From 0ef422593ba351d363c584ad781ff92548bc6e9b Mon Sep 17 00:00:00 2001
From: Brion Vibber <brion@pobox.com>
Date: Thu, 2 Sep 2010 15:39:22 -0700
Subject: [PATCH 1/3] Don't explode if we fail to load a listed attachment id
 in Notice::attachments()

---
 classes/Notice.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/classes/Notice.php b/classes/Notice.php
index 0eeebfadf3..b991ecbd38 100644
--- a/classes/Notice.php
+++ b/classes/Notice.php
@@ -578,7 +578,9 @@ class Notice extends Memcached_DataObject
         if ($f2p->find()) {
             while ($f2p->fetch()) {
                 $f = File::staticGet($f2p->file_id);
-                $att[] = clone($f);
+                if ($f) {
+                    $att[] = clone($f);
+                }
             }
         }
         return $att;

From 6786bbcfbfb445b190fd03e602ee0b1a85abb2af Mon Sep 17 00:00:00 2001
From: Brion Vibber <brion@pobox.com>
Date: Fri, 3 Sep 2010 12:34:05 -0700
Subject: [PATCH 2/3] Drop RSSCloud queue items if the notice has a bogus
 profile, rather than attempting to rerun it due to the initial erroring-out.
 That's not a recoverable error

---
 plugins/RSSCloud/RSSCloudQueueHandler.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/plugins/RSSCloud/RSSCloudQueueHandler.php b/plugins/RSSCloud/RSSCloudQueueHandler.php
index 295c261895..ef11eda2e7 100644
--- a/plugins/RSSCloud/RSSCloudQueueHandler.php
+++ b/plugins/RSSCloud/RSSCloudQueueHandler.php
@@ -28,7 +28,12 @@ class RSSCloudQueueHandler extends QueueHandler
 
     function handle($notice)
     {
-        $profile = $notice->getProfile();
+        try {
+            $profile = $notice->getProfile();
+        } catch (Exception $e) {
+            common_log(LOG_ERR, "Dropping RSSCloud item for notice with bogus profile: " . $e->getMessage());
+            return true;
+        }
         $notifier = new RSSCloudNotifier();
         return $notifier->notify($profile);
     }

From d470c007fc18c9112804155e495ff295cd60ef88 Mon Sep 17 00:00:00 2001
From: Brion Vibber <brion@status.net>
Date: Tue, 7 Sep 2010 16:15:32 -0700
Subject: [PATCH 3/3] Quick fix for #2659: unable to login with Livejournal
 OpenID

The Net::OpenID::Server perl module that LJ uses appears to be very picky about input, and rejects most request types unless the data comes in as GET parameters (apparently following OpenID 1.1 rules, rather than OpenID 2.0 rules which permit any request to be POSTed but requires that if so, the data must all be in the POST body).
Apparently something got updated on LJ at some point that's either added that behavior or (more likely) added the OpenID 2.0 namespace info to discovery, which tells the Janrain-based OpenID libraries that they should go ahead and do POST requests instead of redirects to GET requests... thus breaking everything. ;)

GET should be just fine for both 1.1 and 2.0 though, and also saves having to sit through that lame autosubmit page.

Switched the authentication submission from checking whether it should redirect to GET or do a form POST, to simply always doing the redirect to GET.

Tested against providers:
* LiveJournal
* Google
* LaunchPad
* identi.ca
---
 plugins/OpenID/openid.php | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/plugins/OpenID/openid.php b/plugins/OpenID/openid.php
index 4ce350f773..1b93163e5f 100644
--- a/plugins/OpenID/openid.php
+++ b/plugins/OpenID/openid.php
@@ -182,7 +182,19 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
     $trust_root = common_root_url(true);
     $process_url = common_local_url($returnto);
 
-    if ($auth_request->shouldSendRedirect()) {
+    // Net::OpenID::Server as used on LiveJournal appears to incorrectly
+    // reject POST requests for data submissions that OpenID 1.1 specs
+    // as GET, although 2.0 allows them:
+    // https://rt.cpan.org/Public/Bug/Display.html?id=42202
+    //
+    // Our OpenID libraries would have switched in the redirect automatically
+    // if it were detecting 1.1 compatibility mode, however the server is
+    // advertising itself as 2.0-compatible, so we got switched to the POST.
+    //
+    // Since the GET should always work anyway, we'll just take out the
+    // autosubmitter for now.
+    // 
+    //if ($auth_request->shouldSendRedirect()) {
         $redirect_url = $auth_request->redirectURL($trust_root,
                                                    $process_url,
                                                    $immediate);
@@ -194,6 +206,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
         } else {
             common_redirect($redirect_url, 303);
         }
+    /*
     } else {
         // Generate form markup and render it.
         $form_id = 'openid_message';
@@ -219,6 +232,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false)
             $action->handle(array('action' => 'autosubmit'));
         }
     }
+    */
 }
 
 # Half-assed attempt at a module-private function