作者:sintori
项目:Know
function postContent()
{
$this->adminGatekeeper();
$request = $this->getInput('request');
$key = $this->getInput('key');
$username = $this->getInput('username');
$json = $this->getInput('json');
$follow_redirects = $this->getInput('follow_redirects');
$method = $this->getInput('method', 'GET');
$url = \Idno\Core\Idno::site()->config()->getURL();
if (strripos($url, '/') == strlen($url) - 1) {
$url = substr($url, 0, strlen($url) - 1);
}
$url .= $request;
$client = new Webservice();
if ($method == 'POST') {
$result = $client->post($url, $json, array('X-KNOWN-USERNAME: ' . $username, 'X-KNOWN-SIGNATURE: ' . base64_encode(hash_hmac('sha256', $request, $key, true))));
} else {
$result = $client->get($url, null, array('X-KNOWN-USERNAME: ' . $username, 'X-KNOWN-SIGNATURE: ' . base64_encode(hash_hmac('sha256', $request, $key, true))));
}
$response = Webservice::getLastResponse();
$sent_request = Webservice::getLastRequest() . $json;
$api_request = array('request' => $request, 'key' => $key, 'username' => $username, 'json' => $json, 'sent_request' => $sent_request, 'response' => gzencode($response, 9), 'method' => $method);
\Idno\Core\Idno::site()->session()->set('api_request', $api_request);
$this->forward(\Idno\Core\Idno::site()->config()->getURL() . 'admin/apitester/');
}
作者:smartboyathom
项目:Know
function getContent($params = array())
{
$this->gatekeeper();
$t = Idno::site()->template();
$body = $t->__([])->draw('account/indiepub');
$t->__(['title' => 'IndiePub Accounts', 'body' => $body])->drawPage();
}
作者:sintori
项目:Know
/**
* Gatekeeper function that validates input forms and prevents csrf attacks.
* Call this from your form action code.
*
* @param string $targetURL The URL of the form action that brought us here.
* @param boolean $haltExecutionOnBadRequest If set to true, the function halts all execution if the form doesn't validate. (True by default.)
* @return true|false
*/
public static function validateToken($action = '', $haltExecutionOnBadRequest = true)
{
if (empty($_REQUEST['__bTs']) || empty($_REQUEST['__bTk'])) {
if ($haltExecutionOnBadRequest) {
exit;
}
return false;
}
$time = $_REQUEST['__bTs'];
$token = $_REQUEST['__bTk'];
if (empty($action)) {
if (!empty($_REQUEST['__bTa'])) {
$action = $_REQUEST['__bTa'];
} else {
if ($haltExecutionOnBadRequest) {
exit;
}
return false;
}
}
if (abs(time() - $time) < \Idno\Core\Idno::site()->config()->form_token_expiry) {
if (self::token($action, $time) == $token) {
return true;
}
}
if ($haltExecutionOnBadRequest) {
exit;
}
return false;
}
作者:smartboyathom
项目:Know
/**
* Check that this token is either a user token or the
* site's API token, and auth the current request for that user if so.
*
* @return \Idno\Entities\User user on success
*/
private static function authenticate()
{
$access_token = \Idno\Core\Input::getInput('access_token');
$headers = \Idno\Common\Page::getallheaders();
if (!empty($headers['Authorization'])) {
$token = $headers['Authorization'];
$token = trim(str_replace('Bearer', '', $token));
} else {
if ($token = \Idno\Core\Input::getInput('access_token')) {
$token = trim($token);
}
}
if (!empty($token)) {
$found = Token::findUserForToken($token);
if (!empty($found)) {
\Idno\Core\Idno::site()->session()->setIsAPIRequest(true);
$user = $found['user'];
\Idno\Core\Idno::site()->session()->refreshSessionUser($user);
return $user;
}
$user = \Idno\Entities\User::getOne(array('admin' => true));
if ($token == $user->getAPIkey()) {
\Idno\Core\Idno::site()->session()->setIsAPIRequest(true);
\Idno\Core\Idno::site()->session()->refreshSessionUser($user);
return $user;
}
}
return false;
}
作者:pierreozou
项目:Know
function post()
{
// Get parameters
$code = $this->getInput('code');
$me = $this->getInput('me');
$redirect_uri = $this->getInput('redirect_uri');
$state = $this->getInput('state');
$client_id = $this->getInput('client_id');
$verified = Auth::verifyCode($code, $client_id, $redirect_uri, $state);
if ($verified['valid'] === true) {
// Get user & existing tokens
$user = $verified['user'];
$indieauth_tokens = $user->indieauth_tokens;
if (empty($indieauth_tokens)) {
$indieauth_tokens = array();
}
// Generate access token and save it to the user
$token = md5(rand(0, 99999) . time() . $user->getUUID() . $client_id . $state . rand(0, 999999));
$indieauth_tokens[$token] = array('me' => $me, 'redirect_uri' => $redirect_uri, 'scope' => 'post', 'client_id' => $client_id, 'issued_at' => time(), 'nonce' => mt_rand(1000000, pow(2, 30)));
$user->indieauth_tokens = $indieauth_tokens;
$user->save();
if (\Idno\Core\Idno::site()->session()->isLoggedOn() && $user->getUUID() == \Idno\Core\Idno::site()->session()->currentUser()->getUUID()) {
\Idno\Core\Idno::site()->session()->refreshSessionUser($user);
}
// Output to the browser
$this->setResponse(200);
header('Content-Type: application/x-www-form-urlencoded');
echo http_build_query(array('access_token' => $token, 'scope' => 'post', 'me' => $me));
exit;
} else {
$this->setResponse(400);
echo $verified['reason'];
}
}
作者:sintori
项目:Know
function postContent()
{
$this->createGatekeeper();
// User is logged in and can post content
// Get variables
$body = $this->getInput('body');
$object_uuid = $this->getInput('object');
$type = $this->getInput('type');
$user = \Idno\Core\Idno::site()->session()->currentUser();
if ($type != 'like') {
$type = 'reply';
}
if ($object = Entity::getByUUID($object_uuid)) {
$has_liked = false;
if ($type == 'like') {
if ($like_annotations = $object->getAnnotations('like')) {
foreach ($like_annotations as $like) {
if ($like['owner_url'] == \Idno\Core\Idno::site()->session()->currentUser()->getURL()) {
$object->removeAnnotation($like['permalink']);
$object->save();
$has_liked = true;
}
}
}
}
if (!$has_liked) {
if ($object->addAnnotation($type, $user->getTitle(), $user->getURL(), $user->getIcon(), $body)) {
$object->save();
}
}
$this->forward($object->getDisplayURL() . '#comments');
}
}
作者:kylew
项目:KnownIndieSyndicat
function getContent()
{
$this->gatekeeper();
$user = Idno::site()->session()->currentUser();
$code = $this->getInput('code');
$state = $this->getInput('state');
$me = $this->getInput('me');
$token_endpoint = IndieAuthClient::discoverTokenEndpoint($me);
$micropub_endpoint = IndieAuthClient::discoverMicropubEndpoint($me);
$hcard = IndieAuthClient::representativeHCard($me);
$client_id = Idno::site()->config()->getDisplayURL();
$redirect_uri = Idno::site()->config()->getDisplayURL() . 'account/indiesyndicate/cb';
$result = IndieAuthClient::getAccessToken($token_endpoint, $code, $me, $redirect_uri, $client_id, $state);
if (isset($result['me']) && isset($result['access_token'])) {
$me = $result['me'];
$token = $result['access_token'];
$name = $me;
if (!empty($hcard['properties']['name'])) {
$name = $hcard['properties']['name'][0];
} else {
$name = $me;
}
$user->indiesyndicate[$me] = ['name' => $name, 'access_token' => $token, 'micropub_endpoint' => $micropub_endpoint, 'method' => 'micropub'];
$user->save();
Idno::site()->session()->addMessage('Successfully authorized ' . $me);
} else {
Idno::site()->session()->addErrorMessage('Authorization was declined or failed for ' . $me);
}
$this->forward(Idno::site()->config()->getDisplayURL() . 'account/indiesyndicate');
}
作者:sintori
项目:Know
/**
* Have webhooks been registered in the system?
* @return bool
*/
function hasWebhooks()
{
if (!empty(\Idno\Core\Idno::site()->config()->webhook_syndication) || \Idno\Core\Idno::site()->session()->isLoggedIn() && !empty(\Idno\Core\Idno::site()->session()->currentUser()->webhook_syndication)) {
return true;
}
return false;
}
作者:kylew
项目:KnownReaction
function saveDataFromInput()
{
$page = Idno::site()->currentPage();
if (empty($this->_id)) {
$new = true;
} else {
$new = false;
}
$this->repostof = $page->getInput('repost-of');
if ($this->repostof) {
foreach ((array) $this->repostof as $repostofurl) {
$this->syndicatedto = Webmention::addSyndicatedReplyTargets($repostofurl, $this->syndicatedto);
}
}
$this->description = $page->getInput('description');
$this->body = $page->getInput('body');
if (empty($this->description) && empty($this->body)) {
$result = \IdnoPlugins\Reactions\Pages\Fetch::fetch($this->repostof);
if (isset($result['description'])) {
$this->description = $result['description'];
}
if (isset($result['content'])) {
$this->body = $result['content'];
}
}
$this->setAccess($page->getInput('access'));
if ($this->publish($new)) {
Webmention::sendWebmentionPayload($this->getURL(), $this->repostof);
}
return true;
}
作者:sensiblem
项目:Flick
function getContent()
{
$this->gatekeeper();
// Logged-in users only
if ($twitter = \Idno\Core\Idno::site()->plugins()->get('Flickr')) {
if ($user = \Idno\Core\Idno::site()->session()->currentUser()) {
if ($account = $this->getInput('remove')) {
if (array_key_exists($account, $user->flickr)) {
unset($user->flickr[$account]);
} else {
$user->flickr = false;
}
} else {
$user->flickr = false;
}
$user->save();
\Idno\Core\Idno::site()->session()->refreshSessionUser($user);
if (!empty($user->link_callback)) {
error_log($user->link_callback);
$this->forward($user->link_callback);
exit;
}
}
}
$this->forward($_SERVER['HTTP_REFERER']);
}
作者:sintori
项目:Know
function registerPages()
{
\Idno\Core\Idno::site()->addPageHandler('/entry/edit/?', '\\IdnoPlugins\\Text\\Pages\\Edit');
\Idno\Core\Idno::site()->addPageHandler('/entry/edit/([A-Za-z0-9]+)/?', '\\IdnoPlugins\\Text\\Pages\\Edit');
\Idno\Core\Idno::site()->addPageHandler('/entry/delete/([A-Za-z0-9]+)/?', '\\IdnoPlugins\\Text\\Pages\\Delete');
\Idno\Core\Idno::site()->addPageHandler('/entry/([A-Za-z0-9]+)/.*', '\\Idno\\Pages\\Entity\\View');
}
作者:sintori
项目:Know
function postContent()
{
$body = strip_tags($this->getInput('body'));
$name = strip_tags($this->getInput('name'));
$url = trim($this->getInput('url'));
$url2 = trim($this->getInput('url-2'));
$validator = $this->getInput('validator');
if (!empty($url2)) {
$this->deniedContent();
}
$this->referrerGatekeeper();
if (!empty($body) && !empty($name) && !empty($validator)) {
if ($object = Entity::getByUUID($validator)) {
if ($url = Webservice::sanitizeURL($url)) {
if ($content = Webservice::get($url)) {
if ($content['response'] == '200') {
$icon = Webmention::getIconFromWebsiteContent($content['content'], $url);
}
}
}
if (empty($icon)) {
$bn = hexdec(substr(md5($url), 0, 15));
$number = 1 + $bn % 5;
$icon = \Idno\Core\Idno::site()->config()->url . 'gfx/users/default-' . str_pad($number, 2, '0', STR_PAD_LEFT) . '.png';
}
$object->addAnnotation('reply', $name, $url, $icon, $body);
$this->forward($object->getDisplayURL());
}
}
}
作者:smartboyathom
项目:Know
/**
* Get parsed items from this feed
* @return array|bool
*/
function retrieveItems()
{
if ($content = Webservice::get($this->getFeedURL())) {
return \Idno\Core\Idno::site()->reader()->parseFeed($content['content'], $this->getFeedURL());
}
return false;
}
作者:kylew
项目:KnownReaction
function getContent()
{
$t = Idno::site()->template();
$t->setTemplateType('json');
$url = $this->getInput('url');
$t->__(self::fetch($url))->drawPage();
}
作者:smartboyathom
项目:Know
function getContent()
{
$this->createGatekeeper();
// This functionality is for logged-in users only
// Are we loading an entity?
if (!empty($this->arguments)) {
$object = \IdnoPlugins\Event\Event::getByID($this->arguments[0]);
} else {
$object = new \IdnoPlugins\Event\Event();
$autosave = new \Idno\Core\Autosave();
foreach (array('title', 'summary', 'location', 'starttime', 'endtime', 'body') as $field) {
$object->{$field} = $autosave->getValue('event', $field);
}
}
if ($owner = $object->getOwner()) {
$this->setOwner($owner);
}
$t = \Idno\Core\Idno::site()->template();
$body = $t->__(array('object' => $object))->draw('entity/Event/edit');
if (empty($object)) {
$title = 'Write an event';
} else {
$title = 'Edit event';
}
if (!empty($this->xhr)) {
echo $body;
} else {
$t->__(array('body' => $body, 'title' => $title))->drawPage();
}
}
作者:smartboyathom
项目:Know
function getContent()
{
$this->createGatekeeper();
// This functionality is for logged-in users only
// Are we loading an entity?
if (!empty($this->arguments)) {
$object = \IdnoPlugins\Checkin\Checkin::getByID($this->arguments[0]);
} else {
$object = new \IdnoPlugins\Checkin\Checkin();
}
if ($owner = $object->getOwner()) {
$this->setOwner($owner);
}
$t = \Idno\Core\Idno::site()->template();
$body = $t->__(array('object' => $object))->draw('entity/Checkin/edit');
if (empty($object)) {
$title = 'Where are you?';
} else {
$title = 'Edit checkin';
}
if (!empty($this->xhr)) {
echo $body;
} else {
$t->__(array('body' => $body, 'title' => $title))->drawPage();
}
}
作者:knownunknown
项目:Know
function post()
{
if (\Idno\Core\Idno::site()->session()->isLoggedOn()) {
if (!empty($_FILES['file']['tmp_name'])) {
if (!\Idno\Core\Idno::site()->triggerEvent("file/upload", [], true)) {
exit;
}
if (\Idno\Entities\File::isImage($_FILES['file']['tmp_name'])) {
$return = false;
$file = false;
if ($file = \Idno\Entities\File::createThumbnailFromFile($_FILES['file']['tmp_name'], $_FILES['file']['name'], 1024)) {
$return = true;
$returnfile = new \stdClass();
$returnfile->file = ['_id' => $file];
$file = $returnfile;
} else {
if ($file = \Idno\Entities\File::createFromFile($_FILES['file']['tmp_name'], $_FILES['file']['name'], $_FILES['file']['type'], true)) {
$return = true;
}
}
if ($return) {
$t = \Idno\Core\Idno::site()->template();
$t->file = $file;
echo $t->draw('file/picker/donejs');
exit;
}
} else {
Idno::site()->session()->addErrorMessage("You can only upload images.");
}
}
$this->forward($_SERVER['HTTP_REDIRECT']);
}
}
作者:kreativmin
项目:Know
function getContent()
{
$this->createGatekeeper();
// This functionality is for logged-in users only
// Are we loading an entity?
if (!empty($this->arguments)) {
$title = 'Edit bookmark';
$object = \IdnoPlugins\Like\Like::getByID($this->arguments[0]);
} else {
$title = 'New bookmark';
$object = new \IdnoPlugins\Like\Like();
$object->pageTitle = $object->getTitleFromURL($this->getInput('url'));
}
if ($owner = $object->getOwner()) {
$this->setOwner($owner);
}
$t = \Idno\Core\Idno::site()->template();
$edit_body = $t->__(array('object' => $object, 'url' => $this->getInput('url')))->draw('entity/Like/edit');
$body = $t->__(['body' => $edit_body])->draw('entity/editwrapper');
if (!empty($this->xhr)) {
echo $body;
} else {
$t->__(array('body' => $body, 'title' => $title))->drawPage();
}
}
作者:kreativmin
项目:Know
function getContent()
{
$this->createGatekeeper();
// This functionality is for logged-in users only
// Are we loading an entity?
if (!empty($this->arguments)) {
$object = \IdnoPlugins\Status\Status::getByID($this->arguments[0]);
} else {
$object = \IdnoPlugins\Status\Status::factory();
}
if ($owner = $object->getOwner()) {
$this->setOwner($owner);
}
$t = \Idno\Core\Idno::site()->template();
$edit_body = $t->__(array('object' => $object, 'url' => $this->getInput('url'), 'body' => $this->getInput('body'), 'tags' => $this->getInput('tags')))->draw('entity/Status/edit');
$body = $t->__(['body' => $edit_body])->draw('entity/editwrapper');
if (empty($object)) {
$title = 'What are you up to?';
} else {
$title = 'Edit status update';
}
if (!empty($this->xhr)) {
echo $body;
} else {
$t->__(array('body' => $body, 'title' => $title))->drawPage();
}
}
作者:sintori
项目:Know
function postContent()
{
$this->adminGatekeeper();
$hooks = $this->getInput('webhooks');
$titles = $this->getInput('titles');
$webhook_syndication = array();
if (is_array($hooks) && !empty($hooks)) {
foreach ($hooks as $key => $hook) {
$hook = trim($hook);
if (!empty($hook)) {
if (filter_var($hook, FILTER_VALIDATE_URL)) {
if (!empty($titles[$key])) {
$title = $titles[$key];
} else {
$title = parse_url($hook, PHP_URL_HOST);
}
$webhook_syndication[] = array('url' => $hook, 'title' => $title);
} else {
\Idno\Core\Idno::site()->session()->addErrorMessage($hook . " doesn't seem to be a valid URL.");
}
}
}
}
\Idno\Core\Idno::site()->config->webhook_syndication = $webhook_syndication;
\Idno\Core\Idno::site()->config->save();
$this->forward(\Idno\Core\Idno::site()->config()->getDisplayURL() . 'admin/webhooks/');
}