define('API_METHOD_DELETE', 'POST,DELETE');
$API = [];
-$called_api = null;
+$called_api = [];
/**
* It is not sufficient to use local_user() to check whether someone is allowed to use the API,
*/
function api_unique_id_to_nurl($id)
{
- $r = dba::selectFirst('contact', ['nurl'], ['uid' => 0, 'id' => $id]);
+ $r = dba::selectFirst('contact', ['nurl'], ['id' => $id]);
if (DBM::is_result($r)) {
return $r["nurl"];
$user = dbesc(api_unique_id_to_nurl(intval($contact_id)));
if ($user == "") {
- throw new BadRequestException("User not found.");
+ throw new BadRequestException("User ID ".$contact_id." not found.");
}
$url = $user;
$user = dbesc(api_unique_id_to_nurl($_GET['user_id']));
if ($user == "") {
- throw new BadRequestException("User not found.");
+ throw new BadRequestException("User ID ".$_GET['user_id']." not found.");
}
$url = $user;
'statusnet_profile_url' => $r[0]["url"],
'uid' => 0,
'cid' => Contact::getIdForURL($r[0]["url"], api_user(), true),
+ 'pid' => Contact::getIdForURL($r[0]["url"], 0, true),
'self' => 0,
'network' => $r[0]["network"],
];
return $ret;
} else {
- throw new BadRequestException("User not found.");
+ throw new BadRequestException("User ".$url." not found.");
}
}
$uinfo[0]['network'] = NETWORK_DFRN;
}
- $usr = q(
- "SELECT * FROM `user` WHERE `uid` = %d LIMIT 1",
- intval(api_user())
- );
- $profile = q(
- "SELECT * FROM `profile` WHERE `uid` = %d AND `is-default` = 1 LIMIT 1",
- intval(api_user())
- );
+ $usr = dba::selectFirst('user', ['default-location'], ['uid' => api_user()]);
+ $profile = dba::selectFirst('profile', ['about'], ['uid' => api_user(), 'is-default' => true]);
/// @TODO old-lost code? (twice)
// Counting is deactivated by now, due to performance issues
$pcontact_id = Contact::getIdForURL($uinfo[0]['url'], 0, true);
- if (!empty($profile[0]['about'])) {
- $description = $profile[0]['about'];
+ if (!empty($profile['about'])) {
+ $description = $profile['about'];
} else {
$description = $uinfo[0]["about"];
}
- if (!empty($usr[0]['default-location'])) {
- $location = $usr[0]['default-location'];
+ if (!empty($usr['default-location'])) {
+ $location = $usr['default-location'];
} elseif (!empty($uinfo[0]["location"])) {
$location = $uinfo[0]["location"];
} else {
'statusnet_profile_url' => $uinfo[0]['url'],
'uid' => intval($uinfo[0]['uid']),
'cid' => intval($uinfo[0]['cid']),
+ 'pid' => Contact::getIdForURL($uinfo[0]["url"], 0, true),
'self' => $uinfo[0]['self'],
'network' => $uinfo[0]['network'],
];
*/
function api_item_get_user(App $a, $item)
{
- $status_user = api_get_user($a, $item["author-link"]);
+ $status_user = api_get_user($a, $item["author-id"]);
- $status_user["protected"] = (($item["allow_cid"] != "") ||
- ($item["allow_gid"] != "") ||
- ($item["deny_cid"] != "") ||
- ($item["deny_gid"] != "") ||
- $item["private"]);
+ $status_user["protected"] = $item["private"];
if ($item['thr-parent'] == $item['uri']) {
- $owner_user = api_get_user($a, $item["owner-link"]);
+ $owner_user = api_get_user($a, $item["owner-id"]);
} else {
$owner_user = $status_user;
}
}
/**
- * Waitman Gobble Mod
+ * Deprecated function to upload media.
*
* @param string $type Return type (atom, rss, xml, json)
*
}
$txt = HTML::toBBCode($txt);
- $a->argv[1]=$user_info['screen_name']; //should be set to username?
+ $a->argv[1] = $user_info['screen_name']; //should be set to username?
- // tell wall_upload function to return img info instead of echo
- $_REQUEST['hush'] = 'yeah';
- $bebop = wall_upload_post($a);
+ $picture = wall_upload_post($a, false);
// now that we have the img url in bbcode we can add it to the status and insert the wall item.
- $_REQUEST['body'] = $txt . "\n\n" . $bebop;
+ $_REQUEST['body'] = $txt . "\n\n" . '[url=' . $picture["albumpage"] . '][img]' . $picture["preview"] . "[/img][/url]";
item_post($a);
// this should output the last post (the one we just posted).
if (x($_FILES, 'media')) {
// upload the image if we have one
- $_REQUEST['hush'] = 'yeah'; //tell wall_upload function to return img info instead of echo
- $media = wall_upload_post($a);
- if (strlen($media) > 0) {
- $_REQUEST['body'] .= "\n\n" . $media;
+ $picture = wall_upload_post($a, false);
+ if (is_array($picture)) {
+ $_REQUEST['body'] .= "\n\n" . '[url=' . $picture["albumpage"] . '][img]' . $picture["preview"] . "[/img][/url]";
}
}
logger('api_status_show: user_info: '.print_r($user_info, true), LOGGER_DEBUG);
if ($type == "raw") {
- $privacy_sql = "AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`=''";
+ $privacy_sql = "AND NOT `private`";
} else {
$privacy_sql = "";
}
// get last public wall message
- $lastwall = q(
- "SELECT `item`.*
- FROM `item`
- WHERE `item`.`contact-id` = %d AND `item`.`uid` = %d
- AND ((`item`.`author-link` IN ('%s', '%s')) OR (`item`.`owner-link` IN ('%s', '%s')))
- AND `item`.`type` != 'activity' $privacy_sql
- ORDER BY `item`.`id` DESC
- LIMIT 1",
- intval($user_info['cid']),
- intval(api_user()),
- dbesc($user_info['url']),
- dbesc(normalise_link($user_info['url'])),
- dbesc($user_info['url']),
- dbesc(normalise_link($user_info['url']))
- );
+ $condition = ["`owner-id` = ? AND `uid` = ? AND `type` != 'activity' ".$privacy_sql,
+ $user_info['pid'], api_user()];
+ $lastwall = dba::selectFirst('item', [], $condition, ['order' => ['id' => true]]);
if (DBM::is_result($lastwall)) {
- $lastwall = $lastwall[0];
-
$in_reply_to = api_in_reply_to($lastwall);
$converted = api_convert_item($lastwall);
$status_info["entities"] = $converted["entities"];
}
- if (($lastwall['item_network'] != "") && ($status_info["source"] == 'web')) {
- $status_info["source"] = ContactSelector::networkToName($lastwall['item_network'], $user_info['url']);
- } elseif (($lastwall['item_network'] != "") && (ContactSelector::networkToName($lastwall['item_network'], $user_info['url']) != $status_info["source"])) {
- $status_info["source"] = trim($status_info["source"].' ('.ContactSelector::networkToName($lastwall['item_network'], $user_info['url']).')');
+ if ($status_info["source"] == 'web') {
+ $status_info["source"] = ContactSelector::networkToName($lastwall['network'], $user_info['url']);
+ } elseif (ContactSelector::networkToName($lastwall['network'], $user_info['url']) != $status_info["source"]) {
+ $status_info["source"] = trim($status_info["source"].' ('.ContactSelector::networkToName($lastwall['network'], $user_info['url']).')');
}
// "uid" and "self" are only needed for some internal stuff, so remove it from here
$a = get_app();
$user_info = api_get_user($a);
- $lastwall = q(
- "SELECT `item`.*
- FROM `item`
- INNER JOIN `contact` ON `contact`.`id`=`item`.`contact-id` AND `contact`.`uid` = `item`.`uid`
- WHERE `item`.`uid` = %d AND `verb` = '%s' AND `item`.`contact-id` = %d
- AND ((`item`.`author-link` IN ('%s', '%s')) OR (`item`.`owner-link` IN ('%s', '%s')))
- AND `type`!='activity'
- AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`=''
- ORDER BY `id` DESC
- LIMIT 1",
- intval(api_user()),
- dbesc(ACTIVITY_POST),
- intval($user_info['cid']),
- dbesc($user_info['url']),
- dbesc(normalise_link($user_info['url'])),
- dbesc($user_info['url']),
- dbesc(normalise_link($user_info['url']))
- );
- if (DBM::is_result($lastwall)) {
- $lastwall = $lastwall[0];
+ $condition = ["`owner-id` = ? AND `uid` = ? AND `verb` = ? AND `type` != 'activity' AND NOT `private`",
+ $user_info['pid'], api_user(), ACTIVITY_POST];
+ $lastwall = dba::selectFirst('item', [], $condition, ['order' => ['id' => true]]);
+ if (DBM::is_result($lastwall)) {
$in_reply_to = api_in_reply_to($lastwall);
$converted = api_convert_item($lastwall);
$user_info["status"]["entities"] = $converted["entities"];
}
- if (($lastwall['item_network'] != "") && ($user_info["status"]["source"] == 'web')) {
- $user_info["status"]["source"] = ContactSelector::networkToName($lastwall['item_network'], $user_info['url']);
+ if ($user_info["status"]["source"] == 'web') {
+ $user_info["status"]["source"] = ContactSelector::networkToName($lastwall['network'], $user_info['url']);
}
- if (($lastwall['item_network'] != "") && (ContactSelector::networkToName($lastwall['item_network'], $user_info['url']) != $user_info["status"]["source"])) {
- $user_info["status"]["source"] = trim($user_info["status"]["source"] . ' (' . ContactSelector::networkToName($lastwall['item_network'], $user_info['url']) . ')');
+ if (ContactSelector::networkToName($lastwall['network'], $user_info['url']) != $user_info["status"]["source"]) {
+ $user_info["status"]["source"] = trim($user_info["status"]["source"] . ' (' . ContactSelector::networkToName($lastwall['network'], $user_info['url']) . ')');
}
}
}
$userlist = ["users" => $userlist];
} else {
- throw new BadRequestException("User not found.");
+ throw new BadRequestException("User ".$_GET["q"]." not found.");
}
} else {
- throw new BadRequestException("User not found.");
+ throw new BadRequestException("No user specified.");
}
return api_format_data("users", $type, $userlist);
}
$data = [];
- $sql_extra = '';
if (!x($_REQUEST, 'q')) {
throw new BadRequestException("q parameter is required.");
$start = $page * $count;
+ $condition = ["`verb` = ? AND `item`.`id` > ?
+ AND (`item`.`uid` = 0 OR (`item`.`uid` = ? AND NOT `item`.`global`))
+ AND `item`.`body` LIKE CONCAT('%',?,'%')",
+ ACTIVITY_POST, $since_id, api_user(), $_REQUEST['q']];
+
if ($max_id > 0) {
- $sql_extra .= ' AND `item`.`id` <= ' . intval($max_id);
+ $condition[0] .= " AND `item`.`id` <= ?";
+ $condition[] = $max_id;
}
- $r = dba::p(
- "SELECT ".item_fieldlists()."
- FROM `item` ".item_joins()."
- WHERE ".item_condition()." AND (`item`.`uid` = 0 OR (`item`.`uid` = ? AND NOT `item`.`global`))
- AND `item`.`body` LIKE CONCAT('%',?,'%')
- $sql_extra
- AND `item`.`id`>?
- ORDER BY `item`.`id` DESC LIMIT ".intval($start)." ,".intval($count)." ",
- api_user(),
- $_REQUEST['q'],
- $since_id
- );
+ $params = ['order' => ['id' => true], 'limit' => [$start, $count]];
+ $statuses = Item::selectForUser(api_user(), [], $condition, $params);
- $data['status'] = api_format_items(dba::inArray($r), $user_info);
+ $data['status'] = api_format_items(dba::inArray($statuses), $user_info);
return api_format_data("statuses", $type, $data);
}
$start = $page * $count;
- $sql_extra = '';
+ $condition = ["`uid` = ? AND `verb` = ? AND `item`.`id` > ?", api_user(), ACTIVITY_POST, $since_id];
+
if ($max_id > 0) {
- $sql_extra .= ' AND `item`.`id` <= ' . intval($max_id);
+ $condition[0] .= " AND `item`.`id` <= ?";
+ $condition[] = $max_id;
}
if ($exclude_replies > 0) {
- $sql_extra .= ' AND `item`.`parent` = `item`.`id`';
+ $condition[0] .= ' AND `item`.`parent` = `item`.`id`';
}
if ($conversation_id > 0) {
- $sql_extra .= ' AND `item`.`parent` = ' . intval($conversation_id);
+ $condition[0] .= " AND `item`.`parent` = ?";
+ $condition[] = $conversation_id;
}
- $r = q(
- "SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`
- FROM `item`
- STRAIGHT_JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND `contact`.`uid` = `item`.`uid`
- AND (NOT `contact`.`blocked` OR `contact`.`pending`)
- WHERE `item`.`uid` = %d AND `verb` = '%s'
- AND `item`.`visible` AND NOT `item`.`moderated` AND NOT `item`.`deleted`
- $sql_extra
- AND `item`.`id`>%d
- ORDER BY `item`.`id` DESC LIMIT %d ,%d ",
- intval(api_user()),
- dbesc(ACTIVITY_POST),
- intval($since_id),
- intval($start),
- intval($count)
- );
+ $params = ['order' => ['id' => true], 'limit' => [$start, $count]];
+ $statuses = Item::selectForUser(api_user(), [], $condition, $params);
- $ret = api_format_items($r, $user_info, false, $type);
+ $items = dba::inArray($statuses);
+
+ $ret = api_format_items($items, $user_info, false, $type);
// Set all posts from the query above to seen
$idarray = [];
- foreach ($r as $item) {
+ foreach ($items as $item) {
$idarray[] = intval($item["id"]);
}
$sql_extra = '';
if ($exclude_replies && !$conversation_id) {
+ $condition = ["`verb` = ? AND `iid` > ? AND NOT `private` AND `wall` AND NOT `user`.`hidewall`",
+ ACTIVITY_POST, $since_id];
+
if ($max_id > 0) {
- $sql_extra = 'AND `thread`.`iid` <= ' . intval($max_id);
- }
-
- $r = dba::p(
- "SELECT " . item_fieldlists() . "
- FROM `thread`
- STRAIGHT_JOIN `item` ON `item`.`id` = `thread`.`iid`
- " . item_joins() . "
- STRAIGHT_JOIN `user` ON `user`.`uid` = `thread`.`uid`
- AND NOT `user`.`hidewall`
- AND `verb` = ?
- AND NOT `thread`.`private`
- AND `thread`.`wall`
- AND `thread`.`visible`
- AND NOT `thread`.`deleted`
- AND NOT `thread`.`moderated`
- AND `thread`.`iid` > ?
- $sql_extra
- ORDER BY `thread`.`iid` DESC
- LIMIT " . intval($start) . ", " . intval($count),
- ACTIVITY_POST,
- $since_id
- );
+ $condition[0] .= " AND `thread`.`iid` <= ?";
+ $condition[] = $max_id;
+ }
+
+ $params = ['order' => ['iid' => true], 'limit' => [$start, $count]];
+ $statuses = Item::selectThreadForUser(api_user(), Item::DISPLAY_FIELDLIST, $condition, $params);
- $r = dba::inArray($r);
+ $r = dba::inArray($statuses);
} else {
+ $condition = ["`verb` = ? AND `id` > ? AND NOT `private` AND `wall` AND NOT `user`.`hidewall` AND `item`.`origin`",
+ ACTIVITY_POST, $since_id];
+
if ($max_id > 0) {
- $sql_extra = 'AND `item`.`id` <= ' . intval($max_id);
+ $condition[0] .= " AND `item`.`id` <= ?";
+ $condition[] = $max_id;
}
if ($conversation_id > 0) {
- $sql_extra .= ' AND `item`.`parent` = ' . intval($conversation_id);
- }
-
- $r = dba::p(
- "SELECT " . item_fieldlists() . "
- FROM `item`
- " . item_joins() . "
- STRAIGHT_JOIN `user` ON `user`.`uid` = `item`.`uid`
- AND NOT `user`.`hidewall`
- AND `verb` = ?
- AND NOT `item`.`private`
- AND `item`.`wall`
- AND `item`.`visible`
- AND NOT `item`.`deleted`
- AND NOT `item`.`moderated`
- AND `item`.`id` > ?
- $sql_extra
- ORDER BY `item`.`id` DESC
- LIMIT " . intval($start) . ", " . intval($count),
- ACTIVITY_POST,
- $since_id
- );
+ $condition[0] .= " AND `item`.`parent` = ?";
+ $condition[] = $conversation_id;
+ }
+
+ $params = ['order' => ['id' => true], 'limit' => [$start, $count]];
+ $statuses = Item::selectForUser(api_user(), [], $condition, $params);
- $r = dba::inArray($r);
+ $r = dba::inArray($statuses);
}
$ret = api_format_items($r, $user_info, false, $type);
}
$start = ($page - 1) * $count;
- $sql_extra = '';
+ $condition = ["`uid` = 0 AND `verb` = ? AND `thread`.`iid` > ? AND NOT `private`",
+ ACTIVITY_POST, $since_id];
+
if ($max_id > 0) {
- $sql_extra = 'AND `thread`.`iid` <= ' . intval($max_id);
- }
-
- $r = dba::p(
- "SELECT " . item_fieldlists() . "
- FROM `thread`
- STRAIGHT_JOIN `item` ON `item`.`id` = `thread`.`iid`
- " . item_joins() . "
- WHERE `thread`.`uid` = 0
- AND `verb` = ?
- AND NOT `thread`.`private`
- AND `thread`.`visible`
- AND NOT `thread`.`deleted`
- AND NOT `thread`.`moderated`
- AND `thread`.`iid` > ?
- $sql_extra
- ORDER BY `thread`.`iid` DESC
- LIMIT " . intval($start) . ", " . intval($count),
- ACTIVITY_POST,
- $since_id
- );
+ $condition[0] .= " AND `thread`.`iid` <= ?";
+ $condition[] = $max_id;
+ }
- $r = dba::inArray($r);
+ $params = ['order' => ['iid' => true], 'limit' => [$start, $count]];
+ $statuses = Item::selectThreadForUser(api_user(), Item::DISPLAY_FIELDLIST, $condition, $params);
- $ret = api_format_items($r, $user_info, false, $type);
+ $ret = api_format_items(dba::inArray($statuses), $user_info, false, $type);
$data = ['status' => $ret];
switch ($type) {
$conversation = (x($_REQUEST, 'conversation') ? 1 : 0);
- $sql_extra = '';
+ // try to fetch the item for the local user - or the public item, if there is no local one
+ $uri_item = dba::selectFirst('item', ['uri'], ['id' => $id]);
+ if (!DBM::is_result($uri_item)) {
+ throw new BadRequestException("There is no status with this id.");
+ }
+
+ $item = dba::selectFirst('item', ['id'], ['uri' => $uri_item['uri'], 'uid' => [0, api_user()]], ['order' => ['uid' => true]]);
+ if (!DBM::is_result($item)) {
+ throw new BadRequestException("There is no status with this id.");
+ }
+
+ $id = $item['id'];
+
if ($conversation) {
- $sql_extra .= " AND `item`.`parent` = %d ORDER BY `id` ASC ";
+ $condition = ['parent' => $id, 'verb' => ACTIVITY_POST];
+ $params = ['order' => ['id' => true]];
} else {
- $sql_extra .= " AND `item`.`id` = %d";
+ $condition = ['id' => $id, 'verb' => ACTIVITY_POST];
+ $params = [];
}
- $r = q(
- "SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`
- FROM `item`
- INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND `contact`.`uid` = `item`.`uid`
- AND (NOT `contact`.`blocked` OR `contact`.`pending`)
- WHERE `item`.`visible` AND NOT `item`.`moderated` AND NOT `item`.`deleted`
- AND `item`.`uid` = %d AND `item`.`verb` = '%s'
- $sql_extra",
- intval(api_user()),
- dbesc(ACTIVITY_POST),
- intval($id)
- );
+ $statuses = Item::selectForUser(api_user(), [], $condition, $params);
/// @TODO How about copying this to above methods which don't check $r ?
- if (!DBM::is_result($r)) {
+ if (!DBM::is_result($statuses)) {
throw new BadRequestException("There is no status with this id.");
}
- $ret = api_format_items($r, $user_info, false, $type);
+ $ret = api_format_items(dba::inArray($statuses), $user_info, false, $type);
if ($conversation) {
$data = ['status' => $ret];
logger('API: api_conversation_show: '.$id);
- $r = q("SELECT `parent` FROM `item` WHERE `id` = %d", intval($id));
- if (DBM::is_result($r)) {
- $id = $r[0]["parent"];
+ // try to fetch the item for the local user - or the public item, if there is no local one
+ $item = dba::selectFirst('item', ['parent-uri'], ['id' => $id]);
+ if (!DBM::is_result($item)) {
+ throw new BadRequestException("There is no status with this id.");
}
- $sql_extra = '';
+ $parent = dba::selectFirst('item', ['id'], ['uri' => $item['parent-uri'], 'uid' => [0, api_user()]], ['order' => ['uid' => true]]);
+ if (!DBM::is_result($parent)) {
+ throw new BadRequestException("There is no status with this id.");
+ }
+
+ $id = $parent['id'];
+
+ $condition = ["`parent` = ? AND `uid` IN (0, ?) AND `verb` = ? AND `item`.`id` > ?",
+ $id, api_user(), ACTIVITY_POST, $since_id];
if ($max_id > 0) {
- $sql_extra = ' AND `item`.`id` <= ' . intval($max_id);
+ $condition[0] .= " AND `item`.`id` <= ?";
+ $condition[] = $max_id;
}
- // Not sure why this query was so complicated. We should keep it here for a while,
- // just to make sure that we really don't need it.
- // FROM `item` INNER JOIN (SELECT `uri`,`parent` FROM `item` WHERE `id` = %d) AS `temp1`
- // ON (`item`.`thr-parent` = `temp1`.`uri` AND `item`.`parent` = `temp1`.`parent`)
-
- $r = q(
- "SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`
- FROM `item`
- STRAIGHT_JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND `contact`.`uid` = `item`.`uid`
- AND (NOT `contact`.`blocked` OR `contact`.`pending`)
- WHERE `item`.`parent` = %d AND `item`.`visible`
- AND NOT `item`.`moderated` AND NOT `item`.`deleted`
- AND `item`.`uid` = %d AND `item`.`verb` = '%s'
- AND `item`.`id`>%d $sql_extra
- ORDER BY `item`.`id` DESC LIMIT %d ,%d",
- intval($id),
- intval(api_user()),
- dbesc(ACTIVITY_POST),
- intval($since_id),
- intval($start),
- intval($count)
- );
+ $params = ['order' => ['id' => true], 'limit' => [$start, $count]];
+ $statuses = Item::selectForUser(api_user(), [], $condition, $params);
- if (!DBM::is_result($r)) {
- throw new BadRequestException("There is no status with this id.");
+ if (!DBM::is_result($statuses)) {
+ throw new BadRequestException("There is no status with id $id.");
}
- $ret = api_format_items($r, $user_info, false, $type);
+ $ret = api_format_items(dba::inArray($statuses), $user_info, false, $type);
$data = ['status' => $ret];
return api_format_data("statuses", $type, $data);
logger('API: api_statuses_repeat: '.$id);
- $r = q(
- "SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`, `contact`.`nick` as `reply_author`,
- `contact`.`name`, `contact`.`photo` as `reply_photo`, `contact`.`url` as `reply_url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`
- FROM `item`
- INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND `contact`.`uid` = `item`.`uid`
- AND (NOT `contact`.`blocked` OR `contact`.`pending`)
- WHERE `item`.`visible` AND NOT `item`.`moderated` AND NOT `item`.`deleted`
- AND NOT `item`.`private` AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = ''
- AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = ''
- AND `item`.`id`=%d",
- intval($id)
- );
+ $fields = ['body', 'author-name', 'author-link', 'author-avatar', 'guid', 'created', 'plink'];
+ $item = Item::selectFirst($fields, ['id' => $id, 'private' => false]);
- /// @TODO other style than above functions!
- if (DBM::is_result($r) && $r[0]['body'] != "") {
- if (strpos($r[0]['body'], "[/share]") !== false) {
- $pos = strpos($r[0]['body'], "[share");
- $post = substr($r[0]['body'], $pos);
+ if (DBM::is_result($item) && $item['body'] != "") {
+ if (strpos($item['body'], "[/share]") !== false) {
+ $pos = strpos($item['body'], "[share");
+ $post = substr($item['body'], $pos);
} else {
- $post = share_header($r[0]['author-name'], $r[0]['author-link'], $r[0]['author-avatar'], $r[0]['guid'], $r[0]['created'], $r[0]['plink']);
+ $post = share_header($item['author-name'], $item['author-link'], $item['author-avatar'], $item['guid'], $item['created'], $item['plink']);
- $post .= $r[0]['body'];
+ $post .= $item['body'];
$post .= "[/share]";
}
$_REQUEST['body'] = $post;
}
// this should output the last post (the one we just posted).
- $called_api = null;
+ $called_api = [];
return api_status_show($type);
}
$ret = api_statuses_show($type);
- Item::deleteById($id);
+ Item::deleteForUser(['id' => $id], api_user());
return $ret;
}
$start = ($page - 1) * $count;
- // Ugly code - should be changed
- $myurl = System::baseUrl() . '/profile/'. $a->user['nickname'];
- $myurl = substr($myurl, strpos($myurl, '://') + 3);
- $myurl = str_replace('www.', '', $myurl);
-
- $sql_extra = '';
+ $condition = ["`uid` = ? AND `verb` = ? AND `item`.`id` > ? AND `author-id` != ?
+ AND `item`.`parent` IN (SELECT `iid` FROM `thread` WHERE `uid` = ? AND `mention` AND NOT `ignored`)",
+ api_user(), ACTIVITY_POST, $since_id, $user_info['pid'], api_user()];
if ($max_id > 0) {
- $sql_extra .= ' AND `item`.`id` <= ' . intval($max_id);
+ $condition[0] .= " AND `item`.`id` <= ?";
+ $condition[] = $max_id;
}
- $r = q(
- "SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`
- FROM `item` FORCE INDEX (`uid_id`)
- STRAIGHT_JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND `contact`.`uid` = `item`.`uid`
- AND (NOT `contact`.`blocked` OR `contact`.`pending`)
- WHERE `item`.`uid` = %d AND `verb` = '%s'
- AND NOT (`item`.`author-link` IN ('https://%s', 'http://%s'))
- AND `item`.`visible` AND NOT `item`.`moderated` AND NOT `item`.`deleted`
- AND `item`.`parent` IN (SELECT `iid` FROM `thread` WHERE `uid` = %d AND `mention` AND !`ignored`)
- $sql_extra
- AND `item`.`id`>%d
- ORDER BY `item`.`id` DESC LIMIT %d ,%d ",
- intval(api_user()),
- dbesc(ACTIVITY_POST),
- dbesc(protect_sprintf($myurl)),
- dbesc(protect_sprintf($myurl)),
- intval(api_user()),
- intval($since_id),
- intval($start),
- intval($count)
- );
+ $params = ['order' => ['id' => true], 'limit' => [$start, $count]];
+ $statuses = Item::selectForUser(api_user(), [], $condition, $params);
- $ret = api_format_items($r, $user_info, false, $type);
+ $ret = api_format_items(dba::inArray($statuses), $user_info, false, $type);
$data = ['status' => $ret];
switch ($type) {
}
$start = ($page - 1) * $count;
- $sql_extra = '';
+ $condition = ["`uid` = ? AND `verb` = ? AND `item`.`id` > ? AND `item`.`contact-id` = ?",
+ api_user(), ACTIVITY_POST, $since_id, $user_info['cid']];
+
if ($user_info['self'] == 1) {
- $sql_extra .= " AND `item`.`wall` = 1 ";
+ $condition[0] .= ' AND `item`.`wall` ';
}
if ($exclude_replies > 0) {
- $sql_extra .= ' AND `item`.`parent` = `item`.`id`';
+ $condition[0] .= ' AND `item`.`parent` = `item`.`id`';
}
if ($conversation_id > 0) {
- $sql_extra .= ' AND `item`.`parent` = ' . intval($conversation_id);
+ $condition[0] .= " AND `item`.`parent` = ?";
+ $condition[] = $conversation_id;
}
if ($max_id > 0) {
- $sql_extra .= ' AND `item`.`id` <= ' . intval($max_id);
+ $condition[0] .= " AND `item`.`id` <= ?";
+ $condition[] = $max_id;
}
- $r = q(
- "SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`
- FROM `item` FORCE INDEX (`uid_contactid_id`)
- STRAIGHT_JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND `contact`.`uid` = `item`.`uid`
- AND (NOT `contact`.`blocked` OR `contact`.`pending`)
- WHERE `item`.`uid` = %d AND `verb` = '%s'
- AND `item`.`contact-id` = %d
- AND `item`.`visible` AND NOT `item`.`moderated` AND NOT `item`.`deleted`
- $sql_extra
- AND `item`.`id` > %d
- ORDER BY `item`.`id` DESC LIMIT %d ,%d ",
- intval(api_user()),
- dbesc(ACTIVITY_POST),
- intval($user_info['cid']),
- intval($since_id),
- intval($start),
- intval($count)
- );
+ $params = ['order' => ['id' => true], 'limit' => [$start, $count]];
+ $statuses = Item::selectForUser(api_user(), [], $condition, $params);
- $ret = api_format_items($r, $user_info, true, $type);
+ $ret = api_format_items(dba::inArray($statuses), $user_info, true, $type);
$data = ['status' => $ret];
switch ($type) {
$itemid = intval($_REQUEST['id']);
}
- $item = q("SELECT * FROM `item` WHERE `id`=%d AND `uid`=%d LIMIT 1", $itemid, api_user());
+ $item = Item::selectFirstForUser(api_user(), [], ['id' => $itemid, 'uid' => api_user()]);
- if (!DBM::is_result($item) || count($item) == 0) {
+ if (!DBM::is_result($item)) {
throw new BadRequestException("Invalid item.");
}
switch ($action) {
case "create":
- $item[0]['starred'] = 1;
+ $item['starred'] = 1;
break;
case "destroy":
- $item[0]['starred'] = 0;
+ $item['starred'] = 0;
break;
default:
throw new BadRequestException("Invalid action ".$action);
}
- $r = Item::update(['starred' => $item[0]['starred']], ['id' => $itemid]);
+ $r = Item::update(['starred' => $item['starred']], ['id' => $itemid]);
if ($r === false) {
throw new InternalServerErrorException("DB error");
$user_info = api_get_user($a);
- $rets = api_format_items($item, $user_info, false, $type);
+ $rets = api_format_items([$item], $user_info, false, $type);
$ret = $rets[0];
$data = ['status' => $ret];
if ($user_info['self'] == 0) {
$ret = [];
} else {
- $sql_extra = "";
-
// params
$since_id = (x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0);
$max_id = (x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0);
$start = $page*$count;
+ $condition = ["`uid` = ? AND `verb` = ? AND `id` > ? AND `starred`",
+ api_user(), ACTIVITY_POST, $since_id];
+
+ $params = ['order' => ['id' => true], 'limit' => [$start, $count]];
+
if ($max_id > 0) {
- $sql_extra .= ' AND `item`.`id` <= ' . intval($max_id);
+ $condition[0] .= " AND `item`.`id` <= ?";
+ $condition[] = $max_id;
}
- $r = q(
- "SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`
- FROM `item`, `contact`
- WHERE `item`.`uid` = %d
- AND `item`.`visible` = 1 AND `item`.`moderated` = 0 AND `item`.`deleted` = 0
- AND `item`.`starred` = 1
- AND `contact`.`id` = `item`.`contact-id`
- AND (NOT `contact`.`blocked` OR `contact`.`pending`)
- $sql_extra
- AND `item`.`id`>%d
- ORDER BY `item`.`id` DESC LIMIT %d ,%d ",
- intval(api_user()),
- intval($since_id),
- intval($start),
- intval($count)
- );
+ $statuses = Item::selectForUser(api_user(), [], $condition, $params);
- $ret = api_format_items($r, $user_info, false, $type);
+ $ret = api_format_items(dba::inArray($statuses), $user_info, false, $type);
}
$data = ['status' => $ret];
*
* @param string $body
*
- * @return array|false
+ * @return array
*/
function api_get_attachments(&$body)
{
$ret = preg_match_all("/\[img\]([$URLSearchString]*)\[\/img\]/ism", $text, $images);
if (!$ret) {
- return false;
+ return [];
}
$attachments = [];
];
$items = q(
- 'SELECT * FROM item
- WHERE uid=%d AND `thr-parent`="%s" AND visible AND NOT deleted',
+ 'SELECT * FROM `item`
+ WHERE `uid` = %d AND `thr-parent` = "%s" AND `visible` AND NOT `deleted`',
intval($item['uid']),
dbesc($item['uri'])
);
//builtin_activity_puller($i, $activities);
// get user data and add it to the array of the activity
- $user = api_get_user($a, $i['author-link']);
+ $user = api_get_user($a, $i['author-id']);
switch ($i['verb']) {
case ACTIVITY_LIKE:
$activities['like'][] = $user;
$status["entities"] = $converted["entities"];
}
- if (($item['item_network'] != "") && ($status["source"] == 'web')) {
- $status["source"] = ContactSelector::networkToName($item['item_network'], $user_info['url']);
- } elseif (($item['item_network'] != "") && (ContactSelector::networkToName($item['item_network'], $user_info['url']) != $status["source"])) {
- $status["source"] = trim($status["source"].' ('.ContactSelector::networkToName($item['item_network'], $user_info['url']).')');
+ if ($status["source"] == 'web') {
+ $status["source"] = ContactSelector::networkToName($item['network'], $user_info['url']);
+ } elseif (ContactSelector::networkToName($item['network'], $user_info['url']) != $status["source"]) {
+ $status["source"] = trim($status["source"].' ('.ContactSelector::networkToName($item['network'], $user_info['url']).')');
}
-
- // Retweets are only valid for top postings
- // It doesn't work reliable with the link if its a feed
- //$IsRetweet = ($item['owner-link'] != $item['author-link']);
- //if ($IsRetweet)
- // $IsRetweet = (($item['owner-name'] != $item['author-name']) || ($item['owner-avatar'] != $item['author-avatar']));
-
-
if ($item["id"] == $item["parent"]) {
$retweeted_item = api_share_as_retweet($item);
if ($retweeted_item !== false) {
$retweeted_status = $status;
try {
- $retweeted_status["user"] = api_get_user($a, $retweeted_item["author-link"]);
+ $retweeted_status["user"] = api_get_user($a, $retweeted_item["author-id"]);
} catch (BadRequestException $e) {
// user not found. should be found?
/// @todo check if the user should be always found
$start = $page * $count;
- $sql_extra = '';
+ $condition = ["`uid` = ? AND `verb` = ? AND `id` > ? AND `group_member`.`gid` = ?",
+ api_user(), ACTIVITY_POST, $since_id, $_REQUEST['list_id']];
+
if ($max_id > 0) {
- $sql_extra .= ' AND `item`.`id` <= ' . intval($max_id);
+ $condition[0] .= " AND `item`.`id` <= ?";
+ $condition[] = $max_id;
}
if ($exclude_replies > 0) {
- $sql_extra .= ' AND `item`.`parent` = `item`.`id`';
+ $condition[0] .= ' AND `item`.`parent` = `item`.`id`';
}
if ($conversation_id > 0) {
- $sql_extra .= ' AND `item`.`parent` = ' . intval($conversation_id);
- }
-
- $statuses = dba::p(
- "SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`, `group_member`.`gid`
- FROM `item`
- STRAIGHT_JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND `contact`.`uid` = `item`.`uid`
- AND (NOT `contact`.`blocked` OR `contact`.`pending`)
- STRAIGHT_JOIN `group_member` ON `group_member`.`contact-id` = `item`.`contact-id`
- WHERE `item`.`uid` = ? AND `verb` = ?
- AND `item`.`visible` AND NOT `item`.`moderated` AND NOT `item`.`deleted`
- $sql_extra
- AND `item`.`id`>?
- AND `group_member`.`gid` = ?
- ORDER BY `item`.`id` DESC LIMIT ".intval($start)." ,".intval($count),
- api_user(),
- ACTIVITY_POST,
- $since_id,
- $_REQUEST['list_id']
- );
+ $condition[0] .= " AND `item`.`parent` = ?";
+ $condition[] = $conversation_id;
+ }
+
+ $params = ['order' => ['id' => true], 'limit' => [$start, $count]];
+ $statuses = Item::selectForUser(api_user(), [], $condition, $params);
$items = api_format_items(dba::inArray($statuses), $user_info, false, $type);
function api_direct_messages_box($type, $box, $verbose)
{
$a = get_app();
- $user_info = api_get_user($a);
-
- if (api_user() === false || $user_info === false) {
+ if (api_user() === false) {
throw new ForbiddenException();
}
-
// params
$count = (x($_GET, 'count') ? $_GET['count'] : 20);
$page = (x($_REQUEST, 'page') ? $_REQUEST['page'] -1 : 0);
unset($_REQUEST["screen_name"]);
unset($_GET["screen_name"]);
+ $user_info = api_get_user($a);
+ if ($user_info === false) {
+ throw new ForbiddenException();
+ }
$profile_url = $user_info["url"];
// pagination
if (!DBM::is_result($photo_item)) {
throw new InternalServerErrorException("problem with deleting items occured");
}
- Item::deleteById($photo_item[0]['id']);
+ Item::deleteForUser(['id' => $photo_item[0]['id']], api_user());
}
// now let's delete all photos from the album
}
// function for setting the items to "deleted = 1" which ensures that comments, likes etc. are not shown anymore
// to the user and the contacts of the users (drop_items() do all the necessary magic to avoid orphans in database and federate deletion)
- Item::deleteById($photo_item[0]['id']);
+ Item::deleteForUser(['id' => $photo_item[0]['id']], api_user());
$answer = ['result' => 'deleted', 'message' => 'photo with id `' . $photo_id . '` has been deleted from server.'];
return api_format_data("photo_delete", $type, ['$result' => $answer]);
function post_photo_item($hash, $allow_cid, $deny_cid, $allow_gid, $deny_gid, $filetype, $visibility = false)
{
// get data about the api authenticated user
- $uri = item_new_uri(get_app()->get_hostname(), intval(api_user()));
+ $uri = Item::newURI(intval(api_user()));
$owner_record = q("SELECT * FROM `contact` WHERE `uid`= %d AND `self` LIMIT 1", intval(api_user()));
$arr = [];
$data['photo']['friendica_activities'] = api_format_items_activities($item[0], $type);
// retrieve comments on photo
- $r = q(
- "SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
- `contact`.`id` AS `cid`
- FROM `item`
- STRAIGHT_JOIN `contact` ON `contact`.`id` = `item`.`contact-id` AND `contact`.`uid` = `item`.`uid`
- AND (NOT `contact`.`blocked` OR `contact`.`pending`)
- WHERE `item`.`parent` = %d AND `item`.`visible`
- AND NOT `item`.`moderated` AND NOT `item`.`deleted`
- AND `item`.`uid` = %d AND (`item`.`verb`='%s' OR `type`='photo')",
- intval($item[0]['parent']),
- intval(api_user()),
- dbesc(ACTIVITY_POST)
- );
+ $condition = ["`parent` = ? AND `uid` = ? AND (`verb` = ? OR `type`='photo')",
+ $item[0]['parent'], api_user(), ACTIVITY_POST];
+
+ $statuses = Item::selectForUser(api_user(), [], $condition);
// prepare output of comments
- $commentData = api_format_items($r, $user_info, false, $type);
+ $commentData = api_format_items(dba::inArray($statuses), $user_info, false, $type);
$comments = [];
if ($type == "xml") {
$k = 0;
$in_reply_to['status_id_str'] = (string) intval($in_reply_to['status_id']);
$r = q(
- "SELECT `contact`.`nick`, `contact`.`name`, `contact`.`id`, `contact`.`url` FROM item
+ "SELECT `contact`.`nick`, `contact`.`name`, `contact`.`id`, `contact`.`url` FROM `item`
STRAIGHT_JOIN `contact` ON `contact`.`id` = `item`.`author-id`
WHERE `item`.`id` = %d LIMIT 1",
intval($in_reply_to['status_id'])
$nm->setSeen($note);
if ($note['otype']=='item') {
// would be really better with an ItemsManager and $im->getByID() :-P
- $r = q(
- "SELECT * FROM `item` WHERE `id`=%d AND `uid`=%d",
- intval($note['iid']),
- intval(local_user())
- );
- if ($r!==false) {
+ $item = Item::selectFirstForUser(api_user(), [], ['id' => $note['iid'], 'uid' => api_user()]);
+ if (DBM::is_result($$item)) {
// we found the item, return it to the user
- $ret = api_format_items($r, $user_info, false, $type);
+ $ret = api_format_items([$item], $user_info, false, $type);
$data = ['status' => $ret];
return api_format_data("status", $type, $data);
}
projects / friendica.git / blobdiff