diff options
author | Evan Prodromou <evan@status.net> | 2010-08-03 16:04:54 -0700 |
---|---|---|
committer | Evan Prodromou <evan@status.net> | 2010-08-03 16:04:54 -0700 |
commit | 004e42e3e0606f0f9e5c8b6cd4512e5d870cd56e (patch) | |
tree | ab895f7609c8afeeadf3439c860b69d0cffcbb5e /actions | |
parent | d2234580357349a6887a2321e69d11de7bb29106 (diff) | |
parent | fdd9aa58e3caf87096e1c1dcfa8b2f286b04e4b1 (diff) |
Merge remote branch 'gitorious/1.0.x' into 1.0.x
Diffstat (limited to 'actions')
51 files changed, 1051 insertions, 139 deletions
diff --git a/actions/all.php b/actions/all.php index a977fce95..9c01b6393 100644 --- a/actions/all.php +++ b/actions/all.php @@ -18,15 +18,19 @@ * * @category Actions * @package Actions - * @author Evan Prodromou <evan@status.net> - * @author Mike Cochrane <mikec@mikenz.geek.nz> - * @author Robin Millette <millette@controlyourself.ca> * @author Adrian Lang <mail@adrianlang.de> - * @author Meitar Moscovitz <meitarm@gmail.com> - * @author Sarven Capadisli <csarven@status.net> + * @author Brenda Wallace <shiny@cpan.org> + * @author Brion Vibber <brion@pobox.com> * @author Craig Andrews <candrews@integralblue.com> + * @author Evan Prodromou <evan@status.net> * @author Jeffery To <jeffery.to@gmail.com> - * @author Zach Copley <zach@controlyourself.ca> + * @author Meitar Moscovitz <meitarm@gmail.com> + * @author Mike Cochrane <mikec@mikenz.geek.nz> + * @author Robin Millette <millette@status.net> + * @author Sarven Capadisli <csarven@status.net> + * @author Siebrand Mazeland <s.mazeland@xs4all.nl> + * @author Zach Copley <zach@status.net> + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license GNU Affero General Public License http://www.gnu.org/licenses/ * @link http://status.net */ diff --git a/actions/apiaccountratelimitstatus.php b/actions/apiaccountratelimitstatus.php index f19e315bf..e2dff2db9 100644 --- a/actions/apiaccountratelimitstatus.php +++ b/actions/apiaccountratelimitstatus.php @@ -21,8 +21,10 @@ * * @category API * @package StatusNet + * @author Brion Vibber <brion@pobox.com> * @author Evan Prodromou <evan@status.net> * @author Robin Millette <robin@millette.info> + * @author Siebrand Mazeland <s.mazeland@xs4all.nl> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 diff --git a/actions/apiaccountupdatedeliverydevice.php b/actions/apiaccountupdatedeliverydevice.php index d42d25a61..e25b9a954 100644 --- a/actions/apiaccountupdatedeliverydevice.php +++ b/actions/apiaccountupdatedeliverydevice.php @@ -21,6 +21,7 @@ * * @category API * @package StatusNet + * @author Siebrand Mazeland <s.mazeland@xs4all.nl> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 diff --git a/actions/apiaccountverifycredentials.php b/actions/apiaccountverifycredentials.php index ea61a3205..79416e9b2 100644 --- a/actions/apiaccountverifycredentials.php +++ b/actions/apiaccountverifycredentials.php @@ -75,7 +75,7 @@ class ApiAccountVerifyCredentialsAction extends ApiAuthAction if ($this->format == 'xml') { $this->initDocument('xml'); - $this->showTwitterXmlUser($twitter_user); + $this->showTwitterXmlUser($twitter_user, 'user', true); $this->endDocument('xml'); } elseif ($this->format == 'json') { $this->initDocument('json'); diff --git a/actions/apidirectmessage.php b/actions/apidirectmessage.php index 53da9e0c6..7a0f46274 100644 --- a/actions/apidirectmessage.php +++ b/actions/apidirectmessage.php @@ -232,7 +232,8 @@ class ApiDirectMessageAction extends ApiAuthAction function showXmlDirectMessages() { $this->initDocument('xml'); - $this->elementStart('direct-messages', array('type' => 'array')); + $this->elementStart('direct-messages', array('type' => 'array', + 'xmlns:statusnet' => 'http://status.net/schema/api/1/')); foreach ($this->messages as $m) { $dm_array = $this->directMessageArray($m); diff --git a/actions/apidirectmessagenew.php b/actions/apidirectmessagenew.php index b9ac92d77..65d065648 100644 --- a/actions/apidirectmessagenew.php +++ b/actions/apidirectmessagenew.php @@ -52,7 +52,6 @@ require_once INSTALLDIR . '/lib/apiauth.php'; class ApiDirectMessageNewAction extends ApiAuthAction { - var $source = null; var $other = null; var $content = null; @@ -76,13 +75,6 @@ class ApiDirectMessageNewAction extends ApiAuthAction return; } - $this->source = $this->trimmed('source'); // Not supported by Twitter. - - $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); - if (empty($this->source) || in_array($this->source, $reserved_sources)) { - $source = 'api'; - } - $this->content = $this->trimmed('text'); $this->user = $this->auth_user; diff --git a/actions/apifavoritecreate.php b/actions/apifavoritecreate.php index 00b6349b0..0447a92ba 100644 --- a/actions/apifavoritecreate.php +++ b/actions/apifavoritecreate.php @@ -25,6 +25,7 @@ * @author Evan Prodromou <evan@status.net> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ diff --git a/actions/apifavoritedestroy.php b/actions/apifavoritedestroy.php index c4daf480e..9f2efdd00 100644 --- a/actions/apifavoritedestroy.php +++ b/actions/apifavoritedestroy.php @@ -25,6 +25,7 @@ * @author Evan Prodromou <evan@status.net> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ diff --git a/actions/apigroupcreate.php b/actions/apigroupcreate.php index 3eb3ae5fc..d216c15cd 100644 --- a/actions/apigroupcreate.php +++ b/actions/apigroupcreate.php @@ -26,6 +26,7 @@ * @author Jeffery To <jeffery.to@gmail.com> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ diff --git a/actions/apigroupismember.php b/actions/apigroupismember.php index f51c747df..eaa4769f3 100644 --- a/actions/apigroupismember.php +++ b/actions/apigroupismember.php @@ -26,6 +26,7 @@ * @author Jeffery To <jeffery.to@gmail.com> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ diff --git a/actions/apigroupjoin.php b/actions/apigroupjoin.php index 28df72fa9..5265ec629 100644 --- a/actions/apigroupjoin.php +++ b/actions/apigroupjoin.php @@ -26,6 +26,7 @@ * @author Jeffery To <jeffery.to@gmail.com> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ diff --git a/actions/apigroupleave.php b/actions/apigroupleave.php index f6e52b26e..8c100d58a 100644 --- a/actions/apigroupleave.php +++ b/actions/apigroupleave.php @@ -26,6 +26,7 @@ * @author Jeffery To <jeffery.to@gmail.com> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ diff --git a/actions/apigrouplist.php b/actions/apigrouplist.php index 3ea2c30cb..148c802f4 100644 --- a/actions/apigrouplist.php +++ b/actions/apigrouplist.php @@ -26,6 +26,7 @@ * @author Jeffery To <jeffery.to@gmail.com> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ diff --git a/actions/apigrouplistall.php b/actions/apigrouplistall.php index bd05fa3ea..a8317608d 100644 --- a/actions/apigrouplistall.php +++ b/actions/apigrouplistall.php @@ -26,6 +26,7 @@ * @author Jeffery To <jeffery.to@gmail.com> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ diff --git a/actions/apigroupmembership.php b/actions/apigroupmembership.php index c97b27fac..ffd5c7c7d 100644 --- a/actions/apigroupmembership.php +++ b/actions/apigroupmembership.php @@ -26,6 +26,7 @@ * @author Jeffery To <jeffery.to@gmail.com> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ diff --git a/actions/apigroupprofileupdate.php b/actions/apigroupprofileupdate.php new file mode 100644 index 000000000..6ac4b5a4b --- /dev/null +++ b/actions/apigroupprofileupdate.php @@ -0,0 +1,367 @@ +<?php +/** + * StatusNet, the distributed open-source microblogging tool + * + * Update a group's profile + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category API + * @package StatusNet + * @author Zach Copley <zach@status.net> + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/apiauth.php'; + +/** + * API analog to the group edit page + * + * @category API + * @package StatusNet + * @author Zach Copley <zach@status.net> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiGroupProfileUpdateAction extends ApiAuthAction +{ + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->nickname = common_canonical_nickname($this->trimmed('nickname')); + + $this->fullname = $this->trimmed('fullname'); + $this->homepage = $this->trimmed('homepage'); + $this->description = $this->trimmed('description'); + $this->location = $this->trimmed('location'); + $this->aliasstring = $this->trimmed('aliases'); + + $this->user = $this->auth_user; + $this->group = $this->getTargetGroup($this->arg('id')); + + return true; + } + + /** + * Handle the request + * + * See which request params have been set, and update the profile + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, $this->format + ); + return; + } + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError( + _('API method not found.'), + 404, + $this->format + ); + return; + } + + if (empty($this->user)) { + $this->clientError(_('No such user.'), 404, $this->format); + return; + } + + if (empty($this->group)) { + $this->clientError(_('Group not found.'), 404, $this->format); + return false; + } + + if (!$this->user->isAdmin($this->group)) { + $this->clientError(_('You must be an admin to edit the group.'), 403); + return false; + } + + $this->group->query('BEGIN'); + + $orig = clone($this->group); + + try { + + if (!empty($this->nickname)) { + if ($this->validateNickname()) { + $this->group->nickname = $this->nickname; + $this->group->mainpage = common_local_url( + 'showgroup', + array('nickname' => $this->nickname) + ); + } + } + + if (!empty($this->fullname)) { + $this->validateFullname(); + $this->group->fullname = $this->fullname; + } + + if (!empty($this->homepage)) { + $this->validateHomepage(); + $this->group->homepage = $this->hompage; + } + + if (!empty($this->description)) { + $this->validateDescription(); + $this->group->description = $this->decription; + } + + if (!empty($this->location)) { + $this->validateLocation(); + $this->group->location = $this->location; + } + + } catch (ApiValidationException $ave) { + $this->clientError( + $ave->getMessage(), + 403, + $this->format + ); + return; + } + + $result = $this->group->update($orig); + + if (!$result) { + common_log_db_error($this->group, 'UPDATE', __FILE__); + $this->serverError(_('Could not update group.')); + } + + $aliases = array(); + + try { + + if (!empty($this->aliasstring)) { + $aliases = $this->validateAliases(); + } + + } catch (ApiValidationException $ave) { + $this->clientError( + $ave->getMessage(), + 403, + $this->format + ); + return; + } + + $result = $this->group->setAliases($aliases); + + if (!$result) { + $this->serverError(_('Could not create aliases.')); + } + + if (!empty($this->nickname) && ($this->nickname != $orig->nickname)) { + common_log(LOG_INFO, "Saving local group info."); + $local = Local_group::staticGet('group_id', $this->group->id); + $local->setNickname($this->nickname); + } + + $this->group->query('COMMIT'); + + switch($this->format) { + case 'xml': + $this->showSingleXmlGroup($this->group); + break; + case 'json': + $this->showSingleJsonGroup($this->group); + break; + default: + $this->clientError(_('API method not found.'), 404, $this->format); + break; + } + } + + function nicknameExists($nickname) + { + $group = Local_group::staticGet('nickname', $nickname); + + if (!empty($group) && + $group->group_id != $this->group->id) { + return true; + } + + $alias = Group_alias::staticGet('alias', $nickname); + + if (!empty($alias) && + $alias->group_id != $this->group->id) { + return true; + } + + return false; + } + + function validateNickname() + { + if (!Validate::string( + $this->nickname, array( + 'min_length' => 1, + 'max_length' => 64, + 'format' => NICKNAME_FMT + ) + ) + ) { + throw new ApiValidationException( + _( + 'Nickname must have only lowercase letters ' . + 'and numbers and no spaces.' + ) + ); + } else if ($this->nicknameExists($this->nickname)) { + throw new ApiValidationException( + _('Nickname already in use. Try another one.') + ); + } else if (!User_group::allowedNickname($this->nickname)) { + throw new ApiValidationException( + _('Not a valid nickname.') + ); + } + + return true; + } + + function validateHomepage() + { + if (!is_null($this->homepage) + && (strlen($this->homepage) > 0) + && !Validate::uri( + $this->homepage, + array('allowed_schemes' => array('http', 'https') + ) + ) + ) { + throw new ApiValidationException( + _('Homepage is not a valid URL.') + ); + } + } + + function validateFullname() + { + if (!is_null($this->fullname) && mb_strlen($this->fullname) > 255) { + throw new ApiValidationException( + _('Full name is too long (max 255 chars).') + ); + } + } + + function validateDescription() + { + if (User_group::descriptionTooLong($this->description)) { + throw new ApiValidationException( + sprintf( + _('description is too long (max %d chars).'), + User_group::maxDescription() + ) + ); + } + } + + function validateLocation() + { + if (!is_null($this->location) && mb_strlen($this->location) > 255) { + throw new ApiValidationException( + _('Location is too long (max 255 chars).') + ); + } + } + + function validateAliases() + { + $aliases = array_map( + 'common_canonical_nickname', + array_unique( + preg_split('/[\s,]+/', + $this->aliasstring + ) + ) + ); + + if (count($aliases) > common_config('group', 'maxaliases')) { + throw new ApiValidationException( + sprintf( + _('Too many aliases! Maximum %d.'), + common_config('group', 'maxaliases') + ) + ); + } + + foreach ($aliases as $alias) { + if (!Validate::string( + $alias, array( + 'min_length' => 1, + 'max_length' => 64, + 'format' => NICKNAME_FMT) + ) + ) { + throw new ApiValidationException( + sprintf( + _('Invalid alias: "%s"'), + $alias + ) + ); + } + + if ($this->nicknameExists($alias)) { + throw new ApiValidationException( + sprintf( + _('Alias "%s" already in use. Try another one.'), + $alias) + ); + } + + // XXX assumes alphanum nicknames + if (strcmp($alias, $this->nickname) == 0) { + throw new ApiValidationException( + _('Alias can\'t be the same as nickname.') + ); + } + } + + return $aliases; + } + +}
\ No newline at end of file diff --git a/actions/apigroupshow.php b/actions/apigroupshow.php index 8e471689a..2998e505e 100644 --- a/actions/apigroupshow.php +++ b/actions/apigroupshow.php @@ -26,6 +26,7 @@ * @author Jeffery To <jeffery.to@gmail.com> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ diff --git a/actions/twitapisearchatom.php b/actions/apisearchatom.php index 24aa619bd..60bb8b040 100644 --- a/actions/twitapisearchatom.php +++ b/actions/apisearchatom.php @@ -22,7 +22,7 @@ * @category Search * @package StatusNet * @author Zach Copley <zach@status.net> - * @copyright 2008-2009 StatusNet, Inc. + * @copyright 2008-2010 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -31,6 +31,8 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } +require_once INSTALLDIR.'/lib/apiprivateauth.php'; + /** * Action for outputting search results in Twitter compatible Atom * format. @@ -44,10 +46,10 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ * - * @see ApiAction + * @see ApiPrivateAuthAction */ -class TwitapisearchatomAction extends ApiAction +class ApiSearchAtomAction extends ApiPrivateAuthAction { var $cnt; @@ -96,8 +98,11 @@ class TwitapisearchatomAction extends ApiAction function prepare($args) { + common_debug("in apisearchatom prepare()"); + parent::prepare($args); + $this->query = $this->trimmed('q'); $this->lang = $this->trimmed('lang'); $this->rpp = $this->trimmed('rpp'); @@ -138,6 +143,7 @@ class TwitapisearchatomAction extends ApiAction function handle($args) { parent::handle($args); + common_debug("In apisearchatom handle()"); $this->showAtom(); } @@ -342,10 +348,24 @@ class TwitapisearchatomAction extends ApiAction 'rel' => 'related', 'href' => $profile->avatarUrl())); - // TODO: Here is where we'd put in a link to an atom feed for threads + // @todo: Here is where we'd put in a link to an atom feed for threads + + $source = null; + + $ns = $notice->getSource(); + if ($ns) { + if (!empty($ns->name) && !empty($ns->url)) { + $source = '<a href="' + . htmlspecialchars($ns->url) + . '" rel="nofollow">' + . htmlspecialchars($ns->name) + . '</a>'; + } else { + $source = $ns->code; + } + } - $this->element("twitter:source", null, - htmlentities($this->sourceLink($notice->source))); + $this->element("twitter:source", null, $source); $this->elementStart('author'); diff --git a/actions/twitapisearchjson.php b/actions/apisearchjson.php index b5c006aa7..e44634684 100644 --- a/actions/twitapisearchjson.php +++ b/actions/apisearchjson.php @@ -22,7 +22,7 @@ * @category Search * @package StatusNet * @author Zach Copley <zach@status.net> - * @copyright 2008-2009 StatusNet, Inc. + * @copyright 2008-2010 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -31,6 +31,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } +require_once INSTALLDIR.'/lib/apiprivateauth.php'; require_once INSTALLDIR.'/lib/jsonsearchresultslist.php'; /** @@ -44,7 +45,7 @@ require_once INSTALLDIR.'/lib/jsonsearchresultslist.php'; * @see ApiAction */ -class TwitapisearchjsonAction extends ApiAction +class ApiSearchJSONAction extends ApiPrivateAuthAction { var $query; var $lang; @@ -64,6 +65,8 @@ class TwitapisearchjsonAction extends ApiAction function prepare($args) { + common_debug("apisearchjson prepare()"); + parent::prepare($args); $this->query = $this->trimmed('q'); diff --git a/actions/apistatusesdestroy.php b/actions/apistatusesdestroy.php index f7d52f020..0dfeb4812 100644 --- a/actions/apistatusesdestroy.php +++ b/actions/apistatusesdestroy.php @@ -29,6 +29,7 @@ * @author Robin Millette <robin@millette.info> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -57,7 +58,7 @@ require_once INSTALLDIR . '/lib/apiauth.php'; class ApiStatusesDestroyAction extends ApiAuthAction { - var $status = null; + var $status = null; /** * Take arguments for running @@ -99,39 +100,43 @@ class ApiStatusesDestroyAction extends ApiAuthAction parent::handle($args); if (!in_array($this->format, array('xml', 'json'))) { - $this->clientError(_('API method not found.'), $code = 404); - return; + $this->clientError( + _('API method not found.'), + 404 + ); + return; } - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - $this->clientError(_('This method requires a POST or DELETE.'), - 400, $this->format); - return; - } - - if (empty($this->notice)) { - $this->clientError(_('No status found with that ID.'), - 404, $this->format); - return; - } - - if ($this->user->id == $this->notice->profile_id) { - $replies = new Reply; - $replies->get('notice_id', $this->notice_id); - $replies->delete(); - $this->notice->delete(); - - if ($this->format == 'xml') { - $this->showSingleXmlStatus($this->notice); - } elseif ($this->format == 'json') { - $this->show_single_json_status($this->notice); - } - } else { - $this->clientError(_('You may not delete another user\'s status.'), - 403, $this->format); - } - - $this->showNotice(); + if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { + $this->clientError( + _('This method requires a POST or DELETE.'), + 400, + $this->format + ); + return; + } + + if (empty($this->notice)) { + $this->clientError( + _('No status found with that ID.'), + 404, $this->format + ); + return; + } + + if ($this->user->id == $this->notice->profile_id) { + $replies = new Reply; + $replies->get('notice_id', $this->notice_id); + $replies->delete(); + $this->notice->delete(); + $this->showNotice(); + } else { + $this->clientError( + _('You may not delete another user\'s status.'), + 403, + $this->format + ); + } } /** diff --git a/actions/apistatusesretweet.php b/actions/apistatusesretweet.php index 128c881e2..9aa337485 100644 --- a/actions/apistatusesretweet.php +++ b/actions/apistatusesretweet.php @@ -79,7 +79,7 @@ class ApiStatusesRetweetAction extends ApiAuthAction $this->user = $this->auth_user; - if ($this->user->id == $notice->profile_id) { + if ($this->user->id == $this->original->profile_id) { $this->clientError(_('Cannot repeat your own notice.'), 400, $this->format); return false; diff --git a/actions/apistatusesshow.php b/actions/apistatusesshow.php index 0315d2953..476820a43 100644 --- a/actions/apistatusesshow.php +++ b/actions/apistatusesshow.php @@ -29,6 +29,7 @@ * @author Robin Millette <robin@millette.info> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php index d4ef6b550..d65a068f5 100644 --- a/actions/apistatusesupdate.php +++ b/actions/apistatusesupdate.php @@ -29,10 +29,102 @@ * @author Robin Millette <robin@millette.info> * @author Zach Copley <zach@status.net> * @copyright 2009-2010 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ +/* External API usage documentation. Please update when you change how this method works. */ + +/*! @page statusesupdate statuses/update + + @section Description + Updates the authenticating user's status. Requires the status parameter specified below. + Request must be a POST. + + @par URL pattern + /api/statuses/update.:format + + @par Formats (:format) + xml, json + + @par HTTP Method(s) + POST + + @par Requires Authentication + Yes + + @param status (Required) The URL-encoded text of the status update. + @param source (Optional) The source of the status. + @param in_reply_to_status_id (Optional) The ID of an existing status that the update is in reply to. + @param lat (Optional) The latitude the status refers to. + @param long (Optional) The longitude the status refers to. + @param media (Optional) a media upload, such as an image or movie file. + + @sa @ref authentication + @sa @ref apiroot + + @subsection usagenotes Usage notes + + @li The URL pattern is relative to the @ref apiroot. + @li If the @e source parameter is not supplied the source of the status will default to 'api'. + @li The XML response uses <a href="http://georss.org/Main_Page">GeoRSS</a> + to encode the latitude and longitude (see example response below <georss:point>). + @li Data uploaded via the @e media parameter should be multipart/form-data encoded. + + @subsection exampleusage Example usage + + @verbatim + curl -u username:password http://example.com/api/statuses/update.xml -d status='Howdy!' -d lat='30.468' -d long='-94.743' + @endverbatim + + @subsection exampleresponse Example response + + @verbatim + <?xml version="1.0" encoding="UTF-8"?> + <status> + <text>Howdy!</text> + <truncated>false</truncated> + <created_at>Tue Mar 30 23:28:05 +0000 2010</created_at> + <in_reply_to_status_id/> + <source>api</source> + <id>26668724</id> + <in_reply_to_user_id/> + <in_reply_to_screen_name/> + <geo xmlns:georss="http://www.georss.org/georss"> + <georss:point>30.468 -94.743</georss:point> + </geo> + <favorited>false</favorited> + <user> + <id>25803</id> + <name>Jed Sanders</name> + <screen_name>jedsanders</screen_name> + <location>Hoop and Holler, Texas</location> + <description>I like to think of myself as America's Favorite.</description> + <profile_image_url>http://avatar.example.com/25803-48-20080924200604.png</profile_image_url> + <url>http://jedsanders.net</url> + <protected>false</protected> + <followers_count>5</followers_count> + <profile_background_color/> + <profile_text_color/> + <profile_link_color/> + <profile_sidebar_fill_color/> + <profile_sidebar_border_color/> + <friends_count>2</friends_count> + <created_at>Wed Sep 24 20:04:00 +0000 2008</created_at> + <favourites_count>0</favourites_count> + <utc_offset>0</utc_offset> + <time_zone>UTC</time_zone> + <profile_background_image_url/> + <profile_background_tile>false</profile_background_tile> + <statuses_count>70</statuses_count> + <following>true</following> + <notifications>true</notifications> + </user> + </status> + @endverbatim +*/ + if (!defined('STATUSNET')) { exit(1); } @@ -64,8 +156,6 @@ class ApiStatusesUpdateAction extends ApiAuthAction var $lat = null; var $lon = null; - static $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); - /** * Take arguments for running * @@ -80,19 +170,9 @@ class ApiStatusesUpdateAction extends ApiAuthAction parent::prepare($args); $this->status = $this->trimmed('status'); - $this->source = $this->trimmed('source'); $this->lat = $this->trimmed('lat'); $this->lon = $this->trimmed('long'); - // try to set the source attr from OAuth app - if (empty($this->source)) { - $this->source = $this->oauth_source; - } - - if (empty($this->source) || in_array($this->source, self::$reserved_sources)) { - $this->source = 'api'; - } - $this->in_reply_to_status_id = intval($this->trimmed('in_reply_to_status_id')); diff --git a/actions/apisubscriptions.php b/actions/apisubscriptions.php index 0ba324057..63d65f289 100644 --- a/actions/apisubscriptions.php +++ b/actions/apisubscriptions.php @@ -206,7 +206,8 @@ class ApiSubscriptionsAction extends ApiBareAuthAction { switch ($this->format) { case 'xml': - $this->elementStart('users', array('type' => 'array')); + $this->elementStart('users', array('type' => 'array', + 'xmlns:statusnet' => 'http://status.net/schema/api/1/')); foreach ($this->profiles as $profile) { $this->showProfile( $profile, diff --git a/actions/apitimelinefavorites.php b/actions/apitimelinefavorites.php index 8cb2e808d..7228960c0 100644 --- a/actions/apitimelinefavorites.php +++ b/actions/apitimelinefavorites.php @@ -25,6 +25,7 @@ * @author Evan Prodromou <evan@status.net> * @author Zach Copley <zach@status.net> * @copyright 2009-2010 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -150,7 +151,7 @@ class ApiTimelineFavoritesAction extends ApiBareAuthAction header('Content-Type: application/atom+xml; charset=utf-8'); - $atom = new AtomNoticeFeed(); + $atom = new AtomNoticeFeed($this->auth_user); $atom->setId($id); $atom->setTitle($title); @@ -185,17 +186,23 @@ class ApiTimelineFavoritesAction extends ApiBareAuthAction { $notices = array(); + common_debug("since id = " . $this->since_id . " max id = " . $this->max_id); + if (!empty($this->auth_user) && $this->auth_user->id == $this->user->id) { $notice = $this->user->favoriteNotices( + true, ($this->page-1) * $this->count, $this->count, - true + $this->since_id, + $this->max_id ); } else { $notice = $this->user->favoriteNotices( + false, ($this->page-1) * $this->count, $this->count, - false + $this->since_id, + $this->max_id ); } diff --git a/actions/apitimelinefriends.php b/actions/apitimelinefriends.php index 7f80f252e..40ce35979 100644 --- a/actions/apitimelinefriends.php +++ b/actions/apitimelinefriends.php @@ -28,11 +28,107 @@ * @author Mike Cochrane <mikec@mikenz.geek.nz> * @author Robin Millette <robin@millette.info> * @author Zach Copley <zach@status.net> - * @copyright 2009 StatusNet, Inc. + * @copyright 2009-2010 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ +/* External API usage documentation. Please update when you change how this method works. */ + +/*! @page friendstimeline statuses/friends_timeline + + @section Description + Returns the 20 most recent statuses posted by the authenticating + user and that user's friends. This is the equivalent of "You and + friends" page in the web interface. + + @par URL patterns + @li /api/statuses/friends_timeline.:format + @li /api/statuses/friends_timeline/:id.:format + + @par Formats (:format) + xml, json, rss, atom + + @par ID (:id) + username, user id + + @par HTTP Method(s) + GET + + @par Requires Authentication + Sometimes (see: @ref authentication) + + @param user_id (Optional) Specifies a user by ID + @param screen_name (Optional) Specifies a user by screename (nickname) + @param since_id (Optional) Returns only statuses with an ID greater + than (that is, more recent than) the specified ID. + @param max_id (Optional) Returns only statuses with an ID less than + (that is, older than) or equal to the specified ID. + @param count (Optional) Specifies the number of statuses to retrieve. + @param page (Optional) Specifies the page of results to retrieve. + + @sa @ref authentication + @sa @ref apiroot + + @subsection usagenotes Usage notes + @li The URL pattern is relative to the @ref apiroot. + @li The XML response uses <a href="http://georss.org/Main_Page">GeoRSS</a> + to encode the latitude and longitude (see example response below <georss:point>). + + @subsection exampleusage Example usage + + @verbatim + curl http://identi.ca/api/statuses/friends_timeline/evan.xml?count=1&page=2 + @endverbatim + + @subsection exampleresponse Example response + + @verbatim + <?xml version="1.0"?> + <statuses type="array"> + <status> + <text>back from the !yul !drupal meet with Evolving Web folk, @anarcat, @webchick and others, and an interesting refresher on SQL indexing</text> + <truncated>false</truncated> + <created_at>Wed Mar 31 01:33:02 +0000 2010</created_at> + <in_reply_to_status_id/> + <source><a href="http://code.google.com/p/microblog-purple/">mbpidgin</a></source> + <id>26674201</id> + <in_reply_to_user_id/> + <in_reply_to_screen_name/> + <geo/> + <favorited>false</favorited> + <user> + <id>246</id> + <name>Mark</name> + <screen_name>lambic</screen_name> + <location>Montreal, Canada</location> + <description>Geek</description> + <profile_image_url>http://avatar.identi.ca/246-48-20080702141545.png</profile_image_url> + <url>http://lambic.co.uk</url> + <protected>false</protected> + <followers_count>73</followers_count> + <profile_background_color>#F0F2F5</profile_background_color> + <profile_text_color/> + <profile_link_color>#002E6E</profile_link_color> + <profile_sidebar_fill_color>#CEE1E9</profile_sidebar_fill_color> + <profile_sidebar_border_color/> + <friends_count>58</friends_count> + <created_at>Wed Jul 02 14:12:15 +0000 2008</created_at> + <favourites_count>2</favourites_count> + <utc_offset>-14400</utc_offset> + <time_zone>US/Eastern</time_zone> + <profile_background_image_url/> + <profile_background_tile>false</profile_background_tile> + <statuses_count>933</statuses_count> + <following>false</following> + <notifications>false</notifications> + </user> + </status> + </statuses> + @endverbatim +*/ + if (!defined('STATUSNET')) { exit(1); } @@ -153,7 +249,7 @@ class ApiTimelineFriendsAction extends ApiBareAuthAction header('Content-Type: application/atom+xml; charset=utf-8'); - $atom = new AtomNoticeFeed(); + $atom = new AtomNoticeFeed($this->auth_user); $atom->setId($id); $atom->setTitle($title); diff --git a/actions/apitimelinegroup.php b/actions/apitimelinegroup.php index 56d1de094..c4a6a18d2 100644 --- a/actions/apitimelinegroup.php +++ b/actions/apitimelinegroup.php @@ -26,6 +26,7 @@ * @author Jeffery To <jeffery.to@gmail.com> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -105,7 +106,7 @@ class ApiTimelineGroupAction extends ApiPrivateAuthAction function showTimeline() { // We'll pull common formatting out of this for other formats - $atom = new AtomGroupNoticeFeed($this->group); + $atom = new AtomGroupNoticeFeed($this->group, $this->auth_user); $self = $this->getSelfUri(); diff --git a/actions/apitimelinehome.php b/actions/apitimelinehome.php index 43a13dcda..27eb74169 100644 --- a/actions/apitimelinehome.php +++ b/actions/apitimelinehome.php @@ -29,6 +29,7 @@ * @author Robin Millette <robin@millette.info> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -152,7 +153,7 @@ class ApiTimelineHomeAction extends ApiBareAuthAction header('Content-Type: application/atom+xml; charset=utf-8'); - $atom = new AtomNoticeFeed(); + $atom = new AtomNoticeFeed($this->auth_user); $atom->setId($id); $atom->setTitle($title); diff --git a/actions/apitimelinementions.php b/actions/apitimelinementions.php index c3aec7c5a..ed1ad20e3 100644 --- a/actions/apitimelinementions.php +++ b/actions/apitimelinementions.php @@ -29,6 +29,7 @@ * @author Robin Millette <robin@millette.info> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -151,7 +152,7 @@ class ApiTimelineMentionsAction extends ApiBareAuthAction header('Content-Type: application/atom+xml; charset=utf-8'); - $atom = new AtomNoticeFeed(); + $atom = new AtomNoticeFeed($this->auth_user); $atom->setId($id); $atom->setTitle($title); diff --git a/actions/apitimelinepublic.php b/actions/apitimelinepublic.php index 903461425..f90164288 100644 --- a/actions/apitimelinepublic.php +++ b/actions/apitimelinepublic.php @@ -29,6 +29,7 @@ * @author Robin Millette <robin@millette.info> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -55,6 +56,95 @@ require_once INSTALLDIR . '/lib/apiprivateauth.php'; * @link http://status.net/ */ +/* External API usage documentation. Please update when you change how this method works. */ + +/*! @page publictimeline statuses/public_timeline + + @section Description + Returns the 20 most recent notices from users throughout the system who have + uploaded their own avatars. Depending on configuration, it may or may not + not include notices from automatic posting services. + + @par URL patterns + @li /api/statuses/public_timeline.:format + + @par Formats (:format) + xml, json, rss, atom + + @par HTTP Method(s) + GET + + @par Requires Authentication + No + + @param since_id (Optional) Returns only statuses with an ID greater + than (that is, more recent than) the specified ID. + @param max_id (Optional) Returns only statuses with an ID less than + (that is, older than) or equal to the specified ID. + @param count (Optional) Specifies the number of statuses to retrieve. + @param page (Optional) Specifies the page of results to retrieve. + + @sa @ref apiroot + + @subsection usagenotes Usage notes + @li The URL pattern is relative to the @ref apiroot. + @li The XML response uses <a href="http://georss.org/Main_Page">GeoRSS</a> + to encode the latitude and longitude (see example response below <georss:point>). + + @subsection exampleusage Example usage + + @verbatim + curl http://identi.ca/api/statuses/friends_timeline/evan.xml?count=1&page=2 + @endverbatim + + @subsection exampleresponse Example response + + @verbatim + <?xml version="1.0" encoding="UTF-8"?> + <statuses type="array"> + <status> + <text>@skwashd oh, commbank reenabled me super quick both times. but disconcerting when you don't expect it though</text> + <truncated>false</truncated> + <created_at>Sat Apr 17 00:49:12 +0000 2010</created_at> + <in_reply_to_status_id>28838393</in_reply_to_status_id> + <source>xmpp</source> + <id>28838456</id> + <in_reply_to_user_id>39303</in_reply_to_user_id> + <in_reply_to_screen_name>skwashd</in_reply_to_screen_name> + <geo></geo> + <favorited>false</favorited> + <user> + <id>44517</id> + <name>joshua may</name> + <screen_name>notjosh</screen_name> + <location></location> + <description></description> + <profile_image_url>http://avatar.identi.ca/44517-48-20090321004106.jpeg</profile_image_url> + <url></url> + <protected>false</protected> + <followers_count>17</followers_count> + <profile_background_color></profile_background_color> + <profile_text_color></profile_text_color> + <profile_link_color></profile_link_color> + <profile_sidebar_fill_color></profile_sidebar_fill_color> + <profile_sidebar_border_color></profile_sidebar_border_color> + <friends_count>20</friends_count> + <created_at>Sat Mar 21 00:40:25 +0000 2009</created_at> + <favourites_count>0</favourites_count> + <utc_offset>0</utc_offset> + <time_zone>UTC</time_zone> + <profile_background_image_url></profile_background_image_url> + <profile_background_tile>false</profile_background_tile> + <statuses_count>100</statuses_count> + <following>false</following> + <notifications>false</notifications> + </user> + </status> + [....] + </statuses> +@endverbatim +*/ + class ApiTimelinePublicAction extends ApiPrivateAuthAction { @@ -130,7 +220,7 @@ class ApiTimelinePublicAction extends ApiPrivateAuthAction header('Content-Type: application/atom+xml; charset=utf-8'); - $atom = new AtomNoticeFeed(); + $atom = new AtomNoticeFeed($this->auth_user); $atom->setId($id); $atom->setTitle($title); diff --git a/actions/apitimelineretweetsofme.php b/actions/apitimelineretweetsofme.php index c77912fd0..ea922fc42 100644 --- a/actions/apitimelineretweetsofme.php +++ b/actions/apitimelineretweetsofme.php @@ -117,7 +117,7 @@ class ApiTimelineRetweetsOfMeAction extends ApiAuthAction header('Content-Type: application/atom+xml; charset=utf-8'); - $atom = new AtomNoticeFeed(); + $atom = new AtomNoticeFeed($this->auth_user); $atom->setId($id); $atom->setTitle($title); diff --git a/actions/apitimelinetag.php b/actions/apitimelinetag.php index fed1437ea..c7ec172ae 100644 --- a/actions/apitimelinetag.php +++ b/actions/apitimelinetag.php @@ -26,6 +26,7 @@ * @author Jeffery To <jeffery.to@gmail.com> * @author Zach Copley <zach@status.net> * @copyright 2009-2010 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -138,7 +139,7 @@ class ApiTimelineTagAction extends ApiPrivateAuthAction header('Content-Type: application/atom+xml; charset=utf-8'); - $atom = new AtomNoticeFeed(); + $atom = new AtomNoticeFeed($this->auth_user); $atom->setId($id); $atom->setTitle($title); diff --git a/actions/apitimelineuser.php b/actions/apitimelineuser.php index 11431a82c..17a283663 100644 --- a/actions/apitimelineuser.php +++ b/actions/apitimelineuser.php @@ -29,6 +29,7 @@ * @author Robin Millette <robin@millette.info> * @author Zach Copley <zach@status.net> * @copyright 2009 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -115,7 +116,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction // We'll use the shared params from the Atom stub // for other feed types. - $atom = new AtomUserNoticeFeed($this->user); + $atom = new AtomUserNoticeFeed($this->user, $this->auth_user); $link = common_local_url( 'showstream', diff --git a/actions/twitapitrends.php b/actions/apitrends.php index 5a04569a2..5b74636c6 100644 --- a/actions/twitapitrends.php +++ b/actions/apitrends.php @@ -22,7 +22,7 @@ * @category Search * @package StatusNet * @author Zach Copley <zach@status.net> - * @copyright 2008-2009 StatusNet, Inc. + * @copyright 2008-2010 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -31,6 +31,8 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } +require_once INSTALLDIR.'/lib/apiprivateauth.php'; + /** * Returns the top ten queries that are currently trending * @@ -43,7 +45,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { * @see ApiAction */ -class TwitapitrendsAction extends ApiAction +class ApiTrendsAction extends ApiPrivateAuthAction { var $callback; @@ -82,7 +84,7 @@ class TwitapitrendsAction extends ApiAction */ function showTrends() { - $this->serverError(_('API method under construction.'), $code = 501); + $this->serverError(_('API method under construction.'), 501); } }
\ No newline at end of file diff --git a/actions/apiusershow.php b/actions/apiusershow.php index 6c8fad49b..28993102c 100644 --- a/actions/apiusershow.php +++ b/actions/apiusershow.php @@ -113,7 +113,7 @@ class ApiUserShowAction extends ApiPrivateAuthAction if ($this->format == 'xml') { $this->initDocument('xml'); - $this->showTwitterXmlUser($twitter_user); + $this->showTwitterXmlUser($twitter_user, 'user', true); $this->endDocument('xml'); } elseif ($this->format == 'json') { $this->initDocument('json'); diff --git a/actions/block.php b/actions/block.php index 11565e20c..93f8ec937 100644 --- a/actions/block.php +++ b/actions/block.php @@ -87,13 +87,15 @@ class BlockAction extends ProfileFormAction { if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('no')) { - $this->returnToArgs(); + $this->returnToPrevious(); } elseif ($this->arg('yes')) { $this->handlePost(); - $this->returnToArgs(); + $this->returnToPrevious(); } else { $this->showPage(); } + } else { + $this->showPage(); } } @@ -118,6 +120,12 @@ class BlockAction extends ProfileFormAction */ function areYouSureForm() { + // @fixme if we ajaxify the confirmation form, skip the preview on ajax hits + $profile = new ArrayWrapper(array($this->profile)); + $preview = new ProfileList($profile, $this); + $preview->show(); + + $id = $this->profile->id; $this->elementStart('form', array('id' => 'block-' . $id, 'method' => 'post', @@ -187,4 +195,38 @@ class BlockAction extends ProfileFormAction $this->autofocus('form_action-yes'); } + /** + * Override for form session token checks; on our first hit we're just + * requesting confirmation, which doesn't need a token. We need to be + * able to take regular GET requests from email! + * + * @throws ClientException if token is bad on POST request or if we have + * confirmation parameters which could trigger something. + */ + function checkSessionToken() + { + if ($_SERVER['REQUEST_METHOD'] == 'POST' || + $this->arg('yes') || + $this->arg('no')) { + + return parent::checkSessionToken(); + } + } + + /** + * If we reached this form without returnto arguments, return to the + * current user's subscription list. + * + * @return string URL + */ + function defaultReturnTo() + { + $user = common_current_user(); + if ($user) { + return common_local_url('subscribers', + array('nickname' => $user->nickname)); + } else { + return common_local_url('public'); + } + } } diff --git a/actions/deleteuser.php b/actions/deleteuser.php index 1c1f19b0e..02ded68b3 100644 --- a/actions/deleteuser.php +++ b/actions/deleteuser.php @@ -92,10 +92,10 @@ class DeleteuserAction extends ProfileFormAction { if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('no')) { - $this->returnToArgs(); + $this->returnToPrevious(); } elseif ($this->arg('yes')) { $this->handlePost(); - $this->returnToArgs(); + $this->returnToPrevious(); } else { $this->showPage(); } diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php index 8c08581b5..763737175 100644 --- a/actions/designadminpanel.php +++ b/actions/designadminpanel.php @@ -126,9 +126,19 @@ class DesignadminpanelAction extends AdminPanelAction return; } - // check for an image upload + // check for file uploads $bgimage = $this->saveBackgroundImage(); + $customTheme = $this->saveCustomTheme(); + + $oldtheme = common_config('site', 'theme'); + if ($customTheme) { + // This feels pretty hacky :D + $this->args['theme'] = $customTheme; + $themeChanged = true; + } else { + $themeChanged = ($this->trimmed('theme') != $oldtheme); + } static $settings = array('theme', 'logo'); @@ -140,15 +150,13 @@ class DesignadminpanelAction extends AdminPanelAction $this->validate($values); - $oldtheme = common_config('site', 'theme'); - $config = new Config(); $config->query('BEGIN'); // Only update colors if the theme has not changed. - if ($oldtheme == $values['theme']) { + if (!$themeChanged) { $bgcolor = new WebColor($this->trimmed('design_background')); $ccolor = new WebColor($this->trimmed('design_content')); @@ -190,6 +198,13 @@ class DesignadminpanelAction extends AdminPanelAction Config::save('design', 'backgroundimage', $bgimage); } + if (common_config('custom_css', 'enabled')) { + $css = $this->arg('css'); + if ($css != common_config('custom_css', 'css')) { + Config::save('custom_css', 'css', $css); + } + } + $config->query('COMMIT'); } @@ -264,6 +279,33 @@ class DesignadminpanelAction extends AdminPanelAction } /** + * Save the custom theme if the user uploaded one. + * + * @return mixed custom theme name, if succesful, or null if no theme upload. + * @throws ClientException for invalid theme archives + * @throws ServerException if trouble saving the theme files + */ + + function saveCustomTheme() + { + if (common_config('theme_upload', 'enabled') && + $_FILES['design_upload_theme']['error'] == UPLOAD_ERR_OK) { + + $upload = ThemeUploader::fromUpload('design_upload_theme'); + $basedir = common_config('local', 'dir'); + if (empty($basedir)) { + $basedir = INSTALLDIR . '/local'; + } + $name = 'custom'; // @todo allow multiples, custom naming? + $outdir = $basedir . '/theme/' . $name; + $upload->extract($outdir); + return $name; + } else { + return null; + } + } + + /** * Attempt to validate setting values * * @return void @@ -371,7 +413,15 @@ class DesignAdminPanelForm extends AdminForm function formData() { + $this->showLogo(); + $this->showTheme(); + $this->showBackground(); + $this->showColors(); + $this->showAdvanced(); + } + function showLogo() + { $this->out->elementStart('fieldset', array('id' => 'settings_design_logo')); $this->out->element('legend', null, _('Change logo')); @@ -384,6 +434,11 @@ class DesignAdminPanelForm extends AdminForm $this->out->elementEnd('ul'); $this->out->elementEnd('fieldset'); + + } + + function showTheme() + { $this->out->elementStart('fieldset', array('id' => 'settings_design_theme')); $this->out->element('legend', null, _('Change theme')); @@ -407,10 +462,23 @@ class DesignAdminPanelForm extends AdminForm false, $this->value('theme')); $this->unli(); + if (common_config('theme_upload', 'enabled')) { + $this->li(); + $this->out->element('label', array('for' => 'design_upload_theme'), _('Custom theme')); + $this->out->element('input', array('id' => 'design_upload_theme', + 'name' => 'design_upload_theme', + 'type' => 'file')); + $this->out->element('p', 'form_guide', _('You can upload a custom StatusNet theme as a .ZIP archive.')); + $this->unli(); + } + $this->out->elementEnd('ul'); $this->out->elementEnd('fieldset'); + } + function showBackground() + { $design = $this->out->design; $this->out->elementStart('fieldset', array('id' => @@ -486,6 +554,11 @@ class DesignAdminPanelForm extends AdminForm $this->out->elementEnd('ul'); $this->out->elementEnd('fieldset'); + } + + function showColors() + { + $design = $this->out->design; $this->out->elementStart('fieldset', array('id' => 'settings_design_color')); $this->out->element('legend', null, _('Change colours')); @@ -493,6 +566,7 @@ class DesignAdminPanelForm extends AdminForm $this->out->elementStart('ul', 'form_data'); try { + // @fixme avoid loop unrolling in non-performance-critical contexts like this $bgcolor = new WebColor($design->backgroundcolor); @@ -560,6 +634,7 @@ class DesignAdminPanelForm extends AdminForm $this->unli(); } catch (WebColorException $e) { + // @fixme normalize them individually! common_log(LOG_ERR, 'Bad color values in site design: ' . $e->getMessage()); } @@ -569,6 +644,27 @@ class DesignAdminPanelForm extends AdminForm $this->out->elementEnd('ul'); } + function showAdvanced() + { + if (common_config('custom_css', 'enabled')) { + $this->out->elementStart('fieldset', array('id' => 'settings_design_advanced')); + $this->out->element('legend', null, _('Advanced')); + $this->out->elementStart('ul', 'form_data'); + + $this->li(); + $this->out->element('label', array('for' => 'css'), _('Custom CSS')); + $this->out->element('textarea', array('name' => 'css', + 'id' => 'css', + 'cols' => '50', + 'rows' => '10'), + strval(common_config('custom_css', 'css'))); + $this->unli(); + + $this->out->elementEnd('fieldset'); + $this->out->elementEnd('ul'); + } + } + /** * Action elements * diff --git a/actions/favoritesrss.php b/actions/favoritesrss.php index 62f06e841..51c92af93 100644 --- a/actions/favoritesrss.php +++ b/actions/favoritesrss.php @@ -89,7 +89,7 @@ class FavoritesrssAction extends Rss10Action function getNotices($limit=0) { $user = $this->user; - $notice = $user->favoriteNotices(0, $limit); + $notice = $user->favoriteNotices(false, 0, $limit); $notices = array(); while ($notice->fetch()) { $notices[] = clone($notice); diff --git a/actions/foaf.php b/actions/foaf.php index 9cb65a885..09af7b502 100644 --- a/actions/foaf.php +++ b/actions/foaf.php @@ -95,7 +95,9 @@ class FoafAction extends Action // Would be nice to tell if they were a Person or not (e.g. a #person usertag?) $this->elementStart('Agent', array('rdf:about' => $this->user->uri)); - $this->element('mbox_sha1sum', null, sha1('mailto:' . $this->user->email)); + if ($this->user->email) { + $this->element('mbox_sha1sum', null, sha1('mailto:' . $this->user->email)); + } if ($this->profile->fullname) { $this->element('name', null, $this->profile->fullname); } @@ -152,7 +154,9 @@ class FoafAction extends Action } $person = $this->showMicrobloggingAccount($this->profile, - common_root_url(), $this->user->uri, false); + common_root_url(), $this->user->uri, + /*$fetchSubscriptions*/true, + /*$isSubscriber*/false); // Get people who subscribe to user @@ -207,7 +211,8 @@ class FoafAction extends Action $this->showMicrobloggingAccount($profile, ($local == 'local') ? common_root_url() : null, $uri, - true); + /*$fetchSubscriptions*/false, + /*$isSubscriber*/($type == LISTENER || $type == BOTH)); if ($foaf_url) { $this->element('rdfs:seeAlso', array('rdf:resource' => $foaf_url)); } @@ -232,7 +237,21 @@ class FoafAction extends Action $this->elementEnd('PersonalProfileDocument'); } - function showMicrobloggingAccount($profile, $service=null, $useruri=null, $isSubscriber=false) + /** + * Output FOAF <account> bit for the given profile. + * + * @param Profile $profile + * @param mixed $service Root URL of this StatusNet instance for a local + * user, otherwise null. + * @param mixed $useruri URI string for the referenced profile.. + * @param boolean $fetchSubscriptions Should we load and list all their subscriptions? + * @param boolean $isSubscriber if not fetching subs, we can still mark the user as following the current page. + * + * @return array if $fetchSubscribers is set, return a list of info on those + * subscriptions. + */ + + function showMicrobloggingAccount($profile, $service=null, $useruri=null, $fetchSubscriptions=false, $isSubscriber=false) { $attr = array(); if ($useruri) { @@ -254,9 +273,7 @@ class FoafAction extends Action $person = array(); - if ($isSubscriber) { - $this->element('sioc:follows', array('rdf:resource'=>$this->user->uri . '#acct')); - } else { + if ($fetchSubscriptions) { // Get people user is subscribed to $sub = new Subscription(); $sub->subscriber = $profile->id; @@ -281,6 +298,9 @@ class FoafAction extends Action } unset($sub); + } else if ($isSubscriber) { + // Just declare that they follow the user whose FOAF we're showing. + $this->element('sioc:follows', array('rdf:resource' => $this->user->uri . '#acct')); } $this->elementEnd('OnlineAccount'); diff --git a/actions/geocode.php b/actions/geocode.php index e883c6ce4..d93493060 100644 --- a/actions/geocode.php +++ b/actions/geocode.php @@ -37,6 +37,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { * @category Action * @package StatusNet * @author Craig Andrews <candrews@integralblue.com> + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://status.net/ */ diff --git a/actions/groupblock.php b/actions/groupblock.php index e52db6e11..39f783397 100644 --- a/actions/groupblock.php +++ b/actions/groupblock.php @@ -117,7 +117,7 @@ class GroupblockAction extends RedirectingAction parent::handle($args); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('no')) { - $this->returnToArgs(); + $this->returnToPrevious(); } elseif ($this->arg('yes')) { $this->blockProfile(); } elseif ($this->arg('blockto')) { @@ -207,7 +207,7 @@ class GroupblockAction extends RedirectingAction return false; } - $this->returnToArgs(); + $this->returnToPrevious(); } /** diff --git a/actions/imsettings.php b/actions/imsettings.php index 2c2606b76..662b1063e 100644 --- a/actions/imsettings.php +++ b/actions/imsettings.php @@ -133,8 +133,7 @@ class ImsettingsAction extends ConnectSettingsAction 'message with further instructions. '. '(Did you add %s to your buddy list?)'), $transport_info['display'], - $transport_info['daemon_screenname'], - jabber_daemon_address())); + $transport_info['daemon_screenname'])); $this->hidden('screenname', $confirm->address); // TRANS: Button label to cancel an IM address confirmation procedure. $this->submit('cancel', _m('BUTTON','Cancel')); @@ -163,12 +162,11 @@ class ImsettingsAction extends ConnectSettingsAction 'action' => common_local_url('imsettings'))); $this->elementStart('fieldset', array('id' => 'settings_im_preferences')); - $this->element('legend', null, _('Preferences')); + // TRANS: Header for IM preferences form. + $this->element('legend', null, _('IM Preferences')); $this->hidden('token', common_session_token()); $this->elementStart('table'); $this->elementStart('tr'); - // TRANS: Header for IM preferences form. - $this->element('th', null, _('IM Preferences')); foreach($user_im_prefs_by_transport as $transport=>$user_im_prefs) { $this->element('th', null, $transports[$transport]['display']); @@ -278,19 +276,20 @@ class ImsettingsAction extends ConnectSettingsAction $user = common_current_user(); $user_im_prefs = new User_im_prefs(); + $user_im_prefs->query('BEGIN'); $user_im_prefs->user_id = $user->id; if($user_im_prefs->find() && $user_im_prefs->fetch()) { $preferences = array('notify', 'updatefrompresence', 'replies', 'microid'); - $user_im_prefs->query('BEGIN'); do { $original = clone($user_im_prefs); + $new = clone($user_im_prefs); foreach($preferences as $preference) { - $user_im_prefs->$preference = $this->boolean($user_im_prefs->transport . '_' . $preference); + $new->$preference = $this->boolean($new->transport . '_' . $preference); } - $result = $user_im_prefs->update($original); + $result = $new->update($original); if ($result === false) { common_log_db_error($user, 'UPDATE', __FILE__); @@ -299,8 +298,8 @@ class ImsettingsAction extends ConnectSettingsAction return; } }while($user_im_prefs->fetch()); - $user_im_prefs->query('COMMIT'); } + $user_im_prefs->query('COMMIT'); // TRANS: Confirmation message for successful IM preferences save. $this->showForm(_('Preferences saved.'), true); } diff --git a/actions/login.php b/actions/login.php index 8ea3c800b..d3e4312f7 100644 --- a/actions/login.php +++ b/actions/login.php @@ -63,6 +63,28 @@ class LoginAction extends Action } /** + * Prepare page to run + * + * + * @param $args + * @return string title + */ + + function prepare($args) + { + parent::prepare($args); + + // @todo this check should really be in index.php for all sensitive actions + $ssl = common_config('site', 'ssl'); + if (empty($_SERVER['HTTPS']) && ($ssl == 'always' || $ssl == 'sometimes')) { + common_redirect(common_local_url('login')); + // exit + } + + return true; + } + + /** * Handle input, produce output * * Switches on request method; either shows the form or handles its input. @@ -267,9 +289,13 @@ class LoginAction extends Action 'user name and password ' . 'before changing your settings.'); } else { - return _('Login with your username and password. ' . - 'Don\'t have a username yet? ' . - '[Register](%%action.register%%) a new account.'); + $prompt = _('Login with your username and password.'); + if (!common_config('site', 'closed') && !common_config('site', 'inviteonly')) { + $prompt .= ' '; + $prompt .= _('Don\'t have a username yet? ' . + '[Register](%%action.register%%) a new account.'); + } + return $prompt; } } diff --git a/actions/oembed.php b/actions/oembed.php index 1503aa9c2..e25e4cb25 100644 --- a/actions/oembed.php +++ b/actions/oembed.php @@ -23,6 +23,7 @@ * @package StatusNet * @author Evan Prodromou <evan@status.net> * @copyright 2008 StatusNet, Inc. + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ diff --git a/actions/publicxrds.php b/actions/publicxrds.php index 5fd4eead7..8f0337e4f 100644 --- a/actions/publicxrds.php +++ b/actions/publicxrds.php @@ -8,7 +8,9 @@ * @category Action * @package StatusNet * @author Evan Prodromou <evan@status.net> + * @author Craig Andrews <candrews@integralblue.com> * @author Robin Millette <millette@status.net> + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://status.net/ * @@ -44,6 +46,7 @@ require_once INSTALLDIR.'/lib/xrdsoutputter.php'; * @author Evan Prodromou <evan@status.net> * @author Robin Millette <millette@status.net> * @author Craig Andrews <candrews@integralblue.com> + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://status.net/ * diff --git a/actions/register.php b/actions/register.php index d1bc381fb..7307bc689 100644 --- a/actions/register.php +++ b/actions/register.php @@ -74,6 +74,13 @@ class RegisterAction extends Action parent::prepare($args); $this->code = $this->trimmed('code'); + // @todo this check should really be in index.php for all sensitive actions + $ssl = common_config('site', 'ssl'); + if (empty($_SERVER['HTTPS']) && ($ssl == 'always' || $ssl == 'sometimes')) { + common_redirect(common_local_url('register')); + // exit + } + if (empty($this->code)) { common_ensure_session(); if (array_key_exists('invitecode', $_SESSION)) { @@ -491,6 +498,45 @@ class RegisterAction extends Action $this->elementStart('li'); $this->element('input', $attrs); $this->elementStart('label', array('class' => 'checkbox', 'for' => 'license')); + $this->raw($this->licenseCheckbox()); + $this->elementEnd('label'); + $this->elementEnd('li'); + } + $this->elementEnd('ul'); + $this->submit('submit', _('Register')); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + function licenseCheckbox() + { + $out = ''; + switch (common_config('license', 'type')) { + case 'private': + // TRANS: Copyright checkbox label in registration dialog, for private sites. + $out .= htmlspecialchars(sprintf( + _('I understand that content and data of %1$s are private and confidential.'), + common_config('site', 'name'))); + // fall through + case 'allrightsreserved': + if ($out != '') { + $out .= ' '; + } + if (common_config('license', 'owner')) { + // TRANS: Copyright checkbox label in registration dialog, for all rights reserved with a specified copyright owner. + $out .= htmlspecialchars(sprintf( + _('My text and files are copyright by %1$s.'), + common_config('license', 'owner'))); + } else { + // TRANS: Copyright checkbox label in registration dialog, for all rights reserved with ownership left to contributors. + $out .= htmlspecialchars(_('My text and files remain under my own copyright.')); + } + // TRANS: Copyright checkbox label in registration dialog, for all rights reserved. + $out .= ' ' . _('All rights reserved.'); + break; + case 'cc': // fall through + default: + // TRANS: Copyright checkbox label in registration dialog, for Creative Commons-style licenses. $message = _('My text and files are available under %s ' . 'except this private data: password, ' . 'email address, IM address, and phone number.'); @@ -499,14 +545,9 @@ class RegisterAction extends Action '">' . htmlspecialchars(common_config('license', 'title')) . '</a>'; - $this->raw(sprintf(htmlspecialchars($message), $link)); - $this->elementEnd('label'); - $this->elementEnd('li'); + $out .= sprintf(htmlspecialchars($message), $link); } - $this->elementEnd('ul'); - $this->submit('submit', _('Register')); - $this->elementEnd('fieldset'); - $this->elementEnd('form'); + return $out; } /** diff --git a/actions/showfavorites.php b/actions/showfavorites.php index 4d776ef04..7f3c77ee2 100644 --- a/actions/showfavorites.php +++ b/actions/showfavorites.php @@ -121,11 +121,11 @@ class ShowfavoritesAction extends OwnerDesignAction // Show imported/gateway notices as well as local if // the user is looking at his own favorites - $this->notice = $this->user->favoriteNotices(($this->page-1)*NOTICES_PER_PAGE, - NOTICES_PER_PAGE + 1, true); + $this->notice = $this->user->favoriteNotices(true, ($this->page-1)*NOTICES_PER_PAGE, + NOTICES_PER_PAGE + 1); } else { - $this->notice = $this->user->favoriteNotices(($this->page-1)*NOTICES_PER_PAGE, - NOTICES_PER_PAGE + 1, false); + $this->notice = $this->user->favoriteNotices(false, ($this->page-1)*NOTICES_PER_PAGE, + NOTICES_PER_PAGE + 1); } if (empty($this->notice)) { diff --git a/actions/showgroup.php b/actions/showgroup.php index 3d369e9eb..17c37e4d7 100644 --- a/actions/showgroup.php +++ b/actions/showgroup.php @@ -430,14 +430,6 @@ class ShowgroupAction extends GroupDesignAction function showStatistics() { - // XXX: WORM cache this - $members = $this->group->getMembers(); - $members_count = 0; - /** $member->count() doesn't work. */ - while ($members->fetch()) { - $members_count++; - } - $this->elementStart('div', array('id' => 'entity_statistics', 'class' => 'section')); @@ -451,7 +443,7 @@ class ShowgroupAction extends GroupDesignAction $this->elementStart('dl', 'entity_members'); $this->element('dt', null, _('Members')); - $this->element('dd', null, (is_int($members_count)) ? $members_count : '0'); + $this->element('dd', null, $this->group->getMemberCount()); $this->elementEnd('dl'); $this->elementEnd('div'); diff --git a/actions/subscriptions.php b/actions/subscriptions.php index 7b10b3425..da563a218 100644 --- a/actions/subscriptions.php +++ b/actions/subscriptions.php @@ -185,7 +185,9 @@ class SubscriptionsListItem extends SubscriptionListItem return; } - if (!common_config('xmpp', 'enabled') && !common_config('sms', 'enabled')) { + $transports = array(); + Event::handle('GetImTransports', array(&$transports)); + if (!$transports && !common_config('sms', 'enabled')) { return; } @@ -195,7 +197,7 @@ class SubscriptionsListItem extends SubscriptionListItem 'action' => common_local_url('subedit'))); $this->out->hidden('token', common_session_token()); $this->out->hidden('profile', $this->profile->id); - if (common_config('xmpp', 'enabled')) { + if ($transports) { $attrs = array('name' => 'jabber', 'type' => 'checkbox', 'class' => 'checkbox', @@ -205,7 +207,7 @@ class SubscriptionsListItem extends SubscriptionListItem } $this->out->element('input', $attrs); - $this->out->element('label', array('for' => 'jabber-'.$this->profile->id), _('Jabber')); + $this->out->element('label', array('for' => 'jabber-'.$this->profile->id), _('IM')); } else { $this->out->hidden('jabber', $sub->jabber); } diff --git a/actions/version.php b/actions/version.php index b6593e5ed..9e4e836d2 100644 --- a/actions/version.php +++ b/actions/version.php @@ -41,6 +41,8 @@ if (!defined('STATUSNET')) { * @category Info * @package StatusNet * @author Evan Prodromou <evan@status.net> + * @author Craig Andrews <candrews@integralblue.com> + * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3 * @link http://status.net/ */ |