AtomPub fixes: return '201 Created' on POST of new message; better error checking on Atom input

author: Brion Vibber <brion@pobox.com> 2010-12-14 13:12:24 -0800
committer: Brion Vibber <brion@pobox.com> 2010-12-14 13:12:24 -0800
commit: 54a0e801f3485424d0ad352c02ab331b2f7a11fb (patch)
tree: 953f419cc1d6357913138fe10329b5f999967bba /actions
parent: 0f26d6eb70dc410bac6ec66161bf11b2f6a80fc0 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/actions/apitimelineuser.php b/actions/apitimelineuser.php
index d90507aa4..ca4b090a1 100644
--- a/actions/apitimelineuser.php
+++ b/actions/apitimelineuser.php
@@ -309,9 +309,15 @@ class ApiTimelineUserAction extends ApiBareAuthAction
             return;
         }
 
-        $xml = file_get_contents('php://input');
+        $xml = trim(file_get_contents('php://input'));
+        if (empty($xml)) {
+            $this->clientError(_('Atom post must not be empty.'));
+        }
 
         $dom = DOMDocument::loadXML($xml);
+        if (!$dom) {
+            $this->clientError(_('Atom post must be well-formed XML.'));
+        }
 
         if ($dom->documentElement->namespaceURI != Activity::ATOM ||
             $dom->documentElement->localName != 'entry') {
@@ -349,6 +355,7 @@ class ApiTimelineUserAction extends ApiBareAuthAction
         }
 
         if (!empty($saved)) {
+            header('HTTP/1.1 201 Created');
             header("Location: " . common_local_url('ApiStatusesShow', array('notice_id' => $saved->id,
                                                                             'format' => 'atom')));
             $this->showSingleAtomStatus($saved);
author	Brion Vibber <brion@pobox.com>	2010-12-14 13:12:24 -0800
committer	Brion Vibber <brion@pobox.com>	2010-12-14 13:12:24 -0800
commit	54a0e801f3485424d0ad352c02ab331b2f7a11fb (patch)
tree	953f419cc1d6357913138fe10329b5f999967bba /actions
parent	0f26d6eb70dc410bac6ec66161bf11b2f6a80fc0 (diff)