X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=mod%2Fapi.php;h=4a1db1be5511c7a0f7f6d19daeae38065cc14d6d;hb=174e71cc36a081581b1b2f970b03441353c8c960;hp=2a871a9a9e1a499075b95d122c31a1964de76749;hpb=cfa68c52b9117616fa95a4639ad74e7d220d193d;p=friendica.git diff --git a/mod/api.php b/mod/api.php index 2a871a9a9e..4a1db1be55 100644 --- a/mod/api.php +++ b/mod/api.php @@ -5,22 +5,21 @@ use Friendica\App; use Friendica\Core\Config; use Friendica\Core\L10n; +use Friendica\Core\Renderer; use Friendica\Database\DBA; use Friendica\Module\Login; require_once 'include/api.php'; -function oauth_get_client($request) +function oauth_get_client(OAuthRequest $request) { - - $params = $request->get_parameters(); $token = $params['oauth_token']; $r = q("SELECT `clients`.* FROM `clients`, `tokens` WHERE `clients`.`client_id`=`tokens`.`client_id` - AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'", dbesc($token)); + AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'", DBA::escape($token)); if (!DBA::isResult($r)) { return null; @@ -36,7 +35,7 @@ function api_post(App $a) return; } - if (count($a->user) && x($a->user, 'uid') && $a->user['uid'] != local_user()) { + if (count($a->user) && !empty($a->user['uid']) && $a->user['uid'] != local_user()) { notice(L10n::t('Permission denied.') . EOL); return; } @@ -57,10 +56,10 @@ function api_content(App $a) } catch (Exception $e) { echo "
";
 			var_dump($e);
-			killme();
+			exit();
 		}
 
-		if (x($_POST, 'oauth_yes')) {
+		if (!empty($_POST['oauth_yes'])) {
 			$app = oauth_get_client($request);
 			if (is_null($app)) {
 				return "Invalid request. Unknown token.";
@@ -76,12 +75,12 @@ function api_content(App $a)
 				if (strstr($consumer->callback_url, $glue)) {
 					$glue = "?";
 				}
-				goaway($consumer->callback_url . $glue . "oauth_token=" . OAuthUtil::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuthUtil::urlencode_rfc3986($verifier));
-				killme();
+				$a->internalRedirect($consumer->callback_url . $glue . 'oauth_token=' . OAuthUtil::urlencode_rfc3986($params['oauth_token']) . '&oauth_verifier=' . OAuthUtil::urlencode_rfc3986($verifier));
+				exit();
 			}
 
-			$tpl = get_markup_template("oauth_authorize_done.tpl");
-			$o = replace_macros($tpl, [
+			$tpl = Renderer::getMarkupTemplate("oauth_authorize_done.tpl");
+			$o = Renderer::replaceMacros($tpl, [
 				'$title' => L10n::t('Authorize application connection'),
 				'$info' => L10n::t('Return to your app and insert this Securty Code:'),
 				'$code' => $verifier,
@@ -102,8 +101,8 @@ function api_content(App $a)
 			return "Invalid request. Unknown token.";
 		}
 
-		$tpl = get_markup_template('oauth_authorize.tpl');
-		$o = replace_macros($tpl, [
+		$tpl = Renderer::getMarkupTemplate('oauth_authorize.tpl');
+		$o = Renderer::replaceMacros($tpl, [
 			'$title' => L10n::t('Authorize application connection'),
 			'$app' => $app,
 			'$authorize' => L10n::t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),
@@ -115,5 +114,5 @@ function api_content(App $a)
 	}
 
 	echo api_call($a);
-	killme();
+	exit();
 }