src/Module/Api/Twitter/Statuses/Update.php

   1 <?php
   2 /**
   3  * @copyright Copyright (C) 2010-2021, the Friendica project
   4  *
   5  * @license GNU AGPL version 3 or any later version
   6  *
   7  * This program is free software: you can redistribute it and/or modify
   8  * it under the terms of the GNU Affero General Public License as
   9  * published by the Free Software Foundation, either version 3 of the
  10  * License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU Affero General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU Affero General Public License
  18  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  19  *
  20  */
  21
  22 namespace Friendica\Module\Api\Twitter\Statuses;
  23
  24 use Friendica\Content\Text\BBCode;
  25 use Friendica\Content\Text\HTML;
  26 use Friendica\Content\Text\Markdown;
  27 use Friendica\Core\Logger;
  28 use Friendica\Core\System;
  29 use Friendica\Database\DBA;
  30 use Friendica\DI;
  31 use Friendica\Model\Contact;
  32 use Friendica\Model\Item;
  33 use Friendica\Model\Photo;
  34 use Friendica\Model\Post;
  35 use Friendica\Model\User;
  36 use Friendica\Module\BaseApi;
  37 use Friendica\Protocol\Activity;
  38 use Friendica\Util\Images;
  39 use HTMLPurifier;
  40 use HTMLPurifier_Config;
  41
  42 /**
  43  * Updates the user’s current status.
  44  *
  45  * @see https://developer.twitter.com/en/docs/tweets/post-and-engage/api-reference/post-statuses-update
  46 */
  47 class Update extends BaseApi
  48 {
  49         public function post(array $request = [], array $post = [])
  50         {
  51                 self::checkAllowedScope(self::SCOPE_WRITE);
  52                 $uid = self::getCurrentUserID();
  53
  54                 $request = self::getRequest([
  55                         'htmlstatus'            => '',
  56                         'status'                => '',
  57                         'title'                 => '',
  58                         'in_reply_to_status_id' => 0,
  59                         'lat'                   => 0,
  60                         'long'                  => 0,
  61                         'media_ids'             => [],
  62                         'source'                => '',
  63                         'include_entities'      => false,
  64                 ], $request);
  65
  66                 $owner = User::getOwnerDataById($uid);
  67
  68                 if (!empty($request['htmlstatus'])) {
  69                         $body = HTML::toBBCodeVideo($request['htmlstatus']);
  70
  71                         $config = HTMLPurifier_Config::createDefault();
  72                         $config->set('Cache.DefinitionImpl', null);
  73
  74                         $purifier = new HTMLPurifier($config);
  75                         $body = $purifier->purify($body);
  76
  77                         $body = HTML::toBBCode($request['htmlstatus']);
  78                 } else {
  79                         // The imput is defined as text. So we can use Markdown for some enhancements
  80                         $body = Markdown::toBBCode($request['status']);
  81                 }
  82
  83                 // Avoids potential double expansion of existing links
  84                 $body = BBCode::performWithEscapedTags($body, ['url'], function ($body) {
  85                         return BBCode::expandTags($body);
  86                 });
  87
  88                 $item = [];
  89                 $item['uid']        = $uid;
  90                 $item['verb']       = Activity::POST;
  91                 $item['contact-id'] = $owner['id'];
  92                 $item['author-id']  = $item['owner-id'] = Contact::getPublicIdByUserId($uid);
  93                 $item['title']      = $request['title'];
  94                 $item['body']       = $body;
  95                 $item['app']        = $request['source'];
  96
  97                 if (empty($item['app']) && !empty(self::getCurrentApplication()['name'])) {
  98                         $item['app'] = self::getCurrentApplication()['name'];
  99                 }
 100
 101                 if (!empty($request['lat']) && !empty($request['long'])) {
 102                         $item['coord'] = sprintf("%s %s", $request['lat'], $request['long']);
 103                 }
 104
 105                 $item['allow_cid'] = $owner['allow_cid'];
 106                 $item['allow_gid'] = $owner['allow_gid'];
 107                 $item['deny_cid']  = $owner['deny_cid'];
 108                 $item['deny_gid']  = $owner['deny_gid'];
 109
 110                 if (!empty($item['allow_cid'] . $item['allow_gid'] . $item['deny_cid'] . $item['deny_gid'])) {
 111                         $item['private'] = Item::PRIVATE;
 112                 } elseif (DI::pConfig()->get($uid, 'system', 'unlisted')) {
 113                         $item['private'] = Item::UNLISTED;
 114                 } else {
 115                         $item['private'] = Item::PUBLIC;
 116                 }
 117
 118                 if ($request['in_reply_to_status_id']) {
 119                         $parent = Post::selectFirst(['uri'], ['id' => $request['in_reply_to_status_id'], 'uid' => [0, $uid]]);
 120                         $item['thr-parent']  = $parent['uri'];
 121                         $item['gravity']     = GRAVITY_COMMENT;
 122                         $item['object-type'] = Activity\ObjectType::COMMENT;
 123                 } else {
 124                         self::checkThrottleLimit();
 125
 126                         $item['gravity']     = GRAVITY_PARENT;
 127                         $item['object-type'] = Activity\ObjectType::NOTE;
 128                 }
 129
 130                 $ids = $request['media_ids'];
 131
 132                 if (!empty($_FILES['media'])) {
 133                         // upload the image if we have one
 134                         $picture = Photo::upload($uid, $_FILES['media']);
 135                         if (!empty($picture)) {
 136                                 $ids[] = $picture['id'];
 137                         }
 138                 }
 139
 140                 if (!empty($ids)) {
 141                         $item['object-type'] = Activity\ObjectType::IMAGE;
 142                         $item['post-type']   = Item::PT_IMAGE;
 143                         $item['attachments'] = [];
 144
 145                         foreach ($ids as $id) {
 146                                 $media = DBA::toArray(DBA::p("SELECT `resource-id`, `scale`, `type`, `desc`, `filename`, `datasize`, `width`, `height` FROM `photo`
 147                                                 WHERE `resource-id` IN (SELECT `resource-id` FROM `photo` WHERE `id` = ?) AND `photo`.`uid` = ?
 148                                                 ORDER BY `photo`.`width` DESC LIMIT 2", $id, $uid));
 149
 150                                 if (empty($media)) {
 151                                         continue;
 152                                 }
 153
 154                                 Photo::setPermissionForRessource($media[0]['resource-id'], $uid, $item['allow_cid'], $item['allow_gid'], $item['deny_cid'], $item['deny_gid']);
 155
 156                                 $ressources[] = $media[0]['resource-id'];
 157                                 $phototypes = Images::supportedTypes();
 158                                 $ext = $phototypes[$media[0]['type']];
 159
 160                                 $attachment = ['type' => Post\Media::IMAGE, 'mimetype' => $media[0]['type'],
 161                                         'url' => DI::baseUrl() . '/photo/' . $media[0]['resource-id'] . '-' . $media[0]['scale'] . '.' . $ext,
 162                                         'size' => $media[0]['datasize'],
 163                                         'name' => $media[0]['filename'] ?: $media[0]['resource-id'],
 164                                         'description' => $media[0]['desc'] ?? '',
 165                                         'width' => $media[0]['width'],
 166                                         'height' => $media[0]['height']];
 167
 168                                 if (count($media) > 1) {
 169                                         $attachment['preview'] = DI::baseUrl() . '/photo/' . $media[1]['resource-id'] . '-' . $media[1]['scale'] . '.' . $ext;
 170                                         $attachment['preview-width'] = $media[1]['width'];
 171                                         $attachment['preview-height'] = $media[1]['height'];
 172                                 }
 173                                 $item['attachments'][] = $attachment;
 174                         }
 175                 }
 176
 177                 $id = Item::insert($item, true);
 178                 if (!empty($id)) {
 179                         $item = Post::selectFirst(['uri-id'], ['id' => $id]);
 180                         if (!empty($item['uri-id'])) {
 181                                 // output the post that we just posted.
 182                                 $status_info = DI::twitterStatus()->createFromUriId($item['uri-id'], $uid, $request['include_entities'])->toArray();
 183                                 DI::apiResponse()->exit('status', ['status' => $status_info], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid));
 184                         }
 185                 }
 186                 DI::mstdnError()->InternalError();
 187         }
 188 }