if (!isset($_SERVER['PHP_AUTH_USER'])) {
logger('API_login: ' . print_r($_SERVER,true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
- header('HTTP/1.0 401 Unauthorized');
- die((api_error($a, 'json', "This api requires login")));
-
- //die('This api requires login');
+ throw new UnauthorizedException("This API requires login");
}
$user = $_SERVER['PHP_AUTH_USER'];
if((! $record) || (! count($record))) {
logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
- header('HTTP/1.0 401 Unauthorized');
- die('This api requires login');
+ #header('HTTP/1.0 401 Unauthorized');
+ #die('This api requires login');
+ throw new UnauthorizedException("This API requires login");
}
authenticate_success($record); $_SESSION["allow_api"] = true;
*
* @param Api $a
* @param string $type Return type (xml, json, rss, as)
- * @param string $error Error message
+ * @param HTTPException $error Error object
+ * @return strin error message formatted as $type
*/
function api_error(&$a, $type, $e) {
$error = ($e->getMessage()!==""?$e->getMessage():$e->httpdesc);
if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) {
- require_once('library/HTMLPurifier.auto.php');
-
$txt = html2bb_video($txt);
$config = HTMLPurifier_Config::createDefault();
$config->set('Cache.DefinitionImpl', null);
if(requestdata('htmlstatus')) {
$txt = requestdata('htmlstatus');
if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) {
-
- require_once('library/HTMLPurifier.auto.php');
-
$txt = html2bb_video($txt);
$config = HTMLPurifier_Config::createDefault();
if ($posts_day > $throttle_day) {
logger('Daily posting limit reached for user '.api_user(), LOGGER_DEBUG);
- die(api_error($a, $type, sprintf(t("Daily posting limit of %d posts reached. The post was rejected."), $throttle_day)));
+ #die(api_error($a, $type, sprintf(t("Daily posting limit of %d posts reached. The post was rejected."), $throttle_day)));
+ throw new TooManyRequestsException(sprintf(t("Daily posting limit of %d posts reached. The post was rejected."), $throttle_day));
}
}
if ($posts_week > $throttle_week) {
logger('Weekly posting limit reached for user '.api_user(), LOGGER_DEBUG);
- die(api_error($a, $type, sprintf(t("Weekly posting limit of %d posts reached. The post was rejected."), $throttle_week)));
+ #die(api_error($a, $type, sprintf(t("Weekly posting limit of %d posts reached. The post was rejected."), $throttle_week)));
+ throw new TooManyRequestsException(sprintf(t("Weekly posting limit of %d posts reached. The post was rejected."), $throttle_week));
+
}
}
if ($posts_month > $throttle_month) {
logger('Monthly posting limit reached for user '.api_user(), LOGGER_DEBUG);
- die(api_error($a, $type, sprintf(t("Monthly posting limit of %d posts reached. The post was rejected."), $throttle_month)));
+ #die(api_error($a, $type, sprintf(t("Monthly posting limit of %d posts reached. The post was rejected."), $throttle_month)));
+ throw new TooManyRequestsException(sprintf(t("Monthly posting limit of %d posts reached. The post was rejected."), $throttle_month));
}
}
$action_argv_id=2;
if ($a->argv[1]=="1.1") $action_argv_id=3;
- if ($a->argc<=$action_argv_id) die(api_error($a, $type, t("Invalid request.")));
+ if ($a->argc<=$action_argv_id) throw new BadRequestException("Invalid request.");
$action = str_replace(".".$type,"",$a->argv[$action_argv_id]);
if ($a->argc==$action_argv_id+2) {
$itemid = intval($a->argv[$action_argv_id+1]);
$nm->setSeen($note);
if ($note['otype']=='item') {
// would be really better with an ItemsManager and $im->getByID() :-P
- $r = q("SELECT * FROM item WHERE id=%d AND uid=%d",
+ $r = q("SELECT * FROM `item` WHERE `id`=%d AND `uid`=%d",
intval($note['iid']),
intval(local_user())
);