From f580d8e5c022f42f7dbe8465dff668d240c1da09 Mon Sep 17 00:00:00 2001 From: Philipp Date: Sun, 28 Nov 2021 13:22:27 +0100 Subject: [PATCH 1/7] extract "BaseApi::checkDefaults()" method for later usage --- src/BaseModule.php | 42 +++++++++++++++++++ src/Module/Api/Friendica/Activity.php | 2 +- .../Api/Friendica/DirectMessages/Setseen.php | 2 +- src/Module/Api/Friendica/Events/Index.php | 2 +- src/Module/Api/Friendica/Group/Delete.php | 2 +- src/Module/Api/Friendica/Photo/Delete.php | 2 +- .../Api/Friendica/Photoalbum/Delete.php | 2 +- .../Api/Friendica/Photoalbum/Update.php | 2 +- .../Api/Mastodon/Accounts/Followers.php | 2 +- .../Api/Mastodon/Accounts/Following.php | 2 +- src/Module/Api/Mastodon/Accounts/Note.php | 2 +- .../Api/Mastodon/Accounts/Relationships.php | 2 +- src/Module/Api/Mastodon/Accounts/Search.php | 2 +- src/Module/Api/Mastodon/Accounts/Statuses.php | 2 +- src/Module/Api/Mastodon/Apps.php | 2 +- src/Module/Api/Mastodon/Blocks.php | 2 +- src/Module/Api/Mastodon/Bookmarks.php | 2 +- src/Module/Api/Mastodon/Conversations.php | 2 +- src/Module/Api/Mastodon/Directory.php | 2 +- src/Module/Api/Mastodon/Favourited.php | 2 +- src/Module/Api/Mastodon/FollowRequests.php | 2 +- src/Module/Api/Mastodon/Lists.php | 4 +- src/Module/Api/Mastodon/Lists/Accounts.php | 2 +- src/Module/Api/Mastodon/Media.php | 2 +- src/Module/Api/Mastodon/Mutes.php | 2 +- src/Module/Api/Mastodon/Notifications.php | 2 +- src/Module/Api/Mastodon/PushSubscription.php | 4 +- src/Module/Api/Mastodon/ScheduledStatuses.php | 2 +- src/Module/Api/Mastodon/Search.php | 2 +- src/Module/Api/Mastodon/Statuses.php | 2 +- src/Module/Api/Mastodon/Statuses/Context.php | 2 +- src/Module/Api/Mastodon/Suggestions.php | 2 +- src/Module/Api/Mastodon/Timelines/Direct.php | 2 +- src/Module/Api/Mastodon/Timelines/Home.php | 2 +- .../Api/Mastodon/Timelines/ListTimeline.php | 2 +- .../Api/Mastodon/Timelines/PublicTimeline.php | 2 +- src/Module/Api/Mastodon/Timelines/Tag.php | 2 +- src/Module/Api/Mastodon/Trends.php | 2 +- src/Module/BaseApi.php | 32 +------------- src/Module/OAuth/Authorize.php | 2 +- src/Module/OAuth/Revoke.php | 2 +- src/Module/OAuth/Token.php | 2 +- 42 files changed, 86 insertions(+), 72 deletions(-) diff --git a/src/BaseModule.php b/src/BaseModule.php index 86dd5e7c0..a74c02713 100644 --- a/src/BaseModule.php +++ b/src/BaseModule.php @@ -241,6 +241,48 @@ abstract class BaseModule implements ICanHandleRequests return $this->response->generate(); } + /** + * Checks request inputs and sets default parameters + * + * @param array $defaults Associative array of expected request keys and their default typed value. A null + * value will remove the request key from the resulting value array. + * @param array $input Custom REQUEST array, superglobal instead + * + * @return array Request data + */ + protected function checkDefaults(array $defaults, array $input): array + { + $request = []; + + foreach ($defaults as $parameter => $defaultvalue) { + if (is_string($defaultvalue)) { + $request[$parameter] = $input[$parameter] ?? $defaultvalue; + } elseif (is_int($defaultvalue)) { + $request[$parameter] = (int)($input[$parameter] ?? $defaultvalue); + } elseif (is_float($defaultvalue)) { + $request[$parameter] = (float)($input[$parameter] ?? $defaultvalue); + } elseif (is_array($defaultvalue)) { + $request[$parameter] = $input[$parameter] ?? []; + } elseif (is_bool($defaultvalue)) { + $request[$parameter] = in_array(strtolower($input[$parameter] ?? ''), ['true', '1']); + } else { + $this->logger->notice('Unhandled default value type', ['parameter' => $parameter, 'type' => gettype($defaultvalue)]); + } + } + + foreach ($input ?? [] as $parameter => $value) { + if ($parameter == 'pagename') { + continue; + } + if (!in_array($parameter, array_keys($defaults))) { + $this->logger->notice('Unhandled request field', ['parameter' => $parameter, 'value' => $value, 'command' => $this->args->getCommand()]); + } + } + + $this->logger->debug('Got request parameters', ['request' => $request, 'command' => $this->args->getCommand()]); + return $request; + } + /* * Functions used to protect against Cross-Site Request Forgery * The security token has to base on at least one value that an attacker can't know - here it's the session ID and the private key. diff --git a/src/Module/Api/Friendica/Activity.php b/src/Module/Api/Friendica/Activity.php index 070dc452c..6826eb378 100644 --- a/src/Module/Api/Friendica/Activity.php +++ b/src/Module/Api/Friendica/Activity.php @@ -45,7 +45,7 @@ class Activity extends BaseApi self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'id' => 0, // Id of the post ], $request); diff --git a/src/Module/Api/Friendica/DirectMessages/Setseen.php b/src/Module/Api/Friendica/DirectMessages/Setseen.php index a6a4875b8..5fcb87b32 100644 --- a/src/Module/Api/Friendica/DirectMessages/Setseen.php +++ b/src/Module/Api/Friendica/DirectMessages/Setseen.php @@ -35,7 +35,7 @@ class Setseen extends BaseApi self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'id' => 0, // Id of the direct message ], $request); diff --git a/src/Module/Api/Friendica/Events/Index.php b/src/Module/Api/Friendica/Events/Index.php index 6e3daa770..fed7cc54d 100644 --- a/src/Module/Api/Friendica/Events/Index.php +++ b/src/Module/Api/Friendica/Events/Index.php @@ -38,7 +38,7 @@ class Index extends BaseApi self::checkAllowedScope(self::SCOPE_READ); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'since_id' => 0, 'count' => 0, ], $request); diff --git a/src/Module/Api/Friendica/Group/Delete.php b/src/Module/Api/Friendica/Group/Delete.php index f0d94ff3e..9b63cd7e6 100644 --- a/src/Module/Api/Friendica/Group/Delete.php +++ b/src/Module/Api/Friendica/Group/Delete.php @@ -37,7 +37,7 @@ class Delete extends BaseApi self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'gid' => 0, 'name' => '' ], $request); diff --git a/src/Module/Api/Friendica/Photo/Delete.php b/src/Module/Api/Friendica/Photo/Delete.php index d4288b88b..5861723b6 100644 --- a/src/Module/Api/Friendica/Photo/Delete.php +++ b/src/Module/Api/Friendica/Photo/Delete.php @@ -36,7 +36,7 @@ class Delete extends BaseApi { $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'photo_id' => '', // Photo id ], $request); diff --git a/src/Module/Api/Friendica/Photoalbum/Delete.php b/src/Module/Api/Friendica/Photoalbum/Delete.php index 8a45de2d3..8cb719cd1 100644 --- a/src/Module/Api/Friendica/Photoalbum/Delete.php +++ b/src/Module/Api/Friendica/Photoalbum/Delete.php @@ -39,7 +39,7 @@ class Delete extends BaseApi self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'album' => '', // Album name ], $request); diff --git a/src/Module/Api/Friendica/Photoalbum/Update.php b/src/Module/Api/Friendica/Photoalbum/Update.php index 2c1e5e878..d9fc760d6 100644 --- a/src/Module/Api/Friendica/Photoalbum/Update.php +++ b/src/Module/Api/Friendica/Photoalbum/Update.php @@ -37,7 +37,7 @@ class Update extends BaseApi self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'album' => '', // Current album name 'album_new' => '', // New album name ], $request); diff --git a/src/Module/Api/Mastodon/Accounts/Followers.php b/src/Module/Api/Mastodon/Accounts/Followers.php index ba24625c4..3e06528bd 100644 --- a/src/Module/Api/Mastodon/Accounts/Followers.php +++ b/src/Module/Api/Mastodon/Accounts/Followers.php @@ -48,7 +48,7 @@ class Followers extends BaseApi DI::mstdnError()->RecordNotFound(); } - $request = self::getRequest([ + $request = $this->getRequest([ 'max_id' => 0, // Return results older than this id 'since_id' => 0, // Return results newer than this id 'min_id' => 0, // Return results immediately newer than id diff --git a/src/Module/Api/Mastodon/Accounts/Following.php b/src/Module/Api/Mastodon/Accounts/Following.php index a80af6ea9..2aace2683 100644 --- a/src/Module/Api/Mastodon/Accounts/Following.php +++ b/src/Module/Api/Mastodon/Accounts/Following.php @@ -48,7 +48,7 @@ class Following extends BaseApi DI::mstdnError()->RecordNotFound(); } - $request = self::getRequest([ + $request = $this->getRequest([ 'max_id' => 0, // Return results older than this id 'since_id' => 0, // Return results newer than this id 'min_id' => 0, // Return results immediately newer than id diff --git a/src/Module/Api/Mastodon/Accounts/Note.php b/src/Module/Api/Mastodon/Accounts/Note.php index 7135cb930..eb97a8856 100644 --- a/src/Module/Api/Mastodon/Accounts/Note.php +++ b/src/Module/Api/Mastodon/Accounts/Note.php @@ -41,7 +41,7 @@ class Note extends BaseApi DI::mstdnError()->UnprocessableEntity(); } - $request = self::getRequest([ + $request = $this->getRequest([ 'comment' => '', ], $request); diff --git a/src/Module/Api/Mastodon/Accounts/Relationships.php b/src/Module/Api/Mastodon/Accounts/Relationships.php index b56fd5a94..6fce26fbb 100644 --- a/src/Module/Api/Mastodon/Accounts/Relationships.php +++ b/src/Module/Api/Mastodon/Accounts/Relationships.php @@ -39,7 +39,7 @@ class Relationships extends BaseApi self::checkAllowedScope(self::SCOPE_READ); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'id' => [], ], $request); diff --git a/src/Module/Api/Mastodon/Accounts/Search.php b/src/Module/Api/Mastodon/Accounts/Search.php index 53569b79a..536c68850 100644 --- a/src/Module/Api/Mastodon/Accounts/Search.php +++ b/src/Module/Api/Mastodon/Accounts/Search.php @@ -42,7 +42,7 @@ class Search extends BaseApi self::checkAllowedScope(self::SCOPE_READ); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'q' => '', // What to search for 'limit' => 40, // Maximum number of results. Defaults to 40. 'resolve' => false, // Attempt WebFinger lookup. Defaults to false. Use this when q is an exact address. diff --git a/src/Module/Api/Mastodon/Accounts/Statuses.php b/src/Module/Api/Mastodon/Accounts/Statuses.php index 609bcdb20..0ab5a2a50 100644 --- a/src/Module/Api/Mastodon/Accounts/Statuses.php +++ b/src/Module/Api/Mastodon/Accounts/Statuses.php @@ -52,7 +52,7 @@ class Statuses extends BaseApi DI::mstdnError()->RecordNotFound(); } - $request = self::getRequest([ + $request = $this->getRequest([ 'only_media' => false, // Show only statuses with media attached? Defaults to false. 'max_id' => 0, // Return results older than this id 'since_id' => 0, // Return results newer than this id diff --git a/src/Module/Api/Mastodon/Apps.php b/src/Module/Api/Mastodon/Apps.php index 5811e3873..3f24810bb 100644 --- a/src/Module/Api/Mastodon/Apps.php +++ b/src/Module/Api/Mastodon/Apps.php @@ -37,7 +37,7 @@ class Apps extends BaseApi */ protected function post(array $request = [], array $post = []) { - $request = self::getRequest([ + $request = $this->getRequest([ 'client_name' => '', 'redirect_uris' => '', 'scopes' => 'read', diff --git a/src/Module/Api/Mastodon/Blocks.php b/src/Module/Api/Mastodon/Blocks.php index 0a1e9506f..a299185ae 100644 --- a/src/Module/Api/Mastodon/Blocks.php +++ b/src/Module/Api/Mastodon/Blocks.php @@ -48,7 +48,7 @@ class Blocks extends BaseApi DI::mstdnError()->RecordNotFound(); } - $request = self::getRequest([ + $request = $this->getRequest([ 'max_id' => 0, // Return results older than this id 'since_id' => 0, // Return results newer than this id 'min_id' => 0, // Return results immediately newer than id diff --git a/src/Module/Api/Mastodon/Bookmarks.php b/src/Module/Api/Mastodon/Bookmarks.php index d56ad5a88..a3d00dcd8 100644 --- a/src/Module/Api/Mastodon/Bookmarks.php +++ b/src/Module/Api/Mastodon/Bookmarks.php @@ -41,7 +41,7 @@ class Bookmarks extends BaseApi self::checkAllowedScope(self::SCOPE_READ); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'limit' => 20, // Maximum number of results to return. Defaults to 20. 'max_id' => 0, // Return results older than id 'since_id' => 0, // Return results newer than id diff --git a/src/Module/Api/Mastodon/Conversations.php b/src/Module/Api/Mastodon/Conversations.php index 5ff51deb1..125e13e60 100644 --- a/src/Module/Api/Mastodon/Conversations.php +++ b/src/Module/Api/Mastodon/Conversations.php @@ -54,7 +54,7 @@ class Conversations extends BaseApi self::checkAllowedScope(self::SCOPE_READ); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'limit' => 20, // Maximum number of results. Defaults to 20. Max 40. 'max_id' => 0, // Return results older than this ID. Use HTTP Link header to paginate. 'since_id' => 0, // Return results newer than this ID. Use HTTP Link header to paginate. diff --git a/src/Module/Api/Mastodon/Directory.php b/src/Module/Api/Mastodon/Directory.php index 740d5d92a..67104dc28 100644 --- a/src/Module/Api/Mastodon/Directory.php +++ b/src/Module/Api/Mastodon/Directory.php @@ -41,7 +41,7 @@ class Directory extends BaseApi */ protected function rawContent(array $request = []) { - $request = self::getRequest([ + $request = $this->getRequest([ 'offset' => 0, // How many accounts to skip before returning results. Default 0. 'limit' => 40, // How many accounts to load. Default 40. 'order' => 'active', // active to sort by most recently posted statuses (default) or new to sort by most recently created profiles. diff --git a/src/Module/Api/Mastodon/Favourited.php b/src/Module/Api/Mastodon/Favourited.php index c1ac2a89c..243d119f9 100644 --- a/src/Module/Api/Mastodon/Favourited.php +++ b/src/Module/Api/Mastodon/Favourited.php @@ -42,7 +42,7 @@ class Favourited extends BaseApi self::checkAllowedScope(self::SCOPE_READ); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'limit' => 20, // Maximum number of results to return. Defaults to 20. 'min_id' => 0, // Return results immediately newer than id 'max_id' => 0, // Return results older than id diff --git a/src/Module/Api/Mastodon/FollowRequests.php b/src/Module/Api/Mastodon/FollowRequests.php index 739c53c49..eead8f96c 100644 --- a/src/Module/Api/Mastodon/FollowRequests.php +++ b/src/Module/Api/Mastodon/FollowRequests.php @@ -87,7 +87,7 @@ class FollowRequests extends BaseApi self::checkAllowedScope(self::SCOPE_READ); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'min_id' => 0, 'max_id' => 0, 'limit' => 40, // Maximum number of results to return. Defaults to 40. Paginate using the HTTP Link header. diff --git a/src/Module/Api/Mastodon/Lists.php b/src/Module/Api/Mastodon/Lists.php index 53a9ac012..3ab41329c 100644 --- a/src/Module/Api/Mastodon/Lists.php +++ b/src/Module/Api/Mastodon/Lists.php @@ -56,7 +56,7 @@ class Lists extends BaseApi self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'title' => '', ], $request); @@ -76,7 +76,7 @@ class Lists extends BaseApi public function put() { - $request = self::getRequest([ + $request = $this->getRequest([ 'title' => '', // The title of the list to be updated. 'replies_policy' => '', // One of: "followed", "list", or "none". ]); diff --git a/src/Module/Api/Mastodon/Lists/Accounts.php b/src/Module/Api/Mastodon/Lists/Accounts.php index 151da9cc6..9ab676af0 100644 --- a/src/Module/Api/Mastodon/Lists/Accounts.php +++ b/src/Module/Api/Mastodon/Lists/Accounts.php @@ -61,7 +61,7 @@ class Accounts extends BaseApi DI::mstdnError()->RecordNotFound(); } - $request = self::getRequest([ + $request = $this->getRequest([ 'max_id' => 0, // Return results older than this id 'since_id' => 0, // Return results newer than this id 'min_id' => 0, // Return results immediately newer than id diff --git a/src/Module/Api/Mastodon/Media.php b/src/Module/Api/Mastodon/Media.php index 65663882d..24d2a3bf8 100644 --- a/src/Module/Api/Mastodon/Media.php +++ b/src/Module/Api/Mastodon/Media.php @@ -58,7 +58,7 @@ class Media extends BaseApi self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'file' => [], // The file to be attached, using multipart form data. 'thumbnail' => [], // The custom thumbnail of the media to be attached, using multipart form data. 'description' => '', // A plain-text description of the media, for accessibility purposes. diff --git a/src/Module/Api/Mastodon/Mutes.php b/src/Module/Api/Mastodon/Mutes.php index 9d612a455..96a0c7eac 100644 --- a/src/Module/Api/Mastodon/Mutes.php +++ b/src/Module/Api/Mastodon/Mutes.php @@ -48,7 +48,7 @@ class Mutes extends BaseApi DI::mstdnError()->RecordNotFound(); } - $request = self::getRequest([ + $request = $this->getRequest([ 'max_id' => 0, // Return results older than this id 'since_id' => 0, // Return results newer than this id 'min_id' => 0, // Return results immediately newer than id diff --git a/src/Module/Api/Mastodon/Notifications.php b/src/Module/Api/Mastodon/Notifications.php index f57c0268e..7527286e0 100644 --- a/src/Module/Api/Mastodon/Notifications.php +++ b/src/Module/Api/Mastodon/Notifications.php @@ -55,7 +55,7 @@ class Notifications extends BaseApi } } - $request = self::getRequest([ + $request = $this->getRequest([ 'max_id' => 0, // Return results older than this ID 'since_id' => 0, // Return results newer than this ID 'min_id' => 0, // Return results immediately newer than this ID diff --git a/src/Module/Api/Mastodon/PushSubscription.php b/src/Module/Api/Mastodon/PushSubscription.php index b4b152e5c..4978e980a 100644 --- a/src/Module/Api/Mastodon/PushSubscription.php +++ b/src/Module/Api/Mastodon/PushSubscription.php @@ -39,7 +39,7 @@ class PushSubscription extends BaseApi $uid = self::getCurrentUserID(); $application = self::getCurrentApplication(); - $request = self::getRequest([ + $request = $this->getRequest([ 'subscription' => [], 'data' => [], ], $request); @@ -72,7 +72,7 @@ class PushSubscription extends BaseApi $uid = self::getCurrentUserID(); $application = self::getCurrentApplication(); - $request = self::getRequest([ + $request = $this->getRequest([ 'data' => [], ]); diff --git a/src/Module/Api/Mastodon/ScheduledStatuses.php b/src/Module/Api/Mastodon/ScheduledStatuses.php index 644aea874..f6da23aa1 100644 --- a/src/Module/Api/Mastodon/ScheduledStatuses.php +++ b/src/Module/Api/Mastodon/ScheduledStatuses.php @@ -71,7 +71,7 @@ class ScheduledStatuses extends BaseApi System::jsonExit(DI::mstdnScheduledStatus()->createFromDelayedPostId($this->parameters['id'], $uid)->toArray()); } - $request = self::getRequest([ + $request = $this->getRequest([ 'limit' => 20, // Max number of results to return. Defaults to 20. 'max_id' => 0, // Return results older than ID 'since_id' => 0, // Return results newer than ID diff --git a/src/Module/Api/Mastodon/Search.php b/src/Module/Api/Mastodon/Search.php index 1730db68c..dcc9969f7 100644 --- a/src/Module/Api/Mastodon/Search.php +++ b/src/Module/Api/Mastodon/Search.php @@ -45,7 +45,7 @@ class Search extends BaseApi self::checkAllowedScope(self::SCOPE_READ); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'account_id' => 0, // If provided, statuses returned will be authored only by this account 'max_id' => 0, // Return results older than this id 'min_id' => 0, // Return results immediately newer than this id diff --git a/src/Module/Api/Mastodon/Statuses.php b/src/Module/Api/Mastodon/Statuses.php index 54e85d2a6..05851a983 100644 --- a/src/Module/Api/Mastodon/Statuses.php +++ b/src/Module/Api/Mastodon/Statuses.php @@ -46,7 +46,7 @@ class Statuses extends BaseApi self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'status' => '', // Text content of the status. If media_ids is provided, this becomes optional. Attaching a poll is optional while status is provided. 'media_ids' => [], // Array of Attachment ids to be attached as media. If provided, status becomes optional, and poll cannot be used. 'poll' => [], // Poll data. If provided, media_ids cannot be used, and poll[expires_in] must be provided. diff --git a/src/Module/Api/Mastodon/Statuses/Context.php b/src/Module/Api/Mastodon/Statuses/Context.php index 4193b8fa9..f463f46b4 100644 --- a/src/Module/Api/Mastodon/Statuses/Context.php +++ b/src/Module/Api/Mastodon/Statuses/Context.php @@ -43,7 +43,7 @@ class Context extends BaseApi DI::mstdnError()->UnprocessableEntity(); } - $request = self::getRequest([ + $request = $this->getRequest([ 'limit' => 40, // Maximum number of results to return. Defaults to 40. ], $request); diff --git a/src/Module/Api/Mastodon/Suggestions.php b/src/Module/Api/Mastodon/Suggestions.php index d8d89070a..9f8773dc8 100644 --- a/src/Module/Api/Mastodon/Suggestions.php +++ b/src/Module/Api/Mastodon/Suggestions.php @@ -39,7 +39,7 @@ class Suggestions extends BaseApi self::checkAllowedScope(self::SCOPE_READ); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'limit' => 40, // Maximum number of results to return. Defaults to 40. ], $request); diff --git a/src/Module/Api/Mastodon/Timelines/Direct.php b/src/Module/Api/Mastodon/Timelines/Direct.php index f6b55a093..ea3a296dc 100644 --- a/src/Module/Api/Mastodon/Timelines/Direct.php +++ b/src/Module/Api/Mastodon/Timelines/Direct.php @@ -40,7 +40,7 @@ class Direct extends BaseApi self::checkAllowedScope(self::SCOPE_READ); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'max_id' => 0, // Return results older than id 'since_id' => 0, // Return results newer than id 'min_id' => 0, // Return results immediately newer than id diff --git a/src/Module/Api/Mastodon/Timelines/Home.php b/src/Module/Api/Mastodon/Timelines/Home.php index f717ef119..bc53e9bcf 100644 --- a/src/Module/Api/Mastodon/Timelines/Home.php +++ b/src/Module/Api/Mastodon/Timelines/Home.php @@ -41,7 +41,7 @@ class Home extends BaseApi self::checkAllowedScope(self::SCOPE_READ); $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'max_id' => 0, // Return results older than id 'since_id' => 0, // Return results newer than id 'min_id' => 0, // Return results immediately newer than id diff --git a/src/Module/Api/Mastodon/Timelines/ListTimeline.php b/src/Module/Api/Mastodon/Timelines/ListTimeline.php index a1ecd61f6..c3e525f76 100644 --- a/src/Module/Api/Mastodon/Timelines/ListTimeline.php +++ b/src/Module/Api/Mastodon/Timelines/ListTimeline.php @@ -45,7 +45,7 @@ class ListTimeline extends BaseApi DI::mstdnError()->UnprocessableEntity(); } - $request = self::getRequest([ + $request = $this->getRequest([ 'max_id' => 0, // Return results older than id 'since_id' => 0, // Return results newer than id 'min_id' => 0, // Return results immediately newer than id diff --git a/src/Module/Api/Mastodon/Timelines/PublicTimeline.php b/src/Module/Api/Mastodon/Timelines/PublicTimeline.php index 9d3b7f836..c3ebe7af0 100644 --- a/src/Module/Api/Mastodon/Timelines/PublicTimeline.php +++ b/src/Module/Api/Mastodon/Timelines/PublicTimeline.php @@ -43,7 +43,7 @@ class PublicTimeline extends BaseApi { $uid = self::getCurrentUserID(); - $request = self::getRequest([ + $request = $this->getRequest([ 'local' => false, // Show only local statuses? Defaults to false. 'remote' => false, // Show only remote statuses? Defaults to false. 'only_media' => false, // Show only statuses with media attached? Defaults to false. diff --git a/src/Module/Api/Mastodon/Timelines/Tag.php b/src/Module/Api/Mastodon/Timelines/Tag.php index d6915a68f..441de039d 100644 --- a/src/Module/Api/Mastodon/Timelines/Tag.php +++ b/src/Module/Api/Mastodon/Timelines/Tag.php @@ -53,7 +53,7 @@ class Tag extends BaseApi * There seem to be the parameters "any", "all", and "none". */ - $request = self::getRequest([ + $request = $this->getRequest([ 'local' => false, // If true, return only local statuses. Defaults to false. 'remote' => false, // Show only remote statuses? Defaults to false. 'only_media' => false, // If true, return only statuses with media attachments. Defaults to false. diff --git a/src/Module/Api/Mastodon/Trends.php b/src/Module/Api/Mastodon/Trends.php index 4e99b2c74..f87294d0c 100644 --- a/src/Module/Api/Mastodon/Trends.php +++ b/src/Module/Api/Mastodon/Trends.php @@ -36,7 +36,7 @@ class Trends extends BaseApi */ protected function rawContent(array $request = []) { - $request = self::getRequest([ + $request = $this->getRequest([ 'limit' => 20, // Maximum number of results to return. Defaults to 10. ], $request); diff --git a/src/Module/BaseApi.php b/src/Module/BaseApi.php index c67671954..7c0c77372 100644 --- a/src/Module/BaseApi.php +++ b/src/Module/BaseApi.php @@ -116,7 +116,7 @@ class BaseApi extends BaseModule * @return array request data * @throws \Exception */ - public static function getRequest(array $defaults, array $request = null): array + public function getRequest(array $defaults, array $request = null): array { $httpinput = HTTPInputData::process(); $input = array_merge($httpinput['variables'], $httpinput['files'], $request ?? $_REQUEST); @@ -126,35 +126,7 @@ class BaseApi extends BaseModule unset(self::$request['pagename']); - $request = []; - - foreach ($defaults as $parameter => $defaultvalue) { - if (is_string($defaultvalue)) { - $request[$parameter] = $input[$parameter] ?? $defaultvalue; - } elseif (is_int($defaultvalue)) { - $request[$parameter] = (int)($input[$parameter] ?? $defaultvalue); - } elseif (is_float($defaultvalue)) { - $request[$parameter] = (float)($input[$parameter] ?? $defaultvalue); - } elseif (is_array($defaultvalue)) { - $request[$parameter] = $input[$parameter] ?? []; - } elseif (is_bool($defaultvalue)) { - $request[$parameter] = in_array(strtolower($input[$parameter] ?? ''), ['true', '1']); - } else { - Logger::notice('Unhandled default value type', ['parameter' => $parameter, 'type' => gettype($defaultvalue)]); - } - } - - foreach ($input ?? [] as $parameter => $value) { - if ($parameter == 'pagename') { - continue; - } - if (!in_array($parameter, array_keys($defaults))) { - Logger::notice('Unhandled request field', ['parameter' => $parameter, 'value' => $value, 'command' => DI::args()->getCommand()]); - } - } - - Logger::debug('Got request parameters', ['request' => $request, 'command' => DI::args()->getCommand()]); - return $request; + return $this->checkDefaults($defaults, $input); } /** diff --git a/src/Module/OAuth/Authorize.php b/src/Module/OAuth/Authorize.php index 973f31a0b..56a11ba0a 100644 --- a/src/Module/OAuth/Authorize.php +++ b/src/Module/OAuth/Authorize.php @@ -39,7 +39,7 @@ class Authorize extends BaseApi */ protected function rawContent(array $request = []) { - $request = self::getRequest([ + $request = $this->getRequest([ 'force_login' => '', // Forces the user to re-login, which is necessary for authorizing with multiple accounts from the same instance. 'response_type' => '', // Should be set equal to "code". 'client_id' => '', // Client ID, obtained during app registration. diff --git a/src/Module/OAuth/Revoke.php b/src/Module/OAuth/Revoke.php index 536d603c7..745ab0673 100644 --- a/src/Module/OAuth/Revoke.php +++ b/src/Module/OAuth/Revoke.php @@ -34,7 +34,7 @@ class Revoke extends BaseApi { protected function post(array $request = [], array $post = []) { - $request = self::getRequest([ + $request = $this->getRequest([ 'client_id' => '', // Client ID, obtained during app registration 'client_secret' => '', // Client secret, obtained during app registration 'token' => '', // The previously obtained token, to be invalidated diff --git a/src/Module/OAuth/Token.php b/src/Module/OAuth/Token.php index 8bbb272c3..c8ef9ee14 100644 --- a/src/Module/OAuth/Token.php +++ b/src/Module/OAuth/Token.php @@ -36,7 +36,7 @@ class Token extends BaseApi { protected function post(array $request = [], array $post = []) { - $request = self::getRequest([ + $request = $this->getRequest([ 'client_id' => '', // Client ID, obtained during app registration 'client_secret' => '', // Client secret, obtained during app registration 'redirect_uri' => '', // Set a URI to redirect the user to. If this parameter is set to "urn:ietf:wg:oauth:2.0:oob" then the token will be shown instead. Must match one of the redirect URIs declared during app registration. From 2e4d654c0a241891a8a64ebd3e49ebde42fad8cc Mon Sep 17 00:00:00 2001 From: Philipp Date: Sun, 28 Nov 2021 13:44:42 +0100 Subject: [PATCH 2/7] Make $_REQUEST processing independent of sub-calls - Move HTTPInputData::process() into App::runFrontend() - Pass $_REQUEST (including processed Input) to every Module method - Delete $_POST parameters at Module post() calls because of $_REQUEST --- src/App.php | 7 ++++- src/BaseModule.php | 29 +++++++++++-------- src/Capabilities/ICanHandleRequests.php | 5 ++-- src/LegacyModule.php | 4 +-- src/Module/Admin/Addons/Details.php | 2 +- src/Module/Admin/Blocklist/Contact.php | 2 +- src/Module/Admin/Blocklist/Server/Add.php | 2 +- src/Module/Admin/Blocklist/Server/Index.php | 2 +- src/Module/Admin/Features.php | 2 +- src/Module/Admin/Item/Delete.php | 3 +- src/Module/Admin/Logs/Settings.php | 3 +- src/Module/Admin/Site.php | 2 +- src/Module/Admin/Storage.php | 2 +- src/Module/Admin/Themes/Embed.php | 2 +- src/Module/Admin/Tos.php | 2 +- src/Module/Admin/Users/Active.php | 2 +- src/Module/Admin/Users/Blocked.php | 2 +- src/Module/Admin/Users/Create.php | 2 +- src/Module/Admin/Users/Deleted.php | 2 +- src/Module/Admin/Users/Index.php | 2 +- src/Module/Admin/Users/Pending.php | 2 +- src/Module/Api/ApiResponse.php | 6 ++-- src/Module/Api/Friendica/Index.php | 4 +-- src/Module/Api/Mastodon/Accounts/Block.php | 2 +- src/Module/Api/Mastodon/Accounts/Follow.php | 2 +- src/Module/Api/Mastodon/Accounts/Mute.php | 2 +- src/Module/Api/Mastodon/Accounts/Note.php | 2 +- src/Module/Api/Mastodon/Accounts/Unblock.php | 2 +- src/Module/Api/Mastodon/Accounts/Unfollow.php | 2 +- src/Module/Api/Mastodon/Accounts/Unmute.php | 2 +- .../Mastodon/Accounts/UpdateCredentials.php | 9 ++---- src/Module/Api/Mastodon/Apps.php | 2 +- src/Module/Api/Mastodon/Conversations.php | 2 +- .../Api/Mastodon/Conversations/Read.php | 2 +- src/Module/Api/Mastodon/Filters.php | 4 +-- src/Module/Api/Mastodon/FollowRequests.php | 2 +- src/Module/Api/Mastodon/Lists.php | 6 ++-- src/Module/Api/Mastodon/Lists/Accounts.php | 8 ++--- src/Module/Api/Mastodon/Markers.php | 4 +-- src/Module/Api/Mastodon/Media.php | 4 +-- .../Api/Mastodon/Notifications/Clear.php | 2 +- .../Api/Mastodon/Notifications/Dismiss.php | 2 +- src/Module/Api/Mastodon/PushSubscription.php | 6 ++-- src/Module/Api/Mastodon/ScheduledStatuses.php | 6 ++-- src/Module/Api/Mastodon/Statuses.php | 4 +-- src/Module/Api/Mastodon/Statuses/Bookmark.php | 2 +- .../Api/Mastodon/Statuses/Favourite.php | 2 +- src/Module/Api/Mastodon/Statuses/Mute.php | 2 +- src/Module/Api/Mastodon/Statuses/Pin.php | 2 +- src/Module/Api/Mastodon/Statuses/Reblog.php | 2 +- .../Api/Mastodon/Statuses/Unbookmark.php | 2 +- .../Api/Mastodon/Statuses/Unfavourite.php | 2 +- src/Module/Api/Mastodon/Statuses/Unmute.php | 2 +- src/Module/Api/Mastodon/Statuses/Unpin.php | 2 +- src/Module/Api/Mastodon/Statuses/Unreblog.php | 2 +- src/Module/Api/Mastodon/Unimplemented.php | 18 ++++++------ src/Module/BaseApi.php | 20 +++++-------- src/Module/Contact.php | 2 +- src/Module/Contact/Advanced.php | 2 +- src/Module/Contact/Poke.php | 2 +- src/Module/Contact/Profile.php | 2 +- src/Module/Contact/Revoke.php | 2 +- src/Module/DFRN/Notify.php | 2 +- src/Module/Debug/Localtime.php | 2 +- src/Module/Delegation.php | 2 +- src/Module/Diaspora/Receive.php | 2 +- src/Module/FollowConfirm.php | 4 +-- src/Module/FriendSuggest.php | 2 +- src/Module/Group.php | 4 +-- src/Module/HTTPException/PageNotFound.php | 4 +-- src/Module/Install.php | 2 +- src/Module/Invite.php | 2 +- src/Module/Item/Compose.php | 2 +- src/Module/Notifications/Notification.php | 2 +- src/Module/OAuth/Acknowledge.php | 2 +- src/Module/OAuth/Revoke.php | 2 +- src/Module/OAuth/Token.php | 2 +- src/Module/Profile/Schedule.php | 2 +- src/Module/Register.php | 2 +- src/Module/RemoteFollow.php | 2 +- src/Module/Security/Login.php | 2 +- src/Module/Security/TwoFactor/Recovery.php | 2 +- src/Module/Security/TwoFactor/Verify.php | 2 +- src/Module/Settings/Delegation.php | 2 +- src/Module/Settings/Display.php | 2 +- src/Module/Settings/Profile/Index.php | 2 +- src/Module/Settings/Profile/Photo/Crop.php | 2 +- src/Module/Settings/Profile/Photo/Index.php | 2 +- src/Module/Settings/TwoFactor/AppSpecific.php | 2 +- src/Module/Settings/TwoFactor/Index.php | 2 +- src/Module/Settings/TwoFactor/Recovery.php | 2 +- src/Module/Settings/TwoFactor/Trusted.php | 2 +- src/Module/Settings/TwoFactor/Verify.php | 2 +- .../Module/Api/Friendica/Photo/DeleteTest.php | 4 +-- .../Api/Friendica/Photoalbum/DeleteTest.php | 2 +- .../Api/Friendica/Photoalbum/UpdateTest.php | 2 +- 96 files changed, 156 insertions(+), 156 deletions(-) diff --git a/src/App.php b/src/App.php index c80518c19..b8b7fb99f 100644 --- a/src/App.php +++ b/src/App.php @@ -40,6 +40,7 @@ use Friendica\Model\Profile; use Friendica\Module\Special\HTTPException as ModuleHTTPException; use Friendica\Network\HTTPException; use Friendica\Util\DateTimeFormat; +use Friendica\Util\HTTPInputData; use Friendica\Util\HTTPSignature; use Friendica\Util\Profiler; use Friendica\Util\Strings; @@ -702,8 +703,12 @@ class App $module = $router->getModule(); } + // Processes data from GET requests + $httpinput = HTTPInputData::process(); + $input = array_merge($httpinput['variables'], $httpinput['files'], $request ?? $_REQUEST); + // Let the module run it's internal process (init, get, post, ...) - $response = $module->run($_POST, $_REQUEST); + $response = $module->run($input); if ($response->getHeaderLine(ICanCreateResponses::X_HEADER) === ICanCreateResponses::TYPE_HTML) { $page->run($this, $this->baseURL, $this->args, $this->mode, $response, $this->l10n, $this->profiler, $this->config, $pconfig); } else { diff --git a/src/BaseModule.php b/src/BaseModule.php index a74c02713..7dcd821e4 100644 --- a/src/BaseModule.php +++ b/src/BaseModule.php @@ -128,8 +128,10 @@ abstract class BaseModule implements ICanHandleRequests * * Extend this method if the module is supposed to process DELETE requests. * Doesn't display any content + * + * @param string[] $request The $_REQUEST content */ - protected function delete() + protected function delete(array $request = []) { } @@ -138,8 +140,10 @@ abstract class BaseModule implements ICanHandleRequests * * Extend this method if the module is supposed to process PATCH requests. * Doesn't display any content + * + * @param string[] $request The $_REQUEST content */ - protected function patch() + protected function patch(array $request = []) { } @@ -150,10 +154,9 @@ abstract class BaseModule implements ICanHandleRequests * Doesn't display any content * * @param string[] $request The $_REQUEST content - * @param string[] $post The $_POST content * */ - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { // $this->baseUrl->redirect('module'); } @@ -163,15 +166,17 @@ abstract class BaseModule implements ICanHandleRequests * * Extend this method if the module is supposed to process PUT requests. * Doesn't display any content + * + * @param string[] $request The $_REQUEST content */ - protected function put() + protected function put(array $request = []) { } /** * {@inheritDoc} */ - public function run(array $post = [], array $request = []): ResponseInterface + public function run(array $request = []): ResponseInterface { // @see https://github.com/tootsuite/mastodon/blob/c3aef491d66aec743a3a53e934a494f653745b61/config/initializers/cors.rb if (substr($request['pagename'] ?? '', 0, 12) == '.well-known/') { @@ -208,17 +213,17 @@ abstract class BaseModule implements ICanHandleRequests switch ($this->server['REQUEST_METHOD'] ?? Router::GET) { case Router::DELETE: - $this->delete(); + $this->delete($request); break; case Router::PATCH: - $this->patch(); + $this->patch($request); break; case Router::POST: - Core\Hook::callAll($this->args->getModuleName() . '_mod_post', $post); - $this->post($request, $post); + Core\Hook::callAll($this->args->getModuleName() . '_mod_post', $request); + $this->post($request); break; case Router::PUT: - $this->put(); + $this->put($request); break; } @@ -231,7 +236,7 @@ abstract class BaseModule implements ICanHandleRequests $arr = ['content' => '']; Hook::callAll(static::class . '_mod_content', $arr); $this->response->addContent($arr['content']); - $this->response->addContent($this->content($_REQUEST)); + $this->response->addContent($this->content($request)); } catch (HTTPException $e) { $this->response->addContent((new ModuleHTTPException())->content($e)); } finally { diff --git a/src/Capabilities/ICanHandleRequests.php b/src/Capabilities/ICanHandleRequests.php index dc608ebbb..b30be1a1d 100644 --- a/src/Capabilities/ICanHandleRequests.php +++ b/src/Capabilities/ICanHandleRequests.php @@ -11,12 +11,11 @@ use Psr\Http\Message\ResponseInterface; interface ICanHandleRequests { /** - * @param array $post The $_POST content (in case of POST) - * @param array $request The $_REQUEST content (in case of GET, POST) + * @param array $request The $_REQUEST content (including content from the PHP input stream) * * @return ResponseInterface responding to the request handling * * @throws HTTPException\InternalServerErrorException */ - public function run(array $post = [], array $request = []): ResponseInterface; + public function run(array $request = []): ResponseInterface; } diff --git a/src/LegacyModule.php b/src/LegacyModule.php index 8c24617c8..17853015e 100644 --- a/src/LegacyModule.php +++ b/src/LegacyModule.php @@ -73,9 +73,9 @@ class LegacyModule extends BaseModule return $this->runModuleFunction('content'); } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { - parent::post($post); + parent::post($request); $this->runModuleFunction('post'); } diff --git a/src/Module/Admin/Addons/Details.php b/src/Module/Admin/Addons/Details.php index 90abc54b5..7a84409fa 100644 --- a/src/Module/Admin/Addons/Details.php +++ b/src/Module/Admin/Addons/Details.php @@ -30,7 +30,7 @@ use Friendica\Util\Strings; class Details extends BaseAdmin { - public function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Blocklist/Contact.php b/src/Module/Admin/Blocklist/Contact.php index 1263b7c3f..71a073997 100644 --- a/src/Module/Admin/Blocklist/Contact.php +++ b/src/Module/Admin/Blocklist/Contact.php @@ -32,7 +32,7 @@ use Friendica\Util\Network; class Contact extends BaseAdmin { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Blocklist/Server/Add.php b/src/Module/Admin/Blocklist/Server/Add.php index b7397d22b..ad8f148a1 100644 --- a/src/Module/Admin/Blocklist/Server/Add.php +++ b/src/Module/Admin/Blocklist/Server/Add.php @@ -32,7 +32,7 @@ use GuzzleHttp\Psr7\Uri; class Add extends BaseAdmin { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Blocklist/Server/Index.php b/src/Module/Admin/Blocklist/Server/Index.php index 3be131fac..c7e82f766 100644 --- a/src/Module/Admin/Blocklist/Server/Index.php +++ b/src/Module/Admin/Blocklist/Server/Index.php @@ -27,7 +27,7 @@ use Friendica\Module\BaseAdmin; class Index extends BaseAdmin { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Features.php b/src/Module/Admin/Features.php index f5fea300f..546b1d6c6 100644 --- a/src/Module/Admin/Features.php +++ b/src/Module/Admin/Features.php @@ -28,7 +28,7 @@ use Friendica\Module\BaseAdmin; class Features extends BaseAdmin { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Item/Delete.php b/src/Module/Admin/Item/Delete.php index 4ae0563e5..f3415a262 100644 --- a/src/Module/Admin/Item/Delete.php +++ b/src/Module/Admin/Item/Delete.php @@ -25,11 +25,10 @@ use Friendica\Core\Renderer; use Friendica\DI; use Friendica\Model\Item; use Friendica\Module\BaseAdmin; -use Friendica\Util\Strings; class Delete extends BaseAdmin { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Logs/Settings.php b/src/Module/Admin/Logs/Settings.php index 6f09b2957..aeec02d59 100644 --- a/src/Module/Admin/Logs/Settings.php +++ b/src/Module/Admin/Logs/Settings.php @@ -24,12 +24,11 @@ namespace Friendica\Module\Admin\Logs; use Friendica\Core\Renderer; use Friendica\DI; use Friendica\Module\BaseAdmin; -use Friendica\Util\Strings; use Psr\Log\LogLevel; class Settings extends BaseAdmin { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Site.php b/src/Module/Admin/Site.php index 71f042f8d..ceeee8da1 100644 --- a/src/Module/Admin/Site.php +++ b/src/Module/Admin/Site.php @@ -43,7 +43,7 @@ require_once __DIR__ . '/../../../boot.php'; class Site extends BaseAdmin { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Storage.php b/src/Module/Admin/Storage.php index 796f88bb3..33457d452 100644 --- a/src/Module/Admin/Storage.php +++ b/src/Module/Admin/Storage.php @@ -31,7 +31,7 @@ use Friendica\Util\Strings; class Storage extends BaseAdmin { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Themes/Embed.php b/src/Module/Admin/Themes/Embed.php index 1eb3018d5..faa8061c5 100644 --- a/src/Module/Admin/Themes/Embed.php +++ b/src/Module/Admin/Themes/Embed.php @@ -50,7 +50,7 @@ class Embed extends BaseAdmin } } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Tos.php b/src/Module/Admin/Tos.php index 684eb4f76..d064093e6 100644 --- a/src/Module/Admin/Tos.php +++ b/src/Module/Admin/Tos.php @@ -45,7 +45,7 @@ class Tos extends BaseAdmin $this->config = $config; } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Users/Active.php b/src/Module/Admin/Users/Active.php index fa8847d0f..b5596c65f 100644 --- a/src/Module/Admin/Users/Active.php +++ b/src/Module/Admin/Users/Active.php @@ -30,7 +30,7 @@ use Friendica\Module\Admin\BaseUsers; class Active extends BaseUsers { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Users/Blocked.php b/src/Module/Admin/Users/Blocked.php index 8a8c105fa..5f8f61f60 100644 --- a/src/Module/Admin/Users/Blocked.php +++ b/src/Module/Admin/Users/Blocked.php @@ -31,7 +31,7 @@ use Friendica\Util\Temporal; class Blocked extends BaseUsers { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Users/Create.php b/src/Module/Admin/Users/Create.php index 644b93434..8c3fa3076 100644 --- a/src/Module/Admin/Users/Create.php +++ b/src/Module/Admin/Users/Create.php @@ -28,7 +28,7 @@ use Friendica\Module\Admin\BaseUsers; class Create extends BaseUsers { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Users/Deleted.php b/src/Module/Admin/Users/Deleted.php index 4ebe153b8..61c681e30 100644 --- a/src/Module/Admin/Users/Deleted.php +++ b/src/Module/Admin/Users/Deleted.php @@ -33,7 +33,7 @@ use Friendica\Util\Temporal; class Deleted extends BaseUsers { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Users/Index.php b/src/Module/Admin/Users/Index.php index d0f29ee39..c74071562 100644 --- a/src/Module/Admin/Users/Index.php +++ b/src/Module/Admin/Users/Index.php @@ -30,7 +30,7 @@ use Friendica\Module\Admin\BaseUsers; class Index extends BaseUsers { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Admin/Users/Pending.php b/src/Module/Admin/Users/Pending.php index 2917bc260..0d8fd25ce 100644 --- a/src/Module/Admin/Users/Pending.php +++ b/src/Module/Admin/Users/Pending.php @@ -33,7 +33,7 @@ use Friendica\Util\Temporal; class Pending extends BaseUsers { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAdminAccess(); diff --git a/src/Module/Api/ApiResponse.php b/src/Module/Api/ApiResponse.php index 863e1d21d..8f4931383 100644 --- a/src/Module/Api/ApiResponse.php +++ b/src/Module/Api/ApiResponse.php @@ -8,7 +8,6 @@ use Friendica\Core\L10n; use Friendica\Module\Response; use Friendica\Util\Arrays; use Friendica\Util\DateTimeFormat; -use Friendica\Util\HTTPInputData; use Friendica\Util\XML; use Psr\Log\LoggerInterface; use Friendica\Factory\Api\Twitter\User as TwitterUser; @@ -226,11 +225,12 @@ class ApiResponse extends Response * Quit execution with the message that the endpoint isn't implemented * * @param string $method + * @param array $request (optional) The request content of the current call for later analysis * * @return void * @throws \Exception */ - public function unsupported(string $method = 'all') + public function unsupported(string $method = 'all', array $request = []) { $path = $this->args->getQueryString(); $this->logger->info('Unimplemented API call', @@ -238,7 +238,7 @@ class ApiResponse extends Response 'method' => $method, 'path' => $path, 'agent' => $_SERVER['HTTP_USER_AGENT'] ?? '', - 'request' => HTTPInputData::process() + 'request' => $request, ]); $error = $this->l10n->t('API endpoint %s %s is not implemented', strtoupper($method), $path); $error_description = $this->l10n->t('The API endpoint is currently not implemented but might be in the future.'); diff --git a/src/Module/Api/Friendica/Index.php b/src/Module/Api/Friendica/Index.php index 53229b98e..e48d719c5 100644 --- a/src/Module/Api/Friendica/Index.php +++ b/src/Module/Api/Friendica/Index.php @@ -32,12 +32,12 @@ require_once __DIR__ . '/../../../../include/api.php'; */ class Index extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); } - protected function delete() + protected function delete(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); } diff --git a/src/Module/Api/Mastodon/Accounts/Block.php b/src/Module/Api/Mastodon/Accounts/Block.php index a4e0bb88b..9b237cde8 100644 --- a/src/Module/Api/Mastodon/Accounts/Block.php +++ b/src/Module/Api/Mastodon/Accounts/Block.php @@ -32,7 +32,7 @@ use Friendica\Module\BaseApi; */ class Block extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_FOLLOW); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Accounts/Follow.php b/src/Module/Api/Mastodon/Accounts/Follow.php index 443ac2540..03162652e 100644 --- a/src/Module/Api/Mastodon/Accounts/Follow.php +++ b/src/Module/Api/Mastodon/Accounts/Follow.php @@ -31,7 +31,7 @@ use Friendica\Module\BaseApi; */ class Follow extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_FOLLOW); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Accounts/Mute.php b/src/Module/Api/Mastodon/Accounts/Mute.php index 824277348..858dc8d84 100644 --- a/src/Module/Api/Mastodon/Accounts/Mute.php +++ b/src/Module/Api/Mastodon/Accounts/Mute.php @@ -31,7 +31,7 @@ use Friendica\Module\BaseApi; */ class Mute extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_FOLLOW); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Accounts/Note.php b/src/Module/Api/Mastodon/Accounts/Note.php index eb97a8856..429581ccc 100644 --- a/src/Module/Api/Mastodon/Accounts/Note.php +++ b/src/Module/Api/Mastodon/Accounts/Note.php @@ -32,7 +32,7 @@ use Friendica\Module\BaseApi; */ class Note extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Accounts/Unblock.php b/src/Module/Api/Mastodon/Accounts/Unblock.php index 23d78e739..fd1fdb38a 100644 --- a/src/Module/Api/Mastodon/Accounts/Unblock.php +++ b/src/Module/Api/Mastodon/Accounts/Unblock.php @@ -31,7 +31,7 @@ use Friendica\Module\BaseApi; */ class Unblock extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_FOLLOW); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Accounts/Unfollow.php b/src/Module/Api/Mastodon/Accounts/Unfollow.php index 81f919a69..67193f8d8 100644 --- a/src/Module/Api/Mastodon/Accounts/Unfollow.php +++ b/src/Module/Api/Mastodon/Accounts/Unfollow.php @@ -31,7 +31,7 @@ use Friendica\Module\BaseApi; */ class Unfollow extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_FOLLOW); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Accounts/Unmute.php b/src/Module/Api/Mastodon/Accounts/Unmute.php index c9673b98c..a21f55dee 100644 --- a/src/Module/Api/Mastodon/Accounts/Unmute.php +++ b/src/Module/Api/Mastodon/Accounts/Unmute.php @@ -31,7 +31,7 @@ use Friendica\Module\BaseApi; */ class Unmute extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_FOLLOW); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Accounts/UpdateCredentials.php b/src/Module/Api/Mastodon/Accounts/UpdateCredentials.php index 8d9fb4869..e560d4c4f 100644 --- a/src/Module/Api/Mastodon/Accounts/UpdateCredentials.php +++ b/src/Module/Api/Mastodon/Accounts/UpdateCredentials.php @@ -24,22 +24,19 @@ namespace Friendica\Module\Api\Mastodon\Accounts; use Friendica\App\Router; use Friendica\Core\Logger; use Friendica\Module\BaseApi; -use Friendica\Util\HTTPInputData; /** * @see https://docs.joinmastodon.org/methods/accounts/ */ class UpdateCredentials extends BaseApi { - protected function patch() + protected function patch(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); - $data = HTTPInputData::process(); + Logger::info('Patch data', ['data' => $request]); - Logger::info('Patch data', ['data' => $data]); - - $this->response->unsupported(Router::PATCH); + $this->response->unsupported(Router::PATCH, $request); } } diff --git a/src/Module/Api/Mastodon/Apps.php b/src/Module/Api/Mastodon/Apps.php index 3f24810bb..30ea29ac3 100644 --- a/src/Module/Api/Mastodon/Apps.php +++ b/src/Module/Api/Mastodon/Apps.php @@ -35,7 +35,7 @@ class Apps extends BaseApi /** * @throws \Friendica\Network\HTTPException\InternalServerErrorException */ - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { $request = $this->getRequest([ 'client_name' => '', diff --git a/src/Module/Api/Mastodon/Conversations.php b/src/Module/Api/Mastodon/Conversations.php index 125e13e60..6cc364c9c 100644 --- a/src/Module/Api/Mastodon/Conversations.php +++ b/src/Module/Api/Mastodon/Conversations.php @@ -31,7 +31,7 @@ use Friendica\Module\BaseApi; */ class Conversations extends BaseApi { - protected function delete() + protected function delete(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Conversations/Read.php b/src/Module/Api/Mastodon/Conversations/Read.php index a70cdfb00..d5e87a6c9 100644 --- a/src/Module/Api/Mastodon/Conversations/Read.php +++ b/src/Module/Api/Mastodon/Conversations/Read.php @@ -31,7 +31,7 @@ use Friendica\Module\BaseApi; */ class Read extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Filters.php b/src/Module/Api/Mastodon/Filters.php index b48b38b6e..781e0341a 100644 --- a/src/Module/Api/Mastodon/Filters.php +++ b/src/Module/Api/Mastodon/Filters.php @@ -31,11 +31,11 @@ use Friendica\Module\BaseApi; */ class Filters extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); - $this->response->unsupported(Router::POST); + $this->response->unsupported(Router::POST, $request); } /** diff --git a/src/Module/Api/Mastodon/FollowRequests.php b/src/Module/Api/Mastodon/FollowRequests.php index eead8f96c..b131debd6 100644 --- a/src/Module/Api/Mastodon/FollowRequests.php +++ b/src/Module/Api/Mastodon/FollowRequests.php @@ -42,7 +42,7 @@ class FollowRequests extends BaseApi * @see https://docs.joinmastodon.org/methods/accounts/follow_requests#accept-follow * @see https://docs.joinmastodon.org/methods/accounts/follow_requests#reject-follow */ - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_FOLLOW); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Lists.php b/src/Module/Api/Mastodon/Lists.php index 3ab41329c..12f6ea011 100644 --- a/src/Module/Api/Mastodon/Lists.php +++ b/src/Module/Api/Mastodon/Lists.php @@ -31,7 +31,7 @@ use Friendica\Model\Group; */ class Lists extends BaseApi { - protected function delete() + protected function delete(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); @@ -51,7 +51,7 @@ class Lists extends BaseApi System::jsonExit([]); } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); @@ -74,7 +74,7 @@ class Lists extends BaseApi System::jsonExit(DI::mstdnList()->createFromGroupId($id)); } - public function put() + public function put(array $request = []) { $request = $this->getRequest([ 'title' => '', // The title of the list to be updated. diff --git a/src/Module/Api/Mastodon/Lists/Accounts.php b/src/Module/Api/Mastodon/Lists/Accounts.php index 9ab676af0..96b6f5bc9 100644 --- a/src/Module/Api/Mastodon/Lists/Accounts.php +++ b/src/Module/Api/Mastodon/Lists/Accounts.php @@ -34,14 +34,14 @@ use Friendica\Module\BaseApi; */ class Accounts extends BaseApi { - protected function delete() + protected function delete(array $request = []) { - $this->response->unsupported(Router::DELETE); + $this->response->unsupported(Router::DELETE, $request); } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { - $this->response->unsupported(Router::POST); + $this->response->unsupported(Router::POST, $request); } /** diff --git a/src/Module/Api/Mastodon/Markers.php b/src/Module/Api/Mastodon/Markers.php index 9f208e926..2f74c2d10 100644 --- a/src/Module/Api/Mastodon/Markers.php +++ b/src/Module/Api/Mastodon/Markers.php @@ -31,11 +31,11 @@ use Friendica\Module\BaseApi; */ class Markers extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); - $this->response->unsupported(Router::POST); + $this->response->unsupported(Router::POST, $request); } /** diff --git a/src/Module/Api/Mastodon/Media.php b/src/Module/Api/Mastodon/Media.php index 24d2a3bf8..b6ba36661 100644 --- a/src/Module/Api/Mastodon/Media.php +++ b/src/Module/Api/Mastodon/Media.php @@ -32,7 +32,7 @@ use Friendica\Module\BaseApi; */ class Media extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); @@ -53,7 +53,7 @@ class Media extends BaseApi System::jsonExit(DI::mstdnAttachment()->createFromPhoto($media['id'])); } - public function put() + public function put(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Notifications/Clear.php b/src/Module/Api/Mastodon/Notifications/Clear.php index d910fe07d..d997a7fd4 100644 --- a/src/Module/Api/Mastodon/Notifications/Clear.php +++ b/src/Module/Api/Mastodon/Notifications/Clear.php @@ -30,7 +30,7 @@ use Friendica\Module\BaseApi; */ class Clear extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Notifications/Dismiss.php b/src/Module/Api/Mastodon/Notifications/Dismiss.php index 98861a275..277a34d5c 100644 --- a/src/Module/Api/Mastodon/Notifications/Dismiss.php +++ b/src/Module/Api/Mastodon/Notifications/Dismiss.php @@ -32,7 +32,7 @@ use Friendica\Network\HTTPException\ForbiddenException; */ class Dismiss extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/PushSubscription.php b/src/Module/Api/Mastodon/PushSubscription.php index 4978e980a..3e90aebd9 100644 --- a/src/Module/Api/Mastodon/PushSubscription.php +++ b/src/Module/Api/Mastodon/PushSubscription.php @@ -33,7 +33,7 @@ use Friendica\Object\Api\Mastodon\Notification; */ class PushSubscription extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_PUSH); $uid = self::getCurrentUserID(); @@ -66,7 +66,7 @@ class PushSubscription extends BaseApi return DI::mstdnSubscription()->createForApplicationIdAndUserId($application['id'], $uid)->toArray(); } - public function put() + public function put(array $request = []) { self::checkAllowedScope(self::SCOPE_PUSH); $uid = self::getCurrentUserID(); @@ -99,7 +99,7 @@ class PushSubscription extends BaseApi return DI::mstdnSubscription()->createForApplicationIdAndUserId($application['id'], $uid)->toArray(); } - protected function delete() + protected function delete(array $request = []) { self::checkAllowedScope(self::SCOPE_PUSH); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/ScheduledStatuses.php b/src/Module/Api/Mastodon/ScheduledStatuses.php index f6da23aa1..a40406e8d 100644 --- a/src/Module/Api/Mastodon/ScheduledStatuses.php +++ b/src/Module/Api/Mastodon/ScheduledStatuses.php @@ -33,15 +33,15 @@ use Friendica\Module\BaseApi; */ class ScheduledStatuses extends BaseApi { - public function put() + public function put(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); - $this->response->unsupported(Router::PUT); + $this->response->unsupported(Router::PUT, $request); } - protected function delete() + protected function delete(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Statuses.php b/src/Module/Api/Mastodon/Statuses.php index 05851a983..ad76e3ad7 100644 --- a/src/Module/Api/Mastodon/Statuses.php +++ b/src/Module/Api/Mastodon/Statuses.php @@ -41,7 +41,7 @@ use Friendica\Util\Images; */ class Statuses extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); @@ -207,7 +207,7 @@ class Statuses extends BaseApi DI::mstdnError()->InternalError(); } - protected function delete() + protected function delete(array $request = []) { self::checkAllowedScope(self::SCOPE_READ); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Statuses/Bookmark.php b/src/Module/Api/Mastodon/Statuses/Bookmark.php index 0ff561189..8092d824a 100644 --- a/src/Module/Api/Mastodon/Statuses/Bookmark.php +++ b/src/Module/Api/Mastodon/Statuses/Bookmark.php @@ -33,7 +33,7 @@ use Friendica\Module\BaseApi; */ class Bookmark extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Statuses/Favourite.php b/src/Module/Api/Mastodon/Statuses/Favourite.php index fc070548b..c644d3df0 100644 --- a/src/Module/Api/Mastodon/Statuses/Favourite.php +++ b/src/Module/Api/Mastodon/Statuses/Favourite.php @@ -33,7 +33,7 @@ use Friendica\Module\BaseApi; */ class Favourite extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Statuses/Mute.php b/src/Module/Api/Mastodon/Statuses/Mute.php index 7b7a67051..9f8e5ae1e 100644 --- a/src/Module/Api/Mastodon/Statuses/Mute.php +++ b/src/Module/Api/Mastodon/Statuses/Mute.php @@ -32,7 +32,7 @@ use Friendica\Module\BaseApi; */ class Mute extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Statuses/Pin.php b/src/Module/Api/Mastodon/Statuses/Pin.php index 9697d795b..778aa8788 100644 --- a/src/Module/Api/Mastodon/Statuses/Pin.php +++ b/src/Module/Api/Mastodon/Statuses/Pin.php @@ -32,7 +32,7 @@ use Friendica\Module\BaseApi; */ class Pin extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Statuses/Reblog.php b/src/Module/Api/Mastodon/Statuses/Reblog.php index 64d30e66d..9ac18a8ef 100644 --- a/src/Module/Api/Mastodon/Statuses/Reblog.php +++ b/src/Module/Api/Mastodon/Statuses/Reblog.php @@ -35,7 +35,7 @@ use Friendica\Module\BaseApi; */ class Reblog extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Statuses/Unbookmark.php b/src/Module/Api/Mastodon/Statuses/Unbookmark.php index 3232e1298..ea5693af2 100644 --- a/src/Module/Api/Mastodon/Statuses/Unbookmark.php +++ b/src/Module/Api/Mastodon/Statuses/Unbookmark.php @@ -33,7 +33,7 @@ use Friendica\Module\BaseApi; */ class Unbookmark extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Statuses/Unfavourite.php b/src/Module/Api/Mastodon/Statuses/Unfavourite.php index 7e5081656..3e580b2cc 100644 --- a/src/Module/Api/Mastodon/Statuses/Unfavourite.php +++ b/src/Module/Api/Mastodon/Statuses/Unfavourite.php @@ -33,7 +33,7 @@ use Friendica\Module\BaseApi; */ class Unfavourite extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Statuses/Unmute.php b/src/Module/Api/Mastodon/Statuses/Unmute.php index c380f05d0..c01bbf52e 100644 --- a/src/Module/Api/Mastodon/Statuses/Unmute.php +++ b/src/Module/Api/Mastodon/Statuses/Unmute.php @@ -32,7 +32,7 @@ use Friendica\Module\BaseApi; */ class Unmute extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Statuses/Unpin.php b/src/Module/Api/Mastodon/Statuses/Unpin.php index 9af2fe28d..7a8da4f2f 100644 --- a/src/Module/Api/Mastodon/Statuses/Unpin.php +++ b/src/Module/Api/Mastodon/Statuses/Unpin.php @@ -32,7 +32,7 @@ use Friendica\Module\BaseApi; */ class Unpin extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Statuses/Unreblog.php b/src/Module/Api/Mastodon/Statuses/Unreblog.php index 27708acad..ff5ab2ff0 100644 --- a/src/Module/Api/Mastodon/Statuses/Unreblog.php +++ b/src/Module/Api/Mastodon/Statuses/Unreblog.php @@ -35,7 +35,7 @@ use Friendica\Module\BaseApi; */ class Unreblog extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); $uid = self::getCurrentUserID(); diff --git a/src/Module/Api/Mastodon/Unimplemented.php b/src/Module/Api/Mastodon/Unimplemented.php index 22111781b..c5d0eef12 100644 --- a/src/Module/Api/Mastodon/Unimplemented.php +++ b/src/Module/Api/Mastodon/Unimplemented.php @@ -32,33 +32,33 @@ class Unimplemented extends BaseApi /** * @throws \Friendica\Network\HTTPException\InternalServerErrorException */ - protected function delete() + protected function delete(array $request = []) { - $this->response->unsupported(Router::DELETE); + $this->response->unsupported(Router::DELETE, $request); } /** * @throws \Friendica\Network\HTTPException\InternalServerErrorException */ - protected function patch() + protected function patch(array $request = []) { - $this->response->unsupported(Router::PATCH); + $this->response->unsupported(Router::PATCH, $request); } /** * @throws \Friendica\Network\HTTPException\InternalServerErrorException */ - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { - $this->response->unsupported(Router::POST); + $this->response->unsupported(Router::POST, $request); } /** * @throws \Friendica\Network\HTTPException\InternalServerErrorException */ - public function put() + public function put(array $request = []) { - $this->response->unsupported(Router::PUT); + $this->response->unsupported(Router::PUT, $request); } /** @@ -66,6 +66,6 @@ class Unimplemented extends BaseApi */ protected function rawContent(array $request = []) { - $this->response->unsupported(Router::GET); + $this->response->unsupported(Router::GET, $request); } } diff --git a/src/Module/BaseApi.php b/src/Module/BaseApi.php index 7c0c77372..cd9cfb8f5 100644 --- a/src/Module/BaseApi.php +++ b/src/Module/BaseApi.php @@ -35,7 +35,6 @@ use Friendica\Network\HTTPException; use Friendica\Security\BasicAuth; use Friendica\Security\OAuth; use Friendica\Util\DateTimeFormat; -use Friendica\Util\HTTPInputData; use Friendica\Util\Profiler; use Psr\Log\LoggerInterface; @@ -71,7 +70,7 @@ class BaseApi extends BaseModule $this->app = $app; } - protected function delete() + protected function delete(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); @@ -80,7 +79,7 @@ class BaseApi extends BaseModule } } - protected function patch() + protected function patch(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); @@ -89,7 +88,7 @@ class BaseApi extends BaseModule } } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); @@ -98,7 +97,7 @@ class BaseApi extends BaseModule } } - public function put() + public function put(array $request = []) { self::checkAllowedScope(self::SCOPE_WRITE); @@ -112,21 +111,18 @@ class BaseApi extends BaseModule * * @param array $defaults Associative array of expected request keys and their default typed value. A null * value will remove the request key from the resulting value array. - * @param array|null $request Custom REQUEST array, superglobal instead + * @param array $request Custom REQUEST array, superglobal instead * @return array request data * @throws \Exception */ - public function getRequest(array $defaults, array $request = null): array + public function getRequest(array $defaults, array $request): array { - $httpinput = HTTPInputData::process(); - $input = array_merge($httpinput['variables'], $httpinput['files'], $request ?? $_REQUEST); - - self::$request = $input; + self::$request = $request; self::$boundaries = []; unset(self::$request['pagename']); - return $this->checkDefaults($defaults, $input); + return $this->checkDefaults($defaults, $request); } /** diff --git a/src/Module/Contact.php b/src/Module/Contact.php index 9ffd17626..d89e556fc 100644 --- a/src/Module/Contact.php +++ b/src/Module/Contact.php @@ -91,7 +91,7 @@ class Contact extends BaseModule DI::baseUrl()->redirect($redirectUrl); } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { return; diff --git a/src/Module/Contact/Advanced.php b/src/Module/Contact/Advanced.php index 2d99abf72..3daafe94e 100644 --- a/src/Module/Contact/Advanced.php +++ b/src/Module/Contact/Advanced.php @@ -61,7 +61,7 @@ class Advanced extends BaseModule } } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { $cid = $this->parameters['id']; diff --git a/src/Module/Contact/Poke.php b/src/Module/Contact/Poke.php index 718095c50..12ab757f3 100644 --- a/src/Module/Contact/Poke.php +++ b/src/Module/Contact/Poke.php @@ -18,7 +18,7 @@ use Friendica\Util\XML; class Poke extends BaseModule { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user() || empty($this->parameters['id'])) { return self::postReturn(false); diff --git a/src/Module/Contact/Profile.php b/src/Module/Contact/Profile.php index 0431bd896..88f927c40 100644 --- a/src/Module/Contact/Profile.php +++ b/src/Module/Contact/Profile.php @@ -71,7 +71,7 @@ class Profile extends BaseModule $this->config = $config; } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { return; diff --git a/src/Module/Contact/Revoke.php b/src/Module/Contact/Revoke.php index 4c3a6dade..5d4e7c3e3 100644 --- a/src/Module/Contact/Revoke.php +++ b/src/Module/Contact/Revoke.php @@ -74,7 +74,7 @@ class Revoke extends BaseModule } } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { throw new HTTPException\UnauthorizedException(); diff --git a/src/Module/DFRN/Notify.php b/src/Module/DFRN/Notify.php index de03992da..e1a2f19d4 100644 --- a/src/Module/DFRN/Notify.php +++ b/src/Module/DFRN/Notify.php @@ -38,7 +38,7 @@ use Friendica\Network\HTTPException; */ class Notify extends BaseModule { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { $postdata = Network::postdata(); diff --git a/src/Module/Debug/Localtime.php b/src/Module/Debug/Localtime.php index 97a645485..b686e5a56 100644 --- a/src/Module/Debug/Localtime.php +++ b/src/Module/Debug/Localtime.php @@ -31,7 +31,7 @@ class Localtime extends BaseModule { static $mod_localtime = ''; - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { $time = ($_REQUEST['time'] ?? '') ?: 'now'; diff --git a/src/Module/Delegation.php b/src/Module/Delegation.php index b242f5faa..bc3c72e8d 100644 --- a/src/Module/Delegation.php +++ b/src/Module/Delegation.php @@ -37,7 +37,7 @@ use Friendica\Util\Proxy; */ class Delegation extends BaseModule { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { return; diff --git a/src/Module/Diaspora/Receive.php b/src/Module/Diaspora/Receive.php index 242b774b3..2dd0d4dd8 100644 --- a/src/Module/Diaspora/Receive.php +++ b/src/Module/Diaspora/Receive.php @@ -49,7 +49,7 @@ class Receive extends BaseModule $this->config = $config; } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { $enabled = $this->config->get('system', 'diaspora_enabled', false); if (!$enabled) { diff --git a/src/Module/FollowConfirm.php b/src/Module/FollowConfirm.php index 388c07a37..12055d790 100644 --- a/src/Module/FollowConfirm.php +++ b/src/Module/FollowConfirm.php @@ -10,9 +10,9 @@ use Friendica\Model\Contact; */ class FollowConfirm extends BaseModule { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { - parent::post($post); + parent::post($request); $uid = local_user(); if (!$uid) { notice(DI::l10n()->t('Permission denied.')); diff --git a/src/Module/FriendSuggest.php b/src/Module/FriendSuggest.php index 153f86d60..1bbae8042 100644 --- a/src/Module/FriendSuggest.php +++ b/src/Module/FriendSuggest.php @@ -61,7 +61,7 @@ class FriendSuggest extends BaseModule $this->friendSuggestFac = $friendSuggestFac; } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { $cid = intval($this->parameters['contact']); diff --git a/src/Module/Group.php b/src/Module/Group.php index 883f09cb5..ada1b82f6 100644 --- a/src/Module/Group.php +++ b/src/Module/Group.php @@ -32,7 +32,7 @@ require_once 'boot.php'; class Group extends BaseModule { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (DI::mode()->isAjax()) { $this->ajaxPost(); @@ -47,7 +47,7 @@ class Group extends BaseModule if ((DI::args()->getArgc() == 2) && (DI::args()->getArgv()[1] === 'new')) { BaseModule::checkFormSecurityTokenRedirectOnError('/group/new', 'group_edit'); - $name = trim($_POST['groupname']); + $name = trim($request['groupname']); $r = Model\Group::create(local_user(), $name); if ($r) { $r = Model\Group::getIdByName(local_user(), $name); diff --git a/src/Module/HTTPException/PageNotFound.php b/src/Module/HTTPException/PageNotFound.php index ae156f05c..9b88e463a 100644 --- a/src/Module/HTTPException/PageNotFound.php +++ b/src/Module/HTTPException/PageNotFound.php @@ -33,7 +33,7 @@ class PageNotFound extends BaseModule throw new HTTPException\NotFoundException(DI::l10n()->t('Page not found.')); } - public function run(array $post = [], array $request = []): ResponseInterface + public function run(array $request = []): ResponseInterface { /* The URL provided does not resolve to a valid module. * @@ -61,6 +61,6 @@ class PageNotFound extends BaseModule 'query' => $this->server['QUERY_STRING'] ]); - return parent::run($post, $request); // TODO: Change the autogenerated stub + return parent::run($request); // TODO: Change the autogenerated stub } } diff --git a/src/Module/Install.php b/src/Module/Install.php index 2b287d96b..3e27a7d33 100644 --- a/src/Module/Install.php +++ b/src/Module/Install.php @@ -104,7 +104,7 @@ class Install extends BaseModule $this->currentWizardStep = ($_POST['pass'] ?? '') ?: self::SYSTEM_CHECK; } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { $configCache = $this->app->getConfigCache(); diff --git a/src/Module/Invite.php b/src/Module/Invite.php index 8c9c59d30..acd5778e3 100644 --- a/src/Module/Invite.php +++ b/src/Module/Invite.php @@ -35,7 +35,7 @@ use Friendica\Util\Strings; */ class Invite extends BaseModule { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); diff --git a/src/Module/Item/Compose.php b/src/Module/Item/Compose.php index 0564e2f98..d0c6b6afb 100644 --- a/src/Module/Item/Compose.php +++ b/src/Module/Item/Compose.php @@ -40,7 +40,7 @@ use Friendica\Util\Temporal; class Compose extends BaseModule { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!empty($_REQUEST['body'])) { $_REQUEST['return'] = 'network'; diff --git a/src/Module/Notifications/Notification.php b/src/Module/Notifications/Notification.php index 525159840..653c229d2 100644 --- a/src/Module/Notifications/Notification.php +++ b/src/Module/Notifications/Notification.php @@ -42,7 +42,7 @@ class Notification extends BaseModule * @throws \ImagickException * @throws \Exception */ - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { throw new HTTPException\UnauthorizedException(DI::l10n()->t('Permission denied.')); diff --git a/src/Module/OAuth/Acknowledge.php b/src/Module/OAuth/Acknowledge.php index f19837364..477d3dfcf 100644 --- a/src/Module/OAuth/Acknowledge.php +++ b/src/Module/OAuth/Acknowledge.php @@ -30,7 +30,7 @@ use Friendica\Module\BaseApi; */ class Acknowledge extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { DI::session()->set('oauth_acknowledge', true); DI::app()->redirect(DI::session()->get('return_path')); diff --git a/src/Module/OAuth/Revoke.php b/src/Module/OAuth/Revoke.php index 745ab0673..86bc01ced 100644 --- a/src/Module/OAuth/Revoke.php +++ b/src/Module/OAuth/Revoke.php @@ -32,7 +32,7 @@ use Friendica\Module\BaseApi; */ class Revoke extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { $request = $this->getRequest([ 'client_id' => '', // Client ID, obtained during app registration diff --git a/src/Module/OAuth/Token.php b/src/Module/OAuth/Token.php index c8ef9ee14..d41708a09 100644 --- a/src/Module/OAuth/Token.php +++ b/src/Module/OAuth/Token.php @@ -34,7 +34,7 @@ use Friendica\Security\OAuth; */ class Token extends BaseApi { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { $request = $this->getRequest([ 'client_id' => '', // Client ID, obtained during app registration diff --git a/src/Module/Profile/Schedule.php b/src/Module/Profile/Schedule.php index c14c19b9b..6149e0237 100644 --- a/src/Module/Profile/Schedule.php +++ b/src/Module/Profile/Schedule.php @@ -33,7 +33,7 @@ use Friendica\Util\DateTimeFormat; class Schedule extends BaseProfile { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); diff --git a/src/Module/Register.php b/src/Module/Register.php index 3c92c0062..fbb30220e 100644 --- a/src/Module/Register.php +++ b/src/Module/Register.php @@ -193,7 +193,7 @@ class Register extends BaseModule * Extend this method if the module is supposed to process POST requests. * Doesn't display any content */ - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { BaseModule::checkFormSecurityTokenRedirectOnError('/register', 'register'); diff --git a/src/Module/RemoteFollow.php b/src/Module/RemoteFollow.php index ee2dcfe4d..6737398e4 100644 --- a/src/Module/RemoteFollow.php +++ b/src/Module/RemoteFollow.php @@ -61,7 +61,7 @@ class RemoteFollow extends BaseModule $this->page = $page; } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!empty($_POST['cancel']) || empty($_POST['dfrn_url'])) { $this->baseUrl->redirect(); diff --git a/src/Module/Security/Login.php b/src/Module/Security/Login.php index 90f2d663a..3ba0eb714 100644 --- a/src/Module/Security/Login.php +++ b/src/Module/Security/Login.php @@ -46,7 +46,7 @@ class Login extends BaseModule return self::form(Session::get('return_path'), intval(DI::config()->get('config', 'register_policy')) !== \Friendica\Module\Register::CLOSED); } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { $return_path = Session::get('return_path'); Session::clear(); diff --git a/src/Module/Security/TwoFactor/Recovery.php b/src/Module/Security/TwoFactor/Recovery.php index 6556e07c2..cd635c394 100644 --- a/src/Module/Security/TwoFactor/Recovery.php +++ b/src/Module/Security/TwoFactor/Recovery.php @@ -56,7 +56,7 @@ class Recovery extends BaseModule $this->session = $session; } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { return; diff --git a/src/Module/Security/TwoFactor/Verify.php b/src/Module/Security/TwoFactor/Verify.php index 454cc9f7c..4afe7ff31 100644 --- a/src/Module/Security/TwoFactor/Verify.php +++ b/src/Module/Security/TwoFactor/Verify.php @@ -38,7 +38,7 @@ class Verify extends BaseModule { private static $errors = []; - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { return; diff --git a/src/Module/Settings/Delegation.php b/src/Module/Settings/Delegation.php index d385544af..88750ed62 100644 --- a/src/Module/Settings/Delegation.php +++ b/src/Module/Settings/Delegation.php @@ -36,7 +36,7 @@ use Friendica\Util\Strings; */ class Delegation extends BaseSettings { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!DI::app()->isLoggedIn()) { throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); diff --git a/src/Module/Settings/Display.php b/src/Module/Settings/Display.php index 2155391a9..f8cd3e9d4 100644 --- a/src/Module/Settings/Display.php +++ b/src/Module/Settings/Display.php @@ -36,7 +36,7 @@ use Friendica\Network\HTTPException; */ class Display extends BaseSettings { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!DI::app()->isLoggedIn()) { throw new HTTPException\ForbiddenException(DI::l10n()->t('Permission denied.')); diff --git a/src/Module/Settings/Profile/Index.php b/src/Module/Settings/Profile/Index.php index 9f25db524..4ea8f72bd 100644 --- a/src/Module/Settings/Profile/Index.php +++ b/src/Module/Settings/Profile/Index.php @@ -41,7 +41,7 @@ use Friendica\Util\Temporal; class Index extends BaseSettings { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { return; diff --git a/src/Module/Settings/Profile/Photo/Crop.php b/src/Module/Settings/Profile/Photo/Crop.php index a77057e1a..ec4863a48 100644 --- a/src/Module/Settings/Profile/Photo/Crop.php +++ b/src/Module/Settings/Profile/Photo/Crop.php @@ -33,7 +33,7 @@ use Friendica\Network\HTTPException; class Crop extends BaseSettings { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!Session::isAuthenticated()) { return; diff --git a/src/Module/Settings/Profile/Photo/Index.php b/src/Module/Settings/Profile/Photo/Index.php index 309a893e6..3ba46e007 100644 --- a/src/Module/Settings/Profile/Photo/Index.php +++ b/src/Module/Settings/Profile/Photo/Index.php @@ -34,7 +34,7 @@ use Friendica\Util\Strings; class Index extends BaseSettings { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!Session::isAuthenticated()) { return; diff --git a/src/Module/Settings/TwoFactor/AppSpecific.php b/src/Module/Settings/TwoFactor/AppSpecific.php index 94dfc6d41..a7d426b2e 100644 --- a/src/Module/Settings/TwoFactor/AppSpecific.php +++ b/src/Module/Settings/TwoFactor/AppSpecific.php @@ -66,7 +66,7 @@ class AppSpecific extends BaseSettings } } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { return; diff --git a/src/Module/Settings/TwoFactor/Index.php b/src/Module/Settings/TwoFactor/Index.php index ec57a8d14..de6cae5a1 100644 --- a/src/Module/Settings/TwoFactor/Index.php +++ b/src/Module/Settings/TwoFactor/Index.php @@ -33,7 +33,7 @@ use PragmaRX\Google2FA\Google2FA; class Index extends BaseSettings { - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { return; diff --git a/src/Module/Settings/TwoFactor/Recovery.php b/src/Module/Settings/TwoFactor/Recovery.php index fb13b8b60..7a7794383 100644 --- a/src/Module/Settings/TwoFactor/Recovery.php +++ b/src/Module/Settings/TwoFactor/Recovery.php @@ -64,7 +64,7 @@ class Recovery extends BaseSettings } } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { return; diff --git a/src/Module/Settings/TwoFactor/Trusted.php b/src/Module/Settings/TwoFactor/Trusted.php index 1507d5fc5..97fb1660d 100644 --- a/src/Module/Settings/TwoFactor/Trusted.php +++ b/src/Module/Settings/TwoFactor/Trusted.php @@ -48,7 +48,7 @@ class Trusted extends BaseSettings } } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { return; diff --git a/src/Module/Settings/TwoFactor/Verify.php b/src/Module/Settings/TwoFactor/Verify.php index 3c1853d7f..8b2f1e54f 100644 --- a/src/Module/Settings/TwoFactor/Verify.php +++ b/src/Module/Settings/TwoFactor/Verify.php @@ -70,7 +70,7 @@ class Verify extends BaseSettings } } - protected function post(array $request = [], array $post = []) + protected function post(array $request = []) { if (!local_user()) { return; diff --git a/tests/src/Module/Api/Friendica/Photo/DeleteTest.php b/tests/src/Module/Api/Friendica/Photo/DeleteTest.php index f248d0a9c..6dd8efff8 100644 --- a/tests/src/Module/Api/Friendica/Photo/DeleteTest.php +++ b/tests/src/Module/Api/Friendica/Photo/DeleteTest.php @@ -51,7 +51,7 @@ class DeleteTest extends ApiTest $this->loadFixture(__DIR__ . '/../../../../../datasets/photo/photo.fixture.php', DI::dba()); $delete = new Delete(DI::app(), DI::l10n(), DI::baseUrl(), DI::args(), DI::logger(), DI::profiler(), DI::apiResponse(), ['REQUEST_METHOD' => Router::POST]); - $response = $delete->run([], ['photo_id' => '709057080661a283a6aa598501504178']); + $response = $delete->run(['photo_id' => '709057080661a283a6aa598501504178']); $responseText = (string)$response->getBody(); @@ -68,7 +68,7 @@ class DeleteTest extends ApiTest $this->loadFixture(__DIR__ . '/../../../../../datasets/photo/photo.fixture.php', DI::dba()); $delete = new Delete(DI::app(), DI::l10n(), DI::baseUrl(), DI::args(), DI::logger(), DI::profiler(), DI::apiResponse(), ['REQUEST_METHOD' => Router::DELETE]); - $response = $delete->run([], ['photo_id' => '709057080661a283a6aa598501504178']); + $response = $delete->run(['photo_id' => '709057080661a283a6aa598501504178']); $responseText = (string)$response->getBody(); diff --git a/tests/src/Module/Api/Friendica/Photoalbum/DeleteTest.php b/tests/src/Module/Api/Friendica/Photoalbum/DeleteTest.php index 58f20ee3b..df8b720a8 100644 --- a/tests/src/Module/Api/Friendica/Photoalbum/DeleteTest.php +++ b/tests/src/Module/Api/Friendica/Photoalbum/DeleteTest.php @@ -47,7 +47,7 @@ class DeleteTest extends ApiTest $this->loadFixture(__DIR__ . '/../../../../../datasets/photo/photo.fixture.php', DI::dba()); $delete = new Delete(DI::app(), DI::l10n(), DI::baseUrl(), DI::args(), DI::logger(), DI::profiler(), DI::apiResponse(), ['REQUEST_METHOD' => Router::DELETE]); - $response = $delete->run([], ['album' => 'test_album']); + $response = $delete->run(['album' => 'test_album']); $responseText = (string)$response->getBody(); diff --git a/tests/src/Module/Api/Friendica/Photoalbum/UpdateTest.php b/tests/src/Module/Api/Friendica/Photoalbum/UpdateTest.php index 93856fd97..22ca155cb 100644 --- a/tests/src/Module/Api/Friendica/Photoalbum/UpdateTest.php +++ b/tests/src/Module/Api/Friendica/Photoalbum/UpdateTest.php @@ -56,7 +56,7 @@ class UpdateTest extends ApiTest { $this->loadFixture(__DIR__ . '/../../../../../datasets/photo/photo.fixture.php', DI::dba()); - $response = (new Update(DI::app(), DI::l10n(), DI::baseUrl(), DI::args(), DI::logger(), DI::profiler(), DI::apiResponse(), ['REQUEST_METHOD' => Router::POST]))->run([], ['album' => 'test_album', 'album_new' => 'test_album_2']); + $response = (new Update(DI::app(), DI::l10n(), DI::baseUrl(), DI::args(), DI::logger(), DI::profiler(), DI::apiResponse(), ['REQUEST_METHOD' => Router::POST]))->run(['album' => 'test_album', 'album_new' => 'test_album_2']); $responseBody = (string)$response->getBody(); From 9cec38f916ae8678e0846109ac82a52ad1a7e714 Mon Sep 17 00:00:00 2001 From: Philipp Date: Sun, 28 Nov 2021 14:01:13 +0100 Subject: [PATCH 3/7] Make HTTPInputData dynamic - Removing DI:: dependency inside App class - Making testability easier & adapting tests --- index.php | 1 + src/App.php | 13 +++---- src/Util/HTTPInputData.php | 54 ++++++++++++++-------------- tests/Util/HTTPInputDataDouble.php | 34 +++++++----------- tests/src/Util/HTTPInputDataTest.php | 9 ++--- 5 files changed, 54 insertions(+), 57 deletions(-) diff --git a/index.php b/index.php index 95a1306b3..fa4c91aa3 100644 --- a/index.php +++ b/index.php @@ -45,5 +45,6 @@ $a->runFrontend( $dice->create(\Friendica\Core\PConfig\Capability\IManagePersonalConfigValues::class), $dice->create(\Friendica\Security\Authentication::class), $dice->create(\Friendica\App\Page::class), + new \Friendica\Util\HTTPInputData($_SERVER), $start_time ); diff --git a/src/App.php b/src/App.php index b8b7fb99f..a17fb3ec3 100644 --- a/src/App.php +++ b/src/App.php @@ -44,7 +44,6 @@ use Friendica\Util\HTTPInputData; use Friendica\Util\HTTPSignature; use Friendica\Util\Profiler; use Friendica\Util\Strings; -use GuzzleHttp\Psr7\Response; use Psr\Log\LoggerInterface; /** @@ -563,13 +562,15 @@ class App * * @param App\Router $router * @param IManagePersonalConfigValues $pconfig - * @param Authentication $auth The Authentication backend of the node - * @param App\Page $page The Friendica page printing container + * @param Authentication $auth The Authentication backend of the node + * @param App\Page $page The Friendica page printing container + * @param HTTPInputData $httpInput A library for processing PHP input streams + * @param float $start_time The start time of the overall script execution * * @throws HTTPException\InternalServerErrorException * @throws \ImagickException */ - public function runFrontend(App\Router $router, IManagePersonalConfigValues $pconfig, Authentication $auth, App\Page $page, float $start_time) + public function runFrontend(App\Router $router, IManagePersonalConfigValues $pconfig, Authentication $auth, App\Page $page, HTTPInputData $httpInput, float $start_time) { $this->profiler->set($start_time, 'start'); $this->profiler->set(microtime(true), 'classinit'); @@ -704,8 +705,8 @@ class App } // Processes data from GET requests - $httpinput = HTTPInputData::process(); - $input = array_merge($httpinput['variables'], $httpinput['files'], $request ?? $_REQUEST); + $httpinput = $httpInput->process(); + $input = array_merge($httpinput['variables'], $httpinput['files'], $request ?? $_REQUEST); // Let the module run it's internal process (init, get, post, ...) $response = $module->run($input); diff --git a/src/Util/HTTPInputData.php b/src/Util/HTTPInputData.php index d22c3894d..26d09c977 100644 --- a/src/Util/HTTPInputData.php +++ b/src/Util/HTTPInputData.php @@ -27,9 +27,22 @@ namespace Friendica\Util; */ class HTTPInputData { - public static function process() + /** @var array The $_SERVER variable */ + protected $server; + + public function __construct(array $server) { - $content_parts = explode(';', static::getContentType()); + $this->server = $server; + } + + /** + * Process the PHP input stream and creates an array with its content + * + * @return array|array[] + */ + public function process(): array + { + $content_parts = explode(';', $this->server['CONTENT_TYPE'] ?? 'application/x-www-form-urlencoded'); $boundary = ''; $encoding = ''; @@ -54,7 +67,7 @@ class HTTPInputData } if ($content_type == 'multipart/form-data') { - return self::fetchFromMultipart($boundary); + return $this->fetchFromMultipart($boundary); } // can be handled by built in PHP functionality @@ -69,7 +82,7 @@ class HTTPInputData return ['variables' => $variables, 'files' => []]; } - private static function fetchFromMultipart(string $boundary) + private function fetchFromMultipart(string $boundary): array { $result = ['variables' => [], 'files' => []]; @@ -94,7 +107,7 @@ class HTTPInputData continue; } - $result = self::parseRawHeader($stream, $raw_headers, $boundary, $result); + $result = $this->parseRawHeader($stream, $raw_headers, $boundary, $result); $raw_headers = ''; } @@ -104,7 +117,7 @@ class HTTPInputData return $result; } - private static function parseRawHeader($stream, string $raw_headers, string $boundary, array $result) + private function parseRawHeader($stream, string $raw_headers, string $boundary, array $result) { $variables = $result['variables']; $files = $result['files']; @@ -115,7 +128,7 @@ class HTTPInputData if (strpos($header, ':') === false) { continue; } - list($name, $value) = explode(':', $header, 2); + [$name, $value] = explode(':', $header, 2); $headers[strtolower($name)] = ltrim($value, ' '); } @@ -135,13 +148,13 @@ class HTTPInputData $files[$name] = static::fetchFileData($stream, $boundary, $headers, $filename); return ['variables' => $variables, 'files' => $files]; } else { - $variables = self::fetchVariables($stream, $boundary, $headers, $name, $variables); + $variables = $this->fetchVariables($stream, $boundary, $headers, $name, $variables); } return ['variables' => $variables, 'files' => $files]; } - protected static function fetchFileData($stream, string $boundary, array $headers, string $filename) + protected function fetchFileData($stream, string $boundary, array $headers, string $filename) { $error = UPLOAD_ERR_OK; @@ -186,7 +199,7 @@ class HTTPInputData ]; } - private static function fetchVariables($stream, string $boundary, array $headers, string $name, array $variables) + private function fetchVariables($stream, string $boundary, array $headers, string $name, array $variables) { $fullValue = ''; $lastLine = null; @@ -229,10 +242,10 @@ class HTTPInputData $tmp = []; parse_str($fullValue, $tmp); - return self::expandVariables(explode('[', $name), $variables, $tmp); + return $this->expandVariables(explode('[', $name), $variables, $tmp); } - private static function expandVariables(array $names, $variables, array $values) + private function expandVariables(array $names, $variables, array $values) { if (!is_array($variables)) { return $values; @@ -252,7 +265,7 @@ class HTTPInputData if ($name === '') { $variables[] = reset($values); } elseif (isset($variables[$name]) && isset($values[$name])) { - $variables[$name] = self::expandVariables($names, $variables[$name], $values[$name]); + $variables[$name] = $this->expandVariables($names, $variables[$name], $values[$name]); } elseif (isset($values[$name])) { $variables[$name] = $values[$name]; } @@ -266,7 +279,7 @@ class HTTPInputData * * @return false|resource */ - protected static function getPhpInputStream() + protected function getPhpInputStream() { return fopen('php://input', 'rb'); } @@ -277,19 +290,8 @@ class HTTPInputData * * @return false|string */ - protected static function getPhpInputContent() + protected function getPhpInputContent() { return file_get_contents('php://input'); } - - /** - * Returns the content type string of the current call - * Mainly used for test doubling - * - * @return false|string - */ - protected static function getContentType() - { - return $_SERVER['CONTENT_TYPE'] ?? 'application/x-www-form-urlencoded'; - } } diff --git a/tests/Util/HTTPInputDataDouble.php b/tests/Util/HTTPInputDataDouble.php index 391b9c82b..1675fa392 100644 --- a/tests/Util/HTTPInputDataDouble.php +++ b/tests/Util/HTTPInputDataDouble.php @@ -30,20 +30,18 @@ use Friendica\Util\HTTPInputData; class HTTPInputDataDouble extends HTTPInputData { /** @var false|resource */ - protected static $injectedStream = false; + protected $injectedStream = false; /** @var false|string */ - protected static $injectedContent = false; - /** @var false|string */ - protected static $injectedContentType = false; + protected $injectedContent = false; /** * injects the PHP input stream for a test * * @param false|resource $stream */ - public static function setPhpInputStream($stream) + public function setPhpInputStream($stream) { - self::$injectedStream = $stream; + $this->injectedStream = $stream; } /** @@ -51,9 +49,9 @@ class HTTPInputDataDouble extends HTTPInputData * * @param false|string $content */ - public static function setPhpInputContent($content) + public function setPhpInputContent($content) { - self::$injectedContent = $content; + $this->injectedContent = $content; } /** @@ -61,30 +59,24 @@ class HTTPInputDataDouble extends HTTPInputData * * @param false|string $contentType */ - public static function setPhpInputContentType($contentType) + public function setPhpInputContentType($contentType) { - self::$injectedContentType = $contentType; + $this->injectedContentType = $contentType; } /** {@inheritDoc} */ - protected static function getPhpInputStream() + protected function getPhpInputStream() { - return static::$injectedStream; + return $this->injectedStream; } /** {@inheritDoc} */ - protected static function getPhpInputContent() + protected function getPhpInputContent() { - return static::$injectedContent; + return $this->injectedContent; } - /** {@inheritDoc} */ - protected static function getContentType() - { - return static::$injectedContentType; - } - - protected static function fetchFileData($stream, string $boundary, array $headers, string $filename) + protected function fetchFileData($stream, string $boundary, array $headers, string $filename) { $data = parent::fetchFileData($stream, $boundary, $headers, $filename); if (!empty($data['tmp_name'])) { diff --git a/tests/src/Util/HTTPInputDataTest.php b/tests/src/Util/HTTPInputDataTest.php index 5e8fd228f..0d7c3938b 100644 --- a/tests/src/Util/HTTPInputDataTest.php +++ b/tests/src/Util/HTTPInputDataTest.php @@ -139,14 +139,15 @@ class HTTPInputDataTest extends MockedTest */ public function testHttpInput(string $contentType, string $input, array $expected) { - HTTPInputDataDouble::setPhpInputContentType($contentType); - HTTPInputDataDouble::setPhpInputContent($input); + $httpInput = new HTTPInputDataDouble(['CONTENT_TYPE' => $contentType]); + $httpInput->setPhpInputContent($input); + $stream = fopen('php://memory', 'r+'); fwrite($stream, $input); rewind($stream); - HTTPInputDataDouble::setPhpInputStream($stream); - $output = HTTPInputDataDouble::process(); + $httpInput->setPhpInputStream($stream); + $output = $httpInput->process(); $this->assertEqualsCanonicalizing($expected, $output); } } From 2dc60cfd3352e163edc222cfe0a804876ec87300 Mon Sep 17 00:00:00 2001 From: Philipp Date: Sun, 28 Nov 2021 14:10:40 +0100 Subject: [PATCH 4/7] Make API call permission checks more reliable - don't need to inherit every Module method anymore --- src/Module/BaseApi.php | 51 +++++++++++++++++------------------------- 1 file changed, 21 insertions(+), 30 deletions(-) diff --git a/src/Module/BaseApi.php b/src/Module/BaseApi.php index cd9cfb8f5..db5f191cf 100644 --- a/src/Module/BaseApi.php +++ b/src/Module/BaseApi.php @@ -22,6 +22,7 @@ namespace Friendica\Module; use Friendica\App; +use Friendica\App\Router; use Friendica\BaseModule; use Friendica\Core\L10n; use Friendica\Core\Logger; @@ -36,6 +37,7 @@ use Friendica\Security\BasicAuth; use Friendica\Security\OAuth; use Friendica\Util\DateTimeFormat; use Friendica\Util\Profiler; +use Psr\Http\Message\ResponseInterface; use Psr\Log\LoggerInterface; class BaseApi extends BaseModule @@ -70,40 +72,29 @@ class BaseApi extends BaseModule $this->app = $app; } - protected function delete(array $request = []) + /** + * Additionally checks, if the caller is permitted to do this action + * + * {@inheritDoc} + * + * @throws HTTPException\ForbiddenException + */ + public function run(array $request = []): ResponseInterface { - self::checkAllowedScope(self::SCOPE_WRITE); + switch ($this->server['REQUEST_METHOD'] ?? Router::GET) { + case Router::DELETE: + case Router::PATCH: + case Router::POST: + case Router::PUT: + self::checkAllowedScope(self::SCOPE_WRITE); - if (!$this->app->isLoggedIn()) { - throw new HTTPException\ForbiddenException($this->t('Permission denied.')); + if (!$this->app->isLoggedIn()) { + throw new HTTPException\ForbiddenException($this->t('Permission denied.')); + } + break; } - } - protected function patch(array $request = []) - { - self::checkAllowedScope(self::SCOPE_WRITE); - - if (!$this->app->isLoggedIn()) { - throw new HTTPException\ForbiddenException($this->t('Permission denied.')); - } - } - - protected function post(array $request = []) - { - self::checkAllowedScope(self::SCOPE_WRITE); - - if (!$this->app->isLoggedIn()) { - throw new HTTPException\ForbiddenException($this->t('Permission denied.')); - } - } - - public function put(array $request = []) - { - self::checkAllowedScope(self::SCOPE_WRITE); - - if (!$this->app->isLoggedIn()) { - throw new HTTPException\ForbiddenException($this->t('Permission denied.')); - } + return parent::run($request); } /** From a88cc8d5c88ee567418aaee3eac8f1227caafce2 Mon Sep 17 00:00:00 2001 From: Philipp Date: Sun, 28 Nov 2021 15:05:42 +0100 Subject: [PATCH 5/7] Replace `DI::apiResponse()->exit()` with `$this->response->exit()` --- src/Module/Api/Friendica/Group/Update.php | 3 +-- src/Module/Api/Friendica/Notification/Seen.php | 4 ++-- src/Module/Api/GNUSocial/Statusnet/Conversation.php | 2 +- src/Module/Api/Twitter/Account/UpdateProfile.php | 2 +- src/Module/Api/Twitter/Account/VerifyCredentials.php | 2 +- src/Module/Api/Twitter/Favorites.php | 2 +- src/Module/Api/Twitter/Favorites/Create.php | 2 +- src/Module/Api/Twitter/Favorites/Destroy.php | 2 +- src/Module/Api/Twitter/Friendships/Destroy.php | 2 +- src/Module/Api/Twitter/Lists/Statuses.php | 2 +- src/Module/Api/Twitter/Media/Upload.php | 2 +- src/Module/Api/Twitter/Search/Tweets.php | 5 +++-- src/Module/Api/Twitter/Statuses/Destroy.php | 2 +- src/Module/Api/Twitter/Statuses/HomeTimeline.php | 2 +- src/Module/Api/Twitter/Statuses/Mentions.php | 2 +- src/Module/Api/Twitter/Statuses/NetworkPublicTimeline.php | 2 +- src/Module/Api/Twitter/Statuses/PublicTimeline.php | 2 +- src/Module/Api/Twitter/Statuses/Show.php | 4 ++-- src/Module/Api/Twitter/Statuses/UserTimeline.php | 2 +- src/Module/Api/Twitter/Users/Lookup.php | 2 +- src/Module/Api/Twitter/Users/Search.php | 2 +- src/Module/Api/Twitter/Users/Show.php | 2 +- 22 files changed, 26 insertions(+), 26 deletions(-) diff --git a/src/Module/Api/Friendica/Group/Update.php b/src/Module/Api/Friendica/Group/Update.php index e21b8c863..9317c77d3 100644 --- a/src/Module/Api/Friendica/Group/Update.php +++ b/src/Module/Api/Friendica/Group/Update.php @@ -22,7 +22,6 @@ namespace Friendica\Module\Api\Friendica\Group; use Friendica\Database\DBA; -use Friendica\DI; use Friendica\Model\Contact; use Friendica\Model\Group; use Friendica\Module\BaseApi; @@ -84,6 +83,6 @@ class Update extends BaseApi // return success message incl. missing users in array $status = ($erroraddinguser ? 'missing user' : 'ok'); $success = ['success' => true, 'gid' => $gid, 'name' => $name, 'status' => $status, 'wrong users' => $errorusers]; - DI::apiResponse()->exit('group_update', ['$result' => $success], $this->parameters['extension'] ?? null); + $this->response->exit('group_update', ['$result' => $success], $this->parameters['extension'] ?? null); } } diff --git a/src/Module/Api/Friendica/Notification/Seen.php b/src/Module/Api/Friendica/Notification/Seen.php index 92039be14..ffd178bcb 100644 --- a/src/Module/Api/Friendica/Notification/Seen.php +++ b/src/Module/Api/Friendica/Notification/Seen.php @@ -70,12 +70,12 @@ class Seen extends BaseApi // we found the item, return it to the user $ret = [DI::twitterStatus()->createFromUriId($item['uri-id'], $item['uid'], $include_entities)->toArray()]; $data = ['status' => $ret]; - DI::apiResponse()->exit('statuses', $data, $this->parameters['extension'] ?? null); + $this->response->exit('statuses', $data, $this->parameters['extension'] ?? null); } // the item can't be found, but we set the notification as seen, so we count this as a success } - DI::apiResponse()->exit('statuses', ['result' => 'success'], $this->parameters['extension'] ?? null); + $this->response->exit('statuses', ['result' => 'success'], $this->parameters['extension'] ?? null); } catch (NotFoundException $e) { throw new BadRequestException('Invalid argument', $e); } catch (Exception $e) { diff --git a/src/Module/Api/GNUSocial/Statusnet/Conversation.php b/src/Module/Api/GNUSocial/Statusnet/Conversation.php index 4b1760031..24da0ccb9 100644 --- a/src/Module/Api/GNUSocial/Statusnet/Conversation.php +++ b/src/Module/Api/GNUSocial/Statusnet/Conversation.php @@ -90,6 +90,6 @@ class Conversation extends BaseApi } DBA::close($statuses); - DI::apiResponse()->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); } } diff --git a/src/Module/Api/Twitter/Account/UpdateProfile.php b/src/Module/Api/Twitter/Account/UpdateProfile.php index 9c8c90151..5369e25cb 100644 --- a/src/Module/Api/Twitter/Account/UpdateProfile.php +++ b/src/Module/Api/Twitter/Account/UpdateProfile.php @@ -64,6 +64,6 @@ class UpdateProfile extends BaseApi // "uid" is only needed for some internal stuff, so remove it from here unset($user_info['uid']); - DI::apiResponse()->exit('user', ['user' => $user_info], $this->parameters['extension'] ?? null); + $this->response->exit('user', ['user' => $user_info], $this->parameters['extension'] ?? null); } } diff --git a/src/Module/Api/Twitter/Account/VerifyCredentials.php b/src/Module/Api/Twitter/Account/VerifyCredentials.php index 170da69c6..2de15af2b 100644 --- a/src/Module/Api/Twitter/Account/VerifyCredentials.php +++ b/src/Module/Api/Twitter/Account/VerifyCredentials.php @@ -47,6 +47,6 @@ class VerifyCredentials extends BaseApi // "uid" is only needed for some internal stuff, so remove it from here unset($user_info['uid']); - DI::apiResponse()->exit('user', ['user' => $user_info], $this->parameters['extension'] ?? null); + $this->response->exit('user', ['user' => $user_info], $this->parameters['extension'] ?? null); } } diff --git a/src/Module/Api/Twitter/Favorites.php b/src/Module/Api/Twitter/Favorites.php index 8c6f7082a..f806b23ee 100644 --- a/src/Module/Api/Twitter/Favorites.php +++ b/src/Module/Api/Twitter/Favorites.php @@ -72,6 +72,6 @@ class Favorites extends BaseApi } DBA::close($statuses); - DI::apiResponse()->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); } } diff --git a/src/Module/Api/Twitter/Favorites/Create.php b/src/Module/Api/Twitter/Favorites/Create.php index 74fb72237..308acc892 100644 --- a/src/Module/Api/Twitter/Favorites/Create.php +++ b/src/Module/Api/Twitter/Favorites/Create.php @@ -46,6 +46,6 @@ class Create extends BaseApi $status_info = DI::twitterStatus()->createFromItemId($id, $uid)->toArray(); - DI::apiResponse()->exit('status', ['status' => $status_info], $this->parameters['extension'] ?? null); + $this->response->exit('status', ['status' => $status_info], $this->parameters['extension'] ?? null); } } diff --git a/src/Module/Api/Twitter/Favorites/Destroy.php b/src/Module/Api/Twitter/Favorites/Destroy.php index 6c797d8b5..886d64d14 100644 --- a/src/Module/Api/Twitter/Favorites/Destroy.php +++ b/src/Module/Api/Twitter/Favorites/Destroy.php @@ -46,6 +46,6 @@ class Destroy extends BaseApi $status_info = DI::twitterStatus()->createFromItemId($id, $uid)->toArray(); - DI::apiResponse()->exit('status', ['status' => $status_info], $this->parameters['extension'] ?? null); + $this->response->exit('status', ['status' => $status_info], $this->parameters['extension'] ?? null); } } diff --git a/src/Module/Api/Twitter/Friendships/Destroy.php b/src/Module/Api/Twitter/Friendships/Destroy.php index ef8ad71e8..a6fa7f85f 100644 --- a/src/Module/Api/Twitter/Friendships/Destroy.php +++ b/src/Module/Api/Twitter/Friendships/Destroy.php @@ -81,6 +81,6 @@ class Destroy extends ContactEndpoint throw new HTTPException\InternalServerErrorException('Unable to unfollow this contact, please contact your administrator'); } - DI::apiResponse()->exit('friendships', ['user' => $user], $this->parameters['extension'] ?? null); + $this->response->exit('friendships', ['user' => $user], $this->parameters['extension'] ?? null); } } diff --git a/src/Module/Api/Twitter/Lists/Statuses.php b/src/Module/Api/Twitter/Lists/Statuses.php index 03bbce7bd..d647e4a27 100644 --- a/src/Module/Api/Twitter/Lists/Statuses.php +++ b/src/Module/Api/Twitter/Lists/Statuses.php @@ -83,6 +83,6 @@ class Statuses extends BaseApi } DBA::close($statuses); - DI::apiResponse()->exit('statuses', ['status' => $items], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('statuses', ['status' => $items], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); } } diff --git a/src/Module/Api/Twitter/Media/Upload.php b/src/Module/Api/Twitter/Media/Upload.php index 48538a331..a295296b7 100644 --- a/src/Module/Api/Twitter/Media/Upload.php +++ b/src/Module/Api/Twitter/Media/Upload.php @@ -65,6 +65,6 @@ class Upload extends BaseApi Logger::info('Media uploaded', ['return' => $returndata]); - DI::apiResponse()->exit('media', ['media' => $returndata], $this->parameters['extension'] ?? null); + $this->response->exit('media', ['media' => $returndata], $this->parameters['extension'] ?? null); } } diff --git a/src/Module/Api/Twitter/Search/Tweets.php b/src/Module/Api/Twitter/Search/Tweets.php index 4d1aec833..ac9857ac9 100644 --- a/src/Module/Api/Twitter/Search/Tweets.php +++ b/src/Module/Api/Twitter/Search/Tweets.php @@ -77,7 +77,8 @@ class Tweets extends BaseApi DBA::close($tags); if (empty($uriids)) { - DI::apiResponse()->exit('statuses', $data, $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('statuses', $data, $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + return; } $condition = ['uri-id' => $uriids]; @@ -122,6 +123,6 @@ class Tweets extends BaseApi } DBA::close($statuses); - DI::apiResponse()->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); } } diff --git a/src/Module/Api/Twitter/Statuses/Destroy.php b/src/Module/Api/Twitter/Statuses/Destroy.php index 5a4bc920e..58f13157b 100644 --- a/src/Module/Api/Twitter/Statuses/Destroy.php +++ b/src/Module/Api/Twitter/Statuses/Destroy.php @@ -53,6 +53,6 @@ class Destroy extends BaseApi Item::deleteForUser(['id' => $id], $uid); - DI::apiResponse()->exit('status', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('status', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); } } diff --git a/src/Module/Api/Twitter/Statuses/HomeTimeline.php b/src/Module/Api/Twitter/Statuses/HomeTimeline.php index c98134807..250c4359b 100644 --- a/src/Module/Api/Twitter/Statuses/HomeTimeline.php +++ b/src/Module/Api/Twitter/Statuses/HomeTimeline.php @@ -88,6 +88,6 @@ class HomeTimeline extends BaseApi } } - DI::apiResponse()->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); } } diff --git a/src/Module/Api/Twitter/Statuses/Mentions.php b/src/Module/Api/Twitter/Statuses/Mentions.php index 08970340f..47a860c7b 100644 --- a/src/Module/Api/Twitter/Statuses/Mentions.php +++ b/src/Module/Api/Twitter/Statuses/Mentions.php @@ -80,6 +80,6 @@ class Mentions extends BaseApi } DBA::close($statuses); - DI::apiResponse()->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); } } diff --git a/src/Module/Api/Twitter/Statuses/NetworkPublicTimeline.php b/src/Module/Api/Twitter/Statuses/NetworkPublicTimeline.php index 56f2f10d5..1ec00acf2 100644 --- a/src/Module/Api/Twitter/Statuses/NetworkPublicTimeline.php +++ b/src/Module/Api/Twitter/Statuses/NetworkPublicTimeline.php @@ -66,6 +66,6 @@ class NetworkPublicTimeline extends BaseApi } DBA::close($statuses); - DI::apiResponse()->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); } } diff --git a/src/Module/Api/Twitter/Statuses/PublicTimeline.php b/src/Module/Api/Twitter/Statuses/PublicTimeline.php index ad4380fe1..334d43dbb 100644 --- a/src/Module/Api/Twitter/Statuses/PublicTimeline.php +++ b/src/Module/Api/Twitter/Statuses/PublicTimeline.php @@ -86,6 +86,6 @@ class PublicTimeline extends BaseApi } DBA::close($statuses); - DI::apiResponse()->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('statuses', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); } } diff --git a/src/Module/Api/Twitter/Statuses/Show.php b/src/Module/Api/Twitter/Statuses/Show.php index 681d4130b..66939bf7a 100644 --- a/src/Module/Api/Twitter/Statuses/Show.php +++ b/src/Module/Api/Twitter/Statuses/Show.php @@ -89,10 +89,10 @@ class Show extends BaseApi if ($conversation) { $data = ['status' => $ret]; - DI::apiResponse()->exit('statuses', $data, $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('statuses', $data, $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); } else { $data = ['status' => $ret[0]]; - DI::apiResponse()->exit('status', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('status', ['status' => $data], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); } } } diff --git a/src/Module/Api/Twitter/Statuses/UserTimeline.php b/src/Module/Api/Twitter/Statuses/UserTimeline.php index 2b0144909..ba713c765 100644 --- a/src/Module/Api/Twitter/Statuses/UserTimeline.php +++ b/src/Module/Api/Twitter/Statuses/UserTimeline.php @@ -82,6 +82,6 @@ class UserTimeline extends BaseApi } DBA::close($statuses); - DI::apiResponse()->exit('user', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); + $this->response->exit('user', ['status' => $ret], $this->parameters['extension'] ?? null, Contact::getPublicIdByUserId($uid)); } } diff --git a/src/Module/Api/Twitter/Users/Lookup.php b/src/Module/Api/Twitter/Users/Lookup.php index 53bedd53a..9d4c460c6 100644 --- a/src/Module/Api/Twitter/Users/Lookup.php +++ b/src/Module/Api/Twitter/Users/Lookup.php @@ -51,6 +51,6 @@ class Lookup extends BaseApi throw new NotFoundException(); } - DI::apiResponse()->exit('users', ['user' => $users], $this->parameters['extension'] ?? null); + $this->response->exit('users', ['user' => $users], $this->parameters['extension'] ?? null); } } diff --git a/src/Module/Api/Twitter/Users/Search.php b/src/Module/Api/Twitter/Users/Search.php index e30480e26..9c7be2f51 100644 --- a/src/Module/Api/Twitter/Users/Search.php +++ b/src/Module/Api/Twitter/Users/Search.php @@ -69,6 +69,6 @@ class Search extends BaseApi throw new BadRequestException('No search term specified.'); } - DI::apiResponse()->exit('users', ['user' => $userlist], $this->parameters['extension'] ?? null); + $this->response->exit('users', ['user' => $userlist], $this->parameters['extension'] ?? null); } } diff --git a/src/Module/Api/Twitter/Users/Show.php b/src/Module/Api/Twitter/Users/Show.php index d0d8f17bb..ce662eb35 100644 --- a/src/Module/Api/Twitter/Users/Show.php +++ b/src/Module/Api/Twitter/Users/Show.php @@ -48,6 +48,6 @@ class Show extends BaseApi // "uid" is only needed for some internal stuff, so remove it from here unset($user_info['uid']); - DI::apiResponse()->exit('user', ['user' => $user_info], $this->parameters['extension'] ?? null); + $this->response->exit('user', ['user' => $user_info], $this->parameters['extension'] ?? null); } } From d8ac002001be966284a18f6edb5d1926628aea41 Mon Sep 17 00:00:00 2001 From: Philipp Date: Sun, 28 Nov 2021 15:27:39 +0100 Subject: [PATCH 6/7] Fix Introduction user selection --- src/Contact/Introduction/Repository/Introduction.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Contact/Introduction/Repository/Introduction.php b/src/Contact/Introduction/Repository/Introduction.php index 6121d3aab..3146ba396 100644 --- a/src/Contact/Introduction/Repository/Introduction.php +++ b/src/Contact/Introduction/Repository/Introduction.php @@ -109,7 +109,7 @@ class Introduction extends BaseRepository { try { $BaseCollection = parent::_selectByBoundaries( - ['`uid = ?` AND NOT `ignore`',$uid], + ['`uid` = ? AND NOT `ignore`',$uid], ['order' => ['id' => 'DESC']], $min_id, $max_id, $limit); } catch (\Exception $e) { From 395764dd6d69d4678070ec6fa3a58f55dc55eec9 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Tue, 30 Nov 2021 08:24:09 -0500 Subject: [PATCH 7/7] Prevent API-submitted public pictures to be published as statuses --- include/api.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/include/api.php b/include/api.php index a35da5c52..6fa0aeea6 100644 --- a/include/api.php +++ b/include/api.php @@ -1333,7 +1333,9 @@ function api_fr_photo_create_update($type) $deny_cid = $_REQUEST['deny_cid' ] ?? null; $allow_gid = $_REQUEST['allow_gid'] ?? null; $deny_gid = $_REQUEST['deny_gid' ] ?? null; - $visibility = !$allow_cid && !$deny_cid && !$allow_gid && !$deny_gid; + // Pictures uploaded via API never get posted as a visible status + // See https://github.com/friendica/friendica/issues/10990 + $visibility = false; // do several checks on input parameters // we do not allow calls without album string