request()->params(); if(!array_key_exists('user_id', $_SESSION)) { $app->redirect('/'); return false; } else { return ORM::for_table('users')->find_one($_SESSION['user_id']); } } function get_login(&$app) { if(array_key_exists('user_id', $_SESSION)) { return ORM::for_table('users')->find_one($_SESSION['user_id']); } else { return false; } } function generate_login_token() { return JWT::encode(array( 'user_id' => $_SESSION['user_id'], 'me' => $_SESSION['me'], 'created_at' => time() ), Config::$jwtSecret); } $app->get('/new', function() use($app) { if($user=require_login($app)) { // Get the last post and set the timezone offset to match $date_str = date('Y-m-d'); $time_str = date('H:i:s'); $tz_offset = '+0000'; $last = ORM::for_table('entries')->where('user_id', $user->id) ->order_by_desc('published')->find_one(); if(false && $last) { $seconds = $last->tz_offset; $tz_offset = tz_seconds_to_offset($seconds); // Create a date object in the local timezone given the offset $date = new DateTime(); if($seconds > 0) $date->add(new DateInterval('PT'.$seconds.'S')); elseif($seconds < 0) $date->sub(new DateInterval('PT'.abs($seconds).'S')); $date_str = $date->format('Y-m-d'); $time_str = $date->format('H:i:s'); } // Initially populate the page with the list of options without considering location. // This way if browser location is disabled or not available, or JS is disabled, there // will still be a list of options presented on the page by the time it loads. // Javascript will replace the options after location is available. render('new-post', array( 'title' => 'New Post', 'micropub_endpoint' => $user->micropub_endpoint, 'micropub_media_endpoint' => $user->micropub_media_endpoint, 'token_scope' => $user->token_scope, 'access_token' => $user->access_token, 'response_date' => $user->last_micropub_response_date, 'location_enabled' => $user->location_enabled, 'default_options' => get_entry_options($user->id), 'tz_offset' => $tz_offset, 'date_str' => $date_str, 'time_str' => $time_str, 'enable_array_micropub' => $user->enable_array_micropub )); } }); $app->get('/settings', function() use($app) { if($user=require_login($app)) { render('settings', [ 'title' => 'Settings', ]); } }); $app->post('/settings/device-code', function() use($app) { if($user=require_login($app)) { $code = mt_rand(100000,999999); $user->device_code = $code; $user->device_code_expires = date('Y-m-d H:i:s', time()+300); $user->save(); $app->response()['Content-Type'] = 'application/json'; $app->response()->body(json_encode([ 'code' => $code ])); } }); $app->post('/prefs/enable-h-food', function() use($app){ if($user=require_login($app)) { $user->enable_array_micropub = 1; $user->save(); } $app->redirect('/new', 302); }); $app->post('/prefs', function() use($app) { if($user=require_login($app)) { $params = $app->request()->params(); $user->location_enabled = $params['enabled']; $user->save(); } $app->response()->body(json_encode(array( 'result' => 'ok' ))); }); $app->get('/creating-a-token-endpoint', function() use($app) { $app->redirect('https://indieweb.org/token-endpoint', 301); }); $app->get('/creating-a-micropub-endpoint', function() use($app) { $app->redirect('https://indieweb.org/Micropub', 301); }); $app->get('/docs', function() use($app) { render('docs', array('title' => 'Documentation')); }); $app->get('/privacy', function() use($app) { render('privacy', array('title' => 'Privacy Policy')); }); $app->get('/add-to-home', function() use($app) { $params = $app->request()->params(); header("Cache-Control: no-cache, must-revalidate"); if(array_key_exists('token', $params) && !isset($_SESSION['add-to-home-started'])) { // Verify the token and sign the user in try { $data = JWT::decode($params['token'], Config::$jwtSecret, ['HS256']); $_SESSION['user_id'] = $data->user_id; $_SESSION['me'] = $data->me; $app->redirect('/new', 302); } catch(DomainException $e) { header('X-Error: DomainException'); $app->redirect('/?error=domain', 302); } catch(SignatureInvalidException $e) { header('X-Error: SignatureInvalidException'); $app->redirect('/?error=invalid', 302); } catch(ErrorException $e) { $app->redirect('/?error=unknown', 302); } } else { if($user=require_login($app)) { if(array_key_exists('start', $params)) { $_SESSION['add-to-home-started'] = 1; $token = JWT::encode(array( 'user_id' => $_SESSION['user_id'], 'me' => $_SESSION['me'], 'created_at' => time() ), Config::$jwtSecret); $app->redirect('/add-to-home?token='.$token, 302); } else { unset($_SESSION['add-to-home-started']); render('add-to-home', array('title' => 'Teacup')); } } } }); $app->post('/post', function() use($app) { if($user=require_login($app)) { $params = $app->request()->params(); // Remove any blank params $params = array_filter($params, function($v){ return $v !== ''; }); // Store the post in the database $entry = ORM::for_table('entries')->create(); $entry->user_id = $user->id; $location = false; if(k($params, 'venue_url')) { $entry->checkin_url = $params['venue_url']; } else { if(k($params, 'location') && $location=parse_geo_uri($params['location'])) { $entry->latitude = $location['latitude']; $entry->longitude = $location['longitude']; } } if(k($params,'note_date')) { // The post request is always going to have a date now $date_string = $params['note_date'] . 'T' . $params['note_time'] . $params['note_tzoffset']; $entry->published = date('Y-m-d H:i:s', strtotime($date_string)); $entry->tz_offset = tz_offset_to_seconds($params['note_tzoffset']); $published = $date_string; } else { $entry->published = date('Y-m-d H:i:s'); $published = date('c'); // for the micropub post if($location && ($timezone=get_timezone($location['latitude'], $location['longitude']))) { $entry->timezone = $timezone->getName(); $entry->tz_offset = $timezone->getOffset(new DateTime()); $now = new DateTime(); $now->setTimeZone(new DateTimeZone($entry->timezone)); $published = $now->format('c'); } } if(k($params, 'drank')) { $entry->content = trim($params['drank']); $type = 'drink'; $verb = 'drank'; } elseif(k($params, 'drink')) { $entry->content = trim($params['drink']); $type = 'drink'; $verb = 'drank'; } elseif(k($params, 'eat')) { $entry->content = trim($params['eat']); $type = 'eat'; $verb = 'ate'; } elseif(k($params, 'custom_drink')) { $entry->content = trim($params['custom_drink']); $type = 'drink'; $verb = 'drank'; } elseif(k($params, 'custom_eat')) { $entry->content = trim($params['custom_eat']); $type = 'eat'; $verb = 'ate'; } if($user->micropub_media_endpoint && k($params, 'note_photo')) { $entry->photo_url = $params['note_photo']; } $entry->type = $type; $entry->save(); // Send to the micropub endpoint if one is defined, and store the result $url = false; if($user->micropub_endpoint) { $text_content = 'Just ' . $verb . ': ' . $entry->content; $mp_properties = array( 'published' => [$published], 'created' => [$published], 'summary' => [$text_content] ); if($venue = k($params, 'venue_url')) { $mp_properties['location'] = [$venue]; } elseif($location = k($params, 'location')) { $mp_properties['location'] = [$location]; } if($entry->photo_url) { $mp_properties['photo'] = [$entry->photo_url]; } $mp_properties[$verb] = [[ 'type' => ['h-food'], 'properties' => [ 'name' => $entry->content ] ]]; $mp_request = array( 'type' => ['h-entry'], 'properties' => $mp_properties ); $r = micropub_post($user->micropub_endpoint, $mp_request, $user->access_token); $request = $r['request']; $response = $r['response']; $entry->micropub_response = $response; // Check the response and look for a "Location" header containing the URL if($response && preg_match('/Location: (.+)/', $response, $match)) { $url = $match[1]; $user->micropub_success = 1; $entry->micropub_success = 1; $entry->canonical_url = $url; } else { $entry->micropub_success = 0; } $entry->save(); } if($url) { $app->redirect($url); } else { // TODO: Redirect to an error page or show an error on the teacup post page $url = Config::$base_url . $user->url . '/' . $entry->id; $app->redirect($url); } } }); $app->post('/micropub/media', function() use($app) { if($user=require_login($app)) { $file = isset($_FILES['file']) ? $_FILES['file'] : null; $error = validate_photo($file); unset($_POST['null']); if(!$error) { $file_path = $file['tmp_name']; correct_photo_rotation($file_path); $r = micropub_media_post($user->micropub_media_endpoint, $user->access_token, $file_path); } else { $r = array('error' => $error); } $response = $r['response']; $url = null; if($response && preg_match('/Location: (.+)/', $response, $match)) { $url = trim($match[1]); } else { $r['error'] = "No 'Location' header in response."; $r['debug'] = $response; } $app->response()['Content-type'] = 'application/json'; $app->response()->body(json_encode(array( 'location' => $url, 'error' => (isset($r['error']) ? $r['error'] : null), 'debug' => (isset($r['debug']) ? $r['debug'] : null), ))); } }); $app->get('/micropub/config', function() use($app) { if($user=require_login($app)) { $config = get_micropub_config($user); $app->response()['Content-type'] = 'application/json'; $app->response()->body(json_encode($config)); } }); $app->get('/micropub/last-checkin', function() use($app){ if($user=require_login($app)) { $checkin = get_micropub_checkin($user); $app->response()['Content-type'] = 'application/json'; $app->response()->body(json_encode($checkin)); } }); $app->get('/options.json', function() use($app) { if($user=require_login($app)) { $params = $app->request()->params(); $options = get_entry_options($user->id, k($params,'latitude'), k($params,'longitude')); $html = partial('partials/entry-buttons', ['options'=>$options]); $app->response()['Content-type'] = 'application/json'; $app->response()->body(json_encode([ 'buttons'=>$html ])); } }); $app->get('/map.png', function() use($app) { $params = $app->request()->params(); $params['basemap'] = 'custom'; $params['attribution'] = 'mapbox'; $params['tileurl'] = Config::$mapTileURL; $params['token'] = Config::$atlasToken; $ch = curl_init('https://atlas.p3k.io/map/img'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params)); $img = curl_exec($ch); header('Expires: ' . gmdate('D, d M Y H:i:s', strtotime('+30 days')) . ' GMT'); header('Pragma: cache'); header('Cache-Control: private'); $app->response()['Content-type'] = 'image/png'; $app->response()->body($img); }); $app->get('/:domain', function($domain) use($app) { $params = $app->request()->params(); $user = ORM::for_table('users')->where('url', $domain)->find_one(); if(!$user) { $app->notFound(); return; } $per_page = 10; $entries = ORM::for_table('entries')->where('user_id', $user->id); if(array_key_exists('before', $params)) { $entries->where_lte('id', $params['before']); } $entries = $entries->limit($per_page)->order_by_desc('published')->find_many(); if(count($entries) > 1) { $older = ORM::for_table('entries')->where('user_id', $user->id) ->where_lt('id', $entries[count($entries)-1]->id)->order_by_desc('published')->find_one(); } else { $older = null; } if(count($entries) > 1) { $newer = ORM::for_table('entries')->where('user_id', $user->id) ->where_gte('id', $entries[0]->id)->order_by_asc('published')->offset($per_page)->find_one(); } else { $newer = null; } if(!$newer) { // no new entry was found at the specific offset, so find the newest post to link to instead $newer = ORM::for_table('entries')->where('user_id', $user->id) ->order_by_desc('published')->limit(1)->find_one(); if($newer && $newer->id == $entries[0]->id) $newer = false; } render('entries', array( 'title' => 'Teacup', 'entries' => $entries, 'user' => $user, 'older' => ($older ? $older->id : false), 'newer' => ($newer ? $newer->id : false) )); })->conditions(array( 'domain' => '[a-zA-Z0-9\.-]+\.[a-z]+' )); $app->get('/:domain/:entry', function($domain, $entry_id) use($app) { $user = ORM::for_table('users')->where('url', $domain)->find_one(); if(!$user) { $app->notFound(); return; } $entry = ORM::for_table('entries')->where('user_id', $user->id)->where('id', $entry_id)->find_one(); if(!$entry) { $app->notFound(); return; } render('entry', array( 'title' => 'Teacup', 'entry' => $entry, 'user' => $user )); })->conditions(array( 'domain' => '[a-zA-Z0-9\.-]+\.[a-z]+', 'entry' => '\d+' ));