Commit Graph

2465 Commits

Author SHA1 Message Date
Alexei Sorokin
e7ab305335 [CORE] Use monotonic time via hrtime() where applicable
The realtime clock is not reliable when calculating elapsed time.
2020-01-07 19:48:13 +03:00
Diogo Cordeiro
ca2dde9a41 [ExtendedProfile] Fix updates and allow to delete values 2019-11-03 19:49:10 +03:00
Alexei Sorokin
6674d1ed0f [NodeInfo][DATABASE] Adjust indices of the "notice" and "user" tables
On big databases these queries from the Nodeinfo plugin choked up:

SELECT profile_id FROM notice
  WHERE notice.created >= (CURRENT_DATE - INTERVAL '180' DAY)
  AND notice.is_local = 1;
SELECT id FROM "user"
  WHERE "user".created >= (CURRENT_DATE - INTERVAL '180' DAY);
2019-11-03 18:57:03 +03:00
Alexei Sorokin
52800c3a65 [DATABASE] Remove profile_tag_tag_fkey
profile_list.tag is not supposed to be unique,
this also reverts the addition of profile_list_tag_key.
2019-11-02 14:32:48 +03:00
Alexei Sorokin
5bc1b8695e [DATABASE] Disable 'NULL' strings evaluation as SQL NULLs
Use $object->sqlValue('NULL') (identical to DataObject_Cast'ing) instead and
fix related issues like (email|sms)settings considering these NULLs as a
false positive for the E-Mail address still being set when it's been removed.

There could also be security implications to the now-disabled approach of
considering 'NULL' strings as SQL NULLs.
2019-11-02 12:21:43 +03:00
Diogo Cordeiro
c154712012 [PEAR DB_DataObject] Removed DB_DATAOBJECT_NO_OVERLOAD as we don't have support for either PHP 4 or 5 2019-11-03 00:43:21 +00:00
Diogo Cordeiro
d058a70557 [MEDIA] Simplify Attachment actions 2019-10-19 02:57:32 +01:00
Diogo Cordeiro
7298468df7 [FILE] Fix Return value of File::getFileOrThumbnailSize() must be of the type int, null returned 2019-10-19 01:16:37 +01:00
Alexei Sorokin
ee7f0a2016 [DATABASE] Re-introduce PostgreSQL support 2019-09-11 14:14:40 +03:00
Alexei Sorokin
644b417f6c [DATABASE] Use "<>" as an SQL non-equality sign
"!=" is not SQL compliant.
2019-09-11 13:27:36 +03:00
Alexei Sorokin
af63e9a7ad [DATABASE] Set all primary keys as "not null" explicitly 2019-09-11 12:27:40 +03:00
Alexei Sorokin
95c7344557 [DATABASE] Various table schema related fixes 2019-09-11 12:07:54 +03:00
Alexei Sorokin
62b90c29db [DATABASE] Introduce a bool type in schema
PostgreSQL has a clear distinction between integers and booleans, so it makes
sense to draw a clear line.
2019-09-11 11:25:39 +03:00
Alexei Sorokin
6911b499d3 [DATABASE] Consistently use the "LIMIT $limit OFFSET $offset" syntax
The "LIMIT $offset, $limit" syntax is only supported by MySQL and MariaDB.
2019-09-11 10:12:49 +03:00
Alexei Sorokin
11dabbe44d [DATABASE] Only use single quotation marks for SQL strings
Double quotation marks are only used for identifiers in the SQL standard.
2019-09-11 09:46:30 +03:00
Alexei Sorokin
0a5a3845db [DATABASE] Set NULL in DB_DataObject in a more reliable manner
Also stop assuming that FeedSub::sub_state (enum) and FeedSub::sub_end
(datetime) can possibly be set to an empty string.
2019-09-11 08:32:19 +03:00
Alexei Sorokin
5b797328f2 [DATABASE] Always quote identifiers
The code used to operate under the assumption that MariaDB doesn't support
quoting identifiers. Not only is that not exactly true, but MariaDB has
reserved keywords that cannot be used as table or column names unquoted.
2019-09-11 08:15:16 +03:00
Miguel Dantas
b41f9620fa [LIB_REFACTOR] Fix requires 2019-09-03 03:33:13 +01:00
Miguel Dantas
58bde08425 [LIB_REFACTOR] Moving files into separate semantic categories 2019-09-03 03:33:13 +01:00
Miguel Dantas
f79cd8cee3 [CORE] Fix small bug where Notice was sending a JSON representation to the queue, instead of sending itself 2019-09-03 03:26:35 +01:00
Diogo Cordeiro
afe8158cb7 [MODULES] Allow to upload third party plugins
Fixed some bugs
2019-08-24 01:59:42 +01:00
tenma
c802480d75 [CORE] Add new Notice scope for private messaging
Notice:
- Add MESSAGE_SCOPE scope

lib/*.stream:
- Filter out notices with MESSAGE_SCOPE scope
2019-08-21 16:54:47 +01:00
tenma
357296baeb [CORE] Fix subscription-related functions from the Profile class
The undifined variable $private_stream, from the User class, was causing
undifined behavior from calling requiresSubscriptionApproval. The is_null
test was added to fix this problem.
2019-08-13 03:01:24 +01:00
Miguel Dantas
6d552f15b6 [Embed] Resize thumbnails fetched by Embed to avoid keeping original images when we need only 128x128. Size configurable in config.php 2019-08-03 17:49:36 +01:00
Diogo Cordeiro
f67a93eddc [CORE] Bump Database requirement to MariaDB 10.3+ 2019-08-03 17:47:23 +01:00
Miguel Dantas
7070a14480 [CORE][StoreRemoteMedia] Fixed bug where sometimes images were written outside the site root 2019-08-03 17:31:43 +01:00
Miguel Dantas
3e5ce46e98 [CORE] Fixed bug where the http connection was using the wrong size for thumbnails, and returning the wrong one 2019-08-03 17:31:42 +01:00
Miguel Dantas
f746866b65 [StoreRemoteMedia] StoreRemoteMedia now uses the new filename format, which allows it to display correctly in the UI. Formatting fixes 2019-08-03 17:31:42 +01:00
Miguel Dantas
8f31a1a820 [MEDIA][OEMBED] Fixed regression in OEmbed, because it relied on accessing the files directly, which previous commits broke. The File table really should have a bool... 2019-08-03 17:31:42 +01:00
Miguel Dantas
da82048d77 [MEDIA] Fix trying to display file wich is not available locally 2019-08-03 17:31:41 +01:00
Miguel Dantas
aa5c6bbf08 [CORE][UI] Made attachment actions and its subactions be able to identify attachments by id and by filehash. Changed the url stored in the DB to be attachment//view 2019-08-03 17:31:41 +01:00
Miguel Dantas
c7475d78b4 [CORE][UI][ROUTER] Added view action, which inlines images and videos but downloads everything else. Fixed File url to get an URL fromthe view action, so when a making a remote notice, the correct URL is used, not accessing directly to the file 2019-08-03 17:31:40 +01:00
Miguel Dantas
3c9a07677e [CORE] Attachments and thumbnails aren't accessed directly by the file under the file storage folder, but indirectly from PHP, so that access to the file folder can be blocked in the server config 2019-08-03 17:31:40 +01:00
Miguel Dantas
ccebe536b3 [MEDIA] Removed blacklisted extensions, "trusts" upload extension (doesn't affect anything) and updated sysadmin documentation
Fixes bug which broke the UI. Oops
2019-08-03 17:31:39 +01:00
Miguel Dantas
5eb4a7d711 [MEDIA] File downloader now in PHP, added proper name in the UI and changed the format for new attachment file names
The file downloader was changed from a simple redirect to the file to one
implemented in PHP, which should make it safer, by making it possible disallow
direct access to the file, to prevent executing of atttachments

The filename has a new format:
  bin2hex("{$original_name}")."-{$filehash}"
This format should be respected. Notice the dash, which is important to distinguish it from the previous
format, which was "{$hash}.{$ext}"

This change was made to both make the experience more user friendly, by
providing a readable name for files, as opposed to it's hash. This name is taken
from the upload filename, but, clearly, as this wasn't done before, it's
impossible to have a proper name for older files, so those are displayed as
"untitled.{$ext}".

This new name is displayed in the UI, instead of the previous name.
2019-08-03 17:31:36 +01:00
Diogo Cordeiro
46be9b76ef [CORE] Fix wrong Profile_list schema and set created in user_im_prefs properly - by XRevan86
This reverts 496ab8c9, which was a bad correction of user_im_prefs values
2019-07-24 22:28:06 +01:00
Diogo Cordeiro
306d80de94 [DATABASE] Revert accidental regression introduced with 9a39ebe66f 2019-06-14 12:00:10 +01:00
Miguel Dantas
20c73f0596 [FORMATING] Ran php-cs-fixer on lib/mediafile.php, lib/imagefile.php and classes/File.php 2019-06-10 00:38:16 +01:00
Miguel Dantas
b224d93098 [MEDIA] ImageFile now extends MediaFile and validates images more aggressively.
Default supported files need to use consistent names. Bumped version to 1.20.0

ImageFile has been changed to extend MediaFile and rely on it to partially
validate files. This validation has been extended to not rely solely on
Fileinfo, as it is disabled on some places. Now it'll try to use the shell
command `file`, if Fileinfo isn't available.

ImageFile now converts every new upload to PNG, except JPEG and GIF, which
are kept, but still resized (to the same size), to remove possible scripts
embedded therein.

MediaFile::fromUpload will return an ImageFile if the uploaded file is an image
or a MediaFile otherwise.

MediaFile can be constructed with an id with value -1 to denote a temporary
object, which is not added to the DB. This is useful to create a temporary
object for representing images, so it can be used to rescale them.

The supported attachment array needs to be populated with the result of calling
`image_type_to_extension` for the appropriate image type, in the case of images.
This is important so all parts of the code see the same extension for each image
type (jpg vs jpeg).

Added documentation to classes/File.php and to lib/MediaFile and lib/ImageFile
2019-06-10 00:35:53 +01:00
Diogo Cordeiro
08b6cfde66 [SESSION] Add backwards compatibility for third party plugins depending on old Session::cleanup()
Namely Qvitter
2019-06-08 00:31:32 +01:00
Diogo Cordeiro
a1af5562de EmailRegistration plugin flow requires a confirmation address before user creation 2019-06-07 15:02:09 +01:00
Diogo Cordeiro
c083a8bcc2 [SESSION] Implement SessionHandlerInterface instead of setting custom handlers by XRevan86 2019-05-22 22:29:33 +01:00
Diogo Cordeiro
e8783d46d0 [SESSION] Increase type strictness for full PHP adherence
Documented this file (adapted from maiyannah's postActiv doc)
This commit also fixes PHP Warning:  session_write_close(): Session callback expects true/false return value in classes/Session.php on line 289 (spoted by XRevan86)
Observation: In a newer release we will be replacing this kind of castings with actual explicit PHP7 return types
2019-05-22 22:29:26 +01:00
Diogo Cordeiro
c03ed457a6 Fix broken user activitystreams feed due to deleted notices 2019-05-06 23:27:38 +01:00
Diogo Cordeiro
6cf674f8f8 Some minor refactoring on session handler 2019-04-27 00:28:05 +01:00
Diogo Cordeiro
339204f1ee Fix negative one subscriptions by XRevan86
Only local users are subscribed to themselves.
2019-04-26 01:10:53 +01:00
Diogo Cordeiro
496ab8c920 User_im_prefs - Fix wrong schemaDef 2019-04-19 20:54:24 +01:00
Diogo Cordeiro
9a39ebe66f Database fields with timestamp type now allow CURRENT_TIMESTAMP to be set as default value
Add default values to created and modified columns of Profile_list table to fix issue #338
2018-08-25 14:07:52 +01:00
Mikael Nordfeldth
586aaa596e Quote URL on dupe search and better logging on upgrade 2017-07-27 19:39:55 +02:00
Mikael Nordfeldth
457d32e273 Merge branch 'takeshitakenji/gnu-social-twitter-repeat-config' into mmn_fixes 2017-07-11 22:09:12 +02:00
mmn
dd8e17a387 Merge branch 'profile' into 'nightly'
Change Profile->getUser() to match the current user

See merge request !129
2017-07-11 20:05:47 +00:00
mmn
924bcd93e5 Merge branch 'notice_id-xml' into 'nightly'
Use the statusnet namespace for notice_id in atom feed

See merge request !136
2017-07-11 20:01:01 +00:00
Mikael Nordfeldth
0dd68d11cb What just happened? Not sure if me or git caused duplicate code. 2017-05-06 14:48:04 +02:00
Mikael Nordfeldth
4f37c564a5 Merge branch 'master' into mmn_fixes 2017-05-06 14:40:06 +02:00
Mikael Nordfeldth
966971bd12 Revert some of 8a4bec811b
use Notice_prefs instead of adding a new field. The rationale here
is simply that the Notice table was _huge_ and I rant into issues
with /tmp filling up when altering the tables. So let's just create
a new table instead.
2017-05-06 14:38:48 +02:00
Mikael Nordfeldth
7767c57087 Notice_prefs now available (I just copied Profile_prefs) 2017-05-06 14:38:47 +02:00
Mikael Nordfeldth
d115f9dd1b Output selfLink from notice asActivity[Object] 2017-05-06 14:38:45 +02:00
Mikael Nordfeldth
434956fc75 Notices start saving selfLink from activities/objects 2017-05-06 14:38:42 +02:00
Mikael Nordfeldth
286b1e0ab7 Revert some of 8a4bec811b
use Notice_prefs instead of adding a new field. The rationale here
is simply that the Notice table was _huge_ and I rant into issues
with /tmp filling up when altering the tables. So let's just create
a new table instead.
2017-05-06 13:24:11 +02:00
Mikael Nordfeldth
2cbef2b10f Notice_prefs now available (I just copied Profile_prefs) 2017-05-06 13:22:10 +02:00
Mikael Nordfeldth
7c829852b8 Output selfLink from notice asActivity[Object] 2017-05-06 12:26:54 +02:00
Mikael Nordfeldth
8a4bec811b Notices start saving selfLink from activities/objects 2017-05-06 12:15:54 +02:00
Mikael Nordfeldth
000af6d9ee default to #addtag on !group mention 2017-05-02 21:21:53 +02:00
Mikael Nordfeldth
07458e5375 Fixed the parsing of ostatus:conversation etc.
Conversation will now start storing remote URL

The namespace features don't work the way they were written for here
so I fixed that, making the ostatus: namespace properly looked up and
then the homegrown getLink function looks for what is back-compat with
StatusNet etc. if I remember correctly.
2017-05-02 18:58:22 +02:00
Mikael Nordfeldth
979c525124 I like to throw exceptions instead of using if statements. 2017-05-02 09:07:39 +02:00
Mikael Nordfeldth
75079320d1 Give remote Atom URL for remote profile view 2017-04-09 12:13:53 +02:00
Mikael Nordfeldth
d2c7c83615 Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into nightly 2017-04-06 13:34:57 +02:00
mmn
550606177b Merge branch 'fixtests' into 'nightly'
Got Old Unittests Passing

See merge request !131
2017-04-06 10:23:12 +00:00
Mikael Nordfeldth
2ce2201496 Show full acct uri as html title on link mouseover 2017-04-06 11:45:58 +02:00
Thomas Karpiniec
47cd054976 Use the statusnet namespace for notice_id 2017-02-04 21:59:30 +11:00
Mikael Nordfeldth
a7043bf7cc Split up source and source_link. Never trust HTML!
https://community.highlandarrow.com/notice/269667
or alternatively: https://social.umeahackerspace.se/conversation/495655
2016-09-02 01:00:52 +02:00
Mikael Nordfeldth
59b93b23e2 Split up source and source_link. Never trust HTML!
https://community.highlandarrow.com/notice/269667
or alternatively: https://social.umeahackerspace.se/conversation/495655
2016-09-02 00:55:46 +02:00
Mikael Nordfeldth
3b046ee49d Shorthand function to check if notice has been repeated. 2016-08-27 14:42:28 +02:00
Nym Coy
1f866fcaed ActivityGenerationTests.php fails but doesn't crash anymore.
Fixed an error where a profile id was reused after another profile was
deleted, and the new profile still had the deleted role.

Fixed ActivityGenerationTests::testNoticeInfoRepeated() which was passing
User instead of Profile, throwing errors.

tests/ActivityGenerationTests.php now passes.

CommandInterpreterTest now passes.

Moved JidValidateTest to XmppValidateTest, since Jabber functionality has
moved to the XmppPlugin. Tests work but don't pass, but they are at least
skipped if XmppPlugin is not active.

LocationTest passes, but the tests are not very good. Lots of nulls.

MediaFileTest passes.

NicknameTest passes. Nickname::normalize() now throws an error if the
nickname is too long with underscores.

UserFeedParseTest passes.

URLDetectionTest passes if $config['linkify']['(bare_ipv4|bare_ipv6|
bare_domains)'] are false. Untested otherwise.

Fixed Nickname::isBlacklisted() so it does not throw an error if
$config['nickname]['blacklist'] not set.
2016-08-14 11:55:49 +05:30
Mikael Nordfeldth
d84bf83419 Created function File->setTitle(str) 2016-07-23 21:00:57 +02:00
Mikael Nordfeldth
1b3d583418 file_quota for OembedPlugin too
Don't download huge files that might kill memory limits.
2016-07-21 03:19:05 +02:00
Mikael Nordfeldth
1981cb7662 Select the first generated thumbnail, which should be the proper size
...most of the time. If all works well.
2016-07-21 00:38:16 +02:00
Mikael Nordfeldth
f02d32b718 Reworked File->getUrl to throw exception
In case you require a local URL and one can't be generated, throw
FileNotStoredLocallyException(File $file)
2016-07-07 00:44:50 +02:00
Mikael Nordfeldth
b4a0bff740 Some mimetype madness! 2016-07-06 08:59:16 +02:00
Martin Lyth
b0204023c0 Fix the case of a call to sameAs() 2016-07-02 17:43:47 -04:00
Martin Lyth
c9afdae01c Check if we're the current user before retrieving 2016-07-02 17:02:37 -04:00
Martin Lyth
a62755182c Test user equality better in Profile->getUser() 2016-07-02 15:45:42 -04:00
Martin Lyth
d7a29be3ac Change Profile->getUser() to match the current user
Profile->getUser() gets the User independently from common_current_user.
This means that changes to one does not affect the other, even if they
are the same user.
This changes that, so that getUser() returns common_current_user() if
they are both the same user.

This is done to fix a bug in the user profile settings, where changes in
the language and timezone are applied to the return value of
Profile->getUser() but not propagated to common_cur_user(), which causes
the profile settings to display incorrect information until the page is
refreshed.
2016-06-30 18:24:58 -04:00
Mikael Nordfeldth
3d6e25ee5f We have to create and populate the Notice_location table before constraint checking foreign keys. 2016-06-25 13:01:56 +02:00
Mikael Nordfeldth
f93f02f424 Managed_DataObject now has getByUri() 2016-06-25 11:59:06 +02:00
Mikael Nordfeldth
42a62da764 getByUri shorthand function for Managed_DataObject (with uri) 2016-06-25 11:52:17 +02:00
Mikael Nordfeldth
7978cd6d59 s/EmptyIdException/EmptyPkeyValueException/ 2016-06-25 11:50:59 +02:00
Mikael Nordfeldth
1dfac3ad63 Allow getting filesize by function 2016-06-24 15:53:23 +02:00
Stephen Paul Weber
47e541eaec Allow getting notice title without implying one
Sometimes I just want explicit titles, and not the generated "blah posted on date" text
2016-06-10 21:00:01 +00:00
Mikael Nordfeldth
6d6db77f06 Documentation update in File class file 2016-05-04 11:44:14 +02:00
Mikael Nordfeldth
87dd0fbdb6 UseFileAsThumbnailException uses direct File object now 2016-05-04 11:34:50 +02:00
Mikael Nordfeldth
7aa9a69c2f Link to attachment page instead of big-ass image 2016-05-01 11:35:51 +02:00
Mikael Nordfeldth
0959efd7be Use constant for ATTN_PUBLIC (public collection) 2016-04-18 15:56:52 +02:00
Mikael Nordfeldth
c48508d590 use getByID (also bad variable reference) 2016-04-18 15:08:47 +02:00
Mikael Nordfeldth
6d33c003fc Maybe stop deleteRelated from failing on constraint checking 2016-04-04 12:04:20 +02:00
Mikael Nordfeldth
195285ac2f Fix constraint checking and only run it if not already constrained 2016-04-01 06:24:11 +02:00
Mikael Nordfeldth
8de3469957 Constraint check Notice table, need to get foreign key array! 2016-03-31 17:57:01 +02:00
Mikael Nordfeldth
2f91cb0df7 We should assume all verbs and such are their full URIs in our db 2016-03-29 12:57:52 +02:00
Mikael Nordfeldth
72cafe03e9 Index object_type too... 2016-03-29 12:48:25 +02:00
Mikael Nordfeldth
4e2be07234 Better indexing for Notice (performance++) 2016-03-29 12:13:33 +02:00