summaryrefslogtreecommitdiff
path: root/actions/twitapistatuses.php
diff options
context:
space:
mode:
authorzach <zach@controlyourself.ca>2008-09-30 22:09:59 -0400
committerzach <zach@controlyourself.ca>2008-09-30 22:09:59 -0400
commitdec2f29c6a77dd97383ebdbabdc0bff8e524bfa4 (patch)
treebc14f25539cfdf85adf746bb9813f2bf0b5c3370 /actions/twitapistatuses.php
parentc08a67094cb848e8bcd8f631aa44adf57a33b7ab (diff)
Twitter-compatible API - Added content-type checks to several methods. Calling an API
method with a bad content type used to return a blank page. darcs-hash:20081001020959-462f3-83b0241ba7dc99c4e3a52148a46deb8182e005b0.gz
Diffstat (limited to 'actions/twitapistatuses.php')
-rw-r--r--actions/twitapistatuses.php15
1 files changed, 15 insertions, 0 deletions
diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php
index 3271f1e28..ed6c224fa 100644
--- a/actions/twitapistatuses.php
+++ b/actions/twitapistatuses.php
@@ -297,6 +297,11 @@ class TwitapistatusesAction extends TwitterapiAction {
parent::handle($args);
+ if (!in_array($apidata['content-type'], array('xml', 'json'))) {
+ common_user_error(_('API method not found!'), $code = 404);
+ exit;
+ }
+
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
$this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']);
exit();
@@ -448,6 +453,11 @@ class TwitapistatusesAction extends TwitterapiAction {
function show($args, $apidata) {
parent::handle($args);
+ if (!in_array($apidata['content-type'], array('xml', 'json'))) {
+ common_user_error(_('API method not found!'), $code = 404);
+ exit;
+ }
+
$notice_id = $apidata['api_arg'];
$notice = Notice::staticGet($notice_id);
@@ -485,6 +495,11 @@ class TwitapistatusesAction extends TwitterapiAction {
parent::handle($args);
+ if (!in_array($apidata['content-type'], array('xml', 'json'))) {
+ common_user_error(_('API method not found!'), $code = 404);
+ exit;
+ }
+
// Check for RESTfulness
if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) {
// XXX: Twitter just prints the err msg, no XML / JSON.