diff options
author | zach <zach@controlyourself.ca> | 2008-08-19 17:49:23 -0400 |
---|---|---|
committer | zach <zach@controlyourself.ca> | 2008-08-19 17:49:23 -0400 |
commit | 0b87bf6c54f0ce4870683e976996be1a8c7c0fec (patch) | |
tree | 5701f19a0bcb1f82614b6de715e1d13cf3f75405 | |
parent | 9c29b9ad629b573b6f09b681a0673805fc61ef6a (diff) |
Twitter-compatible API - RESTfulness checks as per Twitter
darcs-hash:20080819214923-462f3-83ab492cb93c1ba643beb70853578cbd7ac35d61.gz
-rw-r--r-- | actions/twitapiaccount.php | 5 | ||||
-rw-r--r-- | actions/twitapifriendships.php | 11 | ||||
-rw-r--r-- | actions/twitapistatuses.php | 5 |
3 files changed, 21 insertions, 0 deletions
diff --git a/actions/twitapiaccount.php b/actions/twitapiaccount.php index 716ddd154..3a9b8ba3e 100644 --- a/actions/twitapiaccount.php +++ b/actions/twitapiaccount.php @@ -61,6 +61,11 @@ class TwitapiaccountAction extends TwitterapiAction { function update_location($args, $apidata) { parent::handle($args); + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); + exit(); + } + $location = trim($this->arg('location')); if (!is_null($location) && strlen($location) > 255) { diff --git a/actions/twitapifriendships.php b/actions/twitapifriendships.php index ae15d171e..3cc925c36 100644 --- a/actions/twitapifriendships.php +++ b/actions/twitapifriendships.php @@ -40,6 +40,11 @@ class TwitapifriendshipsAction extends TwitterapiAction { function create($args, $apidata) { parent::handle($args); + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); + exit(); + } + $id = $apidata['api_arg']; $other = $this->get_user($id); @@ -98,6 +103,12 @@ class TwitapifriendshipsAction extends TwitterapiAction { function destroy($args, $apidata) { parent::handle($args); + + if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { + $this->client_error(_('This method requires a POST or DELETE.'), 400, $apidata['content-type']); + exit(); + } + $id = $apidata['api_arg']; # We can't subscribe to a remote person, but we can unsub diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php index 4ad2766c0..2f95d90c9 100644 --- a/actions/twitapistatuses.php +++ b/actions/twitapistatuses.php @@ -374,6 +374,11 @@ class TwitapistatusesAction extends TwitterapiAction { parent::handle($args); + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); + exit(); + } + $user = $apidata['user']; $status = $this->trimmed('status'); $source = $this->trimmed('source'); |