Commit Graph

5985 Commits

Author SHA1 Message Date
Mikael Nordfeldth
57d57b8d8f Handle reuploads via filehandle better if original is missing 2016-03-05 01:26:34 +01:00
Mikael Nordfeldth
952f68fed5 File upload logging for dummies 2016-03-05 00:59:39 +01:00
hannes
7d4658643d the repeated notice can be from a sandboxed user too 2016-03-04 16:53:57 -05:00
Mikael Nordfeldth
dc1ceca86e Some more Microformats2 data for notices and rendering 2016-03-02 13:29:54 +01:00
Mikael Nordfeldth
6529fdd28d Proper Microformats2 h-entry p-name + u-uid markup 2016-03-02 13:10:02 +01:00
Mikael Nordfeldth
d6598e790c Introduce a ConfigException 2016-03-02 12:33:06 +01:00
Mikael Nordfeldth
9534969c05 Don't set is_local=LOCAL_NONPUBLIC on sandboxed user notices
Let's decide whether they are nonpublic by testing them when the notice
is shown instead.
2016-03-02 12:26:23 +01:00
Mikael Nordfeldth
a3b2118906 Make the public streams ModeratedNoticeStream (hide sandboxed users etc.)
Which streams should be put under ModeratedNoticeStream is probably open
to debate. But at least the public ones should hide the posts from users
that are sandboxed.
2016-03-02 11:50:50 +01:00
Mikael Nordfeldth
b4271a3533 Stricted typing + protected on FilteringNoticeStream->filter 2016-03-02 11:40:43 +01:00
Mikael Nordfeldth
99fbb181c1 Translation changes, use FancyName in email subject 2016-03-01 23:53:36 +01:00
Mikael Nordfeldth
47f408ca7c Strict typing for mail_notify_attn 2016-03-01 23:37:11 +01:00
Mikael Nordfeldth
63c087a255 Consistent behaviour for ScopingNoticeStream $scoped
We don't guess the current profile anymore if the value of the profile === -1

Also sets $this->scoped for all ScopingNoticeStream inheritors, which just
like in an Action can be null if we're not scoped in any way (logged in).
2016-03-01 14:51:47 +01:00
Mikael Nordfeldth
7862b853bf Make javascript XHR timeout a variable.
SN.V.xhrTimeout = [time in milliseconds];
2016-03-01 13:10:18 +01:00
Mikael Nordfeldth
6c43e9c2e0 Verify loaded config function, must be completed further. 2016-02-28 13:31:21 +01:00
Mikael Nordfeldth
747c91210f HTMLPurifier cache settings, put stuff in subdir of get_sys_temp_dir() 2016-02-28 13:30:47 +01:00
Mikael Nordfeldth
cd978fa153 Edited the list of allowed rel values 2016-02-28 13:16:52 +01:00
Mikael Nordfeldth
52a3764ae4 Resolve relative URLs (assuming URI.Base==notice URL)
The real way to do this would be to get the xml:base property from
the Atom feed but it's probably not there in any posts we see today.
2016-02-26 14:46:26 +01:00
Mikael Nordfeldth
29662eef5e Mentioning matches (@this too) now. 2016-02-26 00:08:51 +01:00
Mikael Nordfeldth
2669c51265 Allow sgf files if they're recognized in mime search
They are Go game files used on lamatriz.org. Note that my server
doesn't actually recognize these files and can identify the mime type,
but my browser did for some reason.
2016-02-26 00:05:07 +01:00
Mikael Nordfeldth
e6e1705852 Make uploads work properly if we accept _all_ attachment types
Also introduced $config['attachments']['extblacklist'] that can disable
certain file extensions (or rewrite them, for example php => phps)
2016-02-25 22:15:54 +01:00
Mikael Nordfeldth
128a00c4ab Include feeds in Link HTTP headers, for easier discovery 2016-02-24 16:48:44 +01:00
Mikael Nordfeldth
b59dacb806 getAliases for Profile and Notice
Also move fancyurlfix into site-wide $config['fix']['fancyurls']

TODO: getByUri should make use of this directly I guess?
2016-02-23 14:00:59 +01:00
Mikael Nordfeldth
5f7032dfee Verify that authenticated API calls are made from our domain name.
Evil forms on other websites could otherwise potentially be configured
to have action="https://gnusocial.example/api/statuses/update.json" or
whatever. XHR is already blocked with CORS stuff.

Really, why do browsers allow cross domain POSTs at all? Sigh. The web.
2016-02-22 15:19:10 +01:00
Mikael Nordfeldth
ce803f6d06 WebFinger aliases with 'index.php/' 2016-02-21 20:00:07 +01:00
Mikael Nordfeldth
893d117309 throw new, not just throw 2016-02-21 19:01:37 +01:00
Mikael Nordfeldth
23e66bef64 common_fake_local_fancy_url to remove index.php/ from a local URL 2016-02-21 18:48:18 +01:00
Mikael Nordfeldth
afbdcf8938 Don't publish mbox_sha1sum in FOAF by default.
We say the email is private data, so reasonably we shouldn't reveal it
indirectly through a hash sum: http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2016-02-19 00:10:05 +01:00
Mikael Nordfeldth
a838c90951 Only show "public:site" in ToSelector if notice/allowprivate is true 2016-02-18 00:33:16 +01:00
Mikael Nordfeldth
f68d1ade3f Put "Everyone" and "Everyone at [local instance]" at the top of ToSelector 2016-02-18 00:32:09 +01:00
Mikael Nordfeldth
543d968b81 NoAcctUriException->profile not $e directly 2016-02-18 00:13:59 +01:00
Mikael Nordfeldth
a361fdbd77 Sort ToSelector by AcctUri 2016-02-18 00:05:09 +01:00
Mikael Nordfeldth
73dbc5ca1b Use ToSelector choice again. 2016-02-17 23:44:15 +01:00
Mikael Nordfeldth
d2c11925bf To-selector padlock only shown if site config notice/allowprivate is true 2016-02-17 23:06:11 +01:00
Mikael Nordfeldth
5fbb01130a By default, disallow users to set private_stream 2016-02-17 22:58:31 +01:00
Mikael Nordfeldth
d2507a6266 Gotta declare FullNoticeStream as abstract class 2016-02-16 02:24:38 +01:00
Mikael Nordfeldth
46829c6d3c FullNoticeStream selects all verbs. 2016-02-16 02:21:39 +01:00
Mikael Nordfeldth
2d1b70c94d created column was ambigououuuouuus 2016-02-15 09:59:34 +01:00
Mikael Nordfeldth
2301862ae6 We only want POST and SHARE in the inbox/home timeline right? 2016-02-15 09:59:18 +01:00
Mikael Nordfeldth
dcb7ce36d8 Show shares in public timeline
Also, the unselect rule for DELETE was useless anyway since it would
already have been filtered out by not having true.

(the => false stuff are for when you want ALL _except_ that)
2016-02-14 20:53:26 +01:00
Mikael Nordfeldth
e2a090c9cc Use NoticeStream::filterVerbs for filtering in noticestreams 2016-02-14 20:46:13 +01:00
Mikael Nordfeldth
be14e15dac Hide attachments in notices by silenced profiles 2016-02-13 13:17:39 +01:00
Mikael Nordfeldth
e5ad98e601 Silence action can only be used on non-priviliged users 2016-02-12 14:22:25 +01:00
Mikael Nordfeldth
f10625f8bc file and avatar dirs on instances with no such dirs in filesystem 2016-02-12 02:29:33 +01:00
Mikael Nordfeldth
338df7e35b Fix Nickname::isSystemPath() work properly for routes 2016-02-12 02:21:11 +01:00
Mikael Nordfeldth
67dfc0a046 application/xml allowed in uploads 2016-02-11 00:04:14 +01:00
Mikael Nordfeldth
733debd9b3 Use thumbnail upscaling config value 2016-02-10 04:40:54 +01:00
Mikael Nordfeldth
8806cce735 Default to avoid upscaling of thumbnails. 45x45=>450x450 is ugly 2016-02-10 04:40:10 +01:00
Mikael Nordfeldth
a61235086b Use config site/sslproxy to force HTTPS (i.e. using reverse proxy to enable it)
Usage in config.php: $config['site']['sslproxy'] = true;

Add this to documentation...
2016-02-10 01:05:02 +01:00
Mikael Nordfeldth
ec257d940a Either use or don't use HTTPS
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
2016-02-10 00:57:39 +01:00
Mikael Nordfeldth
dcf29c2a07 s/isHTTPS/useHTTPS/ for HTTPS URL generation 2016-02-10 00:38:14 +01:00
Mikael Nordfeldth
cd71188d3a SimpleCaptcha plugin to stop basic bots 2016-02-08 17:47:09 +01:00
Mikael Nordfeldth
d98784e059 Use functions instead of accessing properties in twitterUserArray 2016-02-08 12:21:58 +01:00
Mikael Nordfeldth
2938b3e960 Don't return true on requiresAuth if screen_name==='0' 2016-02-08 12:14:35 +01:00
Mikael Nordfeldth
13cf744fb3 Allow screennames that are === '0' 2016-02-08 11:40:46 +01:00
Mikael Nordfeldth
2686635f60 Keep the rel="tag" in HTML when purifying 2016-02-07 12:50:26 +01:00
Mikael Nordfeldth
d6664f5735 Hidespam by default
...why would something described as "Whether to hide silenced users from timelines"
be set to false by default? :)
2016-02-07 02:33:53 +01:00
Mikael Nordfeldth
098c8b1df4 NoHttpResponseException extends HTTP_Request2_ConnectionException 2016-02-07 01:52:20 +01:00
Mikael Nordfeldth
60804d1902 ES3 compatibility layer not necessary (noone uses IE8 etc.)
All browsers with javascript support also support ES5 nowadays. Anyone
using older software should upgrade for other reasons, such as security.
2016-02-04 11:37:24 +01:00
Mikael Nordfeldth
d5ecbd05a1 Forgot a break in a switch when rendering attachments. 2016-02-03 19:32:51 +01:00
Mikael Nordfeldth
9960714896 Disallow zero-length magnet URIs
magnet: would match, but now we have a zero-length lookahead which
requires the following character to be a question mark: magnet:?
2016-02-03 15:26:19 +01:00
Mikael Nordfeldth
90045d66ea HTMLPurifierSchemes plugin to allow geo and magnet URIs 2016-02-03 14:36:51 +01:00
Mikael Nordfeldth
349dba8be0 Only allow our specified URI schemes 2016-02-03 14:31:16 +01:00
Mikael Nordfeldth
e903bd0bc3 Hacky support for geo URI detection
Won't work with common_purify yet because there is no geo uri scheme for it
2016-02-03 14:19:08 +01:00
Mikael Nordfeldth
b1ed1f48ea Configurable linkify for bare IPv4/IPv6 2016-02-03 12:55:00 +01:00
Mikael Nordfeldth
84930f89f9 Don't allow account backups by default. 2016-02-03 01:08:36 +01:00
Mikael Nordfeldth
19b743a9f5 Set time limit to increase time backupaccount can take
Wills till run out of memory probably, we should fix that.
2016-02-03 01:04:14 +01:00
Mikael Nordfeldth
9fcfb7cb1d Proper error message on too much POST data 2016-02-03 01:03:58 +01:00
Mikael Nordfeldth
a2b914ce60 Get URL schemes by URL type 2016-02-03 00:18:37 +01:00
Mikael Nordfeldth
43abfe659b Bump beta number to 4
We have better webfinger @mention@capability.example at least and
OpportunisticQM is somewhat refined.
2016-01-30 00:04:18 +01:00
Mikael Nordfeldth
367fc054dc Merge branch 'master' into mmn_fixes 2016-01-30 00:03:25 +01:00
Mikael Nordfeldth
36f099958c Don't match @nickname on @nickname@server.com 2016-01-29 15:53:58 +01:00
Mikael Nordfeldth
cb40f72c7e Use the profile URI when linking instead of URL
since we'll then get to /user/$id instead of /$nickname which is
good for future archives if someone changes their nickname...
2016-01-29 15:21:01 +01:00
Mikael Nordfeldth
6b31feb70f Strict Standards: Declaration of MysqlSchema::get()
should be compatible with Schema::get($conn = NULL)
2016-01-28 20:18:06 +01:00
Mikael Nordfeldth
7e6783bb8f Replace htmLawed with HTMLPurifier 2016-01-28 19:01:13 +01:00
Mikael Nordfeldth
34093388a7 Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes 2016-01-27 22:43:37 +01:00
mmn
52778e1882 Merge branch 'json_encode_fail_branch' into 'nightly'
output error if json_encode fails



See merge request !86
2016-01-26 21:16:24 +00:00
mmn
42545c6625 Merge branch 'mention_branch' into 'nightly'
correct mentions if parent mentions multiple users with same nickname (don't use first one for all)



See merge request !82
2016-01-26 21:15:25 +00:00
Mikael Nordfeldth
a48055a3cc Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes 2016-01-25 20:22:16 +01:00
hannes
e447964639 remove my ugly debug info 2016-01-25 19:10:35 +00:00
hannes
b1b6a0a69c config['follow_redirects'] is the extlib's config! if max_redirs is set we want to do our own redirection following in this function 2016-01-25 19:03:26 +00:00
Mikael Nordfeldth
b15434375c Show plain text files on attachment page. 2016-01-25 16:54:40 +01:00
Mikael Nordfeldth
a9d18a077e Harmonize, clarify, categorize URL schemes
Regular expression + avoid-redirection list now match each other.
2016-01-24 12:47:31 +01:00
Mikael Nordfeldth
1cec627d72 Allow bitcoin scheme to URLs 2016-01-24 12:44:28 +01:00
hannes
4e50717e12 output error if json_encode fails 2016-01-23 15:01:27 +00:00
Mikael Nordfeldth
89dd44bf3e default connect_timeout to 5 instead of extlib 10 2016-01-22 12:20:03 +01:00
Mikael Nordfeldth
3f9c1c142a Removing unnecessary debug messages etc. 2016-01-21 02:49:34 +01:00
Mikael Nordfeldth
45446f17ad Only set selectVerbs if it's not set in class var 2016-01-21 02:37:38 +01:00
Mikael Nordfeldth
d3a4a2225f We want the profile stream to be as raw as possible! 2016-01-21 02:33:43 +01:00
Mikael Nordfeldth
f74d2d555c Working on some RSVP code stuff 2016-01-21 02:10:34 +01:00
Mikael Nordfeldth
5999171c11 Throw NoObjectTypeException on Notice->getObjectType if no string 2016-01-20 21:37:14 +01:00
Mikael Nordfeldth
21cc737f5c Cancelling RSVPs now seems to work. 2016-01-20 16:10:10 +01:00
hannes
de047f9727 correct mentions if parent mention multiple users with same nickname (don't use first one for all) 2016-01-19 13:41:25 +00:00
Mikael Nordfeldth
15d12b209d Don't include delete verbs in profile notice stream. 2016-01-18 22:04:42 +01:00
Mikael Nordfeldth
f768de4b46 default connect_timeout to 5 instead of extlib 10 2016-01-18 22:01:45 +01:00
Mikael Nordfeldth
cae344b67b Events are now saved but not displayed properly again 2016-01-18 20:57:44 +01:00
Mikael Nordfeldth
bdc38a7204 Initial user doesn't need as strict checking on email 2016-01-17 00:39:49 +01:00
Mikael Nordfeldth
deda83fdef Distinguish notice saving errors from others for Salmon 2016-01-16 22:39:04 +01:00
Mikael Nordfeldth
4678546d33 We want exceptions to be noticable in activityhandlerplugin 2016-01-16 21:19:34 +01:00
Mikael Nordfeldth
3019f8f23f dbqueuemanager logic 2016-01-16 21:05:34 +01:00
Mikael Nordfeldth
f53ebdeadb Start handling salmon entries directly with Notice::saveActivity
More to come...
2016-01-16 17:25:29 +01:00
Mikael Nordfeldth
1f76c1e4a9 Initial user doesn't need as strict checking on email 2016-01-16 17:23:50 +01:00
mmn
44c10bb2aa Merge branch 'oembed_branch' into 'nightly'
purify oembed html and don't allow cdata

hopefully we never need stuff in cdata

reason for this is that this link serves javascript in its oembed data: https://www.maketecheasier.com/switch-windows-10-to-linux/

see:
https://www.maketecheasier.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.maketecheasier.com%2Fswitch-windows-10-to-linux%2F

i don't feel we want that in our database.  

See merge request !79
2016-01-15 13:11:35 +00:00
Mikael Nordfeldth
16088d9439 ErrorAction and InfoAction fixes, are now ManagedAction 2016-01-14 21:28:47 +01:00
Mikael Nordfeldth
bc0a903bd4 ErrorAction to autodiscoverable file. 2016-01-14 21:21:34 +01:00
Mikael Nordfeldth
b530d385bc Exception object was not supplied there 2016-01-14 18:51:46 +01:00
Mikael Nordfeldth
0caf0612d0 Make Twitter Media upload API v1.1 reach us
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
Mikael Nordfeldth
6e49281adb Use the Action class itself as error handler 2016-01-14 18:21:11 +01:00
Mikael Nordfeldth
c173c4faa5 Actually throw NoQueueHandlerException too. 2016-01-14 13:48:33 +01:00
Mikael Nordfeldth
df00a88cb4 Forgot to add NoRouteMapException to 6834f355f2 2016-01-14 13:07:00 +01:00
Mikael Nordfeldth
6834f355f2 Making ClientExceptions turn into ClientErrorAction
Got some 404s which were presented as 500
2016-01-14 02:47:28 +01:00
Mikael Nordfeldth
99261e0781 Don't LOG_ERR missing paths (misspelling clients aren't errors) 2016-01-14 02:22:47 +01:00
Mikael Nordfeldth
331abf173b Forgot semicolon 2016-01-14 02:05:33 +01:00
Mikael Nordfeldth
f699ffeb8a Exception handling in queue handler logic 2016-01-14 02:04:15 +01:00
Mikael Nordfeldth
0ddaa6ff75 Handle exceptions in QueueHandler classes 2016-01-14 01:47:13 +01:00
Mikael Nordfeldth
29b45bb87a Unnecessary call to User::getKV 2016-01-13 20:08:17 +01:00
Mikael Nordfeldth
818aaa0578 We didn't get profiles from the new-style attention system 2016-01-13 18:35:25 +01:00
hannes
3e7e3de554 don't allow cdata elements in purified html 2016-01-13 16:01:27 +00:00
Mikael Nordfeldth
99da1ebe41 Catch NoHttpResponseException when using HTTPClient 2016-01-13 14:17:49 +01:00
Mikael Nordfeldth
3ed632decf NoHttpResponseException needed instead of HTTP_Request2_Exception
HTTP_Request2_Exception assumed an HTTP response status code/line
2016-01-13 14:08:48 +01:00
Mikael Nordfeldth
e75472f460 Use the upstream function to get effectiveUrl 2016-01-13 14:00:05 +01:00
Akio Nishimura
eceafb84de lib/language.php: rewrited jp as ja. 2016-01-13 13:23:06 +01:00
Mikael Nordfeldth
e49e113140 Ugly hack to show thumbnails of otherwise unrepresentable attachments
such as text/html, where the thumbnail has been retrieved via oEmbed/OpenGraph
2016-01-12 15:38:59 +01:00
Mikael Nordfeldth
8c28e54ccc same as previous, but for mime_to_ext 2016-01-12 13:14:17 +01:00
Mikael Nordfeldth
dbe5d72e4c If all file extensions are supported we have no list of comparisons 2016-01-12 13:08:54 +01:00
hannes
a1b509bb0b forgot we need access to $html too 2016-01-11 20:58:34 +00:00
hannes
8d331b0f35 EndCommonPurify event 2016-01-11 20:54:19 +00:00
Mikael Nordfeldth
1a46d86ca6 lib/util.php quick function to do var_export($var,true)
Immensely useful when debugging and we want to put quotes around strings,
potentially stopping any "evil logging attacks" (where input data masks
as logging data).
2016-01-11 19:52:54 +01:00
Mikael Nordfeldth
c1f22f106b Might as well put a $limit on preg_replace here
Since there will (should) never be more than one ^http in that string anyway.
2016-01-11 18:27:26 +01:00
Mikael Nordfeldth
5b2b969a77 Tag notice streams should only show post verbs 2016-01-11 15:15:23 +01:00
Mikael Nordfeldth
b13f8df79b HTTPClient would return null instead of exception
This caused $response->isOK() tests to call a function on a non-existing object, causing all hell to break loose.
2016-01-11 02:36:59 +01:00
Mikael Nordfeldth
5ef10a14ef Get group attentions too for outbound notices 2016-01-09 15:06:44 +01:00
Mikael Nordfeldth
55aa68b941 CancelGroupForm gets same typing as Join and Leave 2016-01-09 14:13:19 +01:00
Mikael Nordfeldth
fbec7c4e75 Issue #121 - use correct Group ID and strict User_group typing 2016-01-09 14:06:50 +01:00
Mikael Nordfeldth
d13483ca20 Wups, $poster could be undefined 2016-01-09 13:15:09 +01:00
Mikael Nordfeldth
33194b3cff Attention goes to the parent notice author too 2016-01-08 02:58:31 +01:00
Mikael Nordfeldth
0463d96392 Add more info in logging call
There shouldn't be *HandleSalmonTarget, only verification of actor and
then Notice::saveActivity()!
2016-01-08 01:52:10 +01:00
Mikael Nordfeldth
e6f2676c5c Default to not include delete verbs in notice streams 2016-01-07 23:33:47 +01:00
Mikael Nordfeldth
801ca3531b common_find_attentions to populate activities from content text 2016-01-07 23:23:37 +01:00
Mikael Nordfeldth
1f02dc639e shortenLinks _after_ media upload to be consistent with api 2016-01-07 18:14:45 +01:00
Mikael Nordfeldth
be58fd64f5 Use index for File url (urlhash) 2016-01-07 18:13:10 +01:00
Mikael Nordfeldth
d4be5349b3 think I have managed to show oEmbed images better now 2016-01-07 17:35:37 +01:00
Mikael Nordfeldth
5d4b1d0b88 Appropriate exception message in GroupNoProfileException 2016-01-07 12:14:48 +01:00
Mikael Nordfeldth
47c7e1b875 Breaking class definitions out into separate files and fixing typing 2016-01-06 19:46:56 +01:00
Mikael Nordfeldth
f1c4c64cd9 Don't update stored URLs just because we have a filename
This would overwrite remote URLs with local verisons which removes source href...
The reason one might have filenames for remote URLs is that StoreRemoteMedia plugin
fetches them and uses the filename field.
2016-01-06 19:24:03 +01:00
Mikael Nordfeldth
b596391fcd Avoid having to check for notices without rendered copies in upgrade.php
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Mikael Nordfeldth
4a8e936e19 Somewhat more meaningful error message 2016-01-06 14:10:37 +01:00
Mikael Nordfeldth
4b22b0c42a More listitems and lists into separate files + stronger typing 2016-01-06 01:36:46 +01:00
Mikael Nordfeldth
6d9f390ba8 Separating classes into files and stronger typing 2016-01-06 01:30:12 +01:00
Mikael Nordfeldth
da2f179ae9 Typing to Profile 2016-01-06 01:25:00 +01:00
Mikael Nordfeldth
e577e883f4 Subscriber lists to separate files and also Profile typing 2016-01-06 00:57:31 +01:00
Mikael Nordfeldth
1946197a1c Merge request #10 by aroque but in a slightly different version 2016-01-06 00:48:03 +01:00
Mikael Nordfeldth
31c8416a8f Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes 2016-01-06 00:24:41 +01:00
Mikael Nordfeldth
792b62874e Require Profile for Profile->getLists 2016-01-06 00:18:10 +01:00
hannes
0b4b0de412 longurl in href 2016-01-05 23:14:51 +00:00
Mikael Nordfeldth
3d66d960a1 Require Profile for Profile->getOtherTags 2016-01-06 00:07:15 +01:00
hannes
8b78e01d4c $longurl->url is just the same $canon we fed to File_redirection::where() 2016-01-05 23:06:02 +00:00
hannes
64f2f3d976 effectiveUrl seems to contain the url we want 2016-01-05 22:44:06 +00:00
Mikael Nordfeldth
df8c14d66a ProfileMiniList->newListItem changed to match ProfileList->newListItem 2016-01-05 00:09:47 +01:00
Mikael Nordfeldth
de7e8c59e8 Version bump since we've fixed a lot of bugs 2016-01-04 02:19:37 +01:00
Mikael Nordfeldth
fb537fb7f4 We would end up with a Managed_DataObject if now match was found
meaning we'd return for example a Notice with empty id (translated into 0)
and thus Faves coming in from remote instances where the fave'd notice was
not found would result in faving the first Notice in a table-wide search,
i.e. often the first post on the instance.

Whoopie!
2016-01-04 02:04:18 +01:00
Mikael Nordfeldth
065e23b1c4 Code cleanup in lib/activityutils.php 2016-01-04 01:58:45 +01:00
Mikael Nordfeldth
00ace6c2df More explicit catch 2016-01-04 01:53:33 +01:00
Mikael Nordfeldth
b4b57bba54 EmptyIdException to make sure we get the right in catch 2016-01-03 22:56:48 +01:00
Mikael Nordfeldth
3bddf01350 Somewhat better layout for approving/rejecting subrequests 2016-01-03 20:42:21 +01:00
Mikael Nordfeldth
c19964094b Pending subscription requests now work as they should
A slight layout issue with the buttons still persists
2016-01-03 20:27:53 +01:00
Mikael Nordfeldth
df0f9547b5 Handle private streams better (failed to show profile before) 2016-01-03 19:16:29 +01:00
Mikael Nordfeldth
0dc7fcce5b Fixes issue #94 with undefined 'fr'
I just copied the English example...
2016-01-03 00:45:47 +01:00
Mikael Nordfeldth
fe328ae5e4 Fix because qvitter supplies a twitter array value which is an array
works for json API, not for XML, so we make an exception here...
2016-01-02 02:01:54 +01:00
Mikael Nordfeldth
cf6e06a5dd Avoid exception for invalid URL aborting rendering for parent notice if it fails 2016-01-02 00:09:10 +01:00
Mikael Nordfeldth
0dfafe2567 NewnoticeAction now uses Notice::saveActivity(...) 2016-01-01 20:18:54 +01:00
Mikael Nordfeldth
26a6eca94e Location::fromOptions(Notice::locationOptions(...)) 2016-01-01 19:29:31 +01:00
Mikael Nordfeldth
e02c10a589 common_render_content doesn't require a Profile now 2016-01-01 18:40:58 +01:00
Mikael Nordfeldth
10973dcf69 Don't require a notice object to common_linkify_mentions 2016-01-01 18:20:42 +01:00
Mikael Nordfeldth
86106b890a Output fixed sizes of thumbnails so we don't get jumpy scrolling 2016-01-01 14:13:16 +01:00
Mikael Nordfeldth
7adf1c99fc s/LOG_ERROR/LOG_ERR/ 2015-12-31 13:04:50 +01:00
Mikael Nordfeldth
998db39b1a Notification mails are sent again fixes ssue #99
The problem was that the ActivityVerbPostPlugin handled 'post' verbs
but didn't handle the notifications for them, so now we're returning
true in the event so the default behaviour (sending to 'getReplies'
recipients) is done by default.
2015-12-30 17:35:47 +01:00
Mikael Nordfeldth
c0ef167514 create storage directories automatically 2015-12-28 00:35:02 +01:00
Mikael Nordfeldth
2f836e2a59 GNU social config paths, removed StatusNet/Laconica 2015-12-28 00:09:06 +01:00
Mikael Nordfeldth
17a65ff873 background folder has never been used for GNU social 2015-12-28 00:00:51 +01:00
Mikael Nordfeldth
6026dcaed1 Report if the email was not sent! 2015-12-27 02:16:12 +01:00
Mikael Nordfeldth
62c4ffe889 Server exceptions should reasonably be 5xx 2015-12-27 02:15:37 +01:00
Mikael Nordfeldth
83c112e24b Handle lack of parent nicely 2015-12-26 16:36:03 +01:00
Mikael Nordfeldth
306df3dc3b Logging fixes 2015-12-26 16:27:06 +01:00
Mikael Nordfeldth
c2ea85a5e2 Merge branch 'master' into nightly 2015-12-14 22:07:06 +01:00
mmn
2addf8e456 Merge branch 'repost-of-uf2' into 'master'
Mark up link to original as a repost for repeats

http://indiewebcamp.com/repost

See merge request !46
2015-12-14 21:03:38 +00:00
Mikael Nordfeldth
ef4e61c91b Merge branch 'master' into nightly 2015-12-14 22:03:04 +01:00
mmn
edd62e58fd Merge branch 'at-mention-url' into 'master'
MentionURL Plugin

This plugin enables users to use the syntax `@twitter.com/singpolyma` to mention users the system does not know about, or to be more specific when a nickname is ambiguous.

See merge request !53
2015-12-14 21:01:42 +00:00
mmn
c114c6bbad Merge branch 'php-minversion-detec' into 'nightly'
installer::checkPrereqs bump PHP version to 5.5.0

Related to #102 

See merge request !63
2015-12-14 20:37:53 +00:00
Mikael Nordfeldth
d659e0aaf9 We have to print/echo when outputting json (thanks hannes) 2015-12-14 21:31:10 +01:00
Mikael Nordfeldth
8d1105fe73 We have to print/echo when outputting json (thanks hannes) 2015-12-14 21:29:39 +01:00
Mikael Nordfeldth
c498db147a ircs URLs work fine in Firefox at least 2015-12-05 13:02:49 +01:00
Chimo
3e16e31080 installer::checkPrereqs bump PHP version to 5.5.0 2015-12-04 15:22:58 +00:00
Mikael Nordfeldth
4479d780e5 List groups with nickname instead of full name in sidebar 2015-11-30 02:21:17 +01:00
Mikael Nordfeldth
334a0d56e7 Oembed slimmed to only do discovery (soon we get og: discovery too) 2015-11-30 02:06:04 +01:00
Mikael Nordfeldth
8bab642cc7 quickGetJson for HTTP requests to return json objects 2015-11-30 02:05:06 +01:00
Mikael Nordfeldth
b7edac2610 HTTPClient get $params array and oEmbedHelper uses it 2015-11-30 01:28:18 +01:00
Mikael Nordfeldth
5b847eff12 bump beta version number 2015-11-23 00:42:13 +01:00
Mikael Nordfeldth
bca4bb8373 allow form ->li() to set $class 2015-11-23 00:40:28 +01:00
Mikael Nordfeldth
1630424797 Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into nightly 2015-11-20 18:50:26 +01:00
mmn
b33b40db45 Merge branch 'refactor-file-processNew' into 'nightly'
Refactor on File::processNew

The code was so involved there was even a comment asking for a refactor.

Now, File_redirection::where always returns a nice File_redirection
object instead of an array or string or nothing.  The object is
either one which already existed or else a new, unsaved object.

Instead of duplicating "does it exist" checks everywhere, do it in
File_redirection::where.  You either get what exists or something to save.

An unsaved File_redirection may be paired with an unsaved File.
You will want to save the File first (using ->saveFile()) and put the
id in File_redirection#file_id before saving.

See merge request !57
2015-11-20 17:50:01 +00:00
Mikael Nordfeldth
38c84a92c7 Merge request #59 which was directed at master 2015-11-20 18:47:21 +01:00
hannes
abb8d1273e block check can't be done inside the same try-expression as Subscription::getSubscription(), since if that throws a NoResultException, the block check will not be done. and if you're blocking someone you are not subscribing to them. 2015-11-19 15:55:11 +00:00
Mikael Nordfeldth
f29daa22b6 Merge branch 'master' of git.gnu.io:gnu/gnu-social into nightly 2015-11-06 13:39:17 +01:00
mmn
dbdac9cfbe Merge branch 'in-reply-to-uf2' into 'master'
Add direct link to parent notice

This is partly for usability, and partly to make Linkbacks for replies work (when the plugin is enabled).

See merge request !37
2015-11-06 12:39:02 +00:00
Mikael Nordfeldth
c950f18546 Merge branch 'master' into nightly
Some merge requests that were aimed at master
2015-11-05 16:07:05 +01:00
mmn
f513ceac7d Merge branch 'handle-rss-guid' into 'master'
Respect isPermalLink=false on RSS guid



See merge request !49
2015-11-05 15:02:20 +00:00
Stephen Paul Weber
a9b1b60a97 Refactor on File::processNew
The code was so involved there was even a comment asking for a refactor.

Now, File_redirection::where always returns a nice File_redirection
object instead of an array or string or nothing.  The object is
either one which already existed or else a new, unsaved object.

Instead of duplicating "does it exist" checks everywhere, do it in
File_redirection::where.  You either get what exists or something to save.

An unsaved File_redirection may be paired with an unsaved File.
You will want to save the File first (using ->saveFile()) and put the
id in File_redirection#file_id before saving.
2015-11-02 05:15:08 +00:00
Stephen Paul Weber
2207eacc92 New length format for other kinds of mentions 2015-10-28 00:15:08 +00:00
Stephen Paul Weber
fed0895d98 Move the functionality to a plugin
Use an associated model to prevent race conditions on creating the
profile object.
2015-10-28 00:11:54 +00:00
Stephen Paul Weber
54e87dd2c3 Morkup correct author for a repeat
The original author is not the author of this entry, but of the original entry.
2015-10-27 17:19:03 +00:00
Stephen Paul Weber
03c68d283d Respect isPermalLink=false on RSS guid 2015-10-27 03:18:04 +00:00
Stephen Paul Weber
21979bb7d7 Allow users to @mention URLs
Because inferring who you mean (especially in the presence of remotes) can suck
2015-10-23 21:15:40 +00:00
Stephen Paul Weber
033ed7e4aa Mark up link to original as a repost for repeats
http://indiewebcamp.com/repost
2015-10-23 19:12:25 +00:00
Stephen Paul Weber
cd22be3374 Only show parent wrapper if there are some 2015-10-23 18:51:33 +00:00
Stephen Paul Weber
fc3f1f6942 Add direct link to parent notice
This is partly for usability, and partly to make Linkbacks for replies
work (when the plugin is enabled).
2015-10-19 18:40:40 +00:00
Mikael Nordfeldth
2c8536dbf0 Link source==share notices 2015-10-14 01:30:29 +02:00
Mikael Nordfeldth
79c40bc73b Type-aware comparison is necessary for Notice is_local/scope 2015-10-14 00:42:15 +02:00
Mikael Nordfeldth
3f4d4cb7a0 Better error handling in Bookmark 2015-10-12 18:28:32 +02:00
mmn
238d2a3876 Merge branch 'link-atom-fix' into 'nightly'
atom: <link> urls should be attr, not content

Some activities (ex: repeats and follows) have <link>s like this:
<link rel="alternate" type="text/html">http://example.org</link>

This commit changes them to:
<link rel="alternate" type="text/html" href="http://example.org"/>

See merge request !30
2015-10-10 20:33:58 +00:00
Mikael Nordfeldth
cae43344ec Start reworking Bookmark plugin for more modern code 2015-10-10 21:56:02 +02:00
Mikael Nordfeldth
2ad7c4313d Search engine fix because Directory did a 'join'
Colliding columns with a very lacking error message from DB ;)
2015-10-10 12:16:12 +02:00
Mikael Nordfeldth
dd149a76f3 AtomPub should work now, at least for post/note 2015-10-09 16:19:26 +02:00
Mikael Nordfeldth
2d3f1ef520 You don't have to push objects as references 2015-10-09 15:45:23 +02:00
Mikael Nordfeldth
5dc718c54d Make Bsaic Auth work properly with RW actions 2015-10-09 15:43:17 +02:00
Mikael Nordfeldth
3013b84e98 Don't enable StrictTransportSecurity by default
(but you should enable it if you use TLS, but there are many who do this
through their webserver and it's odd to have double headers etc...)
2015-10-09 10:55:12 +02:00
Mikael Nordfeldth
2aed59a02a Diaspora plugin is almost there (for remote salmon slaps at least) 2015-10-04 12:06:48 +02:00
Mikael Nordfeldth
aba38d5586 bump to 1.2.0-beta1 as we have remote delete functionality now 2015-10-03 12:39:23 +02:00
Mikael Nordfeldth
dac617d95a I think all the notice deletion calls are event-compatible now
This means we can handle DeleteNoticeAsProfile in plugins, such as
the ActivityModeration plugin.
2015-10-03 12:26:09 +02:00
Mikael Nordfeldth
88f7bb1ed5 Some work on ActivityModeration with notice deletion
Let's now create an event called DeleteNotice and also make sure we
handle the onNoticeDeleteRelated properly in ActivityModeration to
avoid possible endless loops etc.
2015-10-03 02:02:37 +02:00
Mikael Nordfeldth
80bc7f0e25 File handling changes for better logic
Also prepares for StoreRemoteMediaPlugin, coming up...
2015-10-01 22:14:49 +02:00
Mikael Nordfeldth
5b7deee0cc InlineAttachmentListItem put into its own file 2015-10-01 21:40:05 +02:00
Mikael Nordfeldth
3a6c98ff16 NoResultException is common if reply_to was not cleared on parent deletion 2015-09-30 22:55:06 +02:00
Mikael Nordfeldth
a09cf51b99 Move Ostatus_profile->processPost function into plugin 2015-09-29 15:19:13 +02:00
Mikael Nordfeldth
d6e56924fe Accessibility improvement, title for popup close button
Apparently it read as "times" in screen readers.
2015-09-28 00:47:16 +02:00
Mikael Nordfeldth
ad3b62cf2f ShowprofiletagAction now extends ShowstreamAction 2015-09-27 23:46:30 +02:00
Mikael Nordfeldth
0e24709989 Profile/Peopletag file splitting for autoload 2015-09-27 22:51:50 +02:00
Chimo
96a7bf2b90 atom: <link> urls should be attr, not content
Some activities (ex: repeats and follows) have <link>s like this:
<link rel="alternate" type="text/html">http://example.org</link>

This commit changes them to:
<link rel="alternate" type="text/html" href="http://example.org"/>
2015-09-14 21:34:56 -04:00
Mikael Nordfeldth
604ed1fd9a Prepare for ActivityModerationPlugin 2015-09-10 15:55:37 +02:00
Mikael Nordfeldth
9ad9b91efb Call it compareVerbs when comparing verbs 2015-09-10 15:27:40 +02:00
Mikael Nordfeldth
404d5781fc Annoying debug messages that were just meant to remind 2015-09-09 17:48:06 +02:00
Mikael Nordfeldth
52de57e2f6 Let's handle notice dataobjects instead, despite fetching twice from db
Actually the original object should be fixed here, but we'll handle the FIXME's later.
2015-09-09 17:03:52 +02:00
Mikael Nordfeldth
4b83d62750 Split classes into their own files 2015-09-09 16:30:14 +02:00
Mikael Nordfeldth
4354ce21d1 introducing html_sprintf for easier sprintf'ing with htmlspecialchars 2015-09-06 01:53:11 +02:00
Mikael Nordfeldth
3c86542a40 Move notice location data to Notice_location
Will probably take a _long_ time to do scripts/upgrade.php but don't
worry, it can be aborted and resumed.
2015-09-04 22:25:11 +02:00
mmn
5f74ec6782 Merge branch 'webinstaller-faq-link' into 'nightly'
Fix broken link to FAQ in web installer

See merge request !24
2015-09-03 16:09:38 +00:00
Mikael Nordfeldth
84a65c7189 Include PHP libraries from system if not packaged and they are installed.
Thanks to:
    "Bhuvan Krishna" <bhuvan@swecha.net>
    "Sunil Mohan" <sunil@medhas.org>
2015-09-03 17:56:11 +02:00
Chimo
abde7a2682 Fix broken link to FAQ in web installer 2015-07-25 10:36:31 -04:00
Mikael Nordfeldth
7ce32619cc Missing getTarget function in targetedrss10action.php 2015-07-21 02:17:34 +02:00
Mikael Nordfeldth
5b09a150bc Increased debugging and fixing conversation stitching for saveActivity 2015-07-18 19:19:16 +02:00
Mikael Nordfeldth
6f62adedfc Infinite loop on CLI initiated profile deletion for local users
profile deleting user deleting profile deleting user...
2015-07-18 02:16:52 +02:00
Mikael Nordfeldth
beba2a25d0 Don't retry unhandled transports in OpportunisticQM
It'd continue trying xmpp transports forever, for example...
2015-07-18 01:09:50 +02:00
Mikael Nordfeldth
8d516d7f08 Don't allow imports by default until it works well on large instances. 2015-07-17 14:40:09 +02:00
Mikael Nordfeldth
a093dea38c ExtendedProfile is not something we want by default. 2015-07-17 12:46:24 +02:00
Mikael Nordfeldth
cfaaf3c13c PasswordsettingsAction aligned with FormAction
Also made some changes in the password "munging" function call
common_munge_password to accept a profile instead of user ID (which
was only there because stoneage StatusNet used the ID to generate a
not-very-random salt, but nowadays we primarily use AuthCrypt plugin).
2015-07-17 01:47:43 +02:00
Mikael Nordfeldth
a6e299a2fc OAuth stuff adapted for FormAction
TODO: Break OAuth out into a plugin.
2015-07-17 01:07:19 +02:00
Mikael Nordfeldth
ba5a43f2f9 If XMLOutputter $output arg is null, use php://output
Since pushing a null value to the argument actually sets it to null
and not the default fallback (previously $output='php://output');
2015-07-16 23:58:04 +02:00
Mikael Nordfeldth
f1d9d8a6ed ImSettings adapted to FormAction inheritance
TODO: Get separate Form classes and move User_im_prefs to Profile_prefs
2015-07-16 21:18:50 +02:00
Mikael Nordfeldth
fd2efbc6f8 AvatarSettings more aligned to FormAction
TODO: Make classes called AvatarCropForm and AvatarUploadForm
2015-07-16 19:21:12 +02:00
Mikael Nordfeldth
2d44400cfc SettingsAction now extends FormAction (and thus ManagedAction) 2015-07-16 19:03:53 +02:00
Mikael Nordfeldth
673bef2fda OAuth widgets separated into their own files 2015-07-16 18:52:43 +02:00
Mikael Nordfeldth
94d54ebc29 Function declarations to match parent class 2015-07-16 18:45:59 +02:00
Mikael Nordfeldth
44dc00a58c Non-replies cannot harvest parent notice nicknames
A feature we use of parent notices is that if you use the same @user
as the parent notice, the same @user will be notified, regardless if
there might be @user@site.com as well as @user@example.com and you're
subscribed to just one of them (or both, or none of them!).

But this threw an exception since we tested this on new notice threads.
2015-07-16 12:53:10 +02:00
Mikael Nordfeldth
cd23c78800 Less redundant code. 2015-07-15 19:21:21 +02:00
Mikael Nordfeldth
01a4ab30dc Removing MicroID as well as simplifying profileaction
sorry, forgot to commit in between
2015-07-14 16:52:20 +02:00
Mikael Nordfeldth
ac98600640 More RESTish URL (/notice/:notice/delete) for notice delete
Also returns to 'top' now after notice deletion.
2015-07-11 11:26:48 +02:00
Mikael Nordfeldth
7d524307d2 DeletenoticeForm is its own class now 2015-07-11 11:26:44 +02:00
Mikael Nordfeldth
9101a1db3d No limit argument to Rss10Action->getNotices() (use $this->limit) 2015-07-11 11:09:16 +02:00
Mikael Nordfeldth
e439ace944 bump alpha number to ease remote debugging help 2015-07-11 01:00:04 +02:00
Mikael Nordfeldth
fae79b5812 Forgot to push TargetedRss10Action 2015-07-11 00:32:05 +02:00
Mikael Nordfeldth
64fbc93217 ApiAction::dateTwitter was called statically from a plugin 2015-07-10 23:30:17 +02:00
Mikael Nordfeldth
961031bc28 Cleaning up Directory plugin lists 2015-07-10 23:19:54 +02:00
Mikael Nordfeldth
08bd4fa6a8 ShowstreamAction no longer has public ->profile 2015-07-10 23:09:44 +02:00
Mikael Nordfeldth
7c4e550e31 Merge branch 'master' into nightly 2015-07-10 16:02:55 +02:00
Mikael Nordfeldth
9a92b58057 ShowstreamAction tidying up
Lots of these changes mean that we're requiring certain values to
either by typed properly or return the expected value. If it doesn't
there should be a fatal exception thrown which we can followup in the
logs and won't go silently suppressed.
2015-07-10 13:44:47 +02:00
Mikael Nordfeldth
50c297bcbe ShowstreamAction fixes so it's not as horrible 2015-07-10 12:34:06 +02:00
Mikael Nordfeldth
6a36121a56 Spiff up the PersonalTagCloudSection class
missing a fix in actions/showstream.php for the switched position
of arguments in the constructor
2015-07-10 12:23:55 +02:00
Bhuvan Krishna
d6924f7680 Remove executable permissions where unnecessary 2015-07-10 14:36:34 +05:30
Mikael Nordfeldth
e46b2803a7 Introducing TargetedRss10Action for simplifying RSS 1.0 2015-07-10 00:28:36 +02:00
Mikael Nordfeldth
1cbf2510e7 /:nickname/all/rss had to be before /:tagger/all/:tag
...though this makes it impossible to get a list called "rss"

so FIXME, the RSS 1.0 actions should be in the API or something
2015-07-10 00:27:26 +02:00
Mikael Nordfeldth
b5b7a27f9b Rss10Action migrated to ManagedAction 2015-07-09 23:29:30 +02:00
Mikael Nordfeldth
06f60b57c1 StartpageAction essentially duplicated TopAction 2015-07-09 23:01:50 +02:00
Mikael Nordfeldth
ed248f7f5a No static calls (PEAR sucks ass) 2015-07-09 22:26:03 +02:00
Mikael Nordfeldth
d63bca9d3c Rss10Action now in an autodetected file. 2015-07-09 14:22:22 +02:00
Mikael Nordfeldth
65f1f74f2b Type controlling in lib/atomnoticefeed.php 2015-07-09 13:56:02 +02:00
Mikael Nordfeldth
acdcb2ad8d prepare and handle function to match parents 2015-07-07 19:34:42 +02:00
Mikael Nordfeldth
edef6f929a Don't statically call Validate functions 2015-07-07 19:30:14 +02:00
Mikael Nordfeldth
9054bb69e9 I had some inheritance the wrong way around. 2015-07-04 19:48:35 +02:00
Mikael Nordfeldth
5424c82423 Forgot NoticestreamAction, thanks roland. 2015-07-04 00:02:05 +02:00
Mikael Nordfeldth
d5a24da167 only variables can be sent by reference (strict standards) 2015-06-25 20:13:27 +02:00
Mikael Nordfeldth
3a74f49182 stricter typing in GroupsNav menu widget 2015-06-23 12:56:19 +02:00
Mikael Nordfeldth
748bd825e7 SelftagWidget had mismatching url() definition 2015-06-23 12:37:00 +02:00
Mikael Nordfeldth
e6507a0f18 FeedList widget had mismatching show() definition 2015-06-23 12:26:44 +02:00
mmn
46cf5aa2a4 Merge branch 'remove_broken_plugins_from_default' into 'nightly'
Drop QnA from default plugins

Since it doesn't work (at least at the moment) it shouldn't be proposed as default plugin

See merge request !15
2015-06-20 22:48:49 +00:00
mmn
ee9176f20d Merge branch 'drop_corporate_text' into 'nightly'
Drop corporate text plus minor rewording

Following [this discussion](https://gnusocial.no/conversation/190441#notice-190441) I only fixed corporate-only occurrences. I suggest People instead of User directory. Moreover I fixed a minor inconsistency (Trends should be preferred to Trending topics).

The full locale folder should be fixed once we have digitaldreamer's feedback. But we can at least start from this.

See merge request !16
2015-06-20 22:48:31 +00:00
Mikael Nordfeldth
a03249dd99 No reason to have makeRegex protected 2015-06-12 17:15:39 +02:00
aroquen
267a49103e Rewording: trends instead of trending topics for consistency with other occurrences 2015-06-07 22:28:19 +02:00
aroquen
f9c51c2478 No corporate-only strings in code base anymore 2015-06-07 22:24:14 +02:00
aroquen
776b82e6e8 Drop QnA from default plugins 2015-06-07 14:05:51 +02:00
mmn
f7769c17b5 Merge branch 'subscribers_as_addressees' into 'nightly'
Add subscribers as addressees to toselector

Populate the dropdown recipient menu first with groups, then with followed users. There is no alphabetical sorting (perhaps to be added later?). See this discussion https://gnusocial.no/conversation/190705#notice-190705. Thanks to @chimo.

Hope it is good now.

See merge request !14
2015-06-06 21:14:50 +00:00
Chimo
76c9971c31 Show nickname if user has oldschool option enabled 2015-06-06 23:07:34 +02:00