `v` = 1"); $r = q("SELECT * FROM `pconfig` WHERE `cat` = 'windowsphonepush' AND `k` = 'enable' AND `v` = 1");
if(count($r)) { if (count($r)) {
foreach($r as $rr) { foreach ($r as $rr) {
// load stored information for the user-id of the current loop // load stored information for the user-id of the current loop
$device_url = PConfig::get($rr['uid'], 'windowsphonepush', 'device_url'); $device_url = PConfig::get($rr['uid'], 'windowsphonepush', 'device_url');
$lastpushid = PConfig::get($rr['uid'], 'windowsphonepush', 'lastpushid'); $lastpushid = PConfig::get($rr['uid'], 'windowsphonepush', 'lastpushid');
// pushing only possible if device_url (the URI on Microsoft server) is available or not "NA" (which will be sent // pushing only possible if device_url (the URI on Microsoft server) is available or not "NA" (which will be sent
// by app if user has switched the server setting in app - sending blank not possible as this would return an update error) // by app if user has switched the server setting in app - sending blank not possible as this would return an update error)
if ( ( $device_url == "" ) || ( $device_url == "NA" ) ) { if (( $device_url == "" ) || ( $device_url == "NA" )) {
// no Device-URL for the user availabe, but plugin is enabled --> write info to Logger // no Device-URL for the user availabe, but plugin is enabled --> write info to Logger
logger("WARN: windowsphonepush is enable for user " . $rr['uid'] . ", but no Device-URL is specified for the user."); logger("WARN: windowsphonepush is enable for user " . $rr['uid'] . ", but no Device-URL is specified for the user.");
} else { } else {
// retrieve the number of unseen items and the id of the latest one (if there are more than // retrieve the number of unseen items and the id of the latest one (if there are more than
// one new entries since last poller run, only the latest one will be pushed) // one new entries since last poller run, only the latest one will be pushed)
$count = q("SELECT count(`id`) as count, max(`id`) as max FROM `item` WHERE `unseen` = 1 AND `type` <> 'activity' AND `uid` = %d", $count = q("SELECT count(`id`) as count, max(`id`) as max FROM `item` WHERE `unseen` = 1 AND `type` <> 'activity' AND `uid` = %d", intval($rr['uid']));
intval($rr['uid'])
);
// send number of unseen items to the device (the number will be displayed on Start screen until // send number of unseen items to the device (the number will be displayed on Start screen until
// App will be started by user) - this update will be sent every 10 minutes to update the number to 0 if // App will be started by user) - this update will be sent every 10 minutes to update the number to 0 if
@ -212,9 +191,7 @@ function windowsphonepush_cron() {
$senditemtext = PConfig::get($rr['uid'], 'windowsphonepush', 'senditemtext'); $senditemtext = PConfig::get($rr['uid'], 'windowsphonepush', 'senditemtext');
if ($senditemtext == 1) { if ($senditemtext == 1) {
// load item with the max id // load item with the max id
$item = q("SELECT `author-name` as author, `body` as body FROM `item` where `id` = %d", $item = q("SELECT `author-name` as author, `body` as body FROM `item` where `id` = %d", intval($count[0]['max']));
intval($count[0]['max'])
);
// as user allows to send the item, we want to show the sender of the item in the toast // as user allows to send the item, we want to show the sender of the item in the toast
// toasts are limited to one line, therefore place is limited - author shall be in // toasts are limited to one line, therefore place is limited - author shall be in
@ -227,9 +204,9 @@ function windowsphonepush_cron() {
// Otherwise BBcode-Tags will be eliminated and plain text cutted to 140 chars (incl. dots) // Otherwise BBcode-Tags will be eliminated and plain text cutted to 140 chars (incl. dots)
// BTW: information only possible in English // BTW: information only possible in English
$body = $item[0]['body']; $body = $item[0]['body'];
if (substr($body, 0, 4) == "[url") if (substr($body, 0, 4) == "[url") {
$body = "URL/Image ..."; $body = "URL/Image ...";
else { } else {
require_once('include/bbcode.php'); require_once('include/bbcode.php');
require_once("include/html2plain.php"); require_once("include/html2plain.php");
$body = bbcode($body, false, false, 2, true); $body = bbcode($body, false, false, 2, true);
@ -256,17 +233,14 @@ function windowsphonepush_cron() {
} }
} }
/* Tile push notification change the number in the icon of the App in Start Screen of
/*
*
* Tile push notification change the number in the icon of the App in Start Screen of
* a Windows Phone Device, Image could be changed, not used for App "Friendica Mobile" * a Windows Phone Device, Image could be changed, not used for App "Friendica Mobile"
*
*/ */
function send_tile_update($device_url, $image_url, $count, $title, $priority = 1) { function send_tile_update($device_url, $image_url, $count, $title, $priority = 1)
{
$msg = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" . $msg = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" .
"<wp:Notification xmlns:wp=\"WPNotification\">" . "<wp:Notification xmlns:wp=\"WPNotification\">" .
"<wp:Tile>". "<wp:Tile>" .
"<wp:BackgroundImage>" . $image_url . "</wp:BackgroundImage>" . "<wp:BackgroundImage>" . $image_url . "</wp:BackgroundImage>" .
"<wp:Count>" . $count . "</wp:Count>" . "<wp:Count>" . $count . "</wp:Count>" .
"<wp:Title>" . $title . "</wp:Title>" . "<wp:Title>" . $title . "</wp:Title>" .
@ -280,14 +254,12 @@ function send_tile_update($device_url, $image_url, $count, $title, $priority = 1
return $result; return $result;
} }
/* /* Toast push notification send information to the top of the display
*
* Toast push notification send information to the top of the display
* if the user is not currently using the Friendica Mobile App, however * if the user is not currently using the Friendica Mobile App, however
* there is only one line for displaying the information * there is only one line for displaying the information
*
*/ */
function send_toast($device_url, $title, $message, $priority = 2) { function send_toast($device_url, $title, $message, $priority = 2)
{
$msg = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" . $msg = "<?xml version=\"1.0\" encoding=\"utf-8\"?>" .
"<wp:Notification xmlns:wp=\"WPNotification\">" . "<wp:Notification xmlns:wp=\"WPNotification\">" .
"<wp:Toast>" . "<wp:Toast>" .
@ -304,19 +276,15 @@ function send_toast($device_url, $title, $message, $priority = 2) {
return $result; return $result;
} }
/* // General function to send the push notification via cURL
* function send_push($device_url, $headers, $msg)
* General function to send the push notification via cURL {
*
*/
function send_push($device_url, $headers, $msg) {
$ch = curl_init(); $ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $device_url); curl_setopt($ch, CURLOPT_URL, $device_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HEADER, true); curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, curl_setopt($ch, CURLOPT_HTTPHEADER, $headers + array(
$headers + array(
'Content-Type: text/xml', 'Content-Type: text/xml',
'charset=utf-8', 'charset=utf-8',
'Accept: application/*', 'Accept: application/*',
@ -331,7 +299,7 @@ function send_push($device_url, $headers, $msg) {
// and log this fact // and log this fact
$subscriptionStatus = get_header_value($output, 'X-SubscriptionStatus'); $subscriptionStatus = get_header_value($output, 'X-SubscriptionStatus');
if ($subscriptionStatus == "Expired") { if ($subscriptionStatus == "Expired") {
PConfig::set(local_user(),'windowsphonepush','device_url', ""); PConfig::set(local_user(), 'windowsphonepush', 'device_url', "");
logger("ERROR: the stored Device-URL " . $device_url . "returned an 'Expired' error, it has been deleted now."); logger("ERROR: the stored Device-URL " . $device_url . "returned an 'Expired' error, it has been deleted now.");
} }
@ -339,27 +307,23 @@ function send_push($device_url, $headers, $msg) {
// update settings if 'Received' otherwise keep old value in settings (on QueuedFull. Suppressed, N/A, Dropped) // update settings if 'Received' otherwise keep old value in settings (on QueuedFull. Suppressed, N/A, Dropped)
$notificationStatus = get_header_value($output, 'X-NotificationStatus'); $notificationStatus = get_header_value($output, 'X-NotificationStatus');
return $notificationStatus; return $notificationStatus;
} }
/* // helper function to receive statuses from webresponse of Microsoft server
* helper function to receive statuses from webresponse of Microsoft server function get_header_value($content, $header)
*/ {
function get_header_value($content, $header) {
return preg_match_all("/$header: (.*)/i", $content, $match) ? $match[1][0] : ""; return preg_match_all("/$header: (.*)/i", $content, $match) ? $match[1][0] : "";
} }
/* reading information from url and deciding which function to start
/*
*
* reading information from url and deciding which function to start
* show_settings = delivering settings to check * show_settings = delivering settings to check
* update_settings = set the device_url * update_settings = set the device_url
* update_counterunseen = set counter for unseen elements to zero * update_counterunseen = set counter for unseen elements to zero
*
*/ */
function windowsphonepush_content(&$a) { function windowsphonepush_content(App $a)
{
// Login with the specified Network credentials (like in api.php) // Login with the specified Network credentials (like in api.php)
windowsphonepush_login(); windowsphonepush_login($a);
$path = $a->argv[0]; $path = $a->argv[0];
$path2 = $a->argv[1]; $path2 = $a->argv[1];
@ -387,12 +351,12 @@ function windowsphonepush_content(&$a) {
} }
} }
/* // return settings for windowsphonepush addon to be able to check them in WP app
* return settings for windowsphonepush addon to be able to check them in WP app function windowsphonepush_showsettings()
*/ {
function windowsphonepush_showsettings(&$a) { if (!local_user()) {
if(! local_user())
return; return;
}
$enable = PConfig::get(local_user(), 'windowsphonepush', 'enable'); $enable = PConfig::get(local_user(), 'windowsphonepush', 'enable');
$device_url = PConfig::get(local_user(), 'windowsphonepush', 'device_url'); $device_url = PConfig::get(local_user(), 'windowsphonepush', 'device_url');
@ -401,13 +365,15 @@ function windowsphonepush_showsettings(&$a) {
$counterunseen = PConfig::get(local_user(), 'windowsphonepush', 'counterunseen'); $counterunseen = PConfig::get(local_user(), 'windowsphonepush', 'counterunseen');
$addonversion = "2.0"; $addonversion = "2.0";
if (!$device_url) if (!$device_url) {
$device_url = ""; $device_url = "";
}
if (!$lastpushid) if (!$lastpushid) {
$lastpushid = 0; $lastpushid = 0;
}
header ("Content-Type: application/json"); header("Content-Type: application/json");
echo json_encode(array('uid' => local_user(), echo json_encode(array('uid' => local_user(),
'enable' => $enable, 'enable' => $enable,
'device_url' => $device_url, 'device_url' => $device_url,
@ -417,18 +383,18 @@ function windowsphonepush_showsettings(&$a) {
'addonversion' => $addonversion)); 'addonversion' => $addonversion));
} }
/* /* update_settings is used to transfer the device_url from WP device to the Friendica server
* update_settings is used to transfer the device_url from WP device to the Friendica server
* return the status of the operation to the server * return the status of the operation to the server
*/ */
function windowsphonepush_updatesettings(&$a) { function windowsphonepush_updatesettings()
if(! local_user()) { {
if (!local_user()) {
return "Not Authenticated"; return "Not Authenticated";
} }
// no updating if user hasn't enabled the plugin // no updating if user hasn't enabled the plugin
$enable = PConfig::get(local_user(), 'windowsphonepush', 'enable'); $enable = PConfig::get(local_user(), 'windowsphonepush', 'enable');
if(! $enable) { if (!$enable) {
return "Plug-in not enabled"; return "Plug-in not enabled";
} }
@ -447,42 +413,41 @@ function windowsphonepush_updatesettings(&$a) {
`cat` = 'windowsphonepush' AND `cat` = 'windowsphonepush' AND
`k` = 'device_url' AND `k` = 'device_url' AND
`v` = '" . $device_url . "'"); `v` = '" . $device_url . "'");
if(count($r)) { if (count($r)) {
foreach($r as $rr) { foreach ($r as $rr) {
PConfig::set($rr['uid'], 'windowsphonepush', 'device_url', ''); PConfig::set($rr['uid'], 'windowsphonepush', 'device_url', '');
logger("WARN: the sent URL was already registered with user '" . $rr['uid'] . "'. Deleted for this user as we expect to be correct now for user '" . local_user() . "'."); logger("WARN: the sent URL was already registered with user '" . $rr['uid'] . "'. Deleted for this user as we expect to be correct now for user '" . local_user() . "'.");
} }
} }
PConfig::set(local_user(),'windowsphonepush','device_url', $device_url); PConfig::set(local_user(), 'windowsphonepush', 'device_url', $device_url);
// output the successfull update of the device URL to the logger for error analysis if necessary // output the successfull update of the device URL to the logger for error analysis if necessary
logger("INFO: Device-URL for user '" . local_user() . "' has been updated with '" . $device_url . "'"); logger("INFO: Device-URL for user '" . local_user() . "' has been updated with '" . $device_url . "'");
return "Device-URL updated successfully!"; return "Device-URL updated successfully!";
} }
/* // update_counterunseen is used to reset the counter to zero from Windows Phone app
* update_counterunseen is used to reset the counter to zero from Windows Phone app function windowsphonepush_updatecounterunseen()
*/ {
function windowsphonepush_updatecounterunseen() { if (!local_user()) {
if(! local_user()) {
return "Not Authenticated"; return "Not Authenticated";
} }
// no updating if user hasn't enabled the plugin // no updating if user hasn't enabled the plugin
$enable = PConfig::get(local_user(), 'windowsphonepush', 'enable'); $enable = PConfig::get(local_user(), 'windowsphonepush', 'enable');
if(! $enable) { if (!$enable) {
return "Plug-in not enabled"; return "Plug-in not enabled";
} }
PConfig::set(local_user(),'windowsphonepush','counterunseen', 0); PConfig::set(local_user(), 'windowsphonepush', 'counterunseen', 0);
return "Counter set to zero"; return "Counter set to zero";
} }
/* /* helper function to login to the server with the specified Network credentials
* helper function to login to the server with the specified Network credentials
* (mainly copied from api.php) * (mainly copied from api.php)
*/ */
function windowsphonepush_login() { function windowsphonepush_login(App $a)
{
if (!isset($_SERVER['PHP_AUTH_USER'])) { if (!isset($_SERVER['PHP_AUTH_USER'])) {
logger('API_login: ' . print_r($_SERVER, true), LOGGER_DEBUG); logger('API_login: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"'); header('WWW-Authenticate: Basic realm="Friendica"');
@ -490,28 +455,19 @@ function windowsphonepush_login() {
die('This api requires login'); die('This api requires login');
} }
$user = $_SERVER['PHP_AUTH_USER']; $user_id = User::authenticate($_SERVER['PHP_AUTH_USER'], trim($_SERVER['PHP_AUTH_PW']));
$encrypted = hash('whirlpool',trim($_SERVER['PHP_AUTH_PW']));
// check if user specified by app is available in the user table if ($user_id) {
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) $record = dba::select('user', [], ['uid' => $user_id], ['limit' => 1]);
AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1",
dbesc(trim($user)),
dbesc(trim($user)),
dbesc($encrypted)
);
if(count($r)){
$record = $r[0];
} else { } else {
logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG); logger('API_login failure: ' . print_r($_SERVER, true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"'); header('WWW-Authenticate: Basic realm="Friendica"');
header('HTTP/1.0 401 Unauthorized'); header('HTTP/1.0 401 Unauthorized');
die('This api requires login'); die('This api requires login');
} }
require_once('include/security.php'); require_once 'include/security.php';
authenticate_success($record); $_SESSION["allow_api"] = true; authenticate_success($record);
$_SESSION["allow_api"] = true;
call_hooks('logged_in', $a->user); call_hooks('logged_in', $a->user);
} }