make it much easier to debug friend acceptance issues
by reporting specific error conditions across the wire.
This commit is contained in:
		
							
								
								
									
										12
									
								
								boot.php
									
									
									
									
									
								
							
							
						
						
									
										12
									
								
								boot.php
									
									
									
									
									
								
							| @@ -500,14 +500,18 @@ function goaway($s) { | |||||||
| }} | }} | ||||||
|  |  | ||||||
| // Generic XML return | // Generic XML return | ||||||
| // Outputs a basic XML status structure to STDOUT, with a value variable  | // Outputs a basic dfrn XML status structure to STDOUT, with a <status> variable  | ||||||
| // of $st and terminates the current process.  | // of $st and an optional text <message> of $message and terminates the current process.  | ||||||
|  |  | ||||||
| if(! function_exists('xml_status')) { | if(! function_exists('xml_status')) { | ||||||
| function xml_status($st) { | function xml_status($st, $message = '') { | ||||||
|  |  | ||||||
|  | 	if(strlen($message)) | ||||||
|  | 		$xml_message = "\t<message>" . xmlify($message) . "</message>\r\n"; | ||||||
|  |  | ||||||
| 	header( "Content-type: text/xml" ); | 	header( "Content-type: text/xml" ); | ||||||
| 	echo '<?xml version="1.0" encoding="UTF-8"?>'."\r\n"; | 	echo '<?xml version="1.0" encoding="UTF-8"?>'."\r\n"; | ||||||
| 	echo "<result><status>$st</status></result>\r\n"; | 	echo "<result>\r\n\t<status>$st</status>\r\n$xml_message</result>\r\n"; | ||||||
| 	killme(); | 	killme(); | ||||||
| }} | }} | ||||||
|  |  | ||||||
|   | |||||||
| @@ -3,7 +3,11 @@ | |||||||
| // login/logout  | // login/logout  | ||||||
|  |  | ||||||
| if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] === 'login'))) { | if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] === 'login'))) { | ||||||
|  |  | ||||||
| 	if($_POST['auth-params'] === 'logout' || $a->module === 'logout') { | 	if($_POST['auth-params'] === 'logout' || $a->module === 'logout') { | ||||||
|  | 	 | ||||||
|  | 		// process logout request | ||||||
|  |  | ||||||
| 		unset($_SESSION['authenticated']); | 		unset($_SESSION['authenticated']); | ||||||
| 		unset($_SESSION['uid']); | 		unset($_SESSION['uid']); | ||||||
| 		unset($_SESSION['visitor_id']); | 		unset($_SESSION['visitor_id']); | ||||||
| @@ -13,18 +17,27 @@ if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] === 'login'))) { | |||||||
| 		notice( t('Logged out.') . EOL); | 		notice( t('Logged out.') . EOL); | ||||||
| 		goaway($a->get_baseurl()); | 		goaway($a->get_baseurl()); | ||||||
| 	} | 	} | ||||||
|  |  | ||||||
| 	if(x($_SESSION,'uid')) { | 	if(x($_SESSION,'uid')) { | ||||||
|  |  | ||||||
|  | 		// already logged in user returning | ||||||
|  |  | ||||||
| 		$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", | 		$r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", | ||||||
| 			intval($_SESSION['uid'])); | 			intval($_SESSION['uid']) | ||||||
| 		if($r === NULL || (! count($r))) { | 		); | ||||||
|  |  | ||||||
|  | 		if(! count($r)) { | ||||||
| 			goaway($a->get_baseurl()); | 			goaway($a->get_baseurl()); | ||||||
| 		} | 		} | ||||||
|  |  | ||||||
|  | 		// initialise user environment | ||||||
|  |  | ||||||
| 		$a->user = $r[0]; | 		$a->user = $r[0]; | ||||||
| 		$_SESSION['theme'] = $a->user['theme']; | 		$_SESSION['theme'] = $a->user['theme']; | ||||||
| 		if(strlen($a->user['timezone'])) | 		if(strlen($a->user['timezone'])) | ||||||
| 			date_default_timezone_set($a->user['timezone']); | 			date_default_timezone_set($a->user['timezone']); | ||||||
|  |  | ||||||
| 		$_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $r[0]['nickname']; | 		$_SESSION['my_url'] = $a->get_baseurl() . '/profile/' . $a->user['nickname']; | ||||||
|  |  | ||||||
| 		$r = q("SELECT * FROM `contact` WHERE `uid` = %s AND `self` = 1 LIMIT 1", | 		$r = q("SELECT * FROM `contact` WHERE `uid` = %s AND `self` = 1 LIMIT 1", | ||||||
| 			intval($_SESSION['uid'])); | 			intval($_SESSION['uid'])); | ||||||
| @@ -37,16 +50,21 @@ if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] === 'login'))) { | |||||||
| 	} | 	} | ||||||
| } | } | ||||||
| else { | else { | ||||||
|  |  | ||||||
| 	unset($_SESSION['authenticated']); | 	unset($_SESSION['authenticated']); | ||||||
| 	unset($_SESSION['uid']); | 	unset($_SESSION['uid']); | ||||||
| 	unset($_SESSION['visitor_id']); | 	unset($_SESSION['visitor_id']); | ||||||
| 	unset($_SESSION['administrator']); | 	unset($_SESSION['administrator']); | ||||||
| 	unset($_SESSION['cid']); | 	unset($_SESSION['cid']); | ||||||
| 	unset($_SESSION['theme']); | 	unset($_SESSION['theme']); | ||||||
|  | 	unset($_SESSION['my_url']); | ||||||
|  |  | ||||||
| 	$encrypted = hash('whirlpool',trim($_POST['password'])); | 	$encrypted = hash('whirlpool',trim($_POST['password'])); | ||||||
|  |  | ||||||
| 	if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') { | 	if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') { | ||||||
|  |  | ||||||
|  | 		// process login request | ||||||
|  |  | ||||||
| 		$r = q("SELECT * FROM `user`  | 		$r = q("SELECT * FROM `user`  | ||||||
| 			WHERE `email` = '%s' AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1", | 			WHERE `email` = '%s' AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1", | ||||||
| 			dbesc(trim($_POST['login-name'])), | 			dbesc(trim($_POST['login-name'])), | ||||||
|   | |||||||
| @@ -18,14 +18,14 @@ function dfrn_confirm_post(&$a) { | |||||||
| 		$duplex     = $_POST['duplex']; | 		$duplex     = $_POST['duplex']; | ||||||
| 		$version_id = $_POST['dfrn_version']; | 		$version_id = $_POST['dfrn_version']; | ||||||
|  |  | ||||||
|  |  | ||||||
| 		// Find our user's account | 		// Find our user's account | ||||||
|  |  | ||||||
| 		$r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", | 		$r = q("SELECT * FROM `user` WHERE `nickname` = '%s' LIMIT 1", | ||||||
| 			dbesc($node)); | 			dbesc($node)); | ||||||
|  |  | ||||||
| 		if(! count($r)) { | 		if(! count($r)) { | ||||||
| 			xml_status(3); // failure | 			$message = t('No user record found for ') . '\'' . $node . '\''; | ||||||
|  | 			xml_status(3,$message); // failure | ||||||
| 			// NOTREACHED | 			// NOTREACHED | ||||||
| 		} | 		} | ||||||
|  |  | ||||||
| @@ -38,13 +38,21 @@ function dfrn_confirm_post(&$a) { | |||||||
| 		openssl_private_decrypt($source_url,$decrypted_source_url,$my_prvkey); | 		openssl_private_decrypt($source_url,$decrypted_source_url,$my_prvkey); | ||||||
|  |  | ||||||
|  |  | ||||||
|  | 		if(! strlen($decrypted_source_url)) { | ||||||
|  | 			$message = t('empty site URL was provided.'); | ||||||
|  | 			xml_status(3,$message); | ||||||
|  | 			// NOTREACHED | ||||||
|  | 		} | ||||||
|  |  | ||||||
| 		$ret = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1", | 		$ret = q("SELECT * FROM `contact` WHERE `url` = '%s' AND `uid` = %d LIMIT 1", | ||||||
| 			dbesc($decrypted_source_url), | 			dbesc($decrypted_source_url), | ||||||
| 			intval($local_uid)); | 			intval($local_uid) | ||||||
|  | 		); | ||||||
|  |  | ||||||
| 		if(! count($ret)) { | 		if(! count($ret)) { | ||||||
| 			// this is either a bogus confirmation or we deleted the original introduction. | 			// this is either a bogus confirmation (?) or we deleted the original introduction. | ||||||
| 			xml_status(3); | 			$message = t('Contact record was not found for you on our site.'); | ||||||
|  | 			xml_status(3,$message); | ||||||
| 			return; // NOTREACHED  | 			return; // NOTREACHED  | ||||||
| 		} | 		} | ||||||
|  |  | ||||||
| @@ -72,7 +80,8 @@ function dfrn_confirm_post(&$a) { | |||||||
| 			intval($local_uid) | 			intval($local_uid) | ||||||
| 		); | 		); | ||||||
| 		if(count($r)) { | 		if(count($r)) { | ||||||
| 			xml_status(1); // Birthday paradox - duplicate dfrn-id | 			$message = t('The ID provided is a duplicate on our system. Please try again.'); | ||||||
|  | 			xml_status(1,$message); // Birthday paradox - duplicate dfrn-id | ||||||
| 			// NOTREACHED | 			// NOTREACHED | ||||||
| 		} | 		} | ||||||
|  |  | ||||||
| @@ -81,7 +90,10 @@ function dfrn_confirm_post(&$a) { | |||||||
| 			dbesc($dfrn_pubkey), | 			dbesc($dfrn_pubkey), | ||||||
| 			intval($dfrn_record) | 			intval($dfrn_record) | ||||||
| 		); | 		); | ||||||
| 		if($r) { | 		if(! count($r)) { | ||||||
|  | 			$message = t('Unable to set your credentials on our system.'); | ||||||
|  | 			xml_status(3,$message); | ||||||
|  | 		} | ||||||
|  |  | ||||||
| 		// We're good but now we have to scrape the profile photo and send notifications. | 		// We're good but now we have to scrape the profile photo and send notifications. | ||||||
|  |  | ||||||
| @@ -152,8 +164,10 @@ function dfrn_confirm_post(&$a) { | |||||||
| 			intval($duplex), | 			intval($duplex), | ||||||
| 			intval($dfrn_record) | 			intval($dfrn_record) | ||||||
| 		); | 		); | ||||||
| 			if($r === false) | 		if($r === false) { // should not happen unless schema is messed up | ||||||
| 				notice( t("Unable to set contact photo info.") . EOL); | 			$message = t('Unable to update your contact profile on our system'); | ||||||
|  | 			xml_status(3,$message); | ||||||
|  | 		} | ||||||
|  |  | ||||||
| 		// Otherwise everything seems to have worked and we are almost done. Yay! | 		// Otherwise everything seems to have worked and we are almost done. Yay! | ||||||
| 		// Send an email notification | 		// Send an email notification | ||||||
| @@ -185,11 +199,6 @@ function dfrn_confirm_post(&$a) { | |||||||
| 			} | 			} | ||||||
| 		} | 		} | ||||||
| 		xml_status(0); // Success | 		xml_status(0); // Success | ||||||
| 			// NOTREACHED |  | ||||||
| 		} |  | ||||||
| 		else { |  | ||||||
| 			xml_status(2);	// Hopefully temporary problem that can be retried. |  | ||||||
| 		} |  | ||||||
| 		return; // NOTREACHED | 		return; // NOTREACHED | ||||||
|  |  | ||||||
| 	////////////////////// End of this scenario /////////////////////////////////////////////// | 	////////////////////// End of this scenario /////////////////////////////////////////////// | ||||||
| @@ -257,7 +266,9 @@ function dfrn_confirm_post(&$a) { | |||||||
| 		$params['public_key'] = $public_key; | 		$params['public_key'] = $public_key; | ||||||
|  |  | ||||||
|  |  | ||||||
| 		openssl_public_encrypt($_SESSION['my_url'], $params['source_url'], $site_pubkey); | 		$my_url = $a->get_baseurl() . '/profile/' . $a->user['nickname']; | ||||||
|  |  | ||||||
|  | 		openssl_public_encrypt($my_url, $params['source_url'], $site_pubkey); | ||||||
|  |  | ||||||
| 		if($aes_allow && function_exists('openssl_encrypt')) { | 		if($aes_allow && function_exists('openssl_encrypt')) { | ||||||
| 			openssl_public_encrypt($src_aes_key, $params['aes_key'], $site_pubkey); | 			openssl_public_encrypt($src_aes_key, $params['aes_key'], $site_pubkey); | ||||||
| @@ -297,9 +308,12 @@ function dfrn_confirm_post(&$a) { | |||||||
|  |  | ||||||
| 		$xml = simplexml_load_string($res); | 		$xml = simplexml_load_string($res); | ||||||
| 		$status = (int) $xml->status; | 		$status = (int) $xml->status; | ||||||
|  | 		$message = unxmlify($xml->message); | ||||||
| 		switch($status) { | 		switch($status) { | ||||||
| 			case 0: | 			case 0: | ||||||
| 				notice( t("Confirmation completed successfully") . EOL); | 				notice( t("Confirmation completed successfully.") . EOL); | ||||||
|  | 				if(strlen($message)) | ||||||
|  | 					notice( t('Remote site reported: ') . $message . EOL); | ||||||
| 				break; | 				break; | ||||||
| 			case 1: | 			case 1: | ||||||
| 				// birthday paradox - generate new dfrn-id and fall through. | 				// birthday paradox - generate new dfrn-id and fall through. | ||||||
| @@ -312,15 +326,19 @@ function dfrn_confirm_post(&$a) { | |||||||
|  |  | ||||||
| 			case 2: | 			case 2: | ||||||
| 				notice( t("Temporary failure. Please wait and try again.") . EOL); | 				notice( t("Temporary failure. Please wait and try again.") . EOL); | ||||||
|  | 				if(strlen($message)) | ||||||
|  | 					notice( t('Remote site reported: ') . $message . EOL); | ||||||
| 				break; | 				break; | ||||||
|  |  | ||||||
|  |  | ||||||
| 			case 3: | 			case 3: | ||||||
| 				notice( t("Introduction failed or was revoked. Cannot complete.") . EOL); | 				notice( t("Introduction failed or was revoked.") . EOL); | ||||||
|  | 				if(strlen($message)) | ||||||
|  | 					notice( t('Remote site reported: ') . $message . EOL); | ||||||
| 				break; | 				break; | ||||||
| 			} | 			} | ||||||
|  |  | ||||||
| 		if(($status == 0 || $status == 3) && ($intro_id)) { | 		if(($status == 0) && ($intro_id)) { | ||||||
|  |  | ||||||
| 			//delete the notification | 			//delete the notification | ||||||
|  |  | ||||||
| @@ -334,7 +352,6 @@ function dfrn_confirm_post(&$a) { | |||||||
| 		if($status != 0)  | 		if($status != 0)  | ||||||
| 			return; | 			return; | ||||||
| 		 | 		 | ||||||
|  |  | ||||||
| 		require_once("Photo.php"); | 		require_once("Photo.php"); | ||||||
|  |  | ||||||
| 		$photo_failure = false; | 		$photo_failure = false; | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user