JSONAnswer(array('result' => $data, 'lastid' => $lastid, 'firstid' => $firstid, 'amount' => count($statuses->data)));
} elseif ($request_type == 'delete') {
RetrieveInputGET('id');
// Removing status
$id = intval($P['id']);
$__database->query("DELETE FROM social_statuses WHERE id = " . $id . ($_loginaccount->IsRankOrHigher(RANK_MODERATOR) ? '' : ' AND account_id = ' . $_loginaccount->GetId()));
if ($__database->affected_rows == 1) {
JSONAnswer(array('result' => 'The status was successfully deleted.'));
} else {
JSONDie('Unable to delete the status.');
}
} elseif ($request_type == 'post') {
if (!$_loggedin) {
JSONDie('Not loggedin', 401);
}
RetrieveInputPOST('content', 'reply-to', 'usingface');
$content = nl2br(htmlentities(trim($P['content']), ENT_QUOTES, 'UTF-8'));
//Tweet post yo.
$CONSUMER_KEY = 'AeH4Ka2jIhiBWASIQUEQ';
$CONSUMER_SECRET = 'RjHPE4FXqsznLGohdHzSDnOeIuEucnQ6fPc0aNq8sw';
\Codebird\Codebird::setConsumerKey($CONSUMER_KEY, $CONSUMER_SECRET);
$cb = \Codebird\Codebird::getInstance();
$oauth_token = $_loginaccount->GetConfigurationOption('twitter_oauth_token');
$oauth_token_secret = $_loginaccount->GetConfigurationOption('twitter_oauth_token_secret');
//all status requests have to start with status=
//need to cut off anything over 140 characters btw.
$status = 'status=' . $P['content'] . ' #maplerme';
//Checks if the person has a Twitter account added. If so, bombs away.
if ($oauth_token != '') {
$cb->setToken($oauth_token, $oauth_token_secret);
$reply = $cb->statuses_update($status);
// Success! Now, lets get the cookie
$query = $__database->query("\nSELECT \n\tat.`code`\nFROM \n\taccount_tokens at\nWHERE\n\tat.account_id = " . $row[0] . "\n\tAND\n\tat.type = 'client_token'\n\tAND \n\tat.till > NOW()\n");
$code = '';
if ($query->num_rows == 0) {
// Create new
$code = md5(time() . ' --- ' . $row[0] . ' - ' . $P['email']);
$__database->query("\nINSERT INTO \n\taccount_tokens \nVALUES \n\t(" . $row[0] . ", 'client_token', '" . $code . "', DATE_ADD(NOW(), INTERVAL 1 YEAR))\nON DUPLICATE KEY UPDATE\n\t`code` = VALUES(`code`),\n\t`till` = VALUES(`till`)\n");
} else {
// Use old one
$row = $query->fetch_row();
$code = $row[0];
}
$query->free();
die('CORRE:' . $code);
} elseif ($request_type == 'check_code') {
RetrieveInputPOST('code');
$addr = $__database->real_escape_string($_SERVER['REMOTE_ADDR']);
$q = $__database->query("SELECT COUNT(*) FROM login_requests WHERE ip = '" . $addr . "' AND DATE_ADD(NOW(), INTERVAL 1 DAY) > NOW()");
$row = $q->fetch_row();
$amount = $row[0];
$q->free();
if ($amount > 10) {
die('ERROR:Too many failed requests. Try again in a day');
}
$query = $__database->query("\nSELECT \n\tat.`code`\nFROM \n\taccount_tokens at\nWHERE\n\tat.`code` = '" . $__database->real_escape_string($P['code']) . "'\n\tAND\n\tat.type = 'client_token'\n\tAND \n\tat.till > NOW()\n");
if ($query->num_rows == 0) {
$__database->query("INSERT INTO login_requests VALUES (NULL, '" . $addr . "', NOW(), 'login')");
die('INFO :Invalid key, please login.');
}
die('INFO :Okay');
}
