Currently only one custom theme may be uploaded per site, saved with the name 'custom' and stored into the local/themes subdirectory.
Administrators can upload a .ZIP archive containing a theme through the design admin panel; its contents are validated to ensure that only legit files are saved, and a 5M size quota is enforced.
Theme upload requires the zip extension for PHP; if not present, theme uploading is disabled by default.
Uploading and the custom CSS can be controlled via $config['theme_upload']['enabled'] and $config['custom_css']['enabled'].
Configurable directory/path/server for 'local' subdirectory (currently only as used for themes; local plugins not yet switched over)
Can set $config['local']['dir'] etc; not currently exposed in the admin panels.
Per-site directories on a separate themes server could be set up such as:
$config['local']['dir'] = '/path/to/themes/local/' . $_nickname;
$config['local']['server'] = 'themes.example.com';
$config['local']['path'] = '/local/' . $_nickname;
$config['local']['ssl'] = 'never';
Fixed typo in RedirectingAction when no return-to data provided in form submission.
RedirectingAction::returnToArgs() has been renamed to returnToPrevious() to avoid conflict with Action::returnToArgs() which returns arguments to be passed to other actions as return-to arguments. All callers should now be updated.
More profile settings actions will now redirect through a login form if visited as a GET request, as would be expected from a bookmark, link sent in e-mail etc.
The forms would already submit to SSL, but people are happier if they start on a secure page!
Note: this really should be done for sensitive/all URLs in index.php, but it seems a bit awkward to reconstruct the SSL version of the link atm. Cleanup todo!
* Fake_XMPP back to Queued_XMPP, refactor how we use it and don't create objects and load classes until we need them.
* fix fatal error in IM settings while waiting for a Jabber confirmation.
* Caching fix for user_im_prefs
* fix for saving multiple transport settings
* some fixes for AIM & using normalized addresses for lookups
Users and administrators can set how long an URL can be before it's
shortened, and how long a notice can be before all its URLs are
shortened. They can also turn off shortening altogether.
Squashed commit of the following:
commit d136b39011
Author: Evan Prodromou <evan@status.net>
Date: Mon Apr 26 02:39:00 2010 -0400
use site and user settings to determine when to shorten URLs
commit 1e1c851ff3
Author: Evan Prodromou <evan@status.net>
Date: Mon Apr 26 02:38:40 2010 -0400
add a method to force shortening URLs
commit 4d29ca0b91
Author: Evan Prodromou <evan@status.net>
Date: Mon Apr 26 02:37:41 2010 -0400
static method for getting best URL shortening service
commit a9c6a3bace
Author: Evan Prodromou <evan@status.net>
Date: Mon Apr 26 02:37:11 2010 -0400
allow 0 in numeric entries in othersettings
commit 767ff2f7ec
Author: Evan Prodromou <evan@status.net>
Date: Mon Apr 26 02:36:46 2010 -0400
allow 0 or blank string in inputs
commit 1e21af42a6
Author: Evan Prodromou <evan@status.net>
Date: Mon Apr 26 02:01:11 2010 -0400
add more URL-shortening options to othersettings
commit 869a6be0f5
Author: Evan Prodromou <evan@status.net>
Date: Sat Apr 24 14:22:51 2010 -0400
move url shortener superclass to lib from plugin
commit 9c0c9863d5
Author: Evan Prodromou <evan@status.net>
Date: Sat Apr 24 14:20:28 2010 -0400
documentation and whitespace on UrlShortenerPlugin
commit 7a1dd5798f
Author: Evan Prodromou <evan@status.net>
Date: Sat Apr 24 14:05:46 2010 -0400
add defaults for URL shortening
commit d259c37ad2
Author: Evan Prodromou <evan@status.net>
Date: Sat Apr 24 13:40:10 2010 -0400
Add User_urlshortener_prefs
Add a table for URL shortener prefs, a corresponding class, and the
correct mumbo-jumbo in statusnet.ini to make everything work.
I added the statusnet: prefix to the xml output. This prefix should
be declared on the root element of all relevant XML output.
I also added two StatusNet-specific fields:
* statusnet:html - rendered HTML. Clients shouldn't have to guess
at the correct HTML rendering for notices, especially since some
of the links depend on context.
* statusnet:profile_url - profile URL for a user. You can't count
on a user being a local user in a distributed microblogging world.
So, this shows the explicit profile_url.
Fixed a few inconsistencies in the process. Apparently this code has been copied to imsettings.php, and some cases of 'email' had not been changed to 'IM'. Added FIXME for using globals/macros (?) in messages like "%%site.name%%". For easier/more consistent translation, this should preferably be plain %s parameters.
Note that much of that form is duplicated several times for Twitter, Facebook, and OpenID registrations -- these need to be refactored to avoid having multiple out-of-sync copies of code and messages.
Note that much of that form is duplicated several times for Twitter, Facebook, and OpenID registrations -- these need to be refactored to avoid having multiple out-of-sync copies of code and messages.
Refactored some of the returnto handling code. It looks like we have several different ways of handling this in the software, icky!
Marked the session-based functions with fixmes (they'll stomp on other forms when multiple tabs/windows are used) and combined some commonish bits of code between ProfileFormAction and the group block & makeadmin actions where they're using hidden form parameters. Extended that to allow passing dynamic parameters (eg 'page') as well as static ones (action, target user/group).
Setting focus into the form to make it easier to submit by keyboard. Enter or space will now trigger the button right off without having to mouse around to find the button after we've clicked into the conf form, and keyboarders can also get to the 'no' button more easily.
Setting focus into the form to make it easier to submit by keyboard. Enter or space will now trigger the button right off without having to mouse around to find the button after we've clicked into the conf form, and keyboarders can also get to the 'no' button more easily.
Conflicts:
actions/imsettings.php
lib/jabber.php
Made a quick attempt to merge the new JID validation into the XmppPlugin, have not had a chance to test that version live yet.
Should also move over the test cases.
This reverts commit 260f00d60b.
As mentioned in
260f00d60b (comment_8367)
Reverting this merge until the bugs are fixed and there is a general
agreement on the need for this enhancement.
Basic splitting/validation code submitted via http://status.net/wiki/XMPP/JID_validation -- Copyright 2009 Patrick Georgi <patrick@georgi-clan.de> Licensed under ISC-L, which is compatible with everything else that keeps the copyright notice intact.
Added PEAR Net_IDNA package to extlib to handle IDN normalization (also used by Validate's email verifier if present).
* added test suite, supplemented my own test cases with JID validation and normalization test cases from libpurple
* follows XMPP rules for validation of name part
* fixes for normalization with non-ASCII names
* will do domain checks if $config['email']['check_domain'] is on, checking for an XMPP-server SRV record or any lookup. (We don't actually need to ping those direct though.)
* some more obscure stringprep validation rules aren't quite followed yet, but we err on the side of permissiveness.
* we still don't actually let you save your address with a resource on it, as we strip resources when looking up users who've sent us presence or message updates. I would recommend saving the outgoing resource as a separate field if/when we add that..?
* respect count instead of listing all groups
* respect page parameter
* don't spew notice on undefined $id
* don't spew notice on undefined $group->homepage_url (dropped the element since there's nothing to go in it)
* respect count instead of listing all groups
* respect page parameter
* don't spew notice on undefined $id
* don't spew notice on undefined $group->homepage_url (dropped the element since there's nothing to go in it)
While deletion is in progress, the account is locked with the 'deleted' role, which disables all actions with rights control.
Todo:
* Pretty up the notice on the profile page about the pending delete. Show status?
* Possibly more thorough account disabling, such as disallowing all use for login and access.
* Improve error recovery; worst case is that an account gets left locked in 'deleted' state but the queue jobs have gotten dropped out. This would leave the username in use and any undeleted notices in place.
Now using the correct order consistently (URL, then URI if http/s), and as a niceness measure skipping the redirect if the only URL we have stored is the local one. (Could happen if remote OStatus feed has tag URIs and no alt link.)
- switch 'en_US' to 'en', fixes the "admin panel switches to Arabic" bug
- tweak setting descriptions to clarify that most of the time we'll be using browser language
- add a backend switch to disable language detection (should this be exposed to ui?)
* 'testing' of gitorious.org:statusnet/mainline:
init_conversation.php script to copy old notice conversations into the conversation table
cache results of webfinger lookups
Parse an hcard for hints, if available
use new hcard method for webfinger
add hkit for hCard parsing
use new dedicated hcard method for Webfinger profile
Add an hcard action
A dedicated hcard action for users. Our profile page includes
an hcard, but it's so full of other hcards that it's ambiguous which
one is the "real" one. So, this one make sense for meaning, "This is
my hcard."
- fix <activity:subject> generation so we get the profile info (what's available so far)
- use id instead of nickname for group join/leave forms so we can join/leave remote groups
while the rest of the groups UI remains limited to local groups
(plugins are responsible for making sure remote notifications and permission checks are done)
- fix remote notification when joining group through OStatus's remote subscribe form
I removed the check for local users in the subscribe button. I replaced
it with a more specific check for OMB 0.1 remote profiles, which you
can't use with this action.
I also took the opportunity to split the handle() method into
prepare() and handle(), and added PHPCS clean documentation.
- added rel="ostatus:attention" links for group delivery
- added events for plugins to override group profile/permalink pages
- pulled Notice::saveGroups up to save-time so we can override;
it's relatively cheap and gives us a clean list of target
groups for distrib time even with customized delivery.
- fixed notice::getGroups to return group objects as expected
- added some doc on new parameters to Notice::saveNew
- 'groups' list of group IDs to push to in place of parsing
- messages that come in via PuSH and contain local group targets
are delivered to local group members
- messages that come in via PuSH and contain remote group targets
are delivered to local members of the remote group
Todo:
- handle group posts that only come through Salmon
- handle conflicts in case something comes in both through Salmon and PuSH
- better source verification
- need a cleaner interface to look up groups by URI
- need a way to handle remote groups with conflicting names
I changed the way that tag: URIs are minted, so we now use the right
base. Ideally most of these would use HTTP URIs instead, but for
now at least they use the right base.
* detection of group feeds is currently a nasty hack based on presence of '/groups/' in URL -- should use some property on the feed?
* listing for the remote group is kinda cruddy; needs to be named more cleanly
* still need to establish per-author profiles (easier once we have the updated Atom code in)
* group delivery probably not right yet
* saving of group messages still triggering some weird behavior
Added support for since_id and max_id on group timeline feeds as a free extra. Enjoy!
* 'testing' of gitorious.org:statusnet/mainline:
Pull GeoRSS locations over OStatus feeds
Allow scripts/decache.php to blow out cache for objects that don't exist (anymore).
OStatus cleanup...
readme and version for beta5
Delete old Twitter user record when user changes screen name instead of updating. Simpler.
Store Twitter screen_name, not name, for foreign_user.nickname when saving Twitter user.
Actually store the timestamp on each nonce
OAuth app name should not be null
Fix issue with OAuth request parameters being parsed/stored twice when
- Fix cache handling in TwitterStatusFetcher
Added right margin for notice text. Helps Conversation notices look
Confirm dialog for reset OAuth consumer key and secret button
Always check for an OAuth request. This allows OAuth clients to set an
Linkify notice source when posting from registered OAuth apps
Suppress notice input box on OAuth authorization page
Better token revocation
Allow developers to delete OAuth applications
OAuth app names should be unique.
Prevents app statistic text from wrapping around avatar
Sentence case for app statistics
* Treat linkless feed posts as status updates; drop the "New post:" prefix and quotes on them.
* Use stable user IDs for atom/rss2 feed links instead of unstable nicknames
* Pull Atom feed preferentially when subscribing -- can now put the remote user's profile page straight into the feed subscription form and get to the right place.
* Clean up naming for push endpoints
* renamed FeedSub plugin to OStatus
* now setting avatar on subscriptions
* general fixes for subscription
* integrated PuSH hub to handle only user timelines on canonical ID url; sends updates directly
* set $config['feedsub']['nohub'] = true to test w/ foreign feeds that don't have hubs (won't actually receive updates though)
* a few bits of code documentation
* HMAC support for verified distributions (safest if sub setup is on HTTPS)
And a couple core changes:
* minimizing HTML output for exceptions in API requests to aid in debugging
* fix for rel=self link in apitimelineuser when id given
This does not not yet include any of the individual subscription management (Salmon notifications for sub/unsub, etc) nor a nice UI for user subscriptions.
Needs some further cleanup to treat posts as status updates instead of link references.
Defaulting to only looking at last 90 days of activity, can be adjusted up or down.
$config['tag']['cutoff'] = 86400 * 90;
$config['popular']['cutoff'] = 86400 * 90;
Per-user and per-group tag clouds do not use the cutoff (and it doesn't help with indexing on them).
Adds a robots.txt file to the site root. Defaults defined by
'robotstxt' section of config. New events StartRobotsTxt and
EndRobotsTxt to let plugins add information. Probably not
useful if path is not /, but won't hurt anything, either.
* testing: (130 commits)
HTTP auth provided is evaluated even if it's not required
Rename rc3to09.sql to rc3torc4.sql to avoid confusion if we add a last-minute change after this!
Add new oauth tables and modifications to 'consumer' table for rc4
Centred leaderboard ad
camelcase the uap param names
move leaderboard to after the header
Moved rectangle ad into aside and leaderboard to the right in header.
Aligning wide skyscraper to the right instead of left
CSS ids and classes fixed in UAPPlugin
wrong height for rectangle in BlankAd
Add the moved BlankAdPlugin
make BlankAd dir and change to use a 1x1 image
move BlankAdPlugin to its own dir
Add BlankAdPlugin to test ad layout in different themes
make uapplugin an abstract class
move UAP plugin to core
Lowercased switch cases in UAP Plugin
Plugin for Universal Ad Package. Outputs four most widely used ad types.
Add persistent:true property to Stomp messages so ActiveMQ doesn't decide to discard them even though persistence is enabled on the broker. :) (Thanks Aric!)
quick fix: use common_path() on realtime update JS so it works with the new JS path code (will pull from main server for now)
...
Conflicts:
actions/apioauthaccesstoken.php
actions/apioauthauthorize.php
actions/apioauthrequesttoken.php
actions/editapplication.php
actions/newapplication.php
lib/apiauth.php
lib/queuemanager.php
lib/router.php
We have about 10-12 JavaScript pages per Web page. They usually
are based on the same server as the Web pages, but since they're
static files, it makes sense to offload them to a lite server that
handles static files well.
This commit lets you set a separate Javascript server and path for the
default Javascript code in StatusNet.
Squashed commit of the following:
commit 139d1622fdafe5ad00c820224416d9021efc3234
Author: Evan Prodromou <evan@status.net>
Date: Wed Jan 27 11:30:24 2010 -0500
modules that call htmloutputter::script() don't prescribe js/ path
commit c6ca3174af73efed55eaed5ff1e2a3bdc77d2d87
Author: Evan Prodromou <evan@status.net>
Date: Wed Jan 27 11:28:07 2010 -0500
configurable server and path for javascript files
Moved much of the writing that happens when posting a notice to a new
queuehandler, distribqueuehandler. This updates tags, groups, replies
and inboxes at queue time (or at Web time, if queues are disabled).
To make this work well, I had to break up the monolithic
Notice::blowCaches() and make cache blowing happen closer to where
data is updated.
Squashed commit of the following:
commit 5257626c62750ac4ac1db0ce2b71410c5711cfa3
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 14:56:41 2010 -0500
slightly better handling of blowing tag memory cache
commit 8a22a3cdf6ec28685da129a0313e7b2a0837c9ef
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 01:42:56 2010 -0500
change 'distribute' to 'distrib' so not too long for dbqueue
commit 7a063315b0f7fad27cb6fbd2bdd74e253af83e4f
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 01:39:15 2010 -0500
change handle_notice() to handle() in distributqueuehandler
commit 1a39ccd28b9994137d7bfd21bb4f230546938e77
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 16:05:25 2010 -0500
error with queuemanager
commit e6b3bb93f305cfd2de71a6340b8aa6fb890049b7
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 01:11:34 2010 -0500
Blow memcache at different point rather than one big function for Notice class
commit 94d557cdc016187d1d0647ae1794cd94d6fb8ac8
Author: Evan Prodromou <evan@status.net>
Date: Mon Jan 25 00:48:44 2010 -0500
Blow memcache at different point rather than one big function for Notice class
commit 1c781dd08c88a35dafc5c01230b4872fd6b95182
Author: Evan Prodromou <evan@status.net>
Date: Wed Jan 20 08:54:18 2010 -0500
move broadcasting and distributing to new queuehandler
commit da3e46d26b84e4f028f34a13fd2ee373e4c1b954
Author: Evan Prodromou <evan@status.net>
Date: Wed Jan 20 08:53:12 2010 -0500
Move distribution of notices to new distribute queue handler
Queue handlers for XMPP individual & firehose output now send their XML stanzas
to another output queue instead of connecting directly to the chat server. This
lets us have as many general processing threads as we need, while all actual
XMPP input and output go through a single daemon with a single connection open.
This avoids problems with multiple connected resources:
* multiple windows shown in some chat clients (psi, gajim, kopete)
* extra load on server
* incoming message delivery forwarding issues
Database changes:
* queue_item drops 'notice_id' in favor of a 'frame' blob.
This is based on Craig Andrews' work branch to generalize queues to take any
object, but conservatively leaving out the serialization for now.
Table updater (preserves any existing queued items) in db/rc3to09.sql
Code changes to watch out for:
* Queue handlers should now define a handle() method instead of handle_notice()
* QueueDaemon and XmppDaemon now share common i/o (IoMaster) and respawning
thread management (RespawningDaemon) infrastructure.
* The polling XmppConfirmManager has been dropped, as the message is queued
directly when saving IM settings.
* Enable $config['queue']['debug_memory'] to output current memory usage at
each run through the event loop to watch for memory leaks
To do:
* Adapt XMPP i/o to component connection mode for multi-site support.
* XMPP input can also be broken out to a queue, which would allow the actual
notice save etc to be handled by general queue threads.
* Make sure there are no problems with simply pushing serialized Notice objects
to queues.
* Find a way to improve interactive performance of the database-backed queue
handler; polling is pretty painful to XMPP.
* Possibly redo the way QueueHandlers are injected into a QueueManager. The
grouping used to split out the XMPP output queue is a bit awkward.
Conflicts:
scripts/xmppdaemon.php
Queue handlers for XMPP individual & firehose output now send their XML stanzas
to another output queue instead of connecting directly to the chat server. This
lets us have as many general processing threads as we need, while all actual
XMPP input and output go through a single daemon with a single connection open.
This avoids problems with multiple connected resources:
* multiple windows shown in some chat clients (psi, gajim, kopete)
* extra load on server
* incoming message delivery forwarding issues
Database changes:
* queue_item drops 'notice_id' in favor of a 'frame' blob.
This is based on Craig Andrews' work branch to generalize queues to take any
object, but conservatively leaving out the serialization for now.
Table updater (preserves any existing queued items) in db/rc3to09.sql
Code changes to watch out for:
* Queue handlers should now define a handle() method instead of handle_notice()
* QueueDaemon and XmppDaemon now share common i/o (IoMaster) and respawning
thread management (RespawningDaemon) infrastructure.
* The polling XmppConfirmManager has been dropped, as the message is queued
directly when saving IM settings.
* Enable $config['queue']['debug_memory'] to output current memory usage at
each run through the event loop to watch for memory leaks
To do:
* Adapt XMPP i/o to component connection mode for multi-site support.
* XMPP input can also be broken out to a queue, which would allow the actual
notice save etc to be handled by general queue threads.
* Make sure there are no problems with simply pushing serialized Notice objects
to queues.
* Find a way to improve interactive performance of the database-backed queue
handler; polling is pretty painful to XMPP.
* Possibly redo the way QueueHandlers are injected into a QueueManager. The
grouping used to split out the XMPP output queue is a bit awkward.
Queue handlers for XMPP individual & firehose output now send their XML stanzas
to another output queue instead of connecting directly to the chat server. This
lets us have as many general processing threads as we need, while all actual
XMPP input and output go through a single daemon with a single connection open.
This avoids problems with multiple connected resources:
* multiple windows shown in some chat clients (psi, gajim, kopete)
* extra load on server
* incoming message delivery forwarding issues
Database changes:
* queue_item drops 'notice_id' in favor of a 'frame' blob.
This is based on Craig Andrews' work branch to generalize queues to take any
object, but conservatively leaving out the serialization for now.
Table updater (preserves any existing queued items) in db/rc3to09.sql
Code changes to watch out for:
* Queue handlers should now define a handle() method instead of handle_notice()
* QueueDaemon and XmppDaemon now share common i/o (IoMaster) and respawning
thread management (RespawningDaemon) infrastructure.
* The polling XmppConfirmManager has been dropped, as the message is queued
directly when saving IM settings.
* Enable $config['queue']['debug_memory'] to output current memory usage at
each run through the event loop to watch for memory leaks
To do:
* Adapt XMPP i/o to component connection mode for multi-site support.
* XMPP input can also be broken out to a queue, which would allow the actual
notice save etc to be handled by general queue threads.
* Make sure there are no problems with simply pushing serialized Notice objects
to queues.
* Find a way to improve interactive performance of the database-backed queue
handler; polling is pretty painful to XMPP.
* Possibly redo the way QueueHandlers are injected into a QueueManager. The
grouping used to split out the XMPP output queue is a bit awkward.
* Mostly punctuation updates so that the same message is used consistently in all of StatusNet.
* Some cases of "Title Case" removed, because that does not appear to be used consistently.
Consolidated several separate implementations of the same weighting algorithm into common_sql_weight() and fixed some bugs...
For MySQL, now using timestampdiff() instead of subtraction for the comparison, so we get sane results when the year doesn't match, and utc_timestamp() rather than now() so we don't get negative ages for recent items with local server timezone.
Unknown whether the same problems affect PostgreSQL, but note that it lacks the timestampdiff() SQL function.
Consolidated several separate implementations of the same weighting algorithm into common_sql_weight() and fixed some bugs...
For MySQL, now using timestampdiff() instead of subtraction for the comparison, so we get sane results when the year doesn't match, and utc_timestamp() rather than now() so we don't get negative ages for recent items with local server timezone.
Unknown whether the same problems affect PostgreSQL, but note that it lacks the timestampdiff() SQL function.
Moved the important parts of the location-argument-handling stuff
to a single function. Handles defaults and overrides correctly, and
easy to use. Changed Web and API channels to use it.
self-subscription) via the API. Additionally, make it impossible
to block yourself or unsubscribe from yourself, period.
I also made User use the subs.php helper function for unsubscribing
during a block.
Hopefully, these changes will get rid of the problem of people
accidentally deleting their self-subscriptions once and for all
(knock on wood).
Logic was inversed; new password was only being saved if a plugin claimed the event; so when no auth plugin was present to take it, passwords never got saved.
* master: (67 commits)
Ticket 2038: fix bad bug tracker link
Fix regression in group posting: bug introduced in commit 1319002e15. Need to use actual profile object rather than an id on a variable that doesn't exist when checking blocks :D
Log database errors when saving notice_inbox entries
Drop the username from the log id for now; seems to trigger an error loop in some circumstances
request id on logs... pid + random id per web request + username + method + url
Add OpenID ini info back into statusnet.ini as a stopgap until we can
Some changes to the OpenID DataObjects to make them emit the exact same
OpenID plugin should set 'user_openid.display' as unique key
Remove relationship: user_openid.user_id -> user.id. I don't think this
Have OpenID plugin DataObjects emit their own .ini info
Revert "Allow plugin DB_DataObject classes to not have to use the .ini file by overriding keys(), table(), and sequenceKey() for them"
Catch and report exceptions from notice_to_omb_notice() instead of letting the OMB queue handler die.
Fix regression in remote subscription; added hasRole() shadow method on Remote_profile.
Fix fatal error on OMB subscription for first-timers
Remove annoying log msg
Drop error message on setlocale() failure; this is harmless, since we actually have a working locale set up.
Catch uncaught exception
Fixed bug where reply-sync bit wasn't getting saved
Forgot to render the nav menu when on FB Connect login tab
Facebook plugin no longer takes over Login and Connect settings nav menus
...
Conflicts:
db/08to09_pg.sql
db/statusnet_pg.sql
locale/pt_BR/LC_MESSAGES/statusnet.mo
plugins/Mapstraction/MapstractionPlugin.php
Since commit c4072ef7c9 in March there's no longer an automatic run of $this->getNotices() from RssAction parent class; added to the subclass.
It might make sense to put it back in the parent class, but of course only if those dupe calls can be resolved.
Since commit c4072ef7c9 in March there's no longer an automatic run of $this->getNotices() from RssAction parent class; added to the subclass.
It might make sense to put it back in the parent class, but of course only if those dupe calls can be resolved.
Caused failures saving profile settings with Geonames plugin enabled; the lat/lon/id fields would get re-set with freshly looked up values which no longer matched the previous values as far as the data object could tell, but which saved as the same ol' numbers.
User links using the ID number (such as created for @-replies) have been failing on Internet Explorer, since IE doesn't bother to actually say it supports text/html...
We usually get something like this from IE, up through at least IE 8:
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */*
The */* ended up matching application/rdf+xml instead of text/html, so only other browsers which are more explicit would actually get sent on to the user profile/notice stream; IE visitors were directed on to the FOAF download. :(
Swapping the order of items in the server-side of the negotiation list fixes this; clients actually asking for FOAF at a higher priority than HTML will still get it, but the wildcard */* now matches text/html which is usually what we want.
Content negotiation for the user links was added August 2008 in commit 48fcfb8b0d.
Added EmailAuthenticationPlugin
Added ReverseUsernameAuthenticationPlugin
Changed the StartChangePassword and EndChangePassword events to take a user, instead of a nickname
User::allowed_nickname was declared non-static, but used as if it was static, so I made the declaration static
* 0.9.x:
Added a events for the settings menu items
Bringing Sphinx search support up to code: broken out to a plugin, now supports multiple sites on a single server.
Changed to Evan's event style and added an AuthPlugin superclass
add geo output to statuses in json, xml, atom, rss in API
Localisation updates from translatewiki.net (2009-11-10)
Localisation updates from translatewiki.net
Update pot
add lat and long parameters to api/statuses/update
change credential check to work more like other events
fixup output of object attributes in db error code
Performance fix for subscription/subscriber lists based on feedback from ops.
Adjusting indexes to make favorites query more efficient, based on feedback from ops.
Revert untested code; spews PHP notice warnings on every page view: "just sent a http 200 for the check-fancy from install.php"
Added hook for the Group navigation items
Updated block @title text (shouldn't say from group)
Updated group block markup
Revert "Remove more contractions"
Upgrade notes:
* Index names have changed from hardcoded 'Identica_people' and 'Identica_notices' to use the database name and actual table names. Must reindex.
New events:
* GetSearchEngine to override default search engine class selection from plugins
New scripts:
* gen_config.php generates a sphinx.conf from database configuration (with theoretical support for status_network table, but it doesn't seem to be cleanly queriable right now without knowing the db setup info for that. Needs generalized support.)
* Replaced old sphinx-indexer.sh and sphinx-cron.sh with index_update.php
Other fixes:
* sphinx.conf.sample better matches our live config, skipping unused stopword list and using a more realistic indexer memory limit
Further notes:
* Probably doesn't work right with PostgreSQL yet; Sphinx can pull from PG but the extraction queries currently look like they use some MySQL-specific functions.
* 0.9.x: (26 commits)
just sent a http 200 for the check-fancy from install.php
Add a new event: CanUserChangeField
shorten flag notification and include a class
Added flag icon for UserFlag plugin
Fixed notice option alignment in IE
add a method to Theme class to list available themes
Updated Realtime plugin to use the util's NoticeReply object
Localisation updates from translatewiki.net (2009-11-08)
Update pot again
Rebuild pot file *without* --join-existing to get rid of the cruft. Not sure why "--join-existing" must be in. Only thing I can think of is manual additions, which I could not find.
Revert "More precise field label"
Remove more contractions
Revert "* [Cc]an't -> [Cc]annot"
Revert "More specifics on 'address'"
* [Cc]an't -> [Cc]annot
Revert "* check usage of 'people' in UI and change it to 'users' or something else in most places"
add utilities for calculating local and installation theme root dirs
Harmonise UI message "No such user."
Restructure theme.php to define a class Theme
entity_action responses look more inactive now
...
This reverts commit 6483fbd8fa.
"SMS address" header here makes no sense; it would be inconsistent with the other tabs and headings on the same and related pages, and would look very awkward with another giant "SMS" right above it
This reverts commit 1872d07602.
"instant messages address" is very awkward phrasing; prefer not to be changing UI in such ways while updating localisations.
This reverts commit 81b4a381d9.
IMO "user" is a bit impersonal and we shouldn't go changing the tone of the UI willy-nilly when we're updating localisations.
For various reasons, it's nicer to have a class for theme-file paths
and such. So, I've rewritten the code for determining the locations of
theme files to be more OOPy.
I changed all the uses of the two functions in the module (theme_file
and theme_path) to use Theme::file and Theme::path respectively.
I've also removed the code in common.php that require's the module;
using a class means we can autoload it instead.
doesn't like the XHR response with XHTML DTD. New notices without the
file attachment work fine.
The rendered content (the anchor for the file attachment link) doesn't
appear to be the issue.
To fix this problem, I removed the XHTML DTD line from newnotice's XHR
response. This is unnecessary for text/xml outputs that's intended
for XHR responses any way. It just happens to fix an IE issue.
Still a mystery to me as to why it is particular to notices with file
attachments.
doesn't like the XHR response with XHTML DTD. New notices without the
file attachment work fine.
The rendered content (the anchor for the file attachment link) doesn't
appear to be the issue.
To fix this problem, I removed the XHTML DTD line from newnotice's XHR
response. This is unnecessary for text/xml outputs that's intended
for XHR responses any way. It just happens to fix an IE issue.
Still a mystery to me as to why it is particular to notices with file
attachments.
Added 4 new events involved in XRDS: StartUserXRDS, EndUserXRDS, StartPublicXRDS, EndPublicXRDS
Added OpenID provider functionality (no delegation support [yet])
* api-media-upload:
Rearanged a couple things & removed debugging statements
Rework MailDaemon to use the MediaFile class for uploads
Implement media upload in the API
Extract media upload stuff into its own library class.
of empty notice prefix text in facebook settings.
Filed bug upstream at http://bugs.developers.facebook.com/show_bug.cgi?id=7110
Per documentation, saving a pref value of "" or "0" will delete the pref key:
http://wiki.developers.facebook.com/index.php/Data.setUserPreference
which used to do what we want... Now Facebook throws back an error
"Parameter value is required" when we do this. Workaround appends a
space to empty string or "0" at save time, then trims the string when
we load it.
The input string was already trimmed at pref save time, so this won't
alter any user-visible behavior.
Thanks to ^demon in #mediawiki for pointing out the behavior regression
after testing the identi.ca Facebook app!
of empty notice prefix text in facebook settings.
Filed bug upstream at http://bugs.developers.facebook.com/show_bug.cgi?id=7110
Per documentation, saving a pref value of "" or "0" will delete the pref key:
http://wiki.developers.facebook.com/index.php/Data.setUserPreference
which used to do what we want... Now Facebook throws back an error
"Parameter value is required" when we do this. Workaround appends a
space to empty string or "0" at save time, then trims the string when
we load it.
The input string was already trimmed at pref save time, so this won't
alter any user-visible behavior.
Thanks to ^demon in #mediawiki for pointing out the behavior regression
after testing the identi.ca Facebook app!
* 0.9.x:
Include long-form attachment URL in notice if URL shortening is disabled.
Updated default theme to use the CSS Sprites method for common icons
Added a new plugin that requires a user to have a validated email address before being allowed to post notices
Don't trigger E_NOTICE when looking for commands in the notice input
Previously, the attachment URL would simply be dropped when shortening returned false instead of a short URL... the attachment was present if you clicked through to notice details but didn't appear in the timeline, making it nigh-impossible to see the attachment.
Previously, the attachment URL would simply be dropped when shortening returned false instead of a short URL... the attachment was present if you clicked through to notice details but didn't appear in the timeline, making it nigh-impossible to see the attachment.
* 0.9.x: (247 commits)
Added in credits.
Use site's name for basic auth realm
Make apigroupcreate.php pass phpcs
Took out some unnecessary intializations
Implemented create group api
CamelCase all function names in the API code
These same params are used in most API actions; moved to base API class
Missed some of the references to the old TwitterApiAction - removed
Remove more redundant $formats
Remove dead code
Move all basic auth output and processing to base classes
$format is used by every API action. Set it in the base class.
Delete action/api.php and rename lib/twitterapi.php to lib/api.php
New actions for blocks via API
fix FBConnect so it doesn't muffle EndPrimaryNav
don't write session if it's unchanged
Fixed facebook connect primary nav to hide search option when site is private and user is not logged in
Fixed facebook connect primary nav to obey sms/twitter/openid settings
Fixed facebook connect login nav to obey openid settings
Fixed facebook connect nav to obey sms/twitter disabled
...
Merge branch '0.9.x' into refactor-api
* 0.9.x:
Implemented create group api
fix FBConnect so it doesn't muffle EndPrimaryNav
don't write session if it's unchanged
Fixed facebook connect primary nav to hide search option when site is private and user is not logged in
Fixed facebook connect primary nav to obey sms/twitter/openid settings
Fixed facebook connect login nav to obey openid settings
Fixed facebook connect nav to obey sms/twitter disabled
Fixed twitter defaulting to disabled
Revert "Open tags should have closing tags"
Don't show search suggestions for private sites
Fixed E_NOTICE when returnto isn't set
Fixed E_NOTICE when the "lite" parameter isn't included in the request
Fixed E_NOTICE - GroupList expects an owner object in the constructor, not an array of search terms
Returning false seems to fix IE from reclaiming window focus. I think
Aligning notice attach label from right instead of left
Fixed IE background image alignment for attach, favour and disfavour
Fixed nudge and direct message background image alignment
Using 'CSS sprites' for common icons for the identica theme. Default
Open tags should have closing tags
Conflicts:
actions/twitapigroups.php
actions/twitapistatuses.php
* 0.9.x:
change DB so OpenIDPlugin manages OpenID tables
Some bug fixes
check the schema
add some more methods to Schema
Added hook for Aside container
Revert "Outputting UTF-8 charset in document header irrespective of mimetype."
FOAF for Groups.
use schema tool to create a table
statusize schema-related modules
test script for schema code
make table def method of schema code work
start a module for schema management
* 0.9.x: (39 commits)
Timeout a little incase the notice item from XHR response is
Relocated the button for pop up window for notice stream
Script no longer needed for Realtime plugin
Better check to see if the XML prolog should be outputted for XML
Outputting UTF-8 charset in document header irrespective of mimetype.
Switched Doctype to XHTML 1.0 Strict (which best reflects the current
Twitter API returns server errors in preferred format
move HTTP error code strings to class variables
remove string-checks from code using Notice::saveNew()
change string return from Notice::saveNew to exceptions
stop overwriting created timestamp on group edit
Forgot to add home_timeline to the list of methods that only require
Forgot to add home_timeline to the list of methods that only require
moderator can delete another user's notice
show delete button when user has deleteOthersNotice right
let hooks override standard user rights
user rights
Merge DeleteAction class into DeletenoticeAction
Fix some bugs in the URL linkification, and fixed the unit test.
Fix URL linkification test cases for addition of 'title' attribution with long URL in f3c8fccc
...