summaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
Diffstat (limited to 'actions')
-rw-r--r--actions/twitapiaccount.php12
-rw-r--r--actions/twitapifriendships.php14
-rw-r--r--actions/twitapistatuses.php17
3 files changed, 40 insertions, 3 deletions
diff --git a/actions/twitapiaccount.php b/actions/twitapiaccount.php
index a43d1edba..0a57ad91c 100644
--- a/actions/twitapiaccount.php
+++ b/actions/twitapiaccount.php
@@ -24,7 +24,17 @@ require_once(INSTALLDIR.'/lib/twitterapi.php');
class TwitapiaccountAction extends TwitterapiAction {
function is_readonly() {
- return false;
+
+ static $write_methods = array( 'update_location',
+ 'update_delivery_device');
+
+ $cmdtext = explode('.', $this->arg('method'));
+
+ if (in_array($cmdtext[0], $write_methods)) {
+ return false;
+ }
+
+ return true;
}
function verify_credentials($args, $apidata) {
diff --git a/actions/twitapifriendships.php b/actions/twitapifriendships.php
index 19bc71b7a..05c192ea6 100644
--- a/actions/twitapifriendships.php
+++ b/actions/twitapifriendships.php
@@ -23,6 +23,20 @@ require_once(INSTALLDIR.'/lib/twitterapi.php');
class TwitapifriendshipsAction extends TwitterapiAction {
+ function is_readonly() {
+
+ static $write_methods = array( 'create',
+ 'destroy');
+
+ $cmdtext = explode('.', $this->arg('method'));
+
+ if (in_array($cmdtext[0], $write_methods)) {
+ return false;
+ }
+
+ return true;
+ }
+
function create($args, $apidata) {
parent::handle($args);
diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php
index 3a06d146c..30f2e514a 100644
--- a/actions/twitapistatuses.php
+++ b/actions/twitapistatuses.php
@@ -28,12 +28,22 @@ require_once(INSTALLDIR.'/lib/twitterapi.php');
class TwitapistatusesAction extends TwitterapiAction {
function is_readonly() {
- return false;
+
+ static $write_methods = array( 'update',
+ 'destroy');
+
+ $cmdtext = explode('.', $this->arg('method'));
+
+ if (in_array($cmdtext[0], $write_methods)) {
+ return false;
+ }
+
+ return true;
}
function public_timeline($args, $apidata) {
parent::handle($args);
-
+
$sitename = common_config('site', 'name');
$siteserver = common_config('site', 'server');
$title = sprintf(_("%s public timeline"), $sitename);
@@ -365,6 +375,9 @@ class TwitapistatusesAction extends TwitterapiAction {
$user = $apidata['user'];
+ $this->is_readonly();
+
+
$notice = DB_DataObject::factory('notice');
$notice->profile_id = $user->id; # user id *is* profile id