<?php
require_once("bbcode.php");
require_once("datetime.php");
+ require_once("conversation.php");
/*
* Twitter-Like API
*/
$API = Array();
-
+ $called_api = Null;
function api_date($str){
//Wed May 23 06:01:13 +0000 2007
// process normal login request
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' )
- AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
+ AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
dbesc(trim($user)),
dbesc(trim($user)),
dbesc($encrypted)
* MAIN API ENTRY POINT *
**************************/
function api_call(&$a){
- GLOBAL $API;
+ GLOBAL $API, $called_api;
foreach ($API as $p=>$info){
if (strpos($a->query_string, $p)===0){
+ $called_api= explode("/",$p);
#unset($_SERVER['PHP_AUTH_USER']);
if ($info['auth']===true && local_user()===false) {
api_login($a);
return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
break;
case "json":
- header ("Content-Type: application/json");
+ //header ("Content-Type: application/json");
foreach($r as $rr)
return json_encode($rr);
break;
* Returns user info array.
*/
function api_get_user(&$a, $contact_id = Null){
+ global $called_api;
$user = null;
$extra_query = "";
+
if(!is_null($contact_id)){
$user=$contact_id;
$extra_query = "AND `contact`.`id` = %d ";
if(is_null($user) && x($_GET, 'screen_name')) {
$user = dbesc($_GET['screen_name']);
$extra_query = "AND `contact`.`nick` = '%s' ";
+ if (local_user()!==false) $extra_query .= "AND `contact`.`uid`=".intval(local_user());
+
}
- if (is_null($user) && $a->argc > 3){
- list($user, $null) = explode(".",$a->argv[3]);
+ if (is_null($user) && $a->argc > (count($called_api)-1)){
+ $argid = count($called_api);
+ list($user, $null) = explode(".",$a->argv[$argid]);
if(is_numeric($user)){
$user = intval($user);
$extra_query = "AND `contact`.`id` = %d ";
} else {
$user = dbesc($user);
$extra_query = "AND `contact`.`nick` = '%s' ";
+ if (local_user()!==false) $extra_query .= "AND `contact`.`uid`=".intval(local_user());
}
}
}
$ret = Array(
+ 'self' => intval($uinfo[0]['self']),
'uid' => intval($uinfo[0]['uid']),
'id' => intval($uinfo[0]['cid']),
'name' => $uinfo[0]['name'],
'followers_count' => intval($countfollowers),
'favourites_count' => intval($starred),
'contributors_enabled' => false,
- 'follow_request_sent' => false,
+ 'follow_request_sent' => true,
'profile_background_color' => 'cfe8f6',
'profile_text_color' => '000000',
'profile_link_color' => 'FF8500',
'notifications' => false,
'following' => '', #XXX: fix me
'verified' => true, #XXX: fix me
- 'status' => null
+ 'status' => array()
);
return $ret;
return api_get_user($a,$a->contacts[$normalised]['id']);
}
// We don't know this person directly.
+
+ list($nick, $name) = array_map("trim",explode("(",$item['author-name']));
+ $name=str_replace(")","",$name);
+
$ret = array(
'uid' => 0,
'id' => 0,
- 'name' => $item['author-name'],
- 'screen_name' => $item['author_name'],
+ 'name' => $name,
+ 'screen_name' => $nick,
'location' => '', //$uinfo[0]['default-location'],
'profile_image_url' => $item['author-avatar'],
'url' => $item['author-link'],
'notifications' => false,
'verified' => true, #XXX: fix me
'followers' => '', #XXX: fix me
- #'status' => null
+ 'status' => array()
);
return $ret;
}
return null;
}
+
// TODO - media uploads
function api_statuses_update(&$a, $type) {
if (local_user()===false) return false;
// logger('api_post: ' . print_r($_POST,true));
- $_POST['body'] = urldecode(requestdata('status'));
+ if(requestdata('htmlstatus')) {
+ require_once('library/HTMLPurifier.auto.php');
+ require_once('include/html2bbcode.php');
+
+ $txt = requestdata('htmlstatus');
+ if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) {
+
+ $txt = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s',
+ '[youtube]$1[/youtube]', $txt);
+
+ $txt = preg_replace('#<iframe[^>].+?' . 'http://www.youtube.com/embed/([A-Za-z0-9\-_=]+).+?</iframe>#s',
+ '[youtube]$1[/youtube]', $txt);
+
+ $config = HTMLPurifier_Config::createDefault();
+ $config->set('Cache.DefinitionImpl', null);
+
+
+ $purifier = new HTMLPurifier($config);
+ $txt = $purifier->purify($txt);
+
+ $_POST['body'] = html2bbcode($txt);
+ }
+
+ }
+ else
+ $_POST['body'] = urldecode(requestdata('status'));
$parent = requestdata('in_reply_to_status_id');
if(ctype_digit($parent))
*/
function api_statuses_home_timeline(&$a, $type){
if (local_user()===false) return false;
-
+
$user_info = api_get_user($a);
// get last newtork messages
-// $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` ) ";
+
// params
- $count = (x($_GET,'count')?$_GET['count']:20);
- $page = (x($_GET,'page')?$_GET['page']:0);
+ $count = (x($_REQUEST,'count')?$_REQUEST['count']:20);
+ $page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
+ if ($page<0) $page=0;
+ $since_id = 0;//$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
$start = $page*$count;
-
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
AND `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$sql_extra
+ AND `item`.`id`>%d
ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
intval($user_info['uid']),
- $start, $count
+ intval($since_id),
+ intval($start), intval($count)
);
$ret = api_format_items($r,$user_info);
$user_info = api_get_user($a);
// get last newtork messages
-// $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` ) ";
+
+
+ logger("api_statuses_user_timeline: local_user: ". local_user() .
+ "\nuser_info: ".print_r($user_info, true) .
+ "\n_REQUEST: ".print_r($_REQUEST, true),
+ LOGGER_DEBUG);
// params
- $count = (x($_GET,'count')?$_GET['count']:20);
- $page = (x($_GET,'page')?$_GET['page']:0);
+ $count = (x($_REQUEST,'count')?$_REQUEST['count']:20);
+ $page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
+ if ($page<0) $page=0;
+ $since_id = 0;//$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
$start = $page*$count;
+ if ($user_info['self']==1) $sql_extra = "AND `item`.`wall` = 1 ";
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item`, `contact`
WHERE `item`.`uid` = %d
+ AND `item`.`contact-id` = %d
AND `item`.`visible` = 1 AND `item`.`deleted` = 0
- AND `item`.`wall` = 1
AND `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$sql_extra
+ AND `item`.`id`>%d
ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
- intval($user_info['uid']),
- $start, $count
+ intval(local_user()),
+ intval($user_info['id']),
+ intval($since_id),
+ intval($start), intval($count)
);
$ret = api_format_items($r,$user_info);
if (local_user()===false) return false;
$user_info = api_get_user($a);
- // get last newtork messages
-// $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` ) ";
-
- $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
- FROM `item`, `contact`
- WHERE `item`.`uid` = %d
- AND `item`.`visible` = 1 AND `item`.`deleted` = 0
- AND `item`.`starred` = 1
- AND `contact`.`id` = `item`.`contact-id`
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- $sql_extra
- ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
- intval($user_info['uid']),
- 0,20
- );
-
- $ret = api_format_items($r,$user_info);
+ // in friendika starred item are private
+ // return favorites only for self
+ logger('api_favorites: self:' . $user_info['self']);
+
+ if ($user_info['self']==0) {
+ $ret = array();
+ } else {
+
+
+ // params
+ $count = (x($_GET,'count')?$_GET['count']:20);
+ $page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
+ if ($page<0) $page=0;
+
+ $start = $page*$count;
+
+ $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
+ `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
+ `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
+ `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
+ FROM `item`, `contact`
+ WHERE `item`.`uid` = %d
+ AND `item`.`visible` = 1 AND `item`.`deleted` = 0
+ AND `item`.`starred` = 1
+ AND `contact`.`id` = `item`.`contact-id`
+ AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ $sql_extra
+ ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
+ intval($user_info['uid']),
+ intval($start), intval($count)
+ );
+ $ret = api_format_items($r,$user_info);
+
+ }
$data = array('$statuses' => $ret);
switch($type){
$ret = Array();
foreach($r as $item) {
+ localize_item($item);
$status_user = (($item['cid']==$user_info['id'])?$user_info: api_item_get_user($a,$item));
$status = array(
'created_at'=> api_date($item['created']),
- 'published' => datetime_convert('UTC','UTC',$item['created'],ATOM_TIME),
- 'updated' => datetime_convert('UTC','UTC',$item['edited'],ATOM_TIME),
+ 'published' => api_date($item['created']),
+ 'updated' => api_date($item['edited']),
'id' => intval($item['id']),
'message_id' => $item['uri'],
'text' => strip_tags(bbcode($item['body'])),
if (local_user()===false) return false;
$user_info = api_get_user($a);
+
+ // friends and followers only for self
+ if ($user_info['self']==0){
+ return false;
+ }
+
if (x($_GET,'cursor') && $_GET['cursor']=='undefined'){
/* this is to stop Hotot to load friends multiple times
* I'm not sure if I'm missing return something or
* is a bug in hotot. Workaround, meantime
*/
- $ret=Array();
- $data = array('$users' => $ret);
- return api_apply_template("friends", $type, $data);
+ /*$ret=Array();
+ return array('$users' => $ret);*/
+ return false;
}
if($qtype == 'friends')
}
- $data = array('$users' => $ret);
- return api_apply_template("friends", $type, $data);
+ return array('$users' => $ret);
}
function api_statuses_friends(&$a, $type){
- return api_statuses_f($a,$type,"friends");
+ $data = api_statuses_f($a,$type,"friends");
+ if ($data===false) return false;
+ return api_apply_template("friends", $type, $data);
}
function api_statuses_followers(&$a, $type){
- return api_statuses_f($a,$type,"followers");
+ $data = api_statuses_f($a,$type,"followers");
+ if ($data===false) return false;
+ return api_apply_template("friends", $type, $data);
}
api_register_func('api/statuses/friends','api_statuses_friends',true);
api_register_func('api/statuses/followers','api_statuses_followers',true);
api_register_func('api/followers/ids','api_followers_ids',true);
+ function api_direct_messages_new(&$a, $type) {
+ if (local_user()===false) return false;
+
+ if (!x($_POST, "text") || !x($_POST,"screen_name")) return;
+
+ $sender = api_get_user($a);
+
+ $r = q("SELECT `id` FROM `contact` WHERE `uid`=%d AND `nick`='%s'",
+ intval(local_user()),
+ dbesc($_POST['screen_name']));
+
+ $recipient = api_get_user($a, $r[0]['id']);
+
+
+ require_once("include/message.php");
+ $sub = ( (strlen($_POST['text'])>10)?substr($_POST['text'],0,10)."...":$_POST['text']);
+ $id = send_message($recipient['id'], $_POST['text'], $sub);
+
+
+ if ($id>-1) {
+ $r = q("SELECT * FROM `mail` WHERE id=%d", intval($id));
+ $item = $r[0];
+ $ret=Array(
+ 'id' => $item['id'],
+ 'created_at'=> api_date($item['created']),
+ 'sender_id'=> $sender['id'] ,
+ 'sender_screen_name'=> $sender['screen_name'],
+ 'sender'=> $sender,
+ 'recipient_id'=> $recipient['id'],
+ 'recipient_screen_name'=> $recipient['screen_name'],
+ 'recipient'=> $recipient,
+
+ 'text'=> $item['title']."\n".strip_tags(bbcode($item['body'])) ,
+
+ );
+
+ } else {
+ $ret = array("error"=>$id);
+ }
+
+ $data = Array('$messages'=>$ret);
+
+ switch($type){
+ case "atom":
+ case "rss":
+ $data = api_rss_extra($a, $data, $user_info);
+ }
+
+ return api_apply_template("direct_messages", $type, $data);
+
+ }
+ api_register_func('api/direct_messages/new','api_direct_messages_new',true);
+
+ function api_direct_messages_box(&$a, $type, $box) {
+ if (local_user()===false) return false;
+
+ $user_info = api_get_user($a);
+
+ // params
+ $count = (x($_GET,'count')?$_GET['count']:20);
+ $page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
+ if ($page<0) $page=0;
+
+ $start = $page*$count;
+
+
+ if ($box=="sentbox") {
+ $sql_extra = "`from-url`='%s'";
+ } else {
+ $sql_extra = "`from-url`!='%s'";
+ }
+
+ $r = q("SELECT * FROM `mail` WHERE uid=%d AND $sql_extra ORDER BY created DESC LIMIT %d,%d",
+ intval(local_user()),
+ dbesc( $a->get_baseurl() . '/profile/' . $a->user['nickname'] ),
+ intval($start), intval($count)
+ );
+
+ $ret = Array();
+ foreach($r as $item){
+ switch ($box){
+ case "inbox":
+ $recipient = $user_info;
+ $sender = api_get_user($a,$item['contact-id']);
+ break;
+ case "sentbox":
+ $recipient = api_get_user($a,$item['contact-id']);
+ $sender = $user_info;
+ break;
+ }
+
+ $ret[]=Array(
+ 'id' => $item['id'],
+ 'created_at'=> api_date($item['created']),
+ 'sender_id'=> $sender['id'] ,
+ 'sender_screen_name'=> $sender['screen_name'],
+ 'sender'=> $sender,
+ 'recipient_id'=> $recipient['id'],
+ 'recipient_screen_name'=> $recipient['screen_name'],
+ 'recipient'=> $recipient,
+
+ 'text'=> $item['title']."\n".strip_tags(bbcode($item['body'])) ,
+
+ );
+
+ }
+
+
+ $data = array('$messages' => $ret);
+ switch($type){
+ case "atom":
+ case "rss":
+ $data = api_rss_extra($a, $data, $user_info);
+ }
+
+ return api_apply_template("direct_messages", $type, $data);
+
+ }
+
+ function api_direct_messages_sentbox(&$a, $type){
+ return api_direct_messages_box($a, $type, "sentbox");
+ }
+ function api_direct_messages_inbox(&$a, $type){
+ return api_direct_messages_box($a, $type, "inbox");
+ }
+ api_register_func('api/direct_messages/sent','api_direct_messages_sentbox',true);
+ api_register_func('api/direct_messages','api_direct_messages_inbox',true);
projects / friendica.git / blobdiff