Commit Graph

4136 Commits

Author SHA1 Message Date
Mikael Nordfeldth
0deaf6c50c use common_purify to purify HTML, one function to rule them all 2015-02-18 00:14:28 +01:00
Mikael Nordfeldth
9aa59c7f62 forgot primary key column to updateWithKeys in SalmonAction 2015-02-17 21:31:35 +01:00
Mikael Nordfeldth
59763ceecb SalmonAction now updates remote URI if it was stale.
After doublechecking two identities so that they match (like one that was
previously http:// but now is https://) we update the URI in our database
to match.

This has to be verified so it's not easy to fool our script and thus make
us replace legitimate URIs with fake ones. I believe the callback method
is safe, but I'm not sure how well it handles HTTP MITM attacks etc.
2015-02-17 17:35:45 +01:00
Mikael Nordfeldth
2b93643277 Don't default to publishing http: alias!
It seems to have caused a problem with at least an older codebase of
remote GNU social sites, but either way we shouldn't present the user
as aliased on an insecure connection if there is no real reason to.
2015-02-15 13:33:36 +01:00
Mikael Nordfeldth
396f1e92ca Present http:// alias by default in WebFinger output
because it might help us (and especially StatusNet sites) to recognize
profiles that have migrated from HTTP to HTTPS!
2015-02-15 13:17:51 +01:00
Mikael Nordfeldth
e9457db8b2 DirectMessages backed up properly for UAS 2015-02-13 11:54:15 +01:00
Mikael Nordfeldth
44191ac81a Faves backed up properly to UAS 2015-02-13 11:52:29 +01:00
Mikael Nordfeldth
cdf2b28854 UAS protected property user solved with getUser() 2015-02-13 11:39:50 +01:00
Mikael Nordfeldth
f5bb0431da schemaDef coding style fixes 2015-02-12 17:45:02 +01:00
Mikael Nordfeldth
13f1c2cc55 Missing uri property of QnA_Answer class 2015-02-12 17:44:05 +01:00
Mikael Nordfeldth
dc495a52ea Merge commit 'refs/merge-requests/39' of https://gitorious.org/social/mainline into merge-requests/39 2015-02-09 11:35:19 +01:00
Chimo
74d4e2fa10 TwitterBridge: don't array_merge() non-arrays
Fixes: ErrorException: [2] array_merge(): Argument #2 is not an array
2015-02-08 20:11:50 -05:00
Chimo
55321af4c8 Make TwitterBridge less noisy
Empty timelines are no longer warnings, but debug information
2015-02-08 20:07:23 -05:00
Mikael Nordfeldth
c6b1b3e5e3 Merge commit 'refs/merge-requests/30' of https://gitorious.org/social/mainline into merge-requests/30 2015-02-08 23:19:53 +01:00
Mikael Nordfeldth
39dce9e348 Merge commit 'refs/merge-requests/36' of https://gitorious.org/social/mainline into merge-requests/36 2015-02-08 23:11:47 +01:00
Chimo
11053431d6 Populate 'created' property on ostatus_source
The 'created' column in ostatus_source SQL table has NOT NULL restriction.
INSERTs fail when running MySQL/MariaDB in strict mode if this is not
populated.
2015-02-08 13:41:29 -05:00
Mikael Nordfeldth
305ef6ad85 Older versions of PHP couldn't do array indexes on function returns. 2015-02-08 11:53:47 +01:00
Mikael Nordfeldth
1bda6fb9be General code quality improvement for easier understanding
Also made sure we only match local group IDs in recognizedFeed for PushhubAction
2015-02-08 11:47:15 +01:00
Mikael Nordfeldth
4b77f88a17 Merge commit 'refs/merge-requests/34' of https://gitorious.org/social/mainline into merge-requests/34 2015-02-08 11:21:36 +01:00
Chimo
56c0cd621a Remove NOT NULL restriction on FeedSub last_update
Fixes an issue where INSERTs fail if MySQL/MariaDB runs in "strict
mode".
2015-02-07 11:08:03 -05:00
Chimo
937adf05c9 Remove NOT NULL restriction on HubSub 'lease'
This fixes an issue where INSERTs in HubSub fail if MySQL/MariaDB is
running in "strict mode" since the default lease time in
PushHubAction::subunsub is null.

Permanent subscriptions have been removed in PuSH v0.4, but they are
being kept here for backward-compatibility with previous GS/SN versions.
2015-02-07 10:46:13 -05:00
Mikael Nordfeldth
f141565104 Allow delete-inactive for gcfeeds
Garbage collecting should also allow to clean up leftover database entries.
2015-02-04 16:49:03 +01:00
Mikael Nordfeldth
7cce2e17ff FavoritePlugin uses getConfigPref for profile setting 2015-02-03 22:02:19 +01:00
Mikael Nordfeldth
3f7a305b2a $this out of context (use $rcpt) 2015-02-03 21:15:37 +01:00
Mikael Nordfeldth
7666ac34f9 Revert "Notices for faves are already sent as they are notices now."
This reverts commit 636d5141e9.

We want the salmon notifyActivity call
2015-02-03 17:50:21 +01:00
Mikael Nordfeldth
9827e6ad84 The favorite activity is an activity. 2015-02-03 16:53:51 +01:00
Mikael Nordfeldth
636d5141e9 Notices for faves are already sent as they are notices now. 2015-02-03 16:44:13 +01:00
Mikael Nordfeldth
adc4dfc081 Wrong variable name (s/fave/object/) 2015-02-03 16:43:56 +01:00
Mikael Nordfeldth
660e8c6efc Fave::addNew now calls Notice::saveActivity
as a bonus we've fixed several FIXME issues for favorite email notification
and updated parts of the codebase for these activities to a more modern style.
2015-02-03 16:34:11 +01:00
Mikael Nordfeldth
0bcecda177 more activity-like terminology in variable names 2015-02-03 15:12:29 +01:00
Mikael Nordfeldth
1104ea2a0e Fave insert logging directly in insert() 2015-02-03 14:58:22 +01:00
Mikael Nordfeldth
000b7675d8 Vimeo oEmbed thumbnail host added to whitelist 2015-02-02 11:14:13 +01:00
Mikael Nordfeldth
acd36698b4 A bunch of clientError that were called as serverError
Calling serverError with a clientError status code (4xx) means it will
automatically default to Internal Server Error (500) which is in the
server error status code range (5xx). That is undesirable.
2015-01-29 23:35:49 +01:00
Mikael Nordfeldth
acec8b8cf2 Default value false for $force on Ostatus updateAvatar 2015-01-27 14:14:24 +01:00
Mikael Nordfeldth
cc996f58db Test in Ostatus_profile if avatar is an image before writing to filesystem
This clears one FIXME...

We also fix HTTPClient::quickGet() (and a related call in OStatus testfeed.php).
2015-01-27 14:00:39 +01:00
Mikael Nordfeldth
cdd3c52633 Handle groups better in Ostatus_profile->updateAvatar 2015-01-27 13:38:11 +01:00
Mikael Nordfeldth
482f61ac15 OStatusSub should use inherent attributes
No need to make several common_current_user calls and then getProfile
directly after that, since we have stuff like $this->scoped.
2015-01-27 13:23:49 +01:00
Mikael Nordfeldth
cf46de6ca7 Ostatus_profile smarter test if avatar exists
If you accidentally deleted a remote user's avatar from filesystem,
it'd take until its URL was updated that you got it back. Now it
happens if the local avatar file doesn't exist.
2015-01-26 17:43:09 +01:00
Mikael Nordfeldth
697a00d8e1 Force updateAvatar if desired 2015-01-26 17:26:51 +01:00
Mikael Nordfeldth
7beec74f0c Differentiate on group and user for WebFinger data 2015-01-26 12:18:35 +01:00
Mikael Nordfeldth
a8e613e508 Animated GIF restructuring, ImageMagick only used for resizing animated sequences. 2015-01-25 23:00:00 +01:00
Mikael Nordfeldth
2a7d45c986 No need for ImageMagick to detected animated GIF 2015-01-25 22:45:25 +01:00
Mikael Nordfeldth
3f65bf45ab No reason to stop the event 2015-01-25 22:32:01 +01:00
Mikael Nordfeldth
4dd6d7869e Maybe we can detect animated files in core 2015-01-25 22:11:46 +01:00
Mikael Nordfeldth
470971cf47 File_thumbnail uses file_id as PRI 2015-01-25 13:13:01 +01:00
Mikael Nordfeldth
12058c30b4 Managed_DataObject->updateWithKeys throws its own exception 2015-01-25 12:54:08 +01:00
Mikael Nordfeldth
4917a422a1 updateKeys -> updateWithKeys (w/ functionality) 2015-01-25 12:07:26 +01:00
Mikael Nordfeldth
0e0783ee8c Regexp for Oembed domain matching 2015-01-25 11:18:57 +01:00
Mikael Nordfeldth
85e644d647 Remote thumbnail fetching from trusted sources
So far we only trust i.ytimg.com for YouTube thumbnails, but you can
configure the Oembed plugin in config.php by setting the plugin's class vars:

   addPlugin('Oembed', array('param'=>'value', ...));

Some might think this is a security risk or privacy invasive, but as the Oembed
script is already calling remote sites to get information _about_ linked media,
the way to stop it is to disable the Oembed plugin. However it is not certain
it has been migrated out into a plugin properly yet. But try it if you want to.
2015-01-25 02:34:40 +01:00
Mikael Nordfeldth
999175d741 File_oembed::byFile to avoid littering with getKV 2015-01-25 02:32:04 +01:00