aboutsummaryrefslogtreecommitdiffstats
path: root/include/api.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/api.php')
-rw-r--r--include/api.php279
1 files changed, 194 insertions, 85 deletions
diff --git a/include/api.php b/include/api.php
index 258d197a5..711b946ed 100644
--- a/include/api.php
+++ b/include/api.php
@@ -75,8 +75,9 @@ require_once('include/attach.php');
try {
$oauth = new FKOAuth1();
$req = OAuthRequest::from_request();
+
list($consumer,$token) = $oauth->verify_request($req);
-// list($consumer,$token) = $oauth->verify_request(OAuthRequest::from_request());
+
if (!is_null($token)){
$oauth->loginUser($token->uid);
@@ -319,7 +320,7 @@ require_once('include/attach.php');
return False;
} else {
$user = local_channel();
- $extra_query = " AND abook_channel = %d AND (abook_flags & " . ABOOK_FLAG_SELF . " )>0 ";
+ $extra_query = " AND abook_channel = %d AND abook_self = 1 ";
}
}
@@ -337,7 +338,7 @@ require_once('include/attach.php');
return False;
}
- if($uinfo[0]['abook_flags'] & ABOOK_FLAG_SELF) {
+ if(intval($uinfo[0]['abook_self'])) {
$usr = q("select * from channel where channel_id = %d limit 1",
intval(api_user())
);
@@ -345,13 +346,14 @@ require_once('include/attach.php');
intval(api_user())
);
+ $item_normal = item_normal();
+
// count public wall messages
$r = q("SELECT COUNT(`id`) as `count` FROM `item`
WHERE `uid` = %d
- AND ( item_flags & %d )>0 and item_restrict = 0
+ AND item_wall = 1 $item_normal
AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
- intval($usr[0]['channel_id']),
- intval(ITEM_WALL)
+ intval($usr[0]['channel_id'])
);
$countitms = $r[0]['count'];
}
@@ -368,21 +370,20 @@ require_once('include/attach.php');
// count friends
if($usr) {
$r = q("SELECT COUNT(abook_id) as `count` FROM abook
- WHERE abook_channel = %d AND abook_flags = 0 ",
+ WHERE abook_channel = %d AND abook_self = 0 ",
intval($usr[0]['channel_id'])
);
$countfriends = $r[0]['count'];
$countfollowers = $r[0]['count'];
}
- $r = q("SELECT count(`id`) as `count` FROM item where ( item_flags & %d )>0 and uid = %d and item_restrict = 0",
- intval($uinfo[0]['channel_id']),
- intval(ITEM_STARRED)
+ $r = q("SELECT count(`id`) as `count` FROM item where item_starred = 1 and uid = %d " . item_normal(),
+ intval($uinfo[0]['channel_id'])
);
$starred = $r[0]['count'];
- if(! ($uinfo[0]['abook_flags'] & ABOOK_FLAG_SELF)) {
+ if(! intval($uinfo[0]['abook_self'])) {
$countfriends = 0;
$countfollowers = 0;
$starred = 0;
@@ -390,7 +391,7 @@ require_once('include/attach.php');
$ret = Array(
'id' => intval($uinfo[0]['abook_id']),
- 'self' => (($uinfo[0]['abook_flags'] & ABOOK_FLAG_SELF) ? 1 : 0),
+ 'self' => (intval($uinfo[0]['abook_self']) ? 1 : 0),
'uid' => intval($uinfo[0]['abook_channel']),
'guid' => $uinfo[0]['xchan_hash'],
'name' => (($uinfo[0]['xchan_name']) ? $uinfo[0]['xchan_name'] : substr($uinfo[0]['xchan_addr'],0,strpos($uinfo[0]['xchan_addr'],'@'))),
@@ -627,6 +628,71 @@ require_once('include/attach.php');
api_register_func('api/red/files','api_attach_list', true);
+
+
+
+ function api_file_meta(&$a,$type) {
+ if (api_user()===false) return false;
+ if(! $_REQUEST['file_id']) return false;
+ $r = q("select * from attach where uid = %d and hash = '%s' limit 1",
+ intval(api_user()),
+ dbesc($_REQUEST['file_id'])
+ );
+ if($r) {
+ unset($r[0]['data']);
+ $ret = array('attach' => $r[0]);
+ json_return_and_die($ret);
+ }
+ killme();
+ }
+
+ api_register_func('api/red/filemeta', 'api_file_meta', true);
+
+
+ function api_file_data(&$a,$type) {
+ if (api_user()===false) return false;
+ if(! $_REQUEST['file_id']) return false;
+ $start = (($_REQUEST['start']) ? intval($_REQUEST['start']) : 0);
+ $length = (($_REQUEST['length']) ? intval($_REQUEST['length']) : 0);
+
+ $r = q("select * from attach where uid = %d and hash = '%s' limit 1",
+ intval(api_user()),
+ dbesc($_REQUEST['file_id'])
+ );
+ if($r) {
+ $ptr = $r[0];
+ if($length === 0)
+ $length = intval($ptr['filesize']);
+
+ if($ptr['is_dir'])
+ $ptr['data'] = '';
+ elseif(! intval($r[0]['os_storage'])) {
+ $ptr['start'] = $start;
+ $x = substr(dbunescbin($ptr['data'],$start,$length));
+ $ptr['length'] = strlen($x);
+ $ptr['data'] = base64_encode($x);
+ }
+ else {
+ $fp = fopen(dbunescbin($ptr['data'],'r'));
+ if($fp) {
+ $seek = fseek($fp,$start,SEEK_SET);
+ $x = fread($fp,$length);
+ $ptr['start'] = $start;
+ $ptr['length'] = strlen($x);
+ $ptr['data'] = base64_encode($x);
+ }
+ }
+
+ $ret = array('attach' => $ptr);
+ json_return_and_die($ret);
+ }
+ killme();
+ }
+
+ api_register_func('api/red/filedata', 'api_file_data', true);
+
+
+
function api_file_detail(&$a,$type) {
if (api_user()===false) return false;
if(! $_REQUEST['file_id']) return false;
@@ -635,11 +701,9 @@ require_once('include/attach.php');
dbesc($_REQUEST['file_id'])
);
if($r) {
- if($r[0]['flags'] & ATTACH_FLAG_DIR) {
- $r[0]['is_dir'] = '1';
+ if($r[0]['is_dir'])
$r[0]['data'] = '';
- }
- elseif($r[0]['flags'] & ATTACH_FLAG_OS)
+ elseif(intval($r[0]['os_storage']))
$r[0]['data'] = base64_encode(file_get_contents(dbunescbin($r[0]['data'])));
else
$r[0]['data'] = base64_encode(dbunescbin($r[0]['data']));
@@ -828,6 +892,7 @@ require_once('include/attach.php');
require_once('include/html2bbcode.php');
$txt = requestdata('htmlstatus');
+
if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) {
$txt = html2bb_video($txt);
@@ -839,9 +904,10 @@ require_once('include/attach.php');
$purifier = new HTMLPurifier($config);
$txt = $purifier->purify($txt);
- $_REQUEST['body'] = html2bbcode($txt);
}
+ $_REQUEST['body'] = html2bbcode($txt);
+
}
else
$_REQUEST['body'] = requestdata('status');
@@ -929,11 +995,62 @@ require_once('include/attach.php');
api_register_func('api/red/item/new','red_item_new', true);
+ function red_item(&$a, $type) {
+
+ if (api_user() === false) {
+ logger('api_red_item_new: no user');
+ return false;
+ }
+
+ if($_REQUEST['mid']) {
+ $arr = array('mid' => $_REQUEST['mid']);
+ }
+ elseif($_REQUEST['item_id']) {
+ $arr = array('item_id' => $_REQUEST['item_id']);
+ }
+ else
+ json_return_and_die(array());
+
+ $arr['start'] = 0;
+ $arr['records'] = 999999;
+ $arr['item_type'] = '*';
+
+ $i = items_fetch($arr,$a->get_channel(),get_observer_hash());
+
+ if(! $i)
+ json_return_and_die(array());
+
+ $ret = array();
+ $tmp = array();
+ $str = '';
+ foreach($i as $ii) {
+ $tmp[] = encode_item($ii,true);
+ if($str)
+ $str .= ',';
+ $str .= $ii['id'];
+ }
+ $ret['item'] = $tmp;
+ if($str) {
+ $r = q("select item_id.*, item.mid from item_id left join item on item_id.iid = item.id where item.id in ( $str ) ");
+
+ if($r)
+ $ret['item_id'] = $r;
+ }
+
+ json_return_and_die($ret);
+ }
+
+ api_register_func('api/red/item/full','red_item', true);
+
+
+
function api_get_status($xchan_hash) {
require_once('include/security.php');
+ $item_normal = item_normal();
+
$lastwall = q("SELECT * from item where
- item_private = 0 and item_restrict = 0
+ item_private = 0 $item_normal
and author_xchan = '%s'
and allow_cid = '' and allow_gid = '' and deny_cid = '' and deny_gid = ''
and verb = '%s'
@@ -995,9 +1112,10 @@ require_once('include/attach.php');
// get last public message
require_once('include/security.php');
+ $item_normal = item_normal();
$lastwall = q("SELECT * from item where
- item_private = 0 and item_restrict = 0
+ item_private = 0 $item_normal
and author_xchan = '%s'
and allow_cid = '' and allow_gid = '' and deny_cid = '' and deny_gid = ''
and verb = '%s'
@@ -1068,9 +1186,10 @@ require_once('include/attach.php');
$user_info = api_get_user($a);
require_once('include/security.php');
+ $item_normal = item_normal();
$lastwall = q("SELECT * from item where 1
- and item_private != 0 and item_restrict = 0
+ and item_private != 0 $item_normal
and author_xchan = '%s'
and allow_cid = '' and allow_gid = '' and deny_cid = '' and deny_gid = ''
and verb = '%s'
@@ -1171,7 +1290,9 @@ require_once('include/attach.php');
$sql_extra .= " and item_private = 0 ";
}
- $r = q("SELECT * from item WHERE uid = %d and item_restrict = 0
+ $item_normal = item_normal();
+
+ $r = q("SELECT * from item WHERE uid = %d $item_normal
$sql_extra
AND id > %d
ORDER BY received DESC LIMIT %d ,%d ",
@@ -1190,7 +1311,7 @@ require_once('include/attach.php');
// at the network timeline just mark everything seen.
if (api_user() == $user_info['uid']) {
- $r = q("UPDATE `item` SET item_unseen = 0 where item_unseen = 1 and uid = %d",
+ $r = q("UPDATE item SET item_unseen = 0 WHERE item_unseen = 1 and uid = %d",
intval($user_info['uid'])
);
}
@@ -1237,11 +1358,12 @@ require_once('include/attach.php');
if ($max_id > 0)
$sql_extra = 'AND `item`.`id` <= '.intval($max_id);
require_once('include/security.php');
+ $item_normal = item_normal();
- $r = q("select * from item where item_restrict = 0
- and allow_cid = '' and allow_gid = ''
+ $r = q("select * from item where allow_cid = '' and allow_gid = ''
and deny_cid = '' and deny_gid = ''
- and item_private = 0
+ and item_private = 0
+ $item_normal
and uid = " . $sys['channel_id'] . "
$sql_extra
AND id > %d group by mid
@@ -1297,7 +1419,8 @@ require_once('include/attach.php');
else
$sql_extra .= " AND `item`.`id` = %d";
- $r = q("select * from item where item_restrict = 0 $sql_extra",
+ $item_normal = item_normal();
+ $r = q("select * from item where true $item_normal $sql_extra",
intval($id)
);
xchan_query($r,true);
@@ -1337,7 +1460,9 @@ require_once('include/attach.php');
$observer = get_app()->get_observer();
- $r = q("SELECT * from item where item_restrict = 0 and id = %d limit 1",
+ $item_normal = item_normal();
+
+ $r = q("SELECT * from item where and id = %d $item_normal limit 1",
intval($id)
);
@@ -1430,7 +1555,7 @@ require_once('include/attach.php');
*
*/
-// FIXME
+
function api_statuses_mentions(&$a, $type){
if (api_user()===false) return false;
@@ -1455,39 +1580,25 @@ require_once('include/attach.php');
$myurl = str_replace(array('www.','.'),array('','\\.'),$myurl);
$diasp_url = str_replace('/channel/','/u/',$myurl);
- if (get_config('system','use_fulltext_engine'))
- $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where (MATCH(`author-link`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(`tag`) AGAINST ('".'"%s"'."' in boolean mode) or MATCH(tag) AGAINST ('".'"%s"'."' in boolean mode))) ",
- dbesc(protect_sprintf($myurl)),
- dbesc(protect_sprintf($myurl)),
- dbesc(protect_sprintf($diasp_url))
- );
- else
- $sql_extra .= sprintf(" AND `item`.`parent` IN (SELECT distinct(`parent`) from item where ( `author-link` like '%s' or `tag` like '%s' or tag like '%s' )) ",
- dbesc(protect_sprintf('%' . $myurl)),
- dbesc(protect_sprintf('%' . $myurl . ']%')),
- dbesc(protect_sprintf('%' . $diasp_url . ']%'))
- );
-
+ $sql_extra .= " AND item_mentionsme = 1 ";
if ($max_id > 0)
- $sql_extra .= ' AND `item`.`id` <= '.intval($max_id);
+ $sql_extra .= " AND item.id <= " . intval($max_id) . " ";
- $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
- `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
- `contact`.`network`, `contact`.`thumb`, `contact`.`dfrn_id`, `contact`.`self`,
- `contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
- FROM `item`, `contact`
- WHERE `item`.`uid` = %d
- AND `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
- AND `contact`.`id` = `item`.`contact-id`
- AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
- $sql_extra
- AND `item`.`id`>%d
- ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
- intval($user_info['uid']),
+ require_once('include/security.php');
+ $item_normal = item_normal();
+
+ $r = q("select * from item where uid = " . intval(api_user()) . "
+ $item_normal $sql_extra
+ AND id > %d group by mid
+ order by received desc LIMIT %d OFFSET %d ",
intval($since_id),
- intval($start), intval($count)
+ intval($count),
+ intval($start)
);
+ xchan_query($r,true);
+
+
$ret = api_format_items($r,$user_info);
@@ -1610,39 +1721,36 @@ require_once('include/attach.php');
$itemid = intval($_REQUEST['id']);
}
- $item = q("SELECT * FROM item WHERE id = %d AND uid = %d",
- intval($itemid),
- intval(api_user())
+ $item = q("SELECT * FROM item WHERE id = %d AND uid = %d",
+ intval($itemid),
+ intval(api_user())
);
if (! $item)
return false;
- switch($action){
- case "create":
-
- $flags = $item[0]['item_flags'] | ITEM_STARRED;
-
- break;
- case "destroy":
-
- $flags = $item[0]['item_flags'] | (~ ITEM_STARRED);
- break;
- default:
- return false;
- }
-
- $r = q("UPDATE item SET item_flags = %d where id = %d and uid = %d",
- intval($flags),
+ switch($action){
+ case "create":
+ $flags = $item[0]['item_starred'] = 1;
+ break;
+ case "destroy":
+ $flags = $item[0]['item_starred'] = 0;
+ break;
+ default:
+ return false;
+ }
+
+ $r = q("UPDATE item SET item_starred = %d where id = %d and uid = %d",
+ intval($flags),
intval($itemid),
intval(api_user())
);
if(! $r)
return false;
- $item = q("SELECT * FROM item WHERE id = %d AND uid = %d",
- intval($itemid),
- intval(api_user())
+ $item = q("SELECT * FROM item WHERE id = %d AND uid = %d",
+ intval($itemid),
+ intval(api_user())
);
xchan_query($item,true);
@@ -1700,12 +1808,13 @@ require_once('include/attach.php');
$sql_extra .= " and item_private = 0 ";
}
- $r = q("SELECT * from item WHERE uid = %d and item_restrict = 0
- and ( item_flags & %d ) > 0 $sql_extra
+ $item_normal = item_normal();
+
+ $r = q("SELECT * from item WHERE uid = %d $item_normal
+ and item_starred = 1 $sql_extra
AND id > %d
ORDER BY received DESC LIMIT %d ,%d ",
intval($user_info['uid']),
- intval(ITEM_STARRED),
intval($since_id),
intval($start),
intval($count)
@@ -1897,7 +2006,7 @@ require_once('include/attach.php');
'in_reply_to_user_id' => $in_reply_to_user_id,
'in_reply_to_screen_name' => $in_reply_to_screen_name,
'geo' => '',
- 'favorited' => (($item['item_flags'] & ITEM_STARRED) ? true : false),
+ 'favorited' => (intval($item['item_starred']) ? true : false),
'user' => $status_user ,
'statusnet_html' => trim(prepare_text($item['body'],$item['mimetype'])),
@@ -1992,7 +2101,7 @@ require_once('include/attach.php');
if($qtype == 'followers')
$sql_extra = sprintf(" AND ( abook_my_perms & %d )>0 and not ( abook_their_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
- $r = q("SELECT abook_id FROM abook where abook_flags = 0 and abook_channel = %d $sql_extra",
+ $r = q("SELECT abook_id FROM abook where abook_self = 0 and abook_channel = %d $sql_extra",
intval(api_user())
);
@@ -2045,7 +2154,7 @@ require_once('include/attach.php');
'broughtbyurl' => '', 'timezone' => 'UTC', 'closed' => $closed, 'inviteonly' => 'false',
'private' => $private, 'textlimit' => $textlimit, 'sslserver' => $sslserver, 'ssl' => $ssl,
'shorturllength' => '30',
- 'redmatrix' => array(
+ 'hubzilla' => array(
'PLATFORM_NAME' => PLATFORM_NAME,
'RED_VERSION' => RED_VERSION,
'ZOT_REVISION' => ZOT_REVISION,
@@ -2108,7 +2217,7 @@ require_once('include/attach.php');
if($qtype == 'followers')
$sql_extra = sprintf(" AND ( abook_my_perms & %d )>0 and not ( abook_their_perms & %d )>0 ", intval(PERMS_W_STREAM), intval(PERMS_W_STREAM));
- $r = q("SELECT abook_id FROM abook where abook_flags = 0 and abook_channel = %d $sql_extra",
+ $r = q("SELECT abook_id FROM abook where abook_self = 0 and abook_channel = %d $sql_extra",
intval(api_user())
);