From 262eb7120f08a4a7c021c7c1df6a67e1b3c1d27d Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 10 Sep 2010 09:10:53 -0400 Subject: [PATCH 01/13] make our own twitter links if Twitter doesn't give us entities --- .../daemons/twitterstatusfetcher.php | 22 +++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/plugins/TwitterBridge/daemons/twitterstatusfetcher.php b/plugins/TwitterBridge/daemons/twitterstatusfetcher.php index f1305696b3..b2bcc22bcc 100755 --- a/plugins/TwitterBridge/daemons/twitterstatusfetcher.php +++ b/plugins/TwitterBridge/daemons/twitterstatusfetcher.php @@ -713,6 +713,10 @@ class TwitterStatusFetcher extends ParallelizingDaemon $text = $status->text; if (empty($status->entities)) { + common_log(LOG_WARNING, "No entities data for {$status->id}; trying to fake up links ourselves."); + $text = common_replace_urls_callback($text, 'common_linkify'); + $text = preg_replace('/(^|\"\;|\'|\(|\[|\{|\s+)#([\pL\pN_\-\.]{1,64})/e', "'\\1#'.TwitterStatusFetcher::tagLink('\\2')", $text); + $text = preg_replace('/(?:^|\s+)@([a-z0-9A-Z_]{1,64})/e', "'\\1@'.TwitterStatusFetcher::atLink('\\2')", $text); return $text; } @@ -771,12 +775,26 @@ class TwitterStatusFetcher extends ParallelizingDaemon function makeHashtagLink($object) { - return "#{$object->text}"; + return "#" . self::tagLink($object->text); } function makeMentionLink($object) { - return "@{$object->screen_name}"; + return "@".self::atLink($object->screen_name, $object->name); + } + + static function tagLink($tag) + { + return "{$tag}"; + } + + static function atLink($screenName, $fullName=null) + { + if (!empty($fullName)) { + return "{$screenName}"; + } else { + return "{$screenName}"; + } } function saveStatusMentions($notice, $status) From cfcb8603171cf9dd30fe54ee682a3666c0b21d7e Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 10 Sep 2010 09:21:01 -0400 Subject: [PATCH 02/13] use capturing parens for matching at-mentions in twitterstatusfetcher --- plugins/TwitterBridge/daemons/twitterstatusfetcher.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/TwitterBridge/daemons/twitterstatusfetcher.php b/plugins/TwitterBridge/daemons/twitterstatusfetcher.php index b2bcc22bcc..181be3dcf3 100755 --- a/plugins/TwitterBridge/daemons/twitterstatusfetcher.php +++ b/plugins/TwitterBridge/daemons/twitterstatusfetcher.php @@ -716,7 +716,7 @@ class TwitterStatusFetcher extends ParallelizingDaemon common_log(LOG_WARNING, "No entities data for {$status->id}; trying to fake up links ourselves."); $text = common_replace_urls_callback($text, 'common_linkify'); $text = preg_replace('/(^|\"\;|\'|\(|\[|\{|\s+)#([\pL\pN_\-\.]{1,64})/e', "'\\1#'.TwitterStatusFetcher::tagLink('\\2')", $text); - $text = preg_replace('/(?:^|\s+)@([a-z0-9A-Z_]{1,64})/e', "'\\1@'.TwitterStatusFetcher::atLink('\\2')", $text); + $text = preg_replace('/(^|\s+)@([a-z0-9A-Z_]{1,64})/e', "'\\1@'.TwitterStatusFetcher::atLink('\\2')", $text); return $text; } From f17512cfe603b8f00576cdff10f3a3d71924c000 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Fri, 10 Sep 2010 11:50:19 -0700 Subject: [PATCH 03/13] Catch exceptions during SubMirror mirror attempt; log & skip that one if found. Should avoid things like RequireValidatedEmailPlugin causing infinite retry loops if the mirror-er isn't validated yet. --- plugins/SubMirror/lib/mirrorqueuehandler.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/plugins/SubMirror/lib/mirrorqueuehandler.php b/plugins/SubMirror/lib/mirrorqueuehandler.php index 92b36b5ebf..c1a6f65e38 100644 --- a/plugins/SubMirror/lib/mirrorqueuehandler.php +++ b/plugins/SubMirror/lib/mirrorqueuehandler.php @@ -37,7 +37,13 @@ class MirrorQueueHandler extends QueueHandler $mirror->subscribed = $notice->profile_id; if ($mirror->find()) { while ($mirror->fetch()) { - $mirror->mirrorNotice($notice); + try { + $mirror->mirrorNotice($notice); + } catch (Exception $e) { + common_log(LOG_ERR, "Exception trying to mirror notice $notice->id " . + "for subscriber $mirror->subscriber ($mirror->style): " . + $e->getMessage()); + } } } return true; From 0021c16bd11be5c9e9f0196154b037e604d6bf37 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 13 Sep 2010 12:06:10 -0700 Subject: [PATCH 04/13] Declare public options on DisqusPlugin to avoid notice warnings on access if not set. --- plugins/DisqusPlugin.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/plugins/DisqusPlugin.php b/plugins/DisqusPlugin.php index c07eaaabdd..eef40616ee 100644 --- a/plugins/DisqusPlugin.php +++ b/plugins/DisqusPlugin.php @@ -71,6 +71,9 @@ if (!defined('STATUSNET')) { class DisqusPlugin extends Plugin { + public $shortname; // Required 'shortname' for actually triggering Disqus. + public $div_style; // Optional CSS chunk for the main
+ function onEndShowContentBlock($action) { if (get_class($action) == 'ShownoticeAction') { From ead2f3375ad8f623b6b15aa4c7194224575b3c41 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 13 Sep 2010 13:37:13 -0700 Subject: [PATCH 05/13] Ticket #2701: old color settings now get reset when changing themes, so you don't end up with the previous theme's colors. --- actions/designadminpanel.php | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php index 763737175b..e3d772f7d1 100644 --- a/actions/designadminpanel.php +++ b/actions/designadminpanel.php @@ -154,9 +154,22 @@ class DesignadminpanelAction extends AdminPanelAction $config->query('BEGIN'); - // Only update colors if the theme has not changed. + if ($themeChanged) { + // If the theme has changed, reset custom colors and let them pick + // up the new theme's defaults. + $colors = array('background', 'content', 'sidebar', 'text', 'link'); + foreach ($colors as $colorKey) { + // Clear from global config so we see defaults on this page... + $GLOBALS['config']['design'][$colorKey . 'color'] = false; - if (!$themeChanged) { + // And remove old settings from DB... + $this->deleteSetting('design', $colorKey . 'color'); + } + } else { + // Only save colors from the form if the theme has not changed. + // + // @fixme a future more ajaxy form should allow theme switch + // and color customization in one step. $bgcolor = new WebColor($this->trimmed('design_background')); $ccolor = new WebColor($this->trimmed('design_content')); From 89c561c9cf381a1068e4d78dd9ff1f42f709c4ce Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Thu, 16 Sep 2010 14:43:27 -0700 Subject: [PATCH 06/13] Ticket #2731: Fix for regression in posting to remote groups (regression in 2d4e0693c88bb8cad47f917db3ac5ecfacf28619) Changes in 2d4e0693c88bb8cad47f917db3ac5ecfacf28619 changed Ostatus_profile::filterReplies() (which sorts out the local, remote, and group recipients on incoming remote messages) from checking for remote profiles with a safe call to Ostatus_profile::staticGet() to calls through Ostatus_profile::ensureProfileURL() and Ostatus_profile::ensureWebfinger(), which throw exceptions and thus abort processing. Since this was done before checking for local groups, the filter would fail when the ensure* functions determined it was looking at a local group and rightfully refused to create a remote group profile for it. Changing the calls to the ensure* functions was done so we can record remote reply recipients for future reply-to-reply processing (the staticGet() call was a cheaper way to do a lookup when we knew we only actually had to process groups that somebody signed up to); most important fix is simply to actually check for the exception! :) Here I'm changing the order of processing so we do the local group lookup first -- where it's nice and safe -- and then when we do the remote checks, we'll go ahead and gracefully skip that entry if the full remote lookup fails, so we'll still process any following recipients. --- plugins/OStatus/classes/Ostatus_profile.php | 33 ++++++++++----------- 1 file changed, 16 insertions(+), 17 deletions(-) diff --git a/plugins/OStatus/classes/Ostatus_profile.php b/plugins/OStatus/classes/Ostatus_profile.php index 19fe5169b4..11ca67b25c 100644 --- a/plugins/OStatus/classes/Ostatus_profile.php +++ b/plugins/OStatus/classes/Ostatus_profile.php @@ -703,23 +703,7 @@ class Ostatus_profile extends Memcached_DataObject continue; } - // Is the recipient a remote group? - $oprofile = Ostatus_profile::ensureProfileURI($recipient); - - if ($oprofile) { - if ($oprofile->isGroup()) { - // Deliver to local members of this remote group. - // @fixme sender verification? - $groups[] = $oprofile->group_id; - } else { - // may be canonicalized or something - $replies[] = $oprofile->uri; - } - continue; - } - // Is the recipient a local group? - // @fixme uri on user_group isn't reliable yet // $group = User_group::staticGet('uri', $recipient); $id = OStatusPlugin::localGroupFromUrl($recipient); if ($id) { @@ -738,7 +722,22 @@ class Ostatus_profile extends Memcached_DataObject } } - common_log(LOG_DEBUG, "Skipping reply to unrecognized profile $recipient"); + // Is the recipient a remote user or group? + try { + $oprofile = Ostatus_profile::ensureProfileURI($recipient); + if ($oprofile->isGroup()) { + // Deliver to local members of this remote group. + // @fixme sender verification? + $groups[] = $oprofile->group_id; + } else { + // may be canonicalized or something + $replies[] = $oprofile->uri; + } + continue; + } catch (Exception $e) { + // Neither a recognizable local nor remote user! + common_log(LOG_DEBUG, "Skipping reply to unrecognized profile $recipient: " . $e->getMessage()); + } } $attention_uris = $replies; From 444959a789e5bc122b177cb970ca4006c07c1eee Mon Sep 17 00:00:00 2001 From: James Walker Date: Fri, 17 Sep 2010 16:33:02 -0400 Subject: [PATCH 07/13] Status_network::encache() doesn't exist --- classes/Status_network.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/classes/Status_network.php b/classes/Status_network.php index c4f37ce1c6..70c7a58eb7 100644 --- a/classes/Status_network.php +++ b/classes/Status_network.php @@ -167,9 +167,8 @@ class Status_network extends Safe_DataObject ' WHERE nickname = ' . $this->_quote($this->nickname); $orig->decache(); $result = $this->query($qry); - if ($result) { - $this->encache(); - } + $this->decache(); + return $result; } From f4a1858b3327b2b0d9920d01ccae9b3e7148d3ec Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Fri, 17 Sep 2010 14:20:05 -0700 Subject: [PATCH 08/13] Fixed typo, and updated copyright dates while I was there --- actions/useradminpanel.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/actions/useradminpanel.php b/actions/useradminpanel.php index ee9c230769..7823a370b9 100644 --- a/actions/useradminpanel.php +++ b/actions/useradminpanel.php @@ -12,6 +12,7 @@ * (at your option) any later version. * * This program is distributed in the hope that it will be useful, + * * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. @@ -24,7 +25,7 @@ * @author Evan Prodromou * @author Zach Copley * @author Sarven Capadisli - * @copyright 2008-2009 StatusNet, Inc. + * @copyright 2008-2010 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -291,6 +292,6 @@ class UserAdminPanelForm extends AdminForm function formActions() { - $this->out->submit('submit', _('Save'), 'submit', null, _('Save site settings')); + $this->out->submit('submit', _('Save'), 'submit', null, _('Save user settings')); } } From afc799ddf8ded2de063f7d6340a38c3ab3dd315e Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Fri, 17 Sep 2010 14:32:18 -0700 Subject: [PATCH 09/13] Removed periods from instructions on some admin panels for consistency --- actions/designadminpanel.php | 2 +- actions/pathsadminpanel.php | 2 +- actions/sessionsadminpanel.php | 2 +- actions/useradminpanel.php | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/actions/designadminpanel.php b/actions/designadminpanel.php index e3d772f7d1..4285f7d731 100644 --- a/actions/designadminpanel.php +++ b/actions/designadminpanel.php @@ -71,7 +71,7 @@ class DesignadminpanelAction extends AdminPanelAction function getInstructions() { - return _('Design settings for this StatusNet site.'); + return _('Design settings for this StatusNet site'); } /** diff --git a/actions/pathsadminpanel.php b/actions/pathsadminpanel.php index 7ff3c2583a..0c83aa29ec 100644 --- a/actions/pathsadminpanel.php +++ b/actions/pathsadminpanel.php @@ -67,7 +67,7 @@ class PathsadminpanelAction extends AdminPanelAction function getInstructions() { - return _('Path and server settings for this StatusNet site.'); + return _('Path and server settings for this StatusNet site'); } /** diff --git a/actions/sessionsadminpanel.php b/actions/sessionsadminpanel.php index 4386ef844b..e9bd1719f2 100644 --- a/actions/sessionsadminpanel.php +++ b/actions/sessionsadminpanel.php @@ -62,7 +62,7 @@ class SessionsadminpanelAction extends AdminPanelAction function getInstructions() { - return _('Session settings for this StatusNet site.'); + return _('Session settings for this StatusNet site'); } /** diff --git a/actions/useradminpanel.php b/actions/useradminpanel.php index 7823a370b9..04e0ca3e75 100644 --- a/actions/useradminpanel.php +++ b/actions/useradminpanel.php @@ -68,7 +68,7 @@ class UseradminpanelAction extends AdminPanelAction function getInstructions() { - return _('User settings for this StatusNet site.'); + return _('User settings for this StatusNet site'); } /** From 55ad954b15d0d2d855c4cb8db5da95d3c2d0dbfb Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Fri, 17 Sep 2010 16:38:12 -0700 Subject: [PATCH 10/13] Basic license admin panel (maybe we can make it fancier later) --- actions/licenseadminpanel.php | 303 ++++++++++++++++++++++++++++++++++ lib/adminpanelaction.php | 8 + lib/default.php | 2 +- lib/router.php | 2 + 4 files changed, 314 insertions(+), 1 deletion(-) create mode 100644 actions/licenseadminpanel.php diff --git a/actions/licenseadminpanel.php b/actions/licenseadminpanel.php new file mode 100644 index 0000000000..c9aad5c4f0 --- /dev/null +++ b/actions/licenseadminpanel.php @@ -0,0 +1,303 @@ +. + * + * @category Settings + * @package StatusNet + * @author Zach Copley + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * License settings + * + * @category Admin + * @package StatusNet + * @author Zach Copley + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class LicenseadminpanelAction extends AdminPanelAction +{ + + /** + * Returns the page title + * + * @return string page title + */ + + function title() + { + // TRANS: User admin panel title + return _m('TITLE', 'License'); + } + + /** + * Instructions for using this form. + * + * @return string instructions + */ + + function getInstructions() + { + return _('License for this StatusNet site'); + } + + /** + * Show the site admin panel form + * + * @return void + */ + + function showForm() + { + $form = new LicenseAdminPanelForm($this); + $form->show(); + return; + } + + /** + * Save settings from the form + * + * @return void + */ + + function saveSettings() + { + static $settings = array( + 'license' => array('type', 'owner', 'url', 'title', 'image') + ); + + $values = array(); + + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + $values[$section][$setting] = $this->trimmed($setting); + } + } + + // This throws an exception on validation errors + + $this->validate($values); + + // assert(all values are valid); + + $config = new Config(); + + $config->query('BEGIN'); + + foreach ($settings as $section => $parts) { + foreach ($parts as $setting) { + Config::save($section, $setting, $values[$section][$setting]); + } + } + + $config->query('COMMIT'); + + return; + } + + /** + * Validate License admin form values + * + * @param array &$values from the form + * + * @return nothing + */ + + function validate(&$values) + { + // Validate license type (shouldn't have to do it, but just in case) + + $types = array('private', 'allrightsreserved', 'cc'); + + if (!in_array($values['license']['type'], $types)) { + $this->clientError(_("Invalid license selection.")); + } + + // Make sure the user has set an owner if the site has a private + // license + + if ($values['license']['type'] == 'allrightsreserved' + && empty($values['license']['owner']) + ) { + $this->clientError( + _("You must specify the owner of the content when using the All Rights Reserved license.") + ); + } + + // Make sure the license title is not too long + if (mb_strlen($values['license']['type']) > 255) { + $this->clientError( + _("Invalid license title. Max length is 255 characters.") + ); + } + + // make sure the license URL and license image URL are valid URLs + + $options = array('allowed_schemes' => array('http', 'https')); + + if (!Validate::uri($values['license']['url'], $options)) { + $this->clientError(_("Invalid license URL.")); + } + + if (!Validate::uri($values['license']['image'], $options)) { + $this->clientError(_("Invalid license image URL.")); + } + } +} + +class LicenseAdminPanelForm extends AdminForm +{ + /** + * ID of the form + * + * @return int ID of the form + */ + + function id() + { + return 'licenseadminpanel'; + } + + /** + * class of the form + * + * @return string class of the form + */ + + function formClass() + { + return 'form_settings'; + } + + /** + * Action of the form + * + * @return string URL of the action + */ + + function action() + { + return common_local_url('licenseadminpanel'); + } + + /** + * Data elements of the form + * + * @return void + */ + + function formData() + { + $this->out->elementStart( + 'fieldset', array('id' => 'settings_license-selection') + ); + $this->out->element('legend', null, _('License selection')); + $this->out->elementStart('ul', 'form_data'); + + $this->li(); + + $types = array( + 'private' => _('Private'), + 'allrightsreserved' => _('All Rights Reserved'), + 'cc' => _('Creative Commons') + ); + + $this->out->dropdown( + 'type', + _('Type'), + $types, + _('Select license'), + false, + $this->value('type', 'license') + ); + + $this->unli(); + + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + + $this->out->elementStart( + 'fieldset', + array('id' => 'settings_license-details') + ); + $this->out->element('legend', null, _('License details')); + $this->out->elementStart('ul', 'form_data'); + + $this->li(); + $this->input( + 'owner', + _('Owner'), + _('Name of the owner of the site\'s content (if applicable).'), + 'license' + ); + $this->unli(); + + $this->li(); + $this->input( + 'title', + _('License Title'), + _('The title of the license.'), + 'license' + ); + $this->unli(); + + $this->li(); + $this->input( + 'url', + _('License URL'), + _('URL for more information about the license.'), + 'license' + ); + $this->unli(); + + $this->li(); + $this->input( + 'image', _('License Image URL'), + _('URL for an image to display with the license.'), + 'license' + ); + $this->unli(); + + $this->out->elementEnd('ul'); + $this->out->elementEnd('fieldset'); + } + + /** + * Action elements + * + * @return void + */ + + function formActions() + { + $this->out->submit( + 'submit', _('Save'), 'submit', null, _('Save license settings') + ); + } +} diff --git a/lib/adminpanelaction.php b/lib/adminpanelaction.php index 41cfe5851b..043219a1fe 100644 --- a/lib/adminpanelaction.php +++ b/lib/adminpanelaction.php @@ -409,6 +409,14 @@ class AdminPanelNav extends Widget $menu_title, $action_name == 'snapshotadminpanel', 'nav_snapshot_admin_panel'); } + if (AdminPanelAction::canAdmin('license')) { + // TRANS: Menu item title/tooltip + $menu_title = _('Set site license'); + // TRANS: Menu item for site administration + $this->out->menuItem(common_local_url('licenseadminpanel'), _('License'), + $menu_title, $action_name == 'licenseadminpanel', 'nav_license_admin_panel'); + } + Event::handle('EndAdminPanelNav', array($this)); } $this->action->elementEnd('ul'); diff --git a/lib/default.php b/lib/default.php index 45a4560ff3..6200abada1 100644 --- a/lib/default.php +++ b/lib/default.php @@ -300,7 +300,7 @@ $default = 'OpenID' => null), ), 'admin' => - array('panels' => array('design', 'site', 'user', 'paths', 'access', 'sessions', 'sitenotice')), + array('panels' => array('design', 'site', 'user', 'paths', 'access', 'sessions', 'sitenotice', 'license')), 'singleuser' => array('enabled' => false, 'nickname' => null), diff --git a/lib/router.php b/lib/router.php index 7e1e6a2a47..fb5a3c7c36 100644 --- a/lib/router.php +++ b/lib/router.php @@ -690,6 +690,8 @@ class Router $m->connect('admin/sessions', array('action' => 'sessionsadminpanel')); $m->connect('admin/sitenotice', array('action' => 'sitenoticeadminpanel')); $m->connect('admin/snapshot', array('action' => 'snapshotadminpanel')); + $m->connect('admin/license', array('action' => 'licenseadminpanel')); + $m->connect('getfile/:filename', array('action' => 'getfile'), From 28fdc733a7e90146ae7803d61c352c1758285bd8 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Tue, 21 Sep 2010 14:09:46 -0400 Subject: [PATCH 11/13] change the location and title of the feeds section --- lib/action.php | 8 ++++---- lib/feedlist.php | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/lib/action.php b/lib/action.php index e503975147..dc21c75e5a 100644 --- a/lib/action.php +++ b/lib/action.php @@ -715,14 +715,14 @@ class Action extends HTMLOutputter // lawsuit { $this->elementStart('div', array('id' => 'aside_primary', 'class' => 'aside')); - if (Event::handle('StartShowExportData', array($this))) { - $this->showExportData(); - Event::handle('EndShowExportData', array($this)); - } if (Event::handle('StartShowSections', array($this))) { $this->showSections(); Event::handle('EndShowSections', array($this)); } + if (Event::handle('StartShowExportData', array($this))) { + $this->showExportData(); + Event::handle('EndShowExportData', array($this)); + } $this->elementEnd('div'); } diff --git a/lib/feedlist.php b/lib/feedlist.php index 9ae83f5e88..7493e3575e 100644 --- a/lib/feedlist.php +++ b/lib/feedlist.php @@ -61,7 +61,7 @@ class FeedList extends Widget { $this->out->elementStart('div', array('id' => 'export_data', 'class' => 'section')); - $this->out->element('h2', null, _('Export data')); + $this->out->element('h2', null, _('Feeds')); $this->out->elementStart('ul', array('class' => 'xoxo')); foreach ($feeds as $feed) { From 94de78fa0f795e7eecb8dc59a3abfeaf131f05c3 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 21 Sep 2010 12:38:04 -0700 Subject: [PATCH 12/13] Workaround for #2485: in profile output on feeds, fall back to the Twitter 73x73 avatar instead of going straight to the 96x96 default image on twitter-import profiles. --- lib/activityobject.php | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/lib/activityobject.php b/lib/activityobject.php index 677a48197f..444577775f 100644 --- a/lib/activityobject.php +++ b/lib/activityobject.php @@ -430,6 +430,17 @@ class ActivityObject $alink->height = $size; $alink->width = $size; $alink->url = Avatar::defaultImage($size); + + if ($size == AVATAR_PROFILE_SIZE) { + // Hack for Twitter import: we don't have a 96x96 image, + // but we do have a 73x73 image. For now, fake it with that. + $avatar = $profile->getAvatar(73); + if ($avatar) { + $alink = AvatarLink::fromAvatar($avatar); + $alink->height= $size; + $alink->width = $size; + } + } } $object->avatarLinks[] = $alink; From 8d019c03ee7a2a3a25bfb3f2afa25951eac06428 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Tue, 21 Sep 2010 18:04:28 -0400 Subject: [PATCH 13/13] Do not allow blank passwords when authenticating against LDAP. --- plugins/LdapCommon/LdapCommon.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/plugins/LdapCommon/LdapCommon.php b/plugins/LdapCommon/LdapCommon.php index 7dea1f0ed4..159b2d265a 100644 --- a/plugins/LdapCommon/LdapCommon.php +++ b/plugins/LdapCommon/LdapCommon.php @@ -144,6 +144,12 @@ class LdapCommon if(!$entry){ return false; }else{ + if(empty($password)) { + //NET_LDAP2 will do an anonymous bind if bindpw is not set / empty string + //which causes all login attempts that involve a blank password to appear + //to succeed. Which is obviously not good. + return false; + } $config = $this->get_ldap_config(); $config['binddn']=$entry->dn(); $config['bindpw']=$password;