Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2024-11-10 08:22:57 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1831 from annando/1508-twidere-crash

Browse source 
New versions of Twidere crashed during posting.
This commit is contained in:
Tobias Diekershoff 2015-08-18 07:17:30 +02:00
commit 033f89c6fa
2 changed files with 47 additions and 51 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
include/api.php
View file

@ -9,6 +9,15 @@
require_once("include/html2plain.php"); require_once("include/html2plain.php");
require_once("mod/share.php"); require_once("mod/share.php");
require_once("include/Photo.php"); require_once("include/Photo.php");
require_once("mod/item.php");
require_once('include/security.php');
require_once('include/contact_selectors.php');
require_once('library/HTMLPurifier.auto.php');
require_once('include/html2bbcode.php');
require_once('mod/wall_upload.php');
require_once("mod/proxy.php");
require_once("include/message.php");
/* /*
* Twitter-Like API * Twitter-Like API
@ -151,7 +160,6 @@
die('This api requires login'); die('This api requires login');
} }
require_once('include/security.php');
authenticate_success($record); $_SESSION["allow_api"] = true; authenticate_success($record); $_SESSION["allow_api"] = true;
call_hooks('logged_in', $a->user); call_hooks('logged_in', $a->user);
@ -185,7 +193,11 @@
if (strpos($a->query_string, ".atom")>0) $type="atom"; if (strpos($a->query_string, ".atom")>0) $type="atom";
if (strpos($a->query_string, ".as")>0) $type="as"; if (strpos($a->query_string, ".as")>0) $type="as";
$stamp = microtime(true);
$r = call_user_func($info['func'], $a, $type); $r = call_user_func($info['func'], $a, $type);
$duration = (float)(microtime(true)-$stamp);
logger("API call duration: ".round($duration, 2)."\t".$a->query_string, LOGGER_DEBUG);
if ($r===false) return; if ($r===false) return;
switch($type){ switch($type){
@ -504,7 +516,6 @@
$r = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1", dbesc(normalise_link($uinfo[0]['url']))); $r = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1", dbesc(normalise_link($uinfo[0]['url'])));
} }
require_once('include/contact_selectors.php');
$network_name = network_to_name($uinfo[0]['network'], $uinfo[0]['url']); $network_name = network_to_name($uinfo[0]['network'], $uinfo[0]['url']);
$ret = Array( $ret = Array(
@ -686,9 +697,6 @@
$txt = requestdata('status'); $txt = requestdata('status');
//$txt = urldecode(requestdata('status')); //$txt = urldecode(requestdata('status'));
require_once('library/HTMLPurifier.auto.php');
require_once('include/html2bbcode.php');
if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) { if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) {
$txt = html2bb_video($txt); $txt = html2bb_video($txt);
$config = HTMLPurifier_Config::createDefault(); $config = HTMLPurifier_Config::createDefault();
@ -701,12 +709,10 @@
$a->argv[1]=$user_info['screen_name']; //should be set to username? $a->argv[1]=$user_info['screen_name']; //should be set to username?
$_REQUEST['hush']='yeah'; //tell wall_upload function to return img info instead of echo $_REQUEST['hush']='yeah'; //tell wall_upload function to return img info instead of echo
require_once('mod/wall_upload.php');
$bebop = wall_upload_post($a); $bebop = wall_upload_post($a);
//now that we have the img url in bbcode we can add it to the status and insert the wall item. //now that we have the img url in bbcode we can add it to the status and insert the wall item.
$_REQUEST['body']=$txt."\n\n".$bebop; $_REQUEST['body']=$txt."\n\n".$bebop;
require_once('mod/item.php');
item_post($a); item_post($a);
// this should output the last post (the one we just posted). // this should output the last post (the one we just posted).
@ -729,9 +735,6 @@
// logger('api_post: ' . print_r($_POST,true)); // logger('api_post: ' . print_r($_POST,true));
if(requestdata('htmlstatus')) { if(requestdata('htmlstatus')) {
require_once('library/HTMLPurifier.auto.php');
require_once('include/html2bbcode.php');
$txt = requestdata('htmlstatus'); $txt = requestdata('htmlstatus');
if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) { if((strpos($txt,'<') !== false) || (strpos($txt,'>') !== false)) {
@ -753,6 +756,11 @@
$_REQUEST['title'] = requestdata('title'); $_REQUEST['title'] = requestdata('title');
$parent = requestdata('in_reply_to_status_id'); $parent = requestdata('in_reply_to_status_id');
// Twidere sends "-1" if it is no reply ...
if ($parent == -1)
$parent = "";
if(ctype_digit($parent)) if(ctype_digit($parent))
$_REQUEST['parent'] = $parent; $_REQUEST['parent'] = $parent;
else else
@ -829,7 +837,6 @@
if(x($_FILES,'media')) { if(x($_FILES,'media')) {
// upload the image if we have one // upload the image if we have one
$_REQUEST['hush']='yeah'; //tell wall_upload function to return img info instead of echo $_REQUEST['hush']='yeah'; //tell wall_upload function to return img info instead of echo
require_once('mod/wall_upload.php');
$media = wall_upload_post($a); $media = wall_upload_post($a);
if(strlen($media)>0) if(strlen($media)>0)
$_REQUEST['body'] .= "\n\n".$media; $_REQUEST['body'] .= "\n\n".$media;
@ -856,7 +863,6 @@
// call out normal post function // call out normal post function
require_once('mod/item.php');
item_post($a); item_post($a);
// this should output the last post (the one we just posted). // this should output the last post (the one we just posted).
@ -879,7 +885,6 @@
return false; return false;
} }
require_once('mod/wall_upload.php');
$media = wall_upload_post($a, false); $media = wall_upload_post($a, false);
if(!$media) { if(!$media) {
// Output error // Output error
@ -1480,7 +1485,6 @@
if (!x($_REQUEST, "source")) if (!x($_REQUEST, "source"))
$_REQUEST["source"] = api_source(); $_REQUEST["source"] = api_source();
require_once('mod/item.php');
item_post($a); item_post($a);
} }
@ -1512,7 +1516,6 @@
$ret = api_statuses_show($a, $type); $ret = api_statuses_show($a, $type);
require_once('include/items.php');
drop_item($id, false); drop_item($id, false);
return($ret); return($ret);
@ -1976,7 +1979,6 @@
$include_entities = strtolower(x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:"false"); $include_entities = strtolower(x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:"false");
if ($include_entities != "true") { if ($include_entities != "true") {
require_once("mod/proxy.php");
preg_match_all("/\[img](.*?)\[\/img\]/ism", $bbcode, $images); preg_match_all("/\[img](.*?)\[\/img\]/ism", $bbcode, $images);
@ -2079,7 +2081,6 @@
// If image cache is activated, then use the following sizes: // If image cache is activated, then use the following sizes:
// thumb (150), small (340), medium (600) and large (1024) // thumb (150), small (340), medium (600) and large (1024)
if (!get_config("system", "proxy_disabled")) { if (!get_config("system", "proxy_disabled")) {
require_once("mod/proxy.php");
$media_url = proxy_url($url); $media_url = proxy_url($url);
$sizes = array(); $sizes = array();
@ -2471,8 +2472,6 @@
$sender = api_get_user($a); $sender = api_get_user($a);
require_once("include/message.php");
if ($_POST['screen_name']) { if ($_POST['screen_name']) {
$r = q("SELECT `id`, `nurl`, `network` FROM `contact` WHERE `uid`=%d AND `nick`='%s'", $r = q("SELECT `id`, `nurl`, `network` FROM `contact` WHERE `uid`=%d AND `nick`='%s'",
intval(api_user()), intval(api_user()),

61
mod/api.php
View file

@ -4,19 +4,19 @@ require_once('include/api.php');
function oauth_get_client($request){ function oauth_get_client($request){
$params = $request->get_parameters(); $params = $request->get_parameters();
$token = $params['oauth_token']; $token = $params['oauth_token'];
$r = q("SELECT `clients`.* $r = q("SELECT `clients`.*
FROM `clients`, `tokens` FROM `clients`, `tokens`
WHERE `clients`.`client_id`=`tokens`.`client_id` WHERE `clients`.`client_id`=`tokens`.`client_id`
AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'", AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'",
dbesc($token)); dbesc($token));
if (!count($r)) if (!count($r))
return null; return null;
return $r[0]; return $r[0];
} }
@ -36,31 +36,31 @@ function api_post(&$a) {
function api_content(&$a) { function api_content(&$a) {
if ($a->cmd=='api/oauth/authorize'){ if ($a->cmd=='api/oauth/authorize'){
/* /*
* api/oauth/authorize interact with the user. return a standard page * api/oauth/authorize interact with the user. return a standard page
*/ */
$a->page['template'] = "minimal"; $a->page['template'] = "minimal";
// get consumer/client from request token // get consumer/client from request token
try { try {
$request = OAuthRequest::from_request(); $request = OAuthRequest::from_request();
} catch(Exception $e) { } catch(Exception $e) {
echo "<pre>"; var_dump($e); killme(); echo "<pre>"; var_dump($e); killme();
} }
if (x($_POST,'oauth_yes')){ if (x($_POST,'oauth_yes')){
$app = oauth_get_client($request); $app = oauth_get_client($request);
if (is_null($app)) return "Invalid request. Unknown token."; if (is_null($app)) return "Invalid request. Unknown token.";
$consumer = new OAuthConsumer($app['client_id'], $app['pw'], $app['redirect_uri']); $consumer = new OAuthConsumer($app['client_id'], $app['pw'], $app['redirect_uri']);
$verifier = md5($app['secret'].local_user()); $verifier = md5($app['secret'].local_user());
set_config("oauth", $verifier, local_user()); set_config("oauth", $verifier, local_user());
if ($consumer->callback_url!=null) { if ($consumer->callback_url!=null) {
$params = $request->get_parameters(); $params = $request->get_parameters();
$glue="?"; $glue="?";
@ -68,35 +68,35 @@ function api_content(&$a) {
goaway($consumer->callback_url.$glue."oauth_token=".OAuthUtil::urlencode_rfc3986($params['oauth_token'])."&oauth_verifier=".OAuthUtil::urlencode_rfc3986($verifier)); goaway($consumer->callback_url.$glue."oauth_token=".OAuthUtil::urlencode_rfc3986($params['oauth_token'])."&oauth_verifier=".OAuthUtil::urlencode_rfc3986($verifier));
killme(); killme();
} }
$tpl = get_markup_template("oauth_authorize_done.tpl"); $tpl = get_markup_template("oauth_authorize_done.tpl");
$o = replace_macros($tpl, array( $o = replace_macros($tpl, array(
'$title' => t('Authorize application connection'), '$title' => t('Authorize application connection'),
'$info' => t('Return to your app and insert this Securty Code:'), '$info' => t('Return to your app and insert this Securty Code:'),
'$code' => $verifier, '$code' => $verifier,
)); ));
return $o; return $o;
} }
if(! local_user()) { if(! local_user()) {
//TODO: we need login form to redirect to this page //TODO: we need login form to redirect to this page
notice( t('Please login to continue.') . EOL ); notice( t('Please login to continue.') . EOL );
return login(false,$request->get_parameters()); return login(false,$request->get_parameters());
} }
//FKOAuth1::loginUser(4); //FKOAuth1::loginUser(4);
$app = oauth_get_client($request); $app = oauth_get_client($request);
if (is_null($app)) return "Invalid request. Unknown token."; if (is_null($app)) return "Invalid request. Unknown token.";
$tpl = get_markup_template('oauth_authorize.tpl'); $tpl = get_markup_template('oauth_authorize.tpl');
$o = replace_macros($tpl, array( $o = replace_macros($tpl, array(
'$title' => t('Authorize application connection'), '$title' => t('Authorize application connection'),
@ -105,15 +105,12 @@ function api_content(&$a) {
'$yes' => t('Yes'), '$yes' => t('Yes'),
'$no' => t('No'), '$no' => t('No'),
)); ));
//echo "<pre>"; var_dump($app); killme(); //echo "<pre>"; var_dump($app); killme();
return $o; return $o;
} }
echo api_call($a); echo api_call($a);
killme(); killme();
} }