Mikael Nordfeldth
0deaf6c50c
use common_purify to purify HTML, one function to rule them all
2015-02-18 00:14:28 +01:00
Mikael Nordfeldth
3dce6d9f6a
Implement a common_purify for htmLawed and more
...
We're removing unicode formatting characters as well, such as RTL marks.
For more info on why we're because extra cautious (but may accept the
characters in later versions) you can read:
https://blog.malwarebytes.org/online-security/2014/01/the-rtlo-method/
2015-02-18 00:10:31 +01:00
Mikael Nordfeldth
7ba7f43199
Don't linkify bare domains by default
...
It's too farfetched to assume any text.com in a notice is an HTTP URL.
For example stuff like pasting from log entries, with domain.com:1234
where 1234 is a _PID_ or something, not a port number for http://...
2015-02-17 20:54:32 +01:00
Mikael Nordfeldth
c31c2d10b9
PHP>=5.4.0 lets us use Transliterator, tags now asciified!
...
For example: #REVOLUCIÓN becomes #revolucion instead of #revolución
2015-02-17 20:17:22 +01:00
Mikael Nordfeldth
6cdedf6049
Replace $this->user/auth_user with $this->scoped in lib/apiaction.php
...
We prefer handling a Profile class rather than the User class, as some
functions might be useful for remote users as well, which cannot be
handled via the User class.
2015-02-17 17:16:33 +01:00
Chimo
fb03fc073a
ApiTimelineList: Fixes ServerErrorAction
...
"No matches for action 'ApiTimelineList' with arguments 'format=atom
id=1'"
for 'api/:user/lists/:id/statuses.:format' URLs
2015-02-15 16:00:23 -05:00
Mikael Nordfeldth
b6b9036821
StartSubMenu and EndSubMenu events
2015-02-14 17:32:35 +01:00
Mikael Nordfeldth
dc0b62f636
Merge commit 'refs/merge-requests/45' of https://gitorious.org/social/mainline into merge-requests/45
2015-02-14 16:45:04 +01:00
buttle
9a8ccbaef2
Call HomeStubNav instead of duplicating code
...
adminpanelnav.php adds a homeStub but does not use the code created for the job.
2015-02-13 16:38:22 +01:00
buttle
d0347bb98f
Removing home stub if empty
...
Added an Event HomeStubNavItems
menu->subMenu() returns false if empty
2015-02-13 16:26:41 +01:00
Mikael Nordfeldth
b3e80f5c32
Updated README.md and framework.php
2015-02-13 12:09:12 +01:00
Mikael Nordfeldth
6620ad793a
Deja vu of user->getProfile() from 4f9b70d
2015-02-13 11:55:37 +01:00
Mikael Nordfeldth
4f9b70d51f
Profile expected in Notice::asActivity from UAS
2015-02-13 11:41:21 +01:00
Mikael Nordfeldth
a063bb43a8
EndSetApiUser will always contain a User
2015-02-13 01:19:59 +01:00
buttle
2a0a0287d4
Added EVENT to homestubnav
...
Changed menu->submenu(). if (! $menu->getItems()) then do nothing
2015-02-10 19:20:01 +01:00
Mikael Nordfeldth
c6b1b3e5e3
Merge commit 'refs/merge-requests/30' of https://gitorious.org/social/mainline into merge-requests/30
2015-02-08 23:19:53 +01:00
Mikael Nordfeldth
4c9a74cb12
ROLLBACK which may or may not be useful
...
There were problems with queries that were executed but didn't seem to
be committed. Trying to patch that up by calling a ROLLBACK on transactions
where the loading of the page isn't stopped after the BEGIN statement's
intended function fails (like with the rememberme cookie in this commit).
2015-02-08 11:09:19 +01:00
Mikael Nordfeldth
a89e91da79
By default, don't allow nick changes for profiles
...
This goes for both users and groups, since they share nickname namespace.
If you want to enable nickname changes, just add this to your config:
$config['profile']['changenick'] = true;
This commit should cover all changes in our usual web forms as well as through
the API.
2015-02-04 21:25:14 +01:00
Mikael Nordfeldth
5155854339
HTMLOutputter input element can take arbitrary attributes now
2015-02-04 20:52:10 +01:00
Mikael Nordfeldth
f0a707cfc6
A single user instance also has the same URLs as multiuser instances
2015-02-04 16:47:43 +01:00
Mikael Nordfeldth
6a4cb43f67
showstream for singleuser instance too
...
singleuser instances shouldn't be too special and have too many
alternative methods of doing stuff.
2015-02-03 22:33:01 +01:00
Mikael Nordfeldth
660e8c6efc
Fave::addNew now calls Notice::saveActivity
...
as a bonus we've fixed several FIXME issues for favorite email notification
and updated parts of the codebase for these activities to a more modern style.
2015-02-03 16:34:11 +01:00
Mikael Nordfeldth
e41d324a53
NoticeStream already handles "getNotices"
2015-02-03 12:12:11 +01:00
Mikael Nordfeldth
40416c2c69
Don't email users who are sandboxed
...
If sandboxed or silenced, don't email the user any notifications.
2015-02-03 11:41:20 +01:00
Mikael Nordfeldth
fdae6f0fb3
neo-gnu is now default-theme. perty.
2015-02-02 18:22:59 +01:00
Mikael Nordfeldth
f05f701764
HTML5 placeholder for notice input form.
2015-02-01 21:35:25 +01:00
Mikael Nordfeldth
c7dd595984
Run onEndSetApiUser also when already logged in!
2015-01-31 16:02:01 +01:00
Mikael Nordfeldth
4c14794cae
ApiTimelineNetworkPublicAction available now
...
Feeds added in NetworkpublicAction too.
2015-01-29 23:01:53 +01:00
Mikael Nordfeldth
dfdfe4143a
Set siteprofile default values for config public/localonly
2015-01-29 20:49:19 +01:00
Mikael Nordfeldth
4daa2e4644
Use 'StartpageAction' to determine what to show on /
2015-01-29 20:48:49 +01:00
Mikael Nordfeldth
a5d27d9ce7
/main/all will give a network-wide public stream
...
Qvitter had implemented this as a "PublicAndExternal" stream, but
I figured we might as well put it into the GNU social core.
2015-01-28 20:25:39 +01:00
Mikael Nordfeldth
eaaef2aec9
'zone' is a valid top domain
...
We should get another form of URL identifier for interpreting links on notices...
It was hard editing this line in vim even, because of wide, multibyte characters...
2015-01-27 15:07:00 +01:00
Mikael Nordfeldth
cc996f58db
Test in Ostatus_profile if avatar is an image before writing to filesystem
...
This clears one FIXME...
We also fix HTTPClient::quickGet() (and a related call in OStatus testfeed.php).
2015-01-27 14:00:39 +01:00
Mikael Nordfeldth
bcb6dadc9f
Corrected message in NoSuchGroupException
2015-01-27 13:37:35 +01:00
Mikael Nordfeldth
d140e135c0
Default textlimit for notices is now 1000 chars
2015-01-26 23:32:08 +01:00
Mikael Nordfeldth
67d09532dd
Improved animated image thumbnail freedom of choice
...
Default is now to take still thumbnails of animated GIFs and then
show them as originals in an AttachmentListItem. The still frames
are mostly used with front-ends like qvitter.
2015-01-26 16:33:39 +01:00
Mikael Nordfeldth
97812549b9
Unnecessarily spammy logs for getThumbnail()
...
When trying to create thumbnails for remote media that don't have the
filename field set, we got a lot of output in the debug log.
2015-01-26 01:16:28 +01:00
Mikael Nordfeldth
a8e613e508
Animated GIF restructuring, ImageMagick only used for resizing animated sequences.
2015-01-25 23:00:00 +01:00
Mikael Nordfeldth
2a7d45c986
No need for ImageMagick to detected animated GIF
2015-01-25 22:45:25 +01:00
Mikael Nordfeldth
4dd6d7869e
Maybe we can detect animated files in core
2015-01-25 22:11:46 +01:00
Mikael Nordfeldth
2b62077fc1
1.1.3-beta2
2015-01-25 02:43:29 +01:00
Mikael Nordfeldth
a9135080c3
barename wasn't used, let's rename it filename and use it
2015-01-25 02:27:02 +01:00
Mikael Nordfeldth
2dd1f3fe67
Default value for max thumbnail size increased
...
Because people have high resolution screens nowadays ;)
2015-01-23 15:04:54 +01:00
Mikael Nordfeldth
015e95829b
MediaFile->getFile() instead of accessing fileRecord
2015-01-23 14:46:47 +01:00
Mikael Nordfeldth
9f87359d04
Non-ajax file submissions should throw NoUploadedMediaException
2015-01-22 12:38:57 +01:00
Mikael Nordfeldth
964d13792b
ssl_verify_host option in config (default is true)
2015-01-22 12:21:57 +01:00
Mikael Nordfeldth
5c7ad2e031
Added a quickGet in HTTPClient
2015-01-22 12:16:01 +01:00
Mikael Nordfeldth
fac9f4e545
Merge branch 'nightly' of gitorious.org:social/mainline into nightly
2015-01-21 23:45:49 +01:00
Mikael Nordfeldth
9c5aa67a63
Enable AntiBrute by default.
2015-01-21 23:43:04 +01:00
Mikael Nordfeldth
8d7230a2b9
EndCheckPassword should run after Start even if pre-exited
...
StartCheckPassword can exit beforehand either with success or failure,
and we want EndCheckPassword to check for stuff like failed login attempts.
2015-01-21 22:31:05 +01:00