From 148310e5fc78e69f6bde3683855009dc3d8d485b Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Sat, 28 Mar 2009 17:36:39 -0400 Subject: [PATCH 1/4] welcome notice, default sub for new users --- README | 14 ++++++++++++++ classes/User.php | 42 ++++++++++++++++++++++++++++++++++++++++++ lib/common.php | 3 +++ lib/noticelist.php | 1 + 4 files changed, 60 insertions(+) diff --git a/README b/README index 71760ce4f8..73cb95367c 100644 --- a/README +++ b/README @@ -1169,6 +1169,20 @@ banned: an array of usernames and/or profile IDs of 'banned' profiles. not be accepted at all. (Compare with blacklisted users above, whose posts just won't show up in the public stream.) +newuser +------- + +Options with new users. + +subscribe: nickname of a user account to automatically subscribe new + users to. Typically this would be system account for e.g. + service updates or announcements. Users are able to unsub + if they want. Default is null; no auto subscribe. +welcome: nickname of a user account that sends welcome messages to new + users. Can be the same as 'subscribe' account, although on + busy servers it may be a good idea to keep that one just for + 'urgent' messages. Default is null; no message. + Troubleshooting =============== diff --git a/classes/User.php b/classes/User.php index d9f30bec58..e9e472fe1b 100644 --- a/classes/User.php +++ b/classes/User.php @@ -273,12 +273,54 @@ class User extends Memcached_DataObject $user->emailChanged(); } + // Default system subscription + + $defnick = common_config('newuser', 'default'); + + if (!empty($defnick)) { + $defuser = User::staticGet('nickname', $defnick); + if (empty($defuser)) { + common_log(LOG_WARNING, sprintf("Default user %s does not exist.", $defnick), + __FILE__); + } else { + $defsub = new Subscription(); + $defsub->subscriber = $user->id; + $defsub->subscribed = $defuser->id; + $defsub->created = $user->created; + + $result = $defsub->insert(); + + if (!$result) { + common_log_db_error($defsub, 'INSERT', __FILE__); + return false; + } + } + } + $profile->query('COMMIT'); if ($email && !$user->email) { mail_confirm_address($user, $confirm->code, $profile->nickname, $email); } + // Welcome message + + $welcome = common_config('newuser', 'welcome'); + + if (!empty($welcome)) { + $welcomeuser = User::staticGet('nickname', $welcome); + if (empty($welcomeuser)) { + common_log(LOG_WARNING, sprintf("Welcome user %s does not exist.", $defnick), + __FILE__); + } else { + $notice = Notice::saveNew($welcomeuser->id, + sprintf(_('Welcome to %1$s, @%2$s!'), + common_config('site', 'name'), + $user->nickname), + 'system'); + } + } + return $user; } diff --git a/lib/common.php b/lib/common.php index 1ca9e521b0..caad705a42 100644 --- a/lib/common.php +++ b/lib/common.php @@ -151,6 +151,9 @@ $config = array('notify' => array()), 'inboxes' => array('enabled' => true), # on by default for new sites + 'newuser' => + array('subscribe' => null, + 'welcome' => null), ); $config['db'] = &PEAR::getStaticProperty('DB_DataObject','options'); diff --git a/lib/noticelist.php b/lib/noticelist.php index 8523f2e63e..4182d8808f 100644 --- a/lib/noticelist.php +++ b/lib/noticelist.php @@ -391,6 +391,7 @@ class NoticeListItem extends Widget case 'xmpp': case 'mail': case 'omb': + case 'system': case 'api': $this->out->element('dd', null, $source_name); break; From 47b89aa2c3a3e07d6dc63cd5be1d558af8ece233 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Mon, 30 Mar 2009 15:05:50 -0400 Subject: [PATCH 2/4] Changes to router setup to make notice search RSS feed work Conflicts: lib/router.php --- lib/router.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/router.php b/lib/router.php index 135e07a0f0..77794aaf70 100644 --- a/lib/router.php +++ b/lib/router.php @@ -136,10 +136,14 @@ class Router foreach (array('group', 'people', 'notice') as $s) { $m->connect('search/'.$s, array('action' => $s.'search')); - $m->connect('search/'.$s.'?q=:q', array('action' => $s.'search'), array('q' => '.+')); + $m->connect('search/'.$s.'?q=:q', array('action' => $s.'search'),array('q' => '.+')); } + // The second of these is needed to make the link work correctly + // when inserted into the page. The first is needed to match the + // route on the way in. Seems to be another Net_URL_Mapper bug to me. $m->connect('search/notice/rss', array('action' => 'noticesearchrss')); + $m->connect('search/notice/rss?q=:q', array('action' => 'noticesearchrss'),array('q' => '.+')); // notice From e149f3d64b5c0a58b299fb607824a1cd515836a4 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Thu, 26 Mar 2009 15:03:59 -0400 Subject: [PATCH 3/4] Support SSL for some, all, or no pages Support SSL URLs either for all pages; no pages; or for sensitive pages accepting passwords, like login, registration, API, and others. --- README | 10 ++++++++++ config.php.sample | 10 ++++++++++ lib/common.php | 2 ++ lib/util.php | 31 ++++++++++++++++++++++++++----- 4 files changed, 48 insertions(+), 5 deletions(-) diff --git a/README b/README index 73cb95367c..70815c1412 100644 --- a/README +++ b/README @@ -925,6 +925,16 @@ dupelimit: Time in which it's not OK for the same person to post the same notice; default = 60 seconds. logo: URL of an image file to use as the logo for the site. Overrides the logo in the theme, if any. +ssl: Whether to use SSL and https:// URLs for some or all pages. + Possible values are 'always' (use it for all pages), 'never' + (don't use it for any pages), or 'sometimes' (use it for + sensitive pages that include passwords like login and registration, + but not for regular pages). Default to 'never'. +sslserver: use an alternate server name for SSL URLs, like + 'secure.example.org'. You should be careful to set cookie + parameters correctly so that both the SSL server and the + "normal" server can access the session cookie and + preferably other cookies as well. db -- diff --git a/config.php.sample b/config.php.sample index 529e86f15f..d62a54fe74 100644 --- a/config.php.sample +++ b/config.php.sample @@ -174,3 +174,13 @@ $config['sphinx']['port'] = 3312; #http://taguri.org/ Examples: #$config['integration']['taguri'] = 'example.net,2008'; #$config['integration']['taguri'] = 'admin@example.net,2009-03-09' + +#Don't use SSL +#$config['site']['ssl'] = 'never'; +#Use SSL only for sensitive pages (like login, password change) +#$config['site']['ssl'] = 'sometimes'; +#Use SSL for all pages +#$config['site']['ssl'] = 'always'; + +#Use a different hostname for SSL-encrypted pages +#$config['site']['sslserver'] = 'secure.example.org'; diff --git a/lib/common.php b/lib/common.php index caad705a42..c2037c3ad6 100644 --- a/lib/common.php +++ b/lib/common.php @@ -87,6 +87,8 @@ $config = 'closed' => false, 'inviteonly' => false, 'private' => false, + 'ssl' => 'never', + 'sslserver' => null, 'dupelimit' => 60), # default for same person saying the same thing 'syslog' => array('appname' => 'laconica', # for syslog diff --git a/lib/util.php b/lib/util.php index ef73adc364..fdcae0aca0 100644 --- a/lib/util.php +++ b/lib/util.php @@ -721,25 +721,46 @@ function common_relative_profile($sender, $nickname, $dt=null) function common_local_url($action, $args=null, $params=null, $fragment=null) { + static $sensitive = array('login', 'register', 'passwordsettings', + 'twittersettings', 'finishopenidlogin', + 'api'); + $r = Router::get(); $path = $r->build($action, $args, $params, $fragment); + $ssl = in_array($action, $sensitive); + if (common_config('site','fancy')) { - $url = common_path(mb_substr($path, 1)); + $url = common_path(mb_substr($path, 1), $ssl); } else { if (mb_strpos($path, '/index.php') === 0) { - $url = common_path(mb_substr($path, 1)); + $url = common_path(mb_substr($path, 1), $ssl); } else { - $url = common_path('index.php'.$path); + $url = common_path('index.php'.$path, $ssl); } } return $url; } -function common_path($relative) +function common_path($relative, $ssl=false) { $pathpart = (common_config('site', 'path')) ? common_config('site', 'path')."/" : ''; - return "http://".common_config('site', 'server').'/'.$pathpart.$relative; + + if (($ssl && (common_config('site', 'ssl') === 'sometimes')) + || common_config('site', 'ssl') === 'always') { + $proto = 'https'; + if (is_string(common_config('site', 'sslserver')) && + mb_strlen(common_config('site', 'sslserver')) > 0) { + $serverpart = common_config('site', 'sslserver'); + } else { + $serverpart = common_config('site', 'server'); + } + } else { + $proto = 'http'; + $serverpart = common_config('site', 'server'); + } + + return $proto.'://'.$serverpart.'/'.$pathpart.$relative; } function common_date_string($dt) From 1fbf9a042e2e7ed1f67dfad9b7fe3b96019bd1a3 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 31 Mar 2009 10:09:11 -0400 Subject: [PATCH 4/4] give the correct root url when SSL enabled --- lib/openid.php | 2 +- lib/util.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/openid.php b/lib/openid.php index 3aa488b6d4..f3769c6fce 100644 --- a/lib/openid.php +++ b/lib/openid.php @@ -160,7 +160,7 @@ function oid_authenticate($openid_url, $returnto, $immediate=false) $auth_request->addExtension($sreg_request); } - $trust_root = common_path(''); + $trust_root = common_root_url(true); $process_url = common_local_url($returnto); if ($auth_request->shouldSendRedirect()) { diff --git a/lib/util.php b/lib/util.php index fdcae0aca0..98a3ae8448 100644 --- a/lib/util.php +++ b/lib/util.php @@ -952,9 +952,9 @@ function common_profile_url($nickname) // Should make up a reasonable root URL -function common_root_url() +function common_root_url($ssl=false) { - return common_path(''); + return common_path('', $ssl); } // returns $bytes bytes of random data as a hexadecimal string