apioauthaction.php 2.3 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182
  1. <?php
  2. // This file is part of GNU social - https://www.gnu.org/software/social
  3. //
  4. // GNU social is free software: you can redistribute it and/or modify
  5. // it under the terms of the GNU Affero General Public License as published by
  6. // the Free Software Foundation, either version 3 of the License, or
  7. // (at your option) any later version.
  8. //
  9. // GNU social is distributed in the hope that it will be useful,
  10. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. // GNU Affero General Public License for more details.
  13. //
  14. // You should have received a copy of the GNU Affero General Public License
  15. // along with GNU social. If not, see <http://www.gnu.org/licenses/>.
  16. /**
  17. * Base action for OAuth API endpoints
  18. *
  19. * @category API
  20. * @package GNUsocial
  21. * @author Zach Copley <zach@status.net>
  22. * @copyright 2010 StatusNet, Inc.
  23. * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
  24. */
  25. defined('GNUSOCIAL') || die();
  26. require_once INSTALLDIR . '/lib/api/apiaction.php';
  27. /**
  28. * Base action for API OAuth enpoints. Clean up the
  29. * request. Some other common functions.
  30. *
  31. * @category API
  32. * @package GNUsocial
  33. * @author Zach Copley <zach@status.net>
  34. * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
  35. */
  36. class ApiOAuthAction extends ApiAction
  37. {
  38. /**
  39. * Is this a read-only action?
  40. *
  41. * @return boolean false
  42. */
  43. public function isReadOnly($args)
  44. {
  45. return false;
  46. }
  47. protected function prepare(array $args=array())
  48. {
  49. self::cleanRequest();
  50. return parent::prepare($args);
  51. }
  52. /*
  53. * Clean up the request so the OAuth library doesn't find
  54. * any extra parameters or anything else it's not expecting.
  55. * I'm looking at you, p parameter.
  56. */
  57. public static function cleanRequest()
  58. {
  59. // strip out the p param added in index.php
  60. unset($_GET['p']);
  61. unset($_POST['p']);
  62. unset($_REQUEST['p']);
  63. $queryArray = explode('&', $_SERVER['QUERY_STRING']);
  64. for ($i = 0; $i < sizeof($queryArray); $i++) {
  65. if (substr($queryArray[$i], 0, 2) == 'p=') {
  66. unset($queryArray[$i]);
  67. }
  68. }
  69. $_SERVER['QUERY_STRING'] = implode('&', $queryArray);
  70. }
  71. }