add(new DateInterval("P1D")); if ($token === false || $date < new DateTime()) error(401, "Invalid user token"); return $token["token"]; } function status_confirm($id) { $token = check_token(); $confirm = get_post("confirmation"); if (database_exec("SELECT `id` FROM status WHERE `id` = :id", array(":id" => $id))->fetch() === false) error(404, "Status not found"); if ($confirm != 0 && $confirm != 1) error(422, "Bad confirmation value"); $u = database_exec("SELECT `id` FROM users WHERE `id` = ". "(SELECT `user` FROM tokens WHERE `token` = :token)", array(":token" => $token))->fetch(); if (database_exec("SELECT `id` FROM confirms WHERE `status` = :status ". "AND `user` = :user AND `confirmation` = :confirm", array(":status" => $id, ":user" => $u["id"], ":confirm" => $confirm)) ->fetch() !== false) error(409, "Can not confirm twice with same value"); database_exec("INSERT INTO confirms (`confirmation`, `status`, `user`)". "VALUES(:confirm, :status, :user)", array(":confirm" => $confirm, ":status" => $id, ":user" => $u["id"])); echo json_encode(array("user_id" => intval($u["id"]), "status_id" => intval(database_get()->lastInsertId()), "confirmation" => (bool)$confirm)); } function status_create() { $token = check_token(); $status = get_post("status"); if (strlen($status) < 10) error(422, "Status length too short"); $lat = check_float(get_post("latitude", false)); $long = check_float(get_post("longitude", false)); $media = null; if (isset($_FILES["media"]) && getimagesize($_FILES["media"]["tmp_name"]) !== false) { global $media_path; $media = dechex(microtime(true)) . dechex(rand()); move_uploaded_file($_FILES["media"]["tmp_name"], $media_path . $media); } $u = database_exec("SELECT `id`, `username` FROM users WHERE `id` = ". "(SELECT `user` FROM tokens WHERE `token` = :token)", array(":token" => $token))->fetch(); database_exec("INSERT INTO status (`status`, `user`, `longitude`, ". "`latitude`, `media`) VALUES(:status, :user, :long, :lat, :media)", array(":status" => $status, ":user" => $u["id"], ":long" => $long, ":lat" => $lat, ":media" => $media)); $s = database_exec("SELECT * FROM status WHERE id = :id", array(":id" => database_get()->lastInsertId()))->fetch(); $date = new DateTime($s["date"]); global $media_url; echo json_encode(array("status" => $s["status"], "user_id" => intval($u["id"]), "creation_date" => $date->format(DateTime::ISO8601), "latitude" => $s["latitude"] === null ? null : floatval($s["latitude"]), "longitude" => $s["longitude"] === null ? null : floatval($s["longitude"]), "media_url" => ($s["media"] !== null ) ? $media_url . $s["media"] : null, "id" => intval($s["id"]) )); } function status_feed() { check_token(); $limit = check_int(get_get("limit", false), 15); if ($limit < 1) $limit = 15; $page = max((check_int(get_get("page", false), 1) - 1), 0) * $limit; $s = database_query("SELECT *, ". "(SELECT COUNT(*) FROM confirms WHERE ". "`status` = `status`.id and `confirmation` = 1) as 'up', ". "(SELECT COUNT(*) FROM confirms WHERE ". "`status` = `status`.id and `confirmation` = 0) as 'down' ". "FROM status ORDER BY `id` DESC ". "LIMIT $page, $limit"); $data = array(); global $media_url; while (($u = $s->fetch()) !== false) { $a = database_exec("SELECT `id`, `username` FROM users WHERE `id` = :id", array(":id" => $u["user"]))->fetch(); $date = new DateTime($u["date"]); $data[] = array("id" => intval($u["id"]), "status" => $u["status"], "creation_date" => $date->format(DateTime::ISO8601), "latitude" => $u["latitude"] === null ? null : floatval($u["latitude"]), "longitude" => $u["longitude"] === null ? null : floatval($u["longitude"]), "author_id" => intval($a["id"]), "author_username" => $a["username"], "nb_confirm_up" => intval($u["up"]), "nb_confirm_down" => intval($u["down"]), "media_url" => ($u["media"] !== null ) ? $media_url . $u["media"] : null); } echo json_encode($data); } ?>