本文整理汇总了PHP中rsa_sign函数的典型用法代码示例。如果您正苦于以下问题:PHP rsa_sign函数的具体用法?PHP rsa_sign怎么用?PHP rsa_sign使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了rsa_sign函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: slapper
function slapper($owner, $url, $slap)
{
// does contact have a salmon endpoint?
if (!strlen($url)) {
return;
}
if (!$owner['channel_prvkey']) {
logger(sprintf("channel '%s' (%d) does not have a salmon private key. Send failed.", $owner['channel_address'], $owner['channel_id']));
return;
}
logger('slapper called for ' . $url . '. Data: ' . $slap, LOGGER_DATA, LOG_DEBUG);
// create a magic envelope
$data = base64url_encode($slap);
$data_type = 'application/atom+xml';
$encoding = 'base64url';
$algorithm = 'RSA-SHA256';
$keyhash = base64url_encode(hash('sha256', salmon_key($owner['channel_pubkey'])), true);
// precomputed base64url encoding of data_type, encoding, algorithm concatenated with periods
$precomputed = '.YXBwbGljYXRpb24vYXRvbSt4bWw=.YmFzZTY0dXJs.UlNBLVNIQTI1Ng==';
$signature = base64url_encode(rsa_sign(str_replace('=', '', $data . $precomputed), $owner['channel_prvkey']));
$signature2 = base64url_encode(rsa_sign($data . $precomputed, $owner['channel_prvkey']));
$signature3 = base64url_encode(rsa_sign($data, $owner['channel_prvkey']));
$salmon_tpl = get_markup_template('magicsig.tpl');
$salmon = replace_macros($salmon_tpl, array('$data' => $data, '$encoding' => $encoding, '$algorithm' => $algorithm, '$keyhash' => $keyhash, '$signature' => $signature));
// slap them
$redirects = 0;
$ret = z_post_url($url, $salmon, $redirects, array('headers' => array('Content-type: application/magic-envelope+xml', 'Content-length: ' . strlen($salmon))));
$return_code = $ret['return_code'];
// check for success, e.g. 2xx
if ($return_code > 299) {
logger('compliant salmon failed. Falling back to status.net hack2');
// Entirely likely that their salmon implementation is
// non-compliant. Let's try once more, this time only signing
// the data, without stripping '=' chars
$salmon = replace_macros($salmon_tpl, array('$data' => $data, '$encoding' => $encoding, '$algorithm' => $algorithm, '$keyhash' => $keyhash, '$signature' => $signature2));
$redirects = 0;
$ret = z_post_url($url, $salmon, $redirects, array('headers' => array('Content-type: application/magic-envelope+xml', 'Content-length: ' . strlen($salmon))));
$return_code = $ret['return_code'];
if ($return_code > 299) {
logger('compliant salmon failed. Falling back to status.net hack3');
// Entirely likely that their salmon implementation is
// non-compliant. Let's try once more, this time only signing
// the data, without the precomputed blob
$salmon = replace_macros($salmon_tpl, array('$data' => $data, '$encoding' => $encoding, '$algorithm' => $algorithm, '$keyhash' => $keyhash, '$signature' => $signature3));
$redirects = 0;
$ret = z_post_url($url, $salmon, $redirects, array('headers' => array('Content-type: application/magic-envelope+xml', 'Content-length: ' . strlen($salmon))));
$return_code = $ret['return_code'];
}
}
logger('slapper for ' . $url . ' returned ' . $return_code);
if (!$return_code) {
return -1;
}
if ($return_code == 503 && stristr($ret['header'], 'retry-after')) {
return -1;
}
return $return_code >= 200 && $return_code < 300 ? 0 : 1;
}示例2: diaspora_sign_fields
/**
* Some utility functions for processing the Diaspora comment virus.
*
*/
function diaspora_sign_fields($fields, $prvkey)
{
if (!$fields) {
return '';
}
$n = array();
foreach ($fields as $k => $v) {
if ($k !== 'author_signature' && $k !== 'parent_author_signature') {
$n[$k] = $v;
}
}
$s = implode($n, ';');
logger('signing_string: ' . $s);
return base64_encode(rsa_sign($s, $prvkey));
}示例3: get
function get()
{
if (!is_site_admin()) {
return;
}
$o = '';
$r = q("select * from channel where channel_removed = 0");
$sitekey = get_config('system', 'pubkey');
if ($r) {
foreach ($r as $rr) {
$found = false;
$primary_address = '';
$x = zot_get_hublocs($rr['channel_hash']);
if ($x) {
foreach ($x as $xx) {
if ($xx['hubloc_url'] === z_root() && $xx['hubloc_sitekey'] === $sitekey) {
$found = true;
break;
}
}
if ($found) {
$o .= 'Hubloc exists for ' . $rr['channel_name'] . EOL;
continue;
}
}
$y = q("select xchan_addr from xchan where xchan_hash = '%s' limit 1", dbesc($rr['channel_hash']));
if ($y) {
$primary_address = $y[0]['xchan_addr'];
}
$hub_address = $rr['channel']['channel_address'] . '@' . \App::get_hostname();
$primary = $hub_address === $primary_address ? 1 : 0;
if (!$y) {
$primary = 1;
}
$m = q("delete from hubloc where hubloc_hash = '%s' and hubloc_url = '%s' ", dbesc($rr['channel_hash']), dbesc(z_root()));
// Create a verified hub location pointing to this site.
$h = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_primary, hubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_network )\n\t\t\t\t\tvalues ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s' )", dbesc($rr['channel_guid']), dbesc($rr['channel_guid_sig']), dbesc($rr['channel_hash']), dbesc($rr['channel_address'] . '@' . \App::get_hostname()), intval($primary), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(), $rr['channel_prvkey']))), dbesc(\App::get_hostname()), dbesc(z_root() . '/post'), dbesc($sitekey), dbesc('zot'));
if ($h) {
$o . 'local hubloc created for ' . $rr['channel_name'] . EOL;
} else {
$o .= 'DB update failed for ' . $rr['channel_name'] . EOL;
}
}
return $o;
}
}示例4: prate_post
function prate_post(&$a)
{
if (!local_channel()) {
return;
}
$channel = App::get_channel();
$target = trim($_REQUEST['target']);
if (!$target) {
return;
}
if ($target === $channel['channel_hash']) {
return;
}
$rating = intval($_POST['rating']);
if ($rating < -10) {
$rating = -10;
}
if ($rating > 10) {
$rating = 10;
}
$rating_text = trim(escape_tags($_REQUEST['rating_text']));
$signed = $target . '.' . $rating . '.' . $rating_text;
$sig = base64url_encode(rsa_sign($signed, $channel['channel_prvkey']));
$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc($target));
if ($z) {
$record = $z[0]['xlink_id'];
$w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'\n\t\t\twhere xlink_id = %d", intval($rating), dbesc($rating_text), dbesc($sig), dbesc(datetime_convert()), intval($record));
} else {
$w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ", dbesc($channel['channel_hash']), dbesc($target), intval($rating), dbesc($rating_text), dbesc($sig), dbesc(datetime_convert()));
$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc($orig_record[0]['abook_xchan']));
if ($z) {
$record = $z[0]['xlink_id'];
}
}
if ($record) {
proc_run('php', 'include/ratenotif.php', 'rating', $record);
}
json_return_and_die(array('result' => true));
}示例5: post
function post()
{
if (!local_channel()) {
return;
}
if (!\App::$data['target']) {
return;
}
if (!$_REQUEST['execute']) {
return;
}
$channel = \App::get_channel();
$rating = intval($_POST['rating']);
if ($rating < -10) {
$rating = -10;
}
if ($rating > 10) {
$rating = 10;
}
$rating_text = trim(escape_tags($_REQUEST['rating_text']));
$signed = \App::$data['target'] . '.' . $rating . '.' . $rating_text;
$sig = base64url_encode(rsa_sign($signed, $channel['channel_prvkey']));
$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc(\App::$data['target']));
if ($z) {
$record = $z[0]['xlink_id'];
$w = q("update xlink set xlink_rating = '%d', xlink_rating_text = '%s', xlink_sig = '%s', xlink_updated = '%s'\n\t\t\t\twhere xlink_id = %d", intval($rating), dbesc($rating_text), dbesc($sig), dbesc(datetime_convert()), intval($record));
} else {
$w = q("insert into xlink ( xlink_xchan, xlink_link, xlink_rating, xlink_rating_text, xlink_sig, xlink_updated, xlink_static ) values ( '%s', '%s', %d, '%s', '%s', '%s', 1 ) ", dbesc($channel['channel_hash']), dbesc(\App::$data['target']), intval($rating), dbesc($rating_text), dbesc($sig), dbesc(datetime_convert()));
$z = q("select * from xlink where xlink_xchan = '%s' and xlink_link = '%s' and xlink_static = 1 limit 1", dbesc($channel['channel_hash']), dbesc(\App::$data['target']));
if ($z) {
$record = $z[0]['xlink_id'];
}
}
if ($record) {
\Zotlabs\Daemon\Master::Summon(array('Ratenotif', 'rating', $record));
}
}示例6: item_post
//.........这里部分代码省略.........
if ($preview) {
require_once 'include/conversation.php';
$datarray['owner'] = $owner_xchan;
$datarray['author'] = $observer;
$datarray['attach'] = json_encode($datarray['attach']);
$o = conversation($a, array($datarray), 'search', false, 'preview');
// logger('preview: ' . $o, LOGGER_DEBUG);
echo json_encode(array('preview' => $o));
killme();
}
if ($orig_post) {
$datarray['edit'] = true;
}
call_hooks('post_local', $datarray);
if (x($datarray, 'cancel')) {
logger('mod_item: post cancelled by plugin.');
if ($return_path) {
goaway($a->get_baseurl() . "/" . $return_path);
}
$json = array('cancel' => 1);
if (x($_REQUEST, 'jsreload') && strlen($_REQUEST['jsreload'])) {
$json['reload'] = $a->get_baseurl() . '/' . $_REQUEST['jsreload'];
}
echo json_encode($json);
killme();
}
if (mb_strlen($datarray['title']) > 255) {
$datarray['title'] = mb_substr($datarray['title'], 0, 255);
}
if (array_key_exists('item_private', $datarray) && $datarray['item_private']) {
$datarray['body'] = trim(z_input_filter($datarray['uid'], $datarray['body'], $datarray['mimetype']));
if ($uid) {
if ($channel['channel_hash'] === $datarray['author_xchan']) {
$datarray['sig'] = base64url_encode(rsa_sign($datarray['body'], $channel['channel_prvkey']));
$datarray['item_flags'] = $datarray['item_flags'] | ITEM_VERIFIED;
}
}
logger('Encrypting local storage');
$key = get_config('system', 'pubkey');
$datarray['item_flags'] = $datarray['item_flags'] | ITEM_OBSCURED;
if ($datarray['title']) {
$datarray['title'] = json_encode(crypto_encapsulate($datarray['title'], $key));
}
if ($datarray['body']) {
$datarray['body'] = json_encode(crypto_encapsulate($datarray['body'], $key));
}
}
if ($orig_post) {
$datarray['id'] = $post_id;
item_store_update($datarray, $execflag);
update_remote_id($channel, $post_id, $webpage, $pagetitle, $namespace, $remote_id, $mid);
if (!$nopush) {
proc_run('php', "include/notifier.php", 'edit_post', $post_id);
}
if (x($_REQUEST, 'return') && strlen($return_path)) {
logger('return: ' . $return_path);
goaway($a->get_baseurl() . "/" . $return_path);
}
killme();
} else {
$post_id = 0;
}
$post = item_store($datarray, $execflag);
$post_id = $post['item_id'];
if ($post_id) {
logger('mod_item: saved item ' . $post_id);示例7: item_url_replace
function item_url_replace($channel, &$item, $old, $new)
{
if ($item['attach']) {
json_url_replace($old, $new, $item['attach']);
}
if ($item['object']) {
json_url_replace($old, $new, $item['object']);
}
if ($item['target']) {
json_url_replace($old, $new, $item['target']);
}
if (string_replace($old, $new, $item['body'])) {
$item['sig'] = base64url_encode(rsa_sign($item['body'], $channel['channel_prvkey']));
$item['item_verified'] = 1;
}
}示例8: import_post
//.........这里部分代码省略.........
if ($data['photo']) {
require_once 'include/photo/photo_driver.php';
import_channel_photo(base64url_decode($data['photo']['data']), $data['photo']['type'], get_account_id(), $channel['channel_id']);
}
$profiles = $data['profile'];
if ($profiles) {
foreach ($profiles as $profile) {
unset($profile['id']);
$profile['aid'] = get_account_id();
$profile['uid'] = $channel['channel_id'];
// we are going to reset all profile photos to the original
// somebody will have to fix this later and put all the applicable photos into the export
$profile['photo'] = z_root() . '/photo/profile/l/' . $channel['channel_id'];
$profile['thumb'] = z_root() . '/photo/profile/m/' . $channel['channel_id'];
dbesc_array($profile);
$r = dbq("INSERT INTO profile (`" . implode("`, `", array_keys($profile)) . "`) VALUES ('" . implode("', '", array_values($profile)) . "')");
}
}
$hublocs = $data['hubloc'];
if ($hublocs) {
foreach ($hublocs as $hubloc) {
$arr = array('guid' => $hubloc['hubloc_guid'], 'guid_sig' => $hubloc['guid_sig'], 'url' => $hubloc['hubloc_url'], 'url_sig' => $hubloc['hubloc_url_sig']);
if ($hubloc['hubloc_hash'] === $channel['channel_hash'] && $hubloc['hubloc_flags'] & HUBLOC_FLAGS_PRIMARY && $seize) {
$hubloc['hubloc_flags'] = $hubloc['hubloc_flags'] ^ HUBLOC_FLAGS_PRIMARY;
}
if (!zot_gethub($arr)) {
unset($hubloc['hubloc_id']);
dbesc_array($hubloc);
$r = dbq("INSERT INTO hubloc (`" . implode("`, `", array_keys($hubloc)) . "`) VALUES ('" . implode("', '", array_values($hubloc)) . "')");
}
}
}
// create new hubloc for the new channel at this site
$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_network, hubloc_flags, \n\t\thubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey )\n\t\tvalues ( '%s', '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s' )", dbesc($channel['channel_guid']), dbesc($channel['channel_guid_sig']), dbesc($channel['channel_hash']), dbesc($channel['channel_address'] . '@' . get_app()->get_hostname()), dbesc('zot'), intval($seize ? HUBLOC_FLAGS_PRIMARY : 0), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(), $channel['channel_prvkey']))), dbesc(get_app()->get_hostname()), dbesc(z_root() . '/post'), dbesc(get_config('system', 'pubkey')));
// reset the original primary hubloc if it is being seized
if ($seize) {
$r = q("update hubloc set hubloc_flags = (hubloc_flags ^ %d) where (hubloc_flags & %d) and hubloc_hash = '%s' and hubloc_url != '%s' ", intval(HUBLOC_FLAGS_PRIMARY), intval(HUBLOC_FLAGS_PRIMARY), dbesc($channel['channel_hash']), dbesc(z_root()));
}
// import xchans and contact photos
if ($seize) {
// replace our existing xchan if we're seizing control
$r = q("delete from xchan where xchan_hash = '%s' limit 1", dbesc($channel['channel_hash']));
$r = q("insert into xchan ( xchan_hash, xchan_guid, xchan_guid_sig, xchan_pubkey, xchan_photo_l, xchan_photo_m, xchan_photo_s, xchan_addr, xchan_url, xchan_follow, xchan_connurl, xchan_name, xchan_network, xchan_photo_date, xchan_name_date ) values ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s')", dbesc($channel['channel_hash']), dbesc($channel['channel_guid']), dbesc($channel['channel_guid_sig']), dbesc($channel['channel_pubkey']), dbesc($a->get_baseurl() . "/photo/profile/l/" . $channel['channel_id']), dbesc($a->get_baseurl() . "/photo/profile/m/" . $channel['channel_id']), dbesc($a->get_baseurl() . "/photo/profile/s/" . $channel['channel_id']), dbesc($channel['channel_address'] . '@' . get_app()->get_hostname()), dbesc(z_root() . '/channel/' . $channel['channel_address']), dbesc(z_root() . '/follow?f=&url=%s'), dbesc(z_root() . '/poco/' . $channel['channel_address']), dbesc($channel['channel_name']), dbesc('zot'), dbesc(datetime_convert()), dbesc(datetime_convert()));
}
$xchans = $data['xchan'];
if ($xchans) {
foreach ($xchans as $xchan) {
$r = q("select xchan_hash from xchan where xchan_hash = '%s' limit 1", dbesc($xchan['xchan_hash']));
if ($r) {
continue;
}
dbesc_array($xchan);
$r = dbq("INSERT INTO xchan (`" . implode("`, `", array_keys($xchan)) . "`) VALUES ('" . implode("', '", array_values($xchan)) . "')");
require_once 'include/photo/photo_driver.php';
$photos = import_profile_photo($xchan['xchan_photo_l'], $xchan['xchan_hash']);
if ($photos[4]) {
$photodate = NULL_DATE;
} else {
$photodate = $xchan['xchan_photo_date'];
}
$r = q("update xchan set xchan_photo_l = '%s', xchan_photo_m = '%s', xchan_photo_s = '%s', xchan_photo_mimetype = '%s', xchan_photo_date = '%s'\n\t\t\t\twhere xchan_hash = '%s' limit 1", dbesc($photos[0]), dbesc($photos[1]), dbesc($photos[2]), dbesc($photos[3]), dbesc($photodate), dbesc($xchan_hash));
}
}
// FIXME - ensure we have an xchan if somebody is trying to pull a fast one
// import contacts
$abooks = $data['abook'];示例9: store_diaspora_retract_sig
function store_diaspora_retract_sig($item, $user, $baseurl)
{
// Note that we can't add a target_author_signature
// if the comment was deleted by a remote user. That should be ok, because if a remote user is deleting
// the comment, that means we're the home of the post, and Diaspora will only
// check the parent_author_signature of retractions that it doesn't have to relay further
//
// I don't think this function gets called for an "unlike," but I'll check anyway
$enabled = intval(get_config('system', 'diaspora_enabled'));
if (!$enabled) {
logger('drop_item: diaspora support disabled, not storing retraction signature', LOGGER_DEBUG);
return;
}
logger('drop_item: storing diaspora retraction signature');
$signed_text = $item['guid'] . ';' . ($item['verb'] === ACTIVITY_LIKE ? 'Like' : 'Comment');
if (local_user() == $item['uid']) {
$handle = $user['nickname'] . '@' . substr($baseurl, strpos($baseurl, '://') + 3);
$authorsig = base64_encode(rsa_sign($signed_text, $user['prvkey'], 'sha256'));
} else {
$r = q("SELECT `nick`, `url` FROM `contact` WHERE `id` = '%d' LIMIT 1", $item['contact-id']);
if (count($r)) {
// The below handle only works for NETWORK_DFRN. I think that's ok, because this function
// only handles DFRN deletes
$handle_baseurl_start = strpos($r['url'], '://') + 3;
$handle_baseurl_length = strpos($r['url'], '/profile') - $handle_baseurl_start;
$handle = $r['nick'] . '@' . substr($r['url'], $handle_baseurl_start, $handle_baseurl_length);
$authorsig = '';
}
}
if (isset($handle)) {
q("insert into sign (`retract_iid`,`signed_text`,`signature`,`signer`) values (%d,'%s','%s','%s') ", intval($item['id']), dbesc($signed_text), dbesc($authorsig), dbesc($handle));
}
return;
}示例10: zot_reply_auth_check
function zot_reply_auth_check($data, $encrypted_packet)
{
$ret = array('success' => false);
/*
* Requestor visits /magic/?dest=somewhere on their own site with a browser
* magic redirects them to $destsite/post [with auth args....]
* $destsite sends an auth_check packet to originator site
* The auth_check packet is handled here by the originator's site
* - the browser session is still waiting
* inside $destsite/post for everything to verify
* If everything checks out we'll return a token to $destsite
* and then $destsite will verify the token, authenticate the browser
* session and then redirect to the original destination.
* If authentication fails, the redirection to the original destination
* will still take place but without authentication.
*/
logger('mod_zot: auth_check', LOGGER_DEBUG);
if (!$encrypted_packet) {
logger('mod_zot: auth_check packet was not encrypted.');
$ret['message'] .= 'no packet encryption' . EOL;
json_return_and_die($ret);
}
$arr = $data['sender'];
$sender_hash = make_xchan_hash($arr['guid'], $arr['guid_sig']);
// garbage collect any old unused notifications
// This was and should be 10 minutes but my hosting provider has time lag between the DB and
// the web server. We should probably convert this to webserver time rather than DB time so
// that the different clocks won't affect it and allow us to keep the time short.
q("delete from verify where type = 'auth' and created < %s - INTERVAL %s", db_utcnow(), db_quoteinterval('30 MINUTE'));
$y = q("select xchan_pubkey from xchan where xchan_hash = '%s' limit 1", dbesc($sender_hash));
// We created a unique hash in mod/magic.php when we invoked remote auth, and stored it in
// the verify table. It is now coming back to us as 'secret' and is signed by a channel at the other end.
// First verify their signature. We will have obtained a zot-info packet from them as part of the sender
// verification.
if (!$y || !rsa_verify($data['secret'], base64url_decode($data['secret_sig']), $y[0]['xchan_pubkey'])) {
logger('mod_zot: auth_check: sender not found or secret_sig invalid.');
$ret['message'] .= 'sender not found or sig invalid ' . print_r($y, true) . EOL;
json_return_and_die($ret);
}
// There should be exactly one recipient, the original auth requestor
$ret['message'] .= 'recipients ' . print_r($recipients, true) . EOL;
if ($data['recipients']) {
$arr = $data['recipients'][0];
$recip_hash = make_xchan_hash($arr['guid'], $arr['guid_sig']);
$c = q("select channel_id, channel_account_id, channel_prvkey from channel where channel_hash = '%s' limit 1", dbesc($recip_hash));
if (!$c) {
logger('mod_zot: auth_check: recipient channel not found.');
$ret['message'] .= 'recipient not found.' . EOL;
json_return_and_die($ret);
}
$confirm = base64url_encode(rsa_sign($data['secret'] . $recip_hash, $c[0]['channel_prvkey']));
// This additionally checks for forged sites since we already stored the expected result in meta
// and we've already verified that this is them via zot_gethub() and that their key signed our token
$z = q("select id from verify where channel = %d and type = 'auth' and token = '%s' and meta = '%s' limit 1", intval($c[0]['channel_id']), dbesc($data['secret']), dbesc($data['sender']['url']));
if (!$z) {
logger('mod_zot: auth_check: verification key not found.');
$ret['message'] .= 'verification key not found' . EOL;
json_return_and_die($ret);
}
$r = q("delete from verify where id = %d", intval($z[0]['id']));
$u = q("select account_service_class from account where account_id = %d limit 1", intval($c[0]['channel_account_id']));
logger('mod_zot: auth_check: success', LOGGER_DEBUG);
$ret['success'] = true;
$ret['confirm'] = $confirm;
if ($u && $u[0]['account_service_class']) {
$ret['service_class'] = $u[0]['account_service_class'];
}
// Set "do not track" flag if this site or this channel's profile is restricted
// in some way
if (intval(get_config('system', 'block_public'))) {
$ret['DNT'] = true;
}
if (!perm_is_allowed($c[0]['channel_id'], '', 'view_profile')) {
$ret['DNT'] = true;
}
if (get_pconfig($c[0]['channel_id'], 'system', 'do_not_track')) {
$ret['DNT'] = true;
}
if (get_pconfig($c[0]['channel_id'], 'system', 'hide_online_status')) {
$ret['DNT'] = true;
}
json_return_and_die($ret);
}
json_return_and_die($ret);
}示例11: store_diaspora_comment_sig
function store_diaspora_comment_sig($datarray, $channel, $parent_item, $post_id, $walltowall = false)
{
// We won't be able to sign Diaspora comments for authenticated visitors
// - we don't have their private key
// since Diaspora doesn't handle edits we can only do this for the original text and not update it.
require_once 'include/bb2diaspora.php';
$signed_body = bb2diaspora_itembody($datarray, $walltowall);
if ($walltowall) {
logger('wall to wall comment', LOGGER_DEBUG);
// post will come across with the owner's identity. Throw a preamble onto the post to indicate the true author.
$signed_body = "\n\n" . '![' . $datarray['author']['xchan_name'] . '](' . $datarray['author']['xchan_photo_m'] . ')' . '[' . $datarray['author']['xchan_name'] . '](' . $datarray['author']['xchan_url'] . ')' . "\n\n" . $signed_body;
}
logger('storing diaspora comment signature', LOGGER_DEBUG);
$diaspora_handle = $channel['channel_address'] . '@' . get_app()->get_hostname();
$signed_text = $datarray['mid'] . ';' . $parent_item['mid'] . ';' . $signed_body . ';' . $diaspora_handle;
/** @FIXME $uprvkey is undefined, do we still need this if-statement? */
if ($uprvkey !== false) {
$authorsig = base64_encode(rsa_sign($signed_text, $channel['channel_prvkey'], 'sha256'));
} else {
$authorsig = '';
}
$x = array('signer' => $diaspora_handle, 'body' => $signed_body, 'signed_text' => $signed_text, 'signature' => base64_encode($authorsig));
$key = get_config('system', 'pubkey');
$y = crypto_encapsulate(json_encode($x), $key);
$r = q("update item set diaspora_meta = '%s' where id = %d", dbesc(json_encode($y)), intval($post_id));
if (!$r) {
logger('store_diaspora_comment_sig: DB write failed');
}
return;
}示例12: create_identity
/**
* @brief Create a new channel.
*
* Also creates the related xchan, hubloc, profile, and "self" abook records,
* and an empty "Friends" group/collection for the new channel.
*
* @param array $arr assoziative array with:
* * \e string \b name full name of channel
* * \e string \b nickname "email/url-compliant" nickname
* * \e int \b account_id to attach with this channel
* * [other identity fields as desired]
*
* @returns array
* 'success' => boolean true or false
* 'message' => optional error text if success is false
* 'channel' => if successful the created channel array
*/
function create_identity($arr)
{
$a = get_app();
$ret = array('success' => false);
if (!$arr['account_id']) {
$ret['message'] = t('No account identifier');
return $ret;
}
$ret = identity_check_service_class($arr['account_id']);
if (!$ret['success']) {
return $ret;
}
// save this for auto_friending
$total_identities = $ret['total_identities'];
$nick = mb_strtolower(trim($arr['nickname']));
if (!$nick) {
$ret['message'] = t('Nickname is required.');
return $ret;
}
$name = escape_tags($arr['name']);
$pageflags = x($arr, 'pageflags') ? intval($arr['pageflags']) : PAGE_NORMAL;
$system = x($arr, 'system') ? intval($arr['system']) : 0;
$name_error = validate_channelname($arr['name']);
if ($name_error) {
$ret['message'] = $name_error;
return $ret;
}
if ($nick === 'sys' && !$system) {
$ret['message'] = t('Reserved nickname. Please choose another.');
return $ret;
}
if (check_webbie(array($nick)) !== $nick) {
$ret['message'] = t('Nickname has unsupported characters or is already being used on this site.');
return $ret;
}
$guid = zot_new_uid($nick);
$key = new_keypair(4096);
$sig = base64url_encode(rsa_sign($guid, $key['prvkey']));
$hash = make_xchan_hash($guid, $sig);
// Force a few things on the short term until we can provide a theme or app with choice
$publish = 1;
if (array_key_exists('publish', $arr)) {
$publish = intval($arr['publish']);
}
$primary = true;
if (array_key_exists('primary', $arr)) {
$primary = intval($arr['primary']);
}
$role_permissions = null;
$global_perms = get_perms();
if (array_key_exists('permissions_role', $arr) && $arr['permissions_role']) {
$role_permissions = get_role_perms($arr['permissions_role']);
if ($role_permissions) {
foreach ($role_permissions as $p => $v) {
if (strpos($p, 'channel_') !== false) {
$perms_keys .= ', ' . $p;
$perms_vals .= ', ' . intval($v);
}
if ($p === 'directory_publish') {
$publish = intval($v);
}
}
}
} else {
$defperms = site_default_perms();
foreach ($defperms as $p => $v) {
$perms_keys .= ', ' . $global_perms[$p][0];
$perms_vals .= ', ' . intval($v);
}
}
$expire = 0;
$r = q("insert into channel ( channel_account_id, channel_primary, \n\t\tchannel_name, channel_address, channel_guid, channel_guid_sig,\n\t\tchannel_hash, channel_prvkey, channel_pubkey, channel_pageflags, channel_system, channel_expire_days, channel_timezone {$perms_keys} )\n\t\tvalues ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s' {$perms_vals} ) ", intval($arr['account_id']), intval($primary), dbesc($name), dbesc($nick), dbesc($guid), dbesc($sig), dbesc($hash), dbesc($key['prvkey']), dbesc($key['pubkey']), intval($pageflags), intval($system), intval($expire), dbesc($a->timezone));
$r = q("select * from channel where channel_account_id = %d \n\t\tand channel_guid = '%s' limit 1", intval($arr['account_id']), dbesc($guid));
if (!$r) {
$ret['message'] = t('Unable to retrieve created identity');
return $ret;
}
$ret['channel'] = $r[0];
if (intval($arr['account_id'])) {
set_default_login_identity($arr['account_id'], $ret['channel']['channel_id'], false);
}
// Create a verified hub location pointing to this site.
$r = q("insert into hubloc ( hubloc_guid, hubloc_guid_sig, hubloc_hash, hubloc_addr, hubloc_primary, \n\t\thubloc_url, hubloc_url_sig, hubloc_host, hubloc_callback, hubloc_sitekey, hubloc_network )\n\t\tvalues ( '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s' )", dbesc($guid), dbesc($sig), dbesc($hash), dbesc($ret['channel']['channel_address'] . '@' . get_app()->get_hostname()), intval($primary), dbesc(z_root()), dbesc(base64url_encode(rsa_sign(z_root(), $ret['channel']['channel_prvkey']))), dbesc(get_app()->get_hostname()), dbesc(z_root() . '/post'), dbesc(get_config('system', 'pubkey')), dbesc('zot'));
//.........这里部分代码省略.........
示例13: diaspora_send_mail
function diaspora_send_mail($item, $owner, $contact)
{
$a = get_app();
$myaddr = $owner['channel_address'] . '@' . App::get_hostname();
$r = q("select * from conv where guid = '%s' and uid = %d limit 1", dbesc($item['conv_guid']), intval($item['channel_id']));
if (!count($r)) {
logger('diaspora_send_mail: conversation not found.');
return;
}
$z = q("select from_xchan from mail where conv_guid = '%s' and channel_id = %d and mid = parent_mid limit 1", dbesc($item['conv_guid']), intval($item['channel_id']));
$conv_owner = $z && $z[0]['from_xchan'] === $owner['channel_hash'] ? true : false;
$cnv = $r[0];
$cnv['subject'] = base64url_decode(str_rot47($cnv['subject']));
$conv = array('guid' => xmlify($cnv['guid']), 'subject' => xmlify($cnv['subject']), 'created_at' => xmlify(datetime_convert('UTC', 'UTC', $cnv['created'], 'Y-m-d H:i:s \\U\\T\\C')), 'diaspora_handle' => xmlify($cnv['creator']), 'participant_handles' => xmlify($cnv['recips']));
if (array_key_exists('mail_obscured', $item) && intval($item['mail_obscured'])) {
if ($item['title']) {
$item['title'] = base64url_decode(str_rot47($item['title']));
}
if ($item['body']) {
$item['body'] = base64url_decode(str_rot47($item['body']));
}
}
// the parent_guid needs to be the conversation guid
$parent_ptr = $cnv['guid'];
$body = bb2diaspora($item['body']);
$created = datetime_convert('UTC', 'UTC', $item['created'], 'Y-m-d H:i:s \\U\\T\\C');
$signed_text = $item['mid'] . ';' . $parent_ptr . ';' . $body . ';' . $created . ';' . $myaddr . ';' . $cnv['guid'];
$sig = base64_encode(rsa_sign($signed_text, $owner['channel_prvkey'], 'sha256'));
$msg = array('guid' => xmlify($item['mid']), 'parent_guid' => xmlify($parent_ptr), 'parent_author_signature' => $conv_owner ? xmlify($sig) : null, 'author_signature' => xmlify($sig), 'text' => xmlify($body), 'created_at' => xmlify($created), 'diaspora_handle' => xmlify($myaddr), 'conversation_guid' => xmlify($cnv['guid']));
if ($item['mail_isreply']) {
$tpl = get_markup_template('diaspora_message.tpl', 'addon/diaspora');
$xmsg = replace_macros($tpl, array('$msg' => $msg));
} else {
$conv['messages'] = array($msg);
$tpl = get_markup_template('diaspora_conversation.tpl', 'addon/diaspora');
$xmsg = replace_macros($tpl, array('$conv' => $conv));
}
logger('diaspora_conversation: ' . print_r($xmsg, true), LOGGER_DATA);
$slap = 'xml=' . urlencode(urlencode(diaspora_msg_build($xmsg, $owner, $contact, $owner['channel_prvkey'], $contact['xchan_pubkey'], false)));
return diaspora_queue($owner, $contact, $slap, false, $item['mid']);
}示例14: item_url_replace
function item_url_replace($channel, &$item, $old, $new, $oldnick = '')
{
if ($item['attach']) {
json_url_replace($old, $new, $item['attach']);
if ($oldnick) {
json_url_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['attach']);
}
}
if ($item['object']) {
json_url_replace($old, $new, $item['object']);
if ($oldnick) {
json_url_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['object']);
}
}
if ($item['target']) {
json_url_replace($old, $new, $item['target']);
if ($oldnick) {
json_url_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['target']);
}
}
if (string_replace($old, $new, $item['body'])) {
$item['sig'] = base64url_encode(rsa_sign($item['body'], $channel['channel_prvkey']));
$item['item_verified'] = 1;
}
$item['plink'] = str_replace($old, $new, $item['plink']);
if ($oldnick) {
$item['plink'] = str_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['plink']);
}
$item['llink'] = str_replace($old, $new, $item['llink']);
if ($oldnick) {
$item['llink'] = str_replace('/' . $oldnick . '/', '/' . $channel['channel_address'] . '/', $item['llink']);
}
}示例15: zot_fetch
/**
* @brief
*
* We received a notification packet (in mod/post.php) that a message is waiting for us, and we've verified the sender.
* Now send back a pickup message, using our message tracking ID ($arr['secret']), which we will sign with our site private key.
* The entire pickup message is encrypted with the remote site's public key.
* If everything checks out on the remote end, we will receive back a packet containing one or more messages,
* which will be processed and delivered before this function ultimately returns.
*
* @see zot_import()
*
* @param array $arr
* decrypted and json decoded notify packet from remote site
* @return array from zot_import()
*/
function zot_fetch($arr)
{
logger('zot_fetch: ' . print_r($arr, true), LOGGER_DATA);
$url = $arr['sender']['url'] . $arr['callback'];
// set $multiple param on zot_gethub() to return all matching hubs
// This allows us to recover from re-installs when a redundant (but invalid) hubloc for
// this identity is widely dispersed throughout the network.
$ret_hubs = zot_gethub($arr['sender'], true);
if (!$ret_hubs) {
logger('zot_fetch: no hub: ' . print_r($arr['sender'], true));
return;
}
foreach ($ret_hubs as $ret_hub) {
$data = array('type' => 'pickup', 'url' => z_root(), 'callback_sig' => base64url_encode(rsa_sign(z_root() . '/post', get_config('system', 'prvkey'))), 'callback' => z_root() . '/post', 'secret' => $arr['secret'], 'secret_sig' => base64url_encode(rsa_sign($arr['secret'], get_config('system', 'prvkey'))));
$datatosend = json_encode(crypto_encapsulate(json_encode($data), $ret_hub['hubloc_sitekey']));
$fetch = zot_zot($url, $datatosend);
$result = zot_import($fetch, $arr['sender']['url']);
if ($result) {
return $result;
}
}
return;
}