Commit Graph

339 Commits

Author SHA1 Message Date
Mikael Nordfeldth
ec4e432d55 Subscription::ensureStart skips AlreadyFulfilledException
Sometimes we just want to accept the user's wrong, but when it comes
to remote APIs etc. we probably want to let the client know it has
done something already (in this case multiple identical subscription
requests - which might indicate to it that it should refresh the sub
lists or something).
2015-03-04 11:38:04 +01:00
Mikael Nordfeldth
bece816ec7 User class throws exception on register failure 2015-03-01 12:36:19 +01:00
Mikael Nordfeldth
ce91f1c0e6 Hide posts from users with private_stream in scoping streams
For example the public timeline would show notices from a user with
private_stream configured. (previously it would only hide _new_ notices
by this user as they would be the only ones with notice scoping set).
2015-02-24 22:59:58 +01:00
Mikael Nordfeldth
0590f2975e Merge branch 'utf8mb4' into nightly
Conflicts because of urlhash fixes:
	classes/File.php
	classes/File_redirection.php
	classes/File_thumbnail.php
2015-02-19 20:50:40 +01:00
Mikael Nordfeldth
901a825b61 Non-functional "retweeted to me" API call modified (but not fixed)
For some reason the "retweeted to me" part of the Twitter API was removed
when Evan made some inbox changes back in the StatusNet days. We might
recover this functionality, but not yet. The proper function calls are
however fixed in this commit.
2015-02-17 16:48:24 +01:00
Mikael Nordfeldth
2f86cd8602 utf8mb4 conversion on database with index adjusts 2015-02-12 18:18:55 +01:00
Mikael Nordfeldth
6b638b8e13 User class also needs getConfigPref 2015-02-03 22:04:29 +01:00
Mikael Nordfeldth
40416c2c69 Don't email users who are sandboxed
If sandboxed or silenced, don't email the user any notifications.
2015-02-03 11:41:20 +01:00
Mikael Nordfeldth
e38d78eba9 updateKeys (for classes with PRI id) now in Managed_DataObject 2015-01-25 11:58:35 +01:00
Mikael Nordfeldth
5653c25641 Add simpler delete preference for Profile and User 2015-01-21 23:00:33 +01:00
Mikael Nordfeldth
305c9f33a7 Registration coding cleanup
Mainly there was an Undefined variable: code in apiaccountregister.php
2015-01-18 13:06:12 +01:00
Mikael Nordfeldth
0a20abf1d8 Email notify-on-fave moved to Profile_prefs (run upgrade.php) 2014-07-13 19:46:40 +02:00
Mikael Nordfeldth
b5fd2a048f Shortcut to Profile_prefs get/set Data in Profile and User 2014-07-13 16:49:35 +02:00
Mikael Nordfeldth
b63f6e949c Converted all ActivityObject::fromProfile to $profile->asActivityObject 2014-07-03 10:51:36 +02:00
Mikael Nordfeldth
7e597ea7cc More Favorite pluginification (favecount, cache, menus(favecount, cache, menus)) 2014-06-28 14:03:30 +02:00
Mikael Nordfeldth
c8c6bf9a1c Simplify functions regarding locally cached profiles etc. 2014-06-06 00:32:07 +02:00
Mikael Nordfeldth
c786892103 Non-dynamic profile fetching in User and User_group 2014-06-06 00:19:54 +02:00
Mikael Nordfeldth
cd3cff451f ConversationTree is now a plugin (not oldschool setting)
Conversation trees works pretty bad with the current layout, javascript
etc. So it's best if we separate it and work on it as a side-project. The
oldschool settings are currently being deprecated (or broken out like this).

I'll wait with removing User preferences for oldschool conversation tree,
since that might be reusable data. But I guess it will go in the near future.
2014-05-12 11:51:11 +02:00
Mikael Nordfeldth
8b12e41351 User object didn't have getNickname() function
We're just jumping on to the Profile->getNickname() function.
2014-05-06 16:08:36 +02:00
Mikael Nordfeldth
34b570352f Fix Direct Message functionality. 2014-04-29 20:37:58 +02:00
Mikael Nordfeldth
5fd6053220 Code cleanup and enabling User object's etc. getUri() 2014-04-28 14:08:42 +02:00
Mikael Nordfeldth
79cacdc62f Removing unused "inboxed" flag for User class 2014-03-07 21:37:48 +01:00
Mikael Nordfeldth
2272cc244d Removed Inbox from core (unused since 4b2a66ed29)
Added the following FIXME:
How should a Twitter user get their Inbox filled with foreign tweets?

Every imported Twitter user has a profile in the Profile table, so we
could setup a Subscription entry for each of those, meaning they get
collected in the InboxNoticeStream... But this would mean a lot of
unnecessary entries and listings that generally just point to the
locked down Twitter service.

Let's figure out a good relation so we can connect any profile to any
imported foreign notice, so it shows up in the "all" feed.
2014-03-06 04:46:29 +01:00
Mikael Nordfeldth
c812e7c0d6 Removed deprecated Inbox functions not in use from User 2014-03-06 03:41:50 +01:00
Mikael Nordfeldth
f323f234d7 Better typing for isSubscribed 2014-03-05 13:44:34 +01:00
Mikael Nordfeldth
fc047bd6e6 Minor code cleanup with group related actions (thanks brw12)
Originated from brw12 who noticed an incorrect variable name used in
an error message in actions/apigroupjoin.php:109
2014-03-01 12:01:17 +01:00
Mikael Nordfeldth
2dfa0bfcee function delete in dataobjects now don't break strict syntax 2013-10-29 10:20:57 +01:00
Mikael Nordfeldth
2a5ba1f74b Core and Default plugins separated, now loads on install
_flow_ reported on IRC that install.php had stopped working. This was
because default plugins had been put into two separate lists, and the
list with AuthCrypt was never loaded when performing an installation.

Core plugins cannot be disabled.

I also removed the Memcache autodetection thing since it should be
solved in a more elegant manner.
2013-10-19 14:38:15 +02:00
Mikael Nordfeldth
145fbf1130 Move nick updating of User entry to Profile->update()
Also, timezone and language in User table weren't indexes. So no need
to do them separately.
2013-10-17 16:38:42 +02:00
Mikael Nordfeldth
6ed66d9c76 Local_group and User are now assumed to be in same namespace 2013-10-17 01:27:01 +02:00
Mikael Nordfeldth
38a69b5597 Better checks during User::register and improved Nickname checks 2013-10-16 14:58:06 +02:00
Mikael Nordfeldth
8202e922aa Do calls straight to the result of getProfile 2013-10-15 02:34:10 +02:00
Mikael Nordfeldth
4e8d7795d0 Moved favoriteNotices from User to Profile class 2013-10-15 02:15:58 +02:00
Mikael Nordfeldth
fdbb528e7a getTaggedSub-stuff moved to Profile class 2013-10-15 02:00:27 +02:00
Mikael Nordfeldth
1dc051a9eb We never accept a user without a Profile 2013-10-15 01:00:27 +02:00
Mikael Nordfeldth
78f9629bf3 Moved shareLocation preference check to Profile class 2013-10-06 13:38:09 +02:00
Mikael Nordfeldth
24e0535001 Fix regression from WebFinger update for singleuser sites 2013-09-30 22:42:20 +02:00
Mikael Nordfeldth
a0e107f17f Implemented WebFinger and replaced our XRD with PEAR XML_XRD
New plugins:
* LRDD
    LRDD implements client-side RFC6415 and RFC7033 resource descriptor
    discovery procedures. I.e. LRDD, host-meta and WebFinger stuff.

    OStatus and OpenID now depend on the LRDD plugin (XML_XRD).

* WebFinger
    This plugin implements the server-side of RFC6415 and RFC7033. Note:
    WebFinger technically doesn't handle XRD, but we serve both that and
    JRD (JSON Resource Descriptor), depending on Accept header and one
    ugly hack to check for old StatusNet installations.

    WebFinger depends on LRDD.

We might make this even prettier by using Net_WebFinger, but it is not
currently RFC7033 compliant (no /.well-known/webfinger resource GETs).

Disabling the WebFinger plugin would effectively render your site non-
federated (which might be desired on a private site).

Disabling the LRDD plugin would make your site unable to do modern web
URI lookups (making life just a little bit harder).
2013-09-30 22:04:52 +02:00
Mikael Nordfeldth
63306081bc Subscription "get by" functions now don't use ArrayWrappers
They were getting in the way of some strict-typing stuff.
2013-09-21 18:38:14 +02:00
Mikael Nordfeldth
93e878d7ca Make better use of Subscription class
removed lib/subs.php as it was essentially only a wrapper for Subscription
2013-09-19 17:29:05 +02:00
Mikael Nordfeldth
83b852312a Events on user registrations now strictly typed 2013-09-14 18:37:05 +02:00
Mikael Nordfeldth
99312c8cc2 Declaring some more static functions properly
As a bonus I added type declaration on Profile_block::exists and
Subscription::exists respectively.
2013-09-09 23:28:20 +02:00
Mikael Nordfeldth
747fe9d59b Tidying up getUser calls to profiles and some events
getUser calls are much more strict, and one place where this was found was
in the (un)subscribe start/end event handlers, which resulted in making the
Subscription class a bit stricter, regarding ::start and ::cancel at least.
Several minor fixes in many files were made due to this.

This does NOT touch the Foreign_link function, which should also have a more
strict getUser call. That is a future project.
2013-09-09 23:03:34 +02:00
Mikael Nordfeldth
b3e61ce7d0 Stronger typing, require array where param array 2013-08-29 10:27:39 +02:00
Mikael Nordfeldth
2a4dc77a63 The overloaded DB_DataObject function staticGet is now called getKV
I used this hacky sed-command (run it from your GNU Social root, or change the first grep's path to where it actually lies) to do a rough fix on all ::staticGet calls and rename them to ::getKV

   sed -i -s -e '/DataObject::staticGet/I!s/::staticGet/::getKV/Ig' $(grep -R ::staticGet `pwd`/* | grep -v -e '^extlib' | grep -v DataObject:: |grep -v "function staticGet"|cut -d: -f1 |sort |uniq)

If you're applying this, remember to change the Managed_DataObject and Memcached_DataObject function definitions of staticGet to getKV!

This might of course take some getting used to, or modification fo StatusNet plugins, but the result is that all the static calls (to staticGet) are now properly made without breaking PHP Strict Standards. Standards are there to be followed (and they caused some very bad confusion when used with get_called_class)

Reasonably any plugin or code that tests for the definition of 'GNUSOCIAL' or similar will take this change into consideration.
2013-08-18 13:13:56 +02:00
Mikael Nordfeldth
1a9a8ea730 staticGet for sub-Managed_DataObject classes now calls parent
The parent class for our database objects, Managed_DataObject, has a
dynamically assigned class in staticGet which objects get put into,
leaving us with less code to do the same thing.

We will probably have to move away from the DB_DataObject 'staticGet'
call as it is nowadays deprecated.
2013-08-12 19:46:44 +02:00
Mikael Nordfeldth
794163c31f Default to NOT ask for current location for new users
It may be a bad experience for new users to immediately when trying
out the service be asked for their geographical position. Instead,
let them opt-in for this behaviour.
2013-08-12 14:40:55 +02:00
Joshua Wise
89ba820246 Escape argument to prevent SQL injection attack in
User::getTaggedSubscriptions()

This change escapes the $tag argument to prevent a SQL injection
attack in User::getTaggedSubscriptions(). The parameter was not
escaped higher up the stack, so this vulnerability could be exploited.
2013-07-16 10:47:29 -07:00
Joshua Wise
4a30da924a Escape argument to User::getTaggedSubscribers() to preven SQL injection
This change escapes the argument to User::getTaggedSubscribers() to
prevent SQL injection attacks.

Both code paths up the stack fail to escape this parameter, so this is
a potential SQL injection attack.
2013-07-16 10:43:56 -07:00
Evan Prodromou
08c72a00e8 Use better type, title for service 2013-06-04 16:30:40 -04:00