p3k
/
Quill
mirror of https://github.com/aaronpk/Quill.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
209 Commits
3 Branches
27 MiB
Tree: ce57124359
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ce57124359'
${ noResults }
Quill/controllers/controllers.php

703 lines
20 KiB
Raw Normal View History

Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
11 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
11 years ago
lock to JWT 2.* version
10 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
11 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
11 years ago
replace redirects with http 302
8 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
11 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
11 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
11 years ago
replace redirects with http 302
8 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
11 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
11 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
11 years ago
replace redirects with http 302
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
8 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
11 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
8 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
11 years ago
add dashboard with links to all post types
9 years ago
add tags, slug and status field to quill editor
8 years ago
add dashboard with links to all post types
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
add reply={url} query param for posting a note Support reply bookmarklets, and hopefully the Firefox Social API "Share" provider too.
10 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
add reply={url} query param for posting a note Support reply bookmarklets, and hopefully the Firefox Social API "Share" provider too.
10 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
add tags, slug and status field to quill editor
8 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
add reply={url} query param for posting a note Support reply bookmarklets, and hopefully the Firefox Social API "Share" provider too.
10 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
support media endpoint, autosave notes in local storage * looks for a media endpoint in the micropub config * if media endpoint is available, both the note interface and the editor will upload files to it instead of posting the photo directly * the note interface autosaves in-progress notes in localstorage
9 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
Adds support for querying your micropub endpoint to check for syndication targets. This changes the value of "in-reply-to" to use hyphens instead of underscore separators!! Also shows you the full request made to your micropub endpoint.
11 years ago
remember if the user checks the "location" checkbox and always find their location in the future if so
11 years ago
Added authorizing false so it would not show the Savant3:: error
10 years ago
add tweet text length countdown on note interface
9 years ago
Added authorizing false so it would not show the Savant3:: error
10 years ago
Working app! Copied signin logic from OwnYourGram. New "post" interface for writing a simple text post. Also supports browser geolocation.
11 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
11 years ago
add tags, slug and status field to quill editor
8 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
11 years ago
Added authorizing false so it would not show the Savant3:: error
10 years ago
use `mp-syndicate-to` by default, add setting * adds setting to choose the property to use for the syndication targets * all existing users default to the old value `syndicate-to` * new users default to `mp-syndicate-to` closes #66
8 years ago
Added authorizing false so it would not show the Savant3:: error
10 years ago
adds bookmark posting interface with bookmarklet. now any URL can auto-login given a login token.
11 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
11 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
11 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
11 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
8 years ago
limit autosubmit tokens to the same user
8 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
8 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
add tags, slug and status field to quill editor
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
11 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
fix autosubmit vulnerability for "favorite" bookmarklet closes #69
8 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
11 years ago
crude UI for creating events
9 years ago
add tags, slug and status field to quill editor
8 years ago
crude UI for creating events
9 years ago
add interface for posting travel itinerary
9 years ago
add tags, slug and status field to quill editor
8 years ago
add interface for posting travel itinerary
9 years ago
Adds possibility to post photos. With this it is possible to post a photo note with a description, nothing more. It doesn't move the file in the file system, just posts it from the temp location to the users server. It also does validate for file size, content type and max upload size and shows the errors to the user. If everything goes according to plan the response from the users server is shown, together with a link with the posted photos URL.
10 years ago
add tags, slug and status field to quill editor
8 years ago
Adds possibility to post photos. With this it is possible to post a photo note with a description, nothing more. It doesn't move the file in the file system, just posts it from the temp location to the users server. It also does validate for file size, content type and max upload size and shows the errors to the user. If everything goes according to plan the response from the users server is shown, together with a link with the posted photos URL.
10 years ago
add h-review interface
9 years ago
add tags, slug and status field to quill editor
8 years ago
add h-review interface
9 years ago
add repost form
10 years ago
support editing reposts
8 years ago
add repost form
10 years ago
support editing reposts
8 years ago
also support finding the repost URL from an h-cite
8 years ago
support editing reposts
8 years ago
add repost form
10 years ago
add tags, slug and status field to quill editor
8 years ago
add repost form
10 years ago
support editing reposts
8 years ago
Added authorizing false so it would not show the Savant3:: error
10 years ago
support editing reposts
8 years ago
add repost form
10 years ago
remember if the user checks the "location" checkbox and always find their location in the future if so
11 years ago
send proper content type headers
9 years ago
remember if the user checks the "location" checkbox and always find their location in the future if so
11 years ago
store the user's timezone after their location is found
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
11 years ago
lock to JWT 2.* version
10 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
11 years ago
lock to JWT 2.* version
10 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
11 years ago
lock to JWT 2.* version
10 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
11 years ago
replace redirects with http 302
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
11 years ago
replace redirects with http 302
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
11 years ago
replace redirects with http 302
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
11 years ago
add interface for posting travel itinerary
9 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
11 years ago
replace redirects with http 302
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
11 years ago
add tags, slug and status field to quill editor
8 years ago
removes top nav bar from design. new logo. adds a mechanism to add the post interface to your home screen.
11 years ago
add post-by-email support to quill
10 years ago
add tags, slug and status field to quill editor
8 years ago
add post-by-email support to quill
10 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
11 years ago
add tags, slug and status field to quill editor
8 years ago
remove facebook/instagram stuff
8 years ago
add tags, slug and status field to quill editor
8 years ago
allow only mp-syndicate-to and syndicate-to
8 years ago
use `mp-syndicate-to` by default, add setting * adds setting to choose the property to use for the syndication targets * all existing users default to the old value `syndicate-to` * new users default to `mp-syndicate-to` closes #66
8 years ago
add tags, slug and status field to quill editor
8 years ago
Support for "likes" and adding "settings" page * Supports a bookmarklet to create "like" posts. * Beginning a "settings" page to connect silo profiles for POSSEing likes to twitter, facebook and instagram
11 years ago
add banner to opt in to html content change
10 years ago
send proper content type headers
9 years ago
add banner to opt in to html content change
10 years ago
send proper content type headers
9 years ago
add banner to opt in to html content change
10 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
11 years ago
remove facebook/instagram stuff
8 years ago
add repost form
10 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
11 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
new "favorite" form with bookmarklet * disable facebook liking for now since it was getting complicated * new page for creating a favorite, can pass in a URL parameter too * bookmarklet code added to the "favorite" page
11 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
quill should send an array when editing
8 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
add repost form
10 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
add repost form
10 years ago
support editing reposts
8 years ago
actually post likes from the form
11 years ago
show error messages when editing favorites
8 years ago
fixy
8 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
show error messages when editing favorites
8 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
show error messages when editing favorites
8 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
actually post likes from the form
11 years ago
send proper content type headers
9 years ago
actually post likes from the form
11 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
show error messages when editing favorites
8 years ago
actually post likes from the form
11 years ago
add repost form
10 years ago
support editing reposts
8 years ago
add repost form
10 years ago
send proper content type headers
9 years ago
add repost form
10 years ago
support editing reposts
8 years ago
add repost form
10 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
reset reply context state when URL is removed
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
use XRay to parse tweets
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
use XRay to parse tweets
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
use XRay to parse tweets
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
fix check for author info
8 years ago
clean up mentions list
8 years ago
fix check for author info
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
clean up mentions list
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
clean up mentions list
8 years ago
clean up note UI, show reply context * shows reply context of the URL you're replying to * autocomplete nicknames from the post when replying * moved debug info to the settings screen to clean up the UI
8 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
support editing reposts
8 years ago
basic editing support * new route `/edit?url=` intended to be used as an edit button target, which detects the type of post and redirects to the appropriate editing interface * implemented the edit interface for favorites
8 years ago
 
  1. <?php
  2. use Abraham\TwitterOAuth\TwitterOAuth;
  3. 

  4. function require_login(&$app, $redirect=true) {
  5.   $params = $app->request()->params();
  6.   if(array_key_exists('token', $params)) {
  7.     try {
  8.       $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
  9.       $_SESSION['user_id'] = $data->user_id;
  10.       $_SESSION['me'] = $data->me;
  11.     } catch(DomainException $e) {
  12.       if($redirect) {
  13.         header('X-Error: DomainException');
  14.         $app->redirect('/', 302);
  15.       } else {
  16.         return false;
  17.       }
  18.     } catch(UnexpectedValueException $e) {
  19.       if($redirect) {
  20.         header('X-Error: UnexpectedValueException');
  21.         $app->redirect('/', 302);
  22.       } else {
  23.         return false;
  24.       }
  25.     }
  26.   }
  27. 

  28.   if(!array_key_exists('user_id', $_SESSION)) {
  29.     if($redirect)
  30.       $app->redirect('/', 302);
  31.     return false;
  32.   } else {
  33.     return ORM::for_table('users')->find_one($_SESSION['user_id']);
  34.   }
  35. }
  36. 

  37. function generate_login_token($opts=[]) {
  38.   return JWT::encode(array_merge([
  39.     'user_id' => $_SESSION['user_id'],
  40.     'me' => $_SESSION['me'],
  41.     'created_at' => time()
  42.   ], $opts), Config::$jwtSecret);
  43. }
  44. 

  45. $app->get('/dashboard', function() use($app) {
  46.   if($user=require_login($app)) {
  47.     render('dashboard', array(
  48.       'title' => 'Dashboard',
  49.       'authorizing' => false
  50.     ));
  51.   }
  52. });
  53. 

  54. $app->get('/new', function() use($app) {
  55.   if($user=require_login($app)) {
  56.     $params = $app->request()->params();
  57. 

  58.     $entry = false;
  59.     $in_reply_to = '';
  60. 

  61.     if(array_key_exists('reply', $params))
  62.        $in_reply_to = $params['reply'];
  63. 

  64.     $test_response = '';
  65.     if($user->last_micropub_response) {
  66.       try {
  67.         if(@json_decode($user->last_micropub_response)) {
  68.           $d = json_decode($user->last_micropub_response);
  69.           $test_response = $d->response;
  70.         }
  71.       } catch(Exception $e) {
  72.       }
  73.     }
  74. 

  75.     render('new-post', array(
  76.       'title' => 'New Post',
  77.       'in_reply_to' => $in_reply_to,
  78.       'micropub_endpoint' => $user->micropub_endpoint,
  79.       'media_endpoint' => $user->micropub_media_endpoint,
  80.       'micropub_scope' => $user->micropub_scope,
  81.       'micropub_access_token' => $user->micropub_access_token,
  82.       'response_date' => $user->last_micropub_response_date,
  83.       'syndication_targets' => json_decode($user->syndication_targets, true),
  84.       'test_response' => $test_response,
  85.       'location_enabled' => $user->location_enabled,
  86.       'user' => $user,
  87.       'authorizing' => false
  88.     ));
  89.   }
  90. });
  91. 

  92. $app->get('/bookmark', function() use($app) {
  93.   if($user=require_login($app)) {
  94.     $params = $app->request()->params();
  95. 

  96.     $url = '';
  97.     $name = '';
  98.     $content = '';
  99.     $tags = '';
  100. 

  101.     if(array_key_exists('url', $params))
  102.       $url = $params['url'];
  103. 

  104.     if(array_key_exists('name', $params))
  105.       $name = $params['name'];
  106. 

  107.     if(array_key_exists('content', $params))
  108.       $content = $params['content'];
  109. 

  110.     render('new-bookmark', array(
  111.       'title' => 'New Bookmark',
  112.       'bookmark_url' => $url,
  113.       'bookmark_name' => $name,
  114.       'bookmark_content' => $content,
  115.       'bookmark_tags' => $tags,
  116.       'token' => generate_login_token(),
  117.       'syndication_targets' => json_decode($user->syndication_targets, true),
  118.       'user' => $user,
  119.       'authorizing' => false
  120.     ));
  121.   }
  122. });
  123. 

  124. $app->get('/favorite', function() use($app) {
  125.   if($user=require_login($app)) {
  126.     $params = $app->request()->params();
  127. 

  128.     $like_of = '';
  129. 

  130.     if(array_key_exists('url', $params))
  131.       $like_of = $params['url'];
  132. 

  133.     // Check if there was a login token in the query string and whether it has autosubmit=true

  134.     $autosubmit = false;
  135. 

  136.     if(array_key_exists('token', $params)) {
  137.       try {
  138.         $data = JWT::decode($params['token'], Config::$jwtSecret, ['HS256']);
  139.         if(isset($data->autosubmit) && $data->autosubmit) {
  140.           // Only allow this token to be used for the user who created it

  141.           if($data->user_id == $_SESSION['user_id']) {
  142.             $autosubmit = true;
  143.           }
  144.         }
  145.       } catch(Exception $e) {
  146.       }
  147.     }
  148. 

  149.     if(array_key_exists('edit', $params)) {
  150.       $edit_data = get_micropub_source($user, $params['edit'], 'like-of');
  151.       $url = $params['edit'];
  152.       if(isset($edit_data['like-of'])) {
  153.         $like_of = $edit_data['like-of'][0];
  154.       }
  155.     } else {
  156.       $edit_data = false;
  157.       $url = false;
  158.     }
  159. 

  160.     render('new-favorite', array(
  161.       'title' => 'New Favorite',
  162.       'like_of' => $like_of,
  163.       'token' => generate_login_token(['autosubmit'=>true]),
  164.       'authorizing' => false,
  165.       'autosubmit' => $autosubmit,
  166.       'url' => $url
  167.     ));
  168.   }
  169. });
  170. 

  171. $app->get('/event', function() use($app) {
  172.   if($user=require_login($app)) {
  173.     $params = $app->request()->params();
  174. 

  175.     render('event', array(
  176.       'title' => 'Event',
  177.       'authorizing' => false
  178.     ));
  179.   }
  180. });
  181. 

  182. $app->get('/itinerary', function() use($app) {
  183.   if($user=require_login($app)) {
  184.     $params = $app->request()->params();
  185. 

  186.     render('new-itinerary', array(
  187.       'title' => 'Itinerary',
  188.       'authorizing' => false
  189.     ));
  190.   }
  191. });
  192. 

  193. $app->get('/photo', function() use($app) {
  194.   if($user=require_login($app)) {
  195.     $params = $app->request()->params();
  196. 

  197.     render('photo', array(
  198.       'title' => 'New Photo',
  199.       'note_content' => '',
  200.       'authorizing' => false
  201.     ));
  202.   }
  203. });
  204. 

  205. $app->get('/review', function() use($app) {
  206.   if($user=require_login($app)) {
  207.     $params = $app->request()->params();
  208. 

  209.     render('review', array(
  210.       'title' => 'Review',
  211.       'authorizing' => false
  212.     ));
  213.   }
  214. });
  215. 

  216. $app->get('/repost', function() use($app) {
  217.   if($user=require_login($app)) {
  218.     $params = $app->request()->params();
  219. 

  220.     $repost_of = '';
  221. 

  222.     if(array_key_exists('url', $params))
  223.       $repost_of = $params['url'];
  224. 

  225.     if(array_key_exists('edit', $params)) {
  226.       $edit_data = get_micropub_source($user, $params['edit'], 'repost-of');
  227.       $url = $params['edit'];
  228.       if(isset($edit_data['repost-of'])) {
  229.         $repost = $edit_data['repost-of'][0];
  230.             print_r($edit_data);
  231.         if(is_string($edit_data['repost-of'][0])) {
  232.           $repost_of = $repost;
  233.         } elseif(is_array($repost)) {
  234.           if(array_key_exists('type', $repost) && in_array('h-cite', $repost)) {
  235.             if(array_key_exists('url', $repost['properties'])) {
  236.               $repost_of = $repost['properties']['url'][0];
  237.             }
  238.           } else {
  239.             // Error

  240.           }
  241.         } else {
  242.           // Error: don't know what type of post this is

  243.         }
  244.       }
  245.     } else {
  246.       $edit_data = false;
  247.       $url = false;
  248.     }
  249. 

  250.     render('new-repost', array(
  251.       'title' => 'New Repost',
  252.       'repost_of' => $repost_of,
  253.       'token' => generate_login_token(),
  254.       'authorizing' => false,
  255.       'url' => $url,
  256.     ));
  257.   }
  258. });
  259. 

  260. $app->post('/prefs', function() use($app) {
  261.   if($user=require_login($app)) {
  262.     $params = $app->request()->params();
  263.     $user->location_enabled = $params['enabled'];
  264.     $user->save();
  265.   }
  266.   $app->response()['Content-type'] = 'application/json';
  267.   $app->response()->body(json_encode(array(
  268.     'result' => 'ok'
  269.   )));
  270. });
  271. 

  272. $app->post('/prefs/timezone', function() use($app) {
  273.   // Called when the interface finds the user's location.

  274.   // Look up the timezone for this location and store it as their default.

  275.   $timezone = false;
  276.   if($user=require_login($app)) {
  277.     $params = $app->request()->params();
  278.     $timezone = p3k\Timezone::timezone_for_location($params['latitude'], $params['longitude']);
  279.     if($timezone) {
  280.       $user->default_timezone = $timezone;
  281.       $user->save();
  282.     }
  283.   }
  284.   $app->response()['Content-type'] = 'application/json';
  285.   $app->response()->body(json_encode(array(
  286.     'result' => 'ok',
  287.     'timezone' => $timezone,
  288.   )));
  289. });
  290. 

  291. $app->get('/add-to-home', function() use($app) {
  292.   $params = $app->request()->params();
  293.   header("Cache-Control: no-cache, must-revalidate");
  294. 

  295.   if(array_key_exists('token', $params) && !session('add-to-home-started')) {
  296.     unset($_SESSION['add-to-home-started']);
  297. 

  298.     // Verify the token and sign the user in

  299.     try {
  300.       $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
  301.       $_SESSION['user_id'] = $data->user_id;
  302.       $_SESSION['me'] = $data->me;
  303.       $app->redirect('/new', 302);
  304.     } catch(DomainException $e) {
  305.       header('X-Error: DomainException');
  306.       $app->redirect('/', 302);
  307.     } catch(UnexpectedValueException $e) {
  308.       header('X-Error: UnexpectedValueException');
  309.       $app->redirect('/', 302);
  310.     }
  311. 

  312.   } else {
  313. 

  314.     if($user=require_login($app)) {
  315.       if(array_key_exists('start', $params)) {
  316.         $_SESSION['add-to-home-started'] = true;
  317. 

  318.         $token = JWT::encode(array(
  319.           'user_id' => $_SESSION['user_id'],
  320.           'me' => $_SESSION['me'],
  321.           'created_at' => time()
  322.         ), Config::$jwtSecret);
  323. 

  324.         $app->redirect('/add-to-home?token='.$token, 302);
  325.       } else {
  326.         unset($_SESSION['add-to-home-started']);
  327.         render('add-to-home', array('title' => 'Quill'));
  328.       }
  329.     }
  330.   }
  331. });
  332. 

  333. $app->get('/email', function() use($app) {
  334.   if($user=require_login($app)) {
  335. 

  336.     $test_response = '';
  337.     if($user->last_micropub_response) {
  338.       try {
  339.         if(@json_decode($user->last_micropub_response)) {
  340.           $d = json_decode($user->last_micropub_response);
  341.           $test_response = $d->response;
  342.         }
  343.       } catch(Exception $e) {
  344.       }
  345.     }
  346. 

  347.     if(!$user->email_username) {
  348.       $host = parse_url($user->url, PHP_URL_HOST);
  349.       $user->email_username = $host . '.' . rand(100000,999999);
  350.       $user->save();
  351.     }
  352. 

  353.     render('email', array(
  354.       'title' => 'Post-by-Email',
  355.       'micropub_endpoint' => $user->micropub_endpoint,
  356.       'test_response' => $test_response,
  357.       'user' => $user
  358.     ));
  359.   }
  360. });
  361. 

  362. $app->get('/settings', function() use($app) {
  363.   if($user=require_login($app)) {
  364.     render('settings', [
  365.       'title' => 'Settings',
  366.       'user' => $user,
  367.       'authorizing' => false
  368.     ]);
  369.   }
  370. });
  371. 

  372. $app->post('/settings/save', function() use($app) {
  373.   if($user=require_login($app)) {
  374.     $params = $app->request()->params();
  375. 

  376.     if(array_key_exists('html_content', $params))
  377.       $user->micropub_optin_html_content = $params['html_content'] ? 1 : 0;
  378. 

  379.     if(array_key_exists('slug_field', $params) && $params['slug_field'])
  380.       $user->micropub_slug_field = $params['slug_field'];
  381. 

  382.     if(array_key_exists('syndicate_field', $params) && $params['syndicate_field']) {
  383.       if(in_array($params['syndicate_field'], ['syndicate-to','mp-syndicate-to']))
  384.         $user->micropub_syndicate_field = $params['syndicate_field'];
  385.     }
  386. 

  387.     $user->save();
  388.     $app->response()['Content-type'] = 'application/json';
  389.     $app->response()->body(json_encode(array(
  390.       'result' => 'ok'
  391.     )));
  392.   }
  393. });
  394. 

  395. $app->post('/settings/html-content', function() use($app) {
  396.   if($user=require_login($app)) {
  397.     $params = $app->request()->params();
  398.     $user->micropub_optin_html_content = $params['html'] ? 1 : 0;
  399.     $user->save();
  400.     $app->response()['Content-type'] = 'application/json';
  401.     $app->response()->body(json_encode(array(
  402.       'html' => $user->micropub_optin_html_content
  403.     )));
  404.   }
  405. });
  406. $app->get('/settings/html-content', function() use($app) {
  407.   if($user=require_login($app)) {
  408.     $app->response()['Content-type'] = 'application/json';
  409.     $app->response()->body(json_encode(array(
  410.       'html' => $user->micropub_optin_html_content
  411.     )));
  412.   }
  413. });
  414. 

  415. function create_favorite(&$user, $url) {
  416.   $micropub_request = array(
  417.     'like-of' => $url
  418.   );
  419.   $r = micropub_post_for_user($user, $micropub_request);
  420. 

  421.   $tweet_id = false;
  422. 

  423.   // POSSE favorites to Twitter

  424.   if($user->twitter_access_token && preg_match('/https?:\/\/(?:www\.)?twitter\.com\/[^\/]+\/status(?:es)?\/(\d+)/', $url, $match)) {
  425.     $tweet_id = $match[1];
  426.     $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret,
  427.       $user->twitter_access_token, $user->twitter_token_secret);
  428.     $result = $twitter->post('favorites/create', array(
  429.       'id' => $tweet_id
  430.     ));
  431.   }
  432. 

  433.   return $r;
  434. }
  435. 

  436. function edit_favorite(&$user, $post_url, $like_of) {
  437.   $micropub_request = [
  438.     'action' => 'update',
  439.     'url' => $post_url,
  440.     'replace' => [
  441.       'like-of' => [$like_of]
  442.     ]
  443.   ];
  444.   $r = micropub_post_for_user($user, $micropub_request, null, true);
  445.   return $r;
  446. }
  447. 

  448. function create_repost(&$user, $url) {
  449.   $micropub_request = array(
  450.     'repost-of' => $url
  451.   );
  452.   $r = micropub_post_for_user($user, $micropub_request);
  453. 

  454.   $tweet_id = false;
  455. 

  456.   if($user->twitter_access_token && preg_match('/https?:\/\/(?:www\.)?twitter\.com\/[^\/]+\/status(?:es)?\/(\d+)/', $url, $match)) {
  457.     $tweet_id = $match[1];
  458.     $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret,
  459.       $user->twitter_access_token, $user->twitter_token_secret);
  460.     $result = $twitter->post('statuses/retweet/'.$tweet_id);
  461.   }
  462. 

  463.   return $r;
  464. }
  465. 

  466. function edit_repost(&$user, $post_url, $repost_of) {
  467.   $micropub_request = [
  468.     'action' => 'update',
  469.     'url' => $post_url,
  470.     'replace' => [
  471.       'repost-of' => [$repost_of]
  472.     ]
  473.   ];
  474.   $r = micropub_post_for_user($user, $micropub_request, null, true);
  475.   return $r;
  476. }
  477. 

  478. $app->post('/favorite', function() use($app) {
  479.   if($user=require_login($app)) {
  480.     $params = $app->request()->params();
  481. 

  482.     $error = false;
  483. 

  484.     if(isset($params['edit']) && $params['edit']) {
  485.       $r = edit_favorite($user, $params['edit'], $params['like_of']);
  486.       if(isset($r['location']) && $r['location'])
  487.         $location = $r['location'];
  488.       elseif(in_array($r['code'], [200,201,204]))
  489.         $location = $params['edit'];
  490.       elseif(in_array($r['code'], [401,403])) {
  491.         $location = false;
  492.         $error = 'Your Micropub endpoint denied the request. Check that Quill is authorized to update posts.';
  493.       } else {
  494.         $location = false;
  495.         $error = 'Your Micropub endpoint did not return a location header or a recognized response code';
  496.       }
  497.     } else {
  498.       $r = create_favorite($user, $params['like_of']);
  499.       $location = $r['location'];
  500.     }
  501. 

  502.     $app->response()['Content-type'] = 'application/json';
  503.     $app->response()->body(json_encode(array(
  504.       'location' => $location,
  505.       'error' => $r['error'],
  506.       'error_details' => $error,
  507.     )));
  508.   }
  509. });
  510. 

  511. $app->post('/repost', function() use($app) {
  512.   if($user=require_login($app)) {
  513.     $params = $app->request()->params();
  514. 

  515.     $error = false;
  516. 

  517.     if(isset($params['edit']) && $params['edit']) {
  518.       $r = edit_repost($user, $params['edit'], $params['repost_of']);
  519.       if(isset($r['location']) && $r['location'])
  520.         $location = $r['location'];
  521.       elseif(in_array($r['code'], [200,201,204]))
  522.         $location = $params['edit'];
  523.       elseif(in_array($r['code'], [401,403])) {
  524.         $location = false;
  525.         $error = 'Your Micropub endpoint denied the request. Check that Quill is authorized to update posts.';
  526.       } else {
  527.         $location = false;
  528.         $error = 'Your Micropub endpoint did not return a location header or a recognized response code';
  529.       }
  530.     } else {
  531.       $r = create_repost($user, $params['repost_of']);
  532.       $location = $r['location'];
  533.     }
  534. 

  535.     $app->response()['Content-type'] = 'application/json';
  536.     $app->response()->body(json_encode(array(
  537.       'location' => $location,
  538.       'error' => $r['error'],
  539.       'error_details' => $error,
  540.     )));
  541.   }
  542. });
  543. 

  544. $app->get('/reply/preview', function() use($app) {
  545.   if($user=require_login($app)) {
  546.     $params = $app->request()->params();
  547. 

  548.     if(!isset($params['url']) || !$params['url']) {
  549.       return '';
  550.     }
  551. 

  552.     $reply_url = trim($params['url']);
  553. 

  554.     if(preg_match('/twtr\.io\/([0-9a-z]+)/i', $reply_url, $match)) {
  555.       $twtr = 'https://twitter.com/_/status/' . sxg_to_num($match[1]);
  556.       $ch = curl_init($twtr);
  557.       curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  558.       curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  559.       curl_exec($ch);
  560.       $expanded_url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
  561.       if($expanded_url) $reply_url = $expanded_url;
  562.     }
  563. 

  564.     $entry = false;
  565. 

  566.     $xray = [
  567.       'url' => $reply_url
  568.     ];
  569. 

  570.     if(preg_match('/twitter\.com\/(?:[^\/]+)\/statuse?s?\/(.+)/', $reply_url, $match)) {
  571.       if($user->twitter_access_token) {
  572.         $xray['twitter_api_key'] = Config::$twitterClientID;
  573.         $xray['twitter_api_secret'] = Config::$twitterClientSecret;
  574.         $xray['twitter_access_token'] = $user->twitter_access_token;
  575.         $xray['twitter_access_token_secret'] = $user->twitter_token_secret;
  576.       }
  577.     }
  578. 

  579.     // Pass to X-Ray to see if it can expand the entry

  580.     $ch = curl_init('https://xray.p3k.io/parse');
  581.     curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  582.     curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($xray));
  583.     $response = curl_exec($ch);
  584.     $data = @json_decode($response, true);
  585.     if($data && isset($data['data']) && $data['data']['type'] == 'entry') {
  586.       $entry = $data['data'];
  587.       // Create a nickname based on the author URL

  588.       if(array_key_exists('author', $entry)) {
  589.         if($entry['author']['url']) {
  590.           if(!isset($entry['author']['nickname']) || !$entry['author']['nickname'])
  591.             $entry['author']['nickname'] = display_url($entry['author']['url']);
  592.         }
  593.       }
  594.     }
  595. 

  596.     $mentions = [];
  597.     if($entry) {
  598.       if(array_key_exists('author', $entry)) {
  599.         // Find all @-names in the post, as well as the author name

  600.         $mentions[] = strtolower($entry['author']['nickname']);
  601.       }
  602. 

  603.       if(preg_match_all('/(^|(?<=[\s\/]))@([a-z0-9_]+([a-z0-9_\.]*)?)/i', $entry['content']['text'], $matches)) {
  604.         foreach($matches[0] as $nick) {
  605.           if(trim($nick,'@') != $user->twitter_username && trim($nick,'@') != display_url($user->url))
  606.             $mentions[] = strtolower(trim($nick,'@'));
  607.         }
  608.       }
  609. 

  610.       $mentions = array_values(array_unique($mentions));
  611. 

  612.     }    
  613. 

  614.     $app->response()['Content-type'] = 'application/json';
  615.     $app->response()->body(json_encode([
  616.       'canonical_reply_url' => $reply_url,
  617.       'entry' => $entry,
  618.       'mentions' => $mentions
  619.     ]));
  620.   }
  621. });
  622. 

  623. $app->get('/edit', function() use($app) {
  624.   if($user=require_login($app)) {
  625.     $params = $app->request()->params();
  626. 

  627.     if(!isset($params['url']) || !$params['url']) {
  628.       $app->response()->body('no URL specified');
  629.     }
  630. 

  631.     // Query the micropub endpoint for the source properties

  632.     $source = micropub_get($user->micropub_endpoint, [
  633.         'q' => 'source',
  634.         'url' => $params['url']
  635.       ], $user->micropub_access_token);
  636. 

  637.     $data = $source['data'];
  638. 

  639.     if(array_key_exists('error', $data)) {
  640.       render('edit/error', [
  641.         'title' => 'Error',
  642.         'summary' => 'Your Micropub endpoint returned an error:',
  643.         'error' => $data['error'],
  644.         'error_description' => $data['error_description']
  645.       ]);
  646.       return;
  647.     }
  648. 

  649.     if(!array_key_exists('properties', $data) || !array_key_exists('type', $data)) {
  650.       render('edit/error', [
  651.         'title' => 'Error',
  652.         'summary' => '',
  653.         'error' => 'Invalid Response',
  654.         'error_description' => 'Your endpoint did not return "properties" and "type" in the response.'
  655.       ]);
  656.       return;
  657.     }
  658. 

  659.     // Start checking for content types

  660.     $type = $data['type'][0];
  661.     $error = false;
  662.     $url = false;
  663. 

  664.     if($type == 'h-review') {
  665.       $url = '/review';
  666.     } elseif($type == 'h-event') {
  667.       $url = '/event';
  668.     } elseif($type != 'h-entry') {
  669.       $error = 'This type of post is not supported by any of Quill\'s editing interfaces. Type: '.$type;
  670.     } else {
  671.       if(array_key_exists('bookmark-of', $data['properties'])) {
  672.         $url = '/bookmark';
  673.       } elseif(array_key_exists('like-of', $data['properties'])) {
  674.         $url = '/favorite';
  675.       } elseif(array_key_exists('repost-of', $data['properties'])) {
  676.         $url = '/repost';
  677.       }
  678.     }
  679. 

  680.     if($error) {
  681.       render('edit/error', [
  682.         'title' => 'Error',
  683.         'summary' => '',
  684.         'error' => 'There was a problem!',
  685.         'error_description' => $error
  686.       ]);
  687.       return;      
  688.     }
  689. 

  690.     // Until all interfaces are complete, show an error here for unsupported ones

  691.     if(!in_array($url, ['/favorite','/repost'])) {
  692.       render('edit/error', [
  693.         'title' => 'Not Yet Supported',
  694.         'summary' => '',
  695.         'error' => 'Not Yet Supported',
  696.         'error_description' => 'Editing is not yet supported for this type of post.'
  697.       ]);
  698.       return;      
  699.     }
  700. 

  701.     $app->redirect($url . '?edit=' . $params['url'], 302);
  702.   }
  703. });