Commit Graph

3799 Commits

Author SHA1 Message Date
Mikael Nordfeldth
db7ef52d13 Better use of Nickname validation functions
Nickname verifications on registration and updates for profiles (not yet
groups) have been improved.

Minor bugs in RegisterAction were also fixed, where multiple forms would
be outputed because the function did not return after showForm(). This
will be solved more permanently with throwing exceptions in the future.
2013-10-16 15:38:54 +02:00
Mikael Nordfeldth
f46d675a20 GNU social is with a minor s. 2013-10-15 00:20:36 +02:00
Mikael Nordfeldth
a8bcdc905f common_sql_now() is recommended before DB_DataObject_Cast::dateTime() 2013-10-14 13:42:27 +02:00
Mikael Nordfeldth
390556d932 Remote Profile Action from ModPlus now more generic 2013-10-08 21:08:02 +02:00
Mikael Nordfeldth
8912cdc7a4 Validate::uri replaced with filter_var for HTTP[S] URL checks
Also, a bug in checking the OAuth callback URL for validity was fixed,
where it referenced the wrong variable when going through form data.
2013-10-07 14:46:09 +02:00
Mikael Nordfeldth
34a6624452 Qvitter API changes (thanks hannes2peer)
I implemented changes from quitter.se's new API that their front-end qvitter
uses, https://github.com/hannesmannerheim/qvitter/blob/master/api-changes-1.1.1/CHANGES

However I left out the URL shortening commens, since I believe whatever behaviour
they experienced that caused them to implement this was a bug (or many) and should
be fixed in their proper areas and that shortening should not be entirely left
out in API calls.
2013-10-06 21:51:50 +02:00
Mikael Nordfeldth
fb94a16217 Moved Avatar retrieval into Avatar class
Backwards compatible functions are still in Profile class.
2013-10-06 15:55:06 +02:00
Mikael Nordfeldth
78f9629bf3 Moved shareLocation preference check to Profile class 2013-10-06 13:38:09 +02:00
Mikael Nordfeldth
cc34bb48c7 OAuth related syntax fixes, nothing big
Making better use of class autoloading too.
2013-10-06 12:43:18 +02:00
Mikael Nordfeldth
64dbd93534 Some PHP strict warning fixes 2013-10-06 03:37:12 +02:00
Mikael Nordfeldth
1c042028dc PCRE modifier /e is deprecated in favour of preg_replace_callback() 2013-10-06 03:27:16 +02:00
Mikael Nordfeldth
4cfd0d24c1 Group logos would not be fetched
update_ostatus_profiles.php did this correctly, but not Ostatus_profile.php
2013-10-06 01:33:27 +02:00
Mikael Nordfeldth
ba481d1e31 LOG_WARNING, not LOG_WARN 2013-10-06 01:33:10 +02:00
Mikael Nordfeldth
48da97f204 MediaFile code improvements, preparing to implement multi-attachments
Maybe in the future we can use this for anonymous file uploads too?
With some kind of anonymous/pseudonymous profile. That'd be neat.
2013-10-05 18:47:45 +02:00
Mikael Nordfeldth
8fdc999be4 IM/XMPP Plugin classes use throwing getParent 2013-10-05 12:30:52 +02:00
Mikael Nordfeldth
e1b5798ba4 Merge-request 3 by pztrn, IM reply more intuitive 2013-10-05 11:36:03 +02:00
Mikael Nordfeldth
d1558a1d8b Fix Avatar-unlink plus better logging in TwitterImport 2013-10-05 11:32:43 +02:00
pztrn
9824b00f4b Adopted merge request #232 from statusnet to gnusocial 2013-10-05 12:36:48 +04:00
Mikael Nordfeldth
1795267df9 Latest phpseclib stuff and moved into its own dir.
Source: https://github.com/phpseclib/phpseclib/
Commit: 77447a3fc7869773007fa3beeb8d6f8de842ec2a

There were bugs.
2013-10-05 00:22:14 +02:00
Mikael Nordfeldth
fb4e9b234d Twitter Import improvements. Still buggy?
Apparently mrvdb has problems with duplicate inserts and missing files when
unlinking. It could be due to coding, or it could be due to parallelizing.
2013-10-04 13:36:45 +02:00
Mikael Nordfeldth
cd6fa512ac Twitter Import + avatar fixes (cleaning up + fixing)
...there was also a typo in OstatussubAction ($avatarUrl not defined)
2013-10-03 15:28:51 +02:00
Mikael Nordfeldth
39f43e415d Do not name anything getOriginal (because DB_DataObject calls that)
Avatar->getOriginal has been renamed getUploaded
Notice->getOriginal has been renamed getParent
2013-10-02 15:01:11 +02:00
Mikael Nordfeldth
ba5e90164c Plugin onAutoload replaces _ with / in lib paths, this renames some classes. 2013-10-02 14:07:53 +02:00
Mikael Nordfeldth
b0dfc70a54 Properly unlink all old avatars when deleting/uploading a new
We're also now using $config['image']['jpegquality'] to determine the
quality setting for resized images.

To set Avatar max size, adjust $config['avatar']['maxsize']

The getAvatar call now throws exceptions too. Related changes applied.
Now let's move Profile->avatarUrl to the Avatar class!
2013-10-01 17:00:10 +02:00
Mikael Nordfeldth
a7e748479c Fixed regression in OStatus sub from WebFinger/XML_XRD update
XML_XRD::getAll requires arguments (at least relation). If one really
want all links, just get the 'links' array. It's public!

Also, not all XML_XRD_Element_Link were migrated from the previous
array style.
2013-09-30 23:33:28 +02:00
Mikael Nordfeldth
a23c4aa236 Avatar resizing improvements and better code reuse
* getOriginal added to Avatar class
    This is a static function that retrieves the original avatar in a leaner
    way than Profile->getOriginalAvatar() did (see below).
    This will throw an Exception if there was none to be found.

* getProfileAvatars added to Avatar class
    This gets all Avatars from a profile and returns them in an array.

* newSize added to Avatar class
    This will scale an original avatar or throw an Exception (originally from
    Avatar::getOriginal) if one wasn't found.

* deleteFromProfile added to Avatar class
    Deletes all avatars for a Profile. This makes the code much smarter when
    removing all avatars from a user.
    Previously only specific, hardcoded (through constants) sizes would be
    deleted. If you ever changed lib/framework.php then many oddsized avatars
    would remain with the old method.

* Migrated Profile class to new Avatar::getOriginal support
    Profile class now uses Avatar::getOriginal through its own
    $this->getOriginalAvatar and thus remains backwards compatible.

* Updating stock GNU Social to use Avatar::getOriginal
    All places where core StatusNet code used the
    $profile->getOriginalAvatar, it will now useAvatar::getOriginal with
    proper error handling.

* Updated Profile class to use Avatar::newSize
    When doing setOriginal, the scaling will be done with the new method
    introduced in this merge.
    This also edits the _fillAvatar function to avoid adding NULL values to
    the array (which causes errors when attempting to access array entries as
    objects). See issue #3478 at http://status.net/open-source/issues/3478
2013-09-30 22:23:03 +02:00
Mikael Nordfeldth
a0e107f17f Implemented WebFinger and replaced our XRD with PEAR XML_XRD
New plugins:
* LRDD
    LRDD implements client-side RFC6415 and RFC7033 resource descriptor
    discovery procedures. I.e. LRDD, host-meta and WebFinger stuff.

    OStatus and OpenID now depend on the LRDD plugin (XML_XRD).

* WebFinger
    This plugin implements the server-side of RFC6415 and RFC7033. Note:
    WebFinger technically doesn't handle XRD, but we serve both that and
    JRD (JSON Resource Descriptor), depending on Accept header and one
    ugly hack to check for old StatusNet installations.

    WebFinger depends on LRDD.

We might make this even prettier by using Net_WebFinger, but it is not
currently RFC7033 compliant (no /.well-known/webfinger resource GETs).

Disabling the WebFinger plugin would effectively render your site non-
federated (which might be desired on a private site).

Disabling the LRDD plugin would make your site unable to do modern web
URI lookups (making life just a little bit harder).
2013-09-30 22:04:52 +02:00
Joshua Judson Rosen
44f7ad612a Correctly distribute notices from remote posters through local groups to remote group-members via OStatus.
Allow the OStatus queue-handler to handle all posts,
and give it the smarts required to make correct decisions
about whether it should or shouldn't relay notices
over OStatus.
cf. http://status.net/open-source/issues/3540

Conflicts (staticGet => getKV):

	plugins/OStatus/lib/ostatusqueuehandler.php
2013-09-29 23:19:11 +02:00
Joshua Judson Rosen
9844ec76e9 Make the ForceGroup plugin work consistently for notices from remote users. 2013-09-29 23:12:40 +02:00
Joshua Judson Rosen
8e5d58fe2a Make paging work correctly in the user-directory
even with the default filter set (i.e.: `all' = `no filter', so intrepret `filter=all' as `no filter').
2013-09-29 23:10:40 +02:00
Mikael Nordfeldth
981295f44c Autocomplete action must exist on user registration
No need to restrict the autocomplete suggestion system to logged in users.
It only botched the registration process, because the 'autocomplete' action
had not been connected in the routing system.
2013-09-29 15:28:25 +02:00
Mikael Nordfeldth
633191d808 Making sure scripts and tests check for GNUSOCIAL defined (instead of STATUSNET)
Orbited plugin may not work at all anymore, I had no means to try it.
But there's a check whether 'LACONICA' is defined there, which is a
very unlikely thing in the future. So far only tests and scripts have
been migrated consistently, though.
2013-09-28 15:20:10 +02:00
Mikael Nordfeldth
64df40e409 Filling in missing endHTML calls for Action AJAX
This completes 1c6f9df80e where a lot
of other functions were fixed (by conforming to startHTML and endHTML)
2013-09-24 02:32:17 +02:00
Mikael Nordfeldth
f7719b57f2 phpseclib extlib updated from phpseclib.sf.net 2013-09-24 02:09:37 +02:00
Mikael Nordfeldth
1c6f9df80e PHP5.5 fix: Better use of startXML for Action classes (mostly AJAX)
I had a problem with PHP5.5 that caused ajax responses to be empty. This
fixes it, as the problem was related to pretty inconsistent calling to
headers, XMLWriter::startDocument etc. etc.
2013-09-24 01:18:33 +02:00
Mikael Nordfeldth
8205c56e25 Stylesheet event now removed of StatusNet-remnants 2013-09-23 22:13:12 +02:00
Mikael Nordfeldth
5f1fea1488 FavorAction upgraded to extend FormAction
Includes some minor changes to other things as well, such as the session
token input element now having the same 'name' attribute as everyone else.
(it still retains a 'token-'+noticeid 'id' attribute for clientside JS)
2013-09-23 13:06:09 +02:00
Mikael Nordfeldth
f711f9ee75 Fixed regression in bookmark.js that caused double-submits (jquery 2.x stuff)
In 6de3fc0217 bookmark.js was patched to
jquery 2.x (removed '.die' call) but unfortunately the 'submit' event
was attached to an input element instead of a form element (which got
a 'click' event).
2013-09-23 12:07:37 +02:00
Mikael Nordfeldth
63306081bc Subscription "get by" functions now don't use ArrayWrappers
They were getting in the way of some strict-typing stuff.
2013-09-21 18:38:14 +02:00
Mikael Nordfeldth
93e878d7ca Make better use of Subscription class
removed lib/subs.php as it was essentially only a wrapper for Subscription
2013-09-19 17:29:05 +02:00
Mikael Nordfeldth
8935a2f866 Autocomplete migrated to jquery-ui autocomplete
No longer bundled with the library (as jquery-ui is bundled with the
main software, including the autocomplete part).

Rewrites had to be made to migrate, as several API things had changed
when jquery-ui took over the library.

Currently (like before, right?) this only autocompletes in the end of
the current textarea. So you can't jump back in the middle of a text
and autocomplete a user or group. This is a serious deficiency, though
not a regression.
2013-09-16 22:10:08 +02:00
Mikael Nordfeldth
83b852312a Events on user registrations now strictly typed 2013-09-14 18:37:05 +02:00
Mikael Nordfeldth
6de3fc0217 jquery 2.x update related fix (.die no longer defined) 2013-09-14 13:41:04 +02:00
Mikael Nordfeldth
dfa1b15dd6 Changing js .live calls to .on for jquery 2.x 2013-09-10 18:52:09 +02:00
Mikael Nordfeldth
a9c4bcd71f Removing unnecessary require_once lines (autoload!) 2013-09-09 23:06:56 +02:00
Mikael Nordfeldth
747fe9d59b Tidying up getUser calls to profiles and some events
getUser calls are much more strict, and one place where this was found was
in the (un)subscribe start/end event handlers, which resulted in making the
Subscription class a bit stricter, regarding ::start and ::cancel at least.
Several minor fixes in many files were made due to this.

This does NOT touch the Foreign_link function, which should also have a more
strict getUser call. That is a future project.
2013-09-09 23:03:34 +02:00
Mikael Nordfeldth
bd24ab6855 Fixed comment description in STS plugin 2013-08-29 16:20:43 +02:00
Mikael Nordfeldth
07ca304c65 Changes to GNUsocial plugins
These aren't ready for production use. Might be insecure, probably broken.
2013-08-29 16:18:56 +02:00
Mikael Nordfeldth
f042eea956 removing empty "planned" GNU Social plugins 2013-08-29 16:11:32 +02:00
Mikael Nordfeldth
79e3acf0f0 Moved multiGet into Managed_DataObject 2013-08-29 10:38:11 +02:00
Mikael Nordfeldth
cb94a29e84 Syntax error in XMPP config example 2013-08-28 18:00:23 +02:00
Mikael Nordfeldth
de55d8f83b plugins onAutoload now only overloads if necessary (extlibs etc.)
lib/plugin.php now has a parent onAutoload function that finds most common
files that are used in plugins (actions, dataobjects, forms, libs etc.) if
they are put in the standardised directories ('actions', 'classes', 'forms',
'lib' and perhaps some others in the future).
2013-08-28 16:10:30 +02:00
Mikael Nordfeldth
40fe10e002 Woops, forgot auto_increment (comes with 'serial')
There are still some classes not ported (like Yammer import)
2013-08-21 15:02:44 +02:00
Mikael Nordfeldth
4fab7a9d8b GNU Social extensions fixes (please read note)
These extensions are not considered secure nor stable right now, so don't
use them for a while.
2013-08-21 14:33:07 +02:00
Mikael Nordfeldth
0bbcfa7bdf IMPORTANT - fixed HubSub to properly fetch primary keys
In commit e95f77d34c HubSub lost the
'staticGet' function in a consolidation into the Managed_DataObject class.
This was done carelessly by me as HubSub::staticGet was actually taking
two arguments, none of which was a key and merging them in HubSub::hashkey()
(staticGet was renamed getKV 2a4dc77a63).

NOTE: This complements commit 7e4718a4eb which
fixed a similar issue for the Magicsig class.
2013-08-21 11:25:08 +02:00
Mikael Nordfeldth
66997f2bec OStatus classes now has modern schemaDef 2013-08-21 11:01:31 +02:00
Mikael Nordfeldth
3a7261f70a IMPORTANT: Making prev. Memcached_DataObject working again with schemaDef
Lots of the Memcached_DataObject classes stopped working when upgraded to
Managed_DataObject because they lacked schemaDef().

I have _hopefully_ made it so that all the references to the table uses
each class' schemaDef, rather than the more manual ColumnDef stuff. Not
all plugins have been tested thoroughly yet.

NOTE: This is applied with getKV calls instead of staticGet, as it was
important for PHP Strict Standards compliance to avoid calling the non-
static functions statically. (unfortunately DB and DB_DataObject still do
this within themselves...)
2013-08-21 09:48:42 +02:00
Mikael Nordfeldth
6f4c572389 Unnecessary UTF-8 declaration for database 2013-08-20 09:43:23 +02:00
Mikael Nordfeldth
e40044e2fa Further static declarations of functions
Validate could probably be replaced with filter_var if desired (PHP>=5.2.0)
2013-08-19 14:26:44 +02:00
Mikael Nordfeldth
d5f82bb051 Class wasn't used anywhere, and file contained wrong class 2013-08-19 14:09:57 +02:00
Mikael Nordfeldth
7e4718a4eb IMPORTANT - fixed Magicsig to properly overload getKV (prev. staticGet)
In commit e95f77d34c Magicsig lost the 'staticGet' function (later renamed to getKV in 2a4dc77a63 ), which was important to properly initialize the Magicsig object (fromString)
2013-08-18 19:07:18 +02:00
Mikael Nordfeldth
861e838add pkeyGet is now static and more similar to getKV
Memcached_DataObject now defines
   * pkeyGetClass to avoid collision with Managed_DataObject pkeyGet
   * getClassKV to avoid collision with Managed_DataObject getKV
2013-08-18 15:42:51 +02:00
Mikael Nordfeldth
1710a619a8 Magicsig class now Managed_DataObject with nicer schemaDef 2013-08-18 15:31:18 +02:00
Mikael Nordfeldth
ade2bdc31b Bookmark class now has schemaDef (for Managed_DataObject) 2013-08-18 15:03:06 +02:00
Mikael Nordfeldth
2a4dc77a63 The overloaded DB_DataObject function staticGet is now called getKV
I used this hacky sed-command (run it from your GNU Social root, or change the first grep's path to where it actually lies) to do a rough fix on all ::staticGet calls and rename them to ::getKV

   sed -i -s -e '/DataObject::staticGet/I!s/::staticGet/::getKV/Ig' $(grep -R ::staticGet `pwd`/* | grep -v -e '^extlib' | grep -v DataObject:: |grep -v "function staticGet"|cut -d: -f1 |sort |uniq)

If you're applying this, remember to change the Managed_DataObject and Memcached_DataObject function definitions of staticGet to getKV!

This might of course take some getting used to, or modification fo StatusNet plugins, but the result is that all the static calls (to staticGet) are now properly made without breaking PHP Strict Standards. Standards are there to be followed (and they caused some very bad confusion when used with get_called_class)

Reasonably any plugin or code that tests for the definition of 'GNUSOCIAL' or similar will take this change into consideration.
2013-08-18 13:13:56 +02:00
Mikael Nordfeldth
e95f77d34c Updating all Memcached_DataObject extended classes to Managed_DataObject
In some brief tests, this causes no problems.

In this state however, you would need to modify DB_DataObject to have a static declaration of staticget (and probably pkeyGet). The next commit will change the staticGet overload to a unique function name (like getKV for getKeyValue), which means we can properly call the function by PHP Strict Standards.
2013-08-18 12:32:32 +02:00
Mikael Nordfeldth
c36608b233 Some statically called functions in plugins now declared statically 2013-08-18 11:18:45 +02:00
Mikael Nordfeldth
6c4c4319ef Plugins with classes that extend Managed_DataObject get better code reuse
The switch to having a function in Managed_DataObject is now being applied
to plugins which can use this as well.

There are some plugins that still use Memcached_DataObject, but these will
be taken care of later.
2013-08-12 20:00:01 +02:00
Mikael Nordfeldth
f11d157b8b visual presentation of group's homepage href was its local stream url 2013-08-12 13:04:44 +02:00
Mikael Nordfeldth
e47d9ad50d Added author name to modified file 2013-08-12 12:57:47 +02:00
Mikael Nordfeldth
7eecd93473 _m function for translation seems to be what we use 2013-08-12 12:56:44 +02:00
Mikael Nordfeldth
2e8b729503 Issue 3636 request clarity for users without validated emails on instances with RequireValidatedEmail active 2013-08-12 12:56:40 +02:00
Mikael Nordfeldth
1095f7a935 new plugin to check, store and migrate password hashes to crypt() 2013-08-12 12:54:51 +02:00
Mikael Nordfeldth
3ad3535cd8 Merge commit 'refs/merge-requests/230' of git://gitorious.org/statusnet/mainline into merge-requests/230 2013-08-12 12:37:46 +02:00
Mikael Nordfeldth
f79aec36fe Merge remote-tracking branch 'statusnet/master'
This merges GNU Social with current development of StatusNet. The only conflicts were some documentation, where GNU Social's versions were retained.

Conflicts:
	doc-src/about
	doc-src/faq
	plugins/OpenID/doc-src/openid
2013-08-12 12:23:17 +02:00
Evan Prodromou
3fc1d245a1 Merge 1.1.x into master 2013-07-16 10:57:06 -07:00
Jean Baptiste Favre
f1a3d5a386 PHP 5.4 Fix GetValidDaemons function definition for Xmpp & TwitterBridge plugins 2013-06-19 13:25:28 +02:00
Jean Baptiste Favre
c23efdbdb0 PHP 5.4 compatibility: remove call-time pass by reference 2013-06-19 11:16:05 +02:00
Jean Baptiste Favre
707dd44f6b Merge commit 'merge-requests/192' into statusnet_1.1.x 2013-06-15 20:11:24 +02:00
Jean Baptiste Favre
1b39f89b96 Add configuration check. Need 'server', 'port', 'user' and 'password' to be defined (not valid, just defined). 2013-06-15 18:59:17 +02:00
Jean Baptiste Favre
b8a69d023b Add basic support for GetValidDaemon event. Shall be extended with configuration check. 2013-06-15 18:59:16 +02:00
Jean Baptiste Favre
93c8969a27 Remove alone 'groups' link on the left side. Useless I guess. 2013-06-15 18:41:04 +02:00
Jean Baptiste Favre
5a0f17933b Display notices for remote profile. Would like to hide avatar like in local profile but did not found how to do it. 2013-06-15 18:41:04 +02:00
Jean Baptiste Favre
d48076253b Fix error 'No matches for action subscriptions with arguments nickname...' when displaying remote profile. 2013-06-15 18:41:04 +02:00
Jean Baptiste Favre
d36f443666 Bookmark plugin enhancement: display Bookmark's list. Integration of @chimo's work (http://http://sn.chromic.org/) from https://github.com/chimo/BookmarkList into official plugin. 2013-06-15 18:31:05 +02:00
Jean Baptiste Favre
246e840dd3 Fix INSTALLDIR constant definition. 2013-06-15 15:20:19 +02:00
Jean Baptiste Favre
dfafab6c4f Fix for #3463. Make InfiniteScroll plugin use config['plugins']['server'] if defined to build ajax-loader.gif URL 2013-06-15 13:13:15 +02:00
Jean Baptiste Favre
b05130bfb8 Fix missing variable in InfiniteScrollPlugin class. Fix issue #3525 2013-06-15 13:12:19 +02:00
Jean Baptiste Favre
d211348dae Makes ClientSideShorten loading shorten.js from config['plugins']['server'] if setted. Fix #3528 2013-06-15 12:34:25 +02:00
Jean Baptiste Favre
80da81ba14 Get rid of t.co links for notice's text version. Usefull for client using API. Complements merge-request #205 by @mmn 2013-06-15 11:30:17 +02:00
Jean Baptiste Favre
108aa5c467 Replace t.co links with expanded one provided by Twitter. Can still be a shortened one & will be done only for HTML view, but still a start. Backport of merge_requests/205. 2013-06-15 11:29:09 +02:00
Jean Baptiste Favre
f18b516c7a Get rid of t.co links for notice's text version. Usefull for client using API. Complements merge-request #205 by @mmn 2013-06-14 23:28:44 +02:00
Jean Baptiste Favre
f726c6b23f Makes TwitterBridge plugin use Twitter API 1.1 instead of API 1 which is deprecated and will be switched off soon 2013-02-18 23:22:45 +01:00
Jean Baptiste Favre
a10a34a3cf Make TwitterBridge plugin use Queueing system 2013-02-18 23:22:08 +01:00
Jean Baptiste Favre
dd97468c72 Add Twitter mention import support 2013-02-18 23:16:06 +01:00
Evan Prodromou
0c694e16a5 Check that it's spam! 2013-02-13 10:55:32 -05:00
Evan Prodromou
cc98a0b76f show percentage in output 2013-02-13 10:04:43 -05:00
Evan Prodromou
bcba3e68a3 Updates to silencespammer from production 2013-02-13 10:01:09 -05:00
Evan Prodromou
0362ba7e32 Script to silence spammers 2013-02-13 09:50:53 -05:00
Evan Prodromou
35499a9952 Add a flag to not deliver poll responses to home timeline
Some people really hate getting poll responses in their home timeline,
so there's now a flag to disable that.
2012-11-06 10:25:39 -05:00