X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fapi.php;h=c8a313ce198e764187d505ca3d61c6f077001b3e;hb=219932f692e09924685e34f5866135c6956dd347;hp=72c65f35d089b550a99c83e975d476231c269262;hpb=7b5018fb76d2464b1aa7c14d887cb714b9f62c4d;p=friendica.git diff --git a/include/api.php b/include/api.php index 72c65f35d0..c8a313ce19 100644 --- a/include/api.php +++ b/include/api.php @@ -1,4 +1,7 @@ $func, - 'auth'=>$auth); + $API[$path] = array('func'=>$func, 'auth'=>$auth); + + // Workaround for hotot + $path = str_replace("api/", "api/1.1/", $path); + $API[$path] = array('func'=>$func, 'auth'=>$auth); } /** @@ -59,9 +78,9 @@ // workaround for HTTP-auth in CGI mode if(x($_SERVER,'REDIRECT_REMOTE_USER')) { - $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"],6)) ; + $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"],6)) ; if(strlen($userpass)) { - list($name, $password) = explode(':', $userpass); + list($name, $password) = explode(':', $userpass); $_SERVER['PHP_AUTH_USER'] = $name; $_SERVER['PHP_AUTH_PW'] = $password; } @@ -71,34 +90,59 @@ logger('API_login: ' . print_r($_SERVER,true), LOGGER_DEBUG); header('WWW-Authenticate: Basic realm="Friendica"'); header('HTTP/1.0 401 Unauthorized'); - die((api_error(&$a, 'json', "This api requires login"))); + die((api_error($a, 'json', "This api requires login"))); //die('This api requires login'); } $user = $_SERVER['PHP_AUTH_USER']; - $encrypted = hash('whirlpool',trim($_SERVER['PHP_AUTH_PW'])); + $password = $_SERVER['PHP_AUTH_PW']; + $encrypted = hash('whirlpool',trim($password)); /** * next code from mod/auth.php. needs better solution */ + $record = null; - // process normal login request - - $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) - AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1", - dbesc(trim($user)), - dbesc(trim($user)), - dbesc($encrypted) + $addon_auth = array( + 'username' => trim($user), + 'password' => trim($password), + 'authenticated' => 0, + 'user_record' => null ); - if(count($r)){ - $record = $r[0]; - } else { - logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG); - header('WWW-Authenticate: Basic realm="Friendica"'); - header('HTTP/1.0 401 Unauthorized'); - die('This api requires login'); + + /** + * + * A plugin indicates successful login by setting 'authenticated' to non-zero value and returning a user record + * Plugins should never set 'authenticated' except to indicate success - as hooks may be chained + * and later plugins should not interfere with an earlier one that succeeded. + * + */ + + call_hooks('authenticate', $addon_auth); + + if(($addon_auth['authenticated']) && (count($addon_auth['user_record']))) { + $record = $addon_auth['user_record']; + } + else { + // process normal login request + + $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) + AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1", + dbesc(trim($user)), + dbesc(trim($user)), + dbesc($encrypted) + ); + if(count($r)) + $record = $r[0]; + } + + if((! $record) || (! count($record))) { + logger('API_login failure: ' . print_r($_SERVER,true), LOGGER_DEBUG); + header('WWW-Authenticate: Basic realm="Friendica"'); + header('HTTP/1.0 401 Unauthorized'); + die('This api requires login'); } require_once('include/security.php'); @@ -116,7 +160,6 @@ // preset $type="json"; - foreach ($API as $p=>$info){ if (strpos($a->query_string, $p)===0){ $called_api= explode("/",$p); @@ -148,7 +191,10 @@ case "json": header ("Content-Type: application/json"); foreach($r as $rr) - return json_encode($rr); + $json = json_encode($rr); + if ($_GET['callback']) + $json = $_GET['callback']."(".$json.")"; + return $json; break; case "rss": header ("Content-Type: application/rss+xml"); @@ -161,7 +207,7 @@ case "as": //header ("Content-Type: application/json"); //foreach($r as $rr) - // return json_encode($rr); + // return json_encode($rr); return json_encode($r); break; @@ -171,11 +217,12 @@ } header("HTTP/1.1 404 Not Found"); logger('API call not implemented: '.$a->query_string." - ".print_r($_REQUEST,true)); - return(api_error(&$a, $type, "not implemented")); + return(api_error($a, $type, "not implemented")); } function api_error(&$a, $type, $error) { + # TODO: https://dev.twitter.com/overview/api/response-codes $r = "".$error."".$a->query_string.""; switch($type){ case "xml": @@ -218,7 +265,7 @@ /** - * Unique contact to to contact url. + * Unique contact to contact url. */ function api_unique_id_to_url($id){ $r = q("SELECT url FROM unique_contacts WHERE id=%d LIMIT 1", @@ -239,6 +286,8 @@ $url = ""; $nick = ""; + logger("api_get_user: Fetching user data for user ".$contact_id, LOGGER_DEBUG); + // Searching for contact URL if(!is_null($contact_id) AND (intval($contact_id) == 0)){ $user = dbesc(normalise_link($contact_id)); @@ -276,7 +325,7 @@ if (api_user()!==false) $extra_query .= "AND `contact`.`uid`=".intval(api_user()); } - if (is_null($user) && $a->argc > (count($called_api)-1)){ + if (is_null($user) AND ($a->argc > (count($called_api)-1)) AND (count($called_api) > 0)){ $argid = count($called_api); list($user, $null) = explode(".",$a->argv[$argid]); if(is_numeric($user)){ @@ -296,6 +345,8 @@ } } + logger("api_get_user: user ".$user, LOGGER_DEBUG); + if (!$user) { if (api_user()===false) { api_login($a); return False; @@ -314,6 +365,9 @@ $user ); + // Selecting the id by priority, friendica first + api_best_nickname($uinfo); + // if the contact wasn't found, fetch it from the unique contacts if (count($uinfo)==0) { $r = array(); @@ -324,8 +378,13 @@ $r = q("SELECT * FROM unique_contacts WHERE nick='%s' LIMIT 1", $nick); if ($r) { + // If no nick where given, extract it from the address + if (($r[0]['nick'] == "") OR ($r[0]['name'] == $r[0]['nick'])) + $r[0]['nick'] = api_get_nick($r[0]["url"]); + $ret = array( 'id' => $r[0]["id"], + 'id_str' => (string) $r[0]["id"], 'name' => $r[0]["name"], 'screen_name' => (($r[0]['nick']) ? $r[0]['nick'] : $r[0]['name']), 'location' => NULL, @@ -349,6 +408,7 @@ 'uid' => 0, 'cid' => 0, 'self' => 0, + 'network' => '', ); return $ret; @@ -365,26 +425,26 @@ intval(api_user()) ); + //AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''", // count public wall messages - $r = q("SELECT COUNT(`id`) as `count` FROM `item` + $r = q("SELECT count(*) as `count` FROM `item` WHERE `uid` = %d - AND `type`='wall' - AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''", + AND `type`='wall'", intval($uinfo[0]['uid']) ); $countitms = $r[0]['count']; } else { - $r = q("SELECT COUNT(`id`) as `count` FROM `item` - WHERE `contact-id` = %d - AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''", + //AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''", + $r = q("SELECT count(*) as `count` FROM `item` + WHERE `contact-id` = %d", intval($uinfo[0]['id']) ); $countitms = $r[0]['count']; } // count friends - $r = q("SELECT COUNT(`id`) as `count` FROM `contact` + $r = q("SELECT count(*) as `count` FROM `contact` WHERE `uid` = %d AND `rel` IN ( %d, %d ) AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0", intval($uinfo[0]['uid']), @@ -393,7 +453,7 @@ ); $countfriends = $r[0]['count']; - $r = q("SELECT COUNT(`id`) as `count` FROM `contact` + $r = q("SELECT count(*) as `count` FROM `contact` WHERE `uid` = %d AND `rel` IN ( %d, %d ) AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0", intval($uinfo[0]['uid']), @@ -402,7 +462,7 @@ ); $countfollowers = $r[0]['count']; - $r = q("SELECT count(`id`) as `count` FROM item where starred = 1 and uid = %d and deleted = 0", + $r = q("SELECT count(*) as `count` FROM item where starred = 1 and uid = %d and deleted = 0", intval($uinfo[0]['uid']) ); $starred = $r[0]['count']; @@ -414,6 +474,11 @@ $starred = 0; } + // Add a nick if it isn't present there + if (($uinfo[0]['nick'] == "") OR ($uinfo[0]['name'] == $uinfo[0]['nick'])) { + $uinfo[0]['nick'] = api_get_nick($uinfo[0]["url"]); + } + // Fetching unique id $r = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1", dbesc(normalise_link($uinfo[0]['url']))); @@ -425,11 +490,15 @@ $r = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1", dbesc(normalise_link($uinfo[0]['url']))); } + require_once('include/contact_selectors.php'); + $network_name = network_to_name($uinfo[0]['network']); + $ret = Array( 'id' => intval($r[0]['id']), + 'id_str' => (string) intval($r[0]['id']), 'name' => (($uinfo[0]['name']) ? $uinfo[0]['name'] : $uinfo[0]['nick']), 'screen_name' => (($uinfo[0]['nick']) ? $uinfo[0]['nick'] : $uinfo[0]['name']), - 'location' => ($usr) ? $usr[0]['default-location'] : NULL, + 'location' => ($usr) ? $usr[0]['default-location'] : $network_name, 'description' => (($profile) ? $profile[0]['pdesc'] : NULL), 'profile_image_url' => $uinfo[0]['micro'], 'profile_image_url_https' => $uinfo[0]['micro'], @@ -437,19 +506,20 @@ 'protected' => false, 'followers_count' => intval($countfollowers), 'friends_count' => intval($countfriends), - 'created_at' => api_date($uinfo[0]['name-date']), + 'created_at' => api_date($uinfo[0]['created']), 'favourites_count' => intval($starred), - 'utc_offset' => "0", // To-Do - 'time_zone' => 'UTC', // To-Do $uinfo[0]['timezone'], + 'utc_offset' => "0", + 'time_zone' => 'UTC', 'statuses_count' => intval($countitms), - 'following' => true, //#XXX: fix me - 'verified' => true, //#XXX: fix me + 'following' => (($uinfo[0]['rel'] == CONTACT_IS_FOLLOWER) OR ($uinfo[0]['rel'] == CONTACT_IS_FRIEND)), + 'verified' => true, 'statusnet_blocking' => false, 'notifications' => false, 'statusnet_profile_url' => $a->get_baseurl()."/contacts/".$uinfo[0]['cid'], 'uid' => intval($uinfo[0]['uid']), 'cid' => intval($uinfo[0]['cid']), 'self' => $uinfo[0]['self'], + 'network' => $uinfo[0]['network'], ); return $ret; @@ -489,9 +559,17 @@ // Comments in threads may appear as wall-to-wall postings. // So only take the owner at the top posting. if ($item["id"] == $item["parent"]) - return api_get_user($a,$item["owner-link"]); + $status_user = api_get_user($a,$item["owner-link"]); else - return api_get_user($a,$item["author-link"]); + $status_user = api_get_user($a,$item["author-link"]); + + $status_user["protected"] = (($item["allow_cid"] != "") OR + ($item["allow_gid"] != "") OR + ($item["deny_cid"] != "") OR + ($item["deny_gid"] != "") OR + $item["private"]); + + return ($status_user); } @@ -519,6 +597,7 @@ $ret = $data; break; } + return $ret; } @@ -533,17 +612,30 @@ */ function api_account_verify_credentials(&$a, $type){ if (api_user()===false) return false; + + unset($_REQUEST["user_id"]); + unset($_GET["user_id"]); + + unset($_REQUEST["screen_name"]); + unset($_GET["screen_name"]); + + $skip_status = (x($_REQUEST,'skip_status')?$_REQUEST['skip_status']:false); + $user_info = api_get_user($a); // "verified" isn't used here in the standard unset($user_info["verified"]); // - Adding last status - $user_info["status"] = api_status_show($a,"raw"); - unset($user_info["status"]["user"]); + if (!$skip_status) { + $user_info["status"] = api_status_show($a,"raw"); + if (!count($user_info["status"])) + unset($user_info["status"]); + else + unset($user_info["status"]["user"]); + } - // "cid", "uid" and "self" are only needed for some internal stuff, so remove it from here - unset($user_info["cid"]); + // "uid" and "self" are only needed for some internal stuff, so remove it from here unset($user_info["uid"]); unset($user_info["self"]); @@ -567,46 +659,46 @@ } /*Waitman Gobble Mod*/ - function api_statuses_mediap(&$a, $type) { - if (api_user()===false) { - logger('api_statuses_update: no user'); - return false; - } - $user_info = api_get_user($a); - - $_REQUEST['type'] = 'wall'; - $_REQUEST['profile_uid'] = api_user(); - $_REQUEST['api_source'] = true; - $txt = requestdata('status'); - //$txt = urldecode(requestdata('status')); - - require_once('library/HTMLPurifier.auto.php'); - require_once('include/html2bbcode.php'); - - if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) { + function api_statuses_mediap(&$a, $type) { + if (api_user()===false) { + logger('api_statuses_update: no user'); + return false; + } + $user_info = api_get_user($a); + + $_REQUEST['type'] = 'wall'; + $_REQUEST['profile_uid'] = api_user(); + $_REQUEST['api_source'] = true; + $txt = requestdata('status'); + //$txt = urldecode(requestdata('status')); + + require_once('library/HTMLPurifier.auto.php'); + require_once('include/html2bbcode.php'); + + if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) { $txt = html2bb_video($txt); $config = HTMLPurifier_Config::createDefault(); - $config->set('Cache.DefinitionImpl', null); + $config->set('Cache.DefinitionImpl', null); $purifier = new HTMLPurifier($config); - $txt = $purifier->purify($txt); + $txt = $purifier->purify($txt); } $txt = html2bbcode($txt); - $a->argv[1]=$user_info['screen_name']; //should be set to username? + $a->argv[1]=$user_info['screen_name']; //should be set to username? $_REQUEST['hush']='yeah'; //tell wall_upload function to return img info instead of echo - require_once('mod/wall_upload.php'); + require_once('mod/wall_upload.php'); $bebop = wall_upload_post($a); //now that we have the img url in bbcode we can add it to the status and insert the wall item. - $_REQUEST['body']=$txt."\n\n".$bebop; - require_once('mod/item.php'); - item_post($a); - - // this should output the last post (the one we just posted). - return api_status_show($a,$type); - } - api_register_func('api/statuses/mediap','api_statuses_mediap', true); + $_REQUEST['body']=$txt."\n\n".$bebop; + require_once('mod/item.php'); + item_post($a); + + // this should output the last post (the one we just posted). + return api_status_show($a,$type); + } + api_register_func('api/statuses/mediap','api_statuses_mediap', true); /*Waitman Gobble Mod*/ @@ -615,6 +707,7 @@ logger('api_statuses_update: no user'); return false; } + $user_info = api_get_user($a); // convert $_POST array items to the form we use for web posts. @@ -659,6 +752,64 @@ if($parent) $_REQUEST['type'] = 'net-comment'; else { + // Check for throttling (maximum posts per day, week and month) + $throttle_day = get_config('system','throttle_limit_day'); + if ($throttle_day > 0) { + $datefrom = date("Y-m-d H:i:s", time() - 24*60*60); + + $r = q("SELECT COUNT(*) AS `posts_day` FROM `item` WHERE `uid`=%d AND `wall` + AND `created` > '%s' AND `id` = `parent`", + intval(api_user()), dbesc($datefrom)); + + if ($r) + $posts_day = $r[0]["posts_day"]; + else + $posts_day = 0; + + if ($posts_day > $throttle_day) { + logger('Daily posting limit reached for user '.api_user(), LOGGER_DEBUG); + die(api_error($a, $type, sprintf(t("Daily posting limit of %d posts reached. The post was rejected."), $throttle_day))); + } + } + + $throttle_week = get_config('system','throttle_limit_week'); + if ($throttle_week > 0) { + $datefrom = date("Y-m-d H:i:s", time() - 24*60*60*7); + + $r = q("SELECT COUNT(*) AS `posts_week` FROM `item` WHERE `uid`=%d AND `wall` + AND `created` > '%s' AND `id` = `parent`", + intval(api_user()), dbesc($datefrom)); + + if ($r) + $posts_week = $r[0]["posts_week"]; + else + $posts_week = 0; + + if ($posts_week > $throttle_week) { + logger('Weekly posting limit reached for user '.api_user(), LOGGER_DEBUG); + die(api_error($a, $type, sprintf(t("Weekly posting limit of %d posts reached. The post was rejected."), $throttle_week))); + } + } + + $throttle_month = get_config('system','throttle_limit_month'); + if ($throttle_month > 0) { + $datefrom = date("Y-m-d H:i:s", time() - 24*60*60*30); + + $r = q("SELECT COUNT(*) AS `posts_month` FROM `item` WHERE `uid`=%d AND `wall` + AND `created` > '%s' AND `id` = `parent`", + intval(api_user()), dbesc($datefrom)); + + if ($r) + $posts_month = $r[0]["posts_month"]; + else + $posts_month = 0; + + if ($posts_month > $throttle_month) { + logger('Monthly posting limit reached for user '.api_user(), LOGGER_DEBUG); + die(api_error($a, $type, sprintf(t("Monthly posting limit of %d posts reached. The post was rejected."), $throttle_month))); + } + } + $_REQUEST['type'] = 'wall'; if(x($_FILES,'media')) { // upload the image if we have one @@ -674,6 +825,9 @@ $_REQUEST['api_source'] = true; + if (!x($_REQUEST, "source")) + $_REQUEST["source"] = api_source(); + // call out normal post function require_once('mod/item.php'); @@ -683,22 +837,30 @@ return api_status_show($a,$type); } api_register_func('api/statuses/update','api_statuses_update', true); + api_register_func('api/statuses/update_with_media','api_statuses_update', true); function api_status_show(&$a, $type){ $user_info = api_get_user($a); + + logger('api_status_show: user_info: '.print_r($user_info, true), LOGGER_DEBUG); + // get last public wall message - $lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `c`.`nick` as `reply_author`, `i`.`author-link` AS `item-author` - FROM `item`, `contact`, `item` as `i`, `contact` as `c` - WHERE `item`.`contact-id` = %d AND `item`.`owner-link` = '%s' + $lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `i`.`author-link` AS `item-author` + FROM `item`, `item` as `i` + WHERE `item`.`contact-id` = %d AND `item`.`uid` = %d + AND ((`item`.`author-link` IN ('%s', '%s')) OR (`item`.`owner-link` IN ('%s', '%s'))) AND `i`.`id` = `item`.`parent` - AND `contact`.`id`=`item`.`contact-id` AND `c`.`id`=`i`.`contact-id` AND `contact`.`self`=1 AND `item`.`type`!='activity' AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`='' ORDER BY `item`.`created` DESC LIMIT 1", intval($user_info['cid']), - dbesc($user_info['url']) + intval(api_user()), + dbesc($user_info['url']), + dbesc(normalise_link($user_info['url'])), + dbesc($user_info['url']), + dbesc(normalise_link($user_info['url'])) ); if (count($lastwall)>0){ @@ -706,42 +868,69 @@ $in_reply_to_status_id = NULL; $in_reply_to_user_id = NULL; + $in_reply_to_status_id_str = NULL; + $in_reply_to_user_id_str = NULL; $in_reply_to_screen_name = NULL; - if ($lastwall['parent']!=$lastwall['id']) { - $in_reply_to_status_id=$lastwall['parent']; - //$in_reply_to_user_id = $lastwall['reply_uid']; - //$in_reply_to_screen_name = $lastwall['reply_author']; + if (intval($lastwall['parent']) != intval($lastwall['id'])) { + $in_reply_to_status_id= intval($lastwall['parent']); + $in_reply_to_status_id_str = (string) intval($lastwall['parent']); $r = q("SELECT * FROM unique_contacts WHERE `url` = '%s'", dbesc(normalise_link($lastwall['item-author']))); if ($r) { - $in_reply_to_screen_name = $r[0]['name']; - $in_reply_to_user_id = $r[0]['id']; + if ($r[0]['nick'] == "") + $r[0]['nick'] = api_get_nick($r[0]["url"]); + + $in_reply_to_screen_name = (($r[0]['nick']) ? $r[0]['nick'] : $r[0]['name']); + $in_reply_to_user_id = intval($r[0]['id']); + $in_reply_to_user_id_str = (string) intval($r[0]['id']); } } + + // There seems to be situation, where both fields are identical: + // https://github.com/friendica/friendica/issues/1010 + // This is a bugfix for that. + if (intval($in_reply_to_status_id) == intval($lastwall['id'])) { + logger('api_status_show: this message should never appear: id: '.$lastwall['id'].' similar to reply-to: '.$in_reply_to_status_id, LOGGER_DEBUG); + $in_reply_to_status_id = NULL; + $in_reply_to_user_id = NULL; + $in_reply_to_status_id_str = NULL; + $in_reply_to_user_id_str = NULL; + $in_reply_to_screen_name = NULL; + } + + $converted = api_convert_item($item); + $status_info = array( - 'text' => trim(html2plain(bbcode($lastwall['body'], false, false, 2), 0)), + 'text' => $converted["text"], 'truncated' => false, 'created_at' => api_date($lastwall['created']), 'in_reply_to_status_id' => $in_reply_to_status_id, + 'in_reply_to_status_id_str' => $in_reply_to_status_id_str, 'source' => (($lastwall['app']) ? $lastwall['app'] : 'web'), - 'id' => $lastwall['id'], + 'id' => intval($lastwall['id']), + 'id_str' => (string) $lastwall['id'], 'in_reply_to_user_id' => $in_reply_to_user_id, + 'in_reply_to_user_id_str' => $in_reply_to_user_id_str, 'in_reply_to_screen_name' => $in_reply_to_screen_name, 'geo' => NULL, - 'favorited' => false, - // attachments + 'favorited' => $lastwall['starred'] ? true : false, 'user' => $user_info, - 'statusnet_html' => trim(bbcode($lastwall['body'], false, false)), + 'statusnet_html' => $converted["html"], 'statusnet_conversation_id' => $lastwall['parent'], ); + if (count($converted["attachments"]) > 0) + $status_info["attachments"] = $converted["attachments"]; + + if (count($converted["entities"]) > 0) + $status_info["entities"] = $converted["entities"]; + if (($lastwall['item_network'] != "") AND ($status["source"] == 'web')) $status_info["source"] = network_to_name($lastwall['item_network']); elseif (($lastwall['item_network'] != "") AND (network_to_name($lastwall['item_network']) != $status_info["source"])) $status_info["source"] = trim($status_info["source"].' ('.network_to_name($lastwall['item_network']).')'); - // "cid", "uid" and "self" are only needed for some internal stuff, so remove it from here - unset($status_info["user"]["cid"]); + // "uid" and "self" are only needed for some internal stuff, so remove it from here unset($status_info["user"]["uid"]); unset($status_info["user"]["self"]); } @@ -767,51 +956,74 @@ $lastwall = q("SELECT `item`.* FROM `item`, `contact` - WHERE `item`.`contact-id` = %d AND `item`.`owner-link` = '%s' + WHERE `item`.`uid` = %d AND `verb` = '%s' AND `item`.`contact-id` = %d + AND ((`item`.`author-link` IN ('%s', '%s')) OR (`item`.`owner-link` IN ('%s', '%s'))) AND `contact`.`id`=`item`.`contact-id` AND `type`!='activity' AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`='' ORDER BY `created` DESC LIMIT 1", + intval(api_user()), + dbesc(ACTIVITY_POST), intval($user_info['cid']), - dbesc($user_info['url']) + dbesc($user_info['url']), + dbesc(normalise_link($user_info['url'])), + dbesc($user_info['url']), + dbesc(normalise_link($user_info['url'])) ); - if (count($lastwall)>0){ $lastwall = $lastwall[0]; $in_reply_to_status_id = NULL; $in_reply_to_user_id = NULL; + $in_reply_to_status_id_str = NULL; + $in_reply_to_user_id_str = NULL; $in_reply_to_screen_name = NULL; if ($lastwall['parent']!=$lastwall['id']) { $reply = q("SELECT `item`.`id`, `item`.`contact-id` as `reply_uid`, `contact`.`nick` as `reply_author`, `item`.`author-link` AS `item-author` - FROM `item`,`contact` WHERE `contact`.`id`=`item`.`contact-id` AND `item`.`id` = %d", intval($lastwall['parent'])); + FROM `item`,`contact` WHERE `contact`.`id`=`item`.`contact-id` AND `item`.`id` = %d", intval($lastwall['parent'])); if (count($reply)>0) { - $in_reply_to_status_id=$lastwall['parent']; - //$in_reply_to_user_id = $reply[0]['reply_uid']; - //$in_reply_to_screen_name = $reply[0]['reply_author']; + $in_reply_to_status_id = intval($lastwall['parent']); + $in_reply_to_status_id_str = (string) intval($lastwall['parent']); + $r = q("SELECT * FROM unique_contacts WHERE `url` = '%s'", dbesc(normalise_link($reply[0]['item-author']))); if ($r) { - $in_reply_to_screen_name = $r[0]['name']; - $in_reply_to_user_id = $r[0]['id']; + if ($r[0]['nick'] == "") + $r[0]['nick'] = api_get_nick($r[0]["url"]); + + $in_reply_to_screen_name = (($r[0]['nick']) ? $r[0]['nick'] : $r[0]['name']); + $in_reply_to_user_id = intval($r[0]['id']); + $in_reply_to_user_id_str = (string) intval($r[0]['id']); } } } + + $converted = api_convert_item($item); + $user_info['status'] = array( - 'text' => trim(html2plain(bbcode($lastwall['body'], false, false, 2), 0)), + 'text' => $converted["text"], 'truncated' => false, 'created_at' => api_date($lastwall['created']), 'in_reply_to_status_id' => $in_reply_to_status_id, + 'in_reply_to_status_id_str' => $in_reply_to_status_id_str, 'source' => (($lastwall['app']) ? $lastwall['app'] : 'web'), - 'id' => $lastwall['contact-id'], + 'id' => intval($lastwall['contact-id']), + 'id_str' => (string) $lastwall['contact-id'], 'in_reply_to_user_id' => $in_reply_to_user_id, + 'in_reply_to_user_id_str' => $in_reply_to_user_id_str, 'in_reply_to_screen_name' => $in_reply_to_screen_name, 'geo' => NULL, - 'favorited' => false, - 'statusnet_html' => trim(bbcode($lastwall['body'], false, false)), + 'favorited' => $lastwall['starred'] ? true : false, + 'statusnet_html' => $converted["html"], 'statusnet_conversation_id' => $lastwall['parent'], ); + if (count($converted["attachments"]) > 0) + $user_info["status"]["attachments"] = $converted["attachments"]; + + if (count($converted["entities"]) > 0) + $user_info["status"]["entities"] = $converted["entities"]; + if (($lastwall['item_network'] != "") AND ($user_info["status"]["source"] == 'web')) $user_info["status"]["source"] = network_to_name($lastwall['item_network']); if (($lastwall['item_network'] != "") AND (network_to_name($lastwall['item_network']) != $user_info["status"]["source"])) @@ -819,8 +1031,7 @@ } - // "cid", "uid" and "self" are only needed for some internal stuff, so remove it from here - unset($user_info["cid"]); + // "uid" and "self" are only needed for some internal stuff, so remove it from here unset($user_info["uid"]); unset($user_info["self"]); @@ -829,6 +1040,35 @@ } api_register_func('api/users/show','api_users_show'); + + function api_users_search(&$a, $type) { + $page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0); + + $userlist = array(); + + if (isset($_GET["q"])) { + $r = q("SELECT id FROM unique_contacts WHERE name='%s'", dbesc($_GET["q"])); + if (!count($r)) + $r = q("SELECT id FROM unique_contacts WHERE nick='%s'", dbesc($_GET["q"])); + + if (count($r)) { + foreach ($r AS $user) { + $user_info = api_get_user($a, $user["id"]); + //echo print_r($user_info, true)."\n"; + $userdata = api_apply_template("user", $type, array('user' => $user_info)); + $userlist[] = $userdata["user"]; + } + $userlist = array("users" => $userlist); + } else + die(api_error($a, $type, t("User not found."))); + } else + die(api_error($a, $type, t("User not found."))); + + return ($userlist); + } + + api_register_func('api/users/search','api_users_search'); + /** * * http://developer.twitter.com/doc/get/statuses/home_timeline @@ -839,6 +1079,12 @@ function api_statuses_home_timeline(&$a, $type){ if (api_user()===false) return false; + unset($_REQUEST["user_id"]); + unset($_GET["user_id"]); + + unset($_REQUEST["screen_name"]); + unset($_GET["screen_name"]); + $user_info = api_get_user($a); // get last newtork messages @@ -855,8 +1101,6 @@ $start = $page*$count; - //$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false); - $sql_extra = ''; if ($max_id > 0) $sql_extra .= ' AND `item`.`id` <= '.intval($max_id); @@ -870,15 +1114,15 @@ `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` FROM `item`, `contact` - WHERE `item`.`uid` = %d + WHERE `item`.`uid` = %d AND `verb` = '%s' AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0 AND `contact`.`id` = `item`.`contact-id` AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 $sql_extra AND `item`.`id`>%d - ORDER BY `item`.`received` DESC LIMIT %d ,%d ", - //intval($user_info['uid']), + ORDER BY `item`.`id` DESC LIMIT %d ,%d ", intval(api_user()), + dbesc(ACTIVITY_POST), intval($since_id), intval($start), intval($count) ); @@ -887,9 +1131,9 @@ // We aren't going to try to figure out at the item, group, and page // level which items you've seen and which you haven't. If you're looking - // at the network timeline just mark everything seen. + // at the network timeline just mark everything seen. - $r = q("UPDATE `item` SET `unseen` = 0 + $r = q("UPDATE `item` SET `unseen` = 0 WHERE `unseen` = 1 AND `uid` = %d", //intval($user_info['uid']) intval(api_user()) @@ -934,8 +1178,6 @@ $start = $page*$count; - //$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false); - if ($max_id > 0) $sql_extra = 'AND `item`.`id` <= '.intval($max_id); if ($exclude_replies > 0) @@ -943,24 +1185,25 @@ if ($conversation_id > 0) $sql_extra .= ' AND `item`.`parent` = '.intval($conversation_id); - $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`, - `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, - `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, - `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`, - `user`.`nickname`, `user`.`hidewall` - FROM `item` LEFT JOIN `contact` ON `contact`.`id` = `item`.`contact-id` - LEFT JOIN `user` ON `user`.`uid` = `item`.`uid` - WHERE `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0 - AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' - AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' - AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0 - AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`, + `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, + `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`, + `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`, + `user`.`nickname`, `user`.`hidewall` + FROM `item` STRAIGHT_JOIN `contact` ON `contact`.`id` = `item`.`contact-id` + STRAIGHT_JOIN `user` ON `user`.`uid` = `item`.`uid` + WHERE `verb` = '%s' AND `item`.`visible` = 1 AND `item`.`deleted` = 0 and `item`.`moderated` = 0 + AND `item`.`allow_cid` = '' AND `item`.`allow_gid` = '' + AND `item`.`deny_cid` = '' AND `item`.`deny_gid` = '' + AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0 + AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 $sql_extra AND `item`.`id`>%d - ORDER BY `received` DESC LIMIT %d, %d ", + ORDER BY `item`.`id` DESC LIMIT %d, %d ", + dbesc(ACTIVITY_POST), intval($since_id), - intval($start), - intval($count)); + intval($start), + intval($count)); $ret = api_format_items($r,$user_info); @@ -984,7 +1227,7 @@ api_register_func('api/statuses/public_timeline','api_statuses_public_timeline', true); /** - * + * */ function api_statuses_show(&$a, $type){ if (api_user()===false) return false; @@ -997,9 +1240,12 @@ if ($id == 0) $id = intval($_REQUEST["id"]); + // Hotot workaround + if ($id == 0) + $id = intval($a->argv[4]); + logger('API: api_statuses_show: '.$id); - //$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false); $conversation = (x($_REQUEST,'conversation')?1:0); $sql_extra = ''; @@ -1014,9 +1260,11 @@ `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` FROM `item`, `contact` WHERE `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0 - AND `contact`.`id` = `item`.`contact-id` + AND `contact`.`id` = `item`.`contact-id` AND `item`.`uid` = %d AND `item`.`verb` = '%s' AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 $sql_extra", + intval(api_user()), + dbesc(ACTIVITY_POST), intval($id) ); @@ -1042,9 +1290,71 @@ /** - * + * + */ + function api_conversation_show(&$a, $type){ + if (api_user()===false) return false; + + $user_info = api_get_user($a); + + // params + $id = intval($a->argv[3]); + $count = (x($_REQUEST,'count')?$_REQUEST['count']:20); + $page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0); + if ($page<0) $page=0; + $since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0); + $max_id = (x($_REQUEST,'max_id')?$_REQUEST['max_id']:0); + + $start = $page*$count; + + if ($id == 0) + $id = intval($_REQUEST["id"]); + + // Hotot workaround + if ($id == 0) + $id = intval($a->argv[4]); + + logger('API: api_conversation_show: '.$id); + + $sql_extra = ''; + + if ($max_id > 0) + $sql_extra = ' AND `item`.`id` <= '.intval($max_id); + + $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`, + `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, + `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, + `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` + FROM `item` INNER JOIN (SELECT `uri`,`parent` FROM `item` WHERE `id` = %d) AS `temp1` + ON (`item`.`thr-parent` = `temp1`.`uri` AND `item`.`parent` = `temp1`.`parent`), `contact` + WHERE `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0 + AND `item`.`uid` = %d AND `item`.`verb` = '%s' AND `contact`.`id` = `item`.`contact-id` + AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + AND `item`.`id`>%d $sql_extra + ORDER BY `item`.`id` DESC LIMIT %d ,%d", + intval($id), intval(api_user()), + dbesc(ACTIVITY_POST), + intval($since_id), + intval($start), intval($count) + ); + + if (!$r) + die(api_error($a, $type, t("There is no conversation with this id."))); + + $ret = api_format_items($r,$user_info); + + $data = array('$statuses' => $ret); + return api_apply_template("timeline", $type, $data); + } + api_register_func('api/conversation/show','api_conversation_show', true); + + + /** + * */ function api_statuses_repeat(&$a, $type){ + global $called_api; + if (api_user()===false) return false; $user_info = api_get_user($a); @@ -1055,9 +1365,11 @@ if ($id == 0) $id = intval($_REQUEST["id"]); - logger('API: api_statuses_repeat: '.$id); + // Hotot workaround + if ($id == 0) + $id = intval($a->argv[4]); - //$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false); + logger('API: api_statuses_repeat: '.$id); $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`, `contact`.`nick` as `reply_author`, `contact`.`name`, `contact`.`photo` as `reply_photo`, `contact`.`url` as `reply_url`, `contact`.`rel`, @@ -1074,13 +1386,17 @@ if ($r[0]['body'] != "") { if (!intval(get_config('system','old_share'))) { - $post = "[share author='".str_replace("'", "'", $r[0]['reply_author']). - "' profile='".$r[0]['reply_url']. - "' avatar='".$r[0]['reply_photo']. - "' link='".$r[0]['plink']."']"; - - $post .= $r[0]['body']; - $post .= "[/share]"; + if (strpos($r[0]['body'], "[/share]") !== false) { + $pos = strpos($r[0]['body'], "[share"); + $post = substr($r[0]['body'], $pos); + } else { + $post = "[share author='".str_replace("'", "'", $r[0]['author-name']). + "' profile='".$r[0]['author-link']. + "' avatar='".$r[0]['author-avatar']. + "' link='".$r[0]['plink']."']"; + $post .= $r[0]['body']; + $post .= "[/share]"; + } $_REQUEST['body'] = $post; } else $_REQUEST['body'] = html_entity_decode("♲ ", ENT_QUOTES, 'UTF-8')."[url=".$r[0]['reply_url']."]".$r[0]['reply_author']."[/url] \n".$r[0]['body']; @@ -1089,21 +1405,21 @@ $_REQUEST['type'] = 'wall'; $_REQUEST['api_source'] = true; + if (!x($_REQUEST, "source")) + $_REQUEST["source"] = api_source(); + require_once('mod/item.php'); item_post($a); } - if ($type == 'xml') - $ok = "true"; - else - $ok = "ok"; - - return api_apply_template('test', $type, array('$ok' => $ok)); + // this should output the last post (the one we just posted). + $called_api = null; + return(api_status_show($a,$type)); } api_register_func('api/statuses/retweet','api_statuses_repeat', true); /** - * + * */ function api_statuses_destroy(&$a, $type){ if (api_user()===false) return false; @@ -1116,28 +1432,35 @@ if ($id == 0) $id = intval($_REQUEST["id"]); + // Hotot workaround + if ($id == 0) + $id = intval($a->argv[4]); + logger('API: api_statuses_destroy: '.$id); + $ret = api_statuses_show($a, $type); + require_once('include/items.php'); drop_item($id, false); - if ($type == 'xml') - $ok = "true"; - else - $ok = "ok"; - - return api_apply_template('test', $type, array('$ok' => $ok)); + return($ret); } api_register_func('api/statuses/destroy','api_statuses_destroy', true); /** - * + * * http://developer.twitter.com/doc/get/statuses/mentions - * + * */ function api_statuses_mentions(&$a, $type){ if (api_user()===false) return false; + unset($_REQUEST["user_id"]); + unset($_GET["user_id"]); + + unset($_REQUEST["screen_name"]); + unset($_GET["screen_name"]); + $user_info = api_get_user($a); // get last newtork messages @@ -1152,8 +1475,6 @@ $start = $page*$count; - //$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false); - // Ugly code - should be changed $myurl = $a->get_baseurl() . '/profile/'. $a->user['nickname']; $myurl = substr($myurl,strpos($myurl,'://')+3); @@ -1161,27 +1482,27 @@ $myurl = str_replace('www.','',$myurl); $diasp_url = str_replace('/profile/','/u/',$myurl); - $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where `author-link` IN ('https://%s', 'http://%s') OR `mention`)", - dbesc(protect_sprintf($myurl)), - dbesc(protect_sprintf($myurl)) - ); - if ($max_id > 0) - $sql_extra .= ' AND `item`.`id` <= '.intval($max_id); + $sql_extra = ' AND `item`.`id` <= '.intval($max_id); $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` FROM `item`, `contact` - WHERE `item`.`uid` = %d + WHERE `item`.`uid` = %d AND `verb` = '%s' + AND NOT (`item`.`author-link` IN ('https://%s', 'http://%s')) AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0 AND `contact`.`id` = `item`.`contact-id` AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 + AND `item`.`parent` IN (SELECT `iid` from thread where uid = %d AND `mention` AND !`ignored`) $sql_extra AND `item`.`id`>%d - ORDER BY `item`.`received` DESC LIMIT %d ,%d ", - //intval($user_info['uid']), + ORDER BY `item`.`id` DESC LIMIT %d ,%d ", + intval(api_user()), + dbesc(ACTIVITY_POST), + dbesc(protect_sprintf($myurl)), + dbesc(protect_sprintf($myurl)), intval(api_user()), intval($since_id), intval($start), intval($count) @@ -1233,7 +1554,8 @@ $start = $page*$count; $sql_extra = ''; - if ($user_info['self']==1) $sql_extra .= " AND `item`.`wall` = 1 "; + if ($user_info['self']==1) + $sql_extra .= " AND `item`.`wall` = 1 "; if ($exclude_replies > 0) $sql_extra .= ' AND `item`.`parent` = `item`.`id`'; @@ -1245,15 +1567,16 @@ `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid` FROM `item`, `contact` - WHERE `item`.`uid` = %d + WHERE `item`.`uid` = %d AND `verb` = '%s' AND `item`.`contact-id` = %d AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0 AND `contact`.`id` = `item`.`contact-id` AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 $sql_extra AND `item`.`id`>%d - ORDER BY `item`.`received` DESC LIMIT %d ,%d ", + ORDER BY `item`.`id` DESC LIMIT %d ,%d ", intval(api_user()), + dbesc(ACTIVITY_POST), intval($user_info['cid']), intval($since_id), intval($start), intval($count) @@ -1274,10 +1597,78 @@ api_register_func('api/statuses/user_timeline','api_statuses_user_timeline', true); + /** + * Star/unstar an item + * param: id : id of the item + * + * api v1 : https://web.archive.org/web/20131019055350/https://dev.twitter.com/docs/api/1/post/favorites/create/%3Aid + */ + function api_favorites_create_destroy(&$a, $type){ + if (api_user()===false) return false; + + # for versioned api. + # TODO: we need a better global soluton + $action_argv_id=2; + if ($a->argv[1]=="1.1") $action_argv_id=3; + + if ($a->argc<=$action_argv_id) die(api_error($a, $type, t("Invalid request."))); + $action = str_replace(".".$type,"",$a->argv[$action_argv_id]); + if ($a->argc==$action_argv_id+2) { + $itemid = intval($a->argv[$action_argv_id+1]); + } else { + $itemid = intval($_REQUEST['id']); + } + + $item = q("SELECT * FROM item WHERE id=%d AND uid=%d", + $itemid, api_user()); + + if ($item===false || count($item)==0) die(api_error($a, $type, t("Invalid item."))); + + switch($action){ + case "create": + $item[0]['starred']=1; + break; + case "destroy": + $item[0]['starred']=0; + break; + default: + die(api_error($a, $type, t("Invalid action. ".$action))); + } + $r = q("UPDATE item SET starred=%d WHERE id=%d AND uid=%d", + $item[0]['starred'], $itemid, api_user()); + + q("UPDATE thread SET starred=%d WHERE iid=%d AND uid=%d", + $item[0]['starred'], $itemid, api_user()); + + if ($r===false) die(api_error($a, $type, t("DB error"))); + + + $user_info = api_get_user($a); + $rets = api_format_items($item,$user_info); + $ret = $rets[0]; + + $data = array('$status' => $ret); + switch($type){ + case "atom": + case "rss": + $data = api_rss_extra($a, $data, $user_info); + } + + return api_apply_template("status", $type, $data); + } + + api_register_func('api/favorites/create', 'api_favorites_create_destroy', true); + api_register_func('api/favorites/destroy', 'api_favorites_create_destroy', true); + function api_favorites(&$a, $type){ + global $called_api; + if (api_user()===false) return false; + $called_api= array(); + $user_info = api_get_user($a); + // in friendica starred item are private // return favorites only for self logger('api_favorites: self:' . $user_info['self']); @@ -1285,15 +1676,20 @@ if ($user_info['self']==0) { $ret = array(); } else { - + $sql_extra = ""; // params + $since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0); + $max_id = (x($_REQUEST,'max_id')?$_REQUEST['max_id']:0); $count = (x($_GET,'count')?$_GET['count']:20); $page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0); if ($page<0) $page=0; $start = $page*$count; + if ($max_id > 0) + $sql_extra .= ' AND `item`.`id` <= '.intval($max_id); + $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `item`.`network` AS `item_network`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`, @@ -1305,9 +1701,10 @@ AND `contact`.`id` = `item`.`contact-id` AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 $sql_extra - ORDER BY `item`.`received` DESC LIMIT %d ,%d ", - //intval($user_info['uid']), + AND `item`.`id`>%d + ORDER BY `item`.`id` DESC LIMIT %d ,%d ", intval(api_user()), + intval($since_id), intval($start), intval($count) ); @@ -1327,6 +1724,9 @@ api_register_func('api/favorites','api_favorites', true); + + + function api_format_as($a, $ret, $user_info) { $as = array(); @@ -1379,11 +1779,11 @@ $singleitem["title"] = $item["text"]; $singleitem["verb"] = "post"; $singleitem["statusnet:notice_info"]["local_id"] = $item["id"]; - $singleitem["statusnet:notice_info"]["source"] = $item["source"]; - $singleitem["statusnet:notice_info"]["favorite"] = "false"; - $singleitem["statusnet:notice_info"]["repeated"] = "false"; - //$singleitem["original"] = $item; - $items[] = $singleitem; + $singleitem["statusnet:notice_info"]["source"] = $item["source"]; + $singleitem["statusnet:notice_info"]["favorite"] = "false"; + $singleitem["statusnet:notice_info"]["repeated"] = "false"; + //$singleitem["original"] = $item; + $items[] = $singleitem; } $as['items'] = $items; $as['link']['url'] = $a->get_baseurl()."/".$user_info["screen_name"]."/all"; @@ -1406,11 +1806,9 @@ 'recipient' => $recipient, ); - // "cid", "uid" and "self" are only needed for some internal stuff, so remove it from here - unset($ret["sender"]["cid"]); + // "uid" and "self" are only needed for some internal stuff, so remove it from here unset($ret["sender"]["uid"]); unset($ret["sender"]["self"]); - unset($ret["recipient"]["cid"]); unset($ret["recipient"]["uid"]); unset($ret["recipient"]["self"]); @@ -1422,11 +1820,11 @@ } elseif ($_GET["getText"] == "plain") { //$ret['text'] = html2plain(bbcode($item['body'], false, false, true), 0); - $ret['text'] = trim(html2plain(bbcode($item['body'], false, false, 2), 0)); + $ret['text'] = trim(html2plain(bbcode(api_clean_plain_items($item['body']), false, false, 2, true), 0)); } } else { - $ret['text'] = $item['title']."\n".html2plain(bbcode($item['body'], false, false, 2), 0); + $ret['text'] = $item['title']."\n".html2plain(bbcode(api_clean_plain_items($item['body']), false, false, 2, true), 0); } if (isset($_GET["getUserObjects"]) && $_GET["getUserObjects"] == "false") { unset($ret['sender']); @@ -1436,12 +1834,243 @@ return $ret; } + function api_convert_item($item) { + + $body = $item['body']; + $attachments = api_get_attachments($body); + + // Workaround for ostatus messages where the title is identically to the body + $html = bbcode(api_clean_plain_items($body), false, false, 2, true); + $statusbody = trim(html2plain($html, 0)); + + // handle data: images + $statusbody = api_format_items_embeded_images($item,$statusbody); + + $statustitle = trim($item['title']); + + if (($statustitle != '') and (strpos($statusbody, $statustitle) !== false)) + $statustext = trim($statusbody); + else + $statustext = trim($statustitle."\n\n".$statusbody); + + if (($item["network"] == NETWORK_FEED) and (strlen($statustext)> 1000)) + $statustext = substr($statustext, 0, 1000)."... \n".$item["plink"]; + + $statushtml = trim(bbcode($body, false, false)); + + if ($item['title'] != "") + $statushtml = "

".bbcode($item['title'])."

\n".$statushtml; + + $entities = api_get_entitities($statustext, $body); + + return(array("text" => $statustext, "html" => $statushtml, "attachments" => $attachments, "entities" => $entities)); + } + + function api_get_attachments(&$body) { + + $text = $body; + $text = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '[img]$3[/img]', $text); + + $URLSearchString = "^\[\]"; + $ret = preg_match_all("/\[img\]([$URLSearchString]*)\[\/img\]/ism", $text, $images); + + if (!$ret) + return false; + + require_once("include/Photo.php"); + + $attachments = array(); + + foreach ($images[1] AS $image) { + $imagedata = get_photo_info($image); + + if ($imagedata) + $attachments[] = array("url" => $image, "mimetype" => $imagedata["mime"], "size" => $imagedata["size"]); + } + + if (strstr($_SERVER['HTTP_USER_AGENT'], "AndStatus")) + foreach ($images[0] AS $orig) + $body = str_replace($orig, "", $body); + + return $attachments; + } + + function api_get_entitities(&$text, $bbcode) { + /* + To-Do: + * Links at the first character of the post + */ + + $a = get_app(); + + $include_entities = strtolower(x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:"false"); + + if ($include_entities != "true") { + require_once("mod/proxy.php"); + + preg_match_all("/\[img](.*?)\[\/img\]/ism", $bbcode, $images); + + foreach ($images[1] AS $image) { + $replace = proxy_url($image); + $text = str_replace($image, $replace, $text); + } + return array(); + } + + $bbcode = bb_CleanPictureLinks($bbcode); + + // Change pure links in text to bbcode uris + $bbcode = preg_replace("/([^\]\='".'"'."]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,]+)/ism", '$1[url=$2]$2[/url]', $bbcode); + + $entities = array(); + $entities["hashtags"] = array(); + $entities["symbols"] = array(); + $entities["urls"] = array(); + $entities["user_mentions"] = array(); + + $URLSearchString = "^\[\]"; + + $bbcode = preg_replace("/#\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism",'#$2',$bbcode); + + $bbcode = preg_replace("/\[bookmark\=([$URLSearchString]*)\](.*?)\[\/bookmark\]/ism",'[url=$1]$2[/url]',$bbcode); + //$bbcode = preg_replace("/\[url\](.*?)\[\/url\]/ism",'[url=$1]$1[/url]',$bbcode); + $bbcode = preg_replace("/\[video\](.*?)\[\/video\]/ism",'[url=$1]$1[/url]',$bbcode); + + $bbcode = preg_replace("/\[youtube\]([A-Za-z0-9\-_=]+)(.*?)\[\/youtube\]/ism", + '[url=https://www.youtube.com/watch?v=$1]https://www.youtube.com/watch?v=$1[/url]', $bbcode); + $bbcode = preg_replace("/\[youtube\](.*?)\[\/youtube\]/ism",'[url=$1]$1[/url]',$bbcode); + + $bbcode = preg_replace("/\[vimeo\]([0-9]+)(.*?)\[\/vimeo\]/ism", + '[url=https://vimeo.com/$1]https://vimeo.com/$1[/url]', $bbcode); + $bbcode = preg_replace("/\[vimeo\](.*?)\[\/vimeo\]/ism",'[url=$1]$1[/url]',$bbcode); + + $bbcode = preg_replace("/\[img\=([0-9]*)x([0-9]*)\](.*?)\[\/img\]/ism", '[img]$3[/img]', $bbcode); + + //preg_match_all("/\[url\]([$URLSearchString]*)\[\/url\]/ism", $bbcode, $urls1); + preg_match_all("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", $bbcode, $urls); + + $ordered_urls = array(); + foreach ($urls[1] AS $id=>$url) { + //$start = strpos($text, $url, $offset); + $start = iconv_strpos($text, $url, 0, "UTF-8"); + if (!($start === false)) + $ordered_urls[$start] = array("url" => $url, "title" => $urls[2][$id]); + } + + ksort($ordered_urls); + + $offset = 0; + //foreach ($urls[1] AS $id=>$url) { + foreach ($ordered_urls AS $url) { + if ((substr($url["title"], 0, 7) != "http://") AND (substr($url["title"], 0, 8) != "https://") AND + !strpos($url["title"], "http://") AND !strpos($url["title"], "https://")) + $display_url = $url["title"]; + else { + $display_url = str_replace(array("http://www.", "https://www."), array("", ""), $url["url"]); + $display_url = str_replace(array("http://", "https://"), array("", ""), $display_url); + + if (strlen($display_url) > 26) + $display_url = substr($display_url, 0, 25)."…"; + } + + //$start = strpos($text, $url, $offset); + $start = iconv_strpos($text, $url["url"], $offset, "UTF-8"); + if (!($start === false)) { + $entities["urls"][] = array("url" => $url["url"], + "expanded_url" => $url["url"], + "display_url" => $display_url, + "indices" => array($start, $start+strlen($url["url"]))); + $offset = $start + 1; + } + } + + preg_match_all("/\[img](.*?)\[\/img\]/ism", $bbcode, $images); + $ordered_images = array(); + foreach ($images[1] AS $image) { + //$start = strpos($text, $url, $offset); + $start = iconv_strpos($text, $image, 0, "UTF-8"); + if (!($start === false)) + $ordered_images[$start] = $image; + } + //$entities["media"] = array(); + $offset = 0; + + foreach ($ordered_images AS $url) { + $display_url = str_replace(array("http://www.", "https://www."), array("", ""), $url); + $display_url = str_replace(array("http://", "https://"), array("", ""), $display_url); + + if (strlen($display_url) > 26) + $display_url = substr($display_url, 0, 25)."…"; + + $start = iconv_strpos($text, $url, $offset, "UTF-8"); + if (!($start === false)) { + require_once("include/Photo.php"); + $image = get_photo_info($url); + if ($image) { + // If image cache is activated, then use the following sizes: + // thumb (150), small (340), medium (600) and large (1024) + if (!get_config("system", "proxy_disabled")) { + require_once("mod/proxy.php"); + $media_url = proxy_url($url); + + $sizes = array(); + $scale = scale_image($image[0], $image[1], 150); + $sizes["thumb"] = array("w" => $scale["width"], "h" => $scale["height"], "resize" => "fit"); + + if (($image[0] > 150) OR ($image[1] > 150)) { + $scale = scale_image($image[0], $image[1], 340); + $sizes["small"] = array("w" => $scale["width"], "h" => $scale["height"], "resize" => "fit"); + } + + $scale = scale_image($image[0], $image[1], 600); + $sizes["medium"] = array("w" => $scale["width"], "h" => $scale["height"], "resize" => "fit"); + + if (($image[0] > 600) OR ($image[1] > 600)) { + $scale = scale_image($image[0], $image[1], 1024); + $sizes["large"] = array("w" => $scale["width"], "h" => $scale["height"], "resize" => "fit"); + } + } else { + $media_url = $url; + $sizes["medium"] = array("w" => $image[0], "h" => $image[1], "resize" => "fit"); + } + + $entities["media"][] = array( + "id" => $start+1, + "id_str" => (string)$start+1, + "indices" => array($start, $start+strlen($url)), + "media_url" => normalise_link($media_url), + "media_url_https" => $media_url, + "url" => $url, + "display_url" => $display_url, + "expanded_url" => $url, + "type" => "photo", + "sizes" => $sizes); + } + $offset = $start + 1; + } + } + + return($entities); + } + function api_format_items_embeded_images($item, $text){ + $a = get_app(); + $text = preg_replace_callback( + "|data:image/([^;]+)[^=]+=*|m", + function($match) use ($a, $item) { + return $a->get_baseurl()."/display/".$item['guid']; + }, + $text); + return $text; + } + function api_format_items($r,$user_info, $filter_user = false) { $a = get_app(); $ret = Array(); foreach($r as $item) { + api_share_as_retweet($item); + localize_item($item); $status_user = api_item_get_user($a,$item); @@ -1454,12 +2083,15 @@ intval(api_user()), dbesc($item['thr-parent'])); if ($r) - $in_reply_to_status_id = $r[0]['id']; + $in_reply_to_status_id = intval($r[0]['id']); else - $in_reply_to_status_id = $item['parent']; + $in_reply_to_status_id = intval($item['parent']); + + $in_reply_to_status_id_str = (string) intval($item['parent']); $in_reply_to_screen_name = NULL; $in_reply_to_user_id = NULL; + $in_reply_to_user_id_str = NULL; $r = q("SELECT `author-link` FROM item WHERE uid=%d AND id=%d LIMIT 1", intval(api_user()), @@ -1468,46 +2100,50 @@ $r = q("SELECT * FROM unique_contacts WHERE `url` = '%s'", dbesc(normalise_link($r[0]['author-link']))); if ($r) { - $in_reply_to_screen_name = $r[0]['name']; - $in_reply_to_user_id = $r[0]['id']; + if ($r[0]['nick'] == "") + $r[0]['nick'] = api_get_nick($r[0]["url"]); + + $in_reply_to_screen_name = (($r[0]['nick']) ? $r[0]['nick'] : $r[0]['name']); + $in_reply_to_user_id = intval($r[0]['id']); + $in_reply_to_user_id_str = (string) intval($r[0]['id']); } } } else { $in_reply_to_screen_name = NULL; $in_reply_to_user_id = NULL; $in_reply_to_status_id = NULL; + $in_reply_to_user_id_str = NULL; + $in_reply_to_status_id_str = NULL; } - // Workaround for ostatus messages where the title is identically to the body - $statusbody = trim(html2plain(bbcode($item['body'], false, false, 2), 0)); - - $statustitle = trim($item['title']); - - if (($statustitle != '') and (strpos($statusbody, $statustitle) !== false)) - $statustext = trim($statusbody); - else - $statustext = trim($statustitle."\n\n".$statusbody); - - if (($item["network"] == NETWORK_FEED) and (strlen($statustext)> 1000)) - $statustext = substr($statustext, 0, 1000)."... \n".$item["plink"]; + $converted = api_convert_item($item); $status = array( - 'text' => $statustext, + 'text' => $converted["text"], 'truncated' => False, 'created_at'=> api_date($item['created']), 'in_reply_to_status_id' => $in_reply_to_status_id, + 'in_reply_to_status_id_str' => $in_reply_to_status_id_str, 'source' => (($item['app']) ? $item['app'] : 'web'), 'id' => intval($item['id']), + 'id_str' => (string) intval($item['id']), 'in_reply_to_user_id' => $in_reply_to_user_id, + 'in_reply_to_user_id_str' => $in_reply_to_user_id_str, 'in_reply_to_screen_name' => $in_reply_to_screen_name, 'geo' => NULL, 'favorited' => $item['starred'] ? true : false, - //'attachments' => array(), 'user' => $status_user , - 'statusnet_html' => trim(bbcode($item['body'], false, false)), + //'entities' => NULL, + 'statusnet_html' => $converted["html"], 'statusnet_conversation_id' => $item['parent'], ); + if (count($converted["attachments"]) > 0) + $status["attachments"] = $converted["attachments"]; + + if (count($converted["entities"]) > 0) + $status["entities"] = $converted["entities"]; + if (($item['item_network'] != "") AND ($status["source"] == 'web')) $status["source"] = network_to_name($item['item_network']); else if (($item['item_network'] != "") AND (network_to_name($item['item_network']) != $status["source"])) @@ -1515,43 +2151,25 @@ // Retweets are only valid for top postings - if (($item['owner-link'] != $item['author-link']) AND ($item["id"] == $item["parent"])) { + // It doesn't work reliable with the link if its a feed + $IsRetweet = ($item['owner-link'] != $item['author-link']); + if ($IsRetweet) + $IsRetweet = (($item['owner-name'] != $item['author-name']) OR ($item['owner-avatar'] != $item['author-avatar'])); + + if ($IsRetweet AND ($item["id"] == $item["parent"])) { $retweeted_status = $status; $retweeted_status["user"] = api_get_user($a,$item["author-link"]); $status["retweeted_status"] = $retweeted_status; } - // "cid", "uid" and "self" are only needed for some internal stuff, so remove it from here - unset($status["user"]["cid"]); + // "uid" and "self" are only needed for some internal stuff, so remove it from here unset($status["user"]["uid"]); unset($status["user"]["self"]); // 'geo' => array('type' => 'Point', - // 'coordinates' => array((float) $notice->lat, - // (float) $notice->lon)); - - // Seesmic doesn't like the following content - // completely disabled to make friendica totally compatible to the statusnet API - /*if ($_SERVER['HTTP_USER_AGENT'] != 'Seesmic') { - $status2 = array( - 'updated' => api_date($item['edited']), - 'published' => api_date($item['created']), - 'message_id' => $item['uri'], - 'url' => ($item['plink']!=''?$item['plink']:$item['author-link']), - 'coordinates' => $item['coord'], - 'place' => $item['location'], - 'contributors' => '', - 'annotations' => '', - 'entities' => '', - 'objecttype' => (($item['object-type']) ? $item['object-type'] : ACTIVITY_OBJ_NOTE), - 'verb' => (($item['verb']) ? $item['verb'] : ACTIVITY_POST), - 'self' => $a->get_baseurl()."/api/statuses/show/".$item['id'].".".$type, - 'edit' => $a->get_baseurl()."/api/statuses/show/".$item['id'].".".$type, - ); - - $status = array_merge($status, $status2); - }*/ + // 'coordinates' => array((float) $notice->lat, + // (float) $notice->lon)); $ret[] = $status; }; @@ -1582,26 +2200,34 @@ else $ok = "ok"; - return api_apply_template('test', $type, array('$ok' => $ok)); + return api_apply_template('test', $type, array("$ok" => $ok)); } api_register_func('api/help/test','api_help_test',false); + function api_lists(&$a,$type) { + + $ret = array(); + return array($ret); + } + api_register_func('api/lists','api_lists',true); + + function api_lists_list(&$a,$type) { + + $ret = array(); + return array($ret); + } + api_register_func('api/lists/list','api_lists_list',true); + /** - * https://dev.twitter.com/docs/api/1/get/statuses/friends + * https://dev.twitter.com/docs/api/1/get/statuses/friends * This function is deprecated by Twitter - * returns: json, xml + * returns: json, xml **/ function api_statuses_f(&$a, $type, $qtype) { if (api_user()===false) return false; $user_info = api_get_user($a); - - // friends and followers only for self - if ($user_info['self']==0){ - return false; - } - if (x($_GET,'cursor') && $_GET['cursor']=='undefined'){ /* this is to stop Hotot to load friends multiple times * I'm not sure if I'm missing return something or @@ -1618,15 +2244,18 @@ if($qtype == 'followers') $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_FOLLOWER), intval(CONTACT_IS_FRIEND)); - $r = q("SELECT id FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra", + // friends and followers only for self + if ($user_info['self'] == 0) + $sql_extra = " AND false "; + + $r = q("SELECT `nurl` FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra", intval(api_user()) ); $ret = array(); foreach($r as $cid){ - $user = api_get_user($a, $cid['id']); - // "cid", "uid" and "self" are only needed for some internal stuff, so remove it from here - unset($user["cid"]); + $user = api_get_user($a, $cid['nurl']); + // "uid" and "self" are only needed for some internal stuff, so remove it from here unset($user["uid"]); unset($user["self"]); @@ -1634,7 +2263,6 @@ $ret[] = $user; } - return array('$users' => $ret); } @@ -1711,11 +2339,17 @@ if(! api_user()) return false; + $user_info = api_get_user($a); + if($qtype == 'friends') $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_SHARING), intval(CONTACT_IS_FRIEND)); if($qtype == 'followers') $sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_FOLLOWER), intval(CONTACT_IS_FRIEND)); + if (!$user_info["self"]) + $sql_extra = " AND false "; + + $stringify_ids = (x($_REQUEST,'stringify_ids')?$_REQUEST['stringify_ids']:false); $r = q("SELECT unique_contacts.id FROM contact, unique_contacts WHERE contact.nurl = unique_contacts.url AND `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra", intval(api_user()) @@ -1734,7 +2368,12 @@ elseif($type === 'json') { $ret = array(); header("Content-type: application/json"); - foreach($r as $rr) $ret[] = $rr['id']; + foreach($r as $rr) + if ($stringify_ids) + $ret[] = $rr['id']; + else + $ret[] = intval($rr['id']); + echo json_encode($ret); killme(); } @@ -1754,17 +2393,24 @@ function api_direct_messages_new(&$a, $type) { if (api_user()===false) return false; - if (!x($_POST, "text") || !x($_POST,"screen_name")) return; + if (!x($_POST, "text") OR (!x($_POST,"screen_name") AND !x($_POST,"user_id"))) return; $sender = api_get_user($a); require_once("include/message.php"); - $r = q("SELECT `id` FROM `contact` WHERE `uid`=%d AND `nick`='%s'", - intval(api_user()), - dbesc($_POST['screen_name'])); + if ($_POST['screen_name']) { + $r = q("SELECT `id`, `nurl`, `network` FROM `contact` WHERE `uid`=%d AND `nick`='%s'", + intval(api_user()), + dbesc($_POST['screen_name'])); + + // Selecting the id by priority, friendica first + api_best_nickname($r); + + $recipient = api_get_user($a, $r[0]['nurl']); + } else + $recipient = api_get_user($a, $_POST['user_id']); - $recipient = api_get_user($a, $r[0]['id']); $replyto = ''; $sub = ''; if (x($_REQUEST,'replyto')) { @@ -1783,7 +2429,7 @@ } } - $id = send_message($recipient['id'], $_POST['text'], $sub, $replyto); + $id = send_message($recipient['cid'], $_POST['text'], $sub, $replyto); if ($id>-1) { $r = q("SELECT * FROM `mail` WHERE id=%d", intval($id)); @@ -1809,7 +2455,6 @@ function api_direct_messages_box(&$a, $type, $box) { if (api_user()===false) return false; - $user_info = api_get_user($a); // params $count = (x($_GET,'count')?$_GET['count']:20); @@ -1817,42 +2462,68 @@ if ($page<0) $page=0; $since_id = (x($_REQUEST,'since_id')?$_REQUEST['since_id']:0); + $max_id = (x($_REQUEST,'max_id')?$_REQUEST['max_id']:0); - $start = $page*$count; + $user_id = (x($_REQUEST,'user_id')?$_REQUEST['user_id']:""); + $screen_name = (x($_REQUEST,'screen_name')?$_REQUEST['screen_name']:""); + // caller user info + unset($_REQUEST["user_id"]); + unset($_GET["user_id"]); + + unset($_REQUEST["screen_name"]); + unset($_GET["screen_name"]); + + $user_info = api_get_user($a); //$profile_url = $a->get_baseurl() . '/profile/' . $a->user['nickname']; $profile_url = $user_info["url"]; + + // pagination + $start = $page*$count; + + // filters if ($box=="sentbox") { - $sql_extra = "`from-url`='".dbesc( $profile_url )."'"; + $sql_extra = "`mail`.`from-url`='".dbesc( $profile_url )."'"; } elseif ($box=="conversation") { - $sql_extra = "`parent-uri`='".dbesc( $_GET["uri"] ) ."'"; + $sql_extra = "`mail`.`parent-uri`='".dbesc( $_GET["uri"] ) ."'"; } elseif ($box=="all") { $sql_extra = "true"; } elseif ($box=="inbox") { - $sql_extra = "`from-url`!='".dbesc( $profile_url )."'"; + $sql_extra = "`mail`.`from-url`!='".dbesc( $profile_url )."'"; + } + + if ($max_id > 0) + $sql_extra .= ' AND `mail`.`id` <= '.intval($max_id); + + if ($user_id !="") { + $sql_extra .= ' AND `mail`.`contact-id` = ' . intval($user_id); + } + elseif($screen_name !=""){ + $sql_extra .= " AND `contact`.`nick` = '" . dbesc($screen_name). "'"; } - $r = q("SELECT * FROM `mail` WHERE uid=%d AND $sql_extra AND id > %d ORDER BY created DESC LIMIT %d,%d", + $r = q("SELECT `mail`.*, `contact`.`nurl` AS `contact-url` FROM `mail`,`contact` WHERE `mail`.`contact-id` = `contact`.`id` AND `mail`.`uid`=%d AND $sql_extra AND `mail`.`id` > %d ORDER BY `mail`.`id` DESC LIMIT %d,%d", intval(api_user()), intval($since_id), intval($start), intval($count) ); + $ret = Array(); foreach($r as $item) { if ($box == "inbox" || $item['from-url'] != $profile_url){ $recipient = $user_info; - $sender = api_get_user($a,$item['contact-id']); + $sender = api_get_user($a,normalise_link($item['contact-url'])); } - elseif ($box == "sentbox" || $item['from-url'] != $profile_url){ - $recipient = api_get_user($a,$item['contact-id']); + elseif ($box == "sentbox" || $item['from-url'] == $profile_url){ + $recipient = api_get_user($a,normalise_link($item['contact-url'])); $sender = $user_info; - } + } $ret[]=api_format_messages($item, $recipient, $sender); } @@ -1911,11 +2582,265 @@ api_register_func('api/oauth/request_token', 'api_oauth_request_token', false); api_register_func('api/oauth/access_token', 'api_oauth_access_token', false); + + function api_fr_photos_list(&$a,$type) { + if (api_user()===false) return false; + $r = q("select distinct `resource-id` from photo where uid = %d and album != 'Contact Photos' ", + intval(local_user()) + ); + if($r) { + $ret = array(); + foreach($r as $rr) + $ret[] = $rr['resource-id']; + header("Content-type: application/json"); + echo json_encode($ret); + } + killme(); + } + + function api_fr_photo_detail(&$a,$type) { + if (api_user()===false) return false; + if(! $_REQUEST['photo_id']) return false; + $scale = ((array_key_exists('scale',$_REQUEST)) ? intval($_REQUEST['scale']) : 0); + $r = q("select * from photo where uid = %d and `resource-id` = '%s' and scale = %d limit 1", + intval(local_user()), + dbesc($_REQUEST['photo_id']), + intval($scale) + ); + if($r) { + header("Content-type: application/json"); + $r[0]['data'] = base64_encode($r[0]['data']); + echo json_encode($r[0]); + } + + killme(); + } + + api_register_func('api/friendica/photos/list', 'api_fr_photos_list', true); + api_register_func('api/friendica/photo', 'api_fr_photo_detail', true); + + + +function api_share_as_retweet(&$item) { + $body = trim($item["body"]); + + // Skip if it isn't a pure repeated messages + // Does it start with a share? + if (strpos($body, "[share") > 0) + return(false); + + // Does it end with a share? + if (strlen($body) > (strrpos($body, "[/share]") + 8)) + return(false); + + $attributes = preg_replace("/\[share(.*?)\]\s?(.*?)\s?\[\/share\]\s?/ism","$1",$body); + // Skip if there is no shared message in there + if ($body == $attributes) + return(false); + + $author = ""; + preg_match("/author='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") + $author = html_entity_decode($matches[1],ENT_QUOTES,'UTF-8'); + + preg_match('/author="(.*?)"/ism', $attributes, $matches); + if ($matches[1] != "") + $author = $matches[1]; + + $profile = ""; + preg_match("/profile='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") + $profile = $matches[1]; + + preg_match('/profile="(.*?)"/ism', $attributes, $matches); + if ($matches[1] != "") + $profile = $matches[1]; + + $avatar = ""; + preg_match("/avatar='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") + $avatar = $matches[1]; + + preg_match('/avatar="(.*?)"/ism', $attributes, $matches); + if ($matches[1] != "") + $avatar = $matches[1]; + + $link = ""; + preg_match("/link='(.*?)'/ism", $attributes, $matches); + if ($matches[1] != "") + $link = $matches[1]; + + preg_match('/link="(.*?)"/ism', $attributes, $matches); + if ($matches[1] != "") + $link = $matches[1]; + + $shared_body = preg_replace("/\[share(.*?)\]\s?(.*?)\s?\[\/share\]\s?/ism","$2",$body); + + if (($shared_body == "") OR ($profile == "") OR ($author == "") OR ($avatar == "")) + return(false); + + $item["body"] = $shared_body; + $item["author-name"] = $author; + $item["author-link"] = $profile; + $item["author-avatar"] = $avatar; + $item["plink"] = $link; + + return(true); + +} + +function api_get_nick($profile) { +/* To-Do: + - remove trailing jung from profile url + - pump.io check has to check the website +*/ + + $nick = ""; + + $friendica = preg_replace("=https?://(.*)/profile/(.*)=ism", "$2", $profile); + if ($friendica != $profile) + $nick = $friendica; + + if (!$nick == "") { + $diaspora = preg_replace("=https?://(.*)/u/(.*)=ism", "$2", $profile); + if ($diaspora != $profile) + $nick = $diaspora; + } + + if (!$nick == "") { + $twitter = preg_replace("=https?://twitter.com/(.*)=ism", "$1", $profile); + if ($twitter != $profile) + $nick = $twitter; + } + + + if (!$nick == "") { + $StatusnetHost = preg_replace("=https?://(.*)/user/(.*)=ism", "$1", $profile); + if ($StatusnetHost != $profile) { + $StatusnetUser = preg_replace("=https?://(.*)/user/(.*)=ism", "$2", $profile); + if ($StatusnetUser != $profile) { + $UserData = fetch_url("http://".$StatusnetHost."/api/users/show.json?user_id=".$StatusnetUser); + $user = json_decode($UserData); + if ($user) + $nick = $user->screen_name; + } + } + } + + // To-Do: look at the page if its really a pumpio site + //if (!$nick == "") { + // $pumpio = preg_replace("=https?://(.*)/(.*)/=ism", "$2", $profile."/"); + // if ($pumpio != $profile) + // $nick = $pumpio; + //
+ + //} + + if ($nick != "") { + q("UPDATE unique_contacts SET nick = '%s' WHERE url = '%s'", + dbesc($nick), dbesc(normalise_link($profile))); + return($nick); + } + + return(false); +} + +function api_clean_plain_items($Text) { + $include_entities = strtolower(x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:"false"); + + $Text = bb_CleanPictureLinks($Text); + + $URLSearchString = "^\[\]"; + + $Text = preg_replace("/([!#@])\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism",'$1$3',$Text); + + if ($include_entities == "true") { + $Text = preg_replace("/\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism",'[url=$1]$1[/url]',$Text); + } + + $Text = preg_replace_callback("((.*?)\[class=(.*?)\](.*?)\[\/class\])ism","api_cleanup_share",$Text); + return($Text); +} + +function api_cleanup_share($shared) { + if ($shared[2] != "type-link") + return($shared[0]); + + if (!preg_match_all("/\[bookmark\=([^\]]*)\](.*?)\[\/bookmark\]/ism",$shared[3], $bookmark)) + return($shared[0]); + + $title = ""; + $link = ""; + + if (isset($bookmark[2][0])) + $title = $bookmark[2][0]; + + if (isset($bookmark[1][0])) + $link = $bookmark[1][0]; + + if (strpos($shared[1],$title) !== false) + $title = ""; + + if (strpos($shared[1],$link) !== false) + $link = ""; + + $text = trim($shared[1]); + + //if (strlen($text) < strlen($title)) + if (($text == "") AND ($title != "")) + $text .= "\n\n".trim($title); + + if ($link != "") + $text .= "\n".trim($link); + + return(trim($text)); +} + +function api_best_nickname(&$contacts) { + $best_contact = array(); + + if (count($contact) == 0) + return; + + foreach ($contacts AS $contact) + if ($contact["network"] == "") { + $contact["network"] = "dfrn"; + $best_contact = array($contact); + } + + if (sizeof($best_contact) == 0) + foreach ($contacts AS $contact) + if ($contact["network"] == "dfrn") + $best_contact = array($contact); + + if (sizeof($best_contact) == 0) + foreach ($contacts AS $contact) + if ($contact["network"] == "dspr") + $best_contact = array($contact); + + if (sizeof($best_contact) == 0) + foreach ($contacts AS $contact) + if ($contact["network"] == "stat") + $best_contact = array($contact); + + if (sizeof($best_contact) == 0) + foreach ($contacts AS $contact) + if ($contact["network"] == "pump") + $best_contact = array($contact); + + if (sizeof($best_contact) == 0) + foreach ($contacts AS $contact) + if ($contact["network"] == "twit") + $best_contact = array($contact); + + if (sizeof($best_contact) == 1) + $contacts = $best_contact; + else + $contacts = array($contacts[0]); +} + /* Not implemented by now: -favorites -favorites/create -favorites/destroy statuses/retweets_of_me friendships/create friendships/destroy @@ -1939,4 +2864,3 @@ blocks/exists blocks/blocking lists */ -