Merge pull request #454 from MrPetovan/task/3946-use-random-bytes

Use random bytes
pull/455/head
Michael Vogel 2017-11-26 13:33:53 +01:00 committed by GitHub
commit 9fef6fd563
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 190 additions and 152 deletions

View File

@ -1,41 +1,51 @@
<?php
/**
* Name: IFTTT Receiver
* Description: Receives a post from https://ifttt.com/ and distributes it.
* Version: 0.1
* Author: Michael Vogel <https://pirati.ca/profile/heluecht>
*/
require_once 'mod/item.php';
require_once 'include/items.php';
require_once 'include/text.php';
require_once("mod/item.php");
require_once("include/items.php");
use Friendica\App;
use Friendica\Core\PConfig;
use Friendica\Database\DBM;
function ifttt_install() {
function ifttt_install()
{
register_hook('connector_settings', 'addon/ifttt/ifttt.php', 'ifttt_settings');
register_hook('connector_settings_post', 'addon/ifttt/ifttt.php', 'ifttt_settings_post');
}
function ifttt_uninstall() {
function ifttt_uninstall()
{
unregister_hook('connector_settings', 'addon/ifttt/ifttt.php', 'ifttt_settings');
unregister_hook('connector_settings_post', 'addon/ifttt/ifttt.php', 'ifttt_settings_post');
}
function ifttt_module() {
function ifttt_module()
{
}
function ifttt_content(&$a) {
function ifttt_content()
{
}
function ifttt_settings(&$a,&$s) {
if(! local_user())
function ifttt_settings(App $a, &$s)
{
if (!local_user()) {
return;
}
$key = PConfig::get(local_user(), 'ifttt', 'key');
if (!$key) {
$key = substr(random_string(),0,20);
$key = random_string(20);
PConfig::set(local_user(), 'ifttt', 'key', $key);
}
@ -48,18 +58,18 @@ function ifttt_settings(&$a,&$s) {
$s .= '</span>';
$s .= '<div id="ifttt-configuration-wrapper">';
$s .= '<p>'.t("Create an account at <a href='http://www.ifttt.com'>IFTTT</a>. Create three Facebook recipes that are connected with <a href='https://ifttt.com/maker'>Maker</a> (In the form 'if Facebook then Maker') with the following parameters:").'</p>';
$s .= '<p>' . t('Create an account at <a href="http://www.ifttt.com">IFTTT</a>. Create three Facebook recipes that are connected with <a href="https://ifttt.com/maker">Maker</a> (In the form "if Facebook then Maker") with the following parameters:') . '</p>';
$s .= '<h4>URL</h4>';
$s .= '<p>' . $a->get_baseurl() . '/ifttt/' . $a->user['nickname'] . '</p>';
$s .= '<h4>Method</h4>';
$s .= '<p>POST</p>';
$s .= '<h4>Content Type</h4>';
$s .= '<p>application/x-www-form-urlencoded</p>';
$s .= '<h4>'.t("Body for 'new status message'").'</h4>';
$s .= '<h4>' . t('Body for "new status message"') . '</h4>';
$s .= '<p><code>' . htmlentities('key=' . $key . '&type=status&msg=<<<{{Message}}>>>&date=<<<{{UpdatedAt}}>>>&url=<<<{{PageUrl}}>>>') . '</code></p>';
$s .= '<h4>'.t("Body for 'new photo upload'").'</h4>';
$s .= '<h4>' . t('Body for "new photo upload"') . '</h4>';
$s .= '<p><code>' . htmlentities('key=' . $key . '&type=photo&link=<<<{{Link}}>>>&image=<<<{{ImageSource}}>>>&msg=<<<{{Caption}}>>>&date=<<<{{CreatedAt}}>>>&url=<<<{{PageUrl}}>>>') . '</code></p>';
$s .= '<h4>'.t("Body for 'new link post'").'</h4>';
$s .= '<h4>' . t('Body for "new link post"') . '</h4>';
$s .= '<p><code>' . htmlentities('key=' . $key . '&type=link&link=<<<{{Link}}>>>&title=<<<{{Title}}>>>&msg=<<<{{Message}}>>>&description=<<<{{Description}}>>>&date=<<<{{CreatedAt}}>>>&url=<<<{{PageUrl}}>>>') . '</code></p>';
$s .= '</div><div class="clear"></div>';
@ -70,112 +80,124 @@ function ifttt_settings(&$a,&$s) {
$s .= '<div class="settings-submit-wrapper" ><input type="submit" name="ifttt-submit" class="settings-submit" value="' . t('Save Settings') . '" /></div>';
$s .= '</div>';
}
function ifttt_settings_post(&$a,&$b) {
if(x($_POST,'ifttt-submit'))
if (isset($_POST['ifttt-rekey']))
function ifttt_settings_post()
{
if (x($_POST, 'ifttt-submit') && isset($_POST['ifttt-rekey'])) {
PConfig::delete(local_user(), 'ifttt', 'key');
}
}
function ifttt_post(&$a) {
if ($a->argc != 2)
return;
$user = $a->argv[1];
$r = q("SELECT `uid` FROM `user` WHERE `nickname` = '%s' LIMIT 1", dbesc($user));
if (!$r) {
logger("User ".$user." not found.", LOGGER_DEBUG);
function ifttt_post(App $a)
{
if ($a->argc != 2) {
return;
}
$uid = $r[0]["uid"];
$nickname = $a->argv[1];
logger("Received a post for user ".$uid." from ifttt ".print_r($_REQUEST, true), LOGGER_DEBUG);
if (!isset($_REQUEST["key"])) {
logger("No key found.");
$user = dba::select('user', ['uid'], ['nickname' => $nickname], ['limit' => 1]);
if (!DBM::is_result($user)) {
logger('User ' . $nickname . ' not found.', LOGGER_DEBUG);
return;
}
$key = $_REQUEST["key"];
$uid = $user['uid'];
logger('Received a post for user ' . $uid . ' from ifttt ' . print_r($_REQUEST, true), LOGGER_DEBUG);
if (!isset($_REQUEST['key'])) {
logger('No key found.');
return;
}
$key = $_REQUEST['key'];
// Check the key
if ($key != PConfig::get($uid, 'ifttt', 'key')) {
logger("Invalid key for user ".$uid, LOGGER_DEBUG);
logger('Invalid key for user ' . $uid, LOGGER_DEBUG);
return;
}
$item = array();
if (isset($_REQUEST["type"]))
$item["type"] = $_REQUEST["type"];
if (isset($_REQUEST['type'])) {
$item['type'] = $_REQUEST['type'];
}
if (!in_array($item["type"], array("status", "link", "photo"))) {
logger("Unknown item type ".$item["type"], LOGGER_DEBUG);
if (!in_array($item['type'], array('status', 'link', 'photo'))) {
logger('Unknown item type ' . $item['type'], LOGGER_DEBUG);
return;
}
if (isset($_REQUEST["link"]))
$item["link"] = trim($_REQUEST["link"]);
if (isset($_REQUEST["image"]))
$item["image"] = trim($_REQUEST["image"]);
if (isset($_REQUEST["title"]))
$item["title"] = trim($_REQUEST["title"]);
if (isset($_REQUEST["msg"]))
$item["msg"] = trim($_REQUEST["msg"]);
if (isset($_REQUEST["description"]))
$item["description"] = trim($_REQUEST["description"]);
if (isset($_REQUEST["date"]))
$item["date"] = date("c", strtotime($date = str_replace(" at ", ", ", $_REQUEST["date"])));
if (isset($_REQUEST["url"]))
$item["url"] = trim($_REQUEST["url"]);
if (isset($_REQUEST['link'])) {
$item['link'] = trim($_REQUEST['link']);
}
if (isset($_REQUEST['image'])) {
$item['image'] = trim($_REQUEST['image']);
}
if (isset($_REQUEST['title'])) {
$item['title'] = trim($_REQUEST['title']);
}
if (isset($_REQUEST['msg'])) {
$item['msg'] = trim($_REQUEST['msg']);
}
if (isset($_REQUEST['description'])) {
$item['description'] = trim($_REQUEST['description']);
}
if (isset($_REQUEST['date'])) {
$item['date'] = date('c', strtotime($date = str_replace(' at ', ', ', $_REQUEST['date'])));
}
if (isset($_REQUEST['url'])) {
$item['url'] = trim($_REQUEST['url']);
}
if ((substr($item["msg"], 0, 3) == "<<<") && (substr($item["msg"], -3, 3) == ">>>"))
$item["msg"] = substr($item["msg"], 3, -3);
if ((substr($item['msg'], 0, 3) == '<<<') && (substr($item['msg'], -3, 3) == '>>>')) {
$item['msg'] = substr($item['msg'], 3, -3);
}
ifttt_message($uid, $item);
}
function ifttt_message($uid, $item) {
function ifttt_message($uid, $item)
{
$a = get_app();
$_SESSION["authenticated"] = true;
$_SESSION["uid"] = $uid;
$_SESSION['authenticated'] = true;
$_SESSION['uid'] = $uid;
unset($_REQUEST);
$_REQUEST["type"] = "wall";
$_REQUEST["api_source"] = true;
$_REQUEST["profile_uid"] = $uid;
$_REQUEST["source"] = "IFTTT";
$_REQUEST["title"] = "";
$_REQUEST["body"] = $item["msg"];
//$_REQUEST["date"] = $item["date"];
//$_REQUEST["uri"] = $item["url"];
$_REQUEST['type'] = 'wall';
$_REQUEST['api_source'] = true;
$_REQUEST['profile_uid'] = $uid;
$_REQUEST['source'] = 'IFTTT';
$_REQUEST['title'] = '';
$_REQUEST['body'] = $item['msg'];
//$_REQUEST['date'] = $item['date'];
//$_REQUEST['uri'] = $item['url'];
if (strstr($item["url"], "facebook.com")) {
$hash = hash("ripemd128", item["url"]);
$_REQUEST["extid"] = NETWORK_FACEBOOK;
$_REQUEST['message_id'] = item_new_uri($a->get_hostname(), $uid, NETWORK_FACEBOOK.":".$hash);
if (strstr($item['url'], 'facebook.com')) {
$hash = hash('ripemd128', item['url']);
$_REQUEST['extid'] = NETWORK_FACEBOOK;
$_REQUEST['message_id'] = item_new_uri($a->get_hostname(), $uid, NETWORK_FACEBOOK . ':' . $hash);
}
if ($item["type"] == "link") {
$data = query_page_info($item["link"]);
if ($item['type'] == 'link') {
$data = query_page_info($item['link']);
if (isset($item["title"]) && (trim($item["title"]) != ""))
$data["title"] = $item["title"];
if (isset($item['title']) && (trim($item['title']) != '')) {
$data['title'] = $item['title'];
}
if (isset($item["description"]) && (trim($item["description"]) != ""))
$data["text"] = $item["description"];
if (isset($item['description']) && (trim($item['description']) != '')) {
$data['text'] = $item['description'];
}
$_REQUEST["body"] .= add_page_info_data($data);
} elseif (($item["type"] == "photo") && ($item["image"] != ""))
$_REQUEST["body"] .= "\n\n[img]".$item["image"]."[/img]\n";
$_REQUEST['body'] .= add_page_info_data($data);
} elseif (($item['type'] == 'photo') && ($item['image'] != '')) {
$_REQUEST['body'] .= "\n\n[img]" . $item['image'] . "[/img]\n";
}
//print_r($_REQUEST);
item_post($a);
}

View File

@ -1,31 +1,36 @@
<?php
/**
* Name: XMPP (Jabber)
* Description: Embedded XMPP (Jabber) client
* Version: 0.1
* Author: Michael Vogel <https://pirati.ca/profile/heluecht>
*/
use Friendica\App;
use Friendica\Core\Config;
use Friendica\Core\PConfig;
function xmpp_install() {
function xmpp_install()
{
register_hook('plugin_settings', 'addon/xmpp/xmpp.php', 'xmpp_plugin_settings');
register_hook('plugin_settings_post', 'addon/xmpp/xmpp.php', 'xmpp_plugin_settings_post');
register_hook('page_end', 'addon/xmpp/xmpp.php', 'xmpp_script');
register_hook('logged_in', 'addon/xmpp/xmpp.php', 'xmpp_login');
}
function xmpp_uninstall() {
function xmpp_uninstall()
{
unregister_hook('plugin_settings', 'addon/xmpp/xmpp.php', 'xmpp_plugin_settings');
unregister_hook('plugin_settings_post', 'addon/xmpp/xmpp.php', 'xmpp_plugin_settings_post');
unregister_hook('page_end', 'addon/xmpp/xmpp.php', 'xmpp_script');
unregister_hook('logged_in', 'addon/xmpp/xmpp.php', 'xmpp_login');
}
function xmpp_plugin_settings_post($a,$post) {
if(! local_user() || (! x($_POST,'xmpp-settings-submit')))
function xmpp_plugin_settings_post()
{
if (!local_user() || (!x($_POST, 'xmpp-settings-submit'))) {
return;
}
PConfig::set(local_user(), 'xmpp', 'enabled', intval($_POST['xmpp_enabled']));
PConfig::set(local_user(), 'xmpp', 'individual', intval($_POST['xmpp_individual']));
PConfig::set(local_user(), 'xmpp', 'bosh_proxy', $_POST['xmpp_bosh_proxy']);
@ -33,10 +38,11 @@ function xmpp_plugin_settings_post($a,$post) {
info(t('XMPP settings updated.') . EOL);
}
function xmpp_plugin_settings(&$a,&$s) {
if(! local_user())
function xmpp_plugin_settings(App $a, &$s)
{
if (!local_user()) {
return;
}
/* Add our stylesheet to the xmpp so we can make our settings look nice */
@ -83,17 +89,18 @@ function xmpp_plugin_settings(&$a,&$s) {
/* provide a submit button */
$s .= '<div class="settings-submit-wrapper" ><input type="submit" name="xmpp-settings-submit" class="settings-submit" value="' . t('Save Settings') . '" /></div></div>';
}
function xmpp_login($a,$b) {
function xmpp_login()
{
if (!$_SESSION["allow_api"]) {
$password = substr(random_string(),0,16);
$password = random_string(16);
PConfig::set(local_user(), "xmpp", "password", $password);
}
}
function xmpp_plugin_admin(&$a, &$o){
function xmpp_plugin_admin(App $a, &$o)
{
$t = get_markup_template("admin.tpl", "addon/xmpp/");
$o = replace_macros($t, array(
@ -103,7 +110,8 @@ function xmpp_plugin_admin(&$a, &$o){
));
}
function xmpp_plugin_admin_post(&$a){
function xmpp_plugin_admin_post()
{
$bosh_proxy = ((x($_POST, 'bosh_proxy')) ? trim($_POST['bosh_proxy']) : '');
$central_userbase = ((x($_POST, 'central_userbase')) ? intval($_POST['central_userbase']) : false);
Config::set('xmpp', 'bosh_proxy', $bosh_proxy);
@ -111,25 +119,32 @@ function xmpp_plugin_admin_post(&$a){
info(t('Settings updated.') . EOL);
}
function xmpp_script(&$a,&$s) {
xmpp_converse($a,$s);
function xmpp_script(App $a)
{
xmpp_converse($a);
}
function xmpp_converse(&$a,&$s) {
if (!local_user())
function xmpp_converse(App $a)
{
if (!local_user()) {
return;
}
if ($_GET["mode"] == "minimal")
if ($_GET["mode"] == "minimal") {
return;
}
if ($a->is_mobile || $a->is_tablet)
if ($a->is_mobile || $a->is_tablet) {
return;
}
if (!PConfig::get(local_user(),"xmpp","enabled"))
if (!PConfig::get(local_user(), "xmpp", "enabled")) {
return;
}
if (in_array($a->query_string, array("admin/federation/")))
if (in_array($a->query_string, array("admin/federation/"))) {
return;
}
$a->page['htmlhead'] .= '<link type="text/css" rel="stylesheet" media="screen" href="addon/xmpp/converse/css/converse.css" />' . "\n";
$a->page['htmlhead'] .= '<script src="addon/xmpp/converse/builds/converse.min.js"></script>' . "\n";
@ -140,11 +155,11 @@ function xmpp_converse(&$a,&$s) {
$password = PConfig::get(local_user(), "xmpp", "password");
if ($password == "") {
$password = substr(random_string(),0,16);
$password = random_string(16);
PConfig::set(local_user(), "xmpp", "password", $password);
}
$jid = $a->user["nickname"]."@".$a->get_hostname()."/converse-".substr(random_string(),0,5);;
$jid = $a->user["nickname"] . "@" . $a->get_hostname() . "/converse-" . random_string(5);
$auto_login = "auto_login: true,
authentication: 'login',
@ -157,13 +172,15 @@ function xmpp_converse(&$a,&$s) {
$auto_login = "";
}
if ($bosh_proxy == "")
if ($bosh_proxy == "") {
return;
}
if (in_array($a->argv[0], array("manage", "logout")))
if (in_array($a->argv[0], array("manage", "logout"))) {
$additional_commands = "converse.user.logout();\n";
else
} else {
$additional_commands = "";
}
$on_ready = "";
@ -200,4 +217,3 @@ function xmpp_converse(&$a,&$s) {
});
</script>";
}
?>