4187568522
[OEMBED][UI] Skip adding an image thumbnail for oembed results if we
...
don't have a file locally to generate it, which can happen, for
instance, if StoreRemoteMedia is disabled
2019-08-03 17:31:42 +01:00
da82048d77
[MEDIA] Fix trying to display file wich is not available locally
2019-08-03 17:31:41 +01:00
04d1caff78
[CORE] Fixed bug where all thumbnails were using the original file
2019-08-03 17:31:41 +01:00
7643f3cf7b
[CORE][ACTION] Removed getfile action. Superseded by attachment/*/download, which additionally uses a file hash as oposed to a filename.
...
Additionally, added etag and last modified HTTP headers to attachments, to more effectively take advantage of caching
2019-08-03 17:31:41 +01:00
aa5c6bbf08
[CORE][UI] Made attachment actions and its subactions be able to identify attachments by id and by filehash. Changed the url stored in the DB to be attachment//view
2019-08-03 17:31:41 +01:00
9536f2a909
[CORE] Refactored attachement actions to remove duplicate code
2019-08-03 17:31:40 +01:00
c7475d78b4
[CORE][UI][ROUTER] Added view action, which inlines images and videos but downloads everything else. Fixed File url to get an URL fromthe view action, so when a making a remote notice, the correct URL is used, not accessing directly to the file
2019-08-03 17:31:40 +01:00
3c9a07677e
[CORE] Attachments and thumbnails aren't accessed directly by the file under the file storage folder, but indirectly from PHP, so that access to the file folder can be blocked in the server config
2019-08-03 17:31:40 +01:00
5eb4a7d711
[MEDIA] File downloader now in PHP, added proper name in the UI and changed the format for new attachment file names
...
The file downloader was changed from a simple redirect to the file to one
implemented in PHP, which should make it safer, by making it possible disallow
direct access to the file, to prevent executing of atttachments
The filename has a new format:
bin2hex("{$original_name}")."-{$filehash}"
This format should be respected. Notice the dash, which is important to distinguish it from the previous
format, which was "{$hash}.{$ext}"
This change was made to both make the experience more user friendly, by
providing a readable name for files, as opposed to it's hash. This name is taken
from the upload filename, but, clearly, as this wasn't done before, it's
impossible to have a proper name for older files, so those are displayed as
"untitled.{$ext}".
This new name is displayed in the UI, instead of the previous name.
2019-08-03 17:31:36 +01:00
46be9b76ef
[CORE] Fix wrong Profile_list schema and set created in user_im_prefs properly - by XRevan86
...
This reverts 496ab8c9
2019-07-24 22:28:06 +01:00
0a4eeb89da
[CORE][ROUTER] Fix wrong parameter in all/:tag by XRevan86
2019-07-01 22:40:21 +01:00
83a05724b8
[CORE] Fix subscriptions and subscribers list (related to 44653d339d)
2019-06-24 14:06:43 +01:00
2f118fde9e
Update /main/version information
2019-06-07 15:02:08 +01:00
43df2d201c
Extend Action with redirect after login logic, update some actions to use it
2019-06-07 15:02:07 +01:00
691df04103
PSR2-format
2019-06-07 15:02:07 +01:00
18fc39d2cf
Fix noticesearch tag regex
2019-05-22 22:29:33 +01:00
1536d3ef29
[XML/HTML Outputter] General improvements and refactoring as well as some bug fixes
2019-05-07 15:57:19 +01:00
c03ed457a6
Fix broken user activitystreams feed due to deleted notices
2019-05-06 23:27:38 +01:00
515682c0cd
Merge branch 'ATOM-priority" from Alexandre Alapetite into HEAD
...
source: https://git.gnu.io/gnu/gnu-social/merge_requests/174
2019-05-03 13:30:20 +01:00
d75b5d2f4a
Make group edit and logo great again by XRevan86
2019-04-27 17:39:42 +01:00
f6dbf66983
Undefined user in passwordsettings by XRevan86
2019-04-27 15:15:11 +01:00
7967db6ff5
Various obvious bug fixes and better PHP 7 support
...
Many of these came from a XRevan86 patch
2019-04-26 00:34:17 +01:00
e473937cb9
Give priority to ATOM to expose WebSub.
...
Hello,
The ATOM feed contains the hub declaration for WebSub / PubSubHubbub, but the RSS / RDF / JSON versions do not.
Currently, the ATOM version is declared last.
RSS/ATOM clients typically pick whichever version comes first, and will thus not see the WebSub feature.
I therefore suggest putting the ATOM version first, as it is more feature-rich than the other versions.
Clients not compatible with ATOM would not pick it anyway due to the different type attribute.
See same PR for Mastodon: https://github.com/tootsuite/mastodon/pull/9302
and WebSub tester https://websub.rocks/publisher
2018-11-20 22:39:23 +00:00
e8e487187e
Group Members page: Fix typo in groupmembers.php
...
Fixes #332
2018-08-12 18:32:16 -04:00
9c0c8a19dd
Merge branch 'backupaccount-xml' into 'nightly'
...
backupaccount: Don't print page HTML in XML export
See merge request gnu/gnu-social!144
2017-12-17 17:35:22 +00:00
9b19688d65
Another solution to merge request !146
2017-07-11 21:16:30 +02:00
bb72229d6a
Show what you're replying to in the web interface
2017-04-30 10:37:21 +02:00
4ef05e35b8
backupaccount: Don't print page HTML in XML export
...
The current Atom/XML account backup contains the backupaccount HTML at the end
of the downloaded file. This change makes it so that only the XML is downloaded
by terminating the script before the HTML is served.
2017-04-23 19:03:40 +00:00
75079320d1
Give remote Atom URL for remote profile view
2017-04-09 12:13:53 +02:00
bd24724560
Merge branch 'atom-post' into 'nightly'
...
Add support for Atom entry when posting status
See merge request !135
2017-04-06 09:20:38 +00:00
dc7c64592b
Add var type to newListItem() parameter
...
Fixes some "Declaration of $child::method should be compatible with
$parent::method" warnings.
2017-03-16 22:57:16 -04:00
132b932ff3
Add support for Atom entry when posting status
2017-02-04 20:04:02 +11:00
3b9b9331a8
parenthesis fail
2016-09-02 01:07:09 +02:00
59b93b23e2
Split up source and source_link. Never trust HTML!
...
https://community.highlandarrow.com/notice/269667
or alternatively: https://social.umeahackerspace.se/conversation/495655
2016-09-02 00:55:46 +02:00
af6a3aa456
Make Group actions ManagedAction so groupbyid works
2016-08-28 09:34:31 +02:00
a32bfe7d87
TagCloud turned into plugin (performance issues on large installs)
2016-08-27 15:24:25 +02:00
5a008c3738
Don't redirect to tag cloud on /tag URL
...
(this is probably just while we pluginify TagCloud)
2016-08-27 15:06:12 +02:00
7978cd6d59
s/EmptyIdException/EmptyPkeyValueException/
2016-06-25 11:50:59 +02:00
09412ac813
PrimaryNoticeList so we get InfiniteScroll on profile pages
2016-06-21 15:55:49 +02:00
a6390007b7
Merge branch 'avatar-folder-perms' into 'nightly'
...
Display error if wrong perms on 'avatar' dir
If the 'avatar' folder isn't writeable, don't let users try to
upload/delete one (and fail). Instead, print an error message about
the misconfigured folder permission.
Ref. #196
See merge request !126
2016-06-17 16:33:20 -04:00
005b4c8dd1
Merge branch 'strict-warnings' into 'nightly'
...
Fix some strict warnings (Action::prepare, Action::handle)
I know MR with changes to a bunch of files aren't great practice, but I figured since all the changes are one-liners it might not be a huge deal.
Related to #190
See merge request !123
2016-06-17 16:29:47 -04:00
c81322d51a
WIP: Display error if wrong perms on 'avatar' dir
...
If the 'avatar' folder isn't writeable, don't let users try to
upload/delete one (and fail). Instead, print an error message about
the misconfigured folder permission.
Ref. #196
2016-06-04 11:08:32 -04:00
e98d5d0c0c
Site Notice: common_purify instead of HTMLPurifier
...
So that we can use our custom settings (e.g: extra URI schemes) in the
site notice textbox.
Ref. #170
2016-06-01 03:54:28 +00:00
9de79f0a36
Update prepare() method on Action subclasses.
...
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::prepare() should be compatible with
Action::prepare(array $args = Array)
Ref. #190
2016-06-01 02:26:44 +00:00
ba2975aac8
Update handle() method on Action subclasses.
...
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::handle() should be compatible with
Action::handle()"
Ref. #190
2016-06-01 02:26:44 +00:00
bd306bdb9f
Add /download action for attachments
2016-05-09 22:08:36 +02:00
5ccf3ed714
function declaration to match parent
2016-04-18 15:21:05 +02:00
97d177f42a
Matching inherited function definition
2016-03-27 15:01:08 +02:00
dafe775ffa
Microsummaries had issues and were removed in Firefox 6.0 anyway
...
It is argued there are many better ways to get a "micro summary" of
a profile or site.
2016-03-22 22:31:01 +01:00
980085a8a3
Merge branch 'master' of git.gnu.io:gnu/gnu-social into mmn_fixes
...
Conflicts:
plugins/Minify/extlib/minify/README.txt
plugins/Minify/extlib/minify/UPGRADING.txt
plugins/Minify/extlib/minify/min/README.txt
plugins/Minify/extlib/minify/min/builder/index.php
plugins/Minify/extlib/minify/min/lib/JSMin.php
plugins/Minify/extlib/minify/min/lib/Minify.php
plugins/Minify/extlib/minify/min/lib/Minify/CSS.php
plugins/Minify/extlib/minify/min/lib/Minify/CSS/Compressor.php
plugins/Minify/extlib/minify/min/lib/Minify/Controller/Page.php
plugins/Minify/extlib/minify/min/lib/Minify/Packer.php
plugins/Recaptcha/RecaptchaPlugin.php
2016-03-21 03:10:19 +01:00
11c57e7aee
Remove Google References
...
This removes most references to Google, with some
remaining since they may point to things which are still
relevant. References to Google Code, Google Buzz and
Google Maps have been removed
2016-03-20 13:06:58 +00:00
723b49a22a
throw exception instead of clientError
2016-03-09 14:17:55 +01:00
265fa12917
Relatively experimental change to store thumbnails in 'file/thumb/' (by default)
2016-03-07 22:33:34 +01:00
6ec72b2978
Move mail_confirm_address out of mail.php
2016-03-06 17:27:40 +01:00
bf34f730dd
Use $this->scoped in AvatarsettingsAction
2016-03-05 01:03:48 +01:00
175b7e8541
Refactor some ConfirmaddressAction stuff
2016-03-02 15:31:48 +01:00
63c087a255
Consistent behaviour for ScopingNoticeStream $scoped
...
We don't guess the current profile anymore if the value of the profile === -1
Also sets $this->scoped for all ScopingNoticeStream inheritors, which just
like in an Action can be null if we're not scoped in any way (logged in).
2016-03-01 14:51:47 +01:00
da34491c59
Woops, undefined $type there.
2016-02-28 20:50:45 +01:00
d1b294e1ac
Merge branch 'delete_group_logo' into 'nightly'
...
Now we can delete a group logo.
I added a function of deleting a group logo.
I'm not sure we should delete group's avatar through Avatar::deleteFromProfile like on line 426:
```php
Avatar::deleteFromProfile($this->group->getProfile());
```
See merge request !84
2016-02-28 18:45:31 +00:00
2696e13b19
Refactoring ApiStatusesDestroyAction
2016-02-28 19:35:03 +01:00
446c930823
Change to more recent code style in ApiStatusesDestroyAction
2016-02-28 19:23:13 +01:00
6a0007c410
moderators can delete others' notices using the api
2016-02-27 01:03:24 +00:00
1d0a448e07
Publish rel="me" in Link HTTP headers
2016-02-24 16:43:09 +01:00
afbdcf8938
Don't publish mbox_sha1sum in FOAF by default.
...
We say the email is private data, so reasonably we shouldn't reveal it
indirectly through a hash sum: http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2016-02-19 00:10:05 +01:00
73dbc5ca1b
Use ToSelector choice again.
2016-02-17 23:44:15 +01:00
d9b649642d
Show notice feed URLs (and author)
2016-02-17 23:32:56 +01:00
5fbb01130a
By default, disallow users to set private_stream
2016-02-17 22:58:31 +01:00
47dc15c9f6
Describe that we don't allow empty fullnames.
2016-02-17 22:48:32 +01:00
d6bf90cfb7
If profile fullname is 0 chars use nickname
2016-02-17 22:43:45 +01:00
c7c34ec05a
Only administrators can delete other privileged users.
2016-02-12 15:00:18 +01:00
e5ad98e601
Silence action can only be used on non-priviliged users
2016-02-12 14:22:25 +01:00
ec257d940a
Either use or don't use HTTPS
...
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
2016-02-10 00:57:39 +01:00
7c90d7022b
Require the license with HTML5
2016-02-08 17:56:35 +01:00
cd71188d3a
SimpleCaptcha plugin to stop basic bots
2016-02-08 17:47:09 +01:00
a30d34be7f
Returnto the previous page when deleting a notice.
2016-02-08 15:30:28 +01:00
25c15119bc
Backupaccount is always readonly
2016-02-03 01:15:35 +01:00
19b743a9f5
Set time limit to increase time backupaccount can take
...
Wills till run out of memory probably, we should fix that.
2016-02-03 01:04:14 +01:00
a6898b033d
Fullname and location are now text, not varchar, and can be >191|255
2016-01-28 19:12:30 +01:00
7e6783bb8f
Replace htmLawed with HTMLPurifier
2016-01-28 19:01:13 +01:00
d73c264e25
Haha, forgot that the $content content must also be there!
2016-01-27 23:04:19 +01:00
a47563cf3d
Don't add space if there's no string in new notice content
2016-01-27 22:41:53 +01:00
03d2b680f8
Allow empty new-notice content via web if there's an upload
2016-01-27 22:39:43 +01:00
d13454fb84
Now we can delete a group logo.
2016-01-21 08:10:35 +09:00
a1530b0e68
Removing superflous debug stuff
2016-01-14 22:12:36 +01:00
8df38df5cb
Get uploaded media_ids via File::getByID()
...
Filters out failed ones...
2016-01-14 22:05:03 +01:00
e5019c3858
Accept media_ids parameter from Twitter API v1.1 clients
...
They upload the media first and then provide media IDs in a comma
separated parameter (but we just split it to all whole integers).
2016-01-14 20:24:01 +01:00
b570f0d3cb
Media files are accepted and uploaded via Twitter API now
2016-01-14 19:15:02 +01:00
0caf0612d0
Make Twitter Media upload API v1.1 reach us
...
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
1e5770bbcf
$this->notice is never unset after prepare
2016-01-13 21:34:15 +01:00
adba38ce20
Deleted_notice is pluginified, don't call directly from core
2016-01-13 21:29:23 +01:00
e4a1dff98d
Merge branch 'apiaccountregister_event_branch' into 'nightly'
...
APIStartRegistrationTry event
See merge request !77
2016-01-11 21:08:09 +00:00
543a7e421e
APIStartRegistrationTry event
2016-01-11 20:04:31 +00:00
33194b3cff
Attention goes to the parent notice author too
2016-01-08 02:58:31 +01:00
c48871cf1b
Notice from web now saves context->attention too! ;)
2016-01-07 23:24:15 +01:00
1f02dc639e
shortenLinks _after_ media upload to be consistent with api
2016-01-07 18:14:45 +01:00
6505504411
shortenLinks with a capital L
2016-01-07 18:12:29 +01:00
6924bb1d29
Gah and a 302 in the non-exception-handling redirect too
2016-01-06 20:09:59 +01:00
a9b5519293
Attachment thumbnail redirect is a 302 redirect
...
It SHOULD be cached but it might no longer be valid if we empty cache or something.
2016-01-06 20:07:40 +01:00
4d179c6b0c
Our URLs are permanent redirects, mind you!
2016-01-06 20:06:14 +01:00
b596391fcd
Avoid having to check for notices without rendered copies in upgrade.php
...
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Miguel Dantas
Diogo Cordeiro
brunoccast
Alexandre Alapetite
Chimo
mmn
Thomas Karpiniec
Bob Mottram
hannes
Akio Nishimura