X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fapi.php;h=404ede4239ddc966dcef7db6938f38642020f2ec;hb=6501acf0bcffaa07fc3c2abe165d271985ea47b9;hp=e641003170de89164aa1682d85e78eb1b020673f;hpb=b42262f206ad3a6bd33d0e0d7d12f3211c85d9a0;p=friendica.git

diff --git a/include/api.php b/include/api.php
index e641003170..404ede4239 100644
--- a/include/api.php
+++ b/include/api.php
@@ -12,6 +12,7 @@ use Friendica\Content\ContactSelector;
 use Friendica\Content\Feature;
 use Friendica\Content\Text\BBCode;
 use Friendica\Content\Text\HTML;
+use Friendica\App\Authentication;
 use Friendica\Core\Config;
 use Friendica\Core\Hook;
 use Friendica\Core\L10n;
@@ -253,7 +254,9 @@ function api_login(App $a)
 		throw new UnauthorizedException("This API requires login");
 	}
 
-	Session::setAuthenticatedForUser($a, $record);
+	/** @var Authentication $authentication */
+	$authentication = BaseObject::getClass(Authentication::class);
+	$authentication->setForUser($a, $record);
 
 	$_SESSION["allow_api"] = true;
 
@@ -605,11 +608,6 @@ function api_get_user(App $a, $contact_id = null)
 		$contact = DBA::selectFirst('contact', [], ['uid' => 0, 'nurl' => Strings::normaliseLink($url)]);
 
 		if (DBA::isResult($contact)) {
-			// If no nick where given, extract it from the address
-			if (($contact['nick'] == "") || ($contact['name'] == $contact['nick'])) {
-				$contact['nick'] = api_get_nick($contact["url"]);
-			}
-
 			$ret = [
 				'id' => $contact["id"],
 				'id_str' => (string) $contact["id"],
@@ -668,11 +666,6 @@ function api_get_user(App $a, $contact_id = null)
 	$countfollowers = 0;
 	$starred = 0;
 
-	// Add a nick if it isn't present there
-	if (($uinfo[0]['nick'] == "") || ($uinfo[0]['name'] == $uinfo[0]['nick'])) {
-		$uinfo[0]['nick'] = api_get_nick($uinfo[0]["url"]);
-	}
-
 	$pcontact_id  = Contact::getIdForURL($uinfo[0]['url'], 0, true);
 
 	if (!empty($profile['about'])) {
@@ -1416,32 +1409,37 @@ function api_users_search($type)
 	$userlist = [];
 
 	if (!empty($_GET['q'])) {
-		$r = q("SELECT id FROM `contact` WHERE `uid` = 0 AND `name` = '%s'", DBA::escape($_GET["q"]));
-
-		if (!DBA::isResult($r)) {
-			$r = q("SELECT `id` FROM `contact` WHERE `uid` = 0 AND `nick` = '%s'", DBA::escape($_GET["q"]));
-		}
+		$contacts = Contact::selectToArray(
+			['id'],
+			[
+				'`uid` = 0 AND (`name` = ? OR `nick` = ? OR `url` = ? OR `addr` = ?)',
+				$_GET['q'],
+				$_GET['q'],
+				$_GET['q'],
+				$_GET['q'],
+			]
+		);
 
-		if (DBA::isResult($r)) {
+		if (DBA::isResult($contacts)) {
 			$k = 0;
-			foreach ($r as $user) {
-				$user_info = api_get_user($a, $user["id"]);
+			foreach ($contacts as $contact) {
+				$user_info = api_get_user($a, $contact['id']);
 
-				if ($type == "xml") {
-					$userlist[$k++.":user"] = $user_info;
+				if ($type == 'xml') {
+					$userlist[$k++ . ':user'] = $user_info;
 				} else {
 					$userlist[] = $user_info;
 				}
 			}
-			$userlist = ["users" => $userlist];
+			$userlist = ['users' => $userlist];
 		} else {
-			throw new BadRequestException("User ".$_GET["q"]." not found.");
+			throw new NotFoundException('User ' . $_GET['q'] . ' not found.');
 		}
 	} else {
-		throw new BadRequestException("No user specified.");
+		throw new BadRequestException('No search term specified.');
 	}
 
-	return api_format_data("users", $type, $userlist);
+	return api_format_data('users', $type, $userlist);
 }
 
 /// @TODO move to top of file or somewhere better
@@ -1502,7 +1500,9 @@ function api_search($type)
 	$a = \get_app();
 	$user_info = api_get_user($a);
 
-	if (api_user() === false || $user_info === false) { throw new ForbiddenException(); }
+	if (api_user() === false || $user_info === false) {
+		throw new ForbiddenException();
+	}
 
 	if (empty($_REQUEST['q'])) {
 		throw new BadRequestException('q parameter is required.');
@@ -1566,7 +1566,21 @@ function api_search($type)
 		}
 	}
 
-	$statuses = Item::selectForUser(api_user(), [], $condition, $params);
+	$statuses = [];
+
+	if (parse_url($searchTerm, PHP_URL_SCHEME) != '') {
+		$id = Item::fetchByLink($searchTerm, api_user());
+		if (!$id) {
+			// Public post
+			$id = Item::fetchByLink($searchTerm);
+		}
+
+		if (!empty($id)) {
+			$statuses = Item::select([], ['id' => $id]);
+		}
+	}
+
+	$statuses = $statuses ?: Item::selectForUser(api_user(), [], $condition, $params);
 
 	$data['status'] = api_format_items(Item::inArray($statuses), $user_info);
 
@@ -2144,8 +2158,8 @@ function api_statuses_mentions($type)
 
 	$start = max(0, ($page - 1) * $count);
 
-	$condition = ["`uid` = ? AND `gravity` IN (?, ?) AND `item`.`id` > ? AND `author-id` != ?
-		AND `item`.`parent` IN (SELECT `iid` FROM `thread` WHERE `thread`.`uid` = ? AND `thread`.`mention` AND NOT `thread`.`ignored`)",
+	$condition = ["`uid` = ? AND `gravity` IN (?, ?) AND `item`.`id` > ? AND `author-id` != ? AND `mention`
+		AND `item`.`parent` IN (SELECT `iid` FROM `thread` WHERE `thread`.`uid` = ? AND NOT `thread`.`ignored`)",
 		api_user(), GRAVITY_PARENT, GRAVITY_COMMENT, $since_id, $user_info['pid'], api_user()];
 
 	if ($max_id > 0) {
@@ -2830,9 +2844,10 @@ function api_format_items_activities($item, $type = "json")
 		'attendyes' => [],
 		'attendno' => [],
 		'attendmaybe' => [],
+		'announce' => [],
 	];
 
-	$condition = ['uid' => $item['uid'], 'thr-parent' => $item['uri']];
+	$condition = ['uid' => $item['uid'], 'thr-parent' => $item['uri'], 'gravity' => GRAVITY_ACTIVITY];
 	$ret = Item::selectForUser($item['uid'], ['author-id', 'verb'], $condition);
 
 	while ($parent_item = Item::fetch($ret)) {
@@ -2857,6 +2872,9 @@ function api_format_items_activities($item, $type = "json")
 			case Activity::ATTENDMAYBE:
 				$activities['attendmaybe'][] = $user;
 				break;
+			case Activity::ANNOUNCE:
+				$activities['announce'][] = $user;
+				break;
 			default:
 				break;
 		}
@@ -3605,6 +3623,7 @@ api_register_func('api/statusnet/version', 'api_statusnet_version', false);
  *
  * @param string $type Return type (atom, rss, xml, json)
  *
+ * @param int $rel A contact relationship constant
  * @return array|string|void
  * @throws BadRequestException
  * @throws ForbiddenException
@@ -3613,7 +3632,7 @@ api_register_func('api/statusnet/version', 'api_statusnet_version', false);
  * @throws UnauthorizedException
  * @todo use api_format_data() to return data
  */
-function api_ff_ids($type)
+function api_ff_ids($type, int $rel)
 {
 	if (!api_user()) {
 		throw new ForbiddenException();
@@ -3625,26 +3644,29 @@ function api_ff_ids($type)
 
 	$stringify_ids = $_REQUEST['stringify_ids'] ?? false;
 
-	$r = q(
-		"SELECT `pcontact`.`id` FROM `contact`
-			INNER JOIN `contact` AS `pcontact` ON `contact`.`nurl` = `pcontact`.`nurl` AND `pcontact`.`uid` = 0
-			WHERE `contact`.`uid` = %s AND NOT `contact`.`self`",
-		intval(api_user())
+	$contacts = DBA::p("SELECT `pcontact`.`id`
+		FROM `contact`
+		INNER JOIN `contact` AS `pcontact`
+		    ON `contact`.`nurl` = `pcontact`.`nurl`
+		    AND `pcontact`.`uid` = 0
+		WHERE `contact`.`uid` = ?
+		AND NOT `contact`.`self`
+		AND `contact`.`rel` IN (?, ?)",
+		api_user(),
+		$rel,
+		Contact::FRIEND
 	);
-	if (!DBA::isResult($r)) {
-		return;
-	}
 
 	$ids = [];
-	foreach ($r as $rr) {
+	foreach (DBA::toArray($contacts) as $contact) {
 		if ($stringify_ids) {
-			$ids[] = $rr['id'];
+			$ids[] = $contact['id'];
 		} else {
-			$ids[] = intval($rr['id']);
+			$ids[] = intval($contact['id']);
 		}
 	}
 
-	return api_format_data("ids", $type, ['id' => $ids]);
+	return api_format_data('ids', $type, ['id' => $ids]);
 }
 
 /**
@@ -3655,11 +3677,14 @@ function api_ff_ids($type)
  * @return array|string
  * @throws BadRequestException
  * @throws ForbiddenException
+ * @throws ImagickException
+ * @throws InternalServerErrorException
+ * @throws UnauthorizedException
  * @see https://developer.twitter.com/en/docs/accounts-and-users/follow-search-get-users/api-reference/get-friends-ids
  */
 function api_friends_ids($type)
 {
-	return api_ff_ids($type);
+	return api_ff_ids($type, Contact::SHARING);
 }
 
 /**
@@ -3670,11 +3695,14 @@ function api_friends_ids($type)
  * @return array|string
  * @throws BadRequestException
  * @throws ForbiddenException
+ * @throws ImagickException
+ * @throws InternalServerErrorException
+ * @throws UnauthorizedException
  * @see https://developer.twitter.com/en/docs/accounts-and-users/follow-search-get-users/api-reference/get-followers-ids
  */
 function api_followers_ids($type)
 {
-	return api_ff_ids($type);
+	return api_ff_ids($type, Contact::FOLLOWER);
 }
 
 /// @TODO move to top of file or somewhere better
@@ -5063,14 +5091,17 @@ function api_friendica_remoteauth()
 	// traditional DFRN
 
 	$contact = DBA::selectFirst('contact', [], ['uid' => api_user(), 'nurl' => $c_url]);
-
-	if (!DBA::isResult($contact) || ($contact['network'] !== Protocol::DFRN)) {
+	if (!DBA::isResult($contact)) {
 		throw new BadRequestException("Unknown contact");
 	}
 
 	$cid = $contact['id'];
 
-	$dfrn_id = $contact['issued-id'] ?? $contact['dfrn-id'];
+	$dfrn_id = $contact['issued-id'] ?: $contact['dfrn-id'];
+
+	if (($contact['network'] !== Protocol::DFRN) || empty($dfrn_id)) {
+		System::externalRedirect($url ?: $c_url);
+	}
 
 	if ($contact['duplex'] && $contact['issued-id']) {
 		$orig_id = $contact['issued-id'];
@@ -5202,91 +5233,6 @@ function api_share_as_retweet(&$item)
 	return $reshared_item;
 }
 
-/**
- *
- * @param string $profile
- *
- * @return string|false
- * @throws InternalServerErrorException
- * @todo remove trailing junk from profile url
- * @todo pump.io check has to check the website
- */
-function api_get_nick($profile)
-{
-	$nick = "";
-
-	$r = q(
-		"SELECT `nick` FROM `contact` WHERE `uid` = 0 AND `nurl` = '%s'",
-		DBA::escape(Strings::normaliseLink($profile))
-	);
-
-	if (DBA::isResult($r)) {
-		$nick = $r[0]["nick"];
-	}
-
-	if (!$nick == "") {
-		$r = q(
-			"SELECT `nick` FROM `contact` WHERE `uid` = 0 AND `nurl` = '%s'",
-			DBA::escape(Strings::normaliseLink($profile))
-		);
-
-		if (DBA::isResult($r)) {
-			$nick = $r[0]["nick"];
-		}
-	}
-
-	if (!$nick == "") {
-		$friendica = preg_replace("=https?://(.*)/profile/(.*)=ism", "$2", $profile);
-		if ($friendica != $profile) {
-			$nick = $friendica;
-		}
-	}
-
-	if (!$nick == "") {
-		$diaspora = preg_replace("=https?://(.*)/u/(.*)=ism", "$2", $profile);
-		if ($diaspora != $profile) {
-			$nick = $diaspora;
-		}
-	}
-
-	if (!$nick == "") {
-		$twitter = preg_replace("=https?://twitter.com/(.*)=ism", "$1", $profile);
-		if ($twitter != $profile) {
-			$nick = $twitter;
-		}
-	}
-
-
-	if (!$nick == "") {
-		$StatusnetHost = preg_replace("=https?://(.*)/user/(.*)=ism", "$1", $profile);
-		if ($StatusnetHost != $profile) {
-			$StatusnetUser = preg_replace("=https?://(.*)/user/(.*)=ism", "$2", $profile);
-			if ($StatusnetUser != $profile) {
-				$UserData = Network::fetchUrl("http://".$StatusnetHost."/api/users/show.json?user_id=".$StatusnetUser);
-				$user = json_decode($UserData);
-				if ($user) {
-					$nick = $user->screen_name;
-				}
-			}
-		}
-	}
-
-	// To-Do: look at the page if its really a pumpio site
-	//if (!$nick == "") {
-	//	$pumpio = preg_replace("=https?://(.*)/(.*)/=ism", "$2", $profile."/");
-	//	if ($pumpio != $profile)
-	//		$nick = $pumpio;
-		//      <div class="media" id="profile-block" data-profile-id="acct:kabniel@microca.st">
-
-	//}
-
-	if ($nick != "") {
-		return $nick;
-	}
-
-	return false;
-}
-
 /**
  *
  * @param array $item
@@ -5318,10 +5264,6 @@ function api_in_reply_to($item)
 		$parent = Item::selectFirst($fields, ['id' => $in_reply_to['status_id']]);
 
 		if (DBA::isResult($parent)) {
-			if ($parent['author-nick'] == "") {
-				$parent['author-nick'] = api_get_nick($parent['author-link']);
-			}
-
 			$in_reply_to['screen_name'] = (($parent['author-nick']) ? $parent['author-nick'] : $parent['author-name']);
 			$in_reply_to['user_id'] = intval($parent['author-id']);
 			$in_reply_to['user_id_str'] = (string) intval($parent['author-id']);