Commit Graph

46 Commits

Author SHA1 Message Date
Mikael Nordfeldth
35b0a9e3ae Handle normalized acct: URIs in ostatussub
Mastodon sent the proper acct: URI and not just 'user@domain' when
using the remote subscribe functionality.
2017-04-16 11:01:16 +02:00
Mikael Nordfeldth
ab93bb009c XSS vulnerability when remote-subscribing
->raw was used on non-filtered strings for some reasons, changed
to ->text.
2016-01-05 12:15:50 +01:00
mmn
0baa9debbc Merge branch 'direct-feed-sub' into 'master'
If we are given a direct URL to a feed, use that



See merge request !54
2015-12-14 21:09:56 +00:00
Mikael Nordfeldth
844670f88d Ooops, copypasted something into the wrong place. 2015-11-08 23:24:20 +01:00
Mikael Nordfeldth
65184782aa OStatus usage of static Validate::* calls fixed 2015-11-08 10:33:41 +01:00
Stephen Paul Weber
e58c529c53 If we are given a direct URL to a feed, use that 2015-10-28 00:54:20 +00:00
Mikael Nordfeldth
0dad11bb85 Inform and make use of NoProfileException in OStatus actions
This is because Ostatus_profile->localProfile() throws NoProfileException
instead of returning null for profiles which don't exist in Profile table.
2014-05-19 18:07:57 +02:00
Mikael Nordfeldth
e571e64e9e Make ostatussub conform to coding standards a bit 2014-03-05 13:44:45 +01:00
Mikael Nordfeldth
cd6fa512ac Twitter Import + avatar fixes (cleaning up + fixing)
...there was also a typo in OstatussubAction ($avatarUrl not defined)
2013-10-03 15:28:51 +02:00
Mikael Nordfeldth
b0dfc70a54 Properly unlink all old avatars when deleting/uploading a new
We're also now using $config['image']['jpegquality'] to determine the
quality setting for resized images.

To set Avatar max size, adjust $config['avatar']['maxsize']

The getAvatar call now throws exceptions too. Related changes applied.
Now let's move Profile->avatarUrl to the Avatar class!
2013-10-01 17:00:10 +02:00
Mikael Nordfeldth
1c6f9df80e PHP5.5 fix: Better use of startXML for Action classes (mostly AJAX)
I had a problem with PHP5.5 that caused ajax responses to be empty. This
fixes it, as the problem was related to pretty inconsistent calling to
headers, XMLWriter::startDocument etc. etc.
2013-09-24 01:18:33 +02:00
Mikael Nordfeldth
747fe9d59b Tidying up getUser calls to profiles and some events
getUser calls are much more strict, and one place where this was found was
in the (un)subscribe start/end event handlers, which resulted in making the
Subscription class a bit stricter, regarding ::start and ::cancel at least.
Several minor fixes in many files were made due to this.

This does NOT touch the Foreign_link function, which should also have a more
strict getUser call. That is a future project.
2013-09-09 23:03:34 +02:00
Siebrand Mazeland
9f9f940833 Add translator documentation.
Change a few double quotes to single quotes.
2011-06-05 11:30:46 +02:00
Siebrand Mazeland
1d1a929718 Update translator documentation and L10n. 2011-05-20 16:03:53 +02:00
Siebrand Mazeland
4651c9d94a Fix L10n/i18n.
Some remaining people tag -> list.
Favor -> like
Update translator documentation.
Whitespace updates.
2011-04-29 18:59:47 +02:00
Siebrand Mazeland
b83e0fd0e8 Update translator documentation.
i18n fixes (gettext domain).
L10n updates.
Whitespace updates.
Some tabs to spaces.
2011-04-11 00:39:51 +02:00
Shashi Gowda
c335db4bbc OStatus support for people tags 2011-03-07 00:45:34 +05:30
Evan Prodromou
5c25364141 remove extraneous <dl> and <dt> tags 2011-01-14 15:36:06 -05:00
Brion Vibber
69b13cb279 Normalize execution guards on OStatus php files; mostly helps cut down on annoying 'class not found' errors when something spiders the dirs. :P 2010-10-08 10:42:59 -07:00
Siebrand Mazeland
5a6f616206 * i18n/L10n update
* translator comments added
* remove superfluous whitespace
2010-09-19 15:17:36 +02:00
Siebrand Mazeland
1bfbe9badf * i18n/L10n updates and FIXMEs added
* whitespace fixes
2010-09-03 01:35:04 +02:00
Brion Vibber
acea534044 Disable the send-notice form at the top of the page OStatus subscription confirmation page to work around bugs in Cloudy theme.
This is really just a hack for the broken CSS in the Cloudy theme, I think; copying from other non-notice-navigation pages that do this as well. There will be plenty of others also broken.
2010-04-19 19:45:01 +02:00
Brion Vibber
cac9d23498 Fix for xmpp/sms notification options appearing to be disabled on new subscriptions.
Base problem is that our caching-on-insert interferes with relying on column default values; the cached object is missing those fields, so they appear to be empty (null) when the object is retrieved from cache.
Now explicitly setting them when inserting subscriptions, and cleaned up some code that had alternate code paths.

May also have made auto-subscription work for remote OStatus subscribers, but can't test until magic sigs are working again.
2010-03-18 14:26:32 -07:00
Evan Prodromou
f21f78364a Change the workflow to get better discovery
Tried to re-structure the workflow of discovery to get more and richer
data and hints.
2010-03-16 11:25:18 -05:00
Sarven Capadisli
b97ac60209 Changed text for authorizing/confirming remote profile 2010-03-03 23:47:27 -05:00
Sarven Capadisli
de687d00c0 Updated OStatus subscription error messages to be more user friendly.
Hopefully.
2010-03-03 22:56:50 -05:00
Brion Vibber
a4d9171306 Fix up catching of webfinger setup fails 2010-03-03 18:23:28 -08:00
Sarven Capadisli
6a5a629afa Updated label and note text for user and group remote subscribe forms 2010-03-03 20:08:55 -05:00
Brion Vibber
a42d1116db Separate the UI paths for ostatussub and ostatusgroup. They'll redirect to each other transparently if they find you've put a remote entity of the other type. 2010-03-03 13:40:26 -08:00
Sarven Capadisli
623faf9f2d Just a label change. Since the user already went ahead with
subscribing, in this step we are just confirming the profile.
2010-03-02 09:57:28 -05:00
Brion Vibber
00f724d0e6 Localization tweak: include doc comments marked as 'TRANS' in .po file output; these should now get automatically pulled through to the TranslateWiki interface as translator help hints. 2010-03-01 14:10:13 -08:00
Brion Vibber
b5b5184c88 OStatus: fix remote groups to work with new user_groups/local_groups split.
- fix <activity:subject> generation so we get the profile info (what's available so far)
- use id instead of nickname for group join/leave forms so we can join/leave remote groups
  while the rest of the groups UI remains limited to local groups
  (plugins are responsible for making sure remote notifications and permission checks are done)
- fix remote notification when joining group through OStatus's remote subscribe form
2010-02-25 13:02:08 -08:00
Brion Vibber
5f9a8ca64b OStatus: accept webfinger addresses as well as profile URLs in the explicit remote subscribe form. 2010-02-23 21:11:44 +00:00
Brion Vibber
90d34b26c6 OStatus: do PuSH subscription setup from subscribe/join event hooks, so resubscribing directly from a profile/group list works correctly if there aren't active subscriptions at the moment. 2010-02-23 20:44:27 +00:00
Brion Vibber
c79c70ea2c OStatus subscription UI tweak: if we're already subscribed/joined, say so and don't offer a 'subscribe'/'join' button on the profile preview page. 2010-02-23 11:56:17 -08:00
Brion Vibber
e070fcaaae OStatus: fix for avatars, submit button in updated remote profile preview 2010-02-23 11:37:49 -08:00
Sarven Capadisli
b67bb182b0 Refactored preview info and form for authorizing a remote subscription 2010-02-23 04:59:34 +01:00
Brion Vibber
193448d1be OStatus: cleanup on ostatussub preparing for final UI work on the remote sub/join forms. 2010-02-23 01:58:05 +00:00
Brion Vibber
06f155c02d OStatus: initial hookup of remote group membership (notice delivery not yet working quite right)
- added a temp config var to disable salmon magic signatures until they're working consistently
2010-02-22 12:13:57 -08:00
Sarven Capadisli
3569493ba7 Added link to Subscriptions page to XHR get the ostatus sub form 2010-02-22 17:07:48 +01:00
Sarven Capadisli
f54c9b70db Fixed error/warning message location in OStatus autorize subscription page 2010-02-22 11:53:34 +01:00
Evan Prodromou
727773cdfa redirect ostatussub if not logged in 2010-02-21 11:24:04 -05:00
Brion Vibber
ea9d6f21ec OStatus subscription page fixups; works but needs lots of UI loving!
- ostatussub via subscribe button now works again (changed to take profile instead of feed, patched up to the new discovery)
- added a quickie hack to allow putting your remote profile URI in place of webfinger acct through the remote-sub button (needs to be patched up to do proper discovery via XRDS or a link or something)
2010-02-20 12:57:47 -08:00
Sarven Capadisli
f30af7047b Updated feed subscription form markup 2010-02-13 18:46:10 +01:00
Brion Vibber
8e6b52e899 OStatus: renamed feedinfo table to ostatus_profile -- will cover remote ostatus people and groups whether a subscription's active or not (maintains identity over unsub/resub, and between subscribers and subscribees) 2010-02-12 00:22:16 +00:00
James Walker
841981a381 discovery piece - hand merged :P 2010-02-09 01:37:45 -05:00