You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

831 lines
24 KiB

9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
7 years ago
9 years ago
9 years ago
9 years ago
9 years ago
  1. <?php
  2. use Abraham\TwitterOAuth\TwitterOAuth;
  3. use IndieWeb\DateFormatter;
  4. function require_login(&$app, $redirect=true) {
  5. $params = $app->request()->params();
  6. if(array_key_exists('token', $params)) {
  7. try {
  8. $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
  9. $_SESSION['user_id'] = $data->user_id;
  10. $_SESSION['me'] = $data->me;
  11. } catch(DomainException $e) {
  12. if($redirect) {
  13. header('X-Error: DomainException');
  14. $app->redirect('/', 302);
  15. } else {
  16. return false;
  17. }
  18. } catch(UnexpectedValueException $e) {
  19. if($redirect) {
  20. header('X-Error: UnexpectedValueException');
  21. $app->redirect('/', 302);
  22. } else {
  23. return false;
  24. }
  25. }
  26. }
  27. if(!array_key_exists('user_id', $_SESSION)) {
  28. if($redirect)
  29. $app->redirect('/', 302);
  30. return false;
  31. } else {
  32. return ORM::for_table('users')->find_one($_SESSION['user_id']);
  33. }
  34. }
  35. function generate_login_token($opts=[]) {
  36. return JWT::encode(array_merge([
  37. 'user_id' => $_SESSION['user_id'],
  38. 'me' => $_SESSION['me'],
  39. 'created_at' => time()
  40. ], $opts), Config::$jwtSecret);
  41. }
  42. $app->get('/dashboard', function() use($app) {
  43. if($user=require_login($app)) {
  44. render('dashboard', array(
  45. 'title' => 'Dashboard',
  46. 'authorizing' => false
  47. ));
  48. }
  49. });
  50. $app->get('/new', function() use($app) {
  51. if($user=require_login($app)) {
  52. $params = $app->request()->params();
  53. $entry = false;
  54. $in_reply_to = '';
  55. if(array_key_exists('reply', $params))
  56. $in_reply_to = $params['reply'];
  57. $test_response = '';
  58. if($user->last_micropub_response) {
  59. try {
  60. if(@json_decode($user->last_micropub_response)) {
  61. $d = json_decode($user->last_micropub_response);
  62. $test_response = $d->response;
  63. }
  64. } catch(Exception $e) {
  65. }
  66. }
  67. render('new-post', array(
  68. 'title' => 'New Post',
  69. 'in_reply_to' => $in_reply_to,
  70. 'micropub_endpoint' => $user->micropub_endpoint,
  71. 'media_endpoint' => $user->micropub_media_endpoint,
  72. 'micropub_scope' => $user->micropub_scope,
  73. 'micropub_access_token' => $user->micropub_access_token,
  74. 'response_date' => $user->last_micropub_response_date,
  75. 'syndication_targets' => json_decode($user->syndication_targets, true),
  76. 'test_response' => $test_response,
  77. 'location_enabled' => $user->location_enabled,
  78. 'user' => $user,
  79. 'authorizing' => false
  80. ));
  81. }
  82. });
  83. $app->get('/bookmark', function() use($app) {
  84. if($user=require_login($app)) {
  85. $params = $app->request()->params();
  86. $url = '';
  87. $name = '';
  88. $content = '';
  89. $tags = '';
  90. if(array_key_exists('url', $params))
  91. $url = $params['url'];
  92. if(array_key_exists('name', $params))
  93. $name = $params['name'];
  94. if(array_key_exists('content', $params))
  95. $content = $params['content'];
  96. render('new-bookmark', array(
  97. 'title' => 'New Bookmark',
  98. 'bookmark_url' => $url,
  99. 'bookmark_name' => $name,
  100. 'bookmark_content' => $content,
  101. 'bookmark_tags' => $tags,
  102. 'token' => generate_login_token(),
  103. 'syndication_targets' => json_decode($user->syndication_targets, true),
  104. 'user' => $user,
  105. 'authorizing' => false
  106. ));
  107. }
  108. });
  109. $app->get('/favorite', function() use($app) {
  110. if($user=require_login($app)) {
  111. $params = $app->request()->params();
  112. $like_of = '';
  113. if(array_key_exists('url', $params))
  114. $like_of = $params['url'];
  115. // Check if there was a login token in the query string and whether it has autosubmit=true
  116. $autosubmit = false;
  117. if(array_key_exists('token', $params)) {
  118. try {
  119. $data = JWT::decode($params['token'], Config::$jwtSecret, ['HS256']);
  120. if(isset($data->autosubmit) && $data->autosubmit) {
  121. // Only allow this token to be used for the user who created it
  122. if($data->user_id == $_SESSION['user_id']) {
  123. $autosubmit = true;
  124. }
  125. }
  126. } catch(Exception $e) {
  127. }
  128. }
  129. if(array_key_exists('edit', $params)) {
  130. $edit_data = get_micropub_source($user, $params['edit'], 'like-of');
  131. $url = $params['edit'];
  132. if(isset($edit_data['like-of'])) {
  133. $like_of = $edit_data['like-of'][0];
  134. }
  135. } else {
  136. $edit_data = false;
  137. $url = false;
  138. }
  139. render('new-favorite', array(
  140. 'title' => 'New Favorite',
  141. 'like_of' => $like_of,
  142. 'token' => generate_login_token(['autosubmit'=>true]),
  143. 'authorizing' => false,
  144. 'autosubmit' => $autosubmit,
  145. 'url' => $url
  146. ));
  147. }
  148. });
  149. $app->get('/event', function() use($app) {
  150. if($user=require_login($app)) {
  151. $params = $app->request()->params();
  152. render('event', array(
  153. 'title' => 'Event',
  154. 'authorizing' => false
  155. ));
  156. }
  157. });
  158. $app->get('/itinerary', function() use($app) {
  159. if($user=require_login($app)) {
  160. $params = $app->request()->params();
  161. render('new-itinerary', array(
  162. 'title' => 'Itinerary',
  163. 'authorizing' => false
  164. ));
  165. }
  166. });
  167. $app->get('/flight', function() use($app) {
  168. if($user=require_login($app)) {
  169. $params = $app->request()->params();
  170. render('new-flight', array(
  171. 'title' => 'Flight',
  172. 'authorizing' => false
  173. ));
  174. }
  175. });
  176. $app->post('/flight', function() use($app) {
  177. if($user=require_login($app)) {
  178. $params = $app->request()->params();
  179. $location = false;
  180. if($params['action'] == 'find') {
  181. } elseif($params['action'] == 'checkin') {
  182. $payload = [
  183. 'type' => ['h-entry'],
  184. 'properties' => [
  185. 'checkin' => [
  186. [
  187. 'type' => ['h-card'],
  188. 'properties' => [
  189. 'name' => [$params['flight']],
  190. 'url' => ['http://flightaware.com/live/flight/'.$params['flight']],
  191. ]
  192. ]
  193. ]
  194. ]
  195. ];
  196. $r = micropub_post_for_user($user, $payload, null, true);
  197. $location = $r['location'];
  198. if($location) {
  199. // Store the checkin in the database to enable the cron job tracking the flight
  200. $flight = ORM::for_table('flights')->create();
  201. $flight->user_id = $_SESSION['user_id'];
  202. $flight->date_created = date('Y-m-d H:i:s');
  203. $flight->active = 1;
  204. $flight->url = $location;
  205. $flight->flight = $params['flight'];
  206. $flight->save();
  207. }
  208. }
  209. $app->response()['Content-type'] = 'application/json';
  210. $app->response()->body(json_encode(array(
  211. 'result' => 'ok',
  212. 'location' => $location
  213. )));
  214. }
  215. });
  216. $app->get('/flight/:id/:flightID/route.json', function($id, $flightID) use($app) {
  217. $route = false;
  218. $flight = ORM::for_table('flights')->where('id', $id)->find_one();
  219. if($flight) {
  220. $lastPosition = json_decode($flight->lastposition, true);
  221. if($lastPosition['InFlightInfoResult']['faFlightID'] == $flightID) {
  222. // {"type":"FeatureCollection","features":[{"type":"Feature","geometry":{"type":"Point","coordinates":[-122.638351,45.52217]},"properties":{"date":"2016-01-02T23:13:49Z","altitude":42.666666666667}}
  223. $route = [
  224. 'type' => 'FeatureCollection',
  225. 'features' => []
  226. ];
  227. $positions = json_decode($flight->positions, true);
  228. foreach($positions as $p) {
  229. $route['features'][] = [
  230. 'type' => 'Feature',
  231. 'geometry' => [
  232. 'type' => 'Point',
  233. 'coordinates' => [$p['lng'], $p['lat']]
  234. ],
  235. 'properties' => [
  236. 'date' => $p['date'],
  237. 'altitude' => $p['altitude'],
  238. 'heading' => $p['heading'],
  239. 'speed' => $p['speed']
  240. ]
  241. ];
  242. }
  243. }
  244. }
  245. $app->response()['Content-type'] = 'application/json';
  246. $app->response()->body(json_encode($route));
  247. });
  248. $app->get('/photo', function() use($app) {
  249. if($user=require_login($app)) {
  250. $params = $app->request()->params();
  251. render('photo', array(
  252. 'title' => 'New Photo',
  253. 'note_content' => '',
  254. 'authorizing' => false
  255. ));
  256. }
  257. });
  258. $app->get('/review', function() use($app) {
  259. if($user=require_login($app)) {
  260. $params = $app->request()->params();
  261. render('review', array(
  262. 'title' => 'Review',
  263. 'authorizing' => false
  264. ));
  265. }
  266. });
  267. $app->get('/repost', function() use($app) {
  268. if($user=require_login($app)) {
  269. $params = $app->request()->params();
  270. $repost_of = '';
  271. if(array_key_exists('url', $params))
  272. $repost_of = $params['url'];
  273. if(array_key_exists('edit', $params)) {
  274. $edit_data = get_micropub_source($user, $params['edit'], 'repost-of');
  275. $url = $params['edit'];
  276. if(isset($edit_data['repost-of'])) {
  277. $repost = $edit_data['repost-of'][0];
  278. if(is_string($edit_data['repost-of'][0])) {
  279. $repost_of = $repost;
  280. } elseif(is_array($repost)) {
  281. if(array_key_exists('type', $repost) && in_array('h-cite', $repost)) {
  282. if(array_key_exists('url', $repost['properties'])) {
  283. $repost_of = $repost['properties']['url'][0];
  284. }
  285. } else {
  286. // Error
  287. }
  288. } else {
  289. // Error: don't know what type of post this is
  290. }
  291. }
  292. } else {
  293. $edit_data = false;
  294. $url = false;
  295. }
  296. render('new-repost', array(
  297. 'title' => 'New Repost',
  298. 'repost_of' => $repost_of,
  299. 'token' => generate_login_token(),
  300. 'authorizing' => false,
  301. 'url' => $url,
  302. ));
  303. }
  304. });
  305. $app->post('/prefs', function() use($app) {
  306. if($user=require_login($app)) {
  307. $params = $app->request()->params();
  308. $user->location_enabled = $params['enabled'];
  309. $user->save();
  310. }
  311. $app->response()['Content-type'] = 'application/json';
  312. $app->response()->body(json_encode(array(
  313. 'result' => 'ok'
  314. )));
  315. });
  316. $app->post('/prefs/timezone', function() use($app) {
  317. // Called when the interface finds the user's location.
  318. // Look up the timezone for this location and store it as their default.
  319. $timezone = false;
  320. if($user=require_login($app)) {
  321. $params = $app->request()->params();
  322. $timezone = p3k\Timezone::timezone_for_location($params['latitude'], $params['longitude']);
  323. if($timezone) {
  324. $user->default_timezone = $timezone;
  325. $user->save();
  326. }
  327. }
  328. $app->response()['Content-type'] = 'application/json';
  329. $app->response()->body(json_encode(array(
  330. 'result' => 'ok',
  331. 'timezone' => $timezone,
  332. )));
  333. });
  334. $app->get('/add-to-home', function() use($app) {
  335. $params = $app->request()->params();
  336. header("Cache-Control: no-cache, must-revalidate");
  337. if(array_key_exists('token', $params) && !session('add-to-home-started')) {
  338. unset($_SESSION['add-to-home-started']);
  339. // Verify the token and sign the user in
  340. try {
  341. $data = JWT::decode($params['token'], Config::$jwtSecret, array('HS256'));
  342. $_SESSION['user_id'] = $data->user_id;
  343. $_SESSION['me'] = $data->me;
  344. $app->redirect('/new', 302);
  345. } catch(DomainException $e) {
  346. header('X-Error: DomainException');
  347. $app->redirect('/', 302);
  348. } catch(UnexpectedValueException $e) {
  349. header('X-Error: UnexpectedValueException');
  350. $app->redirect('/', 302);
  351. }
  352. } else {
  353. if($user=require_login($app)) {
  354. if(array_key_exists('start', $params)) {
  355. $_SESSION['add-to-home-started'] = true;
  356. $token = JWT::encode(array(
  357. 'user_id' => $_SESSION['user_id'],
  358. 'me' => $_SESSION['me'],
  359. 'created_at' => time()
  360. ), Config::$jwtSecret);
  361. $app->redirect('/add-to-home?token='.$token, 302);
  362. } else {
  363. unset($_SESSION['add-to-home-started']);
  364. render('add-to-home', array('title' => 'Quill'));
  365. }
  366. }
  367. }
  368. });
  369. $app->get('/email', function() use($app) {
  370. if($user=require_login($app)) {
  371. $test_response = '';
  372. if($user->last_micropub_response) {
  373. try {
  374. if(@json_decode($user->last_micropub_response)) {
  375. $d = json_decode($user->last_micropub_response);
  376. $test_response = $d->response;
  377. }
  378. } catch(Exception $e) {
  379. }
  380. }
  381. if(!$user->email_username) {
  382. $host = parse_url($user->url, PHP_URL_HOST);
  383. $user->email_username = $host . '.' . rand(100000,999999);
  384. $user->save();
  385. }
  386. render('email', array(
  387. 'title' => 'Post-by-Email',
  388. 'micropub_endpoint' => $user->micropub_endpoint,
  389. 'test_response' => $test_response,
  390. 'user' => $user
  391. ));
  392. }
  393. });
  394. $app->get('/settings', function() use($app) {
  395. if($user=require_login($app)) {
  396. render('settings', [
  397. 'title' => 'Settings',
  398. 'user' => $user,
  399. 'authorizing' => false
  400. ]);
  401. }
  402. });
  403. $app->post('/settings/save', function() use($app) {
  404. if($user=require_login($app)) {
  405. $params = $app->request()->params();
  406. if(array_key_exists('html_content', $params))
  407. $user->micropub_optin_html_content = $params['html_content'] ? 1 : 0;
  408. if(array_key_exists('slug_field', $params) && $params['slug_field'])
  409. $user->micropub_slug_field = $params['slug_field'];
  410. if(array_key_exists('syndicate_field', $params) && $params['syndicate_field']) {
  411. if(in_array($params['syndicate_field'], ['syndicate-to','mp-syndicate-to']))
  412. $user->micropub_syndicate_field = $params['syndicate_field'];
  413. }
  414. $user->save();
  415. $app->response()['Content-type'] = 'application/json';
  416. $app->response()->body(json_encode(array(
  417. 'result' => 'ok'
  418. )));
  419. }
  420. });
  421. $app->post('/settings/html-content', function() use($app) {
  422. if($user=require_login($app)) {
  423. $params = $app->request()->params();
  424. $user->micropub_optin_html_content = $params['html'] ? 1 : 0;
  425. $user->save();
  426. $app->response()['Content-type'] = 'application/json';
  427. $app->response()->body(json_encode(array(
  428. 'html' => $user->micropub_optin_html_content
  429. )));
  430. }
  431. });
  432. $app->get('/settings/html-content', function() use($app) {
  433. if($user=require_login($app)) {
  434. $app->response()['Content-type'] = 'application/json';
  435. $app->response()->body(json_encode(array(
  436. 'html' => $user->micropub_optin_html_content
  437. )));
  438. }
  439. });
  440. function create_favorite(&$user, $url) {
  441. $micropub_request = array(
  442. 'like-of' => $url
  443. );
  444. $r = micropub_post_for_user($user, $micropub_request);
  445. $tweet_id = false;
  446. // POSSE favorites to Twitter
  447. if($user->twitter_access_token && preg_match('/https?:\/\/(?:www\.)?twitter\.com\/[^\/]+\/status(?:es)?\/(\d+)/', $url, $match)) {
  448. $tweet_id = $match[1];
  449. $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret,
  450. $user->twitter_access_token, $user->twitter_token_secret);
  451. $result = $twitter->post('favorites/create', array(
  452. 'id' => $tweet_id
  453. ));
  454. }
  455. return $r;
  456. }
  457. function edit_favorite(&$user, $post_url, $like_of) {
  458. $micropub_request = [
  459. 'action' => 'update',
  460. 'url' => $post_url,
  461. 'replace' => [
  462. 'like-of' => [$like_of]
  463. ]
  464. ];
  465. $r = micropub_post_for_user($user, $micropub_request, null, true);
  466. return $r;
  467. }
  468. function create_repost(&$user, $url) {
  469. $micropub_request = array(
  470. 'repost-of' => $url
  471. );
  472. $r = micropub_post_for_user($user, $micropub_request);
  473. $tweet_id = false;
  474. if($user->twitter_access_token && preg_match('/https?:\/\/(?:www\.)?twitter\.com\/[^\/]+\/status(?:es)?\/(\d+)/', $url, $match)) {
  475. $tweet_id = $match[1];
  476. $twitter = new TwitterOAuth(Config::$twitterClientID, Config::$twitterClientSecret,
  477. $user->twitter_access_token, $user->twitter_token_secret);
  478. $result = $twitter->post('statuses/retweet/'.$tweet_id);
  479. }
  480. return $r;
  481. }
  482. function edit_repost(&$user, $post_url, $repost_of) {
  483. $micropub_request = [
  484. 'action' => 'update',
  485. 'url' => $post_url,
  486. 'replace' => [
  487. 'repost-of' => [$repost_of]
  488. ]
  489. ];
  490. $r = micropub_post_for_user($user, $micropub_request, null, true);
  491. return $r;
  492. }
  493. $app->post('/favorite', function() use($app) {
  494. if($user=require_login($app)) {
  495. $params = $app->request()->params();
  496. $error = false;
  497. if(isset($params['edit']) && $params['edit']) {
  498. $r = edit_favorite($user, $params['edit'], $params['like_of']);
  499. if(isset($r['location']) && $r['location'])
  500. $location = $r['location'];
  501. elseif(in_array($r['code'], [200,201,204]))
  502. $location = $params['edit'];
  503. elseif(in_array($r['code'], [401,403])) {
  504. $location = false;
  505. $error = 'Your Micropub endpoint denied the request. Check that Quill is authorized to update posts.';
  506. } else {
  507. $location = false;
  508. $error = 'Your Micropub endpoint did not return a location header or a recognized response code';
  509. }
  510. } else {
  511. $r = create_favorite($user, $params['like_of']);
  512. $location = $r['location'];
  513. }
  514. $app->response()['Content-type'] = 'application/json';
  515. $app->response()->body(json_encode(array(
  516. 'location' => $location,
  517. 'error' => $r['error'],
  518. 'error_details' => $error,
  519. )));
  520. }
  521. });
  522. $app->post('/repost', function() use($app) {
  523. if($user=require_login($app)) {
  524. $params = $app->request()->params();
  525. $error = false;
  526. if(isset($params['edit']) && $params['edit']) {
  527. $r = edit_repost($user, $params['edit'], $params['repost_of']);
  528. if(isset($r['location']) && $r['location'])
  529. $location = $r['location'];
  530. elseif(in_array($r['code'], [200,201,204]))
  531. $location = $params['edit'];
  532. elseif(in_array($r['code'], [401,403])) {
  533. $location = false;
  534. $error = 'Your Micropub endpoint denied the request. Check that Quill is authorized to update posts.';
  535. } else {
  536. $location = false;
  537. $error = 'Your Micropub endpoint did not return a location header or a recognized response code';
  538. }
  539. } else {
  540. $r = create_repost($user, $params['repost_of']);
  541. $location = $r['location'];
  542. }
  543. $app->response()['Content-type'] = 'application/json';
  544. $app->response()->body(json_encode(array(
  545. 'location' => $location,
  546. 'error' => $r['error'],
  547. 'error_details' => $error,
  548. )));
  549. }
  550. });
  551. $app->get('/reply/preview', function() use($app) {
  552. if($user=require_login($app)) {
  553. $params = $app->request()->params();
  554. if(!isset($params['url']) || !$params['url']) {
  555. return '';
  556. }
  557. $reply_url = trim($params['url']);
  558. if(preg_match('/twtr\.io\/([0-9a-z]+)/i', $reply_url, $match)) {
  559. $twtr = 'https://twitter.com/_/status/' . sxg_to_num($match[1]);
  560. $ch = curl_init($twtr);
  561. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  562. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  563. curl_exec($ch);
  564. $expanded_url = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL);
  565. if($expanded_url) $reply_url = $expanded_url;
  566. }
  567. $entry = false;
  568. $xray = [
  569. 'url' => $reply_url
  570. ];
  571. if(preg_match('/twitter\.com\/(?:[^\/]+)\/statuse?s?\/(.+)/', $reply_url, $match)) {
  572. if($user->twitter_access_token) {
  573. $xray['twitter_api_key'] = Config::$twitterClientID;
  574. $xray['twitter_api_secret'] = Config::$twitterClientSecret;
  575. $xray['twitter_access_token'] = $user->twitter_access_token;
  576. $xray['twitter_access_token_secret'] = $user->twitter_token_secret;
  577. }
  578. }
  579. // Pass to X-Ray to see if it can expand the entry
  580. $ch = curl_init('https://xray.p3k.io/parse');
  581. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  582. curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($xray));
  583. $response = curl_exec($ch);
  584. $data = @json_decode($response, true);
  585. if($data && isset($data['data'])) {
  586. if($data['data']['type'] == 'entry') {
  587. $entry = $data['data'];
  588. } elseif($data['data']['type'] == 'event') {
  589. $entry = $data['data'];
  590. $content = '';
  591. if(isset($entry['start']) && isset($entry['end'])) {
  592. $formatted = DateFormatter::format($entry['start'], $entry['end'], false);
  593. if($formatted)
  594. $content .= $formatted;
  595. else {
  596. $start = new DateTime($entry['start']);
  597. $end = new DateTime($entry['end']);
  598. if($start && $end)
  599. $content .= 'from '.$start->format('Y-m-d g:ia').' to '.$end->format('Y-m-d g:ia');
  600. }
  601. } elseif(isset($entry['start'])) {
  602. $formatted = DateFormatter::format($entry['start'], false, false);
  603. if($formatted)
  604. $content .= $formatted;
  605. else {
  606. $start = new DateTime($entry['start']);
  607. if($start)
  608. $content .= $start->format('Y-m-d g:ia');
  609. }
  610. }
  611. $entry['content']['text'] = $content;
  612. }
  613. // Create a nickname based on the author URL
  614. if(array_key_exists('author', $entry)) {
  615. if($entry['author']['url']) {
  616. if(!isset($entry['author']['nickname']) || !$entry['author']['nickname'])
  617. $entry['author']['nickname'] = display_url($entry['author']['url']);
  618. }
  619. }
  620. }
  621. $mentions = [];
  622. if($entry) {
  623. if(array_key_exists('author', $entry)) {
  624. // Find all @-names in the post, as well as the author name
  625. $mentions[] = strtolower($entry['author']['nickname']);
  626. }
  627. if(isset($entry['content']) && $entry['content'] && isset($entry['content']['text'])) {
  628. if(preg_match_all('/(^|(?<=[\s\/]))@([a-z0-9_]+([a-z0-9_\.]*)?)/i', $entry['content']['text'], $matches)) {
  629. foreach($matches[0] as $nick) {
  630. if(trim($nick,'@') != $user->twitter_username && trim($nick,'@') != display_url($user->url))
  631. $mentions[] = strtolower(trim($nick,'@'));
  632. }
  633. }
  634. }
  635. $mentions = array_values(array_unique($mentions));
  636. }
  637. $app->response()['Content-type'] = 'application/json';
  638. $app->response()->body(json_encode([
  639. 'canonical_reply_url' => $reply_url,
  640. 'entry' => $entry,
  641. 'mentions' => $mentions
  642. ]));
  643. }
  644. });
  645. $app->get('/edit', function() use($app) {
  646. if($user=require_login($app)) {
  647. $params = $app->request()->params();
  648. if(!isset($params['url']) || !$params['url']) {
  649. $app->response()->body('no URL specified');
  650. }
  651. // Query the micropub endpoint for the source properties
  652. $source = micropub_get($user->micropub_endpoint, [
  653. 'q' => 'source',
  654. 'url' => $params['url']
  655. ], $user->micropub_access_token);
  656. $data = $source['data'];
  657. if(array_key_exists('error', $data)) {
  658. render('edit/error', [
  659. 'title' => 'Error',
  660. 'summary' => 'Your Micropub endpoint returned an error:',
  661. 'error' => $data['error'],
  662. 'error_description' => $data['error_description']
  663. ]);
  664. return;
  665. }
  666. if(!array_key_exists('properties', $data) || !array_key_exists('type', $data)) {
  667. render('edit/error', [
  668. 'title' => 'Error',
  669. 'summary' => '',
  670. 'error' => 'Invalid Response',
  671. 'error_description' => 'Your endpoint did not return "properties" and "type" in the response.'
  672. ]);
  673. return;
  674. }
  675. // Start checking for content types
  676. $type = $data['type'][0];
  677. $error = false;
  678. $url = false;
  679. if($type == 'h-review') {
  680. $url = '/review';
  681. } elseif($type == 'h-event') {
  682. $url = '/event';
  683. } elseif($type != 'h-entry') {
  684. $error = 'This type of post is not supported by any of Quill\'s editing interfaces. Type: '.$type;
  685. } else {
  686. if(array_key_exists('bookmark-of', $data['properties'])) {
  687. $url = '/bookmark';
  688. } elseif(array_key_exists('like-of', $data['properties'])) {
  689. $url = '/favorite';
  690. } elseif(array_key_exists('repost-of', $data['properties'])) {
  691. $url = '/repost';
  692. }
  693. }
  694. if($error) {
  695. render('edit/error', [
  696. 'title' => 'Error',
  697. 'summary' => '',
  698. 'error' => 'There was a problem!',
  699. 'error_description' => $error
  700. ]);
  701. return;
  702. }
  703. // Until all interfaces are complete, show an error here for unsupported ones
  704. if(!in_array($url, ['/favorite','/repost'])) {
  705. render('edit/error', [
  706. 'title' => 'Not Yet Supported',
  707. 'summary' => '',
  708. 'error' => 'Not Yet Supported',
  709. 'error_description' => 'Editing is not yet supported for this type of post.'
  710. ]);
  711. return;
  712. }
  713. $app->redirect($url . '?edit=' . $params['url'], 302);
  714. }
  715. });