}
} else {
- # Look for the user in the session
- if (common_logged_in()) {
- $this->user = common_current_user();
- }
+ # Caller might give us a username even if not required
+ if (isset($_SERVER['PHP_AUTH_USER'])) {
+ $user = User::staticGet('nickname', $_SERVER['PHP_AUTH_USER']);
+ if ($user) {
+ $this->user = $user;
+ }
+ # Twitter doesn't throw an error if the user isn't found
+ }
$this->process_command();
}
'laconica/wadl');
static $bareauth = array('statuses/user_timeline',
+ 'statuses/friends_timeline',
'statuses/friends',
+ 'statuses/replies',
'statuses/followers',
'favorites/favorites');
- # If the site is "private", all API methods need authentication
+ $fullname = "$this->api_action/$this->api_method";
+ // If the site is "private", all API methods except laconica/config
+ // need authentication
if (common_config('site', 'private')) {
- return true;
+ return $fullname != 'laconica/config' || false;
}
- $fullname = "$this->api_action/$this->api_method";
-
if (in_array($fullname, $bareauth)) {
# bareauth: only needs auth if without an argument
if ($this->api_arg) {
if ($this->content_type == 'xml') {
header('Content-Type: application/xml; charset=utf-8');
- common_start_xml();
+ $this->startXML();
$this->elementStart('hash');
$this->element('error', null, $msg);
$this->element('request', null, $_SERVER['REQUEST_URI']);
$this->elementEnd('hash');
- common_end_xml();
+ $this->endXML();
} else if ($this->content_type == 'json') {
header('Content-Type: application/json; charset=utf-8');
$error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']);
}
}
- function isReadOnly()
+ function isReadOnly($args)
{
- # NOTE: before handle(), can't use $this->arg
- $apiaction = $_REQUEST['apiaction'];
- $method = $_REQUEST['method'];
+ $apiaction = $args['apiaction'];
+ $method = $args['method'];
+
list($cmdtext, $fmt) = explode('.', $method);
static $write_methods = array(
return false;
}
-
}