Diogo Cordeiro
0c2c3ec862
[CORE] Plugin API now extends a new Module API
2019-08-24 01:59:33 +01:00
Diogo Cordeiro
b6e7b18c7b
[PLUGIN API] Bug fixes and improvements
2019-08-24 01:59:32 +01:00
Diogo Cordeiro
55d049b1e8
[CORE] Move plugin superclasses from /lib/ to /lib/modules/
2019-08-22 03:13:58 +01:00
Diogo Cordeiro
2a06261f75
[CORE][COMPOSER] Move extlib packages with immediate composer correspondent to composer dependencies
...
This adds a composer.json for all dependencies that are available
2019-08-03 17:47:24 +01:00
Diogo Cordeiro
a38f25f7cd
[PEAR] Modernize Validate code
...
Upgraded IDNA to IDNA2
Added PEAR Date
> fixed: The each function is deprecated
2019-08-03 17:31:43 +01:00
Miguel Dantas
7643f3cf7b
[CORE][ACTION] Removed getfile action. Superseded by attachment/*/download, which additionally uses a file hash as oposed to a filename.
...
Additionally, added etag and last modified HTTP headers to attachments, to more effectively take advantage of caching
2019-08-03 17:31:41 +01:00
Miguel Dantas
aa5c6bbf08
[CORE][UI] Made attachment actions and its subactions be able to identify attachments by id and by filehash. Changed the url stored in the DB to be attachment//view
2019-08-03 17:31:41 +01:00
Miguel Dantas
9536f2a909
[CORE] Refactored attachement actions to remove duplicate code
2019-08-03 17:31:40 +01:00
Miguel Dantas
c7475d78b4
[CORE][UI][ROUTER] Added view action, which inlines images and videos but downloads everything else. Fixed File url to get an URL fromthe view action, so when a making a remote notice, the correct URL is used, not accessing directly to the file
2019-08-03 17:31:40 +01:00
Miguel Dantas
3c9a07677e
[CORE] Attachments and thumbnails aren't accessed directly by the file under the file storage folder, but indirectly from PHP, so that access to the file folder can be blocked in the server config
2019-08-03 17:31:40 +01:00
Miguel Dantas
b669f57068
[CORE] Fixed common_get_preferred_php_upload_limit, because some values in php.ini can be -1 or 0 for unlimited
2019-08-03 17:31:40 +01:00
Miguel Dantas
ccebe536b3
[MEDIA] Removed blacklisted extensions, "trusts" upload extension (doesn't affect anything) and updated sysadmin documentation
...
Fixes bug which broke the UI. Oops
2019-08-03 17:31:39 +01:00
Miguel Dantas
b9a0733062
[MEDIA][CORE] Add common function for converting a string with a size unit to an int and MediaFile uses file_quota
2019-08-03 17:31:39 +01:00
Miguel Dantas
5961b45140
[MEDIA][UI] In case an attachment preview isn't possible, the name is displayed anyway
2019-08-03 17:31:39 +01:00
Miguel Dantas
5f53738376
[MEDIA][UI] Added preview support for BMP, WEBP and ICO, displaying the name underneath, centered
2019-08-03 17:31:38 +01:00
Miguel Dantas
5eb4a7d711
[MEDIA] File downloader now in PHP, added proper name in the UI and changed the format for new attachment file names
...
The file downloader was changed from a simple redirect to the file to one
implemented in PHP, which should make it safer, by making it possible disallow
direct access to the file, to prevent executing of atttachments
The filename has a new format:
bin2hex("{$original_name}")."-{$filehash}"
This format should be respected. Notice the dash, which is important to distinguish it from the previous
format, which was "{$hash}.{$ext}"
This change was made to both make the experience more user friendly, by
providing a readable name for files, as opposed to it's hash. This name is taken
from the upload filename, but, clearly, as this wasn't done before, it's
impossible to have a proper name for older files, so those are displayed as
"untitled.{$ext}".
This new name is displayed in the UI, instead of the previous name.
2019-08-03 17:31:36 +01:00
Diogo Cordeiro
d705bcbd98
[CORE] Use random_bytes() if available and improve common_confirmation_code() randomness.
...
With PHP 7 comes the [random_bytes()](https://php.net/manual/en/function.random-bytes.php ) and the [random_int()](https://www.php.net/manual/en/function.random-int.php ) function which generates cryptographically secure pseudo-random bytes and integers, respectively.
2019-08-03 17:29:14 +01:00
Diogo Cordeiro
f0f5ecb756
[SCRIPTS] Fix sessiongc by XRevan86
2019-08-01 14:38:04 +01:00
Diogo Cordeiro
d1fc7c0774
[CORE] MySQL 5.5 support fully restored
2019-07-25 15:35:24 +01:00
Diogo Cordeiro
5ea0d74a57
[UI] Long strings/words in dents weren't being wrapped
2019-07-10 00:33:19 +01:00
Diogo Cordeiro
11dc170ead
[CORE][FRAMEWORK] URL_REGEX_VALID_PATH_CHARS didn't recognize the parenthesis sign.
2019-06-26 15:54:51 +01:00
Diogo Cordeiro
83a05724b8
[CORE] Fix subscriptions and subscribers list (related to 44653d339d
)
2019-06-24 14:06:43 +01:00
Diogo Cordeiro
f2705180e0
[TagSub] Fix User's tags list issue
...
Issue introduced with 6d9f390b
and 9a92b58057
2019-06-18 14:56:55 +01:00
Diogo Cordeiro
306d80de94
[DATABASE] Revert accidental regression introduced with 9a39ebe66f
2019-06-14 12:00:10 +01:00
Diogo Cordeiro
2740ff8c4c
[DOCUMENTATION] Minor corrections
...
Add two missing contributors
Bumped patch due to changed introduced with 0583a6a904
2019-06-12 12:55:42 +01:00
Diogo Cordeiro
81d65afb28
[RELEASE] The Invicta Crusade
2019-06-11 18:37:25 +01:00
Miguel Dantas
b224d93098
[MEDIA] ImageFile now extends MediaFile and validates images more aggressively.
...
Default supported files need to use consistent names. Bumped version to 1.20.0
ImageFile has been changed to extend MediaFile and rely on it to partially
validate files. This validation has been extended to not rely solely on
Fileinfo, as it is disabled on some places. Now it'll try to use the shell
command `file`, if Fileinfo isn't available.
ImageFile now converts every new upload to PNG, except JPEG and GIF, which
are kept, but still resized (to the same size), to remove possible scripts
embedded therein.
MediaFile::fromUpload will return an ImageFile if the uploaded file is an image
or a MediaFile otherwise.
MediaFile can be constructed with an id with value -1 to denote a temporary
object, which is not added to the DB. This is useful to create a temporary
object for representing images, so it can be used to rescale them.
The supported attachment array needs to be populated with the result of calling
`image_type_to_extension` for the appropriate image type, in the case of images.
This is important so all parts of the code see the same extension for each image
type (jpg vs jpeg).
Added documentation to classes/File.php and to lib/MediaFile and lib/ImageFile
2019-06-10 00:35:53 +01:00
brunoccast
a1041a53f7
[THEME] Fix OpenID settings styles
...
- Action buttons are now side-by-side
- Dropped unused style rule concerning the solo-positioning of the Remove button
- Bump GS patch version
2019-06-09 18:13:04 +01:00
brunoccast
1e4063254b
[OpenID] Added synchronization button and corresponding action
...
UI:
- "Delete" area is now "Actions" area
- Updated themes to better reflect the changes
Routes:
- index.php?action=finishsyncopenid => finishsyncopenid
Translations:
- Updated OpenID translation files
- Updated OpenID POT file
Versioning:
- Bump OpenID minor version
- Bump GS patch version
Why would have labeling the Synchronize button of Sync been of bad taste? - answered by XRevan86:
In "synchronise" "ch" is a digraph meaning /k/ (actually /x/ turned into /k/ in English but whatever).
So… not separate letters.
It's like "ph" in "alphabet", or "sh" in "sheep", or "ch" in "chop" -- "ch" can mean a whole variety of sounds.
2019-06-09 17:04:26 +01:00
Diogo Cordeiro
b6be1a3659
[DATABASE][User_openid_prefs] Fix wrong type for modified column
...
Patch submited by Sorokin Alexei (XRevan86)
2019-06-07 15:02:09 +01:00
Diogo Cordeiro
a1af5562de
EmailRegistration plugin flow requires a confirmation address before user creation
2019-06-07 15:02:09 +01:00
Diogo Cordeiro
46f98b3142
[VersionBump] 1.19.0, fairly late
...
The core plugins whose version was attached to GS's were reseted to 2.0.0.
2.0.0 was chosen as reset version for plugins because it is higher than
the one that was set by inheriting GS version. Furthermore, it's a
major change from prior plugin versioning system thus it also makes
semantic sense.
Justification for version bump:
== GS ==
9a4ab31f26 1.19.0
c13b935201
1.18.3
c13b935201
1.18.2
18fc39d2cf
1.18.1
c083a8bcc2
1.18.0
e8783d46d0
1.17.1
d9a42550ff
1.17.0
1536d3ef29
1.16.0
c03ed457a6
1.15.0
d2e6519bad
1.14.2
fe411e8138
1.14.1
b17e0b4169
1.14.0
daa5f87fd4
1.13.0
d75b5d2f4a
1.11.7
f6dbf66983
1.11.6
6cf674f8f8
1.11.5
7845a09b34
1.11.4
e4d432295d
1.11.3
339204f1ee
1.11.2
a4e679a118
1.11.1
7967db6ff5
1.11.0
bc030da320
1.10.1
9cc7df51d6
1.10.0
bf7f17474d
1.9.2
8a07edec5f
1.9.1
0042971d74
1.9.0
6b5450b7e6
1.8.0
5dcc98d1c6
1.7.0
e6667db0cd
1.6.0
3290227b50
1.5.0
a59c439b46
1.4.0
496ab8c920
1.3.10
986030060b
1.3.9
1d529c021a
1.3.8
f89c052cf8
1.3.7
38f2ecefac
1.3.6
e473937cb9
1.3.5
9a39ebe66f
1.3.4
ddc3cecfc0
1.3.3
2b43d484eb
1.3.2
e8e487187e
1.3.1
== Plugins ==
XMPP plugin
e0887220b0
bump patch
e186ad57d0
bump patch
OStatus
e186ad57d0
bump patch
Nodeinfo
ceae66a30f
bump minor
586fb5a517
bump major
195296846e
bump minor
2019-06-07 15:02:08 +01:00
Diogo Cordeiro
8305641b20
Update master GS version
2019-04-04 10:12:56 +01:00
Mikael Nordfeldth
457d32e273
Merge branch 'takeshitakenji/gnu-social-twitter-repeat-config' into mmn_fixes
2017-07-11 22:09:12 +02:00
Mikael Nordfeldth
2fc4b174c1
Domain name regular expression into lib/framework.php
2017-04-22 11:07:38 +02:00
Mikael Nordfeldth
d00f19663b
bump to beta5 since phpseclib update (which might cause some issues still)
2016-06-18 00:05:54 +02:00
Mikael Nordfeldth
5e131aed80
Apparently medium.com uses @ frequently i URLs
...
and we skipped them because we assumed they were urlencoded when copied.
2016-06-17 11:20:36 +02:00
Neil E. Hodges
39ebb64b85
Added proper enabling and disabling of sending RTs to Twitter.
2016-03-21 07:12:52 -07:00
Mikael Nordfeldth
bd75305560
Define-ify excluded end-characters of URL autolinking
2016-03-09 15:16:47 +01:00
Mikael Nordfeldth
c769924505
Reduce the number of allowed characters in auto-linking URLs.
2016-03-09 15:05:36 +01:00
Mikael Nordfeldth
d179afa303
Save allowed path/qstring/fragment characters in constants
2016-03-09 14:51:52 +01:00
Mikael Nordfeldth
43abfe659b
Bump beta number to 4
...
We have better webfinger @mention@capability.example at least and
OpportunisticQM is somewhat refined.
2016-01-30 00:04:18 +01:00
Mikael Nordfeldth
7e6783bb8f
Replace htmLawed with HTMLPurifier
2016-01-28 19:01:13 +01:00
Mikael Nordfeldth
de7e8c59e8
Version bump since we've fixed a lot of bugs
2016-01-04 02:19:37 +01:00
Mikael Nordfeldth
5b847eff12
bump beta version number
2015-11-23 00:42:13 +01:00
Mikael Nordfeldth
aba38d5586
bump to 1.2.0-beta1 as we have remote delete functionality now
2015-10-03 12:39:23 +02:00
Mikael Nordfeldth
0e24709989
Profile/Peopletag file splitting for autoload
2015-09-27 22:51:50 +02:00
Mikael Nordfeldth
84a65c7189
Include PHP libraries from system if not packaged and they are installed.
...
Thanks to:
"Bhuvan Krishna" <bhuvan@swecha.net>
"Sunil Mohan" <sunil@medhas.org>
2015-09-03 17:56:11 +02:00
Mikael Nordfeldth
673bef2fda
OAuth widgets separated into their own files
2015-07-16 18:52:43 +02:00
Mikael Nordfeldth
e439ace944
bump alpha number to ease remote debugging help
2015-07-11 01:00:04 +02:00