0a4eeb89da
[CORE][ROUTER] Fix wrong parameter in all/:tag by XRevan86
2019-07-01 22:40:21 +01:00
11dc170ead
[CORE][FRAMEWORK] URL_REGEX_VALID_PATH_CHARS didn't recognize the parenthesis sign.
2019-06-26 15:54:51 +01:00
98c0c1ed53
Implement $config['site']['logdebug']
2019-06-25 22:59:10 +01:00
83a05724b8
[CORE] Fix subscriptions and subscribers list (related to 44653d339d)
2019-06-24 14:06:43 +01:00
44653d339d
[Poll] Refactoring and minor bug fixes
2019-06-23 23:06:04 +01:00
f2705180e0
[TagSub] Fix User's tags list issue
...
Issue introduced with 6d9f390b9a92b58057
2019-06-18 14:56:55 +01:00
306d80de94
[DATABASE] Revert accidental regression introduced with 9a39ebe66f
2019-06-14 12:00:10 +01:00
2740ff8c4c
[DOCUMENTATION] Minor corrections
...
Add two missing contributors
Bumped patch due to changed introduced with 0583a6a904
2019-06-12 12:55:42 +01:00
74ad4038ac
Allow username or email in login form
2019-06-12 03:25:06 +01:00
81d65afb28
[RELEASE] The Invicta Crusade
2019-06-11 18:37:25 +01:00
20c73f0596
[FORMATING] Ran php-cs-fixer on lib/mediafile.php, lib/imagefile.php and classes/File.php
2019-06-10 00:38:16 +01:00
b224d93098
[MEDIA] ImageFile now extends MediaFile and validates images more aggressively.
...
Default supported files need to use consistent names. Bumped version to 1.20.0
ImageFile has been changed to extend MediaFile and rely on it to partially
validate files. This validation has been extended to not rely solely on
Fileinfo, as it is disabled on some places. Now it'll try to use the shell
command `file`, if Fileinfo isn't available.
ImageFile now converts every new upload to PNG, except JPEG and GIF, which
are kept, but still resized (to the same size), to remove possible scripts
embedded therein.
MediaFile::fromUpload will return an ImageFile if the uploaded file is an image
or a MediaFile otherwise.
MediaFile can be constructed with an id with value -1 to denote a temporary
object, which is not added to the DB. This is useful to create a temporary
object for representing images, so it can be used to rescale them.
The supported attachment array needs to be populated with the result of calling
`image_type_to_extension` for the appropriate image type, in the case of images.
This is important so all parts of the code see the same extension for each image
type (jpg vs jpeg).
Added documentation to classes/File.php and to lib/MediaFile and lib/ImageFile
2019-06-10 00:35:53 +01:00
a1041a53f7
[THEME] Fix OpenID settings styles
...
- Action buttons are now side-by-side
- Dropped unused style rule concerning the solo-positioning of the Remove button
- Bump GS patch version
2019-06-09 18:13:04 +01:00
1e4063254b
[OpenID] Added synchronization button and corresponding action
...
UI:
- "Delete" area is now "Actions" area
- Updated themes to better reflect the changes
Routes:
- index.php?action=finishsyncopenid => finishsyncopenid
Translations:
- Updated OpenID translation files
- Updated OpenID POT file
Versioning:
- Bump OpenID minor version
- Bump GS patch version
Why would have labeling the Synchronize button of Sync been of bad taste? - answered by XRevan86:
In "synchronise" "ch" is a digraph meaning /k/ (actually /x/ turned into /k/ in English but whatever).
So… not separate letters.
It's like "ph" in "alphabet", or "sh" in "sheep", or "ch" in "chop" -- "ch" can mean a whole variety of sounds.
2019-06-09 17:04:26 +01:00
08b6cfde66
[SESSION] Add backwards compatibility for third party plugins depending on old Session::cleanup()
...
Namely Qvitter
2019-06-08 00:31:32 +01:00
b6be1a3659
[DATABASE][User_openid_prefs] Fix wrong type for modified column
...
Patch submited by Sorokin Alexei (XRevan86)
2019-06-07 15:02:09 +01:00
00b4a084ad
PSR2-format
2019-06-07 15:02:09 +01:00
061e7891e9
Cleanup and documentation of common_ensure_session
...
- Remove redundant branch
- Remove error suppression of session_start()
2019-06-07 15:02:09 +01:00
a1af5562de
EmailRegistration plugin flow requires a confirmation address before user creation
2019-06-07 15:02:09 +01:00
46f98b3142
[VersionBump] 1.19.0, fairly late
...
The core plugins whose version was attached to GS's were reseted to 2.0.0.
2.0.0 was chosen as reset version for plugins because it is higher than
the one that was set by inheriting GS version. Furthermore, it's a
major change from prior plugin versioning system thus it also makes
semantic sense.
Justification for version bump:
== GS ==
9a4ab31f26 1.19.0
c13b935201c13b93520118fc39d2cfc083a8bcc2e8783d46d0d9a42550ff1536d3ef29c03ed457a6d2e6519badfe411e8138b17e0b4169daa5f87fd4d75b5d2f4af6dbf669836cf674f8f87845a09b34e4d432295d339204f1eea4e679a1187967db6ff5bc030da3209cc7df51d6bf7f17474d8a07edec5f0042971d746b5450b7e65dcc98d1c6e6667db0cd3290227b50a59c439b46496ab8c920986030060b1d529c021af89c052cf838f2eceface473937cb99a39ebe66fddc3cecfc02b43d484ebe8e487187ee0887220b0e186ad57d0e186ad57d0ceae66a30f586fb5a517195296846e
2019-06-07 15:02:08 +01:00
43df2d201c
Extend Action with redirect after login logic, update some actions to use it
2019-06-07 15:02:07 +01:00
4ca32628f7
[SESSION] Log messages were a bit confusing
...
Reported by XRevan86
2019-05-26 20:14:05 +01:00
c083a8bcc2
[SESSION] Implement SessionHandlerInterface instead of setting custom handlers by XRevan86
2019-05-22 22:29:33 +01:00
d9a42550ff
is_rtl should handle lang instead of code
2019-05-16 22:51:11 +01:00
1536d3ef29
[XML/HTML Outputter] General improvements and refactoring as well as some bug fixes
2019-05-07 15:57:19 +01:00
c03ed457a6
Fix broken user activitystreams feed due to deleted notices
2019-05-06 23:27:38 +01:00
d2e6519bad
lib/ping.php - Fix PHP 7.3 Warning switch continue -> break
2019-05-06 23:27:38 +01:00
fe411e8138
Fix some typos/small obvious bugs on twitterRssGroupArray
2019-05-03 17:09:23 +01:00
6cf674f8f8
Some minor refactoring on session handler
2019-04-27 00:28:05 +01:00
9cc7df51d6
Some obvious bug fixes for i18n
2019-04-25 23:12:46 +01:00
bf7f17474d
When an attachment fails to load, it shouldn't destroy the whole layout by XRevan86
2019-04-25 20:46:47 +01:00
8a07edec5f
Fix fulltext search by XRevan86
2019-04-25 19:32:20 +01:00
0042971d74
Fix bug in 36a55d84.
...
We still have to further review and improve the caching of streams.
Important related changes: 2272cc24#diff-8633314d55a2834ab2ea425d7157bec14aca672L60
Important related discussion: https://github.com/chimo/gs-rediscache/issues/{1,2}
2019-04-25 18:51:44 +01:00
6b5450b7e6
Faster inboxnoticestream.php by XRevan86.
...
This commit consequently reverts 5dcc98d1c6a59c439b46
2019-04-25 18:48:53 +01:00
5dcc98d1c6
inboxnoticestream.php gotta go fast
2019-04-23 23:10:43 +01:00
e6667db0cd
Add chimo's Nodeinfo plugin as a default GNU social plugin
2019-04-22 06:50:28 +01:00
3290227b50
Modern version of XMPPHP extlib
...
Original XMPPHP is no longer maintained
Therefore I've done some optimizations and imported some commits from birkner and zorn-v forks.
None of the forks really looked ready to be adopted...
2019-04-21 17:13:07 +01:00
a59c439b46
Faster inboxnoticestream.php by XRevan86
2019-04-21 00:56:56 +01:00
f89c052cf8
Set default value of datetime columns to CURRENT_TIMESTAMP
...
This resolves an issue with MySQL 5.7 where the default SQL_MODE is set to disallow zero dates (i.e. '0000-00-00 00:00:00')
Fixed thanks to Francis and Normandy from postActiv.
2019-04-16 00:43:17 +01:00
8305641b20
Update master GS version
2019-04-04 10:12:56 +01:00
d1ba0dddec
Merge branch 'issue-338' into 'master'
...
Database fields with timestamp type now allow CURRENT_TIMESTAMP to be set as default value
See merge request diogo/gnu-social!3
2018-09-14 21:30:16 +00:00
9a39ebe66f
Database fields with timestamp type now allow CURRENT_TIMESTAMP to be set as default value
...
Add default values to created and modified columns of Profile_list table to fix issue #338
2018-08-25 14:07:52 +01:00
ddc3cecfc0
Add default values for avatar and attachment directories in web installer
2018-08-25 14:05:56 +01:00
ec98fd0c43
Merge remote-tracking branch 'gnuio/master' into nightly
2017-12-17 18:32:23 +01:00
67a9c0415c
Merge branch 'cache-html-sanitizer' into 'master'
...
set the html sanitizer cache directory to ['cache']['dir'] from the config file;
See merge request gnu/gnu-social!156
2017-12-17 17:25:46 +00:00
a1ea335140
Merge branch 'cli-install' into 'master'
...
Don't write the config file when --skip-config flag is given to the installer.
See merge request gnu/gnu-social!155
2017-12-17 17:25:21 +00:00
0b9a2fdf3a
allow the cmd installer to load the config file from '/etc/gnusocial/config.d/'.$_server.'.php'
...
using the commandline argument as $_server (passed through lib/common.php to lib/gnusocial.php)
2017-12-17 17:59:46 +01:00
3b5fabbe97
set the html sanitizer cache directory to ['cache']['dir'] from the config file;
2017-12-06 01:55:54 +01:00
fdd3d63098
Don't write the config file when --skip-config flag is given to the installer.
...
* scripts/installer_cli.php: Read the arguments list before checking
if the config file is writeable.
2017-11-26 22:14:30 +01:00
ec504ec4df
Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into nightly
2017-09-10 14:06:03 +02:00
a6e33bdd6a
Fixed code so that GNU social can receive Mastodon boosts (from GNU social nightly commit: c741d1a52a)
2017-08-25 11:35:02 +00:00
d9fbc17f77
Merge branch 'nightly' into 'nightly'
...
Added base64 encoding to get RMQ to work
See merge request !151
2017-08-23 15:28:08 +00:00
0b75eaed92
missing argument for sprintf
2017-08-22 19:19:17 +02:00
00cbc852b0
Make use of variable preMention signal method
2017-08-10 11:33:18 +02:00
8dd06cd8d8
Harmonize webfinger formatting and enable variable pre-mention character
2017-08-10 11:25:04 +02:00
945920f24d
Mimetype was not recognized if longer than bare mime
2017-08-05 09:50:42 +02:00
6938d26524
List the thread config value in lib/default.php
2017-08-03 09:53:00 +02:00
90e93b9656
Added base64 encoding to get RMQ to work
2017-07-28 12:42:21 +02:00
457d32e273
Merge branch 'takeshitakenji/gnu-social-twitter-repeat-config' into mmn_fixes
2017-07-11 22:09:12 +02:00
56e2b0007c
Issue #279 raises the point of missing newlines
2017-07-11 21:58:24 +02:00
a7df79ac07
Force arrays in constructors of ActivityStreamJSONDocument and JSONActivityCollection
...
Started using PHP7+ and it started complaining about count() being fed objects
that weren't "Countable". .)
2017-07-10 14:26:01 +02:00
31866be98b
Use intval on ini_get or we use a string for timeout
2017-07-10 14:10:32 +02:00
489099ca91
change default timeout setting for HTTPClient
2017-07-09 22:49:49 +02:00
fb492d4bb2
Remove debug call and change how connect_timeout is set
2017-07-09 20:34:44 +02:00
f0480c34d7
Configure a default timeout for HTTP connections at 60s
...
No requests we do externally should ever take more than 60 seconds. This
could probably be changed for downloading video or whatever for any cache
plugins that want to store data locally, but in general I think even 60s
is way longer than I expect any outgoing requests should take.
This affects everything using HTTPClient, our helper class, and thus all
hub pings, subscription requests, etc. etc.
The value, afaik, includes connect_timeout and if it takes 10 seconds to
establish a connection only 50 seconds is available to transfer data.
2017-07-09 20:28:22 +02:00
c9a9a8bc58
Fulltext indexes are supported in InnoDB since MariaDB 10.0.15
2017-06-22 01:37:43 +02:00
1517deeeb6
Since ActivityContext::CONVERSATION changed to 'conversation' instead of 'ostatus:conversation' we need to add it ourselves
...
the xmlstringerthinger doesn't really use namespaces afaik
2017-05-06 15:27:25 +02:00
ba4a84602a
Output proper HTML and XML headers for single Atom entry
...
RFC5023 <https://tools.ietf.org/html/rfc5023 > specifies that the
content type parameter 'type=entry' should be used to clarify data.
2017-05-06 14:38:46 +02:00
1ccb934541
Return false immediately if $url is empty for common_valid_http_url
2017-05-06 14:38:43 +02:00
434956fc75
Notices start saving selfLink from activities/objects
2017-05-06 14:38:42 +02:00
7da925ca70
Handle selfLink in ActivityObject
2017-05-06 14:38:41 +02:00
d88e9ffd33
Output proper HTML and XML headers for single Atom entry
...
RFC5023 <https://tools.ietf.org/html/rfc5023 > specifies that the
content type parameter 'type=entry' should be used to clarify data.
2017-05-06 12:38:34 +02:00
709f1bbd75
Return false immediately if $url is empty for common_valid_http_url
2017-05-06 12:25:27 +02:00
8a4bec811b
Notices start saving selfLink from activities/objects
2017-05-06 12:15:54 +02:00
7889b21e7b
Handle selfLink in ActivityObject
2017-05-06 11:57:16 +02:00
000af6d9ee
default to #addtag on !group mention
2017-05-02 21:21:53 +02:00
07458e5375
Fixed the parsing of ostatus:conversation etc.
...
Conversation will now start storing remote URL
The namespace features don't work the way they were written for here
so I fixed that, making the ostatus: namespace properly looked up and
then the homegrown getLink function looks for what is back-compat with
StatusNet etc. if I remember correctly.
2017-05-02 18:58:22 +02:00
f4d6710a0f
Change mentions of PuSH to WebSub
...
WebSub is probably finalised before we make a release anyway. Here is
the official spec: https://www.w3.org/TR/websub/
Mostly just comments that have been changed. Some references to PuSH <0.4
are left because they actually refer to PuSH 0.3 and that's not WebSub...
The only actual code change that might affect anything is FeedSub->isPuSH()
but the only official plugin using that call was FeedPoller anyway...
2017-05-01 11:04:27 +02:00
839b3e7392
allowed_schemes was misspelled
2017-04-26 22:12:06 +02:00
adfd76f44b
allowed_schemes was misspelled
2017-04-26 22:11:28 +02:00
5f24fc0986
Blacklist plugin enabled by default (bug fixes will come)
2017-04-25 20:43:31 +02:00
5e7a7701b9
Domain name regular expression into lib/framework.php
...
cherry-pick-merge
2017-04-22 11:26:13 +02:00
2fc4b174c1
Domain name regular expression into lib/framework.php
2017-04-22 11:07:38 +02:00
d2c7c83615
Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into nightly
2017-04-06 13:34:57 +02:00
1b3021d61c
E-mail should contain full acct uri too (FancyName)
2017-04-06 13:23:33 +02:00
550606177b
Merge branch 'fixtests' into 'nightly'
...
Got Old Unittests Passing
See merge request !131
2017-04-06 10:23:12 +00:00
2ce2201496
Show full acct uri as html title on link mouseover
2017-04-06 11:45:58 +02:00
bd24724560
Merge branch 'atom-post' into 'nightly'
...
Add support for Atom entry when posting status
See merge request !135
2017-04-06 09:20:38 +00:00
f2d2f7ebe2
Merge branch 'newListItem-signatures' into 'nightly'
...
Add var type to newListItem() parameter
See merge request !137
2017-04-06 09:11:52 +00:00
b54c7f720c
add configuration option that was documented in CONFIGURE
2017-04-02 11:05:22 +02:00
dc7c64592b
Add var type to newListItem() parameter
...
Fixes some "Declaration of $child::method should be compatible with
$parent::method" warnings.
2017-03-16 22:57:16 -04:00
132b932ff3
Add support for Atom entry when posting status
2017-02-04 20:04:02 +11:00
63322989c2
if zip is fine then application/x-bzip2 is too
2017-01-11 23:30:06 +01:00
c741d1a52a
Make Mastodon retweets parse correctly.
2016-12-05 18:24:55 +01:00
c5a4921176
log with var_export (our shorthand _ve())
2016-10-23 12:14:02 +02:00
8614cd77eb
A good plugin but not necessary as default.
2016-10-22 19:27:07 +02:00
1c5e364880
Merge branch 'master' into mmn_fixes
2016-09-13 11:26:03 +02:00
7d67eefdf5
wrong variable was referenced
2016-09-13 11:24:57 +02:00
500ff6be1a
Merge branch 'master' into mmn_fixes
2016-09-02 01:04:54 +02:00
18670c69b2
Merge branch 'master' of git.gnu.io:gnu/gnu-social
2016-09-02 01:01:57 +02:00
a7043bf7cc
Split up source and source_link. Never trust HTML!
...
https://community.highlandarrow.com/notice/269667
or alternatively: https://social.umeahackerspace.se/conversation/495655
2016-09-02 01:00:52 +02:00
15ab9ff9e3
common_to_alphanumeric added, filtering Notice->source in classic layout
2016-09-02 01:00:08 +02:00
59b93b23e2
Split up source and source_link. Never trust HTML!
...
https://community.highlandarrow.com/notice/269667
or alternatively: https://social.umeahackerspace.se/conversation/495655
2016-09-02 00:55:46 +02:00
e6b3924a5d
common_to_alphanumeric added, filtering Notice->source in classic layout
2016-09-02 00:08:17 +02:00
af6a3aa456
Make Group actions ManagedAction so groupbyid works
2016-08-28 09:34:31 +02:00
a32bfe7d87
TagCloud turned into plugin (performance issues on large installs)
2016-08-27 15:24:25 +02:00
4314a286e3
Less convoluted attachmentlistitem function calls
2016-08-21 09:25:16 +02:00
fc06c599bc
dbqueuemanager should ignore on no-result-exceptions
2016-08-16 20:27:41 +02:00
1f866fcaed
ActivityGenerationTests.php fails but doesn't crash anymore.
...
Fixed an error where a profile id was reused after another profile was
deleted, and the new profile still had the deleted role.
Fixed ActivityGenerationTests::testNoticeInfoRepeated() which was passing
User instead of Profile, throwing errors.
tests/ActivityGenerationTests.php now passes.
CommandInterpreterTest now passes.
Moved JidValidateTest to XmppValidateTest, since Jabber functionality has
moved to the XmppPlugin. Tests work but don't pass, but they are at least
skipped if XmppPlugin is not active.
LocationTest passes, but the tests are not very good. Lots of nulls.
MediaFileTest passes.
NicknameTest passes. Nickname::normalize() now throws an error if the
nickname is too long with underscores.
UserFeedParseTest passes.
URLDetectionTest passes if $config['linkify']['(bare_ipv4|bare_ipv6|
bare_domains)'] are false. Untested otherwise.
Fixed Nickname::isBlacklisted() so it does not throw an error if
$config['nickname]['blacklist'] not set.
2016-08-14 11:55:49 +05:30
557e430c7d
Reference local URLs in addressee list on notices.
2016-08-06 18:32:14 +02:00
e52275e37f
Some comparisons were incorrect (text/html;charset=utf-8 etc.)
2016-07-21 01:38:31 +02:00
d5c733919b
Because the other part of the code works now, this is unnecessary
2016-07-21 00:34:40 +02:00
e8e996182f
Delete file on class destruction or we do it too quickly
...
Source image was removed when trying to use it for resizeTo
2016-07-21 00:23:27 +02:00
46c227bf3a
FileNotFoundException is more proper here
2016-07-15 13:19:16 +02:00
36cfe9f857
Delete successfully generated thumbnail (temporary sources) too.
2016-07-15 12:52:20 +02:00
6332a4d800
Handle FileNotStoredLocallyException in attachmentlistitem
2016-07-07 00:45:31 +02:00
f02d32b718
Reworked File->getUrl to throw exception
...
In case you require a local URL and one can't be generated, throw
FileNotStoredLocallyException(File $file)
2016-07-07 00:44:50 +02:00
71afb5be75
If the file is text/plain, see if we accept the extension
2016-07-06 09:34:09 +02:00
4117118e23
More specific exceptions for mimetype/extension issues.
2016-07-06 09:14:59 +02:00
b4a0bff740
Some mimetype madness!
2016-07-06 08:59:16 +02:00
a833eaa651
Make all hash algorithms available (but whitelist by default)
...
sha1 is whitelisted only because StatusNet requires it.
2016-06-28 11:54:39 +02:00
7978cd6d59
s/EmptyIdException/EmptyPkeyValueException/
2016-06-25 11:50:59 +02:00
0adb7af9a0
Allow a quickHead request, will only return headers
2016-06-24 15:43:20 +02:00
39e8c13afb
Properly parse incoming bookmarks
2016-06-24 13:51:40 +02:00
d00f19663b
bump to beta5 since phpseclib update (which might cause some issues still)
2016-06-18 00:05:54 +02:00
2e8a5aeb23
Merge branch 'tom/noreferrer' into 'nightly'
...
Use noreferrer when linkifying attachments and allow this value in purifier
If you click on a link in your main timeline this effectively identifies you to the site that you visited via the Referer header. (Who goes around reading other people's /user/all, honestly?)
Annoyingly our notice content is already HTML. Rather than attempt to parse and modify the tags in flight, this modification takes the simpler approach of adding the noreferrer tag to inline links by default when notices are composed.
See merge request !127
2016-06-17 16:32:39 -04:00
005b4c8dd1
Merge branch 'strict-warnings' into 'nightly'
...
Fix some strict warnings (Action::prepare, Action::handle)
I know MR with changes to a bunch of files aren't great practice, but I figured since all the changes are one-liners it might not be a huge deal.
Related to #190
See merge request !123
2016-06-17 16:29:47 -04:00
d66b495ba8
Merge branch 'notice-location' into 'nightly'
...
Re-enable notice locations
Removed a stray 'return' statement.
See merge request !125
2016-06-17 16:28:56 -04:00
d4295cfb25
Merge branch 'webmention-rocks' into 'nightly'
...
webmention.rocks
I have improved the webmention handling so that all but two of the webmention.rocks compliance tests pass now. Also improved parsing of time/authors on incoming webmentions.
See merge request !128
2016-06-17 16:26:21 -04:00
5e131aed80
Apparently medium.com uses @ frequently i URLs
...
and we skipped them because we assumed they were urlencoded when copied.
2016-06-17 11:20:36 +02:00
83e7ade714
When there is no useful title, class="p-name e-content"
2016-06-10 21:00:48 +00:00
c1537a1e82
Use noreferrer when linkifying attachments and allow this value in purifier
2016-06-09 19:56:36 +10:00
d02c75d019
Re-enable notice locations
...
Removed a stray 'return' statement.
2016-06-01 21:56:42 -04:00
9de79f0a36
Update prepare() method on Action subclasses.
...
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::prepare() should be compatible with
Action::prepare(array $args = Array)
Ref. #190
2016-06-01 02:26:44 +00:00
ba2975aac8
Update handle() method on Action subclasses.
...
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::handle() should be compatible with
Action::handle()"
Ref. #190
2016-06-01 02:26:44 +00:00
3138fa0b40
Check DB connection before any possible use
2016-05-24 16:49:50 +02:00
bd306bdb9f
Add /download action for attachments
2016-05-09 22:08:36 +02:00
3a6733dc98
2-frame GIF animations weren't recognised as animated
2016-05-04 11:57:55 +02:00
a5a96dd857
Misplaced break/continue statements.
2016-05-04 11:44:00 +02:00
87dd0fbdb6
UseFileAsThumbnailException uses direct File object now
2016-05-04 11:34:50 +02:00
7aa9a69c2f
Link to attachment page instead of big-ass image
2016-05-01 11:35:51 +02:00
9b613029e6
Merge branch 'master' into mmn_fixes
2016-04-18 16:10:50 +02:00
844fe3924e
put local id, href and such in ostatus:conversation element
2016-04-18 16:09:36 +02:00
107f612384
strict type comparison
2016-04-18 15:04:03 +02:00
4645033b98
"In conversation" text in noticelistitem
2016-04-08 13:44:22 +02:00
547f92de07
Don't fail deleteRelated on NoProfileException
2016-04-01 06:51:19 +02:00
44ea8aa681
Make sure $_SERVER['HTTP_REFERER'] isset when testing value
2016-03-31 20:51:50 +02:00
4ea79bc396
I was too quick to save that file (File::getByUrl takes 1 arg)
2016-03-29 14:33:40 +02:00
2f91cb0df7
We should assume all verbs and such are their full URIs in our db
2016-03-29 12:57:52 +02:00
dcffe5d992
Forgotten File::getByUrl conversations (performance++)
2016-03-29 12:13:53 +02:00
88e2f739a9
DOMElement not DOMDocument
2016-03-28 16:23:15 +02:00
7bef2ad4cc
Update Profile Data script fixes, might work for groups too now
2016-03-28 16:19:47 +02:00
f134a423f6
rename config option site/logdebug to log/debugtrace
2016-03-27 16:36:58 +02:00
9fa18fa366
HTTPClient::quickGet now supports headers as argument
...
They should be in a numeric array, already formatted as headers,
ready to go. (Header-Name: Content of the header)
2016-03-24 02:44:11 +01:00
f83b81b8c4
Change config webfinger/http_alias to fix/legacy_http
...
Set $config['fix']['legacy_http'] to perform some actions that are
needed if your site used to be served over http but now has upgraded
to https!
2016-03-23 15:21:02 +01:00
8933022edc
Forgot a microsummary route in the latest commit
2016-03-22 22:37:59 +01:00
dafe775ffa
Microsummaries had issues and were removed in Firefox 6.0 anyway
...
It is argued there are many better ways to get a "micro summary" of
a profile or site.
2016-03-22 22:31:01 +01:00
39ebb64b85
Added proper enabling and disabling of sending RTs to Twitter.
2016-03-21 07:12:52 -07:00
38f7deca78
Avoid "property of non-object" PHP notice.
2016-03-21 11:17:25 +01:00
1e89369ef8
geometa.js doesn't exist anymore
2016-03-21 03:23:39 +01:00
ae681b10e7
geometa.js doesn't exist anymore
2016-03-21 03:11:22 +01:00
980085a8a3
Merge branch 'master' of git.gnu.io:gnu/gnu-social into mmn_fixes
...
Conflicts:
plugins/Minify/extlib/minify/README.txt
plugins/Minify/extlib/minify/UPGRADING.txt
plugins/Minify/extlib/minify/min/README.txt
plugins/Minify/extlib/minify/min/builder/index.php
plugins/Minify/extlib/minify/min/lib/JSMin.php
plugins/Minify/extlib/minify/min/lib/Minify.php
plugins/Minify/extlib/minify/min/lib/Minify/CSS.php
plugins/Minify/extlib/minify/min/lib/Minify/CSS/Compressor.php
plugins/Minify/extlib/minify/min/lib/Minify/Controller/Page.php
plugins/Minify/extlib/minify/min/lib/Minify/Packer.php
plugins/Recaptcha/RecaptchaPlugin.php
2016-03-21 03:10:19 +01:00
cd24f7d30a
Issue #166 - we test exif data below, no need for error output
2016-03-21 02:56:47 +01:00
cdcf6cdb25
Hacky method to avoid cutting conversation "more" link out
2016-03-21 02:42:28 +01:00
aa3865c303
Split threaded notice list classes into own files.
2016-03-21 02:33:57 +01:00
11c57e7aee
Remove Google References
...
This removes most references to Google, with some
remaining since they may point to things which are still
relevant. References to Google Code, Google Buzz and
Google Maps have been removed
2016-03-20 13:06:58 +00:00
349e842078
UPDATE ActivityVerb
2016-03-14 15:26:03 +01:00
ca8f0f84c4
Woops, forgot to include this file!
2016-03-14 15:25:05 +01:00
5ca2a28246
Make oEmbed handle our http/https setting better.
2016-03-10 14:20:21 +01:00
bd75305560
Define-ify excluded end-characters of URL autolinking
2016-03-09 15:16:47 +01:00
c769924505
Reduce the number of allowed characters in auto-linking URLs.
2016-03-09 15:05:36 +01:00
d179afa303
Save allowed path/qstring/fragment characters in constants
2016-03-09 14:51:52 +01:00
e2c6f2f96f
Let's be consistent with URL verbs
2016-03-08 20:01:06 +01:00
cfc82591da
chmod 0775 directories we create
...
Security for the 'g+rx' should be handle by having the parent directory
inaccessible for global users, which is usually the case.
2016-03-07 23:23:32 +01:00
4e5c0e70a6
fillConfigVoids to set default value of empty config options
2016-03-07 22:55:52 +01:00
265fa12917
Relatively experimental change to store thumbnails in 'file/thumb/' (by default)
2016-03-07 22:33:34 +01:00
158b323767
Declare AdminpanelAction::canAdmin as static, since that's how it's used.
2016-03-06 17:31:40 +01:00
6ec72b2978
Move mail_confirm_address out of mail.php
2016-03-06 17:27:40 +01:00
0785e2910f
Merge branch 'no_sandboxed_repeats_branch' into 'nightly'
...
Don't include repeated notices from sandboxed users in the public timeline
See merge request !115
2016-03-05 08:08:42 -05:00
97ac722b24
Accessibility navigation improvement
2016-03-05 12:42:53 +01:00
7ca0ff9a19
MediaFile::fromUpload handles missing local file better
2016-03-05 12:05:12 +01:00
1db02d7f36
filename_base option isn't optimal
...
For different "download filenames" we should use some other method.
2016-03-05 11:59:46 +01:00
57d57b8d8f
Handle reuploads via filehandle better if original is missing
2016-03-05 01:26:34 +01:00
952f68fed5
File upload logging for dummies
2016-03-05 00:59:39 +01:00
7d4658643d
the repeated notice can be from a sandboxed user too
2016-03-04 16:53:57 -05:00
dc1ceca86e
Some more Microformats2 data for notices and rendering
2016-03-02 13:29:54 +01:00
6529fdd28d
Proper Microformats2 h-entry p-name + u-uid markup
2016-03-02 13:10:02 +01:00
d6598e790c
Introduce a ConfigException
2016-03-02 12:33:06 +01:00
9534969c05
Don't set is_local=LOCAL_NONPUBLIC on sandboxed user notices
...
Let's decide whether they are nonpublic by testing them when the notice
is shown instead.
2016-03-02 12:26:23 +01:00
a3b2118906
Make the public streams ModeratedNoticeStream (hide sandboxed users etc.)
...
Which streams should be put under ModeratedNoticeStream is probably open
to debate. But at least the public ones should hide the posts from users
that are sandboxed.
2016-03-02 11:50:50 +01:00
b4271a3533
Stricted typing + protected on FilteringNoticeStream->filter
2016-03-02 11:40:43 +01:00
99fbb181c1
Translation changes, use FancyName in email subject
2016-03-01 23:53:36 +01:00
47f408ca7c
Strict typing for mail_notify_attn
2016-03-01 23:37:11 +01:00
63c087a255
Consistent behaviour for ScopingNoticeStream $scoped
...
We don't guess the current profile anymore if the value of the profile === -1
Also sets $this->scoped for all ScopingNoticeStream inheritors, which just
like in an Action can be null if we're not scoped in any way (logged in).
2016-03-01 14:51:47 +01:00
7862b853bf
Make javascript XHR timeout a variable.
...
SN.V.xhrTimeout = [time in milliseconds];
2016-03-01 13:10:18 +01:00
6c43e9c2e0
Verify loaded config function, must be completed further.
2016-02-28 13:31:21 +01:00
747c91210f
HTMLPurifier cache settings, put stuff in subdir of get_sys_temp_dir()
2016-02-28 13:30:47 +01:00
cd978fa153
Edited the list of allowed rel values
2016-02-28 13:16:52 +01:00
52a3764ae4
Resolve relative URLs (assuming URI.Base==notice URL)
...
The real way to do this would be to get the xml:base property from
the Atom feed but it's probably not there in any posts we see today.
2016-02-26 14:46:26 +01:00
29662eef5e
Mentioning matches (@this too) now.
2016-02-26 00:08:51 +01:00
2669c51265
Allow sgf files if they're recognized in mime search
...
They are Go game files used on lamatriz.org. Note that my server
doesn't actually recognize these files and can identify the mime type,
but my browser did for some reason.
2016-02-26 00:05:07 +01:00
e6e1705852
Make uploads work properly if we accept _all_ attachment types
...
Also introduced $config['attachments']['extblacklist'] that can disable
certain file extensions (or rewrite them, for example php => phps)
2016-02-25 22:15:54 +01:00
128a00c4ab
Include feeds in Link HTTP headers, for easier discovery
2016-02-24 16:48:44 +01:00
b59dacb806
getAliases for Profile and Notice
...
Also move fancyurlfix into site-wide $config['fix']['fancyurls']
TODO: getByUri should make use of this directly I guess?
2016-02-23 14:00:59 +01:00
5f7032dfee
Verify that authenticated API calls are made from our domain name.
...
Evil forms on other websites could otherwise potentially be configured
to have action="https://gnusocial.example/api/statuses/update.json " or
whatever. XHR is already blocked with CORS stuff.
Really, why do browsers allow cross domain POSTs at all? Sigh. The web.
2016-02-22 15:19:10 +01:00
ce803f6d06
WebFinger aliases with 'index.php/'
2016-02-21 20:00:07 +01:00
893d117309
throw new, not just throw
2016-02-21 19:01:37 +01:00
23e66bef64
common_fake_local_fancy_url to remove index.php/ from a local URL
2016-02-21 18:48:18 +01:00
afbdcf8938
Don't publish mbox_sha1sum in FOAF by default.
...
We say the email is private data, so reasonably we shouldn't reveal it
indirectly through a hash sum: http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2016-02-19 00:10:05 +01:00
a838c90951
Only show "public:site" in ToSelector if notice/allowprivate is true
2016-02-18 00:33:16 +01:00
f68d1ade3f
Put "Everyone" and "Everyone at [local instance]" at the top of ToSelector
2016-02-18 00:32:09 +01:00
543d968b81
NoAcctUriException->profile not $e directly
2016-02-18 00:13:59 +01:00
a361fdbd77
Sort ToSelector by AcctUri
2016-02-18 00:05:09 +01:00
73dbc5ca1b
Use ToSelector choice again.
2016-02-17 23:44:15 +01:00
d2c11925bf
To-selector padlock only shown if site config notice/allowprivate is true
2016-02-17 23:06:11 +01:00
5fbb01130a
By default, disallow users to set private_stream
2016-02-17 22:58:31 +01:00
d2507a6266
Gotta declare FullNoticeStream as abstract class
2016-02-16 02:24:38 +01:00
46829c6d3c
FullNoticeStream selects all verbs.
2016-02-16 02:21:39 +01:00
2d1b70c94d
created column was ambigououuuouuus
2016-02-15 09:59:34 +01:00
2301862ae6
We only want POST and SHARE in the inbox/home timeline right?
2016-02-15 09:59:18 +01:00
dcb7ce36d8
Show shares in public timeline
...
Also, the unselect rule for DELETE was useless anyway since it would
already have been filtered out by not having true.
(the => false stuff are for when you want ALL _except_ that)
2016-02-14 20:53:26 +01:00
e2a090c9cc
Use NoticeStream::filterVerbs for filtering in noticestreams
2016-02-14 20:46:13 +01:00
be14e15dac
Hide attachments in notices by silenced profiles
2016-02-13 13:17:39 +01:00
e5ad98e601
Silence action can only be used on non-priviliged users
2016-02-12 14:22:25 +01:00
f10625f8bc
file and avatar dirs on instances with no such dirs in filesystem
2016-02-12 02:29:33 +01:00
338df7e35b
Fix Nickname::isSystemPath() work properly for routes
2016-02-12 02:21:11 +01:00
67dfc0a046
application/xml allowed in uploads
2016-02-11 00:04:14 +01:00
733debd9b3
Use thumbnail upscaling config value
2016-02-10 04:40:54 +01:00
8806cce735
Default to avoid upscaling of thumbnails. 45x45=>450x450 is ugly
2016-02-10 04:40:10 +01:00
a61235086b
Use config site/sslproxy to force HTTPS (i.e. using reverse proxy to enable it)
...
Usage in config.php: $config['site']['sslproxy'] = true;
Add this to documentation...
2016-02-10 01:05:02 +01:00
ec257d940a
Either use or don't use HTTPS
...
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
2016-02-10 00:57:39 +01:00
dcf29c2a07
s/isHTTPS/useHTTPS/ for HTTPS URL generation
2016-02-10 00:38:14 +01:00
cd71188d3a
SimpleCaptcha plugin to stop basic bots
2016-02-08 17:47:09 +01:00
d98784e059
Use functions instead of accessing properties in twitterUserArray
2016-02-08 12:21:58 +01:00
2938b3e960
Don't return true on requiresAuth if screen_name==='0'
2016-02-08 12:14:35 +01:00
13cf744fb3
Allow screennames that are === '0'
2016-02-08 11:40:46 +01:00
2686635f60
Keep the rel="tag" in HTML when purifying
2016-02-07 12:50:26 +01:00
d6664f5735
Hidespam by default
...
...why would something described as "Whether to hide silenced users from timelines"
be set to false by default? :)
2016-02-07 02:33:53 +01:00
098c8b1df4
NoHttpResponseException extends HTTP_Request2_ConnectionException
2016-02-07 01:52:20 +01:00
60804d1902
ES3 compatibility layer not necessary (noone uses IE8 etc.)
...
All browsers with javascript support also support ES5 nowadays. Anyone
using older software should upgrade for other reasons, such as security.
2016-02-04 11:37:24 +01:00
d5ecbd05a1
Forgot a break in a switch when rendering attachments.
2016-02-03 19:32:51 +01:00
9960714896
Disallow zero-length magnet URIs
...
magnet: would match, but now we have a zero-length lookahead which
requires the following character to be a question mark: magnet:?
2016-02-03 15:26:19 +01:00
90045d66ea
HTMLPurifierSchemes plugin to allow geo and magnet URIs
2016-02-03 14:36:51 +01:00
349dba8be0
Only allow our specified URI schemes
2016-02-03 14:31:16 +01:00
e903bd0bc3
Hacky support for geo URI detection
...
Won't work with common_purify yet because there is no geo uri scheme for it
2016-02-03 14:19:08 +01:00
b1ed1f48ea
Configurable linkify for bare IPv4/IPv6
2016-02-03 12:55:00 +01:00
84930f89f9
Don't allow account backups by default.
2016-02-03 01:08:36 +01:00
19b743a9f5
Set time limit to increase time backupaccount can take
...
Wills till run out of memory probably, we should fix that.
2016-02-03 01:04:14 +01:00
9fcfb7cb1d
Proper error message on too much POST data
2016-02-03 01:03:58 +01:00
a2b914ce60
Get URL schemes by URL type
2016-02-03 00:18:37 +01:00
Diogo Cordeiro
Daniel Supernault
Miguel Dantas
brunoccast
Mikael Nordfeldth
nee
Sebastian
abjectio
Chimo
Thomas Karpiniec
Roger Braun
Nym Coy
Stephen Paul Weber
Sandro Santilli
Neil E. Hodges
Bob Mottram
hannes