From c14270ac648391660c989d9b5d28fd2d1070c4db Mon Sep 17 00:00:00 2001 From: Sebastian Egbers Date: Fri, 22 Jun 2012 13:35:36 +0200 Subject: [PATCH 1/2] modified conversion to use x function for parameter checking. --- include/api.php | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/include/api.php b/include/api.php index b77156dfae..730e1fa2ff 100644 --- a/include/api.php +++ b/include/api.php @@ -864,8 +864,13 @@ logger('API: api_statuses_show: '.$id); //$include_entities = (x($_REQUEST,'include_entities')?$_REQUEST['include_entities']:false); - //$sql_extra = ""; - if ($_GET["conversation"] == "true") $sql_extra .= " AND `item`.`parent` = %d ORDER BY `received` ASC "; else $sql_extra .= " AND `item`.`id` = %d"; + $conversation = (x($_REQUEST,'conversation')?1:0); + + $sql_extra = ''; + if ($conversation) + $sql_extra .= " AND `item`.`parent` = %d ORDER BY `received` ASC "; + else + $sql_extra .= " AND `item`.`id` = %d"; $r = q("SELECT `item`.*, `item`.`id` AS `item_id`, `contact`.`name`, `contact`.`photo`, `contact`.`url`, `contact`.`rel`, @@ -875,16 +880,15 @@ WHERE `item`.`visible` = 1 and `item`.`moderated` = 0 AND `item`.`deleted` = 0 AND `contact`.`id` = `item`.`contact-id` AND `contact`.`blocked` = 0 AND `contact`.`pending` = 0 - $sql_extra - ", + $sql_extra", intval($id) ); -//var_dump($r); + $ret = api_format_items($r,$user_info); -//var_dump($ret); - if ($_GET["conversation"] == "true") { + + if ($conversation) { $data = array('$statuses' => $ret); - return api_apply_template("timeline", $type, $data); + return api_apply_template("timeline", $type, $data); } else { $data = array('$status' => $ret[0]); /*switch($type){ From cd25c3b5dd61755791dcde8dfd09e0032bcfb197 Mon Sep 17 00:00:00 2001 From: Sebastian Egbers Date: Fri, 22 Jun 2012 14:54:31 +0200 Subject: [PATCH 2/2] added replyto and subject to direct messages. --- include/api.php | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) diff --git a/include/api.php b/include/api.php index 730e1fa2ff..ac9c2cc849 100644 --- a/include/api.php +++ b/include/api.php @@ -1507,21 +1507,32 @@ if (local_user()===false) return false; if (!x($_POST, "text") || !x($_POST,"screen_name")) return; - + $sender = api_get_user($a); $r = q("SELECT `id` FROM `contact` WHERE `uid`=%d AND `nick`='%s'", intval(local_user()), dbesc($_POST['screen_name'])); - $recipient = api_get_user($a, $r[0]['id']); - - require_once("include/message.php"); - $sub = ( (strlen($_POST['text'])>10)?substr($_POST['text'],0,10)."...":$_POST['text']); - $id = send_message($recipient['id'], $_POST['text'], $sub); - - + + $recipient = api_get_user($a, $r[0]['id']); + $replyto = ''; + if (x($_REQUEST,'replyto')) { + $r = q('SELECT `uri` FROM `mail` WHERE `uid`=%d AND `id`=%d', + intval(local_user()), + intval($_REQUEST['replyto'])); + $replyto = $r[0]['uri']; + } + + if (x($_REQUEST,'title')) { + $sub = $_REQUEST['title']; + } + else { + $sub = ((strlen($_POST['text'])>10)?substr($_POST['text'],0,10)."...":$_POST['text']); + } + $id = send_message($recipient['id'], $_POST['text'], $sub, $replyto); + if ($id>-1) { $r = q("SELECT * FROM `mail` WHERE id=%d", intval($id)); $item = $r[0];