X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fapi.php;h=8e89895ded26fb68eb8eeb71610536d4cd4732a4;hb=c18622caf999e2ddf7e2cda5bf4a50d6506c3931;hp=88736e1f0df1370da9520cf05db119a1b417a54d;hpb=0649d2c3934f5b9548bea32e2d17aa830104162d;p=friendica.git diff --git a/include/api.php b/include/api.php index 88736e1f0d..8e89895ded 100644 --- a/include/api.php +++ b/include/api.php @@ -175,6 +175,7 @@ function api_register_func($path, $func, $auth = false, $method = API_METHOD_ANY * Simple Auth allow username in form of 
user@server
, ignoring server part * * @param App $a App + * @param bool $do_login try to log in when not logged in, otherwise quit silently * @throws ForbiddenException * @throws InternalServerErrorException * @throws UnauthorizedException @@ -185,8 +186,10 @@ function api_register_func($path, $func, $auth = false, $method = API_METHOD_ANY * 'authenticated' => return status, * 'user_record' => return authenticated user record */ -function api_login(App $a) +function api_login(App $a, bool $do_login = true) { + $_SESSION["allow_api"] = false; + // workaround for HTTP-auth in CGI mode if (!empty($_SERVER['REDIRECT_REMOTE_USER'])) { $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)); @@ -216,6 +219,10 @@ function api_login(App $a) Logger::warning(API_LOG_PREFIX . 'OAuth error', ['module' => 'api', 'action' => 'login', 'exception' => $e->getMessage()]); } + if (!$do_login) { + return; + } + Logger::debug(API_LOG_PREFIX . 'failed', ['module' => 'api', 'action' => 'login', 'parameters' => $_SERVER]); header('WWW-Authenticate: Basic realm="Friendica"'); throw new UnauthorizedException("This API requires login"); @@ -257,6 +264,9 @@ function api_login(App $a) } if (!DBA::isResult($record)) { + if (!$do_login) { + return; + } Logger::debug(API_LOG_PREFIX . 'failed', ['module' => 'api', 'action' => 'login', 'parameters' => $_SERVER]); header('WWW-Authenticate: Basic realm="Friendica"'); //header('HTTP/1.0 401 Unauthorized'); @@ -1176,12 +1186,12 @@ function api_statuses_update($type) INNER JOIN `user` ON `user`.`uid` = `photo`.`uid` WHERE `resource-id` IN (SELECT `resource-id` FROM `photo` WHERE `id` = ?) AND `photo`.`uid` = ? ORDER BY `photo`.`width` DESC LIMIT 2", $id, api_user())); - + if (!empty($media)) { $ressources[] = $media[0]['resource-id']; $phototypes = Images::supportedTypes(); $ext = $phototypes[$media[0]['type']]; - + $attachment = ['type' => Post\Media::IMAGE, 'mimetype' => $media[0]['type'], 'url' => DI::baseUrl() . '/photo/' . $media[0]['resource-id'] . '-' . $media[0]['scale'] . '.' . $ext, 'size' => $media[0]['datasize'], @@ -1189,7 +1199,7 @@ function api_statuses_update($type) 'description' => $media[0]['desc'] ?? '', 'width' => $media[0]['width'], 'height' => $media[0]['height']]; - + if (count($media) > 1) { $attachment['preview'] = DI::baseUrl() . '/photo/' . $media[1]['resource-id'] . '-' . $media[1]['scale'] . '.' . $ext; $attachment['preview-width'] = $media[1]['width'];