X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fapi.php;h=488e858445648baedf6eb8a0f2a7aa99b936451a;hb=6f72bc8d3a9d82f4762ff77fd008d7a9866ba07f;hp=16481201e3b2551d2b4be5268e8a6262a8501997;hpb=756b90a4e073c5f1e7cfb0314262b90f408b8f83;p=friendica.git
diff --git a/include/api.php b/include/api.php
index 16481201e3..488e858445 100644
--- a/include/api.php
+++ b/include/api.php
@@ -24,6 +24,7 @@
require_once('include/group.php');
require_once('include/like.php');
require_once('include/NotificationsManager.php');
+ require_once('include/plaintext.php');
define('API_METHOD_ANY','*');
@@ -161,10 +162,7 @@
if (!isset($_SERVER['PHP_AUTH_USER'])) {
logger('API_login: ' . print_r($_SERVER,true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
- header('HTTP/1.0 401 Unauthorized');
- die((api_error($a, 'json', "This api requires login")));
-
- //die('This api requires login');
+ throw new UnauthorizedException("This API requires login");
}
$user = $_SERVER['PHP_AUTH_USER'];
@@ -216,8 +214,9 @@
if((! $record) || (! count($record))) {
logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG);
header('WWW-Authenticate: Basic realm="Friendica"');
- header('HTTP/1.0 401 Unauthorized');
- die('This api requires login');
+ #header('HTTP/1.0 401 Unauthorized');
+ #die('This api requires login');
+ throw new UnauthorizedException("This API requires login");
}
authenticate_success($record); $_SESSION["allow_api"] = true;
@@ -331,7 +330,8 @@
*
* @param Api $a
* @param string $type Return type (xml, json, rss, as)
- * @param string $error Error message
+ * @param HTTPException $error Error object
+ * @return strin error message formatted as $type
*/
function api_error(&$a, $type, $e) {
$error = ($e->getMessage()!==""?$e->getMessage():$e->httpdesc);
@@ -814,8 +814,6 @@
if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) {
- require_once('library/HTMLPurifier.auto.php');
-
$txt = html2bb_video($txt);
$config = HTMLPurifier_Config::createDefault();
$config->set('Cache.DefinitionImpl', null);
@@ -855,9 +853,6 @@
if(requestdata('htmlstatus')) {
$txt = requestdata('htmlstatus');
if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) {
-
- require_once('library/HTMLPurifier.auto.php');
-
$txt = html2bb_video($txt);
$config = HTMLPurifier_Config::createDefault();
@@ -908,7 +903,8 @@
if ($posts_day > $throttle_day) {
logger('Daily posting limit reached for user '.api_user(), LOGGER_DEBUG);
- die(api_error($a, $type, sprintf(t("Daily posting limit of %d posts reached. The post was rejected."), $throttle_day)));
+ #die(api_error($a, $type, sprintf(t("Daily posting limit of %d posts reached. The post was rejected."), $throttle_day)));
+ throw new TooManyRequestsException(sprintf(t("Daily posting limit of %d posts reached. The post was rejected."), $throttle_day));
}
}
@@ -927,7 +923,9 @@
if ($posts_week > $throttle_week) {
logger('Weekly posting limit reached for user '.api_user(), LOGGER_DEBUG);
- die(api_error($a, $type, sprintf(t("Weekly posting limit of %d posts reached. The post was rejected."), $throttle_week)));
+ #die(api_error($a, $type, sprintf(t("Weekly posting limit of %d posts reached. The post was rejected."), $throttle_week)));
+ throw new TooManyRequestsException(sprintf(t("Weekly posting limit of %d posts reached. The post was rejected."), $throttle_week));
+
}
}
@@ -946,7 +944,8 @@
if ($posts_month > $throttle_month) {
logger('Monthly posting limit reached for user '.api_user(), LOGGER_DEBUG);
- die(api_error($a, $type, sprintf(t("Monthly posting limit of %d posts reached. The post was rejected."), $throttle_month)));
+ #die(api_error($a, $type, sprintf(t("Monthly posting limit of %d posts reached. The post was rejected."), $throttle_month)));
+ throw new TooManyRequestsException(sprintf(t("Monthly posting limit of %d posts reached. The post was rejected."), $throttle_month));
}
}
@@ -1336,9 +1335,12 @@
$idlist = implode(",", $idarray);
- if ($idlist != "")
- $r = q("UPDATE `item` SET `unseen` = 0 WHERE `unseen` AND `id` IN (%s)", $idlist);
+ if ($idlist != "") {
+ $unseen = q("SELECT `id` FROM `item` WHERE `unseen` AND `id` IN (%s)", $idlist);
+ if ($unseen)
+ $r = q("UPDATE `item` SET `unseen` = 0 WHERE `unseen` AND `id` IN (%s)", $idlist);
+ }
$data = array('$statuses' => $ret);
switch($type){
@@ -1526,15 +1528,21 @@
if ($max_id > 0)
$sql_extra = ' AND `item`.`id` <= '.intval($max_id);
+ // Not sure why this query was so complicated. We should keep it here for a while,
+ // just to make sure that we really don't need it.
+ // FROM `item` INNER JOIN (SELECT `uri`,`parent` FROM `item` WHERE `id` = %d) AS `temp1`
+ // ON (`item`.`thr-parent` = `temp1`.`uri` AND `item`.`parent` = `temp1`.`parent`)
+
$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`,
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
- FROM `item` INNER JOIN (SELECT `uri`,`parent` FROM `item` WHERE `id` = %d) AS `temp1`
- ON (`item`.`thr-parent` = `temp1`.`uri` AND `item`.`parent` = `temp1`.`parent`), `contact`
- WHERE `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
- AND `item`.`uid` = %d AND `item`.`verb` = '%s' AND `contact`.`id` = `item`.`contact-id`
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
+ FROM `item`
+ INNER JOIN `contact` ON `contact`.`id` = `item`.`contact-id`
+ WHERE `item`.`parent` = %d AND `item`.`visible`
+ AND NOT `item`.`moderated` AND NOT `item`.`deleted`
+ AND `item`.`uid` = %d AND `item`.`verb` = '%s'
+ AND NOT `contact`.`blocked` AND NOT `contact`.`pending`
AND `item`.`id`>%d $sql_extra
ORDER BY `item`.`id` DESC LIMIT %d ,%d",
intval($id), intval(api_user()),
@@ -1552,6 +1560,7 @@
return api_apply_template("timeline", $type, $data);
}
api_register_func('api/conversation/show','api_conversation_show', true);
+ api_register_func('api/statusnet/conversation','api_conversation_show', true);
/**
@@ -1693,13 +1702,13 @@
`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
- FROM `item`, `contact`
+ FROM `item` FORCE INDEX (`uid_id`), `contact`
WHERE `item`.`uid` = %d AND `verb` = '%s'
AND NOT (`item`.`author-link` IN ('https://%s', 'http://%s'))
- AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
+ AND `item`.`visible` AND NOT `item`.`moderated` AND NOT `item`.`deleted`
AND `contact`.`id` = `item`.`contact-id`
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- AND `item`.`parent` IN (SELECT `iid` from thread where uid = %d AND `mention` AND !`ignored`)
+ AND NOT `contact`.`blocked` AND NOT `contact`.`pending`
+ AND `item`.`parent` IN (SELECT `iid` FROM `thread` WHERE `uid` = %d AND `mention` AND !`ignored`)
$sql_extra
AND `item`.`id`>%d
ORDER BY `item`.`id` DESC LIMIT %d ,%d ",
@@ -1814,7 +1823,7 @@
$action_argv_id=2;
if ($a->argv[1]=="1.1") $action_argv_id=3;
- if ($a->argc<=$action_argv_id) die(api_error($a, $type, t("Invalid request.")));
+ if ($a->argc<=$action_argv_id) throw new BadRequestException("Invalid request.");
$action = str_replace(".".$type,"",$a->argv[$action_argv_id]);
if ($a->argc==$action_argv_id+2) {
$itemid = intval($a->argv[$action_argv_id+1]);
@@ -2060,6 +2069,16 @@
$statushtml = trim(bbcode($body, false, false));
+ $search = array("
", "", "
",
+ "", "
", "", "
",
+ "", "
", "", "
",
+ "", "
", "", "
");
+ $replace = array("
\n", "\n", "
\n",
+ "\n", "
\n", "\n", "
\n",
+ "\n", "
\n", "\n", "
\n",
+ "\n", "
\n", "\n", "
\n");
+ $statushtml = str_replace($search, $replace, $statushtml);
+
if ($item['title'] != "")
$statushtml = "".bbcode($item['title'])."
\n".$statushtml;
@@ -2852,7 +2871,7 @@
$scale_sql = ($scale === false ? "" : sprintf("and scale=%d",intval($scale)));
$data_sql = ($scale === false ? "" : "data, ");
- $r = q("select %s `resource-id`, `created`, `edited`, `title`, `desc`, `album`, `filename`,
+ $r = q("select %s `resource-id`, `created`, `edited`, `title`, `desc`, `album`, `filename`,
`type`, `height`, `width`, `datasize`, `profile`, min(`scale`) as minscale, max(`scale`) as maxscale
from photo where `uid` = %d and `resource-id` = '%s' %s group by `resource-id`",
$data_sql,
@@ -3106,42 +3125,37 @@
$Text = preg_replace("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism",'[url=$1]$1[/url]',$Text);
}
- $Text = preg_replace_callback("((.*?)\[class=(.*?)\](.*?)\[\/class\])ism","api_cleanup_share",$Text);
+ // Simplify "attachment" element
+ $Text = api_clean_attachments($Text);
+
return($Text);
}
- function api_cleanup_share($shared) {
- if ($shared[2] != "type-link")
- return($shared[0]);
-
- if (!preg_match_all("/\[bookmark\=([^\]]*)\](.*?)\[\/bookmark\]/ism",$shared[3], $bookmark))
- return($shared[0]);
-
- $title = "";
- $link = "";
-
- if (isset($bookmark[2][0]))
- $title = $bookmark[2][0];
-
- if (isset($bookmark[1][0]))
- $link = $bookmark[1][0];
+ /**
+ * @brief Removes most sharing information for API text export
+ *
+ * @param string $body The original body
+ *
+ * @return string Cleaned body
+ */
+ function api_clean_attachments($body) {
+ $data = get_attachment_data($body);
- if (strpos($shared[1],$title) !== false)
- $title = "";
+ if (!$data)
+ return $body;
- if (strpos($shared[1],$link) !== false)
- $link = "";
+ $body = "";
- $text = trim($shared[1]);
+ if (isset($data["text"]))
+ $body = $data["text"];
- //if (strlen($text) < strlen($title))
- if (($text == "") AND ($title != ""))
- $text .= "\n\n".trim($title);
+ if (($body == "") AND (isset($data["title"])))
+ $body = $data["title"];
- if ($link != "")
- $text .= "\n".trim($link);
+ if (isset($data["url"]))
+ $body .= "\n".$data["url"];
- return(trim($text));
+ return $body;
}
function api_best_nickname(&$contacts) {
@@ -3457,7 +3471,7 @@
$nm->setSeen($note);
if ($note['otype']=='item') {
// would be really better with an ItemsManager and $im->getByID() :-P
- $r = q("SELECT * FROM item WHERE id=%d AND uid=%d",
+ $r = q("SELECT * FROM `item` WHERE `id`=%d AND `uid`=%d",
intval($note['iid']),
intval(local_user())
);