You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

335 lines
9.6 KiB

10 years ago
10 years ago
10 years ago
10 years ago
  1. <?php
  2. function require_login(&$app) {
  3. $params = $app->request()->params();
  4. if(array_key_exists('token', $params)) {
  5. try {
  6. $data = JWT::decode($params['token'], Config::$jwtSecret);
  7. $_SESSION['user_id'] = $data->user_id;
  8. $_SESSION['me'] = $data->me;
  9. } catch(DomainException $e) {
  10. header('X-Error: DomainException');
  11. $app->redirect('/', 301);
  12. } catch(UnexpectedValueException $e) {
  13. header('X-Error: UnexpectedValueException');
  14. $app->redirect('/', 301);
  15. }
  16. }
  17. if(!array_key_exists('user_id', $_SESSION)) {
  18. $app->redirect('/');
  19. return false;
  20. } else {
  21. return ORM::for_table('users')->find_one($_SESSION['user_id']);
  22. }
  23. }
  24. function get_login(&$app) {
  25. if(array_key_exists('user_id', $_SESSION)) {
  26. return ORM::for_table('users')->find_one($_SESSION['user_id']);
  27. } else {
  28. return false;
  29. }
  30. }
  31. function generate_login_token() {
  32. return JWT::encode(array(
  33. 'user_id' => $_SESSION['user_id'],
  34. 'me' => $_SESSION['me'],
  35. 'created_at' => time()
  36. ), Config::$jwtSecret);
  37. }
  38. $app->get('/new', function() use($app) {
  39. if($user=require_login($app)) {
  40. $entry = false;
  41. $photo_url = false;
  42. // Initially populate the page with the list of options without considering location.
  43. // This way if browser location is disabled or not available, or JS is disabled, there
  44. // will still be a list of options presented on the page by the time it loads.
  45. // Javascript will replace the options after location is available.
  46. $html = render('new-post', array(
  47. 'title' => 'New Post',
  48. 'micropub_endpoint' => $user->micropub_endpoint,
  49. 'token_scope' => $user->token_scope,
  50. 'access_token' => $user->access_token,
  51. 'response_date' => $user->last_micropub_response_date,
  52. 'location_enabled' => $user->location_enabled,
  53. 'default_options' => get_entry_options($user->id)
  54. ));
  55. $app->response()->body($html);
  56. }
  57. });
  58. $app->post('/prefs', function() use($app) {
  59. if($user=require_login($app)) {
  60. $params = $app->request()->params();
  61. $user->location_enabled = $params['enabled'];
  62. $user->save();
  63. }
  64. $app->response()->body(json_encode(array(
  65. 'result' => 'ok'
  66. )));
  67. });
  68. $app->get('/creating-a-token-endpoint', function() use($app) {
  69. $app->redirect('http://indiewebcamp.com/token-endpoint', 301);
  70. });
  71. $app->get('/creating-a-micropub-endpoint', function() use($app) {
  72. $html = render('creating-a-micropub-endpoint', array('title' => 'Creating a Micropub Endpoint'));
  73. $app->response()->body($html);
  74. });
  75. $app->get('/docs', function() use($app) {
  76. $html = render('docs', array('title' => 'Documentation'));
  77. $app->response()->body($html);
  78. });
  79. $app->get('/add-to-home', function() use($app) {
  80. $params = $app->request()->params();
  81. header("Cache-Control: no-cache, must-revalidate");
  82. if(array_key_exists('token', $params) && !session('add-to-home-started')) {
  83. unset($_SESSION['add-to-home-started']);
  84. // Verify the token and sign the user in
  85. try {
  86. $data = JWT::decode($params['token'], Config::$jwtSecret);
  87. $_SESSION['user_id'] = $data->user_id;
  88. $_SESSION['me'] = $data->me;
  89. $app->redirect('/new', 301);
  90. } catch(DomainException $e) {
  91. header('X-Error: DomainException');
  92. $app->redirect('/', 301);
  93. } catch(UnexpectedValueException $e) {
  94. header('X-Error: UnexpectedValueException');
  95. $app->redirect('/', 301);
  96. }
  97. } else {
  98. if($user=require_login($app)) {
  99. if(array_key_exists('start', $params)) {
  100. $_SESSION['add-to-home-started'] = true;
  101. $token = JWT::encode(array(
  102. 'user_id' => $_SESSION['user_id'],
  103. 'me' => $_SESSION['me'],
  104. 'created_at' => time()
  105. ), Config::$jwtSecret);
  106. $app->redirect('/add-to-home?token='.$token, 301);
  107. } else {
  108. unset($_SESSION['add-to-home-started']);
  109. $html = render('add-to-home', array('title' => 'Teacup'));
  110. $app->response()->body($html);
  111. }
  112. }
  113. }
  114. });
  115. $app->post('/post', function() use($app) {
  116. if($user=require_login($app)) {
  117. $params = $app->request()->params();
  118. // Remove any blank params
  119. $params = array_filter($params, function($v){
  120. return $v !== '';
  121. });
  122. // Store the post in the database
  123. $entry = ORM::for_table('entries')->create();
  124. $entry->user_id = $user->id;
  125. $entry->published = date('Y-m-d H:i:s');
  126. if(k($params, 'location') && $location=parse_geo_uri($params['location'])) {
  127. $entry->latitude = $location['latitude'];
  128. $entry->longitude = $location['longitude'];
  129. if($timezone=get_timezone($location['latitude'], $location['longitude'])) {
  130. $entry->timezone = $timezone->getName();
  131. $entry->tz_offset = $timezone->getOffset(new DateTime());
  132. }
  133. } else {
  134. $entry->timezone = 'UTC';
  135. $entry->tz_offset = 0;
  136. }
  137. if(k($params, 'drank')) {
  138. $entry->content = trim($params['drank']);
  139. $type = 'drink';
  140. $verb = 'drank';
  141. } elseif(k($params, 'drink')) {
  142. $entry->content = trim($params['drink']);
  143. $type = 'drink';
  144. $verb = 'drank';
  145. } elseif(k($params, 'eat')) {
  146. $entry->content = trim($params['eat']);
  147. $type = 'eat';
  148. $verb = 'ate';
  149. } elseif(k($params, 'custom_drink')) {
  150. $entry->content = trim($params['custom_drink']);
  151. $type = 'drink';
  152. $verb = 'drank';
  153. } elseif(k($params, 'custom_eat')) {
  154. $entry->content = trim($params['custom_eat']);
  155. $type = 'eat';
  156. $verb = 'ate';
  157. }
  158. $entry->type = $type;
  159. $entry->save();
  160. // Send to the micropub endpoint if one is defined, and store the result
  161. $url = false;
  162. if($user->micropub_endpoint) {
  163. $text_content = 'Just ' . $verb . ': ' . $entry->content;
  164. $mp_request = array(
  165. 'h' => 'entry',
  166. 'p3k-food' => $entry->content,
  167. 'p3k-type' => $type,
  168. 'location' => k($params, 'location'),
  169. 'summary' => $text_content
  170. );
  171. $r = micropub_post($user->micropub_endpoint, $mp_request, $user->access_token);
  172. $request = $r['request'];
  173. $response = $r['response'];
  174. $entry->micropub_response = $response;
  175. // Check the response and look for a "Location" header containing the URL
  176. if($response && preg_match('/Location: (.+)/', $response, $match)) {
  177. $url = $match[1];
  178. $user->micropub_success = 1;
  179. $entry->micropub_success = 1;
  180. $entry->canonical_url = $url;
  181. } else {
  182. $entry->micropub_success = 0;
  183. }
  184. $entry->save();
  185. }
  186. if($url) {
  187. $app->redirect($url);
  188. } else {
  189. // TODO: Redirect to an error page or show an error on the teacup post page
  190. $url = Config::$base_url . $user->url . '/' . $entry->id;
  191. $app->redirect($url);
  192. }
  193. }
  194. });
  195. $app->get('/options', function() use($app) {
  196. if($user=require_login($app)) {
  197. $params = $app->request()->params();
  198. $options = get_entry_options($user->id, k($params,'latitude'), k($params,'longitude'));
  199. $html = partial('partials/entry-buttons', ['options'=>$options]);
  200. $app->response()->body($html);
  201. }
  202. });
  203. $app->get('/map.png', function() use($app) {
  204. $params = $app->request()->params();
  205. $url = get_static_map($_SERVER['QUERY_STRING']);
  206. $ch = curl_init($url);
  207. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  208. $img = curl_exec($ch);
  209. $app->response()['Content-type'] = 'image/png';
  210. $app->response()->body($img);
  211. });
  212. $app->get('/teacup.appcache', function() use($app) {
  213. $content = partial('appcache');
  214. $app->response()['Content-type'] = 'text/cache-manifest';
  215. $app->response()->body($content);
  216. });
  217. $app->get('/:domain', function($domain) use($app) {
  218. $params = $app->request()->params();
  219. $user = ORM::for_table('users')->where('url', $domain)->find_one();
  220. if(!$user) {
  221. $app->notFound();
  222. return;
  223. }
  224. $per_page = 10;
  225. $entries = ORM::for_table('entries')->where('user_id', $user->id);
  226. if(array_key_exists('before', $params)) {
  227. $entries->where_lte('id', $params['before']);
  228. }
  229. $entries = $entries->limit($per_page)->order_by_desc('published')->find_many();
  230. if(count($entries) > 1) {
  231. $older = ORM::for_table('entries')->where('user_id', $user->id)
  232. ->where_lt('id', $entries[count($entries)-1]->id)->order_by_desc('published')->find_one();
  233. } else {
  234. $older = null;
  235. }
  236. if(count($entries) > 1) {
  237. $newer = ORM::for_table('entries')->where('user_id', $user->id)
  238. ->where_gte('id', $entries[0]->id)->order_by_asc('published')->offset($per_page)->find_one();
  239. } else {
  240. $newer = null;
  241. }
  242. if(!$newer) {
  243. // no new entry was found at the specific offset, so find the newest post to link to instead
  244. $newer = ORM::for_table('entries')->where('user_id', $user->id)
  245. ->order_by_desc('published')->limit(1)->find_one();
  246. if($newer && $newer->id == $entries[0]->id)
  247. $newer = false;
  248. }
  249. $html = render('entries', array(
  250. 'title' => 'Teacup',
  251. 'entries' => $entries,
  252. 'user' => $user,
  253. 'older' => ($older ? $older->id : false),
  254. 'newer' => ($newer ? $newer->id : false)
  255. ));
  256. $app->response()->body($html);
  257. })->conditions(array(
  258. 'domain' => '[a-zA-Z0-9\.-]+\.[a-z]+'
  259. ));
  260. $app->get('/:domain/:entry', function($domain, $entry_id) use($app) {
  261. $user = ORM::for_table('users')->where('url', $domain)->find_one();
  262. if(!$user) {
  263. $app->notFound();
  264. return;
  265. }
  266. $entry = ORM::for_table('entries')->where('user_id', $user->id)->where('id', $entry_id)->find_one();
  267. if(!$entry) {
  268. $app->notFound();
  269. return;
  270. }
  271. $html = render('entry', array(
  272. 'title' => 'Teacup',
  273. 'entry' => $entry,
  274. 'user' => $user
  275. ));
  276. $app->response()->body($html);
  277. })->conditions(array(
  278. 'domain' => '[a-zA-Z0-9\.-]+\.[a-z]+',
  279. 'entry' => '\d+'
  280. ));