/** * remote post * * https://yoursite/rpost?f=&title=&body=&remote_return= * * This can be called via either GET or POST, use POST for long body content as suhosin often limits GET parameter length * * f= placeholder, often required * title= Title of post * body= Body of post * url= URL which will be parsed and the results appended to the body * source= Source application * remote_return= absolute URL to return after posting is finished * type= choices are 'html' or 'bbcode', default is 'bbcode' * */ function rpost_content(&$a) { $o = ''; if (!local_channel()) { if (remote_channel()) { // redirect to your own site. // We can only do this with a GET request so you'll need to keep the text short or risk getting truncated // by the wretched beast called 'suhosin'. All the browsers now allow long GET requests, but suhosin // blocks them. $url = get_rpost_path($a->get_observer()); // make sure we're not looping to our own hub if ($url && !stristr($url, $a->get_hostname())) { foreach ($_REQUEST as $key => $arg) { $url .= '&' . $key . '=' . $arg; } goaway($url); } } // The login procedure is going to bugger our $_REQUEST variables // so save them in the session. if (array_key_exists('body', $_REQUEST)) { $_SESSION['rpost'] = $_REQUEST; } return login(); } // If we have saved rpost session variables, but nothing in the current $_REQUEST, recover the saved variables if (!array_key_exists('body', $_REQUEST) && array_key_exists('rpost', $_SESSION)) { $_REQUEST = $_SESSION['rpost']; unset($_SESSION['rpost']); } if (array_key_exists('channel', $_REQUEST)) { $r = q("select channel_id from channel where channel_account_id = %d and channel_address = '%s' limit 1", intval(get_account_id()), dbesc($_REQUEST['channel'])); if ($r) { require_once 'include/security.php'; $change = change_channel($r[0]['channel_id']); } } if ($_REQUEST['remote_return']) { $_SESSION['remote_return'] = $_REQUEST['remote_return']; } if (argc() > 1 && argv(1) === 'return') { if ($_SESSION['remote_return']) { goaway($_SESSION['remote_return']); } goaway(z_root() . '/network'); } $plaintext = true; // if(feature_enabled(local_channel(),'richtext')) // $plaintext = false; if (array_key_exists('type', $_REQUEST) && $_REQUEST['type'] === 'html') { require_once 'include/html2bbcode.php'; $_REQUEST['body'] = html2bbcode($_REQUEST['body']); } $channel = $a->get_channel(); $channel_acl = array('allow_cid' => $channel['channel_allow_cid'], 'allow_gid' => $channel['channel_allow_gid'], 'deny_cid' => $channel['channel_deny_cid'], 'deny_gid' => $channel['channel_deny_gid']); if ($_REQUEST['url']) { $x = z_fetch_url(z_root() . '/parse_url?f=&url=' . urlencode($_REQUEST['url'])); if ($x['success']) { $_REQUEST['body'] = $_REQUEST['body'] . $x['body']; } } $x = array('is_owner' => true, 'allow_location' => intval(get_pconfig($channel['channel_id'], 'system', 'use_browser_location')) ? '1' : '', 'default_location' => $channel['channel_location'], 'nickname' => $channel['channel_address'], 'lockstate' => $channel['channel_allow_cid'] || $channel['channel_allow_gid'] || $channel['channel_deny_cid'] || $channel['channel_deny_gid'] ? 'lock' : 'unlock', 'acl' => populate_acl($channel_acl), 'bang' => '', 'visitor' => true, 'profile_uid' => local_channel(), 'title' => $_REQUEST['title'], 'body' => $_REQUEST['body'], 'attachment' => $_REQUEST['attachment'], 'source' => x($_REQUEST, 'source') ? strip_tags($_REQUEST['source']) : '', 'return_path' => 'rpost/return'); $editor = status_editor($a, $x); $o .= replace_macros(get_markup_template('edpost_head.tpl'), array('$title' => t('Edit post'), '$editor' => $editor)); return $o; }
function rpost_callback($match) { if ($match[2]) { return str_replace($match[0], get_rpost_path(App::get_observer()) . '&title=' . urlencode($match[2]) . '&body=' . urlencode($match[3]), $match[0]); } else { return str_replace($match[0], get_rpost_path(App::get_observer()) . '&body=' . urlencode($match[3]), $match[0]); } }