GNUsocial
/
gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity
10,845 Commits 8 Branches 4 Tags 309 MiB
Commit Graph

3594 Commits

Author SHA1 Message Date
Evan Prodromou 36baff3d41 Merge remote branch 'gitorious/master' 2010-10-29 11:14:00 -04:00
Evan Prodromou c8dab140f4 add a hack to show ads on single-notice pages 2010-10-29 11:13:33 -04:00
Brion Vibber fb0c3f4f99 Kill a ping queue item if we get an error on loading up the notice's poster's profile, rather than letting the item be retried over and over as if it were a transitory error. 
This shouldn't generally happen as it's an indicator of database inconsistency, but it's a condition we know happens.
 2010-10-28 12:58:30 -07:00
Craig Andrews 22a0cf6251 Set cookies with "secure" flag on SSL sites. Improves security. 2010-10-26 17:55:09 -04:00
Zach Copley 78396db28a Forgot to add the OAuth verifier pin page to sensitive array 2010-10-25 12:36:03 -07:00
Zach Copley 0dcc3f8d71 We don't need to have editapplication (only showapplication) in the 
sensitive array because it doesn't expose the consumer keypair
 2010-10-25 12:10:52 -07:00
Zach Copley 3954ab39ae Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL if 
available
 2010-10-25 11:52:17 -07:00
Brion Vibber eb30c6651a Additional fixes found while looking at ticket #2532: when given a screen name as API parameter for a profile, do the nickname lookup on local users only. The profile table can't guarantee unique lookups, so using names isn't currently safe there. This won't affect anything using local nicknames correctly, and may avoid some weird bugs if there were conflicts between local and remote nicknames. 2010-10-22 13:53:10 -07:00
Brion Vibber 2d124e4aab Fix for ticket #2532: fixed API block create/destroy when specifying the target user/profile as a separate query parameter, such as api/blocks/create.xml?param=xxx 
The router settings weren't quite right so we ended up with bogus regex values passed in as the 'id' parameter, which broke the regular fallback ordering of parameter checks.
 2010-10-22 13:51:28 -07:00
Zach Copley 3969870cf3 Normalize HTML body ids to lowercase when the user is logged out as well. 2010-10-22 18:32:08 +00:00
Brion Vibber d6f4588b9e Workaround for http_build_query() oddities in low-level router parent code when PHP config is set with non-default separator. 2010-10-21 19:10:43 -07:00
Zach Copley 0b134d3e69 Re-camelcase ApiOauthAuthorizeAction so it will be accessible when 
a site is in pivate mode
 2010-10-21 18:15:11 -07:00
Zach Copley fb86e7c285 Normalize all action HTML body ids to lowercase 2010-10-21 13:03:56 -07:00
Zach Copley 648f79be10 Change OAuth authorization page's action name to be inline with 
other web page action names so the body id outputs correctly. Fix
some other bugs.
 2010-10-21 13:00:59 -07:00
Zach Copley 500157998a Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2010-10-21 01:18:53 +00:00
Zach Copley f283a283b7 Fix syntax error 2010-10-21 01:17:59 +00:00
Siebrand Mazeland fb12094f61 i18n/L10n updates, translator docs updated, superfluous whitespace removed. 2010-10-21 03:10:46 +02:00
Zach Copley bfdb8385ec Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 
Conflicts:
	actions/apioauthauthorize.php
	lib/apioauthstore.php
 2010-10-20 17:28:28 -07:00
Zach Copley e56385a7bb Use a new table (oauth_token_association) to associate authorized 
request tokins with OAuth client applications and profiles.
 2010-10-20 17:21:04 -07:00
Siebrand Mazeland 28ec9d6463 * translator documentation added. 
* moved some translator comments that were not directly above the line with the message to the correct location.
* i18n for UI text.
* superfluous whitespace removed.
 2010-10-21 01:12:56 +02:00
Brion Vibber 8004e2809d Fix for ticket #2845: singleuser nickname configuration was being overridden by site owner in router setup. 
I've consolidated the checks for which user to use for single-user mode into User::singleUser(), which now uses the configured nickname by preference, falling back to the site owner if it's unset.
This is now called consistently from the places that needed to use the primary user's nickname in routing setup.

Setting $config['singleuser']['nickname'] should now work again as expected.
 2010-10-20 14:34:25 -07:00
Siebrand Mazeland e980da3d20 Add FIXME 2010-10-20 20:01:12 +02:00
Siebrand Mazeland dc62cf1c0b * i18n/L10n fixes. 
* translator documentation updated/added.
* superfluous whitespace removed.
 2010-10-20 19:34:27 +02:00
Siebrand Mazeland 17f5cc4f29 Merge branch '0.9.x' of git://gitorious.org/statusnet/mainline into 0.9.x 2010-10-20 18:26:51 +02:00
Siebrand Mazeland 1459110124 Fix nasty bug in parameter for e-mail notification for favourite. 2010-10-20 11:16:21 +02:00
Zach Copley 5ca29ab0de Merge branch 'anon-consumer' into 0.9.x 2010-10-19 21:01:53 -07:00
Zach Copley e8b6d7c946 Add support for an anonymous OAuth consumer. Note: this requires a 
small DB tweak.  Oauth_application_user needs to have the primary
compound key: (profile_id, application_id, token).

http://status.net/open-source/issues/2761

This should also make it possible to have multiple access tokens
per application.

http://status.net/open-source/issues/2788
 2010-10-19 20:54:53 -07:00
Siebrand Mazeland 25b9552ec3 More complete sentence and translator documentation added. 2010-10-20 00:53:42 +02:00
Siebrand Mazeland 4b4894b121 Many i18n/L10n updates and lots of descriptions for translators added. 2010-10-20 00:35:39 +02:00
Zach Copley 5ac694c74f Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-19 12:08:48 -07:00
Zach Copley 5866493cae OAuth - better log messages 2010-10-19 12:07:59 -07:00
Brion Vibber e8da3618c2 Bump version/string: 0.9.6 "Man on the Moon" 2010-10-18 14:49:02 -07:00
Brion Vibber edf8990aa9 fix notice on non-https views 2010-10-18 11:12:26 -07:00
Evan Prodromou 47ac8458ca default for nofollow external is sometimes 2010-10-18 11:41:18 -04:00
Evan Prodromou 7c05b0dafc options to nofollow external links in notices 2010-10-18 11:29:52 -04:00
Brion Vibber a2090ecc97 Merge branch '2828' into 0.9.x 2010-10-14 16:52:01 -07:00
Brion Vibber 3f74f44603 Fix for ticket #2828: apostrophe in site name set in installer created a broken config.php. 
Now running values through var_export() before putting them into the config.php, ensuring strings will be properly quoted.
 2010-10-14 16:25:43 -07:00
Evan Prodromou 1a4dc03bfe document and default for site|ssllogo 2010-10-14 14:56:38 -04:00
Evan Prodromou 8f3b18f27f fix copy-and-paste error in javascript url creation 2010-10-14 14:53:20 -04:00
Evan Prodromou 72454db118 make the logo be compatible with HTTPS pages, if possible 2010-10-14 14:22:49 -04:00
Evan Prodromou b31c49c5d4 Make HTTPS urls in File::url() if necessary 2010-10-14 14:22:17 -04:00
Evan Prodromou 97a7fb246c correctly use sslserver if it is set 2010-10-14 01:35:11 -04:00
Evan Prodromou 7436e5d13e use HTTPS for scripts and stylesheets if the current page is HTTPS 2010-10-14 01:09:02 -04:00
Evan Prodromou ac63f8baae show HTTPS urls for JavaScript if HTTPS used for page 2010-10-14 01:00:13 -04:00
Evan Prodromou 74c5aa8f9a consolidate some theme path code between ssl and non-ssl 2010-10-14 00:59:53 -04:00
Evan Prodromou ca0323d01b use HTTPS for favicon.ico if page is HTTPS 2010-10-14 00:50:26 -04:00
Evan Prodromou d91f894ccb try to show HTTPS-encrypted theme files for HTTPS-encrypted pages 2010-10-14 00:46:32 -04:00
Evan Prodromou 40c64388e6 try and show an SSL image for the creative commons image 2010-10-14 00:31:13 -04:00
Evan Prodromou cef10c7167 add static method StatusNet::isHTTPS() 2010-10-14 00:16:23 -04:00
Evan Prodromou ddb60a8191 Merge remote branch 'gitorious/0.9.x' into 0.9.x 2010-10-13 15:18:32 -04:00