API /reader/api/0/stream/items/contents #1774
Conversation
For FeedMe
|
So they use a slightly incompatible Google Reader API? |
|
@Frenzie More some features that I did not implement because I had not seen anybody using them :-) |
For FeedMe. This token is not used by e.g. The Old Reader API. There is the Authorization header anyway. TODO: Check security consequences
FeedMe uses GET for some parameters typically given by POST
| @@ -216,9 +216,13 @@ function token($conf) { | |||
| function checkToken($conf, $token) { | |||
| //http://code.google.com/p/google-reader-api/wiki/ActionToken | |||
| $user = Minz_Session::param('currentUser', '_'); | |||
| if ($user !== '_' && $token == '') { | |||
There was a problem hiding this comment.
Strict for the first comparison, loose for the second (match empty string and 0 in particular)
| @@ -476,73 +528,37 @@ function streamContents($path, $include_target, $start_time, $count, $order, $ex | |||
| break; | |||
| } | |||
|
|
|||
| if (!empty($continuation)) { | |||
| if ($continuation != '') { | |||
There was a problem hiding this comment.
So we're fine if it's FALSE or 0? Also, is $continuation trimmed anywhere or could you end up with something empty-adjacent like a space?
Also, like above, != or !==?
There was a problem hiding this comment.
Yes, loose comparison there. The test should reject empty string, false, 0, null, etc. and only keep substantial strings.
But good point with sanitising those parameters. Will do so.
There was a problem hiding this comment.
Ah, so != something falsy (loose) basically means exactly the same thing as empty()? I know that PHP plays a bit fast and loose with things like 1 and 0 vs true and false, but I didn't realize empty strings were included in being falsey. I thought any string was truthy. Apparently the string '0' is also falsey.
Confusingly, on that last note, 0.0 (float) is falsey and '0.0' (string) is truthy.
There was a problem hiding this comment.
Yes indeed. empty() is mostly relevant when working with potentially non-existing entries such as in a array, and it is similar to doing !isset($t[1]) || $t[1] == ''. In the case where we have a variable and not an index, there is little point of using empty() and it used to be slower (I am not sure whether there is any difference nowadays).
There was a problem hiding this comment.
I find empty() slightly clearer in the sense that I don't necessarily think of an empty string as falsey while I do think of it as empty, but that's just my problem I suppose. :-P
Python is much more consistent in counting empty arrays, empty strings, etc. as falsey than the likes of JavaScript or PHP. But in Ruby, for example, empty strings are truthy, and in a sense they are in Lua too. In POSIX and related shells you also have to be well aware to use checks like -z (unset or empty) and -n (set and non-empty).
Incidentally, can we get this kind of fun out of PHP?
bla = '0'; if (bla && bla == false) console.log('/sigh')
/sighIt's truthy (non-empty string) but at the same time '0' == false. Perhaps even more confusingly, you can get the same behavior out of new Boolean(false) (the existence of any object is inherently truthy in JS, but its value == false).
There was a problem hiding this comment.
There was a problem hiding this comment.
Fun, but no PHP. Well, at least I got the last one right after the hint. I didn't really dare think not a number at first because that just seemed too logical. xD
There was a problem hiding this comment.
All right, I have one for you. Guess the output :-P
<?php
echo ctype_digit(1234) ? 'true' : 'false', "\n";
echo ctype_digit(123) ? 'true' : 'false', "\n";
echo ctype_digit('123') ? 'true' : 'false', "\n";There was a problem hiding this comment.
My intuitive guess would be false false true but I'm guessing there's a catch. Now to check… ;-)
Edit: hm, true false true. Well then…
If an integer between -128 and 255 inclusive is provided, it is interpreted as the ASCII value of a single character (negative values have 256 added in order to allow characters in the Extended ASCII range). Any other integer is interpreted as a string containing the decimal digits of the integer.
There was a problem hiding this comment.
Close enough: true false true. :-)
If an integer between -128 and 255 inclusive is provided, it is interpreted as the ASCII value of a single character (negative values have 256 added in order to allow characters in the Extended ASCII range). Any other integer is interpreted as a string containing the decimal digits of the integer.
|
A new version of FeedMe will be released when we release FreshRSS 1.10.0 with this patch. |
|
Preview: |
|
@MaluNoPeleke and others: The /dev branch of FreshRSS (soon 1.10.0) and FeedMe 3.5.3+ (currently available as beta in the Play Store) should work fine together. Tests welcome. |
|
Hi, I just set-up a fresh install of FreshRSS dev and FeedMe 3.5.4 and encountered an issue. |
|
@blankoworld Thanks for the test. Lines 740 to 743 in c79b8fb and either set 'environment' => 'development', in ./data/config.php or change the lines to Minz_Log::warning().It will be in ./data/users/_/log_api.txt
|
|
@Alkarex |
|
@bramboomen Could you please ensure that you have a number of unread articles before trying a first synchronisation? |
|
@Alkarex |
|
Thanks for the test account. It seems to work fine for me :-) |
|
Ah, in FeedMe, under Settings / Synchronisation Mode, pick "All". (I am not sure of the exact wording of the English version) |
|
@Alkarex |
|
Had the same problem! Anyway, this reader is a nice addition, I'll use it a couple days to see if it fits my needs :) |
|
The next version of FeedMe will have the proper synchronisation setting by default. |
|
Regarding the FeedMe configuration, it's not very easy to guess that the Host is: |
|
@fcoiffie Indeed, therefore:
Please note that is is better to expose only the |
* API /reader/api/0/stream/items/contents For FeedMe * Fix continuation * Continuation in stream/items/ids * Fix multiple continuations * Allow empty POST tokens For FeedMe. This token is not used by e.g. The Old Reader API. There is the Authorization header anyway. TODO: Check security consequences * API compatibility FeedMe: add/remove feed FeedMe uses GET for some parameters typically given by POST * A bit of sanitization * Links to FeedMe * API favicons more robust when base_url is not set * Changelog FeedMe
* API /reader/api/0/stream/items/contents For FeedMe * Fix continuation * Continuation in stream/items/ids * Fix multiple continuations * Allow empty POST tokens For FeedMe. This token is not used by e.g. The Old Reader API. There is the Authorization header anyway. TODO: Check security consequences * API compatibility FeedMe: add/remove feed FeedMe uses GET for some parameters typically given by POST * A bit of sanitization * Links to FeedMe * API favicons more robust when base_url is not set * Changelog FeedMe
For FeedMe https://play.google.com/store/apps/details?id=com.seazon.feedme