Commit Graph

16299 Commits

Author SHA1 Message Date
Mikael Nordfeldth
0854a84eb9 Throw more explicit exception in ImageFile 2015-02-25 01:14:27 +01:00
Mikael Nordfeldth
ce91f1c0e6 Hide posts from users with private_stream in scoping streams
For example the public timeline would show notices from a user with
private_stream configured. (previously it would only hide _new_ notices
by this user as they would be the only ones with notice scoping set).
2015-02-24 22:59:58 +01:00
Mikael Nordfeldth
060dbe1b56 Removing whitespace and creating an early-return in inScope 2015-02-24 22:44:43 +01:00
buttle
b9d4a9c9f9 added DocNav EVENT
Event to overide DocNav
two small css changes to indent notice footer correctly.
2015-02-24 21:51:31 +01:00
Mikael Nordfeldth
325e784ccd Don't store duplicates of files.
If a new file is uploaded, it will be matched with a previously uploaded
file so we don't have to store duplicates. SHA256 is random enough and
also unlikely enough to cause collisions.
2015-02-24 21:11:25 +01:00
Mikael Nordfeldth
0d577584c3 Script to delete file table entries which have disappeared locally 2015-02-24 19:29:28 +01:00
Mikael Nordfeldth
27bc654b5b RSSCloud URL field too long for utf8mb4
Should be the last one. If any URLs are longer than 191 chars, it might
require more manual interaction. Any instance with problems running
scripts/upgrade.php will get special treatment, help and a lollipop.
2015-02-21 16:43:21 +01:00
Mikael Nordfeldth
c1e3cfe7a7 ensureFeedURL will return Ostatus_profile early if already stored 2015-02-20 14:47:12 +01:00
Mikael Nordfeldth
96099807e1 Default install to site profile community 2015-02-20 01:00:28 +01:00
Mikael Nordfeldth
b639a25856 Emoji support through utf8mb4 seems to be done!
scripts/upgrade.php will take a _long_ time though! But it's worth it.
2015-02-19 22:13:42 +01:00
Mikael Nordfeldth
0e6c83e521 Had to avoid using indexes in the migration phase
File and File_redirection still had their indexes in the temporary migration table definition.
2015-02-19 22:06:43 +01:00
Mikael Nordfeldth
987232a0a6 Remove common_debug call that slipped by 2015-02-19 21:26:55 +01:00
Mikael Nordfeldth
b54710950f unique keys and indexes must be NOT NULL or MySQL fucks up
If this merge throws exception on scripts/upgrade.php and you recently
tried a nightly (i.e. during 2015-02-19) then just go back a commit or two
and try again.

Or delete the duplicate entries. Find the entries like this:

SELECT COUNT(*), urlhash FROM file_redirection
    GROUP BY urlhash
    HAVING COUNT(*) > 1;

then for each urlhash (or come up with a smart SQL query) do:
DELETE FROM file_redirection WHERE urlhash='hashfrompreviousquery' LIMIT 1;

You'll have to remove duplicates more than once if you have >2 identical
urlhash entries. LIMIT -1 might do that for you. I'm not sure.
2015-02-19 21:21:39 +01:00
Mikael Nordfeldth
d061e1065e Some loose table definitions which needed 191 char indexes
because we want utf8mb4 so badly!
2015-02-19 21:02:14 +01:00
Mikael Nordfeldth
0590f2975e Merge branch 'utf8mb4' into nightly
Conflicts because of urlhash fixes:
	classes/File.php
	classes/File_redirection.php
	classes/File_thumbnail.php
2015-02-19 20:50:40 +01:00
Mikael Nordfeldth
5471c65c9a less newlines for the scripts/upgrade.php output 2015-02-19 19:40:36 +01:00
Mikael Nordfeldth
e299583eee Bad check on existing urlhash key 2015-02-19 19:36:59 +01:00
Mikael Nordfeldth
8ac8e2e734 Use new ::getByUrl for File and File_redirection
and make use of the exceptions instead endless if statements
2015-02-19 19:29:55 +01:00
Mikael Nordfeldth
5b940f255f Mediafile updated to insert urlhash and lookup properly 2015-02-19 19:19:47 +01:00
Mikael Nordfeldth
c05e9b118c function is hashurl, variable is urlhash 2015-02-19 19:07:43 +01:00
Mikael Nordfeldth
45dc76de26 File and File_redirection adhoc storage methods updated for urlhash 2015-02-19 19:05:24 +01:00
Mikael Nordfeldth
0dfe39ac87 File_thumbnail url is not an index 2015-02-19 18:59:13 +01:00
Mikael Nordfeldth
27480d8e8e File_redirection also got urlhash column 2015-02-19 18:34:48 +01:00
Mikael Nordfeldth
176bde269f Merge branch 'nightly' into file_urlhash 2015-02-19 18:13:09 +01:00
Mikael Nordfeldth
df2cc09362 $this->scoped->getUser() instead of common_current_user(); 2015-02-19 17:46:37 +01:00
Mikael Nordfeldth
042cb1604a ROLLBACK if query failed in email settings savePreferences 2015-02-19 17:43:08 +01:00
Mikael Nordfeldth
0acf3e0e30 Profile table cleaning script. 2015-02-18 14:01:35 +01:00
Mikael Nordfeldth
4ad7e8f459 UserdirectoryAction now ManagedAction and better SQL 2015-02-18 13:37:06 +01:00
Mikael Nordfeldth
d445e0c877 No need for return true 2015-02-18 13:18:32 +01:00
Mikael Nordfeldth
e64ac4c418 GroupdirectoryAction now has no direct SQL queries
also various fixes uppers
2015-02-18 12:17:26 +01:00
Mikael Nordfeldth
94e19e1ac6 escapedTableName for SQL query easy access 2015-02-18 12:15:46 +01:00
Mikael Nordfeldth
a254f38a23 Turn GroupdirectoryAction into a ManagedAction 2015-02-18 11:15:30 +01:00
Mikael Nordfeldth
52e0ce8b06 Directory group search code cleanup 2015-02-18 11:13:10 +01:00
Mikael Nordfeldth
b039d960f5 Make group search in Directory use PEAR::DB
No more direct SQL queries please.
2015-02-18 11:08:11 +01:00
Mikael Nordfeldth
66df043c19 Add php5-intl dependency to Installer class 2015-02-18 00:47:00 +01:00
Mikael Nordfeldth
8fbdb4b9ac New dependency: php5-intl
Internationalization support is required for transliteration, which is
currently used when creating the slugs for hashtags and such. It is a
much more stable and efficient solution than having an unmaintainable
list of unciode characters in an array...
2015-02-18 00:28:45 +01:00
Mikael Nordfeldth
0deaf6c50c use common_purify to purify HTML, one function to rule them all 2015-02-18 00:14:28 +01:00
Mikael Nordfeldth
3dce6d9f6a Implement a common_purify for htmLawed and more
We're removing unicode formatting characters as well, such as RTL marks.
For more info on why we're because extra cautious (but may accept the
characters in later versions) you can read:
https://blog.malwarebytes.org/online-security/2014/01/the-rtlo-method/
2015-02-18 00:10:31 +01:00
Mikael Nordfeldth
9aa59c7f62 forgot primary key column to updateWithKeys in SalmonAction 2015-02-17 21:31:35 +01:00
Mikael Nordfeldth
7ba7f43199 Don't linkify bare domains by default
It's too farfetched to assume any text.com in a notice is an HTTP URL.
For example stuff like pasting from log entries, with domain.com:1234
where 1234 is a _PID_ or something, not a port number for http://...
2015-02-17 20:54:32 +01:00
Mikael Nordfeldth
c31c2d10b9 PHP>=5.4.0 lets us use Transliterator, tags now asciified!
For example: #REVOLUCIÓN becomes #revolucion instead of #revolución
2015-02-17 20:17:22 +01:00
Mikael Nordfeldth
5a8f24eb46 urlhash first steps, including scripts/upgrade.php 2015-02-17 18:55:12 +01:00
Mikael Nordfeldth
59763ceecb SalmonAction now updates remote URI if it was stale.
After doublechecking two identities so that they match (like one that was
previously http:// but now is https://) we update the URI in our database
to match.

This has to be verified so it's not easy to fool our script and thus make
us replace legitimate URIs with fake ones. I believe the callback method
is safe, but I'm not sure how well it handles HTTP MITM attacks etc.
2015-02-17 17:35:45 +01:00
Mikael Nordfeldth
282f4d6a89 Various $this->scoped fixes and protected prepare/handle in API actions 2015-02-17 17:20:00 +01:00
Mikael Nordfeldth
6cdedf6049 Replace $this->user/auth_user with $this->scoped in lib/apiaction.php
We prefer handling a Profile class rather than the User class, as some
functions might be useful for remote users as well, which cannot be
handled via the User class.
2015-02-17 17:16:33 +01:00
Mikael Nordfeldth
61aa71ed34 Subscription class gets exception throwing getSubscription function 2015-02-17 17:15:47 +01:00
Mikael Nordfeldth
901a825b61 Non-functional "retweeted to me" API call modified (but not fixed)
For some reason the "retweeted to me" part of the Twitter API was removed
when Evan made some inbox changes back in the StatusNet days. We might
recover this functionality, but not yet. The proper function calls are
however fixed in this commit.
2015-02-17 16:48:24 +01:00
Mikael Nordfeldth
75f35bcfe7 apiauth action with ->user changed to ->scoped 2015-02-17 16:39:27 +01:00
Mikael Nordfeldth
406b6148f5 CSS: notice images no wider than 100%
We should actually not allow remote images to be given in the src attribute
because they can be used for tracking and other nasty stuff without being
seen by the enduser.

Also, allowing remote images linked like this won't work for users who run
plugins like RequestPolicy etc. anyway. A better method would be to make
them listed as attachments instead. Then we can use that subsystem for
making thumbnails to store locally, hotlinking sources and whatnot.
2015-02-17 01:26:18 +01:00
Marcus Moeller
f7b41625e5 opacity is not needed as it's transparent
use alignment instead of padding for padlock symbol
2015-02-16 17:50:43 +01:00