summaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
Diffstat (limited to 'actions')
-rw-r--r--actions/postnotice.php70
1 files changed, 69 insertions, 1 deletions
diff --git a/actions/postnotice.php b/actions/postnotice.php
index dd13f60b2..5b275e2d6 100644
--- a/actions/postnotice.php
+++ b/actions/postnotice.php
@@ -19,9 +19,77 @@
if (!defined('LACONICA')) { exit(1); }
+require_once(INSTALLDIR.'/lib/omb.php');
+require_once('Auth/Yadis/Yadis.php');
+
class PostnoticeAction extends Action {
function handle($args) {
parent::handle($args);
- common_server_error(_t('Not yet implemented.'));
+ try {
+ $req = OAuthRequest::from_request();
+ # Note: server-to-server function!
+ $server = omb_oauth_server();
+ list($consumer, $token) = $server->verify_request($req);
+ if ($this->save_notice($req, $consumer, $token)) {
+ print "omb_version=".OMB_VERSION_01;
+ }
+ } catch (OAuthException $e) {
+ common_server_error($e->getMessage());
+ return;
+ }
+ }
+
+ function save_notice(&$req, &$consumer, &$token) {
+ $version = $req->get_parameter('omb_version');
+ if ($version != OMB_VERSION_01) {
+ common_user_error(_t('Unsupported OMB version'), 400);
+ return false;
+ }
+ # First, check to see
+ $listenee = $req->get_parameter('omb_listenee');
+ $remote_profile = Remote_profile::staticGet('uri', $listenee);
+ if (!$remote_profile) {
+ common_user_error(_t('Profile unknown'), 403);
+ return false;
+ }
+ $sub = Subscription::staticGet('token', $token->key);
+ if (!$sub) {
+ common_user_error(_t('No such subscription'), 403);
+ return false;
+ }
+ $content = $req->get_parameter('omb_notice_content');
+ if (!$content || strlen($content) > 140) {
+ common_user_error(_t('Invalid notice content'), 400);
+ return false;
+ }
+ $notice_uri = $req->get_parameter('omb_notice');
+ if (!Validate::uri($notice_uri) &&
+ !common_valid_tag($notice_uri)) {
+ common_user_error(_t('Invalid notice uri'), 400);
+ return false;
+ }
+ $notice_url = $req->get_parameter('omb_notice_url');
+ if ($notice_url && !common_valid_http_url($notice_url)) {
+ common_user_error(_t('Invalid notice url'), 400);
+ return false;
+ }
+ $notice = Notice::staticGet('uri', $notice_uri);
+ if (!$notice) {
+ $notice = new Notice();
+ $notice->profile_id = $remote_profile->id;
+ $notice->uri = $notice->uri;
+ $notice->content = $content;
+ if ($notice_url) {
+ $notice->url = $notice_url;
+ }
+ $notice->created = DB_DataObject_Cast::dateTime(); # current time
+ $id = $notice->insert();
+ if (!$id) {
+ common_server_error(_t('Error inserting notice'), 500);
+ return false;
+ }
+ common_broadcast_notice($notice, true);
+ }
+ return true;
}
}