Brion Vibber
54e98ffe22
Fix ticket #3013 : MAX_FILE_SIZE hidden fields were incorrectly placed
...
In order to apply to PHP's POST processing, the MAX_FILE_SIZE field must appear *before* the file upload field. They were incorrectly placed after, where they had no effect on POST processing.
2011-01-26 15:49:57 -08:00
Brion Vibber
621a7cb36d
Merge branch '0.9.x' into testing
2011-01-25 12:57:49 -08:00
Brion Vibber
820dd293c9
Fix for ticket #3007 : .bmp avatar uploads weren't being properly converted to PNG in all cases
...
Part of the reported issue was previuosly fixed by dc497ed0
(smaller size images being blanked).
This commit fixes the remaining bug with original-size avatars being left as BMP (which could include the 96px size for instance, which could cause problems in browsers not supporting BMP natively)
Added ImageFile::copyTo() as a convenient alias for resizeTo() when not resizing; this performs the BMP/XPM/XBM->PNG conversion if needed, or copies the original file.
Copying instead of using move_uploaded_file() is fine here since:
a) the files are cleaned up on script completion anyway (vs moving to remove it)
b) we're already performing getimagesize() and possibly load/resize on the file before this point (vs needing to move the file into a usable area to work with open_basedir restrictions that prevent working directly with uploaded files in the temp dir; since this would fail anyway, we lose nothing)
ImageFile::preferredType() now works on $this->type instead of asking for one, to make it handier to use from outside. (This is still needed in order for calling code to generate a target filename.)
Recommended for future:
* additional consolidation between the various ways of uploading avatars (touched avatarsettings, grouplogo, and apiaccountupdateprofileimage with similar minor changes)
* consolidate type checks and file naming into Avatar class
2011-01-24 12:22:47 -08:00
Evan Prodromou
570c7b63a2
Add internal URL shortener
2011-01-23 16:49:12 -05:00
Evan Prodromou
592e2be5e1
Make new menu the default menu
...
There's a new menu layout in this version of the software. It was
implemented as a plugin in 0.9.x to avoid clashes with existing themes,
but we're going to break that compatibility in this version, so we're just going for it.
This change involved moving all the changes in NewMenuPlugin into the
default code that was calling it. In addition, since
accountsettingsaction and connectsettingsaction differed only by menu,
I removed them, changed all references to them to the settingsmenu, and moved
the combined nav to its own class.
Let's put that episode behind us.
The CSS shim that was loaded by NewMenuPlugin for certain themes and certain actions
was removed.
2011-01-23 12:35:35 -05:00
Evan Prodromou
e53793edf4
make 'admin' a safe user name
...
'admin' is a pretty common username that people try when installing;
it was blacklisted because all of our admin panels were at /admin/*,
which would conflict with the admin user's namespace.
Changed the location of all admin panels to /panel/*, blacklisted the
nickname 'panel', and allowed 'admin'. Tested with a fresh install;
seems to work great.
2011-01-23 10:18:35 -05:00
Siebrand Mazeland
6c0e43be9e
L10n consistency updates in wording and punctuation.
...
Translator documentation added/updated.
Superfluous whitespace removed.
2011-01-21 22:45:37 +01:00
Siebrand Mazeland
08cb576b52
Add translator documentation
...
Fix L10n issues
Remove superfluous whitespace
2011-01-21 16:35:00 +01:00
Brion Vibber
6fa0bea76d
Merge branch '0.9.x' into testing
2011-01-20 15:12:57 -08:00
Brion Vibber
6455461c19
Merge branch 'master' into 0.9.x
2011-01-20 15:08:31 -08:00
Zach Copley
05361bb686
OAuth: Fix rare problem in which request tokens were sometimes being
...
returned as access tokens.
2011-01-20 10:44:31 -08:00
Zach Copley
3a24b95edb
Fix a couple spelling mistakes in comments and remove redundant statement terminator
2011-01-20 10:44:05 -08:00
Zach Copley
882b6862a3
OAuth: Fix rare problem in which request tokens were sometimes being
...
returned as access tokens.
2011-01-19 23:00:24 -08:00
Zach Copley
114d9ebf28
Fix a couple spelling mistakes in comments and remove redundant statement terminator
2011-01-19 22:59:51 -08:00
Zach Copley
1543af748c
Merge branch 'testing' of gitorious.org:statusnet/mainline into testing
...
* 'testing' of gitorious.org:statusnet/mainline: (63 commits)
Add a scary 'experimental feture' warning & are-you-sure prompt on moveuser.php
fix wrong datatypes (saving string instead of array) in AtomPub notice processing
Account moving is a background activity
return a 409 Conflict when subscription already exists
OStatusPlugin does discovery in Profile::fromURI()
considerably more logging and error checking in AccountMover
add a log method to AccountMover
normalize accounts and check for return in HTTP for moving
move account-moving classes to their own libraries
execution protection on discovery.php
PHPCS discovery.php
Move discovery library from OStatus plugin to core
Revert "Revert "0.9.7alpha1""
first example of moving a user
Parse properties of links in XRD files
Add the Atom username to the XRD output
preserve activities in object
let callers pass in an XMLOutputter to output to
execution protection on discovery.php
PHPCS linkheader.php
...
2011-01-19 22:58:07 -08:00
Zach Copley
e475bdfe77
OAuth: Fix rare problem in which request tokens were sometimes being
...
returned as access tokens.
2011-01-19 22:55:00 -08:00
Zach Copley
6eca8188b6
Fix a couple spelling mistakes in comments and remove redundant statement terminator
2011-01-19 15:52:18 -08:00
Brion Vibber
963e7576f2
Merge branch 'testing' into moveaccount
2011-01-19 10:41:14 -08:00
Brion Vibber
397f7cd0d8
Refactor profile sidebar statistics output so plugins can hook it and add entries.
2011-01-18 13:32:00 -08:00
Brion Vibber
ff6df8061b
Refactor profile sidebar stats generation: factor out giant chunk of repeated method calls
2011-01-18 13:12:08 -08:00
Brion Vibber
9be770e609
Start cleaning up profile sidebar: link the header text on subscription/subscriber/groups sections to the tabs so users don't have to dance around looking for the link if they don't have enough to trigger a 'more' link.
...
Consolidated some of that link generation; sooooo much more dupe code to kill in this section!
2011-01-18 12:52:38 -08:00
Brion Vibber
56e2bc10d9
Cleanup stray PHP 4-style references in hook calls for navigation bars. We can't replace the live action from here, and don't need a reference to keep the object mutable. Dumping the references helps ensure we don't end up getting errors when things calling the hooks might forget to use the reference and the PHP error reporting settings expose this fact at us.
2011-01-18 12:34:27 -08:00
Evan Prodromou
2a59453d4c
Merge branch 'testing' into moveaccount
2011-01-17 17:34:03 -05:00
Evan Prodromou
fb681990d9
Account moving is a background activity
2011-01-17 17:31:56 -05:00
Evan Prodromou
dce2824747
considerably more logging and error checking in AccountMover
2011-01-17 15:25:58 -05:00
Evan Prodromou
feb3ae4c09
add a log method to AccountMover
2011-01-17 15:06:15 -05:00
Evan Prodromou
b11426dbf4
normalize accounts and check for return in HTTP for moving
2011-01-16 17:17:55 -05:00
Evan Prodromou
905aded81a
move account-moving classes to their own libraries
2011-01-16 17:17:55 -05:00
Evan Prodromou
81079fe522
execution protection on discovery.php
2011-01-16 17:17:55 -05:00
Evan Prodromou
fafb6733db
PHPCS discovery.php
2011-01-16 17:17:55 -05:00
Evan Prodromou
1152b0c3e8
Move discovery library from OStatus plugin to core
2011-01-16 17:16:01 -05:00
Evan Prodromou
a953b93194
Revert "Revert "0.9.7alpha1""
...
This reverts commit fd20554651
.
Conflicts:
lib/common.php
2011-01-16 17:15:26 -05:00
Evan Prodromou
fd7dd9b10f
Parse properties of links in XRD files
2011-01-16 17:15:26 -05:00
Evan Prodromou
8653d8a252
Add the Atom username to the XRD output
2011-01-16 17:15:26 -05:00
Evan Prodromou
aa9137ca71
preserve activities in object
2011-01-16 17:15:26 -05:00
Evan Prodromou
e433e559f8
let callers pass in an XMLOutputter to output to
2011-01-16 17:15:26 -05:00
Evan Prodromou
2a54919d1f
execution protection on discovery.php
2011-01-16 17:15:26 -05:00
Evan Prodromou
0649b96e9b
PHPCS linkheader.php
2011-01-16 17:15:26 -05:00
Evan Prodromou
02cf7d47f8
PHPCS discovery.php
2011-01-16 17:15:26 -05:00
Evan Prodromou
abf694ae5b
move linkheader.php to core
2011-01-16 17:15:26 -05:00
Evan Prodromou
7d1f609bf0
Move discovery library from OStatus plugin to core
2011-01-16 17:15:26 -05:00
Evan Prodromou
39cf147a77
remove dt/dd pairs for license blocks
2011-01-14 15:56:25 -05:00
Siebrand Mazeland
02f005fe5f
* L10n updates
...
* translator documentation added
2011-01-14 21:53:39 +01:00
Evan Prodromou
bbaf9d7f42
some fixes for new no-dl layout
2011-01-14 15:53:02 -05:00
Siebrand Mazeland
bf40b3e694
* remove i18n for debug message.
...
* add i18n for some exceptions.
* add translator documentation.
* L10n updates.
* remove superfluous whitespace.
2011-01-14 21:41:36 +01:00
Evan Prodromou
5c25364141
remove extraneous <dl> and <dt> tags
2011-01-14 15:36:06 -05:00
Evan Prodromou
ca75adf408
Update version number and codename
2011-01-12 18:14:57 -05:00
Evan Prodromou
f9b2feb7f5
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
README
2011-01-12 18:05:56 -05:00
Brion Vibber
cb56f445b8
Ticket #2166 : accept aliases for local group names in API
...
Also simplifies the code by using User_group::getForNickname instead of duplicating half of it :D
2011-01-07 16:23:54 -08:00
Brion Vibber
5616bfb5ff
Fix warning in subscribers/subscriptions list pages where we attempted to call free() an ArrayWrapper after it was used up, thus trying to forward the call to a nonexistent object.
...
Removed the free calls (unneeded since destructors now work), and added an error check w/ logging & an exception for future attempts to forward calls to nonexistent object.
2011-01-07 15:29:30 -08:00
Brion Vibber
0ec07e9c65
Use ReflectionFunction to check for a present-but-disabled dl() function instead of manually parsing the disable_functions php.ini setting.
...
We were checking the list as comma-delimited (per the description of it as comma-delimited), but in fact spaces are also accepted, and who knows what else.
2011-01-07 14:48:40 -08:00
Brion Vibber
35507cd039
Fix ticket #2392 : sending invitation email fails when site name contains double quotes
...
Gotta escape quotes!
2011-01-06 17:43:00 -08:00
Brion Vibber
f2a43769e7
Fix for atom/activity streams parsing: feed's <activity:subject> was being taken at a higher priority than entry's <atom:author>, which broke OStatus group posting since we retired <activity:actor>.
...
Added test case to ActivityParseTests.
2011-01-06 15:13:38 -08:00
Brion Vibber
4b29d0ebb6
Merge branch 'testing-sig' of gitorious.org:~brion/statusnet/brion-fixes into testing
2011-01-05 16:04:32 -08:00
Brion Vibber
f5650806cc
Switch autoloader from '__autoload' magic function name to registering our function with spl_autoload_register(); fixes compat problem with PHPUnit 3.5+ which seems to break the old __autoload
2011-01-05 23:27:17 +00:00
Evan Prodromou
60d8fcd0e7
Revert "Revert "0.9.7alpha1""
...
This reverts commit fd20554651
.
Conflicts:
lib/common.php
2011-01-05 10:52:44 -08:00
Evan Prodromou
a7e5c58a82
Merge branch 'revertversion' into 0.9.x
2011-01-03 10:51:42 -08:00
Evan Prodromou
fd20554651
Revert "0.9.7alpha1"
...
This reverts commit 3d62c1cf51
.
2011-01-03 10:51:29 -08:00
Evan Prodromou
98a0d7f538
Configuration options for using an HTTP proxy
...
We can make a lot of HTTP requests from the server side. This change
adds some configuration options for using an HTTP proxy, which can
cache hits from multiple sites (good for status.net-like services, for example).
2011-01-03 10:38:32 -08:00
Brion Vibber
80e2f4f529
Fix up edge case in nickname processing: overlong display forms should be rejected before normalization (storage of display forms will also have fields with limited length)
2010-12-30 17:11:16 -08:00
Evan Prodromou
66f6b2a342
Events to hook for NoticeListElement <li> generation
2010-12-30 16:57:05 -08:00
Evan Prodromou
32eb4c5e2d
Merge remote branch 'gitorious/0.9.x' into 1.0.x
...
Conflicts:
lib/common.php
2010-12-30 15:52:08 -08:00
Evan Prodromou
3b5c3d2c84
UUID-generation tools
2010-12-30 12:15:34 -08:00
Evan Prodromou
c91b080a8e
version 0.9.8dev
2010-12-29 16:18:43 -08:00
Evan Prodromou
3d62c1cf51
0.9.7alpha1
2010-12-29 16:15:57 -08:00
Evan Prodromou
d8219c07be
update version to 0.9.7
2010-12-29 16:14:00 -08:00
Evan Prodromou
80191b56df
Show <activity:subject> in Atom group notice feed
...
Version 0.9.6 and below of StatusNet assume anything in <author> is a
Person. So, we include an <activity:subject> element, which will be
checked first by those versions of the code, only for group feeds.
At some point we'll take this out, but it's useful for now.
2010-12-29 15:33:57 -08:00
Evan Prodromou
d3b10959f4
Merge branch '0.9.x' into noactor
2010-12-29 15:29:29 -08:00
Evan Prodromou
26afe79ed9
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
2010-12-29 14:53:38 -08:00
Brion Vibber
e211e6228d
Merge branch '0.9.x' into 1.0.x
2010-12-28 11:38:34 -08:00
Brion Vibber
90c7ff1983
Merge branch 'master' into 0.9.x
2010-12-28 11:37:38 -08:00
Brion Vibber
d3d9797496
Prevent group creation by silenced users.
...
* adds Right::CREATEGROUP
* logic in Profile::hasRight() checks for silencing
* NewgroupAction checks for the permission before letting you see or process the form in the UI
* User_group::register() logic does a low-level check on the specified initial group admin, and rejects creation if that user doesn't have the right; guaranteeing that API methods etc will also have this restriction applied sensibly.
2010-12-28 11:34:02 -08:00
Evan Prodromou
8814fb3822
Merge branch '0.9.x' into socialbookmark
2010-12-27 22:38:36 -08:00
Evan Prodromou
1996545947
add events for restoring activities
2010-12-27 22:28:20 -08:00
Evan Prodromou
6393326557
Merge branch '0.9.x' into socialbookmark
2010-12-27 20:49:31 -08:00
Evan Prodromou
c78170a275
Better job making an ActivityObject from an <atom:author>
2010-12-27 10:19:51 -08:00
Evan Prodromou
ab92496ddc
Stop using <activity:subject> for atom feeds
2010-12-27 10:03:34 -08:00
Evan Prodromou
f5128015be
Use outputTo() instead of asString() for including sub-elements
2010-12-27 09:46:25 -08:00
Evan Prodromou
1188d5bab2
Don't output deprecated <activity:actor> element
2010-12-27 09:25:26 -08:00
Brion Vibber
26baad63f2
Merge branch '0.9.x' into 1.0.x
2010-12-22 15:25:38 -08:00
Brion Vibber
464e0f8115
Don't trust text/xml mime types; generic content detection gives useless stuff like that on SVG images! Todo: replace the extension check in this case with better content-based checks.
2010-12-22 13:56:19 -08:00
Evan Prodromou
402cac2f93
Merge branch '0.9.x' into socialbookmark
...
Conflicts:
lib/activityobject.php
2010-12-22 12:09:42 -08:00
Evan Prodromou
35d9a065fb
Revert "initialize ActivityObject::$extra"
...
This reverts commit 3e82000d57
.
2010-12-22 12:07:13 -08:00
Evan Prodromou
e11ca1e052
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
2010-12-22 12:05:40 -08:00
Brion Vibber
448dfb69d4
Initialize $extra member to empty array on ActivityObject
2010-12-22 12:03:05 -08:00
Evan Prodromou
3e82000d57
initialize ActivityObject::$extra
2010-12-22 12:02:50 -08:00
Evan Prodromou
5fe8301129
disable account deletion by default
2010-12-22 11:25:47 -08:00
Evan Prodromou
9a6ceb3303
Merge branch 'righttoleave' into 0.9.x
2010-12-22 11:22:51 -08:00
Evan Prodromou
17515aacac
drop previous in oembedhelperexception code
2010-12-20 18:32:43 -05:00
Evan Prodromou
f63355451d
fixup exception constructor for php 5.2
2010-12-20 18:28:42 -05:00
Brion Vibber
f82dd4e14f
Merge branch '0.9.x' into 1.0.x
2010-12-20 14:28:43 -08:00
Evan Prodromou
24f9a991b6
Let activity objects write directly to activity's own outputter
2010-12-20 13:30:33 -05:00
Evan Prodromou
6a6dd81d1f
Let activity objects write directly to activity's own outputter
2010-12-20 13:26:57 -05:00
Evan Prodromou
688841fb41
ActivityObject has attribute for other elements
2010-12-19 10:16:44 -05:00
Evan Prodromou
25d03c42e6
Add events for representing objects as activity:object
...
Add 6 new events to make it easier to override the type of an activity object.
2010-12-18 17:24:41 -05:00
Brion Vibber
d8a3a88ec8
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
classes/Memcached_DataObject.php
2010-12-17 17:13:21 -08:00
Brion Vibber
fb8312ebf4
Ticket #2959 : implement api/users/profile_image endpoint in Twitter-compat API
2010-12-17 17:10:52 -08:00
Evan Prodromou
573bbeced1
action to restore a user's backup from the Web interface
2010-12-17 18:56:48 -05:00
Evan Prodromou
1d6091cad2
Two bug fixes in activityimporter
2010-12-17 18:56:17 -05:00
Evan Prodromou
120802b807
change code order to make shorter lines
2010-12-17 18:55:00 -05:00
Evan Prodromou
1a81356622
I'm still not sure when it's useful to reset a notice's author
2010-12-17 17:37:43 -05:00
Evan Prodromou
4b41d05a13
Make restoreuser use new FeedImporter queue handler
2010-12-17 16:27:20 -05:00
Evan Prodromou
044763cf06
move activity importing code to two different queuehandler classes
2010-12-17 13:12:17 -05:00
Evan Prodromou
6469d75fb0
Move accountrestorer class to feed importer
2010-12-17 13:10:23 -05:00
Evan Prodromou
16fc5314fb
move code to get an author object for a feed to a library from Ostatus_profile
2010-12-17 13:09:37 -05:00
Brion Vibber
e79034e163
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
plugins/CacheLog/locale/nb/LC_MESSAGES/CacheLog.po
2010-12-16 15:56:19 -08:00
Brion Vibber
ed24c95ac2
Fix ticket #2929 : router cache now clears itself when switching singleuser mode in and out
2010-12-16 13:42:10 -08:00
Evan Prodromou
39804809dd
distribute flag for Notice::saveNew()
2010-12-16 16:17:38 -05:00
Evan Prodromou
2e2519afee
Move account restoration code to a shared library
...
Moved most of the heavy-lifting for account restoration out of
restoreuser.php and into its own class, with the hope that we'll do
the work from the Web eventually.
2010-12-15 17:53:38 -05:00
Evan Prodromou
e16cb8c03a
Merge branch '0.9.x' into righttoleave
2010-12-15 16:48:28 -05:00
Brion Vibber
bf20258f4b
Merge branch '0.9.x' into 1.0.x
2010-12-15 11:59:31 -08:00
Brion Vibber
6c67114198
Mark OembedAction, XrdAction, and (plugin) AutocompleteAction as read-only. Tweaked ApiStatusesShow and ApiTimelineUser to still claim read-only when hit with a HEAD request (usually link checkers or a precursor to a GET, and should be semantically equivalent to a GET without actually transferring data)
2010-12-14 16:14:15 -08:00
Brion Vibber
2ed1e9b126
AtomPub discovery fix: gets MarsEdit's auto API detection working.
...
Router entry for AtomPubService was slightly off, generating an incorrect link in the RSD data.
2010-12-14 14:43:50 -08:00
Evan Prodromou
d840578aa0
An action to delete your own account
...
The new DeleteaccountAction lets a user delete their own account
(subject to global rights set by the admin). It presents a form to
delete the account, with an "I am sure." text entry box.
It then schedules the account for deletion and logs the user out.
2010-12-14 12:38:43 -05:00
Evan Prodromou
5089d3065c
add an action to backup the current account in ActivityStreams format
2010-12-13 16:32:39 -05:00
Evan Prodromou
75aaa98462
define rights for account maintenance and default rules
2010-12-13 16:28:32 -05:00
Evan Prodromou
7c7b91e61a
define configuration settings for account maintenance security
2010-12-13 16:28:02 -05:00
Evan Prodromou
4be9c0a0e9
fix URL for memberships feed
2010-12-13 13:50:57 -05:00
Evan Prodromou
4b7a0d366c
add atompub membership actions to router
2010-12-13 12:40:01 -05:00
Evan Prodromou
37c447be46
Show a single favorite for AtomPub
2010-12-10 18:50:50 -05:00
Evan Prodromou
167f760ab8
Merge branch '0.9.x' into activityatompub
...
Conflicts:
lib/router.php
2010-12-10 17:04:55 -05:00
Brion Vibber
d55f606cf8
Tweaking nickname format regexes: added one that explicitly allows numbers, to be used in router setup.
2010-12-09 16:43:35 -08:00
Evan Prodromou
c619a257fe
Add subscription feed for AtomPub
2010-12-09 16:05:07 -05:00
Evan Prodromou
11a0bde459
AtomPub for single subscription
2010-12-09 13:11:02 -05:00
Evan Prodromou
94ff04e190
Don't cache user-specific information for Notice atom entries
2010-12-08 13:59:12 -05:00
Evan Prodromou
db519d3ffb
whitespace problems in lib/router
2010-12-07 16:23:12 -05:00
Evan Prodromou
57859a4bc8
generate links for apinamespace.org/atom and /twitter in userxrd
2010-12-07 15:53:34 -05:00
Evan Prodromou
eab8d752e8
allow <Property> elements in <Link> in XRD
2010-12-07 15:53:08 -05:00
Evan Prodromou
d5466ac87e
fix whitespace in lib/xrdaction.php
2010-12-07 15:26:43 -05:00
Brion Vibber
9df856e667
Merge branch '0.9.x' into merge
...
Conflicts:
README
actions/hostmeta.php
classes/File_redirection.php
lib/common.php
lib/designsettings.php
lib/router.php
lib/util.php
lib/xmppmanager.php
plugins/OStatus/OStatusPlugin.php
2010-12-07 10:50:05 -08:00
Evan Prodromou
1fb506c27d
use codeKey() in activity caching
2010-12-06 17:28:22 -05:00
Evan Prodromou
25f644f4b9
Merge branch '0.9.x' into cacheactivity
2010-12-06 17:22:34 -05:00
Evan Prodromou
b35352790f
Merge branch 'master' of gitorious.org:statusnet/mainline
2010-12-06 17:21:38 -05:00
Evan Prodromou
49757c79ee
Config flag to disable router caching if needed
2010-12-06 17:21:01 -05:00
Evan Prodromou
a33d1d6090
use Cache::codeKey() in Router class
2010-12-06 17:20:44 -05:00
Evan Prodromou
004d58fdb8
Make code-dependent cache entries more volatile
...
If a cache entry is dependent on the code that's running, upgrading
(or enabling/disabling plugins) can generate hard-to-track
inconsistencies.
This change adds a close-to-unique fingerprint of the running code to
some cache keys, so that if the fingerprint changes, the old values
are ignored and new values are used.
If the automated uniqueness fails, an administrator can add an extra
config value, $config['site']['build'], that's thrown into the key also.
2010-12-06 17:20:26 -05:00
Evan Prodromou
bb63fd4b75
Config flag to disable router caching if needed
2010-12-06 17:19:41 -05:00
Evan Prodromou
8c4e14b59c
use Cache::codeKey() in Router class
2010-12-06 17:08:52 -05:00
Evan Prodromou
b3d47ed6cc
Make code-dependent cache entries more volatile
...
If a cache entry is dependent on the code that's running, upgrading
(or enabling/disabling plugins) can generate hard-to-track
inconsistencies.
This change adds a close-to-unique fingerprint of the running code to
some cache keys, so that if the fingerprint changes, the old values
are ignored and new values are used.
If the automated uniqueness fails, an administrator can add an extra
config value, $config['site']['build'], that's thrown into the key also.
2010-12-06 17:05:32 -05:00
Evan Prodromou
8564fc51c5
cache generated activity info
2010-12-06 16:38:02 -05:00
Evan Prodromou
da8b268e06
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
2010-12-06 15:52:03 -05:00
Evan Prodromou
0c0418bdfb
correctly generate enclosure in Activity::asString()
2010-12-06 15:51:42 -05:00
Brion Vibber
2617c40e04
Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
classes/User.php
2010-12-06 12:44:19 -08:00
Brion Vibber
76f3dc32e0
Added User::singleUserNickname() as (temporary?) fallback for single-user lookup as a workaround for site setup of 1user sites. We found that an external tool attempting to spin up StatusNet and then register the user would fail because StatusNet's router setup dies on being unable to find its single-user account, since the nickname is needed in setting up routing entries. This tweak will let it survive, using the configured setting as a fallback if it can't actually find the user account.
2010-12-06 12:39:09 -08:00
Evan Prodromou
1f0949f9ac
remove common_debug() from Activity::asString()
2010-12-06 15:22:52 -05:00
Evan Prodromou
b28266b3d6
Convert Notice::asAtomEntry() to use Notice::asActivity() and Activity::asString()
...
We had two ways to generate an activity entry from a notice; one through
Notice::asAtomEntry() and one through Notice::asActivity() and
Activity::asString(). The code paths had already diverged somewhat. I
took the conditions that were in Notice::asAtomEntry() and made sure
they were replicated in the other two functions. Then, I rewrote
Notice::asAtomEntry() to use the other two functions instead.
This change passes the ActivityGenerationTests unit tests, but there
may be some other stuff that's not getting covered.
2010-12-05 16:15:05 -05:00
Brion Vibber
aa96c3c1d9
Fix for tickets #2917 , #2262 : user URL shortening options not being applied in non-web channels
...
common_shorten_links() can only access the web session's logged-in user, so never properly took user options into effect for posting via XMPP, API, mail, etc.
Adds an optional $user parameter on common_shorten_links(), and a $user->shortenLinks() as a clearer interface for that.
Tweaked some lower-level functions so $user gets passed down -- making the $notice_id param previously there for saving URLs at notice save time generalized a little.
Note also ticket #2919 : there's a lot of duplicate code calling the shortening, checking the length, and reporting near-identical error messages. These should be consolidated to aid in code and translation maintenance.
2010-12-02 13:41:56 -08:00
Brion Vibber
f68d4e7d06
Fix dumb mistake -- changed function names partway through writing Nickname and forgot to update a couple places. :)
2010-12-01 11:21:00 -08:00
Evan Prodromou
7aa201fa52
Merge branch 'master' into 0.9.x
...
Conflicts:
lib/router.php
2010-11-30 14:46:26 -05:00
Evan Prodromou
af31767b63
was using Cache::get() and ::set() wrong
2010-11-30 14:44:16 -05:00
Evan Prodromou
c86dff9901
use a CRC32 of the plugin names rather than actual names
2010-11-30 10:11:53 -05:00
Evan Prodromou
8c993a502c
use a CRC32 of the plugin names rather than actual names
2010-11-30 10:11:39 -05:00
Evan Prodromou
f5c8549068
Squashed commit of the following:
...
commit 39fdd181d95d2c39a3ea1ca330b10a99a92b961f
Author: Evan Prodromou <evan@status.net>
Date: Mon Nov 29 10:37:49 2010 -0500
use cache key prefix for router cache key
commit 4cb9e56941922489b83d6425c059cf770991e68f
Author: Evan Prodromou <evan@status.net>
Date: Mon Nov 29 10:31:21 2010 -0500
use a unique hashkey based on the software version and loaded plugins
commit 44458b48aef719543e11f83b41fded65cbcb8be9
Author: Evan Prodromou <evan@status.net>
Date: Sat Nov 27 17:04:15 2010 -0500
cache the NUM object
commit 809c188307a9b4ada15f3d7fa573a6034341efef
Author: Evan Prodromou <evan@status.net>
Date: Sat Nov 27 15:44:12 2010 -0500
accelerate routing by pivoting paths on actions
2010-11-30 09:58:00 -05:00
Evan Prodromou
02da858cef
Squashed commit of the following:
...
commit 39fdd181d95d2c39a3ea1ca330b10a99a92b961f
Author: Evan Prodromou <evan@status.net>
Date: Mon Nov 29 10:37:49 2010 -0500
use cache key prefix for router cache key
commit 4cb9e56941922489b83d6425c059cf770991e68f
Author: Evan Prodromou <evan@status.net>
Date: Mon Nov 29 10:31:21 2010 -0500
use a unique hashkey based on the software version and loaded plugins
commit 44458b48aef719543e11f83b41fded65cbcb8be9
Author: Evan Prodromou <evan@status.net>
Date: Sat Nov 27 17:04:15 2010 -0500
cache the NUM object
commit 809c188307a9b4ada15f3d7fa573a6034341efef
Author: Evan Prodromou <evan@status.net>
Date: Sat Nov 27 15:44:12 2010 -0500
accelerate routing by pivoting paths on actions
2010-11-30 09:57:02 -05:00
Brion Vibber
3be352551a
Normalize username strings in command parsing
2010-11-29 16:44:40 -08:00
Brion Vibber
3f0557aa8e
General code safety: validate input and escape SQL strings in common_relative_profile()
2010-11-29 16:44:01 -08:00
Brion Vibber
e03d2584aa
Use Nickname::DISPLAY_FMT instead of manual regex fragments in router setup for nickname parameters.
2010-11-29 16:02:35 -08:00
Brion Vibber
82799f675f
Add Nickname test cases for @-reply regexes in common_find_mentions
2010-11-29 15:07:55 -08:00
Brion Vibber
fffc10a230
Nickname class to encapsulate validation & common regexes for nickname formats.
...
This provides initial infrastructure for decoupling display names from internal canonical names, but continues to have us storing and using the canonical forms.
It should be/become possible to provide mixed-case and underscore-containing names in links, @-mention, !-group, etc, but we don't store those alternate forms generally.
2010-11-29 14:46:10 -08:00
Brion Vibber
dc350b5463
Work in progress on nickname validation changes. lib/nickname.php appears to have been destroyed by NetBeans and will be rewritten shortly. Sigh.
2010-11-29 14:15:25 -08:00
Brion Vibber
6c4e5a89c1
Add some doc comments on nickname-related stuff in util.php
2010-11-29 11:31:10 -08:00
Evan Prodromou
edf660c6ff
Make userxrd work without OStatus enabled
2010-11-26 22:09:51 -05:00
Evan Prodromou
fcc0825b14
Make userxrd part of the default hostmeta
2010-11-26 21:46:51 -05:00
Evan Prodromou
0a4911552e
Move user xrd action to core and use hooks to extend
...
Moved the Webfinger user XRD action from the OStatus plugin to core.
Added hooks to add OStatus-specific stuff, but kept general stuff in
the core.
2010-11-26 21:38:38 -05:00
Craig Andrews
3f3b38766f
move xrd and hostmeta out of the OStatus plugin and into core
...
add event for setting up hostmeta, and use them in the OStatus plugin
2010-11-26 21:12:14 -05:00
Brion Vibber
cff14c7e10
Merge branch 'master' into 0.9.x
2010-11-19 16:18:53 -08:00
Brion Vibber
b615998309
Fix ticket #2700 : some numeric IDs were misinterpreted as hex numbers instead of strings when '0x123' passed in.
...
Switched from is_numeric() to a custom self::is_decimal() which is more strict.
This makes our behavior match Twitter's API a bit better, so eg this:
http://identi.ca/api/statuses/home_timeline/0x6d686b.xml
should now be equivalent to:
http://identi.ca/api/statuses/home_timeline.xml?screen_name=0x6d686b
instead of:
http://identi.ca/api/statuses/home_timeline.xml?user_id=7170155
2010-11-19 16:12:28 -08:00
Brion Vibber
826a695077
Ticket #2797 : replace addslashes() with explicit escape calls on the DB objects
2010-11-19 15:06:26 -08:00
Brion Vibber
e0e7cb7c53
Merge branch 'master' into 0.9.x
2010-11-19 14:03:59 -08:00
Brion Vibber
ca55d6c514
Ticket #1987 : support since_id on API notice search methods.
...
max_id is not yet implemented, as it'll need support added to the search backends. (since_id we get 'for free' by just cropping off the list, it'll do for now)
2010-11-19 14:00:22 -08:00
Brion Vibber
834acaaa79
Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x
2010-11-19 12:00:42 -08:00
Brion Vibber
d961925874
Ticket #2899 : clean up inbox/outbox DM form a bit:
...
- "To" drop-down list now defaults to showing "Select recipient:" instead of the first person on your list, reducing liklihood of accidentally sending a message to the wrong person.
- When there are no mutual subscribers to send to, instead of an empty list the list now shows 'No mutual subscribers.'
In both cases, attempting to send when the default is selected displays an error message.
I'm not disabling form elements in part because our themes right now don't show disabled button state correctly; we might want to tighten that up a bit more once fixed.
2010-11-19 11:56:03 -08:00
Brion Vibber
9a590e0843
Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x
2010-11-19 10:43:20 -08:00
Brion Vibber
f468180743
Fix regression in PopularNoticeSection: tag parameter was broken, causing sidebar on tag pages to show untagged favorites.
2010-11-18 14:30:00 -08:00
Zach Copley
645a4d1754
Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x
2010-11-17 22:16:08 +00:00
Zach Copley
2c68703923
Facebook: Gracefully handle disconnection
2010-11-17 21:53:56 +00:00
Brion Vibber
197b56778a
Add $config['attachments']['process_links'] to allow disabling processing of mentioned URL links for attachment info (oEmbed lookups) and dereferencing of redirects that we didn't have shortened ourselves.
...
This option may be useful for intranet sites that don't have direct access to the internet, as they may be unable to successfully fetch those resources.
2010-11-17 13:03:59 -08:00
Evan Prodromou
589aee587f
include full updated source of JSON2 and use updated minified version
2010-11-17 12:34:04 -05:00
Evan Prodromou
d2ddda16e9
use minified version of jquery.cookie.js
2010-11-17 12:32:11 -05:00
Evan Prodromou
d3d91f0f6e
use minified version of jquery.form.js
2010-11-17 12:31:35 -05:00
Evan Prodromou
11805c97d6
Merge branch '0.9.x' into minifyjs
2010-11-17 12:19:19 -05:00
Evan Prodromou
bacc3d2a74
move EndScriptMessages event into if block
2010-11-17 12:19:01 -05:00
Evan Prodromou
da4f8d465f
Use minified version of util.js
2010-11-17 12:16:50 -05:00
Brion Vibber
fa6c6077d6
Merge branch 'master' into 0.9.x
2010-11-16 11:17:29 -08:00
Brion Vibber
0265cdc1c9
Ticket 2895: exclude silenced users from popular notice lists
2010-11-16 11:13:52 -08:00
Brion Vibber
9b9db3b28a
Prep for ticket #2895 : consolidate common code from PopularNoticeList and FavoritedAction for fetching popular notice lists
2010-11-16 11:10:32 -08:00
Zach Copley
64a29bd401
Fix syntax error
2010-11-16 06:10:49 +00:00
Zach Copley
0b573e0d2b
Store the current user in the CurrentUserDesignAction
2010-11-15 22:01:28 -08:00
Zach Copley
bd566b6f85
Merge branch '0.9.x' into facebook-upgrade
2010-11-16 02:32:46 +00:00
Brion Vibber
e4eb3b3dfd
Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x
2010-11-15 17:36:48 -08:00
Brion Vibber
5fdcba472b
RemoteProfileAction cleanup:
...
- meta robots to prevent spidering
- a little notice if silenced
2010-11-15 16:12:16 -08:00
Brion Vibber
6849b8f9e5
Workaround for display of Twitter remote users in remoteprofile (ModPlus plugin): use 73px avatar if no 96px present
2010-11-15 15:39:42 -08:00
Brion Vibber
0d0e51292d
some User -> Profile cleanup to help in adapting the profile page action to show stuff for remote users. Subscriptions, groups, roles, etc are all on profiles now so go ahead and use em.
2010-11-15 15:32:57 -08:00
Brion Vibber
fe7cb35551
restore empty showFallback() for attachment display; still needed for one-offs
2010-11-15 12:56:56 -08:00
Brion Vibber
5c00848b74
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
2010-11-15 12:38:53 -08:00
Brion Vibber
87114a5c30
Add some basic oEmbed lookup test cases; fixed a bug in discovery fallback.
2010-11-15 11:55:28 -08:00
Brion Vibber
57ec01d0b8
Drop some debug lines
2010-11-15 11:30:35 -08:00
Brion Vibber
c8445299c7
Swap the Services_oEmbed wrapper in oEmbedHelper out for doing it ourselves...
...
- workaround for providers that are skimpy on their data, such as missing width/height or thumbnail_width/thumbnail_height
- workaround for YFrog listing "image" instead of "photo" type
- generally more lax about formatting: if it comes back and looks kinda ok, we'll take it.
- discovery uses system HTML parser, should be more robust if the links include things like ampersands with proper HTML-level escaping
2010-11-15 11:25:38 -08:00
Evan Prodromou
8a21b13ee9
Merge remote branch 'gitorious/0.9.x' into 0.9.x
2010-11-15 11:57:31 -05:00
Evan Prodromou
c1cee3b27f
Merge branch 'atompub' into 0.9.x
...
Conflicts:
actions/apistatusesshow.php
actions/apitimelineuser.php
2010-11-15 11:57:19 -05:00
Evan Prodromou
01f32e3998
Merge remote branch 'gitorious/1.0.x' into 1.0.x
...
Conflicts:
actions/urlsettings.php
2010-11-14 06:49:43 -05:00
Brion Vibber
4f323efdf7
Encapsulate the oEmbed -> oohembed fallback into oEmbedHelper class. Also added a chance to whitelist sites that don't show discovery info but do have oEmbed API endpoints, and to provide alternate APIs for some common services.
...
Newly supported:
- TwitPic: added a local function using TwitPic's API, since the oohembed implementation for TwitPic produced invalid output which Services_oEmbed rejects. (bug filed upstream)
Tweaked...
- Flickr: works, now using whitelist to use their endpoint directly instead of going through oohembed
- Youtube: worked around a bug in Services_oEmbed which broke the direct use of API discovery info, so we don't have to use oohembed.
Not currently working...
- YFrog: whitelisting their endpoint directly as the oohembed output is broken, but this doesn't appear to work currently as I think things are confused by YFrog's servers giving a '204 No Content' response on our HEAD checks on the original link.
2010-11-12 17:41:35 -08:00
Brion Vibber
2c33fdd2fb
Only use saved thumbnails for notice list attachment thumbs -- don't attempt to search enclosures for photo types. We now save thumbs directly for oEmbed photos that don't list a separate thumb entry (like Flickr), so it's not needed. Keeps things cleaner :D
2010-11-12 14:03:57 -08:00
Brion Vibber
65eeb7cba5
Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
actions/newgroup.php
2010-11-12 13:32:48 -08:00
Brion Vibber
5d12ec0532
Merge branch 'oembed-thumbnails' into 0.9.x
2010-11-12 12:28:44 -08:00
Brion Vibber
cb124fe831
Add a quick config setting to disable/enable display of thumbnails in regular notice lists (attachments/show_thumbs) - disabling gives the same display as before this feature was added (but changes to oembed handling are still there, and the lightbox popup is gone)
2010-11-12 12:24:55 -08:00
Brion Vibber
fbd8052d05
Add error logging for a couple send-fail cases in XMPP out
2010-11-10 15:26:18 -08:00
Brion Vibber
46223da594
CSS class tweak for inline attachment thumbnails to avoid things thinking they're content links
2010-11-10 14:31:55 -08:00
Craig Andrews
cc0038d47c
Fix isHTTPS to work correctly for Cherokee and IIS
2010-11-10 15:53:20 -05:00
Brion Vibber
592e0bc505
add title attribute on attachment list items
2010-11-09 16:43:37 -08:00
Zach Copley
5b94d9e86b
Merge branch '0.9.x' into facebook-upgrade
2010-11-09 23:16:17 +00:00
Brion Vibber
f25accc43e
split out InlineAttachmentList from AttachmentList
2010-11-09 10:45:19 -08:00
Brion Vibber
504529e8cd
Keep aspect ratio when generating local thumbnails
2010-11-08 17:51:53 -08:00
Brion Vibber
694448e0aa
Add attachments 'thumb_width' and 'thumb_height' settings for inline thumbs, defaulting to 100x75.
...
This is used as the max thumb width/height for oEmbed requests (replacing the old default of 500x400 which was more suitable for the lightbox).
2010-11-08 17:36:02 -08:00
Brion Vibber
c36fecb794
Save a thumbnail image when uploading an image file into the file attachments system. Currently hardcoded to 100x75, needs aspect-sensitivity etc.
2010-11-08 17:20:04 -08:00
Brion Vibber
dc497ed090
Break out ImageFile->resizeTo() from ImageFile->resize(); allows resizing images to non-square sizes and to arbitrary destinations. Will be used for creating thumbnails as well as the originala use of cropping/sizing avatars.
2010-11-08 16:56:08 -08:00
Brion Vibber
a2994e3aa2
Testing... using photo info for temp thumbnails
2010-11-08 15:50:06 -08:00
Brion Vibber
551b196a35
doomy doom doom
2010-11-08 15:32:41 -08:00
Brion Vibber
883f7a6c0b
Avoid marking files as attachments that are not locally uploaded, unless they're really oembedable. HTML-y things now excluded properly.
2010-11-08 13:27:54 -08:00
Evan Prodromou
719b480eaa
use subclassing to change notice list output for single notice
2010-11-08 13:08:59 -05:00
Siebrand Mazeland
bb31c25c2d
* i18n/L10n updates.
...
* translator documentation added.
* superfluous whitespace removed.
2010-11-04 19:16:19 +01:00
Brion Vibber
2692b5fc84
Fix for ticket #2853 : fix for some unknown MIME type error cases by adjusting the PEAR error handling temporarily around MIME_Type_Extension usage.
2010-11-03 17:05:26 -07:00
Brion Vibber
b716d01a41
Merge branch '0.9.x' into 1.0.x
2010-11-03 16:09:49 -07:00
Brion Vibber
28e009898f
Fix for ticket #2852 : skip sending favorite notification emails if the favoriter is someone you've blocked.
2010-11-03 15:17:46 -07:00
Brion Vibber
8e04e88800
Use Profile->getBestName() in PersonalGroupNav instead of manually picking nickname vs fullname. Logic should still work the same when no nickname is provided, but it doesn't make any sense -- probably needs cleanup. :)
2010-11-03 13:11:34 -07:00
Brion Vibber
6e03456753
Migrate some more code from manually constructing "fullname (nickname)" to using Profile->getFancyName(). Encapsulates common logic and allows for localization of the parens.
2010-11-03 13:10:42 -07:00
Brion Vibber
dc4fafbbd1
General cleanup & part of ticket #2864 : use User_group->getFancyName() instead of replicating the logic in various places. Encapsulates and allows for localization of parens.
2010-11-03 12:59:19 -07:00
Zach Copley
e716c3ebaf
Merge branch '0.9.x' into facebook-upgrade
2010-11-02 23:17:07 +00:00
Zach Copley
764a297383
Output filename in log msg if one is supplied
2010-11-02 23:13:20 +00:00
Siebrand Mazeland
973a48bded
i18n/L10n fixes and translator documentation addded/updated.
2010-11-02 23:48:36 +01:00
Siebrand Mazeland
a65362f7fa
Add context for different uses of "%1$s (%2$s)"
2010-11-02 23:08:59 +01:00
Brion Vibber
0229c22d23
Merge branch '1.0.x' into schema-x
2010-11-02 15:02:55 -07:00
Brion Vibber
04ca706601
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 1.0.x
...
Conflicts:
actions/confirmaddress.php
actions/othersettings.php
2010-11-02 15:02:10 -07:00
Brion Vibber
86201761ea
Use SN.msg() and onEndScriptMessages() to export localized UI messages from Realtime plugin and its descendents.
2010-11-02 13:12:58 -07:00
Brion Vibber
5a9bb0adc4
Tossing in a basic i18n message export to script code. Plugins can hook StartScriptMessage/EndScriptMessage, or directly add needed mappings in Action::getScriptMessages(). Exported entries are accessible as SN.msg(key) at runtime.
...
StatusNet core code now sets the tooltip text on .attachment.more links when they receive their attachment-expansion magic; this will override the hardcoded tooltip text saved from OStatus plugin when displaying timelines in the web UI.
2010-11-02 13:05:16 -07:00
Brion Vibber
692ef9c330
Include fulltext indexes in MySQL table create
2010-11-01 13:27:44 -07:00
Zach Copley
2306f7a7f4
Merge branch '0.9.x' into facebook-upgrade
2010-11-01 19:13:31 +00:00
Siebrand Mazeland
6ab34fd8e8
* i18n/L10n updates.
...
* translator documentation added.
* superfluous whitespace removed.
2010-11-01 16:49:35 +01:00
Siebrand Mazeland
9b7ac27c69
* add translator documentation.
...
* i18n FIXME tagging.
2010-11-01 16:49:34 +01:00
Siebrand Mazeland
b89dfa3a5b
Fix i18n issues that are solved by using plural.
2010-11-01 16:49:33 +01:00
Siebrand Mazeland
08edd1fedf
* i18n/L10n updates.
...
* translator documentation added/updated.
* superfluous whitespace removed.
2010-10-31 00:58:35 +02:00
Siebrand Mazeland
83233a8a43
Fix i18n for B/kB/MB and add translator documentation.
2010-10-31 00:34:28 +02:00
Siebrand Mazeland
234b03d945
* translator documentation updates.
...
* added FIXMEs in actions/showgroup.php.
* superfluous whitespace removed.
2010-10-30 14:36:54 +02:00
Siebrand Mazeland
8391058ea4
Tabs to spaces, superfluous whitespace removed.
2010-10-30 13:47:19 +02:00
Zach Copley
2c420cc5eb
New Start/EndHtmlElement events. Allows adding namespaces.
2010-10-29 23:38:00 +00:00
Brion Vibber
f5019ac5aa
tweaks for the installer whee
2010-10-29 16:26:45 -07:00
Brion Vibber
345b7d33b8
some sorta vaguely working bits
2010-10-29 15:28:48 -07:00
Brion Vibber
ac2447c395
tweak
2010-10-29 14:58:52 -07:00
Brion Vibber
1daa1bfa39
fix notice
2010-10-29 14:49:05 -07:00
Evan Prodromou
c4b8f68a1a
Merge remote branch 'gitorious/1.0.x' into 1.0.x
2010-10-29 11:14:02 -04:00
Evan Prodromou
36baff3d41
Merge remote branch 'gitorious/master'
2010-10-29 11:14:00 -04:00
Evan Prodromou
c8dab140f4
add a hack to show ads on single-notice pages
2010-10-29 11:13:33 -04:00
Brion Vibber
e7c7fd39fc
Merge branch '1.0.x' into schema-x
...
Conflicts:
plugins/CacheLog/locale/nb/LC_MESSAGES/CacheLog.po
2010-10-28 16:27:53 -07:00
Brion Vibber
b26eccf33c
Merge branch '0.9.x' into 1.0.x
2010-10-28 16:26:34 -07:00
Brion Vibber
fb0c3f4f99
Kill a ping queue item if we get an error on loading up the notice's poster's profile, rather than letting the item be retried over and over as if it were a transitory error.
...
This shouldn't generally happen as it's an indicator of database inconsistency, but it's a condition we know happens.
2010-10-28 12:58:30 -07:00
Evan Prodromou
9e15290963
Merge remote branch 'gitorious/1.0.x' into 1.0.x
2010-10-27 13:47:54 -04:00
Craig Andrews
1851933c34
Enable Strict Transport Security plugin by default
2010-10-27 10:12:35 -04:00
Craig Andrews
22a0cf6251
Set cookies with "secure" flag on SSL sites. Improves security.
2010-10-26 17:55:09 -04:00
Evan Prodromou
93a8718f97
Merge remote branch 'gitorious/1.0.x' into 1.0.x
2010-10-26 09:22:21 -04:00
Brion Vibber
b483a0549f
Merge branch '1.0.x' into schema-x
...
Conflicts:
plugins/CacheLog/locale/nb/LC_MESSAGES/CacheLog.po
2010-10-25 13:14:33 -07:00
Brion Vibber
ca489631db
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
actions/subscriptions.php
lib/router.php
lib/xmppmanager.php
lib/xmppoutqueuehandler.php
2010-10-25 13:08:57 -07:00
Zach Copley
78396db28a
Forgot to add the OAuth verifier pin page to sensitive array
2010-10-25 12:36:03 -07:00
Zach Copley
0dcc3f8d71
We don't need to have editapplication (only showapplication) in the
...
sensitive array because it doesn't expose the consumer keypair
2010-10-25 12:10:52 -07:00
Zach Copley
3954ab39ae
Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL if
...
available
2010-10-25 11:52:17 -07:00
Evan Prodromou
59a7d78acb
Atom Service Document
2010-10-24 23:43:26 -04:00
Evan Prodromou
43a67b150a
show a single notice in atom entry format
2010-10-24 15:58:53 -04:00
Evan Prodromou
69a1ecec9b
check for a post
2010-10-24 15:04:12 -04:00
Brion Vibber
eb30c6651a
Additional fixes found while looking at ticket #2532 : when given a screen name as API parameter for a profile, do the nickname lookup on local users only. The profile table can't guarantee unique lookups, so using names isn't currently safe there. This won't affect anything using local nicknames correctly, and may avoid some weird bugs if there were conflicts between local and remote nicknames.
2010-10-22 13:53:10 -07:00
Brion Vibber
2d124e4aab
Fix for ticket #2532 : fixed API block create/destroy when specifying the target user/profile as a separate query parameter, such as api/blocks/create.xml?param=xxx
...
The router settings weren't quite right so we ended up with bogus regex values passed in as the 'id' parameter, which broke the regular fallback ordering of parameter checks.
2010-10-22 13:51:28 -07:00
Zach Copley
3969870cf3
Normalize HTML body ids to lowercase when the user is logged out as well.
2010-10-22 18:32:08 +00:00
Evan Prodromou
568cb8a205
Merge remote branch 'gitorious/1.0.x' into 1.0.x
2010-10-22 09:24:50 -04:00
Brion Vibber
d6f4588b9e
Workaround for http_build_query() oddities in low-level router parent code when PHP config is set with non-default separator.
2010-10-21 19:10:43 -07:00
Zach Copley
0b134d3e69
Re-camelcase ApiOauthAuthorizeAction so it will be accessible when
...
a site is in pivate mode
2010-10-21 18:15:11 -07:00
Zach Copley
fb86e7c285
Normalize all action HTML body ids to lowercase
2010-10-21 13:03:56 -07:00
Zach Copley
648f79be10
Change OAuth authorization page's action name to be inline with
...
other web page action names so the body id outputs correctly. Fix
some other bugs.
2010-10-21 13:00:59 -07:00
Zach Copley
500157998a
Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x
2010-10-21 01:18:53 +00:00
Zach Copley
f283a283b7
Fix syntax error
2010-10-21 01:17:59 +00:00
Siebrand Mazeland
fb12094f61
i18n/L10n updates, translator docs updated, superfluous whitespace removed.
2010-10-21 03:10:46 +02:00
Zach Copley
bfdb8385ec
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
actions/apioauthauthorize.php
lib/apioauthstore.php
2010-10-20 17:28:28 -07:00
Zach Copley
e56385a7bb
Use a new table (oauth_token_association) to associate authorized
...
request tokins with OAuth client applications and profiles.
2010-10-20 17:21:04 -07:00
Siebrand Mazeland
28ec9d6463
* translator documentation added.
...
* moved some translator comments that were not directly above the line with the message to the correct location.
* i18n for UI text.
* superfluous whitespace removed.
2010-10-21 01:12:56 +02:00
Brion Vibber
8004e2809d
Fix for ticket #2845 : singleuser nickname configuration was being overridden by site owner in router setup.
...
I've consolidated the checks for which user to use for single-user mode into User::singleUser(), which now uses the configured nickname by preference, falling back to the site owner if it's unset.
This is now called consistently from the places that needed to use the primary user's nickname in routing setup.
Setting $config['singleuser']['nickname'] should now work again as expected.
2010-10-20 14:34:25 -07:00
Siebrand Mazeland
e980da3d20
Add FIXME
2010-10-20 20:01:12 +02:00
Siebrand Mazeland
dc62cf1c0b
* i18n/L10n fixes.
...
* translator documentation updated/added.
* superfluous whitespace removed.
2010-10-20 19:34:27 +02:00
Siebrand Mazeland
17f5cc4f29
Merge branch '0.9.x' of git://gitorious.org/statusnet/mainline into 0.9.x
2010-10-20 18:26:51 +02:00
Siebrand Mazeland
1459110124
Fix nasty bug in parameter for e-mail notification for favourite.
2010-10-20 11:16:21 +02:00
Zach Copley
5ca29ab0de
Merge branch 'anon-consumer' into 0.9.x
2010-10-19 21:01:53 -07:00
Zach Copley
e8b6d7c946
Add support for an anonymous OAuth consumer. Note: this requires a
...
small DB tweak. Oauth_application_user needs to have the primary
compound key: (profile_id, application_id, token).
http://status.net/open-source/issues/2761
This should also make it possible to have multiple access tokens
per application.
http://status.net/open-source/issues/2788
2010-10-19 20:54:53 -07:00
Brion Vibber
3b6f738ab7
Convert SamplePlugin to new-style table defs, tweak some stuff to test basic checkschema
2010-10-19 17:25:56 -07:00
Brion Vibber
8b0ba03a2e
Starting to encapsulate some of the schema_version checksum / updater logic
2010-10-19 17:07:37 -07:00
Siebrand Mazeland
25b9552ec3
More complete sentence and translator documentation added.
2010-10-20 00:53:42 +02:00
Siebrand Mazeland
4b4894b121
Many i18n/L10n updates and lots of descriptions for translators added.
2010-10-20 00:35:39 +02:00
Brion Vibber
a67160e01e
Merge branch '1.0.x' into schema-x
...
Conflicts:
lib/common.php
2010-10-19 15:19:46 -07:00
Brion Vibber
3593f3f132
Merge branch '0.9.x' into 1.0.x
2010-10-19 15:18:07 -07:00
Brion Vibber
aeb1c23a2f
fix index drop on pg
2010-10-19 12:23:49 -07:00
Brion Vibber
e07254d15b
$config['db']['mysql_foreign_keys'] option to experimentally enable foreign keys on MySQL. (Would only work on InnoDB tables, may explode, etc)
2010-10-19 12:11:49 -07:00
Brion Vibber
7751d455de
Initial foreign key setup support
2010-10-19 12:08:59 -07:00
Zach Copley
5ac694c74f
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
2010-10-19 12:08:48 -07:00
Zach Copley
5866493cae
OAuth - better log messages
2010-10-19 12:07:59 -07:00
Brion Vibber
53cf39c97a
strip column prefix lengths from key defs on pg
2010-10-18 18:26:11 -07:00
Brion Vibber
d3f8a880a9
Fix misnamed unique constraint
2010-10-18 18:16:07 -07:00
Brion Vibber
b865ded7ff
Quoting fixes for postgres
2010-10-18 18:15:58 -07:00
Brion Vibber
ebe9972df6
tweak unique constraint setup
2010-10-18 18:07:25 -07:00
Brion Vibber
4aa6c4e49f
MySQL schema: fix dropping unique indexes, add support for changing table properties back from old code.
2010-10-18 17:44:41 -07:00
Brion Vibber
a923ef9719
Drop reverseTypeMap from schemas; we're now doing the forward-mapping on the canonical def before comparing
2010-10-18 17:21:12 -07:00
Brion Vibber
e44f1fe989
PG tweak
2010-10-18 17:15:51 -07:00
Brion Vibber
f1bfbece06
Merge branch '1.0.x' into schema-x
2010-10-18 15:26:20 -07:00
Brion Vibber
e8da3618c2
Bump version/string: 0.9.6 "Man on the Moon"
2010-10-18 14:49:02 -07:00
Evan Prodromou
3a36714847
Merge remote branch 'gitorious/1.0.x' into 1.0.x
2010-10-18 15:42:21 -04:00
Brion Vibber
7765ddae81
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
README
lib/default.php
2010-10-18 12:17:11 -07:00
Brion Vibber
edf8990aa9
fix notice on non-https views
2010-10-18 11:12:26 -07:00
Evan Prodromou
47ac8458ca
default for nofollow external is sometimes
2010-10-18 11:41:18 -04:00
Evan Prodromou
7c05b0dafc
options to nofollow external links in notices
2010-10-18 11:29:52 -04:00
Evan Prodromou
e4422f9e48
Merge remote branch 'gitorious/1.0.x' into 1.0.x
2010-10-18 10:15:27 -04:00
Brion Vibber
eb93bdbb03
some more tweaking to do the mappings during filterDef; not totally sure I like it
2010-10-15 16:32:37 -07:00
Brion Vibber
e0cb6d6f7f
fix notice on non-https views
2010-10-15 15:03:54 -07:00
Brion Vibber
fa50ab2a94
fix notice on non-https views
2010-10-15 15:01:55 -07:00
Brion Vibber
1a2170914e
woops wrong path
2010-10-15 15:01:43 -07:00
Brion Vibber
3dd4157f26
tweak copyright headers on installer
2010-10-15 14:49:05 -07:00
Brion Vibber
90c35dc541
Cleanup on making the schema work for installer (not quite there yet)
2010-10-15 13:47:38 -07:00
Brion Vibber
77300f94a3
fix typo on params on Schema->createTable()
2010-10-15 13:34:54 -07:00
Brion Vibber
dcf0acd503
Make StatusNet::initDefaults() public so we can call it from the installer.
2010-10-15 13:34:35 -07:00
Brion Vibber
201efe6b62
Split the core-setup bits of common.php out to framework.php (better ideas?) so we can easily set up our framework to run Schema setup before we have a core database to load a live config from.
2010-10-15 13:33:26 -07:00
Brion Vibber
a335dcbcbb
Update installer to use new Schema code to create the core tables instead of db/statusnet.sql or db/statusnet_pg.sql
2010-10-15 12:20:10 -07:00
Brion Vibber
4c3aebd396
Merge branch '1.0.x' into schema-x
2010-10-15 11:40:40 -07:00
Evan Prodromou
9abe6fa666
Merge remote branch 'gitorious/1.0.x' into 1.0.x
2010-10-15 13:46:44 -04:00
Brion Vibber
a2090ecc97
Merge branch '2828' into 0.9.x
2010-10-14 16:52:01 -07:00
Brion Vibber
3f74f44603
Fix for ticket #2828 : apostrophe in site name set in installer created a broken config.php.
...
Now running values through var_export() before putting them into the config.php, ensuring strings will be properly quoted.
2010-10-14 16:25:43 -07:00
Craig Andrews
0721d8d3e2
Merge remote branch 'statusnet/0.9.x' into 1.0.x
2010-10-14 15:27:17 -04:00
Evan Prodromou
1a4dc03bfe
document and default for site|ssllogo
2010-10-14 14:56:38 -04:00
Evan Prodromou
8f3b18f27f
fix copy-and-paste error in javascript url creation
2010-10-14 14:53:20 -04:00
Evan Prodromou
72454db118
make the logo be compatible with HTTPS pages, if possible
2010-10-14 14:22:49 -04:00
Evan Prodromou
b31c49c5d4
Make HTTPS urls in File::url() if necessary
2010-10-14 14:22:17 -04:00
Evan Prodromou
97a7fb246c
correctly use sslserver if it is set
2010-10-14 01:35:11 -04:00
Evan Prodromou
7436e5d13e
use HTTPS for scripts and stylesheets if the current page is HTTPS
2010-10-14 01:09:02 -04:00
Evan Prodromou
ac63f8baae
show HTTPS urls for JavaScript if HTTPS used for page
2010-10-14 01:00:13 -04:00
Evan Prodromou
74c5aa8f9a
consolidate some theme path code between ssl and non-ssl
2010-10-14 00:59:53 -04:00
Evan Prodromou
ca0323d01b
use HTTPS for favicon.ico if page is HTTPS
2010-10-14 00:50:26 -04:00
Evan Prodromou
d91f894ccb
try to show HTTPS-encrypted theme files for HTTPS-encrypted pages
2010-10-14 00:46:32 -04:00
Evan Prodromou
40c64388e6
try and show an SSL image for the creative commons image
2010-10-14 00:31:13 -04:00
Evan Prodromou
cef10c7167
add static method StatusNet::isHTTPS()
2010-10-14 00:16:23 -04:00
Brion Vibber
4f4b0a2612
logic fix in diffing :D
2010-10-13 16:56:49 -07:00
Brion Vibber
0de3661d57
Fix for PG filtering
2010-10-13 16:21:24 -07:00
Brion Vibber
c0bb3062f6
suppress notices for non-present sections
2010-10-13 16:11:02 -07:00
Brion Vibber
229c772634
Filter table definitions to scrub out unsupported features before trying to alter a table. This lets us skip those where we end up trying to change unsupported features.
2010-10-13 16:04:28 -07:00
Brion Vibber
4101de7dd7
Merge branch '1.0.x' into schema-x
2010-10-13 15:46:45 -07:00
Evan Prodromou
07963a2a10
Merge remote branch 'gitorious/1.0.x' into 1.0.x
2010-10-13 15:18:33 -04:00
Evan Prodromou
ddb60a8191
Merge remote branch 'gitorious/0.9.x' into 0.9.x
2010-10-13 15:18:32 -04:00
Brion Vibber
bca215563f
Clean up remote avatar temporary files if we fail before saving them into avatars directory (OMB core, OStatus, WikiHowProfile, YammerImport)
2010-10-13 11:10:04 -07:00
Craig Andrews
f79dbaf9a7
Add a doc page that links to the StatusNet wiki API page
...
Add a redirect action that merely redirects to another action
Redirect /api to /doc/api so users don't get the "lame" "No such user" error message
2010-10-12 23:38:16 -04:00