-- common_element('h3', NULL, _('Twitter Friends'));
-- common_element_start('div', array('id' => 'subscriptions'));
-- common_element_start('ul', array('id' => 'subscriptions_avatars'));
-+ common_element('h3', NULL, _('Twitter Friends'));
-+ common_element_start('div', array('id' => 'subscriptions'));
-+ common_element_start('ul', array('id' => 'subscriptions_avatars'));
-hunk ./actions/twittersettings.php 133
-- for ($i = 0; $i < min($friends_count, SUBSCRIPTIONS); $i++) {
-+ for ($i = 0; $i < min($friends_count, SUBSCRIPTIONS); $i++) {
-hunk ./actions/twittersettings.php 135
-- $other = Profile::staticGet($friends[$i]->id);
-+ $other = Profile::staticGet($friends[$i]->id);
-hunk ./actions/twittersettings.php 137
-- if (!$other) {
-- common_log_db_error($subs, 'SELECT', __FILE__);
-- continue;
-- }
-+ if (!$other) {
-+ common_log_db_error($subs, 'SELECT', __FILE__);
-+ continue;
-+ }
-hunk ./actions/twittersettings.php 142
-- common_element_start('li');
-- common_element_start('a', array('title' => ($other->fullname) ?
-- $other->fullname :
-- $other->nickname,
-- 'href' => $other->profileurl,
-- 'rel' => 'contact',
-- 'class' => 'subscription'));
-- $avatar = $other->getAvatar(AVATAR_MINI_SIZE);
-- common_element('img', array('src' => (($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_MINI_SIZE)),
-- 'width' => AVATAR_MINI_SIZE,
-- 'height' => AVATAR_MINI_SIZE,
-- 'class' => 'avatar mini',
-- 'alt' => ($other->fullname) ?
-- $other->fullname :
-- $other->nickname));
-- common_element_end('a');
-- common_element_end('li');
-+ common_element_start('li');
-+ common_element_start('a', array('title' => ($other->fullname) ?
-+ $other->fullname :
-+ $other->nickname,
-+ 'href' => $other->profileurl,
-+ 'rel' => 'contact',
-+ 'class' => 'subscription'));
-+ $avatar = $other->getAvatar(AVATAR_MINI_SIZE);
-+ common_element('img', array('src' => (($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_MINI_SIZE)),
-+ 'width' => AVATAR_MINI_SIZE,
-+ 'height' => AVATAR_MINI_SIZE,
-+ 'class' => 'avatar mini',
-+ 'alt' => ($other->fullname) ?
-+ $other->fullname :
-+ $other->nickname));
-+ common_element_end('a');
-+ common_element_end('li');
-hunk ./actions/twittersettings.php 160
-- }
-+ }
-hunk ./actions/twittersettings.php 162
-- common_element_end('ul');
-- common_element_end('div');
-+ common_element_end('ul');
-+ common_element_end('div');
-hunk ./actions/twittersettings.php 165
-- }
-+ }
-hunk ./actions/twittersettings.php 167
-- // XXX Figure out a way to show all Twitter friends... ?
-+ // XXX Figure out a way to show all Twitter friends... ?
-hunk ./actions/twittersettings.php 169
-- /*
-- if ($subs_count > SUBSCRIPTIONS) {
-- common_element_start('p', array('id' => 'subscriptions_viewall'));
-+ /*
-+ if ($subs_count > SUBSCRIPTIONS) {
-+ common_element_start('p', array('id' => 'subscriptions_viewall'));
-hunk ./actions/twittersettings.php 173
-- common_element('a', array('href' => common_local_url('subscriptions',
-- array('nickname' => $profile->nickname)),
-- 'class' => 'moresubscriptions'),
-- _('All subscriptions'));
-- common_element_end('p');
-- }
-- */
-+ common_element('a', array('href' => common_local_url('subscriptions',
-+ array('nickname' => $profile->nickname)),
-+ 'class' => 'moresubscriptions'),
-+ _('All subscriptions'));
-+ common_element_end('p');
-+ }
-+ */
-hunk ./actions/twittersettings.php 181
-- }
-+ }
-hunk ./actions/twittersettings.php 183
-- function handle_post() {
-+ function handle_post() {
-hunk ./actions/twittersettings.php 185
-- # CSRF protection
-- $token = $this->trimmed('token');
-- if (!$token || $token != common_session_token()) {
-- $this->show_form(_('There was a problem with your session token. Try again, please.'));
-- return;
-- }
-+ # CSRF protection
-+ $token = $this->trimmed('token');
-+ if (!$token || $token != common_session_token()) {
-+ $this->show_form(_('There was a problem with your session token. Try again, please.'));
-+ return;
-+ }
-hunk ./actions/twittersettings.php 192
-- if ($this->arg('save')) {
-- $this->save_preferences();
-- } else if ($this->arg('add')) {
-- $this->add_twitter_acct();
-- } else if ($this->arg('remove')) {
-- $this->remove_twitter_acct();
-- } else {
-- $this->show_form(_('Unexpected form submission.'));
-- }
-- }
-+ if ($this->arg('save')) {
-+ $this->save_preferences();
-+ } else if ($this->arg('add')) {
-+ $this->add_twitter_acct();
-+ } else if ($this->arg('remove')) {
-+ $this->remove_twitter_acct();
-+ } else {
-+ $this->show_form(_('Unexpected form submission.'));
-+ }
-+ }
-hunk ./actions/twittersettings.php 203
-- function add_twitter_acct() {
-+ function add_twitter_acct() {
-hunk ./actions/twittersettings.php 205
-- $screen_name = $this->trimmed('twitter_username');
-- $password = $this->trimmed('twitter_password');
-- $noticesync = $this->boolean('noticesync');
-- $replysync = $this->boolean('replysync');
-- $friendsync = $this->boolean('friendsync');
-+ $screen_name = $this->trimmed('twitter_username');
-+ $password = $this->trimmed('twitter_password');
-+ $noticesync = $this->boolean('noticesync');
-+ $replysync = $this->boolean('replysync');
-+ $friendsync = $this->boolean('friendsync');
-hunk ./actions/twittersettings.php 211
-- if (!Validate::string($screen_name,
-- array( 'min_length' => 1,
-- 'max_length' => 15,
-- 'format' => VALIDATE_NUM . VALIDATE_ALPHA . '_'))) {
-- $this->show_form(
-- _('Username must have only numbers, upper- and lowercase letters, and underscore (_). 15 chars max.'));
-- return;
-- }
-+ if (!Validate::string($screen_name,
-+ array( 'min_length' => 1,
-+ 'max_length' => 15,
-+ 'format' => VALIDATE_NUM . VALIDATE_ALPHA . '_'))) {
-+ $this->show_form(
-+ _('Username must have only numbers, upper- and lowercase letters, and underscore (_). 15 chars max.'));
-+ return;
-+ }
-hunk ./actions/twittersettings.php 220
-- if (!$this->verify_credentials($screen_name, $password)) {
-- $this->show_form(_('Could not verify your Twitter credentials!'));
-- return;
-- }
-+ if (!$this->verify_credentials($screen_name, $password)) {
-+ $this->show_form(_('Could not verify your Twitter credentials!'));
-+ return;
-+ }
-hunk ./actions/twittersettings.php 225
-- $twit_user = twitter_user_info($screen_name, $password);
-+ $twit_user = twitter_user_info($screen_name, $password);
-hunk ./actions/twittersettings.php 227
-- if (!$twit_user) {
-- $this->show_form(sprintf(_('Unable to retrieve account information for "%s" from Twitter.'),
-- $screen_name));
-- return;
-- }
-+ if (!$twit_user) {
-+ $this->show_form(sprintf(_('Unable to retrieve account information for "%s" from Twitter.'),
-+ $screen_name));
-+ return;
-+ }
-hunk ./actions/twittersettings.php 233
-- if (!save_twitter_user($twit_user->id, $screen_name)) {
-- $this->show_form(_('Unable to save your Twitter settings!'));
-- return;
-- }
-+ if (!save_twitter_user($twit_user->id, $screen_name)) {
-+ $this->show_form(_('Unable to save your Twitter settings!'));
-+ return;
-+ }
-hunk ./actions/twittersettings.php 238
-- $user = common_current_user();
-+ $user = common_current_user();
-hunk ./actions/twittersettings.php 240
-- $flink = DB_DataObject::factory('foreign_link');
-- $flink->user_id = $user->id;
-- $flink->foreign_id = $twit_user->id;
-- $flink->service = 1; // Twitter
-- $flink->credentials = $password;
-- $flink->created = common_sql_now();
-+ $flink = DB_DataObject::factory('foreign_link');
-+ $flink->user_id = $user->id;
-+ $flink->foreign_id = $twit_user->id;
-+ $flink->service = 1; // Twitter
-+ $flink->credentials = $password;
-+ $flink->created = common_sql_now();
-hunk ./actions/twittersettings.php 247
-- $this->set_flags($flink, $noticesync, $replysync, $friendsync);
-+ $this->set_flags($flink, $noticesync, $replysync, $friendsync);
-hunk ./actions/twittersettings.php 249
-- $flink_id = $flink->insert();
-+ $flink_id = $flink->insert();
-hunk ./actions/twittersettings.php 251
-- if (!$flink_id) {
-- common_log_db_error($flink, 'INSERT', __FILE__);
-- $this->show_form(_('Unable to save your Twitter settings!'));
-- return;
-- }
-+ if (!$flink_id) {
-+ common_log_db_error($flink, 'INSERT', __FILE__);
-+ $this->show_form(_('Unable to save your Twitter settings!'));
-+ return;
-+ }
-hunk ./actions/twittersettings.php 257
-- if ($friendsync) {
-- save_twitter_friends($user, $twit_user->id, $screen_name, $password);
-- }
-+ if ($friendsync) {
-+ save_twitter_friends($user, $twit_user->id, $screen_name, $password);
-+ }
-hunk ./actions/twittersettings.php 261
-- $this->show_form(_('Twitter settings saved.'), true);
-- }
-+ $this->show_form(_('Twitter settings saved.'), true);
-+ }
-hunk ./actions/twittersettings.php 264
-- function remove_twitter_acct() {
-+ function remove_twitter_acct() {
-hunk ./actions/twittersettings.php 266
-- $user = common_current_user();
-- $flink = Foreign_link::getByUserID($user->id, 1);
-- $flink_foreign_id = $this->arg('flink_foreign_id');
-+ $user = common_current_user();
-+ $flink = Foreign_link::getByUserID($user->id, 1);
-+ $flink_foreign_id = $this->arg('flink_foreign_id');
-hunk ./actions/twittersettings.php 270
-- # Maybe an old tab open...?
-- if ($flink->foreign_id != $flink_foreign_id) {
-- $this->show_form(_('That is not your Twitter account.'));
-- return;
-- }
-+ # Maybe an old tab open...?
-+ if ($flink->foreign_id != $flink_foreign_id) {
-+ $this->show_form(_('That is not your Twitter account.'));
-+ return;
-+ }
-hunk ./actions/twittersettings.php 276
-- $result = $flink->delete();
-+ $result = $flink->delete();
-hunk ./actions/twittersettings.php 278
-- if (!$result) {
-- common_log_db_error($flink, 'DELETE', __FILE__);
-- common_server_error(_('Couldn\'t remove Twitter user.'));
-- return;
-- }
-+ if (!$result) {
-+ common_log_db_error($flink, 'DELETE', __FILE__);
-+ common_server_error(_('Couldn\'t remove Twitter user.'));
-+ return;
-+ }
-hunk ./actions/twittersettings.php 284
-- $this->show_form(_('Twitter account removed.'), TRUE);
-- }
-+ $this->show_form(_('Twitter account removed.'), TRUE);
-+ }
-hunk ./actions/twittersettings.php 287
-- function save_preferences() {
-+ function save_preferences() {
-hunk ./actions/twittersettings.php 289
-- $noticesync = $this->boolean('noticesync');
-- $friendsync = $this->boolean('friendsync');
-- $replysync = $this->boolean('replysync');
-+ $noticesync = $this->boolean('noticesync');
-+ $friendsync = $this->boolean('friendsync');
-+ $replysync = $this->boolean('replysync');
-hunk ./actions/twittersettings.php 293
-- $user = common_current_user();
-+ $user = common_current_user();
-hunk ./actions/twittersettings.php 295
-- $flink = Foreign_link::getByUserID($user->id, 1);
-+ $flink = Foreign_link::getByUserID($user->id, 1);
-hunk ./actions/twittersettings.php 297
-- if (!$flink) {
-- common_log_db_error($flink, 'SELECT', __FILE__);
-- $this->show_form(_('Couldn\'t save Twitter preferences.'));
-- return;
-- }
-+ if (!$flink) {
-+ common_log_db_error($flink, 'SELECT', __FILE__);
-+ $this->show_form(_('Couldn\'t save Twitter preferences.'));
-+ return;
-+ }
-hunk ./actions/twittersettings.php 303
-- $twitter_id = $flink->foreign_id;
-- $password = $flink->credentials;
-+ $twitter_id = $flink->foreign_id;
-+ $password = $flink->credentials;
-hunk ./actions/twittersettings.php 306
-- $fuser = $flink->getForeignUser();
-+ $fuser = $flink->getForeignUser();
-hunk ./actions/twittersettings.php 308
-- if (!$fuser) {
-- common_log_db_error($fuser, 'SELECT', __FILE__);
-- $this->show_form(_('Couldn\'t save Twitter preferences.'));
-- return;
-- }
-+ if (!$fuser) {
-+ common_log_db_error($fuser, 'SELECT', __FILE__);
-+ $this->show_form(_('Couldn\'t save Twitter preferences.'));
-+ return;
-+ }
-hunk ./actions/twittersettings.php 314
-- $screen_name = $fuser->nickname;
-+ $screen_name = $fuser->nickname;
-hunk ./actions/twittersettings.php 316
-- $original = clone($flink);
-- $this->set_flags($flink, $noticesync, $replysync, $friendsync);
-- $result = $flink->update($original);
-+ $original = clone($flink);
-+ $this->set_flags($flink, $noticesync, $replysync, $friendsync);
-+ $result = $flink->update($original);
-hunk ./actions/twittersettings.php 320
-- if ($result === FALSE) {
-- common_log_db_error($flink, 'UPDATE', __FILE__);
-- $this->show_form(_('Couldn\'t save Twitter preferences.'));
-- return;
-- }
-+ if ($result === FALSE) {
-+ common_log_db_error($flink, 'UPDATE', __FILE__);
-+ $this->show_form(_('Couldn\'t save Twitter preferences.'));
-+ return;
-+ }
-hunk ./actions/twittersettings.php 326
-- if ($friendsync) {
-- save_twitter_friends($user, $flink->foreign_id, $screen_name, $password);
-- }
-+ if ($friendsync) {
-+ save_twitter_friends($user, $flink->foreign_id, $screen_name, $password);
-+ }
-hunk ./actions/twittersettings.php 330
-- $this->show_form(_('Twitter preferences saved.'));
-- }
-+ $this->show_form(_('Twitter preferences saved.'));
-+ }
-hunk ./actions/twittersettings.php 333
-- function verify_credentials($screen_name, $password) {
-- $uri = 'http://twitter.com/account/verify_credentials.json';
-- $data = get_twitter_data($uri, $screen_name, $password);
-+ function verify_credentials($screen_name, $password) {
-+ $uri = 'http://twitter.com/account/verify_credentials.json';
-+ $data = get_twitter_data($uri, $screen_name, $password);
-hunk ./actions/twittersettings.php 337
-- if (!$data) {
-- return false;
-- }
-+ if (!$data) {
-+ return false;
-+ }
-hunk ./actions/twittersettings.php 341
-- $user = json_decode($data);
-+ $user = json_decode($data);
-hunk ./actions/twittersettings.php 343
-- if (!$user) {
-- return false;
-- }
-+ if (!$user) {
-+ return false;
-+ }
-hunk ./actions/twittersettings.php 347
-- $twitter_id = $user->status->id;
-+ $twitter_id = $user->status->id;
-hunk ./actions/twittersettings.php 349
-- if ($twitter_id) {
-- return $twitter_id;
-- }
-+ if ($twitter_id) {
-+ return $twitter_id;
-+ }
-hunk ./actions/twittersettings.php 353
-- return false;
-- }
-+ return false;
-+ }
-hunk ./actions/twittersettings.php 356
-- function set_flags(&$flink, $noticesync, $replysync, $friendsync) {
-- if ($noticesync) {
-- $flink->noticesync |= FOREIGN_NOTICE_SEND;
-- } else {
-- $flink->noticesync &= ~FOREIGN_NOTICE_SEND;
-- }
-+ function set_flags(&$flink, $noticesync, $replysync, $friendsync) {
-+ if ($noticesync) {
-+ $flink->noticesync |= FOREIGN_NOTICE_SEND;
-+ } else {
-+ $flink->noticesync &= ~FOREIGN_NOTICE_SEND;
-+ }
-hunk ./actions/twittersettings.php 363
-- if ($replysync) {
-- $flink->noticesync |= FOREIGN_NOTICE_SEND_REPLY;
-- } else {
-- $flink->noticesync &= ~FOREIGN_NOTICE_SEND_REPLY;
-- }
-+ if ($replysync) {
-+ $flink->noticesync |= FOREIGN_NOTICE_SEND_REPLY;
-+ } else {
-+ $flink->noticesync &= ~FOREIGN_NOTICE_SEND_REPLY;
-+ }
-hunk ./actions/twittersettings.php 369
-- if ($friendsync) {
-- $flink->friendsync |= FOREIGN_FRIEND_RECV;
-- } else {
-- $flink->friendsync &= ~FOREIGN_FRIEND_RECV;
-- }
-+ if ($friendsync) {
-+ $flink->friendsync |= FOREIGN_FRIEND_RECV;
-+ } else {
-+ $flink->friendsync &= ~FOREIGN_FRIEND_RECV;
-+ }
-hunk ./actions/twittersettings.php 375
-- $flink->profilesync = 0;
-- }
-+ $flink->profilesync = 0;
-+ }
-hunk ./actions/unblock.php 35
-- $token = $this->trimmed('token');
-+ $token = $this->trimmed('token');
-hunk ./actions/unblock.php 37
-- if (!$token || $token != common_session_token()) {
-- $this->client_error(_('There was a problem with your session token. Try again, please.'));
-- return;
-- }
-+ if (!$token || $token != common_session_token()) {
-+ $this->client_error(_('There was a problem with your session token. Try again, please.'));
-+ return;
-+ }
-hunk ./actions/unsubscribe.php 22
-- function handle($args) {
-- parent::handle($args);
-- if (!common_logged_in()) {
-- common_user_error(_('Not logged in.'));
-- return;
-- }
-+ function handle($args) {
-+ parent::handle($args);
-+ if (!common_logged_in()) {
-+ common_user_error(_('Not logged in.'));
-+ return;
-+ }
-hunk ./actions/unsubscribe.php 29
-- $user = common_current_user();
-+ $user = common_current_user();
-hunk ./actions/unsubscribe.php 31
-- if ($_SERVER['REQUEST_METHOD'] != 'POST') {
-- common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname)));
-- return;
-- }
-+ if ($_SERVER['REQUEST_METHOD'] != 'POST') {
-+ common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname)));
-+ return;
-+ }
-hunk ./actions/unsubscribe.php 36
-- # CSRF protection
-+ # CSRF protection
-hunk ./actions/unsubscribe.php 38
-- $token = $this->trimmed('token');
-+ $token = $this->trimmed('token');
-hunk ./actions/unsubscribe.php 40
-- if (!$token || $token != common_session_token()) {
-- $this->client_error(_('There was a problem with your session token. Try again, please.'));
-- return;
-- }
-+ if (!$token || $token != common_session_token()) {
-+ $this->client_error(_('There was a problem with your session token. Try again, please.'));
-+ return;
-+ }
-hunk ./actions/unsubscribe.php 45
-- $other_id = $this->arg('unsubscribeto');
-+ $other_id = $this->arg('unsubscribeto');
-hunk ./actions/unsubscribe.php 59
-- $result = subs_unsubscribe_to($user, $other);
-+ $result = subs_unsubscribe_to($user, $other);
-hunk ./actions/unsubscribe.php 61
-- if ($result != true) {
-- common_user_error($result);
-- return;
-- }
-+ if ($result != true) {
-+ common_user_error($result);
-+ return;
-+ }
-hunk ./actions/unsubscribe.php 66
-- if ($this->boolean('ajax')) {
-- common_start_html('text/xml;charset=utf-8', true);
-- common_element_start('head');
-- common_element('title', null, _('Unsubscribed'));
-- common_element_end('head');
-- common_element_start('body');
-- common_subscribe_form($other);
-- common_element_end('body');
-- common_element_end('html');
-- } else {
-- common_redirect(common_local_url('subscriptions', array('nickname' =>
-- $user->nickname)));
-+ if ($this->boolean('ajax')) {
-+ common_start_html('text/xml;charset=utf-8', true);
-+ common_element_start('head');
-+ common_element('title', null, _('Unsubscribed'));
-+ common_element_end('head');
-+ common_element_start('body');
-+ common_subscribe_form($other);
-+ common_element_end('body');
-+ common_element_end('html');
-+ } else {
-+ common_redirect(common_local_url('subscriptions', array('nickname' =>
-+ $user->nickname)));
-hunk ./actions/unsubscribe.php 79
-- }
-+ }
-hunk ./actions/updateprofile.php 25
--
-- function handle($args) {
-- parent::handle($args);
-- try {
-- common_remove_magic_from_request();
-- $req = OAuthRequest::from_request();
-- # Note: server-to-server function!
-- $server = omb_oauth_server();
-- list($consumer, $token) = $server->verify_request($req);
-- if ($this->update_profile($req, $consumer, $token)) {
-- print "omb_version=".OMB_VERSION_01;
-- }
-- } catch (OAuthException $e) {
-- $this->server_error($e->getMessage());
-- return;
-- }
-- }
-+
-+ function handle($args) {
-+ parent::handle($args);
-+ try {
-+ common_remove_magic_from_request();
-+ $req = OAuthRequest::from_request();
-+ # Note: server-to-server function!
-+ $server = omb_oauth_server();
-+ list($consumer, $token) = $server->verify_request($req);
-+ if ($this->update_profile($req, $consumer, $token)) {
-+ print "omb_version=".OMB_VERSION_01;
-+ }
-+ } catch (OAuthException $e) {
-+ $this->server_error($e->getMessage());
-+ return;
-+ }
-+ }
-hunk ./actions/updateprofile.php 43
-- function update_profile($req, $consumer, $token) {
-- $version = $req->get_parameter('omb_version');
-- if ($version != OMB_VERSION_01) {
-- $this->client_error(_('Unsupported OMB version'), 400);
-- return false;
-- }
-- # First, check to see if listenee exists
-- $listenee = $req->get_parameter('omb_listenee');
-- $remote = Remote_profile::staticGet('uri', $listenee);
-- if (!$remote) {
-- $this->client_error(_('Profile unknown'), 404);
-- return false;
-- }
-- # Second, check to see if they should be able to post updates!
-- # We see if there are any subscriptions to that remote user with
-- # the given token.
-+ function update_profile($req, $consumer, $token) {
-+ $version = $req->get_parameter('omb_version');
-+ if ($version != OMB_VERSION_01) {
-+ $this->client_error(_('Unsupported OMB version'), 400);
-+ return false;
-+ }
-+ # First, check to see if listenee exists
-+ $listenee = $req->get_parameter('omb_listenee');
-+ $remote = Remote_profile::staticGet('uri', $listenee);
-+ if (!$remote) {
-+ $this->client_error(_('Profile unknown'), 404);
-+ return false;
-+ }
-+ # Second, check to see if they should be able to post updates!
-+ # We see if there are any subscriptions to that remote user with
-+ # the given token.
-hunk ./actions/updateprofile.php 60
-- $sub = new Subscription();
-- $sub->subscribed = $remote->id;
-- $sub->token = $token->key;
-- if (!$sub->find(true)) {
-- $this->client_error(_('You did not send us that profile'), 403);
-- return false;
-- }
-+ $sub = new Subscription();
-+ $sub->subscribed = $remote->id;
-+ $sub->token = $token->key;
-+ if (!$sub->find(true)) {
-+ $this->client_error(_('You did not send us that profile'), 403);
-+ return false;
-+ }
-hunk ./actions/updateprofile.php 68
-- $profile = Profile::staticGet('id', $remote->id);
-- if (!$profile) {
-- # This one is our fault
-- $this->server_error(_('Remote profile with no matching profile'), 500);
-- return false;
-- }
-- $nickname = $req->get_parameter('omb_listenee_nickname');
-- if ($nickname && !Validate::string($nickname, array('min_length' => 1,
-- 'max_length' => 64,
-- 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
-- $this->client_error(_('Nickname must have only lowercase letters and numbers and no spaces.'));
-- return false;
-- }
-- $license = $req->get_parameter('omb_listenee_license');
-- if ($license && !common_valid_http_url($license)) {
-- $this->client_error(sprintf(_("Invalid license URL '%s'"), $license));
-- return false;
-- }
-- $profile_url = $req->get_parameter('omb_listenee_profile');
-- if ($profile_url && !common_valid_http_url($profile_url)) {
-- $this->client_error(sprintf(_("Invalid profile URL '%s'."), $profile_url));
-- return false;
-- }
-- # optional stuff
-- $fullname = $req->get_parameter('omb_listenee_fullname');
-- if ($fullname && strlen($fullname) > 255) {
-- $this->client_error(_("Full name is too long (max 255 chars)."));
-- return false;
-- }
-- $homepage = $req->get_parameter('omb_listenee_homepage');
-- if ($homepage && (!common_valid_http_url($homepage) || strlen($homepage) > 255)) {
-- $this->client_error(sprintf(_("Invalid homepage '%s'"), $homepage));
-- return false;
-- }
-- $bio = $req->get_parameter('omb_listenee_bio');
-- if ($bio && strlen($bio) > 140) {
-- $this->client_error(_("Bio is too long (max 140 chars)."));
-- return false;
-- }
-- $location = $req->get_parameter('omb_listenee_location');
-- if ($location && strlen($location) > 255) {
-- $this->client_error(_("Location is too long (max 255 chars)."));
-- return false;
-- }
-- $avatar = $req->get_parameter('omb_listenee_avatar');
-- if ($avatar) {
-- if (!common_valid_http_url($avatar) || strlen($avatar) > 255) {
-- $this->client_error(sprintf(_("Invalid avatar URL '%s'"), $avatar));
-- return false;
-- }
-- $size = @getimagesize($avatar);
-- if (!$size) {
-- $this->client_error(sprintf(_("Can't read avatar URL '%s'"), $avatar));
-- return false;
-- }
-- if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) {
-- $this->client_error(sprintf(_("Wrong size image at '%s'"), $avatar));
-- return false;
-- }
-- if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG,
-- IMAGETYPE_PNG))) {
-- $this->client_error(sprintf(_("Wrong image type for '%s'"), $avatar));
-- return false;
-- }
-- }
-+ $profile = Profile::staticGet('id', $remote->id);
-+ if (!$profile) {
-+ # This one is our fault
-+ $this->server_error(_('Remote profile with no matching profile'), 500);
-+ return false;
-+ }
-+ $nickname = $req->get_parameter('omb_listenee_nickname');
-+ if ($nickname && !Validate::string($nickname, array('min_length' => 1,
-+ 'max_length' => 64,
-+ 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
-+ $this->client_error(_('Nickname must have only lowercase letters and numbers and no spaces.'));
-+ return false;
-+ }
-+ $license = $req->get_parameter('omb_listenee_license');
-+ if ($license && !common_valid_http_url($license)) {
-+ $this->client_error(sprintf(_("Invalid license URL '%s'"), $license));
-+ return false;
-+ }
-+ $profile_url = $req->get_parameter('omb_listenee_profile');
-+ if ($profile_url && !common_valid_http_url($profile_url)) {
-+ $this->client_error(sprintf(_("Invalid profile URL '%s'."), $profile_url));
-+ return false;
-+ }
-+ # optional stuff
-+ $fullname = $req->get_parameter('omb_listenee_fullname');
-+ if ($fullname && strlen($fullname) > 255) {
-+ $this->client_error(_("Full name is too long (max 255 chars)."));
-+ return false;
-+ }
-+ $homepage = $req->get_parameter('omb_listenee_homepage');
-+ if ($homepage && (!common_valid_http_url($homepage) || strlen($homepage) > 255)) {
-+ $this->client_error(sprintf(_("Invalid homepage '%s'"), $homepage));
-+ return false;
-+ }
-+ $bio = $req->get_parameter('omb_listenee_bio');
-+ if ($bio && strlen($bio) > 140) {
-+ $this->client_error(_("Bio is too long (max 140 chars)."));
-+ return false;
-+ }
-+ $location = $req->get_parameter('omb_listenee_location');
-+ if ($location && strlen($location) > 255) {
-+ $this->client_error(_("Location is too long (max 255 chars)."));
-+ return false;
-+ }
-+ $avatar = $req->get_parameter('omb_listenee_avatar');
-+ if ($avatar) {
-+ if (!common_valid_http_url($avatar) || strlen($avatar) > 255) {
-+ $this->client_error(sprintf(_("Invalid avatar URL '%s'"), $avatar));
-+ return false;
-+ }
-+ $size = @getimagesize($avatar);
-+ if (!$size) {
-+ $this->client_error(sprintf(_("Can't read avatar URL '%s'"), $avatar));
-+ return false;
-+ }
-+ if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) {
-+ $this->client_error(sprintf(_("Wrong size image at '%s'"), $avatar));
-+ return false;
-+ }
-+ if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG,
-+ IMAGETYPE_PNG))) {
-+ $this->client_error(sprintf(_("Wrong image type for '%s'"), $avatar));
-+ return false;
-+ }
-+ }
-hunk ./actions/updateprofile.php 134
-- $orig_profile = clone($profile);
-+ $orig_profile = clone($profile);
-hunk ./actions/updateprofile.php 136
-- if ($nickname) {
-- $profile->nickname = $nickname;
-- }
-- if ($profile_url) {
-- $profile->profileurl = $profile_url;
-- }
-- if ($fullname) {
-- $profile->fullname = $fullname;
-- }
-- if ($homepage) {
-- $profile->homepage = $homepage;
-- }
-- if ($bio) {
-- $profile->bio = $bio;
-- }
-- if ($location) {
-- $profile->location = $location;
-- }
-+ if ($nickname) {
-+ $profile->nickname = $nickname;
-+ }
-+ if ($profile_url) {
-+ $profile->profileurl = $profile_url;
-+ }
-+ if ($fullname) {
-+ $profile->fullname = $fullname;
-+ }
-+ if ($homepage) {
-+ $profile->homepage = $homepage;
-+ }
-+ if ($bio) {
-+ $profile->bio = $bio;
-+ }
-+ if ($location) {
-+ $profile->location = $location;
-+ }
-hunk ./actions/updateprofile.php 155
-- if (!$profile->update($orig_profile)) {
-- $this->server_error(_('Could not save new profile info'), 500);
-- return false;
-- } else {
-- if ($avatar) {
-- $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar');
-- copy($avatar, $temp_filename);
-- if (!$profile->setOriginal($temp_filename)) {
-- $this->server_error(_('Could not save avatar info'), 500);
-- return false;
-- }
-- }
-- header('HTTP/1.1 200 OK');
-- header('Content-type: text/plain');
-- print 'Updated profile';
-- print "\n";
-- return true;
-- }
-- }
-+ if (!$profile->update($orig_profile)) {
-+ $this->server_error(_('Could not save new profile info'), 500);
-+ return false;
-+ } else {
-+ if ($avatar) {
-+ $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar');
-+ copy($avatar, $temp_filename);
-+ if (!$profile->setOriginal($temp_filename)) {
-+ $this->server_error(_('Could not save avatar info'), 500);
-+ return false;
-+ }
-+ }
-+ header('HTTP/1.1 200 OK');
-+ header('Content-type: text/plain');
-+ print 'Updated profile';
-+ print "\n";
-+ return true;
-+ }
-+ }
-hunk ./actions/userauthorization.php 27
-- function handle($args) {
-- parent::handle($args);
-+ function handle($args) {
-+ parent::handle($args);
-hunk ./actions/userauthorization.php 30
-- if ($_SERVER['REQUEST_METHOD'] == 'POST') {
-- # CSRF protection
-- $token = $this->trimmed('token');
-- if (!$token || $token != common_session_token()) {
-- $req = $this->get_stored_request();
-- $this->show_form(_('There was a problem with your session token. Try again, please.'), $req);
-- return;
-- }
-- # We've shown the form, now post user's choice
-- $this->send_authorization();
-- } else {
-- if (!common_logged_in()) {
-- # Go log in, and then come back
-- common_debug('saving URL for returnto', __FILE__);
-- common_set_returnto($_SERVER['REQUEST_URI']);
-+ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
-+ # CSRF protection
-+ $token = $this->trimmed('token');
-+ if (!$token || $token != common_session_token()) {
-+ $req = $this->get_stored_request();
-+ $this->show_form(_('There was a problem with your session token. Try again, please.'), $req);
-+ return;
-+ }
-+ # We've shown the form, now post user's choice
-+ $this->send_authorization();
-+ } else {
-+ if (!common_logged_in()) {
-+ # Go log in, and then come back
-+ common_debug('saving URL for returnto', __FILE__);
-+ common_set_returnto($_SERVER['REQUEST_URI']);
-hunk ./actions/userauthorization.php 46
-- common_debug('redirecting to login', __FILE__);
-- common_redirect(common_local_url('login'));
-- return;
-- }
-- try {
-- # this must be a new request
-- common_debug('getting new request', __FILE__);
-- $req = $this->get_new_request();
-- if (!$req) {
-- $this->client_error(_('No request found!'));
-- }
-- common_debug('validating request', __FILE__);
-- # XXX: only validate new requests, since nonce is one-time use
-- $this->validate_request($req);
-- common_debug('showing form', __FILE__);
-- $this->store_request($req);
-- $this->show_form($req);
-- } catch (OAuthException $e) {
-- $this->clear_request();
-- $this->client_error($e->getMessage());
-- return;
-- }
-+ common_debug('redirecting to login', __FILE__);
-+ common_redirect(common_local_url('login'));
-+ return;
-+ }
-+ try {
-+ # this must be a new request
-+ common_debug('getting new request', __FILE__);
-+ $req = $this->get_new_request();
-+ if (!$req) {
-+ $this->client_error(_('No request found!'));
-+ }
-+ common_debug('validating request', __FILE__);
-+ # XXX: only validate new requests, since nonce is one-time use
-+ $this->validate_request($req);
-+ common_debug('showing form', __FILE__);
-+ $this->store_request($req);
-+ $this->show_form($req);
-+ } catch (OAuthException $e) {
-+ $this->clear_request();
-+ $this->client_error($e->getMessage());
-+ return;
-+ }
-hunk ./actions/userauthorization.php 69
-- }
-- }
-+ }
-+ }
-hunk ./actions/userauthorization.php 72
-- function show_form($req) {
-+ function show_form($req) {
-hunk ./actions/userauthorization.php 74
-- $nickname = $req->get_parameter('omb_listenee_nickname');
-- $profile = $req->get_parameter('omb_listenee_profile');
-- $license = $req->get_parameter('omb_listenee_license');
-- $fullname = $req->get_parameter('omb_listenee_fullname');
-- $homepage = $req->get_parameter('omb_listenee_homepage');
-- $bio = $req->get_parameter('omb_listenee_bio');
-- $location = $req->get_parameter('omb_listenee_location');
-- $avatar = $req->get_parameter('omb_listenee_avatar');
-+ $nickname = $req->get_parameter('omb_listenee_nickname');
-+ $profile = $req->get_parameter('omb_listenee_profile');
-+ $license = $req->get_parameter('omb_listenee_license');
-+ $fullname = $req->get_parameter('omb_listenee_fullname');
-+ $homepage = $req->get_parameter('omb_listenee_homepage');
-+ $bio = $req->get_parameter('omb_listenee_bio');
-+ $location = $req->get_parameter('omb_listenee_location');
-+ $avatar = $req->get_parameter('omb_listenee_avatar');
-hunk ./actions/userauthorization.php 83
-- common_show_header(_('Authorize subscription'));
-- common_element('p', NULL, _('Please check these details to make sure '.
-- 'that you want to subscribe to this user\'s notices. '.
-- 'If you didn\'t just ask to subscribe to someone\'s notices, '.
-- 'click "Cancel".'));
-- common_element_start('div', 'profile');
-- if ($avatar) {
-- common_element('img', array('src' => $avatar,
-- 'class' => 'avatar profile',
-- 'width' => AVATAR_PROFILE_SIZE,
-- 'height' => AVATAR_PROFILE_SIZE,
-- 'alt' => $nickname));
-- }
-- common_element('a', array('href' => $profile,
-- 'class' => 'external profile nickname'),
-- $nickname);
-- if ($fullname) {
-- common_element_start('div', 'fullname');
-- if ($homepage) {
-- common_element('a', array('href' => $homepage),
-- $fullname);
-- } else {
-- common_text($fullname);
-- }
-- common_element_end('div');
-- }
-- if ($location) {
-- common_element('div', 'location', $location);
-- }
-- if ($bio) {
-- common_element('div', 'bio', $bio);
-- }
-- common_element_start('div', 'license');
-- common_element('a', array('href' => $license,
-- 'class' => 'license'),
-- $license);
-- common_element_end('div');
-- common_element_end('div');
-- common_element_start('form', array('method' => 'post',
-- 'id' => 'userauthorization',
-- 'name' => 'userauthorization',
-- 'action' => common_local_url('userauthorization')));
-- common_hidden('token', common_session_token());
-- common_submit('accept', _('Accept'));
-- common_submit('reject', _('Reject'));
-- common_element_end('form');
-- common_show_footer();
-- }
-+ common_show_header(_('Authorize subscription'));
-+ common_element('p', NULL, _('Please check these details to make sure '.
-+ 'that you want to subscribe to this user\'s notices. '.
-+ 'If you didn\'t just ask to subscribe to someone\'s notices, '.
-+ 'click "Cancel".'));
-+ common_element_start('div', 'profile');
-+ if ($avatar) {
-+ common_element('img', array('src' => $avatar,
-+ 'class' => 'avatar profile',
-+ 'width' => AVATAR_PROFILE_SIZE,
-+ 'height' => AVATAR_PROFILE_SIZE,
-+ 'alt' => $nickname));
-+ }
-+ common_element('a', array('href' => $profile,
-+ 'class' => 'external profile nickname'),
-+ $nickname);
-+ if ($fullname) {
-+ common_element_start('div', 'fullname');
-+ if ($homepage) {
-+ common_element('a', array('href' => $homepage),
-+ $fullname);
-+ } else {
-+ common_text($fullname);
-+ }
-+ common_element_end('div');
-+ }
-+ if ($location) {
-+ common_element('div', 'location', $location);
-+ }
-+ if ($bio) {
-+ common_element('div', 'bio', $bio);
-+ }
-+ common_element_start('div', 'license');
-+ common_element('a', array('href' => $license,
-+ 'class' => 'license'),
-+ $license);
-+ common_element_end('div');
-+ common_element_end('div');
-+ common_element_start('form', array('method' => 'post',
-+ 'id' => 'userauthorization',
-+ 'name' => 'userauthorization',
-+ 'action' => common_local_url('userauthorization')));
-+ common_hidden('token', common_session_token());
-+ common_submit('accept', _('Accept'));
-+ common_submit('reject', _('Reject'));
-+ common_element_end('form');
-+ common_show_footer();
-+ }
-hunk ./actions/userauthorization.php 132
-- function send_authorization() {
-- $req = $this->get_stored_request();
-+ function send_authorization() {
-+ $req = $this->get_stored_request();
-hunk ./actions/userauthorization.php 135
-- if (!$req) {
-- common_user_error(_('No authorization request!'));
-- return;
-- }
-+ if (!$req) {
-+ common_user_error(_('No authorization request!'));
-+ return;
-+ }
-hunk ./actions/userauthorization.php 140
-- $callback = $req->get_parameter('oauth_callback');
-+ $callback = $req->get_parameter('oauth_callback');
-hunk ./actions/userauthorization.php 142
-- if ($this->arg('accept')) {
-- if (!$this->authorize_token($req)) {
-- $this->client_error(_('Error authorizing token'));
-- }
-- if (!$this->save_remote_profile($req)) {
-- $this->client_error(_('Error saving remote profile'));
-- }
-- if (!$callback) {
-- $this->show_accept_message($req->get_parameter('oauth_token'));
-- } else {
-- $params = array();
-- $params['oauth_token'] = $req->get_parameter('oauth_token');
-- $params['omb_version'] = OMB_VERSION_01;
-- $user = User::staticGet('uri', $req->get_parameter('omb_listener'));
-- $profile = $user->getProfile();
-- if (!$profile) {
-- common_log_db_error($user, 'SELECT', __FILE__);
-- $this->server_error(_('User without matching profile'));
-- return;
-- }
-- $params['omb_listener_nickname'] = $user->nickname;
-- $params['omb_listener_profile'] = common_local_url('showstream',
-- array('nickname' => $user->nickname));
-- if ($profile->fullname) {
-- $params['omb_listener_fullname'] = $profile->fullname;
-- }
-- if ($profile->homepage) {
-- $params['omb_listener_homepage'] = $profile->homepage;
-- }
-- if ($profile->bio) {
-- $params['omb_listener_bio'] = $profile->bio;
-- }
-- if ($profile->location) {
-- $params['omb_listener_location'] = $profile->location;
-- }
-- $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE);
-- if ($avatar) {
-- $params['omb_listener_avatar'] = $avatar->url;
-- }
-- $parts = array();
-- foreach ($params as $k => $v) {
-- $parts[] = $k . '=' . OAuthUtil::urlencodeRFC3986($v);
-- }
-- $query_string = implode('&', $parts);
-- $parsed = parse_url($callback);
-- $url = $callback . (($parsed['query']) ? '&' : '?') . $query_string;
-- common_redirect($url, 303);
-- }
-- } else {
-- if (!$callback) {
-- $this->show_reject_message();
-- } else {
-- # XXX: not 100% sure how to signal failure... just redirect without token?
-- common_redirect($callback, 303);
-- }
-- }
-- }
-+ if ($this->arg('accept')) {
-+ if (!$this->authorize_token($req)) {
-+ $this->client_error(_('Error authorizing token'));
-+ }
-+ if (!$this->save_remote_profile($req)) {
-+ $this->client_error(_('Error saving remote profile'));
-+ }
-+ if (!$callback) {
-+ $this->show_accept_message($req->get_parameter('oauth_token'));
-+ } else {
-+ $params = array();
-+ $params['oauth_token'] = $req->get_parameter('oauth_token');
-+ $params['omb_version'] = OMB_VERSION_01;
-+ $user = User::staticGet('uri', $req->get_parameter('omb_listener'));
-+ $profile = $user->getProfile();
-+ if (!$profile) {
-+ common_log_db_error($user, 'SELECT', __FILE__);
-+ $this->server_error(_('User without matching profile'));
-+ return;
-+ }
-+ $params['omb_listener_nickname'] = $user->nickname;
-+ $params['omb_listener_profile'] = common_local_url('showstream',
-+ array('nickname' => $user->nickname));
-+ if ($profile->fullname) {
-+ $params['omb_listener_fullname'] = $profile->fullname;
-+ }
-+ if ($profile->homepage) {
-+ $params['omb_listener_homepage'] = $profile->homepage;
-+ }
-+ if ($profile->bio) {
-+ $params['omb_listener_bio'] = $profile->bio;
-+ }
-+ if ($profile->location) {
-+ $params['omb_listener_location'] = $profile->location;
-+ }
-+ $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE);
-+ if ($avatar) {
-+ $params['omb_listener_avatar'] = $avatar->url;
-+ }
-+ $parts = array();
-+ foreach ($params as $k => $v) {
-+ $parts[] = $k . '=' . OAuthUtil::urlencodeRFC3986($v);
-+ }
-+ $query_string = implode('&', $parts);
-+ $parsed = parse_url($callback);
-+ $url = $callback . (($parsed['query']) ? '&' : '?') . $query_string;
-+ common_redirect($url, 303);
-+ }
-+ } else {
-+ if (!$callback) {
-+ $this->show_reject_message();
-+ } else {
-+ # XXX: not 100% sure how to signal failure... just redirect without token?
-+ common_redirect($callback, 303);
-+ }
-+ }
-+ }
-hunk ./actions/userauthorization.php 200
-- function authorize_token(&$req) {
-- $consumer_key = $req->get_parameter('oauth_consumer_key');
-- $token_field = $req->get_parameter('oauth_token');
-- common_debug('consumer key = "'.$consumer_key.'"', __FILE__);
-- common_debug('token field = "'.$token_field.'"', __FILE__);
-- $rt = new Token();
-- $rt->consumer_key = $consumer_key;
-- $rt->tok = $token_field;
-- $rt->type = 0;
-- $rt->state = 0;
-- common_debug('request token to look up: "'.print_r($rt,TRUE).'"');
-- if ($rt->find(true)) {
-- common_debug('found request token to authorize', __FILE__);
-- $orig_rt = clone($rt);
-- $rt->state = 1; # Authorized but not used
-- if ($rt->update($orig_rt)) {
-- common_debug('updated request token so it is authorized', __FILE__);
-- return true;
-- }
-- }
-- return FALSE;
-- }
-+ function authorize_token(&$req) {
-+ $consumer_key = $req->get_parameter('oauth_consumer_key');
-+ $token_field = $req->get_parameter('oauth_token');
-+ common_debug('consumer key = "'.$consumer_key.'"', __FILE__);
-+ common_debug('token field = "'.$token_field.'"', __FILE__);
-+ $rt = new Token();
-+ $rt->consumer_key = $consumer_key;
-+ $rt->tok = $token_field;
-+ $rt->type = 0;
-+ $rt->state = 0;
-+ common_debug('request token to look up: "'.print_r($rt,TRUE).'"');
-+ if ($rt->find(true)) {
-+ common_debug('found request token to authorize', __FILE__);
-+ $orig_rt = clone($rt);
-+ $rt->state = 1; # Authorized but not used
-+ if ($rt->update($orig_rt)) {
-+ common_debug('updated request token so it is authorized', __FILE__);
-+ return true;
-+ }
-+ }
-+ return FALSE;
-+ }
-hunk ./actions/userauthorization.php 223
-- # XXX: refactor with similar code in finishremotesubscribe.php
-+ # XXX: refactor with similar code in finishremotesubscribe.php
-hunk ./actions/userauthorization.php 225
-- function save_remote_profile(&$req) {
-- # FIXME: we should really do this when the consumer comes
-- # back for an access token. If they never do, we've got stuff in a
-- # weird state.
-+ function save_remote_profile(&$req) {
-+ # FIXME: we should really do this when the consumer comes
-+ # back for an access token. If they never do, we've got stuff in a
-+ # weird state.
-hunk ./actions/userauthorization.php 230
-- $nickname = $req->get_parameter('omb_listenee_nickname');
-- $fullname = $req->get_parameter('omb_listenee_fullname');
-- $profile_url = $req->get_parameter('omb_listenee_profile');
-- $homepage = $req->get_parameter('omb_listenee_homepage');
-- $bio = $req->get_parameter('omb_listenee_bio');
-- $location = $req->get_parameter('omb_listenee_location');
-- $avatar_url = $req->get_parameter('omb_listenee_avatar');
-+ $nickname = $req->get_parameter('omb_listenee_nickname');
-+ $fullname = $req->get_parameter('omb_listenee_fullname');
-+ $profile_url = $req->get_parameter('omb_listenee_profile');
-+ $homepage = $req->get_parameter('omb_listenee_homepage');
-+ $bio = $req->get_parameter('omb_listenee_bio');
-+ $location = $req->get_parameter('omb_listenee_location');
-+ $avatar_url = $req->get_parameter('omb_listenee_avatar');
-hunk ./actions/userauthorization.php 238
-- $listenee = $req->get_parameter('omb_listenee');
-- $remote = Remote_profile::staticGet('uri', $listenee);
-+ $listenee = $req->get_parameter('omb_listenee');
-+ $remote = Remote_profile::staticGet('uri', $listenee);
-hunk ./actions/userauthorization.php 241
-- if ($remote) {
-- $exists = true;
-- $profile = Profile::staticGet($remote->id);
-- $orig_remote = clone($remote);
-- $orig_profile = clone($profile);
-- } else {
-- $exists = false;
-- $remote = new Remote_profile();
-- $remote->uri = $listenee;
-- $profile = new Profile();
-- }
-+ if ($remote) {
-+ $exists = true;
-+ $profile = Profile::staticGet($remote->id);
-+ $orig_remote = clone($remote);
-+ $orig_profile = clone($profile);
-+ } else {
-+ $exists = false;
-+ $remote = new Remote_profile();
-+ $remote->uri = $listenee;
-+ $profile = new Profile();
-+ }
-hunk ./actions/userauthorization.php 253
-- $profile->nickname = $nickname;
-- $profile->profileurl = $profile_url;
-+ $profile->nickname = $nickname;
-+ $profile->profileurl = $profile_url;
-hunk ./actions/userauthorization.php 256
-- if ($fullname) {
-- $profile->fullname = $fullname;
-- }
-- if ($homepage) {
-- $profile->homepage = $homepage;
-- }
-- if ($bio) {
-- $profile->bio = $bio;
-- }
-- if ($location) {
-- $profile->location = $location;
-- }
-+ if ($fullname) {
-+ $profile->fullname = $fullname;
-+ }
-+ if ($homepage) {
-+ $profile->homepage = $homepage;
-+ }
-+ if ($bio) {
-+ $profile->bio = $bio;
-+ }
-+ if ($location) {
-+ $profile->location = $location;
-+ }
-hunk ./actions/userauthorization.php 269
-- if ($exists) {
-- $profile->update($orig_profile);
-- } else {
-- $profile->created = DB_DataObject_Cast::dateTime(); # current time
-- $id = $profile->insert();
-- if (!$id) {
-- return FALSE;
-- }
-- $remote->id = $id;
-- }
-+ if ($exists) {
-+ $profile->update($orig_profile);
-+ } else {
-+ $profile->created = DB_DataObject_Cast::dateTime(); # current time
-+ $id = $profile->insert();
-+ if (!$id) {
-+ return FALSE;
-+ }
-+ $remote->id = $id;
-+ }
-hunk ./actions/userauthorization.php 280
-- if ($exists) {
-- if (!$remote->update($orig_remote)) {
-- return FALSE;
-- }
-- } else {
-- $remote->created = DB_DataObject_Cast::dateTime(); # current time
-- if (!$remote->insert()) {
-- return FALSE;
-- }
-- }
-+ if ($exists) {
-+ if (!$remote->update($orig_remote)) {
-+ return FALSE;
-+ }
-+ } else {
-+ $remote->created = DB_DataObject_Cast::dateTime(); # current time
-+ if (!$remote->insert()) {
-+ return FALSE;
-+ }
-+ }
-hunk ./actions/userauthorization.php 291
-- if ($avatar_url) {
-- if (!$this->add_avatar($profile, $avatar_url)) {
-- return FALSE;
-- }
-- }
-+ if ($avatar_url) {
-+ if (!$this->add_avatar($profile, $avatar_url)) {
-+ return FALSE;
-+ }
-+ }
-hunk ./actions/userauthorization.php 297
-- $user = common_current_user();
-- $datastore = omb_oauth_datastore();
-- $consumer = $this->get_consumer($datastore, $req);
-- $token = $this->get_token($datastore, $req, $consumer);
-+ $user = common_current_user();
-+ $datastore = omb_oauth_datastore();
-+ $consumer = $this->get_consumer($datastore, $req);
-+ $token = $this->get_token($datastore, $req, $consumer);
-hunk ./actions/userauthorization.php 302
-- $sub = new Subscription();
-- $sub->subscriber = $user->id;
-- $sub->subscribed = $remote->id;
-- $sub->token = $token->key; # NOTE: request token, not valid for use!
-- $sub->created = DB_DataObject_Cast::dateTime(); # current time
-+ $sub = new Subscription();
-+ $sub->subscriber = $user->id;
-+ $sub->subscribed = $remote->id;
-+ $sub->token = $token->key; # NOTE: request token, not valid for use!
-+ $sub->created = DB_DataObject_Cast::dateTime(); # current time
-hunk ./actions/userauthorization.php 308
-- if (!$sub->insert()) {
-- return FALSE;
-- }
-+ if (!$sub->insert()) {
-+ return FALSE;
-+ }
-hunk ./actions/userauthorization.php 312
-- return TRUE;
-- }
-+ return TRUE;
-+ }
-hunk ./actions/userauthorization.php 315
-- function add_avatar($profile, $url) {
-- $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar');
-- copy($url, $temp_filename);
-- return $profile->setOriginal($temp_filename);
-- }
-+ function add_avatar($profile, $url) {
-+ $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar');
-+ copy($url, $temp_filename);
-+ return $profile->setOriginal($temp_filename);
-+ }
-hunk ./actions/userauthorization.php 321
-- function show_accept_message($tok) {
-- common_show_header(_('Subscription authorized'));
-- common_element('p', NULL,
-- _('The subscription has been authorized, but no '.
-- 'callback URL was passed. Check with the site\'s instructions for '.
-- 'details on how to authorize the subscription. Your subscription token is:'));
-- common_element('blockquote', 'token', $tok);
-- common_show_footer();
-- }
-+ function show_accept_message($tok) {
-+ common_show_header(_('Subscription authorized'));
-+ common_element('p', NULL,
-+ _('The subscription has been authorized, but no '.
-+ 'callback URL was passed. Check with the site\'s instructions for '.
-+ 'details on how to authorize the subscription. Your subscription token is:'));
-+ common_element('blockquote', 'token', $tok);
-+ common_show_footer();
-+ }
-hunk ./actions/userauthorization.php 331
-- function show_reject_message($tok) {
-- common_show_header(_('Subscription rejected'));
-- common_element('p', NULL,
-- _('The subscription has been rejected, but no '.
-- 'callback URL was passed. Check with the site\'s instructions for '.
-- 'details on how to fully reject the subscription.'));
-- common_show_footer();
-- }
-+ function show_reject_message($tok) {
-+ common_show_header(_('Subscription rejected'));
-+ common_element('p', NULL,
-+ _('The subscription has been rejected, but no '.
-+ 'callback URL was passed. Check with the site\'s instructions for '.
-+ 'details on how to fully reject the subscription.'));
-+ common_show_footer();
-+ }
-hunk ./actions/userauthorization.php 340
-- function store_request($req) {
-- common_ensure_session();
-- $_SESSION['userauthorizationrequest'] = $req;
-- }
-+ function store_request($req) {
-+ common_ensure_session();
-+ $_SESSION['userauthorizationrequest'] = $req;
-+ }
-hunk ./actions/userauthorization.php 345
-- function clear_request() {
-- common_ensure_session();
-- unset($_SESSION['userauthorizationrequest']);
-- }
-+ function clear_request() {
-+ common_ensure_session();
-+ unset($_SESSION['userauthorizationrequest']);
-+ }
-hunk ./actions/userauthorization.php 350
-- function get_stored_request() {
-- common_ensure_session();
-- $req = $_SESSION['userauthorizationrequest'];
-- return $req;
-- }
-+ function get_stored_request() {
-+ common_ensure_session();
-+ $req = $_SESSION['userauthorizationrequest'];
-+ return $req;
-+ }
-hunk ./actions/userauthorization.php 356
-- function get_new_request() {
-- common_remove_magic_from_request();
-- $req = OAuthRequest::from_request();
-- return $req;
-- }
-+ function get_new_request() {
-+ common_remove_magic_from_request();
-+ $req = OAuthRequest::from_request();
-+ return $req;
-+ }
-hunk ./actions/userauthorization.php 362
-- # Throws an OAuthException if anything goes wrong
-+ # Throws an OAuthException if anything goes wrong
-hunk ./actions/userauthorization.php 364
-- function validate_request(&$req) {
-- # OAuth stuff -- have to copy from OAuth.php since they're
-- # all private methods, and there's no user-authentication method
-- common_debug('checking version', __FILE__);
-- $this->check_version($req);
-- common_debug('getting datastore', __FILE__);
-- $datastore = omb_oauth_datastore();
-- common_debug('getting consumer', __FILE__);
-- $consumer = $this->get_consumer($datastore, $req);
-- common_debug('getting token', __FILE__);
-- $token = $this->get_token($datastore, $req, $consumer);
-- common_debug('checking timestamp', __FILE__);
-- $this->check_timestamp($req);
-- common_debug('checking nonce', __FILE__);
-- $this->check_nonce($datastore, $req, $consumer, $token);
-- common_debug('checking signature', __FILE__);
-- $this->check_signature($req, $consumer, $token);
-- common_debug('validating omb stuff', __FILE__);
-- $this->validate_omb($req);
-- common_debug('done validating', __FILE__);
-- return true;
-- }
-+ function validate_request(&$req) {
-+ # OAuth stuff -- have to copy from OAuth.php since they're
-+ # all private methods, and there's no user-authentication method
-+ common_debug('checking version', __FILE__);
-+ $this->check_version($req);
-+ common_debug('getting datastore', __FILE__);
-+ $datastore = omb_oauth_datastore();
-+ common_debug('getting consumer', __FILE__);
-+ $consumer = $this->get_consumer($datastore, $req);
-+ common_debug('getting token', __FILE__);
-+ $token = $this->get_token($datastore, $req, $consumer);
-+ common_debug('checking timestamp', __FILE__);
-+ $this->check_timestamp($req);
-+ common_debug('checking nonce', __FILE__);
-+ $this->check_nonce($datastore, $req, $consumer, $token);
-+ common_debug('checking signature', __FILE__);
-+ $this->check_signature($req, $consumer, $token);
-+ common_debug('validating omb stuff', __FILE__);
-+ $this->validate_omb($req);
-+ common_debug('done validating', __FILE__);
-+ return true;
-+ }
-hunk ./actions/userauthorization.php 387
-- function validate_omb(&$req) {
-- foreach (array('omb_version', 'omb_listener', 'omb_listenee',
-- 'omb_listenee_profile', 'omb_listenee_nickname',
-- 'omb_listenee_license') as $param)
-- {
-- if (!$req->get_parameter($param)) {
-- throw new OAuthException("Required parameter '$param' not found");
-- }
-- }
-- # Now, OMB stuff
-- $version = $req->get_parameter('omb_version');
-- if ($version != OMB_VERSION_01) {
-- throw new OAuthException("OpenMicroBlogging version '$version' not supported");
-- }
-- $listener = $req->get_parameter('omb_listener');
-- $user = User::staticGet('uri', $listener);
-- if (!$user) {
-- throw new OAuthException("Listener URI '$listener' not found here");
-- }
-- $cur = common_current_user();
-- if ($cur->id != $user->id) {
-- throw new OAuthException("Can't add for another user!");
-- }
-- $listenee = $req->get_parameter('omb_listenee');
-- if (!Validate::uri($listenee) &&
-- !common_valid_tag($listenee)) {
-- throw new OAuthException("Listenee URI '$listenee' not a recognizable URI");
-- }
-- if (strlen($listenee) > 255) {
-- throw new OAuthException("Listenee URI '$listenee' too long");
-- }
-+ function validate_omb(&$req) {
-+ foreach (array('omb_version', 'omb_listener', 'omb_listenee',
-+ 'omb_listenee_profile', 'omb_listenee_nickname',
-+ 'omb_listenee_license') as $param)
-+ {
-+ if (!$req->get_parameter($param)) {
-+ throw new OAuthException("Required parameter '$param' not found");
-+ }
-+ }
-+ # Now, OMB stuff
-+ $version = $req->get_parameter('omb_version');
-+ if ($version != OMB_VERSION_01) {
-+ throw new OAuthException("OpenMicroBlogging version '$version' not supported");
-+ }
-+ $listener = $req->get_parameter('omb_listener');
-+ $user = User::staticGet('uri', $listener);
-+ if (!$user) {
-+ throw new OAuthException("Listener URI '$listener' not found here");
-+ }
-+ $cur = common_current_user();
-+ if ($cur->id != $user->id) {
-+ throw new OAuthException("Can't add for another user!");
-+ }
-+ $listenee = $req->get_parameter('omb_listenee');
-+ if (!Validate::uri($listenee) &&
-+ !common_valid_tag($listenee)) {
-+ throw new OAuthException("Listenee URI '$listenee' not a recognizable URI");
-+ }
-+ if (strlen($listenee) > 255) {
-+ throw new OAuthException("Listenee URI '$listenee' too long");
-+ }
-hunk ./actions/userauthorization.php 419
-- $other = User::staticGet('uri', $listenee);
-- if ($other) {
-- throw new OAuthException("Listenee URI '$listenee' is local user");
-- }
-+ $other = User::staticGet('uri', $listenee);
-+ if ($other) {
-+ throw new OAuthException("Listenee URI '$listenee' is local user");
-+ }
-hunk ./actions/userauthorization.php 424
-- $remote = Remote_profile::staticGet('uri', $listenee);
-- if ($remote) {
-- $sub = new Subscription();
-- $sub->subscriber = $user->id;
-- $sub->subscribed = $remote->id;
-- if ($sub->find(TRUE)) {
-- throw new OAuthException("Already subscribed to user!");
-- }
-- }
-- $nickname = $req->get_parameter('omb_listenee_nickname');
-- if (!Validate::string($nickname, array('min_length' => 1,
-- 'max_length' => 64,
-- 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
-- throw new OAuthException('Nickname must have only letters and numbers and no spaces.');
-- }
-- $profile = $req->get_parameter('omb_listenee_profile');
-- if (!common_valid_http_url($profile)) {
-- throw new OAuthException("Invalid profile URL '$profile'.");
-- }
-+ $remote = Remote_profile::staticGet('uri', $listenee);
-+ if ($remote) {
-+ $sub = new Subscription();
-+ $sub->subscriber = $user->id;
-+ $sub->subscribed = $remote->id;
-+ if ($sub->find(TRUE)) {
-+ throw new OAuthException("Already subscribed to user!");
-+ }
-+ }
-+ $nickname = $req->get_parameter('omb_listenee_nickname');
-+ if (!Validate::string($nickname, array('min_length' => 1,
-+ 'max_length' => 64,
-+ 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
-+ throw new OAuthException('Nickname must have only letters and numbers and no spaces.');
-+ }
-+ $profile = $req->get_parameter('omb_listenee_profile');
-+ if (!common_valid_http_url($profile)) {
-+ throw new OAuthException("Invalid profile URL '$profile'.");
-+ }
-hunk ./actions/userauthorization.php 444
-- if ($profile == common_local_url('showstream', array('nickname' => $nickname))) {
-- throw new OAuthException("Profile URL '$profile' is for a local user.");
-- }
-+ if ($profile == common_local_url('showstream', array('nickname' => $nickname))) {
-+ throw new OAuthException("Profile URL '$profile' is for a local user.");
-+ }
-hunk ./actions/userauthorization.php 448
-- $license = $req->get_parameter('omb_listenee_license');
-- if (!common_valid_http_url($license)) {
-- throw new OAuthException("Invalid license URL '$license'.");
-- }
-- $site_license = common_config('license', 'url');
-- if (!common_compatible_license($license, $site_license)) {
-- throw new OAuthException("Listenee stream license '$license' not compatible with site license '$site_license'.");
-- }
-- # optional stuff
-- $fullname = $req->get_parameter('omb_listenee_fullname');
-- if ($fullname && strlen($fullname) > 255) {
-- throw new OAuthException("Full name '$fullname' too long.");
-- }
-- $homepage = $req->get_parameter('omb_listenee_homepage');
-- if ($homepage && (!common_valid_http_url($homepage) || strlen($homepage) > 255)) {
-- throw new OAuthException("Invalid homepage '$homepage'");
-- }
-- $bio = $req->get_parameter('omb_listenee_bio');
-- if ($bio && strlen($bio) > 140) {
-- throw new OAuthException("Bio too long '$bio'");
-- }
-- $location = $req->get_parameter('omb_listenee_location');
-- if ($location && strlen($location) > 255) {
-- throw new OAuthException("Location too long '$location'");
-- }
-- $avatar = $req->get_parameter('omb_listenee_avatar');
-- if ($avatar) {
-- if (!common_valid_http_url($avatar) || strlen($avatar) > 255) {
-- throw new OAuthException("Invalid avatar URL '$avatar'");
-- }
-- $size = @getimagesize($avatar);
-- if (!$size) {
-- throw new OAuthException("Can't read avatar URL '$avatar'");
-- }
-- if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) {
-- throw new OAuthException("Wrong size image at '$avatar'");
-- }
-- if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG,
-- IMAGETYPE_PNG))) {
-- throw new OAuthException("Wrong image type for '$avatar'");
-- }
-- }
-- $callback = $req->get_parameter('oauth_callback');
-- if ($callback && !common_valid_http_url($callback)) {
-- throw new OAuthException("Invalid callback URL '$callback'");
-- }
-- if ($callback && $callback == common_local_url('finishremotesubscribe')) {
-- throw new OAuthException("Callback URL '$callback' is for local site.");
-- }
-- }
-+ $license = $req->get_parameter('omb_listenee_license');
-+ if (!common_valid_http_url($license)) {
-+ throw new OAuthException("Invalid license URL '$license'.");
-+ }
-+ $site_license = common_config('license', 'url');
-+ if (!common_compatible_license($license, $site_license)) {
-+ throw new OAuthException("Listenee stream license '$license' not compatible with site license '$site_license'.");
-+ }
-+ # optional stuff
-+ $fullname = $req->get_parameter('omb_listenee_fullname');
-+ if ($fullname && strlen($fullname) > 255) {
-+ throw new OAuthException("Full name '$fullname' too long.");
-+ }
-+ $homepage = $req->get_parameter('omb_listenee_homepage');
-+ if ($homepage && (!common_valid_http_url($homepage) || strlen($homepage) > 255)) {
-+ throw new OAuthException("Invalid homepage '$homepage'");
-+ }
-+ $bio = $req->get_parameter('omb_listenee_bio');
-+ if ($bio && strlen($bio) > 140) {
-+ throw new OAuthException("Bio too long '$bio'");
-+ }
-+ $location = $req->get_parameter('omb_listenee_location');
-+ if ($location && strlen($location) > 255) {
-+ throw new OAuthException("Location too long '$location'");
-+ }
-+ $avatar = $req->get_parameter('omb_listenee_avatar');
-+ if ($avatar) {
-+ if (!common_valid_http_url($avatar) || strlen($avatar) > 255) {
-+ throw new OAuthException("Invalid avatar URL '$avatar'");
-+ }
-+ $size = @getimagesize($avatar);
-+ if (!$size) {
-+ throw new OAuthException("Can't read avatar URL '$avatar'");
-+ }
-+ if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) {
-+ throw new OAuthException("Wrong size image at '$avatar'");
-+ }
-+ if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG,
-+ IMAGETYPE_PNG))) {
-+ throw new OAuthException("Wrong image type for '$avatar'");
-+ }
-+ }
-+ $callback = $req->get_parameter('oauth_callback');
-+ if ($callback && !common_valid_http_url($callback)) {
-+ throw new OAuthException("Invalid callback URL '$callback'");
-+ }
-+ if ($callback && $callback == common_local_url('finishremotesubscribe')) {
-+ throw new OAuthException("Callback URL '$callback' is for local site.");
-+ }
-+ }
-hunk ./actions/userauthorization.php 499
-- # Snagged from OAuthServer
-+ # Snagged from OAuthServer
-hunk ./actions/userauthorization.php 501
-- function check_version(&$req) {
-- $version = $req->get_parameter("oauth_version");
-- if (!$version) {
-- $version = 1.0;
-- }
-- if ($version != 1.0) {
-- throw new OAuthException("OAuth version '$version' not supported");
-- }
-- return $version;
-- }
-+ function check_version(&$req) {
-+ $version = $req->get_parameter("oauth_version");
-+ if (!$version) {
-+ $version = 1.0;
-+ }
-+ if ($version != 1.0) {
-+ throw new OAuthException("OAuth version '$version' not supported");
-+ }
-+ return $version;
-+ }
-hunk ./actions/userauthorization.php 512
-- # Snagged from OAuthServer
-+ # Snagged from OAuthServer
-hunk ./actions/userauthorization.php 514
-- function get_consumer($datastore, $req) {
-- $consumer_key = @$req->get_parameter("oauth_consumer_key");
-- if (!$consumer_key) {
-- throw new OAuthException("Invalid consumer key");
-- }
-+ function get_consumer($datastore, $req) {
-+ $consumer_key = @$req->get_parameter("oauth_consumer_key");
-+ if (!$consumer_key) {
-+ throw new OAuthException("Invalid consumer key");
-+ }
-hunk ./actions/userauthorization.php 520
-- $consumer = $datastore->lookup_consumer($consumer_key);
-- if (!$consumer) {
-- throw new OAuthException("Invalid consumer");
-- }
-- return $consumer;
-- }
-+ $consumer = $datastore->lookup_consumer($consumer_key);
-+ if (!$consumer) {
-+ throw new OAuthException("Invalid consumer");
-+ }
-+ return $consumer;
-+ }
-hunk ./actions/userauthorization.php 527
-- # Mostly cadged from OAuthServer
-+ # Mostly cadged from OAuthServer
-hunk ./actions/userauthorization.php 529
-- function get_token($datastore, &$req, $consumer) {/*{{{*/
-- $token_field = @$req->get_parameter('oauth_token');
-- $token = $datastore->lookup_token($consumer, 'request', $token_field);
-- if (!$token) {
-- throw new OAuthException("Invalid $token_type token: $token_field");
-- }
-- return $token;
-- }
-+ function get_token($datastore, &$req, $consumer) {/*{{{*/
-+ $token_field = @$req->get_parameter('oauth_token');
-+ $token = $datastore->lookup_token($consumer, 'request', $token_field);
-+ if (!$token) {
-+ throw new OAuthException("Invalid $token_type token: $token_field");
-+ }
-+ return $token;
-+ }
-hunk ./actions/userauthorization.php 538
-- function check_timestamp(&$req) {
-- $timestamp = @$req->get_parameter('oauth_timestamp');
-- $now = time();
-- if ($now - $timestamp > TIMESTAMP_THRESHOLD) {
-- throw new OAuthException("Expired timestamp, yours $timestamp, ours $now");
-- }
-- }
-+ function check_timestamp(&$req) {
-+ $timestamp = @$req->get_parameter('oauth_timestamp');
-+ $now = time();
-+ if ($now - $timestamp > TIMESTAMP_THRESHOLD) {
-+ throw new OAuthException("Expired timestamp, yours $timestamp, ours $now");
-+ }
-+ }
-hunk ./actions/userauthorization.php 546
-- # NOTE: don't call twice on the same request; will fail!
-- function check_nonce(&$datastore, &$req, $consumer, $token) {
-- $timestamp = @$req->get_parameter('oauth_timestamp');
-- $nonce = @$req->get_parameter('oauth_nonce');
-- $found = $datastore->lookup_nonce($consumer, $token, $nonce, $timestamp);
-- if ($found) {
-- throw new OAuthException("Nonce already used");
-- }
-- return true;
-- }
-+ # NOTE: don't call twice on the same request; will fail!
-+ function check_nonce(&$datastore, &$req, $consumer, $token) {
-+ $timestamp = @$req->get_parameter('oauth_timestamp');
-+ $nonce = @$req->get_parameter('oauth_nonce');
-+ $found = $datastore->lookup_nonce($consumer, $token, $nonce, $timestamp);
-+ if ($found) {
-+ throw new OAuthException("Nonce already used");
-+ }
-+ return true;
-+ }
-hunk ./actions/userauthorization.php 557
-- function check_signature(&$req, $consumer, $token) {
-- $signature_method = $this->get_signature_method($req);
-- $signature = $req->get_parameter('oauth_signature');
-- $valid_sig = $signature_method->check_signature($req,
-- $consumer,
-- $token,
-- $signature);
-- if (!$valid_sig) {
-- throw new OAuthException("Invalid signature");
-- }
-- }
-+ function check_signature(&$req, $consumer, $token) {
-+ $signature_method = $this->get_signature_method($req);
-+ $signature = $req->get_parameter('oauth_signature');
-+ $valid_sig = $signature_method->check_signature($req,
-+ $consumer,
-+ $token,
-+ $signature);
-+ if (!$valid_sig) {
-+ throw new OAuthException("Invalid signature");
-+ }
-+ }
-hunk ./actions/userauthorization.php 569
-- function get_signature_method(&$req) {
-- $signature_method = @$req->get_parameter("oauth_signature_method");
-- if (!$signature_method) {
-- $signature_method = "PLAINTEXT";
-- }
-- if ($signature_method != 'HMAC-SHA1') {
-- throw new OAuthException("Signature method '$signature_method' not supported.");
-- }
-- return omb_hmac_sha1();
-- }
-+ function get_signature_method(&$req) {
-+ $signature_method = @$req->get_parameter("oauth_signature_method");
-+ if (!$signature_method) {
-+ $signature_method = "PLAINTEXT";
-+ }
-+ if ($signature_method != 'HMAC-SHA1') {
-+ throw new OAuthException("Signature method '$signature_method' not supported.");
-+ }
-+ return omb_hmac_sha1();
-+ }
-hunk ./actions/userbyid.php 23
--
-- function is_readonly() {
-- return true;
-- }
--
-+
-+ function is_readonly() {
-+ return true;
-+ }
-+
-hunk ./actions/userbyid.php 32
-- $this->client_error(_('No id.'));
-- }
-- $user =& User::staticGet($id);
-- if (!$user) {
-- $this->client_error(_('No such user.'));
-+ $this->client_error(_('No id.'));
-+ }
-+ $user =& User::staticGet($id);
-+ if (!$user) {
-+ $this->client_error(_('No such user.'));
-hunk ./actions/userbyid.php 42
-- $type = common_negotiate_type(common_accept_to_prefs($httpaccept),
-+ $type = common_negotiate_type(common_accept_to_prefs($httpaccept),
-hunk ./actions/userbyid.php 44
-- $page = $type == 'application/rdf+xml' ? 'foaf' : 'showstream';
-+ $page = $type == 'application/rdf+xml' ? 'foaf' : 'showstream';
-hunk ./actions/userbyid.php 46
-- $url = common_local_url($page, array('nickname' => $user->nickname));
-- common_redirect($url, 303);
-- }
-+ $url = common_local_url($page, array('nickname' => $user->nickname));
-+ common_redirect($url, 303);
-+ }