diff options
Diffstat (limited to 'actions')
99 files changed, 16513 insertions, 9780 deletions
diff --git a/actions/accesstoken.php b/actions/accesstoken.php index 4907749ce..65c67c64e 100644 --- a/actions/accesstoken.php +++ b/actions/accesstoken.php @@ -1,5 +1,16 @@ <?php -/* +/** + * Access token class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,26 +28,47 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/omb.php'); +require_once INSTALLDIR.'/lib/omb.php'; -class AccesstokenAction extends Action { - function handle($args) { - parent::handle($args); - try { - common_debug('getting request from env variables', __FILE__); - common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); - common_debug('getting a server', __FILE__); - $server = omb_oauth_server(); - common_debug('fetching the access token', __FILE__); - $token = $server->fetch_access_token($req); - common_debug('got this token: "'.print_r($token,TRUE).'"', __FILE__); - common_debug('printing the access token', __FILE__); - print $token; - } catch (OAuthException $e) { - common_server_error($e->getMessage()); - } - } +/** + * Access token class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class AccesstokenAction extends Action +{ + /** + * Class handler. + * + * @param array $args query arguments + * + * @return boolean false if user doesn't exist + */ + function handle($args) + { + parent::handle($args); + try { + common_debug('getting request from env variables', __FILE__); + common_remove_magic_from_request(); + $req = OAuthRequest::from_request(); + common_debug('getting a server', __FILE__); + $server = omb_oauth_server(); + common_debug('fetching the access token', __FILE__); + $token = $server->fetch_access_token($req); + common_debug('got this token: "'.print_r($token, true).'"', __FILE__); + common_debug('printing the access token', __FILE__); + print $token; + } catch (OAuthException $e) { + $this->serverError($e->getMessage()); + } + } } diff --git a/actions/all.php b/actions/all.php index 2a26e48d4..428466f24 100644 --- a/actions/all.php +++ b/actions/all.php @@ -19,75 +19,86 @@ if (!defined('LACONICA')) { exit(1); } -require_once(INSTALLDIR.'/actions/showstream.php'); - -class AllAction extends StreamAction { - - function handle($args) { - - parent::handle($args); - - $nickname = common_canonical_nickname($this->arg('nickname')); - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - $this->client_error(_('No such user.')); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - # Looks like we're good; show the header - - common_show_header(sprintf(_("%s and friends"), $profile->nickname), - array($this, 'show_header'), $user, - array($this, 'show_top')); - - $this->show_notices($user); - - common_show_footer(); - } - - function show_header($user) { - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('allrss', array('nickname' => - $user->nickname)), - 'type' => 'application/rss+xml', - 'title' => sprintf(_('Feed for friends of %s'), $user->nickname))); - } - - function show_top($user) { - $cur = common_current_user(); - - if ($cur && $cur->id == $user->id) { - common_notice_form('all'); - } - - $this->views_menu(); - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('allrss', array('nickname' => $user->nickname)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'allrss'))); - } - - function show_notices($user) { - - $page = $this->trimmed('page'); - if (!$page) { - $page = 1; - } - - $notice = $user->noticesWithFriends(($page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); - - $cnt = $this->show_notice_list($notice); - - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'all', array('nickname' => $user->nickname)); - } +require_once INSTALLDIR.'/lib/personalgroupnav.php'; +require_once INSTALLDIR.'/lib/noticelist.php'; +require_once INSTALLDIR.'/lib/feedlist.php'; + +class AllAction extends Action +{ + var $user = null; + var $page = null; + + function isReadOnly() + { + return true; + } + + function prepare($args) + { + parent::prepare($args); + $nickname = common_canonical_nickname($this->arg('nickname')); + $this->user = User::staticGet('nickname', $nickname); + $this->page = $this->trimmed('page'); + if (!$this->page) { + $this->page = 1; + } + return true; + } + + function handle($args) + { + parent::handle($args); + + if (!$this->user) { + $this->clientError(_('No such user.')); + return; + } + + $this->showPage(); + } + + function title() + { + if ($this->page > 1) { + return sprintf(_("%s and friends, page %d"), $this->user->nickname, $this->page); + } else { + return sprintf(_("%s and friends"), $this->user->nickname); + } + } + + function showFeeds() + { + $this->element('link', array('rel' => 'alternate', + 'href' => common_local_url('allrss', array('nickname' => + $this->user->nickname)), + 'type' => 'application/rss+xml', + 'title' => sprintf(_('Feed for friends of %s'), $this->user->nickname))); + } + + function showLocalNav() + { + $nav = new PersonalGroupNav($this); + $nav->show(); + } + + function showExportData() + { + $fl = new FeedList($this); + $fl->show(array(0=>array('href'=>common_local_url('allrss', array('nickname' => $this->user->nickname)), + 'type' => 'rss', + 'version' => 'RSS 1.0', + 'item' => 'allrss'))); + } + + function showContent() + { + $notice = $this->user->noticesWithFriends(($this->page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); + + $nl = new NoticeList($notice, $this); + + $cnt = $nl->show(); + + $this->pagination($this->page > 1, $cnt > NOTICES_PER_PAGE, + $this->page, 'all', array('nickname' => $this->user->nickname)); + } } diff --git a/actions/allrss.php b/actions/allrss.php index e49ac5540..248f59f43 100644 --- a/actions/allrss.php +++ b/actions/allrss.php @@ -1,5 +1,17 @@ <?php -/* + +/** + * RSS feed for user and friends timeline action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,61 +29,99 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/rssaction.php'); +if (!defined('LACONICA')) { + exit(1); +} -// Formatting of RSS handled by Rss10Action +require_once INSTALLDIR.'/lib/rssaction.php'; -class AllrssAction extends Rss10Action { - - var $user = NULL; +/** + * RSS feed for user and friends timeline. + * + * Formatting of RSS handled by Rss10Action + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class AllrssAction extends Rss10Action +{ + var $user = null; - function init() { - $nickname = $this->trimmed('nickname'); - $this->user = User::staticGet('nickname', $nickname); + /** + * Initialization. + * + * @return boolean false if user doesn't exist + */ + function prepare($args) + { + parent::prepare($args); + $nickname = $this->trimmed('nickname'); + $this->user = User::staticGet('nickname', $nickname); - if (!$this->user) { - common_user_error(_('No such user.')); - return false; - } else { - return true; - } - } + if (!$this->user) { + $this->clientError(_('No such user.')); + return false; + } else { + return true; + } + } - function get_notices($limit=0) { + /** + * Get notices + * + * @param integer $limit max number of notices to return + * + * @return array notices + */ + function getNotices($limit=0) + { + $user = $this->user; + $notice = $user->noticesWithFriends(0, $limit); + + while ($notice->fetch()) { + $notices[] = clone($notice); + } - $user = $this->user; - - $notice = $user->noticesWithFriends(0, $limit); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } + return $notices; + } - return $notices; - } + /** + * Get channel. + * + * @return array associative array on channel information + */ + function getChannel() + { + $user = $this->user; + $c = array('url' => common_local_url('allrss', + array('nickname' => + $user->nickname)), + 'title' => sprintf(_('%s and friends'), $user->nickname), + 'link' => common_local_url('all', + array('nickname' => + $user->nickname)), + 'description' => sprintf(_('Feed for friends of %s'), $user->nickname)); + return $c; + } - function get_channel() { - $user = $this->user; - $c = array('url' => common_local_url('allrss', - array('nickname' => - $user->nickname)), - 'title' => sprintf(_('%s and friends'), $user->nickname), - 'link' => common_local_url('all', - array('nickname' => - $user->nickname)), - 'description' => sprintf(_('Feed for friends of %s'), $user->nickname)); - return $c; - } + /** + * Get image. + * + * @return string user avatar URL or null + */ + function getImage() + { + $user = $this->user; + $profile = $user->getProfile(); + if (!$profile) { + return null; + } + $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); + return $avatar ? $avatar->url : null; + } +} - function get_image() { - $user = $this->user; - $profile = $user->getProfile(); - if (!$profile) { - return NULL; - } - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - return ($avatar) ? $avatar->url : NULL; - } -}
\ No newline at end of file diff --git a/actions/api.php b/actions/api.php index ccebcd89e..dfe2c8857 100644 --- a/actions/api.php +++ b/actions/api.php @@ -10,65 +10,67 @@ * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. + * along with this program. If not, see <http://www.gnu.org/licenses/>. */ if (!defined('LACONICA')) { exit(1); } -class ApiAction extends Action { - - var $user; - var $content_type; - var $api_arg; - var $api_method; - var $api_action; - - function handle($args) { - parent::handle($args); - - $this->api_action = $this->arg('apiaction'); - $method = $this->arg('method'); - $argument = $this->arg('argument'); - - if (isset($argument)) { - $cmdext = explode('.', $argument); - $this->api_arg = $cmdext[0]; - $this->api_method = $method; - $this->content_type = strtolower($cmdext[1]); - } else { - - # Requested format / content-type will be an extension on the method - $cmdext = explode('.', $method); - $this->api_method = $cmdext[0]; - $this->content_type = strtolower($cmdext[1]); - } - - if($this->requires_auth()) { - if (!isset($_SERVER['PHP_AUTH_USER'])) { - - # This header makes basic auth go - header('WWW-Authenticate: Basic realm="Laconica API"'); - - # If the user hits cancel -- bam! - $this->show_basic_auth_error(); - } else { - $nickname = $_SERVER['PHP_AUTH_USER']; - $password = $_SERVER['PHP_AUTH_PW']; - $user = common_check_user($nickname, $password); +class ApiAction extends Action +{ + + var $user; + var $content_type; + var $api_arg; + var $api_method; + var $api_action; + + function handle($args) + { + parent::handle($args); + + $this->api_action = $this->arg('apiaction'); + $method = $this->arg('method'); + $argument = $this->arg('argument'); + + if (isset($argument)) { + $cmdext = explode('.', $argument); + $this->api_arg = $cmdext[0]; + $this->api_method = $method; + $this->content_type = strtolower($cmdext[1]); + } else { + + # Requested format / content-type will be an extension on the method + $cmdext = explode('.', $method); + $this->api_method = $cmdext[0]; + $this->content_type = strtolower($cmdext[1]); + } - if ($user) { - $this->user = $user; - $this->process_command(); - } else { - # basic authentication failed - $this->show_basic_auth_error(); - } - } - } else { + if ($this->requires_auth()) { + if (!isset($_SERVER['PHP_AUTH_USER'])) { + + # This header makes basic auth go + header('WWW-Authenticate: Basic realm="Laconica API"'); + + # If the user hits cancel -- bam! + $this->show_basic_auth_error(); + } else { + $nickname = $_SERVER['PHP_AUTH_USER']; + $password = $_SERVER['PHP_AUTH_PW']; + $user = common_check_user($nickname, $password); + + if ($user) { + $this->user = $user; + $this->process_command(); + } else { + # basic authentication failed + $this->show_basic_auth_error(); + } + } + } else { # Caller might give us a username even if not required if (isset($_SERVER['PHP_AUTH_USER'])) { @@ -79,50 +81,55 @@ class ApiAction extends Action { # Twitter doesn't throw an error if the user isn't found } - $this->process_command(); - } - } + $this->process_command(); + } + } - function process_command() { - $action = "twitapi$this->api_action"; - $actionfile = INSTALLDIR."/actions/$action.php"; + function process_command() + { + $action = "twitapi$this->api_action"; + $actionfile = INSTALLDIR."/actions/$action.php"; - if (file_exists($actionfile)) { - require_once($actionfile); - $action_class = ucfirst($action)."Action"; - $action_obj = new $action_class(); + if (file_exists($actionfile)) { + require_once($actionfile); + $action_class = ucfirst($action)."Action"; + $action_obj = new $action_class(); if (!$action_obj->prepare($this->args)) { return; } - if (method_exists($action_obj, $this->api_method)) { - $apidata = array( 'content-type' => $this->content_type, - 'api_method' => $this->api_method, - 'api_arg' => $this->api_arg, - 'user' => $this->user); + if (method_exists($action_obj, $this->api_method)) { + $apidata = array( 'content-type' => $this->content_type, + 'api_method' => $this->api_method, + 'api_arg' => $this->api_arg, + 'user' => $this->user); - call_user_func(array($action_obj, $this->api_method), $_REQUEST, $apidata); - } else { - common_user_error("API method not found!", $code=404); - } - } else { - common_user_error("API method not found!", $code=404); - } - } - - # Whitelist of API methods that don't need authentication - function requires_auth() { - static $noauth = array( 'statuses/public_timeline', - 'statuses/show', - 'users/show', - 'help/test', - 'help/downtime_schedule'); - - static $bareauth = array('statuses/user_timeline', - 'statuses/friends', - 'statuses/followers', - 'favorites/favorites'); + call_user_func(array($action_obj, $this->api_method), $_REQUEST, $apidata); + } else { + $this->clientError("API method not found!", $code=404); + } + } else { + $this->clientError("API method not found!", $code=404); + } + } + + # Whitelist of API methods that don't need authentication + function requires_auth() + { + static $noauth = array( 'statuses/public_timeline', + 'statuses/show', + 'users/show', + 'help/test', + 'help/downtime_schedule', + 'laconica/version', + 'laconica/config', + 'laconica/wadl'); + + static $bareauth = array('statuses/user_timeline', + 'statuses/friends', + 'statuses/followers', + 'favorites/favorites'); # If the site is "private", all API methods need authentication @@ -130,71 +137,73 @@ class ApiAction extends Action { return true; } - $fullname = "$this->api_action/$this->api_method"; + $fullname = "$this->api_action/$this->api_method"; - if (in_array($fullname, $bareauth)) { - # bareauth: only needs auth if without an argument - if ($this->api_arg) { - return false; - } else { - return true; - } - } else if (in_array($fullname, $noauth)) { - # noauth: never needs auth - return false; - } else { - # everybody else needs auth - return true; - } - } - - function show_basic_auth_error() { - header('HTTP/1.1 401 Unauthorized'); - $msg = 'Could not authenticate you.'; - - if ($this->content_type == 'xml') { - header('Content-Type: application/xml; charset=utf-8'); - common_start_xml(); - common_element_start('hash'); - common_element('error', NULL, $msg); - common_element('request', NULL, $_SERVER['REQUEST_URI']); - common_element_end('hash'); - common_end_xml(); - } else if ($this->content_type == 'json') { - header('Content-Type: application/json; charset=utf-8'); - $error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']); - print(json_encode($error_array)); - } else { - header('Content-type: text/plain'); - print "$msg\n"; - } - } - - function is_readonly() { - # NOTE: before handle(), can't use $this->arg - $apiaction = $_REQUEST['apiaction']; - $method = $_REQUEST['method']; - list($cmdtext, $fmt) = explode('.', $method); - - static $write_methods = array( - 'account' => array('update_location', 'update_delivery_device', 'end_session'), - 'blocks' => array('create', 'destroy'), - 'direct_messages' => array('create', 'destroy'), - 'favorites' => array('create', 'destroy'), - 'friendships' => array('create', 'destroy'), - 'help' => array(), - 'notifications' => array('follow', 'leave'), - 'statuses' => array('update', 'destroy'), - 'users' => array() - ); - - if (array_key_exists($apiaction, $write_methods)) { - if (!in_array($cmdtext, $write_methods[$apiaction])) { - return true; - } - } + if (in_array($fullname, $bareauth)) { + # bareauth: only needs auth if without an argument + if ($this->api_arg) { + return false; + } else { + return true; + } + } else if (in_array($fullname, $noauth)) { + # noauth: never needs auth + return false; + } else { + # everybody else needs auth + return true; + } + } + + function show_basic_auth_error() + { + header('HTTP/1.1 401 Unauthorized'); + $msg = 'Could not authenticate you.'; + + if ($this->content_type == 'xml') { + header('Content-Type: application/xml; charset=utf-8'); + common_start_xml(); + $this->elementStart('hash'); + $this->element('error', null, $msg); + $this->element('request', null, $_SERVER['REQUEST_URI']); + $this->elementEnd('hash'); + common_end_xml(); + } else if ($this->content_type == 'json') { + header('Content-Type: application/json; charset=utf-8'); + $error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']); + print(json_encode($error_array)); + } else { + header('Content-type: text/plain'); + print "$msg\n"; + } + } + + function isReadOnly() + { + # NOTE: before handle(), can't use $this->arg + $apiaction = $_REQUEST['apiaction']; + $method = $_REQUEST['method']; + list($cmdtext, $fmt) = explode('.', $method); + + static $write_methods = array( + 'account' => array('update_location', 'update_delivery_device', 'end_session'), + 'blocks' => array('create', 'destroy'), + 'direct_messages' => array('create', 'destroy'), + 'favorites' => array('create', 'destroy'), + 'friendships' => array('create', 'destroy'), + 'help' => array(), + 'notifications' => array('follow', 'leave'), + 'statuses' => array('update', 'destroy'), + 'users' => array() + ); + + if (array_key_exists($apiaction, $write_methods)) { + if (!in_array($cmdtext, $write_methods[$apiaction])) { + return true; + } + } - return false; - } + return false; + } } diff --git a/actions/avatarbynickname.php b/actions/avatarbynickname.php index b33cababf..fec202016 100644 --- a/actions/avatarbynickname.php +++ b/actions/avatarbynickname.php @@ -1,5 +1,16 @@ <?php -/* +/** + * Retrieve user avatar by nickname action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,52 +28,74 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -class AvatarbynicknameAction extends Action { - function handle($args) { +/** + * Retrieve user avatar by nickname action class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class AvatarbynicknameAction extends Action +{ + /** + * Class handler. + * + * @param array $args query arguments + * + * @return boolean false if nickname or user isn't found + */ + function handle($args) + { parent::handle($args); $nickname = $this->trimmed('nickname'); if (!$nickname) { - $this->client_error(_('No nickname.')); - return; - } - $size = $this->trimmed('size'); + $this->clientError(_('No nickname.')); + return; + } + $size = $this->trimmed('size'); if (!$size) { - $this->client_error(_('No size.')); - return; - } - $size = strtolower($size); - if (!in_array($size, array('original', '96', '48', '24'))) { - $this->client_error(_('Invalid size.')); - return; - } + $this->clientError(_('No size.')); + return; + } + $size = strtolower($size); + if (!in_array($size, array('original', '96', '48', '24'))) { + $this->clientError(_('Invalid size.')); + return; + } - $user = User::staticGet('nickname', $nickname); - if (!$user) { - $this->client_error(_('No such user.')); - return; - } - $profile = $user->getProfile(); - if (!$profile) { - $this->client_error(_('User has no profile.')); - return; - } - if ($size == 'original') { - $avatar = $profile->getOriginal(); - } else { - $avatar = $profile->getAvatar($size+0); - } + $user = User::staticGet('nickname', $nickname); + if (!$user) { + $this->clientError(_('No such user.')); + return; + } + $profile = $user->getProfile(); + if (!$profile) { + $this->clientError(_('User has no profile.')); + return; + } + if ($size == 'original') { + $avatar = $profile->getOriginal(); + } else { + $avatar = $profile->getAvatar($size+0); + } - if ($avatar) { - $url = $avatar->url; - } else { - if ($size == 'original') { - $url = common_default_avatar(AVATAR_PROFILE_SIZE); - } else { - $url = common_default_avatar($size+0); - } - } - common_redirect($url, 302); - } + if ($avatar) { + $url = $avatar->url; + } else { + if ($size == 'original') { + $url = common_default_avatar(AVATAR_PROFILE_SIZE); + } else { + $url = common_default_avatar($size+0); + } + } + common_redirect($url, 302); + } } + diff --git a/actions/avatarsettings.php b/actions/avatarsettings.php new file mode 100644 index 000000000..19f53b882 --- /dev/null +++ b/actions/avatarsettings.php @@ -0,0 +1,437 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * Upload an avatar + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/accountsettingsaction.php'; + +/** + * Upload an avatar + * + * We use jCrop plugin for jQuery to crop the image after upload. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class AvatarsettingsAction extends AccountSettingsAction +{ + var $mode = null; + var $imagefile = null; + var $filename = null; + + /** + * Title of the page + * + * @return string Title of the page + */ + + function title() + { + return _('Avatar'); + } + + /** + * Instructions for use + * + * @return instructions for use + */ + + function getInstructions() + { + return _('You can upload your personal avatar.'); + } + + /** + * Content area of the page + * + * Shows a form for uploading an avatar. + * + * @return void + */ + + function showContent() + { + if ($this->mode == 'crop') { + $this->showCropForm(); + } else { + $this->showUploadForm(); + } + } + + function showUploadForm() + { + $user = common_current_user(); + + $profile = $user->getProfile(); + + if (!$profile) { + common_log_db_error($user, 'SELECT', __FILE__); + $this->serverError(_('User without matching profile')); + return; + } + + $original = $profile->getOriginalAvatar(); + + $this->elementStart('form', array('enctype' => 'multipart/form-data', + 'method' => 'post', + 'id' => 'form_settings_avatar', + 'class' => 'form_settings', + 'action' => + common_local_url('avatarsettings'))); + $this->elementStart('fieldset'); + $this->element('legend', null, _('Avatar settings')); + $this->hidden('token', common_session_token()); + + $this->elementStart('ul', 'form_data'); + if ($original) { + $this->elementStart('li', array('id' => 'avatar_original', + 'class' => 'avatar_view')); + $this->element('h2', null, _("Original")); + $this->elementStart('div', array('id'=>'avatar_original_view')); + $this->element('img', array('src' => $original->url, + 'width' => $original->width, + 'height' => $original->height, + 'alt' => $user->nickname)); + $this->elementEnd('div'); + $this->elementEnd('li'); + } + + $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); + + if ($avatar) { + $this->elementStart('li', array('id' => 'avatar_preview', + 'class' => 'avatar_view')); + $this->element('h2', null, _("Preview")); + $this->elementStart('div', array('id'=>'avatar_preview_view')); + $this->element('img', array('src' => $original->url, + 'width' => AVATAR_PROFILE_SIZE, + 'height' => AVATAR_PROFILE_SIZE, + 'alt' => $user->nickname)); + $this->elementEnd('div'); + $this->elementEnd('li'); + } + + $this->elementStart('li', array ('id' => 'settings_attach')); + $this->element('input', array('name' => 'avatarfile', + 'type' => 'file', + 'id' => 'avatarfile')); + $this->element('input', array('name' => 'MAX_FILE_SIZE', + 'type' => 'hidden', + 'id' => 'MAX_FILE_SIZE', + 'value' => MAX_AVATAR_SIZE)); + $this->elementEnd('li'); + $this->elementEnd('ul'); + + $this->elementStart('ul', 'form_actions'); + $this->elementStart('li'); + $this->submit('upload', _('Upload')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + + } + + function showCropForm() + { + $user = common_current_user(); + + $profile = $user->getProfile(); + + if (!$profile) { + common_log_db_error($user, 'SELECT', __FILE__); + $this->serverError(_('User without matching profile')); + return; + } + + $original = $profile->getOriginalAvatar(); + + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_avatar', + 'class' => 'form_settings', + 'action' => + common_local_url('avatarsettings'))); + $this->elementStart('fieldset'); + $this->element('legend', null, _('Avatar settings')); + $this->hidden('token', common_session_token()); + + $this->elementStart('ul', 'form_data'); + + $this->elementStart('li', + array('id' => 'avatar_original', + 'class' => 'avatar_view')); + $this->element('h2', null, _("Original")); + $this->elementStart('div', array('id'=>'avatar_original_view')); + $this->element('img', array('src' => common_avatar_url($this->filedata['filename']), + 'width' => $this->filedata['width'], + 'height' => $this->filedata['height'], + 'alt' => $user->nickname)); + $this->elementEnd('div'); + $this->elementEnd('li'); + + $this->elementStart('li', + array('id' => 'avatar_preview', + 'class' => 'avatar_view')); + $this->element('h2', null, _("Preview")); + $this->elementStart('div', array('id'=>'avatar_preview_view')); + $this->element('img', array('src' => common_avatar_url($this->filedata['filename']), + 'width' => AVATAR_PROFILE_SIZE, + 'height' => AVATAR_PROFILE_SIZE, + 'alt' => $user->nickname)); + $this->elementEnd('div'); + + foreach (array('avatar_crop_x', 'avatar_crop_y', + 'avatar_crop_w', 'avatar_crop_h') as $crop_info) { + $this->element('input', array('name' => $crop_info, + 'type' => 'hidden', + 'id' => $crop_info)); + } + $this->submit('crop', _('Crop')); + + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + + } + + /** + * Handle a post + * + * We mux on the button name to figure out what the user actually wanted. + * + * @return void + */ + + function handlePost() + { + // CSRF protection + + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->show_form(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + if ($this->arg('upload')) { + $this->uploadAvatar(); + } else if ($this->arg('crop')) { + $this->cropAvatar(); + } else { + $this->showForm(_('Unexpected form submission.')); + } + } + + /** + * Handle an image upload + * + * Does all the magic for handling an image upload, and crops the + * image by default. + * + * @return void + */ + + function uploadAvatar() + { + try { + $imagefile = ImageFile::fromUpload('avatarfile'); + } catch (Exception $e) { + $this->showForm($e->getMessage()); + return; + } + + $cur = common_current_user(); + + $filename = common_avatar_filename($cur->id, + image_type_to_extension($imagefile->type), + null, + 'tmp'.common_timestamp()); + + $filepath = common_avatar_path($filename); + + move_uploaded_file($imagefile->filename, $filepath); + + $filedata = array('filename' => $filename, + 'filepath' => $filepath, + 'width' => $imagefile->width, + 'height' => $imagefile->height, + 'type' => $imagefile->type); + + $_SESSION['FILEDATA'] = $filedata; + + $this->filedata = $filedata; + + $this->mode = 'crop'; + + $this->showForm(_('Pick a square area of the image to be your avatar'), + true); + } + + /** + * Handle the results of jcrop. + * + * @return void + */ + + function cropAvatar() + { + $user = common_current_user(); + + $profile = $user->getProfile(); + + $x = $this->arg('avatar_crop_x'); + $y = $this->arg('avatar_crop_y'); + $w = $this->arg('avatar_crop_w'); + $h = $this->arg('avatar_crop_h'); + + $filedata = $_SESSION['FILEDATA']; + + if (!$filedata) { + $this->serverError(_('Lost our file data.')); + return; + } + + $filepath = common_avatar_path($filedata['filename']); + + if (!file_exists($filepath)) { + $this->serverError(_('Lost our file.')); + return; + } + + switch ($filedata['type']) { + case IMAGETYPE_GIF: + $image_src = imagecreatefromgif($filepath); + break; + case IMAGETYPE_JPEG: + $image_src = imagecreatefromjpeg($filepath); + break; + case IMAGETYPE_PNG: + $image_src = imagecreatefrompng($filepath); + break; + default: + $this->serverError(_('Unknown file type')); + return; + } + + common_debug("W = $w, H = $h, X = $x, Y = $y"); + + $image_dest = imagecreatetruecolor($w, $h); + + $background = imagecolorallocate($image_dest, 0, 0, 0); + ImageColorTransparent($image_dest, $background); + imagealphablending($image_dest, false); + + imagecopyresized($image_dest, $image_src, 0, 0, $x, $y, $w, $h, $w, $h); + + $cur = common_current_user(); + + $filename = common_avatar_filename($cur->id, + image_type_to_extension($filedata['type']), + null, + common_timestamp()); + + $filepath = common_avatar_path($filename); + + switch ($filedata['type']) { + case IMAGETYPE_GIF: + imagegif($image_dest, $filepath); + break; + case IMAGETYPE_JPEG: + imagejpeg($image_dest, $filepath); + break; + case IMAGETYPE_PNG: + imagepng($image_dest, $filepath); + break; + default: + $this->serverError(_('Unknown file type')); + return; + } + + $user = common_current_user(); + + $profile = $cur->getProfile(); + + if ($profile->setOriginal($filepath)) { + @unlink(common_avatar_path($filedata['filename'])); + unset($_SESSION['FILEDATA']); + $this->mode = 'upload'; + $this->showForm(_('Avatar updated.'), true); + } else { + $this->showForm(_('Failed updating avatar.')); + } + } + + /** + * Add the jCrop stylesheet + * + * @return void + */ + + function showStylesheets() + { + parent::showStylesheets(); + $jcropStyle = + common_path('theme/base/css/jquery.Jcrop.css?version='.LACONICA_VERSION); + + $this->element('link', array('rel' => 'stylesheet', + 'type' => 'text/css', + 'href' => $jcropStyle, + 'media' => 'screen, projection, tv')); + } + + /** + * Add the jCrop scripts + * + * @return void + */ + + function showScripts() + { + parent::showScripts(); + + $jcropPack = common_path('js/jcrop/jquery.Jcrop.pack.js'); + $jcropGo = common_path('js/jcrop/jquery.Jcrop.go.js'); + + $this->element('script', array('type' => 'text/javascript', + 'src' => $jcropPack)); + $this->element('script', array('type' => 'text/javascript', + 'src' => $jcropGo)); + } +} diff --git a/actions/block.php b/actions/block.php index e6d2b7e49..e77b634c8 100644 --- a/actions/block.php +++ b/actions/block.php @@ -1,5 +1,16 @@ <?php -/* +/** + * Block a user action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,120 +28,151 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -class BlockAction extends Action { - - var $profile = NULL; - - function prepare($args) { +if (!defined('LACONICA')) { + exit(1); +} +/** + * Block a user action class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class BlockAction extends Action +{ + var $profile = null; + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + */ + function prepare($args) + { parent::prepare($args); - if (!common_logged_in()) { - $this->client_error(_('Not logged in.')); + $this->clientError(_('Not logged in.')); return false; } - - $token = $this->trimmed('token'); - - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } - + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->clientError(_('There was a problem with your session token. Try again, please.')); + return; + } $id = $this->trimmed('blockto'); - if (!$id) { - $this->client_error(_('No profile specified.')); + $this->clientError(_('No profile specified.')); return false; } - $this->profile = Profile::staticGet('id', $id); - if (!$this->profile) { - $this->client_error(_('No profile with that ID.')); + $this->clientError(_('No profile with that ID.')); return false; } - return true; } - function handle($args) { + /** + * Handle request + * + * Shows a page with list of favorite notices + * + * @param array $args $_REQUEST args; handled in prepare() + * + * @return void + */ + function handle($args) + { parent::handle($args); if ($_SERVER['REQUEST_METHOD'] == 'POST') { - if ($this->arg('block')) { - $this->are_you_sure_form(); - } else if ($this->arg('no')) { + if ($this->arg('no')) { $cur = common_current_user(); - common_redirect(common_local_url('subscribers', - array('nickname' => $cur->nickname))); - } else if ($this->arg('yes')) { - $this->block_profile(); + $other = Profile::staticGet('id', $this->arg('blockto')); + common_redirect(common_local_url('showstream', array('nickname' => $other->nickname))); + } elseif ($this->arg('yes')) { + $this->blockProfile(); + } elseif ($this->arg('blockto')) { + $this->showPage(); } } } - function are_you_sure_form() { - $id = $this->profile->id; + function showContent() { + $this->areYouSureForm(); + } - common_show_header(_('Block user')); + function title() { + return _('Block user'); + } + + function showNoticeForm() { + // nop + } - common_element('p', NULL, + /** + * Confirm with user. + * + * Shows a confirmation form. + * + * @return void + */ + function areYouSureForm() + { + $id = $this->profile->id; + $this->element('p', null, _('Are you sure you want to block this user? '. 'Afterwards, they will be unsubscribed from you, '. 'unable to subscribe to you in the future, and '. 'you will not be notified of any @-replies from them.')); - - common_element_start('form', array('id' => 'block-' . $id, + $this->elementStart('form', array('id' => 'block-' . $id, 'method' => 'post', 'class' => 'block', 'action' => common_local_url('block'))); - - common_hidden('token', common_session_token()); - - common_element('input', array('id' => 'blockto-' . $id, + $this->hidden('token', common_session_token()); + $this->element('input', array('id' => 'blockto-' . $id, 'name' => 'blockto', 'type' => 'hidden', 'value' => $id)); - foreach ($this->args as $k => $v) { if (substr($k, 0, 9) == 'returnto-') { - common_hidden($k, $v); + $this->hidden($k, $v); } } - - common_submit('no', _('No')); - common_submit('yes', _('Yes')); - - common_element_end('form'); - - common_show_footer(); + $this->submit('no', _('No')); + $this->submit('yes', _('Yes')); + $this->elementEnd('form'); } - function block_profile() { - + /** + * Actually block a user. + * + * @return void + */ + function blockProfile() + { $cur = common_current_user(); if ($cur->hasBlocked($this->profile)) { - $this->client_error(_('You have already blocked this user.')); + $this->clientError(_('You have already blocked this user.')); return; } - $result = $cur->block($this->profile); - if (!$result) { - $this->server_error(_('Failed to save block information.')); + $this->serverError(_('Failed to save block information.')); return; } - # Now, gotta figure where we go back to - + // Now, gotta figure where we go back to foreach ($this->args as $k => $v) { if ($k == 'returnto-action') { $action = $v; - } else if (substr($k, 0, 9) == 'returnto-') { + } elseif (substr($k, 0, 9) == 'returnto-') { $args[substr($k, 9)] = $v; } } @@ -143,3 +185,4 @@ class BlockAction extends Action { } } } + diff --git a/actions/confirmaddress.php b/actions/confirmaddress.php index 44280e08a..725c1f1e3 100644 --- a/actions/confirmaddress.php +++ b/actions/confirmaddress.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Confirm an address + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,81 +18,146 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Confirm + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Confirm an address + * + * When users change their SMS, email, Jabber, or other addresses, we send out + * a confirmation code to make sure the owner of that address approves. This class + * accepts those codes. + * + * @category Confirm + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } +class ConfirmaddressAction extends Action +{ + /** type of confirmation. */ -class ConfirmaddressAction extends Action { + var $type = null; - function handle($args) { + /** + * Accept a confirmation code + * + * Checks the code and confirms the address in the + * user record + * + * @param args $args $_REQUEST array + * + * @return void + */ + + function handle($args) + { parent::handle($args); if (!common_logged_in()) { - common_set_returnto($this->self_url()); + common_set_returnto($this->selfUrl()); common_redirect(common_local_url('login')); return; } $code = $this->trimmed('code'); if (!$code) { - $this->client_error(_('No confirmation code.')); + $this->clientError(_('No confirmation code.')); return; } $confirm = Confirm_address::staticGet('code', $code); if (!$confirm) { - $this->client_error(_('Confirmation code not found.')); + $this->clientError(_('Confirmation code not found.')); return; } $cur = common_current_user(); if ($cur->id != $confirm->user_id) { - $this->client_error(_('That confirmation code is not for you!')); + $this->clientError(_('That confirmation code is not for you!')); + return; + } + $type = $confirm->address_type; + if (!in_array($type, array('email', 'jabber', 'sms'))) { + $this->serverError(sprintf(_('Unrecognized address type %s'), $type)); return; } - $type = $confirm->address_type; - if (!in_array($type, array('email', 'jabber', 'sms'))) { - $this->server_error(sprintf(_('Unrecognized address type %s'), $type)); - return; - } if ($cur->$type == $confirm->address) { - $this->client_error(_('That address has already been confirmed.')); - return; - } + $this->clientError(_('That address has already been confirmed.')); + return; + } $cur->query('BEGIN'); $orig_user = clone($cur); - $cur->$type = $confirm->address; + $cur->$type = $confirm->address; - if ($type == 'sms') { - $cur->carrier = ($confirm->address_extra)+0; - $carrier = Sms_carrier::staticGet($cur->carrier); - $cur->smsemail = $carrier->toEmailAddress($cur->sms); - } + if ($type == 'sms') { + $cur->carrier = ($confirm->address_extra)+0; + $carrier = Sms_carrier::staticGet($cur->carrier); + $cur->smsemail = $carrier->toEmailAddress($cur->sms); + } - $result = $cur->updateKeys($orig_user); + $result = $cur->updateKeys($orig_user); if (!$result) { - common_log_db_error($cur, 'UPDATE', __FILE__); - $this->server_error(_('Couldn\'t update user.')); + common_log_db_error($cur, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t update user.')); return; } - if ($type == 'email') { - $cur->emailChanged(); - } + if ($type == 'email') { + $cur->emailChanged(); + } $result = $confirm->delete(); if (!$result) { - common_log_db_error($confirm, 'DELETE', __FILE__); - $this->server_error(_('Couldn\'t delete email confirmation.')); + common_log_db_error($confirm, 'DELETE', __FILE__); + $this->serverError(_('Couldn\'t delete email confirmation.')); return; } $cur->query('COMMIT'); - common_show_header(_('Confirm Address')); - common_element('p', NULL, - sprintf(_('The address "%s" has been confirmed for your account.'), $cur->$type)); - common_show_footer(); + $this->type = $type; + $this->showPage(); + } + + /** + * Title of the page + * + * @return string title + */ + + function title() + { + return _('Confirm Address'); + } + + /** + * Show a confirmation message. + * + * @return void + */ + + function showContent() + { + $cur = common_current_user(); + $type = $this->type; + + $this->element('p', null, + sprintf(_('The address "%s" has been '. + 'confirmed for your account.'), + $cur->$type)); } } diff --git a/actions/deletenotice.php b/actions/deletenotice.php index 9a5261eed..efef95441 100644 --- a/actions/deletenotice.php +++ b/actions/deletenotice.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Class for deleting a notice + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,87 +18,148 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @copyright 2008 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/deleteaction.php'); - -class DeletenoticeAction extends DeleteAction { - function handle($args) { - parent::handle($args); - # XXX: Ajax! - - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->delete_notice(); - } else if ($_SERVER['REQUEST_METHOD'] == 'GET') { - $this->show_form(); - } - } - - function get_instructions() { - return _('You are about to permanently delete a notice. Once this is done, it cannot be undone.'); - } - - function get_title() { - return _('Delete notice'); - } - - function show_form($error=NULL) { - $user = common_current_user(); - - common_show_header($this->get_title(), array($this, 'show_header'), $error, - array($this, 'show_top')); - common_element_start('form', array('id' => 'notice_delete_form', - 'method' => 'post', - 'action' => common_local_url('deletenotice'))); - common_hidden('token', common_session_token()); - common_hidden('notice', $this->trimmed('notice')); - common_element_start('p'); - common_element('span', array('id' => 'confirmation_text'), _('Are you sure you want to delete this notice?')); - - common_element('input', array('id' => 'submit_no', - 'name' => 'submit', - 'type' => 'submit', - 'value' => _('No'))); - common_element('input', array('id' => 'submit_yes', - 'name' => 'submit', - 'type' => 'submit', - 'value' => _('Yes'))); - common_element_end('p'); - common_element_end('form'); - common_show_footer(); - } - - function delete_notice() { - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - $url = common_get_returnto(); - $confirmed = $this->trimmed('submit'); - if ($confirmed == _('Yes')) { - $user = common_current_user(); - $notice_id = $this->trimmed('notice'); - $notice = Notice::staticGet($notice_id); - $replies = new Reply; - $replies->get('notice_id', $notice_id); - - common_dequeue_notice($notice); - if (common_config('memcached', 'enabled')) { - $notice->blowSubsCache(); - } - $replies->delete(); - $notice->delete(); - } else { - if ($url) { - common_set_returnto(NULL); - } else { - $url = common_local_url('public'); - } - } - common_redirect($url); - } +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/deleteaction.php'; + +class DeletenoticeAction extends DeleteAction +{ + var $error = null; + + function handle($args) + { + parent::handle($args); + // XXX: Ajax! + + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $this->deleteNotice(); + } else if ($_SERVER['REQUEST_METHOD'] == 'GET') { + $this->showForm(); + } + } + + /** + * Show the page notice + * + * Shows instructions for the page + * + * @return void + */ + + function showPageNotice() + { + $instr = $this->getInstructions(); + $output = common_markup_to_html($instr); + + $this->elementStart('div', 'instructions'); + $this->raw($output); + $this->elementEnd('div'); + } + + function getInstructions() + { + return _('You are about to permanently delete a notice. ' . + 'Once this is done, it cannot be undone.'); + } + + function title() + { + return _('Delete notice'); + } + + /** + * Wrapper for showing a page + * + * Stores an error and shows the page + * + * @param string $error Error, if any + * + * @return void + */ + + function showForm($error = null) + { + $this->error = $error; + $this->showPage(); + } + + /** + * Insert delete notice form into the content + * + * @return void + */ + + function showContent() + { + $this->elementStart('form', array('id' => 'notice_delete_form', + 'method' => 'post', + 'action' => common_local_url('deletenotice'))); + $this->hidden('token', common_session_token()); + $this->hidden('notice', $this->trimmed('notice')); + $this->elementStart('p'); + $this->element('span', array('id' => 'confirmation_text'), + _('Are you sure you want to delete this notice?')); + + $this->element('input', array('id' => 'submit_no', + 'name' => 'submit', + 'type' => 'submit', + 'value' => _('No'))); + $this->element('input', array('id' => 'submit_yes', + 'name' => 'submit', + 'type' => 'submit', + 'value' => _('Yes'))); + $this->elementEnd('p'); + $this->elementEnd('form'); + } + + function deleteNotice() + { + // CSRF protection + $token = $this->trimmed('token'); + + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. ' . + ' Try again, please.')); + return; + } + + $url = common_get_returnto(); + $confirmed = $this->trimmed('submit'); + + if ($confirmed == _('Yes')) { + + $replies = new Reply; + $replies->get('notice_id', $this->notice->id); + + common_dequeue_notice($this->notice); + + if (common_config('memcached', 'enabled')) { + $notice->blowSubsCache(); + } + + $replies->delete(); + $this->notice->delete(); + + } else { + + if ($url) { + common_set_returnto(null); + } else { + $url = common_local_url('public'); + } + } + common_redirect($url); + } } diff --git a/actions/deleteprofile.php b/actions/deleteprofile.php deleted file mode 100644 index 418ac998d..000000000 --- a/actions/deleteprofile.php +++ /dev/null @@ -1,277 +0,0 @@ -<?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -if (!defined('LACONICA')) { exit(1); } - -class DeleteprofileAction extends Action { - function handle($args) { - parent::handle($args); - $this->server_error(_('Code not yet ready.')); - return; - if ('POST' === $_SERVER['REQUEST_METHOD']) { - $this->handle_post(); - } - else if ('GET' === $_SERVER['REQUEST_METHOD']) { - $this->show_form(); - } - } - - function get_instructions() { - return _('Export and delete your user information.'); - } - - function form_header($title, $msg=NULL, $success=false) { - common_show_header($title, - NULL, - array($msg, $success), - array($this, 'show_top')); - } - - function show_feeds_list($feeds) { - common_element_start('div', array('class' => 'feedsdel')); - common_element('p', null, 'Feeds:'); - common_element_start('ul', array('class' => 'xoxo')); - - foreach ($feeds as $key => $value) { - $this->common_feed_item($feeds[$key]); - } - common_element_end('ul'); - common_element_end('div'); - } - - //TODO move to common.php (and retrace its origin) - function common_feed_item($feed) { - $user = common_current_user(); - $nickname = $user->nickname; - - switch($feed['item']) { - case 'notices': default: - $feed_classname = $feed['type']; - $feed_mimetype = "application/".$feed['type']."+xml"; - $feed_title = "$nickname's ".$feed['version']." notice feed"; - $feed['textContent'] = "RSS"; - break; - - case 'foaf': - $feed_classname = "foaf"; - $feed_mimetype = "application/".$feed['type']."+xml"; - $feed_title = "$nickname's FOAF file"; - $feed['textContent'] = "FOAF"; - break; - } - common_element_start('li'); - common_element('a', array('href' => $feed['href'], - 'class' => $feed_classname, - 'type' => $feed_mimetype, - 'title' => $feed_title), - $feed['textContent']); - common_element_end('li'); - } - - function show_form($msg=NULL, $success=false) { - $this->form_header(_('Delete my account'), $msg, $success); - common_element('h2', NULL, _('Delete my account confirmation')); - $this->show_confirm_delete_form(); - common_show_footer(); - } - - function show_confirm_delete_form() { - $user = common_current_user(); - $notices = DB_DataObject::factory('notice'); - $notices->profile_id = $user->id; - $notice_count = (int) $notices->count(); - - common_element_start('form', array('method' => 'POST', - 'id' => 'delete', - 'action' => - common_local_url('deleteprofile'))); - - common_hidden('token', common_session_token()); - common_element('p', null, "Last chance to copy your notices and contacts by saving the two links below before deleting your account. Be careful, this operation cannot be undone."); - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('userrss', array('limit' => $notice_count, 'nickname' => $user->nickname)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'notices'), - 1=>array('href'=>common_local_url('foaf',array('nickname' => $user->nickname)), - 'type' => 'rdf', - 'version' => 'FOAF', - 'item' => 'foaf'))); - - common_checkbox('confirmation', _('Check if you are sure you want to delete your account.')); - - common_submit('deleteaccount', _('Delete my account')); - common_element_end('form'); - } - - function handle_post() { - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('deleteaccount') && $this->arg('confirmation')) { - $this->delete_account(); - } - $this->show_form(); - } - - function delete_account() { - $user = common_current_user(); - assert(!is_null($user)); # should already be checked - - // deleted later through the profile - /* - $avatar = new Avatar; - $avatar->profile_id = $user->id; - $n_avatars_deleted = $avatar->delete(); - */ - - $fave = new Fave; - $fave->user_id = $user->id; - $n_faves_deleted = $fave->delete(); - - $confirmation = new Confirm_address; - $confirmation->user_id = $user->id; - $n_confirmations_deleted = $confirmation->delete(); - - // TODO foreign stuff... - - $invitation = new Invitation; - $invitation->user_id = $user->id; - $n_invitations_deleted = $invitation->delete(); - - $message_from = new Message; - $message_from->from_profile = $user->id; - $n_messages_from_deleted = $message_from->delete(); - - $message_to = new Message; - $message_to->to_profile = $user->id; - $n_messages_to_deleted = $message_to->delete(); - - $notice_inbox = new Notice_inbox; - $notice_inbox->user_id = $user->id; - $n_notices_inbox_deleted = $notice_inbox->delete(); - - $profile_tagger = new Profile_tag; - $profile_tagger->tagger = $user->id; - $n_profiles_tagger_deleted = $profile_tagger->delete(); - - $profile_tagged = new Profile_tag; - $profile_tagged->tagged = $user->id; - $n_profiles_tagged_deleted = $profile_tagged->delete(); - - $remember_me = new Remember_me; - $remember_me->user_id = $user->id; - $n_remember_mes_deleted = $remember_me->delete(); - - $reply= new Reply; - $reply->profile_id = $user->id; - $n_replies_deleted = $reply->delete(); - - // FIXME we're not removings replies to deleted notices. - // notices should take care of that themselves. - - $notice = new Notice; - $notice->profile_id = $user->id; - $n_notices_deleted = $notice->delete(); - - $subscriber = new Subscription; - $subscriber->subscriber = $user->id; - $n_subscribers_deleted = $subscriber->delete(); - - $subscribed = new Subscription; - $subscribed->subscribed = $user->id; - $n_subscribeds_deleted = $subscribed->delete(); - - $user_openid = new User_openid; - $user_openid->user_id = $user->id; - $n_user_openids_deleted = $user_openid->delete(); - - $profile = new Profile; - $profile->id = $user->id; - $profile->delete_avatars(); - $n_profiles_deleted = $profile->delete(); - $n_users_deleted = $user->delete(); - - // logout and redirect to public - common_set_user(NULL); - common_real_login(false); # not logged in - common_forgetme(); # don't log back in! - common_redirect(common_local_url('public')); - } - - function show_top($arr) { - $msg = $arr[0]; - $success = $arr[1]; - if ($msg) { - $this->message($msg, $success); - } else { - $inst = $this->get_instructions(); - $output = common_markup_to_html($inst); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - } - $this->settings_menu(); - } - - function settings_menu() { - # action => array('prompt', 'title') - $menu = - array('profilesettings' => - array(_('Profile'), - _('Change your profile settings')), - 'emailsettings' => - array(_('Email'), - _('Change email handling')), - 'openidsettings' => - array(_('OpenID'), - _('Add or remove OpenIDs')), - 'smssettings' => - array(_('SMS'), - _('Updates by SMS')), - 'imsettings' => - array(_('IM'), - _('Updates by instant messenger (IM)')), - 'twittersettings' => - array(_('Twitter'), - _('Twitter integration options')), - 'othersettings' => - array(_('Other'), - _('Other options'))); - - $action = $this->trimmed('action'); - common_element_start('ul', array('id' => 'nav_views')); - foreach ($menu as $menuaction => $menudesc) { - if ($menuaction == 'imsettings' && - !common_config('xmpp', 'enabled')) { - continue; - } - common_menu_item(common_local_url($menuaction), - $menudesc[0], - $menudesc[1], - $action == $menuaction); - } - common_element_end('ul'); - } -} - diff --git a/actions/disfavor.php b/actions/disfavor.php index be208f65a..09b3bf18d 100644 --- a/actions/disfavor.php +++ b/actions/disfavor.php @@ -1,5 +1,17 @@ <?php -/* + +/** + * Disfavor action. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,67 +29,79 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -class DisfavorAction extends Action { - - function handle($args) { - - parent::handle($args); - - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - return; - } - - $user = common_current_user(); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('showfavorites', array('nickname' => $user->nickname))); - return; - } - - $id = $this->trimmed('notice'); - - $notice = Notice::staticGet($id); - - $token = $this->trimmed('token-'.$notice->id); - - if (!$token || $token != common_session_token()) { - $this->client_error(_("There was a problem with your session token. Try again, please.")); - return; - } - - $fave = new Fave(); - $fave->user_id = $this->id; - $fave->notice_id = $notice->id; - if (!$fave->find(true)) { - $this->client_error(_('This notice is not a favorite!')); - return; - } - - $result = $fave->delete(); +if (!defined('LACONICA')) { + exit(1); +} - if (!$result) { - common_log_db_error($fave, 'DELETE', __FILE__); - $this->server_error(_('Could not delete favorite.')); - return; - } - - $user->blowFavesCache(); +require_once INSTALLDIR.'/lib/favorform.php'; - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Add to favorites')); - common_element_end('head'); - common_element_start('body'); - common_favor_form($notice); - common_element_end('body'); - common_element_end('html'); - } else { - common_redirect(common_local_url('showfavorites', - array('nickname' => $user->nickname))); - } - } +/** + * Disfavor class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class DisfavorAction extends Action +{ + /** + * Class handler. + * + * @param array $args query arguments + * + * @return void + */ + function handle($args) + { + parent::handle($args); + if (!common_logged_in()) { + $this->clientError(_('Not logged in.')); + return; + } + $user = common_current_user(); + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + common_redirect(common_local_url('showfavorites', + array('nickname' => $user->nickname))); + return; + } + $id = $this->trimmed('notice'); + $notice = Notice::staticGet($id); + $token = $this->trimmed('token-'.$notice->id); + if (!$token || $token != common_session_token()) { + $this->clientError(_("There was a problem with your session token. Try again, please.")); + return; + } + $fave = new Fave(); + $fave->user_id = $this->id; + $fave->notice_id = $notice->id; + if (!$fave->find(true)) { + $this->clientError(_('This notice is not a favorite!')); + return; + } + $result = $fave->delete(); + if (!$result) { + common_log_db_error($fave, 'DELETE', __FILE__); + $this->serverError(_('Could not delete favorite.')); + return; + } + $user->blowFavesCache(); + if ($this->boolean('ajax')) { + $this->startHTML('text/xml;charset=utf-8', true); + $this->elementStart('head'); + $this->element('title', null, _('Add to favorites')); + $this->elementEnd('head'); + $this->elementStart('body'); + $favor = new FavorForm($this, $notice); + $favor->show(); + $this->elementEnd('body'); + $this->elementEnd('html'); + } else { + common_redirect(common_local_url('showfavorites', + array('nickname' => $user->nickname))); + } + } } + diff --git a/actions/doc.php b/actions/doc.php index f3327048f..3755bb051 100644 --- a/actions/doc.php +++ b/actions/doc.php @@ -1,5 +1,17 @@ <?php -/* + +/** + * Documentation action. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,22 +29,82 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Documentation class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class DocAction extends Action +{ + var $filename; + var $title; + + /** + * Class handler. + * + * @param array $args array of arguments + * + * @return nothing + */ + function handle($args) + { + parent::handle($args); + $this->title = $this->trimmed('title'); + $this->filename = INSTALLDIR.'/doc/'.$this->title; + if (!file_exists($this->filename)) { + $this->clientError(_('No such document.')); + return; + } + $this->showPage(); + } + + // overrrided to add entry-title class + function showPageTitle() { + $this->element('h1', array('class' => 'entry-title'), $this->title()); + } + + // overrided to add hentry, and content-inner classes + function showContentBlock() + { + $this->elementStart('div', array('id' => 'content', 'class' => 'hentry')); + $this->showPageTitle(); + $this->showPageNoticeBlock(); + $this->elementStart('div', array('id' => 'content_inner', + 'class' => 'entry-content')); + // show the actual content (forms, lists, whatever) + $this->showContent(); + $this->elementEnd('div'); + $this->elementEnd('div'); + } -class DocAction extends Action { + /** + * Display content. + * + * @return nothing + */ + function showContent() + { + $c = file_get_contents($this->filename); + $output = common_markup_to_html($c); + $this->raw($output); + } - function handle($args) { - parent::handle($args); - $title = $this->trimmed('title'); - $filename = INSTALLDIR.'/doc/'.$title; - if (!file_exists($filename)) { - common_user_error(_('No such document.')); - return; - } - $c = file_get_contents($filename); - $output = common_markup_to_html($c); - common_show_header(_(ucfirst($title))); - common_raw($output); - common_show_footer(); - } + /** + * Page title. + * + * @return page title + */ + function title() + { + return ucfirst($this->title); + } } diff --git a/actions/editgroup.php b/actions/editgroup.php new file mode 100644 index 000000000..98ebcb87a --- /dev/null +++ b/actions/editgroup.php @@ -0,0 +1,238 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * Edit an existing group + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Add a new group + * + * This is the form for adding a new group + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class EditgroupAction extends Action +{ + var $msg; + var $group = null; + + function title() + { + return sprintf(_('Edit %s group'), $this->group->nickname); + } + + /** + * Prepare to run + */ + + function prepare($args) + { + parent::prepare($args); + + if (!common_config('inboxes','enabled')) { + $this->serverError(_('Inboxes must be enabled for groups to work')); + return false; + } + + if (!common_logged_in()) { + $this->clientError(_('You must be logged in to create a group.')); + return false; + } + + $nickname_arg = $this->trimmed('nickname'); + $nickname = common_canonical_nickname($nickname_arg); + + // Permanent redirect on non-canonical nickname + + if ($nickname_arg != $nickname) { + $args = array('nickname' => $nickname); + common_redirect(common_local_url('editgroup', $args), 301); + return false; + } + + if (!$nickname) { + $this->clientError(_('No nickname'), 404); + return false; + } + + $groupid = $this->trimmed('groupid'); + if ($groupid) { + $this->group = User_group::staticGet('id', $groupid); + } else { + $this->group = User_group::staticGet('nickname', $nickname); + } + + if (!$this->group) { + $this->clientError(_('No such group'), 404); + return false; + } + + $cur = common_current_user(); + + if (!$cur->isAdmin($this->group)) { + $this->clientError(_('You must be an admin to edit the group'), 403); + return false; + } + + return true; + } + + /** + * Handle the request + * + * On GET, show the form. On POST, try to save the group. + * + * @param array $args unused + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $this->trySave(); + } else { + $this->showForm(); + } + } + + function showForm($msg=null) + { + $this->msg = $msg; + $this->showPage(); + } + + function showLocalNav() + { + $nav = new GroupNav($this, $this->group); + $nav->show(); + } + + function showContent() + { + $form = new GroupEditForm($this, $this->group); + $form->show(); + } + + function showPageNotice() + { + if ($this->msg) { + $this->element('p', 'error', $this->msg); + } else { + $this->element('p', 'instructions', + _('Use this form to edit the group.')); + } + } + + function trySave() + { + $cur = common_current_user(); + if (!$cur->isAdmin($this->group)) { + $this->clientError(_('You must be an admin to edit the group'), 403); + return; + } + + + $nickname = common_canonical_nickname($this->trimmed('nickname')); + $fullname = $this->trimmed('fullname'); + $homepage = $this->trimmed('homepage'); + $description = $this->trimmed('description'); + $location = $this->trimmed('location'); + + if (!Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => NICKNAME_FMT))) { + $this->showForm(_('Nickname must have only lowercase letters '. + 'and numbers and no spaces.')); + return; + } else if ($this->nicknameExists($nickname)) { + $this->showForm(_('Nickname already in use. Try another one.')); + return; + } else if (!User_group::allowedNickname($nickname)) { + $this->showForm(_('Not a valid nickname.')); + return; + } else if (!is_null($homepage) && (strlen($homepage) > 0) && + !Validate::uri($homepage, + array('allowed_schemes' => + array('http', 'https')))) { + $this->showForm(_('Homepage is not a valid URL.')); + return; + } else if (!is_null($fullname) && strlen($fullname) > 255) { + $this->showForm(_('Full name is too long (max 255 chars).')); + return; + } else if (!is_null($description) && strlen($description) > 140) { + $this->showForm(_('description is too long (max 140 chars).')); + return; + } else if (!is_null($location) && strlen($location) > 255) { + $this->showForm(_('Location is too long (max 255 chars).')); + return; + } + + $orig = clone($this->group); + + $this->group->nickname = $nickname; + $this->group->fullname = $fullname; + $this->group->homepage = $homepage; + $this->group->description = $description; + $this->group->location = $location; + $this->group->created = common_sql_now(); + + $result = $this->group->update($orig); + + if (!$result) { + common_log_db_error($this->group, 'UPDATE', __FILE__); + $this->serverError(_('Could not update group.')); + } + + if ($this->group->nickname != $orig->nickname) { + common_redirect(common_local_url('editgroup', + array('nickname' => $nickname)), + 307); + } else { + $this->showForm(_('Options saved.')); + } + } + + function nicknameExists($nickname) + { + $group = User_group::staticGet('nickname', $nickname); + return (!is_null($group) && + $group != false && + $group->id != $this->group->id); + } +} + diff --git a/actions/emailsettings.php b/actions/emailsettings.php index b35b4d28e..b84acb214 100644 --- a/actions/emailsettings.php +++ b/actions/emailsettings.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Settings for email + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,316 +18,473 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); - -class EmailsettingsAction extends SettingsAction { - - function get_instructions() { - return _('Manage how you get email from %%site.name%%.'); - } - - function show_form($msg=NULL, $success=false) { - $user = common_current_user(); - $this->form_header(_('Email Settings'), $msg, $success); - common_element_start('form', array('method' => 'post', - 'id' => 'emailsettings', - 'action' => - common_local_url('emailsettings'))); - common_hidden('token', common_session_token()); - - common_element('h2', NULL, _('Address')); - - if ($user->email) { - common_element_start('p'); - common_element('span', 'address confirmed', $user->email); - common_element('span', 'input_instructions', - _('Current confirmed email address.')); - common_hidden('email', $user->email); - common_element_end('p'); - common_submit('remove', _('Remove')); - } else { - $confirm = $this->get_confirmation(); - if ($confirm) { - common_element_start('p'); - common_element('span', 'address unconfirmed', $confirm->address); - common_element('span', 'input_instructions', - _('Awaiting confirmation on this address. Check your inbox (and spam box!) for a message with further instructions.')); - common_hidden('email', $confirm->address); - common_element_end('p'); - common_submit('cancel', _('Cancel')); - } else { - common_input('email', _('Email Address'), - ($this->arg('email')) ? $this->arg('email') : NULL, - _('Email address, like "UserName@example.org"')); - common_submit('add', _('Add')); - } - } - - if ($user->email) { - common_element('h2', NULL, _('Incoming email')); - - if ($user->incomingemail) { - common_element_start('p'); - common_element('span', 'address', $user->incomingemail); - common_element('span', 'input_instructions', - _('Send email to this address to post new notices.')); - common_element_end('p'); - common_submit('removeincoming', _('Remove')); - } - - common_element_start('p'); - common_element('span', 'input_instructions', - _('Make a new email address for posting to; cancels the old one.')); - common_element_end('p'); - common_submit('newincoming', _('New')); - } - - common_element('h2', NULL, _('Preferences')); - - common_checkbox('emailnotifysub', - _('Send me notices of new subscriptions through email.'), - $user->emailnotifysub); - common_checkbox('emailnotifyfav', - _('Send me email when someone adds my notice as a favorite.'), - $user->emailnotifyfav); - common_checkbox('emailnotifymsg', - _('Send me email when someone sends me a private message.'), - $user->emailnotifymsg); - common_checkbox('emailnotifynudge', - _('Allow friends to nudge me and send me an email.'), - $user->emailnotifynudge); - common_checkbox('emailpost', - _('I want to post notices by email.'), - $user->emailpost); - common_checkbox('emailmicroid', - _('Publish a MicroID for my email address.'), - $user->emailmicroid); - - common_submit('save', _('Save')); - - common_element_end('form'); - common_show_footer(); - } - - function get_confirmation() { - $user = common_current_user(); - $confirm = new Confirm_address(); - $confirm->user_id = $user->id; - $confirm->address_type = 'email'; - if ($confirm->find(TRUE)) { - return $confirm; - } else { - return NULL; - } - } - - function handle_post() { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_preferences(); - } else if ($this->arg('add')) { - $this->add_address(); - } else if ($this->arg('cancel')) { - $this->cancel_confirmation(); - } else if ($this->arg('remove')) { - $this->remove_address(); - } else if ($this->arg('removeincoming')) { - $this->remove_incoming(); - } else if ($this->arg('newincoming')) { - $this->new_incoming(); - } else { - $this->show_form(_('Unexpected form submission.')); - } - } - - function save_preferences() { - - $emailnotifysub = $this->boolean('emailnotifysub'); - $emailnotifyfav = $this->boolean('emailnotifyfav'); - $emailnotifymsg = $this->boolean('emailnotifymsg'); - $emailnotifynudge = $this->boolean('emailnotifynudge'); - $emailmicroid = $this->boolean('emailmicroid'); - $emailpost = $this->boolean('emailpost'); - - $user = common_current_user(); - - assert(!is_null($user)); # should already be checked - - $user->query('BEGIN'); - - $original = clone($user); - - $user->emailnotifysub = $emailnotifysub; - $user->emailnotifyfav = $emailnotifyfav; - $user->emailnotifymsg = $emailnotifymsg; - $user->emailnotifynudge = $emailnotifynudge; - $user->emailmicroid = $emailmicroid; - $user->emailpost = $emailpost; - - $result = $user->update($original); - - if ($result === FALSE) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - - $user->query('COMMIT'); - - $this->show_form(_('Preferences saved.'), true); - } - - function add_address() { - - $user = common_current_user(); - - $email = $this->trimmed('email'); - - # Some validation - - if (!$email) { - $this->show_form(_('No email address.')); - return; - } - - $email = common_canonical_email($email); - - if (!$email) { - $this->show_form(_('Cannot normalize that email address')); - return; - } - if (!Validate::email($email, true)) { - $this->show_form(_('Not a valid email address')); - return; - } else if ($user->email == $email) { - $this->show_form(_('That is already your email address.')); - return; - } else if ($this->email_exists($email)) { - $this->show_form(_('That email address already belongs to another user.')); - return; - } - - $confirm = new Confirm_address(); - $confirm->address = $email; - $confirm->address_type = 'email'; - $confirm->user_id = $user->id; - $confirm->code = common_confirmation_code(64); - - $result = $confirm->insert(); - - if ($result === FALSE) { - common_log_db_error($confirm, 'INSERT', __FILE__); - common_server_error(_('Couldn\'t insert confirmation code.')); - return; - } - - mail_confirm_address($user, $confirm->code, $user->nickname, $email); - - $msg = _('A confirmation code was sent to the email address you added. Check your inbox (and spam box!) for the code and instructions on how to use it.'); - - $this->show_form($msg, TRUE); - } - - function cancel_confirmation() { - $email = $this->arg('email'); - $confirm = $this->get_confirmation(); - if (!$confirm) { - $this->show_form(_('No pending confirmation to cancel.')); - return; - } - if ($confirm->address != $email) { - $this->show_form(_('That is the wrong IM address.')); - return; - } +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/accountsettingsaction.php'; + +/** + * Settings for email + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * + * @see Widget + */ + +class EmailsettingsAction extends AccountSettingsAction +{ + /** + * Title of the page + * + * @return string Title of the page + */ + + function title() + { + return _('Email Settings'); + } + + /** + * Instructions for use + * + * @return instructions for use + */ + + function getInstructions() + { + return _('Manage how you get email from %%site.name%%.'); + } + + /** + * Content area of the page + * + * Shows a form for adding and removing email addresses and setting + * email preferences. + * + * @return void + */ + + function showContent() + { + $user = common_current_user(); + + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_email', + 'class' => 'form_settings', + 'action' => + common_local_url('emailsettings'))); + + $this->elementStart('fieldset', array('id' => 'settings_email_address')); + $this->element('legend', null, _('Address')); + $this->hidden('token', common_session_token()); + + if ($user->email) { + $this->element('p', array('id' => 'form_confirmed'), $user->email); + $this->element('p', array('class' => 'form_note'), _('Current confirmed email address.')); + $this->hidden('email', $user->email); + $this->submit('remove', _('Remove')); + } else { + $confirm = $this->getConfirmation(); + if ($confirm) { + $this->element('p', array('id' => 'form_unconfirmed'), $confirm->address); + $this->element('p', array('class' => 'form_note'), + _('Awaiting confirmation on this address. '. + 'Check your inbox (and spam box!) for a message '. + 'with further instructions.')); + $this->hidden('email', $confirm->address); + $this->submit('cancel', _('Cancel')); + } else { + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->input('email', _('Email Address'), + ($this->arg('email')) ? $this->arg('email') : null, + _('Email address, like "UserName@example.org"')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('add', _('Add')); + } + } + $this->elementEnd('fieldset'); + + if ($user->email) { + $this->elementStart('fieldset', array('id' => 'settings_email_incoming')); + $this->element('legend',_('Incoming email')); + if ($user->incomingemail) { + $this->elementStart('p'); + $this->element('span', 'address', $user->incomingemail); + $this->element('span', 'input_instructions', + _('Send email to this address to post new notices.')); + $this->elementEnd('p'); + $this->submit('removeincoming', _('Remove')); + } + + $this->elementStart('p'); + $this->element('span', 'input_instructions', + _('Make a new email address for posting to; '. + 'cancels the old one.')); + $this->elementEnd('p'); + $this->submit('newincoming', _('New')); + $this->elementEnd('fieldset'); + } + + $this->elementStart('fieldset', array('id' => 'settings_email_preferences')); + $this->element('legend', null, _('Preferences')); + + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->checkbox('emailnotifysub', + _('Send me notices of new subscriptions through email.'), + $user->emailnotifysub); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('emailnotifyfav', + _('Send me email when someone '. + 'adds my notice as a favorite.'), + $user->emailnotifyfav); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('emailnotifymsg', + _('Send me email when someone sends me a private message.'), + $user->emailnotifymsg); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('emailnotifynudge', + _('Allow friends to nudge me and send me an email.'), + $user->emailnotifynudge); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('emailpost', + _('I want to post notices by email.'), + $user->emailpost); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('emailmicroid', + _('Publish a MicroID for my email address.'), + $user->emailmicroid); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('save', _('Save')); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + /** + * Gets any existing email address confirmations we're waiting for + * + * @return Confirm_address Email address confirmation for user, or null + */ + + function getConfirmation() + { + $user = common_current_user(); + + $confirm = new Confirm_address(); + + $confirm->user_id = $user->id; + $confirm->address_type = 'email'; + + if ($confirm->find(true)) { + return $confirm; + } else { + return null; + } + } + + /** + * Handle posts + * + * Since there are a lot of different options on the page, we + * figure out what we're supposed to do based on which button was + * pushed + * + * @return void + */ + + function handlePost() + { + // CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->show_form(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + if ($this->arg('save')) { + $this->savePreferences(); + } else if ($this->arg('add')) { + $this->addAddress(); + } else if ($this->arg('cancel')) { + $this->cancelConfirmation(); + } else if ($this->arg('remove')) { + $this->removeAddress(); + } else if ($this->arg('removeincoming')) { + $this->removeIncoming(); + } else if ($this->arg('newincoming')) { + $this->newIncoming(); + } else { + $this->showForm(_('Unexpected form submission.')); + } + } + + /** + * Save email preferences + * + * @return void + */ + + function savePreferences() + { + $emailnotifysub = $this->boolean('emailnotifysub'); + $emailnotifyfav = $this->boolean('emailnotifyfav'); + $emailnotifymsg = $this->boolean('emailnotifymsg'); + $emailnotifynudge = $this->boolean('emailnotifynudge'); + $emailmicroid = $this->boolean('emailmicroid'); + $emailpost = $this->boolean('emailpost'); + + $user = common_current_user(); + + assert(!is_null($user)); // should already be checked + + $user->query('BEGIN'); + + $original = clone($user); + + $user->emailnotifysub = $emailnotifysub; + $user->emailnotifyfav = $emailnotifyfav; + $user->emailnotifymsg = $emailnotifymsg; + $user->emailnotifynudge = $emailnotifynudge; + $user->emailmicroid = $emailmicroid; + $user->emailpost = $emailpost; + + $result = $user->update($original); + + if ($result === false) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t update user.')); + return; + } + + $user->query('COMMIT'); + + $this->showForm(_('Preferences saved.'), true); + } + + /** + * Add the address passed in by the user + * + * @return void + */ + + function addAddress() + { + $user = common_current_user(); + + $email = $this->trimmed('email'); + + // Some validation + + if (!$email) { + $this->showForm(_('No email address.')); + return; + } + + $email = common_canonical_email($email); + + if (!$email) { + $this->showForm(_('Cannot normalize that email address')); + return; + } + if (!Validate::email($email, true)) { + $this->showForm(_('Not a valid email address')); + return; + } else if ($user->email == $email) { + $this->showForm(_('That is already your email address.')); + return; + } else if ($this->emailExists($email)) { + $this->showForm(_('That email address already belongs '. + 'to another user.')); + return; + } + + $confirm = new Confirm_address(); + + $confirm->address = $email; + $confirm->address_type = 'email'; + $confirm->user_id = $user->id; + $confirm->code = common_confirmation_code(64); + + $result = $confirm->insert(); + + if ($result === false) { + common_log_db_error($confirm, 'INSERT', __FILE__); + $this->serverError(_('Couldn\'t insert confirmation code.')); + return; + } + + mail_confirm_address($user, $confirm->code, $user->nickname, $email); + + $msg = _('A confirmation code was sent to the email address you added. '. + 'Check your inbox (and spam box!) for the code and instructions '. + 'on how to use it.'); + + $this->showForm($msg, true); + } + + /** + * Handle a request to cancel email confirmation + * + * @return void + */ + + function cancelConfirmation() + { + $email = $this->arg('email'); + + $confirm = $this->getConfirmation(); + + if (!$confirm) { + $this->showForm(_('No pending confirmation to cancel.')); + return; + } + if ($confirm->address != $email) { + $this->showForm(_('That is the wrong IM address.')); + return; + } $result = $confirm->delete(); if (!$result) { - common_log_db_error($confirm, 'DELETE', __FILE__); - $this->server_error(_('Couldn\'t delete email confirmation.')); + common_log_db_error($confirm, 'DELETE', __FILE__); + $this->serverError(_('Couldn\'t delete email confirmation.')); + return; + } + + $this->showForm(_('Confirmation cancelled.'), true); + } + + /** + * Handle a request to remove an address from the user's account + * + * @return void + */ + + function removeAddress() + { + $user = common_current_user(); + + $email = $this->arg('email'); + + // Maybe an old tab open...? + + if ($user->email != $email) { + $this->showForm(_('That is not your email address.')); + return; + } + + $user->query('BEGIN'); + + $original = clone($user); + + $user->email = null; + + $result = $user->updateKeys($original); + + if (!$result) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t update user.')); + return; + } + $user->query('COMMIT'); + + $this->showForm(_('The address was removed.'), true); + } + + /** + * Handle a request to remove an incoming email address + * + * @return void + */ + + function removeIncoming() + { + $user = common_current_user(); + + if (!$user->incomingemail) { + $this->showForm(_('No incoming email address.')); return; } - $this->show_form(_('Confirmation cancelled.'), TRUE); - } - - function remove_address() { - - $user = common_current_user(); - $email = $this->arg('email'); - - # Maybe an old tab open...? - - if ($user->email != $email) { - $this->show_form(_('That is not your email address.')); - return; - } - - $user->query('BEGIN'); - $original = clone($user); - $user->email = NULL; - $result = $user->updateKeys($original); - if (!$result) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - $user->query('COMMIT'); - - $this->show_form(_('The address was removed.'), TRUE); - } - - function remove_incoming() { - $user = common_current_user(); - - if (!$user->incomingemail) { - $this->show_form(_('No incoming email address.')); - return; - } - - $orig = clone($user); - $user->incomingemail = NULL; - - if (!$user->updateKeys($orig)) { - common_log_db_error($user, 'UPDATE', __FILE__); - $this->server_error(_("Couldn't update user record.")); - } - - $this->show_form(_('Incoming email address removed.'), TRUE); - } - - function new_incoming() { - $user = common_current_user(); - - $orig = clone($user); - $user->incomingemail = mail_new_incoming_address(); - - if (!$user->updateKeys($orig)) { - common_log_db_error($user, 'UPDATE', __FILE__); - $this->server_error(_("Couldn't update user record.")); - } - - $this->show_form(_('New incoming email address added.'), TRUE); - } - - function email_exists($email) { - $user = common_current_user(); - $other = User::staticGet('email', $email); - if (!$other) { - return false; - } else { - return $other->id != $user->id; - } - } + $orig = clone($user); + + $user->incomingemail = null; + + if (!$user->updateKeys($orig)) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_("Couldn't update user record.")); + } + + $this->showForm(_('Incoming email address removed.'), true); + } + + /** + * Generate a new incoming email address + * + * @return void + */ + + function newIncoming() + { + $user = common_current_user(); + + $orig = clone($user); + + $user->incomingemail = mail_new_incoming_address(); + + if (!$user->updateKeys($orig)) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_("Couldn't update user record.")); + } + + $this->showForm(_('New incoming email address added.'), true); + } + + /** + * Does another user already have this email address? + * + * Email addresses are unique for users. + * + * @param string $email Address to check + * + * @return boolean Whether the email already exists. + */ + + function emailExists($email) + { + $user = common_current_user(); + + $other = User::staticGet('email', $email); + + if (!$other) { + return false; + } else { + return $other->id != $user->id; + } + } } diff --git a/actions/facebookhome.php b/actions/facebookhome.php index 8ee2d4cd3..9510e7f08 100644 --- a/actions/facebookhome.php +++ b/actions/facebookhome.php @@ -10,123 +10,315 @@ * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. + * along with this program. If not, see <http://www.gnu.org/licenses/>. */ if (!defined('LACONICA')) { exit(1); } -require_once(INSTALLDIR.'/lib/facebookaction.php'); - -class FacebookhomeAction extends FacebookAction { - - function handle($args) { - parent::handle($args); - - $this->login(); - } - - function login() { - - $user = null; - - $facebook = $this->get_facebook(); - $fbuid = $facebook->require_login(); - - # check to see whether there's already a Facebook link for this user - $flink = Foreign_link::getByForeignID($fbuid, 2); // 2 == Facebook - - if ($flink) { - - $user = $flink->getUser(); - $this->show_home($facebook, $fbuid, $user); - - } else { - - # Make the user put in her Laconica creds - $nickname = common_canonical_nickname($this->trimmed('nickname')); - $password = $this->arg('password'); - - if ($nickname) { - - if (common_check_user($nickname, $password)) { - - - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - echo '<fb:error message="Coudln\'t get user!" />'; - $this->show_login_form(); - } - - $flink = DB_DataObject::factory('foreign_link'); - $flink->user_id = $user->id; - $flink->foreign_id = $fbuid; - $flink->service = 2; # Facebook - $flink->created = common_sql_now(); - - # $this->set_flags($flink, $noticesync, $replysync, $friendsync); - - $flink_id = $flink->insert(); - - if ($flink_id) { - echo '<fb:success message="You can now use the Identi.ca from Facebook!" />'; - } - - $this->show_home($facebook, $fbuid, $user); - - return; - } else { - echo '<fb:error message="Incorrect username or password." />'; - } - } - - $this->show_login_form(); - } - - } - - function show_home($facebook, $fbuid, $user) { - - $this->show_header('Home'); - - echo $this->show_notices($user); - $this->update_profile_box($facebook, $fbuid, $user); - - $this->show_footer(); - } - - function show_notices($user) { - - $page = $this->trimmed('page'); - if (!$page) { - $page = 1; - } - - $notice = $user->noticesWithFriends(($page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); - - echo '<ul id="notices">'; - - $cnt = 0; - - while ($notice->fetch() && $cnt <= NOTICES_PER_PAGE) { - $cnt++; - - if ($cnt > NOTICES_PER_PAGE) { - break; - } - - echo $this->render_notice($notice); - } - - echo '<ul>'; - - $this->pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'index.php', array('nickname' => $user->nickname)); - - } +require_once INSTALLDIR.'/lib/facebookaction.php'; + + +class FacebookhomeAction extends FacebookAction +{ + + var $page = null; + + function prepare($argarray) + { + parent::prepare($argarray); + + $this->page = $this->trimmed('page'); + + if (!$this->page) { + $this->page = 1; + } + + return true; + } + + function handle($args) + { + parent::handle($args); + + // If the user has opted not to initially allow the app to have + // Facebook status update permission, store that preference. Only + // promt the user the first time she uses the app + if ($this->arg('skip')) { + $this->facebook->api_client->data_setUserPreference( + FACEBOOK_PROMPTED_UPDATE_PREF, 'true'); + } + + if ($this->flink) { + + $this->user = $this->flink->getUser(); + + // If this is the first time the user has started the app + // prompt for Facebook status update permission + if (!$this->facebook->api_client->users_hasAppPermission('status_update')) { + + if ($this->facebook->api_client->data_getUserPreference( + FACEBOOK_PROMPTED_UPDATE_PREF) != 'true') { + $this->getUpdatePermission(); + return; + } + } + + // Make sure the user's profile box has the lastest notice + $notice = $this->user->getCurrentNotice(); + if ($notice) { + $this->updateProfileBox($notice); + } + + if ($this->arg('status_submit') == 'Send') { + $this->saveNewNotice(); + } + + // User is authenticated and has already been prompted once for + // Facebook status update permission? Then show the main page + // of the app + $this->showPage(); + + } else { + + // User hasn't authenticated yet, prompt for creds + $this->login(); + } + + } + + function login() + { + + $this->showStylesheets(); + + $nickname = common_canonical_nickname($this->trimmed('nickname')); + $password = $this->arg('password'); + + $msg = null; + + if ($nickname) { + + if (common_check_user($nickname, $password)) { + + $user = User::staticGet('nickname', $nickname); + + if (!$user) { + $this->showLoginForm(_("Server error - couldn't get user!")); + } + + $flink = DB_DataObject::factory('foreign_link'); + $flink->user_id = $user->id; + $flink->foreign_id = $this->fbuid; + $flink->service = FACEBOOK_SERVICE; + $flink->created = common_sql_now(); + $flink->set_flags(true, false, false); + + $flink_id = $flink->insert(); + + // XXX: Do some error handling here + + $this->setDefaults(); + //$this->showHome($flink, _('You can now use Identi.ca from Facebook!')); + + $this->getUpdatePermission(); + return; + + } else { + $msg = _('Incorrect username or password.'); + } + } + + $this->showLoginForm($msg); + + } + + function setDefaults() + { + // A default prefix string for notices + $this->facebook->api_client->data_setUserPreference( + FACEBOOK_NOTICE_PREFIX, 'dented: '); + $this->facebook->api_client->data_setUserPreference( + FACEBOOK_PROMPTED_UPDATE_PREF, 'false'); + } + + + function showNoticeForm() + { + + $post_action = "$this->app_uri/index.php"; + + $notice_form = new FacebookNoticeForm($this, $post_action, null, + $post_action, $this->user); + $notice_form->show(); + } + + function title() + { + if ($this->page > 1) { + return sprintf(_("%s and friends, page %d"), $this->user->nickname, $this->page); + } else { + return sprintf(_("%s and friends"), $this->user->nickname); + } + } + + function showContent() + { + + $notice = $this->user->noticesWithFriends(($this->page-1) * + NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); + + $nl = new NoticeList($notice, $this); + + $cnt = $nl->show(); + + $this->pagination($this->page > 1, $cnt > NOTICES_PER_PAGE, + $this->page, 'index.php', array('nickname' => $this->user->nickname)); + + } + + function showNoticeList($notice) + { + + $nl = new NoticeList($notice, $this); + return $nl->show(); + } + + function getUpdatePermission() { + + $this->showStylesheets(); + + $this->elementStart('div', array('class' => 'content')); + + $instructions = sprintf(_('If you would like the %s app to automatically update ' . + 'your Facebook status with your latest notice, you need ' . + 'to give it permission.'), $this->app_name); + + $this->elementStart('p'); + $this->element('span', array('id' => 'permissions_notice'), $instructions); + $this->elementEnd('p'); + + $this->elementStart('form', array('method' => 'post', + 'action' => "$app_url/index.php", + 'id' => 'facebook-skip-permissions')); + + $this->elementStart('ul', array('id' => 'fb-permissions-list')); + $this->elementStart('li', array('id' => 'fb-permissions-item')); + $this->elementStart('fb:prompt-permission', array('perms' => 'status_update', + 'next_fbjs' => 'document.setLocation(\'' . "$this->app_uri/index.php" . '\')')); + $this->element('span', array('class' => 'facebook-button'), + sprintf(_('Allow %s to update my Facebook status'), $this->app_name)); + $this->elementEnd('fb:prompt-permission'); + $this->elementEnd('li'); + + $this->elementStart('li', array('id' => 'fb-permissions-item')); + $this->submit('skip', _('Skip')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + + $this->elementEnd('form'); + $this->elementEnd('div'); + + } + + function saveNewNotice() + { + + $user = $this->flink->getUser(); + + $content = $this->trimmed('status_textarea'); + + if (!$content) { + $this->showPage(_('No notice content!')); + return; + } else { + $content_shortened = common_shorten_links($content); + + if (mb_strlen($content_shortened) > 140) { + common_debug("Content = '$content_shortened'", __FILE__); + common_debug("mb_strlen(\$content) = " . mb_strlen($content_shortened), __FILE__); + $this->showPage(_('That\'s too long. Max notice size is 140 chars.')); + return; + } + } + + $inter = new CommandInterpreter(); + + $cmd = $inter->handle_command($user, $content_shortened); + + if ($cmd) { + + // XXX fix this + + $cmd->execute(new WebChannel()); + return; + } + + $replyto = $this->trimmed('inreplyto'); + + $notice = Notice::saveNew($user->id, $content, + 'Facebook', 1, ($replyto == 'false') ? null : $replyto); + + if (is_string($notice)) { + $this->showPage($notice); + return; + } + + common_broadcast_notice($notice); + + } + + /** + * Generate pagination links + * + * @param boolean $have_before is there something before? + * @param boolean $have_after is there something after? + * @param integer $page current page + * @param string $action current action + * @param array $args rest of query arguments + * + * @return nothing + */ + function pagination($have_before, $have_after, $page, $action, $args=null) + { + + // Does a little before-after block for next/prev page + + // XXX: Fix so this uses common_local_url() if possible. + + if ($have_before || $have_after) { + $this->elementStart('div', array('class' => 'pagination')); + $this->elementStart('dl', null); + $this->element('dt', null, _('Pagination')); + $this->elementStart('dd', null); + $this->elementStart('ul', array('class' => 'nav')); + } + if ($have_before) { + $pargs = array('page' => $page-1); + $newargs = $args ? array_merge($args, $pargs) : $pargs; + $this->elementStart('li', array('class' => 'nav_prev')); + $this->element('a', array('href' => "$action?page=$newargs[page]", 'rel' => 'prev'), + _('After')); + $this->elementEnd('li'); + } + if ($have_after) { + $pargs = array('page' => $page+1); + $newargs = $args ? array_merge($args, $pargs) : $pargs; + $this->elementStart('li', array('class' => 'nav_next')); + $this->element('a', array('href' => "$action?page=$newargs[page]", 'rel' => 'next'), + _('Before')); + $this->elementEnd('li'); + } + if ($have_before || $have_after) { + $this->elementEnd('ul'); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + $this->elementEnd('div'); + } + } + } diff --git a/actions/facebookinvite.php b/actions/facebookinvite.php index 68b351fb9..b7224783a 100644 --- a/actions/facebookinvite.php +++ b/actions/facebookinvite.php @@ -10,37 +10,124 @@ * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. + * along with this program. If not, see <http://www.gnu.org/licenses/>. */ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/facebookaction.php'); -class FacebookinviteAction extends FacebookAction { +class FacebookinviteAction extends FacebookAction +{ - function handle($args) { - parent::handle($args); + function handle($args) + { + parent::handle($args); + $this->showForm(); + } - $this->display(); - } + /** + * Wrapper for showing a page + * + * Stores an error and shows the page + * + * @param string $error Error, if any + * + * @return void + */ - function display() { + function showForm($error=null) + { + $this->error = $error; + $this->showPage(); + } - $facebook = $this->get_facebook(); + /** + * Show the page content + * + * Either shows the registration form or, if registration was successful, + * instructions for using the site. + * + * @return void + */ - $fbuid = $facebook->require_login(); + function showContent() + { + if ($this->arg('ids')) { + $this->showSuccessContent(); + } else { + $this->showFormContent(); + } + } - $this->show_header('Invite'); + function showSuccessContent() + { - echo '<h2>Coming soon...</h2>'; + $this->element('h2', null, sprintf(_('Thanks for inviting your friends to use %s'), + common_config('site', 'name'))); + $this->element('p', null, _('Invitations have been sent to the following users:')); - $this->show_footer(); + $friend_ids = $_POST['ids']; // XXX: Hmm... is this the best way to acces the list? - } + $this->elementStart("ul"); + + foreach ($friend_ids as $friend) { + $this->elementStart('li'); + $this->element('fb:profile-pic', array('uid' => $friend)); + $this->element('fb:name', array('uid' => $friend, + 'capitalize' => 'true')); + $this->elementEnd('li'); + } + + $this->elementEnd("ul"); + + } + + function showFormContent() + { + + // Get a list of users who are already using the app for exclusion + $exclude_ids = $this->facebook->api_client->friends_getAppUsers(); + + $content = sprintf(_('You have been invited to %s'), common_config('site', 'name')) . + htmlentities('<fb:req-choice url="' . $this->app_uri . '" label="Add"/>'); + + $this->elementStart('fb:request-form', array('action' => 'invite.php', + 'method' => 'post', + 'invite' => 'true', + 'type' => common_config('site', 'name'), + 'content' => $content)); + $this->hidden('invite', 'true'); + $actiontext = sprintf(_('Invite your friends to use %s'), common_config('site', 'name')); + $this->element('fb:multi-friend-selector', array('showborder' => 'false', + 'actiontext' => $actiontext, + 'exclude_ids' => implode(',', $exclude_ids), + 'bypass' => 'cancel')); + + $this->elementEnd('fb:request-form'); + + $this->element('h2', null, sprintf(_('Friends already using %s:'), + common_config('site', 'name'))); + $this->elementStart("ul"); + + foreach ($exclude_ids as $friend) { + $this->elementStart('li'); + $this->element('fb:profile-pic', array('uid' => $friend)); + $this->element('fb:name', array('uid' => $friend, + 'capitalize' => 'true')); + $this->elementEnd('li'); + } + + $this->elementEnd("ul"); + } + + function title() + { + return sprintf(_('Send invitations')); + } } diff --git a/actions/facebooklogin.php b/actions/facebooklogin.php new file mode 100644 index 000000000..94d494a82 --- /dev/null +++ b/actions/facebooklogin.php @@ -0,0 +1,101 @@ +<?php +/* + * Laconica - a distributed open-source microblogging tool + * Copyright (C) 2008, Controlez-Vous, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +if (!defined('LACONICA')) { exit(1); } + +require_once(INSTALLDIR.'/lib/facebookaction.php'); + +class FacebookinviteAction extends FacebookAction +{ + + function handle($args) + { + parent::handle($args); + + $this->error = $error; + + if ($this->flink) { + if (!$this->facebook->api_client->users_hasAppPermission('status_update') && + $this->facebook->api_client->data_getUserPreference( + FACEBOOK_PROMPTED_UPDATE_PREF) == 'true') { + + echo '<h1>REDIRECT TO HOME</h1>'; + } + } else { + $this->showPage(); + } + } + + + function showContent() + { + + // If the user has opted not to initially allow the app to have + // Facebook status update permission, store that preference. Only + // promt the user the first time she uses the app + if ($this->arg('skip')) { + $this->facebook->api_client->data_setUserPreference( + FACEBOOK_PROMPTED_UPDATE_PREF, 'true'); + } + + if ($this->flink) { + + $this->user = $this->flink->getUser(); + + // If this is the first time the user has started the app + // prompt for Facebook status update permission + if (!$this->facebook->api_client->users_hasAppPermission('status_update')) { + + if ($this->facebook->api_client->data_getUserPreference( + FACEBOOK_PROMPTED_UPDATE_PREF) != 'true') { + $this->getUpdatePermission(); + return; + } + } + + } else { + $this->showLoginForm(); + } + + } + + function showSuccessContent() + { + + + + } + + function showFormContent() + { + + + } + + function title() + { + return sprintf(_('Login')); + } + + function redirectHome() + { + + } + +} diff --git a/actions/facebookremove.php b/actions/facebookremove.php index 2a7bdd03e..376e12a2e 100644 --- a/actions/facebookremove.php +++ b/actions/facebookremove.php @@ -10,56 +10,58 @@ * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. + * along with this program. If not, see <http://www.gnu.org/licenses/>. */ if (!defined('LACONICA')) { exit(1); } -require_once(INSTALLDIR.'/lib/facebookaction.php'); +require_once INSTALLDIR.'/lib/facebookaction.php'; -class FacebookremoveAction extends FacebookAction { +class FacebookremoveAction extends FacebookAction +{ - function handle($args) { - parent::handle($args); + function handle($args) + { + parent::handle($args); - $secret = common_config('facebook', 'secret'); + $secret = common_config('facebook', 'secret'); - $sig = ''; + $sig = ''; - ksort($_POST); + ksort($_POST); - foreach ($_POST as $key => $val) { - if (substr($key, 0, 7) == 'fb_sig_') { - $sig .= substr($key, 7) . '=' . $val; - } - } + foreach ($_POST as $key => $val) { + if (substr($key, 0, 7) == 'fb_sig_') { + $sig .= substr($key, 7) . '=' . $val; + } + } - $sig .= $secret; - $verify = md5($sig); + $sig .= $secret; + $verify = md5($sig); - if ($verify == $this->arg('fb_sig')) { + if ($verify == $this->arg('fb_sig')) { - $flink = Foreign_link::getByForeignID($this->arg('fb_sig_user'), 2); + $flink = Foreign_link::getByForeignID($this->arg('fb_sig_user'), 2); - common_debug("Removing foreign link to Facebook - local user ID: $flink->user_id, Facebook ID: $flink->foreign_id"); + common_debug("Removing foreign link to Facebook - local user ID: $flink->user_id, Facebook ID: $flink->foreign_id"); - $result = $flink->delete(); + $result = $flink->delete(); - if (!$result) { - common_log_db_error($flink, 'DELETE', __FILE__); - common_server_error(_('Couldn\'t remove Facebook user.')); - return; - } + if (!$result) { + common_log_db_error($flink, 'DELETE', __FILE__); + $this->serverError(_('Couldn\'t remove Facebook user.')); + return; + } - } else { - # Someone bad tried to remove facebook link? - common_log(LOG_ERR, "Someone from $_SERVER[REMOTE_ADDR] " . - 'unsuccessfully tried to remove a foreign link to Facebook!'); - } - } + } else { + # Someone bad tried to remove facebook link? + common_log(LOG_ERR, "Someone from $_SERVER[REMOTE_ADDR] " . + 'unsuccessfully tried to remove a foreign link to Facebook!'); + } + } } diff --git a/actions/facebooksettings.php b/actions/facebooksettings.php index 4d7000d60..236460c1c 100644 --- a/actions/facebooksettings.php +++ b/actions/facebooksettings.php @@ -10,43 +10,141 @@ * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. + * along with this program. If not, see <http://www.gnu.org/licenses/>. */ if (!defined('LACONICA')) { exit(1); } -require_once(INSTALLDIR.'/lib/facebookaction.php'); +require_once INSTALLDIR.'/lib/facebookaction.php'; -class FacebooksettingsAction extends FacebookAction { +class FacebooksettingsAction extends FacebookAction +{ - function handle($args) { - parent::handle($args); + function handle($args) + { + parent::handle($args); + $this->showPage(); + } - $this->display(); - } + /** + * Show the page content + * + * Either shows the registration form or, if registration was successful, + * instructions for using the site. + * + * @return void + */ - function display() { + function showContent() + { + if ($this->arg('save')) { + $this->saveSettings(); + } else { + $this->showForm(); + } + } - $facebook = $this->get_facebook(); + function saveSettings() { - $fbuid = $facebook->require_login(); + $noticesync = $this->arg('noticesync'); + $replysync = $this->arg('replysync'); + $prefix = $this->trimmed('prefix'); - $fbml = '<fb:if-section-not-added section="profile">' - .'<h2>Add an Identi.ca box to your profile!</h2>' - .'<fb:add-section-button section="profile"/>' - .'</fb:if-section-not-added>'; + $original = clone($this->flink); + $this->flink->set_flags($noticesync, $replysync, false); + $result = $this->flink->update($original); + $this->facebook->api_client->data_setUserPreference(FACEBOOK_NOTICE_PREFIX, + substr($prefix, 0, 128)); - $this->show_header('Settings'); + if ($result === false) { + $this->showForm(_('There was a problem saving your sync preferences!')); + } else { + $this->showForm(_('Sync preferences saved.'), true); + } + } - echo $fbml; + function showForm($msg = null, $success = false) { - $this->show_footer(); + if ($msg) { + if ($success) { + $this->element('fb:success', array('message' => $msg)); + } else { + $this->element('fb:error', array('message' => $msg)); + } + } - } + if ($this->facebook->api_client->users_hasAppPermission('status_update')) { + + $this->elementStart('form', array('method' => 'post', + 'id' => 'facebook_settings')); + + $this->elementStart('ul', 'form_data'); + + $this->elementStart('li'); + + $this->checkbox('noticesync', _('Automatically update my Facebook status with my notices.'), + ($this->flink) ? ($this->flink->noticesync & FOREIGN_NOTICE_SEND) : true); + + $this->elementEnd('li'); + + $this->elementStart('li'); + + $this->checkbox('replysync', _('Send "@" replies to Facebook.'), + ($this->flink) ? ($this->flink->noticesync & FOREIGN_NOTICE_SEND_REPLY) : true); + + $this->elementEnd('li'); + + $this->elementStart('li'); + + $prefix = $this->facebook->api_client->data_getUserPreference(FACEBOOK_NOTICE_PREFIX); + + $this->input('prefix', _('Prefix'), + ($prefix) ? $prefix : null, + _('A string to prefix notices with.')); + + $this->elementEnd('li'); + + $this->elementStart('li'); + + $this->submit('save', _('Save')); + + $this->elementEnd('li'); + + $this->elementEnd('ul'); + + $this->elementEnd('form'); + + } else { + + $instructions = sprintf(_('If you would like %s to automatically update ' . + 'your Facebook status with your latest notice, you need ' . + 'to give it permission.'), $this->app_name); + + $this->elementStart('p'); + $this->element('span', array('id' => 'permissions_notice'), $instructions); + $this->elementEnd('p'); + + $this->elementStart('ul', array('id' => 'fb-permissions-list')); + $this->elementStart('li', array('id' => 'fb-permissions-item')); + $this->elementStart('fb:prompt-permission', array('perms' => 'status_update', + 'next_fbjs' => 'document.setLocation(\'' . "$this->app_uri/settings.php" . '\')')); + $this->element('span', array('class' => 'facebook-button'), + sprintf(_('Allow %s to update my Facebook status'), common_config('site', 'name'))); + $this->elementEnd('fb:prompt-permission'); + $this->elementEnd('li'); + $this->elementEnd('ul'); + } + + } + + function title() + { + return _('Sync preferences'); + } } diff --git a/actions/favor.php b/actions/favor.php index aede32902..8ecde4b11 100644 --- a/actions/favor.php +++ b/actions/favor.php @@ -1,4 +1,18 @@ <?php + +/** + * Favor action. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * + /* * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. @@ -17,78 +31,97 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/mail.php'); - -class FavorAction extends Action { - - function handle($args) { - parent::handle($args); - - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - return; - } - - $user = common_current_user(); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('showfavorites', array('nickname' => $user->nickname))); - return; - } - - $id = $this->trimmed('notice'); - - $notice = Notice::staticGet($id); - - # CSRF protection - - $token = $this->trimmed('token-'.$notice->id); - if (!$token || $token != common_session_token()) { - $this->client_error(_("There was a problem with your session token. Try again, please.")); - return; - } - - if ($user->hasFave($notice)) { - $this->client_error(_('This notice is already a favorite!')); - return; - } - - $fave = Fave::addNew($user, $notice); - - if (!$fave) { - $this->server_error(_('Could not create favorite.')); - return; - } - - $this->notify($fave, $notice, $user); - $user->blowFavesCache(); - - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Disfavor favorite')); - common_element_end('head'); - common_element_start('body'); - common_disfavor_form($notice); - common_element_end('body'); - common_element_end('html'); - } else { - common_redirect(common_local_url('showfavorites', - array('nickname' => $user->nickname))); - } - } +if (!defined('LACONICA')) { + exit(1); +} - function notify($fave, $notice, $user) { - $other = User::staticGet('id', $notice->profile_id); - if ($other && $other->id != $user->id) { - if ($other->email && $other->emailnotifyfav) { - mail_notify_fave($other, $user, $notice); - } - # XXX: notify by IM - # XXX: notify by SMS - } - } +require_once INSTALLDIR.'/lib/mail.php'; +require_once INSTALLDIR.'/lib/disfavorform.php'; +/** + * Favor class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class FavorAction extends Action +{ + /** + * Class handler. + * + * @param array $args query arguments + * + * @return void + */ + function handle($args) + { + parent::handle($args); + if (!common_logged_in()) { + $this->clientError(_('Not logged in.')); + return; + } + $user = common_current_user(); + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + common_redirect(common_local_url('showfavorites', + array('nickname' => $user->nickname))); + return; + } + $id = $this->trimmed('notice'); + $notice = Notice::staticGet($id); + $token = $this->trimmed('token-'.$notice->id); + if (!$token || $token != common_session_token()) { + $this->clientError(_("There was a problem with your session token. Try again, please.")); + return; + } + if ($user->hasFave($notice)) { + $this->clientError(_('This notice is already a favorite!')); + return; + } + $fave = Fave::addNew($user, $notice); + if (!$fave) { + $this->serverError(_('Could not create favorite.')); + return; + } + $this->notify($notice, $user); + $user->blowFavesCache(); + if ($this->boolean('ajax')) { + $this->startHTML('text/xml;charset=utf-8', true); + $this->elementStart('head'); + $this->element('title', null, _('Disfavor favorite')); + $this->elementEnd('head'); + $this->elementStart('body'); + $disfavor = new DisFavorForm($this, $notice); + $disfavor->show(); + $this->elementEnd('body'); + $this->elementEnd('html'); + } else { + common_redirect(common_local_url('showfavorites', + array('nickname' => $user->nickname))); + } + } + + /** + * Notifies a user when his notice is favorited. + * + * @param class $notice favorited notice + * @param class $user user declaring a favorite + * + * @return void + */ + function notify($notice, $user) + { + $other = User::staticGet('id', $notice->profile_id); + if ($other && $other->id != $user->id) { + if ($other->email && $other->emailnotifyfav) { + mail_notify_fave($other, $user, $notice); + } + // XXX: notify by IM + // XXX: notify by SMS + } + } } + diff --git a/actions/favorited.php b/actions/favorited.php index dc8070d06..4155b3a23 100644 --- a/actions/favorited.php +++ b/actions/favorited.php @@ -1,99 +1,195 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * List of popular notices + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Public + * @package Laconica + * @author Zach Copley <zach@controlyourself.ca> + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/stream.php'); - -class FavoritedAction extends StreamAction { - - function handle($args) { - parent::handle($args); - - $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - - common_show_header(_('Popular notices'), - array($this, 'show_header'), NULL, - array($this, 'show_top')); - - $this->show_notices($page); - - common_show_footer(); - } - - function show_top() { - $instr = $this->get_instructions(); - $output = common_markup_to_html($instr); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - $this->public_views_menu(); - } - - function show_header() { - return; - } - - function get_instructions() { - return _('Showing recently popular notices'); - } - - function show_notices($page) { - - $qry = 'SELECT notice.*, sum(exp(-(now() - fave.modified) / %s)) as weight ' . - 'FROM notice JOIN fave ON notice.id = fave.notice_id ' . - 'GROUP BY fave.notice_id ' . - 'ORDER BY weight DESC'; - - $offset = ($page - 1) * NOTICES_PER_PAGE; - $limit = NOTICES_PER_PAGE + 1; - - if (common_config('db','type') == 'pgsql') { - $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset; - } else { - $qry .= ' LIMIT ' . $offset . ', ' . $limit; - } - - # Figure out how to cache this query - - $notice = new Notice; - $notice->query(sprintf($qry, common_config('popular', 'dropoff'))); - - common_element_start('ul', array('id' => 'notices')); - - $cnt = 0; - - while ($notice->fetch() && $cnt <= NOTICES_PER_PAGE) { - $cnt++; - - if ($cnt > NOTICES_PER_PAGE) { - break; - } - - $item = new NoticeListItem($notice); - $item->show(); - } +if (!defined('LACONICA')) { + exit(1); +} - common_element_end('ul'); +require_once INSTALLDIR.'/lib/publicgroupnav.php'; +require_once INSTALLDIR.'/lib/noticelist.php'; - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'favorited'); - } +/** + * List of popular notices + * + * We provide a list of the most popular notices. Popularity + * is measured by + * + * @category Personal + * @package Laconica + * @author Zach Copley <zach@controlyourself.ca> + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ +class FavoritedAction extends Action +{ + var $page = null; + + /** + * Title of the page + * + * @return string Title of the page + */ + + function title() + { + if ($this->page == 1) { + return _('Popular notices'); + } else { + return sprintf(_('Popular notices, page %d'), $this->page); + } + } + + /** + * Instructions for use + * + * @return instructions for use + */ + + function getInstructions() + { + return _('The most popular notices on the site right now.'); + } + + /** + * Is this page read-only? + * + * @return boolean true + */ + + function isReadOnly() + { + return true; + } + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + * + * @todo move queries from showContent() to here + */ + + function prepare($args) + { + parent::prepare($args); + $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; + return true; + } + + /** + * Handle request + * + * Shows a page with list of favorite notices + * + * @param array $args $_REQUEST args; handled in prepare() + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + $this->showPage(); + } + + /** + * Show the page notice + * + * Shows instructions for the page + * + * @return void + */ + + function showPageNotice() + { + $instr = $this->getInstructions(); + $output = common_markup_to_html($instr); + + $this->elementStart('div', 'instructions'); + $this->raw($output); + $this->elementEnd('div'); + } + + /** + * Local navigation + * + * This page is part of the public group, so show that. + * + * @return void + */ + + function showLocalNav() + { + $nav = new PublicGroupNav($this); + $nav->show(); + } + + /** + * Content area + * + * Shows the list of popular notices + * + * @return void + */ + + function showContent() + { + $qry = 'SELECT notice.*, '. + 'sum(exp(-(now() - fave.modified) / %s)) as weight ' . + 'FROM notice JOIN fave ON notice.id = fave.notice_id ' . + 'GROUP BY fave.notice_id ' . + 'ORDER BY weight DESC'; + + $offset = ($this->page - 1) * NOTICES_PER_PAGE; + $limit = NOTICES_PER_PAGE + 1; + + if (common_config('db', 'type') == 'pgsql') { + $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset; + } else { + $qry .= ' LIMIT ' . $offset . ', ' . $limit; + } + + $notice = Memcached_DataObject::cachedQuery('Notice', + sprintf($qry, common_config('popular', 'dropoff')), + 600); + + $nl = new NoticeList($notice, $this); + + $cnt = $nl->show(); + + $this->pagination($this->page > 1, $cnt > NOTICES_PER_PAGE, + $this->page, 'favorited'); + } } diff --git a/actions/favoritesrss.php b/actions/favoritesrss.php index 25dd3861f..19339325c 100644 --- a/actions/favoritesrss.php +++ b/actions/favoritesrss.php @@ -1,5 +1,17 @@ <?php -/* + +/** + * RSS feed for user favorites action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,57 +29,90 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/rssaction.php'); - -// Formatting of RSS handled by Rss10Action - -class FavoritesrssAction extends Rss10Action { +if (!defined('LACONICA')) { + exit(1); +} - var $user = NULL; - - function init() { - $nickname = $this->trimmed('nickname'); - $this->user = User::staticGet('nickname', $nickname); +require_once INSTALLDIR.'/lib/rssaction.php'; - if (!$this->user) { - common_user_error(_('No such user.')); - return false; - } else { - return true; - } - } - - function get_notices($limit=0) { - - $user = $this->user; - - $notice = $user->favoriteNotices(0, $limit); - - $notices = array(); +/** + * RSS feed for user favorites action class. + * + * Formatting of RSS handled by Rss10Action + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class FavoritesrssAction extends Rss10Action +{ + var $user = null; + + /** + * Initialization. + * + * @return boolean false if user doesn't exist + */ + function init() + { + $nickname = $this->trimmed('nickname'); + $this->user = User::staticGet('nickname', $nickname); + if (!$this->user) { + $this->clientError(_('No such user.')); + return false; + } else { + return true; + } + } - while ($notice->fetch()) { - $notices[] = clone($notice); - } + /** + * Get notices + * + * @param integer $limit max number of notices to return + * + * @return array notices + */ + function getNotices($limit=0) + { + $user = $this->user; + $notice = $user->favoriteNotices(0, $limit); + $notices = array(); + while ($notice->fetch()) { + $notices[] = clone($notice); + } + return $notices; + } - return $notices; - } + /** + * Get channel. + * + * @return array associative array on channel information + */ + function getChannel() + { + $user = $this->user; + $c = array('url' => common_local_url('favoritesrss', + array('nickname' => + $user->nickname)), + 'title' => sprintf(_("%s favorite notices"), $user->nickname), + 'link' => common_local_url('showfavorites', + array('nickname' => + $user->nickname)), + 'description' => sprintf(_('Feed of favorite notices of %s'), $user->nickname)); + return $c; + } - function get_channel() { - $user = $this->user; - $c = array('url' => common_local_url('favoritesrss', - array('nickname' => - $user->nickname)), - 'title' => sprintf(_("%s favorite notices"), $user->nickname), - 'link' => common_local_url('showfavorites', - array('nickname' => - $user->nickname)), - 'description' => sprintf(_('Feed of favorite notices of %s'), $user->nickname)); - return $c; - } + /** + * Get image. + * + * @return voir + */ + function getImage() + { + return null; + } +} - function get_image() { - return NULL; - } -}
\ No newline at end of file diff --git a/actions/featured.php b/actions/featured.php index 96fbd89ab..f3bade6a5 100644 --- a/actions/featured.php +++ b/actions/featured.php @@ -1,102 +1,148 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * List of featured users + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Public + * @package Laconica + * @author Zach Copley <zach@controlyourself.ca> + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/stream.php'); require_once(INSTALLDIR.'/lib/profilelist.php'); +require_once INSTALLDIR.'/lib/publicgroupnav.php'; -class FeaturedAction extends StreamAction { - - function handle($args) { - parent::handle($args); - - $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - - common_show_header(_('Featured users'), - array($this, 'show_header'), NULL, - array($this, 'show_top')); - - $this->show_notices($page); - - common_show_footer(); - } - - function show_top() { - $instr = $this->get_instructions(); - $output = common_markup_to_html($instr); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - $this->public_views_menu(); - } - - function show_header() { - } - - function get_instructions() { - return _('Featured users'); - } - - function show_notices($page) { - - // XXX: Note I'm doing it this two-stage way because a raw query - // with a JOIN was *not* working. --Zach - - $featured_nicks = common_config('nickname', 'featured'); - - if (count($featured_nicks) > 0) { - - $quoted = array(); - - foreach ($featured_nicks as $nick) { - $quoted[] = "'$nick'"; - } - - $user = new User; - $user->whereAdd(sprintf('nickname IN (%s)', implode(',', $quoted))); - $user->limit(($page - 1) * PROFILES_PER_PAGE, PROFILES_PER_PAGE + 1); - $user->orderBy('user.nickname ASC'); - - $user->find(); - - $profile_ids = array(); - - while ($user->fetch()) { - $profile_ids[] = $user->id; - } - - $profile = new Profile; - $profile->whereAdd(sprintf('profile.id IN (%s)', implode(',', $profile_ids))); - $profile->orderBy('nickname ASC'); - - $cnt = $profile->find(); - - if ($cnt > 0) { - $featured = new ProfileList($profile); - $featured->show_list(); - } - - $profile->free(); - - common_pagination($page > 1, $cnt > PROFILES_PER_PAGE, $page, 'featured'); - } - } +/** + * List of featured users + * + * @category Public + * @package Laconica + * @author Zach Copley <zach@controlyourself.ca> + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ +class FeaturedAction extends Action +{ + var $page = null; + + function isReadOnly() + { + return true; + } + + function prepare($args) + { + parent::prepare($args); + $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; + + return true; + } + + function title() + { + if ($this->page == 1) { + return _('Featured users'); + } else { + return sprintf(_('Featured users, page %d'), $this->page); + } + } + + function handle($args) + { + parent::handle($args); + + $this->showPage(); + } + + function showPageNotice() + { + $instr = $this->getInstructions(); + $output = common_markup_to_html($instr); + $this->elementStart('div', 'instructions'); + $this->raw($output); + $this->elementEnd('div'); + } + + function showLocalNav() + { + $nav = new PublicGroupNav($this); + $nav->show(); + } + + function getInstructions() + { + return sprintf(_('A selection of some of the great users on %s'), + common_config('site', 'name')); + } + + function showContent() + { + // XXX: Note I'm doing it this two-stage way because a raw query + // with a JOIN was *not* working. --Zach + + $featured_nicks = common_config('nickname', 'featured'); + + if (count($featured_nicks) > 0) { + + $quoted = array(); + + foreach ($featured_nicks as $nick) { + $quoted[] = "'$nick'"; + } + + $user = new User; + $user->whereAdd(sprintf('nickname IN (%s)', implode(',', $quoted))); + $user->limit(($this->page - 1) * PROFILES_PER_PAGE, PROFILES_PER_PAGE + 1); + $user->orderBy('user.nickname ASC'); + + $user->find(); + + $profile_ids = array(); + + while ($user->fetch()) { + $profile_ids[] = $user->id; + } + + $profile = new Profile; + $profile->whereAdd(sprintf('profile.id IN (%s)', implode(',', $profile_ids))); + $profile->orderBy('nickname ASC'); + + $cnt = $profile->find(); + + if ($cnt > 0) { + $featured = new ProfileList($profile, null, $this); + $featured->show(); + } + + $profile->free(); + + $this->pagination($this->page > 1, $cnt > PROFILES_PER_PAGE, + $this->page, 'featured'); + } + } }
\ No newline at end of file diff --git a/actions/finishaddopenid.php b/actions/finishaddopenid.php index 54d81b0b4..8f10505cf 100644 --- a/actions/finishaddopenid.php +++ b/actions/finishaddopenid.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Complete adding an OpenID + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,89 +18,168 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/openid.php'); - -class FinishaddopenidAction extends Action { - - function handle($args) { - parent::handle($args); - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - } else { - $this->try_login(); - } - } - - function try_login() { - - $consumer =& oid_consumer(); - - $response = $consumer->complete(common_local_url('finishaddopenid')); - - if ($response->status == Auth_OpenID_CANCEL) { - $this->message(_('OpenID authentication cancelled.')); - return; - } else if ($response->status == Auth_OpenID_FAILURE) { - // Authentication failed; display the error message. - $this->message(sprintf(_('OpenID authentication failed: %s'), $response->message)); - } else if ($response->status == Auth_OpenID_SUCCESS) { - - $display = $response->getDisplayIdentifier(); - $canonical = ($response->endpoint && $response->endpoint->canonicalID) ? - $response->endpoint->canonicalID : $display; - - $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); - - if ($sreg_resp) { - $sreg = $sreg_resp->contents(); - } - - $cur =& common_current_user(); - $other = oid_get_user($canonical); - - if ($other) { - if ($other->id == $cur->id) { - $this->message(_('You already have this OpenID!')); - } else { - $this->message(_('Someone else already has this OpenID.')); - } - return; - } - - # start a transaction - - $cur->query('BEGIN'); - - $result = oid_link_user($cur->id, $canonical, $display); - - if (!$result) { - $this->message(_('Error connecting user.')); - return; - } - if ($sreg) { - if (!oid_update_user($cur, $sreg)) { - $this->message(_('Error updating profile')); - return; - } - } - - # success! - - $cur->query('COMMIT'); +if (!defined('LACONICA')) { + exit(1); +} - oid_set_last($display); +require_once INSTALLDIR.'/lib/openid.php'; - common_redirect(common_local_url('openidsettings')); - } - } +/** + * Complete adding an OpenID + * + * Handle the return from an OpenID verification + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ - function message($msg) { - common_show_header(_('OpenID Login')); - common_element('p', NULL, $msg); - common_show_footer(); - } +class FinishaddopenidAction extends Action +{ + var $msg = null; + + /** + * Handle the redirect back from OpenID confirmation + * + * Check to see if the user's logged in, and then try + * to use the OpenID login system. + * + * @param array $args $_REQUEST arguments + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + if (!common_logged_in()) { + $this->clientError(_('Not logged in.')); + } else { + $this->tryLogin(); + } + } + + /** + * Try to log in using OpenID + * + * Check the OpenID for validity; potentially store it. + * + * @return void + */ + + function tryLogin() + { + $consumer =& oid_consumer(); + + $response = $consumer->complete(common_local_url('finishaddopenid')); + + if ($response->status == Auth_OpenID_CANCEL) { + $this->message(_('OpenID authentication cancelled.')); + return; + } else if ($response->status == Auth_OpenID_FAILURE) { + // Authentication failed; display the error message. + $this->message(sprintf(_('OpenID authentication failed: %s'), + $response->message)); + } else if ($response->status == Auth_OpenID_SUCCESS) { + + $display = $response->getDisplayIdentifier(); + $canonical = ($response->endpoint && $response->endpoint->canonicalID) ? + $response->endpoint->canonicalID : $display; + + $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); + + if ($sreg_resp) { + $sreg = $sreg_resp->contents(); + } + + $cur =& common_current_user(); + + $other = oid_get_user($canonical); + + if ($other) { + if ($other->id == $cur->id) { + $this->message(_('You already have this OpenID!')); + } else { + $this->message(_('Someone else already has this OpenID.')); + } + return; + } + + // start a transaction + + $cur->query('BEGIN'); + + $result = oid_link_user($cur->id, $canonical, $display); + + if (!$result) { + $this->message(_('Error connecting user.')); + return; + } + if ($sreg) { + if (!oid_update_user($cur, $sreg)) { + $this->message(_('Error updating profile')); + return; + } + } + + // success! + + $cur->query('COMMIT'); + + oid_set_last($display); + + common_redirect(common_local_url('openidsettings')); + } + } + + /** + * Show a failure message + * + * Something went wrong. Save the message, and show the page. + * + * @param string $msg Error message to show + * + * @return void + */ + + function message($msg) + { + $this->message = $msg; + $this->showPage(); + } + + /** + * Title of the page + * + * @return string title + */ + + function title() + { + return _('OpenID Login'); + } + + /** + * Show error message + * + * @return void + */ + + function showPageNotice() + { + if ($this->message) { + $this->element('p', 'error', $this->message); + } + } } diff --git a/actions/finishimmediate.php b/actions/finishimmediate.php deleted file mode 100644 index 6dbaa3d1c..000000000 --- a/actions/finishimmediate.php +++ /dev/null @@ -1,65 +0,0 @@ -<?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/openid.php'); - -class FinishimmediateAction extends Action { - - function handle($args) { - parent::handle($args); - - $consumer = oid_consumer(); - - $response = $consumer->complete(common_local_url('finishimmediate')); - - if ($response->status == Auth_OpenID_SUCCESS) { - $display = $response->getDisplayIdentifier(); - $canonical = ($response->endpoint->canonicalID) ? - $response->endpoint->canonicalID : $response->getDisplayIdentifier(); - - $user = oid_get_user($canonical); - - if ($user) { - oid_update_user($user, $sreg); - oid_set_last($display); # refresh for another year - common_set_user($user->nickname); - $this->go_backto(); - return; - } - } - - # Failure! Clear openid so we don't try it again - - oid_clear_last(); - $this->go_backto(); - return; - } - - function go_backto() { - common_ensure_session(); - $backto = $_SESSION['openid_immediate_backto']; - if (!$backto) { - # gar. Well, push them to the public page - $backto = common_local_url('public'); - } - common_redirect($backto); - } -} diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php index 766a08b20..880a9505b 100644 --- a/actions/finishopenidlogin.php +++ b/actions/finishopenidlogin.php @@ -21,416 +21,447 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/openid.php'); -class FinishopenidloginAction extends Action { - - function handle($args) { - parent::handle($args); - if (common_logged_in()) { - common_user_error(_('Already logged in.')); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - if ($this->arg('create')) { - if (!$this->boolean('license')) { - $this->show_form(_('You can\'t register if you don\'t agree to the license.'), - $this->trimmed('newname')); - return; - } - $this->create_new_user(); - } else if ($this->arg('connect')) { - $this->connect_user(); - } else { - common_debug(print_r($this->args, true), __FILE__); - $this->show_form(_('Something weird happened.'), - $this->trimmed('newname')); - } - } else { - $this->try_login(); - } - } - - function show_top($error=NULL) { - if ($error) { - common_element('div', array('class' => 'error'), $error); - } else { - global $config; - common_element('div', 'instructions', - sprintf(_('This is the first time you\'ve logged into %s so we must connect your OpenID to a local account. You can either create a new account, or connect with your existing account, if you have one.'), $config['site']['name'])); - } - } - - function show_form($error=NULL, $username=NULL) { - common_show_header(_('OpenID Account Setup'), NULL, $error, - array($this, 'show_top')); - - common_element_start('form', array('method' => 'post', - 'id' => 'account_connect', - 'action' => common_local_url('finishopenidlogin'))); - common_hidden('token', common_session_token()); - common_element('h2', NULL, - _('Create new account')); - common_element('p', NULL, - _('Create a new user with this nickname.')); - common_input('newname', _('New nickname'), - ($username) ? $username : '', - _('1-64 lowercase letters or numbers, no punctuation or spaces')); - common_element_start('p'); - common_element('input', array('type' => 'checkbox', - 'id' => 'license', - 'name' => 'license', - 'value' => 'true')); - common_text(_('My text and files are available under ')); - common_element('a', array(href => common_config('license', 'url')), - common_config('license', 'title')); - common_text(_(' except this private data: password, email address, IM address, phone number.')); - common_element_end('p'); - common_submit('create', _('Create')); - common_element('h2', NULL, - _('Connect existing account')); - common_element('p', NULL, - _('If you already have an account, login with your username and password to connect it to your OpenID.')); - common_input('nickname', _('Existing nickname')); - common_password('password', _('Password')); - common_submit('connect', _('Connect')); - common_element_end('form'); - common_show_footer(); - } - - function try_login() { - - $consumer = oid_consumer(); - - $response = $consumer->complete(common_local_url('finishopenidlogin')); - - if ($response->status == Auth_OpenID_CANCEL) { - $this->message(_('OpenID authentication cancelled.')); - return; - } else if ($response->status == Auth_OpenID_FAILURE) { - // Authentication failed; display the error message. - $this->message(sprintf(_('OpenID authentication failed: %s'), $response->message)); - } else if ($response->status == Auth_OpenID_SUCCESS) { - // This means the authentication succeeded; extract the - // identity URL and Simple Registration data (if it was - // returned). - $display = $response->getDisplayIdentifier(); - $canonical = ($response->endpoint->canonicalID) ? - $response->endpoint->canonicalID : $response->getDisplayIdentifier(); - - $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); - - if ($sreg_resp) { - $sreg = $sreg_resp->contents(); - } - - $user = oid_get_user($canonical); - - if ($user) { - oid_set_last($display); - # XXX: commented out at @edd's request until better - # control over how data flows from OpenID provider. - # oid_update_user($user, $sreg); - common_set_user($user); - common_real_login(true); - if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { - common_rememberme($user); - } - unset($_SESSION['openid_rememberme']); - $this->go_home($user->nickname); - } else { - $this->save_values($display, $canonical, $sreg); - $this->show_form(NULL, $this->best_new_nickname($display, $sreg)); - } - } - } - - function message($msg) { - common_show_header(_('OpenID Login')); - common_element('p', NULL, $msg); - common_show_footer(); - } - - function save_values($display, $canonical, $sreg) { - common_ensure_session(); - $_SESSION['openid_display'] = $display; - $_SESSION['openid_canonical'] = $canonical; - $_SESSION['openid_sreg'] = $sreg; - } - - function get_saved_values() { - return array($_SESSION['openid_display'], - $_SESSION['openid_canonical'], - $_SESSION['openid_sreg']); - } - - function create_new_user() { +class FinishopenidloginAction extends Action +{ + var $error = null; + var $username = null; + var $message = null; + + function handle($args) + { + parent::handle($args); + if (common_logged_in()) { + $this->clientError(_('Already logged in.')); + } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. Try again, please.')); + return; + } + if ($this->arg('create')) { + if (!$this->boolean('license')) { + $this->showForm(_('You can\'t register if you don\'t agree to the license.'), + $this->trimmed('newname')); + return; + } + $this->createNewUser(); + } else if ($this->arg('connect')) { + $this->connectUser(); + } else { + common_debug(print_r($this->args, true), __FILE__); + $this->showForm(_('Something weird happened.'), + $this->trimmed('newname')); + } + } else { + $this->tryLogin(); + } + } + + function showPageNotice() + { + if ($this->error) { + $this->element('div', array('class' => 'error'), $this->error); + } else { + global $config; + $this->element('div', 'instructions', + sprintf(_('This is the first time you\'ve logged into %s so we must connect your OpenID to a local account. You can either create a new account, or connect with your existing account, if you have one.'), $config['site']['name'])); + } + } + + function title() + { + return _('OpenID Account Setup'); + } + + function showForm($error=null, $username=null) + { + $this->error = $error; + $this->username = $username; + + $this->showPage(); + } + + function showContent() + { + if ($this->message_text) { + $this->element('p', null, $this->message); + return; + } + $this->elementStart('form', array('method' => 'post', + 'id' => 'account_connect', + 'action' => common_local_url('finishopenidlogin'))); + $this->hidden('token', common_session_token()); + $this->element('h2', null, + _('Create new account')); + $this->element('p', null, + _('Create a new user with this nickname.')); + $this->input('newname', _('New nickname'), + ($this->username) ? $this->username : '', + _('1-64 lowercase letters or numbers, no punctuation or spaces')); + $this->elementStart('p'); + $this->element('input', array('type' => 'checkbox', + 'id' => 'license', + 'name' => 'license', + 'value' => 'true')); + $this->text(_('My text and files are available under ')); + $this->element('a', array('href' => common_config('license', 'url')), + common_config('license', 'title')); + $this->text(_(' except this private data: password, email address, IM address, phone number.')); + $this->elementEnd('p'); + $this->submit('create', _('Create')); + $this->element('h2', null, + _('Connect existing account')); + $this->element('p', null, + _('If you already have an account, login with your username and password to connect it to your OpenID.')); + $this->input('nickname', _('Existing nickname')); + $this->password('password', _('Password')); + $this->submit('connect', _('Connect')); + $this->elementEnd('form'); + } + + function tryLogin() + { + $consumer = oid_consumer(); + + $response = $consumer->complete(common_local_url('finishopenidlogin')); + + if ($response->status == Auth_OpenID_CANCEL) { + $this->message(_('OpenID authentication cancelled.')); + return; + } else if ($response->status == Auth_OpenID_FAILURE) { + // Authentication failed; display the error message. + $this->message(sprintf(_('OpenID authentication failed: %s'), $response->message)); + } else if ($response->status == Auth_OpenID_SUCCESS) { + // This means the authentication succeeded; extract the + // identity URL and Simple Registration data (if it was + // returned). + $display = $response->getDisplayIdentifier(); + $canonical = ($response->endpoint->canonicalID) ? + $response->endpoint->canonicalID : $response->getDisplayIdentifier(); + + $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response); + + if ($sreg_resp) { + $sreg = $sreg_resp->contents(); + } + + $user = oid_get_user($canonical); + + if ($user) { + oid_set_last($display); + # XXX: commented out at @edd's request until better + # control over how data flows from OpenID provider. + # oid_update_user($user, $sreg); + common_set_user($user); + common_real_login(true); + if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { + common_rememberme($user); + } + unset($_SESSION['openid_rememberme']); + $this->goHome($user->nickname); + } else { + $this->saveValues($display, $canonical, $sreg); + $this->showForm(null, $this->bestNewNickname($display, $sreg)); + } + } + } + + function message($msg) + { + $this->message_text = $msg; + $this->showPage(); + } + + function saveValues($display, $canonical, $sreg) + { + common_ensure_session(); + $_SESSION['openid_display'] = $display; + $_SESSION['openid_canonical'] = $canonical; + $_SESSION['openid_sreg'] = $sreg; + } + + function getSavedValues() + { + return array($_SESSION['openid_display'], + $_SESSION['openid_canonical'], + $_SESSION['openid_sreg']); + } + + function createNewUser() + { # FIXME: save invite code before redirect, and check here - if (common_config('site', 'closed') || common_config('site', 'inviteonly')) { - common_user_error(_('Registration not allowed.')); + if (common_config('site', 'closed') || common_config('site', 'inviteonly')) { + $this->clientError(_('Registration not allowed.')); return; } - $nickname = $this->trimmed('newname'); + $nickname = $this->trimmed('newname'); - if (!Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.')); - return; - } + if (!Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { + $this->showForm(_('Nickname must have only lowercase letters and numbers and no spaces.')); + return; + } - if (!User::allowed_nickname($nickname)) { - $this->show_form(_('Nickname not allowed.')); - return; - } + if (!User::allowed_nickname($nickname)) { + $this->showForm(_('Nickname not allowed.')); + return; + } - if (User::staticGet('nickname', $nickname)) { - $this->show_form(_('Nickname already in use. Try another one.')); - return; - } + if (User::staticGet('nickname', $nickname)) { + $this->showForm(_('Nickname already in use. Try another one.')); + return; + } - list($display, $canonical, $sreg) = $this->get_saved_values(); + list($display, $canonical, $sreg) = $this->getSavedValues(); - if (!$display || !$canonical) { - common_server_error(_('Stored OpenID not found.')); - return; - } + if (!$display || !$canonical) { + $this->serverError(_('Stored OpenID not found.')); + return; + } - # Possible race condition... let's be paranoid + # Possible race condition... let's be paranoid - $other = oid_get_user($canonical); + $other = oid_get_user($canonical); - if ($other) { - common_server_error(_('Creating new account for OpenID that already has a user.')); - return; - } + if ($other) { + $this->serverError(_('Creating new account for OpenID that already has a user.')); + return; + } - if ($sreg['country']) { - if ($sreg['postcode']) { - # XXX: use postcode to get city and region - # XXX: also, store postcode somewhere -- it's valuable! - $location = $sreg['postcode'] . ', ' . $sreg['country']; - } else { - $location = $sreg['country']; - } - } + if ($sreg['country']) { + if ($sreg['postcode']) { + # XXX: use postcode to get city and region + # XXX: also, store postcode somewhere -- it's valuable! + $location = $sreg['postcode'] . ', ' . $sreg['country']; + } else { + $location = $sreg['country']; + } + } - if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { - $fullname = $sreg['fullname']; - } + if ($sreg['fullname'] && strlen($sreg['fullname']) <= 255) { + $fullname = $sreg['fullname']; + } - if ($sreg['email'] && Validate::email($sreg['email'], true)) { - $email = $sreg['email']; - } + if ($sreg['email'] && Validate::email($sreg['email'], true)) { + $email = $sreg['email']; + } - # XXX: add language - # XXX: add timezone + # XXX: add language + # XXX: add timezone - $user = User::register(array('nickname' => $nickname, - 'email' => $email, - 'fullname' => $fullname, - 'location' => $location)); + $user = User::register(array('nickname' => $nickname, + 'email' => $email, + 'fullname' => $fullname, + 'location' => $location)); - $result = oid_link_user($user->id, $canonical, $display); + $result = oid_link_user($user->id, $canonical, $display); - oid_set_last($display); - common_set_user($user); - common_real_login(true); + oid_set_last($display); + common_set_user($user); + common_real_login(true); if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { - common_rememberme($user); - } + common_rememberme($user); + } unset($_SESSION['openid_rememberme']); - common_redirect(common_local_url('showstream', array('nickname' => $user->nickname))); - } - - function connect_user() { + common_redirect(common_local_url('showstream', array('nickname' => $user->nickname))); + } - $nickname = $this->trimmed('nickname'); - $password = $this->trimmed('password'); + function connectUser() + { + $nickname = $this->trimmed('nickname'); + $password = $this->trimmed('password'); - if (!common_check_user($nickname, $password)) { - $this->show_form(_('Invalid username or password.')); - return; - } + if (!common_check_user($nickname, $password)) { + $this->showForm(_('Invalid username or password.')); + return; + } - # They're legit! + # They're legit! - $user = User::staticGet('nickname', $nickname); + $user = User::staticGet('nickname', $nickname); - list($display, $canonical, $sreg) = $this->get_saved_values(); + list($display, $canonical, $sreg) = $this->getSavedValues(); - if (!$display || !$canonical) { - common_server_error(_('Stored OpenID not found.')); - return; - } + if (!$display || !$canonical) { + $this->serverError(_('Stored OpenID not found.')); + return; + } - $result = oid_link_user($user->id, $canonical, $display); + $result = oid_link_user($user->id, $canonical, $display); - if (!$result) { - common_server_error(_('Error connecting user to OpenID.')); - return; - } + if (!$result) { + $this->serverError(_('Error connecting user to OpenID.')); + return; + } - oid_update_user($user, $sreg); - oid_set_last($display); - common_set_user($user); - common_real_login(true); + oid_update_user($user, $sreg); + oid_set_last($display); + common_set_user($user); + common_real_login(true); if (isset($_SESSION['openid_rememberme']) && $_SESSION['openid_rememberme']) { - common_rememberme($user); - } - unset($_SESSION['openid_rememberme']); - $this->go_home($user->nickname); - } - - function go_home($nickname) { - $url = common_get_returnto(); - if ($url) { - # We don't have to return to it again - common_set_returnto(NULL); - } else { - $url = common_local_url('all', - array('nickname' => - $nickname)); - } - common_redirect($url); - } - - function best_new_nickname($display, $sreg) { - - # Try the passed-in nickname - - if ($sreg['nickname']) { - $nickname = $this->nicknamize($sreg['nickname']); - if ($this->is_new_nickname($nickname)) { - return $nickname; - } - } - - # Try the full name - - if ($sreg['fullname']) { - $fullname = $this->nicknamize($sreg['fullname']); - if ($this->is_new_nickname($fullname)) { - return $fullname; - } - } - - # Try the URL - - $from_url = $this->openid_to_nickname($display); - - if ($from_url && $this->is_new_nickname($from_url)) { - return $from_url; - } - - # XXX: others? - - return NULL; - } - - function is_new_nickname($str) { - if (!Validate::string($str, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - return false; - } - if (!User::allowed_nickname($str)) { - return false; - } - if (User::staticGet('nickname', $str)) { - return false; - } - return true; - } - - function openid_to_nickname($openid) { + common_rememberme($user); + } + unset($_SESSION['openid_rememberme']); + $this->goHome($user->nickname); + } + + function goHome($nickname) + { + $url = common_get_returnto(); + if ($url) { + # We don't have to return to it again + common_set_returnto(null); + } else { + $url = common_local_url('all', + array('nickname' => + $nickname)); + } + common_redirect($url); + } + + function bestNewNickname($display, $sreg) + { + + # Try the passed-in nickname + + if ($sreg['nickname']) { + $nickname = $this->nicknamize($sreg['nickname']); + if ($this->isNewNickname($nickname)) { + return $nickname; + } + } + + # Try the full name + + if ($sreg['fullname']) { + $fullname = $this->nicknamize($sreg['fullname']); + if ($this->isNewNickname($fullname)) { + return $fullname; + } + } + + # Try the URL + + $from_url = $this->openidToNickname($display); + + if ($from_url && $this->isNewNickname($from_url)) { + return $from_url; + } + + # XXX: others? + + return null; + } + + function isNewNickname($str) + { + if (!Validate::string($str, array('min_length' => 1, + 'max_length' => 64, + 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { + return false; + } + if (!User::allowed_nickname($str)) { + return false; + } + if (User::staticGet('nickname', $str)) { + return false; + } + return true; + } + + function openidToNickname($openid) + { if (Auth_Yadis_identifierScheme($openid) == 'XRI') { - return $this->xri_to_nickname($openid); - } else { - return $this->url_to_nickname($openid); - } - } - - # We try to use an OpenID URL as a legal Laconica user name in this order - # 1. Plain hostname, like http://evanp.myopenid.com/ - # 2. One element in path, like http://profile.typekey.com/EvanProdromou/ - # or http://getopenid.com/evanprodromou - - function url_to_nickname($openid) { - static $bad = array('query', 'user', 'password', 'port', 'fragment'); - - $parts = parse_url($openid); - - # If any of these parts exist, this won't work - - foreach ($bad as $badpart) { - if (array_key_exists($badpart, $parts)) { - return NULL; - } - } - - # We just have host and/or path - - # If it's just a host... - if (array_key_exists('host', $parts) && - (!array_key_exists('path', $parts) || strcmp($parts['path'], '/') == 0)) - { - $hostparts = explode('.', $parts['host']); - - # Try to catch common idiom of nickname.service.tld - - if ((count($hostparts) > 2) && - (strlen($hostparts[count($hostparts) - 2]) > 3) && # try to skip .co.uk, .com.au - (strcmp($hostparts[0], 'www') != 0)) - { - return $this->nicknamize($hostparts[0]); - } else { - # Do the whole hostname - return $this->nicknamize($parts['host']); - } - } else { - if (array_key_exists('path', $parts)) { - # Strip starting, ending slashes - $path = preg_replace('@/$@', '', $parts['path']); - $path = preg_replace('@^/@', '', $path); - if (strpos($path, '/') === false) { - return $this->nicknamize($path); - } - } - } - - return NULL; - } - - function xri_to_nickname($xri) { - $base = $this->xri_base($xri); - - if (!$base) { - return NULL; - } else { - # =evan.prodromou - # or @gratis*evan.prodromou - $parts = explode('*', substr($base, 1)); - return $this->nicknamize(array_pop($parts)); - } - } - - function xri_base($xri) { - if (substr($xri, 0, 6) == 'xri://') { - return substr($xri, 6); - } else { - return $xri; - } - } - - # Given a string, try to make it work as a nickname - - function nicknamize($str) { - $str = preg_replace('/\W/', '', $str); - return strtolower($str); - } + return $this->xriToNickname($openid); + } else { + return $this->urlToNickname($openid); + } + } + + # We try to use an OpenID URL as a legal Laconica user name in this order + # 1. Plain hostname, like http://evanp.myopenid.com/ + # 2. One element in path, like http://profile.typekey.com/EvanProdromou/ + # or http://getopenid.com/evanprodromou + + function urlToNickname($openid) + { + static $bad = array('query', 'user', 'password', 'port', 'fragment'); + + $parts = parse_url($openid); + + # If any of these parts exist, this won't work + + foreach ($bad as $badpart) { + if (array_key_exists($badpart, $parts)) { + return null; + } + } + + # We just have host and/or path + + # If it's just a host... + if (array_key_exists('host', $parts) && + (!array_key_exists('path', $parts) || strcmp($parts['path'], '/') == 0)) + { + $hostparts = explode('.', $parts['host']); + + # Try to catch common idiom of nickname.service.tld + + if ((count($hostparts) > 2) && + (strlen($hostparts[count($hostparts) - 2]) > 3) && # try to skip .co.uk, .com.au + (strcmp($hostparts[0], 'www') != 0)) + { + return $this->nicknamize($hostparts[0]); + } else { + # Do the whole hostname + return $this->nicknamize($parts['host']); + } + } else { + if (array_key_exists('path', $parts)) { + # Strip starting, ending slashes + $path = preg_replace('@/$@', '', $parts['path']); + $path = preg_replace('@^/@', '', $path); + if (strpos($path, '/') === false) { + return $this->nicknamize($path); + } + } + } + + return null; + } + + function xriToNickname($xri) + { + $base = $this->xriBase($xri); + + if (!$base) { + return null; + } else { + # =evan.prodromou + # or @gratis*evan.prodromou + $parts = explode('*', substr($base, 1)); + return $this->nicknamize(array_pop($parts)); + } + } + + function xriBase($xri) + { + if (substr($xri, 0, 6) == 'xri://') { + return substr($xri, 6); + } else { + return $xri; + } + } + + # Given a string, try to make it work as a nickname + + function nicknamize($str) + { + $str = preg_replace('/\W/', '', $str); + return strtolower($str); + } } diff --git a/actions/finishremotesubscribe.php b/actions/finishremotesubscribe.php index 58040683f..f9094a50c 100644 --- a/actions/finishremotesubscribe.php +++ b/actions/finishremotesubscribe.php @@ -21,176 +21,178 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/omb.php'); -class FinishremotesubscribeAction extends Action { +class FinishremotesubscribeAction extends Action +{ - function handle($args) { + function handle($args) + { - parent::handle($args); + parent::handle($args); - if (common_logged_in()) { - common_user_error(_('You can use the local subscription!')); - return; - } + if (common_logged_in()) { + $this->clientError(_('You can use the local subscription!')); + return; + } + + $omb = $_SESSION['oauth_authorization_request']; + + if (!$omb) { + $this->clientError(_('Not expecting this response!')); + return; + } + + common_debug('stored request: '.print_r($omb,true), __FILE__); + + common_remove_magic_from_request(); + $req = OAuthRequest::from_request(); - $omb = $_SESSION['oauth_authorization_request']; + $token = $req->get_parameter('oauth_token'); - if (!$omb) { - common_user_error(_('Not expecting this response!')); - return; - } + # I think this is the success metric - common_debug('stored request: '.print_r($omb,true), __FILE__); + if ($token != $omb['token']) { + $this->clientError(_('Not authorized.')); + return; + } - common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); + $version = $req->get_parameter('omb_version'); + + if ($version != OMB_VERSION_01) { + $this->clientError(_('Unknown version of OMB protocol.')); + return; + } - $token = $req->get_parameter('oauth_token'); + $nickname = $req->get_parameter('omb_listener_nickname'); - # I think this is the success metric + if (!$nickname) { + $this->clientError(_('No nickname provided by remote server.')); + return; + } - if ($token != $omb['token']) { - common_user_error(_('Not authorized.')); - return; - } - - $version = $req->get_parameter('omb_version'); - - if ($version != OMB_VERSION_01) { - common_user_error(_('Unknown version of OMB protocol.')); - return; - } - - $nickname = $req->get_parameter('omb_listener_nickname'); - - if (!$nickname) { - common_user_error(_('No nickname provided by remote server.')); - return; - } - - $profile_url = $req->get_parameter('omb_listener_profile'); - - if (!$profile_url) { - common_user_error(_('No profile URL returned by server.')); - return; - } - - if (!Validate::uri($profile_url, array('allowed_schemes' => array('http', 'https')))) { - common_user_error(_('Invalid profile URL returned by server.')); - return; - } - - if ($profile_url == common_local_url('showstream', array('nickname' => $nickname))) { - common_user_error(_('You can use the local subscription!')); - return; - } - - common_debug('listenee: "'.$omb['listenee'].'"', __FILE__); - - $user = User::staticGet('nickname', $omb['listenee']); - - if (!$user) { - common_user_error(_('User being listened to doesn\'t exist.')); - return; - } - - $other = User::staticGet('uri', $omb['listener']); - - if ($other) { - common_user_error(_('You can use the local subscription!')); - return; - } - - $fullname = $req->get_parameter('omb_listener_fullname'); - $homepage = $req->get_parameter('omb_listener_homepage'); - $bio = $req->get_parameter('omb_listener_bio'); - $location = $req->get_parameter('omb_listener_location'); - $avatar_url = $req->get_parameter('omb_listener_avatar'); - - list($newtok, $newsecret) = $this->access_token($omb); - - if (!$newtok || !$newsecret) { - common_user_error(_('Couldn\'t convert request tokens to access tokens.')); - return; - } - - # XXX: possible attack point; subscribe and return someone else's profile URI - - $remote = Remote_profile::staticGet('uri', $omb['listener']); - - if ($remote) { - $exists = true; - $profile = Profile::staticGet($remote->id); - $orig_remote = clone($remote); - $orig_profile = clone($profile); - # XXX: compare current postNotice and updateProfile URLs to the ones - # stored in the DB to avoid (possibly...) above attack - } else { - $exists = false; - $remote = new Remote_profile(); - $remote->uri = $omb['listener']; - $profile = new Profile(); - } - - $profile->nickname = $nickname; - $profile->profileurl = $profile_url; - - if ($fullname) { - $profile->fullname = $fullname; - } - if ($homepage) { - $profile->homepage = $homepage; - } - if ($bio) { - $profile->bio = $bio; - } - if ($location) { - $profile->location = $location; - } - - if ($exists) { - $profile->update($orig_profile); - } else { - $profile->created = DB_DataObject_Cast::dateTime(); # current time - $id = $profile->insert(); - if (!$id) { - common_server_error(_('Error inserting new profile')); - return; - } - $remote->id = $id; - } - - if ($avatar_url) { - if (!$this->add_avatar($profile, $avatar_url)) { - common_server_error(_('Error inserting avatar')); - return; - } - } - - $remote->postnoticeurl = $omb['post_notice_url']; - $remote->updateprofileurl = $omb['update_profile_url']; - - if ($exists) { - if (!$remote->update($orig_remote)) { - common_server_error(_('Error updating remote profile')); - return; - } - } else { - $remote->created = DB_DataObject_Cast::dateTime(); # current time - if (!$remote->insert()) { - common_server_error(_('Error inserting remote profile')); - return; - } - } + $profile_url = $req->get_parameter('omb_listener_profile'); + + if (!$profile_url) { + $this->clientError(_('No profile URL returned by server.')); + return; + } + + if (!Validate::uri($profile_url, array('allowed_schemes' => array('http', 'https')))) { + $this->clientError(_('Invalid profile URL returned by server.')); + return; + } + + if ($profile_url == common_local_url('showstream', array('nickname' => $nickname))) { + $this->clientError(_('You can use the local subscription!')); + return; + } + + common_debug('listenee: "'.$omb['listenee'].'"', __FILE__); + + $user = User::staticGet('nickname', $omb['listenee']); + + if (!$user) { + $this->clientError(_('User being listened to doesn\'t exist.')); + return; + } + + $other = User::staticGet('uri', $omb['listener']); + + if ($other) { + $this->clientError(_('You can use the local subscription!')); + return; + } + + $fullname = $req->get_parameter('omb_listener_fullname'); + $homepage = $req->get_parameter('omb_listener_homepage'); + $bio = $req->get_parameter('omb_listener_bio'); + $location = $req->get_parameter('omb_listener_location'); + $avatar_url = $req->get_parameter('omb_listener_avatar'); + + list($newtok, $newsecret) = $this->access_token($omb); + + if (!$newtok || !$newsecret) { + $this->clientError(_('Couldn\'t convert request tokens to access tokens.')); + return; + } + + # XXX: possible attack point; subscribe and return someone else's profile URI + + $remote = Remote_profile::staticGet('uri', $omb['listener']); + + if ($remote) { + $exists = true; + $profile = Profile::staticGet($remote->id); + $orig_remote = clone($remote); + $orig_profile = clone($profile); + # XXX: compare current postNotice and updateProfile URLs to the ones + # stored in the DB to avoid (possibly...) above attack + } else { + $exists = false; + $remote = new Remote_profile(); + $remote->uri = $omb['listener']; + $profile = new Profile(); + } + + $profile->nickname = $nickname; + $profile->profileurl = $profile_url; + + if ($fullname) { + $profile->fullname = $fullname; + } + if ($homepage) { + $profile->homepage = $homepage; + } + if ($bio) { + $profile->bio = $bio; + } + if ($location) { + $profile->location = $location; + } + + if ($exists) { + $profile->update($orig_profile); + } else { + $profile->created = DB_DataObject_Cast::dateTime(); # current time + $id = $profile->insert(); + if (!$id) { + $this->serverError(_('Error inserting new profile')); + return; + } + $remote->id = $id; + } + + if ($avatar_url) { + if (!$this->add_avatar($profile, $avatar_url)) { + $this->serverError(_('Error inserting avatar')); + return; + } + } + + $remote->postnoticeurl = $omb['post_notice_url']; + $remote->updateprofileurl = $omb['update_profile_url']; + + if ($exists) { + if (!$remote->update($orig_remote)) { + $this->serverError(_('Error updating remote profile')); + return; + } + } else { + $remote->created = DB_DataObject_Cast::dateTime(); # current time + if (!$remote->insert()) { + $this->serverError(_('Error inserting remote profile')); + return; + } + } if ($user->hasBlocked($profile)) { - $this->client_error(_('That user has blocked you from subscribing.')); + $this->clientError(_('That user has blocked you from subscribing.')); return; } - $sub = new Subscription(); + $sub = new Subscription(); - $sub->subscriber = $remote->id; - $sub->subscribed = $user->id; + $sub->subscriber = $remote->id; + $sub->subscribed = $user->id; $sub_exists = false; @@ -202,8 +204,8 @@ class FinishremotesubscribeAction extends Action { $sub->created = DB_DataObject_Cast::dateTime(); # current time } - $sub->token = $newtok; - $sub->secret = $newsecret; + $sub->token = $newtok; + $sub->secret = $newsecret; if ($sub_exists) { $result = $sub->update($orig_sub); @@ -211,78 +213,80 @@ class FinishremotesubscribeAction extends Action { $result = $sub->insert(); } - if (!$result) { + if (!$result) { common_log_db_error($sub, ($sub_exists) ? 'UPDATE' : 'INSERT', __FILE__); - common_user_error(_('Couldn\'t insert new subscription.')); - return; - } + $this->clientError(_('Couldn\'t insert new subscription.')); + return; + } - # Notify user, if necessary + # Notify user, if necessary - mail_subscribe_notify_profile($user, $profile); + mail_subscribe_notify_profile($user, $profile); - # Clear the data - unset($_SESSION['oauth_authorization_request']); + # Clear the data + unset($_SESSION['oauth_authorization_request']); - # If we show subscriptions in reverse chron order, this should - # show up close to the top of the page + # If we show subscriptions in reverse chron order, this should + # show up close to the top of the page - common_redirect(common_local_url('subscribers', array('nickname' => - $user->nickname))); - } + common_redirect(common_local_url('subscribers', array('nickname' => + $user->nickname))); + } - function add_avatar($profile, $url) { - $temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar'); - copy($url, $temp_filename); - return $profile->setOriginal($temp_filename); - } + function add_avatar($profile, $url) + { + $temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar'); + copy($url, $temp_filename); + return $profile->setOriginal($temp_filename); + } - function access_token($omb) { + function access_token($omb) + { - common_debug('starting request for access token', __FILE__); + common_debug('starting request for access token', __FILE__); - $con = omb_oauth_consumer(); - $tok = new OAuthToken($omb['token'], $omb['secret']); + $con = omb_oauth_consumer(); + $tok = new OAuthToken($omb['token'], $omb['secret']); - common_debug('using request token "'.$tok.'"', __FILE__); + common_debug('using request token "'.$tok.'"', __FILE__); - $url = $omb['access_token_url']; + $url = $omb['access_token_url']; - common_debug('using access token url "'.$url.'"', __FILE__); + common_debug('using access token url "'.$url.'"', __FILE__); - # XXX: Is this the right thing to do? Strip off GET params and make them - # POST params? Seems wrong to me. + # XXX: Is this the right thing to do? Strip off GET params and make them + # POST params? Seems wrong to me. - $parsed = parse_url($url); - $params = array(); - parse_str($parsed['query'], $params); + $parsed = parse_url($url); + $params = array(); + parse_str($parsed['query'], $params); - $req = OAuthRequest::from_consumer_and_token($con, $tok, "POST", $url, $params); + $req = OAuthRequest::from_consumer_and_token($con, $tok, "POST", $url, $params); - $req->set_parameter('omb_version', OMB_VERSION_01); + $req->set_parameter('omb_version', OMB_VERSION_01); - # XXX: test to see if endpoint accepts this signature method + # XXX: test to see if endpoint accepts this signature method - $req->sign_request(omb_hmac_sha1(), $con, $tok); + $req->sign_request(omb_hmac_sha1(), $con, $tok); - # We re-use this tool's fetcher, since it's pretty good + # We re-use this tool's fetcher, since it's pretty good - common_debug('posting to access token url "'.$req->get_normalized_http_url().'"', __FILE__); - common_debug('posting request data "'.$req->to_postdata().'"', __FILE__); + common_debug('posting to access token url "'.$req->get_normalized_http_url().'"', __FILE__); + common_debug('posting request data "'.$req->to_postdata().'"', __FILE__); - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata(), + $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); + $result = $fetcher->post($req->get_normalized_http_url(), + $req->to_postdata(), array('User-Agent' => 'Laconica/' . LACONICA_VERSION)); - common_debug('got result: "'.print_r($result,TRUE).'"', __FILE__); + common_debug('got result: "'.print_r($result,true).'"', __FILE__); - if ($result->status != 200) { - return NULL; - } + if ($result->status != 200) { + return null; + } - parse_str($result->body, $return); + parse_str($result->body, $return); - return array($return['oauth_token'], $return['oauth_token_secret']); - } + return array($return['oauth_token'], $return['oauth_token_secret']); + } } diff --git a/actions/foaf.php b/actions/foaf.php index 6811fc05a..3a99835b4 100644 --- a/actions/foaf.php +++ b/actions/foaf.php @@ -23,180 +23,191 @@ define('LISTENER', 1); define('LISTENEE', -1); define('BOTH', 0); -class FoafAction extends Action { - - function is_readonly() { - return true; - } - - function handle($args) { - parent::handle($args); - - $nickname = $this->trimmed('nickname'); - - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - common_user_error(_('No such user.'), 404); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.'), 500); - return; - } - - header('Content-Type: application/rdf+xml'); - - common_start_xml(); - common_element_start('rdf:RDF', array('xmlns:rdf' => - 'http://www.w3.org/1999/02/22-rdf-syntax-ns#', - 'xmlns:rdfs' => - 'http://www.w3.org/2000/01/rdf-schema#', - 'xmlns:geo' => - 'http://www.w3.org/2003/01/geo/wgs84_pos#', - 'xmlns' => 'http://xmlns.com/foaf/0.1/')); - - # This is the document about the user - - $this->show_ppd('', $user->uri); - - # XXX: might not be a person - common_element_start('Person', array('rdf:about' => - $user->uri)); - common_element('mbox_sha1sum', NULL, sha1('mailto:' . $user->email)); - if ($profile->fullname) { - common_element('name', NULL, $profile->fullname); - } - if ($profile->homepage) { - common_element('homepage', array('rdf:resource' => $profile->homepage)); - } - if ($profile->bio) { - common_element('rdfs:comment', NULL, $profile->bio); - } - # XXX: more structured location data - if ($profile->location) { - common_element_start('based_near'); - common_element_start('geo:SpatialThing'); - common_element('name', NULL, $profile->location); - common_element_end('geo:SpatialThing'); - common_element_end('based_near'); - } - - $this->show_microblogging_account($profile, common_root_url()); - - $avatar = $profile->getOriginalAvatar(); - - if ($avatar) { - common_element_start('img'); - common_element_start('Image', array('rdf:about' => $avatar->url)); - foreach (array(AVATAR_PROFILE_SIZE, AVATAR_STREAM_SIZE, AVATAR_MINI_SIZE) as $size) { - $scaled = $profile->getAvatar($size); - if (!$scaled->original) { # sometimes the original has one of our scaled sizes - common_element_start('thumbnail'); - common_element('Image', array('rdf:about' => $scaled->url)); - common_element_end('thumbnail'); - } - } - common_element_end('Image'); - common_element_end('img'); - } - - # Get people user is subscribed to - - $person = array(); - - $sub = new Subscription(); - $sub->subscriber = $profile->id; - $sub->whereAdd('subscriber != subscribed'); - - if ($sub->find()) { - while ($sub->fetch()) { - if ($sub->token) { - $other = Remote_profile::staticGet('id', $sub->subscribed); - } else { - $other = User::staticGet('id', $sub->subscribed); - } - if (!$other) { - common_debug('Got a bad subscription: '.print_r($sub,TRUE)); - continue; - } - common_element('knows', array('rdf:resource' => $other->uri)); - $person[$other->uri] = array(LISTENEE, $other); - } - } - - # Get people who subscribe to user - - $sub = new Subscription(); - $sub->subscribed = $profile->id; - $sub->whereAdd('subscriber != subscribed'); - - if ($sub->find()) { - while ($sub->fetch()) { - if ($sub->token) { - $other = Remote_profile::staticGet('id', $sub->subscriber); - } else { - $other = User::staticGet('id', $sub->subscriber); - } - if (!$other) { - common_debug('Got a bad subscription: '.print_r($sub,TRUE)); - continue; - } - if (array_key_exists($other->uri, $person)) { - $person[$other->uri][0] = BOTH; - } else { - $person[$other->uri] = array(LISTENER, $other); - } - } - } - - common_element_end('Person'); - - foreach ($person as $uri => $p) { - $foaf_url = NULL; - if ($p[1] instanceof User) { - $foaf_url = common_local_url('foaf', array('nickname' => $p[1]->nickname)); - } - $profile = Profile::staticGet($p[1]->id); - common_element_start('Person', array('rdf:about' => $uri)); - if ($p[0] == LISTENER || $p[0] == BOTH) { - common_element('knows', array('rdf:resource' => $user->uri)); - } - $this->show_microblogging_account($profile, ($p[1] instanceof User) ? - common_root_url() : NULL); - if ($foaf_url) { - common_element('rdfs:seeAlso', array('rdf:resource' => $foaf_url)); - } - common_element_end('Person'); - if ($foaf_url) { - $this->show_ppd($foaf_url, $uri); - } - } - - common_element_end('rdf:RDF'); - } - - function show_ppd($foaf_url, $person_uri) { - common_element_start('PersonalProfileDocument', array('rdf:about' => $foaf_url)); - common_element('maker', array('rdf:resource' => $person_uri)); - common_element('primaryTopic', array('rdf:resource' => $person_uri)); - common_element_end('PersonalProfileDocument'); - } - - function show_microblogging_account($profile, $service=NULL) { - # Their account - common_element_start('holdsAccount'); - common_element_start('OnlineAccount'); - if ($service) { - common_element('accountServiceHomepage', array('rdf:resource' => - $service)); - } - common_element('accountName', NULL, $profile->nickname); - common_element('homepage', array('rdf:resource' => $profile->profileurl)); - common_element_end('OnlineAccount'); - common_element_end('holdsAccount'); - } +class FoafAction extends Action +{ + function isReadOnly() + { + return true; + } + + function prepare($args) + { + parent::prepare($args); + $this->nickname = $this->trimmed('nickname'); + + $this->user = User::staticGet('nickname', $this->nickname); + + if (!$this->user) { + $this->clientError(_('No such user.'), 404); + return false; + } + + $this->profile = $this->user->getProfile(); + + if (!$this->profile) { + $this->serverError(_('User has no profile.'), 500); + return false; + } + + return true; + } + + function handle($args) + { + parent::handle($args); + + header('Content-Type: application/rdf+xml'); + + $this->startXML(); + $this->elementStart('rdf:RDF', array('xmlns:rdf' => + 'http://www.w3.org/1999/02/22-rdf-syntax-ns#', + 'xmlns:rdfs' => + 'http://www.w3.org/2000/01/rdf-schema#', + 'xmlns:geo' => + 'http://www.w3.org/2003/01/geo/wgs84_pos#', + 'xmlns' => 'http://xmlns.com/foaf/0.1/')); + + // This is the document about the user + + $this->showPpd('', $this->user->uri); + + // XXX: might not be a person + $this->elementStart('Person', array('rdf:about' => + $this->user->uri)); + $this->element('mbox_sha1sum', null, sha1('mailto:' . $this->user->email)); + if ($this->profile->fullname) { + $this->element('name', null, $this->profile->fullname); + } + if ($this->profile->homepage) { + $this->element('homepage', array('rdf:resource' => $this->profile->homepage)); + } + if ($this->profile->bio) { + $this->element('rdfs:comment', null, $this->profile->bio); + } + // XXX: more structured location data + if ($this->profile->location) { + $this->elementStart('based_near'); + $this->elementStart('geo:SpatialThing'); + $this->element('name', null, $this->profile->location); + $this->elementEnd('geo:SpatialThing'); + $this->elementEnd('based_near'); + } + + $this->showMicrobloggingAccount($this->profile, common_root_url()); + + $avatar = $this->profile->getOriginalAvatar(); + + if ($avatar) { + $this->elementStart('img'); + $this->elementStart('Image', array('rdf:about' => $avatar->url)); + foreach (array(AVATAR_PROFILE_SIZE, AVATAR_STREAM_SIZE, AVATAR_MINI_SIZE) as $size) { + $scaled = $this->profile->getAvatar($size); + if (!$scaled->original) { // sometimes the original has one of our scaled sizes + $this->elementStart('thumbnail'); + $this->element('Image', array('rdf:about' => $scaled->url)); + $this->elementEnd('thumbnail'); + } + } + $this->elementEnd('Image'); + $this->elementEnd('img'); + } + + // Get people user is subscribed to + + $person = array(); + + $sub = new Subscription(); + $sub->subscriber = $this->profile->id; + $sub->whereAdd('subscriber != subscribed'); + + if ($sub->find()) { + while ($sub->fetch()) { + if ($sub->token) { + $other = Remote_profile::staticGet('id', $sub->subscribed); + } else { + $other = User::staticGet('id', $sub->subscribed); + } + if (!$other) { + common_debug('Got a bad subscription: '.print_r($sub,true)); + continue; + } + $this->element('knows', array('rdf:resource' => $other->uri)); + $person[$other->uri] = array(LISTENEE, $other); + } + } + + // Get people who subscribe to user + + $sub = new Subscription(); + $sub->subscribed = $this->profile->id; + $sub->whereAdd('subscriber != subscribed'); + + if ($sub->find()) { + while ($sub->fetch()) { + if ($sub->token) { + $other = Remote_profile::staticGet('id', $sub->subscriber); + } else { + $other = User::staticGet('id', $sub->subscriber); + } + if (!$other) { + common_debug('Got a bad subscription: '.print_r($sub,true)); + continue; + } + if (array_key_exists($other->uri, $person)) { + $person[$other->uri][0] = BOTH; + } else { + $person[$other->uri] = array(LISTENER, $other); + } + } + } + + $this->elementEnd('Person'); + + foreach ($person as $uri => $p) { + $foaf_url = null; + if ($p[1] instanceof User) { + $foaf_url = common_local_url('foaf', array('nickname' => $p[1]->nickname)); + } + $this->profile = Profile::staticGet($p[1]->id); + $this->elementStart('Person', array('rdf:about' => $uri)); + if ($p[0] == LISTENER || $p[0] == BOTH) { + $this->element('knows', array('rdf:resource' => $this->user->uri)); + } + $this->showMicrobloggingAccount($this->profile, ($p[1] instanceof User) ? + common_root_url() : null); + if ($foaf_url) { + $this->element('rdfs:seeAlso', array('rdf:resource' => $foaf_url)); + } + $this->elementEnd('Person'); + if ($foaf_url) { + $this->showPpd($foaf_url, $uri); + } + } + + $this->elementEnd('rdf:RDF'); + $this->endXML(); + } + + function showPpd($foaf_url, $person_uri) + { + $this->elementStart('PersonalProfileDocument', array('rdf:about' => $foaf_url)); + $this->element('maker', array('rdf:resource' => $person_uri)); + $this->element('primaryTopic', array('rdf:resource' => $person_uri)); + $this->elementEnd('PersonalProfileDocument'); + } + + function showMicrobloggingAccount($profile, $service=null) + { + // Their account + $this->elementStart('holdsAccount'); + $this->elementStart('OnlineAccount'); + if ($service) { + $this->element('accountServiceHomepage', array('rdf:resource' => + $service)); + } + $this->element('accountName', null, $profile->nickname); + $this->element('homepage', array('rdf:resource' => $profile->profileurl)); + $this->elementEnd('OnlineAccount'); + $this->elementEnd('holdsAccount'); + } } diff --git a/actions/groupbyid.php b/actions/groupbyid.php new file mode 100644 index 000000000..678119a94 --- /dev/null +++ b/actions/groupbyid.php @@ -0,0 +1,108 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * Permalink for group + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/noticelist.php'; +require_once INSTALLDIR.'/lib/feedlist.php'; + +/** + * Permalink for a group + * + * The group nickname can change, but not the group ID. So we use + * an URL with the ID in it as the permanent identifier. + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class GroupbyidAction extends Action +{ + /** group we're viewing. */ + var $group = null; + + /** + * Is this page read-only? + * + * @return boolean true + */ + + function isReadOnly() + { + return true; + } + + function prepare($args) + { + parent::prepare($args); + + if (!common_config('inboxes','enabled')) { + $this->serverError(_('Inboxes must be enabled for groups to work')); + return false; + } + + $id = $this->arg('id'); + + if (!$id) { + $this->clientError(_('No ID')); + return false; + } + + common_debug("Got ID $id"); + + $this->group = User_group::staticGet('id', $id); + + if (!$this->group) { + $this->clientError(_('No such group'), 404); + return false; + } + + return true; + } + + /** + * Handle the request + * + * Shows a profile for the group, some controls, and a list of + * group notices. + * + * @return void + */ + + function handle($args) + { + common_redirect($this->group->homeUrl(), 303); + } +}
\ No newline at end of file diff --git a/actions/grouplogo.php b/actions/grouplogo.php new file mode 100644 index 000000000..393070d5d --- /dev/null +++ b/actions/grouplogo.php @@ -0,0 +1,511 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * Upload an avatar + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/accountsettingsaction.php'; + +/** + * Upload an avatar + * + * We use jCrop plugin for jQuery to crop the image after upload. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class GrouplogoAction extends Action +{ + var $mode = null; + var $imagefile = null; + var $filename = null; + + /** + * Prepare to run + */ + + function prepare($args) + { + parent::prepare($args); + + if (!common_config('inboxes','enabled')) { + $this->serverError(_('Inboxes must be enabled for groups to work')); + return false; + } + + if (!common_logged_in()) { + $this->clientError(_('You must be logged in to create a group.')); + return false; + } + + $nickname_arg = $this->trimmed('nickname'); + $nickname = common_canonical_nickname($nickname_arg); + + // Permanent redirect on non-canonical nickname + + if ($nickname_arg != $nickname) { + $args = array('nickname' => $nickname); + common_redirect(common_local_url('editgroup', $args), 301); + return false; + } + + if (!$nickname) { + $this->clientError(_('No nickname'), 404); + return false; + } + + $groupid = $this->trimmed('groupid'); + + if ($groupid) { + $this->group = User_group::staticGet('id', $groupid); + } else { + $this->group = User_group::staticGet('nickname', $nickname); + } + + if (!$this->group) { + $this->clientError(_('No such group'), 404); + return false; + } + + $cur = common_current_user(); + + if (!$cur->isAdmin($this->group)) { + $this->clientError(_('You must be an admin to edit the group'), 403); + return false; + } + + return true; + } + + function handle($args) + { + parent::handle($args); + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $this->handlePost(); + } else { + $this->showForm(); + } + } + + function showForm($msg = null) + { + $this->msg = $msg; + $this->showPage(); + } + + /** + * Title of the page + * + * @return string Title of the page + */ + + function title() + { + return _('Group logo'); + } + + /** + * Instructions for use + * + * @return instructions for use + */ + + function getInstructions() + { + return _('You can upload a logo image for your group.'); + } + + /** + * Content area of the page + * + * Shows a form for uploading an avatar. + * + * @return void + */ + + function showContent() + { + if ($this->mode == 'crop') { + $this->showCropForm(); + } else { + $this->showUploadForm(); + } + } + + function showUploadForm() + { + $user = common_current_user(); + + $profile = $user->getProfile(); + + if (!$profile) { + common_log_db_error($user, 'SELECT', __FILE__); + $this->serverError(_('User without matching profile')); + return; + } + + $original = $this->group->original_logo; + + $this->elementStart('form', array('enctype' => 'multipart/form-data', + 'method' => 'post', + 'id' => 'form_settings_logo', + 'class' => 'form_settings', + 'action' => + common_local_url('grouplogo', + array('nickname' => $this->group->nickname)))); + $this->elementStart('fieldset'); + $this->element('legend', null, _('Group logo')); + $this->hidden('token', common_session_token()); + + $this->elementStart('ul', 'form_data'); + if ($original) { + $this->elementStart('li', array('id' => 'avatar_original', + 'class' => 'avatar_view')); + $this->element('h2', null, _("Original")); + $this->elementStart('div', array('id'=>'avatar_original_view')); + $this->element('img', array('src' => $this->group->original_logo, + 'alt' => $this->group->nickname)); + $this->elementEnd('div'); + $this->elementEnd('li'); + } + + if ($this->group->homepage_logo) { + $this->elementStart('li', array('id' => 'avatar_preview', + 'class' => 'avatar_view')); + $this->element('h2', null, _("Preview")); + $this->elementStart('div', array('id'=>'avatar_preview_view')); + $this->element('img', array('src' => $this->group->homepage_logo, + 'width' => AVATAR_PROFILE_SIZE, + 'height' => AVATAR_PROFILE_SIZE, + 'alt' => $this->group->nickname)); + $this->elementEnd('div'); + $this->elementEnd('li'); + } + + $this->elementStart('li', array ('id' => 'settings_attach')); + $this->element('input', array('name' => 'avatarfile', + 'type' => 'file', + 'id' => 'avatarfile')); + $this->element('input', array('name' => 'MAX_FILE_SIZE', + 'type' => 'hidden', + 'id' => 'MAX_FILE_SIZE', + 'value' => MAX_AVATAR_SIZE)); + $this->elementEnd('li'); + $this->elementEnd('ul'); + + $this->elementStart('ul', 'form_actions'); + $this->elementStart('li'); + $this->submit('upload', _('Upload')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + + } + + function showCropForm() + { + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_avatar', + 'class' => 'form_settings', + 'action' => + common_local_url('grouplogo', + array('nickname' => $this->group->nickname)))); + $this->elementStart('fieldset'); + $this->element('legend', null, _('Avatar settings')); + $this->hidden('token', common_session_token()); + + $this->elementStart('ul', 'form_data'); + + $this->elementStart('li', + array('id' => 'avatar_original', + 'class' => 'avatar_view')); + $this->element('h2', null, _("Original")); + $this->elementStart('div', array('id'=>'avatar_original_view')); + $this->element('img', array('src' => common_avatar_url($this->filedata['filename']), + 'width' => $this->filedata['width'], + 'height' => $this->filedata['height'], + 'alt' => $this->group->nickname)); + $this->elementEnd('div'); + $this->elementEnd('li'); + + $this->elementStart('li', + array('id' => 'avatar_preview', + 'class' => 'avatar_view')); + $this->element('h2', null, _("Preview")); + $this->elementStart('div', array('id'=>'avatar_preview_view')); + $this->element('img', array('src' => common_avatar_url($this->filedata['filename']), + 'width' => AVATAR_PROFILE_SIZE, + 'height' => AVATAR_PROFILE_SIZE, + 'alt' => $this->group->nickname)); + $this->elementEnd('div'); + + foreach (array('avatar_crop_x', 'avatar_crop_y', + 'avatar_crop_w', 'avatar_crop_h') as $crop_info) { + $this->element('input', array('name' => $crop_info, + 'type' => 'hidden', + 'id' => $crop_info)); + } + $this->submit('crop', _('Crop')); + + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + + } + + /** + * Handle a post + * + * We mux on the button name to figure out what the user actually wanted. + * + * @return void + */ + + function handlePost() + { + // CSRF protection + + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->show_form(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + if ($this->arg('upload')) { + $this->uploadAvatar(); + } else if ($this->arg('crop')) { + $this->cropAvatar(); + } else { + $this->showForm(_('Unexpected form submission.')); + } + } + + /** + * Handle an image upload + * + * Does all the magic for handling an image upload, and crops the + * image by default. + * + * @return void + */ + + function uploadAvatar() + { + try { + $imagefile = ImageFile::fromUpload('avatarfile'); + } catch (Exception $e) { + $this->showForm($e->getMessage()); + return; + } + + $filename = common_avatar_filename($this->group->id, + image_type_to_extension($imagefile->type), + null, + 'group-temp-'.common_timestamp()); + + $filepath = common_avatar_path($filename); + + move_uploaded_file($imagefile->filename, $filepath); + + $filedata = array('filename' => $filename, + 'filepath' => $filepath, + 'width' => $imagefile->width, + 'height' => $imagefile->height, + 'type' => $imagefile->type); + + $_SESSION['FILEDATA'] = $filedata; + + $this->filedata = $filedata; + + $this->mode = 'crop'; + + $this->showForm(_('Pick a square area of the image to be your avatar'), + true); + } + + /** + * Handle the results of jcrop. + * + * @return void + */ + + function cropAvatar() + { + $user = common_current_user(); + + $profile = $user->getProfile(); + + $x = $this->arg('avatar_crop_x'); + $y = $this->arg('avatar_crop_y'); + $w = $this->arg('avatar_crop_w'); + $h = $this->arg('avatar_crop_h'); + + $filedata = $_SESSION['FILEDATA']; + + if (!$filedata) { + $this->serverError(_('Lost our file data.')); + return; + } + + $filepath = common_avatar_path($filedata['filename']); + + if (!file_exists($filepath)) { + $this->serverError(_('Lost our file.')); + return; + } + + switch ($filedata['type']) { + case IMAGETYPE_GIF: + $image_src = imagecreatefromgif($filepath); + break; + case IMAGETYPE_JPEG: + $image_src = imagecreatefromjpeg($filepath); + break; + case IMAGETYPE_PNG: + $image_src = imagecreatefrompng($filepath); + break; + default: + $this->serverError(_('Unknown file type')); + return; + } + + common_debug("W = $w, H = $h, X = $x, Y = $y"); + + $image_dest = imagecreatetruecolor($w, $h); + + $background = imagecolorallocate($image_dest, 0, 0, 0); + ImageColorTransparent($image_dest, $background); + imagealphablending($image_dest, false); + + imagecopyresized($image_dest, $image_src, 0, 0, $x, $y, $w, $h, $w, $h); + + $cur = common_current_user(); + + $filename = common_avatar_filename($this->group->id, + image_type_to_extension($imagefile->type), + null, + 'group-'.common_timestamp()); + + $filepath = common_avatar_path($filename); + + switch ($filedata['type']) { + case IMAGETYPE_GIF: + imagegif($image_dest, $filepath); + break; + case IMAGETYPE_JPEG: + imagejpeg($image_dest, $filepath); + break; + case IMAGETYPE_PNG: + imagepng($image_dest, $filepath); + break; + default: + $this->serverError(_('Unknown file type')); + return; + } + + if ($this->group->setOriginal($filename, $filedata['type'])) { + @unlink(common_avatar_path($filedata['filename'])); + unset($_SESSION['FILEDATA']); + $this->mode = 'upload'; + $this->showForm(_('Logo updated.'), true); + } else { + $this->showForm(_('Failed updating logo.')); + } + } + + function showPageNotice() + { + if ($this->msg) { + $this->element('div', ($this->success) ? 'success' : 'error', + $this->msg); + } else { + $inst = $this->getInstructions(); + $output = common_markup_to_html($inst); + + $this->elementStart('div', 'instructions'); + $this->raw($output); + $this->elementEnd('div'); + } + } + + /** + * Add the jCrop stylesheet + * + * @return void + */ + + function showStylesheets() + { + parent::showStylesheets(); + $jcropStyle = + common_path('theme/base/css/jquery.Jcrop.css?version='.LACONICA_VERSION); + + $this->element('link', array('rel' => 'stylesheet', + 'type' => 'text/css', + 'href' => $jcropStyle, + 'media' => 'screen, projection, tv')); + } + + /** + * Add the jCrop scripts + * + * @return void + */ + + function showScripts() + { + parent::showScripts(); + + $jcropPack = common_path('js/jcrop/jquery.Jcrop.pack.js'); + $jcropGo = common_path('js/jcrop/jquery.Jcrop.go.js'); + + $this->element('script', array('type' => 'text/javascript', + 'src' => $jcropPack)); + $this->element('script', array('type' => 'text/javascript', + 'src' => $jcropGo)); + } + + function showLocalNav() + { + $nav = new GroupNav($this, $this->group); + $nav->show(); + } +} diff --git a/actions/groupmembers.php b/actions/groupmembers.php new file mode 100644 index 000000000..53395c418 --- /dev/null +++ b/actions/groupmembers.php @@ -0,0 +1,138 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * List of group members + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once(INSTALLDIR.'/lib/profilelist.php'); +require_once INSTALLDIR.'/lib/publicgroupnav.php'; + +/** + * List of group members + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class GroupmembersAction extends Action +{ + var $page = null; + + function isReadOnly() + { + return true; + } + + function prepare($args) + { + parent::prepare($args); + $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; + + $nickname_arg = $this->arg('nickname'); + $nickname = common_canonical_nickname($nickname_arg); + + // Permanent redirect on non-canonical nickname + + if ($nickname_arg != $nickname) { + $args = array('nickname' => $nickname); + if ($this->page != 1) { + $args['page'] = $this->page; + } + common_redirect(common_local_url('groupmembers', $args), 301); + return false; + } + + if (!$nickname) { + $this->clientError(_('No nickname'), 404); + return false; + } + + $this->group = User_group::staticGet('nickname', $nickname); + + if (!$this->group) { + $this->clientError(_('No such group'), 404); + return false; + } + + return true; + } + + function title() + { + if ($this->page == 1) { + return sprintf(_('%s group members'), + $this->group->nickname); + } else { + return sprintf(_('%s group members, page %d'), + $this->group->nickname, + $this->page); + } + } + + function handle($args) + { + parent::handle($args); + $this->showPage(); + } + + function showPageNotice() + { + $this->element('p', 'instructions', + _('A list of the users in this group.')); + } + + function showLocalNav() + { + $nav = new GroupNav($this, $this->group); + $nav->show(); + } + + function showContent() + { + $offset = ($this->page-1) * PROFILES_PER_PAGE; + $limit = PROFILES_PER_PAGE + 1; + + $members = $this->group->getMembers($offset, $limit); + + if ($members) { + $member_list = new ProfileList($members, null, $this); + $member_list->show(); + } + + $members->free(); + + $this->pagination($this->page > 1, $cnt > PROFILES_PER_PAGE, + $this->page, 'groupmembers', + array('nickname' => $this->group->nickname)); + } +}
\ No newline at end of file diff --git a/actions/groups.php b/actions/groups.php new file mode 100644 index 000000000..261f9b3aa --- /dev/null +++ b/actions/groups.php @@ -0,0 +1,127 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * Latest groups information + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/grouplist.php'; + +/** + * Latest groups + * + * Show the latest groups on the site + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class GroupsAction extends Action +{ + var $page = null; + var $profile = null; + + function title() + { + if ($this->page == 1) { + return _("Groups"); + } else { + return sprintf(_("Groups, page %d"), $this->page); + } + } + + function prepare($args) + { + parent::prepare($args); + $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; + return true; + } + + function handle($args) + { + parent::handle($args); + $this->showPage(); + } + + function showLocalNav() + { + $nav = new PublicGroupNav($this); + $nav->show(); + } + + function showPageNotice() + { + $notice = + sprintf(_('%%%%site.name%%%% groups let you find and talk with ' . + 'people of similar interests. After you join a group ' . + 'you can send messages to all other members using the ' . + 'syntax "!groupname". Don\'t see a group you like? Try ' . + '[searching for one](%%%%action.groupsearch%%%%) or ' . + '[start your own!](%%%%action.newgroup%%%%)')); + $this->elementStart('div', 'instructions'); + $this->raw(common_markup_to_html($notice)); + $this->elementEnd('div'); + } + + function showContent() + { + $this->elementStart('p', array('id' => 'new_group')); + $this->element('a', array('href' => common_local_url('newgroup'), + 'class' => 'more'), + _('Create a new group')); + $this->elementEnd('p'); + + $offset = ($this->page-1) * GROUPS_PER_PAGE; + $limit = GROUPS_PER_PAGE + 1; + + $groups = new User_group(); + $groups->orderBy('created DESC'); + $groups->limit($offset, $limit); + + if ($groups->find()) { + $gl = new GroupList($groups, null, $this); + $cnt = $gl->show(); + } + + $this->pagination($this->page > 1, $cnt > GROUPS_PER_PAGE, + $this->page, 'groups'); + } + + function showSections() + { + $gbp = new GroupsByPostsSection($this); + $gbp->show(); + $gbm = new GroupsByMembersSection($this); + $gbm->show(); + } +} diff --git a/actions/imsettings.php b/actions/imsettings.php index 0aa7631dc..e0f5ede3a 100644 --- a/actions/imsettings.php +++ b/actions/imsettings.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Settings for Jabber/XMPP integration + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,256 +18,410 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); -require_once(INSTALLDIR.'/lib/jabber.php'); - -class ImsettingsAction extends SettingsAction { - - function get_instructions() { - return _('You can send and receive notices through Jabber/GTalk [instant messages](%%doc.im%%). Configure your address and settings below.'); - } - - function show_form($msg=NULL, $success=false) { - $user = common_current_user(); - $this->form_header(_('IM Settings'), $msg, $success); - common_element_start('form', array('method' => 'post', - 'id' => 'imsettings', - 'action' => - common_local_url('imsettings'))); - common_hidden('token', common_session_token()); - - common_element('h2', NULL, _('Address')); - - if ($user->jabber) { - common_element_start('p'); - common_element('span', 'address confirmed', $user->jabber); - common_element('span', 'input_instructions', - _('Current confirmed Jabber/GTalk address.')); - common_hidden('jabber', $user->jabber); - common_element_end('p'); - common_submit('remove', _('Remove')); - } else { - $confirm = $this->get_confirmation(); - if ($confirm) { - common_element_start('p'); - common_element('span', 'address unconfirmed', $confirm->address); - common_element('span', 'input_instructions', - sprintf(_('Awaiting confirmation on this address. Check your Jabber/GTalk account for a message with further instructions. (Did you add %s to your buddy list?)'), jabber_daemon_address())); - common_hidden('jabber', $confirm->address); - common_element_end('p'); - common_submit('cancel', _('Cancel')); - } else { - common_input('jabber', _('IM Address'), - ($this->arg('jabber')) ? $this->arg('jabber') : NULL, - sprintf(_('Jabber or GTalk address, like "UserName@example.org". First, make sure to add %s to your buddy list in your IM client or on GTalk.'), jabber_daemon_address())); - common_submit('add', _('Add')); - } - } - - common_element('h2', NULL, _('Preferences')); - - common_checkbox('jabbernotify', - _('Send me notices through Jabber/GTalk.'), - $user->jabbernotify); - common_checkbox('updatefrompresence', - _('Post a notice when my Jabber/GTalk status changes.'), - $user->updatefrompresence); - common_checkbox('jabberreplies', - _('Send me replies through Jabber/GTalk from people I\'m not subscribed to.'), - $user->jabberreplies); - common_checkbox('jabbermicroid', - _('Publish a MicroID for my Jabber/GTalk address.'), - $user->jabbermicroid); - common_submit('save', _('Save')); - - common_element_end('form'); - common_show_footer(); - } - - function get_confirmation() { - $user = common_current_user(); - $confirm = new Confirm_address(); - $confirm->user_id = $user->id; - $confirm->address_type = 'jabber'; - if ($confirm->find(TRUE)) { - return $confirm; - } else { - return NULL; - } - } - - function handle_post() { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_preferences(); - } else if ($this->arg('add')) { - $this->add_address(); - } else if ($this->arg('cancel')) { - $this->cancel_confirmation(); - } else if ($this->arg('remove')) { - $this->remove_address(); - } else { - $this->show_form(_('Unexpected form submission.')); - } - } - - function save_preferences() { - - $jabbernotify = $this->boolean('jabbernotify'); - $updatefrompresence = $this->boolean('updatefrompresence'); - $jabberreplies = $this->boolean('jabberreplies'); - $jabbermicroid = $this->boolean('jabbermicroid'); - - $user = common_current_user(); - - assert(!is_null($user)); # should already be checked - - $user->query('BEGIN'); - - $original = clone($user); - - $user->jabbernotify = $jabbernotify; - $user->updatefrompresence = $updatefrompresence; - $user->jabberreplies = $jabberreplies; - $user->jabbermicroid = $jabbermicroid; - - $result = $user->update($original); - - if ($result === FALSE) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - - $user->query('COMMIT'); - - $this->show_form(_('Preferences saved.'), true); - } - - function add_address() { - - $user = common_current_user(); - - $jabber = $this->trimmed('jabber'); - - # Some validation - - if (!$jabber) { - $this->show_form(_('No Jabber ID.')); - return; - } - - $jabber = jabber_normalize_jid($jabber); - - if (!$jabber) { - $this->show_form(_('Cannot normalize that Jabber ID')); - return; - } - if (!jabber_valid_base_jid($jabber)) { - $this->show_form(_('Not a valid Jabber ID')); - return; - } else if ($user->jabber == $jabber) { - $this->show_form(_('That is already your Jabber ID.')); - return; - } else if ($this->jabber_exists($jabber)) { - $this->show_form(_('Jabber ID already belongs to another user.')); - return; - } - - $confirm = new Confirm_address(); - $confirm->address = $jabber; - $confirm->address_type = 'jabber'; - $confirm->user_id = $user->id; - $confirm->code = common_confirmation_code(64); - - $result = $confirm->insert(); - - if ($result === FALSE) { - common_log_db_error($confirm, 'INSERT', __FILE__); - common_server_error(_('Couldn\'t insert confirmation code.')); - return; - } - - if (!common_config('queue', 'enabled')) { - jabber_confirm_address($confirm->code, - $user->nickname, - $jabber); - } - - $msg = sprintf(_('A confirmation code was sent to the IM address you added. You must approve %s for sending messages to you.'), jabber_daemon_address()); - - $this->show_form($msg, TRUE); - } - - function cancel_confirmation() { - $jabber = $this->arg('jabber'); - $confirm = $this->get_confirmation(); - if (!$confirm) { - $this->show_form(_('No pending confirmation to cancel.')); - return; - } - if ($confirm->address != $jabber) { - $this->show_form(_('That is the wrong IM address.')); - return; - } +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/connectsettingsaction.php'; +require_once INSTALLDIR.'/lib/jabber.php'; + +/** + * Settings for Jabber/XMPP integration + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * + * @see SettingsAction + */ + +class ImsettingsAction extends ConnectSettingsAction +{ + /** + * Title of the page + * + * @return string Title of the page + */ + + function title() + { + return _('IM Settings'); + } + + /** + * Instructions for use + * + * @return instructions for use + */ + + function getInstructions() + { + return _('You can send and receive notices through '. + 'Jabber/GTalk [instant messages](%%doc.im%%). '. + 'Configure your address and settings below.'); + } + + /** + * Content area of the page + * + * We make different sections of the form for the different kinds of + * functions, and have submit buttons with different names. These + * are muxed by handlePost() to see what the user really wants to do. + * + * @return void + */ + + function showContent() + { + $user = common_current_user(); + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_im', + 'class' => 'form_settings', + 'action' => + common_local_url('imsettings'))); + $this->elementStart('fieldset', array('id' => 'settings_im_address')); + $this->element('legend', null, _('Address')); + $this->hidden('token', common_session_token()); + + if ($user->jabber) { + $this->element('p', 'form_confirmed', $user->jabber); + $this->element('p', 'form_note', + _('Current confirmed Jabber/GTalk address.')); + $this->hidden('jabber', $user->jabber); + $this->submit('remove', _('Remove')); + } else { + $confirm = $this->getConfirmation(); + if ($confirm) { + $this->element('p', 'form_unconfirmed', $confirm->address); + $this->element('p', 'form_note', + sprintf(_('Awaiting confirmation on this address. '. + 'Check your Jabber/GTalk account for a '. + 'message with further instructions. '. + '(Did you add %s to your buddy list?)'), + jabber_daemon_address())); + $this->hidden('jabber', $confirm->address); + $this->submit('cancel', _('Cancel')); + } else { + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->input('jabber', _('IM Address'), + ($this->arg('jabber')) ? $this->arg('jabber') : null, + sprintf(_('Jabber or GTalk address, '. + 'like "UserName@example.org". '. + 'First, make sure to add %s to your '. + 'buddy list in your IM client or on GTalk.'), + jabber_daemon_address())); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('add', _('Add')); + } + } + $this->elementEnd('fieldset'); + + $this->elementStart('fieldset', array('id' => 'settings_im_preferences')); + $this->element('legend', null, _('Preferences')); + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->checkbox('jabbernotify', + _('Send me notices through Jabber/GTalk.'), + $user->jabbernotify); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('updatefrompresence', + _('Post a notice when my Jabber/GTalk status changes.'), + $user->updatefrompresence); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('jabberreplies', + _('Send me replies through Jabber/GTalk '. + 'from people I\'m not subscribed to.'), + $user->jabberreplies); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('jabbermicroid', + _('Publish a MicroID for my Jabber/GTalk address.'), + $user->jabbermicroid); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('save', _('Save')); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + /** + * Get a confirmation code for this user + * + * @return Confirm_address address object for this user + */ + + function getConfirmation() + { + $user = common_current_user(); + + $confirm = new Confirm_address(); + + $confirm->user_id = $user->id; + $confirm->address_type = 'jabber'; + + if ($confirm->find(true)) { + return $confirm; + } else { + return null; + } + } + + /** + * Handle posts to this form + * + * Based on the button that was pressed, muxes out to other functions + * to do the actual task requested. + * + * All sub-functions reload the form with a message -- success or failure. + * + * @return void + */ + + function handlePost() + { + // CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + if ($this->arg('save')) { + $this->savePreferences(); + } else if ($this->arg('add')) { + $this->addAddress(); + } else if ($this->arg('cancel')) { + $this->cancelConfirmation(); + } else if ($this->arg('remove')) { + $this->removeAddress(); + } else { + $this->showForm(_('Unexpected form submission.')); + } + } + + /** + * Save user's Jabber preferences + * + * These are the checkboxes at the bottom of the page. They're used to + * set different settings + * + * @return void + */ + + function savePreferences() + { + + $jabbernotify = $this->boolean('jabbernotify'); + $updatefrompresence = $this->boolean('updatefrompresence'); + $jabberreplies = $this->boolean('jabberreplies'); + $jabbermicroid = $this->boolean('jabbermicroid'); + + $user = common_current_user(); + + assert(!is_null($user)); // should already be checked + + $user->query('BEGIN'); + + $original = clone($user); + + $user->jabbernotify = $jabbernotify; + $user->updatefrompresence = $updatefrompresence; + $user->jabberreplies = $jabberreplies; + $user->jabbermicroid = $jabbermicroid; + + $result = $user->update($original); + + if ($result === false) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t update user.')); + return; + } + + $user->query('COMMIT'); + + $this->showForm(_('Preferences saved.'), true); + } + + /** + * Sends a confirmation to the address given + * + * Stores a confirmation record and sends out a + * Jabber message with the confirmation info. + * + * @return void + */ + + function addAddress() + { + $user = common_current_user(); + + $jabber = $this->trimmed('jabber'); + + // Some validation + + if (!$jabber) { + $this->showForm(_('No Jabber ID.')); + return; + } + + $jabber = jabber_normalize_jid($jabber); + + if (!$jabber) { + $this->showForm(_('Cannot normalize that Jabber ID')); + return; + } + if (!jabber_valid_base_jid($jabber)) { + $this->showForm(_('Not a valid Jabber ID')); + return; + } else if ($user->jabber == $jabber) { + $this->showForm(_('That is already your Jabber ID.')); + return; + } else if ($this->jabberExists($jabber)) { + $this->showForm(_('Jabber ID already belongs to another user.')); + return; + } + + $confirm = new Confirm_address(); + + $confirm->address = $jabber; + $confirm->address_type = 'jabber'; + $confirm->user_id = $user->id; + $confirm->code = common_confirmation_code(64); + + $result = $confirm->insert(); + + if ($result === false) { + common_log_db_error($confirm, 'INSERT', __FILE__); + $this->serverError(_('Couldn\'t insert confirmation code.')); + return; + } + + if (!common_config('queue', 'enabled')) { + jabber_confirm_address($confirm->code, + $user->nickname, + $jabber); + } + + $msg = sprintf(_('A confirmation code was sent '. + 'to the IM address you added. '. + 'You must approve %s for '. + 'sending messages to you.'), + jabber_daemon_address()); + + $this->showForm($msg, true); + } + + /** + * Cancel a confirmation + * + * If a confirmation exists, cancel it. + * + * @return void + */ + + function cancelConfirmation() + { + $jabber = $this->arg('jabber'); + + $confirm = $this->getConfirmation(); + + if (!$confirm) { + $this->showForm(_('No pending confirmation to cancel.')); + return; + } + if ($confirm->address != $jabber) { + $this->showForm(_('That is the wrong IM address.')); + return; + } $result = $confirm->delete(); if (!$result) { - common_log_db_error($confirm, 'DELETE', __FILE__); - $this->server_error(_('Couldn\'t delete email confirmation.')); + common_log_db_error($confirm, 'DELETE', __FILE__); + $this->serverError(_('Couldn\'t delete email confirmation.')); + return; + } + + $this->showForm(_('Confirmation cancelled.'), true); + } + + /** + * Remove an address + * + * If the user has a confirmed address, remove it. + * + * @return void + */ + + function removeAddress() + { + $user = common_current_user(); + + $jabber = $this->arg('jabber'); + + // Maybe an old tab open...? + + if ($user->jabber != $jabber) { + $this->showForm(_('That is not your Jabber ID.')); + return; + } + + $user->query('BEGIN'); + + $original = clone($user); + + $user->jabber = null; + + $result = $user->updateKeys($original); + + if (!$result) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t update user.')); return; } + $user->query('COMMIT'); + + // XXX: unsubscribe to the old address - $this->show_form(_('Confirmation cancelled.'), TRUE); - } - - function remove_address() { - - $user = common_current_user(); - $jabber = $this->arg('jabber'); - - # Maybe an old tab open...? - - if ($user->jabber != $jabber) { - $this->show_form(_('That is not your Jabber ID.')); - return; - } - - $user->query('BEGIN'); - $original = clone($user); - $user->jabber = NULL; - $result = $user->updateKeys($original); - if (!$result) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - $user->query('COMMIT'); - - # XXX: unsubscribe to the old address - - $this->show_form(_('The address was removed.'), TRUE); - } - - function jabber_exists($jabber) { - $user = common_current_user(); - $other = User::staticGet('jabber', $jabber); - if (!$other) { - return false; - } else { - return $other->id != $user->id; - } - } + $this->showForm(_('The address was removed.'), true); + } + + /** + * Does this Jabber ID exist? + * + * Checks if we already have another user with this address. + * + * @param string $jabber Address to check + * + * @return boolean whether the Jabber ID exists + */ + + function jabberExists($jabber) + { + $user = common_current_user(); + + $other = User::staticGet('jabber', $jabber); + + if (!$other) { + return false; + } else { + return $other->id != $user->id; + } + } } diff --git a/actions/inbox.php b/actions/inbox.php index c752e404e..b553ab26c 100644 --- a/actions/inbox.php +++ b/actions/inbox.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * action handler for message inbox + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,41 +18,100 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Message + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/mailbox.php'; + +/** + * action handler for message inbox + * + * @category Message + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * @see MailboxAction */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/mailbox.php'); - -class InboxAction extends MailboxAction { - - function get_title($user, $page) { - if ($page > 1) { - $title = sprintf(_("Inbox for %s - page %d"), $user->nickname, $page); - } else { - $title = sprintf(_("Inbox for %s"), $user->nickname); - } - return $title; - } - - function get_messages($user, $page) { - $message = new Message(); - $message->to_profile = $user->id; - $message->orderBy('created DESC, id DESC'); - $message->limit((($page-1)*MESSAGES_PER_PAGE), MESSAGES_PER_PAGE + 1); - - if ($message->find()) { - return $message; - } else { - return NULL; - } - } - - function get_message_profile($message) { - return $message->getFrom(); - } - - function get_instructions() { - return _('This is your inbox, which lists your incoming private messages.'); - } +class InboxAction extends MailboxAction +{ + + /** + * Title of the page + * + * @return string page title + */ + + function title() + { + if ($this->page > 1) { + return sprintf(_("Inbox for %s - page %d"), $this->user->nickname, + $this->page); + } else { + return sprintf(_("Inbox for %s"), $this->user->nickname); + } + } + + /** + * Retrieve the messages for this user and this page + * + * Does a query for the right messages + * + * @return Message data object with stream for messages + * + * @see MailboxAction::getMessages() + */ + + function getMessages() + { + $message = new Message(); + + $message->to_profile = $this->user->id; + $message->orderBy('created DESC, id DESC'); + $message->limit((($this->page - 1) * MESSAGES_PER_PAGE), + MESSAGES_PER_PAGE + 1); + + if ($message->find()) { + return $message; + } else { + return null; + } + } + + /** + * Returns the profile we want to show with the message + * + * For inboxes, we show the sender; for outboxes, the recipient. + * + * @param Message $message The message to get the profile for + * + * @return Profile The profile that matches the message + */ + + function getMessageProfile($message) + { + return $message->getFrom(); + } + + /** + * Instructions for using this page + * + * @return string localised instructions for using the page + */ + + function getInstructions() + { + return _('This is your inbox, which lists your incoming private messages.'); + } } diff --git a/actions/invite.php b/actions/invite.php index c7d92085c..f4ad2f7c5 100644 --- a/actions/invite.php +++ b/actions/invite.php @@ -19,181 +19,221 @@ if (!defined('LACONICA')) { exit(1); } -class InviteAction extends Action { - - function is_readonly() { - return false; - } - - function handle($args) { +class InviteAction extends Action +{ + var $mode = null; + var $error = null; + var $already = null; + var $subbed = null; + var $sent = null; + + function isReadOnly() + { + return false; + } + + function handle($args) + { parent::handle($args); - if (!common_logged_in()) { - $this->client_error(sprintf(_('You must be logged in to invite other users to use %s'), - common_config('site', 'name'))); - return; - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->send_invitations(); - } else { - $this->show_form(); - } - } - - function send_invitations() { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - $user = common_current_user(); - $profile = $user->getProfile(); - - $bestname = $profile->getBestName(); - $sitename = common_config('site', 'name'); - $personal = $this->trimmed('personal'); - - $addresses = explode("\n", $this->trimmed('addresses')); - - foreach ($addresses as $email) { - $email = trim($email); - if (!Validate::email($email, true)) { - $this->show_form(sprintf(_('Invalid email address: %s'), $email)); - return; - } - } - - $already = array(); - $subbed = array(); - - foreach ($addresses as $email) { - $email = common_canonical_email($email); - $other = User::staticGet('email', $email); - if ($other) { - if ($user->isSubscribed($other)) { - $already[] = $other; - } else { - subs_subscribe_to($user, $other); - $subbed[] = $other; - } - } else { - $sent[] = $email; - $this->send_invitation($email, $user, $personal); - } - } - - common_show_header(_('Invitation(s) sent')); - if ($already) { - common_element('p', NULL, _('You are already subscribed to these users:')); - common_element_start('ul'); - foreach ($already as $other) { - common_element('li', NULL, sprintf(_('%s (%s)'), $other->nickname, $other->email)); - } - common_element_end('ul'); - } - if ($subbed) { - common_element('p', NULL, _('These people are already users and you were automatically subscribed to them:')); - common_element_start('ul'); - foreach ($subbed as $other) { - common_element('li', NULL, sprintf(_('%s (%s)'), $other->nickname, $other->email)); - } - common_element_end('ul'); - } - if ($sent) { - common_element('p', NULL, _('Invitation(s) sent to the following people:')); - common_element_start('ul'); - foreach ($sent as $other) { - common_element('li', NULL, $other); - } - common_element_end('ul'); - common_element('p', NULL, _('You will be notified when your invitees accept the invitation and register on the site. Thanks for growing the community!')); - } - common_show_footer(); - } - - function show_top($error=NULL) { - if ($error) { - common_element('p', 'error', $error); - } else { - common_element_start('div', 'instructions'); - common_element('p', NULL, - _('Use this form to invite your friends and colleagues to use this service.')); - common_element_end('div'); - } - } - - function show_form($error=NULL) { - - global $config; - - common_show_header(_('Invite new users'), NULL, $error, array($this, 'show_top')); - - common_element_start('form', array('method' => 'post', - 'id' => 'invite', - 'action' => common_local_url('invite'))); - common_hidden('token', common_session_token()); - - common_textarea('addresses', _('Email addresses'), - $this->trimmed('addresses'), - _('Addresses of friends to invite (one per line)')); - - common_textarea('personal', _('Personal message'), - $this->trimmed('personal'), - _('Optionally add a personal message to the invitation.')); - - common_submit('send', _('Send')); - - common_element_end('form'); - - common_show_footer(); - } - - function send_invitation($email, $user, $personal) { - - $profile = $user->getProfile(); - $bestname = $profile->getBestName(); - - $sitename = common_config('site', 'name'); - - $invite = new Invitation(); - - $invite->address = $email; - $invite->address_type = 'email'; - $invite->code = common_confirmation_code(128); - $invite->user_id = $user->id; - $invite->created = common_sql_now(); - - if (!$invite->insert()) { - common_log_db_error($invite, 'INSERT', __FILE__); - return false; - } - - $recipients = array($email); - - $headers['From'] = mail_notify_from(); - $headers['To'] = $email; - $headers['Subject'] = sprintf(_('%1$s has invited you to join them on %2$s'), $bestname, $sitename); - - $body = sprintf(_("%1\$s has invited you to join them on %2\$s (%3\$s).\n\n". - "%2\$s is a micro-blogging service that lets you keep up-to-date with people you know and people who interest you.\n\n". - "You can also share news about yourself, your thoughts, or your life online with people who know about you. ". - "It's also great for meeting new people who share your interests.\n\n". - "%1\$s said:\n\n%4\$s\n\n". - "You can see %1\$s's profile page on %2\$s here:\n\n". - "%5\$s\n\n". - "If you'd like to try the service, click on the link below to accept the invitation.\n\n". - "%6\$s\n\n". - "If not, you can ignore this message. Thanks for your patience and your time.\n\n". - "Sincerely, %2\$s\n"), - $bestname, - $sitename, - common_root_url(), - $personal, - common_local_url('showstream', array('nickname' => $user->nickname)), - common_local_url('register', array('code' => $invite->code))); - - mail_send($recipients, $headers, $body); - } - + if (!common_logged_in()) { + $this->clientError(sprintf(_('You must be logged in to invite other users to use %s'), + common_config('site', 'name'))); + return; + } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $this->sendInvitations(); + } else { + $this->showForm(); + } + } + + function sendInvitations() + { + # CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. Try again, please.')); + return; + } + + $user = common_current_user(); + $profile = $user->getProfile(); + + $bestname = $profile->getBestName(); + $sitename = common_config('site', 'name'); + $personal = $this->trimmed('personal'); + + $addresses = explode("\n", $this->trimmed('addresses')); + + foreach ($addresses as $email) { + $email = trim($email); + if (!Validate::email($email, true)) { + $this->showForm(sprintf(_('Invalid email address: %s'), $email)); + return; + } + } + + $this->already = array(); + $this->subbed = array(); + + foreach ($addresses as $email) { + $email = common_canonical_email($email); + $other = User::staticGet('email', $email); + if ($other) { + if ($user->isSubscribed($other)) { + $this->already[] = $other; + } else { + subs_subscribe_to($user, $other); + $this->subbed[] = $other; + } + } else { + $this->sent[] = $email; + $this->sendInvitation($email, $user, $personal); + } + } + + $this->mode = 'sent'; + + $this->showPage(); + } + + function title() + { + if ($this->mode == 'sent') { + return _('Invitation(s) sent'); + } else { + return _('Invite new users'); + } + } + + function showContent() + { + if ($this->mode == 'sent') { + $this->showInvitationSuccess(); + } else { + $this->showInviteForm(); + } + } + + function showInvitationSuccess() + { + if ($this->already) { + $this->element('p', null, _('You are already subscribed to these users:')); + $this->elementStart('ul'); + foreach ($this->already as $other) { + $this->element('li', null, sprintf(_('%s (%s)'), $other->nickname, $other->email)); + } + $this->elementEnd('ul'); + } + if ($this->subbed) { + $this->element('p', null, _('These people are already users and you were automatically subscribed to them:')); + $this->elementStart('ul'); + foreach ($this->subbed as $other) { + $this->element('li', null, sprintf(_('%s (%s)'), $other->nickname, $other->email)); + } + $this->elementEnd('ul'); + } + if ($this->sent) { + $this->element('p', null, _('Invitation(s) sent to the following people:')); + $this->elementStart('ul'); + foreach ($this->sent as $other) { + $this->element('li', null, $other); + } + $this->elementEnd('ul'); + $this->element('p', null, _('You will be notified when your invitees accept the invitation and register on the site. Thanks for growing the community!')); + } + } + + function showPageNotice() + { + if ($this->mode != 'sent') { + if ($this->error) { + $this->element('p', 'error', $this->error); + } else { + $this->elementStart('div', 'instructions'); + $this->element('p', null, + _('Use this form to invite your friends and colleagues to use this service.')); + $this->elementEnd('div'); + } + } + } + + function showForm($error=null) + { + $this->mode = 'form'; + $this->error = $error; + $this->showPage(); + } + + function showInviteForm() + { + $this->elementStart('form', array('method' => 'post', + 'id' => 'invite', + 'action' => common_local_url('invite'))); + $this->hidden('token', common_session_token()); + + $this->textarea('addresses', _('Email addresses'), + $this->trimmed('addresses'), + _('Addresses of friends to invite (one per line)')); + + $this->textarea('personal', _('Personal message'), + $this->trimmed('personal'), + _('Optionally add a personal message to the invitation.')); + + $this->submit('send', _('Send')); + + $this->elementEnd('form'); + } + + function sendInvitation($email, $user, $personal) + { + $profile = $user->getProfile(); + $bestname = $profile->getBestName(); + + $sitename = common_config('site', 'name'); + + $invite = new Invitation(); + + $invite->address = $email; + $invite->address_type = 'email'; + $invite->code = common_confirmation_code(128); + $invite->user_id = $user->id; + $invite->created = common_sql_now(); + + if (!$invite->insert()) { + common_log_db_error($invite, 'INSERT', __FILE__); + return false; + } + + $recipients = array($email); + + $headers['From'] = mail_notify_from(); + $headers['To'] = $email; + $headers['Subject'] = sprintf(_('%1$s has invited you to join them on %2$s'), $bestname, $sitename); + + $body = sprintf(_("%1\$s has invited you to join them on %2\$s (%3\$s).\n\n". + "%2\$s is a micro-blogging service that lets you keep up-to-date with people you know and people who interest you.\n\n". + "You can also share news about yourself, your thoughts, or your life online with people who know about you. ". + "It's also great for meeting new people who share your interests.\n\n". + "%1\$s said:\n\n%4\$s\n\n". + "You can see %1\$s's profile page on %2\$s here:\n\n". + "%5\$s\n\n". + "If you'd like to try the service, click on the link below to accept the invitation.\n\n". + "%6\$s\n\n". + "If not, you can ignore this message. Thanks for your patience and your time.\n\n". + "Sincerely, %2\$s\n"), + $bestname, + $sitename, + common_root_url(), + $personal, + common_local_url('showstream', array('nickname' => $user->nickname)), + common_local_url('register', array('code' => $invite->code))); + + mail_send($recipients, $headers, $body); + } + + function showLocalNav() + { + $nav = new SubGroupNav($this, common_current_user()); + $nav->show(); + } } diff --git a/actions/joingroup.php b/actions/joingroup.php new file mode 100644 index 000000000..1888ecdab --- /dev/null +++ b/actions/joingroup.php @@ -0,0 +1,149 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * Join a group + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Join a group + * + * This is the action for joining a group. It works more or less like the subscribe action + * for users. + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class JoingroupAction extends Action +{ + var $group = null; + + /** + * Prepare to run + */ + + function prepare($args) + { + parent::prepare($args); + + if (!common_config('inboxes','enabled')) { + $this->serverError(_('Inboxes must be enabled for groups to work')); + return false; + } + + if (!common_logged_in()) { + $this->clientError(_('You must be logged in to join a group.')); + return false; + } + + $nickname_arg = $this->trimmed('nickname'); + $nickname = common_canonical_nickname($nickname_arg); + + // Permanent redirect on non-canonical nickname + + if ($nickname_arg != $nickname) { + $args = array('nickname' => $nickname); + common_redirect(common_local_url('editgroup', $args), 301); + return false; + } + + if (!$nickname) { + $this->clientError(_('No nickname'), 404); + return false; + } + + $this->group = User_group::staticGet('nickname', $nickname); + + if (!$this->group) { + $this->clientError(_('No such group'), 404); + return false; + } + + $cur = common_current_user(); + + if ($cur->isMember($this->group)) { + $this->clientError(_('You are already a member of that group'), 403); + return false; + } + + return true; + } + + /** + * Handle the request + * + * On POST, add the current user to the group + * + * @param array $args unused + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + $cur = common_current_user(); + + $member = new Group_member(); + + $member->group_id = $this->group->id; + $member->profile_id = $cur->id; + $member->created = common_sql_now(); + + $result = $member->insert(); + + if (!$result) { + common_log_db_error($member, 'INSERT', __FILE__); + $this->serverError(sprintf(_('Could not join user %s to group %s'), + $cur->nickname, $this->group->nickname)); + } + + if ($this->boolean('ajax')) { + $this->startHTML('text/xml;charset=utf-8'); + $this->elementStart('head'); + $this->element('title', null, sprintf(_('%s joined group %s'), + $cur->nickname, + $this->group->nickname)); + $this->elementEnd('head'); + $this->elementStart('body'); + $lf = new LeaveForm($this, $this->group); + $lf->show(); + $this->elementEnd('body'); + $this->elementEnd('html'); + } else { + common_redirect(common_local_url('groupmembers', array('nickname' => + $this->group->nickname))); + } + } +}
\ No newline at end of file diff --git a/actions/leavegroup.php b/actions/leavegroup.php new file mode 100644 index 000000000..c7152e3c0 --- /dev/null +++ b/actions/leavegroup.php @@ -0,0 +1,159 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * Leave a group + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Leave a group + * + * This is the action for leaving a group. It works more or less like the subscribe action + * for users. + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class LeavegroupAction extends Action +{ + var $group = null; + + /** + * Prepare to run + */ + + function prepare($args) + { + parent::prepare($args); + + if (!common_config('inboxes','enabled')) { + $this->serverError(_('Inboxes must be enabled for groups to work.')); + return false; + } + + if (!common_logged_in()) { + $this->clientError(_('You must be logged in to leave a group.')); + return false; + } + + $nickname_arg = $this->trimmed('nickname'); + $nickname = common_canonical_nickname($nickname_arg); + + // Permanent redirect on non-canonical nickname + + if ($nickname_arg != $nickname) { + $args = array('nickname' => $nickname); + common_redirect(common_local_url('editgroup', $args), 301); + return false; + } + + if (!$nickname) { + $this->clientError(_('No nickname.'), 404); + return false; + } + + $this->group = User_group::staticGet('nickname', $nickname); + + if (!$this->group) { + $this->clientError(_('No such group.'), 404); + return false; + } + + $cur = common_current_user(); + + if (!$cur->isMember($this->group)) { + $this->clientError(_('You are not a member of that group.'), 403); + return false; + } + + if ($cur->isAdmin($this->group)) { + $this->clientError(_('You may not leave a group while you are its administrator.'), 403); + return false; + + } + + return true; + } + + /** + * Handle the request + * + * On POST, add the current user to the group + * + * @param array $args unused + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + $cur = common_current_user(); + + $member = new Group_member(); + + $member->group_id = $this->group->id; + $member->profile_id = $cur->id; + + if (!$member->find(true)) { + $this->serverError(_('Could not find membership record.')); + return; + } + + $result = $member->delete(); + + if (!$result) { + common_log_db_error($member, 'INSERT', __FILE__); + $this->serverError(sprintf(_('Could not remove user %s to group %s'), + $cur->nickname, $this->group->nickname)); + } + + if ($this->boolean('ajax')) { + $this->startHTML('text/xml;charset=utf-8'); + $this->elementStart('head'); + $this->element('title', null, sprintf(_('%s left group %s'), + $cur->nickname, + $this->group->nickname)); + $this->elementEnd('head'); + $this->elementStart('body'); + $jf = new JoinForm($this, $this->group); + $jf->show(); + $this->elementEnd('body'); + $this->elementEnd('html'); + } else { + common_redirect(common_local_url('groupmembers', array('nickname' => + $this->group->nickname))); + } + } +} diff --git a/actions/login.php b/actions/login.php index ccec9cf8a..11cf1f02a 100644 --- a/actions/login.php +++ b/actions/login.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Login form + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,138 +18,271 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Login + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -class LoginAction extends Action { - - function is_readonly() { - return true; - } - - function handle($args) { - parent::handle($args); - if (common_is_real_login()) { - common_user_error(_('Already logged in.')); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->check_login(); - } else { - $this->show_form(); - } - } - - function check_login() { - # XXX: login throttle - - # CSRF protection - token set in common_notice_form() - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } - - $nickname = common_canonical_nickname($this->trimmed('nickname')); - $password = $this->arg('password'); - if (common_check_user($nickname, $password)) { - # success! - if (!common_set_user($nickname)) { - common_server_error(_('Error setting user.')); - return; - } - common_real_login(true); - if ($this->boolean('rememberme')) { - common_debug('Adding rememberme cookie for ' . $nickname); - common_rememberme(); - } - # success! - $url = common_get_returnto(); - if ($url) { - # We don't have to return to it again - common_set_returnto(NULL); - } else { - $url = common_local_url('all', - array('nickname' => - $nickname)); - } - common_redirect($url); - } else { - $this->show_form(_('Incorrect username or password.')); - return; - } - - # success! - if (!common_set_user($user)) { - common_server_error(_('Error setting user.')); - return; - } - - common_real_login(true); - - if ($this->boolean('rememberme')) { - common_debug('Adding rememberme cookie for ' . $nickname); - common_rememberme($user); - } - # success! - $url = common_get_returnto(); - if ($url) { - # We don't have to return to it again - common_set_returnto(NULL); - } else { - $url = common_local_url('all', - array('nickname' => - $nickname)); - } - common_redirect($url); - } - - function show_form($error=NULL) { - common_show_header(_('Login'), NULL, $error, array($this, 'show_top')); - common_element_start('form', array('method' => 'post', - 'id' => 'login', - 'action' => common_local_url('login'))); - common_input('nickname', _('Nickname')); - common_password('password', _('Password')); - common_checkbox('rememberme', _('Remember me'), false, - _('Automatically login in the future; ' . - 'not for shared computers!')); - common_submit('submit', _('Login')); - common_hidden('token', common_session_token()); - common_element_end('form'); - common_element_start('p'); - common_element('a', array('href' => common_local_url('recoverpassword')), - _('Lost or forgotten password?')); - common_element_end('p'); - common_show_footer(); - } - - function get_instructions() { - if (common_logged_in() && - !common_is_real_login() && - common_get_returnto()) - { - # rememberme logins have to reauthenticate before - # changing any profile settings (cookie-stealing protection) - return _('For security reasons, please re-enter your ' . - 'user name and password ' . - 'before changing your settings.'); - } else { - return _('Login with your username and password. ' . - 'Don\'t have a username yet? ' . - '[Register](%%action.register%%) a new account, or ' . - 'try [OpenID](%%action.openidlogin%%). '); - } - } - - function show_top($error=NULL) { - if ($error) { - common_element('p', 'error', $error); - } else { - $instr = $this->get_instructions(); - $output = common_markup_to_html($instr); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - } - } +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Login form + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class LoginAction extends Action +{ + /** + * Has there been an error? + */ + + var $error = null; + + /** + * Is this a read-only action? + * + * @return boolean false + */ + + function isReadOnly() + { + return false; + } + + /** + * Handle input, produce output + * + * Switches on request method; either shows the form or handles its input. + * + * @param array $args $_REQUEST data + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + if (common_is_real_login()) { + $this->clientError(_('Already logged in.')); + } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $this->checkLogin(); + } else { + $this->showForm(); + } + } + + /** + * Check the login data + * + * Determines if the login data is valid. If so, logs the user + * in, and redirects to the 'with friends' page, or to the stored + * return-to URL. + * + * @return void + */ + + function checkLogin() + { + // XXX: login throttle + + // CSRF protection - token set in common_notice_form() + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->clientError(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + $nickname = common_canonical_nickname($this->trimmed('nickname')); + $password = $this->arg('password'); + if (common_check_user($nickname, $password)) { + // success! + if (!common_set_user($nickname)) { + $this->serverError(_('Error setting user.')); + return; + } + common_real_login(true); + if ($this->boolean('rememberme')) { + common_debug('Adding rememberme cookie for ' . $nickname); + common_rememberme(); + } + // success! + $url = common_get_returnto(); + if ($url) { + // We don't have to return to it again + common_set_returnto(null); + } else { + $url = common_local_url('all', + array('nickname' => + $nickname)); + } + common_redirect($url); + } else { + $this->showForm(_('Incorrect username or password.')); + return; + } + + // success! + if (!common_set_user($user)) { + $this->serverError(_('Error setting user.')); + return; + } + + common_real_login(true); + + if ($this->boolean('rememberme')) { + common_debug('Adding rememberme cookie for ' . $nickname); + common_rememberme($user); + } + // success! + $url = common_get_returnto(); + if ($url) { + // We don't have to return to it again + common_set_returnto(null); + } else { + $url = common_local_url('all', + array('nickname' => + $nickname)); + } + common_redirect($url); + } + + /** + * Store an error and show the page + * + * This used to show the whole page; now, it's just a wrapper + * that stores the error in an attribute. + * + * @param string $error error, if any. + * + * @return void + */ + + function showForm($error=null) + { + $this->error = $error; + $this->showPage(); + } + + /** + * Title of the page + * + * @return string title of the page + */ + + function title() + { + return _('Login'); + } + + /** + * Show page notice + * + * Display a notice for how to use the page, or the + * error if it exists. + * + * @return void + */ + + function showPageNotice() + { + if ($this->error) { + $this->element('p', 'error', $this->error); + } else { + $instr = $this->getInstructions(); + $output = common_markup_to_html($instr); + + $this->raw($output); + } + } + + /** + * Core of the display code + * + * Shows the login form. + * + * @return void + */ + + function showContent() + { + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_login', + 'class' => 'form_settings', + 'action' => common_local_url('login'))); + $this->elementStart('fieldset'); + $this->element('legend', null, _('Login to site')); + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->input('nickname', _('Nickname')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->password('password', _('Password')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('rememberme', _('Remember me'), false, + _('Automatically login in the future; ' . + 'not for shared computers!')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('submit', _('Login')); + $this->hidden('token', common_session_token()); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + $this->elementStart('p'); + $this->element('a', array('href' => common_local_url('recoverpassword')), + _('Lost or forgotten password?')); + $this->elementEnd('p'); + } + + /** + * Instructions for using the form + * + * For "remembered" logins, we make the user re-login when they + * try to change settings. Different instructions for this case. + * + * @return void + */ + + function getInstructions() + { + if (common_logged_in() && !common_is_real_login() && + common_get_returnto()) { + // rememberme logins have to reauthenticate before + // changing any profile settings (cookie-stealing protection) + return _('For security reasons, please re-enter your ' . + 'user name and password ' . + 'before changing your settings.'); + } else { + return _('Login with your username and password. ' . + 'Don\'t have a username yet? ' . + '[Register](%%action.register%%) a new account, or ' . + 'try [OpenID](%%action.openidlogin%%). '); + } + } + + /** + * A local menu + * + * Shows different login/register actions. + * + * @return void + */ + + function showLocalNav() + { + $nav = new LoginGroupNav($this); + $nav->show(); + } } diff --git a/actions/logout.php b/actions/logout.php index f00fa0ba7..0ff8dc754 100644 --- a/actions/logout.php +++ b/actions/logout.php @@ -1,5 +1,16 @@ <?php -/* +/** + * Logout action. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,25 +28,52 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/openid.php'); +require_once INSTALLDIR.'/lib/openid.php'; + +/** + * Logout action class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class LogoutAction extends Action +{ + + /** + * This is read only. + * + * @return boolean true + */ + function isReadOnly() + { + return true; + } -class LogoutAction extends Action { - - function is_readonly() { - return true; - } - - function handle($args) { - parent::handle($args); - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - } else { - common_set_user(NULL); - common_real_login(false); # not logged in - common_forgetme(); # don't log back in! - common_redirect(common_local_url('public')); - } - } + /** + * Class handler. + * + * @param array $args array of arguments + * + * @return nothing + */ + function handle($args) + { + parent::handle($args); + if (!common_logged_in()) { + $this->clientError(_('Not logged in.')); + } else { + common_set_user(null); + common_real_login(false); // not logged in + common_forgetme(); // don't log back in! + common_redirect(common_local_url('public')); + } + } } diff --git a/actions/microsummary.php b/actions/microsummary.php index 104467d29..196dd5de8 100644 --- a/actions/microsummary.php +++ b/actions/microsummary.php @@ -1,5 +1,16 @@ <?php -/* +/** + * Microsummary action, see https://wiki.mozilla.org/Microsummaries + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,30 +28,49 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -class MicrosummaryAction extends Action { - - function handle($args) { +if (!defined('LACONICA')) { + exit(1); +} - parent::handle($args); +/** + * Microsummary action class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class MicrosummaryAction extends Action +{ + /** + * Class handler. + * + * @param array $args array of arguments + * + * @return nothing + */ + function handle($args) + { + parent::handle($args); - $nickname = common_canonical_nickname($this->arg('nickname')); - $user = User::staticGet('nickname', $nickname); + $nickname = common_canonical_nickname($this->arg('nickname')); + $user = User::staticGet('nickname', $nickname); - if (!$user) { - $this->client_error(_('No such user'), 404); - return; - } - - $notice = $user->getCurrentNotice(); - - if (!$notice) { - $this->client_error(_('No current status'), 404); - } - - header('Content-Type: text/plain'); - - print $user->nickname . ': ' . $notice->content; - } + if (!$user) { + $this->clientError(_('No such user'), 404); + return; + } + + $notice = $user->getCurrentNotice(); + + if (!$notice) { + $this->clientError(_('No current status'), 404); + } + + header('Content-Type: text/plain'); + + print $user->nickname . ': ' . $notice->content; + } } diff --git a/actions/newgroup.php b/actions/newgroup.php new file mode 100644 index 000000000..42fd380df --- /dev/null +++ b/actions/newgroup.php @@ -0,0 +1,205 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * Add a new group + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Add a new group + * + * This is the form for adding a new group + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class NewgroupAction extends Action +{ + var $msg; + + function title() + { + return _('New group'); + } + + /** + * Prepare to run + */ + + function prepare($args) + { + parent::prepare($args); + + if (!common_config('inboxes','enabled')) { + $this->serverError(_('Inboxes must be enabled for groups to work')); + return false; + } + + if (!common_logged_in()) { + $this->clientError(_('You must be logged in to create a group.')); + return false; + } + + return true; + } + + /** + * Handle the request + * + * On GET, show the form. On POST, try to save the group. + * + * @param array $args unused + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $this->trySave(); + } else { + $this->showForm(); + } + } + + function showForm($msg=null) + { + $this->msg = $msg; + $this->showPage(); + } + + function showContent() + { + $form = new GroupEditForm($this); + $form->show(); + } + + function showPageNotice() + { + if ($this->msg) { + $this->element('p', 'error', $this->msg); + } else { + $this->element('p', 'instructions', + _('Use this form to create a new group.')); + } + } + + function trySave() + { + $nickname = $this->trimmed('nickname'); + $fullname = $this->trimmed('fullname'); + $homepage = $this->trimmed('homepage'); + $description = $this->trimmed('description'); + $location = $this->trimmed('location'); + + if (!Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => NICKNAME_FMT))) { + $this->showForm(_('Nickname must have only lowercase letters '. + 'and numbers and no spaces.')); + return; + } else if ($this->nicknameExists($nickname)) { + $this->showForm(_('Nickname already in use. Try another one.')); + return; + } else if (!User_group::allowedNickname($nickname)) { + $this->showForm(_('Not a valid nickname.')); + return; + } else if (!is_null($homepage) && (strlen($homepage) > 0) && + !Validate::uri($homepage, + array('allowed_schemes' => + array('http', 'https')))) { + $this->showForm(_('Homepage is not a valid URL.')); + return; + } else if (!is_null($fullname) && strlen($fullname) > 255) { + $this->showForm(_('Full name is too long (max 255 chars).')); + return; + } else if (!is_null($description) && strlen($description) > 140) { + $this->showForm(_('description is too long (max 140 chars).')); + return; + } else if (!is_null($location) && strlen($location) > 255) { + $this->showForm(_('Location is too long (max 255 chars).')); + return; + } + + $cur = common_current_user(); + + // Checked in prepare() above + + assert(!is_null($cur)); + + $group = new User_group(); + + $group->query('BEGIN'); + + $group->nickname = $nickname; + $group->fullname = $fullname; + $group->homepage = $homepage; + $group->description = $description; + $group->location = $location; + $group->created = common_sql_now(); + + $result = $group->insert(); + + if (!$result) { + common_log_db_error($group, 'INSERT', __FILE__); + $this->serverError(_('Could not create group.')); + } + + $member = new Group_member(); + + $member->group_id = $group->id; + $member->profile_id = $cur->id; + $member->is_admin = 1; + $member->created = $group->created; + + $result = $member->insert(); + + if (!$result) { + common_log_db_error($member, 'INSERT', __FILE__); + $this->serverError(_('Could not set group membership.')); + } + + $group->query('COMMIT'); + + common_redirect($group->homeUrl(), 307); + } + + function nicknameExists($nickname) + { + $group = User_group::staticGet('nickname', $nickname); + return (!is_null($group) && $group != false); + } +} + diff --git a/actions/newmessage.php b/actions/newmessage.php index da48fc7e7..aa94f8c4f 100644 --- a/actions/newmessage.php +++ b/actions/newmessage.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Handler for posting new notices + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,121 +18,165 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +/** + * Action for posting new direct messages + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -class NewmessageAction extends Action { - - function handle($args) { - parent::handle($args); - - if (!common_logged_in()) { - $this->client_error(_('Not logged in.'), 403); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->save_new_message(); - } else { - $this->show_form(); - } - } - - function save_new_message() { - $user = common_current_user(); - assert($user); # XXX: maybe an error instead... - - # CSRF protection - - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - $content = $this->trimmed('content'); - $to = $this->trimmed('to'); - - if (!$content) { - $this->show_form(_('No content!')); - return; - } else { - $content_shortened = common_shorten_links($content); - - if (mb_strlen($content_shortened) > 140) { - common_debug("Content = '$content_shortened'", __FILE__); - common_debug("mb_strlen(\$content) = " . mb_strlen($content_shortened), __FILE__); - $this->show_form(_('That\'s too long. Max message size is 140 chars.')); - return; - } - } - - $other = User::staticGet('id', $to); - - if (!$other) { - $this->show_form(_('No recipient specified.')); - return; - } else if (!$user->mutuallySubscribed($other)) { - $this->client_error(_('You can\'t send a message to this user.'), 404); - return; - } else if ($user->id == $other->id) { - $this->client_error(_('Don\'t send a message to yourself; just say it to yourself quietly instead.'), 403); - return; - } - - $message = Message::saveNew($user->id, $other->id, $content, 'web'); - - if (is_string($message)) { - $this->show_form($message); - return; - } - - $this->notify($user, $other, $message); - - $url = common_local_url('outbox', array('nickname' => $user->nickname)); - - common_redirect($url, 303); - } - - function show_top($params) { - - list($content, $user, $to) = $params; - - assert(!is_null($user)); - - common_message_form($content, $user, $to); - } - - function show_form($msg=NULL) { - - $content = $this->trimmed('content'); - $user = common_current_user(); - - $to = $this->trimmed('to'); - - $other = User::staticGet('id', $to); - - if (!$other) { - $this->client_error(_('No such user'), 404); - return; - } - - if (!$user->mutuallySubscribed($other)) { - $this->client_error(_('You can\'t send a message to this user.'), 404); - return; - } - - common_show_header(_('New message'), NULL, - array($content, $user, $other), - array($this, 'show_top')); - - if ($msg) { - common_element('p', array('id'=>'error'), $msg); - } - - common_show_footer(); - } - - function notify($from, $to, $message) { - mail_notify_message($message, $from, $to); - # XXX: Jabber, SMS notifications... probably queued - } +class NewmessageAction extends Action +{ + + /** + * Error message, if any + */ + + var $msg = null; + + /** + * Title of the page + * + * Note that this usually doesn't get called unless something went wrong + * + * @return string page title + */ + + function title() + { + return _('New message'); + } + + /** + * Handle input, produce output + * + * @param array $args $_REQUEST contents + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (!common_logged_in()) { + $this->clientError(_('Not logged in.'), 403); + } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $this->saveNewMessage(); + } else { + $this->showForm(); + } + } + + function saveNewMessage() + { + $user = common_current_user(); + assert($user); // XXX: maybe an error instead... + + // CSRF protection + + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. ' . + 'Try again, please.')); + return; + } + + $content = $this->trimmed('content'); + $to = $this->trimmed('to'); + + if (!$content) { + $this->showForm(_('No content!')); + return; + } else { + $content_shortened = common_shorten_links($content); + + if (mb_strlen($content_shortened) > 140) { + common_debug("Content = '$content_shortened'", __FILE__); + common_debug("mb_strlen(\$content) = " . + mb_strlen($content_shortened), + __FILE__); + $this->showForm(_('That\'s too long. ' . + 'Max message size is 140 chars.')); + return; + } + } + + $other = User::staticGet('id', $to); + + if (!$other) { + $this->showForm(_('No recipient specified.')); + return; + } else if (!$user->mutuallySubscribed($other)) { + $this->clientError(_('You can\'t send a message to this user.'), 404); + return; + } else if ($user->id == $other->id) { + $this->clientError(_('Don\'t send a message to yourself; ' . + 'just say it to yourself quietly instead.'), 403); + return; + } + + $message = Message::saveNew($user->id, $other->id, $content, 'web'); + + if (is_string($message)) { + $this->showForm($message); + return; + } + + $this->notify($user, $other, $message); + + $url = common_local_url('outbox', array('nickname' => $user->nickname)); + + common_redirect($url, 303); + } + + function showForm($msg = null) + { + $content = $this->trimmed('content'); + $user = common_current_user(); + + $to = $this->trimmed('to'); + + $other = User::staticGet('id', $to); + + if (!$other) { + $this->clientError(_('No such user'), 404); + return; + } + + if (!$user->mutuallySubscribed($other)) { + $this->clientError(_('You can\'t send a message to this user.'), 404); + return; + } + + $this->msg = $msg; + + $this->showPage(); + } + + function notify($from, $to, $message) + { + mail_notify_message($message, $from, $to); + // XXX: Jabber, SMS notifications... probably queued + } } diff --git a/actions/newnotice.php b/actions/newnotice.php index 42b48923f..572adbb23 100644 --- a/actions/newnotice.php +++ b/actions/newnotice.php @@ -1,154 +1,289 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Handler for posting new notices + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once INSTALLDIR . '/lib/noticelist.php'; - -class NewnoticeAction extends Action { - - function handle($args) { - parent::handle($args); - - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - - # CSRF protection - token set in common_notice_form() - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } - - $this->save_new_notice(); - } else { - $this->show_form(); - } - } - - function save_new_notice() { - - $user = common_current_user(); - assert($user); # XXX: maybe an error instead... - $content = $this->trimmed('status_textarea'); - - if (!$content) { - $this->show_form(_('No content!')); - return; - } else { - $content_shortened = common_shorten_links($content); - - if (mb_strlen($content_shortened) > 140) { - common_debug("Content = '$content_shortened'", __FILE__); - common_debug("mb_strlen(\$content) = " . mb_strlen($content_shortened), __FILE__); - $this->show_form(_('That\'s too long. Max notice size is 140 chars.')); - return; - } - } - - $inter = new CommandInterpreter(); - - $cmd = $inter->handle_command($user, $content_shortened); - - if ($cmd) { - if ($this->boolean('ajax')) { - $cmd->execute(new AjaxWebChannel()); - } else { - $cmd->execute(new WebChannel()); - } - return; - } - - $replyto = $this->trimmed('inreplyto'); - - $notice = Notice::saveNew($user->id, $content, 'web', 1, ($replyto == 'false') ? NULL : $replyto); - - if (is_string($notice)) { - $this->show_form($notice); - return; - } - - common_broadcast_notice($notice); - - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Notice posted')); - common_element_end('head'); - common_element_start('body'); - $this->show_notice($notice); - common_element_end('body'); - common_element_end('html'); - } else { - $returnto = $this->trimmed('returnto'); - - if ($returnto) { - $url = common_local_url($returnto, - array('nickname' => $user->nickname)); - } else { - $url = common_local_url('shownotice', - array('notice' => $notice->id)); - } - common_redirect($url, 303); - } - } - - function ajax_error_msg($msg) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Ajax Error')); - common_element_end('head'); - common_element_start('body'); - common_element('p', array('id' => 'error'), $msg); - common_element_end('body'); - common_element_end('html'); - } - - function show_top($content=NULL) { - common_notice_form(NULL, $content); - } - - function show_form($msg=NULL) { - if ($msg && $this->boolean('ajax')) { - $this->ajax_error_msg($msg); - return; - } - $content = $this->trimmed('status_textarea'); - if (!$content) { - $replyto = $this->trimmed('replyto'); - $profile = Profile::staticGet('nickname', $replyto); - if ($profile) { - $content = '@' . $profile->nickname . ' '; - } - } - common_show_header(_('New notice'), NULL, $content, - array($this, 'show_top')); - if ($msg) { - common_element('p', array('id' => 'error'), $msg); - } - common_show_footer(); - } - - function show_notice($notice) { - $nli = new NoticeListItem($notice); - $nli->show(); - } +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/noticelist.php'; + +/** + * Action for posting new notices + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class NewnoticeAction extends Action +{ + /** + * Error message, if any + */ + + var $msg = null; + + /** + * Title of the page + * + * Note that this usually doesn't get called unless something went wrong + * + * @return string page title + */ + + function title() + { + return _('New notice'); + } + + /** + * Handle input, produce output + * + * Switches based on GET or POST method. On GET, shows a form + * for posting a notice. On POST, saves the results of that form. + * + * Results may be a full page, or just a single notice list item, + * depending on whether AJAX was requested. + * + * @param array $args $_REQUEST contents + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (!common_logged_in()) { + $this->clientError(_('Not logged in.')); + } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { + + // CSRF protection - token set in common_notice_form() + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->clientError(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + $this->saveNewNotice(); + } else { + $this->showForm(); + } + } + + /** + * Save a new notice, based on arguments + * + * If successful, will show the notice, or return an Ajax-y result. + * If not, it will show an error message -- possibly Ajax-y. + * + * Also, if the notice input looks like a command, it will run the + * command and show the results -- again, possibly ajaxy. + * + * @return void + */ + + function saveNewNotice() + { + $user = common_current_user(); + assert($user); // XXX: maybe an error instead... + $content = $this->trimmed('status_textarea'); + + if (!$content) { + $this->showForm(_('No content!')); + return; + } else { + $content_shortened = common_shorten_links($content); + + if (mb_strlen($content_shortened) > 140) { + $this->showForm(_('That\'s too long. '. + 'Max notice size is 140 chars.')); + return; + } + } + $inter = new CommandInterpreter(); + + $cmd = $inter->handle_command($user, $content_shortened); + + if ($cmd) { + if ($this->boolean('ajax')) { + $cmd->execute(new AjaxWebChannel()); + } else { + $cmd->execute(new WebChannel()); + } + return; + } + + $replyto = $this->trimmed('inreplyto'); + + $notice = Notice::saveNew($user->id, $content, 'web', 1, + ($replyto == 'false') ? null : $replyto); + + if (is_string($notice)) { + $this->showForm($notice); + return; + } + + common_broadcast_notice($notice); + + if ($this->boolean('ajax')) { + $this->startHTML('text/xml;charset=utf-8', true); + $this->elementStart('head'); + $this->element('title', null, _('Notice posted')); + $this->elementEnd('head'); + $this->elementStart('body'); + $this->showNotice($notice); + $this->elementEnd('body'); + $this->elementEnd('html'); + } else { + $returnto = $this->trimmed('returnto'); + + if ($returnto) { + $url = common_local_url($returnto, + array('nickname' => $user->nickname)); + } else { + $url = common_local_url('shownotice', + array('notice' => $notice->id)); + } + common_redirect($url, 303); + } + } + + /** + * Show an Ajax-y error message + * + * Goes back to the browser, where it's shown in a popup. + * + * @param string $msg Message to show + * + * @return void + */ + + function ajaxErrorMsg($msg) + { + common_start_html('text/xml;charset=utf-8', true); + $this->elementStart('head'); + $this->element('title', null, _('Ajax Error')); + $this->elementEnd('head'); + $this->elementStart('body'); + $this->element('p', array('id' => 'error'), $msg); + $this->elementEnd('body'); + $this->elementEnd('html'); + } + + /** + * Formerly page output + * + * This used to be the whole page output; now that's been largely + * subsumed by showPage. So this just stores an error message, if + * it was passed, and calls showPage. + * + * Note that since we started doing Ajax output, this page is rarely + * seen. + * + * @param string $msg An error message, if any + * + * @return void + */ + + function showForm($msg=null) + { + if ($msg && $this->boolean('ajax')) { + $this->ajaxErrorMsg($msg); + return; + } + + $this->msg = $msg; + $this->showPage(); + } + + /** + * Overload for replies or bad results + * + * We show content in the notice form if there were replies or results. + * + * @return void + */ + + function showNoticeForm() + { + $content = $this->trimmed('status_textarea'); + if (!$content) { + $replyto = $this->trimmed('replyto'); + $profile = Profile::staticGet('nickname', $replyto); + if ($profile) { + $content = '@' . $profile->nickname . ' '; + } + } + + $notice_form = new NoticeForm($this, $content); + $notice_form->show(); + } + + /** + * Show an error message + * + * Shows an error message if there is one. + * + * @return void + * + * @todo maybe show some instructions? + */ + + function showPageNotice() + { + if ($this->msg) { + $this->element('p', array('id' => 'error'), $this->msg); + } + } + + /** + * Output a notice + * + * Used to generate the notice code for Ajax results. + * + * @param Notice $notice Notice that was saved + * + * @return void + */ + + function showNotice($notice) + { + $nli = new NoticeListItem($notice, $this); + $nli->show(); + } } diff --git a/actions/noticesearch.php b/actions/noticesearch.php index 96e4d777f..8c5128de1 100644 --- a/actions/noticesearch.php +++ b/actions/noticesearch.php @@ -1,5 +1,16 @@ <?php -/* +/** + * Notice search action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,148 +28,199 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/searchaction.php'); - -# XXX common parent for people and content search? - -class NoticesearchAction extends SearchAction { - - function get_instructions() { - return _('Search for notices on %%site.name%% by their contents. Separate search terms by spaces; they must be 3 characters or more.'); - } - - function get_title() { - return _('Text search'); - } - - function show_results($q, $page) { - - $notice = new Notice(); +if (!defined('LACONICA')) { + exit(1); +} - # lcase it for comparison - $q = strtolower($q); +require_once INSTALLDIR.'/lib/searchaction.php'; +/** + * Notice search action class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * @todo common parent for people and content search? + */ +class NoticesearchAction extends SearchAction +{ + /** + * Get instructions + * + * @return string instruction text + */ + function getInstructions() + { + return _('Search for notices on %%site.name%% by their contents. Separate search terms by spaces; they must be 3 characters or more.'); + } + + /** + * Get title + * + * @return string title + */ + function title() + { + return _('Text search'); + } + + /** + * Show results + * + * @param string $q search query + * @param integer $page page number + * + * @return void + */ + function showResults($q, $page) + { + $notice = new Notice(); + $q = strtolower($q); $search_engine = $notice->getSearchEngine('identica_notices'); - $search_engine->set_sort_mode('chron'); - # Ask for an extra to see if there's more. - $search_engine->limit((($page-1)*NOTICES_PER_PAGE), NOTICES_PER_PAGE + 1); - + // Ask for an extra to see if there's more. + $search_engine->limit((($page-1)*NOTICES_PER_PAGE), NOTICES_PER_PAGE + 1); if (false === $search_engine->query($q)) { $cnt = 0; + } else { + $cnt = $notice->find(); } - else { - $cnt = $notice->find(); + if ($cnt > 0) { + $terms = preg_split('/[\s,]+/', $q); + $this->elementStart('ul', array('id' => 'notices')); + for ($i = 0; $i < min($cnt, NOTICES_PER_PAGE); $i++) { + if ($notice->fetch()) { + $this->showNotice($notice, $terms); + } else { + // shouldn't happen! + break; + } + } + $this->elementEnd('ul'); + } else { + $this->element('p', 'error', _('No results')); } - if ($cnt > 0) { - $terms = preg_split('/[\s,]+/', $q); - common_element_start('ul', array('id' => 'notices')); - for ($i = 0; $i < min($cnt, NOTICES_PER_PAGE); $i++) { - if ($notice->fetch()) { - $this->show_notice($notice, $terms); - } else { - // shouldn't happen! - break; - } - } - common_element_end('ul'); - } else { - common_element('p', 'error', _('No results')); - } - - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'noticesearch', array('q' => $q)); - } - - function show_header($arr) { - if ($arr) { - $q = $arr[0]; - } - if ($q) { - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('noticesearchrss', - array('q' => $q)), - 'type' => 'application/rss+xml', - 'title' => _('Search Stream Feed'))); - } - } - - # XXX: refactor and combine with StreamAction::show_notice() - - function show_notice($notice, $terms) { - $profile = $notice->getProfile(); - if (!$profile) { - common_log_db_error($notice, 'SELECT', __FILE__); - $this->server_error(_('Notice without matching profile')); - return; - } - # XXX: RDFa - common_element_start('li', array('class' => 'notice_single', - 'id' => 'notice-' . $notice->id)); - $avatar = $profile->getAvatar(AVATAR_STREAM_SIZE); - common_element_start('a', array('href' => $profile->profileurl)); - common_element('img', array('src' => ($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_STREAM_SIZE), - 'class' => 'avatar stream', - 'width' => AVATAR_STREAM_SIZE, - 'height' => AVATAR_STREAM_SIZE, - 'alt' => - ($profile->fullname) ? $profile->fullname : - $profile->nickname)); - common_element_end('a'); - common_element('a', array('href' => $profile->profileurl, - 'class' => 'nickname'), - $profile->nickname); - # FIXME: URL, image, video, audio - common_element_start('p', array('class' => 'content')); - if ($notice->rendered) { - common_raw($this->highlight($notice->rendered, $terms)); - } else { - # XXX: may be some uncooked notices in the DB, - # we cook them right now. This should probably disappear in future - # versions (>> 0.4.x) - common_raw($this->highlight(common_render_content($notice->content, $notice), $terms)); - } - common_element_end('p'); - $noticeurl = common_local_url('shownotice', array('notice' => $notice->id)); - common_element_start('p', 'time'); - common_element('a', array('class' => 'permalink', - 'href' => $noticeurl, - 'title' => common_exact_date($notice->created)), - common_date_string($notice->created)); - if ($notice->reply_to) { - $replyurl = common_local_url('shownotice', array('notice' => $notice->reply_to)); - common_text(' ('); - common_element('a', array('class' => 'inreplyto', - 'href' => $replyurl), - _('in reply to...')); - common_text(')'); - } - common_element_start('a', - array('href' => common_local_url('newnotice', - array('replyto' => $profile->nickname)), - 'onclick' => 'doreply("'.$profile->nickname.'"); return false', - 'title' => _('reply'), - 'class' => 'replybutton')); - common_hidden('posttoken', common_session_token()); - - common_raw('→'); - common_element_end('a'); - common_element_end('p'); - common_element_end('li'); - } - function highlight($text, $terms) { - /* Highligh serach terms */ - $pattern = '/('.implode('|',array_map('htmlspecialchars', $terms)).')/i'; - $result = preg_replace($pattern, '<strong>\\1</strong>', $text); - - /* Remove highlighting from inside links, loop incase multiple highlights in links */ - $pattern = '/(href="[^"]*)<strong>('.implode('|',array_map('htmlspecialchars', $terms)).')<\/strong>([^"]*")/iU'; - do { - $result = preg_replace($pattern, '\\1\\2\\3', $result, -1, $count); - } while ($count); - return $result; - } + $this->pagination($page > 1, $cnt > NOTICES_PER_PAGE, + $page, 'noticesearch', array('q' => $q)); + } + + /** + * Show header + * + * @param array $arr array containing the query + * + * @return void + */ + + function extraHead() + { + $q = $this->trimmed('q'); + if ($q) { + $this->element('link', array('rel' => 'alternate', + 'href' => common_local_url('noticesearchrss', + array('q' => $q)), + 'type' => 'application/rss+xml', + 'title' => _('Search Stream Feed'))); + } + } + + /** + * Show notice + * + * @param class $notice notice + * @param array $terms terms to highlight + * + * @return void + * + * @todo refactor and combine with StreamAction::showNotice() + */ + function showNotice($notice, $terms) + { + $profile = $notice->getProfile(); + if (!$profile) { + common_log_db_error($notice, 'SELECT', __FILE__); + $this->serverError(_('Notice without matching profile')); + return; + } + // XXX: RDFa + $this->elementStart('li', array('class' => 'notice_single', + 'id' => 'notice-' . $notice->id)); + $avatar = $profile->getAvatar(AVATAR_STREAM_SIZE); + $this->elementStart('a', array('href' => $profile->profileurl)); + $this->element('img', array('src' => ($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_STREAM_SIZE), + 'class' => 'avatar stream', + 'width' => AVATAR_STREAM_SIZE, + 'height' => AVATAR_STREAM_SIZE, + 'alt' => + ($profile->fullname) ? $profile->fullname : + $profile->nickname)); + $this->elementEnd('a'); + $this->element('a', array('href' => $profile->profileurl, + 'class' => 'nickname'), + $profile->nickname); + // FIXME: URL, image, video, audio + $this->elementStart('p', array('class' => 'content')); + if ($notice->rendered) { + $this->raw($this->highlight($notice->rendered, $terms)); + } else { + // XXX: may be some uncooked notices in the DB, + // we cook them right now. This should probably disappear in future + // versions (>> 0.4.x) + $this->raw($this->highlight(common_render_content($notice->content, $notice), $terms)); + } + $this->elementEnd('p'); + $noticeurl = common_local_url('shownotice', array('notice' => $notice->id)); + $this->elementStart('p', 'time'); + $this->element('a', array('class' => 'permalink', + 'href' => $noticeurl, + 'title' => common_exact_date($notice->created)), + common_date_string($notice->created)); + if ($notice->reply_to) { + $replyurl = common_local_url('shownotice', array('notice' => $notice->reply_to)); + $this->text(' ('); + $this->element('a', array('class' => 'inreplyto', + 'href' => $replyurl), + _('in reply to...')); + $this->text(')'); + } + $this->elementStart('a', + array('href' => common_local_url('newnotice', + array('replyto' => $profile->nickname)), + 'onclick' => 'doreply("'.$profile->nickname.'"); return false', + 'title' => _('reply'), + 'class' => 'replybutton')); + $this->hidden('posttoken', common_session_token()); + + $this->raw('→'); + $this->elementEnd('a'); + $this->elementEnd('p'); + $this->elementEnd('li'); + } + + /** + * Highlist query terms + * + * @param string $text notice text + * @param array $terms terms to highlight + * + * @return void + */ + function highlight($text, $terms) + { + /* Highligh serach terms */ + $pattern = '/('.implode('|', array_map('htmlspecialchars', $terms)).')/i'; + $result = preg_replace($pattern, '<strong>\\1</strong>', $text); + + /* Remove highlighting from inside links, loop incase multiple highlights in links */ + $pattern = '/(href="[^"]*)<strong>('.implode('|', array_map('htmlspecialchars', $terms)).')<\/strong>([^"]*")/iU'; + do { + $result = preg_replace($pattern, '\\1\\2\\3', $result, -1, $count); + } while ($count); + return $result; + } } + diff --git a/actions/noticesearchrss.php b/actions/noticesearchrss.php index 0f38515a0..c1a1c2c67 100644 --- a/actions/noticesearchrss.php +++ b/actions/noticesearchrss.php @@ -1,5 +1,16 @@ <?php -/* +/** + * RSS feed for notice search action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,54 +28,71 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/rssaction.php'); +if (!defined('LACONICA')) { + exit(1); +} -// Formatting of RSS handled by Rss10Action +require_once INSTALLDIR.'/lib/rssaction.php'; -class NoticesearchrssAction extends Rss10Action { +/** + * RSS feed for notice search action class. + * + * Formatting of RSS handled by Rss10Action + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class NoticesearchrssAction extends Rss10Action +{ - function init() { - return true; - } + function init() + { + return true; + } - function get_notices($limit=0) { + function getNotices($limit=0) + { - $q = $this->trimmed('q'); - $notices = array(); + $q = $this->trimmed('q'); + $notices = array(); - $notice = new Notice(); + $notice = new Notice(); - # lcase it for comparison - $q = strtolower($q); + # lcase it for comparison + $q = strtolower($q); $search_engine = $notice->getSearchEngine('identica_notices'); $search_engine->set_sort_mode('chron'); - if (!$limit) $limit = 20; + if (!$limit) $limit = 20; $search_engine->limit(0, $limit, true); $search_engine->query($q); - $notice->find(); + $notice->find(); - while ($notice->fetch()) { - $notices[] = clone($notice); - } + while ($notice->fetch()) { + $notices[] = clone($notice); + } - return $notices; - } + return $notices; + } - function get_channel() { - global $config; - $q = $this->trimmed('q'); - $c = array('url' => common_local_url('noticesearchrss', array('q' => $q)), - 'title' => $config['site']['name'] . sprintf(_(' Search Stream for "%s"'), $q), - 'link' => common_local_url('noticesearch', array('q' => $q)), - 'description' => sprintf(_('All updates matching search term "%s"'), $q)); - return $c; - } + function getChannel() + { + global $config; + $q = $this->trimmed('q'); + $c = array('url' => common_local_url('noticesearchrss', array('q' => $q)), + 'title' => $config['site']['name'] . sprintf(_(' Search Stream for "%s"'), $q), + 'link' => common_local_url('noticesearch', array('q' => $q)), + 'description' => sprintf(_('All updates matching search term "%s"'), $q)); + return $c; + } - function get_image() { - return NULL; - } + function getImage() + { + return null; + } } diff --git a/actions/nudge.php b/actions/nudge.php index 677f58800..ca6fd3761 100644 --- a/actions/nudge.php +++ b/actions/nudge.php @@ -1,5 +1,17 @@ <?php -/* + +/** + * User by ID action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,68 +29,98 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/mail.php'); - -class NudgeAction extends Action { +if (!defined('LACONICA')) { + exit(1); +} - function handle($args) { - parent::handle($args); +require_once INSTALLDIR.'/lib/mail.php'; - if (!common_logged_in()) { - $this->client_error(_('Not logged in.')); - return; - } +/** + * Nudge a user action class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class NudgeAction extends Action +{ + /** + * Class handler. + * + * @param array $args array of arguments + * + * @return nothing + */ + function handle($args) + { + parent::handle($args); - $user = common_current_user(); - $other = User::staticGet('nickname', $this->arg('nickname')); + if (!common_logged_in()) { + $this->clientError(_('Not logged in.')); + return; + } - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('showstream', array('nickname' => $other->nickname))); - return; - } + $user = common_current_user(); + $other = User::staticGet('nickname', $this->arg('nickname')); - # CSRF protection + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + common_redirect(common_local_url('showstream', + array('nickname' => $other->nickname))); + return; + } - $token = $this->trimmed('token'); - - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } + // CSRF protection + $token = $this->trimmed('token'); + + if (!$token || $token != common_session_token()) { + $this->clientError(_('There was a problem with your session token. Try again, please.')); + return; + } if (!$other->email || !$other->emailnotifynudge) { - $this->client_error(_('This user doesn\'t allow nudges or hasn\'t confirmed or set his email yet.')); + $this->clientError(_('This user doesn\'t allow nudges or hasn\'t confirmed or set his email yet.')); return; } - $this->notify($user, $other); + $this->notify($user, $other); - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Nudge sent')); - common_element_end('head'); - common_element_start('body'); - common_nudge_response(); - common_element_end('body'); - common_element_end('html'); - } else { + if ($this->boolean('ajax')) { + $this->startHTML('text/xml;charset=utf-8', true); + $this->elementStart('head'); + $this->element('title', null, _('Nudge sent')); + $this->elementEnd('head'); + $this->elementStart('body'); + $this->element('p', array('id' => 'nudge_response'), _('Nudge sent!')); + $this->elementEnd('body'); + $this->elementEnd('html'); + } else { // display a confirmation to the user - common_redirect(common_local_url('showstream', - array('nickname' => $other->nickname))); - } - } + common_redirect(common_local_url('showstream', + array('nickname' => $other->nickname))); + } + } - function notify($user, $other) { - if ($other->id != $user->id) { - if ($other->email && $other->emailnotifynudge) { - mail_notify_nudge($user, $other); - } - # XXX: notify by IM - # XXX: notify by SMS - } - } + /** + * Do the actual notification + * + * @param class $user nudger + * @param class $other nudgee + * + * @return nothing + */ + function notify($user, $other) + { + if ($other->id != $user->id) { + if ($other->email && $other->emailnotifynudge) { + mail_notify_nudge($user, $other); + } + // XXX: notify by IM + // XXX: notify by SMS + } + } } diff --git a/actions/openidlogin.php b/actions/openidlogin.php index 1b289dbea..ec5361c8b 100644 --- a/actions/openidlogin.php +++ b/actions/openidlogin.php @@ -21,72 +21,91 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/openid.php'); -class OpenidloginAction extends Action { +class OpenidloginAction extends Action +{ + function handle($args) + { + parent::handle($args); + if (common_logged_in()) { + $this->clientError(_('Already logged in.')); + } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $openid_url = $this->trimmed('openid_url'); - function handle($args) { - parent::handle($args); - if (common_logged_in()) { - common_user_error(_('Already logged in.')); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $openid_url = $this->trimmed('openid_url'); + # CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. Try again, please.'), $openid_url); + return; + } - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.'), $openid_url); - return; - } + $rememberme = $this->boolean('rememberme'); - $rememberme = $this->boolean('rememberme'); - - common_ensure_session(); - - $_SESSION['openid_rememberme'] = $rememberme; - - $result = oid_authenticate($openid_url, - 'finishopenidlogin'); - - if (is_string($result)) { # error message - unset($_SESSION['openid_rememberme']); - $this->show_form($result, $openid_url); - } - } else { - $openid_url = oid_get_last(); - $this->show_form(NULL, $openid_url); - } - } + common_ensure_session(); - function get_instructions() { - return _('Login with an [OpenID](%%doc.openid%%) account.'); - } + $_SESSION['openid_rememberme'] = $rememberme; - function show_top($error=NULL) { - if ($error) { - common_element('div', array('class' => 'error'), $error); - } else { - $instr = $this->get_instructions(); - $output = common_markup_to_html($instr); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - } - } + $result = oid_authenticate($openid_url, + 'finishopenidlogin'); - function show_form($error=NULL, $openid_url) { - common_show_header(_('OpenID Login'), NULL, $error, array($this, 'show_top')); - $formaction = common_local_url('openidlogin'); - common_element_start('form', array('method' => 'post', - 'id' => 'openidlogin', - 'action' => $formaction)); - common_hidden('token', common_session_token()); - common_input('openid_url', _('OpenID URL'), - $openid_url, - _('Your OpenID URL')); - common_checkbox('rememberme', _('Remember me'), false, - _('Automatically login in the future; ' . - 'not for shared computers!')); - common_submit('submit', _('Login')); - common_element_end('form'); - common_show_footer(); - } + if (is_string($result)) { # error message + unset($_SESSION['openid_rememberme']); + $this->showForm($result, $openid_url); + } + } else { + $openid_url = oid_get_last(); + $this->showForm(null, $openid_url); + } + } + + function getInstructions() + { + return _('Login with an [OpenID](%%doc.openid%%) account.'); + } + + function showPageNotice() + { + if ($this->error) { + $this->element('div', array('class' => 'error'), $this->error); + } else { + $instr = $this->getInstructions(); + $output = common_markup_to_html($instr); + $this->elementStart('div', 'instructions'); + $this->raw($output); + $this->elementEnd('div'); + } + } + + function title() + { + return _('OpenID Login'); + } + + function showForm($error=null, $openid_url) + { + $this->error = $error; + $this->openid_url = $openid_url; + $this->showPage(); + } + + function showContent() { + $formaction = common_local_url('openidlogin'); + $this->elementStart('form', array('method' => 'post', + 'id' => 'openidlogin', + 'action' => $formaction)); + $this->hidden('token', common_session_token()); + $this->input('openid_url', _('OpenID URL'), + $this->openid_url, + _('Your OpenID URL')); + $this->checkbox('rememberme', _('Remember me'), false, + _('Automatically login in the future; ' . + 'not for shared computers!')); + $this->submit('submit', _('Login')); + $this->elementEnd('form'); + } + + function showLocalNav() + { + $nav = new LoginGroupNav($this); + $nav->show(); + } } diff --git a/actions/openidsettings.php b/actions/openidsettings.php index f539d111f..92469d20f 100644 --- a/actions/openidsettings.php +++ b/actions/openidsettings.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Settings for OpenID + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,142 +18,217 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/accountsettingsaction.php'; +require_once INSTALLDIR.'/lib/openid.php'; + +/** + * Settings for OpenID + * + * Lets users add, edit and delete OpenIDs from their account + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); -require_once(INSTALLDIR.'/lib/openid.php'); - -class OpenidsettingsAction extends SettingsAction { - - function get_instructions() { - return _('[OpenID](%%doc.openid%%) lets you log into many sites ' . - ' with the same user account. '. - ' Manage your associated OpenIDs from here.'); - } - - function show_form($msg=NULL, $success=false) { - - $user = common_current_user(); - - $this->form_header(_('OpenID settings'), $msg, $success); - - common_element_start('form', array('method' => 'post', - 'id' => 'openidadd', - 'action' => - common_local_url('openidsettings'))); - common_hidden('token', common_session_token()); - common_element('h2', NULL, _('Add OpenID')); - common_element('p', NULL, - _('If you want to add an OpenID to your account, ' . - 'enter it in the box below and click "Add".')); - common_element_start('p'); - common_element('label', array('for' => 'openid_url'), - _('OpenID URL')); - common_element('input', array('name' => 'openid_url', - 'type' => 'text', - 'id' => 'openid_url')); - common_element('input', array('type' => 'submit', - 'id' => 'add', - 'name' => 'add', - 'class' => 'submit', - 'value' => _('Add'))); - common_element_end('p'); - common_element_end('form'); - - $oid = new User_openid(); - $oid->user_id = $user->id; - - $cnt = $oid->find(); - - if ($cnt > 0) { - - common_element('h2', NULL, _('Remove OpenID')); - - if ($cnt == 1 && !$user->password) { - - common_element('p', NULL, - _('Removing your only OpenID would make it impossible to log in! ' . - 'If you need to remove it, add another OpenID first.')); - - if ($oid->fetch()) { - common_element_start('p'); - common_element('a', array('href' => $oid->canonical), - $oid->display); - common_element_end('p'); - } - - } else { - - common_element('p', NULL, - _('You can remove an OpenID from your account '. - 'by clicking the button marked "Remove".')); - $idx = 0; - - while ($oid->fetch()) { - common_element_start('form', array('method' => 'POST', - 'id' => 'openiddelete' . $idx, - 'action' => - common_local_url('openidsettings'))); - common_element_start('p'); - common_hidden('token', common_session_token()); - common_element('a', array('href' => $oid->canonical), - $oid->display); - common_element('input', array('type' => 'hidden', - 'id' => 'openid_url'.$idx, - 'name' => 'openid_url', - 'value' => $oid->canonical)); - common_element('input', array('type' => 'submit', - 'id' => 'remove'.$idx, - 'name' => 'remove', - 'class' => 'submit', - 'value' => _('Remove'))); - common_element_end('p'); - common_element_end('form'); - $idx++; - } - } - } - - common_show_footer(); - } - - function handle_post() { - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('add')) { - $result = oid_authenticate($this->trimmed('openid_url'), 'finishaddopenid'); - if (is_string($result)) { # error message - $this->show_form($result); - } - } else if ($this->arg('remove')) { - $this->remove_openid(); - } else { - $this->show_form(_('Something weird happened.')); - } - } - - function remove_openid() { - - $openid_url = $this->trimmed('openid_url'); - $oid = User_openid::staticGet('canonical', $openid_url); - if (!$oid) { - $this->show_form(_('No such OpenID.')); - return; - } - $cur = common_current_user(); - if (!$cur || $oid->user_id != $cur->id) { - $this->show_form(_('That OpenID does not belong to you.')); - return; - } - $oid->delete(); - $this->show_form(_('OpenID removed.'), true); - return; - } +class OpenidsettingsAction extends AccountSettingsAction +{ + /** + * Title of the page + * + * @return string Page title + */ + + function title() + { + return _('OpenID settings'); + } + + /** + * Instructions for use + * + * @return string Instructions for use + */ + + function getInstructions() + { + return _('[OpenID](%%doc.openid%%) lets you log into many sites ' . + ' with the same user account. '. + ' Manage your associated OpenIDs from here.'); + } + + /** + * Show the form for OpenID management + * + * We have one form with a few different submit buttons to do different things. + * + * @return void + */ + + function showContent() + { + $user = common_current_user(); + + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_openid_add', + 'class' => 'form_settings', + 'action' => + common_local_url('openidsettings'))); + $this->elementStart('fieldset', array('id' => 'settings_openid_add')); + $this->element('legend', null, _('Add OpenID')); + $this->hidden('token', common_session_token()); + $this->element('p', 'form_guide', + _('If you want to add an OpenID to your account, ' . + 'enter it in the box below and click "Add".')); + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->element('label', array('for' => 'openid_url'), + _('OpenID URL')); + $this->element('input', array('name' => 'openid_url', + 'type' => 'text', + 'id' => 'openid_url')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->element('input', array('type' => 'submit', + 'id' => 'settings_openid_add_action-submit', + 'name' => 'add', + 'class' => 'submit', + 'value' => _('Add'))); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + + $oid = new User_openid(); + + $oid->user_id = $user->id; + + $cnt = $oid->find(); + + if ($cnt > 0) { + + $this->element('h2', null, _('Remove OpenID')); + + if ($cnt == 1 && !$user->password) { + + $this->element('p', 'form_guide', + _('Removing your only OpenID '. + 'would make it impossible to log in! ' . + 'If you need to remove it, '. + 'add another OpenID first.')); + + if ($oid->fetch()) { + $this->elementStart('p'); + $this->element('a', array('href' => $oid->canonical), + $oid->display); + $this->elementEnd('p'); + } + + } else { + + $this->element('p', 'form_guide', + _('You can remove an OpenID from your account '. + 'by clicking the button marked "Remove".')); + $idx = 0; + + while ($oid->fetch()) { + $this->elementStart('form', + array('method' => 'POST', + 'id' => 'form_settings_openid_delete' . $idx, + 'class' => 'form_settings', + 'action' => + common_local_url('openidsettings'))); + $this->elementStart('fieldset'); + $this->hidden('token', common_session_token()); + $this->element('a', array('href' => $oid->canonical), + $oid->display); + $this->element('input', array('type' => 'hidden', + 'id' => 'openid_url'.$idx, + 'name' => 'openid_url', + 'value' => $oid->canonical)); + $this->element('input', array('type' => 'submit', + 'id' => 'remove'.$idx, + 'name' => 'remove', + 'class' => 'submit remove', + 'value' => _('Remove'))); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + $idx++; + } + } + } + } + + /** + * Handle a POST request + * + * Muxes to different sub-functions based on which button was pushed + * + * @return void + */ + + function handlePost() + { + // CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + if ($this->arg('add')) { + $result = oid_authenticate($this->trimmed('openid_url'), + 'finishaddopenid'); + if (is_string($result)) { // error message + $this->showForm($result); + } + } else if ($this->arg('remove')) { + $this->removeOpenid(); + } else { + $this->showForm(_('Something weird happened.')); + } + } + + /** + * Handles a request to remove an OpenID from the user's account + * + * Validates input and, if everything is OK, deletes the OpenID. + * Reloads the form with a success or error notification. + * + * @return void + */ + + function removeOpenid() + { + $openid_url = $this->trimmed('openid_url'); + + $oid = User_openid::staticGet('canonical', $openid_url); + + if (!$oid) { + $this->showForm(_('No such OpenID.')); + return; + } + $cur = common_current_user(); + if (!$cur || $oid->user_id != $cur->id) { + $this->showForm(_('That OpenID does not belong to you.')); + return; + } + $oid->delete(); + $this->showForm(_('OpenID removed.'), true); + return; + } } diff --git a/actions/opensearch.php b/actions/opensearch.php index 0f366be4c..d7705972f 100644 --- a/actions/opensearch.php +++ b/actions/opensearch.php @@ -1,5 +1,17 @@ <?php -/* + +/** + * Opensearch action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,43 +29,59 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -class OpensearchAction extends Action { - - function handle($args) { - - parent::handle($args); - - $type = $this->trimmed('type'); - - $short_name = ''; - if ($type == 'people') { - $type = 'peoplesearch'; - $short_name = _('People Search'); - } else { - $short_name = _('Notice Search'); - $type = 'noticesearch'; - } - - header('Content-Type: text/html'); - - common_start_xml(); - common_element_start('OpenSearchDescription', array('xmlns' => 'http://a9.com/-/spec/opensearch/1.1/')); - - $short_name = common_config('site', 'name').' '.$short_name; - common_element('ShortName', NULL, $short_name); - common_element('Contact', NULL, common_config('site', 'email')); - common_element('Url', array('type' => 'text/html', 'method' => 'get', - 'template' => str_replace('---', '{searchTerms}', common_local_url($type, array('q' => '---'))))); - common_element('Image', array('height' => 16, 'width' => 16, 'type' => 'image/vnd.microsoft.icon'), common_path('favicon.ico')); - common_element('Image', array('height' => 50, 'width' => 50, 'type' => 'image/png'), theme_path('logo.png')); - common_element('AdultContent', NULL, 'false'); - common_element('Language', NULL, common_language()); - common_element('OutputEncoding', NULL, 'UTF-8'); - common_element('InputEncoding', NULL, 'UTF-8'); +if (!defined('LACONICA')) { + exit(1); +} - common_element_end('OpenSearchDescription'); - common_end_xml(); - } +/** + * Opensearch action class. + * + * Formatting of RSS handled by Rss10Action + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class OpensearchAction extends Action +{ + /** + * Class handler. + * + * @param array $args query arguments + * + * @return boolean false if user doesn't exist + */ + function handle($args) + { + parent::handle($args); + $type = $this->trimmed('type'); + $short_name = ''; + if ($type == 'people') { + $type = 'peoplesearch'; + $short_name = _('People Search'); + } else { + $type = 'noticesearch'; + $short_name = _('Notice Search'); + } + header('Content-Type: text/html'); + common_start_xml(); + $this->elementStart('OpenSearchDescription', array('xmlns' => 'http://a9.com/-/spec/opensearch/1.1/')); + $short_name = common_config('site', 'name').' '.$short_name; + $this->element('ShortName', null, $short_name); + $this->element('Contact', null, common_config('site', 'email')); + $this->element('Url', array('type' => 'text/html', 'method' => 'get', + 'template' => str_replace('---', '{searchTerms}', common_local_url($type, array('q' => '---'))))); + $this->element('Image', array('height' => 16, 'width' => 16, 'type' => 'image/vnd.microsoft.icon'), common_path('favicon.ico')); + $this->element('Image', array('height' => 50, 'width' => 50, 'type' => 'image/png'), theme_path('logo.png')); + $this->element('AdultContent', null, 'false'); + $this->element('Language', null, common_language()); + $this->element('OutputEncoding', null, 'UTF-8'); + $this->element('InputEncoding', null, 'UTF-8'); + $this->elementEnd('OpenSearchDescription'); + common_end_xml(); + } } + diff --git a/actions/othersettings.php b/actions/othersettings.php index eccf90e91..b542233ca 100644 --- a/actions/othersettings.php +++ b/actions/othersettings.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Miscellaneous settings + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,167 +18,153 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Robin Millette <millette@controlyourself.ca> + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); +if (!defined('LACONICA')) { + exit(1); +} -class OthersettingsAction extends SettingsAction { +require_once INSTALLDIR.'/lib/accountsettingsaction.php'; - function get_instructions() { - return _('Manage various other options.'); - } +/** + * Miscellaneous settings actions + * + * Currently this just manages URL shortening. + * + * @category Settings + * @package Laconica + * @author Robin Millette <millette@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ - function show_form($msg=NULL, $success=false) { - $user = common_current_user(); +class OthersettingsAction extends AccountSettingsAction +{ + /** + * Title of the page + * + * @return string Title of the page + */ + + function title() + { + return _('Other Settings'); + } + + /** + * Instructions for use + * + * @return instructions for use + */ + + function getInstructions() + { + return _('Manage various other options.'); + } + + /** + * Content area of the page + * + * Shows a form for uploading an avatar. + * + * @return void + */ + + function showContent() + { + $user = common_current_user(); - $this->form_header(_('Other Settings'), $msg, $success); - common_element('h2', NULL, _('URL Auto-shortening')); - common_element_start('form', array('method' => 'post', - 'id' => 'othersettings', - 'action' => - common_local_url('othersettings'))); - common_hidden('token', common_session_token()); + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_other', + 'class' => 'form_settings', + 'action' => + common_local_url('othersettings'))); + $this->elementStart('fieldset'); + $this->element('legend', null, _('URL Auto-shortening')); + $this->hidden('token', common_session_token()); + + // I18N + + $services = array( + '' => 'None', + 'ur1.ca' => 'ur1.ca (free service)', + '2tu.us' => '2tu.us (free service)', + 'ptiturl.com' => 'ptiturl.com', + 'bit.ly' => 'bit.ly', + 'tinyurl.com' => 'tinyurl.com', + 'is.gd' => 'is.gd', + 'snipr.com' => 'snipr.com', + 'metamark.net' => 'metamark.net' + ); + + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->dropdown('urlshorteningservice', _('Service'), + $services, _('Automatic shortening service to use.'), + false, $user->urlshorteningservice); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('save', _('Save')); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + /** + * Handle a post + * + * Saves the changes to url-shortening prefs and shows a success or failure + * message. + * + * @return void + */ + + function handlePost() + { + // CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + $urlshorteningservice = $this->trimmed('urlshorteningservice'); + + if (!is_null($urlshorteningservice) && strlen($urlshorteningservice) > 50) { + $this->showForm(_('URL shortening service is too long (max 50 chars).')); + return; + } - $services = array( - '' => 'None', - 'ur1.ca' => 'ur1.ca (free service)', - '2tu.us' => '2tu.us (free service)', - 'ptiturl.com' => 'ptiturl.com', - 'bit.ly' => 'bit.ly', - 'tinyurl.com' => 'tinyurl.com', - 'is.gd' => 'is.gd', - 'snipr.com' => 'snipr.com', - 'metamark.net' => 'metamark.net' - ); + $user = common_current_user(); - common_dropdown('urlshorteningservice', _('Service'), $services, _('Automatic shortening service to use.'), FALSE, $user->urlshorteningservice); + assert(!is_null($user)); // should already be checked - common_submit('save', _('Save')); + $user->query('BEGIN'); - common_element_end('form'); + $original = clone($user); -// common_element('h2', NULL, _('Delete my account')); -// $this->show_delete_form(); + $user->urlshorteningservice = $urlshorteningservice; - common_show_footer(); - } + $result = $user->update($original); - function show_feeds_list($feeds) { - common_element_start('div', array('class' => 'feedsdel')); - common_element('p', null, 'Feeds:'); - common_element_start('ul', array('class' => 'xoxo')); + if ($result === false) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t update user.')); + return; + } - foreach ($feeds as $key => $value) { - $this->common_feed_item($feeds[$key]); - } - common_element_end('ul'); - common_element_end('div'); - } + $user->query('COMMIT'); - //TODO move to common.php (and retrace its origin) - function common_feed_item($feed) { - $user = common_current_user(); - $nickname = $user->nickname; - - switch($feed['item']) { - case 'notices': default: - $feed_classname = $feed['type']; - $feed_mimetype = "application/".$feed['type']."+xml"; - $feed_title = "$nickname's ".$feed['version']." notice feed"; - $feed['textContent'] = "RSS"; - break; - - case 'foaf': - $feed_classname = "foaf"; - $feed_mimetype = "application/".$feed['type']."+xml"; - $feed_title = "$nickname's FOAF file"; - $feed['textContent'] = "FOAF"; - break; - } - common_element_start('li'); - common_element('a', array('href' => $feed['href'], - 'class' => $feed_classname, - 'type' => $feed_mimetype, - 'title' => $feed_title), - $feed['textContent']); - common_element_end('li'); - } - -// function show_delete_form() { -// $user = common_current_user(); -// $notices = DB_DataObject::factory('notice'); -// $notices->profile_id = $user->id; -// $notice_count = (int) $notices->count(); -// -// common_element_start('form', array('method' => 'POST', -// 'id' => 'delete', -// 'action' => -// common_local_url('deleteprofile'))); -// -// common_hidden('token', common_session_token()); -// common_element('p', null, "You can copy your notices and contacts by saving the two links below before deleting your account. Be careful, this operation cannot be undone."); -// -// $this->show_feeds_list(array(0=>array('href'=>common_local_url('userrss', array('limit' => $notice_count, 'nickname' => $user->nickname)), -// 'type' => 'rss', -// 'version' => 'RSS 1.0', -// 'item' => 'notices'), -// 1=>array('href'=>common_local_url('foaf',array('nickname' => $user->nickname)), -// 'type' => 'rdf', -// 'version' => 'FOAF', -// 'item' => 'foaf'))); -// -// common_submit('deleteaccount', _('Delete my account')); -// common_element_end('form'); -// } - - function handle_post() { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_preferences(); - }else { - $this->show_form(_('Unexpected form submission.')); - } - } - - function save_preferences() { - - $urlshorteningservice = $this->trimmed('urlshorteningservice'); - - if (!is_null($urlshorteningservice) && strlen($urlshorteningservice) > 50) { - $this->show_form(_('URL shortening service is too long (max 50 chars).')); - return; - } - - $user = common_current_user(); - - assert(!is_null($user)); # should already be checked - - $user->query('BEGIN'); - - $original = clone($user); - - $user->urlshorteningservice = $urlshorteningservice; - - $result = $user->update($original); - - if ($result === FALSE) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - - $user->query('COMMIT'); - - $this->show_form(_('Preferences saved.'), true); - } + $this->showForm(_('Preferences saved.'), true); + } } diff --git a/actions/outbox.php b/actions/outbox.php index c48d9c206..c8d7f2812 100644 --- a/actions/outbox.php +++ b/actions/outbox.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * action handler for message inbox + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,42 +18,101 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Message + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/mailbox.php'; + +/** + * action handler for message outbox + * + * @category Message + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * @see MailboxAction */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/mailbox.php'); - -class OutboxAction extends MailboxAction { - - function get_title($user, $page) { - if ($page > 1) { - $title = sprintf(_("Outbox for %s - page %d"), $user->nickname, $page); - } else { - $title = sprintf(_("Outbox for %s"), $user->nickname); - } - return $title; - } - - function get_messages($user, $page) { - $message = new Message(); - $message->from_profile = $user->id; - $message->orderBy('created DESC, id DESC'); - $message->limit((($page-1)*MESSAGES_PER_PAGE), MESSAGES_PER_PAGE + 1); - - if ($message->find()) { - return $message; - } else { - return NULL; - } - } - - function get_message_profile($message) { - return $message->getTo(); - } - - function get_instructions() { - return _('This is your outbox, which lists private messages you have sent.'); - } - +class OutboxAction extends MailboxAction +{ + /** + * Title of the page + * + * @return string page title + */ + + function title() + { + if ($this->page > 1) { + return sprintf(_("Outbox for %s - page %d"), + $this->user->nickname, $page); + } else { + return sprintf(_("Outbox for %s"), $this->user->nickname); + } + } + + /** + * retrieve the messages for this user and this page + * + * Does a query for the right messages + * + * @return Message data object with stream for messages + * + * @see MailboxAction::getMessages() + */ + + function getMessages() + { + $message = new Message(); + + $message->from_profile = $this->user->id; + $message->orderBy('created DESC, id DESC'); + $message->limit((($this->page - 1) * MESSAGES_PER_PAGE), + MESSAGES_PER_PAGE + 1); + + if ($message->find()) { + return $message; + } else { + return null; + } + } + + /** + * returns the profile we want to show with the message + * + * For outboxes, we show the recipient. + * + * @param Message $message The message to get the profile for + * + * @return Profile The profile of the message recipient + * + * @see MailboxAction::getMessageProfile() + */ + + function getMessageProfile($message) + { + return $message->getTo(); + } + + /** + * instructions for using this page + * + * @return string localised instructions for using the page + */ + + function getInstructions() + { + return _('This is your outbox, which lists private messages you have sent.'); + } } diff --git a/actions/passwordsettings.php b/actions/passwordsettings.php new file mode 100644 index 000000000..17b2de4e8 --- /dev/null +++ b/actions/passwordsettings.php @@ -0,0 +1,175 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * Change user password + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/accountsettingsaction.php'; + +/** + * Change password + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class PasswordsettingsAction extends AccountSettingsAction +{ + /** + * Title of the page + * + * @return string Title of the page + */ + + function title() + { + return _('Change password'); + } + + /** + * Instructions for use + * + * @return instructions for use + */ + + function getInstructions() + { + return _('Change your password.'); + } + + /** + * Content area of the page + * + * Shows a form for changing the password + * + * @return void + */ + + function showContent() + { + $user = common_current_user(); + $this->elementStart('form', array('method' => 'POST', + 'id' => 'form_password', + 'class' => 'form_settings', + 'action' => + common_local_url('profilesettings'))); + $this->elementStart('fieldset'); + $this->element('legend', null, _('Password change')); + $this->hidden('token', common_session_token()); + + + $this->elementStart('ul', 'form_data'); + // Users who logged in with OpenID won't have a pwd + if ($user->password) { + $this->elementStart('li'); + $this->password('oldpassword', _('Old password')); + $this->elementEnd('li'); + } + $this->elementStart('li'); + $this->password('newpassword', _('New password'), + _('6 or more characters')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->password('confirm', _('Confirm'), + _('same as password above')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + + $this->submit('changepass', _('Change')); + + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + /** + * Handle a post + * + * Validate input and save changes. Reload the form with a success + * or error message. + * + * @return void + */ + + function handlePost() + { + // CSRF protection + + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + $user = common_current_user(); + assert(!is_null($user)); // should already be checked + + // FIXME: scrub input + + $newpassword = $this->arg('newpassword'); + $confirm = $this->arg('confirm'); + + if (0 != strcmp($newpassword, $confirm)) { + $this->showForm(_('Passwords don\'t match.')); + return; + } + + if ($user->password) { + $oldpassword = $this->arg('oldpassword'); + + if (!common_check_user($user->nickname, $oldpassword)) { + $this->showForm(_('Incorrect old password')); + return; + } + } + + $original = clone($user); + + $user->password = common_munge_password($newpassword, $user->id); + + $val = $user->validate(); + if ($val !== true) { + $this->showForm(_('Error saving user; invalid.')); + return; + } + + if (!$user->update($original)) { + $this->serverError(_('Can\'t save new password.')); + return; + } + + $this->showForm(_('Password saved.'), true); + } +} diff --git a/actions/peoplesearch.php b/actions/peoplesearch.php index 2e54233ec..3c672c940 100644 --- a/actions/peoplesearch.php +++ b/actions/peoplesearch.php @@ -1,5 +1,16 @@ <?php -/* +/** + * People search action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,68 +28,86 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/searchaction.php'); -require_once(INSTALLDIR.'/lib/profilelist.php'); +if (!defined('LACONICA')) { + exit(1); +} -class PeoplesearchAction extends SearchAction { +require_once INSTALLDIR.'/lib/searchaction.php'; +require_once INSTALLDIR.'/lib/profilelist.php'; - function get_instructions() { - return _('Search for people on %%site.name%% by their name, location, or interests. ' . - 'Separate the terms by spaces; they must be 3 characters or more.'); - } +/** + * People search action class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class PeoplesearchAction extends SearchAction +{ + function getInstructions() + { + return _('Search for people on %%site.name%% by their name, location, or interests. ' . + 'Separate the terms by spaces; they must be 3 characters or more.'); + } - function get_title() { - return _('People search'); - } + function title() + { + return _('People search'); + } - function show_results($q, $page) { + function showResults($q, $page) + { - $profile = new Profile(); + $profile = new Profile(); - # lcase it for comparison - $q = strtolower($q); + # lcase it for comparison + $q = strtolower($q); $search_engine = $profile->getSearchEngine('identica_people'); $search_engine->set_sort_mode('chron'); - # Ask for an extra to see if there's more. + # Ask for an extra to see if there's more. $search_engine->limit((($page-1)*PROFILES_PER_PAGE), PROFILES_PER_PAGE + 1); if (false === $search_engine->query($q)) { $cnt = 0; } else { - $cnt = $profile->find(); + $cnt = $profile->find(); + } + if ($cnt > 0) { + $terms = preg_split('/[\s,]+/', $q); + $results = new PeopleSearchResults($profile, $terms, $this); + $results->show(); + } else { + $this->element('p', 'error', _('No results')); } - if ($cnt > 0) { - $terms = preg_split('/[\s,]+/', $q); - $results = new PeopleSearchResults($profile, $terms); - $results->show_list(); - } else { - common_element('p', 'error', _('No results')); - } - $profile->free(); - - common_pagination($page > 1, $cnt > PROFILES_PER_PAGE, - $page, 'peoplesearch', array('q' => $q)); - } + $profile->free(); + + $this->pagination($page > 1, $cnt > PROFILES_PER_PAGE, + $page, 'peoplesearch', array('q' => $q)); + } } -class PeopleSearchResults extends ProfileList { - - var $terms = NULL; - var $pattern = NULL; - - function __construct($profile, $terms) { - parent::__construct($profile); - $this->terms = array_map('preg_quote', - array_map('htmlspecialchars', $terms)); - $this->pattern = '/('.implode('|',$terms).')/i'; - } - - function highlight($text) { - return preg_replace($this->pattern, '<strong>\\1</strong>', htmlspecialchars($text)); - } +class PeopleSearchResults extends ProfileList +{ + var $terms = null; + var $pattern = null; + + function __construct($profile, $terms, $action) + { + parent::__construct($profile, $terms, $action); + $this->terms = array_map('preg_quote', + array_map('htmlspecialchars', $terms)); + $this->pattern = '/('.implode('|',$terms).')/i'; + } + + function highlight($text) + { + return preg_replace($this->pattern, '<strong>\\1</strong>', htmlspecialchars($text)); + } } + diff --git a/actions/peopletag.php b/actions/peopletag.php index c508e0594..7bcfcb93e 100644 --- a/actions/peopletag.php +++ b/actions/peopletag.php @@ -21,83 +21,89 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/profilelist.php'); -class PeopletagAction extends Action { - - function handle($args) { +class PeopletagAction extends Action +{ + + function handle($args) + { - parent::handle($args); + parent::handle($args); - $tag = $this->trimmed('tag'); - - if (!common_valid_profile_tag($tag)) { - $this->client_error(sprintf(_('Not a valid people tag: %s'), $tag)); - return; - } + $tag = $this->trimmed('tag'); + + if (!common_valid_profile_tag($tag)) { + $this->clientError(sprintf(_('Not a valid people tag: %s'), $tag)); + return; + } - $page = $this->trimmed('page'); - - if (!$page) { - $page = 1; - } - - # Looks like we're good; show the header + $page = $this->trimmed('page'); + + if (!$page) { + $page = 1; + } + + # Looks like we're good; show the header - common_show_header(sprintf(_('Users self-tagged with %s - page %d'), $tag, $page), - NULL, $tag, array($this, 'show_top')); + common_show_header(sprintf(_('Users self-tagged with %s - page %d'), $tag, $page), + null, $tag, array($this, 'show_top')); - $this->show_people($tag, $page); + $this->show_people($tag, $page); - common_show_footer(); - } + common_show_footer(); + } - function show_people($tag, $page) { - - $profile = new Profile(); + function show_people($tag, $page) + { + + $profile = new Profile(); - $offset = ($page-1)*PROFILES_PER_PAGE; - $limit = PROFILES_PER_PAGE + 1; - - if (common_config('db','type') == 'pgsql') { - $lim = ' LIMIT ' . $limit . ' OFFSET ' . $offset; - } else { - $lim = ' LIMIT ' . $offset . ', ' . $limit; - } + $offset = ($page-1)*PROFILES_PER_PAGE; + $limit = PROFILES_PER_PAGE + 1; + + if (common_config('db','type') == 'pgsql') { + $lim = ' LIMIT ' . $limit . ' OFFSET ' . $offset; + } else { + $lim = ' LIMIT ' . $offset . ', ' . $limit; + } - # XXX: memcached this - - $profile->query(sprintf('SELECT profile.* ' . - 'FROM profile JOIN profile_tag ' . - 'ON profile.id = profile_tag.tagger ' . - 'WHERE profile_tag.tagger = profile_tag.tagged ' . - 'AND tag = "%s" ' . - 'ORDER BY profile_tag.modified DESC ' . - $lim, $tag)); + # XXX: memcached this + + $profile->query(sprintf('SELECT profile.* ' . + 'FROM profile JOIN profile_tag ' . + 'ON profile.id = profile_tag.tagger ' . + 'WHERE profile_tag.tagger = profile_tag.tagged ' . + 'AND tag = "%s" ' . + 'ORDER BY profile_tag.modified DESC ' . + $lim, $tag)); - $pl = new ProfileList($profile); - $cnt = $pl->show_list(); - - common_pagination($page > 1, - $cnt > PROFILES_PER_PAGE, - $page, - $this->trimmed('action'), - array('tag' => $tag)); - } - - function show_top($tag) { - $instr = sprintf(_('These are users who have tagged themselves "%s" ' . - 'to show a common interest, characteristic, hobby or job.'), $tag); - common_element_start('div', 'instructions'); - common_element_start('p'); - common_text($instr); - common_element_end('p'); - common_element_end('div'); - } + $pl = new ProfileList($profile); + $cnt = $pl->show_list(); + + common_pagination($page > 1, + $cnt > PROFILES_PER_PAGE, + $page, + $this->trimmed('action'), + array('tag' => $tag)); + } + + function show_top($tag) + { + $instr = sprintf(_('These are users who have tagged themselves "%s" ' . + 'to show a common interest, characteristic, hobby or job.'), $tag); + $this->elementStart('div', 'instructions'); + $this->elementStart('p'); + $this->text($instr); + $this->elementEnd('p'); + $this->elementEnd('div'); + } - function get_title() { - return NULL; - } + function get_title() + { + return null; + } - function show_header($arr) { - return; - } + function show_header($arr) + { + return; + } } diff --git a/actions/postnotice.php b/actions/postnotice.php index 243081f12..0b4735296 100644 --- a/actions/postnotice.php +++ b/actions/postnotice.php @@ -21,68 +21,71 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/omb.php'); -class PostnoticeAction extends Action { - function handle($args) { - parent::handle($args); - try { - common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); - # Note: server-to-server function! - $server = omb_oauth_server(); - list($consumer, $token) = $server->verify_request($req); - if ($this->save_notice($req, $consumer, $token)) { - print "omb_version=".OMB_VERSION_01; - } - } catch (OAuthException $e) { - common_server_error($e->getMessage()); - return; - } - } +class PostnoticeAction extends Action +{ + function handle($args) + { + parent::handle($args); + try { + common_remove_magic_from_request(); + $req = OAuthRequest::from_request(); + # Note: server-to-server function! + $server = omb_oauth_server(); + list($consumer, $token) = $server->verify_request($req); + if ($this->save_notice($req, $consumer, $token)) { + print "omb_version=".OMB_VERSION_01; + } + } catch (OAuthException $e) { + $this->serverError($e->getMessage()); + return; + } + } - function save_notice(&$req, &$consumer, &$token) { - $version = $req->get_parameter('omb_version'); - if ($version != OMB_VERSION_01) { - common_user_error(_('Unsupported OMB version'), 400); - return false; - } - # First, check to see - $listenee = $req->get_parameter('omb_listenee'); - $remote_profile = Remote_profile::staticGet('uri', $listenee); - if (!$remote_profile) { - common_user_error(_('Profile unknown'), 403); - return false; - } - $sub = Subscription::staticGet('token', $token->key); - if (!$sub) { - common_user_error(_('No such subscription'), 403); - return false; - } - $content = $req->get_parameter('omb_notice_content'); + function save_notice(&$req, &$consumer, &$token) + { + $version = $req->get_parameter('omb_version'); + if ($version != OMB_VERSION_01) { + $this->clientError(_('Unsupported OMB version'), 400); + return false; + } + # First, check to see + $listenee = $req->get_parameter('omb_listenee'); + $remote_profile = Remote_profile::staticGet('uri', $listenee); + if (!$remote_profile) { + $this->clientError(_('Profile unknown'), 403); + return false; + } + $sub = Subscription::staticGet('token', $token->key); + if (!$sub) { + $this->clientError(_('No such subscription'), 403); + return false; + } + $content = $req->get_parameter('omb_notice_content'); $content_shortened = common_shorten_links($content); if (mb_strlen($content_shortened) > 140) { - common_user_error(_('Invalid notice content'), 400); + $this->clientError(_('Invalid notice content'), 400); + return false; + } + $notice_uri = $req->get_parameter('omb_notice'); + if (!Validate::uri($notice_uri) && + !common_valid_tag($notice_uri)) { + $this->clientError(_('Invalid notice uri'), 400); return false; } - $notice_uri = $req->get_parameter('omb_notice'); - if (!Validate::uri($notice_uri) && - !common_valid_tag($notice_uri)) { - common_user_error(_('Invalid notice uri'), 400); - return false; - } - $notice_url = $req->get_parameter('omb_notice_url'); - if ($notice_url && !common_valid_http_url($notice_url)) { - common_user_error(_('Invalid notice url'), 400); - return false; - } - $notice = Notice::staticGet('uri', $notice_uri); - if (!$notice) { - $notice = Notice::saveNew($remote_profile->id, $content, 'omb', false, 0, $notice_uri); - if (is_string($notice)) { - common_server_serror($notice, 500); - return false; - } - common_broadcast_notice($notice, true); - } - return true; - } + $notice_url = $req->get_parameter('omb_notice_url'); + if ($notice_url && !common_valid_http_url($notice_url)) { + $this->clientError(_('Invalid notice url'), 400); + return false; + } + $notice = Notice::staticGet('uri', $notice_uri); + if (!$notice) { + $notice = Notice::saveNew($remote_profile->id, $content, 'omb', false, 0, $notice_uri); + if (is_string($notice)) { + common_server_serror($notice, 500); + return false; + } + common_broadcast_notice($notice, true); + } + return true; + } } diff --git a/actions/profilesettings.php b/actions/profilesettings.php index ed2623c9b..6dd4775e5 100644 --- a/actions/profilesettings.php +++ b/actions/profilesettings.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Change profile settings + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,425 +18,315 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/accountsettingsaction.php'; + +/** + * Change profile settings + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Zach Copley <zach@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); - -class ProfilesettingsAction extends SettingsAction { - - function get_instructions() { - return _('You can update your personal profile info here '. - 'so people know more about you.'); - } - - function show_form($msg=NULL, $success=false) { - $this->form_header(_('Profile settings'), $msg, $success); - $this->show_settings_form(); - common_element('h2', NULL, _('Avatar')); - $this->show_avatar_form(); - common_element('h2', NULL, _('Change password')); - $this->show_password_form(); -// common_element('h2', NULL, _('Delete my account')); -// $this->show_delete_form(); - common_show_footer(); - } - - function handle_post() { - - # CSRF protection - - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_profile(); - } else if ($this->arg('upload')) { - $this->upload_avatar(); - } else if ($this->arg('changepass')) { - $this->change_password(); - } - - } - - function show_settings_form() { - - $user = common_current_user(); - $profile = $user->getProfile(); - - common_element_start('form', array('method' => 'POST', - 'id' => 'profilesettings', - 'action' => - common_local_url('profilesettings'))); - common_hidden('token', common_session_token()); - - # too much common patterns here... abstractable? - - common_input('nickname', _('Nickname'), - ($this->arg('nickname')) ? $this->arg('nickname') : $profile->nickname, - _('1-64 lowercase letters or numbers, no punctuation or spaces')); - common_input('fullname', _('Full name'), - ($this->arg('fullname')) ? $this->arg('fullname') : $profile->fullname); - common_input('homepage', _('Homepage'), - ($this->arg('homepage')) ? $this->arg('homepage') : $profile->homepage, - _('URL of your homepage, blog, or profile on another site')); - common_textarea('bio', _('Bio'), - ($this->arg('bio')) ? $this->arg('bio') : $profile->bio, - _('Describe yourself and your interests in 140 chars')); - common_input('location', _('Location'), - ($this->arg('location')) ? $this->arg('location') : $profile->location, - _('Where you are, like "City, State (or Region), Country"')); - common_input('tags', _('Tags'), - ($this->arg('tags')) ? $this->arg('tags') : implode(' ', $user->getSelfTags()), - _('Tags for yourself (letters, numbers, -, ., and _), comma- or space- separated')); - - $language = common_language(); - common_dropdown('language', _('Language'), get_nice_language_list(), _('Preferred language'), TRUE, $language); - $timezone = common_timezone(); - $timezones = array(); - foreach(DateTimeZone::listIdentifiers() as $k => $v) { - $timezones[$v] = $v; - } - common_dropdown('timezone', _('Timezone'), $timezones, _('What timezone are you normally in?'), TRUE, $timezone); - - common_checkbox('autosubscribe', _('Automatically subscribe to whoever subscribes to me (best for non-humans)'), - ($this->arg('autosubscribe')) ? $this->boolean('autosubscribe') : $user->autosubscribe); - - common_submit('save', _('Save')); - - common_element_end('form'); - - - } - - function show_avatar_form() { - - $user = common_current_user(); - $profile = $user->getProfile(); - - if (!$profile) { - common_log_db_error($user, 'SELECT', __FILE__); - $this->server_error(_('User without matching profile')); - return; - } - - $original = $profile->getOriginalAvatar(); - - - common_element_start('form', array('enctype' => 'multipart/form-data', - 'method' => 'POST', - 'id' => 'avatar', - 'action' => - common_local_url('profilesettings'))); - common_hidden('token', common_session_token()); - - if ($original) { - common_element('img', array('src' => $original->url, - 'class' => 'avatar original', - 'width' => $original->width, - 'height' => $original->height, - 'alt' => $user->nickname)); - } - - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - - if ($avatar) { - common_element('img', array('src' => $avatar->url, - 'class' => 'avatar profile', - 'width' => AVATAR_PROFILE_SIZE, - 'height' => AVATAR_PROFILE_SIZE, - 'alt' => $user->nickname)); - } - - - common_element('input', array('name' => 'MAX_FILE_SIZE', - 'type' => 'hidden', - 'id' => 'MAX_FILE_SIZE', - 'value' => MAX_AVATAR_SIZE)); - - common_element_start('p'); - - - common_element('input', array('name' => 'avatarfile', - 'type' => 'file', - 'id' => 'avatarfile')); - common_element_end('p'); - - common_submit('upload', _('Upload')); - common_element_end('form'); - - } - - function show_password_form() { - - $user = common_current_user(); - common_element_start('form', array('method' => 'POST', - 'id' => 'password', - 'action' => - common_local_url('profilesettings'))); - - common_hidden('token', common_session_token()); - - # Users who logged in with OpenID won't have a pwd - if ($user->password) { - common_password('oldpassword', _('Old password')); - } - common_password('newpassword', _('New password'), - _('6 or more characters')); - common_password('confirm', _('Confirm'), - _('same as password above')); - common_submit('changepass', _('Change')); - common_element_end('form'); - } - - function save_profile() { - $nickname = $this->trimmed('nickname'); - $fullname = $this->trimmed('fullname'); - $homepage = $this->trimmed('homepage'); - $bio = $this->trimmed('bio'); - $location = $this->trimmed('location'); - $autosubscribe = $this->boolean('autosubscribe'); - $language = $this->trimmed('language'); - $timezone = $this->trimmed('timezone'); - $tagstring = $this->trimmed('tags'); - - # Some validation - - if (!Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.')); - return; - } else if (!User::allowed_nickname($nickname)) { - $this->show_form(_('Not a valid nickname.')); - return; - } else if (!is_null($homepage) && (strlen($homepage) > 0) && - !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) { - $this->show_form(_('Homepage is not a valid URL.')); - return; - } else if (!is_null($fullname) && strlen($fullname) > 255) { - $this->show_form(_('Full name is too long (max 255 chars).')); - return; - } else if (!is_null($bio) && strlen($bio) > 140) { - $this->show_form(_('Bio is too long (max 140 chars).')); - return; - } else if (!is_null($location) && strlen($location) > 255) { - $this->show_form(_('Location is too long (max 255 chars).')); - return; - } else if (is_null($timezone) || !in_array($timezone, DateTimeZone::listIdentifiers())) { - $this->show_form(_('Timezone not selected.')); - return; - } else if ($this->nickname_exists($nickname)) { - $this->show_form(_('Nickname already in use. Try another one.')); - return; +class ProfilesettingsAction extends AccountSettingsAction +{ + /** + * Title of the page + * + * @return string Title of the page + */ + + function title() + { + return _('Profile settings'); + } + + /** + * Instructions for use + * + * @return instructions for use + */ + + function getInstructions() + { + return _('You can update your personal profile info here '. + 'so people know more about you.'); + } + + /** + * Content area of the page + * + * Shows a form for uploading an avatar. + * + * @return void + */ + + function showContent() + { + $user = common_current_user(); + $profile = $user->getProfile(); + + $this->elementStart('form', array('method' => 'POST', + 'id' => 'form_settings_profile', + 'class' => 'form_settings', + 'action' => common_local_url('profilesettings'))); + $this->elementStart('fieldset'); + $this->element('legend', null, _('Profile information')); + $this->hidden('token', common_session_token()); + + # too much common patterns here... abstractable? + + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->input('nickname', _('Nickname'), + ($this->arg('nickname')) ? $this->arg('nickname') : $profile->nickname, + _('1-64 lowercase letters or numbers, no punctuation or spaces')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->input('fullname', _('Full name'), + ($this->arg('fullname')) ? $this->arg('fullname') : $profile->fullname); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->input('homepage', _('Homepage'), + ($this->arg('homepage')) ? $this->arg('homepage') : $profile->homepage, + _('URL of your homepage, blog, or profile on another site')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->textarea('bio', _('Bio'), + ($this->arg('bio')) ? $this->arg('bio') : $profile->bio, + _('Describe yourself and your interests in 140 chars')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->input('location', _('Location'), + ($this->arg('location')) ? $this->arg('location') : $profile->location, + _('Where you are, like "City, State (or Region), Country"')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->input('tags', _('Tags'), + ($this->arg('tags')) ? $this->arg('tags') : implode(' ', $user->getSelfTags()), + _('Tags for yourself (letters, numbers, -, ., and _), comma- or space- separated')); + $this->elementEnd('li'); + $this->elementStart('li'); + $language = common_language(); + $this->dropdown('language', _('Language'), + get_nice_language_list(), _('Preferred language'), + true, $language); + $this->elementEnd('li'); + $timezone = common_timezone(); + $timezones = array(); + foreach(DateTimeZone::listIdentifiers() as $k => $v) { + $timezones[$v] = $v; + } + $this->elementStart('li'); + $this->dropdown('timezone', _('Timezone'), + $timezones, _('What timezone are you normally in?'), + true, $timezone); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('autosubscribe', + _('Automatically subscribe to whoever '. + 'subscribes to me (best for non-humans)'), + ($this->arg('autosubscribe')) ? + $this->boolean('autosubscribe') : $user->autosubscribe); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('save', _('Save')); + + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + + } + + /** + * Handle a post + * + * Validate input and save changes. Reload the form with a success + * or error message. + * + * @return void + */ + + function handlePost() + { + # CSRF protection + + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + $nickname = $this->trimmed('nickname'); + $fullname = $this->trimmed('fullname'); + $homepage = $this->trimmed('homepage'); + $bio = $this->trimmed('bio'); + $location = $this->trimmed('location'); + $autosubscribe = $this->boolean('autosubscribe'); + $language = $this->trimmed('language'); + $timezone = $this->trimmed('timezone'); + $tagstring = $this->trimmed('tags'); + + # Some validation + + if (!Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { + $this->showForm(_('Nickname must have only lowercase letters and numbers and no spaces.')); + return; + } else if (!User::allowed_nickname($nickname)) { + $this->showForm(_('Not a valid nickname.')); + return; + } else if (!is_null($homepage) && (strlen($homepage) > 0) && + !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) { + $this->showForm(_('Homepage is not a valid URL.')); + return; + } else if (!is_null($fullname) && strlen($fullname) > 255) { + $this->showForm(_('Full name is too long (max 255 chars).')); + return; + } else if (!is_null($bio) && strlen($bio) > 140) { + $this->showForm(_('Bio is too long (max 140 chars).')); + return; + } else if (!is_null($location) && strlen($location) > 255) { + $this->showForm(_('Location is too long (max 255 chars).')); + return; + } else if (is_null($timezone) || !in_array($timezone, DateTimeZone::listIdentifiers())) { + $this->showForm(_('Timezone not selected.')); + return; + } else if ($this->nicknameExists($nickname)) { + $this->showForm(_('Nickname already in use. Try another one.')); + return; } else if (!is_null($language) && strlen($language) > 50) { - $this->show_form(_('Language is too long (max 50 chars).')); - return; - } - - if ($tagstring) { - $tags = array_map('common_canonical_tag', preg_split('/[\s,]+/', $tagstring)); - } else { - $tags = array(); - } - - foreach ($tags as $tag) { - if (!common_valid_profile_tag($tag)) { - $this->show_form(sprintf(_('Invalid tag: "%s"'), $tag)); - return; - } - } - - $user = common_current_user(); - - $user->query('BEGIN'); - - if ($user->nickname != $nickname || - $user->language != $language || - $user->timezone != $timezone) { - - common_debug('Updating user nickname from ' . $user->nickname . ' to ' . $nickname, - __FILE__); - common_debug('Updating user language from ' . $user->language . ' to ' . $language, - __FILE__); - common_debug('Updating user timezone from ' . $user->timezone . ' to ' . $timezone, - __FILE__); - - $original = clone($user); - - $user->nickname = $nickname; - $user->language = $language; - $user->timezone = $timezone; - - $result = $user->updateKeys($original); - - if ($result === FALSE) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } else { - # Re-initialize language environment if it changed - common_init_language(); - } - } - - # XXX: XOR - - if ($user->autosubscribe ^ $autosubscribe) { - - $original = clone($user); - - $user->autosubscribe = $autosubscribe; - - $result = $user->update($original); - - if ($result === FALSE) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user for autosubscribe.')); - return; - } - } - - $profile = $user->getProfile(); - - $orig_profile = clone($profile); - - $profile->nickname = $user->nickname; - $profile->fullname = $fullname; - $profile->homepage = $homepage; - $profile->bio = $bio; - $profile->location = $location; - $profile->profileurl = common_profile_url($nickname); - - common_debug('Old profile: ' . common_log_objstring($orig_profile), __FILE__); - common_debug('New profile: ' . common_log_objstring($profile), __FILE__); - - $result = $profile->update($orig_profile); - - if (!$result) { - common_log_db_error($profile, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t save profile.')); - return; - } - - # Set the user tags - - $result = $user->setSelfTags($tags); - - if (!$result) { - common_server_error(_('Couldn\'t save tags.')); - return; - } - - $user->query('COMMIT'); - - common_broadcast_profile($profile); - - $this->show_form(_('Settings saved.'), TRUE); - } - - - function upload_avatar() { - switch ($_FILES['avatarfile']['error']) { - case UPLOAD_ERR_OK: # success, jump out - break; - case UPLOAD_ERR_INI_SIZE: - case UPLOAD_ERR_FORM_SIZE: - $this->show_form(_('That file is too big.')); - return; - case UPLOAD_ERR_PARTIAL: - @unlink($_FILES['avatarfile']['tmp_name']); - $this->show_form(_('Partial upload.')); - return; - default: - $this->show_form(_('System error uploading file.')); - return; - } - - $info = @getimagesize($_FILES['avatarfile']['tmp_name']); - - if (!$info) { - @unlink($_FILES['avatarfile']['tmp_name']); - $this->show_form(_('Not an image or corrupt file.')); - return; - } - - switch ($info[2]) { - case IMAGETYPE_GIF: - case IMAGETYPE_JPEG: - case IMAGETYPE_PNG: - break; - default: - $this->show_form(_('Unsupported image file format.')); - return; - } - - $user = common_current_user(); - $profile = $user->getProfile(); - - if ($profile->setOriginal($_FILES['avatarfile']['tmp_name'])) { - $this->show_form(_('Avatar updated.'), true); - } else { - $this->show_form(_('Failed updating avatar.')); - } - - @unlink($_FILES['avatarfile']['tmp_name']); - } - - function nickname_exists($nickname) { - $user = common_current_user(); - $other = User::staticGet('nickname', $nickname); - if (!$other) { - return false; - } else { - return $other->id != $user->id; - } - } - - function change_password() { - - $user = common_current_user(); - assert(!is_null($user)); # should already be checked - - # FIXME: scrub input - - $newpassword = $this->arg('newpassword'); - $confirm = $this->arg('confirm'); - $token = $this->arg('token'); - - if (0 != strcmp($newpassword, $confirm)) { - $this->show_form(_('Passwords don\'t match.')); - return; - } - - if ($user->password) { - $oldpassword = $this->arg('oldpassword'); - - if (!common_check_user($user->nickname, $oldpassword)) { - $this->show_form(_('Incorrect old password')); - return; - } - } - - $original = clone($user); - - $user->password = common_munge_password($newpassword, $user->id); - - $val = $user->validate(); - if ($val !== TRUE) { - $this->show_form(_('Error saving user; invalid.')); - return; - } - - if (!$user->update($original)) { - common_server_error(_('Can\'t save new password.')); - return; - } - - $this->show_form(_('Password saved.'), true); - } + $this->showForm(_('Language is too long (max 50 chars).')); + return; + } + + if ($tagstring) { + $tags = array_map('common_canonical_tag', preg_split('/[\s,]+/', $tagstring)); + } else { + $tags = array(); + } + + foreach ($tags as $tag) { + if (!common_valid_profile_tag($tag)) { + $this->showForm(sprintf(_('Invalid tag: "%s"'), $tag)); + return; + } + } + + $user = common_current_user(); + + $user->query('BEGIN'); + + if ($user->nickname != $nickname || + $user->language != $language || + $user->timezone != $timezone) { + + common_debug('Updating user nickname from ' . $user->nickname . ' to ' . $nickname, + __FILE__); + common_debug('Updating user language from ' . $user->language . ' to ' . $language, + __FILE__); + common_debug('Updating user timezone from ' . $user->timezone . ' to ' . $timezone, + __FILE__); + + $original = clone($user); + + $user->nickname = $nickname; + $user->language = $language; + $user->timezone = $timezone; + + $result = $user->updateKeys($original); + + if ($result === false) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t update user.')); + return; + } else { + # Re-initialize language environment if it changed + common_init_language(); + } + } + + # XXX: XOR + + if ($user->autosubscribe ^ $autosubscribe) { + + $original = clone($user); + + $user->autosubscribe = $autosubscribe; + + $result = $user->update($original); + + if ($result === false) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t update user for autosubscribe.')); + return; + } + } + + $profile = $user->getProfile(); + + $orig_profile = clone($profile); + + $profile->nickname = $user->nickname; + $profile->fullname = $fullname; + $profile->homepage = $homepage; + $profile->bio = $bio; + $profile->location = $location; + $profile->profileurl = common_profile_url($nickname); + + common_debug('Old profile: ' . common_log_objstring($orig_profile), __FILE__); + common_debug('New profile: ' . common_log_objstring($profile), __FILE__); + + $result = $profile->update($orig_profile); + + if (!$result) { + common_log_db_error($profile, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t save profile.')); + return; + } + + # Set the user tags + + $result = $user->setSelfTags($tags); + + if (!$result) { + $this->serverError(_('Couldn\'t save tags.')); + return; + } + + $user->query('COMMIT'); + + common_broadcast_profile($profile); + + $this->showForm(_('Settings saved.'), true); + } + + function nicknameExists($nickname) + { + $user = common_current_user(); + $other = User::staticGet('nickname', $nickname); + if (!$other) { + return false; + } else { + return $other->id != $user->id; + } + } } diff --git a/actions/public.php b/actions/public.php index 218f80194..f5380589a 100644 --- a/actions/public.php +++ b/actions/public.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Action for displaying the public stream + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,85 +18,205 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Public + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/stream.php'); - -class PublicAction extends StreamAction { - - function handle($args) { - parent::handle($args); - - $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - - header('X-XRDS-Location: '. common_local_url('publicxrds')); - - common_show_header(_('Public timeline'), - array($this, 'show_header'), NULL, - array($this, 'show_top')); - - # XXX: Public sidebar here? - - $this->show_notices($page); - - common_show_footer(); - } - - function show_top() { - if (common_logged_in()) { - common_notice_form('public'); - } else { - $instr = $this->get_instructions(); - $output = common_markup_to_html($instr); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - } - - $this->public_views_menu(); - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('publicrss'), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'publicrss'), - 1=>array('href'=>common_local_url('publicatom'), - 'type' => 'atom', - 'version' => 'Atom 1.0', - 'item' => 'publicatom'))); - } - - function get_instructions() { - return _('This is %%site.name%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . - 'based on the Free Software [Laconica](http://laconi.ca/) tool. ' . - '[Join now](%%action.register%%) to share notices about yourself with friends, family, and colleagues! ([Read more](%%doc.help%%))'); - } - - function show_header() { - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('publicrss'), - 'type' => 'application/rss+xml', - 'title' => _('Public Stream Feed'))); - # for client side of OpenID authentication - common_element('meta', array('http-equiv' => 'X-XRDS-Location', - 'content' => common_local_url('publicxrds'))); - } +if (!defined('LACONICA')) { + exit(1); +} - function show_notices($page) { +require_once INSTALLDIR.'/lib/publicgroupnav.php'; +require_once INSTALLDIR.'/lib/noticelist.php'; +require_once INSTALLDIR.'/lib/feedlist.php'; - $cnt = 0; - $notice = Notice::publicStream(($page-1)*NOTICES_PER_PAGE, - NOTICES_PER_PAGE + 1); +/** + * Action for displaying the public stream + * + * @category Public + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * + * @see PublicrssAction + * @see PublicxrdsAction + */ - if (!$notice) { - $this->server_error(_('Could not retrieve public stream.')); +class PublicAction extends Action +{ + /** + * page of the stream we're on; default = 1 + */ + + var $page = null; + + /** + * Read and validate arguments + * + * @param array $args URL parameters + * + * @return boolean success value + */ + + function prepare($args) + { + parent::prepare($args); + $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; + return true; + } + + /** + * handle request + * + * Show the public stream, using recipe method showPage() + * + * @param array $args arguments, mostly unused + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + header('X-XRDS-Location: '. common_local_url('publicxrds')); + + $this->showPage(); + } + + /** + * Title of the page + * + * @return page title, including page number if over 1 + */ + + function title() + { + if ($this->page > 1) { + return sprintf(_('Public timeline, page %d'), $this->page); + } else { + return _('Public timeline'); + } + } + + /** + * Output <head> elements for RSS and Atom feeds + * + * @return void + */ + + function showFeeds() + { + $this->element('link', array('rel' => 'alternate', + 'href' => common_local_url('publicrss'), + 'type' => 'application/rss+xml', + 'title' => _('Public Stream Feed'))); + } + + /** + * Extra head elements + * + * We include a <meta> element linking to the publicxrds page, for OpenID + * client-side authentication. + * + * @return void + */ + + function extraHead() + { + // for client side of OpenID authentication + $this->element('meta', array('http-equiv' => 'X-XRDS-Location', + 'content' => common_local_url('publicxrds'))); + } + + /** + * Show tabset for this page + * + * Uses the PublicGroupNav widget + * + * @return void + * @see PublicGroupNav + */ + + function showLocalNav() + { + $nav = new PublicGroupNav($this); + $nav->show(); + } + + /** + * Fill the content area + * + * Shows a list of the notices in the public stream, with some pagination + * controls. + * + * @return void + */ + + function showContent() + { + $notice = Notice::publicStream(($this->page-1)*NOTICES_PER_PAGE, + NOTICES_PER_PAGE + 1); + + if (!$notice) { + $this->serverError(_('Could not retrieve public stream.')); return; - } - - $cnt = $this->show_notice_list($notice); - - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'public'); - } + } + + $nl = new NoticeList($notice, $this); + + $cnt = $nl->show(); + + $this->pagination($this->page > 1, $cnt > NOTICES_PER_PAGE, + $this->page, 'public'); + } + + /** + * Makes a list of exported feeds for this page + * + * @return void + * + * @todo I18N + */ + + function showExportData() + { + $fl = new FeedList($this); + $fl->show(array(0 => array('href' => common_local_url('publicrss'), + 'type' => 'rss', + 'version' => 'RSS 1.0', + 'item' => 'publicrss'), + 1 => array('href' => common_local_url('publicatom'), + 'type' => 'atom', + 'version' => 'Atom 1.0', + 'item' => 'publicatom'))); + } + + function showSections() + { + $top = new TopPostersSection($this); + $top->show(); + $pop = new PopularNoticeSection($this); + $pop->show(); + $gbp = new GroupsByPostsSection($this); + $gbp->show(); + $feat = new FeaturedUsersSection($this); + $feat->show(); + } + + function showAnonymousMessage() + { + $m = _('This is %%site.name%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . + 'based on the Free Software [Laconica](http://laconi.ca/) tool. ' . + '[Join now](%%action.register%%) to share notices about yourself with friends, family, and colleagues! ([Read more](%%doc.help%%))'); + $this->elementStart('div', array('id' => 'anon_notice')); + $this->raw(common_markup_to_html($m)); + $this->elementEnd('div'); + } } diff --git a/actions/publicrss.php b/actions/publicrss.php index 1ab6a8be0..844c334be 100644 --- a/actions/publicrss.php +++ b/actions/publicrss.php @@ -1,5 +1,17 @@ <?php -/* + +/** + * Public RSS action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,41 +29,78 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/rssaction.php'); - -// Formatting of RSS handled by Rss10Action - -class PublicrssAction extends Rss10Action { - - function init() { - return true; - } - - function get_notices($limit=0) { - - $notices = array(); - - $notice = Notice::publicStream(0, ($limit == 0) ? 48 : $limit); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - return $notices; - } - - function get_channel() { - global $config; - $c = array('url' => common_local_url('publicrss'), - 'title' => sprintf(_('%s Public Stream'), $config['site']['name']), - 'link' => common_local_url('public'), - 'description' => sprintf(_('All updates for %s'), $config['site']['name'])); - return $c; - } - - function get_image() { - return NULL; - } -}
\ No newline at end of file +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/rssaction.php'; + +/** + * RSS feed for public timeline. + * + * Formatting of RSS handled by Rss10Action + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class PublicrssAction extends Rss10Action +{ + /** + * Initialization. + * + * @return boolean true + */ + function init() + { + return true; + } + + /** + * Get notices + * + * @param integer $limit max number of notices to return + * + * @return array notices + */ + function getNotices($limit=0) + { + $notices = array(); + $notice = Notice::publicStream(0, ($limit == 0) ? 48 : $limit); + while ($notice->fetch()) { + $notices[] = clone($notice); + } + + return $notices; + } + + /** + * Get channel. + * + * @return array associative array on channel information + */ + function getChannel() + { + global $config; + $c = array( + 'url' => common_local_url('publicrss') + , 'title' => sprintf(_('%s Public Stream'), $config['site']['name']) + , 'link' => common_local_url('public') + , 'description' => sprintf(_('All updates for %s'), $config['site']['name'])); + return $c; + } + + /** + * Get image. + * + * @return nothing + */ + function getImage() + { + // nop + } +} + diff --git a/actions/publictagcloud.php b/actions/publictagcloud.php new file mode 100644 index 000000000..6f5fc7541 --- /dev/null +++ b/actions/publictagcloud.php @@ -0,0 +1,155 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * Public tag cloud for notices + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Public + * @package Laconica + * @author Mike Cochrane <mikec@mikenz.geek.nz> + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008 Mike Cochrane + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { exit(1); } + +define('TAGS_PER_PAGE', 100); + +/** + * Public tag cloud for notices + * + * @category Personal + * @package Laconica + * @author Mike Cochrane <mikec@mikenz.geek.nz> + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008 Mike Cochrane + * @copyright 2008-2009 Control Yourself, Inc. + * @link http://laconi.ca/ + */ + +class PublictagcloudAction extends Action +{ + function isReadOnly() + { + return true; + } + + function title() + { + return _('Public tag cloud'); + } + + function showPageNotice() + { + $this->element('p', 'instructions', + sprintf(_('These are most popular recent tags on %s '), + common_config('site', 'name'))); + } + + function showLocalNav() + { + $nav = new PublicGroupNav($this); + $nav->show(); + } + + function handle($args) + { + parent::handle($args); + $this->showPage(); + } + + function showContent() + { + # This should probably be cached rather than recalculated + $tags = new Notice_tag(); + + #Need to clear the selection and then only re-add the field + #we are grouping by, otherwise it's not a valid 'group by' + #even though MySQL seems to let it slide... + $tags->selectAdd(); + $tags->selectAdd('tag'); + + #Add the aggregated columns... + $tags->selectAdd('max(notice_id) as last_notice_id'); + if(common_config('db','type')=='pgsql') { + $calc='sum(exp(-extract(epoch from (now()-created))/%s)) as weight'; + } else { + $calc='sum(exp(-(now() - created)/%s)) as weight'; + } + $tags->selectAdd(sprintf($calc, common_config('tag', 'dropoff'))); + $tags->groupBy('tag'); + $tags->orderBy('weight DESC'); + + $tags->limit(TAGS_PER_PAGE); + + $cnt = $tags->find(); + + if ($cnt > 0) { + $this->elementStart('div', array('id' => 'tagcloud', + 'class' => 'section')); + + $tw = array(); + $sum = 0; + while ($tags->fetch()) { + $tw[$tags->tag] = $tags->weight; + $sum += $tags->weight; + } + + ksort($tw); + + $this->elementStart('dl'); + $this->element('dt', null, _('Tag cloud')); + $this->elementStart('dd'); + $this->elementStart('ul', 'tags xoxo tag-cloud'); + foreach ($tw as $tag => $weight) { + $this->showTag($tag, $weight, $weight/$sum); + } + $this->elementEnd('ul'); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + $this->elementEnd('div'); + } + } + + function showTag($tag, $weight, $relative) + { + if ($relative > 0.1) { + $rel = 'tag-cloud-7'; + } else if ($relative > 0.05) { + $rel = 'tag-cloud-6'; + } else if ($relative > 0.02) { + $rel = 'tag-cloud-5'; + } else if ($relative > 0.01) { + $rel = 'tag-cloud-4'; + } else if ($relative > 0.005) { + $rel = 'tag-cloud-3'; + } else if ($relative > 0.002) { + $rel = 'tag-cloud-2'; + } else { + $rel = 'tag-cloud-1'; + } + + $this->elementStart('li', $rel); + $this->element('a', array('href' => common_local_url('tag', array('tag' => $tag))), + $tag); + $this->elementEnd('li'); + } +} diff --git a/actions/publicxrds.php b/actions/publicxrds.php index 951434c87..aad59d779 100644 --- a/actions/publicxrds.php +++ b/actions/publicxrds.php @@ -1,5 +1,17 @@ <?php -/* + +/** + * Public XRDS for OpenID + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,63 +29,94 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/openid.php'); - -# XXX: factor out similarities with XrdsAction - -class PublicxrdsAction extends Action { - - function is_readonly() { - return true; - } +if (!defined('LACONICA')) { + exit(1); +} - function handle($args) { +require_once INSTALLDIR.'/lib/openid.php'; - parent::handle($args); - - header('Content-Type: application/xrds+xml'); - - common_start_xml(); - common_element_start('XRDS', array('xmlns' => 'xri://$xrds')); - - common_element_start('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - - common_element('Type', NULL, 'xri://$xrds*simple'); - - foreach (array('finishopenidlogin', 'finishaddopenid', 'finishimmediate') as $finish) { - $this->show_service(Auth_OpenID_RP_RETURN_TO_URL_TYPE, - common_local_url($finish)); - } +/** + * Public XRDS for OpenID + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * + * @todo factor out similarities with XrdsAction + */ +class PublicxrdsAction extends Action +{ + /** + * Is read only? + * + * @return boolean true + */ + function isReadOnly() + { + return true; + } - common_element_end('XRD'); + /** + * Class handler. + * + * @param array $args array of arguments + * + * @return nothing + */ + function handle($args) + { + parent::handle($args); + header('Content-Type: application/xrds+xml'); + common_start_xml(); + $this->elementStart('XRDS', array('xmlns' => 'xri://$xrds')); + $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', + 'version' => '2.0')); + $this->element('Type', null, 'xri://$xrds*simple'); + foreach (array('finishopenidlogin', 'finishaddopenid', 'finishimmediate') as $finish) { + $this->showService(Auth_OpenID_RP_RETURN_TO_URL_TYPE, + common_local_url($finish)); + } + $this->elementEnd('XRD'); + $this->elementEnd('XRDS'); + common_end_xml(); + } - common_element_end('XRDS'); - common_end_xml(); - } + /** + * Show service. + * + * @param string $type XRDS type + * @param string $uri URI + * @param array $params type parameters, null by default + * @param array $sigs type signatures, null by default + * @param string $localId local ID, null by default + * + * @return void + */ + function showService($type, $uri, $params=null, $sigs=null, $localId=null) + { + $this->elementStart('Service'); + if ($uri) { + $this->element('URI', null, $uri); + } + $this->element('Type', null, $type); + if ($params) { + foreach ($params as $param) { + $this->element('Type', null, $param); + } + } + if ($sigs) { + foreach ($sigs as $sig) { + $this->element('Type', null, $sig); + } + } + if ($localId) { + $this->element('LocalID', null, $localId); + } + $this->elementEnd('Service'); + } +} - function show_service($type, $uri, $params=NULL, $sigs=NULL, $localId=NULL) { - common_element_start('Service'); - if ($uri) { - common_element('URI', NULL, $uri); - } - common_element('Type', NULL, $type); - if ($params) { - foreach ($params as $param) { - common_element('Type', NULL, $param); - } - } - if ($sigs) { - foreach ($sigs as $sig) { - common_element('Type', NULL, $sig); - } - } - if ($localId) { - common_element('LocalID', NULL, $localId); - } - common_element_end('Service'); - } -}
\ No newline at end of file diff --git a/actions/recoverpassword.php b/actions/recoverpassword.php index 54a0f2ae3..eeb6b2516 100644 --- a/actions/recoverpassword.php +++ b/actions/recoverpassword.php @@ -23,309 +23,344 @@ if (!defined('LACONICA')) { exit(1); } define(MAX_RECOVERY_TIME, 24 * 60 * 60); -class RecoverpasswordAction extends Action { - - function handle($args) { +class RecoverpasswordAction extends Action +{ + var $mode = null; + var $msg = null; + var $success = null; + + function handle($args) + { parent::handle($args); if (common_logged_in()) { - $this->client_error(_('You are already logged in!')); + $this->clientError(_('You are already logged in!')); return; } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - if ($this->arg('recover')) { - $this->recover_password(); + if ($this->arg('recover')) { + $this->recoverPassword(); } else if ($this->arg('reset')) { - $this->reset_password(); - } else { - $this->client_error(_('Unexpected form submission.')); - } - } else { - if ($this->trimmed('code')) { - $this->check_code(); - } else { - $this->show_form(); - } - } - } - - function check_code() { - - $code = $this->trimmed('code'); - $confirm = Confirm_address::staticGet('code', $code); - - if (!$confirm) { - $this->client_error(_('No such recovery code.')); - return; - } - if ($confirm->address_type != 'recover') { - $this->client_error(_('Not a recovery code.')); - return; - } - - $user = User::staticGet($confirm->user_id); - - if (!$user) { - $this->server_error(_('Recovery code for unknown user.')); - return; - } - - $touched = strtotime($confirm->modified); - $email = $confirm->address; - - # Burn this code - - $result = $confirm->delete(); - - if (!$result) { - common_log_db_error($confirm, 'DELETE', __FILE__); - common_server_error(_('Error with confirmation code.')); - return; - } - - # These should be reaped, but for now we just check mod time - # Note: it's still deleted; let's avoid a second attempt! - - if ((time() - $touched) > MAX_RECOVERY_TIME) { - common_log(LOG_WARNING, - 'Attempted redemption on recovery code ' . - 'that is ' . $touched . ' seconds old. '); - $this->client_error(_('This confirmation code is too old. ' . - 'Please start again.')); - return; - } - - # If we used an outstanding confirmation to send the email, - # it's been confirmed at this point. - - if (!$user->email) { - $orig = clone($user); - $user->email = $email; - $result = $user->updateKeys($orig); - if (!$result) { - common_log_db_error($user, 'UPDATE', __FILE__); - $this->server_error(_('Could not update user with confirmed email address.')); - return; - } - } - - # Success! - - $this->set_temp_user($user); - $this->show_password_form(); - } - - function set_temp_user(&$user) { - common_ensure_session(); - $_SESSION['tempuser'] = $user->id; - } - - function get_temp_user() { - common_ensure_session(); - $user_id = $_SESSION['tempuser']; - if ($user_id) { - $user = User::staticGet($user_id); - } - return $user; - } - - function clear_temp_user() { - common_ensure_session(); - unset($_SESSION['tempuser']); - } - - function show_top($msg=NULL) { - if ($msg) { - common_element('div', 'error', $msg); - } else { - common_element_start('div', 'instructions'); - common_element('p', NULL, - _('If you\'ve forgotten or lost your' . - ' password, you can get a new one sent to' . - ' the email address you have stored' . - ' in your account.')); - common_element_end('div'); - } - } - - function show_password_top($msg=NULL) { - if ($msg) { - common_element('div', 'error', $msg); - } else { - common_element('div', 'instructions', - _('You\'ve been identified. Enter a ' . - ' new password below. ')); - } - } - - function show_form($msg=NULL) { - - common_show_header(_('Recover password'), NULL, - $msg, array($this, 'show_top')); - - common_element_start('form', array('method' => 'post', - 'id' => 'recoverpassword', - 'action' => common_local_url('recoverpassword'))); - common_input('nicknameoremail', _('Nickname or email'), - $this->trimmed('nicknameoremail'), - _('Your nickname on this server, ' . - 'or your registered email address.')); - common_submit('recover', _('Recover')); - common_element_end('form'); - common_show_footer(); - } - - function show_password_form($msg=NULL) { - - common_show_header(_('Reset password'), NULL, - $msg, array($this, 'show_password_top')); - - common_element_start('form', array('method' => 'post', - 'id' => 'recoverpassword', - 'action' => common_local_url('recoverpassword'))); - common_hidden('token', common_session_token()); - common_password('newpassword', _('New password'), - _('6 or more characters, and don\'t forget it!')); - common_password('confirm', _('Confirm'), - _('Same as password above')); - common_submit('reset', _('Reset')); - common_element_end('form'); - common_show_footer(); - } - - function recover_password() { - $nore = $this->trimmed('nicknameoremail'); - if (!$nore) { - $this->show_form(_('Enter a nickname or email address.')); - return; - } - - $user = User::staticGet('email', common_canonical_email($nore)); - - if (!$user) { - $user = User::staticGet('nickname', common_canonical_nickname($nore)); - } - - # See if it's an unconfirmed email address - - if (!$user) { - $confirm_email = Confirm_address::staticGet('address', common_canonical_email($nore)); - if ($confirm_email && $confirm_email->address_type == 'email') { - $user = User::staticGet($confirm_email->user_id); - } - } - - if (!$user) { - $this->show_form(_('No user with that email address or username.')); - return; - } - - # Try to get an unconfirmed email address if they used a user name - - if (!$user->email && !$confirm_email) { - $confirm_email = Confirm_address::staticGet('user_id', $user->id); - if ($confirm_email && $confirm_email->address_type != 'email') { - # Skip non-email confirmations - $confirm_email = NULL; - } - } - - if (!$user->email && !$confirm_email) { - $this->client_error(_('No registered email address for that user.')); - return; - } - - # Success! We have a valid user and a confirmed or unconfirmed email address - - $confirm = new Confirm_address(); - $confirm->code = common_confirmation_code(128); - $confirm->address_type = 'recover'; - $confirm->user_id = $user->id; - $confirm->address = (isset($user->email)) ? $user->email : $confirm_email->address; - - if (!$confirm->insert()) { - common_log_db_error($confirm, 'INSERT', __FILE__); - $this->server_error(_('Error saving address confirmation.')); - return; - } - - $body = "Hey, $user->nickname."; - $body .= "\n\n"; - $body .= 'Someone just asked for a new password ' . - 'for this account on ' . common_config('site', 'name') . '.'; - $body .= "\n\n"; - $body .= 'If it was you, and you want to confirm, use the URL below:'; - $body .= "\n\n"; - $body .= "\t".common_local_url('recoverpassword', - array('code' => $confirm->code)); - $body .= "\n\n"; - $body .= 'If not, just ignore this message.'; - $body .= "\n\n"; - $body .= 'Thanks for your time, '; - $body .= "\n"; - $body .= common_config('site', 'name'); - $body .= "\n"; - - mail_to_user($user, _('Password recovery requested'), $body, $confirm->address); - - common_show_header(_('Password recovery requested')); - common_element('p', NULL, - _('Instructions for recovering your password ' . - 'have been sent to the email address registered to your ' . - 'account.')); - common_show_footer(); - } - - function reset_password() { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - $user = $this->get_temp_user(); - - if (!$user) { - $this->client_error(_('Unexpected password reset.')); - return; - } - - $newpassword = $this->trimmed('newpassword'); - $confirm = $this->trimmed('confirm'); - - if (!$newpassword || strlen($newpassword) < 6) { - $this->show_password_form(_('Password must be 6 chars or more.')); - return; - } - if ($newpassword != $confirm) { - $this->show_password_form(_('Password and confirmation do not match.')); - return; - } - - # OK, we're ready to go - - $original = clone($user); - - $user->password = common_munge_password($newpassword, $user->id); - - if (!$user->update($original)) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Can\'t save new password.')); - return; - } - - $this->clear_temp_user(); - - if (!common_set_user($user->nickname)) { - common_server_error(_('Error setting user.')); - return; - } - - common_real_login(true); - - common_show_header(_('Password saved.')); - common_element('p', NULL, _('New password successfully saved. ' . - 'You are now logged in.')); - common_show_footer(); - } + $this->resetPassword(); + } else { + $this->clientError(_('Unexpected form submission.')); + } + } else { + if ($this->trimmed('code')) { + $this->checkCode(); + } else { + $this->showForm(); + } + } + } + + function checkCode() + { + + $code = $this->trimmed('code'); + $confirm = Confirm_address::staticGet('code', $code); + + if (!$confirm) { + $this->clientError(_('No such recovery code.')); + return; + } + if ($confirm->address_type != 'recover') { + $this->clientError(_('Not a recovery code.')); + return; + } + + $user = User::staticGet($confirm->user_id); + + if (!$user) { + $this->serverError(_('Recovery code for unknown user.')); + return; + } + + $touched = strtotime($confirm->modified); + $email = $confirm->address; + + # Burn this code + + $result = $confirm->delete(); + + if (!$result) { + common_log_db_error($confirm, 'DELETE', __FILE__); + $this->serverError(_('Error with confirmation code.')); + return; + } + + # These should be reaped, but for now we just check mod time + # Note: it's still deleted; let's avoid a second attempt! + + if ((time() - $touched) > MAX_RECOVERY_TIME) { + common_log(LOG_WARNING, + 'Attempted redemption on recovery code ' . + 'that is ' . $touched . ' seconds old. '); + $this->clientError(_('This confirmation code is too old. ' . + 'Please start again.')); + return; + } + + # If we used an outstanding confirmation to send the email, + # it's been confirmed at this point. + + if (!$user->email) { + $orig = clone($user); + $user->email = $email; + $result = $user->updateKeys($orig); + if (!$result) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Could not update user with confirmed email address.')); + return; + } + } + + # Success! + + $this->setTempUser($user); + $this->showPasswordForm(); + } + + function setTempUser(&$user) + { + common_ensure_session(); + $_SESSION['tempuser'] = $user->id; + } + + function getTempUser() + { + common_ensure_session(); + $user_id = $_SESSION['tempuser']; + if ($user_id) { + $user = User::staticGet($user_id); + } + return $user; + } + + function clearTempUser() + { + common_ensure_session(); + unset($_SESSION['tempuser']); + } + + function showPageNotice() + { + if ($this->msg) { + $this->element('div', ($this->success) ? 'success' : 'error', $this->msg); + } else { + $this->elementStart('div', 'instructions'); + if ($this->mode == 'recover') { + $this->element('p', null, + _('If you\'ve forgotten or lost your' . + ' password, you can get a new one sent to' . + ' the email address you have stored ' . + ' in your account.')); + } else if ($this->mode == 'reset') { + $this->element('p', null, + _('You\'ve been identified. Enter a ' . + ' new password below. ')); + } + $this->elementEnd('div'); + } + } + + function showForm($msg=null) + { + $this->msg = $msg; + $this->mode = 'recover'; + $this->showPage(); + } + + function showContent() + { + if ($this->mode == 'recover') { + $this->showRecoverForm(); + } else if ($this->mode == 'reset') { + $this->showResetForm(); + } + } + + function showRecoverForm() + { + $this->elementStart('form', array('method' => 'post', + 'id' => 'recoverpassword', + 'action' => common_local_url('recoverpassword'))); + $this->input('nicknameoremail', _('Nickname or email'), + $this->trimmed('nicknameoremail'), + _('Your nickname on this server, ' . + 'or your registered email address.')); + $this->submit('recover', _('Recover')); + $this->elementEnd('form'); + } + + function title() + { + switch ($this->mode) { + case 'reset': return _('Reset password'); + case 'recover': return _('Recover password'); + case 'sent': return _('Password recovery requested'); + case 'saved': return _('Password saved.'); + default: + return _('Unknown action'); + } + } + + function showPasswordForm($msg=null) + { + $this->msg = $msg; + $this->mode = 'reset'; + $this->showPage(); + } + + function showResetForm() + { + $this->elementStart('form', array('method' => 'post', + 'id' => 'recoverpassword', + 'action' => common_local_url('recoverpassword'))); + $this->hidden('token', common_session_token()); + $this->password('newpassword', _('New password'), + _('6 or more characters, and don\'t forget it!')); + $this->password('confirm', _('Confirm'), + _('Same as password above')); + $this->submit('reset', _('Reset')); + $this->elementEnd('form'); + } + + function recoverPassword() + { + $nore = $this->trimmed('nicknameoremail'); + if (!$nore) { + $this->showForm(_('Enter a nickname or email address.')); + return; + } + + $user = User::staticGet('email', common_canonical_email($nore)); + + if (!$user) { + $user = User::staticGet('nickname', common_canonical_nickname($nore)); + } + + # See if it's an unconfirmed email address + + if (!$user) { + $confirm_email = Confirm_address::staticGet('address', common_canonical_email($nore)); + if ($confirm_email && $confirm_email->address_type == 'email') { + $user = User::staticGet($confirm_email->user_id); + } + } + + if (!$user) { + $this->showForm(_('No user with that email address or username.')); + return; + } + + # Try to get an unconfirmed email address if they used a user name + + if (!$user->email && !$confirm_email) { + $confirm_email = Confirm_address::staticGet('user_id', $user->id); + if ($confirm_email && $confirm_email->address_type != 'email') { + # Skip non-email confirmations + $confirm_email = null; + } + } + + if (!$user->email && !$confirm_email) { + $this->clientError(_('No registered email address for that user.')); + return; + } + + # Success! We have a valid user and a confirmed or unconfirmed email address + + $confirm = new Confirm_address(); + $confirm->code = common_confirmation_code(128); + $confirm->address_type = 'recover'; + $confirm->user_id = $user->id; + $confirm->address = (isset($user->email)) ? $user->email : $confirm_email->address; + + if (!$confirm->insert()) { + common_log_db_error($confirm, 'INSERT', __FILE__); + $this->serverError(_('Error saving address confirmation.')); + return; + } + + $body = "Hey, $user->nickname."; + $body .= "\n\n"; + $body .= 'Someone just asked for a new password ' . + 'for this account on ' . common_config('site', 'name') . '.'; + $body .= "\n\n"; + $body .= 'If it was you, and you want to confirm, use the URL below:'; + $body .= "\n\n"; + $body .= "\t".common_local_url('recoverpassword', + array('code' => $confirm->code)); + $body .= "\n\n"; + $body .= 'If not, just ignore this message.'; + $body .= "\n\n"; + $body .= 'Thanks for your time, '; + $body .= "\n"; + $body .= common_config('site', 'name'); + $body .= "\n"; + + mail_to_user($user, _('Password recovery requested'), $body, $confirm->address); + + $this->mode = 'sent'; + $this->msg = _('Instructions for recovering your password ' . + 'have been sent to the email address registered to your ' . + 'account.'); + $this->success = true; + $this->showPage(); + } + + function resetPassword() + { + # CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. Try again, please.')); + return; + } + + $user = $this->getTempUser(); + + if (!$user) { + $this->clientError(_('Unexpected password reset.')); + return; + } + + $newpassword = $this->trimmed('newpassword'); + $confirm = $this->trimmed('confirm'); + + if (!$newpassword || strlen($newpassword) < 6) { + $this->showPasswordForm(_('Password must be 6 chars or more.')); + return; + } + if ($newpassword != $confirm) { + $this->showPasswordForm(_('Password and confirmation do not match.')); + return; + } + + # OK, we're ready to go + + $original = clone($user); + + $user->password = common_munge_password($newpassword, $user->id); + + if (!$user->update($original)) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Can\'t save new password.')); + return; + } + + $this->clearTempUser(); + + if (!common_set_user($user->nickname)) { + $this->serverError(_('Error setting user.')); + return; + } + + common_real_login(true); + + $this->mode = 'saved'; + $this->msg = _('New password successfully saved. ' . + 'You are now logged in.'); + $this->success = true; + $this->showPage(); + } } diff --git a/actions/register.php b/actions/register.php index a22ffca28..a63da2e0f 100644 --- a/actions/register.php +++ b/actions/register.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Register a new user account + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,248 +18,498 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Login + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -class RegisterAction extends Action { - - function handle($args) { - parent::handle($args); - - if (common_config('site', 'closed')) { - common_user_error(_('Registration not allowed.')); - } else if (common_logged_in()) { - common_user_error(_('Already logged in.')); - } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->try_register(); - } else { - $this->show_form(); - } - } - - function try_register() { - - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - $nickname = $this->trimmed('nickname'); - $email = $this->trimmed('email'); - $fullname = $this->trimmed('fullname'); - $homepage = $this->trimmed('homepage'); - $bio = $this->trimmed('bio'); - $location = $this->trimmed('location'); - - # We don't trim these... whitespace is OK in a password! - - $password = $this->arg('password'); - $confirm = $this->arg('confirm'); - - # invitation code, if any - - $code = $this->trimmed('code'); - - if ($code) { - $invite = Invitation::staticGet($code); - } - - if (common_config('site', 'inviteonly') && !($code && $invite)) { - $this->client_error(_('Sorry, only invited people can register.')); - return; - } - - # Input scrubbing - - $nickname = common_canonical_nickname($nickname); - $email = common_canonical_email($email); - - if (!$this->boolean('license')) { - $this->show_form(_('You can\'t register if you don\'t agree to the license.')); - } else if ($email && !Validate::email($email, true)) { - $this->show_form(_('Not a valid email address.')); - } else if (!Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->show_form(_('Nickname must have only lowercase letters and numbers and no spaces.')); - } else if ($this->nickname_exists($nickname)) { - $this->show_form(_('Nickname already in use. Try another one.')); - } else if (!User::allowed_nickname($nickname)) { - $this->show_form(_('Not a valid nickname.')); - } else if ($this->email_exists($email)) { - $this->show_form(_('Email address already exists.')); - } else if (!is_null($homepage) && (strlen($homepage) > 0) && - !Validate::uri($homepage, array('allowed_schemes' => array('http', 'https')))) { - $this->show_form(_('Homepage is not a valid URL.')); - return; - } else if (!is_null($fullname) && strlen($fullname) > 255) { - $this->show_form(_('Full name is too long (max 255 chars).')); - return; - } else if (!is_null($bio) && strlen($bio) > 140) { - $this->show_form(_('Bio is too long (max 140 chars).')); - return; - } else if (!is_null($location) && strlen($location) > 255) { - $this->show_form(_('Location is too long (max 255 chars).')); - return; - } else if (strlen($password) < 6) { - $this->show_form(_('Password must be 6 or more characters.')); - return; - } else if ($password != $confirm) { - $this->show_form(_('Passwords don\'t match.')); - } else if ($user = User::register(array('nickname' => $nickname, 'password' => $password, 'email' => $email, - 'fullname' => $fullname, 'homepage' => $homepage, 'bio' => $bio, - 'location' => $location, 'code' => $code))) { - if (!$user) { - $this->show_form(_('Invalid username or password.')); - return; - } - # success! - if (!common_set_user($user)) { - common_server_error(_('Error setting user.')); - return; - } - # this is a real login - common_real_login(true); - if ($this->boolean('rememberme')) { - common_debug('Adding rememberme cookie for ' . $nickname); - common_rememberme($user); - } - # Re-init language env in case it changed (not yet, but soon) - common_init_language(); - $this->show_success(); - } else { - $this->show_form(_('Invalid username or password.')); - } - } - - # checks if *CANONICAL* nickname exists - - function nickname_exists($nickname) { - $user = User::staticGet('nickname', $nickname); - return ($user !== false); - } - - # checks if *CANONICAL* email exists - - function email_exists($email) { - $email = common_canonical_email($email); - if (!$email || strlen($email) == 0) { - return false; - } - $user = User::staticGet('email', $email); - return ($user !== false); - } - - function show_top($error=NULL) { - if ($error) { - common_element('p', 'error', $error); - } else { - $instr = common_markup_to_html(_('With this form you can create a new account. ' . - 'You can then post notices and link up to friends and colleagues. '. - '(Have an [OpenID](http://openid.net/)? ' . - 'Try our [OpenID registration](%%action.openidlogin%%)!)')); - - common_element_start('div', 'instructions'); - common_raw($instr); - common_element_end('div'); - } - } - - function show_form($error=NULL) { - global $config; - - $code = $this->trimmed('code'); - - if ($code) { - $invite = Invitation::staticGet($code); - } - - if (common_config('site', 'inviteonly') && !($code && $invite)) { - $this->client_error(_('Sorry, only invited people can register.')); - return; - } - - common_show_header(_('Register'), NULL, $error, array($this, 'show_top')); - common_element_start('form', array('method' => 'post', - 'id' => 'login', - 'action' => common_local_url('register'))); - - common_hidden('token', common_session_token()); - - if ($code) { - common_hidden('code', $code); - } - - common_input('nickname', _('Nickname'), $this->trimmed('nickname'), - _('1-64 lowercase letters or numbers, no punctuation or spaces. Required.')); - common_password('password', _('Password'), - _('6 or more characters. Required.')); - common_password('confirm', _('Confirm'), - _('Same as password above. Required.')); - if ($invite && $invite->address_type == 'email') { - common_input('email', _('Email'), $invite->address, - _('Used only for updates, announcements, and password recovery')); - } else { - common_input('email', _('Email'), $this->trimmed('email'), - _('Used only for updates, announcements, and password recovery')); - } - common_input('fullname', _('Full name'), - $this->trimmed('fullname'), - _('Longer name, preferably your "real" name')); - common_input('homepage', _('Homepage'), - $this->trimmed('homepage'), - _('URL of your homepage, blog, or profile on another site')); - common_textarea('bio', _('Bio'), - $this->trimmed('bio'), - _('Describe yourself and your interests in 140 chars')); - common_input('location', _('Location'), - $this->trimmed('location'), - _('Where you are, like "City, State (or Region), Country"')); - common_checkbox('rememberme', _('Remember me'), - $this->boolean('rememberme'), - _('Automatically login in the future; not for shared computers!')); - common_element_start('p'); - $attrs = array('type' => 'checkbox', - 'id' => 'license', - 'name' => 'license', - 'value' => 'true'); - if ($this->boolean('license')) { - $attrs['checked'] = 'checked'; - } - common_element('input', $attrs); - common_text(_('My text and files are available under ')); - common_element('a', array('href' => $config['license']['url']), - $config['license']['title']); - common_text(_(' except this private data: password, email address, IM address, phone number.')); - common_element_end('p'); - common_submit('submit', _('Register')); - common_element_end('form'); - common_show_footer(); - } - - function show_success() { - $nickname = $this->arg('nickname'); - common_show_header(_('Registration successful')); - common_element_start('div', 'success'); - $instr = sprintf(_('Congratulations, %s! And welcome to %%%%site.name%%%%. From here, you may want to...'. "\n\n" . - '* Go to [your profile](%s) and post your first message.' . "\n" . - '* Add a [Jabber/GTalk address](%%%%action.imsettings%%%%) so you can send notices through instant messages.' . "\n" . - '* [Search for people](%%%%action.peoplesearch%%%%) that you may know or that share your interests. ' . "\n" . - '* Update your [profile settings](%%%%action.profilesettings%%%%) to tell others more about you. ' . "\n" . - '* Read over the [online docs](%%%%doc.help%%%%) for features you may have missed. ' . "\n\n" . - 'Thanks for signing up and we hope you enjoy using this service.'), - $nickname, common_local_url('showstream', array('nickname' => $nickname))); - common_raw(common_markup_to_html($instr)); - $have_email = $this->trimmed('email'); - if ($have_email) { - $emailinstr = _('(You should receive a message by email momentarily, with ' . - 'instructions on how to confirm your email address.)'); - common_raw(common_markup_to_html($emailinstr)); - } - common_element_end('div'); - common_show_footer(); - } +if (!defined('LACONICA')) { + exit(1); +} + +/** + * An action for registering a new user account + * + * @category Login + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ +class RegisterAction extends Action +{ + /** + * Has there been an error? + */ + + var $error = null; + + /** + * Have we registered? + */ + + var $registered = false; + + /** + * Title of the page + * + * @return string title + */ + + function title() + { + if ($this->registered) { + return _('Registration successful'); + } else { + return _('Register'); + } + } + + /** + * Handle input, produce output + * + * Switches on request method; either shows the form or handles its input. + * + * Checks if registration is closed and shows an error if so. + * + * @param array $args $_REQUEST data + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if (common_config('site', 'closed')) { + $this->clientError(_('Registration not allowed.')); + } else if (common_logged_in()) { + $this->clientError(_('Already logged in.')); + } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $this->tryRegister(); + } else { + $this->showForm(); + } + } + + /** + * Try to register a user + * + * Validates the input and tries to save a new user and profile + * record. On success, shows an instructions page. + * + * @return void + */ + + function tryRegister() + { + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + $nickname = $this->trimmed('nickname'); + $email = $this->trimmed('email'); + $fullname = $this->trimmed('fullname'); + $homepage = $this->trimmed('homepage'); + $bio = $this->trimmed('bio'); + $location = $this->trimmed('location'); + + // We don't trim these... whitespace is OK in a password! + + $password = $this->arg('password'); + $confirm = $this->arg('confirm'); + + // invitation code, if any + + $code = $this->trimmed('code'); + + if ($code) { + $invite = Invitation::staticGet($code); + } + + if (common_config('site', 'inviteonly') && !($code && $invite)) { + $this->clientError(_('Sorry, only invited people can register.')); + return; + } + + // Input scrubbing + + $nickname = common_canonical_nickname($nickname); + $email = common_canonical_email($email); + + if (!$this->boolean('license')) { + $this->showForm(_('You can\'t register if you don\'t '. + 'agree to the license.')); + } else if ($email && !Validate::email($email, true)) { + $this->showForm(_('Not a valid email address.')); + } else if (!Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => NICKNAME_FMT))) { + $this->showForm(_('Nickname must have only lowercase letters '. + 'and numbers and no spaces.')); + } else if ($this->nicknameExists($nickname)) { + $this->showForm(_('Nickname already in use. Try another one.')); + } else if (!User::allowed_nickname($nickname)) { + $this->showForm(_('Not a valid nickname.')); + } else if ($this->emailExists($email)) { + $this->showForm(_('Email address already exists.')); + } else if (!is_null($homepage) && (strlen($homepage) > 0) && + !Validate::uri($homepage, + array('allowed_schemes' => + array('http', 'https')))) { + $this->showForm(_('Homepage is not a valid URL.')); + return; + } else if (!is_null($fullname) && strlen($fullname) > 255) { + $this->showForm(_('Full name is too long (max 255 chars).')); + return; + } else if (!is_null($bio) && strlen($bio) > 140) { + $this->showForm(_('Bio is too long (max 140 chars).')); + return; + } else if (!is_null($location) && strlen($location) > 255) { + $this->showForm(_('Location is too long (max 255 chars).')); + return; + } else if (strlen($password) < 6) { + $this->showForm(_('Password must be 6 or more characters.')); + return; + } else if ($password != $confirm) { + $this->showForm(_('Passwords don\'t match.')); + } else if ($user = User::register(array('nickname' => $nickname, + 'password' => $password, + 'email' => $email, + 'fullname' => $fullname, + 'homepage' => $homepage, + 'bio' => $bio, + 'location' => $location, + 'code' => $code))) { + if (!$user) { + $this->showForm(_('Invalid username or password.')); + return; + } + // success! + if (!common_set_user($user)) { + $this->serverError(_('Error setting user.')); + return; + } + // this is a real login + common_real_login(true); + if ($this->boolean('rememberme')) { + common_debug('Adding rememberme cookie for ' . $nickname); + common_rememberme($user); + } + // Re-init language env in case it changed (not yet, but soon) + common_init_language(); + $this->showSuccess(); + } else { + $this->showForm(_('Invalid username or password.')); + } + } + + /** + * Does the given nickname already exist? + * + * Checks a canonical nickname against the database. + * + * @param string $nickname nickname to check + * + * @return boolean true if the nickname already exists + */ + + function nicknameExists($nickname) + { + $user = User::staticGet('nickname', $nickname); + return ($user !== false); + } + + /** + * Does the given email address already exist? + * + * Checks a canonical email address against the database. + * + * @param string $email email address to check + * + * @return boolean true if the address already exists + */ + + function emailExists($email) + { + $email = common_canonical_email($email); + if (!$email || strlen($email) == 0) { + return false; + } + $user = User::staticGet('email', $email); + return ($user !== false); + } + + // overrrided to add entry-title class + function showPageTitle() { + $this->element('h1', array('class' => 'entry-title'), $this->title()); + } + + // overrided to add hentry, and content-inner class + function showContentBlock() + { + $this->elementStart('div', array('id' => 'content', 'class' => 'hentry')); + $this->showPageTitle(); + $this->showPageNoticeBlock(); + $this->elementStart('div', array('id' => 'content_inner', + 'class' => 'entry-content')); + // show the actual content (forms, lists, whatever) + $this->showContent(); + $this->elementEnd('div'); + $this->elementEnd('div'); + } + + /** + * Instructions or a notice for the page + * + * Shows the error, if any, or instructions for registration. + * + * @return void + */ + + function showPageNotice() + { + if ($this->registered) { + return; + } else if ($this->error) { + $this->element('p', 'error', $this->error); + } else { + $instr = + common_markup_to_html(_('With this form you can create '. + ' a new account. ' . + 'You can then post notices and '. + 'link up to friends and colleagues. '. + '(Have an [OpenID](http://openid.net/)? ' . + 'Try our [OpenID registration]'. + '(%%action.openidlogin%%)!)')); + + $this->elementStart('div', 'instructions'); + $this->raw($instr); + $this->elementEnd('div'); + } + } + + /** + * Wrapper for showing a page + * + * Stores an error and shows the page + * + * @param string $error Error, if any + * + * @return void + */ + + function showForm($error=null) + { + $this->error = $error; + $this->showPage(); + } + + /** + * Show the page content + * + * Either shows the registration form or, if registration was successful, + * instructions for using the site. + * + * @return void + */ + + function showContent() + { + if ($this->registered) { + $this->showSuccessContent(); + } else { + $this->showFormContent(); + } + } + + /** + * Show the registration form + * + * @return void + */ + + function showFormContent() + { + $code = $this->trimmed('code'); + + if ($code) { + $invite = Invitation::staticGet($code); + } + + if (common_config('site', 'inviteonly') && !($code && $invite)) { + $this->clientError(_('Sorry, only invited people can register.')); + return; + } + + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_register', + 'class' => 'form_settings', + 'action' => common_local_url('register'))); + $this->elementStart('fieldset'); + $this->element('legend', null, 'Account settings'); + $this->hidden('token', common_session_token()); + + if ($code) { + $this->hidden('code', $code); + } + + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->input('nickname', _('Nickname'), $this->trimmed('nickname'), + _('1-64 lowercase letters or numbers, '. + 'no punctuation or spaces. Required.')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->password('password', _('Password'), + _('6 or more characters. Required.')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->password('confirm', _('Confirm'), + _('Same as password above. Required.')); + $this->elementEnd('li'); + $this->elementStart('li'); + if ($invite && $invite->address_type == 'email') { + $this->input('email', _('Email'), $invite->address, + _('Used only for updates, announcements, '. + 'and password recovery')); + } else { + $this->input('email', _('Email'), $this->trimmed('email'), + _('Used only for updates, announcements, '. + 'and password recovery')); + } + $this->elementEnd('li'); + $this->elementStart('li'); + $this->input('fullname', _('Full name'), + $this->trimmed('fullname'), + _('Longer name, preferably your "real" name')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->input('homepage', _('Homepage'), + $this->trimmed('homepage'), + _('URL of your homepage, blog, '. + 'or profile on another site')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->textarea('bio', _('Bio'), + $this->trimmed('bio'), + _('Describe yourself and your '. + 'interests in 140 chars')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->input('location', _('Location'), + $this->trimmed('location'), + _('Where you are, like "City, '. + 'State (or Region), Country"')); + $this->elementEnd('li'); + $this->elementStart('li', array('id' => 'settings_rememberme')); + $this->checkbox('rememberme', _('Remember me'), + $this->boolean('rememberme'), + _('Automatically login in the future; '. + 'not for shared computers!')); + $this->elementEnd('li'); + $attrs = array('type' => 'checkbox', + 'id' => 'license', + 'class' => 'checkbox', + 'name' => 'license', + 'value' => 'true'); + if ($this->boolean('license')) { + $attrs['checked'] = 'checked'; + } + $this->elementStart('li'); + $this->element('input', $attrs); + $this->text(_('My text and files are available under ')); + $this->element('a', array('href' => common_config('license', 'url')), + $config['license']['title']); + $this->text(_(' except this private data: password, '. + 'email address, IM address, phone number.')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('submit', _('Register')); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + /** + * Show some information about registering for the site + * + * Save the registration flag, run showPage + * + * @return void + */ + + function showSuccess() + { + $this->registered = true; + $this->showPage(); + } + + /** + * Show some information about registering for the site + * + * Gives some information and options for new registrees. + * + * @return void + */ + + function showSuccessContent() + { + $nickname = $this->arg('nickname'); + + $profileurl = common_local_url('showstream', + array('nickname' => $nickname)); + + $this->elementStart('div', 'success'); + $instr = sprintf(_('Congratulations, %s! And welcome to %%%%site.name%%%%. '. + 'From here, you may want to...'. "\n\n" . + '* Go to [your profile](%s) '. + 'and post your first message.' . "\n" . + '* Add a [Jabber/GTalk address]'. + '(%%%%action.imsettings%%%%) '. + 'so you can send notices '. + 'through instant messages.' . "\n" . + '* [Search for people](%%%%action.peoplesearch%%%%) '. + 'that you may know or '. + 'that share your interests. ' . "\n" . + '* Update your [profile settings]'. + '(%%%%action.profilesettings%%%%)'. + ' to tell others more about you. ' . "\n" . + '* Read over the [online docs](%%%%doc.help%%%%)'. + ' for features you may have missed. ' . "\n\n" . + 'Thanks for signing up and we hope '. + 'you enjoy using this service.'), + $nickname, $profileurl); + + $this->raw(common_markup_to_html($instr)); + + $have_email = $this->trimmed('email'); + if ($have_email) { + $emailinstr = _('(You should receive a message by email '. + 'momentarily, with ' . + 'instructions on how to confirm '. + 'your email address.)'); + $this->raw(common_markup_to_html($emailinstr)); + } + $this->elementEnd('div'); + } + + /** + * Show the login group nav menu + * + * @return void + */ + + function showLocalNav() + { + $nav = new LoginGroupNav($this); + $nav->show(); + } } diff --git a/actions/remotesubscribe.php b/actions/remotesubscribe.php index 624497af7..f727a63b8 100644 --- a/actions/remotesubscribe.php +++ b/actions/remotesubscribe.php @@ -21,366 +21,396 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/omb.php'); -class RemotesubscribeAction extends Action { - - function handle($args) { - - parent::handle($args); - - if (common_logged_in()) { - common_user_error(_('You can use the local subscription!')); - return; - } - - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - $this->remote_subscription(); - } else { - $this->show_form(); - } - } - - function get_instructions() { - return _('To subscribe, you can [login](%%action.login%%),' . - ' or [register](%%action.register%%) a new' . - ' account. If you already have an account' . - ' on a [compatible microblogging site](%%doc.openmublog%%),' . - ' enter your profile URL below.'); - } - - function show_top($err=NULL) { - if ($err) { - common_element('div', 'error', $err); - } else { - $instructions = $this->get_instructions(); - $output = common_markup_to_html($instructions); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('p'); - } - } - - function show_form($err=NULL) { - $nickname = $this->trimmed('nickname'); - $profile = $this->trimmed('profile_url'); - common_show_header(_('Remote subscribe'), NULL, $err, - array($this, 'show_top')); - # id = remotesubscribe conflicts with the - # button on profile page - common_element_start('form', array('id' => 'remsub', 'method' => 'post', - 'action' => common_local_url('remotesubscribe'))); - common_hidden('token', common_session_token()); - common_input('nickname', _('User nickname'), $nickname, - _('Nickname of the user you want to follow')); - common_input('profile_url', _('Profile URL'), $profile, - _('URL of your profile on another compatible microblogging service')); - common_submit('submit', _('Subscribe')); - common_element_end('form'); - common_show_footer(); - } - - function remote_subscription() { - $user = $this->get_user(); - - if (!$user) { - $this->show_form(_('No such user.')); - return; - } - - $profile = $this->trimmed('profile_url'); - - if (!$profile) { - $this->show_form(_('No such user.')); - return; - } - - if (!Validate::uri($profile, array('allowed_schemes' => array('http', 'https')))) { - $this->show_form(_('Invalid profile URL (bad format)')); - return; - } - - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - $yadis = Auth_Yadis_Yadis::discover($profile, $fetcher); - - if (!$yadis || $yadis->failed) { - $this->show_form(_('Not a valid profile URL (no YADIS document).')); - return; - } - - # XXX: a little liberal for sites that accidentally put whitespace before the xml declaration +class RemotesubscribeAction extends Action +{ + var $nickname; + var $profile_url; + var $err; + + function prepare($args) + { + parent::prepare($args); + + if (common_logged_in()) { + $this->clientError(_('You can use the local subscription!')); + return false; + } + + $this->nickname = $this->trimmed('nickname'); + $this->profile_url = $this->trimmed('profile_url'); + + return true; + } + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + # CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + $this->remoteSubscription(); + } else { + $this->showForm(); + } + } + + function showForm($err=null) + { + $this->err = $err; + $this->showPage(); + } + + function showPageNotice() + { + if ($this->err) { + $this->element('div', 'error', $this->err); + } else { + $inst = _('To subscribe, you can [login](%%action.login%%),' . + ' or [register](%%action.register%%) a new ' . + ' account. If you already have an account ' . + ' on a [compatible microblogging site](%%doc.openmublog%%), ' . + ' enter your profile URL below.'); + $output = common_markup_to_html($inst); + $this->elementStart('div', 'instructions'); + $this->raw($output); + $this->elementEnd('div'); + } + } + + function title() + { + return _('Remote subscribe'); + } + + function showContent() + { + # id = remotesubscribe conflicts with the + # button on profile page + $this->elementStart('form', array('id' => 'form_remote_subscribe', + 'method' => 'post', + 'class' => 'form_settings', + 'action' => common_local_url('remotesubscribe'))); + $this->elementStart('fieldset'); + $this->element('legend', 'Subscribe to a remote user'); + $this->hidden('token', common_session_token()); + + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->input('nickname', _('User nickname'), $this->nickname, + _('Nickname of the user you want to follow')); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->input('profile_url', _('Profile URL'), $this->profile_url, + _('URL of your profile on another compatible microblogging service')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('submit', _('Subscribe')); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + function remoteSubscription() + { + $user = $this->getUser(); + + if (!$user) { + $this->showForm(_('No such user.')); + return; + } + + $this->profile_url = $this->trimmed('profile_url'); + + if (!$this->profile_url) { + $this->showForm(_('No such user.')); + return; + } + + if (!Validate::uri($this->profile_url, array('allowed_schemes' => array('http', 'https')))) { + $this->showForm(_('Invalid profile URL (bad format)')); + return; + } + + $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); + $yadis = Auth_Yadis_Yadis::discover($this->profile_url, $fetcher); + + if (!$yadis || $yadis->failed) { + $this->showForm(_('Not a valid profile URL (no YADIS document).')); + return; + } + + # XXX: a little liberal for sites that accidentally put whitespace before the xml declaration $xrds =& Auth_Yadis_XRDS::parseXRDS(trim($yadis->response_text)); - if (!$xrds) { - $this->show_form(_('Not a valid profile URL (no XRDS defined).')); - return; - } + if (!$xrds) { + $this->showForm(_('Not a valid profile URL (no XRDS defined).')); + return; + } - $omb = $this->getOmb($xrds); + $omb = $this->getOmb($xrds); - if (!$omb) { - $this->show_form(_('Not a valid profile URL (incorrect services).')); - return; - } + if (!$omb) { + $this->showForm(_('Not a valid profile URL (incorrect services).')); + return; + } - if (omb_service_uri($omb[OAUTH_ENDPOINT_REQUEST]) == - common_local_url('requesttoken')) - { - $this->show_form(_('That\'s a local profile! Login to subscribe.')); - return; - } - - if (User::staticGet('uri', omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]))) { - $this->show_form(_('That\'s a local profile! Login to subscribe.')); - return; - } - - list($token, $secret) = $this->request_token($omb); - - if (!$token || !$secret) { - $this->show_form(_('Couldn\'t get a request token.')); - return; - } - - $this->request_authorization($user, $omb, $token, $secret); - } - - function get_user() { - $user = NULL; - $nickname = $this->trimmed('nickname'); - if ($nickname) { - $user = User::staticGet('nickname', $nickname); - } - return $user; - } - - function getOmb($xrds) { - - static $omb_endpoints = array(OMB_ENDPOINT_UPDATEPROFILE, OMB_ENDPOINT_POSTNOTICE); - static $oauth_endpoints = array(OAUTH_ENDPOINT_REQUEST, OAUTH_ENDPOINT_AUTHORIZE, - OAUTH_ENDPOINT_ACCESS); - $omb = array(); - - # XXX: the following code could probably be refactored to eliminate dupes - - $oauth_services = omb_get_services($xrds, OAUTH_DISCOVERY); - - if (!$oauth_services) { - return NULL; - } - - $oauth_service = $oauth_services[0]; - - $oauth_xrd = $this->getXRD($oauth_service, $xrds); + if (omb_service_uri($omb[OAUTH_ENDPOINT_REQUEST]) == + common_local_url('requesttoken')) + { + $this->showForm(_('That\'s a local profile! Login to subscribe.')); + return; + } + + if (User::staticGet('uri', omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]))) { + $this->showForm(_('That\'s a local profile! Login to subscribe.')); + return; + } + + list($token, $secret) = $this->requestToken($omb); + + if (!$token || !$secret) { + $this->showForm(_('Couldn\'t get a request token.')); + return; + } + + $this->requestAuthorization($user, $omb, $token, $secret); + } + + function getUser() + { + $user = null; + if ($this->nickname) { + $user = User::staticGet('nickname', $this->nickname); + } + return $user; + } + + function getOmb($xrds) + { + static $omb_endpoints = array(OMB_ENDPOINT_UPDATEPROFILE, OMB_ENDPOINT_POSTNOTICE); + static $oauth_endpoints = array(OAUTH_ENDPOINT_REQUEST, OAUTH_ENDPOINT_AUTHORIZE, + OAUTH_ENDPOINT_ACCESS); + $omb = array(); + + # XXX: the following code could probably be refactored to eliminate dupes + + $oauth_services = omb_get_services($xrds, OAUTH_DISCOVERY); + + if (!$oauth_services) { + return null; + } + + $oauth_service = $oauth_services[0]; + + $oauth_xrd = $this->getXRD($oauth_service, $xrds); + + if (!$oauth_xrd) { + return null; + } + + if (!$this->addServices($oauth_xrd, $oauth_endpoints, $omb)) { + return null; + } + + $omb_services = omb_get_services($xrds, OMB_NAMESPACE); + + if (!$omb_services) { + return null; + } + + $omb_service = $omb_services[0]; + + $omb_xrd = $this->getXRD($omb_service, $xrds); + + if (!$omb_xrd) { + return null; + } + + if (!$this->addServices($omb_xrd, $omb_endpoints, $omb)) { + return null; + } + + # XXX: check that we got all the services we needed + + foreach (array_merge($omb_endpoints, $oauth_endpoints) as $type) { + if (!array_key_exists($type, $omb) || !$omb[$type]) { + return null; + } + } + + if (!omb_local_id($omb[OAUTH_ENDPOINT_REQUEST])) { + return null; + } + + return $omb; + } + + function getXRD($main_service, $main_xrds) + { + $uri = omb_service_uri($main_service); + if (strpos($uri, "#") !== 0) { + # FIXME: more rigorous handling of external service definitions + return null; + } + $id = substr($uri, 1); + $nodes = $main_xrds->allXrdNodes; + $parser = $main_xrds->parser; + foreach ($nodes as $node) { + $attrs = $parser->attributes($node); + if (array_key_exists('xml:id', $attrs) && + $attrs['xml:id'] == $id) { + # XXX: trick the constructor into thinking this is the only node + $bogus_nodes = array($node); + return new Auth_Yadis_XRDS($parser, $bogus_nodes); + } + } + return null; + } + + function addServices($xrd, $types, &$omb) + { + foreach ($types as $type) { + $matches = omb_get_services($xrd, $type); + if ($matches) { + $omb[$type] = $matches[0]; + } else { + # no match for type + return false; + } + } + return true; + } - if (!$oauth_xrd) { - return NULL; - } + function requestToken($omb) + { + $con = omb_oauth_consumer(); - if (!$this->addServices($oauth_xrd, $oauth_endpoints, $omb)) { - return NULL; - } + $url = omb_service_uri($omb[OAUTH_ENDPOINT_REQUEST]); - $omb_services = omb_get_services($xrds, OMB_NAMESPACE); + # XXX: Is this the right thing to do? Strip off GET params and make them + # POST params? Seems wrong to me. - if (!$omb_services) { - return NULL; - } + $parsed = parse_url($url); + $params = array(); + parse_str($parsed['query'], $params); - $omb_service = $omb_services[0]; + $req = OAuthRequest::from_consumer_and_token($con, null, "POST", $url, $params); - $omb_xrd = $this->getXRD($omb_service, $xrds); + $listener = omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]); - if (!$omb_xrd) { - return NULL; - } + if (!$listener) { + return null; + } - if (!$this->addServices($omb_xrd, $omb_endpoints, $omb)) { - return NULL; - } - - # XXX: check that we got all the services we needed - - foreach (array_merge($omb_endpoints, $oauth_endpoints) as $type) { - if (!array_key_exists($type, $omb) || !$omb[$type]) { - return NULL; - } - } - - if (!omb_local_id($omb[OAUTH_ENDPOINT_REQUEST])) { - return NULL; - } - - return $omb; - } - - function getXRD($main_service, $main_xrds) { - $uri = omb_service_uri($main_service); - if (strpos($uri, "#") !== 0) { - # FIXME: more rigorous handling of external service definitions - return NULL; - } - $id = substr($uri, 1); - $nodes = $main_xrds->allXrdNodes; - $parser = $main_xrds->parser; - foreach ($nodes as $node) { - $attrs = $parser->attributes($node); - if (array_key_exists('xml:id', $attrs) && - $attrs['xml:id'] == $id) { - # XXX: trick the constructor into thinking this is the only node - $bogus_nodes = array($node); - return new Auth_Yadis_XRDS($parser, $bogus_nodes); - } - } - return NULL; - } - - function addServices($xrd, $types, &$omb) { - foreach ($types as $type) { - $matches = omb_get_services($xrd, $type); - if ($matches) { - $omb[$type] = $matches[0]; - } else { - # no match for type - return false; - } - } - return true; - } - - function request_token($omb) { - $con = omb_oauth_consumer(); - - $url = omb_service_uri($omb[OAUTH_ENDPOINT_REQUEST]); - - # XXX: Is this the right thing to do? Strip off GET params and make them - # POST params? Seems wrong to me. - - $parsed = parse_url($url); - $params = array(); - parse_str($parsed['query'], $params); - - $req = OAuthRequest::from_consumer_and_token($con, NULL, "POST", $url, $params); - - $listener = omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]); - - if (!$listener) { - return NULL; - } - - $req->set_parameter('omb_listener', $listener); - $req->set_parameter('omb_version', OMB_VERSION_01); - - # XXX: test to see if endpoint accepts this signature method - - $req->sign_request(omb_hmac_sha1(), $con, NULL); - - # We re-use this tool's fetcher, since it's pretty good - - $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); - - $result = $fetcher->post($req->get_normalized_http_url(), - $req->to_postdata(), + $req->set_parameter('omb_listener', $listener); + $req->set_parameter('omb_version', OMB_VERSION_01); + + # XXX: test to see if endpoint accepts this signature method + + $req->sign_request(omb_hmac_sha1(), $con, null); + + # We re-use this tool's fetcher, since it's pretty good + + $fetcher = Auth_Yadis_Yadis::getHTTPFetcher(); + + $result = $fetcher->post($req->get_normalized_http_url(), + $req->to_postdata(), array('User-Agent' => 'Laconica/' . LACONICA_VERSION)); - if ($result->status != 200) { - return NULL; - } - - parse_str($result->body, $return); + if ($result->status != 200) { + return null; + } - return array($return['oauth_token'], $return['oauth_token_secret']); - } + parse_str($result->body, $return); - function request_authorization($user, $omb, $token, $secret) { - global $config; # for license URL + return array($return['oauth_token'], $return['oauth_token_secret']); + } - $con = omb_oauth_consumer(); - $tok = new OAuthToken($token, $secret); + function requestAuthorization($user, $omb, $token, $secret) + { + global $config; # for license URL - $url = omb_service_uri($omb[OAUTH_ENDPOINT_AUTHORIZE]); + $con = omb_oauth_consumer(); + $tok = new OAuthToken($token, $secret); - # XXX: Is this the right thing to do? Strip off GET params and make them - # POST params? Seems wrong to me. + $url = omb_service_uri($omb[OAUTH_ENDPOINT_AUTHORIZE]); - $parsed = parse_url($url); - $params = array(); - parse_str($parsed['query'], $params); + # XXX: Is this the right thing to do? Strip off GET params and make them + # POST params? Seems wrong to me. - $req = OAuthRequest::from_consumer_and_token($con, $tok, 'GET', $url, $params); + $parsed = parse_url($url); + $params = array(); + parse_str($parsed['query'], $params); - # We send over a ton of information. This lets the other - # server store info about our user, and it lets the current - # user decide if they really want to authorize the subscription. + $req = OAuthRequest::from_consumer_and_token($con, $tok, 'GET', $url, $params); - $req->set_parameter('omb_version', OMB_VERSION_01); - $req->set_parameter('omb_listener', omb_local_id($omb[OAUTH_ENDPOINT_REQUEST])); - $req->set_parameter('omb_listenee', $user->uri); - $req->set_parameter('omb_listenee_profile', common_profile_url($user->nickname)); - $req->set_parameter('omb_listenee_nickname', $user->nickname); - $req->set_parameter('omb_listenee_license', $config['license']['url']); + # We send over a ton of information. This lets the other + # server store info about our user, and it lets the current + # user decide if they really want to authorize the subscription. - $profile = $user->getProfile(); - if (!$profile) { - common_log_db_error($user, 'SELECT', __FILE__); - $this->server_error(_('User without matching profile')); - return; - } + $req->set_parameter('omb_version', OMB_VERSION_01); + $req->set_parameter('omb_listener', omb_local_id($omb[OAUTH_ENDPOINT_REQUEST])); + $req->set_parameter('omb_listenee', $user->uri); + $req->set_parameter('omb_listenee_profile', common_profile_url($user->nickname)); + $req->set_parameter('omb_listenee_nickname', $user->nickname); + $req->set_parameter('omb_listenee_license', $config['license']['url']); - if ($profile->fullname) { - $req->set_parameter('omb_listenee_fullname', $profile->fullname); - } - if ($profile->homepage) { - $req->set_parameter('omb_listenee_homepage', $profile->homepage); - } - if ($profile->bio) { - $req->set_parameter('omb_listenee_bio', $profile->bio); - } - if ($profile->location) { - $req->set_parameter('omb_listenee_location', $profile->location); - } - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - if ($avatar) { - $req->set_parameter('omb_listenee_avatar', $avatar->url); - } + $profile = $user->getProfile(); + if (!$profile) { + common_log_db_error($user, 'SELECT', __FILE__); + $this->serverError(_('User without matching profile')); + return; + } - # XXX: add a nonce to prevent replay attacks + if ($profile->fullname) { + $req->set_parameter('omb_listenee_fullname', $profile->fullname); + } + if ($profile->homepage) { + $req->set_parameter('omb_listenee_homepage', $profile->homepage); + } + if ($profile->bio) { + $req->set_parameter('omb_listenee_bio', $profile->bio); + } + if ($profile->location) { + $req->set_parameter('omb_listenee_location', $profile->location); + } + $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); + if ($avatar) { + $req->set_parameter('omb_listenee_avatar', $avatar->url); + } - $req->set_parameter('oauth_callback', common_local_url('finishremotesubscribe')); + # XXX: add a nonce to prevent replay attacks - # XXX: test to see if endpoint accepts this signature method + $req->set_parameter('oauth_callback', common_local_url('finishremotesubscribe')); - $req->sign_request(omb_hmac_sha1(), $con, $tok); + # XXX: test to see if endpoint accepts this signature method - # store all our info here + $req->sign_request(omb_hmac_sha1(), $con, $tok); - $omb['listenee'] = $user->nickname; - $omb['listener'] = omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]); - $omb['token'] = $token; - $omb['secret'] = $secret; - # call doesn't work after bounce back so we cache; maybe serialization issue...? - $omb['access_token_url'] = omb_service_uri($omb[OAUTH_ENDPOINT_ACCESS]); - $omb['post_notice_url'] = omb_service_uri($omb[OMB_ENDPOINT_POSTNOTICE]); - $omb['update_profile_url'] = omb_service_uri($omb[OMB_ENDPOINT_UPDATEPROFILE]); + # store all our info here - common_ensure_session(); + $omb['listenee'] = $user->nickname; + $omb['listener'] = omb_local_id($omb[OAUTH_ENDPOINT_REQUEST]); + $omb['token'] = $token; + $omb['secret'] = $secret; + # call doesn't work after bounce back so we cache; maybe serialization issue...? + $omb['access_token_url'] = omb_service_uri($omb[OAUTH_ENDPOINT_ACCESS]); + $omb['post_notice_url'] = omb_service_uri($omb[OMB_ENDPOINT_POSTNOTICE]); + $omb['update_profile_url'] = omb_service_uri($omb[OMB_ENDPOINT_UPDATEPROFILE]); - $_SESSION['oauth_authorization_request'] = $omb; + common_ensure_session(); - # Redirect to authorization service + $_SESSION['oauth_authorization_request'] = $omb; - common_redirect($req->to_url()); - return; - } + # Redirect to authorization service - function make_nonce() { - return common_good_rand(16); - } + common_redirect($req->to_url()); + return; + } } diff --git a/actions/replies.php b/actions/replies.php index 835871ffc..ea8ef4764 100644 --- a/actions/replies.php +++ b/actions/replies.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * List of replies + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,80 +18,177 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/actions/showstream.php'); - -class RepliesAction extends StreamAction { - - function handle($args) { - - parent::handle($args); - - $nickname = common_canonical_nickname($this->arg('nickname')); - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - $this->no_such_user(); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - # Looks like we're good; show the header - - common_show_header(sprintf(_("Replies to %s"), $profile->nickname), - array($this, 'show_header'), $user, - array($this, 'show_top')); - - $this->show_replies($user); - - common_show_footer(); - } - - function no_such_user() { - common_user_error(_('No such user.')); - } - - function show_header($user) { - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('repliesrss', array('nickname' => - $user->nickname)), - 'type' => 'application/rss+xml', - 'title' => sprintf(_('Feed for replies to %s'), $user->nickname))); - } - - function show_top($user) { - $cur = common_current_user(); - - if ($cur && $cur->id == $user->id) { - common_notice_form('replies'); - } - - $this->views_menu(); - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('repliesrss', array('nickname' => $user->nickname)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'repliesrss'))); - } - - function show_replies($user) { - - $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; +if (!defined('LACONICA')) { + exit(1); +} - $notice = $user->getReplies(($page-1) * NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); +require_once INSTALLDIR.'/lib/personalgroupnav.php'; +require_once INSTALLDIR.'/lib/noticelist.php'; +require_once INSTALLDIR.'/lib/feedlist.php'; - $cnt = $this->show_notice_list($notice); +/** + * List of replies + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'replies', array('nickname' => $user->nickname)); - } +class RepliesAction extends Action +{ + var $user = null; + var $page = null; + + /** + * Prepare the object + * + * Check the input values and initialize the object. + * Shows an error page on bad input. + * + * @param array $args $_REQUEST data + * + * @return boolean success flag + */ + + function prepare($args) + { + parent::prepare($args); + + $nickname = common_canonical_nickname($this->arg('nickname')); + + $this->user = User::staticGet('nickname', $nickname); + + if (!$this->user) { + $this->clientError(_('No such user.')); + return false; + } + + $profile = $this->user->getProfile(); + + if (!$profile) { + $this->serverError(_('User has no profile.')); + return false; + } + + $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; + + return true; + } + + /** + * Handle a request + * + * Just show the page. All args already handled. + * + * @param array $args $_REQUEST data + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showPage(); + } + + /** + * Title of the page + * + * Includes name of user and page number. + * + * @return string title of page + */ + + function title() + { + if ($this->page == 1) { + return sprintf(_("Replies to %s"), $this->user->nickname); + } else { + return sprintf(_("Replies to %s, page %d"), + $profile->nickname, + $this->page); + } + } + + /** + * Feeds for the <head> section + * + * @return void + */ + + function showFeeds() + { + $rssurl = common_local_url('repliesrss', + array('nickname' => $this->user->nickname)); + $rsstitle = sprintf(_('Feed for replies to %s'), $this->user->nickname); + + $this->element('link', array('rel' => 'alternate', + 'href' => $rssurl, + 'type' => 'application/rss+xml', + 'title' => $rsstitle)); + } + + /** + * show the personal group nav + * + * @return void + */ + + function showLocalNav() + { + $nav = new PersonalGroupNav($this); + $nav->show(); + } + + /** + * Show the replies feed links + * + * @return void + */ + + function showExportData() + { + $fl = new FeedList($this); + + $rssurl = common_local_url('repliesrss', + array('nickname' => $this->user->nickname)); + + $fl->show(array(0=>array('href'=> $rssurl, + 'type' => 'rss', + 'version' => 'RSS 1.0', + 'item' => 'repliesrss'))); + } + + /** + * Show the content + * + * A list of notices that are replies to the user, plus pagination. + * + * @return void + */ + + function showContent() + { + $notice = $this->user->getReplies(($this->page-1) * NOTICES_PER_PAGE, + NOTICES_PER_PAGE + 1); + + $nl = new NoticeList($notice, $this); + + $cnt = $nl->show(); + + $this->pagination($this->page > 1, $cnt > NOTICES_PER_PAGE, + $this->page, 'replies', + array('nickname' => $this->user->nickname)); + } } diff --git a/actions/repliesrss.php b/actions/repliesrss.php index 7369db5e0..48c4fa255 100644 --- a/actions/repliesrss.php +++ b/actions/repliesrss.php @@ -23,57 +23,63 @@ require_once(INSTALLDIR.'/lib/rssaction.php'); // Formatting of RSS handled by Rss10Action -class RepliesrssAction extends Rss10Action { +class RepliesrssAction extends Rss10Action +{ - var $user = NULL; + var $user = null; - function init() { - $nickname = $this->trimmed('nickname'); - $this->user = User::staticGet('nickname', $nickname); + function prepare($args) + { + parent::prepare($args); + $nickname = $this->trimmed('nickname'); + $this->user = User::staticGet('nickname', $nickname); - if (!$this->user) { - common_user_error(_('No such user.')); - return false; - } else { - return true; - } - } + if (!$this->user) { + $this->clientError(_('No such user.')); + return false; + } else { + return true; + } + } - function get_notices($limit=0) { + function getNotices($limit=0) + { - $user = $this->user; + $user = $this->user; - $notice = $user->getReplies(0, ($limit == 0) ? 48 : $limit); + $notice = $user->getReplies(0, ($limit == 0) ? 48 : $limit); - $notices = array(); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } + $notices = array(); + + while ($notice->fetch()) { + $notices[] = clone($notice); + } - return $notices; - } + return $notices; + } - function get_channel() { - $user = $this->user; - $c = array('url' => common_local_url('repliesrss', - array('nickname' => - $user->nickname)), - 'title' => sprintf(_("Replies to %s"), $user->nickname), - 'link' => common_local_url('replies', - array('nickname' => - $user->nickname)), - 'description' => sprintf(_('Feed for replies to %s'), $user->nickname)); - return $c; - } + function getChannel() + { + $user = $this->user; + $c = array('url' => common_local_url('repliesrss', + array('nickname' => + $user->nickname)), + 'title' => sprintf(_("Replies to %s"), $user->nickname), + 'link' => common_local_url('replies', + array('nickname' => + $user->nickname)), + 'description' => sprintf(_('Feed for replies to %s'), $user->nickname)); + return $c; + } - function get_image() { - $user = $this->user; - $profile = $user->getProfile(); - if (!$profile) { - return NULL; - } - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - return ($avatar) ? $avatar->url : NULL; - } -}
\ No newline at end of file + function getImage() + { + $user = $this->user; + $profile = $user->getProfile(); + if (!$profile) { + return null; + } + $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); + return ($avatar) ? $avatar->url : null; + } +} diff --git a/actions/requesttoken.php b/actions/requesttoken.php index 76019a929..ca253b97a 100644 --- a/actions/requesttoken.php +++ b/actions/requesttoken.php @@ -1,5 +1,17 @@ <?php -/* + +/** + * Request token action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,26 +29,53 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/omb.php'); +require_once INSTALLDIR.'/lib/omb.php'; -class RequesttokenAction extends Action { - - function is_readonly() { - return false; - } - - function handle($args) { - parent::handle($args); - try { - common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); - $server = omb_oauth_server(); - $token = $server->fetch_request_token($req); - print $token; - } catch (OAuthException $e) { - common_server_error($e->getMessage()); - } - } +/** + * Request token action class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class RequesttokenAction extends Action +{ + /** + * Is read only? + * + * @return boolean false + */ + function isReadOnly() + { + return false; + } + + /** + * Class handler. + * + * @param array $args array of arguments + * + * @return void + */ + function handle($args) + { + parent::handle($args); + try { + common_remove_magic_from_request(); + $req = OAuthRequest::from_request(); + $server = omb_oauth_server(); + $token = $server->fetch_request_token($req); + print $token; + } catch (OAuthException $e) { + $this->serverError($e->getMessage()); + } + } } + diff --git a/actions/showfavorites.php b/actions/showfavorites.php index 4de4b1271..bb68f8d94 100644 --- a/actions/showfavorites.php +++ b/actions/showfavorites.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * List of replies + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,83 +18,197 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/actions/showstream.php'); - -class ShowfavoritesAction extends StreamAction { - - function handle($args) { - - parent::handle($args); - - $nickname = common_canonical_nickname($this->arg('nickname')); - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - $this->client_error(_('No such user.')); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - # Looks like we're good; show the header - - common_show_header(sprintf(_("%s favorite notices"), $profile->nickname), - array($this, 'show_header'), $user, - array($this, 'show_top')); - - $this->show_notices($user); - - common_show_footer(); - } - - function show_header($user) { - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('favoritesrss', array('nickname' => - $user->nickname)), - 'type' => 'application/rss+xml', - 'title' => sprintf(_('Feed for favorites of %s'), $user->nickname))); - } - - function show_top($user) { - $cur = common_current_user(); - - if ($cur && $cur->id == $user->id) { - common_notice_form('all'); - } - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('favoritesrss', array('nickname' => $user->nickname)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'Favorites'))); - $this->views_menu(); - } - - function show_notices($user) { - - $page = $this->trimmed('page'); - if (!$page) { - $page = 1; - } - - $notice = $user->favoriteNotices(($page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); +if (!defined('LACONICA')) { + exit(1); +} - if (!$notice) { - $this->server_error(_('Could not retrieve favorite notices.')); - return; - } +require_once INSTALLDIR.'/lib/personalgroupnav.php'; +require_once INSTALLDIR.'/lib/noticelist.php'; +require_once INSTALLDIR.'/lib/feedlist.php'; - $cnt = $this->show_notice_list($notice); +/** + * List of replies + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'showfavorites', array('nickname' => $user->nickname)); - } +class ShowfavoritesAction extends Action +{ + /** User we're getting the faves of */ + var $user = null; + /** Page of the faves we're on */ + var $page = null; + + /** + * Is this a read-only page? + * + * @return boolean true + */ + + function isReadOnly() + { + return true; + } + + /** + * Title of the page + * + * Includes name of user and page number. + * + * @return string title of page + */ + + function title() + { + if ($this->page == 1) { + return sprintf(_("%s favorite notices"), $this->user->nickname); + } else { + return sprintf(_("%s favorite notices, page %d"), + $this->user->nickname, + $this->page); + } + } + + /** + * Prepare the object + * + * Check the input values and initialize the object. + * Shows an error page on bad input. + * + * @param array $args $_REQUEST data + * + * @return boolean success flag + */ + + function prepare($args) + { + parent::prepare($args); + + $nickname = common_canonical_nickname($this->arg('nickname')); + + $this->user = User::staticGet('nickname', $nickname); + + if (!$this->user) { + $this->clientError(_('No such user.')); + return false; + } + + $this->page = $this->trimmed('page'); + + if (!$this->page) { + $this->page = 1; + } + + return true; + } + + /** + * Handle a request + * + * Just show the page. All args already handled. + * + * @param array $args $_REQUEST data + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + $this->showPage(); + } + + /** + * Feeds for the <head> section + * + * @return void + */ + + function showFeeds() + { + $feedurl = common_local_url('favoritesrss', + array('nickname' => + $this->user->nickname)); + $feedtitle = sprintf(_('Feed for favorites of %s'), + $this->user->nickname); + + $this->element('link', array('rel' => 'alternate', + 'href' => $feedurl, + 'type' => 'application/rss+xml', + 'title' => $feedtitle)); + } + + /** + * show the personal group nav + * + * @return void + */ + + function showLocalNav() + { + $nav = new PersonalGroupNav($this); + $nav->show(); + } + + /** + * Show the replies feed links + * + * @return void + */ + + function showExportData() + { + $feedurl = common_local_url('favoritesrss', + array('nickname' => + $this->user->nickname)); + + $fl = new FeedList($this); + + // XXX: I18N + + $fl->show(array(0=>array('href'=> $feedurl, + 'type' => 'rss', + 'version' => 'RSS 1.0', + 'item' => 'Favorites'))); + } + + /** + * Show the content + * + * A list of notices that this user has marked as a favorite + * + * @return void + */ + + function showContent() + { + $notice = $this->user->favoriteNotices(($this->page-1)*NOTICES_PER_PAGE, + NOTICES_PER_PAGE + 1); + + if (!$notice) { + $this->serverError(_('Could not retrieve favorite notices.')); + return; + } + + $nl = new NoticeList($notice, $this); + + $cnt = $nl->show(); + + $this->pagination($this->page > 1, $cnt > NOTICES_PER_PAGE, + $this->page, 'showfavorites', + array('nickname' => $this->user->nickname)); + } } diff --git a/actions/showgroup.php b/actions/showgroup.php new file mode 100644 index 000000000..99367a97c --- /dev/null +++ b/actions/showgroup.php @@ -0,0 +1,387 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * Group main page + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/noticelist.php'; +require_once INSTALLDIR.'/lib/feedlist.php'; + +define('MEMBERS_PER_SECTION', 81); + +/** + * Group main page + * + * @category Group + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class ShowgroupAction extends Action +{ + /** group we're viewing. */ + var $group = null; + /** page we're viewing. */ + var $page = null; + + /** + * Is this page read-only? + * + * @return boolean true + */ + + function isReadOnly() + { + return true; + } + + /** + * Title of the page + * + * @return string page title, with page number + */ + + function title() + { + if ($this->page == 1) { + return sprintf(_("%s group"), $this->group->nickname); + } else { + return sprintf(_("%s group, page %d"), + $this->group->nickname, + $this->page); + } + } + + /** + * Prepare the action + * + * Reads and validates arguments and instantiates the attributes. + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + */ + + function prepare($args) + { + parent::prepare($args); + + if (!common_config('inboxes','enabled')) { + $this->serverError(_('Inboxes must be enabled for groups to work')); + return false; + } + + $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; + + $nickname_arg = $this->arg('nickname'); + $nickname = common_canonical_nickname($nickname_arg); + + // Permanent redirect on non-canonical nickname + + if ($nickname_arg != $nickname) { + $args = array('nickname' => $nickname); + if ($this->page != 1) { + $args['page'] = $this->page; + } + common_redirect(common_local_url('showgroup', $args), 301); + return false; + } + + if (!$nickname) { + $this->clientError(_('No nickname'), 404); + return false; + } + + $this->group = User_group::staticGet('nickname', $nickname); + + if (!$this->group) { + $this->clientError(_('No such group'), 404); + return false; + } + + return true; + } + + /** + * Handle the request + * + * Shows a profile for the group, some controls, and a list of + * group notices. + * + * @return void + */ + + function handle($args) + { + $this->showPage(); + } + + /** + * Local menu + * + * @return void + */ + + function showLocalNav() + { + $nav = new GroupNav($this, $this->group); + $nav->show(); + } + + /** + * Show the page content + * + * Shows a group profile and a list of group notices + */ + + function showContent() + { + $this->showGroupProfile(); + $this->showGroupNotices(); + } + + /** + * Show the group notices + * + * @return void + */ + + function showGroupNotices() + { + $notice = $this->group->getNotices(($this->page-1)*NOTICES_PER_PAGE, + NOTICES_PER_PAGE + 1); + + $nl = new NoticeList($notice, $this); + $cnt = $nl->show(); + + $this->pagination($this->page > 1, + $cnt > NOTICES_PER_PAGE, + $this->page, + 'showgroup', + array('nickname' => $this->group->nickname)); + } + + /** + * Show the group profile + * + * Information about the group + * + * @return void + */ + + function showGroupProfile() + { + $this->elementStart('div', 'entity_profile vcard author'); + + $this->element('h2', null, _('Group profile')); + + $this->elementStart('dl', 'entity_depiction'); + $this->element('dt', null, _('Avatar')); + $this->elementStart('dd'); + + $logo = ($this->group->homepage_logo) ? + $this->group->homepage_logo : User_group::defaultLogo(AVATAR_PROFILE_SIZE); + + $this->element('img', array('src' => $logo, + 'class' => 'photo avatar', + 'width' => AVATAR_PROFILE_SIZE, + 'height' => AVATAR_PROFILE_SIZE, + 'alt' => $this->group->nickname)); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + + $this->elementStart('dl', 'entity_nickname'); + $this->element('dt', null, _('Nickname')); + $this->elementStart('dd'); + $hasFN = ($this->group->fullname) ? 'nickname url uid' : 'fn org nickname url uid'; + $this->element('a', array('href' => $this->group->homeUrl(), + 'rel' => 'me', 'class' => $hasFN), + $this->group->nickname); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + + if ($this->group->fullname) { + $this->elementStart('dl', 'entity_fn'); + $this->element('dt', null, _('Full name')); + $this->elementStart('dd'); + $this->element('span', 'fn org', $this->group->fullname); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + } + + if ($this->group->location) { + $this->elementStart('dl', 'entity_location'); + $this->element('dt', null, _('Location')); + $this->element('dd', 'location', $this->group->location); + $this->elementEnd('dl'); + } + + if ($this->group->homepage) { + $this->elementStart('dl', 'entity_url'); + $this->element('dt', null, _('URL')); + $this->elementStart('dd'); + $this->element('a', array('href' => $this->group->homepage, + 'rel' => 'me', 'class' => 'url'), + $this->group->homepage); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + } + + if ($this->group->description) { + $this->elementStart('dl', 'entity_note'); + $this->element('dt', null, _('Note')); + $this->element('dd', 'note', $this->group->description); + $this->elementEnd('dl'); + } + + $this->elementEnd('div'); + + $this->elementStart('div', 'entity_actions'); + $this->element('h2', null, _('Group actions')); + $this->elementStart('ul'); + $this->elementStart('li', array('id' => 'entity_subscribe')); + $cur = common_current_user(); + if ($cur) { + if ($cur->isMember($this->group)) { + if (!$cur->isAdmin($this->group)) { + $lf = new LeaveForm($this, $this->group); + $lf->show(); + } + } else { + $jf = new JoinForm($this, $this->group); + $jf->show(); + } + } + + $this->elementEnd('li'); + + $this->elementEnd('ul'); + $this->elementEnd('div'); + } + + /** + * Show a list of links to feeds this page produces + * + * @return void + */ + + function showExportData() + { + $fl = new FeedList($this); + $fl->show(array(0=>array('href'=>common_local_url('grouprss', + array('nickname' => $this->group->nickname)), + 'type' => 'rss', + 'version' => 'RSS 1.0', + 'item' => 'notices'))); + } + + /** + * Show a list of links to feeds this page produces + * + * @return void + */ + + function showFeeds() + { + $url = + common_local_url('grouprss', + array('nickname' => $this->group->nickname)); + + $this->element('link', array('rel' => 'alternate', + 'href' => $url, + 'type' => 'application/rss+xml', + 'title' => sprintf(_('Notice feed for %s group'), + $this->group->nickname))); + } + + /** + * Fill in the sidebar. + * + * @return void + */ + + function showSections() + { + $this->showMembers(); + $cloud = new GroupTagCloudSection($this, $this->group); + $cloud->show(); + } + + /** + * Show mini-list of members + * + * @return void + */ + + function showMembers() + { + $member = $this->group->getMembers(0, MEMBERS_PER_SECTION); + + if (!$member) { + return; + } + + $this->elementStart('div', array('id' => 'entity_members', + 'class' => 'section')); + + $this->element('h2', null, _('Members')); + + if ($member) { + $pml = new ProfileMiniList($member, null, $this); + $cnt = $pml->show(); + if ($cnt == 0) { + $this->element('p', null, _('(None)')); + } + } + + if ($cnt == MEMBERS_PER_SECTION) { + $this->element('a', array('href' => common_local_url('groupmembers', + array('nickname' => $this->group->nickname))), + _('All members')); + } + + $this->elementEnd('div'); + } + + function showAnonymousMessage() + { + $m = sprintf(_('**%s** is a user group on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . + 'based on the Free Software [Laconica](http://laconi.ca/) tool. Its members share ' . + 'short messages about their life and interests. '. + '[Join now](%%%%action.register%%%%) to become part of this group and many more! ([Read more](%%%%doc.help%%%%))'), + $this->group->nickname); + $this->elementStart('div', array('id' => 'anon_notice')); + $this->raw(common_markup_to_html($m)); + $this->elementEnd('div'); + } +} diff --git a/actions/showmessage.php b/actions/showmessage.php index c171ffe0b..289414153 100644 --- a/actions/showmessage.php +++ b/actions/showmessage.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Show a single message + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,86 +18,162 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ +if (!defined('LACONICA')) { + exit(1); +} -if (!defined('LACONICA')) { exit(1); } +require_once INSTALLDIR.'/lib/mailbox.php'; -require_once(INSTALLDIR.'/lib/mailbox.php'); +/** + * Show a single message + * + * // XXX: It is totally weird how this works! + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ -class ShowmessageAction extends MailboxAction { +class ShowmessageAction extends MailboxAction +{ + /** + * Message object to show + */ - function handle($args) { + var $message = null; + + /** + * The current user + */ + + var $user = null; - Action::handle($args); + /** + * Load attributes based on database arguments + * + * Loads all the DB stuff + * + * @param array $args $_REQUEST array + * + * @return success flag + */ - $message = $this->get_message(); + function prepare($args) + { + parent::prepare($args); + + $this->page = 1; + + $id = $this->trimmed('message'); + $this->message = Message::staticGet('id', $id); - if (!$message) { - $this->client_error(_('No such message.'), 404); - return; - } - - $cur = common_current_user(); - - if ($cur && ($cur->id == $message->from_profile || $cur->id == $message->to_profile)) { - $this->show_page($cur, 1); - } else { - $this->client_error(_('Only the sender and recipient may read this message.'), 403); - return; - } - } - - function get_message() { - $id = $this->trimmed('message'); - $message = Message::staticGet('id', $id); - return $message; - } - - function get_title($user, $page) { - $message = $this->get_message(); - if (!$message) { - return NULL; - } - - if ($user->id == $message->from_profile) { - $to = $message->getTo(); - $title = sprintf(_("Message to %1\$s on %2\$s"), - $to->nickname, - common_exact_date($message->created)); - } else if ($user->id == $message->to_profile) { - $from = $message->getFrom(); - $title = sprintf(_("Message from %1\$s on %2\$s"), - $from->nickname, - common_exact_date($message->created)); - } - return $title; - } + if (!$this->message) { + $this->clientError(_('No such message.'), 404); + return false; + } - function get_messages($user, $page) { - $message = new Message(); - $message->id = $this->trimmed('message'); - $message->find(); - return $message; - } - - function get_message_profile($message) { - $user = common_current_user(); - if ($user->id == $message->from_profile) { - return $message->getTo(); - } else if ($user->id == $message->to_profile) { - return $message->getFrom(); - } else { - # This shouldn't happen - return NULL; - } - } - - function get_instructions() { - return ''; - } - - function views_menu() { - return; - } -} -
\ No newline at end of file + $this->user = common_current_user(); + + return true; + } + + function handle($args) + { + Action::handle($args); + + if ($this->user && ($this->user->id == $this->message->from_profile || + $this->user->id == $this->message->to_profile)) { + $this->showPage(); + } else { + $this->clientError(_('Only the sender and recipient ' . + 'may read this message.'), 403); + return; + } + } + + function title() + { + if ($this->user->id == $this->message->from_profile) { + $to = $this->message->getTo(); + return sprintf(_("Message to %1\$s on %2\$s"), + $to->nickname, + common_exact_date($this->message->created)); + } else if ($this->user->id == $this->message->to_profile) { + $from = $this->message->getFrom(); + return sprintf(_("Message from %1\$s on %2\$s"), + $from->nickname, + common_exact_date($this->message->created)); + } + } + + function getMessages() + { + $message = new Message(); + $message->id = $this->message->id; + $message->find(); + return $message; + } + + function getMessageProfile() + { + if ($this->user->id == $this->message->from_profile) { + return $this->message->getTo(); + } else if ($this->user->id == $this->message->to_profile) { + return $this->message->getFrom(); + } else { + // This shouldn't happen + return null; + } + } + + /** + * Don't show local navigation + * + * @return void + */ + + function showLocalNavBlock() + { + } + + /** + * Don't show page notice + * + * @return void + */ + + function showPageNoticeBlock() + { + } + + /** + * Don't show aside + * + * @return void + */ + + function showAside() + { + } + + /** + * Don't show any instructions + * + * @return string + */ + + function getInstructions() + { + return ''; + } +}
\ No newline at end of file diff --git a/actions/shownotice.php b/actions/shownotice.php index 6dea6d7bb..d5f35cd84 100644 --- a/actions/shownotice.php +++ b/actions/shownotice.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Show a single notice + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,102 +18,247 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/personalgroupnav.php'; +require_once INSTALLDIR.'/lib/noticelist.php'; +require_once INSTALLDIR.'/lib/feedlist.php'; + +/** + * Show a single notice + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class ShownoticeAction extends Action +{ + /** + * Notice object to show + */ + + var $notice = null; + + /** + * Profile of the notice object + */ + + var $profile = null; + + /** + * Avatar of the profile of the notice object + */ + + var $avatar = null; + + /** + * Load attributes based on database arguments + * + * Loads all the DB stuff + * + * @param array $args $_REQUEST array + * + * @return success flag + */ -require_once(INSTALLDIR.'/lib/stream.php'); + function prepare($args) + { + parent::prepare($args); -class ShownoticeAction extends StreamAction { + $id = $this->arg('notice'); - var $notice = NULL; - var $profile = NULL; - var $avatar = NULL; + $this->notice = Notice::staticGet($id); - function prepare($args) { + if (!$this->notice) { + $this->clientError(_('No such notice.'), 404); + return false; + } - parent::prepare($args); + $this->profile = $this->notice->getProfile(); - $id = $this->arg('notice'); - $this->notice = Notice::staticGet($id); + if (!$this->profile) { + $this->serverError(_('Notice has no profile'), 500); + return false; + } - if (!$this->notice) { - $this->client_error(_('No such notice.'), 404); - return false; - } + $this->avatar = $this->profile->getAvatar(AVATAR_PROFILE_SIZE); - $this->profile = $this->notice->getProfile(); + return true; + } - if (!$this->profile) { - $this->server_error(_('Notice has no profile'), 500); - return false; - } + /** + * Is this action read-only? + * + * @return boolean true + */ - $this->avatar = $this->profile->getAvatar(AVATAR_STREAM_SIZE); + function isReadOnly() + { + return true; + } - return true; - } + /** + * Last-modified date for page + * + * When was the content of this page last modified? Based on notice, + * profile, avatar. + * + * @return int last-modified date as unix timestamp + */ - function last_modified() { - return max(strtotime($this->notice->created), - strtotime($this->profile->modified), - ($this->avatar) ? strtotime($this->avatar->modified) : 0); - } + function lastModified() + { + return max(strtotime($this->notice->created), + strtotime($this->profile->modified), + ($this->avatar) ? strtotime($this->avatar->modified) : 0); + } - function etag() { - return 'W/"' . implode(':', array($this->arg('action'), - common_language(), - $this->notice->id, - strtotime($this->notice->created), - strtotime($this->profile->modified), - ($this->avatar) ? strtotime($this->avatar->modified) : 0)) . '"'; - } + /** + * An entity tag for this page + * + * Shows the ETag for the page, based on the notice ID and timestamps + * for the notice, profile, and avatar. It's weak, since we change + * the date text "one hour ago", etc. + * + * @return string etag + */ - function handle($args) { + function etag() + { + $avtime = ($this->avatar) ? + strtotime($this->avatar->modified) : 0; - parent::handle($args); + return 'W/"' . implode(':', array($this->arg('action'), + common_language(), + $this->notice->id, + strtotime($this->notice->created), + strtotime($this->profile->modified), + $avtime)) . '"'; + } - common_show_header(sprintf(_('%1$s\'s status on %2$s'), - $this->profile->nickname, - common_exact_date($this->notice->created)), - array($this, 'show_header'), NULL, - array($this, 'show_top')); + /** + * Title of the page + * + * @return string title of the page + */ - common_element_start('ul', array('id' => 'notices')); - $nli = new NoticeListItem($this->notice); + function title() + { + return sprintf(_('%1$s\'s status on %2$s'), + $this->profile->nickname, + common_exact_date($this->notice->created)); + } + + /** + * Handle input + * + * Only handles get, so just show the page. + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + $this->showPage(); + } + + + /** + * Don't show local navigation + * + * @return void + */ + + function showLocalNavBlock() + { + } + + + /** + * Fill the content area of the page + * + * Shows a single notice list item. + * + * @return void + */ + + function showContent() + { + $this->elementStart('ul', array('class' => 'notices')); + $nli = new NoticeListItem($this->notice, $this); $nli->show(); - common_element_end('ul'); + $this->elementEnd('ul'); + } + + + + /** + * Don't show page notice + * + * @return void + */ + + function showPageNoticeBlock() + { + } + - common_show_footer(); - } + /** + * Don't show aside + * + * @return void + */ - function show_header() { + function showAside() { + } - $user = User::staticGet($this->profile->id); - if (!$user) { - return; - } + /** + * Extra <head> content + * + * We show the microid(s) for the author, if any. + * + * @return void + */ - if ($user->emailmicroid && $user->email && $this->notice->uri) { - common_element('meta', array('name' => 'microid', - 'content' => "mailto+http:sha1:" . sha1(sha1('mailto:' . $user->email) . sha1($this->notice->uri)))); - } + function extraHead() + { + $user = User::staticGet($this->profile->id); - if ($user->jabbermicroid && $user->jabber && $this->notice->uri) { - common_element('meta', array('name' => 'microid', - 'content' => "xmpp+http:sha1:" . sha1(sha1('xmpp:' . $user->jabber) . sha1($this->notice->uri)))); - } - } + if (!$user) { + return; + } - function show_top() { - $cur = common_current_user(); - if ($cur && $cur->id == $this->profile->id) { - common_notice_form(); - } - } + if ($user->emailmicroid && $user->email && $this->notice->uri) { + $id = new Microid('mailto:'. $user->email, + $this->notice->uri); + $this->element('meta', array('name' => 'microid', + 'content' => $id->toString())); + } - function no_such_notice() { - common_user_error(_('No such notice.')); - } + if ($user->jabbermicroid && $user->jabber && $this->notice->uri) { + $id = new Microid('xmpp:', $user->jabber, + $this->notice->uri); + $this->element('meta', array('name' => 'microid', + 'content' => $id->toString())); + } + } } diff --git a/actions/showstream.php b/actions/showstream.php index 6d6225661..2fd56ad2e 100644 --- a/actions/showstream.php +++ b/actions/showstream.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * User profile page + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,25 +18,67 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/stream.php'); +if (!defined('LACONICA')) { + exit(1); +} -define('SUBSCRIPTIONS_PER_ROW', 4); -define('SUBSCRIPTIONS', 80); +require_once INSTALLDIR.'/lib/personalgroupnav.php'; +require_once INSTALLDIR.'/lib/noticelist.php'; +require_once INSTALLDIR.'/lib/profileminilist.php'; +require_once INSTALLDIR.'/lib/groupminilist.php'; +require_once INSTALLDIR.'/lib/feedlist.php'; -class ShowstreamAction extends StreamAction { +/** + * User profile page + * + * When I created this page, "show stream" seemed like the best name for it. + * Now, it seems like a really bad name. + * + * It shows a stream of the user's posts, plus lots of profile info, links + * to subscriptions and stuff, etc. + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ - function handle($args) { +class ShowstreamAction extends Action +{ + var $user = null; + var $page = null; + var $profile = null; + + function title() + { + if ($this->page == 1) { + return $this->user->nickname; + } else { + return sprintf(_("%s, page %d"), + $this->user->nickname, + $this->page); + } + } - parent::handle($args); + function prepare($args) + { + parent::prepare($args); $nickname_arg = $this->arg('nickname'); - $nickname = common_canonical_nickname($nickname_arg); + $nickname = common_canonical_nickname($nickname_arg); - # Permanent redirect on non-canonical nickname + // Permanent redirect on non-canonical nickname if ($nickname_arg != $nickname) { $args = array('nickname' => $nickname); @@ -41,410 +86,479 @@ class ShowstreamAction extends StreamAction { $args['page'] = $this->arg['page']; } common_redirect(common_local_url('showstream', $args), 301); - return; + return false; + } + + $this->user = User::staticGet('nickname', $nickname); + + if (!$this->user) { + $this->clientError(_('No such user.'), 404); + return false; + } + + $this->profile = $this->user->getProfile(); + + if (!$this->profile) { + $this->serverError(_('User has no profile.')); + return false; + } + + $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; + + return true; + } + + function handle($args) + { + + // Looks like we're good; start output + + // For YADIS discovery, we also have a <meta> tag + + header('X-XRDS-Location: '. common_local_url('xrds', array('nickname' => + $this->user->nickname))); + + $this->showPage(); + } + + function showContent() + { + $this->showProfile(); + $this->showNotices(); + } + + function showLocalNav() + { + $nav = new PersonalGroupNav($this); + $nav->show(); + } + + function showPageTitle() + { + $this->element('h1', NULL, $this->profile->nickname._("'s profile")); + } + + function showPageNoticeBlock() + { + return; + } + + function showExportData() + { + $fl = new FeedList($this); + $fl->show(array(0=>array('href'=>common_local_url('userrss', + array('nickname' => $this->user->nickname)), + 'type' => 'rss', + 'version' => 'RSS 1.0', + 'item' => 'notices'), + 1=>array('href'=>common_local_url('usertimeline', + array('nickname' => $this->user->nickname)), + 'type' => 'atom', + 'version' => 'Atom 1.0', + 'item' => 'usertimeline'), + 2=>array('href'=>common_local_url('foaf', + array('nickname' => $this->user->nickname)), + 'type' => 'rdf', + 'version' => 'FOAF', + 'item' => 'foaf'))); + } + + function showFeeds() + { + // Feeds + $this->element('link', array('rel' => 'alternate', + 'href' => common_local_url('api', + array('apiaction' => 'statuses', + 'method' => 'entity_timeline.rss', + 'argument' => $this->user->nickname)), + 'type' => 'application/rss+xml', + 'title' => sprintf(_('Notice feed for %s'), $this->user->nickname))); + $this->element('link', array('rel' => 'alternate feed', + 'href' => common_local_url('api', + array('apiaction' => 'statuses', + 'method' => 'entity_timeline.atom', + 'argument' => $this->user->nickname)), + 'type' => 'application/atom+xml', + 'title' => sprintf(_('Notice feed for %s'), $this->user->nickname))); + $this->element('link', array('rel' => 'alternate', + 'href' => common_local_url('userrss', array('nickname' => + $this->user->nickname)), + 'type' => 'application/rdf+xml', + 'title' => sprintf(_('Notice feed for %s'), $this->user->nickname))); + } + + function extraHead() + { + // FOAF + $this->element('link', array('rel' => 'meta', + 'href' => common_local_url('foaf', array('nickname' => + $this->user->nickname)), + 'type' => 'application/rdf+xml', + 'title' => 'FOAF')); + // for remote subscriptions etc. + $this->element('meta', array('http-equiv' => 'X-XRDS-Location', + 'content' => common_local_url('xrds', array('nickname' => + $this->user->nickname)))); + + if ($this->profile->bio) { + $this->element('meta', array('name' => 'description', + 'content' => $this->profile->bio)); + } + + if ($this->user->emailmicroid && $this->user->email && $this->profile->profileurl) { + $id = new Microid('mailto:'.$this->user->email, + $this->selfUrl()); + $this->element('meta', array('name' => 'microid', + 'content' => $id->toString())); + } + if ($this->user->jabbermicroid && $this->user->jabber && $this->profile->profileurl) { + $id = new Microid('xmpp:'.$this->user->jabber, + $this->selfUrl()); + $this->element('meta', array('name' => 'microid', + 'content' => $id->toString())); + } + + // See https://wiki.mozilla.org/Microsummaries + + $this->element('link', array('rel' => 'microsummary', + 'href' => common_local_url('microsummary', + array('nickname' => $this->profile->nickname)))); + } + + function showProfile() + { + $this->elementStart('div', 'entity_profile vcard author'); + $this->element('h2', null, _('User profile')); + + $avatar = $this->profile->getAvatar(AVATAR_PROFILE_SIZE); + $this->elementStart('dl', 'entity_depiction'); + $this->element('dt', null, _('Photo')); + $this->elementStart('dd'); + $this->element('img', array('src' => ($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_PROFILE_SIZE), + 'class' => 'photo avatar', + 'width' => AVATAR_PROFILE_SIZE, + 'height' => AVATAR_PROFILE_SIZE, + 'alt' => $this->profile->nickname)); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + + $this->elementStart('dl', 'entity_nickname'); + $this->element('dt', null, _('Nickname')); + $this->elementStart('dd'); + $hasFN = ($this->profile->fullname) ? 'nickname url uid' : 'fn nickname url uid'; + $this->element('a', array('href' => $this->profile->profileurl, + 'rel' => 'me', 'class' => $hasFN), + $this->profile->nickname); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + + if ($this->profile->fullname) { + $this->elementStart('dl', 'entity_fn'); + $this->element('dt', null, _('Full name')); + $this->elementStart('dd'); + $this->element('span', 'fn', $this->profile->fullname); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + } + + if ($this->profile->location) { + $this->elementStart('dl', 'entity_location'); + $this->element('dt', null, _('Location')); + $this->element('dd', 'location', $this->profile->location); + $this->elementEnd('dl'); + } + + if ($this->profile->homepage) { + $this->elementStart('dl', 'entity_url'); + $this->element('dt', null, _('URL')); + $this->elementStart('dd'); + $this->element('a', array('href' => $this->profile->homepage, + 'rel' => 'me', 'class' => 'url'), + $this->profile->homepage); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + } + + if ($this->profile->bio) { + $this->elementStart('dl', 'entity_note'); + $this->element('dt', null, _('Note')); + $this->element('dd', 'note', $this->profile->bio); + $this->elementEnd('dl'); } - $user = User::staticGet('nickname', $nickname); - - if (!$user) { - $this->no_such_user(); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - # Looks like we're good; start output - - # For YADIS discovery, we also have a <meta> tag - - header('X-XRDS-Location: '. common_local_url('xrds', array('nickname' => - $user->nickname))); - - common_show_header($profile->nickname, - array($this, 'show_header'), $user, - array($this, 'show_top')); - - $this->show_profile($profile); - - $this->show_notices($user); - - common_show_footer(); - } - - function show_top($user) { - $cur = common_current_user(); - - if ($cur && $cur->id == $user->id) { - common_notice_form('showstream'); - } - - $this->views_menu(); - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('userrss', array('nickname' => $user->nickname)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'notices'), - 1=>array('href'=>common_local_url('usertimeline', array('nickname' => $user->nickname)), - 'type' => 'atom', - 'version' => 'Atom 1.0', - 'item' => 'usertimeline'), - - 2=>array('href'=>common_local_url('foaf',array('nickname' => $user->nickname)), - 'type' => 'rdf', - 'version' => 'FOAF', - 'item' => 'foaf'))); - } - - function show_header($user) { - # Feeds - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('api', - array('apiaction' => 'statuses', - 'method' => 'user_timeline.rss', - 'argument' => $user->nickname)), - 'type' => 'application/rss+xml', - 'title' => sprintf(_('Notice feed for %s'), $user->nickname))); - common_element('link', array('rel' => 'alternate feed', - 'href' => common_local_url('api', - array('apiaction' => 'statuses', - 'method' => 'user_timeline.atom', - 'argument' => $user->nickname)), - 'type' => 'application/atom+xml', - 'title' => sprintf(_('Notice feed for %s'), $user->nickname))); - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('userrss', array('nickname' => - $user->nickname)), - 'type' => 'application/rdf+xml', - 'title' => sprintf(_('Notice feed for %s'), $user->nickname))); - # FOAF - common_element('link', array('rel' => 'meta', - 'href' => common_local_url('foaf', array('nickname' => - $user->nickname)), - 'type' => 'application/rdf+xml', - 'title' => 'FOAF')); - # for remote subscriptions etc. - common_element('meta', array('http-equiv' => 'X-XRDS-Location', - 'content' => common_local_url('xrds', array('nickname' => - $user->nickname)))); - $profile = $user->getProfile(); - if ($profile->bio) { - common_element('meta', array('name' => 'description', - 'content' => $profile->bio)); - } - - if ($user->emailmicroid && $user->email && $profile->profileurl) { - common_element('meta', array('name' => 'microid', - 'content' => "mailto+http:sha1:" . sha1(sha1('mailto:' . $user->email) . sha1($profile->profileurl)))); - } - if ($user->jabbermicroid && $user->jabber && $profile->profileurl) { - common_element('meta', array('name' => 'microid', - 'content' => "xmpp+http:sha1:" . sha1(sha1('xmpp:' . $user->jabber) . sha1($profile->profileurl)))); - } - - # See https://wiki.mozilla.org/Microsummaries - - common_element('link', array('rel' => 'microsummary', - 'href' => common_local_url('microsummary', - array('nickname' => $profile->nickname)))); - } - - function no_such_user() { - $this->client_error(_('No such user.'), 404); - } - - function show_profile($profile) { - - common_element_start('div', array('id' => 'profile', 'class' => 'vcard')); - - $this->show_personal($profile); - - $this->show_last_notice($profile); - - $cur = common_current_user(); - - $this->show_subscriptions($profile); - - common_element_end('div'); - } - - function show_personal($profile) { - - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - common_element_start('div', array('id' => 'profile_avatar')); - common_element('img', array('src' => ($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_PROFILE_SIZE), - 'class' => 'avatar profile photo', - 'width' => AVATAR_PROFILE_SIZE, - 'height' => AVATAR_PROFILE_SIZE, - 'alt' => $profile->nickname)); - - common_element_start('ul', array('id' => 'profile_actions')); - - common_element_start('li', array('id' => 'profile_subscribe')); - $cur = common_current_user(); - if ($cur) { - if ($cur->id != $profile->id) { - if ($cur->isSubscribed($profile)) { - common_unsubscribe_form($profile); - } else { - common_subscribe_form($profile); - } - } - } else { - $this->show_remote_subscribe_link($profile); - } - common_element_end('li'); - - $user = User::staticGet('id', $profile->id); - common_profile_new_message_nudge($cur, $user, $profile); - - if ($cur && $cur->id != $profile->id) { - $blocked = $cur->hasBlocked($profile); - common_element_start('li', array('id' => 'profile_block')); + $tags = Profile_tag::getTags($this->profile->id, $this->profile->id); + if (count($tags) > 0) { + $this->elementStart('dl', 'entity_tags'); + $this->element('dt', null, _('Tags')); + $this->elementStart('dd'); + $this->elementStart('ul', 'tags xoxo'); + foreach ($tags as $tag) { + $this->elementStart('li'); + $this->element('span', 'mark_hash', '#'); + $this->element('a', array('rel' => 'tag', + 'href' => common_local_url('peopletag', + array('tag' => $tag))), + $tag); + $this->elementEnd('li'); + } + $this->elementEnd('ul'); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + } + $this->elementEnd('div'); + + //XXX: entity_actions doesn't need to be outputted if entity is looking at their own profile + $this->elementStart('div', 'entity_actions'); + $this->element('h2', null, _('User actions')); + $this->elementStart('ul'); + $this->elementStart('li', array('id' => 'entity_subscribe')); + $cur = common_current_user(); + if ($cur) { + if ($cur->id != $this->profile->id) { + if ($cur->isSubscribed($this->profile)) { + $usf = new UnsubscribeForm($this, $this->profile); + $usf->show(); + } else { + $sf = new SubscribeForm($this, $this->profile); + $sf->show(); + } + } + } else { + $this->showRemoteSubscribeLink(); + } + $this->elementEnd('li'); + +// common_profile_new_message_nudge($cur, $this->user, $this->profile); + + $user = User::staticGet('id', $this->profile->id); + if ($cur && $cur->id != $user->id && $cur->mutuallySubscribed($user)) { + $this->elementStart('li', array('id' => 'entity_send-a-message')); + $this->element('a', array('href' => common_local_url('newmessage', array('to' => $user->id)), + 'title' => _('Send a direct message to this user')), + _('Message')); + $this->elementEnd('li'); + + if ($user->email && $user->emailnotifynudge) { + $this->elementStart('li', array('id' => 'entity_nudge')); + $nf = new NudgeForm($this, $user); + $nf->show(); + $this->elementEnd('li'); + } + } + + if ($cur && $cur->id != $this->profile->id) { + $blocked = $cur->hasBlocked($this->profile); + $this->elementStart('li', array('id' => 'entity_block')); if ($blocked) { - common_unblock_form($profile, array('action' => 'showstream', - 'nickname' => $profile->nickname)); + $ubf = new UnblockForm($this, $this->profile); + $ubf->show(); } else { - common_block_form($profile, array('action' => 'showstream', - 'nickname' => $profile->nickname)); + $bf = new BlockForm($this, $this->profile); + $bf->show(); } - common_element_end('li'); + $this->elementEnd('li'); } + $this->elementEnd('ul'); + $this->elementEnd('div'); + } + + function showRemoteSubscribeLink() + { + $url = common_local_url('remotesubscribe', + array('nickname' => $this->profile->nickname)); + $this->element('a', array('href' => $url, + 'class' => 'entity_remote_subscribe'), + _('Subscribe')); + } - common_element_end('ul'); - - common_element_end('div'); - - common_element_start('div', array('id' => 'profile_information')); - - if ($profile->fullname) { - common_element('h1', array('class' => 'fn'), $profile->fullname . ' (' . $profile->nickname . ')'); - } else { - common_element('h1', array('class' => 'fn nickname'), $profile->nickname); - } - - if ($profile->location) { - common_element('p', 'location', $profile->location); - } - if ($profile->bio) { - common_element('p', 'description note', $profile->bio); - } - if ($profile->homepage) { - common_element_start('p', 'website'); - common_element('a', array('href' => $profile->homepage, - 'rel' => 'me', 'class' => 'url'), - $profile->homepage); - common_element_end('p'); - } - - $this->show_statistics($profile); - - common_element_end('div'); - } - - function show_remote_subscribe_link($profile) { - $url = common_local_url('remotesubscribe', - array('nickname' => $profile->nickname)); - common_element('a', array('href' => $url, - 'id' => 'remotesubscribe'), - _('Subscribe')); - } - - function show_unsubscribe_form($profile) { - common_element_start('form', array('id' => 'unsubscribe', 'method' => 'post', - 'action' => common_local_url('unsubscribe'))); - common_hidden('token', common_session_token()); - common_element('input', array('id' => 'unsubscribeto', - 'name' => 'unsubscribeto', - 'type' => 'hidden', - 'value' => $profile->nickname)); - common_element('input', array('type' => 'submit', - 'class' => 'submit', - 'value' => _('Unsubscribe'))); - common_element_end('form'); - } - - function show_subscriptions($profile) { - global $config; - - $subs = DB_DataObject::factory('subscription'); - $subs->subscriber = $profile->id; - $subs->whereAdd('subscribed != ' . $profile->id); - - $subs->orderBy('created DESC'); - - # We ask for an extra one to know if we need to do another page - - $subs->limit(0, SUBSCRIPTIONS + 1); - - $subs_count = $subs->find(); - - common_element_start('div', array('id' => 'subscriptions')); - - common_element('h2', NULL, _('Subscriptions')); - - if ($subs_count > 0) { - - common_element_start('ul', array('id' => 'subscriptions_avatars')); - - for ($i = 0; $i < min($subs_count, SUBSCRIPTIONS); $i++) { - - if (!$subs->fetch()) { - common_debug('Weirdly, broke out of subscriptions loop early', __FILE__); - break; - } - - $other = Profile::staticGet($subs->subscribed); - - if (!$other) { - common_log_db_error($subs, 'SELECT', __FILE__); - continue; - } - - common_element_start('li', 'vcard'); - common_element_start('a', array('title' => ($other->fullname) ? - $other->fullname : - $other->nickname, - 'href' => $other->profileurl, - 'rel' => 'contact', - 'class' => 'subscription fn url')); - $avatar = $other->getAvatar(AVATAR_MINI_SIZE); - common_element('img', array('src' => (($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_MINI_SIZE)), - 'width' => AVATAR_MINI_SIZE, - 'height' => AVATAR_MINI_SIZE, - 'class' => 'avatar mini photo', - 'alt' => ($other->fullname) ? - $other->fullname : - $other->nickname)); - common_element_end('a'); - common_element_end('li'); - } - - common_element_end('ul'); - } - - if ($subs_count > SUBSCRIPTIONS) { - common_element_start('p', array('id' => 'subscriptions_viewall')); - - common_element('a', array('href' => common_local_url('subscriptions', - array('nickname' => $profile->nickname)), - 'class' => 'moresubscriptions'), - _('All subscriptions')); - common_element_end('p'); - } - - common_element_end('div'); - } - - function show_statistics($profile) { - - // XXX: WORM cache this - $subs = DB_DataObject::factory('subscription'); - $subs->subscriber = $profile->id; - $subs_count = (int) $subs->count() - 1; - - $subbed = DB_DataObject::factory('subscription'); - $subbed->subscribed = $profile->id; - $subbed_count = (int) $subbed->count() - 1; - - $notices = DB_DataObject::factory('notice'); - $notices->profile_id = $profile->id; - $notice_count = (int) $notices->count(); - - common_element_start('div', 'statistics'); - common_element('h2', 'statistics', _('Statistics')); - - # Other stats...? - common_element_start('dl', 'statistics'); - common_element('dt', 'membersince', _('Member since')); - common_element('dd', 'membersince', date('j M Y', - strtotime($profile->created))); - - common_element_start('dt', 'subscriptions'); - common_element('a', array('href' => common_local_url('subscriptions', - array('nickname' => $profile->nickname))), - _('Subscriptions')); - common_element_end('dt'); - common_element('dd', 'subscriptions', (is_int($subs_count)) ? $subs_count : '0'); - common_element_start('dt', 'subscribers'); - common_element('a', array('href' => common_local_url('subscribers', - array('nickname' => $profile->nickname))), - _('Subscribers')); - common_element_end('dt'); - common_element('dd', 'subscribers', (is_int($subbed_count)) ? $subbed_count : '0'); - common_element('dt', 'notices', _('Notices')); - common_element('dd', 'notices', (is_int($notice_count)) ? $notice_count : '0'); - # XXX: link these to something - common_element('dt', 'tags', _('Tags')); - common_element_start('dd', 'tags'); - $tags = Profile_tag::getTags($profile->id, $profile->id); - - common_element_start('ul', 'tags xoxo'); - foreach ($tags as $tag) { - common_element_start('li'); - common_element('a', array('rel' => 'bookmark tag', - 'href' => common_local_url('peopletag', - array('tag' => $tag))), - $tag); - common_element_end('li'); - } - common_element_end('ul'); - common_element_end('dd'); - - common_element_end('dl'); - - common_element_end('div'); - } - - function show_notices($user) { - - $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - - $notice = $user->getNotices(($page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); - - $pnl = new ProfileNoticeList($notice); + function showNotices() + { + $notice = $this->user->getNotices(($this->page-1)*NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1); + + $pnl = new ProfileNoticeList($notice, $this); $cnt = $pnl->show(); - common_pagination($page>1, $cnt>NOTICES_PER_PAGE, $page, - 'showstream', array('nickname' => $user->nickname)); - } - - function show_last_notice($profile) { - - common_element('h2', NULL, _('Currently')); - - $notice = $profile->getCurrentNotice(); - - if ($notice) { - # FIXME: URL, image, video, audio - common_element_start('p', array('class' => 'notice_current')); - if ($notice->rendered) { - common_raw($notice->rendered); - } else { - # XXX: may be some uncooked notices in the DB, - # we cook them right now. This can probably disappear in future - # versions (>> 0.4.x) - common_raw(common_render_content($notice->content, $notice)); - } - common_element_end('p'); - } - } + $this->pagination($this->page>1, $cnt>NOTICES_PER_PAGE, $this->page, + 'showstream', array('nickname' => $this->user->nickname)); + } + + function showSections() + { + $this->showSubscriptions(); + $this->showSubscribers(); + $this->showGroups(); + $this->showStatistics(); + $cloud = new PersonalTagCloudSection($this, $this->user); + $cloud->show(); + } + + function showSubscriptions() + { + $profile = $this->user->getSubscriptions(0, PROFILES_PER_MINILIST + 1); + + $this->elementStart('div', array('id' => 'entity_subscriptions', + 'class' => 'section')); + + $this->element('h2', null, _('Subscriptions')); + + if ($profile) { + $pml = new ProfileMiniList($profile, $this->user, $this); + $cnt = $pml->show(); + if ($cnt == 0) { + $this->element('p', null, _('(None)')); + } + } + + if ($cnt > PROFILES_PER_MINILIST) { + $this->elementStart('p'); + $this->element('a', array('href' => common_local_url('subscriptions', + array('nickname' => $this->profile->nickname)), + 'class' => 'more'), + _('All subscriptions')); + $this->elementEnd('p'); + } + + $this->elementEnd('div'); + } + + function showSubscribers() + { + $profile = $this->user->getSubscribers(0, PROFILES_PER_MINILIST + 1); + + $this->elementStart('div', array('id' => 'entity_subscribers', + 'class' => 'section')); + + $this->element('h2', null, _('Subscribers')); + + if ($profile) { + $pml = new ProfileMiniList($profile, $this->user, $this); + $cnt = $pml->show(); + if ($cnt == 0) { + $this->element('p', null, _('(None)')); + } + } + + if ($cnt > PROFILES_PER_MINILIST) { + $this->elementStart('p'); + $this->element('a', array('href' => common_local_url('subscribers', + array('nickname' => $this->profile->nickname)), + 'class' => 'more'), + _('All subscribers')); + $this->elementEnd('p'); + } + + $this->elementEnd('div'); + } + + function showStatistics() + { + // XXX: WORM cache this + $subs = new Subscription(); + $subs->subscriber = $this->profile->id; + $subs_count = (int) $subs->count() - 1; + + $subbed = new Subscription(); + $subbed->subscribed = $this->profile->id; + $subbed_count = (int) $subbed->count() - 1; + + $notices = new Notice(); + $notices->profile_id = $this->profile->id; + $notice_count = (int) $notices->count(); + + $this->elementStart('div', array('id' => 'entity_statistics', + 'class' => 'section')); + + $this->element('h2', null, _('Statistics')); + + // Other stats...? + $this->elementStart('dl', 'entity_member-since'); + $this->element('dt', null, _('Member since')); + $this->element('dd', null, date('j M Y', + strtotime($this->profile->created))); + $this->elementEnd('dl'); + + $this->elementStart('dl', 'entity_subscriptions'); + $this->elementStart('dt'); + $this->element('a', array('href' => common_local_url('subscriptions', + array('nickname' => $this->profile->nickname))), + _('Subscriptions')); + $this->elementEnd('dt'); + $this->element('dd', null, (is_int($subs_count)) ? $subs_count : '0'); + $this->elementEnd('dl'); + + $this->elementStart('dl', 'entity_subscribers'); + $this->elementStart('dt'); + $this->element('a', array('href' => common_local_url('subscribers', + array('nickname' => $this->profile->nickname))), + _('Subscribers')); + $this->elementEnd('dt'); + $this->element('dd', 'subscribers', (is_int($subbed_count)) ? $subbed_count : '0'); + $this->elementEnd('dl'); + + $this->elementStart('dl', 'entity_notices'); + $this->element('dt', null, _('Notices')); + $this->element('dd', null, (is_int($notice_count)) ? $notice_count : '0'); + $this->elementEnd('dl'); + + $this->elementEnd('div'); + } + + function showGroups() + { + $groups = $this->user->getGroups(0, GROUPS_PER_MINILIST + 1); + + $this->elementStart('div', array('id' => 'entity_groups', + 'class' => 'section')); + + $this->element('h2', null, _('Groups')); + + if ($groups) { + $gml = new GroupMiniList($groups, $this->user, $this); + $cnt = $gml->show(); + if ($cnt == 0) { + $this->element('p', null, _('(None)')); + } + } + + if ($cnt > GROUPS_PER_MINILIST) { + $this->elementStart('p'); + $this->element('a', array('href' => common_local_url('usergroups', + array('nickname' => $this->profile->nickname)), + 'class' => 'more'), + _('All groups')); + $this->elementEnd('p'); + } + + $this->elementEnd('div'); + } + + function showAnonymousMessage() + { + $m = sprintf(_('**%s** has an account on %%%%site.name%%%%, a [micro-blogging](http://en.wikipedia.org/wiki/Micro-blogging) service ' . + 'based on the Free Software [Laconica](http://laconi.ca/) tool. ' . + '[Join now](%%%%action.register%%%%) to follow **%s**\'s notices and many more! ([Read more](%%%%doc.help%%%%))'), + $this->user->nickname, $this->user->nickname); + $this->elementStart('div', array('id' => 'anon_notice')); + $this->raw(common_markup_to_html($m)); + $this->elementEnd('div'); + } + } -# We don't show the author for a profile, since we already know who it is! +// We don't show the author for a profile, since we already know who it is! -class ProfileNoticeList extends NoticeList { - function new_list_item($notice) { - return new ProfileNoticeListItem($notice); +class ProfileNoticeList extends NoticeList +{ + function newListItem($notice) + { + return new ProfileNoticeListItem($notice, $this->out); } } -class ProfileNoticeListItem extends NoticeListItem { - function show_author() { +class ProfileNoticeListItem extends NoticeListItem +{ + function showAuthor() + { return; } } diff --git a/actions/smssettings.php b/actions/smssettings.php index 5db26730a..f89cbe1ab 100644 --- a/actions/smssettings.php +++ b/actions/smssettings.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Settings for SMS + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,317 +18,476 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/settingsaction.php'); -require_once(INSTALLDIR.'/actions/emailsettings.php'); - -class SmssettingsAction extends EmailsettingsAction { - - function get_instructions() { - return _('You can receive SMS messages through email from %%site.name%%.'); - } - - function show_form($msg=NULL, $success=false) { - $user = common_current_user(); - $this->form_header(_('SMS Settings'), $msg, $success); - common_element_start('form', array('method' => 'post', - 'id' => 'smssettings', - 'action' => - common_local_url('smssettings'))); - common_hidden('token', common_session_token()); - common_element('h2', NULL, _('Address')); - - if ($user->sms) { - common_element_start('p'); - $carrier = $user->getCarrier(); - common_element('span', 'address confirmed', $user->sms . ' (' . $carrier->name . ')'); - common_element('span', 'input_instructions', - _('Current confirmed SMS-enabled phone number.')); - common_hidden('sms', $user->sms); - common_hidden('carrier', $user->carrier); - common_element_end('p'); - common_submit('remove', _('Remove')); - } else { - $confirm = $this->get_confirmation(); - if ($confirm) { - $carrier = Sms_carrier::staticGet($confirm->address_extra); - common_element_start('p'); - common_element('span', 'address unconfirmed', $confirm->address . ' (' . $carrier->name . ')'); - common_element('span', 'input_instructions', - _('Awaiting confirmation on this phone number.')); - common_hidden('sms', $confirm->address); - common_hidden('carrier', $confirm->address_extra); - common_element_end('p'); - common_submit('cancel', _('Cancel')); - common_input('code', _('Confirmation code'), NULL, - _('Enter the code you received on your phone.')); - common_submit('confirm', _('Confirm')); - } else { - common_input('sms', _('SMS Phone number'), - ($this->arg('sms')) ? $this->arg('sms') : NULL, - _('Phone number, no punctuation or spaces, with area code')); - $this->carrier_select(); - common_submit('add', _('Add')); - } - } - - if ($user->sms) { - common_element('h2', NULL, _('Incoming email')); - - if ($user->incomingemail) { - common_element_start('p'); - common_element('span', 'address', $user->incomingemail); - common_element('span', 'input_instructions', - _('Send email to this address to post new notices.')); - common_element_end('p'); - common_submit('removeincoming', _('Remove')); - } - - common_element_start('p'); - common_element('span', 'input_instructions', - _('Make a new email address for posting to; cancels the old one.')); - common_element_end('p'); - common_submit('newincoming', _('New')); - } - - common_element('h2', NULL, _('Preferences')); - - common_checkbox('smsnotify', - _('Send me notices through SMS; I understand I may incur exorbitant charges from my carrier.'), - $user->smsnotify); - - common_submit('save', _('Save')); - - common_element_end('form'); - common_show_footer(); - } - - function get_confirmation() { - $user = common_current_user(); - $confirm = new Confirm_address(); - $confirm->user_id = $user->id; - $confirm->address_type = 'sms'; - if ($confirm->find(TRUE)) { - return $confirm; - } else { - return NULL; - } - } - - function handle_post() { - - # CSRF protection - - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_preferences(); - } else if ($this->arg('add')) { - $this->add_address(); - } else if ($this->arg('cancel')) { - $this->cancel_confirmation(); - } else if ($this->arg('remove')) { - $this->remove_address(); - } else if ($this->arg('removeincoming')) { - $this->remove_incoming(); - } else if ($this->arg('newincoming')) { - $this->new_incoming(); - } else if ($this->arg('confirm')) { - $this->confirm_code(); - } else { - $this->show_form(_('Unexpected form submission.')); - } - } - - function save_preferences() { - - $smsnotify = $this->boolean('smsnotify'); - - $user = common_current_user(); - - assert(!is_null($user)); # should already be checked - - $user->query('BEGIN'); - - $original = clone($user); - - $user->smsnotify = $smsnotify; - - $result = $user->update($original); - - if ($result === FALSE) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - - $user->query('COMMIT'); - - $this->show_form(_('Preferences saved.'), true); - } - - function add_address() { - - $user = common_current_user(); - - $sms = $this->trimmed('sms'); - $carrier_id = $this->trimmed('carrier'); - - # Some validation - - if (!$sms) { - $this->show_form(_('No phone number.')); - return; - } - - if (!$carrier_id) { - $this->show_form(_('No carrier selected.')); - return; - } - - $sms = common_canonical_sms($sms); - - if ($user->sms == $sms) { - $this->show_form(_('That is already your phone number.')); - return; - } else if ($this->sms_exists($sms)) { - $this->show_form(_('That phone number already belongs to another user.')); - return; - } - - $confirm = new Confirm_address(); - $confirm->address = $sms; - $confirm->address_extra = $carrier_id; - $confirm->address_type = 'sms'; - $confirm->user_id = $user->id; - $confirm->code = common_confirmation_code(40); - - $result = $confirm->insert(); - - if ($result === FALSE) { - common_log_db_error($confirm, 'INSERT', __FILE__); - common_server_error(_('Couldn\'t insert confirmation code.')); - return; - } - - $carrier = Sms_carrier::staticGet($carrier_id); - - mail_confirm_sms($confirm->code, - $user->nickname, - $carrier->toEmailAddress($sms)); - - $msg = _('A confirmation code was sent to the phone number you added. Check your inbox (and spam box!) for the code and instructions on how to use it.'); - - $this->show_form($msg, TRUE); - } - - function cancel_confirmation() { - - $sms = $this->trimmed('sms'); - $carrier = $this->trimmed('carrier'); - - $confirm = $this->get_confirmation(); - - if (!$confirm) { - $this->show_form(_('No pending confirmation to cancel.')); - return; - } - if ($confirm->address != $sms) { - $this->show_form(_('That is the wrong confirmation number.')); - return; - } +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/connectsettingsaction.php'; + +/** + * Settings for SMS + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * + * @see SettingsAction + */ + +class SmssettingsAction extends ConnectSettingsAction +{ + /** + * Title of the page + * + * @return string Title of the page + */ + + function title() + { + return _('SMS Settings'); + } + + /** + * Instructions for use + * + * @return instructions for use + */ + + function getInstructions() + { + return _('You can receive SMS messages through email from %%site.name%%.'); + } + + /** + * Content area of the page + * + * Shows a form for adding and removing SMS phone numbers and setting + * SMS preferences. + * + * @return void + */ + + function showContent() + { + $user = common_current_user(); + + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_sms', + 'class' => 'form_settings', + 'action' => + common_local_url('smssettings'))); + + $this->elementStart('fieldset', array('id' => 'settings_sms_address')); + $this->element('legend', null, _('Address')); + $this->hidden('token', common_session_token()); + + if ($user->sms) { + $carrier = $user->getCarrier(); + $this->element('p', 'form_confirmed', + $user->sms . ' (' . $carrier->name . ')'); + $this->element('p', 'form_guide', + _('Current confirmed SMS-enabled phone number.')); + $this->hidden('sms', $user->sms); + $this->hidden('carrier', $user->carrier); + $this->submit('remove', _('Remove')); + } else { + $confirm = $this->getConfirmation(); + if ($confirm) { + $carrier = Sms_carrier::staticGet($confirm->address_extra); + $this->element('p', 'form_unconfirmed', + $confirm->address . ' (' . $carrier->name . ')'); + $this->element('p', 'form_guide', + _('Awaiting confirmation on this phone number.')); + $this->hidden('sms', $confirm->address); + $this->hidden('carrier', $confirm->address_extra); + $this->submit('cancel', _('Cancel')); + + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->input('code', _('Confirmation code'), null, + _('Enter the code you received on your phone.')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('confirm', _('Confirm')); + } else { + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->input('sms', _('SMS Phone number'), + ($this->arg('sms')) ? $this->arg('sms') : null, + _('Phone number, no punctuation or spaces, '. + 'with area code')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->carrierSelect(); + $this->submit('add', _('Add')); + } + } + $this->elementEnd('fieldset'); + + if ($user->sms) { + $this->elementStart('fieldset', array('id' => 'settings_sms_incoming_email')); + $this->element('legend', null, _('Incoming email')); + + if ($user->incomingemail) { + $this->element('p', 'form_unconfirmed', $user->incomingemail); + $this->element('p', 'form_note', + _('Send email to this address to post new notices.')); + $this->submit('removeincoming', _('Remove')); + } + + $this->element('p', 'form_guide', + _('Make a new email address for posting to; '. + 'cancels the old one.')); + $this->submit('newincoming', _('New')); + $this->elementEnd('fieldset'); + } + + $this->elementStart('fieldset', array('id' => 'settings_sms_preferences')); + $this->element('legend', null, _('Preferences')); + + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->checkbox('smsnotify', + _('Send me notices through SMS; '. + 'I understand I may incur '. + 'exorbitant charges from my carrier.'), + $user->smsnotify); + $this->elementEnd('li'); + $this->elementEnd('ul'); + + $this->submit('save', _('Save')); + + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + /** + * Get a pending confirmation, if any, for this user + * + * @return void + * + * @todo very similar to EmailsettingsAction::getConfirmation(); refactor? + */ + + function getConfirmation() + { + $user = common_current_user(); + + $confirm = new Confirm_address(); + + $confirm->user_id = $user->id; + $confirm->address_type = 'sms'; + + if ($confirm->find(true)) { + return $confirm; + } else { + return null; + } + } + + /** + * Handle posts to this form + * + * Based on the button that was pressed, muxes out to other functions + * to do the actual task requested. + * + * All sub-functions reload the form with a message -- success or failure. + * + * @return void + */ + + function handlePost() + { + // CSRF protection + + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + if ($this->arg('save')) { + $this->savePreferences(); + } else if ($this->arg('add')) { + $this->addAddress(); + } else if ($this->arg('cancel')) { + $this->cancelConfirmation(); + } else if ($this->arg('remove')) { + $this->removeAddress(); + } else if ($this->arg('removeincoming')) { + $this->removeIncoming(); + } else if ($this->arg('newincoming')) { + $this->newIncoming(); + } else if ($this->arg('confirm')) { + $this->confirmCode(); + } else { + $this->showForm(_('Unexpected form submission.')); + } + } + + /** + * Handle a request to save preferences + * + * Sets the user's SMS preferences in the DB. + * + * @return void + */ + + function savePreferences() + { + $smsnotify = $this->boolean('smsnotify'); + + $user = common_current_user(); + + assert(!is_null($user)); // should already be checked + + $user->query('BEGIN'); + + $original = clone($user); + + $user->smsnotify = $smsnotify; + + $result = $user->update($original); + + if ($result === false) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t update user.')); + return; + } + + $user->query('COMMIT'); + + $this->showForm(_('Preferences saved.'), true); + } + + /** + * Add a new SMS number for confirmation + * + * When the user requests a new SMS number, sends a confirmation + * message. + * + * @return void + */ + + function addAddress() + { + $user = common_current_user(); + + $sms = $this->trimmed('sms'); + $carrier_id = $this->trimmed('carrier'); + + // Some validation + + if (!$sms) { + $this->showForm(_('No phone number.')); + return; + } + + if (!$carrier_id) { + $this->showForm(_('No carrier selected.')); + return; + } + + $sms = common_canonical_sms($sms); + + if ($user->sms == $sms) { + $this->showForm(_('That is already your phone number.')); + return; + } else if ($this->smsExists($sms)) { + $this->showForm(_('That phone number already belongs to another user.')); + return; + } + + $confirm = new Confirm_address(); + + $confirm->address = $sms; + $confirm->address_extra = $carrier_id; + $confirm->address_type = 'sms'; + $confirm->user_id = $user->id; + $confirm->code = common_confirmation_code(40); + + $result = $confirm->insert(); + + if ($result === false) { + common_log_db_error($confirm, 'INSERT', __FILE__); + $this->serverError(_('Couldn\'t insert confirmation code.')); + return; + } + + $carrier = Sms_carrier::staticGet($carrier_id); + + mail_confirm_sms($confirm->code, + $user->nickname, + $carrier->toEmailAddress($sms)); + + $msg = _('A confirmation code was sent to the phone number you added. '. + 'Check your phone for the code and instructions '. + 'on how to use it.'); + + $this->showForm($msg, true); + } + + /** + * Cancel a pending confirmation + * + * Cancels the confirmation. + * + * @return void + */ + + function cancelConfirmation() + { + $sms = $this->trimmed('sms'); + $carrier = $this->trimmed('carrier'); + + $confirm = $this->getConfirmation(); + + if (!$confirm) { + $this->showForm(_('No pending confirmation to cancel.')); + return; + } + if ($confirm->address != $sms) { + $this->showForm(_('That is the wrong confirmation number.')); + return; + } $result = $confirm->delete(); if (!$result) { - common_log_db_error($confirm, 'DELETE', __FILE__); - $this->server_error(_('Couldn\'t delete email confirmation.')); + common_log_db_error($confirm, 'DELETE', __FILE__); + $this->serverError(_('Couldn\'t delete email confirmation.')); + return; + } + + $this->showForm(_('Confirmation cancelled.'), true); + } + + /** + * Remove a phone number from the user's account + * + * @return void + */ + + function removeAddress() + { + $user = common_current_user(); + + $sms = $this->arg('sms'); + $carrier = $this->arg('carrier'); + + // Maybe an old tab open...? + + if ($user->sms != $sms) { + $this->showForm(_('That is not your phone number.')); + return; + } + + $user->query('BEGIN'); + + $original = clone($user); + + $user->sms = null; + $user->carrier = null; + $user->smsemail = null; + + $result = $user->updateKeys($original); + if (!$result) { + common_log_db_error($user, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t update user.')); + return; + } + $user->query('COMMIT'); + + $this->showForm(_('The address was removed.'), true); + } + + /** + * Does this sms number exist in our database? + * + * Also checks if it belongs to someone else + * + * @param string $sms phone number to check + * + * @return boolean does the number exist + */ + + function smsExists($sms) + { + $user = common_current_user(); + + $other = User::staticGet('sms', $sms); + + if (!$other) { + return false; + } else { + return $other->id != $user->id; + } + } + + /** + * Show a drop-down box with all the SMS carriers in the DB + * + * @return void + */ + + function carrierSelect() + { + $carrier = new Sms_carrier(); + + $cnt = $carrier->find(); + + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->element('label', array('for' => 'carrier'), _('Mobile carrier')); + $this->elementStart('select', array('name' => 'carrier', + 'id' => 'carrier')); + $this->element('option', array('value' => 0), + _('Select a carrier')); + while ($carrier->fetch()) { + $this->element('option', array('value' => $carrier->id), + $carrier->name); + } + $this->elementEnd('select'); + $this->element('p', 'form_guide', + sprintf(_('Mobile carrier for your phone. '. + 'If you know a carrier that accepts ' . + 'SMS over email but isn\'t listed here, ' . + 'send email to let us know at %s.'), + common_config('site', 'email'))); + $this->elementEnd('li'); + $this->elementEnd('ul'); + } + + /** + * Confirm an SMS confirmation code + * + * Redirects to the confirmaddress page for this code + * + * @return void + */ + + function confirmCode() + { + $code = $this->trimmed('code'); + + if (!$code) { + $this->showForm(_('No code entered')); return; } - $this->show_form(_('Confirmation cancelled.'), TRUE); - } - - function remove_address() { - - $user = common_current_user(); - $sms = $this->arg('sms'); - $carrier = $this->arg('carrier'); - - # Maybe an old tab open...? - - if ($user->sms != $sms) { - $this->show_form(_('That is not your phone number.')); - return; - } - - $user->query('BEGIN'); - $original = clone($user); - $user->sms = NULL; - $user->carrier = NULL; - $user->smsemail = NULL; - $result = $user->updateKeys($original); - if (!$result) { - common_log_db_error($user, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t update user.')); - return; - } - $user->query('COMMIT'); - - $this->show_form(_('The address was removed.'), TRUE); - } - - function sms_exists($sms) { - $user = common_current_user(); - $other = User::staticGet('sms', $sms); - if (!$other) { - return false; - } else { - return $other->id != $user->id; - } - } - - function carrier_select() { - $carrier = new Sms_carrier(); - $cnt = $carrier->find(); - - common_element_start('p'); - common_element('label', array('for' => 'carrier')); - common_element_start('select', array('name' => 'carrier', - 'id' => 'carrier')); - common_element('option', array('value' => 0), - _('Select a carrier')); - while ($carrier->fetch()) { - common_element('option', array('value' => $carrier->id), - $carrier->name); - } - common_element_end('select'); - common_element_end('p'); - common_element('span', 'input_instructions', - sprintf(_('Mobile carrier for your phone. '. - 'If you know a carrier that accepts ' . - 'SMS over email but isn\'t listed here, ' . - 'send email to let us know at %s.'), - common_config('site', 'email'))); - } - - function confirm_code() { - - $code = $this->trimmed('code'); - - if (!$code) { - $this->show_form(_('No code entered')); - return; - } - - common_redirect(common_local_url('confirmaddress', - array('code' => $code))); - } + common_redirect(common_local_url('confirmaddress', + array('code' => $code))); + } } diff --git a/actions/subedit.php b/actions/subedit.php index e7505e3fe..89081ffc7 100644 --- a/actions/subedit.php +++ b/actions/subedit.php @@ -19,44 +19,46 @@ if (!defined('LACONICA')) { exit(1); } -class SubeditAction extends Action { - - var $profile = NULL; - - function prepare($args) { +class SubeditAction extends Action +{ + var $profile = null; + function prepare($args) + { parent::prepare($args); if (!common_logged_in()) { - $this->client_error(_('Not logged in.')); + $this->clientError(_('Not logged in.')); return false; } - $token = $this->trimmed('token'); + $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } + if (!$token || $token != common_session_token()) { + $this->clientError(_('There was a problem with your session token. '. + 'Try again, please.')); + return false; + } $id = $this->trimmed('profile'); if (!$id) { - $this->client_error(_('No profile specified.')); + $this->clientError(_('No profile specified.')); return false; } $this->profile = Profile::staticGet('id', $id); if (!$this->profile) { - $this->client_error(_('No profile with that ID.')); + $this->clientError(_('No profile with that ID.')); return false; } return true; } - function handle($args) { + function handle($args) + { parent::handle($args); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $cur = common_current_user(); @@ -65,7 +67,7 @@ class SubeditAction extends Action { 'subscribed' => $this->profile->id)); if (!$sub) { - $this->client_error(_('You are not subscribed to that profile.')); + $this->clientError(_('You are not subscribed to that profile.')); return false; } @@ -78,7 +80,7 @@ class SubeditAction extends Action { if (!$result) { common_log_db_error($sub, 'UPDATE', __FILE__); - $this->server_error(_('Could not save subscription.')); + $this->serverError(_('Could not save subscription.')); return false; } diff --git a/actions/subscribe.php b/actions/subscribe.php index 64abda004..171332734 100644 --- a/actions/subscribe.php +++ b/actions/subscribe.php @@ -19,60 +19,63 @@ if (!defined('LACONICA')) { exit(1); } -class SubscribeAction extends Action { +class SubscribeAction extends Action +{ - function handle($args) { - parent::handle($args); + function handle($args) + { + parent::handle($args); - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - return; - } + if (!common_logged_in()) { + $this->clientError(_('Not logged in.')); + return; + } - $user = common_current_user(); + $user = common_current_user(); - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname))); - return; - } + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname))); + return; + } - # CSRF protection + # CSRF protection - $token = $this->trimmed('token'); + $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } + if (!$token || $token != common_session_token()) { + $this->clientError(_('There was a problem with your session token. Try again, please.')); + return; + } - $other_id = $this->arg('subscribeto'); + $other_id = $this->arg('subscribeto'); $other = User::staticGet('id', $other_id); if (!$other) { - $this->client_error(_('Not a local user.')); - return; + $this->clientError(_('Not a local user.')); + return; } - $result = subs_subscribe_to($user, $other); + $result = subs_subscribe_to($user, $other); - if($result != true) { - common_user_error($result); - return; - } + if($result != true) { + $this->clientError($result); + return; + } - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Subscribed')); - common_element_end('head'); - common_element_start('body'); - common_unsubscribe_form($other->getProfile()); - common_element_end('body'); - common_element_end('html'); - } else { - common_redirect(common_local_url('subscriptions', array('nickname' => - $user->nickname))); + if ($this->boolean('ajax')) { + $this->startHTML('text/xml;charset=utf-8', true); + $this->elementStart('head'); + $this->element('title', null, _('Subscribed')); + $this->elementEnd('head'); + $this->elementStart('body'); + $unsubscribe = new UnsubscribeForm($this, $other->getProfile()); + $unsubscribe->show(); + $this->elementEnd('body'); + $this->elementEnd('html'); + } else { + common_redirect(common_local_url('subscriptions', array('nickname' => + $user->nickname))); } - } + } } diff --git a/actions/subscribers.php b/actions/subscribers.php index ae52526e1..be9df2b12 100644 --- a/actions/subscribers.php +++ b/actions/subscribers.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * List a user's subscribers + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,47 +18,89 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Social + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/gallery.php'); +/** + * List a user's subscribers + * + * @category Social + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ -class SubscribersAction extends GalleryAction { +class SubscribersAction extends GalleryAction +{ + function title() + { + if ($this->page == 1) { + return sprintf(_('%s subscribers'), $this->user->nickname); + } else { + return sprintf(_('%s subscribers, page %d'), + $this->user->nickname, + $this->page); + } + } - function gallery_type() { - return _('Subscribers'); - } + function showPageNotice() + { + $user =& common_current_user(); + if ($user && ($user->id == $this->profile->id)) { + $this->element('p', null, + _('These are the people who listen to '. + 'your notices.')); + } else { + $this->element('p', null, + sprintf(_('These are the people who '. + 'listen to %s\'s notices.'), + $this->profile->nickname)); + } + } - function get_instructions(&$profile) { - $user =& common_current_user(); - if ($user && ($user->id == $profile->id)) { - return _('These are the people who listen to your notices.'); - } else { - return sprintf(_('These are the people who listen to %s\'s notices.'), $profile->nickname); - } - } + function showContent() + { + $offset = ($this->page-1) * PROFILES_PER_PAGE; + $limit = PROFILES_PER_PAGE + 1; - function fields() { - return array('subscriber', 'subscribed'); - } + if ($this->tag) { + $subscribers = $this->user->getTaggedSubscribers($this->tag, $offset, $limit); + } else { + $subscribers = $this->user->getSubscribers($offset, $limit); + } - function div_class() { - return 'subscribers'; - } + if ($subscribers) { + $subscribers_list = new SubscribersList($subscribers, $this->user, $this); + $subscribers_list->show(); + } - function get_other(&$subs) { - return $subs->subscriber; - } + $subscribers->free(); - function profile_list_class() { - return 'SubscribersList'; + $this->pagination($this->page > 1, $cnt > PROFILES_PER_PAGE, + $this->page, 'subscribers', + array('nickname' => $this->user->nickname)); } } -class SubscribersList extends ProfileList { - function show_owner_controls($profile) { - common_block_form($profile, array('action' => 'subscribers', - 'nickname' => $this->owner->nickname)); +class SubscribersList extends ProfileList +{ + function showOwnerControls($profile) + { + $bf = new BlockForm($this->out, $profile, + array('action' => 'subscribers', + 'nickname' => $this->owner->nickname)); + $bf->show(); } } diff --git a/actions/subscriptions.php b/actions/subscriptions.php index f518a1f92..d7ba0d624 100644 --- a/actions/subscriptions.php +++ b/actions/subscriptions.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * List of a user's subscriptions + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,64 +18,111 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Social + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +/** + * A list of the user's subscriptions + * + * @category Social + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ if (!defined('LACONICA')) { exit(1); } -require_once(INSTALLDIR.'/lib/gallery.php'); +class SubscriptionsAction extends GalleryAction +{ + function title() + { + if ($this->page == 1) { + return sprintf(_('%s subscriptions'), $this->user->nickname); + } else { + return sprintf(_('%s subscriptions, page %d'), + $this->user->nickname, + $this->page); + } + } + + function showPageNotice() + { + $user =& common_current_user(); + if ($user && ($user->id == $this->profile->id)) { + $this->element('p', null, + _('These are the people whose notices '. + 'you listen to.')); + } else { + $this->element('p', null, + sprintf(_('These are the people whose '. + 'notices %s listens to.'), + $this->profile->nickname)); + } + } -class SubscriptionsAction extends GalleryAction { + function getAllTags() + { + return $this->getTags('subscribed', 'subscriber'); + } - function gallery_type() { - return _('Subscriptions'); - } + function showContent() + { + parent::showContent(); - function get_instructions(&$profile) { - $user =& common_current_user(); - if ($user && ($user->id == $profile->id)) { - return _('These are the people whose notices you listen to.'); - } else { - return sprintf(_('These are the people whose notices %s listens to.'), $profile->nickname); - } - } + $offset = ($this->page-1) * PROFILES_PER_PAGE; + $limit = PROFILES_PER_PAGE + 1; - function fields() { - return array('subscribed', 'subscriber'); - } + if ($this->tag) { + $subscriptions = $this->user->getTaggedSubscriptions($this->tag, $offset, $limit); + } else { + $subscriptions = $this->user->getSubscriptions($offset, $limit); + } - function div_class() { - return 'subscriptions'; - } + if ($subscriptions) { + $subscriptions_list = new SubscriptionsList($subscriptions, $this->user, $this); + $subscriptions_list->show(); + } - function get_other(&$subs) { - return $subs->subscribed; - } + $subscriptions->free(); - function profile_list_class() { - return 'SubscriptionsList'; + $this->pagination($this->page > 1, $cnt > PROFILES_PER_PAGE, + $this->page, 'subscriptions', + array('nickname' => $this->user->nickname)); } } -class SubscriptionsList extends ProfileList { - - function show_owner_controls($profile) { - - $sub = Subscription::pkeyGet(array('subscriber' => $this->owner->id, - 'subscribed' => $profile->id)); +class SubscriptionsList extends ProfileList +{ + function showOwnerControls($profile) + { + $sub = Subscription::pkeyGet(array('subscriber' => $this->owner->id, + 'subscribed' => $profile->id)); if (!$sub) { return; } - common_element_start('form', array('id' => 'subedit-' . $profile->id, - 'method' => 'post', - 'class' => 'subedit', - 'action' => common_local_url('subedit'))); - common_hidden('token', common_session_token()); - common_hidden('profile', $profile->id); - common_checkbox('jabber', _('Jabber'), $sub->jabber); - common_checkbox('sms', _('SMS'), $sub->sms); - common_submit('save', _('Save')); - common_element_end('form'); + $this->out->elementStart('form', array('id' => 'subedit-' . $profile->id, + 'method' => 'post', + 'class' => 'form_subcription_edit', + 'action' => common_local_url('subedit'))); + $this->out->hidden('token', common_session_token()); + $this->out->hidden('profile', $profile->id); + $this->out->checkbox('jabber', _('Jabber'), $sub->jabber); + $this->out->checkbox('sms', _('SMS'), $sub->sms); + $this->out->submit('save', _('Save')); + $this->out->elementEnd('form'); return; } } diff --git a/actions/sup.php b/actions/sup.php index 887017b2a..f4b1cda23 100644 --- a/actions/sup.php +++ b/actions/sup.php @@ -19,63 +19,66 @@ if (!defined('LACONICA')) { exit(1); } -class SupAction extends Action { - - function handle($args) { - - parent::handle($args); - - $seconds = $this->trimmed('seconds'); - - if (!$seconds) { - $seconds = 15; - } - - $updates = $this->get_updates($seconds); - - header('Content-Type: application/json; charset=utf-8'); - - print json_encode(array('updated_time' => date('c'), - 'since_time' => date('c', time() - $seconds), - 'available_periods' => $this->available_periods(), - 'period' => $seconds, - 'updates' => $updates)); - } - - function available_periods() { - static $periods = array(86400, 43200, 21600, 7200, - 3600, 1800, 600, 300, 120, - 60, 30, 15); - $available = array(); - foreach ($periods as $period) { - $available[$period] = common_local_url('sup', - array('seconds' => $period)); - } - - return $available; - } - - function get_updates($seconds) { - $notice = new Notice(); - - # XXX: cache this. Depends on how big this protocol becomes; - # Re-doing this query every 15 seconds isn't the end of the world. - - $notice->query('SELECT profile_id, max(id) AS max_id ' . - 'FROM notice ' . - 'WHERE created > (now() - ' . $seconds . ') ' . - 'GROUP BY profile_id'); - - $updates = array(); - - while ($notice->fetch()) { - $updates[] = array($notice->profile_id, $notice->max_id); - } - - return $updates; - } - - function is_readonly() { - return true; - } +class SupAction extends Action +{ + function handle($args) + { + parent::handle($args); + + $seconds = $this->trimmed('seconds'); + + if (!$seconds) { + $seconds = 15; + } + + $updates = $this->getUpdates($seconds); + + header('Content-Type: application/json; charset=utf-8'); + + print json_encode(array('updated_time' => date('c'), + 'since_time' => date('c', time() - $seconds), + 'available_periods' => $this->availablePeriods(), + 'period' => $seconds, + 'updates' => $updates)); + } + + function availablePeriods() + { + static $periods = array(86400, 43200, 21600, 7200, + 3600, 1800, 600, 300, 120, + 60, 30, 15); + $available = array(); + foreach ($periods as $period) { + $available[$period] = common_local_url('sup', + array('seconds' => $period)); + } + + return $available; + } + + function getUpdates($seconds) + { + $notice = new Notice(); + + # XXX: cache this. Depends on how big this protocol becomes; + # Re-doing this query every 15 seconds isn't the end of the world. + + $notice->query('SELECT profile_id, max(id) AS max_id ' . + 'FROM notice ' . + 'WHERE created > (now() - ' . $seconds . ') ' . + 'GROUP BY profile_id'); + + $updates = array(); + + while ($notice->fetch()) { + $updates[] = array($notice->profile_id, $notice->max_id); + } + + return $updates; + } + + function isReadOnly() + { + return true; + } } diff --git a/actions/tag.php b/actions/tag.php index ffb393ae8..039cd9660 100644 --- a/actions/tag.php +++ b/actions/tag.php @@ -19,147 +19,71 @@ if (!defined('LACONICA')) { exit(1); } -require_once(INSTALLDIR.'/actions/showstream.php'); -define('TAGS_PER_PAGE', 100); - -class TagAction extends StreamAction { - - function handle($args) { - - parent::handle($args); - - # Looks like we're good; show the header - - if (isset($args['tag']) && $args['tag']) { - $tag = $args['tag']; - common_show_header(sprintf(_("Notices tagged with %s"), $tag), - array($this, 'show_header'), $tag, - array($this, 'show_top')); - $this->show_notices($tag); - } else { - common_show_header(_("Tags"), - array($this, 'show_header'), '', - array($this, 'show_top')); - $this->show_tags(); - } - - common_show_footer(); - } - - function show_header($tag = false) { - if ($tag) { - common_element('link', array('rel' => 'alternate', - 'href' => common_local_url('tagrss', array('tag' => $tag)), - 'type' => 'application/rss+xml', - 'title' => sprintf(_('Feed for tag %s'), $tag))); - } - } - - function get_instructions() { - return _('Showing most popular tags from the last week'); - } - - function show_top($tag = false) { - if (!$tag) { - $instr = $this->get_instructions(); - $output = common_markup_to_html($instr); - common_element_start('div', 'instructions'); - common_raw($output); - common_element_end('div'); - $this->public_views_menu(); - } - else { - $this->show_feeds_list(array(0=>array('href'=>common_local_url('tagrss', array('tag' => $tag)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'tagrss'))); - } - } - - function show_tags() - { - # This should probably be cached rather than recalculated - $tags = DB_DataObject::factory('Notice_tag'); - - #Need to clear the selection and then only re-add the field - #we are grouping by, otherwise it's not a valid 'group by' - #even though MySQL seems to let it slide... - $tags->selectAdd(); - $tags->selectAdd('tag'); - - #Add the aggregated columns... - $tags->selectAdd('max(notice_id) as last_notice_id'); - if(common_config('db','type')=='pgsql') { - $calc='sum(exp(-extract(epoch from (now()-created))/%s)) as weight'; - } else { - $calc='sum(exp(-(now() - created)/%s)) as weight'; - } - $tags->selectAdd(sprintf($calc, common_config('tag', 'dropoff'))); - $tags->groupBy('tag'); - $tags->orderBy('weight DESC'); - - # $tags->whereAdd('created > "' . strftime('%Y-%m-%d %H:%M:%S', strtotime('-1 MONTH')) . '"'); - - $tags->limit(TAGS_PER_PAGE); - - $cnt = $tags->find(); - - if ($cnt > 0) { - common_element_start('p', 'tagcloud'); - - $tw = array(); - $sum = 0; - while ($tags->fetch()) { - $tw[$tags->tag] = $tags->weight; - $sum += $tags->weight; - } - - ksort($tw); - - foreach ($tw as $tag => $weight) { - $this->show_tag($tag, $weight, $weight/$sum); - } - - common_element_end('p'); - } - } - - function show_tag($tag, $weight, $relative) { - - # XXX: these should probably tune to the size of the site - if ($relative > 0.1) { - $cls = 'largest'; - } else if ($relative > 0.05) { - $cls = 'verylarge'; - } else if ($relative > 0.02) { - $cls = 'large'; - } else if ($relative > 0.01) { - $cls = 'medium'; - } else if ($relative > 0.005) { - $cls = 'small'; - } else if ($relative > 0.002) { - $cls = 'verysmall'; - } else { - $cls = 'smallest'; - } - - common_element('a', array('class' => "$cls weight-$weight relative-$relative", - 'href' => common_local_url('tag', array('tag' => $tag))), - $tag); - common_text(' '); - } - - function show_notices($tag) { - - $cnt = 0; - - $page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; - - $notice = Notice_tag::getStream($tag, (($page-1)*NOTICES_PER_PAGE), NOTICES_PER_PAGE + 1); - - $cnt = $this->show_notice_list($notice); - - common_pagination($page > 1, $cnt > NOTICES_PER_PAGE, - $page, 'tag', array('tag' => $tag)); - } +class TagAction extends Action +{ + function prepare($args) + { + parent::prepare($args); + $this->tag = $this->trimmed('tag'); + + if (!$this->tag) { + common_redirect(common_local_url('publictagcloud'), 301); + return false; + } + + $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; + return true; + } + + function title() + { + if ($this->page == 1) { + return sprintf(_("Notices tagged with %s"), $this->tag); + } else { + return sprintf(_("Notices tagged with %s, page %d"), + $this->tag, + $this->page); + } + } + + function handle($args) + { + parent::handle($args); + + $this->showPage(); + } + + function showFeeds() + { + $this->element('link', array('rel' => 'alternate', + 'href' => common_local_url('tagrss', array('tag' => $this->tag)), + 'type' => 'application/rss+xml', + 'title' => sprintf(_('Feed for tag %s'), $this->tag))); + } + + function showPageNotice() + { + return sprintf(_('Messages tagged "%s", most recent first'), $this->tag); + } + + function showExportData() + { + $fl = new FeedList($this); + $fl->show(array(0=>array('href'=>common_local_url('tagrss', array('tag' => $this->tag)), + 'type' => 'rss', + 'version' => 'RSS 1.0', + 'item' => 'tagrss'))); + } + + function showContent() + { + $notice = Notice_tag::getStream($this->tag, (($this->page-1)*NOTICES_PER_PAGE), NOTICES_PER_PAGE + 1); + + $nl = new NoticeList($notice, $this); + + $cnt = $nl->show(); + + $this->pagination($this->page > 1, $cnt > NOTICES_PER_PAGE, + $this->page, 'tag', array('tag' => $this->tag)); + } } diff --git a/actions/tagother.php b/actions/tagother.php index a4449dd69..9a63fc438 100644 --- a/actions/tagother.php +++ b/actions/tagother.php @@ -21,173 +21,218 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/settingsaction.php'); -class TagotherAction extends Action { - - function handle($args) { - - parent::handle($args); - - if (!common_logged_in()) { - $this->client_error(_('Not logged in'), 403); - return; - } - - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->save_tags(); - } else { - $id = $this->trimmed('id'); - if (!$id) { - $this->client_error(_('No id argument.')); - return; - } - $profile = Profile::staticGet('id', $id); - if (!$profile) { - $this->client_error(_('No profile with that ID.')); - return; - } - $this->show_form($profile); - } - } - - function show_form($profile, $error=NULL) { - - $user = common_current_user(); - - common_show_header(_('Tag a person'), - NULL, array($profile, $error), array($this, 'show_top')); - - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - - common_element('img', array('src' => ($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_PROFILE_SIZE), - 'class' => 'avatar stream', - 'width' => AVATAR_PROFILE_SIZE, - 'height' => AVATAR_PROFILE_SIZE, - 'alt' => - ($profile->fullname) ? $profile->fullname : - $profile->nickname)); - - common_element('a', array('href' => $profile->profileurl, - 'class' => 'external profile nickname'), - $profile->nickname); - - if ($profile->fullname) { - common_element_start('div', 'fullname'); - if ($profile->homepage) { - common_element('a', array('href' => $profile->homepage), - $profile->fullname); - } else { - common_text($profile->fullname); - } - common_element_end('div'); - } - if ($profile->location) { - common_element('div', 'location', $profile->location); - } - if ($profile->bio) { - common_element('div', 'bio', $profile->bio); - } - - common_element_start('form', array('method' => 'post', - 'id' => 'tag_user', - 'name' => 'tagother', - 'action' => $this->self_url())); - common_hidden('token', common_session_token()); - common_hidden('id', $profile->id); - common_input('tags', _('Tags'), - ($this->arg('tags')) ? $this->arg('tags') : implode(' ', Profile_tag::getTags($user->id, $profile->id)), - _('Tags for this user (letters, numbers, -, ., and _), comma- or space- separated')); - - common_submit('save', _('Save')); - common_element_end('form'); - common_show_footer(); - - } - - function save_tags() { - - $id = $this->trimmed('id'); - $tagstring = $this->trimmed('tags'); - $token = $this->trimmed('token'); - - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - $profile = Profile::staticGet('id', $id); - - if (!$profile) { - $this->client_error(_('No such profile.')); - return; - } - - if (is_string($tagstring) && strlen($tagstring) > 0) { - - $tags = array_map('common_canonical_tag', - preg_split('/[\s,]+/', $tagstring)); - - foreach ($tags as $tag) { - if (!common_valid_profile_tag($tag)) { - $this->show_form($profile, sprintf(_('Invalid tag: "%s"'), $tag)); - return; - } - } - } else { - $tags = array(); - } - - $user = common_current_user(); - - if (!Subscription::pkeyGet(array('subscriber' => $user->id, - 'subscribed' => $profile->id)) && - !Subscription::pkeyGet(array('subscriber' => $profile->id, - 'subscribed' => $user->id))) - { - $this->client_error(_('You can only tag people you are subscribed to or who are subscribed to you.')); - return; - } - - $result = Profile_tag::setTags($user->id, $profile->id, $tags); - - if (!$result) { - $this->client_error(_('Could not save tags.')); - return; - } - - $action = $user->isSubscribed($profile) ? 'subscriptions' : 'subscribers'; - - if ($this->boolean('ajax')) { - common_start_html('text/xml'); - common_element_start('head'); - common_element('title', null, _('Tags')); - common_element_end('head'); - common_element_start('body'); - common_element_start('p', 'subtags'); - foreach ($tags as $tag) { - common_element('a', array('href' => common_local_url($action, - array('nickname' => $user->nickname, - 'tag' => $tag))), - $tag); - } - common_element_end('p'); - common_element_end('body'); - common_element_end('html'); - } else { - common_redirect(common_local_url($action, array('nickname' => - $user->nickname))); +class TagotherAction extends Action +{ + var $profile = null; + var $error = null; + + function prepare($args) + { + parent::prepare($args); + if (!common_logged_in()) { + $this->clientError(_('Not logged in'), 403); + return false; } - } - - function show_top($arr = NULL) { - list($profile, $error) = $arr; - if ($error) { - common_element('p', 'error', $error); - } else { - common_element_start('div', 'instructions'); - common_element('p', NULL, - _('Use this form to add tags to your subscribers or subscriptions.')); - common_element_end('div'); - } - } + + $id = $this->trimmed('id'); + if (!$id) { + $this->clientError(_('No id argument.')); + return false; + } + + $this->profile = Profile::staticGet('id', $id); + + if (!$this->profile) { + $this->clientError(_('No profile with that ID.')); + return false; + } + + return true; + } + + function handle($args) + { + parent::handle($args); + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $this->saveTags(); + } else { + $this->showForm($profile); + } + } + + function title() + { + return sprintf(_('Tag %s'), $this->profile->nickname); + } + + function showForm($error=null) + { + $this->error = $error; + $this->showPage(); + } + + function showContent() + { + $this->elementStart('div', 'entity_profile vcard author'); + $this->element('h2', null, _('User profile')); + + $avatar = $this->profile->getAvatar(AVATAR_PROFILE_SIZE); + $this->elementStart('dl', 'entity_depiction'); + $this->element('dt', null, _('Photo')); + $this->elementStart('dd'); + $this->element('img', array('src' => ($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_PROFILE_SIZE), + 'class' => 'photo avatar', + 'width' => AVATAR_PROFILE_SIZE, + 'height' => AVATAR_PROFILE_SIZE, + 'alt' => + ($this->profile->fullname) ? $this->profile->fullname : + $this->profile->nickname)); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + + + $this->elementStart('dl', 'entity_nickname'); + $this->element('dt', null, _('Nickname')); + $this->elementStart('dd'); + $this->element('a', array('href' => $this->profile->profileurl, + 'class' => 'nickname'), + $this->profile->nickname); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + + if ($this->profile->fullname) { + $this->elementStart('dl', 'entity_fn'); + $this->element('dt', null, _('Full name')); + $this->elementStart('dd'); + $this->element('span', 'fn', $this->profile->fullname); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + } + if ($this->profile->location) { + $this->elementStart('dl', 'entity_location'); + $this->element('dt', null, _('Location')); + $this->element('dd', 'location', $this->profile->location); + $this->elementEnd('dl'); + } + if ($this->profile->homepage) { + $this->elementStart('dl', 'entity_url'); + $this->element('dt', null, _('URL')); + $this->elementStart('dd'); + $this->element('a', array('href' => $this->profile->homepage, + 'rel' => 'me', 'class' => 'url'), + $this->profile->homepage); + $this->elementEnd('dd'); + $this->elementEnd('dl'); + } + if ($this->profile->bio) { + $this->elementStart('dl', 'entity_note'); + $this->element('dt', null, _('Note')); + $this->element('dd', 'note', $this->profile->bio); + $this->elementEnd('dl'); + } + $this->elementEnd('div'); + + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_tag_user', + 'class' => 'form_settings', + 'name' => 'tagother', + 'action' => $this->selfUrl())); + $this->elementStart('fieldset'); + $this->element('legend', null, _('Tag user')); + $this->hidden('token', common_session_token()); + $this->hidden('id', $this->profile->id); + + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->input('tags', _('Tags'), + ($this->arg('tags')) ? $this->arg('tags') : implode(' ', Profile_tag::getTags($user->id, $this->profile->id)), + _('Tags for this user (letters, numbers, -, ., and _), comma- or space- separated')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + $this->submit('save', _('Save')); + $this->elementEnd('fieldset'); + $this->elementEnd('form'); + } + + function saveTags() + { + $id = $this->trimmed('id'); + $tagstring = $this->trimmed('tags'); + $token = $this->trimmed('token'); + + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token.'. + ' Try again, please.')); + return; + } + + if (is_string($tagstring) && strlen($tagstring) > 0) { + + $tags = array_map('common_canonical_tag', + preg_split('/[\s,]+/', $tagstring)); + + foreach ($tags as $tag) { + if (!common_valid_profile_tag($tag)) { + $this->showForm(sprintf(_('Invalid tag: "%s"'), $tag)); + return; + } + } + } else { + $tags = array(); + } + + $user = common_current_user(); + + if (!Subscription::pkeyGet(array('subscriber' => $user->id, + 'subscribed' => $this->profile->id)) && + !Subscription::pkeyGet(array('subscriber' => $this->profile->id, + 'subscribed' => $user->id))) + { + $this->clientError(_('You can only tag people you are subscribed to or who are subscribed to you.')); + return; + } + + $result = Profile_tag::setTags($user->id, $this->profile->id, $tags); + + if (!$result) { + $this->clientError(_('Could not save tags.')); + return; + } + + $action = $user->isSubscribed($this->profile) ? 'subscriptions' : 'subscribers'; + + if ($this->boolean('ajax')) { + $this->startHTML('text/xml'); + $this->elementStart('head'); + $this->element('title', null, _('Tags')); + $this->elementEnd('head'); + $this->elementStart('body'); + $this->elementStart('p', 'subtags'); + foreach ($tags as $tag) { + $this->element('a', array('href' => common_local_url($action, + array('nickname' => $user->nickname, + 'tag' => $tag))), + $tag); + } + $this->elementEnd('p'); + $this->elementEnd('body'); + $this->elementEnd('html'); + } else { + common_redirect(common_local_url($action, array('nickname' => + $user->nickname))); + } + } + + function showPageNotice() + { + if ($this->error) { + $this->element('p', 'error', $this->error); + } else { + $this->elementStart('div', 'instructions'); + $this->element('p', null, + _('Use this form to add tags to your subscribers or subscriptions.')); + $this->elementEnd('div'); + } + } } diff --git a/actions/tagrss.php b/actions/tagrss.php index 737ac113d..b0227ab39 100644 --- a/actions/tagrss.php +++ b/actions/tagrss.php @@ -23,39 +23,47 @@ require_once(INSTALLDIR.'/lib/rssaction.php'); // Formatting of RSS handled by Rss10Action -class TagrssAction extends Rss10Action { +class TagrssAction extends Rss10Action +{ - function init() { - $tag = $this->trimmed('tag'); + function init() + { + $tag = $this->trimmed('tag'); + $this->tag = Notice_tag::staticGet('tag', $tag); - if (!isset($tag) || mb_strlen($tag) == 0) { - common_user_error(_('No tag.')); - return false; + if (!$this->tag) { + $this->clientError(_('No such tag.')); + return false; + } else { + return true; } + } - $this->tag = $tag; - return true; - } + function get_notices($limit=0) + { + $tag = $this->tag; - function get_notices($limit=0) { - $tag = $this->tag; + if (is_null($tag)) { + return null; + } - $notice = Notice_tag::getStream($tag, 0, ($limit == 0) ? NOTICES_PER_PAGE : $limit); + $notice = Notice_tag::getStream($tag->tag, 0, ($limit == 0) ? NOTICES_PER_PAGE : $limit); - while ($notice->fetch()) { - $notices[] = clone($notice); - } + while ($notice->fetch()) { + $notices[] = clone($notice); + } - return $notices; - } + return $notices; + } - function get_channel() { - $tag = $this->tag; + function get_channel() + { + $tag = $this->tag->tag; - $c = array('url' => common_local_url('tagrss', array('tag' => $tag)), - 'title' => $tag, - 'link' => common_local_url('tagrss', array('tag' => $tag)), - 'description' => sprintf(_('Microblog tagged with %s'), $tag)); - return $c; - } + $c = array('url' => common_local_url('tagrss', array('tag' => $tagname)), + 'title' => $tagname, + 'link' => common_local_url('tagrss', array('tag' => $tagname)), + 'description' => sprintf(_('Microblog tagged with %s'), $tagname)); + return $c; + } } diff --git a/actions/twitapiaccount.php b/actions/twitapiaccount.php index c1960561e..dc8e2e798 100644 --- a/actions/twitapiaccount.php +++ b/actions/twitapiaccount.php @@ -21,9 +21,11 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/twitterapi.php'); -class TwitapiaccountAction extends TwitterapiAction { +class TwitapiaccountAction extends TwitterapiAction +{ - function verify_credentials($args, $apidata) { + function verify_credentials($args, $apidata) + { if ($apidata['content-type'] == 'xml') { header('Content-Type: application/xml; charset=utf-8'); @@ -37,63 +39,67 @@ class TwitapiaccountAction extends TwitterapiAction { } - function end_session($args, $apidata) { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } + function end_session($args, $apidata) + { + parent::handle($args); + $this->serverError(_('API method under construction.'), $code=501); + } - function update_location($args, $apidata) { - parent::handle($args); + function update_location($args, $apidata) + { + parent::handle($args); - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); - return; - } + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError(_('This method requires a POST.'), 400, $apidata['content-type']); + return; + } - $location = trim($this->arg('location')); + $location = trim($this->arg('location')); - if (!is_null($location) && strlen($location) > 255) { + if (!is_null($location) && strlen($location) > 255) { - // XXX: But Twitter just truncates and runs with it. -- Zach - $this->client_error(_('That\'s too long. Max notice size is 255 chars.'), 406, $apidate['content-type']); - return; - } + // XXX: But Twitter just truncates and runs with it. -- Zach + $this->clientError(_('That\'s too long. Max notice size is 255 chars.'), 406, $apidate['content-type']); + return; + } - $user = $apidata['user']; - $profile = $user->getProfile(); + $user = $apidata['user']; + $profile = $user->getProfile(); - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } + if (!$profile) { + $this->serverError(_('User has no profile.')); + return; + } - $orig_profile = clone($profile); - $profile->location = $location; + $orig_profile = clone($profile); + $profile->location = $location; - $result = $profile->update($orig_profile); + $result = $profile->update($orig_profile); - if (!$result) { - common_log_db_error($profile, 'UPDATE', __FILE__); - common_server_error(_('Couldn\'t save profile.')); - return; - } + if (!$result) { + common_log_db_error($profile, 'UPDATE', __FILE__); + $this->serverError(_('Couldn\'t save profile.')); + return; + } - common_broadcast_profile($profile); - $type = $apidata['content-type']; + common_broadcast_profile($profile); + $type = $apidata['content-type']; - $this->init_document($type); - $this->show_profile($profile, $type); - $this->end_document($type); - } + $this->init_document($type); + $this->show_profile($profile, $type); + $this->end_document($type); + } - function update_delivery_device($args, $apidata) { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } + function update_delivery_device($args, $apidata) + { + parent::handle($args); + $this->serverError(_('API method under construction.'), $code=501); + } - function rate_limit_status($args, $apidata) { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } -}
\ No newline at end of file + function rate_limit_status($args, $apidata) + { + parent::handle($args); + $this->serverError(_('API method under construction.'), $code=501); + } +} diff --git a/actions/twitapiblocks.php b/actions/twitapiblocks.php index 4852ff938..8135adef3 100644 --- a/actions/twitapiblocks.php +++ b/actions/twitapiblocks.php @@ -21,17 +21,19 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/twitterapi.php'); -class TwitapiblocksAction extends TwitterapiAction { +class TwitapiblocksAction extends TwitterapiAction +{ - function create($args, $apidata) { + function create($args, $apidata) + { - parent::handle($args); + parent::handle($args); - $blockee = $this->get_user($apidata['api_arg'], $apidata); + $blockee = $this->get_user($apidata['api_arg'], $apidata); if (!$blockee) { - $this->client_error('Not Found', 404, $apidata['content-type']); - return; + $this->clientError('Not Found', 404, $apidata['content-type']); + return; } $user = $apidata['user']; @@ -42,17 +44,18 @@ class TwitapiblocksAction extends TwitterapiAction { $this->show_profile($blockee, $type); $this->end_document($type); } else { - common_server_error(_('Block user failed.')); + $this->serverError(_('Block user failed.')); } - } + } - function destroy($args, $apidata) { - parent::handle($args); - $blockee = $this->get_user($apidata['api_arg'], $apidata); + function destroy($args, $apidata) + { + parent::handle($args); + $blockee = $this->get_user($apidata['api_arg'], $apidata); if (!$blockee) { - $this->client_error('Not Found', 404, $apidata['content-type']); - return; + $this->clientError('Not Found', 404, $apidata['content-type']); + return; } $user = $apidata['user']; @@ -63,7 +66,7 @@ class TwitapiblocksAction extends TwitterapiAction { $this->show_profile($blockee, $type); $this->end_document($type); } else { - common_server_error(_('Unblock user failed.')); + $this->serverError(_('Unblock user failed.')); } - } + } }
\ No newline at end of file diff --git a/actions/twitapidirect_messages.php b/actions/twitapidirect_messages.php index 535795ca4..db55e8cd0 100644 --- a/actions/twitapidirect_messages.php +++ b/actions/twitapidirect_messages.php @@ -21,267 +21,278 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/twitterapi.php'); -class Twitapidirect_messagesAction extends TwitterapiAction { - - function direct_messages($args, $apidata) { - parent::handle($args); - return $this->show_messages($args, $apidata, 'received'); - } - - function sent($args, $apidata) { - parent::handle($args); - return $this->show_messages($args, $apidata, 'sent'); - } - - function show_messages($args, $apidata, $type) { - - $user = $apidata['user']; - - $count = $this->arg('count'); - $since = $this->arg('since'); - $since_id = $this->arg('since_id'); - $before_id = $this->arg('before_id'); - - $page = $this->arg('page'); - - if (!$page) { - $page = 1; - } - - if (!$count) { - $count = 20; - } - - $message = new Message(); - - $title = null; - $subtitle = null; - $link = null; - $server = common_root_url(); - - if ($type == 'received') { - $message->to_profile = $user->id; - $title = sprintf(_("Direct messages to %s"), $user->nickname); - $subtitle = sprintf(_("All the direct messages sent to %s"), $user->nickname); - $link = $server . $user->nickname . '/inbox'; - } else { - $message->from_profile = $user->id; - $title = _('Direct Messages You\'ve Sent'); - $subtitle = sprintf(_("All the direct messages sent from %s"), $user->nickname); - $link = $server . $user->nickname . '/outbox'; - } - - if ($before_id) { - $message->whereAdd("id < $before_id"); - } - - if ($since_id) { - $message->whereAdd("id > $since_id"); - } - - $since = strtotime($this->arg('since')); - - if ($since) { - $d = date('Y-m-d H:i:s', $since); - $message->whereAdd("created > '$d'"); - } - - $message->orderBy('created DESC, id DESC'); - $message->limit((($page-1)*20), $count); - $message->find(); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_dmsgs($message); - break; - case 'rss': - $this->show_rss_dmsgs($message, $title, $link, $subtitle); - break; - case 'atom': - $this->show_atom_dmsgs($message, $title, $link, $subtitle); - break; - case 'json': - $this->show_json_dmsgs($message); - break; - default: - common_user_error(_('API method not found!'), $code = 404); - } - - } - - // had to change this from "new" to "create" to avoid PHP reserved word - function create($args, $apidata) { - parent::handle($args); - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); - return; - } - - $user = $apidata['user']; - $source = $this->trimmed('source'); // Not supported by Twitter. +class Twitapidirect_messagesAction extends TwitterapiAction +{ + + function direct_messages($args, $apidata) + { + parent::handle($args); + return $this->show_messages($args, $apidata, 'received'); + } + + function sent($args, $apidata) + { + parent::handle($args); + return $this->show_messages($args, $apidata, 'sent'); + } + + function show_messages($args, $apidata, $type) + { + + $user = $apidata['user']; + + $count = $this->arg('count'); + $since = $this->arg('since'); + $since_id = $this->arg('since_id'); + $before_id = $this->arg('before_id'); + + $page = $this->arg('page'); + + if (!$page) { + $page = 1; + } + + if (!$count) { + $count = 20; + } + + $message = new Message(); + + $title = null; + $subtitle = null; + $link = null; + $server = common_root_url(); + + if ($type == 'received') { + $message->to_profile = $user->id; + $title = sprintf(_("Direct messages to %s"), $user->nickname); + $subtitle = sprintf(_("All the direct messages sent to %s"), $user->nickname); + $link = $server . $user->nickname . '/inbox'; + } else { + $message->from_profile = $user->id; + $title = _('Direct Messages You\'ve Sent'); + $subtitle = sprintf(_("All the direct messages sent from %s"), $user->nickname); + $link = $server . $user->nickname . '/outbox'; + } + + if ($before_id) { + $message->whereAdd("id < $before_id"); + } + + if ($since_id) { + $message->whereAdd("id > $since_id"); + } + + $since = strtotime($this->arg('since')); + + if ($since) { + $d = date('Y-m-d H:i:s', $since); + $message->whereAdd("created > '$d'"); + } + + $message->orderBy('created DESC, id DESC'); + $message->limit((($page-1)*20), $count); + $message->find(); + + switch($apidata['content-type']) { + case 'xml': + $this->show_xml_dmsgs($message); + break; + case 'rss': + $this->show_rss_dmsgs($message, $title, $link, $subtitle); + break; + case 'atom': + $this->show_atom_dmsgs($message, $title, $link, $subtitle); + break; + case 'json': + $this->show_json_dmsgs($message); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + } + + } + + // had to change this from "new" to "create" to avoid PHP reserved word + function create($args, $apidata) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError(_('This method requires a POST.'), 400, $apidata['content-type']); + return; + } + + $user = $apidata['user']; + $source = $this->trimmed('source'); // Not supported by Twitter. $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); - if (!$source || in_array($source, $reserved_sources)) { - $source = 'api'; - } - - $content = $this->trimmed('text'); - - if (!$content) { - $this->client_error(_('No message text!'), $code = 406, $apidata['content-type']); - } else { - $content_shortened = common_shorten_links($content); - if (mb_strlen($content_shortened) > 140) { - $this->client_error(_('That\'s too long. Max message size is 140 chars.'), - $code = 406, $apidata['content-type']); - return; - } - } - - $other = $this->get_user($this->trimmed('user')); - - if (!$other) { - $this->client_error(_('Recipient user not found.'), $code = 403, $apidata['content-type']); - return; - } else if (!$user->mutuallySubscribed($other)) { - $this->client_error(_('Can\'t send direct messages to users who aren\'t your friend.'), - $code = 403, $apidata['content-type']); - return; - } else if ($user->id == $other->id) { - // Sending msgs to yourself is allowed by Twitter - $this->client_error(_('Don\'t send a message to yourself; just say it to yourself quietly instead.'), - $code = 403, $apidata['content-type']); - return; - } - - $message = Message::saveNew($user->id, $other->id, - html_entity_decode($content, ENT_NOQUOTES, 'UTF-8'), $source); - - if (is_string($message)) { - $this->server_error($message); - return; - } - - $this->notify($user, $other, $message); - - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_dmsg($message); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_dmsg($message); - } - - } - - function destroy($args, $apidata) { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } - - function show_xml_dmsgs($message) { - - $this->init_document('xml'); - common_element_start('direct-messages', array('type' => 'array')); - - if (is_array($messages)) { - foreach ($message as $m) { - $twitter_dm = $this->twitter_dmsg_array($m); - $this->show_twitter_xml_dmsg($twitter_dm); - } - } else { - while ($message->fetch()) { - $twitter_dm = $this->twitter_dmsg_array($message); - $this->show_twitter_xml_dmsg($twitter_dm); - } - } - - common_element_end('direct-messages'); - $this->end_document('xml'); - - } - - function show_json_dmsgs($message) { - - $this->init_document('json'); - - $dmsgs = array(); - - if (is_array($message)) { - foreach ($message as $m) { - $twitter_dm = $this->twitter_dmsg_array($m); - array_push($dmsgs, $twitter_dm); - } - } else { - while ($message->fetch()) { - $twitter_dm = $this->twitter_dmsg_array($message); - array_push($dmsgs, $twitter_dm); - } - } - - $this->show_json_objects($dmsgs); - $this->end_document('json'); - - } - - function show_rss_dmsgs($message, $title, $link, $subtitle) { - - $this->init_document('rss'); - - common_element_start('channel'); - common_element('title', NULL, $title); - - common_element('link', NULL, $link); - common_element('description', NULL, $subtitle); - common_element('language', NULL, 'en-us'); - common_element('ttl', NULL, '40'); - - if (is_array($message)) { - foreach ($message as $m) { - $entry = $this->twitter_rss_dmsg_array($m); - $this->show_twitter_rss_item($entry); - } - } else { - while ($message->fetch()) { - $entry = $this->twitter_rss_dmsg_array($message); - $this->show_twitter_rss_item($entry); - } - } - - common_element_end('channel'); - $this->end_twitter_rss(); - - } - - function show_atom_dmsgs($message, $title, $link, $subtitle) { - - $this->init_document('atom'); - - common_element('title', NULL, $title); - $siteserver = common_config('site', 'server'); - common_element('id', NULL, "tag:$siteserver,2008:DirectMessage"); - common_element('link', array('href' => $link, 'rel' => 'alternate', 'type' => 'text/html'), NULL); - common_element('updated', NULL, common_date_iso8601(strftime('%c'))); - common_element('subtitle', NULL, $subtitle); - - if (is_array($message)) { - foreach ($message as $m) { - $entry = $this->twitter_rss_dmsg_array($m); - $this->show_twitter_atom_entry($entry); - } - } else { - while ($message->fetch()) { - $entry = $this->twitter_rss_dmsg_array($message); - $this->show_twitter_atom_entry($entry); - } - } - - $this->end_document('atom'); - } - - // swiped from MessageAction. Should it be place in util.php? - function notify($from, $to, $message) { - mail_notify_message($message, $from, $to); - # XXX: Jabber, SMS notifications... probably queued - } + if (!$source || in_array($source, $reserved_sources)) { + $source = 'api'; + } + + $content = $this->trimmed('text'); + + if (!$content) { + $this->clientError(_('No message text!'), $code = 406, $apidata['content-type']); + } else { + $content_shortened = common_shorten_links($content); + if (mb_strlen($content_shortened) > 140) { + $this->clientError(_('That\'s too long. Max message size is 140 chars.'), + $code = 406, $apidata['content-type']); + return; + } + } + + $other = $this->get_user($this->trimmed('user')); + + if (!$other) { + $this->clientError(_('Recipient user not found.'), $code = 403, $apidata['content-type']); + return; + } else if (!$user->mutuallySubscribed($other)) { + $this->clientError(_('Can\'t send direct messages to users who aren\'t your friend.'), + $code = 403, $apidata['content-type']); + return; + } else if ($user->id == $other->id) { + // Sending msgs to yourself is allowed by Twitter + $this->clientError(_('Don\'t send a message to yourself; just say it to yourself quietly instead.'), + $code = 403, $apidata['content-type']); + return; + } + + $message = Message::saveNew($user->id, $other->id, + html_entity_decode($content, ENT_NOQUOTES, 'UTF-8'), $source); + + if (is_string($message)) { + $this->serverError($message); + return; + } + + $this->notify($user, $other, $message); + + if ($apidata['content-type'] == 'xml') { + $this->show_single_xml_dmsg($message); + } elseif ($apidata['content-type'] == 'json') { + $this->show_single_json_dmsg($message); + } + + } + + function destroy($args, $apidata) + { + parent::handle($args); + $this->serverError(_('API method under construction.'), $code=501); + } + + function show_xml_dmsgs($message) + { + + $this->init_document('xml'); + $this->elementStart('direct-messages', array('type' => 'array')); + + if (is_array($messages)) { + foreach ($message as $m) { + $twitter_dm = $this->twitter_dmsg_array($m); + $this->show_twitter_xml_dmsg($twitter_dm); + } + } else { + while ($message->fetch()) { + $twitter_dm = $this->twitter_dmsg_array($message); + $this->show_twitter_xml_dmsg($twitter_dm); + } + } + + $this->elementEnd('direct-messages'); + $this->end_document('xml'); + + } + + function show_json_dmsgs($message) + { + + $this->init_document('json'); + + $dmsgs = array(); + + if (is_array($message)) { + foreach ($message as $m) { + $twitter_dm = $this->twitter_dmsg_array($m); + array_push($dmsgs, $twitter_dm); + } + } else { + while ($message->fetch()) { + $twitter_dm = $this->twitter_dmsg_array($message); + array_push($dmsgs, $twitter_dm); + } + } + + $this->show_json_objects($dmsgs); + $this->end_document('json'); + + } + + function show_rss_dmsgs($message, $title, $link, $subtitle) + { + + $this->init_document('rss'); + + $this->elementStart('channel'); + $this->element('title', null, $title); + + $this->element('link', null, $link); + $this->element('description', null, $subtitle); + $this->element('language', null, 'en-us'); + $this->element('ttl', null, '40'); + + if (is_array($message)) { + foreach ($message as $m) { + $entry = $this->twitter_rss_dmsg_array($m); + $this->show_twitter_rss_item($entry); + } + } else { + while ($message->fetch()) { + $entry = $this->twitter_rss_dmsg_array($message); + $this->show_twitter_rss_item($entry); + } + } + + $this->elementEnd('channel'); + $this->end_twitter_rss(); + + } + + function show_atom_dmsgs($message, $title, $link, $subtitle) + { + + $this->init_document('atom'); + + $this->element('title', null, $title); + $siteserver = common_config('site', 'server'); + $this->element('id', null, "tag:$siteserver,2008:DirectMessage"); + $this->element('link', array('href' => $link, 'rel' => 'alternate', 'type' => 'text/html'), null); + $this->element('updated', null, common_date_iso8601(strftime('%c'))); + $this->element('subtitle', null, $subtitle); + + if (is_array($message)) { + foreach ($message as $m) { + $entry = $this->twitter_rss_dmsg_array($m); + $this->show_twitter_atom_entry($entry); + } + } else { + while ($message->fetch()) { + $entry = $this->twitter_rss_dmsg_array($message); + $this->show_twitter_atom_entry($entry); + } + } + + $this->end_document('atom'); + } + + // swiped from MessageAction. Should it be place in util.php? + function notify($from, $to, $message) + { + mail_notify_message($message, $from, $to); + # XXX: Jabber, SMS notifications... probably queued + } } diff --git a/actions/twitapifavorites.php b/actions/twitapifavorites.php index 3eaff327a..737b7229f 100644 --- a/actions/twitapifavorites.php +++ b/actions/twitapifavorites.php @@ -21,155 +21,161 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/twitterapi.php'); -class TwitapifavoritesAction extends TwitterapiAction { - - function favorites($args, $apidata) { - parent::handle($args); - - $this->auth_user = $apidata['user']; - $user = $this->get_user($apidata['api_arg'], $apidata); - - if (!$user) { - $this->client_error('Not Found', 404, $apidata['content-type']); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - $page = $this->arg('page'); - - if (!$page) { - $page = 1; - } - - if (!$count) { - $count = 20; - } - - $notice = $user->favoriteNotices((($page-1)*20), $count); - - if (!$notice) { - common_server_error(_('Could not retrieve favorite notices.')); - return; - } - - $sitename = common_config('site', 'name'); - $siteserver = common_config('site', 'server'); - - $title = sprintf(_('%s / Favorites from %s'), $sitename, $user->nickname); - $id = "tag:$siteserver:favorites:".$user->id; - $link = common_local_url('favorites', array('nickname' => $user->nickname)); - $subtitle = sprintf(_('%s updates favorited by %s / %s.'), $sitename, $profile->getBestName(), $user->nickname); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); - break; - case 'atom': - $this->show_atom_timeline($notice, $title, $id, $link, $subtitle); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - common_user_error(_('API method not found!'), $code = 404); - } - - } - - function create($args, $apidata) { - parent::handle($args); - - // Check for RESTfulness - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - // XXX: Twitter just prints the err msg, no XML / JSON. - $this->client_error(_('This method requires a POST or DELETE.'), 400, $apidata['content-type']); - return; - } - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } - - $this->auth_user = $apidata['user']; - $user = $this->auth_user; - $notice_id = $apidata['api_arg']; - $notice = Notice::staticGet($notice_id); - - if (!$notice) { - $this->client_error(_('No status found with that ID.'), 404, $apidata['content-type']); - return; - } - - // XXX: Twitter lets you fave things repeatedly via api. - if ($user->hasFave($notice)) { - $this->client_error(_('This notice is already a favorite!'), 403, $apidata['content-type']); - return; - } - - $fave = Fave::addNew($user, $notice); - - if (!$fave) { - common_server_error(_('Could not create favorite.')); - return; - } - - $this->notify($fave, $notice, $user); - $user->blowFavesCache(); - - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_status($notice); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_status($notice); - } - - } - - function destroy($args, $apidata) { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } - - // XXX: these two funcs swiped from faves. Maybe put in util.php, or some common base class? - - function notify($fave, $notice, $user) { - $other = User::staticGet('id', $notice->profile_id); - if ($other && $other->id != $user->id) { - if ($other->email && $other->emailnotifyfav) { - $this->notify_mail($other, $user, $notice); - } - # XXX: notify by IM - # XXX: notify by SMS - } - } - - function notify_mail($other, $user, $notice) { - $profile = $user->getProfile(); - $bestname = $profile->getBestName(); - $subject = sprintf(_('%s added your notice as a favorite'), $bestname); - $body = sprintf(_("%1\$s just added your notice from %2\$s as one of their favorites.\n\n" . - "In case you forgot, you can see the text of your notice here:\n\n" . - "%3\$s\n\n" . - "You can see the list of %1\$s's favorites here:\n\n" . - "%4\$s\n\n" . - "Faithfully yours,\n" . - "%5\$s\n"), - $bestname, - common_exact_date($notice->created), - common_local_url('shownotice', array('notice' => $notice->id)), - common_local_url('showfavorites', array('nickname' => $user->nickname)), - common_config('site', 'name')); - - mail_to_user($other, $subject, $body); - } +class TwitapifavoritesAction extends TwitterapiAction +{ + + function favorites($args, $apidata) + { + parent::handle($args); + + $this->auth_user = $apidata['user']; + $user = $this->get_user($apidata['api_arg'], $apidata); + + if (!$user) { + $this->clientError('Not Found', 404, $apidata['content-type']); + return; + } + + $profile = $user->getProfile(); + + if (!$profile) { + $this->serverError(_('User has no profile.')); + return; + } + + $page = $this->arg('page'); + + if (!$page) { + $page = 1; + } + + if (!$count) { + $count = 20; + } + + $notice = $user->favoriteNotices((($page-1)*20), $count); + + if (!$notice) { + $this->serverError(_('Could not retrieve favorite notices.')); + return; + } + + $sitename = common_config('site', 'name'); + $siteserver = common_config('site', 'server'); + + $title = sprintf(_('%s / Favorites from %s'), $sitename, $user->nickname); + $id = "tag:$siteserver:favorites:".$user->id; + $link = common_local_url('favorites', array('nickname' => $user->nickname)); + $subtitle = sprintf(_('%s updates favorited by %s / %s.'), $sitename, $profile->getBestName(), $user->nickname); + + switch($apidata['content-type']) { + case 'xml': + $this->show_xml_timeline($notice); + break; + case 'rss': + $this->show_rss_timeline($notice, $title, $link, $subtitle); + break; + case 'atom': + $this->show_atom_timeline($notice, $title, $id, $link, $subtitle); + break; + case 'json': + $this->show_json_timeline($notice); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + } + + } + + function create($args, $apidata) + { + parent::handle($args); + + // Check for RESTfulness + if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { + // XXX: Twitter just prints the err msg, no XML / JSON. + $this->clientError(_('This method requires a POST or DELETE.'), 400, $apidata['content-type']); + return; + } + + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } + + $this->auth_user = $apidata['user']; + $user = $this->auth_user; + $notice_id = $apidata['api_arg']; + $notice = Notice::staticGet($notice_id); + + if (!$notice) { + $this->clientError(_('No status found with that ID.'), 404, $apidata['content-type']); + return; + } + + // XXX: Twitter lets you fave things repeatedly via api. + if ($user->hasFave($notice)) { + $this->clientError(_('This notice is already a favorite!'), 403, $apidata['content-type']); + return; + } + + $fave = Fave::addNew($user, $notice); + + if (!$fave) { + $this->serverError(_('Could not create favorite.')); + return; + } + + $this->notify($fave, $notice, $user); + $user->blowFavesCache(); + + if ($apidata['content-type'] == 'xml') { + $this->show_single_xml_status($notice); + } elseif ($apidata['content-type'] == 'json') { + $this->show_single_json_status($notice); + } + + } + + function destroy($args, $apidata) + { + parent::handle($args); + $this->serverError(_('API method under construction.'), $code=501); + } + + // XXX: these two funcs swiped from faves. Maybe put in util.php, or some common base class? + + function notify($fave, $notice, $user) + { + $other = User::staticGet('id', $notice->profile_id); + if ($other && $other->id != $user->id) { + if ($other->email && $other->emailnotifyfav) { + $this->notify_mail($other, $user, $notice); + } + # XXX: notify by IM + # XXX: notify by SMS + } + } + + function notify_mail($other, $user, $notice) + { + $profile = $user->getProfile(); + $bestname = $profile->getBestName(); + $subject = sprintf(_('%s added your notice as a favorite'), $bestname); + $body = sprintf(_("%1\$s just added your notice from %2\$s as one of their favorites.\n\n" . + "In case you forgot, you can see the text of your notice here:\n\n" . + "%3\$s\n\n" . + "You can see the list of %1\$s's favorites here:\n\n" . + "%4\$s\n\n" . + "Faithfully yours,\n" . + "%5\$s\n"), + $bestname, + common_exact_date($notice->created), + common_local_url('shownotice', array('notice' => $notice->id)), + common_local_url('showfavorites', array('nickname' => $user->nickname)), + common_config('site', 'name')); + + mail_to_user($other, $subject, $body); + } }
\ No newline at end of file diff --git a/actions/twitapifriendships.php b/actions/twitapifriendships.php index e4b49cbe4..c50c5e84a 100644 --- a/actions/twitapifriendships.php +++ b/actions/twitapifriendships.php @@ -21,135 +21,139 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/twitterapi.php'); -class TwitapifriendshipsAction extends TwitterapiAction { +class TwitapifriendshipsAction extends TwitterapiAction +{ - function create($args, $apidata) { - parent::handle($args); + function create($args, $apidata) + { + parent::handle($args); - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); - return; - } + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError(_('This method requires a POST.'), 400, $apidata['content-type']); + return; + } - $id = $apidata['api_arg']; + $id = $apidata['api_arg']; - $other = $this->get_user($id); + $other = $this->get_user($id); - if (!$other) { - $this->client_error(_('Could not follow user: User not found.'), 403, $apidata['content-type']); - return; - } + if (!$other) { + $this->clientError(_('Could not follow user: User not found.'), 403, $apidata['content-type']); + return; + } - $user = $apidata['user']; + $user = $apidata['user']; - if ($user->isSubscribed($other)) { - $errmsg = sprintf(_('Could not follow user: %s is already on your list.'), $other->nickname); - $this->client_error($errmsg, 403, $apidata['content-type']); - return; - } + if ($user->isSubscribed($other)) { + $errmsg = sprintf(_('Could not follow user: %s is already on your list.'), $other->nickname); + $this->clientError($errmsg, 403, $apidata['content-type']); + return; + } - $sub = new Subscription(); + $sub = new Subscription(); - $sub->query('BEGIN'); + $sub->query('BEGIN'); - $sub->subscriber = $user->id; - $sub->subscribed = $other->id; - $sub->created = DB_DataObject_Cast::dateTime(); # current time + $sub->subscriber = $user->id; + $sub->subscribed = $other->id; + $sub->created = DB_DataObject_Cast::dateTime(); # current time - $result = $sub->insert(); + $result = $sub->insert(); - if (!$result) { - $errmsg = sprintf(_('Could not follow user: %s is already on your list.'), $other->nickname); - $this->client_error($errmsg, 400, $apidata['content-type']); - return; - } + if (!$result) { + $errmsg = sprintf(_('Could not follow user: %s is already on your list.'), $other->nickname); + $this->clientError($errmsg, 400, $apidata['content-type']); + return; + } - $sub->query('COMMIT'); + $sub->query('COMMIT'); - mail_subscribe_notify($other, $user); + mail_subscribe_notify($other, $user); - $type = $apidata['content-type']; - $this->init_document($type); - $this->show_profile($other, $type); - $this->end_document($type); + $type = $apidata['content-type']; + $this->init_document($type); + $this->show_profile($other, $type); + $this->end_document($type); - } + } - function destroy($args, $apidata) { - parent::handle($args); + function destroy($args, $apidata) + { + parent::handle($args); - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - $this->client_error(_('This method requires a POST or DELETE.'), 400, $apidata['content-type']); - return; - } + if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { + $this->clientError(_('This method requires a POST or DELETE.'), 400, $apidata['content-type']); + return; + } - $id = $apidata['api_arg']; + $id = $apidata['api_arg']; - # We can't subscribe to a remote person, but we can unsub + # We can't subscribe to a remote person, but we can unsub - $other = $this->get_profile($id); - $user = $apidata['user']; + $other = $this->get_profile($id); + $user = $apidata['user']; - $sub = new Subscription(); - $sub->subscriber = $user->id; - $sub->subscribed = $other->id; + $sub = new Subscription(); + $sub->subscriber = $user->id; + $sub->subscribed = $other->id; - if ($sub->find(TRUE)) { - $sub->query('BEGIN'); - $sub->delete(); - $sub->query('COMMIT'); - } else { - $this->client_error(_('You are not friends with the specified user.'), 403, $apidata['content-type']); - return; - } + if ($sub->find(true)) { + $sub->query('BEGIN'); + $sub->delete(); + $sub->query('COMMIT'); + } else { + $this->clientError(_('You are not friends with the specified user.'), 403, $apidata['content-type']); + return; + } - $type = $apidata['content-type']; - $this->init_document($type); - $this->show_profile($other, $type); - $this->end_document($type); + $type = $apidata['content-type']; + $this->init_document($type); + $this->show_profile($other, $type); + $this->end_document($type); - } + } - function exists($args, $apidata) { - parent::handle($args); + function exists($args, $apidata) + { + parent::handle($args); - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } - $user_a_id = $this->trimmed('user_a'); - $user_b_id = $this->trimmed('user_b'); + $user_a_id = $this->trimmed('user_a'); + $user_b_id = $this->trimmed('user_b'); - $user_a = $this->get_user($user_a_id); - $user_b = $this->get_user($user_b_id); + $user_a = $this->get_user($user_a_id); + $user_b = $this->get_user($user_b_id); - if (!$user_a || !$user_b) { - $this->client_error(_('Two user ids or screen_names must be supplied.'), 400, $apidata['content-type']); - return; - } + if (!$user_a || !$user_b) { + $this->clientError(_('Two user ids or screen_names must be supplied.'), 400, $apidata['content-type']); + return; + } - if ($user_a->isSubscribed($user_b)) { - $result = 'true'; - } else { - $result = 'false'; - } - - switch ($apidata['content-type']) { - case 'xml': - $this->init_document('xml'); - common_element('friends', NULL, $result); - $this->end_document('xml'); - break; - case 'json': - $this->init_document('json'); - print json_encode($result); - $this->end_document('json'); - break; - default: - break; - } - - } + if ($user_a->isSubscribed($user_b)) { + $result = 'true'; + } else { + $result = 'false'; + } + + switch ($apidata['content-type']) { + case 'xml': + $this->init_document('xml'); + $this->element('friends', null, $result); + $this->end_document('xml'); + break; + case 'json': + $this->init_document('json'); + print json_encode($result); + $this->end_document('json'); + break; + default: + break; + } + + } }
\ No newline at end of file diff --git a/actions/twitapihelp.php b/actions/twitapihelp.php index c5d503e11..db5892baf 100644 --- a/actions/twitapihelp.php +++ b/actions/twitapihelp.php @@ -21,32 +21,35 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/twitterapi.php'); -class TwitapihelpAction extends TwitterapiAction { - - /* Returns the string "ok" in the requested format with a 200 OK HTTP status code. - * URL:http://identi.ca/api/help/test.format - * Formats: xml, json - */ - function test($args, $apidata) { - parent::handle($args); - - if ($apidata['content-type'] == 'xml') { - $this->init_document('xml'); - common_element('ok', NULL, 'true'); - $this->end_document('xml'); - } elseif ($apidata['content-type'] == 'json') { - $this->init_document('json'); - print '"ok"'; - $this->end_document('json'); - } else { - common_user_error(_('API method not found!'), $code=404); - } - - } - - function downtime_schedule($args, $apidata) { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } +class TwitapihelpAction extends TwitterapiAction +{ + + /* Returns the string "ok" in the requested format with a 200 OK HTTP status code. + * URL:http://identi.ca/api/help/test.format + * Formats: xml, json + */ + function test($args, $apidata) + { + parent::handle($args); + + if ($apidata['content-type'] == 'xml') { + $this->init_document('xml'); + $this->element('ok', null, 'true'); + $this->end_document('xml'); + } elseif ($apidata['content-type'] == 'json') { + $this->init_document('json'); + print '"ok"'; + $this->end_document('json'); + } else { + $this->clientError(_('API method not found!'), $code=404); + } + + } + + function downtime_schedule($args, $apidata) + { + parent::handle($args); + $this->serverError(_('API method under construction.'), $code=501); + } }
\ No newline at end of file diff --git a/actions/twitapilaconica.php b/actions/twitapilaconica.php new file mode 100644 index 000000000..8cd7a64b9 --- /dev/null +++ b/actions/twitapilaconica.php @@ -0,0 +1,174 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * Laconica-only extensions to the Twitter-like API + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Twitter + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/twitterapi.php'; + +/** + * Laconica-specific API methods + * + * This class handles all /laconica/ API methods. + * + * @category Twitter + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class TwitapilaconicaAction extends TwitterapiAction +{ + /** + * A version stamp for the API + * + * Returns a version number for this version of Laconica, which + * should make things a bit easier for upgrades. + * URL: http://identi.ca/api/laconica/version.(xml|json) + * Formats: xml, json + * + * @param array $args Web arguments + * @param array $apidata Twitter API data + * + * @return void + * + * @see ApiAction::process_command() + */ + + function version($args, $apidata) + { + parent::handle($args); + switch ($apidata['content-type']) { + case 'xml': + $this->init_document('xml'); + $this->element('version', null, LACONICA_VERSION); + $this->end_document('xml'); + break; + case 'json': + $this->init_document('json'); + print '"'.LACONICA_VERSION.'"'; + $this->end_document('json'); + break; + default: + $this->clientError(_('API method not found!'), $code=404); + } + } + + /** + * Dump of configuration variables + * + * Gives a full dump of configuration variables for this instance + * of Laconica, minus variables that may be security-sensitive (like + * passwords). + * URL: http://identi.ca/api/laconica/config.(xml|json) + * Formats: xml, json + * + * @param array $args Web arguments + * @param array $apidata Twitter API data + * + * @return void + * + * @see ApiAction::process_command() + */ + + function config($args, $apidata) + { + static $keys = array('site' => array('name', 'server', 'theme', 'path', 'fancy', 'language', + 'email', 'broughtby', 'broughtbyurl', 'closed', + 'inviteonly', 'private'), + 'license' => array('url', 'title', 'image'), + 'nickname' => array('featured'), + 'throttle' => array('enabled', 'count', 'timespan'), + 'xmpp' => array('enabled', 'server', 'user')); + + parent::handle($args); + + switch ($apidata['content-type']) { + case 'xml': + $this->init_document('xml'); + $this->elementStart('config'); + // XXX: check that all sections and settings are legal XML elements + foreach ($keys as $section => $settings) { + $this->elementStart($section); + foreach ($settings as $setting) { + $value = common_config($section, $setting); + if (is_array($value)) { + $value = implode(',', $value); + } else if ($value === false) { + $value = 'false'; + } else if ($value === true) { + $value = 'true'; + } + $this->element($setting, null, $value); + } + $this->elementEnd($section); + } + $this->elementEnd('config'); + $this->end_document('xml'); + break; + case 'json': + $result = array(); + foreach ($keys as $section => $settings) { + $result[$section] = array(); + foreach ($settings as $setting) { + $result[$section][$setting] = common_config($section, $setting); + } + } + $this->init_document('json'); + $this->show_json_objects($result); + $this->end_document('json'); + break; + default: + $this->clientError(_('API method not found!'), $code=404); + } + } + + /** + * WADL description of the API + * + * Gives a WADL description of the API provided by this version of the + * software. + * + * @param array $args Web arguments + * @param array $apidata Twitter API data + * + * @return void + * + * @see ApiAction::process_command() + */ + + function wadl($args, $apidata) + { + parent::handle($args); + $this->serverError(_('API method under construction.'), 501); + } +} diff --git a/actions/twitapinotifications.php b/actions/twitapinotifications.php index 8d93309a2..411971af1 100644 --- a/actions/twitapinotifications.php +++ b/actions/twitapinotifications.php @@ -22,16 +22,19 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/twitterapi.php'); # This naming convention looks real sick -class TwitapinotificationsAction extends TwitterapiAction { +class TwitapinotificationsAction extends TwitterapiAction +{ - function follow($args, $apidata) { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } + function follow($args, $apidata) + { + parent::handle($args); + $this->serverError(_('API method under construction.'), $code=501); + } - function leave($args, $apidata) { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } + function leave($args, $apidata) + { + parent::handle($args); + $this->serverError(_('API method under construction.'), $code=501); + } }
\ No newline at end of file diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php index 7b6598b10..a35f4b12e 100644 --- a/actions/twitapistatuses.php +++ b/actions/twitapistatuses.php @@ -21,543 +21,557 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/twitterapi.php'); -class TwitapistatusesAction extends TwitterapiAction { - - function public_timeline($args, $apidata) { - parent::handle($args); - - $sitename = common_config('site', 'name'); - $siteserver = common_config('site', 'server'); - $title = sprintf(_("%s public timeline"), $sitename); - $id = "tag:$siteserver:Statuses"; - $link = common_root_url(); - $subtitle = sprintf(_("%s updates from everyone!"), $sitename); - - // Number of public statuses to return by default -- Twitter sends 20 - $MAX_PUBSTATUSES = 20; - - // FIXME: To really live up to the spec we need to build a list - // of notices by users who have custom avatars, so fix this SQL -- Zach - - $page = $this->arg('page'); - $since_id = $this->arg('since_id'); - $before_id = $this->arg('before_id'); - - // NOTE: page, since_id, and before_id are extensions to Twitter API -- TB - if (!$page) { - $page = 1; - } - if (!$since_id) { - $since_id = 0; - } - if (!$before_id) { - $before_id = 0; - } - - $since = strtotime($this->arg('since')); - - $notice = Notice::publicStream((($page-1)*$MAX_PUBSTATUSES), $MAX_PUBSTATUSES, $since_id, $before_id, $since); - - if ($notice) { - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); - break; - case 'atom': - $this->show_atom_timeline($notice, $title, $id, $link, $subtitle); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - common_user_error(_('API method not found!'), $code = 404); - break; - } - - } else { - common_server_error(_('Couldn\'t find any statuses.'), $code = 503); - } - - } - - function friends_timeline($args, $apidata) { - parent::handle($args); - - $since = $this->arg('since'); - $since_id = $this->arg('since_id'); - $count = $this->arg('count'); - $page = $this->arg('page'); - $before_id = $this->arg('before_id'); - - if (!$page) { - $page = 1; - } - - if (!$count) { - $count = 20; - } - - if (!$since_id) { - $since_id = 0; - } - - // NOTE: before_id is an extension to Twitter API -- TB - if (!$before_id) { - $before_id = 0; - } - - $since = strtotime($this->arg('since')); - - $user = $this->get_user(NULL, $apidata); - $this->auth_user = $user; - - $profile = $user->getProfile(); - - $sitename = common_config('site', 'name'); - $siteserver = common_config('site', 'server'); - - $title = sprintf(_("%s and friends"), $user->nickname); - $id = "tag:$siteserver:friends:" . $user->id; - $link = common_local_url('all', array('nickname' => $user->nickname)); - $subtitle = sprintf(_('Updates from %1$s and friends on %2$s!'), $user->nickname, $sitename); - - $notice = $user->noticesWithFriends(($page-1)*20, $count, $since_id, $before_id, $since); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle); - break; - case 'atom': - $this->show_atom_timeline($notice, $title, $id, $link, $subtitle); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - common_user_error(_('API method not found!'), $code = 404); - } - - } - - function user_timeline($args, $apidata) { - parent::handle($args); - - $this->auth_user = $apidata['user']; - $user = $this->get_user($apidata['api_arg'], $apidata); - - if (!$user) { - $this->client_error('Not Found', 404, $apidata['content-type']); - return; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - $count = $this->arg('count'); - $since = $this->arg('since'); - $since_id = $this->arg('since_id'); - $page = $this->arg('page'); - $before_id = $this->arg('before_id'); - - if (!$page) { - $page = 1; - } - - if (!$count) { - $count = 20; - } - - if (!$since_id) { - $since_id = 0; - } - - // NOTE: before_id is an extensions to Twitter API -- TB - if (!$before_id) { - $before_id = 0; - } - - $since = strtotime($this->arg('since')); - - $sitename = common_config('site', 'name'); - $siteserver = common_config('site', 'server'); - - $title = sprintf(_("%s timeline"), $user->nickname); - $id = "tag:$siteserver:user:".$user->id; - $link = common_local_url('showstream', array('nickname' => $user->nickname)); - $subtitle = sprintf(_('Updates from %1$s on %2$s!'), $user->nickname, $sitename); - - # FriendFeed's SUP protocol - # Also added RSS and Atom feeds - - $suplink = common_local_url('sup', NULL, $user->id); - header('X-SUP-ID: '.$suplink); - - # XXX: since - - $notice = $user->getNotices((($page-1)*20), $count, $since_id, $before_id, $since); - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notice); - break; - case 'rss': - $this->show_rss_timeline($notice, $title, $link, $subtitle, $suplink); - break; - case 'atom': - $this->show_atom_timeline($notice, $title, $id, $link, $subtitle, $suplink); - break; - case 'json': - $this->show_json_timeline($notice); - break; - default: - common_user_error(_('API method not found!'), $code = 404); - } - - } - - function update($args, $apidata) { - - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } - - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); - return; - } - - $this->auth_user = $apidata['user']; - $user = $this->auth_user; - $status = $this->trimmed('status'); - $source = $this->trimmed('source'); - $in_reply_to_status_id = intval($this->trimmed('in_reply_to_status_id')); +class TwitapistatusesAction extends TwitterapiAction +{ + + function public_timeline($args, $apidata) + { + parent::handle($args); + + $sitename = common_config('site', 'name'); + $siteserver = common_config('site', 'server'); + $title = sprintf(_("%s public timeline"), $sitename); + $id = "tag:$siteserver:Statuses"; + $link = common_root_url(); + $subtitle = sprintf(_("%s updates from everyone!"), $sitename); + + // Number of public statuses to return by default -- Twitter sends 20 + $MAX_PUBSTATUSES = 20; + + // FIXME: To really live up to the spec we need to build a list + // of notices by users who have custom avatars, so fix this SQL -- Zach + + $page = $this->arg('page'); + $since_id = $this->arg('since_id'); + $before_id = $this->arg('before_id'); + + // NOTE: page, since_id, and before_id are extensions to Twitter API -- TB + if (!$page) { + $page = 1; + } + if (!$since_id) { + $since_id = 0; + } + if (!$before_id) { + $before_id = 0; + } + + $since = strtotime($this->arg('since')); + + $notice = Notice::publicStream((($page-1)*$MAX_PUBSTATUSES), $MAX_PUBSTATUSES, $since_id, $before_id, $since); + + if ($notice) { + + switch($apidata['content-type']) { + case 'xml': + $this->show_xml_timeline($notice); + break; + case 'rss': + $this->show_rss_timeline($notice, $title, $link, $subtitle); + break; + case 'atom': + $this->show_atom_timeline($notice, $title, $id, $link, $subtitle); + break; + case 'json': + $this->show_json_timeline($notice); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + break; + } + + } else { + $this->serverError(_('Couldn\'t find any statuses.'), $code = 503); + } + + } + + function friends_timeline($args, $apidata) + { + parent::handle($args); + + $since = $this->arg('since'); + $since_id = $this->arg('since_id'); + $count = $this->arg('count'); + $page = $this->arg('page'); + $before_id = $this->arg('before_id'); + + if (!$page) { + $page = 1; + } + + if (!$count) { + $count = 20; + } + + if (!$since_id) { + $since_id = 0; + } + + // NOTE: before_id is an extension to Twitter API -- TB + if (!$before_id) { + $before_id = 0; + } + + $since = strtotime($this->arg('since')); + + $user = $this->get_user(null, $apidata); + $this->auth_user = $user; + + $profile = $user->getProfile(); + + $sitename = common_config('site', 'name'); + $siteserver = common_config('site', 'server'); + + $title = sprintf(_("%s and friends"), $user->nickname); + $id = "tag:$siteserver:friends:" . $user->id; + $link = common_local_url('all', array('nickname' => $user->nickname)); + $subtitle = sprintf(_('Updates from %1$s and friends on %2$s!'), $user->nickname, $sitename); + + $notice = $user->noticesWithFriends(($page-1)*20, $count, $since_id, $before_id, $since); + + switch($apidata['content-type']) { + case 'xml': + $this->show_xml_timeline($notice); + break; + case 'rss': + $this->show_rss_timeline($notice, $title, $link, $subtitle); + break; + case 'atom': + $this->show_atom_timeline($notice, $title, $id, $link, $subtitle); + break; + case 'json': + $this->show_json_timeline($notice); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + } + + } + + function user_timeline($args, $apidata) + { + parent::handle($args); + + $this->auth_user = $apidata['user']; + $user = $this->get_user($apidata['api_arg'], $apidata); + + if (!$user) { + $this->clientError('Not Found', 404, $apidata['content-type']); + return; + } + + $profile = $user->getProfile(); + + if (!$profile) { + $this->serverError(_('User has no profile.')); + return; + } + + $count = $this->arg('count'); + $since = $this->arg('since'); + $since_id = $this->arg('since_id'); + $page = $this->arg('page'); + $before_id = $this->arg('before_id'); + + if (!$page) { + $page = 1; + } + + if (!$count) { + $count = 20; + } + + if (!$since_id) { + $since_id = 0; + } + + // NOTE: before_id is an extensions to Twitter API -- TB + if (!$before_id) { + $before_id = 0; + } + + $since = strtotime($this->arg('since')); + + $sitename = common_config('site', 'name'); + $siteserver = common_config('site', 'server'); + + $title = sprintf(_("%s timeline"), $user->nickname); + $id = "tag:$siteserver:user:".$user->id; + $link = common_local_url('showstream', array('nickname' => $user->nickname)); + $subtitle = sprintf(_('Updates from %1$s on %2$s!'), $user->nickname, $sitename); + + # FriendFeed's SUP protocol + # Also added RSS and Atom feeds + + $suplink = common_local_url('sup', null, $user->id); + header('X-SUP-ID: '.$suplink); + + # XXX: since + + $notice = $user->getNotices((($page-1)*20), $count, $since_id, $before_id, $since); + + switch($apidata['content-type']) { + case 'xml': + $this->show_xml_timeline($notice); + break; + case 'rss': + $this->show_rss_timeline($notice, $title, $link, $subtitle, $suplink); + break; + case 'atom': + $this->show_atom_timeline($notice, $title, $id, $link, $subtitle, $suplink); + break; + case 'json': + $this->show_json_timeline($notice); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + } + + } + + function update($args, $apidata) + { + + parent::handle($args); + + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError(_('This method requires a POST.'), 400, $apidata['content-type']); + return; + } + + $this->auth_user = $apidata['user']; + $user = $this->auth_user; + $status = $this->trimmed('status'); + $source = $this->trimmed('source'); + $in_reply_to_status_id = intval($this->trimmed('in_reply_to_status_id')); $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api'); - if (!$source || in_array($source, $reserved_sources)) { - $source = 'api'; - } + if (!$source || in_array($source, $reserved_sources)) { + $source = 'api'; + } - if (!$status) { + if (!$status) { - // XXX: Note: In this case, Twitter simply returns '200 OK' - // No error is given, but the status is not posted to the - // user's timeline. Seems bad. Shouldn't we throw an - // errror? -- Zach - return; + // XXX: Note: In this case, Twitter simply returns '200 OK' + // No error is given, but the status is not posted to the + // user's timeline. Seems bad. Shouldn't we throw an + // errror? -- Zach + return; - } else { + } else { - $status_shortened = common_shorten_links($status); + $status_shortened = common_shorten_links($status); - if (mb_strlen($status_shortened) > 140) { + if (mb_strlen($status_shortened) > 140) { - // XXX: Twitter truncates anything over 140, flags the status - // as "truncated." Sending this error may screw up some clients - // that assume Twitter will truncate for them. Should we just - // truncate too? -- Zach - $this->client_error(_('That\'s too long. Max notice size is 140 chars.'), $code = 406, $apidata['content-type']); - return; + // XXX: Twitter truncates anything over 140, flags the status + // as "truncated." Sending this error may screw up some clients + // that assume Twitter will truncate for them. Should we just + // truncate too? -- Zach + $this->clientError(_('That\'s too long. Max notice size is 140 chars.'), $code = 406, $apidata['content-type']); + return; - } - } + } + } - // Check for commands - $inter = new CommandInterpreter(); - $cmd = $inter->handle_command($user, $status_shortened); + // Check for commands + $inter = new CommandInterpreter(); + $cmd = $inter->handle_command($user, $status_shortened); - if ($cmd) { + if ($cmd) { - if ($this->supported($cmd)) { - $cmd->execute(new Channel()); - } - - // cmd not supported? Twitter just returns your latest status. - // And, it returns your last status whether the cmd was successful - // or not! - $n = $user->getCurrentNotice(); - $apidata['api_arg'] = $n->id; - } else { + if ($this->supported($cmd)) { + $cmd->execute(new Channel()); + } + + // cmd not supported? Twitter just returns your latest status. + // And, it returns your last status whether the cmd was successful + // or not! + $n = $user->getCurrentNotice(); + $apidata['api_arg'] = $n->id; + } else { + + $reply_to = null; - $reply_to = NULL; - - if ($in_reply_to_status_id) { - - // check whether notice actually exists - $reply = Notice::staticGet($in_reply_to_status_id); - - if ($reply) { - $reply_to = $in_reply_to_status_id; - } else { - $this->client_error(_('Not found'), $code = 404, $apidata['content-type']); - return; - } - } - - $notice = Notice::saveNew($user->id, html_entity_decode($status, ENT_NOQUOTES, 'UTF-8'), - $source, 1, $reply_to); - - if (is_string($notice)) { - $this->server_error($notice); - return; - } - - common_broadcast_notice($notice); - $apidata['api_arg'] = $notice->id; - } - - $this->show($args, $apidata); - } - - function replies($args, $apidata) { - - parent::handle($args); - - $since = $this->arg('since'); - $count = $this->arg('count'); - $page = $this->arg('page'); - $since_id = $this->arg('since_id'); - $before_id = $this->arg('before_id'); - - $this->auth_user = $apidata['user']; - $user = $this->auth_user; - $profile = $user->getProfile(); - - $sitename = common_config('site', 'name'); - $siteserver = common_config('site', 'server'); - - $title = sprintf(_('%1$s / Updates replying to %2$s'), $sitename, $user->nickname); - $id = "tag:$siteserver:replies:".$user->id; - $link = common_local_url('replies', array('nickname' => $user->nickname)); - $subtitle = sprintf(_('%1$s updates that reply to updates from %2$s / %3$s.'), $sitename, $user->nickname, $profile->getBestName()); - - if (!$page) { - $page = 1; - } - - if (!$count) { - $count = 20; - } - - if (!$since_id) { - $since_id = 0; - } - - // NOTE: before_id is an extension to Twitter API -- TB - if (!$before_id) { - $before_id = 0; - } - - $since = strtotime($this->arg('since')); - - $notice = $user->getReplies((($page-1)*20), $count, $since_id, $before_id, $since); - $notices = array(); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } - - switch($apidata['content-type']) { - case 'xml': - $this->show_xml_timeline($notices); - break; - case 'rss': - $this->show_rss_timeline($notices, $title, $link, $subtitle); - break; - case 'atom': - $this->show_atom_timeline($notices, $title, $id, $link, $subtitle); - break; - case 'json': - $this->show_json_timeline($notices); - break; - default: - common_user_error(_('API method not found!'), $code = 404); - } - - } - - function show($args, $apidata) { - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } - - $this->auth_user = $apidata['user']; - $notice_id = $apidata['api_arg']; - $notice = Notice::staticGet($notice_id); - - if ($notice) { - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_status($notice); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_status($notice); - } - } else { - // XXX: Twitter just sets a 404 header and doens't bother to return an err msg - $this->client_error(_('No status with that ID found.'), 404, $apidata['content-type']); - } - - } - - function destroy($args, $apidata) { - - parent::handle($args); - - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } - - // Check for RESTfulness - if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { - // XXX: Twitter just prints the err msg, no XML / JSON. - $this->client_error(_('This method requires a POST or DELETE.'), 400, $apidata['content-type']); - return; - } - - $this->auth_user = $apidata['user']; - $user = $this->auth_user; - $notice_id = $apidata['api_arg']; - $notice = Notice::staticGet($notice_id); - - if (!$notice) { - $this->client_error(_('No status found with that ID.'), 404, $apidata['content-type']); - return; - } - - if ($user->id == $notice->profile_id) { - $replies = new Reply; - $replies->get('notice_id', $notice_id); - common_dequeue_notice($notice); - $replies->delete(); - $notice->delete(); - - if ($apidata['content-type'] == 'xml') { - $this->show_single_xml_status($notice); - } elseif ($apidata['content-type'] == 'json') { - $this->show_single_json_status($notice); - } - } else { - $this->client_error(_('You may not delete another user\'s status.'), 403, $apidata['content-type']); - } - - } - - function friends($args, $apidata) { - parent::handle($args); - return $this->subscriptions($apidata, 'subscribed', 'subscriber'); - } - - function followers($args, $apidata) { - parent::handle($args); - - return $this->subscriptions($apidata, 'subscriber', 'subscribed'); - } - - function subscriptions($apidata, $other_attr, $user_attr) { - - # XXX: lite - - $this->auth_user = $apidate['user']; - $user = $this->get_user($apidata['api_arg'], $apidata); - - if (!$user) { - $this->client_error('Not Found', 404, $apidata['content-type']); - return; - } - - $page = $this->trimmed('page'); - - if (!$page || !is_numeric($page)) { - $page = 1; - } - - $profile = $user->getProfile(); - - if (!$profile) { - common_server_error(_('User has no profile.')); - return; - } - - $sub = new Subscription(); - $sub->$user_attr = $profile->id; - - $since = strtotime($this->trimmed('since')); - - if ($since) { - $d = date('Y-m-d H:i:s', $since); - $sub->whereAdd("created > '$d'"); - } - - $sub->orderBy('created DESC'); - $sub->limit(($page-1)*100, 100); - - $others = array(); - - if ($sub->find()) { - while ($sub->fetch()) { - $others[] = Profile::staticGet($sub->$other_attr); - } - } else { - // user has no followers - } - - $type = $apidata['content-type']; - - $this->init_document($type); - $this->show_profiles($others, $type); - $this->end_document($type); - } - - function show_profiles($profiles, $type) { - switch ($type) { - case 'xml': - common_element_start('users', array('type' => 'array')); - foreach ($profiles as $profile) { - $this->show_profile($profile); - } - common_element_end('users'); - break; - case 'json': - $arrays = array(); - foreach ($profiles as $profile) { - $arrays[] = $this->twitter_user_array($profile, true); - } - print json_encode($arrays); - break; - default: - $this->client_error(_('unsupported file type')); - } - } - - function featured($args, $apidata) { - parent::handle($args); - common_server_error(_('API method under construction.'), $code=501); - } - - function supported($cmd) { - - $cmdlist = array('MessageCommand', 'SubCommand', 'UnsubCommand', 'FavCommand', 'OnCommand', 'OffCommand'); - - if (in_array(get_class($cmd), $cmdlist)) { - return true; - } - - return false; - } + if ($in_reply_to_status_id) { + + // check whether notice actually exists + $reply = Notice::staticGet($in_reply_to_status_id); + + if ($reply) { + $reply_to = $in_reply_to_status_id; + } else { + $this->clientError(_('Not found'), $code = 404, $apidata['content-type']); + return; + } + } + + $notice = Notice::saveNew($user->id, html_entity_decode($status, ENT_NOQUOTES, 'UTF-8'), + $source, 1, $reply_to); + + if (is_string($notice)) { + $this->serverError($notice); + return; + } + + common_broadcast_notice($notice); + $apidata['api_arg'] = $notice->id; + } + + $this->show($args, $apidata); + } + + function replies($args, $apidata) + { + + parent::handle($args); + + $since = $this->arg('since'); + $count = $this->arg('count'); + $page = $this->arg('page'); + $since_id = $this->arg('since_id'); + $before_id = $this->arg('before_id'); + + $this->auth_user = $apidata['user']; + $user = $this->auth_user; + $profile = $user->getProfile(); + + $sitename = common_config('site', 'name'); + $siteserver = common_config('site', 'server'); + + $title = sprintf(_('%1$s / Updates replying to %2$s'), $sitename, $user->nickname); + $id = "tag:$siteserver:replies:".$user->id; + $link = common_local_url('replies', array('nickname' => $user->nickname)); + $subtitle = sprintf(_('%1$s updates that reply to updates from %2$s / %3$s.'), $sitename, $user->nickname, $profile->getBestName()); + + if (!$page) { + $page = 1; + } + + if (!$count) { + $count = 20; + } + + if (!$since_id) { + $since_id = 0; + } + + // NOTE: before_id is an extension to Twitter API -- TB + if (!$before_id) { + $before_id = 0; + } + + $since = strtotime($this->arg('since')); + + $notice = $user->getReplies((($page-1)*20), $count, $since_id, $before_id, $since); + $notices = array(); + + while ($notice->fetch()) { + $notices[] = clone($notice); + } + + switch($apidata['content-type']) { + case 'xml': + $this->show_xml_timeline($notices); + break; + case 'rss': + $this->show_rss_timeline($notices, $title, $link, $subtitle); + break; + case 'atom': + $this->show_atom_timeline($notices, $title, $id, $link, $subtitle); + break; + case 'json': + $this->show_json_timeline($notices); + break; + default: + $this->clientError(_('API method not found!'), $code = 404); + } + + } + + function show($args, $apidata) + { + parent::handle($args); + + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } + + $this->auth_user = $apidata['user']; + $notice_id = $apidata['api_arg']; + $notice = Notice::staticGet($notice_id); + + if ($notice) { + if ($apidata['content-type'] == 'xml') { + $this->show_single_xml_status($notice); + } elseif ($apidata['content-type'] == 'json') { + $this->show_single_json_status($notice); + } + } else { + // XXX: Twitter just sets a 404 header and doens't bother to return an err msg + $this->clientError(_('No status with that ID found.'), 404, $apidata['content-type']); + } + + } + + function destroy($args, $apidata) + { + + parent::handle($args); + + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } + + // Check for RESTfulness + if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { + // XXX: Twitter just prints the err msg, no XML / JSON. + $this->clientError(_('This method requires a POST or DELETE.'), 400, $apidata['content-type']); + return; + } + + $this->auth_user = $apidata['user']; + $user = $this->auth_user; + $notice_id = $apidata['api_arg']; + $notice = Notice::staticGet($notice_id); + + if (!$notice) { + $this->clientError(_('No status found with that ID.'), 404, $apidata['content-type']); + return; + } + + if ($user->id == $notice->profile_id) { + $replies = new Reply; + $replies->get('notice_id', $notice_id); + common_dequeue_notice($notice); + $replies->delete(); + $notice->delete(); + + if ($apidata['content-type'] == 'xml') { + $this->show_single_xml_status($notice); + } elseif ($apidata['content-type'] == 'json') { + $this->show_single_json_status($notice); + } + } else { + $this->clientError(_('You may not delete another user\'s status.'), 403, $apidata['content-type']); + } + + } + + function friends($args, $apidata) + { + parent::handle($args); + return $this->subscriptions($apidata, 'subscribed', 'subscriber'); + } + + function followers($args, $apidata) + { + parent::handle($args); + + return $this->subscriptions($apidata, 'subscriber', 'subscribed'); + } + + function subscriptions($apidata, $other_attr, $user_attr) + { + + # XXX: lite + + $this->auth_user = $apidate['user']; + $user = $this->get_user($apidata['api_arg'], $apidata); + + if (!$user) { + $this->clientError('Not Found', 404, $apidata['content-type']); + return; + } + + $page = $this->trimmed('page'); + + if (!$page || !is_numeric($page)) { + $page = 1; + } + + $profile = $user->getProfile(); + + if (!$profile) { + $this->serverError(_('User has no profile.')); + return; + } + + $sub = new Subscription(); + $sub->$user_attr = $profile->id; + + $since = strtotime($this->trimmed('since')); + + if ($since) { + $d = date('Y-m-d H:i:s', $since); + $sub->whereAdd("created > '$d'"); + } + + $sub->orderBy('created DESC'); + $sub->limit(($page-1)*100, 100); + + $others = array(); + + if ($sub->find()) { + while ($sub->fetch()) { + $others[] = Profile::staticGet($sub->$other_attr); + } + } else { + // user has no followers + } + + $type = $apidata['content-type']; + + $this->init_document($type); + $this->show_profiles($others, $type); + $this->end_document($type); + } + + function show_profiles($profiles, $type) + { + switch ($type) { + case 'xml': + $this->elementStart('users', array('type' => 'array')); + foreach ($profiles as $profile) { + $this->show_profile($profile); + } + $this->elementEnd('users'); + break; + case 'json': + $arrays = array(); + foreach ($profiles as $profile) { + $arrays[] = $this->twitter_user_array($profile, true); + } + print json_encode($arrays); + break; + default: + $this->clientError(_('unsupported file type')); + } + } + + function featured($args, $apidata) + { + parent::handle($args); + $this->serverError(_('API method under construction.'), $code=501); + } + + function supported($cmd) + { + + $cmdlist = array('MessageCommand', 'SubCommand', 'UnsubCommand', 'FavCommand', 'OnCommand', 'OffCommand'); + + if (in_array(get_class($cmd), $cmdlist)) { + return true; + } + + return false; + } } diff --git a/actions/twitapiusers.php b/actions/twitapiusers.php index 337ec91d1..8f16e5613 100644 --- a/actions/twitapiusers.php +++ b/actions/twitapiusers.php @@ -10,28 +10,30 @@ * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. + * along with this program. If not, see <http://www.gnu.org/licenses/>. */ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/twitterapi.php'); -class TwitapiusersAction extends TwitterapiAction { +class TwitapiusersAction extends TwitterapiAction +{ - function show($args, $apidata) { - parent::handle($args); + function show($args, $apidata) + { + parent::handle($args); - if (!in_array($apidata['content-type'], array('xml', 'json'))) { - common_user_error(_('API method not found!'), $code = 404); - return; - } + if (!in_array($apidata['content-type'], array('xml', 'json'))) { + $this->clientError(_('API method not found!'), $code = 404); + return; + } - $this->auth_user = $apidata['user']; + $this->auth_user = $apidata['user']; $user = null; $email = $this->arg('email'); diff --git a/actions/twittersettings.php b/actions/twittersettings.php index ae3aff877..efc8215cd 100644 --- a/actions/twittersettings.php +++ b/actions/twittersettings.php @@ -1,9 +1,12 @@ <?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. +/** + * Laconica, the distributed open-source microblogging tool * - * This program is free software: you can redistribute it and/or modify + * Settings for Twitter integration + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. @@ -15,364 +18,481 @@ * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/settingsaction.php'); +require_once INSTALLDIR.'/lib/connectsettingsaction.php'; define('SUBSCRIPTIONS', 80); -class TwittersettingsAction extends SettingsAction { - - function get_instructions() { - return _('Add your Twitter account to automatically send your notices to Twitter, ' . - 'and subscribe to Twitter friends already here.'); - } - - function show_form($msg=NULL, $success=false) { - $user = common_current_user(); - $profile = $user->getProfile(); - $fuser = NULL; - $flink = Foreign_link::getByUserID($user->id, 1); // 1 == Twitter - - if ($flink) { - $fuser = $flink->getForeignUser(); - } - - $this->form_header(_('Twitter settings'), $msg, $success); - common_element_start('form', array('method' => 'post', - 'id' => 'twittersettings', - 'action' => - common_local_url('twittersettings'))); - common_hidden('token', common_session_token()); - - common_element('h2', NULL, _('Twitter Account')); - - if ($fuser) { - common_element_start('p'); - - common_element('span', 'twitter_user', $fuser->nickname); - common_element('a', array('href' => $fuser->uri), $fuser->uri); - common_element('span', 'input_instructions', - _('Current verified Twitter account.')); - common_hidden('flink_foreign_id', $flink->foreign_id); - common_element_end('p'); - common_submit('remove', _('Remove')); - } else { - common_input('twitter_username', _('Twitter user name'), - ($this->arg('twitter_username')) ? $this->arg('twitter_username') : $profile->nickname, - _('No spaces, please.')); // hey, it's what Twitter says - - common_password('twitter_password', _('Twitter password')); - } - - common_element('h2', NULL, _('Preferences')); - - common_checkbox('noticesync', _('Automatically send my notices to Twitter.'), - ($flink) ? ($flink->noticesync & FOREIGN_NOTICE_SEND) : true); - - common_checkbox('replysync', _('Send local "@" replies to Twitter.'), - ($flink) ? ($flink->noticesync & FOREIGN_NOTICE_SEND_REPLY) : true); - - common_checkbox('friendsync', _('Subscribe to my Twitter friends here.'), - ($flink) ? ($flink->friendsync & FOREIGN_FRIEND_RECV) : false); - - if ($flink) { - common_submit('save', _('Save')); - } else { - common_submit('add', _('Add')); - } - - $this->show_twitter_subscriptions(); - - common_element_end('form'); - - common_show_footer(); - } - - function subscribed_twitter_users() { - - $current_user = common_current_user(); - - $qry = 'SELECT user.* ' . - 'FROM subscription ' . - 'JOIN user ON subscription.subscribed = user.id ' . - 'JOIN foreign_link ON foreign_link.user_id = user.id ' . - 'WHERE subscriber = %d ' . - 'ORDER BY user.nickname'; - - $user = new User(); - - $user->query(sprintf($qry, $current_user->id)); - - $users = array(); - - while ($user->fetch()) { - - // Don't include the user's own self-subscription - if ($user->id != $current_user->id) { - $users[] = clone($user); - } - } - - return $users; - } - - function show_twitter_subscriptions() { - - $friends = $this->subscribed_twitter_users(); - $friends_count = count($friends); - - if ($friends_count > 0) { - - common_element('h3', NULL, _('Twitter Friends')); - common_element_start('div', array('id' => 'subscriptions')); - common_element_start('ul', array('id' => 'subscriptions_avatars')); - - for ($i = 0; $i < min($friends_count, SUBSCRIPTIONS); $i++) { - - $other = Profile::staticGet($friends[$i]->id); - - if (!$other) { - common_log_db_error($subs, 'SELECT', __FILE__); - continue; - } - - common_element_start('li'); - common_element_start('a', array('title' => ($other->fullname) ? - $other->fullname : - $other->nickname, - 'href' => $other->profileurl, - 'rel' => 'contact', - 'class' => 'subscription')); - $avatar = $other->getAvatar(AVATAR_MINI_SIZE); - common_element('img', array('src' => (($avatar) ? common_avatar_display_url($avatar) : common_default_avatar(AVATAR_MINI_SIZE)), - 'width' => AVATAR_MINI_SIZE, - 'height' => AVATAR_MINI_SIZE, - 'class' => 'avatar mini', - 'alt' => ($other->fullname) ? - $other->fullname : - $other->nickname)); - common_element_end('a'); - common_element_end('li'); - - } - - common_element_end('ul'); - common_element_end('div'); - - } - - // XXX Figure out a way to show all Twitter friends... ? - - /* - if ($subs_count > SUBSCRIPTIONS) { - common_element_start('p', array('id' => 'subscriptions_viewall')); - - common_element('a', array('href' => common_local_url('subscriptions', - array('nickname' => $profile->nickname)), - 'class' => 'moresubscriptions'), - _('All subscriptions')); - common_element_end('p'); - } - */ - - } - - function handle_post() { - - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('save')) { - $this->save_preferences(); - } else if ($this->arg('add')) { - $this->add_twitter_acct(); - } else if ($this->arg('remove')) { - $this->remove_twitter_acct(); - } else { - $this->show_form(_('Unexpected form submission.')); - } - } +/** + * Settings for Twitter integration + * + * @category Settings + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * + * @see SettingsAction + */ - function add_twitter_acct() { +class TwittersettingsAction extends ConnectSettingsAction +{ + /** + * Title of the page + * + * @return string Title of the page + */ + + function title() + { + _('Twitter settings'); + } + + /** + * Instructions for use + * + * @return instructions for use + */ + + function getInstructions() + { + return _('Add your Twitter account to automatically send '. + ' your notices to Twitter, ' . + 'and subscribe to Twitter friends already here.'); + } + + /** + * Content area of the page + * + * Shows a form for associating a Twitter account with this + * Laconica account. Also lets the user set preferences. + * + * @return void + */ + + function showContent() + { + $user = common_current_user(); + + $profile = $user->getProfile(); + + $fuser = null; + + $flink = Foreign_link::getByUserID($user->id, 1); // 1 == Twitter + + if ($flink) { + $fuser = $flink->getForeignUser(); + } + + $this->elementStart('form', array('method' => 'post', + 'id' => 'form_settings_twitter', + 'class' => 'form_settings', + 'action' => + common_local_url('twittersettings'))); + $this->elementStart('fieldset', array('id' => 'settings_twitter_account')); + $this->element('legend', null, _('Twitter Account')); + $this->hidden('token', common_session_token()); + $this->elementStart('ul', 'form_data'); + if ($fuser) { + $this->elementStart('li'); + $this->element('span', 'twitter_user', $fuser->nickname); + $this->element('a', array('href' => $fuser->uri), $fuser->uri); + $this->element('p', 'form_guide', + _('Current verified Twitter account.')); + $this->hidden('flink_foreign_id', $flink->foreign_id); + $this->submit('remove', _('Remove')); + $this->elementEnd('li'); + } else { + $this->elementStart('li'); + $this->input('twitter_username', _('Twitter user name'), + ($this->arg('twitter_username')) ? + $this->arg('twitter_username') : + $profile->nickname, + _('No spaces, please.')); // hey, it's what Twitter says + $this->elementEnd('li'); + $this->elementStart('li'); + $this->password('twitter_password', _('Twitter password')); + $this->elementend('li'); + } + $this->elementEnd('ul'); + $this->elementEnd('fieldset'); + + $this->elementStart('fieldset', + array('id' => 'settings_twitter_preferences')); + $this->element('legend', null, _('Preferences')); + + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + $this->checkbox('noticesync', + _('Automatically send my notices to Twitter.'), + ($flink) ? + ($flink->noticesync & FOREIGN_NOTICE_SEND) : + true); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('replysync', + _('Send local "@" replies to Twitter.'), + ($flink) ? + ($flink->noticesync & FOREIGN_NOTICE_SEND_REPLY) : + true); + $this->elementEnd('li'); + $this->elementStart('li'); + $this->checkbox('friendsync', + _('Subscribe to my Twitter friends here.'), + ($flink) ? + ($flink->friendsync & FOREIGN_FRIEND_RECV) : + false); + $this->elementEnd('li'); + $this->elementEnd('ul'); + + if ($flink) { + $this->submit('save', _('Save')); + } else { + $this->submit('add', _('Add')); + } + $this->elementEnd('fieldset'); + + $this->showTwitterSubscriptions(); + + $this->elementEnd('form'); + } + + /** + * Gets some of the user's Twitter friends + * + * Gets the number of Twitter friends that are on this + * instance of Laconica. + * + * @return array array of User objects + */ + + function subscribedTwitterUsers() + { + + $current_user = common_current_user(); + + $qry = 'SELECT user.* ' . + 'FROM subscription ' . + 'JOIN user ON subscription.subscribed = user.id ' . + 'JOIN foreign_link ON foreign_link.user_id = user.id ' . + 'WHERE subscriber = %d ' . + 'ORDER BY user.nickname'; + + $user = new User(); + + $user->query(sprintf($qry, $current_user->id)); + + $users = array(); + + while ($user->fetch()) { + + // Don't include the user's own self-subscription + if ($user->id != $current_user->id) { + $users[] = clone($user); + } + } + + return $users; + } + + /** + * Show user's Twitter friends + * + * Gets the number of Twitter friends that are on this + * instance of Laconica, and shows their mini-avatars. + * + * @return void + */ + + function showTwitterSubscriptions() + { + + $friends = $this->subscribedTwitterUsers(); + + $friends_count = count($friends); + + if ($friends_count > 0) { + + $this->element('h3', null, _('Twitter Friends')); + $this->elementStart('div', array('id' => 'subscriptions')); + $this->elementStart('ul', array('id' => 'subscriptions_avatars')); + + for ($i = 0; $i < min($friends_count, SUBSCRIPTIONS); $i++) { + + $other = Profile::staticGet($friends[$i]->id); + + if (!$other) { + common_log_db_error($subs, 'SELECT', __FILE__); + continue; + } + + $this->elementStart('li'); + $this->elementStart('a', array('title' => ($other->fullname) ? + $other->fullname : + $other->nickname, + 'href' => $other->profileurl, + 'rel' => 'contact', + 'class' => 'subscription')); + + $avatar = $other->getAvatar(AVATAR_MINI_SIZE); + + $avatar_url = ($avatar) ? + common_avatar_display_url($avatar) : + common_default_avatar(AVATAR_MINI_SIZE); + + $this->element('img', array('src' => $avatar_url, + 'width' => AVATAR_MINI_SIZE, + 'height' => AVATAR_MINI_SIZE, + 'class' => 'avatar mini', + 'alt' => ($other->fullname) ? + $other->fullname : + $other->nickname)); + $this->elementEnd('a'); + $this->elementEnd('li'); + + } + + $this->elementEnd('ul'); + $this->elementEnd('div'); + + } + } + + /** + * Handle posts to this form + * + * Based on the button that was pressed, muxes out to other functions + * to do the actual task requested. + * + * All sub-functions reload the form with a message -- success or failure. + * + * @return void + */ + + function handlePost() + { + + // CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->showForm(_('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + + if ($this->arg('save')) { + $this->savePreferences(); + } else if ($this->arg('add')) { + $this->addTwitterAccount(); + } else if ($this->arg('remove')) { + $this->removeTwitterAccount(); + } else { + $this->showForm(_('Unexpected form submission.')); + } + } + + /** + * Associate a Twitter account with the user's account + * + * Validates post input; verifies it against Twitter; and if + * successful stores in the database. + * + * @return void + */ + + function addTwitterAccount() + { + $screen_name = $this->trimmed('twitter_username'); + $password = $this->trimmed('twitter_password'); + $noticesync = $this->boolean('noticesync'); + $replysync = $this->boolean('replysync'); + $friendsync = $this->boolean('friendsync'); + + if (!Validate::string($screen_name, + array('min_length' => 1, + 'max_length' => 15, + 'format' => VALIDATE_NUM.VALIDATE_ALPHA.'_'))) { + $this->showForm(_('Username must have only numbers, '. + 'upper- and lowercase letters, '. + 'and underscore (_). 15 chars max.')); + return; + } + + if (!$this->verifyCredentials($screen_name, $password)) { + $this->showForm(_('Could not verify your Twitter credentials!')); + return; + } + + $twit_user = twitter_user_info($screen_name, $password); + + if (!$twit_user) { + $this->showForm(sprintf(_('Unable to retrieve account information '. + 'For "%s" from Twitter.'), + $screen_name)); + return; + } + + if (!save_twitter_user($twit_user->id, $screen_name)) { + $this->showForm(_('Unable to save your Twitter settings!')); + return; + } + + $user = common_current_user(); + + $flink = new Foreign_link(); + + $flink->user_id = $user->id; + $flink->foreign_id = $twit_user->id; + $flink->service = 1; // Twitter + $flink->credentials = $password; + $flink->created = common_sql_now(); + + $flink->set_flags($noticesync, $replysync, $friendsync); + + $flink_id = $flink->insert(); + + if (!$flink_id) { + common_log_db_error($flink, 'INSERT', __FILE__); + $this->showForm(_('Unable to save your Twitter settings!')); + return; + } + + if ($friendsync) { + save_twitter_friends($user, $twit_user->id, $screen_name, $password); + } + + $this->showForm(_('Twitter settings saved.'), true); + } + + /** + * Disassociate an existing Twitter account from this account + * + * @return void + */ + + function removeTwitterAccount() + { + $user = common_current_user(); + + $flink = Foreign_link::getByUserID($user->id, 1); + + $flink_foreign_id = $this->arg('flink_foreign_id'); + + // Maybe an old tab open...? + if ($flink->foreign_id != $flink_foreign_id) { + $this->showForm(_('That is not your Twitter account.')); + return; + } + + $result = $flink->delete(); + + if (!$result) { + common_log_db_error($flink, 'DELETE', __FILE__); + $this->serverError(_('Couldn\'t remove Twitter user.')); + return; + } + + $this->showForm(_('Twitter account removed.'), true); + } - $screen_name = $this->trimmed('twitter_username'); - $password = $this->trimmed('twitter_password'); - $noticesync = $this->boolean('noticesync'); - $replysync = $this->boolean('replysync'); - $friendsync = $this->boolean('friendsync'); - - if (!Validate::string($screen_name, - array( 'min_length' => 1, - 'max_length' => 15, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA . '_'))) { - $this->show_form( - _('Username must have only numbers, upper- and lowercase letters, and underscore (_). 15 chars max.')); - return; - } - - if (!$this->verify_credentials($screen_name, $password)) { - $this->show_form(_('Could not verify your Twitter credentials!')); - return; - } - - $twit_user = twitter_user_info($screen_name, $password); - - if (!$twit_user) { - $this->show_form(sprintf(_('Unable to retrieve account information for "%s" from Twitter.'), - $screen_name)); - return; - } - - if (!save_twitter_user($twit_user->id, $screen_name)) { - $this->show_form(_('Unable to save your Twitter settings!')); - return; - } - - $user = common_current_user(); - - $flink = DB_DataObject::factory('foreign_link'); - $flink->user_id = $user->id; - $flink->foreign_id = $twit_user->id; - $flink->service = 1; // Twitter - $flink->credentials = $password; - $flink->created = common_sql_now(); - - $this->set_flags($flink, $noticesync, $replysync, $friendsync); - - $flink_id = $flink->insert(); - - if (!$flink_id) { - common_log_db_error($flink, 'INSERT', __FILE__); - $this->show_form(_('Unable to save your Twitter settings!')); - return; - } + /** + * Save user's Twitter-bridging preferences + * + * @return void + */ - if ($friendsync) { - save_twitter_friends($user, $twit_user->id, $screen_name, $password); - } + function savePreferences() + { + $noticesync = $this->boolean('noticesync'); + $friendsync = $this->boolean('friendsync'); + $replysync = $this->boolean('replysync'); - $this->show_form(_('Twitter settings saved.'), true); - } + $user = common_current_user(); - function remove_twitter_acct() { - - $user = common_current_user(); - $flink = Foreign_link::getByUserID($user->id, 1); - $flink_foreign_id = $this->arg('flink_foreign_id'); - - # Maybe an old tab open...? - if ($flink->foreign_id != $flink_foreign_id) { - $this->show_form(_('That is not your Twitter account.')); - return; - } - - $result = $flink->delete(); - - if (!$result) { - common_log_db_error($flink, 'DELETE', __FILE__); - common_server_error(_('Couldn\'t remove Twitter user.')); - return; - } - - $this->show_form(_('Twitter account removed.'), TRUE); - } - - function save_preferences() { - - $noticesync = $this->boolean('noticesync'); - $friendsync = $this->boolean('friendsync'); - $replysync = $this->boolean('replysync'); - - $user = common_current_user(); - - $flink = Foreign_link::getByUserID($user->id, 1); + $flink = Foreign_link::getByUserID($user->id, 1); - if (!$flink) { - common_log_db_error($flink, 'SELECT', __FILE__); - $this->show_form(_('Couldn\'t save Twitter preferences.')); - return; - } + if (!$flink) { + common_log_db_error($flink, 'SELECT', __FILE__); + $this->showForm(_('Couldn\'t save Twitter preferences.')); + return; + } - $twitter_id = $flink->foreign_id; - $password = $flink->credentials; + $twitter_id = $flink->foreign_id; + $password = $flink->credentials; - $fuser = $flink->getForeignUser(); + $fuser = $flink->getForeignUser(); - if (!$fuser) { - common_log_db_error($fuser, 'SELECT', __FILE__); - $this->show_form(_('Couldn\'t save Twitter preferences.')); - return; - } + if (!$fuser) { + common_log_db_error($fuser, 'SELECT', __FILE__); + $this->showForm(_('Couldn\'t save Twitter preferences.')); + return; + } - $screen_name = $fuser->nickname; + $screen_name = $fuser->nickname; - $original = clone($flink); - $this->set_flags($flink, $noticesync, $replysync, $friendsync); - $result = $flink->update($original); + $original = clone($flink); - if ($result === FALSE) { - common_log_db_error($flink, 'UPDATE', __FILE__); - $this->show_form(_('Couldn\'t save Twitter preferences.')); - return; - } + $flink->set_flags($noticesync, $replysync, $friendsync); - if ($friendsync) { - save_twitter_friends($user, $flink->foreign_id, $screen_name, $password); - } + $result = $flink->update($original); - $this->show_form(_('Twitter preferences saved.')); - } + if ($result === false) { + common_log_db_error($flink, 'UPDATE', __FILE__); + $this->showForm(_('Couldn\'t save Twitter preferences.')); + return; + } - function verify_credentials($screen_name, $password) { - $uri = 'http://twitter.com/account/verify_credentials.json'; - $data = get_twitter_data($uri, $screen_name, $password); + if ($friendsync) { + save_twitter_friends($user, $flink->foreign_id, $screen_name, $password); + } - if (!$data) { - return false; - } + $this->showForm(_('Twitter preferences saved.'), true); + } - $user = json_decode($data); + /** + * Verifies a username and password against Twitter's API + * + * @param string $screen_name Twitter user name + * @param string $password Twitter password + * + * @return boolean success flag + */ - if (!$user) { - return false; - } + function verifyCredentials($screen_name, $password) + { + $uri = 'http://twitter.com/account/verifyCredentials.json'; - $twitter_id = $user->status->id; + $data = get_twitter_data($uri, $screen_name, $password); - if ($twitter_id) { - return $twitter_id; - } + if (!$data) { + return false; + } - return false; - } + $user = json_decode($data); - function set_flags(&$flink, $noticesync, $replysync, $friendsync) { - if ($noticesync) { - $flink->noticesync |= FOREIGN_NOTICE_SEND; - } else { - $flink->noticesync &= ~FOREIGN_NOTICE_SEND; - } + if (!$user) { + return false; + } - if ($replysync) { - $flink->noticesync |= FOREIGN_NOTICE_SEND_REPLY; - } else { - $flink->noticesync &= ~FOREIGN_NOTICE_SEND_REPLY; - } + $twitter_id = $user->id; - if ($friendsync) { - $flink->friendsync |= FOREIGN_FRIEND_RECV; - } else { - $flink->friendsync &= ~FOREIGN_FRIEND_RECV; - } + if ($twitter_id) { + return $twitter_id; + } - $flink->profilesync = 0; - } + return false; + } -}
\ No newline at end of file +} diff --git a/actions/unblock.php b/actions/unblock.php index d60cc7088..bad496353 100644 --- a/actions/unblock.php +++ b/actions/unblock.php @@ -1,5 +1,16 @@ <?php -/* +/** + * Unblock a user action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,63 +28,86 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -class UnblockAction extends Action { - - var $profile = NULL; - - function prepare($args) { +if (!defined('LACONICA')) { + exit(1); +} +/** + * Unblock a user action class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class UnblockAction extends Action +{ + var $profile = null; + + /** + * Take arguments for running + * + * @param array $args $_REQUEST args + * + * @return boolean success flag + */ + function prepare($args) + { parent::prepare($args); - if (!common_logged_in()) { - $this->client_error(_('Not logged in.')); + $this->clientError(_('Not logged in.')); return false; } - - $token = $this->trimmed('token'); - - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } - + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $this->clientError(_('There was a problem with your session token. Try again, please.')); + return; + } $id = $this->trimmed('unblockto'); - if (!$id) { - $this->client_error(_('No profile specified.')); + $this->clientError(_('No profile specified.')); return false; } - $this->profile = Profile::staticGet('id', $id); - if (!$this->profile) { - $this->client_error(_('No profile with that ID.')); + $this->clientError(_('No profile with that ID.')); return false; } - return true; } - function handle($args) { + /** + * Handle request + * + * Shows a page with list of favorite notices + * + * @param array $args $_REQUEST args; handled in prepare() + * + * @return void + */ + function handle($args) + { parent::handle($args); if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $this->unblock_profile(); + $this->unblockProfile(); } } - function unblock_profile() { - - $cur = common_current_user(); - + /** + * Unblock a user. + * + * @return void + */ + function unblockProfile() + { + $cur = common_current_user(); $result = $cur->unblock($this->profile); - if (!$result) { - $this->server_error(_('Error removing the block.')); + $this->serverError(_('Error removing the block.')); return; } - foreach ($this->args as $k => $v) { if ($k == 'returnto-action') { $action = $v; @@ -81,7 +115,6 @@ class UnblockAction extends Action { $args[substr($k, 9)] = $v; } } - if ($action) { common_redirect(common_local_url($action, $args)); } else { @@ -90,3 +123,4 @@ class UnblockAction extends Action { } } } + diff --git a/actions/unsubscribe.php b/actions/unsubscribe.php index 98291e897..f9dd6f821 100644 --- a/actions/unsubscribe.php +++ b/actions/unsubscribe.php @@ -17,64 +17,67 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -class UnsubscribeAction extends Action { +class UnsubscribeAction extends Action +{ - function handle($args) { - parent::handle($args); - if (!common_logged_in()) { - common_user_error(_('Not logged in.')); - return; - } + function handle($args) + { + parent::handle($args); + if (!common_logged_in()) { + $this->clientError(_('Not logged in.')); + return; + } - $user = common_current_user(); + $user = common_current_user(); - if ($_SERVER['REQUEST_METHOD'] != 'POST') { - common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname))); - return; - } + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname))); + return; + } - # CSRF protection + # CSRF protection - $token = $this->trimmed('token'); + $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->client_error(_('There was a problem with your session token. Try again, please.')); - return; - } + if (!$token || $token != common_session_token()) { + $this->clientError(_('There was a problem with your session token. Try again, please.')); + return; + } - $other_id = $this->arg('unsubscribeto'); + $other_id = $this->arg('unsubscribeto'); if (!$other_id) { - $this->client_error(_('No profile id in request.')); + $this->clientError(_('No profile id in request.')); return; } $other = Profile::staticGet('id', $other_id); if (!$other_id) { - $this->client_error(_('No profile with that id.')); + $this->clientError(_('No profile with that id.')); return; } - $result = subs_unsubscribe_to($user, $other); + $result = subs_unsubscribe_to($user, $other); - if ($result != true) { - common_user_error($result); - return; - } + if ($result != true) { + $this->clientError($result); + return; + } - if ($this->boolean('ajax')) { - common_start_html('text/xml;charset=utf-8', true); - common_element_start('head'); - common_element('title', null, _('Unsubscribed')); - common_element_end('head'); - common_element_start('body'); - common_subscribe_form($other); - common_element_end('body'); - common_element_end('html'); - } else { - common_redirect(common_local_url('subscriptions', array('nickname' => - $user->nickname))); + if ($this->boolean('ajax')) { + $this->startHTML('text/xml;charset=utf-8', true); + $this->elementStart('head'); + $this->element('title', null, _('Unsubscribed')); + $this->elementEnd('head'); + $this->elementStart('body'); + $subscribe = new SubscribeForm($this, $other); + $subscribe->show(); + $this->elementEnd('body'); + $this->elementEnd('html'); + } else { + common_redirect(common_local_url('subscriptions', array('nickname' => + $user->nickname))); } - } + } } diff --git a/actions/updateprofile.php b/actions/updateprofile.php index 921e88e63..c79112dac 100644 --- a/actions/updateprofile.php +++ b/actions/updateprofile.php @@ -21,154 +21,157 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/omb.php'); -class UpdateprofileAction extends Action { - - function handle($args) { - parent::handle($args); - try { - common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); - # Note: server-to-server function! - $server = omb_oauth_server(); - list($consumer, $token) = $server->verify_request($req); - if ($this->update_profile($req, $consumer, $token)) { - print "omb_version=".OMB_VERSION_01; - } - } catch (OAuthException $e) { - $this->server_error($e->getMessage()); - return; - } - } +class UpdateprofileAction extends Action +{ + + function handle($args) + { + parent::handle($args); + try { + common_remove_magic_from_request(); + $req = OAuthRequest::from_request(); + # Note: server-to-server function! + $server = omb_oauth_server(); + list($consumer, $token) = $server->verify_request($req); + if ($this->update_profile($req, $consumer, $token)) { + print "omb_version=".OMB_VERSION_01; + } + } catch (OAuthException $e) { + $this->serverError($e->getMessage()); + return; + } + } - function update_profile($req, $consumer, $token) { - $version = $req->get_parameter('omb_version'); - if ($version != OMB_VERSION_01) { - $this->client_error(_('Unsupported OMB version'), 400); - return false; - } - # First, check to see if listenee exists - $listenee = $req->get_parameter('omb_listenee'); - $remote = Remote_profile::staticGet('uri', $listenee); - if (!$remote) { - $this->client_error(_('Profile unknown'), 404); - return false; - } - # Second, check to see if they should be able to post updates! - # We see if there are any subscriptions to that remote user with - # the given token. + function update_profile($req, $consumer, $token) + { + $version = $req->get_parameter('omb_version'); + if ($version != OMB_VERSION_01) { + $this->clientError(_('Unsupported OMB version'), 400); + return false; + } + # First, check to see if listenee exists + $listenee = $req->get_parameter('omb_listenee'); + $remote = Remote_profile::staticGet('uri', $listenee); + if (!$remote) { + $this->clientError(_('Profile unknown'), 404); + return false; + } + # Second, check to see if they should be able to post updates! + # We see if there are any subscriptions to that remote user with + # the given token. - $sub = new Subscription(); - $sub->subscribed = $remote->id; - $sub->token = $token->key; - if (!$sub->find(true)) { - $this->client_error(_('You did not send us that profile'), 403); - return false; - } + $sub = new Subscription(); + $sub->subscribed = $remote->id; + $sub->token = $token->key; + if (!$sub->find(true)) { + $this->clientError(_('You did not send us that profile'), 403); + return false; + } - $profile = Profile::staticGet('id', $remote->id); - if (!$profile) { - # This one is our fault - $this->server_error(_('Remote profile with no matching profile'), 500); - return false; - } - $nickname = $req->get_parameter('omb_listenee_nickname'); - if ($nickname && !Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - $this->client_error(_('Nickname must have only lowercase letters and numbers and no spaces.')); - return false; - } - $license = $req->get_parameter('omb_listenee_license'); - if ($license && !common_valid_http_url($license)) { - $this->client_error(sprintf(_("Invalid license URL '%s'"), $license)); - return false; - } - $profile_url = $req->get_parameter('omb_listenee_profile'); - if ($profile_url && !common_valid_http_url($profile_url)) { - $this->client_error(sprintf(_("Invalid profile URL '%s'."), $profile_url)); - return false; - } - # optional stuff - $fullname = $req->get_parameter('omb_listenee_fullname'); - if ($fullname && strlen($fullname) > 255) { - $this->client_error(_("Full name is too long (max 255 chars).")); - return false; - } - $homepage = $req->get_parameter('omb_listenee_homepage'); - if ($homepage && (!common_valid_http_url($homepage) || strlen($homepage) > 255)) { - $this->client_error(sprintf(_("Invalid homepage '%s'"), $homepage)); - return false; - } - $bio = $req->get_parameter('omb_listenee_bio'); - if ($bio && strlen($bio) > 140) { - $this->client_error(_("Bio is too long (max 140 chars).")); - return false; - } - $location = $req->get_parameter('omb_listenee_location'); - if ($location && strlen($location) > 255) { - $this->client_error(_("Location is too long (max 255 chars).")); - return false; - } - $avatar = $req->get_parameter('omb_listenee_avatar'); - if ($avatar) { - if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { - $this->client_error(sprintf(_("Invalid avatar URL '%s'"), $avatar)); - return false; - } - $size = @getimagesize($avatar); - if (!$size) { - $this->client_error(sprintf(_("Can't read avatar URL '%s'"), $avatar)); - return false; - } - if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) { - $this->client_error(sprintf(_("Wrong size image at '%s'"), $avatar)); - return false; - } - if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, - IMAGETYPE_PNG))) { - $this->client_error(sprintf(_("Wrong image type for '%s'"), $avatar)); - return false; - } - } + $profile = Profile::staticGet('id', $remote->id); + if (!$profile) { + # This one is our fault + $this->serverError(_('Remote profile with no matching profile'), 500); + return false; + } + $nickname = $req->get_parameter('omb_listenee_nickname'); + if ($nickname && !Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { + $this->clientError(_('Nickname must have only lowercase letters and numbers and no spaces.')); + return false; + } + $license = $req->get_parameter('omb_listenee_license'); + if ($license && !common_valid_http_url($license)) { + $this->clientError(sprintf(_("Invalid license URL '%s'"), $license)); + return false; + } + $profile_url = $req->get_parameter('omb_listenee_profile'); + if ($profile_url && !common_valid_http_url($profile_url)) { + $this->clientError(sprintf(_("Invalid profile URL '%s'."), $profile_url)); + return false; + } + # optional stuff + $fullname = $req->get_parameter('omb_listenee_fullname'); + if ($fullname && strlen($fullname) > 255) { + $this->clientError(_("Full name is too long (max 255 chars).")); + return false; + } + $homepage = $req->get_parameter('omb_listenee_homepage'); + if ($homepage && (!common_valid_http_url($homepage) || strlen($homepage) > 255)) { + $this->clientError(sprintf(_("Invalid homepage '%s'"), $homepage)); + return false; + } + $bio = $req->get_parameter('omb_listenee_bio'); + if ($bio && strlen($bio) > 140) { + $this->clientError(_("Bio is too long (max 140 chars).")); + return false; + } + $location = $req->get_parameter('omb_listenee_location'); + if ($location && strlen($location) > 255) { + $this->clientError(_("Location is too long (max 255 chars).")); + return false; + } + $avatar = $req->get_parameter('omb_listenee_avatar'); + if ($avatar) { + if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { + $this->clientError(sprintf(_("Invalid avatar URL '%s'"), $avatar)); + return false; + } + $size = @getimagesize($avatar); + if (!$size) { + $this->clientError(sprintf(_("Can't read avatar URL '%s'"), $avatar)); + return false; + } + if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) { + $this->clientError(sprintf(_("Wrong size image at '%s'"), $avatar)); + return false; + } + if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, + IMAGETYPE_PNG))) { + $this->clientError(sprintf(_("Wrong image type for '%s'"), $avatar)); + return false; + } + } - $orig_profile = clone($profile); + $orig_profile = clone($profile); - if ($nickname) { - $profile->nickname = $nickname; - } - if ($profile_url) { - $profile->profileurl = $profile_url; - } - if ($fullname) { - $profile->fullname = $fullname; - } - if ($homepage) { - $profile->homepage = $homepage; - } - if ($bio) { - $profile->bio = $bio; - } - if ($location) { - $profile->location = $location; - } + if ($nickname) { + $profile->nickname = $nickname; + } + if ($profile_url) { + $profile->profileurl = $profile_url; + } + if ($fullname) { + $profile->fullname = $fullname; + } + if ($homepage) { + $profile->homepage = $homepage; + } + if ($bio) { + $profile->bio = $bio; + } + if ($location) { + $profile->location = $location; + } - if (!$profile->update($orig_profile)) { - $this->server_error(_('Could not save new profile info'), 500); - return false; - } else { - if ($avatar) { - $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar'); - copy($avatar, $temp_filename); - if (!$profile->setOriginal($temp_filename)) { - $this->server_error(_('Could not save avatar info'), 500); - return false; - } - } - header('HTTP/1.1 200 OK'); - header('Content-type: text/plain'); - print 'Updated profile'; - print "\n"; - return true; - } - } + if (!$profile->update($orig_profile)) { + $this->serverError(_('Could not save new profile info'), 500); + return false; + } else { + if ($avatar) { + $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar'); + copy($avatar, $temp_filename); + if (!$profile->setOriginal($temp_filename)) { + $this->serverError(_('Could not save avatar info'), 500); + return false; + } + } + header('HTTP/1.1 200 OK'); + header('Content-type: text/plain'); + print 'Updated profile'; + print "\n"; + return true; + } + } } diff --git a/actions/userauthorization.php b/actions/userauthorization.php index ac0a0728c..ed62f640c 100644 --- a/actions/userauthorization.php +++ b/actions/userauthorization.php @@ -22,558 +22,579 @@ if (!defined('LACONICA')) { exit(1); } require_once(INSTALLDIR.'/lib/omb.php'); define('TIMESTAMP_THRESHOLD', 300); -class UserauthorizationAction extends Action { - - function handle($args) { - parent::handle($args); - - if ($_SERVER['REQUEST_METHOD'] == 'POST') { - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $req = $this->get_stored_request(); - $this->show_form(_('There was a problem with your session token. Try again, please.'), $req); - return; - } - # We've shown the form, now post user's choice - $this->send_authorization(); - } else { - if (!common_logged_in()) { - # Go log in, and then come back - common_debug('saving URL for returnto', __FILE__); - common_set_returnto($_SERVER['REQUEST_URI']); - - common_debug('redirecting to login', __FILE__); - common_redirect(common_local_url('login')); - return; - } - try { - # this must be a new request - common_debug('getting new request', __FILE__); - $req = $this->get_new_request(); - if (!$req) { - $this->client_error(_('No request found!')); - } - common_debug('validating request', __FILE__); - # XXX: only validate new requests, since nonce is one-time use - $this->validate_request($req); - common_debug('showing form', __FILE__); - $this->store_request($req); - $this->show_form($req); - } catch (OAuthException $e) { - $this->clear_request(); - $this->client_error($e->getMessage()); - return; - } - - } - } - - function show_form($req) { - - $nickname = $req->get_parameter('omb_listenee_nickname'); - $profile = $req->get_parameter('omb_listenee_profile'); - $license = $req->get_parameter('omb_listenee_license'); - $fullname = $req->get_parameter('omb_listenee_fullname'); - $homepage = $req->get_parameter('omb_listenee_homepage'); - $bio = $req->get_parameter('omb_listenee_bio'); - $location = $req->get_parameter('omb_listenee_location'); - $avatar = $req->get_parameter('omb_listenee_avatar'); - - common_show_header(_('Authorize subscription')); - common_element('p', NULL, _('Please check these details to make sure '. - 'that you want to subscribe to this user\'s notices. '. - 'If you didn\'t just ask to subscribe to someone\'s notices, '. - 'click "Cancel".')); - common_element_start('div', 'profile'); - if ($avatar) { - common_element('img', array('src' => $avatar, - 'class' => 'avatar profile', - 'width' => AVATAR_PROFILE_SIZE, - 'height' => AVATAR_PROFILE_SIZE, - 'alt' => $nickname)); - } - common_element('a', array('href' => $profile, - 'class' => 'external profile nickname'), - $nickname); - if ($fullname) { - common_element_start('div', 'fullname'); - if ($homepage) { - common_element('a', array('href' => $homepage), - $fullname); - } else { - common_text($fullname); - } - common_element_end('div'); - } - if ($location) { - common_element('div', 'location', $location); - } - if ($bio) { - common_element('div', 'bio', $bio); - } - common_element_start('div', 'license'); - common_element('a', array('href' => $license, - 'class' => 'license'), - $license); - common_element_end('div'); - common_element_end('div'); - common_element_start('form', array('method' => 'post', - 'id' => 'userauthorization', - 'name' => 'userauthorization', - 'action' => common_local_url('userauthorization'))); - common_hidden('token', common_session_token()); - common_submit('accept', _('Accept')); - common_submit('reject', _('Reject')); - common_element_end('form'); - common_show_footer(); - } - - function send_authorization() { - $req = $this->get_stored_request(); - - if (!$req) { - common_user_error(_('No authorization request!')); - return; - } - - $callback = $req->get_parameter('oauth_callback'); - - if ($this->arg('accept')) { - if (!$this->authorize_token($req)) { - $this->client_error(_('Error authorizing token')); - } - if (!$this->save_remote_profile($req)) { - $this->client_error(_('Error saving remote profile')); - } - if (!$callback) { - $this->show_accept_message($req->get_parameter('oauth_token')); - } else { - $params = array(); - $params['oauth_token'] = $req->get_parameter('oauth_token'); - $params['omb_version'] = OMB_VERSION_01; - $user = User::staticGet('uri', $req->get_parameter('omb_listener')); - $profile = $user->getProfile(); - if (!$profile) { - common_log_db_error($user, 'SELECT', __FILE__); - $this->server_error(_('User without matching profile')); - return; - } - $params['omb_listener_nickname'] = $user->nickname; - $params['omb_listener_profile'] = common_local_url('showstream', - array('nickname' => $user->nickname)); - if ($profile->fullname) { - $params['omb_listener_fullname'] = $profile->fullname; - } - if ($profile->homepage) { - $params['omb_listener_homepage'] = $profile->homepage; - } - if ($profile->bio) { - $params['omb_listener_bio'] = $profile->bio; - } - if ($profile->location) { - $params['omb_listener_location'] = $profile->location; - } - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - if ($avatar) { - $params['omb_listener_avatar'] = $avatar->url; - } - $parts = array(); - foreach ($params as $k => $v) { - $parts[] = $k . '=' . OAuthUtil::urlencodeRFC3986($v); - } - $query_string = implode('&', $parts); - $parsed = parse_url($callback); - $url = $callback . (($parsed['query']) ? '&' : '?') . $query_string; - common_redirect($url, 303); - } - } else { - if (!$callback) { - $this->show_reject_message(); - } else { - # XXX: not 100% sure how to signal failure... just redirect without token? - common_redirect($callback, 303); - } - } - } - - function authorize_token(&$req) { - $consumer_key = $req->get_parameter('oauth_consumer_key'); - $token_field = $req->get_parameter('oauth_token'); - common_debug('consumer key = "'.$consumer_key.'"', __FILE__); - common_debug('token field = "'.$token_field.'"', __FILE__); - $rt = new Token(); - $rt->consumer_key = $consumer_key; - $rt->tok = $token_field; - $rt->type = 0; - $rt->state = 0; - common_debug('request token to look up: "'.print_r($rt,TRUE).'"'); - if ($rt->find(true)) { - common_debug('found request token to authorize', __FILE__); - $orig_rt = clone($rt); - $rt->state = 1; # Authorized but not used - if ($rt->update($orig_rt)) { - common_debug('updated request token so it is authorized', __FILE__); - return true; - } - } - return FALSE; - } - - # XXX: refactor with similar code in finishremotesubscribe.php - - function save_remote_profile(&$req) { - # FIXME: we should really do this when the consumer comes - # back for an access token. If they never do, we've got stuff in a - # weird state. - - $nickname = $req->get_parameter('omb_listenee_nickname'); - $fullname = $req->get_parameter('omb_listenee_fullname'); - $profile_url = $req->get_parameter('omb_listenee_profile'); - $homepage = $req->get_parameter('omb_listenee_homepage'); - $bio = $req->get_parameter('omb_listenee_bio'); - $location = $req->get_parameter('omb_listenee_location'); - $avatar_url = $req->get_parameter('omb_listenee_avatar'); - - $listenee = $req->get_parameter('omb_listenee'); - $remote = Remote_profile::staticGet('uri', $listenee); - - if ($remote) { - $exists = true; - $profile = Profile::staticGet($remote->id); - $orig_remote = clone($remote); - $orig_profile = clone($profile); - } else { - $exists = false; - $remote = new Remote_profile(); - $remote->uri = $listenee; - $profile = new Profile(); - } - - $profile->nickname = $nickname; - $profile->profileurl = $profile_url; - - if ($fullname) { - $profile->fullname = $fullname; - } - if ($homepage) { - $profile->homepage = $homepage; - } - if ($bio) { - $profile->bio = $bio; - } - if ($location) { - $profile->location = $location; - } - - if ($exists) { - $profile->update($orig_profile); - } else { - $profile->created = DB_DataObject_Cast::dateTime(); # current time - $id = $profile->insert(); - if (!$id) { - return FALSE; - } - $remote->id = $id; - } - - if ($exists) { - if (!$remote->update($orig_remote)) { - return FALSE; - } - } else { - $remote->created = DB_DataObject_Cast::dateTime(); # current time - if (!$remote->insert()) { - return FALSE; - } - } - - if ($avatar_url) { - if (!$this->add_avatar($profile, $avatar_url)) { - return FALSE; - } - } - - $user = common_current_user(); - $datastore = omb_oauth_datastore(); - $consumer = $this->get_consumer($datastore, $req); - $token = $this->get_token($datastore, $req, $consumer); - - $sub = new Subscription(); - $sub->subscriber = $user->id; - $sub->subscribed = $remote->id; - $sub->token = $token->key; # NOTE: request token, not valid for use! - $sub->created = DB_DataObject_Cast::dateTime(); # current time - - if (!$sub->insert()) { - return FALSE; - } - - return TRUE; - } - - function add_avatar($profile, $url) { - $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar'); - copy($url, $temp_filename); - return $profile->setOriginal($temp_filename); - } - - function show_accept_message($tok) { - common_show_header(_('Subscription authorized')); - common_element('p', NULL, - _('The subscription has been authorized, but no '. - 'callback URL was passed. Check with the site\'s instructions for '. - 'details on how to authorize the subscription. Your subscription token is:')); - common_element('blockquote', 'token', $tok); - common_show_footer(); - } - - function show_reject_message($tok) { - common_show_header(_('Subscription rejected')); - common_element('p', NULL, - _('The subscription has been rejected, but no '. - 'callback URL was passed. Check with the site\'s instructions for '. - 'details on how to fully reject the subscription.')); - common_show_footer(); - } - - function store_request($req) { - common_ensure_session(); - $_SESSION['userauthorizationrequest'] = $req; - } - - function clear_request() { - common_ensure_session(); - unset($_SESSION['userauthorizationrequest']); - } - - function get_stored_request() { - common_ensure_session(); - $req = $_SESSION['userauthorizationrequest']; - return $req; - } - - function get_new_request() { - common_remove_magic_from_request(); - $req = OAuthRequest::from_request(); - return $req; - } - - # Throws an OAuthException if anything goes wrong - - function validate_request(&$req) { - # OAuth stuff -- have to copy from OAuth.php since they're - # all private methods, and there's no user-authentication method - common_debug('checking version', __FILE__); - $this->check_version($req); - common_debug('getting datastore', __FILE__); - $datastore = omb_oauth_datastore(); - common_debug('getting consumer', __FILE__); - $consumer = $this->get_consumer($datastore, $req); - common_debug('getting token', __FILE__); - $token = $this->get_token($datastore, $req, $consumer); - common_debug('checking timestamp', __FILE__); - $this->check_timestamp($req); - common_debug('checking nonce', __FILE__); - $this->check_nonce($datastore, $req, $consumer, $token); - common_debug('checking signature', __FILE__); - $this->check_signature($req, $consumer, $token); - common_debug('validating omb stuff', __FILE__); - $this->validate_omb($req); - common_debug('done validating', __FILE__); - return true; - } - - function validate_omb(&$req) { - foreach (array('omb_version', 'omb_listener', 'omb_listenee', - 'omb_listenee_profile', 'omb_listenee_nickname', - 'omb_listenee_license') as $param) - { - if (!$req->get_parameter($param)) { - throw new OAuthException("Required parameter '$param' not found"); - } - } - # Now, OMB stuff - $version = $req->get_parameter('omb_version'); - if ($version != OMB_VERSION_01) { - throw new OAuthException("OpenMicroBlogging version '$version' not supported"); - } - $listener = $req->get_parameter('omb_listener'); - $user = User::staticGet('uri', $listener); - if (!$user) { - throw new OAuthException("Listener URI '$listener' not found here"); - } - $cur = common_current_user(); - if ($cur->id != $user->id) { - throw new OAuthException("Can't add for another user!"); - } - $listenee = $req->get_parameter('omb_listenee'); - if (!Validate::uri($listenee) && - !common_valid_tag($listenee)) { - throw new OAuthException("Listenee URI '$listenee' not a recognizable URI"); - } - if (strlen($listenee) > 255) { - throw new OAuthException("Listenee URI '$listenee' too long"); - } - - $other = User::staticGet('uri', $listenee); - if ($other) { - throw new OAuthException("Listenee URI '$listenee' is local user"); - } - - $remote = Remote_profile::staticGet('uri', $listenee); - if ($remote) { - $sub = new Subscription(); - $sub->subscriber = $user->id; - $sub->subscribed = $remote->id; - if ($sub->find(TRUE)) { - throw new OAuthException("Already subscribed to user!"); - } - } - $nickname = $req->get_parameter('omb_listenee_nickname'); - if (!Validate::string($nickname, array('min_length' => 1, - 'max_length' => 64, - 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { - throw new OAuthException('Nickname must have only letters and numbers and no spaces.'); - } - $profile = $req->get_parameter('omb_listenee_profile'); - if (!common_valid_http_url($profile)) { - throw new OAuthException("Invalid profile URL '$profile'."); - } - - if ($profile == common_local_url('showstream', array('nickname' => $nickname))) { - throw new OAuthException("Profile URL '$profile' is for a local user."); - } - - $license = $req->get_parameter('omb_listenee_license'); - if (!common_valid_http_url($license)) { - throw new OAuthException("Invalid license URL '$license'."); - } - $site_license = common_config('license', 'url'); - if (!common_compatible_license($license, $site_license)) { - throw new OAuthException("Listenee stream license '$license' not compatible with site license '$site_license'."); - } - # optional stuff - $fullname = $req->get_parameter('omb_listenee_fullname'); - if ($fullname && strlen($fullname) > 255) { - throw new OAuthException("Full name '$fullname' too long."); - } - $homepage = $req->get_parameter('omb_listenee_homepage'); - if ($homepage && (!common_valid_http_url($homepage) || strlen($homepage) > 255)) { - throw new OAuthException("Invalid homepage '$homepage'"); - } - $bio = $req->get_parameter('omb_listenee_bio'); - if ($bio && strlen($bio) > 140) { - throw new OAuthException("Bio too long '$bio'"); - } - $location = $req->get_parameter('omb_listenee_location'); - if ($location && strlen($location) > 255) { - throw new OAuthException("Location too long '$location'"); - } - $avatar = $req->get_parameter('omb_listenee_avatar'); - if ($avatar) { - if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { - throw new OAuthException("Invalid avatar URL '$avatar'"); - } - $size = @getimagesize($avatar); - if (!$size) { - throw new OAuthException("Can't read avatar URL '$avatar'"); - } - if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) { - throw new OAuthException("Wrong size image at '$avatar'"); - } - if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, - IMAGETYPE_PNG))) { - throw new OAuthException("Wrong image type for '$avatar'"); - } - } - $callback = $req->get_parameter('oauth_callback'); - if ($callback && !common_valid_http_url($callback)) { - throw new OAuthException("Invalid callback URL '$callback'"); - } - if ($callback && $callback == common_local_url('finishremotesubscribe')) { - throw new OAuthException("Callback URL '$callback' is for local site."); - } - } - - # Snagged from OAuthServer - - function check_version(&$req) { - $version = $req->get_parameter("oauth_version"); - if (!$version) { - $version = 1.0; - } - if ($version != 1.0) { - throw new OAuthException("OAuth version '$version' not supported"); - } - return $version; - } - - # Snagged from OAuthServer - - function get_consumer($datastore, $req) { - $consumer_key = @$req->get_parameter("oauth_consumer_key"); - if (!$consumer_key) { - throw new OAuthException("Invalid consumer key"); - } - - $consumer = $datastore->lookup_consumer($consumer_key); - if (!$consumer) { - throw new OAuthException("Invalid consumer"); - } - return $consumer; - } - - # Mostly cadged from OAuthServer - - function get_token($datastore, &$req, $consumer) {/*{{{*/ - $token_field = @$req->get_parameter('oauth_token'); - $token = $datastore->lookup_token($consumer, 'request', $token_field); - if (!$token) { - throw new OAuthException("Invalid $token_type token: $token_field"); - } - return $token; - } - - function check_timestamp(&$req) { - $timestamp = @$req->get_parameter('oauth_timestamp'); - $now = time(); - if ($now - $timestamp > TIMESTAMP_THRESHOLD) { - throw new OAuthException("Expired timestamp, yours $timestamp, ours $now"); - } - } - - # NOTE: don't call twice on the same request; will fail! - function check_nonce(&$datastore, &$req, $consumer, $token) { - $timestamp = @$req->get_parameter('oauth_timestamp'); - $nonce = @$req->get_parameter('oauth_nonce'); - $found = $datastore->lookup_nonce($consumer, $token, $nonce, $timestamp); - if ($found) { - throw new OAuthException("Nonce already used"); - } - return true; - } - - function check_signature(&$req, $consumer, $token) { - $signature_method = $this->get_signature_method($req); - $signature = $req->get_parameter('oauth_signature'); - $valid_sig = $signature_method->check_signature($req, - $consumer, - $token, - $signature); - if (!$valid_sig) { - throw new OAuthException("Invalid signature"); - } - } - - function get_signature_method(&$req) { - $signature_method = @$req->get_parameter("oauth_signature_method"); - if (!$signature_method) { - $signature_method = "PLAINTEXT"; - } - if ($signature_method != 'HMAC-SHA1') { - throw new OAuthException("Signature method '$signature_method' not supported."); - } - return omb_hmac_sha1(); - } +class UserauthorizationAction extends Action +{ + var $error; + var $req; + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + # CSRF protection + $token = $this->trimmed('token'); + if (!$token || $token != common_session_token()) { + $req = $this->getStoredRequest(); + $this->showForm($req, _('There was a problem with your session token. '. + 'Try again, please.')); + return; + } + # We've shown the form, now post user's choice + $this->sendAuthorization(); + } else { + if (!common_logged_in()) { + # Go log in, and then come back + common_set_returnto($_SERVER['REQUEST_URI']); + + common_redirect(common_local_url('login')); + return; + } + try { + # this must be a new request + $req = $this->getNewRequest(); + if (!$req) { + $this->clientError(_('No request found!')); + } + # XXX: only validate new requests, since nonce is one-time use + $this->validateRequest($req); + $this->storeRequest($req); + $this->showForm($req); + } catch (OAuthException $e) { + $this->clearRequest(); + $this->clientError($e->getMessage()); + return; + } + + } + } + + function showForm($req, $error=null) + { + $this->req = $req; + $this->error = $error; + $this->showPage(); + } + + function title() + { + return _('Authorize subscription'); + } + + function showPageNotice() + { + $this->element('p', null, _('Please check these details to make sure '. + 'that you want to subscribe to this user\'s notices. '. + 'If you didn\'t just ask to subscribe to someone\'s notices, '. + 'click "Cancel".')); + } + + function showContent() + { + $req = $this->req; + + $nickname = $req->get_parameter('omb_listenee_nickname'); + $profile = $req->get_parameter('omb_listenee_profile'); + $license = $req->get_parameter('omb_listenee_license'); + $fullname = $req->get_parameter('omb_listenee_fullname'); + $homepage = $req->get_parameter('omb_listenee_homepage'); + $bio = $req->get_parameter('omb_listenee_bio'); + $location = $req->get_parameter('omb_listenee_location'); + $avatar = $req->get_parameter('omb_listenee_avatar'); + + $this->elementStart('div', 'profile'); + if ($avatar) { + $this->element('img', array('src' => $avatar, + 'class' => 'avatar profile', + 'width' => AVATAR_PROFILE_SIZE, + 'height' => AVATAR_PROFILE_SIZE, + 'alt' => $nickname)); + } + $this->element('a', array('href' => $profile, + 'class' => 'external profile nickname'), + $nickname); + if ($fullname) { + $this->elementStart('div', 'fullname'); + if ($homepage) { + $this->element('a', array('href' => $homepage), + $fullname); + } else { + $this->text($fullname); + } + $this->elementEnd('div'); + } + if ($location) { + $this->element('div', 'location', $location); + } + if ($bio) { + $this->element('div', 'bio', $bio); + } + $this->elementStart('div', 'license'); + $this->element('a', array('href' => $license, + 'class' => 'license'), + $license); + $this->elementEnd('div'); + $this->elementEnd('div'); + $this->elementStart('form', array('method' => 'post', + 'id' => 'userauthorization', + 'name' => 'userauthorization', + 'action' => common_local_url('userauthorization'))); + $this->hidden('token', common_session_token()); + $this->submit('accept', _('Accept')); + $this->submit('reject', _('Reject')); + $this->elementEnd('form'); + } + + function sendAuthorization() + { + $req = $this->getStoredRequest(); + + if (!$req) { + $this->clientError(_('No authorization request!')); + return; + } + + $callback = $req->get_parameter('oauth_callback'); + + if ($this->arg('accept')) { + if (!$this->authorizeToken($req)) { + $this->clientError(_('Error authorizing token')); + } + if (!$this->saveRemoteProfile($req)) { + $this->clientError(_('Error saving remote profile')); + } + if (!$callback) { + $this->showAcceptMessage($req->get_parameter('oauth_token')); + } else { + $params = array(); + $params['oauth_token'] = $req->get_parameter('oauth_token'); + $params['omb_version'] = OMB_VERSION_01; + $user = User::staticGet('uri', $req->get_parameter('omb_listener')); + $profile = $user->getProfile(); + if (!$profile) { + common_log_db_error($user, 'SELECT', __FILE__); + $this->serverError(_('User without matching profile')); + return; + } + $params['omb_listener_nickname'] = $user->nickname; + $params['omb_listener_profile'] = common_local_url('showstream', + array('nickname' => $user->nickname)); + if ($profile->fullname) { + $params['omb_listener_fullname'] = $profile->fullname; + } + if ($profile->homepage) { + $params['omb_listener_homepage'] = $profile->homepage; + } + if ($profile->bio) { + $params['omb_listener_bio'] = $profile->bio; + } + if ($profile->location) { + $params['omb_listener_location'] = $profile->location; + } + $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); + if ($avatar) { + $params['omb_listener_avatar'] = $avatar->url; + } + $parts = array(); + foreach ($params as $k => $v) { + $parts[] = $k . '=' . OAuthUtil::urlencodeRFC3986($v); + } + $query_string = implode('&', $parts); + $parsed = parse_url($callback); + $url = $callback . (($parsed['query']) ? '&' : '?') . $query_string; + common_redirect($url, 303); + } + } else { + if (!$callback) { + $this->showRejectMessage(); + } else { + # XXX: not 100% sure how to signal failure... just redirect without token? + common_redirect($callback, 303); + } + } + } + + function authorizeToken(&$req) + { + $consumer_key = $req->get_parameter('oauth_consumer_key'); + $token_field = $req->get_parameter('oauth_token'); + $rt = new Token(); + $rt->consumer_key = $consumer_key; + $rt->tok = $token_field; + $rt->type = 0; + $rt->state = 0; + if ($rt->find(true)) { + $orig_rt = clone($rt); + $rt->state = 1; # Authorized but not used + if ($rt->update($orig_rt)) { + return true; + } + } + return false; + } + + # XXX: refactor with similar code in finishremotesubscribe.php + + function saveRemoteProfile(&$req) + { + # FIXME: we should really do this when the consumer comes + # back for an access token. If they never do, we've got stuff in a + # weird state. + + $nickname = $req->get_parameter('omb_listenee_nickname'); + $fullname = $req->get_parameter('omb_listenee_fullname'); + $profile_url = $req->get_parameter('omb_listenee_profile'); + $homepage = $req->get_parameter('omb_listenee_homepage'); + $bio = $req->get_parameter('omb_listenee_bio'); + $location = $req->get_parameter('omb_listenee_location'); + $avatar_url = $req->get_parameter('omb_listenee_avatar'); + + $listenee = $req->get_parameter('omb_listenee'); + $remote = Remote_profile::staticGet('uri', $listenee); + + if ($remote) { + $exists = true; + $profile = Profile::staticGet($remote->id); + $orig_remote = clone($remote); + $orig_profile = clone($profile); + } else { + $exists = false; + $remote = new Remote_profile(); + $remote->uri = $listenee; + $profile = new Profile(); + } + + $profile->nickname = $nickname; + $profile->profileurl = $profile_url; + + if ($fullname) { + $profile->fullname = $fullname; + } + if ($homepage) { + $profile->homepage = $homepage; + } + if ($bio) { + $profile->bio = $bio; + } + if ($location) { + $profile->location = $location; + } + + if ($exists) { + $profile->update($orig_profile); + } else { + $profile->created = DB_DataObject_Cast::dateTime(); # current time + $id = $profile->insert(); + if (!$id) { + return false; + } + $remote->id = $id; + } + + if ($exists) { + if (!$remote->update($orig_remote)) { + return false; + } + } else { + $remote->created = DB_DataObject_Cast::dateTime(); # current time + if (!$remote->insert()) { + return false; + } + } + + if ($avatar_url) { + if (!$this->addAvatar($profile, $avatar_url)) { + return false; + } + } + + $user = common_current_user(); + $datastore = omb_oauth_datastore(); + $consumer = $this->getConsumer($datastore, $req); + $token = $this->getToken($datastore, $req, $consumer); + + $sub = new Subscription(); + $sub->subscriber = $user->id; + $sub->subscribed = $remote->id; + $sub->token = $token->key; # NOTE: request token, not valid for use! + $sub->created = DB_DataObject_Cast::dateTime(); # current time + + if (!$sub->insert()) { + return false; + } + + return true; + } + + function addAvatar($profile, $url) + { + $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar'); + copy($url, $temp_filename); + return $profile->setOriginal($temp_filename); + } + + function showAcceptMessage($tok) + { + common_show_header(_('Subscription authorized')); + $this->element('p', null, + _('The subscription has been authorized, but no '. + 'callback URL was passed. Check with the site\'s instructions for '. + 'details on how to authorize the subscription. Your subscription token is:')); + $this->element('blockquote', 'token', $tok); + common_show_footer(); + } + + function showRejectMessage($tok) + { + common_show_header(_('Subscription rejected')); + $this->element('p', null, + _('The subscription has been rejected, but no '. + 'callback URL was passed. Check with the site\'s instructions for '. + 'details on how to fully reject the subscription.')); + common_show_footer(); + } + + function storeRequest($req) + { + common_ensure_session(); + $_SESSION['userauthorizationrequest'] = $req; + } + + function clearRequest() + { + common_ensure_session(); + unset($_SESSION['userauthorizationrequest']); + } + + function getStoredRequest() + { + common_ensure_session(); + $req = $_SESSION['userauthorizationrequest']; + return $req; + } + + function getNewRequest() + { + common_remove_magic_from_request(); + $req = OAuthRequest::from_request(); + return $req; + } + + # Throws an OAuthException if anything goes wrong + + function validateRequest(&$req) + { + # OAuth stuff -- have to copy from OAuth.php since they're + # all private methods, and there's no user-authentication method + $this->checkVersion($req); + $datastore = omb_oauth_datastore(); + $consumer = $this->getConsumer($datastore, $req); + $token = $this->getToken($datastore, $req, $consumer); + $this->checkTimestamp($req); + $this->checkNonce($datastore, $req, $consumer, $token); + $this->checkSignature($req, $consumer, $token); + $this->validateOmb($req); + return true; + } + + function validateOmb(&$req) + { + foreach (array('omb_version', 'omb_listener', 'omb_listenee', + 'omb_listenee_profile', 'omb_listenee_nickname', + 'omb_listenee_license') as $param) + { + if (!$req->get_parameter($param)) { + throw new OAuthException("Required parameter '$param' not found"); + } + } + # Now, OMB stuff + $version = $req->get_parameter('omb_version'); + if ($version != OMB_VERSION_01) { + throw new OAuthException("OpenMicroBlogging version '$version' not supported"); + } + $listener = $req->get_parameter('omb_listener'); + $user = User::staticGet('uri', $listener); + if (!$user) { + throw new OAuthException("Listener URI '$listener' not found here"); + } + $cur = common_current_user(); + if ($cur->id != $user->id) { + throw new OAuthException("Can't add for another user!"); + } + $listenee = $req->get_parameter('omb_listenee'); + if (!Validate::uri($listenee) && + !common_valid_tag($listenee)) { + throw new OAuthException("Listenee URI '$listenee' not a recognizable URI"); + } + if (strlen($listenee) > 255) { + throw new OAuthException("Listenee URI '$listenee' too long"); + } + + $other = User::staticGet('uri', $listenee); + if ($other) { + throw new OAuthException("Listenee URI '$listenee' is local user"); + } + + $remote = Remote_profile::staticGet('uri', $listenee); + if ($remote) { + $sub = new Subscription(); + $sub->subscriber = $user->id; + $sub->subscribed = $remote->id; + if ($sub->find(true)) { + throw new OAuthException("Already subscribed to user!"); + } + } + $nickname = $req->get_parameter('omb_listenee_nickname'); + if (!Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { + throw new OAuthException('Nickname must have only letters and numbers and no spaces.'); + } + $profile = $req->get_parameter('omb_listenee_profile'); + if (!common_valid_http_url($profile)) { + throw new OAuthException("Invalid profile URL '$profile'."); + } + + if ($profile == common_local_url('showstream', array('nickname' => $nickname))) { + throw new OAuthException("Profile URL '$profile' is for a local user."); + } + + $license = $req->get_parameter('omb_listenee_license'); + if (!common_valid_http_url($license)) { + throw new OAuthException("Invalid license URL '$license'."); + } + $site_license = common_config('license', 'url'); + if (!common_compatible_license($license, $site_license)) { + throw new OAuthException("Listenee stream license '$license' not compatible with site license '$site_license'."); + } + # optional stuff + $fullname = $req->get_parameter('omb_listenee_fullname'); + if ($fullname && strlen($fullname) > 255) { + throw new OAuthException("Full name '$fullname' too long."); + } + $homepage = $req->get_parameter('omb_listenee_homepage'); + if ($homepage && (!common_valid_http_url($homepage) || strlen($homepage) > 255)) { + throw new OAuthException("Invalid homepage '$homepage'"); + } + $bio = $req->get_parameter('omb_listenee_bio'); + if ($bio && strlen($bio) > 140) { + throw new OAuthException("Bio too long '$bio'"); + } + $location = $req->get_parameter('omb_listenee_location'); + if ($location && strlen($location) > 255) { + throw new OAuthException("Location too long '$location'"); + } + $avatar = $req->get_parameter('omb_listenee_avatar'); + if ($avatar) { + if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { + throw new OAuthException("Invalid avatar URL '$avatar'"); + } + $size = @getimagesize($avatar); + if (!$size) { + throw new OAuthException("Can't read avatar URL '$avatar'"); + } + if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) { + throw new OAuthException("Wrong size image at '$avatar'"); + } + if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, + IMAGETYPE_PNG))) { + throw new OAuthException("Wrong image type for '$avatar'"); + } + } + $callback = $req->get_parameter('oauth_callback'); + if ($callback && !common_valid_http_url($callback)) { + throw new OAuthException("Invalid callback URL '$callback'"); + } + if ($callback && $callback == common_local_url('finishremotesubscribe')) { + throw new OAuthException("Callback URL '$callback' is for local site."); + } + } + + # Snagged from OAuthServer + + function checkVersion(&$req) + { + $version = $req->get_parameter("oauth_version"); + if (!$version) { + $version = 1.0; + } + if ($version != 1.0) { + throw new OAuthException("OAuth version '$version' not supported"); + } + return $version; + } + + # Snagged from OAuthServer + + function getConsumer($datastore, $req) + { + $consumer_key = @$req->get_parameter("oauth_consumer_key"); + if (!$consumer_key) { + throw new OAuthException("Invalid consumer key"); + } + + $consumer = $datastore->lookup_consumer($consumer_key); + if (!$consumer) { + throw new OAuthException("Invalid consumer"); + } + return $consumer; + } + + # Mostly cadged from OAuthServer + + function getToken($datastore, &$req, $consumer) + {/*{{{*/ + $token_field = @$req->get_parameter('oauth_token'); + $token = $datastore->lookup_token($consumer, 'request', $token_field); + if (!$token) { + throw new OAuthException("Invalid $token_type token: $token_field"); + } + return $token; + } + + function checkTimestamp(&$req) + { + $timestamp = @$req->get_parameter('oauth_timestamp'); + $now = time(); + if ($now - $timestamp > TIMESTAMP_THRESHOLD) { + throw new OAuthException("Expired timestamp, yours $timestamp, ours $now"); + } + } + + # NOTE: don't call twice on the same request; will fail! + function checkNonce(&$datastore, &$req, $consumer, $token) + { + $timestamp = @$req->get_parameter('oauth_timestamp'); + $nonce = @$req->get_parameter('oauth_nonce'); + $found = $datastore->lookup_nonce($consumer, $token, $nonce, $timestamp); + if ($found) { + throw new OAuthException("Nonce already used"); + } + return true; + } + + function checkSignature(&$req, $consumer, $token) + { + $signature_method = $this->getSignatureMethod($req); + $signature = $req->get_parameter('oauth_signature'); + $valid_sig = $signature_method->check_signature($req, + $consumer, + $token, + $signature); + if (!$valid_sig) { + throw new OAuthException("Invalid signature"); + } + } + + function getSignatureMethod(&$req) + { + $signature_method = @$req->get_parameter("oauth_signature_method"); + if (!$signature_method) { + $signature_method = "PLAINTEXT"; + } + if ($signature_method != 'HMAC-SHA1') { + throw new OAuthException("Signature method '$signature_method' not supported."); + } + return omb_hmac_sha1(); + } } diff --git a/actions/userbyid.php b/actions/userbyid.php index 38bff2ede..1e30d1aac 100644 --- a/actions/userbyid.php +++ b/actions/userbyid.php @@ -1,5 +1,17 @@ <?php -/* + +/** + * User by ID action class. + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,33 +29,60 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -class UserbyidAction extends Action { - - function is_readonly() { - return true; - } - - function handle($args) { +/** + * User by ID action class. + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class UserbyidAction extends Action +{ + /** + * Is read only? + * + * @return boolean true + */ + function isReadOnly() + { + return true; + } + + /** + * Class handler. + * + * @param array $args array of arguments + * + * @return nothing + */ + function handle($args) + { parent::handle($args); $id = $this->trimmed('id'); if (!$id) { - $this->client_error(_('No id.')); - } - $user =& User::staticGet($id); - if (!$user) { - $this->client_error(_('No such user.')); + $this->clientError(_('No id.')); + } + $user =& User::staticGet($id); + if (!$user) { + $this->clientError(_('No such user.')); } // support redirecting to FOAF rdf/xml if the agent prefers it $page_prefs = 'application/rdf+xml,text/html,application/xhtml+xml,application/xml;q=0.3,text/xml;q=0.2'; - $httpaccept = isset($_SERVER['HTTP_ACCEPT']) ? $_SERVER['HTTP_ACCEPT'] : NULL; - $type = common_negotiate_type(common_accept_to_prefs($httpaccept), - common_accept_to_prefs($page_prefs)); - $page = $type == 'application/rdf+xml' ? 'foaf' : 'showstream'; - - $url = common_local_url($page, array('nickname' => $user->nickname)); - common_redirect($url, 303); - } + $httpaccept = isset($_SERVER['HTTP_ACCEPT']) + ? $_SERVER['HTTP_ACCEPT'] : null; + $type = common_negotiate_type(common_accept_to_prefs($httpaccept), + common_accept_to_prefs($page_prefs)); + $page = $type == 'application/rdf+xml' ? 'foaf' : 'showstream'; + $url = common_local_url($page, array('nickname' => $user->nickname)); + common_redirect($url, 303); + } } + diff --git a/actions/usergroups.php b/actions/usergroups.php new file mode 100644 index 000000000..20f2e5a75 --- /dev/null +++ b/actions/usergroups.php @@ -0,0 +1,135 @@ +<?php +/** + * Laconica, the distributed open-source microblogging tool + * + * User groups information + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Sarven Capadisli <csarven@controlyourself.ca> + * @copyright 2008-2009 Control Yourself, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +if (!defined('LACONICA')) { + exit(1); +} + +require_once INSTALLDIR.'/lib/grouplist.php'; + +/** + * User groups page + * + * Show the groups a user belongs to + * + * @category Personal + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + */ + +class UsergroupsAction extends Action +{ + var $user = null; + var $page = null; + var $profile = null; + + function title() + { + if ($this->page == 1) { + return sprintf(_("%s groups"), $this->user->nickname); + } else { + return sprintf(_("%s groups, page %d"), + $this->user->nickname, + $this->page); + } + } + + function prepare($args) + { + parent::prepare($args); + + $nickname_arg = $this->arg('nickname'); + $nickname = common_canonical_nickname($nickname_arg); + + // Permanent redirect on non-canonical nickname + + if ($nickname_arg != $nickname) { + $args = array('nickname' => $nickname); + if ($this->arg('page') && $this->arg('page') != 1) { + $args['page'] = $this->arg['page']; + } + common_redirect(common_local_url('usergroups', $args), 301); + return false; + } + + $this->user = User::staticGet('nickname', $nickname); + + if (!$this->user) { + $this->clientError(_('No such user.'), 404); + return false; + } + + $this->profile = $this->user->getProfile(); + + if (!$this->profile) { + $this->serverError(_('User has no profile.')); + return false; + } + + $this->page = ($this->arg('page')) ? ($this->arg('page')+0) : 1; + + return true; + } + + function handle($args) + { + parent::handle($args); + $this->showPage(); + } + + function showLocalNav() + { + $nav = new SubGroupNav($this, $this->user); + $nav->show(); + } + + function showContent() + { + $this->element('a', array('href' => common_local_url('newgroup'), + 'id' => 'new_group'), + _('Create a new group')); + + $offset = ($this->page-1) * GROUPS_PER_PAGE; + $limit = GROUPS_PER_PAGE + 1; + + $groups = $this->user->getGroups($offset, $limit); + + if ($groups) { + $gl = new GroupList($groups, $this->user, $this); + $cnt = $gl->show(); + } + + $this->pagination($this->page > 1, $cnt > GROUPS_PER_PAGE, + $this->page, 'usergroups', + array('nickname' => $this->user->nickname)); + } +} diff --git a/actions/userrss.php b/actions/userrss.php index e57f86105..c1f2321ee 100644 --- a/actions/userrss.php +++ b/actions/userrss.php @@ -23,68 +23,76 @@ require_once(INSTALLDIR.'/lib/rssaction.php'); // Formatting of RSS handled by Rss10Action -class UserrssAction extends Rss10Action { +class UserrssAction extends Rss10Action +{ - var $user = NULL; + var $user = null; - function init() { - $nickname = $this->trimmed('nickname'); - $this->user = User::staticGet('nickname', $nickname); + function prepare($args) + { + parent::prepare($args); + $nickname = $this->trimmed('nickname'); + $this->user = User::staticGet('nickname', $nickname); - if (!$this->user) { - common_user_error(_('No such user.')); - return false; - } else { - return true; - } - } + if (!$this->user) { + $this->clientError(_('No such user.')); + return false; + } else { + return true; + } + } - function get_notices($limit=0) { + function getNotices($limit=0) + { - $user = $this->user; - - if (is_null($user)) { - return NULL; - } - - $notice = $user->getNotices(0, ($limit == 0) ? NOTICES_PER_PAGE : $limit); - - while ($notice->fetch()) { - $notices[] = clone($notice); - } + $user = $this->user; + + if (is_null($user)) { + return null; + } + + $notice = $user->getNotices(0, ($limit == 0) ? NOTICES_PER_PAGE : $limit); + + while ($notice->fetch()) { + $notices[] = clone($notice); + } - return $notices; - } + return $notices; + } - function get_channel() { - $user = $this->user; - $profile = $user->getProfile(); - $c = array('url' => common_local_url('userrss', - array('nickname' => - $user->nickname)), - 'title' => $user->nickname, - 'link' => $profile->profileurl, - 'description' => sprintf(_('Microblog by %s'), $user->nickname)); - return $c; - } + function getChannel() + { + $user = $this->user; + $profile = $user->getProfile(); + $c = array('url' => common_local_url('userrss', + array('nickname' => + $user->nickname)), + 'title' => $user->nickname, + 'link' => $profile->profileurl, + 'description' => sprintf(_('Microblog by %s'), $user->nickname)); + return $c; + } - function get_image() { - $user = $this->user; - $profile = $user->getProfile(); - if (!$profile) { - common_log_db_error($user, 'SELECT', __FILE__); - $this->server_error(_('User without matching profile')); - return NULL; - } - $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); - return ($avatar) ? $avatar->url : NULL; - } + function getImage() + { + $user = $this->user; + $profile = $user->getProfile(); + if (!$profile) { + common_log_db_error($user, 'SELECT', __FILE__); + $this->serverError(_('User without matching profile')); + return null; + } + $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE); + return ($avatar) ? $avatar->url : null; + } + + # override parent to add X-SUP-ID URL + + function initRss($limit=0) + { + $url = common_local_url('sup', null, $this->user->id); + header('X-SUP-ID: '.$url); + parent::initRss($limit); + } +} - # override parent to add X-SUP-ID URL - - function init_rss($limit=0) { - $url = common_local_url('sup', NULL, $this->user->id); - header('X-SUP-ID: '.$url); - parent::init_rss($limit); - } -}
\ No newline at end of file diff --git a/actions/xrds.php b/actions/xrds.php index 1d516aab7..075831803 100644 --- a/actions/xrds.php +++ b/actions/xrds.php @@ -1,5 +1,17 @@ <?php -/* + +/** + * XRDS for OpenID + * + * PHP version 5 + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + * * Laconica - a distributed open-source microblogging tool * Copyright (C) 2008, Controlez-Vous, Inc. * @@ -17,116 +29,145 @@ * along with this program. If not, see <http://www.gnu.org/licenses/>. */ -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/omb.php'); - -class XrdsAction extends Action { - - function is_readonly() { - return true; - } - - function handle($args) { - parent::handle($args); - $nickname = $this->trimmed('nickname'); - $user = User::staticGet('nickname', $nickname); - if (!$user) { - common_user_error(_('No such user.')); - return; - } - $this->show_xrds($user); - } - - function show_xrds($user) { - - header('Content-Type: application/xrds+xml'); - - common_start_xml(); - common_element_start('XRDS', array('xmlns' => 'xri://$xrds')); - - common_element_start('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'oauth', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - - common_element('Type', NULL, 'xri://$xrds*simple'); - - $this->show_service(OAUTH_ENDPOINT_REQUEST, - common_local_url('requesttoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1), - $user->uri); - - $this->show_service(OAUTH_ENDPOINT_AUTHORIZE, - common_local_url('userauthorization'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); +if (!defined('LACONICA')) { + exit(1); +} - $this->show_service(OAUTH_ENDPOINT_ACCESS, - common_local_url('accesstoken'), - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); +require_once INSTALLDIR.'/lib/omb.php'; - $this->show_service(OAUTH_ENDPOINT_RESOURCE, - NULL, - array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), - array(OAUTH_HMAC_SHA1)); - - common_element_end('XRD'); - - # XXX: decide whether to include user's ID/nickname in postNotice URL - - common_element_start('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'xml:id' => 'omb', - 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', - 'version' => '2.0')); - - common_element('Type', NULL, 'xri://$xrds*simple'); - - $this->show_service(OMB_ENDPOINT_POSTNOTICE, - common_local_url('postnotice')); - - $this->show_service(OMB_ENDPOINT_UPDATEPROFILE, - common_local_url('updateprofile')); - - common_element_end('XRD'); - - common_element_start('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', - 'version' => '2.0')); - - common_element('Type', NULL, 'xri://$xrds*simple'); - - $this->show_service(OAUTH_DISCOVERY, - '#oauth'); - $this->show_service(OMB_NAMESPACE, - '#omb'); - - common_element_end('XRD'); - - common_element_end('XRDS'); - common_end_xml(); - } +/** + * XRDS for OpenID + * + * @category Action + * @package Laconica + * @author Evan Prodromou <evan@controlyourself.ca> + * @author Robin Millette <millette@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ +class XrdsAction extends Action +{ + /** + * Is read only? + * + * @return boolean true + */ + function isReadOnly() + { + return true; + } + + /** + * Class handler. + * + * @param array $args query arguments + * + * @return void + */ + function handle($args) + { + parent::handle($args); + $nickname = $this->trimmed('nickname'); + $user = User::staticGet('nickname', $nickname); + if (!$user) { + $this->clientError(_('No such user.')); + return; + } + $this->showXrds($user); + } + + /** + * Show XRDS for a user. + * + * @param class $user XRDS for this user. + * + * @return void + */ + function showXrds($user) + { + header('Content-Type: application/xrds+xml'); + $this->startXML(); + $this->elementStart('XRDS', array('xmlns' => 'xri://$xrds')); + + $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'xml:id' => 'oauth', + 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', + 'version' => '2.0')); + $this->element('Type', null, 'xri://$xrds*simple'); + $this->showService(OAUTH_ENDPOINT_REQUEST, + common_local_url('requesttoken'), + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), + array(OAUTH_HMAC_SHA1), + $user->uri); + $this->showService(OAUTH_ENDPOINT_AUTHORIZE, + common_local_url('userauthorization'), + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), + array(OAUTH_HMAC_SHA1)); + $this->showService(OAUTH_ENDPOINT_ACCESS, + common_local_url('accesstoken'), + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), + array(OAUTH_HMAC_SHA1)); + $this->showService(OAUTH_ENDPOINT_RESOURCE, + null, + array(OAUTH_AUTH_HEADER, OAUTH_POST_BODY), + array(OAUTH_HMAC_SHA1)); + $this->elementEnd('XRD'); + + // XXX: decide whether to include user's ID/nickname in postNotice URL + $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'xml:id' => 'omb', + 'xmlns:simple' => 'http://xrds-simple.net/core/1.0', + 'version' => '2.0')); + $this->element('Type', null, 'xri://$xrds*simple'); + $this->showService(OMB_ENDPOINT_POSTNOTICE, + common_local_url('postnotice')); + $this->showService(OMB_ENDPOINT_UPDATEPROFILE, + common_local_url('updateprofile')); + $this->elementEnd('XRD'); + $this->elementStart('XRD', array('xmlns' => 'xri://$xrd*($v*2.0)', + 'version' => '2.0')); + $this->element('Type', null, 'xri://$xrds*simple'); + $this->showService(OAUTH_DISCOVERY, + '#oauth'); + $this->showService(OMB_NAMESPACE, + '#omb'); + $this->elementEnd('XRD'); + $this->elementEnd('XRDS'); + $this->endXML(); + } + + /** + * Show service. + * + * @param string $type XRDS type + * @param string $uri URI + * @param array $params type parameters, null by default + * @param array $sigs type signatures, null by default + * @param string $localId local ID, null by default + * + * @return void + */ + function showService($type, $uri, $params=null, $sigs=null, $localId=null) + { + $this->elementStart('Service'); + if ($uri) { + $this->element('URI', null, $uri); + } + $this->element('Type', null, $type); + if ($params) { + foreach ($params as $param) { + $this->element('Type', null, $param); + } + } + if ($sigs) { + foreach ($sigs as $sig) { + $this->element('Type', null, $sig); + } + } + if ($localId) { + $this->element('LocalID', null, $localId); + } + $this->elementEnd('Service'); + } +} - function show_service($type, $uri, $params=NULL, $sigs=NULL, $localId=NULL) { - common_element_start('Service'); - if ($uri) { - common_element('URI', NULL, $uri); - } - common_element('Type', NULL, $type); - if ($params) { - foreach ($params as $param) { - common_element('Type', NULL, $param); - } - } - if ($sigs) { - foreach ($sigs as $sig) { - common_element('Type', NULL, $sig); - } - } - if ($localId) { - common_element('LocalID', NULL, $localId); - } - common_element_end('Service'); - } -}
\ No newline at end of file |