Commit Graph

2934 Commits

Author SHA1 Message Date
Brion Vibber
54e98ffe22 Fix ticket #3013: MAX_FILE_SIZE hidden fields were incorrectly placed
In order to apply to PHP's POST processing, the MAX_FILE_SIZE field must appear *before* the file upload field. They were incorrectly placed after, where they had no effect on POST processing.
2011-01-26 15:49:57 -08:00
Brion Vibber
621a7cb36d Merge branch '0.9.x' into testing 2011-01-25 12:57:49 -08:00
Brion Vibber
0a3c05feb0 Fix XML API output for several profile update methods that returned a <user> entry but didn't set namespaces, causing XML parse failures. 2011-01-24 12:41:30 -08:00
Brion Vibber
820dd293c9 Fix for ticket #3007: .bmp avatar uploads weren't being properly converted to PNG in all cases
Part of the reported issue was previuosly fixed by dc497ed0 (smaller size images being blanked).
This commit fixes the remaining bug with original-size avatars being left as BMP (which could include the 96px size for instance, which could cause problems in browsers not supporting BMP natively)

Added ImageFile::copyTo() as a convenient alias for resizeTo() when not resizing; this performs the BMP/XPM/XBM->PNG conversion if needed, or copies the original file.
Copying instead of using move_uploaded_file() is fine here since:
a) the files are cleaned up on script completion anyway (vs moving to remove it)
b) we're already performing getimagesize() and possibly load/resize on the file before this point (vs needing to move the file into a usable area to work with open_basedir restrictions that prevent working directly with uploaded files in the temp dir; since this would fail anyway, we lose nothing)

ImageFile::preferredType() now works on $this->type instead of asking for one, to make it handier to use from outside. (This is still needed in order for calling code to generate a target filename.)

Recommended for future:
* additional consolidation between the various ways of uploading avatars (touched avatarsettings, grouplogo, and apiaccountupdateprofileimage with similar minor changes)
* consolidate type checks and file naming into Avatar class
2011-01-24 12:22:47 -08:00
Evan Prodromou
570c7b63a2 Add internal URL shortener 2011-01-23 16:49:12 -05:00
Evan Prodromou
592e2be5e1 Make new menu the default menu
There's a new menu layout in this version of the software. It was
implemented as a plugin in 0.9.x to avoid clashes with existing themes,
but we're going to break that compatibility in this version, so we're just going for it.

This change involved moving all the changes in NewMenuPlugin into the
default code that was calling it. In addition, since
accountsettingsaction and connectsettingsaction differed only by menu,
I removed them, changed all references to them to the settingsmenu, and moved
the combined nav to its own class.

Let's put that episode behind us.

The CSS shim that was loaded by NewMenuPlugin for certain themes and certain actions
was removed.
2011-01-23 12:35:35 -05:00
Siebrand Mazeland
6c0e43be9e L10n consistency updates in wording and punctuation.
Translator documentation added/updated.
Superfluous whitespace removed.
2011-01-21 22:45:37 +01:00
Siebrand Mazeland
08cb576b52 Add translator documentation
Fix L10n issues
Remove superfluous whitespace
2011-01-21 16:35:00 +01:00
Siebrand Mazeland
bcd34a7f3c Add correct punctuation for client exceptions. 2011-01-21 10:55:10 +01:00
Siebrand Mazeland
ee5479b902 Add correct punctuation for client exception. 2011-01-21 10:55:08 +01:00
Siebrand Mazeland
31895ba33a Add correct punctuation for client exception. 2011-01-21 10:55:07 +01:00
Brion Vibber
6fa0bea76d Merge branch '0.9.x' into testing 2011-01-20 15:12:57 -08:00
Siebrand Mazeland
91ee2ea3b1 Translator comments added
L10n updates
Remove superfluous whitespace
Number parameters in message when two or more are used
ClientException and ServerException should end with a period
2011-01-20 20:00:45 +01:00
Siebrand Mazeland
6658bd1893 Update translator documentation
Remove unneeded i18n for debug message
Remove superfluous whitespace
2011-01-20 18:45:13 +01:00
Siebrand Mazeland
26652d9be6 Update translator documentation
Update L10n
Remove superfluous whitespace
2011-01-20 18:40:20 +01:00
Zach Copley
882b6862a3 OAuth: Fix rare problem in which request tokens were sometimes being
returned as access tokens.
2011-01-19 23:00:24 -08:00
Zach Copley
28f10ac528 Fix syntax error in error msg 2011-01-19 23:00:10 -08:00
Zach Copley
1543af748c Merge branch 'testing' of gitorious.org:statusnet/mainline into testing
* 'testing' of gitorious.org:statusnet/mainline: (63 commits)
  Add a scary 'experimental feture' warning & are-you-sure prompt on moveuser.php
  fix wrong datatypes (saving string instead of array) in AtomPub notice processing
  Account moving is a background activity
  return a 409 Conflict when subscription already exists
  OStatusPlugin does discovery in Profile::fromURI()
  considerably more logging and error checking in AccountMover
  add a log method to AccountMover
  normalize accounts and check for return in HTTP for moving
  move account-moving classes to their own libraries
  execution protection on discovery.php
  PHPCS discovery.php
  Move discovery library from OStatus plugin to core
  Revert "Revert "0.9.7alpha1""
  first example of moving a user
  Parse properties of links in XRD files
  Add the Atom username to the XRD output
  preserve activities in object
  let callers pass in an XMLOutputter to output to
  execution protection on discovery.php
  PHPCS linkheader.php
  ...
2011-01-19 22:58:07 -08:00
Zach Copley
e475bdfe77 OAuth: Fix rare problem in which request tokens were sometimes being
returned as access tokens.
2011-01-19 22:55:00 -08:00
Zach Copley
a79427d86f Fix syntax error in error msg 2011-01-19 16:13:42 -08:00
Brion Vibber
4026e208c2 Add a scary 'experimental feture' warning & are-you-sure prompt on moveuser.php
As with deleteuser.php, can pass -y to bypass the prompt if you're sure.
2011-01-19 15:13:46 -08:00
Brion Vibber
64844473f8 fix wrong datatypes (saving string instead of array) in AtomPub notice processing 2011-01-19 14:26:31 -08:00
Brion Vibber
963e7576f2 Merge branch 'testing' into moveaccount 2011-01-19 10:41:14 -08:00
Evan Prodromou
aa4a8e5051 wrap account actions in a section 2011-01-17 18:04:10 -05:00
Evan Prodromou
2a59453d4c Merge branch 'testing' into moveaccount 2011-01-17 17:34:03 -05:00
Evan Prodromou
6d429ce357 return a 409 Conflict when subscription already exists 2011-01-17 15:57:04 -05:00
Siebrand Mazeland
573925c52a * number parameters in messages
* add translator documentation
* remove superfluous whitespace
* small L10n update
2011-01-15 00:24:06 +01:00
Evan Prodromou
5c25364141 remove extraneous <dl> and <dt> tags 2011-01-14 15:36:06 -05:00
Siebrand Mazeland
7903a2504f * remove i18n for debug message.
* add i18n for some server exceptions.
* add translator documentation.
* L10n updates.
* remove superfluous whitespace.
2011-01-14 21:25:46 +01:00
Siebrand Mazeland
6e1dfab1b9 * change i18n for confirmation string to make a bit more certain that the confirmation string is consistent in all messages where it is used.
* add translator documentation.
* remove superfluous whitespace.
2011-01-14 20:48:17 +01:00
Brion Vibber
74a1c9def0 Fix error handling for missing group in apigroupmembership -- was trying to call methods on the variable before we checked it, which triggers PHP fatal error 2011-01-07 16:25:58 -08:00
Brion Vibber
5616bfb5ff Fix warning in subscribers/subscriptions list pages where we attempted to call free() an ArrayWrapper after it was used up, thus trying to forward the call to a nonexistent object.
Removed the free calls (unneeded since destructors now work), and added an error check w/ logging & an exception for future attempts to forward calls to nonexistent object.
2011-01-07 15:29:30 -08:00
Brion Vibber
edf8101b29 allow group join/leave commands in api posting, at least for the moment (no other way to do remote subscribe without a preexisting local id number via api) 2011-01-06 13:46:39 -08:00
Brion Vibber
281076d5f6 Fix for PHP notice spew in group creation via API: set default 'mainpage' in User_group::register() rather than forcing all callers to do it manually. 2011-01-06 13:22:44 -08:00
Evan Prodromou
32eb4c5e2d Merge remote branch 'gitorious/0.9.x' into 1.0.x
Conflicts:
	lib/common.php
2010-12-30 15:52:08 -08:00
Evan Prodromou
d3b10959f4 Merge branch '0.9.x' into noactor 2010-12-29 15:29:29 -08:00
Evan Prodromou
26afe79ed9 Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-12-29 14:53:38 -08:00
Evan Prodromou
48edbb3023 add hooks for the account-management tools 2010-12-29 14:02:04 -08:00
Brion Vibber
e211e6228d Merge branch '0.9.x' into 1.0.x 2010-12-28 11:38:34 -08:00
Brion Vibber
90c7ff1983 Merge branch 'master' into 0.9.x 2010-12-28 11:37:38 -08:00
Brion Vibber
d3d9797496 Prevent group creation by silenced users.
* adds Right::CREATEGROUP
* logic in Profile::hasRight() checks for silencing
* NewgroupAction checks for the permission before letting you see or process the form in the UI
* User_group::register() logic does a low-level check on the specified initial group admin, and rejects creation if that user doesn't have the right; guaranteeing that API methods etc will also have this restriction applied sensibly.
2010-12-28 11:34:02 -08:00
Evan Prodromou
0bcc3ee005 include saved notice in atompub events 2010-12-27 22:11:30 -08:00
Evan Prodromou
a85bbd9088 Add a user parameter to atom pub api events 2010-12-27 20:49:08 -08:00
Evan Prodromou
ab92496ddc Stop using <activity:subject> for atom feeds 2010-12-27 10:03:34 -08:00
Brion Vibber
26baad63f2 Merge branch '0.9.x' into 1.0.x 2010-12-22 15:25:38 -08:00
Brion Vibber
d5c2b0d216 When queueing is off, restore runs immediately. Indicate that we've already finished processing on the success page in this case; otherwise continue to show the 'will take a few minutes' message. 2010-12-22 14:55:13 -08:00
Brion Vibber
055630516c Merge branch 'righttoleave' into 0.9.x 2010-12-22 11:28:34 -08:00
Evan Prodromou
9a6ceb3303 Merge branch 'righttoleave' into 0.9.x 2010-12-22 11:22:51 -08:00
Brion Vibber
754bc1b616 Error handling cleanup on backup/restore:
* avoid PHP notice from using wrong variable
* show a visible error instead of blank screen if no file submitted with restore form
* avoid PHP strict warning from using calling "non-static" DOMDocument::loadXML statically
* suppress PHP warning from XML parse errors
2010-12-22 11:13:57 -08:00
Brion Vibber
5abd2b7d0c fix notice error 2010-12-22 11:06:45 -08:00
Brion Vibber
d8a3a88ec8 Merge branch '0.9.x' into 1.0.x
Conflicts:
	classes/Memcached_DataObject.php
2010-12-17 17:13:21 -08:00
Brion Vibber
fb8312ebf4 Ticket #2959: implement api/users/profile_image endpoint in Twitter-compat API 2010-12-17 17:10:52 -08:00
Brion Vibber
c0669969f2 fix typo in showstream 2010-12-17 16:21:33 -08:00
Evan Prodromou
573bbeced1 action to restore a user's backup from the Web interface 2010-12-17 18:56:48 -05:00
Evan Prodromou
fd22f684bf syntax error in deleteaccount 2010-12-15 17:39:58 -05:00
Evan Prodromou
e16cb8c03a Merge branch '0.9.x' into righttoleave 2010-12-15 16:48:28 -05:00
Brion Vibber
bf20258f4b Merge branch '0.9.x' into 1.0.x 2010-12-15 11:59:31 -08:00
Brion Vibber
6c67114198 Mark OembedAction, XrdAction, and (plugin) AutocompleteAction as read-only. Tweaked ApiStatusesShow and ApiTimelineUser to still claim read-only when hit with a HEAD request (usually link checkers or a precursor to a GET, and should be semantically equivalent to a GET without actually transferring data) 2010-12-14 16:14:15 -08:00
Brion Vibber
82a9560a2d AtomPub fix: correct the response URL given from posting a new message (wrong parameter meant we got the main page instead of the message's URL) 2010-12-14 13:19:22 -08:00
Brion Vibber
54a0e801f3 AtomPub fixes: return '201 Created' on POST of new message; better error checking on Atom input 2010-12-14 13:12:24 -08:00
Evan Prodromou
d840578aa0 An action to delete your own account
The new DeleteaccountAction lets a user delete their own account
(subject to global rights set by the admin). It presents a form to
delete the account, with an "I am sure." text entry box.

It then schedules the account for deletion and logs the user out.
2010-12-14 12:38:43 -05:00
Evan Prodromou
6a7bf9dbf9 don't show the backup link if the user can't backup 2010-12-13 16:49:01 -05:00
Evan Prodromou
5089d3065c add an action to backup the current account in ActivityStreams format 2010-12-13 16:32:39 -05:00
Evan Prodromou
027c73a4a1 Merge branch 'activityatompub' into 0.9.x 2010-12-13 14:35:42 -05:00
Evan Prodromou
1033e1e519 add the other three feeds to AtomPub service document 2010-12-13 14:35:29 -05:00
Evan Prodromou
c6d6f25b52 Atom pub feed for group memberships
Feed for group memberships, in activity streams format.

Shows a feed; has proper pagination; accepts activitystreams "join"
activities to start a new membership.
2010-12-13 13:56:54 -05:00
Evan Prodromou
156bd011af fix navigation links for favorite feed 2010-12-13 13:08:38 -05:00
Evan Prodromou
c5fee7573e fix navigation links for subscriptions feed 2010-12-13 13:07:25 -05:00
Evan Prodromou
1a58fdd695 add atompub show membership action 2010-12-13 12:40:22 -05:00
Zach Copley
bb55784e90 Move getConnectedApps() from Profile to User, where it belongs 2010-12-12 17:37:42 -08:00
Evan Prodromou
30f0defcf1 atompub favorite feed 2010-12-12 13:16:34 -05:00
Evan Prodromou
1817aedb5c fix subtitle in subscriptions feed 2010-12-12 12:13:54 -05:00
Evan Prodromou
d9a614c57e use new Subscription stream methods for AtomPub 2010-12-11 11:24:07 -05:00
Evan Prodromou
37c447be46 Show a single favorite for AtomPub 2010-12-10 18:50:50 -05:00
Evan Prodromou
5d56dba904 add a new subscription using POST to APP 2010-12-09 16:25:47 -05:00
Evan Prodromou
c619a257fe Add subscription feed for AtomPub 2010-12-09 16:05:07 -05:00
Evan Prodromou
34b8eb207d make HEAD work for AtomPubShowSubscription 2010-12-09 14:25:57 -05:00
Evan Prodromou
11a0bde459 AtomPub for single subscription 2010-12-09 13:11:02 -05:00
Brion Vibber
9df856e667 Merge branch '0.9.x' into merge
Conflicts:
	README
	actions/hostmeta.php
	classes/File_redirection.php
	lib/common.php
	lib/designsettings.php
	lib/router.php
	lib/util.php
	lib/xmppmanager.php
	plugins/OStatus/OStatusPlugin.php
2010-12-07 10:50:05 -08:00
Brion Vibber
aa96c3c1d9 Fix for tickets #2917, #2262: user URL shortening options not being applied in non-web channels
common_shorten_links() can only access the web session's logged-in user, so never properly took user options into effect for posting via XMPP, API, mail, etc.

Adds an optional $user parameter on common_shorten_links(), and a $user->shortenLinks() as a clearer interface for that.
Tweaked some lower-level functions so $user gets passed down -- making the $notice_id param previously there for saving URLs at notice save time generalized a little.

Note also ticket #2919: there's a lot of duplicate code calling the shortening, checking the length, and reporting near-identical error messages. These should be consolidated to aid in code and translation maintenance.
2010-12-02 13:41:56 -08:00
Siebrand Mazeland
086d6c9f36 * Fix an incorrectly formatted message parameter in line 334.
* i18n/L10n updates
* translator documentation updated
2010-12-02 12:33:03 +01:00
Brion Vibber
5d9d0d7349 Ticket #2912 further cleanup: use JS on emailsettings form to help connect the 'I want to post by email' checkbox with the controls for adding or removing a post-by-email alias.
Now, when you first come up the checkbox will most likely be off and the button to create an address is grayed out.
Checking the box enables use of the 'new' button to generate an email address -- it's left disabled until you check the box, so you can't accidentally trip it.
Actually adding the address now enables the post-by-mail option, as well, thus ensuring that it's saved. WARNING: OTHER CHANGES ON THE FORM WILL STILL BE LOST.
Removing the address now disables the post-by-mail option, so it's not sitting around confusingly enabled but useless.

You can still disable the checkbox manually without removing the address, in case you want to keep it for later.
It's also still possible to actually save it in the state where the option is enabled, but there's no configured address, but that shouldn't happen too often. Possibly that should be prevented outright though.
2010-12-01 14:23:56 -08:00
Brion Vibber
36d605a1e9 Ticket #2912 tweaks: clean up wording on the incoming email generator box a bit. 2010-12-01 13:10:54 -08:00
Brion Vibber
3048f9100d Ticket #2912: move 'I want to post notices by email" checkbox up from the email *output* prefs up into the box for the address to post to, so they're next to each other. 2010-12-01 13:04:18 -08:00
Brion Vibber
dc350b5463 Work in progress on nickname validation changes. lib/nickname.php appears to have been destroyed by NetBeans and will be rewritten shortly. Sigh. 2010-11-29 14:15:25 -08:00
Evan Prodromou
edf660c6ff Make userxrd work without OStatus enabled 2010-11-26 22:09:51 -05:00
Evan Prodromou
fcc0825b14 Make userxrd part of the default hostmeta 2010-11-26 21:46:51 -05:00
Evan Prodromou
0a4911552e Move user xrd action to core and use hooks to extend
Moved the Webfinger user XRD action from the OStatus plugin to core.
Added hooks to add OStatus-specific stuff, but kept general stuff in
the core.
2010-11-26 21:38:38 -05:00
Craig Andrews
3f3b38766f move xrd and hostmeta out of the OStatus plugin and into core
add event for setting up hostmeta, and use them in the OStatus plugin
2010-11-26 21:12:14 -05:00
Brion Vibber
e0e7cb7c53 Merge branch 'master' into 0.9.x 2010-11-19 14:03:59 -08:00
Brion Vibber
ca55d6c514 Ticket #1987: support since_id on API notice search methods.
max_id is not yet implemented, as it'll need support added to the search backends. (since_id we get 'for free' by just cropping off the list, it'll do for now)
2010-11-19 14:00:22 -08:00
Brion Vibber
fa6c6077d6 Merge branch 'master' into 0.9.x 2010-11-16 11:17:29 -08:00
Brion Vibber
9b9db3b28a Prep for ticket #2895: consolidate common code from PopularNoticeList and FavoritedAction for fetching popular notice lists 2010-11-16 11:10:32 -08:00
Brion Vibber
89d5993674 Include width/height of locally-uploaded images in our oembed provider data for attachment pages. 2010-11-15 12:57:15 -08:00
Evan Prodromou
d038d0fa46 AtomPub-related actions are only read-only on GET 2010-11-15 14:14:09 -05:00
Evan Prodromou
8a21b13ee9 Merge remote branch 'gitorious/0.9.x' into 0.9.x 2010-11-15 11:57:31 -05:00
Evan Prodromou
c1cee3b27f Merge branch 'atompub' into 0.9.x
Conflicts:
	actions/apistatusesshow.php
	actions/apitimelineuser.php
2010-11-15 11:57:19 -05:00
Evan Prodromou
cb371d65c1 add hooks for atom pub posts 2010-11-15 11:54:42 -05:00
Evan Prodromou
01f32e3998 Merge remote branch 'gitorious/1.0.x' into 1.0.x
Conflicts:
	actions/urlsettings.php
2010-11-14 06:49:43 -05:00
Brion Vibber
e4913f9722 fix syntax error introduced in i18n tweaks: newgroup action 2010-11-12 13:35:19 -08:00