X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fapi.php;h=d94cc2942ac071e7644f48857d590372fb2aa1b2;hb=d4644d73392f335a3cc488fbd8935068a567edcf;hp=1f58a6baae3e77a264789d754ebe95003bc1949e;hpb=3bbdbee87cecc9b8c387ea6df5754b6c960d0633;p=friendica.git

diff --git a/include/api.php b/include/api.php
index 1f58a6baae..d94cc2942a 100644
--- a/include/api.php
+++ b/include/api.php
@@ -55,7 +55,7 @@
 		// process normal login request
 
 		$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) 
-			AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
+			AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `verified` = 1 LIMIT 1",
 			dbesc(trim($user)),
 			dbesc(trim($user)),
 			dbesc($encrypted)
@@ -404,14 +404,6 @@
 		return $ret; 
 	}
 
-	/**
-	 * apply xmlify() to all values of array $val, recursively
-	 */
-	function api_xmlify($val){
-		if (is_bool($val)) return $val?"true":"false";
-		if (is_array($val)) return array_map('api_xmlify', $val);
-		return xmlify((string) $val);
-	}
 
 	/**
 	 *  load api $templatename for $type and replace $data array
@@ -424,7 +416,7 @@
 			case "atom":
 			case "rss":
 			case "xml":
-				$data = api_xmlify($data);
+				$data = array_xmlify($data);
 				$tpl = get_markup_template("api_".$templatename."_".$type.".tpl");
 				$ret = replace_macros($tpl, $data);
 				break;
@@ -466,6 +458,7 @@
 		}
 		return null;
 	}
+
 	// TODO - media uploads
 	function api_statuses_update(&$a, $type) {
 		if (local_user()===false) return false;
@@ -475,7 +468,28 @@
 
 		// logger('api_post: ' . print_r($_POST,true));
 
-		$_POST['body'] = urldecode(requestdata('status'));
+		if(requestdata('htmlstatus')) {
+			require_once('library/HTMLPurifier.auto.php');
+			require_once('include/html2bbcode.php');
+
+			$txt = requestdata('htmlstatus');
+			if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) {
+
+				$txt = html2bb_video($txt);
+
+				$config = HTMLPurifier_Config::createDefault();
+				$config->set('Cache.DefinitionImpl', null);
+
+
+				$purifier = new HTMLPurifier($config);
+				$txt = $purifier->purify($txt);
+
+				$_POST['body'] = html2bbcode($txt);
+			}
+
+		}
+		else
+			$_POST['body'] = urldecode(requestdata('status'));
 
 		$parent = requestdata('in_reply_to_status_id');
 		if(ctype_digit($parent))