<?php
require_once("bbcode.php");
require_once("datetime.php");
+ require_once("conversation.php");
/*
* Twitter-Like API
*/
$API = Array();
-
+ $called_api = Null;
function api_date($str){
//Wed May 23 06:01:13 +0000 2007
- return datetime_convert('UTC', 'UTC', $str, "D M d h:i:s +0000 Y" );
+ return datetime_convert('UTC', 'UTC', $str, "D M d H:i:s +0000 Y" );
}
// process normal login request
$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' )
- AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
+ AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
dbesc(trim($user)),
dbesc(trim($user)),
dbesc($encrypted)
* MAIN API ENTRY POINT *
**************************/
function api_call(&$a){
- GLOBAL $API;
+ GLOBAL $API, $called_api;
foreach ($API as $p=>$info){
if (strpos($a->query_string, $p)===0){
+ $called_api= explode("/",$p);
#unset($_SERVER['PHP_AUTH_USER']);
if ($info['auth']===true && local_user()===false) {
api_login($a);
return '<?xml version="1.0" encoding="UTF-8"?>'."\n".$r;
break;
case "json":
- header ("Content-Type: application/json");
+ //header ("Content-Type: application/json");
foreach($r as $rr)
return json_encode($rr);
break;
* Returns user info array.
*/
function api_get_user(&$a, $contact_id = Null){
+ global $called_api;
$user = null;
$extra_query = "";
+
if(!is_null($contact_id)){
$user=$contact_id;
$extra_query = "AND `contact`.`id` = %d ";
if(is_null($user) && x($_GET, 'screen_name')) {
$user = dbesc($_GET['screen_name']);
$extra_query = "AND `contact`.`nick` = '%s' ";
+ if (local_user()!==false) $extra_query .= "AND `contact`.`uid`=".intval(local_user());
+
}
- if (is_null($user) && $a->argc > 3){
- list($user, $null) = explode(".",$a->argv[3]);
+ if (is_null($user) && $a->argc > (count($called_api)-1)){
+ $argid = count($called_api);
+ list($user, $null) = explode(".",$a->argv[$argid]);
if(is_numeric($user)){
$user = intval($user);
$extra_query = "AND `contact`.`id` = %d ";
} else {
$user = dbesc($user);
$extra_query = "AND `contact`.`nick` = '%s' ";
+ if (local_user()!==false) $extra_query .= "AND `contact`.`uid`=".intval(local_user());
}
}
}
if($uinfo[0]['self']) {
+ $usr = q("select * from user where uid = %d limit 1",
+ intval(local_user())
+ );
+ $profile = q("select * from profile where uid = %d and `is-default` = 1 limit 1",
+ intval(local_user())
+ );
+
// count public wall messages
$r = q("SELECT COUNT(`id`) as `count` FROM `item`
WHERE `uid` = %d
WHERE `uid` = %d AND `rel` IN ( %d, %d )
AND `self`=0 AND `blocked`=0",
intval($uinfo[0]['uid']),
- intval(REL_FAN),
- intval(REL_BUD)
+ intval(CONTACT_IS_SHARING),
+ intval(CONTACT_IS_FRIEND)
);
$countfriends = $r[0]['count'];
WHERE `uid` = %d AND `rel` IN ( %d, %d )
AND `self`=0 AND `blocked`=0",
intval($uinfo[0]['uid']),
- intval(REL_VIP),
- intval(REL_BUD)
+ intval(CONTACT_IS_FOLLOWER),
+ intval(CONTACT_IS_FRIEND)
);
$countfollowers = $r[0]['count'];
+ $r = q("SELECT count(`id`) as `count` FROM item where starred = 1 and uid = %d and deleted = 0",
+ intval($uinfo[0]['uid'])
+ );
+ $starred = $r[0]['count'];
+
+
if(! $uinfo[0]['self']) {
$countfriends = 0;
$countfollowers = 0;
+ $starred = 0;
}
$ret = Array(
- 'uid' => $uinfo[0]['uid'],
- 'id' => $uinfo[0]['cid'],
+ 'self' => intval($uinfo[0]['self']),
+ 'uid' => intval($uinfo[0]['uid']),
+ 'id' => intval($uinfo[0]['cid']),
'name' => $uinfo[0]['name'],
- 'screen_name' => $uinfo[0]['nick'],
- 'location' => '', //$uinfo[0]['default-location'],
+ 'screen_name' => (($uinfo[0]['nick']) ? $uinfo[0]['nick'] : $uinfo[0]['name']),
+ 'location' => ($usr) ? $usr[0]['default-location'] : '',
'profile_image_url' => $uinfo[0]['micro'],
'url' => $uinfo[0]['url'],
'contact_url' => $a->get_baseurl()."/contacts/".$uinfo[0]['cid'],
- 'protected' => false, #
- 'friends_count' => $countfriends,
+ 'protected' => false,
+ 'friends_count' => intval($countfriends),
'created_at' => api_date($uinfo[0]['name-date']),
- 'utc_offset' => 0, #XXX: fix me
- 'time_zone' => '', //$uinfo[0]['timezone'],
+ 'utc_offset' => "+00:00",
+ 'time_zone' => 'UTC', //$uinfo[0]['timezone'],
'geo_enabled' => false,
- 'statuses_count' => $countitms, #XXX: fix me
+ 'statuses_count' => intval($countitms), #XXX: fix me
'lang' => 'en', #XXX: fix me
- 'description' => '',
- 'followers_count' => $countfollowers, #XXX: fix me
- 'favourites_count' => 0,
+ 'description' => (($profile) ? $profile[0]['pdesc'] : ''),
+ 'followers_count' => intval($countfollowers),
+ 'favourites_count' => intval($starred),
'contributors_enabled' => false,
- 'follow_request_sent' => false,
+ 'follow_request_sent' => true,
'profile_background_color' => 'cfe8f6',
'profile_text_color' => '000000',
'profile_link_color' => 'FF8500',
'profile_background_tile' => false,
'profile_use_background_image' => false,
'notifications' => false,
+ 'following' => '', #XXX: fix me
'verified' => true, #XXX: fix me
- 'followers' => '', #XXX: fix me
- #'status' => null
+ 'status' => array()
);
return $ret;
return api_get_user($a,$a->contacts[$normalised]['id']);
}
// We don't know this person directly.
+
+ list($nick, $name) = array_map("trim",explode("(",$item['author-name']));
+ $name=str_replace(")","",$name);
+
$ret = array(
'uid' => 0,
'id' => 0,
- 'name' => $item['author-name'],
- 'screen_name' => '',
+ 'name' => $name,
+ 'screen_name' => $nick,
'location' => '', //$uinfo[0]['default-location'],
'profile_image_url' => $item['author-avatar'],
'url' => $item['author-link'],
'notifications' => false,
'verified' => true, #XXX: fix me
'followers' => '', #XXX: fix me
- #'status' => null
+ 'status' => array()
);
return $ret;
function api_xmlify($val){
if (is_bool($val)) return $val?"true":"false";
if (is_array($val)) return array_map('api_xmlify', $val);
- return xmlify($val);
+ return xmlify((string) $val);
}
/**
}
return null;
}
+
// TODO - media uploads
function api_statuses_update(&$a, $type) {
if (local_user()===false) return false;
// logger('api_post: ' . print_r($_POST,true));
- $_POST['body'] = urldecode(requestdata('status'));
+ if(requestdata('htmlstatus')) {
+ require_once('library/HTMLPurifier.auto.php');
+ require_once('include/html2bbcode.php');
+
+ $txt = requestdata('htmlstatus');
+ if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) {
+
+ $txt = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s',
+ '[youtube]$1[/youtube]', $txt);
+
+ $txt = preg_replace('#<iframe[^>].+?' . 'http://www.youtube.com/embed/([A-Za-z0-9\-_=]+).+?</iframe>#s',
+ '[youtube]$1[/youtube]', $txt);
+
+ $config = HTMLPurifier_Config::createDefault();
+ $config->set('Cache.DefinitionImpl', null);
+
+
+ $purifier = new HTMLPurifier($config);
+ $txt = $purifier->purify($txt);
+
+ $_POST['body'] = html2bbcode($txt);
+ }
+
+ }
+ else
+ $_POST['body'] = urldecode(requestdata('status'));
$parent = requestdata('in_reply_to_status_id');
if(ctype_digit($parent))
*/
function api_statuses_home_timeline(&$a, $type){
if (local_user()===false) return false;
-
+
$user_info = api_get_user($a);
// get last newtork messages
-// $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` ) ";
+
+
+ // params
+ $count = (x($_REQUEST,'count')?$_REQUEST['count']:20);
+ $page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
+ if ($page<0) $page=0;
+ $since_id = 0;//$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
+
+ $start = $page*$count;
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
AND `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$sql_extra
+ AND `item`.`id`>%d
ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
intval($user_info['uid']),
- 0,20
+ intval($since_id),
+ intval($start), intval($count)
);
$ret = api_format_items($r,$user_info);
$user_info = api_get_user($a);
// get last newtork messages
-// $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` ) ";
+
+
+ logger("api_statuses_user_timeline: local_user: ". local_user() .
+ "\nuser_info: ".print_r($user_info, true) .
+ "\n_REQUEST: ".print_r($_REQUEST, true),
+ LOGGER_DEBUG);
+
+ // params
+ $count = (x($_REQUEST,'count')?$_REQUEST['count']:20);
+ $page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
+ if ($page<0) $page=0;
+ $since_id = 0;//$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
+
+ $start = $page*$count;
+
+ if ($user_info['self']==1) $sql_extra = "AND `item`.`wall` = 1 ";
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
FROM `item`, `contact`
WHERE `item`.`uid` = %d
+ AND `item`.`contact-id` = %d
AND `item`.`visible` = 1 AND `item`.`deleted` = 0
- AND `item`.`wall` = 1
AND `contact`.`id` = `item`.`contact-id`
AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
$sql_extra
+ AND `item`.`id`>%d
ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
- intval($user_info['uid']),
- 0,20
+ intval(local_user()),
+ intval($user_info['id']),
+ intval($since_id),
+ intval($start), intval($count)
);
$ret = api_format_items($r,$user_info);
if (local_user()===false) return false;
$user_info = api_get_user($a);
- // get last newtork messages
-// $sql_extra = " AND `item`.`parent` IN ( SELECT `parent` FROM `item` WHERE `id` = `parent` ) ";
-
- $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
- FROM `item`, `contact`
- WHERE `item`.`uid` = %d
- AND `item`.`visible` = 1 AND `item`.`deleted` = 0
- AND `item`.`starred` = 1
- AND `contact`.`id` = `item`.`contact-id`
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- $sql_extra
- ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
- intval($user_info['uid']),
- 0,20
- );
-
- $ret = api_format_items($r,$user_info);
+ // in friendika starred item are private
+ // return favorites only for self
+ logger('api_favorites: self:' . $user_info['self']);
+
+ if ($user_info['self']==0) {
+ $ret = array();
+ } else {
+
+
+ // params
+ $count = (x($_GET,'count')?$_GET['count']:20);
+ $page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
+ if ($page<0) $page=0;
+
+ $start = $page*$count;
+
+ $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
+ `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
+ `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
+ `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
+ FROM `item`, `contact`
+ WHERE `item`.`uid` = %d
+ AND `item`.`visible` = 1 AND `item`.`deleted` = 0
+ AND `item`.`starred` = 1
+ AND `contact`.`id` = `item`.`contact-id`
+ AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ $sql_extra
+ ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
+ intval($user_info['uid']),
+ intval($start), intval($count)
+ );
+ $ret = api_format_items($r,$user_info);
+
+ }
$data = array('$statuses' => $ret);
switch($type){
$ret = Array();
foreach($r as $item) {
+ localize_item($item);
$status_user = (($item['cid']==$user_info['id'])?$user_info: api_item_get_user($a,$item));
$status = array(
'created_at'=> api_date($item['created']),
- 'published' => datetime_convert('UTC','UTC',$item['created'],ATOM_TIME),
- 'updated' => datetime_convert('UTC','UTC',$item['edited'],ATOM_TIME),
- 'id' => $item['uri'],
+ 'published' => api_date($item['created']),
+ 'updated' => api_date($item['edited']),
+ 'id' => intval($item['id']),
+ 'message_id' => $item['uri'],
'text' => strip_tags(bbcode($item['body'])),
- 'html' => bbcode($item['body']),
+ 'statusnet_html' => bbcode($item['body']),
'source' => (($item['app']) ? $item['app'] : 'web'),
'url' => ($item['plink']!=''?$item['plink']:$item['author-link']),
'truncated' => False,
- 'in_reply_to_status_id' => ($item['parent']!=$item['id']?$item['parent']:''),
+ 'in_reply_to_status_id' => ($item['parent']!=$item['id']? intval($item['parent']):''),
'in_reply_to_user_id' => '',
- 'favorited' => false,
+ 'favorited' => $item['starred'] ? true : false,
'in_reply_to_screen_name' => '',
'geo' => '',
'coordinates' => $item['coord'],
}
api_register_func('api/account/rate_limit_status','api_account_rate_limit_status',true);
+ /**
+ * https://dev.twitter.com/docs/api/1/get/statuses/friends
+ * This function is deprecated by Twitter
+ * returns: json, xml
+ **/
+ function api_statuses_f(&$a, $type, $qtype) {
+ if (local_user()===false) return false;
+ $user_info = api_get_user($a);
+
+
+ // friends and followers only for self
+ if ($user_info['self']==0){
+ return false;
+ }
+
+ if (x($_GET,'cursor') && $_GET['cursor']=='undefined'){
+ /* this is to stop Hotot to load friends multiple times
+ * I'm not sure if I'm missing return something or
+ * is a bug in hotot. Workaround, meantime
+ */
+
+ /*$ret=Array();
+ return array('$users' => $ret);*/
+ return false;
+ }
+
+ if($qtype == 'friends')
+ $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_SHARING), intval(CONTACT_IS_FRIEND));
+ if($qtype == 'followers')
+ $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_FOLLOWER), intval(CONTACT_IS_FRIEND));
+
+ $r = q("SELECT id FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra",
+ intval(local_user())
+ );
+
+ $ret = array();
+ foreach($r as $cid){
+ $ret[] = api_get_user($a, $cid['id']);
+ }
+
+
+ return array('$users' => $ret);
+
+ }
+ function api_statuses_friends(&$a, $type){
+ $data = api_statuses_f($a,$type,"friends");
+ if ($data===false) return false;
+ return api_apply_template("friends", $type, $data);
+ }
+ function api_statuses_followers(&$a, $type){
+ $data = api_statuses_f($a,$type,"followers");
+ if ($data===false) return false;
+ return api_apply_template("friends", $type, $data);
+ }
+ api_register_func('api/statuses/friends','api_statuses_friends',true);
+ api_register_func('api/statuses/followers','api_statuses_followers',true);
+
+
+
+
+
function api_statusnet_config(&$a,$type) {
$name = $a->config['sitename'];
$email = $a->config['admin_email'];
$closed = (($a->config['register_policy'] == REGISTER_CLOSED) ? 'true' : 'false');
$private = (($a->config['system']['block_public']) ? 'true' : 'false');
- $textlimit = (($a->config['max_import_size']) ? $a->config['max_import_size'] : '200000');
+ $textlimit = (string) (($a->config['max_import_size']) ? $a->config['max_import_size'] : 200000);
+ if($a->config['api_import_size'])
+ $texlimit = string($a->config['api_import_size']);
$ssl = (($a->config['system']['have_ssl']) ? 'true' : 'false');
$sslserver = (($ssl === 'true') ? str_replace('http:','https:',$a->get_baseurl()) : '');
}
api_register_func('api/statusnet/config','api_statusnet_config',false);
-
function api_statusnet_version(&$a,$type) {
// liar
return false;
if($qtype == 'friends')
- $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(REL_FAN), intval(REL_BUD));
+ $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_SHARING), intval(CONTACT_IS_FRIEND));
if($qtype == 'followers')
- $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(REL_VIP), intval(REL_BUD));
+ $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_FOLLOWER), intval(CONTACT_IS_FRIEND));
$r = q("SELECT id FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra",
api_register_func('api/friends/ids','api_friends_ids',true);
api_register_func('api/followers/ids','api_followers_ids',true);
+
+ function api_direct_messages_new(&$a, $type) {
+ if (local_user()===false) return false;
+
+ if (!x($_POST, "text") || !x($_POST,"screen_name")) return;
+
+ $sender = api_get_user($a);
+
+ $r = q("SELECT `id` FROM `contact` WHERE `uid`=%d AND `nick`='%s'",
+ intval(local_user()),
+ dbesc($_POST['screen_name']));
+
+ $recipient = api_get_user($a, $r[0]['id']);
+
+
+ require_once("include/message.php");
+ $sub = ( (strlen($_POST['text'])>10)?substr($_POST['text'],0,10)."...":$_POST['text']);
+ $id = send_message($recipient['id'], $_POST['text'], $sub);
+
+
+ if ($id>-1) {
+ $r = q("SELECT * FROM `mail` WHERE id=%d", intval($id));
+ $item = $r[0];
+ $ret=Array(
+ 'id' => $item['id'],
+ 'created_at'=> api_date($item['created']),
+ 'sender_id'=> $sender['id'] ,
+ 'sender_screen_name'=> $sender['screen_name'],
+ 'sender'=> $sender,
+ 'recipient_id'=> $recipient['id'],
+ 'recipient_screen_name'=> $recipient['screen_name'],
+ 'recipient'=> $recipient,
+
+ 'text'=> $item['title']."\n".strip_tags(bbcode($item['body'])) ,
+
+ );
+
+ } else {
+ $ret = array("error"=>$id);
+ }
+
+ $data = Array('$messages'=>$ret);
+
+ switch($type){
+ case "atom":
+ case "rss":
+ $data = api_rss_extra($a, $data, $user_info);
+ }
+
+ return api_apply_template("direct_messages", $type, $data);
+
+ }
+ api_register_func('api/direct_messages/new','api_direct_messages_new',true);
+
+ function api_direct_messages_box(&$a, $type, $box) {
+ if (local_user()===false) return false;
+
+ $user_info = api_get_user($a);
+
+ // params
+ $count = (x($_GET,'count')?$_GET['count']:20);
+ $page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
+ if ($page<0) $page=0;
+
+ $start = $page*$count;
+
+
+ if ($box=="sentbox") {
+ $sql_extra = "`from-url`='%s'";
+ } else {
+ $sql_extra = "`from-url`!='%s'";
+ }
+
+ $r = q("SELECT * FROM `mail` WHERE uid=%d AND $sql_extra ORDER BY created DESC LIMIT %d,%d",
+ intval(local_user()),
+ dbesc( $a->get_baseurl() . '/profile/' . $a->user['nickname'] ),
+ intval($start), intval($count)
+ );
+
+ $ret = Array();
+ foreach($r as $item){
+ switch ($box){
+ case "inbox":
+ $recipient = $user_info;
+ $sender = api_get_user($a,$item['contact-id']);
+ break;
+ case "sentbox":
+ $recipient = api_get_user($a,$item['contact-id']);
+ $sender = $user_info;
+ break;
+ }
+
+ $ret[]=Array(
+ 'id' => $item['id'],
+ 'created_at'=> api_date($item['created']),
+ 'sender_id'=> $sender['id'] ,
+ 'sender_screen_name'=> $sender['screen_name'],
+ 'sender'=> $sender,
+ 'recipient_id'=> $recipient['id'],
+ 'recipient_screen_name'=> $recipient['screen_name'],
+ 'recipient'=> $recipient,
+
+ 'text'=> $item['title']."\n".strip_tags(bbcode($item['body'])) ,
+
+ );
+
+ }
+
+
+ $data = array('$messages' => $ret);
+ switch($type){
+ case "atom":
+ case "rss":
+ $data = api_rss_extra($a, $data, $user_info);
+ }
+
+ return api_apply_template("direct_messages", $type, $data);
+
+ }
+
+ function api_direct_messages_sentbox(&$a, $type){
+ return api_direct_messages_box($a, $type, "sentbox");
+ }
+ function api_direct_messages_inbox(&$a, $type){
+ return api_direct_messages_box($a, $type, "inbox");
+ }
+ api_register_func('api/direct_messages/sent','api_direct_messages_sentbox',true);
+ api_register_func('api/direct_messages','api_direct_messages_inbox',true);