/** * For initializing members of the class. * * @param array $argarray misc. arguments * * @return boolean true */ function prepare($argarray) { StatusNet::setApi(true); // Send smaller error pages parent::prepare($argarray); $license = $_POST['omb_listenee_license']; $site_license = common_config('license', 'url'); if (!common_compatible_license($license, $site_license)) { $this->clientError(sprintf(_('Listenee stream license ‘%1$s’ is not ' . 'compatible with site license ‘%2$s’.'), $license, $site_license)); return false; } return true; }
/** * For initializing members of the class. * * @param array $argarray misc. arguments * * @return boolean true */ function prepare($argarray) { StatusNet::setApi(true); // Send smaller error pages parent::prepare($argarray); $license = $_POST['omb_listenee_license']; $site_license = common_config('license', 'url'); if (!common_compatible_license($license, $site_license)) { // TRANS: Client error displayed when trying to update profile with an incompatible license. // TRANS: %1$s is the license incompatible with site license %2$s. $this->clientError(sprintf(_('Listenee stream license "%1$s" is not ' . 'compatible with site license "%2$s".'), $license, $site_license)); return false; } return true; }
function validateOmb() { $listener = $_GET['omb_listener']; $listenee = $_GET['omb_listenee']; $nickname = $_GET['omb_listenee_nickname']; $profile = $_GET['omb_listenee_profile']; $user = User::staticGet('uri', $listener); if (!$user) { throw new Exception(sprintf(_('Listener URI ‘%s’ not found here.'), $listener)); } if (strlen($listenee) > 255) { throw new Exception(sprintf(_('Listenee URI ‘%s’ is too long.'), $listenee)); } $other = User::staticGet('uri', $listenee); if ($other) { throw new Exception(sprintf(_('Listenee URI ‘%s’ is a local user.'), $listenee)); } $remote = Remote_profile::staticGet('uri', $listenee); if ($remote) { $sub = new Subscription(); $sub->subscriber = $user->id; $sub->subscribed = $remote->id; if ($sub->find(true)) { throw new Exception('You are already subscribed to this user.'); } } if ($profile == common_profile_url($nickname)) { throw new Exception(sprintf(_('Profile URL ‘%s’ is for a local user.'), $profile)); } $license = $_GET['omb_listenee_license']; $site_license = common_config('license', 'url'); if (!common_compatible_license($license, $site_license)) { throw new Exception(sprintf(_('Listenee stream license ‘%1$s’ is not ' . 'compatible with site license ‘%2$s’.'), $license, $site_license)); } $avatar = $_GET['omb_listenee_avatar']; if ($avatar) { if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { throw new Exception(sprintf(_('Avatar URL ‘%s’ is not valid.'), $avatar)); } $size = @getimagesize($avatar); if (!$size) { throw new Exception(sprintf(_('Can’t read avatar URL ‘%s’.'), $avatar)); } if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG))) { throw new Exception(sprintf(_('Wrong image type for avatar URL ' . '‘%s’.'), $avatar)); } } }
function checkNotice() { $content = common_shorten_links($_POST['omb_notice_content']); if (Notice::contentTooLong($content)) { // TRANS: Client error displayed if the notice posted has too many characters. $this->clientError(_('Invalid notice content.'), 400); return false; } $license = $_POST['omb_notice_license']; $site_license = common_config('license', 'url'); if ($license && !common_compatible_license($license, $site_license)) { // TRANS: Exception thrown if a notice's license is not compatible with the StatusNet site license. // TRANS: %1$s is the notice license, %2$s is the StatusNet site's license. throw new Exception(sprintf(_('Notice license "%1$s" is not ' . 'compatible with site license "%2$s".'), $license, $site_license)); } }
function validateOmb() { $listener = $_GET['omb_listener']; $listenee = $_GET['omb_listenee']; $nickname = $_GET['omb_listenee_nickname']; $profile = $_GET['omb_listenee_profile']; $user = User::staticGet('uri', $listener); if (!$user) { // TRANS: Exception thrown when no valid user is found for an authorisation request. // TRANS: %s is a listener URI. throw new Exception(sprintf(_('Listener URI "%s" not found here.'), $listener)); } if (strlen($listenee) > 255) { // TRANS: Exception thrown when listenee URI is too long for an authorisation request. // TRANS: %s is a listenee URI. throw new Exception(sprintf(_('Listenee URI "%s" is too long.'), $listenee)); } $other = User::staticGet('uri', $listenee); if ($other) { // TRANS: Exception thrown when listenee URI is a local user for an authorisation request. // TRANS: %s is a listenee URI. throw new Exception(sprintf(_('Listenee URI "%s" is a local user.'), $listenee)); } $remote = Remote_profile::staticGet('uri', $listenee); if ($remote) { $sub = new Subscription(); $sub->subscriber = $user->id; $sub->subscribed = $remote->id; if ($sub->find(true)) { // TRANS: Exception thrown when already subscribed. throw new Exception('You are already subscribed to this user.'); } } if ($profile == common_profile_url($nickname)) { // TRANS: Exception thrown when profile URL is a local user for an authorisation request. // TRANS: %s is a profile URL. throw new Exception(sprintf(_('Profile URL "%s" is for a local user.'), $profile)); } $license = $_GET['omb_listenee_license']; $site_license = common_config('license', 'url'); if (!common_compatible_license($license, $site_license)) { // TRANS: Exception thrown when licenses are not compatible for an authorisation request. // TRANS: %1$s is the license for the listenee, %2$s is the license for "this" StatusNet site. throw new Exception(sprintf(_('Listenee stream license "%1$s" is not ' . 'compatible with site license "%2$s".'), $license, $site_license)); } $avatar = $_GET['omb_listenee_avatar']; if ($avatar) { if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { // TRANS: Exception thrown when avatar URL is invalid for an authorisation request. // TRANS: %s is an avatar URL. throw new Exception(sprintf(_('Avatar URL "%s" is not valid.'), $avatar)); } $size = @getimagesize($avatar); if (!$size) { // TRANS: Exception thrown when avatar URL could not be read for an authorisation request. // TRANS: %s is an avatar URL. throw new Exception(sprintf(_('Cannot read avatar URL "%s".'), $avatar)); } if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG))) { // TRANS: Exception thrown when avatar URL return an invalid image type for an authorisation request. // TRANS: %s is an avatar URL. throw new Exception(sprintf(_('Wrong image type for avatar URL ' . '"%s".'), $avatar)); } } }
function checkNotice() { $content = common_shorten_links($_POST['omb_notice_content']); if (Notice::contentTooLong($content)) { $this->clientError(_('Invalid notice content.'), 400); return false; } $license = $_POST['omb_notice_license']; $site_license = common_config('license', 'url'); if ($license && !common_compatible_license($license, $site_license)) { throw new Exception(sprintf(_('Notice license ‘%1$s’ is not ' . 'compatible with site license ‘%2$s’.'), $license, $site_license)); } }
function validateOmb(&$req) { foreach (array('omb_version', 'omb_listener', 'omb_listenee', 'omb_listenee_profile', 'omb_listenee_nickname', 'omb_listenee_license') as $param) { if (is_null($req->get_parameter($param))) { throw new OAuthException("Required parameter '{$param}' not found"); } } # Now, OMB stuff $version = $req->get_parameter('omb_version'); if ($version != OMB_VERSION_01) { throw new OAuthException("OpenMicroBlogging version '{$version}' not supported"); } $listener = $req->get_parameter('omb_listener'); $user = User::staticGet('uri', $listener); if (!$user) { throw new OAuthException("Listener URI '{$listener}' not found here"); } $cur = common_current_user(); if ($cur->id != $user->id) { throw new OAuthException("Can't add for another user!"); } $listenee = $req->get_parameter('omb_listenee'); if (!Validate::uri($listenee) && !common_valid_tag($listenee)) { throw new OAuthException("Listenee URI '{$listenee}' not a recognizable URI"); } if (strlen($listenee) > 255) { throw new OAuthException("Listenee URI '{$listenee}' too long"); } $other = User::staticGet('uri', $listenee); if ($other) { throw new OAuthException("Listenee URI '{$listenee}' is local user"); } $remote = Remote_profile::staticGet('uri', $listenee); if ($remote) { $sub = new Subscription(); $sub->subscriber = $user->id; $sub->subscribed = $remote->id; if ($sub->find(true)) { throw new OAuthException("Already subscribed to user!"); } } $nickname = $req->get_parameter('omb_listenee_nickname'); if (!Validate::string($nickname, array('min_length' => 1, 'max_length' => 64, 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) { throw new OAuthException('Nickname must have only letters and numbers and no spaces.'); } $profile = $req->get_parameter('omb_listenee_profile'); if (!common_valid_http_url($profile)) { throw new OAuthException("Invalid profile URL '{$profile}'."); } if ($profile == common_local_url('showstream', array('nickname' => $nickname))) { throw new OAuthException("Profile URL '{$profile}' is for a local user."); } $license = $req->get_parameter('omb_listenee_license'); if (!common_valid_http_url($license)) { throw new OAuthException("Invalid license URL '{$license}'."); } $site_license = common_config('license', 'url'); if (!common_compatible_license($license, $site_license)) { throw new OAuthException("Listenee stream license '{$license}' not compatible with site license '{$site_license}'."); } # optional stuff $fullname = $req->get_parameter('omb_listenee_fullname'); if ($fullname && mb_strlen($fullname) > 255) { throw new OAuthException("Full name '{$fullname}' too long."); } $homepage = $req->get_parameter('omb_listenee_homepage'); if ($homepage && (!common_valid_http_url($homepage) || mb_strlen($homepage) > 255)) { throw new OAuthException("Invalid homepage '{$homepage}'"); } $bio = $req->get_parameter('omb_listenee_bio'); if ($bio && mb_strlen($bio) > 140) { throw new OAuthException("Bio too long '{$bio}'"); } $location = $req->get_parameter('omb_listenee_location'); if ($location && mb_strlen($location) > 255) { throw new OAuthException("Location too long '{$location}'"); } $avatar = $req->get_parameter('omb_listenee_avatar'); if ($avatar) { if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { throw new OAuthException("Invalid avatar URL '{$avatar}'"); } $size = @getimagesize($avatar); if (!$size) { throw new OAuthException("Can't read avatar URL '{$avatar}'"); } if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) { throw new OAuthException("Wrong size image at '{$avatar}'"); } if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG))) { throw new OAuthException("Wrong image type for '{$avatar}'"); } } $callback = $req->get_parameter('oauth_callback'); if ($callback && !common_valid_http_url($callback)) { throw new OAuthException("Invalid callback URL '{$callback}'"); } if ($callback && $callback == common_local_url('finishremotesubscribe')) { throw new OAuthException("Callback URL '{$callback}' is for local site."); } }