Twitter-compatible API - Added content-type checks to several methods. Calling an API

method with a bad content type used to return a blank page.

darcs-hash:20081001020959-462f3-83b0241ba7dc99c4e3a52148a46deb8182e005b0.gz
This commit is contained in:
zach 2008-09-30 22:09:59 -04:00
parent c08a67094c
commit dec2f29c6a
7 changed files with 40 additions and 9 deletions

View File

@ -61,6 +61,11 @@ class TwitapiaccountAction extends TwitterapiAction {
function update_location($args, $apidata) { function update_location($args, $apidata) {
parent::handle($args); parent::handle($args);
if (!in_array($apidata['content-type'], array('xml', 'json'))) {
common_user_error(_('API method not found!'), $code = 404);
exit;
}
if ($_SERVER['REQUEST_METHOD'] != 'POST') { if ($_SERVER['REQUEST_METHOD'] != 'POST') {
$this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']);
exit(); exit();

View File

@ -133,8 +133,6 @@ class Twitapidirect_messagesAction extends TwitterapiAction {
exit(); exit();
} }
common_debug($this->trimmed('user'));
$other = $this->get_user($this->trimmed('user')); $other = $this->get_user($this->trimmed('user'));
if (!$other) { if (!$other) {

View File

@ -117,6 +117,11 @@ class TwitapifavoritesAction extends TwitterapiAction {
function create($args, $apidata) { function create($args, $apidata) {
parent::handle($args); parent::handle($args);
if (!in_array($apidata['content-type'], array('xml', 'json'))) {
common_user_error(_('API method not found!'), $code = 404);
exit;
}
// Check for RESTfulness // Check for RESTfulness
if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) {
// XXX: Twitter just prints the err msg, no XML / JSON. // XXX: Twitter just prints the err msg, no XML / JSON.

View File

@ -152,6 +152,11 @@ class TwitapifriendshipsAction extends TwitterapiAction {
function exists($args, $apidata) { function exists($args, $apidata) {
parent::handle($args); parent::handle($args);
if (!in_array($apidata['content-type'], array('xml', 'json'))) {
common_user_error(_('API method not found!'), $code = 404);
exit;
}
$user_a_id = $this->trimmed('user_a'); $user_a_id = $this->trimmed('user_a');
$user_b_id = $this->trimmed('user_b'); $user_b_id = $this->trimmed('user_b');
@ -181,7 +186,6 @@ class TwitapifriendshipsAction extends TwitterapiAction {
$this->end_document('json'); $this->end_document('json');
break; break;
default: default:
print $result; // Really? --Zach
break; break;
} }

View File

@ -32,7 +32,8 @@ class TwitapihelpAction extends TwitterapiAction {
* Formats: xml, json * Formats: xml, json
*/ */
function test($args, $apidata) { function test($args, $apidata) {
global $xw; parent::handle($args);
if ($apidata['content-type'] == 'xml') { if ($apidata['content-type'] == 'xml') {
$this->init_document('xml'); $this->init_document('xml');
common_element('ok', NULL, 'true'); common_element('ok', NULL, 'true');

View File

@ -297,6 +297,11 @@ class TwitapistatusesAction extends TwitterapiAction {
parent::handle($args); parent::handle($args);
if (!in_array($apidata['content-type'], array('xml', 'json'))) {
common_user_error(_('API method not found!'), $code = 404);
exit;
}
if ($_SERVER['REQUEST_METHOD'] != 'POST') { if ($_SERVER['REQUEST_METHOD'] != 'POST') {
$this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']); $this->client_error(_('This method requires a POST.'), 400, $apidata['content-type']);
exit(); exit();
@ -448,6 +453,11 @@ class TwitapistatusesAction extends TwitterapiAction {
function show($args, $apidata) { function show($args, $apidata) {
parent::handle($args); parent::handle($args);
if (!in_array($apidata['content-type'], array('xml', 'json'))) {
common_user_error(_('API method not found!'), $code = 404);
exit;
}
$notice_id = $apidata['api_arg']; $notice_id = $apidata['api_arg'];
$notice = Notice::staticGet($notice_id); $notice = Notice::staticGet($notice_id);
@ -485,6 +495,11 @@ class TwitapistatusesAction extends TwitterapiAction {
parent::handle($args); parent::handle($args);
if (!in_array($apidata['content-type'], array('xml', 'json'))) {
common_user_error(_('API method not found!'), $code = 404);
exit;
}
// Check for RESTfulness // Check for RESTfulness
if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) { if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) {
// XXX: Twitter just prints the err msg, no XML / JSON. // XXX: Twitter just prints the err msg, no XML / JSON.

View File

@ -51,6 +51,11 @@ class TwitapiusersAction extends TwitterapiAction {
function show($args, $apidata) { function show($args, $apidata) {
parent::handle($args); parent::handle($args);
if (!in_array($apidata['content-type'], array('xml', 'json'))) {
common_user_error(_('API method not found!'), $code = 404);
exit;
}
$user = null; $user = null;
$email = $this->arg('email'); $email = $this->arg('email');
@ -118,8 +123,6 @@ class TwitapiusersAction extends TwitterapiAction {
$this->init_document('json'); $this->init_document('json');
$this->show_json_objects($twitter_user); $this->show_json_objects($twitter_user);
$this->end_document('json'); $this->end_document('json');
} else {
common_user_error(_('API method not found!'), $code = 404);
} }
exit(); exit();