-if ($hubMode == 'denied') {
- //TODO: Inspect Location header to retry subscription
- //TODO: remove subscription
- return;
-} else if ($hubMode == 'subscribe') {
- //FIXME
- $pos = array_search($hubTopic, $GLOBALS['phinde']['subscriptions']);
- if ($pos === false) {
- //we do not want to subscribe
- header('HTTP/1.0 404 Not Found');
- echo "We are not interested in this hub.topic\n";
- exit(1);
- }
+//capability key verification so third parties can't forge requests
+// see https://www.w3.org/TR/capability-urls/
+if (!isset($_GET['capkey'])) {
+ err('Parameter missing: capkey', '400 Bad Request');
+}
+if ($sub->sub_capkey !== $_GET['capkey']) {
+ err('Invalid parameter value for capkey', '400 Bad Request');
+}
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+ $queue = new Queue();
+ $queue->addToProcessList($hubTopic, ['index', 'crawl']);
+ $subDb->pinged($sub->sub_id);
+ header('HTTP/1.0 200 OK');
+ echo "URL queued.\n";
+ exit();
+}
+
+if (!isset($_GET['hub_mode'])) {
+ err('Parameter missing: hub.mode', '400 Bad Request');
+}
+$hubMode = $_GET['hub_mode'];
+
+if ($hubMode == 'subscribe') {