Commit Graph

67 Commits

Author SHA1 Message Date
Evan Prodromou
b2664e1ae2 Merge branch '0.8.x' into 0.9.x
Conflicts:
	actions/updateprofile.php
	actions/userauthorization.php
	classes/User_group.php
	index.php
	install.php
	lib/accountsettingsaction.php
	lib/logingroupnav.php
2009-08-21 15:42:11 -04:00
Adrian Lang
70235d7f05 Update libomb, fix some omb handling stuff, improve error handling. 2009-08-21 12:13:24 +02:00
Adrian Lang
ec88d2650e Replace own OMB stack with libomb. 2009-08-10 14:48:50 +02:00
Jeffery To
14b46e2183 Added configuration option to only allow OpenID logins.
If $config['site']['openidonly'] is set to true:
* the Login/Register pages will be removed from the navigation;
* directly accesses to the Login/Register pages will redirect to the
  OpenID login page;
* most links to the Login/Register pages will link to the OpenID login
  page instead.

The user will still need to set a password to access the API and RSS
feeds.
2009-08-10 13:57:39 +08:00
Craig Andrews
83ff1cecd3 Use NICKNAME_FMT everywhere consistently 2009-08-05 16:26:19 -04:00
Evan Prodromou
aec6456c91 Update copyright dates in files modified in 2009 2009-06-20 16:12:55 -07:00
Evan Prodromou
793a6a1155 change Controlez-Vous to Control Yourself 2009-06-20 16:00:04 -07:00
Sarven Capadisli
7a00dc749d Updated styles for the Authrization subscription form inputs 2009-04-12 21:50:14 +00:00
Sarven Capadisli
e9e7671d5f Updated markup for entity_profile on Authorize subscription page. 2009-04-12 21:40:29 +00:00
Adrian Lang
6367def2d8 Remove OAuthRequest as storage from userauthorization.
Since we are not really handling a fullblown OAuth request (No signature, nonce, consumer) we should not use this class, rather store the plain param array in the session.
2009-03-11 10:33:26 +01:00
Adrian Lang
df7565ddcc Remove second OAuth request validation. 2009-03-11 10:32:12 +01:00
Adrian Lang
24713499a9 Fixes #827: Laconica expects full OAuth message for user auth request.
When a user subscribes to a remote profile, he is redirected to his own service to confirm the request. This authorization request is specified in http://oauth.net/core/1.0#auth_step2. According to the standard, it does not have to pass consumer_key, nonce, timestamp or signature. The only specified parameters are oauth_token and oauth_callback, both optional.
2009-03-11 10:30:30 +01:00
Adrian Lang
fbe794e44d Improve handling of null values in profile parameters.
This commit fixes two issues:
- Allowing remote users to clear profile parameters via OMB.
- Improved handling of profile parameters which evaluate to
  false ('0' for example)
2009-03-09 08:06:31 +01:00
Evan Prodromou
1a63d7d829 fix case of OAuthUtil method 2009-03-07 13:35:19 -08:00
Evan Prodromou
ba9c589bb2 fix for change in OAuthUtil upstream 2009-03-07 13:32:44 -08:00
Adrian Lang
89197210cf Fixes #1067: Avatar stretched on authorize remote subscription page. The img tag used a wrong class which had a width: 100% applied. 2009-02-27 15:39:10 -08:00
Evan Prodromou
47a5d2b7f0 Fixed remote subscribe avatar problems
Had some Avatar file-copying issues; seem to be fixed.
2009-02-09 23:13:11 +00:00
Robin Millette
c2905085c1 trac #1155 ++ replace strlen with mb_strlen for all utf8 strings. 2009-02-07 19:33:18 +00:00
Adrian Lang
d2521786f0 Cancel -> Reject in remote subscribe 2009-01-26 14:20:19 +01:00
Evan Prodromou
1132e66f84 Fix over-zealous un-underscoring in userauthorization 2009-01-23 01:41:00 +01:00
Evan Prodromou
0ecfd7a7ec Update userauthorization, strip out a lot of debug stuff 2009-01-23 01:35:05 +01:00
Evan Prodromou
4b0cf99e56 Convert use of common_server_error and common_user_error to methods on Action 2009-01-15 23:03:38 +00:00
Evan Prodromou
eaa81d25fa Convert all actions to use new UI functions
I did a massive search-and-replace to get all the action subclasses to
use the new output function (common_element() -> $this->element(), etc.)

There's still a lot to do, but it's a first step
2009-01-15 22:57:15 +00:00
Evan Prodromou
b264c03d32 move opening brace of class declaration to next line
Another gigantor PEAR coding standards patch. Here, I've moved the
opening curly bracket on a class statement to the following line.

darcs-hash:20081223194923-84dde-77a93de314caadbcb5b70bf346a4648be77a864e.gz
2008-12-23 14:49:23 -05:00
Evan Prodromou
7ad2f2a371 TRUE
More PEAR coding standards global changes. Here, I've changed all
instances of TRUE to true and FALSE to false.

darcs-hash:20081223194428-84dde-cb1a1e6f679acd68e864545c4d4dd8752d6a6257.gz
2008-12-23 14:44:28 -05:00
Evan Prodromou
04ef1ba8ee change function headers to K&R style
Another huge change, for PEAR code standards compliance. Function
headers have to be in K&R style (opening brace on its own line),
instead of having the opening brace on the same line as the function
and parameters. So, a little perl magic found all the function
definitions and move the opening brace to the next line (properly
indented... usually).

darcs-hash:20081223193323-84dde-a28e36ecc66672c783c2842d12fc11043c13ab28.gz
2008-12-23 14:33:23 -05:00
Evan Prodromou
eb2f9c98ac replace NULL with null
Another global search-and-replace update. Here, I've replaced the PHP
keyword 'NULL' with its lowercase version. This is another PEAR code
standards change.

darcs-hash:20081223192129-84dde-4a0182e0ec16a01ad88745ad3e08f7cb501aee0b.gz
2008-12-23 14:21:29 -05:00
Evan Prodromou
edbc0c665c replace all tabs with four spaces
The PEAR coding standards decree: no tabs, but indent by four spaces.
I've done a global search-and-replace on all tabs, replacing them by
four spaces. This is a huge change, but it will go a long way to
getting us towards phpcs-compliance. And that means better code
readability, and that means more participation.

darcs-hash:20081223191907-84dde-21e8efe210e6d5d54e935a22d0cee5c7bbfc007d.gz
2008-12-23 14:19:07 -05:00
Evan Prodromou
8b3080faf4 whitespace fixup in userauthorization
darcs-hash:20081203032650-5ed1f-1f9affd557cf958cdfe7ed224433199b22e1c56a.gz
2008-12-02 22:26:50 -05:00
Evan Prodromou
58beea9798 check for license compatibility
darcs-hash:20081203032632-5ed1f-2213efd018913e3253082dbe83d7b906c4f0ff76.gz
2008-12-02 22:26:32 -05:00
Evan Prodromou
a179a816b5 add some extra checks to avoid remote subscriptions to local users
darcs-hash:20081118180644-84dde-ab152249ac0844a482029b7e0f8db2780a0f15d6.gz
2008-11-18 13:06:44 -05:00
Evan Prodromou
7ff02bb7d4 try to clean up user-without-profile errors
darcs-hash:20080926145008-5ed1f-8a60ed3c5adbfe75aa044732e8d10dbdb9b93089.gz
2008-09-26 10:50:08 -04:00
CiaranG
e322732bd3 Fix remote sub when redirected via login (Ticket #618)
darcs-hash:20080909202259-f6e2c-8c7e836fd1f0ce9de3ea3802161e1068e346e5dd.gz
2008-09-09 16:22:59 -04:00
CiaranG
fff677e6c4 Resolve remote subscribe and omb problems with quotes (Tickets #604 and #567)
darcs-hash:20080904065504-f6e2c-f0c770f52624e7151a93f2ed2b8813657ca88c14.gz
2008-09-04 02:55:04 -04:00
Evan Prodromou
98e941753b session token in userauthorization form
darcs-hash:20080829052847-84dde-a64918a75f8300ec8fb230202881691066147652.gz
2008-08-29 01:28:47 -04:00
Evan Prodromou
63438008e0 csrf protection in userauthorization
darcs-hash:20080829052732-84dde-0ebb7e32236b480cc3aa2eb7a4bb2b41ff6177d6.gz
2008-08-29 01:27:32 -04:00
Evan Prodromou
ea40dabb39 better error reporting in user authorization action
darcs-hash:20080822212111-84dde-2770093fcfaa6fe03abb1143d3828f0622382b45.gz
2008-08-22 17:21:11 -04:00
Evan Prodromou
5b01880685 name omb_listener param so we can refer to it in error msg
darcs-hash:20080816151057-84dde-e9df2c91a2711b235aa936a28e250715fc7c6d50.gz
2008-08-16 11:10:57 -04:00
zach
7e6870db91 base class is_readonly() now returns false by default
darcs-hash:20080722212056-ca946-e4bd9eef8e3d8991414932e9fc7b8c9a31f818c0.gz
2008-07-22 17:20:56 -04:00
zach
038f762bce Added is_readonly() method to all Actions
darcs-hash:20080722171501-ca946-160bad6c4f80be2b3b105ea9b913f1c0f9edb0ef.gz
2008-07-22 13:15:01 -04:00
Mike Cochrane
87b494f1eb Convert _t() to _() for gettext.
darcs-hash:20080708094531-533db-83399a46e6ec4c0fcc6249b0235961f969d1ae73.gz
2008-07-08 05:45:31 -04:00
Evan Prodromou
721d6f94c7 method
darcs-hash:20080702131507-84dde-507a6380fcab66c1fbcbaad6d1399c8a2f210acf.gz
2008-07-02 09:15:07 -04:00
Evan Prodromou
6ce7f932a6 fixup some TODOs, fix a bug in userauthorization
darcs-hash:20080611020810-84dde-32ab3b9e25532b92156d093dcf2ad24134cbcf4f.gz
2008-06-10 22:08:10 -04:00
Evan Prodromou
1ef5cf964e checks for user and sub in validate and better error check in remote save
darcs-hash:20080606055439-84dde-3abda48583737e89a9c75b3cff6722e9444d13a9.gz
2008-06-06 01:54:39 -04:00
Evan Prodromou
281dbc3177 debug info for authorizing token
darcs-hash:20080606053321-84dde-c6ee7a4565cce35873ad36890b609b90b65b472d.gz
2008-06-06 01:33:21 -04:00
Evan Prodromou
c5853abc39 handle errors in authorizing and saving remote profile
darcs-hash:20080606052631-84dde-4a8b4d8f70b0148d0b98b62875099f7d9cca9026.gz
2008-06-06 01:26:31 -04:00
Evan Prodromou
5fb2072bc9 use $_GET, not $args
darcs-hash:20080606052117-84dde-b9afe0037d9c75382f218f85eefec2a944e42dc6.gz
2008-06-06 01:21:17 -04:00
Evan Prodromou
c6f9e7c241 don't clone arrays!
darcs-hash:20080606051823-84dde-1ba6bdfe546b5307afd97c2c7715f8d35b464e83.gz
2008-06-06 01:18:23 -04:00
Evan Prodromou
9152085702 fix args in returnto
darcs-hash:20080606051331-84dde-1afe6e4a156cbb802b8b4231e065dc99ad07fef4.gz
2008-06-06 01:13:31 -04:00
Evan Prodromou
56021d9572 move avatar scaling and saving to Avatar and Profile
Extracted the code for setting a new original avatar to the Profile
class, and moved some of it to Avatar, too. This makes it easier to
have the same functionality whether an avatar is set using the profile
settings (for our users), or on a remote subscription. Necessitated
changing the filenaming function to just take an ID.

darcs-hash:20080605193708-84dde-a441cc0474951ce7f1a1da9310b5145c0b7c3070.gz
2008-06-05 15:37:08 -04:00