Commit Graph

1287 Commits

Author SHA1 Message Date
Brion Vibber
826a695077 Ticket #2797: replace addslashes() with explicit escape calls on the DB objects 2010-11-19 15:06:26 -08:00
Brion Vibber
407663fb40 Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x 2010-11-19 12:44:43 -08:00
Brion Vibber
4b01dd8b2e Ticket #2441: fix deletion of avatars when a profile is deleted.
Code was doing a batch call to $avatar->delete() which fails to properly engage the file deletion code. Calling the existing profile->delete_avatars() function deletes them individually, which makes it all work nice again.
2010-11-19 12:40:18 -08:00
Brion Vibber
197b56778a Add $config['attachments']['process_links'] to allow disabling processing of mentioned URL links for attachment info (oEmbed lookups) and dereferencing of redirects that we didn't have shortened ourselves.
This option may be useful for intranet sites that don't have direct access to the internet, as they may be unable to successfully fetch those resources.
2010-11-17 13:03:59 -08:00
Brion Vibber
e4eb3b3dfd Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x 2010-11-15 17:36:48 -08:00
Brion Vibber
0d0e51292d some User -> Profile cleanup to help in adapting the profile page action to show stuff for remote users. Subscriptions, groups, roles, etc are all on profiles now so go ahead and use em. 2010-11-15 15:32:57 -08:00
Brion Vibber
5c00848b74 Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-11-15 12:38:53 -08:00
Brion Vibber
1c90d09ec8 Workaround for yfrog.com photo attachments: fudge File_redirection::lookupWhere()'s HTTP handling -- when we get a 204 on a HEAD, double-check it by re-running as a GET. yfrog.com returns a 204 incorrectly for this case. 2010-11-15 11:01:00 -08:00
Brion Vibber
e1ffbfed04 doc comments on File::processNew 2010-11-15 11:00:42 -08:00
Evan Prodromou
8a21b13ee9 Merge remote branch 'gitorious/0.9.x' into 0.9.x 2010-11-15 11:57:31 -05:00
Evan Prodromou
c1cee3b27f Merge branch 'atompub' into 0.9.x
Conflicts:
	actions/apistatusesshow.php
	actions/apitimelineuser.php
2010-11-15 11:57:19 -05:00
Brion Vibber
4f323efdf7 Encapsulate the oEmbed -> oohembed fallback into oEmbedHelper class. Also added a chance to whitelist sites that don't show discovery info but do have oEmbed API endpoints, and to provide alternate APIs for some common services.
Newly supported:
- TwitPic: added a local function using TwitPic's API, since the oohembed implementation for TwitPic produced invalid output which Services_oEmbed rejects. (bug filed upstream)

Tweaked...
- Flickr: works, now using whitelist to use their endpoint directly instead of going through oohembed
- Youtube: worked around a bug in Services_oEmbed which broke the direct use of API discovery info, so we don't have to use oohembed.

Not currently working...
- YFrog: whitelisting their endpoint directly as the oohembed output is broken, but this doesn't appear to work currently as I think things are confused by YFrog's servers giving a '204 No Content' response on our HEAD checks on the original link.
2010-11-12 17:41:35 -08:00
Brion Vibber
2c4313467f Save oEmbed photo references as thumbnails if there's not a separate thumbnail_url entry in the return data. This fixes thumb saving for Flickr photo references. 2010-11-12 14:03:08 -08:00
Brion Vibber
dbb95b76a4 Allow YouTube-style media links to be counted as enclosures for purposes of listing attachments/thumbs 2010-11-09 12:04:07 -08:00
Brion Vibber
694448e0aa Add attachments 'thumb_width' and 'thumb_height' settings for inline thumbs, defaulting to 100x75.
This is used as the max thumb width/height for oEmbed requests (replacing the old default of 500x400 which was more suitable for the lightbox).
2010-11-08 17:36:02 -08:00
Brion Vibber
6d7f02ff31 Pass file attachment thumbnails along with oEmbed data. 2010-11-08 17:22:01 -08:00
Brion Vibber
c36fecb794 Save a thumbnail image when uploading an image file into the file attachments system. Currently hardcoded to 100x75, needs aspect-sensitivity etc. 2010-11-08 17:20:04 -08:00
Brion Vibber
a2994e3aa2 Testing... using photo info for temp thumbnails 2010-11-08 15:50:06 -08:00
Brion Vibber
883f7a6c0b Avoid marking files as attachments that are not locally uploaded, unless they're really oembedable. HTML-y things now excluded properly. 2010-11-08 13:27:54 -08:00
Siebrand Mazeland
6aeba0cb7c i18n/L10n updates. 2010-11-04 18:33:39 +01:00
Brion Vibber
4f63e3be7d Fix for ticket #2804: bad non-cache fallback code for dupe checks of prolific posters
The old code attempted to compare the value of the notice.created field against now() directly, which tends to explode in our current systems. now() comes up as the server/connection local timezone generally, while the created field is currently set as hardcoded UTC from the web servers. This would lead to breakage when we got a difference in seconds that's several hours off in either direction (depending on the local timezone). New code calculates a threshold by subtracting the number of seconds from the current UNIX timestamp and passing that in in correct format for a simple comparison. As a bonus, this should also be more efficient, as it should be able to follow the index on profile_id and created.
2010-11-03 17:25:29 -07:00
Brion Vibber
2692b5fc84 Fix for ticket #2853: fix for some unknown MIME type error cases by adjusting the PEAR error handling temporarily around MIME_Type_Extension usage. 2010-11-03 17:05:26 -07:00
Brion Vibber
b0d7900530 Add getFancyName() to User_group to match the one on Profile: encapsulates the "fullname (nickname)" vs "nickname" logic and allows for localization of the parentheses in a common place. 2010-11-03 12:53:51 -07:00
Siebrand Mazeland
a65362f7fa Add context for different uses of "%1$s (%2$s)" 2010-11-02 23:08:59 +01:00
Brion Vibber
426cda5e1f Alternate pretty-title tweaks for #2668 2010-11-02 13:42:44 -07:00
Evan Prodromou
b5206fe6ca fall back to siteowner on bad nickname (Bug#2861) 2010-10-28 10:46:57 -04:00
Evan Prodromou
b60b9b4fa2 Merge branch '0.9.x' into atompub 2010-10-25 11:18:56 -04:00
Evan Prodromou
aef88c7cee max_id is inclusive 2010-10-25 11:18:49 -04:00
Evan Prodromou
75fcf1e081 Merge branch '0.9.x' into atompub 2010-10-25 11:09:11 -04:00
Evan Prodromou
968f9b0513 change max_id from < to <= 2010-10-25 11:08:53 -04:00
Evan Prodromou
e51ed96b89 add rel=self links to atom entries 2010-10-25 09:48:01 -04:00
Evan Prodromou
698818bd7e show rel=edit links in notices for authenticated users 2010-10-24 23:05:33 -04:00
Siebrand Mazeland
0b6cc7c33d * translator documentation added.
* superfluous whitespace removed.
2010-10-23 19:20:51 +02:00
Evan Prodromou
1d85bfece1 New events when granting and revoking roles
Four new events for when roles are granted or revoked.
2010-10-22 10:31:50 -04:00
James Walker
8ac8f3d2dc Memcache::set() 3rd param should be flags (4th is expire). This throws a "2 lowest bytes reserved" error in Memcache > 3.0.3 2010-10-21 12:20:14 -04:00
Siebrand Mazeland
fb12094f61 i18n/L10n updates, translator docs updated, superfluous whitespace removed. 2010-10-21 03:10:46 +02:00
Zach Copley
bfdb8385ec Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	actions/apioauthauthorize.php
	lib/apioauthstore.php
2010-10-20 17:28:28 -07:00
Zach Copley
e56385a7bb Use a new table (oauth_token_association) to associate authorized
request tokins with OAuth client applications and profiles.
2010-10-20 17:21:04 -07:00
Siebrand Mazeland
28ec9d6463 * translator documentation added.
* moved some translator comments that were not directly above the line with the message to the correct location.
* i18n for UI text.
* superfluous whitespace removed.
2010-10-21 01:12:56 +02:00
Brion Vibber
8004e2809d Fix for ticket #2845: singleuser nickname configuration was being overridden by site owner in router setup.
I've consolidated the checks for which user to use for single-user mode into User::singleUser(), which now uses the configured nickname by preference, falling back to the site owner if it's unset.
This is now called consistently from the places that needed to use the primary user's nickname in routing setup.

Setting $config['singleuser']['nickname'] should now work again as expected.
2010-10-20 14:34:25 -07:00
Zach Copley
3d6a0f730d Revert DB change for OAuth. Change compound key for oauth_application_user
back to (profile_id, application_id). I think we can get away without
a DB change by only issuing one anonymous access token per user.
2010-10-20 11:41:04 -07:00
Zach Copley
e8b6d7c946 Add support for an anonymous OAuth consumer. Note: this requires a
small DB tweak.  Oauth_application_user needs to have the primary
compound key: (profile_id, application_id, token).

http://status.net/open-source/issues/2761

This should also make it possible to have multiple access tokens
per application.

http://status.net/open-source/issues/2788
2010-10-19 20:54:53 -07:00
Evan Prodromou
b31c49c5d4 Make HTTPS urls in File::url() if necessary 2010-10-14 14:22:17 -04:00
Evan Prodromou
97a7fb246c correctly use sslserver if it is set 2010-10-14 01:35:11 -04:00
Evan Prodromou
aafd95dc0c Design::url() will use HTTPS if page is HTTPS 2010-10-14 01:18:19 -04:00
Evan Prodromou
76038fe20c better deletion of related objects in User_group::delete() 2010-10-13 22:44:06 -04:00
Brion Vibber
112b6c4079 Improve cache-friendliness of user_group->delete().
Doesn't clear all possible cached entries, but this should get the ones that matter most: lookups by id, nickname, and alias. This should ensure that if a group name gets reused as a new group or alias, it should work properly.
There are some user-visible areas that aren't clear such as the 'top groups' lists on the GroupsAction sidebar; if a deleted group appears in those lists it'll go away within an hour when the cached query expires.
2010-10-12 16:29:13 -07:00
Brion Vibber
3579ccac8e Cascading deletion for user_group; doesn't yet work properly with caching. 2010-10-12 16:13:07 -07:00
Brion Vibber
f4f16af8ac Add a basic group deletion for moderator users. 2010-10-12 15:49:20 -07:00
Brion Vibber
1cd60579f5 Ticket #2811 use more consistent max limit for OAuth application registration descriptions; now using the field max of 255 rather than $config['site']['textlimit'] as fallback if $config['application']['desclimit'] is unset or out of bounds. 2010-10-11 12:52:32 -07:00