diff options
author | Evan Prodromou <evan@status.net> | 2009-10-31 12:16:30 -0400 |
---|---|---|
committer | Evan Prodromou <evan@status.net> | 2009-10-31 12:16:30 -0400 |
commit | 5e27d53947ff64c8aee1b2287e1c77bbeaea51f7 (patch) | |
tree | baf10735ebc98827820844e8ec9d616061ab645b /actions | |
parent | 65a3ccd4587193bba72501837fab097e041f96d3 (diff) | |
parent | dcca9fbec0cea9c5e15c4d58a8e9870514dfdbdd (diff) |
Merge branch '0.8.x' into testing
Diffstat (limited to 'actions')
-rw-r--r-- | actions/getfile.php | 145 | ||||
-rw-r--r-- | actions/newnotice.php | 4 | ||||
-rw-r--r-- | actions/twitapistatuses.php | 7 |
3 files changed, 150 insertions, 6 deletions
diff --git a/actions/getfile.php b/actions/getfile.php new file mode 100644 index 000000000..ecda34c0f --- /dev/null +++ b/actions/getfile.php @@ -0,0 +1,145 @@ +<?php +/** + * StatusNet, the distributed open-source microblogging tool + * + * Returns a given file attachment, allowing private sites to only allow + * access to file attachments after login. + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Personal + * @package StatusNet + * @author Jeffery To <jeffery.to@gmail.com> + * @copyright 2008-2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +require_once 'MIME/Type.php'; + +/** + * Action for getting a file attachment + * + * @category Personal + * @package StatusNet + * @author Jeffery To <jeffery.to@gmail.com> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class GetfileAction extends Action +{ + /** + * Path of file to return + */ + + var $path = null; + + /** + * Get file name + * + * @param array $args $_REQUEST array + * + * @return success flag + */ + + function prepare($args) + { + parent::prepare($args); + + $filename = $this->trimmed('filename'); + $path = null; + + if ($filename) { + $path = common_config('attachments', 'dir') . $filename; + } + + if (empty($path) or !file_exists($path)) { + $this->clientError(_('No such file.'), 404); + return false; + } + if (!is_readable($path)) { + $this->clientError(_('Cannot read file.'), 403); + return false; + } + + $this->path = $path; + return true; + } + + /** + * Is this page read-only? + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * Last-modified date for file + * + * @return int last-modified date as unix timestamp + */ + + function lastModified() + { + return filemtime($this->path); + } + + /** + * etag for file + * + * This returns the same data (inode, size, mtime) as Apache would, + * but in decimal instead of hex. + * + * @return string etag http header + */ + function etag() + { + $stat = stat($this->path); + return '"' . $stat['ino'] . '-' . $stat['size'] . '-' . $stat['mtime'] . '"'; + } + + /** + * Handle input, produce output + * + * @param array $args $_REQUEST contents + * + * @return void + */ + + function handle($args) + { + // undo headers set by PHP sessions + $sec = session_cache_expire() * 60; + header('Expires: ' . date(DATE_RFC1123, time() + $sec)); + header('Cache-Control: public, max-age=' . $sec); + header('Pragma: public'); + + parent::handle($args); + + $path = $this->path; + header('Content-Type: ' . MIME_Type::autoDetect($path)); + readfile($path); + } +} diff --git a/actions/newnotice.php b/actions/newnotice.php index 8c0476f70..548832eca 100644 --- a/actions/newnotice.php +++ b/actions/newnotice.php @@ -271,7 +271,9 @@ class NewnoticeAction extends Action common_broadcast_notice($notice); if ($this->boolean('ajax')) { - $this->startHTML('text/xml;charset=utf-8'); + header('Content-Type: text/xml;charset=utf-8'); + $this->xw->startDocument('1.0', 'UTF-8'); + $this->elementStart('html'); $this->elementStart('head'); $this->element('title', null, _('Notice posted')); $this->elementEnd('head'); diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php index 360dff27c..b0d3e584b 100644 --- a/actions/twitapistatuses.php +++ b/actions/twitapistatuses.php @@ -236,11 +236,8 @@ class TwitapistatusesAction extends TwitterapiAction } if (empty($status)) { - - // XXX: Note: In this case, Twitter simply returns '200 OK' - // No error is given, but the status is not posted to the - // user's timeline. Seems bad. Shouldn't we throw an - // errror? -- Zach + $this->clientError(_('Client must provide a \'status\' parameter with a value.'), + $code = 403, $apidata['content-type']); return; } else { |