From 07e9e2dc3241eef1b803e655a5273f79cb758806 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 8 Jan 2009 20:56:09 +0000 Subject: Remove _darcs from git repository Not sure how or why this got in there. --- _darcs/pristine/actions/accesstoken.php | 44 -- _darcs/pristine/actions/all.php | 98 ---- _darcs/pristine/actions/allrss.php | 82 --- _darcs/pristine/actions/api.php | 205 ------- _darcs/pristine/actions/avatarbynickname.php | 70 --- _darcs/pristine/actions/block.php | 150 ----- _darcs/pristine/actions/confirmaddress.php | 97 ---- _darcs/pristine/actions/deletenotice.php | 107 ---- _darcs/pristine/actions/deleteprofile.php | 289 ---------- _darcs/pristine/actions/disfavor.php | 85 --- _darcs/pristine/actions/doc.php | 40 -- _darcs/pristine/actions/emailsettings.php | 342 ------------ _darcs/pristine/actions/facebookhome.php | 136 ----- _darcs/pristine/actions/facebookinvite.php | 49 -- _darcs/pristine/actions/facebookremove.php | 67 --- _darcs/pristine/actions/facebooksettings.php | 113 ---- _darcs/pristine/actions/favor.php | 97 ---- _darcs/pristine/actions/favorited.php | 105 ---- _darcs/pristine/actions/favoritesrss.php | 78 --- _darcs/pristine/actions/featured.php | 108 ---- _darcs/pristine/actions/finishaddopenid.php | 107 ---- _darcs/pristine/actions/finishimmediate.php | 68 --- _darcs/pristine/actions/finishopenidlogin.php | 454 ---------------- _darcs/pristine/actions/finishremotesubscribe.php | 292 ---------- _darcs/pristine/actions/foaf.php | 207 ------- _darcs/pristine/actions/imsettings.php | 280 ---------- _darcs/pristine/actions/inbox.php | 126 ----- _darcs/pristine/actions/invite.php | 206 ------- _darcs/pristine/actions/login.php | 159 ------ _darcs/pristine/actions/logout.php | 44 -- _darcs/pristine/actions/microsummary.php | 48 -- _darcs/pristine/actions/newmessage.php | 141 ----- _darcs/pristine/actions/newnotice.php | 161 ------ _darcs/pristine/actions/noticesearch.php | 171 ------ _darcs/pristine/actions/noticesearchrss.php | 75 --- _darcs/pristine/actions/nudge.php | 87 --- _darcs/pristine/actions/openidlogin.php | 97 ---- _darcs/pristine/actions/openidsettings.php | 161 ------ _darcs/pristine/actions/opensearch.php | 61 --- _darcs/pristine/actions/othersettings.php | 188 ------- _darcs/pristine/actions/outbox.php | 125 ----- _darcs/pristine/actions/peoplesearch.php | 91 ---- _darcs/pristine/actions/peopletag.php | 109 ---- _darcs/pristine/actions/postnotice.php | 91 ---- _darcs/pristine/actions/profilesettings.php | 484 ----------------- _darcs/pristine/actions/public.php | 105 ---- _darcs/pristine/actions/publicrss.php | 62 --- _darcs/pristine/actions/publicxrds.php | 83 --- _darcs/pristine/actions/recoverpassword.php | 343 ------------ _darcs/pristine/actions/register.php | 268 --------- _darcs/pristine/actions/remotesubscribe.php | 399 -------------- _darcs/pristine/actions/replies.php | 100 ---- _darcs/pristine/actions/repliesrss.php | 84 --- _darcs/pristine/actions/requesttoken.php | 45 -- _darcs/pristine/actions/showfavorites.php | 102 ---- _darcs/pristine/actions/showmessage.php | 108 ---- _darcs/pristine/actions/shownotice.php | 124 ----- _darcs/pristine/actions/showstream.php | 467 ---------------- _darcs/pristine/actions/smssettings.php | 343 ------------ _darcs/pristine/actions/subedit.php | 92 ---- _darcs/pristine/actions/subscribe.php | 80 --- _darcs/pristine/actions/subscribers.php | 70 --- _darcs/pristine/actions/subscriptions.php | 87 --- _darcs/pristine/actions/sup.php | 86 --- _darcs/pristine/actions/tag.php | 172 ------ _darcs/pristine/actions/tagother.php | 198 ------- _darcs/pristine/actions/tagrss.php | 69 --- _darcs/pristine/actions/twitapiaccount.php | 102 ---- _darcs/pristine/actions/twitapiblocks.php | 72 --- _darcs/pristine/actions/twitapidirect_messages.php | 298 ---------- _darcs/pristine/actions/twitapifavorites.php | 181 ------- _darcs/pristine/actions/twitapifriendships.php | 159 ------ _darcs/pristine/actions/twitapihelp.php | 55 -- _darcs/pristine/actions/twitapilaconica.php | 174 ------ _darcs/pristine/actions/twitapinotifications.php | 40 -- _darcs/pristine/actions/twitapistatuses.php | 577 -------------------- _darcs/pristine/actions/twitapiusers.php | 54 -- _darcs/pristine/actions/twittersettings.php | 367 ------------- _darcs/pristine/actions/unblock.php | 96 ---- _darcs/pristine/actions/unsubscribe.php | 82 --- _darcs/pristine/actions/updateprofile.php | 177 ------ _darcs/pristine/actions/userauthorization.php | 601 --------------------- _darcs/pristine/actions/userbyid.php | 52 -- _darcs/pristine/actions/userrss.php | 96 ---- _darcs/pristine/actions/xrds.php | 137 ----- 85 files changed, 13202 deletions(-) delete mode 100644 _darcs/pristine/actions/accesstoken.php delete mode 100644 _darcs/pristine/actions/all.php delete mode 100644 _darcs/pristine/actions/allrss.php delete mode 100644 _darcs/pristine/actions/api.php delete mode 100644 _darcs/pristine/actions/avatarbynickname.php delete mode 100644 _darcs/pristine/actions/block.php delete mode 100644 _darcs/pristine/actions/confirmaddress.php delete mode 100644 _darcs/pristine/actions/deletenotice.php delete mode 100644 _darcs/pristine/actions/deleteprofile.php delete mode 100644 _darcs/pristine/actions/disfavor.php delete mode 100644 _darcs/pristine/actions/doc.php delete mode 100644 _darcs/pristine/actions/emailsettings.php delete mode 100644 _darcs/pristine/actions/facebookhome.php delete mode 100644 _darcs/pristine/actions/facebookinvite.php delete mode 100644 _darcs/pristine/actions/facebookremove.php delete mode 100644 _darcs/pristine/actions/facebooksettings.php delete mode 100644 _darcs/pristine/actions/favor.php delete mode 100644 _darcs/pristine/actions/favorited.php delete mode 100644 _darcs/pristine/actions/favoritesrss.php delete mode 100644 _darcs/pristine/actions/featured.php delete mode 100644 _darcs/pristine/actions/finishaddopenid.php delete mode 100644 _darcs/pristine/actions/finishimmediate.php delete mode 100644 _darcs/pristine/actions/finishopenidlogin.php delete mode 100644 _darcs/pristine/actions/finishremotesubscribe.php delete mode 100644 _darcs/pristine/actions/foaf.php delete mode 100644 _darcs/pristine/actions/imsettings.php delete mode 100644 _darcs/pristine/actions/inbox.php delete mode 100644 _darcs/pristine/actions/invite.php delete mode 100644 _darcs/pristine/actions/login.php delete mode 100644 _darcs/pristine/actions/logout.php delete mode 100644 _darcs/pristine/actions/microsummary.php delete mode 100644 _darcs/pristine/actions/newmessage.php delete mode 100644 _darcs/pristine/actions/newnotice.php delete mode 100644 _darcs/pristine/actions/noticesearch.php delete mode 100644 _darcs/pristine/actions/noticesearchrss.php delete mode 100644 _darcs/pristine/actions/nudge.php delete mode 100644 _darcs/pristine/actions/openidlogin.php delete mode 100644 _darcs/pristine/actions/openidsettings.php delete mode 100644 _darcs/pristine/actions/opensearch.php delete mode 100644 _darcs/pristine/actions/othersettings.php delete mode 100644 _darcs/pristine/actions/outbox.php delete mode 100644 _darcs/pristine/actions/peoplesearch.php delete mode 100644 _darcs/pristine/actions/peopletag.php delete mode 100644 _darcs/pristine/actions/postnotice.php delete mode 100644 _darcs/pristine/actions/profilesettings.php delete mode 100644 _darcs/pristine/actions/public.php delete mode 100644 _darcs/pristine/actions/publicrss.php delete mode 100644 _darcs/pristine/actions/publicxrds.php delete mode 100644 _darcs/pristine/actions/recoverpassword.php delete mode 100644 _darcs/pristine/actions/register.php delete mode 100644 _darcs/pristine/actions/remotesubscribe.php delete mode 100644 _darcs/pristine/actions/replies.php delete mode 100644 _darcs/pristine/actions/repliesrss.php delete mode 100644 _darcs/pristine/actions/requesttoken.php delete mode 100644 _darcs/pristine/actions/showfavorites.php delete mode 100644 _darcs/pristine/actions/showmessage.php delete mode 100644 _darcs/pristine/actions/shownotice.php delete mode 100644 _darcs/pristine/actions/showstream.php delete mode 100644 _darcs/pristine/actions/smssettings.php delete mode 100644 _darcs/pristine/actions/subedit.php delete mode 100644 _darcs/pristine/actions/subscribe.php delete mode 100644 _darcs/pristine/actions/subscribers.php delete mode 100644 _darcs/pristine/actions/subscriptions.php delete mode 100644 _darcs/pristine/actions/sup.php delete mode 100644 _darcs/pristine/actions/tag.php delete mode 100644 _darcs/pristine/actions/tagother.php delete mode 100644 _darcs/pristine/actions/tagrss.php delete mode 100644 _darcs/pristine/actions/twitapiaccount.php delete mode 100644 _darcs/pristine/actions/twitapiblocks.php delete mode 100644 _darcs/pristine/actions/twitapidirect_messages.php delete mode 100644 _darcs/pristine/actions/twitapifavorites.php delete mode 100644 _darcs/pristine/actions/twitapifriendships.php delete mode 100644 _darcs/pristine/actions/twitapihelp.php delete mode 100644 _darcs/pristine/actions/twitapilaconica.php delete mode 100644 _darcs/pristine/actions/twitapinotifications.php delete mode 100644 _darcs/pristine/actions/twitapistatuses.php delete mode 100644 _darcs/pristine/actions/twitapiusers.php delete mode 100644 _darcs/pristine/actions/twittersettings.php delete mode 100644 _darcs/pristine/actions/unblock.php delete mode 100644 _darcs/pristine/actions/unsubscribe.php delete mode 100644 _darcs/pristine/actions/updateprofile.php delete mode 100644 _darcs/pristine/actions/userauthorization.php delete mode 100644 _darcs/pristine/actions/userbyid.php delete mode 100644 _darcs/pristine/actions/userrss.php delete mode 100644 _darcs/pristine/actions/xrds.php (limited to '_darcs/pristine/actions') diff --git a/_darcs/pristine/actions/accesstoken.php b/_darcs/pristine/actions/accesstoken.php deleted file mode 100644 index 072ce27eb..000000000 --- a/_darcs/pristine/actions/accesstoken.php +++ /dev/null @@ -1,44 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/omb.php'); - -class AccesstokenAction extends Action -{ - function handle($args) - { - parent::handle($args); - try { - common_debug('getting request from env variables', __FILE__); - common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); - common_debug('getting a server', __FILE__); - $server = omb_oauth_server(); - common_debug('fetching the access token', __FILE__); - $token = $server->fetch_access_token($req); - common_debug('got this token: "'.print_r($token,true).'"', __FILE__); - common_debug('printing the access token', __FILE__); - print $token; - } catch (OAuthException $e) { - common_server_error($e->getMessage()); - } - } -} diff --git a/_darcs/pristine/actions/all.php b/_darcs/pristine/actions/all.php deleted file mode 100644 index 526ac5f40..000000000 --- a/_darcs/pristine/actions/all.php +++ /dev/null @@ -1,98 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/actions/showstream.php'); - -class AllAction extends StreamAction -{ - - function handle($args) - { - - parent::handle($args); - - $nickname = common_canonical_nickname($this->arg('nickname')); - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - $this->client_error(_('No such user.')); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - # Looks like we're good; show the header - - common_show_header(sprintf(_("%s and friends"), $profile->nickname), - array($this, 'show_header'), $user, - array($this, 'show_top')); - - $this->show_notices($user); - - common_show_footer(); - } - - function show_header($user) - { - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('allrss', array('nickname' => - $user->nickname)), - 'type' => 'application/rss+xml', - 'title' => sprintf(_('Feed for friends of %s'), $user->nickname))); - } - - function show_top($user) - { - $cur = common_current_user(); - - if ($cur && $cur->id == $user->id) { - common_notice_form('all'); - } - - $this->views_menu(); - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('allrss', array('nickname' => $user->nickname)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'allrss'))); - } - - function show_notices($user) - { - - $page = $this->trimmed('page'); - if (!$page) { - $page = 1; - } - - $notice = $user->noticesWithFriends(($page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); - - $cnt = $this->show_notice_list($notice); - - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'all', array('nickname' => $user->nickname)); - } -} diff --git a/_darcs/pristine/actions/allrss.php b/_darcs/pristine/actions/allrss.php deleted file mode 100644 index 660afb9e2..000000000 --- a/_darcs/pristine/actions/allrss.php +++ /dev/null @@ -1,82 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/rssaction.php'); - -// Formatting of RSS handled by Rss10Action - -class AllrssAction extends Rss10Action -{ - - var $user = null; - - function init() - { - $nickname = $this->trimmed('nickname'); - $this->user = User::staticGet('nickname', $nickname); - - if (!$this->user) { - common_user_error(_('No such user.')); - return false; - } else { - return true; - } - } - - function get_notices($limit=0) - { - - $user = $this->user; - - $notice = $user->noticesWithFriends(0, $limit); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - return $notices; - } - - function get_channel() - { - $user = $this->user; - $c = array('url' => common_local_url('allrss', - array('nickname' => - $user->nickname)), - 'title' => sprintf(_('%s and friends'), $user->nickname), - 'link' => common_local_url('all', - array('nickname' => - $user->nickname)), - 'description' => sprintf(_('Feed for friends of %s'), $user->nickname)); - return $c; - } - - function get_image() - { - $user = $this->user; - $profile = $user->getProfile(); - if (!$profile) { - return null; - } - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - return ($avatar) ? $avatar->url : null; - } -} \ No newline at end of file diff --git a/_darcs/pristine/actions/api.php b/_darcs/pristine/actions/api.php deleted file mode 100644 index 7a0759831..000000000 --- a/_darcs/pristine/actions/api.php +++ /dev/null @@ -1,205 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class ApiAction extends Action -{ - - var $user; - var $content_type; - var $api_arg; - var $api_method; - var $api_action; - - function handle($args) - { - parent::handle($args); - - $this->api_action = $this->arg('apiaction'); - $method = $this->arg('method'); - $argument = $this->arg('argument'); - - if (isset($argument)) { - $cmdext = explode('.', $argument); - $this->api_arg = $cmdext[0]; - $this->api_method = $method; - $this->content_type = strtolower($cmdext[1]); - } else { - - # Requested format / content-type will be an extension on the method - $cmdext = explode('.', $method); - $this->api_method = $cmdext[0]; - $this->content_type = strtolower($cmdext[1]); - } - - if ($this->requires_auth()) { - if (!isset($_SERVER['PHP_AUTH_USER'])) { - - # This header makes basic auth go - header('WWW-Authenticate: Basic realm="Laconica API"'); - - # If the user hits cancel -- bam! - $this->show_basic_auth_error(); - } else { - $nickname = $_SERVER['PHP_AUTH_USER']; - $password = $_SERVER['PHP_AUTH_PW']; - $user = common_check_user($nickname, $password); - - if ($user) { - $this->user = $user; - $this->process_command(); - } else { - # basic authentication failed - $this->show_basic_auth_error(); - } - } - } else { - - # Look for the user in the session - if (common_logged_in()) { - $this->user = common_current_user(); - } - - $this->process_command(); - } - } - - function process_command() - { - $action = "twitapi$this->api_action"; - $actionfile = INSTALLDIR."/actions/$action.php"; - - if (file_exists($actionfile)) { - require_once($actionfile); - $action_class = ucfirst($action)."Action"; - $action_obj = new $action_class(); - - if (!$action_obj->prepare($this->args)) { - return; - } - - if (method_exists($action_obj, $this->api_method)) { - $apidata = array( 'content-type' => $this->content_type, - 'api_method' => $this->api_method, - 'api_arg' => $this->api_arg, - 'user' => $this->user); - - call_user_func(array($action_obj, $this->api_method), $_REQUEST, $apidata); - } else { - common_user_error("API method not found!", $code=404); - } - } else { - common_user_error("API method not found!", $code=404); - } - } - - # Whitelist of API methods that don't need authentication - function requires_auth() - { - static $noauth = array( 'statuses/public_timeline', - 'statuses/show', - 'users/show', - 'help/test', - 'help/downtime_schedule', - 'laconica/version', - 'laconica/config', - 'laconica/wadl'); - - static $bareauth = array('statuses/user_timeline', - 'statuses/friends', - 'statuses/followers', - 'favorites/favorites'); - - # If the site is "private", all API methods need authentication - - if (common_config('site', 'private')) { - return true; - } - - $fullname = "$this->api_action/$this->api_method"; - - if (in_array($fullname, $bareauth)) { - # bareauth: only needs auth if without an argument - if ($this->api_arg) { - return false; - } else { - return true; - } - } else if (in_array($fullname, $noauth)) { - # noauth: never needs auth - return false; - } else { - # everybody else needs auth - return true; - } - } - - function show_basic_auth_error() - { - header('HTTP/1.1 401 Unauthorized'); - $msg = 'Could not authenticate you.'; - - if ($this->content_type == 'xml') { - header('Content-Type: application/xml; charset=utf-8'); - common_start_xml(); - common_element_start('hash'); - common_element('error', null, $msg); - common_element('request', null, $_SERVER['REQUEST_URI']); - common_element_end('hash'); - common_end_xml(); - } else if ($this->content_type == 'json') { - header('Content-Type: application/json; charset=utf-8'); - $error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']); - print(json_encode($error_array)); - } else { - header('Content-type: text/plain'); - print "$msg\n"; - } - } - - function is_readonly() - { - # NOTE: before handle(), can't use $this->arg - $apiaction = $_REQUEST['apiaction']; - $method = $_REQUEST['method']; - list($cmdtext, $fmt) = explode('.', $method); - - static $write_methods = array( - 'account' => array('update_location', 'update_delivery_device', 'end_session'), - 'blocks' => array('create', 'destroy'), - 'direct_messages' => array('create', 'destroy'), - 'favorites' => array('create', 'destroy'), - 'friendships' => array('create', 'destroy'), - 'help' => array(), - 'notifications' => array('follow', 'leave'), - 'statuses' => array('update', 'destroy'), - 'users' => array() - ); - - if (array_key_exists($apiaction, $write_methods)) { - if (!in_array($cmdtext, $write_methods[$apiaction])) { - return true; - } - } - - return false; - } - -} diff --git a/_darcs/pristine/actions/avatarbynickname.php b/_darcs/pristine/actions/avatarbynickname.php deleted file mode 100644 index 666f386f6..000000000 --- a/_darcs/pristine/actions/avatarbynickname.php +++ /dev/null @@ -1,70 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class AvatarbynicknameAction extends Action -{ - function handle($args) - { - parent::handle($args); - $nickname = $this->trimmed('nickname'); - if (!$nickname) { - $this->client_error(_('No nickname.')); - return; - } - $size = $this->trimmed('size'); - if (!$size) { - $this->client_error(_('No size.')); - return; - } - $size = strtolower($size); - if (!in_array($size, array('original', '96', '48', '24'))) { - $this->client_error(_('Invalid size.')); - return; - } - - $user = User::staticGet('nickname', $nickname); - if (!$user) { - $this->client_error(_('No such user.')); - return; - } - $profile = $user->getProfile(); - if (!$profile) { - $this->client_error(_('User has no profile.')); - return; - } - if ($size == 'original') { - $avatar = $profile->getOriginal(); - } else { - $avatar = $profile->getAvatar($size+0); - } - - if ($avatar) { - $url = $avatar->url; - } else { - if ($size == 'original') { - $url = common_default_avatar(AVATAR_PROFILE_SIZE); - } else { - $url = common_default_avatar($size+0); - } - } - common_redirect($url, 302); - } -} diff --git a/_darcs/pristine/actions/block.php b/_darcs/pristine/actions/block.php deleted file mode 100644 index c1ff7c044..000000000 --- a/_darcs/pristine/actions/block.php +++ /dev/null @@ -1,150 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class BlockAction extends Action -{ - - var $profile = null; - - function prepare($args) - { - - parent::prepare($args); - - if (!common_logged_in()) { - $this->client_error(_('Not logged in.')); - return false; - } - - $token = $this->trimmed('token'); - - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } - - $id = $this->trimmed('blockto'); - - if (!$id) { - $this->client_error(_('No profile specified.')); - return false; - } - - $this->profile = Profile::staticGet('id', $id); - - if (!$this->profile) { - $this->client_error(_('No profile with that ID.')); - return false; - } - - return true; - } - - function handle($args) - { - parent::handle($args); - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - if ($this->arg('block')) { - $this->are_you_sure_form(); - } else if ($this->arg('no')) { - $cur = common_current_user(); - common_redirect(common_local_url('subscribers', - array('nickname' => $cur->nickname))); - } else if ($this->arg('yes')) { - $this->block_profile(); - } - } - } - - function are_you_sure_form() - { - - $id = $this->profile->id; - - common_show_header(_('Block user')); - - common_element('p', null, - _('Are you sure you want to block this user? '. - 'Afterwards, they will be unsubscribed from you, '. - 'unable to subscribe to you in the future, and '. - 'you will not be notified of any @-replies from them.')); - - common_element_start('form', array('id' => 'block-' . $id, - 'method' => 'post', - 'class' => 'block', - 'action' => common_local_url('block'))); - - common_hidden('token', common_session_token()); - - common_element('input', array('id' => 'blockto-' . $id, - 'name' => 'blockto', - 'type' => 'hidden', - 'value' => $id)); - - foreach ($this->args as $k => $v) { - if (substr($k, 0, 9) == 'returnto-') { - common_hidden($k, $v); - } - } - - common_submit('no', _('No')); - common_submit('yes', _('Yes')); - - common_element_end('form'); - - common_show_footer(); - } - - function block_profile() - { - - $cur = common_current_user(); - - if ($cur->hasBlocked($this->profile)) { - $this->client_error(_('You have already blocked this user.')); - return; - } - - $result = $cur->block($this->profile); - - if (!$result) { - $this->server_error(_('Failed to save block information.')); - return; - } - - # Now, gotta figure where we go back to - - foreach ($this->args as $k => $v) { - if ($k == 'returnto-action') { - $action = $v; - } else if (substr($k, 0, 9) == 'returnto-') { - $args[substr($k, 9)] = $v; - } - } - - if ($action) { - common_redirect(common_local_url($action, $args)); - } else { - common_redirect(common_local_url('subscriptions', - array('nickname' => $cur->nickname))); - } - } -} diff --git a/_darcs/pristine/actions/confirmaddress.php b/_darcs/pristine/actions/confirmaddress.php deleted file mode 100644 index 1d5c53ff2..000000000 --- a/_darcs/pristine/actions/confirmaddress.php +++ /dev/null @@ -1,97 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class ConfirmaddressAction extends Action -{ - - function handle($args) - { - parent::handle($args); - if (!common_logged_in()) { - common_set_returnto($this->self_url()); - common_redirect(common_local_url('login')); - return; - } - $code = $this->trimmed('code'); - if (!$code) { - $this->client_error(_('No confirmation code.')); - return; - } - $confirm = Confirm_address::staticGet('code', $code); - if (!$confirm) { - $this->client_error(_('Confirmation code not found.')); - return; - } - $cur = common_current_user(); - if ($cur->id != $confirm->user_id) { - $this->client_error(_('That confirmation code is not for you!')); - return; - } - $type = $confirm->address_type; - if (!in_array($type, array('email', 'jabber', 'sms'))) { - $this->server_error(sprintf(_('Unrecognized address type %s'), $type)); - return; - } - if ($cur->$type == $confirm->address) { - $this->client_error(_('That address has already been confirmed.')); - return; - } - - $cur->query('BEGIN'); - - $orig_user = clone($cur); - - $cur->$type = $confirm->address; - - if ($type == 'sms') { - $cur->carrier = ($confirm->address_extra)+0; - $carrier = Sms_carrier::staticGet($cur->carrier); - $cur->smsemail = $carrier->toEmailAddress($cur->sms); - } - - $result = $cur->updateKeys($orig_user); - - if (!$result) { - common_log_db_error($cur, 'UPDATE', __FILE__); - $this->server_error(_('Couldn\'t update user.')); - return; - } - - if ($type == 'email') { - $cur->emailChanged(); - } - - $result = $confirm->delete(); - - if (!$result) { - common_log_db_error($confirm, 'DELETE', __FILE__); - $this->server_error(_('Couldn\'t delete email confirmation.')); - return; - } - - $cur->query('COMMIT'); - - common_show_header(_('Confirm Address')); - common_element('p', null, - sprintf(_('The address "%s" has been confirmed for your account.'), $cur->$type)); - common_show_footer(); - } -} diff --git a/_darcs/pristine/actions/deletenotice.php b/_darcs/pristine/actions/deletenotice.php deleted file mode 100644 index e9b4b3254..000000000 --- a/_darcs/pristine/actions/deletenotice.php +++ /dev/null @@ -1,107 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/deleteaction.php'); - -class DeletenoticeAction extends DeleteAction -{ - function handle($args) - { - parent::handle($args); - # XXX: Ajax! - - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->delete_notice(); - } else if ($_SERVER['REQUEST_METHOD'] == 'GET') { - $this->show_form(); - } - } - - function get_instructions() - { - return _('You are about to permanently delete a notice. Once this is done, it cannot be undone.'); - } - - function get_title() - { - return _('Delete notice'); - } - - function show_form($error=null) - { - $user = common_current_user(); - - common_show_header($this->get_title(), array($this, 'show_header'), $error, - array($this, 'show_top')); - common_element_start('form', array('id' => 'notice_delete_form', - 'method' => 'post', - 'action' => common_local_url('deletenotice'))); - common_hidden('token', common_session_token()); - common_hidden('notice', $this->trimmed('notice')); - common_element_start('p'); - common_element('span', array('id' => 'confirmation_text'), _('Are you sure you want to delete this notice?')); - - common_element('input', array('id' => 'submit_no', - 'name' => 'submit', - 'type' => 'submit', - 'value' => _('No'))); - common_element('input', array('id' => 'submit_yes', - 'name' => 'submit', - 'type' => 'submit', - 'value' => _('Yes'))); - common_element_end('p'); - common_element_end('form'); - common_show_footer(); - } - - function delete_notice() - { - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - $url = common_get_returnto(); - $confirmed = $this->trimmed('submit'); - if ($confirmed == _('Yes')) { - $user = common_current_user(); - $notice_id = $this->trimmed('notice'); - $notice = Notice::staticGet($notice_id); - $replies = new Reply; - $replies->get('notice_id', $notice_id); - - common_dequeue_notice($notice); - if (common_config('memcached', 'enabled')) { - $notice->blowSubsCache(); - } - $replies->delete(); - $notice->delete(); - } else { - if ($url) { - common_set_returnto(null); - } else { - $url = common_local_url('public'); - } - } - common_redirect($url); - } -} diff --git a/_darcs/pristine/actions/deleteprofile.php b/_darcs/pristine/actions/deleteprofile.php deleted file mode 100644 index e12fe131a..000000000 --- a/_darcs/pristine/actions/deleteprofile.php +++ /dev/null @@ -1,289 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class DeleteprofileAction extends Action -{ - function handle($args) - { - parent::handle($args); - $this->server_error(_('Code not yet ready.')); - return; - if ('POST' === $_SERVER['REQUEST_METHOD']) { - $this->handle_post(); - } - else if ('GET' === $_SERVER['REQUEST_METHOD']) { - $this->show_form(); - } - } - - function get_instructions() - { - return _('Export and delete your user information.'); - } - - function form_header($title, $msg=null, $success=false) - { - common_show_header($title, - null, - array($msg, $success), - array($this, 'show_top')); - } - - function show_feeds_list($feeds) - { - common_element_start('div', array('class' => 'feedsdel')); - common_element('p', null, 'Feeds:'); - common_element_start('ul', array('class' => 'xoxo')); - - foreach ($feeds as $key => $value) { - $this->common_feed_item($feeds[$key]); - } - common_element_end('ul'); - common_element_end('div'); - } - - //TODO move to common.php (and retrace its origin) - function common_feed_item($feed) - { - $user = common_current_user(); - $nickname = $user->nickname; - - switch($feed['item']) { - case 'notices': default: - $feed_classname = $feed['type']; - $feed_mimetype = "application/".$feed['type']."+xml"; - $feed_title = "$nickname's ".$feed['version']." notice feed"; - $feed['textContent'] = "RSS"; - break; - - case 'foaf': - $feed_classname = "foaf"; - $feed_mimetype = "application/".$feed['type']."+xml"; - $feed_title = "$nickname's FOAF file"; - $feed['textContent'] = "FOAF"; - break; - } - common_element_start('li'); - common_element('a', array('href' => $feed['href'], - 'class' => $feed_classname, - 'type' => $feed_mimetype, - 'title' => $feed_title), - $feed['textContent']); - common_element_end('li'); - } - - function show_form($msg=null, $success=false) - { - $this->form_header(_('Delete my account'), $msg, $success); - common_element('h2', null, _('Delete my account confirmation')); - $this->show_confirm_delete_form(); - common_show_footer(); - } - - function show_confirm_delete_form() - { - $user = common_current_user(); - $notices = DB_DataObject::factory('notice'); - $notices->profile_id = $user->id; - $notice_count = (int) $notices->count(); - - common_element_start('form', array('method' => 'POST', - 'id' => 'delete', - 'action' => - common_local_url('deleteprofile'))); - - common_hidden('token', common_session_token()); - common_element('p', null, "Last chance to copy your notices and contacts by saving the two links below before deleting your account. Be careful, this operation cannot be undone."); - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('userrss', array('limit' => $notice_count, 'nickname' => $user->nickname)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'notices'), - 1=>array('href'=>common_local_url('foaf',array('nickname' => $user->nickname)), - 'type' => 'rdf', - 'version' => 'FOAF', - 'item' => 'foaf'))); - - common_checkbox('confirmation', _('Check if you are sure you want to delete your account.')); - - common_submit('deleteaccount', _('Delete my account')); - common_element_end('form'); - } - - function handle_post() - { - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('deleteaccount') && $this->arg('confirmation')) { - $this->delete_account(); - } - $this->show_form(); - } - - function delete_account() - { - $user = common_current_user(); - assert(!is_null($user)); # should already be checked - - // deleted later through the profile - /* - $avatar = new Avatar; - $avatar->profile_id = $user->id; - $n_avatars_deleted = $avatar->delete(); - */ - - $fave = new Fave; - $fave->user_id = $user->id; - $n_faves_deleted = $fave->delete(); - - $confirmation = new Confirm_address; - $confirmation->user_id = $user->id; - $n_confirmations_deleted = $confirmation->delete(); - - // TODO foreign stuff... - - $invitation = new Invitation; - $invitation->user_id = $user->id; - $n_invitations_deleted = $invitation->delete(); - - $message_from = new Message; - $message_from->from_profile = $user->id; - $n_messages_from_deleted = $message_from->delete(); - - $message_to = new Message; - $message_to->to_profile = $user->id; - $n_messages_to_deleted = $message_to->delete(); - - $notice_inbox = new Notice_inbox; - $notice_inbox->user_id = $user->id; - $n_notices_inbox_deleted = $notice_inbox->delete(); - - $profile_tagger = new Profile_tag; - $profile_tagger->tagger = $user->id; - $n_profiles_tagger_deleted = $profile_tagger->delete(); - - $profile_tagged = new Profile_tag; - $profile_tagged->tagged = $user->id; - $n_profiles_tagged_deleted = $profile_tagged->delete(); - - $remember_me = new Remember_me; - $remember_me->user_id = $user->id; - $n_remember_mes_deleted = $remember_me->delete(); - - $reply= new Reply; - $reply->profile_id = $user->id; - $n_replies_deleted = $reply->delete(); - - // FIXME we're not removings replies to deleted notices. - // notices should take care of that themselves. - - $notice = new Notice; - $notice->profile_id = $user->id; - $n_notices_deleted = $notice->delete(); - - $subscriber = new Subscription; - $subscriber->subscriber = $user->id; - $n_subscribers_deleted = $subscriber->delete(); - - $subscribed = new Subscription; - $subscribed->subscribed = $user->id; - $n_subscribeds_deleted = $subscribed->delete(); - - $user_openid = new User_openid; - $user_openid->user_id = $user->id; - $n_user_openids_deleted = $user_openid->delete(); - - $profile = new Profile; - $profile->id = $user->id; - $profile->delete_avatars(); - $n_profiles_deleted = $profile->delete(); - $n_users_deleted = $user->delete(); - - // logout and redirect to public - common_set_user(null); - common_real_login(false); # not logged in - common_forgetme(); # don't log back in! - common_redirect(common_local_url('public')); - } - - function show_top($arr) - { - $msg = $arr[0]; - $success = $arr[1]; - if ($msg) { - $this->message($msg, $success); - } else { - $inst = $this->get_instructions(); - $output = common_markup_to_html($inst); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - } - $this->settings_menu(); - } - - function settings_menu() - { - # action => array('prompt', 'title') - $menu = - array('profilesettings' => - array(_('Profile'), - _('Change your profile settings')), - 'emailsettings' => - array(_('Email'), - _('Change email handling')), - 'openidsettings' => - array(_('OpenID'), - _('Add or remove OpenIDs')), - 'smssettings' => - array(_('SMS'), - _('Updates by SMS')), - 'imsettings' => - array(_('IM'), - _('Updates by instant messenger (IM)')), - 'twittersettings' => - array(_('Twitter'), - _('Twitter integration options')), - 'othersettings' => - array(_('Other'), - _('Other options'))); - - $action = $this->trimmed('action'); - common_element_start('ul', array('id' => 'nav_views')); - foreach ($menu as $menuaction => $menudesc) { - if ($menuaction == 'imsettings' && - !common_config('xmpp', 'enabled')) { - continue; - } - common_menu_item(common_local_url($menuaction), - $menudesc[0], - $menudesc[1], - $action == $menuaction); - } - common_element_end('ul'); - } -} - diff --git a/_darcs/pristine/actions/disfavor.php b/_darcs/pristine/actions/disfavor.php deleted file mode 100644 index 74aae86cc..000000000 --- a/_darcs/pristine/actions/disfavor.php +++ /dev/null @@ -1,85 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class DisfavorAction extends Action -{ - - function handle($args) - { - - parent::handle($args); - - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - return; - } - - $user = common_current_user(); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('showfavorites', array('nickname' => $user->nickname))); - return; - } - - $id = $this->trimmed('notice'); - - $notice = Notice::staticGet($id); - - $token = $this->trimmed('token-'.$notice->id); - - if (!$token || $token != common_session_token()) { - $this->client_error(_("There was a problem with your session token. Try again, please.")); - return; - } - - $fave = new Fave(); - $fave->user_id = $this->id; - $fave->notice_id = $notice->id; - if (!$fave->find(true)) { - $this->client_error(_('This notice is not a favorite!')); - return; - } - - $result = $fave->delete(); - - if (!$result) { - common_log_db_error($fave, 'DELETE', __FILE__); - $this->server_error(_('Could not delete favorite.')); - return; - } - - $user->blowFavesCache(); - - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Add to favorites')); - common_element_end('head'); - common_element_start('body'); - common_favor_form($notice); - common_element_end('body'); - common_element_end('html'); - } else { - common_redirect(common_local_url('showfavorites', - array('nickname' => $user->nickname))); - } - } -} diff --git a/_darcs/pristine/actions/doc.php b/_darcs/pristine/actions/doc.php deleted file mode 100644 index 856025e66..000000000 --- a/_darcs/pristine/actions/doc.php +++ /dev/null @@ -1,40 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class DocAction extends Action -{ - - function handle($args) - { - parent::handle($args); - $title = $this->trimmed('title'); - $filename = INSTALLDIR.'/doc/'.$title; - if (!file_exists($filename)) { - common_user_error(_('No such document.')); - return; - } - $c = file_get_contents($filename); - $output = common_markup_to_html($c); - common_show_header(_(ucfirst($title))); - common_raw($output); - common_show_footer(); - } -} diff --git a/_darcs/pristine/actions/emailsettings.php b/_darcs/pristine/actions/emailsettings.php deleted file mode 100644 index 3fa8ce296..000000000 --- a/_darcs/pristine/actions/emailsettings.php +++ /dev/null @@ -1,342 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); - -class EmailsettingsAction extends SettingsAction -{ - - function get_instructions() - { - return _('Manage how you get email from %%site.name%%.'); - } - - function show_form($msg=null, $success=false) - { - $user = common_current_user(); - $this->form_header(_('Email Settings'), $msg, $success); - common_element_start('form', array('method' => 'post', - 'id' => 'emailsettings', - 'action' => - common_local_url('emailsettings'))); - common_hidden('token', common_session_token()); - - common_element('h2', null, _('Address')); - - if ($user->email) { - common_element_start('p'); - common_element('span', 'address confirmed', $user->email); - common_element('span', 'input_instructions', - _('Current confirmed email address.')); - common_hidden('email', $user->email); - common_element_end('p'); - common_submit('remove', _('Remove')); - } else { - $confirm = $this->get_confirmation(); - if ($confirm) { - common_element_start('p'); - common_element('span', 'address unconfirmed', $confirm->address); - common_element('span', 'input_instructions', - _('Awaiting confirmation on this address. Check your inbox (and spam box!) for a message with further instructions.')); - common_hidden('email', $confirm->address); - common_element_end('p'); - common_submit('cancel', _('Cancel')); - } else { - common_input('email', _('Email Address'), - ($this->arg('email')) ? $this->arg('email') : null, - _('Email address, like "UserName@example.org"')); - common_submit('add', _('Add')); - } - } - - if ($user->email) { - common_element('h2', null, _('Incoming email')); - - if ($user->incomingemail) { - common_element_start('p'); - common_element('span', 'address', $user->incomingemail); - common_element('span', 'input_instructions', - _('Send email to this address to post new notices.')); - common_element_end('p'); - common_submit('removeincoming', _('Remove')); - } - - common_element_start('p'); - common_element('span', 'input_instructions', - _('Make a new email address for posting to; cancels the old one.')); - common_element_end('p'); - common_submit('newincoming', _('New')); - } - - common_element('h2', null, _('Preferences')); - - common_checkbox('emailnotifysub', - _('Send me notices of new subscriptions through email.'), - $user->emailnotifysub); - common_checkbox('emailnotifyfav', - _('Send me email when someone adds my notice as a favorite.'), - $user->emailnotifyfav); - common_checkbox('emailnotifymsg', - _('Send me email when someone sends me a private message.'), - $user->emailnotifymsg); - common_checkbox('emailnotifynudge', - _('Allow friends to nudge me and send me an email.'), - $user->emailnotifynudge); - common_checkbox('emailpost', - _('I want to post notices by email.'), - $user->emailpost); - common_checkbox('emailmicroid', - _('Publish a MicroID for my email address.'), - $user->emailmicroid); - - common_submit('save', _('Save')); - - common_element_end('form'); - common_show_footer(); - } - - function get_confirmation() - { - $user = common_current_user(); - $confirm = new Confirm_address(); - $confirm->user_id = $user->id; - $confirm->address_type = 'email'; - if ($confirm->find(true)) { - return $confirm; - } else { - return null; - } - } - - function handle_post() - { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_preferences(); - } else if ($this->arg('add')) { - $this->add_address(); - } else if ($this->arg('cancel')) { - $this->cancel_confirmation(); - } else if ($this->arg('remove')) { - $this->remove_address(); - } else if ($this->arg('removeincoming')) { - $this->remove_incoming(); - } else if ($this->arg('newincoming')) { - $this->new_incoming(); - } else { - $this->show_form(_('Unexpected form submission.')); - } - } - - function save_preferences() - { - - $emailnotifysub = $this->boolean('emailnotifysub'); - $emailnotifyfav = $this->boolean('emailnotifyfav'); - $emailnotifymsg = $this->boolean('emailnotifymsg'); - $emailnotifynudge = $this->boolean('emailnotifynudge'); - $emailmicroid = $this->boolean('emailmicroid'); - $emailpost = $this->boolean('emailpost'); - - $user = common_current_user(); - - assert(!is_null($user)); # should already be checked - - $user->query('BEGIN'); - - $original = clone($user); - - $user->emailnotifysub = $emailnotifysub; - $user->emailnotifyfav = $emailnotifyfav; - $user->emailnotifymsg = $emailnotifymsg; - $user->emailnotifynudge = $emailnotifynudge; - $user->emailmicroid = $emailmicroid; - $user->emailpost = $emailpost; - - $result = $user->update($original); - - if ($result === false) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - - $user->query('COMMIT'); - - $this->show_form(_('Preferences saved.'), true); - } - - function add_address() - { - - $user = common_current_user(); - - $email = $this->trimmed('email'); - - # Some validation - - if (!$email) { - $this->show_form(_('No email address.')); - return; - } - - $email = common_canonical_email($email); - - if (!$email) { - $this->show_form(_('Cannot normalize that email address')); - return; - } - if (!Validate::email($email, true)) { - $this->show_form(_('Not a valid email address')); - return; - } else if ($user->email == $email) { - $this->show_form(_('That is already your email address.')); - return; - } else if ($this->email_exists($email)) { - $this->show_form(_('That email address already belongs to another user.')); - return; - } - - $confirm = new Confirm_address(); - $confirm->address = $email; - $confirm->address_type = 'email'; - $confirm->user_id = $user->id; - $confirm->code = common_confirmation_code(64); - - $result = $confirm->insert(); - - if ($result === false) { - common_log_db_error($confirm, 'INSERT', __FILE__); - common_server_error(_('Couldn\'t insert confirmation code.')); - return; - } - - mail_confirm_address($user, $confirm->code, $user->nickname, $email); - - $msg = _('A confirmation code was sent to the email address you added. Check your inbox (and spam box!) for the code and instructions on how to use it.'); - - $this->show_form($msg, true); - } - - function cancel_confirmation() - { - $email = $this->arg('email'); - $confirm = $this->get_confirmation(); - if (!$confirm) { - $this->show_form(_('No pending confirmation to cancel.')); - return; - } - if ($confirm->address != $email) { - $this->show_form(_('That is the wrong IM address.')); - return; - } - - $result = $confirm->delete(); - - if (!$result) { - common_log_db_error($confirm, 'DELETE', __FILE__); - $this->server_error(_('Couldn\'t delete email confirmation.')); - return; - } - - $this->show_form(_('Confirmation cancelled.'), true); - } - - function remove_address() - { - - $user = common_current_user(); - $email = $this->arg('email'); - - # Maybe an old tab open...? - - if ($user->email != $email) { - $this->show_form(_('That is not your email address.')); - return; - } - - $user->query('BEGIN'); - $original = clone($user); - $user->email = null; - $result = $user->updateKeys($original); - if (!$result) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - $user->query('COMMIT'); - - $this->show_form(_('The address was removed.'), true); - } - - function remove_incoming() - { - $user = common_current_user(); - - if (!$user->incomingemail) { - $this->show_form(_('No incoming email address.')); - return; - } - - $orig = clone($user); - $user->incomingemail = null; - - if (!$user->updateKeys($orig)) { - common_log_db_error($user, 'UPDATE', __FILE__); - $this->server_error(_("Couldn't update user record.")); - } - - $this->show_form(_('Incoming email address removed.'), true); - } - - function new_incoming() - { - $user = common_current_user(); - - $orig = clone($user); - $user->incomingemail = mail_new_incoming_address(); - - if (!$user->updateKeys($orig)) { - common_log_db_error($user, 'UPDATE', __FILE__); - $this->server_error(_("Couldn't update user record.")); - } - - $this->show_form(_('New incoming email address added.'), true); - } - - function email_exists($email) - { - $user = common_current_user(); - $other = User::staticGet('email', $email); - if (!$other) { - return false; - } else { - return $other->id != $user->id; - } - } -} diff --git a/_darcs/pristine/actions/facebookhome.php b/_darcs/pristine/actions/facebookhome.php deleted file mode 100644 index 6206fb6c2..000000000 --- a/_darcs/pristine/actions/facebookhome.php +++ /dev/null @@ -1,136 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/facebookaction.php'); - -class FacebookhomeAction extends FacebookAction -{ - - function handle($args) - { - parent::handle($args); - - $this->login(); - } - - function login() - { - - $user = null; - - $facebook = get_facebook(); - $fbuid = $facebook->require_login(); - - # check to see whether there's already a Facebook link for this user - $flink = Foreign_link::getByForeignID($fbuid, 2); // 2 == Facebook - - if ($flink) { - - $user = $flink->getUser(); - $this->show_home($facebook, $fbuid, $user); - - } else { - - # Make the user put in her Laconica creds - $nickname = common_canonical_nickname($this->trimmed('nickname')); - $password = $this->arg('password'); - - if ($nickname) { - - if (common_check_user($nickname, $password)) { - - - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - echo ''; - $this->show_login_form(); - } - - $flink = DB_DataObject::factory('foreign_link'); - $flink->user_id = $user->id; - $flink->foreign_id = $fbuid; - $flink->service = 2; # Facebook - $flink->created = common_sql_now(); - $flink->set_flags(true, false, false); - - $flink_id = $flink->insert(); - - if ($flink_id) { - echo ''; - } - - $this->show_home($facebook, $fbuid, $user); - - return; - } else { - echo ''; - } - } - - $this->show_login_form(); - } - - } - - function show_home($facebook, $fbuid, $user) - { - - $this->show_header('Home'); - - echo $this->show_notices($user); - $this->update_profile_box($facebook, $fbuid, $user); - - $this->show_footer(); - } - - function show_notices($user) - { - - $page = $this->trimmed('page'); - if (!$page) { - $page = 1; - } - - $notice = $user->noticesWithFriends(($page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); - - echo '
    '; - - $cnt = 0; - - while ($notice->fetch() && $cnt <= NOTICES_PER_PAGE) { - $cnt++; - - if ($cnt > NOTICES_PER_PAGE) { - break; - } - - echo $this->render_notice($notice); - } - - echo '
      '; - - $this->pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'index.php', array('nickname' => $user->nickname)); - - } - -} diff --git a/_darcs/pristine/actions/facebookinvite.php b/_darcs/pristine/actions/facebookinvite.php deleted file mode 100644 index 00efa654b..000000000 --- a/_darcs/pristine/actions/facebookinvite.php +++ /dev/null @@ -1,49 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/facebookaction.php'); - -class FacebookinviteAction extends FacebookAction -{ - - function handle($args) - { - parent::handle($args); - - $this->display(); - } - - function display() - { - - $facebook = get_facebook(); - - $fbuid = $facebook->require_login(); - - $this->show_header('Invite'); - - echo '

      Coming soon...

      '; - - $this->show_footer(); - - } - -} diff --git a/_darcs/pristine/actions/facebookremove.php b/_darcs/pristine/actions/facebookremove.php deleted file mode 100644 index a200fefbf..000000000 --- a/_darcs/pristine/actions/facebookremove.php +++ /dev/null @@ -1,67 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/facebookaction.php'); - -class FacebookremoveAction extends FacebookAction -{ - - function handle($args) - { - parent::handle($args); - - $secret = common_config('facebook', 'secret'); - - $sig = ''; - - ksort($_POST); - - foreach ($_POST as $key => $val) { - if (substr($key, 0, 7) == 'fb_sig_') { - $sig .= substr($key, 7) . '=' . $val; - } - } - - $sig .= $secret; - $verify = md5($sig); - - if ($verify == $this->arg('fb_sig')) { - - $flink = Foreign_link::getByForeignID($this->arg('fb_sig_user'), 2); - - common_debug("Removing foreign link to Facebook - local user ID: $flink->user_id, Facebook ID: $flink->foreign_id"); - - $result = $flink->delete(); - - if (!$result) { - common_log_db_error($flink, 'DELETE', __FILE__); - common_server_error(_('Couldn\'t remove Facebook user.')); - return; - } - - } else { - # Someone bad tried to remove facebook link? - common_log(LOG_ERR, "Someone from $_SERVER[REMOTE_ADDR] " . - 'unsuccessfully tried to remove a foreign link to Facebook!'); - } - } - -} diff --git a/_darcs/pristine/actions/facebooksettings.php b/_darcs/pristine/actions/facebooksettings.php deleted file mode 100644 index d28b1aa5c..000000000 --- a/_darcs/pristine/actions/facebooksettings.php +++ /dev/null @@ -1,113 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/facebookaction.php'); - -class FacebooksettingsAction extends FacebookAction -{ - - function handle($args) - { - parent::handle($args); - - if ($this->arg('save')) { - $this->save_settings(); - } else { - $this->show_form(); - } - } - - - function save_settings() { - - $noticesync = $this->arg('noticesync'); - $replysync = $this->arg('replysync'); - - $facebook = get_facebook(); - $fbuid = $facebook->require_login(); - - $flink = Foreign_link::getByForeignID($fbuid, 2); // 2 == Facebook - - $original = clone($flink); - $flink->set_flags($noticesync, $replysync, false); - $result = $flink->update($original); - - if ($result) { - echo ''; - } - - $this->show_form(); - - } - - function show_form() { - - $facebook = get_facebook(); - $fbuid = $facebook->require_login(); - - $flink = Foreign_link::getByForeignID($fbuid, 2); // 2 == Facebook - - $this->show_header('Settings'); - - $fbml = '' - .'

      Add an Identi.ca box to my profile

      ' - .'

      ' - .'      '; - - $fbml .= '

      Allow Identi.ca to update my Facebook status

      '; - - if ($facebook->api_client->users_hasAppPermission('status_update')) { - - $fbml .= '
      ' - .'

      Sync preferences

      ' - .'

      '; - - if ($flink->noticesync & FOREIGN_NOTICE_SEND) { - $fbml .= ''; - } else { - $fbml .= ''; - } - - $fbml .= '' - .'

      ' - .'

      '; - - if ($flink->noticesync & FOREIGN_NOTICE_SEND_REPLY) { - $fbml .= ''; - } else { - $fbml .= ''; - } - - $fbml .= '' - .'

      ' - .'

      ' - .'' - .'

      ' - .'
      '; - - } - - echo $fbml; - - $this->show_footer(); - } - -} diff --git a/_darcs/pristine/actions/favor.php b/_darcs/pristine/actions/favor.php deleted file mode 100644 index 8103f8181..000000000 --- a/_darcs/pristine/actions/favor.php +++ /dev/null @@ -1,97 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/mail.php'); - -class FavorAction extends Action -{ - - function handle($args) - { - parent::handle($args); - - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - return; - } - - $user = common_current_user(); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('showfavorites', array('nickname' => $user->nickname))); - return; - } - - $id = $this->trimmed('notice'); - - $notice = Notice::staticGet($id); - - # CSRF protection - - $token = $this->trimmed('token-'.$notice->id); - if (!$token || $token != common_session_token()) { - $this->client_error(_("There was a problem with your session token. Try again, please.")); - return; - } - - if ($user->hasFave($notice)) { - $this->client_error(_('This notice is already a favorite!')); - return; - } - - $fave = Fave::addNew($user, $notice); - - if (!$fave) { - $this->server_error(_('Could not create favorite.')); - return; - } - - $this->notify($fave, $notice, $user); - $user->blowFavesCache(); - - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Disfavor favorite')); - common_element_end('head'); - common_element_start('body'); - common_disfavor_form($notice); - common_element_end('body'); - common_element_end('html'); - } else { - common_redirect(common_local_url('showfavorites', - array('nickname' => $user->nickname))); - } - } - - function notify($fave, $notice, $user) - { - $other = User::staticGet('id', $notice->profile_id); - if ($other && $other->id != $user->id) { - if ($other->email && $other->emailnotifyfav) { - mail_notify_fave($other, $user, $notice); - } - # XXX: notify by IM - # XXX: notify by SMS - } - } - -} diff --git a/_darcs/pristine/actions/favorited.php b/_darcs/pristine/actions/favorited.php deleted file mode 100644 index 71a9e026e..000000000 --- a/_darcs/pristine/actions/favorited.php +++ /dev/null @@ -1,105 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/stream.php'); - -class FavoritedAction extends StreamAction -{ - - function handle($args) - { - parent::handle($args); - - $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - - common_show_header(_('Popular notices'), - array($this, 'show_header'), null, - array($this, 'show_top')); - - $this->show_notices($page); - - common_show_footer(); - } - - function show_top() - { - $instr = $this->get_instructions(); - $output = common_markup_to_html($instr); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - $this->public_views_menu(); - } - - function show_header() - { - return; - } - - function get_instructions() - { - return _('Showing recently popular notices'); - } - - function show_notices($page) - { - - $qry = 'SELECT notice.*, sum(exp(-(now() - fave.modified) / %s)) as weight ' . - 'FROM notice JOIN fave ON notice.id = fave.notice_id ' . - 'GROUP BY fave.notice_id ' . - 'ORDER BY weight DESC'; - - $offset = ($page - 1) * NOTICES_PER_PAGE; - $limit = NOTICES_PER_PAGE + 1; - - if (common_config('db','type') == 'pgsql') { - $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset; - } else { - $qry .= ' LIMIT ' . $offset . ', ' . $limit; - } - - # Figure out how to cache this query - - $notice = new Notice; - $notice->query(sprintf($qry, common_config('popular', 'dropoff'))); - - common_element_start('ul', array('id' => 'notices')); - - $cnt = 0; - - while ($notice->fetch() && $cnt <= NOTICES_PER_PAGE) { - $cnt++; - - if ($cnt > NOTICES_PER_PAGE) { - break; - } - - $item = new NoticeListItem($notice); - $item->show(); - } - - common_element_end('ul'); - - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'favorited'); - } - -} diff --git a/_darcs/pristine/actions/favoritesrss.php b/_darcs/pristine/actions/favoritesrss.php deleted file mode 100644 index 8c7ce52bf..000000000 --- a/_darcs/pristine/actions/favoritesrss.php +++ /dev/null @@ -1,78 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/rssaction.php'); - -// Formatting of RSS handled by Rss10Action - -class FavoritesrssAction extends Rss10Action -{ - - var $user = null; - - function init() - { - $nickname = $this->trimmed('nickname'); - $this->user = User::staticGet('nickname', $nickname); - - if (!$this->user) { - common_user_error(_('No such user.')); - return false; - } else { - return true; - } - } - - function get_notices($limit=0) - { - - $user = $this->user; - - $notice = $user->favoriteNotices(0, $limit); - - $notices = array(); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - return $notices; - } - - function get_channel() - { - $user = $this->user; - $c = array('url' => common_local_url('favoritesrss', - array('nickname' => - $user->nickname)), - 'title' => sprintf(_("%s favorite notices"), $user->nickname), - 'link' => common_local_url('showfavorites', - array('nickname' => - $user->nickname)), - 'description' => sprintf(_('Feed of favorite notices of %s'), $user->nickname)); - return $c; - } - - function get_image() - { - return null; - } -} \ No newline at end of file diff --git a/_darcs/pristine/actions/featured.php b/_darcs/pristine/actions/featured.php deleted file mode 100644 index 2bf8b0b81..000000000 --- a/_darcs/pristine/actions/featured.php +++ /dev/null @@ -1,108 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/stream.php'); -require_once(INSTALLDIR.'/lib/profilelist.php'); - -class FeaturedAction extends StreamAction -{ - - function handle($args) - { - parent::handle($args); - - $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - - common_show_header(_('Featured users'), - array($this, 'show_header'), null, - array($this, 'show_top')); - - $this->show_notices($page); - - common_show_footer(); - } - - function show_top() - { - $instr = $this->get_instructions(); - $output = common_markup_to_html($instr); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - $this->public_views_menu(); - } - - function show_header() - { - } - - function get_instructions() - { - return _('Featured users'); - } - - function show_notices($page) - { - - // XXX: Note I'm doing it this two-stage way because a raw query - // with a JOIN was *not* working. --Zach - - $featured_nicks = common_config('nickname', 'featured'); - - if (count($featured_nicks) > 0) { - - $quoted = array(); - - foreach ($featured_nicks as $nick) { - $quoted[] = "'$nick'"; - } - - $user = new User; - $user->whereAdd(sprintf('nickname IN (%s)', implode(',', $quoted))); - $user->limit(($page - 1) * PROFILES_PER_PAGE, PROFILES_PER_PAGE + 1); - $user->orderBy('user.nickname ASC'); - - $user->find(); - - $profile_ids = array(); - - while ($user->fetch()) { - $profile_ids[] = $user->id; - } - - $profile = new Profile; - $profile->whereAdd(sprintf('profile.id IN (%s)', implode(',', $profile_ids))); - $profile->orderBy('nickname ASC'); - - $cnt = $profile->find(); - - if ($cnt > 0) { - $featured = new ProfileList($profile); - $featured->show_list(); - } - - $profile->free(); - - common_pagination($page > 1, $cnt > PROFILES_PER_PAGE, $page, 'featured'); - } - } - -} \ No newline at end of file diff --git a/_darcs/pristine/actions/finishaddopenid.php b/_darcs/pristine/actions/finishaddopenid.php deleted file mode 100644 index 0ce1680aa..000000000 --- a/_darcs/pristine/actions/finishaddopenid.php +++ /dev/null @@ -1,107 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/openid.php'); - -class FinishaddopenidAction extends Action -{ - - function handle($args) - { - parent::handle($args); - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - } else { - $this->try_login(); - } - } - - function try_login() - { - - $consumer =& oid_consumer(); - - $response = $consumer->complete(common_local_url('finishaddopenid')); - - if ($response->status == Auth_OpenID_CANCEL) { - $this->message(_('OpenID authentication cancelled.')); - return; - } else if ($response->status == Auth_OpenID_FAILURE) { - // Authentication failed; display the error message. - $this->message(sprintf(_('OpenID authentication failed: %s'), $response->message)); - } else if ($response->status == Auth_OpenID_SUCCESS) { - - $display = $response->getDisplayIdentifier(); - $canonical = ($response->endpoint && $response->endpoint->canonicalID) ? - $response->endpoint->canonicalID : $display; - - $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); - - if ($sreg_resp) { - $sreg = $sreg_resp->contents(); - } - - $cur =& common_current_user(); - $other = oid_get_user($canonical); - - if ($other) { - if ($other->id == $cur->id) { - $this->message(_('You already have this OpenID!')); - } else { - $this->message(_('Someone else already has this OpenID.')); - } - return; - } - - # start a transaction - - $cur->query('BEGIN'); - - $result = oid_link_user($cur->id, $canonical, $display); - - if (!$result) { - $this->message(_('Error connecting user.')); - return; - } - if ($sreg) { - if (!oid_update_user($cur, $sreg)) { - $this->message(_('Error updating profile')); - return; - } - } - - # success! - - $cur->query('COMMIT'); - - oid_set_last($display); - - common_redirect(common_local_url('openidsettings')); - } - } - - function message($msg) - { - common_show_header(_('OpenID Login')); - common_element('p', null, $msg); - common_show_footer(); - } -} diff --git a/_darcs/pristine/actions/finishimmediate.php b/_darcs/pristine/actions/finishimmediate.php deleted file mode 100644 index 0964c39f4..000000000 --- a/_darcs/pristine/actions/finishimmediate.php +++ /dev/null @@ -1,68 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/openid.php'); - -class FinishimmediateAction extends Action -{ - - function handle($args) - { - parent::handle($args); - - $consumer = oid_consumer(); - - $response = $consumer->complete(common_local_url('finishimmediate')); - - if ($response->status == Auth_OpenID_SUCCESS) { - $display = $response->getDisplayIdentifier(); - $canonical = ($response->endpoint->canonicalID) ? - $response->endpoint->canonicalID : $response->getDisplayIdentifier(); - - $user = oid_get_user($canonical); - - if ($user) { - oid_update_user($user, $sreg); - oid_set_last($display); # refresh for another year - common_set_user($user->nickname); - $this->go_backto(); - return; - } - } - - # Failure! Clear openid so we don't try it again - - oid_clear_last(); - $this->go_backto(); - return; - } - - function go_backto() - { - common_ensure_session(); - $backto = $_SESSION['openid_immediate_backto']; - if (!$backto) { - # gar. Well, push them to the public page - $backto = common_local_url('public'); - } - common_redirect($backto); - } -} diff --git a/_darcs/pristine/actions/finishopenidlogin.php b/_darcs/pristine/actions/finishopenidlogin.php deleted file mode 100644 index bdb8516a3..000000000 --- a/_darcs/pristine/actions/finishopenidlogin.php +++ /dev/null @@ -1,454 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/openid.php'); - -class FinishopenidloginAction extends Action -{ - - function handle($args) - { - parent::handle($args); - if (common_logged_in()) { - common_user_error(_('Already logged in.')); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - if ($this->arg('create')) { - if (!$this->boolean('license')) { - $this->show_form(_('You can\'t register if you don\'t agree to the license.'), - $this->trimmed('newname')); - return; - } - $this->create_new_user(); - } else if ($this->arg('connect')) { - $this->connect_user(); - } else { - common_debug(print_r($this->args, true), __FILE__); - $this->show_form(_('Something weird happened.'), - $this->trimmed('newname')); - } - } else { - $this->try_login(); - } - } - - function show_top($error=null) - { - if ($error) { - common_element('div', array('class' => 'error'), $error); - } else { - global $config; - common_element('div', 'instructions', - sprintf(_('This is the first time you\'ve logged into %s so we must connect your OpenID to a local account. You can either create a new account, or connect with your existing account, if you have one.'), $config['site']['name'])); - } - } - - function show_form($error=null, $username=null) - { - common_show_header(_('OpenID Account Setup'), null, $error, - array($this, 'show_top')); - - common_element_start('form', array('method' => 'post', - 'id' => 'account_connect', - 'action' => common_local_url('finishopenidlogin'))); - common_hidden('token', common_session_token()); - common_element('h2', null, - _('Create new account')); - common_element('p', null, - _('Create a new user with this nickname.')); - common_input('newname', _('New nickname'), - ($username) ? $username : '', - _('1-64 lowercase letters or numbers, no punctuation or spaces')); - common_element_start('p'); - common_element('input', array('type' => 'checkbox', - 'id' => 'license', - 'name' => 'license', - 'value' => 'true')); - common_text(_('My text and files are available under ')); - common_element('a', array(href => common_config('license', 'url')), - common_config('license', 'title')); - common_text(_(' except this private data: password, email address, IM address, phone number.')); - common_element_end('p'); - common_submit('create', _('Create')); - common_element('h2', null, - _('Connect existing account')); - common_element('p', null, - _('If you already have an account, login with your username and password to connect it to your OpenID.')); - common_input('nickname', _('Existing nickname')); - common_password('password', _('Password')); - common_submit('connect', _('Connect')); - common_element_end('form'); - common_show_footer(); - } - - function try_login() - { - - $consumer = oid_consumer(); - - $response = $consumer->complete(common_local_url('finishopenidlogin')); - - if ($response->status == Auth_OpenID_CANCEL) { - $this->message(_('OpenID authentication cancelled.')); - return; - } else if ($response->status == Auth_OpenID_FAILURE) { - // Authentication failed; display the error message. - $this->message(sprintf(_('OpenID authentication failed: %s'), $response->message)); - } else if ($response->status == Auth_OpenID_SUCCESS) { - // This means the authentication succeeded; extract the - // identity URL and Simple Registration data (if it was - // returned). - $display = $response->getDisplayIdentifier(); - $canonical = ($response->endpoint->canonicalID) ? - $response->endpoint->canonicalID : $response->getDisplayIdentifier(); - - $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); - - if ($sreg_resp) { - $sreg = $sreg_resp->contents(); - } - - $user = oid_get_user($canonical); - - if ($user) { - oid_set_last($display); - # XXX: commented out at @edd's request until better - # control over how data flows from OpenID provider. - # oid_update_user($user, $sreg); - common_set_user($user); - common_real_login(true); - if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { - common_rememberme($user); - } - unset($_SESSION['openid_rememberme']); - $this->go_home($user->nickname); - } else { - $this->save_values($display, $canonical, $sreg); - $this->show_form(null, $this->best_new_nickname($display, $sreg)); - } - } - } - - function message($msg) - { - common_show_header(_('OpenID Login')); - common_element('p', null, $msg); - common_show_footer(); - } - - function save_values($display, $canonical, $sreg) - { - common_ensure_session(); - $_SESSION['openid_display'] = $display; - $_SESSION['openid_canonical'] = $canonical; - $_SESSION['openid_sreg'] = $sreg; - } - - function get_saved_values() - { - return array($_SESSION['openid_display'], - $_SESSION['openid_canonical'], - $_SESSION['openid_sreg']); - } - - function create_new_user() - { - - # FIXME: save invite code before redirect, and check here - - if (common_config('site', 'closed') || common_config('site', 'inviteonly')) { - common_user_error(_('Registration not allowed.')); - return; - } - - $nickname = $this->trimmed('newname'); - - if (!Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.')); - return; - } - - if (!User::allowed_nickname($nickname)) { - $this->show_form(_('Nickname not allowed.')); - return; - } - - if (User::staticGet('nickname', $nickname)) { - $this->show_form(_('Nickname already in use. Try another one.')); - return; - } - - list($display, $canonical, $sreg) = $this->get_saved_values(); - - if (!$display || !$canonical) { - common_server_error(_('Stored OpenID not found.')); - return; - } - - # Possible race condition... let's be paranoid - - $other = oid_get_user($canonical); - - if ($other) { - common_server_error(_('Creating new account for OpenID that already has a user.')); - return; - } - - if ($sreg['country']) { - if ($sreg['postcode']) { - # XXX: use postcode to get city and region - # XXX: also, store postcode somewhere -- it's valuable! - $location = $sreg['postcode'] . ', ' . $sreg['country']; - } else { - $location = $sreg['country']; - } - } - - if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { - $fullname = $sreg['fullname']; - } - - if ($sreg['email'] && Validate::email($sreg['email'], true)) { - $email = $sreg['email']; - } - - # XXX: add language - # XXX: add timezone - - $user = User::register(array('nickname' => $nickname, - 'email' => $email, - 'fullname' => $fullname, - 'location' => $location)); - - $result = oid_link_user($user->id, $canonical, $display); - - oid_set_last($display); - common_set_user($user); - common_real_login(true); - if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { - common_rememberme($user); - } - unset($_SESSION['openid_rememberme']); - common_redirect(common_local_url('showstream', array('nickname' => $user->nickname))); - } - - function connect_user() - { - - $nickname = $this->trimmed('nickname'); - $password = $this->trimmed('password'); - - if (!common_check_user($nickname, $password)) { - $this->show_form(_('Invalid username or password.')); - return; - } - - # They're legit! - - $user = User::staticGet('nickname', $nickname); - - list($display, $canonical, $sreg) = $this->get_saved_values(); - - if (!$display || !$canonical) { - common_server_error(_('Stored OpenID not found.')); - return; - } - - $result = oid_link_user($user->id, $canonical, $display); - - if (!$result) { - common_server_error(_('Error connecting user to OpenID.')); - return; - } - - oid_update_user($user, $sreg); - oid_set_last($display); - common_set_user($user); - common_real_login(true); - if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { - common_rememberme($user); - } - unset($_SESSION['openid_rememberme']); - $this->go_home($user->nickname); - } - - function go_home($nickname) - { - $url = common_get_returnto(); - if ($url) { - # We don't have to return to it again - common_set_returnto(null); - } else { - $url = common_local_url('all', - array('nickname' => - $nickname)); - } - common_redirect($url); - } - - function best_new_nickname($display, $sreg) - { - - # Try the passed-in nickname - - if ($sreg['nickname']) { - $nickname = $this->nicknamize($sreg['nickname']); - if ($this->is_new_nickname($nickname)) { - return $nickname; - } - } - - # Try the full name - - if ($sreg['fullname']) { - $fullname = $this->nicknamize($sreg['fullname']); - if ($this->is_new_nickname($fullname)) { - return $fullname; - } - } - - # Try the URL - - $from_url = $this->openid_to_nickname($display); - - if ($from_url && $this->is_new_nickname($from_url)) { - return $from_url; - } - - # XXX: others? - - return null; - } - - function is_new_nickname($str) - { - if (!Validate::string($str, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - return false; - } - if (!User::allowed_nickname($str)) { - return false; - } - if (User::staticGet('nickname', $str)) { - return false; - } - return true; - } - - function openid_to_nickname($openid) - { - if (Auth_Yadis_identifierScheme($openid) == 'XRI') { - return $this->xri_to_nickname($openid); - } else { - return $this->url_to_nickname($openid); - } - } - - # We try to use an OpenID URL as a legal Laconica user name in this order - # 1. Plain hostname, like http://evanp.myopenid.com/ - # 2. One element in path, like http://profile.typekey.com/EvanProdromou/ - # or http://getopenid.com/evanprodromou - - function url_to_nickname($openid) - { - static $bad = array('query', 'user', 'password', 'port', 'fragment'); - - $parts = parse_url($openid); - - # If any of these parts exist, this won't work - - foreach ($bad as $badpart) { - if (array_key_exists($badpart, $parts)) { - return null; - } - } - - # We just have host and/or path - - # If it's just a host... - if (array_key_exists('host', $parts) && - (!array_key_exists('path', $parts) || strcmp($parts['path'], '/') == 0)) - { - $hostparts = explode('.', $parts['host']); - - # Try to catch common idiom of nickname.service.tld - - if ((count($hostparts) > 2) && - (strlen($hostparts[count($hostparts) - 2]) > 3) && # try to skip .co.uk, .com.au - (strcmp($hostparts[0], 'www') != 0)) - { - return $this->nicknamize($hostparts[0]); - } else { - # Do the whole hostname - return $this->nicknamize($parts['host']); - } - } else { - if (array_key_exists('path', $parts)) { - # Strip starting, ending slashes - $path = preg_replace('@/$@', '', $parts['path']); - $path = preg_replace('@^/@', '', $path); - if (strpos($path, '/') === false) { - return $this->nicknamize($path); - } - } - } - - return null; - } - - function xri_to_nickname($xri) - { - $base = $this->xri_base($xri); - - if (!$base) { - return null; - } else { - # =evan.prodromou - # or @gratis*evan.prodromou - $parts = explode('*', substr($base, 1)); - return $this->nicknamize(array_pop($parts)); - } - } - - function xri_base($xri) - { - if (substr($xri, 0, 6) == 'xri://') { - return substr($xri, 6); - } else { - return $xri; - } - } - - # Given a string, try to make it work as a nickname - - function nicknamize($str) - { - $str = preg_replace('/\W/', '', $str); - return strtolower($str); - } -} diff --git a/_darcs/pristine/actions/finishremotesubscribe.php b/_darcs/pristine/actions/finishremotesubscribe.php deleted file mode 100644 index cee3a1818..000000000 --- a/_darcs/pristine/actions/finishremotesubscribe.php +++ /dev/null @@ -1,292 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/omb.php'); - -class FinishremotesubscribeAction extends Action -{ - - function handle($args) - { - - parent::handle($args); - - if (common_logged_in()) { - common_user_error(_('You can use the local subscription!')); - return; - } - - $omb = $_SESSION['oauth_authorization_request']; - - if (!$omb) { - common_user_error(_('Not expecting this response!')); - return; - } - - common_debug('stored request: '.print_r($omb,true), __FILE__); - - common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); - - $token = $req->get_parameter('oauth_token'); - - # I think this is the success metric - - if ($token != $omb['token']) { - common_user_error(_('Not authorized.')); - return; - } - - $version = $req->get_parameter('omb_version'); - - if ($version != OMB_VERSION_01) { - common_user_error(_('Unknown version of OMB protocol.')); - return; - } - - $nickname = $req->get_parameter('omb_listener_nickname'); - - if (!$nickname) { - common_user_error(_('No nickname provided by remote server.')); - return; - } - - $profile_url = $req->get_parameter('omb_listener_profile'); - - if (!$profile_url) { - common_user_error(_('No profile URL returned by server.')); - return; - } - - if (!Validate::uri($profile_url, array('allowed_schemes' => array('http', 'https')))) { - common_user_error(_('Invalid profile URL returned by server.')); - return; - } - - if ($profile_url == common_local_url('showstream', array('nickname' => $nickname))) { - common_user_error(_('You can use the local subscription!')); - return; - } - - common_debug('listenee: "'.$omb['listenee'].'"', __FILE__); - - $user = User::staticGet('nickname', $omb['listenee']); - - if (!$user) { - common_user_error(_('User being listened to doesn\'t exist.')); - return; - } - - $other = User::staticGet('uri', $omb['listener']); - - if ($other) { - common_user_error(_('You can use the local subscription!')); - return; - } - - $fullname = $req->get_parameter('omb_listener_fullname'); - $homepage = $req->get_parameter('omb_listener_homepage'); - $bio = $req->get_parameter('omb_listener_bio'); - $location = $req->get_parameter('omb_listener_location'); - $avatar_url = $req->get_parameter('omb_listener_avatar'); - - list($newtok, $newsecret) = $this->access_token($omb); - - if (!$newtok || !$newsecret) { - common_user_error(_('Couldn\'t convert request tokens to access tokens.')); - return; - } - - # XXX: possible attack point; subscribe and return someone else's profile URI - - $remote = Remote_profile::staticGet('uri', $omb['listener']); - - if ($remote) { - $exists = true; - $profile = Profile::staticGet($remote->id); - $orig_remote = clone($remote); - $orig_profile = clone($profile); - # XXX: compare current postNotice and updateProfile URLs to the ones - # stored in the DB to avoid (possibly...) above attack - } else { - $exists = false; - $remote = new Remote_profile(); - $remote->uri = $omb['listener']; - $profile = new Profile(); - } - - $profile->nickname = $nickname; - $profile->profileurl = $profile_url; - - if ($fullname) { - $profile->fullname = $fullname; - } - if ($homepage) { - $profile->homepage = $homepage; - } - if ($bio) { - $profile->bio = $bio; - } - if ($location) { - $profile->location = $location; - } - - if ($exists) { - $profile->update($orig_profile); - } else { - $profile->created = DB_DataObject_Cast::dateTime(); # current time - $id = $profile->insert(); - if (!$id) { - common_server_error(_('Error inserting new profile')); - return; - } - $remote->id = $id; - } - - if ($avatar_url) { - if (!$this->add_avatar($profile, $avatar_url)) { - common_server_error(_('Error inserting avatar')); - return; - } - } - - $remote->postnoticeurl = $omb['post_notice_url']; - $remote->updateprofileurl = $omb['update_profile_url']; - - if ($exists) { - if (!$remote->update($orig_remote)) { - common_server_error(_('Error updating remote profile')); - return; - } - } else { - $remote->created = DB_DataObject_Cast::dateTime(); # current time - if (!$remote->insert()) { - common_server_error(_('Error inserting remote profile')); - return; - } - } - - if ($user->hasBlocked($profile)) { - $this->client_error(_('That user has blocked you from subscribing.')); - return; - } - - $sub = new Subscription(); - - $sub->subscriber = $remote->id; - $sub->subscribed = $user->id; - - $sub_exists = false; - - if ($sub->find(true)) { - $sub_exists = true; - $orig_sub = clone($sub); - } else { - $sub_exists = false; - $sub->created = DB_DataObject_Cast::dateTime(); # current time - } - - $sub->token = $newtok; - $sub->secret = $newsecret; - - if ($sub_exists) { - $result = $sub->update($orig_sub); - } else { - $result = $sub->insert(); - } - - if (!$result) { - common_log_db_error($sub, ($sub_exists) ? 'UPDATE' : 'INSERT', __FILE__); - common_user_error(_('Couldn\'t insert new subscription.')); - return; - } - - # Notify user, if necessary - - mail_subscribe_notify_profile($user, $profile); - - # Clear the data - unset($_SESSION['oauth_authorization_request']); - - # If we show subscriptions in reverse chron order, this should - # show up close to the top of the page - - common_redirect(common_local_url('subscribers', array('nickname' => - $user->nickname))); - } - - function add_avatar($profile, $url) - { - $temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar'); - copy($url, $temp_filename); - return $profile->setOriginal($temp_filename); - } - - function access_token($omb) - { - - common_debug('starting request for access token', __FILE__); - - $con = omb_oauth_consumer(); - $tok = new OAuthToken($omb['token'], $omb['secret']); - - common_debug('using request token "'.$tok.'"', __FILE__); - - $url = $omb['access_token_url']; - - common_debug('using access token url "'.$url.'"', __FILE__); - - # XXX: Is this the right thing to do? Strip off GET params and make them - # POST params? Seems wrong to me. - - $parsed = parse_url($url); - $params = array(); - parse_str($parsed['query'], $params); - - $req = OAuthRequest::from_consumer_and_token($con, $tok, "POST", $url, $params); - - $req->set_parameter('omb_version', OMB_VERSION_01); - - # XXX: test to see if endpoint accepts this signature method - - $req->sign_request(omb_hmac_sha1(), $con, $tok); - - # We re-use this tool's fetcher, since it's pretty good - - common_debug('posting to access token url "'.$req->get_normalized_http_url().'"', __FILE__); - common_debug('posting request data "'.$req->to_postdata().'"', __FILE__); - - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata(), - array('User-Agent' => 'Laconica/' . LACONICA_VERSION)); - - common_debug('got result: "'.print_r($result,true).'"', __FILE__); - - if ($result->status != 200) { - return null; - } - - parse_str($result->body, $return); - - return array($return['oauth_token'], $return['oauth_token_secret']); - } -} diff --git a/_darcs/pristine/actions/foaf.php b/_darcs/pristine/actions/foaf.php deleted file mode 100644 index 30e98960c..000000000 --- a/_darcs/pristine/actions/foaf.php +++ /dev/null @@ -1,207 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -define('LISTENER', 1); -define('LISTENEE', -1); -define('BOTH', 0); - -class FoafAction extends Action -{ - - function is_readonly() - { - return true; - } - - function handle($args) - { - parent::handle($args); - - $nickname = $this->trimmed('nickname'); - - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - common_user_error(_('No such user.'), 404); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.'), 500); - return; - } - - header('Content-Type: application/rdf+xml'); - - common_start_xml(); - common_element_start('rdf:RDF', array('xmlns:rdf' => - 'http://www.w3.org/1999/02/22-rdf-syntax-ns#', - 'xmlns:rdfs' => - 'http://www.w3.org/2000/01/rdf-schema#', - 'xmlns:geo' => - 'http://www.w3.org/2003/01/geo/wgs84_pos#', - 'xmlns' => 'http://xmlns.com/foaf/0.1/')); - - # This is the document about the user - - $this->show_ppd('', $user->uri); - - # XXX: might not be a person - common_element_start('Person', array('rdf:about' => - $user->uri)); - common_element('mbox_sha1sum', null, sha1('mailto:' . $user->email)); - if ($profile->fullname) { - common_element('name', null, $profile->fullname); - } - if ($profile->homepage) { - common_element('homepage', array('rdf:resource' => $profile->homepage)); - } - if ($profile->bio) { - common_element('rdfs:comment', null, $profile->bio); - } - # XXX: more structured location data - if ($profile->location) { - common_element_start('based_near'); - common_element_start('geo:SpatialThing'); - common_element('name', null, $profile->location); - common_element_end('geo:SpatialThing'); - common_element_end('based_near'); - } - - $this->show_microblogging_account($profile, common_root_url()); - - $avatar = $profile->getOriginalAvatar(); - - if ($avatar) { - common_element_start('img'); - common_element_start('Image', array('rdf:about' => $avatar->url)); - foreach (array(AVATAR_PROFILE_SIZE, AVATAR_STREAM_SIZE, AVATAR_MINI_SIZE) as $size) { - $scaled = $profile->getAvatar($size); - if (!$scaled->original) { # sometimes the original has one of our scaled sizes - common_element_start('thumbnail'); - common_element('Image', array('rdf:about' => $scaled->url)); - common_element_end('thumbnail'); - } - } - common_element_end('Image'); - common_element_end('img'); - } - - # Get people user is subscribed to - - $person = array(); - - $sub = new Subscription(); - $sub->subscriber = $profile->id; - $sub->whereAdd('subscriber != subscribed'); - - if ($sub->find()) { - while ($sub->fetch()) { - if ($sub->token) { - $other = Remote_profile::staticGet('id', $sub->subscribed); - } else { - $other = User::staticGet('id', $sub->subscribed); - } - if (!$other) { - common_debug('Got a bad subscription: '.print_r($sub,true)); - continue; - } - common_element('knows', array('rdf:resource' => $other->uri)); - $person[$other->uri] = array(LISTENEE, $other); - } - } - - # Get people who subscribe to user - - $sub = new Subscription(); - $sub->subscribed = $profile->id; - $sub->whereAdd('subscriber != subscribed'); - - if ($sub->find()) { - while ($sub->fetch()) { - if ($sub->token) { - $other = Remote_profile::staticGet('id', $sub->subscriber); - } else { - $other = User::staticGet('id', $sub->subscriber); - } - if (!$other) { - common_debug('Got a bad subscription: '.print_r($sub,true)); - continue; - } - if (array_key_exists($other->uri, $person)) { - $person[$other->uri][0] = BOTH; - } else { - $person[$other->uri] = array(LISTENER, $other); - } - } - } - - common_element_end('Person'); - - foreach ($person as $uri => $p) { - $foaf_url = null; - if ($p[1] instanceof User) { - $foaf_url = common_local_url('foaf', array('nickname' => $p[1]->nickname)); - } - $profile = Profile::staticGet($p[1]->id); - common_element_start('Person', array('rdf:about' => $uri)); - if ($p[0] == LISTENER || $p[0] == BOTH) { - common_element('knows', array('rdf:resource' => $user->uri)); - } - $this->show_microblogging_account($profile, ($p[1] instanceof User) ? - common_root_url() : null); - if ($foaf_url) { - common_element('rdfs:seeAlso', array('rdf:resource' => $foaf_url)); - } - common_element_end('Person'); - if ($foaf_url) { - $this->show_ppd($foaf_url, $uri); - } - } - - common_element_end('rdf:RDF'); - } - - function show_ppd($foaf_url, $person_uri) - { - common_element_start('PersonalProfileDocument', array('rdf:about' => $foaf_url)); - common_element('maker', array('rdf:resource' => $person_uri)); - common_element('primaryTopic', array('rdf:resource' => $person_uri)); - common_element_end('PersonalProfileDocument'); - } - - function show_microblogging_account($profile, $service=null) - { - # Their account - common_element_start('holdsAccount'); - common_element_start('OnlineAccount'); - if ($service) { - common_element('accountServiceHomepage', array('rdf:resource' => - $service)); - } - common_element('accountName', null, $profile->nickname); - common_element('homepage', array('rdf:resource' => $profile->profileurl)); - common_element_end('OnlineAccount'); - common_element_end('holdsAccount'); - } -} diff --git a/_darcs/pristine/actions/imsettings.php b/_darcs/pristine/actions/imsettings.php deleted file mode 100644 index 8ecf200ec..000000000 --- a/_darcs/pristine/actions/imsettings.php +++ /dev/null @@ -1,280 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); -require_once(INSTALLDIR.'/lib/jabber.php'); - -class ImsettingsAction extends SettingsAction -{ - - function get_instructions() - { - return _('You can send and receive notices through Jabber/GTalk [instant messages](%%doc.im%%). Configure your address and settings below.'); - } - - function show_form($msg=null, $success=false) - { - $user = common_current_user(); - $this->form_header(_('IM Settings'), $msg, $success); - common_element_start('form', array('method' => 'post', - 'id' => 'imsettings', - 'action' => - common_local_url('imsettings'))); - common_hidden('token', common_session_token()); - - common_element('h2', null, _('Address')); - - if ($user->jabber) { - common_element_start('p'); - common_element('span', 'address confirmed', $user->jabber); - common_element('span', 'input_instructions', - _('Current confirmed Jabber/GTalk address.')); - common_hidden('jabber', $user->jabber); - common_element_end('p'); - common_submit('remove', _('Remove')); - } else { - $confirm = $this->get_confirmation(); - if ($confirm) { - common_element_start('p'); - common_element('span', 'address unconfirmed', $confirm->address); - common_element('span', 'input_instructions', - sprintf(_('Awaiting confirmation on this address. Check your Jabber/GTalk account for a message with further instructions. (Did you add %s to your buddy list?)'), jabber_daemon_address())); - common_hidden('jabber', $confirm->address); - common_element_end('p'); - common_submit('cancel', _('Cancel')); - } else { - common_input('jabber', _('IM Address'), - ($this->arg('jabber')) ? $this->arg('jabber') : null, - sprintf(_('Jabber or GTalk address, like "UserName@example.org". First, make sure to add %s to your buddy list in your IM client or on GTalk.'), jabber_daemon_address())); - common_submit('add', _('Add')); - } - } - - common_element('h2', null, _('Preferences')); - - common_checkbox('jabbernotify', - _('Send me notices through Jabber/GTalk.'), - $user->jabbernotify); - common_checkbox('updatefrompresence', - _('Post a notice when my Jabber/GTalk status changes.'), - $user->updatefrompresence); - common_checkbox('jabberreplies', - _('Send me replies through Jabber/GTalk from people I\'m not subscribed to.'), - $user->jabberreplies); - common_checkbox('jabbermicroid', - _('Publish a MicroID for my Jabber/GTalk address.'), - $user->jabbermicroid); - common_submit('save', _('Save')); - - common_element_end('form'); - common_show_footer(); - } - - function get_confirmation() - { - $user = common_current_user(); - $confirm = new Confirm_address(); - $confirm->user_id = $user->id; - $confirm->address_type = 'jabber'; - if ($confirm->find(true)) { - return $confirm; - } else { - return null; - } - } - - function handle_post() - { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_preferences(); - } else if ($this->arg('add')) { - $this->add_address(); - } else if ($this->arg('cancel')) { - $this->cancel_confirmation(); - } else if ($this->arg('remove')) { - $this->remove_address(); - } else { - $this->show_form(_('Unexpected form submission.')); - } - } - - function save_preferences() - { - - $jabbernotify = $this->boolean('jabbernotify'); - $updatefrompresence = $this->boolean('updatefrompresence'); - $jabberreplies = $this->boolean('jabberreplies'); - $jabbermicroid = $this->boolean('jabbermicroid'); - - $user = common_current_user(); - - assert(!is_null($user)); # should already be checked - - $user->query('BEGIN'); - - $original = clone($user); - - $user->jabbernotify = $jabbernotify; - $user->updatefrompresence = $updatefrompresence; - $user->jabberreplies = $jabberreplies; - $user->jabbermicroid = $jabbermicroid; - - $result = $user->update($original); - - if ($result === false) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - - $user->query('COMMIT'); - - $this->show_form(_('Preferences saved.'), true); - } - - function add_address() - { - - $user = common_current_user(); - - $jabber = $this->trimmed('jabber'); - - # Some validation - - if (!$jabber) { - $this->show_form(_('No Jabber ID.')); - return; - } - - $jabber = jabber_normalize_jid($jabber); - - if (!$jabber) { - $this->show_form(_('Cannot normalize that Jabber ID')); - return; - } - if (!jabber_valid_base_jid($jabber)) { - $this->show_form(_('Not a valid Jabber ID')); - return; - } else if ($user->jabber == $jabber) { - $this->show_form(_('That is already your Jabber ID.')); - return; - } else if ($this->jabber_exists($jabber)) { - $this->show_form(_('Jabber ID already belongs to another user.')); - return; - } - - $confirm = new Confirm_address(); - $confirm->address = $jabber; - $confirm->address_type = 'jabber'; - $confirm->user_id = $user->id; - $confirm->code = common_confirmation_code(64); - - $result = $confirm->insert(); - - if ($result === false) { - common_log_db_error($confirm, 'INSERT', __FILE__); - common_server_error(_('Couldn\'t insert confirmation code.')); - return; - } - - if (!common_config('queue', 'enabled')) { - jabber_confirm_address($confirm->code, - $user->nickname, - $jabber); - } - - $msg = sprintf(_('A confirmation code was sent to the IM address you added. You must approve %s for sending messages to you.'), jabber_daemon_address()); - - $this->show_form($msg, true); - } - - function cancel_confirmation() - { - $jabber = $this->arg('jabber'); - $confirm = $this->get_confirmation(); - if (!$confirm) { - $this->show_form(_('No pending confirmation to cancel.')); - return; - } - if ($confirm->address != $jabber) { - $this->show_form(_('That is the wrong IM address.')); - return; - } - - $result = $confirm->delete(); - - if (!$result) { - common_log_db_error($confirm, 'DELETE', __FILE__); - $this->server_error(_('Couldn\'t delete email confirmation.')); - return; - } - - $this->show_form(_('Confirmation cancelled.'), true); - } - - function remove_address() - { - - $user = common_current_user(); - $jabber = $this->arg('jabber'); - - # Maybe an old tab open...? - - if ($user->jabber != $jabber) { - $this->show_form(_('That is not your Jabber ID.')); - return; - } - - $user->query('BEGIN'); - $original = clone($user); - $user->jabber = null; - $result = $user->updateKeys($original); - if (!$result) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - $user->query('COMMIT'); - - # XXX: unsubscribe to the old address - - $this->show_form(_('The address was removed.'), true); - } - - function jabber_exists($jabber) - { - $user = common_current_user(); - $other = User::staticGet('jabber', $jabber); - if (!$other) { - return false; - } else { - return $other->id != $user->id; - } - } -} diff --git a/_darcs/pristine/actions/inbox.php b/_darcs/pristine/actions/inbox.php deleted file mode 100644 index da27814a6..000000000 --- a/_darcs/pristine/actions/inbox.php +++ /dev/null @@ -1,126 +0,0 @@ -. - * - * @category Message - * @package Laconica - * @author Evan Prodromou - * @copyright 2008 Control Yourself, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - */ - -if (!defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/mailbox.php'; - -/** - * action handler for message inbox - * - * @category Message - * @package Laconica - * @author Evan Prodromou - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - * @see MailboxAction - */ - -class InboxAction extends MailboxAction -{ - /** - * returns the title of the page - * - * @param User $user current user - * @param int $page current page - * - * @return string localised title of the page - * - * @see MailboxAction::getTitle() - */ - - function getTitle($user, $page) - { - if ($page > 1) { - $title = sprintf(_("Inbox for %s - page %d"), $user->nickname, $page); - } else { - $title = sprintf(_("Inbox for %s"), $user->nickname); - } - return $title; - } - - /** - * retrieve the messages for this user and this page - * - * Does a query for the right messages - * - * @param User $user The current user - * @param int $page The page the user is on - * - * @return Message data object with stream for messages - * - * @see MailboxAction::getMessages() - */ - - function getMessages($user, $page) - { - $message = new Message(); - - $message->to_profile = $user->id; - - $message->orderBy('created DESC, id DESC'); - $message->limit((($page-1)*MESSAGES_PER_PAGE), MESSAGES_PER_PAGE + 1); - - if ($message->find()) { - return $message; - } else { - return null; - } - } - - /** - * returns the profile we want to show with the message - * - * For inboxes, we show the sender. - * - * @param Message $message The message to get the profile for - * - * @return Profile The profile of the message sender - * - * @see MailboxAction::getMessageProfile() - */ - - function getMessageProfile($message) - { - return $message->getFrom(); - } - - /** - * instructions for using this page - * - * @return string localised instructions for using the page - */ - - function getInstructions() - { - return _('This is your inbox, which lists your incoming private messages.'); - } -} diff --git a/_darcs/pristine/actions/invite.php b/_darcs/pristine/actions/invite.php deleted file mode 100644 index 80e022a3d..000000000 --- a/_darcs/pristine/actions/invite.php +++ /dev/null @@ -1,206 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class InviteAction extends Action -{ - - function is_readonly() - { - return false; - } - - function handle($args) - { - parent::handle($args); - if (!common_logged_in()) { - $this->client_error(sprintf(_('You must be logged in to invite other users to use %s'), - common_config('site', 'name'))); - return; - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->send_invitations(); - } else { - $this->show_form(); - } - } - - function send_invitations() - { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - $user = common_current_user(); - $profile = $user->getProfile(); - - $bestname = $profile->getBestName(); - $sitename = common_config('site', 'name'); - $personal = $this->trimmed('personal'); - - $addresses = explode("\n", $this->trimmed('addresses')); - - foreach ($addresses as $email) { - $email = trim($email); - if (!Validate::email($email, true)) { - $this->show_form(sprintf(_('Invalid email address: %s'), $email)); - return; - } - } - - $already = array(); - $subbed = array(); - - foreach ($addresses as $email) { - $email = common_canonical_email($email); - $other = User::staticGet('email', $email); - if ($other) { - if ($user->isSubscribed($other)) { - $already[] = $other; - } else { - subs_subscribe_to($user, $other); - $subbed[] = $other; - } - } else { - $sent[] = $email; - $this->send_invitation($email, $user, $personal); - } - } - - common_show_header(_('Invitation(s) sent')); - if ($already) { - common_element('p', null, _('You are already subscribed to these users:')); - common_element_start('ul'); - foreach ($already as $other) { - common_element('li', null, sprintf(_('%s (%s)'), $other->nickname, $other->email)); - } - common_element_end('ul'); - } - if ($subbed) { - common_element('p', null, _('These people are already users and you were automatically subscribed to them:')); - common_element_start('ul'); - foreach ($subbed as $other) { - common_element('li', null, sprintf(_('%s (%s)'), $other->nickname, $other->email)); - } - common_element_end('ul'); - } - if ($sent) { - common_element('p', null, _('Invitation(s) sent to the following people:')); - common_element_start('ul'); - foreach ($sent as $other) { - common_element('li', null, $other); - } - common_element_end('ul'); - common_element('p', null, _('You will be notified when your invitees accept the invitation and register on the site. Thanks for growing the community!')); - } - common_show_footer(); - } - - function show_top($error=null) - { - if ($error) { - common_element('p', 'error', $error); - } else { - common_element_start('div', 'instructions'); - common_element('p', null, - _('Use this form to invite your friends and colleagues to use this service.')); - common_element_end('div'); - } - } - - function show_form($error=null) - { - - global $config; - - common_show_header(_('Invite new users'), null, $error, array($this, 'show_top')); - - common_element_start('form', array('method' => 'post', - 'id' => 'invite', - 'action' => common_local_url('invite'))); - common_hidden('token', common_session_token()); - - common_textarea('addresses', _('Email addresses'), - $this->trimmed('addresses'), - _('Addresses of friends to invite (one per line)')); - - common_textarea('personal', _('Personal message'), - $this->trimmed('personal'), - _('Optionally add a personal message to the invitation.')); - - common_submit('send', _('Send')); - - common_element_end('form'); - - common_show_footer(); - } - - function send_invitation($email, $user, $personal) - { - - $profile = $user->getProfile(); - $bestname = $profile->getBestName(); - - $sitename = common_config('site', 'name'); - - $invite = new Invitation(); - - $invite->address = $email; - $invite->address_type = 'email'; - $invite->code = common_confirmation_code(128); - $invite->user_id = $user->id; - $invite->created = common_sql_now(); - - if (!$invite->insert()) { - common_log_db_error($invite, 'INSERT', __FILE__); - return false; - } - - $recipients = array($email); - - $headers['From'] = mail_notify_from(); - $headers['To'] = $email; - $headers['Subject'] = sprintf(_('%1$s has invited you to join them on %2$s'), $bestname, $sitename); - - $body = sprintf(_("%1\$s has invited you to join them on %2\$s (%3\$s).\n\n". - "%2\$s is a micro-blogging service that lets you keep up-to-date with people you know and people who interest you.\n\n". - "You can also share news about yourself, your thoughts, or your life online with people who know about you. ". - "It's also great for meeting new people who share your interests.\n\n". - "%1\$s said:\n\n%4\$s\n\n". - "You can see %1\$s's profile page on %2\$s here:\n\n". - "%5\$s\n\n". - "If you'd like to try the service, click on the link below to accept the invitation.\n\n". - "%6\$s\n\n". - "If not, you can ignore this message. Thanks for your patience and your time.\n\n". - "Sincerely, %2\$s\n"), - $bestname, - $sitename, - common_root_url(), - $personal, - common_local_url('showstream', array('nickname' => $user->nickname)), - common_local_url('register', array('code' => $invite->code))); - - mail_send($recipients, $headers, $body); - } - -} diff --git a/_darcs/pristine/actions/login.php b/_darcs/pristine/actions/login.php deleted file mode 100644 index 8600d44fd..000000000 --- a/_darcs/pristine/actions/login.php +++ /dev/null @@ -1,159 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class LoginAction extends Action -{ - - function is_readonly() - { - return true; - } - - function handle($args) - { - parent::handle($args); - if (common_is_real_login()) { - common_user_error(_('Already logged in.')); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->check_login(); - } else { - $this->show_form(); - } - } - - function check_login() - { - # XXX: login throttle - - # CSRF protection - token set in common_notice_form() - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } - - $nickname = common_canonical_nickname($this->trimmed('nickname')); - $password = $this->arg('password'); - if (common_check_user($nickname, $password)) { - # success! - if (!common_set_user($nickname)) { - common_server_error(_('Error setting user.')); - return; - } - common_real_login(true); - if ($this->boolean('rememberme')) { - common_debug('Adding rememberme cookie for ' . $nickname); - common_rememberme(); - } - # success! - $url = common_get_returnto(); - if ($url) { - # We don't have to return to it again - common_set_returnto(null); - } else { - $url = common_local_url('all', - array('nickname' => - $nickname)); - } - common_redirect($url); - } else { - $this->show_form(_('Incorrect username or password.')); - return; - } - - # success! - if (!common_set_user($user)) { - common_server_error(_('Error setting user.')); - return; - } - - common_real_login(true); - - if ($this->boolean('rememberme')) { - common_debug('Adding rememberme cookie for ' . $nickname); - common_rememberme($user); - } - # success! - $url = common_get_returnto(); - if ($url) { - # We don't have to return to it again - common_set_returnto(null); - } else { - $url = common_local_url('all', - array('nickname' => - $nickname)); - } - common_redirect($url); - } - - function show_form($error=null) - { - common_show_header(_('Login'), null, $error, array($this, 'show_top')); - common_element_start('form', array('method' => 'post', - 'id' => 'login', - 'action' => common_local_url('login'))); - common_input('nickname', _('Nickname')); - common_password('password', _('Password')); - common_checkbox('rememberme', _('Remember me'), false, - _('Automatically login in the future; ' . - 'not for shared computers!')); - common_submit('submit', _('Login')); - common_hidden('token', common_session_token()); - common_element_end('form'); - common_element_start('p'); - common_element('a', array('href' => common_local_url('recoverpassword')), - _('Lost or forgotten password?')); - common_element_end('p'); - common_show_footer(); - } - - function get_instructions() - { - if (common_logged_in() && - !common_is_real_login() && - common_get_returnto()) - { - # rememberme logins have to reauthenticate before - # changing any profile settings (cookie-stealing protection) - return _('For security reasons, please re-enter your ' . - 'user name and password ' . - 'before changing your settings.'); - } else { - return _('Login with your username and password. ' . - 'Don\'t have a username yet? ' . - '[Register](%%action.register%%) a new account, or ' . - 'try [OpenID](%%action.openidlogin%%). '); - } - } - - function show_top($error=null) - { - if ($error) { - common_element('p', 'error', $error); - } else { - $instr = $this->get_instructions(); - $output = common_markup_to_html($instr); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - } - } -} diff --git a/_darcs/pristine/actions/logout.php b/_darcs/pristine/actions/logout.php deleted file mode 100644 index 201378730..000000000 --- a/_darcs/pristine/actions/logout.php +++ /dev/null @@ -1,44 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/openid.php'); - -class LogoutAction extends Action -{ - - function is_readonly() - { - return true; - } - - function handle($args) - { - parent::handle($args); - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - } else { - common_set_user(null); - common_real_login(false); # not logged in - common_forgetme(); # don't log back in! - common_redirect(common_local_url('public')); - } - } -} diff --git a/_darcs/pristine/actions/microsummary.php b/_darcs/pristine/actions/microsummary.php deleted file mode 100644 index 13ddc4e3e..000000000 --- a/_darcs/pristine/actions/microsummary.php +++ /dev/null @@ -1,48 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class MicrosummaryAction extends Action -{ - - function handle($args) - { - - parent::handle($args); - - $nickname = common_canonical_nickname($this->arg('nickname')); - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - $this->client_error(_('No such user'), 404); - return; - } - - $notice = $user->getCurrentNotice(); - - if (!$notice) { - $this->client_error(_('No current status'), 404); - } - - header('Content-Type: text/plain'); - - print $user->nickname . ': ' . $notice->content; - } -} diff --git a/_darcs/pristine/actions/newmessage.php b/_darcs/pristine/actions/newmessage.php deleted file mode 100644 index 27fa9d518..000000000 --- a/_darcs/pristine/actions/newmessage.php +++ /dev/null @@ -1,141 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class NewmessageAction extends Action -{ - - function handle($args) - { - parent::handle($args); - - if (!common_logged_in()) { - $this->client_error(_('Not logged in.'), 403); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->save_new_message(); - } else { - $this->show_form(); - } - } - - function save_new_message() - { - $user = common_current_user(); - assert($user); # XXX: maybe an error instead... - - # CSRF protection - - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - $content = $this->trimmed('content'); - $to = $this->trimmed('to'); - - if (!$content) { - $this->show_form(_('No content!')); - return; - } else { - $content_shortened = common_shorten_links($content); - - if (mb_strlen($content_shortened) > 140) { - common_debug("Content = '$content_shortened'", __FILE__); - common_debug("mb_strlen(\$content) = " . mb_strlen($content_shortened), __FILE__); - $this->show_form(_('That\'s too long. Max message size is 140 chars.')); - return; - } - } - - $other = User::staticGet('id', $to); - - if (!$other) { - $this->show_form(_('No recipient specified.')); - return; - } else if (!$user->mutuallySubscribed($other)) { - $this->client_error(_('You can\'t send a message to this user.'), 404); - return; - } else if ($user->id == $other->id) { - $this->client_error(_('Don\'t send a message to yourself; just say it to yourself quietly instead.'), 403); - return; - } - - $message = Message::saveNew($user->id, $other->id, $content, 'web'); - - if (is_string($message)) { - $this->show_form($message); - return; - } - - $this->notify($user, $other, $message); - - $url = common_local_url('outbox', array('nickname' => $user->nickname)); - - common_redirect($url, 303); - } - - function show_top($params) - { - - list($content, $user, $to) = $params; - - assert(!is_null($user)); - - common_message_form($content, $user, $to); - } - - function show_form($msg=null) - { - - $content = $this->trimmed('content'); - $user = common_current_user(); - - $to = $this->trimmed('to'); - - $other = User::staticGet('id', $to); - - if (!$other) { - $this->client_error(_('No such user'), 404); - return; - } - - if (!$user->mutuallySubscribed($other)) { - $this->client_error(_('You can\'t send a message to this user.'), 404); - return; - } - - common_show_header(_('New message'), null, - array($content, $user, $other), - array($this, 'show_top')); - - if ($msg) { - common_element('p', array('id'=>'error'), $msg); - } - - common_show_footer(); - } - - function notify($from, $to, $message) - { - mail_notify_message($message, $from, $to); - # XXX: Jabber, SMS notifications... probably queued - } -} diff --git a/_darcs/pristine/actions/newnotice.php b/_darcs/pristine/actions/newnotice.php deleted file mode 100644 index c412e893d..000000000 --- a/_darcs/pristine/actions/newnotice.php +++ /dev/null @@ -1,161 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once INSTALLDIR . '/lib/noticelist.php'; - -class NewnoticeAction extends Action -{ - - function handle($args) - { - parent::handle($args); - - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - - # CSRF protection - token set in common_notice_form() - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } - - $this->save_new_notice(); - } else { - $this->show_form(); - } - } - - function save_new_notice() - { - - $user = common_current_user(); - assert($user); # XXX: maybe an error instead... - $content = $this->trimmed('status_textarea'); - - if (!$content) { - $this->show_form(_('No content!')); - return; - } else { - $content_shortened = common_shorten_links($content); - - if (mb_strlen($content_shortened) > 140) { - common_debug("Content = '$content_shortened'", __FILE__); - common_debug("mb_strlen(\$content) = " . mb_strlen($content_shortened), __FILE__); - $this->show_form(_('That\'s too long. Max notice size is 140 chars.')); - return; - } - } - - $inter = new CommandInterpreter(); - - $cmd = $inter->handle_command($user, $content_shortened); - - if ($cmd) { - if ($this->boolean('ajax')) { - $cmd->execute(new AjaxWebChannel()); - } else { - $cmd->execute(new WebChannel()); - } - return; - } - - $replyto = $this->trimmed('inreplyto'); - - $notice = Notice::saveNew($user->id, $content, 'web', 1, ($replyto == 'false') ? null : $replyto); - - if (is_string($notice)) { - $this->show_form($notice); - return; - } - - common_broadcast_notice($notice); - - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Notice posted')); - common_element_end('head'); - common_element_start('body'); - $this->show_notice($notice); - common_element_end('body'); - common_element_end('html'); - } else { - $returnto = $this->trimmed('returnto'); - - if ($returnto) { - $url = common_local_url($returnto, - array('nickname' => $user->nickname)); - } else { - $url = common_local_url('shownotice', - array('notice' => $notice->id)); - } - common_redirect($url, 303); - } - } - - function ajax_error_msg($msg) - { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Ajax Error')); - common_element_end('head'); - common_element_start('body'); - common_element('p', array('id' => 'error'), $msg); - common_element_end('body'); - common_element_end('html'); - } - - function show_top($content=null) - { - common_notice_form(null, $content); - } - - function show_form($msg=null) - { - if ($msg && $this->boolean('ajax')) { - $this->ajax_error_msg($msg); - return; - } - $content = $this->trimmed('status_textarea'); - if (!$content) { - $replyto = $this->trimmed('replyto'); - $profile = Profile::staticGet('nickname', $replyto); - if ($profile) { - $content = '@' . $profile->nickname . ' '; - } - } - common_show_header(_('New notice'), null, $content, - array($this, 'show_top')); - if ($msg) { - common_element('p', array('id' => 'error'), $msg); - } - common_show_footer(); - } - - function show_notice($notice) - { - $nli = new NoticeListItem($notice); - $nli->show(); - } - -} diff --git a/_darcs/pristine/actions/noticesearch.php b/_darcs/pristine/actions/noticesearch.php deleted file mode 100644 index b36fc8ad2..000000000 --- a/_darcs/pristine/actions/noticesearch.php +++ /dev/null @@ -1,171 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/searchaction.php'); - -# XXX common parent for people and content search? - -class NoticesearchAction extends SearchAction -{ - - function get_instructions() - { - return _('Search for notices on %%site.name%% by their contents. Separate search terms by spaces; they must be 3 characters or more.'); - } - - function get_title() - { - return _('Text search'); - } - - function show_results($q, $page) - { - - $notice = new Notice(); - - # lcase it for comparison - $q = strtolower($q); - - $search_engine = $notice->getSearchEngine('identica_notices'); - - $search_engine->set_sort_mode('chron'); - # Ask for an extra to see if there's more. - $search_engine->limit((($page-1)*NOTICES_PER_PAGE), NOTICES_PER_PAGE + 1); - - if (false === $search_engine->query($q)) { - $cnt = 0; - } - else { - $cnt = $notice->find(); - } - if ($cnt > 0) { - $terms = preg_split('/[\s,]+/', $q); - common_element_start('ul', array('id' => 'notices')); - for ($i = 0; $i < min($cnt, NOTICES_PER_PAGE); $i++) { - if ($notice->fetch()) { - $this->show_notice($notice, $terms); - } else { - // shouldn't happen! - break; - } - } - common_element_end('ul'); - } else { - common_element('p', 'error', _('No results')); - } - - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'noticesearch', array('q' => $q)); - } - - function show_header($arr) - { - if ($arr) { - $q = $arr[0]; - } - if ($q) { - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('noticesearchrss', - array('q' => $q)), - 'type' => 'application/rss+xml', - 'title' => _('Search Stream Feed'))); - } - } - - # XXX: refactor and combine with StreamAction::show_notice() - - function show_notice($notice, $terms) - { - $profile = $notice->getProfile(); - if (!$profile) { - common_log_db_error($notice, 'SELECT', __FILE__); - $this->server_error(_('Notice without matching profile')); - return; - } - # XXX: RDFa - common_element_start('li', array('class' => 'notice_single', - 'id' => 'notice-' . $notice->id)); - $avatar = $profile->getAvatar(AVATAR_STREAM_SIZE); - common_element_start('a', array('href' => $profile->profileurl)); - common_element('img', array('src' => ($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_STREAM_SIZE), - 'class' => 'avatar stream', - 'width' => AVATAR_STREAM_SIZE, - 'height' => AVATAR_STREAM_SIZE, - 'alt' => - ($profile->fullname) ? $profile->fullname : - $profile->nickname)); - common_element_end('a'); - common_element('a', array('href' => $profile->profileurl, - 'class' => 'nickname'), - $profile->nickname); - # FIXME: URL, image, video, audio - common_element_start('p', array('class' => 'content')); - if ($notice->rendered) { - common_raw($this->highlight($notice->rendered, $terms)); - } else { - # XXX: may be some uncooked notices in the DB, - # we cook them right now. This should probably disappear in future - # versions (>> 0.4.x) - common_raw($this->highlight(common_render_content($notice->content, $notice), $terms)); - } - common_element_end('p'); - $noticeurl = common_local_url('shownotice', array('notice' => $notice->id)); - common_element_start('p', 'time'); - common_element('a', array('class' => 'permalink', - 'href' => $noticeurl, - 'title' => common_exact_date($notice->created)), - common_date_string($notice->created)); - if ($notice->reply_to) { - $replyurl = common_local_url('shownotice', array('notice' => $notice->reply_to)); - common_text(' ('); - common_element('a', array('class' => 'inreplyto', - 'href' => $replyurl), - _('in reply to...')); - common_text(')'); - } - common_element_start('a', - array('href' => common_local_url('newnotice', - array('replyto' => $profile->nickname)), - 'onclick' => 'doreply("'.$profile->nickname.'"); return false', - 'title' => _('reply'), - 'class' => 'replybutton')); - common_hidden('posttoken', common_session_token()); - - common_raw('→'); - common_element_end('a'); - common_element_end('p'); - common_element_end('li'); - } - - function highlight($text, $terms) - { - /* Highligh serach terms */ - $pattern = '/('.implode('|',array_map('htmlspecialchars', $terms)).')/i'; - $result = preg_replace($pattern, '\\1', $text); - - /* Remove highlighting from inside links, loop incase multiple highlights in links */ - $pattern = '/(href="[^"]*)('.implode('|',array_map('htmlspecialchars', $terms)).')<\/strong>([^"]*")/iU'; - do { - $result = preg_replace($pattern, '\\1\\2\\3', $result, -1, $count); - } while ($count); - return $result; - } -} diff --git a/_darcs/pristine/actions/noticesearchrss.php b/_darcs/pristine/actions/noticesearchrss.php deleted file mode 100644 index 20fe0ff2a..000000000 --- a/_darcs/pristine/actions/noticesearchrss.php +++ /dev/null @@ -1,75 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/rssaction.php'); - -// Formatting of RSS handled by Rss10Action - -class NoticesearchrssAction extends Rss10Action -{ - - function init() - { - return true; - } - - function get_notices($limit=0) - { - - $q = $this->trimmed('q'); - $notices = array(); - - $notice = new Notice(); - - # lcase it for comparison - $q = strtolower($q); - - $search_engine = $notice->getSearchEngine('identica_notices'); - $search_engine->set_sort_mode('chron'); - - if (!$limit) $limit = 20; - $search_engine->limit(0, $limit, true); - $search_engine->query($q); - $notice->find(); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - return $notices; - } - - function get_channel() - { - global $config; - $q = $this->trimmed('q'); - $c = array('url' => common_local_url('noticesearchrss', array('q' => $q)), - 'title' => $config['site']['name'] . sprintf(_(' Search Stream for "%s"'), $q), - 'link' => common_local_url('noticesearch', array('q' => $q)), - 'description' => sprintf(_('All updates matching search term "%s"'), $q)); - return $c; - } - - function get_image() - { - return null; - } -} diff --git a/_darcs/pristine/actions/nudge.php b/_darcs/pristine/actions/nudge.php deleted file mode 100644 index a6480a582..000000000 --- a/_darcs/pristine/actions/nudge.php +++ /dev/null @@ -1,87 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/mail.php'); - -class NudgeAction extends Action -{ - - function handle($args) - { - parent::handle($args); - - if (!common_logged_in()) { - $this->client_error(_('Not logged in.')); - return; - } - - $user = common_current_user(); - $other = User::staticGet('nickname', $this->arg('nickname')); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('showstream', array('nickname' => $other->nickname))); - return; - } - - # CSRF protection - - $token = $this->trimmed('token'); - - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } - - if (!$other->email || !$other->emailnotifynudge) { - $this->client_error(_('This user doesn\'t allow nudges or hasn\'t confirmed or set his email yet.')); - return; - } - - $this->notify($user, $other); - - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Nudge sent')); - common_element_end('head'); - common_element_start('body'); - common_nudge_response(); - common_element_end('body'); - common_element_end('html'); - } else { - // display a confirmation to the user - common_redirect(common_local_url('showstream', - array('nickname' => $other->nickname))); - } - } - - function notify($user, $other) - { - if ($other->id != $user->id) { - if ($other->email && $other->emailnotifynudge) { - mail_notify_nudge($user, $other); - } - # XXX: notify by IM - # XXX: notify by SMS - } - } -} - diff --git a/_darcs/pristine/actions/openidlogin.php b/_darcs/pristine/actions/openidlogin.php deleted file mode 100644 index 09679e372..000000000 --- a/_darcs/pristine/actions/openidlogin.php +++ /dev/null @@ -1,97 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/openid.php'); - -class OpenidloginAction extends Action -{ - - function handle($args) - { - parent::handle($args); - if (common_logged_in()) { - common_user_error(_('Already logged in.')); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $openid_url = $this->trimmed('openid_url'); - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.'), $openid_url); - return; - } - - $rememberme = $this->boolean('rememberme'); - - common_ensure_session(); - - $_SESSION['openid_rememberme'] = $rememberme; - - $result = oid_authenticate($openid_url, - 'finishopenidlogin'); - - if (is_string($result)) { # error message - unset($_SESSION['openid_rememberme']); - $this->show_form($result, $openid_url); - } - } else { - $openid_url = oid_get_last(); - $this->show_form(null, $openid_url); - } - } - - function get_instructions() - { - return _('Login with an [OpenID](%%doc.openid%%) account.'); - } - - function show_top($error=null) - { - if ($error) { - common_element('div', array('class' => 'error'), $error); - } else { - $instr = $this->get_instructions(); - $output = common_markup_to_html($instr); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - } - } - - function show_form($error=null, $openid_url) - { - common_show_header(_('OpenID Login'), null, $error, array($this, 'show_top')); - $formaction = common_local_url('openidlogin'); - common_element_start('form', array('method' => 'post', - 'id' => 'openidlogin', - 'action' => $formaction)); - common_hidden('token', common_session_token()); - common_input('openid_url', _('OpenID URL'), - $openid_url, - _('Your OpenID URL')); - common_checkbox('rememberme', _('Remember me'), false, - _('Automatically login in the future; ' . - 'not for shared computers!')); - common_submit('submit', _('Login')); - common_element_end('form'); - common_show_footer(); - } -} diff --git a/_darcs/pristine/actions/openidsettings.php b/_darcs/pristine/actions/openidsettings.php deleted file mode 100644 index 039236048..000000000 --- a/_darcs/pristine/actions/openidsettings.php +++ /dev/null @@ -1,161 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); -require_once(INSTALLDIR.'/lib/openid.php'); - -class OpenidsettingsAction extends SettingsAction -{ - - function get_instructions() - { - return _('[OpenID](%%doc.openid%%) lets you log into many sites ' . - ' with the same user account. '. - ' Manage your associated OpenIDs from here.'); - } - - function show_form($msg=null, $success=false) - { - - $user = common_current_user(); - - $this->form_header(_('OpenID settings'), $msg, $success); - - common_element_start('form', array('method' => 'post', - 'id' => 'openidadd', - 'action' => - common_local_url('openidsettings'))); - common_hidden('token', common_session_token()); - common_element('h2', null, _('Add OpenID')); - common_element('p', null, - _('If you want to add an OpenID to your account, ' . - 'enter it in the box below and click "Add".')); - common_element_start('p'); - common_element('label', array('for' => 'openid_url'), - _('OpenID URL')); - common_element('input', array('name' => 'openid_url', - 'type' => 'text', - 'id' => 'openid_url')); - common_element('input', array('type' => 'submit', - 'id' => 'add', - 'name' => 'add', - 'class' => 'submit', - 'value' => _('Add'))); - common_element_end('p'); - common_element_end('form'); - - $oid = new User_openid(); - $oid->user_id = $user->id; - - $cnt = $oid->find(); - - if ($cnt > 0) { - - common_element('h2', null, _('Remove OpenID')); - - if ($cnt == 1 && !$user->password) { - - common_element('p', null, - _('Removing your only OpenID would make it impossible to log in! ' . - 'If you need to remove it, add another OpenID first.')); - - if ($oid->fetch()) { - common_element_start('p'); - common_element('a', array('href' => $oid->canonical), - $oid->display); - common_element_end('p'); - } - - } else { - - common_element('p', null, - _('You can remove an OpenID from your account '. - 'by clicking the button marked "Remove".')); - $idx = 0; - - while ($oid->fetch()) { - common_element_start('form', array('method' => 'POST', - 'id' => 'openiddelete' . $idx, - 'action' => - common_local_url('openidsettings'))); - common_element_start('p'); - common_hidden('token', common_session_token()); - common_element('a', array('href' => $oid->canonical), - $oid->display); - common_element('input', array('type' => 'hidden', - 'id' => 'openid_url'.$idx, - 'name' => 'openid_url', - 'value' => $oid->canonical)); - common_element('input', array('type' => 'submit', - 'id' => 'remove'.$idx, - 'name' => 'remove', - 'class' => 'submit', - 'value' => _('Remove'))); - common_element_end('p'); - common_element_end('form'); - $idx++; - } - } - } - - common_show_footer(); - } - - function handle_post() - { - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('add')) { - $result = oid_authenticate($this->trimmed('openid_url'), 'finishaddopenid'); - if (is_string($result)) { # error message - $this->show_form($result); - } - } else if ($this->arg('remove')) { - $this->remove_openid(); - } else { - $this->show_form(_('Something weird happened.')); - } - } - - function remove_openid() - { - - $openid_url = $this->trimmed('openid_url'); - $oid = User_openid::staticGet('canonical', $openid_url); - if (!$oid) { - $this->show_form(_('No such OpenID.')); - return; - } - $cur = common_current_user(); - if (!$cur || $oid->user_id != $cur->id) { - $this->show_form(_('That OpenID does not belong to you.')); - return; - } - $oid->delete(); - $this->show_form(_('OpenID removed.'), true); - return; - } -} diff --git a/_darcs/pristine/actions/opensearch.php b/_darcs/pristine/actions/opensearch.php deleted file mode 100644 index 96691fa6f..000000000 --- a/_darcs/pristine/actions/opensearch.php +++ /dev/null @@ -1,61 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class OpensearchAction extends Action -{ - - function handle($args) - { - - parent::handle($args); - - $type = $this->trimmed('type'); - - $short_name = ''; - if ($type == 'people') { - $type = 'peoplesearch'; - $short_name = _('People Search'); - } else { - $short_name = _('Notice Search'); - $type = 'noticesearch'; - } - - header('Content-Type: text/html'); - - common_start_xml(); - common_element_start('OpenSearchDescription', array('xmlns' => 'http://a9.com/-/spec/opensearch/1.1/')); - - $short_name = common_config('site', 'name').' '.$short_name; - common_element('ShortName', null, $short_name); - common_element('Contact', null, common_config('site', 'email')); - common_element('Url', array('type' => 'text/html', 'method' => 'get', - 'template' => str_replace('---', '{searchTerms}', common_local_url($type, array('q' => '---'))))); - common_element('Image', array('height' => 16, 'width' => 16, 'type' => 'image/vnd.microsoft.icon'), common_path('favicon.ico')); - common_element('Image', array('height' => 50, 'width' => 50, 'type' => 'image/png'), theme_path('logo.png')); - common_element('AdultContent', null, 'false'); - common_element('Language', null, common_language()); - common_element('OutputEncoding', null, 'UTF-8'); - common_element('InputEncoding', null, 'UTF-8'); - - common_element_end('OpenSearchDescription'); - common_end_xml(); - } -} diff --git a/_darcs/pristine/actions/othersettings.php b/_darcs/pristine/actions/othersettings.php deleted file mode 100644 index c2f08934c..000000000 --- a/_darcs/pristine/actions/othersettings.php +++ /dev/null @@ -1,188 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); - -class OthersettingsAction extends SettingsAction -{ - - function get_instructions() - { - return _('Manage various other options.'); - } - - function show_form($msg=null, $success=false) - { - $user = common_current_user(); - - $this->form_header(_('Other Settings'), $msg, $success); - - common_element('h2', null, _('URL Auto-shortening')); - common_element_start('form', array('method' => 'post', - 'id' => 'othersettings', - 'action' => - common_local_url('othersettings'))); - common_hidden('token', common_session_token()); - - $services = array( - '' => 'None', - 'ur1.ca' => 'ur1.ca (free service)', - '2tu.us' => '2tu.us (free service)', - 'ptiturl.com' => 'ptiturl.com', - 'bit.ly' => 'bit.ly', - 'tinyurl.com' => 'tinyurl.com', - 'is.gd' => 'is.gd', - 'snipr.com' => 'snipr.com', - 'metamark.net' => 'metamark.net' - ); - - common_dropdown('urlshorteningservice', _('Service'), $services, _('Automatic shortening service to use.'), false, $user->urlshorteningservice); - - common_submit('save', _('Save')); - - common_element_end('form'); - -// common_element('h2', null, _('Delete my account')); -// $this->show_delete_form(); - - common_show_footer(); - } - - function show_feeds_list($feeds) - { - common_element_start('div', array('class' => 'feedsdel')); - common_element('p', null, 'Feeds:'); - common_element_start('ul', array('class' => 'xoxo')); - - foreach ($feeds as $key => $value) { - $this->common_feed_item($feeds[$key]); - } - common_element_end('ul'); - common_element_end('div'); - } - - //TODO move to common.php (and retrace its origin) - function common_feed_item($feed) - { - $user = common_current_user(); - $nickname = $user->nickname; - - switch($feed['item']) { - case 'notices': default: - $feed_classname = $feed['type']; - $feed_mimetype = "application/".$feed['type']."+xml"; - $feed_title = "$nickname's ".$feed['version']." notice feed"; - $feed['textContent'] = "RSS"; - break; - - case 'foaf': - $feed_classname = "foaf"; - $feed_mimetype = "application/".$feed['type']."+xml"; - $feed_title = "$nickname's FOAF file"; - $feed['textContent'] = "FOAF"; - break; - } - common_element_start('li'); - common_element('a', array('href' => $feed['href'], - 'class' => $feed_classname, - 'type' => $feed_mimetype, - 'title' => $feed_title), - $feed['textContent']); - common_element_end('li'); - } - -// function show_delete_form() { -// $user = common_current_user(); -// $notices = DB_DataObject::factory('notice'); -// $notices->profile_id = $user->id; -// $notice_count = (int) $notices->count(); -// -// common_element_start('form', array('method' => 'POST', -// 'id' => 'delete', -// 'action' => -// common_local_url('deleteprofile'))); -// -// common_hidden('token', common_session_token()); -// common_element('p', null, "You can copy your notices and contacts by saving the two links below before deleting your account. Be careful, this operation cannot be undone."); -// -// $this->show_feeds_list(array(0=>array('href'=>common_local_url('userrss', array('limit' => $notice_count, 'nickname' => $user->nickname)), -// 'type' => 'rss', -// 'version' => 'RSS 1.0', -// 'item' => 'notices'), -// 1=>array('href'=>common_local_url('foaf',array('nickname' => $user->nickname)), -// 'type' => 'rdf', -// 'version' => 'FOAF', -// 'item' => 'foaf'))); -// -// common_submit('deleteaccount', _('Delete my account')); -// common_element_end('form'); -// } - - function handle_post() - { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_preferences(); - }else { - $this->show_form(_('Unexpected form submission.')); - } - } - - function save_preferences() - { - - $urlshorteningservice = $this->trimmed('urlshorteningservice'); - - if (!is_null($urlshorteningservice) && strlen($urlshorteningservice) > 50) { - $this->show_form(_('URL shortening service is too long (max 50 chars).')); - return; - } - - $user = common_current_user(); - - assert(!is_null($user)); # should already be checked - - $user->query('BEGIN'); - - $original = clone($user); - - $user->urlshorteningservice = $urlshorteningservice; - - $result = $user->update($original); - - if ($result === false) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - - $user->query('COMMIT'); - - $this->show_form(_('Preferences saved.'), true); - } -} diff --git a/_darcs/pristine/actions/outbox.php b/_darcs/pristine/actions/outbox.php deleted file mode 100644 index 9fb6dbf9f..000000000 --- a/_darcs/pristine/actions/outbox.php +++ /dev/null @@ -1,125 +0,0 @@ -. - * - * @category Message - * @package Laconica - * @author Evan Prodromou - * @copyright 2008 Control Yourself, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - */ - -if (!defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/mailbox.php'; - -/** - * action handler for message outbox - * - * @category Message - * @package Laconica - * @author Evan Prodromou - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - * @see MailboxAction - */ - -class OutboxAction extends MailboxAction -{ - /** - * returns the title of the page - * - * @param User $user current user - * @param int $page current page - * - * @return string localised title of the page - * - * @see MailboxAction::getTitle() - */ - - function getTitle($user, $page) - { - if ($page > 1) { - $title = sprintf(_("Outbox for %s - page %d"), $user->nickname, $page); - } else { - $title = sprintf(_("Outbox for %s"), $user->nickname); - } - return $title; - } - - /** - * retrieve the messages for this user and this page - * - * Does a query for the right messages - * - * @param User $user The current user - * @param int $page The page the user is on - * - * @return Message data object with stream for messages - * - * @see MailboxAction::getMessages() - */ - - function getMessages($user, $page) - { - $message = new Message(); - - $message->from_profile = $user->id; - $message->orderBy('created DESC, id DESC'); - $message->limit((($page-1)*MESSAGES_PER_PAGE), MESSAGES_PER_PAGE + 1); - - if ($message->find()) { - return $message; - } else { - return null; - } - } - - /** - * returns the profile we want to show with the message - * - * For outboxes, we show the recipient. - * - * @param Message $message The message to get the profile for - * - * @return Profile The profile of the message recipient - * - * @see MailboxAction::getMessageProfile() - */ - - function getMessageProfile($message) - { - return $message->getTo(); - } - - /** - * instructions for using this page - * - * @return string localised instructions for using the page - */ - - function getInstructions() - { - return _('This is your outbox, which lists private messages you have sent.'); - } -} diff --git a/_darcs/pristine/actions/peoplesearch.php b/_darcs/pristine/actions/peoplesearch.php deleted file mode 100644 index 0d0fae4e5..000000000 --- a/_darcs/pristine/actions/peoplesearch.php +++ /dev/null @@ -1,91 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/searchaction.php'); -require_once(INSTALLDIR.'/lib/profilelist.php'); - -class PeoplesearchAction extends SearchAction -{ - - function get_instructions() - { - return _('Search for people on %%site.name%% by their name, location, or interests. ' . - 'Separate the terms by spaces; they must be 3 characters or more.'); - } - - function get_title() - { - return _('People search'); - } - - function show_results($q, $page) - { - - $profile = new Profile(); - - # lcase it for comparison - $q = strtolower($q); - - $search_engine = $profile->getSearchEngine('identica_people'); - - $search_engine->set_sort_mode('chron'); - # Ask for an extra to see if there's more. - $search_engine->limit((($page-1)*PROFILES_PER_PAGE), PROFILES_PER_PAGE + 1); - if (false === $search_engine->query($q)) { - $cnt = 0; - } - else { - $cnt = $profile->find(); - } - if ($cnt > 0) { - $terms = preg_split('/[\s,]+/', $q); - $results = new PeopleSearchResults($profile, $terms); - $results->show_list(); - } else { - common_element('p', 'error', _('No results')); - } - - $profile->free(); - - common_pagination($page > 1, $cnt > PROFILES_PER_PAGE, - $page, 'peoplesearch', array('q' => $q)); - } -} - -class PeopleSearchResults extends ProfileList -{ - - var $terms = null; - var $pattern = null; - - function __construct($profile, $terms) - { - parent::__construct($profile); - $this->terms = array_map('preg_quote', - array_map('htmlspecialchars', $terms)); - $this->pattern = '/('.implode('|',$terms).')/i'; - } - - function highlight($text) - { - return preg_replace($this->pattern, '\\1', htmlspecialchars($text)); - } -} diff --git a/_darcs/pristine/actions/peopletag.php b/_darcs/pristine/actions/peopletag.php deleted file mode 100644 index 13a0b7a41..000000000 --- a/_darcs/pristine/actions/peopletag.php +++ /dev/null @@ -1,109 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/profilelist.php'); - -class PeopletagAction extends Action -{ - - function handle($args) - { - - parent::handle($args); - - $tag = $this->trimmed('tag'); - - if (!common_valid_profile_tag($tag)) { - $this->client_error(sprintf(_('Not a valid people tag: %s'), $tag)); - return; - } - - $page = $this->trimmed('page'); - - if (!$page) { - $page = 1; - } - - # Looks like we're good; show the header - - common_show_header(sprintf(_('Users self-tagged with %s - page %d'), $tag, $page), - null, $tag, array($this, 'show_top')); - - $this->show_people($tag, $page); - - common_show_footer(); - } - - function show_people($tag, $page) - { - - $profile = new Profile(); - - $offset = ($page-1)*PROFILES_PER_PAGE; - $limit = PROFILES_PER_PAGE + 1; - - if (common_config('db','type') == 'pgsql') { - $lim = ' LIMIT ' . $limit . ' OFFSET ' . $offset; - } else { - $lim = ' LIMIT ' . $offset . ', ' . $limit; - } - - # XXX: memcached this - - $profile->query(sprintf('SELECT profile.* ' . - 'FROM profile JOIN profile_tag ' . - 'ON profile.id = profile_tag.tagger ' . - 'WHERE profile_tag.tagger = profile_tag.tagged ' . - 'AND tag = "%s" ' . - 'ORDER BY profile_tag.modified DESC ' . - $lim, $tag)); - - $pl = new ProfileList($profile); - $cnt = $pl->show_list(); - - common_pagination($page > 1, - $cnt > PROFILES_PER_PAGE, - $page, - $this->trimmed('action'), - array('tag' => $tag)); - } - - function show_top($tag) - { - $instr = sprintf(_('These are users who have tagged themselves "%s" ' . - 'to show a common interest, characteristic, hobby or job.'), $tag); - common_element_start('div', 'instructions'); - common_element_start('p'); - common_text($instr); - common_element_end('p'); - common_element_end('div'); - } - - function get_title() - { - return null; - } - - function show_header($arr) - { - return; - } -} diff --git a/_darcs/pristine/actions/postnotice.php b/_darcs/pristine/actions/postnotice.php deleted file mode 100644 index dec62a678..000000000 --- a/_darcs/pristine/actions/postnotice.php +++ /dev/null @@ -1,91 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/omb.php'); - -class PostnoticeAction extends Action -{ - function handle($args) - { - parent::handle($args); - try { - common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); - # Note: server-to-server function! - $server = omb_oauth_server(); - list($consumer, $token) = $server->verify_request($req); - if ($this->save_notice($req, $consumer, $token)) { - print "omb_version=".OMB_VERSION_01; - } - } catch (OAuthException $e) { - common_server_error($e->getMessage()); - return; - } - } - - function save_notice(&$req, &$consumer, &$token) - { - $version = $req->get_parameter('omb_version'); - if ($version != OMB_VERSION_01) { - common_user_error(_('Unsupported OMB version'), 400); - return false; - } - # First, check to see - $listenee = $req->get_parameter('omb_listenee'); - $remote_profile = Remote_profile::staticGet('uri', $listenee); - if (!$remote_profile) { - common_user_error(_('Profile unknown'), 403); - return false; - } - $sub = Subscription::staticGet('token', $token->key); - if (!$sub) { - common_user_error(_('No such subscription'), 403); - return false; - } - $content = $req->get_parameter('omb_notice_content'); - $content_shortened = common_shorten_links($content); - if (mb_strlen($content_shortened) > 140) { - common_user_error(_('Invalid notice content'), 400); - return false; - } - $notice_uri = $req->get_parameter('omb_notice'); - if (!Validate::uri($notice_uri) && - !common_valid_tag($notice_uri)) { - common_user_error(_('Invalid notice uri'), 400); - return false; - } - $notice_url = $req->get_parameter('omb_notice_url'); - if ($notice_url && !common_valid_http_url($notice_url)) { - common_user_error(_('Invalid notice url'), 400); - return false; - } - $notice = Notice::staticGet('uri', $notice_uri); - if (!$notice) { - $notice = Notice::saveNew($remote_profile->id, $content, 'omb', false, 0, $notice_uri); - if (is_string($notice)) { - common_server_serror($notice, 500); - return false; - } - common_broadcast_notice($notice, true); - } - return true; - } -} diff --git a/_darcs/pristine/actions/profilesettings.php b/_darcs/pristine/actions/profilesettings.php deleted file mode 100644 index d861919b9..000000000 --- a/_darcs/pristine/actions/profilesettings.php +++ /dev/null @@ -1,484 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); - -class ProfilesettingsAction extends SettingsAction -{ - - function get_instructions() - { - return _('You can update your personal profile info here '. - 'so people know more about you.'); - } - - function show_form($msg=null, $success=false) - { - $this->form_header(_('Profile settings'), $msg, $success); - $this->show_settings_form(); - common_element('h2', null, _('Avatar')); - $this->show_avatar_form(); - common_element('h2', null, _('Change password')); - $this->show_password_form(); -// common_element('h2', null, _('Delete my account')); -// $this->show_delete_form(); - common_show_footer(); - } - - function handle_post() - { - - # CSRF protection - - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_profile(); - } else if ($this->arg('upload')) { - $this->upload_avatar(); - } else if ($this->arg('crop')) { - $this->crop_avatar(); - } else if ($this->arg('changepass')) { - $this->change_password(); - } else { - $this->show_form(_('Unexpected form submission.')); - } - - } - - function show_settings_form() - { - - $user = common_current_user(); - $profile = $user->getProfile(); - - common_element_start('form', array('method' => 'POST', - 'id' => 'profilesettings', - 'action' => common_local_url('profilesettings'))); - common_hidden('token', common_session_token()); - - # too much common patterns here... abstractable? - - common_input('nickname', _('Nickname'), - ($this->arg('nickname')) ? $this->arg('nickname') : $profile->nickname, - _('1-64 lowercase letters or numbers, no punctuation or spaces')); - common_input('fullname', _('Full name'), - ($this->arg('fullname')) ? $this->arg('fullname') : $profile->fullname); - common_input('homepage', _('Homepage'), - ($this->arg('homepage')) ? $this->arg('homepage') : $profile->homepage, - _('URL of your homepage, blog, or profile on another site')); - common_textarea('bio', _('Bio'), - ($this->arg('bio')) ? $this->arg('bio') : $profile->bio, - _('Describe yourself and your interests in 140 chars')); - common_input('location', _('Location'), - ($this->arg('location')) ? $this->arg('location') : $profile->location, - _('Where you are, like "City, State (or Region), Country"')); - common_input('tags', _('Tags'), - ($this->arg('tags')) ? $this->arg('tags') : implode(' ', $user->getSelfTags()), - _('Tags for yourself (letters, numbers, -, ., and _), comma- or space- separated')); - - $language = common_language(); - common_dropdown('language', _('Language'), get_nice_language_list(), _('Preferred language'), true, $language); - $timezone = common_timezone(); - $timezones = array(); - foreach(DateTimeZone::listIdentifiers() as $k => $v) { - $timezones[$v] = $v; - } - common_dropdown('timezone', _('Timezone'), $timezones, _('What timezone are you normally in?'), true, $timezone); - - common_checkbox('autosubscribe', _('Automatically subscribe to whoever subscribes to me (best for non-humans)'), - ($this->arg('autosubscribe')) ? $this->boolean('autosubscribe') : $user->autosubscribe); - - common_submit('save', _('Save')); - - common_element_end('form'); - - } - - function show_avatar_form() - { - - $user = common_current_user(); - $profile = $user->getProfile(); - - if (!$profile) { - common_log_db_error($user, 'SELECT', __FILE__); - $this->server_error(_('User without matching profile')); - return; - } - - $original = $profile->getOriginalAvatar(); - - - common_element_start('form', array('enctype' => 'multipart/form-data', - 'method' => 'POST', - 'id' => 'avatar', - 'action' => - common_local_url('profilesettings'))); - common_hidden('token', common_session_token()); - - if ($original) { - common_element_start('div', array('id'=>'avatar_original', 'class'=>'avatar_view')); - common_element('h3', null, _("Original:")); - common_element_start('div', array('id'=>'avatar_original_view')); - common_element('img', array('src' => $original->url, - 'class' => 'avatar original', - 'width' => $original->width, - 'height' => $original->height, - 'alt' => $user->nickname)); - common_element_end('div'); - common_element_end('div'); - } - - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - - if ($avatar) { - common_element_start('div', array('id'=>'avatar_preview', 'class'=>'avatar_view')); - common_element('h3', null, _("Preview:")); - common_element_start('div', array('id'=>'avatar_preview_view')); - common_element('img', array('src' => $original->url,//$avatar->url, - 'class' => 'avatar profile', - 'width' => AVATAR_PROFILE_SIZE, - 'height' => AVATAR_PROFILE_SIZE, - 'alt' => $user->nickname)); - common_element_end('div'); - common_element_end('div'); - - foreach(array('avatar_crop_x', 'avatar_crop_y', 'avatar_crop_w', 'avatar_crop_h') as $crop_info) { - common_element('input', array('name' => $crop_info, - 'type' => 'hidden', - 'id' => $crop_info)); - } - common_submit('crop', _('Crop')); - } - - common_element('input', array('name' => 'MAX_FILE_SIZE', - 'type' => 'hidden', - 'id' => 'MAX_FILE_SIZE', - 'value' => MAX_AVATAR_SIZE)); - - common_element_start('p'); - - common_element('input', array('name' => 'avatarfile', - 'type' => 'file', - 'id' => 'avatarfile')); - common_element_end('p'); - - common_submit('upload', _('Upload')); - common_element_end('form'); - - } - - function show_password_form() - { - - $user = common_current_user(); - common_element_start('form', array('method' => 'POST', - 'id' => 'password', - 'action' => - common_local_url('profilesettings'))); - - common_hidden('token', common_session_token()); - - # Users who logged in with OpenID won't have a pwd - if ($user->password) { - common_password('oldpassword', _('Old password')); - } - common_password('newpassword', _('New password'), - _('6 or more characters')); - common_password('confirm', _('Confirm'), - _('same as password above')); - common_submit('changepass', _('Change')); - common_element_end('form'); - } - - function save_profile() - { - $nickname = $this->trimmed('nickname'); - $fullname = $this->trimmed('fullname'); - $homepage = $this->trimmed('homepage'); - $bio = $this->trimmed('bio'); - $location = $this->trimmed('location'); - $autosubscribe = $this->boolean('autosubscribe'); - $language = $this->trimmed('language'); - $timezone = $this->trimmed('timezone'); - $tagstring = $this->trimmed('tags'); - - # Some validation - - if (!Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.')); - return; - } else if (!User::allowed_nickname($nickname)) { - $this->show_form(_('Not a valid nickname.')); - return; - } else if (!is_null($homepage) && (strlen($homepage) > 0) && - !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) { - $this->show_form(_('Homepage is not a valid URL.')); - return; - } else if (!is_null($fullname) && strlen($fullname) > 255) { - $this->show_form(_('Full name is too long (max 255 chars).')); - return; - } else if (!is_null($bio) && strlen($bio) > 140) { - $this->show_form(_('Bio is too long (max 140 chars).')); - return; - } else if (!is_null($location) && strlen($location) > 255) { - $this->show_form(_('Location is too long (max 255 chars).')); - return; - } else if (is_null($timezone) || !in_array($timezone, DateTimeZone::listIdentifiers())) { - $this->show_form(_('Timezone not selected.')); - return; - } else if ($this->nickname_exists($nickname)) { - $this->show_form(_('Nickname already in use. Try another one.')); - return; - } else if (!is_null($language) && strlen($language) > 50) { - $this->show_form(_('Language is too long (max 50 chars).')); - return; - } - - if ($tagstring) { - $tags = array_map('common_canonical_tag', preg_split('/[\s,]+/', $tagstring)); - } else { - $tags = array(); - } - - foreach ($tags as $tag) { - if (!common_valid_profile_tag($tag)) { - $this->show_form(sprintf(_('Invalid tag: "%s"'), $tag)); - return; - } - } - - $user = common_current_user(); - - $user->query('BEGIN'); - - if ($user->nickname != $nickname || - $user->language != $language || - $user->timezone != $timezone) { - - common_debug('Updating user nickname from ' . $user->nickname . ' to ' . $nickname, - __FILE__); - common_debug('Updating user language from ' . $user->language . ' to ' . $language, - __FILE__); - common_debug('Updating user timezone from ' . $user->timezone . ' to ' . $timezone, - __FILE__); - - $original = clone($user); - - $user->nickname = $nickname; - $user->language = $language; - $user->timezone = $timezone; - - $result = $user->updateKeys($original); - - if ($result === false) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } else { - # Re-initialize language environment if it changed - common_init_language(); - } - } - - # XXX: XOR - - if ($user->autosubscribe ^ $autosubscribe) { - - $original = clone($user); - - $user->autosubscribe = $autosubscribe; - - $result = $user->update($original); - - if ($result === false) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user for autosubscribe.')); - return; - } - } - - $profile = $user->getProfile(); - - $orig_profile = clone($profile); - - $profile->nickname = $user->nickname; - $profile->fullname = $fullname; - $profile->homepage = $homepage; - $profile->bio = $bio; - $profile->location = $location; - $profile->profileurl = common_profile_url($nickname); - - common_debug('Old profile: ' . common_log_objstring($orig_profile), __FILE__); - common_debug('New profile: ' . common_log_objstring($profile), __FILE__); - - $result = $profile->update($orig_profile); - - if (!$result) { - common_log_db_error($profile, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t save profile.')); - return; - } - - # Set the user tags - - $result = $user->setSelfTags($tags); - - if (!$result) { - common_server_error(_('Couldn\'t save tags.')); - return; - } - - $user->query('COMMIT'); - - common_broadcast_profile($profile); - - $this->show_form(_('Settings saved.'), true); - } - - - function upload_avatar() - { - switch ($_FILES['avatarfile']['error']) { - case UPLOAD_ERR_OK: # success, jump out - break; - case UPLOAD_ERR_INI_SIZE: - case UPLOAD_ERR_FORM_SIZE: - $this->show_form(_('That file is too big.')); - return; - case UPLOAD_ERR_PARTIAL: - @unlink($_FILES['avatarfile']['tmp_name']); - $this->show_form(_('Partial upload.')); - return; - default: - $this->show_form(_('System error uploading file.')); - return; - } - - $info = @getimagesize($_FILES['avatarfile']['tmp_name']); - - if (!$info) { - @unlink($_FILES['avatarfile']['tmp_name']); - $this->show_form(_('Not an image or corrupt file.')); - return; - } - - switch ($info[2]) { - case IMAGETYPE_GIF: - case IMAGETYPE_JPEG: - case IMAGETYPE_PNG: - break; - default: - $this->show_form(_('Unsupported image file format.')); - return; - } - - $user = common_current_user(); - $profile = $user->getProfile(); - - if ($profile->setOriginal($_FILES['avatarfile']['tmp_name'])) { - $this->show_form(_('Avatar updated.'), true); - } else { - $this->show_form(_('Failed updating avatar.')); - } - - @unlink($_FILES['avatarfile']['tmp_name']); - } - - function crop_avatar() { - - $user = common_current_user(); - $profile = $user->getProfile(); - - $x = $this->arg('avatar_crop_x'); - $y = $this->arg('avatar_crop_y'); - $w = $this->arg('avatar_crop_w'); - $h = $this->arg('avatar_crop_h'); - - if ($profile->crop_avatars($x, $y, $w, $h)) { - $this->show_form(_('Avatar updated.'), true); - } else { - $this->show_form(_('Failed updating avatar.')); - } - } - - function nickname_exists($nickname) - { - $user = common_current_user(); - $other = User::staticGet('nickname', $nickname); - if (!$other) { - return false; - } else { - return $other->id != $user->id; - } - } - - function change_password() - { - - $user = common_current_user(); - assert(!is_null($user)); # should already be checked - - # FIXME: scrub input - - $newpassword = $this->arg('newpassword'); - $confirm = $this->arg('confirm'); - $token = $this->arg('token'); - - if (0 != strcmp($newpassword, $confirm)) { - $this->show_form(_('Passwords don\'t match.')); - return; - } - - if ($user->password) { - $oldpassword = $this->arg('oldpassword'); - - if (!common_check_user($user->nickname, $oldpassword)) { - $this->show_form(_('Incorrect old password')); - return; - } - } - - $original = clone($user); - - $user->password = common_munge_password($newpassword, $user->id); - - $val = $user->validate(); - if ($val !== true) { - $this->show_form(_('Error saving user; invalid.')); - return; - } - - if (!$user->update($original)) { - common_server_error(_('Can\'t save new password.')); - return; - } - - $this->show_form(_('Password saved.'), true); - } -} diff --git a/_darcs/pristine/actions/public.php b/_darcs/pristine/actions/public.php deleted file mode 100644 index 039e885e6..000000000 --- a/_darcs/pristine/actions/public.php +++ /dev/null @@ -1,105 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/stream.php'); - -class PublicAction extends StreamAction -{ - - function handle($args) - { - parent::handle($args); - - $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - - header('X-XRDS-Location: '. common_local_url('publicxrds')); - - common_show_header(_('Public timeline'), - array($this, 'show_header'), null, - array($this, 'show_top')); - - # XXX: Public sidebar here? - - $this->show_notices($page); - - common_show_footer(); - } - - function show_top() - { - if (common_logged_in()) { - common_notice_form('public'); - } else { - $instr = $this->get_instructions(); - $output = common_markup_to_html($instr); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - } - - $this->public_views_menu(); - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('publicrss'), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'publicrss'), - 1=>array('href'=>common_local_url('publicatom'), - 'type' => 'atom', - 'version' => 'Atom 1.0', - 'item' => 'publicatom'))); - } - - function get_instructions() - { - return _('This is %%site.name%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . - 'based on the Free Software [Laconica](http://laconi.ca/) tool. ' . - '[Join now](%%action.register%%) to share notices about yourself with friends, family, and colleagues! ([Read more](%%doc.help%%))'); - } - - function show_header() - { - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('publicrss'), - 'type' => 'application/rss+xml', - 'title' => _('Public Stream Feed'))); - # for client side of OpenID authentication - common_element('meta', array('http-equiv' => 'X-XRDS-Location', - 'content' => common_local_url('publicxrds'))); - } - - function show_notices($page) - { - - $cnt = 0; - $notice = Notice::publicStream(($page-1)*NOTICES_PER_PAGE, - NOTICES_PER_PAGE + 1); - - if (!$notice) { - $this->server_error(_('Could not retrieve public stream.')); - return; - } - - $cnt = $this->show_notice_list($notice); - - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'public'); - } -} diff --git a/_darcs/pristine/actions/publicrss.php b/_darcs/pristine/actions/publicrss.php deleted file mode 100644 index 822bc2db7..000000000 --- a/_darcs/pristine/actions/publicrss.php +++ /dev/null @@ -1,62 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/rssaction.php'); - -// Formatting of RSS handled by Rss10Action - -class PublicrssAction extends Rss10Action -{ - - function init() - { - return true; - } - - function get_notices($limit=0) - { - - $notices = array(); - - $notice = Notice::publicStream(0, ($limit == 0) ? 48 : $limit); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - return $notices; - } - - function get_channel() - { - global $config; - $c = array('url' => common_local_url('publicrss'), - 'title' => sprintf(_('%s Public Stream'), $config['site']['name']), - 'link' => common_local_url('public'), - 'description' => sprintf(_('All updates for %s'), $config['site']['name'])); - return $c; - } - - function get_image() - { - return null; - } -} \ No newline at end of file diff --git a/_darcs/pristine/actions/publicxrds.php b/_darcs/pristine/actions/publicxrds.php deleted file mode 100644 index 3d731d79f..000000000 --- a/_darcs/pristine/actions/publicxrds.php +++ /dev/null @@ -1,83 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/openid.php'); - -# XXX: factor out similarities with XrdsAction - -class PublicxrdsAction extends Action -{ - - function is_readonly() - { - return true; - } - - function handle($args) - { - - parent::handle($args); - - header('Content-Type: application/xrds+xml'); - - common_start_xml(); - common_element_start('XRDS', array('xmlns' => 'xri://$xrds')); - - common_element_start('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - - common_element('Type', null, 'xri://$xrds*simple'); - - foreach (array('finishopenidlogin', 'finishaddopenid', 'finishimmediate') as $finish) { - $this->show_service(Auth_OpenID_RP_RETURN_TO_URL_TYPE, - common_local_url($finish)); - } - - common_element_end('XRD'); - - common_element_end('XRDS'); - common_end_xml(); - } - - function show_service($type, $uri, $params=null, $sigs=null, $localId=null) - { - common_element_start('Service'); - if ($uri) { - common_element('URI', null, $uri); - } - common_element('Type', null, $type); - if ($params) { - foreach ($params as $param) { - common_element('Type', null, $param); - } - } - if ($sigs) { - foreach ($sigs as $sig) { - common_element('Type', null, $sig); - } - } - if ($localId) { - common_element('LocalID', null, $localId); - } - common_element_end('Service'); - } -} \ No newline at end of file diff --git a/_darcs/pristine/actions/recoverpassword.php b/_darcs/pristine/actions/recoverpassword.php deleted file mode 100644 index bb6ef81d6..000000000 --- a/_darcs/pristine/actions/recoverpassword.php +++ /dev/null @@ -1,343 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -# You have 24 hours to claim your password - -define(MAX_RECOVERY_TIME, 24 * 60 * 60); - -class RecoverpasswordAction extends Action -{ - - function handle($args) - { - parent::handle($args); - if (common_logged_in()) { - $this->client_error(_('You are already logged in!')); - return; - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - if ($this->arg('recover')) { - $this->recover_password(); - } else if ($this->arg('reset')) { - $this->reset_password(); - } else { - $this->client_error(_('Unexpected form submission.')); - } - } else { - if ($this->trimmed('code')) { - $this->check_code(); - } else { - $this->show_form(); - } - } - } - - function check_code() - { - - $code = $this->trimmed('code'); - $confirm = Confirm_address::staticGet('code', $code); - - if (!$confirm) { - $this->client_error(_('No such recovery code.')); - return; - } - if ($confirm->address_type != 'recover') { - $this->client_error(_('Not a recovery code.')); - return; - } - - $user = User::staticGet($confirm->user_id); - - if (!$user) { - $this->server_error(_('Recovery code for unknown user.')); - return; - } - - $touched = strtotime($confirm->modified); - $email = $confirm->address; - - # Burn this code - - $result = $confirm->delete(); - - if (!$result) { - common_log_db_error($confirm, 'DELETE', __FILE__); - common_server_error(_('Error with confirmation code.')); - return; - } - - # These should be reaped, but for now we just check mod time - # Note: it's still deleted; let's avoid a second attempt! - - if ((time() - $touched) > MAX_RECOVERY_TIME) { - common_log(LOG_WARNING, - 'Attempted redemption on recovery code ' . - 'that is ' . $touched . ' seconds old. '); - $this->client_error(_('This confirmation code is too old. ' . - 'Please start again.')); - return; - } - - # If we used an outstanding confirmation to send the email, - # it's been confirmed at this point. - - if (!$user->email) { - $orig = clone($user); - $user->email = $email; - $result = $user->updateKeys($orig); - if (!$result) { - common_log_db_error($user, 'UPDATE', __FILE__); - $this->server_error(_('Could not update user with confirmed email address.')); - return; - } - } - - # Success! - - $this->set_temp_user($user); - $this->show_password_form(); - } - - function set_temp_user(&$user) - { - common_ensure_session(); - $_SESSION['tempuser'] = $user->id; - } - - function get_temp_user() - { - common_ensure_session(); - $user_id = $_SESSION['tempuser']; - if ($user_id) { - $user = User::staticGet($user_id); - } - return $user; - } - - function clear_temp_user() - { - common_ensure_session(); - unset($_SESSION['tempuser']); - } - - function show_top($msg=null) - { - if ($msg) { - common_element('div', 'error', $msg); - } else { - common_element_start('div', 'instructions'); - common_element('p', null, - _('If you\'ve forgotten or lost your' . - ' password, you can get a new one sent to' . - ' the email address you have stored ' . - ' in your account.')); - common_element_end('div'); - } - } - - function show_password_top($msg=null) - { - if ($msg) { - common_element('div', 'error', $msg); - } else { - common_element('div', 'instructions', - _('You\'ve been identified. Enter a ' . - ' new password below. ')); - } - } - - function show_form($msg=null) - { - - common_show_header(_('Recover password'), null, - $msg, array($this, 'show_top')); - - common_element_start('form', array('method' => 'post', - 'id' => 'recoverpassword', - 'action' => common_local_url('recoverpassword'))); - common_input('nicknameoremail', _('Nickname or email'), - $this->trimmed('nicknameoremail'), - _('Your nickname on this server, ' . - 'or your registered email address.')); - common_submit('recover', _('Recover')); - common_element_end('form'); - common_show_footer(); - } - - function show_password_form($msg=null) - { - - common_show_header(_('Reset password'), null, - $msg, array($this, 'show_password_top')); - - common_element_start('form', array('method' => 'post', - 'id' => 'recoverpassword', - 'action' => common_local_url('recoverpassword'))); - common_hidden('token', common_session_token()); - common_password('newpassword', _('New password'), - _('6 or more characters, and don\'t forget it!')); - common_password('confirm', _('Confirm'), - _('Same as password above')); - common_submit('reset', _('Reset')); - common_element_end('form'); - common_show_footer(); - } - - function recover_password() - { - $nore = $this->trimmed('nicknameoremail'); - if (!$nore) { - $this->show_form(_('Enter a nickname or email address.')); - return; - } - - $user = User::staticGet('email', common_canonical_email($nore)); - - if (!$user) { - $user = User::staticGet('nickname', common_canonical_nickname($nore)); - } - - # See if it's an unconfirmed email address - - if (!$user) { - $confirm_email = Confirm_address::staticGet('address', common_canonical_email($nore)); - if ($confirm_email && $confirm_email->address_type == 'email') { - $user = User::staticGet($confirm_email->user_id); - } - } - - if (!$user) { - $this->show_form(_('No user with that email address or username.')); - return; - } - - # Try to get an unconfirmed email address if they used a user name - - if (!$user->email && !$confirm_email) { - $confirm_email = Confirm_address::staticGet('user_id', $user->id); - if ($confirm_email && $confirm_email->address_type != 'email') { - # Skip non-email confirmations - $confirm_email = null; - } - } - - if (!$user->email && !$confirm_email) { - $this->client_error(_('No registered email address for that user.')); - return; - } - - # Success! We have a valid user and a confirmed or unconfirmed email address - - $confirm = new Confirm_address(); - $confirm->code = common_confirmation_code(128); - $confirm->address_type = 'recover'; - $confirm->user_id = $user->id; - $confirm->address = (isset($user->email)) ? $user->email : $confirm_email->address; - - if (!$confirm->insert()) { - common_log_db_error($confirm, 'INSERT', __FILE__); - $this->server_error(_('Error saving address confirmation.')); - return; - } - - $body = "Hey, $user->nickname."; - $body .= "\n\n"; - $body .= 'Someone just asked for a new password ' . - 'for this account on ' . common_config('site', 'name') . '.'; - $body .= "\n\n"; - $body .= 'If it was you, and you want to confirm, use the URL below:'; - $body .= "\n\n"; - $body .= "\t".common_local_url('recoverpassword', - array('code' => $confirm->code)); - $body .= "\n\n"; - $body .= 'If not, just ignore this message.'; - $body .= "\n\n"; - $body .= 'Thanks for your time, '; - $body .= "\n"; - $body .= common_config('site', 'name'); - $body .= "\n"; - - mail_to_user($user, _('Password recovery requested'), $body, $confirm->address); - - common_show_header(_('Password recovery requested')); - common_element('p', null, - _('Instructions for recovering your password ' . - 'have been sent to the email address registered to your ' . - 'account.')); - common_show_footer(); - } - - function reset_password() - { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - $user = $this->get_temp_user(); - - if (!$user) { - $this->client_error(_('Unexpected password reset.')); - return; - } - - $newpassword = $this->trimmed('newpassword'); - $confirm = $this->trimmed('confirm'); - - if (!$newpassword || strlen($newpassword) < 6) { - $this->show_password_form(_('Password must be 6 chars or more.')); - return; - } - if ($newpassword != $confirm) { - $this->show_password_form(_('Password and confirmation do not match.')); - return; - } - - # OK, we're ready to go - - $original = clone($user); - - $user->password = common_munge_password($newpassword, $user->id); - - if (!$user->update($original)) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Can\'t save new password.')); - return; - } - - $this->clear_temp_user(); - - if (!common_set_user($user->nickname)) { - common_server_error(_('Error setting user.')); - return; - } - - common_real_login(true); - - common_show_header(_('Password saved.')); - common_element('p', null, _('New password successfully saved. ' . - 'You are now logged in.')); - common_show_footer(); - } -} diff --git a/_darcs/pristine/actions/register.php b/_darcs/pristine/actions/register.php deleted file mode 100644 index c479816ef..000000000 --- a/_darcs/pristine/actions/register.php +++ /dev/null @@ -1,268 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class RegisterAction extends Action -{ - function handle($args) - { - parent::handle($args); - - if (common_config('site', 'closed')) { - common_user_error(_('Registration not allowed.')); - } else if (common_logged_in()) { - common_user_error(_('Already logged in.')); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->try_register(); - } else { - $this->show_form(); - } - } - - function try_register() - { - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - $nickname = $this->trimmed('nickname'); - $email = $this->trimmed('email'); - $fullname = $this->trimmed('fullname'); - $homepage = $this->trimmed('homepage'); - $bio = $this->trimmed('bio'); - $location = $this->trimmed('location'); - - # We don't trim these... whitespace is OK in a password! - - $password = $this->arg('password'); - $confirm = $this->arg('confirm'); - - # invitation code, if any - - $code = $this->trimmed('code'); - - if ($code) { - $invite = Invitation::staticGet($code); - } - - if (common_config('site', 'inviteonly') && !($code && $invite)) { - $this->client_error(_('Sorry, only invited people can register.')); - return; - } - - # Input scrubbing - - $nickname = common_canonical_nickname($nickname); - $email = common_canonical_email($email); - - if (!$this->boolean('license')) { - $this->show_form(_('You can\'t register if you don\'t agree to the license.')); - } else if ($email && !Validate::email($email, true)) { - $this->show_form(_('Not a valid email address.')); - } else if (!Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.')); - } else if ($this->nickname_exists($nickname)) { - $this->show_form(_('Nickname already in use. Try another one.')); - } else if (!User::allowed_nickname($nickname)) { - $this->show_form(_('Not a valid nickname.')); - } else if ($this->email_exists($email)) { - $this->show_form(_('Email address already exists.')); - } else if (!is_null($homepage) && (strlen($homepage) > 0) && - !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) { - $this->show_form(_('Homepage is not a valid URL.')); - return; - } else if (!is_null($fullname) && strlen($fullname) > 255) { - $this->show_form(_('Full name is too long (max 255 chars).')); - return; - } else if (!is_null($bio) && strlen($bio) > 140) { - $this->show_form(_('Bio is too long (max 140 chars).')); - return; - } else if (!is_null($location) && strlen($location) > 255) { - $this->show_form(_('Location is too long (max 255 chars).')); - return; - } else if (strlen($password) < 6) { - $this->show_form(_('Password must be 6 or more characters.')); - return; - } else if ($password != $confirm) { - $this->show_form(_('Passwords don\'t match.')); - } else if ($user = User::register(array('nickname' => $nickname, 'password' => $password, 'email' => $email, - 'fullname' => $fullname, 'homepage' => $homepage, 'bio' => $bio, - 'location' => $location, 'code' => $code))) { - if (!$user) { - $this->show_form(_('Invalid username or password.')); - return; - } - # success! - if (!common_set_user($user)) { - common_server_error(_('Error setting user.')); - return; - } - # this is a real login - common_real_login(true); - if ($this->boolean('rememberme')) { - common_debug('Adding rememberme cookie for ' . $nickname); - common_rememberme($user); - } - # Re-init language env in case it changed (not yet, but soon) - common_init_language(); - $this->show_success(); - } else { - $this->show_form(_('Invalid username or password.')); - } - } - - # checks if *CANONICAL* nickname exists - - function nickname_exists($nickname) - { - $user = User::staticGet('nickname', $nickname); - return ($user !== false); - } - - # checks if *CANONICAL* email exists - - function email_exists($email) - { - $email = common_canonical_email($email); - if (!$email || strlen($email) == 0) { - return false; - } - $user = User::staticGet('email', $email); - return ($user !== false); - } - - function show_top($error=null) - { - if ($error) { - common_element('p', 'error', $error); - } else { - $instr = common_markup_to_html(_('With this form you can create a new account. ' . - 'You can then post notices and link up to friends and colleagues. '. - '(Have an [OpenID](http://openid.net/)? ' . - 'Try our [OpenID registration](%%action.openidlogin%%)!)')); - - common_element_start('div', 'instructions'); - common_raw($instr); - common_element_end('div'); - } - } - - function show_form($error=null) - { - global $config; - - $code = $this->trimmed('code'); - - if ($code) { - $invite = Invitation::staticGet($code); - } - - if (common_config('site', 'inviteonly') && !($code && $invite)) { - $this->client_error(_('Sorry, only invited people can register.')); - return; - } - - common_show_header(_('Register'), null, $error, array($this, 'show_top')); - common_element_start('form', array('method' => 'post', - 'id' => 'login', - 'action' => common_local_url('register'))); - - common_hidden('token', common_session_token()); - - if ($code) { - common_hidden('code', $code); - } - - common_input('nickname', _('Nickname'), $this->trimmed('nickname'), - _('1-64 lowercase letters or numbers, no punctuation or spaces. Required.')); - common_password('password', _('Password'), - _('6 or more characters. Required.')); - common_password('confirm', _('Confirm'), - _('Same as password above. Required.')); - if ($invite && $invite->address_type == 'email') { - common_input('email', _('Email'), $invite->address, - _('Used only for updates, announcements, and password recovery')); - } else { - common_input('email', _('Email'), $this->trimmed('email'), - _('Used only for updates, announcements, and password recovery')); - } - common_input('fullname', _('Full name'), - $this->trimmed('fullname'), - _('Longer name, preferably your "real" name')); - common_input('homepage', _('Homepage'), - $this->trimmed('homepage'), - _('URL of your homepage, blog, or profile on another site')); - common_textarea('bio', _('Bio'), - $this->trimmed('bio'), - _('Describe yourself and your interests in 140 chars')); - common_input('location', _('Location'), - $this->trimmed('location'), - _('Where you are, like "City, State (or Region), Country"')); - common_checkbox('rememberme', _('Remember me'), - $this->boolean('rememberme'), - _('Automatically login in the future; not for shared computers!')); - common_element_start('p'); - $attrs = array('type' => 'checkbox', - 'id' => 'license', - 'name' => 'license', - 'value' => 'true'); - if ($this->boolean('license')) { - $attrs['checked'] = 'checked'; - } - common_element('input', $attrs); - common_text(_('My text and files are available under ')); - common_element('a', array('href' => $config['license']['url']), - $config['license']['title']); - common_text(_(' except this private data: password, email address, IM address, phone number.')); - common_element_end('p'); - common_submit('submit', _('Register')); - common_element_end('form'); - common_show_footer(); - } - - function show_success() - { - $nickname = $this->arg('nickname'); - common_show_header(_('Registration successful')); - common_element_start('div', 'success'); - $instr = sprintf(_('Congratulations, %s! And welcome to %%%%site.name%%%%. From here, you may want to...'. "\n\n" . - '* Go to [your profile](%s) and post your first message.' . "\n" . - '* Add a [Jabber/GTalk address](%%%%action.imsettings%%%%) so you can send notices through instant messages.' . "\n" . - '* [Search for people](%%%%action.peoplesearch%%%%) that you may know or that share your interests. ' . "\n" . - '* Update your [profile settings](%%%%action.profilesettings%%%%) to tell others more about you. ' . "\n" . - '* Read over the [online docs](%%%%doc.help%%%%) for features you may have missed. ' . "\n\n" . - 'Thanks for signing up and we hope you enjoy using this service.'), - $nickname, common_local_url('showstream', array('nickname' => $nickname))); - common_raw(common_markup_to_html($instr)); - $have_email = $this->trimmed('email'); - if ($have_email) { - $emailinstr = _('(You should receive a message by email momentarily, with ' . - 'instructions on how to confirm your email address.)'); - common_raw(common_markup_to_html($emailinstr)); - } - common_element_end('div'); - common_show_footer(); - } - -} diff --git a/_darcs/pristine/actions/remotesubscribe.php b/_darcs/pristine/actions/remotesubscribe.php deleted file mode 100644 index a9494772e..000000000 --- a/_darcs/pristine/actions/remotesubscribe.php +++ /dev/null @@ -1,399 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/omb.php'); - -class RemotesubscribeAction extends Action -{ - - function handle($args) - { - - parent::handle($args); - - if (common_logged_in()) { - common_user_error(_('You can use the local subscription!')); - return; - } - - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - $this->remote_subscription(); - } else { - $this->show_form(); - } - } - - function get_instructions() - { - return _('To subscribe, you can [login](%%action.login%%),' . - ' or [register](%%action.register%%) a new ' . - ' account. If you already have an account ' . - ' on a [compatible microblogging site](%%doc.openmublog%%), ' . - ' enter your profile URL below.'); - } - - function show_top($err=null) - { - if ($err) { - common_element('div', 'error', $err); - } else { - $instructions = $this->get_instructions(); - $output = common_markup_to_html($instructions); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('p'); - } - } - - function show_form($err=null) - { - $nickname = $this->trimmed('nickname'); - $profile = $this->trimmed('profile_url'); - common_show_header(_('Remote subscribe'), null, $err, - array($this, 'show_top')); - # id = remotesubscribe conflicts with the - # button on profile page - common_element_start('form', array('id' => 'remsub', 'method' => 'post', - 'action' => common_local_url('remotesubscribe'))); - common_hidden('token', common_session_token()); - common_input('nickname', _('User nickname'), $nickname, - _('Nickname of the user you want to follow')); - common_input('profile_url', _('Profile URL'), $profile, - _('URL of your profile on another compatible microblogging service')); - common_submit('submit', _('Subscribe')); - common_element_end('form'); - common_show_footer(); - } - - function remote_subscription() - { - $user = $this->get_user(); - - if (!$user) { - $this->show_form(_('No such user.')); - return; - } - - $profile = $this->trimmed('profile_url'); - - if (!$profile) { - $this->show_form(_('No such user.')); - return; - } - - if (!Validate::uri($profile, array('allowed_schemes' => array('http', 'https')))) { - $this->show_form(_('Invalid profile URL (bad format)')); - return; - } - - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - $yadis = Auth_Yadis_Yadis::discover($profile, $fetcher); - - if (!$yadis || $yadis->failed) { - $this->show_form(_('Not a valid profile URL (no YADIS document).')); - return; - } - - # XXX: a little liberal for sites that accidentally put whitespace before the xml declaration - - $xrds =& Auth_Yadis_XRDS::parseXRDS(trim($yadis->response_text)); - - if (!$xrds) { - $this->show_form(_('Not a valid profile URL (no XRDS defined).')); - return; - } - - $omb = $this->getOmb($xrds); - - if (!$omb) { - $this->show_form(_('Not a valid profile URL (incorrect services).')); - return; - } - - if (omb_service_uri($omb[OAUTH_ENDPOINT_REQUEST]) == - common_local_url('requesttoken')) - { - $this->show_form(_('That\'s a local profile! Login to subscribe.')); - return; - } - - if (User::staticGet('uri', omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]))) { - $this->show_form(_('That\'s a local profile! Login to subscribe.')); - return; - } - - list($token, $secret) = $this->request_token($omb); - - if (!$token || !$secret) { - $this->show_form(_('Couldn\'t get a request token.')); - return; - } - - $this->request_authorization($user, $omb, $token, $secret); - } - - function get_user() - { - $user = null; - $nickname = $this->trimmed('nickname'); - if ($nickname) { - $user = User::staticGet('nickname', $nickname); - } - return $user; - } - - function getOmb($xrds) - { - - static $omb_endpoints = array(OMB_ENDPOINT_UPDATEPROFILE, OMB_ENDPOINT_POSTNOTICE); - static $oauth_endpoints = array(OAUTH_ENDPOINT_REQUEST, OAUTH_ENDPOINT_AUTHORIZE, - OAUTH_ENDPOINT_ACCESS); - $omb = array(); - - # XXX: the following code could probably be refactored to eliminate dupes - - $oauth_services = omb_get_services($xrds, OAUTH_DISCOVERY); - - if (!$oauth_services) { - return null; - } - - $oauth_service = $oauth_services[0]; - - $oauth_xrd = $this->getXRD($oauth_service, $xrds); - - if (!$oauth_xrd) { - return null; - } - - if (!$this->addServices($oauth_xrd, $oauth_endpoints, $omb)) { - return null; - } - - $omb_services = omb_get_services($xrds, OMB_NAMESPACE); - - if (!$omb_services) { - return null; - } - - $omb_service = $omb_services[0]; - - $omb_xrd = $this->getXRD($omb_service, $xrds); - - if (!$omb_xrd) { - return null; - } - - if (!$this->addServices($omb_xrd, $omb_endpoints, $omb)) { - return null; - } - - # XXX: check that we got all the services we needed - - foreach (array_merge($omb_endpoints, $oauth_endpoints) as $type) { - if (!array_key_exists($type, $omb) || !$omb[$type]) { - return null; - } - } - - if (!omb_local_id($omb[OAUTH_ENDPOINT_REQUEST])) { - return null; - } - - return $omb; - } - - function getXRD($main_service, $main_xrds) - { - $uri = omb_service_uri($main_service); - if (strpos($uri, "#") !== 0) { - # FIXME: more rigorous handling of external service definitions - return null; - } - $id = substr($uri, 1); - $nodes = $main_xrds->allXrdNodes; - $parser = $main_xrds->parser; - foreach ($nodes as $node) { - $attrs = $parser->attributes($node); - if (array_key_exists('xml:id', $attrs) && - $attrs['xml:id'] == $id) { - # XXX: trick the constructor into thinking this is the only node - $bogus_nodes = array($node); - return new Auth_Yadis_XRDS($parser, $bogus_nodes); - } - } - return null; - } - - function addServices($xrd, $types, &$omb) - { - foreach ($types as $type) { - $matches = omb_get_services($xrd, $type); - if ($matches) { - $omb[$type] = $matches[0]; - } else { - # no match for type - return false; - } - } - return true; - } - - function request_token($omb) - { - $con = omb_oauth_consumer(); - - $url = omb_service_uri($omb[OAUTH_ENDPOINT_REQUEST]); - - # XXX: Is this the right thing to do? Strip off GET params and make them - # POST params? Seems wrong to me. - - $parsed = parse_url($url); - $params = array(); - parse_str($parsed['query'], $params); - - $req = OAuthRequest::from_consumer_and_token($con, null, "POST", $url, $params); - - $listener = omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]); - - if (!$listener) { - return null; - } - - $req->set_parameter('omb_listener', $listener); - $req->set_parameter('omb_version', OMB_VERSION_01); - - # XXX: test to see if endpoint accepts this signature method - - $req->sign_request(omb_hmac_sha1(), $con, null); - - # We re-use this tool's fetcher, since it's pretty good - - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - - $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata(), - array('User-Agent' => 'Laconica/' . LACONICA_VERSION)); - - if ($result->status != 200) { - return null; - } - - parse_str($result->body, $return); - - return array($return['oauth_token'], $return['oauth_token_secret']); - } - - function request_authorization($user, $omb, $token, $secret) - { - global $config; # for license URL - - $con = omb_oauth_consumer(); - $tok = new OAuthToken($token, $secret); - - $url = omb_service_uri($omb[OAUTH_ENDPOINT_AUTHORIZE]); - - # XXX: Is this the right thing to do? Strip off GET params and make them - # POST params? Seems wrong to me. - - $parsed = parse_url($url); - $params = array(); - parse_str($parsed['query'], $params); - - $req = OAuthRequest::from_consumer_and_token($con, $tok, 'GET', $url, $params); - - # We send over a ton of information. This lets the other - # server store info about our user, and it lets the current - # user decide if they really want to authorize the subscription. - - $req->set_parameter('omb_version', OMB_VERSION_01); - $req->set_parameter('omb_listener', omb_local_id($omb[OAUTH_ENDPOINT_REQUEST])); - $req->set_parameter('omb_listenee', $user->uri); - $req->set_parameter('omb_listenee_profile', common_profile_url($user->nickname)); - $req->set_parameter('omb_listenee_nickname', $user->nickname); - $req->set_parameter('omb_listenee_license', $config['license']['url']); - - $profile = $user->getProfile(); - if (!$profile) { - common_log_db_error($user, 'SELECT', __FILE__); - $this->server_error(_('User without matching profile')); - return; - } - - if ($profile->fullname) { - $req->set_parameter('omb_listenee_fullname', $profile->fullname); - } - if ($profile->homepage) { - $req->set_parameter('omb_listenee_homepage', $profile->homepage); - } - if ($profile->bio) { - $req->set_parameter('omb_listenee_bio', $profile->bio); - } - if ($profile->location) { - $req->set_parameter('omb_listenee_location', $profile->location); - } - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - if ($avatar) { - $req->set_parameter('omb_listenee_avatar', $avatar->url); - } - - # XXX: add a nonce to prevent replay attacks - - $req->set_parameter('oauth_callback', common_local_url('finishremotesubscribe')); - - # XXX: test to see if endpoint accepts this signature method - - $req->sign_request(omb_hmac_sha1(), $con, $tok); - - # store all our info here - - $omb['listenee'] = $user->nickname; - $omb['listener'] = omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]); - $omb['token'] = $token; - $omb['secret'] = $secret; - # call doesn't work after bounce back so we cache; maybe serialization issue...? - $omb['access_token_url'] = omb_service_uri($omb[OAUTH_ENDPOINT_ACCESS]); - $omb['post_notice_url'] = omb_service_uri($omb[OMB_ENDPOINT_POSTNOTICE]); - $omb['update_profile_url'] = omb_service_uri($omb[OMB_ENDPOINT_UPDATEPROFILE]); - - common_ensure_session(); - - $_SESSION['oauth_authorization_request'] = $omb; - - # Redirect to authorization service - - common_redirect($req->to_url()); - return; - } - - function make_nonce() - { - return common_good_rand(16); - } -} diff --git a/_darcs/pristine/actions/replies.php b/_darcs/pristine/actions/replies.php deleted file mode 100644 index eceeb4d65..000000000 --- a/_darcs/pristine/actions/replies.php +++ /dev/null @@ -1,100 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/actions/showstream.php'); - -class RepliesAction extends StreamAction -{ - - function handle($args) - { - - parent::handle($args); - - $nickname = common_canonical_nickname($this->arg('nickname')); - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - $this->no_such_user(); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - # Looks like we're good; show the header - - common_show_header(sprintf(_("Replies to %s"), $profile->nickname), - array($this, 'show_header'), $user, - array($this, 'show_top')); - - $this->show_replies($user); - - common_show_footer(); - } - - function no_such_user() - { - common_user_error(_('No such user.')); - } - - function show_header($user) - { - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('repliesrss', array('nickname' => - $user->nickname)), - 'type' => 'application/rss+xml', - 'title' => sprintf(_('Feed for replies to %s'), $user->nickname))); - } - - function show_top($user) - { - $cur = common_current_user(); - - if ($cur && $cur->id == $user->id) { - common_notice_form('replies'); - } - - $this->views_menu(); - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('repliesrss', array('nickname' => $user->nickname)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'repliesrss'))); - } - - function show_replies($user) - { - - $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - - $notice = $user->getReplies(($page-1) * NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); - - $cnt = $this->show_notice_list($notice); - - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'replies', array('nickname' => $user->nickname)); - } -} diff --git a/_darcs/pristine/actions/repliesrss.php b/_darcs/pristine/actions/repliesrss.php deleted file mode 100644 index 5f85f8d2e..000000000 --- a/_darcs/pristine/actions/repliesrss.php +++ /dev/null @@ -1,84 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/rssaction.php'); - -// Formatting of RSS handled by Rss10Action - -class RepliesrssAction extends Rss10Action -{ - - var $user = null; - - function init() - { - $nickname = $this->trimmed('nickname'); - $this->user = User::staticGet('nickname', $nickname); - - if (!$this->user) { - common_user_error(_('No such user.')); - return false; - } else { - return true; - } - } - - function get_notices($limit=0) - { - - $user = $this->user; - - $notice = $user->getReplies(0, ($limit == 0) ? 48 : $limit); - - $notices = array(); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - return $notices; - } - - function get_channel() - { - $user = $this->user; - $c = array('url' => common_local_url('repliesrss', - array('nickname' => - $user->nickname)), - 'title' => sprintf(_("Replies to %s"), $user->nickname), - 'link' => common_local_url('replies', - array('nickname' => - $user->nickname)), - 'description' => sprintf(_('Feed for replies to %s'), $user->nickname)); - return $c; - } - - function get_image() - { - $user = $this->user; - $profile = $user->getProfile(); - if (!$profile) { - return null; - } - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - return ($avatar) ? $avatar->url : null; - } -} \ No newline at end of file diff --git a/_darcs/pristine/actions/requesttoken.php b/_darcs/pristine/actions/requesttoken.php deleted file mode 100644 index a74548739..000000000 --- a/_darcs/pristine/actions/requesttoken.php +++ /dev/null @@ -1,45 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/omb.php'); - -class RequesttokenAction extends Action -{ - - function is_readonly() - { - return false; - } - - function handle($args) - { - parent::handle($args); - try { - common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); - $server = omb_oauth_server(); - $token = $server->fetch_request_token($req); - print $token; - } catch (OAuthException $e) { - common_server_error($e->getMessage()); - } - } -} diff --git a/_darcs/pristine/actions/showfavorites.php b/_darcs/pristine/actions/showfavorites.php deleted file mode 100644 index f4344833d..000000000 --- a/_darcs/pristine/actions/showfavorites.php +++ /dev/null @@ -1,102 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/actions/showstream.php'); - -class ShowfavoritesAction extends StreamAction -{ - - function handle($args) - { - - parent::handle($args); - - $nickname = common_canonical_nickname($this->arg('nickname')); - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - $this->client_error(_('No such user.')); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - # Looks like we're good; show the header - - common_show_header(sprintf(_("%s favorite notices"), $profile->nickname), - array($this, 'show_header'), $user, - array($this, 'show_top')); - - $this->show_notices($user); - - common_show_footer(); - } - - function show_header($user) - { - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('favoritesrss', array('nickname' => - $user->nickname)), - 'type' => 'application/rss+xml', - 'title' => sprintf(_('Feed for favorites of %s'), $user->nickname))); - } - - function show_top($user) - { - $cur = common_current_user(); - - if ($cur && $cur->id == $user->id) { - common_notice_form('all'); - } - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('favoritesrss', array('nickname' => $user->nickname)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'Favorites'))); - $this->views_menu(); - } - - function show_notices($user) - { - - $page = $this->trimmed('page'); - if (!$page) { - $page = 1; - } - - $notice = $user->favoriteNotices(($page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); - - if (!$notice) { - $this->server_error(_('Could not retrieve favorite notices.')); - return; - } - - $cnt = $this->show_notice_list($notice); - - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'showfavorites', array('nickname' => $user->nickname)); - } -} diff --git a/_darcs/pristine/actions/showmessage.php b/_darcs/pristine/actions/showmessage.php deleted file mode 100644 index 25330a568..000000000 --- a/_darcs/pristine/actions/showmessage.php +++ /dev/null @@ -1,108 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/mailbox.php'); - -class ShowmessageAction extends MailboxAction -{ - - function handle($args) - { - - Action::handle($args); - - $message = $this->get_message(); - - if (!$message) { - $this->client_error(_('No such message.'), 404); - return; - } - - $cur = common_current_user(); - - if ($cur && ($cur->id == $message->from_profile || $cur->id == $message->to_profile)) { - $this->show_page($cur, 1); - } else { - $this->client_error(_('Only the sender and recipient may read this message.'), 403); - return; - } - } - - function get_message() - { - $id = $this->trimmed('message'); - $message = Message::staticGet('id', $id); - return $message; - } - - function get_title($user, $page) - { - $message = $this->get_message(); - if (!$message) { - return null; - } - - if ($user->id == $message->from_profile) { - $to = $message->getTo(); - $title = sprintf(_("Message to %1\$s on %2\$s"), - $to->nickname, - common_exact_date($message->created)); - } else if ($user->id == $message->to_profile) { - $from = $message->getFrom(); - $title = sprintf(_("Message from %1\$s on %2\$s"), - $from->nickname, - common_exact_date($message->created)); - } - return $title; - } - - function get_messages($user, $page) - { - $message = new Message(); - $message->id = $this->trimmed('message'); - $message->find(); - return $message; - } - - function get_message_profile($message) - { - $user = common_current_user(); - if ($user->id == $message->from_profile) { - return $message->getTo(); - } else if ($user->id == $message->to_profile) { - return $message->getFrom(); - } else { - # This shouldn't happen - return null; - } - } - - function get_instructions() - { - return ''; - } - - function views_menu() - { - return; - } -} - \ No newline at end of file diff --git a/_darcs/pristine/actions/shownotice.php b/_darcs/pristine/actions/shownotice.php deleted file mode 100644 index 2df09cb3f..000000000 --- a/_darcs/pristine/actions/shownotice.php +++ /dev/null @@ -1,124 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/stream.php'); - -class ShownoticeAction extends StreamAction -{ - - var $notice = null; - var $profile = null; - var $avatar = null; - - function prepare($args) - { - - parent::prepare($args); - - $id = $this->arg('notice'); - $this->notice = Notice::staticGet($id); - - if (!$this->notice) { - $this->client_error(_('No such notice.'), 404); - return false; - } - - $this->profile = $this->notice->getProfile(); - - if (!$this->profile) { - $this->server_error(_('Notice has no profile'), 500); - return false; - } - - $this->avatar = $this->profile->getAvatar(AVATAR_STREAM_SIZE); - - return true; - } - - function last_modified() - { - return max(strtotime($this->notice->created), - strtotime($this->profile->modified), - ($this->avatar) ? strtotime($this->avatar->modified) : 0); - } - - function etag() - { - return 'W/"' . implode(':', array($this->arg('action'), - common_language(), - $this->notice->id, - strtotime($this->notice->created), - strtotime($this->profile->modified), - ($this->avatar) ? strtotime($this->avatar->modified) : 0)) . '"'; - } - - function handle($args) - { - - parent::handle($args); - - common_show_header(sprintf(_('%1$s\'s status on %2$s'), - $this->profile->nickname, - common_exact_date($this->notice->created)), - array($this, 'show_header'), null, - array($this, 'show_top')); - - common_element_start('ul', array('id' => 'notices')); - $nli = new NoticeListItem($this->notice); - $nli->show(); - common_element_end('ul'); - - common_show_footer(); - } - - function show_header() - { - - $user = User::staticGet($this->profile->id); - - if (!$user) { - return; - } - - if ($user->emailmicroid && $user->email && $this->notice->uri) { - common_element('meta', array('name' => 'microid', - 'content' => "mailto+http:sha1:" . sha1(sha1('mailto:' . $user->email) . sha1($this->notice->uri)))); - } - - if ($user->jabbermicroid && $user->jabber && $this->notice->uri) { - common_element('meta', array('name' => 'microid', - 'content' => "xmpp+http:sha1:" . sha1(sha1('xmpp:' . $user->jabber) . sha1($this->notice->uri)))); - } - } - - function show_top() - { - $cur = common_current_user(); - if ($cur && $cur->id == $this->profile->id) { - common_notice_form(); - } - } - - function no_such_notice() - { - common_user_error(_('No such notice.')); - } -} diff --git a/_darcs/pristine/actions/showstream.php b/_darcs/pristine/actions/showstream.php deleted file mode 100644 index e4e5d96d1..000000000 --- a/_darcs/pristine/actions/showstream.php +++ /dev/null @@ -1,467 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/stream.php'); - -define('SUBSCRIPTIONS_PER_ROW', 4); -define('SUBSCRIPTIONS', 80); - -class ShowstreamAction extends StreamAction -{ - - function handle($args) - { - - parent::handle($args); - - $nickname_arg = $this->arg('nickname'); - $nickname = common_canonical_nickname($nickname_arg); - - # Permanent redirect on non-canonical nickname - - if ($nickname_arg != $nickname) { - $args = array('nickname' => $nickname); - if ($this->arg('page') && $this->arg('page') != 1) { - $args['page'] = $this->arg['page']; - } - common_redirect(common_local_url('showstream', $args), 301); - return; - } - - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - $this->no_such_user(); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - # Looks like we're good; start output - - # For YADIS discovery, we also have a tag - - header('X-XRDS-Location: '. common_local_url('xrds', array('nickname' => - $user->nickname))); - - common_show_header($profile->nickname, - array($this, 'show_header'), $user, - array($this, 'show_top')); - - $this->show_profile($profile); - - $this->show_notices($user); - - common_show_footer(); - } - - function show_top($user) - { - $cur = common_current_user(); - - if ($cur && $cur->id == $user->id) { - common_notice_form('showstream'); - } - - $this->views_menu(); - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('userrss', array('nickname' => $user->nickname)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'notices'), - 1=>array('href'=>common_local_url('usertimeline', array('nickname' => $user->nickname)), - 'type' => 'atom', - 'version' => 'Atom 1.0', - 'item' => 'usertimeline'), - - 2=>array('href'=>common_local_url('foaf',array('nickname' => $user->nickname)), - 'type' => 'rdf', - 'version' => 'FOAF', - 'item' => 'foaf'))); - } - - function show_header($user) - { - # Feeds - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('api', - array('apiaction' => 'statuses', - 'method' => 'user_timeline.rss', - 'argument' => $user->nickname)), - 'type' => 'application/rss+xml', - 'title' => sprintf(_('Notice feed for %s'), $user->nickname))); - common_element('link', array('rel' => 'alternate feed', - 'href' => common_local_url('api', - array('apiaction' => 'statuses', - 'method' => 'user_timeline.atom', - 'argument' => $user->nickname)), - 'type' => 'application/atom+xml', - 'title' => sprintf(_('Notice feed for %s'), $user->nickname))); - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('userrss', array('nickname' => - $user->nickname)), - 'type' => 'application/rdf+xml', - 'title' => sprintf(_('Notice feed for %s'), $user->nickname))); - # FOAF - common_element('link', array('rel' => 'meta', - 'href' => common_local_url('foaf', array('nickname' => - $user->nickname)), - 'type' => 'application/rdf+xml', - 'title' => 'FOAF')); - # for remote subscriptions etc. - common_element('meta', array('http-equiv' => 'X-XRDS-Location', - 'content' => common_local_url('xrds', array('nickname' => - $user->nickname)))); - $profile = $user->getProfile(); - if ($profile->bio) { - common_element('meta', array('name' => 'description', - 'content' => $profile->bio)); - } - - if ($user->emailmicroid && $user->email && $profile->profileurl) { - common_element('meta', array('name' => 'microid', - 'content' => "mailto+http:sha1:" . sha1(sha1('mailto:' . $user->email) . sha1($profile->profileurl)))); - } - if ($user->jabbermicroid && $user->jabber && $profile->profileurl) { - common_element('meta', array('name' => 'microid', - 'content' => "xmpp+http:sha1:" . sha1(sha1('xmpp:' . $user->jabber) . sha1($profile->profileurl)))); - } - - # See https://wiki.mozilla.org/Microsummaries - - common_element('link', array('rel' => 'microsummary', - 'href' => common_local_url('microsummary', - array('nickname' => $profile->nickname)))); - } - - function no_such_user() - { - $this->client_error(_('No such user.'), 404); - } - - function show_profile($profile) - { - - common_element_start('div', array('id' => 'profile', 'class' => 'vcard')); - - $this->show_personal($profile); - - $this->show_last_notice($profile); - - $cur = common_current_user(); - - $this->show_subscriptions($profile); - - common_element_end('div'); - } - - function show_personal($profile) - { - - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - common_element_start('div', array('id' => 'profile_avatar')); - common_element('img', array('src' => ($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_PROFILE_SIZE), - 'class' => 'avatar profile photo', - 'width' => AVATAR_PROFILE_SIZE, - 'height' => AVATAR_PROFILE_SIZE, - 'alt' => $profile->nickname)); - - common_element_start('ul', array('id' => 'profile_actions')); - - common_element_start('li', array('id' => 'profile_subscribe')); - $cur = common_current_user(); - if ($cur) { - if ($cur->id != $profile->id) { - if ($cur->isSubscribed($profile)) { - common_unsubscribe_form($profile); - } else { - common_subscribe_form($profile); - } - } - } else { - $this->show_remote_subscribe_link($profile); - } - common_element_end('li'); - - $user = User::staticGet('id', $profile->id); - common_profile_new_message_nudge($cur, $user, $profile); - - if ($cur && $cur->id != $profile->id) { - $blocked = $cur->hasBlocked($profile); - common_element_start('li', array('id' => 'profile_block')); - if ($blocked) { - common_unblock_form($profile, array('action' => 'showstream', - 'nickname' => $profile->nickname)); - } else { - common_block_form($profile, array('action' => 'showstream', - 'nickname' => $profile->nickname)); - } - common_element_end('li'); - } - - common_element_end('ul'); - - common_element_end('div'); - - common_element_start('div', array('id' => 'profile_information')); - - if ($profile->fullname) { - common_element('h1', array('class' => 'fn'), $profile->fullname . ' (' . $profile->nickname . ')'); - } else { - common_element('h1', array('class' => 'fn nickname'), $profile->nickname); - } - - if ($profile->location) { - common_element('p', 'location', $profile->location); - } - if ($profile->bio) { - common_element('p', 'description note', $profile->bio); - } - if ($profile->homepage) { - common_element_start('p', 'website'); - common_element('a', array('href' => $profile->homepage, - 'rel' => 'me', 'class' => 'url'), - $profile->homepage); - common_element_end('p'); - } - - $this->show_statistics($profile); - - common_element_end('div'); - } - - function show_remote_subscribe_link($profile) - { - $url = common_local_url('remotesubscribe', - array('nickname' => $profile->nickname)); - common_element('a', array('href' => $url, - 'id' => 'remotesubscribe'), - _('Subscribe')); - } - - function show_unsubscribe_form($profile) - { - common_element_start('form', array('id' => 'unsubscribe', 'method' => 'post', - 'action' => common_local_url('unsubscribe'))); - common_hidden('token', common_session_token()); - common_element('input', array('id' => 'unsubscribeto', - 'name' => 'unsubscribeto', - 'type' => 'hidden', - 'value' => $profile->nickname)); - common_element('input', array('type' => 'submit', - 'class' => 'submit', - 'value' => _('Unsubscribe'))); - common_element_end('form'); - } - - function show_subscriptions($profile) - { - global $config; - - $subs = DB_DataObject::factory('subscription'); - $subs->subscriber = $profile->id; - $subs->whereAdd('subscribed != ' . $profile->id); - - $subs->orderBy('created DESC'); - - # We ask for an extra one to know if we need to do another page - - $subs->limit(0, SUBSCRIPTIONS + 1); - - $subs_count = $subs->find(); - - common_element_start('div', array('id' => 'subscriptions')); - - common_element('h2', null, _('Subscriptions')); - - if ($subs_count > 0) { - - common_element_start('ul', array('id' => 'subscriptions_avatars')); - - for ($i = 0; $i < min($subs_count, SUBSCRIPTIONS); $i++) { - - if (!$subs->fetch()) { - common_debug('Weirdly, broke out of subscriptions loop early', __FILE__); - break; - } - - $other = Profile::staticGet($subs->subscribed); - - if (!$other) { - common_log_db_error($subs, 'SELECT', __FILE__); - continue; - } - - common_element_start('li', 'vcard'); - common_element_start('a', array('title' => ($other->fullname) ? - $other->fullname : - $other->nickname, - 'href' => $other->profileurl, - 'rel' => 'contact', - 'class' => 'subscription fn url')); - $avatar = $other->getAvatar(AVATAR_MINI_SIZE); - common_element('img', array('src' => (($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_MINI_SIZE)), - 'width' => AVATAR_MINI_SIZE, - 'height' => AVATAR_MINI_SIZE, - 'class' => 'avatar mini photo', - 'alt' => ($other->fullname) ? - $other->fullname : - $other->nickname)); - common_element_end('a'); - common_element_end('li'); - } - - common_element_end('ul'); - } - - if ($subs_count > SUBSCRIPTIONS) { - common_element_start('p', array('id' => 'subscriptions_viewall')); - - common_element('a', array('href' => common_local_url('subscriptions', - array('nickname' => $profile->nickname)), - 'class' => 'moresubscriptions'), - _('All subscriptions')); - common_element_end('p'); - } - - common_element_end('div'); - } - - function show_statistics($profile) - { - - // XXX: WORM cache this - $subs = DB_DataObject::factory('subscription'); - $subs->subscriber = $profile->id; - $subs_count = (int) $subs->count() - 1; - - $subbed = DB_DataObject::factory('subscription'); - $subbed->subscribed = $profile->id; - $subbed_count = (int) $subbed->count() - 1; - - $notices = DB_DataObject::factory('notice'); - $notices->profile_id = $profile->id; - $notice_count = (int) $notices->count(); - - common_element_start('div', 'statistics'); - common_element('h2', 'statistics', _('Statistics')); - - # Other stats...? - common_element_start('dl', 'statistics'); - common_element('dt', 'membersince', _('Member since')); - common_element('dd', 'membersince', date('j M Y', - strtotime($profile->created))); - - common_element_start('dt', 'subscriptions'); - common_element('a', array('href' => common_local_url('subscriptions', - array('nickname' => $profile->nickname))), - _('Subscriptions')); - common_element_end('dt'); - common_element('dd', 'subscriptions', (is_int($subs_count)) ? $subs_count : '0'); - common_element_start('dt', 'subscribers'); - common_element('a', array('href' => common_local_url('subscribers', - array('nickname' => $profile->nickname))), - _('Subscribers')); - common_element_end('dt'); - common_element('dd', 'subscribers', (is_int($subbed_count)) ? $subbed_count : '0'); - common_element('dt', 'notices', _('Notices')); - common_element('dd', 'notices', (is_int($notice_count)) ? $notice_count : '0'); - # XXX: link these to something - common_element('dt', 'tags', _('Tags')); - common_element_start('dd', 'tags'); - $tags = Profile_tag::getTags($profile->id, $profile->id); - - common_element_start('ul', 'tags xoxo'); - foreach ($tags as $tag) { - common_element_start('li'); - common_element('a', array('rel' => 'bookmark tag', - 'href' => common_local_url('peopletag', - array('tag' => $tag))), - $tag); - common_element_end('li'); - } - common_element_end('ul'); - common_element_end('dd'); - - common_element_end('dl'); - - common_element_end('div'); - } - - function show_notices($user) - { - - $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - - $notice = $user->getNotices(($page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); - - $pnl = new ProfileNoticeList($notice); - $cnt = $pnl->show(); - - common_pagination($page>1, $cnt>NOTICES_PER_PAGE, $page, - 'showstream', array('nickname' => $user->nickname)); - } - - function show_last_notice($profile) - { - - common_element('h2', null, _('Currently')); - - $notice = $profile->getCurrentNotice(); - - if ($notice) { - # FIXME: URL, image, video, audio - common_element_start('p', array('class' => 'notice_current')); - if ($notice->rendered) { - common_raw($notice->rendered); - } else { - # XXX: may be some uncooked notices in the DB, - # we cook them right now. This can probably disappear in future - # versions (>> 0.4.x) - common_raw(common_render_content($notice->content, $notice)); - } - common_element_end('p'); - } - } -} - -# We don't show the author for a profile, since we already know who it is! - -class ProfileNoticeList extends NoticeList -{ - function newListItem($notice) - { - return new ProfileNoticeListItem($notice); - } -} - -class ProfileNoticeListItem extends NoticeListItem -{ - function showAuthor() - { - return; - } -} diff --git a/_darcs/pristine/actions/smssettings.php b/_darcs/pristine/actions/smssettings.php deleted file mode 100644 index fad71135c..000000000 --- a/_darcs/pristine/actions/smssettings.php +++ /dev/null @@ -1,343 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); -require_once(INSTALLDIR.'/actions/emailsettings.php'); - -class SmssettingsAction extends EmailsettingsAction -{ - - function get_instructions() - { - return _('You can receive SMS messages through email from %%site.name%%.'); - } - - function show_form($msg=null, $success=false) - { - $user = common_current_user(); - $this->form_header(_('SMS Settings'), $msg, $success); - common_element_start('form', array('method' => 'post', - 'id' => 'smssettings', - 'action' => - common_local_url('smssettings'))); - common_hidden('token', common_session_token()); - common_element('h2', null, _('Address')); - - if ($user->sms) { - common_element_start('p'); - $carrier = $user->getCarrier(); - common_element('span', 'address confirmed', $user->sms . ' (' . $carrier->name . ')'); - common_element('span', 'input_instructions', - _('Current confirmed SMS-enabled phone number.')); - common_hidden('sms', $user->sms); - common_hidden('carrier', $user->carrier); - common_element_end('p'); - common_submit('remove', _('Remove')); - } else { - $confirm = $this->get_confirmation(); - if ($confirm) { - $carrier = Sms_carrier::staticGet($confirm->address_extra); - common_element_start('p'); - common_element('span', 'address unconfirmed', $confirm->address . ' (' . $carrier->name . ')'); - common_element('span', 'input_instructions', - _('Awaiting confirmation on this phone number.')); - common_hidden('sms', $confirm->address); - common_hidden('carrier', $confirm->address_extra); - common_element_end('p'); - common_submit('cancel', _('Cancel')); - common_input('code', _('Confirmation code'), null, - _('Enter the code you received on your phone.')); - common_submit('confirm', _('Confirm')); - } else { - common_input('sms', _('SMS Phone number'), - ($this->arg('sms')) ? $this->arg('sms') : null, - _('Phone number, no punctuation or spaces, with area code')); - $this->carrier_select(); - common_submit('add', _('Add')); - } - } - - if ($user->sms) { - common_element('h2', null, _('Incoming email')); - - if ($user->incomingemail) { - common_element_start('p'); - common_element('span', 'address', $user->incomingemail); - common_element('span', 'input_instructions', - _('Send email to this address to post new notices.')); - common_element_end('p'); - common_submit('removeincoming', _('Remove')); - } - - common_element_start('p'); - common_element('span', 'input_instructions', - _('Make a new email address for posting to; cancels the old one.')); - common_element_end('p'); - common_submit('newincoming', _('New')); - } - - common_element('h2', null, _('Preferences')); - - common_checkbox('smsnotify', - _('Send me notices through SMS; I understand I may incur exorbitant charges from my carrier.'), - $user->smsnotify); - - common_submit('save', _('Save')); - - common_element_end('form'); - common_show_footer(); - } - - function get_confirmation() - { - $user = common_current_user(); - $confirm = new Confirm_address(); - $confirm->user_id = $user->id; - $confirm->address_type = 'sms'; - if ($confirm->find(true)) { - return $confirm; - } else { - return null; - } - } - - function handle_post() - { - - # CSRF protection - - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_preferences(); - } else if ($this->arg('add')) { - $this->add_address(); - } else if ($this->arg('cancel')) { - $this->cancel_confirmation(); - } else if ($this->arg('remove')) { - $this->remove_address(); - } else if ($this->arg('removeincoming')) { - $this->remove_incoming(); - } else if ($this->arg('newincoming')) { - $this->new_incoming(); - } else if ($this->arg('confirm')) { - $this->confirm_code(); - } else { - $this->show_form(_('Unexpected form submission.')); - } - } - - function save_preferences() - { - - $smsnotify = $this->boolean('smsnotify'); - - $user = common_current_user(); - - assert(!is_null($user)); # should already be checked - - $user->query('BEGIN'); - - $original = clone($user); - - $user->smsnotify = $smsnotify; - - $result = $user->update($original); - - if ($result === false) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - - $user->query('COMMIT'); - - $this->show_form(_('Preferences saved.'), true); - } - - function add_address() - { - - $user = common_current_user(); - - $sms = $this->trimmed('sms'); - $carrier_id = $this->trimmed('carrier'); - - # Some validation - - if (!$sms) { - $this->show_form(_('No phone number.')); - return; - } - - if (!$carrier_id) { - $this->show_form(_('No carrier selected.')); - return; - } - - $sms = common_canonical_sms($sms); - - if ($user->sms == $sms) { - $this->show_form(_('That is already your phone number.')); - return; - } else if ($this->sms_exists($sms)) { - $this->show_form(_('That phone number already belongs to another user.')); - return; - } - - $confirm = new Confirm_address(); - $confirm->address = $sms; - $confirm->address_extra = $carrier_id; - $confirm->address_type = 'sms'; - $confirm->user_id = $user->id; - $confirm->code = common_confirmation_code(40); - - $result = $confirm->insert(); - - if ($result === false) { - common_log_db_error($confirm, 'INSERT', __FILE__); - common_server_error(_('Couldn\'t insert confirmation code.')); - return; - } - - $carrier = Sms_carrier::staticGet($carrier_id); - - mail_confirm_sms($confirm->code, - $user->nickname, - $carrier->toEmailAddress($sms)); - - $msg = _('A confirmation code was sent to the phone number you added. Check your inbox (and spam box!) for the code and instructions on how to use it.'); - - $this->show_form($msg, true); - } - - function cancel_confirmation() - { - - $sms = $this->trimmed('sms'); - $carrier = $this->trimmed('carrier'); - - $confirm = $this->get_confirmation(); - - if (!$confirm) { - $this->show_form(_('No pending confirmation to cancel.')); - return; - } - if ($confirm->address != $sms) { - $this->show_form(_('That is the wrong confirmation number.')); - return; - } - - $result = $confirm->delete(); - - if (!$result) { - common_log_db_error($confirm, 'DELETE', __FILE__); - $this->server_error(_('Couldn\'t delete email confirmation.')); - return; - } - - $this->show_form(_('Confirmation cancelled.'), true); - } - - function remove_address() - { - - $user = common_current_user(); - $sms = $this->arg('sms'); - $carrier = $this->arg('carrier'); - - # Maybe an old tab open...? - - if ($user->sms != $sms) { - $this->show_form(_('That is not your phone number.')); - return; - } - - $user->query('BEGIN'); - $original = clone($user); - $user->sms = null; - $user->carrier = null; - $user->smsemail = null; - $result = $user->updateKeys($original); - if (!$result) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - $user->query('COMMIT'); - - $this->show_form(_('The address was removed.'), true); - } - - function sms_exists($sms) - { - $user = common_current_user(); - $other = User::staticGet('sms', $sms); - if (!$other) { - return false; - } else { - return $other->id != $user->id; - } - } - - function carrier_select() - { - $carrier = new Sms_carrier(); - $cnt = $carrier->find(); - - common_element_start('p'); - common_element('label', array('for' => 'carrier')); - common_element_start('select', array('name' => 'carrier', - 'id' => 'carrier')); - common_element('option', array('value' => 0), - _('Select a carrier')); - while ($carrier->fetch()) { - common_element('option', array('value' => $carrier->id), - $carrier->name); - } - common_element_end('select'); - common_element_end('p'); - common_element('span', 'input_instructions', - sprintf(_('Mobile carrier for your phone. '. - 'If you know a carrier that accepts ' . - 'SMS over email but isn\'t listed here, ' . - 'send email to let us know at %s.'), - common_config('site', 'email'))); - } - - function confirm_code() - { - - $code = $this->trimmed('code'); - - if (!$code) { - $this->show_form(_('No code entered')); - return; - } - - common_redirect(common_local_url('confirmaddress', - array('code' => $code))); - } -} diff --git a/_darcs/pristine/actions/subedit.php b/_darcs/pristine/actions/subedit.php deleted file mode 100644 index 1142b7a03..000000000 --- a/_darcs/pristine/actions/subedit.php +++ /dev/null @@ -1,92 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class SubeditAction extends Action -{ - - var $profile = null; - - function prepare($args) - { - - parent::prepare($args); - - if (!common_logged_in()) { - $this->client_error(_('Not logged in.')); - return false; - } - - $token = $this->trimmed('token'); - - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } - - $id = $this->trimmed('profile'); - - if (!$id) { - $this->client_error(_('No profile specified.')); - return false; - } - - $this->profile = Profile::staticGet('id', $id); - - if (!$this->profile) { - $this->client_error(_('No profile with that ID.')); - return false; - } - - return true; - } - - function handle($args) - { - parent::handle($args); - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $cur = common_current_user(); - - $sub = Subscription::pkeyGet(array('subscriber' => $cur->id, - 'subscribed' => $this->profile->id)); - - if (!$sub) { - $this->client_error(_('You are not subscribed to that profile.')); - return false; - } - - $orig = clone($sub); - - $sub->jabber = $this->boolean('jabber'); - $sub->sms = $this->boolean('sms'); - - $result = $sub->update($orig); - - if (!$result) { - common_log_db_error($sub, 'UPDATE', __FILE__); - $this->server_error(_('Could not save subscription.')); - return false; - } - - common_redirect(common_local_url('subscriptions', - array('nickname' => $cur->nickname))); - } - } -} diff --git a/_darcs/pristine/actions/subscribe.php b/_darcs/pristine/actions/subscribe.php deleted file mode 100644 index f33d1d207..000000000 --- a/_darcs/pristine/actions/subscribe.php +++ /dev/null @@ -1,80 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class SubscribeAction extends Action -{ - - function handle($args) - { - parent::handle($args); - - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - return; - } - - $user = common_current_user(); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname))); - return; - } - - # CSRF protection - - $token = $this->trimmed('token'); - - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } - - $other_id = $this->arg('subscribeto'); - - $other = User::staticGet('id', $other_id); - - if (!$other) { - $this->client_error(_('Not a local user.')); - return; - } - - $result = subs_subscribe_to($user, $other); - - if($result != true) { - common_user_error($result); - return; - } - - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Subscribed')); - common_element_end('head'); - common_element_start('body'); - common_unsubscribe_form($other->getProfile()); - common_element_end('body'); - common_element_end('html'); - } else { - common_redirect(common_local_url('subscriptions', array('nickname' => - $user->nickname))); - } - } -} diff --git a/_darcs/pristine/actions/subscribers.php b/_darcs/pristine/actions/subscribers.php deleted file mode 100644 index 31d0468d9..000000000 --- a/_darcs/pristine/actions/subscribers.php +++ /dev/null @@ -1,70 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/gallery.php'); - -class SubscribersAction extends GalleryAction -{ - - function gallery_type() - { - return _('Subscribers'); - } - - function get_instructions(&$profile) - { - $user =& common_current_user(); - if ($user && ($user->id == $profile->id)) { - return _('These are the people who listen to your notices.'); - } else { - return sprintf(_('These are the people who listen to %s\'s notices.'), $profile->nickname); - } - } - - function fields() - { - return array('subscriber', 'subscribed'); - } - - function div_class() - { - return 'subscribers'; - } - - function get_other(&$subs) - { - return $subs->subscriber; - } - - function profile_list_class() - { - return 'SubscribersList'; - } -} - -class SubscribersList extends ProfileList -{ - function show_owner_controls($profile) - { - common_block_form($profile, array('action' => 'subscribers', - 'nickname' => $this->owner->nickname)); - } -} diff --git a/_darcs/pristine/actions/subscriptions.php b/_darcs/pristine/actions/subscriptions.php deleted file mode 100644 index afe8fb260..000000000 --- a/_darcs/pristine/actions/subscriptions.php +++ /dev/null @@ -1,87 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/gallery.php'); - -class SubscriptionsAction extends GalleryAction -{ - - function gallery_type() - { - return _('Subscriptions'); - } - - function get_instructions(&$profile) - { - $user =& common_current_user(); - if ($user && ($user->id == $profile->id)) { - return _('These are the people whose notices you listen to.'); - } else { - return sprintf(_('These are the people whose notices %s listens to.'), $profile->nickname); - } - } - - function fields() - { - return array('subscribed', 'subscriber'); - } - - function div_class() - { - return 'subscriptions'; - } - - function get_other(&$subs) - { - return $subs->subscribed; - } - - function profile_list_class() - { - return 'SubscriptionsList'; - } -} - -class SubscriptionsList extends ProfileList -{ - - function show_owner_controls($profile) - { - - $sub = Subscription::pkeyGet(array('subscriber' => $this->owner->id, - 'subscribed' => $profile->id)); - if (!$sub) { - return; - } - - common_element_start('form', array('id' => 'subedit-' . $profile->id, - 'method' => 'post', - 'class' => 'subedit', - 'action' => common_local_url('subedit'))); - common_hidden('token', common_session_token()); - common_hidden('profile', $profile->id); - common_checkbox('jabber', _('Jabber'), $sub->jabber); - common_checkbox('sms', _('SMS'), $sub->sms); - common_submit('save', _('Save')); - common_element_end('form'); - return; - } -} diff --git a/_darcs/pristine/actions/sup.php b/_darcs/pristine/actions/sup.php deleted file mode 100644 index 6a1897585..000000000 --- a/_darcs/pristine/actions/sup.php +++ /dev/null @@ -1,86 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class SupAction extends Action -{ - - function handle($args) - { - - parent::handle($args); - - $seconds = $this->trimmed('seconds'); - - if (!$seconds) { - $seconds = 15; - } - - $updates = $this->get_updates($seconds); - - header('Content-Type: application/json; charset=utf-8'); - - print json_encode(array('updated_time' => date('c'), - 'since_time' => date('c', time() - $seconds), - 'available_periods' => $this->available_periods(), - 'period' => $seconds, - 'updates' => $updates)); - } - - function available_periods() - { - static $periods = array(86400, 43200, 21600, 7200, - 3600, 1800, 600, 300, 120, - 60, 30, 15); - $available = array(); - foreach ($periods as $period) { - $available[$period] = common_local_url('sup', - array('seconds' => $period)); - } - - return $available; - } - - function get_updates($seconds) - { - $notice = new Notice(); - - # XXX: cache this. Depends on how big this protocol becomes; - # Re-doing this query every 15 seconds isn't the end of the world. - - $notice->query('SELECT profile_id, max(id) AS max_id ' . - 'FROM notice ' . - 'WHERE created > (now() - ' . $seconds . ') ' . - 'GROUP BY profile_id'); - - $updates = array(); - - while ($notice->fetch()) { - $updates[] = array($notice->profile_id, $notice->max_id); - } - - return $updates; - } - - function is_readonly() - { - return true; - } -} diff --git a/_darcs/pristine/actions/tag.php b/_darcs/pristine/actions/tag.php deleted file mode 100644 index 8a3f90c16..000000000 --- a/_darcs/pristine/actions/tag.php +++ /dev/null @@ -1,172 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/actions/showstream.php'); -define('TAGS_PER_PAGE', 100); - -class TagAction extends StreamAction -{ - - function handle($args) - { - - parent::handle($args); - - # Looks like we're good; show the header - - if (isset($args['tag']) && $args['tag']) { - $tag = $args['tag']; - common_show_header(sprintf(_("Notices tagged with %s"), $tag), - array($this, 'show_header'), $tag, - array($this, 'show_top')); - $this->show_notices($tag); - } else { - common_show_header(_("Tags"), - array($this, 'show_header'), '', - array($this, 'show_top')); - $this->show_tags(); - } - - common_show_footer(); - } - - function show_header($tag = false) - { - if ($tag) { - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('tagrss', array('tag' => $tag)), - 'type' => 'application/rss+xml', - 'title' => sprintf(_('Feed for tag %s'), $tag))); - } - } - - function get_instructions() - { - return _('Showing most popular tags from the last week'); - } - - function show_top($tag = false) - { - if (!$tag) { - $instr = $this->get_instructions(); - $output = common_markup_to_html($instr); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - $this->public_views_menu(); - } - else { - $this->show_feeds_list(array(0=>array('href'=>common_local_url('tagrss'), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'tagrss'))); - } - } - - function show_tags() - { - # This should probably be cached rather than recalculated - $tags = DB_DataObject::factory('Notice_tag'); - - #Need to clear the selection and then only re-add the field - #we are grouping by, otherwise it's not a valid 'group by' - #even though MySQL seems to let it slide... - $tags->selectAdd(); - $tags->selectAdd('tag'); - - #Add the aggregated columns... - $tags->selectAdd('max(notice_id) as last_notice_id'); - if(common_config('db','type')=='pgsql') { - $calc='sum(exp(-extract(epoch from (now()-created))/%s)) as weight'; - } else { - $calc='sum(exp(-(now() - created)/%s)) as weight'; - } - $tags->selectAdd(sprintf($calc, common_config('tag', 'dropoff'))); - $tags->groupBy('tag'); - $tags->orderBy('weight DESC'); - - # $tags->whereAdd('created > "' . strftime('%Y-%m-%d %H:%M:%S', strtotime('-1 MONTH')) . '"'); - - $tags->limit(TAGS_PER_PAGE); - - $cnt = $tags->find(); - - if ($cnt > 0) { - common_element_start('p', 'tagcloud'); - - $tw = array(); - $sum = 0; - while ($tags->fetch()) { - $tw[$tags->tag] = $tags->weight; - $sum += $tags->weight; - } - - ksort($tw); - - foreach ($tw as $tag => $weight) { - $this->show_tag($tag, $weight, $weight/$sum); - } - - common_element_end('p'); - } - } - - function show_tag($tag, $weight, $relative) - { - - # XXX: these should probably tune to the size of the site - if ($relative > 0.1) { - $cls = 'largest'; - } else if ($relative > 0.05) { - $cls = 'verylarge'; - } else if ($relative > 0.02) { - $cls = 'large'; - } else if ($relative > 0.01) { - $cls = 'medium'; - } else if ($relative > 0.005) { - $cls = 'small'; - } else if ($relative > 0.002) { - $cls = 'verysmall'; - } else { - $cls = 'smallest'; - } - - common_element('a', array('class' => "$cls weight-$weight relative-$relative", - 'href' => common_local_url('tag', array('tag' => $tag))), - $tag); - common_text(' '); - } - - function show_notices($tag) - { - - $cnt = 0; - - $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - - $notice = Notice_tag::getStream($tag, (($page-1)*NOTICES_PER_PAGE), NOTICES_PER_PAGE + 1); - - $cnt = $this->show_notice_list($notice); - - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'tag', array('tag' => $tag)); - } -} diff --git a/_darcs/pristine/actions/tagother.php b/_darcs/pristine/actions/tagother.php deleted file mode 100644 index ff6788cc6..000000000 --- a/_darcs/pristine/actions/tagother.php +++ /dev/null @@ -1,198 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); - -class TagotherAction extends Action -{ - - function handle($args) - { - - parent::handle($args); - - if (!common_logged_in()) { - $this->client_error(_('Not logged in'), 403); - return; - } - - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->save_tags(); - } else { - $id = $this->trimmed('id'); - if (!$id) { - $this->client_error(_('No id argument.')); - return; - } - $profile = Profile::staticGet('id', $id); - if (!$profile) { - $this->client_error(_('No profile with that ID.')); - return; - } - $this->show_form($profile); - } - } - - function show_form($profile, $error=null) - { - - $user = common_current_user(); - - common_show_header(_('Tag a person'), - null, array($profile, $error), array($this, 'show_top')); - - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - - common_element('img', array('src' => ($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_PROFILE_SIZE), - 'class' => 'avatar stream', - 'width' => AVATAR_PROFILE_SIZE, - 'height' => AVATAR_PROFILE_SIZE, - 'alt' => - ($profile->fullname) ? $profile->fullname : - $profile->nickname)); - - common_element('a', array('href' => $profile->profileurl, - 'class' => 'external profile nickname'), - $profile->nickname); - - if ($profile->fullname) { - common_element_start('div', 'fullname'); - if ($profile->homepage) { - common_element('a', array('href' => $profile->homepage), - $profile->fullname); - } else { - common_text($profile->fullname); - } - common_element_end('div'); - } - if ($profile->location) { - common_element('div', 'location', $profile->location); - } - if ($profile->bio) { - common_element('div', 'bio', $profile->bio); - } - - common_element_start('form', array('method' => 'post', - 'id' => 'tag_user', - 'name' => 'tagother', - 'action' => $this->self_url())); - common_hidden('token', common_session_token()); - common_hidden('id', $profile->id); - common_input('tags', _('Tags'), - ($this->arg('tags')) ? $this->arg('tags') : implode(' ', Profile_tag::getTags($user->id, $profile->id)), - _('Tags for this user (letters, numbers, -, ., and _), comma- or space- separated')); - - common_submit('save', _('Save')); - common_element_end('form'); - common_show_footer(); - - } - - function save_tags() - { - - $id = $this->trimmed('id'); - $tagstring = $this->trimmed('tags'); - $token = $this->trimmed('token'); - - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - $profile = Profile::staticGet('id', $id); - - if (!$profile) { - $this->client_error(_('No such profile.')); - return; - } - - if (is_string($tagstring) && strlen($tagstring) > 0) { - - $tags = array_map('common_canonical_tag', - preg_split('/[\s,]+/', $tagstring)); - - foreach ($tags as $tag) { - if (!common_valid_profile_tag($tag)) { - $this->show_form($profile, sprintf(_('Invalid tag: "%s"'), $tag)); - return; - } - } - } else { - $tags = array(); - } - - $user = common_current_user(); - - if (!Subscription::pkeyGet(array('subscriber' => $user->id, - 'subscribed' => $profile->id)) && - !Subscription::pkeyGet(array('subscriber' => $profile->id, - 'subscribed' => $user->id))) - { - $this->client_error(_('You can only tag people you are subscribed to or who are subscribed to you.')); - return; - } - - $result = Profile_tag::setTags($user->id, $profile->id, $tags); - - if (!$result) { - $this->client_error(_('Could not save tags.')); - return; - } - - $action = $user->isSubscribed($profile) ? 'subscriptions' : 'subscribers'; - - if ($this->boolean('ajax')) { - common_start_html('text/xml'); - common_element_start('head'); - common_element('title', null, _('Tags')); - common_element_end('head'); - common_element_start('body'); - common_element_start('p', 'subtags'); - foreach ($tags as $tag) { - common_element('a', array('href' => common_local_url($action, - array('nickname' => $user->nickname, - 'tag' => $tag))), - $tag); - } - common_element_end('p'); - common_element_end('body'); - common_element_end('html'); - } else { - common_redirect(common_local_url($action, array('nickname' => - $user->nickname))); - } - } - - function show_top($arr = null) - { - list($profile, $error) = $arr; - if ($error) { - common_element('p', 'error', $error); - } else { - common_element_start('div', 'instructions'); - common_element('p', null, - _('Use this form to add tags to your subscribers or subscriptions.')); - common_element_end('div'); - } - } -} - diff --git a/_darcs/pristine/actions/tagrss.php b/_darcs/pristine/actions/tagrss.php deleted file mode 100644 index 912d71413..000000000 --- a/_darcs/pristine/actions/tagrss.php +++ /dev/null @@ -1,69 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/rssaction.php'); - -// Formatting of RSS handled by Rss10Action - -class TagrssAction extends Rss10Action -{ - - function init() - { - $tag = $this->trimmed('tag'); - $this->tag = Notice_tag::staticGet('tag', $tag); - - if (!$this->tag) { - common_user_error(_('No such tag.')); - return false; - } else { - return true; - } - } - - function get_notices($limit=0) - { - $tag = $this->tag; - - if (is_null($tag)) { - return null; - } - - $notice = Notice_tag::getStream($tag->tag, 0, ($limit == 0) ? NOTICES_PER_PAGE : $limit); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - return $notices; - } - - function get_channel() - { - $tag = $this->tag->tag; - - $c = array('url' => common_local_url('tagrss', array('tag' => $tagname)), - 'title' => $tagname, - 'link' => common_local_url('tagrss', array('tag' => $tagname)), - 'description' => sprintf(_('Microblog tagged with %s'), $tagname)); - return $c; - } -} diff --git a/_darcs/pristine/actions/twitapiaccount.php b/_darcs/pristine/actions/twitapiaccount.php deleted file mode 100644 index 79e1ed990..000000000 --- a/_darcs/pristine/actions/twitapiaccount.php +++ /dev/null @@ -1,102 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class TwitapiaccountAction extends TwitterapiAction -{ - - function verify_credentials($args, $apidata) - { - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } - - $this->show_extended_profile($apidata['user'], $apidata); - } - - function end_session($args, $apidata) - { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } - - function update_location($args, $apidata) - { - parent::handle($args); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); - return; - } - - $location = trim($this->arg('location')); - - if (!is_null($location) && strlen($location) > 255) { - - // XXX: But Twitter just truncates and runs with it. -- Zach - $this->client_error(_('That\'s too long. Max notice size is 255 chars.'), 406, $apidate['content-type']); - return; - } - - $user = $apidata['user']; - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - $orig_profile = clone($profile); - $profile->location = $location; - - $result = $profile->update($orig_profile); - - if (!$result) { - common_log_db_error($profile, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t save profile.')); - return; - } - - common_broadcast_profile($profile); - $type = $apidata['content-type']; - - $this->init_document($type); - $this->show_profile($profile, $type); - $this->end_document($type); - } - - - function update_delivery_device($args, $apidata) - { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } - - function rate_limit_status($args, $apidata) - { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } -} \ No newline at end of file diff --git a/_darcs/pristine/actions/twitapiblocks.php b/_darcs/pristine/actions/twitapiblocks.php deleted file mode 100644 index 5d64f2f7d..000000000 --- a/_darcs/pristine/actions/twitapiblocks.php +++ /dev/null @@ -1,72 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class TwitapiblocksAction extends TwitterapiAction -{ - - function create($args, $apidata) - { - - parent::handle($args); - - $blockee = $this->get_user($apidata['api_arg'], $apidata); - - if (!$blockee) { - $this->client_error('Not Found', 404, $apidata['content-type']); - return; - } - - $user = $apidata['user']; - - if ($user->hasBlocked($blockee) || $user->block($blockee)) { - $type = $apidata['content-type']; - $this->init_document($type); - $this->show_profile($blockee, $type); - $this->end_document($type); - } else { - common_server_error(_('Block user failed.')); - } - } - - function destroy($args, $apidata) - { - parent::handle($args); - $blockee = $this->get_user($apidata['api_arg'], $apidata); - - if (!$blockee) { - $this->client_error('Not Found', 404, $apidata['content-type']); - return; - } - - $user = $apidata['user']; - - if (!$user->hasBlocked($blockee) || $user->unblock($blockee)) { - $type = $apidata['content-type']; - $this->init_document($type); - $this->show_profile($blockee, $type); - $this->end_document($type); - } else { - common_server_error(_('Unblock user failed.')); - } - } -} \ No newline at end of file diff --git a/_darcs/pristine/actions/twitapidirect_messages.php b/_darcs/pristine/actions/twitapidirect_messages.php deleted file mode 100644 index e0731f66f..000000000 --- a/_darcs/pristine/actions/twitapidirect_messages.php +++ /dev/null @@ -1,298 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class Twitapidirect_messagesAction extends TwitterapiAction -{ - - function direct_messages($args, $apidata) - { - parent::handle($args); - return $this->show_messages($args, $apidata, 'received'); - } - - function sent($args, $apidata) - { - parent::handle($args); - return $this->show_messages($args, $apidata, 'sent'); - } - - function show_messages($args, $apidata, $type) - { - - $user = $apidata['user']; - - $count = $this->arg('count'); - $since = $this->arg('since'); - $since_id = $this->arg('since_id'); - $before_id = $this->arg('before_id'); - - $page = $this->arg('page'); - - if (!$page) { - $page = 1; - } - - if (!$count) { - $count = 20; - } - - $message = new Message(); - - $title = null; - $subtitle = null; - $link = null; - $server = common_root_url(); - - if ($type == 'received') { - $message->to_profile = $user->id; - $title = sprintf(_("Direct messages to %s"), $user->nickname); - $subtitle = sprintf(_("All the direct messages sent to %s"), $user->nickname); - $link = $server . $user->nickname . '/inbox'; - } else { - $message->from_profile = $user->id; - $title = _('Direct Messages You\'ve Sent'); - $subtitle = sprintf(_("All the direct messages sent from %s"), $user->nickname); - $link = $server . $user->nickname . '/outbox'; - } - - if ($before_id) { - $message->whereAdd("id < $before_id"); - } - - if ($since_id) { - $message->whereAdd("id > $since_id"); - } - - $since = strtotime($this->arg('since')); - - if ($since) { - $d = date('Y-m-d H:i:s', $since); - $message->whereAdd("created > '$d'"); - } - - $message->orderBy('created DESC, id DESC'); - $message->limit((($page-1)*20), $count); - $message->find(); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_dmsgs($message); - break; - case 'rss': - $this->show_rss_dmsgs($message, $title, $link, $subtitle); - break; - case 'atom': - $this->show_atom_dmsgs($message, $title, $link, $subtitle); - break; - case 'json': - $this->show_json_dmsgs($message); - break; - default: - common_user_error(_('API method not found!'), $code = 404); - } - - } - - // had to change this from "new" to "create" to avoid PHP reserved word - function create($args, $apidata) - { - parent::handle($args); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); - return; - } - - $user = $apidata['user']; - $source = $this->trimmed('source'); // Not supported by Twitter. - - $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); - if (!$source || in_array($source, $reserved_sources)) { - $source = 'api'; - } - - $content = $this->trimmed('text'); - - if (!$content) { - $this->client_error(_('No message text!'), $code = 406, $apidata['content-type']); - } else { - $content_shortened = common_shorten_links($content); - if (mb_strlen($content_shortened) > 140) { - $this->client_error(_('That\'s too long. Max message size is 140 chars.'), - $code = 406, $apidata['content-type']); - return; - } - } - - $other = $this->get_user($this->trimmed('user')); - - if (!$other) { - $this->client_error(_('Recipient user not found.'), $code = 403, $apidata['content-type']); - return; - } else if (!$user->mutuallySubscribed($other)) { - $this->client_error(_('Can\'t send direct messages to users who aren\'t your friend.'), - $code = 403, $apidata['content-type']); - return; - } else if ($user->id == $other->id) { - // Sending msgs to yourself is allowed by Twitter - $this->client_error(_('Don\'t send a message to yourself; just say it to yourself quietly instead.'), - $code = 403, $apidata['content-type']); - return; - } - - $message = Message::saveNew($user->id, $other->id, - html_entity_decode($content, ENT_NOQUOTES, 'UTF-8'), $source); - - if (is_string($message)) { - $this->server_error($message); - return; - } - - $this->notify($user, $other, $message); - - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_dmsg($message); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_dmsg($message); - } - - } - - function destroy($args, $apidata) - { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } - - function show_xml_dmsgs($message) - { - - $this->init_document('xml'); - common_element_start('direct-messages', array('type' => 'array')); - - if (is_array($messages)) { - foreach ($message as $m) { - $twitter_dm = $this->twitter_dmsg_array($m); - $this->show_twitter_xml_dmsg($twitter_dm); - } - } else { - while ($message->fetch()) { - $twitter_dm = $this->twitter_dmsg_array($message); - $this->show_twitter_xml_dmsg($twitter_dm); - } - } - - common_element_end('direct-messages'); - $this->end_document('xml'); - - } - - function show_json_dmsgs($message) - { - - $this->init_document('json'); - - $dmsgs = array(); - - if (is_array($message)) { - foreach ($message as $m) { - $twitter_dm = $this->twitter_dmsg_array($m); - array_push($dmsgs, $twitter_dm); - } - } else { - while ($message->fetch()) { - $twitter_dm = $this->twitter_dmsg_array($message); - array_push($dmsgs, $twitter_dm); - } - } - - $this->show_json_objects($dmsgs); - $this->end_document('json'); - - } - - function show_rss_dmsgs($message, $title, $link, $subtitle) - { - - $this->init_document('rss'); - - common_element_start('channel'); - common_element('title', null, $title); - - common_element('link', null, $link); - common_element('description', null, $subtitle); - common_element('language', null, 'en-us'); - common_element('ttl', null, '40'); - - if (is_array($message)) { - foreach ($message as $m) { - $entry = $this->twitter_rss_dmsg_array($m); - $this->show_twitter_rss_item($entry); - } - } else { - while ($message->fetch()) { - $entry = $this->twitter_rss_dmsg_array($message); - $this->show_twitter_rss_item($entry); - } - } - - common_element_end('channel'); - $this->end_twitter_rss(); - - } - - function show_atom_dmsgs($message, $title, $link, $subtitle) - { - - $this->init_document('atom'); - - common_element('title', null, $title); - $siteserver = common_config('site', 'server'); - common_element('id', null, "tag:$siteserver,2008:DirectMessage"); - common_element('link', array('href' => $link, 'rel' => 'alternate', 'type' => 'text/html'), null); - common_element('updated', null, common_date_iso8601(strftime('%c'))); - common_element('subtitle', null, $subtitle); - - if (is_array($message)) { - foreach ($message as $m) { - $entry = $this->twitter_rss_dmsg_array($m); - $this->show_twitter_atom_entry($entry); - } - } else { - while ($message->fetch()) { - $entry = $this->twitter_rss_dmsg_array($message); - $this->show_twitter_atom_entry($entry); - } - } - - $this->end_document('atom'); - } - - // swiped from MessageAction. Should it be place in util.php? - function notify($from, $to, $message) - { - mail_notify_message($message, $from, $to); - # XXX: Jabber, SMS notifications... probably queued - } - -} diff --git a/_darcs/pristine/actions/twitapifavorites.php b/_darcs/pristine/actions/twitapifavorites.php deleted file mode 100644 index 55e04732f..000000000 --- a/_darcs/pristine/actions/twitapifavorites.php +++ /dev/null @@ -1,181 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class TwitapifavoritesAction extends TwitterapiAction -{ - - function favorites($args, $apidata) - { - parent::handle($args); - - $this->auth_user = $apidata['user']; - $user = $this->get_user($apidata['api_arg'], $apidata); - - if (!$user) { - $this->client_error('Not Found', 404, $apidata['content-type']); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - $page = $this->arg('page'); - - if (!$page) { - $page = 1; - } - - if (!$count) { - $count = 20; - } - - $notice = $user->favoriteNotices((($page-1)*20), $count); - - if (!$notice) { - common_server_error(_('Could not retrieve favorite notices.')); - return; - } - - $sitename = common_config('site', 'name'); - $siteserver = common_config('site', 'server'); - - $title = sprintf(_('%s / Favorites from %s'), $sitename, $user->nickname); - $id = "tag:$siteserver:favorites:".$user->id; - $link = common_local_url('favorites', array('nickname' => $user->nickname)); - $subtitle = sprintf(_('%s updates favorited by %s / %s.'), $sitename, $profile->getBestName(), $user->nickname); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); - break; - case 'atom': - $this->show_atom_timeline($notice, $title, $id, $link, $subtitle); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - common_user_error(_('API method not found!'), $code = 404); - } - - } - - function create($args, $apidata) - { - parent::handle($args); - - // Check for RESTfulness - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - // XXX: Twitter just prints the err msg, no XML / JSON. - $this->client_error(_('This method requires a POST or DELETE.'), 400, $apidata['content-type']); - return; - } - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } - - $this->auth_user = $apidata['user']; - $user = $this->auth_user; - $notice_id = $apidata['api_arg']; - $notice = Notice::staticGet($notice_id); - - if (!$notice) { - $this->client_error(_('No status found with that ID.'), 404, $apidata['content-type']); - return; - } - - // XXX: Twitter lets you fave things repeatedly via api. - if ($user->hasFave($notice)) { - $this->client_error(_('This notice is already a favorite!'), 403, $apidata['content-type']); - return; - } - - $fave = Fave::addNew($user, $notice); - - if (!$fave) { - common_server_error(_('Could not create favorite.')); - return; - } - - $this->notify($fave, $notice, $user); - $user->blowFavesCache(); - - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_status($notice); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_status($notice); - } - - } - - function destroy($args, $apidata) - { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } - - // XXX: these two funcs swiped from faves. Maybe put in util.php, or some common base class? - - function notify($fave, $notice, $user) - { - $other = User::staticGet('id', $notice->profile_id); - if ($other && $other->id != $user->id) { - if ($other->email && $other->emailnotifyfav) { - $this->notify_mail($other, $user, $notice); - } - # XXX: notify by IM - # XXX: notify by SMS - } - } - - function notify_mail($other, $user, $notice) - { - $profile = $user->getProfile(); - $bestname = $profile->getBestName(); - $subject = sprintf(_('%s added your notice as a favorite'), $bestname); - $body = sprintf(_("%1\$s just added your notice from %2\$s as one of their favorites.\n\n" . - "In case you forgot, you can see the text of your notice here:\n\n" . - "%3\$s\n\n" . - "You can see the list of %1\$s's favorites here:\n\n" . - "%4\$s\n\n" . - "Faithfully yours,\n" . - "%5\$s\n"), - $bestname, - common_exact_date($notice->created), - common_local_url('shownotice', array('notice' => $notice->id)), - common_local_url('showfavorites', array('nickname' => $user->nickname)), - common_config('site', 'name')); - - mail_to_user($other, $subject, $body); - } - -} \ No newline at end of file diff --git a/_darcs/pristine/actions/twitapifriendships.php b/_darcs/pristine/actions/twitapifriendships.php deleted file mode 100644 index ba4afe441..000000000 --- a/_darcs/pristine/actions/twitapifriendships.php +++ /dev/null @@ -1,159 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class TwitapifriendshipsAction extends TwitterapiAction -{ - - function create($args, $apidata) - { - parent::handle($args); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); - return; - } - - $id = $apidata['api_arg']; - - $other = $this->get_user($id); - - if (!$other) { - $this->client_error(_('Could not follow user: User not found.'), 403, $apidata['content-type']); - return; - } - - $user = $apidata['user']; - - if ($user->isSubscribed($other)) { - $errmsg = sprintf(_('Could not follow user: %s is already on your list.'), $other->nickname); - $this->client_error($errmsg, 403, $apidata['content-type']); - return; - } - - $sub = new Subscription(); - - $sub->query('BEGIN'); - - $sub->subscriber = $user->id; - $sub->subscribed = $other->id; - $sub->created = DB_DataObject_Cast::dateTime(); # current time - - $result = $sub->insert(); - - if (!$result) { - $errmsg = sprintf(_('Could not follow user: %s is already on your list.'), $other->nickname); - $this->client_error($errmsg, 400, $apidata['content-type']); - return; - } - - $sub->query('COMMIT'); - - mail_subscribe_notify($other, $user); - - $type = $apidata['content-type']; - $this->init_document($type); - $this->show_profile($other, $type); - $this->end_document($type); - - } - - function destroy($args, $apidata) - { - parent::handle($args); - - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - $this->client_error(_('This method requires a POST or DELETE.'), 400, $apidata['content-type']); - return; - } - - $id = $apidata['api_arg']; - - # We can't subscribe to a remote person, but we can unsub - - $other = $this->get_profile($id); - $user = $apidata['user']; - - $sub = new Subscription(); - $sub->subscriber = $user->id; - $sub->subscribed = $other->id; - - if ($sub->find(true)) { - $sub->query('BEGIN'); - $sub->delete(); - $sub->query('COMMIT'); - } else { - $this->client_error(_('You are not friends with the specified user.'), 403, $apidata['content-type']); - return; - } - - $type = $apidata['content-type']; - $this->init_document($type); - $this->show_profile($other, $type); - $this->end_document($type); - - } - - function exists($args, $apidata) - { - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } - - $user_a_id = $this->trimmed('user_a'); - $user_b_id = $this->trimmed('user_b'); - - $user_a = $this->get_user($user_a_id); - $user_b = $this->get_user($user_b_id); - - if (!$user_a || !$user_b) { - $this->client_error(_('Two user ids or screen_names must be supplied.'), 400, $apidata['content-type']); - return; - } - - if ($user_a->isSubscribed($user_b)) { - $result = 'true'; - } else { - $result = 'false'; - } - - switch ($apidata['content-type']) { - case 'xml': - $this->init_document('xml'); - common_element('friends', null, $result); - $this->end_document('xml'); - break; - case 'json': - $this->init_document('json'); - print json_encode($result); - $this->end_document('json'); - break; - default: - break; - } - - } - -} \ No newline at end of file diff --git a/_darcs/pristine/actions/twitapihelp.php b/_darcs/pristine/actions/twitapihelp.php deleted file mode 100644 index 1b84cb11b..000000000 --- a/_darcs/pristine/actions/twitapihelp.php +++ /dev/null @@ -1,55 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class TwitapihelpAction extends TwitterapiAction -{ - - /* Returns the string "ok" in the requested format with a 200 OK HTTP status code. - * URL:http://identi.ca/api/help/test.format - * Formats: xml, json - */ - function test($args, $apidata) - { - parent::handle($args); - - if ($apidata['content-type'] == 'xml') { - $this->init_document('xml'); - common_element('ok', null, 'true'); - $this->end_document('xml'); - } elseif ($apidata['content-type'] == 'json') { - $this->init_document('json'); - print '"ok"'; - $this->end_document('json'); - } else { - common_user_error(_('API method not found!'), $code=404); - } - - } - - function downtime_schedule($args, $apidata) - { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } - -} \ No newline at end of file diff --git a/_darcs/pristine/actions/twitapilaconica.php b/_darcs/pristine/actions/twitapilaconica.php deleted file mode 100644 index 722423fae..000000000 --- a/_darcs/pristine/actions/twitapilaconica.php +++ /dev/null @@ -1,174 +0,0 @@ -. - * - * @category Twitter - * @package Laconica - * @author Evan Prodromou - * @copyright 2008 Control Yourself, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - */ - -if (!defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/twitterapi.php'; - -/** - * Laconica-specific API methods - * - * This class handles all /laconica/ API methods. - * - * @category Twitter - * @package Laconica - * @author Evan Prodromou - * @copyright 2008 Control Yourself, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - */ - -class TwitapilaconicaAction extends TwitterapiAction -{ - /** - * A version stamp for the API - * - * Returns a version number for this version of Laconica, which - * should make things a bit easier for upgrades. - * URL: http://identi.ca/api/laconica/version.(xml|json) - * Formats: xml, json - * - * @param array $args Web arguments - * @param array $apidata Twitter API data - * - * @return void - * - * @see ApiAction::process_command() - */ - - function version($args, $apidata) - { - parent::handle($args); - switch ($apidata['content-type']) { - case 'xml': - $this->init_document('xml'); - common_element('version', null, LACONICA_VERSION); - $this->end_document('xml'); - break; - case 'json': - $this->init_document('json'); - print '"'.LACONICA_VERSION.'"'; - $this->end_document('json'); - break; - default: - $this->client_error(_('API method not found!'), $code=404); - } - } - - /** - * Dump of configuration variables - * - * Gives a full dump of configuration variables for this instance - * of Laconica, minus variables that may be security-sensitive (like - * passwords). - * URL: http://identi.ca/api/laconica/config.(xml|json) - * Formats: xml, json - * - * @param array $args Web arguments - * @param array $apidata Twitter API data - * - * @return void - * - * @see ApiAction::process_command() - */ - - function config($args, $apidata) - { - static $keys = array('site' => array('name', 'server', 'theme', 'path', 'fancy', 'language', - 'email', 'broughtby', 'broughtbyurl', 'closed', - 'inviteonly', 'private'), - 'license' => array('url', 'title', 'image'), - 'nickname' => array('featured'), - 'throttle' => array('enabled', 'count', 'timespan'), - 'xmpp' => array('enabled', 'server', 'user')); - - parent::handle($args); - - switch ($apidata['content-type']) { - case 'xml': - $this->init_document('xml'); - common_element_start('config'); - // XXX: check that all sections and settings are legal XML elements - foreach ($keys as $section => $settings) { - common_element_start($section); - foreach ($settings as $setting) { - $value = common_config($section, $setting); - if (is_array($value)) { - $value = implode(',', $value); - } else if ($value === false) { - $value = 'false'; - } else if ($value === true) { - $value = 'true'; - } - common_element($setting, null, $value); - } - common_element_end($section); - } - common_element_end('config'); - $this->end_document('xml'); - break; - case 'json': - $result = array(); - foreach ($keys as $section => $settings) { - $result[$section] = array(); - foreach ($settings as $setting) { - $result[$section][$setting] = common_config($section, $setting); - } - } - $this->init_document('json'); - $this->show_json_objects($result); - $this->end_document('json'); - break; - default: - $this->client_error(_('API method not found!'), $code=404); - } - } - - /** - * WADL description of the API - * - * Gives a WADL description of the API provided by this version of the - * software. - * - * @param array $args Web arguments - * @param array $apidata Twitter API data - * - * @return void - * - * @see ApiAction::process_command() - */ - - function wadl($args, $apidata) - { - parent::handle($args); - common_server_error(_('API method under construction.'), 501); - } -} diff --git a/_darcs/pristine/actions/twitapinotifications.php b/_darcs/pristine/actions/twitapinotifications.php deleted file mode 100644 index a19d652c3..000000000 --- a/_darcs/pristine/actions/twitapinotifications.php +++ /dev/null @@ -1,40 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -# This naming convention looks real sick -class TwitapinotificationsAction extends TwitterapiAction -{ - - function follow($args, $apidata) - { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } - - function leave($args, $apidata) - { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } - -} \ No newline at end of file diff --git a/_darcs/pristine/actions/twitapistatuses.php b/_darcs/pristine/actions/twitapistatuses.php deleted file mode 100644 index e629d5cc4..000000000 --- a/_darcs/pristine/actions/twitapistatuses.php +++ /dev/null @@ -1,577 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class TwitapistatusesAction extends TwitterapiAction -{ - - function public_timeline($args, $apidata) - { - parent::handle($args); - - $sitename = common_config('site', 'name'); - $siteserver = common_config('site', 'server'); - $title = sprintf(_("%s public timeline"), $sitename); - $id = "tag:$siteserver:Statuses"; - $link = common_root_url(); - $subtitle = sprintf(_("%s updates from everyone!"), $sitename); - - // Number of public statuses to return by default -- Twitter sends 20 - $MAX_PUBSTATUSES = 20; - - // FIXME: To really live up to the spec we need to build a list - // of notices by users who have custom avatars, so fix this SQL -- Zach - - $page = $this->arg('page'); - $since_id = $this->arg('since_id'); - $before_id = $this->arg('before_id'); - - // NOTE: page, since_id, and before_id are extensions to Twitter API -- TB - if (!$page) { - $page = 1; - } - if (!$since_id) { - $since_id = 0; - } - if (!$before_id) { - $before_id = 0; - } - - $since = strtotime($this->arg('since')); - - $notice = Notice::publicStream((($page-1)*$MAX_PUBSTATUSES), $MAX_PUBSTATUSES, $since_id, $before_id, $since); - - if ($notice) { - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); - break; - case 'atom': - $this->show_atom_timeline($notice, $title, $id, $link, $subtitle); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - common_user_error(_('API method not found!'), $code = 404); - break; - } - - } else { - common_server_error(_('Couldn\'t find any statuses.'), $code = 503); - } - - } - - function friends_timeline($args, $apidata) - { - parent::handle($args); - - $since = $this->arg('since'); - $since_id = $this->arg('since_id'); - $count = $this->arg('count'); - $page = $this->arg('page'); - $before_id = $this->arg('before_id'); - - if (!$page) { - $page = 1; - } - - if (!$count) { - $count = 20; - } - - if (!$since_id) { - $since_id = 0; - } - - // NOTE: before_id is an extension to Twitter API -- TB - if (!$before_id) { - $before_id = 0; - } - - $since = strtotime($this->arg('since')); - - $user = $this->get_user(null, $apidata); - $this->auth_user = $user; - - $profile = $user->getProfile(); - - $sitename = common_config('site', 'name'); - $siteserver = common_config('site', 'server'); - - $title = sprintf(_("%s and friends"), $user->nickname); - $id = "tag:$siteserver:friends:" . $user->id; - $link = common_local_url('all', array('nickname' => $user->nickname)); - $subtitle = sprintf(_('Updates from %1$s and friends on %2$s!'), $user->nickname, $sitename); - - $notice = $user->noticesWithFriends(($page-1)*20, $count, $since_id, $before_id, $since); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); - break; - case 'atom': - $this->show_atom_timeline($notice, $title, $id, $link, $subtitle); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - common_user_error(_('API method not found!'), $code = 404); - } - - } - - function user_timeline($args, $apidata) - { - parent::handle($args); - - $this->auth_user = $apidata['user']; - $user = $this->get_user($apidata['api_arg'], $apidata); - - if (!$user) { - $this->client_error('Not Found', 404, $apidata['content-type']); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - $count = $this->arg('count'); - $since = $this->arg('since'); - $since_id = $this->arg('since_id'); - $page = $this->arg('page'); - $before_id = $this->arg('before_id'); - - if (!$page) { - $page = 1; - } - - if (!$count) { - $count = 20; - } - - if (!$since_id) { - $since_id = 0; - } - - // NOTE: before_id is an extensions to Twitter API -- TB - if (!$before_id) { - $before_id = 0; - } - - $since = strtotime($this->arg('since')); - - $sitename = common_config('site', 'name'); - $siteserver = common_config('site', 'server'); - - $title = sprintf(_("%s timeline"), $user->nickname); - $id = "tag:$siteserver:user:".$user->id; - $link = common_local_url('showstream', array('nickname' => $user->nickname)); - $subtitle = sprintf(_('Updates from %1$s on %2$s!'), $user->nickname, $sitename); - - # FriendFeed's SUP protocol - # Also added RSS and Atom feeds - - $suplink = common_local_url('sup', null, $user->id); - header('X-SUP-ID: '.$suplink); - - # XXX: since - - $notice = $user->getNotices((($page-1)*20), $count, $since_id, $before_id, $since); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle, $suplink); - break; - case 'atom': - $this->show_atom_timeline($notice, $title, $id, $link, $subtitle, $suplink); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - common_user_error(_('API method not found!'), $code = 404); - } - - } - - function update($args, $apidata) - { - - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); - return; - } - - $this->auth_user = $apidata['user']; - $user = $this->auth_user; - $status = $this->trimmed('status'); - $source = $this->trimmed('source'); - $in_reply_to_status_id = intval($this->trimmed('in_reply_to_status_id')); - $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); - if (!$source || in_array($source, $reserved_sources)) { - $source = 'api'; - } - - if (!$status) { - - // XXX: Note: In this case, Twitter simply returns '200 OK' - // No error is given, but the status is not posted to the - // user's timeline. Seems bad. Shouldn't we throw an - // errror? -- Zach - return; - - } else { - - $status_shortened = common_shorten_links($status); - - if (mb_strlen($status_shortened) > 140) { - - // XXX: Twitter truncates anything over 140, flags the status - // as "truncated." Sending this error may screw up some clients - // that assume Twitter will truncate for them. Should we just - // truncate too? -- Zach - $this->client_error(_('That\'s too long. Max notice size is 140 chars.'), $code = 406, $apidata['content-type']); - return; - - } - } - - // Check for commands - $inter = new CommandInterpreter(); - $cmd = $inter->handle_command($user, $status_shortened); - - if ($cmd) { - - if ($this->supported($cmd)) { - $cmd->execute(new Channel()); - } - - // cmd not supported? Twitter just returns your latest status. - // And, it returns your last status whether the cmd was successful - // or not! - $n = $user->getCurrentNotice(); - $apidata['api_arg'] = $n->id; - } else { - - $reply_to = null; - - if ($in_reply_to_status_id) { - - // check whether notice actually exists - $reply = Notice::staticGet($in_reply_to_status_id); - - if ($reply) { - $reply_to = $in_reply_to_status_id; - } else { - $this->client_error(_('Not found'), $code = 404, $apidata['content-type']); - return; - } - } - - $notice = Notice::saveNew($user->id, html_entity_decode($status, ENT_NOQUOTES, 'UTF-8'), - $source, 1, $reply_to); - - if (is_string($notice)) { - $this->server_error($notice); - return; - } - - common_broadcast_notice($notice); - $apidata['api_arg'] = $notice->id; - } - - $this->show($args, $apidata); - } - - function replies($args, $apidata) - { - - parent::handle($args); - - $since = $this->arg('since'); - $count = $this->arg('count'); - $page = $this->arg('page'); - $since_id = $this->arg('since_id'); - $before_id = $this->arg('before_id'); - - $this->auth_user = $apidata['user']; - $user = $this->auth_user; - $profile = $user->getProfile(); - - $sitename = common_config('site', 'name'); - $siteserver = common_config('site', 'server'); - - $title = sprintf(_('%1$s / Updates replying to %2$s'), $sitename, $user->nickname); - $id = "tag:$siteserver:replies:".$user->id; - $link = common_local_url('replies', array('nickname' => $user->nickname)); - $subtitle = sprintf(_('%1$s updates that reply to updates from %2$s / %3$s.'), $sitename, $user->nickname, $profile->getBestName()); - - if (!$page) { - $page = 1; - } - - if (!$count) { - $count = 20; - } - - if (!$since_id) { - $since_id = 0; - } - - // NOTE: before_id is an extension to Twitter API -- TB - if (!$before_id) { - $before_id = 0; - } - - $since = strtotime($this->arg('since')); - - $notice = $user->getReplies((($page-1)*20), $count, $since_id, $before_id, $since); - $notices = array(); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notices); - break; - case 'rss': - $this->show_rss_timeline($notices, $title, $link, $subtitle); - break; - case 'atom': - $this->show_atom_timeline($notices, $title, $id, $link, $subtitle); - break; - case 'json': - $this->show_json_timeline($notices); - break; - default: - common_user_error(_('API method not found!'), $code = 404); - } - - } - - function show($args, $apidata) - { - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } - - $this->auth_user = $apidata['user']; - $notice_id = $apidata['api_arg']; - $notice = Notice::staticGet($notice_id); - - if ($notice) { - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_status($notice); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_status($notice); - } - } else { - // XXX: Twitter just sets a 404 header and doens't bother to return an err msg - $this->client_error(_('No status with that ID found.'), 404, $apidata['content-type']); - } - - } - - function destroy($args, $apidata) - { - - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } - - // Check for RESTfulness - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - // XXX: Twitter just prints the err msg, no XML / JSON. - $this->client_error(_('This method requires a POST or DELETE.'), 400, $apidata['content-type']); - return; - } - - $this->auth_user = $apidata['user']; - $user = $this->auth_user; - $notice_id = $apidata['api_arg']; - $notice = Notice::staticGet($notice_id); - - if (!$notice) { - $this->client_error(_('No status found with that ID.'), 404, $apidata['content-type']); - return; - } - - if ($user->id == $notice->profile_id) { - $replies = new Reply; - $replies->get('notice_id', $notice_id); - common_dequeue_notice($notice); - $replies->delete(); - $notice->delete(); - - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_status($notice); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_status($notice); - } - } else { - $this->client_error(_('You may not delete another user\'s status.'), 403, $apidata['content-type']); - } - - } - - function friends($args, $apidata) - { - parent::handle($args); - return $this->subscriptions($apidata, 'subscribed', 'subscriber'); - } - - function followers($args, $apidata) - { - parent::handle($args); - - return $this->subscriptions($apidata, 'subscriber', 'subscribed'); - } - - function subscriptions($apidata, $other_attr, $user_attr) - { - - # XXX: lite - - $this->auth_user = $apidate['user']; - $user = $this->get_user($apidata['api_arg'], $apidata); - - if (!$user) { - $this->client_error('Not Found', 404, $apidata['content-type']); - return; - } - - $page = $this->trimmed('page'); - - if (!$page || !is_numeric($page)) { - $page = 1; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - $sub = new Subscription(); - $sub->$user_attr = $profile->id; - - $since = strtotime($this->trimmed('since')); - - if ($since) { - $d = date('Y-m-d H:i:s', $since); - $sub->whereAdd("created > '$d'"); - } - - $sub->orderBy('created DESC'); - $sub->limit(($page-1)*100, 100); - - $others = array(); - - if ($sub->find()) { - while ($sub->fetch()) { - $others[] = Profile::staticGet($sub->$other_attr); - } - } else { - // user has no followers - } - - $type = $apidata['content-type']; - - $this->init_document($type); - $this->show_profiles($others, $type); - $this->end_document($type); - } - - function show_profiles($profiles, $type) - { - switch ($type) { - case 'xml': - common_element_start('users', array('type' => 'array')); - foreach ($profiles as $profile) { - $this->show_profile($profile); - } - common_element_end('users'); - break; - case 'json': - $arrays = array(); - foreach ($profiles as $profile) { - $arrays[] = $this->twitter_user_array($profile, true); - } - print json_encode($arrays); - break; - default: - $this->client_error(_('unsupported file type')); - } - } - - function featured($args, $apidata) - { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } - - function supported($cmd) - { - - $cmdlist = array('MessageCommand', 'SubCommand', 'UnsubCommand', 'FavCommand', 'OnCommand', 'OffCommand'); - - if (in_array(get_class($cmd), $cmdlist)) { - return true; - } - - return false; - } - -} diff --git a/_darcs/pristine/actions/twitapiusers.php b/_darcs/pristine/actions/twitapiusers.php deleted file mode 100644 index 409986985..000000000 --- a/_darcs/pristine/actions/twitapiusers.php +++ /dev/null @@ -1,54 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class TwitapiusersAction extends TwitterapiAction -{ - - function show($args, $apidata) - { - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } - - $user = null; - $email = $this->arg('email'); - - if ($email) { - $user = User::staticGet('email', $email); - } elseif (isset($apidata['api_arg'])) { - $user = $this->get_user($apidata['api_arg']); - } - - if (!$user) { - // XXX: Twitter returns a random(?) user instead of throwing and err! -- Zach - $this->client_error(_('Not found.'), 404, $apidata['content-type']); - return; - } - - $this->show_extended_profile($user, $apidata); - } - -} diff --git a/_darcs/pristine/actions/twittersettings.php b/_darcs/pristine/actions/twittersettings.php deleted file mode 100644 index d66427339..000000000 --- a/_darcs/pristine/actions/twittersettings.php +++ /dev/null @@ -1,367 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); - -define('SUBSCRIPTIONS', 80); - -class TwittersettingsAction extends SettingsAction -{ - - function get_instructions() - { - return _('Add your Twitter account to automatically send your notices to Twitter, ' . - 'and subscribe to Twitter friends already here.'); - } - - function show_form($msg=null, $success=false) - { - $user = common_current_user(); - $profile = $user->getProfile(); - $fuser = null; - $flink = Foreign_link::getByUserID($user->id, 1); // 1 == Twitter - - if ($flink) { - $fuser = $flink->getForeignUser(); - } - - $this->form_header(_('Twitter settings'), $msg, $success); - common_element_start('form', array('method' => 'post', - 'id' => 'twittersettings', - 'action' => - common_local_url('twittersettings'))); - common_hidden('token', common_session_token()); - - common_element('h2', null, _('Twitter Account')); - - if ($fuser) { - common_element_start('p'); - - common_element('span', 'twitter_user', $fuser->nickname); - common_element('a', array('href' => $fuser->uri), $fuser->uri); - common_element('span', 'input_instructions', - _('Current verified Twitter account.')); - common_hidden('flink_foreign_id', $flink->foreign_id); - common_element_end('p'); - common_submit('remove', _('Remove')); - } else { - common_input('twitter_username', _('Twitter user name'), - ($this->arg('twitter_username')) ? $this->arg('twitter_username') : $profile->nickname, - _('No spaces, please.')); // hey, it's what Twitter says - - common_password('twitter_password', _('Twitter password')); - } - - common_element('h2', null, _('Preferences')); - - common_checkbox('noticesync', _('Automatically send my notices to Twitter.'), - ($flink) ? ($flink->noticesync & FOREIGN_NOTICE_SEND) : true); - - common_checkbox('replysync', _('Send local "@" replies to Twitter.'), - ($flink) ? ($flink->noticesync & FOREIGN_NOTICE_SEND_REPLY) : true); - - common_checkbox('friendsync', _('Subscribe to my Twitter friends here.'), - ($flink) ? ($flink->friendsync & FOREIGN_FRIEND_RECV) : false); - - if ($flink) { - common_submit('save', _('Save')); - } else { - common_submit('add', _('Add')); - } - - $this->show_twitter_subscriptions(); - - common_element_end('form'); - - common_show_footer(); - } - - function subscribed_twitter_users() - { - - $current_user = common_current_user(); - - $qry = 'SELECT user.* ' . - 'FROM subscription ' . - 'JOIN user ON subscription.subscribed = user.id ' . - 'JOIN foreign_link ON foreign_link.user_id = user.id ' . - 'WHERE subscriber = %d ' . - 'ORDER BY user.nickname'; - - $user = new User(); - - $user->query(sprintf($qry, $current_user->id)); - - $users = array(); - - while ($user->fetch()) { - - // Don't include the user's own self-subscription - if ($user->id != $current_user->id) { - $users[] = clone($user); - } - } - - return $users; - } - - function show_twitter_subscriptions() - { - - $friends = $this->subscribed_twitter_users(); - $friends_count = count($friends); - - if ($friends_count > 0) { - - common_element('h3', null, _('Twitter Friends')); - common_element_start('div', array('id' => 'subscriptions')); - common_element_start('ul', array('id' => 'subscriptions_avatars')); - - for ($i = 0; $i < min($friends_count, SUBSCRIPTIONS); $i++) { - - $other = Profile::staticGet($friends[$i]->id); - - if (!$other) { - common_log_db_error($subs, 'SELECT', __FILE__); - continue; - } - - common_element_start('li'); - common_element_start('a', array('title' => ($other->fullname) ? - $other->fullname : - $other->nickname, - 'href' => $other->profileurl, - 'rel' => 'contact', - 'class' => 'subscription')); - $avatar = $other->getAvatar(AVATAR_MINI_SIZE); - common_element('img', array('src' => (($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_MINI_SIZE)), - 'width' => AVATAR_MINI_SIZE, - 'height' => AVATAR_MINI_SIZE, - 'class' => 'avatar mini', - 'alt' => ($other->fullname) ? - $other->fullname : - $other->nickname)); - common_element_end('a'); - common_element_end('li'); - - } - - common_element_end('ul'); - common_element_end('div'); - - } - - // XXX Figure out a way to show all Twitter friends... ? - - /* - if ($subs_count > SUBSCRIPTIONS) { - common_element_start('p', array('id' => 'subscriptions_viewall')); - - common_element('a', array('href' => common_local_url('subscriptions', - array('nickname' => $profile->nickname)), - 'class' => 'moresubscriptions'), - _('All subscriptions')); - common_element_end('p'); - } - */ - - } - - function handle_post() - { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_preferences(); - } else if ($this->arg('add')) { - $this->add_twitter_acct(); - } else if ($this->arg('remove')) { - $this->remove_twitter_acct(); - } else { - $this->show_form(_('Unexpected form submission.')); - } - } - - function add_twitter_acct() - { - - $screen_name = $this->trimmed('twitter_username'); - $password = $this->trimmed('twitter_password'); - $noticesync = $this->boolean('noticesync'); - $replysync = $this->boolean('replysync'); - $friendsync = $this->boolean('friendsync'); - - if (!Validate::string($screen_name, - array( 'min_length' => 1, - 'max_length' => 15, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA . '_'))) { - $this->show_form( - _('Username must have only numbers, upper- and lowercase letters, and underscore (_). 15 chars max.')); - return; - } - - if (!$this->verify_credentials($screen_name, $password)) { - $this->show_form(_('Could not verify your Twitter credentials!')); - return; - } - - $twit_user = twitter_user_info($screen_name, $password); - - if (!$twit_user) { - $this->show_form(sprintf(_('Unable to retrieve account information for "%s" from Twitter.'), - $screen_name)); - return; - } - - if (!save_twitter_user($twit_user->id, $screen_name)) { - $this->show_form(_('Unable to save your Twitter settings!')); - return; - } - - $user = common_current_user(); - - $flink = DB_DataObject::factory('foreign_link'); - $flink->user_id = $user->id; - $flink->foreign_id = $twit_user->id; - $flink->service = 1; // Twitter - $flink->credentials = $password; - $flink->created = common_sql_now(); - - $flink->set_flags($noticesync, $replysync, $friendsync); - - $flink_id = $flink->insert(); - - if (!$flink_id) { - common_log_db_error($flink, 'INSERT', __FILE__); - $this->show_form(_('Unable to save your Twitter settings!')); - return; - } - - if ($friendsync) { - save_twitter_friends($user, $twit_user->id, $screen_name, $password); - } - - $this->show_form(_('Twitter settings saved.'), true); - } - - function remove_twitter_acct() - { - - $user = common_current_user(); - $flink = Foreign_link::getByUserID($user->id, 1); - $flink_foreign_id = $this->arg('flink_foreign_id'); - - # Maybe an old tab open...? - if ($flink->foreign_id != $flink_foreign_id) { - $this->show_form(_('That is not your Twitter account.')); - return; - } - - $result = $flink->delete(); - - if (!$result) { - common_log_db_error($flink, 'DELETE', __FILE__); - common_server_error(_('Couldn\'t remove Twitter user.')); - return; - } - - $this->show_form(_('Twitter account removed.'), true); - } - - function save_preferences() - { - - $noticesync = $this->boolean('noticesync'); - $friendsync = $this->boolean('friendsync'); - $replysync = $this->boolean('replysync'); - - $user = common_current_user(); - - $flink = Foreign_link::getByUserID($user->id, 1); - - if (!$flink) { - common_log_db_error($flink, 'SELECT', __FILE__); - $this->show_form(_('Couldn\'t save Twitter preferences.')); - return; - } - - $twitter_id = $flink->foreign_id; - $password = $flink->credentials; - - $fuser = $flink->getForeignUser(); - - if (!$fuser) { - common_log_db_error($fuser, 'SELECT', __FILE__); - $this->show_form(_('Couldn\'t save Twitter preferences.')); - return; - } - - $screen_name = $fuser->nickname; - - $original = clone($flink); - $flink->set_flags($noticesync, $replysync, $friendsync); - $result = $flink->update($original); - - if ($result === false) { - common_log_db_error($flink, 'UPDATE', __FILE__); - $this->show_form(_('Couldn\'t save Twitter preferences.')); - return; - } - - if ($friendsync) { - save_twitter_friends($user, $flink->foreign_id, $screen_name, $password); - } - - $this->show_form(_('Twitter preferences saved.')); - } - - function verify_credentials($screen_name, $password) - { - $uri = 'http://twitter.com/account/verify_credentials.json'; - $data = get_twitter_data($uri, $screen_name, $password); - - if (!$data) { - return false; - } - - $user = json_decode($data); - - if (!$user) { - return false; - } - - $twitter_id = $user->status->id; - - if ($twitter_id) { - return $twitter_id; - } - - return false; - } - - -} \ No newline at end of file diff --git a/_darcs/pristine/actions/unblock.php b/_darcs/pristine/actions/unblock.php deleted file mode 100644 index 112304f71..000000000 --- a/_darcs/pristine/actions/unblock.php +++ /dev/null @@ -1,96 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class UnblockAction extends Action -{ - - var $profile = null; - - function prepare($args) - { - - parent::prepare($args); - - if (!common_logged_in()) { - $this->client_error(_('Not logged in.')); - return false; - } - - $token = $this->trimmed('token'); - - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } - - $id = $this->trimmed('unblockto'); - - if (!$id) { - $this->client_error(_('No profile specified.')); - return false; - } - - $this->profile = Profile::staticGet('id', $id); - - if (!$this->profile) { - $this->client_error(_('No profile with that ID.')); - return false; - } - - return true; - } - - function handle($args) - { - parent::handle($args); - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->unblock_profile(); - } - } - - function unblock_profile() - { - - $cur = common_current_user(); - - $result = $cur->unblock($this->profile); - - if (!$result) { - $this->server_error(_('Error removing the block.')); - return; - } - - foreach ($this->args as $k => $v) { - if ($k == 'returnto-action') { - $action = $v; - } else if (substr($k, 0, 9) == 'returnto-') { - $args[substr($k, 9)] = $v; - } - } - - if ($action) { - common_redirect(common_local_url($action, $args)); - } else { - common_redirect(common_local_url('subscriptions', - array('nickname' => $cur->nickname))); - } - } -} diff --git a/_darcs/pristine/actions/unsubscribe.php b/_darcs/pristine/actions/unsubscribe.php deleted file mode 100644 index 1c2e13635..000000000 --- a/_darcs/pristine/actions/unsubscribe.php +++ /dev/null @@ -1,82 +0,0 @@ -. - */ - -class UnsubscribeAction extends Action -{ - - function handle($args) - { - parent::handle($args); - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - return; - } - - $user = common_current_user(); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname))); - return; - } - - # CSRF protection - - $token = $this->trimmed('token'); - - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } - - $other_id = $this->arg('unsubscribeto'); - - if (!$other_id) { - $this->client_error(_('No profile id in request.')); - return; - } - - $other = Profile::staticGet('id', $other_id); - - if (!$other_id) { - $this->client_error(_('No profile with that id.')); - return; - } - - $result = subs_unsubscribe_to($user, $other); - - if ($result != true) { - common_user_error($result); - return; - } - - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Unsubscribed')); - common_element_end('head'); - common_element_start('body'); - common_subscribe_form($other); - common_element_end('body'); - common_element_end('html'); - } else { - common_redirect(common_local_url('subscriptions', array('nickname' => - $user->nickname))); - } - } -} diff --git a/_darcs/pristine/actions/updateprofile.php b/_darcs/pristine/actions/updateprofile.php deleted file mode 100644 index abb034c81..000000000 --- a/_darcs/pristine/actions/updateprofile.php +++ /dev/null @@ -1,177 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/omb.php'); - -class UpdateprofileAction extends Action -{ - - function handle($args) - { - parent::handle($args); - try { - common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); - # Note: server-to-server function! - $server = omb_oauth_server(); - list($consumer, $token) = $server->verify_request($req); - if ($this->update_profile($req, $consumer, $token)) { - print "omb_version=".OMB_VERSION_01; - } - } catch (OAuthException $e) { - $this->server_error($e->getMessage()); - return; - } - } - - function update_profile($req, $consumer, $token) - { - $version = $req->get_parameter('omb_version'); - if ($version != OMB_VERSION_01) { - $this->client_error(_('Unsupported OMB version'), 400); - return false; - } - # First, check to see if listenee exists - $listenee = $req->get_parameter('omb_listenee'); - $remote = Remote_profile::staticGet('uri', $listenee); - if (!$remote) { - $this->client_error(_('Profile unknown'), 404); - return false; - } - # Second, check to see if they should be able to post updates! - # We see if there are any subscriptions to that remote user with - # the given token. - - $sub = new Subscription(); - $sub->subscribed = $remote->id; - $sub->token = $token->key; - if (!$sub->find(true)) { - $this->client_error(_('You did not send us that profile'), 403); - return false; - } - - $profile = Profile::staticGet('id', $remote->id); - if (!$profile) { - # This one is our fault - $this->server_error(_('Remote profile with no matching profile'), 500); - return false; - } - $nickname = $req->get_parameter('omb_listenee_nickname'); - if ($nickname && !Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->client_error(_('Nickname must have only lowercase letters and numbers and no spaces.')); - return false; - } - $license = $req->get_parameter('omb_listenee_license'); - if ($license && !common_valid_http_url($license)) { - $this->client_error(sprintf(_("Invalid license URL '%s'"), $license)); - return false; - } - $profile_url = $req->get_parameter('omb_listenee_profile'); - if ($profile_url && !common_valid_http_url($profile_url)) { - $this->client_error(sprintf(_("Invalid profile URL '%s'."), $profile_url)); - return false; - } - # optional stuff - $fullname = $req->get_parameter('omb_listenee_fullname'); - if ($fullname && strlen($fullname) > 255) { - $this->client_error(_("Full name is too long (max 255 chars).")); - return false; - } - $homepage = $req->get_parameter('omb_listenee_homepage'); - if ($homepage && (!common_valid_http_url($homepage) || strlen($homepage) > 255)) { - $this->client_error(sprintf(_("Invalid homepage '%s'"), $homepage)); - return false; - } - $bio = $req->get_parameter('omb_listenee_bio'); - if ($bio && strlen($bio) > 140) { - $this->client_error(_("Bio is too long (max 140 chars).")); - return false; - } - $location = $req->get_parameter('omb_listenee_location'); - if ($location && strlen($location) > 255) { - $this->client_error(_("Location is too long (max 255 chars).")); - return false; - } - $avatar = $req->get_parameter('omb_listenee_avatar'); - if ($avatar) { - if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { - $this->client_error(sprintf(_("Invalid avatar URL '%s'"), $avatar)); - return false; - } - $size = @getimagesize($avatar); - if (!$size) { - $this->client_error(sprintf(_("Can't read avatar URL '%s'"), $avatar)); - return false; - } - if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) { - $this->client_error(sprintf(_("Wrong size image at '%s'"), $avatar)); - return false; - } - if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, - IMAGETYPE_PNG))) { - $this->client_error(sprintf(_("Wrong image type for '%s'"), $avatar)); - return false; - } - } - - $orig_profile = clone($profile); - - if ($nickname) { - $profile->nickname = $nickname; - } - if ($profile_url) { - $profile->profileurl = $profile_url; - } - if ($fullname) { - $profile->fullname = $fullname; - } - if ($homepage) { - $profile->homepage = $homepage; - } - if ($bio) { - $profile->bio = $bio; - } - if ($location) { - $profile->location = $location; - } - - if (!$profile->update($orig_profile)) { - $this->server_error(_('Could not save new profile info'), 500); - return false; - } else { - if ($avatar) { - $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar'); - copy($avatar, $temp_filename); - if (!$profile->setOriginal($temp_filename)) { - $this->server_error(_('Could not save avatar info'), 500); - return false; - } - } - header('HTTP/1.1 200 OK'); - header('Content-type: text/plain'); - print 'Updated profile'; - print "\n"; - return true; - } - } -} diff --git a/_darcs/pristine/actions/userauthorization.php b/_darcs/pristine/actions/userauthorization.php deleted file mode 100644 index 05efbc16c..000000000 --- a/_darcs/pristine/actions/userauthorization.php +++ /dev/null @@ -1,601 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/omb.php'); -define('TIMESTAMP_THRESHOLD', 300); - -class UserauthorizationAction extends Action -{ - - function handle($args) - { - parent::handle($args); - - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $req = $this->get_stored_request(); - $this->show_form(_('There was a problem with your session token. Try again, please.'), $req); - return; - } - # We've shown the form, now post user's choice - $this->send_authorization(); - } else { - if (!common_logged_in()) { - # Go log in, and then come back - common_debug('saving URL for returnto', __FILE__); - common_set_returnto($_SERVER['REQUEST_URI']); - - common_debug('redirecting to login', __FILE__); - common_redirect(common_local_url('login')); - return; - } - try { - # this must be a new request - common_debug('getting new request', __FILE__); - $req = $this->get_new_request(); - if (!$req) { - $this->client_error(_('No request found!')); - } - common_debug('validating request', __FILE__); - # XXX: only validate new requests, since nonce is one-time use - $this->validate_request($req); - common_debug('showing form', __FILE__); - $this->store_request($req); - $this->show_form($req); - } catch (OAuthException $e) { - $this->clear_request(); - $this->client_error($e->getMessage()); - return; - } - - } - } - - function show_form($req) - { - - $nickname = $req->get_parameter('omb_listenee_nickname'); - $profile = $req->get_parameter('omb_listenee_profile'); - $license = $req->get_parameter('omb_listenee_license'); - $fullname = $req->get_parameter('omb_listenee_fullname'); - $homepage = $req->get_parameter('omb_listenee_homepage'); - $bio = $req->get_parameter('omb_listenee_bio'); - $location = $req->get_parameter('omb_listenee_location'); - $avatar = $req->get_parameter('omb_listenee_avatar'); - - common_show_header(_('Authorize subscription')); - common_element('p', null, _('Please check these details to make sure '. - 'that you want to subscribe to this user\'s notices. '. - 'If you didn\'t just ask to subscribe to someone\'s notices, '. - 'click "Cancel".')); - common_element_start('div', 'profile'); - if ($avatar) { - common_element('img', array('src' => $avatar, - 'class' => 'avatar profile', - 'width' => AVATAR_PROFILE_SIZE, - 'height' => AVATAR_PROFILE_SIZE, - 'alt' => $nickname)); - } - common_element('a', array('href' => $profile, - 'class' => 'external profile nickname'), - $nickname); - if ($fullname) { - common_element_start('div', 'fullname'); - if ($homepage) { - common_element('a', array('href' => $homepage), - $fullname); - } else { - common_text($fullname); - } - common_element_end('div'); - } - if ($location) { - common_element('div', 'location', $location); - } - if ($bio) { - common_element('div', 'bio', $bio); - } - common_element_start('div', 'license'); - common_element('a', array('href' => $license, - 'class' => 'license'), - $license); - common_element_end('div'); - common_element_end('div'); - common_element_start('form', array('method' => 'post', - 'id' => 'userauthorization', - 'name' => 'userauthorization', - 'action' => common_local_url('userauthorization'))); - common_hidden('token', common_session_token()); - common_submit('accept', _('Accept')); - common_submit('reject', _('Reject')); - common_element_end('form'); - common_show_footer(); - } - - function send_authorization() - { - $req = $this->get_stored_request(); - - if (!$req) { - common_user_error(_('No authorization request!')); - return; - } - - $callback = $req->get_parameter('oauth_callback'); - - if ($this->arg('accept')) { - if (!$this->authorize_token($req)) { - $this->client_error(_('Error authorizing token')); - } - if (!$this->save_remote_profile($req)) { - $this->client_error(_('Error saving remote profile')); - } - if (!$callback) { - $this->show_accept_message($req->get_parameter('oauth_token')); - } else { - $params = array(); - $params['oauth_token'] = $req->get_parameter('oauth_token'); - $params['omb_version'] = OMB_VERSION_01; - $user = User::staticGet('uri', $req->get_parameter('omb_listener')); - $profile = $user->getProfile(); - if (!$profile) { - common_log_db_error($user, 'SELECT', __FILE__); - $this->server_error(_('User without matching profile')); - return; - } - $params['omb_listener_nickname'] = $user->nickname; - $params['omb_listener_profile'] = common_local_url('showstream', - array('nickname' => $user->nickname)); - if ($profile->fullname) { - $params['omb_listener_fullname'] = $profile->fullname; - } - if ($profile->homepage) { - $params['omb_listener_homepage'] = $profile->homepage; - } - if ($profile->bio) { - $params['omb_listener_bio'] = $profile->bio; - } - if ($profile->location) { - $params['omb_listener_location'] = $profile->location; - } - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - if ($avatar) { - $params['omb_listener_avatar'] = $avatar->url; - } - $parts = array(); - foreach ($params as $k => $v) { - $parts[] = $k . '=' . OAuthUtil::urlencodeRFC3986($v); - } - $query_string = implode('&', $parts); - $parsed = parse_url($callback); - $url = $callback . (($parsed['query']) ? '&' : '?') . $query_string; - common_redirect($url, 303); - } - } else { - if (!$callback) { - $this->show_reject_message(); - } else { - # XXX: not 100% sure how to signal failure... just redirect without token? - common_redirect($callback, 303); - } - } - } - - function authorize_token(&$req) - { - $consumer_key = $req->get_parameter('oauth_consumer_key'); - $token_field = $req->get_parameter('oauth_token'); - common_debug('consumer key = "'.$consumer_key.'"', __FILE__); - common_debug('token field = "'.$token_field.'"', __FILE__); - $rt = new Token(); - $rt->consumer_key = $consumer_key; - $rt->tok = $token_field; - $rt->type = 0; - $rt->state = 0; - common_debug('request token to look up: "'.print_r($rt,true).'"'); - if ($rt->find(true)) { - common_debug('found request token to authorize', __FILE__); - $orig_rt = clone($rt); - $rt->state = 1; # Authorized but not used - if ($rt->update($orig_rt)) { - common_debug('updated request token so it is authorized', __FILE__); - return true; - } - } - return false; - } - - # XXX: refactor with similar code in finishremotesubscribe.php - - function save_remote_profile(&$req) - { - # FIXME: we should really do this when the consumer comes - # back for an access token. If they never do, we've got stuff in a - # weird state. - - $nickname = $req->get_parameter('omb_listenee_nickname'); - $fullname = $req->get_parameter('omb_listenee_fullname'); - $profile_url = $req->get_parameter('omb_listenee_profile'); - $homepage = $req->get_parameter('omb_listenee_homepage'); - $bio = $req->get_parameter('omb_listenee_bio'); - $location = $req->get_parameter('omb_listenee_location'); - $avatar_url = $req->get_parameter('omb_listenee_avatar'); - - $listenee = $req->get_parameter('omb_listenee'); - $remote = Remote_profile::staticGet('uri', $listenee); - - if ($remote) { - $exists = true; - $profile = Profile::staticGet($remote->id); - $orig_remote = clone($remote); - $orig_profile = clone($profile); - } else { - $exists = false; - $remote = new Remote_profile(); - $remote->uri = $listenee; - $profile = new Profile(); - } - - $profile->nickname = $nickname; - $profile->profileurl = $profile_url; - - if ($fullname) { - $profile->fullname = $fullname; - } - if ($homepage) { - $profile->homepage = $homepage; - } - if ($bio) { - $profile->bio = $bio; - } - if ($location) { - $profile->location = $location; - } - - if ($exists) { - $profile->update($orig_profile); - } else { - $profile->created = DB_DataObject_Cast::dateTime(); # current time - $id = $profile->insert(); - if (!$id) { - return false; - } - $remote->id = $id; - } - - if ($exists) { - if (!$remote->update($orig_remote)) { - return false; - } - } else { - $remote->created = DB_DataObject_Cast::dateTime(); # current time - if (!$remote->insert()) { - return false; - } - } - - if ($avatar_url) { - if (!$this->add_avatar($profile, $avatar_url)) { - return false; - } - } - - $user = common_current_user(); - $datastore = omb_oauth_datastore(); - $consumer = $this->get_consumer($datastore, $req); - $token = $this->get_token($datastore, $req, $consumer); - - $sub = new Subscription(); - $sub->subscriber = $user->id; - $sub->subscribed = $remote->id; - $sub->token = $token->key; # NOTE: request token, not valid for use! - $sub->created = DB_DataObject_Cast::dateTime(); # current time - - if (!$sub->insert()) { - return false; - } - - return true; - } - - function add_avatar($profile, $url) - { - $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar'); - copy($url, $temp_filename); - return $profile->setOriginal($temp_filename); - } - - function show_accept_message($tok) - { - common_show_header(_('Subscription authorized')); - common_element('p', null, - _('The subscription has been authorized, but no '. - 'callback URL was passed. Check with the site\'s instructions for '. - 'details on how to authorize the subscription. Your subscription token is:')); - common_element('blockquote', 'token', $tok); - common_show_footer(); - } - - function show_reject_message($tok) - { - common_show_header(_('Subscription rejected')); - common_element('p', null, - _('The subscription has been rejected, but no '. - 'callback URL was passed. Check with the site\'s instructions for '. - 'details on how to fully reject the subscription.')); - common_show_footer(); - } - - function store_request($req) - { - common_ensure_session(); - $_SESSION['userauthorizationrequest'] = $req; - } - - function clear_request() - { - common_ensure_session(); - unset($_SESSION['userauthorizationrequest']); - } - - function get_stored_request() - { - common_ensure_session(); - $req = $_SESSION['userauthorizationrequest']; - return $req; - } - - function get_new_request() - { - common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); - return $req; - } - - # Throws an OAuthException if anything goes wrong - - function validate_request(&$req) - { - # OAuth stuff -- have to copy from OAuth.php since they're - # all private methods, and there's no user-authentication method - common_debug('checking version', __FILE__); - $this->check_version($req); - common_debug('getting datastore', __FILE__); - $datastore = omb_oauth_datastore(); - common_debug('getting consumer', __FILE__); - $consumer = $this->get_consumer($datastore, $req); - common_debug('getting token', __FILE__); - $token = $this->get_token($datastore, $req, $consumer); - common_debug('checking timestamp', __FILE__); - $this->check_timestamp($req); - common_debug('checking nonce', __FILE__); - $this->check_nonce($datastore, $req, $consumer, $token); - common_debug('checking signature', __FILE__); - $this->check_signature($req, $consumer, $token); - common_debug('validating omb stuff', __FILE__); - $this->validate_omb($req); - common_debug('done validating', __FILE__); - return true; - } - - function validate_omb(&$req) - { - foreach (array('omb_version', 'omb_listener', 'omb_listenee', - 'omb_listenee_profile', 'omb_listenee_nickname', - 'omb_listenee_license') as $param) - { - if (!$req->get_parameter($param)) { - throw new OAuthException("Required parameter '$param' not found"); - } - } - # Now, OMB stuff - $version = $req->get_parameter('omb_version'); - if ($version != OMB_VERSION_01) { - throw new OAuthException("OpenMicroBlogging version '$version' not supported"); - } - $listener = $req->get_parameter('omb_listener'); - $user = User::staticGet('uri', $listener); - if (!$user) { - throw new OAuthException("Listener URI '$listener' not found here"); - } - $cur = common_current_user(); - if ($cur->id != $user->id) { - throw new OAuthException("Can't add for another user!"); - } - $listenee = $req->get_parameter('omb_listenee'); - if (!Validate::uri($listenee) && - !common_valid_tag($listenee)) { - throw new OAuthException("Listenee URI '$listenee' not a recognizable URI"); - } - if (strlen($listenee) > 255) { - throw new OAuthException("Listenee URI '$listenee' too long"); - } - - $other = User::staticGet('uri', $listenee); - if ($other) { - throw new OAuthException("Listenee URI '$listenee' is local user"); - } - - $remote = Remote_profile::staticGet('uri', $listenee); - if ($remote) { - $sub = new Subscription(); - $sub->subscriber = $user->id; - $sub->subscribed = $remote->id; - if ($sub->find(true)) { - throw new OAuthException("Already subscribed to user!"); - } - } - $nickname = $req->get_parameter('omb_listenee_nickname'); - if (!Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - throw new OAuthException('Nickname must have only letters and numbers and no spaces.'); - } - $profile = $req->get_parameter('omb_listenee_profile'); - if (!common_valid_http_url($profile)) { - throw new OAuthException("Invalid profile URL '$profile'."); - } - - if ($profile == common_local_url('showstream', array('nickname' => $nickname))) { - throw new OAuthException("Profile URL '$profile' is for a local user."); - } - - $license = $req->get_parameter('omb_listenee_license'); - if (!common_valid_http_url($license)) { - throw new OAuthException("Invalid license URL '$license'."); - } - $site_license = common_config('license', 'url'); - if (!common_compatible_license($license, $site_license)) { - throw new OAuthException("Listenee stream license '$license' not compatible with site license '$site_license'."); - } - # optional stuff - $fullname = $req->get_parameter('omb_listenee_fullname'); - if ($fullname && strlen($fullname) > 255) { - throw new OAuthException("Full name '$fullname' too long."); - } - $homepage = $req->get_parameter('omb_listenee_homepage'); - if ($homepage && (!common_valid_http_url($homepage) || strlen($homepage) > 255)) { - throw new OAuthException("Invalid homepage '$homepage'"); - } - $bio = $req->get_parameter('omb_listenee_bio'); - if ($bio && strlen($bio) > 140) { - throw new OAuthException("Bio too long '$bio'"); - } - $location = $req->get_parameter('omb_listenee_location'); - if ($location && strlen($location) > 255) { - throw new OAuthException("Location too long '$location'"); - } - $avatar = $req->get_parameter('omb_listenee_avatar'); - if ($avatar) { - if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { - throw new OAuthException("Invalid avatar URL '$avatar'"); - } - $size = @getimagesize($avatar); - if (!$size) { - throw new OAuthException("Can't read avatar URL '$avatar'"); - } - if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) { - throw new OAuthException("Wrong size image at '$avatar'"); - } - if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, - IMAGETYPE_PNG))) { - throw new OAuthException("Wrong image type for '$avatar'"); - } - } - $callback = $req->get_parameter('oauth_callback'); - if ($callback && !common_valid_http_url($callback)) { - throw new OAuthException("Invalid callback URL '$callback'"); - } - if ($callback && $callback == common_local_url('finishremotesubscribe')) { - throw new OAuthException("Callback URL '$callback' is for local site."); - } - } - - # Snagged from OAuthServer - - function check_version(&$req) - { - $version = $req->get_parameter("oauth_version"); - if (!$version) { - $version = 1.0; - } - if ($version != 1.0) { - throw new OAuthException("OAuth version '$version' not supported"); - } - return $version; - } - - # Snagged from OAuthServer - - function get_consumer($datastore, $req) - { - $consumer_key = @$req->get_parameter("oauth_consumer_key"); - if (!$consumer_key) { - throw new OAuthException("Invalid consumer key"); - } - - $consumer = $datastore->lookup_consumer($consumer_key); - if (!$consumer) { - throw new OAuthException("Invalid consumer"); - } - return $consumer; - } - - # Mostly cadged from OAuthServer - - function get_token($datastore, &$req, $consumer) - {/*{{{*/ - $token_field = @$req->get_parameter('oauth_token'); - $token = $datastore->lookup_token($consumer, 'request', $token_field); - if (!$token) { - throw new OAuthException("Invalid $token_type token: $token_field"); - } - return $token; - } - - function check_timestamp(&$req) - { - $timestamp = @$req->get_parameter('oauth_timestamp'); - $now = time(); - if ($now - $timestamp > TIMESTAMP_THRESHOLD) { - throw new OAuthException("Expired timestamp, yours $timestamp, ours $now"); - } - } - - # NOTE: don't call twice on the same request; will fail! - function check_nonce(&$datastore, &$req, $consumer, $token) - { - $timestamp = @$req->get_parameter('oauth_timestamp'); - $nonce = @$req->get_parameter('oauth_nonce'); - $found = $datastore->lookup_nonce($consumer, $token, $nonce, $timestamp); - if ($found) { - throw new OAuthException("Nonce already used"); - } - return true; - } - - function check_signature(&$req, $consumer, $token) - { - $signature_method = $this->get_signature_method($req); - $signature = $req->get_parameter('oauth_signature'); - $valid_sig = $signature_method->check_signature($req, - $consumer, - $token, - $signature); - if (!$valid_sig) { - throw new OAuthException("Invalid signature"); - } - } - - function get_signature_method(&$req) - { - $signature_method = @$req->get_parameter("oauth_signature_method"); - if (!$signature_method) { - $signature_method = "PLAINTEXT"; - } - if ($signature_method != 'HMAC-SHA1') { - throw new OAuthException("Signature method '$signature_method' not supported."); - } - return omb_hmac_sha1(); - } -} diff --git a/_darcs/pristine/actions/userbyid.php b/_darcs/pristine/actions/userbyid.php deleted file mode 100644 index d57ed21a5..000000000 --- a/_darcs/pristine/actions/userbyid.php +++ /dev/null @@ -1,52 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -class UserbyidAction extends Action -{ - - function is_readonly() - { - return true; - } - - function handle($args) - { - parent::handle($args); - $id = $this->trimmed('id'); - if (!$id) { - $this->client_error(_('No id.')); - } - $user =& User::staticGet($id); - if (!$user) { - $this->client_error(_('No such user.')); - } - - // support redirecting to FOAF rdf/xml if the agent prefers it - $page_prefs = 'application/rdf+xml,text/html,application/xhtml+xml,application/xml;q=0.3,text/xml;q=0.2'; - $httpaccept = isset($_SERVER['HTTP_ACCEPT']) ? $_SERVER['HTTP_ACCEPT'] : null; - $type = common_negotiate_type(common_accept_to_prefs($httpaccept), - common_accept_to_prefs($page_prefs)); - $page = $type == 'application/rdf+xml' ? 'foaf' : 'showstream'; - - $url = common_local_url($page, array('nickname' => $user->nickname)); - common_redirect($url, 303); - } -} diff --git a/_darcs/pristine/actions/userrss.php b/_darcs/pristine/actions/userrss.php deleted file mode 100644 index 1e9fe121f..000000000 --- a/_darcs/pristine/actions/userrss.php +++ /dev/null @@ -1,96 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/rssaction.php'); - -// Formatting of RSS handled by Rss10Action - -class UserrssAction extends Rss10Action -{ - - var $user = null; - - function init() - { - $nickname = $this->trimmed('nickname'); - $this->user = User::staticGet('nickname', $nickname); - - if (!$this->user) { - common_user_error(_('No such user.')); - return false; - } else { - return true; - } - } - - function get_notices($limit=0) - { - - $user = $this->user; - - if (is_null($user)) { - return null; - } - - $notice = $user->getNotices(0, ($limit == 0) ? NOTICES_PER_PAGE : $limit); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - return $notices; - } - - function get_channel() - { - $user = $this->user; - $profile = $user->getProfile(); - $c = array('url' => common_local_url('userrss', - array('nickname' => - $user->nickname)), - 'title' => $user->nickname, - 'link' => $profile->profileurl, - 'description' => sprintf(_('Microblog by %s'), $user->nickname)); - return $c; - } - - function get_image() - { - $user = $this->user; - $profile = $user->getProfile(); - if (!$profile) { - common_log_db_error($user, 'SELECT', __FILE__); - $this->server_error(_('User without matching profile')); - return null; - } - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - return ($avatar) ? $avatar->url : null; - } - - # override parent to add X-SUP-ID URL - - function init_rss($limit=0) - { - $url = common_local_url('sup', null, $this->user->id); - header('X-SUP-ID: '.$url); - parent::init_rss($limit); - } -} \ No newline at end of file diff --git a/_darcs/pristine/actions/xrds.php b/_darcs/pristine/actions/xrds.php deleted file mode 100644 index 7edc6aa39..000000000 --- a/_darcs/pristine/actions/xrds.php +++ /dev/null @@ -1,137 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/omb.php'); - -class XrdsAction extends Action -{ - - function is_readonly() - { - return true; - } - - function handle($args) - { - parent::handle($args); - $nickname = $this->trimmed('nickname'); - $user = User::staticGet('nickname', $nickname); - if (!$user) { - common_user_error(_('No such user.')); - return; - } - $this->show_xrds($user); - } - - function show_xrds($user) - { - - header('Content-Type: application/xrds+xml'); - - common_start_xml(); - common_element_start('XRDS', array('xmlns' => 'xri://$xrds')); - - common_element_start('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'oauth', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - - common_element('Type', null, 'xri://$xrds*simple'); - - $this->show_service(OAUTH_ENDPOINT_REQUEST, - common_local_url('requesttoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1), - $user->uri); - - $this->show_service(OAUTH_ENDPOINT_AUTHORIZE, - common_local_url('userauthorization'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - - $this->show_service(OAUTH_ENDPOINT_ACCESS, - common_local_url('accesstoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - - $this->show_service(OAUTH_ENDPOINT_RESOURCE, - null, - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - - common_element_end('XRD'); - - # XXX: decide whether to include user's ID/nickname in postNotice URL - - common_element_start('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'omb', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - - common_element('Type', null, 'xri://$xrds*simple'); - - $this->show_service(OMB_ENDPOINT_POSTNOTICE, - common_local_url('postnotice')); - - $this->show_service(OMB_ENDPOINT_UPDATEPROFILE, - common_local_url('updateprofile')); - - common_element_end('XRD'); - - common_element_start('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'version' => '2.0')); - - common_element('Type', null, 'xri://$xrds*simple'); - - $this->show_service(OAUTH_DISCOVERY, - '#oauth'); - $this->show_service(OMB_NAMESPACE, - '#omb'); - - common_element_end('XRD'); - - common_element_end('XRDS'); - common_end_xml(); - } - - function show_service($type, $uri, $params=null, $sigs=null, $localId=null) - { - common_element_start('Service'); - if ($uri) { - common_element('URI', null, $uri); - } - common_element('Type', null, $type); - if ($params) { - foreach ($params as $param) { - common_element('Type', null, $param); - } - } - if ($sigs) { - foreach ($sigs as $sig) { - common_element('Type', null, $sig); - } - } - if ($localId) { - common_element('LocalID', null, $localId); - } - common_element_end('Service'); - } -} \ No newline at end of file -- cgit v1.2.3-54-g00ecf