fix typo

[friendica.git] / include / api.php

diff --git a/include/api.php b/include/api.php
index 1f58a6baae3e77a264789d754ebe95003bc1949e..74b4aaf6e1d85e5cedbf998194c7c57c2813f1bc 100644 (file)
--- a/include/api.php
+++ b/include/api.php
@@ -55,7 +55,7 @@
                // process normal login request
 
                $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) 
-                       AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
+                       AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
                        dbesc(trim($user)),
                        dbesc(trim($user)),
                        dbesc($encrypted)
@@ -466,6 +466,7 @@
                }
                return null;
        }
+
        // TODO - media uploads
        function api_statuses_update(&$a, $type) {
                if (local_user()===false) return false;
@@ -475,7 +476,32 @@
 
                // logger('api_post: ' . print_r($_POST,true));
 
-               $_POST['body'] = urldecode(requestdata('status'));
+               if(requestdata('htmlstatus')) {
+                       require_once('library/HTMLPurifier.auto.php');
+                       require_once('include/html2bbcode.php');
+
+                       $txt = requestdata('htmlstatus');
+                       if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) {
+
+                               $txt = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s',
+                                       '[youtube]$1[/youtube]', $txt);
+
+                               $txt = preg_replace('#<iframe[^>].+?' . 'http://www.youtube.com/embed/([A-Za-z0-9\-_=]+).+?</iframe>#s',
+                                       '[youtube]$1[/youtube]', $txt);
+
+                               $config = HTMLPurifier_Config::createDefault();
+                               $config->set('Cache.DefinitionImpl', null);
+
+
+                               $purifier = new HTMLPurifier($config);
+                               $txt = $purifier->purify($txt);
+
+                               $_POST['body'] = html2bbcode($txt);
+                       }
+
+               }
+               else
+                       $_POST['body'] = urldecode(requestdata('status'));
 
                $parent = requestdata('in_reply_to_status_id');
                if(ctype_digit($parent))