function save_notice(&$req, &$consumer, &$token)
{
$version = $req->get_parameter('omb_version');
if ($version != OMB_VERSION_01) {
$this->clientError(_('Unsupported OMB version'), 400);
return false;
}
# First, check to see
$listenee = $req->get_parameter('omb_listenee');
$remote_profile = Remote_profile::staticGet('uri', $listenee);
if (!$remote_profile) {
$this->clientError(_('Profile unknown'), 403);
return false;
}
$sub = Subscription::staticGet('token', $token->key);
if (!$sub) {
$this->clientError(_('No such subscription'), 403);
return false;
}
$content = $req->get_parameter('omb_notice_content');
$content_shortened = common_shorten_links($content);
if (mb_strlen($content_shortened) > 140) {
$this->clientError(_('Invalid notice content'), 400);
return false;
}
$notice_uri = $req->get_parameter('omb_notice');
if (!Validate::uri($notice_uri) && !common_valid_tag($notice_uri)) {
$this->clientError(_('Invalid notice uri'), 400);
return false;
}
$notice_url = $req->get_parameter('omb_notice_url');
if ($notice_url && !common_valid_http_url($notice_url)) {
$this->clientError(_('Invalid notice url'), 400);
return false;
}
$notice = Notice::staticGet('uri', $notice_uri);
if (!$notice) {
$notice = Notice::saveNew($remote_profile->id, $content, 'omb', false, null, $notice_uri);
if (is_string($notice)) {
common_server_serror($notice, 500);
return false;
}
common_broadcast_notice($notice, true);
}
return true;
}
function trySave()
{
$tag = common_canonical_tag($this->trimmed('tag'));
$description = $this->trimmed('description');
$private = $this->boolean('private');
$delete = $this->arg('delete');
$confirm = $this->arg('confirm');
$cancel = $this->arg('cancel');
if ($delete && $cancel) {
// TRANS: Form validation error displayed if the form data for deleting a tag was incorrect.
$this->showForm(_('Delete aborted.'));
return;
}
$set_private = $private && $this->peopletag->private != $private;
if ($delete && !$confirm) {
// TRANS: Text in confirmation dialog for deleting a tag.
$this->showConfirm(_('Deleting this tag will permanantly remove ' . 'all its subscription and membership records. ' . 'Do you still want to continue?'), array('delete' => 1));
return;
} else {
if (common_valid_tag($tag)) {
// TRANS: Form validation error displayed if a given tag is invalid.
$this->showForm(_('Invalid tag.'));
return;
} else {
if ($tag != $this->peopletag->tag && $this->tagExists($tag)) {
// TRANS: Form validation error displayed if a given tag is already present.
// TRANS: %s is the already present tag.
$this->showForm(sprintf(_('You already have a tag named %s.'), $tag));
return;
} else {
if (Profile_list::descriptionTooLong($description)) {
$this->showForm(sprintf(_m('Description is too long (maximum %d character).', 'Description is too long (maximum %d characters).', Profile_list::maxDescription()), Profile_list::maxDescription()));
return;
} else {
if ($set_private && !$confirm && !$cancel) {
$fwd = array('tag' => $tag, 'description' => $description, 'private' => (int) $private);
// TRANS: Text in confirmation dialog for setting a tag from public to private.
$this->showConfirm(_('Setting a public tag as private will ' . 'permanently remove all the existing ' . 'subscriptions to it. Do you still want to continue?'), $fwd);
return;
}
}
}
}
}
$this->peopletag->query('BEGIN');
$orig = clone $this->peopletag;
$this->peopletag->tag = $tag;
$this->peopletag->description = $description;
if (!$set_private || $confirm) {
$this->peopletag->private = $private;
}
$result = $this->peopletag->update($orig);
if (!$result) {
common_log_db_error($this->group, 'UPDATE', __FILE__);
// TRANS: Server error displayed when updating a list fails.
$this->serverError(_('Could not update list.'));
}
$this->peopletag->query('COMMIT');
if ($set_private && $confirm) {
Profile_tag_subscription::cleanup($this->peopletag);
}
if ($delete) {
// This might take quite a bit of time.
$this->peopletag->delete();
// send home.
common_redirect(common_local_url('all', array('nickname' => $this->tagger->nickname)), 303);
}
if ($tag != $orig->tag) {
common_redirect(common_local_url('editpeopletag', array('tagger' => $this->tagger->nickname, 'tag' => $tag)), 303);
} else {
// TRANS: Edit list form success message.
$this->showForm(_('Options saved.'));
}
}
function validateOmb(&$req)
{
foreach (array('omb_version', 'omb_listener', 'omb_listenee', 'omb_listenee_profile', 'omb_listenee_nickname', 'omb_listenee_license') as $param) {
if (is_null($req->get_parameter($param))) {
throw new OAuthException("Required parameter '{$param}' not found");
}
}
# Now, OMB stuff
$version = $req->get_parameter('omb_version');
if ($version != OMB_VERSION_01) {
throw new OAuthException("OpenMicroBlogging version '{$version}' not supported");
}
$listener = $req->get_parameter('omb_listener');
$user = User::staticGet('uri', $listener);
if (!$user) {
throw new OAuthException("Listener URI '{$listener}' not found here");
}
$cur = common_current_user();
if ($cur->id != $user->id) {
throw new OAuthException("Can't add for another user!");
}
$listenee = $req->get_parameter('omb_listenee');
if (!Validate::uri($listenee) && !common_valid_tag($listenee)) {
throw new OAuthException("Listenee URI '{$listenee}' not a recognizable URI");
}
if (strlen($listenee) > 255) {
throw new OAuthException("Listenee URI '{$listenee}' too long");
}
$other = User::staticGet('uri', $listenee);
if ($other) {
throw new OAuthException("Listenee URI '{$listenee}' is local user");
}
$remote = Remote_profile::staticGet('uri', $listenee);
if ($remote) {
$sub = new Subscription();
$sub->subscriber = $user->id;
$sub->subscribed = $remote->id;
if ($sub->find(true)) {
throw new OAuthException("Already subscribed to user!");
}
}
$nickname = $req->get_parameter('omb_listenee_nickname');
if (!Validate::string($nickname, array('min_length' => 1, 'max_length' => 64, 'format' => VALIDATE_NUM . VALIDATE_ALPHA_LOWER))) {
throw new OAuthException('Nickname must have only letters and numbers and no spaces.');
}
$profile = $req->get_parameter('omb_listenee_profile');
if (!common_valid_http_url($profile)) {
throw new OAuthException("Invalid profile URL '{$profile}'.");
}
if ($profile == common_local_url('showstream', array('nickname' => $nickname))) {
throw new OAuthException("Profile URL '{$profile}' is for a local user.");
}
$license = $req->get_parameter('omb_listenee_license');
if (!common_valid_http_url($license)) {
throw new OAuthException("Invalid license URL '{$license}'.");
}
$site_license = common_config('license', 'url');
if (!common_compatible_license($license, $site_license)) {
throw new OAuthException("Listenee stream license '{$license}' not compatible with site license '{$site_license}'.");
}
# optional stuff
$fullname = $req->get_parameter('omb_listenee_fullname');
if ($fullname && mb_strlen($fullname) > 255) {
throw new OAuthException("Full name '{$fullname}' too long.");
}
$homepage = $req->get_parameter('omb_listenee_homepage');
if ($homepage && (!common_valid_http_url($homepage) || mb_strlen($homepage) > 255)) {
throw new OAuthException("Invalid homepage '{$homepage}'");
}
$bio = $req->get_parameter('omb_listenee_bio');
if ($bio && mb_strlen($bio) > 140) {
throw new OAuthException("Bio too long '{$bio}'");
}
$location = $req->get_parameter('omb_listenee_location');
if ($location && mb_strlen($location) > 255) {
throw new OAuthException("Location too long '{$location}'");
}
$avatar = $req->get_parameter('omb_listenee_avatar');
if ($avatar) {
if (!common_valid_http_url($avatar) || strlen($avatar) > 255) {
throw new OAuthException("Invalid avatar URL '{$avatar}'");
}
$size = @getimagesize($avatar);
if (!$size) {
throw new OAuthException("Can't read avatar URL '{$avatar}'");
}
if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) {
throw new OAuthException("Wrong size image at '{$avatar}'");
}
if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG))) {
throw new OAuthException("Wrong image type for '{$avatar}'");
}
}
$callback = $req->get_parameter('oauth_callback');
if ($callback && !common_valid_http_url($callback)) {
throw new OAuthException("Invalid callback URL '{$callback}'");
}
if ($callback && $callback == common_local_url('finishremotesubscribe')) {
throw new OAuthException("Callback URL '{$callback}' is for local site.");
}
}
