Evan Prodromou
99d538af58
docfiles can take arguments
2011-04-18 09:03:43 -04:00
Evan Prodromou
e53edc2b6b
allow user properties in documentation files
2011-04-18 06:17:28 -04:00
Zach Copley
0f9d6f4c82
DirectoryPlugin - Hijack router mapping for normal groups page to substitute a directory page
2011-04-13 15:09:45 -07:00
Zach Copley
e75c9988eb
Merge branch 'people_tags_rebase' into 1.0.x
...
Conflicts:
EVENTS.txt
2011-04-10 08:10:01 +00:00
Evan Prodromou
c382a1d8cc
fix errant class in notice content
2011-04-09 17:05:59 -04:00
Evan Prodromou
ec1579474c
add classes to profile and group links in notices
2011-04-09 15:42:27 -04:00
Shashi Gowda
5a2bab07b2
Merge remote-tracking branch 'mainline/1.0.x' into people_tags_rebase
...
Conflicts:
actions/tagother.php
classes/Profile.php
classes/Profile_tag.php
js/util.min.js
2011-03-30 15:47:42 +05:30
Evan Prodromou
83fb5e6023
Mass replacement of #-comments with //-comments
...
like leprous boils in our code. So, I've replaced all of them with //
comments instead. It's a massive, meaningless, and potentially buggy
change -- great one for the middle of a release cycle, eh?
2011-03-22 11:54:23 -04:00
Shashi Gowda
31c1177970
Merge branch '1.0.x' into people_tags_rebase
...
Conflicts:
EVENTS.txt
actions/peopletag.php
actions/tagother.php
classes/Notice.php
js/util.js
js/util.min.js
lib/accountprofileblock.php
lib/action.php
lib/activityobject.php
lib/command.php
lib/personalgroupnav.php
plugins/OStatus/OStatusPlugin.php
2011-03-22 07:56:25 +05:30
Siebrand Mazeland
a4e334a0ba
Translator documentation added/updated.
...
i18n updates.
Superfluous whitespace removed.
2011-03-18 18:03:41 +01:00
Evan Prodromou
c99f6f6afc
remove a bunch of common_debug() calls for url shortening
2011-03-16 10:26:14 -04:00
Shashi Gowda
4b8ee81ca9
Utility functions for people tags
2011-03-06 23:33:39 +05:30
Zach Copley
b7d0746694
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
actions/confirmaddress.php
actions/emailsettings.php
actions/hostmeta.php
actions/imsettings.php
actions/login.php
actions/profilesettings.php
actions/showgroup.php
actions/smssettings.php
actions/urlsettings.php
actions/userauthorization.php
actions/userdesignsettings.php
classes/Memcached_DataObject.php
index.php
lib/accountsettingsaction.php
lib/action.php
lib/common.php
lib/connectsettingsaction.php
lib/designsettings.php
lib/personalgroupnav.php
lib/profileaction.php
lib/userprofile.php
plugins/ClientSideShorten/ClientSideShortenPlugin.php
plugins/Facebook/FBConnectSettings.php
plugins/Facebook/FacebookPlugin.php
plugins/NewMenu/NewMenuPlugin.php
plugins/NewMenu/newmenu.css
2011-02-28 15:39:43 -08:00
Brion Vibber
2bd9532ebe
Merge branch 'master' into 0.9.x
2011-02-28 10:18:18 -08:00
Brion Vibber
6a6584741f
Fix for ticket #2248 : flickr etc URLs that contain @ in the paths etc no longer accidentally trip the mailto: thingy
2011-02-25 15:46:35 -08:00
Brion Vibber
0291c6f7cd
Merge branch 'unicode-tag' into 0.9.x
2011-02-25 10:17:03 -08:00
Brion Vibber
295e2bde56
Unicodize a couple regexes for tags: fixes linking & detection of non-ASCII tags that match the current regexes.
...
(Checks for 'letter' and 'number' characters, underscore, dash, and period.)
2011-02-23 16:37:55 -08:00
Evan Prodromou
1525acdca1
Extend authorization framework to cover login and API use
...
I've extended the rights framework (centering on the Right class and Profile::hasRight()) to cover
Web login and API use. This will make it possible to prevent login and API use by users.
I added two new Right constants to the Right class: WEBLOGIN and API. I check these rights using
Profile::hasRight() when initializing users. If the rights check fails, I throw an exception.
I created a new AuthorizationException class for this particular
exception, in order to allow a different UI for these kinds of exceptions (or whatever).
2011-02-21 10:20:42 -05:00
Brion Vibber
de7726dd00
Performance counters: records number of total and unique cache get/set/incr/deletes and queries, and logs to syslog.
...
$config['site']['logperf'] = true; // to record & dump total hits of each type and the runtime to syslog
$config['site']['logperf_detail'] = true; // very verbose -- dump the individual cache keys and queries as they get used (may contain private info in some queries)
Seeing 180 cache gets on a timeline page seems not unusual currently; since these run in serial, even relatively small roundtrip times can add up heavily.
We should consider ways to reduce the number of round trips, such as more frequently storing compound objects or the output of processing in memcached.
Doing parallel multi-key lookups could also help by collapsing round-trip times, but might not be easy to fit into SN's object model. (For things like streams this should actually work pretty well -- grab the list, then when it's returned go grab all the individual items in parallel and return the list)
2011-01-31 13:12:56 -08:00
Evan Prodromou
570c7b63a2
Add internal URL shortener
2011-01-23 16:49:12 -05:00
Brion Vibber
9df856e667
Merge branch '0.9.x' into merge
...
Conflicts:
README
actions/hostmeta.php
classes/File_redirection.php
lib/common.php
lib/designsettings.php
lib/router.php
lib/util.php
lib/xmppmanager.php
plugins/OStatus/OStatusPlugin.php
2010-12-07 10:50:05 -08:00
Brion Vibber
2617c40e04
Merge branch 'master' of gitorious.org:statusnet/mainline into 0.9.x
...
Conflicts:
classes/User.php
2010-12-06 12:44:19 -08:00
Brion Vibber
76f3dc32e0
Added User::singleUserNickname() as (temporary?) fallback for single-user lookup as a workaround for site setup of 1user sites. We found that an external tool attempting to spin up StatusNet and then register the user would fail because StatusNet's router setup dies on being unable to find its single-user account, since the nickname is needed in setting up routing entries. This tweak will let it survive, using the configured setting as a fallback if it can't actually find the user account.
2010-12-06 12:39:09 -08:00
Brion Vibber
aa96c3c1d9
Fix for tickets #2917 , #2262 : user URL shortening options not being applied in non-web channels
...
common_shorten_links() can only access the web session's logged-in user, so never properly took user options into effect for posting via XMPP, API, mail, etc.
Adds an optional $user parameter on common_shorten_links(), and a $user->shortenLinks() as a clearer interface for that.
Tweaked some lower-level functions so $user gets passed down -- making the $notice_id param previously there for saving URLs at notice save time generalized a little.
Note also ticket #2919 : there's a lot of duplicate code calling the shortening, checking the length, and reporting near-identical error messages. These should be consolidated to aid in code and translation maintenance.
2010-12-02 13:41:56 -08:00
Brion Vibber
3f0557aa8e
General code safety: validate input and escape SQL strings in common_relative_profile()
2010-11-29 16:44:01 -08:00
Brion Vibber
82799f675f
Add Nickname test cases for @-reply regexes in common_find_mentions
2010-11-29 15:07:55 -08:00
Brion Vibber
dc350b5463
Work in progress on nickname validation changes. lib/nickname.php appears to have been destroyed by NetBeans and will be rewritten shortly. Sigh.
2010-11-29 14:15:25 -08:00
Brion Vibber
6c4e5a89c1
Add some doc comments on nickname-related stuff in util.php
2010-11-29 11:31:10 -08:00
Zach Copley
645a4d1754
Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x
2010-11-17 22:16:08 +00:00
Brion Vibber
197b56778a
Add $config['attachments']['process_links'] to allow disabling processing of mentioned URL links for attachment info (oEmbed lookups) and dereferencing of redirects that we didn't have shortened ourselves.
...
This option may be useful for intranet sites that don't have direct access to the internet, as they may be unable to successfully fetch those resources.
2010-11-17 13:03:59 -08:00
Zach Copley
bd566b6f85
Merge branch '0.9.x' into facebook-upgrade
2010-11-16 02:32:46 +00:00
Zach Copley
5b94d9e86b
Merge branch '0.9.x' into facebook-upgrade
2010-11-09 23:16:17 +00:00
Brion Vibber
883f7a6c0b
Avoid marking files as attachments that are not locally uploaded, unless they're really oembedable. HTML-y things now excluded properly.
2010-11-08 13:27:54 -08:00
Brion Vibber
b716d01a41
Merge branch '0.9.x' into 1.0.x
2010-11-03 16:09:49 -07:00
Brion Vibber
dc4fafbbd1
General cleanup & part of ticket #2864 : use User_group->getFancyName() instead of replicating the logic in various places. Encapsulates and allows for localization of parens.
2010-11-03 12:59:19 -07:00
Zach Copley
764a297383
Output filename in log msg if one is supplied
2010-11-02 23:13:20 +00:00
Brion Vibber
b26eccf33c
Merge branch '0.9.x' into 1.0.x
2010-10-28 16:26:34 -07:00
Craig Andrews
22a0cf6251
Set cookies with "secure" flag on SSL sites. Improves security.
2010-10-26 17:55:09 -04:00
Brion Vibber
ca489631db
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
actions/subscriptions.php
lib/router.php
lib/xmppmanager.php
lib/xmppoutqueuehandler.php
2010-10-25 13:08:57 -07:00
Zach Copley
78396db28a
Forgot to add the OAuth verifier pin page to sensitive array
2010-10-25 12:36:03 -07:00
Zach Copley
0dcc3f8d71
We don't need to have editapplication (only showapplication) in the
...
sensitive array because it doesn't expose the consumer keypair
2010-10-25 12:10:52 -07:00
Zach Copley
3954ab39ae
Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL if
...
available
2010-10-25 11:52:17 -07:00
Brion Vibber
8004e2809d
Fix for ticket #2845 : singleuser nickname configuration was being overridden by site owner in router setup.
...
I've consolidated the checks for which user to use for single-user mode into User::singleUser(), which now uses the configured nickname by preference, falling back to the site owner if it's unset.
This is now called consistently from the places that needed to use the primary user's nickname in routing setup.
Setting $config['singleuser']['nickname'] should now work again as expected.
2010-10-20 14:34:25 -07:00
Brion Vibber
7765ddae81
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
README
lib/default.php
2010-10-18 12:17:11 -07:00
Evan Prodromou
7c05b0dafc
options to nofollow external links in notices
2010-10-18 11:29:52 -04:00
Brion Vibber
6c959c83ce
Merge branch '0.9.x' into 1.0.x
2010-10-07 13:32:26 -07:00
Brion Vibber
5e0f3e7bd4
Workaround for regression in input validation due to more PCRE oddities. Recommend redoing common_validate_utf8() using something more reliable, perhaps. :P
2010-10-07 12:32:10 -07:00
Brion Vibber
71176b9a98
Merge branch '0.9.x' into 1.0.x
2010-10-06 13:07:29 -07:00
Brion Vibber
ebfa8bce27
Basic validation of UTF-8 input via GET/POST vars: invalid UTF-8 sequences will cause the string to drop. Not necessarily super-thorough; should be improved in future to drop individual bad sequences, do normalization of combining forms, etc. General input validation (for ints, types of strings, etc) still would be good to have!
2010-10-06 13:00:30 -07:00
Brion Vibber
59119482ca
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 1.0.x
...
Conflicts:
actions/hostmeta.php
actions/imsettings.php
classes/User.php
lib/adminpanelaction.php
lib/channel.php
lib/default.php
lib/router.php
lib/util.php
2010-10-04 12:54:36 -07:00