您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符

status.php 2.9KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990
  1. <?php
  2. require_once "utils.php";
  3. require_once "misc/config.php";
  4. function check_token()
  5. {
  6. $token = check_table_field("Authorization", "tokens", "token");
  7. if ($token === false)
  8. error(401, "Invalid token");
  9. return $token;
  10. }
  11. function status_confirm($id)
  12. {
  13. check_token();
  14. }
  15. function status_create()
  16. {
  17. $token = check_token();
  18. $status = get_post("status");
  19. if (strlen($status) < 10)
  20. error(422, "Status too short");
  21. $lat = check_float(get_post("latitude", false));
  22. $long = check_float(get_post("longitude", false));
  23. $media = null;
  24. if (isset($_FILES["media"])
  25. && getimagesize($_FILES["media"]["tmp_name"]) !== false)
  26. {
  27. global $media_path;
  28. $media = dechex(microtime(true)) . dechex(rand());
  29. move_uploaded_file($_FILES["media"]["tmp_name"], $media_path . $media);
  30. }
  31. $u = database_exec("SELECT `id`, `username` FROM users WHERE `id` = ".
  32. "(SELECT `user` FROM tokens WHERE `token` = :token)",
  33. array(":token" => $token))->fetch();
  34. database_exec("INSERT INTO status (`status`, `user`, `longitude`, ".
  35. "`latitude`, `media`) VALUES(:status, :user, :long, :lat, :media)",
  36. array(":status" => $status, ":user" => $u["id"], ":long" => $long,
  37. ":lat" => $lat, ":media" => $media));
  38. $s = database_exec("SELECT * FROM status WHERE id = :id",
  39. array(":id" => database_get()->lastInsertId()))->fetch();
  40. $date = new DateTime($s["date"]);
  41. global $media_url;
  42. echo json_encode(array("status" => $s["status"],
  43. "user_id" => intval($u["id"]),
  44. "creation_date" => $date->format(DateTime::ISO8601),
  45. "latitude" => $s["latitude"] === null ? null : floatval($s["latitude"]),
  46. "longitude" => $s["longitude"] === null ? null : floatval($s["longitude"]),
  47. "media_url" => ($s["media"] !== null ) ? $media_url . $s["media"] : null,
  48. "id" => intval($s["id"])
  49. ));
  50. }
  51. function status_feed()
  52. {
  53. check_token();
  54. $limit = check_int(get_get("limit", false), 15);
  55. if ($limit < 1)
  56. $limit = 15;
  57. $page = max((check_int(get_get("page", false), 1) - 1), 0) * $limit;
  58. $s = database_query("SELECT * FROM status ORDER BY `id` DESC ".
  59. "LIMIT $page, $limit");
  60. $data = array();
  61. global $media_url;
  62. while (($u = $s->fetch()) !== false)
  63. {
  64. $a = database_exec("SELECT `id`, `username` FROM users WHERE `id` = :id",
  65. array(":id" => $u["user"]))->fetch();
  66. $date = new DateTime($u["date"]);
  67. $data[] = array("id" => intval($u["id"]),
  68. "status" => $u["status"],
  69. "creation_date" => $date->format(DateTime::ISO8601),
  70. "latitude" => $u["latitude"] === null ? null : floatval($u["latitude"]),
  71. "longitude" => $u["longitude"] === null ? null : floatval($u["longitude"]),
  72. "author_id" => intval($a["id"]),
  73. "author_username" => $a["username"],
  74. "nb_confirm_up" => intval($u["up"]),
  75. "nb_confirm_down" => intval($u["down"]),
  76. "media_url" => ($u["media"] !== null ) ? $media_url . $u["media"] : null);
  77. }
  78. echo json_encode($data);
  79. }
  80. ?>