From 3ebf817e36f5c349d8d34aee8c40f836032141d5 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 16 Jul 2009 00:56:32 -0400 Subject: use 410 Gone for deleted notices --- actions/shownotice.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/shownotice.php b/actions/shownotice.php index 8f73dc824..3d7319489 100644 --- a/actions/shownotice.php +++ b/actions/shownotice.php @@ -84,7 +84,13 @@ class ShownoticeAction extends OwnerDesignAction $this->notice = Notice::staticGet($id); if (empty($this->notice)) { - $this->clientError(_('No such notice.'), 404); + // Did we used to have it, and it got deleted? + $deleted = Deleted_notice::staticGet($id); + if (!empty($deleted)) { + $this->clientError(_('Notice deleted.'), 410); + } else { + $this->clientError(_('No such notice.'), 404); + } return false; } -- cgit v1.2.3-54-g00ecf From a321651a13f531a0222e90ec4483f0db3e2d31d8 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 16 Jul 2009 01:01:45 -0400 Subject: use 410 Gone for Twitter API --- actions/twitapistatuses.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'actions') diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php index c9943698d..e3d366ecc 100644 --- a/actions/twitapistatuses.php +++ b/actions/twitapistatuses.php @@ -396,8 +396,14 @@ class TwitapistatusesAction extends TwitterapiAction } else { // XXX: Twitter just sets a 404 header and doens't bother // to return an err msg - $this->clientError(_('No status with that ID found.'), - 404, $apidata['content-type']); + $deleted = Deleted_notice::staticGet($notice_id); + if (!empty($deleted)) { + $this->clientError(_('Status deleted.'), + 410, $apidata['content-type']); + } else { + $this->clientError(_('No status with that ID found.'), + 404, $apidata['content-type']); + } } } -- cgit v1.2.3-54-g00ecf From 2b79b4d21fa33844911f28b9e33ec958cbac3de9 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 4 Aug 2009 06:19:56 -0400 Subject: Move OpenID-related files to OpenID plugin directory As a first step to pluginizing our OpenID support, I've moved the important OpenID-related files to a dedicated plugin directory. Many of these classes are still referred to by libraries that are still in core. --- actions/finishaddopenid.php | 185 ------------- actions/finishopenidlogin.php | 495 ----------------------------------- actions/openidlogin.php | 131 --------- actions/openidsettings.php | 234 ----------------- actions/publicxrds.php | 122 --------- actions/xrds.php | 173 ------------ classes/User_openid.php | 25 -- lib/openid.php | 280 -------------------- plugins/OpenID/User_openid.php | 25 ++ plugins/OpenID/finishaddopenid.php | 185 +++++++++++++ plugins/OpenID/finishopenidlogin.php | 495 +++++++++++++++++++++++++++++++++++ plugins/OpenID/openid.php | 280 ++++++++++++++++++++ plugins/OpenID/openidlogin.php | 131 +++++++++ plugins/OpenID/openidsettings.php | 234 +++++++++++++++++ plugins/OpenID/publicxrds.php | 122 +++++++++ plugins/OpenID/xrds.php | 173 ++++++++++++ 16 files changed, 1645 insertions(+), 1645 deletions(-) delete mode 100644 actions/finishaddopenid.php delete mode 100644 actions/finishopenidlogin.php delete mode 100644 actions/openidlogin.php delete mode 100644 actions/openidsettings.php delete mode 100644 actions/publicxrds.php delete mode 100644 actions/xrds.php delete mode 100644 classes/User_openid.php delete mode 100644 lib/openid.php create mode 100644 plugins/OpenID/User_openid.php create mode 100644 plugins/OpenID/finishaddopenid.php create mode 100644 plugins/OpenID/finishopenidlogin.php create mode 100644 plugins/OpenID/openid.php create mode 100644 plugins/OpenID/openidlogin.php create mode 100644 plugins/OpenID/openidsettings.php create mode 100644 plugins/OpenID/publicxrds.php create mode 100644 plugins/OpenID/xrds.php (limited to 'actions') diff --git a/actions/finishaddopenid.php b/actions/finishaddopenid.php deleted file mode 100644 index 32bceecfd..000000000 --- a/actions/finishaddopenid.php +++ /dev/null @@ -1,185 +0,0 @@ -. - * - * @category Settings - * @package Laconica - * @author Evan Prodromou - * @copyright 2008-2009 Control Yourself, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - */ - -if (!defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/openid.php'; - -/** - * Complete adding an OpenID - * - * Handle the return from an OpenID verification - * - * @category Settings - * @package Laconica - * @author Evan Prodromou - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - */ - -class FinishaddopenidAction extends Action -{ - var $msg = null; - - /** - * Handle the redirect back from OpenID confirmation - * - * Check to see if the user's logged in, and then try - * to use the OpenID login system. - * - * @param array $args $_REQUEST arguments - * - * @return void - */ - - function handle($args) - { - parent::handle($args); - if (!common_logged_in()) { - $this->clientError(_('Not logged in.')); - } else { - $this->tryLogin(); - } - } - - /** - * Try to log in using OpenID - * - * Check the OpenID for validity; potentially store it. - * - * @return void - */ - - function tryLogin() - { - $consumer =& oid_consumer(); - - $response = $consumer->complete(common_local_url('finishaddopenid')); - - if ($response->status == Auth_OpenID_CANCEL) { - $this->message(_('OpenID authentication cancelled.')); - return; - } else if ($response->status == Auth_OpenID_FAILURE) { - // Authentication failed; display the error message. - $this->message(sprintf(_('OpenID authentication failed: %s'), - $response->message)); - } else if ($response->status == Auth_OpenID_SUCCESS) { - - $display = $response->getDisplayIdentifier(); - $canonical = ($response->endpoint && $response->endpoint->canonicalID) ? - $response->endpoint->canonicalID : $display; - - $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); - - if ($sreg_resp) { - $sreg = $sreg_resp->contents(); - } - - $cur =& common_current_user(); - - $other = oid_get_user($canonical); - - if ($other) { - if ($other->id == $cur->id) { - $this->message(_('You already have this OpenID!')); - } else { - $this->message(_('Someone else already has this OpenID.')); - } - return; - } - - // start a transaction - - $cur->query('BEGIN'); - - $result = oid_link_user($cur->id, $canonical, $display); - - if (!$result) { - $this->message(_('Error connecting user.')); - return; - } - if ($sreg) { - if (!oid_update_user($cur, $sreg)) { - $this->message(_('Error updating profile')); - return; - } - } - - // success! - - $cur->query('COMMIT'); - - oid_set_last($display); - - common_redirect(common_local_url('openidsettings'), 303); - } - } - - /** - * Show a failure message - * - * Something went wrong. Save the message, and show the page. - * - * @param string $msg Error message to show - * - * @return void - */ - - function message($msg) - { - $this->message = $msg; - $this->showPage(); - } - - /** - * Title of the page - * - * @return string title - */ - - function title() - { - return _('OpenID Login'); - } - - /** - * Show error message - * - * @return void - */ - - function showPageNotice() - { - if ($this->message) { - $this->element('p', 'error', $this->message); - } - } -} diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php deleted file mode 100644 index ff0b35218..000000000 --- a/actions/finishopenidlogin.php +++ /dev/null @@ -1,495 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/openid.php'); - -class FinishopenidloginAction extends Action -{ - var $error = null; - var $username = null; - var $message = null; - - function handle($args) - { - parent::handle($args); - if (common_is_real_login()) { - $this->clientError(_('Already logged in.')); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->showForm(_('There was a problem with your session token. Try again, please.')); - return; - } - if ($this->arg('create')) { - if (!$this->boolean('license')) { - $this->showForm(_('You can\'t register if you don\'t agree to the license.'), - $this->trimmed('newname')); - return; - } - $this->createNewUser(); - } else if ($this->arg('connect')) { - $this->connectUser(); - } else { - common_debug(print_r($this->args, true), __FILE__); - $this->showForm(_('Something weird happened.'), - $this->trimmed('newname')); - } - } else { - $this->tryLogin(); - } - } - - function showPageNotice() - { - if ($this->error) { - $this->element('div', array('class' => 'error'), $this->error); - } else { - $this->element('div', 'instructions', - sprintf(_('This is the first time you\'ve logged into %s so we must connect your OpenID to a local account. You can either create a new account, or connect with your existing account, if you have one.'), common_config('site', 'name'))); - } - } - - function title() - { - return _('OpenID Account Setup'); - } - - function showForm($error=null, $username=null) - { - $this->error = $error; - $this->username = $username; - - $this->showPage(); - } - - function showContent() - { - if (!empty($this->message_text)) { - $this->element('div', array('class' => 'error'), $this->message_text); - return; - } - - $this->elementStart('form', array('method' => 'post', - 'id' => 'account_connect', - 'action' => common_local_url('finishopenidlogin'))); - $this->hidden('token', common_session_token()); - $this->element('h2', null, - _('Create new account')); - $this->element('p', null, - _('Create a new user with this nickname.')); - $this->input('newname', _('New nickname'), - ($this->username) ? $this->username : '', - _('1-64 lowercase letters or numbers, no punctuation or spaces')); - $this->elementStart('p'); - $this->element('input', array('type' => 'checkbox', - 'id' => 'license', - 'name' => 'license', - 'value' => 'true')); - $this->text(_('My text and files are available under ')); - $this->element('a', array('href' => common_config('license', 'url')), - common_config('license', 'title')); - $this->text(_(' except this private data: password, email address, IM address, phone number.')); - $this->elementEnd('p'); - $this->submit('create', _('Create')); - $this->element('h2', null, - _('Connect existing account')); - $this->element('p', null, - _('If you already have an account, login with your username and password to connect it to your OpenID.')); - $this->input('nickname', _('Existing nickname')); - $this->password('password', _('Password')); - $this->submit('connect', _('Connect')); - $this->elementEnd('form'); - } - - function tryLogin() - { - $consumer = oid_consumer(); - - $response = $consumer->complete(common_local_url('finishopenidlogin')); - - if ($response->status == Auth_OpenID_CANCEL) { - $this->message(_('OpenID authentication cancelled.')); - return; - } else if ($response->status == Auth_OpenID_FAILURE) { - // Authentication failed; display the error message. - $this->message(sprintf(_('OpenID authentication failed: %s'), $response->message)); - } else if ($response->status == Auth_OpenID_SUCCESS) { - // This means the authentication succeeded; extract the - // identity URL and Simple Registration data (if it was - // returned). - $display = $response->getDisplayIdentifier(); - $canonical = ($response->endpoint->canonicalID) ? - $response->endpoint->canonicalID : $response->getDisplayIdentifier(); - - $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); - - if ($sreg_resp) { - $sreg = $sreg_resp->contents(); - } - - $user = oid_get_user($canonical); - - if ($user) { - oid_set_last($display); - # XXX: commented out at @edd's request until better - # control over how data flows from OpenID provider. - # oid_update_user($user, $sreg); - common_set_user($user); - common_real_login(true); - if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { - common_rememberme($user); - } - unset($_SESSION['openid_rememberme']); - $this->goHome($user->nickname); - } else { - $this->saveValues($display, $canonical, $sreg); - $this->showForm(null, $this->bestNewNickname($display, $sreg)); - } - } - } - - function message($msg) - { - $this->message_text = $msg; - $this->showPage(); - } - - function saveValues($display, $canonical, $sreg) - { - common_ensure_session(); - $_SESSION['openid_display'] = $display; - $_SESSION['openid_canonical'] = $canonical; - $_SESSION['openid_sreg'] = $sreg; - } - - function getSavedValues() - { - return array($_SESSION['openid_display'], - $_SESSION['openid_canonical'], - $_SESSION['openid_sreg']); - } - - function createNewUser() - { - # FIXME: save invite code before redirect, and check here - - if (common_config('site', 'closed')) { - $this->clientError(_('Registration not allowed.')); - return; - } - - $invite = null; - - if (common_config('site', 'inviteonly')) { - $code = $_SESSION['invitecode']; - if (empty($code)) { - $this->clientError(_('Registration not allowed.')); - return; - } - - $invite = Invitation::staticGet($code); - - if (empty($invite)) { - $this->clientError(_('Not a valid invitation code.')); - return; - } - } - - $nickname = $this->trimmed('newname'); - - if (!Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->showForm(_('Nickname must have only lowercase letters and numbers and no spaces.')); - return; - } - - if (!User::allowed_nickname($nickname)) { - $this->showForm(_('Nickname not allowed.')); - return; - } - - if (User::staticGet('nickname', $nickname)) { - $this->showForm(_('Nickname already in use. Try another one.')); - return; - } - - list($display, $canonical, $sreg) = $this->getSavedValues(); - - if (!$display || !$canonical) { - $this->serverError(_('Stored OpenID not found.')); - return; - } - - # Possible race condition... let's be paranoid - - $other = oid_get_user($canonical); - - if ($other) { - $this->serverError(_('Creating new account for OpenID that already has a user.')); - return; - } - - $location = ''; - if (!empty($sreg['country'])) { - if ($sreg['postcode']) { - # XXX: use postcode to get city and region - # XXX: also, store postcode somewhere -- it's valuable! - $location = $sreg['postcode'] . ', ' . $sreg['country']; - } else { - $location = $sreg['country']; - } - } - - if (!empty($sreg['fullname']) && mb_strlen($sreg['fullname']) <= 255) { - $fullname = $sreg['fullname']; - } else { - $fullname = ''; - } - - if (!empty($sreg['email']) && Validate::email($sreg['email'], true)) { - $email = $sreg['email']; - } else { - $email = ''; - } - - # XXX: add language - # XXX: add timezone - - $args = array('nickname' => $nickname, - 'email' => $email, - 'fullname' => $fullname, - 'location' => $location); - - if (!empty($invite)) { - $args['code'] = $invite->code; - } - - $user = User::register($args); - - $result = oid_link_user($user->id, $canonical, $display); - - oid_set_last($display); - common_set_user($user); - common_real_login(true); - if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { - common_rememberme($user); - } - unset($_SESSION['openid_rememberme']); - common_redirect(common_local_url('showstream', array('nickname' => $user->nickname)), - 303); - } - - function connectUser() - { - $nickname = $this->trimmed('nickname'); - $password = $this->trimmed('password'); - - if (!common_check_user($nickname, $password)) { - $this->showForm(_('Invalid username or password.')); - return; - } - - # They're legit! - - $user = User::staticGet('nickname', $nickname); - - list($display, $canonical, $sreg) = $this->getSavedValues(); - - if (!$display || !$canonical) { - $this->serverError(_('Stored OpenID not found.')); - return; - } - - $result = oid_link_user($user->id, $canonical, $display); - - if (!$result) { - $this->serverError(_('Error connecting user to OpenID.')); - return; - } - - oid_update_user($user, $sreg); - oid_set_last($display); - common_set_user($user); - common_real_login(true); - if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { - common_rememberme($user); - } - unset($_SESSION['openid_rememberme']); - $this->goHome($user->nickname); - } - - function goHome($nickname) - { - $url = common_get_returnto(); - if ($url) { - # We don't have to return to it again - common_set_returnto(null); - } else { - $url = common_local_url('all', - array('nickname' => - $nickname)); - } - common_redirect($url, 303); - } - - function bestNewNickname($display, $sreg) - { - - # Try the passed-in nickname - - if (!empty($sreg['nickname'])) { - $nickname = $this->nicknamize($sreg['nickname']); - if ($this->isNewNickname($nickname)) { - return $nickname; - } - } - - # Try the full name - - if (!empty($sreg['fullname'])) { - $fullname = $this->nicknamize($sreg['fullname']); - if ($this->isNewNickname($fullname)) { - return $fullname; - } - } - - # Try the URL - - $from_url = $this->openidToNickname($display); - - if ($from_url && $this->isNewNickname($from_url)) { - return $from_url; - } - - # XXX: others? - - return null; - } - - function isNewNickname($str) - { - if (!Validate::string($str, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - return false; - } - if (!User::allowed_nickname($str)) { - return false; - } - if (User::staticGet('nickname', $str)) { - return false; - } - return true; - } - - function openidToNickname($openid) - { - if (Auth_Yadis_identifierScheme($openid) == 'XRI') { - return $this->xriToNickname($openid); - } else { - return $this->urlToNickname($openid); - } - } - - # We try to use an OpenID URL as a legal Laconica user name in this order - # 1. Plain hostname, like http://evanp.myopenid.com/ - # 2. One element in path, like http://profile.typekey.com/EvanProdromou/ - # or http://getopenid.com/evanprodromou - - function urlToNickname($openid) - { - static $bad = array('query', 'user', 'password', 'port', 'fragment'); - - $parts = parse_url($openid); - - # If any of these parts exist, this won't work - - foreach ($bad as $badpart) { - if (array_key_exists($badpart, $parts)) { - return null; - } - } - - # We just have host and/or path - - # If it's just a host... - if (array_key_exists('host', $parts) && - (!array_key_exists('path', $parts) || strcmp($parts['path'], '/') == 0)) - { - $hostparts = explode('.', $parts['host']); - - # Try to catch common idiom of nickname.service.tld - - if ((count($hostparts) > 2) && - (strlen($hostparts[count($hostparts) - 2]) > 3) && # try to skip .co.uk, .com.au - (strcmp($hostparts[0], 'www') != 0)) - { - return $this->nicknamize($hostparts[0]); - } else { - # Do the whole hostname - return $this->nicknamize($parts['host']); - } - } else { - if (array_key_exists('path', $parts)) { - # Strip starting, ending slashes - $path = preg_replace('@/$@', '', $parts['path']); - $path = preg_replace('@^/@', '', $path); - if (strpos($path, '/') === false) { - return $this->nicknamize($path); - } - } - } - - return null; - } - - function xriToNickname($xri) - { - $base = $this->xriBase($xri); - - if (!$base) { - return null; - } else { - # =evan.prodromou - # or @gratis*evan.prodromou - $parts = explode('*', substr($base, 1)); - return $this->nicknamize(array_pop($parts)); - } - } - - function xriBase($xri) - { - if (substr($xri, 0, 6) == 'xri://') { - return substr($xri, 6); - } else { - return $xri; - } - } - - # Given a string, try to make it work as a nickname - - function nicknamize($str) - { - $str = preg_replace('/\W/', '', $str); - return strtolower($str); - } -} diff --git a/actions/openidlogin.php b/actions/openidlogin.php deleted file mode 100644 index a8d052096..000000000 --- a/actions/openidlogin.php +++ /dev/null @@ -1,131 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/openid.php'); - -class OpenidloginAction extends Action -{ - function handle($args) - { - parent::handle($args); - if (common_is_real_login()) { - $this->clientError(_('Already logged in.')); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $openid_url = $this->trimmed('openid_url'); - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->showForm(_('There was a problem with your session token. Try again, please.'), $openid_url); - return; - } - - $rememberme = $this->boolean('rememberme'); - - common_ensure_session(); - - $_SESSION['openid_rememberme'] = $rememberme; - - $result = oid_authenticate($openid_url, - 'finishopenidlogin'); - - if (is_string($result)) { # error message - unset($_SESSION['openid_rememberme']); - $this->showForm($result, $openid_url); - } - } else { - $openid_url = oid_get_last(); - $this->showForm(null, $openid_url); - } - } - - function getInstructions() - { - if (common_logged_in() && !common_is_real_login() && - common_get_returnto()) { - // rememberme logins have to reauthenticate before - // changing any profile settings (cookie-stealing protection) - return _('For security reasons, please re-login with your ' . - '[OpenID](%%doc.openid%%) ' . - 'before changing your settings.'); - } else { - return _('Login with an [OpenID](%%doc.openid%%) account.'); - } - } - - function showPageNotice() - { - if ($this->error) { - $this->element('div', array('class' => 'error'), $this->error); - } else { - $instr = $this->getInstructions(); - $output = common_markup_to_html($instr); - $this->elementStart('div', 'instructions'); - $this->raw($output); - $this->elementEnd('div'); - } - } - - function title() - { - return _('OpenID Login'); - } - - function showForm($error=null, $openid_url) - { - $this->error = $error; - $this->openid_url = $openid_url; - $this->showPage(); - } - - function showContent() { - $formaction = common_local_url('openidlogin'); - $this->elementStart('form', array('method' => 'post', - 'id' => 'form_openid_login', - 'class' => 'form_settings', - 'action' => $formaction)); - $this->elementStart('fieldset'); - $this->element('legend', null, _('OpenID login')); - $this->hidden('token', common_session_token()); - - $this->elementStart('ul', 'form_data'); - $this->elementStart('li'); - $this->input('openid_url', _('OpenID URL'), - $this->openid_url, - _('Your OpenID URL')); - $this->elementEnd('li'); - $this->elementStart('li', array('id' => 'settings_rememberme')); - $this->checkbox('rememberme', _('Remember me'), false, - _('Automatically login in the future; ' . - 'not for shared computers!')); - $this->elementEnd('li'); - $this->elementEnd('ul'); - $this->submit('submit', _('Login')); - $this->elementEnd('fieldset'); - $this->elementEnd('form'); - } - - function showLocalNav() - { - $nav = new LoginGroupNav($this); - $nav->show(); - } -} diff --git a/actions/openidsettings.php b/actions/openidsettings.php deleted file mode 100644 index 5f59ebc01..000000000 --- a/actions/openidsettings.php +++ /dev/null @@ -1,234 +0,0 @@ -. - * - * @category Settings - * @package Laconica - * @author Evan Prodromou - * @copyright 2008-2009 Control Yourself, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - */ - -if (!defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/accountsettingsaction.php'; -require_once INSTALLDIR.'/lib/openid.php'; - -/** - * Settings for OpenID - * - * Lets users add, edit and delete OpenIDs from their account - * - * @category Settings - * @package Laconica - * @author Evan Prodromou - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - */ - -class OpenidsettingsAction extends AccountSettingsAction -{ - /** - * Title of the page - * - * @return string Page title - */ - - function title() - { - return _('OpenID settings'); - } - - /** - * Instructions for use - * - * @return string Instructions for use - */ - - function getInstructions() - { - return _('[OpenID](%%doc.openid%%) lets you log into many sites' . - ' with the same user account.'. - ' Manage your associated OpenIDs from here.'); - } - - /** - * Show the form for OpenID management - * - * We have one form with a few different submit buttons to do different things. - * - * @return void - */ - - function showContent() - { - $user = common_current_user(); - - $this->elementStart('form', array('method' => 'post', - 'id' => 'form_settings_openid_add', - 'class' => 'form_settings', - 'action' => - common_local_url('openidsettings'))); - $this->elementStart('fieldset', array('id' => 'settings_openid_add')); - $this->element('legend', null, _('Add OpenID')); - $this->hidden('token', common_session_token()); - $this->element('p', 'form_guide', - _('If you want to add an OpenID to your account, ' . - 'enter it in the box below and click "Add".')); - $this->elementStart('ul', 'form_data'); - $this->elementStart('li'); - $this->element('label', array('for' => 'openid_url'), - _('OpenID URL')); - $this->element('input', array('name' => 'openid_url', - 'type' => 'text', - 'id' => 'openid_url')); - $this->elementEnd('li'); - $this->elementEnd('ul'); - $this->element('input', array('type' => 'submit', - 'id' => 'settings_openid_add_action-submit', - 'name' => 'add', - 'class' => 'submit', - 'value' => _('Add'))); - $this->elementEnd('fieldset'); - $this->elementEnd('form'); - - $oid = new User_openid(); - - $oid->user_id = $user->id; - - $cnt = $oid->find(); - - if ($cnt > 0) { - - $this->element('h2', null, _('Remove OpenID')); - - if ($cnt == 1 && !$user->password) { - - $this->element('p', 'form_guide', - _('Removing your only OpenID '. - 'would make it impossible to log in! ' . - 'If you need to remove it, '. - 'add another OpenID first.')); - - if ($oid->fetch()) { - $this->elementStart('p'); - $this->element('a', array('href' => $oid->canonical), - $oid->display); - $this->elementEnd('p'); - } - - } else { - - $this->element('p', 'form_guide', - _('You can remove an OpenID from your account '. - 'by clicking the button marked "Remove".')); - $idx = 0; - - while ($oid->fetch()) { - $this->elementStart('form', - array('method' => 'POST', - 'id' => 'form_settings_openid_delete' . $idx, - 'class' => 'form_settings', - 'action' => - common_local_url('openidsettings'))); - $this->elementStart('fieldset'); - $this->hidden('token', common_session_token()); - $this->element('a', array('href' => $oid->canonical), - $oid->display); - $this->element('input', array('type' => 'hidden', - 'id' => 'openid_url'.$idx, - 'name' => 'openid_url', - 'value' => $oid->canonical)); - $this->element('input', array('type' => 'submit', - 'id' => 'remove'.$idx, - 'name' => 'remove', - 'class' => 'submit remove', - 'value' => _('Remove'))); - $this->elementEnd('fieldset'); - $this->elementEnd('form'); - $idx++; - } - } - } - } - - /** - * Handle a POST request - * - * Muxes to different sub-functions based on which button was pushed - * - * @return void - */ - - function handlePost() - { - // CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->showForm(_('There was a problem with your session token. '. - 'Try again, please.')); - return; - } - - if ($this->arg('add')) { - $result = oid_authenticate($this->trimmed('openid_url'), - 'finishaddopenid'); - if (is_string($result)) { // error message - $this->showForm($result); - } - } else if ($this->arg('remove')) { - $this->removeOpenid(); - } else { - $this->showForm(_('Something weird happened.')); - } - } - - /** - * Handles a request to remove an OpenID from the user's account - * - * Validates input and, if everything is OK, deletes the OpenID. - * Reloads the form with a success or error notification. - * - * @return void - */ - - function removeOpenid() - { - $openid_url = $this->trimmed('openid_url'); - - $oid = User_openid::staticGet('canonical', $openid_url); - - if (!$oid) { - $this->showForm(_('No such OpenID.')); - return; - } - $cur = common_current_user(); - if (!$cur || $oid->user_id != $cur->id) { - $this->showForm(_('That OpenID does not belong to you.')); - return; - } - $oid->delete(); - $this->showForm(_('OpenID removed.'), true); - return; - } -} diff --git a/actions/publicxrds.php b/actions/publicxrds.php deleted file mode 100644 index 0a1421550..000000000 --- a/actions/publicxrds.php +++ /dev/null @@ -1,122 +0,0 @@ - - * @author Robin Millette - * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 - * @link http://laconi.ca/ - * - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, 2009, Control Yourself, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -if (!defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/openid.php'; - -/** - * Public XRDS for OpenID - * - * @category Action - * @package Laconica - * @author Evan Prodromou - * @author Robin Millette - * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 - * @link http://laconi.ca/ - * - * @todo factor out similarities with XrdsAction - */ -class PublicxrdsAction extends Action -{ - /** - * Is read only? - * - * @return boolean true - */ - function isReadOnly($args) - { - return true; - } - - /** - * Class handler. - * - * @param array $args array of arguments - * - * @return nothing - */ - function handle($args) - { - parent::handle($args); - header('Content-Type: application/xrds+xml'); - $this->startXML(); - $this->elementStart('XRDS', array('xmlns' => 'xri://$xrds')); - $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - $this->element('Type', null, 'xri://$xrds*simple'); - foreach (array('finishopenidlogin', 'finishaddopenid') as $finish) { - $this->showService(Auth_OpenID_RP_RETURN_TO_URL_TYPE, - common_local_url($finish)); - } - $this->elementEnd('XRD'); - $this->elementEnd('XRDS'); - $this->endXML(); - } - - /** - * Show service. - * - * @param string $type XRDS type - * @param string $uri URI - * @param array $params type parameters, null by default - * @param array $sigs type signatures, null by default - * @param string $localId local ID, null by default - * - * @return void - */ - function showService($type, $uri, $params=null, $sigs=null, $localId=null) - { - $this->elementStart('Service'); - if ($uri) { - $this->element('URI', null, $uri); - } - $this->element('Type', null, $type); - if ($params) { - foreach ($params as $param) { - $this->element('Type', null, $param); - } - } - if ($sigs) { - foreach ($sigs as $sig) { - $this->element('Type', null, $sig); - } - } - if ($localId) { - $this->element('LocalID', null, $localId); - } - $this->elementEnd('Service'); - } -} - diff --git a/actions/xrds.php b/actions/xrds.php deleted file mode 100644 index 9327a3c83..000000000 --- a/actions/xrds.php +++ /dev/null @@ -1,173 +0,0 @@ - - * @author Robin Millette - * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 - * @link http://laconi.ca/ - * - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, 2009, Control Yourself, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -if (!defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/omb.php'; - -/** - * XRDS for OpenID - * - * @category Action - * @package Laconica - * @author Evan Prodromou - * @author Robin Millette - * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 - * @link http://laconi.ca/ - */ -class XrdsAction extends Action -{ - /** - * Is read only? - * - * @return boolean true - */ - function isReadOnly($args) - { - return true; - } - - /** - * Class handler. - * - * @param array $args query arguments - * - * @return void - */ - function handle($args) - { - parent::handle($args); - $nickname = $this->trimmed('nickname'); - $user = User::staticGet('nickname', $nickname); - if (!$user) { - $this->clientError(_('No such user.')); - return; - } - $this->showXrds($user); - } - - /** - * Show XRDS for a user. - * - * @param class $user XRDS for this user. - * - * @return void - */ - function showXrds($user) - { - header('Content-Type: application/xrds+xml'); - $this->startXML(); - $this->elementStart('XRDS', array('xmlns' => 'xri://$xrds')); - - $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'oauth', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - $this->element('Type', null, 'xri://$xrds*simple'); - $this->showService(OAUTH_ENDPOINT_REQUEST, - common_local_url('requesttoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1), - $user->uri); - $this->showService(OAUTH_ENDPOINT_AUTHORIZE, - common_local_url('userauthorization'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - $this->showService(OAUTH_ENDPOINT_ACCESS, - common_local_url('accesstoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - $this->showService(OAUTH_ENDPOINT_RESOURCE, - null, - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - $this->elementEnd('XRD'); - - // XXX: decide whether to include user's ID/nickname in postNotice URL - $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'omb', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - $this->element('Type', null, 'xri://$xrds*simple'); - $this->showService(OMB_ENDPOINT_POSTNOTICE, - common_local_url('postnotice')); - $this->showService(OMB_ENDPOINT_UPDATEPROFILE, - common_local_url('updateprofile')); - $this->elementEnd('XRD'); - $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'version' => '2.0')); - $this->element('Type', null, 'xri://$xrds*simple'); - $this->showService(OAUTH_DISCOVERY, - '#oauth'); - $this->showService(OMB_NAMESPACE, - '#omb'); - $this->elementEnd('XRD'); - $this->elementEnd('XRDS'); - $this->endXML(); - } - - /** - * Show service. - * - * @param string $type XRDS type - * @param string $uri URI - * @param array $params type parameters, null by default - * @param array $sigs type signatures, null by default - * @param string $localId local ID, null by default - * - * @return void - */ - function showService($type, $uri, $params=null, $sigs=null, $localId=null) - { - $this->elementStart('Service'); - if ($uri) { - $this->element('URI', null, $uri); - } - $this->element('Type', null, $type); - if ($params) { - foreach ($params as $param) { - $this->element('Type', null, $param); - } - } - if ($sigs) { - foreach ($sigs as $sig) { - $this->element('Type', null, $sig); - } - } - if ($localId) { - $this->element('LocalID', null, $localId); - } - $this->elementEnd('Service'); - } -} - diff --git a/classes/User_openid.php b/classes/User_openid.php deleted file mode 100644 index f4fda1c72..000000000 --- a/classes/User_openid.php +++ /dev/null @@ -1,25 +0,0 @@ -. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/classes/User_openid.php'); - -require_once('Auth/OpenID.php'); -require_once('Auth/OpenID/Consumer.php'); -require_once('Auth/OpenID/SReg.php'); -require_once('Auth/OpenID/MySQLStore.php'); - -# About one year cookie expiry - -define('OPENID_COOKIE_EXPIRY', round(365.25 * 24 * 60 * 60)); -define('OPENID_COOKIE_KEY', 'lastusedopenid'); - -function oid_store() -{ - static $store = null; - if (!$store) { - # Can't be called statically - $user = new User(); - $conn = $user->getDatabaseConnection(); - $store = new Auth_OpenID_MySQLStore($conn); - } - return $store; -} - -function oid_consumer() -{ - $store = oid_store(); - $consumer = new Auth_OpenID_Consumer($store); - return $consumer; -} - -function oid_clear_last() -{ - oid_set_last(''); -} - -function oid_set_last($openid_url) -{ - common_set_cookie(OPENID_COOKIE_KEY, - $openid_url, - time() + OPENID_COOKIE_EXPIRY); -} - -function oid_get_last() -{ - if (empty($_COOKIE[OPENID_COOKIE_KEY])) { - return null; - } - $openid_url = $_COOKIE[OPENID_COOKIE_KEY]; - if ($openid_url && strlen($openid_url) > 0) { - return $openid_url; - } else { - return null; - } -} - -function oid_link_user($id, $canonical, $display) -{ - - $oid = new User_openid(); - $oid->user_id = $id; - $oid->canonical = $canonical; - $oid->display = $display; - $oid->created = DB_DataObject_Cast::dateTime(); - - if (!$oid->insert()) { - $err = PEAR::getStaticProperty('DB_DataObject','lastError'); - common_debug('DB error ' . $err->code . ': ' . $err->message, __FILE__); - return false; - } - - return true; -} - -function oid_get_user($openid_url) -{ - $user = null; - $oid = User_openid::staticGet('canonical', $openid_url); - if ($oid) { - $user = User::staticGet('id', $oid->user_id); - } - return $user; -} - -function oid_check_immediate($openid_url, $backto=null) -{ - if (!$backto) { - $action = $_REQUEST['action']; - $args = common_copy_args($_GET); - unset($args['action']); - $backto = common_local_url($action, $args); - } - common_debug('going back to "' . $backto . '"', __FILE__); - - common_ensure_session(); - - $_SESSION['openid_immediate_backto'] = $backto; - common_debug('passed-in variable is "' . $backto . '"', __FILE__); - common_debug('session variable is "' . $_SESSION['openid_immediate_backto'] . '"', __FILE__); - - oid_authenticate($openid_url, - 'finishimmediate', - true); -} - -function oid_authenticate($openid_url, $returnto, $immediate=false) -{ - - $consumer = oid_consumer(); - - if (!$consumer) { - common_server_error(_('Cannot instantiate OpenID consumer object.')); - return false; - } - - common_ensure_session(); - - $auth_request = $consumer->begin($openid_url); - - // Handle failure status return values. - if (!$auth_request) { - return _('Not a valid OpenID.'); - } else if (Auth_OpenID::isFailure($auth_request)) { - return sprintf(_('OpenID failure: %s'), $auth_request->message); - } - - $sreg_request = Auth_OpenID_SRegRequest::build(// Required - array(), - // Optional - array('nickname', - 'email', - 'fullname', - 'language', - 'timezone', - 'postcode', - 'country')); - - if ($sreg_request) { - $auth_request->addExtension($sreg_request); - } - - $trust_root = common_root_url(true); - $process_url = common_local_url($returnto); - - if ($auth_request->shouldSendRedirect()) { - $redirect_url = $auth_request->redirectURL($trust_root, - $process_url, - $immediate); - if (!$redirect_url) { - } else if (Auth_OpenID::isFailure($redirect_url)) { - return sprintf(_('Could not redirect to server: %s'), $redirect_url->message); - } else { - common_redirect($redirect_url, 303); - } - } else { - // Generate form markup and render it. - $form_id = 'openid_message'; - $form_html = $auth_request->formMarkup($trust_root, $process_url, - $immediate, array('id' => $form_id)); - - # XXX: This is cheap, but things choke if we don't escape ampersands - # in the HTML attributes - - $form_html = preg_replace('/&/', '&', $form_html); - - // Display an error if the form markup couldn't be generated; - // otherwise, render the HTML. - if (Auth_OpenID::isFailure($form_html)) { - common_server_error(sprintf(_('Could not create OpenID form: %s'), $form_html->message)); - } else { - $action = new AutosubmitAction(); // see below - $action->form_html = $form_html; - $action->form_id = $form_id; - $action->prepare(array('action' => 'autosubmit')); - $action->handle(array('action' => 'autosubmit')); - } - } -} - -# Half-assed attempt at a module-private function - -function _oid_print_instructions() -{ - common_element('div', 'instructions', - _('This form should automatically submit itself. '. - 'If not, click the submit button to go to your '. - 'OpenID provider.')); -} - -# update a user from sreg parameters - -function oid_update_user(&$user, &$sreg) -{ - - $profile = $user->getProfile(); - - $orig_profile = clone($profile); - - if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { - $profile->fullname = $sreg['fullname']; - } - - if ($sreg['country']) { - if ($sreg['postcode']) { - # XXX: use postcode to get city and region - # XXX: also, store postcode somewhere -- it's valuable! - $profile->location = $sreg['postcode'] . ', ' . $sreg['country']; - } else { - $profile->location = $sreg['country']; - } - } - - # XXX save language if it's passed - # XXX save timezone if it's passed - - if (!$profile->update($orig_profile)) { - common_server_error(_('Error saving the profile.')); - return false; - } - - $orig_user = clone($user); - - if ($sreg['email'] && Validate::email($sreg['email'], true)) { - $user->email = $sreg['email']; - } - - if (!$user->update($orig_user)) { - common_server_error(_('Error saving the user.')); - return false; - } - - return true; -} - -class AutosubmitAction extends Action -{ - var $form_html = null; - var $form_id = null; - - function handle($args) - { - parent::handle($args); - $this->showPage(); - } - - function title() - { - return _('OpenID Auto-Submit'); - } - - function showContent() - { - $this->raw($this->form_html); - $this->element('script', null, - '$(document).ready(function() { ' . - ' $(\'#'. $this->form_id .'\').submit(); '. - '});'); - } -} diff --git a/plugins/OpenID/User_openid.php b/plugins/OpenID/User_openid.php new file mode 100644 index 000000000..f4fda1c72 --- /dev/null +++ b/plugins/OpenID/User_openid.php @@ -0,0 +1,25 @@ +. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/openid.php'; + +/** + * Complete adding an OpenID + * + * Handle the return from an OpenID verification + * + * @category Settings + * @package Laconica + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class FinishaddopenidAction extends Action +{ + var $msg = null; + + /** + * Handle the redirect back from OpenID confirmation + * + * Check to see if the user's logged in, and then try + * to use the OpenID login system. + * + * @param array $args $_REQUEST arguments + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + if (!common_logged_in()) { + $this->clientError(_('Not logged in.')); + } else { + $this->tryLogin(); + } + } + + /** + * Try to log in using OpenID + * + * Check the OpenID for validity; potentially store it. + * + * @return void + */ + + function tryLogin() + { + $consumer =& oid_consumer(); + + $response = $consumer->complete(common_local_url('finishaddopenid')); + + if ($response->status == Auth_OpenID_CANCEL) { + $this->message(_('OpenID authentication cancelled.')); + return; + } else if ($response->status == Auth_OpenID_FAILURE) { + // Authentication failed; display the error message. + $this->message(sprintf(_('OpenID authentication failed: %s'), + $response->message)); + } else if ($response->status == Auth_OpenID_SUCCESS) { + + $display = $response->getDisplayIdentifier(); + $canonical = ($response->endpoint && $response->endpoint->canonicalID) ? + $response->endpoint->canonicalID : $display; + + $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); + + if ($sreg_resp) { + $sreg = $sreg_resp->contents(); + } + + $cur =& common_current_user(); + + $other = oid_get_user($canonical); + + if ($other) { + if ($other->id == $cur->id) { + $this->message(_('You already have this OpenID!')); + } else { + $this->message(_('Someone else already has this OpenID.')); + } + return; + } + + // start a transaction + + $cur->query('BEGIN'); + + $result = oid_link_user($cur->id, $canonical, $display); + + if (!$result) { + $this->message(_('Error connecting user.')); + return; + } + if ($sreg) { + if (!oid_update_user($cur, $sreg)) { + $this->message(_('Error updating profile')); + return; + } + } + + // success! + + $cur->query('COMMIT'); + + oid_set_last($display); + + common_redirect(common_local_url('openidsettings'), 303); + } + } + + /** + * Show a failure message + * + * Something went wrong. Save the message, and show the page. + * + * @param string $msg Error message to show + * + * @return void + */ + + function message($msg) + { + $this->message = $msg; + $this->showPage(); + } + + /** + * Title of the page + * + * @return string title + */ + + function title() + { + return _('OpenID Login'); + } + + /** + * Show error message + * + * @return void + */ + + function showPageNotice() + { + if ($this->message) { + $this->element('p', 'error', $this->message); + } + } +} diff --git a/plugins/OpenID/finishopenidlogin.php b/plugins/OpenID/finishopenidlogin.php new file mode 100644 index 000000000..ff0b35218 --- /dev/null +++ b/plugins/OpenID/finishopenidlogin.php @@ -0,0 +1,495 @@ +. + */ + +if (!defined('LACONICA')) { exit(1); } + +require_once(INSTALLDIR.'/lib/openid.php'); + +class FinishopenidloginAction extends Action +{ + var $error = null; + var $username = null; + var $message = null; + + function handle($args) + { + parent::handle($args); + if (common_is_real_login()) { + $this->clientError(_('Already logged in.')); + } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. Try again, please.')); + return; + } + if ($this->arg('create')) { + if (!$this->boolean('license')) { + $this->showForm(_('You can\'t register if you don\'t agree to the license.'), + $this->trimmed('newname')); + return; + } + $this->createNewUser(); + } else if ($this->arg('connect')) { + $this->connectUser(); + } else { + common_debug(print_r($this->args, true), __FILE__); + $this->showForm(_('Something weird happened.'), + $this->trimmed('newname')); + } + } else { + $this->tryLogin(); + } + } + + function showPageNotice() + { + if ($this->error) { + $this->element('div', array('class' => 'error'), $this->error); + } else { + $this->element('div', 'instructions', + sprintf(_('This is the first time you\'ve logged into %s so we must connect your OpenID to a local account. You can either create a new account, or connect with your existing account, if you have one.'), common_config('site', 'name'))); + } + } + + function title() + { + return _('OpenID Account Setup'); + } + + function showForm($error=null, $username=null) + { + $this->error = $error; + $this->username = $username; + + $this->showPage(); + } + + function showContent() + { + if (!empty($this->message_text)) { + $this->element('div', array('class' => 'error'), $this->message_text); + return; + } + + $this->elementStart('form', array('method' => 'post', + 'id' => 'account_connect', + 'action' => common_local_url('finishopenidlogin'))); + $this->hidden('token', common_session_token()); + $this->element('h2', null, + _('Create new account')); + $this->element('p', null, + _('Create a new user with this nickname.')); + $this->input('newname', _('New nickname'), + ($this->username) ? $this->username : '', + _('1-64 lowercase letters or numbers, no punctuation or spaces')); + $this->elementStart('p'); + $this->element('input', array('type' => 'checkbox', + 'id' => 'license', + 'name' => 'license', + 'value' => 'true')); + $this->text(_('My text and files are available under ')); + $this->element('a', array('href' => common_config('license', 'url')), + common_config('license', 'title')); + $this->text(_(' except this private data: password, email address, IM address, phone number.')); + $this->elementEnd('p'); + $this->submit('create', _('Create')); + $this->element('h2', null, + _('Connect existing account')); + $this->element('p', null, + _('If you already have an account, login with your username and password to connect it to your OpenID.')); + $this->input('nickname', _('Existing nickname')); + $this->password('password', _('Password')); + $this->submit('connect', _('Connect')); + $this->elementEnd('form'); + } + + function tryLogin() + { + $consumer = oid_consumer(); + + $response = $consumer->complete(common_local_url('finishopenidlogin')); + + if ($response->status == Auth_OpenID_CANCEL) { + $this->message(_('OpenID authentication cancelled.')); + return; + } else if ($response->status == Auth_OpenID_FAILURE) { + // Authentication failed; display the error message. + $this->message(sprintf(_('OpenID authentication failed: %s'), $response->message)); + } else if ($response->status == Auth_OpenID_SUCCESS) { + // This means the authentication succeeded; extract the + // identity URL and Simple Registration data (if it was + // returned). + $display = $response->getDisplayIdentifier(); + $canonical = ($response->endpoint->canonicalID) ? + $response->endpoint->canonicalID : $response->getDisplayIdentifier(); + + $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); + + if ($sreg_resp) { + $sreg = $sreg_resp->contents(); + } + + $user = oid_get_user($canonical); + + if ($user) { + oid_set_last($display); + # XXX: commented out at @edd's request until better + # control over how data flows from OpenID provider. + # oid_update_user($user, $sreg); + common_set_user($user); + common_real_login(true); + if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { + common_rememberme($user); + } + unset($_SESSION['openid_rememberme']); + $this->goHome($user->nickname); + } else { + $this->saveValues($display, $canonical, $sreg); + $this->showForm(null, $this->bestNewNickname($display, $sreg)); + } + } + } + + function message($msg) + { + $this->message_text = $msg; + $this->showPage(); + } + + function saveValues($display, $canonical, $sreg) + { + common_ensure_session(); + $_SESSION['openid_display'] = $display; + $_SESSION['openid_canonical'] = $canonical; + $_SESSION['openid_sreg'] = $sreg; + } + + function getSavedValues() + { + return array($_SESSION['openid_display'], + $_SESSION['openid_canonical'], + $_SESSION['openid_sreg']); + } + + function createNewUser() + { + # FIXME: save invite code before redirect, and check here + + if (common_config('site', 'closed')) { + $this->clientError(_('Registration not allowed.')); + return; + } + + $invite = null; + + if (common_config('site', 'inviteonly')) { + $code = $_SESSION['invitecode']; + if (empty($code)) { + $this->clientError(_('Registration not allowed.')); + return; + } + + $invite = Invitation::staticGet($code); + + if (empty($invite)) { + $this->clientError(_('Not a valid invitation code.')); + return; + } + } + + $nickname = $this->trimmed('newname'); + + if (!Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { + $this->showForm(_('Nickname must have only lowercase letters and numbers and no spaces.')); + return; + } + + if (!User::allowed_nickname($nickname)) { + $this->showForm(_('Nickname not allowed.')); + return; + } + + if (User::staticGet('nickname', $nickname)) { + $this->showForm(_('Nickname already in use. Try another one.')); + return; + } + + list($display, $canonical, $sreg) = $this->getSavedValues(); + + if (!$display || !$canonical) { + $this->serverError(_('Stored OpenID not found.')); + return; + } + + # Possible race condition... let's be paranoid + + $other = oid_get_user($canonical); + + if ($other) { + $this->serverError(_('Creating new account for OpenID that already has a user.')); + return; + } + + $location = ''; + if (!empty($sreg['country'])) { + if ($sreg['postcode']) { + # XXX: use postcode to get city and region + # XXX: also, store postcode somewhere -- it's valuable! + $location = $sreg['postcode'] . ', ' . $sreg['country']; + } else { + $location = $sreg['country']; + } + } + + if (!empty($sreg['fullname']) && mb_strlen($sreg['fullname']) <= 255) { + $fullname = $sreg['fullname']; + } else { + $fullname = ''; + } + + if (!empty($sreg['email']) && Validate::email($sreg['email'], true)) { + $email = $sreg['email']; + } else { + $email = ''; + } + + # XXX: add language + # XXX: add timezone + + $args = array('nickname' => $nickname, + 'email' => $email, + 'fullname' => $fullname, + 'location' => $location); + + if (!empty($invite)) { + $args['code'] = $invite->code; + } + + $user = User::register($args); + + $result = oid_link_user($user->id, $canonical, $display); + + oid_set_last($display); + common_set_user($user); + common_real_login(true); + if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { + common_rememberme($user); + } + unset($_SESSION['openid_rememberme']); + common_redirect(common_local_url('showstream', array('nickname' => $user->nickname)), + 303); + } + + function connectUser() + { + $nickname = $this->trimmed('nickname'); + $password = $this->trimmed('password'); + + if (!common_check_user($nickname, $password)) { + $this->showForm(_('Invalid username or password.')); + return; + } + + # They're legit! + + $user = User::staticGet('nickname', $nickname); + + list($display, $canonical, $sreg) = $this->getSavedValues(); + + if (!$display || !$canonical) { + $this->serverError(_('Stored OpenID not found.')); + return; + } + + $result = oid_link_user($user->id, $canonical, $display); + + if (!$result) { + $this->serverError(_('Error connecting user to OpenID.')); + return; + } + + oid_update_user($user, $sreg); + oid_set_last($display); + common_set_user($user); + common_real_login(true); + if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { + common_rememberme($user); + } + unset($_SESSION['openid_rememberme']); + $this->goHome($user->nickname); + } + + function goHome($nickname) + { + $url = common_get_returnto(); + if ($url) { + # We don't have to return to it again + common_set_returnto(null); + } else { + $url = common_local_url('all', + array('nickname' => + $nickname)); + } + common_redirect($url, 303); + } + + function bestNewNickname($display, $sreg) + { + + # Try the passed-in nickname + + if (!empty($sreg['nickname'])) { + $nickname = $this->nicknamize($sreg['nickname']); + if ($this->isNewNickname($nickname)) { + return $nickname; + } + } + + # Try the full name + + if (!empty($sreg['fullname'])) { + $fullname = $this->nicknamize($sreg['fullname']); + if ($this->isNewNickname($fullname)) { + return $fullname; + } + } + + # Try the URL + + $from_url = $this->openidToNickname($display); + + if ($from_url && $this->isNewNickname($from_url)) { + return $from_url; + } + + # XXX: others? + + return null; + } + + function isNewNickname($str) + { + if (!Validate::string($str, array('min_length' => 1, + 'max_length' => 64, + 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { + return false; + } + if (!User::allowed_nickname($str)) { + return false; + } + if (User::staticGet('nickname', $str)) { + return false; + } + return true; + } + + function openidToNickname($openid) + { + if (Auth_Yadis_identifierScheme($openid) == 'XRI') { + return $this->xriToNickname($openid); + } else { + return $this->urlToNickname($openid); + } + } + + # We try to use an OpenID URL as a legal Laconica user name in this order + # 1. Plain hostname, like http://evanp.myopenid.com/ + # 2. One element in path, like http://profile.typekey.com/EvanProdromou/ + # or http://getopenid.com/evanprodromou + + function urlToNickname($openid) + { + static $bad = array('query', 'user', 'password', 'port', 'fragment'); + + $parts = parse_url($openid); + + # If any of these parts exist, this won't work + + foreach ($bad as $badpart) { + if (array_key_exists($badpart, $parts)) { + return null; + } + } + + # We just have host and/or path + + # If it's just a host... + if (array_key_exists('host', $parts) && + (!array_key_exists('path', $parts) || strcmp($parts['path'], '/') == 0)) + { + $hostparts = explode('.', $parts['host']); + + # Try to catch common idiom of nickname.service.tld + + if ((count($hostparts) > 2) && + (strlen($hostparts[count($hostparts) - 2]) > 3) && # try to skip .co.uk, .com.au + (strcmp($hostparts[0], 'www') != 0)) + { + return $this->nicknamize($hostparts[0]); + } else { + # Do the whole hostname + return $this->nicknamize($parts['host']); + } + } else { + if (array_key_exists('path', $parts)) { + # Strip starting, ending slashes + $path = preg_replace('@/$@', '', $parts['path']); + $path = preg_replace('@^/@', '', $path); + if (strpos($path, '/') === false) { + return $this->nicknamize($path); + } + } + } + + return null; + } + + function xriToNickname($xri) + { + $base = $this->xriBase($xri); + + if (!$base) { + return null; + } else { + # =evan.prodromou + # or @gratis*evan.prodromou + $parts = explode('*', substr($base, 1)); + return $this->nicknamize(array_pop($parts)); + } + } + + function xriBase($xri) + { + if (substr($xri, 0, 6) == 'xri://') { + return substr($xri, 6); + } else { + return $xri; + } + } + + # Given a string, try to make it work as a nickname + + function nicknamize($str) + { + $str = preg_replace('/\W/', '', $str); + return strtolower($str); + } +} diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php new file mode 100644 index 000000000..0b7633284 --- /dev/null +++ b/plugins/OpenID/openid.php @@ -0,0 +1,280 @@ +. + */ + +if (!defined('LACONICA')) { exit(1); } + +require_once(INSTALLDIR.'/classes/User_openid.php'); + +require_once('Auth/OpenID.php'); +require_once('Auth/OpenID/Consumer.php'); +require_once('Auth/OpenID/SReg.php'); +require_once('Auth/OpenID/MySQLStore.php'); + +# About one year cookie expiry + +define('OPENID_COOKIE_EXPIRY', round(365.25 * 24 * 60 * 60)); +define('OPENID_COOKIE_KEY', 'lastusedopenid'); + +function oid_store() +{ + static $store = null; + if (!$store) { + # Can't be called statically + $user = new User(); + $conn = $user->getDatabaseConnection(); + $store = new Auth_OpenID_MySQLStore($conn); + } + return $store; +} + +function oid_consumer() +{ + $store = oid_store(); + $consumer = new Auth_OpenID_Consumer($store); + return $consumer; +} + +function oid_clear_last() +{ + oid_set_last(''); +} + +function oid_set_last($openid_url) +{ + common_set_cookie(OPENID_COOKIE_KEY, + $openid_url, + time() + OPENID_COOKIE_EXPIRY); +} + +function oid_get_last() +{ + if (empty($_COOKIE[OPENID_COOKIE_KEY])) { + return null; + } + $openid_url = $_COOKIE[OPENID_COOKIE_KEY]; + if ($openid_url && strlen($openid_url) > 0) { + return $openid_url; + } else { + return null; + } +} + +function oid_link_user($id, $canonical, $display) +{ + + $oid = new User_openid(); + $oid->user_id = $id; + $oid->canonical = $canonical; + $oid->display = $display; + $oid->created = DB_DataObject_Cast::dateTime(); + + if (!$oid->insert()) { + $err = PEAR::getStaticProperty('DB_DataObject','lastError'); + common_debug('DB error ' . $err->code . ': ' . $err->message, __FILE__); + return false; + } + + return true; +} + +function oid_get_user($openid_url) +{ + $user = null; + $oid = User_openid::staticGet('canonical', $openid_url); + if ($oid) { + $user = User::staticGet('id', $oid->user_id); + } + return $user; +} + +function oid_check_immediate($openid_url, $backto=null) +{ + if (!$backto) { + $action = $_REQUEST['action']; + $args = common_copy_args($_GET); + unset($args['action']); + $backto = common_local_url($action, $args); + } + common_debug('going back to "' . $backto . '"', __FILE__); + + common_ensure_session(); + + $_SESSION['openid_immediate_backto'] = $backto; + common_debug('passed-in variable is "' . $backto . '"', __FILE__); + common_debug('session variable is "' . $_SESSION['openid_immediate_backto'] . '"', __FILE__); + + oid_authenticate($openid_url, + 'finishimmediate', + true); +} + +function oid_authenticate($openid_url, $returnto, $immediate=false) +{ + + $consumer = oid_consumer(); + + if (!$consumer) { + common_server_error(_('Cannot instantiate OpenID consumer object.')); + return false; + } + + common_ensure_session(); + + $auth_request = $consumer->begin($openid_url); + + // Handle failure status return values. + if (!$auth_request) { + return _('Not a valid OpenID.'); + } else if (Auth_OpenID::isFailure($auth_request)) { + return sprintf(_('OpenID failure: %s'), $auth_request->message); + } + + $sreg_request = Auth_OpenID_SRegRequest::build(// Required + array(), + // Optional + array('nickname', + 'email', + 'fullname', + 'language', + 'timezone', + 'postcode', + 'country')); + + if ($sreg_request) { + $auth_request->addExtension($sreg_request); + } + + $trust_root = common_root_url(true); + $process_url = common_local_url($returnto); + + if ($auth_request->shouldSendRedirect()) { + $redirect_url = $auth_request->redirectURL($trust_root, + $process_url, + $immediate); + if (!$redirect_url) { + } else if (Auth_OpenID::isFailure($redirect_url)) { + return sprintf(_('Could not redirect to server: %s'), $redirect_url->message); + } else { + common_redirect($redirect_url, 303); + } + } else { + // Generate form markup and render it. + $form_id = 'openid_message'; + $form_html = $auth_request->formMarkup($trust_root, $process_url, + $immediate, array('id' => $form_id)); + + # XXX: This is cheap, but things choke if we don't escape ampersands + # in the HTML attributes + + $form_html = preg_replace('/&/', '&', $form_html); + + // Display an error if the form markup couldn't be generated; + // otherwise, render the HTML. + if (Auth_OpenID::isFailure($form_html)) { + common_server_error(sprintf(_('Could not create OpenID form: %s'), $form_html->message)); + } else { + $action = new AutosubmitAction(); // see below + $action->form_html = $form_html; + $action->form_id = $form_id; + $action->prepare(array('action' => 'autosubmit')); + $action->handle(array('action' => 'autosubmit')); + } + } +} + +# Half-assed attempt at a module-private function + +function _oid_print_instructions() +{ + common_element('div', 'instructions', + _('This form should automatically submit itself. '. + 'If not, click the submit button to go to your '. + 'OpenID provider.')); +} + +# update a user from sreg parameters + +function oid_update_user(&$user, &$sreg) +{ + + $profile = $user->getProfile(); + + $orig_profile = clone($profile); + + if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { + $profile->fullname = $sreg['fullname']; + } + + if ($sreg['country']) { + if ($sreg['postcode']) { + # XXX: use postcode to get city and region + # XXX: also, store postcode somewhere -- it's valuable! + $profile->location = $sreg['postcode'] . ', ' . $sreg['country']; + } else { + $profile->location = $sreg['country']; + } + } + + # XXX save language if it's passed + # XXX save timezone if it's passed + + if (!$profile->update($orig_profile)) { + common_server_error(_('Error saving the profile.')); + return false; + } + + $orig_user = clone($user); + + if ($sreg['email'] && Validate::email($sreg['email'], true)) { + $user->email = $sreg['email']; + } + + if (!$user->update($orig_user)) { + common_server_error(_('Error saving the user.')); + return false; + } + + return true; +} + +class AutosubmitAction extends Action +{ + var $form_html = null; + var $form_id = null; + + function handle($args) + { + parent::handle($args); + $this->showPage(); + } + + function title() + { + return _('OpenID Auto-Submit'); + } + + function showContent() + { + $this->raw($this->form_html); + $this->element('script', null, + '$(document).ready(function() { ' . + ' $(\'#'. $this->form_id .'\').submit(); '. + '});'); + } +} diff --git a/plugins/OpenID/openidlogin.php b/plugins/OpenID/openidlogin.php new file mode 100644 index 000000000..a8d052096 --- /dev/null +++ b/plugins/OpenID/openidlogin.php @@ -0,0 +1,131 @@ +. + */ + +if (!defined('LACONICA')) { exit(1); } + +require_once(INSTALLDIR.'/lib/openid.php'); + +class OpenidloginAction extends Action +{ + function handle($args) + { + parent::handle($args); + if (common_is_real_login()) { + $this->clientError(_('Already logged in.')); + } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $openid_url = $this->trimmed('openid_url'); + + # CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. Try again, please.'), $openid_url); + return; + } + + $rememberme = $this->boolean('rememberme'); + + common_ensure_session(); + + $_SESSION['openid_rememberme'] = $rememberme; + + $result = oid_authenticate($openid_url, + 'finishopenidlogin'); + + if (is_string($result)) { # error message + unset($_SESSION['openid_rememberme']); + $this->showForm($result, $openid_url); + } + } else { + $openid_url = oid_get_last(); + $this->showForm(null, $openid_url); + } + } + + function getInstructions() + { + if (common_logged_in() && !common_is_real_login() && + common_get_returnto()) { + // rememberme logins have to reauthenticate before + // changing any profile settings (cookie-stealing protection) + return _('For security reasons, please re-login with your ' . + '[OpenID](%%doc.openid%%) ' . + 'before changing your settings.'); + } else { + return _('Login with an [OpenID](%%doc.openid%%) account.'); + } + } + + function showPageNotice() + { + if ($this->error) { + $this->element('div', array('class' => 'error'), $this->error); + } else { + $instr = $this->getInstructions(); + $output = common_markup_to_html($instr); + $this->elementStart('div', 'instructions'); + $this->raw($output); + $this->elementEnd('div'); + } + } + + function title() + { + return _('OpenID Login'); + } + + function showForm($error=null, $openid_url) + { + $this->error = $error; + $this->openid_url = $openid_url; + $this->showPage(); + } + + function showContent() { + $formaction = common_local_url('openidlogin'); + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_openid_login', + 'class' => 'form_settings', + 'action' => $formaction)); + $this->elementStart('fieldset'); + $this->element('legend', null, _('OpenID login')); + $this->hidden('token', common_session_token()); + + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->input('openid_url', _('OpenID URL'), + $this->openid_url, + _('Your OpenID URL')); + $this->elementEnd('li'); + $this->elementStart('li', array('id' => 'settings_rememberme')); + $this->checkbox('rememberme', _('Remember me'), false, + _('Automatically login in the future; ' . + 'not for shared computers!')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('submit', _('Login')); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + function showLocalNav() + { + $nav = new LoginGroupNav($this); + $nav->show(); + } +} diff --git a/plugins/OpenID/openidsettings.php b/plugins/OpenID/openidsettings.php new file mode 100644 index 000000000..5f59ebc01 --- /dev/null +++ b/plugins/OpenID/openidsettings.php @@ -0,0 +1,234 @@ +. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/accountsettingsaction.php'; +require_once INSTALLDIR.'/lib/openid.php'; + +/** + * Settings for OpenID + * + * Lets users add, edit and delete OpenIDs from their account + * + * @category Settings + * @package Laconica + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class OpenidsettingsAction extends AccountSettingsAction +{ + /** + * Title of the page + * + * @return string Page title + */ + + function title() + { + return _('OpenID settings'); + } + + /** + * Instructions for use + * + * @return string Instructions for use + */ + + function getInstructions() + { + return _('[OpenID](%%doc.openid%%) lets you log into many sites' . + ' with the same user account.'. + ' Manage your associated OpenIDs from here.'); + } + + /** + * Show the form for OpenID management + * + * We have one form with a few different submit buttons to do different things. + * + * @return void + */ + + function showContent() + { + $user = common_current_user(); + + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_openid_add', + 'class' => 'form_settings', + 'action' => + common_local_url('openidsettings'))); + $this->elementStart('fieldset', array('id' => 'settings_openid_add')); + $this->element('legend', null, _('Add OpenID')); + $this->hidden('token', common_session_token()); + $this->element('p', 'form_guide', + _('If you want to add an OpenID to your account, ' . + 'enter it in the box below and click "Add".')); + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->element('label', array('for' => 'openid_url'), + _('OpenID URL')); + $this->element('input', array('name' => 'openid_url', + 'type' => 'text', + 'id' => 'openid_url')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->element('input', array('type' => 'submit', + 'id' => 'settings_openid_add_action-submit', + 'name' => 'add', + 'class' => 'submit', + 'value' => _('Add'))); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + + $oid = new User_openid(); + + $oid->user_id = $user->id; + + $cnt = $oid->find(); + + if ($cnt > 0) { + + $this->element('h2', null, _('Remove OpenID')); + + if ($cnt == 1 && !$user->password) { + + $this->element('p', 'form_guide', + _('Removing your only OpenID '. + 'would make it impossible to log in! ' . + 'If you need to remove it, '. + 'add another OpenID first.')); + + if ($oid->fetch()) { + $this->elementStart('p'); + $this->element('a', array('href' => $oid->canonical), + $oid->display); + $this->elementEnd('p'); + } + + } else { + + $this->element('p', 'form_guide', + _('You can remove an OpenID from your account '. + 'by clicking the button marked "Remove".')); + $idx = 0; + + while ($oid->fetch()) { + $this->elementStart('form', + array('method' => 'POST', + 'id' => 'form_settings_openid_delete' . $idx, + 'class' => 'form_settings', + 'action' => + common_local_url('openidsettings'))); + $this->elementStart('fieldset'); + $this->hidden('token', common_session_token()); + $this->element('a', array('href' => $oid->canonical), + $oid->display); + $this->element('input', array('type' => 'hidden', + 'id' => 'openid_url'.$idx, + 'name' => 'openid_url', + 'value' => $oid->canonical)); + $this->element('input', array('type' => 'submit', + 'id' => 'remove'.$idx, + 'name' => 'remove', + 'class' => 'submit remove', + 'value' => _('Remove'))); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + $idx++; + } + } + } + } + + /** + * Handle a POST request + * + * Muxes to different sub-functions based on which button was pushed + * + * @return void + */ + + function handlePost() + { + // CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + if ($this->arg('add')) { + $result = oid_authenticate($this->trimmed('openid_url'), + 'finishaddopenid'); + if (is_string($result)) { // error message + $this->showForm($result); + } + } else if ($this->arg('remove')) { + $this->removeOpenid(); + } else { + $this->showForm(_('Something weird happened.')); + } + } + + /** + * Handles a request to remove an OpenID from the user's account + * + * Validates input and, if everything is OK, deletes the OpenID. + * Reloads the form with a success or error notification. + * + * @return void + */ + + function removeOpenid() + { + $openid_url = $this->trimmed('openid_url'); + + $oid = User_openid::staticGet('canonical', $openid_url); + + if (!$oid) { + $this->showForm(_('No such OpenID.')); + return; + } + $cur = common_current_user(); + if (!$cur || $oid->user_id != $cur->id) { + $this->showForm(_('That OpenID does not belong to you.')); + return; + } + $oid->delete(); + $this->showForm(_('OpenID removed.'), true); + return; + } +} diff --git a/plugins/OpenID/publicxrds.php b/plugins/OpenID/publicxrds.php new file mode 100644 index 000000000..0a1421550 --- /dev/null +++ b/plugins/OpenID/publicxrds.php @@ -0,0 +1,122 @@ + + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * + * Laconica - a distributed open-source microblogging tool + * Copyright (C) 2008, 2009, Control Yourself, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/openid.php'; + +/** + * Public XRDS for OpenID + * + * @category Action + * @package Laconica + * @author Evan Prodromou + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * + * @todo factor out similarities with XrdsAction + */ +class PublicxrdsAction extends Action +{ + /** + * Is read only? + * + * @return boolean true + */ + function isReadOnly($args) + { + return true; + } + + /** + * Class handler. + * + * @param array $args array of arguments + * + * @return nothing + */ + function handle($args) + { + parent::handle($args); + header('Content-Type: application/xrds+xml'); + $this->startXML(); + $this->elementStart('XRDS', array('xmlns' => 'xri://$xrds')); + $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', + 'version' => '2.0')); + $this->element('Type', null, 'xri://$xrds*simple'); + foreach (array('finishopenidlogin', 'finishaddopenid') as $finish) { + $this->showService(Auth_OpenID_RP_RETURN_TO_URL_TYPE, + common_local_url($finish)); + } + $this->elementEnd('XRD'); + $this->elementEnd('XRDS'); + $this->endXML(); + } + + /** + * Show service. + * + * @param string $type XRDS type + * @param string $uri URI + * @param array $params type parameters, null by default + * @param array $sigs type signatures, null by default + * @param string $localId local ID, null by default + * + * @return void + */ + function showService($type, $uri, $params=null, $sigs=null, $localId=null) + { + $this->elementStart('Service'); + if ($uri) { + $this->element('URI', null, $uri); + } + $this->element('Type', null, $type); + if ($params) { + foreach ($params as $param) { + $this->element('Type', null, $param); + } + } + if ($sigs) { + foreach ($sigs as $sig) { + $this->element('Type', null, $sig); + } + } + if ($localId) { + $this->element('LocalID', null, $localId); + } + $this->elementEnd('Service'); + } +} + diff --git a/plugins/OpenID/xrds.php b/plugins/OpenID/xrds.php new file mode 100644 index 000000000..9327a3c83 --- /dev/null +++ b/plugins/OpenID/xrds.php @@ -0,0 +1,173 @@ + + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * + * Laconica - a distributed open-source microblogging tool + * Copyright (C) 2008, 2009, Control Yourself, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/omb.php'; + +/** + * XRDS for OpenID + * + * @category Action + * @package Laconica + * @author Evan Prodromou + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class XrdsAction extends Action +{ + /** + * Is read only? + * + * @return boolean true + */ + function isReadOnly($args) + { + return true; + } + + /** + * Class handler. + * + * @param array $args query arguments + * + * @return void + */ + function handle($args) + { + parent::handle($args); + $nickname = $this->trimmed('nickname'); + $user = User::staticGet('nickname', $nickname); + if (!$user) { + $this->clientError(_('No such user.')); + return; + } + $this->showXrds($user); + } + + /** + * Show XRDS for a user. + * + * @param class $user XRDS for this user. + * + * @return void + */ + function showXrds($user) + { + header('Content-Type: application/xrds+xml'); + $this->startXML(); + $this->elementStart('XRDS', array('xmlns' => 'xri://$xrds')); + + $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'xml:id' => 'oauth', + 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', + 'version' => '2.0')); + $this->element('Type', null, 'xri://$xrds*simple'); + $this->showService(OAUTH_ENDPOINT_REQUEST, + common_local_url('requesttoken'), + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), + array(OAUTH_HMAC_SHA1), + $user->uri); + $this->showService(OAUTH_ENDPOINT_AUTHORIZE, + common_local_url('userauthorization'), + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), + array(OAUTH_HMAC_SHA1)); + $this->showService(OAUTH_ENDPOINT_ACCESS, + common_local_url('accesstoken'), + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), + array(OAUTH_HMAC_SHA1)); + $this->showService(OAUTH_ENDPOINT_RESOURCE, + null, + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), + array(OAUTH_HMAC_SHA1)); + $this->elementEnd('XRD'); + + // XXX: decide whether to include user's ID/nickname in postNotice URL + $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'xml:id' => 'omb', + 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', + 'version' => '2.0')); + $this->element('Type', null, 'xri://$xrds*simple'); + $this->showService(OMB_ENDPOINT_POSTNOTICE, + common_local_url('postnotice')); + $this->showService(OMB_ENDPOINT_UPDATEPROFILE, + common_local_url('updateprofile')); + $this->elementEnd('XRD'); + $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'version' => '2.0')); + $this->element('Type', null, 'xri://$xrds*simple'); + $this->showService(OAUTH_DISCOVERY, + '#oauth'); + $this->showService(OMB_NAMESPACE, + '#omb'); + $this->elementEnd('XRD'); + $this->elementEnd('XRDS'); + $this->endXML(); + } + + /** + * Show service. + * + * @param string $type XRDS type + * @param string $uri URI + * @param array $params type parameters, null by default + * @param array $sigs type signatures, null by default + * @param string $localId local ID, null by default + * + * @return void + */ + function showService($type, $uri, $params=null, $sigs=null, $localId=null) + { + $this->elementStart('Service'); + if ($uri) { + $this->element('URI', null, $uri); + } + $this->element('Type', null, $type); + if ($params) { + foreach ($params as $param) { + $this->element('Type', null, $param); + } + } + if ($sigs) { + foreach ($sigs as $sig) { + $this->element('Type', null, $sig); + } + } + if ($localId) { + $this->element('LocalID', null, $localId); + } + $this->elementEnd('Service'); + } +} + -- cgit v1.2.3-54-g00ecf From 93239adb55d338af3852ad7eb9113aa06cd1afd5 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 4 Aug 2009 07:12:43 -0400 Subject: remove unused openid lib from logout action --- actions/logout.php | 2 -- 1 file changed, 2 deletions(-) (limited to 'actions') diff --git a/actions/logout.php b/actions/logout.php index 3fcfb4f4e..cb20a26b5 100644 --- a/actions/logout.php +++ b/actions/logout.php @@ -32,8 +32,6 @@ if (!defined('LACONICA')) { exit(1); } -require_once INSTALLDIR.'/lib/openid.php'; - /** * Logout action class. * -- cgit v1.2.3-54-g00ecf From 3997682d26d7ed48361610892b65ace9097f5fc0 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 4 Aug 2009 09:03:58 -0400 Subject: incorrectly moved user xrds to OpenID plugin; fixing --- actions/xrds.php | 173 ++++++++++++++++++++++++++++++++++++++++ lib/router.php | 2 +- plugins/OpenID/OpenIDPlugin.php | 3 - plugins/OpenID/xrds.php | 173 ---------------------------------------- 4 files changed, 174 insertions(+), 177 deletions(-) create mode 100644 actions/xrds.php delete mode 100644 plugins/OpenID/xrds.php (limited to 'actions') diff --git a/actions/xrds.php b/actions/xrds.php new file mode 100644 index 000000000..9327a3c83 --- /dev/null +++ b/actions/xrds.php @@ -0,0 +1,173 @@ + + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * + * Laconica - a distributed open-source microblogging tool + * Copyright (C) 2008, 2009, Control Yourself, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/omb.php'; + +/** + * XRDS for OpenID + * + * @category Action + * @package Laconica + * @author Evan Prodromou + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class XrdsAction extends Action +{ + /** + * Is read only? + * + * @return boolean true + */ + function isReadOnly($args) + { + return true; + } + + /** + * Class handler. + * + * @param array $args query arguments + * + * @return void + */ + function handle($args) + { + parent::handle($args); + $nickname = $this->trimmed('nickname'); + $user = User::staticGet('nickname', $nickname); + if (!$user) { + $this->clientError(_('No such user.')); + return; + } + $this->showXrds($user); + } + + /** + * Show XRDS for a user. + * + * @param class $user XRDS for this user. + * + * @return void + */ + function showXrds($user) + { + header('Content-Type: application/xrds+xml'); + $this->startXML(); + $this->elementStart('XRDS', array('xmlns' => 'xri://$xrds')); + + $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'xml:id' => 'oauth', + 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', + 'version' => '2.0')); + $this->element('Type', null, 'xri://$xrds*simple'); + $this->showService(OAUTH_ENDPOINT_REQUEST, + common_local_url('requesttoken'), + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), + array(OAUTH_HMAC_SHA1), + $user->uri); + $this->showService(OAUTH_ENDPOINT_AUTHORIZE, + common_local_url('userauthorization'), + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), + array(OAUTH_HMAC_SHA1)); + $this->showService(OAUTH_ENDPOINT_ACCESS, + common_local_url('accesstoken'), + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), + array(OAUTH_HMAC_SHA1)); + $this->showService(OAUTH_ENDPOINT_RESOURCE, + null, + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), + array(OAUTH_HMAC_SHA1)); + $this->elementEnd('XRD'); + + // XXX: decide whether to include user's ID/nickname in postNotice URL + $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'xml:id' => 'omb', + 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', + 'version' => '2.0')); + $this->element('Type', null, 'xri://$xrds*simple'); + $this->showService(OMB_ENDPOINT_POSTNOTICE, + common_local_url('postnotice')); + $this->showService(OMB_ENDPOINT_UPDATEPROFILE, + common_local_url('updateprofile')); + $this->elementEnd('XRD'); + $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'version' => '2.0')); + $this->element('Type', null, 'xri://$xrds*simple'); + $this->showService(OAUTH_DISCOVERY, + '#oauth'); + $this->showService(OMB_NAMESPACE, + '#omb'); + $this->elementEnd('XRD'); + $this->elementEnd('XRDS'); + $this->endXML(); + } + + /** + * Show service. + * + * @param string $type XRDS type + * @param string $uri URI + * @param array $params type parameters, null by default + * @param array $sigs type signatures, null by default + * @param string $localId local ID, null by default + * + * @return void + */ + function showService($type, $uri, $params=null, $sigs=null, $localId=null) + { + $this->elementStart('Service'); + if ($uri) { + $this->element('URI', null, $uri); + } + $this->element('Type', null, $type); + if ($params) { + foreach ($params as $param) { + $this->element('Type', null, $param); + } + } + if ($sigs) { + foreach ($sigs as $sig) { + $this->element('Type', null, $sig); + } + } + if ($localId) { + $this->element('LocalID', null, $localId); + } + $this->elementEnd('Service'); + } +} + diff --git a/lib/router.php b/lib/router.php index 37a7e4a0f..90ffaec16 100644 --- a/lib/router.php +++ b/lib/router.php @@ -431,7 +431,7 @@ class Router // user stuff foreach (array('subscriptions', 'subscribers', - 'nudge', 'all', 'foaf', + 'nudge', 'all', 'foaf', 'xrds', 'replies', 'inbox', 'outbox', 'microsummary') as $a) { $m->connect(':nickname/'.$a, array('action' => $a), diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php index ccbad5ffb..199b1b351 100644 --- a/plugins/OpenID/OpenIDPlugin.php +++ b/plugins/OpenID/OpenIDPlugin.php @@ -66,9 +66,6 @@ class OpenIDPlugin extends Plugin { $m->connect('main/openid', array('action' => 'openidlogin')); $m->connect('settings/openid', array('action' => 'openidsettings')); - $m->connect(':nickname/xrds', - array('action' => 'xrds'), - array('nickname' => '[a-zA-Z0-9]{1,64}')); $m->connect('xrds', array('action' => 'publicxrds')); $m->connect('index.php?action=finishopenidlogin', array('action' => 'finishopenidlogin')); $m->connect('index.php?action=finishaddopenid', array('action' => 'finishaddopenid')); diff --git a/plugins/OpenID/xrds.php b/plugins/OpenID/xrds.php deleted file mode 100644 index 9327a3c83..000000000 --- a/plugins/OpenID/xrds.php +++ /dev/null @@ -1,173 +0,0 @@ - - * @author Robin Millette - * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 - * @link http://laconi.ca/ - * - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, 2009, Control Yourself, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . - */ - -if (!defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/omb.php'; - -/** - * XRDS for OpenID - * - * @category Action - * @package Laconica - * @author Evan Prodromou - * @author Robin Millette - * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 - * @link http://laconi.ca/ - */ -class XrdsAction extends Action -{ - /** - * Is read only? - * - * @return boolean true - */ - function isReadOnly($args) - { - return true; - } - - /** - * Class handler. - * - * @param array $args query arguments - * - * @return void - */ - function handle($args) - { - parent::handle($args); - $nickname = $this->trimmed('nickname'); - $user = User::staticGet('nickname', $nickname); - if (!$user) { - $this->clientError(_('No such user.')); - return; - } - $this->showXrds($user); - } - - /** - * Show XRDS for a user. - * - * @param class $user XRDS for this user. - * - * @return void - */ - function showXrds($user) - { - header('Content-Type: application/xrds+xml'); - $this->startXML(); - $this->elementStart('XRDS', array('xmlns' => 'xri://$xrds')); - - $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'oauth', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - $this->element('Type', null, 'xri://$xrds*simple'); - $this->showService(OAUTH_ENDPOINT_REQUEST, - common_local_url('requesttoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1), - $user->uri); - $this->showService(OAUTH_ENDPOINT_AUTHORIZE, - common_local_url('userauthorization'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - $this->showService(OAUTH_ENDPOINT_ACCESS, - common_local_url('accesstoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - $this->showService(OAUTH_ENDPOINT_RESOURCE, - null, - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - $this->elementEnd('XRD'); - - // XXX: decide whether to include user's ID/nickname in postNotice URL - $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'omb', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - $this->element('Type', null, 'xri://$xrds*simple'); - $this->showService(OMB_ENDPOINT_POSTNOTICE, - common_local_url('postnotice')); - $this->showService(OMB_ENDPOINT_UPDATEPROFILE, - common_local_url('updateprofile')); - $this->elementEnd('XRD'); - $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'version' => '2.0')); - $this->element('Type', null, 'xri://$xrds*simple'); - $this->showService(OAUTH_DISCOVERY, - '#oauth'); - $this->showService(OMB_NAMESPACE, - '#omb'); - $this->elementEnd('XRD'); - $this->elementEnd('XRDS'); - $this->endXML(); - } - - /** - * Show service. - * - * @param string $type XRDS type - * @param string $uri URI - * @param array $params type parameters, null by default - * @param array $sigs type signatures, null by default - * @param string $localId local ID, null by default - * - * @return void - */ - function showService($type, $uri, $params=null, $sigs=null, $localId=null) - { - $this->elementStart('Service'); - if ($uri) { - $this->element('URI', null, $uri); - } - $this->element('Type', null, $type); - if ($params) { - foreach ($params as $param) { - $this->element('Type', null, $param); - } - } - if ($sigs) { - foreach ($sigs as $sig) { - $this->element('Type', null, $sig); - } - } - if ($localId) { - $this->element('LocalID', null, $localId); - } - $this->elementEnd('Service'); - } -} - -- cgit v1.2.3-54-g00ecf From 4586e15f457706f1f33bda271583b3401803e50e Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 4 Aug 2009 09:04:41 -0400 Subject: fix comment to note that xrds file is for OMB not OpenID --- actions/xrds.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'actions') diff --git a/actions/xrds.php b/actions/xrds.php index 9327a3c83..3c7521884 100644 --- a/actions/xrds.php +++ b/actions/xrds.php @@ -1,7 +1,7 @@ Date: Tue, 4 Aug 2009 13:04:31 -0400 Subject: move XRDS code from public action to OpenIDPlugin --- actions/public.php | 18 ------------------ plugins/OpenID/OpenIDPlugin.php | 14 ++++++++++++++ 2 files changed, 14 insertions(+), 18 deletions(-) (limited to 'actions') diff --git a/actions/public.php b/actions/public.php index d0317ac70..322a52963 100644 --- a/actions/public.php +++ b/actions/public.php @@ -101,8 +101,6 @@ class PublicAction extends Action { parent::handle($args); - header('X-XRDS-Location: '. common_local_url('publicxrds')); - $this->showPage(); } @@ -143,22 +141,6 @@ class PublicAction extends Action _('Public Stream Feed (Atom)'))); } - /** - * Extra head elements - * - * We include a element linking to the publicxrds page, for OpenID - * client-side authentication. - * - * @return void - */ - - function extraHead() - { - // for client side of OpenID authentication - $this->element('meta', array('http-equiv' => 'X-XRDS-Location', - 'content' => common_local_url('publicxrds'))); - } - /** * Show tabset for this page * diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php index fb6bc5cf8..a395f9107 100644 --- a/plugins/OpenID/OpenIDPlugin.php +++ b/plugins/OpenID/OpenIDPlugin.php @@ -142,4 +142,18 @@ class OpenIDPlugin extends Plugin return true; } } + + /** + * We include a element linking to the publicxrds page, for OpenID + * client-side authentication. + * + * @return void + */ + + function onEndHeadChildren($action) + { + // for client side of OpenID authentication + $action->element('meta', array('http-equiv' => 'X-XRDS-Location', + 'content' => common_local_url('publicxrds'))); + } } -- cgit v1.2.3-54-g00ecf From 5dc1291b59a1079cbe9bab05d12dae06b8e4c96d Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 4 Aug 2009 13:27:22 -0400 Subject: move openid instructions to OpenIDPlugin --- actions/login.php | 3 +-- actions/register.php | 5 +---- plugins/OpenID/OpenIDPlugin.php | 25 +++++++++++++++++++++++++ 3 files changed, 27 insertions(+), 6 deletions(-) (limited to 'actions') diff --git a/actions/login.php b/actions/login.php index 50de83f6f..f5a658bf5 100644 --- a/actions/login.php +++ b/actions/login.php @@ -250,8 +250,7 @@ class LoginAction extends Action } else { return _('Login with your username and password. ' . 'Don\'t have a username yet? ' . - '[Register](%%action.register%%) a new account, or ' . - 'try [OpenID](%%action.openidlogin%%). '); + '[Register](%%action.register%%) a new account.'); } } diff --git a/actions/register.php b/actions/register.php index dcbbbdb6a..dd3edc4ed 100644 --- a/actions/register.php +++ b/actions/register.php @@ -329,10 +329,7 @@ class RegisterAction extends Action common_markup_to_html(_('With this form you can create '. ' a new account. ' . 'You can then post notices and '. - 'link up to friends and colleagues. '. - '(Have an [OpenID](http://openid.net/)? ' . - 'Try our [OpenID registration]'. - '(%%action.openidlogin%%)!)')); + 'link up to friends and colleagues. ')); $this->elementStart('div', 'instructions'); $this->raw($instr); diff --git a/plugins/OpenID/OpenIDPlugin.php b/plugins/OpenID/OpenIDPlugin.php index ec261d7f7..87b25d42a 100644 --- a/plugins/OpenID/OpenIDPlugin.php +++ b/plugins/OpenID/OpenIDPlugin.php @@ -171,4 +171,29 @@ class OpenIDPlugin extends Plugin } return true; } + + function onEndShowPageNotice($action) + { + $name = $action->trimmed('action'); + + switch ($name) + { + case 'register': + $instr = '(Have an [OpenID](http://openid.net/)? ' . + 'Try our [OpenID registration]'. + '(%%action.openidlogin%%)!)'; + break; + case 'login': + $instr = '(Have an [OpenID](http://openid.net/)? ' . + 'Try our [OpenID login]'. + '(%%action.openidlogin%%)!)'; + break; + default: + return true; + } + + $output = common_markup_to_html($instr); + $action->raw($output); + return true; + } } -- cgit v1.2.3-54-g00ecf From ee9bfa715807cdd352407f3d01bc3126dc777b60 Mon Sep 17 00:00:00 2001 From: Adrian Lang Date: Fri, 7 Aug 2009 12:21:36 +0200 Subject: UnsubscribeAction: Add LACONICA gate, fix PHPCS errors, fix error handling typo. --- actions/unsubscribe.php | 41 ++++++++++++++++++++++++++++++++++------- 1 file changed, 34 insertions(+), 7 deletions(-) (limited to 'actions') diff --git a/actions/unsubscribe.php b/actions/unsubscribe.php index 19275041a..46fbcf657 100644 --- a/actions/unsubscribe.php +++ b/actions/unsubscribe.php @@ -1,5 +1,16 @@ + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, 2009, Control Yourself, Inc. * @@ -17,6 +28,20 @@ * along with this program. If not, see . */ +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Unsubscribe handler + * + * @category Action + * @package Laconica + * @author Evan Prodromou + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ class UnsubscribeAction extends Action { @@ -31,16 +56,18 @@ class UnsubscribeAction extends Action $user = common_current_user(); if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname))); + common_redirect(common_local_url('subscriptions', + array('nickname' => $user->nickname))); return; } - # CSRF protection + /* Use a session token for CSRF protection. */ $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { - $this->clientError(_('There was a problem with your session token. Try again, please.')); + $this->clientError(_('There was a problem with your session token. ' . + 'Try again, please.')); return; } @@ -53,7 +80,7 @@ class UnsubscribeAction extends Action $other = Profile::staticGet('id', $other_id); - if (!$other_id) { + if (!$other) { $this->clientError(_('No profile with that id.')); return; } @@ -76,8 +103,8 @@ class UnsubscribeAction extends Action $this->elementEnd('body'); $this->elementEnd('html'); } else { - common_redirect(common_local_url('subscriptions', array('nickname' => - $user->nickname)), + common_redirect(common_local_url('subscriptions', + array('nickname' => $user->nickname)), 303); } } -- cgit v1.2.3-54-g00ecf From ec88d2650ea4371cf53229171851747b31587e4b Mon Sep 17 00:00:00 2001 From: Adrian Lang Date: Mon, 10 Aug 2009 14:48:50 +0200 Subject: Replace own OMB stack with libomb. --- actions/accesstoken.php | 28 +- actions/finishremotesubscribe.php | 316 +++++-------------- actions/postnotice.php | 91 +++--- actions/remotesubscribe.php | 323 ++++--------------- actions/requesttoken.php | 21 +- actions/updateprofile.php | 185 ++--------- actions/userauthorization.php | 406 ++++++------------------ actions/xrds.php | 104 ++----- extlib/libomb/base_url_xrds_mapper.php | 51 +++ extlib/libomb/constants.php | 58 ++++ extlib/libomb/datastore.php | 198 ++++++++++++ extlib/libomb/helper.php | 99 ++++++ extlib/libomb/invalidparameterexception.php | 32 ++ extlib/libomb/invalidyadisexception.php | 31 ++ extlib/libomb/notice.php | 272 ++++++++++++++++ extlib/libomb/omb_yadis_xrds.php | 196 ++++++++++++ extlib/libomb/plain_xrds_writer.php | 124 ++++++++ extlib/libomb/profile.php | 317 +++++++++++++++++++ extlib/libomb/remoteserviceexception.php | 42 +++ extlib/libomb/service_consumer.php | 430 ++++++++++++++++++++++++++ extlib/libomb/service_provider.php | 411 ++++++++++++++++++++++++ extlib/libomb/unsupportedserviceexception.php | 31 ++ extlib/libomb/xrds_mapper.php | 33 ++ extlib/libomb/xrds_writer.php | 33 ++ lib/oauthstore.php | 357 ++++++++++++++++++++- lib/omb.php | 335 ++++++++------------ lib/unqueuemanager.php | 2 +- scripts/ombqueuehandler.php | 2 +- 28 files changed, 3201 insertions(+), 1327 deletions(-) create mode 100755 extlib/libomb/base_url_xrds_mapper.php create mode 100644 extlib/libomb/constants.php create mode 100755 extlib/libomb/datastore.php create mode 100644 extlib/libomb/helper.php create mode 100755 extlib/libomb/invalidparameterexception.php create mode 100755 extlib/libomb/invalidyadisexception.php create mode 100755 extlib/libomb/notice.php create mode 100755 extlib/libomb/omb_yadis_xrds.php create mode 100755 extlib/libomb/plain_xrds_writer.php create mode 100755 extlib/libomb/profile.php create mode 100755 extlib/libomb/remoteserviceexception.php create mode 100755 extlib/libomb/service_consumer.php create mode 100755 extlib/libomb/service_provider.php create mode 100755 extlib/libomb/unsupportedserviceexception.php create mode 100755 extlib/libomb/xrds_mapper.php create mode 100755 extlib/libomb/xrds_writer.php (limited to 'actions') diff --git a/actions/accesstoken.php b/actions/accesstoken.php index 2a8cd1713..dcd04a1b4 100644 --- a/actions/accesstoken.php +++ b/actions/accesstoken.php @@ -1,6 +1,6 @@ fetch_access_token($req); - common_debug('got this token: "'.print_r($token, true).'"', __FILE__); - common_debug('printing the access token', __FILE__); - print $token; - } catch (OAuthException $e) { + $srv = new OMB_Service_Provider(null, omb_oauth_datastore(), + omb_oauth_server()); + $srv->writeAccessToken(); + } catch (Exception $e) { $this->serverError($e->getMessage()); } } } +?> diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php index 5c764aeb0..13f367823 100644 --- a/actions/finishremotesubscribe.php +++ b/actions/finishremotesubscribe.php @@ -1,5 +1,16 @@ + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, 2009, Control Yourself, Inc. * @@ -15,285 +26,116 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . - */ + **/ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/omb.php'); +require_once INSTALLDIR.'/extlib/libomb/service_consumer.php'; +require_once INSTALLDIR.'/lib/omb.php'; +/** + * Handler for remote subscription finish callback + * + * When a remote user subscribes a local user, a redirect to this action is + * issued after the remote user authorized his service to subscribe. + * + * @category Action + * @package Laconica + * @author Evan Prodromou + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ class FinishremotesubscribeAction extends Action { + /** + * Class handler. + * + * @param array $args query arguments + * + * @return nothing + * + **/ function handle($args) { - parent::handle($args); - if (common_logged_in()) { - $this->clientError(_('You can use the local subscription!')); - return; - } - - $omb = $_SESSION['oauth_authorization_request']; + /* Restore session data. RemotesubscribeAction should have stored + this entry. */ + $service = unserialize($_SESSION['oauth_authorization_request']); - if (!$omb) { + if (!$service) { $this->clientError(_('Not expecting this response!')); return; } - common_debug('stored request: '.print_r($omb,true), __FILE__); - - common_remove_magic_from_request(); - $req = OAuthRequest::from_request('POST', common_local_url('finishuserauthorization')); + common_debug('stored request: '. print_r($service, true), __FILE__); - $token = $req->get_parameter('oauth_token'); - - # I think this is the success metric - - if ($token != $omb['token']) { - $this->clientError(_('Not authorized.')); - return; - } - - $version = $req->get_parameter('omb_version'); - - if ($version != OMB_VERSION_01) { - $this->clientError(_('Unknown version of OMB protocol.')); - return; - } - - $nickname = $req->get_parameter('omb_listener_nickname'); - - if (!$nickname) { - $this->clientError(_('No nickname provided by remote server.')); - return; - } - - $profile_url = $req->get_parameter('omb_listener_profile'); - - if (!$profile_url) { - $this->clientError(_('No profile URL returned by server.')); - return; - } - - if (!Validate::uri($profile_url, array('allowed_schemes' => array('http', 'https')))) { - $this->clientError(_('Invalid profile URL returned by server.')); - return; - } - - if ($profile_url == common_local_url('showstream', array('nickname' => $nickname))) { - $this->clientError(_('You can use the local subscription!')); - return; - } - - common_debug('listenee: "'.$omb['listenee'].'"', __FILE__); - - $user = User::staticGet('nickname', $omb['listenee']); + /* Create user objects for both users. Do it early for request + validation. */ + $listenee = $service->getListeneeURI(); + $user = User::staticGet('uri', $listenee); if (!$user) { $this->clientError(_('User being listened to doesn\'t exist.')); return; } - $other = User::staticGet('uri', $omb['listener']); + $other = User::staticGet('uri', $service->getListenerURI()); if ($other) { $this->clientError(_('You can use the local subscription!')); return; } - $fullname = $req->get_parameter('omb_listener_fullname'); - $homepage = $req->get_parameter('omb_listener_homepage'); - $bio = $req->get_parameter('omb_listener_bio'); - $location = $req->get_parameter('omb_listener_location'); - $avatar_url = $req->get_parameter('omb_listener_avatar'); - - list($newtok, $newsecret) = $this->access_token($omb); - - if (!$newtok || !$newsecret) { - $this->clientError(_('Couldn\'t convert request tokens to access tokens.')); - return; - } - - # XXX: possible attack point; subscribe and return someone else's profile URI - - $remote = Remote_profile::staticGet('uri', $omb['listener']); - - if ($remote) { - $exists = true; - $profile = Profile::staticGet($remote->id); - $orig_remote = clone($remote); - $orig_profile = clone($profile); - # XXX: compare current postNotice and updateProfile URLs to the ones - # stored in the DB to avoid (possibly...) above attack - } else { - $exists = false; - $remote = new Remote_profile(); - $remote->uri = $omb['listener']; - $profile = new Profile(); - } - - $profile->nickname = $nickname; - $profile->profileurl = $profile_url; - - if (!is_null($fullname)) { - $profile->fullname = $fullname; - } - if (!is_null($homepage)) { - $profile->homepage = $homepage; - } - if (!is_null($bio)) { - $profile->bio = $bio; - } - if (!is_null($location)) { - $profile->location = $location; - } - - if ($exists) { - $profile->update($orig_profile); - } else { - $profile->created = DB_DataObject_Cast::dateTime(); # current time - $id = $profile->insert(); - if (!$id) { - $this->serverError(_('Error inserting new profile')); - return; - } - $remote->id = $id; - } - - if ($avatar_url) { - if (!$this->add_avatar($profile, $avatar_url)) { - $this->serverError(_('Error inserting avatar')); - return; - } - } - - $remote->postnoticeurl = $omb['post_notice_url']; - $remote->updateprofileurl = $omb['update_profile_url']; - - if ($exists) { - if (!$remote->update($orig_remote)) { - $this->serverError(_('Error updating remote profile')); + /* Perform the handling itself via libomb. */ + try { + $service->finishAuthorization($listenee); + } catch (OAuthException $e) { + if ($e->getMessage() == 'The authorized token does not equal the ' . + 'submitted token.') { + $this->clientError(_('Not authorized.')); return; - } - } else { - $remote->created = DB_DataObject_Cast::dateTime(); # current time - if (!$remote->insert()) { - $this->serverError(_('Error inserting remote profile')); + } else { + $this->clientError(_('Couldn\'t convert request token to ' . + 'access token.')); return; } - } - - if ($user->hasBlocked($profile)) { - $this->clientError(_('That user has blocked you from subscribing.')); + } catch (OMB_RemoteServiceException $e) { + $this->clientError(_('Unknown version of OMB protocol.')); + return; + } catch (Exception $e) { + common_debug('Got exception ' . print_r($e, true), __FILE__); + $this->clientError($e->getMessage()); return; } - $sub = new Subscription(); + /* The service URLs are not accessible from datastore, so setting them + after insertion of the profile. */ + $remote = Remote_profile::staticGet('uri', $service->getListenerURI()); - $sub->subscriber = $remote->id; - $sub->subscribed = $user->id; + $orig_remote = clone($remote); - $sub_exists = false; + $remote->postnoticeurl = + $service->getServiceURI(OMB_ENDPOINT_POSTNOTICE); + $remote->updateprofileurl = + $service->getServiceURI(OMB_ENDPOINT_UPDATEPROFILE); - if ($sub->find(true)) { - $sub_exists = true; - $orig_sub = clone($sub); - } else { - $sub_exists = false; - $sub->created = DB_DataObject_Cast::dateTime(); # current time - } - - $sub->token = $newtok; - $sub->secret = $newsecret; - - if ($sub_exists) { - $result = $sub->update($orig_sub); - } else { - $result = $sub->insert(); - } - - if (!$result) { - common_log_db_error($sub, ($sub_exists) ? 'UPDATE' : 'INSERT', __FILE__); - $this->clientError(_('Couldn\'t insert new subscription.')); - return; + if (!$remote->update($orig_remote)) { + $this->serverError(_('Error updating remote profile')); + return; } - # Notify user, if necessary - - mail_subscribe_notify_profile($user, $profile); - - # Clear the data + /* Clear the session data. */ unset($_SESSION['oauth_authorization_request']); - # If we show subscriptions in reverse chron order, this should - # show up close to the top of the page - + /* If we show subscriptions in reverse chronological order, the new one + should show up close to the top of the page. */ common_redirect(common_local_url('subscribers', array('nickname' => $user->nickname)), 303); } - - function add_avatar($profile, $url) - { - $temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar'); - copy($url, $temp_filename); - $imagefile = new ImageFile($profile->id, $temp_filename); - $filename = Avatar::filename($profile->id, - image_type_to_extension($imagefile->type), - null, - common_timestamp()); - rename($temp_filename, Avatar::path($filename)); - return $profile->setOriginal($filename); - } - - function access_token($omb) - { - - common_debug('starting request for access token', __FILE__); - - $con = omb_oauth_consumer(); - $tok = new OAuthToken($omb['token'], $omb['secret']); - - common_debug('using request token "'.$tok.'"', __FILE__); - - $url = $omb['access_token_url']; - - common_debug('using access token url "'.$url.'"', __FILE__); - - # XXX: Is this the right thing to do? Strip off GET params and make them - # POST params? Seems wrong to me. - - $parsed = parse_url($url); - $params = array(); - parse_str($parsed['query'], $params); - - $req = OAuthRequest::from_consumer_and_token($con, $tok, "POST", $url, $params); - - $req->set_parameter('omb_version', OMB_VERSION_01); - - # XXX: test to see if endpoint accepts this signature method - - $req->sign_request(omb_hmac_sha1(), $con, $tok); - - # We re-use this tool's fetcher, since it's pretty good - - common_debug('posting to access token url "'.$req->get_normalized_http_url().'"', __FILE__); - common_debug('posting request data "'.$req->to_postdata().'"', __FILE__); - - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata(), - array('User-Agent: Laconica/' . LACONICA_VERSION)); - - common_debug('got result: "'.print_r($result,true).'"', __FILE__); - - if ($result->status != 200) { - return null; - } - - parse_str($result->body, $return); - - return array($return['oauth_token'], $return['oauth_token_secret']); - } } diff --git a/actions/postnotice.php b/actions/postnotice.php index eb2d63b61..74be47119 100644 --- a/actions/postnotice.php +++ b/actions/postnotice.php @@ -1,5 +1,16 @@ + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, 2009, Control Yourself, Inc. * @@ -17,75 +28,49 @@ * along with this program. If not, see . */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/omb.php'); +require_once INSTALLDIR.'/lib/omb.php'; +require_once INSTALLDIR.'/extlib/libomb/service_provider.php'; +/** + * Handler for postnotice action + * + * @category Action + * @package Laconica + * @author Evan Prodromou + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ class PostnoticeAction extends Action { function handle($args) { parent::handle($args); + if (!$this->checkNotice()) { + return; + } try { - common_remove_magic_from_request(); - $req = OAuthRequest::from_request('POST', common_local_url('postnotice')); - # Note: server-to-server function! - $server = omb_oauth_server(); - list($consumer, $token) = $server->verify_request($req); - if ($this->save_notice($req, $consumer, $token)) { - print "omb_version=".OMB_VERSION_01; - } - } catch (OAuthException $e) { + $srv = new OMB_Service_Provider(null, omb_oauth_datastore(), + omb_oauth_server()); + $srv->handlePostNotice(); + } catch (Exception $e) { $this->serverError($e->getMessage()); return; } } - function save_notice(&$req, &$consumer, &$token) + function checkNotice() { - $version = $req->get_parameter('omb_version'); - if ($version != OMB_VERSION_01) { - $this->clientError(_('Unsupported OMB version'), 400); - return false; - } - # First, check to see - $listenee = $req->get_parameter('omb_listenee'); - $remote_profile = Remote_profile::staticGet('uri', $listenee); - if (!$remote_profile) { - $this->clientError(_('Profile unknown'), 403); - return false; - } - $sub = Subscription::staticGet('token', $token->key); - if (!$sub) { - $this->clientError(_('No such subscription'), 403); - return false; - } - $content = $req->get_parameter('omb_notice_content'); - $content_shortened = common_shorten_links($content); - if (mb_strlen($content_shortened) > 140) { + $content = common_shorten_links($_POST['omb_notice_content']); + if (mb_strlen($content) > 140) { $this->clientError(_('Invalid notice content'), 400); return false; } - $notice_uri = $req->get_parameter('omb_notice'); - if (!Validate::uri($notice_uri) && - !common_valid_tag($notice_uri)) { - $this->clientError(_('Invalid notice uri'), 400); - return false; - } - $notice_url = $req->get_parameter('omb_notice_url'); - if ($notice_url && !common_valid_http_url($notice_url)) { - $this->clientError(_('Invalid notice url'), 400); - return false; - } - $notice = Notice::staticGet('uri', $notice_uri); - if (!$notice) { - $notice = Notice::saveNew($remote_profile->id, $content, 'omb', false, null, $notice_uri); - if (is_string($notice)) { - common_server_serror($notice, 500); - return false; - } - common_broadcast_notice($notice, true); - } return true; } } +?> diff --git a/actions/remotesubscribe.php b/actions/remotesubscribe.php index e658f8d37..5122c1172 100644 --- a/actions/remotesubscribe.php +++ b/actions/remotesubscribe.php @@ -1,5 +1,16 @@ + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, 2009, Control Yourself, Inc. * @@ -15,11 +26,26 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . - */ + **/ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/omb.php'; +require_once INSTALLDIR.'/extlib/libomb/service_consumer.php'; +require_once INSTALLDIR.'/extlib/libomb/profile.php'; -require_once(INSTALLDIR.'/lib/omb.php'); +/** + * Handler for remote subscription + * + * @category Action + * @package Laconica + * @author Evan Prodromou + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ class RemotesubscribeAction extends Action { @@ -36,7 +62,7 @@ class RemotesubscribeAction extends Action return false; } - $this->nickname = $this->trimmed('nickname'); + $this->nickname = $this->trimmed('nickname'); $this->profile_url = $this->trimmed('profile_url'); return true; @@ -47,7 +73,7 @@ class RemotesubscribeAction extends Action parent::handle($args); if ($_SERVER['REQUEST_METHOD'] == 'POST') { - # CSRF protection + /* Use a session token for CSRF protection. */ $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { $this->showForm(_('There was a problem with your session token. '. @@ -90,8 +116,8 @@ class RemotesubscribeAction extends Action function showContent() { - # id = remotesubscribe conflicts with the - # button on profile page + /* The id 'remotesubscribe' conflicts with the + button on profile page. */ $this->elementStart('form', array('id' => 'form_remote_subscribe', 'method' => 'post', 'class' => 'form_settings', @@ -117,13 +143,13 @@ class RemotesubscribeAction extends Action function remoteSubscription() { - $user = $this->getUser(); - - if (!$user) { + if (!$this->nickname) { $this->showForm(_('No such user.')); return; } + $user = User::staticGet('nickname', $this->nickname); + $this->profile_url = $this->trimmed('profile_url'); if (!$this->profile_url) { @@ -131,233 +157,37 @@ class RemotesubscribeAction extends Action return; } - if (!Validate::uri($this->profile_url, array('allowed_schemes' => array('http', 'https')))) { + if (!Validate::uri($this->profile_url, + array('allowed_schemes' => array('http', 'https')))) { $this->showForm(_('Invalid profile URL (bad format)')); return; } - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - $yadis = Auth_Yadis_Yadis::discover($this->profile_url, $fetcher); - - if (!$yadis || $yadis->failed) { - $this->showForm(_('Not a valid profile URL (no YADIS document).')); - return; - } - - # XXX: a little liberal for sites that accidentally put whitespace before the xml declaration - - $xrds =& Auth_Yadis_XRDS::parseXRDS(trim($yadis->response_text)); - - if (!$xrds) { - $this->showForm(_('Not a valid profile URL (no XRDS defined).')); - return; - } - - $omb = $this->getOmb($xrds); - - if (!$omb) { - $this->showForm(_('Not a valid profile URL (incorrect services).')); - return; - } - - if (omb_service_uri($omb[OAUTH_ENDPOINT_REQUEST]) == - common_local_url('requesttoken')) - { - $this->showForm(_('That\'s a local profile! Login to subscribe.')); + try { + $service = new OMB_Service_Consumer($this->profile_url, + common_root_url(), + omb_oauth_datastore()); + } catch (OMB_InvalidYadisException $e) { + $this->showForm(_('Not a valid profile URL (no YADIS document or ' . + 'no or invalid XRDS defined).')); return; } - if (User::staticGet('uri', omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]))) { + if ($service->getServiceURI(OAUTH_ENDPOINT_REQUEST) == + common_local_url('requesttoken') || + User::staticGet('uri', $service->getRemoteUserURI())) { $this->showForm(_('That\'s a local profile! Login to subscribe.')); return; } - list($token, $secret) = $this->requestToken($omb); - - if (!$token || !$secret) { + try { + $service->requestToken(); + } catch (OMB_RemoteServiceException $e) { $this->showForm(_('Couldn\'t get a request token.')); return; } - $this->requestAuthorization($user, $omb, $token, $secret); - } - - function getUser() - { - $user = null; - if ($this->nickname) { - $user = User::staticGet('nickname', $this->nickname); - } - return $user; - } - - function getOmb($xrds) - { - static $omb_endpoints = array(OMB_ENDPOINT_UPDATEPROFILE, OMB_ENDPOINT_POSTNOTICE); - static $oauth_endpoints = array(OAUTH_ENDPOINT_REQUEST, OAUTH_ENDPOINT_AUTHORIZE, - OAUTH_ENDPOINT_ACCESS); - $omb = array(); - - # XXX: the following code could probably be refactored to eliminate dupes - - $oauth_services = omb_get_services($xrds, OAUTH_DISCOVERY); - - if (!$oauth_services) { - return null; - } - - $oauth_service = $oauth_services[0]; - - $oauth_xrd = $this->getXRD($oauth_service, $xrds); - - if (!$oauth_xrd) { - return null; - } - - if (!$this->addServices($oauth_xrd, $oauth_endpoints, $omb)) { - return null; - } - - $omb_services = omb_get_services($xrds, OMB_NAMESPACE); - - if (!$omb_services) { - return null; - } - - $omb_service = $omb_services[0]; - - $omb_xrd = $this->getXRD($omb_service, $xrds); - - if (!$omb_xrd) { - return null; - } - - if (!$this->addServices($omb_xrd, $omb_endpoints, $omb)) { - return null; - } - - # XXX: check that we got all the services we needed - - foreach (array_merge($omb_endpoints, $oauth_endpoints) as $type) { - if (!array_key_exists($type, $omb) || !$omb[$type]) { - return null; - } - } - - if (!omb_local_id($omb[OAUTH_ENDPOINT_REQUEST])) { - return null; - } - - return $omb; - } - - function getXRD($main_service, $main_xrds) - { - $uri = omb_service_uri($main_service); - if (strpos($uri, "#") !== 0) { - # FIXME: more rigorous handling of external service definitions - return null; - } - $id = substr($uri, 1); - $nodes = $main_xrds->allXrdNodes; - $parser = $main_xrds->parser; - foreach ($nodes as $node) { - $attrs = $parser->attributes($node); - if (array_key_exists('xml:id', $attrs) && - $attrs['xml:id'] == $id) { - # XXX: trick the constructor into thinking this is the only node - $bogus_nodes = array($node); - return new Auth_Yadis_XRDS($parser, $bogus_nodes); - } - } - return null; - } - - function addServices($xrd, $types, &$omb) - { - foreach ($types as $type) { - $matches = omb_get_services($xrd, $type); - if ($matches) { - $omb[$type] = $matches[0]; - } else { - # no match for type - return false; - } - } - return true; - } - - function requestToken($omb) - { - $con = omb_oauth_consumer(); - - $url = omb_service_uri($omb[OAUTH_ENDPOINT_REQUEST]); - - # XXX: Is this the right thing to do? Strip off GET params and make them - # POST params? Seems wrong to me. - - $parsed = parse_url($url); - $params = array(); - parse_str($parsed['query'], $params); - - $req = OAuthRequest::from_consumer_and_token($con, null, "POST", $url, $params); - - $listener = omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]); - - if (!$listener) { - return null; - } - - $req->set_parameter('omb_listener', $listener); - $req->set_parameter('omb_version', OMB_VERSION_01); - - # XXX: test to see if endpoint accepts this signature method - - $req->sign_request(omb_hmac_sha1(), $con, null); - - # We re-use this tool's fetcher, since it's pretty good - - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - - $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata(), - array('User-Agent: Laconica/' . LACONICA_VERSION)); - if ($result->status != 200) { - return null; - } - - parse_str($result->body, $return); - - return array($return['oauth_token'], $return['oauth_token_secret']); - } - - function requestAuthorization($user, $omb, $token, $secret) - { - $con = omb_oauth_consumer(); - $tok = new OAuthToken($token, $secret); - - $url = omb_service_uri($omb[OAUTH_ENDPOINT_AUTHORIZE]); - - # XXX: Is this the right thing to do? Strip off GET params and make them - # POST params? Seems wrong to me. - - $parsed = parse_url($url); - $params = array(); - parse_str($parsed['query'], $params); - - $req = OAuthRequest::from_consumer_and_token($con, $tok, 'GET', $url, $params); - - # We send over a ton of information. This lets the other - # server store info about our user, and it lets the current - # user decide if they really want to authorize the subscription. - - $req->set_parameter('omb_version', OMB_VERSION_01); - $req->set_parameter('omb_listener', omb_local_id($omb[OAUTH_ENDPOINT_REQUEST])); - $req->set_parameter('omb_listenee', $user->uri); - $req->set_parameter('omb_listenee_profile', common_profile_url($user->nickname)); - $req->set_parameter('omb_listenee_nickname', $user->nickname); - $req->set_parameter('omb_listenee_license', common_config('license', 'url')); - + /* Create an OMB_Profile from $user. */ $profile = $user->getProfile(); if (!$profile) { common_log_db_error($user, 'SELECT', __FILE__); @@ -365,49 +195,16 @@ class RemotesubscribeAction extends Action return; } - if (!is_null($profile->fullname)) { - $req->set_parameter('omb_listenee_fullname', $profile->fullname); - } - if (!is_null($profile->homepage)) { - $req->set_parameter('omb_listenee_homepage', $profile->homepage); - } - if (!is_null($profile->bio)) { - $req->set_parameter('omb_listenee_bio', $profile->bio); - } - if (!is_null($profile->location)) { - $req->set_parameter('omb_listenee_location', $profile->location); - } - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - if ($avatar) { - $req->set_parameter('omb_listenee_avatar', $avatar->url); - } - - # XXX: add a nonce to prevent replay attacks - - $req->set_parameter('oauth_callback', common_local_url('finishremotesubscribe')); - - # XXX: test to see if endpoint accepts this signature method - - $req->sign_request(omb_hmac_sha1(), $con, $tok); - - # store all our info here - - $omb['listenee'] = $user->nickname; - $omb['listener'] = omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]); - $omb['token'] = $token; - $omb['secret'] = $secret; - # call doesn't work after bounce back so we cache; maybe serialization issue...? - $omb['access_token_url'] = omb_service_uri($omb[OAUTH_ENDPOINT_ACCESS]); - $omb['post_notice_url'] = omb_service_uri($omb[OMB_ENDPOINT_POSTNOTICE]); - $omb['update_profile_url'] = omb_service_uri($omb[OMB_ENDPOINT_UPDATEPROFILE]); + $target_url = $service->requestAuthorization( + profile_to_omb_profile($user->uri, $profile), + common_local_url('finishremotesubscribe')); common_ensure_session(); - $_SESSION['oauth_authorization_request'] = $omb; - - # Redirect to authorization service + $_SESSION['oauth_authorization_request'] = serialize($service); - common_redirect($req->to_url(), 303); - return; + /* Redirect to the remote service for authorization. */ + common_redirect($target_url, 303); } } +?> diff --git a/actions/requesttoken.php b/actions/requesttoken.php index 8d1e3f004..8328962f2 100644 --- a/actions/requesttoken.php +++ b/actions/requesttoken.php @@ -34,6 +34,7 @@ if (!defined('LACONICA')) { } require_once INSTALLDIR.'/lib/omb.php'; +require_once INSTALLDIR.'/extlib/libomb/service_provider.php'; /** * Request token action class. @@ -49,17 +50,17 @@ class RequesttokenAction extends Action { /** * Is read only? - * + * * @return boolean false */ - function isReadOnly($args) + function isReadOnly() { return false; } - + /** * Class handler. - * + * * @param array $args array of arguments * * @return void @@ -68,14 +69,12 @@ class RequesttokenAction extends Action { parent::handle($args); try { - common_remove_magic_from_request(); - $req = OAuthRequest::from_request('POST', common_local_url('requesttoken')); - $server = omb_oauth_server(); - $token = $server->fetch_request_token($req); - print $token; - } catch (OAuthException $e) { + $srv = new OMB_Service_Provider(null, omb_oauth_datastore(), + omb_oauth_server()); + $srv->writeRequestToken(); + } catch (Exception $e) { $this->serverError($e->getMessage()); } } } - +?> diff --git a/actions/updateprofile.php b/actions/updateprofile.php index d8b62fb09..345c28b8d 100644 --- a/actions/updateprofile.php +++ b/actions/updateprofile.php @@ -1,5 +1,16 @@ + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, 2009, Control Yourself, Inc. * @@ -17,167 +28,37 @@ * along with this program. If not, see . */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/omb.php'); +require_once INSTALLDIR.'/lib/omb.php'; +require_once INSTALLDIR.'/extlib/libomb/service_provider.php'; +/** + * Handle an updateprofile action + * + * @category Action + * @package Laconica + * @author Evan Prodromou + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ class UpdateprofileAction extends Action { - + function handle($args) { parent::handle($args); try { - common_remove_magic_from_request(); - $req = OAuthRequest::from_request('POST', common_local_url('updateprofile')); - # Note: server-to-server function! - $server = omb_oauth_server(); - list($consumer, $token) = $server->verify_request($req); - if ($this->update_profile($req, $consumer, $token)) { - header('HTTP/1.1 200 OK'); - header('Content-type: text/plain'); - print "omb_version=".OMB_VERSION_01; - } - } catch (OAuthException $e) { + $srv = new OMB_Service_Provider(null, omb_oauth_datastore(), + omb_oauth_server()); + $srv->handleUpdateProfile(); + } catch (Exception $e) { $this->serverError($e->getMessage()); return; } } - - function update_profile($req, $consumer, $token) - { - $version = $req->get_parameter('omb_version'); - if ($version != OMB_VERSION_01) { - $this->clientError(_('Unsupported OMB version'), 400); - return false; - } - # First, check to see if listenee exists - $listenee = $req->get_parameter('omb_listenee'); - $remote = Remote_profile::staticGet('uri', $listenee); - if (!$remote) { - $this->clientError(_('Profile unknown'), 404); - return false; - } - # Second, check to see if they should be able to post updates! - # We see if there are any subscriptions to that remote user with - # the given token. - - $sub = new Subscription(); - $sub->subscribed = $remote->id; - $sub->token = $token->key; - if (!$sub->find(true)) { - $this->clientError(_('You did not send us that profile'), 403); - return false; - } - - $profile = Profile::staticGet('id', $remote->id); - if (!$profile) { - # This one is our fault - $this->serverError(_('Remote profile with no matching profile'), 500); - return false; - } - $nickname = $req->get_parameter('omb_listenee_nickname'); - if ($nickname && !Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->clientError(_('Nickname must have only lowercase letters and numbers and no spaces.')); - return false; - } - $license = $req->get_parameter('omb_listenee_license'); - if ($license && !common_valid_http_url($license)) { - $this->clientError(sprintf(_("Invalid license URL '%s'"), $license)); - return false; - } - $profile_url = $req->get_parameter('omb_listenee_profile'); - if ($profile_url && !common_valid_http_url($profile_url)) { - $this->clientError(sprintf(_("Invalid profile URL '%s'."), $profile_url)); - return false; - } - # optional stuff - $fullname = $req->get_parameter('omb_listenee_fullname'); - if ($fullname && mb_strlen($fullname) > 255) { - $this->clientError(_("Full name is too long (max 255 chars).")); - return false; - } - $homepage = $req->get_parameter('omb_listenee_homepage'); - if ($homepage && (!common_valid_http_url($homepage) || mb_strlen($homepage) > 255)) { - $this->clientError(sprintf(_("Invalid homepage '%s'"), $homepage)); - return false; - } - $bio = $req->get_parameter('omb_listenee_bio'); - if ($bio && mb_strlen($bio) > 140) { - $this->clientError(_("Bio is too long (max 140 chars).")); - return false; - } - $location = $req->get_parameter('omb_listenee_location'); - if ($location && mb_strlen($location) > 255) { - $this->clientError(_("Location is too long (max 255 chars).")); - return false; - } - $avatar = $req->get_parameter('omb_listenee_avatar'); - if ($avatar) { - if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { - $this->clientError(sprintf(_("Invalid avatar URL '%s'"), $avatar)); - return false; - } - $size = @getimagesize($avatar); - if (!$size) { - $this->clientError(sprintf(_("Can't read avatar URL '%s'"), $avatar)); - return false; - } - if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) { - $this->clientError(sprintf(_("Wrong size image at '%s'"), $avatar)); - return false; - } - if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, - IMAGETYPE_PNG))) { - $this->clientError(sprintf(_("Wrong image type for '%s'"), $avatar)); - return false; - } - } - - $orig_profile = clone($profile); - - /* Use values even if they are an empty string. Parsing an empty string in - updateProfile is the specified way of clearing a parameter in OMB. */ - if (!is_null($nickname)) { - $profile->nickname = $nickname; - } - if (!is_null($profile_url)) { - $profile->profileurl = $profile_url; - } - if (!is_null($fullname)) { - $profile->fullname = $fullname; - } - if (!is_null($homepage)) { - $profile->homepage = $homepage; - } - if (!is_null($bio)) { - $profile->bio = $bio; - } - if (!is_null($location)) { - $profile->location = $location; - } - - if (!$profile->update($orig_profile)) { - $this->serverError(_('Could not save new profile info'), 500); - return false; - } else { - if ($avatar) { - $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar'); - copy($avatar, $temp_filename); - $imagefile = new ImageFile($profile->id, $temp_filename); - $filename = Avatar::filename($profile->id, - image_type_to_extension($imagefile->type), - null, - common_timestamp()); - rename($temp_filename, Avatar::path($filename)); - if (!$profile->setOriginal($filename)) { - $this->serverError(_('Could not save avatar info'), 500); - return false; - } - } - return true; - } - } } +?> diff --git a/actions/userauthorization.php b/actions/userauthorization.php index 8dc2c808d..d5b6a6998 100644 --- a/actions/userauthorization.php +++ b/actions/userauthorization.php @@ -1,5 +1,16 @@ + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, 2009, Control Yourself, Inc. * @@ -17,9 +28,13 @@ * along with this program. If not, see . */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/omb.php'); +require_once INSTALLDIR.'/lib/omb.php'; +require_once INSTALLDIR.'/extlib/libomb/service_provider.php'; +require_once INSTALLDIR.'/extlib/libomb/profile.php'; define('TIMESTAMP_THRESHOLD', 300); class UserauthorizationAction extends Action @@ -32,42 +47,58 @@ class UserauthorizationAction extends Action parent::handle($args); if ($_SERVER['REQUEST_METHOD'] == 'POST') { - # CSRF protection + /* Use a session token for CSRF protection. */ $token = $this->trimmed('token'); if (!$token || $token != common_session_token()) { - $params = $this->getStoredParams(); - $this->showForm($params, _('There was a problem with your session token. '. - 'Try again, please.')); + $srv = $this->getStoredParams(); + $this->showForm($srv->getRemoteUser(), _('There was a problem ' . + 'with your session token. Try again, ' . + 'please.')); return; } - # We've shown the form, now post user's choice + /* We've shown the form, now post user's choice. */ $this->sendAuthorization(); } else { if (!common_logged_in()) { - # Go log in, and then come back + /* Go log in, and then come back. */ common_set_returnto($_SERVER['REQUEST_URI']); common_redirect(common_local_url('login')); return; } + $user = common_current_user(); + $profile = $user->getProfile(); + if (!$profile) { + common_log_db_error($user, 'SELECT', __FILE__); + $this->serverError(_('User without matching profile')); + return; + } + + /* TODO: If no token is passed the user should get a prompt to enter + it according to OAuth Core 1.0. */ try { - $this->validateRequest(); - $this->storeParams($_GET); - $this->showForm($_GET); - } catch (OAuthException $e) { + $this->validateOmb(); + $srv = new OMB_Service_Provider( + profile_to_omb_profile($_GET['omb_listener'], $profile), + omb_oauth_datastore()); + + $remote_user = $srv->handleUserAuth(); + } catch (Exception $e) { $this->clearParams(); $this->clientError($e->getMessage()); return; } + $this->storeParams($srv); + $this->showForm($remote_user); } } function showForm($params, $error=null) { $this->params = $params; - $this->error = $error; + $this->error = $error; $this->showPage(); } @@ -79,23 +110,24 @@ class UserauthorizationAction extends Action function showPageNotice() { $this->element('p', null, _('Please check these details to make sure '. - 'that you want to subscribe to this user\'s notices. '. - 'If you didn\'t just ask to subscribe to someone\'s notices, '. - 'click "Reject".')); + 'that you want to subscribe to this ' . + 'user\'s notices. If you didn\'t just ask ' . + 'to subscribe to someone\'s notices, '. + 'click “Reject”.')); } function showContent() { $params = $this->params; - $nickname = $params['omb_listenee_nickname']; - $profile = $params['omb_listenee_profile']; - $license = $params['omb_listenee_license']; - $fullname = $params['omb_listenee_fullname']; - $homepage = $params['omb_listenee_homepage']; - $bio = $params['omb_listenee_bio']; - $location = $params['omb_listenee_location']; - $avatar = $params['omb_listenee_avatar']; + $nickname = $params->getNickname(); + $profile = $params->getProfileURL(); + $license = $params->getLicenseURL(); + $fullname = $params->getFullname(); + $homepage = $params->getHomepage(); + $bio = $params->getBio(); + $location = $params->getLocation(); + $avatar = $params->getAvatarURL(); $this->elementStart('div', array('class' => 'profile')); $this->elementStart('div', 'entity_profile vcard'); @@ -172,11 +204,14 @@ class UserauthorizationAction extends Action 'id' => 'userauthorization', 'class' => 'form_user_authorization', 'name' => 'userauthorization', - 'action' => common_local_url('userauthorization'))); + 'action' => common_local_url( + 'userauthorization'))); $this->hidden('token', common_session_token()); - $this->submit('accept', _('Accept'), 'submit accept', null, _('Subscribe to this user')); - $this->submit('reject', _('Reject'), 'submit reject', null, _('Reject this subscription')); + $this->submit('accept', _('Accept'), 'submit accept', null, + _('Subscribe to this user')); + $this->submit('reject', _('Reject'), 'submit reject', null, + _('Reject this subscription')); $this->elementEnd('form'); $this->elementEnd('li'); $this->elementEnd('ul'); @@ -186,191 +221,27 @@ class UserauthorizationAction extends Action function sendAuthorization() { - $params = $this->getStoredParams(); + $srv = $this->getStoredParams(); - if (!$params) { + if (is_null($srv)) { $this->clientError(_('No authorization request!')); return; } - $callback = $params['oauth_callback']; - - if ($this->arg('accept')) { - if (!$this->authorizeToken($params)) { - $this->clientError(_('Error authorizing token')); - } - if (!$this->saveRemoteProfile($params)) { - $this->clientError(_('Error saving remote profile')); - } - if (!$callback) { - $this->showAcceptMessage($params['oauth_token']); - } else { - $newparams = array(); - $newparams['oauth_token'] = $params['oauth_token']; - $newparams['omb_version'] = OMB_VERSION_01; - $user = User::staticGet('uri', $params['omb_listener']); - $profile = $user->getProfile(); - if (!$profile) { - common_log_db_error($user, 'SELECT', __FILE__); - $this->serverError(_('User without matching profile')); - return; - } - $newparams['omb_listener_nickname'] = $user->nickname; - $newparams['omb_listener_profile'] = common_local_url('showstream', - array('nickname' => $user->nickname)); - if (!is_null($profile->fullname)) { - $newparams['omb_listener_fullname'] = $profile->fullname; - } - if (!is_null($profile->homepage)) { - $newparams['omb_listener_homepage'] = $profile->homepage; - } - if (!is_null($profile->bio)) { - $newparams['omb_listener_bio'] = $profile->bio; - } - if (!is_null($profile->location)) { - $newparams['omb_listener_location'] = $profile->location; - } - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - if ($avatar) { - $newparams['omb_listener_avatar'] = $avatar->url; - } - $parts = array(); - foreach ($newparams as $k => $v) { - $parts[] = $k . '=' . OAuthUtil::urlencode_rfc3986($v); - } - $query_string = implode('&', $parts); - $parsed = parse_url($callback); - $url = $callback . (($parsed['query']) ? '&' : '?') . $query_string; - common_redirect($url, 303); - } - } else { - if (!$callback) { - $this->showRejectMessage(); - } else { - # XXX: not 100% sure how to signal failure... just redirect without token? - common_redirect($callback, 303); - } - } - } - - function authorizeToken(&$params) - { - $token_field = $params['oauth_token']; - $rt = new Token(); - $rt->tok = $token_field; - $rt->type = 0; - $rt->state = 0; - if ($rt->find(true)) { - $orig_rt = clone($rt); - $rt->state = 1; # Authorized but not used - if ($rt->update($orig_rt)) { - return true; - } - } - return false; - } - - # XXX: refactor with similar code in finishremotesubscribe.php - - function saveRemoteProfile(&$params) - { - # FIXME: we should really do this when the consumer comes - # back for an access token. If they never do, we've got stuff in a - # weird state. - - $nickname = $params['omb_listenee_nickname']; - $fullname = $params['omb_listenee_fullname']; - $profile_url = $params['omb_listenee_profile']; - $homepage = $params['omb_listenee_homepage']; - $bio = $params['omb_listenee_bio']; - $location = $params['omb_listenee_location']; - $avatar_url = $params['omb_listenee_avatar']; - - $listenee = $params['omb_listenee']; - $remote = Remote_profile::staticGet('uri', $listenee); - - if ($remote) { - $exists = true; - $profile = Profile::staticGet($remote->id); - $orig_remote = clone($remote); - $orig_profile = clone($profile); - } else { - $exists = false; - $remote = new Remote_profile(); - $remote->uri = $listenee; - $profile = new Profile(); - } - - $profile->nickname = $nickname; - $profile->profileurl = $profile_url; - - if (!is_null($fullname)) { - $profile->fullname = $fullname; - } - if (!is_null($homepage)) { - $profile->homepage = $homepage; - } - if (!is_null($bio)) { - $profile->bio = $bio; - } - if (!is_null($location)) { - $profile->location = $location; - } - - if ($exists) { - $profile->update($orig_profile); - } else { - $profile->created = DB_DataObject_Cast::dateTime(); # current time - $id = $profile->insert(); - if (!$id) { - return false; - } - $remote->id = $id; + $accepted = $this->arg('accept'); + try { + list($val, $token) = $srv->continueUserAuth($accepted); + } catch (Exception $e) { + $this->clientError($e->getMessage()); + return; } - - if ($exists) { - if (!$remote->update($orig_remote)) { - return false; - } + if ($val !== false) { + common_redirect($val, 303); + } elseif ($accepted) { + $this->showAcceptMessage($token); } else { - $remote->created = DB_DataObject_Cast::dateTime(); # current time - if (!$remote->insert()) { - return false; - } - } - - if ($avatar_url) { - if (!$this->addAvatar($profile, $avatar_url)) { - return false; - } - } - - $user = common_current_user(); - - $sub = new Subscription(); - $sub->subscriber = $user->id; - $sub->subscribed = $remote->id; - $sub->token = $params['oauth_token']; # NOTE: request token, not valid for use! - $sub->created = DB_DataObject_Cast::dateTime(); # current time - - if (!$sub->insert()) { - return false; + $this->showRejectMessage(); } - - return true; - } - - function addAvatar($profile, $url) - { - $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar'); - copy($url, $temp_filename); - $imagefile = new ImageFile($profile->id, $temp_filename); - $filename = Avatar::filename($profile->id, - image_type_to_extension($imagefile->type), - null, - common_timestamp()); - rename($temp_filename, Avatar::path($filename)); - return $profile->setOriginal($filename); } function showAcceptMessage($tok) @@ -378,26 +249,28 @@ class UserauthorizationAction extends Action common_show_header(_('Subscription authorized')); $this->element('p', null, _('The subscription has been authorized, but no '. - 'callback URL was passed. Check with the site\'s instructions for '. - 'details on how to authorize the subscription. Your subscription token is:')); + 'callback URL was passed. Check with the site\'s ' . + 'instructions for details on how to authorize the ' . + 'subscription. Your subscription token is:')); $this->element('blockquote', 'token', $tok); common_show_footer(); } - function showRejectMessage($tok) + function showRejectMessage() { common_show_header(_('Subscription rejected')); $this->element('p', null, _('The subscription has been rejected, but no '. - 'callback URL was passed. Check with the site\'s instructions for '. - 'details on how to fully reject the subscription.')); + 'callback URL was passed. Check with the site\'s ' . + 'instructions for details on how to fully reject ' . + 'the subscription.')); common_show_footer(); } function storeParams($params) { common_ensure_session(); - $_SESSION['userauthorizationparams'] = $params; + $_SESSION['userauthorizationparams'] = serialize($params); } function clearParams() @@ -409,138 +282,65 @@ class UserauthorizationAction extends Action function getStoredParams() { common_ensure_session(); - $params = $_SESSION['userauthorizationparams']; + $params = unserialize($_SESSION['userauthorizationparams']); return $params; } - # Throws an OAuthException if anything goes wrong - - function validateRequest() - { - /* Find token. - TODO: If no token is passed the user should get a prompt to enter it - according to OAuth Core 1.0 */ - $t = new Token(); - $t->tok = $_GET['oauth_token']; - $t->type = 0; - if (!$t->find(true)) { - throw new OAuthException("Invalid request token: " . $_GET['oauth_token']); - } - - $this->validateOmb(); - return true; - } - function validateOmb() { - foreach (array('omb_version', 'omb_listener', 'omb_listenee', - 'omb_listenee_profile', 'omb_listenee_nickname', - 'omb_listenee_license') as $param) - { - if (!isset($_GET[$param]) || is_null($_GET[$param])) { - throw new OAuthException("Required parameter '$param' not found"); - } - } - # Now, OMB stuff - $version = $_GET['omb_version']; - if ($version != OMB_VERSION_01) { - throw new OAuthException("OpenMicroBlogging version '$version' not supported"); - } $listener = $_GET['omb_listener']; + $listenee = $_GET['omb_listenee']; + $nickname = $_GET['omb_listenee_nickname']; + $profile = $_GET['omb_listenee_profile']; + $user = User::staticGet('uri', $listener); if (!$user) { - throw new OAuthException("Listener URI '$listener' not found here"); + throw new Exception("Listener URI '$listener' not found here"); } $cur = common_current_user(); if ($cur->id != $user->id) { - throw new OAuthException("Can't add for another user!"); - } - $listenee = $_GET['omb_listenee']; - if (!Validate::uri($listenee) && - !common_valid_tag($listenee)) { - throw new OAuthException("Listenee URI '$listenee' not a recognizable URI"); - } - if (strlen($listenee) > 255) { - throw new OAuthException("Listenee URI '$listenee' too long"); + throw new Exception('Can\'t subscribe for another user!'); } $other = User::staticGet('uri', $listenee); if ($other) { - throw new OAuthException("Listenee URI '$listenee' is local user"); + throw new Exception("Listenee URI '$listenee' is local user"); } $remote = Remote_profile::staticGet('uri', $listenee); if ($remote) { - $sub = new Subscription(); + $sub = new Subscription(); $sub->subscriber = $user->id; $sub->subscribed = $remote->id; if ($sub->find(true)) { - throw new OAuthException("Already subscribed to user!"); + throw new Exception('You are already subscribed to this user.'); } } - $nickname = $_GET['omb_listenee_nickname']; - if (!Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - throw new OAuthException('Nickname must have only letters and numbers and no spaces.'); - } - $profile = $_GET['omb_listenee_profile']; - if (!common_valid_http_url($profile)) { - throw new OAuthException("Invalid profile URL '$profile'."); - } - if ($profile == common_local_url('showstream', array('nickname' => $nickname))) { - throw new OAuthException("Profile URL '$profile' is for a local user."); + if ($profile == common_profile_url($nickname)) { + throw new Exception("Profile URL '$profile' is for a local user."); } - $license = $_GET['omb_listenee_license']; - if (!common_valid_http_url($license)) { - throw new OAuthException("Invalid license URL '$license'."); - } + $license = $_GET['omb_listenee_license']; $site_license = common_config('license', 'url'); if (!common_compatible_license($license, $site_license)) { - throw new OAuthException("Listenee stream license '$license' not compatible with site license '$site_license'."); - } - # optional stuff - $fullname = $_GET['omb_listenee_fullname']; - if ($fullname && mb_strlen($fullname) > 255) { - throw new OAuthException("Full name '$fullname' too long."); - } - $homepage = $_GET['omb_listenee_homepage']; - if ($homepage && (!common_valid_http_url($homepage) || mb_strlen($homepage) > 255)) { - throw new OAuthException("Invalid homepage '$homepage'"); - } - $bio = $_GET['omb_listenee_bio']; - if ($bio && mb_strlen($bio) > 140) { - throw new OAuthException("Bio too long '$bio'"); - } - $location = $_GET['omb_listenee_location']; - if ($location && mb_strlen($location) > 255) { - throw new OAuthException("Location too long '$location'"); + throw new Exception("Listenee stream license '$license' is not " . + "compatible with site license '$site_license'."); } $avatar = $_GET['omb_listenee_avatar']; if ($avatar) { if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { - throw new OAuthException("Invalid avatar URL '$avatar'"); + throw new Exception("Invalid avatar URL '$avatar'"); } $size = @getimagesize($avatar); if (!$size) { - throw new OAuthException("Can't read avatar URL '$avatar'"); - } - if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) { - throw new OAuthException("Wrong size image at '$avatar'"); + throw new Exception("Can't read avatar URL '$avatar'."); } if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG))) { - throw new OAuthException("Wrong image type for '$avatar'"); + throw new Exception("Wrong image type for '$avatar'"); } } - $callback = $_GET['oauth_callback']; - if ($callback && !common_valid_http_url($callback)) { - throw new OAuthException("Invalid callback URL '$callback'"); - } - if ($callback && $callback == common_local_url('finishremotesubscribe')) { - throw new OAuthException("Callback URL '$callback' is for local site."); - } } } +?> diff --git a/actions/xrds.php b/actions/xrds.php index 9327a3c83..7518a5f70 100644 --- a/actions/xrds.php +++ b/actions/xrds.php @@ -34,6 +34,8 @@ if (!defined('LACONICA')) { } require_once INSTALLDIR.'/lib/omb.php'; +require_once INSTALLDIR.'/extlib/libomb/service_provider.php'; +require_once INSTALLDIR.'/extlib/libomb/xrds_mapper.php'; /** * XRDS for OpenID @@ -52,7 +54,7 @@ class XrdsAction extends Action * * @return boolean true */ - function isReadOnly($args) + function isReadOnly() { return true; } @@ -85,89 +87,31 @@ class XrdsAction extends Action */ function showXrds($user) { - header('Content-Type: application/xrds+xml'); - $this->startXML(); - $this->elementStart('XRDS', array('xmlns' => 'xri://$xrds')); + $srv = new OMB_Service_Provider(profile_to_omb_profile($user->uri, + $user->getProfile())); + /* Use libomb’s default XRDS Writer. */ + $xrds_writer = null; + $srv->writeXRDS(new Laconica_XRDS_Mapper(), $xrds_writer); + } +} - $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'oauth', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - $this->element('Type', null, 'xri://$xrds*simple'); - $this->showService(OAUTH_ENDPOINT_REQUEST, - common_local_url('requesttoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1), - $user->uri); - $this->showService(OAUTH_ENDPOINT_AUTHORIZE, - common_local_url('userauthorization'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - $this->showService(OAUTH_ENDPOINT_ACCESS, - common_local_url('accesstoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - $this->showService(OAUTH_ENDPOINT_RESOURCE, - null, - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - $this->elementEnd('XRD'); +class Laconica_XRDS_Mapper implements OMB_XRDS_Mapper +{ + protected $urls; - // XXX: decide whether to include user's ID/nickname in postNotice URL - $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'omb', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - $this->element('Type', null, 'xri://$xrds*simple'); - $this->showService(OMB_ENDPOINT_POSTNOTICE, - common_local_url('postnotice')); - $this->showService(OMB_ENDPOINT_UPDATEPROFILE, - common_local_url('updateprofile')); - $this->elementEnd('XRD'); - $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'version' => '2.0')); - $this->element('Type', null, 'xri://$xrds*simple'); - $this->showService(OAUTH_DISCOVERY, - '#oauth'); - $this->showService(OMB_NAMESPACE, - '#omb'); - $this->elementEnd('XRD'); - $this->elementEnd('XRDS'); - $this->endXML(); + public function __construct() + { + $this->urls = array( + OAUTH_ENDPOINT_REQUEST => 'requesttoken', + OAUTH_ENDPOINT_AUTHORIZE => 'userauthorization', + OAUTH_ENDPOINT_ACCESS => 'accesstoken', + OMB_ENDPOINT_POSTNOTICE => 'postnotice', + OMB_ENDPOINT_UPDATEPROFILE => 'updateprofile'); } - /** - * Show service. - * - * @param string $type XRDS type - * @param string $uri URI - * @param array $params type parameters, null by default - * @param array $sigs type signatures, null by default - * @param string $localId local ID, null by default - * - * @return void - */ - function showService($type, $uri, $params=null, $sigs=null, $localId=null) + public function getURL($action) { - $this->elementStart('Service'); - if ($uri) { - $this->element('URI', null, $uri); - } - $this->element('Type', null, $type); - if ($params) { - foreach ($params as $param) { - $this->element('Type', null, $param); - } - } - if ($sigs) { - foreach ($sigs as $sig) { - $this->element('Type', null, $sig); - } - } - if ($localId) { - $this->element('LocalID', null, $localId); - } - $this->elementEnd('Service'); + return common_local_url($this->urls[$action]); } } - +?> diff --git a/extlib/libomb/base_url_xrds_mapper.php b/extlib/libomb/base_url_xrds_mapper.php new file mode 100755 index 000000000..645459583 --- /dev/null +++ b/extlib/libomb/base_url_xrds_mapper.php @@ -0,0 +1,51 @@ +writeXRDS. + * + * PHP version 5 + * + * LICENSE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ + +class OMB_Base_URL_XRDS_Mapper implements OMB_XRDS_Mapper { + + protected $urls; + + public function __construct($oauth_base, $omb_base) { + $this->urls = array( + OAUTH_ENDPOINT_REQUEST => $oauth_base . 'requesttoken', + OAUTH_ENDPOINT_AUTHORIZE => $oauth_base . 'userauthorization', + OAUTH_ENDPOINT_ACCESS => $oauth_base . 'accesstoken', + OMB_ENDPOINT_POSTNOTICE => $omb_base . 'postnotice', + OMB_ENDPOINT_UPDATEPROFILE => $omb_base . 'updateprofile'); + } + + public function getURL($action) { + return $this->urls[$action]; + } +} +?> diff --git a/extlib/libomb/constants.php b/extlib/libomb/constants.php new file mode 100644 index 000000000..a097443ac --- /dev/null +++ b/extlib/libomb/constants.php @@ -0,0 +1,58 @@ +. + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ + +/** + * The OMB constants. + **/ + +define('OMB_VERSION_01', 'http://openmicroblogging.org/protocol/0.1'); + +/* The OMB version supported by this libomb version. */ +define('OMB_VERSION', OMB_VERSION_01); + +define('OMB_ENDPOINT_UPDATEPROFILE', OMB_VERSION . '/updateProfile'); +define('OMB_ENDPOINT_POSTNOTICE', OMB_VERSION . '/postNotice'); + +/** + * The OAuth constants. + **/ + +define('OAUTH_NAMESPACE', 'http://oauth.net/core/1.0/'); + +define('OAUTH_ENDPOINT_REQUEST', OAUTH_NAMESPACE.'endpoint/request'); +define('OAUTH_ENDPOINT_AUTHORIZE', OAUTH_NAMESPACE.'endpoint/authorize'); +define('OAUTH_ENDPOINT_ACCESS', OAUTH_NAMESPACE.'endpoint/access'); +define('OAUTH_ENDPOINT_RESOURCE', OAUTH_NAMESPACE.'endpoint/resource'); + +define('OAUTH_AUTH_HEADER', OAUTH_NAMESPACE.'parameters/auth-header'); +define('OAUTH_POST_BODY', OAUTH_NAMESPACE.'parameters/post-body'); + +define('OAUTH_HMAC_SHA1', OAUTH_NAMESPACE.'signature/HMAC-SHA1'); + +define('OAUTH_DISCOVERY', 'http://oauth.net/discovery/1.0'); +?> diff --git a/extlib/libomb/datastore.php b/extlib/libomb/datastore.php new file mode 100755 index 000000000..ac51a4ab8 --- /dev/null +++ b/extlib/libomb/datastore.php @@ -0,0 +1,198 @@ +. + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ + +class OMB_Datastore extends OAuthDataStore { + + /********* + * OAUTH * + *********/ + + /** + * Revoke specified OAuth token + * + * Revokes the authorization token specified by $token_key. + * Throws exceptions in case of error. + * + * @param string $token_key The token to be revoked + * + * @access public + **/ + public function revoke_token($token_key) { + throw new Exception(); + } + + /** + * Authorize specified OAuth token + * + * Authorizes the authorization token specified by $token_key. + * Throws exceptions in case of error. + * + * @param string $token_key The token to be authorized + * + * @access public + **/ + public function authorize_token($token_key) { + throw new Exception(); + } + + /********* + * OMB * + *********/ + + /** + * Get profile by identifying URI + * + * Returns an OMB_Profile object representing the OMB profile identified by + * $identifier_uri. + * Returns null if there is no such OMB profile. + * Throws exceptions in case of other error. + * + * @param string $identifier_uri The OMB identifier URI specifying the + * requested profile + * + * @access public + * + * @return OMB_Profile The corresponding profile + **/ + public function getProfile($identifier_uri) { + throw new Exception(); + } + + /** + * Save passed profile + * + * Stores the OMB profile $profile. Overwrites an existing entry. + * Throws exceptions in case of error. + * + * @param OMB_Profile $profile The OMB profile which should be saved + * + * @access public + **/ + public function saveProfile($profile) { + throw new Exception(); + } + + /** + * Save passed notice + * + * Stores the OMB notice $notice. The datastore may change the passed notice. + * This might by neccessary for URIs depending on a database key. Note that + * it is the user’s duty to present a mechanism for his OMB_Datastore to + * appropriately change his OMB_Notice. TODO: Ugly. + * Throws exceptions in case of error. + * + * @param OMB_Notice $notice The OMB notice which should be saved + * + * @access public + **/ + public function saveNotice(&$notice) { + throw new Exception(); + } + + /** + * Get subscriptions of a given profile + * + * Returns an array containing subscription informations for the specified + * profile. Every array entry should in turn be an array with keys + * 'uri´: The identifier URI of the subscriber + * 'token´: The subscribe token + * 'secret´: The secret token + * Throws exceptions in case of error. + * + * @param string $subscribed_user_uri The OMB identifier URI specifying the + * subscribed profile + * + * @access public + * + * @return mixed An array containing the subscriptions or 0 if no + * subscription has been found. + **/ + public function getSubscriptions($subscribed_user_uri) { + throw new Exception(); + } + + /** + * Delete a subscription + * + * Deletes the subscription from $subscriber_uri to $subscribed_user_uri. + * Throws exceptions in case of error. + * + * @param string $subscriber_uri The OMB identifier URI specifying the + * subscribing profile + * + * @param string $subscribed_user_uri The OMB identifier URI specifying the + * subscribed profile + * + * @access public + **/ + public function deleteSubscription($subscriber_uri, $subscribed_user_uri) { + throw new Exception(); + } + + /** + * Save a subscription + * + * Saves the subscription from $subscriber_uri to $subscribed_user_uri. + * Throws exceptions in case of error. + * + * @param string $subscriber_uri The OMB identifier URI specifying + * the subscribing profile + * + * @param string $subscribed_user_uri The OMB identifier URI specifying + * the subscribed profile + * @param OAuthToken $token The access token + * + * @access public + **/ + public function saveSubscription($subscriber_uri, $subscribed_user_uri, + $token) { + throw new Exception(); + } +} +?> diff --git a/extlib/libomb/helper.php b/extlib/libomb/helper.php new file mode 100644 index 000000000..a1f21f268 --- /dev/null +++ b/extlib/libomb/helper.php @@ -0,0 +1,99 @@ +. + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ + +class OMB_Helper { + + /** + * Non-scalar constants + * + * The set of OMB and OAuth Services an OMB Server has to implement. + */ + + public static $OMB_SERVICES = + array(OMB_ENDPOINT_UPDATEPROFILE, OMB_ENDPOINT_POSTNOTICE); + public static $OAUTH_SERVICES = + array(OAUTH_ENDPOINT_REQUEST, OAUTH_ENDPOINT_AUTHORIZE, OAUTH_ENDPOINT_ACCESS); + + /** + * Validate URL + * + * Basic URL validation. Currently http, https, ftp and gopher are supported + * schemes. + * + * @param string $url The URL which is to be validated. + * + * @return bool Whether URL is valid. + * + * @access public + */ + public static function validateURL($url) { + return Validate::uri($url, array('allowed_schemes' => array('http', 'https', + 'gopher', 'ftp'))); + } + + /** + * Validate Media type + * + * Basic Media type validation. Checks for valid maintype and correct format. + * + * @param string $mediatype The Media type which is to be validated. + * + * @return bool Whether media type is valid. + * + * @access public + */ + public static function validateMediaType($mediatype) { + if (0 === preg_match('/^(\w+)\/([\w\d-+.]+)$/', $mediatype, $subtypes)) { + return false; + } + if (!in_array(strtolower($subtypes[1]), array('application', 'audio', 'image', + 'message', 'model', 'multipart', 'text', 'video'))) { + return false; + } + return true; + } + + /** + * Remove escaping from request parameters + * + * Neutralise the evil effects of magic_quotes_gpc in the current request. + * This is used before handing a request off to OAuthRequest::from_request. + * Many thanks to Ciaran Gultnieks for this fix. + * + * @access public + */ + public static function removeMagicQuotesFromRequest() { + if(get_magic_quotes_gpc() == 1) { + $_POST = array_map('stripslashes', $_POST); + $_GET = array_map('stripslashes', $_GET); + } + } +} +?> diff --git a/extlib/libomb/invalidparameterexception.php b/extlib/libomb/invalidparameterexception.php new file mode 100755 index 000000000..163e1dd4c --- /dev/null +++ b/extlib/libomb/invalidparameterexception.php @@ -0,0 +1,32 @@ +. + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ +class OMB_InvalidParameterException extends Exception { + public function __construct($value, $type, $parameter) { + parent::__construct("Invalid value $value for parameter $parameter in $type"); + } +} +?> diff --git a/extlib/libomb/invalidyadisexception.php b/extlib/libomb/invalidyadisexception.php new file mode 100755 index 000000000..797b7b95b --- /dev/null +++ b/extlib/libomb/invalidyadisexception.php @@ -0,0 +1,31 @@ +. + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ +class OMB_InvalidYadisException extends Exception { + +} +?> diff --git a/extlib/libomb/notice.php b/extlib/libomb/notice.php new file mode 100755 index 000000000..9ac36640a --- /dev/null +++ b/extlib/libomb/notice.php @@ -0,0 +1,272 @@ +. + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ + +class OMB_Notice { + protected $author; + protected $uri; + protected $content; + protected $url; + protected $license_url; /* url is an own addition for clarification. */ + protected $seealso_url; /* url is an own addition for clarification. */ + protected $seealso_disposition; + protected $seealso_mediatype; + protected $seealso_license_url; /* url is an addition for clarification. */ + + /* The notice as OMB param array. Cached and rebuild on usage. + false while outdated. */ + protected $param_array; + + /** + * Constructor for OMB_Notice + * + * Initializes the OMB_Notice object with author, uri and content. + * These parameters are mandatory for postNotice. + * + * @param object $author An OMB_Profile object representing the author of the + * notice. + * @param string $uri The notice URI as defined by the OMB. A unique and + * unchanging identifier for a notice. + * @param string $content The content of the notice. 140 chars recommended, + * but there is no limit. + * + * @access public + */ + public function __construct($author, $uri, $content) { + $this->content = $content; + if (is_null($author)) { + throw new OMB_InvalidParameterException('', 'notice', 'omb_listenee'); + } + $this->author = $author; + + if (!Validate::uri($uri)) { + throw new OMB_InvalidParameterException($uri, 'notice', 'omb_notice'); + } + $this->uri = $uri; + + $this->param_array = false; + } + + /** + * Returns the notice as array + * + * The method returns an array which contains the whole notice as array. The + * array is cached and only rebuilt on changes of the notice. + * Empty optional values are not passed. + * + * @access public + * @returns array The notice as parameter array + */ + public function asParameters() { + if ($this->param_array !== false) { + return $this->param_array; + } + + $this->param_array = array( + 'omb_notice' => $this->uri, + 'omb_notice_content' => $this->content); + + if (!is_null($this->url)) + $this->param_array['omb_notice_url'] = $this->url; + + if (!is_null($this->license_url)) + $this->param_array['omb_notice_license'] = $this->license_url; + + if (!is_null($this->seealso_url)) { + $this->param_array['omb_seealso'] = $this->seealso_url; + + /* This is actually a free interpretation of the OMB standard. We assume + that additional seealso parameters are not of any use if seealso itself + is not set. */ + if (!is_null($this->seealso_disposition)) + $this->param_array['omb_seealso_disposition'] = + $this->seealso_disposition; + + if (!is_null($this->seealso_mediatype)) + $this->param_array['omb_seealso_mediatype'] = $this->seealso_mediatype; + + if (!is_null($this->seealso_license_url)) + $this->param_array['omb_seealso_license'] = $this->seealso_license_url; + } + return $this->param_array; + } + + /** + * Builds an OMB_Notice object from array + * + * The method builds an OMB_Notice object from the passed parameters array. + * The array MUST provide a notice URI and content. The array fields HAVE TO + * be named according to the OMB standard, i. e. omb_notice_* and + * omb_seealso_*. Values are handled as not passed if the corresponding array + * fields are not set or the empty string. + * + * @param object $author An OMB_Profile object representing the author of + * the notice. + * @param string $parameters An array containing the notice parameters. + * + * @access public + * + * @returns OMB_Notice The built OMB_Notice. + */ + public static function fromParameters($author, $parameters) { + $notice = new OMB_Notice($author, $parameters['omb_notice'], + $parameters['omb_notice_content']); + + if (isset($parameters['omb_notice_url'])) { + $notice->setURL($parameters['omb_notice_url']); + } + + if (isset($parameters['omb_notice_license'])) { + $notice->setLicenseURL($parameters['omb_notice_license']); + } + + if (isset($parameters['omb_seealso'])) { + $notice->setSeealsoURL($parameters['omb_seealso']); + } + + if (isset($parameters['omb_seealso_disposition'])) { + $notice->setSeealsoDisposition($parameters['omb_seealso_disposition']); + } + + if (isset($parameters['omb_seealso_mediatype'])) { + $notice->setSeealsoMediatype($parameters['omb_seealso_mediatype']); + } + + if (isset($parameters['omb_seealso_license'])) { + $notice->setSeealsoLicenseURL($parameters['omb_seealso_license']); + } + return $notice; + } + + public function getAuthor() { + return $this->author; + } + + public function getIdentifierURI() { + return $this->uri; + } + + public function getContent() { + return $this->content; + } + + public function getURL() { + return $this->url; + } + + public function getLicenseURL() { + return $this->license_url; + } + + public function getSeealsoURL() { + return $this->seealso_url; + } + + public function getSeealsoDisposition() { + return $this->seealso_disposition; + } + + public function getSeealsoMediatype() { + return $this->seealso_mediatype; + } + + public function getSeealsoLicenseURL() { + return $this->seealso_license_url; + } + + public function setURL($url) { + if ($url === '') { + $url = null; + } elseif (!OMB_Helper::validateURL($url)) { + throw new OMB_InvalidParameterException($url, 'notice', 'omb_notice_url'); + } + $this->url = $url; + $this->param_array = false; + } + + public function setLicenseURL($license_url) { + if ($license_url === '') { + $license_url = null; + } elseif (!OMB_Helper::validateURL($license_url)) { + throw new OMB_InvalidParameterException($license_url, 'notice', + 'omb_notice_license'); + } + $this->license_url = $license_url; + $this->param_array = false; + } + + public function setSeealsoURL($seealso_url) { + if ($seealso_url === '') { + $seealso_url = null; + } elseif (!OMB_Helper::validateURL($seealso_url)) { + throw new OMB_InvalidParameterException($seealso_url, 'notice', + 'omb_seealso'); + } + $this->seealso_url = $seealso_url; + $this->param_array = false; + } + + public function setSeealsoDisposition($seealso_disposition) { + if ($seealso_disposition === '') { + $seealso_disposition = null; + } elseif ($seealso_disposition !== 'link' && $seealso_disposition !== 'inline') { + throw new OMB_InvalidParameterException($seealso_disposition, 'notice', + 'omb_seealso_disposition'); + } + $this->seealso_disposition = $seealso_disposition; + $this->param_array = false; + } + + public function setSeealsoMediatype($seealso_mediatype) { + if ($seealso_mediatype === '') { + $seealso_mediatype = null; + } elseif (!OMB_Helper::validateMediaType($seealso_mediatype)) { + throw new OMB_InvalidParameterException($seealso_mediatype, 'notice', + 'omb_seealso_mediatype'); + } + $this->seealso_mediatype = $seealso_mediatype; + $this->param_array = false; + } + + public function setSeealsoLicenseURL($seealso_license_url) { + if ($seealso_license_url === '') { + $seealso_license_url = null; + } elseif (!OMB_Helper::validateURL($seealso_license_url)) { + throw new OMB_InvalidParameterException($seealso_license_url, 'notice', + 'omb_seealso_license'); + } + $this->seealso_license_url = $seealso_license_url; + $this->param_array = false; + } +} +?> diff --git a/extlib/libomb/omb_yadis_xrds.php b/extlib/libomb/omb_yadis_xrds.php new file mode 100755 index 000000000..89921203b --- /dev/null +++ b/extlib/libomb/omb_yadis_xrds.php @@ -0,0 +1,196 @@ +. + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ + +class OMB_Yadis_XRDS extends Auth_Yadis_XRDS { + + protected $fetcher; + + /** + * Create an instance from URL + * + * Constructs an OMB_Yadis_XRDS object from a given URL. A full Yadis + * discovery is performed on the URL and the XRDS is parsed. + * Throws an OMB_InvalidYadisException when no Yadis is discovered or the + * detected XRDS file is broken. + * + * @param string $url The URL on which Yadis discovery + * should be performed on + * @param Auth_Yadis_HTTPFetcher $fetcher A fetcher used to get HTTP + * resources + * + * @access public + * + * @return OMB_Yadis_XRDS The initialized object representing the given + * resource + **/ + public static function fromYadisURL($url, $fetcher) { + /* Perform a Yadis discovery. */ + $yadis = Auth_Yadis_Yadis::discover($url, $fetcher); + if ($yadis->failed) { + throw new OMB_InvalidYadisException($url); + } + + /* Parse the XRDS file. */ + $xrds = OMB_Yadis_XRDS::parseXRDS($yadis->response_text); + if ($xrds === null) { + throw new OMB_InvalidYadisException($url); + } + $xrds->fetcher = $fetcher; + return $xrds; + } + + /** + * Get a specific service + * + * Returns the Auth_Yadis_Service object corresponding to the given service + * URI. + * Throws an OMB_UnsupportedServiceException if the service is not available. + * + * @param string $service URI specifier of the requested service + * + * @access public + * + * @return Auth_Yadis_Service The object representing the requested service + **/ + public function getService($service) { + $match = $this->services(array( create_function('$s', + "return in_array('$service', \$s->getTypes());"))); + if ($match === array()) { + throw new OMB_UnsupportedServiceException($service); + } + return $match[0]; + } + + /** + * Get a specific XRD + * + * Returns the OMB_Yadis_XRDS object corresponding to the given URI. + * Throws an OMB_UnsupportedServiceException if the XRD is not available. + * Note that getXRD tries to resolve external XRD parts as well. + * + * @param string $uri URI specifier of the requested XRD + * + * @access public + * + * @return OMB_Yadis_XRDS The object representing the requested XRD + **/ + public function getXRD($uri) { + $nexthash = strpos($uri, '#'); + if ($nexthash !== 0) { + if ($nexthash !== false) { + $cururi = substr($uri, 0, $nexthash); + $nexturi = substr($uri, $nexthash); + } + return + OMB_Yadis_XRDS::fromYadisURL($cururi, $this->fetcher)->getXRD($nexturi); + } + + $id = substr($uri, 1); + foreach ($this->allXrdNodes as $node) { + $attrs = $this->parser->attributes($node); + if (array_key_exists('xml:id', $attrs) && $attrs['xml:id'] == $id) { + /* Trick the constructor into thinking this is the only node. */ + $bogus_nodes = array($node); + return new OMB_Yadis_XRDS($this->parser, $bogus_nodes); + } + } + throw new OMB_UnsupportedServiceException($uri); + } + + /** + * Parse an XML string containing a XRDS document + * + * Parse an XML string (XRDS document) and return either a + * Auth_Yadis_XRDS object or null, depending on whether the + * XRDS XML is valid. + * Copy and paste from parent to select correct constructor. + * + * @param string $xml_string An XRDS XML string. + * + * @access public + * + * @return mixed An instance of OMB_Yadis_XRDS or null, + * depending on the validity of $xml_string + **/ + + public function &parseXRDS($xml_string, $extra_ns_map = null) { + $_null = null; + + if (!$xml_string) { + return $_null; + } + + $parser = Auth_Yadis_getXMLParser(); + + $ns_map = Auth_Yadis_getNSMap(); + + if ($extra_ns_map && is_array($extra_ns_map)) { + $ns_map = array_merge($ns_map, $extra_ns_map); + } + + if (!($parser && $parser->init($xml_string, $ns_map))) { + return $_null; + } + + // Try to get root element. + $root = $parser->evalXPath('/xrds:XRDS[1]'); + if (!$root) { + return $_null; + } + + if (is_array($root)) { + $root = $root[0]; + } + + $attrs = $parser->attributes($root); + + if (array_key_exists('xmlns:xrd', $attrs) && + $attrs['xmlns:xrd'] != Auth_Yadis_XMLNS_XRDS) { + return $_null; + } else if (array_key_exists('xmlns', $attrs) && + preg_match('/xri/', $attrs['xmlns']) && + $attrs['xmlns'] != Auth_Yadis_XMLNS_XRD_2_0) { + return $_null; + } + + // Get the last XRD node. + $xrd_nodes = $parser->evalXPath('/xrds:XRDS[1]/xrd:XRD'); + + if (!$xrd_nodes) { + return $_null; + } + + $xrds = new OMB_Yadis_XRDS($parser, $xrd_nodes); + return $xrds; + } +} diff --git a/extlib/libomb/plain_xrds_writer.php b/extlib/libomb/plain_xrds_writer.php new file mode 100755 index 000000000..b4a6e990b --- /dev/null +++ b/extlib/libomb/plain_xrds_writer.php @@ -0,0 +1,124 @@ +writeXRDS. + * + * PHP version 5 + * + * LICENSE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ + +class OMB_Plain_XRDS_Writer implements OMB_XRDS_Writer { + public function writeXRDS($user, $mapper) { + header('Content-Type: application/xrds+xml'); + $xw = new XMLWriter(); + $xw->openURI('php://output'); + $xw->setIndent(true); + + $xw->startDocument('1.0', 'UTF-8'); + $this->writeFullElement($xw, 'XRDS', array('xmlns' => 'xri://$xrds'), array( + array('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'xml:id' => 'oauth', + 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', + 'version' => '2.0'), array( + array('Type', null, 'xri://$xrds*simple'), + array('Service', null, array( + array('Type', null, OAUTH_ENDPOINT_REQUEST), + array('URI', null, $mapper->getURL(OAUTH_ENDPOINT_REQUEST)), + array('Type', null, OAUTH_AUTH_HEADER), + array('Type', null, OAUTH_POST_BODY), + array('Type', null, OAUTH_HMAC_SHA1), + array('LocalID', null, $user->getIdentifierURI()) + )), + array('Service', null, array( + array('Type', null, OAUTH_ENDPOINT_AUTHORIZE), + array('URI', null, $mapper->getURL(OAUTH_ENDPOINT_AUTHORIZE)), + array('Type', null, OAUTH_AUTH_HEADER), + array('Type', null, OAUTH_POST_BODY), + array('Type', null, OAUTH_HMAC_SHA1) + )), + array('Service', null, array( + array('Type', null, OAUTH_ENDPOINT_ACCESS), + array('URI', null, $mapper->getURL(OAUTH_ENDPOINT_ACCESS)), + array('Type', null, OAUTH_AUTH_HEADER), + array('Type', null, OAUTH_POST_BODY), + array('Type', null, OAUTH_HMAC_SHA1) + )), + array('Service', null, array( + array('Type', null, OAUTH_ENDPOINT_RESOURCE), + array('Type', null, OAUTH_AUTH_HEADER), + array('Type', null, OAUTH_POST_BODY), + array('Type', null, OAUTH_HMAC_SHA1) + )) + )), + array('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'xml:id' => 'omb', + 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', + 'version' => '2.0'), array( + array('Type', null, 'xri://$xrds*simple'), + array('Service', null, array( + array('Type', null, OMB_ENDPOINT_POSTNOTICE), + array('URI', null, $mapper->getURL(OMB_ENDPOINT_POSTNOTICE)) + )), + array('Service', null, array( + array('Type', null, OMB_ENDPOINT_UPDATEPROFILE), + array('URI', null, $mapper->getURL(OMB_ENDPOINT_UPDATEPROFILE)) + )) + )), + array('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'version' => '2.0'), array( + array('Type', null, 'xri://$xrds*simple'), + array('Service', null, array( + array('Type', null, OAUTH_DISCOVERY), + array('URI', null, '#oauth') + )), + array('Service', null, array( + array('Type', null, OMB_VERSION), + array('URI', null, '#omb') + )) + )) + )); + $xw->endDocument(); + $xw->flush(); + } + + public static function writeFullElement($xw, $tag, $attributes, $content) { + $xw->startElement($tag); + if (!is_null($attributes)) { + foreach ($attributes as $name => $value) { + $xw->writeAttribute($name, $value); + } + } + if (is_array($content)) { + foreach ($content as $values) { + OMB_Plain_XRDS_Writer::writeFullElement($xw, $values[0], $values[1], $values[2]); + } + } else { + $xw->text($content); + } + $xw->fullEndElement(); + } +} +?> diff --git a/extlib/libomb/profile.php b/extlib/libomb/profile.php new file mode 100755 index 000000000..13314d3e8 --- /dev/null +++ b/extlib/libomb/profile.php @@ -0,0 +1,317 @@ +. + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ + +class OMB_Profile { + protected $identifier_uri; + protected $profile_url; + protected $nickname; + protected $license_url; + protected $fullname; + protected $homepage; + protected $bio; + protected $location; + protected $avatar_url; + + /* The profile as OMB param array. Cached and rebuild on usage. + false while outdated. */ + protected $param_array; + + /** + * Constructor for OMB_Profile + * + * Initializes the OMB_Profile object with an identifier uri. + * + * @param string $identifier_uri The profile URI as defined by the OMB. A unique + * and unchanging identifier for a profile. + * + * @access public + */ + public function __construct($identifier_uri) { + if (!Validate::uri($identifier_uri)) { + throw new OMB_InvalidParameterException($identifier_uri, 'profile', + 'omb_listenee or omb_listener'); + } + $this->identifier_uri = $identifier_uri; + $this->param_array = false; + } + + /** + * Returns the profile as array + * + * The method returns an array which contains the whole profile as array. The + * array is cached and only rebuilt on changes of the profile. + * + * @param bool $force_all Specifies whether empty fields should be added to + * the array as well. This is neccessary to clear + * fields via updateProfile. + * + * @param string $prefix The common prefix to the key for all parameters. + * + * @access public + * + * @return array The profile as parameter array + */ + public function asParameters($prefix, $force_all = false) { + if ($this->param_array === false) { + $this->param_array = array('' => $this->identifier_uri); + + if ($force_all || !is_null($this->profile_url)) { + $this->param_array['_profile'] = $this->profile_url; + } + + if ($force_all || !is_null($this->homepage)) { + $this->param_array['_homepage'] = $this->homepage; + } + + if ($force_all || !is_null($this->nickname)) { + $this->param_array['_nickname'] = $this->nickname; + } + + if ($force_all || !is_null($this->license_url)) { + $this->param_array['_license'] = $this->license_url; + } + + if ($force_all || !is_null($this->fullname)) { + $this->param_array['_fullname'] = $this->fullname; + } + + if ($force_all || !is_null($this->bio)) { + $this->param_array['_bio'] = $this->bio; + } + + if ($force_all || !is_null($this->location)) { + $this->param_array['_location'] = $this->location; + } + + if ($force_all || !is_null($this->avatar_url)) { + $this->param_array['_avatar'] = $this->avatar_url; + } + + } + $ret = array(); + foreach ($this->param_array as $k => $v) { + $ret[$prefix . $k] = $v; + } + return $ret; + } + + /** + * Builds an OMB_Profile object from array + * + * The method builds an OMB_Profile object from the passed parameters array. The + * array MUST provide a profile URI. The array fields HAVE TO be named according + * to the OMB standard. The prefix (omb_listener or omb_listenee) is passed as a + * parameter. + * + * @param string $parameters An array containing the profile parameters. + * @param string $prefix The common prefix of the profile parameter keys. + * + * @access public + * + * @returns OMB_Profile The built OMB_Profile. + */ + public static function fromParameters($parameters, $prefix) { + if (!isset($parameters[$prefix])) { + throw new OMB_InvalidParameterException('', 'profile', $prefix); + } + + $profile = new OMB_Profile($parameters[$prefix]); + $profile->updateFromParameters($parameters, $prefix); + return $profile; + } + + /** + * Update from array + * + * Updates from the passed parameters array. The array does not have to + * provide a profile URI. The array fields HAVE TO be named according to the + * OMB standard. The prefix (omb_listener or omb_listenee) is passed as a + * parameter. + * + * @param string $parameters An array containing the profile parameters. + * @param string $prefix The common prefix of the profile parameter keys. + * + * @access public + */ + public function updateFromParameters($parameters, $prefix) { + if (isset($parameters[$prefix.'_profile'])) { + $this->setProfileURL($parameters[$prefix.'_profile']); + } + + if (isset($parameters[$prefix.'_license'])) { + $this->setLicenseURL($parameters[$prefix.'_license']); + } + + if (isset($parameters[$prefix.'_nickname'])) { + $this->setNickname($parameters[$prefix.'_nickname']); + } + + if (isset($parameters[$prefix.'_fullname'])) { + $this->setFullname($parameters[$prefix.'_fullname']); + } + + if (isset($parameters[$prefix.'_homepage'])) { + $this->setHomepage($parameters[$prefix.'_homepage']); + } + + if (isset($parameters[$prefix.'_bio'])) { + $this->setBio($parameters[$prefix.'_bio']); + } + + if (isset($parameters[$prefix.'_location'])) { + $this->setLocation($parameters[$prefix.'_location']); + } + + if (isset($parameters[$prefix.'_avatar'])) { + $this->setAvatarURL($parameters[$prefix.'_avatar']); + } + } + + public function getIdentifierURI() { + return $this->identifier_uri; + } + + public function getProfileURL() { + return $this->profile_url; + } + + public function getHomepage() { + return $this->homepage; + } + + public function getNickname() { + return $this->nickname; + } + + public function getLicenseURL() { + return $this->license_url; + } + + public function getFullname() { + return $this->fullname; + } + + public function getBio() { + return $this->bio; + } + + public function getLocation() { + return $this->location; + } + + public function getAvatarURL() { + return $this->avatar_url; + } + + public function setProfileURL($profile_url) { + if (!OMB_Helper::validateURL($profile_url)) { + throw new OMB_InvalidParameterException($profile_url, 'profile', + 'omb_listenee_profile or omb_listener_profile'); + } + $this->profile_url = $profile_url; + $this->param_array = false; + } + + public function setNickname($nickname) { + if (!Validate::string($nickname, + array('min_length' => 1, + 'max_length' => 64, + 'format' => VALIDATE_NUM . VALIDATE_ALPHA))) { + throw new OMB_InvalidParameterException($nickname, 'profile', 'nickname'); + } + + $this->nickname = $nickname; + $this->param_array = false; + } + + public function setLicenseURL($license_url) { + if (!OMB_Helper::validateURL($license_url)) { + throw new OMB_InvalidParameterException($license_url, 'profile', + 'omb_listenee_license or omb_listener_license'); + } + $this->license_url = $license_url; + $this->param_array = false; + } + + public function setFullname($fullname) { + if ($fullname === '') { + $fullname = null; + } elseif (!Validate::string($fullname, array('max_length' => 255))) { + throw new OMB_InvalidParameterException($fullname, 'profile', 'fullname'); + } + $this->fullname = $fullname; + $this->param_array = false; + } + + public function setHomepage($homepage) { + if ($homepage === '') { + $homepage = null; + } + $this->homepage = $homepage; + $this->param_array = false; + } + + public function setBio($bio) { + if ($bio === '') { + $bio = null; + } elseif (!Validate::string($bio, array('max_length' => 140))) { + throw new OMB_InvalidParameterException($bio, 'profile', 'fullname'); + } + $this->bio = $bio; + $this->param_array = false; + } + + public function setLocation($location) { + if ($location === '') { + $location = null; + } elseif (!Validate::string($location, array('max_length' => 255))) { + throw new OMB_InvalidParameterException($location, 'profile', 'fullname'); + } + $this->location = $location; + $this->param_array = false; + } + + public function setAvatarURL($avatar_url) { + if ($avatar_url === '') { + $avatar_url = null; + } elseif (!OMB_Helper::validateURL($avatar_url)) { + throw new OMB_InvalidParameterException($avatar_url, 'profile', + 'omb_listenee_avatar or omb_listener_avatar'); + } + $this->avatar_url = $avatar_url; + $this->param_array = false; + } + +} +?> diff --git a/extlib/libomb/remoteserviceexception.php b/extlib/libomb/remoteserviceexception.php new file mode 100755 index 000000000..374d15973 --- /dev/null +++ b/extlib/libomb/remoteserviceexception.php @@ -0,0 +1,42 @@ +. + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ +class OMB_RemoteServiceException extends Exception { + public static function fromYadis($request_uri, $result) { + if ($result->status == 200) { + $err = 'Got wrong response ' . $result->body; + } else { + $err = 'Got error code ' . $result->status . ' with response ' . $result->body; + } + return new OMB_RemoteServiceException($request_uri . ': ' . $err); + } + + public static function forRequest($action_uri, $failure) { + return new OMB_RemoteServiceException("Handler for $action_uri: " . $failure); + } +} +?> diff --git a/extlib/libomb/service_consumer.php b/extlib/libomb/service_consumer.php new file mode 100755 index 000000000..273fd052e --- /dev/null +++ b/extlib/libomb/service_consumer.php @@ -0,0 +1,430 @@ +. + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ + +class OMB_Service_Consumer { + protected $url; /* The service URL */ + protected $services; /* An array of strings mapping service URI to + service URL */ + + protected $token; /* An OAuthToken */ + + protected $listener_uri; /* The URI identifying the listener, i. e. the + remote user. */ + + protected $listenee_uri; /* The URI identifying the listenee, i. e. the + local user during an auth request. */ + + /** + * According to OAuth Core 1.0, an user authorization request is no full-blown + * OAuth request. nonce, timestamp, consumer_key and signature are not needed + * in this step. See http://laconi.ca/trac/ticket/827 for more informations. + * + * Since Laconica up to version 0.7.2 performs a full OAuth request check, a + * correct request would fail. + **/ + public $performLegacyAuthRequest = true; + + /* Helper stuff we are going to need. */ + protected $fetcher; + protected $oauth_consumer; + protected $datastore; + + /** + * Constructor for OMB_Service_Consumer + * + * Initializes an OMB_Service_Consumer object representing the OMB service + * specified by $service_url. Performs a complete service discovery using + * Yadis. + * Throws OMB_UnsupportedServiceException if XRDS file does not specify a + * complete OMB service. + * + * @param string $service_url The URL of the service + * @param string $consumer_url An URL representing the consumer + * @param OMB_Datastore $datastore An instance of a class implementing + * OMB_Datastore + * + * @access public + **/ + public function __construct ($service_url, $consumer_url, $datastore) { + $this->url = $service_url; + $this->fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); + $this->datastore = $datastore; + $this->oauth_consumer = new OAuthConsumer($consumer_url, ''); + + $xrds = OMB_Yadis_XRDS::fromYadisURL($service_url, $this->fetcher); + + /* Detect our services. This performs a validation as well, since + getService und getXRD throw exceptions on failure. */ + $this->services = array(); + + foreach (array(OAUTH_DISCOVERY => OMB_Helper::$OAUTH_SERVICES, + OMB_VERSION => OMB_Helper::$OMB_SERVICES) + as $service_root => $targetservices) { + $uris = $xrds->getService($service_root)->getURIs(); + $xrd = $xrds->getXRD($uris[0]); + foreach ($targetservices as $targetservice) { + $yadis_service = $xrd->getService($targetservice); + if ($targetservice == OAUTH_ENDPOINT_REQUEST) { + $localid = $yadis_service->getElements('xrd:LocalID'); + $this->listener_uri = $yadis_service->parser->content($localid[0]); + } + $uris = $yadis_service->getURIs(); + $this->services[$targetservice] = $uris[0]; + } + } + } + + /** + * Get the handler URI for a service + * + * Returns the URI the remote web service has specified for the given + * service. + * + * @param string $service The URI identifying the service + * + * @access public + * + * @return string The service handler URI + **/ + public function getServiceURI($service) { + return $this->services[$service]; + } + + /** + * Get the remote user’s URI + * + * Returns the URI of the remote user, i. e. the listener. + * + * @access public + * + * @return string The remote user’s URI + **/ + public function getRemoteUserURI() { + return $this->listener_uri; + } + + /** + * Get the listenee’s URI + * + * Returns the URI of the user being subscribed to, i. e. the local user. + * + * @access public + * + * @return string The local user’s URI + **/ + public function getListeneeURI() { + return $this->listenee_uri; + } + + /** + * Request a request token + * + * Performs a token request on the service. Returns an OAuthToken on success. + * Throws an exception if the request fails. + * + * @access public + * + * @return OAuthToken An unauthorized request token + **/ + public function requestToken() { + /* Set the token to null just in case the user called setToken. */ + $this->token = null; + + $result = $this->performAction(OAUTH_ENDPOINT_REQUEST, + array('omb_listener' => $this->listener_uri)); + if ($result->status != 200) { + throw OMB_RemoteServiceException::fromYadis(OAUTH_ENDPOINT_REQUEST, + $result); + } + parse_str($result->body, $return); + if (!isset($return['oauth_token']) || !isset($return['oauth_token_secret'])) { + throw OMB_RemoteServiceException::fromYadis(OAUTH_ENDPOINT_REQUEST, + $result); + } + $this->setToken($return['oauth_token'], $return['oauth_token_secret']); + return $this->token; + } + + /** + * + * Request authorization + * + * Returns an URL which equals to an authorization request. The end user + * should be redirected to this location to perform authorization. + * The $finish_url should be a local resource which invokes + * OMB_Consumer::finishAuthorization on request. + * + * @param OMB_Profile $profile An OMB_Profile object representing the + * soon-to-be subscribed (i. e. local) user + * @param string $finish_url Target location after successful + * authorization + * + * @access public + * + * @return string An URL representing an authorization request + **/ + public function requestAuthorization($profile, $finish_url) { + if ($this->performLegacyAuthRequest) { + $params = $profile->asParameters('omb_listenee', false); + $params['omb_listener'] = $this->listener_uri; + $params['oauth_callback'] = $finish_url; + + $url = $this->prepareAction(OAUTH_ENDPOINT_AUTHORIZE, $params, 'GET')->to_url(); + } else { + + $params = array( + 'oauth_callback' => $finish_url, + 'oauth_token' => $this->token->key, + 'omb_version' => OMB_VERSION, + 'omb_listener' => $this->listener_uri); + + $params = array_merge($profile->asParameters('omb_listenee', false). $params); + + /* Build result URL. */ + $url = $this->services[OAUTH_ENDPOINT_AUTHORIZE]; + $url .= (strrpos($url, '?') === false ? '?' : '&'); + foreach ($params as $k => $v) { + $url .= OAuthUtil::urlencode_rfc3986($k) . '=' . OAuthUtil::urlencode_rfc3986($v) . '&'; + } + } + + $this->listenee_uri = $profile->getIdentifierURI(); + + return $url; + } + + /** + * Finish authorization + * + * Finish the subscription process by converting the received and authorized + * request token into an access token. After that, the subscriber’s profile + * and the subscription are stored in the database. + * Expects an OAuthRequest in query parameters. + * Throws exceptions on failure. + * + * @access public + **/ + public function finishAuthorization() { + OMB_Helper::removeMagicQuotesFromRequest(); + $req = OAuthRequest::from_request(); + if ($req->get_parameter('oauth_token') != + $this->token->key) { + /* That’s not the token I wanted to get authorized. */ + throw new OAuthException('The authorized token does not equal the ' . + 'submitted token.'); + } + + if ($req->get_parameter('omb_version') != OMB_VERSION) { + throw new OMB_RemoteServiceException('The remote service uses an ' . + 'unsupported OMB version'); + } + + /* Construct the profile to validate it. */ + + /* Fix OMB bug. Listener URI is not passed. */ + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $params = $_POST; + } else { + $params = $_GET; + } + $params['omb_listener'] = $this->listener_uri; + + require_once 'profile.php'; + $listener = OMB_Profile::fromParameters($params, 'omb_listener'); + + /* Ask the remote service to convert the authorized request token into an + access token. */ + + $result = $this->performAction(OAUTH_ENDPOINT_ACCESS, array()); + if ($result->status != 200) { + throw new OAuthException('Could not get access token'); + } + + parse_str($result->body, $return); + if (!isset($return['oauth_token']) || !isset($return['oauth_token_secret'])) { + throw new OAuthException('Could not get access token'); + } + $this->setToken($return['oauth_token'], $return['oauth_token_secret']); + + /* Subscription is finished and valid. Now store the new subscriber and the + subscription in the database. */ + + $this->datastore->saveProfile($listener); + $this->datastore->saveSubscription($this->listener_uri, + $this->listenee_uri, + $this->token); + } + + /** + * Return the URI identifying the listener + * + * Returns the URI for the OMB user who tries to subscribe or already has + * subscribed our user. This method is a workaround for a serious OMB flaw: + * The Listener URI is not passed in the finishauthorization call. + * + * @access public + * + * @return string the listener’s URI + **/ + public function getListenerURI() { + return $this->listener_uri; + } + + /** + * Inform the service about a profile update + * + * Sends an updated profile to the service. + * + * @param OMB_Profile $profile The profile that has changed + * + * @access public + **/ + public function updateProfile($profile) { + $params = $profile->asParameters('omb_listenee', true); + $this->performOMBAction(OMB_ENDPOINT_UPDATEPROFILE, $params, $profile->getIdentifierURI()); + } + + /** + * Inform the service about a new notice + * + * Sends a notice to the service. + * + * @param OMB_Notice $notice The notice + * + * @access public + **/ + public function postNotice($notice) { + $params = $notice->asParameters(); + $params['omb_listenee'] = $notice->getAuthor()->getIdentifierURI(); + $this->performOMBAction(OMB_ENDPOINT_POSTNOTICE, $params, $params['omb_listenee']); + } + + /** + * Set the token member variable + * + * Initializes the token based on given token and secret token. + * + * @param string $token The token + * @param string $secret The secret token + * + * @access public + **/ + public function setToken($token, $secret) { + $this->token = new OAuthToken($token, $secret); + } + + /** + * Prepare an OAuthRequest object + * + * Creates an OAuthRequest object mapping the request specified by the + * parameters. + * + * @param string $action_uri The URI specifying the target service + * @param array $params Additional parameters for the service call + * @param string $method The HTTP method used to call the service + * ('POST' or 'GET', usually) + * + * @access protected + * + * @return OAuthRequest the prepared request + **/ + protected function prepareAction($action_uri, $params, $method) { + $url = $this->services[$action_uri]; + + $url_params = array(); + parse_str(parse_url($url, PHP_URL_QUERY), $url_params); + + /* Add OMB version. */ + $url_params['omb_version'] = OMB_VERSION; + + /* Add user-defined parameters. */ + $url_params = array_merge($url_params, $params); + + $req = OAuthRequest::from_consumer_and_token($this->oauth_consumer, + $this->token, $method, $url, $url_params); + + /* Sign the request. */ + $req->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), + $this->oauth_consumer, $this->token); + + return $req; + } + + /** + * Perform a service call + * + * Creates an OAuthRequest object and execute the mapped call as POST request. + * + * @param string $action_uri The URI specifying the target service + * @param array $params Additional parameters for the service call + * + * @access protected + * + * @return Auth_Yadis_HTTPResponse The POST request response + **/ + protected function performAction($action_uri, $params) { + $req = $this->prepareAction($action_uri, $params, 'POST'); + + /* Return result page. */ + return $this->fetcher->post($req->get_normalized_http_url(), $req->to_postdata(), array()); + } + + /** + * Perform an OMB action + * + * Executes an OMB action – to date, it’s one of updateProfile or postNotice. + * + * @param string $action_uri The URI specifying the target service + * @param array $params Additional parameters for the service call + * @param string $listenee_uri The URI identifying the local user for whom + * the action is performed + * + * @access protected + **/ + protected function performOMBAction($action_uri, $params, $listenee_uri) { + $result = $this->performAction($action_uri, $params); + if ($result->status == 403) { + /* The remote user unsubscribed us. */ + $this->datastore->deleteSubscription($this->listener_uri, $listenee_uri); + } else if ($result->status != 200 || + strpos($result->body, 'omb_version=' . OMB_VERSION) === false) { + /* The server signaled an error or sent an incorrect response. */ + throw OMB_RemoteServiceException::fromYadis($action_uri, $result); + } + } +} diff --git a/extlib/libomb/service_provider.php b/extlib/libomb/service_provider.php new file mode 100755 index 000000000..b3ad53753 --- /dev/null +++ b/extlib/libomb/service_provider.php @@ -0,0 +1,411 @@ +. + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ + +class OMB_Service_Provider { + protected $user; /* An OMB_Profile representing the user */ + protected $datastore; /* AN OMB_Datastore */ + + protected $remote_user; /* An OMB_Profile representing the remote user during + the authorization process */ + + protected $oauth_server; /* An OAuthServer; should only be accessed via + getOAuthServer. */ + + /** + * Initialize an OMB_Service_Provider object + * + * Constructs an OMB_Service_Provider instance that provides OMB services + * referring to a particular user. + * + * @param OMB_Profile $user An OMB_Profile; mandatory for XRDS + * output, user auth handling and OMB + * action performing + * @param OMB_Datastore $datastore An OMB_Datastore; mandatory for + * everything but XRDS output + * @param OAuthServer $oauth_server An OAuthServer; used for token writing + * and OMB action handling; will use + * default value if not set + * + * @access public + **/ + public function __construct ($user = null, $datastore = null, $oauth_server = null) { + $this->user = $user; + $this->datastore = $datastore; + $this->oauth_server = $oauth_server; + } + + public function getRemoteUser() { + return $this->remote_user; + } + + /** + * Write a XRDS document + * + * Writes a XRDS document specifying the OMB service. Optionally uses a + * given object of a class implementing OMB_XRDS_Writer for output. Else + * OMB_Plain_XRDS_Writer is used. + * + * @param OMB_XRDS_Mapper $xrds_mapper An object mapping actions to URLs + * @param OMB_XRDS_Writer $xrds_writer Optional; The OMB_XRDS_Writer used to + * write the XRDS document + * + * @access public + * + * @return mixed Depends on the used OMB_XRDS_Writer; OMB_Plain_XRDS_Writer + * returns nothing. + **/ + public function writeXRDS($xrds_mapper, $xrds_writer = null) { + if ($xrds_writer == null) { + require_once 'plain_xrds_writer.php'; + $xrds_writer = new OMB_Plain_XRDS_Writer(); + } + return $xrds_writer->writeXRDS($this->user, $xrds_mapper); + } + + /** + * Echo a request token + * + * Outputs an unauthorized request token for the query found in $_GET or + * $_POST. + * + * @access public + **/ + public function writeRequestToken() { + OMB_Helper::removeMagicQuotesFromRequest(); + echo $this->getOAuthServer()->fetch_request_token(OAuthRequest::from_request()); + } + + /** + * Handle an user authorization request. + * + * Parses an authorization request. This includes OAuth and OMB verification. + * Throws exceptions on failures. Returns an OMB_Profile object representing + * the remote user. + * + * @access public + * + * @return OMB_Profile The profile of the soon-to-be subscribed, i. e. remote + * user + **/ + public function handleUserAuth() { + OMB_Helper::removeMagicQuotesFromRequest(); + + /* Verify the request token. */ + + $this->token = $this->datastore->lookup_token(null, "request", $_GET['oauth_token']); + if (is_null($this->token)) { + throw new OAuthException('The given request token has not been issued ' . + 'by this service.'); + } + + /* Verify the OMB part. */ + + if ($_GET['omb_version'] !== OMB_VERSION) { + throw OMB_RemoteServiceException::forRequest(OAUTH_ENDPOINT_AUTHORIZE, + 'Wrong OMB version ' . $_GET['omb_version']); + } + + if ($_GET['omb_listener'] !== $this->user->getIdentifierURI()) { + throw OMB_RemoteServiceException::forRequest(OAUTH_ENDPOINT_AUTHORIZE, + 'Wrong OMB listener ' . $_GET['omb_listener']); + } + + foreach (array('omb_listenee', 'omb_listenee_profile', + 'omb_listenee_nickname', 'omb_listenee_license') as $param) { + if (!isset($_GET[$param]) || is_null($_GET[$param])) { + throw OMB_RemoteServiceException::forRequest(OAUTH_ENDPOINT_AUTHORIZE, + "Required parameter '$param' not found"); + } + } + + /* Store given callback for later use. */ + if (isset($_GET['oauth_callback']) && $_GET['oauth_callback'] !== '') { + $this->callback = $_GET['oauth_callback']; + } + $this->remote_user = OMB_Profile::fromParameters($_GET, 'omb_listenee'); + + return $this->remote_user; + } + + /** + * Continue the OAuth dance after user authorization + * + * Performs the appropriate actions after user answered the authorization + * request. + * + * @param bool $accepted Whether the user granted authorization + * + * @access public + * + * @return array A two-component array with the values: + * - callback The callback URL or null if none given + * - token The authorized request token or null if not + * authorized. + **/ + public function continueUserAuth($accepted) { + $callback = $this->callback; + if (!$accepted) { + $this->datastore->revoke_token($this->token->key); + $this->token = null; + /* TODO: The handling is probably wrong in terms of OAuth 1.0 but the way + laconica works. Moreover I don’t know the right way either. */ + + } else { + $this->datastore->authorize_token($this->token->key); + $this->datastore->saveProfile($this->remote_user); + $this->datastore->saveSubscription($this->user->getIdentifierURI(), + $this->remote_user->getIdentifierURI(), $this->token); + + if (!is_null($this->callback)) { + /* Callback wants to get some informations as well. */ + $params = $this->user->asParameters('omb_listener', false); + + $params['oauth_token'] = $this->token->key; + $params['omb_version'] = OMB_VERSION; + + $callback .= (parse_url($this->callback, PHP_URL_QUERY) ? '&' : '?'); + foreach ($params as $k => $v) { + $callback .= OAuthUtil::urlencode_rfc3986($k) . '=' . + OAuthUtil::urlencode_rfc3986($v) . '&'; + } + } + } + return array($callback, $this->token); + } + + /** + * Echo an access token + * + * Outputs an access token for the query found in $_GET or $_POST. + * + * @access public + **/ + public function writeAccessToken() { + OMB_Helper::removeMagicQuotesFromRequest(); + echo $this->getOAuthServer()->fetch_access_token(OAuthRequest::from_request()); + } + + /** + * Handle an updateprofile request + * + * Handles an updateprofile request posted to this service. Updates the + * profile through the OMB_Datastore. + * + * @access public + * + * @return OMB_Profile The updated profile + **/ + public function handleUpdateProfile() { + list($req, $profile) = $this->handleOMBRequest(OMB_ENDPOINT_UPDATEPROFILE); + $profile->updateFromParameters($req->get_parameters(), 'omb_listenee'); + $this->datastore->saveProfile($profile); + $this->finishOMBRequest(); + return $profile; + } + + /** + * Handle a postnotice request + * + * Handles a postnotice request posted to this service. + * + * @access public + * + * @return OMB_Notice The received notice + **/ + public function handlePostNotice() { + list($req, $profile) = $this->handleOMBRequest(OMB_ENDPOINT_POSTNOTICE); + require_once 'notice.php'; + $notice = OMB_Notice::fromParameters($profile, $req->get_parameters()); + $this->datastore->saveNotice($notice); + $this->finishOMBRequest(); + return $notice; + } + + /** + * Handle an OMB request + * + * Performs common OMB request handling. + * + * @param string $uri The URI defining the OMB endpoint being served + * + * @access protected + * + * @return array(OAuthRequest, OMB_Profile) + **/ + protected function handleOMBRequest($uri) { + + OMB_Helper::removeMagicQuotesFromRequest(); + $req = OAuthRequest::from_request(); + $listenee = $req->get_parameter('omb_listenee'); + + try { + list($consumer, $token) = $this->getOAuthServer()->verify_request($req); + } catch (OAuthException $e) { + header('HTTP/1.1 403 Forbidden'); + throw OMB_RemoteServiceException::forRequest($uri, + 'Revoked accesstoken for ' . $listenee); + } + + $version = $req->get_parameter('omb_version'); + if ($version !== OMB_VERSION) { + header('HTTP/1.1 400 Bad Request'); + throw OMB_RemoteServiceException::forRequest($uri, + 'Wrong OMB version ' . $version); + } + + $profile = $this->datastore->getProfile($listenee); + if (is_null($profile)) { + header('HTTP/1.1 400 Bad Request'); + throw OMB_RemoteServiceException::forRequest($uri, + 'Unknown remote profile ' . $listenee); + } + + $subscribers = $this->datastore->getSubscriptions($listenee); + if (count($subscribers) === 0) { + header('HTTP/1.1 403 Forbidden'); + throw OMB_RemoteServiceException::forRequest($uri, + 'No subscriber for ' . $listenee); + } + + return array($req, $profile); + } + + /** + * Finishes an OMB request handling + * + * Performs common OMB request handling finishing. + * + * @access protected + **/ + protected function finishOMBRequest() { + header('HTTP/1.1 200 OK'); + header('Content-type: text/plain'); + /* There should be no clutter but the version. */ + echo "omb_version=" . OMB_VERSION; + } + + /** + * Return an OAuthServer + * + * Checks whether the OAuthServer is null. If so, initializes it with a + * default value. Returns the OAuth server. + * + * @access protected + **/ + protected function getOAuthServer() { + if (is_null($this->oauth_server)) { + $this->oauth_server = new OAuthServer($this->datastore); + $this->oauth_server->add_signature_method( + new OAuthSignatureMethod_HMAC_SHA1()); + } + return $this->oauth_server; + } + + /** + * Publish a notice + * + * Posts an OMB notice. This includes storing the notice and posting it to + * subscribed users. + * + * @param OMB_Notice $notice The new notice + * + * @access public + * + * @return array An array mapping subscriber URIs to the exception posting to + * them has raised; Empty array if no exception occured + **/ + public function postNotice($notice) { + $uri = $this->user->getIdentifierURI(); + + /* $notice is passed by reference and may change. */ + $this->datastore->saveNotice($notice); + $subscribers = $this->datastore->getSubscriptions($uri); + + /* No one to post to. */ + if (is_null($subscribers)) { + return array(); + } + + require_once 'service_consumer.php'; + + $err = array(); + foreach($subscribers as $subscriber) { + try { + $service = new OMB_Service_Consumer($subscriber['uri'], $uri, $this->datastore); + $service->setToken($subscriber['token'], $subscriber['secret']); + $service->postNotice($notice); + } catch (Exception $e) { + $err[$subscriber['uri']] = $e; + continue; + } + } + return $err; + } + + /** + * Publish a profile update + * + * Posts the current profile as an OMB profile update. This includes updating + * the stored profile and posting it to subscribed users. + * + * @access public + * + * @return array An array mapping subscriber URIs to the exception posting to + * them has raised; Empty array if no exception occured + **/ + public function updateProfile() { + $uri = $this->user->getIdentifierURI(); + + $this->datastore->saveProfile($this->user); + $subscribers = $this->datastore->getSubscriptions($uri); + + /* No one to post to. */ + if (is_null($subscribers)) { + return array(); + } + + require_once 'service_consumer.php'; + + $err = array(); + foreach($subscribers as $subscriber) { + try { + $service = new OMB_Service_Consumer($subscriber['uri'], $uri, $this->datastore); + $service->setToken($subscriber['token'], $subscriber['secret']); + $service->updateProfile($this->user); + } catch (Exception $e) { + $err[$subscriber['uri']] = $e; + continue; + } + } + return $err; + } +} diff --git a/extlib/libomb/unsupportedserviceexception.php b/extlib/libomb/unsupportedserviceexception.php new file mode 100755 index 000000000..4dab63ebe --- /dev/null +++ b/extlib/libomb/unsupportedserviceexception.php @@ -0,0 +1,31 @@ +. + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ +class OMB_UnsupportedServiceException extends Exception { + +} +?> diff --git a/extlib/libomb/xrds_mapper.php b/extlib/libomb/xrds_mapper.php new file mode 100755 index 000000000..7552154e5 --- /dev/null +++ b/extlib/libomb/xrds_mapper.php @@ -0,0 +1,33 @@ +writeXRDS. + * + * PHP version 5 + * + * LICENSE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ + +interface OMB_XRDS_Mapper { + public function getURL($action); +} +?> diff --git a/extlib/libomb/xrds_writer.php b/extlib/libomb/xrds_writer.php new file mode 100755 index 000000000..31b451b9c --- /dev/null +++ b/extlib/libomb/xrds_writer.php @@ -0,0 +1,33 @@ +writeXRDS. + * + * PHP version 5 + * + * LICENSE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + * @package OMB + * @author Adrian Lang + * @copyright 2009 Adrian Lang + * @license http://www.gnu.org/licenses/agpl.html GNU AGPL 3.0 + **/ + +interface OMB_XRDS_Writer { + public function writeXRDS($user, $mapper); +} +?> diff --git a/lib/oauthstore.php b/lib/oauthstore.php index f224c6c22..87d8cf213 100644 --- a/lib/oauthstore.php +++ b/lib/oauthstore.php @@ -17,15 +17,16 @@ * along with this program. If not, see . */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/omb.php'); +require_once 'libomb/datastore.php'; -class LaconicaOAuthDataStore extends OAuthDataStore +class LaconicaDataStore extends OMB_Datastore { // We keep a record of who's contacted us - function lookup_consumer($consumer_key) { $con = Consumer::staticGet('consumer_key', $consumer_key); @@ -44,7 +45,9 @@ class LaconicaOAuthDataStore extends OAuthDataStore function lookup_token($consumer, $token_type, $token_key) { $t = new Token(); - $t->consumer_key = $consumer->key; + if (!is_null($consumer)) { + $t->consumer_key = $consumer->key; + } $t->tok = $token_key; $t->type = ($token_type == 'access') ? 1 : 0; if ($t->find(true)) { @@ -154,4 +157,348 @@ class LaconicaOAuthDataStore extends OAuthDataStore { return $this->new_access_token($consumer); } + + + /** + * Revoke specified OAuth token + * + * Revokes the authorization token specified by $token_key. + * Throws exceptions in case of error. + * + * @param string $token_key The token to be revoked + * + * @access public + **/ + public function revoke_token($token_key) { + $rt = new Token(); + $rt->tok = $token_key; + $rt->type = 0; + $rt->state = 0; + if (!$rt->find(true)) { + throw new Exception('Tried to revoke unknown token'); + } + if (!$rt->delete()) { + throw new Exception('Failed to delete revoked token'); + } + } + + /** + * Authorize specified OAuth token + * + * Authorizes the authorization token specified by $token_key. + * Throws exceptions in case of error. + * + * @param string $token_key The token to be authorized + * + * @access public + **/ + public function authorize_token($token_key) { + $rt = new Token(); + $rt->tok = $token_key; + $rt->type = 0; + $rt->state = 0; + if (!$rt->find(true)) { + throw new Exception('Tried to authorize unknown token'); + } + $orig_rt = clone($rt); + $rt->state = 1; # Authorized but not used + if (!$rt->update($orig_rt)) { + throw new Exception('Failed to authorize token'); + } + } + + /** + * Get profile by identifying URI + * + * Returns an OMB_Profile object representing the OMB profile identified by + * $identifier_uri. + * Returns null if there is no such OMB profile. + * Throws exceptions in case of other error. + * + * @param string $identifier_uri The OMB identifier URI specifying the + * requested profile + * + * @access public + * + * @return OMB_Profile The corresponding profile + **/ + public function getProfile($identifier_uri) { + /* getProfile is only used for remote profiles by libomb. + TODO: Make it work with local ones anyway. */ + $remote = Remote_profile::staticGet('uri', $identifier_uri); + if (!$remote) throw new Exception('No such remote profile'); + $profile = Profile::staticGet('id', $remote->id); + if (!$profile) throw new Exception('No profile for remote user'); + + require_once INSTALLDIR.'/lib/omb.php'; + return profile_to_omb_profile($identifier_uri, $profile); + } + + /** + * Save passed profile + * + * Stores the OMB profile $profile. Overwrites an existing entry. + * Throws exceptions in case of error. + * + * @param OMB_Profile $profile The OMB profile which should be saved + * + * @access public + **/ + public function saveProfile($omb_profile) { + if (common_profile_url($omb_profile->getNickname()) == + $omb_profile->getProfileURL()) { + throw new Exception('Not implemented'); + } else { + $remote = Remote_profile::staticGet('uri', $omb_profile->getIdentifierURI()); + + if ($remote) { + $exists = true; + $profile = Profile::staticGet($remote->id); + $orig_remote = clone($remote); + $orig_profile = clone($profile); + # XXX: compare current postNotice and updateProfile URLs to the ones + # stored in the DB to avoid (possibly...) above attack + } else { + $exists = false; + $remote = new Remote_profile(); + $remote->uri = $omb_profile->getIdentifierURI(); + $profile = new Profile(); + } + + $profile->nickname = $omb_profile->getNickname(); + $profile->profileurl = $omb_profile->getProfileURL(); + + $fullname = $omb_profile->getFullname(); + $profile->fullname = is_null($fullname) ? '' : $fullname; + $homepage = $omb_profile->getHomepage(); + $profile->homepage = is_null($homepage) ? '' : $homepage; + $bio = $omb_profile->getBio(); + $profile->bio = is_null($bio) ? '' : $bio; + $location = $omb_profile->getLocation(); + $profile->location = is_null($location) ? '' : $location; + + if ($exists) { + $profile->update($orig_profile); + } else { + $profile->created = DB_DataObject_Cast::dateTime(); # current time + $id = $profile->insert(); + if (!$id) { + throw new Exception(_('Error inserting new profile')); + } + $remote->id = $id; + } + + $avatar_url = $omb_profile->getAvatarURL(); + if ($avatar_url) { + if (!$this->add_avatar($profile, $avatar_url)) { + throw new Exception(_('Error inserting avatar')); + } + } else { + $avatar = $profile->getOriginalAvatar(); + if($avatar) $avatar->delete(); + $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); + if($avatar) $avatar->delete(); + $avatar = $profile->getAvatar(AVATAR_STREAM_SIZE); + if($avatar) $avatar->delete(); + $avatar = $profile->getAvatar(AVATAR_MINI_SIZE); + if($avatar) $avatar->delete(); + } + + if ($exists) { + if (!$remote->update($orig_remote)) { + throw new Exception(_('Error updating remote profile')); + } + } else { + $remote->created = DB_DataObject_Cast::dateTime(); # current time + if (!$remote->insert()) { + throw new Exception(_('Error inserting remote profile')); + } + } + } + } + + function add_avatar($profile, $url) + { + $temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar'); + copy($url, $temp_filename); + $imagefile = new ImageFile($profile->id, $temp_filename); + $filename = Avatar::filename($profile->id, + image_type_to_extension($imagefile->type), + null, + common_timestamp()); + rename($temp_filename, Avatar::path($filename)); + return $profile->setOriginal($filename); + } + + /** + * Save passed notice + * + * Stores the OMB notice $notice. The datastore may change the passed notice. + * This might by neccessary for URIs depending on a database key. Note that + * it is the user’s duty to present a mechanism for his OMB_Datastore to + * appropriately change his OMB_Notice. + * Throws exceptions in case of error. + * + * @param OMB_Notice $notice The OMB notice which should be saved + * + * @access public + **/ + public function saveNotice(&$omb_notice) { + if (Notice::staticGet('uri', $omb_notice->getIdentifierURI())) { + throw new Exception(_('Duplicate notice')); + } + $author_uri = $omb_notice->getAuthor()->getIdentifierURI(); + common_log(LOG_DEBUG, $author_uri, __FILE__); + $author = Remote_profile::staticGet('uri', $author_uri); + if (!$author) { + $author = User::staticGet('uri', $author_uri); + } + if (!$author) { + throw new Exception('No such user'); + } + + common_log(LOG_DEBUG, print_r($author, true), __FILE__); + + $notice = Notice::saveNew($author->id, + $omb_notice->getContent(), + 'omb', + false, + null, + $omb_notice->getIdentifierURI()); + if (is_string($notice)) { + throw new Exception($notice); + } + common_broadcast_notice($notice, true); + } + + /** + * Get subscriptions of a given profile + * + * Returns an array containing subscription informations for the specified + * profile. Every array entry should in turn be an array with keys + * 'uri´: The identifier URI of the subscriber + * 'token´: The subscribe token + * 'secret´: The secret token + * Throws exceptions in case of error. + * + * @param string $subscribed_user_uri The OMB identifier URI specifying the + * subscribed profile + * + * @access public + * + * @return mixed An array containing the subscriptions or 0 if no + * subscription has been found. + **/ + public function getSubscriptions($subscribed_user_uri) { + $sub = new Subscription(); + + $user = $this->_getAnyProfile($subscribed_user_uri); + + $sub->subscribed = $user->id; + + if (!$sub->find(true)) { + return 0; + } + + /* Since we do not use OMB_Service_Provider’s action methods, there + is no need to actually return the subscriptions. */ + return 1; + } + + private function _getAnyProfile($uri) + { + $user = Remote_profile::staticGet('uri', $uri); + if (!$user) { + $user = User::staticGet('uri', $uri); + } + if (!$user) { + throw new Exception('No such user'); + } + return $user; + } + + /** + * Delete a subscription + * + * Deletes the subscription from $subscriber_uri to $subscribed_user_uri. + * Throws exceptions in case of error. + * + * @param string $subscriber_uri The OMB identifier URI specifying the + * subscribing profile + * + * @param string $subscribed_user_uri The OMB identifier URI specifying the + * subscribed profile + * + * @access public + **/ + public function deleteSubscription($subscriber_uri, $subscribed_user_uri) + { + $sub = new Subscription(); + + $subscribed = $this->_getAnyProfile($subscribed_user_uri); + $subscriber = $this->_getAnyProfile($subscriber_uri); + + $sub->subscribed = $subscribed->id; + $sub->subscriber = $subscriber->id; + + $sub->delete(); + } + + /** + * Save a subscription + * + * Saves the subscription from $subscriber_uri to $subscribed_user_uri. + * Throws exceptions in case of error. + * + * @param string $subscriber_uri The OMB identifier URI specifying + * the subscribing profile + * + * @param string $subscribed_user_uri The OMB identifier URI specifying + * the subscribed profile + * @param OAuthToken $token The access token + * + * @access public + **/ + public function saveSubscription($subscriber_uri, $subscribed_user_uri, + $token) + { + $sub = new Subscription(); + + $subscribed = $this->_getAnyProfile($subscribed_user_uri); + $subscriber = $this->_getAnyProfile($subscriber_uri); + + $sub->subscribed = $subscribed->id; + $sub->subscriber = $subscriber->id; + + $sub_exists = $sub->find(true); + + if ($sub_exists) { + $orig_sub = clone($sub); + } else { + $sub->created = DB_DataObject_Cast::dateTime(); + } + + $sub->token = $token->key; + $sub->secret = $token->secret; + + if ($sub_exists) { + $result = $sub->update($orig_sub); + } else { + $result = $sub->insert(); + } + + if (!$result) { + common_log_db_error($sub, ($sub_exists) ? 'UPDATE' : 'INSERT', __FILE__); + throw new Exception(_('Couldn\'t insert new subscription.')); + return; + } + + /* Notify user, if necessary. */ + + if ($subscribed instanceof User) { + mail_subscribe_notify_profile($subscribed, + Profile::staticGet($subscriber->id)); + } + } } +?> diff --git a/lib/omb.php b/lib/omb.php index 4f6a96095..b9d0eef64 100644 --- a/lib/omb.php +++ b/lib/omb.php @@ -17,36 +17,22 @@ * along with this program. If not, see . */ -if (!defined('LACONICA')) { exit(1); } - -require_once('OAuth.php'); -require_once(INSTALLDIR.'/lib/oauthstore.php'); - -require_once(INSTALLDIR.'/classes/Consumer.php'); -require_once(INSTALLDIR.'/classes/Nonce.php'); -require_once(INSTALLDIR.'/classes/Token.php'); - -require_once('Auth/Yadis/Yadis.php'); - -define('OAUTH_NAMESPACE', 'http://oauth.net/core/1.0/'); -define('OMB_NAMESPACE', 'http://openmicroblogging.org/protocol/0.1'); -define('OMB_VERSION_01', 'http://openmicroblogging.org/protocol/0.1'); -define('OAUTH_DISCOVERY', 'http://oauth.net/discovery/1.0'); +if (!defined('LACONICA')) { + exit(1); +} -define('OMB_ENDPOINT_UPDATEPROFILE', OMB_NAMESPACE.'/updateProfile'); -define('OMB_ENDPOINT_POSTNOTICE', OMB_NAMESPACE.'/postNotice'); -define('OAUTH_ENDPOINT_REQUEST', OAUTH_NAMESPACE.'endpoint/request'); -define('OAUTH_ENDPOINT_AUTHORIZE', OAUTH_NAMESPACE.'endpoint/authorize'); -define('OAUTH_ENDPOINT_ACCESS', OAUTH_NAMESPACE.'endpoint/access'); -define('OAUTH_ENDPOINT_RESOURCE', OAUTH_NAMESPACE.'endpoint/resource'); -define('OAUTH_AUTH_HEADER', OAUTH_NAMESPACE.'parameters/auth-header'); -define('OAUTH_POST_BODY', OAUTH_NAMESPACE.'parameters/post-body'); -define('OAUTH_HMAC_SHA1', OAUTH_NAMESPACE.'signature/HMAC-SHA1'); +require_once INSTALLDIR.'/lib/oauthstore.php'; +require_once 'OAuth.php'; +require_once 'libomb/constants.php'; +require_once 'libomb/service_consumer.php'; +require_once 'libomb/notice.php'; +require_once 'libomb/profile.php'; +require_once 'Auth/Yadis/Yadis.php'; function omb_oauth_consumer() { static $con = null; - if (!$con) { + if (is_null($con)) { $con = new OAuthConsumer(common_root_url(), ''); } return $con; @@ -55,7 +41,7 @@ function omb_oauth_consumer() function omb_oauth_server() { static $server = null; - if (!$server) { + if (is_null($server)) { $server = new OAuthServer(omb_oauth_datastore()); $server->add_signature_method(omb_hmac_sha1()); } @@ -65,8 +51,8 @@ function omb_oauth_server() function omb_oauth_datastore() { static $store = null; - if (!$store) { - $store = new LaconicaOAuthDataStore(); + if (is_null($store)) { + $store = new LaconicaDataStore(); } return $store; } @@ -74,57 +60,18 @@ function omb_oauth_datastore() function omb_hmac_sha1() { static $hmac_method = null; - if (!$hmac_method) { + if (is_null($hmac_method)) { $hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); } return $hmac_method; } -function omb_get_services($xrd, $type) +function omb_broadcast_notice($notice) { - return $xrd->services(array(omb_service_filter($type))); -} -function omb_service_filter($type) -{ - return create_function('$s', - 'return omb_match_service($s, \''.$type.'\');'); -} + $omb_notice = notice_to_omb_notice($notice); -function omb_match_service($service, $type) -{ - return in_array($type, $service->getTypes()); -} - -function omb_service_uri($service) -{ - if (!$service) { - return null; - } - $uris = $service->getURIs(); - if (!$uris) { - return null; - } - return $uris[0]; -} - -function omb_local_id($service) -{ - if (!$service) { - return null; - } - $els = $service->getElements('xrd:LocalID'); - if (!$els) { - return null; - } - $el = $els[0]; - return $service->parser->content($el); -} - -function omb_broadcast_remote_subscribers($notice) -{ - - # First, get remote users subscribed to this profile + /* Get remote users subscribed to this profile. */ $rp = new Remote_profile(); $rp->query('SELECT postnoticeurl, token, secret ' . @@ -135,170 +82,148 @@ function omb_broadcast_remote_subscribers($notice) $posted = array(); while ($rp->fetch()) { - if (!$posted[$rp->postnoticeurl]) { - common_log(LOG_DEBUG, 'Posting to ' . $rp->postnoticeurl); - if (omb_post_notice_keys($notice, $rp->postnoticeurl, $rp->token, $rp->secret)) { - common_log(LOG_DEBUG, 'Finished to ' . $rp->postnoticeurl); - $posted[$rp->postnoticeurl] = true; - } else { - common_log(LOG_DEBUG, 'Failed posting to ' . $rp->postnoticeurl); - } + if (isset($posted[$rp->postnoticeurl])) { + /* We already posted to this url. */ + continue; } - } - - $rp->free(); - unset($rp); + common_debug('Posting to ' . $rp->postnoticeurl, __FILE__); + + /* Post notice. */ + $service = new Laconica_OMB_Service_Consumer( + array(OMB_ENDPOINT_POSTNOTICE => $rp->postnoticeurl)); + try { + $service->setToken($rp->token, $rp->secret); + $service->postNotice($omb_notice); + } catch (Exception $e) { + common_log(LOG_ERR, 'Failed posting to ' . $rp->postnoticeurl); + common_log(LOG_ERR, 'Error status '.$e); + continue; + } + $posted[$rp->postnoticeurl] = true; - return true; -} + common_debug('Finished to ' . $rp->postnoticeurl, __FILE__); + } -function omb_post_notice($notice, $remote_profile, $subscription) -{ - return omb_post_notice_keys($notice, $remote_profile->postnoticeurl, $subscription->token, $subscription->secret); + return; } -function omb_post_notice_keys($notice, $postnoticeurl, $tk, $secret) +function omb_broadcast_profile($profile) { - $user = User::staticGet('id', $notice->profile_id); + $user = User::staticGet('id', $profile->id); if (!$user) { return false; } - $con = omb_oauth_consumer(); - - $token = new OAuthToken($tk, $secret); - - $url = $postnoticeurl; - $parsed = parse_url($url); - $params = array(); - parse_str($parsed['query'], $params); + $profile = $user->getProfile(); - $req = OAuthRequest::from_consumer_and_token($con, $token, - 'POST', $url, $params); + $omb_profile = profile_to_omb_profile($user->uri, $profile, true); - $req->set_parameter('omb_version', OMB_VERSION_01); - $req->set_parameter('omb_listenee', $user->uri); - $req->set_parameter('omb_notice', $notice->uri); - $req->set_parameter('omb_notice_content', $notice->content); - $req->set_parameter('omb_notice_url', common_local_url('shownotice', - array('notice' => - $notice->id))); - $req->set_parameter('omb_notice_license', common_config('license', 'url')); - - $user->free(); - unset($user); + /* Get remote users subscribed to this profile. */ + $rp = new Remote_profile(); - $req->sign_request(omb_hmac_sha1(), $con, $token); + $rp->query('SELECT updateprofileurl, token, secret ' . + 'FROM subscription JOIN remote_profile ' . + 'ON subscription.subscriber = remote_profile.id ' . + 'WHERE subscription.subscribed = ' . $profile->id . ' '); - # We re-use this tool's fetcher, since it's pretty good + $posted = array(); - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); + while ($rp->fetch()) { + if (isset($posted[$rp->updateprofileurl])) { + /* We already posted to this url. */ + continue; + } + common_debug('Posting to ' . $rp->updateprofileurl, __FILE__); + + /* Update profile. */ + $service = new Laconica_OMB_Service_Consumer( + array(OMB_ENDPOINT_UPDATEPROFILE => $rp->updateprofileurl)); + try { + $service->setToken($rp->token, $rp->secret); + $service->updateProfile($omb_profile); + } catch (Exception $e) { + common_log(LOG_ERR, 'Failed posting to ' . $rp->updateprofileurl); + common_log(LOG_ERR, 'Error status '.$e); + continue; + } + $posted[$rp->updateprofileurl] = true; - if (!$fetcher) { - common_log(LOG_WARNING, 'Failed to initialize Yadis fetcher.', __FILE__); - return false; + common_debug('Finished to ' . $rp->updateprofileurl, __FILE__); } - $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata(), - array('User-Agent: Laconica/' . LACONICA_VERSION)); - - if ($result->status == 403) { # not authorized, don't send again - common_debug('403 result, deleting subscription', __FILE__); - # FIXME: figure out how to delete this - # $subscription->delete(); - return false; - } else if ($result->status != 200) { - common_debug('Error status '.$result->status, __FILE__); - return false; - } else { # success! - parse_str($result->body, $return); - if ($return['omb_version'] == OMB_VERSION_01) { - return true; - } else { - return false; - } - } + return; } -function omb_broadcast_profile($profile) -{ - # First, get remote users subscribed to this profile - # XXX: use a join here rather than looping through results - $sub = new Subscription(); - $sub->subscribed = $profile->id; - if ($sub->find()) { - $updated = array(); - while ($sub->fetch()) { - $rp = Remote_profile::staticGet('id', $sub->subscriber); - if ($rp) { - if (!array_key_exists($rp->updateprofileurl, $updated)) { - if (omb_update_profile($profile, $rp, $sub)) { - $updated[$rp->updateprofileurl] = true; - } - } - } - } +class Laconica_OMB_Service_Consumer extends OMB_Service_Consumer { + public function __construct($urls) + { + $this->services = $urls; + $this->datastore = omb_oauth_datastore(); + $this->oauth_consumer = omb_oauth_consumer(); + $this->fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); } + } -function omb_update_profile($profile, $remote_profile, $subscription) +function profile_to_omb_profile($uri, $profile, $force = false) { - $user = User::staticGet($profile->id); - $con = omb_oauth_consumer(); - $token = new OAuthToken($subscription->token, $subscription->secret); - $url = $remote_profile->updateprofileurl; - $parsed = parse_url($url); - $params = array(); - parse_str($parsed['query'], $params); - $req = OAuthRequest::from_consumer_and_token($con, $token, - "POST", $url, $params); - $req->set_parameter('omb_version', OMB_VERSION_01); - $req->set_parameter('omb_listenee', $user->uri); - $req->set_parameter('omb_listenee_profile', common_profile_url($profile->nickname)); - $req->set_parameter('omb_listenee_nickname', $profile->nickname); - - # We use blanks to force emptying any existing values in these optional fields - - $req->set_parameter('omb_listenee_fullname', - ($profile->fullname) ? $profile->fullname : ''); - $req->set_parameter('omb_listenee_homepage', - ($profile->homepage) ? $profile->homepage : ''); - $req->set_parameter('omb_listenee_bio', - ($profile->bio) ? $profile->bio : ''); - $req->set_parameter('omb_listenee_location', - ($profile->location) ? $profile->location : ''); + $omb_profile = new OMB_Profile($uri); + $omb_profile->setNickname($profile->nickname); + $omb_profile->setLicenseURL(common_config('license', 'url')); + if (!is_null($profile->fullname)) { + $omb_profile->setFullname($profile->fullname); + } elseif ($force) { + $omb_profile->setFullname(''); + } + if (!is_null($profile->homepage)) { + $omb_profile->setHomepage($profile->homepage); + } elseif ($force) { + $omb_profile->setHomepage(''); + } + if (!is_null($profile->bio)) { + $omb_profile->setBio($profile->bio); + } elseif ($force) { + $omb_profile->setBio(''); + } + if (!is_null($profile->location)) { + $omb_profile->setLocation($profile->location); + } elseif ($force) { + $omb_profile->setLocation(''); + } + if (!is_null($profile->profileurl)) { + $omb_profile->setProfileURL($profile->profileurl); + } elseif ($force) { + $omb_profile->setProfileURL(''); + } $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - $req->set_parameter('omb_listenee_avatar', - ($avatar) ? $avatar->url : ''); + if ($avatar) { + $omb_profile->setAvatarURL($avatar->url); + } elseif ($force) { + $omb_profile->setAvatarURL(''); + } + return $omb_profile; +} - $req->sign_request(omb_hmac_sha1(), $con, $token); +function notice_to_omb_notice($notice) +{ + /* Create an OMB_Notice for $notice. */ + $user = User::staticGet('id', $notice->profile_id); - # We re-use this tool's fetcher, since it's pretty good + if (!$user) { + return null; + } - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); + $profile = $user->getProfile(); - $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata(), - array('User-Agent: Laconica/' . LACONICA_VERSION)); + $omb_notice = new OMB_Notice(profile_to_omb_profile($user->uri, $profile), + $notice->uri, + $notice->content); + $omb_notice->setURL(common_local_url('shownotice', array('notice' => + $notice->id))); + $omb_notice->setLicenseURL(common_config('license', 'url')); - if (empty($result) || !$result) { - common_debug("Unable to contact " . $req->get_normalized_http_url()); - } else if ($result->status == 403) { # not authorized, don't send again - common_debug('403 result, deleting subscription', __FILE__); - $subscription->delete(); - return false; - } else if ($result->status != 200) { - common_debug('Error status '.$result->status, __FILE__); - return false; - } else { # success! - parse_str($result->body, $return); - if (isset($return['omb_version']) && $return['omb_version'] === OMB_VERSION_01) { - return true; - } else { - return false; - } - } + return $omb_notice; } +?> diff --git a/lib/unqueuemanager.php b/lib/unqueuemanager.php index 515461072..34c7188b2 100644 --- a/lib/unqueuemanager.php +++ b/lib/unqueuemanager.php @@ -39,7 +39,7 @@ class UnQueueManager case 'omb': if ($this->_isLocal($notice)) { require_once(INSTALLDIR.'/lib/omb.php'); - omb_broadcast_remote_subscribers($notice); + omb_broadcast_notice($notice); } break; case 'public': diff --git a/scripts/ombqueuehandler.php b/scripts/ombqueuehandler.php index 1587192b6..cc5263ae2 100755 --- a/scripts/ombqueuehandler.php +++ b/scripts/ombqueuehandler.php @@ -57,7 +57,7 @@ class OmbQueueHandler extends QueueHandler $this->log(LOG_DEBUG, 'Ignoring remote notice ' . $notice->id); return true; } else { - return omb_broadcast_remote_subscribers($notice); + return omb_broadcast_notice($notice); } } -- cgit v1.2.3-54-g00ecf From 70235d7f05d2ce7dda77af88518612fa005783df Mon Sep 17 00:00:00 2001 From: Adrian Lang Date: Fri, 21 Aug 2009 12:13:24 +0200 Subject: Update libomb, fix some omb handling stuff, improve error handling. --- actions/finishremotesubscribe.php | 25 +++++++++++++++-------- actions/postnotice.php | 33 ++++++++++++++++++++++++------ actions/remotesubscribe.php | 9 ++++---- actions/updateprofile.php | 22 ++++++++++++++++++++ actions/userauthorization.php | 42 +++++++++++++++++++++++--------------- extlib/libomb/datastore.php | 32 +++++++++++++++-------------- extlib/libomb/service_provider.php | 22 ++++++++++++++++---- 7 files changed, 130 insertions(+), 55 deletions(-) (limited to 'actions') diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php index 13f367823..da563cb29 100644 --- a/actions/finishremotesubscribe.php +++ b/actions/finishremotesubscribe.php @@ -76,11 +76,10 @@ class FinishremotesubscribeAction extends Action /* Create user objects for both users. Do it early for request validation. */ - $listenee = $service->getListeneeURI(); - $user = User::staticGet('uri', $listenee); + $user = User::staticGet('uri', $service->getListeneeURI()); if (!$user) { - $this->clientError(_('User being listened to doesn\'t exist.')); + $this->clientError(_('User being listened to does not exist.')); return; } @@ -91,21 +90,31 @@ class FinishremotesubscribeAction extends Action return; } + $remote = Remote_profile::staticGet('uri', $service->getListenerURI()); + + $profile = Profile::staticGet($remote->id); + + if ($user->hasBlocked($profile)) { + $this->clientError(_('That user has blocked you from subscribing.')); + return; + } + /* Perform the handling itself via libomb. */ try { - $service->finishAuthorization($listenee); + $service->finishAuthorization(); } catch (OAuthException $e) { if ($e->getMessage() == 'The authorized token does not equal the ' . 'submitted token.') { - $this->clientError(_('Not authorized.')); + $this->clientError(_('You are not authorized.')); return; } else { - $this->clientError(_('Couldn\'t convert request token to ' . + $this->clientError(_('Could not convert request token to ' . 'access token.')); return; } } catch (OMB_RemoteServiceException $e) { - $this->clientError(_('Unknown version of OMB protocol.')); + $this->clientError(_('Remote service uses unknown version of ' . + 'OMB protocol.')); return; } catch (Exception $e) { common_debug('Got exception ' . print_r($e, true), __FILE__); @@ -115,8 +124,6 @@ class FinishremotesubscribeAction extends Action /* The service URLs are not accessible from datastore, so setting them after insertion of the profile. */ - $remote = Remote_profile::staticGet('uri', $service->getListenerURI()); - $orig_remote = clone($remote); $remote->postnoticeurl = diff --git a/actions/postnotice.php b/actions/postnotice.php index 74be47119..97e887c46 100644 --- a/actions/postnotice.php +++ b/actions/postnotice.php @@ -47,12 +47,28 @@ require_once INSTALLDIR.'/extlib/libomb/service_provider.php'; */ class PostnoticeAction extends Action { + /** + * For initializing members of the class. + * + * @param array $argarray misc. arguments + * + * @return boolean true + */ + function prepare($argarray) + { + parent::prepare($argarray); + try { + $this->checkNotice(); + } catch (Exception $e) { + $this->clientError($e->getMessage()); + return false; + } + return true; + } + function handle($args) { parent::handle($args); - if (!$this->checkNotice()) { - return; - } try { $srv = new OMB_Service_Provider(null, omb_oauth_datastore(), omb_oauth_server()); @@ -67,10 +83,15 @@ class PostnoticeAction extends Action { $content = common_shorten_links($_POST['omb_notice_content']); if (mb_strlen($content) > 140) { - $this->clientError(_('Invalid notice content'), 400); - return false; + throw new Exception(_('The notice content is too long.')); + } + $license = $_POST['omb_notice_license']; + $site_license = common_config('license', 'url'); + if ($license && !common_compatible_license($license, $site_license)) { + throw new Exception(sprintf(_('Notice license ‘%s’ is not ' . + 'compatible with site license ‘%s’.'), + $license, $site_license)); } - return true; } } ?> diff --git a/actions/remotesubscribe.php b/actions/remotesubscribe.php index 5122c1172..353717beb 100644 --- a/actions/remotesubscribe.php +++ b/actions/remotesubscribe.php @@ -153,12 +153,11 @@ class RemotesubscribeAction extends Action $this->profile_url = $this->trimmed('profile_url'); if (!$this->profile_url) { - $this->showForm(_('No such user.')); + $this->showForm(_('No such user')); return; } - if (!Validate::uri($this->profile_url, - array('allowed_schemes' => array('http', 'https')))) { + if (!common_valid_http_url($this->profile_url)) { $this->showForm(_('Invalid profile URL (bad format)')); return; } @@ -176,14 +175,14 @@ class RemotesubscribeAction extends Action if ($service->getServiceURI(OAUTH_ENDPOINT_REQUEST) == common_local_url('requesttoken') || User::staticGet('uri', $service->getRemoteUserURI())) { - $this->showForm(_('That\'s a local profile! Login to subscribe.')); + $this->showForm(_('That’s a local profile! Login to subscribe.')); return; } try { $service->requestToken(); } catch (OMB_RemoteServiceException $e) { - $this->showForm(_('Couldn\'t get a request token.')); + $this->showForm(_('Couldn’t get a request token.')); return; } diff --git a/actions/updateprofile.php b/actions/updateprofile.php index 345c28b8d..b10554e8b 100644 --- a/actions/updateprofile.php +++ b/actions/updateprofile.php @@ -48,9 +48,31 @@ require_once INSTALLDIR.'/extlib/libomb/service_provider.php'; class UpdateprofileAction extends Action { + /** + * For initializing members of the class. + * + * @param array $argarray misc. arguments + * + * @return boolean true + */ + function prepare($argarray) + { + parent::prepare($argarray); + $license = $_POST['omb_listenee_license']; + $site_license = common_config('license', 'url'); + if (!common_compatible_license($license, $site_license)) { + $this->clientError(sprintf(_('Listenee stream license ‘%s’ is not '. + 'compatible with site license ‘%s’.'), + $license, $site_license); + return false; + } + return true; + } + function handle($args) { parent::handle($args); + try { $srv = new OMB_Service_Provider(null, omb_oauth_datastore(), omb_oauth_server()); diff --git a/actions/userauthorization.php b/actions/userauthorization.php index d5b6a6998..54e0ee920 100644 --- a/actions/userauthorization.php +++ b/actions/userauthorization.php @@ -80,7 +80,7 @@ class UserauthorizationAction extends Action try { $this->validateOmb(); $srv = new OMB_Service_Provider( - profile_to_omb_profile($_GET['omb_listener'], $profile), + profile_to_omb_profile($user->uri, $profile), omb_oauth_datastore()); $remote_user = $srv->handleUserAuth(); @@ -111,8 +111,8 @@ class UserauthorizationAction extends Action { $this->element('p', null, _('Please check these details to make sure '. 'that you want to subscribe to this ' . - 'user\'s notices. If you didn\'t just ask ' . - 'to subscribe to someone\'s notices, '. + 'user’s notices. If you didn’t just ask ' . + 'to subscribe to someone’s notices, '. 'click “Reject”.')); } @@ -249,7 +249,7 @@ class UserauthorizationAction extends Action common_show_header(_('Subscription authorized')); $this->element('p', null, _('The subscription has been authorized, but no '. - 'callback URL was passed. Check with the site\'s ' . + 'callback URL was passed. Check with the site’s ' . 'instructions for details on how to authorize the ' . 'subscription. Your subscription token is:')); $this->element('blockquote', 'token', $tok); @@ -261,7 +261,7 @@ class UserauthorizationAction extends Action common_show_header(_('Subscription rejected')); $this->element('p', null, _('The subscription has been rejected, but no '. - 'callback URL was passed. Check with the site\'s ' . + 'callback URL was passed. Check with the site’s ' . 'instructions for details on how to fully reject ' . 'the subscription.')); common_show_footer(); @@ -295,16 +295,19 @@ class UserauthorizationAction extends Action $user = User::staticGet('uri', $listener); if (!$user) { - throw new Exception("Listener URI '$listener' not found here"); + throw new Exception(sprintf(_('Listener URI ‘%s’ not found here'), + $listener)); } - $cur = common_current_user(); - if ($cur->id != $user->id) { - throw new Exception('Can\'t subscribe for another user!'); + + if (strlen($listenee) > 255) { + throw new Exception(sprintf(_('Listenee URI ‘%s’ is too long.'), + $listenee)); } $other = User::staticGet('uri', $listenee); if ($other) { - throw new Exception("Listenee URI '$listenee' is local user"); + throw new Exception(sprintf(_('Listenee URI ‘%s’ is a local user.'), + $listenee)); } $remote = Remote_profile::staticGet('uri', $listenee); @@ -318,27 +321,34 @@ class UserauthorizationAction extends Action } if ($profile == common_profile_url($nickname)) { - throw new Exception("Profile URL '$profile' is for a local user."); + throw new Exception(sprintf(_('Profile URL ‘%s’ is for a local user.'), + $profile)); + } $license = $_GET['omb_listenee_license']; $site_license = common_config('license', 'url'); if (!common_compatible_license($license, $site_license)) { - throw new Exception("Listenee stream license '$license' is not " . - "compatible with site license '$site_license'."); + throw new Exception(sprintf(_('Listenee stream license ‘%s’ is not ' . + 'compatible with site license ‘%s’.'), + $license, $site_license)); } + $avatar = $_GET['omb_listenee_avatar']; if ($avatar) { if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { - throw new Exception("Invalid avatar URL '$avatar'"); + throw new Exception(sprintf(_('Avatar URL ‘%s’ is not valid.'), + $avatar)); } $size = @getimagesize($avatar); if (!$size) { - throw new Exception("Can't read avatar URL '$avatar'."); + throw new Exception(sprintf(_('Can’t read avatar URL ‘%s’.'), + $avatar)); } if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG))) { - throw new Exception("Wrong image type for '$avatar'"); + throw new Exception(sprintf(_('Wrong image type for avatar URL '. + '‘%s’.'), $avatar)); } } } diff --git a/extlib/libomb/datastore.php b/extlib/libomb/datastore.php index ac51a4ab8..ab52de547 100755 --- a/extlib/libomb/datastore.php +++ b/extlib/libomb/datastore.php @@ -5,26 +5,28 @@ require_once 'OAuth.php'; /** * Data access interface * - * This interface specifies data access methods libomb needs. It - * should be implemented by libomb users. - * OMB_Datastore is libomb’s main interface to the application’s data. + * This interface specifies data access methods libomb needs. It should be + * implemented by libomb users. OMB_Datastore is libomb’s main interface to the + * application’s data. Objects corresponding to this interface are used in + * OMB_Service_Provider and OMB_Service_Consumer. + * + * Note that it’s implemented as a class since OAuthDataStore is as well a + * class, though only declaring methods. + * + * OMB_Datastore extends OAuthDataStore with two OAuth-related methods for token + * revoking and authorizing and all OMB-related methods. + * Refer to OAuth.php for a complete specification of OAuth-related methods. * * It is the user’s duty to signal and handle errors. libomb does not check * return values nor handle exceptions. It is suggested to use exceptions. * Note that lookup_token and getProfile return null if the requested object * is not available. This is NOT an error and should not raise an exception. * Same applies for lookup_nonce which returns a boolean value. These methods - * may nevertheless throw an exception, for example in case of a storage error. + * may nevertheless throw an exception, for example in case of a storage errors. * - * Objects corresponding to this interface are used in OMB_Service_Provider and - * OMB_Service_Consumer. - * - * OMB_Datastore extends OAuthDataStore with two OAuth-related methods for token - * revoking and authorizing and all OMB-related methods. - * Refer to OAuth.php for a complete specification of OAuth-related methods. - * - * Note that it’s implemented as a class since OAuthDataStore is as well a - * class, though only declaring methods. + * Most of the parameters passed to these methods are unescaped and unverified + * user input. Therefore they should be handled with extra care to avoid + * security problems like SQL injections. * * PHP version 5 * @@ -59,7 +61,7 @@ class OMB_Datastore extends OAuthDataStore { * Revokes the authorization token specified by $token_key. * Throws exceptions in case of error. * - * @param string $token_key The token to be revoked + * @param string $token_key The key of the token to be revoked * * @access public **/ @@ -73,7 +75,7 @@ class OMB_Datastore extends OAuthDataStore { * Authorizes the authorization token specified by $token_key. * Throws exceptions in case of error. * - * @param string $token_key The token to be authorized + * @param string $token_key The key of the token to be authorized * * @access public **/ diff --git a/extlib/libomb/service_provider.php b/extlib/libomb/service_provider.php index b3ad53753..753152713 100755 --- a/extlib/libomb/service_provider.php +++ b/extlib/libomb/service_provider.php @@ -111,6 +111,12 @@ class OMB_Service_Provider { * Throws exceptions on failures. Returns an OMB_Profile object representing * the remote user. * + * The OMB_Profile passed to the constructor of OMB_Service_Provider should + * not represent the user specified in the authorization request, but the one + * currently logged in to the service. This condition being satisfied, + * handleUserAuth will check whether the listener specified in the request is + * identical to the logged in user. + * * @access public * * @return OMB_Profile The profile of the soon-to-be subscribed, i. e. remote @@ -150,6 +156,10 @@ class OMB_Service_Provider { /* Store given callback for later use. */ if (isset($_GET['oauth_callback']) && $_GET['oauth_callback'] !== '') { $this->callback = $_GET['oauth_callback']; + if (!OMB_Helper::validateURL($this->callback)) { + throw OMB_RemoteServiceException::forRequest(OAUTH_ENDPOINT_AUTHORIZE, + 'Invalid callback URL specified'); + } } $this->remote_user = OMB_Profile::fromParameters($_GET, 'omb_listenee'); @@ -205,13 +215,16 @@ class OMB_Service_Provider { /** * Echo an access token * - * Outputs an access token for the query found in $_GET or $_POST. + * Outputs an access token for the query found in $_POST. OMB 0.1 specifies + * that the access token request has to be a POST even if OAuth allows GET as + * well. * * @access public **/ public function writeAccessToken() { OMB_Helper::removeMagicQuotesFromRequest(); - echo $this->getOAuthServer()->fetch_access_token(OAuthRequest::from_request()); + echo $this->getOAuthServer()->fetch_access_token( + OAuthRequest::from_request('POST')); } /** @@ -235,7 +248,8 @@ class OMB_Service_Provider { /** * Handle a postnotice request * - * Handles a postnotice request posted to this service. + * Handles a postnotice request posted to this service. Saves the notice + * through the OMB_Datastore. * * @access public * @@ -264,7 +278,7 @@ class OMB_Service_Provider { protected function handleOMBRequest($uri) { OMB_Helper::removeMagicQuotesFromRequest(); - $req = OAuthRequest::from_request(); + $req = OAuthRequest::from_request('POST'); $listenee = $req->get_parameter('omb_listenee'); try { -- cgit v1.2.3-54-g00ecf From cd688acceb131312e10a219700ba21d4a3566695 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 21 Aug 2009 06:13:41 -0400 Subject: allow configurable length for user group description --- actions/editgroup.php | 4 ++-- actions/newgroup.php | 4 ++-- classes/User_group.php | 15 +++++++++++++++ 3 files changed, 19 insertions(+), 4 deletions(-) (limited to 'actions') diff --git a/actions/editgroup.php b/actions/editgroup.php index 6aa6f8b11..aeeea2b63 100644 --- a/actions/editgroup.php +++ b/actions/editgroup.php @@ -196,8 +196,8 @@ class EditgroupAction extends GroupDesignAction } else if (!is_null($fullname) && mb_strlen($fullname) > 255) { $this->showForm(_('Full name is too long (max 255 chars).')); return; - } else if (!is_null($description) && mb_strlen($description) > 140) { - $this->showForm(_('description is too long (max 140 chars).')); + } else if (User_group::descriptionTooLong($description)) { + $this->showForm(sprintf(_('description is too long (max %d chars).'), User_group::maxDescription())); return; } else if (!is_null($location) && mb_strlen($location) > 255) { $this->showForm(_('Location is too long (max 255 chars).')); diff --git a/actions/newgroup.php b/actions/newgroup.php index 0289e77c2..71647d834 100644 --- a/actions/newgroup.php +++ b/actions/newgroup.php @@ -146,8 +146,8 @@ class NewgroupAction extends Action } else if (!is_null($fullname) && mb_strlen($fullname) > 255) { $this->showForm(_('Full name is too long (max 255 chars).')); return; - } else if (!is_null($description) && mb_strlen($description) > 140) { - $this->showForm(_('description is too long (max 140 chars).')); + } else if (User_group::descriptionTooLong($description)) { + $this->showForm(sprintf(_('description is too long (max %d chars).'), User_group::maxDescription())); return; } else if (!is_null($location) && mb_strlen($location) > 255) { $this->showForm(_('Location is too long (max 255 chars).')); diff --git a/classes/User_group.php b/classes/User_group.php index 7b0daad94..38e0058c1 100644 --- a/classes/User_group.php +++ b/classes/User_group.php @@ -297,4 +297,19 @@ class User_group extends Memcached_DataObject return $ids; } + + static function maxDescription() + { + $desclimit = common_config('group', 'desclimit'); + if (empty($desclimit)) { + $desclimit = common_config('site', 'textlimit'); + } + return $desclimit; + } + + static function descriptionTooLong($desc) + { + $desclimit = self::maxDescription(); + return (!empty($desclimit) && !empty($desc) && (mb_strlen($desc) > $desclimit)); + } } -- cgit v1.2.3-54-g00ecf From de5382d4caaf0b388a4de0243cde9a783a43a541 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 21 Aug 2009 07:23:27 -0400 Subject: message input form correctly shows and check max length --- actions/newmessage.php | 7 ++++--- lib/messageform.php | 17 ++++++++++++----- 2 files changed, 16 insertions(+), 8 deletions(-) (limited to 'actions') diff --git a/actions/newmessage.php b/actions/newmessage.php index 52d4899ba..cd26e1640 100644 --- a/actions/newmessage.php +++ b/actions/newmessage.php @@ -144,9 +144,10 @@ class NewmessageAction extends Action } else { $content_shortened = common_shorten_links($this->content); - if (mb_strlen($content_shortened) > 140) { - $this->showForm(_('That\'s too long. ' . - 'Max message size is 140 chars.')); + if (Message::contentTooLong($content_shortened)) { + $this->showForm(sprintf(_('That\'s too long. ' . + 'Max message size is %d chars.'), + Message::maxContent())); return; } } diff --git a/lib/messageform.php b/lib/messageform.php index 8ea2b36c2..044fdc719 100644 --- a/lib/messageform.php +++ b/lib/messageform.php @@ -140,12 +140,19 @@ class MessageForm extends Form 'rows' => 4, 'name' => 'content'), ($this->content) ? $this->content : ''); - $this->out->elementStart('dl', 'form_note'); - $this->out->element('dt', null, _('Available characters')); - $this->out->element('dd', array('id' => 'notice_text-count'), - '140'); - $this->out->elementEnd('dl'); + $contentLimit = Message::maxContent(); + + $this->out->element('script', array('type' => 'text/javascript'), + 'maxLength = ' . $contentLimit . ';'); + + if ($contentLimit > 0) { + $this->out->elementStart('dl', 'form_note'); + $this->out->element('dt', null, _('Available characters')); + $this->out->element('dd', array('id' => 'notice_text-count'), + $contentLimit); + $this->out->elementEnd('dl'); + } } /** -- cgit v1.2.3-54-g00ecf From 2b2541e4b4eae5dcdfc6c921e12ad8974b31f125 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 21 Aug 2009 07:32:08 -0400 Subject: API for direct messages correctly checks length --- actions/twitapidirect_messages.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'actions') diff --git a/actions/twitapidirect_messages.php b/actions/twitapidirect_messages.php index bd27e9d20..aac7d63b1 100644 --- a/actions/twitapidirect_messages.php +++ b/actions/twitapidirect_messages.php @@ -141,9 +141,10 @@ class Twitapidirect_messagesAction extends TwitterapiAction $code = 406, $apidata['content-type']); } else { $content_shortened = common_shorten_links($content); - if (mb_strlen($content_shortened) > 140) { - $this->clientError(_('That\'s too long. Max message size is 140 chars.'), - $code = 406, $apidata['content-type']); + if (Message::contentTooLong($content_shortened)) { + $this->clientError(sprintf(_('That\'s too long. Max message size is %d chars.'), + Message::maxContent()), + $code = 406, $apidata['content-type']); return; } } -- cgit v1.2.3-54-g00ecf From d51d83434da53c0f30416e9b17cd25d61f554a68 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 21 Aug 2009 07:48:30 -0400 Subject: check and show max bio length in profilesettings --- actions/profilesettings.php | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) (limited to 'actions') diff --git a/actions/profilesettings.php b/actions/profilesettings.php index fb847680b..961e15ae7 100644 --- a/actions/profilesettings.php +++ b/actions/profilesettings.php @@ -109,9 +109,16 @@ class ProfilesettingsAction extends AccountSettingsAction _('URL of your homepage, blog, or profile on another site')); $this->elementEnd('li'); $this->elementStart('li'); + $maxBio = Profile::maxBio(); + if ($maxBio > 0) { + $bioInstr = sprintf(_('Describe yourself and your interests in %d chars'), + $maxBio); + } else { + $bioInstr = _('Describe yourself and your interests'); + } $this->textarea('bio', _('Bio'), ($this->arg('bio')) ? $this->arg('bio') : $profile->bio, - _('Describe yourself and your interests in 140 chars')); + $bioInstr); $this->elementEnd('li'); $this->elementStart('li'); $this->input('location', _('Location'), @@ -202,8 +209,9 @@ class ProfilesettingsAction extends AccountSettingsAction } else if (!is_null($fullname) && mb_strlen($fullname) > 255) { $this->showForm(_('Full name is too long (max 255 chars).')); return; - } else if (!is_null($bio) && mb_strlen($bio) > 140) { - $this->showForm(_('Bio is too long (max 140 chars).')); + } else if (Profile::bioTooLong($bio)) { + $this->showForm(sprintf(_('Bio is too long (max %d chars).'), + Profile::maxBio())); return; } else if (!is_null($location) && mb_strlen($location) > 255) { $this->showForm(_('Location is too long (max 255 chars).')); -- cgit v1.2.3-54-g00ecf From 2b30d7fffb4deeee7d5391585692d76c59cd2ba9 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 21 Aug 2009 08:03:40 -0400 Subject: register checks Profile bio length correctly --- actions/register.php | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'actions') diff --git a/actions/register.php b/actions/register.php index dcbbbdb6a..ab04f18d5 100644 --- a/actions/register.php +++ b/actions/register.php @@ -207,8 +207,9 @@ class RegisterAction extends Action } else if (!is_null($fullname) && mb_strlen($fullname) > 255) { $this->showForm(_('Full name is too long (max 255 chars).')); return; - } else if (!is_null($bio) && mb_strlen($bio) > 140) { - $this->showForm(_('Bio is too long (max 140 chars).')); + } else if (Profile::bioTooLong($bio)) { + $this->showForm(sprintf(_('Bio is too long (max %d chars).'), + Profile::maxBio())); return; } else if (!is_null($location) && mb_strlen($location) > 255) { $this->showForm(_('Location is too long (max 255 chars).')); @@ -445,10 +446,16 @@ class RegisterAction extends Action 'or profile on another site')); $this->elementEnd('li'); $this->elementStart('li'); + $maxBio = Profile::maxBio(); + if ($maxBio > 0) { + $bioInstr = sprintf(_('Describe yourself and your interests in %d chars'), + $maxBio); + } else { + $bioInstr = _('Describe yourself and your interests'); + } $this->textarea('bio', _('Bio'), $this->trimmed('bio'), - _('Describe yourself and your '. - 'interests in 140 chars')); + $bioInstr); $this->elementEnd('li'); $this->elementStart('li'); $this->input('location', _('Location'), -- cgit v1.2.3-54-g00ecf From 3eeb9deffbac17e49abe2789cd1578726a2bce97 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 21 Aug 2009 08:13:17 -0400 Subject: Web UI for notices correctly shows and checks max content length --- actions/newnotice.php | 12 +++++++----- lib/noticeform.php | 23 +++++++++++++++-------- 2 files changed, 22 insertions(+), 13 deletions(-) (limited to 'actions') diff --git a/actions/newnotice.php b/actions/newnotice.php index e254eac49..f773fc880 100644 --- a/actions/newnotice.php +++ b/actions/newnotice.php @@ -162,9 +162,10 @@ class NewnoticeAction extends Action $this->clientError(_('No content!')); } else { $content_shortened = common_shorten_links($content); - if (mb_strlen($content_shortened) > 140) { - $this->clientError(_('That\'s too long. '. - 'Max notice size is 140 chars.')); + if (Notice::contentTooLong($content_shortened)) { + $this->clientError(sprintf(_('That\'s too long. '. + 'Max notice size is %d chars.'), + Notice::maxContent())); } } @@ -241,9 +242,10 @@ class NewnoticeAction extends Action $short_fileurl = common_shorten_url($fileurl); $content_shortened .= ' ' . $short_fileurl; - if (mb_strlen($content_shortened) > 140) { + if (Notice::contentTooLong($content_shortened)) { $this->deleteFile($filename); - $this->clientError(_('Max notice size is 140 chars, including attachment URL.')); + $this->clientError(sprintf(_('Max notice size is %d chars, including attachment URL.'), + Notice::maxContent())); } // Also, not sure this is necessary -- Zach diff --git a/lib/noticeform.php b/lib/noticeform.php index 4e2a2edd6..35a21c6bd 100644 --- a/lib/noticeform.php +++ b/lib/noticeform.php @@ -83,7 +83,7 @@ class NoticeForm extends Form $this->action = $action; $this->content = $content; - + if ($user) { $this->user = $user; } else { @@ -117,7 +117,6 @@ class NoticeForm extends Form return common_local_url('newnotice'); } - /** * Legend of the Form * @@ -128,7 +127,6 @@ class NoticeForm extends Form $this->out->element('legend', null, _('Send a notice')); } - /** * Data elements * @@ -145,11 +143,20 @@ class NoticeForm extends Form 'rows' => 4, 'name' => 'status_textarea'), ($this->content) ? $this->content : ''); - $this->out->elementStart('dl', 'form_note'); - $this->out->element('dt', null, _('Available characters')); - $this->out->element('dd', array('id' => 'notice_text-count'), - '140'); - $this->out->elementEnd('dl'); + + $contentLimit = Notice::maxContent(); + + $this->out->element('script', array('type' => 'text/javascript'), + 'maxLength = ' . $contentLimit . ';'); + + if ($contentLimit > 0) { + $this->out->elementStart('dl', 'form_note'); + $this->out->element('dt', null, _('Available characters')); + $this->out->element('dd', array('id' => 'notice_text-count'), + $contentLimit); + $this->out->elementEnd('dl'); + } + if (common_config('attachments', 'uploads')) { $this->out->element('label', array('for' => 'notice_data-attach'),_('Attach')); $this->out->element('input', array('id' => 'notice_data-attach', -- cgit v1.2.3-54-g00ecf From 3565383f777095c0367cc197e5e4b9486784592b Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 21 Aug 2009 08:14:37 -0400 Subject: postnotice for OMB correctly checks max notice size --- actions/postnotice.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/postnotice.php b/actions/postnotice.php index 74be47119..3d2c4d5b4 100644 --- a/actions/postnotice.php +++ b/actions/postnotice.php @@ -66,7 +66,7 @@ class PostnoticeAction extends Action function checkNotice() { $content = common_shorten_links($_POST['omb_notice_content']); - if (mb_strlen($content) > 140) { + if (Notice::contentTooLong($content)) { $this->clientError(_('Invalid notice content'), 400); return false; } -- cgit v1.2.3-54-g00ecf From cb2184ed448ecb043d825d4d12b8193d63c4d84c Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 21 Aug 2009 08:27:21 -0400 Subject: api update correctly checks max length of notices --- actions/twitapistatuses.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'actions') diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php index e3d366ecc..038282414 100644 --- a/actions/twitapistatuses.php +++ b/actions/twitapistatuses.php @@ -242,14 +242,15 @@ class TwitapistatusesAction extends TwitterapiAction $status_shortened = common_shorten_links($status); - if (mb_strlen($status_shortened) > 140) { + if (Notice::contentTooLong($status_shortened)) { // XXX: Twitter truncates anything over 140, flags the status // as "truncated." Sending this error may screw up some clients // that assume Twitter will truncate for them. Should we just // truncate too? -- Zach - $this->clientError(_('That\'s too long. Max notice size is 140 chars.'), - $code = 406, $apidata['content-type']); + $this->clientError(sprintf(_('That\'s too long. Max notice size is %d chars.'), + Notice::maxContent()), + $code = 406, $apidata['content-type']); return; } } -- cgit v1.2.3-54-g00ecf From bacef32aaca791ec5e25bd951094baec0b41df28 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 21 Aug 2009 16:38:39 -0400 Subject: Revert "Added a configuration option to disable OpenID." This reverts commit 7dc3a90d1252137859a687e32313ea569dcf8796. Conflicts: actions/login.php actions/register.php lib/accountsettingsaction.php lib/common.php lib/logingroupnav.php --- README | 8 -------- actions/login.php | 2 +- config.php.sample | 3 --- lib/common.php | 8 -------- plugins/OpenID/finishopenidlogin.php | 4 +--- plugins/OpenID/openidlogin.php | 4 +--- plugins/OpenID/openidsettings.php | 6 ------ 7 files changed, 3 insertions(+), 32 deletions(-) (limited to 'actions') diff --git a/README b/README index ccdd9e674..53ed0a0fe 100644 --- a/README +++ b/README @@ -1200,14 +1200,6 @@ For configuring invites. enabled: Whether to allow users to send invites. Default true. -openid ------- - -For configuring OpenID. - -enabled: Whether to allow users to register and login using OpenID. Default - true. - tag --- diff --git a/actions/login.php b/actions/login.php index e09fdc76b..f5a658bf5 100644 --- a/actions/login.php +++ b/actions/login.php @@ -247,7 +247,7 @@ class LoginAction extends Action return _('For security reasons, please re-enter your ' . 'user name and password ' . 'before changing your settings.'); - } else if (common_config('openid', 'enabled')) { + } else { return _('Login with your username and password. ' . 'Don\'t have a username yet? ' . '[Register](%%action.register%%) a new account.'); diff --git a/config.php.sample b/config.php.sample index 0fc5163b7..e8cbf76d5 100644 --- a/config.php.sample +++ b/config.php.sample @@ -99,9 +99,6 @@ $config['sphinx']['port'] = 3312; // $config['xmpp']['public'][] = 'someindexer@example.net'; // $config['xmpp']['debug'] = false; -// Disable OpenID -// $config['openid']['enabled'] = false; - // Turn off invites // $config['invite']['enabled'] = false; diff --git a/lib/common.php b/lib/common.php index 067a5a2a6..7b0afce51 100644 --- a/lib/common.php +++ b/lib/common.php @@ -175,8 +175,6 @@ $config = 'host' => null, # only set if != server 'debug' => false, # print extra debug info 'public' => array()), # JIDs of users who want to receive the public stream - 'openid' => - array('enabled' => true), 'invite' => array('enabled' => true), 'sphinx' => @@ -383,12 +381,6 @@ if ($_db_name != 'laconica' && !array_key_exists('ini_'.$_db_name, $config['db'] $config['db']['ini_'.$_db_name] = INSTALLDIR.'/classes/laconica.ini'; } -// Ignore openidonly if OpenID is disabled - -if (!$config['openid']['enabled']) { - $config['site']['openidonly'] = false; -} - function __autoload($cls) { if (file_exists(INSTALLDIR.'/classes/' . $cls . '.php')) { diff --git a/plugins/OpenID/finishopenidlogin.php b/plugins/OpenID/finishopenidlogin.php index 87fc3881e..bc0d2d66c 100644 --- a/plugins/OpenID/finishopenidlogin.php +++ b/plugins/OpenID/finishopenidlogin.php @@ -30,9 +30,7 @@ class FinishopenidloginAction extends Action function handle($args) { parent::handle($args); - if (!common_config('openid', 'enabled')) { - common_redirect(common_local_url('login')); - } else if (common_is_real_login()) { + if (common_is_real_login()) { $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $token = $this->trimmed('token'); diff --git a/plugins/OpenID/openidlogin.php b/plugins/OpenID/openidlogin.php index 76f573b9f..3d968c56e 100644 --- a/plugins/OpenID/openidlogin.php +++ b/plugins/OpenID/openidlogin.php @@ -26,9 +26,7 @@ class OpenidloginAction extends Action function handle($args) { parent::handle($args); - if (!common_config('openid', 'enabled')) { - common_redirect(common_local_url('login')); - } else if (common_is_real_login()) { + if (common_is_real_login()) { $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $openid_url = $this->trimmed('openid_url'); diff --git a/plugins/OpenID/openidsettings.php b/plugins/OpenID/openidsettings.php index 57389903d..26bf64836 100644 --- a/plugins/OpenID/openidsettings.php +++ b/plugins/OpenID/openidsettings.php @@ -82,12 +82,6 @@ class OpenidsettingsAction extends AccountSettingsAction function showContent() { - if (!common_config('openid', 'enabled')) { - $this->element('div', array('class' => 'error'), - _('OpenID is not available.')); - return; - } - $user = common_current_user(); $this->elementStart('form', array('method' => 'post', -- cgit v1.2.3-54-g00ecf From 59beff6b46fb7693812558eaf728ca3709e4b066 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 21 Aug 2009 16:45:42 -0400 Subject: Revert "Added configuration option to only allow OpenID logins." This reverts commit 14b46e2183f10359cc53d597913a878f53e23719. This functionality will need to be rewritten to work with the new OpenIDPlugin. Conflicts: index.php lib/logingroupnav.php --- README | 2 -- actions/all.php | 4 +--- actions/confirmaddress.php | 6 +----- actions/favorited.php | 3 +-- actions/groupsearch.php | 3 +-- actions/invite.php | 2 +- actions/noticesearch.php | 4 +--- actions/public.php | 11 ++++------- actions/publictagcloud.php | 3 +-- actions/remotesubscribe.php | 12 +++++------- actions/replies.php | 4 +--- actions/showfavorites.php | 4 +--- actions/showgroup.php | 5 ++--- actions/showstream.php | 10 +++------- actions/subscribers.php | 4 +--- actions/userauthorization.php | 6 +----- config.php.sample | 2 -- lib/action.php | 15 +++++---------- lib/common.php | 1 - lib/facebookaction.php | 9 ++------- 20 files changed, 32 insertions(+), 78 deletions(-) (limited to 'actions') diff --git a/README b/README index 53ed0a0fe..ab25b9f3f 100644 --- a/README +++ b/README @@ -968,8 +968,6 @@ closed: If set to 'true', will disallow registration on your site. the service, *then* set this variable to 'true'. inviteonly: If set to 'true', will only allow registration if the user was invited by an existing user. -openidonly: If set to 'true', will only allow registrations and logins - through OpenID. private: If set to 'true', anonymous users will be redirected to the 'login' page. Also, API methods that normally require no authentication will require it. Note that this does not turn diff --git a/actions/all.php b/actions/all.php index 38aee65b6..82394922b 100644 --- a/actions/all.php +++ b/actions/all.php @@ -108,9 +108,7 @@ class AllAction extends ProfileAction } } else { - $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and then nudge %s or post a notice to his or her attention.'), - (!common_config('site','openidonly')) ? 'register' : 'openidlogin', - $this->user->nickname); + $message .= sprintf(_('Why not [register an account](%%%%action.register%%%%) and then nudge %s or post a notice to his or her attention.'), $this->user->nickname); } $this->elementStart('div', 'guide'); diff --git a/actions/confirmaddress.php b/actions/confirmaddress.php index 3c41a5c70..725c1f1e3 100644 --- a/actions/confirmaddress.php +++ b/actions/confirmaddress.php @@ -67,11 +67,7 @@ class ConfirmaddressAction extends Action parent::handle($args); if (!common_logged_in()) { common_set_returnto($this->selfUrl()); - if (!common_config('site', 'openidonly')) { - common_redirect(common_local_url('login')); - } else { - common_redirect(common_local_url('openidlogin')); - } + common_redirect(common_local_url('login')); return; } $code = $this->trimmed('code'); diff --git a/actions/favorited.php b/actions/favorited.php index a3d1a5e20..156c7a700 100644 --- a/actions/favorited.php +++ b/actions/favorited.php @@ -153,8 +153,7 @@ class FavoritedAction extends Action $message .= _('Be the first to add a notice to your favorites by clicking the fave button next to any notice you like.'); } else { - $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and be the first to add a notice to your favorites!'), - (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); + $message .= _('Why not [register an account](%%action.register%%) and be the first to add a notice to your favorites!'); } $this->elementStart('div', 'guide'); diff --git a/actions/groupsearch.php b/actions/groupsearch.php index 7437166e6..c50466ce6 100644 --- a/actions/groupsearch.php +++ b/actions/groupsearch.php @@ -82,8 +82,7 @@ class GroupsearchAction extends SearchAction $message = _('If you can\'t find the group you\'re looking for, you can [create it](%%action.newgroup%%) yourself.'); } else { - $message = sprintf(_('Why not [register an account](%%%%action.%s%%%%) and [create the group](%%%%action.newgroup%%%%) yourself!'), - (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); + $message = _('Why not [register an account](%%action.register%%) and [create the group](%%action.newgroup%%) yourself!'); } $this->elementStart('div', 'guide'); $this->raw(common_markup_to_html($message)); diff --git a/actions/invite.php b/actions/invite.php index bdc0d34cb..26c951ed2 100644 --- a/actions/invite.php +++ b/actions/invite.php @@ -235,7 +235,7 @@ class InviteAction extends CurrentUserDesignAction common_root_url(), $personal, common_local_url('showstream', array('nickname' => $user->nickname)), - common_local_url((!common_config('site', 'openidonly')) ? 'register' : 'openidlogin', array('code' => $invite->code))); + common_local_url('register', array('code' => $invite->code))); mail_send($recipients, $headers, $body); } diff --git a/actions/noticesearch.php b/actions/noticesearch.php index 90b3309cf..49b473d9e 100644 --- a/actions/noticesearch.php +++ b/actions/noticesearch.php @@ -121,9 +121,7 @@ class NoticesearchAction extends SearchAction $message = sprintf(_('Be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), urlencode($q)); } else { - $message = sprintf(_('Why not [register an account](%%%%action.%s%%%%) and be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), - (!common_config('site','openidonly')) ? 'register' : 'openidlogin', - urlencode($q)); + $message = sprintf(_('Why not [register an account](%%%%action.register%%%%) and be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), urlencode($q)); } $this->elementStart('div', 'guide'); diff --git a/actions/public.php b/actions/public.php index b68b2ff79..15bedb711 100644 --- a/actions/public.php +++ b/actions/public.php @@ -178,8 +178,7 @@ class PublicAction extends Action } else { if (! (common_config('site','closed') || common_config('site','inviteonly'))) { - $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and be the first to post!'), - (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); + $message .= _('Why not [register an account](%%action.register%%) and be the first to post!'); } } @@ -226,11 +225,9 @@ class PublicAction extends Action function showAnonymousMessage() { if (! (common_config('site','closed') || common_config('site','inviteonly'))) { - $m = sprintf(_('This is %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . - 'based on the Free Software [Laconica](http://laconi.ca/) tool. ' . - '[Join now](%%%%action.%s%%%%) to share notices about yourself with friends, family, and colleagues! ' . - '([Read more](%%%%doc.help%%%%))'), - (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); + $m = _('This is %%site.name%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . + 'based on the Free Software [Laconica](http://laconi.ca/) tool. ' . + '[Join now](%%action.register%%) to share notices about yourself with friends, family, and colleagues! ([Read more](%%doc.help%%))'); } else { $m = _('This is %%site.name%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . 'based on the Free Software [Laconica](http://laconi.ca/) tool.'); diff --git a/actions/publictagcloud.php b/actions/publictagcloud.php index a2772869d..e9f33d58b 100644 --- a/actions/publictagcloud.php +++ b/actions/publictagcloud.php @@ -72,8 +72,7 @@ class PublictagcloudAction extends Action $message .= _('Be the first to post one!'); } else { - $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and be the first to post one!'), - (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); + $message .= _('Why not [register an account](%%action.register%%) and be the first to post one!'); } $this->elementStart('div', 'guide'); diff --git a/actions/remotesubscribe.php b/actions/remotesubscribe.php index 90499bbe2..353717beb 100644 --- a/actions/remotesubscribe.php +++ b/actions/remotesubscribe.php @@ -97,13 +97,11 @@ class RemotesubscribeAction extends Action if ($this->err) { $this->element('div', 'error', $this->err); } else { - $inst = sprintf(_('To subscribe, you can [login](%%%%action.%s%%%%),' . - ' or [register](%%%%action.%s%%%%) a new ' . - ' account. If you already have an account ' . - ' on a [compatible microblogging site](%%doc.openmublog%%), ' . - ' enter your profile URL below.'), - (!common_config('site','openidonly')) ? 'login' : 'openidlogin', - (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); + $inst = _('To subscribe, you can [login](%%action.login%%),' . + ' or [register](%%action.register%%) a new ' . + ' account. If you already have an account ' . + ' on a [compatible microblogging site](%%doc.openmublog%%), ' . + ' enter your profile URL below.'); $output = common_markup_to_html($inst); $this->elementStart('div', 'instructions'); $this->raw($output); diff --git a/actions/replies.php b/actions/replies.php index fcfc3a272..47e01e279 100644 --- a/actions/replies.php +++ b/actions/replies.php @@ -192,9 +192,7 @@ class RepliesAction extends OwnerDesignAction } } else { - $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and then nudge %s or post a notice to his or her attention.'), - (!common_config('site','openidonly')) ? 'register' : 'openidlogin', - $this->user->nickname); + $message .= sprintf(_('Why not [register an account](%%%%action.register%%%%) and then nudge %s or post a notice to his or her attention.'), $this->user->nickname); } $this->elementStart('div', 'guide'); diff --git a/actions/showfavorites.php b/actions/showfavorites.php index 91287cc96..5be997306 100644 --- a/actions/showfavorites.php +++ b/actions/showfavorites.php @@ -196,9 +196,7 @@ class ShowfavoritesAction extends OwnerDesignAction } } else { - $message = sprintf(_('%s hasn\'t added any notices to his favorites yet. Why not [register an account](%%%%action.%s%%%%) and then post something interesting they would add to their favorites :)'), - $this->user->nickname, - (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); + $message = sprintf(_('%s hasn\'t added any notices to his favorites yet. Why not [register an account](%%%%action.register%%%%) and then post something interesting they would add to their favorites :)'), $this->user->nickname); } $this->elementStart('div', 'guide'); diff --git a/actions/showgroup.php b/actions/showgroup.php index b0cc1dbc7..c3471c195 100644 --- a/actions/showgroup.php +++ b/actions/showgroup.php @@ -450,9 +450,8 @@ class ShowgroupAction extends GroupDesignAction $m = sprintf(_('**%s** is a user group on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . 'based on the Free Software [Laconica](http://laconi.ca/) tool. Its members share ' . 'short messages about their life and interests. '. - '[Join now](%%%%action.%s%%%%) to become part of this group and many more! ([Read more](%%%%doc.help%%%%))'), - $this->group->nickname, - (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); + '[Join now](%%%%action.register%%%%) to become part of this group and many more! ([Read more](%%%%doc.help%%%%))'), + $this->group->nickname); } else { $m = sprintf(_('**%s** is a user group on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . 'based on the Free Software [Laconica](http://laconi.ca/) tool. Its members share ' . diff --git a/actions/showstream.php b/actions/showstream.php index 3f603d64f..cd5d4bb70 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -358,9 +358,7 @@ class ShowstreamAction extends ProfileAction } } else { - $message .= sprintf(_('Why not [register an account](%%%%action.%s%%%%) and then nudge %s or post a notice to his or her attention.'), - (!common_config('site','openidonly')) ? 'register' : 'openidlogin', - $this->user->nickname); + $message .= sprintf(_('Why not [register an account](%%%%action.register%%%%) and then nudge %s or post a notice to his or her attention.'), $this->user->nickname); } $this->elementStart('div', 'guide'); @@ -389,10 +387,8 @@ class ShowstreamAction extends ProfileAction if (!(common_config('site','closed') || common_config('site','inviteonly'))) { $m = sprintf(_('**%s** has an account on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . 'based on the Free Software [Laconica](http://laconi.ca/) tool. ' . - '[Join now](%%%%action.%s%%%%) to follow **%s**\'s notices and many more! ([Read more](%%%%doc.help%%%%))'), - $this->user->nickname, - (!common_config('site','openidonly')) ? 'register' : 'openidlogin', - $this->user->nickname); + '[Join now](%%%%action.register%%%%) to follow **%s**\'s notices and many more! ([Read more](%%%%doc.help%%%%))'), + $this->user->nickname, $this->user->nickname); } else { $m = sprintf(_('**%s** has an account on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . 'based on the Free Software [Laconica](http://laconi.ca/) tool. '), diff --git a/actions/subscribers.php b/actions/subscribers.php index 404738012..66ac00fb1 100644 --- a/actions/subscribers.php +++ b/actions/subscribers.php @@ -111,9 +111,7 @@ class SubscribersAction extends GalleryAction } } else { - $message = sprintf(_('%s has no subscribers. Why not [register an account](%%%%action.%s%%%%) and be the first?'), - $this->user->nickname, - (!common_config('site','openidonly')) ? 'register' : 'openidlogin'); + $message = sprintf(_('%s has no subscribers. Why not [register an account](%%%%action.register%%%%) and be the first?'), $this->user->nickname); } $this->elementStart('div', 'guide'); diff --git a/actions/userauthorization.php b/actions/userauthorization.php index 3e7be9747..cc8bfdaea 100644 --- a/actions/userauthorization.php +++ b/actions/userauthorization.php @@ -63,11 +63,7 @@ class UserauthorizationAction extends Action /* Go log in, and then come back. */ common_set_returnto($_SERVER['REQUEST_URI']); - if (!common_config('site', 'openidonly')) { - common_redirect(common_local_url('login')); - } else { - common_redirect(common_local_url('openidlogin')); - } + common_redirect(common_local_url('login')); return; } diff --git a/config.php.sample b/config.php.sample index e8cbf76d5..7877df716 100644 --- a/config.php.sample +++ b/config.php.sample @@ -38,8 +38,6 @@ $config['site']['path'] = 'laconica'; // $config['site']['closed'] = true; // Only allow registration for people invited by another user // $config['site']['inviteonly'] = true; -// Only allow registrations and logins through OpenID -// $config['site']['openidonly'] = true; // Make the site invisible to non-logged-in users // $config['site']['private'] = true; diff --git a/lib/action.php b/lib/action.php index 4d724fba5..ebd722719 100644 --- a/lib/action.php +++ b/lib/action.php @@ -439,17 +439,12 @@ class Action extends HTMLOutputter // lawsuit _('Logout'), _('Logout from the site'), false, 'nav_logout'); } else { - if (!common_config('site', 'openidonly')) { - if (!common_config('site', 'closed')) { - $this->menuItem(common_local_url('register'), - _('Register'), _('Create an account'), false, 'nav_register'); - } - $this->menuItem(common_local_url('login'), - _('Login'), _('Login to the site'), false, 'nav_login'); - } else { - $this->menuItem(common_local_url('openidlogin'), - _('OpenID'), _('Login with OpenID'), false, 'nav_openid'); + if (!common_config('site', 'closed')) { + $this->menuItem(common_local_url('register'), + _('Register'), _('Create an account'), false, 'nav_register'); } + $this->menuItem(common_local_url('login'), + _('Login'), _('Login to the site'), false, 'nav_login'); } $this->menuItem(common_local_url('doc', array('title' => 'help')), _('Help'), _('Help me!'), false, 'nav_help'); diff --git a/lib/common.php b/lib/common.php index 7b0afce51..62cf5640d 100644 --- a/lib/common.php +++ b/lib/common.php @@ -111,7 +111,6 @@ $config = 'broughtbyurl' => null, 'closed' => false, 'inviteonly' => false, - 'openidonly' => false, 'private' => false, 'ssl' => 'never', 'sslserver' => null, diff --git a/lib/facebookaction.php b/lib/facebookaction.php index 4edd3a077..1e0b2bda7 100644 --- a/lib/facebookaction.php +++ b/lib/facebookaction.php @@ -253,13 +253,8 @@ class FacebookAction extends Action $this->elementStart('dd'); $this->elementStart('p'); $this->text(sprintf($loginmsg_part1, common_config('site', 'name'))); - if (!common_config('site', 'openidonly')) { - $this->element('a', - array('href' => common_local_url('register')), _('Register')); - } else { - $this->element('a', - array('href' => common_local_url('openidlogin')), _('Register')); - } + $this->element('a', + array('href' => common_local_url('register')), _('Register')); $this->text($loginmsg_part2); $this->elementEnd('p'); $this->elementEnd('dd'); -- cgit v1.2.3-54-g00ecf From 9aa39c757396e66ad959adc9fda63bfd0a869e8b Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 21 Aug 2009 16:54:35 -0400 Subject: add hooks to allow loading custom help documentation --- EVENTS.txt | 8 ++++++++ actions/doc.php | 26 ++++++++++++++++++-------- 2 files changed, 26 insertions(+), 8 deletions(-) (limited to 'actions') diff --git a/EVENTS.txt b/EVENTS.txt index 25d95fe06..a79687bae 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -227,3 +227,11 @@ StartNewQueueManager: before trying to start a new queue manager; good for plugi RedirectToLogin: event when we force a redirect to login (like when going to a settings page on a remembered login) - $action: action object being shown - $user: current user + +StartLoadDoc: before loading a help doc (hook this to show your own documentation) +- $title: title of the document +- $output: HTML output to show + +EndLoadDoc: after loading a help doc (hook this to modify other documentation) +- $title: title of the document +- $output: HTML output to show diff --git a/actions/doc.php b/actions/doc.php index 54ae13803..7387c1620 100644 --- a/actions/doc.php +++ b/actions/doc.php @@ -58,12 +58,24 @@ class DocAction extends Action function handle($args) { parent::handle($args); - $this->title = $this->trimmed('title'); - $this->filename = INSTALLDIR.'/doc-src/'.$this->title; - if (!file_exists($this->filename)) { - $this->clientError(_('No such document.')); - return; + + $this->title = $this->trimmed('title'); + $this->output = null; + + if (Event::handle('StartLoadDoc', &$this->title, &$this->output)) { + + $this->filename = INSTALLDIR.'/doc-src/'.$this->title; + if (!file_exists($this->filename)) { + $this->clientError(_('No such document.')); + return; + } + + $c = file_get_contents($this->filename); + $this->output = common_markup_to_html($c); + + Event::handle('EndLoadDoc', $this->title, &$this->output); } + $this->showPage(); } @@ -93,9 +105,7 @@ class DocAction extends Action */ function showContent() { - $c = file_get_contents($this->filename); - $output = common_markup_to_html($c); - $this->raw($output); + $this->raw($this->output); } /** -- cgit v1.2.3-54-g00ecf From c9f9b011c84464d38d325ba16ea2cae66a29acaf Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 21 Aug 2009 16:58:02 -0400 Subject: use array for events --- actions/doc.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'actions') diff --git a/actions/doc.php b/actions/doc.php index 7387c1620..6f3a87e48 100644 --- a/actions/doc.php +++ b/actions/doc.php @@ -62,7 +62,7 @@ class DocAction extends Action $this->title = $this->trimmed('title'); $this->output = null; - if (Event::handle('StartLoadDoc', &$this->title, &$this->output)) { + if (Event::handle('StartLoadDoc', array(&$this->title, &$this->output))) { $this->filename = INSTALLDIR.'/doc-src/'.$this->title; if (!file_exists($this->filename)) { @@ -73,7 +73,7 @@ class DocAction extends Action $c = file_get_contents($this->filename); $this->output = common_markup_to_html($c); - Event::handle('EndLoadDoc', $this->title, &$this->output); + Event::handle('EndLoadDoc', array($this->title, &$this->output)); } $this->showPage(); -- cgit v1.2.3-54-g00ecf From 9b9d80cd97704426e54434d8777c5c15154014ad Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 25 Aug 2009 14:52:25 -0700 Subject: Pluginized Twitter settings stuff --- actions/twitterauthorization.php | 222 -------------------- actions/twittersettings.php | 277 ------------------------- lib/connectsettingsaction.php | 49 +++-- lib/router.php | 6 +- lib/twitteroauthclient.php | 220 -------------------- plugins/TwitterBridge/TwitterBridgePlugin.php | 101 +++++++++ plugins/TwitterBridge/twitterauthorization.php | 222 ++++++++++++++++++++ plugins/TwitterBridge/twitteroauthclient.php | 220 ++++++++++++++++++++ plugins/TwitterBridge/twittersettings.php | 272 ++++++++++++++++++++++++ 9 files changed, 842 insertions(+), 747 deletions(-) delete mode 100644 actions/twitterauthorization.php delete mode 100644 actions/twittersettings.php delete mode 100644 lib/twitteroauthclient.php create mode 100644 plugins/TwitterBridge/TwitterBridgePlugin.php create mode 100644 plugins/TwitterBridge/twitterauthorization.php create mode 100644 plugins/TwitterBridge/twitteroauthclient.php create mode 100644 plugins/TwitterBridge/twittersettings.php (limited to 'actions') diff --git a/actions/twitterauthorization.php b/actions/twitterauthorization.php deleted file mode 100644 index b04f35327..000000000 --- a/actions/twitterauthorization.php +++ /dev/null @@ -1,222 +0,0 @@ -. - * - * @category Twitter - * @package Laconica - * @author Zach Copely - * @copyright 2009 Control Yourself, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - */ - -if (!defined('LACONICA')) { - exit(1); -} - -/** - * Class for doing OAuth authentication against Twitter - * - * Peforms the OAuth "dance" between Laconica and Twitter -- requests a token, - * authorizes it, and exchanges it for an access token. It also creates a link - * (Foreign_link) between the Laconica user and Twitter user and stores the - * access token and secret in the link. - * - * @category Twitter - * @package Laconica - * @author Zach Copley - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - * - */ -class TwitterauthorizationAction extends Action -{ - /** - * Initialize class members. Looks for 'oauth_token' parameter. - * - * @param array $args misc. arguments - * - * @return boolean true - */ - function prepare($args) - { - parent::prepare($args); - - $this->oauth_token = $this->arg('oauth_token'); - - return true; - } - - /** - * Handler method - * - * @param array $args is ignored since it's now passed in in prepare() - * - * @return nothing - */ - function handle($args) - { - parent::handle($args); - - if (!common_logged_in()) { - $this->clientError(_('Not logged in.'), 403); - } - - $user = common_current_user(); - $flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE); - - // If there's already a foreign link record, it means we already - // have an access token, and this is unecessary. So go back. - - if (isset($flink)) { - common_redirect(common_local_url('twittersettings')); - } - - // $this->oauth_token is only populated once Twitter authorizes our - // request token. If it's empty we're at the beginning of the auth - // process - - if (empty($this->oauth_token)) { - $this->authorizeRequestToken(); - } else { - $this->saveAccessToken(); - } - } - - /** - * Asks Twitter for a request token, and then redirects to Twitter - * to authorize it. - * - * @return nothing - */ - function authorizeRequestToken() - { - try { - - // Get a new request token and authorize it - - $client = new TwitterOAuthClient(); - $req_tok = - $client->getRequestToken(TwitterOAuthClient::$requestTokenURL); - - // Sock the request token away in the session temporarily - - $_SESSION['twitter_request_token'] = $req_tok->key; - $_SESSION['twitter_request_token_secret'] = $req_tok->secret; - - $auth_link = $client->getAuthorizeLink($req_tok); - - } catch (TwitterOAuthClientException $e) { - $msg = sprintf('OAuth client cURL error - code: %1s, msg: %2s', - $e->getCode(), $e->getMessage()); - $this->serverError(_('Couldn\'t link your Twitter account.')); - } - - common_redirect($auth_link); - } - - /** - * Called when Twitter returns an authorized request token. Exchanges - * it for an access token and stores it. - * - * @return nothing - */ - function saveAccessToken() - { - - // Check to make sure Twitter returned the same request - // token we sent them - - if ($_SESSION['twitter_request_token'] != $this->oauth_token) { - $this->serverError(_('Couldn\'t link your Twitter account.')); - } - - try { - - $client = new TwitterOAuthClient($_SESSION['twitter_request_token'], - $_SESSION['twitter_request_token_secret']); - - // Exchange the request token for an access token - - $atok = $client->getAccessToken(TwitterOAuthClient::$accessTokenURL); - - // Test the access token and get the user's Twitter info - - $client = new TwitterOAuthClient($atok->key, $atok->secret); - $twitter_user = $client->verifyCredentials(); - - } catch (OAuthClientException $e) { - $msg = sprintf('OAuth client cURL error - code: %1$s, msg: %2$s', - $e->getCode(), $e->getMessage()); - $this->serverError(_('Couldn\'t link your Twitter account.')); - } - - // Save the access token and Twitter user info - - $this->saveForeignLink($atok, $twitter_user); - - // Clean up the the mess we made in the session - - unset($_SESSION['twitter_request_token']); - unset($_SESSION['twitter_request_token_secret']); - - common_redirect(common_local_url('twittersettings')); - } - - /** - * Saves a Foreign_link between Twitter user and local user, - * which includes the access token and secret. - * - * @param OAuthToken $access_token the access token to save - * @param mixed $twitter_user twitter API user object - * - * @return nothing - */ - function saveForeignLink($access_token, $twitter_user) - { - $user = common_current_user(); - - $flink = new Foreign_link(); - - $flink->user_id = $user->id; - $flink->foreign_id = $twitter_user->id; - $flink->service = TWITTER_SERVICE; - - $creds = TwitterOAuthClient::packToken($access_token); - - $flink->credentials = $creds; - $flink->created = common_sql_now(); - - // Defaults: noticesync on, everything else off - - $flink->set_flags(true, false, false, false); - - $flink_id = $flink->insert(); - - if (empty($flink_id)) { - common_log_db_error($flink, 'INSERT', __FILE__); - $this->serverError(_('Couldn\'t link your Twitter account.')); - } - - save_twitter_user($twitter_user->id, $twitter_user->screen_name); - } - -} - diff --git a/actions/twittersettings.php b/actions/twittersettings.php deleted file mode 100644 index 0859ab9d3..000000000 --- a/actions/twittersettings.php +++ /dev/null @@ -1,277 +0,0 @@ -. - * - * @category Settings - * @package Laconica - * @author Evan Prodromou - * @copyright 2008-2009 Control Yourself, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - */ - -if (!defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/connectsettingsaction.php'; -require_once INSTALLDIR.'/lib/twitter.php'; - -/** - * Settings for Twitter integration - * - * @category Settings - * @package Laconica - * @author Evan Prodromou - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - * - * @see SettingsAction - */ - -class TwittersettingsAction extends ConnectSettingsAction -{ - /** - * Title of the page - * - * @return string Title of the page - */ - - function title() - { - return _('Twitter settings'); - } - - /** - * Instructions for use - * - * @return instructions for use - */ - - function getInstructions() - { - return _('Connect your Twitter account to share your updates ' . - 'with your Twitter friends and vice-versa.'); - } - - /** - * Content area of the page - * - * Shows a form for associating a Twitter account with this - * Laconica account. Also lets the user set preferences. - * - * @return void - */ - - function showContent() - { - if (!common_config('twitter', 'enabled')) { - $this->element('div', array('class' => 'error'), - _('Twitter is not available.')); - return; - } - - $user = common_current_user(); - - $profile = $user->getProfile(); - - $fuser = null; - - $flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE); - - if (!empty($flink)) { - $fuser = $flink->getForeignUser(); - } - - $this->elementStart('form', array('method' => 'post', - 'id' => 'form_settings_twitter', - 'class' => 'form_settings', - 'action' => - common_local_url('twittersettings'))); - - $this->hidden('token', common_session_token()); - - $this->elementStart('fieldset', array('id' => 'settings_twitter_account')); - - if (empty($fuser)) { - $this->elementStart('ul', 'form_data'); - $this->elementStart('li', array('id' => 'settings_twitter_login_button')); - $this->element('a', array('href' => common_local_url('twitterauthorization')), - 'Connect my Twitter account'); - $this->elementEnd('li'); - $this->elementEnd('ul'); - - $this->elementEnd('fieldset'); - } else { - $this->element('legend', null, _('Twitter account')); - $this->elementStart('p', array('id' => 'form_confirmed')); - $this->element('a', array('href' => $fuser->uri), $fuser->nickname); - $this->elementEnd('p'); - $this->element('p', 'form_note', - _('Connected Twitter account')); - - $this->submit('remove', _('Remove')); - - $this->elementEnd('fieldset'); - - $this->elementStart('fieldset', array('id' => 'settings_twitter_preferences')); - - $this->element('legend', null, _('Preferences')); - $this->elementStart('ul', 'form_data'); - $this->elementStart('li'); - $this->checkbox('noticesend', - _('Automatically send my notices to Twitter.'), - ($flink) ? - ($flink->noticesync & FOREIGN_NOTICE_SEND) : - true); - $this->elementEnd('li'); - $this->elementStart('li'); - $this->checkbox('replysync', - _('Send local "@" replies to Twitter.'), - ($flink) ? - ($flink->noticesync & FOREIGN_NOTICE_SEND_REPLY) : - true); - $this->elementEnd('li'); - $this->elementStart('li'); - $this->checkbox('friendsync', - _('Subscribe to my Twitter friends here.'), - ($flink) ? - ($flink->friendsync & FOREIGN_FRIEND_RECV) : - false); - $this->elementEnd('li'); - - if (common_config('twitterbridge','enabled')) { - $this->elementStart('li'); - $this->checkbox('noticerecv', - _('Import my Friends Timeline.'), - ($flink) ? - ($flink->noticesync & FOREIGN_NOTICE_RECV) : - false); - $this->elementEnd('li'); - - // preserve setting even if bidrection bridge toggled off - - if ($flink && ($flink->noticesync & FOREIGN_NOTICE_RECV)) { - $this->hidden('noticerecv', true, 'noticerecv'); - } - } - - $this->elementEnd('ul'); - - if ($flink) { - $this->submit('save', _('Save')); - } else { - $this->submit('add', _('Add')); - } - - $this->elementEnd('fieldset'); - } - - $this->elementEnd('form'); - } - - /** - * Handle posts to this form - * - * Based on the button that was pressed, muxes out to other functions - * to do the actual task requested. - * - * All sub-functions reload the form with a message -- success or failure. - * - * @return void - */ - - function handlePost() - { - // CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->showForm(_('There was a problem with your session token. '. - 'Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->savePreferences(); - } else if ($this->arg('remove')) { - $this->removeTwitterAccount(); - } else { - $this->showForm(_('Unexpected form submission.')); - } - } - - /** - * Disassociate an existing Twitter account from this account - * - * @return void - */ - - function removeTwitterAccount() - { - $user = common_current_user(); - $flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE); - - $result = $flink->delete(); - - if (empty($result)) { - common_log_db_error($flink, 'DELETE', __FILE__); - $this->serverError(_('Couldn\'t remove Twitter user.')); - return; - } - - $this->showForm(_('Twitter account removed.'), true); - } - - /** - * Save user's Twitter-bridging preferences - * - * @return void - */ - - function savePreferences() - { - $noticesend = $this->boolean('noticesend'); - $noticerecv = $this->boolean('noticerecv'); - $friendsync = $this->boolean('friendsync'); - $replysync = $this->boolean('replysync'); - - $user = common_current_user(); - $flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE); - - if (empty($flink)) { - common_log_db_error($flink, 'SELECT', __FILE__); - $this->showForm(_('Couldn\'t save Twitter preferences.')); - return; - } - - $original = clone($flink); - $flink->set_flags($noticesend, $noticerecv, $replysync, $friendsync); - $result = $flink->update($original); - - if ($result === false) { - common_log_db_error($flink, 'UPDATE', __FILE__); - $this->showForm(_('Couldn\'t save Twitter preferences.')); - return; - } - - $this->showForm(_('Twitter preferences saved.'), true); - } - -} diff --git a/lib/connectsettingsaction.php b/lib/connectsettingsaction.php index 02c468a35..7902931e0 100644 --- a/lib/connectsettingsaction.php +++ b/lib/connectsettingsaction.php @@ -98,34 +98,37 @@ class ConnectSettingsNav extends Widget function show() { - # action => array('prompt', 'title') - $menu = array(); - if (common_config('xmpp', 'enabled')) { - $menu['imsettings'] = - array(_('IM'), - _('Updates by instant messenger (IM)')); - } - if (common_config('sms', 'enabled')) { - $menu['smssettings'] = - array(_('SMS'), - _('Updates by SMS')); - } - if (common_config('twitter', 'enabled')) { - $menu['twittersettings'] = - array(_('Twitter'), - _('Twitter integration options')); - } - $action_name = $this->action->trimmed('action'); $this->action->elementStart('ul', array('class' => 'nav')); - foreach ($menu as $menuaction => $menudesc) { - $this->action->menuItem(common_local_url($menuaction), - $menudesc[0], - $menudesc[1], - $action_name === $menuaction); + if (Event::handle('StartConnectSettingsNav', array(&$this->action))) { + + # action => array('prompt', 'title') + $menu = array(); + if (common_config('xmpp', 'enabled')) { + $menu['imsettings'] = + array(_('IM'), + _('Updates by instant messenger (IM)')); + } + if (common_config('sms', 'enabled')) { + $menu['smssettings'] = + array(_('SMS'), + _('Updates by SMS')); + } + + foreach ($menu as $menuaction => $menudesc) { + $this->action->menuItem(common_local_url($menuaction), + $menudesc[0], + $menudesc[1], + $action_name === $menuaction); + } + + Event::handle('EndConnectSettingsNav', array(&$this->action)); } $this->action->elementEnd('ul'); } + } + + diff --git a/lib/router.php b/lib/router.php index 08bc0566d..5bffdb16b 100644 --- a/lib/router.php +++ b/lib/router.php @@ -86,10 +86,6 @@ class Router $m->connect('doc/:title', array('action' => 'doc')); - // Twitter - - $m->connect('twitter/authorization', array('action' => 'twitterauthorization')); - // facebook $m->connect('facebook', array('action' => 'facebookhome')); @@ -136,7 +132,7 @@ class Router // settings foreach (array('profile', 'avatar', 'password', 'im', - 'email', 'sms', 'twitter', 'userdesign', 'other') as $s) { + 'email', 'sms', 'userdesign', 'other') as $s) { $m->connect('settings/'.$s, array('action' => $s.'settings')); } diff --git a/lib/twitteroauthclient.php b/lib/twitteroauthclient.php deleted file mode 100644 index b7dc4a80c..000000000 --- a/lib/twitteroauthclient.php +++ /dev/null @@ -1,220 +0,0 @@ -. - * - * @category Integration - * @package Laconica - * @author Zach Copley - * @copyright 2008 Control Yourself, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - */ - -if (!defined('LACONICA')) { - exit(1); -} - -/** - * Class for talking to the Twitter API with OAuth. - * - * @category Integration - * @package Laconica - * @author Zach Copley - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://laconi.ca/ - * - */ -class TwitterOAuthClient extends OAuthClient -{ - public static $requestTokenURL = 'https://twitter.com/oauth/request_token'; - public static $authorizeURL = 'https://twitter.com/oauth/authorize'; - public static $accessTokenURL = 'https://twitter.com/oauth/access_token'; - - /** - * Constructor - * - * @param string $oauth_token the user's token - * @param string $oauth_token_secret the user's token secret - * - * @return nothing - */ - function __construct($oauth_token = null, $oauth_token_secret = null) - { - $consumer_key = common_config('twitter', 'consumer_key'); - $consumer_secret = common_config('twitter', 'consumer_secret'); - - parent::__construct($consumer_key, $consumer_secret, - $oauth_token, $oauth_token_secret); - } - - // XXX: the following two functions are to support the horrible hack - // of using the credentils field in Foreign_link to store both - // the access token and token secret. This hack should go away with - // 0.9, in which we can make DB changes and add a new column for the - // token itself. - - static function packToken($token) - { - return implode(chr(0), array($token->key, $token->secret)); - } - - static function unpackToken($str) - { - $vals = explode(chr(0), $str); - return new OAuthToken($vals[0], $vals[1]); - } - - /** - * Builds a link to Twitter's endpoint for authorizing a request token - * - * @param OAuthToken $request_token token to authorize - * - * @return the link - */ - function getAuthorizeLink($request_token) - { - return parent::getAuthorizeLink(self::$authorizeURL, - $request_token, - common_local_url('twitterauthorization')); - } - - /** - * Calls Twitter's /account/verify_credentials API method - * - * @return mixed the Twitter user - */ - function verifyCredentials() - { - $url = 'https://twitter.com/account/verify_credentials.json'; - $response = $this->oAuthGet($url); - $twitter_user = json_decode($response); - return $twitter_user; - } - - /** - * Calls Twitter's /stutuses/update API method - * - * @param string $status text of the status - * @param int $in_reply_to_status_id optional id of the status it's - * a reply to - * - * @return mixed the status - */ - function statusesUpdate($status, $in_reply_to_status_id = null) - { - $url = 'https://twitter.com/statuses/update.json'; - $params = array('status' => $status, - 'in_reply_to_status_id' => $in_reply_to_status_id); - $response = $this->oAuthPost($url, $params); - $status = json_decode($response); - return $status; - } - - /** - * Calls Twitter's /stutuses/friends_timeline API method - * - * @param int $since_id show statuses after this id - * @param int $max_id show statuses before this id - * @param int $cnt number of statuses to show - * @param int $page page number - * - * @return mixed an array of statuses - */ - function statusesFriendsTimeline($since_id = null, $max_id = null, - $cnt = null, $page = null) - { - - $url = 'https://twitter.com/statuses/friends_timeline.json'; - $params = array('since_id' => $since_id, - 'max_id' => $max_id, - 'count' => $cnt, - 'page' => $page); - $qry = http_build_query($params); - - if (!empty($qry)) { - $url .= "?$qry"; - } - - $response = $this->oAuthGet($url); - $statuses = json_decode($response); - return $statuses; - } - - /** - * Calls Twitter's /stutuses/friends API method - * - * @param int $id id of the user whom you wish to see friends of - * @param int $user_id numerical user id - * @param int $screen_name screen name - * @param int $page page number - * - * @return mixed an array of twitter users and their latest status - */ - function statusesFriends($id = null, $user_id = null, $screen_name = null, - $page = null) - { - $url = "https://twitter.com/statuses/friends.json"; - - $params = array('id' => $id, - 'user_id' => $user_id, - 'screen_name' => $screen_name, - 'page' => $page); - $qry = http_build_query($params); - - if (!empty($qry)) { - $url .= "?$qry"; - } - - $response = $this->oAuthGet($url); - $friends = json_decode($response); - return $friends; - } - - /** - * Calls Twitter's /stutuses/friends/ids API method - * - * @param int $id id of the user whom you wish to see friends of - * @param int $user_id numerical user id - * @param int $screen_name screen name - * @param int $page page number - * - * @return mixed a list of ids, 100 per page - */ - function friendsIds($id = null, $user_id = null, $screen_name = null, - $page = null) - { - $url = "https://twitter.com/friends/ids.json"; - - $params = array('id' => $id, - 'user_id' => $user_id, - 'screen_name' => $screen_name, - 'page' => $page); - $qry = http_build_query($params); - - if (!empty($qry)) { - $url .= "?$qry"; - } - - $response = $this->oAuthGet($url); - $ids = json_decode($response); - return $ids; - } - -} diff --git a/plugins/TwitterBridge/TwitterBridgePlugin.php b/plugins/TwitterBridge/TwitterBridgePlugin.php new file mode 100644 index 000000000..f7daa9a22 --- /dev/null +++ b/plugins/TwitterBridge/TwitterBridgePlugin.php @@ -0,0 +1,101 @@ +. + * + * @category Plugin + * @package Laconica + * @author Zach Copley + * @copyright 2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Plugin for sending and importing Twitter statuses + * + * This class allows users to link their Twitter accounts + * + * @category Plugin + * @package Laconica + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * @link http://twitter.com/ + */ + +class TwitterBridgePlugin extends Plugin +{ + /** + * Initializer for the plugin. + */ + + function __construct() + { + parent::__construct(); + } + + /** + * Add Twitter-related paths to the router table + * + * Hook for RouterInitialized event. + * + * @return boolean hook return + */ + + function onRouterInitialized(&$m) + { + $m->connect('twitter/authorization', array('action' => 'twitterauthorization')); + $m->connect('settings/twitter', array('action' => 'twittersettings')); + + return true; + } + + function onEndConnectSettingsNav(&$action) + { + $action_name = $action->trimmed('action'); + + $action->menuItem(common_local_url('twittersettings'), + _('Twitter'), + _('Twitter integration options'), + $action_name === 'twittersettings'); + + return true; + } + + function onAutoload($cls) + { + switch ($cls) + { + case 'TwittersettingsAction': + case 'TwitterauthorizationAction': + require_once(INSTALLDIR.'/plugins/TwitterBridge/' . strtolower(mb_substr($cls, 0, -6)) . '.php'); + return false; + case 'TwitterOAuthClient': + require_once(INSTALLDIR.'/plugins/TwitterBridge/twitteroAuthclient.php'); + return false; + default: + return true; + } + } + + +} \ No newline at end of file diff --git a/plugins/TwitterBridge/twitterauthorization.php b/plugins/TwitterBridge/twitterauthorization.php new file mode 100644 index 000000000..b04f35327 --- /dev/null +++ b/plugins/TwitterBridge/twitterauthorization.php @@ -0,0 +1,222 @@ +. + * + * @category Twitter + * @package Laconica + * @author Zach Copely + * @copyright 2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Class for doing OAuth authentication against Twitter + * + * Peforms the OAuth "dance" between Laconica and Twitter -- requests a token, + * authorizes it, and exchanges it for an access token. It also creates a link + * (Foreign_link) between the Laconica user and Twitter user and stores the + * access token and secret in the link. + * + * @category Twitter + * @package Laconica + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * + */ +class TwitterauthorizationAction extends Action +{ + /** + * Initialize class members. Looks for 'oauth_token' parameter. + * + * @param array $args misc. arguments + * + * @return boolean true + */ + function prepare($args) + { + parent::prepare($args); + + $this->oauth_token = $this->arg('oauth_token'); + + return true; + } + + /** + * Handler method + * + * @param array $args is ignored since it's now passed in in prepare() + * + * @return nothing + */ + function handle($args) + { + parent::handle($args); + + if (!common_logged_in()) { + $this->clientError(_('Not logged in.'), 403); + } + + $user = common_current_user(); + $flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE); + + // If there's already a foreign link record, it means we already + // have an access token, and this is unecessary. So go back. + + if (isset($flink)) { + common_redirect(common_local_url('twittersettings')); + } + + // $this->oauth_token is only populated once Twitter authorizes our + // request token. If it's empty we're at the beginning of the auth + // process + + if (empty($this->oauth_token)) { + $this->authorizeRequestToken(); + } else { + $this->saveAccessToken(); + } + } + + /** + * Asks Twitter for a request token, and then redirects to Twitter + * to authorize it. + * + * @return nothing + */ + function authorizeRequestToken() + { + try { + + // Get a new request token and authorize it + + $client = new TwitterOAuthClient(); + $req_tok = + $client->getRequestToken(TwitterOAuthClient::$requestTokenURL); + + // Sock the request token away in the session temporarily + + $_SESSION['twitter_request_token'] = $req_tok->key; + $_SESSION['twitter_request_token_secret'] = $req_tok->secret; + + $auth_link = $client->getAuthorizeLink($req_tok); + + } catch (TwitterOAuthClientException $e) { + $msg = sprintf('OAuth client cURL error - code: %1s, msg: %2s', + $e->getCode(), $e->getMessage()); + $this->serverError(_('Couldn\'t link your Twitter account.')); + } + + common_redirect($auth_link); + } + + /** + * Called when Twitter returns an authorized request token. Exchanges + * it for an access token and stores it. + * + * @return nothing + */ + function saveAccessToken() + { + + // Check to make sure Twitter returned the same request + // token we sent them + + if ($_SESSION['twitter_request_token'] != $this->oauth_token) { + $this->serverError(_('Couldn\'t link your Twitter account.')); + } + + try { + + $client = new TwitterOAuthClient($_SESSION['twitter_request_token'], + $_SESSION['twitter_request_token_secret']); + + // Exchange the request token for an access token + + $atok = $client->getAccessToken(TwitterOAuthClient::$accessTokenURL); + + // Test the access token and get the user's Twitter info + + $client = new TwitterOAuthClient($atok->key, $atok->secret); + $twitter_user = $client->verifyCredentials(); + + } catch (OAuthClientException $e) { + $msg = sprintf('OAuth client cURL error - code: %1$s, msg: %2$s', + $e->getCode(), $e->getMessage()); + $this->serverError(_('Couldn\'t link your Twitter account.')); + } + + // Save the access token and Twitter user info + + $this->saveForeignLink($atok, $twitter_user); + + // Clean up the the mess we made in the session + + unset($_SESSION['twitter_request_token']); + unset($_SESSION['twitter_request_token_secret']); + + common_redirect(common_local_url('twittersettings')); + } + + /** + * Saves a Foreign_link between Twitter user and local user, + * which includes the access token and secret. + * + * @param OAuthToken $access_token the access token to save + * @param mixed $twitter_user twitter API user object + * + * @return nothing + */ + function saveForeignLink($access_token, $twitter_user) + { + $user = common_current_user(); + + $flink = new Foreign_link(); + + $flink->user_id = $user->id; + $flink->foreign_id = $twitter_user->id; + $flink->service = TWITTER_SERVICE; + + $creds = TwitterOAuthClient::packToken($access_token); + + $flink->credentials = $creds; + $flink->created = common_sql_now(); + + // Defaults: noticesync on, everything else off + + $flink->set_flags(true, false, false, false); + + $flink_id = $flink->insert(); + + if (empty($flink_id)) { + common_log_db_error($flink, 'INSERT', __FILE__); + $this->serverError(_('Couldn\'t link your Twitter account.')); + } + + save_twitter_user($twitter_user->id, $twitter_user->screen_name); + } + +} + diff --git a/plugins/TwitterBridge/twitteroauthclient.php b/plugins/TwitterBridge/twitteroauthclient.php new file mode 100644 index 000000000..b7dc4a80c --- /dev/null +++ b/plugins/TwitterBridge/twitteroauthclient.php @@ -0,0 +1,220 @@ +. + * + * @category Integration + * @package Laconica + * @author Zach Copley + * @copyright 2008 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Class for talking to the Twitter API with OAuth. + * + * @category Integration + * @package Laconica + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * + */ +class TwitterOAuthClient extends OAuthClient +{ + public static $requestTokenURL = 'https://twitter.com/oauth/request_token'; + public static $authorizeURL = 'https://twitter.com/oauth/authorize'; + public static $accessTokenURL = 'https://twitter.com/oauth/access_token'; + + /** + * Constructor + * + * @param string $oauth_token the user's token + * @param string $oauth_token_secret the user's token secret + * + * @return nothing + */ + function __construct($oauth_token = null, $oauth_token_secret = null) + { + $consumer_key = common_config('twitter', 'consumer_key'); + $consumer_secret = common_config('twitter', 'consumer_secret'); + + parent::__construct($consumer_key, $consumer_secret, + $oauth_token, $oauth_token_secret); + } + + // XXX: the following two functions are to support the horrible hack + // of using the credentils field in Foreign_link to store both + // the access token and token secret. This hack should go away with + // 0.9, in which we can make DB changes and add a new column for the + // token itself. + + static function packToken($token) + { + return implode(chr(0), array($token->key, $token->secret)); + } + + static function unpackToken($str) + { + $vals = explode(chr(0), $str); + return new OAuthToken($vals[0], $vals[1]); + } + + /** + * Builds a link to Twitter's endpoint for authorizing a request token + * + * @param OAuthToken $request_token token to authorize + * + * @return the link + */ + function getAuthorizeLink($request_token) + { + return parent::getAuthorizeLink(self::$authorizeURL, + $request_token, + common_local_url('twitterauthorization')); + } + + /** + * Calls Twitter's /account/verify_credentials API method + * + * @return mixed the Twitter user + */ + function verifyCredentials() + { + $url = 'https://twitter.com/account/verify_credentials.json'; + $response = $this->oAuthGet($url); + $twitter_user = json_decode($response); + return $twitter_user; + } + + /** + * Calls Twitter's /stutuses/update API method + * + * @param string $status text of the status + * @param int $in_reply_to_status_id optional id of the status it's + * a reply to + * + * @return mixed the status + */ + function statusesUpdate($status, $in_reply_to_status_id = null) + { + $url = 'https://twitter.com/statuses/update.json'; + $params = array('status' => $status, + 'in_reply_to_status_id' => $in_reply_to_status_id); + $response = $this->oAuthPost($url, $params); + $status = json_decode($response); + return $status; + } + + /** + * Calls Twitter's /stutuses/friends_timeline API method + * + * @param int $since_id show statuses after this id + * @param int $max_id show statuses before this id + * @param int $cnt number of statuses to show + * @param int $page page number + * + * @return mixed an array of statuses + */ + function statusesFriendsTimeline($since_id = null, $max_id = null, + $cnt = null, $page = null) + { + + $url = 'https://twitter.com/statuses/friends_timeline.json'; + $params = array('since_id' => $since_id, + 'max_id' => $max_id, + 'count' => $cnt, + 'page' => $page); + $qry = http_build_query($params); + + if (!empty($qry)) { + $url .= "?$qry"; + } + + $response = $this->oAuthGet($url); + $statuses = json_decode($response); + return $statuses; + } + + /** + * Calls Twitter's /stutuses/friends API method + * + * @param int $id id of the user whom you wish to see friends of + * @param int $user_id numerical user id + * @param int $screen_name screen name + * @param int $page page number + * + * @return mixed an array of twitter users and their latest status + */ + function statusesFriends($id = null, $user_id = null, $screen_name = null, + $page = null) + { + $url = "https://twitter.com/statuses/friends.json"; + + $params = array('id' => $id, + 'user_id' => $user_id, + 'screen_name' => $screen_name, + 'page' => $page); + $qry = http_build_query($params); + + if (!empty($qry)) { + $url .= "?$qry"; + } + + $response = $this->oAuthGet($url); + $friends = json_decode($response); + return $friends; + } + + /** + * Calls Twitter's /stutuses/friends/ids API method + * + * @param int $id id of the user whom you wish to see friends of + * @param int $user_id numerical user id + * @param int $screen_name screen name + * @param int $page page number + * + * @return mixed a list of ids, 100 per page + */ + function friendsIds($id = null, $user_id = null, $screen_name = null, + $page = null) + { + $url = "https://twitter.com/friends/ids.json"; + + $params = array('id' => $id, + 'user_id' => $user_id, + 'screen_name' => $screen_name, + 'page' => $page); + $qry = http_build_query($params); + + if (!empty($qry)) { + $url .= "?$qry"; + } + + $response = $this->oAuthGet($url); + $ids = json_decode($response); + return $ids; + } + +} diff --git a/plugins/TwitterBridge/twittersettings.php b/plugins/TwitterBridge/twittersettings.php new file mode 100644 index 000000000..a3e02e125 --- /dev/null +++ b/plugins/TwitterBridge/twittersettings.php @@ -0,0 +1,272 @@ +. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/connectsettingsaction.php'; +require_once INSTALLDIR.'/lib/twitter.php'; + +/** + * Settings for Twitter integration + * + * @category Settings + * @package Laconica + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * + * @see SettingsAction + */ + +class TwittersettingsAction extends ConnectSettingsAction +{ + /** + * Title of the page + * + * @return string Title of the page + */ + + function title() + { + return _('Twitter settings'); + } + + /** + * Instructions for use + * + * @return instructions for use + */ + + function getInstructions() + { + return _('Connect your Twitter account to share your updates ' . + 'with your Twitter friends and vice-versa.'); + } + + /** + * Content area of the page + * + * Shows a form for associating a Twitter account with this + * Laconica account. Also lets the user set preferences. + * + * @return void + */ + + function showContent() + { + + $user = common_current_user(); + + $profile = $user->getProfile(); + + $fuser = null; + + $flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE); + + if (!empty($flink)) { + $fuser = $flink->getForeignUser(); + } + + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_twitter', + 'class' => 'form_settings', + 'action' => + common_local_url('twittersettings'))); + + $this->hidden('token', common_session_token()); + + $this->elementStart('fieldset', array('id' => 'settings_twitter_account')); + + if (empty($fuser)) { + $this->elementStart('ul', 'form_data'); + $this->elementStart('li', array('id' => 'settings_twitter_login_button')); + $this->element('a', array('href' => common_local_url('twitterauthorization')), + 'Connect my Twitter account'); + $this->elementEnd('li'); + $this->elementEnd('ul'); + + $this->elementEnd('fieldset'); + } else { + $this->element('legend', null, _('Twitter account')); + $this->elementStart('p', array('id' => 'form_confirmed')); + $this->element('a', array('href' => $fuser->uri), $fuser->nickname); + $this->elementEnd('p'); + $this->element('p', 'form_note', + _('Connected Twitter account')); + + $this->submit('remove', _('Remove')); + + $this->elementEnd('fieldset'); + + $this->elementStart('fieldset', array('id' => 'settings_twitter_preferences')); + + $this->element('legend', null, _('Preferences')); + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->checkbox('noticesend', + _('Automatically send my notices to Twitter.'), + ($flink) ? + ($flink->noticesync & FOREIGN_NOTICE_SEND) : + true); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('replysync', + _('Send local "@" replies to Twitter.'), + ($flink) ? + ($flink->noticesync & FOREIGN_NOTICE_SEND_REPLY) : + true); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('friendsync', + _('Subscribe to my Twitter friends here.'), + ($flink) ? + ($flink->friendsync & FOREIGN_FRIEND_RECV) : + false); + $this->elementEnd('li'); + + if (common_config('twitterbridge','enabled')) { + $this->elementStart('li'); + $this->checkbox('noticerecv', + _('Import my Friends Timeline.'), + ($flink) ? + ($flink->noticesync & FOREIGN_NOTICE_RECV) : + false); + $this->elementEnd('li'); + + // preserve setting even if bidrection bridge toggled off + + if ($flink && ($flink->noticesync & FOREIGN_NOTICE_RECV)) { + $this->hidden('noticerecv', true, 'noticerecv'); + } + } + + $this->elementEnd('ul'); + + if ($flink) { + $this->submit('save', _('Save')); + } else { + $this->submit('add', _('Add')); + } + + $this->elementEnd('fieldset'); + } + + $this->elementEnd('form'); + } + + /** + * Handle posts to this form + * + * Based on the button that was pressed, muxes out to other functions + * to do the actual task requested. + * + * All sub-functions reload the form with a message -- success or failure. + * + * @return void + */ + + function handlePost() + { + // CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + if ($this->arg('save')) { + $this->savePreferences(); + } else if ($this->arg('remove')) { + $this->removeTwitterAccount(); + } else { + $this->showForm(_('Unexpected form submission.')); + } + } + + /** + * Disassociate an existing Twitter account from this account + * + * @return void + */ + + function removeTwitterAccount() + { + $user = common_current_user(); + $flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE); + + $result = $flink->delete(); + + if (empty($result)) { + common_log_db_error($flink, 'DELETE', __FILE__); + $this->serverError(_('Couldn\'t remove Twitter user.')); + return; + } + + $this->showForm(_('Twitter account removed.'), true); + } + + /** + * Save user's Twitter-bridging preferences + * + * @return void + */ + + function savePreferences() + { + $noticesend = $this->boolean('noticesend'); + $noticerecv = $this->boolean('noticerecv'); + $friendsync = $this->boolean('friendsync'); + $replysync = $this->boolean('replysync'); + + $user = common_current_user(); + $flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE); + + if (empty($flink)) { + common_log_db_error($flink, 'SELECT', __FILE__); + $this->showForm(_('Couldn\'t save Twitter preferences.')); + return; + } + + $original = clone($flink); + $flink->set_flags($noticesend, $noticerecv, $replysync, $friendsync); + $result = $flink->update($original); + + if ($result === false) { + common_log_db_error($flink, 'UPDATE', __FILE__); + $this->showForm(_('Couldn\'t save Twitter preferences.')); + return; + } + + $this->showForm(_('Twitter preferences saved.'), true); + } + +} -- cgit v1.2.3-54-g00ecf From e929bdc2ba156c615a1cac9bcff087e7a34132cb Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 1 Sep 2009 19:43:56 -0300 Subject: fix some double-escaped %s leading to broken links right smack on the main page --- actions/public.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'actions') diff --git a/actions/public.php b/actions/public.php index 86b0d6f56..73fad182a 100644 --- a/actions/public.php +++ b/actions/public.php @@ -225,10 +225,10 @@ class PublicAction extends Action function showAnonymousMessage() { if (! (common_config('site','closed') || common_config('site','inviteonly'))) { - $m = _('This is %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . + $m = _('This is %%site.name%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . 'based on the Free Software [StatusNet](http://status.net/) tool. ' . - '[Join now](%%%%action.register%%%%) to share notices about yourself with friends, family, and colleagues! ' . - '([Read more](%%%%doc.help%%%%))'); + '[Join now](%%action.register%%) to share notices about yourself with friends, family, and colleagues! ' . + '([Read more](%%doc.help%%))'); } else { $m = _('This is %%site.name%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . 'based on the Free Software [StatusNet](http://status.net/) tool.'); -- cgit v1.2.3-54-g00ecf From beae3db41375879e725af053edf8041bbd76ac8c Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Thu, 3 Sep 2009 14:58:50 -0400 Subject: Pluginize the URL shorteners --- actions/othersettings.php | 27 ++++++------ lib/Shorturl_api.php | 66 ++--------------------------- lib/plugin.php | 14 +++++++ lib/util.php | 56 ++++--------------------- plugins/LilUrl/LilUrlPlugin.php | 64 ++++++++++++++++++++++++++++ plugins/PtitUrl/PtitUrlPlugin.php | 62 +++++++++++++++++++++++++++ plugins/SimpleUrl/SimpleUrlPlugin.php | 79 +++++++++++++++++++++++++++++++++++ plugins/TightUrl/TightUrlPlugin.php | 62 +++++++++++++++++++++++++++ 8 files changed, 305 insertions(+), 125 deletions(-) create mode 100644 plugins/LilUrl/LilUrlPlugin.php create mode 100644 plugins/PtitUrl/PtitUrlPlugin.php create mode 100644 plugins/SimpleUrl/SimpleUrlPlugin.php create mode 100644 plugins/TightUrl/TightUrlPlugin.php (limited to 'actions') diff --git a/actions/othersettings.php b/actions/othersettings.php index 8b674161a..4ccef8412 100644 --- a/actions/othersettings.php +++ b/actions/othersettings.php @@ -91,19 +91,20 @@ class OthersettingsAction extends AccountSettingsAction $this->elementStart('fieldset'); $this->hidden('token', common_session_token()); - // I18N - - $services = array( - '' => 'None', - 'ur1.ca' => 'ur1.ca (free service)', - '2tu.us' => '2tu.us (free service)', - 'ptiturl.com' => 'ptiturl.com', - 'bit.ly' => 'bit.ly', - 'tinyurl.com' => 'tinyurl.com', - 'is.gd' => 'is.gd', - 'snipr.com' => 'snipr.com', - 'metamark.net' => 'metamark.net' - ); + $services=array(); + global $_shorteners; + if($_shorteners){ + foreach($_shorteners as $name=>$value) + { + $services[$name]=$name; + if($value['info']['freeService']){ + // I18N + $services[$name].=' (free service)'; + } + } + } + asort($services); + $services['']='None'; $this->elementStart('ul', 'form_data'); $this->elementStart('li'); diff --git a/lib/Shorturl_api.php b/lib/Shorturl_api.php index 6402dbc09..18ae7719b 100644 --- a/lib/Shorturl_api.php +++ b/lib/Shorturl_api.php @@ -19,7 +19,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } -class ShortUrlApi +abstract class ShortUrlApi { protected $service_url; protected $long_limit = 27; @@ -35,11 +35,9 @@ class ShortUrlApi return $url; } - protected function shorten_imp($url) { - return "To Override"; - } + protected abstract function shorten_imp($url); - private function is_long($url) { + protected function is_long($url) { return strlen($url) >= common_config('site', 'shorturllength'); } @@ -71,61 +69,3 @@ class ShortUrlApi } } -class LilUrl extends ShortUrlApi -{ - function __construct() - { - parent::__construct('http://ur1.ca/'); - } - - protected function shorten_imp($url) { - $data['longurl'] = $url; - $response = $this->http_post($data); - if (!$response) return $url; - $y = @simplexml_load_string($response); - if (!isset($y->body)) return $url; - $x = $y->body->p[0]->a->attributes(); - if (isset($x['href'])) return $x['href']; - return $url; - } -} - - -class PtitUrl extends ShortUrlApi -{ - function __construct() - { - parent::__construct('http://ptiturl.com/?creer=oui&action=Reduire&url='); - } - - protected function shorten_imp($url) { - $response = $this->http_get($url); - if (!$response) return $url; - $response = $this->tidy($response); - $y = @simplexml_load_string($response); - if (!isset($y->body)) return $url; - $xml = $y->body->center->table->tr->td->pre->a->attributes(); - if (isset($xml['href'])) return $xml['href']; - return $url; - } -} - -class TightUrl extends ShortUrlApi -{ - function __construct() - { - parent::__construct('http://2tu.us/?save=y&url='); - } - - protected function shorten_imp($url) { - $response = $this->http_get($url); - if (!$response) return $url; - $response = $this->tidy($response); - $y = @simplexml_load_string($response); - if (!isset($y->body)) return $url; - $xml = $y->body->p[0]->code[0]->a->attributes(); - if (isset($xml['href'])) return $xml['href']; - return $url; - } -} - diff --git a/lib/plugin.php b/lib/plugin.php index 87d7be5a7..59bf3ba9d 100644 --- a/lib/plugin.php +++ b/lib/plugin.php @@ -76,4 +76,18 @@ class Plugin { return true; } + + /* + * the name of the shortener + * shortenerInfo associative array with additional information. One possible element is 'freeService' which can be true or false + * shortener array, first element is the name of the class, second element is an array to be passed as constructor parameters to the class + */ + function registerUrlShortener($name, $shortenerInfo, $shortener) + { + global $_shorteners; + if(!is_array($_shorteners)){ + $_shorteners=array(); + } + $_shorteners[$name]=array('info'=>$shortenerInfo, 'callInfo'=>$shortener); + } } diff --git a/lib/util.php b/lib/util.php index 9cf462515..0a25907c4 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1373,57 +1373,15 @@ function common_shorten_url($long_url) } else { $svc = $user->urlshorteningservice; } - - $curlh = curl_init(); - curl_setopt($curlh, CURLOPT_CONNECTTIMEOUT, 20); // # seconds to wait - curl_setopt($curlh, CURLOPT_USERAGENT, 'StatusNet'); - curl_setopt($curlh, CURLOPT_RETURNTRANSFER, true); - - switch($svc) { - case 'ur1.ca': - require_once INSTALLDIR.'/lib/Shorturl_api.php'; - $short_url_service = new LilUrl; - $short_url = $short_url_service->shorten($long_url); - break; - - case '2tu.us': - $short_url_service = new TightUrl; - require_once INSTALLDIR.'/lib/Shorturl_api.php'; - $short_url = $short_url_service->shorten($long_url); - break; - - case 'ptiturl.com': - require_once INSTALLDIR.'/lib/Shorturl_api.php'; - $short_url_service = new PtitUrl; - $short_url = $short_url_service->shorten($long_url); - break; - - case 'bit.ly': - curl_setopt($curlh, CURLOPT_URL, 'http://bit.ly/api?method=shorten&long_url='.urlencode($long_url)); - $short_url = current(json_decode(curl_exec($curlh))->results)->hashUrl; - break; - - case 'is.gd': - curl_setopt($curlh, CURLOPT_URL, 'http://is.gd/api.php?longurl='.urlencode($long_url)); - $short_url = curl_exec($curlh); - break; - case 'snipr.com': - curl_setopt($curlh, CURLOPT_URL, 'http://snipr.com/site/snip?r=simple&link='.urlencode($long_url)); - $short_url = curl_exec($curlh); - break; - case 'metamark.net': - curl_setopt($curlh, CURLOPT_URL, 'http://metamark.net/api/rest/simple?long_url='.urlencode($long_url)); - $short_url = curl_exec($curlh); - break; - case 'tinyurl.com': - curl_setopt($curlh, CURLOPT_URL, 'http://tinyurl.com/api-create.php?url='.urlencode($long_url)); - $short_url = curl_exec($curlh); - break; - default: - $short_url = false; + global $_shorteners; + if(! $_shorteners[$svc]){ + //the user selected service doesn't exist, so default to ur1.ca + $svc = 'ur1.ca'; } - curl_close($curlh); + $reflectionObj = new ReflectionClass($_shorteners[$svc]['callInfo'][0]); + $short_url_service = $reflectionObj->newInstanceArgs($_shorteners[$svc]['callInfo'][1]); + $short_url = $short_url_service->shorten($long_url); return $short_url; } diff --git a/plugins/LilUrl/LilUrlPlugin.php b/plugins/LilUrl/LilUrlPlugin.php new file mode 100644 index 000000000..7665b6c1e --- /dev/null +++ b/plugins/LilUrl/LilUrlPlugin.php @@ -0,0 +1,64 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once(INSTALLDIR.'/lib/Shorturl_api.php'); + +class LilUrlPlugin extends Plugin +{ + function __construct() + { + parent::__construct(); + } + + function onInitializePlugin(){ + $this->registerUrlShortener( + 'ur1.ca', + array('freeService'=>true), + array('LilUrl',array('http://ur1.ca/')) + ); + } +} + +class LilUrl extends ShortUrlApi +{ + protected function shorten_imp($url) { + $data['longurl'] = $url; + $response = $this->http_post($data); + if (!$response) return $url; + $y = @simplexml_load_string($response); + if (!isset($y->body)) return $url; + $x = $y->body->p[0]->a->attributes(); + if (isset($x['href'])) return $x['href']; + return $url; + } +} diff --git a/plugins/PtitUrl/PtitUrlPlugin.php b/plugins/PtitUrl/PtitUrlPlugin.php new file mode 100644 index 000000000..f00d3e2f2 --- /dev/null +++ b/plugins/PtitUrl/PtitUrlPlugin.php @@ -0,0 +1,62 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +class PtitUrlPlugin extends Plugin +{ + function __construct() + { + parent::__construct(); + } + + function onInitializePlugin(){ + $this->registerUrlShortener( + 'ptiturl.com', + array(), + array('PtitUrl',array('http://ptiturl.com/?creer=oui&action=Reduire&url=')) + ); + } +} + +class PtitUrl extends ShortUrlApi +{ + protected function shorten_imp($url) { + $response = $this->http_get($url); + if (!$response) return $url; + $response = $this->tidy($response); + $y = @simplexml_load_string($response); + if (!isset($y->body)) return $url; + $xml = $y->body->center->table->tr->td->pre->a->attributes(); + if (isset($xml['href'])) return $xml['href']; + return $url; + } +} diff --git a/plugins/SimpleUrl/SimpleUrlPlugin.php b/plugins/SimpleUrl/SimpleUrlPlugin.php new file mode 100644 index 000000000..82d772048 --- /dev/null +++ b/plugins/SimpleUrl/SimpleUrlPlugin.php @@ -0,0 +1,79 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +class SimpleUrlPlugin extends Plugin +{ + function __construct() + { + parent::__construct(); + } + + function onInitializePlugin(){ + $this->registerUrlShortener( + 'is.gd', + array(), + array('SimpleUrl',array('http://is.gd/api.php?longurl=')) + ); + $this->registerUrlShortener( + 'snipr.com', + array(), + array('SimpleUrl',array('http://snipr.com/site/snip?r=simple&link=')) + ); + $this->registerUrlShortener( + 'metamark.net', + array(), + array('SimpleUrl',array('http://metamark.net/api/rest/simple?long_url=')) + ); + $this->registerUrlShortener( + 'tinyurl.com', + array(), + array('SimpleUrl',array('http://tinyurl.com/api-create.php?url=')) + ); + } +} + +class SimpleUrl extends ShortUrlApi +{ + protected function shorten_imp($url) { + $curlh = curl_init(); + curl_setopt($curlh, CURLOPT_CONNECTTIMEOUT, 20); // # seconds to wait + curl_setopt($curlh, CURLOPT_USERAGENT, 'StatusNet'); + curl_setopt($curlh, CURLOPT_RETURNTRANSFER, true); + + curl_setopt($curlh, CURLOPT_URL, $this->service_url.urlencode($url)); + $short_url = curl_exec($curlh); + + curl_close($curlh); + return $short_url; + } +} diff --git a/plugins/TightUrl/TightUrlPlugin.php b/plugins/TightUrl/TightUrlPlugin.php new file mode 100644 index 000000000..48efb355f --- /dev/null +++ b/plugins/TightUrl/TightUrlPlugin.php @@ -0,0 +1,62 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +class TightUrlPlugin extends Plugin +{ + function __construct() + { + parent::__construct(); + } + + function onInitializePlugin(){ + $this->registerUrlShortener( + '2tu.us', + array('freeService'=>true), + array('TightUrl',array('http://2tu.us/?save=y&url=')) + ); + } +} + +class TightUrl extends ShortUrlApi +{ + protected function shorten_imp($url) { + $response = $this->http_get($url); + if (!$response) return $url; + $response = $this->tidy($response); + $y = @simplexml_load_string($response); + if (!isset($y->body)) return $url; + $xml = $y->body->p[0]->code[0]->a->attributes(); + if (isset($xml['href'])) return $xml['href']; + return $url; + } +} -- cgit v1.2.3-54-g00ecf From 84da24aba41b459ad8b2735328e257275c0f6136 Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Sun, 13 Sep 2009 21:27:34 +1200 Subject: cleaned up code style --- actions/all.php | 82 ++++++++++++++++++++++++++++++++++++++++----------------- 1 file changed, 58 insertions(+), 24 deletions(-) (limited to 'actions') diff --git a/actions/all.php b/actions/all.php index 29a19afb6..e56e10c21 100644 --- a/actions/all.php +++ b/actions/all.php @@ -1,5 +1,5 @@ . + * + * @category Actions + * @package Actions + * @author Evan Prodromou + * @author Evan Prodromou + * @author Mike Cochrane + * @author Robin Millette + * @author Adrian Lang + * @author Meitar Moscovitz + * @author Sarven Capadisli + * @author Craig Andrews + * @author Evan Prodromou + * @author Evan Prodromou + * @author Jeffery To + * @author Zach Copley + * @author csarven + * @license GNU Affero General Public License http://www.gnu.org/licenses/ + * @link http://status.net */ -if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} require_once INSTALLDIR.'/lib/personalgroupnav.php'; require_once INSTALLDIR.'/lib/noticelist.php'; @@ -43,8 +63,8 @@ class AllAction extends ProfileAction $this->notice = $this->user->noticesWithFriends(($this->page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); } - if($this->page > 1 && $this->notice->N == 0){ - $this->serverError(_('No such page'),$code=404); + if ($this->page > 1 && $this->notice->N == 0) { + $this->serverError(_('No such page'), $code = 404); } return true; @@ -73,20 +93,33 @@ class AllAction extends ProfileAction function getFeeds() { - return array(new Feed(Feed::RSS1, - common_local_url('allrss', array('nickname' => - $this->user->nickname)), - sprintf(_('Feed for friends of %s (RSS 1.0)'), $this->user->nickname)), - new Feed(Feed::RSS2, - common_local_url('api', array('apiaction' => 'statuses', - 'method' => 'friends_timeline', - 'argument' => $this->user->nickname.'.rss')), - sprintf(_('Feed for friends of %s (RSS 2.0)'), $this->user->nickname)), - new Feed(Feed::ATOM, - common_local_url('api', array('apiaction' => 'statuses', - 'method' => 'friends_timeline', - 'argument' => $this->user->nickname.'.atom')), - sprintf(_('Feed for friends of %s (Atom)'), $this->user->nickname))); + return array( + new Feed(Feed::RSS1, + common_local_url( + 'allrss', array( + 'nickname' => + $this->user->nickname) + ), + sprintf(_('Feed for friends of %s (RSS 1.0)'), $this->user->nickname)), + new Feed(Feed::RSS2, + common_local_url( + 'api', array( + 'apiaction' => 'statuses', + 'method' => 'friends_timeline', + 'argument' => $this->user->nickname.'.rss' + ) + ), + sprintf(_('Feed for friends of %s (RSS 2.0)'), $this->user->nickname)), + new Feed(Feed::ATOM, + common_local_url( + 'api', array( + 'apiaction' => 'statuses', + 'method' => 'friends_timeline', + 'argument' => $this->user->nickname.'.atom' + ) + ), + sprintf(_('Feed for friends of %s (Atom)'), $this->user->nickname)) + ); } function showLocalNav() @@ -106,8 +139,7 @@ class AllAction extends ProfileAction } else { $message .= sprintf(_('You can try to [nudge %s](../%s) from his profile or [post something to his or her attention](%%%%action.newnotice%%%%?status_textarea=%s).'), $this->user->nickname, $this->user->nickname, '@' . $this->user->nickname); } - } - else { + } else { $message .= sprintf(_('Why not [register an account](%%%%action.register%%%%) and then nudge %s or post a notice to his or her attention.'), $this->user->nickname); } @@ -126,17 +158,19 @@ class AllAction extends ProfileAction $this->showEmptyListMessage(); } - $this->pagination($this->page > 1, $cnt > NOTICES_PER_PAGE, - $this->page, 'all', array('nickname' => $this->user->nickname)); + $this->pagination( + $this->page > 1, $cnt > NOTICES_PER_PAGE, + $this->page, 'all', array('nickname' => $this->user->nickname) + ); } function showPageTitle() { $user =& common_current_user(); if ($user && ($user->id == $this->user->id)) { - $this->element('h1', NULL, _("You and friends")); + $this->element('h1', null, _("You and friends")); } else { - $this->element('h1', NULL, sprintf(_('%s and friends'), $this->user->nickname)); + $this->element('h1', null, sprintf(_('%s and friends'), $this->user->nickname)); } } -- cgit v1.2.3-54-g00ecf From fcff85bb3610a0f2a77bfa72cf26ce8019ec0378 Mon Sep 17 00:00:00 2001 From: Brenda Wallace Date: Sun, 13 Sep 2009 21:55:45 +1200 Subject: code style cleanup --- actions/api.php | 106 ++++++++++++++++++++++++++++++++------------------------ 1 file changed, 61 insertions(+), 45 deletions(-) (limited to 'actions') diff --git a/actions/api.php b/actions/api.php index c236378bc..9b5f54807 100644 --- a/actions/api.php +++ b/actions/api.php @@ -1,5 +1,5 @@ . + * + * @category Actions + * @package Actions + * @author Evan Prodromou + * @author Evan Prodromou + * @author Brenda Wallace + * @author Jeffery To + * @author Robin Millette + * @author Tom Adams + * @author Christopher Vollick + * @author CiaranG + * @author Craig Andrews + * @author Evan Prodromou + * @author Evan Prodromou + * @author Gina Haeussge + * @author Mike Cochrane + * @author Sarven Capadisli + * @license GNU Affero General Public License http://www.gnu.org/licenses/ + * @link http://status.net */ -if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} class ApiAction extends Action { @@ -37,7 +58,7 @@ class ApiAction extends Action $this->api_action = $this->arg('apiaction'); $method = $this->arg('method'); $argument = $this->arg('argument'); - $this->basic_auth_process_header(); + $this->basic_auth_process_header(); if (isset($argument)) { $cmdext = explode('.', $argument); @@ -46,7 +67,7 @@ class ApiAction extends Action $this->content_type = strtolower($cmdext[1]); } else { - # Requested format / content-type will be an extension on the method + //Requested format / content-type will be an extension on the method $cmdext = explode('.', $method); $this->api_method = $cmdext[0]; $this->content_type = strtolower($cmdext[1]); @@ -55,10 +76,10 @@ class ApiAction extends Action if ($this->requires_auth()) { if (!isset($this->auth_user)) { - # This header makes basic auth go + //This header makes basic auth go header('WWW-Authenticate: Basic realm="StatusNet API"'); - # If the user hits cancel -- bam! + //If the user hits cancel -- bam! $this->show_basic_auth_error(); } else { $nickname = $this->auth_user; @@ -69,7 +90,7 @@ class ApiAction extends Action $this->user = $user; $this->process_command(); } else { - # basic authentication failed + //basic authentication failed list($proxy, $ip) = common_client_ip(); common_log(LOG_WARNING, "Failed API auth attempt, nickname = $nickname, proxy = $proxy, ip = $ip."); @@ -84,7 +105,7 @@ class ApiAction extends Action if ($user) { $this->user = $user; } - # Twitter doesn't throw an error if the user isn't found + //Twitter doesn't throw an error if the user isn't found } $this->process_command(); @@ -97,7 +118,7 @@ class ApiAction extends Action $actionfile = INSTALLDIR."/actions/$action.php"; if (file_exists($actionfile)) { - require_once($actionfile); + include_once $actionfile; $action_class = ucfirst($action)."Action"; $action_obj = new $action_class(); @@ -113,10 +134,10 @@ class ApiAction extends Action call_user_func(array($action_obj, $this->api_method), $_REQUEST, $apidata); } else { - $this->clientError("API method not found!", $code=404); + $this->clientError("API method not found!", $code = 404); } } else { - $this->clientError("API method not found!", $code=404); + $this->clientError("API method not found!", $code = 404); } } @@ -184,10 +205,11 @@ class ApiAction extends Action $user_id = $this->arg('user_id'); $screen_name = $this->arg('screen_name'); - if (empty($this->api_arg) && - empty($id) && - empty($user_id) && - empty($screen_name)) { + if (empty($this->api_arg) + && empty($id) + && empty($user_id) + && empty($screen_name) + ) { return true; } else { return false; @@ -208,35 +230,29 @@ class ApiAction extends Action function basic_auth_process_header() { - if(isset($_SERVER['AUTHORIZATION']) || isset($_SERVER['HTTP_AUTHORIZATION'])) - { - $authorization_header = isset($_SERVER['HTTP_AUTHORIZATION'])?$_SERVER['HTTP_AUTHORIZATION']:$_SERVER['AUTHORIZATION']; - } - - if(isset($_SERVER['PHP_AUTH_USER'])) - { - $this->auth_user = $_SERVER['PHP_AUTH_USER']; - $this->auth_pw = $_SERVER['PHP_AUTH_PW']; - } - elseif ( isset($authorization_header) && strstr(substr($authorization_header, 0,5),'Basic') ) - { - // decode the HTTP_AUTHORIZATION header on php-cgi server self - // on fcgid server the header name is AUTHORIZATION - - $auth_hash = base64_decode( substr($authorization_header, 6) ); - list($this->auth_user, $this->auth_pw) = explode(':', $auth_hash); - - // set all to NULL on a empty basic auth request - if($this->auth_user == "") { - $this->auth_user = NULL; - $this->auth_pw = NULL; - } - } - else - { - $this->auth_user = NULL; - $this->auth_pw = NULL; - } + if (isset($_SERVER['AUTHORIZATION']) || isset($_SERVER['HTTP_AUTHORIZATION'])) { + $authorization_header = isset($_SERVER['HTTP_AUTHORIZATION'])? $_SERVER['HTTP_AUTHORIZATION'] : $_SERVER['AUTHORIZATION']; + } + + if (isset($_SERVER['PHP_AUTH_USER'])) { + $this->auth_user = $_SERVER['PHP_AUTH_USER']; + $this->auth_pw = $_SERVER['PHP_AUTH_PW']; + } elseif (isset($authorization_header) && strstr(substr($authorization_header, 0, 5), 'Basic')) { + // decode the HTTP_AUTHORIZATION header on php-cgi server self + // on fcgid server the header name is AUTHORIZATION + + $auth_hash = base64_decode(substr($authorization_header, 6)); + list($this->auth_user, $this->auth_pw) = explode(':', $auth_hash); + + // set all to null on a empty basic auth request + if ($this->auth_user == "") { + $this->auth_user = null; + $this->auth_pw = null; + } + } else { + $this->auth_user = null; + $this->auth_pw = null; + } } function show_basic_auth_error() @@ -252,7 +268,7 @@ class ApiAction extends Action $this->element('request', null, $_SERVER['REQUEST_URI']); $this->elementEnd('hash'); $this->endXML(); - } else if ($this->content_type == 'json') { + } else if ($this->content_type == 'json') { header('Content-Type: application/json; charset=utf-8'); $error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']); print(json_encode($error_array)); -- cgit v1.2.3-54-g00ecf From 4081ed79b02fd06f7c347803478e1f835311c2ab Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 15 Sep 2009 12:59:32 -0700 Subject: Make it impossible to delete self-subscriptions via the API --- actions/twitapifriendships.php | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'actions') diff --git a/actions/twitapifriendships.php b/actions/twitapifriendships.php index f2ea46910..eea8945c3 100644 --- a/actions/twitapifriendships.php +++ b/actions/twitapifriendships.php @@ -99,6 +99,12 @@ class TwitapifriendshipsAction extends TwitterapiAction $other = $this->get_profile($id); $user = $apidata['user']; // Alwyas the auth user + if ($user->id == $other->id) { + $this->clientError(_("You cannot unfollow yourself!"), + 403, $apidata['content-type']); + return; + } + $sub = new Subscription(); $sub->subscriber = $user->id; $sub->subscribed = $other->id; -- cgit v1.2.3-54-g00ecf From 6f531745ca21e7b5460be90890c55b1934a45f15 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 15 Sep 2009 22:28:59 -0400 Subject: change all evans to evan@status.net --- actions/all.php | 6 +++--- actions/api.php | 6 +++--- actions/finishremotesubscribe.php | 2 +- actions/updateprofile.php | 2 +- index.php | 6 +++--- install.php | 2 +- lib/httpclient.php | 6 +++--- 7 files changed, 15 insertions(+), 15 deletions(-) (limited to 'actions') diff --git a/actions/all.php b/actions/all.php index e56e10c21..5ffc7e9bd 100644 --- a/actions/all.php +++ b/actions/all.php @@ -18,15 +18,15 @@ * * @category Actions * @package Actions - * @author Evan Prodromou - * @author Evan Prodromou + * @author Evan Prodromou + * @author Evan Prodromou * @author Mike Cochrane * @author Robin Millette * @author Adrian Lang * @author Meitar Moscovitz * @author Sarven Capadisli * @author Craig Andrews - * @author Evan Prodromou + * @author Evan Prodromou * @author Evan Prodromou * @author Jeffery To * @author Zach Copley diff --git a/actions/api.php b/actions/api.php index 9b5f54807..06fdbfb44 100644 --- a/actions/api.php +++ b/actions/api.php @@ -18,8 +18,8 @@ * * @category Actions * @package Actions - * @author Evan Prodromou - * @author Evan Prodromou + * @author Evan Prodromou + * @author Evan Prodromou * @author Brenda Wallace * @author Jeffery To * @author Robin Millette @@ -27,7 +27,7 @@ * @author Christopher Vollick * @author CiaranG * @author Craig Andrews - * @author Evan Prodromou + * @author Evan Prodromou * @author Evan Prodromou * @author Gina Haeussge * @author Mike Cochrane diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php index 44abbfceb..5f6807d10 100644 --- a/actions/finishremotesubscribe.php +++ b/actions/finishremotesubscribe.php @@ -41,7 +41,7 @@ require_once INSTALLDIR.'/lib/omb.php'; * * @category Action * @package Laconica - * @author Evan Prodromou + * @author Evan Prodromou * @author Robin Millette * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://laconi.ca/ diff --git a/actions/updateprofile.php b/actions/updateprofile.php index 7f7dd75fe..d9cc7f7f3 100644 --- a/actions/updateprofile.php +++ b/actions/updateprofile.php @@ -38,7 +38,7 @@ require_once INSTALLDIR.'/extlib/libomb/service_provider.php'; * * @category Action * @package Laconica - * @author Evan Prodromou + * @author Evan Prodromou * @author Robin Millette * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://laconi.ca/ diff --git a/index.php b/index.php index a1d983dce..4e6c09379 100644 --- a/index.php +++ b/index.php @@ -23,9 +23,9 @@ * @author Christopher Vollick * @author CiaranG * @author Craig Andrews - * @author Evan Prodromou - * @author Evan Prodromou - * @author Evan Prodromou + * @author Evan Prodromou + * @author Evan Prodromou + * @author Evan Prodromou * @author Evan Prodromou * @author Gina Haeussge * @author Jeffery To diff --git a/install.php b/install.php index 54ae0cd5e..24ad3eb24 100644 --- a/install.php +++ b/install.php @@ -26,7 +26,7 @@ * @author CiaranG * @author Craig Andrews * @author Eric Helgeson - * @author Evan Prodromou + * @author Evan Prodromou * @author Evan Prodromou * @author Robin Millette * @author Sarven Capadisli diff --git a/lib/httpclient.php b/lib/httpclient.php index 9b0bb6f3a..005971153 100644 --- a/lib/httpclient.php +++ b/lib/httpclient.php @@ -21,7 +21,7 @@ * * @category Action * @package Laconica - * @author Evan Prodromou + * @author Evan Prodromou * @copyright 2009 Control Yourself, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://laconi.ca/ @@ -40,7 +40,7 @@ if (!defined('STATUSNET')) { * * @category HTTP * @package Laconica - * @author Evan Prodromou + * @author Evan Prodromou * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://laconi.ca/ */ @@ -61,7 +61,7 @@ class HTTPResponse * * @category HTTP * @package Laconica - * @author Evan Prodromou + * @author Evan Prodromou * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://laconi.ca/ */ -- cgit v1.2.3-54-g00ecf From 1618d515e6d96c8c0458295282de89dfae790e00 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 15 Sep 2009 22:30:52 -0400 Subject: dedupe evans --- actions/all.php | 9 +++------ actions/api.php | 15 ++++++--------- index.php | 21 +++++++++------------ install.php | 1 - 4 files changed, 18 insertions(+), 28 deletions(-) (limited to 'actions') diff --git a/actions/all.php b/actions/all.php index 5ffc7e9bd..22da3cd68 100644 --- a/actions/all.php +++ b/actions/all.php @@ -15,19 +15,16 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . - * + * * @category Actions * @package Actions * @author Evan Prodromou - * @author Evan Prodromou * @author Mike Cochrane * @author Robin Millette * @author Adrian Lang * @author Meitar Moscovitz * @author Sarven Capadisli * @author Craig Andrews - * @author Evan Prodromou - * @author Evan Prodromou * @author Jeffery To * @author Zach Copley * @author csarven @@ -35,8 +32,8 @@ * @link http://status.net */ -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); } require_once INSTALLDIR.'/lib/personalgroupnav.php'; diff --git a/actions/api.php b/actions/api.php index 06fdbfb44..243ae4c62 100644 --- a/actions/api.php +++ b/actions/api.php @@ -15,11 +15,10 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . - * + * * @category Actions * @package Actions * @author Evan Prodromou - * @author Evan Prodromou * @author Brenda Wallace * @author Jeffery To * @author Robin Millette @@ -27,8 +26,6 @@ * @author Christopher Vollick * @author CiaranG * @author Craig Andrews - * @author Evan Prodromou - * @author Evan Prodromou * @author Gina Haeussge * @author Mike Cochrane * @author Sarven Capadisli @@ -36,8 +33,8 @@ * @link http://status.net */ -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); } class ApiAction extends Action @@ -205,9 +202,9 @@ class ApiAction extends Action $user_id = $this->arg('user_id'); $screen_name = $this->arg('screen_name'); - if (empty($this->api_arg) - && empty($id) - && empty($user_id) + if (empty($this->api_arg) + && empty($id) + && empty($user_id) && empty($screen_name) ) { return true; diff --git a/index.php b/index.php index 4e6c09379..fb3758590 100644 --- a/index.php +++ b/index.php @@ -15,23 +15,20 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . - * + * * @category StatusNet * @package StatusNet * @license GNU Affero General Public License http://www.gnu.org/licenses/ - * @author Brenda Wallace - * @author Christopher Vollick + * @author Brenda Wallace + * @author Christopher Vollick * @author CiaranG - * @author Craig Andrews - * @author Evan Prodromou - * @author Evan Prodromou - * @author Evan Prodromou + * @author Craig Andrews * @author Evan Prodromou - * @author Gina Haeussge + * @author Gina Haeussge * @author Jeffery To * @author Mike Cochrane * @author Robin Millette - * @author Sarven Capadisli + * @author Sarven Capadisli * @author Tom Adams */ @@ -74,7 +71,7 @@ function handleError($error) common_log(LOG_ERR, $line); } } - if ($error instanceof DB_DataObject_Error + if ($error instanceof DB_DataObject_Error || $error instanceof DB_Error ) { $msg = sprintf( @@ -227,8 +224,8 @@ function main() // If the site is private, and they're not on one of the "public" // parts of the site, redirect to login - if (!$user && common_config('site', 'private') - && !isLoginAction($action) + if (!$user && common_config('site', 'private') + && !isLoginAction($action) && !preg_match('/rss$/', $action) ) { common_redirect(common_local_url('login')); diff --git a/install.php b/install.php index 24ad3eb24..4398757de 100644 --- a/install.php +++ b/install.php @@ -27,7 +27,6 @@ * @author Craig Andrews * @author Eric Helgeson * @author Evan Prodromou - * @author Evan Prodromou * @author Robin Millette * @author Sarven Capadisli * @author Tom Adams -- cgit v1.2.3-54-g00ecf From 83b09164573ede90d87a7038a56f651a5f82b9f1 Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Wed, 16 Sep 2009 11:14:26 +0200 Subject: Updated csarven emails to csarven@status.net and removed dupes --- actions/all.php | 3 +-- actions/api.php | 2 +- index.php | 2 +- install.php | 2 +- theme/readme.txt | 2 +- 5 files changed, 5 insertions(+), 6 deletions(-) (limited to 'actions') diff --git a/actions/all.php b/actions/all.php index 22da3cd68..f1786462e 100644 --- a/actions/all.php +++ b/actions/all.php @@ -23,11 +23,10 @@ * @author Robin Millette * @author Adrian Lang * @author Meitar Moscovitz - * @author Sarven Capadisli + * @author Sarven Capadisli * @author Craig Andrews * @author Jeffery To * @author Zach Copley - * @author csarven * @license GNU Affero General Public License http://www.gnu.org/licenses/ * @link http://status.net */ diff --git a/actions/api.php b/actions/api.php index 243ae4c62..d570bb017 100644 --- a/actions/api.php +++ b/actions/api.php @@ -28,7 +28,7 @@ * @author Craig Andrews * @author Gina Haeussge * @author Mike Cochrane - * @author Sarven Capadisli + * @author Sarven Capadisli * @license GNU Affero General Public License http://www.gnu.org/licenses/ * @link http://status.net */ diff --git a/index.php b/index.php index fb3758590..d5174c2b7 100644 --- a/index.php +++ b/index.php @@ -28,7 +28,7 @@ * @author Jeffery To * @author Mike Cochrane * @author Robin Millette - * @author Sarven Capadisli + * @author Sarven Capadisli * @author Tom Adams */ diff --git a/install.php b/install.php index 4398757de..81241315e 100644 --- a/install.php +++ b/install.php @@ -28,7 +28,7 @@ * @author Eric Helgeson * @author Evan Prodromou * @author Robin Millette - * @author Sarven Capadisli + * @author Sarven Capadisli * @author Tom Adams * @license GNU Affero General Public License http://www.gnu.org/licenses/ */ diff --git a/theme/readme.txt b/theme/readme.txt index 151b1fb71..d030f2db4 100644 --- a/theme/readme.txt +++ b/theme/readme.txt @@ -1,7 +1,7 @@ /** Howto: create a statusnet theme * * @package StatusNet - * @author Sarven Capadisli + * @author Sarven Capadisli * @copyright 2009 Control Yourself, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://laconi.ca/ -- cgit v1.2.3-54-g00ecf From 8548e1185deac0a289e16ea48a64f323c3bec679 Mon Sep 17 00:00:00 2001 From: Adrian Lang Date: Sat, 19 Sep 2009 21:38:52 +0200 Subject: Fix merges. --- actions/finishremotesubscribe.php | 63 --------------------------------------- actions/updateprofile.php | 49 +++++------------------------- 2 files changed, 8 insertions(+), 104 deletions(-) (limited to 'actions') diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php index 5f6807d10..b1cec66f4 100644 --- a/actions/finishremotesubscribe.php +++ b/actions/finishremotesubscribe.php @@ -143,67 +143,4 @@ class FinishremotesubscribeAction extends Action $user->nickname)), 303); } - - function add_avatar($profile, $url) - { - $temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar'); - copy($url, $temp_filename); - $imagefile = new ImageFile($profile->id, $temp_filename); - $filename = Avatar::filename($profile->id, - image_type_to_extension($imagefile->type), - null, - common_timestamp()); - rename($temp_filename, Avatar::path($filename)); - return $profile->setOriginal($filename); - } - - function access_token($omb) - { - - common_debug('starting request for access token', __FILE__); - - $con = omb_oauth_consumer(); - $tok = new OAuthToken($omb['token'], $omb['secret']); - - common_debug('using request token "'.$tok.'"', __FILE__); - - $url = $omb['access_token_url']; - - common_debug('using access token url "'.$url.'"', __FILE__); - - # XXX: Is this the right thing to do? Strip off GET params and make them - # POST params? Seems wrong to me. - - $parsed = parse_url($url); - $params = array(); - parse_str($parsed['query'], $params); - - $req = OAuthRequest::from_consumer_and_token($con, $tok, "POST", $url, $params); - - $req->set_parameter('omb_version', OMB_VERSION_01); - - # XXX: test to see if endpoint accepts this signature method - - $req->sign_request(omb_hmac_sha1(), $con, $tok); - - # We re-use this tool's fetcher, since it's pretty good - - common_debug('posting to access token url "'.$req->get_normalized_http_url().'"', __FILE__); - common_debug('posting request data "'.$req->to_postdata().'"', __FILE__); - - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata(), - array('User-Agent: StatusNet/' . STATUSNET_VERSION)); - - common_debug('got result: "'.print_r($result,true).'"', __FILE__); - - if ($result->status != 200) { - return null; - } - - parse_str($result->body, $return); - - return array($return['oauth_token'], $return['oauth_token_secret']); - } } diff --git a/actions/updateprofile.php b/actions/updateprofile.php index d9cc7f7f3..4ff4f41c0 100644 --- a/actions/updateprofile.php +++ b/actions/updateprofile.php @@ -55,46 +55,13 @@ class UpdateprofileAction extends Action */ function prepare($argarray) { - $version = $req->get_parameter('omb_version'); - if ($version != OMB_VERSION_01) { - $this->clientError(_('Unsupported OMB version'), 400); - return false; - } - # First, check to see if listenee exists - $listenee = $req->get_parameter('omb_listenee'); - $remote = Remote_profile::staticGet('uri', $listenee); - if (!$remote) { - $this->clientError(_('Profile unknown'), 404); - return false; - } - # Second, check to see if they should be able to post updates! - # We see if there are any subscriptions to that remote user with - # the given token. - - $sub = new Subscription(); - $sub->subscribed = $remote->id; - $sub->token = $token->key; - if (!$sub->find(true)) { - $this->clientError(_('You did not send us that profile'), 403); - return false; - } - - $profile = Profile::staticGet('id', $remote->id); - if (!$profile) { - # This one is our fault - $this->serverError(_('Remote profile with no matching profile'), 500); - return false; - } - $nickname = $req->get_parameter('omb_listenee_nickname'); - if ($nickname && !Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => NICKNAME_FMT))) { - $this->clientError(_('Nickname must have only lowercase letters and numbers and no spaces.')); - return false; - } - $license = $req->get_parameter('omb_listenee_license'); - if ($license && !common_valid_http_url($license)) { - $this->clientError(sprintf(_("Invalid license URL '%s'"), $license)); + parent::prepare($argarray); + $license = $_POST['omb_listenee_license']; + $site_license = common_config('license', 'url'); + if (!common_compatible_license($license, $site_license)) { + $this->clientError(sprintf(_('Listenee stream license ‘%s’ is not '. + 'compatible with site license ‘%s’.'), + $license, $site_license); return false; } return true; @@ -113,4 +80,4 @@ class UpdateprofileAction extends Action return; } } -} \ No newline at end of file +} -- cgit v1.2.3-54-g00ecf From e0ff80f1c7c0d7daa9b81652e2d545b17b47fe05 Mon Sep 17 00:00:00 2001 From: Adrian Lang Date: Sat, 19 Sep 2009 21:40:48 +0200 Subject: Add missing parenthesis. --- actions/updateprofile.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/updateprofile.php b/actions/updateprofile.php index 4ff4f41c0..3cec9523c 100644 --- a/actions/updateprofile.php +++ b/actions/updateprofile.php @@ -61,7 +61,7 @@ class UpdateprofileAction extends Action if (!common_compatible_license($license, $site_license)) { $this->clientError(sprintf(_('Listenee stream license ‘%s’ is not '. 'compatible with site license ‘%s’.'), - $license, $site_license); + $license, $site_license)); return false; } return true; -- cgit v1.2.3-54-g00ecf From 8aad3154a7673091291af4b95da2736e98aa75e7 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Sat, 19 Sep 2009 18:34:07 -0700 Subject: Make statuses/home_timeline return the same thing as statuses/friends_timeline to support apps trying to use the new retweet API method. --- actions/twitapistatuses.php | 5 +++++ lib/router.php | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) (limited to 'actions') diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php index ad6654dff..2f10ff966 100644 --- a/actions/twitapistatuses.php +++ b/actions/twitapistatuses.php @@ -136,6 +136,11 @@ class TwitapistatusesAction extends TwitterapiAction } + function home_timeline($args, $apidata) + { + call_user_func(array($this, 'friends_timeline'), $args, $apidata); + } + function user_timeline($args, $apidata) { parent::handle($args); diff --git a/lib/router.php b/lib/router.php index 8f13b8852..2c4d63b0d 100644 --- a/lib/router.php +++ b/lib/router.php @@ -265,12 +265,12 @@ class Router $m->connect('api/statuses/:method', array('action' => 'api', 'apiaction' => 'statuses'), - array('method' => '(public_timeline|friends_timeline|user_timeline|update|replies|mentions|show|friends|followers|featured)(\.(atom|rss|xml|json))?')); + array('method' => '(public_timeline|home_timeline|friends_timeline|user_timeline|update|replies|mentions|show|friends|followers|featured)(\.(atom|rss|xml|json))?')); $m->connect('api/statuses/:method/:argument', array('action' => 'api', 'apiaction' => 'statuses'), - array('method' => '(|user_timeline|friends_timeline|replies|mentions|show|destroy|friends|followers)')); + array('method' => '(user_timeline|home_timeline|friends_timeline|replies|mentions|show|destroy|friends|followers)')); // users @@ -429,7 +429,7 @@ class Router $m->connect('api/statuses/:method/:argument', array('action' => 'api', 'apiaction' => 'statuses'), - array('method' => '(|user_timeline|friends_timeline|replies|mentions|show|destroy|friends|followers)')); + array('method' => '(user_timeline|home_timeline|friends_timeline|replies|mentions|show|destroy|friends|followers)')); $m->connect('api/statusnet/groups/:method/:argument', array('action' => 'api', -- cgit v1.2.3-54-g00ecf From 49b701f9ec6d7795147f94c43eaf744a96efb199 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 23 Sep 2009 13:45:51 -0700 Subject: Started refactoring API into individual actions --- actions/apifriendstimeline.php | 161 +++++++++++++++++++++++++++++++++++++++++ lib/router.php | 16 +++- lib/twitterapi.php | 127 ++++++++++++++++++++++++++++++-- 3 files changed, 297 insertions(+), 7 deletions(-) create mode 100644 actions/apifriendstimeline.php (limited to 'actions') diff --git a/actions/apifriendstimeline.php b/actions/apifriendstimeline.php new file mode 100644 index 000000000..ea38ec022 --- /dev/null +++ b/actions/apifriendstimeline.php @@ -0,0 +1,161 @@ +. + * + * @category Personal + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/twitterapi.php'; + +class ApifriendstimelineAction extends TwitterapiAction +{ + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + return true; + + } + + function handle($args) { + + parent::handle($args); + common_debug(var_export($args, true)); + + if ($this->requiresAuth()) { + if ($this->showBasicAuthHeader()) { + $this->showTimeline(); + } + } else { + $this->showTimeline(); + } + } + + function showTimeline() + { + common_debug('Auth user = ' . var_export($this->auth_user, true)); + + $user = $this->getTargetUser($this->arg('id')); + + if (empty($user)) { + $this->clientError(_('No such user!'), 404, $this->arg('format')); + return; + } + + $profile = $user->getProfile(); + $sitename = common_config('site', 'name'); + $title = sprintf(_("%s and friends"), $user->nickname); + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:FriendsTimeline:" . $user->id; + $link = common_local_url('all', + array('nickname' => $user->nickname)); + $subtitle = sprintf(_('Updates from %1$s and friends on %2$s!'), + $user->nickname, $sitename); + + $page = (int)$this->arg('page', 1); + $count = (int)$this->arg('count', 20); + $max_id = (int)$this->arg('max_id', 0); + $since_id = (int)$this->arg('since_id', 0); + $since = $this->arg('since'); + + if (!empty($this->auth_user) && $this->auth_user->id == $user->id) { + $notice = $user->noticeInbox(($page-1)*$count, + $count, $since_id, $max_id, $since); + } else { + $notice = $user->noticesWithFriends(($page-1)*$count, + $count, $since_id, $max_id, $since); + } + + switch($this->arg('format')) { + case 'xml': + $this->show_xml_timeline($notice); + break; + case 'rss': + $this->show_rss_timeline($notice, $title, $link, $subtitle); + break; + case 'atom': + + $target_id = $this->arg('id'); + + if (isset($target_id)) { + $selfuri = common_root_url() . + 'api/statuses/friends_timeline/' . + $target_id . '.atom'; + } else { + $selfuri = common_root_url() . + 'api/statuses/friends_timeline.atom'; + } + $this->show_atom_timeline($notice, $title, $id, $link, + $subtitle, null, $selfuri); + break; + case 'json': + $this->show_json_timeline($notice); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + } + + } + + function requiresAuth() + { + return true; + } + + /** + * Is this page read-only? + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this page last modified? + * + */ + + function lastModified() + { + + } + +} \ No newline at end of file diff --git a/lib/router.php b/lib/router.php index 2c4d63b0d..0e5fe3a54 100644 --- a/lib/router.php +++ b/lib/router.php @@ -262,15 +262,27 @@ class Router // statuses API + $m->connect('api/statuses/friends_timeline.:format', + array('action' => 'apifriendstimeline', + 'format' => '(xml|json|rss|atom)')); + + $m->connect('api/statuses/friends_timeline/:id.:format', + array('action' => 'apifriendstimeline', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xml|json|rss|atom)')); + + $m->connect('api/statuses/home_timeline', + array('action' => 'apifriendstimeline')); + $m->connect('api/statuses/:method', array('action' => 'api', 'apiaction' => 'statuses'), - array('method' => '(public_timeline|home_timeline|friends_timeline|user_timeline|update|replies|mentions|show|friends|followers|featured)(\.(atom|rss|xml|json))?')); + array('method' => '(public_timeline|user_timeline|update|replies|mentions|show|friends|followers|featured)(\.(atom|rss|xml|json))?')); $m->connect('api/statuses/:method/:argument', array('action' => 'api', 'apiaction' => 'statuses'), - array('method' => '(user_timeline|home_timeline|friends_timeline|replies|mentions|show|destroy|friends|followers)')); + array('method' => '(user_timeline|replies|mentions|show|destroy|friends|followers)')); // users diff --git a/lib/twitterapi.php b/lib/twitterapi.php index d199e4dee..ac5c5b423 100644 --- a/lib/twitterapi.php +++ b/lib/twitterapi.php @@ -502,7 +502,7 @@ class TwitterapiAction extends Action $enclosure = $entry['enclosures'][0]; $this->element('enclosure', array('url'=>$enclosure['url'],'type'=>$enclosure['mimetype'],'length'=>$enclosure['size']), null); } - + if(array_key_exists('tags', $entry)){ foreach($entry['tags'] as $tag){ $this->element('category', null,$tag); @@ -934,7 +934,7 @@ class TwitterapiAction extends Action return; } - function clientError($msg, $code = 400, $content_type = 'json') + function clientError($msg, $code = 400, $format = 'xml') { static $status = array(400 => 'Bad Request', @@ -967,20 +967,23 @@ class TwitterapiAction extends Action $status_string = $status[$code]; header('HTTP/1.1 '.$code.' '.$status_string); - if ($content_type == 'xml') { + if ($format == 'xml') { $this->init_document('xml'); $this->elementStart('hash'); $this->element('error', null, $msg); $this->element('request', null, $_SERVER['REQUEST_URI']); $this->elementEnd('hash'); $this->end_document('xml'); - } else { + } elseif ($format == 'json'){ $this->init_document('json'); $error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']); print(json_encode($error_array)); $this->end_document('json'); - } + } else { + // If user didn't request a useful format, throw a regular client error + throw new ClientException($msg, $code); + } } function init_twitter_rss() @@ -1063,6 +1066,39 @@ class TwitterapiAction extends Action } } + function getTargetUser($id) + { + if (empty($id)) { + + // Twitter supports these other ways of passing the user ID + if (is_numeric($this->arg('id'))) { + return User::staticGet($this->arg('id')); + } else if ($this->arg('id')) { + $nickname = common_canonical_nickname($this->arg('id')); + return User::staticGet('nickname', $nickname); + } else if ($this->arg('user_id')) { + // This is to ensure that a non-numeric user_id still + // overrides screen_name even if it doesn't get used + if (is_numeric($this->arg('user_id'))) { + return User::staticGet('id', $this->arg('user_id')); + } + } else if ($this->arg('screen_name')) { + $nickname = common_canonical_nickname($this->arg('screen_name')); + return User::staticGet('nickname', $nickname); + } else { + // Fall back to trying the currently authenticated user + return $this->auth_user; + } + + } else if (is_numeric($id)) { + return User::staticGet($id); + } else { + $nickname = common_canonical_nickname($id); + return User::staticGet('nickname', $nickname); + } + } + + function get_group($id, $apidata=null) { if (empty($id)) { @@ -1170,4 +1206,85 @@ class TwitterapiAction extends Action } } + function showBasicAuthHeader() + { + $this->basicAuthProcessHeader(); + + if (!isset($this->auth_user)) { + header('WWW-Authenticate: Basic realm="StatusNet API"'); + + // show error if the user clicks 'cancel' + + $this->showBasicAuthError(); + return false; + + } else { + $nickname = $this->auth_user; + $password = $this->auth_pw; + $this->auth_user = common_check_user($nickname, $password); + + if (empty($this->auth_user)) { + + // basic authentication failed + + list($proxy, $ip) = common_client_ip(); + common_log(LOG_WARNING, + "Failed API auth attempt, nickname = $nickname, proxy = $proxy, ip = $ip."); + $this->showBasicAuthError(); + return false; + } + } + return true; + } + + function basicAuthProcessHeader() + { + if (isset($_SERVER['AUTHORIZATION']) || isset($_SERVER['HTTP_AUTHORIZATION'])) { + $authorization_header = isset($_SERVER['HTTP_AUTHORIZATION'])? $_SERVER['HTTP_AUTHORIZATION'] : $_SERVER['AUTHORIZATION']; + } + + if (isset($_SERVER['PHP_AUTH_USER'])) { + $this->auth_user = $_SERVER['PHP_AUTH_USER']; + $this->auth_pw = $_SERVER['PHP_AUTH_PW']; + } elseif (isset($authorization_header) && strstr(substr($authorization_header, 0, 5), 'Basic')) { + // decode the HTTP_AUTHORIZATION header on php-cgi server self + // on fcgid server the header name is AUTHORIZATION + + $auth_hash = base64_decode(substr($authorization_header, 6)); + list($this->auth_user, $this->auth_pw) = explode(':', $auth_hash); + + // set all to null on a empty basic auth request + if ($this->auth_user == "") { + $this->auth_user = null; + $this->auth_pw = null; + } + } else { + $this->auth_user = null; + $this->auth_pw = null; + } + } + + function showBasicAuthError() + { + header('HTTP/1.1 401 Unauthorized'); + $msg = 'Could not authenticate you.'; + + if ($this->arg('format') == 'xml') { + header('Content-Type: application/xml; charset=utf-8'); + $this->startXML(); + $this->elementStart('hash'); + $this->element('error', null, $msg); + $this->element('request', null, $_SERVER['REQUEST_URI']); + $this->elementEnd('hash'); + $this->endXML(); + } elseif ($this->arg('format') == 'json') { + header('Content-Type: application/json; charset=utf-8'); + $error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']); + print(json_encode($error_array)); + } else { + header('Content-type: text/plain'); + print "$msg\n"; + } + } + } -- cgit v1.2.3-54-g00ecf From 3d30ad83f881a69d76b57a9af051fef308644987 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Thu, 24 Sep 2009 16:52:32 -0400 Subject: Implemented join and leave groups api methods --- actions/twitapigroups.php | 124 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 124 insertions(+) (limited to 'actions') diff --git a/actions/twitapigroups.php b/actions/twitapigroups.php index 4deb1b764..493144e77 100644 --- a/actions/twitapigroups.php +++ b/actions/twitapigroups.php @@ -293,6 +293,105 @@ require_once INSTALLDIR.'/lib/twitterapi.php'; } } + function join($args, $apidata) + { + parent::handle($args); + + common_debug("in groups api action"); + + $this->auth_user = $apidata['user']; + $group = $this->get_group($apidata['api_arg'], $apidata); + + if (empty($group)) { + $this->clientError('Not Found', 404, $apidata['content-type']); + return false; + } + + if($this->auth_user->isMember($group)){ + $this->clientError(_('You are already a member of that group'), $code = 403); + return false; + } + + if (Group_block::isBlocked($group, $this->auth_user->getProfile())) { + $this->clientError(_('You have been blocked from that group by the admin.'), 403); + return false; + } + + $member = new Group_member(); + + $member->group_id = $group->id; + $member->profile_id = $this->auth_user->id; + $member->created = common_sql_now(); + + $result = $member->insert(); + + if (!$result) { + common_log_db_error($member, 'INSERT', __FILE__); + $this->serverError(sprintf(_('Could not join user %s to group %s'), + $this->auth_user->nickname, $group->nickname)); + } + + switch($apidata['content-type']) { + case 'xml': + $this->show_single_xml_group($group); + break; + case 'json': + $this->show_single_json_group($group); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + } + } + + function leave($args, $apidata) + { + parent::handle($args); + + common_debug("in groups api action"); + + $this->auth_user = $apidata['user']; + $group = $this->get_group($apidata['api_arg'], $apidata); + + if (empty($group)) { + $this->clientError('Not Found', 404, $apidata['content-type']); + return false; + } + + if(! $this->auth_user->isMember($group)){ + $this->clientError(_('You are not a member of that group'), $code = 403); + return false; + } + + $member = new Group_member(); + + $member->group_id = $group->id; + $member->profile_id = $this->auth_user->id; + + if (!$member->find(true)) { + $this->serverError(_('Could not find membership record.')); + return; + } + + $result = $member->delete(); + + if (!$result) { + common_log_db_error($member, 'INSERT', __FILE__); + $this->serverError(sprintf(_('Could not remove user %s to group %s'), + $this->auth_user->nickname, $group->nickname)); + } + + switch($apidata['content-type']) { + case 'xml': + $this->show_single_xml_group($group); + break; + case 'json': + $this->show_single_json_group($group); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + } + } + function is_member($args, $apidata) { parent::handle($args); @@ -326,4 +425,29 @@ require_once INSTALLDIR.'/lib/twitterapi.php'; $this->clientError(_('API method not found!'), $code = 404); } } + + function create($args, $apidata) + { + die("todo"); + } + + function update($args, $apidata) + { + die("todo"); + } + + function update_group_logo($args, $apidata) + { + die("todo"); + } + + function destroy($args, $apidata) + { + die("todo"); + } + + function tag($args, $apidata) + { + die("todo"); + } } -- cgit v1.2.3-54-g00ecf From e566219299b339fb649eb8a21bd37e8c93844375 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 24 Sep 2009 15:10:55 -0700 Subject: Output If-Modified-Since header for all RSS 1.0 feeds (again) --- actions/allrss.php | 1 + actions/favoritesrss.php | 11 ++++++----- actions/grouprss.php | 1 + actions/publicrss.php | 18 ++++++++++++++++-- actions/repliesrss.php | 1 + actions/userrss.php | 7 ++++--- lib/rssaction.php | 36 ++++++++++++++++++------------------ 7 files changed, 47 insertions(+), 28 deletions(-) (limited to 'actions') diff --git a/actions/allrss.php b/actions/allrss.php index 57efb73f0..28b1be27d 100644 --- a/actions/allrss.php +++ b/actions/allrss.php @@ -68,6 +68,7 @@ class AllrssAction extends Rss10Action $this->clientError(_('No such user.')); return false; } else { + $this->notices = $this->getNotices($this->limit); return true; } } diff --git a/actions/favoritesrss.php b/actions/favoritesrss.php index 2d5ce9854..62f06e841 100644 --- a/actions/favoritesrss.php +++ b/actions/favoritesrss.php @@ -50,11 +50,11 @@ require_once INSTALLDIR.'/lib/rssaction.php'; */ class FavoritesrssAction extends Rss10Action { - + /** The user whose favorites to display */ - + var $user = null; - + /** * Find the user to display by supplied nickname * @@ -66,7 +66,7 @@ class FavoritesrssAction extends Rss10Action function prepare($args) { parent::prepare($args); - + $nickname = $this->trimmed('nickname'); $this->user = User::staticGet('nickname', $nickname); @@ -74,10 +74,11 @@ class FavoritesrssAction extends Rss10Action $this->clientError(_('No such user.')); return false; } else { + $this->notices = $this->getNotices($this->limit); return true; } } - + /** * Get notices * diff --git a/actions/grouprss.php b/actions/grouprss.php index 70c1ded48..6a6b55e78 100644 --- a/actions/grouprss.php +++ b/actions/grouprss.php @@ -104,6 +104,7 @@ class groupRssAction extends Rss10Action return false; } + $this->notices = $this->getNotices($this->limit); return true; } diff --git a/actions/publicrss.php b/actions/publicrss.php index 593888b9f..0c5d061cb 100644 --- a/actions/publicrss.php +++ b/actions/publicrss.php @@ -49,9 +49,23 @@ require_once INSTALLDIR.'/lib/rssaction.php'; */ class PublicrssAction extends Rss10Action { + /** + * Read arguments and initialize members + * + * @param array $args Arguments from $_REQUEST + * @return boolean success + */ + + function prepare($args) + { + parent::prepare($args); + $this->notices = $this->getNotices($this->limit); + return true; + } + /** * Initialization. - * + * * @return boolean true */ function init() @@ -73,7 +87,7 @@ class PublicrssAction extends Rss10Action while ($notice->fetch()) { $notices[] = clone($notice); } - + return $notices; } diff --git a/actions/repliesrss.php b/actions/repliesrss.php index c71c9226f..76aae21ad 100644 --- a/actions/repliesrss.php +++ b/actions/repliesrss.php @@ -38,6 +38,7 @@ class RepliesrssAction extends Rss10Action $this->clientError(_('No such user.')); return false; } else { + $this->notices = $this->getNotices($this->limit); return true; } } diff --git a/actions/userrss.php b/actions/userrss.php index fa6d588cd..e6f697092 100644 --- a/actions/userrss.php +++ b/actions/userrss.php @@ -25,7 +25,6 @@ require_once(INSTALLDIR.'/lib/rssaction.php'); class UserrssAction extends Rss10Action { - var $user = null; var $tag = null; function prepare($args) @@ -39,6 +38,7 @@ class UserrssAction extends Rss10Action $this->clientError(_('No such user.')); return false; } else { + $this->notices = $this->getNotices($this->limit); return true; } } @@ -64,10 +64,10 @@ class UserrssAction extends Rss10Action function getNotices($limit=0) { - $user = $this->user; - + if (is_null($user)) { + common_debug('null user'); return null; } @@ -75,6 +75,7 @@ class UserrssAction extends Rss10Action $notices = array(); while ($notice->fetch()) { + common_debug("notice"); $notices[] = clone($notice); } diff --git a/lib/rssaction.php b/lib/rssaction.php index dd0f1005a..faf6bec7d 100644 --- a/lib/rssaction.php +++ b/lib/rssaction.php @@ -78,25 +78,12 @@ class Rss10Action extends Action function prepare($args) { parent::prepare($args); + $this->limit = (int) $this->trimmed('limit'); + if ($this->limit == 0) { $this->limit = DEFAULT_RSS_LIMIT; } - return true; - } - - /** - * Handle a request - * - * @param array $args Arguments from $_REQUEST - * - * @return void - */ - - function handle($args) - { - // Parent handling, including cache check - parent::handle($args); if (common_config('site', 'private')) { if (!isset($_SERVER['PHP_AUTH_USER'])) { @@ -122,8 +109,21 @@ class Rss10Action extends Action } } - // Get the list of notices - $this->notices = $this->getNotices($this->limit); + return true; + } + + /** + * Handle a request + * + * @param array $args Arguments from $_REQUEST + * + * @return void + */ + + function handle($args) + { + // Parent handling, including cache check + parent::handle($args); $this->showRss(); } @@ -140,7 +140,7 @@ class Rss10Action extends Action } /** - * Get the notices to output in this stream + * Get the notices to output in this stream. * * @return array an array of Notice objects sorted in reverse chron */ -- cgit v1.2.3-54-g00ecf From b617c608ea0d66451eb2dcd75e1e1c58c179d8e6 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 24 Sep 2009 15:28:25 -0700 Subject: Left a couple debugging statements in (removed) --- actions/userrss.php | 2 -- 1 file changed, 2 deletions(-) (limited to 'actions') diff --git a/actions/userrss.php b/actions/userrss.php index e6f697092..19e610551 100644 --- a/actions/userrss.php +++ b/actions/userrss.php @@ -67,7 +67,6 @@ class UserrssAction extends Rss10Action $user = $this->user; if (is_null($user)) { - common_debug('null user'); return null; } @@ -75,7 +74,6 @@ class UserrssAction extends Rss10Action $notices = array(); while ($notice->fetch()) { - common_debug("notice"); $notices[] = clone($notice); } -- cgit v1.2.3-54-g00ecf From ed9ba9d945e4f50812022a7489fc8135f4e49846 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 24 Sep 2009 18:13:46 -0700 Subject: Reorganize, make bare auth work, output If-Modified-Since header --- actions/apifriendstimeline.php | 142 ++++++++++++++++++++++++++--------------- lib/twitterapi.php | 3 +- 2 files changed, 91 insertions(+), 54 deletions(-) (limited to 'actions') diff --git a/actions/apifriendstimeline.php b/actions/apifriendstimeline.php index ea38ec022..8c8d93416 100644 --- a/actions/apifriendstimeline.php +++ b/actions/apifriendstimeline.php @@ -36,6 +36,9 @@ require_once INSTALLDIR.'/lib/twitterapi.php'; class ApifriendstimelineAction extends TwitterapiAction { + var $user = null; + var $notices = null; + /** * Take arguments for running * @@ -48,93 +51,120 @@ class ApifriendstimelineAction extends TwitterapiAction function prepare($args) { parent::prepare($args); - return true; - } + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); - function handle($args) { + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } - parent::handle($args); - common_debug(var_export($args, true)); + $this->user = $this->getTargetUser($this->arg('id')); - if ($this->requiresAuth()) { - if ($this->showBasicAuthHeader()) { - $this->showTimeline(); - } - } else { - $this->showTimeline(); + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->arg('format')); + return; } - } - function showTimeline() - { - common_debug('Auth user = ' . var_export($this->auth_user, true)); + $this->notices = $this->getNotices(); - $user = $this->getTargetUser($this->arg('id')); + return true; + } - if (empty($user)) { - $this->clientError(_('No such user!'), 404, $this->arg('format')); - return; - } + function handle($args) { + parent::handle($args); + $this->showTimeline(); + } - $profile = $user->getProfile(); + function showTimeline() + { + $profile = $this->user->getProfile(); $sitename = common_config('site', 'name'); $title = sprintf(_("%s and friends"), $user->nickname); $taguribase = common_config('integration', 'taguri'); $id = "tag:$taguribase:FriendsTimeline:" . $user->id; $link = common_local_url('all', - array('nickname' => $user->nickname)); + array('nickname' => $user->nickname)); $subtitle = sprintf(_('Updates from %1$s and friends on %2$s!'), - $user->nickname, $sitename); - - $page = (int)$this->arg('page', 1); - $count = (int)$this->arg('count', 20); - $max_id = (int)$this->arg('max_id', 0); - $since_id = (int)$this->arg('since_id', 0); - $since = $this->arg('since'); - - if (!empty($this->auth_user) && $this->auth_user->id == $user->id) { - $notice = $user->noticeInbox(($page-1)*$count, - $count, $since_id, $max_id, $since); - } else { - $notice = $user->noticesWithFriends(($page-1)*$count, - $count, $since_id, $max_id, $since); - } + $user->nickname, $sitename); switch($this->arg('format')) { - case 'xml': - $this->show_xml_timeline($notice); + case 'xml': + $this->show_xml_timeline($this->notices); break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); + case 'rss': + $this->show_rss_timeline($this->notices, $title, $link, $subtitle); break; - case 'atom': + case 'atom': $target_id = $this->arg('id'); if (isset($target_id)) { $selfuri = common_root_url() . - 'api/statuses/friends_timeline/' . - $target_id . '.atom'; + 'api/statuses/friends_timeline/' . + $target_id . '.atom'; } else { $selfuri = common_root_url() . - 'api/statuses/friends_timeline.atom'; + 'api/statuses/friends_timeline.atom'; } - $this->show_atom_timeline($notice, $title, $id, $link, - $subtitle, null, $selfuri); + $this->show_atom_timeline($this->notices, $title, $id, $link, + $subtitle, null, $selfuri); break; - case 'json': - $this->show_json_timeline($notice); + case 'json': + $this->show_json_timeline($this->notices); break; - default: + default: $this->clientError(_('API method not found!'), $code = 404); + break; + } + } + + function getNotices() + { + $notices = array(); + + if (!empty($this->auth_user) && $this->auth_user->id == $this->user->id) { + $notice = $this->user->noticeInbox(($this->page-1) * $this->count, + $this->count, $this->since_id, + $this->max_id, $this->since); + } else { + $notice = $this->user->noticesWithFriends(($this->page-1) * $this->count, + $this->count, $this->since_id, + $this->max_id, $this->since); + } + + while ($notice->fetch()) { + $notices[] = clone($notice); } + return $notices; } function requiresAuth() { - return true; + // If the site is "private", all API methods except statusnet/config + // need authentication + + if (common_config('site', 'private')) { + return true; + } + + // bare auth: only needs auth if without an argument or query param specifying user id + + $id = $this->arg('id'); + $user_id = $this->arg('user_id'); + $screen_name = $this->arg('screen_name'); + + if (empty($id) && empty($user_id) && empty($screen_name)) { + return true; + } + + return false; } /** @@ -149,13 +179,21 @@ class ApifriendstimelineAction extends TwitterapiAction } /** - * When was this page last modified? + * When was this feed last modified? * */ function lastModified() { + if (empty($this->notices)) { + return null; + } + + if (count($this->notices) == 0) { + return null; + } + return strtotime($this->notices[0]->created); } } \ No newline at end of file diff --git a/lib/twitterapi.php b/lib/twitterapi.php index ac5c5b423..959b0981a 100644 --- a/lib/twitterapi.php +++ b/lib/twitterapi.php @@ -1098,7 +1098,6 @@ class TwitterapiAction extends Action } } - function get_group($id, $apidata=null) { if (empty($id)) { @@ -1206,7 +1205,7 @@ class TwitterapiAction extends Action } } - function showBasicAuthHeader() + function checkBasicAuthUser() { $this->basicAuthProcessHeader(); -- cgit v1.2.3-54-g00ecf From de5ff19713a990af197330dd8e4314de465ffe76 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Fri, 25 Sep 2009 16:58:35 -0700 Subject: Moved basic auth stuff into its own classes --- actions/apifriendstimeline.php | 118 +++++++++++++++---------------------- lib/apiauth.php | 131 +++++++++++++++++++++++++++++++++++++++++ lib/apibareauth.php | 68 +++++++++++++++++++++ lib/router.php | 4 +- lib/twitterapi.php | 81 ------------------------- 5 files changed, 249 insertions(+), 153 deletions(-) create mode 100644 lib/apiauth.php create mode 100644 lib/apibareauth.php (limited to 'actions') diff --git a/actions/apifriendstimeline.php b/actions/apifriendstimeline.php index 8c8d93416..2eb00e23a 100644 --- a/actions/apifriendstimeline.php +++ b/actions/apifriendstimeline.php @@ -31,9 +31,9 @@ if (!defined('STATUSNET')) { exit(1); } -require_once INSTALLDIR.'/lib/twitterapi.php'; +require_once INSTALLDIR.'/lib/apibareauth.php'; -class ApifriendstimelineAction extends TwitterapiAction +class ApiFriendsTimelineAction extends ApiBareAuthAction { var $user = null; @@ -52,33 +52,33 @@ class ApifriendstimelineAction extends TwitterapiAction { parent::prepare($args); - $this->page = (int)$this->arg('page', 1); + $this->page = (int)$this->arg('page', 1); $this->count = (int)$this->arg('count', 20); $this->max_id = (int)$this->arg('max_id', 0); $this->since_id = (int)$this->arg('since_id', 0); $this->since = $this->arg('since'); - if ($this->requiresAuth()) { + if ($this->requiresAuth()) { if ($this->checkBasicAuthUser() == false) { - return; - } - } + return; + } + } - $this->user = $this->getTargetUser($this->arg('id')); + $this->user = $this->getTargetUser($this->arg('id')); - if (empty($this->user)) { + if (empty($this->user)) { $this->clientError(_('No such user!'), 404, $this->arg('format')); return; } - $this->notices = $this->getNotices(); + $this->notices = $this->getNotices(); return true; } function handle($args) { - parent::handle($args); - $this->showTimeline(); + parent::handle($args); + $this->showTimeline(); } function showTimeline() @@ -89,82 +89,60 @@ class ApifriendstimelineAction extends TwitterapiAction $taguribase = common_config('integration', 'taguri'); $id = "tag:$taguribase:FriendsTimeline:" . $user->id; $link = common_local_url('all', - array('nickname' => $user->nickname)); + array('nickname' => $user->nickname)); $subtitle = sprintf(_('Updates from %1$s and friends on %2$s!'), - $user->nickname, $sitename); + $user->nickname, $sitename); switch($this->arg('format')) { - case 'xml': - $this->show_xml_timeline($this->notices); - break; - case 'rss': - $this->show_rss_timeline($this->notices, $title, $link, $subtitle); - break; - case 'atom': - - $target_id = $this->arg('id'); - - if (isset($target_id)) { - $selfuri = common_root_url() . - 'api/statuses/friends_timeline/' . - $target_id . '.atom'; - } else { - $selfuri = common_root_url() . - 'api/statuses/friends_timeline.atom'; - } - $this->show_atom_timeline($this->notices, $title, $id, $link, - $subtitle, null, $selfuri); - break; - case 'json': - $this->show_json_timeline($this->notices); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - break; + case 'xml': + $this->show_xml_timeline($this->notices); + break; + case 'rss': + $this->show_rss_timeline($this->notices, $title, $link, $subtitle); + break; + case 'atom': + + $target_id = $this->arg('id'); + + if (isset($target_id)) { + $selfuri = common_root_url() . + 'api/statuses/friends_timeline/' . + $target_id . '.atom'; + } else { + $selfuri = common_root_url() . + 'api/statuses/friends_timeline.atom'; + } + $this->show_atom_timeline($this->notices, $title, $id, $link, + $subtitle, null, $selfuri); + break; + case 'json': + $this->show_json_timeline($this->notices); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; } } function getNotices() { - $notices = array(); + $notices = array(); if (!empty($this->auth_user) && $this->auth_user->id == $this->user->id) { $notice = $this->user->noticeInbox(($this->page-1) * $this->count, - $this->count, $this->since_id, - $this->max_id, $this->since); + $this->count, $this->since_id, + $this->max_id, $this->since); } else { $notice = $this->user->noticesWithFriends(($this->page-1) * $this->count, - $this->count, $this->since_id, - $this->max_id, $this->since); + $this->count, $this->since_id, + $this->max_id, $this->since); } - while ($notice->fetch()) { + while ($notice->fetch()) { $notices[] = clone($notice); } - return $notices; - } - - function requiresAuth() - { - // If the site is "private", all API methods except statusnet/config - // need authentication - - if (common_config('site', 'private')) { - return true; - } - - // bare auth: only needs auth if without an argument or query param specifying user id - - $id = $this->arg('id'); - $user_id = $this->arg('user_id'); - $screen_name = $this->arg('screen_name'); - - if (empty($id) && empty($user_id) && empty($screen_name)) { - return true; - } - - return false; + return $notices; } /** diff --git a/lib/apiauth.php b/lib/apiauth.php new file mode 100644 index 000000000..501d3de10 --- /dev/null +++ b/lib/apiauth.php @@ -0,0 +1,131 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/twitterapi.php'; + +class ApiAuthAction extends TwitterapiAction +{ + /** + * Does this API resource require authentication? + * + * @return boolean true + */ + + function requiresAuth() + { + return true; + } + + function checkBasicAuthUser() + { + $this->basicAuthProcessHeader(); + + if (!isset($this->auth_user)) { + header('WWW-Authenticate: Basic realm="StatusNet API"'); + + // show error if the user clicks 'cancel' + + $this->showBasicAuthError(); + return false; + + } else { + $nickname = $this->auth_user; + $password = $this->auth_pw; + $this->auth_user = common_check_user($nickname, $password); + + if (empty($this->auth_user)) { + + // basic authentication failed + + list($proxy, $ip) = common_client_ip(); + common_log(LOG_WARNING, + "Failed API auth attempt, nickname = $nickname, proxy = $proxy, ip = $ip."); + $this->showBasicAuthError(); + return false; + } + } + return true; + } + + function basicAuthProcessHeader() + { + if (isset($_SERVER['AUTHORIZATION']) || isset($_SERVER['HTTP_AUTHORIZATION'])) { + $authorization_header = isset($_SERVER['HTTP_AUTHORIZATION'])? $_SERVER['HTTP_AUTHORIZATION'] : $_SERVER['AUTHORIZATION']; + } + + if (isset($_SERVER['PHP_AUTH_USER'])) { + $this->auth_user = $_SERVER['PHP_AUTH_USER']; + $this->auth_pw = $_SERVER['PHP_AUTH_PW']; + } elseif (isset($authorization_header) && strstr(substr($authorization_header, 0, 5), 'Basic')) { + // decode the HTTP_AUTHORIZATION header on php-cgi server self + // on fcgid server the header name is AUTHORIZATION + + $auth_hash = base64_decode(substr($authorization_header, 6)); + list($this->auth_user, $this->auth_pw) = explode(':', $auth_hash); + + // set all to null on a empty basic auth request + if ($this->auth_user == "") { + $this->auth_user = null; + $this->auth_pw = null; + } + } else { + $this->auth_user = null; + $this->auth_pw = null; + } + } + + function showBasicAuthError() + { + header('HTTP/1.1 401 Unauthorized'); + $msg = 'Could not authenticate you.'; + + if ($this->arg('format') == 'xml') { + header('Content-Type: application/xml; charset=utf-8'); + $this->startXML(); + $this->elementStart('hash'); + $this->element('error', null, $msg); + $this->element('request', null, $_SERVER['REQUEST_URI']); + $this->elementEnd('hash'); + $this->endXML(); + } elseif ($this->arg('format') == 'json') { + header('Content-Type: application/json; charset=utf-8'); + $error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']); + print(json_encode($error_array)); + } else { + header('Content-type: text/plain'); + print "$msg\n"; + } + } + + +} \ No newline at end of file diff --git a/lib/apibareauth.php b/lib/apibareauth.php new file mode 100644 index 000000000..8921cddca --- /dev/null +++ b/lib/apibareauth.php @@ -0,0 +1,68 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +class ApiBareAuthAction extends ApiAuthAction +{ + /** + * Does this API resource require authentication? + * + * @return boolean true or false + */ + + function requiresAuth() + { + // If the site is "private", all API methods except statusnet/config + // need authentication + + if (common_config('site', 'private')) { + return true; + } + + // check whether a user has been specified somehow + + $id = $this->arg('id'); + $user_id = $this->arg('user_id'); + $screen_name = $this->arg('screen_name'); + + if (empty($id) && empty($user_id) && empty($screen_name)) { + return true; + } + + return false; + } + +} \ No newline at end of file diff --git a/lib/router.php b/lib/router.php index 0e5fe3a54..370fbe62b 100644 --- a/lib/router.php +++ b/lib/router.php @@ -263,11 +263,11 @@ class Router // statuses API $m->connect('api/statuses/friends_timeline.:format', - array('action' => 'apifriendstimeline', + array('action' => 'ApiFriendsTimeline', 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/friends_timeline/:id.:format', - array('action' => 'apifriendstimeline', + array('action' => 'ApiFriendsTimeline', 'id' => '[a-zA-Z0-9]+', 'format' => '(xml|json|rss|atom)')); diff --git a/lib/twitterapi.php b/lib/twitterapi.php index 959b0981a..5cf666668 100644 --- a/lib/twitterapi.php +++ b/lib/twitterapi.php @@ -1205,85 +1205,4 @@ class TwitterapiAction extends Action } } - function checkBasicAuthUser() - { - $this->basicAuthProcessHeader(); - - if (!isset($this->auth_user)) { - header('WWW-Authenticate: Basic realm="StatusNet API"'); - - // show error if the user clicks 'cancel' - - $this->showBasicAuthError(); - return false; - - } else { - $nickname = $this->auth_user; - $password = $this->auth_pw; - $this->auth_user = common_check_user($nickname, $password); - - if (empty($this->auth_user)) { - - // basic authentication failed - - list($proxy, $ip) = common_client_ip(); - common_log(LOG_WARNING, - "Failed API auth attempt, nickname = $nickname, proxy = $proxy, ip = $ip."); - $this->showBasicAuthError(); - return false; - } - } - return true; - } - - function basicAuthProcessHeader() - { - if (isset($_SERVER['AUTHORIZATION']) || isset($_SERVER['HTTP_AUTHORIZATION'])) { - $authorization_header = isset($_SERVER['HTTP_AUTHORIZATION'])? $_SERVER['HTTP_AUTHORIZATION'] : $_SERVER['AUTHORIZATION']; - } - - if (isset($_SERVER['PHP_AUTH_USER'])) { - $this->auth_user = $_SERVER['PHP_AUTH_USER']; - $this->auth_pw = $_SERVER['PHP_AUTH_PW']; - } elseif (isset($authorization_header) && strstr(substr($authorization_header, 0, 5), 'Basic')) { - // decode the HTTP_AUTHORIZATION header on php-cgi server self - // on fcgid server the header name is AUTHORIZATION - - $auth_hash = base64_decode(substr($authorization_header, 6)); - list($this->auth_user, $this->auth_pw) = explode(':', $auth_hash); - - // set all to null on a empty basic auth request - if ($this->auth_user == "") { - $this->auth_user = null; - $this->auth_pw = null; - } - } else { - $this->auth_user = null; - $this->auth_pw = null; - } - } - - function showBasicAuthError() - { - header('HTTP/1.1 401 Unauthorized'); - $msg = 'Could not authenticate you.'; - - if ($this->arg('format') == 'xml') { - header('Content-Type: application/xml; charset=utf-8'); - $this->startXML(); - $this->elementStart('hash'); - $this->element('error', null, $msg); - $this->element('request', null, $_SERVER['REQUEST_URI']); - $this->elementEnd('hash'); - $this->endXML(); - } elseif ($this->arg('format') == 'json') { - header('Content-Type: application/json; charset=utf-8'); - $error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']); - print(json_encode($error_array)); - } else { - header('Content-type: text/plain'); - print "$msg\n"; - } - } - } -- cgit v1.2.3-54-g00ecf From dfa955bfda67ee9fd254e97abf9dc29f2b51a857 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Sun, 27 Sep 2009 14:11:12 -0700 Subject: - Output entity tag - More comments for function blocks --- actions/apifriendstimeline.php | 56 +++++++++++++++++++++++++++++++++++++----- 1 file changed, 50 insertions(+), 6 deletions(-) (limited to 'actions') diff --git a/actions/apifriendstimeline.php b/actions/apifriendstimeline.php index 2eb00e23a..dd89f44fe 100644 --- a/actions/apifriendstimeline.php +++ b/actions/apifriendstimeline.php @@ -76,11 +76,27 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction return true; } + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + function handle($args) { parent::handle($args); $this->showTimeline(); } + /** + * Show the timeline of notices + * + * @return void + */ + function showTimeline() { $profile = $this->user->getProfile(); @@ -124,6 +140,12 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction } } + /** + * Get notices + * + * @return array notices + */ + function getNotices() { $notices = array(); @@ -163,15 +185,37 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction function lastModified() { - if (empty($this->notices)) { - return null; + if (!empty($this->notices) && (count($this->notices) > 0)) { + return strtotime($this->notices[0]->created); } - if (count($this->notices) == 0) { - return null; + return null; + } + + /** + * An entity tag for this page + * + * Returns an Etag based on the action name, language, user ID, and + * timestamps of the first and last notice in the timeline + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + + $last = count($this->notices) - 1; + + return implode(':', + array($this->arg('action'), + common_language(), + $this->user->id, + strtotime($this->notices[0]->created), + strtotime($this->notices[$last]->created))) . '"'; } - return strtotime($this->notices[0]->created); + return null; } -} \ No newline at end of file +} -- cgit v1.2.3-54-g00ecf From 37bdc060c521203ff4e14a1a2b1d7fc59d1c2d4d Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Sun, 27 Sep 2009 15:33:46 -0700 Subject: phpcs on apifriendstimeline.php, apiauth.php and apibareauth.php --- actions/apifriendstimeline.php | 114 +++++++++++++++++++++++++---------------- lib/apiauth.php | 56 +++++++++++++++++--- lib/apibareauth.php | 11 ++++ 3 files changed, 130 insertions(+), 51 deletions(-) (limited to 'actions') diff --git a/actions/apifriendstimeline.php b/actions/apifriendstimeline.php index dd89f44fe..dc280b3f3 100644 --- a/actions/apifriendstimeline.php +++ b/actions/apifriendstimeline.php @@ -19,7 +19,7 @@ * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . * - * @category Personal + * @category API * @package StatusNet * @author Zach Copley * @copyright 2009 StatusNet, Inc. @@ -33,6 +33,17 @@ if (!defined('STATUSNET')) { require_once INSTALLDIR.'/lib/apibareauth.php'; +/** + * Returns the most recent notices (default 20) posted by the target user. + * This is the equivalent of 'You and friends' page accessed via Web. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + class ApiFriendsTimelineAction extends ApiBareAuthAction { @@ -86,7 +97,8 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction * @return void */ - function handle($args) { + function handle($args) + { parent::handle($args); $this->showTimeline(); } @@ -104,39 +116,45 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction $title = sprintf(_("%s and friends"), $user->nickname); $taguribase = common_config('integration', 'taguri'); $id = "tag:$taguribase:FriendsTimeline:" . $user->id; - $link = common_local_url('all', - array('nickname' => $user->nickname)); - $subtitle = sprintf(_('Updates from %1$s and friends on %2$s!'), - $user->nickname, $sitename); + $link = common_local_url( + 'all', array('nickname' => $user->nickname) + ); + $subtitle = sprintf( + _('Updates from %1$s and friends on %2$s!'), + $user->nickname, $sitename + ); switch($this->arg('format')) { - case 'xml': - $this->show_xml_timeline($this->notices); - break; - case 'rss': - $this->show_rss_timeline($this->notices, $title, $link, $subtitle); - break; - case 'atom': - - $target_id = $this->arg('id'); - - if (isset($target_id)) { - $selfuri = common_root_url() . - 'api/statuses/friends_timeline/' . - $target_id . '.atom'; - } else { - $selfuri = common_root_url() . - 'api/statuses/friends_timeline.atom'; - } - $this->show_atom_timeline($this->notices, $title, $id, $link, - $subtitle, null, $selfuri); - break; - case 'json': - $this->show_json_timeline($this->notices); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - break; + case 'xml': + $this->show_xml_timeline($this->notices); + break; + case 'rss': + $this->show_rss_timeline($this->notices, $title, $link, $subtitle); + break; + case 'atom': + + $target_id = $this->arg('id'); + + if (isset($target_id)) { + $selfuri = common_root_url() . + 'api/statuses/friends_timeline/' . + $target_id . '.atom'; + } else { + $selfuri = common_root_url() . + 'api/statuses/friends_timeline.atom'; + } + + $this->show_atom_timeline( + $this->notices, $title, $id, $link, + $subtitle, null, $selfuri + ); + break; + case 'json': + $this->show_json_timeline($this->notices); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; } } @@ -151,13 +169,17 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction $notices = array(); if (!empty($this->auth_user) && $this->auth_user->id == $this->user->id) { - $notice = $this->user->noticeInbox(($this->page-1) * $this->count, - $this->count, $this->since_id, - $this->max_id, $this->since); + $notice = $this->user->noticeInbox( + ($this->page-1) * $this->count, + $this->count, $this->since_id, + $this->max_id, $this->since + ); } else { - $notice = $this->user->noticesWithFriends(($this->page-1) * $this->count, - $this->count, $this->since_id, - $this->max_id, $this->since); + $notice = $this->user->noticesWithFriends( + ($this->page-1) * $this->count, + $this->count, $this->since_id, + $this->max_id, $this->since + ); } while ($notice->fetch()) { @@ -168,7 +190,9 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction } /** - * Is this page read-only? + * Is this action read only? + * + * @param array $args other arguments * * @return boolean true */ @@ -181,6 +205,7 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction /** * When was this feed last modified? * + * @return string datestamp of the latest notice in the stream */ function lastModified() @@ -193,7 +218,7 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction } /** - * An entity tag for this page + * An entity tag for this stream * * Returns an Etag based on the action name, language, user ID, and * timestamps of the first and last notice in the timeline @@ -207,12 +232,15 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction $last = count($this->notices) - 1; - return implode(':', + return implode( + ':', array($this->arg('action'), common_language(), $this->user->id, strtotime($this->notices[0]->created), - strtotime($this->notices[$last]->created))) . '"'; + strtotime($this->notices[$last]->created)) + ) + . '"'; } return null; diff --git a/lib/apiauth.php b/lib/apiauth.php index 501d3de10..c1976f964 100644 --- a/lib/apiauth.php +++ b/lib/apiauth.php @@ -33,6 +33,16 @@ if (!defined('STATUSNET')) { require_once INSTALLDIR.'/lib/twitterapi.php'; +/** + * Actions extending this class will require auth + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + class ApiAuthAction extends TwitterapiAction { /** @@ -46,6 +56,13 @@ class ApiAuthAction extends TwitterapiAction return true; } + /** + * Check for a user specified via HTTP basic auth. If there isn't + * one, try to get one by outputting the basic auth header. + * + * @return boolean true or false + */ + function checkBasicAuthUser() { $this->basicAuthProcessHeader(); @@ -68,8 +85,11 @@ class ApiAuthAction extends TwitterapiAction // basic authentication failed list($proxy, $ip) = common_client_ip(); - common_log(LOG_WARNING, - "Failed API auth attempt, nickname = $nickname, proxy = $proxy, ip = $ip."); + common_log( + LOG_WARNING, + 'Failed API auth attempt, nickname = ' . + "$nickname, proxy = $proxy, ip = $ip." + ); $this->showBasicAuthError(); return false; } @@ -77,16 +97,28 @@ class ApiAuthAction extends TwitterapiAction return true; } + /** + * Read the HTTP headers and set the auth user. Decodes HTTP_AUTHORIZATION + * param to support basic auth when PHP is running in CGI mode. + * + * @return void + */ + function basicAuthProcessHeader() { - if (isset($_SERVER['AUTHORIZATION']) || isset($_SERVER['HTTP_AUTHORIZATION'])) { - $authorization_header = isset($_SERVER['HTTP_AUTHORIZATION'])? $_SERVER['HTTP_AUTHORIZATION'] : $_SERVER['AUTHORIZATION']; + if (isset($_SERVER['AUTHORIZATION']) + || isset($_SERVER['HTTP_AUTHORIZATION']) + ) { + $authorization_header = isset($_SERVER['HTTP_AUTHORIZATION']) + ? $_SERVER['HTTP_AUTHORIZATION'] : $_SERVER['AUTHORIZATION']; } if (isset($_SERVER['PHP_AUTH_USER'])) { $this->auth_user = $_SERVER['PHP_AUTH_USER']; $this->auth_pw = $_SERVER['PHP_AUTH_PW']; - } elseif (isset($authorization_header) && strstr(substr($authorization_header, 0, 5), 'Basic')) { + } elseif (isset($authorization_header) + && strstr(substr($authorization_header, 0, 5), 'Basic')) { + // decode the HTTP_AUTHORIZATION header on php-cgi server self // on fcgid server the header name is AUTHORIZATION @@ -94,6 +126,7 @@ class ApiAuthAction extends TwitterapiAction list($this->auth_user, $this->auth_pw) = explode(':', $auth_hash); // set all to null on a empty basic auth request + if ($this->auth_user == "") { $this->auth_user = null; $this->auth_pw = null; @@ -104,6 +137,13 @@ class ApiAuthAction extends TwitterapiAction } } + /** + * Output an authentication error message. Use XML or JSON if one + * of those formats is specified, otherwise output plain text + * + * @return void + */ + function showBasicAuthError() { header('HTTP/1.1 401 Unauthorized'); @@ -119,7 +159,8 @@ class ApiAuthAction extends TwitterapiAction $this->endXML(); } elseif ($this->arg('format') == 'json') { header('Content-Type: application/json; charset=utf-8'); - $error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']); + $error_array = array('error' => $msg, + 'request' => $_SERVER['REQUEST_URI']); print(json_encode($error_array)); } else { header('Content-type: text/plain'); @@ -127,5 +168,4 @@ class ApiAuthAction extends TwitterapiAction } } - -} \ No newline at end of file +} diff --git a/lib/apibareauth.php b/lib/apibareauth.php index 8921cddca..a99d450ec 100644 --- a/lib/apibareauth.php +++ b/lib/apibareauth.php @@ -35,6 +35,17 @@ if (!defined('STATUSNET')) { require_once INSTALLDIR.'/lib/apiauth.php'; +/** + * Actions extending this class will require auth unless a target + * user ID has been specified + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + class ApiBareAuthAction extends ApiAuthAction { /** -- cgit v1.2.3-54-g00ecf From 99d2999b5cddb364177ab52bce01df71ffc656b3 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Sun, 27 Sep 2009 16:57:06 -0700 Subject: Broke out public_timeline and user_timeline into their own actions --- actions/apipublictimeline.php | 207 +++++++++++++++++++++++++++++++++++ actions/apiusertimeline.php | 249 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 456 insertions(+) create mode 100644 actions/apipublictimeline.php create mode 100644 actions/apiusertimeline.php (limited to 'actions') diff --git a/actions/apipublictimeline.php b/actions/apipublictimeline.php new file mode 100644 index 000000000..63cb0cbaf --- /dev/null +++ b/actions/apipublictimeline.php @@ -0,0 +1,207 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/twitterapi.php'; + +/** + * Returns the most recent notices (default 20) posted by everybody + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiPublicTimelineAction extends TwitterapiAction +{ + + var $notices = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + + $this->notices = $this->getNotices(); + + return true; + } + + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showTimeline(); + } + + /** + * Show the timeline of notices + * + * @return void + */ + + function showTimeline() + { + $sitename = common_config('site', 'name'); + $title = sprintf(_("%s public timeline"), $sitename); + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:PublicTimeline"; + $link = common_root_url(); + $subtitle = sprintf(_("%s updates from everyone!"), $sitename); + + switch($this->arg('format')) { + case 'xml': + $this->show_xml_timeline($this->notices); + break; + case 'rss': + $this->show_rss_timeline($this->notices, $title, $link, $subtitle); + break; + case 'atom': + $selfuri = common_root_url() . 'api/statuses/public_timeline.atom'; + $this->show_atom_timeline( + $this->notices, $title, $id, $link, + $subtitle, null, $selfuri + ); + break; + case 'json': + $this->show_json_timeline($this->notices); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; + } + } + + /** + * Get notices + * + * @return array notices + */ + + function getNotices() + { + $notices = array(); + + $notice = Notice::publicStream( + ($this->page - 1) * $this->count, $this->count, $this->since_id, + $this->max_id, $this->since + ); + + while ($notice->fetch()) { + $notices[] = clone($notice); + } + + return $notices; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + return strtotime($this->notices[0]->created); + } + + return null; + } + + /** + * An entity tag for this stream + * + * Returns an Etag based on the action name, language, and + * timestamps of the first and last notice in the timeline + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + + $last = count($this->notices) - 1; + + return implode( + ':', + array($this->arg('action'), + common_language(), + strtotime($this->notices[0]->created), + strtotime($this->notices[$last]->created)) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/apiusertimeline.php b/actions/apiusertimeline.php new file mode 100644 index 000000000..1c6961313 --- /dev/null +++ b/actions/apiusertimeline.php @@ -0,0 +1,249 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * Returns the most recent notices (default 20) posted by the authenticating + * user. Another user's timeline can be requested via the id parameter. This + * is the API equivalent of the user profile web page. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiUserTimelineAction extends ApiBareAuthAction +{ + + var $user = null; + var $notices = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->user = $this->getTargetUser($this->arg('id')); + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->arg('format')); + return; + } + + $this->notices = $this->getNotices(); + + return true; + } + + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showTimeline(); + } + + /** + * Show the timeline of notices + * + * @return void + */ + + function showTimeline() + { + $profile = $this->user->getProfile(); + + $sitename = common_config('site', 'name'); + $title = sprintf(_("%s timeline"), $this->user->nickname); + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:UserTimeline:" . $this->user->id; + $link = common_local_url( + 'showstream', + array('nickname' => $this->user->nickname) + ); + $subtitle = sprintf( + _('Updates from %1$s on %2$s!'), + $this->user->nickname, $sitename + ); + + // FriendFeed's SUP protocol + // Also added RSS and Atom feeds + + $suplink = common_local_url('sup', null, null, $this->user->id); + header('X-SUP-ID: ' . $suplink); + + switch($this->arg('format')) { + case 'xml': + $this->show_xml_timeline($this->notices); + break; + case 'rss': + $this->show_rss_timeline( + $this->notices, $title, $link, + $subtitle, $suplink + ); + break; + case 'atom': + if (isset($apidata['api_arg'])) { + $selfuri = common_root_url() . + 'api/statuses/user_timeline/' . + $apidata['api_arg'] . '.atom'; + } else { + $selfuri = common_root_url() . + 'api/statuses/user_timeline.atom'; + } + $this->show_atom_timeline( + $this->notices, $title, $id, $link, + $subtitle, $suplink, $selfuri + ); + break; + case 'json': + $this->show_json_timeline($this->notices); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; + } + + } + + /** + * Get notices + * + * @return array notices + */ + + function getNotices() + { + $notices = array(); + + $notice = $this->user->getNotices( + ($this->page-1) * $this->count, $this->count, + $this->since_id, $this->max_id, $this->since + ); + + while ($notice->fetch()) { + $notices[] = clone($notice); + } + + return $notices; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + return strtotime($this->notices[0]->created); + } + + return null; + } + + /** + * An entity tag for this stream + * + * Returns an Etag based on the action name, language, user ID, and + * timestamps of the first and last notice in the timeline + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + + $last = count($this->notices) - 1; + + return implode( + ':', + array($this->arg('action'), + common_language(), + $this->user->id, + strtotime($this->notices[0]->created), + strtotime($this->notices[$last]->created)) + ) + . '"'; + } + + return null; + } + +} -- cgit v1.2.3-54-g00ecf From 44dd8f833dca4ab0b076a7fc7d16fdfed317b41f Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Sun, 27 Sep 2009 17:17:57 -0700 Subject: Broke mentions API method out into its own action --- actions/apimentions.php | 234 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 234 insertions(+) create mode 100644 actions/apimentions.php (limited to 'actions') diff --git a/actions/apimentions.php b/actions/apimentions.php new file mode 100644 index 000000000..2b2e27f20 --- /dev/null +++ b/actions/apimentions.php @@ -0,0 +1,234 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * Returns the most recent (default 20) mentions (status containing @nickname) + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiMentionsAction extends ApiBareAuthAction +{ + + var $user = null; + var $notices = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->user = $this->getTargetUser($this->arg('id')); + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->arg('format')); + return; + } + + $this->notices = $this->getNotices(); + + return true; + } + + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showTimeline(); + } + + /** + * Show the timeline of notices + * + * @return void + */ + + function showTimeline() + { + $profile = $this->user->getProfile(); + + $sitename = common_config('site', 'name'); + $title = sprintf( + _('%1$s / Updates mentioning %2$s'), + $sitename, $this->user->nickname + ); + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:Mentions:" . $this->user->id; + $link = common_local_url( + 'replies', + array('nickname' => $this->user->nickname) + ); + $subtitle = sprintf( + _('%1$s updates that reply to updates from %2$s / %3$s.'), + $sitename, $this->user->nickname, $profile->getBestName() + ); + + switch($this->arg('format')) { + case 'xml': + $this->show_xml_timeline($this->notices); + break; + case 'rss': + $this->show_rss_timeline($this->notices, $title, $link, $subtitle); + break; + case 'atom': + $selfuri = common_root_url() . + ltrim($_SERVER['QUERY_STRING'], 'p='); + $this->show_atom_timeline( + $this->notices, $title, $id, $link, $subtitle, + null, $selfuri + ); + break; + case 'json': + $this->show_json_timeline($this->notices); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; + } + } + + /** + * Get notices + * + * @return array notices + */ + + function getNotices() + { + $notices = array(); + + $notice = $this->user->getReplies( + ($this->page - 1) * $this->count, $this->count, + $this->since_id, $this->max_id, $this->since + ); + + while ($notice->fetch()) { + $notices[] = clone($notice); + } + + return $notices; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + return strtotime($this->notices[0]->created); + } + + return null; + } + + /** + * An entity tag for this stream + * + * Returns an Etag based on the action name, language, user ID, and + * timestamps of the first and last notice in the timeline + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + + $last = count($this->notices) - 1; + + return implode( + ':', + array($this->arg('action'), + common_language(), + $this->user->id, + strtotime($this->notices[0]->created), + strtotime($this->notices[$last]->created)) + ) + . '"'; + } + + return null; + } + +} -- cgit v1.2.3-54-g00ecf From f3820cc85d53c9885744deb76d4b48cd1ec8f7e9 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Sun, 27 Sep 2009 17:27:42 -0700 Subject: Fix nickname in feed title --- actions/apifriendstimeline.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'actions') diff --git a/actions/apifriendstimeline.php b/actions/apifriendstimeline.php index dc280b3f3..520516016 100644 --- a/actions/apifriendstimeline.php +++ b/actions/apifriendstimeline.php @@ -113,15 +113,15 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction { $profile = $this->user->getProfile(); $sitename = common_config('site', 'name'); - $title = sprintf(_("%s and friends"), $user->nickname); + $title = sprintf(_("%s and friends"), $this->user->nickname); $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:FriendsTimeline:" . $user->id; + $id = "tag:$taguribase:FriendsTimeline:" . $this->user->id; $link = common_local_url( - 'all', array('nickname' => $user->nickname) + 'all', array('nickname' => $this->user->nickname) ); $subtitle = sprintf( _('Updates from %1$s and friends on %2$s!'), - $user->nickname, $sitename + $this->user->nickname, $sitename ); switch($this->arg('format')) { -- cgit v1.2.3-54-g00ecf From a8d1b7e9c26b4449a4a1e0e250f9b6766b2d8e62 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 27 Sep 2009 21:10:17 -0400 Subject: Merge DeleteAction class into DeletenoticeAction The DeleteAction class checked for notice information, and only had one subclass: DeletenoticeAction. I couldn't figure out any other class that would subclass it, so I combined the two into a single class. --- actions/deletenotice.php | 37 +++++++++++++++++++++--- lib/deleteaction.php | 74 ------------------------------------------------ 2 files changed, 33 insertions(+), 78 deletions(-) delete mode 100644 lib/deleteaction.php (limited to 'actions') diff --git a/actions/deletenotice.php b/actions/deletenotice.php index 3d040f2fa..617fa9c17 100644 --- a/actions/deletenotice.php +++ b/actions/deletenotice.php @@ -32,15 +32,44 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } -require_once INSTALLDIR.'/lib/deleteaction.php'; - -class DeletenoticeAction extends DeleteAction +class DeletenoticeAction extends Action { - var $error = null; + var $error = null; + var $user = null; + var $notice = null; + var $profile = null; + var $user_profile = null; + + function prepare($args) + { + parent::prepare($args); + + $this->user = common_current_user(); + $notice_id = $this->trimmed('notice'); + $this->notice = Notice::staticGet($notice_id); + + if (!$this->notice) { + common_user_error(_('No such notice.')); + exit; + } + + $this->profile = $this->notice->getProfile(); + $this->user_profile = $this->user->getProfile(); + + return true; + } function handle($args) { parent::handle($args); + + if (!common_logged_in()) { + common_user_error(_('Not logged in.')); + exit; + } else if ($this->notice->profile_id != $this->user_profile->id) { + common_user_error(_('Can\'t delete this notice.')); + exit; + } // XXX: Ajax! if ($_SERVER['REQUEST_METHOD'] == 'POST') { diff --git a/lib/deleteaction.php b/lib/deleteaction.php deleted file mode 100644 index f702820c6..000000000 --- a/lib/deleteaction.php +++ /dev/null @@ -1,74 +0,0 @@ -. - * - * @category Personal - * @package StatusNet - * @author Evan Prodromou - * @author Sarven Capadisli - * @copyright 2008 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -class DeleteAction extends Action -{ - var $user = null; - var $notice = null; - var $profile = null; - var $user_profile = null; - - function prepare($args) - { - parent::prepare($args); - - $this->user = common_current_user(); - $notice_id = $this->trimmed('notice'); - $this->notice = Notice::staticGet($notice_id); - - if (!$this->notice) { - common_user_error(_('No such notice.')); - exit; - } - - $this->profile = $this->notice->getProfile(); - $this->user_profile = $this->user->getProfile(); - - return true; - } - - function handle($args) - { - parent::handle($args); - - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - exit; - } else if ($this->notice->profile_id != $this->user_profile->id) { - common_user_error(_('Can\'t delete this notice.')); - exit; - } - } - -} -- cgit v1.2.3-54-g00ecf From ee9856c452a7e54994c30cd9138dd6faa2107001 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 27 Sep 2009 21:14:49 -0400 Subject: moderator can delete another user's notice --- actions/deletenotice.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/deletenotice.php b/actions/deletenotice.php index 617fa9c17..4a48a9c34 100644 --- a/actions/deletenotice.php +++ b/actions/deletenotice.php @@ -66,7 +66,8 @@ class DeletenoticeAction extends Action if (!common_logged_in()) { common_user_error(_('Not logged in.')); exit; - } else if ($this->notice->profile_id != $this->user_profile->id) { + } else if ($this->notice->profile_id != $this->user_profile->id && + !$this->user->hasRight(Right::deleteOthersNotice)) { common_user_error(_('Can\'t delete this notice.')); exit; } -- cgit v1.2.3-54-g00ecf From 4e6c7302072eb6e11ae0025795a7a96fb28f2f29 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Sun, 27 Sep 2009 20:21:16 -0700 Subject: Forgot to add home_timeline to the list of methods that only require bareauth. --- actions/api.php | 1 + 1 file changed, 1 insertion(+) (limited to 'actions') diff --git a/actions/api.php b/actions/api.php index d570bb017..1bc90de11 100644 --- a/actions/api.php +++ b/actions/api.php @@ -160,6 +160,7 @@ class ApiAction extends Action static $bareauth = array('statuses/user_timeline', 'statuses/friends_timeline', + 'statuses/home_timeline', 'statuses/friends', 'statuses/replies', 'statuses/mentions', -- cgit v1.2.3-54-g00ecf From 89ac81c34464b2fc4f54b643d0d95d12bac765ab Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 29 Sep 2009 17:25:52 -0400 Subject: remove string-checks from code using Notice::saveNew() --- actions/newnotice.php | 7 ------- actions/twitapistatuses.php | 5 ----- lib/facebookaction.php | 10 +++++----- lib/oauthstore.php | 5 +---- scripts/maildaemon.php | 9 +++++---- scripts/xmppdaemon.php | 11 +++++++---- 6 files changed, 18 insertions(+), 29 deletions(-) (limited to 'actions') diff --git a/actions/newnotice.php b/actions/newnotice.php index 23ec2a1b5..d5b0332f4 100644 --- a/actions/newnotice.php +++ b/actions/newnotice.php @@ -255,13 +255,6 @@ class NewnoticeAction extends Action $notice = Notice::saveNew($user->id, $content_shortened, 'web', 1, ($replyto == 'false') ? null : $replyto); - if (is_string($notice)) { - if (isset($filename)) { - $this->deleteFile($filename); - } - $this->clientError($notice); - } - if (isset($mimetype)) { $this->attachFile($notice, $fileRecord); } diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php index 2f10ff966..87043b182 100644 --- a/actions/twitapistatuses.php +++ b/actions/twitapistatuses.php @@ -297,11 +297,6 @@ class TwitapistatusesAction extends TwitterapiAction html_entity_decode($status, ENT_NOQUOTES, 'UTF-8'), $source, 1, $reply_to); - if (is_string($notice)) { - $this->serverError($notice); - return; - } - common_broadcast_notice($notice); $apidata['api_arg'] = $notice->id; } diff --git a/lib/facebookaction.php b/lib/facebookaction.php index 411f79594..3f3a8d3b0 100644 --- a/lib/facebookaction.php +++ b/lib/facebookaction.php @@ -468,11 +468,11 @@ class FacebookAction extends Action $replyto = $this->trimmed('inreplyto'); - $notice = Notice::saveNew($user->id, $content, - 'web', 1, ($replyto == 'false') ? null : $replyto); - - if (is_string($notice)) { - $this->showPage($notice); + try { + $notice = Notice::saveNew($user->id, $content, + 'web', 1, ($replyto == 'false') ? null : $replyto); + } catch (Exception $e) { + $this->showPage($e->getMessage()); return; } diff --git a/lib/oauthstore.php b/lib/oauthstore.php index e69a00f55..d617a7df7 100644 --- a/lib/oauthstore.php +++ b/lib/oauthstore.php @@ -156,7 +156,6 @@ class StatusNetOAuthDataStore extends OAuthDataStore return $this->new_access_token($consumer); } - /** * Revoke specified OAuth token * @@ -363,9 +362,7 @@ class StatusNetOAuthDataStore extends OAuthDataStore false, null, $omb_notice->getIdentifierURI()); - if (is_string($notice)) { - throw new Exception($notice); - } + common_broadcast_notice($notice, true); } diff --git a/scripts/maildaemon.php b/scripts/maildaemon.php index 5705cfd50..586bef624 100755 --- a/scripts/maildaemon.php +++ b/scripts/maildaemon.php @@ -260,10 +260,11 @@ class MailerDaemon function add_notice($user, $msg, $fileRecords) { - $notice = Notice::saveNew($user->id, $msg, 'mail'); - if (is_string($notice)) { - $this->log(LOG_ERR, $notice); - return $notice; + try { + $notice = Notice::saveNew($user->id, $msg, 'mail'); + } catch (Exception $e) { + $this->log(LOG_ERR, $e->getMessage()); + return $e->getMessage(); } foreach($fileRecords as $fileRecord){ $this->attachFile($notice, $fileRecord); diff --git a/scripts/xmppdaemon.php b/scripts/xmppdaemon.php index 1b1aec3e6..b2efc07c3 100755 --- a/scripts/xmppdaemon.php +++ b/scripts/xmppdaemon.php @@ -323,12 +323,15 @@ class XMPPDaemon extends Daemon mb_strlen($content_shortened))); return; } - $notice = Notice::saveNew($user->id, $content_shortened, 'xmpp'); - if (is_string($notice)) { - $this->log(LOG_ERR, $notice); - $this->from_site($user->jabber, $notice); + + try { + $notice = Notice::saveNew($user->id, $content_shortened, 'xmpp'); + } catch (Exception $e) { + $this->log(LOG_ERR, $e->getMessage()); + $this->from_site($user->jabber, $e->getMessage()); return; } + common_broadcast_notice($notice); $this->log(LOG_INFO, 'Added notice ' . $notice->id . ' from user ' . $user->nickname); -- cgit v1.2.3-54-g00ecf From e307adfbfc44e653ee2b5b94dcf7eabdc8ffe0df Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 30 Sep 2009 10:22:26 -0700 Subject: New actions for /statuses/friends and /statuses/followers + social graph methods --- actions/apifollowers.php | 85 +++++++++++++ actions/apifriends.php | 85 +++++++++++++ actions/apisubscriptions.php | 275 +++++++++++++++++++++++++++++++++++++++++++ lib/apiauth.php | 3 + lib/router.php | 55 +++++---- lib/twitterapi.php | 2 - 6 files changed, 479 insertions(+), 26 deletions(-) create mode 100644 actions/apifollowers.php create mode 100644 actions/apifriends.php create mode 100644 actions/apisubscriptions.php (limited to 'actions') diff --git a/actions/apifollowers.php b/actions/apifollowers.php new file mode 100644 index 000000000..30e3b2d1b --- /dev/null +++ b/actions/apifollowers.php @@ -0,0 +1,85 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * Ouputs the authenticating user's followers (subscribers), each with + * current Twitter-style status inline. They are ordered by the order + * in which they subscribed to the user, 100 at a time. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiFollowersAction extends ApiSubscriptionsAction +{ + /** + * Get the user's subscribers (followers) as an array of profiles + * + * @return array Profiles + */ + + function getProfiles() + { + $offset = ($this->page - 1) * $this->count; + $limit = $this->count + 1; + + $subs = null; + + if (isset($this->tag)) { + $subs = $this->user->getTaggedSubscribers( + $this->tag, $offset, $limit + ); + } else { + $subs = $this->user->getSubscribers( + $offset, + $limit + ); + } + + $profiles = array(); + + if (!empty($subs)) { + while ($subs->fetch()) { + $profiles[] = clone($subs); + } + } + + return $profiles; + } + +} diff --git a/actions/apifriends.php b/actions/apifriends.php new file mode 100644 index 000000000..12751a641 --- /dev/null +++ b/actions/apifriends.php @@ -0,0 +1,85 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * Ouputs the authenticating user's friends (subscriptions), each with + * current Twitter-style status inline. They are ordered by the date + * in which the user subscribed to them, 100 at a time. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiFriendsAction extends ApiSubscriptionsAction +{ + /** + * Get the user's subscriptions (friends) as an array of profiles + * + * @return array Profiles + */ + + function getProfiles() + { + $offset = ($this->page - 1) * $this->count; + $limit = $this->count + 1; + + $subs = null; + + if (isset($this->tag)) { + $subs = $this->user->getTaggedSubscriptions( + $this->tag, $offset, $limit + ); + } else { + $subs = $this->user->getSubscriptions( + $offset, + $limit + ); + } + + $profiles = array(); + + if (!empty($subs)) { + while ($subs->fetch()) { + $profiles[] = clone($subs); + } + } + + return $profiles; + } + +} diff --git a/actions/apisubscriptions.php b/actions/apisubscriptions.php new file mode 100644 index 000000000..78dcd722d --- /dev/null +++ b/actions/apisubscriptions.php @@ -0,0 +1,275 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * This class outputs a list of profiles as Twitter-style user and status objects. + * It is used by the API methods /api/statuses/(friends|followers). To support the + * social graph methods it also can output a simple list of IDs. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiSubscriptionsAction extends ApiBareAuthAction +{ + + var $page = null; + var $count = null; + var $user = null; + var $profiles = null; + var $format = null; + var $tag = null; + var $lite = null; + var $ids_only = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->page = (int)$this->arg('page', 1); + $this->tag = $this->arg('tag'); + $this->format = $this->arg('format'); + + // Note: Twitter no longer supports 'lite' + $this->lite = $this->arg('lite'); + + $this->ids_only = $this->arg('ids_only'); + + // If called as a social graph method, show 5000 per page, otherwise 100 + + $this->count = isset($this->ids_only) ? + 5000 : (int)$this->arg('count', 100); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return false; + } + } + + $this->user = $this->getTargetUser($this->arg('id')); + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); + return false; + } + + $this->profiles = $this->getProfiles(); + + return true; + } + + /** + * Handle the request + * + * Show the profiles + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } + + $this->init_document($this->format); + + if (isset($this->ids_only)) { + $this->showIds(); + } else { + $this->showProfiles(isset($this->lite) ? false : true); + } + + $this->end_document($this->format); + } + + /** + * Get profiles - should get overrrided + * + * @return array Profiles + */ + + function getProfiles() + { + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the latest profile in the stream + */ + + function lastModified() + { + if (!empty($this->profiles) && (count($this->profiles) > 0)) { + return strtotime($this->profiles[0]->created); + } + + return null; + } + + /** + * An entity tag for this action + * + * Returns an Etag based on the action name, language, user ID, and + * timestamps of the first and last profiles in the subscriptions list + * There's also an indicator to show whether this action is being called + * as /api/statuses/(friends|followers) or /api/(friends|followers)/ids + * + * @return string etag + */ + + function etag() + { + if (!empty($this->profiles) && (count($this->profiles) > 0)) { + + $last = count($this->profiles) - 1; + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + $this->user->id, + isset($this->ids_only) ? 'IDs' : 'Profiles', + strtotime($this->profiles[0]->created), + strtotime($this->profiles[$last]->created)) + ) + . '"'; + } + + return null; + } + + /** + * Show the profiles as Twitter-style useres and statuses + * + * @param boolean $include_statuses Whether to include the latest status + * with each user. Default true. + * + * @return void + */ + + function showProfiles($include_statuses = true) + { + switch ($this->format) { + case 'xml': + $this->elementStart('users', array('type' => 'array')); + foreach ($this->profiles as $profile) { + $this->show_profile( + $profile, + $this->format, + null, + $include_statuses + ); + } + $this->elementEnd('users'); + break; + case 'json': + $arrays = array(); + foreach ($this->profiles as $profile) { + $arrays[] = $this->twitter_user_array( + $profile, + $include_statuses + ); + } + print json_encode($arrays); + break; + default: + $this->clientError(_('Unsupported format.')); + break; + } + } + + /** + * Show the IDs of the profiles only. 5000 per page. To support + * the 'social graph' methods: /api/(friends|followers)/ids + * + * @return void + */ + + function showIds() + { + switch ($this->format) { + case 'xml': + $this->elementStart('ids'); + foreach ($this->profiles as $profile) { + $this->element('id', null, $profile->id); + } + $this->elementEnd('ids'); + break; + case 'json': + $ids = array(); + foreach ($this->profiles as $profile) { + $ids[] = (int)$profile->id; + } + print json_encode($ids); + break; + default: + $this->clientError(_('Unsupported format.')); + break; + } + } + +} diff --git a/lib/apiauth.php b/lib/apiauth.php index c1976f964..f0b4b6bf7 100644 --- a/lib/apiauth.php +++ b/lib/apiauth.php @@ -45,6 +45,9 @@ require_once INSTALLDIR.'/lib/twitterapi.php'; class ApiAuthAction extends TwitterapiAction { + + var $auth_user = null; + /** * Does this API resource require authentication? * diff --git a/lib/router.php b/lib/router.php index 91cdd2cf8..b3bb240d9 100644 --- a/lib/router.php +++ b/lib/router.php @@ -314,18 +314,33 @@ class Router 'id' => '[a-zA-Z0-9]+', 'format' => '(xml|json|rss|atom)')); - $m->connect('api/statuses/home_timeline', - array('action' => 'apifriendstimeline')); + $m->connect('api/statuses/friends.:format', + array('action' => 'ApiFriends', + 'format' => '(xml|json)')); + + $m->connect('api/statuses/friends/:id.:format', + array('action' => 'ApiFriends', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xml|json)')); + + $m->connect('api/statuses/followers.:format', + array('action' => 'ApiFollowers', + 'format' => '(xml|json)')); + + $m->connect('api/statuses/followers/:id.:format', + array('action' => 'ApiFollowers', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xml|json)')); $m->connect('api/statuses/:method', array('action' => 'api', 'apiaction' => 'statuses'), - array('method' => '(update|show|friends|followers|featured)(\.(atom|rss|xml|json))?')); + array('method' => '(update|show|featured)(\.(atom|rss|xml|json))?')); $m->connect('api/statuses/:method/:argument', array('action' => 'api', 'apiaction' => 'statuses'), - array('method' => '(show|destroy|friends|followers)')); + array('method' => '(show|destroy)')); // users @@ -380,29 +395,21 @@ class Router // Social graph - $m->connect('api/friends/ids/:argument', - array('action' => 'api', - 'apiaction' => 'statuses', - 'method' => 'friendsIDs')); + $m->connect('api/friends/ids/:id.:format', + array('action' => 'apiFriends', + 'ids_only' => true)); - foreach (array('xml', 'json') as $e) { - $m->connect('api/friends/ids.'.$e, - array('action' => 'api', - 'apiaction' => 'statuses', - 'method' => 'friendsIDs.'.$e)); - } + $m->connect('api/followers/ids/:id.:format', + array('action' => 'apiFollowers', + 'ids_only' => true)); - $m->connect('api/followers/ids/:argument', - array('action' => 'api', - 'apiaction' => 'statuses', - 'method' => 'followersIDs')); + $m->connect('api/friends/ids.:format', + array('action' => 'apiFriends', + 'ids_only' => true)); - foreach (array('xml', 'json') as $e) { - $m->connect('api/followers/ids.'.$e, - array('action' => 'api', - 'apiaction' => 'statuses', - 'method' => 'followersIDs.'.$e)); - } + $m->connect('api/followers/ids.:format', + array('action' => 'apiFollowers', + 'ids_only' => true)); // account diff --git a/lib/twitterapi.php b/lib/twitterapi.php index 5cf666668..6014a340e 100644 --- a/lib/twitterapi.php +++ b/lib/twitterapi.php @@ -24,8 +24,6 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { class TwitterapiAction extends Action { - var $auth_user; - /** * Initialization. * -- cgit v1.2.3-54-g00ecf From 1e7939cc4857db1109df40979bd475d4c0da48e9 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 30 Sep 2009 10:27:54 -0700 Subject: Left opening double quotes off Etag --- actions/apifriendstimeline.php | 2 +- actions/apimentions.php | 2 +- actions/apipublictimeline.php | 2 +- actions/apiusertimeline.php | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) (limited to 'actions') diff --git a/actions/apifriendstimeline.php b/actions/apifriendstimeline.php index 520516016..1e88d1c2b 100644 --- a/actions/apifriendstimeline.php +++ b/actions/apifriendstimeline.php @@ -232,7 +232,7 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction $last = count($this->notices) - 1; - return implode( + return '"' . implode( ':', array($this->arg('action'), common_language(), diff --git a/actions/apimentions.php b/actions/apimentions.php index 2b2e27f20..43e93a9c6 100644 --- a/actions/apimentions.php +++ b/actions/apimentions.php @@ -217,7 +217,7 @@ class ApiMentionsAction extends ApiBareAuthAction $last = count($this->notices) - 1; - return implode( + return '"' . implode( ':', array($this->arg('action'), common_language(), diff --git a/actions/apipublictimeline.php b/actions/apipublictimeline.php index 63cb0cbaf..2be979e6d 100644 --- a/actions/apipublictimeline.php +++ b/actions/apipublictimeline.php @@ -191,7 +191,7 @@ class ApiPublicTimelineAction extends TwitterapiAction $last = count($this->notices) - 1; - return implode( + return '"' . implode( ':', array($this->arg('action'), common_language(), diff --git a/actions/apiusertimeline.php b/actions/apiusertimeline.php index 1c6961313..44d69415b 100644 --- a/actions/apiusertimeline.php +++ b/actions/apiusertimeline.php @@ -232,7 +232,7 @@ class ApiUserTimelineAction extends ApiBareAuthAction $last = count($this->notices) - 1; - return implode( + return '"' . implode( ':', array($this->arg('action'), common_language(), -- cgit v1.2.3-54-g00ecf From 34ba2d03e94d3708a68166a8eae248152691f628 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 30 Sep 2009 10:30:06 -0700 Subject: Fix header comment --- actions/apifollowers.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/apifollowers.php b/actions/apifollowers.php index 30e3b2d1b..b216cced7 100644 --- a/actions/apifollowers.php +++ b/actions/apifollowers.php @@ -2,7 +2,7 @@ /** * StatusNet, the distributed open-source microblogging tool * - * Show a user's followers (subscriptions) + * Show a user's followers (subscribers) * * PHP version 5 * -- cgit v1.2.3-54-g00ecf From c5be2962ad6fa4f78a4892005bc6a342de89c5d0 Mon Sep 17 00:00:00 2001 From: Toby Inkster Date: Wed, 30 Sep 2009 13:12:17 +0100 Subject: FOAF for Groups. --- actions/foafgroup.php | 173 ++++++++++++++++++++++++++++++++++++++++++++++++++ actions/showgroup.php | 7 +- lib/router.php | 4 ++ 3 files changed, 183 insertions(+), 1 deletion(-) create mode 100644 actions/foafgroup.php (limited to 'actions') diff --git a/actions/foafgroup.php b/actions/foafgroup.php new file mode 100644 index 000000000..f5fd7fe88 --- /dev/null +++ b/actions/foafgroup.php @@ -0,0 +1,173 @@ +. + * + * @category Mail + * @package StatusNet + * @author Evan Prodromou + * @author Toby Inkster + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } + +class FoafGroupAction extends Action +{ + function isReadOnly($args) + { + return true; + } + + function prepare($args) + { + parent::prepare($args); + + $nickname_arg = $this->arg('nickname'); + + if (empty($nickname_arg)) { + $this->clientError(_('No such group.'), 404); + return false; + } + + $this->nickname = common_canonical_nickname($nickname_arg); + + // Permanent redirect on non-canonical nickname + + if ($nickname_arg != $this->nickname) { + common_redirect(common_local_url('foafgroup', + array('nickname' => $this->nickname)), + 301); + return false; + } + + $this->group = User_group::staticGet('nickname', $this->nickname); + + if (!$this->group) { + $this->clientError(_('No such group.'), 404); + return false; + } + + common_set_returnto($this->selfUrl()); + + return true; + } + + function handle($args) + { + parent::handle($args); + + header('Content-Type: application/rdf+xml'); + + $this->startXML(); + $this->elementStart('rdf:RDF', array('xmlns:rdf' => + 'http://www.w3.org/1999/02/22-rdf-syntax-ns#', + 'xmlns:dcterms' => + 'http://purl.org/dc/terms/', + 'xmlns:sioc' => + 'http://rdfs.org/sioc/ns#', + 'xmlns:foaf' => + 'http://xmlns.com/foaf/0.1/', + 'xmlns:statusnet' => + 'http://status.net/ont/', + 'xmlns' => 'http://xmlns.com/foaf/0.1/')); + + $this->showPpd(common_local_url('foafgroup', array('nickname' => $this->nickname)), $this->group->permalink()); + + $this->elementStart('Group', array('rdf:about' => + $this->group->permalink())); + if ($this->group->fullname) { + $this->element('name', null, $this->group->fullname); + } + if ($this->group->description) { + $this->element('dcterms:description', null, $this->group->description); + } + if ($this->group->nickname) { + $this->element('dcterms:identifier', null, $this->group->nickname); + $this->element('nick', null, $this->group->nickname); + } + foreach ($this->group->getAliases() as $alias) { + $this->element('nick', null, $alias); + } + if ($this->group->homeUrl()) { + $this->element('weblog', array('rdf:resource' => $this->group->homeUrl())); + } + if ($this->group->homepage) { + $this->element('page', array('rdf:resource' => $this->group->homepage)); + } + if ($this->group->homepage_logo) { + $this->element('depiction', array('rdf:resource' => $this->group->homepage_logo)); + } + + $members = $this->group->getMembers(); + $member_details = array(); + while ($members->fetch()) { + $member_uri = common_local_url('userbyid', array('id'=>$members->id)); + $member_details[$member_uri] = array( + 'nickname' => $members->nickname + ); + $this->element('member', array('rdf:resource' => $member_uri)); + } + + $admins = $this->group->getAdmins(); + while ($admins->fetch()) { + $admin_uri = common_local_url('userbyid', array('id'=>$admins->id)); + $member_details[$admin_uri]['is_admin'] = true; + $this->element('statusnet:groupAdmin', array('rdf:resource' => $admin_uri)); + } + + $this->elementEnd('Group'); + + ksort($member_details); + foreach ($member_details as $uri => $details) { + if ($details['is_admin']) + { + $this->elementStart('Agent', array('rdf:about' => $uri)); + $this->element('nick', null, $details['nickname']); + $this->elementStart('holdsAccount'); + $this->elementStart('sioc:User', array('rdf:about'=>$uri.'#acct')); + $this->elementStart('sioc:has_function'); + $this->elementStart('statusnet:GroupAdminRole'); + $this->element('sioc:scope', array('rdf:resource' => $this->group->permalink())); + $this->elementEnd('statusnet:GroupAdminRole'); + $this->elementEnd('sioc:has_function'); + $this->elementEnd('sioc:User'); + $this->elementEnd('holdsAccount'); + $this->elementEnd('Agent'); + } + else + { + $this->element('Agent', array( + 'foaf:nick' => $details['nickname'], + 'rdf:about' => $uri, + )); + } + } + + $this->elementEnd('rdf:RDF'); + $this->endXML(); + } + + function showPpd($foaf_url, $person_uri) + { + $this->elementStart('Document', array('rdf:about' => $foaf_url)); + $this->element('primaryTopic', array('rdf:resource' => $person_uri)); + $this->elementEnd('Document'); + } + +} \ No newline at end of file diff --git a/actions/showgroup.php b/actions/showgroup.php index ff9949762..a67765ce5 100644 --- a/actions/showgroup.php +++ b/actions/showgroup.php @@ -345,7 +345,12 @@ class ShowgroupAction extends GroupDesignAction 'method' => 'timeline', 'argument' => $this->group->nickname.'.atom')), sprintf(_('Notice feed for %s group (Atom)'), - $this->group->nickname))); + $this->group->nickname)), + new Feed(Feed::FOAF, + common_local_url('foafgroup', + array('nickname' => $this->group->nickname)), + sprintf(_('FOAF for %s group'), + $this->group->nickname))); } /** diff --git a/lib/router.php b/lib/router.php index c18f273ed..91f886bce 100644 --- a/lib/router.php +++ b/lib/router.php @@ -241,6 +241,10 @@ class Router array('nickname' => '[a-zA-Z0-9]+')); } + $m->connect('group/:nickname/foaf', + array('action' => 'foafgroup'), + array('nickname' => '[a-zA-Z0-9]+')); + $m->connect('group/:nickname/blocked', array('action' => 'blockedfromgroup'), array('nickname' => '[a-zA-Z0-9]+')); -- cgit v1.2.3-54-g00ecf From 524c2794c954346a00d7bf4cd58a6742bc005707 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 30 Sep 2009 17:02:04 -0700 Subject: Declare some more variables; instance variable for format --- actions/apifriendstimeline.php | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) (limited to 'actions') diff --git a/actions/apifriendstimeline.php b/actions/apifriendstimeline.php index 1e88d1c2b..be0cf758c 100644 --- a/actions/apifriendstimeline.php +++ b/actions/apifriendstimeline.php @@ -47,8 +47,13 @@ require_once INSTALLDIR.'/lib/apibareauth.php'; class ApiFriendsTimelineAction extends ApiBareAuthAction { - var $user = null; - var $notices = null; + var $user = null; + var $notices = null; + var $count = null; + var $max_id = null; + var $since_id = null; + var $since = null; + var $format = null; /** * Take arguments for running @@ -68,6 +73,7 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction $this->max_id = (int)$this->arg('max_id', 0); $this->since_id = (int)$this->arg('since_id', 0); $this->since = $this->arg('since'); + $this->format = $this->arg('format'); if ($this->requiresAuth()) { if ($this->checkBasicAuthUser() == false) { @@ -78,7 +84,7 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction $this->user = $this->getTargetUser($this->arg('id')); if (empty($this->user)) { - $this->clientError(_('No such user!'), 404, $this->arg('format')); + $this->clientError(_('No such user!'), 404, $this->format); return; } @@ -124,7 +130,7 @@ class ApiFriendsTimelineAction extends ApiBareAuthAction $this->user->nickname, $sitename ); - switch($this->arg('format')) { + switch($this->format) { case 'xml': $this->show_xml_timeline($this->notices); break; -- cgit v1.2.3-54-g00ecf From a3901e0e243d42fb75162a063c10b77fddd7dfe5 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 30 Sep 2009 17:06:46 -0700 Subject: New action for /statuses/show --- actions/apishow.php | 196 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 196 insertions(+) create mode 100644 actions/apishow.php (limited to 'actions') diff --git a/actions/apishow.php b/actions/apishow.php new file mode 100644 index 000000000..3d0b7b6e3 --- /dev/null +++ b/actions/apishow.php @@ -0,0 +1,196 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/twitterapi.php'; + +/** + * Returns the notice specified by id as a Twitter-style status and inline user + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiShowAction extends TwitterapiAction +{ + + var $notice_id = null; + var $notice = null; + var $format = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + // 'id' is an undocumented parameter in Twitter's API. Several + // clients make use of it, so we support it too. + + // show.json?id=12345 takes precedence over /show/12345.json + + $this->notice_id = (int)$this->trimmed('id'); + + if (empty($notice_id)) { + $this->notice_id = (int)$this->arg('id'); + } + + $this->format = $this->arg('format'); + $this->notice = Notice::staticGet((int)$this->notice_id); + + return true; + } + + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } + + $this->showNotice(); + } + + /** + * Show the timeline of notices + * + * @return void + */ + + function showNotice() + { + if (!empty($this->notice)) { + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } else { + + // XXX: Twitter just sets a 404 header and doens't bother + // to return an err msg + + $deleted = Deleted_notice::staticGet($this->notice_id); + + if (!empty($deleted)) { + $this->clientError( + _('Status deleted.'), + 410, + $this->format + ); + } else { + $this->clientError( + _('No status with that ID found.'), + 404, + $this->format + ); + } + } + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this notice last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->notice)) { + return strtotime($this->notices->created); + } + + return null; + } + + /** + * An entity tag for this notice + * + * Returns an Etag based on the action name, language, and + * timestamps of the notice + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notice)) { + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + $this->notice->id, + strtotime($this->notice->created)) + ) + . '"'; + } + + return null; + } + +} -- cgit v1.2.3-54-g00ecf From 8b8e0c95af8efe656c3c7a67153117ba8128456e Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 30 Sep 2009 17:08:52 -0700 Subject: Add route for /statuses/show --- actions/apishow.php | 10 +++++----- lib/router.php | 11 ++++++++++- 2 files changed, 15 insertions(+), 6 deletions(-) (limited to 'actions') diff --git a/actions/apishow.php b/actions/apishow.php index 3d0b7b6e3..d17cc8c95 100644 --- a/actions/apishow.php +++ b/actions/apishow.php @@ -83,7 +83,7 @@ class ApiShowAction extends TwitterapiAction /** * Handle the request * - * Just show the notices + * Check the format and show the notice * * @param array $args $_REQUEST data (unused) * @@ -103,7 +103,7 @@ class ApiShowAction extends TwitterapiAction } /** - * Show the timeline of notices + * Show the notice * * @return void */ @@ -125,14 +125,14 @@ class ApiShowAction extends TwitterapiAction if (!empty($deleted)) { $this->clientError( - _('Status deleted.'), - 410, + _('Status deleted.'), + 410, $this->format ); } else { $this->clientError( _('No status with that ID found.'), - 404, + 404, $this->format ); } diff --git a/lib/router.php b/lib/router.php index b3bb240d9..972db4c9d 100644 --- a/lib/router.php +++ b/lib/router.php @@ -332,10 +332,19 @@ class Router 'id' => '[a-zA-Z0-9]+', 'format' => '(xml|json)')); + $m->connect('api/statuses/show.:format', + array('action' => 'ApiShow', + 'format' => '(xml|json)')); + + $m->connect('api/statuses/show/:id.:format', + array('action' => 'ApiShow', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xml|json)')); + $m->connect('api/statuses/:method', array('action' => 'api', 'apiaction' => 'statuses'), - array('method' => '(update|show|featured)(\.(atom|rss|xml|json))?')); + array('method' => '(update|featured)(\.(atom|rss|xml|json))?')); $m->connect('api/statuses/:method/:argument', array('action' => 'api', -- cgit v1.2.3-54-g00ecf From c5f33cc6c26cc10dbcf2f1d3104875ad694f2256 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 30 Sep 2009 17:11:22 -0700 Subject: Fix: last modified header wasn't showing --- actions/apishow.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/apishow.php b/actions/apishow.php index d17cc8c95..952c7f593 100644 --- a/actions/apishow.php +++ b/actions/apishow.php @@ -161,7 +161,7 @@ class ApiShowAction extends TwitterapiAction function lastModified() { if (!empty($this->notice)) { - return strtotime($this->notices->created); + return strtotime($this->notice->created); } return null; -- cgit v1.2.3-54-g00ecf From b0ddb971e61bd98250c41e653ab2e649a9b08926 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 1 Oct 2009 16:15:52 -0700 Subject: New action for /statuses/update --- actions/apiupdate.php | 240 ++++++++++++++++++++++++++++++++++++++++++++++++++ lib/router.php | 9 +- 2 files changed, 244 insertions(+), 5 deletions(-) create mode 100644 actions/apiupdate.php (limited to 'actions') diff --git a/actions/apiupdate.php b/actions/apiupdate.php new file mode 100644 index 000000000..9ce208f65 --- /dev/null +++ b/actions/apiupdate.php @@ -0,0 +1,240 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * Updates the authenticating user's status (posts a notice). + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiUpdateAction extends ApiAuthAction +{ + + var $user = null; + var $source = null; + var $status = null; + var $in_reply_to_status_id = null; + var $format = null; + + static $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return false; + } + } + + $this->user = $this->auth_user; + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); + return false; + } + + $this->status = $this->trimmed('status'); + + if (empty($this->status)) { + $this->clientError( + 'Client must provide a \'status\' parameter with a value.', + 400, + $this->format + ); + + return false; + } + + $this->source = $this->trimmed('source'); + + if (empty($this->source) || in_array($source, $this->reserved_sources)) { + $this->source = 'api'; + } + + $this->format = $this->arg('format'); + + $this->in_reply_to_status_id + = intval($this->trimmed('in_reply_to_status_id')); + + return true; + } + + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, $this->format + ); + return; + } + + $status_shortened = common_shorten_links($this->status); + + if (Notice::contentTooLong($status_shortened)) { + + // Note: Twitter truncates anything over 140, flags the status + // as "truncated." + + $this->clientError( + sprintf( + _('That\'s too long. Max notice size is %d chars.'), + Notice::maxContent() + ), + 406, + $this->format + ); + + return; + } + + // Check for commands + + $inter = new CommandInterpreter(); + $cmd = $inter->handle_command($this->user, $status_shortened); + + if ($cmd) { + + if ($this->supported($cmd)) { + $cmd->execute(new Channel()); + } + + // Cmd not supported? Twitter just returns your latest status. + // And, it returns your last status whether the cmd was successful + // or not! + + $this->notice = $this->user->getCurrentNotice(); + + } else { + + $reply_to = null; + + if (!empty($this->in_reply_to_status_id)) { + + // Check whether notice actually exists + + $reply = Notice::staticGet($this->in_reply_to_status_id); + + if ($reply) { + $reply_to = $this->in_reply_to_status_id; + } else { + $this->clientError( + _('Not found'), + $code = 404, + $this->format + ); + return; + } + } + + $this->notice = Notice::saveNew( + $this->user->id, + html_entity_decode($this->status, ENT_NOQUOTES, 'UTF-8'), + $this->source, + 1, + $reply_to + ); + + common_broadcast_notice($this->notice); + } + + $this->showNotice(); + } + + /** + * Show the resulting notice + * + * @return void + */ + + function showNotice() + { + if (!empty($this->notice)) { + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } + } + + /** + * Is this command supported when doing an update from the API? + * + * @param string $cmd the command to check for + * + * @return boolean true or false + */ + + function supported($cmd) + { + static $cmdlist = array('MessageCommand', 'SubCommand', 'UnsubCommand', + 'FavCommand', 'OnCommand', 'OffCommand'); + + if (in_array(get_class($cmd), $cmdlist)) { + return true; + } + + return false; + } + +} diff --git a/lib/router.php b/lib/router.php index 972db4c9d..1ea06afe0 100644 --- a/lib/router.php +++ b/lib/router.php @@ -341,15 +341,14 @@ class Router 'id' => '[a-zA-Z0-9]+', 'format' => '(xml|json)')); - $m->connect('api/statuses/:method', - array('action' => 'api', - 'apiaction' => 'statuses'), - array('method' => '(update|featured)(\.(atom|rss|xml|json))?')); + $m->connect('api/statuses/update.:format', + array('action' => 'ApiUpdate', + 'format' => '(xml|json)')); $m->connect('api/statuses/:method/:argument', array('action' => 'api', 'apiaction' => 'statuses'), - array('method' => '(show|destroy)')); + array('method' => 'destroy')); // users -- cgit v1.2.3-54-g00ecf From 9a1dbee0fdd1f586512e4517a5abb7898501bc11 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 1 Oct 2009 17:35:28 -0700 Subject: A new action for /statuses/destroy --- actions/apidestroy.php | 152 +++++++++++++++++++++++++++++++++++++++++++++++++ actions/apiupdate.php | 4 +- lib/router.php | 15 +++-- 3 files changed, 164 insertions(+), 7 deletions(-) create mode 100644 actions/apidestroy.php (limited to 'actions') diff --git a/actions/apidestroy.php b/actions/apidestroy.php new file mode 100644 index 000000000..a3b6bf65e --- /dev/null +++ b/actions/apidestroy.php @@ -0,0 +1,152 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Deletes one of the authenticating user's statuses (notices). + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiDestroyAction extends ApiAuthAction +{ + + var $user = null; + var $status = null; + var $format = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return false; + } + } + + $this->user = $this->auth_user; + $this->notice_id = (int)$this->trimmed('id'); + + if (empty($notice_id)) { + $this->notice_id = (int)$this->arg('id'); + } + + $this->format = $this->arg('format'); + $this->notice = Notice::staticGet((int)$this->notice_id); + + return true; + } + + /** + * Handle the request + * + * Delete the notice and all related replies + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } + + if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { + $this->clientError(_('This method requires a POST or DELETE.'), + 400, $this->format); + return; + } + + if (empty($this->notice)) { + $this->clientError(_('No status found with that ID.'), + 404, $this->format); + return; + } + + if ($this->user->id == $this->notice->profile_id) { + $replies = new Reply; + $replies->get('notice_id', $this->notice_id); + $replies->delete(); + $this->notice->delete(); + + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } else { + $this->clientError(_('You may not delete another user\'s status.'), + 403, $this->format); + } + + $this->showNotice(); + } + + /** + * Show the deleted notice + * + * @return void + */ + + function showNotice() + { + if (!empty($this->notice)) { + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } + } + +} diff --git a/actions/apiupdate.php b/actions/apiupdate.php index 9ce208f65..04a38f3f8 100644 --- a/actions/apiupdate.php +++ b/actions/apiupdate.php @@ -31,7 +31,7 @@ if (!defined('STATUSNET')) { exit(1); } -require_once INSTALLDIR.'/lib/apibareauth.php'; +require_once INSTALLDIR.'/lib/apiauth.php'; /** * Updates the authenticating user's status (posts a notice). @@ -109,7 +109,7 @@ class ApiUpdateAction extends ApiAuthAction /** * Handle the request * - * Just show the notices + * Make a new notice for the update, save it, and show it * * @param array $args $_REQUEST data (unused) * diff --git a/lib/router.php b/lib/router.php index 3de4e322f..5c9513f57 100644 --- a/lib/router.php +++ b/lib/router.php @@ -342,17 +342,22 @@ class Router $m->connect('api/statuses/show/:id.:format', array('action' => 'ApiShow', - 'id' => '[a-zA-Z0-9]+', + 'id' => '[0-9]+', 'format' => '(xml|json)')); $m->connect('api/statuses/update.:format', array('action' => 'ApiUpdate', 'format' => '(xml|json)')); - $m->connect('api/statuses/:method/:argument', - array('action' => 'api', - 'apiaction' => 'statuses'), - array('method' => 'destroy')); + $m->connect('api/statuses/destroy.:format', + array('action' => 'ApiDestroy', + 'format' => '(xml|json)')); + + $m->connect('api/statuses/destroy/:id.:format', + array('action' => 'ApiDestroy', + 'id' => '[0-9]+', + 'format' => '(xml|json)')); + // users -- cgit v1.2.3-54-g00ecf From 1e0c36afb5c265eff1d72331b44239e35f5226ed Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 1 Oct 2009 18:19:59 -0700 Subject: Renamed and moved stuff around to better match Twitter's API organization --- actions/apidestroy.php | 152 ---------- actions/apifollowers.php | 85 ------ actions/apifriends.php | 85 ------ actions/apifriendstimeline.php | 255 ----------------- actions/apimentions.php | 234 ---------------- actions/apipublictimeline.php | 207 -------------- actions/apishow.php | 196 ------------- actions/apistatusesdestroy.php | 152 ++++++++++ actions/apistatusesshow.php | 196 +++++++++++++ actions/apistatusesupdate.php | 240 ++++++++++++++++ actions/apitimelinefriends.php | 255 +++++++++++++++++ actions/apitimelinementions.php | 234 ++++++++++++++++ actions/apitimelinepublic.php | 207 ++++++++++++++ actions/apitimelineuser.php | 249 +++++++++++++++++ actions/apiupdate.php | 240 ---------------- actions/apiuserfollowers.php | 85 ++++++ actions/apiuserfriends.php | 85 ++++++ actions/apiusertimeline.php | 249 ----------------- actions/twitapistatuses.php | 606 ---------------------------------------- lib/router.php | 40 +-- 20 files changed, 1723 insertions(+), 2329 deletions(-) delete mode 100644 actions/apidestroy.php delete mode 100644 actions/apifollowers.php delete mode 100644 actions/apifriends.php delete mode 100644 actions/apifriendstimeline.php delete mode 100644 actions/apimentions.php delete mode 100644 actions/apipublictimeline.php delete mode 100644 actions/apishow.php create mode 100644 actions/apistatusesdestroy.php create mode 100644 actions/apistatusesshow.php create mode 100644 actions/apistatusesupdate.php create mode 100644 actions/apitimelinefriends.php create mode 100644 actions/apitimelinementions.php create mode 100644 actions/apitimelinepublic.php create mode 100644 actions/apitimelineuser.php delete mode 100644 actions/apiupdate.php create mode 100644 actions/apiuserfollowers.php create mode 100644 actions/apiuserfriends.php delete mode 100644 actions/apiusertimeline.php delete mode 100644 actions/twitapistatuses.php (limited to 'actions') diff --git a/actions/apidestroy.php b/actions/apidestroy.php deleted file mode 100644 index a3b6bf65e..000000000 --- a/actions/apidestroy.php +++ /dev/null @@ -1,152 +0,0 @@ -. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/apiauth.php'; - -/** - * Deletes one of the authenticating user's statuses (notices). - * - * @category API - * @package StatusNet - * @author Zach Copley - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -class ApiDestroyAction extends ApiAuthAction -{ - - var $user = null; - var $status = null; - var $format = null; - - /** - * Take arguments for running - * - * @param array $args $_REQUEST args - * - * @return boolean success flag - * - */ - - function prepare($args) - { - parent::prepare($args); - - if ($this->requiresAuth()) { - if ($this->checkBasicAuthUser() == false) { - return false; - } - } - - $this->user = $this->auth_user; - $this->notice_id = (int)$this->trimmed('id'); - - if (empty($notice_id)) { - $this->notice_id = (int)$this->arg('id'); - } - - $this->format = $this->arg('format'); - $this->notice = Notice::staticGet((int)$this->notice_id); - - return true; - } - - /** - * Handle the request - * - * Delete the notice and all related replies - * - * @param array $args $_REQUEST data (unused) - * - * @return void - */ - - function handle($args) - { - parent::handle($args); - - if (!in_array($this->format, array('xml', 'json'))) { - $this->clientError(_('API method not found!'), $code = 404); - return; - } - - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - $this->clientError(_('This method requires a POST or DELETE.'), - 400, $this->format); - return; - } - - if (empty($this->notice)) { - $this->clientError(_('No status found with that ID.'), - 404, $this->format); - return; - } - - if ($this->user->id == $this->notice->profile_id) { - $replies = new Reply; - $replies->get('notice_id', $this->notice_id); - $replies->delete(); - $this->notice->delete(); - - if ($this->format == 'xml') { - $this->show_single_xml_status($this->notice); - } elseif ($this->format == 'json') { - $this->show_single_json_status($this->notice); - } - } else { - $this->clientError(_('You may not delete another user\'s status.'), - 403, $this->format); - } - - $this->showNotice(); - } - - /** - * Show the deleted notice - * - * @return void - */ - - function showNotice() - { - if (!empty($this->notice)) { - if ($this->format == 'xml') { - $this->show_single_xml_status($this->notice); - } elseif ($this->format == 'json') { - $this->show_single_json_status($this->notice); - } - } - } - -} diff --git a/actions/apifollowers.php b/actions/apifollowers.php deleted file mode 100644 index b216cced7..000000000 --- a/actions/apifollowers.php +++ /dev/null @@ -1,85 +0,0 @@ -. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/apibareauth.php'; - -/** - * Ouputs the authenticating user's followers (subscribers), each with - * current Twitter-style status inline. They are ordered by the order - * in which they subscribed to the user, 100 at a time. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -class ApiFollowersAction extends ApiSubscriptionsAction -{ - /** - * Get the user's subscribers (followers) as an array of profiles - * - * @return array Profiles - */ - - function getProfiles() - { - $offset = ($this->page - 1) * $this->count; - $limit = $this->count + 1; - - $subs = null; - - if (isset($this->tag)) { - $subs = $this->user->getTaggedSubscribers( - $this->tag, $offset, $limit - ); - } else { - $subs = $this->user->getSubscribers( - $offset, - $limit - ); - } - - $profiles = array(); - - if (!empty($subs)) { - while ($subs->fetch()) { - $profiles[] = clone($subs); - } - } - - return $profiles; - } - -} diff --git a/actions/apifriends.php b/actions/apifriends.php deleted file mode 100644 index 12751a641..000000000 --- a/actions/apifriends.php +++ /dev/null @@ -1,85 +0,0 @@ -. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/apibareauth.php'; - -/** - * Ouputs the authenticating user's friends (subscriptions), each with - * current Twitter-style status inline. They are ordered by the date - * in which the user subscribed to them, 100 at a time. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -class ApiFriendsAction extends ApiSubscriptionsAction -{ - /** - * Get the user's subscriptions (friends) as an array of profiles - * - * @return array Profiles - */ - - function getProfiles() - { - $offset = ($this->page - 1) * $this->count; - $limit = $this->count + 1; - - $subs = null; - - if (isset($this->tag)) { - $subs = $this->user->getTaggedSubscriptions( - $this->tag, $offset, $limit - ); - } else { - $subs = $this->user->getSubscriptions( - $offset, - $limit - ); - } - - $profiles = array(); - - if (!empty($subs)) { - while ($subs->fetch()) { - $profiles[] = clone($subs); - } - } - - return $profiles; - } - -} diff --git a/actions/apifriendstimeline.php b/actions/apifriendstimeline.php deleted file mode 100644 index be0cf758c..000000000 --- a/actions/apifriendstimeline.php +++ /dev/null @@ -1,255 +0,0 @@ -. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/apibareauth.php'; - -/** - * Returns the most recent notices (default 20) posted by the target user. - * This is the equivalent of 'You and friends' page accessed via Web. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -class ApiFriendsTimelineAction extends ApiBareAuthAction -{ - - var $user = null; - var $notices = null; - var $count = null; - var $max_id = null; - var $since_id = null; - var $since = null; - var $format = null; - - /** - * Take arguments for running - * - * @param array $args $_REQUEST args - * - * @return boolean success flag - * - */ - - function prepare($args) - { - parent::prepare($args); - - $this->page = (int)$this->arg('page', 1); - $this->count = (int)$this->arg('count', 20); - $this->max_id = (int)$this->arg('max_id', 0); - $this->since_id = (int)$this->arg('since_id', 0); - $this->since = $this->arg('since'); - $this->format = $this->arg('format'); - - if ($this->requiresAuth()) { - if ($this->checkBasicAuthUser() == false) { - return; - } - } - - $this->user = $this->getTargetUser($this->arg('id')); - - if (empty($this->user)) { - $this->clientError(_('No such user!'), 404, $this->format); - return; - } - - $this->notices = $this->getNotices(); - - return true; - } - - /** - * Handle the request - * - * Just show the notices - * - * @param array $args $_REQUEST data (unused) - * - * @return void - */ - - function handle($args) - { - parent::handle($args); - $this->showTimeline(); - } - - /** - * Show the timeline of notices - * - * @return void - */ - - function showTimeline() - { - $profile = $this->user->getProfile(); - $sitename = common_config('site', 'name'); - $title = sprintf(_("%s and friends"), $this->user->nickname); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:FriendsTimeline:" . $this->user->id; - $link = common_local_url( - 'all', array('nickname' => $this->user->nickname) - ); - $subtitle = sprintf( - _('Updates from %1$s and friends on %2$s!'), - $this->user->nickname, $sitename - ); - - switch($this->format) { - case 'xml': - $this->show_xml_timeline($this->notices); - break; - case 'rss': - $this->show_rss_timeline($this->notices, $title, $link, $subtitle); - break; - case 'atom': - - $target_id = $this->arg('id'); - - if (isset($target_id)) { - $selfuri = common_root_url() . - 'api/statuses/friends_timeline/' . - $target_id . '.atom'; - } else { - $selfuri = common_root_url() . - 'api/statuses/friends_timeline.atom'; - } - - $this->show_atom_timeline( - $this->notices, $title, $id, $link, - $subtitle, null, $selfuri - ); - break; - case 'json': - $this->show_json_timeline($this->notices); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - break; - } - } - - /** - * Get notices - * - * @return array notices - */ - - function getNotices() - { - $notices = array(); - - if (!empty($this->auth_user) && $this->auth_user->id == $this->user->id) { - $notice = $this->user->noticeInbox( - ($this->page-1) * $this->count, - $this->count, $this->since_id, - $this->max_id, $this->since - ); - } else { - $notice = $this->user->noticesWithFriends( - ($this->page-1) * $this->count, - $this->count, $this->since_id, - $this->max_id, $this->since - ); - } - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - return $notices; - } - - /** - * Is this action read only? - * - * @param array $args other arguments - * - * @return boolean true - */ - - function isReadOnly($args) - { - return true; - } - - /** - * When was this feed last modified? - * - * @return string datestamp of the latest notice in the stream - */ - - function lastModified() - { - if (!empty($this->notices) && (count($this->notices) > 0)) { - return strtotime($this->notices[0]->created); - } - - return null; - } - - /** - * An entity tag for this stream - * - * Returns an Etag based on the action name, language, user ID, and - * timestamps of the first and last notice in the timeline - * - * @return string etag - */ - - function etag() - { - if (!empty($this->notices) && (count($this->notices) > 0)) { - - $last = count($this->notices) - 1; - - return '"' . implode( - ':', - array($this->arg('action'), - common_language(), - $this->user->id, - strtotime($this->notices[0]->created), - strtotime($this->notices[$last]->created)) - ) - . '"'; - } - - return null; - } - -} diff --git a/actions/apimentions.php b/actions/apimentions.php deleted file mode 100644 index 43e93a9c6..000000000 --- a/actions/apimentions.php +++ /dev/null @@ -1,234 +0,0 @@ -. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/apibareauth.php'; - -/** - * Returns the most recent (default 20) mentions (status containing @nickname) - * - * @category API - * @package StatusNet - * @author Zach Copley - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -class ApiMentionsAction extends ApiBareAuthAction -{ - - var $user = null; - var $notices = null; - - /** - * Take arguments for running - * - * @param array $args $_REQUEST args - * - * @return boolean success flag - * - */ - - function prepare($args) - { - parent::prepare($args); - - $this->page = (int)$this->arg('page', 1); - $this->count = (int)$this->arg('count', 20); - $this->max_id = (int)$this->arg('max_id', 0); - $this->since_id = (int)$this->arg('since_id', 0); - $this->since = $this->arg('since'); - - if ($this->requiresAuth()) { - if ($this->checkBasicAuthUser() == false) { - return; - } - } - - $this->user = $this->getTargetUser($this->arg('id')); - - if (empty($this->user)) { - $this->clientError(_('No such user!'), 404, $this->arg('format')); - return; - } - - $this->notices = $this->getNotices(); - - return true; - } - - /** - * Handle the request - * - * Just show the notices - * - * @param array $args $_REQUEST data (unused) - * - * @return void - */ - - function handle($args) - { - parent::handle($args); - $this->showTimeline(); - } - - /** - * Show the timeline of notices - * - * @return void - */ - - function showTimeline() - { - $profile = $this->user->getProfile(); - - $sitename = common_config('site', 'name'); - $title = sprintf( - _('%1$s / Updates mentioning %2$s'), - $sitename, $this->user->nickname - ); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:Mentions:" . $this->user->id; - $link = common_local_url( - 'replies', - array('nickname' => $this->user->nickname) - ); - $subtitle = sprintf( - _('%1$s updates that reply to updates from %2$s / %3$s.'), - $sitename, $this->user->nickname, $profile->getBestName() - ); - - switch($this->arg('format')) { - case 'xml': - $this->show_xml_timeline($this->notices); - break; - case 'rss': - $this->show_rss_timeline($this->notices, $title, $link, $subtitle); - break; - case 'atom': - $selfuri = common_root_url() . - ltrim($_SERVER['QUERY_STRING'], 'p='); - $this->show_atom_timeline( - $this->notices, $title, $id, $link, $subtitle, - null, $selfuri - ); - break; - case 'json': - $this->show_json_timeline($this->notices); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - break; - } - } - - /** - * Get notices - * - * @return array notices - */ - - function getNotices() - { - $notices = array(); - - $notice = $this->user->getReplies( - ($this->page - 1) * $this->count, $this->count, - $this->since_id, $this->max_id, $this->since - ); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - return $notices; - } - - /** - * Is this action read only? - * - * @param array $args other arguments - * - * @return boolean true - */ - - function isReadOnly($args) - { - return true; - } - - /** - * When was this feed last modified? - * - * @return string datestamp of the latest notice in the stream - */ - - function lastModified() - { - if (!empty($this->notices) && (count($this->notices) > 0)) { - return strtotime($this->notices[0]->created); - } - - return null; - } - - /** - * An entity tag for this stream - * - * Returns an Etag based on the action name, language, user ID, and - * timestamps of the first and last notice in the timeline - * - * @return string etag - */ - - function etag() - { - if (!empty($this->notices) && (count($this->notices) > 0)) { - - $last = count($this->notices) - 1; - - return '"' . implode( - ':', - array($this->arg('action'), - common_language(), - $this->user->id, - strtotime($this->notices[0]->created), - strtotime($this->notices[$last]->created)) - ) - . '"'; - } - - return null; - } - -} diff --git a/actions/apipublictimeline.php b/actions/apipublictimeline.php deleted file mode 100644 index 2be979e6d..000000000 --- a/actions/apipublictimeline.php +++ /dev/null @@ -1,207 +0,0 @@ -. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/twitterapi.php'; - -/** - * Returns the most recent notices (default 20) posted by everybody - * - * @category API - * @package StatusNet - * @author Zach Copley - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -class ApiPublicTimelineAction extends TwitterapiAction -{ - - var $notices = null; - - /** - * Take arguments for running - * - * @param array $args $_REQUEST args - * - * @return boolean success flag - * - */ - - function prepare($args) - { - parent::prepare($args); - - $this->page = (int)$this->arg('page', 1); - $this->count = (int)$this->arg('count', 20); - $this->max_id = (int)$this->arg('max_id', 0); - $this->since_id = (int)$this->arg('since_id', 0); - $this->since = $this->arg('since'); - - $this->notices = $this->getNotices(); - - return true; - } - - /** - * Handle the request - * - * Just show the notices - * - * @param array $args $_REQUEST data (unused) - * - * @return void - */ - - function handle($args) - { - parent::handle($args); - $this->showTimeline(); - } - - /** - * Show the timeline of notices - * - * @return void - */ - - function showTimeline() - { - $sitename = common_config('site', 'name'); - $title = sprintf(_("%s public timeline"), $sitename); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:PublicTimeline"; - $link = common_root_url(); - $subtitle = sprintf(_("%s updates from everyone!"), $sitename); - - switch($this->arg('format')) { - case 'xml': - $this->show_xml_timeline($this->notices); - break; - case 'rss': - $this->show_rss_timeline($this->notices, $title, $link, $subtitle); - break; - case 'atom': - $selfuri = common_root_url() . 'api/statuses/public_timeline.atom'; - $this->show_atom_timeline( - $this->notices, $title, $id, $link, - $subtitle, null, $selfuri - ); - break; - case 'json': - $this->show_json_timeline($this->notices); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - break; - } - } - - /** - * Get notices - * - * @return array notices - */ - - function getNotices() - { - $notices = array(); - - $notice = Notice::publicStream( - ($this->page - 1) * $this->count, $this->count, $this->since_id, - $this->max_id, $this->since - ); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - return $notices; - } - - /** - * Is this action read only? - * - * @param array $args other arguments - * - * @return boolean true - */ - - function isReadOnly($args) - { - return true; - } - - /** - * When was this feed last modified? - * - * @return string datestamp of the latest notice in the stream - */ - - function lastModified() - { - if (!empty($this->notices) && (count($this->notices) > 0)) { - return strtotime($this->notices[0]->created); - } - - return null; - } - - /** - * An entity tag for this stream - * - * Returns an Etag based on the action name, language, and - * timestamps of the first and last notice in the timeline - * - * @return string etag - */ - - function etag() - { - if (!empty($this->notices) && (count($this->notices) > 0)) { - - $last = count($this->notices) - 1; - - return '"' . implode( - ':', - array($this->arg('action'), - common_language(), - strtotime($this->notices[0]->created), - strtotime($this->notices[$last]->created)) - ) - . '"'; - } - - return null; - } - -} diff --git a/actions/apishow.php b/actions/apishow.php deleted file mode 100644 index 952c7f593..000000000 --- a/actions/apishow.php +++ /dev/null @@ -1,196 +0,0 @@ -. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/twitterapi.php'; - -/** - * Returns the notice specified by id as a Twitter-style status and inline user - * - * @category API - * @package StatusNet - * @author Zach Copley - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -class ApiShowAction extends TwitterapiAction -{ - - var $notice_id = null; - var $notice = null; - var $format = null; - - /** - * Take arguments for running - * - * @param array $args $_REQUEST args - * - * @return boolean success flag - * - */ - - function prepare($args) - { - parent::prepare($args); - - // 'id' is an undocumented parameter in Twitter's API. Several - // clients make use of it, so we support it too. - - // show.json?id=12345 takes precedence over /show/12345.json - - $this->notice_id = (int)$this->trimmed('id'); - - if (empty($notice_id)) { - $this->notice_id = (int)$this->arg('id'); - } - - $this->format = $this->arg('format'); - $this->notice = Notice::staticGet((int)$this->notice_id); - - return true; - } - - /** - * Handle the request - * - * Check the format and show the notice - * - * @param array $args $_REQUEST data (unused) - * - * @return void - */ - - function handle($args) - { - parent::handle($args); - - if (!in_array($this->format, array('xml', 'json'))) { - $this->clientError(_('API method not found!'), $code = 404); - return; - } - - $this->showNotice(); - } - - /** - * Show the notice - * - * @return void - */ - - function showNotice() - { - if (!empty($this->notice)) { - if ($this->format == 'xml') { - $this->show_single_xml_status($this->notice); - } elseif ($this->format == 'json') { - $this->show_single_json_status($this->notice); - } - } else { - - // XXX: Twitter just sets a 404 header and doens't bother - // to return an err msg - - $deleted = Deleted_notice::staticGet($this->notice_id); - - if (!empty($deleted)) { - $this->clientError( - _('Status deleted.'), - 410, - $this->format - ); - } else { - $this->clientError( - _('No status with that ID found.'), - 404, - $this->format - ); - } - } - } - - /** - * Is this action read only? - * - * @param array $args other arguments - * - * @return boolean true - */ - - function isReadOnly($args) - { - return true; - } - - /** - * When was this notice last modified? - * - * @return string datestamp of the latest notice in the stream - */ - - function lastModified() - { - if (!empty($this->notice)) { - return strtotime($this->notice->created); - } - - return null; - } - - /** - * An entity tag for this notice - * - * Returns an Etag based on the action name, language, and - * timestamps of the notice - * - * @return string etag - */ - - function etag() - { - if (!empty($this->notice)) { - - return '"' . implode( - ':', - array($this->arg('action'), - common_language(), - $this->notice->id, - strtotime($this->notice->created)) - ) - . '"'; - } - - return null; - } - -} diff --git a/actions/apistatusesdestroy.php b/actions/apistatusesdestroy.php new file mode 100644 index 000000000..ae0f4c453 --- /dev/null +++ b/actions/apistatusesdestroy.php @@ -0,0 +1,152 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Deletes one of the authenticating user's statuses (notices). + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiStatusesDestroyAction extends ApiAuthAction +{ + + var $user = null; + var $status = null; + var $format = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return false; + } + } + + $this->user = $this->auth_user; + $this->notice_id = (int)$this->trimmed('id'); + + if (empty($notice_id)) { + $this->notice_id = (int)$this->arg('id'); + } + + $this->format = $this->arg('format'); + $this->notice = Notice::staticGet((int)$this->notice_id); + + return true; + } + + /** + * Handle the request + * + * Delete the notice and all related replies + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } + + if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { + $this->clientError(_('This method requires a POST or DELETE.'), + 400, $this->format); + return; + } + + if (empty($this->notice)) { + $this->clientError(_('No status found with that ID.'), + 404, $this->format); + return; + } + + if ($this->user->id == $this->notice->profile_id) { + $replies = new Reply; + $replies->get('notice_id', $this->notice_id); + $replies->delete(); + $this->notice->delete(); + + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } else { + $this->clientError(_('You may not delete another user\'s status.'), + 403, $this->format); + } + + $this->showNotice(); + } + + /** + * Show the deleted notice + * + * @return void + */ + + function showNotice() + { + if (!empty($this->notice)) { + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } + } + +} diff --git a/actions/apistatusesshow.php b/actions/apistatusesshow.php new file mode 100644 index 000000000..55eea2356 --- /dev/null +++ b/actions/apistatusesshow.php @@ -0,0 +1,196 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/twitterapi.php'; + +/** + * Returns the notice specified by id as a Twitter-style status and inline user + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiStatusesShowAction extends TwitterapiAction +{ + + var $notice_id = null; + var $notice = null; + var $format = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + // 'id' is an undocumented parameter in Twitter's API. Several + // clients make use of it, so we support it too. + + // show.json?id=12345 takes precedence over /show/12345.json + + $this->notice_id = (int)$this->trimmed('id'); + + if (empty($notice_id)) { + $this->notice_id = (int)$this->arg('id'); + } + + $this->format = $this->arg('format'); + $this->notice = Notice::staticGet((int)$this->notice_id); + + return true; + } + + /** + * Handle the request + * + * Check the format and show the notice + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } + + $this->showNotice(); + } + + /** + * Show the notice + * + * @return void + */ + + function showNotice() + { + if (!empty($this->notice)) { + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } else { + + // XXX: Twitter just sets a 404 header and doens't bother + // to return an err msg + + $deleted = Deleted_notice::staticGet($this->notice_id); + + if (!empty($deleted)) { + $this->clientError( + _('Status deleted.'), + 410, + $this->format + ); + } else { + $this->clientError( + _('No status with that ID found.'), + 404, + $this->format + ); + } + } + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this notice last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->notice)) { + return strtotime($this->notice->created); + } + + return null; + } + + /** + * An entity tag for this notice + * + * Returns an Etag based on the action name, language, and + * timestamps of the notice + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notice)) { + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + $this->notice->id, + strtotime($this->notice->created)) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php new file mode 100644 index 000000000..fb1278559 --- /dev/null +++ b/actions/apistatusesupdate.php @@ -0,0 +1,240 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Updates the authenticating user's status (posts a notice). + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiStatusesUpdateAction extends ApiAuthAction +{ + + var $user = null; + var $source = null; + var $status = null; + var $in_reply_to_status_id = null; + var $format = null; + + static $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return false; + } + } + + $this->user = $this->auth_user; + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); + return false; + } + + $this->status = $this->trimmed('status'); + + if (empty($this->status)) { + $this->clientError( + 'Client must provide a \'status\' parameter with a value.', + 400, + $this->format + ); + + return false; + } + + $this->source = $this->trimmed('source'); + + if (empty($this->source) || in_array($source, $this->reserved_sources)) { + $this->source = 'api'; + } + + $this->format = $this->arg('format'); + + $this->in_reply_to_status_id + = intval($this->trimmed('in_reply_to_status_id')); + + return true; + } + + /** + * Handle the request + * + * Make a new notice for the update, save it, and show it + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, $this->format + ); + return; + } + + $status_shortened = common_shorten_links($this->status); + + if (Notice::contentTooLong($status_shortened)) { + + // Note: Twitter truncates anything over 140, flags the status + // as "truncated." + + $this->clientError( + sprintf( + _('That\'s too long. Max notice size is %d chars.'), + Notice::maxContent() + ), + 406, + $this->format + ); + + return; + } + + // Check for commands + + $inter = new CommandInterpreter(); + $cmd = $inter->handle_command($this->user, $status_shortened); + + if ($cmd) { + + if ($this->supported($cmd)) { + $cmd->execute(new Channel()); + } + + // Cmd not supported? Twitter just returns your latest status. + // And, it returns your last status whether the cmd was successful + // or not! + + $this->notice = $this->user->getCurrentNotice(); + + } else { + + $reply_to = null; + + if (!empty($this->in_reply_to_status_id)) { + + // Check whether notice actually exists + + $reply = Notice::staticGet($this->in_reply_to_status_id); + + if ($reply) { + $reply_to = $this->in_reply_to_status_id; + } else { + $this->clientError( + _('Not found'), + $code = 404, + $this->format + ); + return; + } + } + + $this->notice = Notice::saveNew( + $this->user->id, + html_entity_decode($this->status, ENT_NOQUOTES, 'UTF-8'), + $this->source, + 1, + $reply_to + ); + + common_broadcast_notice($this->notice); + } + + $this->showNotice(); + } + + /** + * Show the resulting notice + * + * @return void + */ + + function showNotice() + { + if (!empty($this->notice)) { + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } + } + + /** + * Is this command supported when doing an update from the API? + * + * @param string $cmd the command to check for + * + * @return boolean true or false + */ + + function supported($cmd) + { + static $cmdlist = array('MessageCommand', 'SubCommand', 'UnsubCommand', + 'FavCommand', 'OnCommand', 'OffCommand'); + + if (in_array(get_class($cmd), $cmdlist)) { + return true; + } + + return false; + } + +} diff --git a/actions/apitimelinefriends.php b/actions/apitimelinefriends.php new file mode 100644 index 000000000..65bbb5a74 --- /dev/null +++ b/actions/apitimelinefriends.php @@ -0,0 +1,255 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * Returns the most recent notices (default 20) posted by the target user. + * This is the equivalent of 'You and friends' page accessed via Web. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiTimelineFriendsAction extends ApiBareAuthAction +{ + + var $user = null; + var $notices = null; + var $count = null; + var $max_id = null; + var $since_id = null; + var $since = null; + var $format = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + $this->format = $this->arg('format'); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->user = $this->getTargetUser($this->arg('id')); + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); + return; + } + + $this->notices = $this->getNotices(); + + return true; + } + + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showTimeline(); + } + + /** + * Show the timeline of notices + * + * @return void + */ + + function showTimeline() + { + $profile = $this->user->getProfile(); + $sitename = common_config('site', 'name'); + $title = sprintf(_("%s and friends"), $this->user->nickname); + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:FriendsTimeline:" . $this->user->id; + $link = common_local_url( + 'all', array('nickname' => $this->user->nickname) + ); + $subtitle = sprintf( + _('Updates from %1$s and friends on %2$s!'), + $this->user->nickname, $sitename + ); + + switch($this->format) { + case 'xml': + $this->show_xml_timeline($this->notices); + break; + case 'rss': + $this->show_rss_timeline($this->notices, $title, $link, $subtitle); + break; + case 'atom': + + $target_id = $this->arg('id'); + + if (isset($target_id)) { + $selfuri = common_root_url() . + 'api/statuses/friends_timeline/' . + $target_id . '.atom'; + } else { + $selfuri = common_root_url() . + 'api/statuses/friends_timeline.atom'; + } + + $this->show_atom_timeline( + $this->notices, $title, $id, $link, + $subtitle, null, $selfuri + ); + break; + case 'json': + $this->show_json_timeline($this->notices); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; + } + } + + /** + * Get notices + * + * @return array notices + */ + + function getNotices() + { + $notices = array(); + + if (!empty($this->auth_user) && $this->auth_user->id == $this->user->id) { + $notice = $this->user->noticeInbox( + ($this->page-1) * $this->count, + $this->count, $this->since_id, + $this->max_id, $this->since + ); + } else { + $notice = $this->user->noticesWithFriends( + ($this->page-1) * $this->count, + $this->count, $this->since_id, + $this->max_id, $this->since + ); + } + + while ($notice->fetch()) { + $notices[] = clone($notice); + } + + return $notices; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + return strtotime($this->notices[0]->created); + } + + return null; + } + + /** + * An entity tag for this stream + * + * Returns an Etag based on the action name, language, user ID, and + * timestamps of the first and last notice in the timeline + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + + $last = count($this->notices) - 1; + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + $this->user->id, + strtotime($this->notices[0]->created), + strtotime($this->notices[$last]->created)) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/apitimelinementions.php b/actions/apitimelinementions.php new file mode 100644 index 000000000..93c6da307 --- /dev/null +++ b/actions/apitimelinementions.php @@ -0,0 +1,234 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * Returns the most recent (default 20) mentions (status containing @nickname) + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiTimelineMentionsAction extends ApiBareAuthAction +{ + + var $user = null; + var $notices = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->user = $this->getTargetUser($this->arg('id')); + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->arg('format')); + return; + } + + $this->notices = $this->getNotices(); + + return true; + } + + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showTimeline(); + } + + /** + * Show the timeline of notices + * + * @return void + */ + + function showTimeline() + { + $profile = $this->user->getProfile(); + + $sitename = common_config('site', 'name'); + $title = sprintf( + _('%1$s / Updates mentioning %2$s'), + $sitename, $this->user->nickname + ); + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:Mentions:" . $this->user->id; + $link = common_local_url( + 'replies', + array('nickname' => $this->user->nickname) + ); + $subtitle = sprintf( + _('%1$s updates that reply to updates from %2$s / %3$s.'), + $sitename, $this->user->nickname, $profile->getBestName() + ); + + switch($this->arg('format')) { + case 'xml': + $this->show_xml_timeline($this->notices); + break; + case 'rss': + $this->show_rss_timeline($this->notices, $title, $link, $subtitle); + break; + case 'atom': + $selfuri = common_root_url() . + ltrim($_SERVER['QUERY_STRING'], 'p='); + $this->show_atom_timeline( + $this->notices, $title, $id, $link, $subtitle, + null, $selfuri + ); + break; + case 'json': + $this->show_json_timeline($this->notices); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; + } + } + + /** + * Get notices + * + * @return array notices + */ + + function getNotices() + { + $notices = array(); + + $notice = $this->user->getReplies( + ($this->page - 1) * $this->count, $this->count, + $this->since_id, $this->max_id, $this->since + ); + + while ($notice->fetch()) { + $notices[] = clone($notice); + } + + return $notices; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + return strtotime($this->notices[0]->created); + } + + return null; + } + + /** + * An entity tag for this stream + * + * Returns an Etag based on the action name, language, user ID, and + * timestamps of the first and last notice in the timeline + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + + $last = count($this->notices) - 1; + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + $this->user->id, + strtotime($this->notices[0]->created), + strtotime($this->notices[$last]->created)) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/apitimelinepublic.php b/actions/apitimelinepublic.php new file mode 100644 index 000000000..10bde6f37 --- /dev/null +++ b/actions/apitimelinepublic.php @@ -0,0 +1,207 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/twitterapi.php'; + +/** + * Returns the most recent notices (default 20) posted by everybody + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiTimelinePublicAction extends TwitterapiAction +{ + + var $notices = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + + $this->notices = $this->getNotices(); + + return true; + } + + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showTimeline(); + } + + /** + * Show the timeline of notices + * + * @return void + */ + + function showTimeline() + { + $sitename = common_config('site', 'name'); + $title = sprintf(_("%s public timeline"), $sitename); + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:PublicTimeline"; + $link = common_root_url(); + $subtitle = sprintf(_("%s updates from everyone!"), $sitename); + + switch($this->arg('format')) { + case 'xml': + $this->show_xml_timeline($this->notices); + break; + case 'rss': + $this->show_rss_timeline($this->notices, $title, $link, $subtitle); + break; + case 'atom': + $selfuri = common_root_url() . 'api/statuses/public_timeline.atom'; + $this->show_atom_timeline( + $this->notices, $title, $id, $link, + $subtitle, null, $selfuri + ); + break; + case 'json': + $this->show_json_timeline($this->notices); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; + } + } + + /** + * Get notices + * + * @return array notices + */ + + function getNotices() + { + $notices = array(); + + $notice = Notice::publicStream( + ($this->page - 1) * $this->count, $this->count, $this->since_id, + $this->max_id, $this->since + ); + + while ($notice->fetch()) { + $notices[] = clone($notice); + } + + return $notices; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + return strtotime($this->notices[0]->created); + } + + return null; + } + + /** + * An entity tag for this stream + * + * Returns an Etag based on the action name, language, and + * timestamps of the first and last notice in the timeline + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + + $last = count($this->notices) - 1; + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + strtotime($this->notices[0]->created), + strtotime($this->notices[$last]->created)) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/apitimelineuser.php b/actions/apitimelineuser.php new file mode 100644 index 000000000..c4d02bc62 --- /dev/null +++ b/actions/apitimelineuser.php @@ -0,0 +1,249 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * Returns the most recent notices (default 20) posted by the authenticating + * user. Another user's timeline can be requested via the id parameter. This + * is the API equivalent of the user profile web page. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiTimelineUserAction extends ApiBareAuthAction +{ + + var $user = null; + var $notices = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->user = $this->getTargetUser($this->arg('id')); + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->arg('format')); + return; + } + + $this->notices = $this->getNotices(); + + return true; + } + + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showTimeline(); + } + + /** + * Show the timeline of notices + * + * @return void + */ + + function showTimeline() + { + $profile = $this->user->getProfile(); + + $sitename = common_config('site', 'name'); + $title = sprintf(_("%s timeline"), $this->user->nickname); + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:UserTimeline:" . $this->user->id; + $link = common_local_url( + 'showstream', + array('nickname' => $this->user->nickname) + ); + $subtitle = sprintf( + _('Updates from %1$s on %2$s!'), + $this->user->nickname, $sitename + ); + + // FriendFeed's SUP protocol + // Also added RSS and Atom feeds + + $suplink = common_local_url('sup', null, null, $this->user->id); + header('X-SUP-ID: ' . $suplink); + + switch($this->arg('format')) { + case 'xml': + $this->show_xml_timeline($this->notices); + break; + case 'rss': + $this->show_rss_timeline( + $this->notices, $title, $link, + $subtitle, $suplink + ); + break; + case 'atom': + if (isset($apidata['api_arg'])) { + $selfuri = common_root_url() . + 'api/statuses/user_timeline/' . + $apidata['api_arg'] . '.atom'; + } else { + $selfuri = common_root_url() . + 'api/statuses/user_timeline.atom'; + } + $this->show_atom_timeline( + $this->notices, $title, $id, $link, + $subtitle, $suplink, $selfuri + ); + break; + case 'json': + $this->show_json_timeline($this->notices); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; + } + + } + + /** + * Get notices + * + * @return array notices + */ + + function getNotices() + { + $notices = array(); + + $notice = $this->user->getNotices( + ($this->page-1) * $this->count, $this->count, + $this->since_id, $this->max_id, $this->since + ); + + while ($notice->fetch()) { + $notices[] = clone($notice); + } + + return $notices; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + return strtotime($this->notices[0]->created); + } + + return null; + } + + /** + * An entity tag for this stream + * + * Returns an Etag based on the action name, language, user ID, and + * timestamps of the first and last notice in the timeline + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + + $last = count($this->notices) - 1; + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + $this->user->id, + strtotime($this->notices[0]->created), + strtotime($this->notices[$last]->created)) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/apiupdate.php b/actions/apiupdate.php deleted file mode 100644 index 04a38f3f8..000000000 --- a/actions/apiupdate.php +++ /dev/null @@ -1,240 +0,0 @@ -. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/apiauth.php'; - -/** - * Updates the authenticating user's status (posts a notice). - * - * @category API - * @package StatusNet - * @author Zach Copley - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -class ApiUpdateAction extends ApiAuthAction -{ - - var $user = null; - var $source = null; - var $status = null; - var $in_reply_to_status_id = null; - var $format = null; - - static $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); - - /** - * Take arguments for running - * - * @param array $args $_REQUEST args - * - * @return boolean success flag - * - */ - - function prepare($args) - { - parent::prepare($args); - - if ($this->requiresAuth()) { - if ($this->checkBasicAuthUser() == false) { - return false; - } - } - - $this->user = $this->auth_user; - - if (empty($this->user)) { - $this->clientError(_('No such user!'), 404, $this->format); - return false; - } - - $this->status = $this->trimmed('status'); - - if (empty($this->status)) { - $this->clientError( - 'Client must provide a \'status\' parameter with a value.', - 400, - $this->format - ); - - return false; - } - - $this->source = $this->trimmed('source'); - - if (empty($this->source) || in_array($source, $this->reserved_sources)) { - $this->source = 'api'; - } - - $this->format = $this->arg('format'); - - $this->in_reply_to_status_id - = intval($this->trimmed('in_reply_to_status_id')); - - return true; - } - - /** - * Handle the request - * - * Make a new notice for the update, save it, and show it - * - * @param array $args $_REQUEST data (unused) - * - * @return void - */ - - function handle($args) - { - parent::handle($args); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->clientError( - _('This method requires a POST.'), - 400, $this->format - ); - return; - } - - $status_shortened = common_shorten_links($this->status); - - if (Notice::contentTooLong($status_shortened)) { - - // Note: Twitter truncates anything over 140, flags the status - // as "truncated." - - $this->clientError( - sprintf( - _('That\'s too long. Max notice size is %d chars.'), - Notice::maxContent() - ), - 406, - $this->format - ); - - return; - } - - // Check for commands - - $inter = new CommandInterpreter(); - $cmd = $inter->handle_command($this->user, $status_shortened); - - if ($cmd) { - - if ($this->supported($cmd)) { - $cmd->execute(new Channel()); - } - - // Cmd not supported? Twitter just returns your latest status. - // And, it returns your last status whether the cmd was successful - // or not! - - $this->notice = $this->user->getCurrentNotice(); - - } else { - - $reply_to = null; - - if (!empty($this->in_reply_to_status_id)) { - - // Check whether notice actually exists - - $reply = Notice::staticGet($this->in_reply_to_status_id); - - if ($reply) { - $reply_to = $this->in_reply_to_status_id; - } else { - $this->clientError( - _('Not found'), - $code = 404, - $this->format - ); - return; - } - } - - $this->notice = Notice::saveNew( - $this->user->id, - html_entity_decode($this->status, ENT_NOQUOTES, 'UTF-8'), - $this->source, - 1, - $reply_to - ); - - common_broadcast_notice($this->notice); - } - - $this->showNotice(); - } - - /** - * Show the resulting notice - * - * @return void - */ - - function showNotice() - { - if (!empty($this->notice)) { - if ($this->format == 'xml') { - $this->show_single_xml_status($this->notice); - } elseif ($this->format == 'json') { - $this->show_single_json_status($this->notice); - } - } - } - - /** - * Is this command supported when doing an update from the API? - * - * @param string $cmd the command to check for - * - * @return boolean true or false - */ - - function supported($cmd) - { - static $cmdlist = array('MessageCommand', 'SubCommand', 'UnsubCommand', - 'FavCommand', 'OnCommand', 'OffCommand'); - - if (in_array(get_class($cmd), $cmdlist)) { - return true; - } - - return false; - } - -} diff --git a/actions/apiuserfollowers.php b/actions/apiuserfollowers.php new file mode 100644 index 000000000..5c0243449 --- /dev/null +++ b/actions/apiuserfollowers.php @@ -0,0 +1,85 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * Ouputs the authenticating user's followers (subscribers), each with + * current Twitter-style status inline. They are ordered by the order + * in which they subscribed to the user, 100 at a time. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiUserFollowersAction extends ApiSubscriptionsAction +{ + /** + * Get the user's subscribers (followers) as an array of profiles + * + * @return array Profiles + */ + + function getProfiles() + { + $offset = ($this->page - 1) * $this->count; + $limit = $this->count + 1; + + $subs = null; + + if (isset($this->tag)) { + $subs = $this->user->getTaggedSubscribers( + $this->tag, $offset, $limit + ); + } else { + $subs = $this->user->getSubscribers( + $offset, + $limit + ); + } + + $profiles = array(); + + if (!empty($subs)) { + while ($subs->fetch()) { + $profiles[] = clone($subs); + } + } + + return $profiles; + } + +} diff --git a/actions/apiuserfriends.php b/actions/apiuserfriends.php new file mode 100644 index 000000000..8a42e36b9 --- /dev/null +++ b/actions/apiuserfriends.php @@ -0,0 +1,85 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * Ouputs the authenticating user's friends (subscriptions), each with + * current Twitter-style status inline. They are ordered by the date + * in which the user subscribed to them, 100 at a time. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiUserFriendsAction extends ApiSubscriptionsAction +{ + /** + * Get the user's subscriptions (friends) as an array of profiles + * + * @return array Profiles + */ + + function getProfiles() + { + $offset = ($this->page - 1) * $this->count; + $limit = $this->count + 1; + + $subs = null; + + if (isset($this->tag)) { + $subs = $this->user->getTaggedSubscriptions( + $this->tag, $offset, $limit + ); + } else { + $subs = $this->user->getSubscriptions( + $offset, + $limit + ); + } + + $profiles = array(); + + if (!empty($subs)) { + while ($subs->fetch()) { + $profiles[] = clone($subs); + } + } + + return $profiles; + } + +} diff --git a/actions/apiusertimeline.php b/actions/apiusertimeline.php deleted file mode 100644 index 44d69415b..000000000 --- a/actions/apiusertimeline.php +++ /dev/null @@ -1,249 +0,0 @@ -. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/apibareauth.php'; - -/** - * Returns the most recent notices (default 20) posted by the authenticating - * user. Another user's timeline can be requested via the id parameter. This - * is the API equivalent of the user profile web page. - * - * @category API - * @package StatusNet - * @author Zach Copley - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -class ApiUserTimelineAction extends ApiBareAuthAction -{ - - var $user = null; - var $notices = null; - - /** - * Take arguments for running - * - * @param array $args $_REQUEST args - * - * @return boolean success flag - * - */ - - function prepare($args) - { - parent::prepare($args); - - $this->page = (int)$this->arg('page', 1); - $this->count = (int)$this->arg('count', 20); - $this->max_id = (int)$this->arg('max_id', 0); - $this->since_id = (int)$this->arg('since_id', 0); - $this->since = $this->arg('since'); - - if ($this->requiresAuth()) { - if ($this->checkBasicAuthUser() == false) { - return; - } - } - - $this->user = $this->getTargetUser($this->arg('id')); - - if (empty($this->user)) { - $this->clientError(_('No such user!'), 404, $this->arg('format')); - return; - } - - $this->notices = $this->getNotices(); - - return true; - } - - /** - * Handle the request - * - * Just show the notices - * - * @param array $args $_REQUEST data (unused) - * - * @return void - */ - - function handle($args) - { - parent::handle($args); - $this->showTimeline(); - } - - /** - * Show the timeline of notices - * - * @return void - */ - - function showTimeline() - { - $profile = $this->user->getProfile(); - - $sitename = common_config('site', 'name'); - $title = sprintf(_("%s timeline"), $this->user->nickname); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:UserTimeline:" . $this->user->id; - $link = common_local_url( - 'showstream', - array('nickname' => $this->user->nickname) - ); - $subtitle = sprintf( - _('Updates from %1$s on %2$s!'), - $this->user->nickname, $sitename - ); - - // FriendFeed's SUP protocol - // Also added RSS and Atom feeds - - $suplink = common_local_url('sup', null, null, $this->user->id); - header('X-SUP-ID: ' . $suplink); - - switch($this->arg('format')) { - case 'xml': - $this->show_xml_timeline($this->notices); - break; - case 'rss': - $this->show_rss_timeline( - $this->notices, $title, $link, - $subtitle, $suplink - ); - break; - case 'atom': - if (isset($apidata['api_arg'])) { - $selfuri = common_root_url() . - 'api/statuses/user_timeline/' . - $apidata['api_arg'] . '.atom'; - } else { - $selfuri = common_root_url() . - 'api/statuses/user_timeline.atom'; - } - $this->show_atom_timeline( - $this->notices, $title, $id, $link, - $subtitle, $suplink, $selfuri - ); - break; - case 'json': - $this->show_json_timeline($this->notices); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - break; - } - - } - - /** - * Get notices - * - * @return array notices - */ - - function getNotices() - { - $notices = array(); - - $notice = $this->user->getNotices( - ($this->page-1) * $this->count, $this->count, - $this->since_id, $this->max_id, $this->since - ); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - return $notices; - } - - /** - * Is this action read only? - * - * @param array $args other arguments - * - * @return boolean true - */ - - function isReadOnly($args) - { - return true; - } - - /** - * When was this feed last modified? - * - * @return string datestamp of the latest notice in the stream - */ - - function lastModified() - { - if (!empty($this->notices) && (count($this->notices) > 0)) { - return strtotime($this->notices[0]->created); - } - - return null; - } - - /** - * An entity tag for this stream - * - * Returns an Etag based on the action name, language, user ID, and - * timestamps of the first and last notice in the timeline - * - * @return string etag - */ - - function etag() - { - if (!empty($this->notices) && (count($this->notices) > 0)) { - - $last = count($this->notices) - 1; - - return '"' . implode( - ':', - array($this->arg('action'), - common_language(), - $this->user->id, - strtotime($this->notices[0]->created), - strtotime($this->notices[$last]->created)) - ) - . '"'; - } - - return null; - } - -} diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php deleted file mode 100644 index 87043b182..000000000 --- a/actions/twitapistatuses.php +++ /dev/null @@ -1,606 +0,0 @@ -. - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class TwitapistatusesAction extends TwitterapiAction -{ - - function public_timeline($args, $apidata) - { - // XXX: To really live up to the spec we need to build a list - // of notices by users who have custom avatars, so fix this SQL -- Zach - - parent::handle($args); - - $sitename = common_config('site', 'name'); - $title = sprintf(_("%s public timeline"), $sitename); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:PublicTimeline"; - $link = common_root_url(); - $subtitle = sprintf(_("%s updates from everyone!"), $sitename); - - $page = (int)$this->arg('page', 1); - $count = (int)$this->arg('count', 20); - $max_id = (int)$this->arg('max_id', 0); - $since_id = (int)$this->arg('since_id', 0); - $since = $this->arg('since'); - - $notice = Notice::publicStream(($page-1)*$count, $count, $since_id, - $max_id, $since); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); - break; - case 'atom': - $selfuri = common_root_url() . 'api/statuses/public_timeline.atom'; - $this->show_atom_timeline($notice, $title, $id, $link, - $subtitle, null, $selfuri); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - break; - } - - } - - function friends_timeline($args, $apidata) - { - parent::handle($args); - - $this->auth_user = $apidata['user']; - $user = $this->get_user($apidata['api_arg'], $apidata); - - if (empty($user)) { - $this->clientError(_('No such user!'), 404, - $apidata['content-type']); - return; - } - - $profile = $user->getProfile(); - $sitename = common_config('site', 'name'); - $title = sprintf(_("%s and friends"), $user->nickname); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:FriendsTimeline:" . $user->id; - $link = common_local_url('all', - array('nickname' => $user->nickname)); - $subtitle = sprintf(_('Updates from %1$s and friends on %2$s!'), - $user->nickname, $sitename); - - $page = (int)$this->arg('page', 1); - $count = (int)$this->arg('count', 20); - $max_id = (int)$this->arg('max_id', 0); - $since_id = (int)$this->arg('since_id', 0); - $since = $this->arg('since'); - - if (!empty($this->auth_user) && $this->auth_user->id == $user->id) { - $notice = $user->noticeInbox(($page-1)*$count, - $count, $since_id, $max_id, $since); - } else { - $notice = $user->noticesWithFriends(($page-1)*$count, - $count, $since_id, $max_id, $since); - } - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); - break; - case 'atom': - if (isset($apidata['api_arg'])) { - $selfuri = common_root_url() . - 'api/statuses/friends_timeline/' . - $apidata['api_arg'] . '.atom'; - } else { - $selfuri = common_root_url() . - 'api/statuses/friends_timeline.atom'; - } - $this->show_atom_timeline($notice, $title, $id, $link, - $subtitle, null, $selfuri); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - } - - } - - function home_timeline($args, $apidata) - { - call_user_func(array($this, 'friends_timeline'), $args, $apidata); - } - - function user_timeline($args, $apidata) - { - parent::handle($args); - - $this->auth_user = $apidata['user']; - $user = $this->get_user($apidata['api_arg'], $apidata); - - if (empty($user)) { - $this->clientError('Not Found', 404, $apidata['content-type']); - return; - } - - $profile = $user->getProfile(); - - $sitename = common_config('site', 'name'); - $title = sprintf(_("%s timeline"), $user->nickname); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:UserTimeline:".$user->id; - $link = common_local_url('showstream', - array('nickname' => $user->nickname)); - $subtitle = sprintf(_('Updates from %1$s on %2$s!'), - $user->nickname, $sitename); - - # FriendFeed's SUP protocol - # Also added RSS and Atom feeds - - $suplink = common_local_url('sup', null, null, $user->id); - header('X-SUP-ID: '.$suplink); - - $page = (int)$this->arg('page', 1); - $count = (int)$this->arg('count', 20); - $max_id = (int)$this->arg('max_id', 0); - $since_id = (int)$this->arg('since_id', 0); - $since = $this->arg('since'); - - $notice = $user->getNotices(($page-1)*$count, - $count, $since_id, $max_id, $since); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, - $subtitle, $suplink); - break; - case 'atom': - if (isset($apidata['api_arg'])) { - $selfuri = common_root_url() . - 'api/statuses/user_timeline/' . - $apidata['api_arg'] . '.atom'; - } else { - $selfuri = common_root_url() . - 'api/statuses/user_timeline.atom'; - } - $this->show_atom_timeline($notice, $title, $id, $link, - $subtitle, $suplink, $selfuri); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - } - - } - - function update($args, $apidata) - { - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - $this->clientError(_('API method not found!'), $code = 404); - return; - } - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->clientError(_('This method requires a POST.'), - 400, $apidata['content-type']); - return; - } - - $user = $apidata['user']; // Always the auth user - - $status = $this->trimmed('status'); - $source = $this->trimmed('source'); - $in_reply_to_status_id = - intval($this->trimmed('in_reply_to_status_id')); - $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); - - if (empty($source) || in_array($source, $reserved_sources)) { - $source = 'api'; - } - - if (empty($status)) { - - // XXX: Note: In this case, Twitter simply returns '200 OK' - // No error is given, but the status is not posted to the - // user's timeline. Seems bad. Shouldn't we throw an - // errror? -- Zach - return; - - } else { - - $status_shortened = common_shorten_links($status); - - if (Notice::contentTooLong($status_shortened)) { - - // XXX: Twitter truncates anything over 140, flags the status - // as "truncated." Sending this error may screw up some clients - // that assume Twitter will truncate for them. Should we just - // truncate too? -- Zach - $this->clientError(sprintf(_('That\'s too long. Max notice size is %d chars.'), - Notice::maxContent()), - $code = 406, $apidata['content-type']); - return; - } - } - - // Check for commands - $inter = new CommandInterpreter(); - $cmd = $inter->handle_command($user, $status_shortened); - - if ($cmd) { - - if ($this->supported($cmd)) { - $cmd->execute(new Channel()); - } - - // cmd not supported? Twitter just returns your latest status. - // And, it returns your last status whether the cmd was successful - // or not! - $n = $user->getCurrentNotice(); - $apidata['api_arg'] = $n->id; - } else { - - $reply_to = null; - - if ($in_reply_to_status_id) { - - // check whether notice actually exists - $reply = Notice::staticGet($in_reply_to_status_id); - - if ($reply) { - $reply_to = $in_reply_to_status_id; - } else { - $this->clientError(_('Not found'), $code = 404, - $apidata['content-type']); - return; - } - } - - $notice = Notice::saveNew($user->id, - html_entity_decode($status, ENT_NOQUOTES, 'UTF-8'), - $source, 1, $reply_to); - - common_broadcast_notice($notice); - $apidata['api_arg'] = $notice->id; - } - - $this->show($args, $apidata); - } - - function mentions($args, $apidata) - { - parent::handle($args); - - $user = $this->get_user($apidata['api_arg'], $apidata); - $this->auth_user = $apidata['user']; - - if (empty($user)) { - $this->clientError(_('No such user!'), 404, - $apidata['content-type']); - return; - } - - $profile = $user->getProfile(); - - $sitename = common_config('site', 'name'); - $title = sprintf(_('%1$s / Updates mentioning %2$s'), - $sitename, $user->nickname); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:Mentions:".$user->id; - $link = common_local_url('replies', - array('nickname' => $user->nickname)); - $subtitle = sprintf(_('%1$s updates that reply to updates from %2$s / %3$s.'), - $sitename, $user->nickname, $profile->getBestName()); - - $page = (int)$this->arg('page', 1); - $count = (int)$this->arg('count', 20); - $max_id = (int)$this->arg('max_id', 0); - $since_id = (int)$this->arg('since_id', 0); - $since = $this->arg('since'); - - $notice = $user->getReplies(($page-1)*$count, - $count, $since_id, $max_id, $since); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); - break; - case 'atom': - $selfuri = common_root_url() . - ltrim($_SERVER['QUERY_STRING'], 'p='); - $this->show_atom_timeline($notice, $title, $id, $link, $subtitle, - null, $selfuri); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - } - - } - - function replies($args, $apidata) - { - call_user_func(array($this, 'mentions'), $args, $apidata); - } - - function show($args, $apidata) - { - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - $this->clientError(_('API method not found!'), $code = 404); - return; - } - - // 'id' is an undocumented parameter in Twitter's API. Several - // clients make use of it, so we support it too. - - // show.json?id=12345 takes precedence over /show/12345.json - - $this->auth_user = $apidata['user']; - $notice_id = $this->trimmed('id'); - - if (empty($notice_id)) { - $notice_id = $apidata['api_arg']; - } - - $notice = Notice::staticGet((int)$notice_id); - - if ($notice) { - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_status($notice); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_status($notice); - } - } else { - // XXX: Twitter just sets a 404 header and doens't bother - // to return an err msg - $deleted = Deleted_notice::staticGet($notice_id); - if (!empty($deleted)) { - $this->clientError(_('Status deleted.'), - 410, $apidata['content-type']); - } else { - $this->clientError(_('No status with that ID found.'), - 404, $apidata['content-type']); - } - } - } - - function destroy($args, $apidata) - { - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - $this->clientError(_('API method not found!'), $code = 404); - return; - } - - // Check for RESTfulness - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - // XXX: Twitter just prints the err msg, no XML / JSON. - $this->clientError(_('This method requires a POST or DELETE.'), - 400, $apidata['content-type']); - return; - } - - $user = $apidata['user']; // Always the auth user - $notice_id = $apidata['api_arg']; - $notice = Notice::staticGet($notice_id); - - if (empty($notice)) { - $this->clientError(_('No status found with that ID.'), - 404, $apidata['content-type']); - return; - } - - if ($user->id == $notice->profile_id) { - $replies = new Reply; - $replies->get('notice_id', $notice_id); - $replies->delete(); - $notice->delete(); - - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_status($notice); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_status($notice); - } - } else { - $this->clientError(_('You may not delete another user\'s status.'), - 403, $apidata['content-type']); - } - - } - - function friends($args, $apidata) - { - parent::handle($args); - $includeStatuses=! (boolean) $args['lite']; - return $this->subscriptions($apidata, 'subscribed', 'subscriber', false, $includeStatuses); - } - - function friendsIDs($args, $apidata) - { - parent::handle($args); - return $this->subscriptions($apidata, 'subscribed', 'subscriber', true); - } - - function followers($args, $apidata) - { - parent::handle($args); - $includeStatuses=! (boolean) $args['lite']; - return $this->subscriptions($apidata, 'subscriber', 'subscribed', false, $includeStatuses); - } - - function followersIDs($args, $apidata) - { - parent::handle($args); - return $this->subscriptions($apidata, 'subscriber', 'subscribed', true); - } - - function subscriptions($apidata, $other_attr, $user_attr, $onlyIDs=false, $includeStatuses=true) - { - $this->auth_user = $apidata['user']; - $user = $this->get_user($apidata['api_arg'], $apidata); - - if (empty($user)) { - $this->clientError('Not Found', 404, $apidata['content-type']); - return; - } - - $profile = $user->getProfile(); - - $sub = new Subscription(); - $sub->$user_attr = $profile->id; - - $sub->orderBy('created DESC'); - - // Normally, page 100 friends at a time - - if (!$onlyIDs) { - $page = $this->arg('page', 1); - $count = $this->arg('count', 100); - $sub->limit(($page-1)*$count, $count); - } else { - - // If we're just looking at IDs, return - // ALL of them, unless the user specifies a page, - // in which case, return 500 per page. - - $page = $this->arg('page'); - if (!empty($page)) { - if ($page < 1) { - $page = 1; - } - $count = 500; - $sub->limit(($page-1)*$count, $count); - } - } - - $others = array(); - - if ($sub->find()) { - while ($sub->fetch()) { - $others[] = Profile::staticGet($sub->$other_attr); - } - } else { - // user has no followers - } - - $type = $apidata['content-type']; - - $this->init_document($type); - - if ($onlyIDs) { - $this->showIDs($others, $type); - } else { - $this->show_profiles($others, $type, $includeStatuses); - } - - $this->end_document($type); - } - - function show_profiles($profiles, $type, $includeStatuses) - { - switch ($type) { - case 'xml': - $this->elementStart('users', array('type' => 'array')); - foreach ($profiles as $profile) { - $this->show_profile($profile,$type,null,$includeStatuses); - } - $this->elementEnd('users'); - break; - case 'json': - $arrays = array(); - foreach ($profiles as $profile) { - $arrays[] = $this->twitter_user_array($profile, $includeStatuses); - } - print json_encode($arrays); - break; - default: - $this->clientError(_('unsupported file type')); - } - } - - function showIDs($profiles, $type) - { - switch ($type) { - case 'xml': - $this->elementStart('ids'); - foreach ($profiles as $profile) { - $this->element('id', null, $profile->id); - } - $this->elementEnd('ids'); - break; - case 'json': - $ids = array(); - foreach ($profiles as $profile) { - $ids[] = (int)$profile->id; - } - print json_encode($ids); - break; - default: - $this->clientError(_('unsupported file type')); - } - } - - function featured($args, $apidata) - { - parent::handle($args); - $this->serverError(_('API method under construction.'), $code=501); - } - - function supported($cmd) - { - $cmdlist = array('MessageCommand', 'SubCommand', 'UnsubCommand', - 'FavCommand', 'OnCommand', 'OffCommand'); - - if (in_array(get_class($cmd), $cmdlist)) { - return true; - } - - return false; - } - -} diff --git a/lib/router.php b/lib/router.php index 5c9513f57..357c70224 100644 --- a/lib/router.php +++ b/lib/router.php @@ -271,90 +271,90 @@ class Router // statuses API $m->connect('api/statuses/public_timeline.:format', - array('action' => 'ApiPublicTimeline', + array('action' => 'ApiTimelinePublic', 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/friends_timeline.:format', - array('action' => 'ApiFriendsTimeline', + array('action' => 'ApiTimelineFriends', 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/friends_timeline/:id.:format', - array('action' => 'ApiFriendsTimeline', + array('action' => 'ApiTimelineFriends', 'id' => '[a-zA-Z0-9]+', 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/home_timeline.:format', - array('action' => 'ApiFriendsTimeline', + array('action' => 'ApiTimelineFriends', 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/home_timeline/:id.:format', - array('action' => 'ApiFriendsTimeline', + array('action' => 'ApiTimelineFriends', 'id' => '[a-zA-Z0-9]+', 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/user_timeline.:format', - array('action' => 'ApiUserTimeline', + array('action' => 'ApiTimelineUser', 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/user_timeline/:id.:format', - array('action' => 'ApiUserTimeline', + array('action' => 'ApiTimelineUser', 'id' => '[a-zA-Z0-9]+', 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/mentions.:format', - array('action' => 'ApiMentions', + array('action' => 'ApiTimelineMentions', 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/mentions/:id.:format', - array('action' => 'ApiMentions', + array('action' => 'ApiTimelineMentions', 'id' => '[a-zA-Z0-9]+', 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/replies.:format', - array('action' => 'ApiMentions', + array('action' => 'ApiTimelineMentions', 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/replies/:id.:format', - array('action' => 'ApiMentions', + array('action' => 'ApiTimelineMentions', 'id' => '[a-zA-Z0-9]+', 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/friends.:format', - array('action' => 'ApiFriends', + array('action' => 'ApiUserFriends', 'format' => '(xml|json)')); $m->connect('api/statuses/friends/:id.:format', - array('action' => 'ApiFriends', + array('action' => 'ApiUserFriends', 'id' => '[a-zA-Z0-9]+', 'format' => '(xml|json)')); $m->connect('api/statuses/followers.:format', - array('action' => 'ApiFollowers', + array('action' => 'ApiUserFollowers', 'format' => '(xml|json)')); $m->connect('api/statuses/followers/:id.:format', - array('action' => 'ApiFollowers', + array('action' => 'ApiUserFollowers', 'id' => '[a-zA-Z0-9]+', 'format' => '(xml|json)')); $m->connect('api/statuses/show.:format', - array('action' => 'ApiShow', + array('action' => 'ApiStatusesShow', 'format' => '(xml|json)')); $m->connect('api/statuses/show/:id.:format', - array('action' => 'ApiShow', + array('action' => 'ApiStatusesShow', 'id' => '[0-9]+', 'format' => '(xml|json)')); $m->connect('api/statuses/update.:format', - array('action' => 'ApiUpdate', + array('action' => 'ApiStatusesUpdate', 'format' => '(xml|json)')); $m->connect('api/statuses/destroy.:format', - array('action' => 'ApiDestroy', + array('action' => 'ApiStatusesDestroy', 'format' => '(xml|json)')); $m->connect('api/statuses/destroy/:id.:format', - array('action' => 'ApiDestroy', + array('action' => 'ApiStatusesDestroy', 'id' => '[0-9]+', 'format' => '(xml|json)')); -- cgit v1.2.3-54-g00ecf From eaef9b689ab41eed23eb74841ed5038066c485a3 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Fri, 2 Oct 2009 10:31:13 -0700 Subject: New action for /users/show --- actions/apiusershow.php | 126 +++++++++++++++++++++++++++++++++++++++++++++++ actions/twitapiusers.php | 80 ------------------------------ lib/router.php | 8 +-- 3 files changed, 130 insertions(+), 84 deletions(-) create mode 100644 actions/apiusershow.php delete mode 100644 actions/twitapiusers.php (limited to 'actions') diff --git a/actions/apiusershow.php b/actions/apiusershow.php new file mode 100644 index 000000000..2e2ceab41 --- /dev/null +++ b/actions/apiusershow.php @@ -0,0 +1,126 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/twitterapi.php'; + +/** + * Ouputs information for a user, specified by ID or screen name. + * The user's most recent status will be returned inline. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiUserShowAction extends TwitterApiAction +{ + + var $format = null; + var $user = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->format = $this->arg('format'); + + $email = $this->arg('email'); + + // XXX: email field deprecated in Twitter's API + + if (!empty($email)) { + $this->user = User::staticGet('email', $email); + } else { + $this->user = $this->getTargetUser($this->arg('id')); + } + + return true; + } + + /** + * Handle the request + * + * Check the format and show the user info + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (empty($this->user)) { + $this->clientError(_('Not found.'), 404, $this->format); + return; + } + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } + + $profile = $this->user->getProfile(); + + if (empty($profile)) { + $this->clientError(_('User has no profile.')); + return; + } + + $twitter_user = $this->twitter_user_array($this->user->getProfile(), true); + + if ($this->format == 'xml') { + $this->init_document('xml'); + $this->show_twitter_xml_user($twitter_user); + $this->end_document('xml'); + } elseif ($this->format == 'json') { + $this->init_document('json'); + $this->show_json_objects($twitter_user); + $this->end_document('json'); + } + + } + +} diff --git a/actions/twitapiusers.php b/actions/twitapiusers.php deleted file mode 100644 index 703fa6754..000000000 --- a/actions/twitapiusers.php +++ /dev/null @@ -1,80 +0,0 @@ -. - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class TwitapiusersAction extends TwitterapiAction -{ - - function show($args, $apidata) - { - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - $this->clientError(_('API method not found!'), $code = 404); - return; - } - - $user = null; - $email = $this->arg('email'); - - // XXX: email field deprecated in Twitter's API - - if ($email) { - $user = User::staticGet('email', $email); - } else { - $user = $this->get_user($apidata['api_arg'], $apidata); - } - - if (empty($user)) { - $this->clientError(_('Not found.'), 404, $apidata['content-type']); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - $twitter_user = $this->twitter_user_array($user->getProfile(), true); - - if ($apidata['content-type'] == 'xml') { - $this->init_document('xml'); - $this->show_twitter_xml_user($twitter_user); - $this->end_document('xml'); - } elseif ($apidata['content-type'] == 'json') { - $this->init_document('json'); - $this->show_json_objects($twitter_user); - $this->end_document('json'); - } else { - - // This is in case 'show' was called via /account/verify_credentials - // without a format (xml or json). - header('Content-Type: text/html; charset=utf-8'); - print 'Authorized'; - } - - } -} diff --git a/lib/router.php b/lib/router.php index 357c70224..57f9864bc 100644 --- a/lib/router.php +++ b/lib/router.php @@ -361,10 +361,10 @@ class Router // users - $m->connect('api/users/:method/:argument', - array('action' => 'api', - 'apiaction' => 'users'), - array('method' => 'show(\.(xml|json))?')); + $m->connect('api/users/show/:id.:format', + array('action' => 'ApiUserShow', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xml|json)')); $m->connect('api/users/:method', array('action' => 'api', -- cgit v1.2.3-54-g00ecf From daa8b47306626b2b26b2d48a54449cd7394fc22e Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Fri, 2 Oct 2009 17:23:48 -0700 Subject: New actions for direct messaging through the API --- actions/apidirectmessage.php | 389 +++++++++++++++++++++++++++++++++++++ actions/apidirectmessagenew.php | 192 ++++++++++++++++++ actions/twitapidirect_messages.php | 305 ----------------------------- lib/router.php | 34 ++-- lib/twitterapi.php | 194 ++++++++++-------- 5 files changed, 707 insertions(+), 407 deletions(-) create mode 100644 actions/apidirectmessage.php create mode 100644 actions/apidirectmessagenew.php delete mode 100644 actions/twitapidirect_messages.php (limited to 'actions') diff --git a/actions/apidirectmessage.php b/actions/apidirectmessage.php new file mode 100644 index 000000000..87ae44d7a --- /dev/null +++ b/actions/apidirectmessage.php @@ -0,0 +1,389 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Show a list of direct messages from or to the authenticating user + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiDirectMessageAction extends ApiAuthAction +{ + var $format = null; + var $messages = null; + var $page = null; + var $count = null; + var $max_id = null; + var $since_id = null; + var $since = null; + var $title = null; + var $subtitle = null; + var $link = null; + var $selfuri_base = null; + var $id = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->user = $this->auth_user; + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); + return; + } + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + + $server = common_root_url(); + $taguribase = common_config('integration', 'taguri'); + + if ($this->arg('sent')) { + + // Action was called by /api/direct_messages/sent.format + + $this->title = sprintf( + _("Direct messages from %s"), + $this->user->nickname + ); + $this->subtitle = sprintf( + _("All the direct messages sent from %s"), + $this->user->nickname + ); + $this->link = $server . $this->user->nickname . '/outbox'; + $this->selfuri_base = common_root_url() . 'api/direct_messages/sent'; + $this->id = "tag:$taguribase:SentDirectMessages:" . $this->user->id; + } else { + $this->title = sprintf( + _("Direct messages to %s"), + $this->user->nickname + ); + $this->subtitle = sprintf( + _("All the direct messages sent to %s"), + $this->user->nickname + ); + $this->link = $server . $this->user->nickname . '/inbox'; + $this->selfuri_base = common_root_url() . 'api/direct_messages'; + $this->id = "tag:$taguribase:DirectMessages:" . $this->user->id; + } + + $this->format = $this->arg('format'); + + $this->messages = $this->getMessages(); + + return true; + } + + /** + * Handle the request + * + * Show the messages + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showMessages(); + } + + /** + * Show the messages + * + * @return void + */ + + function showMessages() + { + switch($this->format) { + case 'xml': + $this->showXmlDirectMessages(); + break; + case 'rss': + $this->showRssDirectMessages(); + break; + case 'atom': + $this->showAtomDirectMessages(); + break; + case 'json': + $this->showJsonDirectMessages(); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; + } + } + + /** + * Get notices + * + * @return array notices + */ + + function getMessages() + { + $message = new Message(); + + if ($this->arg('sent')) { + $message->from_profile = $this->user->id; + } else { + $message->to_profile = $this->user->id; + } + + if (!empty($this->max_id)) { + $message->whereAdd('id <= ' . $this->max_id); + } + + if (!empty($this->since_id)) { + $message->whereAdd('id > ' . $this->since_id); + } + + if (!empty($since)) { + $d = date('Y-m-d H:i:s', $this->since); + $message->whereAdd("created > '$d'"); + } + + $message->orderBy('created DESC, id DESC'); + $message->limit((($this->page - 1) * $this->count), $this->count); + $message->find(); + + $messages = array(); + + while ($message->fetch()) { + $messages[] = clone($message); + } + + return $messages; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this notice last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->messages)) { + return strtotime($this->messages[0]->created); + } + + return null; + } + + /** + * Shows a list of direct messages as Twitter-style XML array + * + * @return void + */ + + function showXmlDirectMessages() + { + $this->init_document('xml'); + $this->elementStart('direct-messages', array('type' => 'array')); + + foreach ($this->messages as $m) { + $dm_array = $this->directMessageArray($m); + $this->showXmlDirectMessage($dm_array); + } + + $this->elementEnd('direct-messages'); + $this->end_document('xml'); + } + + /** + * Shows a list of direct messages as a JSON encoded array + * + * @return void + */ + + function showJsonDirectMessages() + { + $this->init_document('json'); + + $dmsgs = array(); + + foreach ($this->messages as $m) { + $dm_array = $this->directMessageArray($m); + array_push($dmsgs, $dm_array); + } + + $this->show_json_objects($dmsgs); + $this->end_document('json'); + } + + /** + * Shows a list of direct messages as RSS items + * + * @return void + */ + + function showRssDirectMessages() + { + $this->init_document('rss'); + + $this->element('title', null, $this->title); + + $this->element('link', null, $this->link); + $this->element('description', null, $this->subtitle); + $this->element('language', null, 'en-us'); + + $this->element( + 'atom:link', + array( + 'type' => 'application/rss+xml', + 'href' => $this->selfuri_base . '.rss', + 'rel' => self + ), + null + ); + $this->element('ttl', null, '40'); + + foreach ($this->messages as $m) { + $entry = $this->rssDirectMessageArray($m); + $this->show_twitter_rss_item($entry); + } + + $this->end_twitter_rss(); + } + + /** + * Shows a list of direct messages as Atom entries + * + * @return void + */ + + function showAtomDirectMessages() + { + $this->init_document('atom'); + + $this->element('title', null, $this->title); + $this->element('id', null, $this->id); + + $selfuri = common_root_url() . 'api/direct_messages.atom'; + + $this->element( + 'link', array( + 'href' => $this->link, + 'rel' => 'alternate', + 'type' => 'text/html'), + null + ); + $this->element( + 'link', array( + 'href' => $this->selfuri_base . '.atom', 'rel' => 'self', + 'type' => 'application/atom+xml'), + null + ); + $this->element('updated', null, common_date_iso8601('now')); + $this->element('subtitle', null, $this->subtitle); + + foreach ($this->messages as $m) { + $entry = $this->rssDirectMessageArray($m); + $this->showTwitterAtomEntry($entry); + } + + $this->end_document('atom'); + } + + /** + * An entity tag for this notice + * + * Returns an Etag based on the action name, language, and + * timestamps of the notice + * + * @return string etag + */ + + function etag() + { + if (!empty($this->messages)) { + + $last = count($this->messages) - 1; + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + strtotime($this->messages[0]->created), + strtotime($this->messages[$last]->created) + ) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/apidirectmessagenew.php b/actions/apidirectmessagenew.php new file mode 100644 index 000000000..d836409ae --- /dev/null +++ b/actions/apidirectmessagenew.php @@ -0,0 +1,192 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Creates a new direct message from the authenticating user to + * the user specified by id. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiDirectMessageNewAction extends ApiAuthAction +{ + var $format = null; + var $source = null; + var $user = null; + var $other = null; + var $content = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->user = $this->auth_user; + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); + return; + } + + $this->source = $this->trimmed('source'); // Not supported by Twitter. + + $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); + if (empty($thtis->source) || in_array($this->source, $reserved_sources)) { + $source = 'api'; + } + + $this->content = $this->trimmed('text'); + + $this->user = $this->auth_user; + + $user_param = $this->trimmed('user'); + $user_id = $this->arg('user_id'); + $screen_name = $this->trimmed('screen_name'); + + if (isset($user_param) || isset($user_id) || isset($screen_name)) { + $this->other = $this->getTargetUser($user_param); + } + + $this->format = $this->arg('format'); + + return true; + } + + /** + * Handle the request + * + * Save the new message + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, + $this->format + ); + return; + } + + if (empty($this->content)) { + $this->clientError( + _('No message text!'), + 406, + $this->format + ); + } else { + $content_shortened = common_shorten_links($this->content); + if (Message::contentTooLong($content_shortened)) { + $this->clientError( + sprintf( + _('That\'s too long. Max message size is %d chars.'), + Message::maxContent() + ), + 406, + $this->format + ); + return; + } + } + + if (empty($this->other)) { + $this->clientError(_('Recipient user not found.'), 403, $this->format); + return; + } else if (!$this->user->mutuallySubscribed($this->other)) { + $this->clientError( + _('Can\'t send direct messages to users who aren\'t your friend.'), + 403, + $this->format + ); + return; + } else if ($this->user->id == $this->other->id) { + + // Note: sending msgs to yourself is allowed by Twitter + + $errmsg = 'Don\'t send a message to yourself; ' . + 'just say it to yourself quietly instead.' + + $this->clientError(_($errmsg), 403, $this->format); + return; + } + + $message = Message::saveNew( + $this->user->id, + $this->other->id, + html_entity_decode($this->content, ENT_NOQUOTES, 'UTF-8'), + $this->source + ); + + if (is_string($message)) { + $this->serverError($message); + return; + } + + mail_notify_message($message, $this->user, $this->other); + + if ($this->format == 'xml') { + $this->showSingleXmlDirectMessage($message); + } elseif ($this->format == 'json') { + $this->showSingleJsondirectMessage($message); + } + } + +} + diff --git a/actions/twitapidirect_messages.php b/actions/twitapidirect_messages.php deleted file mode 100644 index 08b8f4e9c..000000000 --- a/actions/twitapidirect_messages.php +++ /dev/null @@ -1,305 +0,0 @@ -. - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class Twitapidirect_messagesAction extends TwitterapiAction -{ - - function direct_messages($args, $apidata) - { - parent::handle($args); - return $this->show_messages($args, $apidata, 'received'); - } - - function sent($args, $apidata) - { - parent::handle($args); - return $this->show_messages($args, $apidata, 'sent'); - } - - function show_messages($args, $apidata, $type) - { - $user = $apidata['user']; // Always the auth user - - $message = new Message(); - $title = null; - $subtitle = null; - $link = null; - $server = common_root_url(); - - if ($type == 'received') { - $message->to_profile = $user->id; - $title = sprintf(_("Direct messages to %s"), $user->nickname); - $subtitle = sprintf(_("All the direct messages sent to %s"), - $user->nickname); - $link = $server . $user->nickname . '/inbox'; - } else { - $message->from_profile = $user->id; - $title = _('Direct Messages You\'ve Sent'); - $subtitle = sprintf(_("All the direct messages sent from %s"), - $user->nickname); - $link = $server . $user->nickname . '/outbox'; - } - - $page = (int)$this->arg('page', 1); - $count = (int)$this->arg('count', 20); - $max_id = (int)$this->arg('max_id', 0); - $since_id = (int)$this->arg('since_id', 0); - $since = $this->arg('since'); - - if ($max_id) { - $message->whereAdd("id <= $max_id"); - } - - if ($since_id) { - $message->whereAdd("id > $since_id"); - } - - if ($since) { - $d = date('Y-m-d H:i:s', $since); - $message->whereAdd("created > '$d'"); - } - - $message->orderBy('created DESC, id DESC'); - $message->limit((($page-1)*$count), $count); - $message->find(); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_dmsgs($message); - break; - case 'rss': - $this->show_rss_dmsgs($message, $title, $link, $subtitle); - break; - case 'atom': - $selfuri = common_root_url() . 'api/direct_messages'; - $selfuri .= ($type == 'received') ? '.atom' : '/sent.atom'; - $taguribase = common_config('integration', 'taguri'); - - if ($type == 'sent') { - $id = "tag:$taguribase:SentDirectMessages:" . $user->id; - } else { - $id = "tag:$taguribase:DirectMessages:" . $user->id; - } - - $this->show_atom_dmsgs($message, $title, $link, $subtitle, - $selfuri, $id); - break; - case 'json': - $this->show_json_dmsgs($message); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - } - - } - - // had to change this from "new" to "create" to avoid PHP reserved word - function create($args, $apidata) - { - parent::handle($args); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->clientError(_('This method requires a POST.'), - 400, $apidata['content-type']); - return; - } - - $user = $apidata['user']; - $source = $this->trimmed('source'); // Not supported by Twitter. - - $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); - if (empty($source) || in_array($source, $reserved_sources)) { - $source = 'api'; - } - - $content = $this->trimmed('text'); - - if (empty($content)) { - $this->clientError(_('No message text!'), - $code = 406, $apidata['content-type']); - } else { - $content_shortened = common_shorten_links($content); - if (Message::contentTooLong($content_shortened)) { - $this->clientError(sprintf(_('That\'s too long. Max message size is %d chars.'), - Message::maxContent()), - $code = 406, $apidata['content-type']); - return; - } - } - - $other = $this->get_user($this->trimmed('user')); - - if (empty($other)) { - $this->clientError(_('Recipient user not found.'), - $code = 403, $apidata['content-type']); - return; - } else if (!$user->mutuallySubscribed($other)) { - $this->clientError(_('Can\'t send direct messages to users who aren\'t your friend.'), - $code = 403, $apidata['content-type']); - return; - } else if ($user->id == $other->id) { - // Sending msgs to yourself is allowed by Twitter - $this->clientError(_('Don\'t send a message to yourself; just say it to yourself quietly instead.'), - $code = 403, $apidata['content-type']); - return; - } - - $message = Message::saveNew($user->id, $other->id, - html_entity_decode($content, ENT_NOQUOTES, 'UTF-8'), $source); - - if (is_string($message)) { - $this->serverError($message); - return; - } - - $this->notify($user, $other, $message); - - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_dmsg($message); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_dmsg($message); - } - - } - - function destroy($args, $apidata) - { - parent::handle($args); - $this->serverError(_('API method under construction.'), $code=501); - } - - function show_xml_dmsgs($message) - { - - $this->init_document('xml'); - $this->elementStart('direct-messages', array('type' => 'array')); - - if (is_array($message)) { - foreach ($message as $m) { - $twitter_dm = $this->twitter_dmsg_array($m); - $this->show_twitter_xml_dmsg($twitter_dm); - } - } else { - while ($message->fetch()) { - $twitter_dm = $this->twitter_dmsg_array($message); - $this->show_twitter_xml_dmsg($twitter_dm); - } - } - - $this->elementEnd('direct-messages'); - $this->end_document('xml'); - - } - - function show_json_dmsgs($message) - { - - $this->init_document('json'); - - $dmsgs = array(); - - if (is_array($message)) { - foreach ($message as $m) { - $twitter_dm = $this->twitter_dmsg_array($m); - array_push($dmsgs, $twitter_dm); - } - } else { - while ($message->fetch()) { - $twitter_dm = $this->twitter_dmsg_array($message); - array_push($dmsgs, $twitter_dm); - } - } - - $this->show_json_objects($dmsgs); - $this->end_document('json'); - - } - - function show_rss_dmsgs($message, $title, $link, $subtitle) - { - - $this->init_document('rss'); - - $this->elementStart('channel'); - $this->element('title', null, $title); - - $this->element('link', null, $link); - $this->element('description', null, $subtitle); - $this->element('language', null, 'en-us'); - $this->element('ttl', null, '40'); - - if (is_array($message)) { - foreach ($message as $m) { - $entry = $this->twitter_rss_dmsg_array($m); - $this->show_twitter_rss_item($entry); - } - } else { - while ($message->fetch()) { - $entry = $this->twitter_rss_dmsg_array($message); - $this->show_twitter_rss_item($entry); - } - } - - $this->elementEnd('channel'); - $this->end_twitter_rss(); - - } - - function show_atom_dmsgs($message, $title, $link, $subtitle, $selfuri, $id) - { - - $this->init_document('atom'); - - $this->element('title', null, $title); - $this->element('id', null, $id); - $this->element('link', array('href' => $link, 'rel' => 'alternate', 'type' => 'text/html'), null); - $this->element('link', array('href' => $selfuri, 'rel' => 'self', - 'type' => 'application/atom+xml'), null); - $this->element('updated', null, common_date_iso8601('now')); - $this->element('subtitle', null, $subtitle); - - if (is_array($message)) { - foreach ($message as $m) { - $entry = $this->twitter_rss_dmsg_array($m); - $this->show_twitter_atom_entry($entry); - } - } else { - while ($message->fetch()) { - $entry = $this->twitter_rss_dmsg_array($message); - $this->show_twitter_atom_entry($entry); - } - } - - $this->end_document('atom'); - } - - // swiped from MessageAction. Should it be place in util.php? - function notify($from, $to, $message) - { - mail_notify_message($message, $from, $to); - # XXX: Jabber, SMS notifications... probably queued - } - -} diff --git a/lib/router.php b/lib/router.php index 57f9864bc..75abf58ab 100644 --- a/lib/router.php +++ b/lib/router.php @@ -358,7 +358,6 @@ class Router 'id' => '[0-9]+', 'format' => '(xml|json)')); - // users $m->connect('api/users/show/:id.:format', @@ -373,30 +372,19 @@ class Router // direct messages - foreach (array('xml', 'json') as $e) { - $m->connect('api/direct_messages/new.'.$e, - array('action' => 'api', - 'apiaction' => 'direct_messages', - 'method' => 'create.'.$e)); - } - foreach (array('xml', 'json', 'rss', 'atom') as $e) { - $m->connect('api/direct_messages.'.$e, - array('action' => 'api', - 'apiaction' => 'direct_messages', - 'method' => 'direct_messages.'.$e)); - } + $m->connect('api/direct_messages.:format', + array('action' => 'ApiDirectMessage', + 'format' => '(xml|json|rss|atom)')); - foreach (array('xml', 'json', 'rss', 'atom') as $e) { - $m->connect('api/direct_messages/sent.'.$e, - array('action' => 'api', - 'apiaction' => 'direct_messages', - 'method' => 'sent.'.$e)); - } + $m->connect('api/direct_messages/sent.:format', + array('action' => 'ApiDirectMessage', + 'format' => '(xml|json|rss|atom)', + 'sent' => true)); - $m->connect('api/direct_messages/destroy/:argument', - array('action' => 'api', - 'apiaction' => 'direct_messages')); + $m->connect('api/direct_messages/new.:format', + array('action' => 'ApiDirectMessageNew', + 'format' => '(xml|json)')); // friendships @@ -410,7 +398,7 @@ class Router 'apiaction' => 'friendships'), array('method' => '(show|exists)(\.(xml|json))')); - // Social graph + // Social graph $m->connect('api/friends/ids/:id.:format', array('action' => 'apiFriends', diff --git a/lib/twitterapi.php b/lib/twitterapi.php index 708738832..b2104fddd 100644 --- a/lib/twitterapi.php +++ b/lib/twitterapi.php @@ -322,51 +322,6 @@ class TwitterapiAction extends Action return $entry; } - function twitter_rss_dmsg_array($message) - { - - $entry = array(); - - $entry['title'] = sprintf('Message from %s to %s', - $message->getFrom()->nickname, $message->getTo()->nickname); - - $entry['content'] = common_xml_safe_str(trim($message->content)); - $entry['link'] = common_local_url('showmessage', array('message' => $message->id)); - $entry['published'] = common_date_iso8601($message->created); - - $taguribase = common_config('integration', 'taguri'); - - $entry['id'] = "tag:$taguribase,:$entry[link]"; - $entry['updated'] = $entry['published']; - $entry['author'] = $message->getFrom()->getBestName(); - - # RSS Item specific - $entry['description'] = $entry['content']; - $entry['pubDate'] = common_date_rfc2822($message->created); - $entry['guid'] = $entry['link']; - - return $entry; - } - - function twitter_dmsg_array($message) - { - $twitter_dm = array(); - - $from_profile = $message->getFrom(); - $to_profile = $message->getTo(); - - $twitter_dm['id'] = $message->id; - $twitter_dm['sender_id'] = $message->from_profile; - $twitter_dm['text'] = trim($message->content); - $twitter_dm['recipient_id'] = $message->to_profile; - $twitter_dm['created_at'] = $this->date_twitter($message->created); - $twitter_dm['sender_screen_name'] = $from_profile->nickname; - $twitter_dm['recipient_screen_name'] = $to_profile->nickname; - $twitter_dm['sender'] = $this->twitter_user_array($from_profile, false); - $twitter_dm['recipient'] = $this->twitter_user_array($to_profile, false); - - return $twitter_dm; - } function twitter_relationship_array($source, $target) { @@ -531,40 +486,6 @@ class TwitterapiAction extends Action $this->end_document('json'); } - function show_single_xml_dmsg($message) - { - $this->init_document('xml'); - $dmsg = $this->twitter_dmsg_array($message); - $this->show_twitter_xml_dmsg($dmsg); - $this->end_document('xml'); - } - - function show_single_json_dmsg($message) - { - $this->init_document('json'); - $dmsg = $this->twitter_dmsg_array($message); - $this->show_json_objects($dmsg); - $this->end_document('json'); - } - - function show_twitter_xml_dmsg($twitter_dm) - { - $this->elementStart('direct_message'); - foreach($twitter_dm as $element => $value) { - switch ($element) { - case 'sender': - case 'recipient': - $this->show_twitter_xml_user($value, $element); - break; - case 'text': - $this->element($element, null, common_xml_safe_str($value)); - break; - default: - $this->element($element, null, $value); - } - } - $this->elementEnd('direct_message'); - } function show_xml_timeline($notice) { @@ -685,6 +606,121 @@ class TwitterapiAction extends Action $this->end_twitter_rss(); } + + function showTwitterAtomEntry($entry) + { + $this->elementStart('entry'); + $this->element('title', null, $entry['title']); + $this->element('content', array('type' => 'html'), $entry['content']); + $this->element('id', null, $entry['id']); + $this->element('published', null, $entry['published']); + $this->element('updated', null, $entry['updated']); + $this->element('link', array('type' => 'text/html', + 'href' => $entry['link'], + 'rel' => 'alternate')); + $this->element('link', array('type' => $entry['avatar-type'], + 'href' => $entry['avatar'], + 'rel' => 'image')); + $this->elementStart('author'); + + $this->element('name', null, $entry['author-name']); + $this->element('uri', null, $entry['author-uri']); + + $this->elementEnd('author'); + $this->elementEnd('entry'); + } + + function showXmlDirectMessage($dm) + { + $this->elementStart('direct_message'); + foreach($dm as $element => $value) { + switch ($element) { + case 'sender': + case 'recipient': + $this->show_twitter_xml_user($value, $element); + break; + case 'text': + $this->element($element, null, common_xml_safe_str($value)); + break; + default: + $this->element($element, null, $value); + break; + } + } + $this->elementEnd('direct_message'); + } + + function directMessageArray($message) + { + $dmsg = array(); + + $from_profile = $message->getFrom(); + $to_profile = $message->getTo(); + + $dmsg['id'] = $message->id; + $dmsg['sender_id'] = $message->from_profile; + $dmsg['text'] = trim($message->content); + $dmsg['recipient_id'] = $message->to_profile; + $dmsg['created_at'] = $this->date_twitter($message->created); + $dmsg['sender_screen_name'] = $from_profile->nickname; + $dmsg['recipient_screen_name'] = $to_profile->nickname; + $dmsg['sender'] = $this->twitter_user_array($from_profile, false); + $dmsg['recipient'] = $this->twitter_user_array($to_profile, false); + + return $dmsg; + } + + function rssDirectMessageArray($message) + { + $entry = array(); + + $from = $message->getFrom(); + + $entry['title'] = sprintf('Message from %s to %s', + $from->nickname, $message->getTo()->nickname); + + $entry['content'] = common_xml_safe_str($message->rendered); + $entry['link'] = common_local_url('showmessage', array('message' => $message->id)); + $entry['published'] = common_date_iso8601($message->created); + + $taguribase = common_config('integration', 'taguri'); + + $entry['id'] = "tag:$taguribase:$entry[link]"; + $entry['updated'] = $entry['published']; + + $entry['author-name'] = $from->getBestName(); + $entry['author-uri'] = $from->homepage; + + $avatar = $from->getAvatar(AVATAR_STREAM_SIZE); + + $entry['avatar'] = (!empty($avatar)) ? $avatar->url : Avatar::defaultImage(AVATAR_STREAM_SIZE); + $entry['avatar-type'] = (!empty($avatar)) ? $avatar->mediatype : 'image/png'; + + // RSS item specific + + $entry['description'] = $entry['content']; + $entry['pubDate'] = common_date_rfc2822($message->created); + $entry['guid'] = $entry['link']; + + return $entry; + } + + function showSingleXmlDirectMessage($message) + { + $this->init_document('xml'); + $dmsg = $this->directMessageArray($message); + $this->showXmlDirectMessage($dmsg); + $this->end_document('xml'); + } + + function showSingleJsonDirectMessage($message) + { + $this->init_document('json'); + $dmsg = $this->directMessageArray($message); + $this->show_json_objects($dmsg); + $this->end_document('json'); + } + function show_atom_groups($group, $title, $id, $link, $subtitle=null, $selfuri=null) { -- cgit v1.2.3-54-g00ecf From 4ed8055f86d3e3c517a9e367607f60d595b77f37 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 5 Oct 2009 09:57:59 -0700 Subject: New actions for managing subscriptions (friendships) --- actions/apifriendshipscreate.php | 134 ++++++++++++++++++++ actions/apifriendshipsdestroy.php | 136 +++++++++++++++++++++ actions/apifriendshipsexists.php | 128 +++++++++++++++++++ actions/apifriendshipsshow.php | 175 ++++++++++++++++++++++++++ actions/twitapifriendships.php | 250 -------------------------------------- 5 files changed, 573 insertions(+), 250 deletions(-) create mode 100644 actions/apifriendshipscreate.php create mode 100644 actions/apifriendshipsdestroy.php create mode 100644 actions/apifriendshipsexists.php create mode 100644 actions/apifriendshipsshow.php delete mode 100644 actions/twitapifriendships.php (limited to 'actions') diff --git a/actions/apifriendshipscreate.php b/actions/apifriendshipscreate.php new file mode 100644 index 000000000..d691b5b4f --- /dev/null +++ b/actions/apifriendshipscreate.php @@ -0,0 +1,134 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Allows the authenticating users to follow (subscribe) the user specified in + * the ID parameter. Returns the befriended user in the requested format when + * successful. Returns a string describing the failure condition when unsuccessful. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiFriendshipsCreateAction extends ApiAuthAction +{ + + var $format = null; + var $user = null; + var $other = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->format = $this->arg('format'); + $this->user = $this->auth_user; + $this->other = $this->getTargetUser($id); + + return true; + } + + /** + * Handle the request + * + * Check the format and show the user info + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, + $this->format + ); + return; + } + + if (empty($this->other)) { + $this->clientError( + _('Could not follow user: User not found.'), + 403, + $this->format + ); + return; + } + + if ($this->user->isSubscribed($this->other)) { + $errmsg = sprintf( + _('Could not follow user: %s is already on your list.'), + $this->other->nickname + ); + $this->clientError($errmsg, 403, $this->format); + return; + } + + $result = subs_subscribe_to($this->user, $this->other); + + if (is_string($result)) { + $this->clientError($result, 403, $this->format); + return; + } + + $this->init_document($this->format); + $this->show_profile($this->other, $this->format); + $this->end_document($this->format); + } + +} diff --git a/actions/apifriendshipsdestroy.php b/actions/apifriendshipsdestroy.php new file mode 100644 index 000000000..d97c5aa6d --- /dev/null +++ b/actions/apifriendshipsdestroy.php @@ -0,0 +1,136 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Allows the authenticating users to unfollow (unsubscribe) the user specified in + * the ID parameter. Returns the unfollowed user in the requested format when + * successful. Returns a string describing the failure condition when unsuccessful. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiFriendshipsDestroyAction extends ApiAuthAction +{ + + var $format = null; + var $user = null; + var $other = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->format = $this->arg('format'); + $this->user = $this->auth_user; + $this->other = $this->getTargetUser($id); + + return true; + } + + /** + * Handle the request + * + * Check the format and show the user info + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, + $this->format + ); + return; + } + + if (empty($this->other)) { + $this->clientError( + _('Could not unfollow user: User not found.'), + 403, + $this->format + ); + return; + } + + // Don't allow unsubscribing from yourself! + + if ($this->user->id == $this->other->id) { + $this->clientError( + _("You cannot unfollow yourself!"), + 403, + $this->format + ); + return; + } + + $result = subs_unsubscribe_user($this->user, $this->other->nickname); + + if (is_string($result)) { + $this->clientError($result, 403, $this->format); + return; + } + + $this->init_document($this->format); + $this->show_profile($this->other, $this->format); + $this->end_document($this->format); + } + +} diff --git a/actions/apifriendshipsexists.php b/actions/apifriendshipsexists.php new file mode 100644 index 000000000..3d6e7448d --- /dev/null +++ b/actions/apifriendshipsexists.php @@ -0,0 +1,128 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/twitterapi.php'; + +/** + * Tests for the existence of friendship between two users. Will return true if + * user_a follows user_b, otherwise will return false. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiFriendshipsExistsAction extends TwitterApiAction +{ + + var $format = null; + var $user_a = null; + var $user_b = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->format = $this->arg('format'); + + $user_a_id = $this->trimmed('user_a'); + $user_b_id = $this->trimmed('user_b'); + + common_debug("user_a = " . $user_a_id); + common_debug("user_b = " . $user_b_id); + + + $this->user_a = $this->getTargetUser($user_a_id); + + if (empty($this->user_a)) { + common_debug('gargargra'); + } + + $this->user_b = $this->getTargetUser($user_b_id); + + return true; + } + + /** + * Handle the request + * + * Check the format and show the user info + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (empty($this->user_a) || empty($this->user_b)) { + $this->clientError( + _('Two user ids or screen_names must be supplied.'), + 400, + $this->format + ); + return; + } + + $result = $this->user_a->isSubscribed($this->user_b); + + switch ($this->format) { + case 'xml': + $this->init_document('xml'); + $this->element('friends', null, $result); + $this->end_document('xml'); + break; + case 'json': + $this->init_document('json'); + print json_encode($result); + $this->end_document('json'); + break; + default: + break; + } + } + +} diff --git a/actions/apifriendshipsshow.php b/actions/apifriendshipsshow.php new file mode 100644 index 000000000..d35825a43 --- /dev/null +++ b/actions/apifriendshipsshow.php @@ -0,0 +1,175 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * Outputs detailed information about the relationship between two users + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiFriendshipsShowAction extends ApiBareAuthAction +{ + + var $format = null; + var $user = null; + var $source = null; + var $target = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->format = $this->arg('format'); + + $source_id = (int)$this->trimmed('source_id'); + $source_screen_name = $this->trimmed('source_screen_name'); + $target_id = (int)$this->trimmed('target_id'); + $target_screen_name = $this->trimmed('target_screen_name'); + + if (!empty($source_id)) { + $this->source = User::staticGet($source_id); + } elseif (!empty($source_screen_name)) { + $this->source = User::staticGet('nickname', $source_screen_name); + } else { + $this->source = $this->auth_user; + } + + if (!empty($target_id)) { + $this->target = User::staticGet($target_id); + } elseif (!empty($target_screen_name)) { + $this->target = User::staticGet('nickname', $target_screen_name); + } + + return true; + } + + + /** + * Determines whether this API resource requires auth. Overloaded to look + * return true in case source_id and source_screen_name are both empty + * + * @return boolean true or false + */ + + function requiresAuth() + { + if (common_config('site', 'private')) { + return true; + } + + $source_id = $this->trimmed('source_id'); + $source_screen_name = $this->trimmed('source_screen_name'); + + if (empty($source_id) && empty($source_screen_name)) { + return true; + } + + return false; + } + + /** + * Handle the request + * + * Check the format and show the user info + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError(_('API method not found!'), 404); + return; + } + + if (empty($this->source)) { + $this->clientError( + _('Could not determine source user.'), + 404 + ); + return; + } + + if (empty($this->target)) { + $this->clientError( + _('Could not find target user.'), + 404 + ); + return; + } + + $result = $this->twitter_relationship_array($this->source, $this->target); + + switch ($this->format) { + case 'xml': + $this->init_document('xml'); + $this->show_twitter_xml_relationship($result[relationship]); + $this->end_document('xml'); + break; + case 'json': + $this->init_document('json'); + print json_encode($result); + $this->end_document('json'); + break; + default: + break; + } + + } + +} diff --git a/actions/twitapifriendships.php b/actions/twitapifriendships.php deleted file mode 100644 index eea8945c3..000000000 --- a/actions/twitapifriendships.php +++ /dev/null @@ -1,250 +0,0 @@ -. - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class TwitapifriendshipsAction extends TwitterapiAction -{ - - function create($args, $apidata) - { - parent::handle($args); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->clientError(_('This method requires a POST.'), - 400, $apidata['content-type']); - return; - } - - $id = $apidata['api_arg']; - $other = $this->get_user($id); - - if (empty($other)) { - $this->clientError(_('Could not follow user: User not found.'), - 403, $apidata['content-type']); - return; - } - - $user = $apidata['user']; - - if ($user->isSubscribed($other)) { - $errmsg = sprintf(_('Could not follow user: %s is already on your list.'), - $other->nickname); - $this->clientError($errmsg, 403, $apidata['content-type']); - return; - } - - $sub = new Subscription(); - - $sub->query('BEGIN'); - - $sub->subscriber = $user->id; - $sub->subscribed = $other->id; - $sub->created = DB_DataObject_Cast::dateTime(); # current time - - $result = $sub->insert(); - - if (empty($result)) { - $errmsg = sprintf(_('Could not follow user: %s is already on your list.'), - $other->nickname); - $this->clientError($errmsg, 400, $apidata['content-type']); - return; - } - - $sub->query('COMMIT'); - - mail_subscribe_notify($other, $user); - - $type = $apidata['content-type']; - $this->init_document($type); - $this->show_profile($other, $type); - $this->end_document($type); - - } - - function destroy($args, $apidata) - { - parent::handle($args); - - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - $this->clientError(_('This method requires a POST or DELETE.'), - 400, $apidata['content-type']); - return; - } - - $id = $apidata['api_arg']; - - # We can't subscribe to a remote person, but we can unsub - - $other = $this->get_profile($id); - $user = $apidata['user']; // Alwyas the auth user - - if ($user->id == $other->id) { - $this->clientError(_("You cannot unfollow yourself!"), - 403, $apidata['content-type']); - return; - } - - $sub = new Subscription(); - $sub->subscriber = $user->id; - $sub->subscribed = $other->id; - - if ($sub->find(true)) { - $sub->query('BEGIN'); - $sub->delete(); - $sub->query('COMMIT'); - } else { - $this->clientError(_('You are not friends with the specified user.'), - 403, $apidata['content-type']); - return; - } - - $type = $apidata['content-type']; - $this->init_document($type); - $this->show_profile($other, $type); - $this->end_document($type); - - } - - function exists($args, $apidata) - { - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - $this->clientError(_('API method not found!'), $code = 404); - return; - } - - $user_a_id = $this->trimmed('user_a'); - $user_b_id = $this->trimmed('user_b'); - - $user_a = $this->get_user($user_a_id); - $user_b = $this->get_user($user_b_id); - - if (empty($user_a) || empty($user_b)) { - $this->clientError(_('Two user ids or screen_names must be supplied.'), - 400, $apidata['content-type']); - return; - } - - $result = $user_a->isSubscribed($user_b); - - switch ($apidata['content-type']) { - case 'xml': - $this->init_document('xml'); - $this->element('friends', null, $result); - $this->end_document('xml'); - break; - case 'json': - $this->init_document('json'); - print json_encode($result); - $this->end_document('json'); - break; - default: - break; - } - - } - - function show($args, $apidata) - { - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - $this->clientError(_('API method not found!'), $code = 404); - return; - } - - $source_id = (int)$this->trimmed('source_id'); - $source_screen_name = $this->trimmed('source_screen_name'); - - // If the source is not specified for an unauthenticated request, - // the method will return an HTTP 403. - - if (empty($source_id) && empty($source_screen_name)) { - if (empty($apidata['user'])) { - $this->clientError(_('Could not determine source user.'), - $code = 403); - return; - } - } - - $source = null; - - if (!empty($source_id)) { - $source = User::staticGet($source_id); - } elseif (!empty($source_screen_name)) { - $source = User::staticGet('nickname', $source_screen_name); - } else { - $source = $apidata['user']; - } - - // If a source or target is specified but does not exist, - // the method will return an HTTP 404. - - if (empty($source)) { - $this->clientError(_('Could not determine source user.'), - $code = 404); - return; - } - - $target_id = (int)$this->trimmed('target_id'); - $target_screen_name = $this->trimmed('target_screen_name'); - - $target = null; - - if (!empty($target_id)) { - $target = User::staticGet($target_id); - } elseif (!empty($target_screen_name)) { - $target = User::staticGet('nickname', $target_screen_name); - } else { - $this->clientError(_('Target user not specified.'), - $code = 403); - return; - } - - if (empty($target)) { - $this->clientError(_('Could not find target user.'), - $code = 404); - return; - } - - $result = $this->twitter_relationship_array($source, $target); - - switch ($apidata['content-type']) { - case 'xml': - $this->init_document('xml'); - $this->show_twitter_xml_relationship($result[relationship]); - $this->end_document('xml'); - break; - case 'json': - $this->init_document('json'); - print json_encode($result); - $this->end_document('json'); - break; - default: - break; - } - } - -} -- cgit v1.2.3-54-g00ecf From 62d1475df1c85c63f6d0dc4628a912c7666c2d21 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 5 Oct 2009 13:25:34 -0700 Subject: Add in a check for proper format --- actions/apifriendshipscreate.php | 9 +++++++++ actions/apifriendshipsdestroy.php | 9 +++++++++ 2 files changed, 18 insertions(+) (limited to 'actions') diff --git a/actions/apifriendshipscreate.php b/actions/apifriendshipscreate.php index d691b5b4f..969fc1282 100644 --- a/actions/apifriendshipscreate.php +++ b/actions/apifriendshipscreate.php @@ -101,6 +101,15 @@ class ApiFriendshipsCreateAction extends ApiAuthAction return; } + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + return; + } + if (empty($this->other)) { $this->clientError( _('Could not follow user: User not found.'), diff --git a/actions/apifriendshipsdestroy.php b/actions/apifriendshipsdestroy.php index d97c5aa6d..ef864c4db 100644 --- a/actions/apifriendshipsdestroy.php +++ b/actions/apifriendshipsdestroy.php @@ -101,6 +101,15 @@ class ApiFriendshipsDestroyAction extends ApiAuthAction return; } + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + return; + } + if (empty($this->other)) { $this->clientError( _('Could not unfollow user: User not found.'), -- cgit v1.2.3-54-g00ecf From dd0d90723142d8042991f998f2b0c355d47638b5 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 5 Oct 2009 13:50:01 -0700 Subject: New actions for favorites via the API --- actions/apifavoritecreate.php | 175 +++++++++++++++++++++++++++ actions/apifavoritedestroy.php | 154 +++++++++++++++++++++++ actions/apitimelinefavorites.php | 255 +++++++++++++++++++++++++++++++++++++++ actions/twitapifavorites.php | 216 --------------------------------- lib/router.php | 30 ++--- 5 files changed, 600 insertions(+), 230 deletions(-) create mode 100644 actions/apifavoritecreate.php create mode 100644 actions/apifavoritedestroy.php create mode 100644 actions/apitimelinefavorites.php delete mode 100644 actions/twitapifavorites.php (limited to 'actions') diff --git a/actions/apifavoritecreate.php b/actions/apifavoritecreate.php new file mode 100644 index 000000000..e45603c6a --- /dev/null +++ b/actions/apifavoritecreate.php @@ -0,0 +1,175 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Favorites the status specified in the ID parameter as the authenticating user. + * Returns the favorite status when successful. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiFavoriteCreateAction extends ApiAuthAction +{ + + var $format = null; + var $user = null; + var $notice = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->format = $this->arg('format'); + $this->user = $this->auth_user; + $this->notice = Notice::staticGet($this->arg('id')); + + return true; + } + + /** + * Handle the request + * + * Check the format and show the user info + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, + $this->format + ); + return; + } + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + return; + } + + if (empty($this->notice)) { + $this->clientError( + _('No status found with that ID.'), + 404, + $this->format + ); + return; + } + + // Note: Twitter lets you fave things repeatedly via API. + + if ($this->user->hasFave($this->notice)) { + $this->clientError( + _('This status is already a favorite!'), + 403, + $this->format + ); + return; + } + + $fave = Fave::addNew($this->user, $this->notice); + + if (empty($fave)) { + $this->clientError( + _('Could not create favorite.') + 403, + $this->format + ); + return; + } + + $this->notify($fave, $this->notice, $this->user); + $this->user->blowFavesCache(); + + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } + + + /** + * Notify the author of the favorite that the user likes their notice + * + * @param Favorite $fave the favorite in question + * @param Notice $notice the notice that's been faved + * @param User $user the user doing the favoriting + * + * @return void + */ + function notify($fave, $notice, $user) + { + $other = User::staticGet('id', $notice->profile_id); + if ($other && $other->id != $user->id) { + if ($other->email && $other->emailnotifyfav) { + mail_notify_fave($other, $user, $notice); + } + // XXX: notify by IM + // XXX: notify by SMS + } + } + +} diff --git a/actions/apifavoritedestroy.php b/actions/apifavoritedestroy.php new file mode 100644 index 000000000..a70d5c79b --- /dev/null +++ b/actions/apifavoritedestroy.php @@ -0,0 +1,154 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Un-favorites the status specified in the ID parameter as the authenticating user. + * Returns the un-favorited status in the requested format when successful. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiFavoriteDestroyAction extends ApiAuthAction +{ + + var $format = null; + var $user = null; + var $notice = null; + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->format = $this->arg('format'); + $this->user = $this->auth_user; + $this->notice = Notice::staticGet($this->arg('id')); + + return true; + } + + /** + * Handle the request + * + * Check the format and show the user info + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, + $this->format + ); + return; + } + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + return; + } + + if (empty($this->notice)) { + $this->clientError( + _('No status found with that ID.'), + 404, + $this->format + ); + return; + } + + $fave = new Fave(); + $fave->user_id = $this->user->id; + $fave->notice_id = $this->notice->id; + + if (!$fave->find(true)) { + $this->clientError( + _('That status is not a favorite!'), + 403, + $this->favorite + ); + return; + } + + $result = $fave->delete(); + + if (!$result) { + common_log_db_error($fave, 'DELETE', __FILE__); + $this->clientError( + _('Could not delete favorite.'), + 404, + $this->format + ); + return; + } + + $this->user->blowFavesCache(); + + if ($this->format == 'xml') { + $this->show_single_xml_status($this->notice); + } elseif ($this->format == 'json') { + $this->show_single_json_status($this->notice); + } + } + +} diff --git a/actions/apitimelinefavorites.php b/actions/apitimelinefavorites.php new file mode 100644 index 000000000..9ccee5cfa --- /dev/null +++ b/actions/apitimelinefavorites.php @@ -0,0 +1,255 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * Returns the 20 most recent favorite notices for the authenticating user or user + * specified by the ID parameter in the requested format. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiTimelineFavoritesAction extends ApiBareAuthAction +{ + + var $user = null; + var $notices = null; + var $format = null; + var $page = null; + var $count = null; + var $max_id = null; + var $since_id = null; + var $since = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + $this->format = $this->arg('format'); + + $this->user = $this->getTargetUser($this->arg('id')); + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); + return; + } + + $this->notices = $this->getNotices(); + + return true; + } + + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showTimeline(); + } + + /** + * Show the timeline of notices + * + * @return void + */ + + function showTimeline() + { + $profile = $this->user->getProfile(); + + $sitename = common_config('site', 'name'); + $title = sprintf( + _('%s / Favorites from %s'), + $sitename, + $this->user->nickname + ); + + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:Favorites:" . $this->user->id; + $link = common_local_url( + 'favorites', + array('nickname' => $this->user->nickname) + ); + $subtitle = sprintf( + _('%s updates favorited by %s / %s.'), + $sitename, + $profile->getBestName(), + $this->user->nickname + ); + + switch($this->format) { + case 'xml': + $this->show_xml_timeline($this->notices); + break; + case 'rss': + $this->show_rss_timeline($this->notices, $title, $link, $subtitle); + break; + case 'atom': + $selfuri = common_root_url() . + ltrim($_SERVER['QUERY_STRING'], 'p='); + $this->show_atom_timeline( + $this->notices, $title, $id, $link, $subtitle, + null, $selfuri + ); + break; + case 'json': + $this->show_json_timeline($this->notices); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; + } + } + + /** + * Get notices + * + * @return array notices + */ + + function getNotices() + { + $notices = array(); + + if (!empty($this->auth_user) && $this->auth_user->id == $this->user->id) { + $notice = $this->user->favoriteNotices( + ($this->page-1) * $this->count, + $this->count, + true + ); + } else { + $notice = $this->user->favoriteNotices( + ($this->page-1) * $this->count, + $this->count, + false + ); + } + + while ($notice->fetch()) { + $notices[] = clone($notice); + } + + return $notices; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + return strtotime($this->notices[0]->created); + } + + return null; + } + + /** + * An entity tag for this stream + * + * Returns an Etag based on the action name, language, user ID, and + * timestamps of the first and last notice in the timeline + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + + $last = count($this->notices) - 1; + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + $this->user->id, + strtotime($this->notices[0]->created), + strtotime($this->notices[$last]->created)) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/twitapifavorites.php b/actions/twitapifavorites.php deleted file mode 100644 index f8943fe2d..000000000 --- a/actions/twitapifavorites.php +++ /dev/null @@ -1,216 +0,0 @@ -. - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class TwitapifavoritesAction extends TwitterapiAction -{ - - function favorites($args, $apidata) - { - parent::handle($args); - - $this->auth_user = $apidata['user']; - $user = $this->get_user($apidata['api_arg'], $apidata); - - if (empty($user)) { - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_status($notice); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_status($notice); - } - $this->clientError('Not Found', 404, $apidata['content-type']); - return; - } - - $profile = $user->getProfile(); - - $sitename = common_config('site', 'name'); - $title = sprintf(_('%s / Favorites from %s'), $sitename, - $user->nickname); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:Favorites:".$user->id; - $link = common_local_url('favorites', - array('nickname' => $user->nickname)); - $subtitle = sprintf(_('%s updates favorited by %s / %s.'), $sitename, - $profile->getBestName(), $user->nickname); - - $page = (int)$this->arg('page', 1); - $count = (int)$this->arg('count', 20); - $max_id = (int)$this->arg('max_id', 0); - $since_id = (int)$this->arg('since_id', 0); - $since = $this->arg('since'); - - if (!empty($this->auth_user) && $this->auth_user->id == $user->id) { - $notice = $user->favoriteNotices(($page-1)*$count, $count, true); - } else { - $notice = $user->favoriteNotices(($page-1)*$count, $count, false); - } - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); - break; - case 'atom': - if (isset($apidata['api_arg'])) { - $selfuri = $selfuri = common_root_url() . - 'api/favorites/' . $apidata['api_arg'] . '.atom'; - } else { - $selfuri = $selfuri = common_root_url() . - 'api/favorites.atom'; - } - $this->show_atom_timeline($notice, $title, $id, $link, - $subtitle, null, $selfuri); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - } - - } - - function create($args, $apidata) - { - parent::handle($args); - - // Check for RESTfulness - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - $this->clientError(_('This method requires a POST or DELETE.'), - 400, $apidata['content-type']); - return; - } - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - $this->clientError(_('API method not found!'), $code = 404); - return; - } - - $user = $apidata['user']; // Always the auth user - $notice_id = $apidata['api_arg']; - $notice = Notice::staticGet($notice_id); - - if (empty($notice)) { - $this->clientError(_('No status found with that ID.'), - 404, $apidata['content-type']); - return; - } - - // XXX: Twitter lets you fave things repeatedly via api. - if ($user->hasFave($notice)) { - $this->clientError(_('This status is already a favorite!'), - 403, $apidata['content-type']); - return; - } - - $fave = Fave::addNew($user, $notice); - - if (empty($fave)) { - $this->clientError(_('Could not create favorite.')); - return; - } - - $this->notify($fave, $notice, $user); - $user->blowFavesCache(); - - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_status($notice); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_status($notice); - } - - } - - function destroy($args, $apidata) - { - parent::handle($args); - - // Check for RESTfulness - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - $this->clientError(_('This method requires a POST or DELETE.'), - 400, $apidata['content-type']); - return; - } - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - $this->clientError(_('API method not found!'), $code = 404); - return; - } - - $user = $apidata['user']; // Always the auth user - $notice_id = $apidata['api_arg']; - $notice = Notice::staticGet($notice_id); - - if (empty($notice)) { - $this->clientError(_('No status found with that ID.'), - 404, $apidata['content-type']); - return; - } - - $fave = new Fave(); - $fave->user_id = $this->id; - $fave->notice_id = $notice->id; - - if (!$fave->find(true)) { - $this->clientError(_('That status is not a favorite!'), - 403, $apidata['content-type']); - return; - } - - $result = $fave->delete(); - - if (!$result) { - common_log_db_error($fave, 'DELETE', __FILE__); - $this->clientError(_('Could not delete favorite.'), 404); - return; - } - - $user->blowFavesCache(); - - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_status($notice); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_status($notice); - } - - } - - // XXX: these two funcs swiped from faves. - // Maybe put in util.php, or some common base class? - - function notify($fave, $notice, $user) - { - $other = User::staticGet('id', $notice->profile_id); - if ($other && $other->id != $user->id) { - if ($other->email && $other->emailnotifyfav) { - mail_notify_fave($other, $user, $notice); - } - # XXX: notify by IM - # XXX: notify by SMS - } - } -} diff --git a/lib/router.php b/lib/router.php index 5ee939657..8e6db8880 100644 --- a/lib/router.php +++ b/lib/router.php @@ -440,22 +440,24 @@ class Router // favorites - $m->connect('api/favorites/:method/:argument', - array('action' => 'api', - 'apiaction' => 'favorites', - array('method' => '(create|destroy)'))); + $m->connect('api/favorites.:format', + array('action' => 'ApiTimelineFavorites', + 'format' => '(xml|json|rss|atom)')); - $m->connect('api/favorites/:argument', - array('action' => 'api', - 'apiaction' => 'favorites', - 'method' => 'favorites')); + $m->connect('api/favorites/:id.:format', + array('action' => 'ApiTimelineFavorites', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xmljson|rss|atom)')); - foreach (array('xml', 'json', 'rss', 'atom') as $e) { - $m->connect('api/favorites.'.$e, - array('action' => 'api', - 'apiaction' => 'favorites', - 'method' => 'favorites.'.$e)); - } + $m->connect('api/favorites/create/:id.:format', + array('action' => 'ApiFavoriteCreate', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xml|json)')); + + $m->connect('api/favorites/destroy/:id.:format', + array('action' => 'ApiFavoriteDestroy', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xml|json)')); // notifications -- cgit v1.2.3-54-g00ecf From 475bdf6fba3ee8081f3726f98ecd3a50fdda305e Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 5 Oct 2009 17:10:30 -0700 Subject: New actions for the account methods we have implemented --- actions/apiaccountratelimitstatus.php | 132 ++++++++++++++++++++++++++++++++ actions/apiaccountverifycredentials.php | 104 +++++++++++++++++++++++++ actions/twitapiaccount.php | 127 ------------------------------ lib/router.php | 13 +++- 4 files changed, 246 insertions(+), 130 deletions(-) create mode 100644 actions/apiaccountratelimitstatus.php create mode 100644 actions/apiaccountverifycredentials.php delete mode 100644 actions/twitapiaccount.php (limited to 'actions') diff --git a/actions/apiaccountratelimitstatus.php b/actions/apiaccountratelimitstatus.php new file mode 100644 index 000000000..3c6c3e714 --- /dev/null +++ b/actions/apiaccountratelimitstatus.php @@ -0,0 +1,132 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apibareauth.php'; + +/** + * We don't have a rate limit, but some clients check this method. + * It always returns the same thing: 100 hits left. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiAccountRateLimitStatusAction extends ApiBareAuthAction +{ + var $format = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return false; + } + } + + $this->format = $this->arg('format'); + return true; + } + + /** + * Handle the request + * + * Return some Twitter-ish data about API limits + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + return; + } + + $reset = new DateTime(); + $reset->modify('+1 hour'); + + $this->init_document($this->format); + + if ($this->format == 'xml') { + $this->elementStart('hash'); + $this->element('remaining-hits', array('type' => 'integer'), 150); + $this->element('hourly-limit', array('type' => 'integer'), 150); + $this->element( + 'reset-time', array('type' => 'datetime'), + common_date_iso8601($reset->format('r')) + ); + $this->element( + 'reset_time_in_seconds', + array('type' => 'integer'), + strtotime('+1 hour') + ); + $this->elementEnd('hash'); + } elseif ($this->format == 'json') { + $out = array( + 'reset_time_in_seconds' => strtotime('+1 hour'), + 'remaining_hits' => 150, + 'hourly_limit' => 150, + 'reset_time' => common_date_rfc2822( + $reset->format('r') + ) + ); + print json_encode($out); + } + + $this->end_document($this->format); + } + +} + diff --git a/actions/apiaccountverifycredentials.php b/actions/apiaccountverifycredentials.php new file mode 100644 index 000000000..b9c9bf0f7 --- /dev/null +++ b/actions/apiaccountverifycredentials.php @@ -0,0 +1,104 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/apiauth.php'; + +/** + * Check a user's credentials. Returns an HTTP 200 OK response code and a + * representation of the requesting user if authentication was successful; + * returns a 401 status code and an error message if not. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiAccountVerifyCredentialsAction extends ApiAuthAction +{ + var $format = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return false; + } + } + + $this->format = $this->arg('format'); + return true; + } + + /** + * Handle the request + * + * Check whether the credentials are valid and output the result + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + switch ($this->format) { + case 'xml': + case 'json': + $args['id'] = $this->auth_user->id; + $action_obj = new ApiUserShowAction(); + $action_obj->prepare($args); + $action_obj->handle($args); + break; + default: + header('Content-Type: text/html; charset=utf-8'); + print 'Authorized'; + } + + } + +} diff --git a/actions/twitapiaccount.php b/actions/twitapiaccount.php deleted file mode 100644 index 93c8443c9..000000000 --- a/actions/twitapiaccount.php +++ /dev/null @@ -1,127 +0,0 @@ -. - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -require_once(INSTALLDIR.'/lib/twitterapi.php'); - -class TwitapiaccountAction extends TwitterapiAction -{ - function verify_credentials($args, $apidata) - { - parent::handle($args); - - switch ($apidata['content-type']) { - case 'xml': - case 'json': - $action_obj = new TwitapiusersAction(); - $action_obj->prepare($args); - call_user_func(array($action_obj, 'show'), $args, $apidata); - break; - default: - header('Content-Type: text/html; charset=utf-8'); - print 'Authorized'; - } - } - - function end_session($args, $apidata) - { - parent::handle($args); - $this->serverError(_('API method under construction.'), $code=501); - } - - function update_location($args, $apidata) - { - parent::handle($args); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->clientError(_('This method requires a POST.'), - 400, $apidata['content-type']); - return; - } - - $location = trim($this->arg('location')); - - if (!is_null($location) && mb_strlen($location) > 255) { - - // XXX: But Twitter just truncates and runs with it. -- Zach - $this->clientError(_('That\'s too long. Max notice size is 255 chars.'), - 406, $apidate['content-type']); - return; - } - - $user = $apidata['user']; // Always the auth user - $profile = $user->getProfile(); - - $orig_profile = clone($profile); - $profile->location = $location; - - $result = $profile->update($orig_profile); - - if (empty($result)) { - common_log_db_error($profile, 'UPDATE', __FILE__); - $this->serverError(_('Couldn\'t save profile.')); - return; - } - - common_broadcast_profile($profile); - $type = $apidata['content-type']; - - $this->init_document($type); - $this->show_profile($profile, $type); - $this->end_document($type); - } - - - function update_delivery_device($args, $apidata) - { - parent::handle($args); - $this->serverError(_('API method under construction.'), $code=501); - } - - // We don't have a rate limit, but some clients check this method. - // It always returns the same thing: 100 hit left. - function rate_limit_status($args, $apidata) - { - parent::handle($args); - - $type = $apidata['content-type']; - $this->init_document($type); - - if ($apidata['content-type'] == 'xml') { - $this->elementStart('hash'); - $this->element('remaining-hits', array('type' => 'integer'), 100); - $this->element('hourly-limit', array('type' => 'integer'), 100); - $this->element('reset-time', array('type' => 'datetime'), null); - $this->element('reset_time_in_seconds', array('type' => 'integer'), 0); - $this->elementEnd('hash'); - } elseif ($apidata['content-type'] == 'json') { - - $out = array('reset_time_in_seconds' => 0, - 'remaining_hits' => 100, - 'hourly_limit' => 100, - 'reset_time' => ''); - print json_encode($out); - } - - $this->end_document($type); - } -} diff --git a/lib/router.php b/lib/router.php index 8e6db8880..6541d69f1 100644 --- a/lib/router.php +++ b/lib/router.php @@ -434,9 +434,16 @@ class Router // account - $m->connect('api/account/:method', - array('action' => 'api', - 'apiaction' => 'account')); + $m->connect('api/account/verify_credentials.:format', + array('action' => 'ApiAccountVerifyCredentials')); + + // special case where verify_credentials is called w/out a format + + $m->connect('api/account/verify_credentials', + array('action' => 'ApiAccountVerifyCredentials')); + + $m->connect('api/account/rate_limit_status.:format', + array('action' => 'ApiAccountRateLimitStatus')); // favorites -- cgit v1.2.3-54-g00ecf From 8d284ca82c1e33a102ef4cb7aa150dd54d876ec7 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 6 Oct 2009 15:39:13 -0700 Subject: New action for tag timelines in the API --- actions/apitimelinetag.php | 212 +++++++++++++++++++++++++++++++++++++++++++++ actions/twitapitags.php | 113 ------------------------ lib/router.php | 10 +-- 3 files changed, 215 insertions(+), 120 deletions(-) create mode 100644 actions/apitimelinetag.php delete mode 100644 actions/twitapitags.php (limited to 'actions') diff --git a/actions/apitimelinetag.php b/actions/apitimelinetag.php new file mode 100644 index 000000000..162776379 --- /dev/null +++ b/actions/apitimelinetag.php @@ -0,0 +1,212 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/twitterapi.php'; + +/** + * Returns the 20 most recent notices tagged by a given tag + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiTimelineTagAction extends TwitterapiAction +{ + + var $notices = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->tag = $this->arg('tag'); + $this->format = $this->arg('format'); + + $this->notices = $this->getNotices(); + + return true; + } + + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showTimeline(); + } + + /** + * Show the timeline of notices + * + * @return void + */ + + function showTimeline() + { + $sitename = common_config('site', 'name'); + $title = sprintf(_("Notices tagged with %s"), $this->tag); + $link = common_local_url('tag', + array('tag' => $this->tag)); + $subtitle = sprintf(_('Updates tagged with %1$s on %2$s!'), + $this->tag, $sitename); + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:TagTimeline:".$tag; + + switch($this->format) { + case 'xml': + $this->show_xml_timeline($this->notices); + break; + case 'rss': + $this->show_rss_timeline($this->notices, $title, $link, $subtitle); + break; + case 'atom': + $selfuri = common_root_url() . + 'api/statusnet/tags/timeline/' . + $this->tag . '.atom'; + $this->show_atom_timeline( + $this->notices, $title, $id, $link, + $subtitle, null, $selfuri + ); + break; + case 'json': + $this->show_json_timeline($this->notices); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; + } + } + + /** + * Get notices + * + * @return array notices + */ + + function getNotices() + { + $notices = array(); + + $notice = Notice_tag::getStream( + $this->tag, + ($this->page - 1) * $this->count, + $this->count + 1 + ); + + while ($notice->fetch()) { + $notices[] = clone($notice); + } + + return $notices; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + return strtotime($this->notices[0]->created); + } + + return null; + } + + /** + * An entity tag for this stream + * + * Returns an Etag based on the action name, language, and + * timestamps of the first and last notice in the timeline + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + + $last = count($this->notices) - 1; + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + $this->tag, + strtotime($this->notices[0]->created), + strtotime($this->notices[$last]->created)) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/twitapitags.php b/actions/twitapitags.php deleted file mode 100644 index 0bcc55d37..000000000 --- a/actions/twitapitags.php +++ /dev/null @@ -1,113 +0,0 @@ -. - * - * @category Twitter - * @package StatusNet - * @author Craig Andrews - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/twitterapi.php'; - -/** - * Group-specific API methods - * - * This class handles StatusNet group API methods. - * - * @category Twitter - * @package StatusNet - * @author Craig Andrews - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - - class TwitapitagsAction extends TwitterapiAction - { - - function timeline($args, $apidata) - { - parent::handle($args); - - common_debug("in tags api action"); - - $this->auth_user = $apidata['user']; - $tag = $apidata['api_arg']; - - if (empty($tag)) { - $this->clientError('Not Found', 404, $apidata['content-type']); - return; - } - - $sitename = common_config('site', 'name'); - $title = sprintf(_("Notices tagged with %s"), $tag); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:TagTimeline:".$tag; - $link = common_local_url('tag', - array('tag' => $tag)); - $subtitle = sprintf(_('Updates tagged with %1$s on %2$s!'), - $tag, $sitename); - - $page = (int)$this->arg('page', 1); - $count = (int)$this->arg('count', 20); - $max_id = (int)$this->arg('max_id', 0); - $since_id = (int)$this->arg('since_id', 0); - $since = $this->arg('since'); - - # XXX: support max_id, since_id, and since arguments - $notice = Notice_tag::getStream($tag, ($page-1)*$count, $count + 1); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); - break; - case 'atom': - if (isset($apidata['api_arg'])) { - $selfuri = common_root_url() . - 'api/statusnet/tags/timeline/' . - $apidata['api_arg'] . '.atom'; - } else { - $selfuri = common_root_url() . - 'api/statusnet/tags/timeline.atom'; - } - $this->show_atom_timeline($notice, $title, $id, $link, - $subtitle, null, $selfuri); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - } - } - -} diff --git a/lib/router.php b/lib/router.php index 6541d69f1..03210ce98 100644 --- a/lib/router.php +++ b/lib/router.php @@ -532,13 +532,9 @@ class Router 'apiaction' => 'groups')); // Tags - $m->connect('api/statusnet/tags/:method/:argument', - array('action' => 'api', - 'apiaction' => 'tags')); - - $m->connect('api/statusnet/tags/:method', - array('action' => 'api', - 'apiaction' => 'tags')); + $m->connect('api/statusnet/tags/timeline/:tag.:format', + array('action' => 'ApiTimelineTag', + 'format' => '(xmljson|rss|atom)')); // search $m->connect('api/search.atom', array('action' => 'twitapisearchatom')); -- cgit v1.2.3-54-g00ecf From 85af1c92adef021a91ed3618b748435248bf1023 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 6 Oct 2009 17:25:10 -0700 Subject: phpcs cleanup --- actions/apitimelinetag.php | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) (limited to 'actions') diff --git a/actions/apitimelinetag.php b/actions/apitimelinetag.php index 162776379..2a23bb72a 100644 --- a/actions/apitimelinetag.php +++ b/actions/apitimelinetag.php @@ -97,10 +97,15 @@ class ApiTimelineTagAction extends TwitterapiAction { $sitename = common_config('site', 'name'); $title = sprintf(_("Notices tagged with %s"), $this->tag); - $link = common_local_url('tag', - array('tag' => $this->tag)); - $subtitle = sprintf(_('Updates tagged with %1$s on %2$s!'), - $this->tag, $sitename); + $link = common_local_url( + 'tag', + array('tag' => $this->tag) + ); + $subtitle = sprintf( + _('Updates tagged with %1$s on %2$s!'), + $this->tag, + $sitename + ); $taguribase = common_config('integration', 'taguri'); $id = "tag:$taguribase:TagTimeline:".$tag; @@ -115,9 +120,14 @@ class ApiTimelineTagAction extends TwitterapiAction $selfuri = common_root_url() . 'api/statusnet/tags/timeline/' . $this->tag . '.atom'; - $this->show_atom_timeline( - $this->notices, $title, $id, $link, - $subtitle, null, $selfuri + $this->show_atom_timeline( + $this->notices, + $title, + $id, + $link, + $subtitle, + null, + $selfuri ); break; case 'json': -- cgit v1.2.3-54-g00ecf From 170b009865e3fcb183d562f47d66986b0e397f2d Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 6 Oct 2009 17:26:45 -0700 Subject: New action for group timelines via API --- actions/apitimelinegroup.php | 233 +++++++++++++++++++++++++++++++++++++++++++ lib/router.php | 15 ++- lib/twitterapi.php | 2 +- 3 files changed, 240 insertions(+), 10 deletions(-) create mode 100644 actions/apitimelinegroup.php (limited to 'actions') diff --git a/actions/apitimelinegroup.php b/actions/apitimelinegroup.php new file mode 100644 index 000000000..11f73eeed --- /dev/null +++ b/actions/apitimelinegroup.php @@ -0,0 +1,233 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/twitterapi.php'; + +/** + * Returns the most recent notices (default 20) posted to the group specified by ID + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiTimelineGroupAction extends TwitterapiAction +{ + + var $group = null; + var $notices = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + + $this->group = $this->getTargetGroup($this->arg('id')); + + $this->format = $this->arg('format'); + $this->notices = $this->getNotices(); + + return true; + } + + /** + * Handle the request + * + * Just show the notices + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showTimeline(); + } + + /** + * Show the timeline of notices + * + * @return void + */ + + function showTimeline() + { + $sitename = common_config('site', 'name'); + $title = sprintf(_("%s timeline"), $this->group->nickname); + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:GroupTimeline:" . $this->group->id; + $link = common_local_url( + 'showgroup', + array('nickname' => $this->group->nickname) + ); + $subtitle = sprintf( + _('Updates from %1$s on %2$s!'), + $this->group->nickname, + $sitename + ); + + switch($this->format) { + case 'xml': + $this->show_xml_timeline($this->notices); + break; + case 'rss': + $this->show_rss_timeline($this->notices, $title, $link, $subtitle); + break; + case 'atom': + $selfuri = common_root_url() . + 'api/statusnet/groups/timeline/' . + $this->group->nickname . '.atom'; + $this->show_atom_timeline( + $this->notices, + $title, + $id, + $link, + $subtitle, + null, + $selfuri + ); + break; + case 'json': + $this->show_json_timeline($this->notices); + break; + default: + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + break; + } + } + + /** + * Get notices + * + * @return array notices + */ + + function getNotices() + { + $notices = array(); + + $notice = $this->group->getNotices( + ($this->page-1) * $this->count, + $this->count, + $this->since_id, + $this->max_id, + $this->since + ); + + while ($notice->fetch()) { + $notices[] = clone($notice); + } + + return $notices; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + return strtotime($this->notices[0]->created); + } + + return null; + } + + /** + * An entity tag for this stream + * + * Returns an Etag based on the action name, language, group ID and + * timestamps of the first and last notice in the timeline + * + * @return string etag + */ + + function etag() + { + if (!empty($this->notices) && (count($this->notices) > 0)) { + + $last = count($this->notices) - 1; + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + $this->group->id, + strtotime($this->notices[0]->created), + strtotime($this->notices[$last]->created)) + ) + . '"'; + } + + return null; + } + +} diff --git a/lib/router.php b/lib/router.php index 03210ce98..dbe2be0bb 100644 --- a/lib/router.php +++ b/lib/router.php @@ -501,6 +501,12 @@ class Router // Groups //'list' has to be handled differently, as php will not allow a method to be named 'list' + + $m->connect('api/statusnet/groups/timeline/:id.:format', + array('action' => 'ApiTimelineGroup', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xmljson|rss|atom)')); + $m->connect('api/statusnet/groups/list/:argument', array('action' => 'api', 'method' => 'list_groups', @@ -518,15 +524,6 @@ class Router 'apiaction' => 'statuses'), array('method' => '(list_all|)(\.(atom|rss|xml|json))?')); - $m->connect('api/statuses/:method/:argument', - array('action' => 'api', - 'apiaction' => 'statuses'), - array('method' => '(user_timeline|home_timeline|friends_timeline|replies|mentions|show|destroy|friends|followers)')); - - $m->connect('api/statusnet/groups/:method/:argument', - array('action' => 'api', - 'apiaction' => 'groups')); - $m->connect('api/statusnet/groups/:method', array('action' => 'api', 'apiaction' => 'groups')); diff --git a/lib/twitterapi.php b/lib/twitterapi.php index 2141194df..5cd88628b 100644 --- a/lib/twitterapi.php +++ b/lib/twitterapi.php @@ -1142,7 +1142,7 @@ class TwitterapiAction extends Action } } - function get_group($id, $apidata=null) + function getTargetGroup($id) { if (empty($id)) { -- cgit v1.2.3-54-g00ecf From 8ade2e1c7db731e7347b68393c64cbc76a6b0517 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Wed, 7 Oct 2009 05:43:18 -0400 Subject: don't reset in showProfile() --- actions/showstream.php | 1 - 1 file changed, 1 deletion(-) (limited to 'actions') diff --git a/actions/showstream.php b/actions/showstream.php index cdac4f47b..e4ecc12ff 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -273,7 +273,6 @@ class ShowstreamAction extends ProfileAction $this->elementStart('div', 'entity_actions'); $this->element('h2', null, _('User actions')); $this->elementStart('ul'); - $cur = common_current_user(); if ($cur && $cur->id == $this->profile->id) { $this->elementStart('li', 'entity_edit'); -- cgit v1.2.3-54-g00ecf From 5702764e520f570839907444f09d6d9a23daee1e Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Wed, 7 Oct 2009 05:55:54 -0400 Subject: Rationalize logic in showProfile() Pulled together some of the if() statements in showProfile() so they weren't so redundant. Also, reformatted the file. Lots of whitespace gar. --- actions/showstream.php | 118 +++++++++++++++++++++++++++---------------------- 1 file changed, 64 insertions(+), 54 deletions(-) (limited to 'actions') diff --git a/actions/showstream.php b/actions/showstream.php index e4ecc12ff..07d5d9eae 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -115,11 +115,11 @@ class ShowstreamAction extends ProfileAction { if (!empty($this->tag)) { return array(new Feed(Feed::RSS1, - common_local_url('userrss', - array('nickname' => $this->user->nickname, - 'tag' => $this->tag)), - sprintf(_('Notice feed for %s tagged %s (RSS 1.0)'), - $this->user->nickname, $this->tag))); + common_local_url('userrss', + array('nickname' => $this->user->nickname, + 'tag' => $this->tag)), + sprintf(_('Notice feed for %s tagged %s (RSS 1.0)'), + $this->user->nickname, $this->tag))); } return array(new Feed(Feed::RSS1, @@ -250,6 +250,7 @@ class ShowstreamAction extends ProfileAction } $tags = Profile_tag::getTags($this->profile->id, $this->profile->id); + if (count($tags) > 0) { $this->elementStart('dl', 'entity_tags'); $this->element('dt', null, _('Tags')); @@ -259,8 +260,8 @@ class ShowstreamAction extends ProfileAction $this->elementStart('li'); // Avoid space by using raw output. $pt = '#'; + common_local_url('peopletag', array('tag' => $tag)) . + '">' . $tag . ''; $this->raw($pt); $this->elementEnd('li'); } @@ -268,23 +269,30 @@ class ShowstreamAction extends ProfileAction $this->elementEnd('dd'); $this->elementEnd('dl'); } + $this->elementEnd('div'); $this->elementStart('div', 'entity_actions'); $this->element('h2', null, _('User actions')); $this->elementStart('ul'); - if ($cur && $cur->id == $this->profile->id) { - $this->elementStart('li', 'entity_edit'); - $this->element('a', array('href' => common_local_url('profilesettings'), - 'title' => _('Edit profile settings')), - _('Edit')); + if (empty($cur)) { // not logged in + $this->elementStart('li', 'entity_subscribe'); + $this->showRemoteSubscribeLink(); $this->elementEnd('li'); - } + } else { + if ($cur->id == $this->profile->id) { // your own page + $this->elementStart('li', 'entity_edit'); + $this->element('a', array('href' => common_local_url('profilesettings'), + 'title' => _('Edit profile settings')), + _('Edit')); + $this->elementEnd('li'); + } else { // someone else's page + + // subscribe/unsubscribe button - if ($cur) { - if ($cur->id != $this->profile->id) { $this->elementStart('li', 'entity_subscribe'); + if ($cur->isSubscribed($this->profile)) { $usf = new UnsubscribeForm($this, $this->profile); $usf->show(); @@ -293,44 +301,46 @@ class ShowstreamAction extends ProfileAction $sf->show(); } $this->elementEnd('li'); - } - } else { - $this->elementStart('li', 'entity_subscribe'); - $this->showRemoteSubscribeLink(); - $this->elementEnd('li'); - } - if ($cur && $cur->id != $user->id && $cur->mutuallySubscribed($user)) { - $this->elementStart('li', 'entity_send-a-message'); - $this->element('a', array('href' => common_local_url('newmessage', array('to' => $user->id)), - 'title' => _('Send a direct message to this user')), - _('Message')); - $this->elementEnd('li'); + if ($cur->mutuallySubscribed($user)) { + + // message + + $this->elementStart('li', 'entity_send-a-message'); + $this->element('a', array('href' => common_local_url('newmessage', array('to' => $user->id)), + 'title' => _('Send a direct message to this user')), + _('Message')); + $this->elementEnd('li'); + + // nudge + + if ($user->email && $user->emailnotifynudge) { + $this->elementStart('li', 'entity_nudge'); + $nf = new NudgeForm($this, $user); + $nf->show(); + $this->elementEnd('li'); + } + } + + // block/unblock - if ($user->email && $user->emailnotifynudge) { - $this->elementStart('li', 'entity_nudge'); - $nf = new NudgeForm($this, $user); - $nf->show(); + $blocked = $cur->hasBlocked($this->profile); + $this->elementStart('li', 'entity_block'); + if ($blocked) { + $ubf = new UnblockForm($this, $this->profile, + array('action' => 'showstream', + 'nickname' => $this->profile->nickname)); + $ubf->show(); + } else { + $bf = new BlockForm($this, $this->profile, + array('action' => 'showstream', + 'nickname' => $this->profile->nickname)); + $bf->show(); + } $this->elementEnd('li'); } } - if ($cur && $cur->id != $this->profile->id) { - $blocked = $cur->hasBlocked($this->profile); - $this->elementStart('li', 'entity_block'); - if ($blocked) { - $ubf = new UnblockForm($this, $this->profile, - array('action' => 'showstream', - 'nickname' => $this->profile->nickname)); - $ubf->show(); - } else { - $bf = new BlockForm($this, $this->profile, - array('action' => 'showstream', - 'nickname' => $this->profile->nickname)); - $bf->show(); - } - $this->elementEnd('li'); - } $this->elementEnd('ul'); $this->elementEnd('div'); } @@ -368,7 +378,7 @@ class ShowstreamAction extends ProfileAction function showNotices() { $notice = empty($this->tag) - ? $this->user->getNotices(($this->page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1) + ? $this->user->getNotices(($this->page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1) : $this->user->getTaggedNotices($this->tag, ($this->page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1, 0, 0, null); $pnl = new ProfileNoticeList($notice, $this); @@ -390,14 +400,14 @@ class ShowstreamAction extends ProfileAction { if (!(common_config('site','closed') || common_config('site','inviteonly'))) { $m = sprintf(_('**%s** has an account on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . - 'based on the Free Software [StatusNet](http://status.net/) tool. ' . - '[Join now](%%%%action.register%%%%) to follow **%s**\'s notices and many more! ([Read more](%%%%doc.help%%%%))'), - $this->user->nickname, $this->user->nickname); + 'based on the Free Software [StatusNet](http://status.net/) tool. ' . + '[Join now](%%%%action.register%%%%) to follow **%s**\'s notices and many more! ([Read more](%%%%doc.help%%%%))'), + $this->user->nickname, $this->user->nickname); } else { $m = sprintf(_('**%s** has an account on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . - 'based on the Free Software [StatusNet](http://status.net/) tool. '), - $this->user->nickname, $this->user->nickname); - } + 'based on the Free Software [StatusNet](http://status.net/) tool. '), + $this->user->nickname, $this->user->nickname); + } $this->elementStart('div', array('id' => 'anon_notice')); $this->raw(common_markup_to_html($m)); $this->elementEnd('div'); -- cgit v1.2.3-54-g00ecf From 08de0f1ebdabdce561ce863bdec219a913e61d26 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 7 Oct 2009 17:20:08 -0700 Subject: New individual actions for dealing with groups via API --- actions/apigroupismember.php | 125 ++++++++++++ actions/apigroupjoin.php | 167 +++++++++++++++ actions/apigroupleave.php | 153 ++++++++++++++ actions/apigrouplist.php | 237 +++++++++++++++++++++ actions/apigrouplistall.php | 215 +++++++++++++++++++ actions/apigroupmembership.php | 200 ++++++++++++++++++ actions/apigroupshow.php | 148 ++++++++++++++ actions/twitapigroups.php | 453 ----------------------------------------- lib/router.php | 65 ++++-- lib/twitterapi.php | 7 +- 10 files changed, 1296 insertions(+), 474 deletions(-) create mode 100644 actions/apigroupismember.php create mode 100644 actions/apigroupjoin.php create mode 100644 actions/apigroupleave.php create mode 100644 actions/apigrouplist.php create mode 100644 actions/apigrouplistall.php create mode 100644 actions/apigroupmembership.php create mode 100644 actions/apigroupshow.php delete mode 100644 actions/twitapigroups.php (limited to 'actions') diff --git a/actions/apigroupismember.php b/actions/apigroupismember.php new file mode 100644 index 000000000..facc58174 --- /dev/null +++ b/actions/apigroupismember.php @@ -0,0 +1,125 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/apibareauth.php'; + +/** + * Returns whether a user is a member of a specified group. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiGroupIsMemberAction extends ApiBareAuthAction +{ + var $format = null; + var $user = null; + var $group = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->user = $this->getTargetUser(null); + $this->group = $this->getTargetGroup(null); + $this->format = $this->arg('format'); + + return true; + } + + /** + * Handle the request + * + * Save the new message + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); + return; + } + + if (empty($this->group)) { + $this->clientError('Group not found!', 404, $this->format); + return false; + } + + $is_member = $this->user->isMember($this->group); + + switch($this->format) { + case 'xml': + $this->init_document('xml'); + $this->element('is_member', null, $is_member); + $this->end_document('xml'); + break; + case 'json': + $this->init_document('json'); + $this->show_json_objects(array('is_member' => $is_member)); + $this->end_document('json'); + break; + default: + $this->clientError( + _('API method not found!'), + 400, + $this->format + ); + break; + } + } + +} diff --git a/actions/apigroupjoin.php b/actions/apigroupjoin.php new file mode 100644 index 000000000..c00d59463 --- /dev/null +++ b/actions/apigroupjoin.php @@ -0,0 +1,167 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/apiauth.php'; + +/** + * Joins the authenticated user to the group speicified by ID + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiGroupJoinAction extends ApiAuthAction +{ + var $format = null; + var $user = null; + var $group = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->user = $this->auth_user; + $this->group = $this->getTargetGroup($this->arg('id')); + + $this->format = $this->arg('format'); + + return true; + } + + /** + * Handle the request + * + * Save the new message + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, + $this->format + ); + return; + } + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); + return; + } + + if (empty($this->group)) { + $this->clientError('Group not found!', 404, $this->format); + return false; + } + + if ($this->user->isMember($this->group)) { + $this->clientError( + _('You are already a member of that group.'), + 403, + $this->format + ); + return; + } + + if (Group_block::isBlocked($this->group, $this->user->getProfile())) { + $this->clientError( + _('You have been blocked from that group by the admin.'), + 403, + $this->format + ); + return; + } + + $member = new Group_member(); + + $member->group_id = $this->group->id; + $member->profile_id = $this->user->id; + $member->created = common_sql_now(); + + $result = $member->insert(); + + if (!$result) { + common_log_db_error($member, 'INSERT', __FILE__); + $this->serverError( + sprintf( + _('Could not join user %s to group %s.'), + $this->user->nickname, + $this->group->nickname + ) + ); + return; + } + + switch($this->format) { + case 'xml': + $this->show_single_xml_group($this->group); + break; + case 'json': + $this->show_single_json_group($this->group); + break; + default: + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + break; + } + } + +} diff --git a/actions/apigroupleave.php b/actions/apigroupleave.php new file mode 100644 index 000000000..568b04b7c --- /dev/null +++ b/actions/apigroupleave.php @@ -0,0 +1,153 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/apiauth.php'; + +/** + * Removes the authenticated user from the group specified by ID + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiGroupLeaveAction extends ApiAuthAction +{ + var $format = null; + var $user = null; + var $group = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->user = $this->auth_user; + $this->group = $this->getTargetGroup($this->arg('id')); + + $this->format = $this->arg('format'); + + return true; + } + + /** + * Handle the request + * + * Save the new message + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, + $this->format + ); + return; + } + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); + return; + } + + if (empty($this->group)) { + $this->clientError('Group not found!', 404, $this->format); + return false; + } + + $member = new Group_member(); + + $member->group_id = $this->group->id; + $member->profile_id = $this->auth->id; + + if (!$member->find(true)) { + $this->serverError(_('You are not a member of this group.')); + return; + } + + $result = $member->delete(); + + if (!$result) { + common_log_db_error($member, 'INSERT', __FILE__); + $this->serverError( + sprintf( + _('Could not remove user %s to group %s.'), + $this->user->nickname, + $this->$group->nickname + ) + ); + return; + } + + switch($this->format) { + case 'xml': + $this->show_single_xml_group($this->group); + break; + case 'json': + $this->show_single_json_group($this->group); + break; + default: + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + break; + } + } + +} diff --git a/actions/apigrouplist.php b/actions/apigrouplist.php new file mode 100644 index 000000000..84b7fc1c8 --- /dev/null +++ b/actions/apigrouplist.php @@ -0,0 +1,237 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/apibareauth.php'; + +/** + * Returns whether a user is a member of a specified group. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiGroupListAction extends ApiBareAuthAction +{ + var $format = null; + var $user = null; + var $page = null; + var $count = null; + var $max_id = null; + var $since_id = null; + var $since = null; + var $groups = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + if ($this->requiresAuth()) { + if ($this->checkBasicAuthUser() == false) { + return; + } + } + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + + $this->user = $this->getTargetUser($id); + $this->format = $this->arg('format'); + $this->groups = $this->getGroups(); + + return true; + } + + /** + * Handle the request + * + * Show the user's groups + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); + return; + } + + $sitename = common_config('site', 'name'); + $title = sprintf(_("%s's groups"), $this->user->nickname); + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:Groups"; + $link = common_local_url( + 'usergroups', + array('nickname' => $this->user->nickname) + ); + $subtitle = sprintf( + _("Groups %s is a member of on %s."), + $this->user->nickname, + $sitename + ); + + switch($this->format) { + case 'xml': + $this->show_xml_groups($this->groups); + break; + case 'rss': + $this->show_rss_groups($this->groups, $title, $link, $subtitle); + break; + case 'atom': + $selfuri = common_root_url() . 'api/statusnet/groups/list/' . + $this->user->id . '.atom'; + $this->show_atom_groups( + $this->groups, + $title, + $id, + $link, + $subtitle, + $selfuri + ); + break; + case 'json': + $this->show_json_groups($this->groups); + break; + default: + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + break; + } + + } + + /** + * Get groups + * + * @return array groups + */ + + function getGroups() + { + $groups = array(); + + $group = $this->user->getGroups( + ($this->page - 1) * $this->count, + $this->count, + $this->since_id, + $this->max_id, + $this->since + ); + + while ($group->fetch()) { + $groups[] = clone($group); + } + + return $groups; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the latest group the user has joined + */ + + function lastModified() + { + if (!empty($this->groups) && (count($this->groups) > 0)) { + return strtotime($this->groups[0]->created); + } + + return null; + } + + /** + * An entity tag for this list of groups + * + * Returns an Etag based on the action name, language, user ID and + * timestamps of the first and last group the user has joined + * + * @return string etag + */ + + function etag() + { + if (!empty($this->groups) && (count($this->groups) > 0)) { + + $last = count($this->groups) - 1; + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + $this->user->id, + strtotime($this->groups[0]->created), + strtotime($this->groups[$last]->created)) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/apigrouplistall.php b/actions/apigrouplistall.php new file mode 100644 index 000000000..b1964d800 --- /dev/null +++ b/actions/apigrouplistall.php @@ -0,0 +1,215 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/twitterapi.php'; + +/** + * Returns of the lastest 20 groups for the site + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiGroupListAllAction extends TwitterApiAction +{ + var $format = null; + var $page = null; + var $count = null; + var $max_id = null; + var $since_id = null; + var $since = null; + var $groups = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + + $this->user = $this->getTargetUser($id); + $this->format = $this->arg('format'); + $this->groups = $this->getGroups(); + + return true; + } + + /** + * Handle the request + * + * Show the user's groups + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + $sitename = common_config('site', 'name'); + $title = sprintf(_("%s groups"), $sitename); + $taguribase = common_config('integration', 'taguri'); + $id = "tag:$taguribase:Groups"; + $link = common_local_url('groups'); + $subtitle = sprintf(_("groups on %s"), $sitename); + + switch($this->format) { + case 'xml': + $this->show_xml_groups($this->groups); + break; + case 'rss': + $this->show_rss_groups($this->groups, $title, $link, $subtitle); + break; + case 'atom': + $selfuri = common_root_url() . + 'api/statusnet/groups/list_all.atom'; + $this->show_atom_groups( + $this->groups, + $title, + $id, + $link, + $subtitle, + $selfuri + ); + break; + case 'json': + $this->show_json_groups($this->groups); + break; + default: + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + break; + } + + } + + /** + * Get groups + * + * @return array groups + */ + + function getGroups() + { + $groups = array(); + + // XXX: Use the $page, $count, $max_id, $since_id, and $since parameters + + $group = new User_group(); + $group->orderBy('created DESC'); + $group->find(); + + while ($group->fetch()) { + $groups[] = clone($group); + } + + return $groups; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this feed last modified? + * + * @return string datestamp of the site's latest group + */ + + function lastModified() + { + if (!empty($this->groups) && (count($this->groups) > 0)) { + return strtotime($this->groups[0]->created); + } + + return null; + } + + /** + * An entity tag for this list of groups + * + * Returns an Etag based on the action name, language, and + * timestamps of the first and last group the user has joined + * + * @return string etag + */ + + function etag() + { + if (!empty($this->groups) && (count($this->groups) > 0)) { + + $last = count($this->groups) - 1; + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + strtotime($this->groups[0]->created), + strtotime($this->groups[$last]->created)) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/apigroupmembership.php b/actions/apigroupmembership.php new file mode 100644 index 000000000..0cd3ed290 --- /dev/null +++ b/actions/apigroupmembership.php @@ -0,0 +1,200 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/twitterapi.php'; + +/** + * List 20 newest members of the group specified by name or ID. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiGroupMembershipAction extends TwitterApiAction +{ + var $format = null; + var $page = null; + var $count = null; + var $max_id = null; + var $since_id = null; + var $since = null; + var $group = null; + var $profiles = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->page = (int)$this->arg('page', 1); + $this->count = (int)$this->arg('count', 20); + $this->max_id = (int)$this->arg('max_id', 0); + $this->since_id = (int)$this->arg('since_id', 0); + $this->since = $this->arg('since'); + + $this->format = $this->arg('format'); + $this->group = $this->getTargetGroup($this->arg('id')); + + $this->profiles = $this->getProfiles(); + + return true; + } + + /** + * Handle the request + * + * Show the members of the group + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + // XXX: RSS and Atom + + switch($this->format) { + case 'xml': + $this->show_twitter_xml_users($this->profiles); + break; + case 'json': + $this->show_json_users($this->profiles); + break; + default: + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + break; + } + } + + /** + * Fetch the members of a group + * + * @return array $profiles list of profiles + */ + + function getProfiles() + { + $profiles = array(); + + $profile = $this->group->getMembers( + ($this->page - 1) * $this->count, + $this->count, + $this->since_id, + $this->max_id, + $this->since + ); + + while ($profile->fetch()) { + $profiles[] = clone($profile); + } + + return $profiles; + } + + /** + * Is this action read only? + * + * @param array $args other arguments + * + * @return boolean true + */ + + function isReadOnly($args) + { + return true; + } + + /** + * When was this list of profiles last modified? + * + * @return string datestamp of the lastest profile in the group + */ + + function lastModified() + { + if (!empty($this->profiles) && (count($this->profiles) > 0)) { + return strtotime($this->profiles[0]->created); + } + + return null; + } + + /** + * An entity tag for this list of groups + * + * Returns an Etag based on the action name, language + * the group id, and timestamps of the first and last + * user who has joined the group + * + * @return string etag + */ + + function etag() + { + if (!empty($this->profiles) && (count($this->profiles) > 0)) { + + $last = count($this->profiles) - 1; + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + $this->group->id, + strtotime($this->profiles[0]->created), + strtotime($this->profiles[$last]->created)) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/apigroupshow.php b/actions/apigroupshow.php new file mode 100644 index 000000000..733c9ccfe --- /dev/null +++ b/actions/apigroupshow.php @@ -0,0 +1,148 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/twitterapi.php'; + +/** + * Outputs detailed information about the group specified by ID + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiGroupShowAction extends TwitterApiAction +{ + var $format = null; + var $group = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->format = $this->arg('format'); + $this->group = $this->getTargetGroup($this->arg('id')); + + return true; + } + + /** + * Handle the request + * + * Check the format and show the user info + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (empty($this->group)) { + $this->clientError( + 'Group not found!', + 404, + $this->format + ); + return; + } + + switch($this->format) { + case 'xml': + $this->show_single_xml_group($this->group); + break; + case 'json': + $this->show_single_json_group($this->group); + break; + default: + $this->clientError(_('API method not found!'), 404, $this->format); + break; + } + + } + + /** + * When was this group last modified? + * + * @return string datestamp of the latest notice in the stream + */ + + function lastModified() + { + if (!empty($this->group)) { + return strtotime($this->group->modified); + } + + return null; + } + + /** + * An entity tag for this group + * + * Returns an Etag based on the action name, language, and + * timestamps of the notice + * + * @return string etag + */ + + function etag() + { + if (!empty($this->group)) { + + return '"' . implode( + ':', + array($this->arg('action'), + common_language(), + $this->group->id, + strtotime($this->group->modified)) + ) + . '"'; + } + + return null; + } + +} diff --git a/actions/twitapigroups.php b/actions/twitapigroups.php deleted file mode 100644 index 493144e77..000000000 --- a/actions/twitapigroups.php +++ /dev/null @@ -1,453 +0,0 @@ -. - * - * @category Twitter - * @package StatusNet - * @author Craig Andrews - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/twitterapi.php'; - -/** - * Group-specific API methods - * - * This class handles StatusNet group API methods. - * - * @category Twitter - * @package StatusNet - * @author Craig Andrews - * @author Zach Copley - * @copyright 2009 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - - class TwitapigroupsAction extends TwitterapiAction - { - - function list_groups($args, $apidata) - { - parent::handle($args); - - common_debug("in groups api action"); - - $this->auth_user = $apidata['user']; - $user = $this->get_user($apidata['api_arg'], $apidata); - - if (empty($user)) { - $this->clientError('Not Found', 404, $apidata['content-type']); - return; - } - - $page = (int)$this->arg('page', 1); - $count = (int)$this->arg('count', 20); - $max_id = (int)$this->arg('max_id', 0); - $since_id = (int)$this->arg('since_id', 0); - $since = $this->arg('since'); - $group = $user->getGroups(($page-1)*$count, - $count, $since_id, $max_id, $since); - - $sitename = common_config('site', 'name'); - $title = sprintf(_("%s's groups"), $user->nickname); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:Groups"; - $link = common_root_url(); - $subtitle = sprintf(_("groups %s is a member of on %s"), $user->nickname, $sitename); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_groups($group); - break; - case 'rss': - $this->show_rss_groups($group, $title, $link, $subtitle); - break; - case 'atom': - $selfuri = common_root_url() . 'api/statusnet/groups/list/' . $user->id . '.atom'; - $this->show_atom_groups($group, $title, $id, $link, - $subtitle, $selfuri); - break; - case 'json': - $this->show_json_groups($group); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - break; - } - } - - function list_all($args, $apidata) - { - parent::handle($args); - - common_debug("in groups api action"); - - $page = (int)$this->arg('page', 1); - $count = (int)$this->arg('count', 20); - $max_id = (int)$this->arg('max_id', 0); - $since_id = (int)$this->arg('since_id', 0); - $since = $this->arg('since'); - - /* TODO: - Use the $page, $count, $max_id, $since_id, and $since parameters - */ - $group = new User_group(); - $group->orderBy('created DESC'); - $group->find(); - - $sitename = common_config('site', 'name'); - $title = sprintf(_("%s groups"), $sitename); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:Groups"; - $link = common_root_url(); - $subtitle = sprintf(_("groups on %s"), $sitename); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_groups($group); - break; - case 'rss': - $this->show_rss_groups($group, $title, $link, $subtitle); - break; - case 'atom': - $selfuri = common_root_url() . 'api/statusnet/groups/list_all.atom'; - $this->show_atom_groups($group, $title, $id, $link, - $subtitle, $selfuri); - break; - case 'json': - $this->show_json_groups($group); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - break; - } - } - - function show($args, $apidata) - { - parent::handle($args); - - common_debug("in groups api action"); - - $this->auth_user = $apidata['user']; - $group = $this->get_group($apidata['api_arg'], $apidata); - - if (empty($group)) { - $this->clientError('Not Found', 404, $apidata['content-type']); - return; - } - - switch($apidata['content-type']) { - case 'xml': - $this->show_single_xml_group($group); - break; - case 'json': - $this->show_single_json_group($group); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - } - } - - function timeline($args, $apidata) - { - parent::handle($args); - - common_debug("in groups api action"); - - $this->auth_user = $apidata['user']; - $group = $this->get_group($apidata['api_arg'], $apidata); - - if (empty($group)) { - $this->clientError('Not Found', 404, $apidata['content-type']); - return; - } - - $sitename = common_config('site', 'name'); - $title = sprintf(_("%s timeline"), $group->nickname); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:GroupTimeline:".$group->id; - $link = common_local_url('showgroup', - array('nickname' => $group->nickname)); - $subtitle = sprintf(_('Updates from %1$s on %2$s!'), - $group->nickname, $sitename); - - $page = (int)$this->arg('page', 1); - $count = (int)$this->arg('count', 20); - $max_id = (int)$this->arg('max_id', 0); - $since_id = (int)$this->arg('since_id', 0); - $since = $this->arg('since'); - - $notice = $group->getNotices(($page-1)*$count, - $count, $since_id, $max_id, $since); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); - break; - case 'atom': - if (isset($apidata['api_arg'])) { - $selfuri = common_root_url() . - 'api/statusnet/groups/timeline/' . - $apidata['api_arg'] . '.atom'; - } else { - $selfuri = common_root_url() . - 'api/statusnet/groups/timeline.atom'; - } - $this->show_atom_timeline($notice, $title, $id, $link, - $subtitle, null, $selfuri); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - } - } - - function membership($args, $apidata) - { - parent::handle($args); - - common_debug("in groups api action"); - - $this->auth_user = $apidata['user']; - $group = $this->get_group($apidata['api_arg'], $apidata); - - if (empty($group)) { - $this->clientError('Not Found', 404, $apidata['content-type']); - return; - } - - $sitename = common_config('site', 'name'); - $title = sprintf(_("Members of %s group"), $group->nickname); - $taguribase = common_config('integration', 'taguri'); - $id = "tag:$taguribase:GroupMembership:".$group->id; - $link = common_local_url('showgroup', - array('nickname' => $group->nickname)); - $subtitle = sprintf(_('Members of %1$s on %2$s'), - $group->nickname, $sitename); - - $page = (int)$this->arg('page', 1); - $count = (int)$this->arg('count', 20); - $max_id = (int)$this->arg('max_id', 0); - $since_id = (int)$this->arg('since_id', 0); - $since = $this->arg('since'); - - $member = $group->getMembers(($page-1)*$count, - $count, $since_id, $max_id, $since); - - switch($apidata['content-type']) { - case 'xml': - $this->show_twitter_xml_users($member); - break; - //TODO implement the RSS and ATOM content types - /*case 'rss': - $this->show_rss_users($member, $title, $link, $subtitle); - break;*/ - /*case 'atom': - if (isset($apidata['api_arg'])) { - $selfuri = common_root_url() . - 'api/statusnet/groups/membership/' . - $apidata['api_arg'] . '.atom'; - } else { - $selfuri = common_root_url() . - 'api/statusnet/groups/membership.atom'; - } - $this->show_atom_users($member, $title, $id, $link, - $subtitle, null, $selfuri); - break;*/ - case 'json': - $this->show_json_users($member); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - } - } - - function join($args, $apidata) - { - parent::handle($args); - - common_debug("in groups api action"); - - $this->auth_user = $apidata['user']; - $group = $this->get_group($apidata['api_arg'], $apidata); - - if (empty($group)) { - $this->clientError('Not Found', 404, $apidata['content-type']); - return false; - } - - if($this->auth_user->isMember($group)){ - $this->clientError(_('You are already a member of that group'), $code = 403); - return false; - } - - if (Group_block::isBlocked($group, $this->auth_user->getProfile())) { - $this->clientError(_('You have been blocked from that group by the admin.'), 403); - return false; - } - - $member = new Group_member(); - - $member->group_id = $group->id; - $member->profile_id = $this->auth_user->id; - $member->created = common_sql_now(); - - $result = $member->insert(); - - if (!$result) { - common_log_db_error($member, 'INSERT', __FILE__); - $this->serverError(sprintf(_('Could not join user %s to group %s'), - $this->auth_user->nickname, $group->nickname)); - } - - switch($apidata['content-type']) { - case 'xml': - $this->show_single_xml_group($group); - break; - case 'json': - $this->show_single_json_group($group); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - } - } - - function leave($args, $apidata) - { - parent::handle($args); - - common_debug("in groups api action"); - - $this->auth_user = $apidata['user']; - $group = $this->get_group($apidata['api_arg'], $apidata); - - if (empty($group)) { - $this->clientError('Not Found', 404, $apidata['content-type']); - return false; - } - - if(! $this->auth_user->isMember($group)){ - $this->clientError(_('You are not a member of that group'), $code = 403); - return false; - } - - $member = new Group_member(); - - $member->group_id = $group->id; - $member->profile_id = $this->auth_user->id; - - if (!$member->find(true)) { - $this->serverError(_('Could not find membership record.')); - return; - } - - $result = $member->delete(); - - if (!$result) { - common_log_db_error($member, 'INSERT', __FILE__); - $this->serverError(sprintf(_('Could not remove user %s to group %s'), - $this->auth_user->nickname, $group->nickname)); - } - - switch($apidata['content-type']) { - case 'xml': - $this->show_single_xml_group($group); - break; - case 'json': - $this->show_single_json_group($group); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - } - } - - function is_member($args, $apidata) - { - parent::handle($args); - - common_debug("in groups api action"); - - $this->auth_user = $apidata['user']; - $group = User_group::staticGet($args['group_id']); - if(! $group){ - $this->clientError(_('Group not found'), $code = 500); - } - $user = User::staticGet('id', $args['user_id']); - if(! $user){ - $this->clientError(_('User not found'), $code = 500); - } - - $is_member=$user->isMember($group); - - switch($apidata['content-type']) { - case 'xml': - $this->init_document('xml'); - $this->element('is_member', null, $is_member); - $this->end_document('xml'); - break; - case 'json': - $this->init_document('json'); - $this->show_json_objects(array('is_member'=>$is_member)); - $this->end_document('json'); - break; - default: - $this->clientError(_('API method not found!'), $code = 404); - } - } - - function create($args, $apidata) - { - die("todo"); - } - - function update($args, $apidata) - { - die("todo"); - } - - function update_group_logo($args, $apidata) - { - die("todo"); - } - - function destroy($args, $apidata) - { - die("todo"); - } - - function tag($args, $apidata) - { - die("todo"); - } -} diff --git a/lib/router.php b/lib/router.php index dbe2be0bb..1ea5885da 100644 --- a/lib/router.php +++ b/lib/router.php @@ -507,27 +507,58 @@ class Router 'id' => '[a-zA-Z0-9]+', 'format' => '(xmljson|rss|atom)')); - $m->connect('api/statusnet/groups/list/:argument', - array('action' => 'api', - 'method' => 'list_groups', - 'apiaction' => 'groups')); + $m->connect('api/statusnet/groups/show.:format', + array('action' => 'ApiGroupShow', + 'format' => '(xml|json)')); - foreach (array('xml', 'json', 'rss', 'atom') as $e) { - $m->connect('api/statusnet/groups/list.' . $e, - array('action' => 'api', - 'method' => 'list_groups.' . $e, - 'apiaction' => 'groups')); - } + $m->connect('api/statusnet/groups/show/:id.:format', + array('action' => 'ApiGroupShow', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xml|json)')); - $m->connect('api/statusnet/groups/:method', - array('action' => 'api', - 'apiaction' => 'statuses'), - array('method' => '(list_all|)(\.(atom|rss|xml|json))?')); + $m->connect('api/statusnet/groups/join.:format', + array('action' => 'ApiGroupJoin', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xml|json)')); - $m->connect('api/statusnet/groups/:method', - array('action' => 'api', - 'apiaction' => 'groups')); + $m->connect('api/statusnet/groups/join/:id.:format', + array('action' => 'ApiGroupJoin', + 'format' => '(xml|json)')); + + $m->connect('api/statusnet/groups/leave.:format', + array('action' => 'ApiGroupLeave', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xml|json)')); + $m->connect('api/statusnet/groups/leave/:id.:format', + array('action' => 'ApiGroupLeave', + 'format' => '(xml|json)')); + + $m->connect('api/statusnet/groups/is_member.:format', + array('action' => 'ApiGroupIsMember', + 'format' => '(xml|json)')); + + $m->connect('api/statusnet/groups/list.:format', + array('action' => 'ApiGroupList', + 'format' => '(xml|json|rss|atom)')); + + $m->connect('api/statusnet/groups/list/:id.:format', + array('action' => 'ApiGroupList', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xml|json|rss|atom)')); + + $m->connect('api/statusnet/groups/list_all.:format', + array('action' => 'ApiGroupListAll', + 'format' => '(xml|json|rss|atom)')); + + $m->connect('api/statusnet/groups/membership.:format', + array('action' => 'ApiGroupMembership', + 'format' => '(xml|json)')); + + $m->connect('api/statusnet/groups/membership/:id.:format', + array('action' => 'ApiGroupMembership', + 'id' => '[a-zA-Z0-9]+', + 'format' => '(xml|json)')); // Tags $m->connect('api/statusnet/tags/timeline/:tag.:format', array('action' => 'ApiTimelineTag', diff --git a/lib/twitterapi.php b/lib/twitterapi.php index 5cd88628b..e5904cc85 100644 --- a/lib/twitterapi.php +++ b/lib/twitterapi.php @@ -829,9 +829,9 @@ class TwitterapiAction extends Action $this->elementStart('users', array('type' => 'array')); if (is_array($user)) { - foreach ($group as $g) { - $twitter_user = $this->twitter_user_array($g); - $this->show_twitter_xml_user($twitter_user,'user'); + foreach ($user as $u) { + $twitter_user = $this->twitter_user_array($u); + $this->show_twitter_xml_user($twitter_user); } } else { while ($user->fetch()) { @@ -1145,7 +1145,6 @@ class TwitterapiAction extends Action function getTargetGroup($id) { if (empty($id)) { - if (is_numeric($this->arg('id'))) { return User_group::staticGet($this->arg('id')); } else if ($this->arg('id')) { -- cgit v1.2.3-54-g00ecf From 62059fec832014411f604d9cc669b7d3201a60d5 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 8 Oct 2009 15:45:45 -0700 Subject: New actions for statusnet config and version API methods --- actions/apistatusnetconfig.php | 143 ++++++++++++++++++++++++++++++++ actions/apistatusnetversion.php | 103 +++++++++++++++++++++++ actions/twitapistatusnet.php | 175 ---------------------------------------- lib/router.php | 20 +++-- 4 files changed, 260 insertions(+), 181 deletions(-) create mode 100644 actions/apistatusnetconfig.php create mode 100644 actions/apistatusnetversion.php delete mode 100644 actions/twitapistatusnet.php (limited to 'actions') diff --git a/actions/apistatusnetconfig.php b/actions/apistatusnetconfig.php new file mode 100644 index 000000000..94bd5b4b3 --- /dev/null +++ b/actions/apistatusnetconfig.php @@ -0,0 +1,143 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/twitterapi.php'; + +/** + * Gives a full dump of configuration variables for this instance + * of StatusNet, minus variables that may be security-sensitive (like + * passwords). + * URL: http://identi.ca/api/statusnet/config.(xml|json) + * Formats: xml, json + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiStatusnetConfigAction extends TwitterApiAction +{ + var $format = null; + + var $keys = array( + 'site' => array('name', 'server', 'theme', 'path', 'fancy', 'language', + 'email', 'broughtby', 'broughtbyurl', 'closed', + 'inviteonly', 'private'), + 'license' => array('url', 'title', 'image'), + 'nickname' => array('featured'), + 'throttle' => array('enabled', 'count', 'timespan'), + 'xmpp' => array('enabled', 'server', 'user') + ); + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + $this->format = $this->arg('format'); + return true; + } + + /** + * Handle the request + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + switch ($this->format) { + case 'xml': + $this->init_document('xml'); + $this->elementStart('config'); + + // XXX: check that all sections and settings are legal XML elements + + common_debug(var_export($this->keys, true)); + + foreach ($this->keys as $section => $settings) { + $this->elementStart($section); + foreach ($settings as $setting) { + $value = common_config($section, $setting); + if (is_array($value)) { + $value = implode(',', $value); + } else if ($value === false) { + $value = 'false'; + } else if ($value === true) { + $value = 'true'; + } + $this->element($setting, null, $value); + } + $this->elementEnd($section); + } + $this->elementEnd('config'); + $this->end_document('xml'); + break; + case 'json': + $result = array(); + foreach ($this->keys as $section => $settings) { + $result[$section] = array(); + foreach ($settings as $setting) { + $result[$section][$setting] + = common_config($section, $setting); + } + } + $this->init_document('json'); + $this->show_json_objects($result); + $this->end_document('json'); + break; + default: + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + break; + } + } + +} + diff --git a/actions/apistatusnetversion.php b/actions/apistatusnetversion.php new file mode 100644 index 000000000..471297ad5 --- /dev/null +++ b/actions/apistatusnetversion.php @@ -0,0 +1,103 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/twitterapi.php'; + +/** + * Returns a version number for this version of StatusNet, which + * should make things a bit easier for upgrades. + * URL: http://identi.ca/api/statusnet/version.(xml|json) + * Formats: xml, js + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiStatusnetVersionAction extends TwitterApiAction +{ + var $format = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + $this->format = $this->arg('format'); + return true; + } + + /** + * Handle the request + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + switch ($this->format) { + case 'xml': + $this->init_document('xml'); + $this->element('version', null, STATUSNET_VERSION); + $this->end_document('xml'); + break; + case 'json': + $this->init_document('json'); + print '"'.STATUSNET_VERSION.'"'; + $this->end_document('json'); + break; + default: + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + break; + } + } + +} + diff --git a/actions/twitapistatusnet.php b/actions/twitapistatusnet.php deleted file mode 100644 index 490f11dce..000000000 --- a/actions/twitapistatusnet.php +++ /dev/null @@ -1,175 +0,0 @@ -. - * - * @category Twitter - * @package StatusNet - * @author Evan Prodromou - * @copyright 2008 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { - exit(1); -} - -require_once INSTALLDIR.'/lib/twitterapi.php'; - -/** - * StatusNet-specific API methods - * - * This class handles all /statusnet/ API methods. - * - * @category Twitter - * @package StatusNet - * @author Evan Prodromou - * @copyright 2008 StatusNet, Inc. - * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 - * @link http://status.net/ - */ - -class TwitapistatusnetAction extends TwitterapiAction -{ - /** - * A version stamp for the API - * - * Returns a version number for this version of StatusNet, which - * should make things a bit easier for upgrades. - * URL: http://identi.ca/api/statusnet/version.(xml|json) - * Formats: xml, json - * - * @param array $args Web arguments - * @param array $apidata Twitter API data - * - * @return void - * - * @see ApiAction::process_command() - */ - - function version($args, $apidata) - { - parent::handle($args); - switch ($apidata['content-type']) { - case 'xml': - $this->init_document('xml'); - $this->element('version', null, STATUSNET_VERSION); - $this->end_document('xml'); - break; - case 'json': - $this->init_document('json'); - print '"'.STATUSNET_VERSION.'"'; - $this->end_document('json'); - break; - default: - $this->clientError(_('API method not found!'), $code=404); - } - } - - /** - * Dump of configuration variables - * - * Gives a full dump of configuration variables for this instance - * of StatusNet, minus variables that may be security-sensitive (like - * passwords). - * URL: http://identi.ca/api/statusnet/config.(xml|json) - * Formats: xml, json - * - * @param array $args Web arguments - * @param array $apidata Twitter API data - * - * @return void - * - * @see ApiAction::process_command() - */ - - function config($args, $apidata) - { - static $keys = array('site' => array('name', 'server', 'theme', 'path', 'fancy', 'language', - 'email', 'broughtby', 'broughtbyurl', 'closed', - 'inviteonly', 'private'), - 'license' => array('url', 'title', 'image'), - 'nickname' => array('featured'), - 'throttle' => array('enabled', 'count', 'timespan'), - 'xmpp' => array('enabled', 'server', 'user')); - - parent::handle($args); - - switch ($apidata['content-type']) { - case 'xml': - $this->init_document('xml'); - $this->elementStart('config'); - // XXX: check that all sections and settings are legal XML elements - foreach ($keys as $section => $settings) { - $this->elementStart($section); - foreach ($settings as $setting) { - $value = common_config($section, $setting); - if (is_array($value)) { - $value = implode(',', $value); - } else if ($value === false) { - $value = 'false'; - } else if ($value === true) { - $value = 'true'; - } - $this->element($setting, null, $value); - } - $this->elementEnd($section); - } - $this->elementEnd('config'); - $this->end_document('xml'); - break; - case 'json': - $result = array(); - foreach ($keys as $section => $settings) { - $result[$section] = array(); - foreach ($settings as $setting) { - $result[$section][$setting] = common_config($section, $setting); - } - } - $this->init_document('json'); - $this->show_json_objects($result); - $this->end_document('json'); - break; - default: - $this->clientError(_('API method not found!'), $code=404); - } - } - - /** - * WADL description of the API - * - * Gives a WADL description of the API provided by this version of the - * software. - * - * @param array $args Web arguments - * @param array $apidata Twitter API data - * - * @return void - * - * @see ApiAction::process_command() - */ - - function wadl($args, $apidata) - { - parent::handle($args); - $this->serverError(_('API method under construction.'), 501); - } - -} diff --git a/lib/router.php b/lib/router.php index 1ea5885da..3c50fb25e 100644 --- a/lib/router.php +++ b/lib/router.php @@ -486,15 +486,23 @@ class Router // statusnet - $m->connect('api/statusnet/:method', - array('action' => 'api', - 'apiaction' => 'statusnet')); + $m->connect('api/statusnet/version.:format', + array('action' => 'ApiStatusnetVersion', + 'format' => '(xml|json)')); + + $m->connect('api/statusnet/config.:format', + array('action' => 'ApiStatusnetConfig', + 'format' => '(xml|json)')); // For older methods, we provide "laconica" base action - $m->connect('api/laconica/:method', - array('action' => 'api', - 'apiaction' => 'statusnet')); + $m->connect('api/laconica/version.:format', + array('action' => 'ApiStatusnetVersion', + 'format' => '(xml|json)')); + + $m->connect('api/laconica/config.:format', + array('action' => 'ApiStatusnetConfig', + 'format' => '(xml|json)')); // Groups and tags are newer than 0.8.1 so no backward-compatibility // necessary -- cgit v1.2.3-54-g00ecf From ada84698f2e82c1c659d872dea0c4545ef93509a Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 8 Oct 2009 15:59:00 -0700 Subject: New action for test/help API method --- actions/apihelptest.php | 96 +++++++++++++++++++++++++++++++++++++++++++++++++ lib/router.php | 6 ++-- 2 files changed, 99 insertions(+), 3 deletions(-) create mode 100644 actions/apihelptest.php (limited to 'actions') diff --git a/actions/apihelptest.php b/actions/apihelptest.php new file mode 100644 index 000000000..5f32165cf --- /dev/null +++ b/actions/apihelptest.php @@ -0,0 +1,96 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/twitterapi.php'; + +/** + * Returns the string "ok" in the requested format with a 200 OK HTTP status code. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiHelpTestAction extends TwitterApiAction +{ + var $format = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + $this->format = $this->arg('format'); + return true; + } + + /** + * Handle the request + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($this->format == 'xml') { + $this->init_document('xml'); + $this->element('ok', null, 'true'); + $this->end_document('xml'); + } elseif ($this->format == 'json') { + $this->init_document('json'); + print '"ok"'; + $this->end_document('json'); + } else { + $this->clientError( + _('API method not found!'), + 404, + $this->format + ); + } + } + +} + diff --git a/lib/router.php b/lib/router.php index 3c50fb25e..cf5c06b26 100644 --- a/lib/router.php +++ b/lib/router.php @@ -480,9 +480,9 @@ class Router // help - $m->connect('api/help/:method', - array('action' => 'api', - 'apiaction' => 'help')); + $m->connect('api/help/test.:format', + array('action' => 'ApiHelpTest', + 'format' => '(xml|json)')); // statusnet -- cgit v1.2.3-54-g00ecf From 44a59bbc2d34998147496d5945f6b35a75cf8464 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 9 Oct 2009 15:28:12 -0400 Subject: add some hooks for the profile page --- EVENTS.txt | 42 +++++++ actions/showstream.php | 307 +++++++++++++++++++++++++++---------------------- 2 files changed, 209 insertions(+), 140 deletions(-) (limited to 'actions') diff --git a/EVENTS.txt b/EVENTS.txt index 02b11a8a6..68c7a2961 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -291,3 +291,45 @@ EndShowHeadElements: Right before the tag; put "; } else { diff --git a/plugins/Facebook/facebook/facebook_desktop.php b/plugins/Facebook/facebook/facebook_desktop.php index e79a2ca34..425bb5c7b 100644 --- a/plugins/Facebook/facebook/facebook_desktop.php +++ b/plugins/Facebook/facebook/facebook_desktop.php @@ -93,7 +93,7 @@ class FacebookDesktop extends Facebook { } public function verify_signature($fb_params, $expected_sig) { - // we don't want to verify the signature until we have a valid + // we do not want to verify the signature until we have a valid // session secret if ($this->verify_sig) { return parent::verify_signature($fb_params, $expected_sig); diff --git a/plugins/Facebook/facebook/facebookapi_php5_restlib.php b/plugins/Facebook/facebook/facebookapi_php5_restlib.php index e2a6fe88b..781390002 100755 --- a/plugins/Facebook/facebook/facebookapi_php5_restlib.php +++ b/plugins/Facebook/facebook/facebookapi_php5_restlib.php @@ -46,7 +46,7 @@ class FacebookRestClient { // on canvas pages public $added; public $is_user; - // we don't pass friends list to iframes, but we want to make + // we do not pass friends list to iframes, but we want to make // friends_get really simple in the canvas_user (non-logged in) case. // So we use the canvas_user as default arg to friends_get public $canvas_user; @@ -657,7 +657,7 @@ function toggleDisplay(id, type) { * deleted. * * IMPORTANT: If your application has registered public tags - * that other applications may be using, don't delete those tags! + * that other applications may be using, do not delete those tags! * Doing so can break the FBML ofapplications that are using them. * * @param array $tag_names the names of the tags to delete (optinal) @@ -820,7 +820,7 @@ function toggleDisplay(id, type) { if (is_array($target_ids)) { $target_ids = json_encode($target_ids); - $target_ids = trim($target_ids, "[]"); // we don't want square brackets + $target_ids = trim($target_ids, "[]"); // we do not want square brackets } return $this->call_method('facebook.feed.publishUserAction', diff --git a/plugins/Facebook/facebook/jsonwrapper/jsonwrapper.php b/plugins/Facebook/facebook/jsonwrapper/jsonwrapper.php index 29509deba..9c6c62663 100644 --- a/plugins/Facebook/facebook/jsonwrapper/jsonwrapper.php +++ b/plugins/Facebook/facebook/jsonwrapper/jsonwrapper.php @@ -1,5 +1,5 @@ location_id = $n->geonameId; $location->location_ns = self::NAMESPACE; - // handled, don't continue processing! + // handled, do not continue processing! return false; } } - // Continue processing; we don't have the answer + // Continue processing; we do not have the answer return true; } @@ -217,7 +217,7 @@ class GeonamesPlugin extends Plugin } } - // For some reason we don't know, so pass. + // For some reason we do not know, so pass. return true; } @@ -299,7 +299,7 @@ class GeonamesPlugin extends Plugin $url = 'http://www.geonames.org/' . $location->location_id; - // it's been filled, so don't process further. + // it's been filled, so do not process further. return false; } } diff --git a/plugins/OpenID/finishopenidlogin.php b/plugins/OpenID/finishopenidlogin.php index ff0b451d3..b5d978294 100644 --- a/plugins/OpenID/finishopenidlogin.php +++ b/plugins/OpenID/finishopenidlogin.php @@ -341,7 +341,7 @@ class FinishopenidloginAction extends Action { $url = common_get_returnto(); if ($url) { - # We don't have to return to it again + # We do not have to return to it again common_set_returnto(null); } else { $url = common_local_url('all', @@ -421,7 +421,7 @@ class FinishopenidloginAction extends Action $parts = parse_url($openid); - # If any of these parts exist, this won't work + # If any of these parts exist, this will not work foreach ($bad as $badpart) { if (array_key_exists($badpart, $parts)) { diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php index cd042226b..4a76a8791 100644 --- a/plugins/OpenID/openid.php +++ b/plugins/OpenID/openid.php @@ -187,7 +187,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) $form_html = $auth_request->formMarkup($trust_root, $process_url, $immediate, array('id' => $form_id)); - # XXX: This is cheap, but things choke if we don't escape ampersands + # XXX: This is cheap, but things choke if we do not escape ampersands # in the HTML attributes $form_html = preg_replace('/&/', '&', $form_html); diff --git a/plugins/PiwikAnalyticsPlugin.php b/plugins/PiwikAnalyticsPlugin.php index 54faa0bdb..81ef7c683 100644 --- a/plugins/PiwikAnalyticsPlugin.php +++ b/plugins/PiwikAnalyticsPlugin.php @@ -44,7 +44,7 @@ if (!defined('STATUSNET')) { * 'piwikId' => 'id')); * * Replace 'example.com/piwik/' with the URL to your Piwik installation and - * make sure you don't forget the final /. + * make sure you do not forget the final /. * Replace 'id' with the ID your statusnet installation has in your Piwik * analytics setup - for example '8'. * diff --git a/plugins/Realtime/RealtimePlugin.php b/plugins/Realtime/RealtimePlugin.php index 0c7c1240c..88a87dcf9 100644 --- a/plugins/Realtime/RealtimePlugin.php +++ b/plugins/Realtime/RealtimePlugin.php @@ -240,7 +240,7 @@ class RealtimePlugin extends Plugin // FIXME: this code should be abstracted to a neutral third // party, like Notice::asJson(). I'm not sure of the ethics // of refactoring from within a plugin, so I'm just abusing - // the ApiAction method. Don't do this unless you're me! + // the ApiAction method. Do not do this unless you're me! require_once(INSTALLDIR.'/lib/api.php'); diff --git a/plugins/TwitterBridge/daemons/synctwitterfriends.php b/plugins/TwitterBridge/daemons/synctwitterfriends.php index 6a155b301..76410c7cb 100755 --- a/plugins/TwitterBridge/daemons/synctwitterfriends.php +++ b/plugins/TwitterBridge/daemons/synctwitterfriends.php @@ -115,7 +115,7 @@ class SyncTwitterFriendsDaemon extends ParallelizingDaemon // Each child ps needs its own DB connection // Note: DataObject::getDatabaseConnection() creates - // a new connection if there isn't one already + // a new connection if there is not one already $conn = &$flink->getDatabaseConnection(); diff --git a/plugins/TwitterBridge/daemons/twitterstatusfetcher.php b/plugins/TwitterBridge/daemons/twitterstatusfetcher.php index ab610e553..5d0d83be3 100755 --- a/plugins/TwitterBridge/daemons/twitterstatusfetcher.php +++ b/plugins/TwitterBridge/daemons/twitterstatusfetcher.php @@ -136,7 +136,7 @@ class TwitterStatusFetcher extends ParallelizingDaemon // Each child ps needs its own DB connection // Note: DataObject::getDatabaseConnection() creates - // a new connection if there isn't one already + // a new connection if there is not one already $conn = &$flink->getDatabaseConnection(); @@ -499,7 +499,7 @@ class TwitterStatusFetcher extends ParallelizingDaemon $avatar->height = 73; } - $avatar->original = 0; // we don't have the original + $avatar->original = 0; // we do not have the original $avatar->mediatype = $mediatype; $avatar->filename = $filename; $avatar->url = Avatar::url($filename); diff --git a/plugins/TwitterBridge/twitter.php b/plugins/TwitterBridge/twitter.php index 3c6803e49..d48089caa 100644 --- a/plugins/TwitterBridge/twitter.php +++ b/plugins/TwitterBridge/twitter.php @@ -33,7 +33,7 @@ function updateTwitter_user($twitter_id, $screen_name) $fuser->query('BEGIN'); - // Dropping down to SQL because regular DB_DataObject udpate stuff doesn't seem + // Dropping down to SQL because regular DB_DataObject udpate stuff does not seem // to work so good with tables that have multiple column primary keys // Any time we update the uri for a forein user we have to make sure there diff --git a/scripts/console.php b/scripts/console.php index 2413f5079..fecb75b4a 100755 --- a/scripts/console.php +++ b/scripts/console.php @@ -60,9 +60,9 @@ function read_input_line($prompt) } /** - * On Unix-like systems where PHP readline extension isn't present, + * On Unix-like systems where PHP readline extension is not present, * -cough- Mac OS X -cough- we can shell out to bash to do it for us. - * This lets us at least handle things like arrow keys, but we don't + * This lets us at least handle things like arrow keys, but we do not * get any entry history. :( * * Shamelessly ripped from when I wrote the same code for MediaWiki. :) diff --git a/scripts/maildaemon.php b/scripts/maildaemon.php index b4e4d9f08..4ec4526ef 100755 --- a/scripts/maildaemon.php +++ b/scripts/maildaemon.php @@ -231,7 +231,7 @@ class MailerDaemon foreach ($parsed->parts as $part) { $this->extract_part($part,$msg,$attachments); } - //we don't want any attachments that are a result of this parsing + //we do not want any attachments that are a result of this parsing return $msg; } diff --git a/scripts/xmppconfirmhandler.php b/scripts/xmppconfirmhandler.php index c7ed15e49..f5f824dee 100755 --- a/scripts/xmppconfirmhandler.php +++ b/scripts/xmppconfirmhandler.php @@ -69,7 +69,7 @@ class XmppConfirmHandler extends XmppQueueHandler continue; } else { $this->log(LOG_INFO, 'Confirmation sent for ' . $confirm->address); - # Mark confirmation sent; need a dupe so we don't have the WHERE clause + # Mark confirmation sent; need a dupe so we do not have the WHERE clause $dupe = Confirm_address::staticGet('code', $confirm->code); if (!$dupe) { common_log(LOG_WARNING, 'Could not refetch confirm', __FILE__); -- cgit v1.2.3-54-g00ecf From 2917fad20966b3d8159b5ff27ce6216801fb7d80 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Sun, 8 Nov 2009 23:35:12 +0100 Subject: Revert "More precise field label" This reverts commit 6483fbd8fa4c7bc8da83a9a2e334db9d9a19a77b. "SMS address" header here makes no sense; it would be inconsistent with the other tabs and headings on the same and related pages, and would look very awkward with another giant "SMS" right above it --- actions/smssettings.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/smssettings.php b/actions/smssettings.php index 9fa7f62fb..672abcef8 100644 --- a/actions/smssettings.php +++ b/actions/smssettings.php @@ -101,7 +101,7 @@ class SmssettingsAction extends ConnectSettingsAction common_local_url('smssettings'))); $this->elementStart('fieldset', array('id' => 'settings_sms_address')); - $this->element('legend', null, _('SMS address')); + $this->element('legend', null, _('Address')); $this->hidden('token', common_session_token()); if ($user->sms) { -- cgit v1.2.3-54-g00ecf From 5c091dab9be50d6955755c1420c09070ea2da7b6 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Sun, 8 Nov 2009 15:29:04 -0800 Subject: Implement /api/account/update_profile_background_image.format --- actions/apiaccountupdateprofilebackgroundimage.php | 170 +++++++++++++++++++++ lib/router.php | 3 + 2 files changed, 173 insertions(+) create mode 100644 actions/apiaccountupdateprofilebackgroundimage.php (limited to 'actions') diff --git a/actions/apiaccountupdateprofilebackgroundimage.php b/actions/apiaccountupdateprofilebackgroundimage.php new file mode 100644 index 000000000..26d55d448 --- /dev/null +++ b/actions/apiaccountupdateprofilebackgroundimage.php @@ -0,0 +1,170 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/apiauth.php'; + +/** + * Update the authenticating user's profile background image + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiAccountUpdateProfileBackgroundImageAction extends ApiAuthAction +{ + + var $tile = false; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->user = $this->auth_user; + $this->tile = $this->arg('tile'); + + return true; + } + + /** + * Handle the request + * + * Check whether the credentials are valid and output the result + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, $this->format + ); + return; + } + + // Workaround for PHP returning empty $_POST and $_FILES when POST + // length > post_max_size in php.ini + + if (empty($_FILES) + && empty($_POST) + && ($_SERVER['CONTENT_LENGTH'] > 0) + ) { + $msg = _('The server was unable to handle that much POST ' . + 'data (%s bytes) due to its current configuration.'); + + $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); + return; + } + + if (empty($this->user)) { + $this->clientError(_('No such user!'), 404, $this->format); + return; + } + + try { + $imagefile = ImageFile::fromUpload('image'); + } catch (Exception $e) { + $this->clientError($e->getMessage(), 400, $this->format); + return; + } + + $design = $this->user->getDesign(); + + $filename = Design::filename( + $design->id, + image_type_to_extension($imagefile->type), + common_timestamp() + ); + + $filepath = Design::path($filename); + + move_uploaded_file($imagefile->filepath, $filepath); + + // delete any old backround img laying around + + if (isset($design->backgroundimage)) { + @unlink(Design::path($design->backgroundimage)); + } + + $original = clone($design); + + $design->backgroundimage = $filename; + + $design->setDisposition(true, false, !empty($this->tile)); + + $result = $design->update($original); + + if ($result === false) { + common_log_db_error($design, 'UPDATE', __FILE__); + $this->showForm(_('Couldn\'t update your design.')); + return; + } + + $profile = $this->user->getProfile(); + + if (empty($profile)) { + $this->clientError(_('User has no profile.')); + return; + } + + $twitter_user = $this->twitterUserArray($this->user->getProfile(), true); + + if ($this->format == 'xml') { + $this->initDocument('xml'); + $this->showTwitterXmlUser($twitter_user); + $this->endDocument('xml'); + } elseif ($this->format == 'json') { + $this->initDocument('json'); + $this->showJsonObjects($twitter_user); + $this->endDocument('json'); + } + } + +} diff --git a/lib/router.php b/lib/router.php index db9fdb470..d47828d1c 100644 --- a/lib/router.php +++ b/lib/router.php @@ -431,6 +431,9 @@ class Router $m->connect('api/account/update_profile_image.:format', array('action' => 'ApiAccountUpdateProfileImage')); + $m->connect('api/account/update_profile_background_image.:format', + array('action' => 'ApiAccountUpdateProfileBackgroundImage')); + // special case where verify_credentials is called w/out a format $m->connect('api/account/verify_credentials', -- cgit v1.2.3-54-g00ecf From 977d5d6f8569437a8d8a7f9616f4de6afc0dc509 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 8 Nov 2009 22:03:34 -0500 Subject: add default timezone to site admin panel --- actions/siteadminpanel.php | 37 +++++++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) (limited to 'actions') diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index 460567c22..f66aa855c 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -90,7 +90,7 @@ class SiteadminpanelAction extends AdminPanelAction function saveSettings() { - static $settings = array('name', 'broughtby', 'broughtbyurl', 'email'); + static $settings = array('name', 'broughtby', 'broughtbyurl', 'email', 'timezone'); $values = array(); @@ -135,6 +135,14 @@ class SiteadminpanelAction extends AdminPanelAction if (!Validate::email($values['email'], common_config('email', 'check_domain'))) { $this->clientError(_('Not a valid email address')); } + + // Validate timezone + + if (is_null($values['timezone']) || + !in_array($values['timezone'], DateTimeZone::listIdentifiers())) { + $this->clientError(_('Timezone not selected.')); + return; + } } } @@ -189,6 +197,18 @@ class SiteAdminPanelForm extends Form _('URL used for credits link in footer of each page')); $this->input('email', _('Email'), _('contact email address for your site')); + + $timezones = array(); + + foreach (DateTimeZone::listIdentifiers() as $k => $v) { + $timezones[$v] = $v; + } + + asort($timezones); + + $this->out->dropdown('timezone', _('Default timezone'), + $timezones, _('Default timezone for the site; usually UTC.'), + true, $this->value('timezone')); } /** @@ -203,12 +223,25 @@ class SiteAdminPanelForm extends Form */ function input($setting, $title, $instructions) + { + $this->out->input($setting, $title, $this->value($setting), $instructions); + } + + /** + * Utility to simplify getting the posted-or-stored setting value + * + * @param string $setting Name of the setting + * + * @return string param value if posted, or current config value + */ + + function value($setting) { $value = $this->out->trimmed($setting); if (empty($value)) { $value = common_config('site', $setting); } - $this->out->input($setting, $title, $value, $instructions); + return $value; } /** -- cgit v1.2.3-54-g00ecf From 33f931d5277e0d72f5c9082d176a1a574f033e87 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 8 Nov 2009 22:12:12 -0500 Subject: add default language to site admin panel --- actions/siteadminpanel.php | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index f66aa855c..2da26e4bd 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -90,7 +90,8 @@ class SiteadminpanelAction extends AdminPanelAction function saveSettings() { - static $settings = array('name', 'broughtby', 'broughtbyurl', 'email', 'timezone'); + static $settings = array('name', 'broughtby', 'broughtbyurl', + 'email', 'timezone', 'language'); $values = array(); @@ -143,6 +144,12 @@ class SiteadminpanelAction extends AdminPanelAction $this->clientError(_('Timezone not selected.')); return; } + + // Validate language + + if (!is_null($language) && !in_array($language, array_keys(get_nice_language_list()))) { + $this->clientError(sprintf(_('Unknown language "%s"'), $language)); + } } } @@ -209,6 +216,10 @@ class SiteAdminPanelForm extends Form $this->out->dropdown('timezone', _('Default timezone'), $timezones, _('Default timezone for the site; usually UTC.'), true, $this->value('timezone')); + + $this->out->dropdown('language', _('Language'), + get_nice_language_list(), _('Default site language'), + false, $this->value('language')); } /** -- cgit v1.2.3-54-g00ecf From badd8ccccadb4eb3697c8d68619e4ec931b947c5 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 8 Nov 2009 22:21:28 -0500 Subject: add registration restrictions and privacy to site admin panel --- actions/siteadminpanel.php | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index 2da26e4bd..358c0b15f 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -91,7 +91,8 @@ class SiteadminpanelAction extends AdminPanelAction function saveSettings() { static $settings = array('name', 'broughtby', 'broughtbyurl', - 'email', 'timezone', 'language'); + 'email', 'timezone', 'language', + 'closed', 'inviteonly', 'private'); $values = array(); @@ -220,6 +221,18 @@ class SiteAdminPanelForm extends Form $this->out->dropdown('language', _('Language'), get_nice_language_list(), _('Default site language'), false, $this->value('language')); + + $this->out->checkbox('closed', _('Closed'), + (bool) $this->value('closed'), + _('Is registration on this site prohibited?')); + + $this->out->checkbox('inviteonly', _('Invite-only'), + (bool) $this->value('inviteonly'), + _('Is registration on this site only open to invited users?')); + + $this->out->checkbox('private', _('Private'), + (bool) $this->value('private'), + _('Prohibit anonymous users (not logged in) from viewing site?')); } /** -- cgit v1.2.3-54-g00ecf From 088081675fb7d5250a9b9dfe5015de0822cb5ac2 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 9 Nov 2009 20:01:46 +0100 Subject: Revert "Remove more contractions" This reverts commit 5ab709b73977131813884558bf56d97172a7aa26. Missed this one yesterday... --- actions/allrss.php | 2 +- actions/apiaccountratelimitstatus.php | 2 +- actions/apifriendshipsdestroy.php | 2 +- actions/attachment.php | 4 ++-- actions/avatarbynickname.php | 2 +- actions/groupblock.php | 2 +- actions/login.php | 2 +- actions/logout.php | 2 +- actions/newmessage.php | 2 +- actions/newnotice.php | 2 +- actions/opensearch.php | 2 +- actions/passwordsettings.php | 2 +- actions/register.php | 2 +- actions/showgroup.php | 2 +- actions/showmessage.php | 8 ++++---- actions/shownotice.php | 6 +++--- actions/showstream.php | 2 +- actions/sup.php | 2 +- actions/twitapisearchatom.php | 2 +- actions/twitapitrends.php | 2 +- classes/File_redirection.php | 8 ++++---- classes/Notice.php | 6 +++--- classes/Profile.php | 4 ++-- classes/User.php | 6 +++--- lib/api.php | 14 +++++++------- lib/apiauth.php | 2 +- lib/dberroraction.php | 6 +++--- lib/error.php | 4 ++-- lib/htmloutputter.php | 2 +- lib/imagefile.php | 2 +- lib/jabber.php | 2 +- lib/mail.php | 6 +++--- lib/noticelist.php | 4 ++-- lib/queuehandler.php | 12 ++++++------ lib/rssaction.php | 2 +- lib/search_engines.php | 2 +- lib/util.php | 12 ++++++------ lib/xmloutputter.php | 2 +- lib/xmppqueuehandler.php | 2 +- plugins/Autocomplete/autocomplete.php | 2 +- plugins/BlogspamNetPlugin.php | 2 +- plugins/Facebook/FBConnectAuth.php | 4 ++-- plugins/Facebook/FacebookPlugin.php | 4 ++-- plugins/Facebook/facebook/facebook.php | 8 ++++---- plugins/Facebook/facebook/facebook_desktop.php | 2 +- plugins/Facebook/facebook/facebookapi_php5_restlib.php | 6 +++--- plugins/Facebook/facebook/jsonwrapper/jsonwrapper.php | 2 +- plugins/Facebook/facebookaction.php | 6 +++--- plugins/GeonamesPlugin.php | 8 ++++---- plugins/OpenID/finishopenidlogin.php | 4 ++-- plugins/OpenID/openid.php | 2 +- plugins/PiwikAnalyticsPlugin.php | 2 +- plugins/Realtime/RealtimePlugin.php | 2 +- plugins/TwitterBridge/daemons/synctwitterfriends.php | 2 +- plugins/TwitterBridge/daemons/twitterstatusfetcher.php | 4 ++-- plugins/TwitterBridge/twitter.php | 2 +- scripts/console.php | 4 ++-- scripts/maildaemon.php | 2 +- scripts/xmppconfirmhandler.php | 2 +- 59 files changed, 110 insertions(+), 110 deletions(-) (limited to 'actions') diff --git a/actions/allrss.php b/actions/allrss.php index 4a5d15c7b..28b1be27d 100644 --- a/actions/allrss.php +++ b/actions/allrss.php @@ -56,7 +56,7 @@ class AllrssAction extends Rss10Action * * @param array $args Web and URL arguments * - * @return boolean false if user does not exist + * @return boolean false if user doesn't exist */ function prepare($args) { diff --git a/actions/apiaccountratelimitstatus.php b/actions/apiaccountratelimitstatus.php index c7c0e7c00..96179f175 100644 --- a/actions/apiaccountratelimitstatus.php +++ b/actions/apiaccountratelimitstatus.php @@ -36,7 +36,7 @@ if (!defined('STATUSNET')) { require_once INSTALLDIR . '/lib/apibareauth.php'; /** - * We do not have a rate limit, but some clients check this method. + * We don't have a rate limit, but some clients check this method. * It always returns the same thing: 150 hits left. * * @category API diff --git a/actions/apifriendshipsdestroy.php b/actions/apifriendshipsdestroy.php index fb73624c9..3d9b7e001 100644 --- a/actions/apifriendshipsdestroy.php +++ b/actions/apifriendshipsdestroy.php @@ -113,7 +113,7 @@ class ApiFriendshipsDestroyAction extends ApiAuthAction return; } - // Do not allow unsubscribing from yourself! + // Don't allow unsubscribing from yourself! if ($this->user->id == $this->other->id) { $this->clientError( diff --git a/actions/attachment.php b/actions/attachment.php index ca9e57845..6981354d1 100644 --- a/actions/attachment.php +++ b/actions/attachment.php @@ -146,7 +146,7 @@ class AttachmentAction extends Action } /** - * Do not show local navigation + * Don't show local navigation * * @return void */ @@ -170,7 +170,7 @@ class AttachmentAction extends Action } /** - * Do not show page notice + * Don't show page notice * * @return void */ diff --git a/actions/avatarbynickname.php b/actions/avatarbynickname.php index 1a6925e11..537950792 100644 --- a/actions/avatarbynickname.php +++ b/actions/avatarbynickname.php @@ -49,7 +49,7 @@ class AvatarbynicknameAction extends Action * * @param array $args query arguments * - * @return boolean false if nickname or user is not found + * @return boolean false if nickname or user isn't found */ function handle($args) { diff --git a/actions/groupblock.php b/actions/groupblock.php index 133101eb7..979a56a81 100644 --- a/actions/groupblock.php +++ b/actions/groupblock.php @@ -95,7 +95,7 @@ class GroupblockAction extends Action $this->clientError(_('User is already blocked from group.')); return false; } - // XXX: could have proactive blocks, but we do not have UI for it. + // XXX: could have proactive blocks, but we don't have UI for it. if (!$this->profile->isMember($this->group)) { $this->clientError(_('User is not a member of group.')); return false; diff --git a/actions/login.php b/actions/login.php index 679817520..ad57dd667 100644 --- a/actions/login.php +++ b/actions/login.php @@ -159,7 +159,7 @@ class LoginAction extends Action $url = common_get_returnto(); if ($url) { - // We do not have to return to it again + // We don't have to return to it again common_set_returnto(null); } else { $url = common_local_url('all', diff --git a/actions/logout.php b/actions/logout.php index 7e768fca6..1e0adae57 100644 --- a/actions/logout.php +++ b/actions/logout.php @@ -81,7 +81,7 @@ class LogoutAction extends Action { common_set_user(null); common_real_login(false); // not logged in - common_forgetme(); // do not log back in! + common_forgetme(); // don't log back in! } } diff --git a/actions/newmessage.php b/actions/newmessage.php index 73307fdfc..0db2e7181 100644 --- a/actions/newmessage.php +++ b/actions/newmessage.php @@ -61,7 +61,7 @@ class NewmessageAction extends Action /** * Title of the page * - * Note that this usually does not get called unless something went wrong + * Note that this usually doesn't get called unless something went wrong * * @return string page title */ diff --git a/actions/newnotice.php b/actions/newnotice.php index fc06e5c98..fbd7ab6bc 100644 --- a/actions/newnotice.php +++ b/actions/newnotice.php @@ -59,7 +59,7 @@ class NewnoticeAction extends Action /** * Title of the page * - * Note that this usually does not get called unless something went wrong + * Note that this usually doesn't get called unless something went wrong * * @return string page title */ diff --git a/actions/opensearch.php b/actions/opensearch.php index b205d2fe2..861b53d7d 100644 --- a/actions/opensearch.php +++ b/actions/opensearch.php @@ -52,7 +52,7 @@ class OpensearchAction extends Action * * @param array $args query arguments * - * @return boolean false if user does not exist + * @return boolean false if user doesn't exist */ function handle($args) { diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php index 6658d279f..87eb45a7d 100644 --- a/actions/passwordsettings.php +++ b/actions/passwordsettings.php @@ -97,7 +97,7 @@ class PasswordsettingsAction extends AccountSettingsAction $this->elementStart('ul', 'form_data'); - // Users who logged in with OpenID will not have a pwd + // Users who logged in with OpenID won't have a pwd if ($user->password) { $this->elementStart('li'); $this->password('oldpassword', _('Old password')); diff --git a/actions/register.php b/actions/register.php index c4f6760aa..57f8e7bdf 100644 --- a/actions/register.php +++ b/actions/register.php @@ -174,7 +174,7 @@ class RegisterAction extends Action $bio = $this->trimmed('bio'); $location = $this->trimmed('location'); - // We do not trim these... whitespace is OK in a password! + // We don't trim these... whitespace is OK in a password! $password = $this->arg('password'); $confirm = $this->arg('confirm'); diff --git a/actions/showgroup.php b/actions/showgroup.php index ae956befa..a4af29391 100644 --- a/actions/showgroup.php +++ b/actions/showgroup.php @@ -418,7 +418,7 @@ class ShowgroupAction extends GroupDesignAction // XXX: WORM cache this $members = $this->group->getMembers(); $members_count = 0; - /** $member->count() does not work. */ + /** $member->count() doesn't work. */ while ($members->fetch()) { $members_count++; } diff --git a/actions/showmessage.php b/actions/showmessage.php index cf3a819c1..db757948b 100644 --- a/actions/showmessage.php +++ b/actions/showmessage.php @@ -137,7 +137,7 @@ class ShowmessageAction extends MailboxAction } /** - * Do not show local navigation + * Don't show local navigation * * @return void */ @@ -147,7 +147,7 @@ class ShowmessageAction extends MailboxAction } /** - * Do not show page notice + * Don't show page notice * * @return void */ @@ -157,7 +157,7 @@ class ShowmessageAction extends MailboxAction } /** - * Do not show aside + * Don't show aside * * @return void */ @@ -167,7 +167,7 @@ class ShowmessageAction extends MailboxAction } /** - * Do not show any instructions + * Don't show any instructions * * @return string */ diff --git a/actions/shownotice.php b/actions/shownotice.php index 688089f02..5d16fdad9 100644 --- a/actions/shownotice.php +++ b/actions/shownotice.php @@ -208,7 +208,7 @@ class ShownoticeAction extends OwnerDesignAction } /** - * Do not show local navigation + * Don't show local navigation * * @return void */ @@ -234,7 +234,7 @@ class ShownoticeAction extends OwnerDesignAction } /** - * Do not show page notice + * Don't show page notice * * @return void */ @@ -244,7 +244,7 @@ class ShownoticeAction extends OwnerDesignAction } /** - * Do not show aside + * Don't show aside * * @return void */ diff --git a/actions/showstream.php b/actions/showstream.php index 4952ebdb7..663638c18 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -253,7 +253,7 @@ class ShowstreamAction extends ProfileAction } } -// We do not show the author for a profile, since we already know who it is! +// We don't show the author for a profile, since we already know who it is! class ProfileNoticeList extends NoticeList { diff --git a/actions/sup.php b/actions/sup.php index a199f247e..5daf0a1c1 100644 --- a/actions/sup.php +++ b/actions/sup.php @@ -61,7 +61,7 @@ class SupAction extends Action $notice = new Notice(); # XXX: cache this. Depends on how big this protocol becomes; - # Re-doing this query every 15 seconds is not the end of the world. + # Re-doing this query every 15 seconds isn't the end of the world. $divider = common_sql_date(time() - $seconds); diff --git a/actions/twitapisearchatom.php b/actions/twitapisearchatom.php index 511d7cdc6..7d618c471 100644 --- a/actions/twitapisearchatom.php +++ b/actions/twitapisearchatom.php @@ -250,7 +250,7 @@ class TwitapisearchatomAction extends ApiAction } // FIXME: this alternate link is not quite right because our - // web-based notice search does not support a rpp (responses per + // web-based notice search doesn't support a rpp (responses per // page) param yet $this->element('link', array('type' => 'text/html', diff --git a/actions/twitapitrends.php b/actions/twitapitrends.php index 2d17e77cc..779405e6d 100644 --- a/actions/twitapitrends.php +++ b/actions/twitapitrends.php @@ -55,7 +55,7 @@ class TwitapitrendsAction extends ApiAction * * @param array $args Web and URL arguments * - * @return boolean false if user does not exist + * @return boolean false if user doesn't exist */ function prepare($args) { diff --git a/classes/File_redirection.php b/classes/File_redirection.php index c951c1ee7..08a6e8d8b 100644 --- a/classes/File_redirection.php +++ b/classes/File_redirection.php @@ -53,7 +53,7 @@ class File_redirection extends Memcached_DataObject 'connect_timeout' => 10, // # seconds to wait 'max_redirs' => $redirs, // # max number of http redirections to follow 'follow_redirects' => true, // Follow redirects - 'store_body' => false, // We will not need body content here. + 'store_body' => false, // We won't need body content here. )); return $request; } @@ -81,12 +81,12 @@ class File_redirection extends Memcached_DataObject } try { $request = self::_commonHttp($short_url, $redirs); - // Do not include body in output + // Don't include body in output $request->setMethod(HTTP_Request2::METHOD_HEAD); $response = $request->send(); if (405 == $response->getStatus()) { - // Server does not support HEAD method? Can this really happen? + // Server doesn't support HEAD method? Can this really happen? // We'll try again as a GET and ignore the response data. $request = self::_commonHttp($short_url, $redirs); $response = $request->send(); @@ -178,7 +178,7 @@ class File_redirection extends Memcached_DataObject case 'aim': case 'jabber': case 'xmpp': - // do not touch anything + // don't touch anything break; default: diff --git a/classes/Notice.php b/classes/Notice.php index 32a8b693c..9886875cb 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -146,7 +146,7 @@ class Notice extends Memcached_DataObject /* Add them to the database */ foreach(array_unique($hashtags) as $hashtag) { - /* elide characters we do not want in the tag */ + /* elide characters we don't want in the tag */ $this->saveTag($hashtag); } return true; @@ -1105,7 +1105,7 @@ class Notice extends Memcached_DataObject if (empty($recipient)) { continue; } - // Do not save replies from blocked profile to local user + // Don't save replies from blocked profile to local user $recipient_user = User::staticGet('id', $recipient->id); if (!empty($recipient_user) && $recipient_user->hasBlocked($sender)) { continue; @@ -1131,7 +1131,7 @@ class Notice extends Memcached_DataObject $tagged = Profile_tag::getTagged($sender->id, $tag); foreach ($tagged as $t) { if (!$replied[$t->id]) { - // Do not save replies from blocked profile to local user + // Don't save replies from blocked profile to local user $t_user = User::staticGet('id', $t->id); if ($t_user && $t_user->hasBlocked($sender)) { continue; diff --git a/classes/Profile.php b/classes/Profile.php index a50f4951d..7c1e9db33 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -101,7 +101,7 @@ class Profile extends Memcached_DataObject } foreach (array(AVATAR_PROFILE_SIZE, AVATAR_STREAM_SIZE, AVATAR_MINI_SIZE) as $size) { - # We do not do a scaled one if original is our scaled size + # We don't do a scaled one if original is our scaled size if (!($avatar->width == $size && $avatar->height == $size)) { $scaled_filename = $imagefile->resize($size); @@ -174,7 +174,7 @@ class Profile extends Memcached_DataObject function getNotices($offset=0, $limit=NOTICES_PER_PAGE, $since_id=0, $max_id=0, $since=null) { - // XXX: I'm not sure this is going to be any faster. It probably is not. + // XXX: I'm not sure this is going to be any faster. It probably isn't. $ids = Notice::stream(array($this, '_streamDirect'), array(), 'profile:notice_ids:' . $this->id, diff --git a/classes/User.php b/classes/User.php index c529b82e0..9b90ce61b 100644 --- a/classes/User.php +++ b/classes/User.php @@ -87,7 +87,7 @@ class User extends Memcached_DataObject return (is_null($sub)) ? false : true; } - // 'update' will not write key columns, so we have to do it ourselves. + // 'update' won't write key columns, so we have to do it ourselves. function updateKeys(&$orig) { @@ -384,7 +384,7 @@ class User extends Memcached_DataObject return false; } - // Otherwise, cache does not have all faves; + // Otherwise, cache doesn't have all faves; // fall through to the default } @@ -463,7 +463,7 @@ class User extends Memcached_DataObject { $cache = common_memcache(); if ($cache) { - // Faves do not happen chronologically, so we need to blow + // Faves don't happen chronologically, so we need to blow // ;last cache, too $cache->delete(common_cache_key('fave:ids_by_user:'.$this->id)); $cache->delete(common_cache_key('fave:ids_by_user:'.$this->id.';last')); diff --git a/lib/api.php b/lib/api.php index fb4c4289b..a1236ab7e 100644 --- a/lib/api.php +++ b/lib/api.php @@ -66,7 +66,7 @@ class ApiAction extends Action * * @param array $args Web and URL arguments * - * @return boolean false if user does not exist + * @return boolean false if user doesn't exist */ function prepare($args) @@ -138,7 +138,7 @@ class ApiAction extends Action $design = null; $user = $profile->getUser(); - // Note: some profiles do not have an associated user + // Note: some profiles don't have an associated user if (!empty($user)) { $design = $user->getDesign(); @@ -203,7 +203,7 @@ class ApiAction extends Action if ($get_notice) { $notice = $profile->getCurrentNotice(); if ($notice) { - # do not get user! + # don't get user! $twitter_user['status'] = $this->twitterStatusArray($notice, false); } } @@ -263,7 +263,7 @@ class ApiAction extends Action } if ($include_user) { - # Do not get notice (recursive!) + # Don't get notice (recursive!) $twitter_user = $this->twitterUserArray($profile, false); $twitter_status['user'] = $twitter_user; } @@ -1074,7 +1074,7 @@ class ApiAction extends Action function initTwitterAtom() { $this->startXML(); - // FIXME: do not hardcode the language here! + // FIXME: don't hardcode the language here! $this->elementStart('feed', array('xmlns' => 'http://www.w3.org/2005/Atom', 'xml:lang' => 'en-US', 'xmlns:thr' => 'http://purl.org/syndication/thread/1.0')); @@ -1116,7 +1116,7 @@ class ApiAction extends Action return User::staticGet('nickname', $nickname); } else if ($this->arg('user_id')) { // This is to ensure that a non-numeric user_id still - // overrides screen_name even if it does not get used + // overrides screen_name even if it doesn't get used if (is_numeric($this->arg('user_id'))) { return User::staticGet('id', $this->arg('user_id')); } @@ -1146,7 +1146,7 @@ class ApiAction extends Action return User_group::staticGet('nickname', $nickname); } else if ($this->arg('group_id')) { // This is to ensure that a non-numeric user_id still - // overrides screen_name even if it does not get used + // overrides screen_name even if it doesn't get used if (is_numeric($this->arg('group_id'))) { return User_group::staticGet('id', $this->arg('group_id')); } diff --git a/lib/apiauth.php b/lib/apiauth.php index b8189f15d..2f2e44a26 100644 --- a/lib/apiauth.php +++ b/lib/apiauth.php @@ -87,7 +87,7 @@ class ApiAuthAction extends ApiAction } /** - * Check for a user specified via HTTP basic auth. If there is not + * Check for a user specified via HTTP basic auth. If there isn't * one, try to get one by outputting the basic auth header. * * @return boolean true or false diff --git a/lib/dberroraction.php b/lib/dberroraction.php index 893797b70..2cb66a022 100644 --- a/lib/dberroraction.php +++ b/lib/dberroraction.php @@ -39,7 +39,7 @@ require_once INSTALLDIR.'/lib/servererroraction.php'; * * This only occurs if there's been a DB_DataObject_Error that's * reported through PEAR, so we try to avoid doing anything that connects - * to the DB, so we do not trigger it again. + * to the DB, so we don't trigger it again. * * @category Action * @package StatusNet @@ -62,12 +62,12 @@ class DBErrorAction extends ServerErrorAction function getLanguage() { - // Do not try to figure out user's language; just show the page + // Don't try to figure out user's language; just show the page return common_config('site', 'language'); } function showPrimaryNav() { - // do not show primary nav + // don't show primary nav } } diff --git a/lib/error.php b/lib/error.php index 5ed5dec1b..3162cfe65 100644 --- a/lib/error.php +++ b/lib/error.php @@ -104,11 +104,11 @@ class ErrorAction extends Action { parent::showPage(); - // We do not want to have any more output after this + // We don't want to have any more output after this exit(); } - // Overload a bunch of stuff so the page is not too bloated + // Overload a bunch of stuff so the page isn't too bloated function showBody() { diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php index 73bd9ce81..c2ec83c28 100644 --- a/lib/htmloutputter.php +++ b/lib/htmloutputter.php @@ -76,7 +76,7 @@ class HTMLOutputter extends XMLOutputter /** * Start an HTML document * - * If $type is not specified, will attempt to do content negotiation. + * If $type isn't specified, will attempt to do content negotiation. * * Attempts to do content negotiation for language, also. * diff --git a/lib/imagefile.php b/lib/imagefile.php index edc7218d0..cf1668f20 100644 --- a/lib/imagefile.php +++ b/lib/imagefile.php @@ -119,7 +119,7 @@ class ImageFile return; } - // Do not crop/scale if it is not necessary + // Don't crop/scale if it isn't necessary if ($size === $this->width && $size === $this->height && $x === 0 diff --git a/lib/jabber.php b/lib/jabber.php index d666fcbb3..73f2ec660 100644 --- a/lib/jabber.php +++ b/lib/jabber.php @@ -437,7 +437,7 @@ function jabber_public_notice($notice) $public = common_config('xmpp', 'public'); - // FIXME PRIV do not send out private messages here + // FIXME PRIV don't send out private messages here // XXX: should we send out non-local messages if public,localonly // = false? I think not diff --git a/lib/mail.php b/lib/mail.php index 79630b721..5218059e9 100644 --- a/lib/mail.php +++ b/lib/mail.php @@ -467,7 +467,7 @@ function mail_notify_nudge($from, $to) "these days and is inviting you to post some news.\n\n". "So let's hear from you :)\n\n". "%3\$s\n\n". - "Do not reply to this email. It will not get to them.\n\n". + "Don't reply to this email; it won't get to them.\n\n". "With kind regards,\n". "%4\$s\n"), $from_profile->getBestName(), @@ -516,7 +516,7 @@ function mail_notify_message($message, $from=null, $to=null) "------------------------------------------------------\n\n". "You can reply to their message here:\n\n". "%4\$s\n\n". - "Do not reply to this email. It will not get to them.\n\n". + "Don't reply to this email; it won't get to them.\n\n". "With kind regards,\n". "%5\$s\n"), $from_profile->getBestName(), @@ -532,7 +532,7 @@ function mail_notify_message($message, $from=null, $to=null) /** * notify a user that one of their notices has been chosen as a 'fave' * - * Does not check that the user has an email address nor if they + * Doesn't check that the user has an email address nor if they * want to receive notification of faves. Maybe this happens higher * up the stack...? * diff --git a/lib/noticelist.php b/lib/noticelist.php index 4e5623ded..bf12bb73c 100644 --- a/lib/noticelist.php +++ b/lib/noticelist.php @@ -347,7 +347,7 @@ class NoticeListItem extends Widget * show the link to the main page for the notice * * Displays a link to the page for a notice, with "relative" time. Tries to - * get remote notice URLs correct, but does not always succeed. + * get remote notice URLs correct, but doesn't always succeed. * * @return void */ @@ -483,7 +483,7 @@ class NoticeListItem extends Widget * show a link to reply to the current notice * * Should either do the reply in the current notice form (if available), or - * link out to the notice-posting form. A little flakey, does not always work. + * link out to the notice-posting form. A little flakey, doesn't always work. * * @return void */ diff --git a/lib/queuehandler.php b/lib/queuehandler.php index 7c07ca4f9..cd43b1e09 100644 --- a/lib/queuehandler.php +++ b/lib/queuehandler.php @@ -96,8 +96,8 @@ class QueueHandler extends Daemon * Initialization, run when the queue handler starts. * If this function indicates failure, the handler run will be aborted. * - * @fixme run() will abort if this does not return true, - * but some subclasses do not bother. + * @fixme run() will abort if this doesn't return true, + * but some subclasses don't bother. * @return boolean true on success, false on failure */ function start() @@ -108,8 +108,8 @@ class QueueHandler extends Daemon * Cleanup, run when the queue handler ends. * If this function indicates failure, a warning will be logged. * - * @fixme run() will throw warnings if this does not return true, - * but many subclasses do not bother. + * @fixme run() will throw warnings if this doesn't return true, + * but many subclasses don't bother. * @return boolean true on success, false on failure */ function finish() @@ -137,7 +137,7 @@ class QueueHandler extends Daemon * method, which passes control back to our handle_notice() method for * each notice that comes in on the queue. * - * Most of the time this will not need to be overridden in a subclass. + * Most of the time this won't need to be overridden in a subclass. * * @return boolean true on success, false on failure */ @@ -173,7 +173,7 @@ class QueueHandler extends Daemon * Called by QueueHandler after each handled item or empty polling cycle. * This is a good time to e.g. service your XMPP connection. * - * Does not need to be overridden if there's no maintenance to do. + * Doesn't need to be overridden if there's no maintenance to do. * * @param int $timeout seconds to sleep if there's nothing to do */ diff --git a/lib/rssaction.php b/lib/rssaction.php index 0e84a65e9..faf6bec7d 100644 --- a/lib/rssaction.php +++ b/lib/rssaction.php @@ -386,7 +386,7 @@ class Rss10Action extends Action return null; } - // FIXME: does not handle modified profiles, avatars, deleted notices + // FIXME: doesn't handle modified profiles, avatars, deleted notices return strtotime($this->notices[0]->created); } diff --git a/lib/search_engines.php b/lib/search_engines.php index 82713235c..69f6ff468 100644 --- a/lib/search_engines.php +++ b/lib/search_engines.php @@ -119,7 +119,7 @@ class MySQLSearch extends SearchEngine return true; } else if ('identica_notices' === $this->table) { - // Do not show imported notices + // Don't show imported notices $this->target->whereAdd('notice.is_local != ' . Notice::GATEWAY); if (strtolower($q) != $q) { diff --git a/lib/util.php b/lib/util.php index b4f5af1af..a4865c46c 100644 --- a/lib/util.php +++ b/lib/util.php @@ -62,7 +62,7 @@ function common_init_language() $locale_set = common_init_locale($language); setlocale(LC_CTYPE, 'C'); - // So we do not have to make people install the gettext locales + // So we don't have to make people install the gettext locales $path = common_config('site','locale_path'); bindtextdomain("statusnet", $path); bind_textdomain_codeset("statusnet", "UTF-8"); @@ -139,7 +139,7 @@ function common_check_user($nickname, $password) } } }else{ - //no handler indicated the credentials were valid, and we know their not valid because the user is not in the database + //no handler indicated the credentials were valid, and we know their not valid because the user isn't in the database return false; } } else { @@ -396,7 +396,7 @@ function common_current_user() } // Logins that are 'remembered' aren't 'real' -- they're subject to -// cookie-stealing. So, we do not let them do certain things. New reg, +// cookie-stealing. So, we don't let them do certain things. New reg, // OpenID, and password logins _are_ real. function common_real_login($real=true) @@ -1147,7 +1147,7 @@ function common_accept_to_prefs($accept, $def = '*/*') $parts = explode(',', $accept); foreach($parts as $part) { - // FIXME: does not deal with params like 'text/html; level=1' + // FIXME: doesn't deal with params like 'text/html; level=1' @list($value, $qpart) = explode(';', trim($part)); $match = array(); if(!isset($qpart)) { @@ -1346,7 +1346,7 @@ function common_error_handler($errno, $errstr, $errfile, $errline, $errcontext) } // FIXME: show error page if we're on the Web - /* Do not execute PHP internal error handler */ + /* Don't execute PHP internal error handler */ return true; } @@ -1448,7 +1448,7 @@ function common_shorten_url($long_url) } global $_shorteners; if (!isset($_shorteners[$svc])) { - //the user selected service does not exist, so default to ur1.ca + //the user selected service doesn't exist, so default to ur1.ca $svc = 'ur1.ca'; } if (!isset($_shorteners[$svc])) { diff --git a/lib/xmloutputter.php b/lib/xmloutputter.php index 9d862b2d0..5f06e491d 100644 --- a/lib/xmloutputter.php +++ b/lib/xmloutputter.php @@ -112,7 +112,7 @@ class XMLOutputter * * Utility for outputting an XML element. A convenient wrapper * for a bunch of longer XMLWriter calls. This is best for - * when an element does not have any sub-elements; if that's the + * when an element doesn't have any sub-elements; if that's the * case, use elementStart() and elementEnd() instead. * * The $content element will be escaped for XML. If you need diff --git a/lib/xmppqueuehandler.php b/lib/xmppqueuehandler.php index 7caa078ae..f28fc9088 100644 --- a/lib/xmppqueuehandler.php +++ b/lib/xmppqueuehandler.php @@ -37,7 +37,7 @@ class XmppQueueHandler extends QueueHandler function start() { - # Low priority; we do not want to receive messages + # Low priority; we don't want to receive messages $this->log(LOG_INFO, "INITIALIZE"); $this->conn = jabber_connect($this->_id.$this->transport()); diff --git a/plugins/Autocomplete/autocomplete.php b/plugins/Autocomplete/autocomplete.php index aeb100cfa..379390ffd 100644 --- a/plugins/Autocomplete/autocomplete.php +++ b/plugins/Autocomplete/autocomplete.php @@ -79,7 +79,7 @@ class AutocompleteAction extends Action function etag() { return '"' . implode(':', array($this->arg('action'), - crc32($this->arg('q')), //the actual string can have funny characters in we do not want showing up in the etag + crc32($this->arg('q')), //the actual string can have funny characters in we don't want showing up in the etag $this->arg('limit'), $this->lastModified())) . '"'; } diff --git a/plugins/BlogspamNetPlugin.php b/plugins/BlogspamNetPlugin.php index bf60fdcaf..51236001a 100644 --- a/plugins/BlogspamNetPlugin.php +++ b/plugins/BlogspamNetPlugin.php @@ -85,7 +85,7 @@ class BlogspamNetPlugin extends Plugin } else if (preg_match('/^SPAM(:(.*))?$/', $response, $match)) { throw new ClientException(sprintf(_("Spam checker results: %s"), $match[2]), 400); } else if (preg_match('/^OK$/', $response)) { - // do not do anything + // don't do anything } else { throw new ServerException(sprintf(_("Unexpected response from %s: %s"), $this->baseUrl, $response), 500); } diff --git a/plugins/Facebook/FBConnectAuth.php b/plugins/Facebook/FBConnectAuth.php index 165477419..b909a4977 100644 --- a/plugins/Facebook/FBConnectAuth.php +++ b/plugins/Facebook/FBConnectAuth.php @@ -71,7 +71,7 @@ class FBConnectauthAction extends Action 'There is already a local user (' . $flink->user_id . ') linked with this Facebook (' . $this->fbuid . ').'); - // We do not want these cookies + // We don't want these cookies getFacebook()->clear_cookie_state(); $this->clientError(_('There is already a local user linked with this Facebook.')); @@ -364,7 +364,7 @@ class FBConnectauthAction extends Action { $url = common_get_returnto(); if ($url) { - // We do not have to return to it again + // We don't have to return to it again common_set_returnto(null); } else { $url = common_local_url('all', diff --git a/plugins/Facebook/FacebookPlugin.php b/plugins/Facebook/FacebookPlugin.php index cd1ad7b45..b68534b24 100644 --- a/plugins/Facebook/FacebookPlugin.php +++ b/plugins/Facebook/FacebookPlugin.php @@ -182,7 +182,7 @@ class FacebookPlugin extends Plugin $login_url = common_local_url('FBConnectAuth'); $logout_url = common_local_url('logout'); - // XXX: Facebook says we do not need this FB_RequireFeatures(), + // XXX: Facebook says we don't need this FB_RequireFeatures(), // but we actually do, for IE and Safari. Gar. $js = '"; } else { diff --git a/plugins/Facebook/facebook/facebook_desktop.php b/plugins/Facebook/facebook/facebook_desktop.php index 425bb5c7b..e79a2ca34 100644 --- a/plugins/Facebook/facebook/facebook_desktop.php +++ b/plugins/Facebook/facebook/facebook_desktop.php @@ -93,7 +93,7 @@ class FacebookDesktop extends Facebook { } public function verify_signature($fb_params, $expected_sig) { - // we do not want to verify the signature until we have a valid + // we don't want to verify the signature until we have a valid // session secret if ($this->verify_sig) { return parent::verify_signature($fb_params, $expected_sig); diff --git a/plugins/Facebook/facebook/facebookapi_php5_restlib.php b/plugins/Facebook/facebook/facebookapi_php5_restlib.php index c742df748..55cb7fb86 100755 --- a/plugins/Facebook/facebook/facebookapi_php5_restlib.php +++ b/plugins/Facebook/facebook/facebookapi_php5_restlib.php @@ -46,7 +46,7 @@ class FacebookRestClient { // on canvas pages public $added; public $is_user; - // we do not pass friends list to iframes, but we want to make + // we don't pass friends list to iframes, but we want to make // friends_get really simple in the canvas_user (non-logged in) case. // So we use the canvas_user as default arg to friends_get public $canvas_user; @@ -657,7 +657,7 @@ function toggleDisplay(id, type) { * deleted. * * IMPORTANT: If your application has registered public tags - * that other applications may be using, do not delete those tags! + * that other applications may be using, don't delete those tags! * Doing so can break the FBML ofapplications that are using them. * * @param array $tag_names the names of the tags to delete (optinal) @@ -820,7 +820,7 @@ function toggleDisplay(id, type) { if (is_array($target_ids)) { $target_ids = json_encode($target_ids); - $target_ids = trim($target_ids, "[]"); // we do not want square brackets + $target_ids = trim($target_ids, "[]"); // we don't want square brackets } return $this->call_method('facebook.feed.publishUserAction', diff --git a/plugins/Facebook/facebook/jsonwrapper/jsonwrapper.php b/plugins/Facebook/facebook/jsonwrapper/jsonwrapper.php index 9c6c62663..29509deba 100644 --- a/plugins/Facebook/facebook/jsonwrapper/jsonwrapper.php +++ b/plugins/Facebook/facebook/jsonwrapper/jsonwrapper.php @@ -1,5 +1,5 @@ location_id = $n->geonameId; $location->location_ns = self::NAMESPACE; - // handled, do not continue processing! + // handled, don't continue processing! return false; } } - // Continue processing; we do not have the answer + // Continue processing; we don't have the answer return true; } @@ -217,7 +217,7 @@ class GeonamesPlugin extends Plugin } } - // For some reason we do not know, so pass. + // For some reason we don't know, so pass. return true; } @@ -299,7 +299,7 @@ class GeonamesPlugin extends Plugin $url = 'http://www.geonames.org/' . $location->location_id; - // it's been filled, so do not process further. + // it's been filled, so don't process further. return false; } } diff --git a/plugins/OpenID/finishopenidlogin.php b/plugins/OpenID/finishopenidlogin.php index b5d978294..ff0b451d3 100644 --- a/plugins/OpenID/finishopenidlogin.php +++ b/plugins/OpenID/finishopenidlogin.php @@ -341,7 +341,7 @@ class FinishopenidloginAction extends Action { $url = common_get_returnto(); if ($url) { - # We do not have to return to it again + # We don't have to return to it again common_set_returnto(null); } else { $url = common_local_url('all', @@ -421,7 +421,7 @@ class FinishopenidloginAction extends Action $parts = parse_url($openid); - # If any of these parts exist, this will not work + # If any of these parts exist, this won't work foreach ($bad as $badpart) { if (array_key_exists($badpart, $parts)) { diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php index c5f6d1713..ff7a93899 100644 --- a/plugins/OpenID/openid.php +++ b/plugins/OpenID/openid.php @@ -187,7 +187,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) $form_html = $auth_request->formMarkup($trust_root, $process_url, $immediate, array('id' => $form_id)); - # XXX: This is cheap, but things choke if we do not escape ampersands + # XXX: This is cheap, but things choke if we don't escape ampersands # in the HTML attributes $form_html = preg_replace('/&/', '&', $form_html); diff --git a/plugins/PiwikAnalyticsPlugin.php b/plugins/PiwikAnalyticsPlugin.php index 81ef7c683..54faa0bdb 100644 --- a/plugins/PiwikAnalyticsPlugin.php +++ b/plugins/PiwikAnalyticsPlugin.php @@ -44,7 +44,7 @@ if (!defined('STATUSNET')) { * 'piwikId' => 'id')); * * Replace 'example.com/piwik/' with the URL to your Piwik installation and - * make sure you do not forget the final /. + * make sure you don't forget the final /. * Replace 'id' with the ID your statusnet installation has in your Piwik * analytics setup - for example '8'. * diff --git a/plugins/Realtime/RealtimePlugin.php b/plugins/Realtime/RealtimePlugin.php index 88a87dcf9..0c7c1240c 100644 --- a/plugins/Realtime/RealtimePlugin.php +++ b/plugins/Realtime/RealtimePlugin.php @@ -240,7 +240,7 @@ class RealtimePlugin extends Plugin // FIXME: this code should be abstracted to a neutral third // party, like Notice::asJson(). I'm not sure of the ethics // of refactoring from within a plugin, so I'm just abusing - // the ApiAction method. Do not do this unless you're me! + // the ApiAction method. Don't do this unless you're me! require_once(INSTALLDIR.'/lib/api.php'); diff --git a/plugins/TwitterBridge/daemons/synctwitterfriends.php b/plugins/TwitterBridge/daemons/synctwitterfriends.php index c89c02eed..671e3c7af 100755 --- a/plugins/TwitterBridge/daemons/synctwitterfriends.php +++ b/plugins/TwitterBridge/daemons/synctwitterfriends.php @@ -115,7 +115,7 @@ class SyncTwitterFriendsDaemon extends ParallelizingDaemon // Each child ps needs its own DB connection // Note: DataObject::getDatabaseConnection() creates - // a new connection if there is not one already + // a new connection if there isn't one already $conn = &$flink->getDatabaseConnection(); diff --git a/plugins/TwitterBridge/daemons/twitterstatusfetcher.php b/plugins/TwitterBridge/daemons/twitterstatusfetcher.php index 25df0d839..b5428316b 100755 --- a/plugins/TwitterBridge/daemons/twitterstatusfetcher.php +++ b/plugins/TwitterBridge/daemons/twitterstatusfetcher.php @@ -136,7 +136,7 @@ class TwitterStatusFetcher extends ParallelizingDaemon // Each child ps needs its own DB connection // Note: DataObject::getDatabaseConnection() creates - // a new connection if there is not one already + // a new connection if there isn't one already $conn = &$flink->getDatabaseConnection(); @@ -499,7 +499,7 @@ class TwitterStatusFetcher extends ParallelizingDaemon $avatar->height = 73; } - $avatar->original = 0; // we do not have the original + $avatar->original = 0; // we don't have the original $avatar->mediatype = $mediatype; $avatar->filename = $filename; $avatar->url = Avatar::url($filename); diff --git a/plugins/TwitterBridge/twitter.php b/plugins/TwitterBridge/twitter.php index d48089caa..3c6803e49 100644 --- a/plugins/TwitterBridge/twitter.php +++ b/plugins/TwitterBridge/twitter.php @@ -33,7 +33,7 @@ function updateTwitter_user($twitter_id, $screen_name) $fuser->query('BEGIN'); - // Dropping down to SQL because regular DB_DataObject udpate stuff does not seem + // Dropping down to SQL because regular DB_DataObject udpate stuff doesn't seem // to work so good with tables that have multiple column primary keys // Any time we update the uri for a forein user we have to make sure there diff --git a/scripts/console.php b/scripts/console.php index 2a000d39b..41dd43f28 100755 --- a/scripts/console.php +++ b/scripts/console.php @@ -60,9 +60,9 @@ function read_input_line($prompt) } /** - * On Unix-like systems where PHP readline extension is not present, + * On Unix-like systems where PHP readline extension isn't present, * -cough- Mac OS X -cough- we can shell out to bash to do it for us. - * This lets us at least handle things like arrow keys, but we do not + * This lets us at least handle things like arrow keys, but we don't * get any entry history. :( * * Shamelessly ripped from when I wrote the same code for MediaWiki. :) diff --git a/scripts/maildaemon.php b/scripts/maildaemon.php index 4ec4526ef..b4e4d9f08 100755 --- a/scripts/maildaemon.php +++ b/scripts/maildaemon.php @@ -231,7 +231,7 @@ class MailerDaemon foreach ($parsed->parts as $part) { $this->extract_part($part,$msg,$attachments); } - //we do not want any attachments that are a result of this parsing + //we don't want any attachments that are a result of this parsing return $msg; } diff --git a/scripts/xmppconfirmhandler.php b/scripts/xmppconfirmhandler.php index f5f824dee..c7ed15e49 100755 --- a/scripts/xmppconfirmhandler.php +++ b/scripts/xmppconfirmhandler.php @@ -69,7 +69,7 @@ class XmppConfirmHandler extends XmppQueueHandler continue; } else { $this->log(LOG_INFO, 'Confirmation sent for ' . $confirm->address); - # Mark confirmation sent; need a dupe so we do not have the WHERE clause + # Mark confirmation sent; need a dupe so we don't have the WHERE clause $dupe = Confirm_address::staticGet('code', $confirm->code); if (!$dupe) { common_log(LOG_WARNING, 'Could not refetch confirm', __FILE__); -- cgit v1.2.3-54-g00ecf From 3be120571446880cb71a57845204b3213e6df67e Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Mon, 9 Nov 2009 17:43:37 -0500 Subject: Add a new event: CanUserChangeField --- EVENTS.txt | 4 ++++ actions/passwordsettings.php | 14 ++++++++++++++ lib/accountsettingsaction.php | 35 ++++++++++++++++++++--------------- plugins/Ldap/LdapPlugin.php | 11 +++++++++++ 4 files changed, 49 insertions(+), 15 deletions(-) (limited to 'actions') diff --git a/EVENTS.txt b/EVENTS.txt index 25a51516b..c3fe73134 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -489,6 +489,10 @@ ChangePassword: Handle a password change request - $newpassword: the desired new password - &$errormsg: set this to an error message if the password could not be changed. If the password was changed, leave this as false +CanUserChangeField: Determines if a user is allowed to change a specific profile field +- $nickname: nickname of the user who would like to know which of their profile fields are mutable +- $field: name of the field the user wants to change (nickname, fullname, password, avatar, etc) + UserDeleteRelated: Specify additional tables to delete entries from when deleting users - $user: User object - &$related: array of DB_DataObject class names to delete entries on matching user_id. diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php index 6658d279f..15539d4a0 100644 --- a/actions/passwordsettings.php +++ b/actions/passwordsettings.php @@ -58,6 +58,19 @@ class PasswordsettingsAction extends AccountSettingsAction return _('Change password'); } + function prepare($args){ + parent::prepare($args); + + $user = common_current_user(); + + Event::handle('CanUserChangeField', array($user->nickname, 'password')); + + if(! $fields['password']){ + //user is not allowed to change his password + $this->clientError(_('You are not allowed to change your password')); + } + } + /** * Instructions for use * @@ -86,6 +99,7 @@ class PasswordsettingsAction extends AccountSettingsAction function showContent() { $user = common_current_user(); + $this->elementStart('form', array('method' => 'POST', 'id' => 'form_password', 'class' => 'form_settings', diff --git a/lib/accountsettingsaction.php b/lib/accountsettingsaction.php index a004a3ed9..9865e1748 100644 --- a/lib/accountsettingsaction.php +++ b/lib/accountsettingsaction.php @@ -102,26 +102,31 @@ class AccountSettingsNav extends Widget $this->action->elementStart('ul', array('class' => 'nav')); if (Event::handle('StartAccountSettingsNav', array(&$this->action))) { + $user = common_current_user(); - $menu = - array('profilesettings' => + $menu = array(); + $menu['profilesettings'] = array(_('Profile'), - _('Change your profile settings')), - 'avatarsettings' => - array(_('Avatar'), - _('Upload an avatar')), - 'passwordsettings' => - array(_('Password'), - _('Change your password')), - 'emailsettings' => + _('Change your profile settings')); + if(Event::handle('CanUserChangeField', array($user->nickname, 'avatar'))){ + $menu['avatarsettings'] = + array(_('Avatar'), + _('Upload an avatar')); + } + if(Event::handle('CanUserChangeField', array($user->nickname, 'password'))){ + $menu['passwordsettings'] = + array(_('Password'), + _('Change your password')); + } + $menu['emailsettings'] = array(_('Email'), - _('Change email handling')), - 'userdesignsettings' => + _('Change email handling')); + $menu['userdesignsettings'] = array(_('Design'), - _('Design your profile')), - 'othersettings' => + _('Design your profile')); + $menu['othersettings'] = array(_('Other'), - _('Other options'))); + _('Other options')); foreach ($menu as $menuaction => $menudesc) { $this->action->menuItem(common_local_url($menuaction), diff --git a/plugins/Ldap/LdapPlugin.php b/plugins/Ldap/LdapPlugin.php index 755562f54..3795ffd7f 100644 --- a/plugins/Ldap/LdapPlugin.php +++ b/plugins/Ldap/LdapPlugin.php @@ -102,4 +102,15 @@ class LdapPlugin extends Plugin //return false, indicating that the event has been handled return false; } + + function onCanUserChangeField($nickname, $field) + { + switch($field) + { + case 'password': + case 'nickname': + case 'email': + return false; + } + } } -- cgit v1.2.3-54-g00ecf From 322a4c3ed1536eede0607112116ee46d592fc9a9 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 9 Nov 2009 22:06:22 -0800 Subject: Implement /api/account/update_profile_colors.format --- actions/apiaccountupdateprofilecolors.php | 237 ++++++++++++++++++++++++++++++ lib/router.php | 3 + 2 files changed, 240 insertions(+) create mode 100644 actions/apiaccountupdateprofilecolors.php (limited to 'actions') diff --git a/actions/apiaccountupdateprofilecolors.php b/actions/apiaccountupdateprofilecolors.php new file mode 100644 index 000000000..d7d2161fe --- /dev/null +++ b/actions/apiaccountupdateprofilecolors.php @@ -0,0 +1,237 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/apiauth.php'; + +/** + * Sets one or more hex values that control the color scheme of the + * authenticating user's design + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiAccountUpdateProfileColorsAction extends ApiAuthAction +{ + + var $profile_background_color = null; + var $profile_text_color = null; + var $profile_link_color = null; + var $profile_sidebar_fill_color = null; + var $profile_sidebar_border_color = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->user = $this->auth_user; + + $this->profile_background_color + = $this->trimmed('profile_background_color'); + $this->profile_text_color + = $this->trimmed('profile_text_color'); + $this->profile_link_color + = $this->trimmed('profile_link_color'); + $this->profile_sidebar_fill_color + = $this->trimmed('profile_sidebar_fill_color'); + + // XXX: we don't support changing the sidebar border color + // in our designs. + + $this->profile_sidebar_border_color + = $this->trimmed('profile_sidebar_border_color'); + + // XXX: Unlike Twitter, we do allow people to change the 'content color' + + $this->profile_content_color = $this->trimmed('profile_content_color'); + + return true; + } + + /** + * Handle the request + * + * Try to save the user's colors in her design. Create a new design + * if the user doesn't already have one. + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, $this->format + ); + return; + } + + $design = $this->user->getDesign(); + + if (!empty($design)) { + + $original = clone($design); + + try { + $this->setColors($design); + } catch (WebColorException $e) { + $this->clientError($e->getMessage()); + return false; + } + + $result = $design->update($original); + + if ($result === false) { + common_log_db_error($design, 'UPDATE', __FILE__); + $this->clientError(_('Couldn\'t update your design.')); + return; + } + + } else { + + $this->user->query('BEGIN'); + + // save new design + $design = new Design(); + + try { + $this->setColors($design); + } catch (WebColorException $e) { + $this->clientError($e->getMessage()); + return false; + } + + $id = $design->insert(); + + if (empty($id)) { + common_log_db_error($id, 'INSERT', __FILE__); + $this->clientError(_('Unable to save your design settings!')); + return; + } + + $original = clone($this->user); + $this->user->design_id = $id; + $result = $this->user->update($original); + + if (empty($result)) { + common_log_db_error($original, 'UPDATE', __FILE__); + $this->clientError(_('Unable to save your design settings!')); + $this->user->query('ROLLBACK'); + return; + } + + $this->user->query('COMMIT'); + } + + $profile = $this->user->getProfile(); + + if (empty($profile)) { + $this->clientError(_('User has no profile.')); + return; + } + + $twitter_user = $this->twitterUserArray($this->user->getProfile(), true); + + if ($this->format == 'xml') { + $this->initDocument('xml'); + $this->showTwitterXmlUser($twitter_user); + $this->endDocument('xml'); + } elseif ($this->format == 'json') { + $this->initDocument('json'); + $this->showJsonObjects($twitter_user); + $this->endDocument('json'); + } + } + + /** + * Sets the user's design colors based on the request parameters + * + * @param Design $design the user's Design + * + * @return void + */ + + function setColors($design) + { + $bgcolor = empty($this->profile_background_color) ? + null : new WebColor($this->profile_background_color); + $tcolor = empty($this->profile_text_color) ? + null : new WebColor($this->profile_text_color); + $sbcolor = empty($this->profile_sidebar_fill_color) ? + null : new WebColor($this->profile_sidebar_fill_color); + $lcolor = empty($this->profile_link_color) ? + null : new WebColor($this->profile_link_color); + $ccolor = empty($this->profile_content_color) ? + null : new WebColor($this->profile_content_color); + + if (!empty($bgcolor)) { + $design->backgroundcolor = $bgcolor->intValue(); + } + + if (!empty($ccolor)) { + $design->contentcolor = $ccolor->intValue(); + } + + if (!empty($sbcolor)) { + $design->sidebarcolor = $sbcolor->intValue(); + } + + if (!empty($tcolor)) { + $design->textcolor = $tcolor->intValue(); + } + + if (!empty($lcolor)) { + $design->linkcolor = $lcolor->intValue(); + } + + return true; + } + +} diff --git a/lib/router.php b/lib/router.php index d47828d1c..03f6036b2 100644 --- a/lib/router.php +++ b/lib/router.php @@ -434,6 +434,9 @@ class Router $m->connect('api/account/update_profile_background_image.:format', array('action' => 'ApiAccountUpdateProfileBackgroundImage')); + $m->connect('api/account/update_profile_colors.:format', + array('action' => 'ApiAccountUpdateProfileColors')); + // special case where verify_credentials is called w/out a format $m->connect('api/account/verify_credentials', -- cgit v1.2.3-54-g00ecf From 312c745884654a461ed6da22eebe78f07f500426 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 9 Nov 2009 23:13:59 -0800 Subject: Implement /api/account/update_profile.format --- actions/apiaccountupdateprofile.php | 157 ++++++++++++++++++++++++++++++++++++ lib/router.php | 3 + 2 files changed, 160 insertions(+) create mode 100644 actions/apiaccountupdateprofile.php (limited to 'actions') diff --git a/actions/apiaccountupdateprofile.php b/actions/apiaccountupdateprofile.php new file mode 100644 index 000000000..8af0fb866 --- /dev/null +++ b/actions/apiaccountupdateprofile.php @@ -0,0 +1,157 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/apiauth.php'; + +/** + * API analog to the profile settings page + * Only the parameters specified will be updated. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiAccountUpdateProfileAction extends ApiAuthAction +{ + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->user = $this->auth_user; + + $this->name = $this->trimmed('name'); + $this->url = $this->trimmed('url'); + $this->location = $this->trimmed('location'); + $this->description = $this->trimmed('description'); + + return true; + } + + /** + * Handle the request + * + * See which request params have been set, and update the profile + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, $this->format + ); + return; + } + + if (empty($this->user)) { + $this->clientError(_('No such user.'), 404, $this->format); + return; + } + + $profile = $this->user->getProfile(); + + if (empty($profile)) { + $this->clientError(_('User has no profile.')); + return; + } + + $original = clone($profile); + + if (empty($this->name)) { + $profile->fullname = $this->name; + } + + if (empty($this->url)) { + $profile->homepage = $this->url; + } + + if (!empty($this->description)) { + $profile->bio = $this->description; + } + + if (!empty($this->location)) { + $profile->location = $this->location; + + $loc = Location::fromName($location); + + if (!empty($loc)) { + $profile->lat = $loc->lat; + $profile->lon = $loc->lon; + $profile->location_id = $loc->location_id; + $profile->location_ns = $loc->location_ns; + } + } + + $result = $profile->update($original); + + if (!$result) { + common_log_db_error($profile, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t save profile.')); + return; + } + + common_broadcast_profile($profile); + + $twitter_user = $this->twitterUserArray($profile, true); + + if ($this->format == 'xml') { + $this->initDocument('xml'); + $this->showTwitterXmlUser($twitter_user); + $this->endDocument('xml'); + } elseif ($this->format == 'json') { + $this->initDocument('json'); + $this->showJsonObjects($twitter_user); + $this->endDocument('json'); + } + } + +} diff --git a/lib/router.php b/lib/router.php index 03f6036b2..35f43e5cb 100644 --- a/lib/router.php +++ b/lib/router.php @@ -428,6 +428,9 @@ class Router $m->connect('api/account/verify_credentials.:format', array('action' => 'ApiAccountVerifyCredentials')); + $m->connect('api/account/update_profile.:format', + array('action' => 'ApiAccountUpdateProfile')); + $m->connect('api/account/update_profile_image.:format', array('action' => 'ApiAccountUpdateProfileImage')); -- cgit v1.2.3-54-g00ecf From c8bd6d9f7afde597f3b404acb05622a73f3738f7 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 9 Nov 2009 23:56:02 -0800 Subject: Make /api/account/update_profile_background_image.format work even when there isn't an existing Design for the user. Plus a few other fixups. --- actions/apiaccountratelimitstatus.php | 2 +- actions/apiaccountupdateprofile.php | 11 ++++- actions/apiaccountupdateprofilebackgroundimage.php | 57 +++++++++++++++++++--- actions/apiaccountupdateprofilecolors.php | 17 +++++-- actions/apiaccountupdateprofileimage.php | 4 +- 5 files changed, 75 insertions(+), 16 deletions(-) (limited to 'actions') diff --git a/actions/apiaccountratelimitstatus.php b/actions/apiaccountratelimitstatus.php index 96179f175..1a5afd552 100644 --- a/actions/apiaccountratelimitstatus.php +++ b/actions/apiaccountratelimitstatus.php @@ -67,7 +67,7 @@ class ApiAccountRateLimitStatusAction extends ApiBareAuthAction if (!in_array($this->format, array('xml', 'json'))) { $this->clientError( - _('API method not found!'), + _('API method not found.'), 404, $this->format ); diff --git a/actions/apiaccountupdateprofile.php b/actions/apiaccountupdateprofile.php index 8af0fb866..fd4384a25 100644 --- a/actions/apiaccountupdateprofile.php +++ b/actions/apiaccountupdateprofile.php @@ -92,6 +92,15 @@ class ApiAccountUpdateProfileAction extends ApiAuthAction return; } + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError( + _('API method not found.'), + 404, + $this->format + ); + return; + } + if (empty($this->user)) { $this->clientError(_('No such user.'), 404, $this->format); return; @@ -135,7 +144,7 @@ class ApiAccountUpdateProfileAction extends ApiAuthAction if (!$result) { common_log_db_error($profile, 'UPDATE', __FILE__); - $this->serverError(_('Couldn\'t save profile.')); + $this->serverError(_('Could not save profile.')); return; } diff --git a/actions/apiaccountupdateprofilebackgroundimage.php b/actions/apiaccountupdateprofilebackgroundimage.php index 26d55d448..3537b9f97 100644 --- a/actions/apiaccountupdateprofilebackgroundimage.php +++ b/actions/apiaccountupdateprofilebackgroundimage.php @@ -89,6 +89,15 @@ class ApiAccountUpdateProfileBackgroundImageAction extends ApiAuthAction return; } + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError( + _('API method not found.'), + 404, + $this->format + ); + return; + } + // Workaround for PHP returning empty $_POST and $_FILES when POST // length > post_max_size in php.ini @@ -104,10 +113,46 @@ class ApiAccountUpdateProfileBackgroundImageAction extends ApiAuthAction } if (empty($this->user)) { - $this->clientError(_('No such user!'), 404, $this->format); + $this->clientError(_('No such user.'), 404, $this->format); return; } + $design = $this->user->getDesign(); + + // XXX: This is kinda gross, but before we can add a background + // img we have to make sure there's a Design because design ID + // is part of the img filename. + + if (empty($design)) { + + $this->user->query('BEGIN'); + + // save new design + $design = new Design(); + $id = $design->insert(); + + if (empty($id)) { + common_log_db_error($id, 'INSERT', __FILE__); + $this->clientError(_('Unable to save your design settings.')); + return; + } + + $original = clone($this->user); + $this->user->design_id = $id; + $result = $this->user->update($original); + + if (empty($result)) { + common_log_db_error($original, 'UPDATE', __FILE__); + $this->clientError(_('Unable to save your design settings.')); + $this->user->query('ROLLBACK'); + return; + } + + $this->user->query('COMMIT'); + } + + // Okay, now get the image and add it to the design + try { $imagefile = ImageFile::fromUpload('image'); } catch (Exception $e) { @@ -115,8 +160,6 @@ class ApiAccountUpdateProfileBackgroundImageAction extends ApiAuthAction return; } - $design = $this->user->getDesign(); - $filename = Design::filename( $design->id, image_type_to_extension($imagefile->type), @@ -134,16 +177,14 @@ class ApiAccountUpdateProfileBackgroundImageAction extends ApiAuthAction } $original = clone($design); - $design->backgroundimage = $filename; - - $design->setDisposition(true, false, !empty($this->tile)); + $design->setDisposition(true, false, ($this->tile == 'true')); $result = $design->update($original); if ($result === false) { common_log_db_error($design, 'UPDATE', __FILE__); - $this->showForm(_('Couldn\'t update your design.')); + $this->showForm(_('Could not update your design.')); return; } @@ -154,7 +195,7 @@ class ApiAccountUpdateProfileBackgroundImageAction extends ApiAuthAction return; } - $twitter_user = $this->twitterUserArray($this->user->getProfile(), true); + $twitter_user = $this->twitterUserArray($profile, true); if ($this->format == 'xml') { $this->initDocument('xml'); diff --git a/actions/apiaccountupdateprofilecolors.php b/actions/apiaccountupdateprofilecolors.php index d7d2161fe..3cac82974 100644 --- a/actions/apiaccountupdateprofilecolors.php +++ b/actions/apiaccountupdateprofilecolors.php @@ -113,6 +113,15 @@ class ApiAccountUpdateProfileColorsAction extends ApiAuthAction return; } + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError( + _('API method not found.'), + 404, + $this->format + ); + return; + } + $design = $this->user->getDesign(); if (!empty($design)) { @@ -130,7 +139,7 @@ class ApiAccountUpdateProfileColorsAction extends ApiAuthAction if ($result === false) { common_log_db_error($design, 'UPDATE', __FILE__); - $this->clientError(_('Couldn\'t update your design.')); + $this->clientError(_('Could not update your design.')); return; } @@ -152,7 +161,7 @@ class ApiAccountUpdateProfileColorsAction extends ApiAuthAction if (empty($id)) { common_log_db_error($id, 'INSERT', __FILE__); - $this->clientError(_('Unable to save your design settings!')); + $this->clientError(_('Unable to save your design settings.')); return; } @@ -162,7 +171,7 @@ class ApiAccountUpdateProfileColorsAction extends ApiAuthAction if (empty($result)) { common_log_db_error($original, 'UPDATE', __FILE__); - $this->clientError(_('Unable to save your design settings!')); + $this->clientError(_('Unable to save your design settings.')); $this->user->query('ROLLBACK'); return; } @@ -177,7 +186,7 @@ class ApiAccountUpdateProfileColorsAction extends ApiAuthAction return; } - $twitter_user = $this->twitterUserArray($this->user->getProfile(), true); + $twitter_user = $this->twitterUserArray($profile, true); if ($this->format == 'xml') { $this->initDocument('xml'); diff --git a/actions/apiaccountupdateprofileimage.php b/actions/apiaccountupdateprofileimage.php index 72fb361bf..153ef7818 100644 --- a/actions/apiaccountupdateprofileimage.php +++ b/actions/apiaccountupdateprofileimage.php @@ -102,7 +102,7 @@ class ApiAccountUpdateProfileImageAction extends ApiAuthAction } if (empty($this->user)) { - $this->clientError(_('No such user!'), 404, $this->format); + $this->clientError(_('No such user.'), 404, $this->format); return; } @@ -135,7 +135,7 @@ class ApiAccountUpdateProfileImageAction extends ApiAuthAction common_broadcast_profile($profile); - $twitter_user = $this->twitterUserArray($this->user->getProfile(), true); + $twitter_user = $this->twitterUserArray($profile, true); if ($this->format == 'xml') { $this->initDocument('xml'); -- cgit v1.2.3-54-g00ecf From 2f3e414cd1226b328a63854592f0783a9088baae Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Tue, 10 Nov 2009 13:08:58 +0000 Subject: Updated group block markup --- actions/groupblock.php | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'actions') diff --git a/actions/groupblock.php b/actions/groupblock.php index 133101eb7..fe09cbc2d 100644 --- a/actions/groupblock.php +++ b/actions/groupblock.php @@ -151,17 +151,19 @@ class GroupblockAction extends Action function areYouSureForm() { $id = $this->profile->id; + $this->elementStart('form', array('id' => 'block-' . $id, + 'method' => 'post', + 'class' => 'form_settings form_entity_block', + 'action' => common_local_url('groupblock'))); + $this->elementStart('fieldset'); + $this->hidden('token', common_session_token()); + $this->element('legend', _('Block user')); $this->element('p', null, sprintf(_('Are you sure you want to block user "%s" from the group "%s"? '. 'They will be removed from the group, unable to post, and '. 'unable to subscribe to the group in the future.'), $this->profile->getBestName(), $this->group->getBestName())); - $this->elementStart('form', array('id' => 'block-' . $id, - 'method' => 'post', - 'class' => 'block', - 'action' => common_local_url('groupblock'))); - $this->hidden('token', common_session_token()); $this->hidden('blockto-' . $this->profile->id, $this->profile->id, 'blockto'); @@ -173,8 +175,9 @@ class GroupblockAction extends Action $this->hidden($k, $v); } } - $this->submit('no', _('No')); - $this->submit('yes', _('Yes')); + $this->submit('form_action-no', _('No'), 'submit form_action-primary', 'no', _("Do not block this user from this group")); + $this->submit('form_action-yes', _('Yes'), 'submit form_action-secondary', 'yes', _('Block this user from this group')); + $this->elementEnd('fieldset'); $this->elementEnd('form'); } -- cgit v1.2.3-54-g00ecf From 91da72ede0b834d017165ececdc340ec0a24227b Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Tue, 10 Nov 2009 13:09:15 +0000 Subject: Updated block @title text (shouldn't say from group) --- actions/block.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'actions') diff --git a/actions/block.php b/actions/block.php index 408f16434..b125d2d8b 100644 --- a/actions/block.php +++ b/actions/block.php @@ -146,8 +146,8 @@ class BlockAction extends Action $this->hidden($k, $v); } } - $this->submit('form_action-no', _('No'), 'submit form_action-primary', 'no', _("Do not block this user from this group")); - $this->submit('form_action-yes', _('Yes'), 'submit form_action-secondary', 'yes', _('Block this user from this group')); + $this->submit('form_action-no', _('No'), 'submit form_action-primary', 'no', _("Do not block this user")); + $this->submit('form_action-yes', _('Yes'), 'submit form_action-secondary', 'yes', _('Block this user')); $this->elementEnd('fieldset'); $this->elementEnd('form'); } -- cgit v1.2.3-54-g00ecf From 27e6a3f36fb9a41d316bdd4fccd5e98c7a3e9ddc Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 10 Nov 2009 15:36:55 -0500 Subject: add lat and long parameters to api/statuses/update --- actions/apistatusesupdate.php | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php index 5c23accca..7ddf7703b 100644 --- a/actions/apistatusesupdate.php +++ b/actions/apistatusesupdate.php @@ -61,6 +61,9 @@ class ApiStatusesUpdateAction extends ApiAuthAction var $source = null; var $status = null; var $in_reply_to_status_id = null; + var $lat = null; + var $lon = null; + static $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); /** @@ -79,6 +82,8 @@ class ApiStatusesUpdateAction extends ApiAuthAction $this->user = $this->auth_user; $this->status = $this->trimmed('status'); $this->source = $this->trimmed('source'); + $this->lat = $this->trimmed('lat'); + $this->lon = $this->trimmed('long'); if (empty($this->source) || in_array($source, self::$reserved_sources)) { $this->source = 'api'; @@ -198,6 +203,12 @@ class ApiStatusesUpdateAction extends ApiAuthAction } } + $location = null; + + if (!empty($this->lat) && !empty($this->lon)) { + $location = Location::fromLatLon($this->lat, $this->lon); + } + $upload = null; try { @@ -225,7 +236,13 @@ class ApiStatusesUpdateAction extends ApiAuthAction html_entity_decode($status_shortened, ENT_NOQUOTES, 'UTF-8'), $this->source, 1, - $reply_to + $reply_to, + null, + null, + empty($location) ? null : $location->lat, + empty($location) ? null : $location->lon, + empty($location) ? null : $location->location_id, + empty($location) ? null : $location->location_ns ); if (isset($upload)) { -- cgit v1.2.3-54-g00ecf From 1cd6650ae43d548f209d68e9feaaa7185d5ffecb Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Tue, 10 Nov 2009 16:27:20 -0500 Subject: Changed to Evan's event style and added an AuthPlugin superclass --- EVENTS.txt | 6 +- actions/passwordsettings.php | 23 ++----- plugins/Auth/AuthPlugin.php | 145 +++++++++++++++++++++++++++++++++++++++++++ plugins/Ldap/LdapPlugin.php | 114 +++++++++++++++++++++++++++------- plugins/Ldap/README | 52 +++++++++++----- plugins/Ldap/ldap.php | 108 -------------------------------- 6 files changed, 282 insertions(+), 166 deletions(-) create mode 100644 plugins/Auth/AuthPlugin.php delete mode 100644 plugins/Ldap/ldap.php (limited to 'actions') diff --git a/EVENTS.txt b/EVENTS.txt index ced130f5f..97b7de299 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -491,11 +491,13 @@ EndCheckPassword: After checking a username/password pair - $password: The password that was checked - $authenticatedUser: User object if credentials match a user, else null. -ChangePassword: Handle a password change request +StartChangePassword: Before changing a password - $nickname: user's nickname - $oldpassword: the user's old password - $newpassword: the desired new password -- &$errormsg: set this to an error message if the password could not be changed. If the password was changed, leave this as false + +EndChangePassword: After changing a password +- $nickname: user's nickname CanUserChangeField: Determines if a user is allowed to change a specific profile field - $nickname: nickname of the user who would like to know which of their profile fields are mutable diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php index 024f1287f..9e79501e2 100644 --- a/actions/passwordsettings.php +++ b/actions/passwordsettings.php @@ -58,19 +58,6 @@ class PasswordsettingsAction extends AccountSettingsAction return _('Change password'); } - function prepare($args){ - parent::prepare($args); - - $user = common_current_user(); - - Event::handle('CanUserChangeField', array($user->nickname, 'password')); - - if(! $fields['password']){ - //user is not allowed to change his password - $this->clientError(_('You are not allowed to change your password')); - } - } - /** * Instructions for use * @@ -182,8 +169,8 @@ class PasswordsettingsAction extends AccountSettingsAction $oldpassword = null; } - $errormsg = false; - if(! Event::handle('ChangePassword', array($user->nickname, $oldpassword, $newpassword, &$errormsg))){ + $success = false; + if(! Event::handle('StartChangePassword', array($user->nickname, $oldpassword, $newpassword))){ //no handler changed the password, so change the password internally $original = clone($user); @@ -199,11 +186,9 @@ class PasswordsettingsAction extends AccountSettingsAction $this->serverError(_('Can\'t save new password.')); return; } + Event::handle('EndChangePassword', array($nickname)); } - if($errormsg === false) - $this->showForm(_('Password saved.'), true); - else - $this->showForm($errormsg); + $this->showForm(_('Password saved.'), true); } } diff --git a/plugins/Auth/AuthPlugin.php b/plugins/Auth/AuthPlugin.php new file mode 100644 index 000000000..71e7ae4fb --- /dev/null +++ b/plugins/Auth/AuthPlugin.php @@ -0,0 +1,145 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +/** + * Superclass for plugins that do authentication + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +abstract class AuthPlugin extends Plugin +{ + //is this plugin authoritative for authentication? + protected $authn_authoritative = false; + + //should accounts be automatically created after a successful login attempt? + protected $autoregistration = false; + + //------------Auth plugin should implement some (or all) of these methods------------\\ + /** + * Check if a nickname/password combination is valid + * @param nickname + * @param password + * @return boolean true if the credentials are valid, false if they are invalid. + */ + function checkPassword($nickname, $password) + { + return false; + } + + /** + * Automatically register a user when they attempt to login with valid credentials. + * User::register($data) is a very useful method for this implementation + * @param nickname + * @return boolean true if the user was created, false if autoregistration is not allowed, null if this plugin is not responsible for this nickname + */ + function autoRegister($nickname) + { + return null; + } + + /** + * Change a user's password + * The old password has been verified to be valid by this plugin before this call is made + * @param nickname + * @param oldpassword + * @param newpassword + * @return boolean true if the password was changed, false if password changing failed for some reason, null if this plugin is not responsible for this nickname + */ + function changePassword($nickname,$oldpassword,$newpassword) + { + return null; + } + + /** + * Can a user change this field in his own profile? + * @param nickname + * @param field + * @return boolean true if the field can be changed, false if not allowed to change it, null if this plugin is not responsible for this nickname + */ + function canUserChangeField($nickname, $field) + { + return null; + } + + //------------Below are the methods that connect StatusNet to the implementing Auth plugin------------\\ + function __construct() + { + parent::__construct(); + } + + function StartCheckPassword($nickname, $password, &$authenticatedUser){ + $authenticated = $this->checkPassword($nickname, $password); + if($authenticated){ + $authenticatedUser = User::staticGet('nickname', $nickname); + if(!$authenticatedUser && $this->autoregistration){ + if($this->autoregister($nickname)){ + $authenticatedUser = User::staticGet('nickname', $nickname); + } + } + return false; + }else{ + if($this->authn_authoritative){ + return false; + } + } + //we're not authoritative, so let other handlers try + } + + function onStartChangePassword($nickname,$oldpassword,$newpassword) + { + $authenticated = $this->checkPassword($nickname, $oldpassword); + if($authenticated){ + $result = $this->changePassword($nickname,$oldpassword,$newpassword); + if($result){ + //stop handling of other handlers, because what was requested was done + return false; + }else{ + throw new Exception(_('Password changing failed')); + } + }else{ + if($this->authn_authoritative){ + //since we're authoritative, no other plugin could do this + throw new Exception(_('Password changing failed')); + }else{ + //let another handler try + return null; + } + } + + } +} + diff --git a/plugins/Ldap/LdapPlugin.php b/plugins/Ldap/LdapPlugin.php index 3795ffd7f..8a416bccc 100644 --- a/plugins/Ldap/LdapPlugin.php +++ b/plugins/Ldap/LdapPlugin.php @@ -31,38 +31,42 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } -require_once INSTALLDIR.'/plugins/Ldap/ldap.php'; +require_once INSTALLDIR.'/plugins/Auth/AuthPlugin.php'; +require_once 'Net/LDAP2.php'; -class LdapPlugin extends Plugin +class LdapPlugin extends AuthPlugin { - private $config = array(); function __construct() { parent::__construct(); } + + //---interface implementation---// - function onCheckPassword($nickname, $password, &$authenticated) + function checkPassword($nickname, $password) { - if(ldap_check_password($nickname, $password)){ - $authenticated = true; - //stop handling of other events, because we have an answer + $ldap = $this->ldap_get_connection(); + if(!$ldap){ return false; } - if(common_config('ldap','authoritative')){ - //a false return stops handler processing + $entry = $this->ldap_get_user($nickname); + if(!$entry){ return false; + }else{ + $config = $this->ldap_get_config(); + $config['binddn']=$entry->dn(); + $config['bindpw']=$password; + if($this->ldap_get_connection($config)){ + return true; + }else{ + return false; + } } } - function onAutoRegister($nickname) + function autoRegister($nickname) { - $user = User::staticGet('nickname', $nickname); - if (! is_null($user) && $user !== false) { - common_log(LOG_WARNING, "An attempt was made to autoregister an existing user with nickname: $nickname"); - return; - } - $attributes=array(); $config_attributes = array('nickname','email','fullname','homepage','location'); foreach($config_attributes as $config_attribute){ @@ -71,7 +75,7 @@ class LdapPlugin extends Plugin array_push($attributes,$value); } } - $entry = ldap_get_user($nickname,$attributes); + $entry = $this->ldap_get_user($nickname,$attributes); if($entry){ $registration_data = array(); foreach($config_attributes as $config_attribute){ @@ -89,21 +93,22 @@ class LdapPlugin extends Plugin //set the database saved password to a random string. $registration_data['password']=common_good_rand(16); $user = User::register($registration_data); - //prevent other handlers from running, as we have registered the user - return false; + return true; + }else{ + //user isn't in ldap, so we cannot register him + return null; } } - function onChangePassword($nickname,$oldpassword,$newpassword,&$errormsg) + function changePassword($nickname,$oldpassword,$newpassword) { //TODO implement this - $errormsg = _('Sorry, changing LDAP passwords is not supported at this time'); + throw new Exception(_('Sorry, changing LDAP passwords is not supported at this time')); - //return false, indicating that the event has been handled return false; } - function onCanUserChangeField($nickname, $field) + function canUserChangeField($nickname, $field) { switch($field) { @@ -113,4 +118,67 @@ class LdapPlugin extends Plugin return false; } } + + //---utility functions---// + function ldap_get_config(){ + $config = array(); + $keys = array('host','port','version','starttls','binddn','bindpw','basedn','options','filter','scope'); + foreach($keys as $key){ + $value = $this->$key; + if($value!==false){ + $config[$key]=$value; + } + } + return $config; + } + + function ldap_get_connection($config = null){ + if($config == null){ + $config = $this->ldap_get_config(); + } + + //cannot use Net_LDAP2::connect() as StatusNet uses + //PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'handleError'); + //PEAR handling can be overridden on instance objects, so we do that. + $ldap = new Net_LDAP2($config); + $ldap->setErrorHandling(PEAR_ERROR_RETURN); + $err=$ldap->bind(); + if (Net_LDAP2::isError($err)) { + common_log(LOG_WARNING, 'Could not connect to LDAP server: '.$err->getMessage()); + return false; + } + return $ldap; + } + + /** + * get an LDAP entry for a user with a given username + * + * @param string $username + * $param array $attributes LDAP attributes to retrieve + * @return string DN + */ + function ldap_get_user($username,$attributes=array()){ + $ldap = $this->ldap_get_connection(); + $filter = Net_LDAP2_Filter::create(common_config('ldap','nickname_attribute'), 'equals', $username); + $options = array( + 'scope' => 'sub', + 'attributes' => $attributes + ); + $search = $ldap->search(null,$filter,$options); + + if (PEAR::isError($search)) { + common_log(LOG_WARNING, 'Error while getting DN for user: '.$search->getMessage()); + return false; + } + + if($search->count()==0){ + return false; + }else if($search->count()==1){ + $entry = $search->shiftEntry(); + return $entry; + }else{ + common_log(LOG_WARNING, 'Found ' . $search->count() . ' ldap user with the username: ' . $username); + return false; + } + } } diff --git a/plugins/Ldap/README b/plugins/Ldap/README index 617738e0b..1b6e3e75a 100644 --- a/plugins/Ldap/README +++ b/plugins/Ldap/README @@ -2,22 +2,46 @@ The LDAP plugin allows for StatusNet to handle authentication, authorization, an Installation ============ -Add configuration entries to config.php. These entries are: +add "addPlugin('ldap', array('setting'=>'value', 'setting2'=>'value2', ...);" to the bottom of your config.php -The following are documented at http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php -$config['ldap']['binddn'] -$config['ldap']['bindpw'] -$config['ldap']['basedn'] -$config['ldap']['host'] -$config['ldap']['nickname_attribute'] Set this to the name of the ldap attribute that holds the username. For example, on Microsoft's Active Directory, this should be set to 'sAMAccountName' -$config['ldap']['nickname_email'] Set this to the name of the ldap attribute that holds the user's email address. For example, on Microsoft's Active Directory, this should be set to 'mail' -$config['ldap']['nickname_fullname'] Set this to the name of the ldap attribute that holds the user's full name. For example, on Microsoft's Active Directory, this should be set to 'displayName' -$config['ldap']['nickname_homepage'] Set this to the name of the ldap attribute that holds the the url of the user's home page. -$config['ldap']['nickname_location'] Set this to the name of the ldap attribute that holds the user's location. -$config['ldap']['authoritative'] Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check the any other plugins or the internal password database) -$config['ldap']['autoregister'] Set to true if users should be automatically created when they attempt to login +Settings +======== +authn_authoritative: Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check the any other plugins or the internal password database). +autoregistration: Set to true if users should be automatically created when they attempt to login. -Finally, add "addPlugin('ldap');" to the bottom of your config.php +host*: LDAP server name to connect to. You can provide several hosts in an array in which case the hosts are tried from left to right.. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +port: Port on the server. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +version: LDAP version. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +starttls: TLS is started after connecting. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +binddn: The distinguished name to bind as (username). See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +bindpw: Password for the binddn. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +basedn*: LDAP base name (root directory). See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +options: See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +filter: Default search filter. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +scope: Default search scope. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php +attributes: an array with the key being the StatusNet user attribute name, and the value the LDAP attribute name + nickname* + email + fullname + homepage + location + +* required + +Example +======= +Here's an example of an LDAP plugin configuration that connects to Microsoft Active Directory. + +addPlugin('ldap', array( + 'binddn'=>'username', + 'bindpw'=>'password', + 'basedn'=>'OU=Users,OU=StatusNet,OU=US,DC=americas,DC=global,DC=loc', + 'host'=>array('server1', 'server2'), + 'attributes'=>array( + 'nickname'=>'sAMAccountName', + 'email'=>'mail', + 'fullname'=>'displayName') +)); diff --git a/plugins/Ldap/ldap.php b/plugins/Ldap/ldap.php deleted file mode 100644 index d92a058fb..000000000 --- a/plugins/Ldap/ldap.php +++ /dev/null @@ -1,108 +0,0 @@ -. - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } - -require_once 'Net/LDAP2.php'; - -function ldap_get_config(){ - static $config = null; - if($config == null){ - $config = array(); - $keys = array('host','port','version','starttls','binddn','bindpw','basedn','options','scope'); - foreach($keys as $key){ - $value = common_config('ldap', $key); - if($value!==false){ - $config[$key]=$value; - } - } - } - return $config; -} - -function ldap_get_connection($config = null){ - if($config == null){ - $config = ldap_get_config(); - } - - //cannot use Net_LDAP2::connect() as StatusNet uses - //PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'handleError'); - //PEAR handling can be overridden on instance objects, so we do that. - $ldap = new Net_LDAP2($config); - $ldap->setErrorHandling(PEAR_ERROR_RETURN); - $err=$ldap->bind(); - if (Net_LDAP2::isError($err)) { - common_log(LOG_WARNING, 'Could not connect to LDAP server: '.$err->getMessage()); - return false; - } - return $ldap; -} - -function ldap_check_password($username, $password){ - $ldap = ldap_get_connection(); - if(!$ldap){ - return false; - } - $entry = ldap_get_user($username); - if(!$entry){ - return false; - }else{ - $config = ldap_get_config(); - $config['binddn']=$entry->dn(); - $config['bindpw']=$password; - if(ldap_get_connection($config)){ - return true; - }else{ - return false; - } - } -} - -/** - * get an LDAP entry for a user with a given username - * - * @param string $username - * $param array $attributes LDAP attributes to retrieve - * @return string DN - */ -function ldap_get_user($username,$attributes=array()){ - $ldap = ldap_get_connection(); - $filter = Net_LDAP2_Filter::create(common_config('ldap','nickname_attribute'), 'equals', $username); - $options = array( - 'scope' => 'sub', - 'attributes' => $attributes - ); - $search = $ldap->search(null,$filter,$options); - - if (PEAR::isError($search)) { - common_log(LOG_WARNING, 'Error while getting DN for user: '.$search->getMessage()); - return false; - } - - if($search->count()==0){ - return false; - }else if($search->count()==1){ - $entry = $search->shiftEntry(); - return $entry; - }else{ - common_log(LOG_WARNING, 'Found ' . $search->count() . ' ldap user with the username: ' . $username); - return false; - } -} - -- cgit v1.2.3-54-g00ecf From 53c86c43c4b8cba313335f5d70f7f77d4ab640d2 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 3 Nov 2009 16:57:39 -0800 Subject: Bringing Sphinx search support up to code: broken out to a plugin, now supports multiple sites on a single server. Upgrade notes: * Index names have changed from hardcoded 'Identica_people' and 'Identica_notices' to use the database name and actual table names. Must reindex. New events: * GetSearchEngine to override default search engine class selection from plugins New scripts: * gen_config.php generates a sphinx.conf from database configuration (with theoretical support for status_network table, but it doesn't seem to be cleanly queriable right now without knowing the db setup info for that. Needs generalized support.) * Replaced old sphinx-indexer.sh and sphinx-cron.sh with index_update.php Other fixes: * sphinx.conf.sample better matches our live config, skipping unused stopword list and using a more realistic indexer memory limit Further notes: * Probably doesn't work right with PostgreSQL yet; Sphinx can pull from PG but the extraction queries currently look like they use some MySQL-specific functions. --- README | 31 ++----- actions/noticesearch.php | 2 +- actions/noticesearchrss.php | 2 +- actions/peoplesearch.php | 2 +- actions/twitapisearchatom.php | 2 +- actions/twitapisearchjson.php | 2 +- classes/Memcached_DataObject.php | 29 +++--- classes/Status_network.php | 28 ++++-- lib/default.php | 4 - lib/search_engines.php | 71 ++------------- plugins/SphinxSearch/README | 45 +++++++++ plugins/SphinxSearch/SphinxSearchPlugin.php | 100 ++++++++++++++++++++ plugins/SphinxSearch/scripts/gen_config.php | 126 ++++++++++++++++++++++++++ plugins/SphinxSearch/scripts/index_update.php | 61 +++++++++++++ plugins/SphinxSearch/scripts/sphinx-utils.php | 63 +++++++++++++ plugins/SphinxSearch/scripts/sphinx.sh | 15 +++ plugins/SphinxSearch/sphinx.conf.sample | 71 +++++++++++++++ plugins/SphinxSearch/sphinxsearch.php | 96 ++++++++++++++++++++ scripts/sphinx-cron.sh | 24 ----- scripts/sphinx-indexer.sh | 24 ----- scripts/sphinx.sh | 15 --- sphinx.conf.sample | 71 --------------- 22 files changed, 625 insertions(+), 259 deletions(-) create mode 100644 plugins/SphinxSearch/README create mode 100644 plugins/SphinxSearch/SphinxSearchPlugin.php create mode 100755 plugins/SphinxSearch/scripts/gen_config.php create mode 100755 plugins/SphinxSearch/scripts/index_update.php create mode 100644 plugins/SphinxSearch/scripts/sphinx-utils.php create mode 100755 plugins/SphinxSearch/scripts/sphinx.sh create mode 100644 plugins/SphinxSearch/sphinx.conf.sample create mode 100644 plugins/SphinxSearch/sphinxsearch.php delete mode 100755 scripts/sphinx-cron.sh delete mode 100755 scripts/sphinx-indexer.sh delete mode 100755 scripts/sphinx.sh delete mode 100644 sphinx.conf.sample (limited to 'actions') diff --git a/README b/README index 7ecd025ac..fb78ab01d 100644 --- a/README +++ b/README @@ -389,20 +389,16 @@ the server first. Sphinx ------ -To use a Sphinx server to search users and notices, you also need -to install, compile and enable the sphinx pecl extension for php on the -client side, which itself depends on the sphinx development files. -"pecl install sphinx" should take care of that. Add "extension=sphinx.so" -to your php.ini and reload apache to enable it. +To use a Sphinx server to search users and notices, you'll need to +enable the SphinxSearch plugin. Add to your config.php: -You can update your MySQL or Postgresql databases to drop their fulltext -search indexes, since they're now provided by sphinx. + addPlugin('SphinxSearch'); + $config['sphinx']['server'] = 'searchhost.local'; -On the sphinx server side, a script reads the main database and build -the keyword index. A cron job reads the database and keeps the sphinx -indexes up to date. scripts/sphinx-cron.sh should be called by cron -every 5 minutes, for example. scripts/sphinx.sh is an init.d script -to start and stop the sphinx search daemon. +You also need to install, compile and enable the sphinx pecl extension for +php on the client side, which itself depends on the sphinx development files. + +See plugins/SphinxSearch/README for more details and server setup. SMS --- @@ -1168,17 +1164,6 @@ base: memcached uses key-value pairs to store data. We build long, StatusNet site using your memcached server. port: Port to connect to; defaults to 11211. -sphinx ------- - -You can get a significant boost in performance using Sphinx Search -instead of your database server to search for users and notices. -. - -enabled: Set to true to enable. Default false. -server: a string with the hostname of the sphinx server. -port: an integer with the port number of the sphinx server. - emailpost --------- diff --git a/actions/noticesearch.php b/actions/noticesearch.php index 79cf572cc..1e5a69180 100644 --- a/actions/noticesearch.php +++ b/actions/noticesearch.php @@ -104,7 +104,7 @@ class NoticesearchAction extends SearchAction { $notice = new Notice(); - $search_engine = $notice->getSearchEngine('identica_notices'); + $search_engine = $notice->getSearchEngine('notice'); $search_engine->set_sort_mode('chron'); // Ask for an extra to see if there's more. $search_engine->limit((($page-1)*NOTICES_PER_PAGE), NOTICES_PER_PAGE + 1); diff --git a/actions/noticesearchrss.php b/actions/noticesearchrss.php index f59ad7962..18f07f855 100644 --- a/actions/noticesearchrss.php +++ b/actions/noticesearchrss.php @@ -62,7 +62,7 @@ class NoticesearchrssAction extends Rss10Action $notice = new Notice(); - $search_engine = $notice->getSearchEngine('identica_notices'); + $search_engine = $notice->getSearchEngine('notice'); $search_engine->set_sort_mode('chron'); if (!$limit) $limit = 20; diff --git a/actions/peoplesearch.php b/actions/peoplesearch.php index 38135ecbd..69de44859 100644 --- a/actions/peoplesearch.php +++ b/actions/peoplesearch.php @@ -61,7 +61,7 @@ class PeoplesearchAction extends SearchAction function showResults($q, $page) { $profile = new Profile(); - $search_engine = $profile->getSearchEngine('identica_people'); + $search_engine = $profile->getSearchEngine('profile'); $search_engine->set_sort_mode('chron'); // Ask for an extra to see if there's more. $search_engine->limit((($page-1)*PROFILES_PER_PAGE), PROFILES_PER_PAGE + 1); diff --git a/actions/twitapisearchatom.php b/actions/twitapisearchatom.php index 7d618c471..526ca2ae8 100644 --- a/actions/twitapisearchatom.php +++ b/actions/twitapisearchatom.php @@ -161,7 +161,7 @@ class TwitapisearchatomAction extends ApiAction // lcase it for comparison $q = strtolower($this->query); - $search_engine = $notice->getSearchEngine('identica_notices'); + $search_engine = $notice->getSearchEngine('notice'); $search_engine->set_sort_mode('chron'); $search_engine->limit(($this->page - 1) * $this->rpp, $this->rpp + 1, true); diff --git a/actions/twitapisearchjson.php b/actions/twitapisearchjson.php index c7fa741a0..741ed78d6 100644 --- a/actions/twitapisearchjson.php +++ b/actions/twitapisearchjson.php @@ -121,7 +121,7 @@ class TwitapisearchjsonAction extends ApiAction // lcase it for comparison $q = strtolower($this->query); - $search_engine = $notice->getSearchEngine('identica_notices'); + $search_engine = $notice->getSearchEngine('notice'); $search_engine->set_sort_mode('chron'); $search_engine->limit(($this->page - 1) * $this->rpp, $this->rpp + 1, true); if (false === $search_engine->query($q)) { diff --git a/classes/Memcached_DataObject.php b/classes/Memcached_DataObject.php index 9c2ac3e01..753fe954e 100644 --- a/classes/Memcached_DataObject.php +++ b/classes/Memcached_DataObject.php @@ -184,27 +184,20 @@ class Memcached_DataObject extends DB_DataObject require_once INSTALLDIR.'/lib/search_engines.php'; static $search_engine; if (!isset($search_engine)) { - $connected = false; - if (common_config('sphinx', 'enabled')) { - $search_engine = new SphinxSearch($this, $table); - $connected = $search_engine->is_connected(); - } - - // unable to connect to sphinx' search daemon - if (!$connected) { - if ('mysql' === common_config('db', 'type')) { - $type = common_config('search', 'type'); - if ($type == 'like') { - $search_engine = new MySQLLikeSearch($this, $table); - } else if ($type == 'fulltext') { - $search_engine = new MySQLSearch($this, $table); - } else { - throw new ServerException('Unknown search type: ' . $type); - } + if (Event::handle('GetSearchEngine', array($this, $table, &$search_engine))) { + if ('mysql' === common_config('db', 'type')) { + $type = common_config('search', 'type'); + if ($type == 'like') { + $search_engine = new MySQLLikeSearch($this, $table); + } else if ($type == 'fulltext') { + $search_engine = new MySQLSearch($this, $table); } else { - $search_engine = new PGSearch($this, $table); + throw new ServerException('Unknown search type: ' . $type); } + } else { + $search_engine = new PGSearch($this, $table); } + } } return $search_engine; } diff --git a/classes/Status_network.php b/classes/Status_network.php index fe4f0b0c5..b3117640d 100644 --- a/classes/Status_network.php +++ b/classes/Status_network.php @@ -57,14 +57,16 @@ class Status_network extends DB_DataObject $config['db']['ini_'.$dbname] = INSTALLDIR.'/classes/status_network.ini'; $config['db']['table_status_network'] = $dbname; - self::$cache = new Memcache(); + if (class_exists('Memcache')) { + self::$cache = new Memcache(); - if (is_array($servers)) { - foreach($servers as $server) { - self::$cache->addServer($server); + if (is_array($servers)) { + foreach($servers as $server) { + self::$cache->addServer($server); + } + } else { + self::$cache->addServer($servers); } - } else { - self::$cache->addServer($servers); } self::$base = $dbname; @@ -76,6 +78,10 @@ class Status_network extends DB_DataObject static function memGet($k, $v) { + if (!self::$cache) { + return self::staticGet($k, $v); + } + $ck = self::cacheKey($k, $v); $sn = self::$cache->get($ck); @@ -92,10 +98,12 @@ class Status_network extends DB_DataObject function decache() { - $keys = array('nickname', 'hostname', 'pathname'); - foreach ($keys as $k) { - $ck = self::cacheKey($k, $this->$k); - self::$cache->delete($ck); + if (self::$cache) { + $keys = array('nickname', 'hostname', 'pathname'); + foreach ($keys as $k) { + $ck = self::cacheKey($k, $this->$k); + self::$cache->delete($ck); + } } } diff --git a/lib/default.php b/lib/default.php index f6cc4b725..95366e0b3 100644 --- a/lib/default.php +++ b/lib/default.php @@ -125,10 +125,6 @@ $default = 'public' => array()), # JIDs of users who want to receive the public stream 'invite' => array('enabled' => true), - 'sphinx' => - array('enabled' => false, - 'server' => 'localhost', - 'port' => 3312), 'tag' => array('dropoff' => 864000.0), 'popular' => diff --git a/lib/search_engines.php b/lib/search_engines.php index 69f6ff468..332db3f89 100644 --- a/lib/search_engines.php +++ b/lib/search_engines.php @@ -46,70 +46,11 @@ class SearchEngine } } -class SphinxSearch extends SearchEngine -{ - private $sphinx; - private $connected; - - function __construct($target, $table) - { - $fp = @fsockopen(common_config('sphinx', 'server'), common_config('sphinx', 'port')); - if (!$fp) { - $this->connected = false; - return; - } - fclose($fp); - parent::__construct($target, $table); - $this->sphinx = new SphinxClient; - $this->sphinx->setServer(common_config('sphinx', 'server'), common_config('sphinx', 'port')); - $this->connected = true; - } - - function is_connected() - { - return $this->connected; - } - - function limit($offset, $count, $rss = false) - { - //FIXME without LARGEST_POSSIBLE, the most recent results aren't returned - // this probably has a large impact on performance - $LARGEST_POSSIBLE = 1e6; - - if ($rss) { - $this->sphinx->setLimits($offset, $count, $count, $LARGEST_POSSIBLE); - } - else { - // return at most 50 pages of results - $this->sphinx->setLimits($offset, $count, 50 * ($count - 1), $LARGEST_POSSIBLE); - } - - return $this->target->limit(0, $count); - } - - function query($q) - { - $result = $this->sphinx->query($q, $this->table); - if (!isset($result['matches'])) return false; - $id_set = join(', ', array_keys($result['matches'])); - $this->target->whereAdd("id in ($id_set)"); - return true; - } - - function set_sort_mode($mode) - { - if ('chron' === $mode) { - $this->sphinx->SetSortMode(SPH_SORT_ATTR_DESC, 'created_ts'); - return $this->target->orderBy('created desc'); - } - } -} - class MySQLSearch extends SearchEngine { function query($q) { - if ('identica_people' === $this->table) { + if ('profile' === $this->table) { $this->target->whereAdd('MATCH(nickname, fullname, location, bio, homepage) ' . 'AGAINST (\''.addslashes($q).'\' IN BOOLEAN MODE)'); if (strtolower($q) != $q) { @@ -117,7 +58,7 @@ class MySQLSearch extends SearchEngine 'AGAINST (\''.addslashes(strtolower($q)).'\' IN BOOLEAN MODE)', 'OR'); } return true; - } else if ('identica_notices' === $this->table) { + } else if ('notice' === $this->table) { // Don't show imported notices $this->target->whereAdd('notice.is_local != ' . Notice::GATEWAY); @@ -143,13 +84,13 @@ class MySQLLikeSearch extends SearchEngine { function query($q) { - if ('identica_people' === $this->table) { + if ('profile' === $this->table) { $qry = sprintf('(nickname LIKE "%%%1$s%%" OR '. ' fullname LIKE "%%%1$s%%" OR '. ' location LIKE "%%%1$s%%" OR '. ' bio LIKE "%%%1$s%%" OR '. ' homepage LIKE "%%%1$s%%")', addslashes($q)); - } else if ('identica_notices' === $this->table) { + } else if ('notice' === $this->table) { $qry = sprintf('content LIKE "%%%1$s%%"', addslashes($q)); } else { throw new ServerException('Unknown table: ' . $this->table); @@ -165,9 +106,9 @@ class PGSearch extends SearchEngine { function query($q) { - if ('identica_people' === $this->table) { + if ('profile' === $this->table) { return $this->target->whereAdd('textsearch @@ plainto_tsquery(\''.addslashes($q).'\')'); - } else if ('identica_notices' === $this->table) { + } else if ('notice' === $this->table) { // XXX: We need to filter out gateway notices (notice.is_local = -2) --Zach diff --git a/plugins/SphinxSearch/README b/plugins/SphinxSearch/README new file mode 100644 index 000000000..5a2c063bd --- /dev/null +++ b/plugins/SphinxSearch/README @@ -0,0 +1,45 @@ +You can get a significant boost in performance using Sphinx Search +instead of your database server to search for users and notices. +. + +Configuration +------------- + +In StatusNet's configuration, you can adjust the following settings +under 'sphinx': + +enabled: Set to true to enable. Default false. +server: a string with the hostname of the sphinx server. +port: an integer with the port number of the sphinx server. + + +Requirements +------------ + +To use a Sphinx server to search users and notices, you also need +to install, compile and enable the sphinx pecl extension for php on the +client side, which itself depends on the sphinx development files. +"pecl install sphinx" should take care of that. Add "extension=sphinx.so" +to your php.ini and reload apache to enable it. + +You can update your MySQL or Postgresql databases to drop their fulltext +search indexes, since they're now provided by sphinx. + + +You will also need a Sphinx server to serve the search queries. + +On the sphinx server side, a script reads the main database and build +the keyword index. A cron job reads the database and keeps the sphinx +indexes up to date. scripts/sphinx-cron.sh should be called by cron +every 5 minutes, for example. scripts/sphinx.sh is an init.d script +to start and stop the sphinx search daemon. + + +Server configuration +-------------------- +scripts/gen_config.php can generate a sphinx.conf file listing MySQL +data sources for your databases. You may need to tweak paths afterwards. + + $ plugins/SphinxSearch/scripts/gen_config.php > sphinx.conf + +If you wish, you can build a full config yourself based on sphinx.conf.sample diff --git a/plugins/SphinxSearch/SphinxSearchPlugin.php b/plugins/SphinxSearch/SphinxSearchPlugin.php new file mode 100644 index 000000000..7a27a4c04 --- /dev/null +++ b/plugins/SphinxSearch/SphinxSearchPlugin.php @@ -0,0 +1,100 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Brion Vibber + * @copyright 2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +// Set defaults if not already set in the config array... +global $config; +$sphinxDefaults = + array('enabled' => true, + 'server' => 'localhost', + 'port' => 3312); +foreach($sphinxDefaults as $key => $val) { + if (!isset($config['sphinx'][$key])) { + $config['sphinx'][$key] = $val; + } +} + + + +/** + * Plugin for Sphinx search backend. + * + * @category Plugin + * @package StatusNet + * @author Brion Vibber + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * @link http://twitter.com/ + */ + +class SphinxSearchPlugin extends Plugin +{ + /** + * Automatically load any classes used + * + * @param string $cls the class + * @return boolean hook return + */ + function onAutoload($cls) + { + switch ($cls) { + case 'SphinxSearch': + include_once INSTALLDIR . '/plugins/SphinxSearch/' . + strtolower($cls) . '.php'; + return false; + default: + return true; + } + } + + /** + * Create sphinx search engine object for the given table type. + * + * @param Memcached_DataObject $target + * @param string $table + * @param out &$search_engine SearchEngine object on output if successful + * @ return boolean hook return + */ + function onGetSearchEngine(Memcached_DataObject $target, $table, &$search_engine) + { + if (common_config('sphinx', 'enabled')) { + if (!class_exists('SphinxClient')) { + throw new ServerException('Sphinx PHP extension must be installed.'); + } + $engine = new SphinxSearch($target, $table); + if ($engine->is_connected()) { + $search_engine = $engine; + return false; + } + } + // Sphinx disabled or disconnected + return true; + } +} diff --git a/plugins/SphinxSearch/scripts/gen_config.php b/plugins/SphinxSearch/scripts/gen_config.php new file mode 100755 index 000000000..d5a00b6b6 --- /dev/null +++ b/plugins/SphinxSearch/scripts/gen_config.php @@ -0,0 +1,126 @@ +#!/usr/bin/env php +. + */ + +define('INSTALLDIR', realpath(dirname(__FILE__) . '/../../..')); + +$longoptions = array('base=', 'network'); + +$helptext = <<sitename} +# +source {$sn->dbname}_src_{$table} +{ + type = {$dbtype} + sql_host = {$sn->dbhost} + sql_user = {$sn->dbuser} + sql_pass = {$sn->dbpass} + sql_db = {$sn->dbname} + sql_query_pre = SET NAMES utf8; + sql_query = {$query} + sql_query_info = {$query_info} + sql_attr_timestamp = created_ts +} + +index {$sn->dbname}_{$table} +{ + source = {$sn->dbname}_src_{$table} + path = {$base}/data/{$sn->dbname}_{$table} + docinfo = extern + charset_type = utf-8 + min_word_len = 3 +} + + +END; +} diff --git a/plugins/SphinxSearch/scripts/index_update.php b/plugins/SphinxSearch/scripts/index_update.php new file mode 100755 index 000000000..23c60ced7 --- /dev/null +++ b/plugins/SphinxSearch/scripts/index_update.php @@ -0,0 +1,61 @@ +#!/usr/bin/env php +. + */ + +define('INSTALLDIR', realpath(dirname(__FILE__) . '/../../..')); + +$longoptions = array('base=', 'network'); + +$helptext = <<. + */ + +function sphinx_use_network() +{ + return have_option('network'); +} + +function sphinx_base() +{ + if (have_option('base')) { + return get_option_value('base'); + } else { + return "/usr/local/sphinx"; + } +} + +function sphinx_iterate_sites($callback) +{ + if (sphinx_use_network()) { + // @fixme this should use, like, some kind of config + Status_network::setupDB('localhost', 'statusnet', 'statuspass', 'statusnet'); + $sn = new Status_network(); + if (!$sn->find()) { + die("Confused... no sites in status_network table or lookup failed.\n"); + } + while ($sn->fetch()) { + $callback($sn); + } + } else { + if (preg_match('!^(mysqli?|pgsql)://(.*?):(.*?)@(.*?)/(.*?)$!', + common_config('db', 'database'), $matches)) { + list(/*all*/, $dbtype, $dbuser, $dbpass, $dbhost, $dbname) = $matches; + $sn = (object)array( + 'sitename' => common_config('site', 'name'), + 'dbhost' => $dbhost, + 'dbuser' => $dbuser, + 'dbpass' => $dbpass, + 'dbname' => $dbname); + $callback($sn); + } else { + print "Unrecognized database configuration string in config.php\n"; + exit(1); + } + } +} + diff --git a/plugins/SphinxSearch/scripts/sphinx.sh b/plugins/SphinxSearch/scripts/sphinx.sh new file mode 100755 index 000000000..b8edeb302 --- /dev/null +++ b/plugins/SphinxSearch/scripts/sphinx.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +if [[ $1 = "start" ]] +then + echo "Stopping any running daemons..." + /usr/local/bin/searchd --config /usr/local/etc/sphinx.conf --stop 2> /dev/null + echo "Starting sphinx search daemon..." + /usr/local/bin/searchd --config /usr/local/etc/sphinx.conf 2> /dev/null +fi + +if [[ $1 = "stop" ]] +then + echo "Stopping sphinx search daemon..." + /usr/local/bin/searchd --config /usr/local/etc/sphinx.conf --stop 2> /dev/null +fi diff --git a/plugins/SphinxSearch/sphinx.conf.sample b/plugins/SphinxSearch/sphinx.conf.sample new file mode 100644 index 000000000..3de62f637 --- /dev/null +++ b/plugins/SphinxSearch/sphinx.conf.sample @@ -0,0 +1,71 @@ +# +# Minimal Sphinx configuration sample for statusnet +# + +source src1 +{ + type = mysql + sql_host = localhost + sql_user = USERNAME + sql_pass = PASSWORD + sql_db = identi_ca + sql_port = 3306 + sql_query = SELECT id, UNIX_TIMESTAMP(created) as created_ts, nickname, fullname, location, bio, homepage FROM profile + sql_query_info = SELECT * FROM profile where id = $id + sql_attr_timestamp = created_ts +} + + +source src2 +{ + type = mysql + sql_host = localhost + sql_user = USERNAME + sql_pass = PASSWORD + sql_db = identi_ca + sql_port = 3306 + sql_query = SELECT id, UNIX_TIMESTAMP(created) as created_ts, content FROM notice + sql_query_info = SELECT * FROM notice where notice.id = $id AND notice.is_local != -2 + sql_attr_timestamp = created_ts +} + +index identica_notices +{ + source = src2 + path = DIRECTORY/data/identica_notices + docinfo = extern + charset_type = utf-8 + min_word_len = 3 + stopwords = DIRECTORY/data/stopwords-en.txt +} + + +index identica_people +{ + source = src1 + path = DIRECTORY/data/identica_people + docinfo = extern + charset_type = utf-8 + min_word_len = 3 + stopwords = DIRECTORY/data/stopwords-en.txt +} + +indexer +{ + mem_limit = 32M +} + +searchd +{ + port = 3312 + log = DIRECTORY/log/searchd.log + query_log = DIRECTORY/log/query.log + read_timeout = 5 + max_children = 30 + pid_file = DIRECTORY/log/searchd.pid + max_matches = 1000 + seamless_rotate = 1 + preopen_indexes = 0 + unlink_old = 1 +} + diff --git a/plugins/SphinxSearch/sphinxsearch.php b/plugins/SphinxSearch/sphinxsearch.php new file mode 100644 index 000000000..71f330828 --- /dev/null +++ b/plugins/SphinxSearch/sphinxsearch.php @@ -0,0 +1,96 @@ +. + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +class SphinxSearch extends SearchEngine +{ + private $sphinx; + private $connected; + + function __construct($target, $table) + { + $fp = @fsockopen(common_config('sphinx', 'server'), common_config('sphinx', 'port')); + if (!$fp) { + $this->connected = false; + return; + } + fclose($fp); + parent::__construct($target, $table); + $this->sphinx = new SphinxClient; + $this->sphinx->setServer(common_config('sphinx', 'server'), common_config('sphinx', 'port')); + $this->connected = true; + } + + function is_connected() + { + return $this->connected; + } + + function limit($offset, $count, $rss = false) + { + //FIXME without LARGEST_POSSIBLE, the most recent results aren't returned + // this probably has a large impact on performance + $LARGEST_POSSIBLE = 1e6; + + if ($rss) { + $this->sphinx->setLimits($offset, $count, $count, $LARGEST_POSSIBLE); + } + else { + // return at most 50 pages of results + $this->sphinx->setLimits($offset, $count, 50 * ($count - 1), $LARGEST_POSSIBLE); + } + + return $this->target->limit(0, $count); + } + + function query($q) + { + $result = $this->sphinx->query($q, $this->remote_table()); + if (!isset($result['matches'])) return false; + $id_set = join(', ', array_keys($result['matches'])); + $this->target->whereAdd("id in ($id_set)"); + return true; + } + + function set_sort_mode($mode) + { + if ('chron' === $mode) { + $this->sphinx->SetSortMode(SPH_SORT_ATTR_DESC, 'created_ts'); + return $this->target->orderBy('created desc'); + } + } + + function remote_table() + { + return $this->dbname() . '_' . $this->table; + } + + function dbname() + { + // @fixme there should be a less dreadful way to do this. + // DB objects won't give database back until they connect, it's confusing + if (preg_match('!^.*?://.*?:.*?@.*?/(.*?)$!', common_config('db', 'database'), $matches)) { + return $matches[1]; + } + throw new ServerException("Sphinx search could not identify database name"); + } +} diff --git a/scripts/sphinx-cron.sh b/scripts/sphinx-cron.sh deleted file mode 100755 index bc537af1a..000000000 --- a/scripts/sphinx-cron.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh - -# StatusNet - a distributed open-source microblogging tool - -# Copyright (C) 2008, 2009, StatusNet, Inc. -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with this program. If not, see . - -# This program tries to start the daemons for StatusNet. -# Note that the 'maildaemon' needs to run as a mail filter. - -/usr/local/bin/indexer --config /usr/local/etc/sphinx.conf --all --rotate - diff --git a/scripts/sphinx-indexer.sh b/scripts/sphinx-indexer.sh deleted file mode 100755 index 1ec0826be..000000000 --- a/scripts/sphinx-indexer.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh - -# StatusNet - a distributed open-source microblogging tool - -# Copyright (C) 2008, 2009, StatusNet, Inc. -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU Affero General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Affero General Public License for more details. -# -# You should have received a copy of the GNU Affero General Public License -# along with this program. If not, see . - -# This program tries to start the daemons for StatusNet. -# Note that the 'maildaemon' needs to run as a mail filter. - -/usr/local/bin/indexer --config /usr/local/etc/sphinx.conf --all - diff --git a/scripts/sphinx.sh b/scripts/sphinx.sh deleted file mode 100755 index b8edeb302..000000000 --- a/scripts/sphinx.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -if [[ $1 = "start" ]] -then - echo "Stopping any running daemons..." - /usr/local/bin/searchd --config /usr/local/etc/sphinx.conf --stop 2> /dev/null - echo "Starting sphinx search daemon..." - /usr/local/bin/searchd --config /usr/local/etc/sphinx.conf 2> /dev/null -fi - -if [[ $1 = "stop" ]] -then - echo "Stopping sphinx search daemon..." - /usr/local/bin/searchd --config /usr/local/etc/sphinx.conf --stop 2> /dev/null -fi diff --git a/sphinx.conf.sample b/sphinx.conf.sample deleted file mode 100644 index 3de62f637..000000000 --- a/sphinx.conf.sample +++ /dev/null @@ -1,71 +0,0 @@ -# -# Minimal Sphinx configuration sample for statusnet -# - -source src1 -{ - type = mysql - sql_host = localhost - sql_user = USERNAME - sql_pass = PASSWORD - sql_db = identi_ca - sql_port = 3306 - sql_query = SELECT id, UNIX_TIMESTAMP(created) as created_ts, nickname, fullname, location, bio, homepage FROM profile - sql_query_info = SELECT * FROM profile where id = $id - sql_attr_timestamp = created_ts -} - - -source src2 -{ - type = mysql - sql_host = localhost - sql_user = USERNAME - sql_pass = PASSWORD - sql_db = identi_ca - sql_port = 3306 - sql_query = SELECT id, UNIX_TIMESTAMP(created) as created_ts, content FROM notice - sql_query_info = SELECT * FROM notice where notice.id = $id AND notice.is_local != -2 - sql_attr_timestamp = created_ts -} - -index identica_notices -{ - source = src2 - path = DIRECTORY/data/identica_notices - docinfo = extern - charset_type = utf-8 - min_word_len = 3 - stopwords = DIRECTORY/data/stopwords-en.txt -} - - -index identica_people -{ - source = src1 - path = DIRECTORY/data/identica_people - docinfo = extern - charset_type = utf-8 - min_word_len = 3 - stopwords = DIRECTORY/data/stopwords-en.txt -} - -indexer -{ - mem_limit = 32M -} - -searchd -{ - port = 3312 - log = DIRECTORY/log/searchd.log - query_log = DIRECTORY/log/query.log - read_timeout = 5 - max_children = 30 - pid_file = DIRECTORY/log/searchd.pid - max_matches = 1000 - seamless_rotate = 1 - preopen_indexes = 0 - unlink_old = 1 -} - -- cgit v1.2.3-54-g00ecf From 4e4ba24c007fee94662018e7135f2db1e7c847b3 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 10 Nov 2009 14:36:41 -0800 Subject: Implement /api/account/update_delivery_device.format --- actions/apiaccountupdatedeliverydevice.php | 149 +++++++++++++++++++++++++++++ lib/router.php | 3 + 2 files changed, 152 insertions(+) create mode 100644 actions/apiaccountupdatedeliverydevice.php (limited to 'actions') diff --git a/actions/apiaccountupdatedeliverydevice.php b/actions/apiaccountupdatedeliverydevice.php new file mode 100644 index 000000000..5b7176bbb --- /dev/null +++ b/actions/apiaccountupdatedeliverydevice.php @@ -0,0 +1,149 @@ +. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/apiauth.php'; + +/** + * Sets which channel (device) StatusNet delivers updates to for + * the authenticating user. Sending none as the device parameter + * will disable IM and/or SMS updates. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiAccountUpdateDeliveryDeviceAction extends ApiAuthAction +{ + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + */ + + function prepare($args) + { + parent::prepare($args); + + $this->user = $this->auth_user; + $this->device = $this->trimmed('device'); + + return true; + } + + /** + * Handle the request + * + * See which request params have been set, and update the user settings + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, $this->format + ); + return; + } + + if (!in_array($this->format, array('xml', 'json'))) { + $this->clientError( + _('API method not found.'), + 404, + $this->format + ); + return; + } + + if (!in_array(strtolower($this->device), array('sms', 'im', 'none'))) { + $this->clientError( + _( + 'You must specify a parameter named ' . + '\'device\' with a value of one of: sms, im, none' + ) + ); + return; + } + + if (empty($this->user)) { + $this->clientError(_('No such user.'), 404, $this->format); + return; + } + + $original = clone($this->user); + + if (strtolower($this->device) == 'sms') { + $this->user->smsnotify = true; + } elseif (strtolower($this->device) == 'im') { + $this->user->jabbernotify = true; + } elseif (strtolower($this->device == 'none')) { + $this->user->smsnotify = false; + $this->user->jabbernotify = false; + } + + $result = $this->user->update($original); + + if ($result === false) { + common_log_db_error($this->user, 'UPDATE', __FILE__); + $this->serverError(_('Could not update user.')); + return; + } + + $profile = $this->user->getProfile(); + + $twitter_user = $this->twitterUserArray($profile, true); + + if ($this->format == 'xml') { + $this->initDocument('xml'); + $this->showTwitterXmlUser($twitter_user); + $this->endDocument('xml'); + } elseif ($this->format == 'json') { + $this->initDocument('json'); + $this->showJsonObjects($twitter_user); + $this->endDocument('json'); + } + } + +} diff --git a/lib/router.php b/lib/router.php index 35f43e5cb..bad3decad 100644 --- a/lib/router.php +++ b/lib/router.php @@ -440,6 +440,9 @@ class Router $m->connect('api/account/update_profile_colors.:format', array('action' => 'ApiAccountUpdateProfileColors')); + $m->connect('api/account/update_delivery_device.:format', + array('action' => 'ApiAccountUpdateDeliveryDevice')); + // special case where verify_credentials is called w/out a format $m->connect('api/account/verify_credentials', -- cgit v1.2.3-54-g00ecf From ee3fc8ba03ddd8451cac60547af72ea2cef7dc6a Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 10 Nov 2009 15:23:33 -0800 Subject: Added some notes in the comments --- actions/apiaccountupdatedeliverydevice.php | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'actions') diff --git a/actions/apiaccountupdatedeliverydevice.php b/actions/apiaccountupdatedeliverydevice.php index 5b7176bbb..684906fe9 100644 --- a/actions/apiaccountupdatedeliverydevice.php +++ b/actions/apiaccountupdatedeliverydevice.php @@ -97,6 +97,8 @@ class ApiAccountUpdateDeliveryDeviceAction extends ApiAuthAction return; } + // Note: Twitter no longer supports IM + if (!in_array(strtolower($this->device), array('sms', 'im', 'none'))) { $this->clientError( _( @@ -135,6 +137,12 @@ class ApiAccountUpdateDeliveryDeviceAction extends ApiAuthAction $twitter_user = $this->twitterUserArray($profile, true); + // Note: this Twitter API method is retarded because it doesn't give + // any success/failure information. Twitter's docs claim that the + // notification field will change to reflect notification choice, + // but that's not true; notification> is used to indicate + // whether the auth user is following the user in question. + if ($this->format == 'xml') { $this->initDocument('xml'); $this->showTwitterXmlUser($twitter_user); -- cgit v1.2.3-54-g00ecf From b2145a6e4c739578e03d3d1fda6b415f2a830462 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Wed, 11 Nov 2009 01:00:41 -0500 Subject: use
  • s in form data for site admin panel --- actions/siteadminpanel.php | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) (limited to 'actions') diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index 358c0b15f..6dae12e08 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -197,15 +197,25 @@ class SiteAdminPanelForm extends Form function formData() { + $this->out->elementStart('ul', 'form_data'); + $this->li(); $this->input('name', _('Site name'), _('The name of your site, like "Yourcompany Microblog"')); + $this->unli(); + $this->li(); $this->input('broughtby', _('Brought by'), _('Text used for credits link in footer of each page')); + $this->unli(); + $this->li(); $this->input('broughtbyurl', _('Brought by URL'), _('URL used for credits link in footer of each page')); + $this->unli(); + $this->li(); $this->input('email', _('Email'), _('contact email address for your site')); + $this->unli(); + $timezones = array(); foreach (DateTimeZone::listIdentifiers() as $k => $v) { @@ -214,25 +224,43 @@ class SiteAdminPanelForm extends Form asort($timezones); + $this->li(); + $this->out->dropdown('timezone', _('Default timezone'), $timezones, _('Default timezone for the site; usually UTC.'), true, $this->value('timezone')); + $this->unli(); + $this->li(); + $this->out->dropdown('language', _('Language'), get_nice_language_list(), _('Default site language'), false, $this->value('language')); + $this->unli(); + $this->li(); + $this->out->checkbox('closed', _('Closed'), (bool) $this->value('closed'), _('Is registration on this site prohibited?')); + $this->unli(); + $this->li(); + $this->out->checkbox('inviteonly', _('Invite-only'), (bool) $this->value('inviteonly'), _('Is registration on this site only open to invited users?')); + $this->unli(); + $this->li(); + $this->out->checkbox('private', _('Private'), (bool) $this->value('private'), _('Prohibit anonymous users (not logged in) from viewing site?')); + + $this->unli(); + + $this->out->elementEnd('ul'); } /** @@ -268,6 +296,16 @@ class SiteAdminPanelForm extends Form return $value; } + function li() + { + $this->out->elementStart('li'); + } + + function unli() + { + $this->out->elementEnd('li'); + } + /** * Action elements * -- cgit v1.2.3-54-g00ecf From 4258f99d2f44aebb9794a354e9614733a97e43c4 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Wed, 11 Nov 2009 01:09:40 -0500 Subject: Add design admin panel --- actions/designadminpanel.php | 231 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 231 insertions(+) create mode 100644 actions/designadminpanel.php (limited to 'actions') diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php new file mode 100644 index 000000000..30af76ff5 --- /dev/null +++ b/actions/designadminpanel.php @@ -0,0 +1,231 @@ +. + * + * @category Settings + * @package StatusNet + * @author Evan Prodromou + * @author Zach Copley + * @author Sarven Capadisli + * @copyright 2008-2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Administer design settings + * + * @category Admin + * @package StatusNet + * @author Evan Prodromou + * @author Zach Copley + * @author Sarven Capadisli + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class DesignadminpanelAction extends AdminPanelAction +{ + /** + * Returns the page title + * + * @return string page title + */ + + function title() + { + return _('Design'); + } + + /** + * Instructions for using this form. + * + * @return string instructions + */ + + function getInstructions() + { + return _('Design settings for this StatusNet site.'); + } + + /** + * Show the site admin panel form + * + * @return void + */ + + function showForm() + { + $form = new DesignAdminPanelForm($this); + $form->show(); + return; + } + + /** + * Save settings from the form + * + * @return void + */ + + function saveSettings() + { + static $settings = array('theme'); + + $values = array(); + + foreach ($settings as $setting) { + $values[$setting] = $this->trimmed($setting); + } + + // This throws an exception on validation errors + + $this->validate($values); + + // assert(all values are valid); + + $config = new Config(); + + $config->query('BEGIN'); + + foreach ($settings as $setting) { + Config::save('site', $setting, $values[$setting]); + } + + $config->query('COMMIT'); + + return; + } + + function validate(&$values) + { + if (!in_array($values['theme'], Theme::listAvailable())) { + $this->clientError(sprintf(_("Theme not available: %s"), $values['theme'])); + } + } +} + +class DesignAdminPanelForm extends Form +{ + /** + * ID of the form + * + * @return int ID of the form + */ + + function id() + { + return 'designadminpanel'; + } + + /** + * class of the form + * + * @return string class of the form + */ + + function formClass() + { + return 'form_design_admin_panel'; + } + + /** + * Action of the form + * + * @return string URL of the action + */ + + function action() + { + return common_local_url('designadminpanel'); + } + + /** + * Data elements of the form + * + * @return void + */ + + function formData() + { + $themes = Theme::listAvailable(); + + asort($themes); + + $themes = array_combine($themes, $themes); + + $this->out->elementStart('ul'); + $this->out->elementStart('li'); + + $this->out->dropdown('theme', _('Theme'), + $themes, _('Theme for the site.'), + true, $this->value('theme')); + + $this->out->elementEnd('li'); + $this->out->elementEnd('ul'); + } + + /** + * Utility to simplify some of the duplicated code around + * params and settings. + * + * @param string $setting Name of the setting + * @param string $title Title to use for the input + * @param string $instructions Instructions for this field + * + * @return void + */ + + function input($setting, $title, $instructions) + { + $this->out->input($setting, $title, $this->value($setting), $instructions); + } + + /** + * Utility to simplify getting the posted-or-stored setting value + * + * @param string $setting Name of the setting + * + * @return string param value if posted, or current config value + */ + + function value($setting) + { + $value = $this->out->trimmed($setting); + if (empty($value)) { + $value = common_config('site', $setting); + } + return $value; + } + + /** + * Action elements + * + * @return void + */ + + function formActions() + { + $this->out->submit('submit', _('Save'), 'submit', null, _('Save site settings')); + } +} -- cgit v1.2.3-54-g00ecf From 220f8771c6570849e2ffd510b14ea4b6197e2366 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Wed, 11 Nov 2009 01:43:34 -0500 Subject: store boolean values correctly in siteadminpanel --- actions/siteadminpanel.php | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'actions') diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index 6dae12e08..e4deea962 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -91,8 +91,8 @@ class SiteadminpanelAction extends AdminPanelAction function saveSettings() { static $settings = array('name', 'broughtby', 'broughtbyurl', - 'email', 'timezone', 'language', - 'closed', 'inviteonly', 'private'); + 'email', 'timezone', 'language'); + static $booleans = array('closed', 'inviteonly', 'private'); $values = array(); @@ -100,6 +100,10 @@ class SiteadminpanelAction extends AdminPanelAction $values[$setting] = $this->trimmed($setting); } + foreach ($booleans as $setting) { + $values[$setting] = ($this->boolean($setting)) ? 1 : 0; + } + // This throws an exception on validation errors $this->validate($values); @@ -110,7 +114,7 @@ class SiteadminpanelAction extends AdminPanelAction $config->query('BEGIN'); - foreach ($settings as $setting) { + foreach (array_merge($settings, $booleans) as $setting) { Config::save('site', $setting, $values[$setting]); } -- cgit v1.2.3-54-g00ecf From 37c62c6356af22a7b1eb444b241083d9fa53166e Mon Sep 17 00:00:00 2001 From: Siebrand Mazeland Date: Wed, 11 Nov 2009 13:24:02 +0100 Subject: Remove double space in message --- actions/noticesearch.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/noticesearch.php b/actions/noticesearch.php index 79cf572cc..b68a2efe2 100644 --- a/actions/noticesearch.php +++ b/actions/noticesearch.php @@ -121,7 +121,7 @@ class NoticesearchAction extends SearchAction $message = sprintf(_('Be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), urlencode($q)); } else { - $message = sprintf(_('Why not [register an account](%%%%action.register%%%%) and be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), urlencode($q)); + $message = sprintf(_('Why not [register an account](%%%%action.register%%%%) and be the first to [post on this topic](%%%%action.newnotice%%%%?status_textarea=%s)!'), urlencode($q)); } $this->elementStart('div', 'guide'); -- cgit v1.2.3-54-g00ecf From 014d6b1d19b6ae5de8d87f055397993f80579f74 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Wed, 11 Nov 2009 14:02:57 -0500 Subject: Redid how URL shorteners work. This way is much more like how Evan wants events to work (and more like how the rest of SN works). --- EVENTS.txt | 14 ++++ actions/othersettings.php | 17 ++--- lib/Shorturl_api.php | 67 ------------------ lib/common.php | 1 - lib/util.php | 25 +++---- plugins/BitlyUrl/BitlyUrlPlugin.php | 31 ++++----- plugins/LilUrl/LilUrlPlugin.php | 38 +++++----- plugins/PtitUrl/PtitUrlPlugin.php | 31 ++++----- plugins/SimpleUrl/SimpleUrlPlugin.php | 41 +++-------- plugins/TightUrl/TightUrlPlugin.php | 31 ++++----- plugins/UrlShortener/UrlShortenerPlugin.php | 103 ++++++++++++++++++++++++++++ 11 files changed, 197 insertions(+), 202 deletions(-) delete mode 100644 lib/Shorturl_api.php create mode 100644 plugins/UrlShortener/UrlShortenerPlugin.php (limited to 'actions') diff --git a/EVENTS.txt b/EVENTS.txt index f75dcebca..3acff277b 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -538,3 +538,17 @@ EndChangePassword: After changing a password UserDeleteRelated: Specify additional tables to delete entries from when deleting users - $user: User object - &$related: array of DB_DataObject class names to delete entries on matching user_id. + +GetUrlShorteners: Specify URL shorteners that are available for use +- &$shorteners: append your shortener to this array like so: $shorteners[shortenerName]=array('display'=>display, 'freeService'=>boolean) + +StartShortenUrl: About to shorten a URL +- $url: url to be shortened +- $shortenerName: name of the requested shortener +- &$shortenedUrl: short version of the url + +EndShortenUrl: After a URL has been shortened +- $url: url to be shortened +- $shortenerName: name of the requested shortener +- $shortenedUrl: short version of the url + diff --git a/actions/othersettings.php b/actions/othersettings.php index d32a2d651..d52a634ac 100644 --- a/actions/othersettings.php +++ b/actions/othersettings.php @@ -97,20 +97,15 @@ class OthersettingsAction extends AccountSettingsAction $this->elementStart('fieldset'); $this->hidden('token', common_session_token()); - $services=array(); - global $_shorteners; - if($_shorteners){ - foreach($_shorteners as $name=>$value) - { - $services[$name]=$name; - if(!empty($value['info']['freeService'])){ - // I18N - $services[$name].=' (free service)'; - } + Event::handle('GetUrlShorteners', array(&$shorteners)); + foreach($shorteners as $name=>$value) + { + $services[$name]=$name; + if($value['freeService']){ + $services[$name].=_(' (free service)'); } } asort($services); - $services['']='None'; $this->elementStart('ul', 'form_data'); $this->elementStart('li'); diff --git a/lib/Shorturl_api.php b/lib/Shorturl_api.php deleted file mode 100644 index de4d55012..000000000 --- a/lib/Shorturl_api.php +++ /dev/null @@ -1,67 +0,0 @@ -. - */ - -if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } - -abstract class ShortUrlApi -{ - protected $service_url; - protected $long_limit = 27; - - function __construct($service_url) - { - $this->service_url = $service_url; - } - - function shorten($url) - { - if ($this->is_long($url)) return $this->shorten_imp($url); - return $url; - } - - protected abstract function shorten_imp($url); - - protected function is_long($url) { - return strlen($url) >= common_config('site', 'shorturllength'); - } - - protected function http_post($data) - { - $request = HTTPClient::start(); - $response = $request->post($this->service_url, null, $data); - return $response->getBody(); - } - - protected function http_get($url) - { - $request = HTTPClient::start(); - $response = $request->get($this->service_url . urlencode($url)); - return $response->getBody(); - } - - protected function tidy($response) { - $response = str_replace(' ', ' ', $response); - $config = array('output-xhtml' => true); - $tidy = new tidy; - $tidy->parseString($response, $config, 'utf8'); - $tidy->cleanRepair(); - return (string)$tidy; - } -} - diff --git a/lib/common.php b/lib/common.php index 6aac46807..4958866d0 100644 --- a/lib/common.php +++ b/lib/common.php @@ -229,7 +229,6 @@ require_once INSTALLDIR.'/lib/util.php'; require_once INSTALLDIR.'/lib/action.php'; require_once INSTALLDIR.'/lib/mail.php'; require_once INSTALLDIR.'/lib/subs.php'; -require_once INSTALLDIR.'/lib/Shorturl_api.php'; require_once INSTALLDIR.'/lib/clientexception.php'; require_once INSTALLDIR.'/lib/serverexception.php'; diff --git a/lib/util.php b/lib/util.php index 7aca4af8d..68f3520db 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1423,25 +1423,18 @@ function common_shorten_url($long_url) if (empty($user)) { // common current user does not find a user when called from the XMPP daemon // therefore we'll set one here fix, so that XMPP given URLs may be shortened - $svc = 'ur1.ca'; + $shortenerName = 'ur1.ca'; } else { - $svc = $user->urlshorteningservice; + $shortenerName = $user->urlshorteningservice; } - global $_shorteners; - if (!isset($_shorteners[$svc])) { - //the user selected service doesn't exist, so default to ur1.ca - $svc = 'ur1.ca'; - } - if (!isset($_shorteners[$svc])) { - // no shortener plugins installed. - return $long_url; - } - - $reflectionObj = new ReflectionClass($_shorteners[$svc]['callInfo'][0]); - $short_url_service = $reflectionObj->newInstanceArgs($_shorteners[$svc]['callInfo'][1]); - $short_url = $short_url_service->shorten($long_url); - return $short_url; + if(Event::handle('StartShortenUrl', array($long_url,$shortenerName,&$shortenedUrl))){ + //URL wasn't shortened, so return the long url + return $long_url; + }else{ + //URL was shortened, so return the result + return $shortenedUrl; + } } function common_client_ip() diff --git a/plugins/BitlyUrl/BitlyUrlPlugin.php b/plugins/BitlyUrl/BitlyUrlPlugin.php index 478ef99d2..65d0f70e6 100644 --- a/plugins/BitlyUrl/BitlyUrlPlugin.php +++ b/plugins/BitlyUrl/BitlyUrlPlugin.php @@ -31,31 +31,24 @@ if (!defined('STATUSNET')) { exit(1); } -class BitlyUrlPlugin extends Plugin +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; + +class BitlyUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - 'bit.ly', - array(), - array('BitlyUrl',array('http://bit.ly/api?method=shorten&long_url=')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class BitlyUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { + protected function shorten($url) { $response = $this->http_get($url); - if(!$response){ - return $url; - }else{ - return current(json_decode($response)->results)->hashUrl; - } + if(!$response) return; + return current(json_decode($response)->results)->hashUrl; } } + diff --git a/plugins/LilUrl/LilUrlPlugin.php b/plugins/LilUrl/LilUrlPlugin.php index 852253b02..e906751e8 100644 --- a/plugins/LilUrl/LilUrlPlugin.php +++ b/plugins/LilUrl/LilUrlPlugin.php @@ -31,37 +31,31 @@ if (!defined('STATUSNET')) { exit(1); } -require_once(INSTALLDIR.'/lib/Shorturl_api.php'); +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; -class LilUrlPlugin extends Plugin +class LilUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - 'ur1.ca', - array('freeService'=>true), - array('LilUrl',array('http://ur1.ca/')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class LilUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { - $data['longurl'] = $url; - $response = $this->http_post($data); - if (!$response) return $url; - $y = @simplexml_load_string($response); - if (!isset($y->body)) return $url; + protected function shorten($url) { + $data = array('longurl' => $url); + + $responseBody = $this->http_post($this->serviceUrl,$data); + + if (!$responseBody) return; + $y = @simplexml_load_string($responseBody); + if (!isset($y->body)) return; $x = $y->body->p[0]->a->attributes(); if (isset($x['href'])) { - common_log(LOG_INFO, __CLASS__ . ": shortened $url to $x[href]"); return $x['href']; } - return $url; } } + diff --git a/plugins/PtitUrl/PtitUrlPlugin.php b/plugins/PtitUrl/PtitUrlPlugin.php index f00d3e2f2..ef453e96d 100644 --- a/plugins/PtitUrl/PtitUrlPlugin.php +++ b/plugins/PtitUrl/PtitUrlPlugin.php @@ -30,33 +30,28 @@ if (!defined('STATUSNET')) { exit(1); } +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; -class PtitUrlPlugin extends Plugin +class PtitUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - 'ptiturl.com', - array(), - array('PtitUrl',array('http://ptiturl.com/?creer=oui&action=Reduire&url=')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class PtitUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { - $response = $this->http_get($url); - if (!$response) return $url; + protected function shorten($url) + { + $response = $this->http_get(sprintf($this->serviceUrl,urlencode($url))); + if (!$response) return; $response = $this->tidy($response); $y = @simplexml_load_string($response); - if (!isset($y->body)) return $url; + if (!isset($y->body)) return; $xml = $y->body->center->table->tr->td->pre->a->attributes(); if (isset($xml['href'])) return $xml['href']; - return $url; } } + diff --git a/plugins/SimpleUrl/SimpleUrlPlugin.php b/plugins/SimpleUrl/SimpleUrlPlugin.php index d59d63e47..45b745b07 100644 --- a/plugins/SimpleUrl/SimpleUrlPlugin.php +++ b/plugins/SimpleUrl/SimpleUrlPlugin.php @@ -31,40 +31,21 @@ if (!defined('STATUSNET')) { exit(1); } -class SimpleUrlPlugin extends Plugin +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; + +class SimpleUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - 'is.gd', - array(), - array('SimpleUrl',array('http://is.gd/api.php?longurl=')) - ); - $this->registerUrlShortener( - 'snipr.com', - array(), - array('SimpleUrl',array('http://snipr.com/site/snip?r=simple&link=')) - ); - $this->registerUrlShortener( - 'metamark.net', - array(), - array('SimpleUrl',array('http://metamark.net/api/rest/simple?long_url=')) - ); - $this->registerUrlShortener( - 'tinyurl.com', - array(), - array('SimpleUrl',array('http://tinyurl.com/api-create.php?url=')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class SimpleUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { - return $this->http_get($url); + protected function shorten($url) { + return $this->http_get(sprintf($this->serviceUrl,urlencode($url))); } } + diff --git a/plugins/TightUrl/TightUrlPlugin.php b/plugins/TightUrl/TightUrlPlugin.php index 48efb355f..56414c8c8 100644 --- a/plugins/TightUrl/TightUrlPlugin.php +++ b/plugins/TightUrl/TightUrlPlugin.php @@ -31,32 +31,27 @@ if (!defined('STATUSNET')) { exit(1); } -class TightUrlPlugin extends Plugin +require_once INSTALLDIR.'/plugins/UrlShortener/UrlShortenerPlugin.php'; + +class TightUrlPlugin extends UrlShortenerPlugin { - function __construct() - { - parent::__construct(); - } + public $serviceUrl; function onInitializePlugin(){ - $this->registerUrlShortener( - '2tu.us', - array('freeService'=>true), - array('TightUrl',array('http://2tu.us/?save=y&url=')) - ); + parent::onInitializePlugin(); + if(!isset($this->serviceUrl)){ + throw new Exception("must specify a serviceUrl"); + } } -} -class TightUrl extends ShortUrlApi -{ - protected function shorten_imp($url) { - $response = $this->http_get($url); - if (!$response) return $url; + protected function shorten($url) + { + $response = $this->http_get(sprintf($this->serviceUrl,urlencode($url))); + if (!$response) return; $response = $this->tidy($response); $y = @simplexml_load_string($response); - if (!isset($y->body)) return $url; + if (!isset($y->body)) return; $xml = $y->body->p[0]->code[0]->a->attributes(); if (isset($xml['href'])) return $xml['href']; - return $url; } } diff --git a/plugins/UrlShortener/UrlShortenerPlugin.php b/plugins/UrlShortener/UrlShortenerPlugin.php new file mode 100644 index 000000000..37206aa89 --- /dev/null +++ b/plugins/UrlShortener/UrlShortenerPlugin.php @@ -0,0 +1,103 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +/** + * Superclass for plugins that do URL shortening + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +abstract class UrlShortenerPlugin extends Plugin +{ + public $shortenerName; + public $freeService=false; + //------------Url Shortener plugin should implement some (or all) of these methods------------\\ + + /** + * Short a URL + * @param url + * @return string shortened version of the url, or null if URL shortening failed + */ + protected abstract function shorten($url); + + //------------These methods may help you implement your plugin------------\\ + protected function http_get($url) + { + $request = HTTPClient::start(); + $response = $request->get($url); + return $response->getBody(); + } + + protected function http_post($url,$data) + { + $request = HTTPClient::start(); + $response = $request->post($url, null, $data); + return $response->getBody(); + } + + protected function tidy($response) { + $response = str_replace(' ', ' ', $response); + $config = array('output-xhtml' => true); + $tidy = new tidy; + $tidy->parseString($response, $config, 'utf8'); + $tidy->cleanRepair(); + return (string)$tidy; + } + //------------Below are the methods that connect StatusNet to the implementing Url Shortener plugin------------\\ + + function onInitializePlugin(){ + if(!isset($this->shortenerName)){ + throw new Exception("must specify a shortenerName"); + } + } + + function onGetUrlShorteners(&$shorteners) + { + $shorteners[$this->shortenerName]=array('freeService'=>$this->freeService); + } + + function onStartShortenUrl($url,$shortenerName,&$shortenedUrl) + { + if($shortenerName == $this->shortenerName && strlen($url) >= common_config('site', 'shorturllength')){ + $result = $this->shorten($url); + if(isset($result) && $result != null && $result !== false){ + $shortenedUrl=$result; + common_log(LOG_INFO, __CLASS__ . ": $this->shortenerName shortened $url to $shortenedUrl"); + return false; + } + } + } +} -- cgit v1.2.3-54-g00ecf From 23290f746f7ef9567e95ecbb06baf17f246a3fe7 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Wed, 11 Nov 2009 17:05:24 -0500 Subject: Do not show the URL shortener selection drop down if no shorteners are available --- actions/othersettings.php | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) (limited to 'actions') diff --git a/actions/othersettings.php b/actions/othersettings.php index d52a634ac..1d252f34e 100644 --- a/actions/othersettings.php +++ b/actions/othersettings.php @@ -96,6 +96,7 @@ class OthersettingsAction extends AccountSettingsAction common_local_url('othersettings'))); $this->elementStart('fieldset'); $this->hidden('token', common_session_token()); + $this->elementStart('ul', 'form_data'); Event::handle('GetUrlShorteners', array(&$shorteners)); foreach($shorteners as $name=>$value) @@ -105,14 +106,16 @@ class OthersettingsAction extends AccountSettingsAction $services[$name].=_(' (free service)'); } } - asort($services); + if($services) + { + asort($services); - $this->elementStart('ul', 'form_data'); - $this->elementStart('li'); - $this->dropdown('urlshorteningservice', _('Shorten URLs with'), - $services, _('Automatic shortening service to use.'), - false, $user->urlshorteningservice); - $this->elementEnd('li'); + $this->elementStart('li'); + $this->dropdown('urlshorteningservice', _('Shorten URLs with'), + $services, _('Automatic shortening service to use.'), + false, $user->urlshorteningservice); + $this->elementEnd('li'); + } $this->elementStart('li'); $this->checkbox('viewdesigns', _('View profile designs'), $user->viewdesigns, _('Show or hide profile designs.')); -- cgit v1.2.3-54-g00ecf From 8a6590a7e800e33787ffc55dbd0b2b36ff140504 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Wed, 11 Nov 2009 17:09:00 -0500 Subject: initialize these variables before use to prevent warnings --- actions/othersettings.php | 2 ++ 1 file changed, 2 insertions(+) (limited to 'actions') diff --git a/actions/othersettings.php b/actions/othersettings.php index 1d252f34e..0de7cd908 100644 --- a/actions/othersettings.php +++ b/actions/othersettings.php @@ -98,7 +98,9 @@ class OthersettingsAction extends AccountSettingsAction $this->hidden('token', common_session_token()); $this->elementStart('ul', 'form_data'); + $shorteners = array(); Event::handle('GetUrlShorteners', array(&$shorteners)); + $services = array(); foreach($shorteners as $name=>$value) { $services[$name]=$name; -- cgit v1.2.3-54-g00ecf From 6e601c11718d075cf17c463e997023058f18aa99 Mon Sep 17 00:00:00 2001 From: Ciaran Gultnieks Date: Thu, 12 Nov 2009 14:21:47 +0000 Subject: Wrong XRDS service type for OMB was being supplied. Wrong since commit 54696f7c I think --- actions/xrds.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/xrds.php b/actions/xrds.php index 8f09557d1..5db3489ad 100644 --- a/actions/xrds.php +++ b/actions/xrds.php @@ -117,7 +117,7 @@ class XrdsAction extends Action //omb $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'oauth', + 'xml:id' => 'omb', 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', 'version' => '2.0')); $xrdsOutputter->element('Type', null, 'xri://$xrds*simple'); -- cgit v1.2.3-54-g00ecf From 707efadbd4b44435741ad9b2b972a77f4069e689 Mon Sep 17 00:00:00 2001 From: Ciaran Gultnieks Date: Thu, 12 Nov 2009 14:46:16 +0000 Subject: Some more XRDS fixes. With this and the previous commit, remote subs seem to work. Otherwise they don't. --- actions/xrds.php | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) (limited to 'actions') diff --git a/actions/xrds.php b/actions/xrds.php index 5db3489ad..76ccc9c6e 100644 --- a/actions/xrds.php +++ b/actions/xrds.php @@ -97,22 +97,18 @@ class XrdsAction extends Action $xrdsOutputter->element('Type', null, 'xri://$xrds*simple'); $xrdsOutputter->showXrdsService(OAUTH_ENDPOINT_REQUEST, common_local_url('requesttoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1)); - $xrdsOutputter->showXrdsService( OAUTH_ENDPOINT_AUTHORIZE, - common_local_url('userauthorization'), array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1), null, - $this->user->getIdentifierURI()); + $this->user->uri); + $xrdsOutputter->showXrdsService( OAUTH_ENDPOINT_AUTHORIZE, + common_local_url('userauthorization'), + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1)); $xrdsOutputter->showXrdsService(OAUTH_ENDPOINT_ACCESS, common_local_url('accesstoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1), - null, - $this->user->getIdentifierURI()); + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1)); $xrdsOutputter->showXrdsService(OAUTH_ENDPOINT_RESOURCE, null, - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1), - null, - $this->user->getIdentifierURI()); + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY, OAUTH_HMAC_SHA1)); $xrdsOutputter->elementEnd('XRD'); //omb -- cgit v1.2.3-54-g00ecf From d8296df5d73fc189d393cddd9e2277f7c8a4cbf6 Mon Sep 17 00:00:00 2001 From: Ciaran Gultnieks Date: Thu, 12 Nov 2009 20:57:09 +0000 Subject: A further change to the XRDS is required if 0.9.x is to be able to remote sub to a 0.8.x account, with the OpenID plugin enabled. --- actions/xrds.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'actions') diff --git a/actions/xrds.php b/actions/xrds.php index 76ccc9c6e..534182e3e 100644 --- a/actions/xrds.php +++ b/actions/xrds.php @@ -123,10 +123,10 @@ class XrdsAction extends Action common_local_url('updateprofile')); $xrdsOutputter->elementEnd('XRD'); + Event::handle('EndUserXRDS', array($this,&$xrdsOutputter)); + //misc $xrdsOutputter->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'oauth', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', 'version' => '2.0')); $xrdsOutputter->showXrdsService(OAUTH_DISCOVERY, '#oauth'); @@ -134,8 +134,6 @@ class XrdsAction extends Action '#omb'); $xrdsOutputter->elementEnd('XRD'); - Event::handle('EndUserXRDS', array($this,&$xrdsOutputter)); - $xrdsOutputter->endXRDS(); } -- cgit v1.2.3-54-g00ecf From ed690615de8f6433a1a4d9a8fc7c28385af47d8a Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Thu, 12 Nov 2009 20:12:00 -0500 Subject: Added a User_username table that links the external username with a StatusNet user_id Added EmailAuthenticationPlugin Added ReverseUsernameAuthenticationPlugin Changed the StartChangePassword and EndChangePassword events to take a user, instead of a nickname User::allowed_nickname was declared non-static, but used as if it was static, so I made the declaration static --- EVENTS.txt | 4 +- actions/passwordsettings.php | 4 +- classes/User.php | 16 +- classes/statusnet.ini | 10 ++ index.php | 1 - lib/util.php | 1 + plugins/Authentication/AuthenticationPlugin.php | 177 ++++++++++++++------- plugins/Authentication/User_username.php | 25 +++ .../EmailAuthenticationPlugin.php | 54 +++++++ plugins/EmailAuthentication/README | 7 + .../LdapAuthenticationPlugin.php | 56 +++---- plugins/LdapAuthentication/README | 5 +- plugins/ReverseUsernameAuthentication/README | 26 +++ .../ReverseUsernameAuthenticationPlugin.php | 58 +++++++ 14 files changed, 349 insertions(+), 95 deletions(-) create mode 100644 plugins/Authentication/User_username.php create mode 100644 plugins/EmailAuthentication/EmailAuthenticationPlugin.php create mode 100644 plugins/EmailAuthentication/README create mode 100644 plugins/ReverseUsernameAuthentication/README create mode 100644 plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php (limited to 'actions') diff --git a/EVENTS.txt b/EVENTS.txt index 3acff277b..c788a9215 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -528,12 +528,12 @@ EndCheckPassword: After checking a username/password pair - $authenticatedUser: User object if credentials match a user, else null. StartChangePassword: Before changing a password -- $nickname: user's nickname +- $user: user - $oldpassword: the user's old password - $newpassword: the desired new password EndChangePassword: After changing a password -- $nickname: user's nickname +- $user: user UserDeleteRelated: Specify additional tables to delete entries from when deleting users - $user: User object diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php index 9e79501e2..11d7bf785 100644 --- a/actions/passwordsettings.php +++ b/actions/passwordsettings.php @@ -170,7 +170,7 @@ class PasswordsettingsAction extends AccountSettingsAction } $success = false; - if(! Event::handle('StartChangePassword', array($user->nickname, $oldpassword, $newpassword))){ + if(! Event::handle('StartChangePassword', array($user, $oldpassword, $newpassword))){ //no handler changed the password, so change the password internally $original = clone($user); @@ -186,7 +186,7 @@ class PasswordsettingsAction extends AccountSettingsAction $this->serverError(_('Can\'t save new password.')); return; } - Event::handle('EndChangePassword', array($nickname)); + Event::handle('EndChangePassword', array($user)); } $this->showForm(_('Password saved.'), true); diff --git a/classes/User.php b/classes/User.php index 9b90ce61b..9f1ee53f4 100644 --- a/classes/User.php +++ b/classes/User.php @@ -114,7 +114,7 @@ class User extends Memcached_DataObject return $result; } - function allowed_nickname($nickname) + static function allowed_nickname($nickname) { // XXX: should already be validated for size, content, etc. $blacklist = common_config('nickname', 'blacklist'); @@ -190,7 +190,17 @@ class User extends Memcached_DataObject $profile->query('BEGIN'); + if(!empty($email)) + { + $email = common_canonical_email($email); + } + + $nickname = common_canonical_nickname($nickname); $profile->nickname = $nickname; + if(! User::allowed_nickname($nickname)){ + common_log(LOG_WARNING, sprintf("Attempted to register a nickname that is not allowed: %s", $profile->nickname), + __FILE__); + } $profile->profileurl = common_profile_url($nickname); if (!empty($fullname)) { @@ -242,6 +252,10 @@ class User extends Memcached_DataObject } } + if(isset($email_confirmed) && $email_confirmed) { + $user->email = $email; + } + // This flag is ignored but still set to 1 $user->inboxed = 1; diff --git a/classes/statusnet.ini b/classes/statusnet.ini index 912d05cdf..19ab7bf97 100644 --- a/classes/statusnet.ini +++ b/classes/statusnet.ini @@ -566,3 +566,13 @@ modified = 384 user_id = K token = K +[user_username] +user_id = 129 +provider_name = 130 +username = 130 +created = 142 +modified = 384 + +[user_username__keys] +provider_name = K +username = K diff --git a/index.php b/index.php index b1e4f651e..577b491ed 100644 --- a/index.php +++ b/index.php @@ -68,7 +68,6 @@ function getPath($req) */ function handleError($error) { -//error_log(print_r($error,1)); if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) { return; } diff --git a/lib/util.php b/lib/util.php index 68f3520db..4b2a25ead 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1058,6 +1058,7 @@ function common_log($priority, $msg, $filename=null) } } else { common_ensure_syslog(); + error_log($msg); syslog($priority, $msg); } } diff --git a/plugins/Authentication/AuthenticationPlugin.php b/plugins/Authentication/AuthenticationPlugin.php index e3e55fea6..99b61b808 100644 --- a/plugins/Authentication/AuthenticationPlugin.php +++ b/plugins/Authentication/AuthenticationPlugin.php @@ -48,20 +48,20 @@ abstract class AuthenticationPlugin extends Plugin //should accounts be automatically created after a successful login attempt? public $autoregistration = false; - //can the user change their email address - public $email_changeable=true; - //can the user change their email address public $password_changeable=true; + //unique name for this authentication provider + public $provider_name; + //------------Auth plugin should implement some (or all) of these methods------------\\ /** * Check if a nickname/password combination is valid - * @param nickname + * @param username * @param password * @return boolean true if the credentials are valid, false if they are invalid. */ - function checkPassword($nickname, $password) + function checkPassword($username, $password) { return false; } @@ -69,88 +69,116 @@ abstract class AuthenticationPlugin extends Plugin /** * Automatically register a user when they attempt to login with valid credentials. * User::register($data) is a very useful method for this implementation - * @param nickname - * @return boolean true if the user was created, false if autoregistration is not allowed, null if this plugin is not responsible for this nickname + * @param username + * @return boolean true if the user was created, false if not */ - function autoRegister($nickname) + function autoRegister($username) { - return null; + $registration_data = array(); + $registration_data['nickname'] = $username ; + return User::register($registration_data); } /** * Change a user's password * The old password has been verified to be valid by this plugin before this call is made - * @param nickname + * @param username * @param oldpassword * @param newpassword - * @return boolean true if the password was changed, false if password changing failed for some reason, null if this plugin is not responsible for this nickname + * @return boolean true if the password was changed, false if password changing failed for some reason */ - function changePassword($nickname,$oldpassword,$newpassword) + function changePassword($username,$oldpassword,$newpassword) { - return null; - } - - /** - * Can a user change this field in his own profile? - * @param nickname - * @param field - * @return boolean true if the field can be changed, false if not allowed to change it, null if this plugin is not responsible for this nickname - */ - function canUserChangeField($nickname, $field) - { - return null; + return false; } //------------Below are the methods that connect StatusNet to the implementing Auth plugin------------\\ - function __construct() - { - parent::__construct(); + function onInitializePlugin(){ + if(!isset($this->provider_name)){ + throw new Exception("must specify a provider_name for this authentication provider"); + } } - + function onStartCheckPassword($nickname, $password, &$authenticatedUser){ - if($this->password_changeable){ - $authenticated = $this->checkPassword($nickname, $password); + //map the nickname to a username + $user_username = new User_username(); + $user_username->username=$nickname; + $user_username->provider_name=$this->provider_name; + if($user_username->find() && $user_username->fetch()){ + $username = $user_username->username; + $authenticated = $this->checkPassword($username, $password); if($authenticated){ - $authenticatedUser = User::staticGet('nickname', $nickname); - if(!$authenticatedUser && $this->autoregistration){ - if($this->autoregister($nickname)){ + $authenticatedUser = User::staticGet('id', $user_username->user_id); + return false; + } + }else{ + $user = User::staticGet('nickname', $nickname); + if($user){ + //make sure a different provider isn't handling this nickname + $user_username = new User_username(); + $user_username->username=$nickname; + if(!$user_username->find()){ + //no other provider claims this username, so it's safe for us to handle it + $authenticated = $this->checkPassword($nickname, $password); + if($authenticated){ $authenticatedUser = User::staticGet('nickname', $nickname); + $user_username = new User_username(); + $user_username->user_id = $authenticatedUser->id; + $user_username->provider_name = $this->provider_name; + $user_username->username = $nickname; + $user_username->created = DB_DataObject_Cast::dateTime(); + $user_username->insert(); + return false; } } - return false; }else{ - if($this->authoritative){ - return false; + if($this->autoregistration){ + $authenticated = $this->checkPassword($nickname, $password); + if($authenticated && $this->autoregister($nickname)){ + $authenticatedUser = User::staticGet('nickname', $nickname); + $user_username = new User_username(); + $user_username->user_id = $authenticatedUser->id; + $user_username->provider_name = $this->provider_name; + $user_username->username = $nickname; + $user_username->created = DB_DataObject_Cast::dateTime(); + $user_username->insert(); + return false; + } } } - //we're not authoritative, so let other handlers try + } + if($this->authoritative){ + return false; }else{ - if($this->authoritative){ - //since we're authoritative, no other plugin could do this - throw new Exception(_('Password changing is not allowed')); - } + //we're not authoritative, so let other handlers try + return; } } - function onStartChangePassword($nickname,$oldpassword,$newpassword) + function onStartChangePassword($user,$oldpassword,$newpassword) { if($this->password_changeable){ - $authenticated = $this->checkPassword($nickname, $oldpassword); - if($authenticated){ - $result = $this->changePassword($nickname,$oldpassword,$newpassword); - if($result){ - //stop handling of other handlers, because what was requested was done - return false; - }else{ - throw new Exception(_('Password changing failed')); - } - }else{ - if($this->authoritative){ - //since we're authoritative, no other plugin could do this - throw new Exception(_('Password changing failed')); + $user_username = new User_username(); + $user_username->user_id=$user->id; + $user_username->provider_name=$this->provider_name; + if($user_username->find() && $user_username->fetch()){ + $authenticated = $this->checkPassword($user_username->username, $oldpassword); + if($authenticated){ + $result = $this->changePassword($user_username->username,$oldpassword,$newpassword); + if($result){ + //stop handling of other handlers, because what was requested was done + return false; + }else{ + throw new Exception(_('Password changing failed')); + } }else{ - //let another handler try - return null; + if($this->authoritative){ + //since we're authoritative, no other plugin could do this + throw new Exception(_('Password changing failed')); + }else{ + //let another handler try + return null; + } } } }else{ @@ -164,9 +192,42 @@ abstract class AuthenticationPlugin extends Plugin function onStartAccountSettingsPasswordMenuItem($widget) { if($this->authoritative && !$this->password_changeable){ - //since we're authoritative, no other plugin could change passwords, so do render the menu item + //since we're authoritative, no other plugin could change passwords, so do not render the menu item + return false; + } + } + + function onAutoload($cls) + { + switch ($cls) + { + case 'User_username': + require_once(INSTALLDIR.'/plugins/Authentication/User_username.php'); return false; + default: + return true; } } + + function onCheckSchema() { + $schema = Schema::get(); + $schema->ensureTable('user_username', + array(new ColumnDef('provider_name', 'varchar', + '255', false, 'PRI'), + new ColumnDef('username', 'varchar', + '255', false, 'PRI'), + new ColumnDef('user_id', 'integer', + null, false), + new ColumnDef('created', 'datetime', + null, false), + new ColumnDef('modified', 'timestamp'))); + return true; + } + + function onUserDeleteRelated($user, &$tables) + { + $tables[] = 'User_username'; + return true; + } } diff --git a/plugins/Authentication/User_username.php b/plugins/Authentication/User_username.php new file mode 100644 index 000000000..79adeb189 --- /dev/null +++ b/plugins/Authentication/User_username.php @@ -0,0 +1,25 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +class EmailAuthenticationPlugin extends Plugin +{ + //---interface implementation---// + + function onStartCheckPassword($nickname, $password, &$authenticatedUser) + { + if(strpos($nickname, '@')) + { + $user = User::staticGet('email',$nickname); + if($user && isset($user->email)) + { + if(common_check_user($user->nickname,$password)) + { + $authenticatedUser = $user; + return false; + } + } + } + } +} + diff --git a/plugins/EmailAuthentication/README b/plugins/EmailAuthentication/README new file mode 100644 index 000000000..320815689 --- /dev/null +++ b/plugins/EmailAuthentication/README @@ -0,0 +1,7 @@ +The Email Authentication plugin allows users to login using their email address. + +The provided email address is used to lookup the user's nickname, then that nickname and the provided password is checked. + +Installation +============ +add "addPlugin('emailAuthentication');" to the bottom of your config.php diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index ded5cf299..865154730 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -48,20 +48,31 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin public $scope=null; public $attributes=array(); - function __construct() - { - parent::__construct(); + function onInitializePlugin(){ + parent::onInitializePlugin(); + if(!isset($this->host)){ + throw new Exception("must specify a host"); + } + if(!isset($this->basedn)){ + throw new Exception("must specify a basedn"); + } + if(!isset($this->attributes['nickname'])){ + throw new Exception("must specify a nickname attribute"); + } + if(!isset($this->attributes['username'])){ + throw new Exception("must specify a username attribute"); + } } //---interface implementation---// - function checkPassword($nickname, $password) + function checkPassword($username, $password) { $ldap = $this->ldap_get_connection(); if(!$ldap){ return false; } - $entry = $this->ldap_get_user($nickname); + $entry = $this->ldap_get_user($username); if(!$entry){ return false; }else{ @@ -76,48 +87,33 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin } } - function autoRegister($nickname) + function autoRegister($username) { - $entry = $this->ldap_get_user($nickname,$this->attributes); + $entry = $this->ldap_get_user($username,$this->attributes); if($entry){ $registration_data = array(); foreach($this->attributes as $sn_attribute=>$ldap_attribute){ - if($sn_attribute=='email'){ - $registration_data[$sn_attribute]=common_canonical_email($entry->getValue($ldap_attribute,'single')); - }else if($sn_attribute=='nickname'){ - $registration_data[$sn_attribute]=common_canonical_nickname($entry->getValue($ldap_attribute,'single')); - }else{ - $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single'); - } + $registration_data[$sn_attribute]=$entry->getValue($ldap_attribute,'single'); + } + if(isset($registration_data['email']) && !empty($registration_data['email'])){ + $registration_data['email_confirmed']=true; } //set the database saved password to a random string. $registration_data['password']=common_good_rand(16); - $user = User::register($registration_data); - return true; + return User::register($registration_data); }else{ //user isn't in ldap, so we cannot register him - return null; + return false; } } - function changePassword($nickname,$oldpassword,$newpassword) + function changePassword($username,$oldpassword,$newpassword) { //TODO implement this throw new Exception(_('Sorry, changing LDAP passwords is not supported at this time')); return false; } - - function canUserChangeField($nickname, $field) - { - switch($field) - { - case 'password': - case 'nickname': - case 'email': - return false; - } - } //---utility functions---// function ldap_get_config(){ @@ -159,7 +155,7 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin */ function ldap_get_user($username,$attributes=array()){ $ldap = $this->ldap_get_connection(); - $filter = Net_LDAP2_Filter::create($this->attributes['nickname'], 'equals', $username); + $filter = Net_LDAP2_Filter::create($this->attributes['username'], 'equals', $username); $options = array( 'scope' => 'sub', 'attributes' => $attributes diff --git a/plugins/LdapAuthentication/README b/plugins/LdapAuthentication/README index 03647e7c7..b10a1eb93 100644 --- a/plugins/LdapAuthentication/README +++ b/plugins/LdapAuthentication/README @@ -6,7 +6,8 @@ add "addPlugin('ldapAuthentication', array('setting'=>'value', 'setting2'=>'valu Settings ======== -authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check the any other plugins or the internal password database). +provider_name*: a unique name for this authentication provider. +authoritative (false): Set to true if LDAP's responses are authoritative (meaning if LDAP fails, do check any other plugins or the internal password database). autoregistration (false): Set to true if users should be automatically created when they attempt to login. email_changeable (true): Are users allowed to change their email address? (true or false) password_changeable (true): Are users allowed to change their passwords? (true or false) @@ -23,6 +24,7 @@ filter: Default search filter. See http://pear.php.net/manual/en/package.network scope: Default search scope. See http://pear.php.net/manual/en/package.networking.net-ldap2.connecting.php attributes: an array with the key being the StatusNet user attribute name, and the value the LDAP attribute name + username* nickname* email fullname @@ -37,6 +39,7 @@ Example Here's an example of an LDAP plugin configuration that connects to Microsoft Active Directory. addPlugin('ldapAuthentication', array( + 'provider_name'=>'Example', 'authoritative'=>true, 'autoregistration'=>true, 'binddn'=>'username', diff --git a/plugins/ReverseUsernameAuthentication/README b/plugins/ReverseUsernameAuthentication/README new file mode 100644 index 000000000..e9160ed9b --- /dev/null +++ b/plugins/ReverseUsernameAuthentication/README @@ -0,0 +1,26 @@ +The Reverse Username Authentication plugin allows for StatusNet to handle authentication by checking if the provided password is the same as the reverse of the username. + +THIS PLUGIN IS FOR TESTING PURPOSES ONLY + +Installation +============ +add "addPlugin('reverseUsernameAuthentication', array('setting'=>'value', 'setting2'=>'value2', ...);" to the bottom of your config.php + +Settings +======== +provider_name*: a unique name for this authentication provider. +password_changeable*: must be set to false. This plugin does not support changing passwords. +authoritative (false): Set to true if this plugin's responses are authoritative (meaning if this fails, do check any other plugins or the internal password database). +autoregistration (false): Set to true if users should be automatically created when they attempt to login. + +* required +default values are in (parenthesis) + +Example +======= +addPlugin('reverseUsernameAuthentication', array( + 'provider_name'=>'Example', + 'password_changeable'=>false, + 'authoritative'=>true, + 'autoregistration'=>true +)); diff --git a/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php new file mode 100644 index 000000000..d48283b2e --- /dev/null +++ b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php @@ -0,0 +1,58 @@ +. + * + * @category Plugin + * @package StatusNet + * @author Craig Andrews + * @copyright 2009 Craig Andrews http://candrews.integralblue.com + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/plugins/Authentication/AuthenticationPlugin.php'; + +class ReverseUsernameAuthenticationPlugin extends AuthenticationPlugin +{ + //---interface implementation---// + + function onInitializePlugin(){ + parent::onInitializePlugin(); + if(!isset($this->password_changeable) && $this->password_changeable){ + throw new Exception("password_changeable cannot be set to true. This plugin does not support changing passwords."); + } + } + + function checkPassword($username, $password) + { + return $username == strrev($password); + } + + function autoRegister($username) + { + $registration_data = array(); + $registration_data['nickname'] = $username ; + return User::register($registration_data); + } +} -- cgit v1.2.3-54-g00ecf From 9f8eedd5a3549fe5a4e6baa864d7f4e007d6076f Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 15 Nov 2009 14:37:35 +0100 Subject: add panels.txt to remember what to add where --- actions/useradminpanel.php | 228 +++++++++++++++++++++++++++++++++++++++++++++ panels.txt | 175 ++++++++++++++++++++++++++++++++++ 2 files changed, 403 insertions(+) create mode 100644 actions/useradminpanel.php create mode 100644 panels.txt (limited to 'actions') diff --git a/actions/useradminpanel.php b/actions/useradminpanel.php new file mode 100644 index 000000000..de475a27b --- /dev/null +++ b/actions/useradminpanel.php @@ -0,0 +1,228 @@ +. + * + * @category Settings + * @package StatusNet + * @author Evan Prodromou + * @author Zach Copley + * @author Sarven Capadisli + * @copyright 2008-2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Administer user settings + * + * @category Admin + * @package StatusNet + * @author Evan Prodromou + * @author Zach Copley + * @author Sarven Capadisli + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class UseradminpanelAction extends AdminPanelAction +{ + /** + * Returns the page title + * + * @return string page title + */ + + function title() + { + return _('User'); + } + + /** + * Instructions for using this form. + * + * @return string instructions + */ + + function getInstructions() + { + return _('User settings for this StatusNet site.'); + } + + /** + * Show the site admin panel form + * + * @return void + */ + + function showForm() + { + $form = new UserAdminPanelForm($this); + $form->show(); + return; + } + + /** + * Save settings from the form + * + * @return void + */ + + function saveSettings() + { + static $settings = array('theme'); + static $booleans = array('closed', 'inviteonly', 'private'); + + $values = array(); + + foreach ($settings as $setting) { + $values[$setting] = $this->trimmed($setting); + } + + // This throws an exception on validation errors + + $this->validate($values); + + // assert(all values are valid); + + $config = new Config(); + + $config->query('BEGIN'); + + foreach ($settings as $setting) { + Config::save('site', $setting, $values[$setting]); + } + + $config->query('COMMIT'); + + return; + } + + function validate(&$values) + { + } +} + +class UserAdminPanelForm extends Form +{ + /** + * ID of the form + * + * @return int ID of the form + */ + + function id() + { + return 'useradminpanel'; + } + + /** + * class of the form + * + * @return string class of the form + */ + + function formClass() + { + return 'form_user_admin_panel'; + } + + /** + * Action of the form + * + * @return string URL of the action + */ + + function action() + { + return common_local_url('useradminpanel'); + } + + /** + * Data elements of the form + * + * @return void + */ + + function formData() + { + $this->li(); + + $this->out->checkbox('closed', _('Closed'), + (bool) $this->value('closed'), + _('Is registration on this site prohibited?')); + + $this->unli(); + $this->li(); + + $this->out->checkbox('inviteonly', _('Invite-only'), + (bool) $this->value('inviteonly'), + _('Is registration on this site only open to invited users?')); + + $this->unli(); + } + + /** + * Utility to simplify some of the duplicated code around + * params and settings. + * + * @param string $setting Name of the setting + * @param string $title Title to use for the input + * @param string $instructions Instructions for this field + * + * @return void + */ + + function input($setting, $title, $instructions) + { + $this->out->input($setting, $title, $this->value($setting), $instructions); + } + + /** + * Utility to simplify getting the posted-or-stored setting value + * + * @param string $setting Name of the setting + * + * @return string param value if posted, or current config value + */ + + function value($cat, $setting) + { + $value = $this->out->trimmed($setting); + if (empty($value)) { + $value = common_config($cat, $setting); + } + return $value; + } + + /** + * Action elements + * + * @return void + */ + + function formActions() + { + $this->out->submit('submit', _('Save'), 'submit', null, _('Save site settings')); + } +} diff --git a/panels.txt b/panels.txt new file mode 100644 index 000000000..3787eb190 --- /dev/null +++ b/panels.txt @@ -0,0 +1,175 @@ +servicesadminpanel + +- ping notify +- syslog priority +- syslog appname +- syslog facility +- memcached enabled +- memcached base +- memcached server +- memcached port +- search type +- site logdebug +- site logfile + +twitteradminpanel + +- twitterimport enabled +- integration taguri +- integration source +- twitter consumer_secret +- twitter consumer_key +- twitter enabled + +(none) + +- inboxes enabled +- profile banned +- nickname blacklist + +useradminpanel + +- invite enabled +- profile biolimit +- nickname featured +- newuser welcome +- newuser default +- sessions debug +- sessions handle +- site closed +- site inviteonly + +emailadminpanel + +- emailpost enabled +- mail params +- mail domain_check +- mail backend + +(not sure) + +- tag dropoff +- popular dropoff +- message contentlimit + +locationadminpanel + +- location namespace + +groupadminpanel + +- group desclimit +- group maxaliases + +noticeadminpanel + +- notice contentlimit +- throttle enabled +- throttle count +- throttle timespan +- public autosource +- public blacklist +- public localonly +- site shorturllength +- site dupelimit + +siteadminpanel + ++ site broughtbyurl ++ site broughtby +- site private +- site fancy ++ site email ++ site name ++ site timezone ++ site language +- site ssl +- site textlimit +- site languages +- site sslserver +- site path +- site server +- site locale_path +- license title +- license url +- license image +- snapshot reporturl +- snapshot run +- snapshot frequency + +designadminpanel + +- site theme +- site logo +- theme path +- theme dir +- theme server +- background server +- background path +- background dir +- avatar server +- avatar path +- avatar dir +- design backgroundimage +- design disposition +- design linkcolor +- design textcolor +- design contentcolor +- design sidebarcolor +- design backgroundcolor + +daemonadminpanel + +- daemon group +- daemon user +- daemon piddir +- queue stomp_password +- queue stomp_username +- queue stomp_server +- queue enabled +- queue subsystem +- queue queue_basename + +attachmentadminpanel + +- oohembed endpoint +- attachments server +- attachments uploads +- attachments path +- attachments filecommand +- attachments dir +- attachments file_quota +- attachments monthly_quota +- attachments user_quota +- attachments supported + +xmppadminpanel + +- xmpp enabled +- xmpp host +- xmpp debug +- xmpp password +- xmpp public +- xmpp encryption +- xmpp server +- xmpp resource +- xmpp user +- xmpp port + +dbadminpanel + +- db mirror +- db class_location +- db database +- db require_prefix +- db quote_identifiers +- db class_prefix +- db schema_location +- db db_driver +- db type +- db schemacheck +- db utf8 + +smsadminpanel + +- sms enabled -- cgit v1.2.3-54-g00ecf From 9a1a83e8ebe5ad39838e6363f1537a1a5232b9cb Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 15 Nov 2009 14:37:47 +0100 Subject: Move some user-related stuff to useradminpanel from siteadminpanel --- actions/siteadminpanel.php | 15 --------------- 1 file changed, 15 deletions(-) (limited to 'actions') diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index e4deea962..1cf70362d 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -92,7 +92,6 @@ class SiteadminpanelAction extends AdminPanelAction { static $settings = array('name', 'broughtby', 'broughtbyurl', 'email', 'timezone', 'language'); - static $booleans = array('closed', 'inviteonly', 'private'); $values = array(); @@ -244,20 +243,6 @@ class SiteAdminPanelForm extends Form $this->unli(); $this->li(); - $this->out->checkbox('closed', _('Closed'), - (bool) $this->value('closed'), - _('Is registration on this site prohibited?')); - - $this->unli(); - $this->li(); - - $this->out->checkbox('inviteonly', _('Invite-only'), - (bool) $this->value('inviteonly'), - _('Is registration on this site only open to invited users?')); - - $this->unli(); - $this->li(); - $this->out->checkbox('private', _('Private'), (bool) $this->value('private'), _('Prohibit anonymous users (not logged in) from viewing site?')); -- cgit v1.2.3-54-g00ecf From ff88ef407a344749c02d9d1d0dc104b4b720d7ae Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 16 Nov 2009 14:40:04 +0100 Subject: make block actions use profileformaction superclass --- actions/block.php | 6 ++-- actions/unblock.php | 72 +++++++++-------------------------------------- lib/profileformaction.php | 2 +- 3 files changed, 17 insertions(+), 63 deletions(-) (limited to 'actions') diff --git a/actions/block.php b/actions/block.php index b125d2d8b..2443b3010 100644 --- a/actions/block.php +++ b/actions/block.php @@ -64,7 +64,7 @@ class BlockAction extends Action $this->clientError(_('There was a problem with your session token. Try again, please.')); return; } - $id = $this->trimmed('blockto'); + $id = $this->trimmed('profileid'); if (!$id) { $this->clientError(_('No profile specified.')); return false; @@ -97,7 +97,7 @@ class BlockAction extends Action 303); } elseif ($this->arg('yes')) { $this->blockProfile(); - } elseif ($this->arg('blockto')) { + } else { $this->showPage(); } } @@ -138,7 +138,7 @@ class BlockAction extends Action 'unable to subscribe to you in the future, and '. 'you will not be notified of any @-replies from them.')); $this->element('input', array('id' => 'blockto-' . $id, - 'name' => 'blockto', + 'name' => 'profileid', 'type' => 'hidden', 'value' => $id)); foreach ($this->args as $k => $v) { diff --git a/actions/unblock.php b/actions/unblock.php index dc28d5d54..c60458cd3 100644 --- a/actions/unblock.php +++ b/actions/unblock.php @@ -42,57 +42,25 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://status.net/ */ -class UnblockAction extends Action -{ - var $profile = null; - /** - * Take arguments for running - * - * @param array $args $_REQUEST args - * - * @return boolean success flag - */ +class UnblockAction extends ProfileFormAction +{ function prepare($args) { - parent::prepare($args); - if (!common_logged_in()) { - $this->clientError(_('Not logged in.')); - return false; - } - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->clientError(_('There was a problem with your session token. Try again, please.')); - return; - } - $id = $this->trimmed('unblockto'); - if (!$id) { - $this->clientError(_('No profile specified.')); + if (!parent::prepare($args)) { return false; } - $this->profile = Profile::staticGet('id', $id); - if (!$this->profile) { - $this->clientError(_('No profile with that ID.')); + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if (!$cur->hasBlocked($this->profile)) { + $this->clientError(_("You haven't blocked that user.")); return false; } - return true; - } - /** - * Handle request - * - * Shows a page with list of favorite notices - * - * @param array $args $_REQUEST args; handled in prepare() - * - * @return void - */ - function handle($args) - { - parent::handle($args); - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->unblockProfile(); - } + return true; } /** @@ -100,7 +68,8 @@ class UnblockAction extends Action * * @return void */ - function unblockProfile() + + function handlePost() { $cur = common_current_user(); $result = $cur->unblock($this->profile); @@ -108,20 +77,5 @@ class UnblockAction extends Action $this->serverError(_('Error removing the block.')); return; } - foreach ($this->args as $k => $v) { - if ($k == 'returnto-action') { - $action = $v; - } else if (substr($k, 0, 9) == 'returnto-') { - $args[substr($k, 9)] = $v; - } - } - if ($action) { - common_redirect(common_local_url($action, $args), 303); - } else { - common_redirect(common_local_url('subscribers', - array('nickname' => $cur->nickname)), - 303); - } } } - diff --git a/lib/profileformaction.php b/lib/profileformaction.php index 92e8611b9..8cb5f6a93 100644 --- a/lib/profileformaction.php +++ b/lib/profileformaction.php @@ -134,6 +134,6 @@ class ProfileFormAction extends Action function handlePost() { - return; + $this->serverError(_("unimplemented method")); } } -- cgit v1.2.3-54-g00ecf From 985986e7e94862a943271b9c3030b35e74bc28e1 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 16 Nov 2009 16:08:06 +0100 Subject: add sandbox and silence actions --- actions/sandbox.php | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++ actions/silence.php | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++ actions/unsandbox.php | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++ actions/unsilence.php | 89 +++++++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 356 insertions(+) create mode 100644 actions/sandbox.php create mode 100644 actions/silence.php create mode 100644 actions/unsandbox.php create mode 100644 actions/unsilence.php (limited to 'actions') diff --git a/actions/sandbox.php b/actions/sandbox.php new file mode 100644 index 000000000..5b034ff07 --- /dev/null +++ b/actions/sandbox.php @@ -0,0 +1,89 @@ +. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Sandbox a user. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://status.net/ + */ + +class SandboxAction extends ProfileFormAction +{ + /** + * Check parameters + * + * @param array $args action arguments (URL, GET, POST) + * + * @return boolean success flag + */ + + function prepare($args) + { + if (!parent::prepare($args)) { + return false; + } + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if (!$cur->hasRight(Right::SANDBOXUSER)) { + $this->clientError(_("You cannot sandbox users on this site.")); + return false; + } + + assert(!empty($this->profile)); // checked by parent + + if ($this->profile->isSandboxed()) { + $this->clientError(_("User is already sandboxed.")); + return false; + } + + return true; + } + + /** + * Sandbox a user. + * + * @return void + */ + + function handlePost() + { + $this->profile->sandbox(); + } +} diff --git a/actions/silence.php b/actions/silence.php new file mode 100644 index 000000000..206e5ba87 --- /dev/null +++ b/actions/silence.php @@ -0,0 +1,89 @@ +. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Silence a user. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://status.net/ + */ + +class SilenceAction extends ProfileFormAction +{ + /** + * Check parameters + * + * @param array $args action arguments (URL, GET, POST) + * + * @return boolean success flag + */ + + function prepare($args) + { + if (!parent::prepare($args)) { + return false; + } + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if (!$cur->hasRight(Right::SILENCEUSER)) { + $this->clientError(_("You cannot silence users on this site.")); + return false; + } + + assert(!empty($this->profile)); // checked by parent + + if ($this->profile->isSilenced()) { + $this->clientError(_("User is already silenced.")); + return false; + } + + return true; + } + + /** + * Silence a user. + * + * @return void + */ + + function handlePost() + { + $this->profile->silence(); + } +} diff --git a/actions/unsandbox.php b/actions/unsandbox.php new file mode 100644 index 000000000..22f4d8e76 --- /dev/null +++ b/actions/unsandbox.php @@ -0,0 +1,89 @@ +. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Unsandbox a user. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://status.net/ + */ + +class UnsandboxAction extends ProfileFormAction +{ + /** + * Check parameters + * + * @param array $args action arguments (URL, GET, POST) + * + * @return boolean success flag + */ + + function prepare($args) + { + if (!parent::prepare($args)) { + return false; + } + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if (!$cur->hasRight(Right::SANDBOXUSER)) { + $this->clientError(_("You cannot sandbox users on this site.")); + return false; + } + + assert(!empty($this->profile)); // checked by parent + + if (!$this->profile->isSandboxed()) { + $this->clientError(_("User is not sandboxed.")); + return false; + } + + return true; + } + + /** + * Unsandbox a user. + * + * @return void + */ + + function handlePost() + { + $this->profile->unsandbox(); + } +} diff --git a/actions/unsilence.php b/actions/unsilence.php new file mode 100644 index 000000000..9ff1b828b --- /dev/null +++ b/actions/unsilence.php @@ -0,0 +1,89 @@ +. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Silence a user. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://status.net/ + */ + +class UnsilenceAction extends ProfileFormAction +{ + /** + * Check parameters + * + * @param array $args action arguments (URL, GET, POST) + * + * @return boolean success flag + */ + + function prepare($args) + { + if (!parent::prepare($args)) { + return false; + } + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if (!$cur->hasRight(Right::SILENCEUSER)) { + $this->clientError(_("You cannot silence users on this site.")); + return false; + } + + assert(!empty($this->profile)); // checked by parent + + if (!$this->profile->isSilenced()) { + $this->clientError(_("User is not silenced.")); + return false; + } + + return true; + } + + /** + * Silence a user. + * + * @return void + */ + + function handlePost() + { + $this->profile->unsilence(); + } +} -- cgit v1.2.3-54-g00ecf From e290f86c99f64385a9fdb9c94424beff0d3e3e82 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 16 Nov 2009 16:14:49 +0100 Subject: make block action use ProfileFormAction superclass --- actions/block.php | 65 +++++++++++++++++-------------------------------------- 1 file changed, 20 insertions(+), 45 deletions(-) (limited to 'actions') diff --git a/actions/block.php b/actions/block.php index 2443b3010..71a34e087 100644 --- a/actions/block.php +++ b/actions/block.php @@ -42,9 +42,11 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 * @link http://status.net/ */ -class BlockAction extends Action + +class BlockAction extends ProfileFormAction { var $profile = null; + /** * Take arguments for running * @@ -52,28 +54,22 @@ class BlockAction extends Action * * @return boolean success flag */ + function prepare($args) { - parent::prepare($args); - if (!common_logged_in()) { - $this->clientError(_('Not logged in.')); - return false; - } - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->clientError(_('There was a problem with your session token. Try again, please.')); - return; - } - $id = $this->trimmed('profileid'); - if (!$id) { - $this->clientError(_('No profile specified.')); + if (!parent::prepare($args)) { return false; } - $this->profile = Profile::staticGet('id', $id); - if (!$this->profile) { - $this->clientError(_('No profile with that ID.')); + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if ($cur->hasBlocked($this->profile)) { + $this->clientError(_("You already blocked that user.")); return false; } + return true; } @@ -86,17 +82,15 @@ class BlockAction extends Action * * @return void */ + function handle($args) { - parent::handle($args); if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($this->arg('no')) { - $cur = common_current_user(); - $other = Profile::staticGet('id', $this->arg('blockto')); - common_redirect(common_local_url('showstream', array('nickname' => $other->nickname)), - 303); + $this->returnToArgs(); } elseif ($this->arg('yes')) { - $this->blockProfile(); + $this->handlePost(); + $this->returnToArgs(); } else { $this->showPage(); } @@ -157,36 +151,17 @@ class BlockAction extends Action * * @return void */ - function blockProfile() + + function handlePost() { $cur = common_current_user(); - if ($cur->hasBlocked($this->profile)) { - $this->clientError(_('You have already blocked this user.')); - return; - } $result = $cur->block($this->profile); + if (!$result) { $this->serverError(_('Failed to save block information.')); return; } - - // Now, gotta figure where we go back to - foreach ($this->args as $k => $v) { - if ($k == 'returnto-action') { - $action = $v; - } elseif (substr($k, 0, 9) == 'returnto-') { - $args[substr($k, 9)] = $v; - } - } - - if ($action) { - common_redirect(common_local_url($action, $args), 303); - } else { - common_redirect(common_local_url('subscribers', - array('nickname' => $cur->nickname)), - 303); - } } } -- cgit v1.2.3-54-g00ecf From a2acb2eec506e642f6f4b122277e13e724524af8 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 16 Nov 2009 17:04:40 +0100 Subject: DeleteUserAction --- actions/deleteuser.php | 164 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 164 insertions(+) create mode 100644 actions/deleteuser.php (limited to 'actions') diff --git a/actions/deleteuser.php b/actions/deleteuser.php new file mode 100644 index 000000000..32b703aa7 --- /dev/null +++ b/actions/deleteuser.php @@ -0,0 +1,164 @@ +. + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +/** + * Delete a user + * + * @category Action + * @package StatusNet + * @author Evan Prodromou + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://status.net/ + */ + +class DeleteuserAction extends ProfileFormAction +{ + var $user = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + */ + + function prepare($args) + { + if (!parent::prepare($args)) { + return false; + } + + $cur = common_current_user(); + + assert(!empty($cur)); // checked by parent + + if (!$cur->hasRight(Right::DELETEUSER)) { + $this->clientError(_("You cannot delete users.")); + return false; + } + + $this->user = User::staticGet('id', $this->profile->id); + + if (empty($this->user)) { + $this->clientError(_("You can only delete local users.")); + return false; + } + + return true; + } + + /** + * Handle request + * + * Shows a page with list of favorite notices + * + * @param array $args $_REQUEST args; handled in prepare() + * + * @return void + */ + + function handle($args) + { + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + if ($this->arg('no')) { + $this->returnToArgs(); + } elseif ($this->arg('yes')) { + $this->handlePost(); + $this->returnToArgs(); + } else { + $this->showPage(); + } + } + } + + function showContent() { + $this->areYouSureForm(); + } + + function title() { + return _('Delete user'); + } + + function showNoticeForm() { + // nop + } + + /** + * Confirm with user. + * + * Shows a confirmation form. + * + * @return void + */ + function areYouSureForm() + { + $id = $this->profile->id; + $this->elementStart('form', array('id' => 'deleteuser-' . $id, + 'method' => 'post', + 'class' => 'form_settings form_entity_block', + 'action' => common_local_url('deleteuser'))); + $this->elementStart('fieldset'); + $this->hidden('token', common_session_token()); + $this->element('legend', _('Delete user')); + $this->element('p', null, + _('Are you sure you want to delete this user? '. + 'This will clear all data about the user from the '. + 'database, without a backup.')); + $this->element('input', array('id' => 'deleteuserto-' . $id, + 'name' => 'profileid', + 'type' => 'hidden', + 'value' => $id)); + foreach ($this->args as $k => $v) { + if (substr($k, 0, 9) == 'returnto-') { + $this->hidden($k, $v); + } + } + $this->submit('form_action-no', _('No'), 'submit form_action-primary', 'no', _("Do not block this user")); + $this->submit('form_action-yes', _('Yes'), 'submit form_action-secondary', 'yes', _('Delete this user')); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + /** + * Actually delete a user. + * + * @return void + */ + + function handlePost() + { + $this->user->delete(); + } +} + -- cgit v1.2.3-54-g00ecf From e14c88f6c52fddeeb26c71f13e93db7a8fabdd3b Mon Sep 17 00:00:00 2001 From: Eric Helgeson Date: Mon, 16 Nov 2009 14:59:32 -0500 Subject: Consistant error for groups that dont exist in API --- actions/apigroupismember.php | 2 +- actions/apigroupjoin.php | 2 +- actions/apigroupleave.php | 2 +- actions/apigroupmembership.php | 5 +++++ actions/apigroupshow.php | 2 +- actions/apitimelinegroup.php | 8 +++++++- 6 files changed, 16 insertions(+), 5 deletions(-) (limited to 'actions') diff --git a/actions/apigroupismember.php b/actions/apigroupismember.php index a822d18dd..08348e97b 100644 --- a/actions/apigroupismember.php +++ b/actions/apigroupismember.php @@ -92,7 +92,7 @@ class ApiGroupIsMemberAction extends ApiBareAuthAction } if (empty($this->group)) { - $this->clientError('Group not found!', 404, $this->format); + $this->clientError(_('Group not found!'), 404, $this->format); return false; } diff --git a/actions/apigroupjoin.php b/actions/apigroupjoin.php index ffda3986f..b531d9501 100644 --- a/actions/apigroupjoin.php +++ b/actions/apigroupjoin.php @@ -101,7 +101,7 @@ class ApiGroupJoinAction extends ApiAuthAction } if (empty($this->group)) { - $this->clientError('Group not found!', 404, $this->format); + $this->clientError(_('Group not found!'), 404, $this->format); return false; } diff --git a/actions/apigroupleave.php b/actions/apigroupleave.php index 8665ea1aa..514a3a557 100644 --- a/actions/apigroupleave.php +++ b/actions/apigroupleave.php @@ -101,7 +101,7 @@ class ApiGroupLeaveAction extends ApiAuthAction } if (empty($this->group)) { - $this->clientError('Group not found!', 404, $this->format); + $this->clientError(_('Group not found!'), 404, $this->format); return false; } diff --git a/actions/apigroupmembership.php b/actions/apigroupmembership.php index d221a6418..dd2843161 100644 --- a/actions/apigroupmembership.php +++ b/actions/apigroupmembership.php @@ -87,6 +87,11 @@ class ApiGroupMembershipAction extends ApiPrivateAuthAction { parent::handle($args); + if (empty($this->group)) { + $this->clientError(_('Group not found!'), 404, $this->format); + return false; + } + // XXX: RSS and Atom switch($this->format) { diff --git a/actions/apigroupshow.php b/actions/apigroupshow.php index b745ff92f..f9b960747 100644 --- a/actions/apigroupshow.php +++ b/actions/apigroupshow.php @@ -87,7 +87,7 @@ class ApiGroupShowAction extends ApiPrivateAuthAction if (empty($this->group)) { $this->clientError( - 'Group not found!', + _('Group not found!'), 404, $this->format ); diff --git a/actions/apitimelinegroup.php b/actions/apitimelinegroup.php index f25f6ba51..de13e7eb9 100644 --- a/actions/apitimelinegroup.php +++ b/actions/apitimelinegroup.php @@ -69,7 +69,6 @@ class ApiTimelineGroupAction extends ApiPrivateAuthAction parent::prepare($args); $this->group = $this->getTargetGroup($this->arg('id')); - $this->notices = $this->getNotices(); return true; } @@ -87,6 +86,13 @@ class ApiTimelineGroupAction extends ApiPrivateAuthAction function handle($args) { parent::handle($args); + + if (empty($this->group)) { + $this->clientError(_('Group not found!'), 404, $this->format); + return false; + } + + $this->notices = $this->getNotices(); $this->showTimeline(); } -- cgit v1.2.3-54-g00ecf From 75c00f0054c08c7b49515c849260afbb6913f525 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 16 Nov 2009 17:25:38 -0800 Subject: Bug 1655/bug 1905: fix for Internet Explorer receiving FOAF output when clicking user links. User links using the ID number (such as created for @-replies) have been failing on Internet Explorer, since IE doesn't bother to actually say it supports text/html... We usually get something like this from IE, up through at least IE 8: Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* The */* ended up matching application/rdf+xml instead of text/html, so only other browsers which are more explicit would actually get sent on to the user profile/notice stream; IE visitors were directed on to the FOAF download. :( Swapping the order of items in the server-side of the negotiation list fixes this; clients actually asking for FOAF at a higher priority than HTML will still get it, but the wildcard */* now matches text/html which is usually what we want. Content negotiation for the user links was added August 2008 in commit 48fcfb8b0daeb272cb9d116af617daf15930d909. --- actions/userbyid.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'actions') diff --git a/actions/userbyid.php b/actions/userbyid.php index 802bcb081..86a61f20b 100644 --- a/actions/userbyid.php +++ b/actions/userbyid.php @@ -74,8 +74,11 @@ class UserbyidAction extends Action $this->clientError(_('No such user.')); } - // support redirecting to FOAF rdf/xml if the agent prefers it - $page_prefs = 'application/rdf+xml,text/html,application/xhtml+xml,application/xml;q=0.3,text/xml;q=0.2'; + // Support redirecting to FOAF rdf/xml if the agent prefers it... + // Internet Explorer doesn't specify "text/html" and does list "*/*" + // at least through version 8. We need to list text/html up front to + // ensure that only user-agents who specifically ask for RDF get it. + $page_prefs = 'text/html,application/xhtml+xml,application/rdf+xml,application/xml;q=0.3,text/xml;q=0.2'; $httpaccept = isset($_SERVER['HTTP_ACCEPT']) ? $_SERVER['HTTP_ACCEPT'] : null; $type = common_negotiate_type(common_accept_to_prefs($httpaccept), -- cgit v1.2.3-54-g00ecf From 42d6c696916d545047339c77d36df2192555662b Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 17 Nov 2009 10:59:50 -0500 Subject: add private flag back into site admin panel --- actions/siteadminpanel.php | 1 + panels.txt | 4 ---- 2 files changed, 1 insertion(+), 4 deletions(-) (limited to 'actions') diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index 1cf70362d..cd33d5adb 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -92,6 +92,7 @@ class SiteadminpanelAction extends AdminPanelAction { static $settings = array('name', 'broughtby', 'broughtbyurl', 'email', 'timezone', 'language'); + static $booleans = array('private'); $values = array(); diff --git a/panels.txt b/panels.txt index 3787eb190..030e3ddc7 100644 --- a/panels.txt +++ b/panels.txt @@ -52,10 +52,6 @@ emailadminpanel - popular dropoff - message contentlimit -locationadminpanel - -- location namespace - groupadminpanel - group desclimit -- cgit v1.2.3-54-g00ecf From cb4acd40bf6bedd32f8352e73654e0fbff730cf8 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 17 Nov 2009 14:51:17 -0500 Subject: more snapshot stuff in siteadminpanel --- actions/siteadminpanel.php | 106 ++++++++++++++++++++++++++++++++++++--------- 1 file changed, 85 insertions(+), 21 deletions(-) (limited to 'actions') diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index cd33d5adb..2623e48ed 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -90,18 +90,24 @@ class SiteadminpanelAction extends AdminPanelAction function saveSettings() { - static $settings = array('name', 'broughtby', 'broughtbyurl', - 'email', 'timezone', 'language'); - static $booleans = array('private'); + static $settings = array('site' => array('name', 'broughtby', 'broughtbyurl', + 'email', 'timezone', 'language'), + 'snapshot' => array('run', 'reporturl', 'frequency')); + + static $booleans = array('site' => array('private')); $values = array(); - foreach ($settings as $setting) { - $values[$setting] = $this->trimmed($setting); + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + $values[$section][$setting] = $this->trimmed($setting); + } } - foreach ($booleans as $setting) { - $values[$setting] = ($this->boolean($setting)) ? 1 : 0; + foreach ($booleans as $section => $parts) { + foreach ($parts as $setting) { + $values[$section][$setting] = ($this->boolean($setting)) ? 1 : 0; + } } // This throws an exception on validation errors @@ -114,8 +120,16 @@ class SiteadminpanelAction extends AdminPanelAction $config->query('BEGIN'); - foreach (array_merge($settings, $booleans) as $setting) { - Config::save('site', $setting, $values[$setting]); + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + Config::save($section, $setting, $values[$section][$setting]); + } + } + + foreach ($booleans as $section => $parts) { + foreach ($parts as $setting) { + Config::save($section, $setting, $values[$section][$setting]); + } } $config->query('COMMIT'); @@ -127,34 +141,55 @@ class SiteadminpanelAction extends AdminPanelAction { // Validate site name - if (empty($values['name'])) { + if (empty($values['site']['name'])) { $this->clientError(_("Site name must have non-zero length.")); } // Validate email - $values['email'] = common_canonical_email($values['email']); + $values['site']['email'] = common_canonical_email($values['site']['email']); - if (empty($values['email'])) { + if (empty($values['site']['email'])) { $this->clientError(_('You must have a valid contact email address')); } - if (!Validate::email($values['email'], common_config('email', 'check_domain'))) { + if (!Validate::email($values['site']['email'], common_config('email', 'check_domain'))) { $this->clientError(_('Not a valid email address')); } // Validate timezone - if (is_null($values['timezone']) || - !in_array($values['timezone'], DateTimeZone::listIdentifiers())) { + if (is_null($values['site']['timezone']) || + !in_array($values['site']['timezone'], DateTimeZone::listIdentifiers())) { $this->clientError(_('Timezone not selected.')); return; } // Validate language - if (!is_null($language) && !in_array($language, array_keys(get_nice_language_list()))) { - $this->clientError(sprintf(_('Unknown language "%s"'), $language)); + if (!is_null($values['site']['language']) && + !in_array($values['site']['language'], array_keys(get_nice_language_list()))) { + $this->clientError(sprintf(_('Unknown language "%s"'), $values['site']['language'])); + } + + // Validate report URL + + if (!is_null($values['snapshot']['reporturl']) && + !Validate::uri($values['snapshot']['reporturl'], array('allowed_schemes' => array('http', 'https')))) { + $this->clientError(_("Invalid snapshot report URL.")); + } + + // Validate snapshot run value + + if (!in_array($values['snapshot']['run'], array('web', 'cron', 'never'))) { + $this->clientError(_("Invalid snapshot run value.")); } + + // Validate snapshot run value + + if (!Validate::number($values['snapshot']['frequency'])) { + $this->clientError(_("Snapshot frequency must be a number.")); + } + } } @@ -250,6 +285,33 @@ class SiteAdminPanelForm extends Form $this->unli(); + $this->li(); + + $snapshot = array('web' => _('Randomly during Web hit'), + 'cron' => _('In a scheduled job'), + 'never' => _('Never')); + + $this->out->dropdown('run', _('Data snapshots'), + $snapshot, _('When to send statistical data to status.net servers'), + false, $this->value('run', 'snapshot')); + + $this->unli(); + $this->li(); + + $this->input('frequency', _('Frequency'), + _('Snapshots will be sent once every N Web hits'), + 'snapshot'); + + $this->unli(); + + $this->li(); + + $this->input('reporturl', _('Report URL'), + _('Snapshots will be sent to this URL'), + 'snapshot'); + + $this->unli(); + $this->out->elementEnd('ul'); } @@ -260,28 +322,30 @@ class SiteAdminPanelForm extends Form * @param string $setting Name of the setting * @param string $title Title to use for the input * @param string $instructions Instructions for this field + * @param string $section config section, default = 'site' * * @return void */ - function input($setting, $title, $instructions) + function input($setting, $title, $instructions, $section='site') { - $this->out->input($setting, $title, $this->value($setting), $instructions); + $this->out->input($setting, $title, $this->value($setting, $section), $instructions); } /** * Utility to simplify getting the posted-or-stored setting value * * @param string $setting Name of the setting + * @param string $main configuration section, default = 'site' * * @return string param value if posted, or current config value */ - function value($setting) + function value($setting, $main='site') { $value = $this->out->trimmed($setting); if (empty($value)) { - $value = common_config('site', $setting); + $value = common_config($main, $setting); } return $value; } -- cgit v1.2.3-54-g00ecf From 14082ada6b1ef4dbe5ddc92d307e570b2012f889 Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Tue, 17 Nov 2009 20:09:09 +0000 Subject: Updated admin forms to use form_settings styles --- actions/designadminpanel.php | 4 ++-- actions/siteadminpanel.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'actions') diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php index 30af76ff5..024cbe251 100644 --- a/actions/designadminpanel.php +++ b/actions/designadminpanel.php @@ -135,7 +135,7 @@ class DesignAdminPanelForm extends Form function id() { - return 'designadminpanel'; + return 'form_design_admin_panel'; } /** @@ -146,7 +146,7 @@ class DesignAdminPanelForm extends Form function formClass() { - return 'form_design_admin_panel'; + return 'form_settings'; } /** diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index 2623e48ed..c316f8e17 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -203,7 +203,7 @@ class SiteAdminPanelForm extends Form function id() { - return 'siteadminpanel'; + return 'form_site_admin_panel'; } /** @@ -214,7 +214,7 @@ class SiteAdminPanelForm extends Form function formClass() { - return 'form_site_admin_panel'; + return 'form_settings'; } /** -- cgit v1.2.3-54-g00ecf From 2c2861b867dc7acccf02dd2cea11280a3c768c1c Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Tue, 17 Nov 2009 21:52:33 +0000 Subject: Added form_data class --- actions/designadminpanel.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php index 024cbe251..dcf5605af 100644 --- a/actions/designadminpanel.php +++ b/actions/designadminpanel.php @@ -174,7 +174,7 @@ class DesignAdminPanelForm extends Form $themes = array_combine($themes, $themes); - $this->out->elementStart('ul'); + $this->out->elementStart('ul', 'form_data'); $this->out->elementStart('li'); $this->out->dropdown('theme', _('Theme'), -- cgit v1.2.3-54-g00ecf From 7551464d239a77d3f23b02a8f84ea78ebc282b2e Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 17 Nov 2009 16:55:45 -0800 Subject: Get rid of empty select in theme dropdown --- actions/designadminpanel.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php index dcf5605af..9845ddb54 100644 --- a/actions/designadminpanel.php +++ b/actions/designadminpanel.php @@ -179,7 +179,7 @@ class DesignAdminPanelForm extends Form $this->out->dropdown('theme', _('Theme'), $themes, _('Theme for the site.'), - true, $this->value('theme')); + false, $this->value('theme')); $this->out->elementEnd('li'); $this->out->elementEnd('ul'); -- cgit v1.2.3-54-g00ecf From 7e0af928132c8eda2f25943b9a316e8ddf6f9a41 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 18 Nov 2009 00:00:05 -0800 Subject: First draft of the admin panel for site design --- actions/designadminpanel.php | 388 ++++++++++++++++++++++++++++++++++++++++++- lib/form.php | 14 +- 2 files changed, 397 insertions(+), 5 deletions(-) (limited to 'actions') diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php index 9845ddb54..6b40ae021 100644 --- a/actions/designadminpanel.php +++ b/actions/designadminpanel.php @@ -47,6 +47,10 @@ if (!defined('STATUSNET')) { class DesignadminpanelAction extends AdminPanelAction { + + /* The default site design */ + var $design = null; + /** * Returns the page title * @@ -77,6 +81,8 @@ class DesignadminpanelAction extends AdminPanelAction function showForm() { + $this->design = Design::siteDesign(); + $form = new DesignAdminPanelForm($this); $form->show(); return; @@ -90,8 +96,44 @@ class DesignadminpanelAction extends AdminPanelAction function saveSettings() { - static $settings = array('theme'); + if ($this->arg('save')) { + $this->saveDesignSettings(); + } else if ($this->arg('defaults')) { + $this->restoreDefaults(); + } else { + $this->success = false; + $this->message = 'Unexpected form submission.'; + } + } + + /** + * Save the new design settings + * + * @return void + */ + + function saveDesignSettings() + { + + // Workaround for PHP returning empty $_POST and $_FILES when POST + // length > post_max_size in php.ini + + if (empty($_FILES) + && empty($_POST) + && ($_SERVER['CONTENT_LENGTH'] > 0) + ) { + $msg = _('The server was unable to handle that much POST ' . + 'data (%s bytes) due to its current configuration.'); + $this->success = false; + $this->msg = $e->getMessage(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); + return; + } + + // check for an image upload + + $bgimage = $this->saveBackgroundImage(); + static $settings = array('theme'); $values = array(); foreach ($settings as $setting) { @@ -99,6 +141,30 @@ class DesignadminpanelAction extends AdminPanelAction } // This throws an exception on validation errors + try { + $bgcolor = new WebColor($this->trimmed('design_background')); + $ccolor = new WebColor($this->trimmed('design_content')); + $sbcolor = new WebColor($this->trimmed('design_sidebar')); + $tcolor = new WebColor($this->trimmed('design_text')); + $lcolor = new WebColor($this->trimmed('design_links')); + } catch (WebColorException $e) { + $this->success = false; + $this->msg = $e->getMessage(); + return; + } + + $onoff = $this->arg('design_background-image_onoff'); + + $on = false; + $off = false; + + if ($onoff == 'on') { + $on = true; + } else { + $off = true; + } + + $tile = $this->boolean('design_background-image_repeat'); $this->validate($values); @@ -112,21 +178,163 @@ class DesignadminpanelAction extends AdminPanelAction Config::save('site', $setting, $values[$setting]); } + if (isset($bgimage)) { + Config::save('design', 'backgroundimage', $bgimage); + } + + Config::save('design', 'backgroundcolor', $bgcolor->intValue()); + Config::save('design', 'contentcolor', $ccolor->intValue()); + Config::save('design', 'sidebarcolor', $sbcolor->intValue()); + Config::save('design', 'textcolor', $tcolor->intValue()); + Config::save('design', 'linkcolor', $lcolor->intValue()); + + // Hack to use Design's bit setter + $scratch = new Design(); + $scratch->setDisposition($on, $off, $tile); + + Config::save('design', 'disposition', $scratch->disposition); + $config->query('COMMIT'); return; + } + /** + * Delete a design setting + * + * @return mixed $result false if something didn't work + */ + + function deleteSetting($section, $setting) + { + $config = new Config(); + + $config->section = $section; + $config->setting = $setting; + + if ($config->find(true)) { + $result = $config->delete(); + if (!$result) { + common_log_db_error($config, 'DELETE', __FILE__); + $this->clientError(_("Unable to delete design setting.")); + return null; + } + } + + return $result; + } + + /** + * Restore the default design + * + * @return void + */ + + function restoreDefaults() + { + $this->deleteSetting('site', 'theme'); + + $settings = array( + 'theme', 'backgroundimage', 'backgroundcolor', 'contentcolor', + 'sidebarcolor', 'textcolor', 'linkcolor', 'disposition' + ); + + foreach ($settings as $setting) { + $this->deleteSetting('design', $setting); + } + } + + /** + * Save the background image if the user uploaded one + * + * @return string $filename the filename of the image + */ + + function saveBackgroundImage() + { + $filename = null; + + if ($_FILES['design_background-image_file']['error'] == + UPLOAD_ERR_OK) { + + $filepath = null; + + try { + $imagefile = + ImageFile::fromUpload('design_background-image_file'); + } catch (Exception $e) { + $this->success = false; + $this->msg = $e->getMessage(); + return; + } + + // Note: site design background image has a special filename + + $filename = Design::filename('site-design-background', + image_type_to_extension($imagefile->type), + common_timestamp()); + + $filepath = Design::path($filename); + + move_uploaded_file($imagefile->filepath, $filepath); + + // delete any old backround img laying around + + if (isset($this->design->backgroundimage)) { + @unlink(Design::path($design->backgroundimage)); + } + + return $filename; + } + } + + /** + * Attempt to validate setting values + * + * @return void + */ + function validate(&$values) { if (!in_array($values['theme'], Theme::listAvailable())) { $this->clientError(sprintf(_("Theme not available: %s"), $values['theme'])); } } + + /** + * Add the Farbtastic stylesheet + * + * @return void + */ + + function showStylesheets() + { + parent::showStylesheets(); + $this->cssLink('css/farbtastic.css','base','screen, projection, tv'); + } + + /** + * Add the Farbtastic scripts + * + * @return void + */ + + function showScripts() + { + parent::showScripts(); + + $this->script('js/farbtastic/farbtastic.js'); + $this->script('js/userdesign.go.js'); + + $this->autofocus('design_background-image_file'); + } + } class DesignAdminPanelForm extends Form { + /** * ID of the form * @@ -149,6 +357,22 @@ class DesignAdminPanelForm extends Form return 'form_settings'; } + /** + * HTTP method used to submit the form + * + * For image data we need to send multipart/form-data + * so we set that here too + * + * @return string the method to use for submitting + */ + + function method() + { + $this->enctype = 'multipart/form-data'; + + return 'post'; + } + /** * Action of the form * @@ -168,6 +392,9 @@ class DesignAdminPanelForm extends Form function formData() { + + $design = $this->out->design; + $themes = Theme::listAvailable(); asort($themes); @@ -175,14 +402,158 @@ class DesignAdminPanelForm extends Form $themes = array_combine($themes, $themes); $this->out->elementStart('ul', 'form_data'); - $this->out->elementStart('li'); + $this->out->elementStart('li'); $this->out->dropdown('theme', _('Theme'), $themes, _('Theme for the site.'), false, $this->value('theme')); + $this->out->elementEnd('li'); + $this->out->elementStart('li'); + $this->out->element('label', array('for' => 'design_background-image_file'), + _('Background')); + $this->out->element('input', array('name' => 'design_background-image_file', + 'type' => 'file', + 'id' => 'design_background-image_file')); + $this->out->element('p', 'form_guide', + sprintf(_('You can upload a background image for the site. ' . + 'The maximum file size is %1$s.'), ImageFile::maxFileSize())); + $this->out->element('input', array('name' => 'MAX_FILE_SIZE', + 'type' => 'hidden', + 'id' => 'MAX_FILE_SIZE', + 'value' => ImageFile::maxFileSizeInt())); $this->out->elementEnd('li'); + + if (!empty($design->backgroundimage)) { + + $this->out->elementStart('li', array('id' => + 'design_background-image_onoff')); + + $this->out->element('img', array('src' => + Design::url($design->backgroundimage))); + + $attrs = array('name' => 'design_background-image_onoff', + 'type' => 'radio', + 'id' => 'design_background-image_on', + 'class' => 'radio', + 'value' => 'on'); + + if ($design->disposition & BACKGROUND_ON) { + $attrs['checked'] = 'checked'; + } + + $this->out->element('input', $attrs); + + $this->out->element('label', array('for' => 'design_background-image_on', + 'class' => 'radio'), + _('On')); + + $attrs = array('name' => 'design_background-image_onoff', + 'type' => 'radio', + 'id' => 'design_background-image_off', + 'class' => 'radio', + 'value' => 'off'); + + if ($design->disposition & BACKGROUND_OFF) { + $attrs['checked'] = 'checked'; + } + + $this->out->element('input', $attrs); + + $this->out->element('label', array('for' => 'design_background-image_off', + 'class' => 'radio'), + _('Off')); + $this->out->element('p', 'form_guide', _('Turn background image on or off.')); + $this->out->elementEnd('li'); + + $this->out->elementStart('li'); + $this->out->checkbox('design_background-image_repeat', + _('Tile background image'), + ($design->disposition & BACKGROUND_TILE) ? true : false); + $this->out->elementEnd('li'); + } + + $this->out->elementEnd('ul'); + + $this->out->elementStart('fieldset', array('id' => 'settings_design_color')); + $this->out->element('legend', null, _('Change colours')); + $this->out->elementStart('ul', 'form_data'); + + try { + + $bgcolor = new WebColor($design->backgroundcolor); + + $this->out->elementStart('li'); + $this->out->element('label', array('for' => 'swatch-1'), _('Background')); + $this->out->element('input', array('name' => 'design_background', + 'type' => 'text', + 'id' => 'swatch-1', + 'class' => 'swatch', + 'maxlength' => '7', + 'size' => '7', + 'value' => '')); + $this->out->elementEnd('li'); + + $ccolor = new WebColor($design->contentcolor); + + $this->out->elementStart('li'); + $this->out->element('label', array('for' => 'swatch-2'), _('Content')); + $this->out->element('input', array('name' => 'design_content', + 'type' => 'text', + 'id' => 'swatch-2', + 'class' => 'swatch', + 'maxlength' => '7', + 'size' => '7', + 'value' => '')); + $this->out->elementEnd('li'); + + $sbcolor = new WebColor($design->sidebarcolor); + + $this->out->elementStart('li'); + $this->out->element('label', array('for' => 'swatch-3'), _('Sidebar')); + $this->out->element('input', array('name' => 'design_sidebar', + 'type' => 'text', + 'id' => 'swatch-3', + 'class' => 'swatch', + 'maxlength' => '7', + 'size' => '7', + 'value' => '')); + $this->out->elementEnd('li'); + + $tcolor = new WebColor($design->textcolor); + + $this->out->elementStart('li'); + $this->out->element('label', array('for' => 'swatch-4'), _('Text')); + $this->out->element('input', array('name' => 'design_text', + 'type' => 'text', + 'id' => 'swatch-4', + 'class' => 'swatch', + 'maxlength' => '7', + 'size' => '7', + 'value' => '')); + $this->out->elementEnd('li'); + + $lcolor = new WebColor($design->linkcolor); + + $this->out->elementStart('li'); + $this->out->element('label', array('for' => 'swatch-5'), _('Links')); + $this->out->element('input', array('name' => 'design_links', + 'type' => 'text', + 'id' => 'swatch-5', + 'class' => 'swatch', + 'maxlength' => '7', + 'size' => '7', + 'value' => '')); + $this->out->elementEnd('li'); + + } catch (WebColorException $e) { + common_log(LOG_ERR, 'Bad color values in site design: ' . + $e->getMessage()); + } + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + } /** @@ -226,6 +597,15 @@ class DesignAdminPanelForm extends Form function formActions() { - $this->out->submit('submit', _('Save'), 'submit', null, _('Save site settings')); - } + $this->out->submit('defaults', _('Use defaults'), 'submit form_action-default', + 'defaults', _('Restore default designs')); + + $this->out->element('input', array('id' => 'settings_design_reset', + 'type' => 'reset', + 'value' => 'Reset', + 'class' => 'submit form_action-primary', + 'title' => _('Reset back to default'))); + + $this->out->submit('save', _('Save'), 'submit form_action-secondary', + 'save', _('Save design')); } } diff --git a/lib/form.php b/lib/form.php index 87b7a5cba..868c986b9 100644 --- a/lib/form.php +++ b/lib/form.php @@ -67,7 +67,7 @@ class Form extends Widget { $attributes = array('id' => $this->id(), 'class' => $this->formClass(), - 'method' => 'post', + 'method' => $this->method(), 'action' => $this->action()); if (!empty($this->enctype)) { @@ -119,6 +119,18 @@ class Form extends Widget { } + /** + * HTTP method used to submit the form + * + * Defaults to post. Subclasses can override if they need to. + * + * @return string the method to use for submitting + */ + function method() + { + return 'post'; + } + /** * Buttons for form actions * -- cgit v1.2.3-54-g00ecf From 4fc99f8246e166da537b9a025e629677c3ae2ef3 Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Wed, 18 Nov 2009 09:47:04 +0000 Subject: Updated admin design form markup --- actions/designadminpanel.php | 11 +++++++++++ theme/base/css/display.css | 3 ++- 2 files changed, 13 insertions(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php index 6b40ae021..d1aadc8c2 100644 --- a/actions/designadminpanel.php +++ b/actions/designadminpanel.php @@ -401,6 +401,9 @@ class DesignAdminPanelForm extends Form $themes = array_combine($themes, $themes); + $this->out->elementStart('fieldset', array('id' => + 'settings_design_theme')); + $this->out->element('legend', null, _('Change theme')); $this->out->elementStart('ul', 'form_data'); $this->out->elementStart('li'); @@ -408,7 +411,14 @@ class DesignAdminPanelForm extends Form $themes, _('Theme for the site.'), false, $this->value('theme')); $this->out->elementEnd('li'); + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + + $this->out->elementStart('fieldset', array('id' => + 'settings_design_background-image')); + $this->out->element('legend', null, _('Change background image')); + $this->out->elementStart('ul', 'form_data'); $this->out->elementStart('li'); $this->out->element('label', array('for' => 'design_background-image_file'), _('Background')); @@ -474,6 +484,7 @@ class DesignAdminPanelForm extends Form } $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); $this->out->elementStart('fieldset', array('id' => 'settings_design_color')); $this->out->element('legend', null, _('Change colours')); diff --git a/theme/base/css/display.css b/theme/base/css/display.css index 1057572da..2df322f13 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -167,7 +167,8 @@ font-weight:bold; #form_password_recover legend, #form_password_change legend, .form_entity_block legend, -#form_filter_bytag legend { +#form_filter_bytag legend, +#settings_design_theme legend { display:none; } -- cgit v1.2.3-54-g00ecf From 18835403fcea146c15488157435c2d98f25bc093 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Wed, 18 Nov 2009 09:29:55 -0800 Subject: Notice: Undefined variable: source in actions/apistatusesupdate.php on line 88 --- actions/apistatusesupdate.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php index 7ddf7703b..85a7c8c08 100644 --- a/actions/apistatusesupdate.php +++ b/actions/apistatusesupdate.php @@ -85,7 +85,7 @@ class ApiStatusesUpdateAction extends ApiAuthAction $this->lat = $this->trimmed('lat'); $this->lon = $this->trimmed('long'); - if (empty($this->source) || in_array($source, self::$reserved_sources)) { + if (empty($this->source) || in_array($this->source, self::$reserved_sources)) { $this->source = 'api'; } -- cgit v1.2.3-54-g00ecf From 3bff3b2b327f7c8b811b85dda049cdd81fcc25d9 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Wed, 18 Nov 2009 14:44:39 -0500 Subject: Improve the not authorized error message --- actions/login.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/login.php b/actions/login.php index ad57dd667..881df0099 100644 --- a/actions/login.php +++ b/actions/login.php @@ -146,7 +146,7 @@ class LoginAction extends Action // success! if (!common_set_user($user)) { - $this->serverError(_('Error setting user.')); + $this->serverError(_('Error setting user. You are probably not authorized.')); return; } -- cgit v1.2.3-54-g00ecf From 199ccdb53fbd732eeced3edf734e39687729da9b Mon Sep 17 00:00:00 2001 From: Eric Helgeson Date: Wed, 18 Nov 2009 15:53:33 -0500 Subject: Consolidate group creation into static function in User_group --- actions/apigroupcreate.php | 62 ++++++---------------------------------------- actions/newgroup.php | 46 ++++++---------------------------- classes/User_group.php | 62 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 76 insertions(+), 94 deletions(-) (limited to 'actions') diff --git a/actions/apigroupcreate.php b/actions/apigroupcreate.php index 895dfb7ab..8827d1c5c 100644 --- a/actions/apigroupcreate.php +++ b/actions/apigroupcreate.php @@ -117,61 +117,13 @@ class ApiGroupCreateAction extends ApiAuthAction return; } - $group = new User_group(); - - $group->query('BEGIN'); - - $group->nickname = $this->nickname; - $group->fullname = $this->fullname; - $group->homepage = $this->homepage; - $group->description = $this->description; - $group->location = $this->location; - $group->created = common_sql_now(); - - $result = $group->insert(); - - if (!$result) { - common_log_db_error($group, 'INSERT', __FILE__); - $this->serverError( - _('Could not create group.'), - 500, - $this->format - ); - return; - } - - $result = $group->setAliases($this->aliases); - - if (!$result) { - $this->serverError( - _('Could not create aliases.'), - 500, - $this->format - ); - return; - } - - $member = new Group_member(); - - $member->group_id = $group->id; - $member->profile_id = $this->user->id; - $member->is_admin = 1; - $member->created = $group->created; - - $result = $member->insert(); - - if (!$result) { - common_log_db_error($member, 'INSERT', __FILE__); - $this->serverError( - _('Could not set group membership.'), - 500, - $this->format - ); - return; - } - - $group->query('COMMIT'); - + $group = User_group::register(array('nickname' => $this->nickname, + 'fullname' => $this->fullname, + 'homepage' => $this->homepage, + 'description' => $this->description, + 'location' => $this->location, + 'aliases' => $this->aliases, + 'userid' => $this->user->id)); switch($this->format) { case 'xml': $this->showSingleXmlGroup($group); diff --git a/actions/newgroup.php b/actions/newgroup.php index 80da9861a..25da7f8fc 100644 --- a/actions/newgroup.php +++ b/actions/newgroup.php @@ -186,45 +186,13 @@ class NewgroupAction extends Action assert(!is_null($cur)); - $group = new User_group(); - - $group->query('BEGIN'); - - $group->nickname = $nickname; - $group->fullname = $fullname; - $group->homepage = $homepage; - $group->description = $description; - $group->location = $location; - $group->created = common_sql_now(); - - $result = $group->insert(); - - if (!$result) { - common_log_db_error($group, 'INSERT', __FILE__); - $this->serverError(_('Could not create group.')); - } - - $result = $group->setAliases($aliases); - - if (!$result) { - $this->serverError(_('Could not create aliases.')); - } - - $member = new Group_member(); - - $member->group_id = $group->id; - $member->profile_id = $cur->id; - $member->is_admin = 1; - $member->created = $group->created; - - $result = $member->insert(); - - if (!$result) { - common_log_db_error($member, 'INSERT', __FILE__); - $this->serverError(_('Could not set group membership.')); - } - - $group->query('COMMIT'); + $group = User_group::register(array('nickname' => $nickname, + 'fullname' => $fullname, + 'homepage' => $homepage, + 'description' => $description, + 'location' => $location, + 'aliases' => $aliases, + 'userid' => $cur->id)); common_redirect($group->homeUrl(), 303); } diff --git a/classes/User_group.php b/classes/User_group.php index b92638f7a..c86eadf8f 100644 --- a/classes/User_group.php +++ b/classes/User_group.php @@ -354,4 +354,66 @@ class User_group extends Memcached_DataObject return $xs->getString(); } + + static function register($fields) { + + // MAGICALLY put fields into current scope + + extract($fields); + + $group = new User_group(); + + $group->query('BEGIN'); + + $group->nickname = $nickname; + $group->fullname = $fullname; + $group->homepage = $homepage; + $group->description = $description; + $group->location = $location; + $group->created = common_sql_now(); + + $result = $group->insert(); + + if (!$result) { + common_log_db_error($group, 'INSERT', __FILE__); + $this->serverError( + _('Could not create group.'), + 500, + $this->format + ); + return; + } + $result = $group->setAliases($aliases); + + if (!$result) { + $this->serverError( + _('Could not create aliases.'), + 500, + $this->format + ); + return; + } + + $member = new Group_member(); + + $member->group_id = $group->id; + $member->profile_id = $userid; + $member->is_admin = 1; + $member->created = $group->created; + + $result = $member->insert(); + + if (!$result) { + common_log_db_error($member, 'INSERT', __FILE__); + $this->serverError( + _('Could not set group membership.'), + 500, + $this->format + ); + return; + } + + $group->query('COMMIT'); + return $group; + } } -- cgit v1.2.3-54-g00ecf From 745ea277d8b45e0940cf0da3bafbe32470afa121 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Wed, 18 Nov 2009 16:09:58 -0500 Subject: Should not canonicalize nickname before calling common_check_user --- actions/login.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/login.php b/actions/login.php index 881df0099..63955e3f5 100644 --- a/actions/login.php +++ b/actions/login.php @@ -133,7 +133,7 @@ class LoginAction extends Action return; } - $nickname = common_canonical_nickname($this->trimmed('nickname')); + $nickname = $this->trimmed('nickname'); $password = $this->arg('password'); $user = common_check_user($nickname, $password); -- cgit v1.2.3-54-g00ecf From f7a3e508ba8d0f8f9487724f3e417554d1d0b4d8 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Wed, 18 Nov 2009 17:36:55 -0800 Subject: Check profile->update() result against false exactly; we may legitimately get 0 back if no rows were changed. DB objects normally would return true, but the comparisons aren't 100% reliable when we've got numbers which could be ints or strings or floats. Caused failures saving profile settings with Geonames plugin enabled; the lat/lon/id fields would get re-set with freshly looked up values which no longer matched the previous values as far as the data object could tell, but which saved as the same ol' numbers. --- actions/profilesettings.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/profilesettings.php b/actions/profilesettings.php index 0a0cc5997..359664096 100644 --- a/actions/profilesettings.php +++ b/actions/profilesettings.php @@ -323,7 +323,7 @@ class ProfilesettingsAction extends AccountSettingsAction $result = $profile->update($orig_profile); - if (!$result) { + if ($result === false) { common_log_db_error($profile, 'UPDATE', __FILE__); $this->serverError(_('Couldn\'t save profile.')); return; -- cgit v1.2.3-54-g00ecf From cf7188a4586c5ce5b539229035866cf494413a76 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 18 Nov 2009 18:25:36 -0800 Subject: Design admin panel mostly done. --- actions/designadminpanel.php | 307 ++++++++++++++++++++++++++----------------- actions/siteadminpanel.php | 47 +------ lib/adminform.php | 86 ++++++++++++ lib/adminpanelaction.php | 27 ++++ lib/form.php | 10 ++ 5 files changed, 312 insertions(+), 165 deletions(-) create mode 100644 lib/adminform.php (limited to 'actions') diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php index d1aadc8c2..156c3f1ab 100644 --- a/actions/designadminpanel.php +++ b/actions/designadminpanel.php @@ -74,7 +74,7 @@ class DesignadminpanelAction extends AdminPanelAction } /** - * Show the site admin panel form + * Get the default design and show the design admin panel form * * @return void */ @@ -82,7 +82,6 @@ class DesignadminpanelAction extends AdminPanelAction function showForm() { $this->design = Design::siteDesign(); - $form = new DesignAdminPanelForm($this); $form->show(); return; @@ -101,8 +100,7 @@ class DesignadminpanelAction extends AdminPanelAction } else if ($this->arg('defaults')) { $this->restoreDefaults(); } else { - $this->success = false; - $this->message = 'Unexpected form submission.'; + $this->clientError(_('Unexpected form submission.')); } } @@ -114,7 +112,6 @@ class DesignadminpanelAction extends AdminPanelAction function saveDesignSettings() { - // Workaround for PHP returning empty $_POST and $_FILES when POST // length > post_max_size in php.ini @@ -124,8 +121,7 @@ class DesignadminpanelAction extends AdminPanelAction ) { $msg = _('The server was unable to handle that much POST ' . 'data (%s bytes) due to its current configuration.'); - $this->success = false; - $this->msg = $e->getMessage(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); + $this->clientException(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); return; } @@ -133,25 +129,30 @@ class DesignadminpanelAction extends AdminPanelAction $bgimage = $this->saveBackgroundImage(); - static $settings = array('theme'); + static $settings = array( + 'site' => array('theme', 'logo'), + 'theme' => array('server', 'dir', 'path'), + 'avatar' => array('server', 'dir', 'path'), + 'background' => array('server', 'dir', 'path') + ); + $values = array(); - foreach ($settings as $setting) { - $values[$setting] = $this->trimmed($setting); + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + $values[$section][$setting] = $this->trimmed("$section-$setting"); + } } - // This throws an exception on validation errors - try { - $bgcolor = new WebColor($this->trimmed('design_background')); - $ccolor = new WebColor($this->trimmed('design_content')); - $sbcolor = new WebColor($this->trimmed('design_sidebar')); - $tcolor = new WebColor($this->trimmed('design_text')); - $lcolor = new WebColor($this->trimmed('design_links')); - } catch (WebColorException $e) { - $this->success = false; - $this->msg = $e->getMessage(); - return; - } + $this->validate($values); + + // assert(all values are valid); + + $bgcolor = new WebColor($this->trimmed('design_background')); + $ccolor = new WebColor($this->trimmed('design_content')); + $sbcolor = new WebColor($this->trimmed('design_sidebar')); + $tcolor = new WebColor($this->trimmed('design_text')); + $lcolor = new WebColor($this->trimmed('design_links')); $onoff = $this->arg('design_background-image_onoff'); @@ -166,16 +167,14 @@ class DesignadminpanelAction extends AdminPanelAction $tile = $this->boolean('design_background-image_repeat'); - $this->validate($values); - - // assert(all values are valid); - $config = new Config(); $config->query('BEGIN'); - foreach ($settings as $setting) { - Config::save('site', $setting, $values[$setting]); + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + Config::save($section, $setting, $values[$section][$setting]); + } } if (isset($bgimage)) { @@ -197,32 +196,6 @@ class DesignadminpanelAction extends AdminPanelAction $config->query('COMMIT'); return; - - } - - /** - * Delete a design setting - * - * @return mixed $result false if something didn't work - */ - - function deleteSetting($section, $setting) - { - $config = new Config(); - - $config->section = $section; - $config->setting = $setting; - - if ($config->find(true)) { - $result = $config->delete(); - if (!$result) { - common_log_db_error($config, 'DELETE', __FILE__); - $this->clientError(_("Unable to delete design setting.")); - return null; - } - } - - return $result; } /** @@ -233,6 +206,7 @@ class DesignadminpanelAction extends AdminPanelAction function restoreDefaults() { + $this->deleteSetting('site', 'logo'); $this->deleteSetting('site', 'theme'); $settings = array( @@ -243,6 +217,8 @@ class DesignadminpanelAction extends AdminPanelAction foreach ($settings as $setting) { $this->deleteSetting('design', $setting); } + + // XXX: Should we restore the default dir settings, etc.? --Z } /** @@ -264,8 +240,7 @@ class DesignadminpanelAction extends AdminPanelAction $imagefile = ImageFile::fromUpload('design_background-image_file'); } catch (Exception $e) { - $this->success = false; - $this->msg = $e->getMessage(); + $this->clientError('Unable to save background image.'); return; } @@ -297,8 +272,48 @@ class DesignadminpanelAction extends AdminPanelAction function validate(&$values) { - if (!in_array($values['theme'], Theme::listAvailable())) { - $this->clientError(sprintf(_("Theme not available: %s"), $values['theme'])); + + if (!empty($values['site']['logo']) && + !Validate::uri($values['site']['logo'], array('allowed_schemes' => array('http', 'https')))) { + $this->clientError(_("Invalid logo URL.")); + } + + if (!in_array($values['site']['theme'], Theme::listAvailable())) { + $this->clientError(sprintf(_("Theme not available: %s"), $values['site']['theme'])); + } + + // Make sure the directories are there + + if (!empty($values['theme']['dir']) && !is_readable($values['theme']['dir'])) { + $this->clientError(sprintf(_("Theme directory not readable: %s"), $values['theme']['dir'])); + } + + if (empty($values['avatar']['dir']) || !is_writable($values['avatar']['dir'])) { + $this->clientError(sprintf(_("Avatar directory not writable: %s"), $values['avatar']['dir'])); + } + + if (empty($values['background']['dir']) || !is_writable($values['background']['dir'])) { + $this->clientError(sprintf(_("Background directory not writable: %s"), $values['background']['dir'])); + } + + // Do we need to do anything else but validate the + // other fields for length? Design settings are + // validated elsewhere --Z + + static $settings = array( + 'theme' => array('server', 'path'), + 'avatar' => array('server', 'path'), + 'background' => array('server', 'path') + ); + + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + if (mb_strlen($values[$section][$setting]) > 255) { + $this->clientError(sprintf(_("Max length for %s %s is 255 characters."), + $section, $setting)); + return; + } + } } } @@ -332,7 +347,7 @@ class DesignadminpanelAction extends AdminPanelAction } -class DesignAdminPanelForm extends Form +class DesignAdminPanelForm extends AdminForm { /** @@ -393,33 +408,85 @@ class DesignAdminPanelForm extends Form function formData() { - $design = $this->out->design; + $this->out->elementStart('fieldset', array('id' => 'settings_logo')); + $this->out->element('legend', null, _('Change logo')); - $themes = Theme::listAvailable(); + $this->out->elementStart('ul', 'form_data'); - asort($themes); + $this->li(); + $this->input('logo', _('Site logo'), 'Logo for the site (full URL)', 'site'); + $this->unli(); - $themes = array_combine($themes, $themes); + $this->out->elementEnd('ul'); - $this->out->elementStart('fieldset', array('id' => - 'settings_design_theme')); + $this->out->elementEnd('fieldset'); + $this->out->elementStart('fieldset', array('id' => 'settings_theme')); $this->out->element('legend', null, _('Change theme')); + $this->out->elementStart('ul', 'form_data'); - $this->out->elementStart('li'); - $this->out->dropdown('theme', _('Theme'), + $themes = Theme::listAvailable(); + + // XXX: listAvailable() can return an empty list if you + // screw up your settings, so just in case: + + if (empty($themes)) { + $themes = array('default', 'default'); + } + + asort($themes); + $themes = array_combine($themes, $themes); + + $this->li(); + $this->out->dropdown('site-theme', _('Site theme'), $themes, _('Theme for the site.'), - false, $this->value('theme')); - $this->out->elementEnd('li'); + false, $this->value('theme', 'site')); + $this->unli(); + + $this->li(); + $this->input('server', _('Theme server'), 'Server for themes', 'theme'); + $this->unli(); + + $this->li(); + $this->input('path', _('Theme path'), 'Web path to themes', 'theme'); + $this->unli(); + + $this->li(); + $this->input('dir', _('Theme directory'), 'Directory where themes are located', 'theme'); + $this->unli(); + + $this->out->elementEnd('ul'); + + $this->out->elementEnd('fieldset'); + $this->out->elementStart('fieldset', array('id' => 'settings_avatar')); + $this->out->element('legend', null, _('Avatar Settings')); + + $this->out->elementStart('ul', 'form_data'); + + $this->li(); + $this->input('server', _('Avatar server'), 'Server for avatars', 'avatar'); + $this->unli(); + + $this->li(); + $this->input('path', _('Avatar path'), 'Web path to avatars', 'avatar'); + $this->unli(); + + $this->li(); + $this->input('dir', _('Avatar directory'), 'Directory where avatars are located', 'avatar'); + $this->unli(); + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + $design = $this->out->design; $this->out->elementStart('fieldset', array('id' => 'settings_design_background-image')); $this->out->element('legend', null, _('Change background image')); $this->out->elementStart('ul', 'form_data'); - $this->out->elementStart('li'); + + $this->li(); $this->out->element('label', array('for' => 'design_background-image_file'), _('Background')); $this->out->element('input', array('name' => 'design_background-image_file', @@ -432,7 +499,7 @@ class DesignAdminPanelForm extends Form 'type' => 'hidden', 'id' => 'MAX_FILE_SIZE', 'value' => ImageFile::maxFileSizeInt())); - $this->out->elementEnd('li'); + $this->unli(); if (!empty($design->backgroundimage)) { @@ -474,27 +541,40 @@ class DesignAdminPanelForm extends Form 'class' => 'radio'), _('Off')); $this->out->element('p', 'form_guide', _('Turn background image on or off.')); - $this->out->elementEnd('li'); + $this->unli(); - $this->out->elementStart('li'); + $this->li(); $this->out->checkbox('design_background-image_repeat', _('Tile background image'), ($design->disposition & BACKGROUND_TILE) ? true : false); - $this->out->elementEnd('li'); + $this->unli(); } + $this->li(); + $this->input('server', _('Background server'), 'Server for backgrounds', 'background'); + $this->unli(); + + $this->li(); + $this->input('path', _('Background path'), 'Web path to backgrounds', 'background'); + $this->unli(); + + $this->li(); + $this->input('dir', _('Background directory'), 'Directory where backgrounds are located', 'background'); + $this->unli(); + $this->out->elementEnd('ul'); $this->out->elementEnd('fieldset'); $this->out->elementStart('fieldset', array('id' => 'settings_design_color')); $this->out->element('legend', null, _('Change colours')); + $this->out->elementStart('ul', 'form_data'); try { $bgcolor = new WebColor($design->backgroundcolor); - $this->out->elementStart('li'); + $this->li(); $this->out->element('label', array('for' => 'swatch-1'), _('Background')); $this->out->element('input', array('name' => 'design_background', 'type' => 'text', @@ -503,11 +583,11 @@ class DesignAdminPanelForm extends Form 'maxlength' => '7', 'size' => '7', 'value' => '')); - $this->out->elementEnd('li'); + $this->unli(); $ccolor = new WebColor($design->contentcolor); - $this->out->elementStart('li'); + $this->li(); $this->out->element('label', array('for' => 'swatch-2'), _('Content')); $this->out->element('input', array('name' => 'design_content', 'type' => 'text', @@ -516,11 +596,11 @@ class DesignAdminPanelForm extends Form 'maxlength' => '7', 'size' => '7', 'value' => '')); - $this->out->elementEnd('li'); + $this->unli(); $sbcolor = new WebColor($design->sidebarcolor); - $this->out->elementStart('li'); + $this->li(); $this->out->element('label', array('for' => 'swatch-3'), _('Sidebar')); $this->out->element('input', array('name' => 'design_sidebar', 'type' => 'text', @@ -529,11 +609,11 @@ class DesignAdminPanelForm extends Form 'maxlength' => '7', 'size' => '7', 'value' => '')); - $this->out->elementEnd('li'); + $this->unli(); $tcolor = new WebColor($design->textcolor); - $this->out->elementStart('li'); + $this->li(); $this->out->element('label', array('for' => 'swatch-4'), _('Text')); $this->out->element('input', array('name' => 'design_text', 'type' => 'text', @@ -542,11 +622,11 @@ class DesignAdminPanelForm extends Form 'maxlength' => '7', 'size' => '7', 'value' => '')); - $this->out->elementEnd('li'); + $this->unli(); $lcolor = new WebColor($design->linkcolor); - $this->out->elementStart('li'); + $this->li(); $this->out->element('label', array('for' => 'swatch-5'), _('Links')); $this->out->element('input', array('name' => 'design_links', 'type' => 'text', @@ -555,49 +635,16 @@ class DesignAdminPanelForm extends Form 'maxlength' => '7', 'size' => '7', 'value' => '')); - $this->out->elementEnd('li'); + $this->unli(); } catch (WebColorException $e) { common_log(LOG_ERR, 'Bad color values in site design: ' . $e->getMessage()); } - $this->out->elementEnd('ul'); $this->out->elementEnd('fieldset'); - } - - /** - * Utility to simplify some of the duplicated code around - * params and settings. - * - * @param string $setting Name of the setting - * @param string $title Title to use for the input - * @param string $instructions Instructions for this field - * - * @return void - */ - - function input($setting, $title, $instructions) - { - $this->out->input($setting, $title, $this->value($setting), $instructions); - } - - /** - * Utility to simplify getting the posted-or-stored setting value - * - * @param string $setting Name of the setting - * - * @return string param value if posted, or current config value - */ - - function value($setting) - { - $value = $this->out->trimmed($setting); - if (empty($value)) { - $value = common_config('site', $setting); - } - return $value; + $this->out->elementEnd('ul'); } /** @@ -618,5 +665,27 @@ class DesignAdminPanelForm extends Form 'title' => _('Reset back to default'))); $this->out->submit('save', _('Save'), 'submit form_action-secondary', - 'save', _('Save design')); } + 'save', _('Save design')); + } + + + /** + * Utility to simplify some of the duplicated code around + * params and settings. Overriding the input() in the base class + * to handle a whole bunch of cases of settings with the same + * name under different sections. + * + * @param string $setting Name of the setting + * @param string $title Title to use for the input + * @param string $instructions Instructions for this field + * @param string $section config section, default = 'site' + * + * @return void + */ + + function input($setting, $title, $instructions, $section='site') + { + $this->out->input("$section-$setting", $title, $this->value($setting, $section), $instructions); + } + } diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index c316f8e17..965afb685 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -193,7 +193,7 @@ class SiteadminpanelAction extends AdminPanelAction } } -class SiteAdminPanelForm extends Form +class SiteAdminPanelForm extends AdminForm { /** * ID of the form @@ -315,51 +315,6 @@ class SiteAdminPanelForm extends Form $this->out->elementEnd('ul'); } - /** - * Utility to simplify some of the duplicated code around - * params and settings. - * - * @param string $setting Name of the setting - * @param string $title Title to use for the input - * @param string $instructions Instructions for this field - * @param string $section config section, default = 'site' - * - * @return void - */ - - function input($setting, $title, $instructions, $section='site') - { - $this->out->input($setting, $title, $this->value($setting, $section), $instructions); - } - - /** - * Utility to simplify getting the posted-or-stored setting value - * - * @param string $setting Name of the setting - * @param string $main configuration section, default = 'site' - * - * @return string param value if posted, or current config value - */ - - function value($setting, $main='site') - { - $value = $this->out->trimmed($setting); - if (empty($value)) { - $value = common_config($main, $setting); - } - return $value; - } - - function li() - { - $this->out->elementStart('li'); - } - - function unli() - { - $this->out->elementEnd('li'); - } - /** * Action elements * diff --git a/lib/adminform.php b/lib/adminform.php new file mode 100644 index 000000000..3934f6351 --- /dev/null +++ b/lib/adminform.php @@ -0,0 +1,86 @@ +. + * + * @category Widget + * @package StatusNet + * @author Zach Copley + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +/** + * Base class for Administrative forms + * + * Just a place holder for some utility methods to simply some + * repetitive form building code + * + * @category Widget + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + * + * @see Form + */ + +class AdminForm extends Form +{ + /** + * Utility to simplify some of the duplicated code around + * params and settings. + * + * @param string $setting Name of the setting + * @param string $title Title to use for the input + * @param string $instructions Instructions for this field + * @param string $section config section, default = 'site' + * + * @return void + */ + + function input($setting, $title, $instructions, $section='site') + { + $this->out->input($setting, $title, $this->value($setting, $section), $instructions); + } + + /** + * Utility to simplify getting the posted-or-stored setting value + * + * @param string $setting Name of the setting + * @param string $main configuration section, default = 'site' + * + * @return string param value if posted, or current config value + */ + + function value($setting, $main='site') + { + $value = $this->out->trimmed($setting); + if (empty($value)) { + $value = common_config($main, $setting); + } + return $value; + } + +} diff --git a/lib/adminpanelaction.php b/lib/adminpanelaction.php index 33b210da3..e0c253ccf 100644 --- a/lib/adminpanelaction.php +++ b/lib/adminpanelaction.php @@ -224,6 +224,33 @@ class AdminPanelAction extends Action $this->clientError(_('saveSettings() not implemented.')); return; } + + /** + * Delete a design setting + * + * // XXX: Maybe this should go in Design? --Z + * + * @return mixed $result false if something didn't work + */ + + function deleteSetting($section, $setting) + { + $config = new Config(); + + $config->section = $section; + $config->setting = $setting; + + if ($config->find(true)) { + $result = $config->delete(); + if (!$result) { + common_log_db_error($config, 'DELETE', __FILE__); + $this->clientError(_("Unable to delete design setting.")); + return null; + } + } + + return $result; + } } /** diff --git a/lib/form.php b/lib/form.php index 868c986b9..f6501dc6d 100644 --- a/lib/form.php +++ b/lib/form.php @@ -181,4 +181,14 @@ class Form extends Widget { return 'form'; } + + function li() + { + $this->out->elementStart('li'); + } + + function unli() + { + $this->out->elementEnd('li'); + } } -- cgit v1.2.3-54-g00ecf From 4d589e4c2d5c815fb798a6642f4d676b9fda8f7b Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Thu, 19 Nov 2009 07:40:03 +0000 Subject: Updated markup and style for design admin fieldsets --- actions/designadminpanel.php | 6 +++--- theme/base/css/display.css | 3 +-- 2 files changed, 4 insertions(+), 5 deletions(-) (limited to 'actions') diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php index 156c3f1ab..7c71c032a 100644 --- a/actions/designadminpanel.php +++ b/actions/designadminpanel.php @@ -408,7 +408,7 @@ class DesignAdminPanelForm extends AdminForm function formData() { - $this->out->elementStart('fieldset', array('id' => 'settings_logo')); + $this->out->elementStart('fieldset', array('id' => 'settings_design_logo')); $this->out->element('legend', null, _('Change logo')); $this->out->elementStart('ul', 'form_data'); @@ -420,7 +420,7 @@ class DesignAdminPanelForm extends AdminForm $this->out->elementEnd('ul'); $this->out->elementEnd('fieldset'); - $this->out->elementStart('fieldset', array('id' => 'settings_theme')); + $this->out->elementStart('fieldset', array('id' => 'settings_design_theme')); $this->out->element('legend', null, _('Change theme')); $this->out->elementStart('ul', 'form_data'); @@ -458,7 +458,7 @@ class DesignAdminPanelForm extends AdminForm $this->out->elementEnd('ul'); $this->out->elementEnd('fieldset'); - $this->out->elementStart('fieldset', array('id' => 'settings_avatar')); + $this->out->elementStart('fieldset', array('id' => 'settings_design_avatar')); $this->out->element('legend', null, _('Avatar Settings')); $this->out->elementStart('ul', 'form_data'); diff --git a/theme/base/css/display.css b/theme/base/css/display.css index e5f5df68c..85683a91d 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -172,8 +172,7 @@ font-weight:bold; #form_password_recover legend, #form_password_change legend, .form_entity_block legend, -#form_filter_bytag legend, -#settings_design_theme legend { +#form_filter_bytag legend { display:none; } -- cgit v1.2.3-54-g00ecf From 08165c8f037d9530995a9b312999fa6cc0f0cc97 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 19 Nov 2009 01:46:14 -0800 Subject: Site admin panel mostly done. Still need to add CC license chooser. --- actions/siteadminpanel.php | 84 ++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 82 insertions(+), 2 deletions(-) (limited to 'actions') diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index 965afb685..b48be19a0 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -91,10 +91,12 @@ class SiteadminpanelAction extends AdminPanelAction function saveSettings() { static $settings = array('site' => array('name', 'broughtby', 'broughtbyurl', - 'email', 'timezone', 'language'), + 'email', 'timezone', 'language', + 'ssl', 'sslserver', 'site', 'path', + 'textlimit', 'dupelimit'), 'snapshot' => array('run', 'reporturl', 'frequency')); - static $booleans = array('site' => array('private')); + static $booleans = array('site' => array('private', 'inviteonly', 'closed', 'fancy')); $values = array(); @@ -190,6 +192,30 @@ class SiteadminpanelAction extends AdminPanelAction $this->clientError(_("Snapshot frequency must be a number.")); } + // Validate SSL setup + + if (in_array($values['site']['ssl'], array('sometimes', 'always'))) { + if (empty($values['site']['sslserver'])) { + $this->clientError(_("You must set an SSL sever when enabling SSL.")); + } + } + + if (mb_strlen($values['site']['sslserver']) > 255) { + $this->clientError(_("Invalid SSL server. Max length is 255 characters.")); + } + + // Validate text limit + + if (!Validate::number($values['site']['textlimit'], array('min' => 140))) { + $this->clientError(_("Minimum text limit is 140c.")); + } + + // Validate dupe limit + + if (!Validate::number($values['site']['dupelimit'], array('min' => 1))) { + $this->clientError(_("Dupe limit must 1 or more seconds.")); + } + } } @@ -277,12 +303,41 @@ class SiteAdminPanelForm extends AdminForm false, $this->value('language')); $this->unli(); + + $this->li(); + $this->input('locale_path', _('Path to locales'), _('Directory path to locales')); + $this->unli(); + + $this->li(); + $this->input('server', _('Server'), _('Site\'s server hostname.')); + $this->unli(); + + $this->li(); + $this->input('path', _('Path'), _('Site path')); + $this->unli(); + $this->li(); + $this->out->checkbox('fancy', _('Fancy URLs'), + (bool) $this->value('fancy'), + _('Use fancy (more readable and memorable) URLs?')); + $this->unli(); + $this->li(); $this->out->checkbox('private', _('Private'), (bool) $this->value('private'), _('Prohibit anonymous users (not logged in) from viewing site?')); + $this->unli(); + $this->li(); + $this->out->checkbox('inviteonly', _('Invite only'), + (bool) $this->value('inviteonly'), + _('Make registration invitation only.')); + $this->unli(); + + $this->li(); + $this->out->checkbox('closed', _('Closed'), + (bool) $this->value('closed'), + _('Disable new registrations.')); $this->unli(); $this->li(); @@ -312,6 +367,31 @@ class SiteAdminPanelForm extends AdminForm $this->unli(); + $this->li(); + + $ssl = array('never' => _('Never'), + 'sometimes' => _('Sometimes'), + 'always' => _('Always')); + + $this->out->dropdown('ssl', _('Use SSL'), + $ssl, _('When to use SSL'), + false, $this->value('ssl', 'site')); + + $this->unli(); + + $this->li(); + $this->input('sslserver', _('SSL Server'), + _('Server to direct SSL requests to')); + $this->unli(); + + $this->li(); + $this->input('textlimit', _('Text limit'), _('Maximum number of characters for notices.')); + $this->unli(); + + $this->li(); + $this->input('dupelimit', _('Dupe limit'), _('How long users must wait (in seconds) to post the same thing again.')); + $this->unli(); + $this->out->elementEnd('ul'); } -- cgit v1.2.3-54-g00ecf From 409ce3556d07f66e5a65e035f9d52b8421441911 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 19 Nov 2009 01:56:29 -0800 Subject: Added locales_path to site admin panel --- actions/siteadminpanel.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index b48be19a0..ce6d3f544 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -93,7 +93,7 @@ class SiteadminpanelAction extends AdminPanelAction static $settings = array('site' => array('name', 'broughtby', 'broughtbyurl', 'email', 'timezone', 'language', 'ssl', 'sslserver', 'site', 'path', - 'textlimit', 'dupelimit'), + 'textlimit', 'dupelimit', 'locale_path'), 'snapshot' => array('run', 'reporturl', 'frequency')); static $booleans = array('site' => array('private', 'inviteonly', 'closed', 'fancy')); @@ -216,6 +216,14 @@ class SiteadminpanelAction extends AdminPanelAction $this->clientError(_("Dupe limit must 1 or more seconds.")); } + // Validate locales path + + // XXX: What else do we need to validate for lacales path here? --Z + + if (!empty($values['site']['locale_path']) && !is_readable($values['site']['locale_path'])) { + $this->clientError(sprintf(_("Locales directory not readable: %s"), $values['site']['locale_path'])); + } + } } -- cgit v1.2.3-54-g00ecf From 1e5bb7fa68ea8b843d4d93e473d41694ee95dbe4 Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Thu, 19 Nov 2009 10:34:43 +0000 Subject: Added fieldsets for site admin page --- actions/siteadminpanel.php | 52 +++++++++++++++++++++++++++++++++------------- 1 file changed, 37 insertions(+), 15 deletions(-) (limited to 'actions') diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index ce6d3f544..916b9ebfb 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -270,15 +270,19 @@ class SiteAdminPanelForm extends AdminForm function formData() { + $this->out->elementStart('fieldset', array('id' => 'settings_admin_general')); + $this->out->element('legend', null, _('General')); $this->out->elementStart('ul', 'form_data'); $this->li(); $this->input('name', _('Site name'), _('The name of your site, like "Yourcompany Microblog"')); $this->unli(); + $this->li(); $this->input('broughtby', _('Brought by'), _('Text used for credits link in footer of each page')); $this->unli(); + $this->li(); $this->input('broughtbyurl', _('Brought by URL'), _('URL used for credits link in footer of each page')); @@ -286,9 +290,13 @@ class SiteAdminPanelForm extends AdminForm $this->li(); $this->input('email', _('Email'), _('contact email address for your site')); - $this->unli(); + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + $this->out->elementStart('fieldset', array('id' => 'settings_admin_local')); + $this->out->element('legend', null, _('Local')); + $this->out->elementStart('ul', 'form_data'); $timezones = array(); foreach (DateTimeZone::listIdentifiers() as $k => $v) { @@ -298,24 +306,26 @@ class SiteAdminPanelForm extends AdminForm asort($timezones); $this->li(); - $this->out->dropdown('timezone', _('Default timezone'), $timezones, _('Default timezone for the site; usually UTC.'), true, $this->value('timezone')); - $this->unli(); - $this->li(); + $this->li(); $this->out->dropdown('language', _('Language'), get_nice_language_list(), _('Default site language'), false, $this->value('language')); - $this->unli(); $this->li(); $this->input('locale_path', _('Path to locales'), _('Directory path to locales')); $this->unli(); + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + $this->out->elementStart('fieldset', array('id' => 'settings_admin_urls')); + $this->out->element('legend', null, _('URLs')); + $this->out->elementStart('ul', 'form_data'); $this->li(); $this->input('server', _('Server'), _('Site\'s server hostname.')); $this->unli(); @@ -329,7 +339,12 @@ class SiteAdminPanelForm extends AdminForm (bool) $this->value('fancy'), _('Use fancy (more readable and memorable) URLs?')); $this->unli(); + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + $this->out->elementStart('fieldset', array('id' => 'settings_admin_access')); + $this->out->element('legend', null, _('Access')); + $this->out->elementStart('ul', 'form_data'); $this->li(); $this->out->checkbox('private', _('Private'), (bool) $this->value('private'), @@ -347,36 +362,39 @@ class SiteAdminPanelForm extends AdminForm (bool) $this->value('closed'), _('Disable new registrations.')); $this->unli(); + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + $this->out->elementStart('fieldset', array('id' => 'settings_admin_snapshots')); + $this->out->element('legend', null, _('Snapshots')); + $this->out->elementStart('ul', 'form_data'); $this->li(); - $snapshot = array('web' => _('Randomly during Web hit'), 'cron' => _('In a scheduled job'), 'never' => _('Never')); - $this->out->dropdown('run', _('Data snapshots'), $snapshot, _('When to send statistical data to status.net servers'), false, $this->value('run', 'snapshot')); - $this->unli(); - $this->li(); + $this->li(); $this->input('frequency', _('Frequency'), _('Snapshots will be sent once every N Web hits'), 'snapshot'); - $this->unli(); $this->li(); - $this->input('reporturl', _('Report URL'), _('Snapshots will be sent to this URL'), 'snapshot'); - $this->unli(); + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + $this->out->elementStart('fieldset', array('id' => 'settings_admin_ssl')); + $this->out->element('legend', null, _('SSL')); + $this->out->elementStart('ul', 'form_data'); $this->li(); - $ssl = array('never' => _('Never'), 'sometimes' => _('Sometimes'), 'always' => _('Always')); @@ -384,14 +402,18 @@ class SiteAdminPanelForm extends AdminForm $this->out->dropdown('ssl', _('Use SSL'), $ssl, _('When to use SSL'), false, $this->value('ssl', 'site')); - $this->unli(); $this->li(); $this->input('sslserver', _('SSL Server'), _('Server to direct SSL requests to')); $this->unli(); + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + $this->out->elementStart('fieldset', array('id' => 'settings_admin_limits')); + $this->out->element('legend', null, _('Limits')); + $this->out->elementStart('ul', 'form_data'); $this->li(); $this->input('textlimit', _('Text limit'), _('Maximum number of characters for notices.')); $this->unli(); @@ -399,8 +421,8 @@ class SiteAdminPanelForm extends AdminForm $this->li(); $this->input('dupelimit', _('Dupe limit'), _('How long users must wait (in seconds) to post the same thing again.')); $this->unli(); - $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); } /** -- cgit v1.2.3-54-g00ecf From 643318e98cea3bd1d0fddab7acded86319e5df8c Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Thu, 19 Nov 2009 11:27:49 +0000 Subject: Updated form markup for email settings --- actions/emailsettings.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/emailsettings.php b/actions/emailsettings.php index 67b991cdc..761aaa8f3 100644 --- a/actions/emailsettings.php +++ b/actions/emailsettings.php @@ -95,7 +95,7 @@ class EmailsettingsAction extends AccountSettingsAction 'class' => 'form_settings', 'action' => common_local_url('emailsettings'))); - + $this->elementStart('fieldset'); $this->elementStart('fieldset', array('id' => 'settings_email_address')); $this->element('legend', null, _('Address')); $this->hidden('token', common_session_token()); @@ -194,6 +194,7 @@ class EmailsettingsAction extends AccountSettingsAction $this->elementEnd('ul'); $this->submit('save', _('Save')); $this->elementEnd('fieldset'); + $this->elementEnd('fieldset'); $this->elementEnd('form'); } -- cgit v1.2.3-54-g00ecf From 4463768baed036b487d473a60b30f0c314ee1673 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Thu, 19 Nov 2009 12:00:25 -0500 Subject: tobyink's location RDF patch --- actions/foaf.php | 26 ++++++++++++++++++++++---- lib/location.php | 24 ++++++++++++++++++++++++ lib/rssaction.php | 12 ++++++++++++ plugins/GeonamesPlugin.php | 24 ++++++++++++++++++++++++ 4 files changed, 82 insertions(+), 4 deletions(-) (limited to 'actions') diff --git a/actions/foaf.php b/actions/foaf.php index 356393304..e9f67b7f2 100644 --- a/actions/foaf.php +++ b/actions/foaf.php @@ -108,11 +108,29 @@ class FoafAction extends Action if ($this->profile->bio) { $this->element('bio:olb', null, $this->profile->bio); } - // XXX: more structured location data - if ($this->profile->location) { + + $location = $this->profile->getLocation(); + if ($location) { + $attr = array(); + if ($location->getRdfURL()) { + $attr['rdf:about'] = $location->getRdfURL(); + } + $location_name = $location->getName(); + $this->elementStart('based_near'); - $this->elementStart('geo:SpatialThing'); - $this->element('name', null, $this->profile->location); + $this->elementStart('geo:SpatialThing', $attr); + if ($location_name) { + $this->element('name', null, $location_name); + } + if ($location->lat) { + $this->element('geo:lat', null, $location->lat); + } + if ($location->lon) { + $this->element('geo:long', null, $location->lat); + } + if ($location->getURL()) { + $this->element('page', array('rdf:resource'=>$location->getURL())); + } $this->elementEnd('geo:SpatialThing'); $this->elementEnd('based_near'); } diff --git a/lib/location.php b/lib/location.php index bbfc15a36..191550d6d 100644 --- a/lib/location.php +++ b/lib/location.php @@ -52,6 +52,7 @@ class Location public $location_id; public $location_ns; private $_url; + private $_rdfurl; var $names = array(); @@ -185,4 +186,27 @@ class Location return $url; } + + /** + * Get an URL for this location, suitable for embedding in RDF + * + * @return string URL for this location or NULL + */ + + function getRdfURL() + { + // Keep one cached + + if (is_string($this->_rdfurl)) { + return $this->_rdfurl; + } + + $url = null; + + Event::handle('LocationRdfUrl', array($this, &$url)); + + $this->_rdfurl = $url; + + return $url; + } } diff --git a/lib/rssaction.php b/lib/rssaction.php index faf6bec7d..cd4c8b51c 100644 --- a/lib/rssaction.php +++ b/lib/rssaction.php @@ -244,6 +244,16 @@ class Rss10Action extends Action $this->element('dc:creator', null, ($profile->fullname) ? $profile->fullname : $profile->nickname); $this->element('foaf:maker', array('rdf:resource' => $creator_uri)); $this->element('sioc:has_creator', array('rdf:resource' => $creator_uri.'#acct')); + $location = $notice->getLocation(); + if ($location && isset($location->lat) && isset($location->lon)) { + $location_uri = $location->getRdfURL(); + $attrs = array('geo:lat' => $location->lat, + 'geo:long' => $location->lon); + if (strlen($location_uri)) { + $attrs['rdf:resource'] = $location_uri; + } + $this->element('statusnet:origin', $attrs); + } $this->element('statusnet:postIcon', array('rdf:resource' => $profile->avatarUrl())); $this->element('cc:licence', array('rdf:resource' => common_config('license', 'url'))); if ($notice->reply_to) { @@ -354,6 +364,8 @@ class Rss10Action extends Action 'http://rdfs.org/sioc/types#', 'xmlns:rdfs' => 'http://www.w3.org/2000/01/rdf-schema#', + 'xmlns:geo' => + 'http://www.w3.org/2003/01/geo/wgs84_pos#', 'xmlns:statusnet' => 'http://status.net/ont/', 'xmlns' => 'http://purl.org/rss/1.0/')); diff --git a/plugins/GeonamesPlugin.php b/plugins/GeonamesPlugin.php index 1d7381a80..59232c1c5 100644 --- a/plugins/GeonamesPlugin.php +++ b/plugins/GeonamesPlugin.php @@ -302,4 +302,28 @@ class GeonamesPlugin extends Plugin // it's been filled, so don't process further. return false; } + + /** + * Machine-readable name for a location + * + * Given a location, we try to retrieve a geonames.org URL. + * + * @param Location $location Location to get the url for + * @param string &$url Place to put the url + * + * @return boolean whether to continue + */ + + function onLocationRdfUrl($location, &$url) + { + if ($location->location_ns != self::LOCATION_NS) { + // It's not one of our IDs... keep processing + return true; + } + + $url = 'http://sw.geonames.org/' . $location->location_id . '/'; + + // it's been filled, so don't process further. + return false; + } } -- cgit v1.2.3-54-g00ecf From b8de14af2c91eb50b62e352a5a66ee3ee474d7a0 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 19 Nov 2009 11:55:07 -0800 Subject: Moved most path and server settings to a new paths admin panel --- actions/designadminpanel.php | 134 ++---------------- actions/pathsadminpanel.php | 320 +++++++++++++++++++++++++++++++++++++++++++ actions/siteadminpanel.php | 19 +-- lib/adminpanelaction.php | 3 + lib/router.php | 2 + 5 files changed, 341 insertions(+), 137 deletions(-) create mode 100644 actions/pathsadminpanel.php (limited to 'actions') diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php index 7c71c032a..8bc8c4450 100644 --- a/actions/designadminpanel.php +++ b/actions/designadminpanel.php @@ -129,19 +129,14 @@ class DesignadminpanelAction extends AdminPanelAction $bgimage = $this->saveBackgroundImage(); - static $settings = array( - 'site' => array('theme', 'logo'), - 'theme' => array('server', 'dir', 'path'), - 'avatar' => array('server', 'dir', 'path'), - 'background' => array('server', 'dir', 'path') - ); + common_debug("background image: $bgimage"); + + static $settings = array('theme', 'logo'); $values = array(); - foreach ($settings as $section => $parts) { - foreach ($parts as $setting) { - $values[$section][$setting] = $this->trimmed("$section-$setting"); - } + foreach ($settings as $setting) { + $values[$setting] = $this->trimmed($setting); } $this->validate($values); @@ -171,10 +166,8 @@ class DesignadminpanelAction extends AdminPanelAction $config->query('BEGIN'); - foreach ($settings as $section => $parts) { - foreach ($parts as $setting) { - Config::save($section, $setting, $values[$section][$setting]); - } + foreach ($settings as $setting) { + Config::save('site', $setting, $values[$setting]); } if (isset($bgimage)) { @@ -272,48 +265,13 @@ class DesignadminpanelAction extends AdminPanelAction function validate(&$values) { - - if (!empty($values['site']['logo']) && - !Validate::uri($values['site']['logo'], array('allowed_schemes' => array('http', 'https')))) { + if (!empty($values['logo']) && + !Validate::uri($values['logo'], array('allowed_schemes' => array('http', 'https')))) { $this->clientError(_("Invalid logo URL.")); } - if (!in_array($values['site']['theme'], Theme::listAvailable())) { - $this->clientError(sprintf(_("Theme not available: %s"), $values['site']['theme'])); - } - - // Make sure the directories are there - - if (!empty($values['theme']['dir']) && !is_readable($values['theme']['dir'])) { - $this->clientError(sprintf(_("Theme directory not readable: %s"), $values['theme']['dir'])); - } - - if (empty($values['avatar']['dir']) || !is_writable($values['avatar']['dir'])) { - $this->clientError(sprintf(_("Avatar directory not writable: %s"), $values['avatar']['dir'])); - } - - if (empty($values['background']['dir']) || !is_writable($values['background']['dir'])) { - $this->clientError(sprintf(_("Background directory not writable: %s"), $values['background']['dir'])); - } - - // Do we need to do anything else but validate the - // other fields for length? Design settings are - // validated elsewhere --Z - - static $settings = array( - 'theme' => array('server', 'path'), - 'avatar' => array('server', 'path'), - 'background' => array('server', 'path') - ); - - foreach ($settings as $section => $parts) { - foreach ($parts as $setting) { - if (mb_strlen($values[$section][$setting]) > 255) { - $this->clientError(sprintf(_("Max length for %s %s is 255 characters."), - $section, $setting)); - return; - } - } + if (!in_array($values['theme'], Theme::listAvailable())) { + $this->clientError(sprintf(_("Theme not available: %s"), $values['theme'])); } } @@ -414,7 +372,7 @@ class DesignAdminPanelForm extends AdminForm $this->out->elementStart('ul', 'form_data'); $this->li(); - $this->input('logo', _('Site logo'), 'Logo for the site (full URL)', 'site'); + $this->input('logo', _('Site logo'), 'Logo for the site (full URL)'); $this->unli(); $this->out->elementEnd('ul'); @@ -438,41 +396,9 @@ class DesignAdminPanelForm extends AdminForm $themes = array_combine($themes, $themes); $this->li(); - $this->out->dropdown('site-theme', _('Site theme'), + $this->out->dropdown('theme', _('Site theme'), $themes, _('Theme for the site.'), - false, $this->value('theme', 'site')); - $this->unli(); - - $this->li(); - $this->input('server', _('Theme server'), 'Server for themes', 'theme'); - $this->unli(); - - $this->li(); - $this->input('path', _('Theme path'), 'Web path to themes', 'theme'); - $this->unli(); - - $this->li(); - $this->input('dir', _('Theme directory'), 'Directory where themes are located', 'theme'); - $this->unli(); - - $this->out->elementEnd('ul'); - - $this->out->elementEnd('fieldset'); - $this->out->elementStart('fieldset', array('id' => 'settings_design_avatar')); - $this->out->element('legend', null, _('Avatar Settings')); - - $this->out->elementStart('ul', 'form_data'); - - $this->li(); - $this->input('server', _('Avatar server'), 'Server for avatars', 'avatar'); - $this->unli(); - - $this->li(); - $this->input('path', _('Avatar path'), 'Web path to avatars', 'avatar'); - $this->unli(); - - $this->li(); - $this->input('dir', _('Avatar directory'), 'Directory where avatars are located', 'avatar'); + false, $this->value('theme')); $this->unli(); $this->out->elementEnd('ul'); @@ -550,18 +476,6 @@ class DesignAdminPanelForm extends AdminForm $this->unli(); } - $this->li(); - $this->input('server', _('Background server'), 'Server for backgrounds', 'background'); - $this->unli(); - - $this->li(); - $this->input('path', _('Background path'), 'Web path to backgrounds', 'background'); - $this->unli(); - - $this->li(); - $this->input('dir', _('Background directory'), 'Directory where backgrounds are located', 'background'); - $this->unli(); - $this->out->elementEnd('ul'); $this->out->elementEnd('fieldset'); @@ -668,24 +582,4 @@ class DesignAdminPanelForm extends AdminForm 'save', _('Save design')); } - - /** - * Utility to simplify some of the duplicated code around - * params and settings. Overriding the input() in the base class - * to handle a whole bunch of cases of settings with the same - * name under different sections. - * - * @param string $setting Name of the setting - * @param string $title Title to use for the input - * @param string $instructions Instructions for this field - * @param string $section config section, default = 'site' - * - * @return void - */ - - function input($setting, $title, $instructions, $section='site') - { - $this->out->input("$section-$setting", $title, $this->value($setting, $section), $instructions); - } - } diff --git a/actions/pathsadminpanel.php b/actions/pathsadminpanel.php new file mode 100644 index 000000000..c4ab18c00 --- /dev/null +++ b/actions/pathsadminpanel.php @@ -0,0 +1,320 @@ +. + * + * @category Settings + * @package StatusNet + * @author Evan Prodromou + * @author Zach Copley + * @author Sarven Capadisli + * @copyright 2008-2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Paths settings + * + * @category Admin + * @package StatusNet + * @author Evan Prodromou + * @author Zach Copley + * @author Sarven Capadisli + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class PathsadminpanelAction extends AdminPanelAction +{ + + /** + * Returns the page title + * + * @return string page title + */ + + function title() + { + return _('Paths'); + } + + /** + * Instructions for using this form. + * + * @return string instructions + */ + + function getInstructions() + { + return _('Path and server settings for this StatusNet site.'); + } + + /** + * Show the paths admin panel form + * + * @return void + */ + + function showForm() + { + $form = new PathsAdminPanelForm($this); + $form->show(); + return; + } + + /** + * Save settings from the form + * + * @return void + */ + + function saveSettings() + { + static $settings = array( + 'site' => array('path', 'locale_path'), + 'theme' => array('server', 'dir', 'path'), + 'avatar' => array('server', 'dir', 'path'), + 'background' => array('server', 'dir', 'path') + ); + + $values = array(); + + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + $values[$section][$setting] = $this->trimmed("$section-$setting"); + } + } + + $this->validate($values); + + // assert(all values are valid); + + $config = new Config(); + + $config->query('BEGIN'); + + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + Config::save($section, $setting, $values[$section][$setting]); + } + } + + $config->query('COMMIT'); + + return; + } + + /** + * Attempt to validate setting values + * + * @return void + */ + + function validate(&$values) + { + + // Validate theme dir + + if (!empty($values['theme']['dir']) && !is_readable($values['theme']['dir'])) { + $this->clientError(sprintf(_("Theme directory not readable: %s"), $values['theme']['dir'])); + } + + // Validate avatar dir + + if (empty($values['avatar']['dir']) || !is_writable($values['avatar']['dir'])) { + $this->clientError(sprintf(_("Avatar directory not writable: %s"), $values['avatar']['dir'])); + } + + // Validate background dir + + if (empty($values['background']['dir']) || !is_writable($values['background']['dir'])) { + $this->clientError(sprintf(_("Background directory not writable: %s"), $values['background']['dir'])); + } + + // Validate locales dir + + // XXX: What else do we need to validate for lacales path here? --Z + + if (!empty($values['site']['locale_path']) && !is_readable($values['site']['locale_path'])) { + $this->clientError(sprintf(_("Locales directory not readable: %s"), $values['site']['locale_path'])); + } + + } + +} + +class PathsAdminPanelForm extends AdminForm +{ + + /** + * ID of the form + * + * @return int ID of the form + */ + + function id() + { + return 'form_paths_admin_panel'; + } + + /** + * class of the form + * + * @return string class of the form + */ + + function formClass() + { + return 'form_settings'; + } + + /** + * Action of the form + * + * @return string URL of the action + */ + + function action() + { + return common_local_url('pathsadminpanel'); + } + + /** + * Data elements of the form + * + * @return void + */ + + function formData() + { + $this->out->elementStart('fieldset', array('id' => 'settings_paths_locale')); + $this->out->element('legend', null, _('Site'), 'site'); + $this->out->elementStart('ul', 'form_data'); + + $this->li(); + $this->input('path', _('Path'), _('Site path')); + $this->unli(); + + $this->li(); + $this->input('locale_path', _('Path to locales'), _('Directory path to locales'), 'site'); + $this->unli(); + + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + + $this->out->elementStart('fieldset', array('id' => 'settings_paths_theme')); + $this->out->element('legend', null, _('Theme')); + + $this->out->elementStart('ul', 'form_data'); + + $this->li(); + $this->input('server', _('Theme server'), 'Server for themes', 'theme'); + $this->unli(); + + $this->li(); + $this->input('path', _('Theme path'), 'Web path to themes', 'theme'); + $this->unli(); + + $this->li(); + $this->input('dir', _('Theme directory'), 'Directory where themes are located', 'theme'); + $this->unli(); + + $this->out->elementEnd('ul'); + + $this->out->elementEnd('fieldset'); + $this->out->elementStart('fieldset', array('id' => 'settings_avatar-paths')); + $this->out->element('legend', null, _('Avatars')); + + $this->out->elementStart('ul', 'form_data'); + + $this->li(); + $this->input('server', _('Avatar server'), 'Server for avatars', 'avatar'); + $this->unli(); + + $this->li(); + $this->input('path', _('Avatar path'), 'Web path to avatars', 'avatar'); + $this->unli(); + + $this->li(); + $this->input('dir', _('Avatar directory'), 'Directory where avatars are located', 'avatar'); + $this->unli(); + + $this->out->elementEnd('ul'); + + $this->out->elementEnd('fieldset'); + + $this->out->elementStart('fieldset', array('id' => + 'settings_design_background-paths')); + $this->out->element('legend', null, _('Backgrounds')); + $this->out->elementStart('ul', 'form_data'); + + $this->li(); + $this->input('server', _('Background server'), 'Server for backgrounds', 'background'); + $this->unli(); + + $this->li(); + $this->input('path', _('Background path'), 'Web path to backgrounds', 'background'); + $this->unli(); + + $this->li(); + $this->input('dir', _('Background directory'), 'Directory where backgrounds are located', 'background'); + $this->unli(); + + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + } + + /** + * Action elements + * + * @return void + */ + + function formActions() + { + $this->out->submit('save', _('Save'), 'submit form_action-secondary', + 'save', _('Save paths')); + } + + + /** + * Utility to simplify some of the duplicated code around + * params and settings. Overriding the input() in the base class + * to handle a whole bunch of cases of settings with the same + * name under different sections. + * + * @param string $setting Name of the setting + * @param string $title Title to use for the input + * @param string $instructions Instructions for this field + * @param string $section config section, default = 'site' + * + * @return void + */ + + function input($setting, $title, $instructions, $section='site') + { + $this->out->input("$section-$setting", $title, $this->value($setting, $section), $instructions); + } + +} diff --git a/actions/siteadminpanel.php b/actions/siteadminpanel.php index 916b9ebfb..40197d6e2 100644 --- a/actions/siteadminpanel.php +++ b/actions/siteadminpanel.php @@ -92,8 +92,8 @@ class SiteadminpanelAction extends AdminPanelAction { static $settings = array('site' => array('name', 'broughtby', 'broughtbyurl', 'email', 'timezone', 'language', - 'ssl', 'sslserver', 'site', 'path', - 'textlimit', 'dupelimit', 'locale_path'), + 'ssl', 'sslserver', 'site', + 'textlimit', 'dupelimit'), 'snapshot' => array('run', 'reporturl', 'frequency')); static $booleans = array('site' => array('private', 'inviteonly', 'closed', 'fancy')); @@ -216,14 +216,6 @@ class SiteadminpanelAction extends AdminPanelAction $this->clientError(_("Dupe limit must 1 or more seconds.")); } - // Validate locales path - - // XXX: What else do we need to validate for lacales path here? --Z - - if (!empty($values['site']['locale_path']) && !is_readable($values['site']['locale_path'])) { - $this->clientError(sprintf(_("Locales directory not readable: %s"), $values['site']['locale_path'])); - } - } } @@ -317,9 +309,6 @@ class SiteAdminPanelForm extends AdminForm false, $this->value('language')); $this->unli(); - $this->li(); - $this->input('locale_path', _('Path to locales'), _('Directory path to locales')); - $this->unli(); $this->out->elementEnd('ul'); $this->out->elementEnd('fieldset'); @@ -330,10 +319,6 @@ class SiteAdminPanelForm extends AdminForm $this->input('server', _('Server'), _('Site\'s server hostname.')); $this->unli(); - $this->li(); - $this->input('path', _('Path'), _('Site path')); - $this->unli(); - $this->li(); $this->out->checkbox('fancy', _('Fancy URLs'), (bool) $this->value('fancy'), diff --git a/lib/adminpanelaction.php b/lib/adminpanelaction.php index e0c253ccf..89a129db1 100644 --- a/lib/adminpanelaction.php +++ b/lib/adminpanelaction.php @@ -302,6 +302,9 @@ class AdminPanelNav extends Widget $this->out->menuItem(common_local_url('designadminpanel'), _('Design'), _('Design configuration'), $action_name == 'designadminpanel', 'nav_design_admin_panel'); + $this->out->menuItem(common_local_url('pathsadminpanel'), _('Paths'), + _('Paths configuration'), $action_name == 'pathsadminpanel', 'nav_design_admin_panel'); + Event::handle('EndAdminPanelNav', array($this)); } $this->action->elementEnd('ul'); diff --git a/lib/router.php b/lib/router.php index 9629267ac..ceb32aaa7 100644 --- a/lib/router.php +++ b/lib/router.php @@ -590,6 +590,8 @@ class Router $m->connect('admin/site', array('action' => 'siteadminpanel')); $m->connect('admin/design', array('action' => 'designadminpanel')); + $m->connect('admin/paths', array('action' => 'pathsadminpanel')); + $m->connect('getfile/:filename', array('action' => 'getfile'), -- cgit v1.2.3-54-g00ecf From 26a86402cd694441ab7ffc1e090d22af0d30745d Mon Sep 17 00:00:00 2001 From: Eric Helgeson Date: Thu, 19 Nov 2009 15:00:28 -0500 Subject: Use the $user object nickname, as login name doesnt have to == nickname anymore with plugins such as ldap/etc --- actions/login.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/login.php b/actions/login.php index 63955e3f5..cee29fd09 100644 --- a/actions/login.php +++ b/actions/login.php @@ -164,7 +164,7 @@ class LoginAction extends Action } else { $url = common_local_url('all', array('nickname' => - $nickname)); + $user->nickname)); } common_redirect($url, 303); -- cgit v1.2.3-54-g00ecf From 9a74a094ed02345c810e169bfedc3940481a79a4 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Thu, 19 Nov 2009 15:14:55 -0500 Subject: Add location form elements to the noticeform, and save their values on submission --- actions/newnotice.php | 9 ++++++++- lib/noticeform.php | 19 ++++++++++++++++++- 2 files changed, 26 insertions(+), 2 deletions(-) (limited to 'actions') diff --git a/actions/newnotice.php b/actions/newnotice.php index fbd7ab6bc..dd6da0b01 100644 --- a/actions/newnotice.php +++ b/actions/newnotice.php @@ -164,6 +164,11 @@ class NewnoticeAction extends Action $replyto = 'false'; } + $lat = $this->trimmed('lat'); + $lon = $this->trimmed('lon'); + $location_id = $this->trimmed('location_id'); + $location_ns = $this->trimmed('location_ns'); + $upload = null; $upload = MediaFile::fromUpload('attach'); @@ -183,7 +188,9 @@ class NewnoticeAction extends Action } $notice = Notice::saveNew($user->id, $content_shortened, 'web', 1, - ($replyto == 'false') ? null : $replyto); + ($replyto == 'false') ? null : $replyto, + null, null, + $lat, $lon, $location_id, $location_ns); if (isset($upload)) { $upload->attachToNotice($notice); diff --git a/lib/noticeform.php b/lib/noticeform.php index 1be011c18..ec8624597 100644 --- a/lib/noticeform.php +++ b/lib/noticeform.php @@ -75,6 +75,15 @@ class NoticeForm extends Form var $inreplyto = null; + /** + * Pre-filled location content of the form + */ + + var $lat; + var $lon; + var $location_id; + var $location_ns; + /** * Constructor * @@ -83,13 +92,17 @@ class NoticeForm extends Form * @param string $content content to pre-fill */ - function __construct($out=null, $action=null, $content=null, $user=null, $inreplyto=null) + function __construct($out=null, $action=null, $content=null, $user=null, $inreplyto=null, $lat=null, $lon=null, $location_id=null, $location_ns=null) { parent::__construct($out); $this->action = $action; $this->content = $content; $this->inreplyto = $inreplyto; + $this->lat = $lat; + $this->lon = $lon; + $this->location_id = $location_id; + $this->location_ns = $location_ns; if ($user) { $this->user = $user; @@ -188,6 +201,10 @@ class NoticeForm extends Form $this->out->hidden('notice_return-to', $this->action, 'returnto'); } $this->out->hidden('notice_in-reply-to', $this->inreplyto, 'inreplyto'); + $this->out->hidden('notice_data-lat', empty($this->lat) ? null : $this->lat, 'lat'); + $this->out->hidden('notice_data-lon', empty($this->lon) ? null : $this->lon, 'lon'); + $this->out->hidden('notice_data-location_id', empty($this->location_id) ? null : $this->location_id, 'location_id'); + $this->out->hidden('notice_data-location_ns', empty($this->location_ns) ? null : $this->location_ns, 'location_ns'); Event::handle('StartShowNoticeFormData', array($this)); } -- cgit v1.2.3-54-g00ecf From 8618b064e226e7a2ff16627eaa2a76906ac64176 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 19 Nov 2009 15:02:25 -0800 Subject: Added a user admin panel --- actions/useradminpanel.php | 130 +++++++++++++++++++++++++++++++++------------ lib/adminpanelaction.php | 3 ++ lib/router.php | 2 + 3 files changed, 101 insertions(+), 34 deletions(-) (limited to 'actions') diff --git a/actions/useradminpanel.php b/actions/useradminpanel.php index de475a27b..968f2a247 100644 --- a/actions/useradminpanel.php +++ b/actions/useradminpanel.php @@ -90,13 +90,28 @@ class UseradminpanelAction extends AdminPanelAction function saveSettings() { - static $settings = array('theme'); - static $booleans = array('closed', 'inviteonly', 'private'); + static $settings = array( + 'profile' => array('biolimit'), + 'newuser' => array('welcome', 'default') + ); + + static $booleans = array( + 'sessions' => array('handle', 'debug'), + 'invite' => array('enabled') + ); $values = array(); - foreach ($settings as $setting) { - $values[$setting] = $this->trimmed($setting); + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + $values[$section][$setting] = $this->trimmed("$section-$setting"); + } + } + + foreach ($booleans as $section => $parts) { + foreach ($parts as $setting) { + $values[$section][$setting] = ($this->boolean("$section-$setting")) ? 1 : 0; + } } // This throws an exception on validation errors @@ -109,8 +124,16 @@ class UseradminpanelAction extends AdminPanelAction $config->query('BEGIN'); - foreach ($settings as $setting) { - Config::save('site', $setting, $values[$setting]); + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + Config::save($section, $setting, $values[$section][$setting]); + } + } + + foreach ($booleans as $section => $parts) { + foreach ($parts as $setting) { + Config::save($section, $setting, $values[$section][$setting]); + } } $config->query('COMMIT'); @@ -123,7 +146,7 @@ class UseradminpanelAction extends AdminPanelAction } } -class UserAdminPanelForm extends Form +class UserAdminPanelForm extends AdminForm { /** * ID of the form @@ -144,7 +167,7 @@ class UserAdminPanelForm extends Form function formClass() { - return 'form_user_admin_panel'; + return 'form_settings'; } /** @@ -166,53 +189,92 @@ class UserAdminPanelForm extends Form function formData() { + $this->out->elementStart('fieldset', array('id' => 'settings_user-profile')); + $this->out->element('legend', null, _('Profile')); + $this->out->elementStart('ul', 'form_data'); + $this->li(); + $this->input('biolimit', _('Bio Limit'), + _('Maximum length of a profile bio in characters.'), + 'profile'); + $this->unli(); + + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + + $this->out->elementStart('fieldset', array('id' => 'settings_user-newusers')); + $this->out->element('legend', null, _('New users')); + $this->out->elementStart('ul', 'form_data'); - $this->out->checkbox('closed', _('Closed'), - (bool) $this->value('closed'), - _('Is registration on this site prohibited?')); + $this->li(); + $this->input('welcome', _('New user welcome'), + _('Welcome text for new users.'), + 'newuser'); + $this->unli(); + $this->li(); + $this->input('default', _('Default subscription'), + _('Automatically subscribe new users to this user.'), + 'newuser'); $this->unli(); + + $this->out->elementEnd('ul'); + + $this->out->elementEnd('fieldset'); + + $this->out->elementStart('fieldset', array('id' => 'settings_user-invitations')); + $this->out->element('legend', null, _('Invitations')); + $this->out->elementStart('ul', 'form_data'); + $this->li(); - $this->out->checkbox('inviteonly', _('Invite-only'), - (bool) $this->value('inviteonly'), - _('Is registration on this site only open to invited users?')); + $this->out->checkbox('invite-enabled', _('Invitations enabled'), + (bool) $this->value('enabled', 'invite'), + _('Whether to allow users to invite new users.')); + $this->unli(); + + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + $this->out->elementStart('fieldset', array('id' => 'settings_user_sessions')); + $this->out->element('legend', null, _('Sessions')); + + $this->out->elementStart('ul'); + + $this->li(); + $this->out->checkbox('sessions-handle', _('Handle sessions'), + (bool) $this->value('handle', 'sessions'), + _('Whether to handle sessions ourselves.')); $this->unli(); + + $this->li(); + $this->out->checkbox('sessions-debug', _('Session debugging'), + (bool) $this->value('debug', 'sessions'), + _('Turn on debugging output for sessions.')); + $this->unli(); + + $this->out->elementEnd('ul'); + + $this->out->elementEnd('fieldset'); + } /** * Utility to simplify some of the duplicated code around - * params and settings. + * params and settings. Overrided from base class to be + * more specific about input ids. * * @param string $setting Name of the setting * @param string $title Title to use for the input * @param string $instructions Instructions for this field + * @param string $section config section, default = 'site' * * @return void */ - function input($setting, $title, $instructions) + function input($setting, $title, $instructions, $section='site') { - $this->out->input($setting, $title, $this->value($setting), $instructions); - } - - /** - * Utility to simplify getting the posted-or-stored setting value - * - * @param string $setting Name of the setting - * - * @return string param value if posted, or current config value - */ - - function value($cat, $setting) - { - $value = $this->out->trimmed($setting); - if (empty($value)) { - $value = common_config($cat, $setting); - } - return $value; + $this->out->input("$section-$setting", $title, $this->value($setting, $section), $instructions); } /** diff --git a/lib/adminpanelaction.php b/lib/adminpanelaction.php index 89a129db1..7997eb2b1 100644 --- a/lib/adminpanelaction.php +++ b/lib/adminpanelaction.php @@ -302,6 +302,9 @@ class AdminPanelNav extends Widget $this->out->menuItem(common_local_url('designadminpanel'), _('Design'), _('Design configuration'), $action_name == 'designadminpanel', 'nav_design_admin_panel'); + $this->out->menuItem(common_local_url('useradminpanel'), _('User'), + _('Paths configuration'), $action_name == 'useradminpanel', 'nav_design_admin_panel'); + $this->out->menuItem(common_local_url('pathsadminpanel'), _('Paths'), _('Paths configuration'), $action_name == 'pathsadminpanel', 'nav_design_admin_panel'); diff --git a/lib/router.php b/lib/router.php index afe36f712..d5101826f 100644 --- a/lib/router.php +++ b/lib/router.php @@ -590,9 +590,11 @@ class Router $m->connect('admin/site', array('action' => 'siteadminpanel')); $m->connect('admin/design', array('action' => 'designadminpanel')); + $m->connect('admin/user', array('action' => 'useradminpanel')); $m->connect('admin/paths', array('action' => 'pathsadminpanel')); + $m->connect('getfile/:filename', array('action' => 'getfile'), array('filename' => '[A-Za-z0-9._-]+')); -- cgit v1.2.3-54-g00ecf From 288d875b79684f84d0fb1da5291de94ddf099a74 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 19 Nov 2009 15:17:24 -0800 Subject: Added validation to fields in user admin panel --- actions/useradminpanel.php | 27 ++++++++++++++++++++++++++- lib/router.php | 2 -- 2 files changed, 26 insertions(+), 3 deletions(-) (limited to 'actions') diff --git a/actions/useradminpanel.php b/actions/useradminpanel.php index 968f2a247..e65769212 100644 --- a/actions/useradminpanel.php +++ b/actions/useradminpanel.php @@ -143,6 +143,31 @@ class UseradminpanelAction extends AdminPanelAction function validate(&$values) { + // Validate biolimit + + if (!Validate::number($values['profile']['biolimit'])) { + $this->clientError(_("Invalid bio limit. Must be numeric.")); + } + + // Validate welcome text + + if (mb_strlen($values['newuser']['welcome']) > 255) { + $this->clientError(_("Invalid welcome text. Max length is 255 characters.")); + } + + // Validate default subscription + + if (!empty($values['newuser']['default'])) { + $defuser = User::staticGet('nickname', trim($values['newuser']['default'])); + if (empty($defuser)) { + $this->clientError( + sprintf( + _('Invalid default subscripton: \'%1$s\' is not user.'), + $values['newuser']['default'] + ) + ); + } + } } } @@ -208,7 +233,7 @@ class UserAdminPanelForm extends AdminForm $this->li(); $this->input('welcome', _('New user welcome'), - _('Welcome text for new users.'), + _('Welcome text for new users (Max 255 chars).'), 'newuser'); $this->unli(); diff --git a/lib/router.php b/lib/router.php index d5101826f..b22185126 100644 --- a/lib/router.php +++ b/lib/router.php @@ -593,8 +593,6 @@ class Router $m->connect('admin/user', array('action' => 'useradminpanel')); $m->connect('admin/paths', array('action' => 'pathsadminpanel')); - - $m->connect('getfile/:filename', array('action' => 'getfile'), array('filename' => '[A-Za-z0-9._-]+')); -- cgit v1.2.3-54-g00ecf From 377f95a20ffe59aa34214528d7c37694cc436eb8 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 19 Nov 2009 15:24:34 -0800 Subject: Left a form_data class of a
      in the user admin panel --- actions/useradminpanel.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actions') diff --git a/actions/useradminpanel.php b/actions/useradminpanel.php index e65769212..5de2db5ff 100644 --- a/actions/useradminpanel.php +++ b/actions/useradminpanel.php @@ -264,7 +264,7 @@ class UserAdminPanelForm extends AdminForm $this->out->elementStart('fieldset', array('id' => 'settings_user_sessions')); $this->out->element('legend', null, _('Sessions')); - $this->out->elementStart('ul'); + $this->out->elementStart('ul', 'form_data'); $this->li(); $this->out->checkbox('sessions-handle', _('Handle sessions'), -- cgit v1.2.3-54-g00ecf