src/Module/Api/Twitter/Statuses/Update.php

   1 <?php
   2 /**
   3  * @copyright Copyright (C) 2010-2021, the Friendica project
   4  *
   5  * @license GNU AGPL version 3 or any later version
   6  *
   7  * This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as
   9  * published by the Free Software Foundation, either version 3 of the
  10  * License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  19  *
  20  */
  21
  22 namespace Friendica\Module\Api\Twitter\Statuses;
  23
  24 use Friendica\Content\Text\BBCode;
  25 use Friendica\Content\Text\HTML;
  26 use Friendica\Content\Text\Markdown;
  27 use Friendica\Database\DBA;
  28 use Friendica\DI;
  29 use Friendica\Model\Contact;
  30 use Friendica\Model\Item;
  31 use Friendica\Model\Photo;
  32 use Friendica\Model\Post;
  33 use Friendica\Model\User;
  34 use Friendica\Module\BaseApi;
  35 use Friendica\Protocol\Activity;
  36 use Friendica\Util\Images;
  37 use HTMLPurifier;
  38 use HTMLPurifier_Config;
  39
  40 /**
  41  * Updates the user’s current status.
  42  *
  43  * @see https://developer.twitter.com/en/docs/tweets/post-and-engage/api-reference/post-statuses-update
  44  */
  45 class Update extends BaseApi
  46 {
  47         public function post(array $request = [], array $post = [])
  48         {
  49                 self::checkAllowedScope(self::SCOPE_WRITE);
  50                 $uid = self::getCurrentUserID();
  51
  52                 $request = self::getRequest([
  53                         'htmlstatus'            => '',
  54                         'status'                => '',
  55                         'title'                 => '',
  56                         'in_reply_to_status_id' => 0,
  57                         'lat'                   => 0,
  58                         'long'                  => 0,
  59                         'media_ids'             => '',
  60                         'source'                => '',
  61                         'include_entities'      => false,
  62                 ], $request);
  63
  64                 $owner = User::getOwnerDataById($uid);
  65
  66                 if (!empty($request['htmlstatus'])) {
  67                         $body = HTML::toBBCodeVideo($request['htmlstatus']);
  68
  69                         $config = HTMLPurifier_Config::createDefault();
  70                         $config->set('Cache.DefinitionImpl', null);
  71
  72                         $purifier = new HTMLPurifier($config);
  73                         $body     = $purifier->purify($body);
  74
  75                         $body = HTML::toBBCode($request['htmlstatus']);
  76                 } else {
  77                         // The imput is defined as text. So we can use Markdown for some enhancements
  78                         $body = Markdown::toBBCode($request['status']);
  79                 }
  80
  81                 // Avoids potential double expansion of existing links
  82                 $body = BBCode::performWithEscapedTags($body, ['url'], function ($body) {
  83                         return BBCode::expandTags($body);
  84                 });
  85
  86                 $item               = [];
  87                 $item['uid']        = $uid;
  88                 $item['verb']       = Activity::POST;
  89                 $item['contact-id'] = $owner['id'];
  90                 $item['author-id']  = Contact::getPublicIdByUserId($uid);
  91                 $item['owner-id']   = $item['author-id'];
  92                 $item['title']      = $request['title'];
  93                 $item['body']       = $body;
  94                 $item['app']        = $request['source'];
  95
  96                 if (empty($item['app']) && !empty(self::getCurrentApplication()['name'])) {
  97                         $item['app'] = self::getCurrentApplication()['name'];
  98                 }
  99
 100                 if (!empty($request['lat']) && !empty($request['long'])) {
 101                         $item['coord'] = sprintf("%s %s", $request['lat'], $request['long']);
 102                 }
 103
 104                 $item['allow_cid'] = $owner['allow_cid'];
 105                 $item['allow_gid'] = $owner['allow_gid'];
 106                 $item['deny_cid']  = $owner['deny_cid'];
 107                 $item['deny_gid']  = $owner['deny_gid'];
 108
 109                 if (!empty($item['allow_cid'] . $item['allow_gid'] . $item['deny_cid'] . $item['deny_gid'])) {
 110                         $item['private'] = Item::PRIVATE;
 111                 } elseif (DI::pConfig()->get($uid, 'system', 'unlisted')) {
 112                         $item['private'] = Item::UNLISTED;
 113                 } else {
 114                         $item['private'] = Item::PUBLIC;
 115                 }
 116
 117                 if ($request['in_reply_to_status_id']) {
 118                         $parent = Post::selectFirst(['uri'], ['id' => $request['in_reply_to_status_id'], 'uid' => [0, $uid]]);
 119
 120                         $item['thr-parent']  = $parent['uri'];
 121                         $item['gravity']     = GRAVITY_COMMENT;
 122                         $item['object-type'] = Activity\ObjectType::COMMENT;
 123                 } else {
 124                         self::checkThrottleLimit();
 125
 126                         $item['gravity']     = GRAVITY_PARENT;
 127                         $item['object-type'] = Activity\ObjectType::NOTE;
 128                 }
 129
 130                 if (!empty($_REQUEST['media_ids'])) {
 131                         $ids = explode(',', $_REQUEST['media_ids']);
 132                 } elseif (!empty($_FILES['media'])) {
 133                         // upload the image if we have one
 134                         $picture = Photo::upload($uid, $_FILES['media']);
 135                         if (!empty($picture)) {
 136                                 $ids[] = $picture['id'];
 137                         }
 138                 }
 139
 140                 if (!empty($ids)) {
 141                         $item['object-type'] = Activity\ObjectType::IMAGE;
 142                         $item['post-type']   = Item::PT_IMAGE;
 143                         $item['attachments'] = [];
 144
 145                         foreach ($ids as $id) {
 146                                 $media = DBA::toArray(DBA::p("SELECT `resource-id`, `scale`, `type`, `desc`, `filename`, `datasize`, `width`, `height` FROM `photo`
 147                                                 WHERE `resource-id` IN (SELECT `resource-id` FROM `photo` WHERE `id` = ?) AND `photo`.`uid` = ?
 148                                                 ORDER BY `photo`.`width` DESC LIMIT 2", $id, $uid));
 149
 150                                 if (empty($media)) {
 151                                         continue;
 152                                 }
 153
 154                                 Photo::setPermissionForRessource($media[0]['resource-id'], $uid, $item['allow_cid'], $item['allow_gid'], $item['deny_cid'], $item['deny_gid']);
 155
 156                                 $ressources[] = $media[0]['resource-id'];
 157                                 $phototypes   = Images::supportedTypes();
 158                                 $ext          = $phototypes[$media[0]['type']];
 159
 160                                 $attachment = [
 161                                         'type'        => Post\Media::IMAGE,
 162                                         'mimetype'    => $media[0]['type'],
 163                                         'url'         => DI::baseUrl() . '/photo/' . $media[0]['resource-id'] . '-' . $media[0]['scale'] . '.' . $ext,
 164                                         'size'        => $media[0]['datasize'],
 165                                         'name'        => $media[0]['filename'] ?: $media[0]['resource-id'],
 166                                         'description' => $media[0]['desc'] ?? '',
 167                                         'width'       => $media[0]['width'],
 168                                         'height'      => $media[0]['height']
 169                                 ];
 170
 171                                 if (count($media) > 1) {
 172                                         $attachment['preview']        = DI::baseUrl() . '/photo/' . $media[1]['resource-id'] . '-' . $media[1]['scale'] . '.' . $ext;
 173                                         $attachment['preview-width']  = $media[1]['width'];
 174                                         $attachment['preview-height'] = $media[1]['height'];
 175                                 }
 176                                 $item['attachments'][] = $attachment;
 177                         }
 178                 }
 179
 180                 $id = Item::insert($item, true);
 181                 if (!empty($id)) {
 182                         $item = Post::selectFirst(['uri-id'], ['id' => $id]);
 183                         if (!empty($item['uri-id'])) {
 184                                 // output the post that we just posted.
 185                                 $status_info = DI::twitterStatus()->createFromUriId($item['uri-id'], $uid, $request['include_entities'])->toArray();
 186                                 DI::apiResponse()->exit('status', ['status' => $status_info], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid));
 187                                 return;
 188                         }
 189                 }
 190                 DI::mstdnError()->InternalError();
 191         }
 192 }