Commit Graph

4918 Commits

Author SHA1 Message Date
Daniel Supernault
c09f1c2443 [CORE] Add Argon2I support
Add Argon2I support, disabled by default.
2019-08-03 17:47:25 +01:00
Daniel Supernault
912f2c3567 [CORE] Update AuthCryptPlugin
Added password_hash() (bcrypt) support with fallback to crypt() for older PHP versions.
2019-08-03 17:47:25 +01:00
Daniel Supernault
ad51998d67 [CORE] Add timing safe backwards compatible password_verify 2019-08-03 17:47:25 +01:00
Diogo Cordeiro
1049080df5 [CORE] Move public resources to a /public directory
Advantages:
* Increases security by preventing direct access to file/
* We are careful and have a defined('GNUSOCIAL') || die() to prevent
  direct access to GS files, but we may miss one or a vendor/extlib may
  not be as careful
* Improves directory structure - It's more natural to physically
  separate what is public from what are GNU social resources
2019-08-03 17:47:25 +01:00
Diogo Cordeiro
a1edc2c6a9 [CORE][COMPOSER] Move plugins extlibs to composer (where appropriate) 2019-08-03 17:47:24 +01:00
Diogo Cordeiro
2a06261f75 [CORE][COMPOSER] Move extlib packages with immediate composer correspondent to composer dependencies
This adds a composer.json for all dependencies that are available
2019-08-03 17:47:24 +01:00
brunoccast
0b58465fb9 [CORE] Fix notice delete-form
DeletenoticeAction:
- Added tombstone check before deletion

NoticeListItem:
- Added tombstone check before showing delete-form

ActivityVerb:
- The plugin was overwriting the deletenotice route. Added stronger
regexp to the connected routes.
2019-08-03 17:47:23 +01:00
Miguel Dantas
ed7a88ce66 [StoreRemoteMedia] Added documentation for feature which limits the maximum filesize which is kept locally 2019-08-03 17:47:22 +01:00
brunoccast
5c0a3102ff [ROUTES] Allow accept-header specification during router creation
Router:
- Fix calls to connect, most of them were misusing the function's params

URLMapper:
- Minor fixes
- Documentation
- Add support for accept-header specification

Plugins/*:
- Fix calls to connect
2019-08-03 17:47:16 +01:00
Miguel Dantas
7070a14480 [CORE][StoreRemoteMedia] Fixed bug where sometimes images were written outside the site root 2019-08-03 17:31:43 +01:00
Miguel Dantas
f746866b65 [StoreRemoteMedia] StoreRemoteMedia now uses the new filename format, which allows it to display correctly in the UI. Formatting fixes 2019-08-03 17:31:42 +01:00
Miguel Dantas
8f31a1a820 [MEDIA][OEMBED] Fixed regression in OEmbed, because it relied on accessing the files directly, which previous commits broke. The File table really should have a bool... 2019-08-03 17:31:42 +01:00
Miguel Dantas
da82048d77 [MEDIA] Fix trying to display file wich is not available locally 2019-08-03 17:31:41 +01:00
Diogo Cordeiro
f717081893 [OEmbed] Revert filename change introduced with 96ce758c 2019-08-03 17:30:52 +01:00
Diogo Cordeiro
01b5118c6f [Oembed] Refactoring and some improvements (namely documentation)
Imported some changes from postActiv
2019-08-03 17:30:52 +01:00
Diogo Cordeiro
d1fc7c0774 [CORE] MySQL 5.5 support fully restored 2019-07-25 15:35:24 +01:00
Diogo Cordeiro
6c8d2e159e [DOCUMENTATION] Plugin events should be declared in the plugin's directory not in the core 2019-07-15 03:25:16 +01:00
Diogo Cordeiro
db9bb6b5a1 [OStatus] null being returned instead of an empty array
Fixes: "Invalid argument supplied for foreach" in onEndFindMentions
2019-07-10 00:34:46 +01:00
Diogo Cordeiro
44653d339d [Poll] Refactoring and minor bug fixes 2019-06-23 23:06:04 +01:00
Diogo Cordeiro
f2705180e0 [TagSub] Fix User's tags list issue
Issue introduced with 6d9f390b and 9a92b58057
2019-06-18 14:56:55 +01:00
Diogo Cordeiro
3f8593268e [Nodeinfo][TRANSLATION] Fix languages meta-data 2019-06-12 03:25:02 +01:00
Diogo Cordeiro
8ea83aac48 [OStatus] Wrong exception was being caught 2019-06-12 02:20:58 +01:00
Diogo Cordeiro
c93547b080 [OpenID] Added support for GS's Internal Session Handler 2019-06-10 16:49:48 +01:00
Diogo Cordeiro
54f75683c7 [OpenID] s/sync/synch
This commit also fixes the translation in /plugins/OpenID/actions/finishopenidlogin.php#L203-L204 (s/Syncronize/Synchronize)
Sync is a bad technical jargon and we should use Synch instead.
Synch is already used in other parts of GNU social as seen in plugins/TwitterBridge/classes/Twitter_synch_status.php
2019-06-10 15:51:56 +01:00
brunoccast
1e4063254b [OpenID] Added synchronization button and corresponding action
UI:
- "Delete" area is now "Actions" area
- Updated themes to better reflect the changes

Routes:
- index.php?action=finishsyncopenid => finishsyncopenid

Translations:
- Updated OpenID translation files
- Updated OpenID POT file

Versioning:
- Bump OpenID minor version
- Bump GS patch version

Why would have labeling the Synchronize button of Sync been of bad taste? - answered by XRevan86:

In "synchronise" "ch" is a digraph meaning /k/ (actually /x/ turned into /k/ in English but whatever).
So… not separate letters.
It's like "ph" in "alphabet", or "sh" in "sheep", or "ch" in "chop" -- "ch" can mean a whole variety of sounds.
2019-06-09 17:04:26 +01:00
brunoccast
69a1d77480 [OpenID] Add sync confirmation in both OpenID settings and login connection 2019-06-09 17:00:06 +01:00
brunoccast
c7afe2f86c [TRANSLATION] Update Plugin POs 2019-06-09 16:10:03 +01:00
Diogo Cordeiro
5f4e3fe0eb [TRANSLATION] Update POTs and normalize files 2019-06-08 18:41:10 +01:00
Miguel Dantas
fb95af1cf5 Added Spanish, Polish and Esperanto translations to NodeInfo plugin 2019-06-08 18:36:04 +01:00
Diogo Cordeiro
02c67fd114 [Nodeinfo][DATABASE][Usage_stats] Fix wrong type for modified column 2019-06-07 15:02:10 +01:00
Diogo Cordeiro
b6be1a3659 [DATABASE][User_openid_prefs] Fix wrong type for modified column
Patch submited by Sorokin Alexei (XRevan86)
2019-06-07 15:02:09 +01:00
Diogo Cordeiro
df84ccd916 Nodeinfo has a special rule for upgrades 2019-06-07 15:02:08 +01:00
Diogo Cordeiro
46f98b3142 [VersionBump] 1.19.0, fairly late
The core plugins whose version was attached to GS's were reseted to 2.0.0.

2.0.0 was chosen as reset version for plugins because it is higher than
  the one that was set by inheriting GS version. Furthermore, it's a
  major change from prior plugin versioning system thus it also makes
  semantic sense.

Justification for version bump:

== GS ==
9a4ab31f26 1.19.0
c13b935201 1.18.3
c13b935201 1.18.2
18fc39d2cf 1.18.1
c083a8bcc2 1.18.0
e8783d46d0 1.17.1
d9a42550ff 1.17.0
1536d3ef29 1.16.0
c03ed457a6 1.15.0
d2e6519bad 1.14.2
fe411e8138 1.14.1
b17e0b4169 1.14.0
daa5f87fd4 1.13.0
d75b5d2f4a 1.11.7
f6dbf66983 1.11.6
6cf674f8f8 1.11.5
7845a09b34 1.11.4
e4d432295d 1.11.3
339204f1ee 1.11.2
a4e679a118 1.11.1
7967db6ff5 1.11.0
bc030da320 1.10.1
9cc7df51d6 1.10.0
bf7f17474d 1.9.2
8a07edec5f 1.9.1
0042971d74 1.9.0
6b5450b7e6 1.8.0
5dcc98d1c6 1.7.0
e6667db0cd 1.6.0
3290227b50 1.5.0
a59c439b46 1.4.0
496ab8c920 1.3.10
986030060b 1.3.9
1d529c021a 1.3.8
f89c052cf8 1.3.7
38f2ecefac 1.3.6
e473937cb9 1.3.5
9a39ebe66f 1.3.4
ddc3cecfc0 1.3.3
2b43d484eb 1.3.2
e8e487187e 1.3.1

== Plugins ==
XMPP plugin
e0887220b0 bump patch
e186ad57d0 bump patch

OStatus
e186ad57d0 bump patch

Nodeinfo
ceae66a30f bump minor
586fb5a517 bump major
195296846e bump minor
2019-06-07 15:02:08 +01:00
brunoccast
43df2d201c Extend Action with redirect after login logic, update some actions to use it 2019-06-07 15:02:07 +01:00
brunoccast
691df04103 PSR2-format 2019-06-07 15:02:07 +01:00
Diogo Cordeiro
2e9fa8f4b7 [DOCUMENTATION] Reorganize documentation 2019-06-05 22:48:28 +01:00
Guillaume Hayot
d7adc4e13f
Changing URI to community plugins page 2019-05-26 20:40:36 +02:00
Guillaume Hayot
c13b935201
Removing community plugins 2019-05-26 20:34:47 +02:00
Diogo Cordeiro
ceae66a30f [Nodeinfo] Fix twitterimport enabled check 2019-05-11 20:52:02 +01:00
Diogo Cordeiro
1536d3ef29 [XML/HTML Outputter] General improvements and refactoring as well as some bug fixes 2019-05-07 15:57:19 +01:00
Diogo Cordeiro
688fa4839c [Nodeinfo] Correct HELP info on fix_stats.php 2019-05-06 23:27:38 +01:00
Diogo Cordeiro
7845a09b34 RSVP asHTML throws a pretty exception that should go out of the div, by XRevan86 2019-04-26 23:08:16 +01:00
Diogo Cordeiro
e4d432295d Only variables should be assigned by reference
caught by XRevan86
2019-04-26 23:03:37 +01:00
Diogo Cordeiro
a4e679a118 Add Registration form hook points by XRevan86 2019-04-26 00:59:38 +01:00
Diogo Cordeiro
195296846e Add russian translation to NodeInfo plugin by XRevan86 2019-04-26 00:43:58 +01:00
Diogo Cordeiro
7967db6ff5 Various obvious bug fixes and better PHP 7 support
Many of these came from a XRevan86 patch
2019-04-26 00:34:17 +01:00
Diogo Cordeiro
c4f962a7d0 Fix wrong path on Realtime cleanupchannels script by XRevan86 2019-04-25 23:12:58 +01:00
Diogo Cordeiro
bc030da320 Fix undefined variables on Favorite plugin by XRevan86 2019-04-25 23:12:58 +01:00
Diogo Cordeiro
9cc7df51d6 Some obvious bug fixes for i18n 2019-04-25 23:12:46 +01:00
Diogo Cordeiro
fc4aa470b2 StoreRemoteMedia - removeRemoteMedia script - Add missing newline in bad limit error 2019-04-23 22:11:29 +01:00
Diogo Cordeiro
586fb5a517 Faster NodeInfo stats 2019-04-22 20:03:28 +01:00
Diogo Cordeiro
e186ad57d0 OStatus and XMPP plugins now inform Nodeinfo plugins about their activity 2019-04-22 07:28:45 +01:00
Diogo Cordeiro
e6667db0cd Add chimo's Nodeinfo plugin as a default GNU social plugin 2019-04-22 06:50:28 +01:00
Diogo Cordeiro
e0887220b0 XmppPlugin - Fix preg_match() - Compilation failed
Disallowed Unicodecode point (>= 0xd800 && <= 0xdfff)
2019-04-21 17:13:07 +01:00
Diogo Cordeiro
3290227b50 Modern version of XMPPHP extlib
Original XMPPHP is no longer maintained
Therefore I've done some optimizations and imported some commits from birkner and zorn-v forks.
None of the forks really looked ready to be adopted...
2019-04-21 17:13:07 +01:00
Diogo Cordeiro
7b6c887d76 OStatus plugin - Merge some bug fixes by XRevan86 2019-04-20 23:27:46 +01:00
Diogo Cordeiro
0df8531834 Fix typo on 986030060b 2019-04-19 21:16:42 +01:00
Diogo Cordeiro
986030060b XMPPHP - Fix string as array usage errors on PHP 7 2019-04-19 15:56:51 +01:00
Diogo Cordeiro
2d20656e22 [StoreRemoteMedia] script removeRemoteMedia.php was trying to remove already removed files
Sometimes different posts are associated with the same file, that case wasn't considered
Thanks to XRevan86 for spotting this issue.
2019-04-18 01:03:09 +01:00
Diogo Cordeiro
98ebe1f63b [StoreRemoteMedia] script removeRemoteMedia.php was deleting every file posted without being via web interface
Added two more options: delete image-only attachments; delete previews (like oembed thumbs)
Some further minor improvements.
Thanks to colegota for spotting this issue.
2019-04-17 02:05:04 +01:00
Diogo Cordeiro
8c9efff1ac Merge branch 'issue-326' into 'master'
Script for removing remote files until a given date

See merge request diogo/gnu-social!5
2018-09-14 21:33:54 +00:00
Chimo
2b43d484eb UserFlag: Pass proper profile to FlaggedProfileListItem
Fixes #333
2018-08-16 19:16:15 -04:00
Diogo Cordeiro
4211206e3b Script for removing remote files until a given date 2018-08-09 17:26:05 +01:00
mmn
ffe14fe5f3 Merge branch 'nightly' into 'nightly'
fixed hard coded twitter char limit

See merge request gnu/gnu-social!154
2017-12-17 17:41:14 +00:00
mmn
c285f80b18 Merge branch 'cas-user-whitelist' into 'nightly'
Added CAS user whitelist feature

See merge request gnu/gnu-social!142
2017-12-17 17:38:21 +00:00
mmn
1e1543dd72 Test if $casSettings['user_whitelist'] is an array - and then perform in_array(...) instead of just checking if it's != null. 2017-12-17 17:37:24 +00:00
vinz
5af96d3ec7 fixed hard coded twitter char limit 2017-11-08 22:50:00 +01:00
vinz
250221ff7f Merge remote-tracking branch 'upstream/nightly' into nightly 2017-11-08 22:47:23 +01:00
Mikael Nordfeldth
96ce758c05 Trying to debug some stuff regarding oEmbed 2017-09-10 14:04:12 +02:00
Mikael Nordfeldth
10f17efc4f disabling auto-backlog-importer on subscribe 2017-08-23 18:09:49 +02:00
Mikael Nordfeldth
d61375cb7f Group autocompletion now fills in hostname part 2017-08-10 12:41:47 +02:00
Mikael Nordfeldth
4c8a8848ed Groups can now be server-specific with !osm@gnusocial.de vs. !osm@sn.jonkman.ca 2017-08-10 12:30:11 +02:00
Mikael Nordfeldth
8dd06cd8d8 Harmonize webfinger formatting and enable variable pre-mention character 2017-08-10 11:25:04 +02:00
Mikael Nordfeldth
20801a32f7 Logging term used HubSub instead of WebSub. 2017-08-07 00:19:12 +02:00
Mikael Nordfeldth
090f4a9474 Mastodon replies 201 Created for salmon slaps. 2017-08-05 16:21:34 +02:00
Mikael Nordfeldth
0ef483fb4a preamble with newline for AtomPub output etc. 2017-08-05 10:42:38 +02:00
Mikael Nordfeldth
945920f24d Mimetype was not recognized if longer than bare mime 2017-08-05 09:50:42 +02:00
Mikael Nordfeldth
457d32e273 Merge branch 'takeshitakenji/gnu-social-twitter-repeat-config' into mmn_fixes 2017-07-11 22:09:12 +02:00
mmn
924bcd93e5 Merge branch 'notice_id-xml' into 'nightly'
Use the statusnet namespace for notice_id in atom feed

See merge request !136
2017-07-11 20:01:01 +00:00
mmn
d564e28f8e Merge branch 'xmpp-fix-1' into 'nightly'
Fix 'from' address in the XMPP ping command

See merge request !141
2017-07-11 19:18:51 +00:00
Mikael Nordfeldth
e4d77cb9b2 Noone uses Facebook anymore. 2017-07-11 12:44:24 +02:00
Mikael Nordfeldth
9919ccb8b5 HubSub now remembers recent failures and counts them 2017-07-10 20:28:45 +02:00
Mikael Nordfeldth
661930cbe6 oEmbed had bad variable reference in error message 2017-07-10 20:28:35 +02:00
Mikael Nordfeldth
c9cfda5ef2 Bad constant (LOG_WARNING, not LOG_WARN) 2017-07-10 14:50:25 +02:00
Mikael Nordfeldth
4ba7c4a021 AuthCrypt README brought out of the stone age 2017-07-10 14:49:01 +02:00
Mikael Nordfeldth
74a60ab963 Rework the push mechanism a bit to a less DB dependant queue 2017-07-10 14:43:28 +02:00
Mikael Nordfeldth
3bc2454e91 Avoid excessive remote requests on oEmbed lookups
I noticed that each time a notice was accessed it'd do a remote lookup
with HEAD (and continue despite 404 etc.) and then another attempt to
download the resource. If this wasn't successful new attempts would be
made for each loading of the resource, which is extremely resource
intensive.

Whenever we can say "it's been n seconds since the last attempt" we
could probably enable this again - or just manually reload remote
thumbnails (as part of the StoreRemoteMedia plugin etc.)
2017-07-10 14:41:03 +02:00
Mikael Nordfeldth
3395f6081c Endless loop nesting on ensureHub failure now fixed
Essentially I was missing a negation on a test if we were in rediscovery mode.
2017-06-22 14:37:32 +02:00
Mikael Nordfeldth
fa44e0c06e set a 'rediscovered' parameter to avoid nesting into an ensureHub loop forever 2017-06-22 00:30:38 +02:00
Mikael Nordfeldth
e8eb9f9614 Less raw database dumps in debug please 2017-05-02 09:18:43 +02:00
Mikael Nordfeldth
e9ab06b59e Fix issues with non-subscribed Ostatus_profiles 2017-05-02 09:14:30 +02:00
Mikael Nordfeldth
06b25f384a File_redirection->getFile could never get the file anyway if $redir->file_id was empty... 2017-05-02 09:07:00 +02:00
Mikael Nordfeldth
5af5bb2a32 Show WebSub state on remote user profiles 2017-05-01 21:18:04 +02:00
Mikael Nordfeldth
caa5fb75b3 Introduce neat function getFeedSub() on Ostatus_profile 2017-05-01 21:17:22 +02:00
Mikael Nordfeldth
f4d6710a0f Change mentions of PuSH to WebSub
WebSub is probably finalised before we make a release anyway. Here is
the official spec: https://www.w3.org/TR/websub/

Mostly just comments that have been changed. Some references to PuSH <0.4
are left because they actually refer to PuSH 0.3 and that's not WebSub...

The only actual code change that might affect anything is FeedSub->isPuSH()
but the only official plugin using that call was FeedPoller anyway...
2017-05-01 11:04:27 +02:00
Mikael Nordfeldth
b3da5bdaa3 Debugging log fix. 2017-05-01 10:36:55 +02:00
Mikael Nordfeldth
f6d4d00e02 I think this will stop my daemons from endlessly looping
I got this which ate all my memory:

queuedaemon.php:10733] HTTPClient: HTTP HEAD https://drive.google.com/file/d/*masked*/view?usp=sharing - 200 OK
queuedaemon.php:10733] Checking for remote URL metadata for https://drive.google.com/file/d/*masked*/view?usp=sharing
queuedaemon.php:10733] HTTPClient: HTTP GET https://drive.google.com/file/d/*masked*/view?usp=sharing - 200 OK
queuedaemon.php:10733] Trying to discover an oEmbed endpoint using link headers.
queuedaemon.php:10733] Could not find an oEmbed endpoint using link headers, trying OpenGraph from HTML.
queuedaemon.php:10733] HTTPClient: HTTP HEAD https://drive.google.com/file/d/*masked*/view?usp=sharing&usp=embed_facebook - 200 OK
queuedaemon.php:10733] Checking for remote URL metadata for https://drive.google.com/file/d/*masked*/view?usp=sharing&usp=embed_facebook
queuedaemon.php:10733] HTTPClient: HTTP GET https://drive.google.com/file/d/*masked*/view?usp=sharing&usp=embed_facebook - 200 OK
queuedaemon.php:10733] Trying to discover an oEmbed endpoint using link headers.
queuedaemon.php:10733] Could not find an oEmbed endpoint using link headers, trying OpenGraph from HTML.
queuedaemon.php:10733] HTTPClient: HTTP HEAD https://drive.google.com/file/d/*masked*/view?usp=sharing&usp=embed_facebook&usp=embed_facebook - 200 OK
queuedaemon.php:10733] Checking for remote URL metadata for https://drive.google.com/file/d/*masked*/view?usp=sharing&usp=embed_facebook&usp=embed_facebook
queuedaemon.php:10733] HTTPClient: HTTP GET https://drive.google.com/file/d/*masked*/view?usp=sharing&usp=embed_facebook&usp=embed_facebook - 200 OK
queuedaemon.php:10733] Trying to discover an oEmbed endpoint using link headers.
queuedaemon.php:10733] Could not find an oEmbed endpoint using link headers, trying OpenGraph from HTML.
...ad nauseam.
2017-05-01 10:27:21 +02:00
Mikael Nordfeldth
37c97ac8fc Message to end-user on why FeedSub failed. 2017-05-01 07:40:16 +02:00
Mikael Nordfeldth
16880de8f6 ensureHub on 422 status code (Superfeedr error on non-existing topic) 2017-04-30 10:29:16 +02:00
Mikael Nordfeldth
b20b9727cf More debugging info for FeedSub PuSH self-healing 2017-04-30 09:46:15 +02:00