The file downloader was changed from a simple redirect to the file to one
implemented in PHP, which should make it safer, by making it possible disallow
direct access to the file, to prevent executing of atttachments
The filename has a new format:
bin2hex("{$original_name}")."-{$filehash}"
This format should be respected. Notice the dash, which is important to distinguish it from the previous
format, which was "{$hash}.{$ext}"
This change was made to both make the experience more user friendly, by
providing a readable name for files, as opposed to it's hash. This name is taken
from the upload filename, but, clearly, as this wasn't done before, it's
impossible to have a proper name for older files, so those are displayed as
"untitled.{$ext}".
This new name is displayed in the UI, instead of the previous name.
Hello,
The ATOM feed contains the hub declaration for WebSub / PubSubHubbub, but the RSS / RDF / JSON versions do not.
Currently, the ATOM version is declared last.
RSS/ATOM clients typically pick whichever version comes first, and will thus not see the WebSub feature.
I therefore suggest putting the ATOM version first, as it is more feature-rich than the other versions.
Clients not compatible with ATOM would not pick it anyway due to the different type attribute.
See same PR for Mastodon: https://github.com/tootsuite/mastodon/pull/9302
and WebSub tester https://websub.rocks/publisher
The current Atom/XML account backup contains the backupaccount HTML at the end
of the downloaded file. This change makes it so that only the XML is downloaded
by terminating the script before the HTML is served.
Display error if wrong perms on 'avatar' dir
If the 'avatar' folder isn't writeable, don't let users try to
upload/delete one (and fail). Instead, print an error message about
the misconfigured folder permission.
Ref. #196
See merge request !126
Fix some strict warnings (Action::prepare, Action::handle)
I know MR with changes to a bunch of files aren't great practice, but I figured since all the changes are one-liners it might not be a huge deal.
Related to #190
See merge request !123
If the 'avatar' folder isn't writeable, don't let users try to
upload/delete one (and fail). Instead, print an error message about
the misconfigured folder permission.
Ref. #196
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::prepare() should be compatible with
Action::prepare(array $args = Array)
Ref. #190
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::handle() should be compatible with
Action::handle()"
Ref. #190
This removes most references to Google, with some
remaining since they may point to things which are still
relevant. References to Google Code, Google Buzz and
Google Maps have been removed
We don't guess the current profile anymore if the value of the profile === -1
Also sets $this->scoped for all ScopingNoticeStream inheritors, which just
like in an Action can be null if we're not scoped in any way (logged in).