p3k
/
Quill
mirror of https://github.com/aaronpk/Quill.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
95 Commits
3 Branches
4.1 MiB
Tree: c62c5205ac
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c62c5205ac'
${ noResults }
Quill/controllers/controllers.php

684 lines
19 KiB
Raw Normal View History

Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
lock to JWT 2.* version
8 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
add dashboard with links to all post types
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
add reply={url} query param for posting a note Support reply bookmarklets, and hopefully the Firefox Social API "Share" provider too.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
add reply={url} query param for posting a note Support reply bookmarklets, and hopefully the Firefox Social API "Share" provider too.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
add reply={url} query param for posting a note Support reply bookmarklets, and hopefully the Firefox Social API "Share" provider too.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Adds support for querying your micropub endpoint to check for syndication targets. This changes the value of "in-reply-to" to use hyphens instead of underscore separators!! Also shows you the full request made to your micropub endpoint.
9 years ago
remember if the user checks the "location" checkbox and always find their location in the future if so
10 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
9 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
crude UI for creating events
8 years ago
add interface for posting travel itinerary
8 years ago
Adds possibility to post photos. With this it is possible to post a photo note with a description, nothing more. It doesn't move the file in the file system, just posts it from the temp location to the users server. It also does validate for file size, content type and max upload size and shows the errors to the user. If everything goes according to plan the response from the users server is shown, together with a link with the posted photos URL.
8 years ago
add repost form
8 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
add repost form
8 years ago
remember if the user checks the "location" checkbox and always find their location in the future if so
10 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
add privacy policy stub
9 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
add privacy policy stub
9 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
lock to JWT 2.* version
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
lock to JWT 2.* version
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
lock to JWT 2.* version
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
add interface for posting travel itinerary
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
10 years ago
add post-by-email support to quill
8 years ago
add interface for posting travel itinerary
8 years ago
add post-by-email support to quill
8 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
Added authorizing false so it would not show the Savant3:: error
8 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
add banner to opt in to html content change
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
add interface for posting travel itinerary
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
add repost form
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
add interface for posting travel itinerary
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
Adds possibility to post photos. With this it is possible to post a photo note with a description, nothing more. It doesn't move the file in the file system, just posts it from the temp location to the users server. It also does validate for file size, content type and max upload size and shows the errors to the user. If everything goes according to plan the response from the users server is shown, together with a link with the posted photos URL.
8 years ago
add repost form
8 years ago
add interface for posting travel itinerary
8 years ago
add repost form
8 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
add interface for posting travel itinerary
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
actually post likes from the form
9 years ago
Adds possibility to post photos. With this it is possible to post a photo note with a description, nothing more. It doesn't move the file in the file system, just posts it from the temp location to the users server. It also does validate for file size, content type and max upload size and shows the errors to the user. If everything goes according to plan the response from the users server is shown, together with a link with the posted photos URL.
8 years ago
add repost form
8 years ago
Adds support for querying your micropub endpoint to check for syndication targets. This changes the value of "in-reply-to" to use hyphens instead of underscore separators!! Also shows you the full request made to your micropub endpoint.
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Adds support for querying your micropub endpoint to check for syndication targets. This changes the value of "in-reply-to" to use hyphens instead of underscore separators!! Also shows you the full request made to your micropub endpoint.
9 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
crude UI for creating events
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
add interface for posting travel itinerary
8 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
add interface for posting travel itinerary
8 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
9 years ago
adds instagram auth
9 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
9 years ago
adds instagram auth
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
adds instagram auth
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
10 years ago
adds instagram auth
9 years ago
 
  1. <?php
  2. 

  3. function require_login(&$app, $redirect=true) {
  4.   $params = $app->request()->params();
  5.   if(array_key_exists('token', $params)) {
  6.     try {
  7.       $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
  8.       $_SESSION['user_id'] = $data->user_id;
  9.       $_SESSION['me'] = $data->me;
  10.     } catch(DomainException $e) {
  11.       if($redirect) {
  12.         header('X-Error: DomainException');
  13.         $app->redirect('/', 301);
  14.       } else {
  15.         return false;
  16.       }
  17.     } catch(UnexpectedValueException $e) {
  18.       if($redirect) {
  19.         header('X-Error: UnexpectedValueException');
  20.         $app->redirect('/', 301);
  21.       } else {
  22.         return false;
  23.       }
  24.     }
  25.   }
  26. 

  27.   if(!array_key_exists('user_id', $_SESSION)) {
  28.     if($redirect)
  29.       $app->redirect('/');
  30.     return false;
  31.   } else {
  32.     return ORM::for_table('users')->find_one($_SESSION['user_id']);
  33.   }
  34. }
  35. 

  36. function generate_login_token() {
  37.   return JWT::encode(array(
  38.     'user_id' => $_SESSION['user_id'],
  39.     'me' => $_SESSION['me'],
  40.     'created_at' => time()
  41.   ), Config::$jwtSecret);
  42. }
  43. 

  44. $app->get('/dashboard', function() use($app) {
  45.   if($user=require_login($app)) {
  46.     $html = render('dashboard', array(
  47.       'title' => 'Dashboard',
  48.       'authorizing' => false
  49.     ));
  50.     $app->response()->body($html);
  51.   }
  52. });
  53. 

  54. $app->get('/new', function() use($app) {
  55.   if($user=require_login($app)) {
  56.     $params = $app->request()->params();
  57. 

  58.     $entry = false;
  59.     $photo_url = false;
  60.     $in_reply_to = '';
  61. 

  62.     if(array_key_exists('reply', $params))
  63.        $in_reply_to = $params['reply'];
  64. 

  65.     $test_response = '';
  66.     if($user->last_micropub_response) {
  67.       try {
  68.         if(@json_decode($user->last_micropub_response)) {
  69.           $d = json_decode($user->last_micropub_response);
  70.           $test_response = $d->response;
  71.         }
  72.       } catch(Exception $e) {
  73.       }
  74.     }
  75. 

  76.     $html = render('new-post', array(
  77.       'title' => 'New Post',
  78.       'in_reply_to' => $in_reply_to,
  79.       'micropub_endpoint' => $user->micropub_endpoint,
  80.       'micropub_scope' => $user->micropub_scope,
  81.       'micropub_access_token' => $user->micropub_access_token,
  82.       'response_date' => $user->last_micropub_response_date,
  83.       'syndication_targets' => json_decode($user->syndication_targets, true),
  84.       'test_response' => $test_response,
  85.       'location_enabled' => $user->location_enabled,
  86.       'authorizing' => false
  87.     ));
  88.     $app->response()->body($html);
  89.   }
  90. });
  91. 

  92. $app->get('/bookmark', function() use($app) {
  93.   if($user=require_login($app)) {
  94.     $params = $app->request()->params();
  95. 

  96.     $url = '';
  97.     $name = '';
  98.     $content = '';
  99.     $tags = '';
  100. 

  101.     if(array_key_exists('url', $params))
  102.       $url = $params['url'];
  103. 

  104.     if(array_key_exists('name', $params))
  105.       $name = $params['name'];
  106. 

  107.     if(array_key_exists('content', $params))
  108.       $content = $params['content'];
  109. 

  110.     $html = render('new-bookmark', array(
  111.       'title' => 'New Bookmark',
  112.       'bookmark_url' => $url,
  113.       'bookmark_name' => $name,
  114.       'bookmark_content' => $content,
  115.       'bookmark_tags' => $tags,
  116.       'token' => generate_login_token(),
  117.       'syndication_targets' => json_decode($user->syndication_targets, true),
  118.       'authorizing' => false
  119.     ));
  120.     $app->response()->body($html);
  121.   }
  122. });
  123. 

  124. $app->get('/favorite', function() use($app) {
  125.   if($user=require_login($app)) {
  126.     $params = $app->request()->params();
  127. 

  128.     $url = '';
  129. 

  130.     if(array_key_exists('url', $params))
  131.       $url = $params['url'];
  132. 

  133.     $html = render('new-favorite', array(
  134.       'title' => 'New Favorite',
  135.       'url' => $url,
  136.       'token' => generate_login_token(),
  137.       'authorizing' => false
  138.     ));
  139.     $app->response()->body($html);
  140.   }
  141. });
  142. 

  143. $app->get('/event', function() use($app) {
  144.   if($user=require_login($app)) {
  145.     $params = $app->request()->params();
  146. 

  147.     $html = render('event', array(
  148.       'title' => 'Event',
  149.       'authorizing' => false
  150.     ));
  151.     $app->response()->body($html);
  152.   }
  153. });
  154. 

  155. $app->get('/itinerary', function() use($app) {
  156.   if($user=require_login($app)) {
  157.     $params = $app->request()->params();
  158. 

  159.     $html = render('new-itinerary', array(
  160.       'title' => 'Itinerary',
  161.       'authorizing' => false
  162.     ));
  163.     $app->response()->body($html);
  164.   }
  165. });
  166. 

  167. $app->get('/photo', function() use($app) {
  168.   if($user=require_login($app)) {
  169.     $params = $app->request()->params();
  170. 

  171.     $html = render('photo', array(
  172.       'title' => 'New Photo',
  173.       'note_content' => '',
  174.       'authorizing' => false
  175.     ));
  176.     $app->response()->body($html);
  177.   }
  178. });
  179. 

  180. $app->get('/repost', function() use($app) {
  181.   if($user=require_login($app)) {
  182.     $params = $app->request()->params();
  183. 

  184.     $url = '';
  185. 

  186.     if(array_key_exists('url', $params))
  187.       $url = $params['url'];
  188. 

  189.     $html = render('new-repost', array(
  190.       'title' => 'New Repost',
  191.       'url' => $url,
  192.       'token' => generate_login_token(),
  193.       'authorizing' => false
  194.     ));
  195.     $app->response()->body($html);
  196.   }
  197. });
  198. 

  199. $app->post('/prefs', function() use($app) {
  200.   if($user=require_login($app)) {
  201.     $params = $app->request()->params();
  202.     $user->location_enabled = $params['enabled'];
  203.     $user->save();
  204.   }
  205.   $app->response()->body(json_encode(array(
  206.     'result' => 'ok'
  207.   )));
  208. });
  209. 

  210. $app->get('/creating-a-token-endpoint', function() use($app) {
  211.   $app->redirect('http://indiewebcamp.com/token-endpoint', 301);
  212. });
  213. $app->get('/creating-a-micropub-endpoint', function() use($app) {
  214.   $html = render('creating-a-micropub-endpoint', array('title' => 'Creating a Micropub Endpoint', 'authorizing' => false));
  215.   $app->response()->body($html);
  216. });
  217. 

  218. $app->get('/docs', function() use($app) {
  219.   $html = render('docs', array('title' => 'Documentation', 'authorizing' => false));
  220.   $app->response()->body($html);
  221. });
  222. 

  223. $app->get('/privacy', function() use($app) {
  224.   $html = render('privacy', array('title' => 'Quill Privacy Policy', 'authorizing' => false));
  225.   $app->response()->body($html);
  226. });
  227. 

  228. $app->get('/add-to-home', function() use($app) {
  229.   $params = $app->request()->params();
  230.   header("Cache-Control: no-cache, must-revalidate");
  231. 

  232.   if(array_key_exists('token', $params) && !session('add-to-home-started')) {
  233.     unset($_SESSION['add-to-home-started']);
  234. 

  235.     // Verify the token and sign the user in

  236.     try {
  237.       $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
  238.       $_SESSION['user_id'] = $data->user_id;
  239.       $_SESSION['me'] = $data->me;
  240.       $app->redirect('/new', 301);
  241.     } catch(DomainException $e) {
  242.       header('X-Error: DomainException');
  243.       $app->redirect('/', 301);
  244.     } catch(UnexpectedValueException $e) {
  245.       header('X-Error: UnexpectedValueException');
  246.       $app->redirect('/', 301);
  247.     }
  248. 

  249.   } else {
  250. 

  251.     if($user=require_login($app)) {
  252.       if(array_key_exists('start', $params)) {
  253.         $_SESSION['add-to-home-started'] = true;
  254. 

  255.         $token = JWT::encode(array(
  256.           'user_id' => $_SESSION['user_id'],
  257.           'me' => $_SESSION['me'],
  258.           'created_at' => time()
  259.         ), Config::$jwtSecret);
  260. 

  261.         $app->redirect('/add-to-home?token='.$token, 301);
  262.       } else {
  263.         unset($_SESSION['add-to-home-started']);
  264.         $html = render('add-to-home', array('title' => 'Quill'));
  265.         $app->response()->body($html);
  266.       }
  267.     }
  268.   }
  269. });
  270. 

  271. $app->get('/email', function() use($app) {
  272.   if($user=require_login($app)) {
  273. 

  274.     $test_response = '';
  275.     if($user->last_micropub_response) {
  276.       try {
  277.         if(@json_decode($user->last_micropub_response)) {
  278.           $d = json_decode($user->last_micropub_response);
  279.           $test_response = $d->response;
  280.         }
  281.       } catch(Exception $e) {
  282.       }
  283.     }
  284. 

  285.     if(!$user->email_username) {
  286.       $host = parse_url($user->url, PHP_URL_HOST);
  287.       $user->email_username = $host . '.' . rand(100000,999999);
  288.       $user->save();
  289.     }
  290. 

  291.     $html = render('email', array(
  292.       'title' => 'Post-by-Email',
  293.       'micropub_endpoint' => $user->micropub_endpoint,
  294.       'test_response' => $test_response,
  295.       'user' => $user
  296.     ));
  297.     $app->response()->body($html);
  298.   }
  299. });
  300. 

  301. $app->get('/settings', function() use($app) {
  302.   if($user=require_login($app)) {
  303.     $html = render('settings', array('title' => 'Settings', 'include_facebook' => true, 'authorizing' => false));
  304.     $app->response()->body($html);
  305.   }
  306. });
  307. 

  308. $app->post('/settings/html-content', function() use($app) {
  309.   if($user=require_login($app)) {
  310.     $params = $app->request()->params();
  311.     $user->micropub_optin_html_content = $params['html'] ? 1 : 0;
  312.     $user->save();
  313.     $app->response()->body(json_encode(array(
  314.       'html' => $user->micropub_optin_html_content
  315.     )));
  316.   }
  317. });
  318. $app->get('/settings/html-content', function() use($app) {
  319.   if($user=require_login($app)) {
  320.     $app->response()->body(json_encode(array(
  321.       'html' => $user->micropub_optin_html_content
  322.     )));
  323.   }
  324. });
  325. 

  326. $app->get('/favorite-popup', function() use($app) {
  327.   if($user=require_login($app)) {
  328.     $params = $app->request()->params();
  329. 

  330.     $html = $app->render('favorite-popup.php', array(
  331.       'url' => $params['url'],
  332.       'token' => $params['token']
  333.     ));
  334.     $app->response()->body($html);
  335.   }
  336. });
  337. 

  338. function create_favorite(&$user, $url) {
  339.   $micropub_request = array(
  340.     'like-of' => $url
  341.   );
  342.   $r = micropub_post_for_user($user, $micropub_request);
  343. 

  344.   $facebook_id = false;
  345.   $instagram_id = false;
  346.   $tweet_id = false;
  347. 

  348.   /*
  349.   // Facebook likes are posted via Javascript, so pass the FB ID to the javascript code

  350.   if(preg_match('/https?:\/\/(?:www\.)?facebook\.com\/(?:[^\/]+)\/posts\/(\d+)/', $url, $match)) {
  351.     $facebook_id = $match[1];
  352.   }
  353. 

  354.   if(preg_match('/https?:\/\/(?:www\.)?facebook\.com\/photo\.php\?fbid=(\d+)/', $url, $match)) {
  355.     $facebook_id = $match[1];
  356.   }
  357.   */
  358. 

  359.   if(preg_match('/https?:\/\/(?:www\.)?instagram\.com\/p\/([^\/]+)/', $url, $match)) {
  360.     $instagram_id = $match[1];
  361.     if($user->instagram_access_token) {
  362.       $instagram = instagram_client();
  363.       $instagram->setAccessToken($user->instagram_access_token);
  364.       $ch = curl_init('https://api.instagram.com/v1/media/shortcode/' . $instagram_id . '?access_token=' . $user->instagram_access_token);
  365.       curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  366.       $result = json_decode(curl_exec($ch));
  367. 

  368.       $result = $instagram->likeMedia($result->data->id);
  369.     } else {
  370.       // TODO: indicate that the instagram post couldn't be liked because no access token was available

  371.     }
  372.   }
  373. 

  374.   if($user->twitter_access_token && preg_match('/https?:\/\/(?:www\.)?twitter\.com\/[^\/]+\/status(?:es)?\/(\d+)/', $url, $match)) {
  375.     $tweet_id = $match[1];
  376.     $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret,
  377.       $user->twitter_access_token, $user->twitter_token_secret);
  378.     $result = $twitter->post('favorites/create', array(
  379.       'id' => $tweet_id
  380.     ));
  381.   }
  382. 

  383.   return $r;
  384. }
  385. 

  386. function create_photo(&$user, $params, $file) {
  387.   $error = validate_photo($file);
  388. 

  389.   if(!$error) {
  390.     $file_path = $file['tmp_name'];
  391.     $micropub_request = array('content' => $params['note_content']);
  392.     $r = micropub_post_for_user($user, $micropub_request, $file_path);
  393.   } else {
  394.     $r = array('error' => $error);
  395.   }
  396. 

  397.   return $r;
  398. }
  399. 

  400. function create_repost(&$user, $url) {
  401.   $micropub_request = array(
  402.     'repost-of' => $url
  403.   );
  404.   $r = micropub_post_for_user($user, $micropub_request);
  405. 

  406.   $tweet_id = false;
  407. 

  408.   if($user->twitter_access_token && preg_match('/https?:\/\/(?:www\.)?twitter\.com\/[^\/]+\/status(?:es)?\/(\d+)/', $url, $match)) {
  409.     $tweet_id = $match[1];
  410.     $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret,
  411.       $user->twitter_access_token, $user->twitter_token_secret);
  412.     $result = $twitter->post('statuses/retweet/'.$tweet_id);
  413.   }
  414. 

  415.   return $r;
  416. }
  417. 

  418. $app->get('/favorite.js', function() use($app) {
  419.   $app->response()->header("Content-type", "text/javascript");
  420.   if($user=require_login($app, false)) {
  421.     $params = $app->request()->params();
  422. 

  423.     if(array_key_exists('url', $params)) {
  424.       $r = create_favorite($user, $params['url']);
  425. 

  426.       $app->response()->body($app->render('favorite-js.php', array(
  427.         'url' => $params['url'],
  428.         'like_url' => $r['location'],
  429.         'error' => $r['error'],
  430.         // 'facebook_id' => $facebook_id

  431.       )));
  432.     } else {
  433.       $app->response()->body('alert("no url");');
  434.     }
  435. 

  436.   } else {
  437.     $app->response()->body('alert("invalid token");');
  438.   }
  439. });
  440. 

  441. $app->post('/favorite', function() use($app) {
  442.   if($user=require_login($app)) {
  443.     $params = $app->request()->params();
  444. 

  445.     $r = create_favorite($user, $params['url']);
  446. 

  447.     $app->response()->body(json_encode(array(
  448.       'location' => $r['location'],
  449.       'error' => $r['error']
  450.     )));
  451.   }
  452. });
  453. 

  454. $app->post('/photo', function() use($app) {
  455.   if($user=require_login($app)) {
  456. 

  457.     // var_dump($app->request()->post());

  458.     //

  459.     // Since $app->request()->post() with multipart is always

  460.     // empty (bug in Slim?) We're using the raw $_POST here

  461.     // until this gets fixed.

  462.     // PHP empties everything in $_POST if the file upload size exceeds

  463.     // that is why we have to test if the variables exist first.

  464. 

  465.     $note_content = isset($_POST['note_content']) ? $_POST['note_content'] : null;
  466.     $params = array('note_content' => $note_content);
  467.     $file = isset($_FILES['note_photo']) ? $_FILES['note_photo'] : null;
  468. 

  469.     $r = create_photo($user, $params, $file);
  470. 

  471.     // Populate the error if there was no location header.

  472.     if(empty($r['location']) && empty($r['error'])) {
  473.       $r['error'] = "No 'Location' header in response.";
  474.     }
  475. 

  476.     $html = render('photo', array(
  477.       'title' => 'Photo posted',
  478.       'note_content' => $params['note_content'],
  479.       'location' => (isset($r['location']) ? $r['location'] : null),
  480.       'error' => (isset($r['error']) ? $r['error'] : null),
  481.       'response' => (isset($r['response']) ? htmlspecialchars($r['response']) : null),
  482.       'authorizing' => false
  483.     ));
  484.     $app->response()->body($html);
  485.   }
  486. });
  487. 

  488. $app->post('/repost', function() use($app) {
  489.   if($user=require_login($app)) {
  490.     $params = $app->request()->params();
  491. 

  492.     $r = create_repost($user, $params['url']);
  493. 

  494.     $app->response()->body(json_encode(array(
  495.       'location' => $r['location'],
  496.       'error' => $r['error']
  497.     )));
  498.   }
  499. });
  500. 

  501. $app->get('/micropub/syndications', function() use($app) {
  502.   if($user=require_login($app)) {
  503.     $data = get_syndication_targets($user);
  504.     $app->response()->body(json_encode(array(
  505.       'targets' => $data['targets'],
  506.       'response' => $data['response']
  507.     )));
  508.   }
  509. });
  510. 

  511. $app->post('/micropub/post', function() use($app) {
  512.   if($user=require_login($app)) {
  513.     $params = $app->request()->params();
  514. 

  515.     // Remove any blank params

  516.     $params = array_filter($params, function($v){
  517.       return $v !== '';
  518.     });
  519. 

  520.     $r = micropub_post_for_user($user, $params);
  521. 

  522.     $app->response()->body(json_encode(array(
  523.       'request' => htmlspecialchars($r['request']),
  524.       'response' => htmlspecialchars($r['response']),
  525.       'location' => $r['location'],
  526.       'error' => $r['error'],
  527.       'curlinfo' => $r['curlinfo']
  528.     )));
  529.   }
  530. });
  531. 

  532. $app->post('/micropub/postjson', function() use($app) {
  533.   if($user=require_login($app)) {
  534.     $params = $app->request()->params();
  535. 

  536.     $r = micropub_post_for_user($user, json_decode($params['data'], true), null, true);
  537. 

  538.     $app->response()->body(json_encode(array(
  539.       'location' => $r['location'],
  540.       'error' => $r['error'],
  541.       'response' => $r['response']
  542.     )));
  543.   }
  544. });
  545. 

  546. /*
  547. $app->post('/auth/facebook', function() use($app) {
  548.   if($user=require_login($app, false)) {
  549.     $params = $app->request()->params();
  550.     // User just auth'd with facebook, store the access token

  551.     $user->facebook_access_token = $params['fb_token'];
  552.     $user->save();
  553. 

  554.     $app->response()->body(json_encode(array(
  555.       'result' => 'ok'
  556.     )));
  557.   } else {
  558.     $app->response()->body(json_encode(array(
  559.       'result' => 'error'
  560.     )));
  561.   }
  562. });
  563. */
  564. 

  565. $app->post('/auth/twitter', function() use($app) {
  566.   if($user=require_login($app, false)) {
  567.     $params = $app->request()->params();
  568.     // User just auth'd with twitter, store the access token

  569.     $user->twitter_access_token = $params['twitter_token'];
  570.     $user->twitter_token_secret = $params['twitter_secret'];
  571.     $user->save();
  572. 

  573.     $app->response()->body(json_encode(array(
  574.       'result' => 'ok'
  575.     )));
  576.   } else {
  577.     $app->response()->body(json_encode(array(
  578.       'result' => 'error'
  579.     )));
  580.   }
  581. });
  582. 

  583. function getTwitterLoginURL(&$twitter) {
  584.   $request_token = $twitter->getRequestToken(Config::$base_url . 'auth/twitter/callback');
  585.   $_SESSION['twitter_auth'] = $request_token;
  586.   return $twitter->getAuthorizeURL($request_token['oauth_token']);
  587. }
  588. 

  589. $app->get('/auth/twitter', function() use($app) {
  590.   $params = $app->request()->params();
  591.   if($user=require_login($app, false)) {
  592. 

  593.     // If there is an existing Twitter token, check if it is valid

  594.     // Otherwise, generate a Twitter login link

  595.     $twitter_login_url = false;
  596.     $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret,
  597.       $user->twitter_access_token, $user->twitter_token_secret);
  598. 

  599.     if(array_key_exists('login', $params)) {
  600.       $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret);
  601.       $twitter_login_url = getTwitterLoginURL($twitter);
  602.     } else {
  603.       if($user->twitter_access_token) {
  604.         if ($twitter->get('account/verify_credentials')) {
  605.           $app->response()->body(json_encode(array(
  606.             'result' => 'ok'
  607.           )));
  608.           return;
  609.         } else {
  610.           // If the existing twitter token is not valid, generate a login link

  611.           $twitter_login_url = getTwitterLoginURL($twitter);
  612.         }
  613.       } else {
  614.         $twitter_login_url = getTwitterLoginURL($twitter);
  615.       }
  616.     }
  617. 

  618.     $app->response()->body(json_encode(array(
  619.       'url' => $twitter_login_url
  620.     )));
  621. 

  622.   } else {
  623.     $app->response()->body(json_encode(array(
  624.       'result' => 'error'
  625.     )));
  626.   }
  627. });
  628. 

  629. $app->get('/auth/twitter/callback', function() use($app) {
  630.   if($user=require_login($app)) {
  631.     $params = $app->request()->params();
  632. 

  633.     $twitter = new \TwitterOAuth\Api(Config::$twitterClientID, Config::$twitterClientSecret,
  634.       $_SESSION['twitter_auth']['oauth_token'], $_SESSION['twitter_auth']['oauth_token_secret']);
  635.     $credentials = $twitter->getAccessToken($params['oauth_verifier']);
  636. 

  637.     $user->twitter_access_token = $credentials['oauth_token'];
  638.     $user->twitter_token_secret = $credentials['oauth_token_secret'];
  639.     $user->twitter_username = $credentials['screen_name'];
  640.     $user->save();
  641. 

  642.     $app->redirect('/settings');
  643.   }
  644. });
  645. 

  646. $app->get('/auth/instagram', function() use($app) {
  647.   if($user=require_login($app, false)) {
  648. 

  649.     $instagram = instagram_client();
  650. 

  651.     // If there is an existing Instagram auth token, check if it's valid

  652.     if($user->instagram_access_token) {
  653.       $instagram->setAccessToken($user->instagram_access_token);
  654.       $igUser = $instagram->getUser();
  655. 

  656.       if($igUser && $igUser->meta->code == 200) {
  657.         $app->response()->body(json_encode(array(
  658.           'result' => 'ok',
  659.           'username' => $igUser->data->username,
  660.           'url' => $instagram->getLoginUrl(array('basic','likes'))
  661.         )));
  662.         return;
  663.       }
  664.     }
  665. 

  666.     $app->response()->body(json_encode(array(
  667.       'result' => 'error',
  668.       'url' => $instagram->getLoginUrl(array('basic','likes'))
  669.     )));
  670.   }
  671. });
  672. 

  673. $app->get('/auth/instagram/callback', function() use($app) {
  674.   if($user=require_login($app)) {
  675.     $params = $app->request()->params();
  676. 

  677.     $instagram = instagram_client();
  678.     $data = $instagram->getOAuthToken($params['code']);
  679.     $user->instagram_access_token = $data->access_token;
  680.     $user->save();
  681. 

  682.     $app->redirect('/settings');
  683.   }
  684. });