Commit Graph

1957 Commits

Author SHA1 Message Date
Brion Vibber
d0d39b51b8 Fixes for RegisterThrottle plugin: alt registration methods (OpenID, FBConnect, Twitter) weren't triggering the throttle check or recording of IPs.
Added StartRegistrationTry/EndRegistrationTry calls into those three, and moved the actual recording hook to EndUserRegister which is guaranteed to be called from User::register (so we don't need to worry about other auth methods forgetting to call the other UI-code hooks).
2011-01-05 12:28:02 -08:00
Brion Vibber
46123e3754 *cough* don't commit the code that breaks your code that you used to test the debug code :D 2010-12-20 13:06:58 -08:00
Brion Vibber
a4e2f38356 Slightly fancier debug code for PuSH hmac mismatches -- save the post to a temp file if feedsub/debug is on in config. 2010-12-20 13:05:17 -08:00
Brion Vibber
dd48bdb1c4 Logging helper for bogus hmacs on PuSH in -- record the url & hub with the err msg to help tell what broke 2010-12-20 10:48:02 -08:00
Brion Vibber
39cad55711 TwitterBridge: partial merge of id_str usage from 0.9.x for improved 32-bit and pre-5.2.10 compatibility. (on 64-bit in 5.2.6 we can pull the integer IDs, but silently lose some precision on the end.)
Fixes for Twitter bridge breakage on 32-bit servers. New "Snowflake" 64-bit IDs have become too big to fit in the integer portion of double-precision floats, so to reliably use these IDs we need to pull the new string form now.
Machines with 64-bit PHP installation should have had no problems (except on Windows, where integers are still 32 bits)

Conflicts:

	plugins/TwitterBridge/twitterimport.php <- as this hasn't been broken out, the import code is NOT FULLY UPDATED HERE.
2010-12-13 12:13:24 -08:00
Brion Vibber
516161213f Tweak to PiwikAnalytics plugin to help browsers to pre-load piwik.js, may shave a little off load time.
Piwik's current default recommended JS for loading creates a <script> tag via document.write(). In addition to being generally evil, this means the browser doesn't know it's going to need piwik.js until that chunk of script gets executed... which can't happen until all scripts referenced *before* it have been loaded and executed.

The only reason for that bit of script though seems to be to pick 'http' or 'https' depending on the current page's scheme. This can be done more simply by using a protocol-relative link (eg "//piwik.status.net/piwik.js"), which the browser will resolve as appropriate. Since it's now sitting in the <script> tag, the browser's lookahead code will now see it and be able to start loading it while earlier things are parsing/executing.
May be better still to move to an asynchronous load after DOM-ready, but I'm not sure if that'll screw with the analytics code (eg, not being able to start things on the DOM-ready events since they're past).
2010-12-08 17:39:04 -08:00
Brion Vibber
26bd15ec0a Mapstraction plugin: use minified sources for OpenLayers
The default full build of OpenLayers.js is 943kb as of 2.10; this gzips down to a couple hundred kb
but is still rather nasty, plus loading it off a remote host could slow things down.

Using a local copy let us cut down the size significantly by discarding unused features, and further
minification with yui-compressor shaves a bit more off. Cuts down to about 1/5 the size of the
original.

Also threw in a bundled & minified copy of the Mapstraction classes plus our usermap.js,
which covers the common case of using the default OpenLayers provider. This cuts out three
additional script loads, two of which weren't getting launched until after the mxn.js main
file got loaded.
2010-12-08 14:54:02 -08:00
Brion Vibber
fb315c6f61 Create a bundled & minified JS file for Mapstraction's common case (using OpenLayers); this'll avoid waiting on additional script loads for mxn.core.js and mxn.openlayers.core.js, and removes the need to load usermap.js separately as well. 2010-12-08 14:52:26 -08:00
Brion Vibber
34569017ce Add stripped and minified local copy of OpenLayers 2.10, about 1/5 the size of the full version.
Included Makefile will recreate the OpenLayers.js using the statusnet.cfg strip configuration file
and yui-compressor to do some extra minification at the end. Requires fetching the OpenLayers
source download and dropping it in:

http://openlayers.org/download/OpenLayers-2.10.tar.gz
2010-12-08 14:28:55 -08:00
Brion Vibber
db4d69f099 Quick hack to discard twitter broadcast queue items on failure *IF* config option 'twitter' 'ignore_errors' is on:
$config['twitter']['ignore_errors'] = true;

A longer-term solution is to patch up the indirect retry handling to count retries better, or delay for later retry sensibly.
2010-12-07 12:11:37 -08:00
Brion Vibber
b4fc54c308 Flush router cache when saving Twitter admin settings: adding/removing keys can enable/disable some actions. This avoids having users' Twitter settings unreachable after adding your keys to an installation with TwitterBridge on but not pre-configured. 2010-11-30 12:46:33 -08:00
Brion Vibber
bcccbd6d8a BitlyPlugin: fix for shortening URLs containing ampersand (&) 2010-11-30 12:40:23 -08:00
Brion Vibber
c0ce953288 Update doc comment for Awesomeness plugin 2010-11-22 12:39:38 -08:00
Brion Vibber
5ad06e80b6 Tweak regex in Awesomeness plugin 2010-11-22 12:38:47 -08:00
Jeroen De Dauw
7e173f5db8 Added Awesomeness extension 2010-11-20 15:14:12 +01:00
Brion Vibber
94f2f96f2e Ticket #2724: gracefully handle attempts to delete or fave/unfave a remote Twitter notice if a failure occurs.
Most annoying error case being where the notice was already faved or deleted on Twitter! :)
Such errors will now just fail out and log a note to the syslog -- the rest of what we were doing will continue on unhindered, so you can still delete, favorite, etc and it just won't sync the info over in that case.
2010-11-19 15:51:08 -08:00
Brion Vibber
54de6d3260 Forgot to commit the JS for ModPlus. :) 2010-11-15 17:45:58 -08:00
Brion Vibber
25170f272c visual cleanup on ModPlus remote profile info popup menu 2010-11-15 17:32:33 -08:00
Brion Vibber
fdcaac3653 Tweak remote profile action: hide stats from sidebar, tweak wording on remote notice 2010-11-15 16:38:18 -08:00
Brion Vibber
5fdcba472b RemoteProfileAction cleanup:
- meta robots to prevent spidering
- a little notice if silenced
2010-11-15 16:12:16 -08:00
Brion Vibber
88c35c2cce visual tweaks for RemoteProfileAction 2010-11-15 15:57:57 -08:00
Brion Vibber
16f1c764c0 RemoteProfileAction: redirect to the regular user profile page if given a local user. 2010-11-15 15:40:07 -08:00
Brion Vibber
0e763b4902 Stub RemoteprofileAction to show the standard profile header stuff for offsite users -- provides a way to get at the mod & block controls for remote users. 2010-11-15 15:34:12 -08:00
Brion Vibber
227d4b6889 Stub ModPlus plugin: will hold experimental UI improvements for mod actions 2010-11-15 14:15:41 -08:00
Brion Vibber
6291e8201f Fix for failure edge case in TwitterBridge outgoing repeat/retweets.
When the retweet failed with a 403 error (say due to it being a private tweet, which can't be retweeted) we would end up mishandling the return value from our internal error handling.
Instead of correctly discarding the message and closing out the queue item, we ended up trying to save a bogus twitter<->local ID mapping, which threw another exception and lead the queue system to re-run it.

- Fixed the logic check and return values for the retweet case in broadcast_twitter().
- Added doc comments explaining the return values on some functions in twitter.php
- Added check on Notice_to_status::saveNew() for empty input -- throw an exception before we try to actually insert into db. :)
2010-11-12 13:06:41 -08:00
Evan Prodromou
b6af5a25ba don't try to initialize the mapstraction canvas if it doesn't exist 2010-11-12 11:48:17 -05:00
Siebrand Mazeland
456f4a6573 Localisation updates from http://translatewiki.net 2010-10-29 01:21:42 +02:00
Brion Vibber
48492600a8 Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-28 00:15:59 +00:00
Brion Vibber
e43553a3d9 Tweak for OAuth headers not seen in $_SERVER 2010-10-28 00:14:45 +00:00
Siebrand Mazeland
035b4949fd Merge branch '0.9.x' of git://gitorious.org/statusnet/mainline into 0.9.x 2010-10-28 01:59:45 +02:00
Siebrand Mazeland
7a564276a9 Localisation updates from http://translatewiki.net. 2010-10-28 01:58:43 +02:00
Brion Vibber
9e9b7b972c Merge branch 'instrument' into 0.9.x 2010-10-27 16:47:06 -07:00
Brion Vibber
ace655aecf ApiLogger plugin: dumps some information about API hits to aid in researching future HTTP-level cachability improvements.
Data are sent to the 'info' level of logging, like so:

  [lazarus.local:4812.86b23603 GET /mublog/api/statuses/friends_timeline.atom?since_id=1353]
       STATLOG action:apitimelinefriends method:GET ssl:no query:since_id cookie:no auth:yes
       ifmatch:no ifmod:no agent:Appcelerator Titanium/1.4.1 (iPhone/4.1; iPhone OS; en_US;)

Fields:
* action:  case-normalized name of the action class we're acting on
* method:  GET, POST, HEAD, etc
* ssl:     Are we on HTTPS? 'yes' or 'no'
* query:   Were we sent a query string? 'yes', 'no', or 'since_id' if the only parameter is a since_id
* cookie:  Were we sent any cookies? 'yes' or 'no'
* auth:    Were we sent an HTTP Authorization header? 'yes' or 'no'
* ifmatch: Were we sent an HTTP If-Match header for an ETag? 'yes' or 'no'
* ifmod:   Were we sent an HTTP If-Modified-Since header? 'yes' or 'no'
* agent:   User-agent string, to aid in figuring out what these things are

The most shared-cache-friendly requests will be non-SSL GET requests with no or very predictable
query parameters, no cookies, and no authorization headers. Private caching (eg within a supporting
user-agent) could still be friendly to SSL and auth'd GET requests.

We kind of expect that the most frequent hits from clients will be GETs for a few common timelines,
with auth headers, a since_id-only query, and no cookies. These should at least be amenable to
returning 304 matches for etags or last-modified headers with private caching, but it's very
possible that most clients won't actually think to save and send them. That would leave us expecting
to handle a lot of timeline since_id hits that return a valid API response with no notices.

At this point we don't expect to actually see if-match or if-modified-since a lot since most of our
API responses are marked as uncacheable; so even if we output them they're not getting sent back to
us.

Random subsampling can be enabled by setting the 'frequency' parameter smaller than 1.0:

  addPlugin('ApiLogger', array(
    'frequency' => 0.5 // Record 50% of API hits
  ));
2010-10-27 16:43:38 -07:00
Siebrand Mazeland
d0bbd343f0 i18n/L10n updates and superfluous whitespace removed. 2010-10-28 01:35:40 +02:00
Siebrand Mazeland
04fcfeaf6f * Superfluous whitespace removed.
* i18n review (no changes needed).
2010-10-28 01:23:57 +02:00
Evan Prodromou
5d56d9bb69 UI on profile settings page to opt out of following everyone 2010-10-26 15:33:35 -04:00
Evan Prodromou
7a80ebeb13 flag to let users opt out of following everyone 2010-10-26 15:21:30 -04:00
Evan Prodromou
e5a3b973b8 Plugin to follow all new users by default 2010-10-26 15:10:18 -04:00
Evan Prodromou
22633a5af6 can't subscribe to blacklisted domains/users 2010-10-26 11:48:27 -04:00
Evan Prodromou
bec00094a7 Blacklist plugin checks PuSH and Salmon notices 2010-10-26 11:20:43 -04:00
Siebrand Mazeland
1545c1228b Localisation updates from http://translatewiki.net. 2010-10-23 20:50:55 +02:00
Siebrand Mazeland
3329685beb * onPluginVersion added.
* i18n fix: use _m() in plugins, don't use _()
* some translator documentation added.
* superfluous whitespace removed.
2010-10-23 19:23:25 +02:00
Brion Vibber
e292d8fb65 Fix for 140-char replies being unexpectedly cropped when bridged to Twitter.
This drops the '@' -> ' @' hack for CURL meta-chars in outgoing Twitter bridge, added in commit 04b95c25 back in the day.
The Twitter bridge has since been switched from using direct CURL calls to using HTTPClient, which even with the CURL backend enabled doesn't trigger this issue, as POST parameters are formatted directly.
Prepending the space before we did the message cropping was leading to 140-char messages getting cropped unnecessarily, which was confusing:

Examples of broken messages:
http://identi.ca/notice/57172587 vs http://twitter.com/marjoleink/status/28398050691
http://identi.ca/notice/57172878 vs http://twitter.com/marjoleink/status/28398492563
2010-10-22 12:10:11 -07:00
Brion Vibber
6841a8d093 RegisterThrottlePlugin tweak for silencing checks: make sure we don't crash during registration if another profile registered from this address has been since deleted.
Followup to commit 1caa08429f
2010-10-22 11:07:19 -07:00
Evan Prodromou
1caa08429f Collective guilt for registrants from the same IP address
If someone tries to register from an IP address that a silenced user
has registered from, prevent it.

When silencing someone, silence everyone else who registered from the
same IP address.
2010-10-22 13:29:51 -04:00
Evan Prodromou
07bc50eaed Merge branch 'bettercachelog' into 0.9.x 2010-10-22 09:25:13 -04:00
Evan Prodromou
e1e79e6236 Merge remote branch 'gitorious/0.9.x' into 0.9.x 2010-10-22 09:24:49 -04:00
Evan Prodromou
2484d8edc2 more detailed information in cachelogplugin 2010-10-22 09:24:19 -04:00
Zach Copley
131c339c5a Pass OAuth authorize page's mode paramater to OpenID plugin so it can create a correct
returnto URL
2010-10-22 02:08:38 +00:00
Zach Copley
0b134d3e69 Re-camelcase ApiOauthAuthorizeAction so it will be accessible when
a site is in pivate mode
2010-10-21 18:15:11 -07:00