diff options
Diffstat (limited to 'mod')
-rw-r--r-- | mod/_well_known.php | 16 | ||||
-rw-r--r-- | mod/oep.php | 212 | ||||
-rw-r--r-- | mod/photos.php | 9 |
3 files changed, 237 insertions, 0 deletions
diff --git a/mod/_well_known.php b/mod/_well_known.php index 58ed13ece..47cfe1512 100644 --- a/mod/_well_known.php +++ b/mod/_well_known.php @@ -7,6 +7,22 @@ function _well_known_init(&$a){ $arr = array('server' => $_SERVER, 'request' => $_REQUEST);
call_hooks('well_known', $arr);
+
+ if(! check_siteallowed($_SERVER['REMOTE_ADDR'])) {
+ logger('well_known: site not allowed. ' . $_SERVER['REMOTE_ADDR']);
+ killme();
+ }
+
+ // from php.net re: REMOTE_HOST:
+ // Note: Your web server must be configured to create this variable. For example in Apache
+ // you'll need HostnameLookups On inside httpd.conf for it to exist. See also gethostbyaddr().
+
+ if(get_config('system','siteallowed_remote_host') && (! check_siteallowed($_SERVER['REMOTE_HOST']))) {
+ logger('well_known: site not allowed. ' . $_SERVER['REMOTE_HOST']);
+ killme();
+ }
+
+
switch(argv(1)) {
case 'zot-info':
$a->argc -= 1;
diff --git a/mod/oep.php b/mod/oep.php new file mode 100644 index 000000000..9bc0de98f --- /dev/null +++ b/mod/oep.php @@ -0,0 +1,212 @@ +<?php + +// oembed provider + + + +function oep_init(&$a) { + + + + $url = $_REQUEST['url']; + if(! $url) + http_status_exit(404, 'Not found'); + + $maxwidth = $_REQUEST['maxwidth']; + $maxheight = $_REQUEST['maxheight']; + $format = $_REQUEST['format']; + if($format && $format !== 'json') + http_status_exit(501, 'Not implemented'); + + if(fnmatch('*/photos/*/album/*',$url)) + $arr = oep_album_reply($_REQUEST); + elseif(fnmatch('*/photos/*/image/*',$url)) + $arr = oep_photo_reply($_REQUEST); + elseif(fnmatch('*/photos*',$url)) + $arr = oep_phototop_reply($_REQUEST); + + if($arr) { + header('Content-Type: application/json+oembed'); + echo json_encode($arr); + killme(); + } + + http_status_exit(404,'Not found'); + +} + + +function oep_album_reply($args) { + + $ret = array(); + $url = $args['url']; + $maxwidth = intval($args['maxwidth']); + $maxheight = intval($args['maxheight']); + + if(preg_match('|//(.*?)/(.*?)/(.*?)/album/|',$url,$matches)) { + $chn = $matches[3]; + $res = hex2bin(basename($url)); + } + + if(! ($chn && $res)) + return; + $c = q("select * from channel where channel_address = '%s' limit 1", + dbesc($chn) + ); + + if(! $c) + return; + + $sql_extra = permissions_sql($c[0]['channel_id']); + + $p = q("select resource_id from photo where album = '%s' and uid = %d and scale = 0 $sql_extra order by created desc limit 1", + dbesc($res), + intval($c[0]['channel_id']) + ); + if(! $p) + return; + + $res = $p[0]['resource_id']; + + $r = q("select height, width, scale, resource_id from photo where uid = %d and resource_id = '%s' $sql_extra order by scale asc", + intval($c[0]['channel_id']), + dbesc($res) + ); + + if($r) { + foreach($r as $rr) { + $foundres = false; + if($maxheight && $rr['height'] > $maxheight) + continue; + if($maxwidth && $rr['width'] > $maxwidth) + continue; + $foundres = true; + break; + } + + if($foundres) { + $ret['type'] = 'link'; + $ret['thumbnail_url'] = z_root() . '/photo/' . '/' . $rr['resource_id'] . '-' . $rr['scale']; + $ret['thumbnail_width'] = $rr['width']; + $ret['thumbnail_height'] = $rr['height']; + } + + + } + return $ret; + +} + + +function oep_phototop_reply($args) { + + $ret = array(); + $url = $args['url']; + $maxwidth = intval($args['maxwidth']); + $maxheight = intval($args['maxheight']); + + if(preg_match('|//(.*?)/(.*?)/(.*?)$|',$url,$matches)) { + $chn = $matches[3]; + } + + if(! $chn) + return; + $c = q("select * from channel where channel_address = '%s' limit 1", + dbesc($chn) + ); + + if(! $c) + return; + + $sql_extra = permissions_sql($c[0]['channel_id']); + + $p = q("select resource_id from photo where uid = %d and scale = 0 $sql_extra order by created desc limit 1", + intval($c[0]['channel_id']) + ); + if(! $p) + return; + + $res = $p[0]['resource_id']; + + $r = q("select height, width, scale, resource_id from photo where uid = %d and resource_id = '%s' $sql_extra order by scale asc", + intval($c[0]['channel_id']), + dbesc($res) + ); + + if($r) { + foreach($r as $rr) { + $foundres = false; + if($maxheight && $rr['height'] > $maxheight) + continue; + if($maxwidth && $rr['width'] > $maxwidth) + continue; + $foundres = true; + break; + } + + if($foundres) { + $ret['type'] = 'link'; + $ret['thumbnail_url'] = z_root() . '/photo/' . '/' . $rr['resource_id'] . '-' . $rr['scale']; + $ret['thumbnail_width'] = $rr['width']; + $ret['thumbnail_height'] = $rr['height']; + } + + + } + return $ret; + +} + + +function oep_photo_reply($args) { + + $ret = array(); + $url = $args['url']; + $maxwidth = intval($args['maxwidth']); + $maxheight = intval($args['maxheight']); + + if(preg_match('|//(.*?)/(.*?)/(.*?)/image/|',$url,$matches)) { + $chn = $matches[3]; + $res = basename($url); + } + + if(! ($chn && $res)) + return; + $c = q("select * from channel where channel_address = '%s' limit 1", + dbesc($chn) + ); + + if(! $c) + return; + + $sql_extra = permissions_sql($c[0]['channel_id']); + + + $r = q("select height, width, scale, resource_id from photo where uid = %d and resource_id = '%s' $sql_extra order by scale asc", + intval($c[0]['channel_id']), + dbesc($res) + ); + + if($r) { + foreach($r as $rr) { + $foundres = false; + if($maxheight && $rr['height'] > $maxheight) + continue; + if($maxwidth && $rr['width'] > $maxwidth) + continue; + $foundres = true; + break; + } + + if($foundres) { + $ret['type'] = 'link'; + $ret['thumbnail_url'] = z_root() . '/photo/' . '/' . $rr['resource_id'] . '-' . $rr['scale']; + $ret['thumbnail_width'] = $rr['width']; + $ret['thumbnail_height'] = $rr['height']; + } + + + } + return $ret; + +}
\ No newline at end of file diff --git a/mod/photos.php b/mod/photos.php index f1b7aceed..d6105c580 100644 --- a/mod/photos.php +++ b/mod/photos.php @@ -660,6 +660,10 @@ function photos_content(&$a) { $album = (($datum) ? hex2bin($datum) : ''); + + $a->page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . $a->cmd) . '" title="oembed" />' . "\r\n"; + + $r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` = '%s' AND `scale` <= 4 and photo_usage IN ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`", intval($owner_uid), @@ -804,6 +808,8 @@ function photos_content(&$a) { if($datatype === 'image') { + $a->page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . $a->cmd) . '" title="oembed" />' . "\r\n"; + // fetch image, item containing image, then comments $ph = q("SELECT id,aid,uid,xchan,resource_id,created,edited,title,`description`,album,filename,`type`,height,width,`size`,scale,photo_usage,is_nsfw,allow_cid,allow_gid,deny_cid,deny_gid FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s' @@ -1226,6 +1232,9 @@ function photos_content(&$a) { // Default - show recent photos with upload link (if applicable) //$o = ''; + $a->page['htmlhead'] .= "\r\n" . '<link rel="alternate" type="application/json+oembed" href="' . z_root() . '/oep?f=&url=' . urlencode(z_root() . '/' . $a->cmd) . '" title="oembed" />' . "\r\n"; + + $r = q("SELECT `resource_id`, max(`scale`) AS `scale` FROM `photo` WHERE `uid` = %d AND `album` != '%s' AND `album` != '%s' and photo_usage in ( %d, %d ) and is_nsfw = %d $sql_extra GROUP BY `resource_id`", intval($a->data['channel']['channel_id']), |