2016-09-25 12:50:08 -04:00
< ? php
/**
* @ file include / api . php
* Friendica implementation of statusnet / twitter API
*
* @ todo Automatically detect if incoming data is HTML or BBCode
*/
2017-01-17 14:21:46 -05:00
2017-04-30 00:07:00 -04:00
use Friendica\App ;
2017-08-26 02:04:21 -04:00
use Friendica\Core\System ;
2017-04-30 00:01:26 -04:00
use Friendica\Core\Config ;
2017-11-07 19:37:53 -05:00
use Friendica\Core\NotificationsManager ;
2017-11-05 07:15:53 -05:00
use Friendica\Core\Worker ;
2017-11-07 22:57:46 -05:00
use Friendica\Database\DBM ;
2017-01-17 14:21:46 -05:00
2017-04-05 16:07:55 -04:00
require_once 'include/HTTPExceptions.php' ;
require_once 'include/bbcode.php' ;
require_once 'include/datetime.php' ;
require_once 'include/conversation.php' ;
require_once 'include/oauth.php' ;
require_once 'include/html2plain.php' ;
require_once 'mod/share.php' ;
require_once 'include/Photo.php' ;
require_once 'mod/item.php' ;
require_once 'include/security.php' ;
require_once 'include/contact_selectors.php' ;
require_once 'include/html2bbcode.php' ;
require_once 'mod/wall_upload.php' ;
require_once 'mod/proxy.php' ;
require_once 'include/message.php' ;
require_once 'include/group.php' ;
require_once 'include/like.php' ;
require_once 'include/plaintext.php' ;
require_once 'include/xml.php' ;
define ( 'API_METHOD_ANY' , '*' );
define ( 'API_METHOD_GET' , 'GET' );
define ( 'API_METHOD_POST' , 'POST,PUT' );
define ( 'API_METHOD_DELETE' , 'POST,DELETE' );
$API = array ();
$called_api = null ;
/// @TODO Fix intending
2016-09-25 12:50:08 -04:00
/**
* @ brief Auth API user
*
* It is not sufficient to use local_user () to check whether someone is allowed to use the API ,
* because this will open CSRF holes ( just embed an image with src = friendicasite . com / api / statuses / update ? status = CSRF
* into a page , and visitors will post something without noticing it ) .
*/
function api_user () {
2017-04-05 16:07:55 -04:00
if ( x ( $_SESSION , 'allow_api' )) {
2016-09-25 12:50:08 -04:00
return local_user ();
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
return false ;
}
/**
* @ brief Get source name from API client
*
* Clients can send 'source' parameter to be show in post metadata
* as " sent via <source> " .
* Some clients doesn ' t send a source param , we support ones we know
* ( only Twidere , atm )
*
* @ return string
* Client source name , default to " api " if unset / unknown
*/
function api_source () {
2017-04-05 16:07:55 -04:00
if ( requestdata ( 'source' )) {
return requestdata ( 'source' );
}
2016-09-25 12:50:08 -04:00
// Support for known clients that doesn't send a source name
2017-04-05 16:07:55 -04:00
if ( strpos ( $_SERVER [ 'HTTP_USER_AGENT' ], " Twidere " ) !== false ) {
return " Twidere " ;
}
2016-09-25 12:50:08 -04:00
logger ( " Unrecognized user-agent " . $_SERVER [ 'HTTP_USER_AGENT' ], LOGGER_DEBUG );
2017-04-05 16:07:55 -04:00
return " api " ;
2016-09-25 12:50:08 -04:00
}
/**
* @ brief Format date for API
*
* @ param string $str Source date , as UTC
* @ return string Date in UTC formatted as " D M d H:i:s +0000 Y "
*/
2017-04-05 16:07:55 -04:00
function api_date ( $str ) {
// Wed May 23 06:01:13 +0000 2007
2016-09-25 12:50:08 -04:00
return datetime_convert ( 'UTC' , 'UTC' , $str , " D M d H:i:s +0000 Y " );
}
/**
* @ brief Register API endpoint
*
* Register a function to be the endpont for defined API path .
*
2017-08-26 03:32:10 -04:00
* @ param string $path API URL path , relative to System :: baseUrl ()
2016-09-25 12:50:08 -04:00
* @ param string $func Function name to call on path request
* @ param bool $auth API need logged user
2017-04-05 16:07:55 -04:00
* @ param string $method HTTP method reqiured to call this endpoint .
*
* One of API_METHOD_ANY , API_METHOD_GET , API_METHOD_POST .
* Default to API_METHOD_ANY
2016-09-25 12:50:08 -04:00
*/
2017-04-05 16:07:55 -04:00
function api_register_func ( $path , $func , $auth = false , $method = API_METHOD_ANY ) {
2016-09-25 12:50:08 -04:00
global $API ;
2017-04-05 16:07:55 -04:00
2016-09-25 12:50:08 -04:00
$API [ $path ] = array (
2017-04-05 16:07:55 -04:00
'func' => $func ,
'auth' => $auth ,
'method' => $method ,
2016-09-25 12:50:08 -04:00
);
// Workaround for hotot
$path = str_replace ( " api/ " , " api/1.1/ " , $path );
2017-04-05 16:07:55 -04:00
2016-09-25 12:50:08 -04:00
$API [ $path ] = array (
2017-04-05 16:07:55 -04:00
'func' => $func ,
'auth' => $auth ,
'method' => $method ,
2016-09-25 12:50:08 -04:00
);
}
/**
* @ brief Login API user
*
* Log in user via OAuth1 or Simple HTTP Auth .
* Simple Auth allow username in form of < pre > user @ server </ pre > , ignoring server part
*
* @ param App $a
* @ hook 'authenticate'
* array $addon_auth
* 'username' => username from login form
* 'password' => password from login form
* 'authenticated' => return status ,
* 'user_record' => return authenticated user record
* @ hook 'logged_in'
* array $user logged user record
*/
2017-04-05 16:07:55 -04:00
function api_login ( App $a ) {
2016-09-25 12:50:08 -04:00
// login with oauth
2017-04-05 16:07:55 -04:00
try {
2016-09-25 12:50:08 -04:00
$oauth = new FKOAuth1 ();
list ( $consumer , $token ) = $oauth -> verify_request ( OAuthRequest :: from_request ());
2017-04-05 16:07:55 -04:00
if ( ! is_null ( $token )) {
2016-09-25 12:50:08 -04:00
$oauth -> loginUser ( $token -> uid );
call_hooks ( 'logged_in' , $a -> user );
return ;
}
2017-04-05 16:07:55 -04:00
echo __FILE__ . __LINE__ . __FUNCTION__ . " <pre> " ;
var_dump ( $consumer , $token );
die ();
} catch ( Exception $e ) {
2016-09-25 12:50:08 -04:00
logger ( $e );
}
// workaround for HTTP-auth in CGI mode
2017-04-05 16:07:55 -04:00
if ( x ( $_SERVER , 'REDIRECT_REMOTE_USER' )) {
$userpass = base64_decode ( substr ( $_SERVER [ " REDIRECT_REMOTE_USER " ], 6 )) ;
2017-04-04 13:46:56 -04:00
if ( strlen ( $userpass )) {
2016-09-25 12:50:08 -04:00
list ( $name , $password ) = explode ( ':' , $userpass );
$_SERVER [ 'PHP_AUTH_USER' ] = $name ;
$_SERVER [ 'PHP_AUTH_PW' ] = $password ;
}
}
2017-04-05 16:17:15 -04:00
if ( ! x ( $_SERVER , 'PHP_AUTH_USER' )) {
2016-09-25 12:50:08 -04:00
logger ( 'API_login: ' . print_r ( $_SERVER , true ), LOGGER_DEBUG );
header ( 'WWW-Authenticate: Basic realm="Friendica"' );
throw new UnauthorizedException ( " This API requires login " );
}
$user = $_SERVER [ 'PHP_AUTH_USER' ];
$password = $_SERVER [ 'PHP_AUTH_PW' ];
2017-04-05 16:07:55 -04:00
$encrypted = hash ( 'whirlpool' , trim ( $password ));
2016-09-25 12:50:08 -04:00
// allow "user@server" login (but ignore 'server' part)
2017-04-05 16:07:55 -04:00
$at = strstr ( $user , " @ " , true );
if ( $at ) {
$user = $at ;
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
// next code from mod/auth.php. needs better solution
2016-09-25 12:50:08 -04:00
$record = null ;
$addon_auth = array (
'username' => trim ( $user ),
'password' => trim ( $password ),
'authenticated' => 0 ,
2017-04-05 16:07:55 -04:00
'user_record' => null ,
2016-09-25 12:50:08 -04:00
);
2017-04-05 16:07:55 -04:00
/*
2016-09-25 12:50:08 -04:00
* A plugin indicates successful login by setting 'authenticated' to non - zero value and returning a user record
* Plugins should never set 'authenticated' except to indicate success - as hooks may be chained
* and later plugins should not interfere with an earlier one that succeeded .
*/
call_hooks ( 'authenticate' , $addon_auth );
2017-04-04 13:46:56 -04:00
if (( $addon_auth [ 'authenticated' ]) && ( count ( $addon_auth [ 'user_record' ]))) {
2016-09-25 12:50:08 -04:00
$record = $addon_auth [ 'user_record' ];
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
// process normal login request
$r = q ( " SELECT * FROM `user` WHERE (`email` = '%s' OR `nickname` = '%s')
AND `password` = '%s' AND NOT `blocked` AND NOT `account_expired` AND NOT `account_removed` AND `verified` LIMIT 1 " ,
dbesc ( trim ( $user )),
dbesc ( trim ( $user )),
dbesc ( $encrypted )
);
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
$record = $r [ 0 ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
}
2017-04-04 13:46:56 -04:00
if (( ! $record ) || ( ! count ( $record ))) {
2017-04-05 16:07:55 -04:00
logger ( 'API_login failure: ' . print_r ( $_SERVER , true ), LOGGER_DEBUG );
2016-09-25 12:50:08 -04:00
header ( 'WWW-Authenticate: Basic realm="Friendica"' );
2017-04-05 16:07:55 -04:00
//header('HTTP/1.0 401 Unauthorized');
//die('This api requires login');
2016-09-25 12:50:08 -04:00
throw new UnauthorizedException ( " This API requires login " );
}
authenticate_success ( $record );
$_SESSION [ " allow_api " ] = true ;
call_hooks ( 'logged_in' , $a -> user );
}
/**
* @ brief Check HTTP method of called API
*
* API endpoints can define which HTTP method to accept when called .
* This function check the current HTTP method agains endpoint
* registered method .
*
* @ param string $method Required methods , uppercase , separated by comma
* @ return bool
*/
function api_check_method ( $method ) {
2017-04-05 16:07:55 -04:00
if ( $method == " * " ) {
return true ;
}
return ( strpos ( $method , $_SERVER [ 'REQUEST_METHOD' ]) !== false );
2016-09-25 12:50:08 -04:00
}
/**
* @ brief Main API entry point
*
* Authenticate user , call registered API function , set HTTP headers
*
* @ param App $a
* @ return string API call result
*/
2017-04-05 16:07:55 -04:00
function api_call ( App $a ) {
2016-12-20 04:58:03 -05:00
global $API , $called_api ;
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$type = " json " ;
if ( strpos ( $a -> query_string , " .xml " ) > 0 ) {
$type = " xml " ;
}
if ( strpos ( $a -> query_string , " .json " ) > 0 ) {
$type = " json " ;
}
if ( strpos ( $a -> query_string , " .rss " ) > 0 ) {
$type = " rss " ;
}
if ( strpos ( $a -> query_string , " .atom " ) > 0 ) {
$type = " atom " ;
}
2016-09-25 12:50:08 -04:00
try {
2017-04-05 16:07:55 -04:00
foreach ( $API as $p => $info ) {
if ( strpos ( $a -> query_string , $p ) === 0 ) {
if ( ! api_check_method ( $info [ 'method' ])) {
2016-09-25 12:50:08 -04:00
throw new MethodNotAllowedException ();
}
2017-04-05 16:07:55 -04:00
$called_api = explode ( " / " , $p );
2016-09-25 12:50:08 -04:00
//unset($_SERVER['PHP_AUTH_USER']);
2017-04-05 16:17:15 -04:00
/// @TODO should be "true ==[=] $info['auth']", if you miss only one = character, you assign a variable (only with ==). Let's make all this even.
2017-04-05 16:07:55 -04:00
if ( $info [ 'auth' ] === true && api_user () === false ) {
api_login ( $a );
2016-09-25 12:50:08 -04:00
}
logger ( 'API call for ' . $a -> user [ 'username' ] . ': ' . $a -> query_string );
2017-04-05 16:07:55 -04:00
logger ( 'API parameters: ' . print_r ( $_REQUEST , true ));
2016-09-25 12:50:08 -04:00
$stamp = microtime ( true );
$r = call_user_func ( $info [ 'func' ], $type );
2017-04-05 16:07:55 -04:00
$duration = ( float ) ( microtime ( true ) - $stamp );
logger ( " API call duration: " . round ( $duration , 2 ) . " \t " . $a -> query_string , LOGGER_DEBUG );
2016-09-25 12:50:08 -04:00
2017-11-06 21:22:52 -05:00
if ( Config :: get ( " system " , " profiler " )) {
2016-11-12 08:17:28 -05:00
$duration = microtime ( true ) - $a -> performance [ " start " ];
2017-04-05 16:07:55 -04:00
/// @TODO round() really everywhere?
logger ( parse_url ( $a -> query_string , PHP_URL_PATH ) . " : " . sprintf ( " Database: %s/%s, Network: %s, I/O: %s, Other: %s, Total: %s " ,
2016-11-04 18:45:20 -04:00
round ( $a -> performance [ " database " ] - $a -> performance [ " database_write " ], 3 ),
round ( $a -> performance [ " database_write " ], 3 ),
round ( $a -> performance [ " network " ], 2 ),
round ( $a -> performance [ " file " ], 2 ),
2016-11-12 08:17:28 -05:00
round ( $duration - ( $a -> performance [ " database " ] + $a -> performance [ " network " ]
+ $a -> performance [ " file " ]), 2 ),
2016-11-04 18:45:20 -04:00
round ( $duration , 2 )),
2017-04-05 16:07:55 -04:00
LOGGER_DEBUG
);
2016-11-04 18:45:20 -04:00
2017-11-06 21:22:52 -05:00
if ( Config :: get ( " rendertime " , " callstack " )) {
2016-11-04 18:45:20 -04:00
$o = " Database Read: \n " ;
foreach ( $a -> callstack [ " database " ] AS $func => $time ) {
$time = round ( $time , 3 );
2017-04-05 16:07:55 -04:00
if ( $time > 0 ) {
$o .= $func . " : " . $time . " \n " ;
}
2016-11-04 18:45:20 -04:00
}
$o .= " \n Database Write: \n " ;
foreach ( $a -> callstack [ " database_write " ] AS $func => $time ) {
$time = round ( $time , 3 );
2017-04-05 16:07:55 -04:00
if ( $time > 0 ) {
$o .= $func . " : " . $time . " \n " ;
}
2016-11-04 18:45:20 -04:00
}
$o .= " \n Network: \n " ;
foreach ( $a -> callstack [ " network " ] AS $func => $time ) {
$time = round ( $time , 3 );
2017-04-05 16:07:55 -04:00
if ( $time > 0 ) {
$o .= $func . " : " . $time . " \n " ;
}
2016-11-04 18:45:20 -04:00
}
logger ( $o , LOGGER_DEBUG );
}
}
2017-04-05 16:07:55 -04:00
if ( false === $r ) {
/*
* api function returned false withour throw an
* exception . This should not happend , throw a 500
*/
2016-09-25 12:50:08 -04:00
throw new InternalServerErrorException ();
}
2017-04-05 16:07:55 -04:00
switch ( $type ) {
2016-09-25 12:50:08 -04:00
case " xml " :
header ( " Content-Type: text/xml " );
return $r ;
break ;
case " json " :
header ( " Content-Type: application/json " );
2017-04-04 13:46:56 -04:00
foreach ( $r as $rr )
2016-09-25 12:50:08 -04:00
$json = json_encode ( $rr );
2017-04-05 16:20:09 -04:00
if ( x ( $_GET , 'callback' )) {
2017-04-05 16:07:55 -04:00
$json = $_GET [ 'callback' ] . " ( " . $json . " ) " ;
}
2016-09-25 12:50:08 -04:00
return $json ;
break ;
case " rss " :
header ( " Content-Type: application/rss+xml " );
2017-04-05 16:07:55 -04:00
return '<?xml version="1.0" encoding="UTF-8"?>' . " \n " . $r ;
2016-09-25 12:50:08 -04:00
break ;
case " atom " :
header ( " Content-Type: application/atom+xml " );
2017-04-05 16:07:55 -04:00
return '<?xml version="1.0" encoding="UTF-8"?>' . " \n " . $r ;
2016-09-25 12:50:08 -04:00
break ;
}
}
}
2017-04-05 16:07:55 -04:00
logger ( 'API call not implemented: ' . $a -> query_string );
2016-09-25 12:50:08 -04:00
throw new NotImplementedException ();
} catch ( HTTPException $e ) {
header ( " HTTP/1.1 { $e -> httpcode } { $e -> httpdesc } " );
return api_error ( $type , $e );
}
}
/**
* @ brief Format API error string
*
* @ param string $type Return type ( xml , json , rss , as )
* @ param HTTPException $error Error object
* @ return strin error message formatted as $type
*/
function api_error ( $type , $e ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
$error = ( $e -> getMessage () !== " " ? $e -> getMessage () : $e -> httpdesc );
/// @TODO: https://dev.twitter.com/overview/api/response-codes
2016-09-25 12:50:08 -04:00
$error = array ( " error " => $error ,
2017-04-05 16:07:55 -04:00
" code " => $e -> httpcode . " " . $e -> httpdesc ,
2016-09-25 12:50:08 -04:00
" request " => $a -> query_string );
$ret = api_format_data ( 'status' , $type , array ( 'status' => $error ));
2017-04-05 16:07:55 -04:00
switch ( $type ) {
2016-09-25 12:50:08 -04:00
case " xml " :
header ( " Content-Type: text/xml " );
return $ret ;
break ;
case " json " :
header ( " Content-Type: application/json " );
return json_encode ( $ret );
break ;
case " rss " :
header ( " Content-Type: application/rss+xml " );
return $ret ;
break ;
case " atom " :
header ( " Content-Type: application/atom+xml " );
return $ret ;
break ;
}
}
/**
* @ brief Set values for RSS template
*
* @ param App $a
* @ param array $arr Array to be passed to template
* @ param array $user_info
* @ return array
2017-04-05 16:07:55 -04:00
* @ todo find proper type - hints
2016-09-25 12:50:08 -04:00
*/
2017-04-05 16:07:55 -04:00
function api_rss_extra ( App $a , $arr , $user_info ) {
if ( is_null ( $user_info )) {
$user_info = api_get_user ( $a );
}
2016-09-25 12:50:08 -04:00
$arr [ '$user' ] = $user_info ;
$arr [ '$rss' ] = array (
2016-12-15 03:22:38 -05:00
'alternate' => $user_info [ 'url' ],
2017-08-26 03:32:10 -04:00
'self' => System :: baseUrl () . " / " . $a -> query_string ,
'base' => System :: baseUrl (),
2016-12-15 03:22:38 -05:00
'updated' => api_date ( null ),
2017-04-05 16:07:55 -04:00
'atom_updated' => datetime_convert ( 'UTC' , 'UTC' , 'now' , ATOM_TIME ),
2016-12-15 03:22:38 -05:00
'language' => $user_info [ 'language' ],
2017-08-26 03:32:10 -04:00
'logo' => System :: baseUrl () . " /images/friendica-32.png " ,
2016-09-25 12:50:08 -04:00
);
return $arr ;
}
/**
* @ brief Unique contact to contact url .
*
* @ param int $id Contact id
* @ return bool | string
* Contact url or False if contact id is unknown
*/
2017-04-05 16:07:55 -04:00
function api_unique_id_to_url ( $id ) {
2017-05-15 16:11:33 -04:00
$r = dba :: select ( 'contact' , array ( 'url' ), array ( 'uid' => 0 , 'id' => $id ), array ( 'limit' => 1 ));
2017-04-05 16:07:55 -04:00
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2017-05-15 16:11:33 -04:00
return $r [ " url " ];
} else {
return false ;
}
2016-09-25 12:50:08 -04:00
}
/**
* @ brief Get user info array .
*
* @ param Api $a
* @ param int | string $contact_id Contact ID or URL
* @ param string $type Return type ( for errors )
*/
2017-04-05 16:07:55 -04:00
function api_get_user ( App $a , $contact_id = null , $type = " json " ) {
2016-09-25 12:50:08 -04:00
global $called_api ;
2017-04-05 16:07:55 -04:00
2016-09-25 12:50:08 -04:00
$user = null ;
$extra_query = " " ;
$url = " " ;
$nick = " " ;
logger ( " api_get_user: Fetching user data for user " . $contact_id , LOGGER_DEBUG );
// Searching for contact URL
2017-06-07 22:00:59 -04:00
if ( ! is_null ( $contact_id ) && ( intval ( $contact_id ) == 0 )) {
2016-09-25 12:50:08 -04:00
$user = dbesc ( normalise_link ( $contact_id ));
$url = $user ;
$extra_query = " AND `contact`.`nurl` = '%s' " ;
2017-04-05 16:07:55 -04:00
if ( api_user () !== false ) {
$extra_query .= " AND `contact`.`uid`= " . intval ( api_user ());
}
2016-09-25 12:50:08 -04:00
}
2016-11-04 18:45:20 -04:00
// Searching for contact id with uid = 0
2017-06-07 22:00:59 -04:00
if ( ! is_null ( $contact_id ) && ( intval ( $contact_id ) != 0 )) {
2016-09-25 12:50:08 -04:00
$user = dbesc ( api_unique_id_to_url ( $contact_id ));
2017-04-05 16:07:55 -04:00
if ( $user == " " ) {
2016-09-25 12:50:08 -04:00
throw new BadRequestException ( " User not found. " );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$url = $user ;
$extra_query = " AND `contact`.`nurl` = '%s' " ;
2017-04-05 16:07:55 -04:00
if ( api_user () !== false ) {
$extra_query .= " AND `contact`.`uid`= " . intval ( api_user ());
}
2016-09-25 12:50:08 -04:00
}
2017-04-04 13:46:56 -04:00
if ( is_null ( $user ) && x ( $_GET , 'user_id' )) {
2016-09-25 12:50:08 -04:00
$user = dbesc ( api_unique_id_to_url ( $_GET [ 'user_id' ]));
2017-04-05 16:07:55 -04:00
if ( $user == " " ) {
2016-09-25 12:50:08 -04:00
throw new BadRequestException ( " User not found. " );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$url = $user ;
$extra_query = " AND `contact`.`nurl` = '%s' " ;
2017-04-05 16:07:55 -04:00
if ( api_user () !== false ) {
$extra_query .= " AND `contact`.`uid`= " . intval ( api_user ());
}
2016-09-25 12:50:08 -04:00
}
2017-04-04 13:46:56 -04:00
if ( is_null ( $user ) && x ( $_GET , 'screen_name' )) {
2016-09-25 12:50:08 -04:00
$user = dbesc ( $_GET [ 'screen_name' ]);
$nick = $user ;
$extra_query = " AND `contact`.`nick` = '%s' " ;
2017-04-05 16:07:55 -04:00
if ( api_user () !== false ) {
$extra_query .= " AND `contact`.`uid`= " . intval ( api_user ());
}
2016-09-25 12:50:08 -04:00
}
2017-05-05 16:36:56 -04:00
if ( is_null ( $user ) && x ( $_GET , 'profileurl' )) {
$user = dbesc ( normalise_link ( $_GET [ 'profileurl' ]));
$nick = $user ;
$extra_query = " AND `contact`.`nurl` = '%s' " ;
if ( api_user () !== false ) {
$extra_query .= " AND `contact`.`uid`= " . intval ( api_user ());
}
}
2017-06-07 22:00:59 -04:00
if ( is_null ( $user ) && ( $a -> argc > ( count ( $called_api ) - 1 )) && ( count ( $called_api ) > 0 )) {
2016-09-25 12:50:08 -04:00
$argid = count ( $called_api );
2017-04-05 16:07:55 -04:00
list ( $user , $null ) = explode ( " . " , $a -> argv [ $argid ]);
if ( is_numeric ( $user )) {
2016-09-25 12:50:08 -04:00
$user = dbesc ( api_unique_id_to_url ( $user ));
2017-04-05 16:07:55 -04:00
if ( $user == " " ) {
2016-09-25 12:50:08 -04:00
return false ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$url = $user ;
$extra_query = " AND `contact`.`nurl` = '%s' " ;
2017-04-05 16:07:55 -04:00
if ( api_user () !== false ) {
$extra_query .= " AND `contact`.`uid`= " . intval ( api_user ());
}
2016-09-25 12:50:08 -04:00
} else {
$user = dbesc ( $user );
$nick = $user ;
$extra_query = " AND `contact`.`nick` = '%s' " ;
2017-04-05 16:07:55 -04:00
if ( api_user () !== false ) {
$extra_query .= " AND `contact`.`uid`= " . intval ( api_user ());
}
2016-09-25 12:50:08 -04:00
}
}
logger ( " api_get_user: user " . $user , LOGGER_DEBUG );
if ( ! $user ) {
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
2016-09-25 12:50:08 -04:00
api_login ( $a );
2017-04-05 16:07:55 -04:00
return false ;
2016-09-25 12:50:08 -04:00
} else {
$user = $_SESSION [ 'uid' ];
$extra_query = " AND `contact`.`uid` = %d AND `contact`.`self` " ;
}
}
logger ( 'api_user: ' . $extra_query . ', user: ' . $user );
2017-04-05 16:07:55 -04:00
2016-09-25 12:50:08 -04:00
// user info
2017-04-05 16:07:55 -04:00
$uinfo = q ( " SELECT *, `contact`.`id` AS `cid` FROM `contact`
2016-09-25 12:50:08 -04:00
WHERE 1
$extra_query " ,
$user
);
// Selecting the id by priority, friendica first
api_best_nickname ( $uinfo );
2016-11-04 18:45:20 -04:00
// if the contact wasn't found, fetch it from the contacts with uid = 0
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $uinfo )) {
2016-09-25 12:50:08 -04:00
$r = array ();
2017-04-05 16:07:55 -04:00
if ( $url != " " ) {
2016-11-04 18:45:20 -04:00
$r = q ( " SELECT * FROM `contact` WHERE `uid` = 0 AND `nurl` = '%s' LIMIT 1 " , dbesc ( normalise_link ( $url )));
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-11-04 18:45:20 -04:00
$network_name = network_to_name ( $r [ 0 ][ 'network' ], $r [ 0 ][ 'url' ]);
2016-09-25 12:50:08 -04:00
// If no nick where given, extract it from the address
2017-06-07 22:00:59 -04:00
if (( $r [ 0 ][ 'nick' ] == " " ) || ( $r [ 0 ][ 'name' ] == $r [ 0 ][ 'nick' ])) {
2016-09-25 12:50:08 -04:00
$r [ 0 ][ 'nick' ] = api_get_nick ( $r [ 0 ][ " url " ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$ret = array (
'id' => $r [ 0 ][ " id " ],
'id_str' => ( string ) $r [ 0 ][ " id " ],
'name' => $r [ 0 ][ " name " ],
'screen_name' => (( $r [ 0 ][ 'nick' ]) ? $r [ 0 ][ 'nick' ] : $r [ 0 ][ 'name' ]),
2016-11-04 18:45:20 -04:00
'location' => ( $r [ 0 ][ " location " ] != " " ) ? $r [ 0 ][ " location " ] : $network_name ,
2016-09-25 12:50:08 -04:00
'description' => $r [ 0 ][ " about " ],
2016-11-04 18:56:50 -04:00
'profile_image_url' => $r [ 0 ][ " micro " ],
'profile_image_url_https' => $r [ 0 ][ " micro " ],
2016-09-25 12:50:08 -04:00
'url' => $r [ 0 ][ " url " ],
'protected' => false ,
'followers_count' => 0 ,
'friends_count' => 0 ,
'listed_count' => 0 ,
'created_at' => api_date ( $r [ 0 ][ " created " ]),
'favourites_count' => 0 ,
'utc_offset' => 0 ,
'time_zone' => 'UTC' ,
'geo_enabled' => false ,
'verified' => false ,
'statuses_count' => 0 ,
'lang' => '' ,
'contributors_enabled' => false ,
'is_translator' => false ,
'is_translation_enabled' => false ,
'following' => false ,
'follow_request_sent' => false ,
'statusnet_blocking' => false ,
'notifications' => false ,
'statusnet_profile_url' => $r [ 0 ][ " url " ],
'uid' => 0 ,
2016-11-04 18:45:20 -04:00
'cid' => get_contact ( $r [ 0 ][ " url " ], api_user (), true ),
2016-09-25 12:50:08 -04:00
'self' => 0 ,
'network' => $r [ 0 ][ " network " ],
);
return $ret ;
} else {
throw new BadRequestException ( " User not found. " );
}
}
2017-04-04 13:46:56 -04:00
if ( $uinfo [ 0 ][ 'self' ]) {
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( $uinfo [ 0 ][ 'network' ] == " " ) {
2016-09-25 12:50:08 -04:00
$uinfo [ 0 ][ 'network' ] = NETWORK_DFRN ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$usr = q ( " SELECT * FROM `user` WHERE `uid` = %d LIMIT 1 " ,
2016-09-25 12:50:08 -04:00
intval ( api_user ())
);
2017-04-05 16:07:55 -04:00
$profile = q ( " SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1 " ,
2016-09-25 12:50:08 -04:00
intval ( api_user ())
);
2017-04-05 16:07:55 -04:00
/// @TODO old-lost code? (twice)
2016-11-04 18:45:20 -04:00
// Counting is deactivated by now, due to performance issues
2016-09-25 12:50:08 -04:00
// count public wall messages
2016-11-04 18:45:20 -04:00
//$r = q("SELECT COUNT(*) as `count` FROM `item` WHERE `uid` = %d AND `wall`",
// intval($uinfo[0]['uid'])
//);
//$countitms = $r[0]['count'];
$countitms = 0 ;
} else {
// Counting is deactivated by now, due to performance issues
//$r = q("SELECT count(*) as `count` FROM `item`
// WHERE `contact-id` = %d",
// intval($uinfo[0]['id'])
//);
//$countitms = $r[0]['count'];
$countitms = 0 ;
}
2017-04-05 16:07:55 -04:00
/// @TODO old-lost code? (twice)
2016-11-04 18:45:20 -04:00
/*
// Counting is deactivated by now, due to performance issues
2016-09-25 12:50:08 -04:00
// count friends
$r = q ( " SELECT count(*) as `count` FROM `contact`
WHERE `uid` = % d AND `rel` IN ( % d , % d )
2017-02-09 21:51:01 -05:00
AND `self` = 0 AND NOT `blocked` AND NOT `pending` AND `hidden` = 0 " ,
2016-09-25 12:50:08 -04:00
intval ( $uinfo [ 0 ][ 'uid' ]),
intval ( CONTACT_IS_SHARING ),
intval ( CONTACT_IS_FRIEND )
);
$countfriends = $r [ 0 ][ 'count' ];
$r = q ( " SELECT count(*) as `count` FROM `contact`
WHERE `uid` = % d AND `rel` IN ( % d , % d )
2017-02-09 21:51:01 -05:00
AND `self` = 0 AND NOT `blocked` AND NOT `pending` AND `hidden` = 0 " ,
2016-09-25 12:50:08 -04:00
intval ( $uinfo [ 0 ][ 'uid' ]),
intval ( CONTACT_IS_FOLLOWER ),
intval ( CONTACT_IS_FRIEND )
);
$countfollowers = $r [ 0 ][ 'count' ];
$r = q ( " SELECT count(*) as `count` FROM item where starred = 1 and uid = %d and deleted = 0 " ,
intval ( $uinfo [ 0 ][ 'uid' ])
);
$starred = $r [ 0 ][ 'count' ];
2017-04-04 13:46:56 -04:00
if ( ! $uinfo [ 0 ][ 'self' ]) {
2016-09-25 12:50:08 -04:00
$countfriends = 0 ;
$countfollowers = 0 ;
$starred = 0 ;
}
2016-11-04 18:45:20 -04:00
*/
$countfriends = 0 ;
$countfollowers = 0 ;
$starred = 0 ;
2016-09-25 12:50:08 -04:00
// Add a nick if it isn't present there
2017-06-07 22:00:59 -04:00
if (( $uinfo [ 0 ][ 'nick' ] == " " ) || ( $uinfo [ 0 ][ 'name' ] == $uinfo [ 0 ][ 'nick' ])) {
2016-09-25 12:50:08 -04:00
$uinfo [ 0 ][ 'nick' ] = api_get_nick ( $uinfo [ 0 ][ " url " ]);
}
$network_name = network_to_name ( $uinfo [ 0 ][ 'network' ], $uinfo [ 0 ][ 'url' ]);
2016-11-04 18:45:20 -04:00
$pcontact_id = get_contact ( $uinfo [ 0 ][ 'url' ], 0 , true );
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$ret = array (
2016-11-04 18:45:20 -04:00
'id' => intval ( $pcontact_id ),
'id_str' => ( string ) intval ( $pcontact_id ),
2016-09-25 12:50:08 -04:00
'name' => (( $uinfo [ 0 ][ 'name' ]) ? $uinfo [ 0 ][ 'name' ] : $uinfo [ 0 ][ 'nick' ]),
'screen_name' => (( $uinfo [ 0 ][ 'nick' ]) ? $uinfo [ 0 ][ 'nick' ] : $uinfo [ 0 ][ 'name' ]),
'location' => ( $usr ) ? $usr [ 0 ][ 'default-location' ] : $network_name ,
'description' => (( $profile ) ? $profile [ 0 ][ 'pdesc' ] : NULL ),
'profile_image_url' => $uinfo [ 0 ][ 'micro' ],
'profile_image_url_https' => $uinfo [ 0 ][ 'micro' ],
'url' => $uinfo [ 0 ][ 'url' ],
'protected' => false ,
'followers_count' => intval ( $countfollowers ),
'friends_count' => intval ( $countfriends ),
2016-11-04 18:45:20 -04:00
'listed_count' => 0 ,
2016-09-25 12:50:08 -04:00
'created_at' => api_date ( $uinfo [ 0 ][ 'created' ]),
'favourites_count' => intval ( $starred ),
'utc_offset' => " 0 " ,
'time_zone' => 'UTC' ,
2016-11-04 18:45:20 -04:00
'geo_enabled' => false ,
'verified' => true ,
2016-09-25 12:50:08 -04:00
'statuses_count' => intval ( $countitms ),
2016-11-04 18:45:20 -04:00
'lang' => '' ,
'contributors_enabled' => false ,
'is_translator' => false ,
'is_translation_enabled' => false ,
2017-06-07 22:00:59 -04:00
'following' => (( $uinfo [ 0 ][ 'rel' ] == CONTACT_IS_FOLLOWER ) || ( $uinfo [ 0 ][ 'rel' ] == CONTACT_IS_FRIEND )),
2016-11-04 18:45:20 -04:00
'follow_request_sent' => false ,
2016-09-25 12:50:08 -04:00
'statusnet_blocking' => false ,
'notifications' => false ,
2017-04-05 16:07:55 -04:00
/// @TODO old way?
2017-08-26 03:32:10 -04:00
//'statusnet_profile_url' => System::baseUrl()."/contacts/".$uinfo[0]['cid'],
2016-09-25 12:50:08 -04:00
'statusnet_profile_url' => $uinfo [ 0 ][ 'url' ],
'uid' => intval ( $uinfo [ 0 ][ 'uid' ]),
'cid' => intval ( $uinfo [ 0 ][ 'cid' ]),
'self' => $uinfo [ 0 ][ 'self' ],
'network' => $uinfo [ 0 ][ 'network' ],
);
return $ret ;
}
/**
* @ brief return api - formatted array for item ' s author and owner
*
* @ param App $a
* @ param array $item : item from db
* @ return array ( array : author , array : owner )
*/
2017-01-09 07:09:01 -05:00
function api_item_get_user ( App $a , $item ) {
2016-09-25 12:50:08 -04:00
2016-11-04 18:45:20 -04:00
$status_user = api_get_user ( $a , $item [ " author-link " ]);
2016-09-25 12:50:08 -04:00
2017-06-07 22:00:59 -04:00
$status_user [ " protected " ] = (( $item [ " allow_cid " ] != " " ) ||
( $item [ " allow_gid " ] != " " ) ||
( $item [ " deny_cid " ] != " " ) ||
( $item [ " deny_gid " ] != " " ) ||
2016-09-25 12:50:08 -04:00
$item [ " private " ]);
2017-04-17 10:38:13 -04:00
if ( $item [ 'thr-parent' ] == $item [ 'uri' ]) {
$owner_user = api_get_user ( $a , $item [ " owner-link " ]);
} else {
$owner_user = $status_user ;
}
2016-09-25 12:50:08 -04:00
return ( array ( $status_user , $owner_user ));
}
/**
* @ brief walks recursively through an array with the possibility to change value and key
*
* @ param array $array The array to walk through
* @ param string $callback The callback function
*
* @ return array the transformed array
*/
function api_walk_recursive ( array & $array , callable $callback ) {
$new_array = array ();
foreach ( $array as $k => $v ) {
if ( is_array ( $v )) {
2017-04-05 16:07:55 -04:00
if ( $callback ( $v , $k )) {
2016-09-25 12:50:08 -04:00
$new_array [ $k ] = api_walk_recursive ( $v , $callback );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
} else {
2017-04-05 16:07:55 -04:00
if ( $callback ( $v , $k )) {
2016-09-25 12:50:08 -04:00
$new_array [ $k ] = $v ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
}
}
$array = $new_array ;
return $array ;
}
/**
* @ brief Callback function to transform the array in an array that can be transformed in a XML file
*
* @ param variant $item Array item value
* @ param string $key Array key
*
* @ return boolean Should the array item be deleted ?
*/
function api_reformat_xml ( & $item , & $key ) {
2017-04-05 16:07:55 -04:00
if ( is_bool ( $item )) {
2016-09-25 12:50:08 -04:00
$item = ( $item ? " true " : " false " );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( substr ( $key , 0 , 10 ) == " statusnet_ " ) {
2016-09-25 12:50:08 -04:00
$key = " statusnet: " . substr ( $key , 10 );
2017-04-05 16:07:55 -04:00
} elseif ( substr ( $key , 0 , 10 ) == " friendica_ " ) {
2016-09-25 12:50:08 -04:00
$key = " friendica: " . substr ( $key , 10 );
2017-04-05 16:07:55 -04:00
}
/// @TODO old-lost code?
2016-09-25 12:50:08 -04:00
//else
// $key = "default:".$key;
return true ;
}
/**
* @ brief Creates the XML from a JSON style array
*
* @ param array $data JSON style array
* @ param string $root_element Name of the root element
*
* @ return string The XML data
*/
function api_create_xml ( $data , $root_element ) {
$childname = key ( $data );
$data2 = array_pop ( $data );
$key = key ( $data2 );
$namespaces = array ( " " => " http://api.twitter.com " ,
" statusnet " => " http://status.net/schema/api/1/ " ,
" friendica " => " http://friendi.ca/schema/api/1/ " ,
" georss " => " http://www.georss.org/georss " );
/// @todo Auto detection of needed namespaces
2017-04-05 16:07:55 -04:00
if ( in_array ( $root_element , array ( " ok " , " hash " , " config " , " version " , " ids " , " notes " , " photos " ))) {
2016-09-25 12:50:08 -04:00
$namespaces = array ();
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( is_array ( $data2 )) {
2016-09-25 12:50:08 -04:00
api_walk_recursive ( $data2 , " api_reformat_xml " );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
if ( $key == " 0 " ) {
$data4 = array ();
$i = 1 ;
2017-04-05 16:07:55 -04:00
foreach ( $data2 AS $item ) {
2016-09-25 12:50:08 -04:00
$data4 [ $i ++. " : " . $childname ] = $item ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$data2 = $data4 ;
}
$data3 = array ( $root_element => $data2 );
$ret = xml :: from_array ( $data3 , $xml , false , $namespaces );
return $ret ;
}
/**
* @ brief Formats the data according to the data type
*
* @ param string $root_element Name of the root element
* @ param string $type Return type ( atom , rss , xml , json )
* @ param array $data JSON style array
*
* @ return ( string | object ) XML data or JSON data
*/
2017-04-05 16:07:55 -04:00
function api_format_data ( $root_element , $type , $data ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
switch ( $type ) {
2016-09-25 12:50:08 -04:00
case " atom " :
case " rss " :
case " xml " :
$ret = api_create_xml ( $data , $root_element );
break ;
case " json " :
$ret = $data ;
break ;
}
return $ret ;
}
/**
** TWITTER API
*/
/**
* Returns an HTTP 200 OK response code and a representation of the requesting user if authentication was successful ;
* returns a 401 status code and an error message if not .
* http :// developer . twitter . com / doc / get / account / verify_credentials
*/
2017-04-05 16:07:55 -04:00
function api_account_verify_credentials ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
unset ( $_REQUEST [ " user_id " ]);
unset ( $_GET [ " user_id " ]);
unset ( $_REQUEST [ " screen_name " ]);
unset ( $_GET [ " screen_name " ]);
2017-04-05 16:07:55 -04:00
$skip_status = ( x ( $_REQUEST , 'skip_status' ) ? $_REQUEST [ 'skip_status' ] : false );
2016-09-25 12:50:08 -04:00
$user_info = api_get_user ( $a );
// "verified" isn't used here in the standard
unset ( $user_info [ " verified " ]);
// - Adding last status
if ( ! $skip_status ) {
$user_info [ " status " ] = api_status_show ( " raw " );
2017-04-05 16:07:55 -04:00
if ( ! count ( $user_info [ " status " ])) {
2016-09-25 12:50:08 -04:00
unset ( $user_info [ " status " ]);
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
unset ( $user_info [ " status " ][ " user " ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
}
// "uid" and "self" are only needed for some internal stuff, so remove it from here
unset ( $user_info [ " uid " ]);
unset ( $user_info [ " self " ]);
return api_format_data ( " user " , $type , array ( 'user' => $user_info ));
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
api_register_func ( 'api/account/verify_credentials' , 'api_account_verify_credentials' , true );
2016-09-25 12:50:08 -04:00
/**
* get data from $_POST or $_GET
*/
2017-04-05 16:07:55 -04:00
function requestdata ( $k ) {
2017-04-05 16:17:15 -04:00
if ( x ( $_POST , $k )) {
2016-09-25 12:50:08 -04:00
return $_POST [ $k ];
}
2017-04-05 16:17:15 -04:00
if ( x ( $_GET , $k )) {
2016-09-25 12:50:08 -04:00
return $_GET [ $k ];
}
return null ;
}
/*Waitman Gobble Mod*/
function api_statuses_mediap ( $type ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
2016-09-25 12:50:08 -04:00
logger ( 'api_statuses_update: no user' );
throw new ForbiddenException ();
}
$user_info = api_get_user ( $a );
$_REQUEST [ 'type' ] = 'wall' ;
$_REQUEST [ 'profile_uid' ] = api_user ();
$_REQUEST [ 'api_source' ] = true ;
$txt = requestdata ( 'status' );
2017-04-05 16:07:55 -04:00
/// @TODO old-lost code?
2016-09-25 12:50:08 -04:00
//$txt = urldecode(requestdata('status'));
2017-04-04 13:46:56 -04:00
if (( strpos ( $txt , '<' ) !== false ) || ( strpos ( $txt , '>' ) !== false )) {
2016-09-25 12:50:08 -04:00
$txt = html2bb_video ( $txt );
$config = HTMLPurifier_Config :: createDefault ();
$config -> set ( 'Cache.DefinitionImpl' , null );
$purifier = new HTMLPurifier ( $config );
$txt = $purifier -> purify ( $txt );
}
$txt = html2bbcode ( $txt );
$a -> argv [ 1 ] = $user_info [ 'screen_name' ]; //should be set to username?
2017-04-05 16:07:55 -04:00
// tell wall_upload function to return img info instead of echo
$_REQUEST [ 'hush' ] = 'yeah' ;
2016-09-25 12:50:08 -04:00
$bebop = wall_upload_post ( $a );
2017-04-05 16:07:55 -04:00
// now that we have the img url in bbcode we can add it to the status and insert the wall item.
$_REQUEST [ 'body' ] = $txt . " \n \n " . $bebop ;
2016-09-25 12:50:08 -04:00
item_post ( $a );
// this should output the last post (the one we just posted).
return api_status_show ( $type );
}
2017-04-05 16:07:55 -04:00
/// @TODO move this to top of file or somewhere better!
api_register_func ( 'api/statuses/mediap' , 'api_statuses_mediap' , true , API_METHOD_POST );
2016-09-25 12:50:08 -04:00
function api_statuses_update ( $type ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
2016-09-25 12:50:08 -04:00
logger ( 'api_statuses_update: no user' );
throw new ForbiddenException ();
}
$user_info = api_get_user ( $a );
// convert $_POST array items to the form we use for web posts.
// logger('api_post: ' . print_r($_POST,true));
2017-04-04 13:46:56 -04:00
if ( requestdata ( 'htmlstatus' )) {
2016-09-25 12:50:08 -04:00
$txt = requestdata ( 'htmlstatus' );
2017-04-05 16:07:55 -04:00
if (( strpos ( $txt , '<' ) !== false ) || ( strpos ( $txt , '>' ) !== false )) {
2016-09-25 12:50:08 -04:00
$txt = html2bb_video ( $txt );
$config = HTMLPurifier_Config :: createDefault ();
$config -> set ( 'Cache.DefinitionImpl' , null );
$purifier = new HTMLPurifier ( $config );
$txt = $purifier -> purify ( $txt );
$_REQUEST [ 'body' ] = html2bbcode ( $txt );
}
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$_REQUEST [ 'body' ] = requestdata ( 'status' );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$_REQUEST [ 'title' ] = requestdata ( 'title' );
$parent = requestdata ( 'in_reply_to_status_id' );
// Twidere sends "-1" if it is no reply ...
2017-04-05 16:07:55 -04:00
if ( $parent == - 1 ) {
2016-09-25 12:50:08 -04:00
$parent = " " ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( ctype_digit ( $parent )) {
2016-09-25 12:50:08 -04:00
$_REQUEST [ 'parent' ] = $parent ;
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$_REQUEST [ 'parent_uri' ] = $parent ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( requestdata ( 'lat' ) && requestdata ( 'long' )) {
$_REQUEST [ 'coord' ] = sprintf ( " %s %s " , requestdata ( 'lat' ), requestdata ( 'long' ));
}
2016-09-25 12:50:08 -04:00
$_REQUEST [ 'profile_uid' ] = api_user ();
2017-04-05 16:07:55 -04:00
if ( $parent ) {
2016-09-25 12:50:08 -04:00
$_REQUEST [ 'type' ] = 'net-comment' ;
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
// Check for throttling (maximum posts per day, week and month)
2017-11-06 21:22:52 -05:00
$throttle_day = Config :: get ( 'system' , 'throttle_limit_day' );
2016-09-25 12:50:08 -04:00
if ( $throttle_day > 0 ) {
$datefrom = date ( " Y-m-d H:i:s " , time () - 24 * 60 * 60 );
$r = q ( " SELECT COUNT(*) AS `posts_day` FROM `item` WHERE `uid`=%d AND `wall`
AND `created` > '%s' AND `id` = `parent` " ,
intval ( api_user ()), dbesc ( $datefrom ));
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
$posts_day = $r [ 0 ][ " posts_day " ];
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$posts_day = 0 ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
if ( $posts_day > $throttle_day ) {
logger ( 'Daily posting limit reached for user ' . api_user (), LOGGER_DEBUG );
2017-04-05 16:07:55 -04:00
// die(api_error($type, sprintf(t("Daily posting limit of %d posts reached. The post was rejected."), $throttle_day)));
2016-09-25 12:50:08 -04:00
throw new TooManyRequestsException ( sprintf ( t ( " Daily posting limit of %d posts reached. The post was rejected. " ), $throttle_day ));
}
}
2017-11-06 21:22:52 -05:00
$throttle_week = Config :: get ( 'system' , 'throttle_limit_week' );
2016-09-25 12:50:08 -04:00
if ( $throttle_week > 0 ) {
$datefrom = date ( " Y-m-d H:i:s " , time () - 24 * 60 * 60 * 7 );
$r = q ( " SELECT COUNT(*) AS `posts_week` FROM `item` WHERE `uid`=%d AND `wall`
AND `created` > '%s' AND `id` = `parent` " ,
intval ( api_user ()), dbesc ( $datefrom ));
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
$posts_week = $r [ 0 ][ " posts_week " ];
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$posts_week = 0 ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
if ( $posts_week > $throttle_week ) {
logger ( 'Weekly posting limit reached for user ' . api_user (), LOGGER_DEBUG );
2017-04-05 16:07:55 -04:00
// die(api_error($type, sprintf(t("Weekly posting limit of %d posts reached. The post was rejected."), $throttle_week)));
2016-09-25 12:50:08 -04:00
throw new TooManyRequestsException ( sprintf ( t ( " Weekly posting limit of %d posts reached. The post was rejected. " ), $throttle_week ));
}
}
2017-11-06 21:22:52 -05:00
$throttle_month = Config :: get ( 'system' , 'throttle_limit_month' );
2016-09-25 12:50:08 -04:00
if ( $throttle_month > 0 ) {
$datefrom = date ( " Y-m-d H:i:s " , time () - 24 * 60 * 60 * 30 );
$r = q ( " SELECT COUNT(*) AS `posts_month` FROM `item` WHERE `uid`=%d AND `wall`
AND `created` > '%s' AND `id` = `parent` " ,
intval ( api_user ()), dbesc ( $datefrom ));
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
$posts_month = $r [ 0 ][ " posts_month " ];
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$posts_month = 0 ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
if ( $posts_month > $throttle_month ) {
logger ( 'Monthly posting limit reached for user ' . api_user (), LOGGER_DEBUG );
2017-04-05 16:07:55 -04:00
// die(api_error($type, sprintf(t("Monthly posting limit of %d posts reached. The post was rejected."), $throttle_month)));
2016-09-25 12:50:08 -04:00
throw new TooManyRequestsException ( sprintf ( t ( " Monthly posting limit of %d posts reached. The post was rejected. " ), $throttle_month ));
}
}
$_REQUEST [ 'type' ] = 'wall' ;
}
2017-04-05 16:07:55 -04:00
if ( x ( $_FILES , 'media' )) {
2016-09-25 12:50:08 -04:00
// upload the image if we have one
2017-04-05 16:07:55 -04:00
$_REQUEST [ 'hush' ] = 'yeah' ; //tell wall_upload function to return img info instead of echo
2016-09-25 12:50:08 -04:00
$media = wall_upload_post ( $a );
2017-04-05 16:07:55 -04:00
if ( strlen ( $media ) > 0 ) {
$_REQUEST [ 'body' ] .= " \n \n " . $media ;
}
2016-09-25 12:50:08 -04:00
}
// To-Do: Multiple IDs
if ( requestdata ( 'media_ids' )) {
$r = q ( " SELECT `resource-id`, `scale`, `nickname`, `type` FROM `photo` INNER JOIN `user` ON `user`.`uid` = `photo`.`uid` WHERE `resource-id` IN (SELECT `resource-id` FROM `photo` WHERE `id` = %d) AND `scale` > 0 AND `photo`.`uid` = %d ORDER BY `photo`.`width` DESC LIMIT 1 " ,
intval ( requestdata ( 'media_ids' )), api_user ());
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
$phototypes = Photo :: supportedTypes ();
$ext = $phototypes [ $r [ 0 ][ 'type' ]];
2017-08-26 03:32:10 -04:00
$_REQUEST [ 'body' ] .= " \n \n " . '[url=' . System :: baseUrl () . '/photos/' . $r [ 0 ][ 'nickname' ] . '/image/' . $r [ 0 ][ 'resource-id' ] . ']' ;
$_REQUEST [ 'body' ] .= '[img]' . System :: baseUrl () . '/photo/' . $r [ 0 ][ 'resource-id' ] . '-' . $r [ 0 ][ 'scale' ] . '.' . $ext . '[/img][/url]' ;
2016-09-25 12:50:08 -04:00
}
}
// set this so that the item_post() function is quiet and doesn't redirect or emit json
$_REQUEST [ 'api_source' ] = true ;
2017-04-05 16:07:55 -04:00
if ( ! x ( $_REQUEST , " source " )) {
2016-09-25 12:50:08 -04:00
$_REQUEST [ " source " ] = api_source ();
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
// call out normal post function
item_post ( $a );
// this should output the last post (the one we just posted).
return api_status_show ( $type );
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/statuses/update' , 'api_statuses_update' , true , API_METHOD_POST );
api_register_func ( 'api/statuses/update_with_media' , 'api_statuses_update' , true , API_METHOD_POST );
function api_media_upload ( $type ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
2016-09-25 12:50:08 -04:00
logger ( 'no user' );
throw new ForbiddenException ();
}
$user_info = api_get_user ( $a );
2017-04-05 16:07:55 -04:00
if ( ! x ( $_FILES , 'media' )) {
2016-09-25 12:50:08 -04:00
// Output error
throw new BadRequestException ( " No media. " );
}
$media = wall_upload_post ( $a , false );
2017-04-04 13:46:56 -04:00
if ( ! $media ) {
2016-09-25 12:50:08 -04:00
// Output error
throw new InternalServerErrorException ();
}
$returndata = array ();
$returndata [ " media_id " ] = $media [ " id " ];
$returndata [ " media_id_string " ] = ( string ) $media [ " id " ];
$returndata [ " size " ] = $media [ " size " ];
$returndata [ " image " ] = array ( " w " => $media [ " width " ],
" h " => $media [ " height " ],
" image_type " => $media [ " type " ]);
2017-04-05 16:07:55 -04:00
logger ( " Media uploaded: " . print_r ( $returndata , true ), LOGGER_DEBUG );
2016-09-25 12:50:08 -04:00
return array ( " media " => $returndata );
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/media/upload' , 'api_media_upload' , true , API_METHOD_POST );
2017-04-05 16:07:55 -04:00
function api_status_show ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
$user_info = api_get_user ( $a );
logger ( 'api_status_show: user_info: ' . print_r ( $user_info , true ), LOGGER_DEBUG );
2017-04-05 16:07:55 -04:00
if ( $type == " raw " ) {
2016-09-25 12:50:08 -04:00
$privacy_sql = " AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`='' " ;
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$privacy_sql = " " ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
// get last public wall message
2016-11-04 18:45:20 -04:00
$lastwall = q ( " SELECT `item`.*
FROM `item`
2016-09-25 12:50:08 -04:00
WHERE `item` . `contact-id` = % d AND `item` . `uid` = % d
AND (( `item` . `author-link` IN ( '%s' , '%s' )) OR ( `item` . `owner-link` IN ( '%s' , '%s' )))
2016-11-04 18:45:20 -04:00
AND `item` . `type` != 'activity' $privacy_sql
2016-09-25 12:50:08 -04:00
ORDER BY `item` . `id` DESC
LIMIT 1 " ,
intval ( $user_info [ 'cid' ]),
intval ( api_user ()),
dbesc ( $user_info [ 'url' ]),
dbesc ( normalise_link ( $user_info [ 'url' ])),
dbesc ( $user_info [ 'url' ]),
dbesc ( normalise_link ( $user_info [ 'url' ]))
);
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $lastwall )) {
2016-09-25 12:50:08 -04:00
$lastwall = $lastwall [ 0 ];
2016-11-04 18:45:20 -04:00
$in_reply_to = api_in_reply_to ( $lastwall );
2016-09-25 12:50:08 -04:00
$converted = api_convert_item ( $lastwall );
2017-04-05 16:07:55 -04:00
if ( $type == " xml " ) {
2016-09-25 12:50:08 -04:00
$geo = " georss:point " ;
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$geo = " geo " ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$status_info = array (
'created_at' => api_date ( $lastwall [ 'created' ]),
'id' => intval ( $lastwall [ 'id' ]),
'id_str' => ( string ) $lastwall [ 'id' ],
'text' => $converted [ " text " ],
'source' => (( $lastwall [ 'app' ]) ? $lastwall [ 'app' ] : 'web' ),
'truncated' => false ,
2016-11-04 18:45:20 -04:00
'in_reply_to_status_id' => $in_reply_to [ 'status_id' ],
'in_reply_to_status_id_str' => $in_reply_to [ 'status_id_str' ],
'in_reply_to_user_id' => $in_reply_to [ 'user_id' ],
'in_reply_to_user_id_str' => $in_reply_to [ 'user_id_str' ],
'in_reply_to_screen_name' => $in_reply_to [ 'screen_name' ],
2016-09-25 12:50:08 -04:00
'user' => $user_info ,
$geo => NULL ,
'coordinates' => " " ,
'place' => " " ,
'contributors' => " " ,
'is_quote_status' => false ,
'retweet_count' => 0 ,
'favorite_count' => 0 ,
'favorited' => $lastwall [ 'starred' ] ? true : false ,
'retweeted' => false ,
'possibly_sensitive' => false ,
'lang' => " " ,
'statusnet_html' => $converted [ " html " ],
'statusnet_conversation_id' => $lastwall [ 'parent' ],
);
2017-04-05 16:07:55 -04:00
if ( count ( $converted [ " attachments " ]) > 0 ) {
2016-09-25 12:50:08 -04:00
$status_info [ " attachments " ] = $converted [ " attachments " ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( count ( $converted [ " entities " ]) > 0 ) {
2016-09-25 12:50:08 -04:00
$status_info [ " entities " ] = $converted [ " entities " ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-06-07 22:00:59 -04:00
if (( $lastwall [ 'item_network' ] != " " ) && ( $status [ " source " ] == 'web' )) {
2016-09-25 12:50:08 -04:00
$status_info [ " source " ] = network_to_name ( $lastwall [ 'item_network' ], $user_info [ 'url' ]);
2017-06-07 22:00:59 -04:00
} elseif (( $lastwall [ 'item_network' ] != " " ) && ( network_to_name ( $lastwall [ 'item_network' ], $user_info [ 'url' ]) != $status_info [ " source " ])) {
2016-09-25 12:50:08 -04:00
$status_info [ " source " ] = trim ( $status_info [ " source " ] . ' (' . network_to_name ( $lastwall [ 'item_network' ], $user_info [ 'url' ]) . ')' );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
// "uid" and "self" are only needed for some internal stuff, so remove it from here
unset ( $status_info [ " user " ][ " uid " ]);
unset ( $status_info [ " user " ][ " self " ]);
}
logger ( 'status_info: ' . print_r ( $status_info , true ), LOGGER_DEBUG );
2017-04-05 16:07:55 -04:00
if ( $type == " raw " ) {
return $status_info ;
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
return api_format_data ( " statuses " , $type , array ( 'status' => $status_info ));
2016-09-25 12:50:08 -04:00
}
/**
* Returns extended information of a given user , specified by ID or screen name as per the required id parameter .
* The author ' s most recent status will be returned inline .
* http :// developer . twitter . com / doc / get / users / show
*/
2017-04-05 16:07:55 -04:00
function api_users_show ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
$user_info = api_get_user ( $a );
$lastwall = q ( " SELECT `item`.*
FROM `item`
INNER JOIN `contact` ON `contact` . `id` = `item` . `contact-id` AND `contact` . `uid` = `item` . `uid`
WHERE `item` . `uid` = % d AND `verb` = '%s' AND `item` . `contact-id` = % d
AND (( `item` . `author-link` IN ( '%s' , '%s' )) OR ( `item` . `owner-link` IN ( '%s' , '%s' )))
AND `type` != 'activity'
AND `item` . `allow_cid` = '' AND `item` . `allow_gid` = '' AND `item` . `deny_cid` = '' AND `item` . `deny_gid` = ''
ORDER BY `id` DESC
LIMIT 1 " ,
intval ( api_user ()),
dbesc ( ACTIVITY_POST ),
intval ( $user_info [ 'cid' ]),
dbesc ( $user_info [ 'url' ]),
dbesc ( normalise_link ( $user_info [ 'url' ])),
dbesc ( $user_info [ 'url' ]),
dbesc ( normalise_link ( $user_info [ 'url' ]))
);
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $lastwall )) {
2016-09-25 12:50:08 -04:00
$lastwall = $lastwall [ 0 ];
2016-11-04 18:45:20 -04:00
$in_reply_to = api_in_reply_to ( $lastwall );
2016-09-25 12:50:08 -04:00
$converted = api_convert_item ( $lastwall );
2017-04-05 16:07:55 -04:00
if ( $type == " xml " ) {
2016-09-25 12:50:08 -04:00
$geo = " georss:point " ;
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$geo = " geo " ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$user_info [ 'status' ] = array (
'text' => $converted [ " text " ],
'truncated' => false ,
'created_at' => api_date ( $lastwall [ 'created' ]),
2016-11-04 18:45:20 -04:00
'in_reply_to_status_id' => $in_reply_to [ 'status_id' ],
'in_reply_to_status_id_str' => $in_reply_to [ 'status_id_str' ],
2016-09-25 12:50:08 -04:00
'source' => (( $lastwall [ 'app' ]) ? $lastwall [ 'app' ] : 'web' ),
'id' => intval ( $lastwall [ 'contact-id' ]),
'id_str' => ( string ) $lastwall [ 'contact-id' ],
2016-11-04 18:45:20 -04:00
'in_reply_to_user_id' => $in_reply_to [ 'user_id' ],
'in_reply_to_user_id_str' => $in_reply_to [ 'user_id_str' ],
'in_reply_to_screen_name' => $in_reply_to [ 'screen_name' ],
2016-09-25 12:50:08 -04:00
$geo => NULL ,
'favorited' => $lastwall [ 'starred' ] ? true : false ,
2017-04-05 16:07:55 -04:00
'statusnet_html' => $converted [ " html " ],
2016-09-25 12:50:08 -04:00
'statusnet_conversation_id' => $lastwall [ 'parent' ],
);
2017-04-05 16:07:55 -04:00
if ( count ( $converted [ " attachments " ]) > 0 ) {
2016-09-25 12:50:08 -04:00
$user_info [ " status " ][ " attachments " ] = $converted [ " attachments " ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( count ( $converted [ " entities " ]) > 0 ) {
2016-09-25 12:50:08 -04:00
$user_info [ " status " ][ " entities " ] = $converted [ " entities " ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-06-07 22:00:59 -04:00
if (( $lastwall [ 'item_network' ] != " " ) && ( $user_info [ " status " ][ " source " ] == 'web' )) {
2016-09-25 12:50:08 -04:00
$user_info [ " status " ][ " source " ] = network_to_name ( $lastwall [ 'item_network' ], $user_info [ 'url' ]);
2017-04-05 16:07:55 -04:00
}
2017-06-07 22:00:59 -04:00
if (( $lastwall [ 'item_network' ] != " " ) && ( network_to_name ( $lastwall [ 'item_network' ], $user_info [ 'url' ]) != $user_info [ " status " ][ " source " ])) {
2017-04-05 16:07:55 -04:00
$user_info [ " status " ][ " source " ] = trim ( $user_info [ " status " ][ " source " ] . ' (' . network_to_name ( $lastwall [ 'item_network' ], $user_info [ 'url' ]) . ')' );
}
2016-09-25 12:50:08 -04:00
}
// "uid" and "self" are only needed for some internal stuff, so remove it from here
unset ( $user_info [ " uid " ]);
unset ( $user_info [ " self " ]);
2017-04-05 16:17:15 -04:00
return api_format_data ( " user " , $type , array ( 'user' => $user_info ));
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somewhere better
api_register_func ( 'api/users/show' , 'api_users_show' );
2017-05-05 16:36:56 -04:00
api_register_func ( 'api/externalprofile/show' , 'api_users_show' );
2016-09-25 12:50:08 -04:00
function api_users_search ( $type ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
$page = ( x ( $_REQUEST , 'page' ) ? $_REQUEST [ 'page' ] - 1 : 0 );
2016-09-25 12:50:08 -04:00
$userlist = array ();
2017-04-05 16:07:55 -04:00
if ( x ( $_GET , 'q' )) {
2016-11-04 18:45:20 -04:00
$r = q ( " SELECT id FROM `contact` WHERE `uid` = 0 AND `name` = '%s' " , dbesc ( $_GET [ " q " ]));
2017-04-05 16:07:55 -04:00
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r )) {
2016-11-04 18:45:20 -04:00
$r = q ( " SELECT `id` FROM `contact` WHERE `uid` = 0 AND `nick` = '%s' " , dbesc ( $_GET [ " q " ]));
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
$k = 0 ;
foreach ( $r AS $user ) {
$user_info = api_get_user ( $a , $user [ " id " ], " json " );
2017-04-05 16:07:55 -04:00
if ( $type == " xml " ) {
2016-09-25 12:50:08 -04:00
$userlist [ $k ++. " :user " ] = $user_info ;
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$userlist [] = $user_info ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
}
$userlist = array ( " users " => $userlist );
} else {
throw new BadRequestException ( " User not found. " );
}
} else {
throw new BadRequestException ( " User not found. " );
}
return api_format_data ( " users " , $type , $userlist );
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somewhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/users/search' , 'api_users_search' );
/**
*
* http :// developer . twitter . com / doc / get / statuses / home_timeline
*
* TODO : Optional parameters
* TODO : Add reply info
*/
2017-04-05 16:07:55 -04:00
function api_statuses_home_timeline ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
unset ( $_REQUEST [ " user_id " ]);
unset ( $_GET [ " user_id " ]);
unset ( $_REQUEST [ " screen_name " ]);
unset ( $_GET [ " screen_name " ]);
$user_info = api_get_user ( $a );
// get last newtork messages
// params
2017-04-05 16:07:55 -04:00
$count = ( x ( $_REQUEST , 'count' ) ? $_REQUEST [ 'count' ] : 20 );
$page = ( x ( $_REQUEST , 'page' ) ? $_REQUEST [ 'page' ] - 1 : 0 );
if ( $page < 0 ) {
$page = 0 ;
}
$since_id = ( x ( $_REQUEST , 'since_id' ) ? $_REQUEST [ 'since_id' ] : 0 );
$max_id = ( x ( $_REQUEST , 'max_id' ) ? $_REQUEST [ 'max_id' ] : 0 );
//$since_id = 0;//$since_id = (x($_REQUEST, 'since_id')?$_REQUEST['since_id'] : 0);
$exclude_replies = ( x ( $_REQUEST , 'exclude_replies' ) ? 1 : 0 );
$conversation_id = ( x ( $_REQUEST , 'conversation_id' ) ? $_REQUEST [ 'conversation_id' ] : 0 );
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$start = $page * $count ;
2016-09-25 12:50:08 -04:00
$sql_extra = '' ;
2017-04-05 16:07:55 -04:00
if ( $max_id > 0 ) {
$sql_extra .= ' AND `item`.`id` <= ' . intval ( $max_id );
}
if ( $exclude_replies > 0 ) {
2016-09-25 12:50:08 -04:00
$sql_extra .= ' AND `item`.`parent` = `item`.`id`' ;
2017-04-05 16:07:55 -04:00
}
if ( $conversation_id > 0 ) {
$sql_extra .= ' AND `item`.`parent` = ' . intval ( $conversation_id );
}
2016-09-25 12:50:08 -04:00
$r = q ( " SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact` . `name` , `contact` . `photo` , `contact` . `url` , `contact` . `rel` ,
`contact` . `network` , `contact` . `thumb` , `contact` . `dfrn-id` , `contact` . `self` ,
`contact` . `id` AS `cid`
FROM `item`
STRAIGHT_JOIN `contact` ON `contact` . `id` = `item` . `contact-id` AND `contact` . `uid` = `item` . `uid`
2016-11-28 17:11:13 -05:00
AND ( NOT `contact` . `blocked` OR `contact` . `pending` )
2016-09-25 12:50:08 -04:00
WHERE `item` . `uid` = % d AND `verb` = '%s'
AND `item` . `visible` AND NOT `item` . `moderated` AND NOT `item` . `deleted`
$sql_extra
AND `item` . `id` >% d
ORDER BY `item` . `id` DESC LIMIT % d , % d " ,
intval ( api_user ()),
dbesc ( ACTIVITY_POST ),
intval ( $since_id ),
intval ( $start ), intval ( $count )
);
2017-04-05 16:07:55 -04:00
$ret = api_format_items ( $r , $user_info , false , $type );
2016-09-25 12:50:08 -04:00
// Set all posts from the query above to seen
$idarray = array ();
2017-04-05 16:07:55 -04:00
foreach ( $r AS $item ) {
2016-09-25 12:50:08 -04:00
$idarray [] = intval ( $item [ " id " ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$idlist = implode ( " , " , $idarray );
if ( $idlist != " " ) {
$unseen = q ( " SELECT `id` FROM `item` WHERE `unseen` AND `id` IN (%s) " , $idlist );
2017-04-05 16:07:55 -04:00
if ( $unseen ) {
2016-09-25 12:50:08 -04:00
$r = q ( " UPDATE `item` SET `unseen` = 0 WHERE `unseen` AND `id` IN (%s) " , $idlist );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
}
$data = array ( 'status' => $ret );
2017-04-05 16:07:55 -04:00
switch ( $type ) {
2016-09-25 12:50:08 -04:00
case " atom " :
case " rss " :
$data = api_rss_extra ( $a , $data , $user_info );
break ;
}
2017-04-05 16:07:55 -04:00
return api_format_data ( " statuses " , $type , $data );
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somewhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/statuses/home_timeline' , 'api_statuses_home_timeline' , true );
api_register_func ( 'api/statuses/friends_timeline' , 'api_statuses_home_timeline' , true );
2017-04-05 16:07:55 -04:00
function api_statuses_public_timeline ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
$user_info = api_get_user ( $a );
// get last newtork messages
// params
2017-04-05 16:07:55 -04:00
$count = ( x ( $_REQUEST , 'count' ) ? $_REQUEST [ 'count' ] : 20 );
$page = ( x ( $_REQUEST , 'page' ) ? $_REQUEST [ 'page' ] - 1 : 0 );
if ( $page < 0 ) {
$page = 0 ;
}
$since_id = ( x ( $_REQUEST , 'since_id' ) ? $_REQUEST [ 'since_id' ] : 0 );
$max_id = ( x ( $_REQUEST , 'max_id' ) ? $_REQUEST [ 'max_id' ] : 0 );
//$since_id = 0;//$since_id = (x($_REQUEST, 'since_id')?$_REQUEST['since_id'] : 0);
$exclude_replies = ( x ( $_REQUEST , 'exclude_replies' ) ? 1 : 0 );
$conversation_id = ( x ( $_REQUEST , 'conversation_id' ) ? $_REQUEST [ 'conversation_id' ] : 0 );
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$start = $page * $count ;
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( $max_id > 0 ) {
$sql_extra = 'AND `item`.`id` <= ' . intval ( $max_id );
}
if ( $exclude_replies > 0 ) {
2016-09-25 12:50:08 -04:00
$sql_extra .= ' AND `item`.`parent` = `item`.`id`' ;
2017-04-05 16:07:55 -04:00
}
if ( $conversation_id > 0 ) {
$sql_extra .= ' AND `item`.`parent` = ' . intval ( $conversation_id );
}
2016-09-25 12:50:08 -04:00
$r = q ( " SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact` . `name` , `contact` . `photo` , `contact` . `url` , `contact` . `rel` ,
`contact` . `network` , `contact` . `thumb` , `contact` . `self` , `contact` . `writable` ,
`contact` . `id` AS `cid` ,
`user` . `nickname` , `user` . `hidewall`
FROM `item`
STRAIGHT_JOIN `contact` ON `contact` . `id` = `item` . `contact-id` AND `contact` . `uid` = `item` . `uid`
2016-11-28 17:11:13 -05:00
AND ( NOT `contact` . `blocked` OR `contact` . `pending` )
2016-09-25 12:50:08 -04:00
STRAIGHT_JOIN `user` ON `user` . `uid` = `item` . `uid`
AND NOT `user` . `hidewall`
WHERE `verb` = '%s' AND `item` . `visible` AND NOT `item` . `deleted` AND NOT `item` . `moderated`
AND `item` . `allow_cid` = '' AND `item` . `allow_gid` = ''
AND `item` . `deny_cid` = '' AND `item` . `deny_gid` = ''
AND NOT `item` . `private` AND `item` . `wall`
$sql_extra
AND `item` . `id` >% d
ORDER BY `item` . `id` DESC LIMIT % d , % d " ,
dbesc ( ACTIVITY_POST ),
intval ( $since_id ),
intval ( $start ),
intval ( $count ));
2017-04-05 16:07:55 -04:00
$ret = api_format_items ( $r , $user_info , false , $type );
2016-09-25 12:50:08 -04:00
$data = array ( 'status' => $ret );
2017-04-05 16:07:55 -04:00
switch ( $type ) {
2016-09-25 12:50:08 -04:00
case " atom " :
case " rss " :
$data = api_rss_extra ( $a , $data , $user_info );
break ;
}
2017-04-05 16:17:15 -04:00
return api_format_data ( " statuses " , $type , $data );
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somewhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/statuses/public_timeline' , 'api_statuses_public_timeline' , true );
/**
2017-04-05 16:07:55 -04:00
* @ TODO nothing to say ?
2016-09-25 12:50:08 -04:00
*/
2017-04-05 16:07:55 -04:00
function api_statuses_show ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
$user_info = api_get_user ( $a );
// params
$id = intval ( $a -> argv [ 3 ]);
2017-04-05 16:07:55 -04:00
if ( $id == 0 ) {
2016-09-25 12:50:08 -04:00
$id = intval ( $_REQUEST [ " id " ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
// Hotot workaround
2017-04-05 16:07:55 -04:00
if ( $id == 0 ) {
2016-09-25 12:50:08 -04:00
$id = intval ( $a -> argv [ 4 ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
logger ( 'API: api_statuses_show: ' . $id );
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$conversation = ( x ( $_REQUEST , 'conversation' ) ? 1 : 0 );
2016-09-25 12:50:08 -04:00
$sql_extra = '' ;
2017-04-05 16:07:55 -04:00
if ( $conversation ) {
2016-09-25 12:50:08 -04:00
$sql_extra .= " AND `item`.`parent` = %d ORDER BY `id` ASC " ;
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$sql_extra .= " AND `item`.`id` = %d " ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$r = q ( " SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact` . `name` , `contact` . `photo` , `contact` . `url` , `contact` . `rel` ,
`contact` . `network` , `contact` . `thumb` , `contact` . `dfrn-id` , `contact` . `self` ,
`contact` . `id` AS `cid`
FROM `item`
INNER JOIN `contact` ON `contact` . `id` = `item` . `contact-id` AND `contact` . `uid` = `item` . `uid`
2016-11-28 17:11:13 -05:00
AND ( NOT `contact` . `blocked` OR `contact` . `pending` )
2016-09-25 12:50:08 -04:00
WHERE `item` . `visible` AND NOT `item` . `moderated` AND NOT `item` . `deleted`
AND `item` . `uid` = % d AND `item` . `verb` = '%s'
$sql_extra " ,
intval ( api_user ()),
dbesc ( ACTIVITY_POST ),
intval ( $id )
);
2017-04-05 16:07:55 -04:00
/// @TODO How about copying this to above methods which don't check $r ?
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
throw new BadRequestException ( " There is no status with this id. " );
}
$ret = api_format_items ( $r , $user_info , false , $type );
if ( $conversation ) {
$data = array ( 'status' => $ret );
return api_format_data ( " statuses " , $type , $data );
} else {
$data = array ( 'status' => $ret [ 0 ]);
2017-04-05 16:17:15 -04:00
return api_format_data ( " status " , $type , $data );
2016-09-25 12:50:08 -04:00
}
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somewhere better
api_register_func ( 'api/statuses/show' , 'api_statuses_show' , true );
2016-09-25 12:50:08 -04:00
/**
2017-04-05 16:07:55 -04:00
* @ TODO nothing to say ?
2016-09-25 12:50:08 -04:00
*/
2017-04-05 16:07:55 -04:00
function api_conversation_show ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
$user_info = api_get_user ( $a );
// params
$id = intval ( $a -> argv [ 3 ]);
2017-04-05 16:07:55 -04:00
$count = ( x ( $_REQUEST , 'count' ) ? $_REQUEST [ 'count' ] : 20 );
$page = ( x ( $_REQUEST , 'page' ) ? $_REQUEST [ 'page' ] - 1 : 0 );
if ( $page < 0 ) {
$page = 0 ;
}
$since_id = ( x ( $_REQUEST , 'since_id' ) ? $_REQUEST [ 'since_id' ] : 0 );
$max_id = ( x ( $_REQUEST , 'max_id' ) ? $_REQUEST [ 'max_id' ] : 0 );
2016-09-25 12:50:08 -04:00
$start = $page * $count ;
2017-04-05 16:07:55 -04:00
if ( $id == 0 ) {
2016-09-25 12:50:08 -04:00
$id = intval ( $_REQUEST [ " id " ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
// Hotot workaround
2017-04-05 16:07:55 -04:00
if ( $id == 0 ) {
2016-09-25 12:50:08 -04:00
$id = intval ( $a -> argv [ 4 ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
logger ( 'API: api_conversation_show: ' . $id );
$r = q ( " SELECT `parent` FROM `item` WHERE `id` = %d " , intval ( $id ));
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
$id = $r [ 0 ][ " parent " ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$sql_extra = '' ;
2017-04-05 16:07:55 -04:00
if ( $max_id > 0 ) {
$sql_extra = ' AND `item`.`id` <= ' . intval ( $max_id );
}
2016-09-25 12:50:08 -04:00
// Not sure why this query was so complicated. We should keep it here for a while,
// just to make sure that we really don't need it.
// FROM `item` INNER JOIN (SELECT `uri`,`parent` FROM `item` WHERE `id` = %d) AS `temp1`
// ON (`item`.`thr-parent` = `temp1`.`uri` AND `item`.`parent` = `temp1`.`parent`)
$r = q ( " SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact` . `name` , `contact` . `photo` , `contact` . `url` , `contact` . `rel` ,
`contact` . `network` , `contact` . `thumb` , `contact` . `dfrn-id` , `contact` . `self` ,
`contact` . `id` AS `cid`
FROM `item`
STRAIGHT_JOIN `contact` ON `contact` . `id` = `item` . `contact-id` AND `contact` . `uid` = `item` . `uid`
2016-11-28 17:11:13 -05:00
AND ( NOT `contact` . `blocked` OR `contact` . `pending` )
2016-09-25 12:50:08 -04:00
WHERE `item` . `parent` = % d AND `item` . `visible`
AND NOT `item` . `moderated` AND NOT `item` . `deleted`
AND `item` . `uid` = % d AND `item` . `verb` = '%s'
AND `item` . `id` >% d $sql_extra
ORDER BY `item` . `id` DESC LIMIT % d , % d " ,
intval ( $id ), intval ( api_user ()),
dbesc ( ACTIVITY_POST ),
intval ( $since_id ),
intval ( $start ), intval ( $count )
);
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r )) {
2017-04-05 16:07:55 -04:00
throw new BadRequestException ( " There is no status with this id. " );
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$ret = api_format_items ( $r , $user_info , false , $type );
2016-09-25 12:50:08 -04:00
$data = array ( 'status' => $ret );
return api_format_data ( " statuses " , $type , $data );
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somewhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/conversation/show' , 'api_conversation_show' , true );
api_register_func ( 'api/statusnet/conversation' , 'api_conversation_show' , true );
/**
2017-04-05 16:07:55 -04:00
* @ TODO nothing to say ?
2016-09-25 12:50:08 -04:00
*/
2017-04-05 16:07:55 -04:00
function api_statuses_repeat ( $type ) {
2016-09-25 12:50:08 -04:00
global $called_api ;
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
$user_info = api_get_user ( $a );
// params
$id = intval ( $a -> argv [ 3 ]);
2017-04-05 16:07:55 -04:00
if ( $id == 0 ) {
2016-09-25 12:50:08 -04:00
$id = intval ( $_REQUEST [ " id " ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
// Hotot workaround
2017-04-05 16:07:55 -04:00
if ( $id == 0 ) {
2016-09-25 12:50:08 -04:00
$id = intval ( $a -> argv [ 4 ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
logger ( 'API: api_statuses_repeat: ' . $id );
$r = q ( " SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`, `contact`.`nick` as `reply_author`,
`contact` . `name` , `contact` . `photo` as `reply_photo` , `contact` . `url` as `reply_url` , `contact` . `rel` ,
`contact` . `network` , `contact` . `thumb` , `contact` . `dfrn-id` , `contact` . `self` ,
`contact` . `id` AS `cid`
FROM `item`
INNER JOIN `contact` ON `contact` . `id` = `item` . `contact-id` AND `contact` . `uid` = `item` . `uid`
2016-11-28 17:11:13 -05:00
AND ( NOT `contact` . `blocked` OR `contact` . `pending` )
2016-09-25 12:50:08 -04:00
WHERE `item` . `visible` AND NOT `item` . `moderated` AND NOT `item` . `deleted`
2017-08-30 13:55:23 -04:00
AND NOT `item` . `private` AND `item` . `allow_cid` = '' AND `item` . `allow_gid` = ''
2016-09-25 12:50:08 -04:00
AND `item` . `deny_cid` = '' AND `item` . `deny_gid` = ''
$sql_extra
AND `item` . `id` =% d " ,
intval ( $id )
);
2017-04-05 16:07:55 -04:00
/// @TODO other style than above functions!
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r ) && $r [ 0 ][ 'body' ] != " " ) {
2017-02-27 16:26:37 -05:00
if ( strpos ( $r [ 0 ][ 'body' ], " [/share] " ) !== false ) {
$pos = strpos ( $r [ 0 ][ 'body' ], " [share " );
$post = substr ( $r [ 0 ][ 'body' ], $pos );
} else {
$post = share_header ( $r [ 0 ][ 'author-name' ], $r [ 0 ][ 'author-link' ], $r [ 0 ][ 'author-avatar' ], $r [ 0 ][ 'guid' ], $r [ 0 ][ 'created' ], $r [ 0 ][ 'plink' ]);
2016-09-25 12:50:08 -04:00
2017-02-27 16:26:37 -05:00
$post .= $r [ 0 ][ 'body' ];
$post .= " [/share] " ;
}
$_REQUEST [ 'body' ] = $post ;
2016-09-25 12:50:08 -04:00
$_REQUEST [ 'profile_uid' ] = api_user ();
$_REQUEST [ 'type' ] = 'wall' ;
$_REQUEST [ 'api_source' ] = true ;
2017-04-05 16:07:55 -04:00
if ( ! x ( $_REQUEST , " source " )) {
2016-09-25 12:50:08 -04:00
$_REQUEST [ " source " ] = api_source ();
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
item_post ( $a );
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
throw new ForbiddenException ();
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
// this should output the last post (the one we just posted).
$called_api = null ;
2017-04-05 16:07:55 -04:00
return api_status_show ( $type );
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somewhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/statuses/retweet' , 'api_statuses_repeat' , true , API_METHOD_POST );
/**
2017-04-05 16:07:55 -04:00
* @ TODO nothing to say ?
2016-09-25 12:50:08 -04:00
*/
2017-04-05 16:07:55 -04:00
function api_statuses_destroy ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
$user_info = api_get_user ( $a );
// params
$id = intval ( $a -> argv [ 3 ]);
2017-04-05 16:07:55 -04:00
if ( $id == 0 ) {
2016-09-25 12:50:08 -04:00
$id = intval ( $_REQUEST [ " id " ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
// Hotot workaround
2017-04-05 16:07:55 -04:00
if ( $id == 0 ) {
2016-09-25 12:50:08 -04:00
$id = intval ( $a -> argv [ 4 ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
logger ( 'API: api_statuses_destroy: ' . $id );
$ret = api_statuses_show ( $type );
drop_item ( $id , false );
2017-04-05 16:07:55 -04:00
return $ret ;
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somewhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/statuses/destroy' , 'api_statuses_destroy' , true , API_METHOD_DELETE );
/**
2017-04-05 16:07:55 -04:00
* @ TODO Nothing more than an URL to say ?
2016-09-25 12:50:08 -04:00
* http :// developer . twitter . com / doc / get / statuses / mentions
*/
2017-04-05 16:07:55 -04:00
function api_statuses_mentions ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
unset ( $_REQUEST [ " user_id " ]);
unset ( $_GET [ " user_id " ]);
unset ( $_REQUEST [ " screen_name " ]);
unset ( $_GET [ " screen_name " ]);
$user_info = api_get_user ( $a );
// get last newtork messages
// params
2017-04-05 16:07:55 -04:00
$count = ( x ( $_REQUEST , 'count' ) ? $_REQUEST [ 'count' ] : 20 );
$page = ( x ( $_REQUEST , 'page' ) ? $_REQUEST [ 'page' ] - 1 : 0 );
if ( $page < 0 ) {
$page = 0 ;
}
$since_id = ( x ( $_REQUEST , 'since_id' ) ? $_REQUEST [ 'since_id' ] : 0 );
$max_id = ( x ( $_REQUEST , 'max_id' ) ? $_REQUEST [ 'max_id' ] : 0 );
//$since_id = 0;//$since_id = (x($_REQUEST, 'since_id')?$_REQUEST['since_id'] : 0);
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$start = $page * $count ;
2016-09-25 12:50:08 -04:00
// Ugly code - should be changed
2017-08-26 03:32:10 -04:00
$myurl = System :: baseUrl () . '/profile/' . $a -> user [ 'nickname' ];
2017-04-05 16:07:55 -04:00
$myurl = substr ( $myurl , strpos ( $myurl , '://' ) + 3 );
2016-09-25 12:50:08 -04:00
//$myurl = str_replace(array('www.','.'),array('','\\.'),$myurl);
2017-04-05 16:07:55 -04:00
$myurl = str_replace ( 'www.' , '' , $myurl );
$diasp_url = str_replace ( '/profile/' , '/u/' , $myurl );
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( $max_id > 0 ) {
$sql_extra = ' AND `item`.`id` <= ' . intval ( $max_id );
}
2016-09-25 12:50:08 -04:00
$r = q ( " SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact` . `name` , `contact` . `photo` , `contact` . `url` , `contact` . `rel` ,
`contact` . `network` , `contact` . `thumb` , `contact` . `dfrn-id` , `contact` . `self` ,
`contact` . `id` AS `cid`
FROM `item` FORCE INDEX ( `uid_id` )
STRAIGHT_JOIN `contact` ON `contact` . `id` = `item` . `contact-id` AND `contact` . `uid` = `item` . `uid`
2016-11-28 17:11:13 -05:00
AND ( NOT `contact` . `blocked` OR `contact` . `pending` )
2016-09-25 12:50:08 -04:00
WHERE `item` . `uid` = % d AND `verb` = '%s'
AND NOT ( `item` . `author-link` IN ( 'https://%s' , 'http://%s' ))
AND `item` . `visible` AND NOT `item` . `moderated` AND NOT `item` . `deleted`
AND `item` . `parent` IN ( SELECT `iid` FROM `thread` WHERE `uid` = % d AND `mention` AND ! `ignored` )
$sql_extra
AND `item` . `id` >% d
ORDER BY `item` . `id` DESC LIMIT % d , % d " ,
intval ( api_user ()),
dbesc ( ACTIVITY_POST ),
dbesc ( protect_sprintf ( $myurl )),
dbesc ( protect_sprintf ( $myurl )),
intval ( api_user ()),
intval ( $since_id ),
intval ( $start ), intval ( $count )
);
2017-04-05 16:07:55 -04:00
$ret = api_format_items ( $r , $user_info , false , $type );
2016-09-25 12:50:08 -04:00
$data = array ( 'status' => $ret );
2017-04-05 16:07:55 -04:00
switch ( $type ) {
2016-09-25 12:50:08 -04:00
case " atom " :
case " rss " :
$data = api_rss_extra ( $a , $data , $user_info );
break ;
}
2017-04-05 16:07:55 -04:00
return api_format_data ( " statuses " , $type , $data );
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somewhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/statuses/mentions' , 'api_statuses_mentions' , true );
api_register_func ( 'api/statuses/replies' , 'api_statuses_mentions' , true );
2017-04-05 16:07:55 -04:00
function api_statuses_user_timeline ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
$user_info = api_get_user ( $a );
// get last network messages
logger ( " api_statuses_user_timeline: api_user: " . api_user () .
" \n user_info: " . print_r ( $user_info , true ) .
" \n _REQUEST: " . print_r ( $_REQUEST , true ),
LOGGER_DEBUG );
// params
2017-04-05 16:07:55 -04:00
$count = ( x ( $_REQUEST , 'count' ) ? $_REQUEST [ 'count' ] : 20 );
$page = ( x ( $_REQUEST , 'page' ) ? $_REQUEST [ 'page' ] - 1 : 0 );
if ( $page < 0 ) {
$page = 0 ;
}
$since_id = ( x ( $_REQUEST , 'since_id' ) ? $_REQUEST [ 'since_id' ] : 0 );
//$since_id = 0;//$since_id = (x($_REQUEST, 'since_id')?$_REQUEST['since_id'] : 0);
$exclude_replies = ( x ( $_REQUEST , 'exclude_replies' ) ? 1 : 0 );
$conversation_id = ( x ( $_REQUEST , 'conversation_id' ) ? $_REQUEST [ 'conversation_id' ] : 0 );
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$start = $page * $count ;
2016-09-25 12:50:08 -04:00
$sql_extra = '' ;
2017-04-05 16:07:55 -04:00
if ( $user_info [ 'self' ] == 1 ) {
2016-09-25 12:50:08 -04:00
$sql_extra .= " AND `item`.`wall` = 1 " ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( $exclude_replies > 0 ) {
2016-09-25 12:50:08 -04:00
$sql_extra .= ' AND `item`.`parent` = `item`.`id`' ;
2017-04-05 16:07:55 -04:00
}
if ( $conversation_id > 0 ) {
$sql_extra .= ' AND `item`.`parent` = ' . intval ( $conversation_id );
}
2016-09-25 12:50:08 -04:00
$r = q ( " SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact` . `name` , `contact` . `photo` , `contact` . `url` , `contact` . `rel` ,
`contact` . `network` , `contact` . `thumb` , `contact` . `dfrn-id` , `contact` . `self` ,
`contact` . `id` AS `cid`
FROM `item` FORCE INDEX ( `uid_contactid_id` )
STRAIGHT_JOIN `contact` ON `contact` . `id` = `item` . `contact-id` AND `contact` . `uid` = `item` . `uid`
2016-11-28 17:11:13 -05:00
AND ( NOT `contact` . `blocked` OR `contact` . `pending` )
2016-09-25 12:50:08 -04:00
WHERE `item` . `uid` = % d AND `verb` = '%s'
AND `item` . `contact-id` = % d
AND `item` . `visible` AND NOT `item` . `moderated` AND NOT `item` . `deleted`
$sql_extra
AND `item` . `id` >% d
ORDER BY `item` . `id` DESC LIMIT % d , % d " ,
intval ( api_user ()),
dbesc ( ACTIVITY_POST ),
intval ( $user_info [ 'cid' ]),
intval ( $since_id ),
intval ( $start ), intval ( $count )
);
2017-04-05 16:07:55 -04:00
$ret = api_format_items ( $r , $user_info , true , $type );
2016-09-25 12:50:08 -04:00
$data = array ( 'status' => $ret );
2017-04-05 16:07:55 -04:00
switch ( $type ) {
2016-09-25 12:50:08 -04:00
case " atom " :
case " rss " :
$data = api_rss_extra ( $a , $data , $user_info );
2017-04-05 16:07:55 -04:00
break ;
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:17:15 -04:00
return api_format_data ( " statuses " , $type , $data );
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
api_register_func ( 'api/statuses/user_timeline' , 'api_statuses_user_timeline' , true );
2016-09-25 12:50:08 -04:00
/**
* Star / unstar an item
* param : id : id of the item
*
* api v1 : https :// web . archive . org / web / 20131019055350 / https :// dev . twitter . com / docs / api / 1 / post / favorites / create /% 3 Aid
*/
2017-04-05 16:07:55 -04:00
function api_favorites_create_destroy ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
// for versioned api.
/// @TODO We need a better global soluton
2017-04-05 16:07:55 -04:00
$action_argv_id = 2 ;
if ( $a -> argv [ 1 ] == " 1.1 " ) {
$action_argv_id = 3 ;
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( $a -> argc <= $action_argv_id ) {
throw new BadRequestException ( " Invalid request. " );
}
$action = str_replace ( " . " . $type , " " , $a -> argv [ $action_argv_id ]);
if ( $a -> argc == $action_argv_id + 2 ) {
$itemid = intval ( $a -> argv [ $action_argv_id + 1 ]);
2016-09-25 12:50:08 -04:00
} else {
2017-04-05 16:07:55 -04:00
/// @TODO use x() to check if _REQUEST contains 'id'
2016-09-25 12:50:08 -04:00
$itemid = intval ( $_REQUEST [ 'id' ]);
}
2017-04-05 16:07:55 -04:00
$item = q ( " SELECT * FROM `item` WHERE `id`=%d AND `uid`=%d LIMIT 1 " ,
2016-09-25 12:50:08 -04:00
$itemid , api_user ());
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $item ) || count ( $item ) == 0 ) {
2016-09-25 12:50:08 -04:00
throw new BadRequestException ( " Invalid item. " );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
switch ( $action ) {
2016-09-25 12:50:08 -04:00
case " create " :
2017-04-05 16:07:55 -04:00
$item [ 0 ][ 'starred' ] = 1 ;
2016-09-25 12:50:08 -04:00
break ;
case " destroy " :
2017-04-05 16:07:55 -04:00
$item [ 0 ][ 'starred' ] = 0 ;
2016-09-25 12:50:08 -04:00
break ;
default :
throw new BadRequestException ( " Invalid action " . $action );
}
2017-04-05 16:07:55 -04:00
2016-09-25 12:50:08 -04:00
$r = q ( " UPDATE item SET starred=%d WHERE id=%d AND uid=%d " ,
$item [ 0 ][ 'starred' ], $itemid , api_user ());
q ( " UPDATE thread SET starred=%d WHERE iid=%d AND uid=%d " ,
$item [ 0 ][ 'starred' ], $itemid , api_user ());
2017-04-05 16:07:55 -04:00
if ( $r === false ) {
throw new InternalServerErrorException ( " DB error " );
}
2016-09-25 12:50:08 -04:00
$user_info = api_get_user ( $a );
$rets = api_format_items ( $item , $user_info , false , $type );
$ret = $rets [ 0 ];
$data = array ( 'status' => $ret );
2017-04-05 16:07:55 -04:00
switch ( $type ) {
2016-09-25 12:50:08 -04:00
case " atom " :
case " rss " :
$data = api_rss_extra ( $a , $data , $user_info );
}
return api_format_data ( " status " , $type , $data );
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/favorites/create' , 'api_favorites_create_destroy' , true , API_METHOD_POST );
api_register_func ( 'api/favorites/destroy' , 'api_favorites_create_destroy' , true , API_METHOD_DELETE );
2017-04-05 16:07:55 -04:00
function api_favorites ( $type ) {
2016-09-25 12:50:08 -04:00
global $called_api ;
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$called_api = array ();
2016-09-25 12:50:08 -04:00
$user_info = api_get_user ( $a );
// in friendica starred item are private
// return favorites only for self
logger ( 'api_favorites: self:' . $user_info [ 'self' ]);
2017-04-05 16:07:55 -04:00
if ( $user_info [ 'self' ] == 0 ) {
2016-09-25 12:50:08 -04:00
$ret = array ();
} else {
$sql_extra = " " ;
// params
2017-04-05 16:07:55 -04:00
$since_id = ( x ( $_REQUEST , 'since_id' ) ? $_REQUEST [ 'since_id' ] : 0 );
$max_id = ( x ( $_REQUEST , 'max_id' ) ? $_REQUEST [ 'max_id' ] : 0 );
$count = ( x ( $_GET , 'count' ) ? $_GET [ 'count' ] : 20 );
$page = ( x ( $_REQUEST , 'page' ) ? $_REQUEST [ 'page' ] - 1 : 0 );
if ( $page < 0 ) {
$page = 0 ;
}
2016-09-25 12:50:08 -04:00
$start = $page * $count ;
2017-04-05 16:07:55 -04:00
if ( $max_id > 0 ) {
$sql_extra .= ' AND `item`.`id` <= ' . intval ( $max_id );
}
2016-09-25 12:50:08 -04:00
$r = q ( " SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact` . `name` , `contact` . `photo` , `contact` . `url` , `contact` . `rel` ,
`contact` . `network` , `contact` . `thumb` , `contact` . `dfrn-id` , `contact` . `self` ,
`contact` . `id` AS `cid`
FROM `item` , `contact`
WHERE `item` . `uid` = % d
2017-06-08 21:03:44 -04:00
AND `item` . `visible` = 1 AND `item` . `moderated` = 0 AND `item` . `deleted` = 0
2016-09-25 12:50:08 -04:00
AND `item` . `starred` = 1
AND `contact` . `id` = `item` . `contact-id`
2016-11-28 17:11:13 -05:00
AND ( NOT `contact` . `blocked` OR `contact` . `pending` )
2016-09-25 12:50:08 -04:00
$sql_extra
AND `item` . `id` >% d
ORDER BY `item` . `id` DESC LIMIT % d , % d " ,
intval ( api_user ()),
intval ( $since_id ),
intval ( $start ), intval ( $count )
);
$ret = api_format_items ( $r , $user_info , false , $type );
}
$data = array ( 'status' => $ret );
2017-04-05 16:07:55 -04:00
switch ( $type ) {
2016-09-25 12:50:08 -04:00
case " atom " :
case " rss " :
$data = api_rss_extra ( $a , $data , $user_info );
}
2017-04-05 16:17:15 -04:00
return api_format_data ( " statuses " , $type , $data );
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/favorites' , 'api_favorites' , true );
function api_format_messages ( $item , $recipient , $sender ) {
// standard meta information
$ret = Array (
'id' => $item [ 'id' ],
'sender_id' => $sender [ 'id' ] ,
'text' => " " ,
'recipient_id' => $recipient [ 'id' ],
'created_at' => api_date ( $item [ 'created' ]),
'sender_screen_name' => $sender [ 'screen_name' ],
'recipient_screen_name' => $recipient [ 'screen_name' ],
'sender' => $sender ,
'recipient' => $recipient ,
2017-04-05 16:07:55 -04:00
'title' => " " ,
'friendica_seen' => $item [ 'seen' ],
'friendica_parent_uri' => $item [ 'parent-uri' ],
2016-09-25 12:50:08 -04:00
);
// "uid" and "self" are only needed for some internal stuff, so remove it from here
unset ( $ret [ " sender " ][ " uid " ]);
unset ( $ret [ " sender " ][ " self " ]);
unset ( $ret [ " recipient " ][ " uid " ]);
unset ( $ret [ " recipient " ][ " self " ]);
//don't send title to regular StatusNET requests to avoid confusing these apps
if ( x ( $_GET , 'getText' )) {
2017-09-14 01:16:23 -04:00
$ret [ 'title' ] = $item [ 'title' ];
2017-04-05 16:07:55 -04:00
if ( $_GET [ 'getText' ] == 'html' ) {
2016-09-25 12:50:08 -04:00
$ret [ 'text' ] = bbcode ( $item [ 'body' ], false , false );
2017-04-05 16:07:55 -04:00
} elseif ( $_GET [ 'getText' ] == 'plain' ) {
2016-09-25 12:50:08 -04:00
//$ret['text'] = html2plain(bbcode($item['body'], false, false, true), 0);
$ret [ 'text' ] = trim ( html2plain ( bbcode ( api_clean_plain_items ( $item [ 'body' ]), false , false , 2 , true ), 0 ));
}
2017-04-05 16:07:55 -04:00
} else {
$ret [ 'text' ] = $item [ 'title' ] . " \n " . html2plain ( bbcode ( api_clean_plain_items ( $item [ 'body' ]), false , false , 2 , true ), 0 );
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:20:09 -04:00
if ( x ( $_GET , 'getUserObjects' ) && $_GET [ 'getUserObjects' ] == 'false' ) {
2016-09-25 12:50:08 -04:00
unset ( $ret [ 'sender' ]);
unset ( $ret [ 'recipient' ]);
}
return $ret ;
}
function api_convert_item ( $item ) {
$body = $item [ 'body' ];
$attachments = api_get_attachments ( $body );
// Workaround for ostatus messages where the title is identically to the body
$html = bbcode ( api_clean_plain_items ( $body ), false , false , 2 , true );
$statusbody = trim ( html2plain ( $html , 0 ));
// handle data: images
$statusbody = api_format_items_embeded_images ( $item , $statusbody );
$statustitle = trim ( $item [ 'title' ]);
2017-06-08 21:03:44 -04:00
if (( $statustitle != '' ) && ( strpos ( $statusbody , $statustitle ) !== false )) {
2016-09-25 12:50:08 -04:00
$statustext = trim ( $statusbody );
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$statustext = trim ( $statustitle . " \n \n " . $statusbody );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-06-08 21:03:44 -04:00
if (( $item [ " network " ] == NETWORK_FEED ) && ( strlen ( $statustext ) > 1000 )) {
2016-09-25 12:50:08 -04:00
$statustext = substr ( $statustext , 0 , 1000 ) . " ... \n " . $item [ " plink " ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$statushtml = trim ( bbcode ( $body , false , false ));
2017-09-14 01:48:43 -04:00
// Workaround for clients with limited HTML parser functionality
2016-09-25 12:50:08 -04:00
$search = array ( " <br> " , " <blockquote> " , " </blockquote> " ,
" <h1> " , " </h1> " , " <h2> " , " </h2> " ,
" <h3> " , " </h3> " , " <h4> " , " </h4> " ,
" <h5> " , " </h5> " , " <h6> " , " </h6> " );
2017-09-14 01:16:23 -04:00
$replace = array ( " <br> " , " <br><blockquote> " , " </blockquote><br> " ,
" <br><h1> " , " </h1><br> " , " <br><h2> " , " </h2><br> " ,
" <br><h3> " , " </h3><br> " , " <br><h4> " , " </h4><br> " ,
" <br><h5> " , " </h5><br> " , " <br><h6> " , " </h6><br> " );
2016-09-25 12:50:08 -04:00
$statushtml = str_replace ( $search , $replace , $statushtml );
2017-04-05 16:07:55 -04:00
if ( $item [ 'title' ] != " " ) {
2017-09-14 01:16:23 -04:00
$statushtml = " <br><h4> " . bbcode ( $item [ 'title' ]) . " </h4><br> " . $statushtml ;
}
do {
$oldtext = $statushtml ;
$statushtml = str_replace ( " <br><br> " , " <br> " , $statushtml );
} while ( $oldtext != $statushtml );
if ( substr ( $statushtml , 0 , 4 ) == '<br>' ) {
$statushtml = substr ( $statushtml , 4 );
}
if ( substr ( $statushtml , 0 , - 4 ) == '<br>' ) {
$statushtml = substr ( $statushtml , - 4 );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-06-07 22:00:59 -04:00
// feeds without body should contain the link
if (( $item [ 'network' ] == NETWORK_FEED ) && ( strlen ( $item [ 'body' ]) == 0 )) {
$statushtml .= bbcode ( $item [ 'plink' ]);
}
2016-09-25 12:50:08 -04:00
$entities = api_get_entitities ( $statustext , $body );
return array (
" text " => $statustext ,
" html " => $statushtml ,
" attachments " => $attachments ,
" entities " => $entities
);
}
function api_get_attachments ( & $body ) {
$text = $body ;
$text = preg_replace ( " / \ [img \ =([0-9]*)x([0-9]*) \ ](.*?) \ [ \ /img \ ]/ism " , '[img]$3[/img]' , $text );
$URLSearchString = " ^ \ [ \ ] " ;
$ret = preg_match_all ( " / \ [img \ ]([ $URLSearchString ]*) \ [ \ /img \ ]/ism " , $text , $images );
2017-04-05 16:07:55 -04:00
if ( ! $ret ) {
2016-09-25 12:50:08 -04:00
return false ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$attachments = array ();
foreach ( $images [ 1 ] AS $image ) {
$imagedata = get_photo_info ( $image );
2017-04-05 16:07:55 -04:00
if ( $imagedata ) {
2016-09-25 12:50:08 -04:00
$attachments [] = array ( " url " => $image , " mimetype " => $imagedata [ " mime " ], " size " => $imagedata [ " size " ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
if ( strstr ( $_SERVER [ 'HTTP_USER_AGENT' ], " AndStatus " )) {
foreach ( $images [ 0 ] AS $orig ) {
2016-09-25 12:50:08 -04:00
$body = str_replace ( $orig , " " , $body );
2017-04-05 16:07:55 -04:00
}
}
2016-09-25 12:50:08 -04:00
return $attachments ;
}
function api_get_entitities ( & $text , $bbcode ) {
/*
To - Do :
* Links at the first character of the post
*/
$a = get_app ();
2017-04-05 16:07:55 -04:00
$include_entities = strtolower ( x ( $_REQUEST , 'include_entities' ) ? $_REQUEST [ 'include_entities' ] : " false " );
2016-09-25 12:50:08 -04:00
if ( $include_entities != " true " ) {
preg_match_all ( " / \ [img](.*?) \ [ \ /img \ ]/ism " , $bbcode , $images );
foreach ( $images [ 1 ] AS $image ) {
$replace = proxy_url ( $image );
$text = str_replace ( $image , $replace , $text );
}
return array ();
}
$bbcode = bb_CleanPictureLinks ( $bbcode );
// Change pure links in text to bbcode uris
$bbcode = preg_replace ( " /([^ \ ] \ =' " . '"' . " ]|^)(https? \ : \ / \ /[a-zA-Z0-9 \ : \ / \ - \ ? \ & \ ; \ . \ = \ _ \ ~ \ # \ % \$ \ ! \ + \ ,]+)/ism " , '$1[url=$2]$2[/url]' , $bbcode );
$entities = array ();
$entities [ " hashtags " ] = array ();
$entities [ " symbols " ] = array ();
$entities [ " urls " ] = array ();
$entities [ " user_mentions " ] = array ();
$URLSearchString = " ^ \ [ \ ] " ;
$bbcode = preg_replace ( " /# \ [url \ =([ $URLSearchString ]*) \ ](.*?) \ [ \ /url \ ]/ism " , '#$2' , $bbcode );
$bbcode = preg_replace ( " / \ [bookmark \ =([ $URLSearchString ]*) \ ](.*?) \ [ \ /bookmark \ ]/ism " , '[url=$1]$2[/url]' , $bbcode );
//$bbcode = preg_replace("/\[url\](.*?)\[\/url\]/ism",'[url=$1]$1[/url]',$bbcode);
$bbcode = preg_replace ( " / \ [video \ ](.*?) \ [ \ /video \ ]/ism " , '[url=$1]$1[/url]' , $bbcode );
$bbcode = preg_replace ( " / \ [youtube \ ]([A-Za-z0-9 \ -_=]+)(.*?) \ [ \ /youtube \ ]/ism " ,
'[url=https://www.youtube.com/watch?v=$1]https://www.youtube.com/watch?v=$1[/url]' , $bbcode );
$bbcode = preg_replace ( " / \ [youtube \ ](.*?) \ [ \ /youtube \ ]/ism " , '[url=$1]$1[/url]' , $bbcode );
$bbcode = preg_replace ( " / \ [vimeo \ ]([0-9]+)(.*?) \ [ \ /vimeo \ ]/ism " ,
'[url=https://vimeo.com/$1]https://vimeo.com/$1[/url]' , $bbcode );
$bbcode = preg_replace ( " / \ [vimeo \ ](.*?) \ [ \ /vimeo \ ]/ism " , '[url=$1]$1[/url]' , $bbcode );
$bbcode = preg_replace ( " / \ [img \ =([0-9]*)x([0-9]*) \ ](.*?) \ [ \ /img \ ]/ism " , '[img]$3[/img]' , $bbcode );
//preg_match_all("/\[url\]([$URLSearchString]*)\[\/url\]/ism", $bbcode, $urls1);
preg_match_all ( " / \ [url \ =([ $URLSearchString ]*) \ ](.*?) \ [ \ /url \ ]/ism " , $bbcode , $urls );
$ordered_urls = array ();
2017-04-05 16:07:55 -04:00
foreach ( $urls [ 1 ] AS $id => $url ) {
2016-09-25 12:50:08 -04:00
//$start = strpos($text, $url, $offset);
$start = iconv_strpos ( $text , $url , 0 , " UTF-8 " );
2017-04-05 16:07:55 -04:00
if ( ! ( $start === false )) {
2016-09-25 12:50:08 -04:00
$ordered_urls [ $start ] = array ( " url " => $url , " title " => $urls [ 2 ][ $id ]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
}
ksort ( $ordered_urls );
$offset = 0 ;
//foreach ($urls[1] AS $id=>$url) {
foreach ( $ordered_urls AS $url ) {
2017-06-07 22:00:59 -04:00
if (( substr ( $url [ " title " ], 0 , 7 ) != " http:// " ) && ( substr ( $url [ " title " ], 0 , 8 ) != " https:// " ) &&
! strpos ( $url [ " title " ], " http:// " ) && ! strpos ( $url [ " title " ], " https:// " ))
2016-09-25 12:50:08 -04:00
$display_url = $url [ " title " ];
else {
$display_url = str_replace ( array ( " http://www. " , " https://www. " ), array ( " " , " " ), $url [ " url " ]);
$display_url = str_replace ( array ( " http:// " , " https:// " ), array ( " " , " " ), $display_url );
if ( strlen ( $display_url ) > 26 )
$display_url = substr ( $display_url , 0 , 25 ) . " … " ;
}
//$start = strpos($text, $url, $offset);
$start = iconv_strpos ( $text , $url [ " url " ], $offset , " UTF-8 " );
if ( ! ( $start === false )) {
$entities [ " urls " ][] = array ( " url " => $url [ " url " ],
" expanded_url " => $url [ " url " ],
" display_url " => $display_url ,
" indices " => array ( $start , $start + strlen ( $url [ " url " ])));
$offset = $start + 1 ;
}
}
preg_match_all ( " / \ [img](.*?) \ [ \ /img \ ]/ism " , $bbcode , $images );
$ordered_images = array ();
foreach ( $images [ 1 ] AS $image ) {
//$start = strpos($text, $url, $offset);
$start = iconv_strpos ( $text , $image , 0 , " UTF-8 " );
if ( ! ( $start === false ))
$ordered_images [ $start ] = $image ;
}
//$entities["media"] = array();
$offset = 0 ;
foreach ( $ordered_images AS $url ) {
$display_url = str_replace ( array ( " http://www. " , " https://www. " ), array ( " " , " " ), $url );
$display_url = str_replace ( array ( " http:// " , " https:// " ), array ( " " , " " ), $display_url );
if ( strlen ( $display_url ) > 26 )
$display_url = substr ( $display_url , 0 , 25 ) . " … " ;
$start = iconv_strpos ( $text , $url , $offset , " UTF-8 " );
if ( ! ( $start === false )) {
$image = get_photo_info ( $url );
if ( $image ) {
// If image cache is activated, then use the following sizes:
// thumb (150), small (340), medium (600) and large (1024)
2017-11-06 21:22:52 -05:00
if ( ! Config :: get ( " system " , " proxy_disabled " )) {
2016-09-25 12:50:08 -04:00
$media_url = proxy_url ( $url );
$sizes = array ();
$scale = scale_image ( $image [ 0 ], $image [ 1 ], 150 );
$sizes [ " thumb " ] = array ( " w " => $scale [ " width " ], " h " => $scale [ " height " ], " resize " => " fit " );
2017-06-07 22:00:59 -04:00
if (( $image [ 0 ] > 150 ) || ( $image [ 1 ] > 150 )) {
2016-09-25 12:50:08 -04:00
$scale = scale_image ( $image [ 0 ], $image [ 1 ], 340 );
$sizes [ " small " ] = array ( " w " => $scale [ " width " ], " h " => $scale [ " height " ], " resize " => " fit " );
}
$scale = scale_image ( $image [ 0 ], $image [ 1 ], 600 );
$sizes [ " medium " ] = array ( " w " => $scale [ " width " ], " h " => $scale [ " height " ], " resize " => " fit " );
2017-06-07 22:00:59 -04:00
if (( $image [ 0 ] > 600 ) || ( $image [ 1 ] > 600 )) {
2016-09-25 12:50:08 -04:00
$scale = scale_image ( $image [ 0 ], $image [ 1 ], 1024 );
$sizes [ " large " ] = array ( " w " => $scale [ " width " ], " h " => $scale [ " height " ], " resize " => " fit " );
}
} else {
$media_url = $url ;
$sizes [ " medium " ] = array ( " w " => $image [ 0 ], " h " => $image [ 1 ], " resize " => " fit " );
}
$entities [ " media " ][] = array (
" id " => $start + 1 ,
" id_str " => ( string ) $start + 1 ,
" indices " => array ( $start , $start + strlen ( $url )),
" media_url " => normalise_link ( $media_url ),
" media_url_https " => $media_url ,
" url " => $url ,
" display_url " => $display_url ,
" expanded_url " => $url ,
" type " => " photo " ,
" sizes " => $sizes );
}
$offset = $start + 1 ;
}
}
2017-04-05 16:07:55 -04:00
return $entities ;
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
function api_format_items_embeded_images ( & $item , $text ) {
2016-09-25 12:50:08 -04:00
$text = preg_replace_callback (
" |data:image/([^;]+)[^=]+=*|m " ,
function ( $match ) use ( $item ) {
2017-08-26 03:32:10 -04:00
return System :: baseUrl () . " /display/ " . $item [ 'guid' ];
2016-09-25 12:50:08 -04:00
},
$text );
return $text ;
}
/**
* @ brief return < a href = 'url' > name </ a > as array
*
* @ param string $txt
* @ return array
* name => 'name'
* 'url => ' url '
*/
function api_contactlink_to_array ( $txt ) {
$match = array ();
$r = preg_match_all ( '|<a href="([^"]*)">([^<]*)</a>|' , $txt , $match );
if ( $r && count ( $match ) == 3 ) {
$res = array (
'name' => $match [ 2 ],
'url' => $match [ 1 ]
);
} else {
$res = array (
'name' => $text ,
'url' => " "
);
}
return $res ;
}
/**
* @ brief return likes , dislikes and attend status for item
*
* @ param array $item
* @ return array
* likes => int count
* dislikes => int count
*/
function api_format_items_activities ( & $item , $type = " json " ) {
2017-01-16 15:59:16 -05:00
$a = get_app ();
2016-09-25 12:50:08 -04:00
$activities = array (
'like' => array (),
'dislike' => array (),
'attendyes' => array (),
'attendno' => array (),
2017-04-05 16:07:55 -04:00
'attendmaybe' => array (),
2016-09-25 12:50:08 -04:00
);
$items = q ( ' SELECT * FROM item
WHERE uid =% d AND `thr-parent` = " %s " AND visible AND NOT deleted ' ,
intval ( $item [ 'uid' ]),
dbesc ( $item [ 'uri' ]));
2017-04-05 16:07:55 -04:00
foreach ( $items as $i ) {
2016-09-25 12:50:08 -04:00
// not used as result should be structured like other user data
//builtin_activity_puller($i, $activities);
// get user data and add it to the array of the activity
2016-11-04 18:45:20 -04:00
$user = api_get_user ( $a , $i [ 'author-link' ]);
2017-04-05 16:07:55 -04:00
switch ( $i [ 'verb' ]) {
2016-09-25 12:50:08 -04:00
case ACTIVITY_LIKE :
$activities [ 'like' ][] = $user ;
break ;
case ACTIVITY_DISLIKE :
$activities [ 'dislike' ][] = $user ;
break ;
case ACTIVITY_ATTEND :
$activities [ 'attendyes' ][] = $user ;
break ;
case ACTIVITY_ATTENDNO :
$activities [ 'attendno' ][] = $user ;
break ;
case ACTIVITY_ATTENDMAYBE :
$activities [ 'attendmaybe' ][] = $user ;
break ;
default :
break ;
}
}
if ( $type == " xml " ) {
$xml_activities = array ();
foreach ( $activities as $k => $v ) {
// change xml element from "like" to "friendica:like"
$xml_activities [ " friendica: " . $k ] = $v ;
// add user data into xml output
$k_user = 0 ;
foreach ( $v as $user )
$xml_activities [ " friendica: " . $k ][ $k_user ++. " :user " ] = $user ;
}
$activities = $xml_activities ;
}
return $activities ;
}
/**
* @ brief return data from profiles
*
* @ param array $profile array containing data from db table 'profile'
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return array
*/
function api_format_items_profiles ( & $profile = null , $type = " json " ) {
if ( $profile != null ) {
$profile = array ( 'profile_id' => $profile [ 'id' ],
'profile_name' => $profile [ 'profile-name' ],
'is_default' => $profile [ 'is-default' ] ? true : false ,
'hide_friends' => $profile [ 'hide-friends' ] ? true : false ,
'profile_photo' => $profile [ 'photo' ],
'profile_thumb' => $profile [ 'thumb' ],
'publish' => $profile [ 'publish' ] ? true : false ,
'net_publish' => $profile [ 'net-publish' ] ? true : false ,
'description' => $profile [ 'pdesc' ],
'date_of_birth' => $profile [ 'dob' ],
'address' => $profile [ 'address' ],
'city' => $profile [ 'locality' ],
'region' => $profile [ 'region' ],
'postal_code' => $profile [ 'postal-code' ],
'country' => $profile [ 'country-name' ],
'hometown' => $profile [ 'hometown' ],
'gender' => $profile [ 'gender' ],
'marital' => $profile [ 'marital' ],
'marital_with' => $profile [ 'with' ],
'marital_since' => $profile [ 'howlong' ],
'sexual' => $profile [ 'sexual' ],
'politic' => $profile [ 'politic' ],
'religion' => $profile [ 'religion' ],
'public_keywords' => $profile [ 'pub_keywords' ],
'private_keywords' => $profile [ 'prv_keywords' ],
2016-11-09 15:35:52 -05:00
'likes' => bbcode ( api_clean_plain_items ( $profile [ 'likes' ]), false , false , 2 , false ),
'dislikes' => bbcode ( api_clean_plain_items ( $profile [ 'dislikes' ]), false , false , 2 , false ),
'about' => bbcode ( api_clean_plain_items ( $profile [ 'about' ]), false , false , 2 , false ),
'music' => bbcode ( api_clean_plain_items ( $profile [ 'music' ]), false , false , 2 , false ),
'book' => bbcode ( api_clean_plain_items ( $profile [ 'book' ]), false , false , 2 , false ),
'tv' => bbcode ( api_clean_plain_items ( $profile [ 'tv' ]), false , false , 2 , false ),
'film' => bbcode ( api_clean_plain_items ( $profile [ 'film' ]), false , false , 2 , false ),
'interest' => bbcode ( api_clean_plain_items ( $profile [ 'interest' ]), false , false , 2 , false ),
'romance' => bbcode ( api_clean_plain_items ( $profile [ 'romance' ]), false , false , 2 , false ),
'work' => bbcode ( api_clean_plain_items ( $profile [ 'work' ]), false , false , 2 , false ),
'education' => bbcode ( api_clean_plain_items ( $profile [ 'education' ]), false , false , 2 , false ),
'social_networks' => bbcode ( api_clean_plain_items ( $profile [ 'contact' ]), false , false , 2 , false ),
2016-09-25 12:50:08 -04:00
'homepage' => $profile [ 'homepage' ],
'users' => null );
return $profile ;
2017-01-09 07:09:01 -05:00
}
2016-09-25 12:50:08 -04:00
}
/**
* @ brief format items to be returned by api
*
* @ param array $r array of items
* @ param array $user_info
* @ param bool $filter_user filter items by $user_info
*/
function api_format_items ( $r , $user_info , $filter_user = false , $type = " json " ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
$ret = array ();
2016-09-25 12:50:08 -04:00
2017-04-04 13:46:56 -04:00
foreach ( $r as $item ) {
2016-09-25 12:50:08 -04:00
localize_item ( $item );
2017-04-05 16:23:50 -04:00
list ( $status_user , $owner_user ) = api_item_get_user ( $a , $item );
2016-09-25 12:50:08 -04:00
// Look if the posts are matching if they should be filtered by user id
2017-06-07 22:00:59 -04:00
if ( $filter_user && ( $status_user [ " id " ] != $user_info [ " id " ])) {
2016-09-25 12:50:08 -04:00
continue ;
2017-04-05 16:17:15 -04:00
}
2016-09-25 12:50:08 -04:00
2016-11-04 18:45:20 -04:00
$in_reply_to = api_in_reply_to ( $item );
2016-09-25 12:50:08 -04:00
$converted = api_convert_item ( $item );
2017-04-05 16:17:15 -04:00
if ( $type == " xml " ) {
2016-09-25 12:50:08 -04:00
$geo = " georss:point " ;
2017-04-05 16:17:15 -04:00
} else {
2016-09-25 12:50:08 -04:00
$geo = " geo " ;
2017-04-05 16:17:15 -04:00
}
2016-09-25 12:50:08 -04:00
$status = array (
'text' => $converted [ " text " ],
'truncated' => False ,
'created_at' => api_date ( $item [ 'created' ]),
2016-11-04 18:45:20 -04:00
'in_reply_to_status_id' => $in_reply_to [ 'status_id' ],
'in_reply_to_status_id_str' => $in_reply_to [ 'status_id_str' ],
2016-09-25 12:50:08 -04:00
'source' => (( $item [ 'app' ]) ? $item [ 'app' ] : 'web' ),
'id' => intval ( $item [ 'id' ]),
'id_str' => ( string ) intval ( $item [ 'id' ]),
2016-11-04 18:45:20 -04:00
'in_reply_to_user_id' => $in_reply_to [ 'user_id' ],
'in_reply_to_user_id_str' => $in_reply_to [ 'user_id_str' ],
'in_reply_to_screen_name' => $in_reply_to [ 'screen_name' ],
2016-09-25 12:50:08 -04:00
$geo => NULL ,
'favorited' => $item [ 'starred' ] ? true : false ,
'user' => $status_user ,
'friendica_owner' => $owner_user ,
//'entities' => NULL,
'statusnet_html' => $converted [ " html " ],
'statusnet_conversation_id' => $item [ 'parent' ],
'friendica_activities' => api_format_items_activities ( $item , $type ),
);
2017-04-05 16:07:55 -04:00
if ( count ( $converted [ " attachments " ]) > 0 ) {
2016-09-25 12:50:08 -04:00
$status [ " attachments " ] = $converted [ " attachments " ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( count ( $converted [ " entities " ]) > 0 ) {
2016-09-25 12:50:08 -04:00
$status [ " entities " ] = $converted [ " entities " ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-06-07 22:00:59 -04:00
if (( $item [ 'item_network' ] != " " ) && ( $status [ " source " ] == 'web' )) {
2016-09-25 12:50:08 -04:00
$status [ " source " ] = network_to_name ( $item [ 'item_network' ], $user_info [ 'url' ]);
2017-06-07 22:00:59 -04:00
} elseif (( $item [ 'item_network' ] != " " ) && ( network_to_name ( $item [ 'item_network' ], $user_info [ 'url' ]) != $status [ " source " ])) {
2016-09-25 12:50:08 -04:00
$status [ " source " ] = trim ( $status [ " source " ] . ' (' . network_to_name ( $item [ 'item_network' ], $user_info [ 'url' ]) . ')' );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
// Retweets are only valid for top postings
// It doesn't work reliable with the link if its a feed
2017-01-16 15:59:16 -05:00
//$IsRetweet = ($item['owner-link'] != $item['author-link']);
//if ($IsRetweet)
2017-06-07 22:00:59 -04:00
// $IsRetweet = (($item['owner-name'] != $item['author-name']) || ($item['owner-avatar'] != $item['author-avatar']));
2016-09-25 12:50:08 -04:00
if ( $item [ " id " ] == $item [ " parent " ]) {
$retweeted_item = api_share_as_retweet ( $item );
if ( $retweeted_item !== false ) {
$retweeted_status = $status ;
try {
2017-04-05 16:23:50 -04:00
$retweeted_status [ " user " ] = api_get_user ( $a , $retweeted_item [ " author-link " ]);
2016-09-25 12:50:08 -04:00
} catch ( BadRequestException $e ) {
// user not found. should be found?
/// @todo check if the user should be always found
$retweeted_status [ " user " ] = array ();
}
$rt_converted = api_convert_item ( $retweeted_item );
$retweeted_status [ 'text' ] = $rt_converted [ " text " ];
$retweeted_status [ 'statusnet_html' ] = $rt_converted [ " html " ];
$retweeted_status [ 'friendica_activities' ] = api_format_items_activities ( $retweeted_item , $type );
$retweeted_status [ 'created_at' ] = api_date ( $retweeted_item [ 'created' ]);
$status [ 'retweeted_status' ] = $retweeted_status ;
}
}
// "uid" and "self" are only needed for some internal stuff, so remove it from here
unset ( $status [ " user " ][ " uid " ]);
unset ( $status [ " user " ][ " self " ]);
if ( $item [ " coord " ] != " " ) {
$coords = explode ( ' ' , $item [ " coord " ]);
if ( count ( $coords ) == 2 ) {
if ( $type == " json " )
$status [ " geo " ] = array ( 'type' => 'Point' ,
'coordinates' => array (( float ) $coords [ 0 ],
( float ) $coords [ 1 ]));
else // Not sure if this is the official format - if someone founds a documentation we can check
$status [ " georss:point " ] = $item [ " coord " ];
}
}
$ret [] = $status ;
};
return $ret ;
}
function api_account_rate_limit_status ( $type ) {
2017-04-05 16:07:55 -04:00
if ( $type == " xml " ) {
2016-09-25 12:50:08 -04:00
$hash = array (
2017-04-05 16:07:55 -04:00
'remaining-hits' => '150' ,
2016-09-25 12:50:08 -04:00
'@attributes' => array ( " type " => " integer " ),
2017-04-05 16:07:55 -04:00
'hourly-limit' => '150' ,
2016-09-25 12:50:08 -04:00
'@attributes2' => array ( " type " => " integer " ),
2017-04-05 16:07:55 -04:00
'reset-time' => datetime_convert ( 'UTC' , 'UTC' , 'now + 1 hour' , ATOM_TIME ),
2016-09-25 12:50:08 -04:00
'@attributes3' => array ( " type " => " datetime " ),
'reset_time_in_seconds' => strtotime ( 'now + 1 hour' ),
'@attributes4' => array ( " type " => " integer " ),
);
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$hash = array (
'reset_time_in_seconds' => strtotime ( 'now + 1 hour' ),
2017-04-05 16:07:55 -04:00
'remaining_hits' => '150' ,
'hourly_limit' => '150' ,
'reset_time' => api_date ( datetime_convert ( 'UTC' , 'UTC' , 'now + 1 hour' , ATOM_TIME )),
2016-09-25 12:50:08 -04:00
);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
return api_format_data ( 'hash' , $type , array ( 'hash' => $hash ));
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/account/rate_limit_status' , 'api_account_rate_limit_status' , true );
function api_help_test ( $type ) {
2017-04-05 16:07:55 -04:00
if ( $type == 'xml' ) {
2016-09-25 12:50:08 -04:00
$ok = " true " ;
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$ok = " ok " ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
return api_format_data ( 'ok' , $type , array ( " ok " => $ok ));
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
api_register_func ( 'api/help/test' , 'api_help_test' , false );
2016-09-25 12:50:08 -04:00
function api_lists ( $type ) {
$ret = array ();
2017-04-05 16:07:55 -04:00
/// @TODO $ret is not filled here?
2016-09-25 12:50:08 -04:00
return api_format_data ( 'lists' , $type , array ( " lists_list " => $ret ));
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/lists' , 'api_lists' , true );
function api_lists_list ( $type ) {
$ret = array ();
2017-04-05 16:07:55 -04:00
/// @TODO $ret is not filled here?
2016-09-25 12:50:08 -04:00
return api_format_data ( 'lists' , $type , array ( " lists_list " => $ret ));
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/lists/list' , 'api_lists_list' , true );
/**
2017-04-05 16:07:55 -04:00
* https :// dev . twitter . com / docs / api / 1 / get / statuses / friends
* This function is deprecated by Twitter
* returns : json , xml
*/
2016-09-25 12:50:08 -04:00
function api_statuses_f ( $type , $qtype ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
$user_info = api_get_user ( $a );
2017-04-05 16:07:55 -04:00
if ( x ( $_GET , 'cursor' ) && $_GET [ 'cursor' ] == 'undefined' ) {
2016-09-25 12:50:08 -04:00
/* this is to stop Hotot to load friends multiple times
* I 'm not sure if I' m missing return something or
* is a bug in hotot . Workaround , meantime
*/
/* $ret = Array ();
return array ( '$users' => $ret ); */
return false ;
}
2017-04-05 16:17:15 -04:00
if ( $qtype == 'friends' ) {
2016-09-25 12:50:08 -04:00
$sql_extra = sprintf ( " AND ( `rel` = %d OR `rel` = %d ) " , intval ( CONTACT_IS_SHARING ), intval ( CONTACT_IS_FRIEND ));
2017-04-05 16:17:15 -04:00
}
if ( $qtype == 'followers' ) {
2016-09-25 12:50:08 -04:00
$sql_extra = sprintf ( " AND ( `rel` = %d OR `rel` = %d ) " , intval ( CONTACT_IS_FOLLOWER ), intval ( CONTACT_IS_FRIEND ));
2017-04-05 16:17:15 -04:00
}
2016-09-25 12:50:08 -04:00
// friends and followers only for self
2017-04-05 16:17:15 -04:00
if ( $user_info [ 'self' ] == 0 ) {
2016-09-25 12:50:08 -04:00
$sql_extra = " AND false " ;
2017-04-05 16:17:15 -04:00
}
2016-09-25 12:50:08 -04:00
2017-10-24 15:29:43 -04:00
$r = q ( " SELECT `nurl` FROM `contact` WHERE `uid` = %d AND NOT `self` AND (NOT `blocked` OR `pending`) $sql_extra ORDER BY `nick` " ,
2016-09-25 12:50:08 -04:00
intval ( api_user ())
);
$ret = array ();
2017-04-05 16:07:55 -04:00
foreach ( $r as $cid ) {
2016-09-25 12:50:08 -04:00
$user = api_get_user ( $a , $cid [ 'nurl' ]);
// "uid" and "self" are only needed for some internal stuff, so remove it from here
unset ( $user [ " uid " ]);
unset ( $user [ " self " ]);
2017-04-05 16:17:15 -04:00
if ( $user ) {
2016-09-25 12:50:08 -04:00
$ret [] = $user ;
2017-04-05 16:17:15 -04:00
}
2016-09-25 12:50:08 -04:00
}
return array ( 'user' => $ret );
}
2017-04-05 16:17:15 -04:00
2017-04-05 16:07:55 -04:00
function api_statuses_friends ( $type ) {
2016-09-25 12:50:08 -04:00
$data = api_statuses_f ( $type , " friends " );
2017-04-05 16:17:15 -04:00
if ( $data === false ) {
return false ;
}
return api_format_data ( " users " , $type , $data );
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:17:15 -04:00
2017-04-05 16:07:55 -04:00
function api_statuses_followers ( $type ) {
2016-09-25 12:50:08 -04:00
$data = api_statuses_f ( $type , " followers " );
2017-04-05 16:17:15 -04:00
if ( $data === false ) {
return false ;
}
return api_format_data ( " users " , $type , $data );
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:17:15 -04:00
/// @TODO move to top of file or somewhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/statuses/friends' , 'api_statuses_friends' , true );
api_register_func ( 'api/statuses/followers' , 'api_statuses_followers' , true );
function api_statusnet_config ( $type ) {
$a = get_app ();
$name = $a -> config [ 'sitename' ];
$server = $a -> get_hostname ();
2017-08-26 03:32:10 -04:00
$logo = System :: baseUrl () . '/images/friendica-64.png' ;
2016-09-25 12:50:08 -04:00
$email = $a -> config [ 'admin_email' ];
$closed = (( $a -> config [ 'register_policy' ] == REGISTER_CLOSED ) ? 'true' : 'false' );
2017-01-17 14:21:46 -05:00
$private = (( Config :: get ( 'system' , 'block_public' )) ? 'true' : 'false' );
2016-09-25 12:50:08 -04:00
$textlimit = ( string ) (( $a -> config [ 'max_import_size' ]) ? $a -> config [ 'max_import_size' ] : 200000 );
2017-04-05 16:07:55 -04:00
if ( $a -> config [ 'api_import_size' ]) {
2016-09-25 12:50:08 -04:00
$texlimit = string ( $a -> config [ 'api_import_size' ]);
2017-04-05 16:07:55 -04:00
}
2017-01-17 14:21:46 -05:00
$ssl = (( Config :: get ( 'system' , 'have_ssl' )) ? 'true' : 'false' );
2017-08-26 03:32:10 -04:00
$sslserver = (( $ssl === 'true' ) ? str_replace ( 'http:' , 'https:' , System :: baseUrl ()) : '' );
2016-09-25 12:50:08 -04:00
$config = array (
'site' => array ( 'name' => $name , 'server' => $server , 'theme' => 'default' , 'path' => '' ,
'logo' => $logo , 'fancy' => true , 'language' => 'en' , 'email' => $email , 'broughtby' => '' ,
'broughtbyurl' => '' , 'timezone' => 'UTC' , 'closed' => $closed , 'inviteonly' => false ,
'private' => $private , 'textlimit' => $textlimit , 'sslserver' => $sslserver , 'ssl' => $ssl ,
'shorturllength' => '30' ,
'friendica' => array (
'FRIENDICA_PLATFORM' => FRIENDICA_PLATFORM ,
'FRIENDICA_VERSION' => FRIENDICA_VERSION ,
'DFRN_PROTOCOL_VERSION' => DFRN_PROTOCOL_VERSION ,
'DB_UPDATE_VERSION' => DB_UPDATE_VERSION
)
),
);
return api_format_data ( 'config' , $type , array ( 'config' => $config ));
}
2017-04-05 16:17:15 -04:00
/// @TODO move to top of file or somewhere better
2017-04-05 16:07:55 -04:00
api_register_func ( 'api/gnusocial/config' , 'api_statusnet_config' , false );
api_register_func ( 'api/statusnet/config' , 'api_statusnet_config' , false );
2016-09-25 12:50:08 -04:00
function api_statusnet_version ( $type ) {
// liar
$fake_statusnet_version = " 0.9.7 " ;
return api_format_data ( 'version' , $type , array ( 'version' => $fake_statusnet_version ));
}
2017-04-05 16:17:15 -04:00
/// @TODO move to top of file or somewhere better
2017-04-05 16:07:55 -04:00
api_register_func ( 'api/gnusocial/version' , 'api_statusnet_version' , false );
api_register_func ( 'api/statusnet/version' , 'api_statusnet_version' , false );
2016-09-25 12:50:08 -04:00
/**
* @ todo use api_format_data () to return data
*/
function api_ff_ids ( $type , $qtype ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( ! api_user ()) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
$user_info = api_get_user ( $a );
2017-04-05 16:07:55 -04:00
if ( $qtype == 'friends' ) {
2016-09-25 12:50:08 -04:00
$sql_extra = sprintf ( " AND ( `rel` = %d OR `rel` = %d ) " , intval ( CONTACT_IS_SHARING ), intval ( CONTACT_IS_FRIEND ));
2017-04-05 16:07:55 -04:00
}
if ( $qtype == 'followers' ) {
2016-09-25 12:50:08 -04:00
$sql_extra = sprintf ( " AND ( `rel` = %d OR `rel` = %d ) " , intval ( CONTACT_IS_FOLLOWER ), intval ( CONTACT_IS_FRIEND ));
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( ! $user_info [ " self " ]) {
2016-09-25 12:50:08 -04:00
$sql_extra = " AND false " ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$stringify_ids = ( x ( $_REQUEST , 'stringify_ids' ) ? $_REQUEST [ 'stringify_ids' ] : false );
2016-09-25 12:50:08 -04:00
2016-11-04 18:45:20 -04:00
$r = q ( " SELECT `pcontact`.`id` FROM `contact`
INNER JOIN `contact` AS `pcontact` ON `contact` . `nurl` = `pcontact` . `nurl` AND `pcontact` . `uid` = 0
WHERE `contact` . `uid` = % s AND NOT `contact` . `self` " ,
2016-09-25 12:50:08 -04:00
intval ( api_user ())
);
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
return ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$ids = array ();
2017-04-19 17:03:44 -04:00
foreach ( $r as $rr ) {
if ( $stringify_ids ) {
2016-09-25 12:50:08 -04:00
$ids [] = $rr [ 'id' ];
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$ids [] = intval ( $rr [ 'id' ]);
2017-04-05 16:07:55 -04:00
}
2017-04-19 17:03:44 -04:00
}
2016-09-25 12:50:08 -04:00
return api_format_data ( " ids " , $type , array ( 'id' => $ids ));
}
function api_friends_ids ( $type ) {
return api_ff_ids ( $type , 'friends' );
}
2017-04-05 16:17:15 -04:00
2016-09-25 12:50:08 -04:00
function api_followers_ids ( $type ) {
return api_ff_ids ( $type , 'followers' );
}
2017-04-05 16:07:55 -04:00
2017-04-05 16:17:15 -04:00
/// @TODO move to top of file or somewhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/friends/ids' , 'api_friends_ids' , true );
api_register_func ( 'api/followers/ids' , 'api_followers_ids' , true );
function api_direct_messages_new ( $type ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) throw new ForbiddenException ();
2016-09-25 12:50:08 -04:00
2017-06-07 22:00:59 -04:00
if ( ! x ( $_POST , " text " ) || ( ! x ( $_POST , " screen_name " ) && ! x ( $_POST , " user_id " ))) return ;
2016-09-25 12:50:08 -04:00
$sender = api_get_user ( $a );
if ( $_POST [ 'screen_name' ]) {
$r = q ( " SELECT `id`, `nurl`, `network` FROM `contact` WHERE `uid`=%d AND `nick`='%s' " ,
intval ( api_user ()),
dbesc ( $_POST [ 'screen_name' ]));
// Selecting the id by priority, friendica first
api_best_nickname ( $r );
$recipient = api_get_user ( $a , $r [ 0 ][ 'nurl' ]);
2017-05-15 16:11:33 -04:00
} else {
2016-09-25 12:50:08 -04:00
$recipient = api_get_user ( $a , $_POST [ 'user_id' ]);
2017-05-15 16:11:33 -04:00
}
2016-09-25 12:50:08 -04:00
$replyto = '' ;
$sub = '' ;
2017-04-05 16:07:55 -04:00
if ( x ( $_REQUEST , 'replyto' )) {
2016-09-25 12:50:08 -04:00
$r = q ( 'SELECT `parent-uri`, `title` FROM `mail` WHERE `uid`=%d AND `id`=%d' ,
intval ( api_user ()),
intval ( $_REQUEST [ 'replyto' ]));
$replyto = $r [ 0 ][ 'parent-uri' ];
$sub = $r [ 0 ][ 'title' ];
2017-04-05 16:07:55 -04:00
} else {
if ( x ( $_REQUEST , 'title' )) {
2016-09-25 12:50:08 -04:00
$sub = $_REQUEST [ 'title' ];
2017-04-05 16:07:55 -04:00
} else {
$sub = (( strlen ( $_POST [ 'text' ]) > 10 ) ? substr ( $_POST [ 'text' ], 0 , 10 ) . " ... " : $_POST [ 'text' ]);
2016-09-25 12:50:08 -04:00
}
}
$id = send_message ( $recipient [ 'cid' ], $_POST [ 'text' ], $sub , $replyto );
2017-04-05 16:07:55 -04:00
if ( $id > - 1 ) {
2016-09-25 12:50:08 -04:00
$r = q ( " SELECT * FROM `mail` WHERE id=%d " , intval ( $id ));
$ret = api_format_messages ( $r [ 0 ], $recipient , $sender );
} else {
$ret = array ( " error " => $id );
}
2017-04-05 16:07:55 -04:00
$data = array ( 'direct_message' => $ret );
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
switch ( $type ) {
2016-09-25 12:50:08 -04:00
case " atom " :
case " rss " :
$data = api_rss_extra ( $a , $data , $user_info );
}
2017-04-05 16:17:15 -04:00
return api_format_data ( " direct-messages " , $type , $data );
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:17:15 -04:00
/// @TODO move to top of file or somewhere better
2017-04-05 16:07:55 -04:00
api_register_func ( 'api/direct_messages/new' , 'api_direct_messages_new' , true , API_METHOD_POST );
2016-09-25 12:50:08 -04:00
/**
* @ brief delete a direct_message from mail table through api
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
2016-11-04 18:45:20 -04:00
* @ return string
2016-09-25 12:50:08 -04:00
*/
2017-04-05 16:07:55 -04:00
function api_direct_messages_destroy ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
// params
$user_info = api_get_user ( $a );
//required
2017-04-05 16:07:55 -04:00
$id = ( x ( $_REQUEST , 'id' ) ? $_REQUEST [ 'id' ] : 0 );
2016-09-25 12:50:08 -04:00
// optional
$parenturi = ( x ( $_REQUEST , 'friendica_parenturi' ) ? $_REQUEST [ 'friendica_parenturi' ] : " " );
2017-04-05 16:07:55 -04:00
$verbose = ( x ( $_GET , 'friendica_verbose' ) ? strtolower ( $_GET [ 'friendica_verbose' ]) : " false " );
2016-09-25 12:50:08 -04:00
/// @todo optional parameter 'include_entities' from Twitter API not yet implemented
$uid = $user_info [ 'uid' ];
// error if no id or parenturi specified (for clients posting parent-uri as well)
2017-04-05 16:07:55 -04:00
if ( $verbose == " true " && ( $id == 0 || $parenturi == " " )) {
$answer = array ( 'result' => 'error' , 'message' => 'message id or parenturi not specified' );
return api_format_data ( " direct_messages_delete " , $type , array ( '$result' => $answer ));
2016-09-25 12:50:08 -04:00
}
// BadRequestException if no id specified (for clients using Twitter API)
2017-04-05 16:07:55 -04:00
if ( $id == 0 ) {
throw new BadRequestException ( 'Message id not specified' );
}
2016-09-25 12:50:08 -04:00
2017-01-09 07:09:01 -05:00
// add parent-uri to sql command if specified by calling app
2016-09-25 12:50:08 -04:00
$sql_extra = ( $parenturi != " " ? " AND `parent-uri` = ' " . dbesc ( $parenturi ) . " ' " : " " );
// get data of the specified message id
$r = q ( " SELECT `id` FROM `mail` WHERE `uid` = %d AND `id` = %d " . $sql_extra ,
2017-01-09 07:09:01 -05:00
intval ( $uid ),
2016-09-25 12:50:08 -04:00
intval ( $id ));
2017-01-09 07:09:01 -05:00
2016-09-25 12:50:08 -04:00
// error message if specified id is not in database
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
if ( $verbose == " true " ) {
$answer = array ( 'result' => 'error' , 'message' => 'message id not in database' );
return api_format_data ( " direct_messages_delete " , $type , array ( '$result' => $answer ));
}
/// @todo BadRequestException ok for Twitter API clients?
throw new BadRequestException ( 'message id not in database' );
}
// delete message
2017-01-09 07:09:01 -05:00
$result = q ( " DELETE FROM `mail` WHERE `uid` = %d AND `id` = %d " . $sql_extra ,
intval ( $uid ),
2016-09-25 12:50:08 -04:00
intval ( $id ));
if ( $verbose == " true " ) {
if ( $result ) {
// return success
$answer = array ( 'result' => 'ok' , 'message' => 'message deleted' );
return api_format_data ( " direct_message_delete " , $type , array ( '$result' => $answer ));
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$answer = array ( 'result' => 'error' , 'message' => 'unknown error' );
return api_format_data ( " direct_messages_delete " , $type , array ( '$result' => $answer ));
}
}
/// @todo return JSON data like Twitter API not yet implemented
}
2017-04-05 16:17:15 -04:00
/// @TODO move to top of file or somewhere better
api_register_func ( 'api/direct_messages/destroy' , 'api_direct_messages_destroy' , true , API_METHOD_DELETE );
2016-09-25 12:50:08 -04:00
function api_direct_messages_box ( $type , $box , $verbose ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
// params
2017-04-05 16:07:55 -04:00
$count = ( x ( $_GET , 'count' ) ? $_GET [ 'count' ] : 20 );
$page = ( x ( $_REQUEST , 'page' ) ? $_REQUEST [ 'page' ] - 1 : 0 );
if ( $page < 0 ) {
$page = 0 ;
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$since_id = ( x ( $_REQUEST , 'since_id' ) ? $_REQUEST [ 'since_id' ] : 0 );
$max_id = ( x ( $_REQUEST , 'max_id' ) ? $_REQUEST [ 'max_id' ] : 0 );
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
$user_id = ( x ( $_REQUEST , 'user_id' ) ? $_REQUEST [ 'user_id' ] : " " );
$screen_name = ( x ( $_REQUEST , 'screen_name' ) ? $_REQUEST [ 'screen_name' ] : " " );
2016-09-25 12:50:08 -04:00
// caller user info
unset ( $_REQUEST [ " user_id " ]);
unset ( $_GET [ " user_id " ]);
unset ( $_REQUEST [ " screen_name " ]);
unset ( $_GET [ " screen_name " ]);
$user_info = api_get_user ( $a );
$profile_url = $user_info [ " url " ];
// pagination
2017-04-05 16:07:55 -04:00
$start = $page * $count ;
2016-09-25 12:50:08 -04:00
// filters
if ( $box == " sentbox " ) {
2017-04-05 16:07:55 -04:00
$sql_extra = " `mail`.`from-url`=' " . dbesc ( $profile_url ) . " ' " ;
} elseif ( $box == " conversation " ) {
$sql_extra = " `mail`.`parent-uri`=' " . dbesc ( $_GET [ " uri " ] ) . " ' " ;
} elseif ( $box == " all " ) {
2016-09-25 12:50:08 -04:00
$sql_extra = " true " ;
2017-04-05 16:07:55 -04:00
} elseif ( $box == " inbox " ) {
$sql_extra = " `mail`.`from-url`!=' " . dbesc ( $profile_url ) . " ' " ;
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
if ( $max_id > 0 ) {
$sql_extra .= ' AND `mail`.`id` <= ' . intval ( $max_id );
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( $user_id != " " ) {
2016-09-25 12:50:08 -04:00
$sql_extra .= ' AND `mail`.`contact-id` = ' . intval ( $user_id );
2017-04-05 16:07:55 -04:00
} elseif ( $screen_name != " " ) {
2016-09-25 12:50:08 -04:00
$sql_extra .= " AND `contact`.`nick` = ' " . dbesc ( $screen_name ) . " ' " ;
}
$r = q ( " SELECT `mail`.*, `contact`.`nurl` AS `contact-url` FROM `mail`,`contact` WHERE `mail`.`contact-id` = `contact`.`id` AND `mail`.`uid`=%d AND $sql_extra AND `mail`.`id` > %d ORDER BY `mail`.`id` DESC LIMIT %d,%d " ,
intval ( api_user ()),
intval ( $since_id ),
intval ( $start ), intval ( $count )
);
2017-11-07 22:57:46 -05:00
if ( $verbose == " true " && ! DBM :: is_result ( $r )) {
2017-04-05 16:07:55 -04:00
$answer = array ( 'result' => 'error' , 'message' => 'no mails available' );
return api_format_data ( " direct_messages_all " , $type , array ( '$result' => $answer ));
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
$ret = array ();
2017-04-04 13:46:56 -04:00
foreach ( $r as $item ) {
2017-04-05 16:07:55 -04:00
if ( $box == " inbox " || $item [ 'from-url' ] != $profile_url ) {
2016-09-25 12:50:08 -04:00
$recipient = $user_info ;
$sender = api_get_user ( $a , normalise_link ( $item [ 'contact-url' ]));
2017-04-05 16:07:55 -04:00
} elseif ( $box == " sentbox " || $item [ 'from-url' ] == $profile_url ) {
2016-09-25 12:50:08 -04:00
$recipient = api_get_user ( $a , normalise_link ( $item [ 'contact-url' ]));
$sender = $user_info ;
}
2017-04-05 16:07:55 -04:00
$ret [] = api_format_messages ( $item , $recipient , $sender );
2016-09-25 12:50:08 -04:00
}
$data = array ( 'direct_message' => $ret );
2017-04-05 16:07:55 -04:00
switch ( $type ) {
2016-09-25 12:50:08 -04:00
case " atom " :
case " rss " :
$data = api_rss_extra ( $a , $data , $user_info );
}
2017-04-05 16:17:15 -04:00
return api_format_data ( " direct-messages " , $type , $data );
2016-09-25 12:50:08 -04:00
}
2017-04-05 16:07:55 -04:00
function api_direct_messages_sentbox ( $type ) {
$verbose = ( x ( $_GET , 'friendica_verbose' ) ? strtolower ( $_GET [ 'friendica_verbose' ]) : " false " );
2016-09-25 12:50:08 -04:00
return api_direct_messages_box ( $type , " sentbox " , $verbose );
}
2017-04-05 16:17:15 -04:00
2017-04-05 16:07:55 -04:00
function api_direct_messages_inbox ( $type ) {
$verbose = ( x ( $_GET , 'friendica_verbose' ) ? strtolower ( $_GET [ 'friendica_verbose' ]) : " false " );
2016-09-25 12:50:08 -04:00
return api_direct_messages_box ( $type , " inbox " , $verbose );
}
2017-04-05 16:17:15 -04:00
2017-04-05 16:07:55 -04:00
function api_direct_messages_all ( $type ) {
$verbose = ( x ( $_GET , 'friendica_verbose' ) ? strtolower ( $_GET [ 'friendica_verbose' ]) : " false " );
2016-09-25 12:50:08 -04:00
return api_direct_messages_box ( $type , " all " , $verbose );
}
2017-04-05 16:17:15 -04:00
2017-04-05 16:07:55 -04:00
function api_direct_messages_conversation ( $type ) {
$verbose = ( x ( $_GET , 'friendica_verbose' ) ? strtolower ( $_GET [ 'friendica_verbose' ]) : " false " );
2016-09-25 12:50:08 -04:00
return api_direct_messages_box ( $type , " conversation " , $verbose );
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somewhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/direct_messages/conversation' , 'api_direct_messages_conversation' , true );
api_register_func ( 'api/direct_messages/all' , 'api_direct_messages_all' , true );
api_register_func ( 'api/direct_messages/sent' , 'api_direct_messages_sentbox' , true );
api_register_func ( 'api/direct_messages' , 'api_direct_messages_inbox' , true );
2017-04-05 16:07:55 -04:00
function api_oauth_request_token ( $type ) {
try {
2016-09-25 12:50:08 -04:00
$oauth = new FKOAuth1 ();
$r = $oauth -> fetch_request_token ( OAuthRequest :: from_request ());
2017-04-05 16:07:55 -04:00
} catch ( Exception $e ) {
echo " error= " . OAuthUtil :: urlencode_rfc3986 ( $e -> getMessage ());
killme ();
2016-09-25 12:50:08 -04:00
}
echo $r ;
killme ();
}
2017-04-05 16:07:55 -04:00
function api_oauth_access_token ( $type ) {
try {
2016-09-25 12:50:08 -04:00
$oauth = new FKOAuth1 ();
$r = $oauth -> fetch_access_token ( OAuthRequest :: from_request ());
2017-04-05 16:07:55 -04:00
} catch ( Exception $e ) {
2016-09-25 12:50:08 -04:00
echo " error= " . OAuthUtil :: urlencode_rfc3986 ( $e -> getMessage ()); killme ();
}
echo $r ;
killme ();
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somewhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/oauth/request_token' , 'api_oauth_request_token' , false );
api_register_func ( 'api/oauth/access_token' , 'api_oauth_access_token' , false );
2017-05-01 16:19:48 -04:00
/**
* @ brief delete a complete photoalbum with all containing photos from database through api
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return string
*/
function api_fr_photoalbum_delete ( $type ) {
if ( api_user () === false ) {
throw new ForbiddenException ();
}
// input params
$album = ( x ( $_REQUEST , 'album' ) ? $_REQUEST [ 'album' ] : " " );
// we do not allow calls without album string
if ( $album == " " ) {
throw new BadRequestException ( " no albumname specified " );
}
// check if album is existing
$r = q ( " SELECT DISTINCT `resource-id` FROM `photo` WHERE `uid` = %d AND `album` = '%s' " ,
intval ( api_user ()),
dbesc ( $album ));
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r ))
2017-05-01 16:19:48 -04:00
throw new BadRequestException ( " album not available " );
// function for setting the items to "deleted = 1" which ensures that comments, likes etc. are not shown anymore
// to the user and the contacts of the users (drop_items() performs the federation of the deletion to other networks
foreach ( $r as $rr ) {
$photo_item = q ( " SELECT `id` FROM `item` WHERE `uid` = %d AND `resource-id` = '%s' AND `type` = 'photo' " ,
intval ( local_user ()),
dbesc ( $rr [ 'resource-id' ])
);
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $photo_item )) {
2017-05-01 16:19:48 -04:00
throw new InternalServerErrorException ( " problem with deleting items occured " );
}
drop_item ( $photo_item [ 0 ][ 'id' ], false );
}
// now let's delete all photos from the album
$result = q ( " DELETE FROM `photo` WHERE `uid` = %d AND `album` = '%s' " ,
intval ( api_user ()),
dbesc ( $album ));
// return success of deletion or error message
if ( $result ) {
$answer = array ( 'result' => 'deleted' , 'message' => 'album `' . $album . '` with all containing photos has been deleted.' );
return api_format_data ( " photoalbum_delete " , $type , array ( '$result' => $answer ));
} else {
2017-05-01 19:16:54 -04:00
throw new InternalServerErrorException ( " unknown error - deleting from database failed " );
2017-05-01 16:19:48 -04:00
}
}
/**
* @ brief update the name of the album for all photos of an album
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return string
*/
function api_fr_photoalbum_update ( $type ) {
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2017-05-01 16:19:48 -04:00
// input params
$album = ( x ( $_REQUEST , 'album' ) ? $_REQUEST [ 'album' ] : " " );
$album_new = ( x ( $_REQUEST , 'album_new' ) ? $_REQUEST [ 'album_new' ] : " " );
// we do not allow calls without album string
if ( $album == " " ) {
throw new BadRequestException ( " no albumname specified " );
}
if ( $album_new == " " ) {
throw new BadRequestException ( " no new albumname specified " );
}
// check if album is existing
2017-05-05 16:29:25 -04:00
$r = q ( " SELECT `id` FROM `photo` WHERE `uid` = %d AND `album` = '%s' " ,
2017-05-01 16:19:48 -04:00
intval ( api_user ()),
dbesc ( $album ));
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r )) {
2017-05-01 16:19:48 -04:00
throw new BadRequestException ( " album not available " );
}
// now let's update all photos to the albumname
$result = q ( " UPDATE `photo` SET `album` = '%s' WHERE `uid` = %d AND `album` = '%s' " ,
dbesc ( $album_new ),
intval ( api_user ()),
dbesc ( $album ));
// return success of updating or error message
if ( $result ) {
$answer = array ( 'result' => 'updated' , 'message' => 'album `' . $album . '` with all containing photos has been renamed to `' . $album_new . '`.' );
return api_format_data ( " photoalbum_update " , $type , array ( '$result' => $answer ));
} else {
2017-05-01 19:16:54 -04:00
throw new InternalServerErrorException ( " unknown error - updating in database failed " );
2017-05-01 16:19:48 -04:00
}
}
2017-04-05 16:07:55 -04:00
2017-05-01 16:19:48 -04:00
/**
* @ brief list all photos of the authenticated user
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return string
*/
function api_fr_photos_list ( $type ) {
if ( api_user () === false ) {
throw new ForbiddenException ();
}
$r = q ( " SELECT `resource-id`, MAX(scale) AS `scale`, `album`, `filename`, `type`, MAX(`created`) AS `created`,
MAX ( `edited` ) AS `edited` , MAX ( `desc` ) AS `desc` FROM `photo`
WHERE `uid` = % d AND `album` != 'Contact Photos' GROUP BY `resource-id` " ,
2016-09-25 12:50:08 -04:00
intval ( local_user ())
);
$typetoext = array (
2017-04-05 16:07:55 -04:00
'image/jpeg' => 'jpg' ,
'image/png' => 'png' ,
'image/gif' => 'gif'
2016-09-25 12:50:08 -04:00
);
2017-05-01 16:19:48 -04:00
$data = array ( 'photo' => array ());
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-12-20 15:13:50 -05:00
foreach ( $r as $rr ) {
2016-09-25 12:50:08 -04:00
$photo = array ();
$photo [ 'id' ] = $rr [ 'resource-id' ];
$photo [ 'album' ] = $rr [ 'album' ];
$photo [ 'filename' ] = $rr [ 'filename' ];
$photo [ 'type' ] = $rr [ 'type' ];
2017-08-26 03:32:10 -04:00
$thumb = System :: baseUrl () . " /photo/ " . $rr [ 'resource-id' ] . " - " . $rr [ 'scale' ] . " . " . $typetoext [ $rr [ 'type' ]];
2017-05-01 16:19:48 -04:00
$photo [ 'created' ] = $rr [ 'created' ];
$photo [ 'edited' ] = $rr [ 'edited' ];
$photo [ 'desc' ] = $rr [ 'desc' ];
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( $type == " xml " ) {
2016-09-25 12:50:08 -04:00
$data [ 'photo' ][] = array ( " @attributes " => $photo , " 1 " => $thumb );
2017-04-05 16:07:55 -04:00
} else {
2016-09-25 12:50:08 -04:00
$photo [ 'thumb' ] = $thumb ;
$data [ 'photo' ][] = $photo ;
}
}
}
2017-04-05 16:17:15 -04:00
return api_format_data ( " photos " , $type , $data );
2016-09-25 12:50:08 -04:00
}
2017-05-01 16:19:48 -04:00
/**
* @ brief upload a new photo or change an existing photo
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return string
*/
function api_fr_photo_create_update ( $type ) {
if ( api_user () === false ) {
throw new ForbiddenException ();
}
// input params
$photo_id = ( x ( $_REQUEST , 'photo_id' ) ? $_REQUEST [ 'photo_id' ] : null );
$desc = ( x ( $_REQUEST , 'desc' ) ? $_REQUEST [ 'desc' ] : ( array_key_exists ( 'desc' , $_REQUEST ) ? " " : null )); // extra check necessary to distinguish between 'not provided' and 'empty string'
$album = ( x ( $_REQUEST , 'album' ) ? $_REQUEST [ 'album' ] : null );
$album_new = ( x ( $_REQUEST , 'album_new' ) ? $_REQUEST [ 'album_new' ] : null );
$allow_cid = ( x ( $_REQUEST , 'allow_cid' ) ? $_REQUEST [ 'allow_cid' ] : ( array_key_exists ( 'allow_cid' , $_REQUEST ) ? " " : null ));
$deny_cid = ( x ( $_REQUEST , 'deny_cid' ) ? $_REQUEST [ 'deny_cid' ] : ( array_key_exists ( 'deny_cid' , $_REQUEST ) ? " " : null ));
$allow_gid = ( x ( $_REQUEST , 'allow_gid' ) ? $_REQUEST [ 'allow_gid' ] : ( array_key_exists ( 'allow_gid' , $_REQUEST ) ? " " : null ));
$deny_gid = ( x ( $_REQUEST , 'deny_gid' ) ? $_REQUEST [ 'deny_gid' ] : ( array_key_exists ( 'deny_gid' , $_REQUEST ) ? " " : null ));
$visibility = ( x ( $_REQUEST , 'visibility' ) ? (( $_REQUEST [ 'visibility' ] == " true " || $_REQUEST [ 'visibility' ] == 1 ) ? true : false ) : false );
// do several checks on input parameters
// we do not allow calls without album string
if ( $album == null ) {
throw new BadRequestException ( " no albumname specified " );
}
// if photo_id == null --> we are uploading a new photo
if ( $photo_id == null ) {
$mode = " create " ;
// error if no media posted in create-mode
if ( ! x ( $_FILES , 'media' )) {
// Output error
throw new BadRequestException ( " no media data submitted " );
}
// album_new will be ignored in create-mode
$album_new = " " ;
} else {
$mode = " update " ;
// check if photo is existing in database
2017-05-05 16:29:25 -04:00
$r = q ( " SELECT `id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' AND `album` = '%s' " ,
2017-05-01 16:19:48 -04:00
intval ( api_user ()),
dbesc ( $photo_id ),
dbesc ( $album ));
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r )) {
2017-05-01 16:19:48 -04:00
throw new BadRequestException ( " photo not available " );
}
}
// checks on acl strings provided by clients
$acl_input_error = false ;
$acl_input_error |= check_acl_input ( $allow_cid );
$acl_input_error |= check_acl_input ( $deny_cid );
$acl_input_error |= check_acl_input ( $allow_gid );
$acl_input_error |= check_acl_input ( $deny_gid );
if ( $acl_input_error ) {
throw new BadRequestException ( " acl data invalid " );
}
// now let's upload the new media in create-mode
if ( $mode == " create " ) {
$media = $_FILES [ 'media' ];
$data = save_media_to_database ( " photo " , $media , $type , $album , trim ( $allow_cid ), trim ( $deny_cid ), trim ( $allow_gid ), trim ( $deny_gid ), $desc , $visibility );
// return success of updating or error message
if ( ! is_null ( $data )) {
return api_format_data ( " photo_create " , $type , $data );
} else {
2017-05-01 19:16:54 -04:00
throw new InternalServerErrorException ( " unknown error - uploading photo failed, see Friendica log for more information " );
2017-05-01 16:19:48 -04:00
}
}
// now let's do the changes in update-mode
if ( $mode == " update " ) {
$sql_extra = " " ;
if ( ! is_null ( $desc )) {
$sql_extra .= (( $sql_extra != " " ) ? " , " : " " ) . " `desc` = ' $desc ' " ;
}
if ( ! is_null ( $album_new )) {
$sql_extra .= (( $sql_extra != " " ) ? " , " : " " ) . " `album` = ' $album_new ' " ;
}
if ( ! is_null ( $allow_cid )) {
$allow_cid = trim ( $allow_cid );
$sql_extra .= (( $sql_extra != " " ) ? " , " : " " ) . " `allow_cid` = ' $allow_cid ' " ;
}
if ( ! is_null ( $deny_cid )) {
$deny_cid = trim ( $deny_cid );
$sql_extra .= (( $sql_extra != " " ) ? " , " : " " ) . " `deny_cid` = ' $deny_cid ' " ;
}
if ( ! is_null ( $allow_gid )) {
$allow_gid = trim ( $allow_gid );
$sql_extra .= (( $sql_extra != " " ) ? " , " : " " ) . " `allow_gid` = ' $allow_gid ' " ;
}
if ( ! is_null ( $deny_gid )) {
$deny_gid = trim ( $deny_gid );
$sql_extra .= (( $sql_extra != " " ) ? " , " : " " ) . " `deny_gid` = ' $deny_gid ' " ;
}
$result = false ;
if ( $sql_extra != " " ) {
$nothingtodo = false ;
$result = q ( " UPDATE `photo` SET %s, `edited`='%s' WHERE `uid` = %d AND `resource-id` = '%s' AND `album` = '%s' " ,
$sql_extra ,
datetime_convert (), // update edited timestamp
intval ( api_user ()),
dbesc ( $photo_id ),
dbesc ( $album ));
} else {
$nothingtodo = true ;
}
if ( x ( $_FILES , 'media' )) {
$nothingtodo = false ;
$media = $_FILES [ 'media' ];
$data = save_media_to_database ( " photo " , $media , $type , $album , $allow_cid , $deny_cid , $allow_gid , $deny_gid , $desc , 0 , $visibility , $photo_id );
if ( ! is_null ( $data )) {
return api_format_data ( " photo_update " , $type , $data );
}
}
// return success of updating or error message
if ( $result ) {
$answer = array ( 'result' => 'updated' , 'message' => 'Image id `' . $photo_id . '` has been updated.' );
return api_format_data ( " photo_update " , $type , array ( '$result' => $answer ));
} else {
if ( $nothingtodo ) {
$answer = array ( 'result' => 'cancelled' , 'message' => 'Nothing to update for image id `' . $photo_id . '`.' );
return api_format_data ( " photo_update " , $type , array ( '$result' => $answer ));
}
2017-05-01 19:16:54 -04:00
throw new InternalServerErrorException ( " unknown error - update photo entry in database failed " );
2017-05-01 16:19:48 -04:00
}
}
2017-05-01 19:16:54 -04:00
throw new InternalServerErrorException ( " unknown error - this error on uploading or updating a photo should never happen " );
2017-05-01 16:19:48 -04:00
}
/**
* @ brief delete a single photo from the database through api
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return string
*/
function api_fr_photo_delete ( $type ) {
if ( api_user () === false ) {
throw new ForbiddenException ();
}
// input params
$photo_id = ( x ( $_REQUEST , 'photo_id' ) ? $_REQUEST [ 'photo_id' ] : null );
// do several checks on input parameters
// we do not allow calls without photo id
if ( $photo_id == null ) {
throw new BadRequestException ( " no photo_id specified " );
}
// check if photo is existing in database
2017-05-05 16:29:25 -04:00
$r = q ( " SELECT `id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' " ,
2017-05-01 16:19:48 -04:00
intval ( api_user ()),
dbesc ( $photo_id )
);
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r )) {
2017-05-01 16:19:48 -04:00
throw new BadRequestException ( " photo not available " );
}
// now we can perform on the deletion of the photo
$result = q ( " DELETE FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' " ,
intval ( api_user ()),
dbesc ( $photo_id ));
// return success of deletion or error message
if ( $result ) {
// retrieve the id of the parent element (the photo element)
$photo_item = q ( " SELECT `id` FROM `item` WHERE `uid` = %d AND `resource-id` = '%s' AND `type` = 'photo' " ,
intval ( local_user ()),
dbesc ( $photo_id )
);
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $photo_item )) {
2017-05-01 16:19:48 -04:00
throw new InternalServerErrorException ( " problem with deleting items occured " );
}
// function for setting the items to "deleted = 1" which ensures that comments, likes etc. are not shown anymore
// to the user and the contacts of the users (drop_items() do all the necessary magic to avoid orphans in database and federate deletion)
drop_item ( $photo_item [ 0 ][ 'id' ], false );
$answer = array ( 'result' => 'deleted' , 'message' => 'photo with id `' . $photo_id . '` has been deleted from server.' );
return api_format_data ( " photo_delete " , $type , array ( '$result' => $answer ));
} else {
throw new InternalServerErrorException ( " unknown error on deleting photo from database table " );
}
}
/**
* @ brief returns the details of a specified photo id , if scale is given , returns the photo data in base 64
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return string
*/
2016-09-25 12:50:08 -04:00
function api_fr_photo_detail ( $type ) {
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
2017-05-01 16:19:48 -04:00
}
if ( ! x ( $_REQUEST , 'photo_id' )) {
2017-04-05 16:07:55 -04:00
throw new BadRequestException ( " No photo id. " );
}
2016-09-25 12:50:08 -04:00
$scale = ( x ( $_REQUEST , 'scale' ) ? intval ( $_REQUEST [ 'scale' ]) : false );
2017-05-01 16:19:48 -04:00
$photo_id = $_REQUEST [ 'photo_id' ];
// prepare json/xml output with data from database for the requested photo
$data = prepare_photo_data ( $type , $scale , $photo_id );
return api_format_data ( " photo_detail " , $type , $data );
}
/**
* @ brief updates the profile image for the user ( either a specified profile or the default profile )
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return string
*/
function api_account_update_profile_image ( $type ) {
if ( api_user () === false ) {
throw new ForbiddenException ();
}
// input params
$profileid = ( x ( $_REQUEST , 'profile_id' ) ? $_REQUEST [ 'profile_id' ] : 0 );
// error if image data is missing
if ( ! x ( $_FILES , 'image' )) {
throw new BadRequestException ( " no media data submitted " );
}
// check if specified profile id is valid
if ( $profileid != 0 ) {
2017-05-05 16:29:25 -04:00
$r = q ( " SELECT `id` FROM `profile` WHERE `uid` = %d AND `id` = %d " ,
2017-05-01 16:19:48 -04:00
intval ( api_user ()),
intval ( $profileid ));
// error message if specified profile id is not in database
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r )) {
2017-05-01 16:19:48 -04:00
throw new BadRequestException ( " profile_id not available " );
}
$is_default_profile = $r [ 'profile' ];
} else {
$is_default_profile = 1 ;
}
// get mediadata from image or media (Twitter call api/account/update_profile_image provides image)
$media = null ;
if ( x ( $_FILES , 'image' )) {
$media = $_FILES [ 'image' ];
} elseif ( x ( $_FILES , 'media' )) {
$media = $_FILES [ 'media' ];
}
// save new profile image
$data = save_media_to_database ( " profileimage " , $media , $type , t ( 'Profile Photos' ), " " , " " , " " , " " , " " , $is_default_profile );
// get filetype
if ( is_array ( $media [ 'type' ])) {
$filetype = $media [ 'type' ][ 0 ];
} else {
$filetype = $media [ 'type' ];
}
if ( $filetype == " image/jpeg " ) {
$fileext = " jpg " ;
} elseif ( $filetype == " image/png " ) {
$fileext = " png " ;
}
// change specified profile or all profiles to the new resource-id
if ( $is_default_profile ) {
$r = q ( " UPDATE `photo` SET `profile` = 0 WHERE `profile` = 1 AND `resource-id` != '%s' AND `uid` = %d " ,
dbesc ( $data [ 'photo' ][ 'id' ]),
intval ( local_user ())
);
$r = q ( " UPDATE `contact` SET `photo` = '%s', `thumb` = '%s', `micro` = '%s' WHERE `self` AND `uid` = %d " ,
2017-08-26 03:32:10 -04:00
dbesc ( System :: baseUrl () . '/photo/' . $data [ 'photo' ][ 'id' ] . '-4.' . $fileext ),
dbesc ( System :: baseUrl () . '/photo/' . $data [ 'photo' ][ 'id' ] . '-5.' . $fileext ),
dbesc ( System :: baseUrl () . '/photo/' . $data [ 'photo' ][ 'id' ] . '-6.' . $fileext ),
2017-05-01 16:19:48 -04:00
intval ( local_user ())
);
} else {
2017-05-05 16:29:25 -04:00
$r = q ( " UPDATE `profile` SET `photo` = '%s', `thumb` = '%s' WHERE `id` = %d AND `uid` = %d " ,
2017-08-26 03:32:10 -04:00
dbesc ( System :: baseUrl () . '/photo/' . $data [ 'photo' ][ 'id' ] . '-4.' . $filetype ),
dbesc ( System :: baseUrl () . '/photo/' . $data [ 'photo' ][ 'id' ] . '-5.' . $filetype ),
2017-05-01 16:19:48 -04:00
intval ( $_REQUEST [ 'profile' ]),
intval ( local_user ())
);
}
// we'll set the updated profile-photo timestamp even if it isn't the default profile,
// so that browsers will do a cache update unconditionally
$r = q ( " UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d " ,
dbesc ( datetime_convert ()),
intval ( local_user ())
);
// Update global directory in background
//$user = api_get_user(get_app());
2017-08-26 03:32:10 -04:00
$url = System :: baseUrl () . '/profile/' . get_app () -> user [ 'nickname' ];
2017-11-06 21:22:52 -05:00
if ( $url && strlen ( Config :: get ( 'system' , 'directory' ))) {
2017-11-05 07:15:53 -05:00
Worker :: add ( PRIORITY_LOW , " directory " , $url );
2017-05-01 16:19:48 -04:00
}
2017-11-05 07:15:53 -05:00
Worker :: add ( PRIORITY_LOW , 'profile_update' , api_user ());
2017-05-01 16:19:48 -04:00
// output for client
if ( $data ) {
return api_account_verify_credentials ( $type );
} else {
// SaveMediaToDatabase failed for some reason
throw new InternalServerErrorException ( " image upload failed " );
}
}
// place api-register for photoalbum calls before 'api/friendica/photo', otherwise this function is never reached
api_register_func ( 'api/friendica/photoalbum/delete' , 'api_fr_photoalbum_delete' , true , API_METHOD_DELETE );
api_register_func ( 'api/friendica/photoalbum/update' , 'api_fr_photoalbum_update' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/photos/list' , 'api_fr_photos_list' , true );
api_register_func ( 'api/friendica/photo/create' , 'api_fr_photo_create_update' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/photo/update' , 'api_fr_photo_create_update' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/photo/delete' , 'api_fr_photo_delete' , true , API_METHOD_DELETE );
api_register_func ( 'api/friendica/photo' , 'api_fr_photo_detail' , true );
api_register_func ( 'api/account/update_profile_image' , 'api_account_update_profile_image' , true , API_METHOD_POST );
function check_acl_input ( $acl_string ) {
if ( $acl_string == null || $acl_string == " " ) {
return false ;
}
$contact_not_found = false ;
// split <x><y><z> into array of cid's
preg_match_all ( " /<[A-Za-z0-9]+>/ " , $acl_string , $array );
// check for each cid if it is available on server
$cid_array = $array [ 0 ];
foreach ( $cid_array as $cid ) {
$cid = str_replace ( " < " , " " , $cid );
$cid = str_replace ( " > " , " " , $cid );
$contact = q ( " SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d " ,
intval ( $cid ),
intval ( api_user ()));
2017-11-07 22:57:46 -05:00
$contact_not_found |= ! DBM :: is_result ( $contact );
2017-05-01 16:19:48 -04:00
}
return $contact_not_found ;
}
function save_media_to_database ( $mediatype , $media , $type , $album , $allow_cid , $deny_cid , $allow_gid , $deny_gid , $desc , $profile = 0 , $visibility = false , $photo_id = null ) {
$visitor = 0 ;
$src = " " ;
$filetype = " " ;
$filename = " " ;
$filesize = 0 ;
if ( is_array ( $media )) {
if ( is_array ( $media [ 'tmp_name' ])) {
$src = $media [ 'tmp_name' ][ 0 ];
} else {
$src = $media [ 'tmp_name' ];
}
if ( is_array ( $media [ 'name' ])) {
$filename = basename ( $media [ 'name' ][ 0 ]);
} else {
$filename = basename ( $media [ 'name' ]);
}
if ( is_array ( $media [ 'size' ])) {
$filesize = intval ( $media [ 'size' ][ 0 ]);
} else {
$filesize = intval ( $media [ 'size' ]);
}
if ( is_array ( $media [ 'type' ])) {
$filetype = $media [ 'type' ][ 0 ];
} else {
$filetype = $media [ 'type' ];
}
}
if ( $filetype == " " ) {
$filetype = guess_image_type ( $filename );
}
$imagedata = getimagesize ( $src );
if ( $imagedata ) {
$filetype = $imagedata [ 'mime' ];
}
logger ( " File upload src: " . $src . " - filename: " . $filename .
" - size: " . $filesize . " - type: " . $filetype , LOGGER_DEBUG );
// check if there was a php upload error
if ( $filesize == 0 && $media [ 'error' ] == 1 ) {
throw new InternalServerErrorException ( " image size exceeds PHP config settings, file was rejected by server " );
}
// check against max upload size within Friendica instance
2017-11-06 21:22:52 -05:00
$maximagesize = Config :: get ( 'system' , 'maximagesize' );
2017-05-01 16:19:48 -04:00
if (( $maximagesize ) && ( $filesize > $maximagesize )) {
$formattedBytes = formatBytes ( $maximagesize );
throw new InternalServerErrorException ( " image size exceeds Friendica config setting (uploaded size: $formattedBytes ) " );
}
// create Photo instance with the data of the image
$imagedata = @ file_get_contents ( $src );
$ph = new Photo ( $imagedata , $filetype );
if ( ! $ph -> is_valid ()) {
throw new InternalServerErrorException ( " unable to process image data " );
}
// check orientation of image
$ph -> orient ( $src );
@ unlink ( $src );
// check max length of images on server
2017-11-06 21:22:52 -05:00
$max_length = Config :: get ( 'system' , 'max_image_length' );
2017-05-01 16:19:48 -04:00
if ( ! $max_length ) {
$max_length = MAX_IMAGE_LENGTH ;
}
if ( $max_length > 0 ) {
$ph -> scaleImage ( $max_length );
logger ( " File upload: Scaling picture to new size " . $max_length , LOGGER_DEBUG );
}
$width = $ph -> getWidth ();
$height = $ph -> getHeight ();
// create a new resource-id if not already provided
$hash = ( $photo_id == null ) ? photo_new_resource () : $photo_id ;
if ( $mediatype == " photo " ) {
// upload normal image (scales 0, 1, 2)
logger ( " photo upload: starting new photo upload " , LOGGER_DEBUG );
$r = $ph -> store ( local_user (), $visitor , $hash , $filename , $album , 0 , 0 , $allow_cid , $allow_gid , $deny_cid , $deny_gid , $desc );
if ( ! $r ) {
logger ( " photo upload: image upload with scale 0 (original size) failed " );
}
if ( $width > 640 || $height > 640 ) {
$ph -> scaleImage ( 640 );
$r = $ph -> store ( local_user (), $visitor , $hash , $filename , $album , 1 , 0 , $allow_cid , $allow_gid , $deny_cid , $deny_gid , $desc );
if ( ! $r ) {
logger ( " photo upload: image upload with scale 1 (640x640) failed " );
}
}
if ( $width > 320 || $height > 320 ) {
$ph -> scaleImage ( 320 );
$r = $ph -> store ( local_user (), $visitor , $hash , $filename , $album , 2 , 0 , $allow_cid , $allow_gid , $deny_cid , $deny_gid , $desc );
if ( ! $r ) {
logger ( " photo upload: image upload with scale 2 (320x320) failed " );
}
}
logger ( " photo upload: new photo upload ended " , LOGGER_DEBUG );
} elseif ( $mediatype == " profileimage " ) {
// upload profile image (scales 4, 5, 6)
logger ( " photo upload: starting new profile image upload " , LOGGER_DEBUG );
if ( $width > 175 || $height > 175 ) {
$ph -> scaleImage ( 175 );
$r = $ph -> store ( local_user (), $visitor , $hash , $filename , $album , 4 , $profile , $allow_cid , $allow_gid , $deny_cid , $deny_gid , $desc );
if ( ! $r ) {
logger ( " photo upload: profile image upload with scale 4 (175x175) failed " );
}
}
if ( $width > 80 || $height > 80 ) {
$ph -> scaleImage ( 80 );
$r = $ph -> store ( local_user (), $visitor , $hash , $filename , $album , 5 , $profile , $allow_cid , $allow_gid , $deny_cid , $deny_gid , $desc );
if ( ! $r ) {
logger ( " photo upload: profile image upload with scale 5 (80x80) failed " );
}
}
if ( $width > 48 || $height > 48 ) {
$ph -> scaleImage ( 48 );
$r = $ph -> store ( local_user (), $visitor , $hash , $filename , $album , 6 , $profile , $allow_cid , $allow_gid , $deny_cid , $deny_gid , $desc );
if ( ! $r ) {
logger ( " photo upload: profile image upload with scale 6 (48x48) failed " );
}
}
$ph -> __destruct ();
logger ( " photo upload: new profile image upload ended " , LOGGER_DEBUG );
}
if ( $r ) {
// create entry in 'item'-table on new uploads to enable users to comment/like/dislike the photo
if ( $photo_id == null && $mediatype == " photo " ) {
post_photo_item ( $hash , $allow_cid , $deny_cid , $allow_gid , $deny_gid , $filetype , $visibility );
}
// on success return image data in json/xml format (like /api/friendica/photo does when no scale is given)
return prepare_photo_data ( $type , false , $hash );
} else {
throw new InternalServerErrorException ( " image upload failed " );
}
}
function post_photo_item ( $hash , $allow_cid , $deny_cid , $allow_gid , $deny_gid , $filetype , $visibility = false ) {
// get data about the api authenticated user
$uri = item_new_uri ( get_app () -> get_hostname (), intval ( api_user ()));
$owner_record = q ( " SELECT * FROM `contact` WHERE `uid`= %d AND `self` LIMIT 1 " , intval ( api_user ()));
$arr = array ();
$arr [ 'guid' ] = get_guid ( 32 );
$arr [ 'uid' ] = intval ( api_user ());
$arr [ 'uri' ] = $uri ;
$arr [ 'parent-uri' ] = $uri ;
$arr [ 'type' ] = 'photo' ;
$arr [ 'wall' ] = 1 ;
$arr [ 'resource-id' ] = $hash ;
$arr [ 'contact-id' ] = $owner_record [ 0 ][ 'id' ];
$arr [ 'owner-name' ] = $owner_record [ 0 ][ 'name' ];
$arr [ 'owner-link' ] = $owner_record [ 0 ][ 'url' ];
$arr [ 'owner-avatar' ] = $owner_record [ 0 ][ 'thumb' ];
$arr [ 'author-name' ] = $owner_record [ 0 ][ 'name' ];
$arr [ 'author-link' ] = $owner_record [ 0 ][ 'url' ];
$arr [ 'author-avatar' ] = $owner_record [ 0 ][ 'thumb' ];
$arr [ 'title' ] = " " ;
$arr [ 'allow_cid' ] = $allow_cid ;
$arr [ 'allow_gid' ] = $allow_gid ;
$arr [ 'deny_cid' ] = $deny_cid ;
$arr [ 'deny_gid' ] = $deny_gid ;
$arr [ 'last-child' ] = 1 ;
$arr [ 'visible' ] = $visibility ;
$arr [ 'origin' ] = 1 ;
$typetoext = array (
'image/jpeg' => 'jpg' ,
'image/png' => 'png' ,
'image/gif' => 'gif'
);
// adds link to the thumbnail scale photo
2017-09-20 17:47:12 -04:00
$arr [ 'body' ] = '[url=' . System :: baseUrl () . '/photos/' . $owner_record [ 0 ][ 'nick' ] . '/image/' . $hash . ']'
2017-08-26 03:32:10 -04:00
. '[img]' . System :: baseUrl () . '/photo/' . $hash . '-' . " 2 " . '.' . $typetoext [ $filetype ] . '[/img]'
2017-05-01 16:19:48 -04:00
. '[/url]' ;
// do the magic for storing the item in the database and trigger the federation to other contacts
item_store ( $arr );
}
function prepare_photo_data ( $type , $scale , $photo_id ) {
2017-06-08 21:03:44 -04:00
$scale_sql = ( $scale === false ? " " : sprintf ( " AND scale=%d " , intval ( $scale )));
2017-05-01 16:19:48 -04:00
$data_sql = ( $scale === false ? " " : " data, " );
// added allow_cid, allow_gid, deny_cid, deny_gid to output as string like stored in database
// clients needs to convert this in their way for further processing
$r = q ( " SELECT %s `resource-id`, `created`, `edited`, `title`, `desc`, `album`, `filename`,
`type` , `height` , `width` , `datasize` , `profile` , `allow_cid` , `deny_cid` , `allow_gid` , `deny_gid` ,
MIN ( `scale` ) AS `minscale` , MAX ( `scale` ) AS `maxscale`
FROM `photo` WHERE `uid` = % d AND `resource-id` = '%s' % s GROUP BY `resource-id` " ,
2016-09-25 12:50:08 -04:00
$data_sql ,
intval ( local_user ()),
2017-05-01 16:19:48 -04:00
dbesc ( $photo_id ),
2016-09-25 12:50:08 -04:00
$scale_sql
);
$typetoext = array (
2017-04-05 16:07:55 -04:00
'image/jpeg' => 'jpg' ,
'image/png' => 'png' ,
'image/gif' => 'gif'
2016-09-25 12:50:08 -04:00
);
2017-05-01 16:19:48 -04:00
// prepare output data for photo
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
$data = array ( 'photo' => $r [ 0 ]);
$data [ 'photo' ][ 'id' ] = $data [ 'photo' ][ 'resource-id' ];
if ( $scale !== false ) {
$data [ 'photo' ][ 'data' ] = base64_encode ( $data [ 'photo' ][ 'data' ]);
} else {
unset ( $data [ 'photo' ][ 'datasize' ]); //needed only with scale param
}
if ( $type == " xml " ) {
$data [ 'photo' ][ 'links' ] = array ();
2017-04-05 16:07:55 -04:00
for ( $k = intval ( $data [ 'photo' ][ 'minscale' ]); $k <= intval ( $data [ 'photo' ][ 'maxscale' ]); $k ++ ) {
$data [ 'photo' ][ 'links' ][ $k . " :link " ][ " @attributes " ] = array ( " type " => $data [ 'photo' ][ 'type' ],
2017-05-01 16:19:48 -04:00
" scale " => $k ,
2017-08-26 03:32:10 -04:00
" href " => System :: baseUrl () . " /photo/ " . $data [ 'photo' ][ 'resource-id' ] . " - " . $k . " . " . $typetoext [ $data [ 'photo' ][ 'type' ]]);
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
} else {
$data [ 'photo' ][ 'link' ] = array ();
2017-05-01 16:19:48 -04:00
// when we have profile images we could have only scales from 4 to 6, but index of array always needs to start with 0
$i = 0 ;
2017-04-05 16:07:55 -04:00
for ( $k = intval ( $data [ 'photo' ][ 'minscale' ]); $k <= intval ( $data [ 'photo' ][ 'maxscale' ]); $k ++ ) {
2017-08-26 03:32:10 -04:00
$data [ 'photo' ][ 'link' ][ $i ] = System :: baseUrl () . " /photo/ " . $data [ 'photo' ][ 'resource-id' ] . " - " . $k . " . " . $typetoext [ $data [ 'photo' ][ 'type' ]];
2017-05-01 16:19:48 -04:00
$i ++ ;
2016-09-25 12:50:08 -04:00
}
}
unset ( $data [ 'photo' ][ 'resource-id' ]);
unset ( $data [ 'photo' ][ 'minscale' ]);
unset ( $data [ 'photo' ][ 'maxscale' ]);
} else {
throw new NotFoundException ();
}
2017-05-01 16:19:48 -04:00
// retrieve item element for getting activities (like, dislike etc.) related to photo
$item = q ( " SELECT * FROM `item` WHERE `uid` = %d AND `resource-id` = '%s' AND `type` = 'photo' " ,
intval ( local_user ()),
dbesc ( $photo_id )
);
$data [ 'photo' ][ 'friendica_activities' ] = api_format_items_activities ( $item [ 0 ], $type );
2016-09-25 12:50:08 -04:00
2017-05-01 16:19:48 -04:00
// retrieve comments on photo
$r = q ( " SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact` . `name` , `contact` . `photo` , `contact` . `url` , `contact` . `rel` ,
`contact` . `network` , `contact` . `thumb` , `contact` . `dfrn-id` , `contact` . `self` ,
`contact` . `id` AS `cid`
FROM `item`
STRAIGHT_JOIN `contact` ON `contact` . `id` = `item` . `contact-id` AND `contact` . `uid` = `item` . `uid`
AND ( NOT `contact` . `blocked` OR `contact` . `pending` )
WHERE `item` . `parent` = % d AND `item` . `visible`
AND NOT `item` . `moderated` AND NOT `item` . `deleted`
AND `item` . `uid` = % d AND ( `item` . `verb` = '%s' OR `type` = 'photo' ) " ,
intval ( $item [ 0 ][ 'parent' ]),
intval ( api_user ()),
dbesc ( ACTIVITY_POST )
);
2016-09-25 12:50:08 -04:00
2017-05-01 16:19:48 -04:00
// prepare output of comments
$commentData = api_format_items ( $r , api_get_user ( get_app ()), false , $type );
$comments = array ();
if ( $type == " xml " ) {
$k = 0 ;
foreach ( $commentData as $comment ) {
$comments [ $k ++ . " :comment " ] = $comment ;
}
} else {
foreach ( $commentData as $comment ) {
$comments [] = $comment ;
}
}
$data [ 'photo' ][ 'friendica_comments' ] = $comments ;
// include info if rights on photo and rights on item are mismatching
$rights_mismatch = $data [ 'photo' ][ 'allow_cid' ] != $item [ 0 ][ 'allow_cid' ] ||
$data [ 'photo' ][ 'deny_cid' ] != $item [ 0 ][ 'deny_cid' ] ||
$data [ 'photo' ][ 'allow_gid' ] != $item [ 0 ][ 'allow_gid' ] ||
$data [ 'photo' ][ 'deny_cid' ] != $item [ 0 ][ 'deny_cid' ];
$data [ 'photo' ][ 'rights_mismatch' ] = $rights_mismatch ;
return $data ;
}
2016-09-25 12:50:08 -04:00
/**
* similar as / mod / redir . php
* redirect to 'url' after dfrn auth
*
* why this when there is mod / redir . php already ?
* This use api_user () and api_login ()
*
* params
* c_url : url of remote contact to auth to
* url : string , url to redirect after auth
*/
function api_friendica_remoteauth () {
2017-04-05 16:07:55 -04:00
$url = (( x ( $_GET , 'url' )) ? $_GET [ 'url' ] : '' );
$c_url = (( x ( $_GET , 'c_url' )) ? $_GET [ 'c_url' ] : '' );
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
if ( $url === '' || $c_url === '' ) {
2016-09-25 12:50:08 -04:00
throw new BadRequestException ( " Wrong parameters. " );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$c_url = normalise_link ( $c_url );
// traditional DFRN
$r = q ( " SELECT * FROM `contact` WHERE `id` = %d AND `nurl` = '%s' LIMIT 1 " ,
dbesc ( $c_url ),
intval ( api_user ())
);
2017-11-07 22:57:46 -05:00
if (( ! DBM :: is_result ( $r )) || ( $r [ 0 ][ 'network' ] !== NETWORK_DFRN )) {
2016-09-25 12:50:08 -04:00
throw new BadRequestException ( " Unknown contact " );
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$cid = $r [ 0 ][ 'id' ];
$dfrn_id = $orig_id = (( $r [ 0 ][ 'issued-id' ]) ? $r [ 0 ][ 'issued-id' ] : $r [ 0 ][ 'dfrn-id' ]);
2017-04-04 13:46:56 -04:00
if ( $r [ 0 ][ 'duplex' ] && $r [ 0 ][ 'issued-id' ]) {
2016-09-25 12:50:08 -04:00
$orig_id = $r [ 0 ][ 'issued-id' ];
$dfrn_id = '1:' . $orig_id ;
}
2017-04-04 13:46:56 -04:00
if ( $r [ 0 ][ 'duplex' ] && $r [ 0 ][ 'dfrn-id' ]) {
2016-09-25 12:50:08 -04:00
$orig_id = $r [ 0 ][ 'dfrn-id' ];
$dfrn_id = '0:' . $orig_id ;
}
$sec = random_string ();
q ( " INSERT INTO `profile_check` ( `uid`, `cid`, `dfrn_id`, `sec`, `expire`)
VALUES ( % d , % s , '%s' , '%s' , % d ) " ,
intval ( api_user ()),
intval ( $cid ),
dbesc ( $dfrn_id ),
dbesc ( $sec ),
intval ( time () + 45 )
);
logger ( $r [ 0 ][ 'name' ] . ' ' . $sec , LOGGER_DEBUG );
$dest = (( $url ) ? '&destination_url=' . $url : '' );
goaway ( $r [ 0 ][ 'poll' ] . '?dfrn_id=' . $dfrn_id
. '&dfrn_version=' . DFRN_PROTOCOL_VERSION
. '&type=profile&sec=' . $sec . $dest . $quiet );
}
api_register_func ( 'api/friendica/remoteauth' , 'api_friendica_remoteauth' , true );
/**
* @ brief Return the item shared , if the item contains only the [ share ] tag
*
* @ param array $item Sharer item
* @ return array Shared item or false if not a reshare
*/
function api_share_as_retweet ( & $item ) {
$body = trim ( $item [ " body " ]);
2016-12-20 12:44:15 -05:00
if ( Diaspora :: is_reshare ( $body , false ) === false ) {
2016-09-25 12:50:08 -04:00
return false ;
}
2017-04-05 16:07:55 -04:00
/// @TODO "$1" should maybe mean '$1' ?
$attributes = preg_replace ( " / \ [share(.*?) \ ] \ s?(.*?) \ s? \ [ \ /share \ ] \ s?/ism " , " $ 1 " , $body );
/*
* Skip if there is no shared message in there
* we already checked this in diaspora :: is_reshare ()
* but better one more than one less ...
*/
if ( $body == $attributes ) {
2016-09-25 12:50:08 -04:00
return false ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
// build the fake reshared item
$reshared_item = $item ;
$author = " " ;
preg_match ( " /author='(.*?)'/ism " , $attributes , $matches );
2017-04-05 16:07:55 -04:00
if ( $matches [ 1 ] != " " ) {
$author = html_entity_decode ( $matches [ 1 ], ENT_QUOTES , 'UTF-8' );
}
2016-09-25 12:50:08 -04:00
preg_match ( '/author="(.*?)"/ism' , $attributes , $matches );
2017-04-05 16:07:55 -04:00
if ( $matches [ 1 ] != " " ) {
2016-09-25 12:50:08 -04:00
$author = $matches [ 1 ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$profile = " " ;
preg_match ( " /profile='(.*?)'/ism " , $attributes , $matches );
2017-04-05 16:07:55 -04:00
if ( $matches [ 1 ] != " " ) {
2016-09-25 12:50:08 -04:00
$profile = $matches [ 1 ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
preg_match ( '/profile="(.*?)"/ism' , $attributes , $matches );
2017-04-05 16:07:55 -04:00
if ( $matches [ 1 ] != " " ) {
2016-09-25 12:50:08 -04:00
$profile = $matches [ 1 ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$avatar = " " ;
preg_match ( " /avatar='(.*?)'/ism " , $attributes , $matches );
2017-04-05 16:07:55 -04:00
if ( $matches [ 1 ] != " " ) {
2016-09-25 12:50:08 -04:00
$avatar = $matches [ 1 ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
preg_match ( '/avatar="(.*?)"/ism' , $attributes , $matches );
2017-04-05 16:07:55 -04:00
if ( $matches [ 1 ] != " " ) {
2016-09-25 12:50:08 -04:00
$avatar = $matches [ 1 ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$link = " " ;
preg_match ( " /link='(.*?)'/ism " , $attributes , $matches );
2017-04-05 16:07:55 -04:00
if ( $matches [ 1 ] != " " ) {
2016-09-25 12:50:08 -04:00
$link = $matches [ 1 ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
preg_match ( '/link="(.*?)"/ism' , $attributes , $matches );
2017-04-05 16:07:55 -04:00
if ( $matches [ 1 ] != " " ) {
2016-09-25 12:50:08 -04:00
$link = $matches [ 1 ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$posted = " " ;
preg_match ( " /posted='(.*?)'/ism " , $attributes , $matches );
if ( $matches [ 1 ] != " " )
2017-04-05 16:07:55 -04:00
$posted = $matches [ 1 ];
2016-09-25 12:50:08 -04:00
preg_match ( '/posted="(.*?)"/ism' , $attributes , $matches );
2017-04-05 16:07:55 -04:00
if ( $matches [ 1 ] != " " ) {
2016-09-25 12:50:08 -04:00
$posted = $matches [ 1 ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$shared_body = preg_replace ( " / \ [share(.*?) \ ] \ s?(.*?) \ s? \ [ \ /share \ ] \ s?/ism " , " $ 2 " , $body );
2017-04-05 16:07:55 -04:00
if (( $shared_body == " " ) || ( $profile == " " ) || ( $author == " " ) || ( $avatar == " " ) || ( $posted == " " )) {
2016-09-25 12:50:08 -04:00
return false ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
$reshared_item [ " body " ] = $shared_body ;
$reshared_item [ " author-name " ] = $author ;
$reshared_item [ " author-link " ] = $profile ;
$reshared_item [ " author-avatar " ] = $avatar ;
$reshared_item [ " plink " ] = $link ;
$reshared_item [ " created " ] = $posted ;
$reshared_item [ " edited " ] = $posted ;
return $reshared_item ;
}
function api_get_nick ( $profile ) {
/* To - Do :
- remove trailing junk from profile url
- pump . io check has to check the website
*/
$nick = " " ;
2016-11-04 18:45:20 -04:00
$r = q ( " SELECT `nick` FROM `contact` WHERE `uid` = 0 AND `nurl` = '%s' " ,
2016-09-25 12:50:08 -04:00
dbesc ( normalise_link ( $profile )));
2017-04-05 16:07:55 -04:00
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
$nick = $r [ 0 ][ " nick " ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
if ( ! $nick == " " ) {
$r = q ( " SELECT `nick` FROM `contact` WHERE `uid` = 0 AND `nurl` = '%s' " ,
dbesc ( normalise_link ( $profile )));
2017-04-05 16:07:55 -04:00
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
$nick = $r [ 0 ][ " nick " ];
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
}
if ( ! $nick == " " ) {
$friendica = preg_replace ( " =https?://(.*)/profile/(.*)=ism " , " $ 2 " , $profile );
2017-04-05 16:07:55 -04:00
if ( $friendica != $profile ) {
2016-09-25 12:50:08 -04:00
$nick = $friendica ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
}
if ( ! $nick == " " ) {
$diaspora = preg_replace ( " =https?://(.*)/u/(.*)=ism " , " $ 2 " , $profile );
2017-04-05 16:07:55 -04:00
if ( $diaspora != $profile ) {
2016-09-25 12:50:08 -04:00
$nick = $diaspora ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
}
if ( ! $nick == " " ) {
$twitter = preg_replace ( " =https?://twitter.com/(.*)=ism " , " $ 1 " , $profile );
2017-04-05 16:07:55 -04:00
if ( $twitter != $profile ) {
2016-09-25 12:50:08 -04:00
$nick = $twitter ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
}
if ( ! $nick == " " ) {
$StatusnetHost = preg_replace ( " =https?://(.*)/user/(.*)=ism " , " $ 1 " , $profile );
if ( $StatusnetHost != $profile ) {
$StatusnetUser = preg_replace ( " =https?://(.*)/user/(.*)=ism " , " $ 2 " , $profile );
if ( $StatusnetUser != $profile ) {
$UserData = fetch_url ( " http:// " . $StatusnetHost . " /api/users/show.json?user_id= " . $StatusnetUser );
$user = json_decode ( $UserData );
2017-04-05 16:07:55 -04:00
if ( $user ) {
2016-09-25 12:50:08 -04:00
$nick = $user -> screen_name ;
2017-04-05 16:07:55 -04:00
}
2016-09-25 12:50:08 -04:00
}
}
}
// To-Do: look at the page if its really a pumpio site
//if (!$nick == "") {
// $pumpio = preg_replace("=https?://(.*)/(.*)/=ism", "$2", $profile."/");
// if ($pumpio != $profile)
// $nick = $pumpio;
// <div class="media" id="profile-block" data-profile-id="acct:kabniel@microca.st">
//}
2017-04-05 16:07:55 -04:00
if ( $nick != " " ) {
return $nick ;
}
2016-09-25 12:50:08 -04:00
2017-04-05 16:07:55 -04:00
return false ;
2016-09-25 12:50:08 -04:00
}
2016-11-04 18:45:20 -04:00
function api_in_reply_to ( $item ) {
$in_reply_to = array ();
$in_reply_to [ 'status_id' ] = NULL ;
$in_reply_to [ 'user_id' ] = NULL ;
$in_reply_to [ 'status_id_str' ] = NULL ;
$in_reply_to [ 'user_id_str' ] = NULL ;
$in_reply_to [ 'screen_name' ] = NULL ;
2017-06-07 22:00:59 -04:00
if (( $item [ 'thr-parent' ] != $item [ 'uri' ]) && ( intval ( $item [ 'parent' ]) != intval ( $item [ 'id' ]))) {
2016-11-04 18:45:20 -04:00
$r = q ( " SELECT `id` FROM `item` WHERE `uid` = %d AND `uri` = '%s' LIMIT 1 " ,
intval ( $item [ 'uid' ]),
dbesc ( $item [ 'thr-parent' ]));
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-11-04 18:45:20 -04:00
$in_reply_to [ 'status_id' ] = intval ( $r [ 0 ][ 'id' ]);
} else {
$in_reply_to [ 'status_id' ] = intval ( $item [ 'parent' ]);
}
$in_reply_to [ 'status_id_str' ] = ( string ) intval ( $in_reply_to [ 'status_id' ]);
$r = q ( " SELECT `contact`.`nick`, `contact`.`name`, `contact`.`id`, `contact`.`url` FROM item
STRAIGHT_JOIN `contact` ON `contact` . `id` = `item` . `author-id`
WHERE `item` . `id` = % d LIMIT 1 " ,
intval ( $in_reply_to [ 'status_id' ])
);
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $r )) {
2016-11-04 18:45:20 -04:00
if ( $r [ 0 ][ 'nick' ] == " " ) {
$r [ 0 ][ 'nick' ] = api_get_nick ( $r [ 0 ][ " url " ]);
}
$in_reply_to [ 'screen_name' ] = (( $r [ 0 ][ 'nick' ]) ? $r [ 0 ][ 'nick' ] : $r [ 0 ][ 'name' ]);
$in_reply_to [ 'user_id' ] = intval ( $r [ 0 ][ 'id' ]);
$in_reply_to [ 'user_id_str' ] = ( string ) intval ( $r [ 0 ][ 'id' ]);
}
// There seems to be situation, where both fields are identical:
// https://github.com/friendica/friendica/issues/1010
// This is a bugfix for that.
if ( intval ( $in_reply_to [ 'status_id' ]) == intval ( $item [ 'id' ])) {
logger ( 'this message should never appear: id: ' . $item [ 'id' ] . ' similar to reply-to: ' . $in_reply_to [ 'status_id' ], LOGGER_DEBUG );
$in_reply_to [ 'status_id' ] = NULL ;
$in_reply_to [ 'user_id' ] = NULL ;
$in_reply_to [ 'status_id_str' ] = NULL ;
$in_reply_to [ 'user_id_str' ] = NULL ;
$in_reply_to [ 'screen_name' ] = NULL ;
}
}
return $in_reply_to ;
}
2016-09-25 12:50:08 -04:00
function api_clean_plain_items ( $Text ) {
2017-04-05 16:07:55 -04:00
$include_entities = strtolower ( x ( $_REQUEST , 'include_entities' ) ? $_REQUEST [ 'include_entities' ] : " false " );
2016-09-25 12:50:08 -04:00
$Text = bb_CleanPictureLinks ( $Text );
$URLSearchString = " ^ \ [ \ ] " ;
$Text = preg_replace ( " /([!#@]) \ [url \ =([ $URLSearchString ]*) \ ](.*?) \ [ \ /url \ ]/ism " , '$1$3' , $Text );
if ( $include_entities == " true " ) {
$Text = preg_replace ( " / \ [url \ =([ $URLSearchString ]*) \ ](.*?) \ [ \ /url \ ]/ism " , '[url=$1]$1[/url]' , $Text );
}
// Simplify "attachment" element
$Text = api_clean_attachments ( $Text );
return ( $Text );
}
/**
* @ brief Removes most sharing information for API text export
*
* @ param string $body The original body
*
* @ return string Cleaned body
*/
function api_clean_attachments ( $body ) {
$data = get_attachment_data ( $body );
if ( ! $data )
return $body ;
$body = " " ;
if ( isset ( $data [ " text " ]))
$body = $data [ " text " ];
2017-06-07 22:00:59 -04:00
if (( $body == " " ) && ( isset ( $data [ " title " ])))
2016-09-25 12:50:08 -04:00
$body = $data [ " title " ];
if ( isset ( $data [ " url " ]))
$body .= " \n " . $data [ " url " ];
$body .= $data [ " after " ];
return $body ;
}
function api_best_nickname ( & $contacts ) {
$best_contact = array ();
if ( count ( $contact ) == 0 )
return ;
foreach ( $contacts AS $contact )
if ( $contact [ " network " ] == " " ) {
$contact [ " network " ] = " dfrn " ;
$best_contact = array ( $contact );
}
if ( sizeof ( $best_contact ) == 0 )
foreach ( $contacts AS $contact )
if ( $contact [ " network " ] == " dfrn " )
$best_contact = array ( $contact );
if ( sizeof ( $best_contact ) == 0 )
foreach ( $contacts AS $contact )
if ( $contact [ " network " ] == " dspr " )
$best_contact = array ( $contact );
if ( sizeof ( $best_contact ) == 0 )
foreach ( $contacts AS $contact )
if ( $contact [ " network " ] == " stat " )
$best_contact = array ( $contact );
if ( sizeof ( $best_contact ) == 0 )
foreach ( $contacts AS $contact )
if ( $contact [ " network " ] == " pump " )
$best_contact = array ( $contact );
if ( sizeof ( $best_contact ) == 0 )
foreach ( $contacts AS $contact )
if ( $contact [ " network " ] == " twit " )
$best_contact = array ( $contact );
if ( sizeof ( $best_contact ) == 1 )
$contacts = $best_contact ;
else
$contacts = array ( $contacts [ 0 ]);
}
// return all or a specified group of the user with the containing contacts
function api_friendica_group_show ( $type ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) throw new ForbiddenException ();
2016-09-25 12:50:08 -04:00
// params
$user_info = api_get_user ( $a );
2017-04-05 16:07:55 -04:00
$gid = ( x ( $_REQUEST , 'gid' ) ? $_REQUEST [ 'gid' ] : 0 );
2016-09-25 12:50:08 -04:00
$uid = $user_info [ 'uid' ];
// get data of the specified group id or all groups if not specified
if ( $gid != 0 ) {
$r = q ( " SELECT * FROM `group` WHERE `deleted` = 0 AND `uid` = %d AND `id` = %d " ,
intval ( $uid ),
intval ( $gid ));
// error message if specified gid is not in database
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r ))
2016-09-25 12:50:08 -04:00
throw new BadRequestException ( " gid not available " );
}
else
$r = q ( " SELECT * FROM `group` WHERE `deleted` = 0 AND `uid` = %d " ,
intval ( $uid ));
// loop through all groups and retrieve all members for adding data in the user array
foreach ( $r as $rr ) {
$members = group_get_members ( $rr [ 'id' ]);
$users = array ();
if ( $type == " xml " ) {
$user_element = " users " ;
$k = 0 ;
foreach ( $members as $member ) {
$user = api_get_user ( $a , $member [ 'nurl' ]);
$users [ $k ++. " :user " ] = $user ;
}
} else {
$user_element = " user " ;
foreach ( $members as $member ) {
$user = api_get_user ( $a , $member [ 'nurl' ]);
$users [] = $user ;
}
}
$grps [] = array ( 'name' => $rr [ 'name' ], 'gid' => $rr [ 'id' ], $user_element => $users );
}
return api_format_data ( " groups " , $type , array ( 'group' => $grps ));
}
api_register_func ( 'api/friendica/group_show' , 'api_friendica_group_show' , true );
// delete the specified group of the user
function api_friendica_group_delete ( $type ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) throw new ForbiddenException ();
2016-09-25 12:50:08 -04:00
// params
$user_info = api_get_user ( $a );
2017-04-05 16:07:55 -04:00
$gid = ( x ( $_REQUEST , 'gid' ) ? $_REQUEST [ 'gid' ] : 0 );
2016-09-25 12:50:08 -04:00
$name = ( x ( $_REQUEST , 'name' ) ? $_REQUEST [ 'name' ] : " " );
$uid = $user_info [ 'uid' ];
// error if no gid specified
if ( $gid == 0 || $name == " " )
throw new BadRequestException ( 'gid or name not specified' );
// get data of the specified group id
$r = q ( " SELECT * FROM `group` WHERE `uid` = %d AND `id` = %d " ,
intval ( $uid ),
intval ( $gid ));
// error message if specified gid is not in database
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r ))
2016-09-25 12:50:08 -04:00
throw new BadRequestException ( 'gid not available' );
// get data of the specified group id and group name
$rname = q ( " SELECT * FROM `group` WHERE `uid` = %d AND `id` = %d AND `name` = '%s' " ,
intval ( $uid ),
intval ( $gid ),
dbesc ( $name ));
// error message if specified gid is not in database
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $rname ))
2016-09-25 12:50:08 -04:00
throw new BadRequestException ( 'wrong group name' );
// delete group
$ret = group_rmv ( $uid , $name );
if ( $ret ) {
// return success
$success = array ( 'success' => $ret , 'gid' => $gid , 'name' => $name , 'status' => 'deleted' , 'wrong users' => array ());
return api_format_data ( " group_delete " , $type , array ( 'result' => $success ));
}
else
throw new BadRequestException ( 'other API error' );
}
api_register_func ( 'api/friendica/group_delete' , 'api_friendica_group_delete' , true , API_METHOD_DELETE );
// create the specified group with the posted array of contacts
function api_friendica_group_create ( $type ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) throw new ForbiddenException ();
2016-09-25 12:50:08 -04:00
// params
$user_info = api_get_user ( $a );
$name = ( x ( $_REQUEST , 'name' ) ? $_REQUEST [ 'name' ] : " " );
$uid = $user_info [ 'uid' ];
$json = json_decode ( $_POST [ 'json' ], true );
$users = $json [ 'user' ];
// error if no name specified
if ( $name == " " )
throw new BadRequestException ( 'group name not specified' );
// get data of the specified group name
$rname = q ( " SELECT * FROM `group` WHERE `uid` = %d AND `name` = '%s' AND `deleted` = 0 " ,
intval ( $uid ),
dbesc ( $name ));
// error message if specified group name already exists
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $rname ))
2016-09-25 12:50:08 -04:00
throw new BadRequestException ( 'group name already exists' );
// check if specified group name is a deleted group
$rname = q ( " SELECT * FROM `group` WHERE `uid` = %d AND `name` = '%s' AND `deleted` = 1 " ,
intval ( $uid ),
dbesc ( $name ));
// error message if specified group name already exists
2017-11-07 22:57:46 -05:00
if ( DBM :: is_result ( $rname ))
2016-09-25 12:50:08 -04:00
$reactivate_group = true ;
// create group
$ret = group_add ( $uid , $name );
if ( $ret )
$gid = group_byname ( $uid , $name );
else
throw new BadRequestException ( 'other API error' );
// add members
$erroraddinguser = false ;
$errorusers = array ();
foreach ( $users as $user ) {
$cid = $user [ 'cid' ];
// check if user really exists as contact
$contact = q ( " SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d " ,
intval ( $cid ),
intval ( $uid ));
if ( count ( $contact ))
$result = group_add_member ( $uid , $name , $cid , $gid );
else {
$erroraddinguser = true ;
$errorusers [] = $cid ;
}
}
// return success message incl. missing users in array
$status = ( $erroraddinguser ? " missing user " : ( $reactivate_group ? " reactivated " : " ok " ));
$success = array ( 'success' => true , 'gid' => $gid , 'name' => $name , 'status' => $status , 'wrong users' => $errorusers );
return api_format_data ( " group_create " , $type , array ( 'result' => $success ));
}
api_register_func ( 'api/friendica/group_create' , 'api_friendica_group_create' , true , API_METHOD_POST );
// update the specified group with the posted array of contacts
function api_friendica_group_update ( $type ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) throw new ForbiddenException ();
2016-09-25 12:50:08 -04:00
// params
$user_info = api_get_user ( $a );
$uid = $user_info [ 'uid' ];
$gid = ( x ( $_REQUEST , 'gid' ) ? $_REQUEST [ 'gid' ] : 0 );
$name = ( x ( $_REQUEST , 'name' ) ? $_REQUEST [ 'name' ] : " " );
$json = json_decode ( $_POST [ 'json' ], true );
$users = $json [ 'user' ];
// error if no name specified
if ( $name == " " )
throw new BadRequestException ( 'group name not specified' );
// error if no gid specified
if ( $gid == " " )
throw new BadRequestException ( 'gid not specified' );
// remove members
$members = group_get_members ( $gid );
foreach ( $members as $member ) {
$cid = $member [ 'id' ];
foreach ( $users as $user ) {
$found = ( $user [ 'cid' ] == $cid ? true : false );
}
if ( ! $found ) {
$ret = group_rmv_member ( $uid , $name , $cid );
}
}
// add members
$erroraddinguser = false ;
$errorusers = array ();
foreach ( $users as $user ) {
$cid = $user [ 'cid' ];
// check if user really exists as contact
$contact = q ( " SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d " ,
intval ( $cid ),
intval ( $uid ));
if ( count ( $contact ))
$result = group_add_member ( $uid , $name , $cid , $gid );
else {
$erroraddinguser = true ;
$errorusers [] = $cid ;
}
}
// return success message incl. missing users in array
$status = ( $erroraddinguser ? " missing user " : " ok " );
$success = array ( 'success' => true , 'gid' => $gid , 'name' => $name , 'status' => $status , 'wrong users' => $errorusers );
return api_format_data ( " group_update " , $type , array ( 'result' => $success ));
}
2017-04-05 16:07:55 -04:00
api_register_func ( 'api/friendica/group_update' , 'api_friendica_group_update' , true , API_METHOD_POST );
2016-09-25 12:50:08 -04:00
function api_friendica_activity ( $type ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) throw new ForbiddenException ();
2016-09-25 12:50:08 -04:00
$verb = strtolower ( $a -> argv [ 3 ]);
$verb = preg_replace ( " | \ ..* $ | " , " " , $verb );
$id = ( x ( $_REQUEST , 'id' ) ? $_REQUEST [ 'id' ] : 0 );
$res = do_like ( $id , $verb );
if ( $res ) {
if ( $type == " xml " )
$ok = " true " ;
else
$ok = " ok " ;
return api_format_data ( 'ok' , $type , array ( 'ok' => $ok ));
} else {
throw new BadRequestException ( 'Error adding activity' );
}
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/friendica/activity/like' , 'api_friendica_activity' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/activity/dislike' , 'api_friendica_activity' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/activity/attendyes' , 'api_friendica_activity' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/activity/attendno' , 'api_friendica_activity' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/activity/attendmaybe' , 'api_friendica_activity' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/activity/unlike' , 'api_friendica_activity' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/activity/undislike' , 'api_friendica_activity' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/activity/unattendyes' , 'api_friendica_activity' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/activity/unattendno' , 'api_friendica_activity' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/activity/unattendmaybe' , 'api_friendica_activity' , true , API_METHOD_POST );
/**
* @ brief Returns notifications
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return string
*/
function api_friendica_notification ( $type ) {
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) throw new ForbiddenException ();
2016-09-25 12:50:08 -04:00
if ( $a -> argc !== 3 ) throw new BadRequestException ( " Invalid argument count " );
$nm = new NotificationsManager ();
$notes = $nm -> getAll ( array (), " +seen -date " , 50 );
if ( $type == " xml " ) {
$xmlnotes = array ();
foreach ( $notes AS $note )
$xmlnotes [] = array ( " @attributes " => $note );
$notes = $xmlnotes ;
}
return api_format_data ( " notes " , $type , array ( 'note' => $notes ));
}
/**
* @ brief Set notification as seen and returns associated item ( if possible )
*
* POST request with 'id' param as notification id
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return string
*/
2017-04-05 16:07:55 -04:00
function api_friendica_notification_seen ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) throw new ForbiddenException ();
2016-09-25 12:50:08 -04:00
if ( $a -> argc !== 4 ) throw new BadRequestException ( " Invalid argument count " );
$id = ( x ( $_REQUEST , 'id' ) ? intval ( $_REQUEST [ 'id' ]) : 0 );
$nm = new NotificationsManager ();
$note = $nm -> getByID ( $id );
if ( is_null ( $note )) throw new BadRequestException ( " Invalid argument " );
$nm -> setSeen ( $note );
if ( $note [ 'otype' ] == 'item' ) {
// would be really better with an ItemsManager and $im->getByID() :-P
$r = q ( " SELECT * FROM `item` WHERE `id`=%d AND `uid`=%d " ,
intval ( $note [ 'iid' ]),
intval ( local_user ())
);
if ( $r !== false ) {
// we found the item, return it to the user
$user_info = api_get_user ( $a );
$ret = api_format_items ( $r , $user_info , false , $type );
$data = array ( 'status' => $ret );
return api_format_data ( " status " , $type , $data );
}
// the item can't be found, but we set the note as seen, so we count this as a success
}
return api_format_data ( 'result' , $type , array ( 'result' => " success " ));
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/friendica/notification/seen' , 'api_friendica_notification_seen' , true , API_METHOD_POST );
api_register_func ( 'api/friendica/notification' , 'api_friendica_notification' , true , API_METHOD_GET );
/**
* @ brief update a direct_message to seen state
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return string ( success result = ok , error result = error with error message )
*/
2017-04-05 16:07:55 -04:00
function api_friendica_direct_messages_setseen ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
// params
$user_info = api_get_user ( $a );
$uid = $user_info [ 'uid' ];
$id = ( x ( $_REQUEST , 'id' ) ? $_REQUEST [ 'id' ] : 0 );
// return error if id is zero
if ( $id == " " ) {
$answer = array ( 'result' => 'error' , 'message' => 'message id not specified' );
return api_format_data ( " direct_messages_setseen " , $type , array ( '$result' => $answer ));
}
// get data of the specified message id
$r = q ( " SELECT `id` FROM `mail` WHERE `id` = %d AND `uid` = %d " ,
2017-01-09 07:09:01 -05:00
intval ( $id ),
2016-09-25 12:50:08 -04:00
intval ( $uid ));
2017-04-05 16:07:55 -04:00
2016-09-25 12:50:08 -04:00
// error message if specified id is not in database
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
$answer = array ( 'result' => 'error' , 'message' => 'message id not in database' );
return api_format_data ( " direct_messages_setseen " , $type , array ( '$result' => $answer ));
}
// update seen indicator
2017-01-09 07:09:01 -05:00
$result = q ( " UPDATE `mail` SET `seen` = 1 WHERE `id` = %d AND `uid` = %d " ,
intval ( $id ),
2016-09-25 12:50:08 -04:00
intval ( $uid ));
if ( $result ) {
// return success
$answer = array ( 'result' => 'ok' , 'message' => 'message set to seen' );
return api_format_data ( " direct_message_setseen " , $type , array ( '$result' => $answer ));
} else {
$answer = array ( 'result' => 'error' , 'message' => 'unknown error' );
return api_format_data ( " direct_messages_setseen " , $type , array ( '$result' => $answer ));
}
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
api_register_func ( 'api/friendica/direct_messages_setseen' , 'api_friendica_direct_messages_setseen' , true );
2016-09-25 12:50:08 -04:00
/**
* @ brief search for direct_messages containing a searchstring through api
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return string ( success : success = true if found and search_result contains found messages
* success = false if nothing was found , search_result = 'nothing found' ,
* error : result = error with error message )
*/
2017-04-05 16:07:55 -04:00
function api_friendica_direct_messages_search ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
// params
$user_info = api_get_user ( $a );
2017-04-05 16:07:55 -04:00
$searchstring = ( x ( $_REQUEST , 'searchstring' ) ? $_REQUEST [ 'searchstring' ] : " " );
2016-09-25 12:50:08 -04:00
$uid = $user_info [ 'uid' ];
2016-11-04 18:45:20 -04:00
2016-09-25 12:50:08 -04:00
// error if no searchstring specified
if ( $searchstring == " " ) {
$answer = array ( 'result' => 'error' , 'message' => 'searchstring not specified' );
return api_format_data ( " direct_messages_search " , $type , array ( '$result' => $answer ));
}
// get data for the specified searchstring
$r = q ( " SELECT `mail`.*, `contact`.`nurl` AS `contact-url` FROM `mail`,`contact` WHERE `mail`.`contact-id` = `contact`.`id` AND `mail`.`uid`=%d AND `body` LIKE '%s' ORDER BY `mail`.`id` DESC " ,
intval ( $uid ),
dbesc ( '%' . $searchstring . '%' )
);
$profile_url = $user_info [ " url " ];
2017-04-05 16:07:55 -04:00
2016-09-25 12:50:08 -04:00
// message if nothing was found
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r )) {
2016-12-13 04:44:13 -05:00
$success = array ( 'success' => false , 'search_results' => 'problem with query' );
2017-04-05 16:07:55 -04:00
} elseif ( count ( $r ) == 0 ) {
2016-09-25 12:50:08 -04:00
$success = array ( 'success' => false , 'search_results' => 'nothing found' );
2017-04-05 16:07:55 -04:00
} else {
$ret = array ();
2017-04-04 13:46:56 -04:00
foreach ( $r as $item ) {
2017-04-05 16:07:55 -04:00
if ( $box == " inbox " || $item [ 'from-url' ] != $profile_url ) {
2016-09-25 12:50:08 -04:00
$recipient = $user_info ;
$sender = api_get_user ( $a , normalise_link ( $item [ 'contact-url' ]));
2017-04-05 16:07:55 -04:00
} elseif ( $box == " sentbox " || $item [ 'from-url' ] == $profile_url ) {
2016-09-25 12:50:08 -04:00
$recipient = api_get_user ( $a , normalise_link ( $item [ 'contact-url' ]));
$sender = $user_info ;
}
2017-04-05 16:07:55 -04:00
$ret [] = api_format_messages ( $item , $recipient , $sender );
2016-09-25 12:50:08 -04:00
}
$success = array ( 'success' => true , 'search_results' => $ret );
}
return api_format_data ( " direct_message_search " , $type , array ( '$result' => $success ));
}
2017-04-05 16:07:55 -04:00
/// @TODO move to top of file or somwhere better
2016-09-25 12:50:08 -04:00
api_register_func ( 'api/friendica/direct_messages_search' , 'api_friendica_direct_messages_search' , true );
/**
* @ brief return data of all the profiles a user has to the client
*
* @ param string $type Known types are 'atom' , 'rss' , 'xml' and 'json'
* @ return string
*/
2017-04-05 16:07:55 -04:00
function api_friendica_profile_show ( $type ) {
2016-09-25 12:50:08 -04:00
$a = get_app ();
2017-04-05 16:07:55 -04:00
if ( api_user () === false ) {
throw new ForbiddenException ();
}
2016-09-25 12:50:08 -04:00
// input params
2017-04-05 16:07:55 -04:00
$profileid = ( x ( $_REQUEST , 'profile_id' ) ? $_REQUEST [ 'profile_id' ] : 0 );
2016-09-25 12:50:08 -04:00
// retrieve general information about profiles for user
$multi_profiles = feature_enabled ( api_user (), 'multi_profiles' );
2017-11-06 21:22:52 -05:00
$directory = Config :: get ( 'system' , 'directory' );
2016-09-25 12:50:08 -04:00
2017-03-25 10:16:21 -04:00
// get data of the specified profile id or all profiles of the user if not specified
2016-09-25 12:50:08 -04:00
if ( $profileid != 0 ) {
$r = q ( " SELECT * FROM `profile` WHERE `uid` = %d AND `id` = %d " ,
intval ( api_user ()),
intval ( $profileid ));
2017-04-05 16:07:55 -04:00
2016-09-25 12:50:08 -04:00
// error message if specified gid is not in database
2017-11-07 22:57:46 -05:00
if ( ! DBM :: is_result ( $r )) {
2016-09-25 12:50:08 -04:00
throw new BadRequestException ( " profile_id not available " );
2017-04-05 16:07:55 -04:00
}
2017-03-25 10:16:21 -04:00
} else {
2016-09-25 12:50:08 -04:00
$r = q ( " SELECT * FROM `profile` WHERE `uid` = %d " ,
intval ( api_user ()));
2017-03-25 10:16:21 -04:00
}
2016-09-25 12:50:08 -04:00
// loop through all returned profiles and retrieve data and users
$k = 0 ;
foreach ( $r as $rr ) {
$profile = api_format_items_profiles ( $rr , $type );
// select all users from contact table, loop and prepare standard return for user data
$users = array ();
$r = q ( " SELECT `id`, `nurl` FROM `contact` WHERE `uid`= %d AND `profile-id` = %d " ,
intval ( api_user ()),
intval ( $rr [ 'profile_id' ]));
foreach ( $r as $rr ) {
$user = api_get_user ( $a , $rr [ 'nurl' ]);
2017-04-05 16:07:55 -04:00
( $type == " xml " ) ? $users [ $k ++ . " :user " ] = $user : $users [] = $user ;
2016-09-25 12:50:08 -04:00
}
$profile [ 'users' ] = $users ;
// add prepared profile data to array for final return
if ( $type == " xml " ) {
2017-04-05 16:07:55 -04:00
$profiles [ $k ++ . " :profile " ] = $profile ;
2016-09-25 12:50:08 -04:00
} else {
$profiles [] = $profile ;
}
}
// return settings, authenticated user and profiles data
2017-03-25 10:16:21 -04:00
$self = q ( " SELECT `nurl` FROM `contact` WHERE `uid`= %d AND `self` LIMIT 1 " , intval ( api_user ()));
2016-09-25 12:50:08 -04:00
$result = array ( 'multi_profiles' => $multi_profiles ? true : false ,
'global_dir' => $directory ,
2017-03-25 10:16:21 -04:00
'friendica_owner' => api_get_user ( $a , $self [ 0 ][ 'nurl' ]),
2016-09-25 12:50:08 -04:00
'profiles' => $profiles );
return api_format_data ( " friendica_profiles " , $type , array ( '$result' => $result ));
}
api_register_func ( 'api/friendica/profile/show' , 'api_friendica_profile_show' , true , API_METHOD_GET );
/*
2017-04-05 16:07:55 -04:00
@ TODO Maybe open to implement ?
2016-09-25 12:50:08 -04:00
To . Do :
2016-09-25 12:52:59 -04:00
[ pagename ] => api / 1.1 / statuses / lookup . json
[ id ] => 605138389168451584
[ include_cards ] => true
[ cards_platform ] => Android - 12
[ include_entities ] => true
[ include_my_retweet ] => 1
[ include_rts ] => 1
[ include_reply_count ] => true
[ include_descendent_reply_count ] => true
2016-09-25 12:50:08 -04:00
( ? )
Not implemented by now :
statuses / retweets_of_me
friendships / create
friendships / destroy
friendships / exists
friendships / show
account / update_location
account / update_profile_background_image
blocks / create
blocks / destroy
friendica / profile / update
friendica / profile / create
friendica / profile / delete
Not implemented in status . net :
statuses / retweeted_to_me
statuses / retweeted_by_me
direct_messages / destroy
account / end_session
account / update_delivery_device
notifications / follow
notifications / leave
blocks / exists
blocks / blocking
lists
*/