/**
* Check for an API key, and throw an exception if it's not set
*
* @param array $args URL and POST params
*
* @return boolean continuation flag
*/
function prepare($args)
{
StatusNet::setApi(true);
// reduce exception reports to aid in debugging
parent::prepare($args);
if (!common_config('globalapi', 'enabled')) {
throw new ClientException(_('Global API not enabled.'), 403);
}
$apikey = $this->trimmed('apikey');
if (empty($apikey)) {
throw new ClientException(_('No API key.'), 403);
}
$expected = common_config('globalapi', 'key');
if ($expected != $apikey) {
// FIXME: increment a counter by IP address to prevent brute-force
// attacks on the key.
throw new ClientException(_('Bad API key.'), 403);
}
$email = common_canonical_email($this->trimmed('email'));
if (empty($email)) {
throw new ClientException(_('No email address.'));
}
if (!Validate::email($email, common_config('email', 'check_domain'))) {
throw new ClientException(_('Invalid email address.'));
}
$this->email = $email;
return true;
}
function handle($args)
{
// Trigger short error responses; not a human-readable web page.
StatusNet::setApi(true);
// We're not a general oEmbed proxy service; limit to valid sessions.
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
// TRANS: Client error displayed when the session token does not match or is not given.
$this->clientError(_m('There was a problem with your session token. ' . 'Try again, please.'));
}
$format = $this->arg('format');
if ($format && $format != 'json') {
// TRANS: Client exception thrown when requesting a different format than JSON.
throw new ClientException(_m('Invalid format; only JSON supported.'));
}
$url = $this->arg('url');
if (!common_valid_http_url($url)) {
// TRANS: Client exception thrown when not providing a valid URL.
throw new ClientException(_m('Invalid URL.'));
}
$params = array();
if ($this->arg('maxwidth')) {
$params['maxwidth'] = $this->arg('maxwidth');
}
if ($this->arg('maxheight')) {
$params['maxheight'] = $this->arg('maxheight');
}
$data = oEmbedHelper::getObject($url, $params);
$this->init_document('json');
print json_encode($data);
}
/**
* For initializing members of the class.
*
* @param array $argarray misc. arguments
*
* @return boolean true
*/
function prepare($argarray)
{
parent::prepare($argarray);
if ($this->boolean('ajax')) {
StatusNet::setApi(true);
// short error results!
}
$rsvpId = $this->trimmed('rsvp');
if (empty($rsvpId)) {
// TRANS: Client exception thrown when referring to a non-existing RSVP ("please respond") item.
throw new ClientException(_m('No such RSVP.'));
}
$this->rsvp = RSVP::staticGet('id', $rsvpId);
if (empty($this->rsvp)) {
// TRANS: Client exception thrown when referring to a non-existing RSVP ("please respond") item.
throw new ClientException(_m('No such RSVP.'));
}
$this->event = Happening::staticGet('id', $this->rsvp->event_id);
if (empty($this->event)) {
// TRANS: Client exception thrown when referring to a non-existing event.
throw new ClientException(_m('No such event.'));
}
$this->user = common_current_user();
if (empty($this->user)) {
// TRANS: Client exception thrown when trying tp RSVP ("please respond") while not logged in.
throw new ClientException(_m('You must be logged in to RSVP for an event.'));
}
return true;
}
/**
* For initializing members of the class.
*
* @param array $argarray misc. arguments
*
* @return boolean true
*/
function prepare($argarray)
{
parent::prepare($argarray);
if ($this->boolean('ajax')) {
StatusNet::setApi(true);
}
$this->user = common_current_user();
if (empty($this->user)) {
// TRANS: Client exception thrown trying to respond to a poll while not logged in.
throw new ClientException(_m('You must be logged in to respond to a poll.'), 403);
}
if ($this->isPost()) {
$this->checkSessionToken();
}
$id = $this->trimmed('id');
$this->poll = Poll::staticGet('id', $id);
if (empty($this->poll)) {
// TRANS: Client exception thrown trying to respond to a non-existing poll.
throw new ClientException(_m('Invalid or missing poll.'), 404);
}
$selection = intval($this->trimmed('pollselection'));
if ($selection < 1 || $selection > count($this->poll->getOptions())) {
// TRANS: Client exception thrown responding to a poll with an invalid answer.
throw new ClientException(_m('Invalid poll selection.'));
}
$this->selection = $selection;
return true;
}
/**
* Load attributes based on database arguments
*
* Loads all the DB stuff
*
* @param array $args $_REQUEST array
*
* @return success flag
*/
function prepare($args)
{
parent::prepare($args);
if ($this->boolean('ajax')) {
StatusNet::setApi(true);
}
$this->notice = $this->getNotice();
$cur = common_current_user();
if (!empty($cur)) {
$curProfile = $cur->getProfile();
} else {
$curProfile = null;
}
if (!$this->notice->inScope($curProfile)) {
// TRANS: Client exception thrown when trying a view a notice the user has no access to.
throw new ClientException(_('Not available.'), 403);
}
$this->profile = $this->notice->getProfile();
if (empty($this->profile)) {
// TRANS: Server error displayed trying to show a notice without a connected profile.
$this->serverError(_('Notice has no profile.'), 500);
return false;
}
$this->user = User::staticGet('id', $this->profile->id);
$this->avatar = $this->profile->getAvatar(AVATAR_PROFILE_SIZE);
return true;
}
function handle($args)
{
parent::handle($args);
if ($this->boolean('ajax')) {
StatusNet::setApi(true);
}
if (!common_logged_in()) {
// TRANS: Error message displayed when trying to perform an action that requires a logged in user.
$this->clientError(_('Not logged in.'));
return;
}
$user = common_current_user();
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname)));
return;
}
/* Use a session token for CSRF protection. */
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
// TRANS: Client error displayed when the session token does not match or is not given.
$this->clientError(_('There was a problem with your session token. ' . 'Try again, please.'));
return;
}
$other_id = $this->arg('unsubscribeto');
if (!$other_id) {
// TRANS: Client error displayed when trying to leave a group without specifying an ID.
$this->clientError(_('No profile ID in request.'));
return;
}
$other = Profile::staticGet('id', $other_id);
if (!$other) {
// TRANS: Client error displayed when trying to leave a non-existing group.
$this->clientError(_('No profile with that ID.'));
return;
}
$this->request = Subscription_queue::pkeyGet(array('subscriber' => $user->id, 'subscribed' => $other->id));
if (empty($this->request)) {
// TRANS: Client error displayed when trying to approve a non-existing group join request.
// TRANS: %s is a user nickname.
$this->clientError(sprintf(_('%s is not in the moderation queue for this group.'), $this->profile->nickname), 403);
}
$this->request->abort();
if ($this->boolean('ajax')) {
$this->startHTML('text/xml;charset=utf-8');
$this->elementStart('head');
// TRANS: Title after unsubscribing from a group.
$this->element('title', null, _m('TITLE', 'Unsubscribed'));
$this->elementEnd('head');
$this->elementStart('body');
$subscribe = new SubscribeForm($this, $other);
$subscribe->show();
$this->elementEnd('body');
$this->elementEnd('html');
} else {
common_redirect(common_local_url('subscriptions', array('nickname' => $user->nickname)), 303);
}
}
function handle()
{
StatusNet::setApi(true);
// Minimize error messages to aid in debugging
parent::handle();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->handlePost();
} else {
$this->handleGet();
}
}
/**
* For initializing members of the class.
*
* @param array $argarray misc. arguments
*
* @return boolean true
*/
function prepare($argarray)
{
StatusNet::setApi(true);
// Send smaller error pages
parent::prepare($argarray);
$license = $_POST['omb_listenee_license'];
$site_license = common_config('license', 'url');
if (!common_compatible_license($license, $site_license)) {
$this->clientError(sprintf(_('Listenee stream license ‘%1$s’ is not ' . 'compatible with site license ‘%2$s’.'), $license, $site_license));
return false;
}
return true;
}
/**
* For initializing members of the class.
*
* @param array $argarray misc. arguments
*
* @return boolean true
*/
function prepare($argarray)
{
StatusNet::setApi(true);
// Send smaller error pages
parent::prepare($argarray);
try {
$this->checkNotice();
} catch (Exception $e) {
$this->clientError($e->getMessage());
return false;
}
return true;
}
/**
* Check the posted activity type and break out to appropriate processing.
*/
function handle($args)
{
StatusNet::setApi(true);
// Send smaller error pages
common_log(LOG_DEBUG, "Got a " . $this->activity->verb);
if (Event::handle('StartHandleSalmonTarget', array($this->activity, $this->target)) && Event::handle('StartHandleSalmon', array($this->activity))) {
switch ($this->activity->verb) {
case ActivityVerb::POST:
$this->handlePost();
break;
case ActivityVerb::SHARE:
$this->handleShare();
break;
case ActivityVerb::FAVORITE:
$this->handleFavorite();
break;
case ActivityVerb::UNFAVORITE:
$this->handleUnfavorite();
break;
case ActivityVerb::FOLLOW:
case ActivityVerb::FRIEND:
$this->handleFollow();
break;
case ActivityVerb::UNFOLLOW:
$this->handleUnfollow();
break;
case ActivityVerb::JOIN:
$this->handleJoin();
break;
case ActivityVerb::LEAVE:
$this->handleLeave();
break;
case ActivityVerb::TAG:
$this->handleTag();
break;
case ActivityVerb::UNTAG:
$this->handleUntag();
break;
case ActivityVerb::UPDATE_PROFILE:
$this->handleUpdateProfile();
break;
default:
// TRANS: Client exception.
throw new ClientException(_m('Unrecognized activity type.'));
}
Event::handle('EndHandleSalmon', array($this->activity));
Event::handle('EndHandleSalmonTarget', array($this->activity, $this->target));
}
}
/**
* For initializing members of the class.
*
* @param array $argarray misc. arguments
*
* @return boolean true
*/
function prepare($argarray)
{
StatusNet::setApi(true);
// Send smaller error pages
parent::prepare($argarray);
$license = $_POST['omb_listenee_license'];
$site_license = common_config('license', 'url');
if (!common_compatible_license($license, $site_license)) {
// TRANS: Client error displayed when trying to update profile with an incompatible license.
// TRANS: %1$s is the license incompatible with site license %2$s.
$this->clientError(sprintf(_('Listenee stream license "%1$s" is not ' . 'compatible with site license "%2$s".'), $license, $site_license));
return false;
}
return true;
}
/**
* Initialization.
*
* @param array $args Web and URL arguments
*
* @return boolean false if user doesn't exist
*/
function prepare($args)
{
StatusNet::setApi(true);
// reduce exception reports to aid in debugging
parent::prepare($args);
$this->format = $this->arg('format');
$this->page = (int) $this->arg('page', 1);
$this->count = (int) $this->arg('count', 20);
$this->max_id = (int) $this->arg('max_id', 0);
$this->since_id = (int) $this->arg('since_id', 0);
if ($this->arg('since')) {
header('X-StatusNet-Warning: since parameter is disabled; use since_id');
}
return true;
}
function prepare($args)
{
// If we die, show short error messages.
StatusNet::setApi(true);
parent::prepare($args);
$cur = common_current_user();
if (!$cur) {
// TRANS: Client exception in autocomplete plugin.
throw new ClientException(_m('Access forbidden.'), true);
}
$this->groups = array();
$this->users = array();
$q = $this->arg('q');
$limit = $this->arg('limit');
if ($limit > 200) {
$limit = 200;
}
//prevent DOS attacks
if (substr($q, 0, 1) == '@') {
//user search
$q = substr($q, 1);
$user = new User();
$user->limit($limit);
$user->whereAdd('nickname like \'' . trim($user->escape($q), '\'') . '%\'');
if ($user->find()) {
while ($user->fetch()) {
$this->users[] = clone $user;
}
}
}
if (substr($q, 0, 1) == '!') {
//group search
$q = substr($q, 1);
$group = new User_group();
$group->limit($limit);
$group->whereAdd('nickname like \'' . trim($group->escape($q), '\'') . '%\'');
if ($group->find()) {
while ($group->fetch()) {
$this->groups[] = clone $group;
}
}
}
return true;
}
/**
* For initializing members of the class.
*
* @param array $argarray misc. arguments
*
* @return boolean true
*/
function prepare($argarray)
{
parent::prepare($argarray);
if ($this->boolean('ajax')) {
StatusNet::setApi(true);
}
$this->user = common_current_user();
if (empty($this->user)) {
throw new ClientException(_m("You must be logged in to answer to a question."), 403);
}
$id = substr($this->trimmed('id'), 7);
$this->answer = QnA_Answer::staticGet('id', $id);
$this->question = $this->answer->getQuestion();
if (empty($this->answer) || empty($this->question)) {
throw new ClientException(_m('Invalid or missing answer.'), 404);
}
$this->answerText = $this->trimmed('answer');
return true;
}
/**
* For initializing members of the class.
*
* @param array $argarray misc. arguments
*
* @return boolean true
*/
function prepare($argarray)
{
parent::prepare($argarray);
if ($this->boolean('ajax')) {
StatusNet::setApi(true);
}
$this->user = common_current_user();
if (empty($this->user)) {
// TRANS: Client exception thrown when trying to create a new bookmark while not logged in.
throw new ClientException(_m('Must be logged in to post a bookmark.'), 403);
}
if ($this->isPost()) {
$this->checkSessionToken();
}
$this->title = $this->trimmed('title');
$this->url = $this->trimmed('url');
$this->tags = $this->trimmed('tags');
$this->description = $this->trimmed('description');
return true;
}
/**
* For initializing members of the class.
*
* @param array $argarray misc. arguments
*
* @return boolean true
*/
function prepare($argarray)
{
parent::prepare($argarray);
if ($this->boolean('ajax')) {
StatusNet::setApi(true);
}
$this->user = common_current_user();
if (empty($this->user)) {
throw new ClientException(_m("You must be logged in to close a question."), 403);
}
if ($this->isPost()) {
$this->checkSessionToken();
}
$id = substr($this->trimmed('id'), 9);
$this->question = QnA_Question::staticGet('id', $id);
if (empty($this->question)) {
// TRANS: Client exception thrown trying to respond to a non-existing question.
throw new ClientException(_m('Invalid or missing question.'), 404);
}
return true;
}
/**
* For initializing members of the class.
*
* @param array $argarray misc. arguments
*
* @return boolean true
*/
function prepare($argarray)
{
parent::prepare($argarray);
if ($this->boolean('ajax')) {
StatusNet::setApi(true);
// short error results!
}
$eventId = $this->trimmed('event');
if (empty($eventId)) {
// TRANS: Client exception thrown when requesting a non-exsting event.
throw new ClientException(_m('No such event.'));
}
$this->event = Happening::staticGet('id', $eventId);
if (empty($this->event)) {
// TRANS: Client exception thrown when requesting a non-exsting event.
throw new ClientException(_m('No such event.'));
}
$this->user = common_current_user();
if (empty($this->user)) {
// TRANS: Client exception thrown when trying to RSVP ("please respond") while not logged in.
throw new ClientException(_m('You must be logged in to RSVP for an event.'));
}
common_debug(print_r($this->args, true));
switch (strtolower($this->trimmed('submitvalue'))) {
case 'yes':
$this->verb = RSVP::POSITIVE;
break;
case 'no':
$this->verb = RSVP::NEGATIVE;
break;
case 'maybe':
$this->verb = RSVP::POSSIBLE;
break;
default:
// TRANS: Client exception thrown when using an invalid value for RSVP ("please respond").
throw new ClientException(_m('Unknown submit value.'));
}
return true;
}
/**
* For initializing members of the class.
*
* @param array $argarray misc. arguments
*
* @return boolean true
*/
function prepare($argarray)
{
parent::prepare($argarray);
if ($this->boolean('ajax')) {
StatusNet::setApi(true);
}
common_debug("in qnanewanswer");
$this->user = common_current_user();
if (empty($this->user)) {
throw new ClientException(_m("You must be logged in to answer to a question."), 403);
}
if ($this->isPost()) {
$this->checkSessionToken();
}
$id = substr($this->trimmed('id'), 9);
$this->question = QnA_Question::staticGet('id', $id);
if (empty($this->question)) {
throw new ClientException(_m('Invalid or missing question.'), 404);
}
$this->answerText = $this->trimmed('answer');
return true;
}
/**
* Check pre-requisites and instantiate attributes
*
* @param Array $args array of arguments (URL, GET, POST)
*
* @return boolean success flag
*/
function prepare($args)
{
parent::prepare($args);
if ($this->boolean('ajax')) {
StatusNet::setApi(true);
}
// Only allow POST requests
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
// TRANS: Client error displayed trying to perform any request method other than POST.
// TRANS: Do not translate POST.
$this->clientError(_m('This action only accepts POST requests.'));
return false;
}
// CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
// TRANS: Client error displayed when the session token is not okay.
$this->clientError(_m('There was a problem with your session token.' . ' Try again, please.'));
return false;
}
// Only for logged-in users
$this->user = common_current_user();
if (empty($this->user)) {
// TRANS: Error message displayed when trying to perform an action that requires a logged in user.
$this->clientError(_m('Not logged in.'));
return false;
}
// Profile to subscribe to
$this->tag = $this->arg('tag');
if (empty($this->tag)) {
// TRANS: Client error displayed trying to subscribe to a non-existing profile.
$this->clientError(_m('No such profile.'));
return false;
}
return true;
}
function prepare($args)
{
StatusNet::setApi(true);
// reduce exception reports to aid in debugging
return parent::prepare($args);
}
/**
* Initialization.
*
* @param array $args Web and URL arguments
*
* @return boolean false if user doesn't exist
*/
function prepare($args)
{
StatusNet::setApi(true);
// reduce exception reports to aid in debugging
parent::prepare($args);
$this->format = $this->arg('format');
$this->callback = $this->arg('callback');
$this->page = (int) $this->arg('page', 1);
$this->count = (int) $this->arg('count', 20);
$this->max_id = (int) $this->arg('max_id', 0);
$this->since_id = (int) $this->arg('since_id', 0);
if ($this->arg('since')) {
header('X-StatusNet-Warning: since parameter is disabled; use since_id');
}
$this->source = $this->trimmed('source');
if (empty($this->source) || in_array($this->source, self::$reserved_sources)) {
$this->source = 'api';
}
return true;
}
/**
* Add a new Poll
*
* @return void
*/
function newPoll()
{
if ($this->boolean('ajax')) {
StatusNet::setApi(true);
}
try {
if (empty($this->question)) {
// TRANS: Client exception thrown trying to create a poll without a question.
throw new ClientException(_m('Poll must have a question.'));
}
if (count($this->options) < 2) {
// TRANS: Client exception thrown trying to create a poll with fewer than two options.
throw new ClientException(_m('Poll must have at least two options.'));
}
// Notice options; distinct from choices for the poll
$options = array();
// Does the heavy-lifting for getting "To:" information
ToSelector::fillOptions($this, $options);
$saved = Poll::saveNew($this->user->getProfile(), $this->question, $this->options, $options);
} catch (ClientException $ce) {
$this->error = $ce->getMessage();
$this->showPage();
return;
}
if ($this->boolean('ajax')) {
header('Content-Type: text/xml;charset=utf-8');
$this->xw->startDocument('1.0', 'UTF-8');
$this->elementStart('html');
$this->elementStart('head');
// TRANS: Page title after sending a notice.
$this->element('title', null, _m('Notice posted'));
$this->elementEnd('head');
$this->elementStart('body');
$this->showNotice($saved);
$this->elementEnd('body');
$this->elementEnd('html');
} else {
common_redirect($saved->bestUrl(), 303);
}
}
function handle($args)
{
// @fixme move this to saveSettings and friends?
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
StatusNet::setApi(true);
// short error pages :P
$this->checkSessionToken();
if ($this->subaction == 'change-apikey') {
$form = new YammerApiKeyForm($this);
} else {
if ($this->subaction == 'apikey') {
if ($this->saveKeys()) {
$form = new YammerAuthInitForm($this, $this->runner);
} else {
$form = new YammerApiKeyForm($this);
}
} else {
if ($this->subaction == 'authinit') {
// hack
if ($this->arg('change-apikey')) {
$form = new YammerApiKeyForm($this);
} else {
$url = $this->runner->requestAuth();
$form = new YammerAuthVerifyForm($this, $this->runner);
}
} else {
if ($this->subaction == 'authverify') {
$this->runner->saveAuthToken($this->trimmed('verify_token'));
// Haho! Now we can make THE FUN HAPPEN
$this->runner->startBackgroundImport();
$form = new YammerProgressForm($this, $this->runner);
} else {
if ($this->subaction == 'pause-import') {
// TRANS: Error message about an import job being paused from the admin panel.
$this->runner->recordError(_m('Paused from admin panel.'));
$form = $this->statusForm();
} else {
if ($this->subaction == 'continue-import') {
$this->runner->clearError();
$this->runner->startBackgroundImport();
$form = $this->statusForm();
} else {
if ($this->subaction == 'abort-import') {
$this->runner->reset();
$form = $this->statusForm();
} else {
if ($this->subaction == 'progress') {
$form = $this->statusForm();
} else {
// TRANS: Client exception thrown when encountering an unhandled sub action.
throw new ClientException(_m('Invalid POST'));
}
}
}
}
}
}
}
}
return $this->showAjaxForm($form);
}
return parent::handle($args);
}