<?php
- require_once("bbcode.php");
- require_once("datetime.php");
- require_once("conversation.php");
- require_once("oauth.php");
- require_once("html2plain.php");
- /*
+ require_once("include/bbcode.php");
+ require_once("include/datetime.php");
+ require_once("include/conversation.php");
+ require_once("include/oauth.php");
+ require_once("include/html2plain.php");
+ /*
* Twitter-Like API
- *
+ *
*/
$API = Array();
- $called_api = Null;
+ $called_api = Null;
+
+ function api_user() {
+ // It is not sufficient to use local_user() to check whether someone is allowed to use the API,
+ // because this will open CSRF holes (just embed an image with src=friendicasite.com/api/statuses/update?status=CSRF
+ // into a page, and visitors will post something without noticing it).
+ // Instead, use this function.
+ if ($_SESSION["allow_api"])
+ return local_user();
+
+ return false;
+ }
function api_date($str){
//Wed May 23 06:01:13 +0000 2007
return datetime_convert('UTC', 'UTC', $str, "D M d H:i:s +0000 Y" );
}
-
-
+
+
function api_register_func($path, $func, $auth=false){
global $API;
$API[$path] = array('func'=>$func,
'auth'=>$auth);
}
-
+
/**
* Simple HTTP Login
*/
// process normal login request
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' )
- AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
+ AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1",
dbesc(trim($user)),
dbesc(trim($user)),
dbesc($encrypted)
}
require_once('include/security.php');
- authenticate_success($record);
+ authenticate_success($record); $_SESSION["allow_api"] = true;
call_hooks('logged_in', $a->user);
if (strpos($a->query_string, $p)===0){
$called_api= explode("/",$p);
//unset($_SERVER['PHP_AUTH_USER']);
- if ($info['auth']===true && local_user()===false) {
+ if ($info['auth']===true && api_user()===false) {
api_login($a);
}
- load_contact_links(local_user());
+ load_contact_links(api_user());
logger('API call for ' . $a->user['username'] . ': ' . $a->query_string);
logger('API parameters: ' . print_r($_REQUEST,true));
//echo "<pre>"; var_dump($r); die();
}
}
+ header("HTTP/1.1 404 Not Found");
logger('API call not implemented: '.$a->query_string." - ".print_r($_REQUEST,true));
$r = '<status><error>not implemented</error></status>';
switch($type){
if(is_null($user) && x($_GET, 'screen_name')) {
$user = dbesc($_GET['screen_name']);
$extra_query = "AND `contact`.`nick` = '%s' ";
- if (local_user()!==false) $extra_query .= "AND `contact`.`uid`=".intval(local_user());
+ if (api_user()!==false) $extra_query .= "AND `contact`.`uid`=".intval(api_user());
}
} else {
$user = dbesc($user);
$extra_query = "AND `contact`.`nick` = '%s' ";
- if (local_user()!==false) $extra_query .= "AND `contact`.`uid`=".intval(local_user());
+ if (api_user()!==false) $extra_query .= "AND `contact`.`uid`=".intval(api_user());
}
}
if (! $user) {
- if (local_user()===false) {
+ if (api_user()===false) {
api_login($a); return False;
} else {
$user = $_SESSION['uid'];
}
- logger('api_user: ' . $extra_query . ' ' , $user);
+ logger('api_user: ' . $extra_query . ', user: ' . $user);
// user info
$uinfo = q("SELECT *, `contact`.`id` as `cid` FROM `contact`
WHERE 1
if($uinfo[0]['self']) {
$usr = q("select * from user where uid = %d limit 1",
- intval(local_user())
+ intval(api_user())
);
$profile = q("select * from profile where uid = %d and `is-default` = 1 limit 1",
- intval(local_user())
+ intval(api_user())
);
// count public wall messages
$nick = $name;
// Generating a random ID
- if (!array_key_exists($nick, $usercache))
+ if (is_null($usercache[$nick]) or !array_key_exists($nick, $usercache))
$usercache[$nick] = mt_rand(2000000, 2100000);
$ret = array(
case "xml":
$data = array_xmlify($data);
$tpl = get_markup_template("api_".$templatename."_".$type.".tpl");
+ if(! $tpl) {
+ header ("Content-Type: text/xml");
+ echo '<?xml version="1.0" encoding="UTF-8"?>'."\n".'<status><error>not implemented</error></status>';
+ killme();
+ }
$ret = replace_macros($tpl, $data);
break;
case "json":
* http://developer.twitter.com/doc/get/account/verify_credentials
*/
function api_account_verify_credentials(&$a, $type){
- if (local_user()===false) return false;
+ if (api_user()===false) return false;
$user_info = api_get_user($a);
return api_apply_template("user", $type, array('$user' => $user_info));
/*Waitman Gobble Mod*/
function api_statuses_mediap(&$a, $type) {
- if (local_user()===false) {
+ if (api_user()===false) {
logger('api_statuses_update: no user');
return false;
}
$user_info = api_get_user($a);
$_REQUEST['type'] = 'wall';
- $_REQUEST['profile_uid'] = local_user();
+ $_REQUEST['profile_uid'] = api_user();
$_REQUEST['api_source'] = true;
- $txt = urldecode(requestdata('status'));
+ $txt = requestdata('status');
+ //$txt = urldecode(requestdata('status'));
require_once('library/HTMLPurifier.auto.php');
require_once('include/html2bbcode.php');
$txt = $purifier->purify($txt);
}
$txt = html2bbcode($txt);
-
+
$a->argv[1]=$user_info['screen_name']; //should be set to username?
-
+
$_REQUEST['hush']='yeah'; //tell wall_upload function to return img info instead of echo
require_once('mod/wall_upload.php');
$bebop = wall_upload_post($a);
-
+
//now that we have the img url in bbcode we can add it to the status and insert the wall item.
$_REQUEST['body']=$txt."\n\n".$bebop;
require_once('mod/item.php');
function api_statuses_update(&$a, $type) {
- if (local_user()===false) {
+ if (api_user()===false) {
logger('api_statuses_update: no user');
return false;
}
}
else
- $_REQUEST['body'] = urldecode(requestdata('status'));
+ $_REQUEST['body'] = requestdata('status');
+ //$_REQUEST['body'] = urldecode(requestdata('status'));
+
+ $_REQUEST['title'] = requestdata('title');
$parent = requestdata('in_reply_to_status_id');
if(ctype_digit($parent))
if(requestdata('lat') && requestdata('long'))
$_REQUEST['coord'] = sprintf("%s %s",requestdata('lat'),requestdata('long'));
- $_REQUEST['profile_uid'] = local_user();
- if(requestdata('parent'))
+ $_REQUEST['profile_uid'] = api_user();
+
+ if($parent)
$_REQUEST['type'] = 'net-comment';
- else
+ else {
$_REQUEST['type'] = 'wall';
+ if(x($_FILES,'media')) {
+ // upload the image if we have one
+ $_REQUEST['hush']='yeah'; //tell wall_upload function to return img info instead of echo
+ require_once('mod/wall_upload.php');
+ $media = wall_upload_post($a);
+ if(strlen($media)>0)
+ $_REQUEST['body'] .= "\n\n".$media;
+ }
+ }
// set this so that the item_post() function is quiet and doesn't redirect or emit json
if (count($lastwall)>0){
$lastwall = $lastwall[0];
-
+
$in_reply_to_status_id = '';
$in_reply_to_user_id = '';
$in_reply_to_screen_name = '';
$in_reply_to_status_id=$lastwall['parent'];
$in_reply_to_user_id = $lastwall['reply_uid'];
$in_reply_to_screen_name = $lastwall['reply_author'];
- }
+ }
$status_info = array(
- 'text' => html2plain(bbcode($lastwall['body']), 0),
+ 'text' => html2plain(bbcode($lastwall['body'], false, false, true), 0),
'truncated' => false,
'created_at' => api_date($lastwall['created']),
'in_reply_to_status_id' => $in_reply_to_status_id,
'source' => (($lastwall['app']) ? $lastwall['app'] : 'web'),
- 'id' => $lastwall['contact-id'],
+ 'id' => $lastwall['id'],
'in_reply_to_user_id' => $in_reply_to_user_id,
'in_reply_to_screen_name' => $in_reply_to_screen_name,
'geo' => '',
$in_reply_to_status_id=$lastwall['parent'];
$in_reply_to_user_id = $lastwall['reply_uid'];
$in_reply_to_screen_name = $lastwall['reply_author'];
- }
+ }
$user_info['status'] = array(
'created_at' => api_date($lastwall['created']),
'id' => $lastwall['contact-id'],
- 'text' => html2plain(bbcode($lastwall['body']), 0),
+ 'text' => html2plain(bbcode($lastwall['body'], false, false, true), 0),
'source' => (($lastwall['app']) ? $lastwall['app'] : 'web'),
'truncated' => false,
'in_reply_to_status_id' => $in_reply_to_status_id,
'geo' => '',
'coordinates' => $lastwall['coord'],
'place' => $lastwall['location'],
- 'contributors' => ''
+ 'contributors' => ''
);
}
return api_apply_template("user", $type, array('$user' => $user_info));
-
+
}
api_register_func('api/users/show','api_users_show');
-
+
/**
- *
+ *
* http://developer.twitter.com/doc/get/statuses/home_timeline
- *
+ *
* TODO: Optional parameters
* TODO: Add reply info
*/
function api_statuses_home_timeline(&$a, $type){
- if (local_user()===false) return false;
-
+ if (api_user()===false) return false;
+
$user_info = api_get_user($a);
// get last newtork messages
$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
$max_id = (x($_REQUEST,'max_id')?$_REQUEST['max_id']:0);
//$since_id = 0;//$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
-
+ $exclude_replies = (x($_REQUEST,'exclude_replies')?1:0);
+ $conversation_id = (x($_REQUEST,'conversation_id')?$_REQUEST['conversation_id']:0);
+
$start = $page*$count;
//$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false);
+ $sql_extra = '';
if ($max_id > 0)
- $sql_extra = 'AND `item`.`id` <= '.intval($max_id);
+ $sql_extra .= ' AND `item`.`id` <= '.intval($max_id);
+ if ($exclude_replies > 0)
+ $sql_extra .= ' AND `item`.`parent` = `item`.`id`';
+ if ($conversation_id > 0)
+ $sql_extra .= ' AND `item`.`parent` = '.intval($conversation_id);
- $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
+ $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
$ret = api_format_items($r,$user_info);
-
+ // We aren't going to try to figure out at the item, group, and page
+ // level which items you've seen and which you haven't. If you're looking
+ // at the network timeline just mark everything seen.
+
+ $r = q("UPDATE `item` SET `unseen` = 0
+ WHERE `unseen` = 1 AND `uid` = %d",
+ intval($user_info['uid'])
+ );
+
+
$data = array('$statuses' => $ret);
switch($type){
case "atom":
break;
case "as":
$as = api_format_as($a, $ret, $user_info);
+ $as['title'] = $a->config['sitename']." Home Timeline";
+ $as['link']['url'] = $a->get_baseurl()."/".$user_info["screen_name"]."/all";
return($as);
break;
}
-
+
return api_apply_template("timeline", $type, $data);
}
api_register_func('api/statuses/home_timeline','api_statuses_home_timeline', true);
api_register_func('api/statuses/friends_timeline','api_statuses_home_timeline', true);
+ function api_statuses_public_timeline(&$a, $type){
+ if (api_user()===false) return false;
+
+ $user_info = api_get_user($a);
+ // get last newtork messages
+
+
+ // params
+ $count = (x($_REQUEST,'count')?$_REQUEST['count']:20);
+ $page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
+ if ($page<0) $page=0;
+ $since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
+ $max_id = (x($_REQUEST,'max_id')?$_REQUEST['max_id']:0);
+ //$since_id = 0;//$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
+ $exclude_replies = (x($_REQUEST,'exclude_replies')?1:0);
+ $conversation_id = (x($_REQUEST,'conversation_id')?$_REQUEST['conversation_id']:0);
+
+ $start = $page*$count;
+
+ //$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false);
+
+ if ($max_id > 0)
+ $sql_extra = 'AND `item`.`id` <= '.intval($max_id);
+ if ($exclude_replies > 0)
+ $sql_extra .= ' AND `item`.`parent` = `item`.`id`';
+ if ($conversation_id > 0)
+ $sql_extra .= ' AND `item`.`parent` = '.intval($conversation_id);
+
+ /*$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
+ `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
+ `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
+ `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
+ FROM `item`, `contact`
+ WHERE `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
+ AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
+ AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
+ AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0
+ AND `contact`.`id` = `item`.`contact-id`
+ AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ $sql_extra
+ AND `item`.`id`>%d
+ ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
+ intval($since_id),
+ intval($start), intval($count)
+ );*/
+ $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
+ `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
+ `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
+ `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`,
+ `user`.`nickname`, `user`.`hidewall`
+ FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
+ LEFT JOIN `user` ON `user`.`uid` = `item`.`uid`
+ WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0
+ AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
+ AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
+ AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0
+ AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ $sql_extra
+ AND `item`.`id`>%d
+ ORDER BY `received` DESC LIMIT %d, %d ",
+ intval($since_id),
+ intval($start),
+ intval($count));
+
+ $ret = api_format_items($r,$user_info);
+
+
+ $data = array('$statuses' => $ret);
+ switch($type){
+ case "atom":
+ case "rss":
+ $data = api_rss_extra($a, $data, $user_info);
+ break;
+ case "as":
+ $as = api_format_as($a, $ret, $user_info);
+ $as['title'] = $a->config['sitename']." Public Timeline";
+ $as['link']['url'] = $a->get_baseurl()."/";
+ return($as);
+ break;
+ }
+
+ return api_apply_template("timeline", $type, $data);
+ }
+ api_register_func('api/statuses/public_timeline','api_statuses_public_timeline', true);
+
/**
*
*/
function api_statuses_show(&$a, $type){
- if (local_user()===false) return false;
+ if (api_user()===false) return false;
$user_info = api_get_user($a);
// params
$id = intval($a->argv[3]);
- logger('API: api_statuses_show: '.$id);
+ logger('API: api_statuses_show: '.$id);
//$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false);
+ $conversation = (x($_REQUEST,'conversation')?1:0);
- $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
+ $sql_extra = '';
+ if ($conversation)
+ $sql_extra .= " AND `item`.`parent` = %d ORDER BY `received` ASC ";
+ else
+ $sql_extra .= " AND `item`.`id` = %d";
+
+ $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
WHERE `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
AND `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- $sql_extra
- AND `item`.`id`=%d",
+ $sql_extra",
intval($id)
);
$ret = api_format_items($r,$user_info);
-
- $data = array('$status' => $ret[0]);
- /*switch($type){
- case "atom":
- case "rss":
- $data = api_rss_extra($a, $data, $user_info);
- }*/
- return api_apply_template("status", $type, $data);
+
+ if ($conversation) {
+ $data = array('$statuses' => $ret);
+ return api_apply_template("timeline", $type, $data);
+ } else {
+ $data = array('$status' => $ret[0]);
+ /*switch($type){
+ case "atom":
+ case "rss":
+ $data = api_rss_extra($a, $data, $user_info);
+ }*/
+ return api_apply_template("status", $type, $data);
+ }
}
api_register_func('api/statuses/show','api_statuses_show', true);
*
*/
function api_statuses_repeat(&$a, $type){
- if (local_user()===false) return false;
+ if (api_user()===false) return false;
$user_info = api_get_user($a);
// params
$id = intval($a->argv[3]);
- logger('API: api_statuses_repeat: '.$id);
+ logger('API: api_statuses_repeat: '.$id);
//$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false);
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `contact`.`nick` as `reply_author`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url` as `reply_url`, `contact`.`rel`,
+ `contact`.`name`, `contact`.`photo` as `reply_photo`, `contact`.`url` as `reply_url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item`, `contact`
intval($id)
);
- $_REQUEST['body'] = html_entity_decode("♲ ", ENT_QUOTES, 'UTF-8')."[url=".$r[0]['reply_url']."]".$r[0]['reply_author']."[/url] \n".$r[0]['body'];
- $_REQUEST['profile_uid'] = local_user();
- $_REQUEST['type'] = 'wall';
- $_REQUEST['api_source'] = true;
+ if ($r[0]['body'] != "") {
+ if (intval(get_config('system','new_share'))) {
+ $post = "[share author='".str_replace("'", "'", $r[0]['reply_author']).
+ "' profile='".$r[0]['reply_url'].
+ "' avatar='".$r[0]['reply_photo'].
+ "' link='".$r[0]['plink']."']";
- require_once('mod/item.php');
- item_post($a);
+ $post .= $r[0]['body'];
+ $post .= "[/share]";
+ $_REQUEST['body'] = $post;
+ } else
+ $_REQUEST['body'] = html_entity_decode("♲ ", ENT_QUOTES, 'UTF-8')."[url=".$r[0]['reply_url']."]".$r[0]['reply_author']."[/url] \n".$r[0]['body'];
+
+ $_REQUEST['profile_uid'] = api_user();
+ $_REQUEST['type'] = 'wall';
+ $_REQUEST['api_source'] = true;
+
+ require_once('mod/item.php');
+ item_post($a);
+ }
if ($type == 'xml')
$ok = "true";
*
*/
function api_statuses_destroy(&$a, $type){
- if (local_user()===false) return false;
+ if (api_user()===false) return false;
$user_info = api_get_user($a);
// params
$id = intval($a->argv[3]);
- logger('API: api_statuses_destroy: '.$id);
+ logger('API: api_statuses_destroy: '.$id);
require_once('include/items.php');
drop_item($id, false);
*
*/
function api_statuses_mentions(&$a, $type){
- if (local_user()===false) return false;
+ if (api_user()===false) return false;
$user_info = api_get_user($a);
// get last newtork messages
$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
$max_id = (x($_REQUEST,'max_id')?$_REQUEST['max_id']:0);
//$since_id = 0;//$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
-
+
$start = $page*$count;
//$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false);
$myurl = $a->get_baseurl() . '/profile/'. $a->user['nickname'];
$myurl = substr($myurl,strpos($myurl,'://')+3);
- $myurl = str_replace(array('www.','.'),array('','\\.'),$myurl);
+ //$myurl = str_replace(array('www.','.'),array('','\\.'),$myurl);
+ $myurl = str_replace('www.','',$myurl);
$diasp_url = str_replace('/profile/','/u/',$myurl);
- $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` regexp '%s' or `tag` regexp '%s' or tag regexp '%s' )) ",
- dbesc($myurl . '$'),
- dbesc($myurl . '\\]'),
- dbesc($diasp_url . '\\]')
+
+/* if (get_config('system','use_fulltext_engine'))
+ $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where (MATCH(`author-link`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(`tag`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode))) ",
+ dbesc(protect_sprintf($myurl)),
+ dbesc(protect_sprintf($myurl)),
+ dbesc(protect_sprintf($diasp_url))
+ );
+ else
+ $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ",
+ dbesc(protect_sprintf('%' . $myurl)),
+ dbesc(protect_sprintf('%' . $myurl . ']%')),
+ dbesc(protect_sprintf('%' . $diasp_url . ']%'))
+ );
+*/
+ $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where `author-link` IN ('https://%s', 'http://%s') OR `mention`)",
+ dbesc(protect_sprintf($myurl)),
+ dbesc(protect_sprintf($myurl))
);
if ($max_id > 0)
$ret = api_format_items($r,$user_info);
-
+
$data = array('$statuses' => $ret);
switch($type){
case "atom":
case "as":
$as = api_format_as($a, $ret, $user_info);
$as["title"] = $a->config['sitename']." Mentions";
+ $as['link']['url'] = $a->get_baseurl()."/";
return($as);
break;
}
-
+
return api_apply_template("timeline", $type, $data);
}
api_register_func('api/statuses/mentions','api_statuses_mentions', true);
function api_statuses_user_timeline(&$a, $type){
- if (local_user()===false) return false;
+ if (api_user()===false) return false;
$user_info = api_get_user($a);
// get last newtork messages
- logger("api_statuses_user_timeline: local_user: ". local_user() .
+ logger("api_statuses_user_timeline: api_user: ". api_user() .
"\nuser_info: ".print_r($user_info, true) .
"\n_REQUEST: ".print_r($_REQUEST, true),
LOGGER_DEBUG);
if ($page<0) $page=0;
$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
//$since_id = 0;//$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
-
+ $exclude_replies = (x($_REQUEST,'exclude_replies')?1:0);
+ $conversation_id = (x($_REQUEST,'conversation_id')?$_REQUEST['conversation_id']:0);
+
$start = $page*$count;
- if ($user_info['self']==1) $sql_extra = "AND `item`.`wall` = 1 ";
+ $sql_extra = '';
+ if ($user_info['self']==1) $sql_extra .= " AND `item`.`wall` = 1 ";
+
+ if ($exclude_replies > 0)
+ $sql_extra .= ' AND `item`.`parent` = `item`.`id`';
+ if ($conversation_id > 0)
+ $sql_extra .= ' AND `item`.`parent` = '.intval($conversation_id);
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
$sql_extra
AND `item`.`id`>%d
ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
- intval(local_user()),
+ intval(api_user()),
intval($user_info['id']),
intval($since_id),
intval($start), intval($count)
$ret = api_format_items($r,$user_info);
-
+
$data = array('$statuses' => $ret);
switch($type){
case "atom":
case "rss":
$data = api_rss_extra($a, $data, $user_info);
}
-
+
return api_apply_template("timeline", $type, $data);
}
function api_favorites(&$a, $type){
- if (local_user()===false) return false;
-
+ if (api_user()===false) return false;
+
$user_info = api_get_user($a);
// in friendica starred item are private
// return favorites only for self
logger('api_favorites: self:' . $user_info['self']);
-
+
if ($user_info['self']==0) {
$ret = array();
} else {
-
-
+
+
// params
$count = (x($_GET,'count')?$_GET['count']:20);
$page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
if ($page<0) $page=0;
-
+
$start = $page*$count;
- $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
+ $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
);
$ret = api_format_items($r,$user_info);
-
+
}
-
+
$data = array('$statuses' => $ret);
switch($type){
case "atom":
case "rss":
$data = api_rss_extra($a, $data, $user_info);
}
-
+
return api_apply_template("timeline", $type, $data);
}
$items[] = $singleitem;
}
$as['items'] = $items;
- $link->url = $a->get_baseurl()."/".$user_info["screen_name"]."/all";
- $link->rel = "alternate";
- $link->type = "text/html";
- $as['link'][] = $link;
+ $as['link']['url'] = $a->get_baseurl()."/".$user_info["screen_name"]."/all";
+ $as['link']['rel'] = "alternate";
+ $as['link']['type'] = "text/html";
return($as);
}
-
+
+ function api_format_messages($item, $recipient, $sender) {
+ // standard meta information
+ $ret=Array(
+ 'id' => $item['id'],
+ 'created_at' => api_date($item['created']),
+ 'sender_id' => $sender['id'] ,
+ 'sender_screen_name' => $sender['screen_name'],
+ 'sender' => $sender,
+ 'recipient_id' => $recipient['id'],
+ 'recipient_screen_name' => $recipient['screen_name'],
+ 'recipient' => $recipient,
+ );
+
+ //don't send title to regular StatusNET requests to avoid confusing these apps
+ if (x($_GET, 'getText')) {
+ $ret['title'] = $item['title'] ;
+ if ($_GET["getText"] == "html") {
+ $ret['text'] = bbcode($item['body']);
+ }
+ elseif ($_GET["getText"] == "plain") {
+ $ret['text'] = html2plain(bbcode($item['body'], false, false, true), 0);
+ }
+ }
+ else {
+ $ret['text'] = $item['title']."\n".html2plain(bbcode($item['body'], false, false, true), 0);
+ }
+ if (isset($_GET["getUserObjects"]) && $_GET["getUserObjects"] == "false") {
+ unset($ret['sender']);
+ unset($ret['recipient']);
+ }
+
+ return $ret;
+ }
+
function api_format_items($r,$user_info) {
//logger('api_format_items: ' . print_r($r,true));
$status_user = (($item['cid']==$user_info['id'])?$user_info: api_item_get_user($a,$item));
if ($item['parent']!=$item['id']) {
- $r = q("select id from item where parent=%s and id<%s order by id desc limit 1",
+ $r = q("select id from item where parent=%s and id<%s order by id desc limit 1",
intval($item['parent']), intval($item['id']));
if ($r)
$in_reply_to_status_id = $r[0]['id'];
else
$in_reply_to_status_id = $item['parent'];
- $r = q("select `item`.`contact-id`, `contact`.nick, `item`.`author-name` from item, contact
+ $r = q("select `item`.`contact-id`, `contact`.nick, `item`.`author-name` from item, contact
where `contact`.`id` = `item`.`contact-id` and `item`.id=%d", intval($in_reply_to_status_id));
$in_reply_to_screen_name = $r[0]['author-name'];
$in_reply_to_status_id = 0;
}
+ // Workaround for ostatus messages where the title is identically to the body
+ $statusbody = trim(html2plain(bbcode($item['body'], false, false, true), 0));
+ $statustitle = trim($item['title']);
+
+ if (($statustitle != '') and (strpos($statusbody, $statustitle) !== false))
+ $statustext = trim($statusbody);
+ else
+ $statustext = trim($statustitle."\n\n".$statusbody);
+
+ if (($item["network"] == NETWORK_FEED) and (strlen($statustext)> 1000))
+ $statustext = substr($statustext, 0, 1000)."... \n".$item["plink"];
+
$status = array(
- 'text' => trim($item['title']." \n".html2plain(bbcode($item['body']), 0)),
+ 'text' => $statustext,
'truncated' => False,
'created_at'=> api_date($item['created']),
'in_reply_to_status_id' => $in_reply_to_status_id,
'geo' => '',
'favorited' => $item['starred'] ? true : false,
'user' => $status_user ,
- 'statusnet_html' => bbcode($item['body']),
- 'statusnet_conversation_id' => 0,
+ 'statusnet_html' => trim(bbcode($item['body'])),
+ 'statusnet_conversation_id' => $item['parent'],
);
// Seesmic doesn't like the following content
return api_apply_template('test', $type, array('$ok' => $ok));
}
- api_register_func('api/help/test','api_help_test',true);
+ api_register_func('api/help/test','api_help_test',false);
/**
* https://dev.twitter.com/docs/api/1/get/statuses/friends
* returns: json, xml
**/
function api_statuses_f(&$a, $type, $qtype) {
- if (local_user()===false) return false;
+ if (api_user()===false) return false;
$user_info = api_get_user($a);
$sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_FOLLOWER), intval(CONTACT_IS_FRIEND));
$r = q("SELECT id FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra",
- intval(local_user())
+ intval(api_user())
);
$ret = array();
'logo' => $logo, 'fancy' => 'true', 'language' => 'en', 'email' => $email, 'broughtby' => '',
'broughtbyurl' => '', 'timezone' => 'UTC', 'closed' => $closed, 'inviteonly' => 'false',
'private' => $private, 'textlimit' => $textlimit, 'sslserver' => $sslserver, 'ssl' => $ssl,
- 'shorturllength' => '30'
+ 'shorturllength' => '30',
+ 'friendica' => array(
+ 'FRIENDICA_PLATFORM' => FRIENDICA_PLATFORM,
+ 'FRIENDICA_VERSION' => FRIENDICA_VERSION,
+ 'DFRN_PROTOCOL_VERSION' => DFRN_PROTOCOL_VERSION,
+ 'DB_UPDATE_VERSION' => DB_UPDATE_VERSION
+ )
),
);
function api_ff_ids(&$a,$type,$qtype) {
- if(! local_user())
+ if(! api_user())
return false;
if($qtype == 'friends')
$r = q("SELECT id FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra",
- intval(local_user())
+ intval(api_user())
);
if(is_array($r)) {
function api_direct_messages_new(&$a, $type) {
- if (local_user()===false) return false;
+ if (api_user()===false) return false;
if (!x($_POST, "text") || !x($_POST,"screen_name")) return;
-
+
$sender = api_get_user($a);
+ require_once("include/message.php");
+
$r = q("SELECT `id` FROM `contact` WHERE `uid`=%d AND `nick`='%s'",
- intval(local_user()),
+ intval(api_user()),
dbesc($_POST['screen_name']));
-
+
$recipient = api_get_user($a, $r[0]['id']);
-
+ $replyto = '';
+ $sub = '';
+ if (x($_REQUEST,'replyto')) {
+ $r = q('SELECT `parent-uri`, `title` FROM `mail` WHERE `uid`=%d AND `id`=%d',
+ intval(api_user()),
+ intval($_REQUEST['replyto']));
+ $replyto = $r[0]['parent-uri'];
+ $sub = $r[0]['title'];
+ }
+ else {
+ if (x($_REQUEST,'title')) {
+ $sub = $_REQUEST['title'];
+ }
+ else {
+ $sub = ((strlen($_POST['text'])>10)?substr($_POST['text'],0,10)."...":$_POST['text']);
+ }
+ }
+
+ $id = send_message($recipient['id'], $_POST['text'], $sub, $replyto);
- require_once("include/message.php");
- $sub = ( (strlen($_POST['text'])>10)?substr($_POST['text'],0,10)."...":$_POST['text']);
- $id = send_message($recipient['id'], $_POST['text'], $sub);
-
-
if ($id>-1) {
$r = q("SELECT * FROM `mail` WHERE id=%d", intval($id));
- $item = $r[0];
- $ret=Array(
- 'id' => $item['id'],
- 'created_at'=> api_date($item['created']),
- 'sender_id'=> $sender['id'] ,
- 'sender_screen_name'=> $sender['screen_name'],
- 'sender'=> $sender,
- 'recipient_id'=> $recipient['id'],
- 'recipient_screen_name'=> $recipient['screen_name'],
- 'recipient'=> $recipient,
-
- 'text'=> $item['title']."\n".html2plain(bbcode($item['body']), 0) ,
-
- );
+ $ret = api_format_messages($r[0], $recipient, $sender);
} else {
$ret = array("error"=>$id);
}
api_register_func('api/direct_messages/new','api_direct_messages_new',true);
- function api_direct_messages_box(&$a, $type, $box) {
- if (local_user()===false) return false;
+ function api_direct_messages_box(&$a, $type, $box) {
+ if (api_user()===false) return false;
$user_info = api_get_user($a);
$start = $page*$count;
-
+ $profile_url = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
if ($box=="sentbox") {
- $sql_extra = "`from-url`='%s'";
- } else {
- $sql_extra = "`from-url`!='%s'";
+ $sql_extra = "`from-url`='".dbesc( $profile_url )."'";
+ }
+ elseif ($box=="conversation") {
+ $sql_extra = "`parent-uri`='".dbesc( $_GET["uri"] ) ."'";
+ }
+ elseif ($box=="all") {
+ $sql_extra = "true";
+ }
+ elseif ($box=="inbox") {
+ $sql_extra = "`from-url`!='".dbesc( $profile_url )."'";
}
$r = q("SELECT * FROM `mail` WHERE uid=%d AND $sql_extra ORDER BY created DESC LIMIT %d,%d",
- intval(local_user()),
- dbesc( $a->get_baseurl() . '/profile/' . $a->user['nickname'] ),
+ intval(api_user()),
intval($start), intval($count)
- );
+ );
$ret = Array();
- foreach($r as $item){
- switch ($box){
- case "inbox":
- $recipient = $user_info;
- $sender = api_get_user($a,$item['contact-id']);
- break;
- case "sentbox":
- $recipient = api_get_user($a,$item['contact-id']);
- $sender = $user_info;
- break;
+ foreach($r as $item) {
+ if ($box == "inbox" || $item['from-url'] != $profile_url){
+ $recipient = $user_info;
+ $sender = api_get_user($a,$item['contact-id']);
}
-
- $ret[]=Array(
- 'id' => $item['id'],
- 'created_at'=> api_date($item['created']),
- 'sender_id'=> $sender['id'] ,
- 'sender_screen_name'=> $sender['screen_name'],
- 'sender'=> $sender,
- 'recipient_id'=> $recipient['id'],
- 'recipient_screen_name'=> $recipient['screen_name'],
- 'recipient'=> $recipient,
-
- 'text'=> $item['title']."\n".html2plain(bbcode($item['body']), 0) ,
-
- );
-
+ elseif ($box == "sentbox" || $item['from-url'] != $profile_url){
+ $recipient = api_get_user($a,$item['contact-id']);
+ $sender = $user_info;
+ }
+
+ $ret[]=api_format_messages($item, $recipient, $sender);
}
function api_direct_messages_inbox(&$a, $type){
return api_direct_messages_box($a, $type, "inbox");
}
+ function api_direct_messages_all(&$a, $type){
+ return api_direct_messages_box($a, $type, "all");
+ }
+ function api_direct_messages_conversation(&$a, $type){
+ return api_direct_messages_box($a, $type, "conversation");
+ }
+ api_register_func('api/direct_messages/conversation','api_direct_messages_conversation',true);
+ api_register_func('api/direct_messages/all','api_direct_messages_all',true);
api_register_func('api/direct_messages/sent','api_direct_messages_sentbox',true);
api_register_func('api/direct_messages','api_direct_messages_inbox',true);
favorites
favorites/create
favorites/destroy
-statuses/public_timeline
statuses/retweets_of_me
friendships/create
friendships/destroy
account/update_profile_image
blocks/create
blocks/destroy
-oauth/authorize
Not implemented in status.net:
statuses/retweeted_to_me
notifications/leave
blocks/exists
blocks/blocking
+lists
*/
+