From 5130b19f5e07c374399b88803762f90941d926a5 Mon Sep 17 00:00:00 2001 From: Michael Vogel Date: Sun, 15 Dec 2013 23:00:47 +0100 Subject: [PATCH] API: API is reworked in many parts so that it should be compatible to more statusnet clients then before (like AndStatus) --- boot.php | 2 +- database.sql | 15 ++ include/api.php | 621 +++++++++++++++++++++++++++--------------------- mod/api.php | 2 +- update.php | 17 +- 5 files changed, 382 insertions(+), 275 deletions(-) diff --git a/boot.php b/boot.php index ebce1519..6b130edf 100644 --- a/boot.php +++ b/boot.php @@ -14,7 +14,7 @@ require_once('include/features.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); define ( 'FRIENDICA_VERSION', '3.2.1745' ); define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); -define ( 'DB_UPDATE_VERSION', 1166 ); +define ( 'DB_UPDATE_VERSION', 1167 ); define ( 'EOL', "
\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); diff --git a/database.sql b/database.sql index 2c557a3e..163ad514 100644 --- a/database.sql +++ b/database.sql @@ -1175,3 +1175,18 @@ CREATE TABLE IF NOT EXISTS `push_subscriber` ( PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8; +-- -------------------------------------------------------- + +-- +-- Table structure for table `unique_contacts` +-- + +CREATE TABLE IF NOT EXISTS `unique_contacts` ( + `id` INT NOT NULL AUTO_INCREMENT, + `url` CHAR(255) NOT NULL, + `nick` CHAR(255) NOT NULL, + `name` CHAR(255) NOT NULL, + `avatar` CHAR(255) NOT NULL, + PRIMARY KEY (`id`), + KEY `url` (`url`) +) ENGINE=MyISAM DEFAULT CHARSET=utf8; diff --git a/include/api.php b/include/api.php index 97f1435e..a9215d0d 100644 --- a/include/api.php +++ b/include/api.php @@ -55,8 +55,8 @@ //die(__file__.__line__.__function__."
".$e); die();
 		}
 
-		
-		
+
+
 		// workaround for HTTP-auth in CGI mode
 		if(x($_SERVER,'REDIRECT_REMOTE_USER')) {
 		 	$userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"],6)) ;
@@ -73,18 +73,18 @@
 		    header('HTTP/1.0 401 Unauthorized');
 		    die('This api requires login');
 		}
-		
+
 		$user = $_SERVER['PHP_AUTH_USER'];
 		$encrypted = hash('whirlpool',trim($_SERVER['PHP_AUTH_PW']));
-    		
-		
-			/**
-			 *  next code from mod/auth.php. needs better solution
-			 */
-			
+
+
+		/**
+		 *  next code from mod/auth.php. needs better solution
+		 */
+
 		// process normal login request
 
-		$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) 
+		$r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' )
 			AND `password` = '%s' AND `blocked` = 0 AND `account_expired` = 0 AND `account_removed` = 0 AND `verified` = 1 LIMIT 1",
 			dbesc(trim($user)),
 			dbesc(trim($user)),
@@ -105,7 +105,7 @@
 		call_hooks('logged_in', $a->user);
 
 	}
-	
+
 	/**************************
 	 *  MAIN API ENTRY POINT  *
 	 **************************/
@@ -144,7 +144,7 @@
 						return ''."\n".$r;
 						break;
 					case "json":
-						//header ("Content-Type: application/json");
+						header ("Content-Type: application/json");
 						foreach($r as $rr)
 						    return json_encode($rr);
 						break;
@@ -205,10 +205,23 @@
 			'language' => $user_info['language'],
 			'logo'	=> $a->get_baseurl()."/images/friendica-32.png",
 		);
-		
+
 		return $arr;
 	}
-	 
+
+
+	/**
+	 * Unique contact to to contact url.
+	 */
+	function api_unique_id_to_url($id){
+		$r = q("SELECT url FROM unique_contacts WHERE id=%d LIMIT 1",
+			intval($id));
+		if ($r)
+			return ($r[0]["url"]);
+		else
+			return false;
+	}
+
 	/**
 	 * Returns user info array.
 	 */
@@ -216,58 +229,125 @@
 		global $called_api;
 		$user = null;
 		$extra_query = "";
+		$url = "";
+		$nick = "";
 
-
-		if(!is_null($contact_id)){
-			$user=$contact_id;
-			$extra_query = "AND `contact`.`id` = %d ";
+		// Searching for contact URL
+		if(!is_null($contact_id) AND (intval($contact_id) == 0)){
+			$user = dbesc(normalise_link($contact_id));
+			$url = $user;
+			$extra_query = "AND `contact`.`nurl` = '%s' ";
+			if (api_user()!==false)  $extra_query .= "AND `contact`.`uid`=".intval(api_user());
 		}
-		
+
+		// Searching for unique contact id
+		if(!is_null($contact_id) AND (intval($contact_id) != 0)){
+			$user = dbesc(api_unique_id_to_url($contact_id));
+
+			if ($user == "")
+				return false;
+
+			$url = $user;
+			$extra_query = "AND `contact`.`nurl` = '%s' ";
+			if (api_user()!==false)  $extra_query .= "AND `contact`.`uid`=".intval(api_user());
+		}
+
 		if(is_null($user) && x($_GET, 'user_id')) {
-			$user = intval($_GET['user_id']);	
-			$extra_query = "AND `contact`.`id` = %d ";
+			$user = dbesc(api_unique_id_to_url($_GET['user_id']));
+
+			if ($user == "")
+				return false;
+
+			$url = $user;
+			$extra_query = "AND `contact`.`nurl` = '%s' ";
+			if (api_user()!==false)  $extra_query .= "AND `contact`.`uid`=".intval(api_user());
 		}
 		if(is_null($user) && x($_GET, 'screen_name')) {
-			$user = dbesc($_GET['screen_name']);	
+			$user = dbesc($_GET['screen_name']);
+			$nick = $user;
 			$extra_query = "AND `contact`.`nick` = '%s' ";
 			if (api_user()!==false)  $extra_query .= "AND `contact`.`uid`=".intval(api_user());
-			
 		}
-		
+
 		if (is_null($user) && $a->argc > (count($called_api)-1)){
 			$argid = count($called_api);
 			list($user, $null) = explode(".",$a->argv[$argid]);
 			if(is_numeric($user)){
-				$user = intval($user);
-				$extra_query = "AND `contact`.`id` = %d ";
+				$user = dbesc(api_unique_id_to_url($user));
+
+				if ($user == "")
+					return false;
+
+				$url = $user;
+				$extra_query = "AND `contact`.`nurl` = '%s' ";
+				if (api_user()!==false)  $extra_query .= "AND `contact`.`uid`=".intval(api_user());
 			} else {
 				$user = dbesc($user);
+				$nick = $user;
 				$extra_query = "AND `contact`.`nick` = '%s' ";
 				if (api_user()!==false)  $extra_query .= "AND `contact`.`uid`=".intval(api_user());
 			}
 		}
-		
-		if (! $user) {
+
+		if (!$user) {
 			if (api_user()===false) {
 				api_login($a); return False;
 			} else {
 				$user = $_SESSION['uid'];
 				$extra_query = "AND `contact`.`uid` = %d AND `contact`.`self` = 1 ";
 			}
-			
+
 		}
-		
+
 		logger('api_user: ' . $extra_query . ', user: ' . $user);
-		// user info		
+		// user info
 		$uinfo = q("SELECT *, `contact`.`id` as `cid` FROM `contact`
 				WHERE 1
 				$extra_query",
 				$user
 		);
+
+		// if the contact wasn't found, fetch it from the unique contacts
 		if (count($uinfo)==0) {
-			return False;
+			$r = array();
+
+			if ($url != "")
+				$r = q("SELECT * FROM unique_contacts WHERE url='%s' LIMIT 1", $url);
+			elseif ($nick != "")
+				$r = q("SELECT * FROM unique_contacts WHERE nick='%s' LIMIT 1", $nick);
+
+			if ($r) {
+				$ret = array(
+					'id' => $r[0]["id"],
+					'name' => $r[0]["name"],
+					'screen_name' => $r[0]["name"],
+					'location' => NULL,
+					'description' => NULL,
+					'profile_image_url' => $r[0]["avatar"],
+					'url' => NULL,
+					'protected' => false,
+					'followers_count' => 0,
+					'friends_count' => 0,
+					'created_at' => '',
+					'favourites_count' => 0,
+					'utc_offset' => 0,
+					'time_zone' => 'UTC',
+					'statuses_count' => 1,
+					'following' => 1,
+					'statusnet_blocking' => false,
+					'notifications' => false,
+					'statusnet_profile_url' => $r[0]["url"],
+					'uid' => 0,
+					'cid' => 0,
+					'self' => 0,
+				);
+
+				return $ret;
+			} else
+				return False;
+
 		}
-		
+
 		if($uinfo[0]['self']) {
 			$usr = q("select * from user where uid = %d limit 1",
 				intval(api_user())
@@ -279,7 +359,7 @@
 			// count public wall messages
 			$r = q("SELECT COUNT(`id`) as `count` FROM `item`
 					WHERE  `uid` = %d
-					AND `type`='wall' 
+					AND `type`='wall'
 					AND `allow_cid`='' AND `allow_gid`='' AND `deny_cid`='' AND `deny_gid`=''",
 					intval($uinfo[0]['uid'])
 			);
@@ -297,7 +377,7 @@
 		// count friends
 		$r = q("SELECT COUNT(`id`) as `count` FROM `contact`
 				WHERE  `uid` = %d AND `rel` IN ( %d, %d )
-				AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0", 
+				AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0",
 				intval($uinfo[0]['uid']),
 				intval(CONTACT_IS_SHARING),
 				intval(CONTACT_IS_FRIEND)
@@ -306,7 +386,7 @@
 
 		$r = q("SELECT COUNT(`id`) as `count` FROM `contact`
 				WHERE  `uid` = %d AND `rel` IN ( %d, %d )
-				AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0", 
+				AND `self`=0 AND `blocked`=0 AND `pending`=0 AND `hidden`=0",
 				intval($uinfo[0]['uid']),
 				intval(CONTACT_IS_FOLLOWER),
 				intval(CONTACT_IS_FRIEND)
@@ -317,7 +397,7 @@
 			intval($uinfo[0]['uid'])
 		);
 		$starred = $r[0]['count'];
-	
+
 
 		if(! $uinfo[0]['self']) {
 			$countfriends = 0;
@@ -325,115 +405,69 @@
 			$starred = 0;
 		}
 
+		// Fetching unique id
+		$r = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1", dbesc(normalise_link($uinfo[0]['url'])));
+
+		// If not there, then add it
+		if (count($r) == 0) {
+			q("INSERT INTO unique_contacts (url, name, nick, avatar) VALUES ('%s', '%s', '%s', '%s')",
+				dbesc(normalise_link($uinfo[0]['url'])), dbesc($uinfo[0]['name']),dbesc($uinfo[0]['nick']), dbesc($uinfo[0]['micro']));
+
+			$r = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1", dbesc(normalise_link($uinfo[0]['url'])));
+		}
+
 		$ret = Array(
-			'id' => intval($uinfo[0]['cid']),
-			'self' => intval($uinfo[0]['self']),
-			'uid' => intval($uinfo[0]['uid']),
+			'id' => intval($r[0]['id']),
 			'name' => (($uinfo[0]['name']) ? $uinfo[0]['name'] : $uinfo[0]['nick']),
 			'screen_name' => (($uinfo[0]['nick']) ? $uinfo[0]['nick'] : $uinfo[0]['name']),
-			'location' => ($usr) ? $usr[0]['default-location'] : '',
+			'location' => ($usr) ? $usr[0]['default-location'] : NULL,
+			'description' => (($profile) ? $profile[0]['pdesc'] : NULL),
 			'profile_image_url' => $uinfo[0]['micro'],
 			'url' => $uinfo[0]['url'],
-			'contact_url' => $a->get_baseurl()."/contacts/".$uinfo[0]['cid'],
-			'protected' => false,	
+			'protected' => false,
+			'followers_count' => intval($countfollowers),
 			'friends_count' => intval($countfriends),
 			'created_at' => api_date($uinfo[0]['name-date']),
-			'utc_offset' => "+00:00",
-			'time_zone' => 'UTC', //$uinfo[0]['timezone'],
-			'geo_enabled' => false,
-			'statuses_count' => intval($countitms), #XXX: fix me 
-			'lang' => 'en', #XXX: fix me
-			'description' => (($profile) ? $profile[0]['pdesc'] : ''),
-			'followers_count' => intval($countfollowers),
 			'favourites_count' => intval($starred),
-			'contributors_enabled' => false,
-			'follow_request_sent' => true,
-			'profile_background_color' => 'cfe8f6',
-			'profile_text_color' => '000000',
-			'profile_link_color' => 'FF8500',
-			'profile_sidebar_fill_color' =>'AD0066',
-			'profile_sidebar_border_color' => 'AD0066',
-			'profile_background_image_url' => '',
-			'profile_background_tile' => false,
-			'profile_use_background_image' => false,
+			'utc_offset' => "0", // To-Do
+			'time_zone' => 'UTC', // To-Do $uinfo[0]['timezone'],
+			'statuses_count' => intval($countitms),
+			'following' => true, //#XXX: fix me
+			'verified' => true, //#XXX: fix me
+			'statusnet_blocking' => false,
 			'notifications' => false,
-			'following' => '', #XXX: fix me
-			'verified' => true, #XXX: fix me
-			'status' => array()
+			'statusnet_profile_url' => $a->get_baseurl()."/contacts/".$uinfo[0]['cid'],
+			'uid' => intval($uinfo[0]['uid']),
+			'cid' => intval($uinfo[0]['cid']),
+			'self' => $uinfo[0]['self'],
 		);
-	
+
 		return $ret;
-		
+
 	}
 
 	function api_item_get_user(&$a, $item) {
 		global $usercache;
 
-		// The author is our direct contact, in a conversation with us.
-		if(link_compare($item['url'],$item['author-link'])) {
-			return api_get_user($a,$item['cid']);
+		$r = q("SELECT id FROM unique_contacts WHERE url='%s' LIMIT 1",
+			dbesc(normalise_link($item['owner-link'])));
+
+		if (count($r) == 0)
+			q("INSERT INTO unique_contacts (url, name, avatar) VALUES ('%s', '%s', '%s')",
+			dbesc(normalise_link($item["owner-link"])), dbesc($item["owner-name"]), dbesc($item["owner-avatar"]));
+
+		$r = q("SELECT * FROM unique_contacts WHERE url='%s' LIMIT 1",
+			dbesc(normalise_link($item['author-link'])));
+
+		if (count($r) == 0) {
+			q("INSERT INTO unique_contacts (url, name, avatar) VALUES ('%s', '%s', '%s')",
+			dbesc(normalise_link($item["author-link"])), dbesc($item["author-name"]), dbesc($item["author-avatar"]));
+
+			$r = q("SELECT * FROM unique_contacts WHERE url='%s' LIMIT 1",
+				dbesc(normalise_link($item['author-link'])));
 		}
-		else {
-			// The author may be a contact of ours, but is replying to somebody else. 
-			// Figure out if we know him/her.
-			$normalised = normalise_link((strlen($item['author-link'])) ? $item['author-link'] : $item['url']);
-            if(($normalised != 'mailbox') && (x($a->contacts[$normalised])))
-				return api_get_user($a,$a->contacts[$normalised]['id']);
-		}
-		// We don't know this person directly.
-		
-		list($nick, $name) = array_map("trim",explode("(",$item['author-name']));
-		$name=str_replace(")","",$name);
 
-		if ($name == '')
-			$name = $nick;
-
-		if ($nick == '')
-			$nick = $name;
-
-		// Generating a random ID
-		if (is_null($usercache[$nick]) or !array_key_exists($nick, $usercache))
-			$usercache[$nick] = mt_rand(2000000, 2100000);
-
-		$ret = array(
-			'id' => $usercache[$nick],
-			'name' => $name,
-			'screen_name' => $nick,
-			'location' => '', //$uinfo[0]['default-location'],
-			'description' => '',
-			'profile_image_url' => $item['author-avatar'],
-			'url' => $item['author-link'],
-			'protected' => false,	#
-			'followers_count' => 0,
-			'friends_count' => 0,
-			'created_at' => '',
-			'favourites_count' => 0,
-			'utc_offset' => 0, #XXX: fix me
-			'time_zone' => '', //$uinfo[0]['timezone'],
-			'statuses_count' => 0,
-			'following' => 1,
-			'statusnet_blocking' => false,
-			'notifications' => false,
-			'uid' => 0,
-			'contact_url' => 0,
-			'geo_enabled' => false,
-			'lang' => 'en', #XXX: fix me
-			'contributors_enabled' => false,
-			'follow_request_sent' => false,
-			'profile_background_color' => 'cfe8f6',
-			'profile_text_color' => '000000',
-			'profile_link_color' => 'FF8500',
-			'profile_sidebar_fill_color' =>'AD0066',
-			'profile_sidebar_border_color' => 'AD0066',
-			'profile_background_image_url' => '',
-			'profile_background_tile' => false,
-			'profile_use_background_image' => false,
-			'verified' => true, #XXX: fix me
-			'followers' => '', #XXX: fix me
-			'status' => array()
-		);
-
-		return $ret; 
+		return api_get_user($a,$r[0]["url"]);
 	}
 
 
@@ -463,25 +497,25 @@
 		}
 		return $ret;
 	}
-	
+
 	/**
 	 ** TWITTER API
 	 */
-	
+
 	/**
-	 * Returns an HTTP 200 OK response code and a representation of the requesting user if authentication was successful; 
-	 * returns a 401 status code and an error message if not. 
+	 * Returns an HTTP 200 OK response code and a representation of the requesting user if authentication was successful;
+	 * returns a 401 status code and an error message if not.
 	 * http://developer.twitter.com/doc/get/account/verify_credentials
 	 */
 	function api_account_verify_credentials(&$a, $type){
 		if (api_user()===false) return false;
 		$user_info = api_get_user($a);
-		
+
 		return api_apply_template("user", $type, array('$user' => $user_info));
 
 	}
 	api_register_func('api/account/verify_credentials','api_account_verify_credentials', true);
-	 	
+
 
 	/**
 	 * get data from $_POST or $_GET
@@ -573,7 +607,6 @@
 		}
 		else
 			$_REQUEST['body'] = requestdata('status');
-			//$_REQUEST['body'] = urldecode(requestdata('status'));
 
 		$_REQUEST['title'] = requestdata('title');
 
@@ -608,7 +641,7 @@
 		// call out normal post function
 
 		require_once('mod/item.php');
-		item_post($a);	
+		item_post($a);
 
 		// this should output the last post (the one we just posted).
 		return api_status_show($a,$type);
@@ -629,35 +662,22 @@
 					AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`=''
 				ORDER BY `item`.`created` DESC
 				LIMIT 1",
-				intval($user_info['id'])
+				intval($user_info['cid'])
 		);
 
-//		$lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `i`.`nick` as `reply_author`
-//				FROM `item`, `contact`,
-//					(SELECT `item`.`id`, `item`.`contact-id`, `contact`.`nick` FROM `item`,`contact` WHERE `contact`.`id`=`item`.`contact-id`) as `i` 
-//				WHERE `item`.`contact-id` = %d
-//					AND `i`.`id` = `item`.`parent`
-//					AND `contact`.`id`=`item`.`contact-id` AND `contact`.`self`=1
-//					AND `type`!='activity'
-//					AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`=''
-//				ORDER BY `created` DESC
-//				LIMIT 1",
-//				intval($user_info['id'])
-//		);
-
 		if (count($lastwall)>0){
 			$lastwall = $lastwall[0];
 
-			$in_reply_to_status_id = '';
-			$in_reply_to_user_id = '';
-			$in_reply_to_screen_name = '';
+			$in_reply_to_status_id = NULL;
+			$in_reply_to_user_id = NULL;
+			$in_reply_to_screen_name = NULL;
 			if ($lastwall['parent']!=$lastwall['id']) {
 				$in_reply_to_status_id=$lastwall['parent'];
 				$in_reply_to_user_id = $lastwall['reply_uid'];
 				$in_reply_to_screen_name = $lastwall['reply_author'];
 			}
 			$status_info = array(
-				'text' => html2plain(bbcode($lastwall['body'], false, false, true), 0),
+				'text' => trim(html2plain(bbcode($lastwall['body'], false, false, 2), 0)),
 				'truncated' => false,
 				'created_at' => api_date($lastwall['created']),
 				'in_reply_to_status_id' => $in_reply_to_status_id,
@@ -665,22 +685,30 @@
 				'id' => $lastwall['id'],
 				'in_reply_to_user_id' => $in_reply_to_user_id,
 				'in_reply_to_screen_name' => $in_reply_to_screen_name,
-				'geo' => '',
+				'geo' => NULL,
 				'favorited' => false,
-				'coordinates' => $lastwall['coord'],
-				'place' => $lastwall['location'],
-				'contributors' => ''					
+				'user' => $user_info,
+				'statusnet_html'		=> trim(bbcode($lastwall['body'], false, false)),
+				'statusnet_conversation_id'	=> $lastwall['parent'],
+				//'coordinates' => $lastwall['coord'],
+				//'place' => $lastwall['location'],
+				//'contributors' => ''
 			);
-			$status_info['user'] = $user_info;
+
+			// "cid", "uid" and "self" are only needed for some internal stuff, so remove it from here
+			unset($status_info["user"]["cid"]);
+			unset($status_info["user"]["uid"]);
+			unset($status_info["user"]["self"]);
 		}
+
 		return  api_apply_template("status", $type, array('$status' => $status_info));
-		
+
 	}
 
 
 
 
-		
+
 	/**
 	 * Returns extended information of a given user, specified by ID or screen name as per the required id parameter.
 	 * The author's most recent status will be returned inline.
@@ -688,47 +716,54 @@
 	 */
 	function api_users_show(&$a, $type){
 		$user_info = api_get_user($a);
-		// get last public wall message
-		$lastwall = q("SELECT `item`.*, `i`.`contact-id` as `reply_uid`, `i`.`nick` as `reply_author`
-				FROM `item`, `contact`,
-					(SELECT `item`.`id`, `item`.`contact-id`, `contact`.`nick` FROM `item`,`contact` WHERE `contact`.`id`=`item`.`contact-id`) as `i` 
+
+		$lastwall = q("SELECT `item`.*
+				FROM `item`, `contact`
 				WHERE `item`.`contact-id` = %d
-					AND `i`.`id` = `item`.`parent`
-					AND `contact`.`id`=`item`.`contact-id` AND `contact`.`self`=1
+					AND `contact`.`id`=`item`.`contact-id`
 					AND `type`!='activity'
 					AND `item`.`allow_cid`='' AND `item`.`allow_gid`='' AND `item`.`deny_cid`='' AND `item`.`deny_gid`=''
-				ORDER BY `created` DESC 
+				ORDER BY `created` DESC
 				LIMIT 1",
-				intval($user_info['id'])
+				intval($user_info['cid'])
 		);
 
 		if (count($lastwall)>0){
 			$lastwall = $lastwall[0];
-			
-			$in_reply_to_status_id = '';
-			$in_reply_to_user_id = '';
-			$in_reply_to_screen_name = '';
+
+			$in_reply_to_status_id = NULL;
+			$in_reply_to_user_id = NULL;
+			$in_reply_to_screen_name = NULL;
 			if ($lastwall['parent']!=$lastwall['id']) {
-				$in_reply_to_status_id=$lastwall['parent'];
-				$in_reply_to_user_id = $lastwall['reply_uid'];
-				$in_reply_to_screen_name = $lastwall['reply_author'];
+				$reply = q("SELECT `item`.`id`, `item`.`contact-id` as `reply_uid`, `contact`.`nick` as `reply_author`
+                                            FROM `item`,`contact` WHERE `contact`.`id`=`item`.`contact-id` AND `item`.`id` = %d", intval($lastwall['parent']));
+				if (count($reply)>0) {
+					$in_reply_to_status_id=$lastwall['parent'];
+					$in_reply_to_user_id = $reply[0]['reply_uid'];
+					$in_reply_to_screen_name = $reply[0]['reply_author'];
+				}
 			}
 			$user_info['status'] = array(
-				'created_at' => api_date($lastwall['created']),
-				'id' => $lastwall['contact-id'],
-				'text' => html2plain(bbcode($lastwall['body'], false, false, true), 0),
-				'source' => (($lastwall['app']) ? $lastwall['app'] : 'web'),
+				'text' => trim(html2plain(bbcode($lastwall['body'], false, false, 2), 0)),
 				'truncated' => false,
+				'created_at' => api_date($lastwall['created']),
 				'in_reply_to_status_id' => $in_reply_to_status_id,
+				'source' => (($lastwall['app']) ? $lastwall['app'] : 'web'),
+				'id' => $lastwall['contact-id'],
 				'in_reply_to_user_id' => $in_reply_to_user_id,
-				'favorited' => false,
 				'in_reply_to_screen_name' => $in_reply_to_screen_name,
-				'geo' => '',
-				'coordinates' => $lastwall['coord'],
-				'place' => $lastwall['location'],
-				'contributors' => ''
+				'geo' => NULL,
+				'favorited' => false,
+				'statusnet_html'		=> trim(bbcode($lastwall['body'], false, false)),
+				'statusnet_conversation_id'	=> $lastwall['parent'],
 			);
 		}
+
+		// "cid", "uid" and "self" are only needed for some internal stuff, so remove it from here
+		unset($user_info["cid"]);
+		unset($user_info["uid"]);
+		unset($user_info["self"]);
+
 		return  api_apply_template("user", $type, array('$user' => $user_info));
 
 	}
@@ -782,7 +817,8 @@
 			$sql_extra
 			AND `item`.`id`>%d
 			ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
-			intval($user_info['uid']),
+			//intval($user_info['uid']),
+			intval(api_user()),
 			intval($since_id),
 			intval($start),	intval($count)
 		);
@@ -792,10 +828,11 @@
 		// We aren't going to try to figure out at the item, group, and page
 		// level which items you've seen and which you haven't. If you're looking
 		// at the network timeline just mark everything seen. 
-	
+
 		$r = q("UPDATE `item` SET `unseen` = 0 
 			WHERE `unseen` = 1 AND `uid` = %d",
-			intval($user_info['uid'])
+			//intval($user_info['uid'])
+			intval(api_user())
 		);
 
 
@@ -846,23 +883,6 @@
 		if ($conversation_id > 0)
 			$sql_extra .= ' AND `item`.`parent` = '.intval($conversation_id);
 
-		/*$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
-			`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
-			`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
-			`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
-			FROM `item`, `contact`
-			WHERE `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0
-			AND `item`.`allow_cid` = ''  AND `item`.`allow_gid` = '' 
-			AND `item`.`deny_cid`  = '' AND `item`.`deny_gid`  = '' 
-			AND `item`.`private` = 0 AND `item`.`wall` = 1 AND `user`.`hidewall` = 0
-			AND `contact`.`id` = `item`.`contact-id`
-			AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
-			$sql_extra
-			AND `item`.`id`>%d
-			ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
-			intval($since_id),
-			intval($start),	intval($count)
-		);*/
 	        $r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
 	                `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
         	        `contact`.`network`, `contact`.`thumb`, `contact`.`self`, `contact`.`writable`,
@@ -914,6 +934,9 @@
 		// params
 		$id = intval($a->argv[3]);
 
+		if ($id == 0)
+			$id = intval($_REQUEST["id"]);
+
 		logger('API: api_statuses_show: '.$id);
 
 		//$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false);
@@ -921,7 +944,7 @@
 
 		$sql_extra = '';
 		if ($conversation)
-			$sql_extra .= " AND `item`.`parent` = %d  ORDER BY `received` ASC ";
+			$sql_extra .= " AND `item`.`parent` = %d ORDER BY `received` ASC ";
 		else
 			$sql_extra .= " AND `item`.`id` = %d";
 
@@ -966,6 +989,9 @@
 		// params
 		$id = intval($a->argv[3]);
 
+		if ($id == 0)
+			$id = intval($_REQUEST["id"]);
+
 		logger('API: api_statuses_repeat: '.$id);
 
 		//$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false);
@@ -1024,6 +1050,9 @@
 		// params
 		$id = intval($a->argv[3]);
 
+		if ($id == 0)
+			$id = intval($_REQUEST["id"]);
+
 		logger('API: api_statuses_destroy: '.$id);
 
 		require_once('include/items.php');
@@ -1045,7 +1074,7 @@
 	 */
 	function api_statuses_mentions(&$a, $type){
 		if (api_user()===false) return false;
-				
+
 		$user_info = api_get_user($a);
 		// get last newtork messages
 
@@ -1088,7 +1117,8 @@
 			$sql_extra
 			AND `item`.`id`>%d
 			ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
-			intval($user_info['uid']),
+			//intval($user_info['uid']),
+			intval(api_user()),
 			intval($since_id),
 			intval($start),	intval($count)
 		);
@@ -1118,10 +1148,9 @@
 
 	function api_statuses_user_timeline(&$a, $type){
 		if (api_user()===false) return false;
-		
-		$user_info = api_get_user($a);
-		// get last newtork messages
 
+		$user_info = api_get_user($a);
+		// get last network messages
 
 		logger("api_statuses_user_timeline: api_user: ". api_user() .
 			   "\nuser_info: ".print_r($user_info, true) .
@@ -1147,7 +1176,7 @@
 		if ($conversation_id > 0)
 			$sql_extra .= ' AND `item`.`parent` = '.intval($conversation_id);
 
-		$r = q("SELECT `item`.*, `item`.`id` AS `item_id`, 
+		$r = q("SELECT `item`.*, `item`.`id` AS `item_id`,
 			`contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`,
 			`contact`.`network`, `contact`.`thumb`, `contact`.`dfrn-id`, `contact`.`self`,
 			`contact`.`id` AS `cid`, `contact`.`uid` AS `contact-uid`
@@ -1161,13 +1190,12 @@
 			AND `item`.`id`>%d
 			ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
 			intval(api_user()),
-			intval($user_info['id']),
+			intval($user_info['cid']),
 			intval($since_id),
 			intval($start),	intval($count)
 		);
 
-		$ret = api_format_items($r,$user_info);
-
+		$ret = api_format_items($r,$user_info, true);
 
 		$data = array('$statuses' => $ret);
 		switch($type){
@@ -1214,7 +1242,8 @@
 				AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0
 				$sql_extra
 				ORDER BY `item`.`received` DESC LIMIT %d ,%d ",
-				intval($user_info['uid']),
+				//intval($user_info['uid']),
+				intval(api_user()),
 				intval($start),	intval($count)
 			);
 
@@ -1303,27 +1332,37 @@
 		// standard meta information
 		$ret=Array(
 				'id'                    => $item['id'],
-				'created_at'            => api_date($item['created']),
 				'sender_id'             => $sender['id'] ,
-				'sender_screen_name'    => $sender['screen_name'],
-				'sender'                => $sender,
+				'text'                  => "",
 				'recipient_id'          => $recipient['id'],
+				'created_at'            => api_date($item['created']),
+				'sender_screen_name'    => $sender['screen_name'],
 				'recipient_screen_name' => $recipient['screen_name'],
+				'sender'                => $sender,
 				'recipient'             => $recipient,
 		);
 
+		// "cid", "uid" and "self" are only needed for some internal stuff, so remove it from here
+		unset($ret["sender"]["cid"]);
+		unset($ret["sender"]["uid"]);
+		unset($ret["sender"]["self"]);
+		unset($ret["recipient"]["cid"]);
+		unset($ret["recipient"]["uid"]);
+		unset($ret["recipient"]["self"]);
+
 		//don't send title to regular StatusNET requests to avoid confusing these apps
 		if (x($_GET, 'getText')) {
 			$ret['title'] = $item['title'] ;
 			if ($_GET["getText"] == "html") {
-				$ret['text'] = bbcode($item['body']);
+				$ret['text'] = bbcode($item['body'], false, false);
 			}
 			elseif ($_GET["getText"] == "plain") {
-				$ret['text'] = html2plain(bbcode($item['body'], false, false, true), 0);
+				//$ret['text'] = html2plain(bbcode($item['body'], false, false, true), 0);
+				$ret['text'] = trim(html2plain(bbcode($item['body'], false, false, 2), 0));
 			}
 		}
 		else {
-			$ret['text'] = $item['title']."\n".html2plain(bbcode($item['body'], false, false, true), 0);
+			$ret['text'] = $item['title']."\n".html2plain(bbcode($item['body'], false, false, 2), 0);
 		}
 		if (isset($_GET["getUserObjects"]) && $_GET["getUserObjects"] == "false") {
 			unset($ret['sender']);
@@ -1333,41 +1372,52 @@
 		return $ret;
 	}
 
-	function api_format_items($r,$user_info) {
-
-		//logger('api_format_items: ' . print_r($r,true));
-
-		//logger('api_format_items: ' . print_r($user_info,true));
+	function api_format_items($r,$user_info, $filter_user = false) {
 
 		$a = get_app();
 		$ret = Array();
 
 		foreach($r as $item) {
 			localize_item($item);
-			$status_user = (($item['cid']==$user_info['id'])?$user_info: api_item_get_user($a,$item));
+			$status_user = api_item_get_user($a,$item);
 
-			if ($item['parent']!=$item['id']) {
-				$r = q("select id from item where parent=%s and id<%s order by id desc limit 1",
-					intval($item['parent']), intval($item['id']));
+			// Look if the posts are matching if they should be filtered by user id
+			// To-Do: Fix for wall-to-wall-posts
+			if ($filter_user AND ($status_user["id"] != $user_info["id"]))
+				continue;
+
+			if ($item['thr-parent'] != $item['uri']) {
+				$r = q("SELECT id FROM item WHERE uid=%d AND uri='%s' LIMIT 1",
+					intval(api_user()),
+					dbesc($item['thr-parent']));
 				if ($r)
 					$in_reply_to_status_id = $r[0]['id'];
 				else
 					$in_reply_to_status_id = $item['parent'];
 
-				$r = q("select `item`.`contact-id`, `contact`.nick, `item`.`author-name` from item, contact
-					where `contact`.`id` = `item`.`contact-id` and `item`.id=%d", intval($in_reply_to_status_id));
+				$in_reply_to_screen_name = NULL;
+				$in_reply_to_user_id = NULL;
 
-				$in_reply_to_screen_name = $r[0]['author-name'];
-				$in_reply_to_user_id = $r[0]['contact-id'];
+				$r = q("SELECT `author-link` FROM item WHERE uid=%d AND id=%d LIMIT 1",
+					intval(api_user()),
+					intval($in_reply_to_status_id));
+				if ($r) {
+					$r = q("SELECT * FROM unique_contacts WHERE `url` = '%s'", dbesc(normalise_link($r[0]['author-link'])));
 
+					if ($r) {
+						$in_reply_to_screen_name = $r[0]['name'];
+						$in_reply_to_user_id = $r[0]['id'];
+					}
+				}
 			} else {
-				$in_reply_to_screen_name = '';
-				$in_reply_to_user_id = 0;
-				$in_reply_to_status_id = 0;
+				$in_reply_to_screen_name = NULL;
+				$in_reply_to_user_id = NULL;
+				$in_reply_to_status_id = NULL;
 			}
 
 			// Workaround for ostatus messages where the title is identically to the body
-			$statusbody = trim(html2plain(bbcode($item['body'], false, false, true), 0));
+			$statusbody = trim(html2plain(bbcode($item['body'], false, false, 2), 0));
+
 			$statustitle = trim($item['title']);
 
 			if (($statustitle != '') and (strpos($statusbody, $statustitle) !== false))
@@ -1387,15 +1437,26 @@
 				'id'		=> intval($item['id']),
 				'in_reply_to_user_id' => $in_reply_to_user_id,
 				'in_reply_to_screen_name' => $in_reply_to_screen_name,
-				'geo' => '',
+				'geo' => NULL,
 				'favorited' => $item['starred'] ? true : false,
+				'attachments' => array(),
 				'user' =>  $status_user ,
-				'statusnet_html'		=> trim(bbcode($item['body'])),
+				'statusnet_html'		=> trim(bbcode($item['body'], false, false)),
 				'statusnet_conversation_id'	=> $item['parent'],
 			);
 
+			// "cid", "uid" and "self" are only needed for some internal stuff, so remove it from here
+			unset($status["user"]["cid"]);
+			unset($status["user"]["uid"]);
+			unset($status["user"]["self"]);
+
+			// 'geo' => array('type' => 'Point',
+                        //                   'coordinates' => array((float) $notice->lat,
+                        //                                          (float) $notice->lon));
+
 			// Seesmic doesn't like the following content
-			if ($_SERVER['HTTP_USER_AGENT'] != 'Seesmic') {
+			// completely disabled to make friendica totally compatible to the statusnet API
+			/*if ($_SERVER['HTTP_USER_AGENT'] != 'Seesmic') {
 				$status2 = array(
 					'updated'   => api_date($item['edited']),
 					'published' => api_date($item['created']),
@@ -1413,9 +1474,9 @@
 				);
 
 				$status = array_merge($status, $status2);
-			}
+			}*/
 
-			$ret[]=$status;
+			$ret[] = $status;
 		};
 		return $ret;
 	}
@@ -1457,39 +1518,46 @@
 	function api_statuses_f(&$a, $type, $qtype) {
 		if (api_user()===false) return false;
 		$user_info = api_get_user($a);
-		
-		
+
+
 		// friends and followers only for self
 		if ($user_info['self']==0){
 			return false;
 		}
-		
+
 		if (x($_GET,'cursor') && $_GET['cursor']=='undefined'){
 			/* this is to stop Hotot to load friends multiple times
 			*  I'm not sure if I'm missing return something or
 			*  is a bug in hotot. Workaround, meantime
 			*/
-			
+
 			/*$ret=Array();
 			return array('$users' => $ret);*/
 			return false;
 		}
-		
+
 		if($qtype == 'friends')
 			$sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_SHARING), intval(CONTACT_IS_FRIEND));
 		if($qtype == 'followers')
 			$sql_extra = sprintf(" AND ( `rel` = %d OR `rel` = %d ) ", intval(CONTACT_IS_FOLLOWER), intval(CONTACT_IS_FRIEND));
- 
+
 		$r = q("SELECT id FROM `contact` WHERE `uid` = %d AND `self` = 0 AND `blocked` = 0 AND `pending` = 0 $sql_extra",
 			intval(api_user())
 		);
 
 		$ret = array();
 		foreach($r as $cid){
-			$ret[] = api_get_user($a, $cid['id']);
+			$user =  api_get_user($a, $cid['id']);
+			// "cid", "uid" and "self" are only needed for some internal stuff, so remove it from here
+			unset($user["cid"]);
+			unset($user["uid"]);
+			unset($user["self"]);
+
+			if ($user)
+				$ret[] = $user;
 		}
 
-		
+
 		return array('$users' => $ret);
 
 	}
@@ -1607,18 +1675,18 @@
 
 	function api_direct_messages_new(&$a, $type) {
 		if (api_user()===false) return false;
-		
+
 		if (!x($_POST, "text") || !x($_POST,"screen_name")) return;
 
 		$sender = api_get_user($a);
-		
+
 		require_once("include/message.php");
 
 		$r = q("SELECT `id` FROM `contact` WHERE `uid`=%d AND `nick`='%s'",
 				intval(api_user()),
 				dbesc($_POST['screen_name']));
 
-		$recipient = api_get_user($a, $r[0]['id']);			
+		$recipient = api_get_user($a, $r[0]['id']);
 		$replyto = '';
 		$sub     = '';
 		if (x($_REQUEST,'replyto')) {
@@ -1642,36 +1710,36 @@
 		if ($id>-1) {
 			$r = q("SELECT * FROM `mail` WHERE id=%d", intval($id));
 			$ret = api_format_messages($r[0], $recipient, $sender);
-		
+
 		} else {
-			$ret = array("error"=>$id);	
+			$ret = array("error"=>$id);
 		}
-		
+
 		$data = Array('$messages'=>$ret);
-		
+
 		switch($type){
 			case "atom":
 			case "rss":
 				$data = api_rss_extra($a, $data, $user_info);
 		}
-				
+
 		return  api_apply_template("direct_messages", $type, $data);
-				
+
 	}
 	api_register_func('api/direct_messages/new','api_direct_messages_new',true);
 
 	function api_direct_messages_box(&$a, $type, $box) {
 		if (api_user()===false) return false;
-		
+
 		$user_info = api_get_user($a);
-		
+
 		// params
 		$count = (x($_GET,'count')?$_GET['count']:20);
 		$page = (x($_REQUEST,'page')?$_REQUEST['page']-1:0);
 		if ($page<0) $page=0;
-		
+
 		$start = $page*$count;
-		
+
 		$profile_url = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
 		if ($box=="sentbox") {
 			$sql_extra = "`from-url`='".dbesc( $profile_url )."'";
@@ -1685,12 +1753,12 @@
 		elseif ($box=="inbox") {
 			$sql_extra = "`from-url`!='".dbesc( $profile_url )."'";
 		}
-		
+
 		$r = q("SELECT * FROM `mail` WHERE uid=%d AND $sql_extra ORDER BY created DESC LIMIT %d,%d",
 				intval(api_user()),
 				intval($start),	intval($count)
 		);
-		
+
 		$ret = Array();
 		foreach($r as $item) {
 			if ($box == "inbox" || $item['from-url'] != $profile_url){
@@ -1704,7 +1772,7 @@
 
 			$ret[]=api_format_messages($item, $recipient, $sender);
 		}
-		
+
 
 		$data = array('$messages' => $ret);
 		switch($type){
@@ -1712,9 +1780,9 @@
 			case "rss":
 				$data = api_rss_extra($a, $data, $user_info);
 		}
-				
+
 		return  api_apply_template("direct_messages", $type, $data);
-		
+
 	}
 
 	function api_direct_messages_sentbox(&$a, $type){
@@ -1744,7 +1812,7 @@
 			echo "error=". OAuthUtil::urlencode_rfc3986($e->getMessage()); killme();
 		}
 		echo $r;
-		killme();	
+		killme();
 	}
 	function api_oauth_access_token(&$a, $type){
 		try{
@@ -1754,12 +1822,21 @@
 			echo "error=". OAuthUtil::urlencode_rfc3986($e->getMessage()); killme();
 		}
 		echo $r;
-		killme();			
+		killme();
 	}
 
 	api_register_func('api/oauth/request_token', 'api_oauth_request_token', false);
 	api_register_func('api/oauth/access_token', 'api_oauth_access_token', false);
 
+/*
+
+To-Do:
+- renewing of unique contacts
+- support of repeated items
+
+Bugs:
+*/
+
 /*
 Not implemented by now:
 favorites
diff --git a/mod/api.php b/mod/api.php
index ad75e662..63f8a934 100644
--- a/mod/api.php
+++ b/mod/api.php
@@ -110,7 +110,7 @@ function api_content(&$a) {
 		
 		return $o;
 	}
-	
+
 	echo api_call($a);
 	killme();
 }
diff --git a/update.php b/update.php
index aa4d9b7a..343be1a4 100644
--- a/update.php
+++ b/update.php
@@ -1,6 +1,6 @@