Commit Graph

18354 Commits

Author SHA1 Message Date
Evan Prodromou
cd5dc3246e got two lines reversed
darcs-hash:20080827211940-84dde-d5b404023a2fb6b74b6255dd91910c9ec7df3cc6.gz
2008-08-27 17:19:40 -04:00
Evan Prodromou
35ed6f473c change queue_item to use a compound primary key
Breaking up to use multiple queue handlers means we need multiple
queue items for the same notice. So, change the queue_item table to
have a compound pkey, (notice_id,transport).

darcs-hash:20080827211239-84dde-db118799bfd43be62fb02380829c64813c9334f8.gz
2008-08-27 17:12:39 -04:00
Evan Prodromou
f59ead93ee remove unimplemented methods from XmppDaemon
darcs-hash:20080827210429-84dde-90c22dbee16f74f53464dcd538a6dbcf49db4f28.gz
2008-08-27 17:04:29 -04:00
Evan Prodromou
b9f0ea6f0e break up monolithic xmppdaemon into multiple queue handlers
Eventually, the poor xmppdaemon has become overloaded with extra
tasks. So, I've broken it up. Now, we have 5 background scripts, and
more coming:

* xmppdaemon.php - handles incoming XMPP messages only.
* xmppqueuehandler.php - sends notices from the queue out through XMPP.
* smsqueuehandler.php - sends notices from the queue out over SMS
* ombqueuehandler.php - sends notices from the queue out over OMB
* xmppconfirmhandler.php - sends confirmation requests out over XMPP.

This is in addition to maildaemon.php, which takes incoming messages.

None of these are "true" daemons -- they don't daemonize themselves
automatically. Use nohup or another tool to background them. monit can
also be useful to keep them running.

At some point, these might become fork()'ing daemons, able to handle
more than one notice at a time. For now, I'm just running multiple
instances, hoping they don't interfere.

darcs-hash:20080827205407-84dde-97884a12f5f4e54c93bc785bd280683d1ee7e749.gz
2008-08-27 16:54:07 -04:00
Evan Prodromou
adeb19f1f7 clean up username entered at login
darcs-hash:20080829225258-84dde-6fee5f0beea62f023c13436b8d7044241bc0d01a.gz
2008-08-29 18:52:58 -04:00
Zach Copley
9fb08ec45e CSRF protection in remotesubscribe
darcs-hash:20080829054038-7b5ce-d0503a8eb7f89a9d2de4aadd4550f4342b943b09.gz
2008-08-29 01:40:38 -04:00
Zach Copley
a034e13bf0 CSRF protection in emailsettings
darcs-hash:20080829053337-7b5ce-6d94638c57d185e5d44e02ad458593a3f4de36d9.gz
2008-08-29 01:33:37 -04:00
Evan Prodromou
2dc50d7e37 CSRF protection in user registration
darcs-hash:20080829054017-84dde-c9268e5c815934dcbca2451dd6c9016f2ac4a03a.gz
2008-08-29 01:40:17 -04:00
Zach Copley
47726844a0 CSRF protection in recoverpassword
darcs-hash:20080829052824-7b5ce-39a8fd299b7a85793ad7a19fe00c93813ca882b6.gz
2008-08-29 01:28:24 -04:00
Evan Prodromou
98e941753b session token in userauthorization form
darcs-hash:20080829052847-84dde-a64918a75f8300ec8fb230202881691066147652.gz
2008-08-29 01:28:47 -04:00
Evan Prodromou
63438008e0 csrf protection in userauthorization
darcs-hash:20080829052732-84dde-0ebb7e32236b480cc3aa2eb7a4bb2b41ff6177d6.gz
2008-08-29 01:27:32 -04:00
Evan Prodromou
9b741c4f9a better client error on CSRF problem with subscribe/unsubscribe
darcs-hash:20080829051628-84dde-2a339a35c422afb9ec04f757771764ed43b2c28b.gz
2008-08-29 01:16:28 -04:00
Evan Prodromou
4272da4e9e CSRF protection for subscription/unsubscription
darcs-hash:20080829051104-84dde-9bd23c28c2c8a720046060a33ff3e5f246c47116.gz
2008-08-29 01:11:04 -04:00
Zach Copley
2e239e3fbb CSRF protection in imsettings.php
darcs-hash:20080829035707-7b5ce-69a9ff98390ff8b9671ede948d78fdb37371aac6.gz
2008-08-28 23:57:07 -04:00
Zach Copley
6be7cbc5cd CSRF protection in smssettings.php
darcs-hash:20080829035118-7b5ce-57613e88b29617ea422c7f7003e81ef885e3debb.gz
2008-08-28 23:51:18 -04:00
Evan Prodromou
6afb7f576e add csrf protection to profile settings
darcs-hash:20080829043909-84dde-c70a633c93ab89560bc300817bda66eebf6176cf.gz
2008-08-29 00:39:09 -04:00
Evan Prodromou
9a65f45c45 CSRF protection in openidsettings
darcs-hash:20080829042908-84dde-1d1a22dfd3d89c5521aeb9069dc64c5f6dad3a27.gz
2008-08-29 00:29:08 -04:00
Evan Prodromou
d0a466bdb7 swap around some stuff to show the form correctly on a CSRF error in openidlogin
darcs-hash:20080829040925-84dde-7195734eeb3df6439c099c1139caf77e2c2ea3c1.gz
2008-08-29 00:09:25 -04:00
Evan Prodromou
42a6492152 CSRF protection for OpenID form
darcs-hash:20080829035934-84dde-cf36fd802bed76fdf15ac39b838494a414d5cc1e.gz
2008-08-28 23:59:34 -04:00
Evan Prodromou
d6dd35a66a add a token for CSRF avoidance
darcs-hash:20080829034854-84dde-a636b446dc254aaa77ac65f63be01e49c192bf32.gz
2008-08-28 23:48:54 -04:00
Evan Prodromou
93e67c7133 show error in delete notice
darcs-hash:20080829025559-84dde-bd29b5e6750a1ff72bd39e8e76bde325b0313fb8.gz
2008-08-28 22:55:59 -04:00
Evan Prodromou
dd55916d56 CSRF protection in deletenotice
darcs-hash:20080829025127-84dde-b3e2eb64b7dd8302037f471f6dba6949e2e15ecc.gz
2008-08-28 22:51:27 -04:00
Evan Prodromou
d3c86d0016 add CSRF protection to avatar
darcs-hash:20080829023919-84dde-38e4bf6bddc120a221af5f856d9f88b7a532096b.gz
2008-08-28 22:39:19 -04:00
Evan Prodromou
d146355875 return after failed token
darcs-hash:20080829023731-84dde-8920bbaf1e1f171829d0acff3f89ec987deb6368.gz
2008-08-28 22:37:31 -04:00
Evan Prodromou
1df845db78 fix random function name
darcs-hash:20080829021854-84dde-818492a31c07dd0921c2a693095ca7ac901b6d35.gz
2008-08-28 22:18:54 -04:00
Evan Prodromou
54bee1b999 code for session token
darcs-hash:20080829015304-84dde-1c93203bdfbd4c1696cdd3c07212ff16a9f727dd.gz
2008-08-28 21:53:04 -04:00
Evan Prodromou
ff566a149d add session token check to password change
darcs-hash:20080829014515-84dde-bce51f66ba0b3b4347a55a70b2b266b72c242304.gz
2008-08-28 21:45:15 -04:00
Evan Prodromou
cf3902d8ac get language before setting it.
darcs-hash:20080828005323-84dde-8f69e1e6115faa544c22436539148dac53ed6f65.gz
2008-08-27 20:53:23 -04:00
Evan Prodromou
f3dc863d8f don't do too many broadcasts or confirms before checking the message queue
darcs-hash:20080827142336-84dde-2bec2149d86900fd0291f8c00f85aa756842bbe1.gz
2008-08-27 10:23:36 -04:00
Evan Prodromou
9bdc7f8ec7 add back in a session start handler
darcs-hash:20080827135422-84dde-857d6e980e18803186d080a60eea60f1362bb348.gz
2008-08-27 09:54:22 -04:00
Evan Prodromou
b69b206c97 restoring upstream XMLStream.php after pulling ciarang's patch
darcs-hash:20080827133048-84dde-cb99ac89c65008a8832395684386518718247887.gz
2008-08-27 09:30:48 -04:00
CiaranG
b6d67b06d4 XMPP daemon that doesn't eat messages - note change to XMPPHP as well (Ticket #551)
darcs-hash:20080826200057-f6e2c-fb9a88251d034824218d20b3fefcde96ddaef827.gz
2008-08-26 16:00:57 -04:00
Evan Prodromou
28ed510854 don't show unknown (debug) errors
darcs-hash:20080827132346-84dde-c5499ac960fbb28bced28ff9355846f7183fcb5c.gz
2008-08-27 09:23:46 -04:00
Evan Prodromou
108b1e7bfd fixup whitespace
darcs-hash:20080827131603-84dde-7be64f28840a29c5833bc625aaf6cb8f07b891e5.gz
2008-08-27 09:16:03 -04:00
Evan Prodromou
44c1863f0e import upstream XMPPHP with @ciarang's fix
darcs-hash:20080827124430-84dde-654751781702f5518153a01aa3dae4a8580b7f35.gz
2008-08-27 08:44:30 -04:00
Evan Prodromou
b1ff7d7a2b fix error storing uris of remote notices
darcs-hash:20080826211108-84dde-b277bdb1476b9cec0c0d93fa8d565c4642ba16c8.gz
2008-08-26 17:11:08 -04:00
Evan Prodromou
4a28e70cf8 use notice URI if it's not local and it's an HTTP URL
darcs-hash:20080826210314-84dde-34d4eb71c7d74b65c0c4b486f345ed7d9301af15.gz
2008-08-26 17:03:14 -04:00
Evan Prodromou
0bc0568e66 only send local messages to public XMPP stream
darcs-hash:20080826205341-84dde-04c1641f4b9c5aa5318b76512664ee9df170d779.gz
2008-08-26 16:53:41 -04:00
Evan Prodromou
782fe0130f optionally turn encryption on or off in the XMPP connection
For identi.ca, we had some problems with the XMPP daemon getting
"stuck" in I/O through the encrypted (by default) XMPP socket. Turning
off encryption helped. So, now it's an option.

darcs-hash:20080826131814-84dde-2c4a809c6fb666dfb4b96d0d61205fe418f4e4b4.gz
2008-08-26 09:18:14 -04:00
Evan Prodromou
4cc84c3225 never allow blank passwords
darcs-hash:20080825185245-84dde-f2ad86c1aedc2a42f7b468775234be53a7e84d5b.gz
2008-08-25 14:52:45 -04:00
Evan Prodromou
08a3c5ac7f use better SQL date, fix security problem with OpenID logins
darcs-hash:20080825184104-84dde-5735c1791002a12c3417603dc85da31ea868f263.gz
2008-08-25 14:41:04 -04:00
Evan Prodromou
21e4fb864f change DataObject_Cast to use sql_now
darcs-hash:20080825183005-84dde-c1d24a057d9545cc6d1f0dc21c5af4ea7316d8e9.gz
2008-08-25 14:30:05 -04:00
Evan Prodromou
cba4b50e44 use common_sql_now() instead of DB_DataObject_Cast
darcs-hash:20080825182338-84dde-ec0edef9469b294b7e23945f1bc7d810da988ed7.gz
2008-08-25 14:23:38 -04:00
Evan Prodromou
55b6e17ee1 use mb_strlen instead of strlen in xmpp daemon
darcs-hash:20080825173105-84dde-ea607521c78694fe558514b423f1c6dc0e70241e.gz
2008-08-25 13:31:05 -04:00
Evan Prodromou
3fda5a684f notify user of remote subscriptions
darcs-hash:20080824200517-84dde-9662d89dbcd948e3ef7b7f8d4e82d90b4891c684.gz
2008-08-24 16:05:17 -04:00
Evan Prodromou
bf5176a711 big scarygram warning in config.php.sample about using DB_DataObject's debug mode
darcs-hash:20080824171202-84dde-fd3ed2b9645f2c2ec5439824dbc6f6a765c0a622.gz
2008-08-24 13:12:02 -04:00
Evan Prodromou
69e6e812b7 move README to main dir
darcs-hash:20080824113719-84dde-fce2da5de5de7cd76c001ac2c48b99edbedb80a8.gz
2008-08-24 07:37:19 -04:00
Evan Prodromou
a20a038542 be a little more liberal for sites that accidentally put whitespace before the xml decl
darcs-hash:20080824013803-84dde-9c5d9ce9c588cfb9baddae64366e3417f0a5fee9.gz
2008-08-23 21:38:03 -04:00
Evan Prodromou
7d6e1bb47f request token is not readonly
darcs-hash:20080824011706-84dde-bf35373c3bfc631f8285f8630155195c3c5cc304.gz
2008-08-23 21:17:06 -04:00
CiaranG
192a673472 Prevent jabber.php error by checking key exists
darcs-hash:20080823053548-f6e2c-dfc8a0acd9fb8589ed37e54c7d0d3d38afff34f5.gz
2008-08-23 01:35:48 -04:00