p3k
/
Quill
mirror of https://github.com/aaronpk/Quill.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
199 Commits
3 Branches
4.1 MiB
Tree: 5f89ca0552
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '5f89ca0552'
${ noResults }
Quill/controllers/controllers.php

521 lines
14 KiB
Raw Normal View History

Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
lock to JWT 2.* version
8 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
replace redirects with http 302
7 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
replace redirects with http 302
7 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
replace redirects with http 302
7 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
7 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
7 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
add dashboard with links to all post types
8 years ago
add tags, slug and status field to quill editor
7 years ago
add dashboard with links to all post types
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
add reply={url} query param for posting a note Support reply bookmarklets, and hopefully the Firefox Social API "Share" provider too.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
add reply={url} query param for posting a note Support reply bookmarklets, and hopefully the Firefox Social API "Share" provider too.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
add tags, slug and status field to quill editor
7 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
add reply={url} query param for posting a note Support reply bookmarklets, and hopefully the Firefox Social API "Share" provider too.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
support media endpoint, autosave notes in local storage * looks for a media endpoint in the micropub config * if media endpoint is available, both the note interface and the editor will upload files to it instead of posting the photo directly * the note interface autosaves in-progress notes in localstorage
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Adds support for querying your micropub endpoint to check for syndication targets. This changes the value of "in-reply-to" to use hyphens instead of underscore separators!! Also shows you the full request made to your micropub endpoint.
9 years ago
remember if the user checks the "location" checkbox and always find their location in the future if so
10 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
add tweet text length countdown on note interface
8 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
add tags, slug and status field to quill editor
7 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
use `mp-syndicate-to` by default, add setting * adds setting to choose the property to use for the syndication targets * all existing users default to the old value `syndicate-to` * new users default to `mp-syndicate-to` closes #66
7 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
7 years ago
limit autosubmit tokens to the same user
7 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
7 years ago
add tags, slug and status field to quill editor
7 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
7 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
crude UI for creating events
8 years ago
add tags, slug and status field to quill editor
7 years ago
crude UI for creating events
8 years ago
add interface for posting travel itinerary
8 years ago
add tags, slug and status field to quill editor
7 years ago
add interface for posting travel itinerary
8 years ago
Adds possibility to post photos. With this it is possible to post a photo note with a description, nothing more. It doesn't move the file in the file system, just posts it from the temp location to the users server. It also does validate for file size, content type and max upload size and shows the errors to the user. If everything goes according to plan the response from the users server is shown, together with a link with the posted photos URL.
8 years ago
add tags, slug and status field to quill editor
7 years ago
Adds possibility to post photos. With this it is possible to post a photo note with a description, nothing more. It doesn't move the file in the file system, just posts it from the temp location to the users server. It also does validate for file size, content type and max upload size and shows the errors to the user. If everything goes according to plan the response from the users server is shown, together with a link with the posted photos URL.
8 years ago
add h-review interface
7 years ago
add tags, slug and status field to quill editor
7 years ago
add h-review interface
7 years ago
add repost form
8 years ago
add tags, slug and status field to quill editor
7 years ago
add repost form
8 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
add repost form
8 years ago
remember if the user checks the "location" checkbox and always find their location in the future if so
10 years ago
send proper content type headers
8 years ago
remember if the user checks the "location" checkbox and always find their location in the future if so
10 years ago
store the user's timezone after their location is found
7 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
lock to JWT 2.* version
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
lock to JWT 2.* version
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
lock to JWT 2.* version
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
replace redirects with http 302
7 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
replace redirects with http 302
7 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
replace redirects with http 302
7 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
add interface for posting travel itinerary
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
replace redirects with http 302
7 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
add tags, slug and status field to quill editor
7 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
add post-by-email support to quill
8 years ago
add tags, slug and status field to quill editor
7 years ago
add post-by-email support to quill
8 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
add tags, slug and status field to quill editor
7 years ago
remove facebook/instagram stuff
7 years ago
add tags, slug and status field to quill editor
7 years ago
allow only mp-syndicate-to and syndicate-to
7 years ago
use `mp-syndicate-to` by default, add setting * adds setting to choose the property to use for the syndication targets * all existing users default to the old value `syndicate-to` * new users default to `mp-syndicate-to` closes #66
7 years ago
add tags, slug and status field to quill editor
7 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
add banner to opt in to html content change
8 years ago
send proper content type headers
8 years ago
add banner to opt in to html content change
8 years ago
send proper content type headers
8 years ago
add banner to opt in to html content change
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
remove facebook/instagram stuff
7 years ago
add repost form
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
add repost form
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
add repost form
8 years ago
actually post likes from the form
9 years ago
send proper content type headers
8 years ago
actually post likes from the form
9 years ago
add repost form
8 years ago
send proper content type headers
8 years ago
add repost form
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
reset reply context state when URL is removed
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
use XRay to parse tweets
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
use XRay to parse tweets
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
use XRay to parse tweets
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
fix check for author info
7 years ago
clean up mentions list
7 years ago
fix check for author info
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
clean up mentions list
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
clean up mentions list
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
 
  1. <?php
  2. use Abraham\TwitterOAuth\TwitterOAuth;
  3. 

  4. function require_login(&$app, $redirect=true) {
  5.   $params = $app->request()->params();
  6.   if(array_key_exists('token', $params)) {
  7.     try {
  8.       $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
  9.       $_SESSION['user_id'] = $data->user_id;
  10.       $_SESSION['me'] = $data->me;
  11.     } catch(DomainException $e) {
  12.       if($redirect) {
  13.         header('X-Error: DomainException');
  14.         $app->redirect('/', 302);
  15.       } else {
  16.         return false;
  17.       }
  18.     } catch(UnexpectedValueException $e) {
  19.       if($redirect) {
  20.         header('X-Error: UnexpectedValueException');
  21.         $app->redirect('/', 302);
  22.       } else {
  23.         return false;
  24.       }
  25.     }
  26.   }
  27. 

  28.   if(!array_key_exists('user_id', $_SESSION)) {
  29.     if($redirect)
  30.       $app->redirect('/', 302);
  31.     return false;
  32.   } else {
  33.     return ORM::for_table('users')->find_one($_SESSION['user_id']);
  34.   }
  35. }
  36. 

  37. function generate_login_token($opts=[]) {
  38.   return JWT::encode(array_merge([
  39.     'user_id' => $_SESSION['user_id'],
  40.     'me' => $_SESSION['me'],
  41.     'created_at' => time()
  42.   ], $opts), Config::$jwtSecret);
  43. }
  44. 

  45. $app->get('/dashboard', function() use($app) {
  46.   if($user=require_login($app)) {
  47.     render('dashboard', array(
  48.       'title' => 'Dashboard',
  49.       'authorizing' => false
  50.     ));
  51.   }
  52. });
  53. 

  54. $app->get('/new', function() use($app) {
  55.   if($user=require_login($app)) {
  56.     $params = $app->request()->params();
  57. 

  58.     $entry = false;
  59.     $in_reply_to = '';
  60. 

  61.     if(array_key_exists('reply', $params))
  62.        $in_reply_to = $params['reply'];
  63. 

  64.     $test_response = '';
  65.     if($user->last_micropub_response) {
  66.       try {
  67.         if(@json_decode($user->last_micropub_response)) {
  68.           $d = json_decode($user->last_micropub_response);
  69.           $test_response = $d->response;
  70.         }
  71.       } catch(Exception $e) {
  72.       }
  73.     }
  74. 

  75.     render('new-post', array(
  76.       'title' => 'New Post',
  77.       'in_reply_to' => $in_reply_to,
  78.       'micropub_endpoint' => $user->micropub_endpoint,
  79.       'media_endpoint' => $user->micropub_media_endpoint,
  80.       'micropub_scope' => $user->micropub_scope,
  81.       'micropub_access_token' => $user->micropub_access_token,
  82.       'response_date' => $user->last_micropub_response_date,
  83.       'syndication_targets' => json_decode($user->syndication_targets, true),
  84.       'test_response' => $test_response,
  85.       'location_enabled' => $user->location_enabled,
  86.       'user' => $user,
  87.       'authorizing' => false
  88.     ));
  89.   }
  90. });
  91. 

  92. $app->get('/bookmark', function() use($app) {
  93.   if($user=require_login($app)) {
  94.     $params = $app->request()->params();
  95. 

  96.     $url = '';
  97.     $name = '';
  98.     $content = '';
  99.     $tags = '';
  100. 

  101.     if(array_key_exists('url', $params))
  102.       $url = $params['url'];
  103. 

  104.     if(array_key_exists('name', $params))
  105.       $name = $params['name'];
  106. 

  107.     if(array_key_exists('content', $params))
  108.       $content = $params['content'];
  109. 

  110.     render('new-bookmark', array(
  111.       'title' => 'New Bookmark',
  112.       'bookmark_url' => $url,
  113.       'bookmark_name' => $name,
  114.       'bookmark_content' => $content,
  115.       'bookmark_tags' => $tags,
  116.       'token' => generate_login_token(),
  117.       'syndication_targets' => json_decode($user->syndication_targets, true),
  118.       'user' => $user,
  119.       'authorizing' => false
  120.     ));
  121.   }
  122. });
  123. 

  124. $app->get('/favorite', function() use($app) {
  125.   if($user=require_login($app)) {
  126.     $params = $app->request()->params();
  127. 

  128.     $url = '';
  129. 

  130.     if(array_key_exists('url', $params))
  131.       $url = $params['url'];
  132. 

  133.     // Check if there was a login token in the query string and whether it has autosubmit=true

  134.     $autosubmit = false;
  135. 

  136.     if(array_key_exists('token', $params)) {
  137.       try {
  138.         $data = JWT::decode($params['token'], Config::$jwtSecret, ['HS256']);
  139.         if(isset($data->autosubmit) && $data->autosubmit) {
  140.           // Only allow this token to be used for the user who created it

  141.           if($data->user_id == $_SESSION['user_id']) {
  142.             $autosubmit = true;
  143.           }
  144.         }
  145.       } catch(Exception $e) {
  146.       }
  147.     }
  148. 

  149.     render('new-favorite', array(
  150.       'title' => 'New Favorite',
  151.       'url' => $url,
  152.       'token' => generate_login_token(['autosubmit'=>true]),
  153.       'authorizing' => false,
  154.       'autosubmit' => $autosubmit
  155.     ));
  156.   }
  157. });
  158. 

  159. $app->get('/event', function() use($app) {
  160.   if($user=require_login($app)) {
  161.     $params = $app->request()->params();
  162. 

  163.     render('event', array(
  164.       'title' => 'Event',
  165.       'authorizing' => false
  166.     ));
  167.   }
  168. });
  169. 

  170. $app->get('/itinerary', function() use($app) {
  171.   if($user=require_login($app)) {
  172.     $params = $app->request()->params();
  173. 

  174.     render('new-itinerary', array(
  175.       'title' => 'Itinerary',
  176.       'authorizing' => false
  177.     ));
  178.   }
  179. });
  180. 

  181. $app->get('/photo', function() use($app) {
  182.   if($user=require_login($app)) {
  183.     $params = $app->request()->params();
  184. 

  185.     render('photo', array(
  186.       'title' => 'New Photo',
  187.       'note_content' => '',
  188.       'authorizing' => false
  189.     ));
  190.   }
  191. });
  192. 

  193. $app->get('/review', function() use($app) {
  194.   if($user=require_login($app)) {
  195.     $params = $app->request()->params();
  196. 

  197.     render('review', array(
  198.       'title' => 'Review',
  199.       'authorizing' => false
  200.     ));
  201.   }
  202. });
  203. 

  204. $app->get('/repost', function() use($app) {
  205.   if($user=require_login($app)) {
  206.     $params = $app->request()->params();
  207. 

  208.     $url = '';
  209. 

  210.     if(array_key_exists('url', $params))
  211.       $url = $params['url'];
  212. 

  213.     render('new-repost', array(
  214.       'title' => 'New Repost',
  215.       'url' => $url,
  216.       'token' => generate_login_token(),
  217.       'authorizing' => false
  218.     ));
  219.   }
  220. });
  221. 

  222. $app->post('/prefs', function() use($app) {
  223.   if($user=require_login($app)) {
  224.     $params = $app->request()->params();
  225.     $user->location_enabled = $params['enabled'];
  226.     $user->save();
  227.   }
  228.   $app->response()['Content-type'] = 'application/json';
  229.   $app->response()->body(json_encode(array(
  230.     'result' => 'ok'
  231.   )));
  232. });
  233. 

  234. $app->post('/prefs/timezone', function() use($app) {
  235.   // Called when the interface finds the user's location.

  236.   // Look up the timezone for this location and store it as their default.

  237.   $timezone = false;
  238.   if($user=require_login($app)) {
  239.     $params = $app->request()->params();
  240.     $timezone = p3k\Timezone::timezone_for_location($params['latitude'], $params['longitude']);
  241.     if($timezone) {
  242.       $user->default_timezone = $timezone;
  243.       $user->save();
  244.     }
  245.   }
  246.   $app->response()['Content-type'] = 'application/json';
  247.   $app->response()->body(json_encode(array(
  248.     'result' => 'ok',
  249.     'timezone' => $timezone,
  250.   )));
  251. });
  252. 

  253. $app->get('/add-to-home', function() use($app) {
  254.   $params = $app->request()->params();
  255.   header("Cache-Control: no-cache, must-revalidate");
  256. 

  257.   if(array_key_exists('token', $params) && !session('add-to-home-started')) {
  258.     unset($_SESSION['add-to-home-started']);
  259. 

  260.     // Verify the token and sign the user in

  261.     try {
  262.       $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
  263.       $_SESSION['user_id'] = $data->user_id;
  264.       $_SESSION['me'] = $data->me;
  265.       $app->redirect('/new', 302);
  266.     } catch(DomainException $e) {
  267.       header('X-Error: DomainException');
  268.       $app->redirect('/', 302);
  269.     } catch(UnexpectedValueException $e) {
  270.       header('X-Error: UnexpectedValueException');
  271.       $app->redirect('/', 302);
  272.     }
  273. 

  274.   } else {
  275. 

  276.     if($user=require_login($app)) {
  277.       if(array_key_exists('start', $params)) {
  278.         $_SESSION['add-to-home-started'] = true;
  279. 

  280.         $token = JWT::encode(array(
  281.           'user_id' => $_SESSION['user_id'],
  282.           'me' => $_SESSION['me'],
  283.           'created_at' => time()
  284.         ), Config::$jwtSecret);
  285. 

  286.         $app->redirect('/add-to-home?token='.$token, 302);
  287.       } else {
  288.         unset($_SESSION['add-to-home-started']);
  289.         render('add-to-home', array('title' => 'Quill'));
  290.       }
  291.     }
  292.   }
  293. });
  294. 

  295. $app->get('/email', function() use($app) {
  296.   if($user=require_login($app)) {
  297. 

  298.     $test_response = '';
  299.     if($user->last_micropub_response) {
  300.       try {
  301.         if(@json_decode($user->last_micropub_response)) {
  302.           $d = json_decode($user->last_micropub_response);
  303.           $test_response = $d->response;
  304.         }
  305.       } catch(Exception $e) {
  306.       }
  307.     }
  308. 

  309.     if(!$user->email_username) {
  310.       $host = parse_url($user->url, PHP_URL_HOST);
  311.       $user->email_username = $host . '.' . rand(100000,999999);
  312.       $user->save();
  313.     }
  314. 

  315.     render('email', array(
  316.       'title' => 'Post-by-Email',
  317.       'micropub_endpoint' => $user->micropub_endpoint,
  318.       'test_response' => $test_response,
  319.       'user' => $user
  320.     ));
  321.   }
  322. });
  323. 

  324. $app->get('/settings', function() use($app) {
  325.   if($user=require_login($app)) {
  326.     render('settings', [
  327.       'title' => 'Settings',
  328.       'user' => $user,
  329.       'authorizing' => false
  330.     ]);
  331.   }
  332. });
  333. 

  334. $app->post('/settings/save', function() use($app) {
  335.   if($user=require_login($app)) {
  336.     $params = $app->request()->params();
  337. 

  338.     if(array_key_exists('html_content', $params))
  339.       $user->micropub_optin_html_content = $params['html_content'] ? 1 : 0;
  340. 

  341.     if(array_key_exists('slug_field', $params) && $params['slug_field'])
  342.       $user->micropub_slug_field = $params['slug_field'];
  343. 

  344.     if(array_key_exists('syndicate_field', $params) && $params['syndicate_field']) {
  345.       if(in_array($params['syndicate_field'], ['syndicate-to','mp-syndicate-to']))
  346.         $user->micropub_syndicate_field = $params['syndicate_field'];
  347.     }
  348. 

  349.     $user->save();
  350.     $app->response()['Content-type'] = 'application/json';
  351.     $app->response()->body(json_encode(array(
  352.       'result' => 'ok'
  353.     )));
  354.   }
  355. });
  356. 

  357. $app->post('/settings/html-content', function() use($app) {
  358.   if($user=require_login($app)) {
  359.     $params = $app->request()->params();
  360.     $user->micropub_optin_html_content = $params['html'] ? 1 : 0;
  361.     $user->save();
  362.     $app->response()['Content-type'] = 'application/json';
  363.     $app->response()->body(json_encode(array(
  364.       'html' => $user->micropub_optin_html_content
  365.     )));
  366.   }
  367. });
  368. $app->get('/settings/html-content', function() use($app) {
  369.   if($user=require_login($app)) {
  370.     $app->response()['Content-type'] = 'application/json';
  371.     $app->response()->body(json_encode(array(
  372.       'html' => $user->micropub_optin_html_content
  373.     )));
  374.   }
  375. });
  376. 

  377. function create_favorite(&$user, $url) {
  378.   $micropub_request = array(
  379.     'like-of' => $url
  380.   );
  381.   $r = micropub_post_for_user($user, $micropub_request);
  382. 

  383.   $tweet_id = false;
  384. 

  385.   // POSSE favorites to Twitter

  386.   if($user->twitter_access_token && preg_match('/https?:\/\/(?:www\.)?twitter\.com\/[^\/]+\/status(?:es)?\/(\d+)/', $url, $match)) {
  387.     $tweet_id = $match[1];
  388.     $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret,
  389.       $user->twitter_access_token, $user->twitter_token_secret);
  390.     $result = $twitter->post('favorites/create', array(
  391.       'id' => $tweet_id
  392.     ));
  393.   }
  394. 

  395.   return $r;
  396. }
  397. 

  398. function create_repost(&$user, $url) {
  399.   $micropub_request = array(
  400.     'repost-of' => $url
  401.   );
  402.   $r = micropub_post_for_user($user, $micropub_request);
  403. 

  404.   $tweet_id = false;
  405. 

  406.   if($user->twitter_access_token && preg_match('/https?:\/\/(?:www\.)?twitter\.com\/[^\/]+\/status(?:es)?\/(\d+)/', $url, $match)) {
  407.     $tweet_id = $match[1];
  408.     $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret,
  409.       $user->twitter_access_token, $user->twitter_token_secret);
  410.     $result = $twitter->post('statuses/retweet/'.$tweet_id);
  411.   }
  412. 

  413.   return $r;
  414. }
  415. 

  416. $app->post('/favorite', function() use($app) {
  417.   if($user=require_login($app)) {
  418.     $params = $app->request()->params();
  419. 

  420.     $r = create_favorite($user, $params['url']);
  421. 

  422.     $app->response()['Content-type'] = 'application/json';
  423.     $app->response()->body(json_encode(array(
  424.       'location' => $r['location'],
  425.       'error' => $r['error']
  426.     )));
  427.   }
  428. });
  429. 

  430. $app->post('/repost', function() use($app) {
  431.   if($user=require_login($app)) {
  432.     $params = $app->request()->params();
  433. 

  434.     $r = create_repost($user, $params['url']);
  435. 

  436.     $app->response()['Content-type'] = 'application/json';
  437.     $app->response()->body(json_encode(array(
  438.       'location' => $r['location'],
  439.       'error' => $r['error']
  440.     )));
  441.   }
  442. });
  443. 

  444. $app->get('/reply/preview', function() use($app) {
  445.   if($user=require_login($app)) {
  446.     $params = $app->request()->params();
  447. 

  448.     if(!isset($params['url']) || !$params['url']) {
  449.       return '';
  450.     }
  451. 

  452.     $reply_url = trim($params['url']);
  453. 

  454.     if(preg_match('/twtr\.io\/([0-9a-z]+)/i', $reply_url, $match)) {
  455.       $twtr = 'https://twitter.com/_/status/' . sxg_to_num($match[1]);
  456.       $ch = curl_init($twtr);
  457.       curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  458.       curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  459.       curl_exec($ch);
  460.       $expanded_url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
  461.       if($expanded_url) $reply_url = $expanded_url;
  462.     }
  463. 

  464.     $entry = false;
  465. 

  466.     $xray = [
  467.       'url' => $reply_url
  468.     ];
  469. 

  470.     if(preg_match('/twitter\.com\/(?:[^\/]+)\/statuse?s?\/(.+)/', $reply_url, $match)) {
  471.       if($user->twitter_access_token) {
  472.         $xray['twitter_api_key'] = Config::$twitterClientID;
  473.         $xray['twitter_api_secret'] = Config::$twitterClientSecret;
  474.         $xray['twitter_access_token'] = $user->twitter_access_token;
  475.         $xray['twitter_access_token_secret'] = $user->twitter_token_secret;
  476.       }
  477.     }
  478. 

  479.     // Pass to X-Ray to see if it can expand the entry

  480.     $ch = curl_init('https://xray.p3k.io/parse');
  481.     curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  482.     curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($xray));
  483.     $response = curl_exec($ch);
  484.     $data = @json_decode($response, true);
  485.     if($data && isset($data['data']) && $data['data']['type'] == 'entry') {
  486.       $entry = $data['data'];
  487.       // Create a nickname based on the author URL

  488.       if(array_key_exists('author', $entry)) {
  489.         if($entry['author']['url']) {
  490.           if(!isset($entry['author']['nickname']) || !$entry['author']['nickname'])
  491.             $entry['author']['nickname'] = display_url($entry['author']['url']);
  492.         }
  493.       }
  494.     }
  495. 

  496.     $mentions = [];
  497.     if($entry) {
  498.       if(array_key_exists('author', $entry)) {
  499.         // Find all @-names in the post, as well as the author name

  500.         $mentions[] = strtolower($entry['author']['nickname']);
  501.       }
  502. 

  503.       if(preg_match_all('/(^|(?<=[\s\/]))@([a-z0-9_]+([a-z0-9_\.]*)?)/i', $entry['content']['text'], $matches)) {
  504.         foreach($matches[0] as $nick) {
  505.           if(trim($nick,'@') != $user->twitter_username && trim($nick,'@') != display_url($user->url))
  506.             $mentions[] = strtolower(trim($nick,'@'));
  507.         }
  508.       }
  509. 

  510.       $mentions = array_values(array_unique($mentions));
  511. 

  512.     }    
  513. 

  514.     $app->response()['Content-type'] = 'application/json';
  515.     $app->response()->body(json_encode([
  516.       'canonical_reply_url' => $reply_url,
  517.       'entry' => $entry,
  518.       'mentions' => $mentions
  519.     ]));
  520.   }
  521. });