X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fapi.php;h=ef738891265260e160172de6c9cdf0740b20a854;hb=bf35ff27d33bf73a4ba00582d6726d6f0ac3ec23;hp=a6a6b505004dffc338262b5fe0b88d3671d5587c;hpb=75c74e856290a712344ad6b4042ef07ef661d584;p=friendica.git diff --git a/include/api.php b/include/api.php index a6a6b50500..ef73889126 100644 --- a/include/api.php +++ b/include/api.php @@ -1,5 +1,22 @@ . + * * Friendica implementation of statusnet/twitter API * * @file include/api.php @@ -8,14 +25,10 @@ use Friendica\App; use Friendica\Content\ContactSelector; -use Friendica\Content\Feature; use Friendica\Content\Text\BBCode; use Friendica\Content\Text\HTML; -use Friendica\Core\Config; use Friendica\Core\Hook; -use Friendica\Core\L10n; use Friendica\Core\Logger; -use Friendica\Core\PConfig; use Friendica\Core\Protocol; use Friendica\Core\Session; use Friendica\Core\System; @@ -26,9 +39,10 @@ use Friendica\Model\Contact; use Friendica\Model\Group; use Friendica\Model\Item; use Friendica\Model\Mail; +use Friendica\Model\Notify; use Friendica\Model\Photo; -use Friendica\Model\Profile; use Friendica\Model\User; +use Friendica\Model\UserItem; use Friendica\Network\FKOAuth1; use Friendica\Network\HTTPException; use Friendica\Network\HTTPException\BadRequestException; @@ -65,11 +79,11 @@ $API = []; $called_api = []; /** + * Auth API user + * * It is not sufficient to use local_user() to check whether someone is allowed to use the API, * because this will open CSRF holes (just embed an image with src=friendicasite.com/api/statuses/update?status=CSRF * into a page, and visitors will post something without noticing it). - * - * @brief Auth API user */ function api_user() { @@ -81,13 +95,13 @@ function api_user() } /** + * Get source name from API client + * * Clients can send 'source' parameter to be show in post metadata * as "sent via ". * Some clients doesn't send a source param, we support ones we know * (only Twidere, atm) * - * @brief Get source name from API client - * * @return string * Client source name, default to "api" if unset/unknown * @throws Exception @@ -113,7 +127,7 @@ function api_source() } /** - * @brief Format date for API + * Format date for API * * @param string $str Source date, as UTC * @return string Date in UTC formatted as "D M d H:i:s +0000 Y" @@ -128,8 +142,6 @@ function api_date($str) /** * Register a function to be the endpoint for defined API path. * - * @brief Register API endpoint - * * @param string $path API URL path, relative to DI::baseUrl() * @param string $func Function name to call on path request * @param bool $auth API need logged user @@ -161,8 +173,6 @@ function api_register_func($path, $func, $auth = false, $method = API_METHOD_ANY * Log in user via OAuth1 or Simple HTTP Auth. * Simple Auth allow username in form of 
user@server
, ignoring server part * - * @brief Login API user - * * @param App $a App * @throws ForbiddenException * @throws InternalServerErrorException @@ -260,12 +270,12 @@ function api_login(App $a) } /** + * Check HTTP method of called API + * * API endpoints can define which HTTP method to accept when called. * This function check the current HTTP method agains endpoint * registered method. * - * @brief Check HTTP method of called API - * * @param string $method Required methods, uppercase, separated by comma * @return bool */ @@ -278,9 +288,9 @@ function api_check_method($method) } /** - * Authenticate user, call registered API function, set HTTP headers + * Main API entry point * - * @brief Main API entry point + * Authenticate user, call registered API function, set HTTP headers * * @param App $a App * @param App\Arguments $args The app arguments (optional, will retrieved by the DI-Container in case of missing) @@ -317,9 +327,7 @@ function api_call(App $a, App\Arguments $args = null) } $called_api = explode("/", $p); - //unset($_SERVER['PHP_AUTH_USER']); - /// @TODO should be "true ==[=] $info['auth']", if you miss only one = character, you assign a variable (only with ==). Let's make all this even. if (!empty($info['auth']) && api_user() === false) { api_login($a); } @@ -379,7 +387,7 @@ function api_call(App $a, App\Arguments $args = null) } /** - * @brief Format API error string + * Format API error string * * @param string $type Return type (xml, json, rss, as) * @param object $e HTTPException Error object @@ -417,7 +425,7 @@ function api_error($type, $e, App\Arguments $args) } /** - * @brief Set values for RSS template + * Set values for RSS template * * @param App $a * @param array $arr Array to be passed to template @@ -451,7 +459,7 @@ function api_rss_extra(App $a, $arr, $user_info) /** - * @brief Unique contact to contact url. + * Unique contact to contact url. * * @param int $id Contact id * @return bool|string @@ -470,7 +478,7 @@ function api_unique_id_to_nurl($id) } /** - * @brief Get user info array. + * Get user info array. * * @param App $a App * @param int|string $contact_id Contact ID or URL @@ -727,7 +735,7 @@ function api_get_user(App $a, $contact_id = null) if ($ret['self']) { $theme_info = DBA::selectFirst('user', ['theme'], ['uid' => $ret['uid']]); if ($theme_info['theme'] === 'frio') { - $schema = PConfig::get($ret['uid'], 'frio', 'schema'); + $schema = DI::pConfig()->get($ret['uid'], 'frio', 'schema'); if ($schema && ($schema != '---')) { if (file_exists('view/theme/frio/schema/'.$schema.'.php')) { @@ -735,9 +743,9 @@ function api_get_user(App $a, $contact_id = null) require_once $schemefile; } } else { - $nav_bg = PConfig::get($ret['uid'], 'frio', 'nav_bg'); - $link_color = PConfig::get($ret['uid'], 'frio', 'link_color'); - $bgcolor = PConfig::get($ret['uid'], 'frio', 'background_color'); + $nav_bg = DI::pConfig()->get($ret['uid'], 'frio', 'nav_bg'); + $link_color = DI::pConfig()->get($ret['uid'], 'frio', 'link_color'); + $bgcolor = DI::pConfig()->get($ret['uid'], 'frio', 'background_color'); } if (empty($nav_bg)) { $nav_bg = "#708fa0"; @@ -759,7 +767,7 @@ function api_get_user(App $a, $contact_id = null) } /** - * @brief return api-formatted array for item's author and owner + * return api-formatted array for item's author and owner * * @param App $a App * @param array $item item from db @@ -775,7 +783,7 @@ function api_item_get_user(App $a, $item) $author_user = $status_user; - $status_user["protected"] = $item['private'] ?? 0; + $status_user["protected"] = isset($item['private']) && ($item['private'] == Item::PRIVATE); if (($item['thr-parent'] ?? '') == ($item['uri'] ?? '')) { $owner_user = api_get_user($a, $item['owner-id'] ?? null); @@ -787,7 +795,7 @@ function api_item_get_user(App $a, $item) } /** - * @brief walks recursively through an array with the possibility to change value and key + * walks recursively through an array with the possibility to change value and key * * @param array $array The array to walk through * @param callable $callback The callback function @@ -815,7 +823,7 @@ function api_walk_recursive(array &$array, callable $callback) } /** - * @brief Callback function to transform the array in an array that can be transformed in a XML file + * Callback function to transform the array in an array that can be transformed in a XML file * * @param mixed $item Array item value * @param string $key Array key @@ -841,7 +849,7 @@ function api_reformat_xml(&$item, &$key) } /** - * @brief Creates the XML from a JSON style array + * Creates the XML from a JSON style array * * @param array $data JSON style array * @param string $root_element Name of the root element @@ -886,7 +894,7 @@ function api_create_xml(array $data, $root_element) } /** - * @brief Formats the data according to the data type + * Formats the data according to the data type * * @param string $root_element Name of the root element * @param string $type Return type (atom, rss, xml, json) @@ -930,7 +938,7 @@ function api_format_data($root_element, $type, $data) */ function api_account_verify_credentials($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -998,7 +1006,7 @@ function requestdata($k) */ function api_statuses_mediap($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { Logger::log('api_statuses_update: no user'); @@ -1052,7 +1060,7 @@ api_register_func('api/statuses/mediap', 'api_statuses_mediap', true, API_METHOD */ function api_statuses_update($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { Logger::log('api_statuses_update: no user'); @@ -1101,7 +1109,7 @@ function api_statuses_update($type) if (!$parent) { // Check for throttling (maximum posts per day, week and month) - $throttle_day = Config::get('system', 'throttle_limit_day'); + $throttle_day = DI::config()->get('system', 'throttle_limit_day'); if ($throttle_day > 0) { $datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60); @@ -1110,12 +1118,12 @@ function api_statuses_update($type) if ($posts_day > $throttle_day) { Logger::log('Daily posting limit reached for user '.api_user(), Logger::DEBUG); - // die(api_error($type, L10n::t("Daily posting limit of %d posts reached. The post was rejected.", $throttle_day)); - throw new TooManyRequestsException(L10n::tt("Daily posting limit of %d post reached. The post was rejected.", "Daily posting limit of %d posts reached. The post was rejected.", $throttle_day)); + // die(api_error($type, DI::l10n()->t("Daily posting limit of %d posts reached. The post was rejected.", $throttle_day)); + throw new TooManyRequestsException(DI::l10n()->tt("Daily posting limit of %d post reached. The post was rejected.", "Daily posting limit of %d posts reached. The post was rejected.", $throttle_day)); } } - $throttle_week = Config::get('system', 'throttle_limit_week'); + $throttle_week = DI::config()->get('system', 'throttle_limit_week'); if ($throttle_week > 0) { $datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60*7); @@ -1124,12 +1132,12 @@ function api_statuses_update($type) if ($posts_week > $throttle_week) { Logger::log('Weekly posting limit reached for user '.api_user(), Logger::DEBUG); - // die(api_error($type, L10n::t("Weekly posting limit of %d posts reached. The post was rejected.", $throttle_week))); - throw new TooManyRequestsException(L10n::tt("Weekly posting limit of %d post reached. The post was rejected.", "Weekly posting limit of %d posts reached. The post was rejected.", $throttle_week)); + // die(api_error($type, DI::l10n()->t("Weekly posting limit of %d posts reached. The post was rejected.", $throttle_week))); + throw new TooManyRequestsException(DI::l10n()->tt("Weekly posting limit of %d post reached. The post was rejected.", "Weekly posting limit of %d posts reached. The post was rejected.", $throttle_week)); } } - $throttle_month = Config::get('system', 'throttle_limit_month'); + $throttle_month = DI::config()->get('system', 'throttle_limit_month'); if ($throttle_month > 0) { $datefrom = date(DateTimeFormat::MYSQL, time() - 24*60*60*30); @@ -1138,8 +1146,8 @@ function api_statuses_update($type) if ($posts_month > $throttle_month) { Logger::log('Monthly posting limit reached for user '.api_user(), Logger::DEBUG); - // die(api_error($type, L10n::t("Monthly posting limit of %d posts reached. The post was rejected.", $throttle_month)); - throw new TooManyRequestsException(L10n::t("Monthly posting limit of %d post reached. The post was rejected.", "Monthly posting limit of %d posts reached. The post was rejected.", $throttle_month)); + // die(api_error($type, DI::l10n()->t("Monthly posting limit of %d posts reached. The post was rejected.", $throttle_month)); + throw new TooManyRequestsException(DI::l10n()->t("Monthly posting limit of %d post reached. The post was rejected.", "Monthly posting limit of %d posts reached. The post was rejected.", $throttle_month)); } } } @@ -1202,7 +1210,7 @@ api_register_func('api/statuses/update_with_media', 'api_statuses_update', true, */ function api_media_upload() { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { Logger::log('no user'); @@ -1257,7 +1265,7 @@ api_register_func('api/media/upload', 'api_media_upload', true, API_METHOD_POST) */ function api_media_metadata_create($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { Logger::info('no user'); @@ -1334,7 +1342,7 @@ function api_get_last_status($ownerId, $uid) 'author-id'=> $ownerId, 'uid' => $uid, 'gravity' => [GRAVITY_PARENT, GRAVITY_COMMENT], - 'private' => false + 'private' => [Item::PUBLIC, Item::UNLISTED] ]; $item = api_get_item($condition); @@ -1404,7 +1412,7 @@ api_register_func('api/externalprofile/show', 'api_users_show'); */ function api_users_search($type) { - $a = \get_app(); + $a = DI::app(); $userlist = []; @@ -1466,7 +1474,7 @@ function api_users_lookup($type) if (!empty($_REQUEST['user_id'])) { foreach (explode(',', $_REQUEST['user_id']) as $id) { if (!empty($id)) { - $users[] = api_get_user(get_app(), $id); + $users[] = api_get_user(DI::app(), $id); } } } @@ -1497,7 +1505,7 @@ api_register_func('api/users/lookup', 'api_users_lookup', true); */ function api_search($type) { - $a = \get_app(); + $a = DI::app(); $user_info = api_get_user($a); if (api_user() === false || $user_info === false) { @@ -1519,7 +1527,7 @@ function api_search($type) } elseif (!empty($_REQUEST['count'])) { $count = $_REQUEST['count']; } - + $since_id = $_REQUEST['since_id'] ?? 0; $max_id = $_REQUEST['max_id'] ?? 0; $page = $_REQUEST['page'] ?? 1; @@ -1555,7 +1563,7 @@ function api_search($type) $condition = [implode(' AND ', $preCondition)]; } else { - $condition = ["`id` > ? + $condition = ["`id` > ? " . ($exclude_replies ? " AND `id` = `parent` " : ' ') . " AND (`uid` = 0 OR (`uid` = ? AND NOT `global`)) AND `body` LIKE CONCAT('%',?,'%')", @@ -1611,7 +1619,7 @@ api_register_func('api/search', 'api_search', true); */ function api_statuses_home_timeline($type) { - $a = \get_app(); + $a = DI::app(); $user_info = api_get_user($a); if (api_user() === false || $user_info === false) { @@ -1704,7 +1712,7 @@ api_register_func('api/statuses/friends_timeline', 'api_statuses_home_timeline', */ function api_statuses_public_timeline($type) { - $a = \get_app(); + $a = DI::app(); $user_info = api_get_user($a); if (api_user() === false || $user_info === false) { @@ -1724,8 +1732,8 @@ function api_statuses_public_timeline($type) $start = max(0, ($page - 1) * $count); if ($exclude_replies && !$conversation_id) { - $condition = ["`gravity` IN (?, ?) AND `iid` > ? AND NOT `private` AND `wall` AND NOT `user`.`hidewall` AND NOT `author`.`hidden`", - GRAVITY_PARENT, GRAVITY_COMMENT, $since_id]; + $condition = ["`gravity` IN (?, ?) AND `iid` > ? AND `private` = ? AND `wall` AND NOT `author`.`hidden`", + GRAVITY_PARENT, GRAVITY_COMMENT, $since_id, Item::PUBLIC]; if ($max_id > 0) { $condition[0] .= " AND `thread`.`iid` <= ?"; @@ -1737,8 +1745,8 @@ function api_statuses_public_timeline($type) $r = Item::inArray($statuses); } else { - $condition = ["`gravity` IN (?, ?) AND `id` > ? AND NOT `private` AND `wall` AND NOT `user`.`hidewall` AND `item`.`origin` AND NOT `author`.`hidden`", - GRAVITY_PARENT, GRAVITY_COMMENT, $since_id]; + $condition = ["`gravity` IN (?, ?) AND `id` > ? AND `private` = ? AND `wall` AND `item`.`origin` AND NOT `author`.`hidden`", + GRAVITY_PARENT, GRAVITY_COMMENT, $since_id, Item::PUBLIC]; if ($max_id > 0) { $condition[0] .= " AND `item`.`id` <= ?"; @@ -1777,8 +1785,6 @@ api_register_func('api/statuses/public_timeline', 'api_statuses_public_timeline' /** * Returns the most recent statuses posted by users this node knows about. * - * @brief Returns the list of public federated posts this node knows about - * * @param string $type Return format: json, xml, atom, rss * @return array|string * @throws BadRequestException @@ -1789,7 +1795,7 @@ api_register_func('api/statuses/public_timeline', 'api_statuses_public_timeline' */ function api_statuses_networkpublic_timeline($type) { - $a = \get_app(); + $a = DI::app(); $user_info = api_get_user($a); if (api_user() === false || $user_info === false) { @@ -1805,8 +1811,8 @@ function api_statuses_networkpublic_timeline($type) $start = max(0, ($page - 1) * $count); - $condition = ["`uid` = 0 AND `gravity` IN (?, ?) AND `thread`.`iid` > ? AND NOT `private`", - GRAVITY_PARENT, GRAVITY_COMMENT, $since_id]; + $condition = ["`uid` = 0 AND `gravity` IN (?, ?) AND `thread`.`iid` > ? AND `private` = ?", + GRAVITY_PARENT, GRAVITY_COMMENT, $since_id, Item::PUBLIC]; if ($max_id > 0) { $condition[0] .= " AND `thread`.`iid` <= ?"; @@ -1850,7 +1856,7 @@ api_register_func('api/statuses/networkpublic_timeline', 'api_statuses_networkpu */ function api_statuses_show($type) { - $a = \get_app(); + $a = DI::app(); $user_info = api_get_user($a); if (api_user() === false || $user_info === false) { @@ -1929,7 +1935,7 @@ api_register_func('api/statuses/show', 'api_statuses_show', true); */ function api_conversation_show($type) { - $a = \get_app(); + $a = DI::app(); $user_info = api_get_user($a); if (api_user() === false || $user_info === false) { @@ -2011,7 +2017,7 @@ function api_statuses_repeat($type) { global $called_api; - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -2034,7 +2040,7 @@ function api_statuses_repeat($type) Logger::log('API: api_statuses_repeat: '.$id); $fields = ['body', 'title', 'attach', 'tag', 'author-name', 'author-link', 'author-avatar', 'guid', 'created', 'plink']; - $item = Item::selectFirst($fields, ['id' => $id, 'private' => false]); + $item = Item::selectFirst($fields, ['id' => $id, 'private' => [Item::PUBLIC, Item::UNLISTED]]); if (DBA::isResult($item) && $item['body'] != "") { if (strpos($item['body'], "[/share]") !== false) { @@ -2088,7 +2094,7 @@ api_register_func('api/statuses/retweet', 'api_statuses_repeat', true, API_METHO */ function api_statuses_destroy($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -2135,7 +2141,7 @@ api_register_func('api/statuses/destroy', 'api_statuses_destroy', true, API_METH */ function api_statuses_mentions($type) { - $a = \get_app(); + $a = DI::app(); $user_info = api_get_user($a); if (api_user() === false || $user_info === false) { @@ -2158,17 +2164,35 @@ function api_statuses_mentions($type) $start = max(0, ($page - 1) * $count); - $condition = ["`uid` = ? AND `gravity` IN (?, ?) AND `item`.`id` > ? AND `author-id` != ? AND `mention` - AND `item`.`parent` IN (SELECT `iid` FROM `thread` WHERE `thread`.`uid` = ? AND NOT `thread`.`ignored`)", - api_user(), GRAVITY_PARENT, GRAVITY_COMMENT, $since_id, $user_info['pid'], api_user()]; + $query = "SELECT `item`.`id` FROM `user-item` + INNER JOIN `item` ON `item`.`id` = `user-item`.`iid` AND `item`.`gravity` IN (?, ?) + WHERE (`user-item`.`hidden` IS NULL OR NOT `user-item`.`hidden`) AND + `user-item`.`uid` = ? AND `user-item`.`notification-type` & ? != 0 + AND `user-item`.`iid` > ?"; + $condition = [GRAVITY_PARENT, GRAVITY_COMMENT, api_user(), + UserItem::NOTIF_EXPLICIT_TAGGED | UserItem::NOTIF_IMPLICIT_TAGGED | + UserItem::NOTIF_THREAD_COMMENT | UserItem::NOTIF_DIRECT_COMMENT | + UserItem::NOTIF_DIRECT_THREAD_COMMENT, + $since_id]; if ($max_id > 0) { - $condition[0] .= " AND `item`.`id` <= ?"; + $query .= " AND `item`.`id` <= ?"; $condition[] = $max_id; } + $query .= " ORDER BY `user-item`.`iid` DESC LIMIT ?, ?"; + $condition[] = $start; + $condition[] = $count; + + $useritems = DBA::p($query, $condition); + $itemids = []; + while ($useritem = DBA::fetch($useritems)) { + $itemids[] = $useritem['id']; + } + DBA::close($useritems); + $params = ['order' => ['id' => true], 'limit' => [$start, $count]]; - $statuses = Item::selectForUser(api_user(), [], $condition, $params); + $statuses = Item::selectForUser(api_user(), [], ['id' => $itemids], $params); $ret = api_format_items(Item::inArray($statuses), $user_info, false, $type); @@ -2191,8 +2215,6 @@ api_register_func('api/statuses/replies', 'api_statuses_mentions', true); /** * Returns the most recent statuses posted by the user. * - * @brief Returns a user's public timeline - * * @param string $type Either "json" or "xml" * @return string|array * @throws BadRequestException @@ -2204,7 +2226,7 @@ api_register_func('api/statuses/replies', 'api_statuses_mentions', true); */ function api_statuses_user_timeline($type) { - $a = \get_app(); + $a = DI::app(); $user_info = api_get_user($a); if (api_user() === false || $user_info === false) { @@ -2288,7 +2310,7 @@ api_register_func('api/statuses/user_timeline', 'api_statuses_user_timeline', tr */ function api_favorites_create_destroy($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -2371,7 +2393,7 @@ function api_favorites($type) { global $called_api; - $a = \get_app(); + $a = DI::app(); $user_info = api_get_user($a); if (api_user() === false || $user_info === false) { @@ -2730,7 +2752,7 @@ function api_get_entitities(&$text, $bbcode) if ($image) { // If image cache is activated, then use the following sizes: // thumb (150), small (340), medium (600) and large (1024) - if (!Config::get("system", "proxy_disabled")) { + if (!DI::config()->get("system", "proxy_disabled")) { $media_url = ProxyUtils::proxifyUrl($url); $sizes = []; @@ -2794,7 +2816,7 @@ function api_format_items_embeded_images($item, $text) } /** - * @brief return name as array + * return name as array * * @param string $txt text * @return array @@ -2821,7 +2843,7 @@ function api_contactlink_to_array($txt) /** - * @brief return likes, dislikes and attend status for item + * return likes, dislikes and attend status for item * * @param array $item array * @param string $type Return type (atom, rss, xml, json) @@ -2836,7 +2858,7 @@ function api_contactlink_to_array($txt) */ function api_format_items_activities($item, $type = "json") { - $a = \get_app(); + $a = DI::app(); $activities = [ 'like' => [], @@ -2899,62 +2921,8 @@ function api_format_items_activities($item, $type = "json") return $activities; } - -/** - * @brief return data from profiles - * - * @param array $profile_row array containing data from db table 'profile' - * @return array - * @throws InternalServerErrorException - */ -function api_format_items_profiles($profile_row) -{ - $profile = [ - 'profile_id' => $profile_row['id'], - 'profile_name' => $profile_row['profile-name'], - 'is_default' => $profile_row['is-default'] ? true : false, - 'hide_friends' => $profile_row['hide-friends'] ? true : false, - 'profile_photo' => $profile_row['photo'], - 'profile_thumb' => $profile_row['thumb'], - 'publish' => $profile_row['publish'] ? true : false, - 'net_publish' => $profile_row['net-publish'] ? true : false, - 'description' => $profile_row['pdesc'], - 'date_of_birth' => $profile_row['dob'], - 'address' => $profile_row['address'], - 'city' => $profile_row['locality'], - 'region' => $profile_row['region'], - 'postal_code' => $profile_row['postal-code'], - 'country' => $profile_row['country-name'], - 'hometown' => $profile_row['hometown'], - 'gender' => $profile_row['gender'], - 'marital' => $profile_row['marital'], - 'marital_with' => $profile_row['with'], - 'marital_since' => $profile_row['howlong'], - 'sexual' => $profile_row['sexual'], - 'politic' => $profile_row['politic'], - 'religion' => $profile_row['religion'], - 'public_keywords' => $profile_row['pub_keywords'], - 'private_keywords' => $profile_row['prv_keywords'], - 'likes' => BBCode::convert(api_clean_plain_items($profile_row['likes']) , false, 2), - 'dislikes' => BBCode::convert(api_clean_plain_items($profile_row['dislikes']) , false, 2), - 'about' => BBCode::convert(api_clean_plain_items($profile_row['about']) , false, 2), - 'music' => BBCode::convert(api_clean_plain_items($profile_row['music']) , false, 2), - 'book' => BBCode::convert(api_clean_plain_items($profile_row['book']) , false, 2), - 'tv' => BBCode::convert(api_clean_plain_items($profile_row['tv']) , false, 2), - 'film' => BBCode::convert(api_clean_plain_items($profile_row['film']) , false, 2), - 'interest' => BBCode::convert(api_clean_plain_items($profile_row['interest']) , false, 2), - 'romance' => BBCode::convert(api_clean_plain_items($profile_row['romance']) , false, 2), - 'work' => BBCode::convert(api_clean_plain_items($profile_row['work']) , false, 2), - 'education' => BBCode::convert(api_clean_plain_items($profile_row['education']), false, 2), - 'social_networks' => BBCode::convert(api_clean_plain_items($profile_row['contact']) , false, 2), - 'homepage' => $profile_row['homepage'], - 'users' => null - ]; - return $profile; -} - /** - * @brief format items to be returned by api + * format items to be returned by api * * @param array $items array of items * @param array $user_info @@ -3037,7 +3005,7 @@ function api_format_item($item, $type = "json", $status_user = null, $author_use 'user' => $status_user, 'friendica_author' => $author_user, 'friendica_owner' => $owner_user, - 'friendica_private' => $item['private'] == 1, + 'friendica_private' => $item['private'] == Item::PRIVATE, //'entities' => NULL, 'statusnet_html' => $converted["html"], 'statusnet_conversation_id' => $item['parent'], @@ -3257,7 +3225,7 @@ api_register_func('api/lists/subscriptions', 'api_lists_list', true); */ function api_lists_ownerships($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -3306,7 +3274,7 @@ api_register_func('api/lists/ownerships', 'api_lists_ownerships', true); */ function api_lists_statuses($type) { - $a = \get_app(); + $a = DI::app(); $user_info = api_get_user($a); if (api_user() === false || $user_info === false) { @@ -3369,11 +3337,11 @@ function api_lists_statuses($type) api_register_func('api/lists/statuses', 'api_lists_statuses', true); /** + * Returns either the friends of the follower list + * * Considers friends and followers lists to be private and won't return * anything if any user_id parameter is passed. * - * @brief Returns either the friends of the follower list - * * @param string $qtype Either "friends" or "followers" * @return boolean|array * @throws BadRequestException @@ -3384,7 +3352,7 @@ api_register_func('api/lists/statuses', 'api_lists_statuses', true); */ function api_statuses_f($qtype) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -3460,9 +3428,7 @@ function api_statuses_f($qtype) /** - * Returns the user's friends. - * - * @brief Returns the list of friends of the provided user + * Returns the list of friends of the provided user * * @deprecated By Twitter API in favor of friends/list * @@ -3481,9 +3447,7 @@ function api_statuses_friends($type) } /** - * Returns the user's followers. - * - * @brief Returns the list of followers of the provided user + * Returns the list of followers of the provided user * * @deprecated By Twitter API in favor of friends/list * @@ -3567,15 +3531,15 @@ api_register_func('api/friendships/incoming', 'api_friendships_incoming', true); */ function api_statusnet_config($type) { - $name = Config::get('config', 'sitename'); + $name = DI::config()->get('config', 'sitename'); $server = DI::baseUrl()->getHostname(); $logo = DI::baseUrl() . '/images/friendica-64.png'; - $email = Config::get('config', 'admin_email'); - $closed = intval(Config::get('config', 'register_policy')) === \Friendica\Module\Register::CLOSED ? 'true' : 'false'; - $private = Config::get('system', 'block_public') ? 'true' : 'false'; - $textlimit = (string) Config::get('config', 'api_import_size', Config::get('config', 'max_import_size', 200000)); - $ssl = Config::get('system', 'have_ssl') ? 'true' : 'false'; - $sslserver = Config::get('system', 'have_ssl') ? str_replace('http:', 'https:', DI::baseUrl()) : ''; + $email = DI::config()->get('config', 'admin_email'); + $closed = intval(DI::config()->get('config', 'register_policy')) === \Friendica\Module\Register::CLOSED ? 'true' : 'false'; + $private = DI::config()->get('system', 'block_public') ? 'true' : 'false'; + $textlimit = (string) DI::config()->get('config', 'api_import_size', DI::config()->get('config', 'max_import_size', 200000)); + $ssl = DI::config()->get('system', 'have_ssl') ? 'true' : 'false'; + $sslserver = DI::config()->get('system', 'have_ssl') ? str_replace('http:', 'https:', DI::baseUrl()) : ''; $config = [ 'site' => ['name' => $name,'server' => $server, 'theme' => 'default', 'path' => '', @@ -3636,7 +3600,7 @@ function api_ff_ids($type, int $rel) throw new ForbiddenException(); } - $a = \get_app(); + $a = DI::app(); api_get_user($a); @@ -3723,7 +3687,7 @@ api_register_func('api/followers/ids', 'api_followers_ids', true); */ function api_direct_messages_new($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -3800,9 +3764,7 @@ function api_direct_messages_new($type) api_register_func('api/direct_messages/new', 'api_direct_messages_new', true, API_METHOD_POST); /** - * Destroys a direct message. - * - * @brief delete a direct_message from mail table through api + * delete a direct_message from mail table through api * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @return string|array @@ -3815,7 +3777,7 @@ api_register_func('api/direct_messages/new', 'api_direct_messages_new', true, AP */ function api_direct_messages_destroy($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -3888,8 +3850,6 @@ api_register_func('api/direct_messages/destroy', 'api_direct_messages_destroy', /** * Unfollow Contact * - * @brief unfollow contact - * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @return string|array * @throws BadRequestException @@ -3983,7 +3943,7 @@ api_register_func('api/friendships/destroy', 'api_friendships_destroy', true, AP */ function api_direct_messages_box($type, $box, $verbose) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); } @@ -4185,7 +4145,7 @@ api_register_func('api/oauth/access_token', 'api_oauth_access_token', false); /** - * @brief delete a complete photoalbum with all containing photos from database through api + * delete a complete photoalbum with all containing photos from database through api * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @return string|array @@ -4240,7 +4200,7 @@ function api_fr_photoalbum_delete($type) } /** - * @brief update the name of the album for all photos of an album + * update the name of the album for all photos of an album * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @return string|array @@ -4282,7 +4242,7 @@ function api_fr_photoalbum_update($type) /** - * @brief list all photos of the authenticated user + * list all photos of the authenticated user * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @return string|array @@ -4330,7 +4290,7 @@ function api_fr_photos_list($type) } /** - * @brief upload a new photo or change an existing photo + * upload a new photo or change an existing photo * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @return string|array @@ -4469,7 +4429,7 @@ function api_fr_photo_create_update($type) } /** - * @brief delete a single photo from the database through api + * delete a single photo from the database through api * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @return string|array @@ -4522,7 +4482,7 @@ function api_fr_photo_delete($type) /** - * @brief returns the details of a specified photo id, if scale is given, returns the photo data in base 64 + * returns the details of a specified photo id, if scale is given, returns the photo data in base 64 * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @return string|array @@ -4551,9 +4511,7 @@ function api_fr_photo_detail($type) /** - * Updates the user’s profile image. - * - * @brief updates the profile image for the user (either a specified profile or the default profile) + * updates the profile image for the user (either a specified profile or the default profile) * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @@ -4598,7 +4556,7 @@ function api_account_update_profile_image($type) $media = $_FILES['media']; } // save new profile image - $data = save_media_to_database("profileimage", $media, $type, L10n::t('Profile Photos'), "", "", "", "", "", $is_default_profile); + $data = save_media_to_database("profileimage", $media, $type, DI::l10n()->t('Profile Photos'), "", "", "", "", "", $is_default_profile); // get filetype if (is_array($media['type'])) { @@ -4627,8 +4585,8 @@ function api_account_update_profile_image($type) Contact::updateSelfFromUserID(api_user(), true); // Update global directory in background - $url = DI::baseUrl() . '/profile/' . \get_app()->user['nickname']; - if ($url && strlen(Config::get('system', 'directory'))) { + $url = DI::baseUrl() . '/profile/' . DI::app()->user['nickname']; + if ($url && strlen(DI::config()->get('system', 'directory'))) { Worker::add(PRIORITY_LOW, "Directory", $url); } @@ -4668,7 +4626,7 @@ api_register_func('api/account/update_profile_image', 'api_account_update_profil function api_account_update_profile($type) { $local_user = api_user(); - $api_user = api_get_user(get_app()); + $api_user = api_get_user(DI::app()); if (!empty($_POST['name'])) { DBA::update('profile', ['name' => $_POST['name']], ['uid' => $local_user]); @@ -4685,7 +4643,7 @@ function api_account_update_profile($type) Worker::add(PRIORITY_LOW, 'ProfileUpdate', $local_user); // Update global directory in background - if ($api_user['url'] && strlen(Config::get('system', 'directory'))) { + if ($api_user['url'] && strlen(DI::config()->get('system', 'directory'))) { Worker::add(PRIORITY_LOW, "Directory", $api_user['url']); } @@ -4793,7 +4751,7 @@ function save_media_to_database($mediatype, $media, $type, $album, $allow_cid, $ throw new InternalServerErrorException("image size exceeds PHP config settings, file was rejected by server"); } // check against max upload size within Friendica instance - $maximagesize = Config::get('system', 'maximagesize'); + $maximagesize = DI::config()->get('system', 'maximagesize'); if ($maximagesize && ($filesize > $maximagesize)) { $formattedBytes = Strings::formatBytes($maximagesize); throw new InternalServerErrorException("image size exceeds Friendica config setting (uploaded size: $formattedBytes)"); @@ -4811,7 +4769,7 @@ function save_media_to_database($mediatype, $media, $type, $album, $allow_cid, $ @unlink($src); // check max length of images on server - $max_length = Config::get('system', 'max_image_length'); + $max_length = DI::config()->get('system', 'max_image_length'); if (!$max_length) { $max_length = MAX_IMAGE_LENGTH; } @@ -4963,7 +4921,7 @@ function post_photo_item($hash, $allow_cid, $deny_cid, $allow_gid, $deny_gid, $f */ function prepare_photo_data($type, $scale, $photo_id) { - $a = \get_app(); + $a = DI::app(); $user_info = api_get_user($a); if ($user_info === false) { @@ -5029,6 +4987,9 @@ function prepare_photo_data($type, $scale, $photo_id) // retrieve item element for getting activities (like, dislike etc.) related to photo $condition = ['uid' => local_user(), 'resource-id' => $photo_id, 'type' => 'photo']; $item = Item::selectFirstForUser(local_user(), ['id'], $condition); + if (!DBA::isResult($item)) { + throw new NotFoundException('Photo-related item not found.'); + } $data['photo']['friendica_activities'] = api_format_items_activities($item, $type); @@ -5162,7 +5123,7 @@ function api_get_announce($item) } /** - * @brief Return the item shared, if the item contains only the [share] tag + * Return the item shared, if the item contains only the [share] tag * * @param array $item Sharer item * @return array|false Shared item or false if not a reshare @@ -5391,7 +5352,7 @@ function api_best_nickname(&$contacts) */ function api_friendica_group_show($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -5461,7 +5422,7 @@ api_register_func('api/friendica/group_show', 'api_friendica_group_show', true); */ function api_friendica_group_delete($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -5528,7 +5489,7 @@ api_register_func('api/friendica/group_delete', 'api_friendica_group_delete', tr */ function api_lists_destroy($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -5650,7 +5611,7 @@ function group_create($name, $uid, $users = []) */ function api_friendica_group_create($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -5684,7 +5645,7 @@ api_register_func('api/friendica/group_create', 'api_friendica_group_create', tr */ function api_lists_create($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -5723,7 +5684,7 @@ api_register_func('api/lists/create', 'api_lists_create', true, API_METHOD_POST) */ function api_friendica_group_update($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -5802,7 +5763,7 @@ api_register_func('api/friendica/group_update', 'api_friendica_group_update', tr */ function api_lists_update($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -5852,7 +5813,7 @@ api_register_func('api/lists/update', 'api_lists_update', true, API_METHOD_POST) */ function api_friendica_activity($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -5862,7 +5823,7 @@ function api_friendica_activity($type) $id = $_REQUEST['id'] ?? 0; - $res = Item::performLike($id, $verb); + $res = Item::performActivity($id, $verb); if ($res) { if ($type == "xml") { @@ -5889,17 +5850,18 @@ api_register_func('api/friendica/activity/unattendno', 'api_friendica_activity', api_register_func('api/friendica/activity/unattendmaybe', 'api_friendica_activity', true, API_METHOD_POST); /** - * @brief Returns notifications + * Returns notifications * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' + * * @return string|array - * @throws BadRequestException * @throws ForbiddenException - * @throws InternalServerErrorException + * @throws BadRequestException + * @throws Exception */ function api_friendica_notification($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -5907,25 +5869,31 @@ function api_friendica_notification($type) if ($a->argc!==3) { throw new BadRequestException("Invalid argument count"); } - $notes = DI::notify()->getAll([], ['seen' => 'ASC', 'date' => 'DESC'], 50); + + $notifications = DI::notification()->getApiList(local_user()); if ($type == "xml") { - $xmlnotes = []; - if (!empty($notes)) { - foreach ($notes as $note) { - $xmlnotes[] = ["@attributes" => $note]; + $xmlnotes = false; + if (!empty($notifications)) { + foreach ($notifications as $notification) { + $xmlnotes[] = ["@attributes" => $notification->toArray()]; } } - $notes = $xmlnotes; + $result = $xmlnotes; + } elseif (count($notifications) > 0) { + $result = $notifications->getArrayCopy(); + } else { + $result = false; } - return api_format_data("notes", $type, ['note' => $notes]); + + return api_format_data("notes", $type, ['note' => $result]); } /** - * POST request with 'id' param as notification id + * Set notification as seen and returns associated item (if possible) * - * @brief Set notification as seen and returns associated item (if possible) + * POST request with 'id' param as notification id * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @return string|array @@ -5937,37 +5905,38 @@ function api_friendica_notification($type) */ function api_friendica_notification_seen($type) { - $a = \get_app(); + $a = DI::app(); $user_info = api_get_user($a); if (api_user() === false || $user_info === false) { throw new ForbiddenException(); } - if ($a->argc!==4) { + if ($a->argc !== 4) { throw new BadRequestException("Invalid argument count"); } $id = (!empty($_REQUEST['id']) ? intval($_REQUEST['id']) : 0); - $nm = DI::notify(); - $note = $nm->getByID($id); - if (is_null($note)) { - throw new BadRequestException("Invalid argument"); - } - - $nm->setSeen($note); - if ($note['otype']=='item') { - // would be really better with an ItemsManager and $im->getByID() :-P - $item = Item::selectFirstForUser(api_user(), [], ['id' => $note['iid'], 'uid' => api_user()]); - if (DBA::isResult($item)) { - // we found the item, return it to the user - $ret = api_format_items([$item], $user_info, false, $type); - $data = ['status' => $ret]; - return api_format_data("status", $type, $data); + try { + $notify = DI::notify()->getByID($id, api_user()); + DI::notify()->setSeen(true, $notify); + + if ($notify->otype === Notify\ObjectType::ITEM) { + $item = Item::selectFirstForUser(api_user(), [], ['id' => $notify->iid, 'uid' => api_user()]); + if (DBA::isResult($item)) { + // we found the item, return it to the user + $ret = api_format_items([$item], $user_info, false, $type); + $data = ['status' => $ret]; + return api_format_data("status", $type, $data); + } + // the item can't be found, but we set the notification as seen, so we count this as a success } - // the item can't be found, but we set the note as seen, so we count this as a success + return api_format_data('result', $type, ['result' => "success"]); + } catch (NotFoundException $e) { + throw new BadRequestException('Invalid argument', $e); + } catch (Exception $e) { + throw new InternalServerErrorException('Internal Server exception', $e); } - return api_format_data('result', $type, ['result' => "success"]); } /// @TODO move to top of file or somewhere better @@ -5975,7 +5944,7 @@ api_register_func('api/friendica/notification/seen', 'api_friendica_notification api_register_func('api/friendica/notification', 'api_friendica_notification', true, API_METHOD_GET); /** - * @brief update a direct_message to seen state + * update a direct_message to seen state * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @return string|array (success result=ok, error result=error with error message) @@ -5987,7 +5956,7 @@ api_register_func('api/friendica/notification', 'api_friendica_notification', tr */ function api_friendica_direct_messages_setseen($type) { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); } @@ -6026,7 +5995,7 @@ function api_friendica_direct_messages_setseen($type) api_register_func('api/friendica/direct_messages_setseen', 'api_friendica_direct_messages_setseen', true); /** - * @brief search for direct_messages containing a searchstring through api + * search for direct_messages containing a searchstring through api * * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' * @param string $box @@ -6041,7 +6010,7 @@ api_register_func('api/friendica/direct_messages_setseen', 'api_friendica_direct */ function api_friendica_direct_messages_search($type, $box = "") { - $a = \get_app(); + $a = DI::app(); if (api_user() === false) { throw new ForbiddenException(); @@ -6096,78 +6065,6 @@ function api_friendica_direct_messages_search($type, $box = "") /// @TODO move to top of file or somewhere better api_register_func('api/friendica/direct_messages_search', 'api_friendica_direct_messages_search', true); -/** - * @brief return data of all the profiles a user has to the client - * - * @param string $type Known types are 'atom', 'rss', 'xml' and 'json' - * @return string|array - * @throws BadRequestException - * @throws ForbiddenException - * @throws ImagickException - * @throws InternalServerErrorException - * @throws UnauthorizedException - */ -function api_friendica_profile_show($type) -{ - $a = \get_app(); - - if (api_user() === false) { - throw new ForbiddenException(); - } - - // input params - $profile_id = $_REQUEST['profile_id'] ?? 0; - - // retrieve general information about profiles for user - $multi_profiles = Feature::isEnabled(api_user(), 'multi_profiles'); - $directory = Config::get('system', 'directory'); - - // get data of the specified profile id or all profiles of the user if not specified - if ($profile_id != 0) { - $r = Profile::getById(api_user(), $profile_id); - // error message if specified gid is not in database - if (!DBA::isResult($r)) { - throw new BadRequestException("profile_id not available"); - } - } else { - $r = Profile::getListByUser(api_user()); - } - // loop through all returned profiles and retrieve data and users - $k = 0; - $profiles = []; - if (DBA::isResult($r)) { - foreach ($r as $rr) { - $profile = api_format_items_profiles($rr); - - // select all users from contact table, loop and prepare standard return for user data - $users = []; - $nurls = Contact::selectToArray(['id', 'nurl'], ['uid' => api_user(), 'profile-id' => $rr['id']]); - foreach ($nurls as $nurl) { - $user = api_get_user($a, $nurl['nurl']); - ($type == "xml") ? $users[$k++ . ":user"] = $user : $users[] = $user; - } - $profile['users'] = $users; - - // add prepared profile data to array for final return - if ($type == "xml") { - $profiles[$k++ . ":profile"] = $profile; - } else { - $profiles[] = $profile; - } - } - } - - // return settings, authenticated user and profiles data - $self = DBA::selectFirst('contact', ['nurl'], ['uid' => api_user(), 'self' => true]); - - $result = ['multi_profiles' => $multi_profiles ? true : false, - 'global_dir' => $directory, - 'friendica_owner' => api_get_user($a, $self['nurl']), - 'profiles' => $profiles]; - return api_format_data("friendica_profiles", $type, ['$result' => $result]); -} -api_register_func('api/friendica/profile/show', 'api_friendica_profile_show', true, API_METHOD_GET); - /** * Returns a list of saved searches. * @@ -6203,9 +6100,9 @@ function api_saved_searches_list($type) api_register_func('api/saved_searches/list', 'api_saved_searches_list', true); /* - * Bind comment numbers(friendica_comments: Int) on each statuses page of *_timeline / favorites / search + * Number of comments * - * @brief Number of comments + * Bind comment numbers(friendica_comments: Int) on each statuses page of *_timeline / favorites / search * * @param object $data [Status, Status] *