p3k
/
Quill
mirror of https://github.com/aaronpk/Quill.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
219 Commits
3 Branches
4.1 MiB
Tree: b1b4aaa4d0
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b1b4aaa4d0'
${ noResults }
Quill/controllers/controllers.php

831 lines
24 KiB
Raw Normal View History

Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
show RSVP field when replying to events closes #71
7 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
lock to JWT 2.* version
8 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
replace redirects with http 302
7 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
replace redirects with http 302
7 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
replace redirects with http 302
7 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
7 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
7 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
add dashboard with links to all post types
8 years ago
add tags, slug and status field to quill editor
7 years ago
add dashboard with links to all post types
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
add reply={url} query param for posting a note Support reply bookmarklets, and hopefully the Firefox Social API "Share" provider too.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
add reply={url} query param for posting a note Support reply bookmarklets, and hopefully the Firefox Social API "Share" provider too.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
add tags, slug and status field to quill editor
7 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
add reply={url} query param for posting a note Support reply bookmarklets, and hopefully the Firefox Social API "Share" provider too.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
support media endpoint, autosave notes in local storage * looks for a media endpoint in the micropub config * if media endpoint is available, both the note interface and the editor will upload files to it instead of posting the photo directly * the note interface autosaves in-progress notes in localstorage
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Adds support for querying your micropub endpoint to check for syndication targets. This changes the value of "in-reply-to" to use hyphens instead of underscore separators!! Also shows you the full request made to your micropub endpoint.
9 years ago
remember if the user checks the "location" checkbox and always find their location in the future if so
10 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
add tweet text length countdown on note interface
8 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
add tags, slug and status field to quill editor
7 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
use `mp-syndicate-to` by default, add setting * adds setting to choose the property to use for the syndication targets * all existing users default to the old value `syndicate-to` * new users default to `mp-syndicate-to` closes #66
7 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
7 years ago
limit autosubmit tokens to the same user
7 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
7 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
add tags, slug and status field to quill editor
7 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
7 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
crude UI for creating events
8 years ago
add tags, slug and status field to quill editor
7 years ago
crude UI for creating events
8 years ago
add interface for posting travel itinerary
8 years ago
add tags, slug and status field to quill editor
7 years ago
add interface for posting travel itinerary
8 years ago
add interface for checking in to flights let's give this a shot
7 years ago
Adds possibility to post photos. With this it is possible to post a photo note with a description, nothing more. It doesn't move the file in the file system, just posts it from the temp location to the users server. It also does validate for file size, content type and max upload size and shows the errors to the user. If everything goes according to plan the response from the users server is shown, together with a link with the posted photos URL.
8 years ago
add tags, slug and status field to quill editor
7 years ago
Adds possibility to post photos. With this it is possible to post a photo note with a description, nothing more. It doesn't move the file in the file system, just posts it from the temp location to the users server. It also does validate for file size, content type and max upload size and shows the errors to the user. If everything goes according to plan the response from the users server is shown, together with a link with the posted photos URL.
8 years ago
add h-review interface
7 years ago
add tags, slug and status field to quill editor
7 years ago
add h-review interface
7 years ago
add repost form
9 years ago
support editing reposts
7 years ago
add repost form
9 years ago
support editing reposts
7 years ago
also support finding the repost URL from an h-cite
7 years ago
support editing reposts
7 years ago
add repost form
9 years ago
add tags, slug and status field to quill editor
7 years ago
add repost form
9 years ago
support editing reposts
7 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
support editing reposts
7 years ago
add repost form
9 years ago
remember if the user checks the "location" checkbox and always find their location in the future if so
10 years ago
send proper content type headers
8 years ago
remember if the user checks the "location" checkbox and always find their location in the future if so
10 years ago
store the user's timezone after their location is found
7 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
lock to JWT 2.* version
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
lock to JWT 2.* version
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
lock to JWT 2.* version
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
replace redirects with http 302
7 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
replace redirects with http 302
7 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
replace redirects with http 302
7 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
add interface for posting travel itinerary
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
replace redirects with http 302
7 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
add tags, slug and status field to quill editor
7 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
add post-by-email support to quill
8 years ago
add tags, slug and status field to quill editor
7 years ago
add post-by-email support to quill
8 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
add tags, slug and status field to quill editor
7 years ago
remove facebook/instagram stuff
7 years ago
add tags, slug and status field to quill editor
7 years ago
allow only mp-syndicate-to and syndicate-to
7 years ago
use `mp-syndicate-to` by default, add setting * adds setting to choose the property to use for the syndication targets * all existing users default to the old value `syndicate-to` * new users default to `mp-syndicate-to` closes #66
7 years ago
add tags, slug and status field to quill editor
7 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
add banner to opt in to html content change
8 years ago
send proper content type headers
8 years ago
add banner to opt in to html content change
8 years ago
send proper content type headers
8 years ago
add banner to opt in to html content change
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
remove facebook/instagram stuff
7 years ago
add repost form
9 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
quill should send an array when editing
7 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
add repost form
9 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
add repost form
9 years ago
support editing reposts
7 years ago
actually post likes from the form
9 years ago
show error messages when editing favorites
7 years ago
fixy
7 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
show error messages when editing favorites
7 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
show error messages when editing favorites
7 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
actually post likes from the form
9 years ago
send proper content type headers
8 years ago
actually post likes from the form
9 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
show error messages when editing favorites
7 years ago
actually post likes from the form
9 years ago
add repost form
9 years ago
support editing reposts
7 years ago
add repost form
9 years ago
send proper content type headers
8 years ago
add repost form
9 years ago
support editing reposts
7 years ago
add repost form
9 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
reset reply context state when URL is removed
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
use XRay to parse tweets
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
use XRay to parse tweets
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
use XRay to parse tweets
7 years ago
show RSVP field when replying to events closes #71
7 years ago
use XRay to parse tweets
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
fix check for author info
7 years ago
clean up mentions list
7 years ago
fix check for author info
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
show RSVP field when replying to events closes #71
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
clean up mentions list
7 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
7 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
support editing reposts
7 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
7 years ago
 
  1. <?php
  2. use Abraham\TwitterOAuth\TwitterOAuth;
  3. use IndieWeb\DateFormatter;
  4. 

  5. function require_login(&$app, $redirect=true) {
  6.   $params = $app->request()->params();
  7.   if(array_key_exists('token', $params)) {
  8.     try {
  9.       $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
  10.       $_SESSION['user_id'] = $data->user_id;
  11.       $_SESSION['me'] = $data->me;
  12.     } catch(DomainException $e) {
  13.       if($redirect) {
  14.         header('X-Error: DomainException');
  15.         $app->redirect('/', 302);
  16.       } else {
  17.         return false;
  18.       }
  19.     } catch(UnexpectedValueException $e) {
  20.       if($redirect) {
  21.         header('X-Error: UnexpectedValueException');
  22.         $app->redirect('/', 302);
  23.       } else {
  24.         return false;
  25.       }
  26.     }
  27.   }
  28. 

  29.   if(!array_key_exists('user_id', $_SESSION)) {
  30.     if($redirect)
  31.       $app->redirect('/', 302);
  32.     return false;
  33.   } else {
  34.     return ORM::for_table('users')->find_one($_SESSION['user_id']);
  35.   }
  36. }
  37. 

  38. function generate_login_token($opts=[]) {
  39.   return JWT::encode(array_merge([
  40.     'user_id' => $_SESSION['user_id'],
  41.     'me' => $_SESSION['me'],
  42.     'created_at' => time()
  43.   ], $opts), Config::$jwtSecret);
  44. }
  45. 

  46. $app->get('/dashboard', function() use($app) {
  47.   if($user=require_login($app)) {
  48.     render('dashboard', array(
  49.       'title' => 'Dashboard',
  50.       'authorizing' => false
  51.     ));
  52.   }
  53. });
  54. 

  55. $app->get('/new', function() use($app) {
  56.   if($user=require_login($app)) {
  57.     $params = $app->request()->params();
  58. 

  59.     $entry = false;
  60.     $in_reply_to = '';
  61. 

  62.     if(array_key_exists('reply', $params))
  63.        $in_reply_to = $params['reply'];
  64. 

  65.     $test_response = '';
  66.     if($user->last_micropub_response) {
  67.       try {
  68.         if(@json_decode($user->last_micropub_response)) {
  69.           $d = json_decode($user->last_micropub_response);
  70.           $test_response = $d->response;
  71.         }
  72.       } catch(Exception $e) {
  73.       }
  74.     }
  75. 

  76.     render('new-post', array(
  77.       'title' => 'New Post',
  78.       'in_reply_to' => $in_reply_to,
  79.       'micropub_endpoint' => $user->micropub_endpoint,
  80.       'media_endpoint' => $user->micropub_media_endpoint,
  81.       'micropub_scope' => $user->micropub_scope,
  82.       'micropub_access_token' => $user->micropub_access_token,
  83.       'response_date' => $user->last_micropub_response_date,
  84.       'syndication_targets' => json_decode($user->syndication_targets, true),
  85.       'test_response' => $test_response,
  86.       'location_enabled' => $user->location_enabled,
  87.       'user' => $user,
  88.       'authorizing' => false
  89.     ));
  90.   }
  91. });
  92. 

  93. $app->get('/bookmark', function() use($app) {
  94.   if($user=require_login($app)) {
  95.     $params = $app->request()->params();
  96. 

  97.     $url = '';
  98.     $name = '';
  99.     $content = '';
  100.     $tags = '';
  101. 

  102.     if(array_key_exists('url', $params))
  103.       $url = $params['url'];
  104. 

  105.     if(array_key_exists('name', $params))
  106.       $name = $params['name'];
  107. 

  108.     if(array_key_exists('content', $params))
  109.       $content = $params['content'];
  110. 

  111.     render('new-bookmark', array(
  112.       'title' => 'New Bookmark',
  113.       'bookmark_url' => $url,
  114.       'bookmark_name' => $name,
  115.       'bookmark_content' => $content,
  116.       'bookmark_tags' => $tags,
  117.       'token' => generate_login_token(),
  118.       'syndication_targets' => json_decode($user->syndication_targets, true),
  119.       'user' => $user,
  120.       'authorizing' => false
  121.     ));
  122.   }
  123. });
  124. 

  125. $app->get('/favorite', function() use($app) {
  126.   if($user=require_login($app)) {
  127.     $params = $app->request()->params();
  128. 

  129.     $like_of = '';
  130. 

  131.     if(array_key_exists('url', $params))
  132.       $like_of = $params['url'];
  133. 

  134.     // Check if there was a login token in the query string and whether it has autosubmit=true

  135.     $autosubmit = false;
  136. 

  137.     if(array_key_exists('token', $params)) {
  138.       try {
  139.         $data = JWT::decode($params['token'], Config::$jwtSecret, ['HS256']);
  140.         if(isset($data->autosubmit) && $data->autosubmit) {
  141.           // Only allow this token to be used for the user who created it

  142.           if($data->user_id == $_SESSION['user_id']) {
  143.             $autosubmit = true;
  144.           }
  145.         }
  146.       } catch(Exception $e) {
  147.       }
  148.     }
  149. 

  150.     if(array_key_exists('edit', $params)) {
  151.       $edit_data = get_micropub_source($user, $params['edit'], 'like-of');
  152.       $url = $params['edit'];
  153.       if(isset($edit_data['like-of'])) {
  154.         $like_of = $edit_data['like-of'][0];
  155.       }
  156.     } else {
  157.       $edit_data = false;
  158.       $url = false;
  159.     }
  160. 

  161.     render('new-favorite', array(
  162.       'title' => 'New Favorite',
  163.       'like_of' => $like_of,
  164.       'token' => generate_login_token(['autosubmit'=>true]),
  165.       'authorizing' => false,
  166.       'autosubmit' => $autosubmit,
  167.       'url' => $url
  168.     ));
  169.   }
  170. });
  171. 

  172. $app->get('/event', function() use($app) {
  173.   if($user=require_login($app)) {
  174.     $params = $app->request()->params();
  175. 

  176.     render('event', array(
  177.       'title' => 'Event',
  178.       'authorizing' => false
  179.     ));
  180.   }
  181. });
  182. 

  183. $app->get('/itinerary', function() use($app) {
  184.   if($user=require_login($app)) {
  185.     $params = $app->request()->params();
  186. 

  187.     render('new-itinerary', array(
  188.       'title' => 'Itinerary',
  189.       'authorizing' => false
  190.     ));
  191.   }
  192. });
  193. 

  194. $app->get('/flight', function() use($app) {
  195.   if($user=require_login($app)) {
  196.     $params = $app->request()->params();
  197. 

  198.     render('new-flight', array(
  199.       'title' => 'Flight',
  200.       'authorizing' => false
  201.     ));
  202.   }
  203. });
  204. 

  205. $app->post('/flight', function() use($app) {
  206.   if($user=require_login($app)) {
  207.     $params = $app->request()->params();
  208. 

  209.     $location = false;
  210. 

  211.     if($params['action'] == 'find') {
  212. 

  213.     } elseif($params['action'] == 'checkin') {
  214. 

  215.       $payload = [
  216.         'type' => ['h-entry'],
  217.         'properties' => [
  218.           'checkin' => [
  219.             [
  220.               'type' => ['h-card'],
  221.               'properties' => [
  222.                 'name' => [$params['flight']],
  223.                 'url' => ['http://flightaware.com/live/flight/'.$params['flight']],
  224.               ]
  225.             ]
  226.           ]
  227.         ]
  228.       ];
  229. 

  230.       $r = micropub_post_for_user($user, $payload, null, true);
  231. 

  232.       $location = $r['location'];
  233. 

  234.       if($location) {
  235.         // Store the checkin in the database to enable the cron job tracking the flight

  236.         $flight = ORM::for_table('flights')->create();
  237.         $flight->user_id = $_SESSION['user_id'];
  238.         $flight->date_created = date('Y-m-d H:i:s');
  239.         $flight->active = 1;
  240.         $flight->url = $location;
  241.         $flight->flight = $params['flight'];
  242.         $flight->save();
  243.       }
  244.     }
  245. 

  246.     $app->response()['Content-type'] = 'application/json';
  247.     $app->response()->body(json_encode(array(
  248.       'result' => 'ok',
  249.       'location' => $location
  250.     )));
  251.   }
  252. });
  253. 

  254. $app->get('/flight/:id/:flightID/route.json', function($id, $flightID) use($app) {
  255.   $route = false;
  256. 

  257.   $flight = ORM::for_table('flights')->where('id', $id)->find_one();
  258.   if($flight) {
  259.     $lastPosition = json_decode($flight->lastposition, true);
  260.     if($lastPosition['InFlightInfoResult']['faFlightID'] == $flightID) {
  261. 

  262.       // {"type":"FeatureCollection","features":[{"type":"Feature","geometry":{"type":"Point","coordinates":[-122.638351,45.52217]},"properties":{"date":"2016-01-02T23:13:49Z","altitude":42.666666666667}}

  263. 

  264.       $route = [
  265.         'type' => 'FeatureCollection',
  266.         'features' => []
  267.       ];
  268. 

  269.       $positions = json_decode($flight->positions, true);
  270.       foreach($positions as $p) {
  271.         $route['features'][] = [
  272.           'type' => 'Feature',
  273.           'geometry' => [
  274.             'type' => 'Point',
  275.             'coordinates' => [$p['lng'], $p['lat']]
  276.           ],
  277.           'properties' => [
  278.             'date' => $p['date'],
  279.             'altitude' => $p['altitude'],
  280.             'heading' => $p['heading'],
  281.             'speed' => $p['speed']
  282.           ]
  283.         ];
  284.       }
  285. 

  286.     }
  287.   }
  288. 

  289.   $app->response()['Content-type'] = 'application/json';
  290.   $app->response()->body(json_encode($route));
  291. });
  292. 

  293. $app->get('/photo', function() use($app) {
  294.   if($user=require_login($app)) {
  295.     $params = $app->request()->params();
  296. 

  297.     render('photo', array(
  298.       'title' => 'New Photo',
  299.       'note_content' => '',
  300.       'authorizing' => false
  301.     ));
  302.   }
  303. });
  304. 

  305. $app->get('/review', function() use($app) {
  306.   if($user=require_login($app)) {
  307.     $params = $app->request()->params();
  308. 

  309.     render('review', array(
  310.       'title' => 'Review',
  311.       'authorizing' => false
  312.     ));
  313.   }
  314. });
  315. 

  316. $app->get('/repost', function() use($app) {
  317.   if($user=require_login($app)) {
  318.     $params = $app->request()->params();
  319. 

  320.     $repost_of = '';
  321. 

  322.     if(array_key_exists('url', $params))
  323.       $repost_of = $params['url'];
  324. 

  325.     if(array_key_exists('edit', $params)) {
  326.       $edit_data = get_micropub_source($user, $params['edit'], 'repost-of');
  327.       $url = $params['edit'];
  328.       if(isset($edit_data['repost-of'])) {
  329.         $repost = $edit_data['repost-of'][0];
  330.         if(is_string($edit_data['repost-of'][0])) {
  331.           $repost_of = $repost;
  332.         } elseif(is_array($repost)) {
  333.           if(array_key_exists('type', $repost) && in_array('h-cite', $repost)) {
  334.             if(array_key_exists('url', $repost['properties'])) {
  335.               $repost_of = $repost['properties']['url'][0];
  336.             }
  337.           } else {
  338.             // Error

  339.           }
  340.         } else {
  341.           // Error: don't know what type of post this is

  342.         }
  343.       }
  344.     } else {
  345.       $edit_data = false;
  346.       $url = false;
  347.     }
  348. 

  349.     render('new-repost', array(
  350.       'title' => 'New Repost',
  351.       'repost_of' => $repost_of,
  352.       'token' => generate_login_token(),
  353.       'authorizing' => false,
  354.       'url' => $url,
  355.     ));
  356.   }
  357. });
  358. 

  359. $app->post('/prefs', function() use($app) {
  360.   if($user=require_login($app)) {
  361.     $params = $app->request()->params();
  362.     $user->location_enabled = $params['enabled'];
  363.     $user->save();
  364.   }
  365.   $app->response()['Content-type'] = 'application/json';
  366.   $app->response()->body(json_encode(array(
  367.     'result' => 'ok'
  368.   )));
  369. });
  370. 

  371. $app->post('/prefs/timezone', function() use($app) {
  372.   // Called when the interface finds the user's location.

  373.   // Look up the timezone for this location and store it as their default.

  374.   $timezone = false;
  375.   if($user=require_login($app)) {
  376.     $params = $app->request()->params();
  377.     $timezone = p3k\Timezone::timezone_for_location($params['latitude'], $params['longitude']);
  378.     if($timezone) {
  379.       $user->default_timezone = $timezone;
  380.       $user->save();
  381.     }
  382.   }
  383.   $app->response()['Content-type'] = 'application/json';
  384.   $app->response()->body(json_encode(array(
  385.     'result' => 'ok',
  386.     'timezone' => $timezone,
  387.   )));
  388. });
  389. 

  390. $app->get('/add-to-home', function() use($app) {
  391.   $params = $app->request()->params();
  392.   header("Cache-Control: no-cache, must-revalidate");
  393. 

  394.   if(array_key_exists('token', $params) && !session('add-to-home-started')) {
  395.     unset($_SESSION['add-to-home-started']);
  396. 

  397.     // Verify the token and sign the user in

  398.     try {
  399.       $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
  400.       $_SESSION['user_id'] = $data->user_id;
  401.       $_SESSION['me'] = $data->me;
  402.       $app->redirect('/new', 302);
  403.     } catch(DomainException $e) {
  404.       header('X-Error: DomainException');
  405.       $app->redirect('/', 302);
  406.     } catch(UnexpectedValueException $e) {
  407.       header('X-Error: UnexpectedValueException');
  408.       $app->redirect('/', 302);
  409.     }
  410. 

  411.   } else {
  412. 

  413.     if($user=require_login($app)) {
  414.       if(array_key_exists('start', $params)) {
  415.         $_SESSION['add-to-home-started'] = true;
  416. 

  417.         $token = JWT::encode(array(
  418.           'user_id' => $_SESSION['user_id'],
  419.           'me' => $_SESSION['me'],
  420.           'created_at' => time()
  421.         ), Config::$jwtSecret);
  422. 

  423.         $app->redirect('/add-to-home?token='.$token, 302);
  424.       } else {
  425.         unset($_SESSION['add-to-home-started']);
  426.         render('add-to-home', array('title' => 'Quill'));
  427.       }
  428.     }
  429.   }
  430. });
  431. 

  432. $app->get('/email', function() use($app) {
  433.   if($user=require_login($app)) {
  434. 

  435.     $test_response = '';
  436.     if($user->last_micropub_response) {
  437.       try {
  438.         if(@json_decode($user->last_micropub_response)) {
  439.           $d = json_decode($user->last_micropub_response);
  440.           $test_response = $d->response;
  441.         }
  442.       } catch(Exception $e) {
  443.       }
  444.     }
  445. 

  446.     if(!$user->email_username) {
  447.       $host = parse_url($user->url, PHP_URL_HOST);
  448.       $user->email_username = $host . '.' . rand(100000,999999);
  449.       $user->save();
  450.     }
  451. 

  452.     render('email', array(
  453.       'title' => 'Post-by-Email',
  454.       'micropub_endpoint' => $user->micropub_endpoint,
  455.       'test_response' => $test_response,
  456.       'user' => $user
  457.     ));
  458.   }
  459. });
  460. 

  461. $app->get('/settings', function() use($app) {
  462.   if($user=require_login($app)) {
  463.     render('settings', [
  464.       'title' => 'Settings',
  465.       'user' => $user,
  466.       'authorizing' => false
  467.     ]);
  468.   }
  469. });
  470. 

  471. $app->post('/settings/save', function() use($app) {
  472.   if($user=require_login($app)) {
  473.     $params = $app->request()->params();
  474. 

  475.     if(array_key_exists('html_content', $params))
  476.       $user->micropub_optin_html_content = $params['html_content'] ? 1 : 0;
  477. 

  478.     if(array_key_exists('slug_field', $params) && $params['slug_field'])
  479.       $user->micropub_slug_field = $params['slug_field'];
  480. 

  481.     if(array_key_exists('syndicate_field', $params) && $params['syndicate_field']) {
  482.       if(in_array($params['syndicate_field'], ['syndicate-to','mp-syndicate-to']))
  483.         $user->micropub_syndicate_field = $params['syndicate_field'];
  484.     }
  485. 

  486.     $user->save();
  487.     $app->response()['Content-type'] = 'application/json';
  488.     $app->response()->body(json_encode(array(
  489.       'result' => 'ok'
  490.     )));
  491.   }
  492. });
  493. 

  494. $app->post('/settings/html-content', function() use($app) {
  495.   if($user=require_login($app)) {
  496.     $params = $app->request()->params();
  497.     $user->micropub_optin_html_content = $params['html'] ? 1 : 0;
  498.     $user->save();
  499.     $app->response()['Content-type'] = 'application/json';
  500.     $app->response()->body(json_encode(array(
  501.       'html' => $user->micropub_optin_html_content
  502.     )));
  503.   }
  504. });
  505. $app->get('/settings/html-content', function() use($app) {
  506.   if($user=require_login($app)) {
  507.     $app->response()['Content-type'] = 'application/json';
  508.     $app->response()->body(json_encode(array(
  509.       'html' => $user->micropub_optin_html_content
  510.     )));
  511.   }
  512. });
  513. 

  514. function create_favorite(&$user, $url) {
  515.   $micropub_request = array(
  516.     'like-of' => $url
  517.   );
  518.   $r = micropub_post_for_user($user, $micropub_request);
  519. 

  520.   $tweet_id = false;
  521. 

  522.   // POSSE favorites to Twitter

  523.   if($user->twitter_access_token && preg_match('/https?:\/\/(?:www\.)?twitter\.com\/[^\/]+\/status(?:es)?\/(\d+)/', $url, $match)) {
  524.     $tweet_id = $match[1];
  525.     $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret,
  526.       $user->twitter_access_token, $user->twitter_token_secret);
  527.     $result = $twitter->post('favorites/create', array(
  528.       'id' => $tweet_id
  529.     ));
  530.   }
  531. 

  532.   return $r;
  533. }
  534. 

  535. function edit_favorite(&$user, $post_url, $like_of) {
  536.   $micropub_request = [
  537.     'action' => 'update',
  538.     'url' => $post_url,
  539.     'replace' => [
  540.       'like-of' => [$like_of]
  541.     ]
  542.   ];
  543.   $r = micropub_post_for_user($user, $micropub_request, null, true);
  544.   return $r;
  545. }
  546. 

  547. function create_repost(&$user, $url) {
  548.   $micropub_request = array(
  549.     'repost-of' => $url
  550.   );
  551.   $r = micropub_post_for_user($user, $micropub_request);
  552. 

  553.   $tweet_id = false;
  554. 

  555.   if($user->twitter_access_token && preg_match('/https?:\/\/(?:www\.)?twitter\.com\/[^\/]+\/status(?:es)?\/(\d+)/', $url, $match)) {
  556.     $tweet_id = $match[1];
  557.     $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret,
  558.       $user->twitter_access_token, $user->twitter_token_secret);
  559.     $result = $twitter->post('statuses/retweet/'.$tweet_id);
  560.   }
  561. 

  562.   return $r;
  563. }
  564. 

  565. function edit_repost(&$user, $post_url, $repost_of) {
  566.   $micropub_request = [
  567.     'action' => 'update',
  568.     'url' => $post_url,
  569.     'replace' => [
  570.       'repost-of' => [$repost_of]
  571.     ]
  572.   ];
  573.   $r = micropub_post_for_user($user, $micropub_request, null, true);
  574.   return $r;
  575. }
  576. 

  577. $app->post('/favorite', function() use($app) {
  578.   if($user=require_login($app)) {
  579.     $params = $app->request()->params();
  580. 

  581.     $error = false;
  582. 

  583.     if(isset($params['edit']) && $params['edit']) {
  584.       $r = edit_favorite($user, $params['edit'], $params['like_of']);
  585.       if(isset($r['location']) && $r['location'])
  586.         $location = $r['location'];
  587.       elseif(in_array($r['code'], [200,201,204]))
  588.         $location = $params['edit'];
  589.       elseif(in_array($r['code'], [401,403])) {
  590.         $location = false;
  591.         $error = 'Your Micropub endpoint denied the request. Check that Quill is authorized to update posts.';
  592.       } else {
  593.         $location = false;
  594.         $error = 'Your Micropub endpoint did not return a location header or a recognized response code';
  595.       }
  596.     } else {
  597.       $r = create_favorite($user, $params['like_of']);
  598.       $location = $r['location'];
  599.     }
  600. 

  601.     $app->response()['Content-type'] = 'application/json';
  602.     $app->response()->body(json_encode(array(
  603.       'location' => $location,
  604.       'error' => $r['error'],
  605.       'error_details' => $error,
  606.     )));
  607.   }
  608. });
  609. 

  610. $app->post('/repost', function() use($app) {
  611.   if($user=require_login($app)) {
  612.     $params = $app->request()->params();
  613. 

  614.     $error = false;
  615. 

  616.     if(isset($params['edit']) && $params['edit']) {
  617.       $r = edit_repost($user, $params['edit'], $params['repost_of']);
  618.       if(isset($r['location']) && $r['location'])
  619.         $location = $r['location'];
  620.       elseif(in_array($r['code'], [200,201,204]))
  621.         $location = $params['edit'];
  622.       elseif(in_array($r['code'], [401,403])) {
  623.         $location = false;
  624.         $error = 'Your Micropub endpoint denied the request. Check that Quill is authorized to update posts.';
  625.       } else {
  626.         $location = false;
  627.         $error = 'Your Micropub endpoint did not return a location header or a recognized response code';
  628.       }
  629.     } else {
  630.       $r = create_repost($user, $params['repost_of']);
  631.       $location = $r['location'];
  632.     }
  633. 

  634.     $app->response()['Content-type'] = 'application/json';
  635.     $app->response()->body(json_encode(array(
  636.       'location' => $location,
  637.       'error' => $r['error'],
  638.       'error_details' => $error,
  639.     )));
  640.   }
  641. });
  642. 

  643. $app->get('/reply/preview', function() use($app) {
  644.   if($user=require_login($app)) {
  645.     $params = $app->request()->params();
  646. 

  647.     if(!isset($params['url']) || !$params['url']) {
  648.       return '';
  649.     }
  650. 

  651.     $reply_url = trim($params['url']);
  652. 

  653.     if(preg_match('/twtr\.io\/([0-9a-z]+)/i', $reply_url, $match)) {
  654.       $twtr = 'https://twitter.com/_/status/' . sxg_to_num($match[1]);
  655.       $ch = curl_init($twtr);
  656.       curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  657.       curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  658.       curl_exec($ch);
  659.       $expanded_url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
  660.       if($expanded_url) $reply_url = $expanded_url;
  661.     }
  662. 

  663.     $entry = false;
  664. 

  665.     $xray = [
  666.       'url' => $reply_url
  667.     ];
  668. 

  669.     if(preg_match('/twitter\.com\/(?:[^\/]+)\/statuse?s?\/(.+)/', $reply_url, $match)) {
  670.       if($user->twitter_access_token) {
  671.         $xray['twitter_api_key'] = Config::$twitterClientID;
  672.         $xray['twitter_api_secret'] = Config::$twitterClientSecret;
  673.         $xray['twitter_access_token'] = $user->twitter_access_token;
  674.         $xray['twitter_access_token_secret'] = $user->twitter_token_secret;
  675.       }
  676.     }
  677. 

  678.     // Pass to X-Ray to see if it can expand the entry

  679.     $ch = curl_init('https://xray.p3k.io/parse');
  680.     curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  681.     curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($xray));
  682.     $response = curl_exec($ch);
  683.     $data = @json_decode($response, true);
  684.     if($data && isset($data['data'])) {
  685.       if($data['data']['type'] == 'entry') {
  686.         $entry = $data['data'];
  687.       } elseif($data['data']['type'] == 'event') {
  688.         $entry = $data['data'];
  689.         $content = '';
  690.         if(isset($entry['start']) && isset($entry['end'])) {
  691.           $formatted = DateFormatter::format($entry['start'], $entry['end'], false);
  692.           if($formatted)
  693.             $content .= $formatted;
  694.           else {
  695.             $start = new DateTime($entry['start']);
  696.             $end = new DateTime($entry['end']);
  697.             if($start && $end)
  698.               $content .= 'from '.$start->format('Y-m-d g:ia').' to '.$end->format('Y-m-d g:ia');
  699.           }
  700.         } elseif(isset($entry['start'])) {
  701.           $formatted = DateFormatter::format($entry['start'], false, false);
  702.           if($formatted)
  703.             $content .= $formatted;
  704.           else {
  705.             $start = new DateTime($entry['start']);
  706.             if($start)
  707.               $content .= $start->format('Y-m-d g:ia');
  708.           }
  709.         }
  710. 

  711.         $entry['content']['text'] = $content;
  712.       }
  713.       // Create a nickname based on the author URL

  714.       if(array_key_exists('author', $entry)) {
  715.         if($entry['author']['url']) {
  716.           if(!isset($entry['author']['nickname']) || !$entry['author']['nickname'])
  717.             $entry['author']['nickname'] = display_url($entry['author']['url']);
  718.         }
  719.       }
  720.     }
  721. 

  722.     $mentions = [];
  723.     if($entry) {
  724.       if(array_key_exists('author', $entry)) {
  725.         // Find all @-names in the post, as well as the author name

  726.         $mentions[] = strtolower($entry['author']['nickname']);
  727.       }
  728. 

  729.       if(isset($entry['content']) && $entry['content'] && isset($entry['content']['text'])) {
  730.         if(preg_match_all('/(^|(?<=[\s\/]))@([a-z0-9_]+([a-z0-9_\.]*)?)/i', $entry['content']['text'], $matches)) {
  731.           foreach($matches[0] as $nick) {
  732.             if(trim($nick,'@') != $user->twitter_username && trim($nick,'@') != display_url($user->url))
  733.               $mentions[] = strtolower(trim($nick,'@'));
  734.           }
  735.         }
  736.       }
  737. 

  738.       $mentions = array_values(array_unique($mentions));
  739. 

  740.     }    
  741. 

  742.     $app->response()['Content-type'] = 'application/json';
  743.     $app->response()->body(json_encode([
  744.       'canonical_reply_url' => $reply_url,
  745.       'entry' => $entry,
  746.       'mentions' => $mentions
  747.     ]));
  748.   }
  749. });
  750. 

  751. $app->get('/edit', function() use($app) {
  752.   if($user=require_login($app)) {
  753.     $params = $app->request()->params();
  754. 

  755.     if(!isset($params['url']) || !$params['url']) {
  756.       $app->response()->body('no URL specified');
  757.     }
  758. 

  759.     // Query the micropub endpoint for the source properties

  760.     $source = micropub_get($user->micropub_endpoint, [
  761.         'q' => 'source',
  762.         'url' => $params['url']
  763.       ], $user->micropub_access_token);
  764. 

  765.     $data = $source['data'];
  766. 

  767.     if(array_key_exists('error', $data)) {
  768.       render('edit/error', [
  769.         'title' => 'Error',
  770.         'summary' => 'Your Micropub endpoint returned an error:',
  771.         'error' => $data['error'],
  772.         'error_description' => $data['error_description']
  773.       ]);
  774.       return;
  775.     }
  776. 

  777.     if(!array_key_exists('properties', $data) || !array_key_exists('type', $data)) {
  778.       render('edit/error', [
  779.         'title' => 'Error',
  780.         'summary' => '',
  781.         'error' => 'Invalid Response',
  782.         'error_description' => 'Your endpoint did not return "properties" and "type" in the response.'
  783.       ]);
  784.       return;
  785.     }
  786. 

  787.     // Start checking for content types

  788.     $type = $data['type'][0];
  789.     $error = false;
  790.     $url = false;
  791. 

  792.     if($type == 'h-review') {
  793.       $url = '/review';
  794.     } elseif($type == 'h-event') {
  795.       $url = '/event';
  796.     } elseif($type != 'h-entry') {
  797.       $error = 'This type of post is not supported by any of Quill\'s editing interfaces. Type: '.$type;
  798.     } else {
  799.       if(array_key_exists('bookmark-of', $data['properties'])) {
  800.         $url = '/bookmark';
  801.       } elseif(array_key_exists('like-of', $data['properties'])) {
  802.         $url = '/favorite';
  803.       } elseif(array_key_exists('repost-of', $data['properties'])) {
  804.         $url = '/repost';
  805.       }
  806.     }
  807. 

  808.     if($error) {
  809.       render('edit/error', [
  810.         'title' => 'Error',
  811.         'summary' => '',
  812.         'error' => 'There was a problem!',
  813.         'error_description' => $error
  814.       ]);
  815.       return;      
  816.     }
  817. 

  818.     // Until all interfaces are complete, show an error here for unsupported ones

  819.     if(!in_array($url, ['/favorite','/repost'])) {
  820.       render('edit/error', [
  821.         'title' => 'Not Yet Supported',
  822.         'summary' => '',
  823.         'error' => 'Not Yet Supported',
  824.         'error_description' => 'Editing is not yet supported for this type of post.'
  825.       ]);
  826.       return;      
  827.     }
  828. 

  829.     $app->redirect($url . '?edit=' . $params['url'], 302);
  830.   }
  831. });