Commit Graph

4998 Commits

Author SHA1 Message Date
Mikael Nordfeldth
f51cb6fca9 Split OStatusPlugin FeedSub receive into two parts
FeedSub::receive now only handles the PuSH verification
FeedSub::receiveFeed is protected and only parses+imports feed XML
2017-04-21 08:13:39 +02:00
Mikael Nordfeldth
e87115d462 Less frightening interface on remote subscription
Instead of an error message in a red box about being unable to find the
profile, you get the title "Remote subscription" and no error message.
2017-04-19 11:41:34 +02:00
Mikael Nordfeldth
548e59fc99 Empty resource would throw exception
The "+ Remote" link on your profile page broke because of exception.
2017-04-19 11:37:43 +02:00
Andrew Engelbrecht
6ca5bb4d41 Added CAS user whitelist feature
This feature filters users who may log in via CAS. This is useful when
both CAS and password authentication is enabled and there is a mismatch
between some GNU social account names and CAS user names. This prevents
CAS users from logging in as someone else on GNU social.
2017-04-17 12:41:49 -04:00
Mikael Nordfeldth
35b0a9e3ae Handle normalized acct: URIs in ostatussub
Mastodon sent the proper acct: URI and not just 'user@domain' when
using the remote subscribe functionality.
2017-04-16 11:01:16 +02:00
Andrew Engelbrecht
25b4996145 Fix 'from' address in the XMPP ping command
This commit corrects a syntax error that caused the XMPP daemon to
reatedly reconnect to the remote server.
2017-04-13 12:35:49 -04:00
mmn
24910f2363 Merge branch 'fix-twitterbridge' into 'nightly'
Fix TwitterBridge imported notices not displaying in timeline

See merge request !130
2017-04-06 10:20:41 +00:00
Mikael Nordfeldth
bc1f8b5db6 Merge branch 'master' of git.gnu.io:gnu/gnu-social into nightly
strk's OpenID fix
2017-04-06 11:15:37 +02:00
mmn
6679ecb9d7 Merge branch 'fix-openid-removal' into 'master'
Fix OpenID URI removal

See merge request !138
2017-04-06 09:12:35 +00:00
Sandro Santilli
1ef206467f Fix OpenID URI removal
See #252
2017-03-18 13:33:07 +01:00
Sandro Santilli
85a407e7b0 Normalize OpenID URI before checking it for validity
Fixes #251
2017-03-18 10:56:01 +01:00
Mikael Nordfeldth
9fead39f36 Merge branch 'master' of git.gnu.io:gnu/gnu-social 2017-03-18 01:36:35 +01:00
Mikael Nordfeldth
948744538c StoreRemoteMedia now checks remote filesize before downloading 2017-03-18 01:35:45 +01:00
Chimo
dc7c64592b Add var type to newListItem() parameter
Fixes some "Declaration of $child::method should be compatible with
$parent::method" warnings.
2017-03-16 22:57:16 -04:00
Thomas Karpiniec
47cd054976 Use the statusnet namespace for notice_id 2017-02-04 21:59:30 +11:00
Mikael Nordfeldth
8b8e2825e3 Merge branch 'master' of git.gnu.io:gnu/gnu-social into mmn_fixes 2017-01-15 21:25:06 +01:00
Bjoern Schiessle
f198d5d110
improve status length calculation, each link is exactly 23 characters long at Twitter 2016-12-14 15:54:02 +01:00
Mikael Nordfeldth
6bfc97c95d Less spammy logs 2016-10-22 23:24:13 +02:00
Mikael Nordfeldth
6ebc5f0bff some debugging calls and make sure $hints['feedurl'] gets set with $feeduri in case that variable is used. 2016-10-22 23:08:44 +02:00
vinzv
3e5ae79c5a Added chimo's plugins 2016-09-02 11:37:53 +02:00
vinzv
25e4b9a35e Add Qvitter and QvitterPlus 2016-09-02 11:34:50 +02:00
vinzv
a1c7c0ab01 Adding SensitiveContent Plugin for nsfw filtering 2016-09-02 11:34:29 +02:00
Mikael Nordfeldth
cb5bcf4937 bad log constant 2016-08-28 00:16:31 +02:00
Mikael Nordfeldth
a32bfe7d87 TagCloud turned into plugin (performance issues on large installs) 2016-08-27 15:24:25 +02:00
Mikael Nordfeldth
27022e7c39 Typing on WebFinger onRouterInitialized handler argument URLMapper $m 2016-08-27 15:00:29 +02:00
Mikael Nordfeldth
1d791f81fa Attachment styling 2016-08-21 09:31:26 +02:00
Nym Coy
1f5e306760 Set object_type to ActivityObject::NOTE on notices imported from Twitter. Previously was unset which caused ActivityHandler to throw an error during onStartOpenNoticeListItemElement() and the notices would not display in the timeline. 2016-08-09 21:02:57 +05:30
Mikael Nordfeldth
563b3b1328 Using File->setTitle in oEmbed 2016-07-23 21:01:28 +02:00
Mikael Nordfeldth
1b3d583418 file_quota for OembedPlugin too
Don't download huge files that might kill memory limits.
2016-07-21 03:19:05 +02:00
Mikael Nordfeldth
809e2f6d07 Use File->getID() 2016-07-21 01:38:48 +02:00
Mikael Nordfeldth
d230d332cf return false to exit event, imgPath holds the path 2016-07-21 00:27:22 +02:00
Mikael Nordfeldth
13e1f0a561 VideoThumbnails shouldn't have to recreate the thumbnail all the time 2016-07-21 00:24:05 +02:00
Mikael Nordfeldth
fc440ba7e7 Easier debugging of VideoThumbnails plugin 2016-07-20 22:51:38 +02:00
Mikael Nordfeldth
1d53e7060a Changed ShowfavoritesAction to use Action functions for profiles 2016-07-07 11:11:20 +02:00
Mikael Nordfeldth
4a3ed7d0ae I don't know why we would set the mimetype as title here 2016-07-07 00:43:51 +02:00
Mikael Nordfeldth
3987cad9b7 Use delivered content-type to parse XML_XRD
In issue #205 we saw data coming in with an additional line-break before
the JSON data which fuzzed the auto-detection in XML_XRD (which assumed
a { as the first character). If we use the Content-type header from HTTP
we can avoid that issue.
2016-07-02 13:44:25 +02:00
Mikael Nordfeldth
cfd9aee57b Better logging for issue #205 2016-07-02 13:32:23 +02:00
Mikael Nordfeldth
a833eaa651 Make all hash algorithms available (but whitelist by default)
sha1 is whitelisted only because StatusNet requires it.
2016-06-28 11:54:39 +02:00
Mikael Nordfeldth
3166a04cef actually respond with the error message in text on Salmon calls 2016-06-25 20:50:00 +02:00
Mikael Nordfeldth
bf4acc21be A bunch of GIFs were >5MiB! 2016-06-25 20:37:00 +02:00
Mikael Nordfeldth
ad7ebd1a8c Even more phpseclib update related stuff. 2016-06-25 20:34:28 +02:00
Mikael Nordfeldth
d10ce6ac7c Give Webfinger response to group queries 2016-06-25 20:13:19 +02:00
Mikael Nordfeldth
d0c26fb1a4 URIFIX in Ostatus_profile, handle missing feedsub 2016-06-25 11:59:31 +02:00
Mikael Nordfeldth
7978cd6d59 s/EmptyIdException/EmptyPkeyValueException/ 2016-06-25 11:50:59 +02:00
Mikael Nordfeldth
d7a4098b56 Use a separate max download limit for remote files than file_quota too 2016-06-24 16:07:57 +02:00
Mikael Nordfeldth
af23c9f7cd StoreRemoteMedia now checks remote filesize before downloading 2016-06-24 15:56:14 +02:00
Mikael Nordfeldth
f1e3314bb7 StoreRemoteMedia avoids too large files 2016-06-24 15:47:02 +02:00
Mikael Nordfeldth
c19f87f867 fixes issue #189 with a script lacking exception handling 2016-06-24 15:19:24 +02:00
Mikael Nordfeldth
39e8c13afb Properly parse incoming bookmarks 2016-06-24 13:51:40 +02:00
Mikael Nordfeldth
a4051945fd Handle exception from Magic Envelope toXML function 2016-06-23 23:27:18 +02:00
Mikael Nordfeldth
6dcb293ba0 Unnecessarily verbose code 2016-06-23 23:03:58 +02:00
Mikael Nordfeldth
16f4583498 throw ClientException instead of clientError 2016-06-19 03:38:00 +02:00
Mikael Nordfeldth
2726478467 Bump Diaspora plugin version because of phpseclib fix 2016-06-19 03:25:03 +02:00
Mikael Nordfeldth
bac95913e8 phpseclib defaults to OAEP but we want PKCS1 in D* 2016-06-19 03:23:26 +02:00
Mikael Nordfeldth
ed97b88b04 Err, don't need that comment. 2016-06-19 02:27:50 +02:00
Mikael Nordfeldth
76114e2748 Missed some phpseclib stuff in DiasporaPlugin 2016-06-19 02:26:44 +02:00
Mikael Nordfeldth
47aabf4fda Let's just put the namespaced phpseclib in extlib instead of plugins/OStatus/extlib 2016-06-18 00:00:32 +02:00
Mikael Nordfeldth
5bfd9dbaa7 repost_of -> repeat_of, also trying with isset() 2016-06-17 23:53:05 +02:00
Mikael Nordfeldth
3a8ce99a9d Magicsig call for phpseclib\Math\BigInteger fixed 2016-06-17 23:47:00 +02:00
Mikael Nordfeldth
1839082f95 OStatus Magicsig adaptations to new phpseclib
Some constants have changed and the way to call RSA->sign(...) too.
2016-06-17 23:43:24 +02:00
Mikael Nordfeldth
d8af92bda2 Diaspora phpseclib update 2016-06-17 23:42:50 +02:00
Mikael Nordfeldth
09ef0c1f33 bump Linkback plugin thanks to awesome singpolyma 2016-06-17 23:22:44 +02:00
Mikael Nordfeldth
a1d064129a Handle namespaces for new phpseclib 2016-06-17 23:21:34 +02:00
Mikael Nordfeldth
28ca5d90d9 phpseclib updated, some new features that we won't use 2016-06-17 22:44:12 +02:00
mmn
005b4c8dd1 Merge branch 'strict-warnings' into 'nightly'
Fix some strict warnings (Action::prepare, Action::handle)

I know MR with changes to a bunch of files aren't great practice, but I figured since all the changes are one-liners it might not be a huge deal.

Related to #190 

See merge request !123
2016-06-17 16:29:47 -04:00
Stephen Paul Weber
97243c8a91 Allow 201 as well, because spec says so 2016-06-10 21:13:10 +00:00
Stephen Paul Weber
274e394d8e Pass all but two webmention.rocks tests 2016-06-10 21:03:16 +00:00
Stephen Paul Weber
1e9077f529 Set avatar where available 2016-06-10 21:02:50 +00:00
Stephen Paul Weber
6861d2f3a1 Get avatar out of entry properly 2016-06-10 21:02:34 +00:00
Stephen Paul Weber
624584f9df Need to strtotime before we can format the date 2016-06-10 21:02:08 +00:00
Stephen Paul Weber
4f3a031786 Use strpos check properly 2016-06-10 21:01:53 +00:00
Stephen Paul Weber
e96d7d48f5 400 code needs ClientException 2016-06-10 21:01:23 +00:00
Chimo
9de79f0a36 Update prepare() method on Action subclasses.
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::prepare() should be compatible with
Action::prepare(array $args = Array)

Ref. #190
2016-06-01 02:26:44 +00:00
Chimo
ba2975aac8 Update handle() method on Action subclasses.
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::handle() should be compatible with
Action::handle()"

Ref. #190
2016-06-01 02:26:44 +00:00
Mikael Nordfeldth
60130633f0 Linkback references to unset indexes + spelling error 2016-05-01 11:36:07 +02:00
Mikael Nordfeldth
e4f688fcfd naughty extlib fix (PHP7)
The explode function didn't return empty elements (which split did)
2016-04-26 02:57:14 +02:00
Mikael Nordfeldth
3e9b0d6018 split is gone, use explode. PHP7 extlib fix 2016-04-26 02:41:56 +02:00
Mikael Nordfeldth
af28160679 Naughty fix for extlib XMPPHP (PHP7)
I shouldn't fix extlibs, but here goes anyway. I will see if there's
an upstream library we can track which has fixed this themselves.
2016-04-26 02:41:04 +02:00
Mikael Nordfeldth
ce65fe96ad Oembed bugs with thumbnail generation. 2016-04-18 15:33:20 +02:00
Mikael Nordfeldth
b1de90fe08 Send thr:in-reply-to as well, for clarity... 2016-04-01 23:21:57 +02:00
Mikael Nordfeldth
922b65d231 More debugging in Salmon since we get situations which can't find inReplyToID 2016-04-01 23:10:34 +02:00
Mikael Nordfeldth
299949b156 fix/legacy_http for WebFinger + some minor fixes
Now won't match possibly maliciously named remote profile URLs
(where the profile URL could be a notice URL for example, which
would mean the response would be incorrect)

When looking up remote entities, we should _only_ use the stored URI,
but that's for the future to do...
2016-03-30 01:32:11 +02:00
Mikael Nordfeldth
df3bcbb6cb Possibly replace weirdly capitalized htTPs: too 2016-03-30 01:31:17 +02:00
Mikael Nordfeldth
cb212ba41c Gah, bad syntax 2016-03-29 12:55:50 +02:00
Mikael Nordfeldth
f8765c6166 Upgrade script for Bookmark uses joins instead of exists (performance++) 2016-03-29 12:48:00 +02:00
Mikael Nordfeldth
dcffe5d992 Forgotten File::getByUrl conversations (performance++) 2016-03-29 12:13:53 +02:00
Mikael Nordfeldth
23bb45b845 Upgrade info from Bookmark plugin 2016-03-29 12:13:23 +02:00
Mikael Nordfeldth
d4041a4a1f a little bit more explicit logging 2016-03-28 16:41:29 +02:00
Mikael Nordfeldth
16517f019a Embarrasing copy-paste gone too fast 2016-03-28 16:25:29 +02:00
Mikael Nordfeldth
7bef2ad4cc Update Profile Data script fixes, might work for groups too now 2016-03-28 16:19:47 +02:00
Mikael Nordfeldth
a93c69d150 OStatus update profile data script fixes 2016-03-28 15:42:41 +02:00
Mikael Nordfeldth
2e327dfcd7 Probably fixes issue with looping XMPP queue items 2016-03-28 11:33:52 +02:00
Mikael Nordfeldth
97f7e6632d Embed attachments marked up as microformats2 (I think rather properly) 2016-03-27 16:21:43 +02:00
Mikael Nordfeldth
327b8c863e Initial (not yet working) fetch remote plugin 2016-03-27 15:01:44 +02:00
Mikael Nordfeldth
2d0153195e Output proper remote info on WebFinger notice resources 2016-03-27 14:56:27 +02:00
Mikael Nordfeldth
7be4641040 Actually return an Ostatus_profile 2016-03-27 14:54:14 +02:00
Mikael Nordfeldth
4d382a59d0 Use HTTPClient instead of Yadis HTTPFetcher in Linkback plugin 2016-03-24 03:01:18 +01:00
Mikael Nordfeldth
be22886be8 Catch some exceptions in Linkback 2016-03-24 02:00:16 +01:00
Mikael Nordfeldth
f522c08438 Stricter typing in Realtime plugin functions 2016-03-24 01:41:58 +01:00
Mikael Nordfeldth
2759c3f0db Debugging output in OStatus for easier reading+greping 2016-03-23 17:52:02 +01:00
Mikael Nordfeldth
8c6d0759c7 If upgraded from http to https, keep hubsub->topic up to date too (thanks hannes2peer) 2016-03-23 15:37:55 +01:00
Mikael Nordfeldth
0767bf487e Use the new onUpdateKeys in dataobject for tasks on-update of keys
sets the hashkey column of the row to sha1(topic + '|' + callback)
2016-03-23 15:22:34 +01:00
Mikael Nordfeldth
f83b81b8c4 Change config webfinger/http_alias to fix/legacy_http
Set $config['fix']['legacy_http'] to perform some actions that are
needed if your site used to be served over http but now has upgraded
to https!
2016-03-23 15:21:02 +01:00
Mikael Nordfeldth
53c1750f0d If the attachment is a photo, don't replace representation in oEmbed 2016-03-22 14:02:36 +01:00
Mikael Nordfeldth
51840a6693 doActionPost for delete should use deleteAs 2016-03-21 18:07:29 +01:00
Mikael Nordfeldth
55544845db Just some comment clarification 2016-03-21 17:50:06 +01:00
Neil E. Hodges
39ebb64b85 Added proper enabling and disabling of sending RTs to Twitter. 2016-03-21 07:12:52 -07:00
Mikael Nordfeldth
14cb2d5398 Merge branch 'master' into mmn_fixes 2016-03-21 12:27:04 +01:00
Mikael Nordfeldth
afdd6d39ec Some Google stuff that need to be there (or comments)
Note that these won't be shown to the enduser and will never be accessed automatically.

We should put the salmon-protocol stuff on ostatus.org
2016-03-21 12:25:04 +01:00
Mikael Nordfeldth
b4cbf620ab woops, accidentally deleted updates-from rel on mass Google-deletion 2016-03-21 12:13:01 +01:00
Mikael Nordfeldth
1ebd4f342e woops, accidentally deleted updates-from rel on mass Google-deletion 2016-03-21 12:12:24 +01:00
Mikael Nordfeldth
241b965715 oEmbed CSS file 2016-03-21 03:12:24 +01:00
Mikael Nordfeldth
980085a8a3 Merge branch 'master' of git.gnu.io:gnu/gnu-social into mmn_fixes
Conflicts:
	plugins/Minify/extlib/minify/README.txt
	plugins/Minify/extlib/minify/UPGRADING.txt
	plugins/Minify/extlib/minify/min/README.txt
	plugins/Minify/extlib/minify/min/builder/index.php
	plugins/Minify/extlib/minify/min/lib/JSMin.php
	plugins/Minify/extlib/minify/min/lib/Minify.php
	plugins/Minify/extlib/minify/min/lib/Minify/CSS.php
	plugins/Minify/extlib/minify/min/lib/Minify/CSS/Compressor.php
	plugins/Minify/extlib/minify/min/lib/Minify/Controller/Page.php
	plugins/Minify/extlib/minify/min/lib/Minify/Packer.php
	plugins/Recaptcha/RecaptchaPlugin.php
2016-03-21 03:10:19 +01:00
Mikael Nordfeldth
50a10cf161 Minify is evil. 2016-03-21 03:02:22 +01:00
Mikael Nordfeldth
b7c4c960e2 Don't use default_port for irc schemes 2016-03-21 02:48:37 +01:00
Mikael Nordfeldth
e64c3a1d87 irc and ircs schemes for HTMLPurifier 2016-03-21 02:46:28 +01:00
Bob Mottram
11c57e7aee Remove Google References
This removes most references to Google, with some
remaining since they may point to things which are still
relevant. References to Google Code, Google Buzz and
Google Maps have been removed
2016-03-20 13:06:58 +00:00
Mikael Nordfeldth
365f3d2aa5 Full-content oEmbed html doesn't take up all space (and renders properly) 2016-03-17 12:58:40 +01:00
Mikael Nordfeldth
102f7ab059 oEmbed neatifying (inspired by Qvitter) 2016-03-17 00:31:45 +01:00
Mikael Nordfeldth
b2cfbded2e Upgrading from 1.1.x would make uri fields have length=255 2016-03-15 16:54:10 +01:00
Mikael Nordfeldth
f4833c6c91 More verbose salmon debugging 2016-03-15 16:53:19 +01:00
Mikael Nordfeldth
f32414dd93 Upgrading from 1.1.x would make uri fields have length=255 2016-03-15 16:52:57 +01:00
Mikael Nordfeldth
5ca2a28246 Make oEmbed handle our http/https setting better. 2016-03-10 14:20:21 +01:00
Mikael Nordfeldth
265fa12917 Relatively experimental change to store thumbnails in 'file/thumb/' (by default) 2016-03-07 22:33:34 +01:00
Mikael Nordfeldth
41b64cb8a3 static function declaration 2016-03-07 20:09:15 +01:00
Mikael Nordfeldth
6ec72b2978 Move mail_confirm_address out of mail.php 2016-03-06 17:27:40 +01:00
Mikael Nordfeldth
e9516ea4dd Allow gopher: scheme in link href 2016-03-06 03:39:34 +01:00
mmn
a9bdf761e8 Merge branch 'remote-media-blacklist-mk2' into 'nightly'
add server blacklist to StoreRemoteMedia plugin

allows server admins to block local storage of remote media from particular servers while still allowing a default policy of acceptance

See merge request !114
2016-03-03 20:17:23 +00:00
Saul St John
30e70c4697 update readme 2016-03-02 16:05:40 +00:00
Saul St John
43754c7f17 add blacklist to StoreRemoteMedia plugin 2016-03-02 15:41:17 +00:00
Mikael Nordfeldth
a262c16f06 Catch exception on delete of Confirm_address in a plugin 2016-03-02 15:37:47 +01:00
Mikael Nordfeldth
e4e0a39dad Only OStatus distribute if profile hasRight to PUBLICNOTICE 2016-03-02 12:42:09 +01:00
Mikael Nordfeldth
b4271a3533 Stricted typing + protected on FilteringNoticeStream->filter 2016-03-02 11:40:43 +01:00
Mikael Nordfeldth
9a89990293 Some changes since getFancyName() is longer with full acct: URI 2016-03-02 00:13:28 +01:00
Mikael Nordfeldth
63c087a255 Consistent behaviour for ScopingNoticeStream $scoped
We don't guess the current profile anymore if the value of the profile === -1

Also sets $this->scoped for all ScopingNoticeStream inheritors, which just
like in an Action can be null if we're not scoped in any way (logged in).
2016-03-01 14:51:47 +01:00
mmn
b9a11f8c21 Merge branch 'fix-author-fallback' into 'nightly'
Fix author fallback

Previously if there was no discernable author the nickname "Array"
would end up used.  This was a bug, obviously.  It is fixed now.

See merge request !111
2016-02-28 18:42:36 +00:00
Stephen Paul Weber
9dc4f13579 Fix author fallback
Previously if there was no discernable author the nickname "Array"
would end up used.  This was a bug, obviously.  It is fixed now.
2016-02-26 22:06:04 +00:00
Mikael Nordfeldth
12f1707a74 Ostatus_source filled no purpose whatsoever 2016-02-26 22:37:26 +01:00
Mikael Nordfeldth
b4dc060d75 Don't auto-silence other users by IP by default 2016-02-26 16:10:03 +01:00
mmn
dc51354316 Merge branch 'readme-plugins' into 'nightly'
Readme plugins

* Adds several plugin READMEs
  They are pretty basic, but it's a start.

* Changes status.net/wiki URLs to git.gnu.io
  The status.net wiki is dead.

See merge request !103
2016-02-26 12:32:42 +00:00
mmn
d500fb8598 Merge branch 'remove-openid' into 'nightly'
Fix: Cannot remove OpenID

OpenidsettingsAction::removeOpenID() was comparing and int with a string
so always displayed "That OpenID does not belong to you."

See merge request !107
2016-02-26 12:30:01 +00:00
Mikael Nordfeldth
4d17d95335 Try to get mime data before hashing (cpu intensive) 2016-02-25 22:31:45 +01:00
Mikael Nordfeldth
80f7a5f025 $metadata->thumbnail_url is not guaranteed to be set
We should probably have a separate class for this, so we can more
easily combine different technologies similar to oEmbed/OpenGraph.
2016-02-25 19:47:16 +01:00
Mikael Nordfeldth
4239c952d2 $metadata->thumbnail_url is not guaranteed to be set
We should probably have a separate class for this, so we can more
easily combine different technologies similar to oEmbed/OpenGraph.
2016-02-25 19:46:17 +01:00
Chimo
99f2aba6e1 Fix: Cannot remove OpenID
OpenidsettingsAction::removeOpenID() was comparing and int with a string
so always displayed "That OpenID does not belong to you."
2016-02-24 12:42:41 -05:00
Mikael Nordfeldth
e6f07d8554 Use in_array instead. Now we get third party responses to contextually interesting threads
I think this solves much of the "third party conversation" issues, assuming involved parties
are using modern GNU social instances.
2016-02-24 00:19:27 +01:00
Mikael Nordfeldth
31c9b2c1d8 Check the notice context for users in UsersalmonAction 2016-02-23 23:56:43 +01:00
Mikael Nordfeldth
9319033ff0 Properly attach activityobjects
For some reason they were written to ->object, which is incorrect as
we use the objects[] array (which usually just holds one entry though)
2016-02-23 23:50:57 +01:00
Mikael Nordfeldth
0eb5122817 Check that the user is in the context of a salmon slap 2016-02-23 23:42:41 +01:00
Mikael Nordfeldth
d672547112 getAliases should be only a list (numeric array) 2016-02-23 14:33:09 +01:00
Mikael Nordfeldth
e16f7d04a8 Let OpenID match against aliases (fix fancyurl stuff etc.) 2016-02-23 14:15:08 +01:00
Mikael Nordfeldth
b59dacb806 getAliases for Profile and Notice
Also move fancyurlfix into site-wide $config['fix']['fancyurls']

TODO: getByUri should make use of this directly I guess?
2016-02-23 14:00:59 +01:00
Mikael Nordfeldth
c67b89e56b Make WebFinger fancyurlfix configurable 2016-02-21 20:05:32 +01:00
Mikael Nordfeldth
ce803f6d06 WebFinger aliases with 'index.php/' 2016-02-21 20:00:07 +01:00
Mikael Nordfeldth
1edb1bbc17 Claim that we are the URL without index.php/ in webfinger response 2016-02-21 19:09:39 +01:00
Mikael Nordfeldth
0c17c32267 Let the WebFingerPlugin lookup profile resources with index.php/ too 2016-02-21 18:48:48 +01:00
Mikael Nordfeldth
b23cc7465f Keep a unique set of WebFingerResource aliases 2016-02-21 18:47:32 +01:00
Mikael Nordfeldth
ade4518ae4 Make the Link header give URI for WebFinger lookup 2016-02-17 22:36:33 +01:00
Mikael Nordfeldth
422d475e44 Differentiate two similar log warning messages 2016-02-17 21:57:52 +01:00
Mikael Nordfeldth
e2a090c9cc Use NoticeStream::filterVerbs for filtering in noticestreams 2016-02-14 20:46:13 +01:00
Mikael Nordfeldth
fbcca62ae1 listGet was not meant for that really 2016-02-13 01:19:47 +01:00
Mikael Nordfeldth
8ef2abf30b Render RegiserThrottle extra profile data properly 2016-02-13 01:16:34 +01:00
Mikael Nordfeldth
799c2e47fe Don't depend on ModLog 2016-02-13 01:10:01 +01:00
Mikael Nordfeldth
be35975b12 RegisterThrottle list-profiles-by-ip 2016-02-13 01:02:18 +01:00
Mikael Nordfeldth
557ad2d1fd Show user registration IP to users who can see ModLog 2016-02-13 00:51:43 +01:00
Mikael Nordfeldth
3cef75bcac Update the comment on silencing privileged users in ModHelper 2016-02-12 14:47:44 +01:00
Mikael Nordfeldth
7fdcbd56d5 XMPP URI scheme for HTMLPurifier 2016-02-11 21:31:50 +01:00
Mikael Nordfeldth
b9d35659c8 Stricter exception check 2016-02-10 04:43:30 +01:00
Mikael Nordfeldth
ec257d940a Either use or don't use HTTPS
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
2016-02-10 00:57:39 +01:00
Mikael Nordfeldth
eaa394ed7d bitcoin schema for HTMLPurifier 2016-02-08 20:20:31 +01:00
Chimo
a614205663 Add plugin READMEs 2016-02-08 17:48:37 +00:00
Chimo
2c5cba28b6 Change status.net/wiki URLs to git.gnu.io 2016-02-08 17:48:10 +00:00
Mikael Nordfeldth
ef5ed10eb9 Log failed captcha entries 2016-02-08 17:51:21 +01:00
Mikael Nordfeldth
cd71188d3a SimpleCaptcha plugin to stop basic bots 2016-02-08 17:47:09 +01:00
Mikael Nordfeldth
58e852f7f7 Use the -y parameter for ffmpeg/avconv to be non-interactive 2016-02-07 01:59:21 +01:00
Mikael Nordfeldth
6bec22ea4e Write to the tmp file in VideoThumbnails 2016-02-07 01:57:56 +01:00
Mikael Nordfeldth
25f623565a Catch http exception in StoreRemoteMedia 2016-02-07 01:54:37 +01:00
Mikael Nordfeldth
098c8b1df4 NoHttpResponseException extends HTTP_Request2_ConnectionException 2016-02-07 01:52:20 +01:00
Mikael Nordfeldth
55546a5aab Support ffmpeg and avconv depending on which you have 2016-02-07 01:02:59 +01:00
Mikael Nordfeldth
1f01356076 Fix issue #127 by catching exceptions
update-profile-data.php threw exceptions on http connection issues
2016-02-04 12:06:35 +01:00
Mikael Nordfeldth
90045d66ea HTMLPurifierSchemes plugin to allow geo and magnet URIs 2016-02-03 14:36:51 +01:00
Mikael Nordfeldth
367fc054dc Merge branch 'master' into mmn_fixes 2016-01-30 00:03:25 +01:00
Mikael Nordfeldth
a5c1b063fd isPerson did not exist for Ostatus_profile 2016-01-29 16:15:06 +01:00
Mikael Nordfeldth
689e277c62 Allow @localuser@mysite.example to be looked up as a mention 2016-01-29 16:06:16 +01:00
Mikael Nordfeldth
36f099958c Don't match @nickname on @nickname@server.com 2016-01-29 15:53:58 +01:00
Mikael Nordfeldth
fb7f572eed Purify oembed html (again)
For a commit or two we didn't do this, because htmLawed failed to filter
out CDATA javascript properly, but now we use HTML Purifier which works.
2016-01-28 19:02:16 +01:00
Mikael Nordfeldth
7e6783bb8f Replace htmLawed with HTMLPurifier 2016-01-28 19:01:13 +01:00
Mikael Nordfeldth
daea5647b6 Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes 2016-01-28 17:27:08 +01:00
mmn
9b3cbb373e Merge branch 'oembed_fb_wp_branch' into 'nightly'
Oembed: Fix UTF-8 bug and better wp&fb data (updated!)



See merge request !97
2016-01-28 16:26:33 +00:00
Mikael Nordfeldth
efe23ed404 updateWithKeys now understands multi-column keys
and automatically identifies _which_ columns are the right ones,
so for example 'uri' primary keys don't need to be explicitly set
2016-01-28 16:42:59 +01:00
hannes
05439831e7 add comment that DOMDocument('1.0', 'UTF-8') does not work 2016-01-28 15:32:11 +00:00
hannes
06e325d61b fixes two issues when the oembed thumbnail is blank 2016-01-28 15:19:29 +00:00
Mikael Nordfeldth
7c80c9a1f9 Meh, let's just remove FirePHP, I don't think anyone uses it 2016-01-28 13:48:44 +01:00
mmn
dfc11f99ad Merge branch 'update-extlib-firephp' into 'nightly'
Update FirefPHP Core to v0.4.0 released on 23 Apr 2013



See merge request !92
2016-01-28 12:41:34 +00:00
Mikael Nordfeldth
bb0cb9b3f6 Manual merge of !87 Update LDAP2 extlib to 2.2.0 (stable) released on 2015-10-30
Thanks postblue
2016-01-28 13:35:23 +01:00
mmn
c01982c917 Merge branch 'oembed_thumbnail_branch' into 'nightly'
add a thumbnail to oembed response

just something i added to quitim

See merge request !85
2016-01-26 21:09:07 +00:00
hannes
aa76e5863f don't mess upp charsets in oembed/og! check for utf-8 in http header and meta tags, and add prolog when loading html with DOMDocument() 2016-01-26 13:37:52 +00:00
hannes
b8d1e1f4a6 silence errors on these xpath queries 2016-01-26 11:28:24 +00:00
hannes
884aeb4d2e common_purify() doesn't remove wordpress' and facebook's javascript properly, maybe better to keep the data intact, and do strip_tags or something similar when using the data 2016-01-26 01:10:15 +00:00
hannes
473f893d04 detab 2016-01-26 01:07:44 +00:00
hannes
76c8139054 not pretty, but gives us better oembed data for wordpress and facebook 2016-01-26 01:05:53 +00:00
Roland Haeder
9614aba0e1
Removed plugin Google-Analytics as this is free/libre and decentralized
software and should not promote centralized proprietary software. Please see
the included Piwik plugin for a more decentralized alternative!

Signed-off-by: Roland Haeder <roland@mxchange.org>
2016-01-25 13:19:43 +01:00
postblue
fef52d7b51 Update FirefPHP Core to v0.4.0 released on 23 Apr 2013 2016-01-24 21:11:38 +01:00
Mikael Nordfeldth
ef005987a1 Did the OpportunisticQM fixes in the wrong order 2016-01-22 12:26:53 +01:00
Mikael Nordfeldth
1121b38eb1 use connect_timeout value for execution margin 2016-01-22 12:21:06 +01:00
Mikael Nordfeldth
81f9a59f25 use connect_timeout value for execution margin 2016-01-22 12:19:17 +01:00
hannes
d0e2f8745d add a thumbnail to oembed response 2016-01-21 18:48:30 +00:00
Mikael Nordfeldth
3f9c1c142a Removing unnecessary debug messages etc. 2016-01-21 02:49:34 +01:00
Mikael Nordfeldth
be1759f112 i18n 2016-01-21 02:37:07 +01:00
Mikael Nordfeldth
81bf0fd261 Various last fixes to RSVP I think 2016-01-21 02:20:57 +01:00
Mikael Nordfeldth
f74d2d555c Working on some RSVP code stuff 2016-01-21 02:10:34 +01:00
Mikael Nordfeldth
45b523bada Add xcal namespaces to location and url in event
Also, for fun, add stuff for RSS event module, see:
   http://web.resource.org/rss/1.0/modules/event/
2016-01-20 21:07:55 +01:00
Mikael Nordfeldth
21cc737f5c Cancelling RSVPs now seems to work. 2016-01-20 16:10:10 +01:00
Mikael Nordfeldth
64e74d527f Handle exceptions when salmon slapping
Make it so notifyDeferred actually _always_ throws exceptions and handle
them in the places it is called.
2016-01-20 15:32:39 +01:00
Mikael Nordfeldth
c393bc9563 In very specific circumstances we can bulkDistribute 0 notices
Seems to be what caused an infinite loop on quitter.es, or I guess so anyway.
2016-01-20 15:32:29 +01:00
Mikael Nordfeldth
912d65c767 bulkDistribute won't add empty lists to database 2016-01-20 15:32:24 +01:00
Mikael Nordfeldth
fa8e02b832 Handle exceptions when salmon slapping
Make it so notifyDeferred actually _always_ throws exceptions and handle
them in the places it is called.
2016-01-20 14:56:24 +01:00
Mikael Nordfeldth
80dc2788dd Started fiddling with CancelRSVP but more must be done
Remember to make event_uri be the selector for CancelRSVPForm and
preferrably even merge it into RSVPForm!
2016-01-19 01:41:06 +01:00
Mikael Nordfeldth
477d71c0bf RSVP stuff, mostly forms.
Now fix CancelRSVP stuff so it gets by event_uri and can cancel existing RSVP.
2016-01-19 01:33:09 +01:00
Mikael Nordfeldth
84dda697d6 RSVPs seem to be created now, just gotta fix CancelrsvpAction 2016-01-19 01:10:06 +01:00
Mikael Nordfeldth
73992a1ed8 Use "newer" terminology and throw exceptions 2016-01-19 00:21:16 +01:00
Mikael Nordfeldth
9eea255c79 Save with options so we get source=web 2016-01-19 00:08:31 +01:00
Mikael Nordfeldth
358684a5ed end_str, not start_str 2016-01-19 00:01:30 +01:00
Mikael Nordfeldth
385705c65b Events get rendered. 2016-01-18 23:58:32 +01:00
Mikael Nordfeldth
cae344b67b Events are now saved but not displayed properly again 2016-01-18 20:57:44 +01:00
Mikael Nordfeldth
486a02d60d First steps on making NeweventAction a FormAction
Also saving new Happening objects via Notice::saveActivity
2016-01-18 18:42:42 +01:00
Mikael Nordfeldth
6dc0477c00 Let the remote side know the Salmon was accepted (sorta) 2016-01-16 22:39:59 +01:00
Mikael Nordfeldth
deda83fdef Distinguish notice saving errors from others for Salmon 2016-01-16 22:39:04 +01:00
Mikael Nordfeldth
0797ee0871 EmptyIdException doesn't carry ->obj 2016-01-16 21:12:53 +01:00
Mikael Nordfeldth
c559b8ce2a bulkDistribute won't add empty lists to database 2016-01-16 17:34:27 +01:00
Mikael Nordfeldth
f53ebdeadb Start handling salmon entries directly with Notice::saveActivity
More to come...
2016-01-16 17:25:29 +01:00
Mikael Nordfeldth
2b67b53112 In very specific circumstances we can bulkDistribute 0 notices
Seems to be what caused an infinite loop on quitter.es, or I guess so anyway.
2016-01-16 17:18:14 +01:00
mmn
44c10bb2aa Merge branch 'oembed_branch' into 'nightly'
purify oembed html and don't allow cdata

hopefully we never need stuff in cdata

reason for this is that this link serves javascript in its oembed data: https://www.maketecheasier.com/switch-windows-10-to-linux/

see:
https://www.maketecheasier.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.maketecheasier.com%2Fswitch-windows-10-to-linux%2F

i don't feel we want that in our database.  

See merge request !79
2016-01-15 13:11:35 +00:00
Mikael Nordfeldth
2af9de4f23 Minor fixes in Linkback plugin 2016-01-14 19:14:24 +01:00
Mikael Nordfeldth
0caf0612d0 Make Twitter Media upload API v1.1 reach us
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
Mikael Nordfeldth
2f1bfe126b Debug message formatting gone wrong 2016-01-14 13:52:11 +01:00
Mikael Nordfeldth
59e75ef966 Incorrect use of getByHashKey in HubSub 2016-01-14 13:15:31 +01:00
Mikael Nordfeldth
f092026541 Documentation fix from master 2016-01-14 13:11:27 +01:00
Mikael Nordfeldth
bacd49a6a8 Don't try to replace http with https if https already exists 2016-01-14 13:06:37 +01:00
Björn Schießle
b7c849b5b0 array need to contain key/value pairs 2016-01-14 12:39:39 +01:00
Mikael Nordfeldth
83cb1dfa68 Salmon debugging 2016-01-14 03:48:41 +01:00
Mikael Nordfeldth
53339ff463 Fake oEmbed version in OpenGraph return object 2016-01-14 02:09:12 +01:00
Mikael Nordfeldth
cf7d2f4d0f Salmon queue handler getByID for exception throwing 2016-01-14 01:51:00 +01:00
Mikael Nordfeldth
0482b7de8e Debugging by indexing callback column in HubSub 2016-01-13 22:57:42 +01:00
Mikael Nordfeldth
24d9d76644 OpenGraph image/thumbnail width and height 2016-01-13 22:07:39 +01:00
Mikael Nordfeldth
adba38ce20 Deleted_notice is pluginified, don't call directly from core 2016-01-13 21:29:23 +01:00
Mikael Nordfeldth
45dd343126 Eventify Notice getAsTimestamp (for Deleted_notice) 2016-01-13 21:01:47 +01:00
Mikael Nordfeldth
8ab98b72ac getLeaseRemaining for FeedSub too 2016-01-13 20:01:00 +01:00
Mikael Nordfeldth
377947c57f s/getLease/getLeaseTime/ just to be a bit more clear 2016-01-13 19:55:17 +01:00
Mikael Nordfeldth
1d26fedf12 Don't store lease seconds, just sub start and end
The seconds can always be calculated from the dates!
2016-01-13 19:45:20 +01:00
Mikael Nordfeldth
494746e665 Minor PuSH comment and debug stuff 2016-01-13 19:25:39 +01:00
Mikael Nordfeldth
a5fd4fde25 Request a month long sub lease by default 2016-01-13 19:24:07 +01:00
Mikael Nordfeldth
b38a789005 HubSub didn't save sub start and end datetimes 2016-01-13 19:23:34 +01:00
hannes
ee305891c4 purify oembed html 2016-01-13 16:03:38 +00:00
Mikael Nordfeldth
5c262a788d Unused, unnecessary and intrusive cookie/storage removed! 2016-01-13 15:22:28 +01:00
Mikael Nordfeldth
3720e37f06 property attribute could be null in meta tags of course 2016-01-13 14:24:00 +01:00
Mikael Nordfeldth
99da1ebe41 Catch NoHttpResponseException when using HTTPClient 2016-01-13 14:17:49 +01:00
Mikael Nordfeldth
3ed632decf NoHttpResponseException needed instead of HTTP_Request2_Exception
HTTP_Request2_Exception assumed an HTTP response status code/line
2016-01-13 14:08:48 +01:00
Mikael Nordfeldth
e75472f460 Use the upstream function to get effectiveUrl 2016-01-13 14:00:05 +01:00
Mikael Nordfeldth
3658774429 Super-basic OpenGraph image preview support, "works for me" 2016-01-12 15:29:03 +01:00
Mikael Nordfeldth
f4feef477b Don't follow redirects on PuSH POST. 2016-01-12 14:32:28 +01:00
Mikael Nordfeldth
c826fe0af4 $target was klantigtly copied from another debug message 2016-01-11 20:10:38 +01:00
Mikael Nordfeldth
bd6efa0e45 Update PuSH callback URL if remote side switched to HTTPS
See the comment in the source on why we're not following Location headers...
2016-01-11 19:55:02 +01:00
Mikael Nordfeldth
f24cdf4a80 Much more logging in PushHubAction (OStatus) 2016-01-11 19:54:05 +01:00
Mikael Nordfeldth
8acf930c45 OpportunisticQM matches against _system_ max_execution_time
Probably never runs if max_execution_time is 0. I'll handle that later.
2016-01-11 13:35:29 +01:00
Mikael Nordfeldth
b13f8df79b HTTPClient would return null instead of exception
This caused $response->isOK() tests to call a function on a non-existing object, causing all hell to break loose.
2016-01-11 02:36:59 +01:00
Mikael Nordfeldth
e498bc6b7b Control OpportunisticQM verbosity 2016-01-10 00:51:25 +01:00
Mikael Nordfeldth
7fbf72f9c1 Minor changes to OpportunisticQM for debugging 2016-01-10 00:48:04 +01:00
Mikael Nordfeldth
42dff2742a Put salmon slaps in queues before pushing user Atom feed 2016-01-10 00:29:32 +01:00
Mikael Nordfeldth
c3c5a9974d Do proper fromUri lookup on groups too 2016-01-09 14:36:47 +01:00
Mikael Nordfeldth
fbec7c4e75 Issue #121 - use correct Group ID and strict User_group typing 2016-01-09 14:06:50 +01:00
Mikael Nordfeldth
4e0ed61f7c OStatus queue handler uses Notice->getAttentionProfiles()
and lots more debugging for LOG_DEBUG
2016-01-08 01:31:47 +01:00
Mikael Nordfeldth
c48871cf1b Notice from web now saves context->attention too! ;) 2016-01-07 23:24:15 +01:00
Mikael Nordfeldth
d4be5349b3 think I have managed to show oEmbed images better now 2016-01-07 17:35:37 +01:00
Mikael Nordfeldth
9e5c71e701 Fixed group representation in Directory plugin, also some ->raw calls 2016-01-07 12:58:14 +01:00
Mikael Nordfeldth
c02f23e63f Return Profile objects from getGroups in GroupdirectoryAction 2016-01-07 12:35:52 +01:00
Mikael Nordfeldth
e7308b0ecb Max execution time margin for OpportunisticQM
I guess it could continue a bit too long in case it got a really long
(failing, timeouting) HTTP request just before max_execution_time hit.
2016-01-07 11:58:09 +01:00
Mikael Nordfeldth
1a1e44cdfd Issue #118 wanted better TOR support, now Avatar URLs are not stored
There was no reason to store the generated Avatar URLs because it's so
cheap to generate them on the fly.
2016-01-06 16:14:26 +01:00
Mikael Nordfeldth
b596391fcd Avoid having to check for notices without rendered copies in upgrade.php
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Mikael Nordfeldth
0fd2ad649e Conversation IDs (again) no longer based on Notice ID 2016-01-06 13:58:46 +01:00
mmn
2c5460eb0e Merge branch 'openid-plugin' into 'nightly'
OpenID plugin: 'openid_only' should be 'openidonly'

To match everywhere else.

See merge request !72
2016-01-05 23:28:28 +00:00
Mikael Nordfeldth
9a75778b29 If there's no Happening, we can't use the RSVP. 2016-01-05 15:00:34 +01:00
Mikael Nordfeldth
3471213d1c processFeed would abort on certain errors where findLocalObject failed 2016-01-05 15:00:07 +01:00
Mikael Nordfeldth
ab93bb009c XSS vulnerability when remote-subscribing
->raw was used on non-filtered strings for some reasons, changed
to ->text.
2016-01-05 12:15:50 +01:00
Chimo
bf0df016e5 OpenID plugin: 'openid_only' should be 'openidonly'
To match everywhere else.
2016-01-04 10:36:05 -05:00
Mikael Nordfeldth
f7a1c8a94c The $options array isn't used here 2016-01-04 01:48:54 +01:00
Mikael Nordfeldth
34b25e6afc Use EmptyIdException in Fave deletion try-catch 2016-01-03 22:57:28 +01:00
Mikael Nordfeldth
bda30a92bc Fave deletion would fail in some cases with missing profiles or notices 2016-01-03 22:35:49 +01:00
Mikael Nordfeldth
7df8a6b731 This version of the EventPlugin won't work with StatusNet any longer 2016-01-03 16:23:44 +01:00
Mikael Nordfeldth
95d415257a Merge branch 'nightly' into singpolyma/gnu-social-events-saveObjectFromActivity
Conflicts:
	plugins/Event/EventPlugin.php
	plugins/Event/classes/RSVP.php

I just fixed 'em with magic!
2016-01-03 13:08:34 +01:00
Mikael Nordfeldth
336f099241 Don't store object type for verbs (as they don't have it) 2016-01-02 16:05:20 +01:00
Mikael Nordfeldth
e02c10a589 common_render_content doesn't require a Profile now 2016-01-01 18:40:58 +01:00
Mikael Nordfeldth
4fc2b2584b RSVPs refer to Happening (event) by URI instead of ID now 2015-12-31 19:23:05 +01:00
Mikael Nordfeldth
34ce2f6cfa minor happening changes 2015-12-31 18:08:12 +01:00
Mikael Nordfeldth
f6df44ea85 Handle feed imports with exceptions better 2015-12-31 15:05:35 +01:00
Mikael Nordfeldth
7f1ce07e9f Logging destinations and unnecessary debug 2015-12-31 13:00:20 +01:00
Mikael Nordfeldth
fab745c6d6 Exception throwing and proper db retrieval
ActivityModeration plugin and its Deleted_notice class.
2015-12-31 12:42:33 +01:00
Mikael Nordfeldth
5ba6be1a87 Deleted_notice had a superfluous field 2015-12-31 12:33:59 +01:00
Mikael Nordfeldth
6772d991ae Only provide Notice oEmbed data for local notices 2015-12-31 01:55:18 +01:00
Mikael Nordfeldth
bceece3bb9 issue #93 2015-12-30 18:03:45 +01:00