gnu-social/actions/apistatusesupdate.php

<?php
/**
 * StatusNet, the distributed open-source microblogging tool
 *
 * Post a notice (update your status) through the API
 *
 * PHP version 5
 *
 * LICENCE: This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 *
 * @category  API
 * @package   StatusNet
 * @author    Craig Andrews <candrews@integralblue.com>
 * @author    Evan Prodromou <evan@status.net>
 * @author    Jeffery To <jeffery.to@gmail.com>
 * @author    Tom Blankenship <mac65@mac65.com>
 * @author    Mike Cochrane <mikec@mikenz.geek.nz>
 * @author    Robin Millette <robin@millette.info>
 * @author    Zach Copley <zach@status.net>
 * @copyright 2009-2010 StatusNet, Inc.
 * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
 * @link      http://status.net/
 */

if (!defined('STATUSNET')) {
    exit(1);
}

require_once INSTALLDIR . '/lib/apiauth.php';
require_once INSTALLDIR . '/lib/mediafile.php';

/**
 * Updates the authenticating user's status (posts a notice).
 *
 * @category API
 * @package  StatusNet
 * @author   Craig Andrews <candrews@integralblue.com>
 * @author   Evan Prodromou <evan@status.net>
 * @author   Jeffery To <jeffery.to@gmail.com>
 * @author   Tom Blankenship <mac65@mac65.com>
 * @author   Mike Cochrane <mikec@mikenz.geek.nz>
 * @author   Robin Millette <robin@millette.info>
 * @author   Zach Copley <zach@status.net>
 * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
 * @link     http://status.net/
 */

class ApiStatusesUpdateAction extends ApiAuthAction
{
    var $source                = null;
    var $status                = null;
    var $in_reply_to_status_id = null;
    var $lat                   = null;
    var $lon                   = null;

    static $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api');

    /**
     * Take arguments for running
     *
     * @param array $args $_REQUEST args
     *
     * @return boolean success flag
     *
     */

    function prepare($args)
    {
        parent::prepare($args);

        $this->status = $this->trimmed('status');
        $this->source = $this->trimmed('source');
        $this->lat    = $this->trimmed('lat');
        $this->lon    = $this->trimmed('long');

        // try to set the source attr from OAuth app
        if (empty($this->source)) {
            $this->source = $this->oauth_source;
        }

        if (empty($this->source) || in_array($this->source, self::$reserved_sources)) {
            $this->source = 'api';
        }

        $this->in_reply_to_status_id
            = intval($this->trimmed('in_reply_to_status_id'));

        return true;
    }

    /**
     * Handle the request
     *
     * Make a new notice for the update, save it, and show it
     *
     * @param array $args $_REQUEST data (unused)
     *
     * @return void
     */

    function handle($args)
    {
        parent::handle($args);

        if ($_SERVER['REQUEST_METHOD'] != 'POST') {
            $this->clientError(
                _('This method requires a POST.'),
                400, $this->format
            );
            return;
        }

        // Workaround for PHP returning empty $_POST and $_FILES when POST
        // length > post_max_size in php.ini

        if (empty($_FILES)
            && empty($_POST)
            && ($_SERVER['CONTENT_LENGTH'] > 0)
        ) {
             $msg = _('The server was unable to handle that much POST ' .
                    'data (%s bytes) due to its current configuration.');

            $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH']));
            return;
        }

        if (empty($this->status)) {
            $this->clientError(
                'Client must provide a \'status\' parameter with a value.',
                400,
                $this->format
            );
            return;
        }

        if (empty($this->auth_user)) {
            $this->clientError(_('No such user.'), 404, $this->format);
            return;
        }

        $status_shortened = common_shorten_links($this->status);

        if (Notice::contentTooLong($status_shortened)) {

            // Note: Twitter truncates anything over 140, flags the status
            // as "truncated."

            $this->clientError(
                sprintf(
                    _('That\'s too long. Max notice size is %d chars.'),
                    Notice::maxContent()
                ),
                406,
                $this->format
            );

            return;
        }

        // Check for commands

        $inter = new CommandInterpreter();
        $cmd = $inter->handle_command($this->auth_user, $status_shortened);

        if ($cmd) {

            if ($this->supported($cmd)) {
                $cmd->execute(new Channel());
            }

            // Cmd not supported?  Twitter just returns your latest status.
            // And, it returns your last status whether the cmd was successful
            // or not!

            $this->notice = $this->auth_user->getCurrentNotice();

        } else {

            $reply_to = null;

            if (!empty($this->in_reply_to_status_id)) {

                // Check whether notice actually exists

                $reply = Notice::staticGet($this->in_reply_to_status_id);

                if ($reply) {
                    $reply_to = $this->in_reply_to_status_id;
                } else {
                    $this->clientError(
                        _('Not found'),
                        $code = 404,
                        $this->format
                    );
                    return;
                }
            }

            $upload = null;

            try {
                $upload = MediaFile::fromUpload('media', $this->auth_user);
            } catch (ClientException $ce) {
                $this->clientError($ce->getMessage());
                return;
            }

            if (isset($upload)) {
                $status_shortened .= ' ' . $upload->shortUrl();

                if (Notice::contentTooLong($status_shortened)) {
                    $upload->delete();
                    $msg = _(
                        'Max notice size is %d chars, ' .
                        'including attachment URL.'
                    );
                    $this->clientError(sprintf($msg, Notice::maxContent()));
                }
            }

            $content = html_entity_decode($status_shortened, ENT_NOQUOTES, 'UTF-8');

            $options = array('reply_to' => $reply_to);

            if ($this->auth_user->shareLocation()) {

                $locOptions = Notice::locationOptions($this->lat,
                                                      $this->lon,
                                                      null,
                                                      null,
                                                      $this->auth_user->getProfile());

                $options = array_merge($options, $locOptions);
            }

            $this->notice =
              Notice::saveNew($this->auth_user->id,
                              $content,
                              $this->source,
                              $options);

            if (isset($upload)) {
                $upload->attachToNotice($this->notice);
            }

        }

        $this->showNotice();
    }

    /**
     * Show the resulting notice
     *
     * @return void
     */

    function showNotice()
    {
        if (!empty($this->notice)) {
            if ($this->format == 'xml') {
                $this->showSingleXmlStatus($this->notice);
            } elseif ($this->format == 'json') {
                $this->show_single_json_status($this->notice);
            }
        }
    }

    /**
     * Is this command supported when doing an update from the API?
     *
     * @param string $cmd the command to check for
     *
     * @return boolean true or false
     */

    function supported($cmd)
    {
        static $cmdlist = array('MessageCommand', 'SubCommand', 'UnsubCommand',
            'FavCommand', 'OnCommand', 'OffCommand');

        if (in_array(get_class($cmd), $cmdlist)) {
            return true;
        }

        return false;
    }

}
New action for /statuses/update 2009-10-01 16:15:52 -07:00			`<?php`
			`/**`
			`* StatusNet, the distributed open-source microblogging tool`
			`*`
			`* Post a notice (update your status) through the API`
			`*`
			`* PHP version 5`
			`*`
			`* LICENCE: This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as published by`
			`* the Free Software Foundation, either version 3 of the License, or`
			`* (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*`
			`* @category API`
			`* @package StatusNet`
Added in credits. 2009-10-12 16:36:00 -07:00			`* @author Craig Andrews <candrews@integralblue.com>`
			`* @author Evan Prodromou <evan@status.net>`
			`* @author Jeffery To <jeffery.to@gmail.com>`
			`* @author Tom Blankenship <mac65@mac65.com>`
			`* @author Mike Cochrane <mikec@mikenz.geek.nz>`
			`* @author Robin Millette <robin@millette.info>`
New action for /statuses/update 2009-10-01 16:15:52 -07:00			`* @author Zach Copley <zach@status.net>`
- Check for read-only vs. read-write access to protected API resources (OAuth) - Some cleanup 2010-01-27 08:41:26 +00:00			`* @copyright 2009-2010 StatusNet, Inc.`
New action for /statuses/update 2009-10-01 16:15:52 -07:00			`* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0`
			`* @link http://status.net/`
			`*/`

			`if (!defined('STATUSNET')) {`
			`exit(1);`
			`}`

Added in credits. 2009-10-12 16:36:00 -07:00			`require_once INSTALLDIR . '/lib/apiauth.php';`
Implement media upload in the API 2009-10-27 21:45:56 -07:00			`require_once INSTALLDIR . '/lib/mediafile.php';`
New action for /statuses/update 2009-10-01 16:15:52 -07:00
			`/**`
			`* Updates the authenticating user's status (posts a notice).`
			`*`
			`* @category API`
			`* @package StatusNet`
Added in credits. 2009-10-12 16:36:00 -07:00			`* @author Craig Andrews <candrews@integralblue.com>`
			`* @author Evan Prodromou <evan@status.net>`
			`* @author Jeffery To <jeffery.to@gmail.com>`
			`* @author Tom Blankenship <mac65@mac65.com>`
			`* @author Mike Cochrane <mikec@mikenz.geek.nz>`
			`* @author Robin Millette <robin@millette.info>`
New action for /statuses/update 2009-10-01 16:15:52 -07:00			`* @author Zach Copley <zach@status.net>`
			`* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0`
			`* @link http://status.net/`
			`*/`

Renamed and moved stuff around to better match Twitter's API organization 2009-10-01 18:19:59 -07:00			`class ApiStatusesUpdateAction extends ApiAuthAction`
New action for /statuses/update 2009-10-01 16:15:52 -07:00			`{`
			`var $source = null;`
			`var $status = null;`
			`var $in_reply_to_status_id = null;`
add lat and long parameters to api/statuses/update 2009-11-10 15:36:55 -05:00			`var $lat = null;`
			`var $lon = null;`

New action for /statuses/update 2009-10-01 16:15:52 -07:00			`static $reserved_sources = array('web', 'omb', 'mail', 'xmpp', 'api');`

			`/**`
			`* Take arguments for running`
			`*`
			`* @param array $args $_REQUEST args`
			`*`
			`* @return boolean success flag`
			`*`
			`*/`

			`function prepare($args)`
			`{`
			`parent::prepare($args);`

			`$this->status = $this->trimmed('status');`
			`$this->source = $this->trimmed('source');`
add lat and long parameters to api/statuses/update 2009-11-10 15:36:55 -05:00			`$this->lat = $this->trimmed('lat');`
			`$this->lon = $this->trimmed('long');`
New action for /statuses/update 2009-10-01 16:15:52 -07:00
- Had to remove checking read vs. read-write in OAuth authenticated methods - Will now pick up source attr from OAuth app 2010-01-14 02:38:01 +00:00			`// try to set the source attr from OAuth app`
			`if (empty($this->source)) {`
			`$this->source = $this->oauth_source;`
			`}`

Notice: Undefined variable: source in actions/apistatusesupdate.php on line 88 2009-11-18 09:29:55 -08:00			`if (empty($this->source) \|\| in_array($this->source, self::$reserved_sources)) {`
New action for /statuses/update 2009-10-01 16:15:52 -07:00			`$this->source = 'api';`
			`}`

			`$this->in_reply_to_status_id`
			`= intval($this->trimmed('in_reply_to_status_id'));`

			`return true;`
			`}`

			`/**`
			`* Handle the request`
			`*`
A new action for /statuses/destroy 2009-10-01 17:35:28 -07:00			`* Make a new notice for the update, save it, and show it`
New action for /statuses/update 2009-10-01 16:15:52 -07:00			`*`
			`* @param array $args $_REQUEST data (unused)`
			`*`
			`* @return void`
			`*/`

			`function handle($args)`
			`{`
			`parent::handle($args);`

			`if ($_SERVER['REQUEST_METHOD'] != 'POST') {`
			`$this->clientError(`
			`_('This method requires a POST.'),`
			`400, $this->format`
			`);`
			`return;`
			`}`

Better workaround for PHP returning empty $_POST and $_FILES when POST length > post_max_size in php.ini. I also added this check to avatar upload, which was failing with huge files. 2009-11-06 17:21:08 -08:00			`// Workaround for PHP returning empty $_POST and $_FILES when POST`
			`// length > post_max_size in php.ini`

			`if (empty($_FILES)`
			`&& empty($_POST)`
			`&& ($_SERVER['CONTENT_LENGTH'] > 0)`
			`) {`
			`$msg = _('The server was unable to handle that much POST ' .`
			`'data (%s bytes) due to its current configuration.');`

			`$this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH']));`
			`return;`
			`}`

Rearanged a couple things & removed debugging statements 2009-10-28 17:12:22 -07:00			`if (empty($this->status)) {`
			`$this->clientError(`
			`'Client must provide a \'status\' parameter with a value.',`
			`400,`
			`$this->format`
			`);`
Implement media upload in the API 2009-10-27 21:45:56 -07:00			`return;`
			`}`

- Check for read-only vs. read-write access to protected API resources (OAuth) - Some cleanup 2010-01-27 08:41:26 +00:00			`if (empty($this->auth_user)) {`
Harmonise UI message "No such user." 2009-11-08 23:10:44 +01:00			`$this->clientError(_('No such user.'), 404, $this->format);`
Implement media upload in the API 2009-10-27 21:45:56 -07:00			`return;`
			`}`

New action for /statuses/update 2009-10-01 16:15:52 -07:00			`$status_shortened = common_shorten_links($this->status);`

			`if (Notice::contentTooLong($status_shortened)) {`

			`// Note: Twitter truncates anything over 140, flags the status`
			`// as "truncated."`

			`$this->clientError(`
			`sprintf(`
			`_('That\'s too long. Max notice size is %d chars.'),`
			`Notice::maxContent()`
			`),`
			`406,`
			`$this->format`
			`);`

			`return;`
			`}`

			`// Check for commands`

			`$inter = new CommandInterpreter();`
- Check for read-only vs. read-write access to protected API resources (OAuth) - Some cleanup 2010-01-27 08:41:26 +00:00			`$cmd = $inter->handle_command($this->auth_user, $status_shortened);`
New action for /statuses/update 2009-10-01 16:15:52 -07:00
			`if ($cmd) {`

			`if ($this->supported($cmd)) {`
			`$cmd->execute(new Channel());`
			`}`

			`// Cmd not supported? Twitter just returns your latest status.`
			`// And, it returns your last status whether the cmd was successful`
			`// or not!`

- Check for read-only vs. read-write access to protected API resources (OAuth) - Some cleanup 2010-01-27 08:41:26 +00:00			`$this->notice = $this->auth_user->getCurrentNotice();`
New action for /statuses/update 2009-10-01 16:15:52 -07:00
			`} else {`

			`$reply_to = null;`

			`if (!empty($this->in_reply_to_status_id)) {`

			`// Check whether notice actually exists`

			`$reply = Notice::staticGet($this->in_reply_to_status_id);`

			`if ($reply) {`
			`$reply_to = $this->in_reply_to_status_id;`
			`} else {`
			`$this->clientError(`
			`_('Not found'),`
			`$code = 404,`
			`$this->format`
			`);`
			`return;`
			`}`
			`}`

Implement media upload in the API 2009-10-27 21:45:56 -07:00			`$upload = null;`
Trap ClientExceptions from media upload process and hand them off to API error handler 2009-10-28 17:29:21 -07:00
			`try {`
- Check for read-only vs. read-write access to protected API resources (OAuth) - Some cleanup 2010-01-27 08:41:26 +00:00			`$upload = MediaFile::fromUpload('media', $this->auth_user);`
Trap ClientExceptions from media upload process and hand them off to API error handler 2009-10-28 17:29:21 -07:00			`} catch (ClientException $ce) {`
			`$this->clientError($ce->getMessage());`
			`return;`
			`}`
Implement media upload in the API 2009-10-27 21:45:56 -07:00
			`if (isset($upload)) {`
Rearanged a couple things & removed debugging statements 2009-10-28 17:12:22 -07:00			`$status_shortened .= ' ' . $upload->shortUrl();`
Implement media upload in the API 2009-10-27 21:45:56 -07:00
Rearanged a couple things & removed debugging statements 2009-10-28 17:12:22 -07:00			`if (Notice::contentTooLong($status_shortened)) {`
			`$upload->delete();`
			`$msg = _(`
			`'Max notice size is %d chars, ' .`
			`'including attachment URL.'`
			`);`
			`$this->clientError(sprintf($msg, Notice::maxContent()));`
			`}`
Implement media upload in the API 2009-10-27 21:45:56 -07:00			`}`

fix typo in API arg creation 2009-12-11 11:33:26 -05:00			`$content = html_entity_decode($status_shortened, ENT_NOQUOTES, 'UTF-8');`
change Notice::saveNew() to use named arguments for little-used options 2009-12-11 11:29:51 -05:00
			`$options = array('reply_to' => $reply_to);`

- Check for read-only vs. read-write access to protected API resources (OAuth) - Some cleanup 2010-01-27 08:41:26 +00:00			`if ($this->auth_user->shareLocation()) {`
Move location-argument-handling code into a single function Moved the important parts of the location-argument-handling stuff to a single function. Handles defaults and overrides correctly, and easy to use. Changed Web and API channels to use it. 2009-12-28 15:13:15 -08:00
			`$locOptions = Notice::locationOptions($this->lat,`
			`$this->lon,`
			`null,`
			`null,`
- Check for read-only vs. read-write access to protected API resources (OAuth) - Some cleanup 2010-01-27 08:41:26 +00:00			`$this->auth_user->getProfile());`
Move location-argument-handling code into a single function Moved the important parts of the location-argument-handling stuff to a single function. Handles defaults and overrides correctly, and easy to use. Changed Web and API channels to use it. 2009-12-28 15:13:15 -08:00
			`$options = array_merge($options, $locOptions);`
change Notice::saveNew() to use named arguments for little-used options 2009-12-11 11:29:51 -05:00			`}`

			`$this->notice =`
- Check for read-only vs. read-write access to protected API resources (OAuth) - Some cleanup 2010-01-27 08:41:26 +00:00			`Notice::saveNew($this->auth_user->id,`
change Notice::saveNew() to use named arguments for little-used options 2009-12-11 11:29:51 -05:00			`$content,`
			`$this->source,`
			`$options);`
New action for /statuses/update 2009-10-01 16:15:52 -07:00
Implement media upload in the API 2009-10-27 21:45:56 -07:00			`if (isset($upload)) {`
			`$upload->attachToNotice($this->notice);`
			`}`

New action for /statuses/update 2009-10-01 16:15:52 -07:00			`}`

			`$this->showNotice();`
			`}`

			`/**`
			`* Show the resulting notice`
			`*`
			`* @return void`
			`*/`

			`function showNotice()`
			`{`
			`if (!empty($this->notice)) {`
			`if ($this->format == 'xml') {`
CamelCase all function names in the API code 2009-10-09 17:53:35 -07:00			`$this->showSingleXmlStatus($this->notice);`
New action for /statuses/update 2009-10-01 16:15:52 -07:00			`} elseif ($this->format == 'json') {`
			`$this->show_single_json_status($this->notice);`
			`}`
			`}`
			`}`

			`/**`
			`* Is this command supported when doing an update from the API?`
			`*`
			`* @param string $cmd the command to check for`
			`*`
			`* @return boolean true or false`
			`*/`

			`function supported($cmd)`
			`{`
			`static $cmdlist = array('MessageCommand', 'SubCommand', 'UnsubCommand',`
			`'FavCommand', 'OnCommand', 'OffCommand');`

			`if (in_array(get_class($cmd), $cmdlist)) {`
			`return true;`
			`}`

			`return false;`
			`}`

			`}`