X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fapi.php;h=1196e0aac75b77246830f65ed82dc0da6eb91611;hb=4b95e8ebe8719827566b484810dfe140f7b51726;hp=1f58a6baae3e77a264789d754ebe95003bc1949e;hpb=d49895a8a10442e1a585732e94230ac51e92396d;p=friendica.git diff --git a/include/api.php b/include/api.php index 1f58a6baae..1196e0aac7 100644 --- a/include/api.php +++ b/include/api.php @@ -2,7 +2,7 @@ require_once("bbcode.php"); require_once("datetime.php"); require_once("conversation.php"); - + require_once("oauth.php"); /* * Twitter-Like API * @@ -27,6 +27,23 @@ * Simple HTTP Login */ function api_login(&$a){ + // login with oauth + try{ + $oauth = new FKOAuth1(); + list($consumer,$token) = $oauth->verify_request(OAuthRequest::from_request()); + if (!is_null($token)){ + $oauth->loginUser($token->uid); + call_hooks('logged_in', $a->user); + return; + } + echo __file__.__line__.__function__."
"; var_dump($consumer, $token); die(); + }catch(Exception $e){ + logger(__file__.__line__.__function__."\n".$e); + //die(__file__.__line__.__function__."".$e); die(); + } + + + // workaround for HTTP-auth in CGI mode if(x($_SERVER,'REDIRECT_REMOTE_USER')) { $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"],6)) ; @@ -55,7 +72,7 @@ // process normal login request $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) - AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1", + AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($user)), dbesc(trim($user)), dbesc($encrypted) @@ -404,14 +421,6 @@ return $ret; } - /** - * apply xmlify() to all values of array $val, recursively - */ - function api_xmlify($val){ - if (is_bool($val)) return $val?"true":"false"; - if (is_array($val)) return array_map('api_xmlify', $val); - return xmlify((string) $val); - } /** * load api $templatename for $type and replace $data array @@ -424,7 +433,7 @@ case "atom": case "rss": case "xml": - $data = api_xmlify($data); + $data = array_xmlify($data); $tpl = get_markup_template("api_".$templatename."_".$type.".tpl"); $ret = replace_macros($tpl, $data); break; @@ -466,6 +475,7 @@ } return null; } + // TODO - media uploads function api_statuses_update(&$a, $type) { if (local_user()===false) return false; @@ -475,7 +485,28 @@ // logger('api_post: ' . print_r($_POST,true)); - $_POST['body'] = urldecode(requestdata('status')); + if(requestdata('htmlstatus')) { + require_once('library/HTMLPurifier.auto.php'); + require_once('include/html2bbcode.php'); + + $txt = requestdata('htmlstatus'); + if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) { + + $txt = html2bb_video($txt); + + $config = HTMLPurifier_Config::createDefault(); + $config->set('Cache.DefinitionImpl', null); + + + $purifier = new HTMLPurifier($config); + $txt = $purifier->purify($txt); + + $_POST['body'] = html2bbcode($txt); + } + + } + else + $_POST['body'] = urldecode(requestdata('status')); $parent = requestdata('in_reply_to_status_id'); if(ctype_digit($parent)) @@ -1113,3 +1144,31 @@ } api_register_func('api/direct_messages/sent','api_direct_messages_sentbox',true); api_register_func('api/direct_messages','api_direct_messages_inbox',true); + + + + function api_oauth_request_token(&$a, $type){ + try{ + $oauth = new FKOAuth1(); + $r = $oauth->fetch_request_token(OAuthRequest::from_request()); + }catch(Exception $e){ + echo "error=". OAuthUtil::urlencode_rfc3986($e->getMessage()); killme(); + } + echo $r; + killme(); + } + function api_oauth_access_token(&$a, $type){ + try{ + $oauth = new FKOAuth1(); + $r = $oauth->fetch_access_token(OAuthRequest::from_request()); + }catch(Exception $e){ + echo "error=". OAuthUtil::urlencode_rfc3986($e->getMessage()); killme(); + } + echo $r; + killme(); + } + + api_register_func('api/oauth/request_token', 'api_oauth_request_token', false); + api_register_func('api/oauth/access_token', 'api_oauth_access_token', false); + +