<?php
/**
+ * @copyright Copyright (C) 2020, Friendica
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
* Friendica implementation of statusnet/twitter API
*
* @file include/api.php
use Friendica\App;
use Friendica\Content\ContactSelector;
-use Friendica\Content\Feature;
use Friendica\Content\Text\BBCode;
use Friendica\Content\Text\HTML;
-use Friendica\Core\Config;
use Friendica\Core\Hook;
-use Friendica\Core\L10n;
use Friendica\Core\Logger;
-use Friendica\Core\PConfig;
use Friendica\Core\Protocol;
use Friendica\Core\Session;
use Friendica\Core\System;
use Friendica\Model\Group;
use Friendica\Model\Item;
use Friendica\Model\Mail;
+use Friendica\Model\Notify;
use Friendica\Model\Photo;
-use Friendica\Model\Profile;
use Friendica\Model\User;
-use Friendica\Network\FKOAuth1;
+use Friendica\Model\UserItem;
+use Friendica\Model\Verb;
+use Friendica\Security\FKOAuth1;
use Friendica\Network\HTTPException;
use Friendica\Network\HTTPException\BadRequestException;
use Friendica\Network\HTTPException\ExpectationFailedException;
use Friendica\Object\Image;
use Friendica\Protocol\Activity;
use Friendica\Protocol\Diaspora;
+use Friendica\Security\OAuth1\OAuthRequest;
+use Friendica\Security\OAuth1\OAuthUtil;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Images;
use Friendica\Util\Network;
use Friendica\Util\Strings;
use Friendica\Util\XML;
-require_once __DIR__ . '/../mod/share.php';
require_once __DIR__ . '/../mod/item.php';
require_once __DIR__ . '/../mod/wall_upload.php';
$called_api = [];
/**
+ * Auth API user
+ *
* It is not sufficient to use local_user() to check whether someone is allowed to use the API,
* because this will open CSRF holes (just embed an image with src=friendicasite.com/api/statuses/update?status=CSRF
* into a page, and visitors will post something without noticing it).
- *
- * @brief Auth API user
*/
function api_user()
{
}
/**
+ * Get source name from API client
+ *
* Clients can send 'source' parameter to be show in post metadata
* as "sent via <source>".
* Some clients doesn't send a source param, we support ones we know
* (only Twidere, atm)
*
- * @brief Get source name from API client
- *
* @return string
* Client source name, default to "api" if unset/unknown
* @throws Exception
}
/**
- * @brief Format date for API
+ * Format date for API
*
* @param string $str Source date, as UTC
* @return string Date in UTC formatted as "D M d H:i:s +0000 Y"
/**
* Register a function to be the endpoint for defined API path.
*
- * @brief Register API endpoint
- *
* @param string $path API URL path, relative to DI::baseUrl()
* @param string $func Function name to call on path request
* @param bool $auth API need logged user
* Log in user via OAuth1 or Simple HTTP Auth.
* Simple Auth allow username in form of <pre>user@server</pre>, ignoring server part
*
- * @brief Login API user
- *
* @param App $a App
* @throws ForbiddenException
* @throws InternalServerErrorException
*/
function api_login(App $a)
{
- $oauth1 = new FKOAuth1();
- // login with oauth
- try {
- $request = OAuthRequest::from_request();
- list($consumer, $token) = $oauth1->verify_request($request);
- if (!is_null($token)) {
- $oauth1->loginUser($token->uid);
- Session::set('allow_api', true);
- return;
- }
- echo __FILE__.__LINE__.__FUNCTION__ . "<pre>";
- var_dump($consumer, $token);
- die();
- } catch (Exception $e) {
- Logger::warning(API_LOG_PREFIX . 'error', ['module' => 'api', 'action' => 'login', 'exception' => $e->getMessage()]);
- }
-
// workaround for HTTP-auth in CGI mode
if (!empty($_SERVER['REDIRECT_REMOTE_USER'])) {
$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6));
}
if (empty($_SERVER['PHP_AUTH_USER'])) {
+ // Try OAuth when no user is provided
+ $oauth1 = new FKOAuth1();
+ // login with oauth
+ try {
+ $request = OAuthRequest::from_request();
+ list($consumer, $token) = $oauth1->verify_request($request);
+ if (!is_null($token)) {
+ $oauth1->loginUser($token->uid);
+ Session::set('allow_api', true);
+ return;
+ }
+ echo __FILE__.__LINE__.__FUNCTION__ . "<pre>";
+ var_dump($consumer, $token);
+ die();
+ } catch (Exception $e) {
+ Logger::warning(API_LOG_PREFIX . 'OAuth error', ['module' => 'api', 'action' => 'login', 'exception' => $e->getMessage()]);
+ }
+
Logger::debug(API_LOG_PREFIX . 'failed', ['module' => 'api', 'action' => 'login', 'parameters' => $_SERVER]);
header('WWW-Authenticate: Basic realm="Friendica"');
throw new UnauthorizedException("This API requires login");
throw new UnauthorizedException("This API requires login");
}
- DI::auth()->setForUser($a, $record);
+ // Don't refresh the login date more often than twice a day to spare database writes
+ $login_refresh = strcmp(DateTimeFormat::utc('now - 12 hours'), $record['login_date']) > 0;
+
+ DI::auth()->setForUser($a, $record, false, false, $login_refresh);
$_SESSION["allow_api"] = true;
}
/**
+ * Check HTTP method of called API
+ *
* API endpoints can define which HTTP method to accept when called.
* This function check the current HTTP method agains endpoint
* registered method.
*
- * @brief Check HTTP method of called API
- *
* @param string $method Required methods, uppercase, separated by comma
* @return bool
*/
}
/**
- * Authenticate user, call registered API function, set HTTP headers
+ * Main API entry point
*
- * @brief Main API entry point
+ * Authenticate user, call registered API function, set HTTP headers
*
* @param App $a App
* @param App\Arguments $args The app arguments (optional, will retrieved by the DI-Container in case of missing)
}
$type = "json";
- if (strpos($args->getQueryString(), ".xml") > 0) {
+ if (strpos($args->getCommand(), ".xml") > 0) {
$type = "xml";
}
- if (strpos($args->getQueryString(), ".json") > 0) {
+ if (strpos($args->getCommand(), ".json") > 0) {
$type = "json";
}
- if (strpos($args->getQueryString(), ".rss") > 0) {
+ if (strpos($args->getCommand(), ".rss") > 0) {
$type = "rss";
}
- if (strpos($args->getQueryString(), ".atom") > 0) {
+ if (strpos($args->getCommand(), ".atom") > 0) {
$type = "atom";
}
try {
foreach ($API as $p => $info) {
- if (strpos($args->getQueryString(), $p) === 0) {
+ if (strpos($args->getCommand(), $p) === 0) {
if (!api_check_method($info['method'])) {
throw new MethodNotAllowedException();
}
$called_api = explode("/", $p);
- //unset($_SERVER['PHP_AUTH_USER']);
- /// @TODO should be "true ==[=] $info['auth']", if you miss only one = character, you assign a variable (only with ==). Let's make all this even.
if (!empty($info['auth']) && api_user() === false) {
api_login($a);
+ Logger::info(API_LOG_PREFIX . 'username {username}', ['module' => 'api', 'action' => 'call', 'username' => $a->user['username']]);
}
- Logger::info(API_LOG_PREFIX . 'username {username}', ['module' => 'api', 'action' => 'call', 'username' => $a->user['username']]);
Logger::debug(API_LOG_PREFIX . 'parameters', ['module' => 'api', 'action' => 'call', 'parameters' => $_REQUEST]);
$stamp = microtime(true);
$return = call_user_func($info['func'], $type);
$duration = floatval(microtime(true) - $stamp);
- Logger::info(API_LOG_PREFIX . 'username {username}', ['module' => 'api', 'action' => 'call', 'username' => $a->user['username'], 'duration' => round($duration, 2)]);
+ Logger::info(API_LOG_PREFIX . 'duration {duration}', ['module' => 'api', 'action' => 'call', 'duration' => round($duration, 2)]);
DI::profiler()->saveLog(DI::logger(), API_LOG_PREFIX . 'performance');
}
Logger::warning(API_LOG_PREFIX . 'not implemented', ['module' => 'api', 'action' => 'call', 'query' => DI::args()->getQueryString()]);
- throw new NotImplementedException();
+ throw new NotFoundException();
} catch (HTTPException $e) {
header("HTTP/1.1 {$e->getCode()} {$e->httpdesc}");
return api_error($type, $e, $args);
}
/**
- * @brief Format API error string
+ * Format API error string
*
* @param string $type Return type (xml, json, rss, as)
* @param object $e HTTPException Error object
}
/**
- * @brief Set values for RSS template
+ * Set values for RSS template
*
* @param App $a
* @param array $arr Array to be passed to template
/**
- * @brief Unique contact to contact url.
+ * Unique contact to contact url.
*
* @param int $id Contact id
* @return bool|string
}
/**
- * @brief Get user info array.
+ * Get user info array.
*
* @param App $a App
* @param int|string $contact_id Contact ID or URL
'name' => $contact["name"],
'screen_name' => (($contact['nick']) ? $contact['nick'] : $contact['name']),
'location' => ($contact["location"] != "") ? $contact["location"] : ContactSelector::networkToName($contact['network'], $contact['url'], $contact['protocol']),
- 'description' => BBCode::toPlaintext($contact["about"]),
+ 'description' => BBCode::toPlaintext($contact["about"] ?? ''),
'profile_image_url' => $contact["micro"],
'profile_image_url_https' => $contact["micro"],
'profile_image_url_profile_size' => $contact["thumb"],
'notifications' => false,
'statusnet_profile_url' => $contact["url"],
'uid' => 0,
- 'cid' => Contact::getIdForURL($contact["url"], api_user(), true),
- 'pid' => Contact::getIdForURL($contact["url"], 0, true),
+ 'cid' => Contact::getIdForURL($contact["url"], api_user(), false),
+ 'pid' => Contact::getIdForURL($contact["url"], 0, false),
'self' => 0,
'network' => $contact["network"],
];
$countfollowers = 0;
$starred = 0;
- $pcontact_id = Contact::getIdForURL($uinfo[0]['url'], 0, true);
+ $pcontact_id = Contact::getIdForURL($uinfo[0]['url'], 0, false);
if (!empty($profile['about'])) {
$description = $profile['about'];
'name' => (($uinfo[0]['name']) ? $uinfo[0]['name'] : $uinfo[0]['nick']),
'screen_name' => (($uinfo[0]['nick']) ? $uinfo[0]['nick'] : $uinfo[0]['name']),
'location' => $location,
- 'description' => BBCode::toPlaintext($description),
+ 'description' => BBCode::toPlaintext($description ?? ''),
'profile_image_url' => $uinfo[0]['micro'],
'profile_image_url_https' => $uinfo[0]['micro'],
'profile_image_url_profile_size' => $uinfo[0]["thumb"],
'statusnet_profile_url' => $uinfo[0]['url'],
'uid' => intval($uinfo[0]['uid']),
'cid' => intval($uinfo[0]['cid']),
- 'pid' => Contact::getIdForURL($uinfo[0]["url"], 0, true),
+ 'pid' => Contact::getIdForURL($uinfo[0]["url"], 0, false),
'self' => $uinfo[0]['self'],
'network' => $uinfo[0]['network'],
];
if ($ret['self']) {
$theme_info = DBA::selectFirst('user', ['theme'], ['uid' => $ret['uid']]);
if ($theme_info['theme'] === 'frio') {
- $schema = PConfig::get($ret['uid'], 'frio', 'schema');
+ $schema = DI::pConfig()->get($ret['uid'], 'frio', 'schema');
if ($schema && ($schema != '---')) {
if (file_exists('view/theme/frio/schema/'.$schema.'.php')) {
require_once $schemefile;
}
} else {
- $nav_bg = PConfig::get($ret['uid'], 'frio', 'nav_bg');
- $link_color = PConfig::get($ret['uid'], 'frio', 'link_color');
- $bgcolor = PConfig::get($ret['uid'], 'frio', 'background_color');
+ $nav_bg = DI::pConfig()->get($ret['uid'], 'frio', 'nav_bg');
+ $link_color = DI::pConfig()->get($ret['uid'], 'frio', 'link_color');
+ $bgcolor = DI::pConfig()->get($ret['uid'], 'frio', 'background_color');
}
if (empty($nav_bg)) {
$nav_bg = "#708fa0";
}
/**
- * @brief return api-formatted array for item's author and owner
+ * return api-formatted array for item's author and owner
*
* @param App $a App
* @param array $item item from db
$author_user = $status_user;
- $status_user["protected"] = $item['private'] ?? 0;
+ $status_user["protected"] = isset($item['private']) && ($item['private'] == Item::PRIVATE);
if (($item['thr-parent'] ?? '') == ($item['uri'] ?? '')) {
$owner_user = api_get_user($a, $item['owner-id'] ?? null);
}
/**
- * @brief walks recursively through an array with the possibility to change value and key
+ * walks recursively through an array with the possibility to change value and key
*
* @param array $array The array to walk through
* @param callable $callback The callback function
}
/**
- * @brief Callback function to transform the array in an array that can be transformed in a XML file
+ * Callback function to transform the array in an array that can be transformed in a XML file
*
* @param mixed $item Array item value
* @param string $key Array key
}
/**
- * @brief Creates the XML from a JSON style array
+ * Creates the XML from a JSON style array
*
* @param array $data JSON style array
* @param string $root_element Name of the root element
}
/**
- * @brief Formats the data according to the data type
+ * Formats the data according to the data type
*
* @param string $root_element Name of the root element
* @param string $type Return type (atom, rss, xml, json)
*/
function api_account_verify_credentials($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
*/
function api_statuses_mediap($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
Logger::log('api_statuses_update: no user');
*/
function api_statuses_update($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
Logger::log('api_statuses_update: no user');
if (!$parent) {
// Check for throttling (maximum posts per day, week and month)
- $throttle_day = Config::get('system', 'throttle_limit_day');
+ $throttle_day = DI::config()->get('system', 'throttle_limit_day');
if ($throttle_day > 0) {
$datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60);
if ($posts_day > $throttle_day) {
Logger::log('Daily posting limit reached for user '.api_user(), Logger::DEBUG);
- // die(api_error($type, L10n::t("Daily posting limit of %d posts reached. The post was rejected.", $throttle_day));
- throw new TooManyRequestsException(L10n::tt("Daily posting limit of %d post reached. The post was rejected.", "Daily posting limit of %d posts reached. The post was rejected.", $throttle_day));
+ // die(api_error($type, DI::l10n()->t("Daily posting limit of %d posts reached. The post was rejected.", $throttle_day));
+ throw new TooManyRequestsException(DI::l10n()->tt("Daily posting limit of %d post reached. The post was rejected.", "Daily posting limit of %d posts reached. The post was rejected.", $throttle_day));
}
}
- $throttle_week = Config::get('system', 'throttle_limit_week');
+ $throttle_week = DI::config()->get('system', 'throttle_limit_week');
if ($throttle_week > 0) {
$datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60*7);
if ($posts_week > $throttle_week) {
Logger::log('Weekly posting limit reached for user '.api_user(), Logger::DEBUG);
- // die(api_error($type, L10n::t("Weekly posting limit of %d posts reached. The post was rejected.", $throttle_week)));
- throw new TooManyRequestsException(L10n::tt("Weekly posting limit of %d post reached. The post was rejected.", "Weekly posting limit of %d posts reached. The post was rejected.", $throttle_week));
+ // die(api_error($type, DI::l10n()->t("Weekly posting limit of %d posts reached. The post was rejected.", $throttle_week)));
+ throw new TooManyRequestsException(DI::l10n()->tt("Weekly posting limit of %d post reached. The post was rejected.", "Weekly posting limit of %d posts reached. The post was rejected.", $throttle_week));
}
}
- $throttle_month = Config::get('system', 'throttle_limit_month');
+ $throttle_month = DI::config()->get('system', 'throttle_limit_month');
if ($throttle_month > 0) {
$datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60*30);
if ($posts_month > $throttle_month) {
Logger::log('Monthly posting limit reached for user '.api_user(), Logger::DEBUG);
- // die(api_error($type, L10n::t("Monthly posting limit of %d posts reached. The post was rejected.", $throttle_month));
- throw new TooManyRequestsException(L10n::t("Monthly posting limit of %d post reached. The post was rejected.", "Monthly posting limit of %d posts reached. The post was rejected.", $throttle_month));
+ // die(api_error($type, DI::l10n()->t("Monthly posting limit of %d posts reached. The post was rejected.", $throttle_month));
+ throw new TooManyRequestsException(DI::l10n()->t("Monthly posting limit of %d post reached. The post was rejected.", "Monthly posting limit of %d posts reached. The post was rejected.", $throttle_month));
}
}
}
*/
function api_media_upload()
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
Logger::log('no user');
"image_type" => $media["type"],
"friendica_preview_url" => $media["preview"]];
- Logger::log("Media uploaded: " . print_r($returndata, true), Logger::DEBUG);
+ Logger::info('Media uploaded', ['return' => $returndata]);
return ["media" => $returndata];
}
*/
function api_media_metadata_create($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
Logger::info('no user');
/**
* @param string $type Return format (atom, rss, xml, json)
* @param int $item_id
- * @return string
+ * @return array|string
* @throws Exception
*/
function api_status_show($type, $item_id)
'author-id'=> $ownerId,
'uid' => $uid,
'gravity' => [GRAVITY_PARENT, GRAVITY_COMMENT],
- 'private' => false
+ 'private' => [Item::PUBLIC, Item::UNLISTED]
];
$item = api_get_item($condition);
*/
function api_users_search($type)
{
- $a = \get_app();
+ $a = DI::app();
$userlist = [];
if (!empty($_REQUEST['user_id'])) {
foreach (explode(',', $_REQUEST['user_id']) as $id) {
if (!empty($id)) {
- $users[] = api_get_user(get_app(), $id);
+ $users[] = api_get_user(DI::app(), $id);
}
}
}
*/
function api_search($type)
{
- $a = \get_app();
+ $a = DI::app();
$user_info = api_get_user($a);
if (api_user() === false || $user_info === false) {
} elseif (!empty($_REQUEST['count'])) {
$count = $_REQUEST['count'];
}
-
+
$since_id = $_REQUEST['since_id'] ?? 0;
$max_id = $_REQUEST['max_id'] ?? 0;
$page = $_REQUEST['page'] ?? 1;
$params = ['order' => ['id' => true], 'limit' => [$start, $count]];
if (preg_match('/^#(\w+)$/', $searchTerm, $matches) === 1 && isset($matches[1])) {
$searchTerm = $matches[1];
- $condition = ["`oid` > ?
- AND (`uid` = 0 OR (`uid` = ? AND NOT `global`))
- AND `otype` = ? AND `type` = ? AND `term` = ?",
- $since_id, local_user(), TERM_OBJ_POST, TERM_HASHTAG, $searchTerm];
- if ($max_id > 0) {
- $condition[0] .= ' AND `oid` <= ?';
- $condition[] = $max_id;
+ $condition = ["`iid` > ? AND `name` = ? AND (NOT `private` OR (`private` AND `uid` = ?))", $since_id, $searchTerm, local_user()];
+ $tags = DBA::select('tag-search-view', ['uri-id'], $condition);
+ $uriids = [];
+ while ($tag = DBA::fetch($tags)) {
+ $uriids[] = $tag['uri-id'];
}
- $terms = DBA::select('term', ['oid'], $condition, []);
- $itemIds = [];
- while ($term = DBA::fetch($terms)) {
- $itemIds[] = $term['oid'];
- }
- DBA::close($terms);
+ DBA::close($tags);
- if (empty($itemIds)) {
+ if (empty($uriids)) {
return api_format_data('statuses', $type, $data);
}
- $preCondition = ['`id` IN (' . implode(', ', $itemIds) . ')'];
+ $condition = ['uri-id' => $uriids];
if ($exclude_replies) {
- $preCondition[] = '`id` = `parent`';
+ $condition['gravity'] = GRAVITY_PARENT;
}
- $condition = [implode(' AND ', $preCondition)];
+ $params['group_by'] = ['uri-id'];
} else {
- $condition = ["`id` > ?
- " . ($exclude_replies ? " AND `id` = `parent` " : ' ') . "
+ $condition = ["`id` > ?
+ " . ($exclude_replies ? " AND `gravity` = " . GRAVITY_PARENT : ' ') . "
AND (`uid` = 0 OR (`uid` = ? AND NOT `global`))
AND `body` LIKE CONCAT('%',?,'%')",
$since_id, api_user(), $_REQUEST['q']];
*/
function api_statuses_home_timeline($type)
{
- $a = \get_app();
+ $a = DI::app();
$user_info = api_get_user($a);
if (api_user() === false || $user_info === false) {
$condition[] = $max_id;
}
if ($exclude_replies) {
- $condition[0] .= ' AND `item`.`parent` = `item`.`id`';
+ $condition[0] .= ' AND `item`.`gravity` = ?';
+ $condition[] = GRAVITY_PARENT;
}
if ($conversation_id > 0) {
$condition[0] .= " AND `item`.`parent` = ?";
*/
function api_statuses_public_timeline($type)
{
- $a = \get_app();
+ $a = DI::app();
$user_info = api_get_user($a);
if (api_user() === false || $user_info === false) {
$start = max(0, ($page - 1) * $count);
if ($exclude_replies && !$conversation_id) {
- $condition = ["`gravity` IN (?, ?) AND `iid` > ? AND NOT `private` AND `wall` AND NOT `user`.`hidewall` AND NOT `author`.`hidden`",
- GRAVITY_PARENT, GRAVITY_COMMENT, $since_id];
+ $condition = ["`gravity` IN (?, ?) AND `iid` > ? AND `private` = ? AND `wall` AND NOT `author`.`hidden`",
+ GRAVITY_PARENT, GRAVITY_COMMENT, $since_id, Item::PUBLIC];
if ($max_id > 0) {
$condition[0] .= " AND `thread`.`iid` <= ?";
$r = Item::inArray($statuses);
} else {
- $condition = ["`gravity` IN (?, ?) AND `id` > ? AND NOT `private` AND `wall` AND NOT `user`.`hidewall` AND `item`.`origin` AND NOT `author`.`hidden`",
- GRAVITY_PARENT, GRAVITY_COMMENT, $since_id];
+ $condition = ["`gravity` IN (?, ?) AND `id` > ? AND `private` = ? AND `wall` AND `item`.`origin` AND NOT `author`.`hidden`",
+ GRAVITY_PARENT, GRAVITY_COMMENT, $since_id, Item::PUBLIC];
if ($max_id > 0) {
$condition[0] .= " AND `item`.`id` <= ?";
/**
* Returns the most recent statuses posted by users this node knows about.
*
- * @brief Returns the list of public federated posts this node knows about
- *
* @param string $type Return format: json, xml, atom, rss
* @return array|string
* @throws BadRequestException
*/
function api_statuses_networkpublic_timeline($type)
{
- $a = \get_app();
+ $a = DI::app();
$user_info = api_get_user($a);
if (api_user() === false || $user_info === false) {
$start = max(0, ($page - 1) * $count);
- $condition = ["`uid` = 0 AND `gravity` IN (?, ?) AND `thread`.`iid` > ? AND NOT `private`",
- GRAVITY_PARENT, GRAVITY_COMMENT, $since_id];
+ $condition = ["`uid` = 0 AND `gravity` IN (?, ?) AND `thread`.`iid` > ? AND `private` = ?",
+ GRAVITY_PARENT, GRAVITY_COMMENT, $since_id, Item::PUBLIC];
if ($max_id > 0) {
$condition[0] .= " AND `thread`.`iid` <= ?";
*/
function api_statuses_show($type)
{
- $a = \get_app();
+ $a = DI::app();
$user_info = api_get_user($a);
if (api_user() === false || $user_info === false) {
*/
function api_conversation_show($type)
{
- $a = \get_app();
+ $a = DI::app();
$user_info = api_get_user($a);
if (api_user() === false || $user_info === false) {
{
global $called_api;
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
Logger::log('API: api_statuses_repeat: '.$id);
- $fields = ['body', 'title', 'attach', 'tag', 'author-name', 'author-link', 'author-avatar', 'guid', 'created', 'plink'];
- $item = Item::selectFirst($fields, ['id' => $id, 'private' => false]);
+ $fields = ['uri-id', 'network', 'body', 'title', 'author-name', 'author-link', 'author-avatar', 'guid', 'created', 'plink'];
+ $item = Item::selectFirst($fields, ['id' => $id, 'private' => [Item::PUBLIC, Item::UNLISTED]]);
if (DBA::isResult($item) && $item['body'] != "") {
- if (strpos($item['body'], "[/share]") !== false) {
- $pos = strpos($item['body'], "[share");
- $post = substr($item['body'], $pos);
+ if (in_array($item['network'], [Protocol::ACTIVITYPUB, Protocol::DFRN, Protocol::TWITTER])) {
+ if (!Item::performActivity($id, 'announce', local_user())) {
+ throw new InternalServerErrorException();
+ }
+
+ $item_id = $id;
} else {
- $post = share_header($item['author-name'], $item['author-link'], $item['author-avatar'], $item['guid'], $item['created'], $item['plink']);
+ if (strpos($item['body'], "[/share]") !== false) {
+ $pos = strpos($item['body'], "[share");
+ $post = substr($item['body'], $pos);
+ } else {
+ $post = BBCode::getShareOpeningTag($item['author-name'], $item['author-link'], $item['author-avatar'], $item['plink'], $item['created'], $item['guid']);
+
+ if (!empty($item['title'])) {
+ $post .= '[h3]' . $item['title'] . "[/h3]\n";
+ }
- if (!empty($item['title'])) {
- $post .= '[h3]' . $item['title'] . "[/h3]\n";
+ $post .= $item['body'];
+ $post .= "[/share]";
}
+ $_REQUEST['body'] = $post;
+ $_REQUEST['profile_uid'] = api_user();
+ $_REQUEST['api_source'] = true;
- $post .= $item['body'];
- $post .= "[/share]";
- }
- $_REQUEST['body'] = $post;
- $_REQUEST['tag'] = $item['tag'];
- $_REQUEST['attach'] = $item['attach'];
- $_REQUEST['profile_uid'] = api_user();
- $_REQUEST['api_source'] = true;
-
- if (empty($_REQUEST['source'])) {
- $_REQUEST["source"] = api_source();
- }
+ if (empty($_REQUEST['source'])) {
+ $_REQUEST["source"] = api_source();
+ }
- $item_id = item_post($a);
+ $item_id = item_post($a);
+ }
} else {
throw new ForbiddenException();
}
*/
function api_statuses_destroy($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
*/
function api_statuses_mentions($type)
{
- $a = \get_app();
+ $a = DI::app();
$user_info = api_get_user($a);
if (api_user() === false || $user_info === false) {
// get last network messages
// params
- $since_id = $_REQUEST['since_id'] ?? 0;
- $max_id = $_REQUEST['max_id'] ?? 0;
- $count = $_REQUEST['count'] ?? 20;
- $page = $_REQUEST['page'] ?? 1;
+ $since_id = intval($_REQUEST['since_id'] ?? 0);
+ $max_id = intval($_REQUEST['max_id'] ?? 0);
+ $count = intval($_REQUEST['count'] ?? 20);
+ $page = intval($_REQUEST['page'] ?? 1);
$start = max(0, ($page - 1) * $count);
- $condition = ["`uid` = ? AND `gravity` IN (?, ?) AND `item`.`id` > ? AND `author-id` != ? AND `mention`
- AND `item`.`parent` IN (SELECT `iid` FROM `thread` WHERE `thread`.`uid` = ? AND NOT `thread`.`ignored`)",
- api_user(), GRAVITY_PARENT, GRAVITY_COMMENT, $since_id, $user_info['pid'], api_user()];
+ $query = "SELECT `item`.`id` FROM `user-item`
+ INNER JOIN `item` ON `item`.`id` = `user-item`.`iid` AND `item`.`gravity` IN (?, ?)
+ WHERE (`user-item`.`hidden` IS NULL OR NOT `user-item`.`hidden`) AND
+ `user-item`.`uid` = ? AND `user-item`.`notification-type` & ? != 0
+ AND `user-item`.`iid` > ?";
+ $condition = [GRAVITY_PARENT, GRAVITY_COMMENT, api_user(),
+ UserItem::NOTIF_EXPLICIT_TAGGED | UserItem::NOTIF_IMPLICIT_TAGGED |
+ UserItem::NOTIF_THREAD_COMMENT | UserItem::NOTIF_DIRECT_COMMENT |
+ UserItem::NOTIF_DIRECT_THREAD_COMMENT,
+ $since_id];
if ($max_id > 0) {
- $condition[0] .= " AND `item`.`id` <= ?";
+ $query .= " AND `item`.`id` <= ?";
$condition[] = $max_id;
}
+ $query .= " ORDER BY `user-item`.`iid` DESC LIMIT ?, ?";
+ $condition[] = $start;
+ $condition[] = $count;
+
+ $useritems = DBA::p($query, $condition);
+ $itemids = [];
+ while ($useritem = DBA::fetch($useritems)) {
+ $itemids[] = $useritem['id'];
+ }
+ DBA::close($useritems);
+
$params = ['order' => ['id' => true], 'limit' => [$start, $count]];
- $statuses = Item::selectForUser(api_user(), [], $condition, $params);
+ $statuses = Item::selectForUser(api_user(), [], ['id' => $itemids], $params);
$ret = api_format_items(Item::inArray($statuses), $user_info, false, $type);
/**
* Returns the most recent statuses posted by the user.
*
- * @brief Returns a user's public timeline
- *
* @param string $type Either "json" or "xml"
* @return string|array
* @throws BadRequestException
*/
function api_statuses_user_timeline($type)
{
- $a = \get_app();
+ $a = DI::app();
$user_info = api_get_user($a);
if (api_user() === false || $user_info === false) {
throw new ForbiddenException();
}
- Logger::log(
- "api_statuses_user_timeline: api_user: ". api_user() .
- "\nuser_info: ".print_r($user_info, true) .
- "\n_REQUEST: ".print_r($_REQUEST, true),
- Logger::DEBUG
- );
+ Logger::info('api_statuses_user_timeline', ['api_user' => api_user(), 'user_info' => $user_info, '_REQUEST' => $_REQUEST]);
$since_id = $_REQUEST['since_id'] ?? 0;
$max_id = $_REQUEST['max_id'] ?? 0;
}
if ($exclude_replies) {
- $condition[0] .= ' AND `item`.`parent` = `item`.`id`';
+ $condition[0] .= ' AND `item`.`gravity` = ?';
+ $condition[] = GRAVITY_PARENT;
}
if ($conversation_id > 0) {
*/
function api_favorites_create_destroy($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
{
global $called_api;
- $a = \get_app();
+ $a = DI::app();
$user_info = api_get_user($a);
if (api_user() === false || $user_info === false) {
if ($_GET['getText'] == 'html') {
$ret['text'] = BBCode::convert($item['body'], false);
} elseif ($_GET['getText'] == 'plain') {
- $ret['text'] = trim(HTML::toPlaintext(BBCode::convert(api_clean_plain_items($item['body']), false, 2, true), 0));
+ $ret['text'] = trim(HTML::toPlaintext(BBCode::convert(api_clean_plain_items($item['body']), false, BBCode::API, true), 0));
}
} else {
- $ret['text'] = $item['title'] . "\n" . HTML::toPlaintext(BBCode::convert(api_clean_plain_items($item['body']), false, 2, true), 0);
+ $ret['text'] = $item['title'] . "\n" . HTML::toPlaintext(BBCode::convert(api_clean_plain_items($item['body']), false, BBCode::API, true), 0);
}
if (!empty($_GET['getUserObjects']) && $_GET['getUserObjects'] == 'false') {
unset($ret['sender']);
$attachments = api_get_attachments($body);
// Workaround for ostatus messages where the title is identically to the body
- $html = BBCode::convert(api_clean_plain_items($body), false, 2, true);
+ $html = BBCode::convert(api_clean_plain_items($body), false, BBCode::API, true);
$statusbody = trim(HTML::toPlaintext($html, 0));
// handle data: images
if ($image) {
// If image cache is activated, then use the following sizes:
// thumb (150), small (340), medium (600) and large (1024)
- if (!Config::get("system", "proxy_disabled")) {
+ if (!DI::config()->get("system", "proxy_disabled")) {
$media_url = ProxyUtils::proxifyUrl($url);
$sizes = [];
}
/**
- *
@brief return <a href='url'>name</a> as array
+ * return <a href='url'>name</a> as array
*
* @param string $txt text
* @return array
/**
- * @brief return likes, dislikes and attend status for item
+ * return likes, dislikes and attend status for item
*
* @param array $item array
* @param string $type Return type (atom, rss, xml, json)
*/
function api_format_items_activities($item, $type = "json")
{
- $a = \get_app();
+ $a = DI::app();
$activities = [
'like' => [],
return $activities;
}
-
-/**
- * @brief return data from profiles
- *
- * @param array $profile_row array containing data from db table 'profile'
- * @return array
- * @throws InternalServerErrorException
- */
-function api_format_items_profiles($profile_row)
-{
- $profile = [
- 'profile_id' => $profile_row['id'],
- 'profile_name' => $profile_row['profile-name'],
- 'is_default' => $profile_row['is-default'] ? true : false,
- 'hide_friends' => $profile_row['hide-friends'] ? true : false,
- 'profile_photo' => $profile_row['photo'],
- 'profile_thumb' => $profile_row['thumb'],
- 'publish' => $profile_row['publish'] ? true : false,
- 'net_publish' => $profile_row['net-publish'] ? true : false,
- 'description' => $profile_row['pdesc'],
- 'date_of_birth' => $profile_row['dob'],
- 'address' => $profile_row['address'],
- 'city' => $profile_row['locality'],
- 'region' => $profile_row['region'],
- 'postal_code' => $profile_row['postal-code'],
- 'country' => $profile_row['country-name'],
- 'hometown' => $profile_row['hometown'],
- 'gender' => $profile_row['gender'],
- 'marital' => $profile_row['marital'],
- 'marital_with' => $profile_row['with'],
- 'marital_since' => $profile_row['howlong'],
- 'sexual' => $profile_row['sexual'],
- 'politic' => $profile_row['politic'],
- 'religion' => $profile_row['religion'],
- 'public_keywords' => $profile_row['pub_keywords'],
- 'private_keywords' => $profile_row['prv_keywords'],
- 'likes' => BBCode::convert(api_clean_plain_items($profile_row['likes']) , false, 2),
- 'dislikes' => BBCode::convert(api_clean_plain_items($profile_row['dislikes']) , false, 2),
- 'about' => BBCode::convert(api_clean_plain_items($profile_row['about']) , false, 2),
- 'music' => BBCode::convert(api_clean_plain_items($profile_row['music']) , false, 2),
- 'book' => BBCode::convert(api_clean_plain_items($profile_row['book']) , false, 2),
- 'tv' => BBCode::convert(api_clean_plain_items($profile_row['tv']) , false, 2),
- 'film' => BBCode::convert(api_clean_plain_items($profile_row['film']) , false, 2),
- 'interest' => BBCode::convert(api_clean_plain_items($profile_row['interest']) , false, 2),
- 'romance' => BBCode::convert(api_clean_plain_items($profile_row['romance']) , false, 2),
- 'work' => BBCode::convert(api_clean_plain_items($profile_row['work']) , false, 2),
- 'education' => BBCode::convert(api_clean_plain_items($profile_row['education']), false, 2),
- 'social_networks' => BBCode::convert(api_clean_plain_items($profile_row['contact']) , false, 2),
- 'homepage' => $profile_row['homepage'],
- 'users' => null
- ];
- return $profile;
-}
-
/**
- * @brief format items to be returned by api
+ * format items to be returned by api
*
* @param array $items array of items
* @param array $user_info
'user' => $status_user,
'friendica_author' => $author_user,
'friendica_owner' => $owner_user,
- 'friendica_private' => $item['private'] == 1,
+ 'friendica_private' => $item['private'] == Item::PRIVATE,
//'entities' => NULL,
'statusnet_html' => $converted["html"],
'statusnet_conversation_id' => $item['parent'],
$retweeted_item = [];
$quoted_item = [];
- if ($item["id"] == $item["parent"]) {
+ if ($item['gravity'] == GRAVITY_PARENT) {
$body = $item['body'];
$retweeted_item = api_share_as_retweet($item);
if ($body != $item['body']) {
*/
function api_lists_ownerships($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
*/
function api_lists_statuses($type)
{
- $a = \get_app();
+ $a = DI::app();
$user_info = api_get_user($a);
if (api_user() === false || $user_info === false) {
$condition[] = $max_id;
}
if ($exclude_replies > 0) {
- $condition[0] .= ' AND `item`.`parent` = `item`.`id`';
+ $condition[0] .= ' AND `item`.`gravity` = ?';
+ $condition[] = GRAVITY_PARENT;
}
if ($conversation_id > 0) {
$condition[0] .= " AND `item`.`parent` = ?";
api_register_func('api/lists/statuses', 'api_lists_statuses', true);
/**
+ * Returns either the friends of the follower list
+ *
* Considers friends and followers lists to be private and won't return
* anything if any user_id parameter is passed.
*
- * @brief Returns either the friends of the follower list
- *
* @param string $qtype Either "friends" or "followers"
* @return boolean|array
* @throws BadRequestException
*/
function api_statuses_f($qtype)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
/**
- * Returns the user's friends.
- *
- * @brief Returns the list of friends of the provided user
+ * Returns the list of friends of the provided user
*
* @deprecated By Twitter API in favor of friends/list
*
}
/**
- * Returns the user's followers.
- *
- * @brief Returns the list of followers of the provided user
+ * Returns the list of followers of the provided user
*
* @deprecated By Twitter API in favor of friends/list
*
*/
function api_statusnet_config($type)
{
- $name = Config::get('config', 'sitename');
+ $name = DI::config()->get('config', 'sitename');
$server = DI::baseUrl()->getHostname();
$logo = DI::baseUrl() . '/images/friendica-64.png';
- $email = Config::get('config', 'admin_email');
- $closed = intval(Config::get('config', 'register_policy')) === \Friendica\Module\Register::CLOSED ? 'true' : 'false';
- $private = Config::get('system', 'block_public') ? 'true' : 'false';
- $textlimit = (string) Config::get('config', 'api_import_size', Config::get('config', 'max_import_size', 200000));
- $ssl = Config::get('system', 'have_ssl') ? 'true' : 'false';
- $sslserver = Config::get('system', 'have_ssl') ? str_replace('http:', 'https:', DI::baseUrl()) : '';
+ $email = DI::config()->get('config', 'admin_email');
+ $closed = intval(DI::config()->get('config', 'register_policy')) === \Friendica\Module\Register::CLOSED ? 'true' : 'false';
+ $private = DI::config()->get('system', 'block_public') ? 'true' : 'false';
+ $textlimit = (string) DI::config()->get('config', 'api_import_size', DI::config()->get('config', 'max_import_size', 200000));
+ $ssl = DI::config()->get('system', 'have_ssl') ? 'true' : 'false';
+ $sslserver = DI::config()->get('system', 'have_ssl') ? str_replace('http:', 'https:', DI::baseUrl()) : '';
$config = [
'site' => ['name' => $name,'server' => $server, 'theme' => 'default', 'path' => '',
api_register_func('api/gnusocial/version', 'api_statusnet_version', false);
api_register_func('api/statusnet/version', 'api_statusnet_version', false);
-/**
- *
- * @param string $type Return type (atom, rss, xml, json)
- *
- * @param int $rel A contact relationship constant
- * @return array|string|void
- * @throws BadRequestException
- * @throws ForbiddenException
- * @throws ImagickException
- * @throws InternalServerErrorException
- * @throws UnauthorizedException
- * @todo use api_format_data() to return data
- */
-function api_ff_ids($type, int $rel)
-{
- if (!api_user()) {
- throw new ForbiddenException();
- }
-
- $a = \get_app();
-
- api_get_user($a);
-
- $stringify_ids = $_REQUEST['stringify_ids'] ?? false;
-
- $contacts = DBA::p("SELECT `pcontact`.`id`
- FROM `contact`
- INNER JOIN `contact` AS `pcontact`
- ON `contact`.`nurl` = `pcontact`.`nurl`
- AND `pcontact`.`uid` = 0
- WHERE `contact`.`uid` = ?
- AND NOT `contact`.`self`
- AND `contact`.`rel` IN (?, ?)",
- api_user(),
- $rel,
- Contact::FRIEND
- );
-
- $ids = [];
- foreach (DBA::toArray($contacts) as $contact) {
- if ($stringify_ids) {
- $ids[] = $contact['id'];
- } else {
- $ids[] = intval($contact['id']);
- }
- }
-
- return api_format_data('ids', $type, ['id' => $ids]);
-}
-
-/**
- * Returns the ID of every user the user is following.
- *
- * @param string $type Return type (atom, rss, xml, json)
- *
- * @return array|string
- * @throws BadRequestException
- * @throws ForbiddenException
- * @throws ImagickException
- * @throws InternalServerErrorException
- * @throws UnauthorizedException
- * @see https://developer.twitter.com/en/docs/accounts-and-users/follow-search-get-users/api-reference/get-friends-ids
- */
-function api_friends_ids($type)
-{
- return api_ff_ids($type, Contact::SHARING);
-}
-
-/**
- * Returns the ID of every user following the user.
- *
- * @param string $type Return type (atom, rss, xml, json)
- *
- * @return array|string
- * @throws BadRequestException
- * @throws ForbiddenException
- * @throws ImagickException
- * @throws InternalServerErrorException
- * @throws UnauthorizedException
- * @see https://developer.twitter.com/en/docs/accounts-and-users/follow-search-get-users/api-reference/get-followers-ids
- */
-function api_followers_ids($type)
-{
- return api_ff_ids($type, Contact::FOLLOWER);
-}
-
-/// @TODO move to top of file or somewhere better
-api_register_func('api/friends/ids', 'api_friends_ids', true);
-api_register_func('api/followers/ids', 'api_followers_ids', true);
-
/**
* Sends a new direct message.
*
*/
function api_direct_messages_new($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
api_register_func('api/direct_messages/new', 'api_direct_messages_new', true, API_METHOD_POST);
/**
- * Destroys a direct message.
- *
- * @brief delete a direct_message from mail table through api
+ * delete a direct_message from mail table through api
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @return string|array
*/
function api_direct_messages_destroy($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
/**
* Unfollow Contact
*
- * @brief unfollow contact
- *
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @return string|array
* @throws BadRequestException
*/
function api_direct_messages_box($type, $box, $verbose)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
}
/**
- * @brief delete a complete photoalbum with all containing photos from database through api
+ * delete a complete photoalbum with all containing photos from database through api
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @return string|array
throw new BadRequestException("no albumname specified");
}
// check if album is existing
- $r = q(
- "SELECT DISTINCT `resource-id` FROM `photo` WHERE `uid` = %d AND `album` = '%s'",
- intval(api_user()),
- DBA::escape($album)
- );
- if (!DBA::isResult($r)) {
+
+ $photos = DBA::selectToArray('photo', ['resource-id'], ['uid' => api_user(), 'album' => $album], ['group_by' => ['resource-id']]);
+ if (!DBA::isResult($photos)) {
throw new BadRequestException("album not available");
}
+ $resourceIds = array_column($photos, 'resource-id');
+
// function for setting the items to "deleted = 1" which ensures that comments, likes etc. are not shown anymore
// to the user and the contacts of the users (drop_items() performs the federation of the deletion to other networks
- foreach ($r as $rr) {
- $condition = ['uid' => local_user(), 'resource-id' => $rr['resource-id'], 'type' => 'photo'];
- $photo_item = Item::selectFirstForUser(local_user(), ['id'], $condition);
-
- if (!DBA::isResult($photo_item)) {
- throw new InternalServerErrorException("problem with deleting items occured");
- }
- Item::deleteForUser(['id' => $photo_item['id']], api_user());
- }
+ $condition = ['uid' => api_user(), 'resource-id' => $resourceIds, 'type' => 'photo'];
+ Item::deleteForUser($condition, api_user());
// now let's delete all photos from the album
$result = Photo::delete(['uid' => api_user(), 'album' => $album]);
}
/**
- * @brief update the name of the album for all photos of an album
+ * update the name of the album for all photos of an album
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @return string|array
/**
- * @brief list all photos of the authenticated user
+ * list all photos of the authenticated user
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @return string|array
}
/**
- * @brief upload a new photo or change an existing photo
+ * upload a new photo or change an existing photo
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @return string|array
}
/**
- * @brief delete a single photo from the database through api
+ * delete a single photo from the database through api
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @return string|array
// return success of deletion or error message
if ($result) {
- // retrieve the id of the parent element (the photo element)
- $condition = ['uid' => local_user(), 'resource-id' => $photo_id, 'type' => 'photo'];
- $photo_item = Item::selectFirstForUser(local_user(), ['id'], $condition);
-
- if (!DBA::isResult($photo_item)) {
- throw new InternalServerErrorException("problem with deleting items occured");
- }
// function for setting the items to "deleted = 1" which ensures that comments, likes etc. are not shown anymore
// to the user and the contacts of the users (drop_items() do all the necessary magic to avoid orphans in database and federate deletion)
- Item::deleteForUser(['id' => $photo_item['id']], api_user());
+ $condition = ['uid' => api_user(), 'resource-id' => $photo_id, 'type' => 'photo'];
+ Item::deleteForUser($condition, api_user());
- $answer = ['result' => 'deleted', 'message' => 'photo with id `' . $photo_id . '` has been deleted from server.'];
- return api_format_data("photo_delete", $type, ['$result' => $answer]);
+ $result = ['result' => 'deleted', 'message' => 'photo with id `' . $photo_id . '` has been deleted from server.'];
+ return api_format_data("photo_delete", $type, ['$result' => $result]);
} else {
throw new InternalServerErrorException("unknown error on deleting photo from database table");
}
/**
- * @brief returns the details of a specified photo id, if scale is given, returns the photo data in base 64
+ * returns the details of a specified photo id, if scale is given, returns the photo data in base 64
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @return string|array
/**
- * Updates the user’s profile image.
- *
- * @brief updates the profile image for the user (either a specified profile or the default profile)
+ * updates the profile image for the user (either a specified profile or the default profile)
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
*
$media = $_FILES['media'];
}
// save new profile image
- $data = save_media_to_database("profileimage", $media, $type, L10n::t('Profile Photos'), "", "", "", "", "", $is_default_profile);
+ $data = save_media_to_database("profileimage", $media, $type, DI::l10n()->t('Profile Photos'), "", "", "", "", "", $is_default_profile);
// get filetype
if (is_array($media['type'])) {
Contact::updateSelfFromUserID(api_user(), true);
// Update global directory in background
- $url = DI::baseUrl() . '/profile/' . \get_app()->user['nickname'];
- if ($url && strlen(Config::get('system', 'directory'))) {
+ $url = DI::baseUrl() . '/profile/' . DI::app()->user['nickname'];
+ if ($url && strlen(DI::config()->get('system', 'directory'))) {
Worker::add(PRIORITY_LOW, "Directory", $url);
}
function api_account_update_profile($type)
{
$local_user = api_user();
- $api_user = api_get_user(get_app());
+ $api_user = api_get_user(DI::app());
if (!empty($_POST['name'])) {
DBA::update('profile', ['name' => $_POST['name']], ['uid' => $local_user]);
Worker::add(PRIORITY_LOW, 'ProfileUpdate', $local_user);
// Update global directory in background
- if ($api_user['url'] && strlen(Config::get('system', 'directory'))) {
+ if ($api_user['url'] && strlen(DI::config()->get('system', 'directory'))) {
Worker::add(PRIORITY_LOW, "Directory", $api_user['url']);
}
}
}
- if ($filetype == "") {
- $filetype = Images::guessType($filename);
- }
- $imagedata = @getimagesize($src);
- if ($imagedata) {
- $filetype = $imagedata['mime'];
- }
+ $filetype = Images::getMimeTypeBySource($src, $filename, $filetype);
+
Logger::log(
"File upload src: " . $src . " - filename: " . $filename .
" - size: " . $filesize . " - type: " . $filetype,
throw new InternalServerErrorException("image size exceeds PHP config settings, file was rejected by server");
}
// check against max upload size within Friendica instance
- $maximagesize = Config::get('system', 'maximagesize');
+ $maximagesize = DI::config()->get('system', 'maximagesize');
if ($maximagesize && ($filesize > $maximagesize)) {
$formattedBytes = Strings::formatBytes($maximagesize);
throw new InternalServerErrorException("image size exceeds Friendica config setting (uploaded size: $formattedBytes)");
@unlink($src);
// check max length of images on server
- $max_length = Config::get('system', 'max_image_length');
+ $max_length = DI::config()->get('system', 'max_image_length');
if (!$max_length) {
$max_length = MAX_IMAGE_LENGTH;
}
Logger::log("photo upload: new profile image upload ended", Logger::DEBUG);
}
- if (isset($r) && $r) {
+ if (!empty($r)) {
// create entry in 'item'-table on new uploads to enable users to comment/like/dislike the photo
if ($photo_id == null && $mediatype == "photo") {
post_photo_item($resource_id, $allow_cid, $deny_cid, $allow_gid, $deny_gid, $filetype, $visibility);
$arr['guid'] = System::createUUID();
$arr['uid'] = intval(api_user());
$arr['uri'] = $uri;
- $arr['parent-uri'] = $uri;
$arr['type'] = 'photo';
$arr['wall'] = 1;
$arr['resource-id'] = $hash;
*/
function prepare_photo_data($type, $scale, $photo_id)
{
- $a = \get_app();
+ $a = DI::app();
$user_info = api_get_user($a);
if ($user_info === false) {
}
// retrieve item element for getting activities (like, dislike etc.) related to photo
- $condition = ['uid' => local_user(), 'resource-id' => $photo_id, 'type' => 'photo'];
- $item = Item::selectFirstForUser(local_user(), ['id'], $condition);
+ $condition = ['uid' => api_user(), 'resource-id' => $photo_id, 'type' => 'photo'];
+ $item = Item::selectFirst(['id', 'uid', 'uri', 'parent', 'allow_cid', 'deny_cid', 'allow_gid', 'deny_gid'], $condition);
+ if (!DBA::isResult($item)) {
+ throw new NotFoundException('Photo-related item not found.');
+ }
$data['photo']['friendica_activities'] = api_format_items_activities($item, $type);
// retrieve comments on photo
$condition = ["`parent` = ? AND `uid` = ? AND (`gravity` IN (?, ?) OR `type`='photo')",
- $item[0]['parent'], api_user(), GRAVITY_PARENT, GRAVITY_COMMENT];
+ $item['parent'], api_user(), GRAVITY_PARENT, GRAVITY_COMMENT];
$statuses = Item::selectForUser(api_user(), [], $condition);
$data['photo']['friendica_comments'] = $comments;
// include info if rights on photo and rights on item are mismatching
- $rights_mismatch = $data['photo']['allow_cid'] != $item[0]['allow_cid'] ||
- $data['photo']['deny_cid'] != $item[0]['deny_cid'] ||
- $data['photo']['allow_gid'] != $item[0]['allow_gid'] ||
- $data['photo']['deny_cid'] != $item[0]['deny_cid'];
+ $rights_mismatch = $data['photo']['allow_cid'] != $item['allow_cid'] ||
+ $data['photo']['deny_cid'] != $item['deny_cid'] ||
+ $data['photo']['allow_gid'] != $item['allow_gid'] ||
+ $data['photo']['deny_gid'] != $item['deny_gid'];
$data['photo']['rights_mismatch'] = $rights_mismatch;
return $data;
}
$fields = ['author-id', 'author-name', 'author-link', 'author-avatar'];
- $activity = Item::activityToIndex(Activity::ANNOUNCE);
- $condition = ['parent-uri' => $item['uri'], 'gravity' => GRAVITY_ACTIVITY, 'uid' => [0, $item['uid']], 'activity' => $activity];
+ $condition = ['parent-uri' => $item['uri'], 'gravity' => GRAVITY_ACTIVITY, 'uid' => [0, $item['uid']], 'vid' => Verb::getID(Activity::ANNOUNCE)];
$announce = Item::selectFirstForUser($item['uid'], $fields, $condition, ['order' => ['received' => true]]);
if (!DBA::isResult($announce)) {
return [];
}
/**
- * @brief Return the item shared, if the item contains only the [share] tag
+ * Return the item shared, if the item contains only the [share] tag
*
* @param array $item Sharer item
* @return array|false Shared item or false if not a reshare
$reshared_item["share-pre-body"] = $reshared['comment'];
$reshared_item["body"] = $reshared['shared'];
- $reshared_item["author-id"] = Contact::getIdForURL($reshared['profile'], 0, true);
+ $reshared_item["author-id"] = Contact::getIdForURL($reshared['profile'], 0, false);
$reshared_item["author-name"] = $reshared['author'];
$reshared_item["author-link"] = $reshared['profile'];
$reshared_item["author-avatar"] = $reshared['avatar'];
$in_reply_to['user_id_str'] = null;
$in_reply_to['screen_name'] = null;
- if (($item['thr-parent'] != $item['uri']) && (intval($item['parent']) != intval($item['id']))) {
+ if (($item['thr-parent'] != $item['uri']) && ($item['gravity'] != GRAVITY_PARENT)) {
$parent = Item::selectFirst(['id'], ['uid' => $item['uid'], 'uri' => $item['thr-parent']]);
if (DBA::isResult($parent)) {
$in_reply_to['status_id'] = intval($parent['id']);
*/
function api_friendica_group_show($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
// loop through all groups and retrieve all members for adding data in the user array
$grps = [];
foreach ($r as $rr) {
- $members = Contact::getByGroupId($rr['id']);
+ $members = Contact\Group::getById($rr['id']);
$users = [];
if ($type == "xml") {
*/
function api_friendica_group_delete($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
*/
function api_lists_destroy($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
*/
function api_friendica_group_create($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
*/
function api_lists_create($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
*/
function api_friendica_group_update($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
}
// remove members
- $members = Contact::getByGroupId($gid);
+ $members = Contact\Group::getById($gid);
foreach ($members as $member) {
$cid = $member['id'];
foreach ($users as $user) {
*/
function api_lists_update($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
*/
function api_friendica_activity($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
$id = $_REQUEST['id'] ?? 0;
- $res = Item::performLike($id, $verb);
+ $res = Item::performActivity($id, $verb, api_user());
if ($res) {
if ($type == "xml") {
api_register_func('api/friendica/activity/unattendmaybe', 'api_friendica_activity', true, API_METHOD_POST);
/**
- * @brief Returns notifications
+ * Returns notifications
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
+ *
* @return string|array
- * @throws BadRequestException
* @throws ForbiddenException
- * @throws InternalServerErrorException
+ * @throws BadRequestException
+ * @throws Exception
*/
function api_friendica_notification($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
if ($a->argc!==3) {
throw new BadRequestException("Invalid argument count");
}
- $notes = DI::notify()->getAll([], ['seen' => 'ASC', 'date' => 'DESC'], 50);
+
+ $notifications = DI::notification()->getApiList(local_user());
if ($type == "xml") {
- $xmlnotes = [];
- if (!empty($notes)) {
- foreach ($notes as $note) {
- $xmlnotes[] = ["@attributes" => $note];
+ $xmlnotes = false;
+ if (!empty($notifications)) {
+ foreach ($notifications as $notification) {
+ $xmlnotes[] = ["@attributes" => $notification->toArray()];
}
}
- $notes = $xmlnotes;
+ $result = $xmlnotes;
+ } elseif (count($notifications) > 0) {
+ $result = $notifications->getArrayCopy();
+ } else {
+ $result = false;
}
- return api_format_data("notes", $type, ['note' => $notes]);
+
+ return api_format_data("notes", $type, ['note' => $result]);
}
/**
- * POST request with 'id' param as notification id
+ * Set notification as seen and returns associated item (if possible)
*
- * @brief Set notification as seen and returns associated item (if possible)
+ * POST request with 'id' param as notification id
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @return string|array
*/
function api_friendica_notification_seen($type)
{
- $a = \get_app();
+ $a = DI::app();
$user_info = api_get_user($a);
if (api_user() === false || $user_info === false) {
throw new ForbiddenException();
}
- if ($a->argc!==4) {
+ if ($a->argc !== 4) {
throw new BadRequestException("Invalid argument count");
}
$id = (!empty($_REQUEST['id']) ? intval($_REQUEST['id']) : 0);
- $nm = DI::notify();
- $note = $nm->getByID($id);
- if (is_null($note)) {
- throw new BadRequestException("Invalid argument");
- }
-
- $nm->setSeen($note);
- if ($note['otype']=='item') {
- // would be really better with an ItemsManager and $im->getByID() :-P
- $item = Item::selectFirstForUser(api_user(), [], ['id' => $note['iid'], 'uid' => api_user()]);
- if (DBA::isResult($item)) {
- // we found the item, return it to the user
- $ret = api_format_items([$item], $user_info, false, $type);
- $data = ['status' => $ret];
- return api_format_data("status", $type, $data);
+ try {
+ $notify = DI::notify()->getByID($id, api_user());
+ DI::notify()->setSeen(true, $notify);
+
+ if ($notify->otype === Notify\ObjectType::ITEM) {
+ $item = Item::selectFirstForUser(api_user(), [], ['id' => $notify->iid, 'uid' => api_user()]);
+ if (DBA::isResult($item)) {
+ // we found the item, return it to the user
+ $ret = api_format_items([$item], $user_info, false, $type);
+ $data = ['status' => $ret];
+ return api_format_data("status", $type, $data);
+ }
+ // the item can't be found, but we set the notification as seen, so we count this as a success
}
- // the item can't be found, but we set the note as seen, so we count this as a success
+ return api_format_data('result', $type, ['result' => "success"]);
+ } catch (NotFoundException $e) {
+ throw new BadRequestException('Invalid argument', $e);
+ } catch (Exception $e) {
+ throw new InternalServerErrorException('Internal Server exception', $e);
}
- return api_format_data('result', $type, ['result' => "success"]);
}
/// @TODO move to top of file or somewhere better
api_register_func('api/friendica/notification', 'api_friendica_notification', true, API_METHOD_GET);
/**
- * @brief update a direct_message to seen state
+ * update a direct_message to seen state
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @return string|array (success result=ok, error result=error with error message)
*/
function api_friendica_direct_messages_setseen($type)
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
}
api_register_func('api/friendica/direct_messages_setseen', 'api_friendica_direct_messages_setseen', true);
/**
- * @brief search for direct_messages containing a searchstring through api
+ * search for direct_messages containing a searchstring through api
*
* @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
* @param string $box
*/
function api_friendica_direct_messages_search($type, $box = "")
{
- $a = \get_app();
+ $a = DI::app();
if (api_user() === false) {
throw new ForbiddenException();
/// @TODO move to top of file or somewhere better
api_register_func('api/friendica/direct_messages_search', 'api_friendica_direct_messages_search', true);
-/**
- * @brief return data of all the profiles a user has to the client
- *
- * @param string $type Known types are 'atom', 'rss', 'xml' and 'json'
- * @return string|array
- * @throws BadRequestException
- * @throws ForbiddenException
- * @throws ImagickException
- * @throws InternalServerErrorException
- * @throws UnauthorizedException
- */
-function api_friendica_profile_show($type)
-{
- $a = \get_app();
-
- if (api_user() === false) {
- throw new ForbiddenException();
- }
-
- // input params
- $profile_id = $_REQUEST['profile_id'] ?? 0;
-
- // retrieve general information about profiles for user
- $multi_profiles = Feature::isEnabled(api_user(), 'multi_profiles');
- $directory = Config::get('system', 'directory');
-
- // get data of the specified profile id or all profiles of the user if not specified
- if ($profile_id != 0) {
- $r = Profile::getById(api_user(), $profile_id);
- // error message if specified gid is not in database
- if (!DBA::isResult($r)) {
- throw new BadRequestException("profile_id not available");
- }
- } else {
- $r = Profile::getListByUser(api_user());
- }
- // loop through all returned profiles and retrieve data and users
- $k = 0;
- $profiles = [];
- if (DBA::isResult($r)) {
- foreach ($r as $rr) {
- $profile = api_format_items_profiles($rr);
-
- // select all users from contact table, loop and prepare standard return for user data
- $users = [];
- $nurls = Contact::selectToArray(['id', 'nurl'], ['uid' => api_user(), 'profile-id' => $rr['id']]);
- foreach ($nurls as $nurl) {
- $user = api_get_user($a, $nurl['nurl']);
- ($type == "xml") ? $users[$k++ . ":user"] = $user : $users[] = $user;
- }
- $profile['users'] = $users;
-
- // add prepared profile data to array for final return
- if ($type == "xml") {
- $profiles[$k++ . ":profile"] = $profile;
- } else {
- $profiles[] = $profile;
- }
- }
- }
-
- // return settings, authenticated user and profiles data
- $self = DBA::selectFirst('contact', ['nurl'], ['uid' => api_user(), 'self' => true]);
-
- $result = ['multi_profiles' => $multi_profiles ? true : false,
- 'global_dir' => $directory,
- 'friendica_owner' => api_get_user($a, $self['nurl']),
- 'profiles' => $profiles];
- return api_format_data("friendica_profiles", $type, ['$result' => $result]);
-}
-api_register_func('api/friendica/profile/show', 'api_friendica_profile_show', true, API_METHOD_GET);
-
/**
* Returns a list of saved searches.
*
api_register_func('api/saved_searches/list', 'api_saved_searches_list', true);
/*
- * Bind comment numbers(friendica_comments: Int) on each statuses page of *_timeline / favorites / search
+ * Number of comments
*
- * @brief Number of comments
+ * Bind comment numbers(friendica_comments: Int) on each statuses page of *_timeline / favorites / search
*
* @param object $data [Status, Status]
*
projects / friendica.git / blobdiff