diff options
Diffstat (limited to 'actions')
-rw-r--r-- | actions/postnotice.php | 70 |
1 files changed, 69 insertions, 1 deletions
diff --git a/actions/postnotice.php b/actions/postnotice.php index dd13f60b2..5b275e2d6 100644 --- a/actions/postnotice.php +++ b/actions/postnotice.php @@ -19,9 +19,77 @@ if (!defined('LACONICA')) { exit(1); } +require_once(INSTALLDIR.'/lib/omb.php'); +require_once('Auth/Yadis/Yadis.php'); + class PostnoticeAction extends Action { function handle($args) { parent::handle($args); - common_server_error(_t('Not yet implemented.')); + try { + $req = OAuthRequest::from_request(); + # Note: server-to-server function! + $server = omb_oauth_server(); + list($consumer, $token) = $server->verify_request($req); + if ($this->save_notice($req, $consumer, $token)) { + print "omb_version=".OMB_VERSION_01; + } + } catch (OAuthException $e) { + common_server_error($e->getMessage()); + return; + } + } + + function save_notice(&$req, &$consumer, &$token) { + $version = $req->get_parameter('omb_version'); + if ($version != OMB_VERSION_01) { + common_user_error(_t('Unsupported OMB version'), 400); + return false; + } + # First, check to see + $listenee = $req->get_parameter('omb_listenee'); + $remote_profile = Remote_profile::staticGet('uri', $listenee); + if (!$remote_profile) { + common_user_error(_t('Profile unknown'), 403); + return false; + } + $sub = Subscription::staticGet('token', $token->key); + if (!$sub) { + common_user_error(_t('No such subscription'), 403); + return false; + } + $content = $req->get_parameter('omb_notice_content'); + if (!$content || strlen($content) > 140) { + common_user_error(_t('Invalid notice content'), 400); + return false; + } + $notice_uri = $req->get_parameter('omb_notice'); + if (!Validate::uri($notice_uri) && + !common_valid_tag($notice_uri)) { + common_user_error(_t('Invalid notice uri'), 400); + return false; + } + $notice_url = $req->get_parameter('omb_notice_url'); + if ($notice_url && !common_valid_http_url($notice_url)) { + common_user_error(_t('Invalid notice url'), 400); + return false; + } + $notice = Notice::staticGet('uri', $notice_uri); + if (!$notice) { + $notice = new Notice(); + $notice->profile_id = $remote_profile->id; + $notice->uri = $notice->uri; + $notice->content = $content; + if ($notice_url) { + $notice->url = $notice_url; + } + $notice->created = DB_DataObject_Cast::dateTime(); # current time + $id = $notice->insert(); + if (!$id) { + common_server_error(_t('Error inserting notice'), 500); + return false; + } + common_broadcast_notice($notice, true); + } + return true; } } |