4 * Handles PuSH subscription responses
6 header('HTTP/1.0 500 Internal Server Error');
7 require_once 'www-header.php';
9 //PHP converts dots to underscore, so hub.topic becomes hub_topic
10 if (!isset($_GET['hub_topic'])) {
11 err('Parameter missing: hub.topic', '400 Bad Request');
13 if (!isValidUrl($_GET['hub_topic'])) {
15 'Invalid parameter value for hub.topic: Invalid URL',
19 $hubTopic = $_GET['hub_topic'];
21 $subDb = new Subscriptions();
22 $sub = $subDb->get($hubTopic);
24 //we do not have this topic in our database
25 err('We know nothing about this hub.topic', '404 Not Found');
28 //capability key verification so third parties can't forge requests
29 // see https://www.w3.org/TR/capability-urls/
30 if (!isset($_GET['capkey'])) {
31 err('Parameter missing: capkey', '400 Bad Request');
33 if ($sub->sub_capkey !== $_GET['capkey']) {
34 err('Invalid parameter value for capkey', '400 Bad Request');
37 if ($_SERVER['REQUEST_METHOD'] == 'POST') {
39 $queue->addToProcessList($hubTopic, ['index', 'crawl']);
40 $subDb->pinged($sub->sub_id);
41 header('HTTP/1.0 200 OK');
46 if (!isset($_GET['hub_mode'])) {
47 err('Parameter missing: hub.mode', '400 Bad Request');
49 $hubMode = $_GET['hub_mode'];
51 if ($hubMode == 'subscribe') {
52 if (!isset($_GET['hub_challenge'])) {
53 err('Parameter missing: hub.challenge', '400 Bad Request');
55 $hubChallenge = $_GET['hub_challenge'];
57 if (!isset($_GET['hub_lease_seconds'])) {
58 err('Parameter missing: hub.lease_seconds', '400 Bad Request');
60 if (!is_numeric($_GET['hub_lease_seconds'])) {
61 err('Invalid value for hub.lease_seconds', '400 Bad Request');
63 $hubLeaseSeconds = intval($_GET['hub_lease_seconds']);
65 $subDb->subscribed($sub->sub_id, $hubLeaseSeconds);
67 header('HTTP/1.0 200 OK');
68 header('Content-type: text/plain');
72 } else if ($hubMode == 'unsubscribe') {
73 if ($sub->sub_status != 'unsubscribing') {
74 //we do not want to unsubscribe
76 'We do not want to unsubscribe from this hub.topic',
80 if (!isset($_GET['hub_challenge'])) {
81 err('Parameter missing: hub.challenge', '400 Bad Request');
83 $hubChallenge = $_GET['hub_challenge'];
85 $subDb->unsubscribed($sub->sub_id);
87 header('HTTP/1.0 200 OK');
88 header('Content-type: text/plain');
92 } else if ($hubMode == 'denied') {
93 //TODO: Inspect Location header to retry subscription (still valid?)
95 if (isset($_GET['hub_reason'])) {
96 $reason = $_GET['hub_reason'];
98 $subDb->denied($sub->sub_id, $reason);
102 err('Invalid parameter value for hub.mode', '400 Bad Request');
106 function isValidUrl($url)
108 if (filter_var($url, FILTER_VALIDATE_URL) === false) {
111 if (substr($url, 0, 7) == 'http://'
112 || substr($url, 0, 8) == 'https://'
119 function err($msg, $statusline)
121 header('HTTP/1.0 ' . $statusline);