Implement update avatar via API (/api/account/update_profile_image.format)

5 files changed, 151 insertions, 3 deletions

diff --git a/actions/apiaccountupdateprofileimage.php b/actions/apiaccountupdateprofileimage.php
new file mode 100644
index 000000000..416fee45a
--- /dev/null
+++ b/actions/apiaccountupdateprofileimage.php
@@ -0,0 +1,145 @@
+<?php
+/**
+ * StatusNet, the distributed open-source microblogging tool
+ *
+ * Update the authenticating user's profile image
+ *
+ * PHP version 5
+ *
+ * LICENCE: This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @category  API
+ * @package   StatusNet
+ * @author    Zach Copley <zach@status.net>
+ * @copyright 2009 StatusNet, Inc.
+ * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link      http://status.net/
+ */
+
+if (!defined('STATUSNET')) {
+    exit(1);
+}
+
+require_once INSTALLDIR . '/lib/apiauth.php';
+
+/**
+ * Updates the authenticating user's profile image. Note that this API method
+ * expects raw multipart data, not a URL to an image.
+ *
+ * @category API
+ * @package  StatusNet
+ * @author   Zach Copley <zach@status.net>
+ * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link     http://status.net/
+ */
+
+class ApiAccountUpdateProfileImageAction extends ApiAuthAction
+{
+
+    /**
+     * Take arguments for running
+     *
+     * @param array $args $_REQUEST args
+     *
+     * @return boolean success flag
+     *
+     */
+
+    function prepare($args)
+    {
+        parent::prepare($args);
+
+        $this->user   = $this->auth_user;
+
+        return true;
+    }
+
+    /**
+     * Handle the request
+     *
+     * Check whether the credentials are valid and output the result
+     *
+     * @param array $args $_REQUEST data (unused)
+     *
+     * @return void
+     */
+
+    function handle($args)
+    {
+        parent::handle($args);
+
+        if ($_SERVER['REQUEST_METHOD'] != 'POST') {
+            $this->clientError(
+                _('This method requires a POST.'),
+                400, $this->format
+            );
+            return;
+        }
+
+        if (empty($this->user)) {
+            $this->clientError(_('No such user!'), 404, $this->format);
+            return;
+        }
+
+        // Workaround for PHP returning empty $_FILES when POST length > PHP settings
+
+        if (empty($_FILES) && ($_SERVER['CONTENT_LENGTH'] > 0)) {
+            common_debug('content-length = ' . $_SERVER['CONTENT_LENGTH']);
+            $this->clientError(_('Unable to handle that much POST data!'));
+            return;
+        }
+
+        try {
+            $imagefile = ImageFile::fromUpload('image');
+        } catch (Exception $e) {
+            $this->clientError($e->getMessage(), 400, $this->format);
+            return;
+        }
+
+        $filename = Avatar::filename(
+            $user->id,
+            image_type_to_extension($imagefile->type),
+            null,
+            'tmp'.common_timestamp()
+        );
+
+        $filepath = Avatar::path($filename);
+
+        move_uploaded_file($imagefile->filepath, $filepath);
+
+        $profile = $this->user->getProfile();
+
+        if (empty($profile)) {
+            $this->clientError(_('User has no profile.'));
+            return;
+        }
+
+        $profile->setOriginal($filename);
+
+        common_broadcast_profile($profile);
+
+        $twitter_user = $this->twitterUserArray($this->user->getProfile(), true);
+
+        if ($this->format == 'xml') {
+            $this->initDocument('xml');
+            $this->showTwitterXmlUser($twitter_user);
+            $this->endDocument('xml');
+        } elseif ($this->format == 'json') {
+            $this->initDocument('json');
+            $this->showJsonObjects($twitter_user);
+            $this->endDocument('json');
+        }
+    }
+
+}
diff --git a/actions/apistatusesupdate.php b/actions/apistatusesupdate.php
index b9c0832a4..82fe5a537 100644
--- a/actions/apistatusesupdate.php
+++ b/actions/apistatusesupdate.php
@@ -128,7 +128,7 @@ class ApiStatusesUpdateAction extends ApiAuthAction
 
         // Workaround for PHP returning empty $_FILES when POST length > PHP settings
 
-        if (empty($_POST) && ($_SERVER['CONTENT_LENGTH'] > 0)) {
+        if (empty($_FILES) && ($_SERVER['CONTENT_LENGTH'] > 0)) {
             $this->clientError(_('Unable to handle that much POST data!'));
             return;
         }
diff --git a/extlib/MIME/Type.php b/extlib/MIME/Type.php
index c335f8d92..e0e9c9ee6 100644
--- a/extlib/MIME/Type.php
+++ b/extlib/MIME/Type.php
@@ -513,7 +513,7 @@ class MIME_Type
             return PEAR::raiseError("Can't find file command \"{$fileCmd}\"");
         }
 
-        $cmd->pushCommand($fileCmd, "-bi " . escapeshellarg($file));
+        $cmd->pushCommand($fileCmd, "-bI " . escapeshellarg($file));
         $res = $cmd->execute();
         unset($cmd);
 
diff --git a/lib/imagefile.php b/lib/imagefile.php
index cd2f87e6b..cf1668f20 100644
--- a/lib/imagefile.php
+++ b/lib/imagefile.php
@@ -72,7 +72,7 @@ class ImageFile
             break;
          case UPLOAD_ERR_INI_SIZE:
          case UPLOAD_ERR_FORM_SIZE:
-            throw new Exception(sprintf(_('That file is too big. The maximum file size is %d.'),
+            throw new Exception(sprintf(_('That file is too big. The maximum file size is %s.'),
                 ImageFile::maxFileSize()));
             return;
          case UPLOAD_ERR_PARTIAL:
diff --git a/lib/router.php b/lib/router.php
index 0ddda473c..eb931e5b0 100644
--- a/lib/router.php
+++ b/lib/router.php
@@ -428,6 +428,9 @@ class Router
             $m->connect('api/account/verify_credentials.:format',
                         array('action' => 'ApiAccountVerifyCredentials'));
 
+            $m->connect('api/account/update_profile_image.:format',
+                        array('action' => 'ApiAccountUpdateProfileImage'));
+
             // special case where verify_credentials is called w/out a format
 
             $m->connect('api/account/verify_credentials',