From 3fba9a16f5e908b62e486d0e0df02fcb6e0a7796 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sun, 7 Mar 2010 23:41:55 -0500 Subject: [PATCH 01/11] add a script to import Twitter atom feed as notices --- scripts/importtwitteratom.php | 192 ++++++++++++++++++++++++++++++++++ 1 file changed, 192 insertions(+) create mode 100644 scripts/importtwitteratom.php diff --git a/scripts/importtwitteratom.php b/scripts/importtwitteratom.php new file mode 100644 index 0000000000..7316f21080 --- /dev/null +++ b/scripts/importtwitteratom.php @@ -0,0 +1,192 @@ +#!/usr/bin/env php +. + */ + +define('INSTALLDIR', realpath(dirname(__FILE__) . '/..')); + +$shortoptions = 'i:n:f:'; +$longoptions = array('id=', 'nickname=', 'file='); + +$helptext = <<documentElement->namespaceURI != Activity::ATOM || + $dom->documentElement->localName != 'feed') { + throw new Exception("'$filename' is not an Atom feed."); + } + + return $dom; +} + +function importActivityStream($user, $doc) +{ + $feed = $doc->documentElement; + + $entries = $feed->getElementsByTagNameNS(Activity::ATOM, 'entry'); + + for ($i = $entries->length - 1; $i >= 0; $i--) { + $entry = $entries->item($i); + $activity = new Activity($entry, $feed); + $object = $activity->object; + if (!have_option('q', 'quiet')) { + print $activity->content . "\n"; + } + $html = getTweetHtml($object->link); + + $config = array('safe' => 1, + 'deny_attribute' => 'class,rel,id,style,on*'); + + $html = htmLawed($html, $config); + + $content = html_entity_decode(strip_tags($html)); + + $notice = Notice::saveNew($user->id, + $content, + 'importtwitter', + array('uri' => $object->id, + 'url' => $object->link, + 'rendered' => $html, + 'created' => common_sql_date($activity->time), + 'replies' => array(), + 'groups' => array())); + } +} + +function getTweetHtml($url) +{ + try { + $client = new HTTPClient(); + $response = $client->get($url); + } catch (HTTP_Request2_Exception $e) { + print "ERROR: HTTP response " . $e->getMessage() . "\n"; + return false; + } + + if (!$response->isOk()) { + print "ERROR: HTTP response " . $response->getCode() . "\n"; + return false; + } + + $body = $response->getBody(); + + return tweetHtmlFromBody($body); +} + +function tweetHtmlFromBody($body) +{ + $doc = DOMDocument::loadHTML($body); + $xpath = new DOMXPath($doc); + + $spans = $xpath->query('//span[@class="entry-content"]'); + + if ($spans->length == 0) { + print "ERROR: No content in tweet page.\n"; + return ''; + } + + $span = $spans->item(0); + + $children = $span->childNodes; + + $text = ''; + + for ($i = 0; $i < $children->length; $i++) { + $child = $children->item($i); + if ($child instanceof DOMElement && + $child->tagName == 'a' && + !preg_match('#^https?://#', $child->getAttribute('href'))) { + $child->setAttribute('href', 'http://twitter.com' . $child->getAttribute('href')); + } + $text .= $doc->saveXML($child); + } + + return $text; +} + +try { + + $doc = getAtomFeedDocument(); + $user = getUser(); + + importActivityStream($user, $doc); + +} catch (Exception $e) { + print $e->getMessage()."\n"; + exit(1); +} + From 6828567ed067b382f68910dba6d59b603fc782a4 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Thu, 11 Mar 2010 11:52:19 -0800 Subject: [PATCH 02/11] Add forgotten scripts/fixup_files.php to clean up "the h bug" --- scripts/fixup_files.php | 77 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100755 scripts/fixup_files.php diff --git a/scripts/fixup_files.php b/scripts/fixup_files.php new file mode 100755 index 0000000000..18feaf2218 --- /dev/null +++ b/scripts/fixup_files.php @@ -0,0 +1,77 @@ +#!/usr/bin/env php +. + */ + +define('INSTALLDIR', realpath(dirname(__FILE__) . '/..')); + +$longoptions = array('dry-run'); + +$helptext = <<title = 'h'; +$f->mimetype = 'h'; +$f->size = 0; +$f->protected = 0; +$f->find(); +echo "Found $f->N bad items:\n"; + +while ($f->fetch()) { + echo "$f->id $f->url"; + + $data = File_redirection::lookupWhere($f->url); + if ($dry) { + if (is_array($data)) { + echo " (unchanged)\n"; + } else { + echo " (unchanged, but embedding lookup failed)\n"; + } + } else { + // NULL out the mime/title/size/protected fields + $sql = sprintf("UPDATE file " . + "SET mimetype=null,title=null,size=null,protected=null " . + "WHERE id=%d", + $f->id); + $f->query($sql); + $f->decache(); + + if (is_array($data)) { + if ($f->saveOembed($data, $f->url)) { + echo " (ok)\n"; + } else { + echo " (ok, no embedding data)\n"; + } + } else { + echo " (ok, but embedding lookup failed)\n"; + } + } +} + +echo "done.\n"; + From 40cde2f7109cace8f37cd36c31420c38ad475d40 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 15 Mar 2010 22:10:32 +0000 Subject: [PATCH 03/11] Initial Twitpic-like media upload endpoint /api/statusnet/media/upload --- actions/apimediaupload.php | 141 +++++++++++++++++++++++++++++++++++++ lib/router.php | 6 ++ 2 files changed, 147 insertions(+) create mode 100644 actions/apimediaupload.php diff --git a/actions/apimediaupload.php b/actions/apimediaupload.php new file mode 100644 index 0000000000..ec316edc8d --- /dev/null +++ b/actions/apimediaupload.php @@ -0,0 +1,141 @@ +. + * + * @category API + * @author Zach Copley + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +require_once INSTALLDIR . '/lib/apiauth.php'; +require_once INSTALLDIR . '/lib/mediafile.php'; + +/** + * Upload an image via the API. Returns a shortened URL for the image + * to the user. + * + * @category API + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class ApiMediaUploadAction extends ApiAuthAction +{ + /** + * Handle the request + * + * Grab the file from the 'media' param, then store, and shorten + * + * @todo Upload throttle! + * + * @param array $args $_REQUEST data (unused) + * + * @return void + */ + + function handle($args) + { + parent::handle($args); + + if ($_SERVER['REQUEST_METHOD'] != 'POST') { + $this->clientError( + _('This method requires a POST.'), + 400, $this->format + ); + return; + } + + // Workaround for PHP returning empty $_POST and $_FILES when POST + // length > post_max_size in php.ini + + if (empty($_FILES) + && empty($_POST) + && ($_SERVER['CONTENT_LENGTH'] > 0) + ) { + $msg = _('The server was unable to handle that much POST ' . + 'data (%s bytes) due to its current configuration.'); + + $this->clientError(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); + return; + } + + $upload = null; + + try { + $upload = MediaFile::fromUpload('media', $this->auth_user); + } catch (ClientException $ce) { + $this->clientError($ce->getMessage()); + return; + } + + if (isset($upload)) { + $this->showResponse($upload); + } else { + $this->clientError('Upload failed.'); + return; + } + } + + /** + * Show a Twitpic-like response with the ID of the media file + * and a (hopefully) shortened URL for it. + * + * @param File $upload the uploaded file + * + * @return void + */ + function showResponse($upload) + { + $this->initDocument(); + $this->elementStart('rsp', array('stat' => 'ok')); + $this->element('mediaid', null, $upload->fileRecord->id); + $this->element('mediaurl', null, $upload->shortUrl()); + $this->elementEnd('rsp'); + $this->endDocument(); + } + + /** + * Overrided clientError to show a more Twitpic-like error + * + * @param String $msg an error message + * + */ + function clientError($msg) + { + $this->initDocument(); + $this->elementStart('rsp', array('stat' => 'fail')); + + // @todo add in error code + $errAttr = array('msg' => $msg); + + $this->element('err', $errAttr, null); + $this->elementEnd('rsp'); + $this->endDocument(); + } + +} diff --git a/lib/router.php b/lib/router.php index 706120e0bf..a48ee875e1 100644 --- a/lib/router.php +++ b/lib/router.php @@ -628,6 +628,12 @@ class Router array('action' => 'ApiTimelineTag', 'format' => '(xmljson|rss|atom)')); + // media related + $m->connect( + 'api/statusnet/media/upload', + array('action' => 'ApiMediaUpload') + ); + // search $m->connect('api/search.atom', array('action' => 'twitapisearchatom')); $m->connect('api/search.json', array('action' => 'twitapisearchjson')); From 9ec24f59ca61bbbb45667b548a872e724f31ab3e Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 15 Mar 2010 15:41:57 -0700 Subject: [PATCH 04/11] Drop result ID from data objects on clone(). This keeps the original object working if it was in the middle of a query loop, even if the cloned object falls out of scope and triggers its destructor. This bug was hitting a number of places where we had the pattern: $db->find(); while($dbo->fetch()) { $x = clone($dbo); // do anything with $x other than storing it in an array } The cloned object's destructor would trigger on the second run through the loop, freeing the database result set -- not really what we wanted. (Loops that stored the clones into an array were fine, since the clones stay in scope in the array longer than the original does.) Detaching the database result from the clone lets us work with its data without interfering with the rest of the query. In the unlikely even that somebody is making clones in the middle of a query, then trying to continue the query with the clone instead of the original object, well they're gonna be broken now. --- classes/Safe_DataObject.php | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/classes/Safe_DataObject.php b/classes/Safe_DataObject.php index 021f7b5064..08bc6846f4 100644 --- a/classes/Safe_DataObject.php +++ b/classes/Safe_DataObject.php @@ -42,6 +42,25 @@ class Safe_DataObject extends DB_DataObject } } + /** + * Magic function called at clone() time. + * + * We use this to drop connection with some global resources. + * This supports the fairly common pattern where individual + * items being read in a loop via a single object are cloned + * for individual processing, then fall out of scope when the + * loop comes around again. + * + * As that triggers the destructor, we want to make sure that + * the original object doesn't have its database result killed. + * It will still be freed properly when the original object + * gets destroyed. + */ + function __clone() + { + $this->_DB_resultid = false; + } + /** * Magic function called at serialize() time. * From 441e52718e4db4eb45bd5c76c5af446496f56f96 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 15 Mar 2010 15:08:16 -0700 Subject: [PATCH 05/11] Background deletion of user accounts. Notices are deleted in chunks, then the user itself when they're all gone. While deletion is in progress, the account is locked with the 'deleted' role, which disables all actions with rights control. Todo: * Pretty up the notice on the profile page about the pending delete. Show status? * Possibly more thorough account disabling, such as disallowing all use for login and access. * Improve error recovery; worst case is that an account gets left locked in 'deleted' state but the queue jobs have gotten dropped out. This would leave the username in use and any undeleted notices in place. --- actions/deleteuser.php | 10 +++- classes/Profile.php | 3 ++ classes/Profile_role.php | 1 + lib/deluserqueuehandler.php | 95 +++++++++++++++++++++++++++++++++++++ lib/queuemanager.php | 3 ++ lib/userprofile.php | 11 +++++ 6 files changed, 122 insertions(+), 1 deletion(-) create mode 100644 lib/deluserqueuehandler.php diff --git a/actions/deleteuser.php b/actions/deleteuser.php index c4f84fad2d..4e6b273953 100644 --- a/actions/deleteuser.php +++ b/actions/deleteuser.php @@ -162,7 +162,15 @@ class DeleteuserAction extends ProfileFormAction function handlePost() { if (Event::handle('StartDeleteUser', array($this, $this->user))) { - $this->user->delete(); + // Mark the account as deleted and shove low-level deletion tasks + // to background queues. Removing a lot of posts can take a while... + if (!$this->user->hasRole(Profile_role::DELETED)) { + $this->user->grantRole(Profile_role::DELETED); + } + + $qm = QueueManager::get(); + $qm->enqueue($this->user, 'deluser'); + Event::handle('EndDeleteUser', array($this, $this->user)); } } diff --git a/classes/Profile.php b/classes/Profile.php index 91f6e46922..eded1ff71f 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -732,6 +732,9 @@ class Profile extends Memcached_DataObject function hasRight($right) { $result = false; + if ($this->hasRole(Profile_role::DELETED)) { + return false; + } if (Event::handle('UserRightsCheck', array($this, $right, &$result))) { switch ($right) { diff --git a/classes/Profile_role.php b/classes/Profile_role.php index d0a0b31f0f..e7aa1f0f06 100644 --- a/classes/Profile_role.php +++ b/classes/Profile_role.php @@ -53,6 +53,7 @@ class Profile_role extends Memcached_DataObject const ADMINISTRATOR = 'administrator'; const SANDBOXED = 'sandboxed'; const SILENCED = 'silenced'; + const DELETED = 'deleted'; // Pending final deletion of notices... public static function isValid($role) { diff --git a/lib/deluserqueuehandler.php b/lib/deluserqueuehandler.php new file mode 100644 index 0000000000..4a1233a5ef --- /dev/null +++ b/lib/deluserqueuehandler.php @@ -0,0 +1,95 @@ +. + */ + +/** + * Background job to delete prolific users without disrupting front-end too much. + * + * Up to 50 messages are deleted on each run through; when all messages are gone, + * the actual account is deleted. + * + * @package QueueHandler + * @maintainer Brion Vibber + */ + +class DelUserQueueHandler extends QueueHandler +{ + const DELETION_WINDOW = 50; + + public function transport() + { + return 'deluser'; + } + + public function handle($user) + { + if (!($user instanceof User)) { + common_log(LOG_ERR, "Got a bogus user, not deleting"); + return true; + } + + $user = User::staticGet('id', $user->id); + if (!$user) { + common_log(LOG_INFO, "User {$user->nickname} was deleted before we got here."); + return true; + } + + if (!$user->hasRole(Profile_role::DELETED)) { + common_log(LOG_INFO, "User {$user->nickname} is not pending deletion; aborting."); + return true; + } + + $notice = $this->getNextBatch($user); + if ($notice->N) { + common_log(LOG_INFO, "Deleting next {$notice->N} notices by {$user->nickname}"); + while ($notice->fetch()) { + $del = clone($notice); + $del->delete(); + } + + // @todo improve reliability in case we died during the above deletions + // with a fatal error. If the job is lost, we should perform some kind + // of garbage collection later. + + // Queue up the next batch. + $qm = QueueManager::get(); + $qm->enqueue($user, 'deluser'); + } else { + // Out of notices? Let's finish deleting this guy! + $user->delete(); + common_log(LOG_INFO, "User $user->id $user->nickname deleted."); + return true; + } + + return true; + } + + /** + * Fetch the next self::DELETION_WINDOW messages for this user. + * @return Notice + */ + protected function getNextBatch(User $user) + { + $notice = new Notice(); + $notice->profile_id = $user->id; + $notice->limit(self::DELETION_WINDOW); + $notice->find(); + return $notice; + } + +} diff --git a/lib/queuemanager.php b/lib/queuemanager.php index 87bd356aa2..0829c8a8bc 100644 --- a/lib/queuemanager.php +++ b/lib/queuemanager.php @@ -264,6 +264,9 @@ abstract class QueueManager extends IoManager $this->connect('sms', 'SmsQueueHandler'); } + // Background user management tasks... + $this->connect('deluser', 'DelUserQueueHandler'); + // Broadcasting profile updates to OMB remote subscribers $this->connect('profile', 'ProfileQueueHandler'); diff --git a/lib/userprofile.php b/lib/userprofile.php index 8464c24464..2c3b1ea453 100644 --- a/lib/userprofile.php +++ b/lib/userprofile.php @@ -228,6 +228,17 @@ class UserProfile extends Widget function showEntityActions() { + if ($this->profile->hasRole(Profile_role::DELETED)) { + $this->out->elementStart('div', 'entity_actions'); + $this->out->element('h2', null, _('User actions')); + $this->out->elementStart('ul'); + $this->out->elementStart('p', array('class' => 'profile_deleted')); + $this->out->text(_('User deletion in progress...')); + $this->out->elementEnd('p'); + $this->out->elementEnd('ul'); + $this->out->elementEnd('div'); + return; + } if (Event::handle('StartProfilePageActionsSection', array(&$this->out, $this->profile))) { $cur = common_current_user(); From d1ea448c274334cfee49c8d53e61866145084433 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 15 Mar 2010 18:41:15 -0700 Subject: [PATCH 06/11] Always output a site logo via /api/statusnet/config.:format (so client devs have something to use) --- actions/apistatusnetconfig.php | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/actions/apistatusnetconfig.php b/actions/apistatusnetconfig.php index bff8313b5c..66b23c02d5 100644 --- a/actions/apistatusnetconfig.php +++ b/actions/apistatusnetconfig.php @@ -97,8 +97,6 @@ class ApiStatusnetConfigAction extends ApiAction // XXX: check that all sections and settings are legal XML elements - common_debug(var_export($this->keys, true)); - foreach ($this->keys as $section => $settings) { $this->elementStart($section); foreach ($settings as $setting) { @@ -110,6 +108,14 @@ class ApiStatusnetConfigAction extends ApiAction } else if ($value === true) { $value = 'true'; } + + // return theme logo if there's no site specific one + if (empty($value)) { + if ($section == 'site' && $setting == 'logo') { + $value = Theme::path('logo.png'); + } + } + $this->element($setting, null, $value); } $this->elementEnd($section); From b994d529f4de53df6350e12b5e81889cee17f317 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Mon, 15 Mar 2010 19:06:06 -0700 Subject: [PATCH 07/11] Throw an exception if we receive a document instead of a feed's root element --- lib/activity.php | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/lib/activity.php b/lib/activity.php index ae65fe36ff..d84eabf7c4 100644 --- a/lib/activity.php +++ b/lib/activity.php @@ -1083,15 +1083,11 @@ class Activity $this->entry = $entry; - // @fixme Don't send in a DOMDocument + // Insist on a feed's root DOMElement; don't allow a DOMDocument if ($feed instanceof DOMDocument) { - common_log( - LOG_WARNING, - 'Activity::__construct() - ' - . 'DOMDocument passed in for feed by mistake. ' - . "Expecting a 'feed' DOMElement." + throw new ClientException( + _("Expecting a root feed element but got a whole XML document.") ); - $feed = $feed->getElementsByTagName('feed')->item(0); } $this->feed = $feed; From f21f78364a9cbde2ca535a3983b384707ad097ae Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 16 Mar 2010 11:25:18 -0500 Subject: [PATCH 08/11] Change the workflow to get better discovery Tried to re-structure the workflow of discovery to get more and richer data and hints. --- plugins/OStatus/actions/ostatussub.php | 5 +- plugins/OStatus/classes/Ostatus_profile.php | 235 +++++++++++--------- plugins/OStatus/lib/discovery.php | 78 ++----- plugins/OStatus/lib/discoveryhints.php | 182 +++++++++++++++ plugins/OStatus/lib/feeddiscovery.php | 4 +- plugins/OStatus/lib/linkheader.php | 63 ++++++ 6 files changed, 402 insertions(+), 165 deletions(-) create mode 100644 plugins/OStatus/lib/discoveryhints.php create mode 100644 plugins/OStatus/lib/linkheader.php diff --git a/plugins/OStatus/actions/ostatussub.php b/plugins/OStatus/actions/ostatussub.php index 65dee2392f..07081c2c6f 100644 --- a/plugins/OStatus/actions/ostatussub.php +++ b/plugins/OStatus/actions/ostatussub.php @@ -149,7 +149,7 @@ class OStatusSubAction extends Action $fullname = $entity->fullname; $homepage = $entity->homepage; $location = $entity->location; - + if (!$avatar) { $avatar = Avatar::defaultImage(AVATAR_PROFILE_SIZE); } @@ -242,7 +242,7 @@ class OStatusSubAction extends Action if (Validate::email($this->profile_uri)) { $this->oprofile = Ostatus_profile::ensureWebfinger($this->profile_uri); } else if (Validate::uri($this->profile_uri)) { - $this->oprofile = Ostatus_profile::ensureProfile($this->profile_uri); + $this->oprofile = Ostatus_profile::ensureProfileURL($this->profile_uri); } else { $this->error = _m("Sorry, we could not reach that address. Please make sure that the OStatus address is like nickname@example.com or http://example.net/nickname"); common_debug('Invalid address format.', __FILE__); @@ -339,7 +339,6 @@ class OStatusSubAction extends Action } } - /** * Handle posts to this form * diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index 6ae8e4fd58..73f5d23229 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -708,18 +708,122 @@ class Ostatus_profile extends Memcached_DataObject * @return Ostatus_profile * @throws FeedSubException */ - public static function ensureProfile($profile_uri, $hints=array()) + + public static function ensureProfileURL($profile_url, $hints=array()) { - // Get the canonical feed URI and check it - $discover = new FeedDiscovery(); - if (isset($hints['feedurl'])) { - $feeduri = $hints['feedurl']; - $feeduri = $discover->discoverFromFeedURL($feeduri); - } else { - $feeduri = $discover->discoverFromURL($profile_uri); - $hints['feedurl'] = $feeduri; + $oprofile = self::getFromProfileURL($profile_url); + + if (!empty($oprofile)) { + return $oprofile; } + $hints['profileurl'] = $profile_url; + + // Fetch the URL + // XXX: HTTP caching + + $client = new HTTPClient(); + $client->setHeader('Accept', 'text/html,application/xhtml+xml'); + $response = $client->get($profile_url); + + if (!$response->isOk()) { + return null; + } + + // Check if we have a non-canonical URL + + $finalUrl = $response->getUrl(); + + if ($finalUrl != $profile_url) { + + $hints['profileurl'] = $finalUrl; + + $oprofile = self::getFromProfileURL($finalUrl); + + if (!empty($oprofile)) { + return $oprofile; + } + } + + // Try to get some hCard data + + $body = $response->getBody(); + + $hcardHints = DiscoveryHints::hcardHints($body, $finalUrl); + + if (!empty($hcardHints)) { + $hints = array_merge($hints, $hcardHints); + } + + // Check if they've got an LRDD header + + $lrdd = LinkHeader::getLink($response, 'lrdd', 'application/xrd+xml'); + + if (!empty($lrdd)) { + + $xrd = Discovery::fetchXrd($lrdd); + $xrdHints = DiscoveryHints::fromXRD($xrd); + + $hints = array_merge($hints, $xrdHints); + } + + // If discovery found a feedurl (probably from LRDD), use it. + + if (array_key_exists('feedurl', $hints)) { + return self::ensureFeedURL($hints['feedurl'], $hints); + } + + // Get the feed URL from HTML + + $discover = new FeedDiscovery(); + + $feedurl = $discover->discoverFromHTML($finalUrl, $body); + + if (!empty($feedurl)) { + $hints['feedurl'] = $feedurl; + + return self::ensureFeedURL($feedurl, $hints); + } + } + + static function getFromProfileURL($profile_url) + { + $profile = Profile::staticGet('profileurl', $profile_url); + + if (empty($profile)) { + return null; + } + + // Is it a known Ostatus profile? + + $oprofile = Ostatus_profile::staticGet('profile_id', $profile->id); + + if (!empty($oprofile)) { + return $oprofile; + } + + // Is it a local user? + + $user = User::staticGet('id', $profile->id); + + if (!empty($user)) { + throw new Exception("'$profile_url' is the profile for local user '{$user->nickname}'."); + } + + // Continue discovery; it's a remote profile + // for OMB or some other protocol, may also + // support OStatus + + return null; + } + + public static function ensureFeedURL($feed_url, $hints=array()) + { + $discover = new FeedDiscovery(); + + $feeduri = $discover->discoverFromFeedURL($feed_url); + $hints['feedurl'] = $feeduri; + $huburi = $discover->getAtomLink('hub'); $hints['hub'] = $huburi; $salmonuri = $discover->getAtomLink(Salmon::NS_REPLIES); @@ -1303,7 +1407,7 @@ class Ostatus_profile extends Memcached_DataObject } } - // First, look it up + // Try looking it up $oprofile = Ostatus_profile::staticGet('uri', 'acct:'.$addr); @@ -1317,7 +1421,7 @@ class Ostatus_profile extends Memcached_DataObject $disco = new Discovery(); try { - $result = $disco->lookup($addr); + $xrd = $disco->lookup($addr); } catch (Exception $e) { // Save negative cache entry so we don't waste time looking it up again. // @fixme distinguish temporary failures? @@ -1327,38 +1431,26 @@ class Ostatus_profile extends Memcached_DataObject $hints = array('webfinger' => $addr); - foreach ($result->links as $link) { - switch ($link['rel']) { - case Discovery::PROFILEPAGE: - $hints['profileurl'] = $profileUrl = $link['href']; - break; - case Salmon::NS_REPLIES: - $hints['salmon'] = $salmonEndpoint = $link['href']; - break; - case Discovery::UPDATESFROM: - $hints['feedurl'] = $feedUrl = $link['href']; - break; - case Discovery::HCARD: - $hcardUrl = $link['href']; - break; - default: - common_log(LOG_NOTICE, "Don't know what to do with rel = '{$link['rel']}'"); - break; - } - } + $dhints = DiscoveryHints::fromXRD($xrd); - if (isset($hcardUrl)) { - $hcardHints = self::slurpHcard($hcardUrl); - // Note: Webfinger > hcard - $hints = array_merge($hcardHints, $hints); + $hints = array_merge($hints, $dhints); + + // If there's an Hcard, let's grab its info + + if (array_key_exists('hcard', $hints)) { + if (!array_key_exists('profileurl', $hints) || + $hints['hcard'] != $hints['profileurl']) { + $hcardHints = DiscoveryHints::fromHcardUrl($hints['hcard']); + $hints = array_merge($hcardHints, $hints); + } } // If we got a feed URL, try that - if (isset($feedUrl)) { + if (array_key_exists('feedurl', $hints)) { try { common_log(LOG_INFO, "Discovery on acct:$addr with feed URL $feedUrl"); - $oprofile = self::ensureProfile($feedUrl, $hints); + $oprofile = self::ensureFeedURL($hints['feedurl'], $hints); self::cacheSet(sprintf('ostatus_profile:webfinger:%s', $addr), $oprofile->uri); return $oprofile; } catch (Exception $e) { @@ -1369,10 +1461,10 @@ class Ostatus_profile extends Memcached_DataObject // If we got a profile page, try that! - if (isset($profileUrl)) { + if (array_key_exists('profileurl', $hints)) { try { common_log(LOG_INFO, "Discovery on acct:$addr with profile URL $profileUrl"); - $oprofile = self::ensureProfile($profileUrl, $hints); + $oprofile = self::ensureProfile($hints['profileurl'], $hints); self::cacheSet(sprintf('ostatus_profile:webfinger:%s', $addr), $oprofile->uri); return $oprofile; } catch (Exception $e) { @@ -1384,7 +1476,9 @@ class Ostatus_profile extends Memcached_DataObject // XXX: try hcard // XXX: try FOAF - if (isset($salmonEndpoint)) { + if (array_key_exists('salmon', $hints)) { + + $salmonEndpoint = $hints['salmon']; // An account URL, a salmon endpoint, and a dream? Not much to go // on, but let's give it a try @@ -1464,67 +1558,4 @@ class Ostatus_profile extends Memcached_DataObject return $file; } - - protected static function slurpHcard($url) - { - set_include_path(get_include_path() . PATH_SEPARATOR . INSTALLDIR . '/plugins/OStatus/extlib/hkit/'); - require_once('hkit.class.php'); - - $h = new hKit; - - // Google Buzz hcards need to be tidied. Probably others too. - - $h->tidy_mode = 'proxy'; // 'proxy', 'exec', 'php' or 'none' - - // Get by URL - $hcards = $h->getByURL('hcard', $url); - - if (empty($hcards)) { - return array(); - } - - // @fixme more intelligent guess on multi-hcard pages - $hcard = $hcards[0]; - - $hints = array(); - - $hints['profileurl'] = $url; - - if (array_key_exists('nickname', $hcard)) { - $hints['nickname'] = $hcard['nickname']; - } - - if (array_key_exists('fn', $hcard)) { - $hints['fullname'] = $hcard['fn']; - } else if (array_key_exists('n', $hcard)) { - $hints['fullname'] = implode(' ', $hcard['n']); - } - - if (array_key_exists('photo', $hcard)) { - $hints['avatar'] = $hcard['photo']; - } - - if (array_key_exists('note', $hcard)) { - $hints['bio'] = $hcard['note']; - } - - if (array_key_exists('adr', $hcard)) { - if (is_string($hcard['adr'])) { - $hints['location'] = $hcard['adr']; - } else if (is_array($hcard['adr'])) { - $hints['location'] = implode(' ', $hcard['adr']); - } - } - - if (array_key_exists('url', $hcard)) { - if (is_string($hcard['url'])) { - $hints['homepage'] = $hcard['url']; - } else if (is_array($hcard['url'])) { - // HACK get the last one; that's how our hcards look - $hints['homepage'] = $hcard['url'][count($hcard['url'])-1]; - } - } - - return $hints; - } } diff --git a/plugins/OStatus/lib/discovery.php b/plugins/OStatus/lib/discovery.php index f8449b309e..6d245677ad 100644 --- a/plugins/OStatus/lib/discovery.php +++ b/plugins/OStatus/lib/discovery.php @@ -40,7 +40,7 @@ class Discovery const PROFILEPAGE = 'http://webfinger.net/rel/profile-page'; const UPDATESFROM = 'http://schemas.google.com/g/2010#updates-from'; const HCARD = 'http://microformats.org/profile/hcard'; - + public $methods = array(); public function __construct() @@ -50,12 +50,11 @@ class Discovery $this->registerMethod('Discovery_LRDD_Link_HTML'); } - public function registerMethod($class) { $this->methods[] = $class; } - + /** * Given a "user id" make sure it's normalized to either a webfinger * acct: uri or a profile HTTP URL. @@ -78,7 +77,7 @@ class Discovery public static function isWebfinger($user_id) { $uri = Discovery::normalize($user_id); - + return (substr($uri, 0, 5) == 'acct:'); } @@ -99,7 +98,7 @@ class Discovery } else { $xrd_uri = $link['href']; } - + $xrd = $this->fetchXrd($xrd_uri); if ($xrd) { return $xrd; @@ -114,14 +113,13 @@ class Discovery if (!is_array($links)) { return false; } - + foreach ($links as $link) { if ($link['rel'] == $service) { return $link; } } } - public static function applyTemplate($template, $id) { @@ -130,7 +128,6 @@ class Discovery return $template; } - public static function fetchXrd($url) { try { @@ -171,7 +168,7 @@ class Discovery_LRDD_Host_Meta implements Discovery_LRDD if ($xrd->host != $domain) { return false; } - + return $xrd->links; } } @@ -187,7 +184,7 @@ class Discovery_LRDD_Link_Header implements Discovery_LRDD } catch (HTTP_Request2_Exception $e) { return false; } - + if ($response->getStatus() != 200) { return false; } @@ -196,51 +193,17 @@ class Discovery_LRDD_Link_Header implements Discovery_LRDD if (!$link_header) { // return false; } - + return Discovery_LRDD_Link_Header::parseHeader($link_header); } protected static function parseHeader($header) { - preg_match('/^<[^>]+>/', $header, $uri_reference); - //if (empty($uri_reference)) return; + $lh = new LinkHeader($header); - $links = array(); - - $link_uri = trim($uri_reference[0], '<>'); - $link_rel = array(); - $link_type = null; - - // remove uri-reference from header - $header = substr($header, strlen($uri_reference[0])); - - // parse link-params - $params = explode(';', $header); - - foreach ($params as $param) { - if (empty($param)) continue; - list($param_name, $param_value) = explode('=', $param, 2); - $param_name = trim($param_name); - $param_value = preg_replace('(^"|"$)', '', trim($param_value)); - - // for now we only care about 'rel' and 'type' link params - // TODO do something with the other links-params - switch ($param_name) { - case 'rel': - $link_rel = trim($param_value); - break; - - case 'type': - $link_type = trim($param_value); - } - } - - $links[] = array( - 'href' => $link_uri, - 'rel' => $link_rel, - 'type' => $link_type); - - return $links; + return array('href' => $lh->href, + 'rel' => $lh->rel, + 'type' => $lh->type); } } @@ -262,49 +225,48 @@ class Discovery_LRDD_Link_HTML implements Discovery_LRDD return Discovery_LRDD_Link_HTML::parse($response->getBody()); } - public function parse($html) { $links = array(); - + preg_match('/]*)?>(.*?)<\/head>/is', $html, $head_matches); $head_html = $head_matches[2]; - + preg_match_all('/]*>/i', $head_html, $link_matches); - + foreach ($link_matches[0] as $link_html) { $link_url = null; $link_rel = null; $link_type = null; - + preg_match('/\srel=(("|\')([^\\2]*?)\\2|[^"\'\s]+)/i', $link_html, $rel_matches); if ( isset($rel_matches[3]) ) { $link_rel = $rel_matches[3]; } else if ( isset($rel_matches[1]) ) { $link_rel = $rel_matches[1]; } - + preg_match('/\shref=(("|\')([^\\2]*?)\\2|[^"\'\s]+)/i', $link_html, $href_matches); if ( isset($href_matches[3]) ) { $link_uri = $href_matches[3]; } else if ( isset($href_matches[1]) ) { $link_uri = $href_matches[1]; } - + preg_match('/\stype=(("|\')([^\\2]*?)\\2|[^"\'\s]+)/i', $link_html, $type_matches); if ( isset($type_matches[3]) ) { $link_type = $type_matches[3]; } else if ( isset($type_matches[1]) ) { $link_type = $type_matches[1]; } - + $links[] = array( 'href' => $link_url, 'rel' => $link_rel, 'type' => $link_type, ); } - + return $links; } } diff --git a/plugins/OStatus/lib/discoveryhints.php b/plugins/OStatus/lib/discoveryhints.php new file mode 100644 index 0000000000..db13793dde --- /dev/null +++ b/plugins/OStatus/lib/discoveryhints.php @@ -0,0 +1,182 @@ +. + */ + +class DiscoveryHints { + + static function fromXRD($xrd) + { + $hints = array(); + + foreach ($xrd->links as $link) { + switch ($link['rel']) { + case Discovery::PROFILEPAGE: + $hints['profileurl'] = $link['href']; + break; + case Salmon::NS_REPLIES: + $hints['salmon'] = $link['href']; + break; + case Discovery::UPDATESFROM: + $hints['feedurl'] = $link['href']; + break; + case Discovery::HCARD: + $hints['hcardurl'] = $link['href']; + break; + default: + break; + } + } + + return $hints; + } + + static function fromHcardUrl($url) + { + $client = new HTTPClient(); + $client->setHeader('Accept', 'text/html,application/xhtml+xml'); + $response = $client->get($url); + + if (!$response->isOk()) { + return null; + } + + return self::hcardHints($response->getBody(), + $response->getUrl()); + } + + static function hcardHints($body, $url) + { + common_debug("starting tidy"); + + $body = self::_tidy($body); + + common_debug("done with tidy"); + + set_include_path(get_include_path() . PATH_SEPARATOR . INSTALLDIR . '/plugins/OStatus/extlib/hkit/'); + require_once('hkit.class.php'); + + $h = new hKit; + + $hcards = $h->getByString('hcard', $body); + + if (empty($hcards)) { + return array(); + } + + if (count($hcards) == 1) { + $hcard = $hcards[0]; + } else { + foreach ($hcards as $try) { + if (array_key_exists('url', $try)) { + if (is_string($try['url']) && $try['url'] == $url) { + $hcard = $try; + break; + } else if (is_array($try['url'])) { + foreach ($try['url'] as $tryurl) { + if ($tryurl == $url) { + $hcard = $try; + break 2; + } + } + } + } + } + // last chance; grab the first one + if (empty($hcard)) { + $hcard = $hcards[0]; + } + } + + $hints = array(); + + if (array_key_exists('nickname', $hcard)) { + $hints['nickname'] = $hcard['nickname']; + } + + if (array_key_exists('fn', $hcard)) { + $hints['fullname'] = $hcard['fn']; + } else if (array_key_exists('n', $hcard)) { + $hints['fullname'] = implode(' ', $hcard['n']); + } + + if (array_key_exists('photo', $hcard)) { + $hints['avatar'] = $hcard['photo']; + } + + if (array_key_exists('note', $hcard)) { + $hints['bio'] = $hcard['note']; + } + + if (array_key_exists('adr', $hcard)) { + if (is_string($hcard['adr'])) { + $hints['location'] = $hcard['adr']; + } else if (is_array($hcard['adr'])) { + $hints['location'] = implode(' ', $hcard['adr']); + } + } + + if (array_key_exists('url', $hcard)) { + if (is_string($hcard['url'])) { + $hints['homepage'] = $hcard['url']; + } else if (is_array($hcard['url'])) { + // HACK get the last one; that's how our hcards look + $hints['homepage'] = $hcard['url'][count($hcard['url'])-1]; + } + } + + return $hints; + } + + private static function _tidy($body) + { + if (function_exists('tidy_parse_string')) { + common_debug("Tidying with extension"); + $text = tidy_parse_string($body); + $text = tidy_clean_repair($text); + return $body; + } else if ($fullpath = self::_findProgram('tidy')) { + common_debug("Tidying with program $fullpath"); + $tempfile = tempnam('/tmp', 'snht'); // statusnet hcard tidy + file_put_contents($tempfile, $source); + exec("$fullpath -utf8 -indent -asxhtml -numeric -bare -quiet $tempfile", $tidy); + unlink($tempfile); + return implode("\n", $tidy); + } else { + common_debug("Not tidying."); + return $body; + } + } + + private static function _findProgram($name) + { + $path = $_ENV['PATH']; + + $parts = explode(':', $path); + + foreach ($parts as $part) { + $fullpath = $part . '/' . $name; + if (is_executable($fullpath)) { + return $fullpath; + } + } + + return null; + } +} diff --git a/plugins/OStatus/lib/feeddiscovery.php b/plugins/OStatus/lib/feeddiscovery.php index ff76b229e7..f9ea3e7137 100644 --- a/plugins/OStatus/lib/feeddiscovery.php +++ b/plugins/OStatus/lib/feeddiscovery.php @@ -117,7 +117,7 @@ class FeedDiscovery return $this->discoverFromURL($target, false); } } - + return $this->initFromResponse($response); } @@ -202,7 +202,7 @@ class FeedDiscovery 'application/atom+xml' => false, 'application/rss+xml' => false, ); - + $nodes = $dom->getElementsByTagName('link'); for ($i = 0; $i < $nodes->length; $i++) { $node = $nodes->item($i); diff --git a/plugins/OStatus/lib/linkheader.php b/plugins/OStatus/lib/linkheader.php new file mode 100644 index 0000000000..2f6c66dc97 --- /dev/null +++ b/plugins/OStatus/lib/linkheader.php @@ -0,0 +1,63 @@ +]+>/', $str, $uri_reference); + //if (empty($uri_reference)) return; + + $this->uri = trim($uri_reference[0], '<>'); + $this->rel = array(); + $this->type = null; + + // remove uri-reference from header + $str = substr($str, strlen($uri_reference[0])); + + // parse link-params + $params = explode(';', $str); + + foreach ($params as $param) { + if (empty($param)) continue; + list($param_name, $param_value) = explode('=', $param, 2); + $param_name = trim($param_name); + $param_value = preg_replace('(^"|"$)', '', trim($param_value)); + + // for now we only care about 'rel' and 'type' link params + // TODO do something with the other links-params + switch ($param_name) { + case 'rel': + $this->rel = trim($param_value); + break; + + case 'type': + $this->type = trim($param_value); + } + } + } + + static function getLink($response, $rel=null, $type=null) + { + $headers = $response->getHeader('Link'); + + // Can get an array or string, so try to simplify the path + if (!is_array($headers)) { + $headers = array($headers); + } + + foreach ($headers as $header) { + $lh = new LinkHeader($header); + + if ((is_null($rel) || $lh->rel == $rel) && + (is_null($type) || $lh->type == $type)) { + return $lh->href; + } + } + + return null; + } +} \ No newline at end of file From f62b8a80cf33ac8529d0736c51dc060a9d235369 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 16 Mar 2010 16:23:19 -0700 Subject: [PATCH 09/11] Pull back for now on switch of PEAR error mode to exceptions; seems to trigger out exceptions at various times we don't want them. For instance this was throwing an exception for DB_DataObject::staticGet when there's no match... definitely not what we want when all our code expects to get a nice null. Example of this causing trouble: http://gitorious.org/statusnet/mainline/merge_requests/131 Revert "Don't attempt to retrieve the current user from the DB while processing a DB error" This reverts commit 68347691b0c7fb3f81415abd7fcdc5aec85cc554. Revert "Use PHP exceptions for PEAR error handling." This reverts commit d8212977ce7f911d4f9bd6e55f94aea059a86782. --- index.php | 107 ++++++++++++++++++++++--------------------------- lib/common.php | 12 ------ 2 files changed, 48 insertions(+), 71 deletions(-) diff --git a/index.php b/index.php index 65f251bcce..36ba3a0d21 100644 --- a/index.php +++ b/index.php @@ -37,6 +37,8 @@ define('INSTALLDIR', dirname(__FILE__)); define('STATUSNET', true); define('LACONICA', true); // compatibility +require_once INSTALLDIR . '/lib/common.php'; + $user = null; $action = null; @@ -66,69 +68,52 @@ function getPath($req) */ function handleError($error) { - try { - - if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) { - return; - } - - $logmsg = "PEAR error: " . $error->getMessage(); - if ($error instanceof PEAR_Exception && common_config('site', 'logdebug')) { - $logmsg .= " : ". $error->toText(); - } - // DB queries often end up with a lot of newlines; merge to a single line - // for easier grepability... - $logmsg = str_replace("\n", " ", $logmsg); - common_log(LOG_ERR, $logmsg); - - // @fixme backtrace output should be consistent with exception handling - if (common_config('site', 'logdebug')) { - $bt = $error->getTrace(); - foreach ($bt as $n => $line) { - common_log(LOG_ERR, formatBacktraceLine($n, $line)); - } - } - if ($error instanceof DB_DataObject_Error - || $error instanceof DB_Error - || ($error instanceof PEAR_Exception && $error->getCode() == -24) - ) { - //If we run into a DB error, assume we can't connect to the DB at all - //so set the current user to null, so we don't try to access the DB - //while rendering the error page. - global $_cur; - $_cur = null; - - $msg = sprintf( - _( - 'The database for %s isn\'t responding correctly, '. - 'so the site won\'t work properly. '. - 'The site admins probably know about the problem, '. - 'but you can contact them at %s to make sure. '. - 'Otherwise, wait a few minutes and try again.' - ), - common_config('site', 'name'), - common_config('site', 'email') - ); - } else { - $msg = _( - 'An important error occured, probably related to email setup. '. - 'Check logfiles for more info..' - ); - } - - $dac = new DBErrorAction($msg, 500); - $dac->showPage(); - - } catch (Exception $e) { - echo _('An error occurred.'); + if ($error->getCode() == DB_DATAOBJECT_ERROR_NODATA) { + return; } + + $logmsg = "PEAR error: " . $error->getMessage(); + if (common_config('site', 'logdebug')) { + $logmsg .= " : ". $error->getDebugInfo(); + } + // DB queries often end up with a lot of newlines; merge to a single line + // for easier grepability... + $logmsg = str_replace("\n", " ", $logmsg); + common_log(LOG_ERR, $logmsg); + + // @fixme backtrace output should be consistent with exception handling + if (common_config('site', 'logdebug')) { + $bt = $error->getBacktrace(); + foreach ($bt as $n => $line) { + common_log(LOG_ERR, formatBacktraceLine($n, $line)); + } + } + if ($error instanceof DB_DataObject_Error + || $error instanceof DB_Error + ) { + $msg = sprintf( + _( + 'The database for %s isn\'t responding correctly, '. + 'so the site won\'t work properly. '. + 'The site admins probably know about the problem, '. + 'but you can contact them at %s to make sure. '. + 'Otherwise, wait a few minutes and try again.' + ), + common_config('site', 'name'), + common_config('site', 'email') + ); + } else { + $msg = _( + 'An important error occured, probably related to email setup. '. + 'Check logfiles for more info..' + ); + } + + $dac = new DBErrorAction($msg, 500); + $dac->showPage(); exit(-1); } -set_exception_handler('handleError'); - -require_once INSTALLDIR . '/lib/common.php'; - /** * Format a backtrace line for debug output roughly like debug_print_backtrace() does. * Exceptions already have this built in, but PEAR error objects just give us the array. @@ -253,6 +238,10 @@ function main() return; } + // For database errors + + PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'handleError'); + // Make sure RW database is setup setupRW(); diff --git a/lib/common.php b/lib/common.php index 047dc5a7bc..5d53270e30 100644 --- a/lib/common.php +++ b/lib/common.php @@ -71,7 +71,6 @@ if (!function_exists('dl')) { # global configuration object require_once('PEAR.php'); -require_once('PEAR/Exception.php'); require_once('DB/DataObject.php'); require_once('DB/DataObject/Cast.php'); # for dates @@ -129,17 +128,6 @@ require_once INSTALLDIR.'/lib/activity.php'; require_once INSTALLDIR.'/lib/clientexception.php'; require_once INSTALLDIR.'/lib/serverexception.php'; - -//set PEAR error handling to use regular PHP exceptions -function PEAR_ErrorToPEAR_Exception($err) -{ - if ($err->getCode()) { - throw new PEAR_Exception($err->getMessage(), $err->getCode()); - } - throw new PEAR_Exception($err->getMessage()); -} -PEAR::setErrorHandling(PEAR_ERROR_CALLBACK, 'PEAR_ErrorToPEAR_Exception'); - try { StatusNet::init(@$server, @$path, @$conffile); } catch (NoConfigException $e) { From 22f827134c3be845494bebd76bda9e4a074e710b Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Wed, 17 Mar 2010 10:52:11 -0700 Subject: [PATCH 10/11] Workaround for HTTP authentication in the API when running PHP as CGI/FastCGI. Example rewrite lines added as comments in htaccess.sample, API tweaked to accept alternate environment var form. --- htaccess.sample | 5 +++++ lib/apiauth.php | 14 +++++++++----- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/htaccess.sample b/htaccess.sample index 37eb8e01ec..18a868698c 100644 --- a/htaccess.sample +++ b/htaccess.sample @@ -5,6 +5,11 @@ RewriteBase /mublog/ + ## Uncomment these if having trouble with API authentication + ## when PHP is running in CGI or FastCGI mode. + #RewriteCond %{HTTP:Authorization} ^(.*) + #RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1] + RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule (.*) index.php?p=$1 [L,QSA] diff --git a/lib/apiauth.php b/lib/apiauth.php index 32502399f9..17f803a1ca 100644 --- a/lib/apiauth.php +++ b/lib/apiauth.php @@ -294,11 +294,15 @@ class ApiAuthAction extends ApiAction function basicAuthProcessHeader() { - if (isset($_SERVER['AUTHORIZATION']) - || isset($_SERVER['HTTP_AUTHORIZATION']) - ) { - $authorization_header = isset($_SERVER['HTTP_AUTHORIZATION']) - ? $_SERVER['HTTP_AUTHORIZATION'] : $_SERVER['AUTHORIZATION']; + $authHeaders = array('AUTHORIZATION', + 'HTTP_AUTHORIZATION', + 'REDIRECT_HTTP_AUTHORIZATION'); // rewrite for CGI + $authorization_header = null; + foreach ($authHeaders as $header) { + if (isset($_SERVER[$header])) { + $authorization_header = $_SERVER[$header]; + break; + } } if (isset($_SERVER['PHP_AUTH_USER'])) { From dacd0f3e6df020eda81d60139ac88437fed3352e Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Wed, 17 Mar 2010 12:14:19 -0700 Subject: [PATCH 11/11] Fix to regression for auto-subscribe - was backwards. --- classes/Subscription.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/classes/Subscription.php b/classes/Subscription.php index 9cef2df1ad..5ac95f9222 100644 --- a/classes/Subscription.php +++ b/classes/Subscription.php @@ -105,8 +105,8 @@ class Subscription extends Memcached_DataObject $auto = new Subscription(); - $auto->subscriber = $subscriber->id; - $auto->subscribed = $other->id; + $auto->subscriber = $other->id; + $auto->subscribed = $subscriber->id; $auto->created = common_sql_now(); $result = $auto->insert();