Commit Graph

2458 Commits

Author SHA1 Message Date
Alexei Sorokin
8181b28441 Clear out potential duplicates when semi-joining a union
Using a left outer join as a semi-join is not a valid approach.
Can still be used for an anti-semi-join.
2021-07-16 19:44:41 +01:00
Alexei Sorokin
318d2cb6ca Set the character set before making a connection
Ideally the character set should be set with the connection, and so this is
exactly what's being done now.

And now the character set code is attempted to be generalised.
2021-07-16 19:44:41 +01:00
Alexei Sorokin
a0f72fe5c6 Avoid ordering just by a timestamp
Try to also employ an id when possible.
Involves reworking some of the indices.
2021-07-16 19:44:41 +01:00
Alexei Sorokin
d7e7396d17 [Memcached_DataObject] Do not encache on insert
This resulted in N=0 and empty "modified" in cache.
2021-07-16 19:44:41 +01:00
Alexei Sorokin
7e1091eb8c [DATABASE] Make sure the session always uses UTF-8 and UTC 2021-07-16 19:44:41 +01:00
Alexei Sorokin
9efbef720d Avoid use of assignments bare inside statements
Either use them in a subroutine call or put parentheses around the assignment.
2021-07-16 19:44:41 +01:00
Alexei Sorokin
7c2cf605f4 [Profile] Extend the allowed length of nicknames to 191 characters 2021-07-16 19:44:41 +01:00
Alexei Sorokin
590891139f [Memcached_DataObject] Change how multiGet achieves an ordered result
The previous approach sent the key values twice, which for large sets is
twice as bad.

As an optional feature of this approach multiGet now allows retrieving tuples
in exact order and amount of the requested key values.
2021-07-16 19:44:41 +01:00
Diogo Cordeiro
751b23f6fe [ActivityPub] Fix DELETE 2021-07-16 19:44:41 +01:00
Alexei Sorokin
6e5217dc3a [Foreign_link] Change the type of "credentials" to blob
TwitterOAuthClient::packToken uses \0 as a delimeter which can cause issues on
TEXT or VARCHAR.
2021-07-16 19:44:41 +01:00
Alexei Sorokin
3b514abd6b [Queue_item] Let DataObject construct WHERE IN 2021-07-16 19:44:41 +01:00
Alexei Sorokin
2d8f320586 [PostgreSQL] Set timezone to UTC
And remove some redundant neighbouring cruft:
utf8mb4 is already set in mysqlschema more than enough times.
2021-07-16 19:44:40 +01:00
Alexei Sorokin
ed68659ece [SESSION] Session ID can be as long as 128 characters 2021-07-16 19:44:40 +01:00
Alexei Sorokin
ddc3371b43 [NOTICE] Store "url" as TEXT and not VARCHAR(191) 2021-07-16 19:44:40 +01:00
Alexei Sorokin
3075cffcd7 [DATABASE] Change collation handling
Before now table definitions could define collations only for MariaDB using the
MariaDB's collation names directly.
Now instead definitions get a slightly more abstract collation name syntax, but
only supporting the collations utf8mb4_bin and utf8mb4_unicode_(cs|ci) (wrapped
as utf8_bin, utf8_general_(cs|ci)), because those are the ones that have
practical use for GNU social.

Which also means that on MariaDB the formerly used utf8mb4_general_(cs|ci) have
been superseded by utf8mb4_unicode_(cs|ci), as they are the more modern
replacement.

Introduce collation support on PostgreSQL which results in use of the C (POSIX)
collation as utf8_bin and the und-x-icu collation as utf8_general_cs.
utf8_general_ci is also mapped to und-x-icu, which makes it case-sensitive,
unfortunately.
2021-07-16 19:44:40 +01:00
Alexei Sorokin
e62e429302 [File] Fix file deletion violating foreign keys 2021-07-16 19:44:40 +01:00
Alexei Sorokin
668bdc7a6d [Memcached_DataObject] Thorough check of pivotGetClass arguments 2021-07-16 19:44:40 +01:00
Alexei Sorokin
d045bf6f5c [Managed_DataObject] Remove the "timestamp" type
It is converted to "datetime" in lib/database/schema.php
2021-07-16 19:44:40 +01:00
Alexei Sorokin
e051572f84 [Profile] Allow grantRole to work when role exists 2021-07-16 19:44:40 +01:00
Alexei Sorokin
b0b10cf186 [Queue_item] There is no "modified" attribute
Fixes a regression introduced in ec86de2bc4
2021-07-16 19:44:40 +01:00
Alexei Sorokin
6d203d42e9 [DATABASE] Enable fulltext search by default
Also rename fulltext indices to more fitting names
and move the check from classes into database/schema.php
2021-07-16 19:44:40 +01:00
Alexei Sorokin
46ac40d981 Clean Notice_prefs and Fave_tally when a notice is deleted 2021-07-16 19:44:40 +01:00
Alexei Sorokin
1667d727b4 Set HTTP status codes with http_​response_​code() 2021-07-16 19:44:38 +01:00
Alexei Sorokin
bee3dea9c2 [DATABASE] Add explicit indices for all foreign keys
This adds a requirement for all definitions that have foreign keys to also
require indices for all source (local) attributes mentioned in foreign keys.

MariaDB/MySQL creates indices for source attributes automatically, so this
serves as a way to get rid of those automatic indices and create clean explicit
ones instead.

In PostgreSQL, most of the time, indices on the source are necessary to
decrease performance penalty of foreign keys (like in MariaDB), but they aren't
created automatically, so this serves to remove that difference between
PostgreSQL and MariaDB.
2021-07-16 19:44:38 +01:00
Alexei Sorokin
665e4574da [DATABASE] Fix index identifiers and clean up redundant ones 2021-07-16 19:44:38 +01:00
Alexei Sorokin
b1b1d2af93 [DATABASE] Update "modified" in Managed_DataObject instead of a DBMS trigger
Instead of relying on the MariaDB's ON UPDATE CURRENT_TIMESTAMP trigger update
"modified" attributes in Managed_DataObject. Every raw query that needs
adjusting is adjusted, as they won't update "modified" automatically anymore.

The main goal behind this change is to fix "modified" updates on PostgreSQL.
2021-07-16 19:44:37 +01:00
Alexei Sorokin
346aec9b2a [DATABASE] Fix more incorrect uses of quotation in SQL 2021-07-16 19:44:37 +01:00
Alexei Sorokin
5b6a64b125 [Notice] Fix clearReplies() and clearRepeats() 2021-07-16 19:44:37 +01:00
Alexei Sorokin
7d7dbe627b [AuthCrypt] Password storage and comparison improvements
Password hashes are now stored in a TEXT attribute, not limited to 199 symbols.
That limitation makes no sense as password hashes are not the kind of
information to be indexed.

Actually replace crypt() with password_verify() for password checking, current
code left password_verify() unused.

Only update passwords when they use a different algorithm from the current
default. Previously "overwrite" meant rehashing every login.

Replace the "argon" boolean option with "algorithm" and "algorithm_options" for
better configurability.
The default remains whichever is default for PHP's password_hash.
2021-07-16 19:44:37 +01:00
Alexei Sorokin
2d3ec87ea4 [Profile][User_group] Fix profile deletion violating foreign keys 2021-07-16 19:44:37 +01:00
Alexei Sorokin
9ec1b667c0 [DATABASE][Schema_version] Change the hashing algorithm to SHA3-512 2021-07-16 19:44:37 +01:00
Alexei Sorokin
e902a9bdfc [DATABASE] Check SQL boolean values with "IS TRUE"
This way UNKNOWN (NULL) explicitly turns to FALSE when three-valued logic is
reduced to binary.
In pgsqlschema, however, use "IS FALSE" as boolean attributes in pg_index are
non-nullable, there is no outer join and there's no clear preference for NULL
reduction.

Over-complicated constructions in TagCloud queries have been simplified, which
should not affect their performance.

Additionally, in TagCloud's lib/subscriptionspeopleselftagcloudsection.php
a typing mistake in an equi-join of "profile_tag" and "profile_list" on
"tagger" was fixed.
That regression was introduced in f446db8e2a
2021-07-16 19:44:37 +01:00
Alexei Sorokin
e3f1667b47 [NOTICE] Update index for verbs in ProfileNoticeStream
After adding a verb condition there, MariaDB now prefers the
("created", "id", "is_local") and ("profile_id", "verb", "created", "id")
indices for that query, even though they are slow for the job.
So replace them with ("is_local", "created", "id") and
("profile_id", "verb", "created", "id") respectively.
Also fix the naming of the ("profile_id", "created", "id") index.
2021-07-16 19:44:37 +01:00
Alexei Sorokin
c50f16ba58 [CORE] Do not set "confirm_address"."user_id" to 0 by default
That breaks the foreign key constraint, it is better to just have it nullable.
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
9f4c4edb02 [ActivityPub][Ostatus] Fetch avatars in accordance to the new media system 2021-07-16 19:44:37 +01:00
Alexei Sorokin
26115482ef [SCHEMA] Improve timestamp storage
Avoid the use of deprecated MariaDB "zero dates" globally. If they're present
as attribute defaults somewhere, they will be replaced with NULL implicitly.
The existing "zero dates" in MariaDB storage will be left intact and this
should not present any issues.

The "timestamp" type in table definitions now corresponds to DATETIME in
MariaDB with "DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP", which
should be close enough to the original behaviour for compatibility purposes.
It is now the recommended type for "modified" attributes, because of the
update trigger on MariaDB. But there is no such trigger implemented on
PostgreSQL as of this moment.
2021-07-16 19:44:37 +01:00
Alexei Sorokin
eb993df072 [DATABASE] Fix MariaDB schema verification 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
f93d8694c3 [AVATAR] Ensure this Action stays secure 2021-07-16 19:44:37 +01:00
Alexei Sorokin
ad6955e7ff [Memcached_DataObject] Check if it is possible to sort efficiently 2021-07-16 19:44:37 +01:00
Alexei Sorokin
ed4cc01b2f [DATABASE] Replace NOW() with CURRENT_TIMESTAMP 2021-07-16 19:44:36 +01:00
Alexei Sorokin
9ac632ca2d [DATABASE] Start transactions with START TRANSACTION
"BEGIN" is non-standard and unnecessary.
2021-07-16 19:44:36 +01:00
Alexei Sorokin
26622cb84b [UI] Order groups in join descending order in profiles 2021-07-16 19:44:36 +01:00
Hugo Sales
b7ed15c865 [CORE] Make avatars be served with the same mechanism as attachments 2021-07-16 19:44:36 +01:00
Alexei Sorokin
3951ccbef7 [CORE] Use monotonic time via hrtime() where applicable
The realtime clock is not reliable when calculating elapsed time.
2021-07-16 19:44:36 +01:00
Diogo Cordeiro
3d805026a2 [ExtendedProfile] Fix updates and allow to delete values 2021-07-16 19:44:36 +01:00
Alexei Sorokin
53af27a303 [NodeInfo][DATABASE] Adjust indices of the "notice" and "user" tables
On big databases these queries from the Nodeinfo plugin choked up:

SELECT profile_id FROM notice
  WHERE notice.created >= (CURRENT_DATE - INTERVAL '180' DAY)
  AND notice.is_local = 1;
SELECT id FROM "user"
  WHERE "user".created >= (CURRENT_DATE - INTERVAL '180' DAY);
2021-07-16 19:44:36 +01:00
Alexei Sorokin
aab3584f93 [DATABASE] Remove profile_tag_tag_fkey
profile_list.tag is not supposed to be unique,
this also reverts the addition of profile_list_tag_key.
2021-07-16 19:44:35 +01:00
Alexei Sorokin
eab5725698 [DATABASE] Disable 'NULL' strings evaluation as SQL NULLs
Use $object->sqlValue('NULL') (identical to DataObject_Cast'ing) instead and
fix related issues like (email|sms)settings considering these NULLs as a
false positive for the E-Mail address still being set when it's been removed.

There could also be security implications to the now-disabled approach of
considering 'NULL' strings as SQL NULLs.
2021-07-16 19:44:35 +01:00
Diogo Cordeiro
4dbc8d1233 [PEAR DB_DataObject] Removed DB_DATAOBJECT_NO_OVERLOAD as we don't have support for either PHP 4 or 5 2021-07-16 19:44:35 +01:00
Diogo Cordeiro
3dcedfa8bd [MEDIA] Simplify Attachment actions 2021-07-16 19:44:35 +01:00