Commit Graph

6081 Commits

Author SHA1 Message Date
Miguel Dantas
aa5c6bbf08 [CORE][UI] Made attachment actions and its subactions be able to identify attachments by id and by filehash. Changed the url stored in the DB to be attachment//view 2019-08-03 17:31:41 +01:00
Miguel Dantas
9536f2a909 [CORE] Refactored attachement actions to remove duplicate code 2019-08-03 17:31:40 +01:00
Miguel Dantas
c7475d78b4 [CORE][UI][ROUTER] Added view action, which inlines images and videos but downloads everything else. Fixed File url to get an URL fromthe view action, so when a making a remote notice, the correct URL is used, not accessing directly to the file 2019-08-03 17:31:40 +01:00
Miguel Dantas
3c9a07677e [CORE] Attachments and thumbnails aren't accessed directly by the file under the file storage folder, but indirectly from PHP, so that access to the file folder can be blocked in the server config 2019-08-03 17:31:40 +01:00
Miguel Dantas
b669f57068 [CORE] Fixed common_get_preferred_php_upload_limit, because some values in php.ini can be -1 or 0 for unlimited 2019-08-03 17:31:40 +01:00
Miguel Dantas
ccebe536b3 [MEDIA] Removed blacklisted extensions, "trusts" upload extension (doesn't affect anything) and updated sysadmin documentation
Fixes bug which broke the UI. Oops
2019-08-03 17:31:39 +01:00
Miguel Dantas
b9a0733062 [MEDIA][CORE] Add common function for converting a string with a size unit to an int and MediaFile uses file_quota 2019-08-03 17:31:39 +01:00
Miguel Dantas
5961b45140 [MEDIA][UI] In case an attachment preview isn't possible, the name is displayed anyway 2019-08-03 17:31:39 +01:00
Miguel Dantas
5f53738376 [MEDIA][UI] Added preview support for BMP, WEBP and ICO, displaying the name underneath, centered 2019-08-03 17:31:38 +01:00
Miguel Dantas
5eb4a7d711 [MEDIA] File downloader now in PHP, added proper name in the UI and changed the format for new attachment file names
The file downloader was changed from a simple redirect to the file to one
implemented in PHP, which should make it safer, by making it possible disallow
direct access to the file, to prevent executing of atttachments

The filename has a new format:
  bin2hex("{$original_name}")."-{$filehash}"
This format should be respected. Notice the dash, which is important to distinguish it from the previous
format, which was "{$hash}.{$ext}"

This change was made to both make the experience more user friendly, by
providing a readable name for files, as opposed to it's hash. This name is taken
from the upload filename, but, clearly, as this wasn't done before, it's
impossible to have a proper name for older files, so those are displayed as
"untitled.{$ext}".

This new name is displayed in the UI, instead of the previous name.
2019-08-03 17:31:36 +01:00
Diogo Cordeiro
d705bcbd98 [CORE] Use random_bytes() if available and improve common_confirmation_code() randomness.
With PHP 7 comes the [random_bytes()](https://php.net/manual/en/function.random-bytes.php) and the [random_int()](https://www.php.net/manual/en/function.random-int.php) function which generates cryptographically secure pseudo-random bytes and integers, respectively.
2019-08-03 17:29:14 +01:00
Diogo Cordeiro
f0f5ecb756 [SCRIPTS] Fix sessiongc by XRevan86 2019-08-01 14:38:04 +01:00
Diogo Cordeiro
d1fc7c0774 [CORE] MySQL 5.5 support fully restored 2019-07-25 15:35:24 +01:00
Diogo Cordeiro
5ea0d74a57 [UI] Long strings/words in dents weren't being wrapped 2019-07-10 00:33:19 +01:00
Diogo Cordeiro
0a4eeb89da [CORE][ROUTER] Fix wrong parameter in all/:tag by XRevan86 2019-07-01 22:40:21 +01:00
Diogo Cordeiro
11dc170ead [CORE][FRAMEWORK] URL_REGEX_VALID_PATH_CHARS didn't recognize the parenthesis sign. 2019-06-26 15:54:51 +01:00
Diogo Cordeiro
98c0c1ed53 Implement $config['site']['logdebug'] 2019-06-25 22:59:10 +01:00
Diogo Cordeiro
83a05724b8 [CORE] Fix subscriptions and subscribers list (related to 44653d339d) 2019-06-24 14:06:43 +01:00
Diogo Cordeiro
44653d339d [Poll] Refactoring and minor bug fixes 2019-06-23 23:06:04 +01:00
Diogo Cordeiro
f2705180e0 [TagSub] Fix User's tags list issue
Issue introduced with 6d9f390b and 9a92b58057
2019-06-18 14:56:55 +01:00
Diogo Cordeiro
306d80de94 [DATABASE] Revert accidental regression introduced with 9a39ebe66f 2019-06-14 12:00:10 +01:00
Diogo Cordeiro
2740ff8c4c [DOCUMENTATION] Minor corrections
Add two missing contributors
Bumped patch due to changed introduced with 0583a6a904
2019-06-12 12:55:42 +01:00
Daniel Supernault
74ad4038ac Allow username or email in login form 2019-06-12 03:25:06 +01:00
Diogo Cordeiro
81d65afb28 [RELEASE] The Invicta Crusade 2019-06-11 18:37:25 +01:00
Miguel Dantas
20c73f0596 [FORMATING] Ran php-cs-fixer on lib/mediafile.php, lib/imagefile.php and classes/File.php 2019-06-10 00:38:16 +01:00
Miguel Dantas
b224d93098 [MEDIA] ImageFile now extends MediaFile and validates images more aggressively.
Default supported files need to use consistent names. Bumped version to 1.20.0

ImageFile has been changed to extend MediaFile and rely on it to partially
validate files. This validation has been extended to not rely solely on
Fileinfo, as it is disabled on some places. Now it'll try to use the shell
command `file`, if Fileinfo isn't available.

ImageFile now converts every new upload to PNG, except JPEG and GIF, which
are kept, but still resized (to the same size), to remove possible scripts
embedded therein.

MediaFile::fromUpload will return an ImageFile if the uploaded file is an image
or a MediaFile otherwise.

MediaFile can be constructed with an id with value -1 to denote a temporary
object, which is not added to the DB. This is useful to create a temporary
object for representing images, so it can be used to rescale them.

The supported attachment array needs to be populated with the result of calling
`image_type_to_extension` for the appropriate image type, in the case of images.
This is important so all parts of the code see the same extension for each image
type (jpg vs jpeg).

Added documentation to classes/File.php and to lib/MediaFile and lib/ImageFile
2019-06-10 00:35:53 +01:00
brunoccast
a1041a53f7 [THEME] Fix OpenID settings styles
- Action buttons are now side-by-side
- Dropped unused style rule concerning the solo-positioning of the Remove button
- Bump GS patch version
2019-06-09 18:13:04 +01:00
brunoccast
1e4063254b [OpenID] Added synchronization button and corresponding action
UI:
- "Delete" area is now "Actions" area
- Updated themes to better reflect the changes

Routes:
- index.php?action=finishsyncopenid => finishsyncopenid

Translations:
- Updated OpenID translation files
- Updated OpenID POT file

Versioning:
- Bump OpenID minor version
- Bump GS patch version

Why would have labeling the Synchronize button of Sync been of bad taste? - answered by XRevan86:

In "synchronise" "ch" is a digraph meaning /k/ (actually /x/ turned into /k/ in English but whatever).
So… not separate letters.
It's like "ph" in "alphabet", or "sh" in "sheep", or "ch" in "chop" -- "ch" can mean a whole variety of sounds.
2019-06-09 17:04:26 +01:00
Diogo Cordeiro
08b6cfde66 [SESSION] Add backwards compatibility for third party plugins depending on old Session::cleanup()
Namely Qvitter
2019-06-08 00:31:32 +01:00
Diogo Cordeiro
b6be1a3659 [DATABASE][User_openid_prefs] Fix wrong type for modified column
Patch submited by Sorokin Alexei (XRevan86)
2019-06-07 15:02:09 +01:00
brunoccast
00b4a084ad PSR2-format 2019-06-07 15:02:09 +01:00
brunoccast
061e7891e9 Cleanup and documentation of common_ensure_session
- Remove redundant branch
- Remove error suppression of session_start()
2019-06-07 15:02:09 +01:00
Diogo Cordeiro
a1af5562de EmailRegistration plugin flow requires a confirmation address before user creation 2019-06-07 15:02:09 +01:00
Diogo Cordeiro
46f98b3142 [VersionBump] 1.19.0, fairly late
The core plugins whose version was attached to GS's were reseted to 2.0.0.

2.0.0 was chosen as reset version for plugins because it is higher than
  the one that was set by inheriting GS version. Furthermore, it's a
  major change from prior plugin versioning system thus it also makes
  semantic sense.

Justification for version bump:

== GS ==
9a4ab31f26 1.19.0
c13b935201 1.18.3
c13b935201 1.18.2
18fc39d2cf 1.18.1
c083a8bcc2 1.18.0
e8783d46d0 1.17.1
d9a42550ff 1.17.0
1536d3ef29 1.16.0
c03ed457a6 1.15.0
d2e6519bad 1.14.2
fe411e8138 1.14.1
b17e0b4169 1.14.0
daa5f87fd4 1.13.0
d75b5d2f4a 1.11.7
f6dbf66983 1.11.6
6cf674f8f8 1.11.5
7845a09b34 1.11.4
e4d432295d 1.11.3
339204f1ee 1.11.2
a4e679a118 1.11.1
7967db6ff5 1.11.0
bc030da320 1.10.1
9cc7df51d6 1.10.0
bf7f17474d 1.9.2
8a07edec5f 1.9.1
0042971d74 1.9.0
6b5450b7e6 1.8.0
5dcc98d1c6 1.7.0
e6667db0cd 1.6.0
3290227b50 1.5.0
a59c439b46 1.4.0
496ab8c920 1.3.10
986030060b 1.3.9
1d529c021a 1.3.8
f89c052cf8 1.3.7
38f2ecefac 1.3.6
e473937cb9 1.3.5
9a39ebe66f 1.3.4
ddc3cecfc0 1.3.3
2b43d484eb 1.3.2
e8e487187e 1.3.1

== Plugins ==
XMPP plugin
e0887220b0 bump patch
e186ad57d0 bump patch

OStatus
e186ad57d0 bump patch

Nodeinfo
ceae66a30f bump minor
586fb5a517 bump major
195296846e bump minor
2019-06-07 15:02:08 +01:00
brunoccast
43df2d201c Extend Action with redirect after login logic, update some actions to use it 2019-06-07 15:02:07 +01:00
Diogo Cordeiro
4ca32628f7 [SESSION] Log messages were a bit confusing
Reported by XRevan86
2019-05-26 20:14:05 +01:00
Diogo Cordeiro
c083a8bcc2 [SESSION] Implement SessionHandlerInterface instead of setting custom handlers by XRevan86 2019-05-22 22:29:33 +01:00
Diogo Cordeiro
d9a42550ff is_rtl should handle lang instead of code 2019-05-16 22:51:11 +01:00
Diogo Cordeiro
1536d3ef29 [XML/HTML Outputter] General improvements and refactoring as well as some bug fixes 2019-05-07 15:57:19 +01:00
Diogo Cordeiro
c03ed457a6 Fix broken user activitystreams feed due to deleted notices 2019-05-06 23:27:38 +01:00
Diogo Cordeiro
d2e6519bad lib/ping.php - Fix PHP 7.3 Warning switch continue -> break 2019-05-06 23:27:38 +01:00
Diogo Cordeiro
fe411e8138 Fix some typos/small obvious bugs on twitterRssGroupArray 2019-05-03 17:09:23 +01:00
Diogo Cordeiro
6cf674f8f8 Some minor refactoring on session handler 2019-04-27 00:28:05 +01:00
Diogo Cordeiro
9cc7df51d6 Some obvious bug fixes for i18n 2019-04-25 23:12:46 +01:00
Diogo Cordeiro
bf7f17474d When an attachment fails to load, it shouldn't destroy the whole layout by XRevan86 2019-04-25 20:46:47 +01:00
Diogo Cordeiro
8a07edec5f Fix fulltext search by XRevan86 2019-04-25 19:32:20 +01:00
Diogo Cordeiro
0042971d74 Fix bug in 36a55d84.
We still have to further review and improve the caching of streams.
Important related changes: 2272cc24#diff-8633314d55a2834ab2ea425d7157bec14aca672L60
Important related discussion: https://github.com/chimo/gs-rediscache/issues/{1,2}
2019-04-25 18:51:44 +01:00
Diogo Cordeiro
6b5450b7e6 Faster inboxnoticestream.php by XRevan86.
This commit consequently reverts 5dcc98d1c6 and a59c439b46. This translated the php based version into a faster SQL query.
2019-04-25 18:48:53 +01:00
Diogo Cordeiro
5dcc98d1c6 inboxnoticestream.php gotta go fast 2019-04-23 23:10:43 +01:00
Diogo Cordeiro
e6667db0cd Add chimo's Nodeinfo plugin as a default GNU social plugin 2019-04-22 06:50:28 +01:00
Diogo Cordeiro
3290227b50 Modern version of XMPPHP extlib
Original XMPPHP is no longer maintained
Therefore I've done some optimizations and imported some commits from birkner and zorn-v forks.
None of the forks really looked ready to be adopted...
2019-04-21 17:13:07 +01:00
Diogo Cordeiro
a59c439b46 Faster inboxnoticestream.php by XRevan86 2019-04-21 00:56:56 +01:00
Diogo Cordeiro
f89c052cf8 Set default value of datetime columns to CURRENT_TIMESTAMP
This resolves an issue with MySQL 5.7 where the default SQL_MODE is set to disallow zero dates (i.e. '0000-00-00 00:00:00')
Fixed thanks to Francis and Normandy from postActiv.
2019-04-16 00:43:17 +01:00
Diogo Cordeiro
8305641b20 Update master GS version 2019-04-04 10:12:56 +01:00
Diogo Cordeiro
d1ba0dddec Merge branch 'issue-338' into 'master'
Database fields with timestamp type now allow CURRENT_TIMESTAMP to be set as default value

See merge request diogo/gnu-social!3
2018-09-14 21:30:16 +00:00
Diogo Cordeiro
9a39ebe66f Database fields with timestamp type now allow CURRENT_TIMESTAMP to be set as default value
Add default values to created and modified columns of Profile_list table to fix issue #338
2018-08-25 14:07:52 +01:00
Diogo Cordeiro
ddc3cecfc0 Add default values for avatar and attachment directories in web installer 2018-08-25 14:05:56 +01:00
Mikael Nordfeldth
ec98fd0c43 Merge remote-tracking branch 'gnuio/master' into nightly 2017-12-17 18:32:23 +01:00
mmn
67a9c0415c Merge branch 'cache-html-sanitizer' into 'master'
set the html sanitizer cache directory to ['cache']['dir'] from the config file;

See merge request gnu/gnu-social!156
2017-12-17 17:25:46 +00:00
mmn
a1ea335140 Merge branch 'cli-install' into 'master'
Don't write the config file when --skip-config flag is given to the installer.

See merge request gnu/gnu-social!155
2017-12-17 17:25:21 +00:00
nee
0b9a2fdf3a allow the cmd installer to load the config file from '/etc/gnusocial/config.d/'.$_server.'.php'
using the commandline argument as $_server (passed through lib/common.php to lib/gnusocial.php)
2017-12-17 17:59:46 +01:00
nee
3b5fabbe97 set the html sanitizer cache directory to ['cache']['dir'] from the config file; 2017-12-06 01:55:54 +01:00
nee
fdd3d63098 Don't write the config file when --skip-config flag is given to the installer.
* scripts/installer_cli.php: Read the arguments list before checking
  if the config file is writeable.
2017-11-26 22:14:30 +01:00
Mikael Nordfeldth
ec504ec4df Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into nightly 2017-09-10 14:06:03 +02:00
Sebastian
a6e33bdd6a Fixed code so that GNU social can receive Mastodon boosts (from GNU social nightly commit: c741d1a52a) 2017-08-25 11:35:02 +00:00
mmn
d9fbc17f77 Merge branch 'nightly' into 'nightly'
Added base64 encoding to get RMQ to work

See merge request !151
2017-08-23 15:28:08 +00:00
Mikael Nordfeldth
0b75eaed92 missing argument for sprintf 2017-08-22 19:19:17 +02:00
Mikael Nordfeldth
00cbc852b0 Make use of variable preMention signal method 2017-08-10 11:33:18 +02:00
Mikael Nordfeldth
8dd06cd8d8 Harmonize webfinger formatting and enable variable pre-mention character 2017-08-10 11:25:04 +02:00
Mikael Nordfeldth
945920f24d Mimetype was not recognized if longer than bare mime 2017-08-05 09:50:42 +02:00
Mikael Nordfeldth
6938d26524 List the thread config value in lib/default.php 2017-08-03 09:53:00 +02:00
abjectio
90e93b9656 Added base64 encoding to get RMQ to work 2017-07-28 12:42:21 +02:00
Mikael Nordfeldth
457d32e273 Merge branch 'takeshitakenji/gnu-social-twitter-repeat-config' into mmn_fixes 2017-07-11 22:09:12 +02:00
Mikael Nordfeldth
56e2b0007c Issue #279 raises the point of missing newlines 2017-07-11 21:58:24 +02:00
Mikael Nordfeldth
a7df79ac07 Force arrays in constructors of ActivityStreamJSONDocument and JSONActivityCollection
Started using PHP7+ and it started complaining about count() being fed objects
that weren't "Countable". .)
2017-07-10 14:26:01 +02:00
Mikael Nordfeldth
31866be98b Use intval on ini_get or we use a string for timeout 2017-07-10 14:10:32 +02:00
Mikael Nordfeldth
489099ca91 change default timeout setting for HTTPClient 2017-07-09 22:49:49 +02:00
Mikael Nordfeldth
fb492d4bb2 Remove debug call and change how connect_timeout is set 2017-07-09 20:34:44 +02:00
Mikael Nordfeldth
f0480c34d7 Configure a default timeout for HTTP connections at 60s
No requests we do externally should ever take more than 60 seconds. This
could probably be changed for downloading video or whatever for any cache
plugins that want to store data locally, but in general I think even 60s
is way longer than I expect any outgoing requests should take.

This affects everything using HTTPClient, our helper class, and thus all
hub pings, subscription requests, etc. etc.

The value, afaik, includes connect_timeout and if it takes 10 seconds to
establish a connection only 50 seconds is available to transfer data.
2017-07-09 20:28:22 +02:00
Mikael Nordfeldth
c9a9a8bc58 Fulltext indexes are supported in InnoDB since MariaDB 10.0.15 2017-06-22 01:37:43 +02:00
Mikael Nordfeldth
1517deeeb6 Since ActivityContext::CONVERSATION changed to 'conversation' instead of 'ostatus:conversation' we need to add it ourselves
the xmlstringerthinger doesn't really use namespaces afaik
2017-05-06 15:27:25 +02:00
Mikael Nordfeldth
ba4a84602a Output proper HTML and XML headers for single Atom entry
RFC5023 <https://tools.ietf.org/html/rfc5023> specifies that the
content type parameter 'type=entry' should be used to clarify data.
2017-05-06 14:38:46 +02:00
Mikael Nordfeldth
1ccb934541 Return false immediately if $url is empty for common_valid_http_url 2017-05-06 14:38:43 +02:00
Mikael Nordfeldth
434956fc75 Notices start saving selfLink from activities/objects 2017-05-06 14:38:42 +02:00
Mikael Nordfeldth
7da925ca70 Handle selfLink in ActivityObject 2017-05-06 14:38:41 +02:00
Mikael Nordfeldth
d88e9ffd33 Output proper HTML and XML headers for single Atom entry
RFC5023 <https://tools.ietf.org/html/rfc5023> specifies that the
content type parameter 'type=entry' should be used to clarify data.
2017-05-06 12:38:34 +02:00
Mikael Nordfeldth
709f1bbd75 Return false immediately if $url is empty for common_valid_http_url 2017-05-06 12:25:27 +02:00
Mikael Nordfeldth
8a4bec811b Notices start saving selfLink from activities/objects 2017-05-06 12:15:54 +02:00
Mikael Nordfeldth
7889b21e7b Handle selfLink in ActivityObject 2017-05-06 11:57:16 +02:00
Mikael Nordfeldth
000af6d9ee default to #addtag on !group mention 2017-05-02 21:21:53 +02:00
Mikael Nordfeldth
07458e5375 Fixed the parsing of ostatus:conversation etc.
Conversation will now start storing remote URL

The namespace features don't work the way they were written for here
so I fixed that, making the ostatus: namespace properly looked up and
then the homegrown getLink function looks for what is back-compat with
StatusNet etc. if I remember correctly.
2017-05-02 18:58:22 +02:00
Mikael Nordfeldth
f4d6710a0f Change mentions of PuSH to WebSub
WebSub is probably finalised before we make a release anyway. Here is
the official spec: https://www.w3.org/TR/websub/

Mostly just comments that have been changed. Some references to PuSH <0.4
are left because they actually refer to PuSH 0.3 and that's not WebSub...

The only actual code change that might affect anything is FeedSub->isPuSH()
but the only official plugin using that call was FeedPoller anyway...
2017-05-01 11:04:27 +02:00
Mikael Nordfeldth
839b3e7392 allowed_schemes was misspelled 2017-04-26 22:12:06 +02:00
Mikael Nordfeldth
adfd76f44b allowed_schemes was misspelled 2017-04-26 22:11:28 +02:00
Mikael Nordfeldth
5f24fc0986 Blacklist plugin enabled by default (bug fixes will come) 2017-04-25 20:43:31 +02:00
Mikael Nordfeldth
5e7a7701b9 Domain name regular expression into lib/framework.php
cherry-pick-merge
2017-04-22 11:26:13 +02:00
Mikael Nordfeldth
2fc4b174c1 Domain name regular expression into lib/framework.php 2017-04-22 11:07:38 +02:00
Mikael Nordfeldth
d2c7c83615 Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into nightly 2017-04-06 13:34:57 +02:00
Mikael Nordfeldth
1b3021d61c E-mail should contain full acct uri too (FancyName) 2017-04-06 13:23:33 +02:00
mmn
550606177b Merge branch 'fixtests' into 'nightly'
Got Old Unittests Passing

See merge request !131
2017-04-06 10:23:12 +00:00
Mikael Nordfeldth
2ce2201496 Show full acct uri as html title on link mouseover 2017-04-06 11:45:58 +02:00
mmn
bd24724560 Merge branch 'atom-post' into 'nightly'
Add support for Atom entry when posting status

See merge request !135
2017-04-06 09:20:38 +00:00
mmn
f2d2f7ebe2 Merge branch 'newListItem-signatures' into 'nightly'
Add var type to newListItem() parameter

See merge request !137
2017-04-06 09:11:52 +00:00
Mikael Nordfeldth
b54c7f720c add configuration option that was documented in CONFIGURE 2017-04-02 11:05:22 +02:00
Chimo
dc7c64592b Add var type to newListItem() parameter
Fixes some "Declaration of $child::method should be compatible with
$parent::method" warnings.
2017-03-16 22:57:16 -04:00
Thomas Karpiniec
132b932ff3 Add support for Atom entry when posting status 2017-02-04 20:04:02 +11:00
Mikael Nordfeldth
63322989c2 if zip is fine then application/x-bzip2 is too 2017-01-11 23:30:06 +01:00
Roger Braun
c741d1a52a Make Mastodon retweets parse correctly. 2016-12-05 18:24:55 +01:00
Mikael Nordfeldth
c5a4921176 log with var_export (our shorthand _ve()) 2016-10-23 12:14:02 +02:00
Mikael Nordfeldth
8614cd77eb A good plugin but not necessary as default. 2016-10-22 19:27:07 +02:00
Mikael Nordfeldth
1c5e364880 Merge branch 'master' into mmn_fixes 2016-09-13 11:26:03 +02:00
Mikael Nordfeldth
7d67eefdf5 wrong variable was referenced 2016-09-13 11:24:57 +02:00
Mikael Nordfeldth
500ff6be1a Merge branch 'master' into mmn_fixes 2016-09-02 01:04:54 +02:00
Mikael Nordfeldth
18670c69b2 Merge branch 'master' of git.gnu.io:gnu/gnu-social 2016-09-02 01:01:57 +02:00
Mikael Nordfeldth
a7043bf7cc Split up source and source_link. Never trust HTML!
https://community.highlandarrow.com/notice/269667
or alternatively: https://social.umeahackerspace.se/conversation/495655
2016-09-02 01:00:52 +02:00
Mikael Nordfeldth
15ab9ff9e3 common_to_alphanumeric added, filtering Notice->source in classic layout 2016-09-02 01:00:08 +02:00
Mikael Nordfeldth
59b93b23e2 Split up source and source_link. Never trust HTML!
https://community.highlandarrow.com/notice/269667
or alternatively: https://social.umeahackerspace.se/conversation/495655
2016-09-02 00:55:46 +02:00
Mikael Nordfeldth
e6b3924a5d common_to_alphanumeric added, filtering Notice->source in classic layout 2016-09-02 00:08:17 +02:00
Mikael Nordfeldth
af6a3aa456 Make Group actions ManagedAction so groupbyid works 2016-08-28 09:34:31 +02:00
Mikael Nordfeldth
a32bfe7d87 TagCloud turned into plugin (performance issues on large installs) 2016-08-27 15:24:25 +02:00
Mikael Nordfeldth
4314a286e3 Less convoluted attachmentlistitem function calls 2016-08-21 09:25:16 +02:00
Mikael Nordfeldth
fc06c599bc dbqueuemanager should ignore on no-result-exceptions 2016-08-16 20:27:41 +02:00
Nym Coy
1f866fcaed ActivityGenerationTests.php fails but doesn't crash anymore.
Fixed an error where a profile id was reused after another profile was
deleted, and the new profile still had the deleted role.

Fixed ActivityGenerationTests::testNoticeInfoRepeated() which was passing
User instead of Profile, throwing errors.

tests/ActivityGenerationTests.php now passes.

CommandInterpreterTest now passes.

Moved JidValidateTest to XmppValidateTest, since Jabber functionality has
moved to the XmppPlugin. Tests work but don't pass, but they are at least
skipped if XmppPlugin is not active.

LocationTest passes, but the tests are not very good. Lots of nulls.

MediaFileTest passes.

NicknameTest passes. Nickname::normalize() now throws an error if the
nickname is too long with underscores.

UserFeedParseTest passes.

URLDetectionTest passes if $config['linkify']['(bare_ipv4|bare_ipv6|
bare_domains)'] are false. Untested otherwise.

Fixed Nickname::isBlacklisted() so it does not throw an error if
$config['nickname]['blacklist'] not set.
2016-08-14 11:55:49 +05:30
Mikael Nordfeldth
557e430c7d Reference local URLs in addressee list on notices. 2016-08-06 18:32:14 +02:00
Mikael Nordfeldth
e52275e37f Some comparisons were incorrect (text/html;charset=utf-8 etc.) 2016-07-21 01:38:31 +02:00
Mikael Nordfeldth
d5c733919b Because the other part of the code works now, this is unnecessary 2016-07-21 00:34:40 +02:00
Mikael Nordfeldth
e8e996182f Delete file on class destruction or we do it too quickly
Source image was removed when trying to use it for resizeTo
2016-07-21 00:23:27 +02:00
Mikael Nordfeldth
46c227bf3a FileNotFoundException is more proper here 2016-07-15 13:19:16 +02:00
Mikael Nordfeldth
36cfe9f857 Delete successfully generated thumbnail (temporary sources) too. 2016-07-15 12:52:20 +02:00
Mikael Nordfeldth
6332a4d800 Handle FileNotStoredLocallyException in attachmentlistitem 2016-07-07 00:45:31 +02:00
Mikael Nordfeldth
f02d32b718 Reworked File->getUrl to throw exception
In case you require a local URL and one can't be generated, throw
FileNotStoredLocallyException(File $file)
2016-07-07 00:44:50 +02:00
Mikael Nordfeldth
71afb5be75 If the file is text/plain, see if we accept the extension 2016-07-06 09:34:09 +02:00
Mikael Nordfeldth
4117118e23 More specific exceptions for mimetype/extension issues. 2016-07-06 09:14:59 +02:00
Mikael Nordfeldth
b4a0bff740 Some mimetype madness! 2016-07-06 08:59:16 +02:00
Mikael Nordfeldth
a833eaa651 Make all hash algorithms available (but whitelist by default)
sha1 is whitelisted only because StatusNet requires it.
2016-06-28 11:54:39 +02:00
Mikael Nordfeldth
7978cd6d59 s/EmptyIdException/EmptyPkeyValueException/ 2016-06-25 11:50:59 +02:00
Mikael Nordfeldth
0adb7af9a0 Allow a quickHead request, will only return headers 2016-06-24 15:43:20 +02:00
Mikael Nordfeldth
39e8c13afb Properly parse incoming bookmarks 2016-06-24 13:51:40 +02:00
Mikael Nordfeldth
d00f19663b bump to beta5 since phpseclib update (which might cause some issues still) 2016-06-18 00:05:54 +02:00
mmn
2e8a5aeb23 Merge branch 'tom/noreferrer' into 'nightly'
Use noreferrer when linkifying attachments and allow this value in purifier

If you click on a link in your main timeline this effectively identifies you to the site that you visited via the Referer header. (Who goes around reading other people's /user/all, honestly?)

Annoyingly our notice content is already HTML. Rather than attempt to parse and modify the tags in flight, this modification takes the simpler approach of adding the noreferrer tag to inline links by default when notices are composed.

See merge request !127
2016-06-17 16:32:39 -04:00
mmn
005b4c8dd1 Merge branch 'strict-warnings' into 'nightly'
Fix some strict warnings (Action::prepare, Action::handle)

I know MR with changes to a bunch of files aren't great practice, but I figured since all the changes are one-liners it might not be a huge deal.

Related to #190 

See merge request !123
2016-06-17 16:29:47 -04:00
mmn
d66b495ba8 Merge branch 'notice-location' into 'nightly'
Re-enable notice locations

Removed a stray 'return' statement.

See merge request !125
2016-06-17 16:28:56 -04:00
mmn
d4295cfb25 Merge branch 'webmention-rocks' into 'nightly'
webmention.rocks

I have improved the webmention handling so that all but two of the webmention.rocks compliance tests pass now.  Also improved parsing of time/authors on incoming webmentions.

See merge request !128
2016-06-17 16:26:21 -04:00
Mikael Nordfeldth
5e131aed80 Apparently medium.com uses @ frequently i URLs
and we skipped them because we assumed they were urlencoded when copied.
2016-06-17 11:20:36 +02:00
Stephen Paul Weber
83e7ade714 When there is no useful title, class="p-name e-content" 2016-06-10 21:00:48 +00:00
Thomas Karpiniec
c1537a1e82 Use noreferrer when linkifying attachments and allow this value in purifier 2016-06-09 19:56:36 +10:00
Chimo
d02c75d019 Re-enable notice locations
Removed a stray 'return' statement.
2016-06-01 21:56:42 -04:00
Chimo
9de79f0a36 Update prepare() method on Action subclasses.
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::prepare() should be compatible with
Action::prepare(array $args = Array)

Ref. #190
2016-06-01 02:26:44 +00:00
Chimo
ba2975aac8 Update handle() method on Action subclasses.
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::handle() should be compatible with
Action::handle()"

Ref. #190
2016-06-01 02:26:44 +00:00
Sandro Santilli
3138fa0b40 Check DB connection before any possible use 2016-05-24 16:49:50 +02:00
Mikael Nordfeldth
bd306bdb9f Add /download action for attachments 2016-05-09 22:08:36 +02:00
Mikael Nordfeldth
3a6733dc98 2-frame GIF animations weren't recognised as animated 2016-05-04 11:57:55 +02:00
Mikael Nordfeldth
a5a96dd857 Misplaced break/continue statements. 2016-05-04 11:44:00 +02:00
Mikael Nordfeldth
87dd0fbdb6 UseFileAsThumbnailException uses direct File object now 2016-05-04 11:34:50 +02:00
Mikael Nordfeldth
7aa9a69c2f Link to attachment page instead of big-ass image 2016-05-01 11:35:51 +02:00
Mikael Nordfeldth
9b613029e6 Merge branch 'master' into mmn_fixes 2016-04-18 16:10:50 +02:00
Mikael Nordfeldth
844fe3924e put local id, href and such in ostatus:conversation element 2016-04-18 16:09:36 +02:00
Mikael Nordfeldth
107f612384 strict type comparison 2016-04-18 15:04:03 +02:00
Mikael Nordfeldth
4645033b98 "In conversation" text in noticelistitem 2016-04-08 13:44:22 +02:00
Mikael Nordfeldth
547f92de07 Don't fail deleteRelated on NoProfileException 2016-04-01 06:51:19 +02:00
Mikael Nordfeldth
44ea8aa681 Make sure $_SERVER['HTTP_REFERER'] isset when testing value 2016-03-31 20:51:50 +02:00
Mikael Nordfeldth
4ea79bc396 I was too quick to save that file (File::getByUrl takes 1 arg) 2016-03-29 14:33:40 +02:00
Mikael Nordfeldth
2f91cb0df7 We should assume all verbs and such are their full URIs in our db 2016-03-29 12:57:52 +02:00
Mikael Nordfeldth
dcffe5d992 Forgotten File::getByUrl conversations (performance++) 2016-03-29 12:13:53 +02:00
Mikael Nordfeldth
88e2f739a9 DOMElement not DOMDocument 2016-03-28 16:23:15 +02:00
Mikael Nordfeldth
7bef2ad4cc Update Profile Data script fixes, might work for groups too now 2016-03-28 16:19:47 +02:00
Mikael Nordfeldth
f134a423f6 rename config option site/logdebug to log/debugtrace 2016-03-27 16:36:58 +02:00
Mikael Nordfeldth
9fa18fa366 HTTPClient::quickGet now supports headers as argument
They should be in a numeric array, already formatted as headers,
ready to go. (Header-Name: Content of the header)
2016-03-24 02:44:11 +01:00
Mikael Nordfeldth
f83b81b8c4 Change config webfinger/http_alias to fix/legacy_http
Set $config['fix']['legacy_http'] to perform some actions that are
needed if your site used to be served over http but now has upgraded
to https!
2016-03-23 15:21:02 +01:00
Mikael Nordfeldth
8933022edc Forgot a microsummary route in the latest commit 2016-03-22 22:37:59 +01:00
Mikael Nordfeldth
dafe775ffa Microsummaries had issues and were removed in Firefox 6.0 anyway
It is argued there are many better ways to get a "micro summary" of
a profile or site.
2016-03-22 22:31:01 +01:00
Neil E. Hodges
39ebb64b85 Added proper enabling and disabling of sending RTs to Twitter. 2016-03-21 07:12:52 -07:00
Mikael Nordfeldth
38f7deca78 Avoid "property of non-object" PHP notice. 2016-03-21 11:17:25 +01:00
Mikael Nordfeldth
1e89369ef8 geometa.js doesn't exist anymore 2016-03-21 03:23:39 +01:00
Mikael Nordfeldth
ae681b10e7 geometa.js doesn't exist anymore 2016-03-21 03:11:22 +01:00
Mikael Nordfeldth
980085a8a3 Merge branch 'master' of git.gnu.io:gnu/gnu-social into mmn_fixes
Conflicts:
	plugins/Minify/extlib/minify/README.txt
	plugins/Minify/extlib/minify/UPGRADING.txt
	plugins/Minify/extlib/minify/min/README.txt
	plugins/Minify/extlib/minify/min/builder/index.php
	plugins/Minify/extlib/minify/min/lib/JSMin.php
	plugins/Minify/extlib/minify/min/lib/Minify.php
	plugins/Minify/extlib/minify/min/lib/Minify/CSS.php
	plugins/Minify/extlib/minify/min/lib/Minify/CSS/Compressor.php
	plugins/Minify/extlib/minify/min/lib/Minify/Controller/Page.php
	plugins/Minify/extlib/minify/min/lib/Minify/Packer.php
	plugins/Recaptcha/RecaptchaPlugin.php
2016-03-21 03:10:19 +01:00
Mikael Nordfeldth
cd24f7d30a Issue #166 - we test exif data below, no need for error output 2016-03-21 02:56:47 +01:00
Mikael Nordfeldth
cdcf6cdb25 Hacky method to avoid cutting conversation "more" link out 2016-03-21 02:42:28 +01:00
Mikael Nordfeldth
aa3865c303 Split threaded notice list classes into own files. 2016-03-21 02:33:57 +01:00
Bob Mottram
11c57e7aee Remove Google References
This removes most references to Google, with some
remaining since they may point to things which are still
relevant. References to Google Code, Google Buzz and
Google Maps have been removed
2016-03-20 13:06:58 +00:00
Mikael Nordfeldth
349e842078 UPDATE ActivityVerb 2016-03-14 15:26:03 +01:00
Mikael Nordfeldth
ca8f0f84c4 Woops, forgot to include this file! 2016-03-14 15:25:05 +01:00
Mikael Nordfeldth
5ca2a28246 Make oEmbed handle our http/https setting better. 2016-03-10 14:20:21 +01:00
Mikael Nordfeldth
bd75305560 Define-ify excluded end-characters of URL autolinking 2016-03-09 15:16:47 +01:00
Mikael Nordfeldth
c769924505 Reduce the number of allowed characters in auto-linking URLs. 2016-03-09 15:05:36 +01:00
Mikael Nordfeldth
d179afa303 Save allowed path/qstring/fragment characters in constants 2016-03-09 14:51:52 +01:00
Mikael Nordfeldth
e2c6f2f96f Let's be consistent with URL verbs 2016-03-08 20:01:06 +01:00
Mikael Nordfeldth
cfc82591da chmod 0775 directories we create
Security for the 'g+rx' should be handle by having the parent directory
inaccessible for global users, which is usually the case.
2016-03-07 23:23:32 +01:00
Mikael Nordfeldth
4e5c0e70a6 fillConfigVoids to set default value of empty config options 2016-03-07 22:55:52 +01:00
Mikael Nordfeldth
265fa12917 Relatively experimental change to store thumbnails in 'file/thumb/' (by default) 2016-03-07 22:33:34 +01:00
Mikael Nordfeldth
158b323767 Declare AdminpanelAction::canAdmin as static, since that's how it's used. 2016-03-06 17:31:40 +01:00
Mikael Nordfeldth
6ec72b2978 Move mail_confirm_address out of mail.php 2016-03-06 17:27:40 +01:00
mmn
0785e2910f Merge branch 'no_sandboxed_repeats_branch' into 'nightly'
Don't include repeated notices from sandboxed users in the public timeline



See merge request !115
2016-03-05 08:08:42 -05:00
Mikael Nordfeldth
97ac722b24 Accessibility navigation improvement 2016-03-05 12:42:53 +01:00
Mikael Nordfeldth
7ca0ff9a19 MediaFile::fromUpload handles missing local file better 2016-03-05 12:05:12 +01:00
Mikael Nordfeldth
1db02d7f36 filename_base option isn't optimal
For different "download filenames" we should use some other method.
2016-03-05 11:59:46 +01:00
Mikael Nordfeldth
57d57b8d8f Handle reuploads via filehandle better if original is missing 2016-03-05 01:26:34 +01:00
Mikael Nordfeldth
952f68fed5 File upload logging for dummies 2016-03-05 00:59:39 +01:00
hannes
7d4658643d the repeated notice can be from a sandboxed user too 2016-03-04 16:53:57 -05:00
Mikael Nordfeldth
dc1ceca86e Some more Microformats2 data for notices and rendering 2016-03-02 13:29:54 +01:00