You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

862 lines
25 KiB

7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
7 years ago
5 years ago
7 years ago
7 years ago
7 years ago
7 years ago
4 years ago
  1. <?php
  2. use Abraham\TwitterOAuth\TwitterOAuth;
  3. use IndieWeb\DateFormatter;
  4. function require_login(&$app, $redirect=true) {
  5. $params = $app->request()->params();
  6. if(array_key_exists('token', $params)) {
  7. try {
  8. $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
  9. $_SESSION['user_id'] = $data->user_id;
  10. $_SESSION['me'] = $data->me;
  11. } catch(DomainException $e) {
  12. if($redirect) {
  13. header('X-Error: DomainException');
  14. $app->redirect('/', 302);
  15. } else {
  16. return false;
  17. }
  18. } catch(UnexpectedValueException $e) {
  19. if($redirect) {
  20. header('X-Error: UnexpectedValueException');
  21. $app->redirect('/', 302);
  22. } else {
  23. return false;
  24. }
  25. }
  26. }
  27. if(!array_key_exists('user_id', $_SESSION)) {
  28. if($redirect)
  29. $app->redirect('/', 302);
  30. return false;
  31. } else {
  32. return ORM::for_table('users')->find_one($_SESSION['user_id']);
  33. }
  34. }
  35. function generate_login_token($opts=[]) {
  36. return JWT::encode(array_merge([
  37. 'user_id' => $_SESSION['user_id'],
  38. 'me' => $_SESSION['me'],
  39. 'created_at' => time()
  40. ], $opts), Config::$jwtSecret);
  41. }
  42. $app->get('/dashboard', function() use($app) {
  43. if($user=require_login($app)) {
  44. render('dashboard', array(
  45. 'title' => 'Dashboard',
  46. 'authorizing' => false
  47. ));
  48. }
  49. });
  50. $app->get('/new', function() use($app) {
  51. if($user=require_login($app)) {
  52. $params = $app->request()->params();
  53. $entry = false;
  54. $in_reply_to = '';
  55. if(array_key_exists('reply', $params))
  56. $in_reply_to = $params['reply'];
  57. $test_response = '';
  58. if($user->last_micropub_response) {
  59. try {
  60. if(@json_decode($user->last_micropub_response)) {
  61. $d = json_decode($user->last_micropub_response);
  62. $test_response = $d->response;
  63. }
  64. } catch(Exception $e) {
  65. }
  66. }
  67. render('new-post', array(
  68. 'title' => 'New Post',
  69. 'in_reply_to' => $in_reply_to,
  70. 'micropub_endpoint' => $user->micropub_endpoint,
  71. 'media_endpoint' => $user->micropub_media_endpoint,
  72. 'micropub_scope' => $user->micropub_scope,
  73. 'micropub_access_token' => $user->micropub_access_token,
  74. 'response_date' => $user->last_micropub_response_date,
  75. 'syndication_targets' => json_decode($user->syndication_targets, true),
  76. 'test_response' => $test_response,
  77. 'location_enabled' => $user->location_enabled,
  78. 'user' => $user,
  79. 'authorizing' => false
  80. ));
  81. }
  82. });
  83. $app->get('/bookmark', function() use($app) {
  84. if($user=require_login($app)) {
  85. $params = $app->request()->params();
  86. $url = '';
  87. $name = '';
  88. $content = '';
  89. $tags = '';
  90. if(array_key_exists('url', $params))
  91. $url = $params['url'];
  92. if(array_key_exists('name', $params))
  93. $name = $params['name'];
  94. if(array_key_exists('content', $params))
  95. $content = $params['content'];
  96. render('new-bookmark', array(
  97. 'title' => 'New Bookmark',
  98. 'bookmark_url' => $url,
  99. 'bookmark_name' => $name,
  100. 'bookmark_content' => $content,
  101. 'bookmark_tags' => $tags,
  102. 'token' => generate_login_token(),
  103. 'syndication_targets' => json_decode($user->syndication_targets, true),
  104. 'user' => $user,
  105. 'authorizing' => false
  106. ));
  107. }
  108. });
  109. $app->get('/favorite', function() use($app) {
  110. if($user=require_login($app)) {
  111. $params = $app->request()->params();
  112. $like_of = '';
  113. if(array_key_exists('url', $params))
  114. $like_of = $params['url'];
  115. // Check if there was a login token in the query string and whether it has autosubmit=true
  116. $autosubmit = false;
  117. if(array_key_exists('token', $params)) {
  118. try {
  119. $data = JWT::decode($params['token'], Config::$jwtSecret, ['HS256']);
  120. if(isset($data->autosubmit) && $data->autosubmit) {
  121. // Only allow this token to be used for the user who created it
  122. if($data->user_id == $_SESSION['user_id']) {
  123. $autosubmit = true;
  124. }
  125. }
  126. } catch(Exception $e) {
  127. }
  128. }
  129. if(array_key_exists('edit', $params)) {
  130. $edit_data = get_micropub_source($user, $params['edit'], 'like-of');
  131. $url = $params['edit'];
  132. if(isset($edit_data['like-of'])) {
  133. $like_of = $edit_data['like-of'][0];
  134. }
  135. } else {
  136. $edit_data = false;
  137. $url = false;
  138. }
  139. render('new-favorite', array(
  140. 'title' => 'New Favorite',
  141. 'like_of' => $like_of,
  142. 'token' => generate_login_token(['autosubmit'=>true]),
  143. 'authorizing' => false,
  144. 'autosubmit' => $autosubmit,
  145. 'url' => $url
  146. ));
  147. }
  148. });
  149. $app->get('/event', function() use($app) {
  150. if($user=require_login($app)) {
  151. $params = $app->request()->params();
  152. render('event', array(
  153. 'title' => 'Event',
  154. 'authorizing' => false
  155. ));
  156. }
  157. });
  158. $app->get('/itinerary', function() use($app) {
  159. if($user=require_login($app)) {
  160. $params = $app->request()->params();
  161. render('new-itinerary', array(
  162. 'title' => 'Itinerary',
  163. 'authorizing' => false
  164. ));
  165. }
  166. });
  167. $app->get('/flight', function() use($app) {
  168. if($user=require_login($app)) {
  169. $params = $app->request()->params();
  170. render('new-flight', array(
  171. 'title' => 'Flight',
  172. 'authorizing' => false
  173. ));
  174. }
  175. });
  176. $app->post('/flight', function() use($app) {
  177. if($user=require_login($app)) {
  178. $params = $app->request()->params();
  179. $location = false;
  180. if($params['action'] == 'find') {
  181. } elseif($params['action'] == 'checkin') {
  182. $payload = [
  183. 'type' => ['h-entry'],
  184. 'properties' => [
  185. 'checkin' => [
  186. [
  187. 'type' => ['h-card'],
  188. 'properties' => [
  189. 'name' => [$params['flight']],
  190. 'url' => ['http://flightaware.com/live/flight/'.$params['flight']],
  191. ]
  192. ]
  193. ]
  194. ]
  195. ];
  196. $r = micropub_post_for_user($user, $payload, null, true);
  197. $location = $r['location'];
  198. if($location) {
  199. // Store the checkin in the database to enable the cron job tracking the flight
  200. $flight = ORM::for_table('flights')->create();
  201. $flight->user_id = $_SESSION['user_id'];
  202. $flight->date_created = date('Y-m-d H:i:s');
  203. $flight->active = 1;
  204. $flight->url = $location;
  205. $flight->flight = $params['flight'];
  206. $flight->save();
  207. }
  208. }
  209. $app->response()['Content-type'] = 'application/json';
  210. $app->response()->body(json_encode(array(
  211. 'result' => 'ok',
  212. 'location' => $location
  213. )));
  214. }
  215. });
  216. $app->get('/flight/:id/:flightID/route.json', function($id, $flightID) use($app) {
  217. $route = false;
  218. $flight = ORM::for_table('flights')->where('id', $id)->find_one();
  219. if($flight) {
  220. $lastPosition = json_decode($flight->lastposition, true);
  221. if($lastPosition['InFlightInfoResult']['faFlightID'] == $flightID) {
  222. // {"type":"FeatureCollection","features":[{"type":"Feature","geometry":{"type":"Point","coordinates":[-122.638351,45.52217]},"properties":{"date":"2016-01-02T23:13:49Z","altitude":42.666666666667}}
  223. $route = [
  224. 'type' => 'FeatureCollection',
  225. 'features' => []
  226. ];
  227. $positions = json_decode($flight->positions, true);
  228. foreach($positions as $p) {
  229. $route['features'][] = [
  230. 'type' => 'Feature',
  231. 'geometry' => [
  232. 'type' => 'Point',
  233. 'coordinates' => [$p['lng'], $p['lat']]
  234. ],
  235. 'properties' => [
  236. 'date' => $p['date'],
  237. 'altitude' => $p['altitude'],
  238. 'heading' => $p['heading'],
  239. 'speed' => $p['speed']
  240. ]
  241. ];
  242. }
  243. }
  244. }
  245. $app->response()['Content-type'] = 'application/json';
  246. $app->response()->body(json_encode($route));
  247. });
  248. $app->get('/photo', function() use($app) {
  249. if($user=require_login($app)) {
  250. $params = $app->request()->params();
  251. render('photo', array(
  252. 'title' => 'New Photo',
  253. 'note_content' => '',
  254. 'authorizing' => false
  255. ));
  256. }
  257. });
  258. $app->get('/review', function() use($app) {
  259. if($user=require_login($app)) {
  260. $params = $app->request()->params();
  261. render('review', array(
  262. 'title' => 'Review',
  263. 'authorizing' => false
  264. ));
  265. }
  266. });
  267. $app->get('/repost', function() use($app) {
  268. if($user=require_login($app)) {
  269. $params = $app->request()->params();
  270. $repost_of = '';
  271. if(array_key_exists('url', $params))
  272. $repost_of = $params['url'];
  273. if(array_key_exists('edit', $params)) {
  274. $edit_data = get_micropub_source($user, $params['edit'], 'repost-of');
  275. $url = $params['edit'];
  276. if(isset($edit_data['repost-of'])) {
  277. $repost = $edit_data['repost-of'][0];
  278. if(is_string($edit_data['repost-of'][0])) {
  279. $repost_of = $repost;
  280. } elseif(is_array($repost)) {
  281. if(array_key_exists('type', $repost) && in_array('h-cite', $repost)) {
  282. if(array_key_exists('url', $repost['properties'])) {
  283. $repost_of = $repost['properties']['url'][0];
  284. }
  285. } else {
  286. // Error
  287. }
  288. } else {
  289. // Error: don't know what type of post this is
  290. }
  291. }
  292. } else {
  293. $edit_data = false;
  294. $url = false;
  295. }
  296. render('new-repost', array(
  297. 'title' => 'New Repost',
  298. 'repost_of' => $repost_of,
  299. 'token' => generate_login_token(),
  300. 'authorizing' => false,
  301. 'url' => $url,
  302. ));
  303. }
  304. });
  305. $app->post('/prefs', function() use($app) {
  306. if($user=require_login($app)) {
  307. $params = $app->request()->params();
  308. $user->location_enabled = $params['enabled'];
  309. $user->save();
  310. }
  311. $app->response()['Content-type'] = 'application/json';
  312. $app->response()->body(json_encode(array(
  313. 'result' => 'ok'
  314. )));
  315. });
  316. $app->post('/prefs/timezone', function() use($app) {
  317. // Called when the interface finds the user's location.
  318. // Look up the timezone for this location and store it as their default.
  319. $timezone = false;
  320. if($user=require_login($app)) {
  321. $params = $app->request()->params();
  322. $timezone = p3k\Timezone::timezone_for_location($params['latitude'], $params['longitude']);
  323. if($timezone) {
  324. $user->default_timezone = $timezone;
  325. $user->save();
  326. }
  327. }
  328. $app->response()['Content-type'] = 'application/json';
  329. $app->response()->body(json_encode(array(
  330. 'result' => 'ok',
  331. 'timezone' => $timezone,
  332. )));
  333. });
  334. $app->get('/add-to-home', function() use($app) {
  335. $params = $app->request()->params();
  336. header("Cache-Control: no-cache, must-revalidate");
  337. if(array_key_exists('token', $params) && !session('add-to-home-started')) {
  338. unset($_SESSION['add-to-home-started']);
  339. // Verify the token and sign the user in
  340. try {
  341. $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
  342. $_SESSION['user_id'] = $data->user_id;
  343. $_SESSION['me'] = $data->me;
  344. $app->redirect('/new', 302);
  345. } catch(DomainException $e) {
  346. header('X-Error: DomainException');
  347. $app->redirect('/', 302);
  348. } catch(UnexpectedValueException $e) {
  349. header('X-Error: UnexpectedValueException');
  350. $app->redirect('/', 302);
  351. }
  352. } else {
  353. if($user=require_login($app)) {
  354. if(array_key_exists('start', $params)) {
  355. $_SESSION['add-to-home-started'] = true;
  356. $token = JWT::encode(array(
  357. 'user_id' => $_SESSION['user_id'],
  358. 'me' => $_SESSION['me'],
  359. 'created_at' => time()
  360. ), Config::$jwtSecret);
  361. $app->redirect('/add-to-home?token='.$token, 302);
  362. } else {
  363. unset($_SESSION['add-to-home-started']);
  364. render('add-to-home', array('title' => 'Quill'));
  365. }
  366. }
  367. }
  368. });
  369. $app->get('/email', function() use($app) {
  370. if($user=require_login($app)) {
  371. $test_response = '';
  372. if($user->last_micropub_response) {
  373. try {
  374. if(@json_decode($user->last_micropub_response)) {
  375. $d = json_decode($user->last_micropub_response);
  376. $test_response = $d->response;
  377. }
  378. } catch(Exception $e) {
  379. }
  380. }
  381. if(!$user->email_username) {
  382. $host = parse_url($user->url, PHP_URL_HOST);
  383. $user->email_username = $host . '.' . rand(100000,999999);
  384. $user->save();
  385. }
  386. render('email', array(
  387. 'title' => 'Post-by-Email',
  388. 'micropub_endpoint' => $user->micropub_endpoint,
  389. 'test_response' => $test_response,
  390. 'user' => $user
  391. ));
  392. }
  393. });
  394. $app->get('/settings', function() use($app) {
  395. if($user=require_login($app)) {
  396. render('settings', [
  397. 'title' => 'Settings',
  398. 'user' => $user,
  399. 'authorizing' => false
  400. ]);
  401. }
  402. });
  403. $app->post('/settings/save', function() use($app) {
  404. if($user=require_login($app)) {
  405. $params = $app->request()->params();
  406. if(array_key_exists('html_content', $params))
  407. $user->micropub_optin_html_content = $params['html_content'] ? 1 : 0;
  408. if(array_key_exists('slug_field', $params) && $params['slug_field'])
  409. $user->micropub_slug_field = $params['slug_field'];
  410. if(array_key_exists('syndicate_field', $params) && $params['syndicate_field']) {
  411. if(in_array($params['syndicate_field'], ['syndicate-to','mp-syndicate-to']))
  412. $user->micropub_syndicate_field = $params['syndicate_field'];
  413. }
  414. $user->save();
  415. $app->response()['Content-type'] = 'application/json';
  416. $app->response()->body(json_encode(array(
  417. 'result' => 'ok'
  418. )));
  419. }
  420. });
  421. $app->post('/settings/html-content', function() use($app) {
  422. if($user=require_login($app)) {
  423. $params = $app->request()->params();
  424. $user->micropub_optin_html_content = $params['html'] ? 1 : 0;
  425. $user->save();
  426. $app->response()['Content-type'] = 'application/json';
  427. $app->response()->body(json_encode(array(
  428. 'html' => $user->micropub_optin_html_content
  429. )));
  430. }
  431. });
  432. $app->get('/settings/html-content', function() use($app) {
  433. if($user=require_login($app)) {
  434. $app->response()['Content-type'] = 'application/json';
  435. $app->response()->body(json_encode(array(
  436. 'html' => $user->micropub_optin_html_content
  437. )));
  438. }
  439. });
  440. $app->get('/view', function() use($app) {
  441. if($user=require_login($app)) {
  442. $params = $app->request()->params();
  443. $xray = new p3k\XRay();
  444. $result = $xray->parse($params['url']);
  445. if(isset($result['data']))
  446. $entry = $result['data'];
  447. else
  448. $entry = [];
  449. render('view-post', array(
  450. 'title' => 'View',
  451. 'entry' => $entry,
  452. 'authorizing' => false
  453. ));
  454. }
  455. });
  456. function create_favorite(&$user, $url) {
  457. $tweet_id = false;
  458. $twitter_syndication = false;
  459. // POSSE favorites to Twitter
  460. if($user->twitter_access_token && preg_match('/https?:\/\/(?:www\.)?twitter\.com\/[^\/]+\/status(?:es)?\/(\d+)/', $url, $match)) {
  461. $tweet_id = $match[1];
  462. $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret,
  463. $user->twitter_access_token, $user->twitter_token_secret);
  464. $result = $twitter->post('favorites/create', array(
  465. 'id' => $tweet_id
  466. ));
  467. if(property_exists($result, 'id_str')) {
  468. $twitter_syndication = 'https://twitter.com/'.$user->twitter_username.'/status/'.$result->id_str;
  469. }
  470. }
  471. $micropub_request = array(
  472. 'like-of' => $url
  473. );
  474. if($twitter_syndication) {
  475. $micropub_request['syndication'] = $twitter_syndication;
  476. }
  477. $r = micropub_post_for_user($user, $micropub_request);
  478. return $r;
  479. }
  480. function edit_favorite(&$user, $post_url, $like_of) {
  481. $micropub_request = [
  482. 'action' => 'update',
  483. 'url' => $post_url,
  484. 'replace' => [
  485. 'like-of' => [$like_of]
  486. ]
  487. ];
  488. $r = micropub_post_for_user($user, $micropub_request, null, true);
  489. return $r;
  490. }
  491. function create_repost(&$user, $url) {
  492. $tweet_id = false;
  493. $twitter_syndication = false;
  494. if($user->twitter_access_token && preg_match('/https?:\/\/(?:www\.)?twitter\.com\/[^\/]+\/status(?:es)?\/(\d+)/', $url, $match)) {
  495. $tweet_id = $match[1];
  496. $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret,
  497. $user->twitter_access_token, $user->twitter_token_secret);
  498. $result = $twitter->post('statuses/retweet/'.$tweet_id);
  499. if(property_exists($result, 'id_str')) {
  500. $twitter_syndication = 'https://twitter.com/'.$user->twitter_username.'/status/'.$result->id_str;
  501. }
  502. }
  503. $micropub_request = array(
  504. 'repost-of' => $url
  505. );
  506. if($twitter_syndication) {
  507. $micropub_request['syndication'] = $twitter_syndication;
  508. }
  509. $r = micropub_post_for_user($user, $micropub_request);
  510. return $r;
  511. }
  512. function edit_repost(&$user, $post_url, $repost_of) {
  513. $micropub_request = [
  514. 'action' => 'update',
  515. 'url' => $post_url,
  516. 'replace' => [
  517. 'repost-of' => [$repost_of]
  518. ]
  519. ];
  520. $r = micropub_post_for_user($user, $micropub_request, null, true);
  521. return $r;
  522. }
  523. $app->post('/favorite', function() use($app) {
  524. if($user=require_login($app)) {
  525. $params = $app->request()->params();
  526. $error = false;
  527. if(isset($params['edit']) && $params['edit']) {
  528. $r = edit_favorite($user, $params['edit'], $params['like_of']);
  529. if(isset($r['location']) && $r['location'])
  530. $location = $r['location'];
  531. elseif(in_array($r['code'], [200,201,204]))
  532. $location = $params['edit'];
  533. elseif(in_array($r['code'], [401,403])) {
  534. $location = false;
  535. $error = 'Your Micropub endpoint denied the request. Check that Quill is authorized to update posts.';
  536. } else {
  537. $location = false;
  538. $error = 'Your Micropub endpoint did not return a location header or a recognized response code';
  539. }
  540. } else {
  541. $r = create_favorite($user, $params['like_of']);
  542. $location = $r['location'];
  543. }
  544. $app->response()['Content-type'] = 'application/json';
  545. $app->response()->body(json_encode(array(
  546. 'location' => $location,
  547. 'error' => $r['error'],
  548. 'error_details' => $error,
  549. )));
  550. }
  551. });
  552. $app->post('/repost', function() use($app) {
  553. if($user=require_login($app)) {
  554. $params = $app->request()->params();
  555. $error = false;
  556. if(isset($params['edit']) && $params['edit']) {
  557. $r = edit_repost($user, $params['edit'], $params['repost_of']);
  558. if(isset($r['location']) && $r['location'])
  559. $location = $r['location'];
  560. elseif(in_array($r['code'], [200,201,204]))
  561. $location = $params['edit'];
  562. elseif(in_array($r['code'], [401,403])) {
  563. $location = false;
  564. $error = 'Your Micropub endpoint denied the request. Check that Quill is authorized to update posts.';
  565. } else {
  566. $location = false;
  567. $error = 'Your Micropub endpoint did not return a location header or a recognized response code';
  568. }
  569. } else {
  570. $r = create_repost($user, $params['repost_of']);
  571. $location = $r['location'];
  572. }
  573. $app->response()['Content-type'] = 'application/json';
  574. $app->response()->body(json_encode(array(
  575. 'location' => $location,
  576. 'error' => $r['error'],
  577. 'error_details' => $error,
  578. )));
  579. }
  580. });
  581. $app->get('/reply/preview', function() use($app) {
  582. if($user=require_login($app)) {
  583. $params = $app->request()->params();
  584. if(!isset($params['url']) || !$params['url']) {
  585. return '';
  586. }
  587. $reply_url = trim($params['url']);
  588. if(preg_match('/twtr\.io\/([0-9a-z]+)/i', $reply_url, $match)) {
  589. $twtr = 'https://twitter.com/_/status/' . sxg_to_num($match[1]);
  590. $ch = curl_init($twtr);
  591. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  592. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  593. curl_exec($ch);
  594. $expanded_url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
  595. if($expanded_url) $reply_url = $expanded_url;
  596. }
  597. $entry = false;
  598. $xray_opts = [];
  599. if(preg_match('/twitter\.com\/(?:[^\/]+)\/statuse?s?\/(.+)/', $reply_url, $match)) {
  600. if($user->twitter_access_token) {
  601. $xray_opts['twitter_api_key'] = Config::$twitterClientID;
  602. $xray_opts['twitter_api_secret'] = Config::$twitterClientSecret;
  603. $xray_opts['twitter_access_token'] = $user->twitter_access_token;
  604. $xray_opts['twitter_access_token_secret'] = $user->twitter_token_secret;
  605. }
  606. }
  607. // Pass to X-Ray to see if it can expand the entry
  608. $xray = new p3k\XRay();
  609. $xray->http = new p3k\HTTP('Quill ('.Config::$base_url.')');
  610. $data = $xray->parse($reply_url, $xray_opts);
  611. if($data && isset($data['data'])) {
  612. if($data['data']['type'] == 'entry') {
  613. $entry = $data['data'];
  614. } elseif($data['data']['type'] == 'event') {
  615. $entry = $data['data'];
  616. $content = '';
  617. if(isset($entry['start']) && isset($entry['end'])) {
  618. $formatted = DateFormatter::format($entry['start'], $entry['end'], false);
  619. if($formatted)
  620. $content .= $formatted;
  621. else {
  622. $start = new DateTime($entry['start']);
  623. $end = new DateTime($entry['end']);
  624. if($start && $end)
  625. $content .= 'from '.$start->format('Y-m-d g:ia').' to '.$end->format('Y-m-d g:ia');
  626. }
  627. } elseif(isset($entry['start'])) {
  628. $formatted = DateFormatter::format($entry['start'], false, false);
  629. if($formatted)
  630. $content .= $formatted;
  631. else {
  632. $start = new DateTime($entry['start']);
  633. if($start)
  634. $content .= $start->format('Y-m-d g:ia');
  635. }
  636. }
  637. $entry['content']['text'] = $content;
  638. }
  639. // Create a nickname based on the author URL
  640. if($entry && array_key_exists('author', $entry)) {
  641. if($entry['author']['url']) {
  642. if(!isset($entry['author']['nickname']) || !$entry['author']['nickname'])
  643. $entry['author']['nickname'] = display_url($entry['author']['url']);
  644. }
  645. }
  646. }
  647. $mentions = [];
  648. if($entry) {
  649. if(array_key_exists('author', $entry)) {
  650. // Find all @-names in the post, as well as the author name
  651. $mentions[] = strtolower($entry['author']['nickname']);
  652. }
  653. if(isset($entry['content']) && $entry['content'] && isset($entry['content']['text'])) {
  654. if(preg_match_all('/(^|(?<=[\s\/]))@([a-z0-9_]+([a-z0-9_\.]*)?)/i', $entry['content']['text'], $matches)) {
  655. foreach($matches[0] as $nick) {
  656. if(trim($nick,'@') != $user->twitter_username && trim($nick,'@') != display_url($user->url))
  657. $mentions[] = strtolower(trim($nick,'@'));
  658. }
  659. }
  660. }
  661. $mentions = array_values(array_unique($mentions));
  662. }
  663. $app->response()['Content-type'] = 'application/json';
  664. $app->response()->body(json_encode([
  665. 'canonical_reply_url' => $reply_url,
  666. 'entry' => $entry,
  667. 'mentions' => $mentions
  668. ]));
  669. }
  670. });
  671. $app->get('/edit', function() use($app) {
  672. if($user=require_login($app)) {
  673. $params = $app->request()->params();
  674. if(!isset($params['url']) || !$params['url']) {
  675. $app->response()->body('no URL specified');
  676. }
  677. // Query the micropub endpoint for the source properties
  678. $source = micropub_get($user->micropub_endpoint, [
  679. 'q' => 'source',
  680. 'url' => $params['url']
  681. ], $user->micropub_access_token);
  682. $data = $source['data'];
  683. if(array_key_exists('error', $data)) {
  684. render('edit/error', [
  685. 'title' => 'Error',
  686. 'summary' => 'Your Micropub endpoint returned an error:',
  687. 'error' => $data['error'],
  688. 'error_description' => $data['error_description']
  689. ]);
  690. return;
  691. }
  692. if(!array_key_exists('properties', $data) || !array_key_exists('type', $data)) {
  693. render('edit/error', [
  694. 'title' => 'Error',
  695. 'summary' => '',
  696. 'error' => 'Invalid Response',
  697. 'error_description' => 'Your endpoint did not return "properties" and "type" in the response.'
  698. ]);
  699. return;
  700. }
  701. // Start checking for content types
  702. $type = $data['type'][0];
  703. $error = false;
  704. $url = false;
  705. if($type == 'h-review') {
  706. $url = '/review';
  707. } elseif($type == 'h-event') {
  708. $url = '/event';
  709. } elseif($type != 'h-entry') {
  710. $error = 'This type of post is not supported by any of Quill\'s editing interfaces. Type: '.$type;
  711. } else {
  712. if(array_key_exists('bookmark-of', $data['properties'])) {
  713. $url = '/bookmark';
  714. } elseif(array_key_exists('like-of', $data['properties'])) {
  715. $url = '/favorite';
  716. } elseif(array_key_exists('repost-of', $data['properties'])) {
  717. $url = '/repost';
  718. }
  719. }
  720. if($error) {
  721. render('edit/error', [
  722. 'title' => 'Error',
  723. 'summary' => '',
  724. 'error' => 'There was a problem!',
  725. 'error_description' => $error
  726. ]);
  727. return;
  728. }
  729. // Until all interfaces are complete, show an error here for unsupported ones
  730. if(!in_array($url, ['/favorite','/repost'])) {
  731. render('edit/error', [
  732. 'title' => 'Not Yet Supported',
  733. 'summary' => '',
  734. 'error' => 'Not Yet Supported',
  735. 'error_description' => 'Editing is not yet supported for this type of post.'
  736. ]);
  737. return;
  738. }
  739. $app->redirect($url . '?edit=' . $params['url'], 302);
  740. }
  741. });