Commit Graph

5141 Commits

Author SHA1 Message Date
Alexei Sorokin
cce2c763d3 [RedisCache][DiskCache] Check if unserialize succeeded 2021-07-16 19:44:40 +01:00
Alexei Sorokin
ed08b46c0b [TwitterBridge] Check if Notice::$lat and Notice::$lon are defined 2021-07-16 19:44:40 +01:00
Alexei Sorokin
03e69e8c31 [DATABASE] Fix remaining misuses of SQL's GROUP BY 2021-07-16 19:44:40 +01:00
Alexei Sorokin
024f5fe3a8 [RequireValidatedEmail] Only check current user posts
This check made registration impossible when welcomeuser didn't have validation
as well.

And rename the "grandfatherCutoff" option to "exemptBefore".
"Grandfathering" is a relatively obscure term linked to the history of the
United States of America, so replace that with something self-descriptive.
2021-07-16 19:44:40 +01:00
Alexei Sorokin
5b95c1172a [EmailAuthentication] Check if e-mail with filter_var 2021-07-16 19:44:40 +01:00
Alexei Sorokin
46ac40d981 Clean Notice_prefs and Fave_tally when a notice is deleted 2021-07-16 19:44:40 +01:00
Alexei Sorokin
83ba7030cc [ExtendedProfile] Clean up of missing array indices handling 2021-07-16 19:44:38 +01:00
Alexei Sorokin
5196b45e62 [TwitterBridge] Do not fail on missing notice 2021-07-16 19:44:38 +01:00
t3nma
bf274d34c6 [TwitterBridge] Fix issue "Only variables should be assigned by reference"
From the docs: "The new operator returns a reference automatically, so
assigning the result of new by reference is not allowed as of PHP 7.0.0"
2021-07-16 19:44:38 +01:00
Diogo Cordeiro
33721c85cd [ActivityPub][NOTICE] Process attachments 2021-07-16 19:44:38 +01:00
Diogo Cordeiro
7e559f0cd0 [ActivityPub][NOTICE] Fix variable being wrongly reused 2021-07-16 19:44:38 +01:00
Diogo Cordeiro
f3df3762f1 [ActivityPub][INBOX][Delete] Support Delete Actor object being a Tombstone 2021-07-16 19:44:38 +01:00
Diogo Cordeiro
ce4ceaf8c7 [ActivityPub][NOTICE] Fix other federation protocols mention handling 2021-07-16 19:44:38 +01:00
Diogo Cordeiro
30024b4d47 [ActivityPub][SCRIPTS] Add fix_subscriptions.php 2021-07-16 19:44:38 +01:00
Diogo Cordeiro
4dfa7f374a [TheFreeNetwork][fix_duplicates.php] Don't die because you couldn't federate an undo follow 2021-07-16 19:44:38 +01:00
Alexei Sorokin
1667d727b4 Set HTTP status codes with http_​response_​code() 2021-07-16 19:44:38 +01:00
Diogo Cordeiro
10f0a15614 [VersionBump] 2.0.0alpha0
Ran composer update and locale updater
2021-07-16 19:44:38 +01:00
t3nma
119783f80e [ActivityPub][QUEUES] Handle Create (AS1 POST) verb properly
Fixes a bug introduced in e504d13120
2021-07-16 19:44:38 +01:00
Alexei Sorokin
d55488cdec [OpenID][DATABASE] Store UNIX timestamps as BIGINT 2021-07-16 19:44:38 +01:00
Alexei Sorokin
bee3dea9c2 [DATABASE] Add explicit indices for all foreign keys
This adds a requirement for all definitions that have foreign keys to also
require indices for all source (local) attributes mentioned in foreign keys.

MariaDB/MySQL creates indices for source attributes automatically, so this
serves as a way to get rid of those automatic indices and create clean explicit
ones instead.

In PostgreSQL, most of the time, indices on the source are necessary to
decrease performance penalty of foreign keys (like in MariaDB), but they aren't
created automatically, so this serves to remove that difference between
PostgreSQL and MariaDB.
2021-07-16 19:44:38 +01:00
Alexei Sorokin
665e4574da [DATABASE] Fix index identifiers and clean up redundant ones 2021-07-16 19:44:38 +01:00
t3nma
f3ab63957d [DirectMessage] Update ApiDirectMessageNew action
- Messages are now saved as Notices
2021-07-16 19:44:38 +01:00
t3nma
8ca412bd1d [DirectMessage] Update ApiDirectMessage action
- getMessages() is now fetching from the Notice table as supposed
- every show{format}* method is properly updated to use Notice objects
- json and xml responses retrieve multi-recipients without compromising
  backwards compatibility
2021-07-16 19:44:38 +01:00
t3nma
8b0abc0382 [DirectMessage] Update inboxMessages() to stop fetching replies
This is yet to be supported in the plugin.
2021-07-16 19:44:38 +01:00
t3nma
58d7ab4d13 [DirectMessage] PSR12-format 2021-07-16 19:44:38 +01:00
Alexei Sorokin
903a9d2667 [DOCUMENTATION] Adopt PSR-12 and clarify on arrays 2021-07-16 19:44:37 +01:00
Alexei Sorokin
b1b1d2af93 [DATABASE] Update "modified" in Managed_DataObject instead of a DBMS trigger
Instead of relying on the MariaDB's ON UPDATE CURRENT_TIMESTAMP trigger update
"modified" attributes in Managed_DataObject. Every raw query that needs
adjusting is adjusted, as they won't update "modified" automatically anymore.

The main goal behind this change is to fix "modified" updates on PostgreSQL.
2021-07-16 19:44:37 +01:00
Alexei Sorokin
346aec9b2a [DATABASE] Fix more incorrect uses of quotation in SQL 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
452f05512f [ActivityPub][Explorer] More robust exception handler for invalid remote answers 2021-07-16 19:44:37 +01:00
Alexei Sorokin
b79d97c4e1 [RemoteFollow] Fix location display 2021-07-16 19:44:37 +01:00
Alexei Sorokin
8b5be9fe1b [LRDD] Fix unhandled bad data in HostMeta, LinkHTML and WebFinger 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
7022d85b93 [ActivityPub][AProfile] Complete strict typing 2021-07-16 19:44:37 +01:00
Alexei Sorokin
e902a9bdfc [DATABASE] Check SQL boolean values with "IS TRUE"
This way UNKNOWN (NULL) explicitly turns to FALSE when three-valued logic is
reduced to binary.
In pgsqlschema, however, use "IS FALSE" as boolean attributes in pg_index are
non-nullable, there is no outer join and there's no clear preference for NULL
reduction.

Over-complicated constructions in TagCloud queries have been simplified, which
should not affect their performance.

Additionally, in TagCloud's lib/subscriptionspeopleselftagcloudsection.php
a typing mistake in an equi-join of "profile_tag" and "profile_list" on
"tagger" was fixed.
That regression was introduced in f446db8e2a
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
a996ac797a [UserFlag] Fix type of onUserRightsCheck 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
e046d4faa5 [UserFlag] Increase strict typing of main file
Run php-cs-fixer
Correct case of class name onDeleteRelated event handlers
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
235122280d [ActivityPub] Increase type strictness on Explorer 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
05790c124c [ActivityPub] Fix wrong type handling on AProfile:update_profile 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
f1b3db8e59 [Bookmark] Fix misuse of XMLOutputter
Argument 3 passed to htmloutputter::input() must be of the type string or null, array given, called in /srv/gnusocial/plugins/Bookmark/forms/bookmark.php on line 166
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
80a4811539 [ExtendedProfile] Fix misuse of XMLOutputter
Argument 1 passed to xmloutputter::text() must be of the type string, null given, called in /srv/gnusocial/plugins/ExtendedProfile/lib/extendedprofilewidget.php on line 556
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
b5180d6096 [ActivityPub] Fix bug introduced with 4d171b27
Too few arguments to function Activitypub_notice::create_notice()
2021-07-16 19:44:37 +01:00
Alexei Sorokin
c461030066 [RedisCache] Catch string return type from Predis\Client::setex 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
8ec2af0020 [TheFreeNetwork] Fix small logic issue regarding StartTFNLookup return 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
d81e795cc0 [ActivityPub][SCRIPTS] Make update profiles work with an uri 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
4bbfb2dd56 [ActivityPub][QUEUES] Add Like, Undo and Delete 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
2b4aaca14a [ActivityPub][INBOX][Delete] Fix misconceptions
References:
- https://socialhub.activitypub.rocks/t/the-delete-activity-and-its-misconceptions/137
- https://socialhub.activitypub.rocks/t/the-update-activity-more-than-caching/260
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
64108aa51d [ActivityPub][NOTE] Do not extract actor from attributedTo
There was no checking of attributedTo, actors and referent object IDs to make
sure they exist in the same domain. Therefore, one could spoof messages from
people by doing attributedTo: whoever-i-want-to-spoof
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
9f4c4edb02 [ActivityPub][Ostatus] Fetch avatars in accordance to the new media system 2021-07-16 19:44:37 +01:00
Alexei Sorokin
26115482ef [SCHEMA] Improve timestamp storage
Avoid the use of deprecated MariaDB "zero dates" globally. If they're present
as attribute defaults somewhere, they will be replaced with NULL implicitly.
The existing "zero dates" in MariaDB storage will be left intact and this
should not present any issues.

The "timestamp" type in table definitions now corresponds to DATETIME in
MariaDB with "DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP", which
should be close enough to the original behaviour for compatibility purposes.
It is now the recommended type for "modified" attributes, because of the
update trigger on MariaDB. But there is no such trigger implemented on
PostgreSQL as of this moment.
2021-07-16 19:44:37 +01:00
Alexei Sorokin
eb993df072 [DATABASE] Fix MariaDB schema verification 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
32a7cd6458 [ActivityPub][HTTPSignatures] Fix verify 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
78f0ab022c [ActivityPub][Inbox] Signature verification after Actor update would always fail 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
c7e1352618 [ActivityPub][Inbox] With PHP 7.3 we don't need get_all_headers workaround anymore
Furthermore, it was broken on Apache2 because the actual function
doesn't put the resulting array's key in lowercase.
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
25f67a1ce9 [ActivityPub][Inbox] get_all_headers was nginx only 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
bc1af78bf7 [TESTS] Move AcceptHeader from ActivityPub plugin to Core
Delete temporary ActivityPub tests (they were to be deleted long ago)
2021-07-16 19:44:37 +01:00
Diogo Cordeiro
8c2d87b3b8 [ExtendedProfile] Fix XML type bug 2021-07-16 19:44:37 +01:00
Diogo Cordeiro
bba9c0d560 [TESTS] Fix CommandInterpreterTest
Also corrected a bad refactoring that affected Xmpp plugin test
2021-07-16 19:44:37 +01:00
Alexei Sorokin
d01f44ee99 [DATABASE] Some query improvements
Make common_sql_weight employ standard SQL functions for the timestamp
difference in seconds.
Also replace UTC_TIMESTAMP in the MariaDB-specific part with CURRENT_TIMESTAMP
as it is the only occurence and GNU social sets UTC as a default timezone.

In a delete_orphan_files.php script simplify the main query considerably.

In clean_profiles.php stop using COUNT as if it is ANY, that is unnecessary
punishment for the database. Instead implement the anti-join with a
left outer join.

In Autocomplete and Activitypub_profile use joins instead of a WHERE OR
anti-pattern for the semi-joins.

In lib/ui/galleryaction.php replace a CROSS JOIN with an INNER JOIN.

In actions/sup.php remove a redundant subquery: WHERE is applied before
grouping either way.
2021-07-16 19:44:36 +01:00
Alexei Sorokin
ed4cc01b2f [DATABASE] Replace NOW() with CURRENT_TIMESTAMP 2021-07-16 19:44:36 +01:00
Alexei Sorokin
434f07430d [DATABASE] Use "<>" as an SQL non-equality sign in more cases
A follow-up to commit 644b417f6c
2021-07-16 19:44:36 +01:00
Alexei Sorokin
9ac632ca2d [DATABASE] Start transactions with START TRANSACTION
"BEGIN" is non-standard and unnecessary.
2021-07-16 19:44:36 +01:00
susdiv
6ea0d441cd [Autocomplete] Fix postgres incompatible query in AutocompleteAction 2021-07-16 19:44:36 +01:00
susdiv
4153a93390 [ActivityPub] Fix Postgres incompatible query in Following and Followed collection 2021-07-16 19:44:36 +01:00
Hugo Sales
facf3204d3 [FIX] Fix 'Trying to access array offset on value of type null' in AntiBrutePlugin and SimpleCaptchaPlugin when using scripts 2021-07-16 19:44:36 +01:00
tenma
34e1a6ee08 [OStatus] Remove TFN's deprecated Census event and fix small typo in the code 2021-07-16 19:44:36 +01:00
tenma
12945c4d20 [ActivityPub] Remove TFN's deprecated Census event 2021-07-16 19:44:36 +01:00
tenma
135c50762a [OStatus] Add TheFreeNetwork module's support in handling profile insertion
Ostatus_profile:
- Update createActivityObjectProfile to trigger TFN's assistance in inserting the profile
2021-07-16 19:44:36 +01:00
tenma
9fcccd8b5a [ActivityPub] Add TheFreeNetwork module's support in handling profile insertion
Activitypub_profile:
- Update do_insert to trigger TFN's assistance in inserting the profile

explorer:
- Use the new LRDD's method for grabbing profile aliases
2021-07-16 19:44:36 +01:00
tenma
40bc43215d [OStatus] Update salmonaction to use the new LRDD's method for grabbing aliases 2021-07-16 19:44:36 +01:00
tenma
8b8157ce25 [LRDD] Add a new method for grabing profile aliases 2021-07-16 19:44:36 +01:00
tenma
a17c010bb9 [ActivityPub] Autofix profile URIs through alias discovering
Activitypub_profile:
- Add updateUri method

explorer:
- Add grab_aliases method
- Update grab_local_user's online course to grab and test aliases
2021-07-16 19:44:36 +01:00
Hugo Sales
3f8f77dff1 [CORE] Fix 'Array and string offset access syntax with curly braces is deprecated' in AuthCryptModule and DirectionDetectorPlugin 2021-07-16 19:44:36 +01:00
Alexei Sorokin
7b1c3dbb3f [Nodeinfo] Count active users for full days and without silenced 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
4caa394db6 [UI] Small improvement on attachment's visual 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
617e3af5cd [SensitiveContent] Fix plugin settings
Also reformatted the code and minor bug fixed it
2021-07-16 19:44:36 +01:00
nee
7ee8751b8e [SensitiveContent] Add option to activate for not-logged-in visitors
Remove redundant setting retrival code.

An example config.php entry to activate the new config:
$config['site']['sensitivecontent']['hideforvisitors'] = true;
2021-07-16 19:44:36 +01:00
nee
2419d85edf [SensitiveContent] Don't crash in GNU social classic
When an attachment has no thumbnail (for example when it's a video).
2021-07-16 19:44:36 +01:00
Diogo Cordeiro
1ea12e0cdf [PLUGINS] Remove VideoThumbnails not useful anymore 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
6598b89db0 [ActivityPub] Fix profile url handling 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
4a90f281ed [ActivityPub] Fix undefined tag index 'type' in Activitypub_notice 2021-07-16 19:44:36 +01:00
Alexei Sorokin
3951ccbef7 [CORE] Use monotonic time via hrtime() where applicable
The realtime clock is not reliable when calculating elapsed time.
2021-07-16 19:44:36 +01:00
Diogo Cordeiro
91869c78ac [CORE] Better queues defaults 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
351e356bb4 [ActivityPub][Postman] Fix not sending notices to self 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
705b679332 [Ostatus] Partially revert 69add504e6
updateuris isn't needed after alll, we should solve this with TFNM and existing infrastructure.
2021-07-16 19:44:36 +01:00
Diogo Cordeiro
e7778bd5d7 [ActivityPub][RSA] Revision, increase type scrictness and improve docs 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
73af7be061 [ActivityPub] Properly handle Actor URIs by using events correctly
This should fix nulls on explorer lookups inputed by postman after generate_followers/getSubscribers, that I think were caused by calling common_profile_uri that, curiously, only handles local profiles
2021-07-16 19:44:36 +01:00
Diogo Cordeiro
165edc2609 [CORE] Add GNUSOCIAL_ENGINE_REPO_URL and increase usage of GNUSOCIAL_ENGINE_URL 2021-07-16 19:44:36 +01:00
Alexei Sorokin
ef056779fc [Xmpp] Adjust type declarations for changes in XMPPHP 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
c96dafa191 [ActivityPub][RSA] Fix types of generate_keys 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
3d805026a2 [ExtendedProfile] Fix updates and allow to delete values 2021-07-16 19:44:36 +01:00
Diogo Cordeiro
3b01aa31d3 [REALTIME] Reviewed both the superclass and its dist plugins 2021-07-16 19:44:36 +01:00
Alexei Sorokin
0bbcb5b098 [Xmpp] Latin-1 space characters are not forbidden for XMPP resources
Also use mb_strlen() with the 8bit encoding to count octets, strlen() is not as
reliable (mbstring.func_overload).
2021-07-16 19:44:35 +01:00
Alexei Sorokin
05f4b1e97d [Xmpp] Use UnexpectedValueException in splitJid, a bit narrower 2021-07-16 19:44:35 +01:00
Alexei Sorokin
eab5725698 [DATABASE] Disable 'NULL' strings evaluation as SQL NULLs
Use $object->sqlValue('NULL') (identical to DataObject_Cast'ing) instead and
fix related issues like (email|sms)settings considering these NULLs as a
false positive for the E-Mail address still being set when it's been removed.

There could also be security implications to the now-disabled approach of
considering 'NULL' strings as SQL NULLs.
2021-07-16 19:44:35 +01:00
Diogo Cordeiro
fd68965255 [ActivityPub] New URI system 2021-07-16 19:44:35 +01:00
tenma
b19da881c7 [TheFreeNetwork] First code: Module class and census event 2021-07-16 19:44:35 +01:00
tenma
3fb78ab108 [OStatus] Add script for profile deduplication and URI fixing 2021-07-16 19:44:35 +01:00
tenma
6a37c21ead [ActivityPub] Fix some small known problems
ActivityPubPlugin:
- Rework onProfileDeleteRelated to account for the tables _rsa and _pending_follow_requests
- Update onEndShowAccountProfileBlock to stop creating the ap_profile if it doesn't exist (we'll handle this in a different manner)

Activitypub_profile:
- Remove unnecessary code from from_profile method and add return type information

Explorer:
- Update travel_collection to call itself instead of _lookup, that was wrong
2021-07-16 19:44:35 +01:00
Alexei Sorokin
b3c2dfd9c9 [AnonymousFave][DATABASE] Set the created timestamp on INSERT 2021-07-16 19:44:35 +01:00
Alexei Sorokin
0c1e9bbc17 [DAEMONS][TwitterBridge] Set PUBLICDIR 2021-07-16 19:44:35 +01:00
Alexei Sorokin
ab020c7528 [COMPOSER] Remove some pre-composer remnants from the code 2021-07-16 19:44:35 +01:00