X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fapi.php;h=5e80e0f0a317c54020177d021e4250c4d028e164;hb=34e7206ba49b2835ce21a762a59a8a3626f29b60;hp=2da183f01925eb1651d8fe46c41a7ff28d6d7a1e;hpb=af1d4bb632aa1f6c9fb9f756f1d8606f9fe947e1;p=friendica.git diff --git a/include/api.php b/include/api.php index 2da183f019..5e80e0f0a3 100644 --- a/include/api.php +++ b/include/api.php @@ -1,9 +1,9 @@ user); @@ -108,11 +119,11 @@ if (strpos($a->query_string, $p)===0){ $called_api= explode("/",$p); //unset($_SERVER['PHP_AUTH_USER']); - if ($info['auth']===true && local_user()===false) { + if ($info['auth']===true && api_user()===false) { api_login($a); } - load_contact_links(local_user()); + load_contact_links(api_user()); logger('API call for ' . $a->user['username'] . ': ' . $a->query_string); logger('API parameters: ' . print_r($_REQUEST,true)); @@ -156,6 +167,7 @@ //echo "
"; var_dump($r); die();
 			}
 		}
+		header("HTTP/1.1 404 Not Found");
 		logger('API call not implemented: '.$a->query_string." - ".print_r($_REQUEST,true));
 		$r = 'not implemented';
 		switch($type){
@@ -218,7 +230,7 @@
 		if(is_null($user) && x($_GET, 'screen_name')) {
 			$user = dbesc($_GET['screen_name']);	
 			$extra_query = "AND `contact`.`nick` = '%s' ";
-			if (local_user()!==false)  $extra_query .= "AND `contact`.`uid`=".intval(local_user());
+			if (api_user()!==false)  $extra_query .= "AND `contact`.`uid`=".intval(api_user());
 			
 		}
 		
@@ -231,12 +243,12 @@
 			} else {
 				$user = dbesc($user);
 				$extra_query = "AND `contact`.`nick` = '%s' ";
-				if (local_user()!==false)  $extra_query .= "AND `contact`.`uid`=".intval(local_user());
+				if (api_user()!==false)  $extra_query .= "AND `contact`.`uid`=".intval(api_user());
 			}
 		}
 		
 		if (! $user) {
-			if (local_user()===false) {
+			if (api_user()===false) {
 				api_login($a); return False;
 			} else {
 				$user = $_SESSION['uid'];
@@ -258,10 +270,10 @@
 		
 		if($uinfo[0]['self']) {
 			$usr = q("select * from user where uid = %d limit 1",
-				intval(local_user())
+				intval(api_user())
 			);
 			$profile = q("select * from profile where uid = %d and `is-default` = 1 limit 1",
-				intval(local_user())
+				intval(api_user())
 			);
 
 			// count public wall messages
@@ -438,6 +450,11 @@
 			case "xml":
 				$data = array_xmlify($data);
 				$tpl = get_markup_template("api_".$templatename."_".$type.".tpl");
+				if(! $tpl) {
+					header ("Content-Type: text/xml");
+					echo ''."\n".'not implemented';
+					killme();
+				}
 				$ret = replace_macros($tpl, $data);
 				break;
 			case "json":
@@ -457,7 +474,7 @@
 	 * http://developer.twitter.com/doc/get/account/verify_credentials
 	 */
 	function api_account_verify_credentials(&$a, $type){
-		if (local_user()===false) return false;
+		if (api_user()===false) return false;
 		$user_info = api_get_user($a);
 		
 		return api_apply_template("user", $type, array('$user' => $user_info));
@@ -481,16 +498,17 @@
 
 /*Waitman Gobble Mod*/
         function api_statuses_mediap(&$a, $type) {
-                if (local_user()===false) {
+                if (api_user()===false) {
                         logger('api_statuses_update: no user');
                         return false;
                 }
                 $user_info = api_get_user($a);
 
                 $_REQUEST['type'] = 'wall';
-                $_REQUEST['profile_uid'] = local_user();
+                $_REQUEST['profile_uid'] = api_user();
                 $_REQUEST['api_source'] = true;
-                $txt = urldecode(requestdata('status'));
+                $txt = requestdata('status');
+                //$txt = urldecode(requestdata('status'));
 
                 require_once('library/HTMLPurifier.auto.php');
                 require_once('include/html2bbcode.php');
@@ -503,13 +521,13 @@
                         $txt = $purifier->purify($txt);
 		}
 		$txt = html2bbcode($txt);
-		
+
                 $a->argv[1]=$user_info['screen_name']; //should be set to username?
-		
+
 		$_REQUEST['hush']='yeah'; //tell wall_upload function to return img info instead of echo
                 require_once('mod/wall_upload.php');
 		$bebop = wall_upload_post($a);
-                
+
 		//now that we have the img url in bbcode we can add it to the status and insert the wall item.
                 $_REQUEST['body']=$txt."\n\n".$bebop;
                 require_once('mod/item.php');
@@ -523,7 +541,7 @@
 
 
 	function api_statuses_update(&$a, $type) {
-		if (local_user()===false) {
+		if (api_user()===false) {
 			logger('api_statuses_update: no user');
 			return false;
 		}
@@ -554,7 +572,10 @@
 
 		}
 		else
-			$_REQUEST['body'] = urldecode(requestdata('status'));
+			$_REQUEST['body'] = requestdata('status');
+			//$_REQUEST['body'] = urldecode(requestdata('status'));
+
+		$_REQUEST['title'] = requestdata('title');
 
 		$parent = requestdata('in_reply_to_status_id');
 		if(ctype_digit($parent))
@@ -564,19 +585,20 @@
 
 		if(requestdata('lat') && requestdata('long'))
 			$_REQUEST['coord'] = sprintf("%s %s",requestdata('lat'),requestdata('long'));
-		$_REQUEST['profile_uid'] = local_user();
-		if(requestdata('parent'))
+		$_REQUEST['profile_uid'] = api_user();
+
+		if($parent)
 			$_REQUEST['type'] = 'net-comment';
 		else {
 			$_REQUEST['type'] = 'wall';
-                        if(x($_FILES,'media')) {
-		                // upload the image if we have one
-		                $_REQUEST['hush']='yeah'; //tell wall_upload function to return img info instead of echo
-			        require_once('mod/wall_upload.php');
-			        $media = wall_upload_post($a);
-		                if(strlen($media)>0)
-				        $_REQUEST['body'] .= "\n\n".$media;
-			        }
+			if(x($_FILES,'media')) {
+				// upload the image if we have one
+				$_REQUEST['hush']='yeah'; //tell wall_upload function to return img info instead of echo
+				require_once('mod/wall_upload.php');
+				$media = wall_upload_post($a);
+				if(strlen($media)>0)
+					$_REQUEST['body'] .= "\n\n".$media;
+			}
 		}
 
 		// set this so that the item_post() function is quiet and doesn't redirect or emit json
@@ -612,7 +634,7 @@
 
 		if (count($lastwall)>0){
 			$lastwall = $lastwall[0];
-			
+
 			$in_reply_to_status_id = '';
 			$in_reply_to_user_id = '';
 			$in_reply_to_screen_name = '';
@@ -620,14 +642,14 @@
 				$in_reply_to_status_id=$lastwall['parent'];
 				$in_reply_to_user_id = $lastwall['reply_uid'];
 				$in_reply_to_screen_name = $lastwall['reply_author'];
-			}  
+			}
 			$status_info = array(
-				'text' => html2plain(bbcode($lastwall['body']), 0),
+				'text' => html2plain(bbcode($lastwall['body'], false, false, true), 0),
 				'truncated' => false,
 				'created_at' => api_date($lastwall['created']),
 				'in_reply_to_status_id' => $in_reply_to_status_id,
 				'source' => (($lastwall['app']) ? $lastwall['app'] : 'web'),
-				'id' => $lastwall['contact-id'],
+				'id' => $lastwall['id'],
 				'in_reply_to_user_id' => $in_reply_to_user_id,
 				'in_reply_to_screen_name' => $in_reply_to_screen_name,
 				'geo' => '',
@@ -677,11 +699,11 @@
 				$in_reply_to_status_id=$lastwall['parent'];
 				$in_reply_to_user_id = $lastwall['reply_uid'];
 				$in_reply_to_screen_name = $lastwall['reply_author'];
-			}  
+			}
 			$user_info['status'] = array(
 				'created_at' => api_date($lastwall['created']),
 				'id' => $lastwall['contact-id'],
-				'text' => html2plain(bbcode($lastwall['body']), 0),
+				'text' => html2plain(bbcode($lastwall['body'], false, false, true), 0),
 				'source' => (($lastwall['app']) ? $lastwall['app'] : 'web'),
 				'truncated' => false,
 				'in_reply_to_status_id' => $in_reply_to_status_id,
@@ -707,7 +729,7 @@
 	 * TODO: Add reply info
 	 */
 	function api_statuses_home_timeline(&$a, $type){
-		if (local_user()===false) return false;
+		if (api_user()===false) return false;
 
 		$user_info = api_get_user($a);
 		// get last newtork messages
@@ -719,8 +741,9 @@
 		if ($page<0) $page=0;
 		$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
 		$max_id = (x($_REQUEST,'max_id')?$_REQUEST['max_id']:0);
-		$exclude_replies = (x($_REQUEST,'exclude_replies')?1:0);
 		//$since_id = 0;//$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
+		$exclude_replies = (x($_REQUEST,'exclude_replies')?1:0);
+		$conversation_id = (x($_REQUEST,'conversation_id')?$_REQUEST['conversation_id']:0);
 
 		$start = $page*$count;
 
@@ -731,6 +754,8 @@
 			$sql_extra .= ' AND `item`.`id` <= '.intval($max_id);
 		if ($exclude_replies > 0)
 			$sql_extra .= ' AND `item`.`parent` = `item`.`id`';
+		if ($conversation_id > 0)
+			$sql_extra .= ' AND `item`.`parent` = '.intval($conversation_id);
 
 		$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
 			`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
@@ -751,6 +776,15 @@
 
 		$ret = api_format_items($r,$user_info);
 
+		// We aren't going to try to figure out at the item, group, and page
+		// level which items you've seen and which you haven't. If you're looking
+		// at the network timeline just mark everything seen. 
+	
+		$r = q("UPDATE `item` SET `unseen` = 0 
+			WHERE `unseen` = 1 AND `uid` = %d",
+			intval($user_info['uid'])
+		);
+
 
 		$data = array('$statuses' => $ret);
 		switch($type){
@@ -772,7 +806,7 @@
 	api_register_func('api/statuses/friends_timeline','api_statuses_home_timeline', true);
 
 	function api_statuses_public_timeline(&$a, $type){
-		if (local_user()===false) return false;
+		if (api_user()===false) return false;
 
 		$user_info = api_get_user($a);
 		// get last newtork messages
@@ -785,6 +819,8 @@
 		$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
 		$max_id = (x($_REQUEST,'max_id')?$_REQUEST['max_id']:0);
 		//$since_id = 0;//$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
+		$exclude_replies = (x($_REQUEST,'exclude_replies')?1:0);
+		$conversation_id = (x($_REQUEST,'conversation_id')?$_REQUEST['conversation_id']:0);
 
 		$start = $page*$count;
 
@@ -792,6 +828,10 @@
 
 		if ($max_id > 0)
 			$sql_extra = 'AND `item`.`id` <= '.intval($max_id);
+		if ($exclude_replies > 0)
+			$sql_extra .= ' AND `item`.`parent` = `item`.`id`';
+		if ($conversation_id > 0)
+			$sql_extra .= ' AND `item`.`parent` = '.intval($conversation_id);
 
 		/*$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
 			`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
@@ -854,7 +894,7 @@
 	 * 
 	 */
 	function api_statuses_show(&$a, $type){
-		if (local_user()===false) return false;
+		if (api_user()===false) return false;
 
 		$user_info = api_get_user($a);
 
@@ -906,7 +946,7 @@
 	 * 
 	 */
 	function api_statuses_repeat(&$a, $type){
-		if (local_user()===false) return false;
+		if (api_user()===false) return false;
 
 		$user_info = api_get_user($a);
 
@@ -918,7 +958,7 @@
 		//$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false);
 
 		$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `contact`.`nick` as `reply_author`,
-			`contact`.`name`, `contact`.`photo`, `contact`.`url` as `reply_url`, `contact`.`rel`,
+			`contact`.`name`, `contact`.`photo` as `reply_photo`, `contact`.`url` as `reply_url`, `contact`.`rel`,
 			`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
 			`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
 			FROM `item`, `contact`
@@ -931,8 +971,19 @@
 		);
 
 		if ($r[0]['body'] != "") {
-			$_REQUEST['body'] = html_entity_decode("♲ ", ENT_QUOTES, 'UTF-8')."[url=".$r[0]['reply_url']."]".$r[0]['reply_author']."[/url] \n".$r[0]['body'];
-			$_REQUEST['profile_uid'] = local_user();
+			if (intval(get_config('system','new_share'))) {
+				$post = "[share author='".str_replace("'", "'", $r[0]['reply_author']).
+						"' profile='".$r[0]['reply_url'].
+						"' avatar='".$r[0]['reply_photo'].
+						"' link='".$r[0]['plink']."']";
+
+				$post .= $r[0]['body'];
+				$post .= "[/share]";
+				$_REQUEST['body'] = $post;
+			} else
+				$_REQUEST['body'] = html_entity_decode("♲ ", ENT_QUOTES, 'UTF-8')."[url=".$r[0]['reply_url']."]".$r[0]['reply_author']."[/url] \n".$r[0]['body'];
+
+			$_REQUEST['profile_uid'] = api_user();
 			$_REQUEST['type'] = 'wall';
 			$_REQUEST['api_source'] = true;
 
@@ -953,7 +1004,7 @@
 	 * 
 	 */
 	function api_statuses_destroy(&$a, $type){
-		if (local_user()===false) return false;
+		if (api_user()===false) return false;
 
 		$user_info = api_get_user($a);
 
@@ -980,7 +1031,7 @@
 	 * 
 	 */
 	function api_statuses_mentions(&$a, $type){
-		if (local_user()===false) return false;
+		if (api_user()===false) return false;
 				
 		$user_info = api_get_user($a);
 		// get last newtork messages
@@ -1000,21 +1051,27 @@
 
 		$myurl = $a->get_baseurl() . '/profile/'. $a->user['nickname'];
 		$myurl = substr($myurl,strpos($myurl,'://')+3);
-		$myurl = str_replace(array('www.','.'),array('','\\.'),$myurl);
+		//$myurl = str_replace(array('www.','.'),array('','\\.'),$myurl);
+		$myurl = str_replace('www.','',$myurl);
 		$diasp_url = str_replace('/profile/','/u/',$myurl);
 
-		if (get_config('system','use_fulltext_engine'))
-                        $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where (MATCH(`author-link`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(`tag`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode))) ",
-                                dbesc(protect_sprintf($myurl)),
-                                dbesc(protect_sprintf($myurl)),
-                                dbesc(protect_sprintf($diasp_url))
-                        );
-                else
-                        $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ",
-                                dbesc(protect_sprintf('%' . $myurl)),
-                                dbesc(protect_sprintf('%' . $myurl . ']%')),
-                                dbesc(protect_sprintf('%' . $diasp_url . ']%'))
-                        );
+/*		if (get_config('system','use_fulltext_engine'))
+			$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where (MATCH(`author-link`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(`tag`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode))) ",
+				dbesc(protect_sprintf($myurl)),
+				dbesc(protect_sprintf($myurl)),
+				dbesc(protect_sprintf($diasp_url))
+			);
+		else
+			$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ",
+				dbesc(protect_sprintf('%' . $myurl)),
+				dbesc(protect_sprintf('%' . $myurl . ']%')),
+				dbesc(protect_sprintf('%' . $diasp_url . ']%'))
+			);
+*/
+		$sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where `author-link` IN ('https://%s', 'http://%s') OR `mention`)",
+			dbesc(protect_sprintf($myurl)),
+			dbesc(protect_sprintf($myurl))
+		);
 
 		if ($max_id > 0)
 			$sql_extra .= ' AND `item`.`id` <= '.intval($max_id);
@@ -1060,13 +1117,13 @@
 
 
 	function api_statuses_user_timeline(&$a, $type){
-		if (local_user()===false) return false;
+		if (api_user()===false) return false;
 		
 		$user_info = api_get_user($a);
 		// get last newtork messages
 
 
-		logger("api_statuses_user_timeline: local_user: ". local_user() .
+		logger("api_statuses_user_timeline: api_user: ". api_user() .
 			   "\nuser_info: ".print_r($user_info, true) .
 			   "\n_REQUEST:  ".print_r($_REQUEST, true),
 			   LOGGER_DEBUG);
@@ -1076,14 +1133,19 @@
 		$page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
 		if ($page<0) $page=0;
 		$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
-		$exclude_replies = (x($_REQUEST,'exclude_replies')?1:0);
 		//$since_id = 0;//$since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0);
-		
+		$exclude_replies = (x($_REQUEST,'exclude_replies')?1:0);
+		$conversation_id = (x($_REQUEST,'conversation_id')?$_REQUEST['conversation_id']:0);
+
 		$start = $page*$count;
 
 		$sql_extra = '';
 		if ($user_info['self']==1) $sql_extra .= " AND `item`.`wall` = 1 ";
-		if ($exclude_replies > 0)  $sql_extra .= ' AND `item`.`parent` = `item`.`id`';
+
+		if ($exclude_replies > 0)
+			$sql_extra .= ' AND `item`.`parent` = `item`.`id`';
+		if ($conversation_id > 0)
+			$sql_extra .= ' AND `item`.`parent` = '.intval($conversation_id);
 
 		$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, 
 			`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
@@ -1098,7 +1160,7 @@
 			$sql_extra
 			AND `item`.`id`>%d
 			ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
-			intval(local_user()),
+			intval(api_user()),
 			intval($user_info['id']),
 			intval($since_id),
 			intval($start),	intval($count)
@@ -1121,7 +1183,7 @@
 
 
 	function api_favorites(&$a, $type){
-		if (local_user()===false) return false;
+		if (api_user()===false) return false;
 
 		$user_info = api_get_user($a);
 		// in friendica starred item are private
@@ -1237,6 +1299,40 @@
 		return($as);
 	}
 
+	function api_format_messages($item, $recipient, $sender) {
+		// standard meta information
+		$ret=Array(
+				'id'                    => $item['id'],
+				'created_at'            => api_date($item['created']),
+				'sender_id'             => $sender['id'] ,
+				'sender_screen_name'    => $sender['screen_name'],
+				'sender'                => $sender,
+				'recipient_id'          => $recipient['id'],
+				'recipient_screen_name' => $recipient['screen_name'],
+				'recipient'             => $recipient,
+		);
+
+		//don't send title to regular StatusNET requests to avoid confusing these apps
+		if (x($_GET, 'getText')) {
+			$ret['title'] = $item['title'] ;
+			if ($_GET["getText"] == "html") {
+				$ret['text'] = bbcode($item['body']);
+			}
+			elseif ($_GET["getText"] == "plain") {
+				$ret['text'] = html2plain(bbcode($item['body'], false, false, true), 0);
+			}
+		}
+		else {
+			$ret['text'] = $item['title']."\n".html2plain(bbcode($item['body'], false, false, true), 0);
+		}
+		if (isset($_GET["getUserObjects"]) && $_GET["getUserObjects"] == "false") {
+			unset($ret['sender']);
+			unset($ret['recipient']);
+		}
+
+		return $ret;
+	}
+
 	function api_format_items($r,$user_info) {
 
 		//logger('api_format_items: ' . print_r($r,true));
@@ -1271,7 +1367,7 @@
 			}
 
 			// Workaround for ostatus messages where the title is identically to the body
-			$statusbody = trim(html2plain(bbcode($item['body']), 0));
+			$statusbody = trim(html2plain(bbcode($item['body'], false, false, true), 0));
 			$statustitle = trim($item['title']);
 
 			if (($statustitle != '') and (strpos($statusbody, $statustitle) !== false))
@@ -1351,7 +1447,7 @@
 		return api_apply_template('test', $type, array('$ok' => $ok));
 
 	}
-	api_register_func('api/help/test','api_help_test',true);
+	api_register_func('api/help/test','api_help_test',false);
 
 	/**
 	 *  https://dev.twitter.com/docs/api/1/get/statuses/friends 
@@ -1359,7 +1455,7 @@
 	 *  returns: json, xml 
 	 **/
 	function api_statuses_f(&$a, $type, $qtype) {
-		if (local_user()===false) return false;
+		if (api_user()===false) return false;
 		$user_info = api_get_user($a);
 		
 		
@@ -1385,7 +1481,7 @@
 			$sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_FOLLOWER), intval(CONTACT_IS_FRIEND));
  
 		$r = q("SELECT id FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra",
-			intval(local_user())
+			intval(api_user())
 		);
 
 		$ret = array();
@@ -1467,7 +1563,7 @@
 
 
 	function api_ff_ids(&$a,$type,$qtype) {
-		if(! local_user())
+		if(! api_user())
 			return false;
 
 		if($qtype == 'friends')
@@ -1477,7 +1573,7 @@
  
 
 		$r = q("SELECT id FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra",
-			intval(local_user())
+			intval(api_user())
 		);
 
 		if(is_array($r)) {
@@ -1510,7 +1606,7 @@
 
 
 	function api_direct_messages_new(&$a, $type) {
-		if (local_user()===false) return false;
+		if (api_user()===false) return false;
 		
 		if (!x($_POST, "text") || !x($_POST,"screen_name")) return;
 
@@ -1519,17 +1615,17 @@
 		require_once("include/message.php");
 
 		$r = q("SELECT `id` FROM `contact` WHERE `uid`=%d AND `nick`='%s'",
-				intval(local_user()),
+				intval(api_user()),
 				dbesc($_POST['screen_name']));
 
 		$recipient = api_get_user($a, $r[0]['id']);			
 		$replyto = '';
 		$sub     = '';
 		if (x($_REQUEST,'replyto')) {
-			$r = q('SELECT `uri`, `title` FROM `mail` WHERE `uid`=%d AND `id`=%d',
-					intval(local_user()),
+			$r = q('SELECT `parent-uri`, `title` FROM `mail` WHERE `uid`=%d AND `id`=%d',
+					intval(api_user()),
 					intval($_REQUEST['replyto']));
-			$replyto = $r[0]['uri'];
+			$replyto = $r[0]['parent-uri'];
 			$sub     = $r[0]['title'];
 		}
 		else {
@@ -1545,20 +1641,7 @@
 
 		if ($id>-1) {
 			$r = q("SELECT * FROM `mail` WHERE id=%d", intval($id));
-			$item = $r[0];
-			$ret=Array(
-					'id' => $item['id'],
-					'created_at'=> api_date($item['created']),
-					'sender_id'=> $sender['id'] ,
-					'sender_screen_name'=> $sender['screen_name'],
-					'sender'=> $sender,
-					'recipient_id'=> $recipient['id'],
-					'recipient_screen_name'=> $recipient['screen_name'],
-					'recipient'=> $recipient,
-					
-					'text'=> $item['title']."\n".html2plain(bbcode($item['body']), 0) ,
-					
-			);
+			$ret = api_format_messages($r[0], $recipient, $sender);
 		
 		} else {
 			$ret = array("error"=>$id);	
@@ -1577,8 +1660,8 @@
 	}
 	api_register_func('api/direct_messages/new','api_direct_messages_new',true);
 
-    function api_direct_messages_box(&$a, $type, $box) {
-		if (local_user()===false) return false;
+	function api_direct_messages_box(&$a, $type, $box) {
+		if (api_user()===false) return false;
 		
 		$user_info = api_get_user($a);
 		
@@ -1589,58 +1672,37 @@
 		
 		$start = $page*$count;
 		
-    $profile_url = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
+		$profile_url = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
 		if ($box=="sentbox") {
 			$sql_extra = "`from-url`='".dbesc( $profile_url )."'";
-		} elseif ($box=="conversation") {
-      $sql_extra = "`parent-uri`='".dbesc( $_GET["uri"] )  ."'";
-		} elseif ($box=="all") {
-      $sql_extra = "true";
-		} elseif ($box=="inbox") {
+		}
+		elseif ($box=="conversation") {
+			$sql_extra = "`parent-uri`='".dbesc( $_GET["uri"] )  ."'";
+		}
+		elseif ($box=="all") {
+			$sql_extra = "true";
+		}
+		elseif ($box=="inbox") {
 			$sql_extra = "`from-url`!='".dbesc( $profile_url )."'";
 		}
 		
 		$r = q("SELECT * FROM `mail` WHERE uid=%d AND $sql_extra ORDER BY created DESC LIMIT %d,%d",
-				intval(local_user()),
+				intval(api_user()),
 				intval($start),	intval($count)
 		);
 		
 		$ret = Array();
-		foreach($r as $item){
+		foreach($r as $item) {
 			if ($box == "inbox" || $item['from-url'] != $profile_url){
-					$recipient = $user_info;
-					$sender = api_get_user($a,$item['contact-id']);
-      } elseif ($box == "sentbox" || $item['from-url'] != $profile_url){
-					$recipient = api_get_user($a,$item['contact-id']);
-					$sender = $user_info;
+				$recipient = $user_info;
+				$sender = api_get_user($a,$item['contact-id']);
 			}
-				
-			$d=Array(
-				'id' => $item['id'],
-				'created_at'=> api_date($item['created']),
-				'sender_id'=> $sender['id'] ,
-				'sender_screen_name'=> $sender['screen_name'],
-				'sender_profile_img'=> $item['from-photo'],
-				'sender'=> $sender,
-				'recipient_id'=> $recipient['id'],
-				'recipient_screen_name'=> $recipient['screen_name'],
-				'recipient'=> $recipient,
-			);
-      //don't send title to regular StatusNET requests to avoid confusing these apps
-			if (isset($_GET["getText"])) {
-        $d['title'] = $item['title'] ;
-        if ($_GET["getText"] == "html") {
-          $d['text'] = bbcode($item['body']);
-        } elseif ($_GET["getText"] == "plain") {
-          $d['text'] = html2plain(bbcode($item['body']), 0);
-        }
-      } else {
-        $d['text'] = $item['title']."\n".html2plain(bbcode($item['body']), 0);
-      }
-      if (isset($_GET["getUserObjects"]) && $_GET["getUserObjects"] == "false") {
-        unset($d['sender']); unset($d['recipient']);
-      }
-      $ret[]=$d;
+			elseif ($box == "sentbox" || $item['from-url'] != $profile_url){
+				$recipient = api_get_user($a,$item['contact-id']);
+				$sender = $user_info;
+			}
+
+			$ret[]=api_format_messages($item, $recipient, $sender);
 		}
 		
 
@@ -1724,4 +1786,6 @@ notifications/follow
 notifications/leave
 blocks/exists
 blocks/blocking
+lists
 */
+