Compare commits

...

421 Commits
v3 ... nightly

Author SHA1 Message Date
wamo 74d137b248 Update 'doc-src/about' 2023-04-09 23:19:59 +09:00
wamo fe937c29dc revert 2023-04-09 23:19:41 +09:00
wamo ab222eec97 Update 'doc-src/contact' 2023-04-09 23:17:31 +09:00
wamo 52661deda2 update base theme icon 2023-04-09 20:12:36 +09:00
wamo 769c832fcd update neo-quitter 2023-04-09 20:08:37 +09:00
SENOO, Ken c378019deb
Docker support for local development 2022-10-16 21:30:36 +01:00
Diogo Peralta Cordeiro 8edd975b11
[ActivityPub] Set Notice scope when storing activities 2021-12-07 15:23:20 +00:00
Diogo Peralta Cordeiro 504c21a519
[CORE] Bump PHP version to 7.4 2021-12-07 15:23:20 +00:00
Diogo Peralta Cordeiro 6e031d623a [VersionBump] 2.0.0beta0
Updated composer and translations

composer install --no-dev
composer dump-autoload --optimize
git add vendor/ --force
make updatepo
2021-07-18 12:49:17 +01:00
Maiyannah Bishop cd3a9ec6a9 [API] Security hotfix for source, picked from postActive 2021-07-17 20:24:27 +01:00
Diogo Peralta Cordeiro 983478aeec [PEAR] Force using extlib's patched version 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 56ece91f4c [ActivityPub][POSTMAN] Do not die on network errors 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 5396f3c9d1 [DirectMessage] Fix some wrong calls after MessageModel introduction in d9a9a3746b 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 68dfaff413 [ActivityPub][INBOX] CREATE NOTE Attachments, we handle enclosures elsewhere
It was trying to make enclosures with objects instead of strings, also attachments don't use this, only links
2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 1b69d02875 [MEDIA][MediaFile] Prevent issues with huge original filenames 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 4cc3a779b5 [ActivityPub][INBOX] CREATE NOTE now accepts <br> tag 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 28a044077f [StoreRemoteMedia][SCRIPTS] Fix typo in query
This was introduced in 11ebb98919f56f7dcf888adfbebf9e8826f995b4#diff-96141878409d7418ea5a9eefbde509b43482c01R70
The arg number should have been one, as there's only one...
2021-07-16 19:44:42 +01:00
Alexei Sorokin c5e433d577 Update the project homepage and IRC channel 2021-07-16 19:44:42 +01:00
someonewithpc 76a1facd55 [INSTALL] Update mailing list URL, as recommended by @Gijs
Closes notabug issue #327
2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 761ce7fd81 [StoreRemoteMedia] Fix failing to show remote thumbnails on first load
imgPath onCreateFileImageThumbnailSource would throw FileNotFoundException
2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 0eb96d4805 [Embed] Apply encoding and increased type strictness patches from StoreRemoteMedia 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 5582ccfcb7 [StoreRemoteMedia] Gracefully recover from poorly encoded images 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro b96a44c73f [StoreRemoteMedia] Increase type strictness 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro a500277dca [Embed] Revert defaults and fix Readme example 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro bcae2f26b5 [StoreRemoteMedia][SCRIPTS] Move removeRemoteMedia deleteRemoteMedia 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 422b82d3be [MEDIA] Allow thumbnail only entries 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 4deaaa8dbe [StoreRemoteMedia][SCRIPTS] Update removeRemoteMedia 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 890f3bd91e [SCRIPTS] Update clean_file_table 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro f8e6ad416b [MEDIA][SCRIPTS] clean_thumbnails Allow to delete remote thumbs as well
If the sysadmin decides that StoreRemoteMedia plugin should store
original, then its thumbs will be regenerated as well, making it safe to
delete them if needed. Beware that Embed plugin never stores the original tho.
2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro ee872b5e44 [Media] Document recently added settings and add some more
Fix some buggy ones, especially Embed crop
2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 5e3fa2bba1 [StoreRemoteMedia][Embed] Bump plugins version 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 4fec13eb20 [Media] Upload of previously uploaded files now works (bug fix)
This bug was introduced with the commit "[Media] Fix issues with database file storage"
due to the API change "File::getByHash now returns a yield of files".

I had updated this function on that commit but had missed this little detail.
2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro cab2112f1c [StoreRemoteMedia] Remote images are now stored exactly on the necessary size for the thumb 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 5077b65d71 [Media] Fix several issues
[StoreRemoteMedia] Upgrade plugin to use the new Media system

API Changes:
- Added getters to File to better formalize the ideas of the commit "[Media] Fix issues with database file storage"

UI Changes:
- Now presented thumbnails are actual thumbnails (bug fix)
- Attachment actions have a slightly more extended behaviour

Many other minor bug fixes...
2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro c2d2f90312 [ActivityPub] Attachment fetch should happen on StoreRemoteMedia 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 96197d16b5 [Core] Add an event for StoreRemoteMedia and Embed 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 8bbbb890e3 [Media] Fix issues with database file storage
Fixed file quota as well.

There can be more than one file for the same filehash IF the url are different.

Possible states:
  - A file with no url and with filename is a local file.
  - A file with an url but no filename is a remote file that wasn't fetched,
    not even the thumbnail.
  - A file with an url and filename is a fetched remote file (maybe just a
    thumbnail of it).
  - A file with no filename nor url is a redirect.

Routes:
  Given these states, updated routes so that an attachment can only be
  retrieved by id and a file by filehash.

Major API changes:
  File::getByHash now returns a yield of files

Major UI changes:
  - Now remote non stored files are presented.
  - /view became preferred
  - Redirects to remote originals are preferred.

Many other minor bug fixes...
2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 11fa4b617a [DOCUMENTATION] git clone with https so people don't need an account 2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro eacbd81dfa [i18n] Re-add gettext emulation
Removed by mistake with 9cc7df51d6#L50
2021-07-16 19:44:42 +01:00
Diogo Peralta Cordeiro 8d84451200 [ActivityPub] Re-implement Delete Actor 2021-07-16 19:44:42 +01:00
Andrew Tokarskiy c7cee7fe1a Added some ukr translations 2021-07-16 19:44:41 +01:00
Andrew Tokarskiy 058614866b Fixed some ukrainian translation errors 2021-07-16 19:44:41 +01:00
Alexei Sorokin ebfc248ff6 Various fixes
Fix OAuth and Realtime issues introduced in 9a515b9234

[DATABASE] Fix an empty default value mistake introduced in
fde929b151

[DATABASE][PostgreSQL] Avoid use of pg_constraint.consrc, which was removed in
PostgreSQL 12.

[DATABASE][MariaDB] Fix a typo introduced in aed2344bd4

[DAEMON] Wrap an assignment inside "switch":
a follow-up to adc689cb15
2021-07-16 19:44:41 +01:00
Alexei Sorokin a67953b840 [XMPP] Respond to ping and track time monotonically
This also fetches a necessary update from the XMPPHP upstream.
2021-07-16 19:44:41 +01:00
Alexei Sorokin 8181b28441 Clear out potential duplicates when semi-joining a union
Using a left outer join as a semi-join is not a valid approach.
Can still be used for an anti-semi-join.
2021-07-16 19:44:41 +01:00
Alexei Sorokin 318d2cb6ca Set the character set before making a connection
Ideally the character set should be set with the connection, and so this is
exactly what's being done now.

And now the character set code is attempted to be generalised.
2021-07-16 19:44:41 +01:00
SENOO, Ken 0b4a49d262 Change required MySQL database character set variable
Changing `character_set_server` requires root permissions and rebooting
the server.

Which is impossible on shared web hosting services.

So use `character_set_database`. This variable can be changed with
user permissions using `ALTER DATABASE`.
2021-07-16 19:44:41 +01:00
Alexei Sorokin a0f72fe5c6 Avoid ordering just by a timestamp
Try to also employ an id when possible.
Involves reworking some of the indices.
2021-07-16 19:44:41 +01:00
Alexei Sorokin ae4f3176b1 Remove "magic quotes" code and avoid wrong order implode
"Magic quotes" were removed in PHP 5.4, no need to mitigate it anymore.

Avoid implode() with the join()-like order of arguments which was deprecated
since PHP 7.4 and implicitly since PHP 5.3.
Also avoid implode() with an implicit separator for stylistic reasons.

mktime() with no arguments has been deprecated since PHP 5.1.
2021-07-16 19:44:41 +01:00
Alexei Sorokin 22f6d3ce14 [UTIL] Sanitise instead of validate in common_copy_args()
And remove common_validate_utf8() which is now unused.
2021-07-16 19:44:41 +01:00
Alexei Sorokin 9e94b7f145 [DATABASE] Switch from PEAR DB to MDB2 2021-07-16 19:44:41 +01:00
Alexei Sorokin 2f7d6ef07b [ActivityPub][INBOX][Delete] Stop if the ID is not present 2021-07-16 19:44:41 +01:00
Alexei Sorokin 04018ea4ca [ActivityPub] Fix use of ActivityPubPlugin::pull_remote_profile
It does not throw but return null.
2021-07-16 19:44:41 +01:00
Alexei Sorokin 160b6ccd94 Fix "Implement a class for automatic temporary file handling"
TemporaryFile::commit throws instead of returning a bool.
2021-07-16 19:44:41 +01:00
Alexei Sorokin d7e7396d17 [Memcached_DataObject] Do not encache on insert
This resulted in N=0 and empty "modified" in cache.
2021-07-16 19:44:41 +01:00
Alexei Sorokin 7e1091eb8c [DATABASE] Make sure the session always uses UTF-8 and UTC 2021-07-16 19:44:41 +01:00
Alexei Sorokin 4e02cb437a [API] Fix /api/statuses/update reporting a failure 2021-07-16 19:44:41 +01:00
Alexei Sorokin 9efbef720d Avoid use of assignments bare inside statements
Either use them in a subroutine call or put parentheses around the assignment.
2021-07-16 19:44:41 +01:00
Alexei Sorokin 7c2cf605f4 [Profile] Extend the allowed length of nicknames to 191 characters 2021-07-16 19:44:41 +01:00
Alexei Sorokin 7fa4d56f05 Implement a class for automatic temporary file handling
And adopt it all over the code.
2021-07-16 19:44:41 +01:00
Alexei Sorokin 590891139f [Memcached_DataObject] Change how multiGet achieves an ordered result
The previous approach sent the key values twice, which for large sets is
twice as bad.

As an optional feature of this approach multiGet now allows retrieving tuples
in exact order and amount of the requested key values.
2021-07-16 19:44:41 +01:00
Alexei Sorokin b2e009bcd3 [DirectMessage] Simplify the inbox query 2021-07-16 19:44:41 +01:00
Alexei Sorokin 6cb3a0c390 [ActivityPub] Check if a Notice is public via CC as well 2021-07-16 19:44:41 +01:00
Diogo Cordeiro 238652b15d [ActivityPub] Fix note URIs 2021-07-16 19:44:41 +01:00
Diogo Cordeiro c3cdde0873 [ActivityPub] Tombstones now have datetimes 2021-07-16 19:44:41 +01:00
Diogo Cordeiro cb78573f59 [TheFreeNetwork] Fix invalid index on lookup 2021-07-16 19:44:41 +01:00
Diogo Cordeiro 82f1fc7ca2 [ActivityPub] Implement Failed Queue 2021-07-16 19:44:41 +01:00
Diogo Cordeiro 751b23f6fe [ActivityPub] Fix DELETE 2021-07-16 19:44:41 +01:00
Diogo Cordeiro af0366ed58 [ActivityPub] Fix issues concerning Activity URIs
And some other minor bugs.
2021-07-16 19:44:41 +01:00
Alexei Sorokin d71eea1ba4 [DATABASE] Fix use of ORDER BY with DISTINCT
statuses/retweets_of_me has performance fixed, so it is also stripped of its
"bad query" status.
2021-07-16 19:44:41 +01:00
Diogo Cordeiro 300c4e3d04 [ActivityPub] Revert moving Disfavor to Queues
It seems this kind of notice isn't queued?
2021-07-16 19:44:41 +01:00
Diogo Cordeiro 5f35d9633d [ActivityPub][Queues] Fix Like 2021-07-16 19:44:41 +01:00
Diogo Cordeiro c834d27dd6 [TheFreeNetwork] Do not allow lower priority protocols to handle remote actors already handled by the higher ones 2021-07-16 19:44:41 +01:00
Alexei Sorokin a0a37352c8 [Directory] Fix SQL string quotation 2021-07-16 19:44:41 +01:00
Alexei Sorokin 6e5217dc3a [Foreign_link] Change the type of "credentials" to blob
TwitterOAuthClient::packToken uses \0 as a delimeter which can cause issues on
TEXT or VARCHAR.
2021-07-16 19:44:41 +01:00
Alexei Sorokin 912a0cb16c [OpenID] Correct table definition types
"server_url" should not be blob.
Lengths are adjusted to Auth/OpenID/(PostgreSQL|MySQL)Store.php.
2021-07-16 19:44:41 +01:00
Alexei Sorokin 3b514abd6b [Queue_item] Let DataObject construct WHERE IN 2021-07-16 19:44:41 +01:00
Alexei Sorokin 8290b137fa [TwitterBridge][DAEMONS] Fix database connection clean-up 2021-07-16 19:44:40 +01:00
Alexei Sorokin 681aa5b326 [NOTICES] Condition pushdown in the subquery in inboxnoticestream
This improves performance on PostgreSQL.
2021-07-16 19:44:40 +01:00
Alexei Sorokin 47c9bea46f [DATABASE][PostgreSQL] Ignore index prefix length 2021-07-16 19:44:40 +01:00
Alexei Sorokin 2d8f320586 [PostgreSQL] Set timezone to UTC
And remove some redundant neighbouring cruft:
utf8mb4 is already set in mysqlschema more than enough times.
2021-07-16 19:44:40 +01:00
Alexei Sorokin 1f3edd8fdf Rename the mysql_foreign_keys option to foreign_keys
And apply it universally.
2021-07-16 19:44:40 +01:00
Alexei Sorokin ed68659ece [SESSION] Session ID can be as long as 128 characters 2021-07-16 19:44:40 +01:00
Alexei Sorokin ddc3371b43 [NOTICE] Store "url" as TEXT and not VARCHAR(191) 2021-07-16 19:44:40 +01:00
Alexei Sorokin 3075cffcd7 [DATABASE] Change collation handling
Before now table definitions could define collations only for MariaDB using the
MariaDB's collation names directly.
Now instead definitions get a slightly more abstract collation name syntax, but
only supporting the collations utf8mb4_bin and utf8mb4_unicode_(cs|ci) (wrapped
as utf8_bin, utf8_general_(cs|ci)), because those are the ones that have
practical use for GNU social.

Which also means that on MariaDB the formerly used utf8mb4_general_(cs|ci) have
been superseded by utf8mb4_unicode_(cs|ci), as they are the more modern
replacement.

Introduce collation support on PostgreSQL which results in use of the C (POSIX)
collation as utf8_bin and the und-x-icu collation as utf8_general_cs.
utf8_general_ci is also mapped to und-x-icu, which makes it case-sensitive,
unfortunately.
2021-07-16 19:44:40 +01:00
Alexei Sorokin 86826a1a68 [SEARCH][PostgreSQL] Make LIKE search case-insensitive 2021-07-16 19:44:40 +01:00
Alexei Sorokin 598e8e4d56 [TwitterBridge] Create Foreign_user before Foreign_link
To keep foreign key constraints intact.
2021-07-16 19:44:40 +01:00
Alexei Sorokin c11629035b [SEARCH][MariaDB] Change user-facing fulltext search syntax
Now analogous to the simple and safe PostgreSQL's websearch_to_tsquery syntax.
MariaDB's full-text boolean search queries will fail on input such as "@user"
(unquoted) which is particularly noticeable to the user.
2021-07-16 19:44:40 +01:00
Alexei Sorokin 2d6e4e3912 [SEARCH] Exclude message scope 2021-07-16 19:44:40 +01:00
tenma b7cf60c7b4 [FFmpeg] Add FFmpeg plugin
FFmpeg plugin serves as a better performant/quality alternative to
resize animated GIFs than the ImageMagick plugin.
2021-07-16 19:44:40 +01:00
tenma 4a50579ef1 [MEDIA] Add WebP support
WebP format is now the default image format for anything that
is not an animated GIF. Image Intervention doesn't support
animated WebPs so we don't convert animated GIFs.

ImageFile:
MediaFile:
default:
- Add WebP support
2021-07-16 19:44:40 +01:00
tenma 228e7c423e [ImageMagick] Remove unnecessary code
ImageMagickPlugin:
- Remove animated thumbnail setting, we'll be able to use FFmpeg for performance
- Remove onFillImageFileMetadata and onCreateFileImageThumbnailSource(), these
  are handled just fine by ImageFile
- Bump minor version number

README:
- Update
2021-07-16 19:44:40 +01:00
Alexei Sorokin e62e429302 [File] Fix file deletion violating foreign keys 2021-07-16 19:44:40 +01:00
Alexei Sorokin 8fc807343b [RedisCache] Connections should not be shared by daemon threads 2021-07-16 19:44:40 +01:00
Alexei Sorokin a9ae96fa4c [Memcached] Do not set persistent connections for daemons 2021-07-16 19:44:40 +01:00
Alexei Sorokin 1e36ceb5b1 [Embed] Fix a query typo in fixup_files.php
Regression introduced in ec86de2bc4
2021-07-16 19:44:40 +01:00
Alexei Sorokin 668bdc7a6d [Memcached_DataObject] Thorough check of pivotGetClass arguments 2021-07-16 19:44:40 +01:00
Alexei Sorokin dd8612c39a [Bookmark] Silence a warning when no tags in BookmarkForm 2021-07-16 19:44:40 +01:00
Alexei Sorokin df03e5311b [Bookmark] Fix undefined variable "rendered" in Activity options 2021-07-16 19:44:40 +01:00
Alexei Sorokin 60c82bc9a0 [EXTLIB][VALIDATE] Declare everything as static
As was originally intended by the author and is expected.
2021-07-16 19:44:40 +01:00
Alexei Sorokin fc7925f4c8 [RSSCloud] Avoid the deprecated in PHP each() function 2021-07-16 19:44:40 +01:00
Alexei Sorokin d045bf6f5c [Managed_DataObject] Remove the "timestamp" type
It is converted to "datetime" in lib/database/schema.php
2021-07-16 19:44:40 +01:00
Alexei Sorokin 1095475645 [RSSCloud] Update schema definition 2021-07-16 19:44:40 +01:00
Alexei Sorokin e051572f84 [Profile] Allow grantRole to work when role exists 2021-07-16 19:44:40 +01:00
Alexei Sorokin cce2c763d3 [RedisCache][DiskCache] Check if unserialize succeeded 2021-07-16 19:44:40 +01:00
Alexei Sorokin ed08b46c0b [TwitterBridge] Check if Notice::$lat and Notice::$lon are defined 2021-07-16 19:44:40 +01:00
Alexei Sorokin 01093e3583 [DATABASE][MariaDB] Always use LONGBLOB for "blob"
"blob" is practically used with the expectation of unlimited length, which is
true with PostgreSQL's bytea, but not with MariaDB's BLOB, which is limited to
64KiB.
So instead use LONGBLOB, which has a maximum of 4GiB, effectively unlimited.
2021-07-16 19:44:40 +01:00
Alexei Sorokin 03e69e8c31 [DATABASE] Fix remaining misuses of SQL's GROUP BY 2021-07-16 19:44:40 +01:00
Alexei Sorokin b0b10cf186 [Queue_item] There is no "modified" attribute
Fixes a regression introduced in ec86de2bc4
2021-07-16 19:44:40 +01:00
Alexei Sorokin e8f5e34202 Revert "[CORE] Avoid the old "reply" relation in inboxnoticestream"
It is needed for mentions.
2021-07-16 19:44:40 +01:00
Alexei Sorokin 024f5fe3a8 [RequireValidatedEmail] Only check current user posts
This check made registration impossible when welcomeuser didn't have validation
as well.

And rename the "grandfatherCutoff" option to "exemptBefore".
"Grandfathering" is a relatively obscure term linked to the history of the
United States of America, so replace that with something self-descriptive.
2021-07-16 19:44:40 +01:00
Alexei Sorokin 2de195d20c [NOTICES] Restore FullNoticeStream
But only allow a select number of verbs.
This is to display optional subscription notices.
2021-07-16 19:44:40 +01:00
Alexei Sorokin 5b95c1172a [EmailAuthentication] Check if e-mail with filter_var 2021-07-16 19:44:40 +01:00
Alexei Sorokin 6d203d42e9 [DATABASE] Enable fulltext search by default
Also rename fulltext indices to more fitting names
and move the check from classes into database/schema.php
2021-07-16 19:44:40 +01:00
Alexei Sorokin 974404bcfd [DATABASE][PostgreSQL] Add fulltext search support 2021-07-16 19:44:40 +01:00
Alexei Sorokin 46ac40d981 Clean Notice_prefs and Fave_tally when a notice is deleted 2021-07-16 19:44:40 +01:00
t3nma d7ec199793 [COMPOSER] Add new php-ffmpeg package 2021-07-16 19:44:40 +01:00
Alexei Sorokin 83ba7030cc [ExtendedProfile] Clean up of missing array indices handling 2021-07-16 19:44:38 +01:00
Alexei Sorokin 5196b45e62 [TwitterBridge] Do not fail on missing notice 2021-07-16 19:44:38 +01:00
Alexei Sorokin abacbf3e0a [ACTIONS] Fix selftag 2021-07-16 19:44:38 +01:00
Alexei Sorokin 8c939b70cc [UTIL] Fix up common_ensure_session()
Give priority to cookies over GET.

Make sure session ids have only expected characters
(PHP file session handler's limitation).

Replace a mostly useless log warning with a debug message.
2021-07-16 19:44:38 +01:00
Alexei Sorokin 881ea12f3f [EXCEPTIONS] Inherit the Previous Exception parameter 2021-07-16 19:44:38 +01:00
t3nma bf274d34c6 [TwitterBridge] Fix issue "Only variables should be assigned by reference"
From the docs: "The new operator returns a reference automatically, so
assigning the result of new by reference is not allowed as of PHP 7.0.0"
2021-07-16 19:44:38 +01:00
Diogo Cordeiro 33721c85cd [ActivityPub][NOTICE] Process attachments 2021-07-16 19:44:38 +01:00
Diogo Cordeiro 4c92cc967b [MEDIA] fromUrl now supports using original file name 2021-07-16 19:44:38 +01:00
Diogo Cordeiro 7e559f0cd0 [ActivityPub][NOTICE] Fix variable being wrongly reused 2021-07-16 19:44:38 +01:00
Diogo Cordeiro f3df3762f1 [ActivityPub][INBOX][Delete] Support Delete Actor object being a Tombstone 2021-07-16 19:44:38 +01:00
Diogo Cordeiro ce4ceaf8c7 [ActivityPub][NOTICE] Fix other federation protocols mention handling 2021-07-16 19:44:38 +01:00
Diogo Cordeiro 30024b4d47 [ActivityPub][SCRIPTS] Add fix_subscriptions.php 2021-07-16 19:44:38 +01:00
Diogo Cordeiro 4dfa7f374a [TheFreeNetwork][fix_duplicates.php] Don't die because you couldn't federate an undo follow 2021-07-16 19:44:38 +01:00
Diogo Cordeiro f81b578a37 [TheFreeNetwork][fix_duplicates.php] Small improvements on queries performed 2021-07-16 19:44:38 +01:00
Alexei Sorokin 1667d727b4 Set HTTP status codes with http_​response_​code() 2021-07-16 19:44:38 +01:00
Alexei Sorokin 3429a3644d [Favorite] Fix "Properly trigger DisfavorNotice on profile deletion"
Calling find() inside delete() is probably not a good idea.
2021-07-16 19:44:38 +01:00
Diogo Cordeiro 10f0a15614 [VersionBump] 2.0.0alpha0
Ran composer update and locale updater
2021-07-16 19:44:38 +01:00
Diogo Cordeiro 31003c8914 [TheFreeNetwork] Add Readme
Improve script fix_duplicates.php's comments
2021-07-16 19:44:38 +01:00
t3nma f476708f3a [TheFreeNetwork] Add fix_duplicates script 2021-07-16 19:44:38 +01:00
t3nma bda5a7db97 [TheFreeNetwork] Small rewrite to the onStartTFNLookup event 2021-07-16 19:44:38 +01:00
Diogo Cordeiro 2a863ba746 [MODULES] Make default loading attributes available in global config 2021-07-16 19:44:38 +01:00
t3nma 119783f80e [ActivityPub][QUEUES] Handle Create (AS1 POST) verb properly
Fixes a bug introduced in e504d13120
2021-07-16 19:44:38 +01:00
Alexei Sorokin caac2cea44 [SCHEMA] Better DBMS information fetching
On PostgreSQL:
  - Parse defaults for strings and booleans properly.
  - Parse the "serial" definition type properly.
  - Get information on the "enum" definition type.
  - Re-work getting information about keys/indices.

On MariaDB:
  - Get information about lengths in indices.
  - Get foreign key information separately from the rest as they can have
    colliding names.
2021-07-16 19:44:38 +01:00
Alexei Sorokin d55488cdec [OpenID][DATABASE] Store UNIX timestamps as BIGINT 2021-07-16 19:44:38 +01:00
Alexei Sorokin 573cd7d450 [SCHEMA] Fix a few mistakes 2021-07-16 19:44:38 +01:00
Alexei Sorokin 50dd216f44 [BLOCK] Increase type strictness 2021-07-16 19:44:38 +01:00
Alexei Sorokin bee3dea9c2 [DATABASE] Add explicit indices for all foreign keys
This adds a requirement for all definitions that have foreign keys to also
require indices for all source (local) attributes mentioned in foreign keys.

MariaDB/MySQL creates indices for source attributes automatically, so this
serves as a way to get rid of those automatic indices and create clean explicit
ones instead.

In PostgreSQL, most of the time, indices on the source are necessary to
decrease performance penalty of foreign keys (like in MariaDB), but they aren't
created automatically, so this serves to remove that difference between
PostgreSQL and MariaDB.
2021-07-16 19:44:38 +01:00
Alexei Sorokin 665e4574da [DATABASE] Fix index identifiers and clean up redundant ones 2021-07-16 19:44:38 +01:00
t3nma f3ab63957d [DirectMessage] Update ApiDirectMessageNew action
- Messages are now saved as Notices
2021-07-16 19:44:38 +01:00
t3nma 8ca412bd1d [DirectMessage] Update ApiDirectMessage action
- getMessages() is now fetching from the Notice table as supposed
- every show{format}* method is properly updated to use Notice objects
- json and xml responses retrieve multi-recipients without compromising
  backwards compatibility
2021-07-16 19:44:38 +01:00
t3nma 8b0abc0382 [DirectMessage] Update inboxMessages() to stop fetching replies
This is yet to be supported in the plugin.
2021-07-16 19:44:38 +01:00
t3nma 58d7ab4d13 [DirectMessage] PSR12-format 2021-07-16 19:44:38 +01:00
Alexei Sorokin 903a9d2667 [DOCUMENTATION] Adopt PSR-12 and clarify on arrays 2021-07-16 19:44:37 +01:00
Alexei Sorokin b1b1d2af93 [DATABASE] Update "modified" in Managed_DataObject instead of a DBMS trigger
Instead of relying on the MariaDB's ON UPDATE CURRENT_TIMESTAMP trigger update
"modified" attributes in Managed_DataObject. Every raw query that needs
adjusting is adjusted, as they won't update "modified" automatically anymore.

The main goal behind this change is to fix "modified" updates on PostgreSQL.
2021-07-16 19:44:37 +01:00
Alexei Sorokin 346aec9b2a [DATABASE] Fix more incorrect uses of quotation in SQL 2021-07-16 19:44:37 +01:00
Alexei Sorokin 5b6a64b125 [Notice] Fix clearReplies() and clearRepeats() 2021-07-16 19:44:37 +01:00
Alexei Sorokin 7c727e2969 [SHOWSTREAM] Add "noindex" robots meta-tag for silenced profiles 2021-07-16 19:44:37 +01:00
Alexei Sorokin 7d7dbe627b [AuthCrypt] Password storage and comparison improvements
Password hashes are now stored in a TEXT attribute, not limited to 199 symbols.
That limitation makes no sense as password hashes are not the kind of
information to be indexed.

Actually replace crypt() with password_verify() for password checking, current
code left password_verify() unused.

Only update passwords when they use a different algorithm from the current
default. Previously "overwrite" meant rehashing every login.

Replace the "argon" boolean option with "algorithm" and "algorithm_options" for
better configurability.
The default remains whichever is default for PHP's password_hash.
2021-07-16 19:44:37 +01:00
Diogo Cordeiro c85feeaa1f [AuthCrypt] Update README and fix formatting 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 360fc0262b [MODULES] Make settings great again
Plugin main class doesn't use this construct despite extending this class.
2021-07-16 19:44:37 +01:00
Alexei Sorokin 2d3ec87ea4 [Profile][User_group] Fix profile deletion violating foreign keys 2021-07-16 19:44:37 +01:00
Alexei Sorokin a719684c6c [Favorite] Properly trigger DisfavorNotice on profile deletion 2021-07-16 19:44:37 +01:00
Alexei Sorokin 182f94cf6f [DATABASE][MariaDB] Fix index changes with foreign keys enabled 2021-07-16 19:44:37 +01:00
Alexei Sorokin 9ec1b667c0 [DATABASE][Schema_version] Change the hashing algorithm to SHA3-512 2021-07-16 19:44:37 +01:00
Alexei Sorokin 65b6a924bd [DATABASE] Make unprefixed schema.php a bit more DBMS-neutral 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 452f05512f [ActivityPub][Explorer] More robust exception handler for invalid remote answers 2021-07-16 19:44:37 +01:00
Alexei Sorokin b79d97c4e1 [RemoteFollow] Fix location display 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 2894eb9ed2 [MEDIA] Fix headers when using x-static-delivery 2021-07-16 19:44:37 +01:00
Alexei Sorokin 8b5be9fe1b [LRDD] Fix unhandled bad data in HostMeta, LinkHTML and WebFinger 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 7022d85b93 [ActivityPub][AProfile] Complete strict typing 2021-07-16 19:44:37 +01:00
Alexei Sorokin e902a9bdfc [DATABASE] Check SQL boolean values with "IS TRUE"
This way UNKNOWN (NULL) explicitly turns to FALSE when three-valued logic is
reduced to binary.
In pgsqlschema, however, use "IS FALSE" as boolean attributes in pg_index are
non-nullable, there is no outer join and there's no clear preference for NULL
reduction.

Over-complicated constructions in TagCloud queries have been simplified, which
should not affect their performance.

Additionally, in TagCloud's lib/subscriptionspeopleselftagcloudsection.php
a typing mistake in an equi-join of "profile_tag" and "profile_list" on
"tagger" was fixed.
That regression was introduced in f446db8e2a
2021-07-16 19:44:37 +01:00
Diogo Cordeiro a996ac797a [UserFlag] Fix type of onUserRightsCheck 2021-07-16 19:44:37 +01:00
Diogo Cordeiro e046d4faa5 [UserFlag] Increase strict typing of main file
Run php-cs-fixer
Correct case of class name onDeleteRelated event handlers
2021-07-16 19:44:37 +01:00
Diogo Cordeiro 235122280d [ActivityPub] Increase type strictness on Explorer 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 05790c124c [ActivityPub] Fix wrong type handling on AProfile:update_profile 2021-07-16 19:44:37 +01:00
Diogo Cordeiro f1b3db8e59 [Bookmark] Fix misuse of XMLOutputter
Argument 3 passed to htmloutputter::input() must be of the type string or null, array given, called in /srv/gnusocial/plugins/Bookmark/forms/bookmark.php on line 166
2021-07-16 19:44:37 +01:00
Diogo Cordeiro 80a4811539 [ExtendedProfile] Fix misuse of XMLOutputter
Argument 1 passed to xmloutputter::text() must be of the type string, null given, called in /srv/gnusocial/plugins/ExtendedProfile/lib/extendedprofilewidget.php on line 556
2021-07-16 19:44:37 +01:00
Hugo Sales 58af4799ee [NOTICE][UI] Fix bug: Option to message "Everyone at site" when using private instance 2021-07-16 19:44:37 +01:00
Alexei Sorokin af0ec1380e [DOCUMENTATION] Adapt the nginx config for avatars located in /file 2021-07-16 19:44:37 +01:00
Alexei Sorokin 9ba9006014 [CORE] Avoid materialisation in the TaggedProfileNoticeStream query
This is analogous to c862589dcf
2021-07-16 19:44:37 +01:00
Alexei Sorokin e3f1667b47 [NOTICE] Update index for verbs in ProfileNoticeStream
After adding a verb condition there, MariaDB now prefers the
("created", "id", "is_local") and ("profile_id", "verb", "created", "id")
indices for that query, even though they are slow for the job.
So replace them with ("is_local", "created", "id") and
("profile_id", "verb", "created", "id") respectively.
Also fix the naming of the ("profile_id", "created", "id") index.
2021-07-16 19:44:37 +01:00
Diogo Cordeiro b5180d6096 [ActivityPub] Fix bug introduced with 4d171b27
Too few arguments to function Activitypub_notice::create_notice()
2021-07-16 19:44:37 +01:00
Alexei Sorokin c461030066 [RedisCache] Catch string return type from Predis\Client::setex 2021-07-16 19:44:37 +01:00
Alexei Sorokin c50f16ba58 [CORE] Do not set "confirm_address"."user_id" to 0 by default
That breaks the foreign key constraint, it is better to just have it nullable.
2021-07-16 19:44:37 +01:00
Alexei Sorokin cbb83a9752 [NOTICES] Revert "We want the profile stream to be as raw as possible!"
There are only three possible visible notice verbs: POST, SHARE and DELETE.
What including all verbs does is it makes limiting (FETCH FIRST) unreliable as
the query will fetch invisible stuff (like favourites) and count it in, but
nothing will be displayed.
NoticeStream only allows POST and SHARE, so this effectively removes tombstones
from the profile page like in 78a111b57d
2021-07-16 19:44:37 +01:00
Alexei Sorokin eb647f15a7 [NOTICES] Fix InboxNoticeStream caching
Introduce a new property in CachingNoticeStream for always checking if there
are any new elements in the stream.
It would be extremely hard to blow InboxNoticeStream, so instead the database
hit will still occur, but it is be much faster than starting fresh.

This fixes a regression introduced in 36a55d8436
2021-07-16 19:44:37 +01:00
Diogo Cordeiro 8ec2af0020 [TheFreeNetwork] Fix small logic issue regarding StartTFNLookup return 2021-07-16 19:44:37 +01:00
Diogo Cordeiro d81e795cc0 [ActivityPub][SCRIPTS] Make update profiles work with an uri 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 4bbfb2dd56 [ActivityPub][QUEUES] Add Like, Undo and Delete 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 2b4aaca14a [ActivityPub][INBOX][Delete] Fix misconceptions
References:
- https://socialhub.activitypub.rocks/t/the-delete-activity-and-its-misconceptions/137
- https://socialhub.activitypub.rocks/t/the-update-activity-more-than-caching/260
2021-07-16 19:44:37 +01:00
Diogo Cordeiro 64108aa51d [ActivityPub][NOTE] Do not extract actor from attributedTo
There was no checking of attributedTo, actors and referent object IDs to make
sure they exist in the same domain. Therefore, one could spoof messages from
people by doing attributedTo: whoever-i-want-to-spoof
2021-07-16 19:44:37 +01:00
Diogo Cordeiro 9f4c4edb02 [ActivityPub][Ostatus] Fetch avatars in accordance to the new media system 2021-07-16 19:44:37 +01:00
Alexei Sorokin e9d1c5593d [CORE] Avoid materialisation in the TagNoticeStream query
The notice.created sort forced the notice_tag by notice join plain to employ
materialisation, which can have a serious performance penalty depending on the
size of the database.
Sort by notice_tag.created instead, which should be exactly the same.
2021-07-16 19:44:37 +01:00
Alexei Sorokin d3e63bbac0 [CORE] Avoid the old "reply" relation in inboxnoticestream
All verbs for not visible notices are filtered out, so this should not
break the timeline.
Additionally, filter by profile outside of the derived relation as that shows
better performance in PostgreSQL and MariaDB both.
2021-07-16 19:44:37 +01:00
Alexei Sorokin 819ece93aa Revert "FullNoticeStream selects all verbs"
It appears this was added to display "tombstones" of deleted notices.
However, it has other side-effects and the concept of keeping them visible has
not been adopted by the wider fediverse.
2021-07-16 19:44:37 +01:00
Alexei Sorokin 26115482ef [SCHEMA] Improve timestamp storage
Avoid the use of deprecated MariaDB "zero dates" globally. If they're present
as attribute defaults somewhere, they will be replaced with NULL implicitly.
The existing "zero dates" in MariaDB storage will be left intact and this
should not present any issues.

The "timestamp" type in table definitions now corresponds to DATETIME in
MariaDB with "DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP", which
should be close enough to the original behaviour for compatibility purposes.
It is now the recommended type for "modified" attributes, because of the
update trigger on MariaDB. But there is no such trigger implemented on
PostgreSQL as of this moment.
2021-07-16 19:44:37 +01:00
Alexei Sorokin eb993df072 [DATABASE] Fix MariaDB schema verification 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 32a7cd6458 [ActivityPub][HTTPSignatures] Fix verify 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 78f0ab022c [ActivityPub][Inbox] Signature verification after Actor update would always fail 2021-07-16 19:44:37 +01:00
Diogo Cordeiro f93d8694c3 [AVATAR] Ensure this Action stays secure 2021-07-16 19:44:37 +01:00
Hugo Sales ff75bb796b [MEDIA] Move AttachmentAction::sendFile to common_send_file
This fixed the wrong content type and status code returned by the Avatar action
2021-07-16 19:44:37 +01:00
Diogo Cordeiro c7e1352618 [ActivityPub][Inbox] With PHP 7.3 we don't need get_all_headers workaround anymore
Furthermore, it was broken on Apache2 because the actual function
doesn't put the resulting array's key in lowercase.
2021-07-16 19:44:37 +01:00
Alexei Sorokin ad6955e7ff [Memcached_DataObject] Check if it is possible to sort efficiently 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 25f67a1ce9 [ActivityPub][Inbox] get_all_headers was nginx only 2021-07-16 19:44:37 +01:00
Diogo Cordeiro bc1af78bf7 [TESTS] Move AcceptHeader from ActivityPub plugin to Core
Delete temporary ActivityPub tests (they were to be deleted long ago)
2021-07-16 19:44:37 +01:00
Diogo Cordeiro 8c2d87b3b8 [ExtendedProfile] Fix XML type bug 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 81d50c4ec3 [FORMAT] Run php-cs-fixer on tests/ 2021-07-16 19:44:37 +01:00
Diogo Cordeiro bba9c0d560 [TESTS] Fix CommandInterpreterTest
Also corrected a bad refactoring that affected Xmpp plugin test
2021-07-16 19:44:37 +01:00
Diogo Cordeiro 6a9dce2cc5 [PEAR] I'm tired of this issue still popping up, this seems to silence it 2021-07-16 19:44:37 +01:00
Diogo Cordeiro e8a5347157 [UI] Make neo-quitter default theme 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 7568789f62 [XML] Inscrease types strictness 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 02055dee49 [AVATAR] Temporary ImageFile wasn't 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 44ad0d3a85 [AVATAR] Try to delete tmp avatar if something goes wrong during the process 2021-07-16 19:44:37 +01:00
Diogo Cordeiro 5439ff3ec5 [MEDIA] ImageFile fromUpload method wasn't ensuring uploaded file was an image 2021-07-16 19:44:37 +01:00
Alexei Sorokin d01f44ee99 [DATABASE] Some query improvements
Make common_sql_weight employ standard SQL functions for the timestamp
difference in seconds.
Also replace UTC_TIMESTAMP in the MariaDB-specific part with CURRENT_TIMESTAMP
as it is the only occurence and GNU social sets UTC as a default timezone.

In a delete_orphan_files.php script simplify the main query considerably.

In clean_profiles.php stop using COUNT as if it is ANY, that is unnecessary
punishment for the database. Instead implement the anti-join with a
left outer join.

In Autocomplete and Activitypub_profile use joins instead of a WHERE OR
anti-pattern for the semi-joins.

In lib/ui/galleryaction.php replace a CROSS JOIN with an INNER JOIN.

In actions/sup.php remove a redundant subquery: WHERE is applied before
grouping either way.
2021-07-16 19:44:36 +01:00
Alexei Sorokin a93c38a9af [CORE][DATABASE] Another approach to semi-join in the inboxnoticestream query
Compared to the solution with INNER JOIN this seems to have better performance
as there is no need to deduplicate the subquery result before use.
2021-07-16 19:44:36 +01:00
Alexei Sorokin ed4cc01b2f [DATABASE] Replace NOW() with CURRENT_TIMESTAMP 2021-07-16 19:44:36 +01:00
Alexei Sorokin 434f07430d [DATABASE] Use "<>" as an SQL non-equality sign in more cases
A follow-up to commit 644b417f6c
2021-07-16 19:44:36 +01:00
Alexei Sorokin 9ac632ca2d [DATABASE] Start transactions with START TRANSACTION
"BEGIN" is non-standard and unnecessary.
2021-07-16 19:44:36 +01:00
susdiv 6ea0d441cd [Autocomplete] Fix postgres incompatible query in AutocompleteAction 2021-07-16 19:44:36 +01:00
susdiv 2a82f2774d [SCRIPTS] Fix postgres incompatible query in clean_profiles.php 2021-07-16 19:44:36 +01:00
susdiv 4153a93390 [ActivityPub] Fix Postgres incompatible query in Following and Followed collection 2021-07-16 19:44:36 +01:00
rainydaysavings 14ea9b41c2 [THEME][neo-quitter] Added icon for Network in navbar 2021-07-16 19:44:36 +01:00
Hugo Sales facf3204d3 [FIX] Fix 'Trying to access array offset on value of type null' in AntiBrutePlugin and SimpleCaptchaPlugin when using scripts 2021-07-16 19:44:36 +01:00
tenma 34e1a6ee08 [OStatus] Remove TFN's deprecated Census event and fix small typo in the code 2021-07-16 19:44:36 +01:00
tenma 12945c4d20 [ActivityPub] Remove TFN's deprecated Census event 2021-07-16 19:44:36 +01:00
tenma bbd9044626 [TheFreeNetwork] Use config + module settings for initialization and online lookup
The Census event is now replaced with module settings for populating the
protocols array. With this we can shutdown some plugins and still make
them be checked by TFN.

The performance:high config is now added when deciding whether or not to
do online lookup after the offline lookup fails.

default:
- Add default values for the TFN protocol setting

EVENTS:
- Remove Cencus event

TheFreeNetworkModule
- Remove Census event handler, update protocols array to use module's settings
- Use performance:high config when deciding to do online lookup
2021-07-16 19:44:36 +01:00
tenma 135c50762a [OStatus] Add TheFreeNetwork module's support in handling profile insertion
Ostatus_profile:
- Update createActivityObjectProfile to trigger TFN's assistance in inserting the profile
2021-07-16 19:44:36 +01:00
tenma 9fcccd8b5a [ActivityPub] Add TheFreeNetwork module's support in handling profile insertion
Activitypub_profile:
- Update do_insert to trigger TFN's assistance in inserting the profile

explorer:
- Use the new LRDD's method for grabbing profile aliases
2021-07-16 19:44:36 +01:00
tenma f1021358ed [TheFreeNetwork] Handle new StartTFNLookup and EndTFNLookup events
EVENTS:
- describe new events

TheFreeNetworkModule:
- add event handlers and necessary auxiliary methods
- minor comment updates
2021-07-16 19:44:36 +01:00
tenma 40bc43215d [OStatus] Update salmonaction to use the new LRDD's method for grabbing aliases 2021-07-16 19:44:36 +01:00
tenma 8b8157ce25 [LRDD] Add a new method for grabing profile aliases 2021-07-16 19:44:36 +01:00
tenma a17c010bb9 [ActivityPub] Autofix profile URIs through alias discovering
Activitypub_profile:
- Add updateUri method

explorer:
- Add grab_aliases method
- Update grab_local_user's online course to grab and test aliases
2021-07-16 19:44:36 +01:00
Alexei Sorokin aa2f09fa3c [UI] Fix group member pages showing up twice 2021-07-16 19:44:36 +01:00
Alexei Sorokin 26622cb84b [UI] Order groups in join descending order in profiles 2021-07-16 19:44:36 +01:00
Hugo Sales 3f8f77dff1 [CORE] Fix 'Array and string offset access syntax with curly braces is deprecated' in AuthCryptModule and DirectionDetectorPlugin 2021-07-16 19:44:36 +01:00
Alexei Sorokin 7b1c3dbb3f [Nodeinfo] Count active users for full days and without silenced 2021-07-16 19:44:36 +01:00
Alexei Sorokin 9396539f58 [CORE] Re-format the inboxnoticestream query 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 4caa394db6 [UI] Small improvement on attachment's visual 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 617e3af5cd [SensitiveContent] Fix plugin settings
Also reformatted the code and minor bug fixed it
2021-07-16 19:44:36 +01:00
nee 7ee8751b8e [SensitiveContent] Add option to activate for not-logged-in visitors
Remove redundant setting retrival code.

An example config.php entry to activate the new config:
$config['site']['sensitivecontent']['hideforvisitors'] = true;
2021-07-16 19:44:36 +01:00
nee 2419d85edf [SensitiveContent] Don't crash in GNU social classic
When an attachment has no thumbnail (for example when it's a video).
2021-07-16 19:44:36 +01:00
Hugo Sales 5b3105402e [SensitiveContent] Fix bug where having this plugin activated would not size thumbnails correctly 2021-07-16 19:44:36 +01:00
Hugo Sales b7ed15c865 [CORE] Make avatars be served with the same mechanism as attachments 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 1ea12e0cdf [PLUGINS] Remove VideoThumbnails not useful anymore 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 6598b89db0 [ActivityPub] Fix profile url handling 2021-07-16 19:44:36 +01:00
tenma 1d7855a70d [INSTALL] Allow the setup of sslproxy during install time
install.php:
installer.php:
- add option field and handle logic

display.css:
- hardcode ssl's label margin-top value so all options are correctly displayed
2021-07-16 19:44:36 +01:00
tenma eac3f58e9a [DOCUMENTATION] Add further notes to the nginx sample config 2021-07-16 19:44:36 +01:00
tenma d369e807fb [DATABASE] Fix deprecated call to implode() 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 4a90f281ed [ActivityPub] Fix undefined tag index 'type' in Activitypub_notice 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 0204ffb1fa [NOTICES] Add data-nosnippet attribute for notices by remote profiles 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 570fc17e8a [SHOWSTREAM] Add robots meta-tag for remote profiles 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 684a1a4143 [FORMAT] Ran php-cs-fixer on the handlers of notice items and streams
This was to keep the following two commits readable
- actions/showstream.php
- actions/userbyid.php
- lib/modules/ActivityHandlerModule.php
- lib/modules/ActivityHandlerPlugin.php
- lib/notices/conversationnoticestream.php
- lib/notices/noticelistitem.php
- lib/notices/noticestream.php
- lib/notices/threadednoticelistitem.php
2021-07-16 19:44:36 +01:00
Alexei Sorokin 3951ccbef7 [CORE] Use monotonic time via hrtime() where applicable
The realtime clock is not reliable when calculating elapsed time.
2021-07-16 19:44:36 +01:00
Alexei Sorokin d467370efb [Embed][CORE] Validate the hexadecimal for hex2bin properly 2021-07-16 19:44:36 +01:00
Alexei Sorokin ceeb6d4d8f [PEAR DB_DataObject] Make static methods in Cast actually static 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 73a514ddcc [DOCUMENTATION] Updated TODO and branches info 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 91869c78ac [CORE] Better queues defaults 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 351e356bb4 [ActivityPub][Postman] Fix not sending notices to self 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 705b679332 [Ostatus] Partially revert 69add504e6
updateuris isn't needed after alll, we should solve this with TFNM and existing infrastructure.
2021-07-16 19:44:36 +01:00
Diogo Cordeiro e7778bd5d7 [ActivityPub][RSA] Revision, increase type scrictness and improve docs 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 73af7be061 [ActivityPub] Properly handle Actor URIs by using events correctly
This should fix nulls on explorer lookups inputed by postman after generate_followers/getSubscribers, that I think were caused by calling common_profile_uri that, curiously, only handles local profiles
2021-07-16 19:44:36 +01:00
Diogo Cordeiro 165edc2609 [CORE] Add GNUSOCIAL_ENGINE_REPO_URL and increase usage of GNUSOCIAL_ENGINE_URL 2021-07-16 19:44:36 +01:00
Alexei Sorokin 7bd316b506 [API] Show a nicer no such user error on statusnet/groups/list_all 2021-07-16 19:44:36 +01:00
Alexei Sorokin f24d122ef5 [SCRIPTS] Fix resend_confirm_address.php
Fix a regression from 6ec72b2978,
check if an address is set when using --email.
2021-07-16 19:44:36 +01:00
Alexei Sorokin ef056779fc [Xmpp] Adjust type declarations for changes in XMPPHP 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 63669d3447 [COMPOSER] update 2021-07-16 19:44:36 +01:00
Diogo Cordeiro c96dafa191 [ActivityPub][RSA] Fix types of generate_keys 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 3d805026a2 [ExtendedProfile] Fix updates and allow to delete values 2021-07-16 19:44:36 +01:00
Alexei Sorokin 53af27a303 [NodeInfo][DATABASE] Adjust indices of the "notice" and "user" tables
On big databases these queries from the Nodeinfo plugin choked up:

SELECT profile_id FROM notice
  WHERE notice.created >= (CURRENT_DATE - INTERVAL '180' DAY)
  AND notice.is_local = 1;
SELECT id FROM "user"
  WHERE "user".created >= (CURRENT_DATE - INTERVAL '180' DAY);
2021-07-16 19:44:36 +01:00
Diogo Cordeiro fbc6fe0818 [UI] Fix a small typo 2021-07-16 19:44:36 +01:00
Diogo Cordeiro 3b01aa31d3 [REALTIME] Reviewed both the superclass and its dist plugins 2021-07-16 19:44:36 +01:00
Alexei Sorokin aab3584f93 [DATABASE] Remove profile_tag_tag_fkey
profile_list.tag is not supposed to be unique,
this also reverts the addition of profile_list_tag_key.
2021-07-16 19:44:35 +01:00
Alexei Sorokin 0bbcb5b098 [Xmpp] Latin-1 space characters are not forbidden for XMPP resources
Also use mb_strlen() with the 8bit encoding to count octets, strlen() is not as
reliable (mbstring.func_overload).
2021-07-16 19:44:35 +01:00
Alexei Sorokin 05f4b1e97d [Xmpp] Use UnexpectedValueException in splitJid, a bit narrower 2021-07-16 19:44:35 +01:00
Alexei Sorokin eab5725698 [DATABASE] Disable 'NULL' strings evaluation as SQL NULLs
Use $object->sqlValue('NULL') (identical to DataObject_Cast'ing) instead and
fix related issues like (email|sms)settings considering these NULLs as a
false positive for the E-Mail address still being set when it's been removed.

There could also be security implications to the now-disabled approach of
considering 'NULL' strings as SQL NULLs.
2021-07-16 19:44:35 +01:00
Diogo Cordeiro fd68965255 [ActivityPub] New URI system 2021-07-16 19:44:35 +01:00
Diogo Cordeiro 4dbc8d1233 [PEAR DB_DataObject] Removed DB_DATAOBJECT_NO_OVERLOAD as we don't have support for either PHP 4 or 5 2021-07-16 19:44:35 +01:00
tenma b19da881c7 [TheFreeNetwork] First code: Module class and census event 2021-07-16 19:44:35 +01:00
tenma 128c2c2e15 [SCRIPTS] Add updateuris script
To fix user URIs to their non-fancy version
2021-07-16 19:44:35 +01:00
tenma c861eb7232 [CORE] Update common_user_uri
To be consistent between federated-protocols and maintain non-fancy URIs
2021-07-16 19:44:35 +01:00
tenma 3fb78ab108 [OStatus] Add script for profile deduplication and URI fixing 2021-07-16 19:44:35 +01:00
tenma 6a37c21ead [ActivityPub] Fix some small known problems
ActivityPubPlugin:
- Rework onProfileDeleteRelated to account for the tables _rsa and _pending_follow_requests
- Update onEndShowAccountProfileBlock to stop creating the ap_profile if it doesn't exist (we'll handle this in a different manner)

Activitypub_profile:
- Remove unnecessary code from from_profile method and add return type information

Explorer:
- Update travel_collection to call itself instead of _lookup, that was wrong
2021-07-16 19:44:35 +01:00
Alexei Sorokin b3c2dfd9c9 [AnonymousFave][DATABASE] Set the created timestamp on INSERT 2021-07-16 19:44:35 +01:00
Alexei Sorokin 0c1e9bbc17 [DAEMONS][TwitterBridge] Set PUBLICDIR 2021-07-16 19:44:35 +01:00
Alexei Sorokin ab020c7528 [COMPOSER] Remove some pre-composer remnants from the code 2021-07-16 19:44:35 +01:00
Alexei Sorokin c1bd59e243 [DOCUMENTATION][NGINX conf] snippets/fastcgi-php.conf is Debian-specific 2021-07-16 19:44:35 +01:00
Alexei Sorokin 01696246eb [Embed][CORE] hex2bin should always get an even amount of symbols 2021-07-16 19:44:35 +01:00
tenma 234ba7705f [ActivityPub] Fix successive "Cannot use object of type stdClass as array" errors in the postman 2021-07-16 19:44:35 +01:00
tenma 06d7e5bf06 [MODULES] Fix VERSION constant to MODULE_VERSION in various modules 2021-07-16 19:44:35 +01:00
Diogo Cordeiro d69f479cba [CORE] Allow to force non-fancy URLs
Essential to allow toggling fancy urls later. In some cases it is
critical to keep the URL an unique URI.
2021-07-16 19:44:35 +01:00
Diogo Cordeiro 3dcedfa8bd [MEDIA] Simplify Attachment actions 2021-07-16 19:44:35 +01:00
Diogo Cordeiro 4a78510e37 [FILE] Fix Return value of File::getFileOrThumbnailSize() must be of the type int, null returned 2021-07-16 19:44:35 +01:00
Diogo Cordeiro 81711a18d9 [LIB_REFACTOR] Fix minor issues 2021-07-16 19:44:35 +01:00
tenma 4901126519 [ActivityPub] Revert usage of bitwise-operator & in the inbox_handler class. 2021-07-16 19:44:35 +01:00
Diogo Cordeiro 9088e58a64 [ActivityPub] The protocol allows content to be null, GNU social doesn't, we'll reject silentiously
Reported by kaniini
2021-07-16 19:44:35 +01:00
Diogo Cordeiro 4133874e59 [ActivityPub] attributedTo itself is not required, if not present then it should be inferred from the actor
Reported by kaniini
2021-07-16 19:44:35 +01:00
Diogo Cordeiro b7ce5b91a4 [ActivityPub] Fix security issue concerning remote profile deletes
Reported by kaniini
2021-07-16 19:44:35 +01:00
Diogo Cordeiro 48eee0e018 [ActivityPub] Inbox Handler: Remove old guzzle import
Improve exception information in doc blocks
2021-07-16 19:44:35 +01:00
Diogo Cordeiro 174733edc8 [ActivityPub] Slightly increase robustness on exception handling
Also ported Activitypub_rsa to PHP7
Minor indentation fixes
2021-07-16 19:44:35 +01:00
Diogo Cordeiro c93049d0da [ActivityPub] Consistent headers in explorer requests
Minor indentation fixes
2021-07-16 19:44:35 +01:00
Miguel Dantas 9692150c23 Fix 'Call to a member function getPayload() on null'
Trying to enable the RedisCache with the latest nightly, getting this with the daemon:

sep 25 11:40:18 friedrich startdaemons.sh[21428]: PHP Fatal error:  Uncaught Error: Call to a member function getPayload() on null in /var/www/social/plugins/RedisCache/RedisCachePlugin.php:96
sep 25 11:40:18 friedrich startdaemons.sh[21428]: Stack trace:
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #0 /var/www/social/lib/util/event.php(89): RedisCachePlugin->onStartCacheSet('gnusocial:herds...', Object(HubSub), NULL, 86400, false)
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #1 /var/www/social/lib/cache/cache.php(202): Event::handle('StartCacheSet', Array)
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #2 /var/www/social/classes/Memcached_DataObject.php(520): Cache->set('gnusocial:herds...', Object(HubSub))
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #3 /var/www/social/classes/Memcached_DataObject.php(52): Memcached_DataObject->encache()
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #4 /var/www/social/classes/Managed_DataObject.php(50): Memcached_DataObject::getClassKV('HubSub', 'hashkey', 'a38b9dc516371af...')
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #5 /var/www/social/plugins/OStatus/classes/HubSub.php(47): Managed_DataObject::getKV('hashkey', 'a38b9dc516371af...')
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #6 /var/www/social/plugins/OStatus/lib/hubprepqueuehandler.php(68): HubSub::getByHashkey('https://herds.e...', 'https://raki.so...')
sep 25 11:40:18 friedrich startdaemons.sh[21428]: #7 /var/www/social/plugins/RedisQueue/classes/RedisQueueManager.php(58): HubPrepQueueHandl in /var/www/social/plugins/RedisCache/RedisCachePlugin.php on line 96
Sign in to j
2021-07-16 19:44:35 +01:00
Miguel Dantas e25803b537 [Embed][CORE] Fixes 'Invalid Filename' on Embed. Regex didn't get updated 2021-07-16 19:44:35 +01:00
Alexei Sorokin 0fac7e49e2 Fix minor git merge resolving issues 2021-07-16 19:44:35 +01:00
Alexei Sorokin 1ba3416cd1 [SCRIPTS] Set PUBLICDIR in plugin scripts as well 2021-07-16 19:44:35 +01:00
Alexei Sorokin 3460c13535 [DAEMONS] Move resetDb to the Daemon class
As it is used inside the Daemon class now, it should always be available.
2021-07-16 19:44:35 +01:00
Diogo Cordeiro 344db5dcdf [ActivityPub] Add missing parenthesis in class instantiation
Fixed some issues related to thrown exceptions in the doblocks; also boolean -> bool
2021-07-16 19:44:35 +01:00
Alexei Sorokin 5f87c14bf8 [ActivityPub] Fix an unhandled error in onStartGetProfileFromURI 2021-07-16 19:44:35 +01:00
Diogo Cordeiro d0e3f9c823 [ActivityPub] Fix some bugs with onStartNoticeSearch
Refactored Activitypub_profile::ensure_web_finger to Activitypub_profile::ensure_webfinger
Do not throw exceptions in the handling of this event because we don't
want to stop the regular search just because we were unable to find
ActivityPub actors or notes.
2021-07-16 19:44:35 +01:00
Alexei Sorokin ffef85414e [CORE] Fix logging of very early failures 2021-07-16 19:44:35 +01:00
Alexei Sorokin cfc93bacbb [DATABASE][MariaDB] Properly account for foreign keys 2021-07-16 19:44:35 +01:00
Diogo Cordeiro acd64ba54a [BugFix] Plugins ExtendedProfile and OverwriteThemeBackground - admin is identical to system path names. 2021-07-16 19:44:35 +01:00
Alexei Sorokin 8e9db78258 [OStatus] The unsubscribe state also needs a label 2021-07-16 19:44:35 +01:00
Alexei Sorokin a9443d754a [INSTALL] Fix lib/util/installer.php import path 2021-07-16 19:44:35 +01:00
Diogo Cordeiro ee405df000 [MODULES] Make disable in admin panel effective 2021-07-16 19:44:35 +01:00
Alexei Sorokin 16b5ddd230 [DATABASE] Re-introduce PostgreSQL support 2021-07-16 19:44:35 +01:00
Alexei Sorokin e807e3bf08 [DATABASE] Use "<>" as an SQL non-equality sign
"!=" is not SQL compliant.
2021-07-16 19:44:35 +01:00
Alexei Sorokin 37e5983aca [DATABASE] Columns not in GROUP BY must not be queried 2021-07-16 19:44:35 +01:00
Alexei Sorokin 0e0c375e65 [DATABASE] Re-introduce the enum type abstraction 2021-07-16 19:44:35 +01:00
Alexei Sorokin 6b4344968d [DATABASE] Set all primary keys as "not null" explicitly 2021-07-16 19:44:35 +01:00
Alexei Sorokin 2b0251213f [DATABASE] Various table schema related fixes 2021-07-16 19:44:35 +01:00
Alexei Sorokin bc97f34f5a [DATABASE] Re-order tables to be created
Foreign keys need to be created after the respective tables are already in
place. This order makes sure this is the case.
2021-07-16 19:44:35 +01:00
Alexei Sorokin 3f17a0efea [DATABASE] Introduce a bool type in schema
PostgreSQL has a clear distinction between integers and booleans, so it makes
sense to draw a clear line.
2021-07-16 19:44:35 +01:00
Alexei Sorokin 9d87c37ac1 [DATABASE] Consistently use the "LIMIT $limit OFFSET $offset" syntax
The "LIMIT $offset, $limit" syntax is only supported by MySQL and MariaDB.
2021-07-16 19:44:35 +01:00
Alexei Sorokin 60ada8ae65 [DATABASE] Use time intervals in a SQL standard compliant way 2021-07-16 19:44:35 +01:00
Alexei Sorokin 6095a6de64 [DATABASE] Only use single quotation marks for SQL strings
Double quotation marks are only used for identifiers in the SQL standard.
2021-07-16 19:44:35 +01:00
Alexei Sorokin 6fae840ee7 [DATABASE] Set NULL in DB_DataObject in a more reliable manner
Also stop assuming that FeedSub::sub_state (enum) and FeedSub::sub_end
(datetime) can possibly be set to an empty string.
2021-07-16 19:44:35 +01:00
Alexei Sorokin d26aac77b3 [DATABASE] Always quote identifiers
The code used to operate under the assumption that MariaDB doesn't support
quoting identifiers. Not only is that not exactly true, but MariaDB has
reserved keywords that cannot be used as table or column names unquoted.
2021-07-16 19:44:35 +01:00
Alexei Sorokin 1b41a38719 [CORE] Another inboxnoticestream improvement 2021-07-16 19:44:35 +01:00
Alexei Sorokin 1b66209e53 [DAEMONS] Switch daemons to double-forking for daemonisation 2021-07-16 19:44:35 +01:00
Alexei Sorokin 72f5576795 [DAEMONS] Properly disconnect daemons from the database 2021-07-16 19:44:35 +01:00
Miguel Dantas cb412d228c [OpportunisticQM] Revamped plugin to be able to use other poll based queuemanagers, no just the DB 2021-07-16 19:44:35 +01:00
Miguel Dantas b0e10f01cb [StompQueue] Changed StompQueueManager to use polling rather than sockets 2021-07-16 19:44:34 +01:00
Miguel Dantas 7cdd64f594 [PLUGINS] Added UnQueue, a new default plugin which does all actions immediately 2021-07-16 19:44:34 +01:00
Miguel Dantas 333b915740 [PLUGINS] Added DBQueue plugin 2021-07-16 19:44:34 +01:00
Miguel Dantas e3c34c4693 [PLUGINS] Added StompQueue plugin, based on the implementation in lib/queue/stompqueuemanager. Updated to new STOMP library version. Dropped liberalstomp.php and stompqueuemanager.php 2021-07-16 19:44:34 +01:00
Miguel Dantas 3fbf974dad [PLUGINS] Added RedisQueue 2021-07-16 19:44:34 +01:00
Miguel Dantas 44e96deecd [CORE][AUTOLOAD] Fix class OAuthRequest not found
Issue description as reported by aab:

2019-08-28 17:34:48 LOG_ERR: [khp.ignorelist.com:61055.f5f7f51c GET /api/statuses/show/178372.atom] ServerErrorAction: 500 Class 'OAuthRequest' not found
2019-08-28 17:39:50 LOG_ERR: [khp.ignorelist.com:65390.4483ff85 GET /api/statusnet/conversation/104672.rss] Handled serverError (500) but cannot output into desired format ('rss'): 'Class \'OAuthRequest\' not found'
2019-08-28 17:39:50 LOG_ERR: [khp.ignorelist.com:65390.4483ff85 GET /api/statusnet/conversation/104672.rss] ServerErrorAction: 500 Class 'OAuthRequest' not found
2019-08-28 17:40:49 LOG_ERR: [khp.ignorelist.com:65390.4c745f68 GET /api/statuses/show/18132.atom] Handled serverError (500) but cannot output into desired format ('atom'): 'Class \'OAuthRequest\' not found'
2019-08-28 17:40:49 LOG_ERR: [khp.ignorelist.com:65390.4c745f68 GET /api/statuses/show/18132.atom] ServerErrorAction: 500 Class 'OAuthRequest' not found
2019-08-28 17:47:41 LOG_ERR: [khp.ignorelist.com:65390.42ee9fd4 GET /api/statusnet/conversation/133023.as] Handled serverError (500) but cannot output into desired format ('as'): 'Class \'OAuthRequest\' not found'
2021-07-16 19:44:34 +01:00
Miguel Dantas 55f4ed036d [FRAMEWORK][AUTOLOAD] Fix autoloads 2021-07-16 19:44:34 +01:00
Miguel Dantas ab3e8ce21d [LIB_REFACTOR] Fix requires 2021-07-16 19:44:34 +01:00
Miguel Dantas 2ab2e22a36 [LIB_REFACTOR] Moving files into separate semantic categories 2021-07-16 19:44:34 +01:00
Miguel Dantas 5e16606358 [RedisCache] Fix call to getPayload on int. The library is badly documented, but seems to return the TTL instead of the normal redis response
Issue description as reported by aab:

About one day after enabling redis plugin:

PHP Fatal error:  Uncaught Error: Call to a member function getPayload() on int in /var/www/html/plugins/RedisCache/RedisCachePlugin.php:96
Stack trace:
0 /var/www/html/lib/event.php(89): RedisCachePlugin->onStartCacheSet('gnusocial:gatea...', Object(Queue_item), NULL, 86400, false)
1 /var/www/html/lib/cache.php(202): Event::handle('StartCacheSet', Array)
2 /var/www/html/classes/Memcached_DataObject.php(496): Cache->set('gnusocial:gatea...', Object(Queue_item))
3 /var/www/html/classes/Memcached_DataObject.php(416): Memcached_DataObject->encache()
4 /var/www/html/classes/Managed_DataObject.php(620): Memcached_DataObject->update(Object(Queue_item))
5 /var/www/html/classes/Queue_item.php(74): Managed_DataObject->update(Object(Queue_item))
6 /var/www/html/lib/dbqueuemanager.php(75): Queue_item::top(Array, Array)
7 /var/www/html/lib/iomaster.php(287): DBQueueManager->poll()
8 /var/www/html/lib/iomaster.php(161): IoMaster->poll()
9 /var/www/html/scripts/queuedaemon.php(112): IoMaster->service()
10 /var/www/html/lib/spawni in /var/www/html/plugins/RedisCache/RedisCachePlugin.php on line 96