diff options
author | zach <zach@controlyourself.ca> | 2008-09-30 22:09:59 -0400 |
---|---|---|
committer | zach <zach@controlyourself.ca> | 2008-09-30 22:09:59 -0400 |
commit | dec2f29c6a77dd97383ebdbabdc0bff8e524bfa4 (patch) | |
tree | bc14f25539cfdf85adf746bb9813f2bf0b5c3370 | |
parent | c08a67094cb848e8bcd8f631aa44adf57a33b7ab (diff) |
Twitter-compatible API - Added content-type checks to several methods. Calling an API
method with a bad content type used to return a blank page.
darcs-hash:20081001020959-462f3-83b0241ba7dc99c4e3a52148a46deb8182e005b0.gz
-rw-r--r-- | actions/twitapiaccount.php | 5 | ||||
-rw-r--r-- | actions/twitapidirect_messages.php | 2 | ||||
-rw-r--r-- | actions/twitapifavorites.php | 5 | ||||
-rw-r--r-- | actions/twitapifriendships.php | 6 | ||||
-rw-r--r-- | actions/twitapihelp.php | 7 | ||||
-rw-r--r-- | actions/twitapistatuses.php | 15 | ||||
-rw-r--r-- | actions/twitapiusers.php | 9 |
7 files changed, 40 insertions, 9 deletions
diff --git a/actions/twitapiaccount.php b/actions/twitapiaccount.php index 3a9b8ba3e..5baf0e3e3 100644 --- a/actions/twitapiaccount.php +++ b/actions/twitapiaccount.php @@ -61,6 +61,11 @@ class TwitapiaccountAction extends TwitterapiAction { function update_location($args, $apidata) { parent::handle($args); + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + common_user_error(_('API method not found!'), $code = 404); + exit; + } + if ($_SERVER['REQUEST_METHOD'] != 'POST') { $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); exit(); diff --git a/actions/twitapidirect_messages.php b/actions/twitapidirect_messages.php index fcdf822e0..1ef543f81 100644 --- a/actions/twitapidirect_messages.php +++ b/actions/twitapidirect_messages.php @@ -133,8 +133,6 @@ class Twitapidirect_messagesAction extends TwitterapiAction { exit(); } - common_debug($this->trimmed('user')); - $other = $this->get_user($this->trimmed('user')); if (!$other) { diff --git a/actions/twitapifavorites.php b/actions/twitapifavorites.php index 932ee7933..d7d77907d 100644 --- a/actions/twitapifavorites.php +++ b/actions/twitapifavorites.php @@ -117,6 +117,11 @@ class TwitapifavoritesAction extends TwitterapiAction { function create($args, $apidata) { parent::handle($args); + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + common_user_error(_('API method not found!'), $code = 404); + exit; + } + // Check for RESTfulness if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { // XXX: Twitter just prints the err msg, no XML / JSON. diff --git a/actions/twitapifriendships.php b/actions/twitapifriendships.php index d97b7c08e..f9ff251d6 100644 --- a/actions/twitapifriendships.php +++ b/actions/twitapifriendships.php @@ -152,6 +152,11 @@ class TwitapifriendshipsAction extends TwitterapiAction { function exists($args, $apidata) { parent::handle($args); + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + common_user_error(_('API method not found!'), $code = 404); + exit; + } + $user_a_id = $this->trimmed('user_a'); $user_b_id = $this->trimmed('user_b'); @@ -181,7 +186,6 @@ class TwitapifriendshipsAction extends TwitterapiAction { $this->end_document('json'); break; default: - print $result; // Really? --Zach break; } diff --git a/actions/twitapihelp.php b/actions/twitapihelp.php index 2ac4178de..d2439484c 100644 --- a/actions/twitapihelp.php +++ b/actions/twitapihelp.php @@ -23,7 +23,7 @@ require_once(INSTALLDIR.'/lib/twitterapi.php'); class TwitapihelpAction extends TwitterapiAction { - function is_readonly() { + function is_readonly() { return true; } @@ -32,7 +32,8 @@ class TwitapihelpAction extends TwitterapiAction { * Formats: xml, json */ function test($args, $apidata) { - global $xw; + parent::handle($args); + if ($apidata['content-type'] == 'xml') { $this->init_document('xml'); common_element('ok', NULL, 'true'); @@ -52,5 +53,5 @@ class TwitapihelpAction extends TwitterapiAction { common_server_error(_('API method under construction.'), $code=501); exit(); } - + }
\ No newline at end of file diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php index 3271f1e28..ed6c224fa 100644 --- a/actions/twitapistatuses.php +++ b/actions/twitapistatuses.php @@ -297,6 +297,11 @@ class TwitapistatusesAction extends TwitterapiAction { parent::handle($args); + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + common_user_error(_('API method not found!'), $code = 404); + exit; + } + if ($_SERVER['REQUEST_METHOD'] != 'POST') { $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); exit(); @@ -448,6 +453,11 @@ class TwitapistatusesAction extends TwitterapiAction { function show($args, $apidata) { parent::handle($args); + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + common_user_error(_('API method not found!'), $code = 404); + exit; + } + $notice_id = $apidata['api_arg']; $notice = Notice::staticGet($notice_id); @@ -485,6 +495,11 @@ class TwitapistatusesAction extends TwitterapiAction { parent::handle($args); + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + common_user_error(_('API method not found!'), $code = 404); + exit; + } + // Check for RESTfulness if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { // XXX: Twitter just prints the err msg, no XML / JSON. diff --git a/actions/twitapiusers.php b/actions/twitapiusers.php index cb682695a..b43a64152 100644 --- a/actions/twitapiusers.php +++ b/actions/twitapiusers.php @@ -51,6 +51,11 @@ class TwitapiusersAction extends TwitterapiAction { function show($args, $apidata) { parent::handle($args); + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + common_user_error(_('API method not found!'), $code = 404); + exit; + } + $user = null; $email = $this->arg('email'); @@ -118,9 +123,7 @@ class TwitapiusersAction extends TwitterapiAction { $this->init_document('json'); $this->show_json_objects($twitter_user); $this->end_document('json'); - } else { - common_user_error(_('API method not found!'), $code = 404); - } + } exit(); } |