Adrian Lang
6367def2d8
Remove OAuthRequest as storage from userauthorization.
...
Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-11 10:33:26 +01:00
Adrian Lang
df7565ddcc
Remove second OAuth request validation.
2009-03-11 10:32:12 +01:00
Adrian Lang
24713499a9
Fixes #827 : Laconica expects full OAuth message for user auth request.
...
When a user subscribes to a remote profile, he is redirected to his own service to confirm the request. This authorization request is specified in http://oauth.net/core/1.0#auth_step2 . According to the standard, it does not have to pass consumer_key, nonce, timestamp or signature. The only specified parameters are oauth_token and oauth_callback, both optional.
2009-03-11 10:30:30 +01:00
Adrian Lang
1ba3ac9ee3
Make OMB work if the configured domain name does not exclusively contain lower case letters.
...
If the configured domain is mixed-case OAuth throws invalidsignature errors. The current URL is part of the signated parts; since the consumer does not pass the current URL, the service has to get it itself and add it to the other OAuth params for signature rebuilding. OAuth.php uses $_SERVER for this, however, the domain is lcased in $_SERVER. Hence we pass the complete current URL as generated by common_local_url to OAuthRequest.
2009-03-11 10:27:54 +01:00
Adrian Lang
04a05ca236
Merge branch '0.7.x' of git@gitorious.org:laconica/dev into 0.7.x
2009-03-11 10:14:32 +01:00
CiaranG
b9194e7923
Correction to recently added dupe-checking feature - was using wrong config value
2009-03-11 09:12:39 +00:00
Adrian Lang
72338b8c26
Merge branch '0.7.x' of http://git.gitorious.org/laconica/erichelgeson-clone into review/0.7.x
2009-03-11 10:07:41 +01:00
Zach Copley
622cc150d8
Fix xml:lang attr
2009-03-10 18:30:58 -07:00
Zach Copley
1e29cbd691
Make search API Atom feeds more valid
2009-03-10 18:17:20 -07:00
Zach Copley
a989c58c11
Fix tag URIs in Atom feeds for search thru the API
2009-03-10 17:20:43 -07:00
Zach Copley
df07786f28
Allow unauthenticated users to view /api/statuses/replies/id.format
...
(they can already see @replies via friends_timeline anyway).
2009-03-10 16:48:14 -07:00
Zach Copley
5caeeabfc2
Updated config.php.sample with example Tag URI configs
2009-03-10 16:24:46 -07:00
Zach Copley
91980c73a7
Updates to the API to improve Atom feeds
2009-03-10 16:15:57 -07:00
Eric Helgeson
c6cd87c106
Changed all $config[][] calls to common_config()
2009-03-09 20:01:35 -05:00
CiaranG
945bbf00dc
PostgreSQL - a couple more GROUP BY queries that needed to be explicit
2009-03-09 20:24:56 +00:00
Sarven Capadisli
8d3d16f2f8
Updated URL patterns for identica Profiles for YahooSearchMonkey app.
...
Added app to show custom identica notices.
Note that these files can be used as templates for other laconica
instances.
2009-03-09 19:43:46 +00:00
Adrian Lang
f87ef9b72b
Fixes #1277 : Typo in variable name in actions/twitapidirect_messages.php.
2009-03-09 09:45:40 +01:00
Adrian Lang
fbe794e44d
Improve handling of null values in profile parameters.
...
This commit fixes two issues:
- Allowing remote users to clear profile parameters via OMB.
- Improved handling of profile parameters which evaluate to
false ('0' for example)
2009-03-09 08:06:31 +01:00
Adrian Lang
6ab9d6b140
Remove additional output as response to updateprofile.
...
This output breaks our own response validation and is not part of the OMB spec.
2009-03-08 17:09:09 +01:00
Adrian Lang
4c8c9bb9df
Define undefined variable.
2009-03-08 17:06:18 +01:00
Adrian Lang
e8e4043996
Typo in lib/omb.php updateprofile request handling.
2009-03-08 17:04:48 +01:00
Adrian Lang
c8b10381a9
Add subedit to the main/ routes.
2009-03-08 16:56:20 +01:00
Evan Prodromou
6101280cd9
Merge branch '0.7.x' of git@gitorious.org:laconica/dev into 0.7.x
2009-03-08 11:52:45 -07:00
Evan Prodromou
c97142ad3e
first version of plugin for pingback and trackback (no trackback yet)
2009-03-08 11:50:55 -07:00
Evan Prodromou
e55808698b
use call_user_func for callbacks
2009-03-08 11:49:34 -07:00
CiaranG
1df3eeba86
Added the new pinghandler to the stopdaemons script and improved the behaviour and output of the script
2009-03-08 17:40:45 +00:00
CiaranG
2133d5a4e7
PostgreSQL - some more fixes to make queries compatible with both databases. (submitted by oxygene)
2009-03-08 16:16:10 +00:00
CiaranG
a5f1124830
PostgreSQL - use the specific sequence names required by DB_DataObject, otherwise rebuilding can't work
2009-03-08 15:51:31 +00:00
CiaranG
a89d7ceab0
PostgreSQL - added equivalent of the MySQL-specific rebuilddb.sh script, for upgrading
2009-03-08 11:58:27 +00:00
CiaranG
a5b9f59cb2
Merge branch '0.7.x' of git@gitorious.org:laconica/dev into 0.7.x
2009-03-08 09:25:23 +00:00
Evan Prodromou
f66775658c
trying to kill the can't-leave-a-group bug
2009-03-07 17:47:43 -08:00
Adrian Lang
bea3fca189
Fix bug in dupe checking on notice post when there is no notice in cache.
2009-03-07 17:45:29 -08:00
Evan Prodromou
7d7d78b7f7
you can _so_ leave a group if you're its admin
2009-03-07 17:43:59 -08:00
Evan Prodromou
ad83998f10
Revert "Remove leave button from grouplist if current user is admin of that group."
...
People shouldn't be forced to be part of a group, even if they are the
admin. If a group has no admin, we need to figure out what to do with
it, but it's wrong to force anyone to be part of a group.
This reverts commit f9a7ae27b8
.
2009-03-07 17:16:52 -08:00
Evan Prodromou
d014d43c68
Merge branch '0.7.x' of git@gitorious.org:laconica/dev into 0.7.x
2009-03-07 17:14:55 -08:00
CiaranG
61940e37ff
Merge branch '0.7.x' of git@gitorious.org:laconica/dev into 0.7.x
2009-03-08 01:11:22 +00:00
Adrian Lang
f9a7ae27b8
Remove leave button from grouplist if current user is admin of that group.
2009-03-08 01:45:57 +01:00
Adrian Lang
f8d1381717
Corrected redirect targets for some group actions. These redirects can occur when the canonical name differs from the passed name.
2009-03-08 01:37:27 +01:00
CiaranG
a4091c878a
PostgreSQL - propogated nonce table fix from MySQL version - see bug #1251 or 1179ecd13d
2009-03-07 23:28:59 +00:00
Evan Prodromou
c21d61840d
Let people view friends_timeline of others
...
Add some code to view others' friends timelines through API.
2009-03-07 14:13:33 -08:00
Evan Prodromou
1a63d7d829
fix case of OAuthUtil method
2009-03-07 13:35:19 -08:00
Evan Prodromou
ba9c589bb2
fix for change in OAuthUtil upstream
2009-03-07 13:32:44 -08:00
Evan Prodromou
2400589c2f
helpful documentation for oauthstore nonce stuff
2009-03-07 13:00:13 -08:00
Evan Prodromou
1179ecd13d
Fix nonce usage in OAuth store
...
The OAuth store was failing on getting a request token, because the
token value was forced to be non-null in the DB. Let this value be
null, and use the correct primary key (consumer, timestamp, nonce).
Drop the reference to token table, and don't ever use it.
2009-03-07 12:55:09 -08:00
Evan Prodromou
22742c3b72
Make OpenID login and registration URLs work
...
The OpenID login and registration URLs were not generating correctly.
I added them to the list of "bare" actions in the router class, and
they work great now.
2009-03-07 12:38:22 -08:00
Evan Prodromou
0570c16e6c
Add local directory for plugins, themes, etc.
...
Added a local directory for locally-installed software. This is where
you should put any code you write, themes, plugins, etc. so they don't
get stomped by upgrades.
2009-03-07 11:56:01 -08:00
Evan Prodromou
1980f166a7
change trust root calculation
2009-03-07 11:36:10 -08:00
Evan Prodromou
bffd931c37
Merge branch '0.7.x' of git@gitorious.org:laconica/dev into 0.7.x
2009-03-07 09:46:35 -08:00
Evan Prodromou
986a322231
Limit duplicate notices in a particular time period (default 60s)
...
We disallow posting a notice with duplicate content more than once a
minute.
Conflicts:
config.php.sample
2009-03-07 09:43:50 -08:00
Federico Marani
bab3e1b858
Merge branch '0.8.x' of git://gitorious.org/laconica/dev into 0.8.x
...
Conflicts:
lib/util.php
2009-03-07 13:54:54 +00:00