diff options
-rw-r--r-- | include/api.php | 8 | ||||
-rw-r--r-- | include/oauth.php | 9 | ||||
-rw-r--r-- | mod/item.php | 1 |
3 files changed, 13 insertions, 5 deletions
diff --git a/include/api.php b/include/api.php index 2760914e9..1dd970cbc 100644 --- a/include/api.php +++ b/include/api.php @@ -72,7 +72,9 @@ require_once('include/photos.php'); // login with oauth try { $oauth = new FKOAuth1(); - list($consumer,$token) = $oauth->verify_request(OAuthRequest::from_request()); + $req = OAuthRequest::from_request(); + list($consumer,$token) = $oauth->verify_request($req); +// list($consumer,$token) = $oauth->verify_request(OAuthRequest::from_request()); if (!is_null($token)){ $oauth->loginUser($token->uid); call_hooks('logged_in', $a->user); @@ -676,7 +678,6 @@ require_once('include/photos.php'); } } - // call out normal post function require_once('mod/item.php'); @@ -696,7 +697,7 @@ require_once('include/photos.php'); require_once('include/security.php'); $lastwall = q("SELECT * from item where 1 - and item_private != 0 and item_restrict = 0 + and item_private = 0 and item_restrict = 0 and author_xchan = '%s' and allow_cid = '' and allow_gid = '' and deny_cid = '' and deny_gid = '' and verb = '%s' @@ -749,6 +750,7 @@ require_once('include/photos.php'); ); $status_info['user'] = $user_info; } + return api_apply_template("status", $type, array('$status' => $status_info)); } diff --git a/include/oauth.php b/include/oauth.php index b10802ecd..8eb8a83d8 100644 --- a/include/oauth.php +++ b/include/oauth.php @@ -151,15 +151,22 @@ class FKOAuth1 extends OAuthServer { header('HTTP/1.0 401 Unauthorized'); die('This api requires login'); } + $_SESSION['uid'] = $record['channel_id']; $_SESSION['theme'] = $record['channel_theme']; $_SESSION['account_id'] = $record['channel_account_id']; $_SESSION['mobile_theme'] = get_pconfig($record['channel_id'], 'system', 'mobile_theme'); $_SESSION['authenticated'] = 1; -// $_SESSION['page_flags'] = $record['page-flags']; $_SESSION['my_url'] = $a->get_baseurl() . '/channel/' . $record['channel_address']; $_SESSION['addr'] = $_SERVER['REMOTE_ADDR']; $_SESSION['allow_api'] = true; + $x = q("select * from account where account_id = %d limit 1", + intval($record['channel_account_id']) + ); + if($x) + $a->account = $x[0]; + + change_channel($record['channel_id']); $a->channel = $record; diff --git a/mod/item.php b/mod/item.php index 1bdd951cd..08076bdf6 100644 --- a/mod/item.php +++ b/mod/item.php @@ -161,7 +161,6 @@ function item_post(&$a) { $observer = $a->get_observer(); - if($parent) { logger('mod_item: item_post parent=' . $parent); $can_comment = false; |