Evan Prodromou
570c7b63a2
Add internal URL shortener
2011-01-23 16:49:12 -05:00
Brion Vibber
9df856e667
Merge branch '0.9.x' into merge
...
Conflicts:
README
actions/hostmeta.php
classes/File_redirection.php
lib/common.php
lib/designsettings.php
lib/router.php
lib/util.php
lib/xmppmanager.php
plugins/OStatus/OStatusPlugin.php
2010-12-07 10:50:05 -08:00
Brion Vibber
2617c40e04
Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
classes/User.php
2010-12-06 12:44:19 -08:00
Brion Vibber
76f3dc32e0
Added User::singleUserNickname() as (temporary?) fallback for single-user lookup as a workaround for site setup of 1user sites. We found that an external tool attempting to spin up StatusNet and then register the user would fail because StatusNet's router setup dies on being unable to find its single-user account, since the nickname is needed in setting up routing entries. This tweak will let it survive, using the configured setting as a fallback if it can't actually find the user account.
2010-12-06 12:39:09 -08:00
Brion Vibber
aa96c3c1d9
Fix for tickets #2917 , #2262 : user URL shortening options not being applied in non-web channels
...
common_shorten_links() can only access the web session's logged-in user, so never properly took user options into effect for posting via XMPP, API, mail, etc.
Adds an optional $user parameter on common_shorten_links(), and a $user->shortenLinks() as a clearer interface for that.
Tweaked some lower-level functions so $user gets passed down -- making the $notice_id param previously there for saving URLs at notice save time generalized a little.
Note also ticket #2919 : there's a lot of duplicate code calling the shortening, checking the length, and reporting near-identical error messages. These should be consolidated to aid in code and translation maintenance.
2010-12-02 13:41:56 -08:00
Brion Vibber
3f0557aa8e
General code safety: validate input and escape SQL strings in common_relative_profile()
2010-11-29 16:44:01 -08:00
Brion Vibber
82799f675f
Add Nickname test cases for @-reply regexes in common_find_mentions
2010-11-29 15:07:55 -08:00
Brion Vibber
dc350b5463
Work in progress on nickname validation changes. lib/nickname.php appears to have been destroyed by NetBeans and will be rewritten shortly. Sigh.
2010-11-29 14:15:25 -08:00
Brion Vibber
6c4e5a89c1
Add some doc comments on nickname-related stuff in util.php
2010-11-29 11:31:10 -08:00
Zach Copley
645a4d1754
Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x
2010-11-17 22:16:08 +00:00
Brion Vibber
197b56778a
Add $config['attachments']['process_links'] to allow disabling processing of mentioned URL links for attachment info (oEmbed lookups) and dereferencing of redirects that we didn't have shortened ourselves.
...
This option may be useful for intranet sites that don't have direct access to the internet, as they may be unable to successfully fetch those resources.
2010-11-17 13:03:59 -08:00
Zach Copley
bd566b6f85
Merge branch '0.9.x' into facebook-upgrade
2010-11-16 02:32:46 +00:00
Zach Copley
5b94d9e86b
Merge branch '0.9.x' into facebook-upgrade
2010-11-09 23:16:17 +00:00
Brion Vibber
883f7a6c0b
Avoid marking files as attachments that are not locally uploaded, unless they're really oembedable. HTML-y things now excluded properly.
2010-11-08 13:27:54 -08:00
Brion Vibber
b716d01a41
Merge branch '0.9.x' into 1.0.x
2010-11-03 16:09:49 -07:00
Brion Vibber
dc4fafbbd1
General cleanup & part of ticket #2864 : use User_group->getFancyName() instead of replicating the logic in various places. Encapsulates and allows for localization of parens.
2010-11-03 12:59:19 -07:00
Zach Copley
764a297383
Output filename in log msg if one is supplied
2010-11-02 23:13:20 +00:00
Brion Vibber
b26eccf33c
Merge branch '0.9.x' into 1.0.x
2010-10-28 16:26:34 -07:00
Craig Andrews
22a0cf6251
Set cookies with "secure" flag on SSL sites. Improves security.
2010-10-26 17:55:09 -04:00
Brion Vibber
ca489631db
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
actions/subscriptions.php
lib/router.php
lib/xmppmanager.php
lib/xmppoutqueuehandler.php
2010-10-25 13:08:57 -07:00
Zach Copley
78396db28a
Forgot to add the OAuth verifier pin page to sensitive array
2010-10-25 12:36:03 -07:00
Zach Copley
0dcc3f8d71
We don't need to have editapplication (only showapplication) in the
...
sensitive array because it doesn't expose the consumer keypair
2010-10-25 12:10:52 -07:00
Zach Copley
3954ab39ae
Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL if
...
available
2010-10-25 11:52:17 -07:00
Brion Vibber
8004e2809d
Fix for ticket #2845 : singleuser nickname configuration was being overridden by site owner in router setup.
...
I've consolidated the checks for which user to use for single-user mode into User::singleUser(), which now uses the configured nickname by preference, falling back to the site owner if it's unset.
This is now called consistently from the places that needed to use the primary user's nickname in routing setup.
Setting $config['singleuser']['nickname'] should now work again as expected.
2010-10-20 14:34:25 -07:00
Brion Vibber
7765ddae81
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
README
lib/default.php
2010-10-18 12:17:11 -07:00
Evan Prodromou
7c05b0dafc
options to nofollow external links in notices
2010-10-18 11:29:52 -04:00
Brion Vibber
6c959c83ce
Merge branch '0.9.x' into 1.0.x
2010-10-07 13:32:26 -07:00
Brion Vibber
5e0f3e7bd4
Workaround for regression in input validation due to more PCRE oddities. Recommend redoing common_validate_utf8() using something more reliable, perhaps. :P
2010-10-07 12:32:10 -07:00
Brion Vibber
71176b9a98
Merge branch '0.9.x' into 1.0.x
2010-10-06 13:07:29 -07:00
Brion Vibber
ebfa8bce27
Basic validation of UTF-8 input via GET/POST vars: invalid UTF-8 sequences will cause the string to drop. Not necessarily super-thorough; should be improved in future to drop individual bad sequences, do normalization of combining forms, etc. General input validation (for ints, types of strings, etc) still would be good to have!
2010-10-06 13:00:30 -07:00
Brion Vibber
59119482ca
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 1.0.x
...
Conflicts:
actions/hostmeta.php
actions/imsettings.php
classes/User.php
lib/adminpanelaction.php
lib/channel.php
lib/default.php
lib/router.php
lib/util.php
2010-10-04 12:54:36 -07:00
Brion Vibber
aef42e2f65
Don't spew a notice warning to output while processing logging for PEAR DB errors
2010-09-20 16:52:22 -07:00
Brion Vibber
64cdbe6c55
Ticket #2750 : fixes to HTTP caching behavior across login/logout boundaries
...
* now ignoring if-modified-since if we failed an etag if-none-match comparison, per spec
* now including a hash of user id/nickname in most etags, so we'll update the view properly after login/logout
For API methods, checking the API-auth'ed user. (Many change results to include things like 'you're subscribed to this user' or 'this is one of your favorites', so user info is again needed)
There'll still be some last-modified stamps that aren't including user info properly, probably.
2010-09-20 13:42:58 -07:00
Siebrand Mazeland
85154a49d0
Add plural support for minutes/hours/days/months ago.
...
Reapply of revised b27882c916
that was reverted by Brion Vibber in 2d4c0f9a47
.
2010-09-16 00:07:47 +02:00
Brion Vibber
2d4c0f9a47
Revert "Add plural support for minutes/hours/days/months ago." -- currently doesn't work and spews error messages
...
This reverts commit b27882c916
.
2010-09-15 14:10:18 -07:00
Siebrand Mazeland
6817420e6c
Remove trailing whitespace and update comment consistency on methods.
2010-09-13 21:10:52 +02:00
Siebrand Mazeland
b27882c916
Add plural support for minutes/hours/days/months ago.
2010-09-13 21:10:51 +02:00
Evan Prodromou
a319b40c97
common_cache_key() -> Cache::key()
2010-09-06 10:07:43 -04:00
Evan Prodromou
e42d2124a3
common_keyize() -> Cache::keyize()
2010-09-06 10:03:51 -04:00
Evan Prodromou
c2de44a530
remove NOOP function common_broadcast_notice()
2010-09-06 09:59:08 -04:00
Evan Prodromou
8f81762d68
common_memcache() => Cache::instance()
2010-09-06 09:56:45 -04:00
Brion Vibber
2196d00b1b
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
lib/command.php
2010-09-02 15:04:25 -07:00
Brion Vibber
4cbbfdab84
Fix for #2635 : use ssl-sometimes settings for Twitter settings & auth pages
2010-09-02 10:55:26 -07:00
Evan Prodromou
7183175429
Merge branch 'master' into 1.0.x
2010-08-13 14:33:41 -07:00
Brion Vibber
f7d599f8ea
Fix for ticket 2513: "Can't linkify" error when some links are shortened
...
When bogus SSL sites etc were hit through a shortening redirect, sometimes link resolution kinda blew up and the user would get a "Can't linkify" error, aborting their post.
Now catching this case and just passing through the URL without attempting to resolve it. Could benefit from an overall scrubbing of the freaky link/attachment code though...! :)
http://status.net/open-source/issues/2513
2010-08-12 15:25:32 -07:00
Evan Prodromou
9f0715a993
Merge branch '0.9.x' into 1.0.x
2010-08-03 16:05:03 -07:00
Brion Vibber
974c4df029
Ticket 2433: Skip locale fallback list check on Windows ('locale -a' shell-out doesn't work there)
2010-07-12 09:56:32 -07:00
Brion Vibber
b1a68e15b7
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 1.0.x
...
Conflicts:
lib/default.php
lib/util.php
plugins/UrlShortener/UrlShortenerPlugin.php (has been removed?)
2010-06-10 15:37:06 -07:00
Brion Vibber
d88b208edc
Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
plugins/OpenID/openid.php
2010-06-07 10:19:40 -07:00
Brion Vibber
5f4c6ec626
Skip enqueueing to outgoing bridges on incoming remote messages. Twitter, Facebook, RSSCloud, and OStatus checks were enqueued on these when they'd never do anything but churn the queue servers.
...
Notice::isLocal() can replace a number of manual checks for $notice->is_local being LOCAL_PUBLIC or LOCAL_NONPUBLIC.
2010-06-03 16:58:45 -07:00