Commit Graph

2378 Commits

Author SHA1 Message Date
Mikael Nordfeldth
8356c2495c Use mb_* and strict === comparison 2016-02-26 13:52:25 +01:00
mmn
722ff4d9c0 Merge branch 'foolproof_file_redirection_branch' into 'nightly'
Foolproof file redirection

This solves an issue when our internal /attachment/{file_id} links are shortened with an remote shorteners (which caused the /attachment/{file_id} links to be saved to the File table and a thumbnail of a thumbnail being generated)

See merge request !98
2016-02-26 12:49:10 +00:00
mmn
fae9e27365 Merge branch 'group-autocomplete' into 'nightly'
Fix !group autocomplete

"Call to undefined method User_group::getFullname"

See merge request !108
2016-02-26 12:30:19 +00:00
Mikael Nordfeldth
c58228195b Make sure the saved Notice has an ID 2016-02-26 01:11:20 +01:00
Mikael Nordfeldth
519e3308ab Use mb_strlen to see if something is an empty string 2016-02-26 01:04:59 +01:00
Mikael Nordfeldth
aeb2e282db Commented on the mime extension matching regexp 2016-02-25 22:32:54 +01:00
Mikael Nordfeldth
bac37d1714 syntax error 2016-02-25 22:17:44 +01:00
Mikael Nordfeldth
e6e1705852 Make uploads work properly if we accept _all_ attachment types
Also introduced $config['attachments']['extblacklist'] that can disable
certain file extensions (or rewrite them, for example php => phps)
2016-02-25 22:15:54 +01:00
Mikael Nordfeldth
6336248d71 Notice getRendered() can now be called on uninserted notices 2016-02-25 20:13:00 +01:00
Mikael Nordfeldth
e69f878241 Notice getRendered() can now be called on uninserted notices 2016-02-25 15:48:37 +01:00
Mikael Nordfeldth
e3e3a91734 Correct comment on Notice->conversation in table schema 2016-02-24 19:34:44 +01:00
Chimo
54da2526ed Fix !group autocomplete
"Call to undefined method User_group::getFullname"
2016-02-24 13:00:15 -05:00
Mikael Nordfeldth
731fd01139 Allow easy fetching of rel="me" values 2016-02-24 16:42:54 +01:00
Mikael Nordfeldth
3ef573f67c Default to profile size in Avatar::defaultAvatar 2016-02-24 16:42:35 +01:00
Mikael Nordfeldth
d672547112 getAliases should be only a list (numeric array) 2016-02-23 14:33:09 +01:00
Mikael Nordfeldth
b59dacb806 getAliases for Profile and Notice
Also move fancyurlfix into site-wide $config['fix']['fancyurls']

TODO: getByUri should make use of this directly I guess?
2016-02-23 14:00:59 +01:00
Mikael Nordfeldth
d16a883e17 Allow lookup of User->getByUri (throws NoResultException) 2016-02-21 18:47:47 +01:00
hannes
501d081d3b getKV doesn't throw exception 2016-02-16 19:16:05 +00:00
Mikael Nordfeldth
83f679fb57 Profile->isPrivileged() to check if users have more rights than to post etc. 2016-02-12 14:47:49 +01:00
Mikael Nordfeldth
e5ad98e601 Silence action can only be used on non-priviliged users 2016-02-12 14:22:25 +01:00
Mikael Nordfeldth
5dce08d068 Add Profile::ensureCurrent() to verify we _certainly_ got a Profile. 2016-02-12 13:52:48 +01:00
Mikael Nordfeldth
733debd9b3 Use thumbnail upscaling config value 2016-02-10 04:40:54 +01:00
Mikael Nordfeldth
dd229e855a Allow finding the "original remote thumbnail"
This will probably cause older oEmbed images not to show, since they
probably were updated to use empty url entries because they were thought
of as local ones. During a migration period maybe you want to change
the default value of notNullUrl to 'false' in File_thumbnail::byFile(...)
2016-02-10 04:37:43 +01:00
Mikael Nordfeldth
893d888152 Add urlhash field to File_thumbnail for indexing 2016-02-10 04:15:41 +01:00
Mikael Nordfeldth
49b7648fea Managed_DataObject gets onInsert and onUpdate 2016-02-10 03:37:27 +01:00
Mikael Nordfeldth
ec257d940a Either use or don't use HTTPS
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
2016-02-10 00:57:39 +01:00
Mikael Nordfeldth
3dea259f52 Return intval from getID() 2016-02-08 12:21:46 +01:00
Mikael Nordfeldth
e903bd0bc3 Hacky support for geo URI detection
Won't work with common_purify yet because there is no geo uri scheme for it
2016-02-03 14:19:08 +01:00
Mikael Nordfeldth
6a4aa34b0c Don't process further in redirection if HEAD gives 400 Bad request 2016-02-03 00:34:49 +01:00
Mikael Nordfeldth
40cffb9463 File::isProtected is static 2016-02-03 00:22:18 +01:00
Mikael Nordfeldth
c6ae883ad2 Don't trust local HTML either
If we reallyreally want to include <img> or <script> or whatever then we
have to do that after Notice::saveActivity sets ->rendered.
2016-01-30 00:00:37 +01:00
hannes
f708a5b016 Never save our /attachment/{file_id} links as links in the file table, return the old file 2016-01-29 00:36:30 +00:00
hannes
efd2326a29 the last url in the redirection chain can actually also be a redirection (e.g. if it's one of our /attachment/{file_id} links) 2016-01-29 00:34:32 +00:00
Mikael Nordfeldth
efe23ed404 updateWithKeys now understands multi-column keys
and automatically identifies _which_ columns are the right ones,
so for example 'uri' primary keys don't need to be explicitly set
2016-01-28 16:42:59 +01:00
hannes
a888294135 add our own protected urls 2016-01-25 19:00:46 +00:00
hannes
ca0c792ed3 File and File_redirection records are saved in File_redirection::where() now 2016-01-25 19:00:05 +00:00
hannes
48e1a2431b save File and File_redirection records in File_redirection::where(), because then we will have to run where() over and over again 2016-01-25 18:55:48 +00:00
Mikael Nordfeldth
a9d18a077e Harmonize, clarify, categorize URL schemes
Regular expression + avoid-redirection list now match each other.
2016-01-24 12:47:31 +01:00
Mikael Nordfeldth
1cec627d72 Allow bitcoin scheme to URLs 2016-01-24 12:44:28 +01:00
Mikael Nordfeldth
f74d2d555c Working on some RSVP code stuff 2016-01-21 02:10:34 +01:00
Mikael Nordfeldth
5999171c11 Throw NoObjectTypeException on Notice->getObjectType if no string 2016-01-20 21:37:14 +01:00
Mikael Nordfeldth
7715ea993b getVerb function in Notice class 2016-01-18 22:02:05 +01:00
Mikael Nordfeldth
6c46a93a81 Minor improvements on Notice::saveActivity 2016-01-18 19:29:45 +01:00
Mikael Nordfeldth
11b925c4ca Use a function to getCreated() 2016-01-18 17:03:37 +01:00
Mikael Nordfeldth
deda83fdef Distinguish notice saving errors from others for Salmon 2016-01-16 22:39:04 +01:00
Mikael Nordfeldth
a85a08ff35 Add a check in Notice->asActivityObject that we're actually returning such a thing! 2016-01-16 21:13:26 +01:00
Mikael Nordfeldth
fdfa71a033 Extremely verbose debugging is annoying 2016-01-16 18:04:04 +01:00
Mikael Nordfeldth
1f76c1e4a9 Initial user doesn't need as strict checking on email 2016-01-16 17:23:50 +01:00
Mikael Nordfeldth
0caf0612d0 Make Twitter Media upload API v1.1 reach us
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
Mikael Nordfeldth
45dd343126 Eventify Notice getAsTimestamp (for Deleted_notice) 2016-01-13 21:01:47 +01:00
Mikael Nordfeldth
961725205d Try if Profile is a Person (in effect ActivityObject::PERSON) 2016-01-13 18:34:48 +01:00
Mikael Nordfeldth
e75472f460 Use the upstream function to get effectiveUrl 2016-01-13 14:00:05 +01:00
Mikael Nordfeldth
b696fb4eb1 Mimetypes like image/svg+xml were misinterpreted when guessing
We don't really need the mb_ in mb_strtolower but what the heck, why not. I love Unicode.
2016-01-12 13:46:25 +01:00
Mikael Nordfeldth
93c614c184 Do updateWithKeys properly if someone would like to update PRI 2016-01-11 19:52:33 +01:00
Mikael Nordfeldth
67801a5566 Not only local groups should be added to group inbox notificiation table 2016-01-09 15:14:38 +01:00
Mikael Nordfeldth
5ef10a14ef Get group attentions too for outbound notices 2016-01-09 15:06:44 +01:00
Mikael Nordfeldth
c3c5a9974d Do proper fromUri lookup on groups too 2016-01-09 14:36:47 +01:00
Mikael Nordfeldth
d1e609a886 Local user profile getUrl gives dynamically generated URL 2016-01-09 13:47:38 +01:00
Mikael Nordfeldth
f143925931 Actually return the group home URL 2016-01-09 13:33:30 +01:00
Mikael Nordfeldth
28cd5640c1 Save attentions to Reply table for backwards compatibility
local users only of course
2016-01-08 01:59:16 +01:00
Mikael Nordfeldth
c48871cf1b Notice from web now saves context->attention too! ;) 2016-01-07 23:24:15 +01:00
Mikael Nordfeldth
6255e1dca3 saveAttentions, trying to move away from saveReply 2016-01-07 23:23:51 +01:00
Mikael Nordfeldth
3eebf2a353 Don't store the notice object for distrib queue handler, just id 2016-01-07 20:24:59 +01:00
Mikael Nordfeldth
d4be5349b3 think I have managed to show oEmbed images better now 2016-01-07 17:35:37 +01:00
Mikael Nordfeldth
9e5c71e701 Fixed group representation in Directory plugin, also some ->raw calls 2016-01-07 12:58:14 +01:00
Mikael Nordfeldth
839ae571d8 Define User_group::$profile_id among class variables 2016-01-07 12:12:27 +01:00
Mikael Nordfeldth
94392ab00c Index the verb column since we do COUNT(*) based on it 2016-01-07 11:39:46 +01:00
Mikael Nordfeldth
05d3622939 Conversation entries where id==0 would screw up the "re-auto-increment" sequencing 2016-01-06 22:26:17 +01:00
Mikael Nordfeldth
f1c4c64cd9 Don't update stored URLs just because we have a filename
This would overwrite remote URLs with local verisons which removes source href...
The reason one might have filenames for remote URLs is that StoreRemoteMedia plugin
fetches them and uses the filename field.
2016-01-06 19:24:03 +01:00
Mikael Nordfeldth
346e34e543 Return dynamically generated URLs for thumbnails for all locally stored entries 2016-01-06 19:06:29 +01:00
Mikael Nordfeldth
4352d1739d Always generate notice URLs on the fly for local notices
Related to issue #118
2016-01-06 16:24:33 +01:00
Mikael Nordfeldth
1a1e44cdfd Issue #118 wanted better TOR support, now Avatar URLs are not stored
There was no reason to store the generated Avatar URLs because it's so
cheap to generate them on the fly.
2016-01-06 16:14:26 +01:00
Mikael Nordfeldth
7b2036a4b5 Note in the debug log if we render the HTML of a message 2016-01-06 15:37:30 +01:00
Mikael Nordfeldth
b596391fcd Avoid having to check for notices without rendered copies in upgrade.php
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Mikael Nordfeldth
0fd2ad649e Conversation IDs (again) no longer based on Notice ID 2016-01-06 13:58:46 +01:00
Mikael Nordfeldth
59d3bbe037 Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes 2016-01-06 00:53:20 +01:00
mmn
d45457e4a9 Merge branch 'nightly' into 'nightly'
only count post-notices (i.e. don't include activity-notices in statuses_count in the API)



See merge request !73
2016-01-05 23:53:08 +00:00
Mikael Nordfeldth
1946197a1c Merge request #10 by aroque but in a slightly different version 2016-01-06 00:48:03 +01:00
hannes
32549cfd8c $notices->verb = ActivityVerb::POST; 2016-01-05 23:29:48 +00:00
Mikael Nordfeldth
31c8416a8f Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes 2016-01-06 00:24:41 +01:00
mmn
956e053da6 Merge branch 'lookup_url_fix' into 'nightly'
makes url lookup work and adds full url to href for shortened links



See merge request !74
2016-01-05 23:24:16 +00:00
Mikael Nordfeldth
792b62874e Require Profile for Profile->getLists 2016-01-06 00:18:10 +01:00
hannes
1c25cffbd8 add $redir->redir_url to use in common_linkify() 2016-01-05 23:07:24 +00:00
Mikael Nordfeldth
3d66d960a1 Require Profile for Profile->getOtherTags 2016-01-06 00:07:15 +01:00
Mikael Nordfeldth
8ad6b8809a Don't abort on too long notices in Notice::saveActivity 2016-01-05 17:31:09 +01:00
hannes
e10691abea only count post-notices (i.e. don't include activity-notices in statuses_count in the API) 2016-01-05 14:19:33 +00:00
Mikael Nordfeldth
701f6ff608 Allow Profile->getCurrentNotice to send scoped profile info
not that we're using it anywhere (yet anyway).
2016-01-04 21:42:24 +01:00
Mikael Nordfeldth
6a16939830 Profile->getCurrentNotice handles PrivateStreamException 2016-01-04 21:38:41 +01:00
Mikael Nordfeldth
b4b57bba54 EmptyIdException to make sure we get the right in catch 2016-01-03 22:56:48 +01:00
Mikael Nordfeldth
7266a968f9 Err, forgot semicolon. 2016-01-03 22:22:58 +01:00
Mikael Nordfeldth
f467b89f40 Try-catch on profile deletion unsubscribe actions 2016-01-03 22:21:03 +01:00
Mikael Nordfeldth
c19964094b Pending subscription requests now work as they should
A slight layout issue with the buttons still persists
2016-01-03 20:27:53 +01:00
Mikael Nordfeldth
b374e5f08b If a user has a private stream, assume a moderated subscription policy 2016-01-03 19:33:26 +01:00
Mikael Nordfeldth
df0f9547b5 Handle private streams better (failed to show profile before) 2016-01-03 19:16:29 +01:00
Mikael Nordfeldth
336f099241 Don't store object type for verbs (as they don't have it) 2016-01-02 16:05:20 +01:00
Mikael Nordfeldth
0dfafe2567 NewnoticeAction now uses Notice::saveActivity(...) 2016-01-01 20:18:54 +01:00
Mikael Nordfeldth
f4309ed715 whitespace switch for code layout 2016-01-01 18:43:37 +01:00
Mikael Nordfeldth
e02c10a589 common_render_content doesn't require a Profile now 2016-01-01 18:40:58 +01:00
Mikael Nordfeldth
ad4beb9091 ->getID() instead of ->id 2016-01-01 18:21:54 +01:00
Mikael Nordfeldth
10973dcf69 Don't require a notice object to common_linkify_mentions 2016-01-01 18:20:42 +01:00
Mikael Nordfeldth
86106b890a Output fixed sizes of thumbnails so we don't get jumpy scrolling 2016-01-01 14:13:16 +01:00
Mikael Nordfeldth
7adf1c99fc s/LOG_ERROR/LOG_ERR/ 2015-12-31 13:04:50 +01:00
Mikael Nordfeldth
7f1ce07e9f Logging destinations and unnecessary debug 2015-12-31 13:00:20 +01:00
Mikael Nordfeldth
6606781916 Proper error message in exception 2015-12-31 12:41:02 +01:00
Mikael Nordfeldth
df19791a8f Wups, $notice not $stored in the old function... 2015-12-31 02:37:42 +01:00
Mikael Nordfeldth
8b0fdfb4a0 Notice conversation is perhaps not set yet 2015-12-31 02:35:13 +01:00
Mikael Nordfeldth
7cf6aaecd0 Don't do saveKnownReplies unless it's a verb=post 2015-12-31 02:31:35 +01:00
Mikael Nordfeldth
66289d3e76 Use recently implemented functions in saveKnownReplies 2015-12-31 02:22:49 +01:00
Mikael Nordfeldth
29847f172f setPassword now runs validate too 2015-12-30 17:51:57 +01:00
Mikael Nordfeldth
d7a8ee99af Added User->setPassword($password) 2015-12-30 17:44:24 +01:00
Mikael Nordfeldth
998db39b1a Notification mails are sent again fixes ssue #99
The problem was that the ActivityVerbPostPlugin handled 'post' verbs
but didn't handle the notifications for them, so now we're returning
true in the event so the default behaviour (sending to 'getReplies'
recipients) is done by default.
2015-12-30 17:35:47 +01:00
hannes
08be0e5c67 fixes this issue: https://quitter.se/notice/4344600 2015-12-30 01:54:48 +00:00
Mikael Nordfeldth
4bc0b374bc File_redirection should get URLs properly 2015-12-27 21:36:23 +01:00
Mikael Nordfeldth
556d6e198f Confirm_address field address_extra _can_ be NULL 2015-12-27 15:01:28 +01:00
Mikael Nordfeldth
12d77ac3e4 varchar to text since there's no reason to limit the fields
They caused problems when quitter.se was upgrading because someone was
named ryanjjjjjjjjjjjjjjjjjjj[and more than 191 'j's] etc.
2015-12-27 11:50:11 +01:00
Mikael Nordfeldth
0ac71c2b7b Duplicate URI means we have it already, I assume 2015-12-27 01:40:00 +01:00
mmn
48f31928e9 Merge branch 'autocomplete-group' into 'nightly'
Autocomplete group

Group autocompletion wasn't working for a couple of reasons:

1. $profile wasn't set (d8092207c0)
2. Profile::getUri() wasn't working for Groups, causing Profile::getAcctUri() to throw a ProfileNoAcctUriException (3e830dad37)

See merge request !68
2015-12-23 21:04:18 +00:00
Chimo
90945e548b Profile_prefs::getAll fix prefs loop
DataObject::fetch doesn't return an object.
2015-12-17 14:58:06 +00:00
Chimo
71119e4980 Profile_prefs::getAll fix call to listFind
2nd argument needs to be an array
2015-12-17 14:55:39 +00:00
Chimo
3e830dad37 Make Profile::getUri work with Groups
and by extension Profile::getAcctUri
2015-12-15 21:50:10 -05:00
Mikael Nordfeldth
ef4c11d262 Better checks for defined array indexes 2015-12-15 11:50:57 +01:00
mmn
2dd968f94e Merge branch 'group-join-rejections' into 'nightly'
Fix group-join request rejections

Relates to #105 

See merge request !65
2015-12-14 20:48:18 +00:00
mmn
d5d8068632 Merge branch 'group-members-pending' into 'nightly'
Fix "pending members" group list

Related to #104 

See merge request !64
2015-12-14 20:47:47 +00:00
Mikael Nordfeldth
20592f184d getID() will complain loudly if something is wrong
(just ->id would not)
2015-12-14 21:44:59 +01:00
Mikael Nordfeldth
42c653a9d0 Merge commit '5c4a7a10' into nightly
hannes making sure notice is a repeat and not a delete activity notice
2015-12-14 21:42:08 +01:00
Mikael Nordfeldth
441e2c8d34 redir_info only has data if we ran discovery 2015-12-08 11:42:09 +01:00
Mikael Nordfeldth
376d545082 Remember to purify HTML... 2015-12-05 15:56:50 +01:00
Chimo
6d9ea620a3 Fix group-join request rejections 2015-12-04 16:11:15 +00:00
Chimo
a06dc57621 Fix "pending members" group list 2015-12-04 15:47:40 +00:00
hannes
1eba33590b ActivityVerb::SHARE instead of http://activitystrea.ms/schema/1.0/share 2015-11-22 20:26:08 +00:00
hannes
70695a1463 make sure the notice is a repeat, i.e. not a delete activity notice that also can have a repeat_of set 2015-11-22 18:59:56 +00:00
mmn
b33b40db45 Merge branch 'refactor-file-processNew' into 'nightly'
Refactor on File::processNew

The code was so involved there was even a comment asking for a refactor.

Now, File_redirection::where always returns a nice File_redirection
object instead of an array or string or nothing.  The object is
either one which already existed or else a new, unsaved object.

Instead of duplicating "does it exist" checks everywhere, do it in
File_redirection::where.  You either get what exists or something to save.

An unsaved File_redirection may be paired with an unsaved File.
You will want to save the File first (using ->saveFile()) and put the
id in File_redirection#file_id before saving.

See merge request !57
2015-11-20 17:50:01 +00:00
Mikael Nordfeldth
d0e7203d88 Make it clearer that we're handling group IDs 2015-11-08 23:31:45 +01:00
abjectio
507f9a28c0 Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into nightly 2015-11-05 17:34:34 +01:00
Stephen Paul Weber
a9b1b60a97 Refactor on File::processNew
The code was so involved there was even a comment asking for a refactor.

Now, File_redirection::where always returns a nice File_redirection
object instead of an array or string or nothing.  The object is
either one which already existed or else a new, unsaved object.

Instead of duplicating "does it exist" checks everywhere, do it in
File_redirection::where.  You either get what exists or something to save.

An unsaved File_redirection may be paired with an unsaved File.
You will want to save the File first (using ->saveFile()) and put the
id in File_redirection#file_id before saving.
2015-11-02 05:15:08 +00:00
Chimo
d7b58491ce Add User_group::getObjectType
Since 174586bd51, I'm unable to join groups with the logs complaining
about getObjectType not existing on the User_group object.
2015-10-29 20:11:57 -04:00
abjectio
aa5bbdf6e5 Bug in catch(Exception) - parameter wrongly written 2015-10-16 23:48:05 +02:00
abjectio
626333a59e geParent() method will fail if the parent notice does not exist in the notice table. See https://quitter.no/notice/709400 2015-10-14 18:50:39 +02:00
Mikael Nordfeldth
d260808cd3 intval for type assurance 2015-10-14 01:16:22 +02:00
Mikael Nordfeldth
79c40bc73b Type-aware comparison is necessary for Notice is_local/scope 2015-10-14 00:42:15 +02:00
Mikael Nordfeldth
236bf0b0f5 Remote notice creators should not have notice is_local default to LOCAL_PUBLIC 2015-10-14 00:10:01 +02:00
Mikael Nordfeldth
5b307c0417 Add a url test in Notice::saveActivity 2015-10-13 23:39:40 +02:00
Mikael Nordfeldth
4b69ef41e2 Bad variable name in File_redirection 2015-10-13 22:57:45 +02:00
Mikael Nordfeldth
67e7bc55ea Bookmarks are almost migrated
Now they are just not being saved in the bookmark table.
2015-10-12 17:48:23 +02:00
Mikael Nordfeldth
7834e67583 Just a functionifying of Notice->rendered 2015-10-12 17:16:13 +02:00
mmn
77951647ce Merge branch 'oauth-default-icon' into 'nightly'
Add default icon to OAuth apps

When MySQL runs in strict mode, it doesn't seem possible to add a new OAuth app.

This is because:
 * The 'icon' field has no defaults and also has NOT NULL constraint.
 * GS uploads/sets the icon[1] (if provided) after the SQL insert[2]

The easiest fix seemed to be to provide a default icon value.
This change sets the default to the  "blue peg" default avatar from the base theme.

[1]
7f30e61402/actions/newapplication.php (L176)

[2]
7f30e61402/actions/newapplication.php (L186)

See merge request !29
2015-10-10 20:34:22 +00:00
Mikael Nordfeldth
fe9457daea Syntax and minor fixes
Deleted_notice and Bookmark getByPK assocative array for example.
2015-10-10 22:23:24 +02:00
Mikael Nordfeldth
174586bd51 Some code aligning for consistency 2015-10-10 22:09:51 +02:00
Mikael Nordfeldth
37f2da03e1 newUri might as well be put in Managed_DataObject 2015-10-10 21:31:26 +02:00
Mikael Nordfeldth
6376b78a80 I think I have made the delete verb generate proper AS
ActivityStreams had a different/better definition than me
in how to define the Delete verb data:
http://wiki.activitystrea.ms/w/page/23541872/Delete
2015-10-10 11:08:17 +02:00