if (!defined('STATUSNET')) {
exit(1);
}
-
+require_once INSTALLDIR . '/lib/apiaction.php';
require_once INSTALLDIR . '/lib/apioauthstore.php';
/**
- * Base action for API OAuth enpoints. Clean up the
- * the request, and possibly some other common things
- * here.
+ * Base action for API OAuth enpoints. Clean up the
+ * request. Some other common functions.
*
* @category API
* @package StatusNet
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
-class ApiOauthAction extends Action
+class ApiOauthAction extends ApiAction
{
/**
* Is this a read-only action?
self::cleanRequest();
}
+ /*
+ * Clean up the request so the OAuth library doesn't find
+ * any extra parameters or anything else it's not expecting.
+ * I'm looking at you, p parameter.
+ */
+
static function cleanRequest()
{
// kill evil effects of magical slashing
unset($_REQUEST['p']);
$queryArray = explode('&', $_SERVER['QUERY_STRING']);
+
for ($i = 0; $i < sizeof($queryArray); $i++) {
- if (substr($queryArray[$i], 0, 1) == 'p=') {
+ if (substr($queryArray[$i], 0, 2) == 'p=') {
unset($queryArray[$i]);
}
}
- $_SERVER['QUERY_STRING'] = implode('&', $queryString);
+ $_SERVER['QUERY_STRING'] = implode('&', $queryArray);
}
- function getCallback($url, $params)
- {
- foreach ($params as $k => $v) {
- $url = $this->appendQueryVar($url,
- OAuthUtil::urlencode_rfc3986($k),
- OAuthUtil::urlencode_rfc3986($v));
- }
-
- return $url;
- }
-
- function appendQueryVar($url, $k, $v) {
- $url = preg_replace('/(.*)(\?|&)' . $k . '=[^&]+?(&)(.*)/i', '$1$2$4', $url . '&');
- $url = substr($url, 0, -1);
- if (strpos($url, '?') === false) {
- return ($url . '?' . $k . '=' . $v);
- } else {
- return ($url . '&' . $k . '=' . $v);
- }
- }
}