Commit Graph

3953 Commits

Author SHA1 Message Date
Mikael Nordfeldth
bbada781b7 Stronger typing and function access control in OStatus 2014-05-05 19:06:22 +02:00
Mikael Nordfeldth
2ea5f00666 Success debugging was too much noise 2014-05-05 18:59:44 +02:00
Mikael Nordfeldth
960baae1d1 More debugging in Magicsig class verify method 2014-05-05 17:48:21 +02:00
Joshua Judson Rosen
7440dc2145 Prevent spurious refusals of legitimate notices posted to users via Salmon.
Make the logic match the intent described in the comments.

The intent is clearly "accept notices whenever (A or B or C)", but
the logic implemented was more like "not ((not A) or (not B) or (not C))",
which is a basical boolean algebra fail (each of those ORs need to
become ANDs for double-negation to work).

The practical implication was that, for example, writing a reply
to someone else's notice and including an @-reference to _another_
user on another site to bring them into the discussion would
fail to deliver the notice to the new user because their server
would basically say `oh no, you can't message this user
from someone else's thread' because an earlier check for
the `A' or `C' parts of `(A or B or C)' prevents `B' from
being checked.

cf.: <http://status.hackerposse.com/notice/55846>, which was
refused by the nhcrossing.com server because it didn't know
about <http://sn.jonkman.ca/notice/93724>, even though it would
have passed the later `notice contains a reference to a local user'
check if not for an exception being prematurely thrown.

The whole idea of reporting `which specific check FAILED'
in an `if ANY SUCCEEDS' analysis is just bogus, so nix all of
the distinct ClientExceptions--a single `ALL FAILED' exception
is the only one that makes sense.
2014-05-05 13:35:38 +02:00
Joshua Judson Rosen
4fd3f43ad2 Autocomplete: don't match non-subscribed group-names.
There's no point, since we can't post/link to them anyway.
2014-05-05 13:32:18 +02:00
Mikael Nordfeldth
27ed6b7db0 getConversationUrl introduced for linking to conversations 2014-05-01 15:25:19 +02:00
Mikael Nordfeldth
caeb6e583c We're not interested in Disqus support. 2014-05-01 02:15:10 +02:00
Mikael Nordfeldth
b77a09fdee Notice URIs are not necessarily URLs.
Let's use getUrl() for URL retrieval. May throw exceptions, but
only if it's a Notice that cannot be linked like that anyway.
2014-04-30 20:44:23 +02:00
Mikael Nordfeldth
1acffa9c7a wtf is Echo? bah, let's get rid of this crap 2014-04-30 20:35:06 +02:00
Mikael Nordfeldth
7d191f8062 s/bestUrl/getUrl/ for notices and microapp objects 2014-04-29 19:46:58 +02:00
Mikael Nordfeldth
c1d2f2516a VideoThumbnails failure detection improved. 2014-04-29 19:45:42 +02:00
Mikael Nordfeldth
c8d613b916 Minifying javascripts is evil. Let's not do it.
The microformats stuff was unused
2014-04-28 18:57:11 +02:00
Mikael Nordfeldth
b0cae37b0f Datetime representation aligned for microformats2
Read more at http://microformats.org/

Also, tooltip text on time representation for humans has been improved.
Unfortunately no standardised representation (like "RFC850") had 4-digit years.
2014-04-28 18:54:55 +02:00
Mikael Nordfeldth
5fd6053220 Code cleanup and enabling User object's etc. getUri() 2014-04-28 14:08:42 +02:00
Mikael Nordfeldth
030639d02d EmailAuthentication enabled by default
The login field said "Username or email address" already, so...
2014-04-28 12:39:57 +02:00
Mikael Nordfeldth
37ce1f4766 Better fallback on UnsupportedMediaException 2014-04-28 12:12:06 +02:00
Mikael Nordfeldth
d59eb5e184 Dynamically generate thumbnails (see full text)
The File object now stores width and height of files that can
supply this kind of information. Formats which we can not read
natively in PHP do not currently benefit from this. However an
event hook will be introduced later.

The CreateFileImageThumbnail event is renamed to:
CreateFileImageThumbnailSource to clarify that the hooks should not
generate their own thumbnails but only the source image. Also it now
accepts File objects, not MediaFile objects.

The thumbnail generation is documented in the source code. For
developers, call 'getThumbnail' on a File object and hope for the best.

Default thumbnail sizes have increased to be more appealing.
2014-04-21 20:46:11 +02:00
Mikael Nordfeldth
86ddf120d7 Better event name (creating thumbnail _source_) 2014-04-21 12:33:41 +02:00
Mikael Nordfeldth
639cf48cc7 OStatus onStartNoticeSourceLink to use exceptions 2014-04-19 22:18:36 +02:00
Mikael Nordfeldth
37e9366e88 We get profiles directly, there's no user object anymore 2014-04-18 22:18:11 +02:00
Mikael Nordfeldth
5ef6ee4bc5 Better plugin description for VideoThumbnails 2014-04-16 22:12:15 +02:00
Mikael Nordfeldth
06d4cecf7f MediaFile thumbnail event hooks + VideoThumbnails plugin
The exception thrown from MediaFile will be caught and simply result in
no thumbnail at all right now. In the future we might use a catch-all
and have a "cannot generate preview"-icon or something.

VideoThumbnails requires php5-ffmpeg and php5-gd.
2014-04-16 21:48:58 +02:00
Mikael Nordfeldth
a2a2105058 HTML5 required attribute for some input forms 2014-04-06 11:27:41 +02:00
Mikael Nordfeldth
220b51d8be Merge commit 'refs/merge-requests/199' of git://gitorious.org/statusnet/mainline into statusnet-merge-requests/199 2014-03-31 13:09:11 +02:00
Mikael Nordfeldth
cb3d863668 Updated and moved XMPP documentation into plugin. 2014-03-11 00:11:25 +01:00
Mikael Nordfeldth
e9e4190b64 IrcManager does not have serverError, so it must throw ServerException 2014-03-10 00:30:41 +01:00
Mikael Nordfeldth
c00491cd7a Cosmetic changes to common_redirect, clientError, serverError
Since these functions exit (or throw exception) after running, there
is no need to have a 'return' statement or similar afterwards.
2014-03-10 00:25:57 +01:00
Mikael Nordfeldth
acbe94936f common_redirect and clientError exits, so refactor
One Event would never be called, and other stuff were redundant clauses.
2014-03-10 00:24:32 +01:00
Mikael Nordfeldth
8d655bc706 Add support for 'nohub' sub_state in FeedSub
(requires upgrade.php run)
2014-03-09 23:03:54 +01:00
Mikael Nordfeldth
779ce40ac3 Add functions to avoid direct variable access 2014-03-09 13:31:05 +01:00
Mikael Nordfeldth
a1b0d5fa7e FeedSub gets a plugin event handler for sub/unsub 2014-03-09 13:27:28 +01:00
Mikael Nordfeldth
940867e39d RegisterThrottle didn't save the created time 2014-03-07 21:23:49 +01:00
Mikael Nordfeldth
326ad9376e Cosmetic changes to RegisterThrottle 2014-03-07 21:03:38 +01:00
Mikael Nordfeldth
4e8697c96e We don't add to inbox anymore. 2014-03-07 00:05:21 +01:00
Mikael Nordfeldth
c4e1cd1289 Added OpportunisticQM README that has good docs 2014-03-06 14:45:18 +01:00
Mikael Nordfeldth
aff6a66178 Add Attention stuff to TwitterBridge 2014-03-06 14:28:27 +01:00
Mikael Nordfeldth
3be0e44490 Stricter typing + user detection in Realtime 2014-03-06 13:23:08 +01:00
Mikael Nordfeldth
2272cc244d Removed Inbox from core (unused since 4b2a66ed29)
Added the following FIXME:
How should a Twitter user get their Inbox filled with foreign tweets?

Every imported Twitter user has a profile in the Profile table, so we
could setup a Subscription entry for each of those, meaning they get
collected in the InboxNoticeStream... But this would mean a lot of
unnecessary entries and listings that generally just point to the
locked down Twitter service.

Let's figure out a good relation so we can connect any profile to any
imported foreign notice, so it shows up in the "all" feed.
2014-03-06 04:46:29 +01:00
Mikael Nordfeldth
4b2a66ed29 New mechanism for "all" feed (InboxNoticeStream)
Also cleaned up and made typing stricter for the stream, so only
profiles can be submitted. This reasonably also means we can create
"inbox" or "all" streams for foreign profiles as well using the same
stream handler (but of course only for messages we already know about).

To avoid looking up posts for a long time in a large notice database,
the lookback period for the inbox is no longer than the profile creation
date. (this matches the behaviour of Inbox)

Inbox class can probably be removed now.
2014-03-06 04:18:54 +01:00
Mikael Nordfeldth
c0f65f6ea7 Merge branch 'master' into FeedPoller 2014-03-06 01:15:19 +01:00
Mikael Nordfeldth
e571e64e9e Make ostatussub conform to coding standards a bit 2014-03-05 13:44:45 +01:00
Mikael Nordfeldth
dc0ae2785d SubMirror now works again against old PuSH
There was a problem with (specifically at least) PuSHpress for
Wordpress. A previous attempt to perform a DB transaction backfired
because the remote side could connect to the callback before our
commit had gone through.

I take full responsibility for introducing the bug in the first place :)
2014-03-03 00:01:13 +01:00
Mikael Nordfeldth
83f50d25c0 Cosmetic changes to SubMirror actions 2014-03-02 23:06:21 +01:00
Mikael Nordfeldth
6f427d7e43 Remove Twitter from SubMirror
Twitter removed Atom feeds in API v1.1, so there is no way to mirror
a feed without screen-scraping or registering a dev account with them.
2014-03-02 22:58:23 +01:00
Mikael Nordfeldth
8ef29b70d1 GNU social naming, not StatusNet 2014-03-02 22:53:48 +01:00
Mikael Nordfeldth
8b04bcb310 Prepare for >1024 RSA keys for Salmon signatures 2014-03-02 11:47:38 +01:00
Mikael Nordfeldth
5c505d8539 Conversation ID now gets set from initial notice.
This will work without much extra effort because there will always be
more notices (higher value) than conversations (so no collisions).

But please run upgrade.php to avoid having an autoincrement id on
conversation table.

Installations using code after 2014-03-01 will have identical
conversation IDs to the initial (conversation root) notice IDs. This
will not affect older installations, which will have very different
values.
2014-03-01 17:12:40 +01:00
Mikael Nordfeldth
fc047bd6e6 Minor code cleanup with group related actions (thanks brw12)
Originated from brw12 who noticed an incorrect variable name used in
an error message in actions/apigroupjoin.php:109
2014-03-01 12:01:17 +01:00
Mikael Nordfeldth
9a03ec98e7 Don't forget to strip 'Plugin'. (_MrB_ rocks, MMN-o sucks.)
Paths are like "plugins/Realtime/...", not "plugins/RealtimePlugin/...".
2014-03-01 11:07:58 +01:00
Mikael Nordfeldth
d6ca90bb21 Partly revert 97830b0701 (thanks _MrB_)
require_once lines were required since _plugins_ don't __autoload

Also, Realtime would load the wrong URL for css/js since $this->name()
returns get_class($this) instead of the calling class' __CLASS__.
2014-02-27 23:30:35 +01:00
Mikael Nordfeldth
1e37f374b3 Making us less dependant on javascript trust
Many of the microapps are pretty javascript dependant, but at least
we should allow users to get to the new notice field without allowing
javascript to run in the browser. :)
2014-02-24 02:05:31 +01:00
Mikael Nordfeldth
97830b0701 Preparing plugins for no-minify-in-core-policy
also making the file structure better with js and css folders for Realtime and LinkPreview
2014-02-24 01:01:34 +01:00
Mikael Nordfeldth
698a7adb83 mentions from OStatus lookup were missing a 'type' attribute in common_linkify_mention 2014-02-23 21:49:55 +01:00
Mikael Nordfeldth
834ecd0f80 Autocomplete now matches remote profiles as well. 2014-02-23 20:12:01 +01:00
Jean Baptiste Favre
711f938892 Fiw TwitterBridge after SSL enforcement (https://dev.twitter.com/discussions/24239) 2014-01-26 22:27:16 +01:00
Mikael Nordfeldth
b81d7c425d better comment for PuSH <0.4 hack 2014-01-01 19:47:41 +01:00
Mikael Nordfeldth
e51f41c069 better comment for PuSH <0.4 hack 2014-01-01 19:43:31 +01:00
Mikael Nordfeldth
b09b968f96 Twitter search server has changed domain name (thanks mrvdb) 2013-12-04 13:43:04 +01:00
Mikael Nordfeldth
710eac403c Cronish jobs by the minute. These run very often!
Minutely will NOT necessarily run by the minute, because it depends on
site visitors. Busy sites will be able to do this, but sites where the
visitors (or search engine stuff or api calls) are more than a minute
apart, the interval will be much larger.
2013-11-20 23:26:41 +01:00
Mikael Nordfeldth
9400795a5f Cron split into Cronish and OpportunisticQM
/main/cron changed to /main/runqueue

The key-required functionality is not throughly tested yet.
2013-11-20 21:20:42 +01:00
Mikael Nordfeldth
b6f5f58f1a Attention structure has changed recently 2013-11-19 13:38:38 +01:00
Mikael Nordfeldth
3dcce8d987 Don't miss integer 0 values from find() 2013-11-19 13:30:14 +01:00
Mikael Nordfeldth
dfd83bd898 GTalk shouldn't be trusted to comply with XMPP nowadays 2013-11-19 13:21:38 +01:00
Mikael Nordfeldth
729c6eef36 Inbox class a bit more consistent in argument order and type 2013-11-09 01:18:44 +01:00
Mikael Nordfeldth
700dce386a WebFingerResource for profiles now WebFingerResource_Profile 2013-11-09 00:49:00 +01:00
Mikael Nordfeldth
1223c17568 Remote StatusNet sites would throw 400 if no hub.verify_token 2013-11-06 12:46:59 +01:00
Mikael Nordfeldth
ab4113168f PuSH 0.4: No outgoing 'sync' verifications. Feed renewal script. No auto-renewal.
Among other things (such as permanent subscriptions), Pubsubhubbub 0.4
removed the "sync" verification method. This means that any incoming
PuSH subscription requests that follow the 0.4 spec won't really
_require_that we handle it as a background process, but if we were to
try direct verification of the subscription - and fail - there's no way
we could  pick up the ball again. So _essentially_ we require background
processing with retries.

This means we must implement something like the "poorman cron" or
similar, so background processing can be handled
on-demand/on-site-visit. This is how Friendica, Drupal etc. handles it
and is necessary for environments where we can't run separate queue
daemons.

When the poorman-cron-ish thing is implemented, auto-renewal will work
for all users.

PuSH 0.4 spec:
    https://pubsubhubbub.googlecode.com/git/pubsubhubbub-core-0.4.html
More on PuSH 0.4 release (incl. breaking changes):
    https://groups.google.com/forum/#!msg/pubsubhubbub/7RPlYMds4RI/2mIHQTdV3aoJ
2013-11-02 20:02:28 +01:00
Mikael Nordfeldth
db889922ac We don't do local_push_bypass 2013-11-02 17:42:32 +01:00
Mikael Nordfeldth
6ef1967cec Notice metadata for WebFinger. Not sure if implemented properly.
This is more of a proof of concept and will likely not stay in exactly
this form. We should reasonably deliver the entire notice upon webfinger
querying.
2013-11-01 17:37:18 +01:00
Mikael Nordfeldth
7ddd561837 Salmon only has one "rel" value now, so start deprecating 2013-11-01 17:00:12 +01:00
Mikael Nordfeldth
6bc11b63e3 What was that NewMenu plugin doing there anyway? 2013-11-01 13:57:31 +01:00
Mikael Nordfeldth
f110fc5c9a Using GNUSOCIAL_VERSION instead of STATUSNET_VERSION 2013-11-01 13:51:41 +01:00
Mikael Nordfeldth
255943d78f User agents and generators changed to GNU social 2013-11-01 13:46:05 +01:00
Mikael Nordfeldth
ca66860a4f Better typing and minor fixes to OStatus related stuff 2013-11-01 13:20:45 +01:00
Mikael Nordfeldth
be62f44ef4 OStatus remote address example now more generic 2013-10-30 15:04:54 +01:00
Mikael Nordfeldth
f75ddaa8aa Getting a profile from URI would throw exceptions on remote URL lookup failures 2013-10-30 14:43:40 +01:00
Mikael Nordfeldth
5efff58213 Use schemaDef when checking database structure 2013-10-30 14:17:54 +01:00
Mikael Nordfeldth
603d2d3891 Minor Ostatus_profile class reference fixes 2013-10-30 14:14:02 +01:00
Mikael Nordfeldth
09ef1fff69 NoticeListItem attentions showed double for User_group
...because they each have their own Profile now! Whiie!
2013-10-30 12:56:17 +01:00
Mikael Nordfeldth
e45edd6ae2 Use addPlugin! (esp. XMPP folks should do this)
If you're using XMPP by setting $config['xmpp'][*] then you should do:

    addPlugin('Xmpp', $config['xmpp']);

because setting it directly in $config[''] won't do anything.

Also, default resource for XMPP is now 'gnusocial'. If you want something
more random, set it in your addPlugin config array.
2013-10-30 12:28:39 +01:00
Mikael Nordfeldth
9b6633698c Group discovery from text functions polished
Also removed the entirely unused saveGroups function.

Now avoiding multiGet and using listFind in Profile->getGroups()
so we don't have to deal with ArrayWrapper.
2013-10-29 13:40:14 +01:00
Mikael Nordfeldth
f8b49e69d0 Protected function prepare with array $args defaulting to array() 2013-10-29 10:26:46 +01:00
Mikael Nordfeldth
2dfa0bfcee function delete in dataobjects now don't break strict syntax 2013-10-29 10:20:57 +01:00
Mikael Nordfeldth
23a6b4595f Reworked the ActivityContext->attention structure
Removing Evan's obscure attentionType solution and directly using the attention array
2013-10-28 22:21:14 +01:00
Mikael Nordfeldth
3ba6374b9d Memcached_DataObject extensions got their update functions more consistent 2013-10-28 19:36:05 +01:00
Mikael Nordfeldth
fa91bc7132 Some getStaticProperty calls to PEAR globalized 2013-10-28 19:03:09 +01:00
Mikael Nordfeldth
fd0a16ba04 acct uri should be caseinsensitive (so let's do our reconstruction in lowercase) 2013-10-28 18:28:53 +01:00
Mikael Nordfeldth
74429835a1 Event handler StartGetProfileAcctUri for WebFinger 2013-10-28 18:26:00 +01:00
Mikael Nordfeldth
fcba540a14 Removed legacy OMB. Use OStatus for remote profiles. 2013-10-28 16:22:09 +01:00
Mikael Nordfeldth
362b6ad2fc ForceGroup and some qvitter API stuff still used staticGet 2013-10-25 13:20:53 +02:00
Mikael Nordfeldth
a38ed0057a Moved jbfavre's Twitter card support to Twitter plugin
It was causing problems with an undefined TWITTER_SERVICE constant.
2013-10-22 20:35:03 +02:00
Mikael Nordfeldth
38da5ec7f7 Ostatus_profile->processShare now backwards compatible against federating StatusNet nodes
StatusNet was improperly defining the id (URI) of the shared object as a
TagURI, while it should've really been the object's URI of course.
2013-10-21 23:25:47 +02:00
Mikael Nordfeldth
ba46c3d360 SHARE activities would not be imported from federated instances for local notices
"[...] posts _local_ users (like you) make won't get data about "repeated by"
from federated users"

This was because the ActivityObject would processShare where the shared object
has a _local_ 'actor' URI. Ostatus_profile would complain this meant that a
"Local user cannot be referenced as remote.".

So we see if the shared activity object's id (URI) is in our Notice table, so
we don't have to processActivity - and can skip ensureActivityObjectProfile.
2013-10-21 23:25:43 +02:00
Mikael Nordfeldth
3cab5b36c1 Replace common_good_random with common_random_hexstr 2013-10-21 13:20:30 +02:00
Mikael Nordfeldth
7233869298 Generate better salt for crypt() 2013-10-21 13:16:03 +02:00
Mikael Nordfeldth
df5aa6f93a Exception wasn't thrown. How does PHP handle daisychained calls, really? 2013-10-21 09:09:32 +02:00
Florian Schmaus
c70a519555 plugins/Xmpp/README fixed typos 2013-10-20 21:05:09 +02:00
Florian Schmaus
b7d45e176b Improved plugins/Xmpp/README
Added the relevant section in INSTALL about queues and daemons to get
the plugin runnig.

Made resource required, as otherwise XMPPHP will send invalid from JIDs
in it's stanzas. For example when my configuration didn't had the
resource part, outbound stanzas looked like this:

<message
	from="gnusocial@example.de/"
	to="flow@example.de"
	type='chat'>
	<body>
	User &quot;flow&quot; on GNU Social has said that your
	XMPP/Jabber/GTalk screenname belongs to them.
	…
	</body>
</message>

Note the '/' at the end of the from attribute, without an actual
XMPP resource. But according to RFC6122 2.1 "every allowable portion of
a JID MUST NOT be zero bytes in length". Causing a jid-malformed
response from the server.

Also, it's nice to know that debug=true will print out all sent and
received stanzas, which helped me to debug the problem.

Furthermore I add a note that if the XMPP services uses DNS SRV records,
'host' has to be configured (in cases where service host != xmpp domain).
2013-10-20 21:05:04 +02:00
Mikael Nordfeldth
a8804010c4 Profile creation always failed because we didn't COMMIT 2013-10-20 17:22:44 +02:00
Mikael Nordfeldth
2729c622ff Minor function definitions so they match Action parent 2013-10-20 17:21:56 +02:00
Mikael Nordfeldth
e868ebfe77 WebFingerResource introduced, instead of strict Profile object
This is the beginning of getting notice URI info via WebFinger

*XrdActionLinks is renamed *WebFingerProfileLinks, check EVENTS.txt
in WebFinger plugin for new events.
2013-10-20 15:48:14 +02:00
Mikael Nordfeldth
e2c50d202f AuthCrypt now tidied up and enabled by default. 2013-10-17 16:36:15 +02:00
Mikael Nordfeldth
6ed66d9c76 Local_group and User are now assumed to be in same namespace 2013-10-17 01:27:01 +02:00
Mikael Nordfeldth
db7ef52d13 Better use of Nickname validation functions
Nickname verifications on registration and updates for profiles (not yet
groups) have been improved.

Minor bugs in RegisterAction were also fixed, where multiple forms would
be outputed because the function did not return after showForm(). This
will be solved more permanently with throwing exceptions in the future.
2013-10-16 15:38:54 +02:00
Mikael Nordfeldth
f46d675a20 GNU social is with a minor s. 2013-10-15 00:20:36 +02:00
Mikael Nordfeldth
a8bcdc905f common_sql_now() is recommended before DB_DataObject_Cast::dateTime() 2013-10-14 13:42:27 +02:00
Mikael Nordfeldth
390556d932 Remote Profile Action from ModPlus now more generic 2013-10-08 21:08:02 +02:00
Mikael Nordfeldth
8912cdc7a4 Validate::uri replaced with filter_var for HTTP[S] URL checks
Also, a bug in checking the OAuth callback URL for validity was fixed,
where it referenced the wrong variable when going through form data.
2013-10-07 14:46:09 +02:00
Mikael Nordfeldth
34a6624452 Qvitter API changes (thanks hannes2peer)
I implemented changes from quitter.se's new API that their front-end qvitter
uses, https://github.com/hannesmannerheim/qvitter/blob/master/api-changes-1.1.1/CHANGES

However I left out the URL shortening commens, since I believe whatever behaviour
they experienced that caused them to implement this was a bug (or many) and should
be fixed in their proper areas and that shortening should not be entirely left
out in API calls.
2013-10-06 21:51:50 +02:00
Mikael Nordfeldth
fb94a16217 Moved Avatar retrieval into Avatar class
Backwards compatible functions are still in Profile class.
2013-10-06 15:55:06 +02:00
Mikael Nordfeldth
78f9629bf3 Moved shareLocation preference check to Profile class 2013-10-06 13:38:09 +02:00
Mikael Nordfeldth
cc34bb48c7 OAuth related syntax fixes, nothing big
Making better use of class autoloading too.
2013-10-06 12:43:18 +02:00
Mikael Nordfeldth
64dbd93534 Some PHP strict warning fixes 2013-10-06 03:37:12 +02:00
Mikael Nordfeldth
1c042028dc PCRE modifier /e is deprecated in favour of preg_replace_callback() 2013-10-06 03:27:16 +02:00
Mikael Nordfeldth
4cfd0d24c1 Group logos would not be fetched
update_ostatus_profiles.php did this correctly, but not Ostatus_profile.php
2013-10-06 01:33:27 +02:00
Mikael Nordfeldth
ba481d1e31 LOG_WARNING, not LOG_WARN 2013-10-06 01:33:10 +02:00
Mikael Nordfeldth
48da97f204 MediaFile code improvements, preparing to implement multi-attachments
Maybe in the future we can use this for anonymous file uploads too?
With some kind of anonymous/pseudonymous profile. That'd be neat.
2013-10-05 18:47:45 +02:00
Mikael Nordfeldth
8fdc999be4 IM/XMPP Plugin classes use throwing getParent 2013-10-05 12:30:52 +02:00
Mikael Nordfeldth
e1b5798ba4 Merge-request 3 by pztrn, IM reply more intuitive 2013-10-05 11:36:03 +02:00
Mikael Nordfeldth
d1558a1d8b Fix Avatar-unlink plus better logging in TwitterImport 2013-10-05 11:32:43 +02:00
pztrn
9824b00f4b Adopted merge request #232 from statusnet to gnusocial 2013-10-05 12:36:48 +04:00
Mikael Nordfeldth
1795267df9 Latest phpseclib stuff and moved into its own dir.
Source: https://github.com/phpseclib/phpseclib/
Commit: 77447a3fc7869773007fa3beeb8d6f8de842ec2a

There were bugs.
2013-10-05 00:22:14 +02:00
Mikael Nordfeldth
fb4e9b234d Twitter Import improvements. Still buggy?
Apparently mrvdb has problems with duplicate inserts and missing files when
unlinking. It could be due to coding, or it could be due to parallelizing.
2013-10-04 13:36:45 +02:00
Mikael Nordfeldth
cd6fa512ac Twitter Import + avatar fixes (cleaning up + fixing)
...there was also a typo in OstatussubAction ($avatarUrl not defined)
2013-10-03 15:28:51 +02:00
Mikael Nordfeldth
39f43e415d Do not name anything getOriginal (because DB_DataObject calls that)
Avatar->getOriginal has been renamed getUploaded
Notice->getOriginal has been renamed getParent
2013-10-02 15:01:11 +02:00
Mikael Nordfeldth
ba5e90164c Plugin onAutoload replaces _ with / in lib paths, this renames some classes. 2013-10-02 14:07:53 +02:00
Mikael Nordfeldth
b0dfc70a54 Properly unlink all old avatars when deleting/uploading a new
We're also now using $config['image']['jpegquality'] to determine the
quality setting for resized images.

To set Avatar max size, adjust $config['avatar']['maxsize']

The getAvatar call now throws exceptions too. Related changes applied.
Now let's move Profile->avatarUrl to the Avatar class!
2013-10-01 17:00:10 +02:00
Mikael Nordfeldth
a7e748479c Fixed regression in OStatus sub from WebFinger/XML_XRD update
XML_XRD::getAll requires arguments (at least relation). If one really
want all links, just get the 'links' array. It's public!

Also, not all XML_XRD_Element_Link were migrated from the previous
array style.
2013-09-30 23:33:28 +02:00
Mikael Nordfeldth
a23c4aa236 Avatar resizing improvements and better code reuse
* getOriginal added to Avatar class
    This is a static function that retrieves the original avatar in a leaner
    way than Profile->getOriginalAvatar() did (see below).
    This will throw an Exception if there was none to be found.

* getProfileAvatars added to Avatar class
    This gets all Avatars from a profile and returns them in an array.

* newSize added to Avatar class
    This will scale an original avatar or throw an Exception (originally from
    Avatar::getOriginal) if one wasn't found.

* deleteFromProfile added to Avatar class
    Deletes all avatars for a Profile. This makes the code much smarter when
    removing all avatars from a user.
    Previously only specific, hardcoded (through constants) sizes would be
    deleted. If you ever changed lib/framework.php then many oddsized avatars
    would remain with the old method.

* Migrated Profile class to new Avatar::getOriginal support
    Profile class now uses Avatar::getOriginal through its own
    $this->getOriginalAvatar and thus remains backwards compatible.

* Updating stock GNU Social to use Avatar::getOriginal
    All places where core StatusNet code used the
    $profile->getOriginalAvatar, it will now useAvatar::getOriginal with
    proper error handling.

* Updated Profile class to use Avatar::newSize
    When doing setOriginal, the scaling will be done with the new method
    introduced in this merge.
    This also edits the _fillAvatar function to avoid adding NULL values to
    the array (which causes errors when attempting to access array entries as
    objects). See issue #3478 at http://status.net/open-source/issues/3478
2013-09-30 22:23:03 +02:00
Mikael Nordfeldth
a0e107f17f Implemented WebFinger and replaced our XRD with PEAR XML_XRD
New plugins:
* LRDD
    LRDD implements client-side RFC6415 and RFC7033 resource descriptor
    discovery procedures. I.e. LRDD, host-meta and WebFinger stuff.

    OStatus and OpenID now depend on the LRDD plugin (XML_XRD).

* WebFinger
    This plugin implements the server-side of RFC6415 and RFC7033. Note:
    WebFinger technically doesn't handle XRD, but we serve both that and
    JRD (JSON Resource Descriptor), depending on Accept header and one
    ugly hack to check for old StatusNet installations.

    WebFinger depends on LRDD.

We might make this even prettier by using Net_WebFinger, but it is not
currently RFC7033 compliant (no /.well-known/webfinger resource GETs).

Disabling the WebFinger plugin would effectively render your site non-
federated (which might be desired on a private site).

Disabling the LRDD plugin would make your site unable to do modern web
URI lookups (making life just a little bit harder).
2013-09-30 22:04:52 +02:00
Joshua Judson Rosen
44f7ad612a Correctly distribute notices from remote posters through local groups to remote group-members via OStatus.
Allow the OStatus queue-handler to handle all posts,
and give it the smarts required to make correct decisions
about whether it should or shouldn't relay notices
over OStatus.
cf. http://status.net/open-source/issues/3540

Conflicts (staticGet => getKV):

	plugins/OStatus/lib/ostatusqueuehandler.php
2013-09-29 23:19:11 +02:00
Joshua Judson Rosen
9844ec76e9 Make the ForceGroup plugin work consistently for notices from remote users. 2013-09-29 23:12:40 +02:00
Joshua Judson Rosen
8e5d58fe2a Make paging work correctly in the user-directory
even with the default filter set (i.e.: `all' = `no filter', so intrepret `filter=all' as `no filter').
2013-09-29 23:10:40 +02:00
Mikael Nordfeldth
981295f44c Autocomplete action must exist on user registration
No need to restrict the autocomplete suggestion system to logged in users.
It only botched the registration process, because the 'autocomplete' action
had not been connected in the routing system.
2013-09-29 15:28:25 +02:00
Mikael Nordfeldth
633191d808 Making sure scripts and tests check for GNUSOCIAL defined (instead of STATUSNET)
Orbited plugin may not work at all anymore, I had no means to try it.
But there's a check whether 'LACONICA' is defined there, which is a
very unlikely thing in the future. So far only tests and scripts have
been migrated consistently, though.
2013-09-28 15:20:10 +02:00
Mikael Nordfeldth
64df40e409 Filling in missing endHTML calls for Action AJAX
This completes 1c6f9df80e where a lot
of other functions were fixed (by conforming to startHTML and endHTML)
2013-09-24 02:32:17 +02:00
Mikael Nordfeldth
f7719b57f2 phpseclib extlib updated from phpseclib.sf.net 2013-09-24 02:09:37 +02:00
Mikael Nordfeldth
1c6f9df80e PHP5.5 fix: Better use of startXML for Action classes (mostly AJAX)
I had a problem with PHP5.5 that caused ajax responses to be empty. This
fixes it, as the problem was related to pretty inconsistent calling to
headers, XMLWriter::startDocument etc. etc.
2013-09-24 01:18:33 +02:00
Mikael Nordfeldth
8205c56e25 Stylesheet event now removed of StatusNet-remnants 2013-09-23 22:13:12 +02:00
Mikael Nordfeldth
5f1fea1488 FavorAction upgraded to extend FormAction
Includes some minor changes to other things as well, such as the session
token input element now having the same 'name' attribute as everyone else.
(it still retains a 'token-'+noticeid 'id' attribute for clientside JS)
2013-09-23 13:06:09 +02:00
Mikael Nordfeldth
f711f9ee75 Fixed regression in bookmark.js that caused double-submits (jquery 2.x stuff)
In 6de3fc0217 bookmark.js was patched to
jquery 2.x (removed '.die' call) but unfortunately the 'submit' event
was attached to an input element instead of a form element (which got
a 'click' event).
2013-09-23 12:07:37 +02:00
Mikael Nordfeldth
63306081bc Subscription "get by" functions now don't use ArrayWrappers
They were getting in the way of some strict-typing stuff.
2013-09-21 18:38:14 +02:00
Mikael Nordfeldth
93e878d7ca Make better use of Subscription class
removed lib/subs.php as it was essentially only a wrapper for Subscription
2013-09-19 17:29:05 +02:00
Mikael Nordfeldth
8935a2f866 Autocomplete migrated to jquery-ui autocomplete
No longer bundled with the library (as jquery-ui is bundled with the
main software, including the autocomplete part).

Rewrites had to be made to migrate, as several API things had changed
when jquery-ui took over the library.

Currently (like before, right?) this only autocompletes in the end of
the current textarea. So you can't jump back in the middle of a text
and autocomplete a user or group. This is a serious deficiency, though
not a regression.
2013-09-16 22:10:08 +02:00
Mikael Nordfeldth
83b852312a Events on user registrations now strictly typed 2013-09-14 18:37:05 +02:00
Mikael Nordfeldth
6de3fc0217 jquery 2.x update related fix (.die no longer defined) 2013-09-14 13:41:04 +02:00
Mikael Nordfeldth
dfa1b15dd6 Changing js .live calls to .on for jquery 2.x 2013-09-10 18:52:09 +02:00
Mikael Nordfeldth
a9c4bcd71f Removing unnecessary require_once lines (autoload!) 2013-09-09 23:06:56 +02:00
Mikael Nordfeldth
747fe9d59b Tidying up getUser calls to profiles and some events
getUser calls are much more strict, and one place where this was found was
in the (un)subscribe start/end event handlers, which resulted in making the
Subscription class a bit stricter, regarding ::start and ::cancel at least.
Several minor fixes in many files were made due to this.

This does NOT touch the Foreign_link function, which should also have a more
strict getUser call. That is a future project.
2013-09-09 23:03:34 +02:00
Mikael Nordfeldth
bd24ab6855 Fixed comment description in STS plugin 2013-08-29 16:20:43 +02:00