Mikael Nordfeldth
45dc76de26
File and File_redirection adhoc storage methods updated for urlhash
2015-02-19 19:05:24 +01:00
Mikael Nordfeldth
66df043c19
Add php5-intl dependency to Installer class
2015-02-18 00:47:00 +01:00
Mikael Nordfeldth
0deaf6c50c
use common_purify to purify HTML, one function to rule them all
2015-02-18 00:14:28 +01:00
Mikael Nordfeldth
3dce6d9f6a
Implement a common_purify for htmLawed and more
...
We're removing unicode formatting characters as well, such as RTL marks.
For more info on why we're because extra cautious (but may accept the
characters in later versions) you can read:
https://blog.malwarebytes.org/online-security/2014/01/the-rtlo-method/
2015-02-18 00:10:31 +01:00
Mikael Nordfeldth
7ba7f43199
Don't linkify bare domains by default
...
It's too farfetched to assume any text.com in a notice is an HTTP URL.
For example stuff like pasting from log entries, with domain.com:1234
where 1234 is a _PID_ or something, not a port number for http://...
2015-02-17 20:54:32 +01:00
Mikael Nordfeldth
c31c2d10b9
PHP>=5.4.0 lets us use Transliterator, tags now asciified!
...
For example: #REVOLUCIÓN becomes #revolucion instead of #revolución
2015-02-17 20:17:22 +01:00
Mikael Nordfeldth
6cdedf6049
Replace $this->user/auth_user with $this->scoped in lib/apiaction.php
...
We prefer handling a Profile class rather than the User class, as some
functions might be useful for remote users as well, which cannot be
handled via the User class.
2015-02-17 17:16:33 +01:00
Chimo
fb03fc073a
ApiTimelineList: Fixes ServerErrorAction
...
"No matches for action 'ApiTimelineList' with arguments 'format=atom
id=1'"
for 'api/:user/lists/:id/statuses.:format' URLs
2015-02-15 16:00:23 -05:00
Mikael Nordfeldth
b6b9036821
StartSubMenu and EndSubMenu events
2015-02-14 17:32:35 +01:00
Mikael Nordfeldth
dc0b62f636
Merge commit 'refs/merge-requests/45' of https://gitorious.org/social/mainline into merge-requests/45
2015-02-14 16:45:04 +01:00
buttle
9a8ccbaef2
Call HomeStubNav instead of duplicating code
...
adminpanelnav.php adds a homeStub but does not use the code created for the job.
2015-02-13 16:38:22 +01:00
buttle
d0347bb98f
Removing home stub if empty
...
Added an Event HomeStubNavItems
menu->subMenu() returns false if empty
2015-02-13 16:26:41 +01:00
Mikael Nordfeldth
b3e80f5c32
Updated README.md and framework.php
2015-02-13 12:09:12 +01:00
Mikael Nordfeldth
6620ad793a
Deja vu of user->getProfile() from 4f9b70d
2015-02-13 11:55:37 +01:00
Mikael Nordfeldth
4f9b70d51f
Profile expected in Notice::asActivity from UAS
2015-02-13 11:41:21 +01:00
Mikael Nordfeldth
a063bb43a8
EndSetApiUser will always contain a User
2015-02-13 01:19:59 +01:00
Mikael Nordfeldth
2f86cd8602
utf8mb4 conversion on database with index adjusts
2015-02-12 18:18:55 +01:00
buttle
2a0a0287d4
Added EVENT to homestubnav
...
Changed menu->submenu(). if (! $menu->getItems()) then do nothing
2015-02-10 19:20:01 +01:00
Mikael Nordfeldth
c6b1b3e5e3
Merge commit 'refs/merge-requests/30' of https://gitorious.org/social/mainline into merge-requests/30
2015-02-08 23:19:53 +01:00
Mikael Nordfeldth
4c9a74cb12
ROLLBACK which may or may not be useful
...
There were problems with queries that were executed but didn't seem to
be committed. Trying to patch that up by calling a ROLLBACK on transactions
where the loading of the page isn't stopped after the BEGIN statement's
intended function fails (like with the rememberme cookie in this commit).
2015-02-08 11:09:19 +01:00
Mikael Nordfeldth
a89e91da79
By default, don't allow nick changes for profiles
...
This goes for both users and groups, since they share nickname namespace.
If you want to enable nickname changes, just add this to your config:
$config['profile']['changenick'] = true;
This commit should cover all changes in our usual web forms as well as through
the API.
2015-02-04 21:25:14 +01:00
Mikael Nordfeldth
5155854339
HTMLOutputter input element can take arbitrary attributes now
2015-02-04 20:52:10 +01:00
Mikael Nordfeldth
f0a707cfc6
A single user instance also has the same URLs as multiuser instances
2015-02-04 16:47:43 +01:00
Mikael Nordfeldth
6a4cb43f67
showstream for singleuser instance too
...
singleuser instances shouldn't be too special and have too many
alternative methods of doing stuff.
2015-02-03 22:33:01 +01:00
Mikael Nordfeldth
660e8c6efc
Fave::addNew now calls Notice::saveActivity
...
as a bonus we've fixed several FIXME issues for favorite email notification
and updated parts of the codebase for these activities to a more modern style.
2015-02-03 16:34:11 +01:00
Mikael Nordfeldth
e41d324a53
NoticeStream already handles "getNotices"
2015-02-03 12:12:11 +01:00
Mikael Nordfeldth
40416c2c69
Don't email users who are sandboxed
...
If sandboxed or silenced, don't email the user any notifications.
2015-02-03 11:41:20 +01:00
Mikael Nordfeldth
fdae6f0fb3
neo-gnu is now default-theme. perty.
2015-02-02 18:22:59 +01:00
Mikael Nordfeldth
f05f701764
HTML5 placeholder for notice input form.
2015-02-01 21:35:25 +01:00
Mikael Nordfeldth
c7dd595984
Run onEndSetApiUser also when already logged in!
2015-01-31 16:02:01 +01:00
Mikael Nordfeldth
4c14794cae
ApiTimelineNetworkPublicAction available now
...
Feeds added in NetworkpublicAction too.
2015-01-29 23:01:53 +01:00
Mikael Nordfeldth
dfdfe4143a
Set siteprofile default values for config public/localonly
2015-01-29 20:49:19 +01:00
Mikael Nordfeldth
4daa2e4644
Use 'StartpageAction' to determine what to show on /
2015-01-29 20:48:49 +01:00
Mikael Nordfeldth
a5d27d9ce7
/main/all will give a network-wide public stream
...
Qvitter had implemented this as a "PublicAndExternal" stream, but
I figured we might as well put it into the GNU social core.
2015-01-28 20:25:39 +01:00
Mikael Nordfeldth
eaaef2aec9
'zone' is a valid top domain
...
We should get another form of URL identifier for interpreting links on notices...
It was hard editing this line in vim even, because of wide, multibyte characters...
2015-01-27 15:07:00 +01:00
Mikael Nordfeldth
cc996f58db
Test in Ostatus_profile if avatar is an image before writing to filesystem
...
This clears one FIXME...
We also fix HTTPClient::quickGet() (and a related call in OStatus testfeed.php).
2015-01-27 14:00:39 +01:00
Mikael Nordfeldth
bcb6dadc9f
Corrected message in NoSuchGroupException
2015-01-27 13:37:35 +01:00
Mikael Nordfeldth
d140e135c0
Default textlimit for notices is now 1000 chars
2015-01-26 23:32:08 +01:00
Mikael Nordfeldth
67d09532dd
Improved animated image thumbnail freedom of choice
...
Default is now to take still thumbnails of animated GIFs and then
show them as originals in an AttachmentListItem. The still frames
are mostly used with front-ends like qvitter.
2015-01-26 16:33:39 +01:00
Mikael Nordfeldth
97812549b9
Unnecessarily spammy logs for getThumbnail()
...
When trying to create thumbnails for remote media that don't have the
filename field set, we got a lot of output in the debug log.
2015-01-26 01:16:28 +01:00
Mikael Nordfeldth
a8e613e508
Animated GIF restructuring, ImageMagick only used for resizing animated sequences.
2015-01-25 23:00:00 +01:00
Mikael Nordfeldth
2a7d45c986
No need for ImageMagick to detected animated GIF
2015-01-25 22:45:25 +01:00
Mikael Nordfeldth
4dd6d7869e
Maybe we can detect animated files in core
2015-01-25 22:11:46 +01:00
Mikael Nordfeldth
2b62077fc1
1.1.3-beta2
2015-01-25 02:43:29 +01:00
Mikael Nordfeldth
a9135080c3
barename wasn't used, let's rename it filename and use it
2015-01-25 02:27:02 +01:00
Mikael Nordfeldth
2dd1f3fe67
Default value for max thumbnail size increased
...
Because people have high resolution screens nowadays ;)
2015-01-23 15:04:54 +01:00
Mikael Nordfeldth
015e95829b
MediaFile->getFile() instead of accessing fileRecord
2015-01-23 14:46:47 +01:00
Mikael Nordfeldth
9f87359d04
Non-ajax file submissions should throw NoUploadedMediaException
2015-01-22 12:38:57 +01:00
Mikael Nordfeldth
964d13792b
ssl_verify_host option in config (default is true)
2015-01-22 12:21:57 +01:00
Mikael Nordfeldth
5c7ad2e031
Added a quickGet in HTTPClient
2015-01-22 12:16:01 +01:00
Mikael Nordfeldth
fac9f4e545
Merge branch 'nightly' of gitorious.org:social/mainline into nightly
2015-01-21 23:45:49 +01:00
Mikael Nordfeldth
9c5aa67a63
Enable AntiBrute by default.
2015-01-21 23:43:04 +01:00
Mikael Nordfeldth
8d7230a2b9
EndCheckPassword should run after Start even if pre-exited
...
StartCheckPassword can exit beforehand either with success or failure,
and we want EndCheckPassword to check for stuff like failed login attempts.
2015-01-21 22:31:05 +01:00
Mikael Nordfeldth
8b585ff647
MediaFile upload simplifying
2015-01-21 17:39:48 +01:00
Mikael Nordfeldth
b2d332c914
These were meant for lower classes
2015-01-18 21:13:52 +01:00
Mikael Nordfeldth
06c93faa2d
PHP BUG??? Cannot figure out why this throws warning
...
I kept getting this on "Quitter España" (which seems to be the name
causing the commotion, as it's part of this sprintf algorithm):
PHP Warning: sprintf(): Argument number must be greater than zero
in /srv/www/vhosts/quitter.es/%/htdocs/lib/action.php on line 1175
I'll just make it quiet for now so it doesn't spam other sites with
UTF-8 characters in their name (if that's what's causing this).
2015-01-18 12:52:33 +01:00
Mikael Nordfeldth
371f4b4874
A bit more readable code.
2015-01-18 01:43:30 +01:00
aroquen
e45c784451
Fix footer in plugins' notices.
...
Make it look like like normal notices. Footer element was missing.
2015-01-17 00:39:07 +01:00
Mikael Nordfeldth
8892702f0c
Initially hide input forms on the top
...
The status input element would attract focus after page load, meaning
if you'd scrolled down a bit then you would be rocketed back up again!
2015-01-16 11:19:22 +01:00
Mikael Nordfeldth
96f30dd924
version push, we've got some HTML/CSS changes
2015-01-16 01:12:19 +01:00
Mikael Nordfeldth
0193c7548f
RSS feed items did not get a type assigned
2015-01-15 21:13:21 +01:00
Mikael Nordfeldth
cbb7ec07a5
When called in offline queue, File::url was HTTP
...
Despite having the site configured "always" for HTTPS, File generated
thumbnails and such with HTTP urls.
2015-01-12 19:19:41 +01:00
Mikael Nordfeldth
c7df5594d0
Simplified by adding an abstract AtompubAction
2015-01-12 03:15:41 +01:00
Mikael Nordfeldth
aca5ff1b23
Found some unreachable code in Favorite
...
The portion after StartAtomPubNewActivity would never be reached since
Favorite handles that activity through ActivityHandlerPlugin nowadays.
So I cleaned it up and followed a couple of paths, making stuff prettier.
2015-01-12 02:23:23 +01:00
Mikael Nordfeldth
773441c2c5
abstract declaration of GroupSection
2015-01-10 01:46:54 +01:00
Mikael Nordfeldth
51f97c7e84
section control over their notice lists + HTML id stuff
2015-01-09 15:46:35 +01:00
Mikael Nordfeldth
a3b9367c9a
new noticelist classes for primary and section lists
2015-01-08 20:19:43 +01:00
Mikael Nordfeldth
5a76390d46
Reuse NoticeList for NoticeSection listing
...
Something smarter than the 'addressees' and 'attachments' booleans etc.
is desired.
2015-01-08 20:07:27 +01:00
Mikael Nordfeldth
5981b5c8d9
CC license fixes (no remote image, https for href)
2015-01-08 18:13:33 +01:00
Mikael Nordfeldth
40412b6b79
status update placeholder removed, javascript not required to post
2015-01-08 18:04:46 +01:00
Mikael Nordfeldth
b2f0595d04
HTML5 + CSS adaptions, may cause visual breaks
2015-01-08 16:42:26 +01:00
Mikael Nordfeldth
d3a8896b2a
Merge commit 'refs/merge-requests/26' of https://gitorious.org/social/mainline into merge-requests/26
2014-12-09 13:45:15 +01:00
Joshua Judson Rosen
238095a719
Parse remote users' fullnames from PoCo::displayName elements
...
Try this first; use activity:subject->atom:title only as a fallback.
The code that output activity:subject was removed 2013-10-08,
and it it was deprecated for years before that....
2014-12-08 21:55:51 -05:00
Mikael Nordfeldth
e7c6c6fc76
Merge commit 'refs/merge-requests/19' of https://gitorious.org/social/mainline into merge-requests/19
2014-12-06 20:18:52 +01:00
Mikael Nordfeldth
bb31394cce
Merge commit 'refs/merge-requests/23' of https://gitorious.org/social/mainline into merge-requests/23
2014-12-06 20:12:17 +01:00
Joshua Judson Rosen
9a9f6f0502
Use HTTPS links for Google and Yahoo!
...
They both support it--so why not?
2014-12-03 22:55:34 -05:00
Joshua Judson Rosen
c52c090298
Add Ixquick as a fallback search link
...
People like that one, too.
2014-12-03 22:54:27 -05:00
Joshua Judson Rosen
67539fd1cc
Add DuckDuckGo as a fallback search link
...
People like it.
2014-12-03 22:48:28 -05:00
Joshua Judson Rosen
f9d815db64
Correctly spell "Yahoo!"
...
With the trailing bang(!).
2014-12-03 22:46:50 -05:00
Joshua Judson Rosen
b45b7c153e
SearchAction: don't list dead web search-engines
...
tweetscan.com is a parked domain.
http://www.twingly.com/search?content=microblog says:
"Microblog search has been removed. Use https://twitter.com/search-home ".
http://collecta.com/ says "We have removed our consumer facing site".
2014-12-03 22:44:54 -05:00
Joshua Judson Rosen
69fec16de2
common_path(): use HTTPS if current URL is HTTPS
...
Bring common_path() back into harmony with common_local_url(),
which started doing this 2013-03-25.
Shouldn't need to spread "StatusNet::isHTTPS()" logic all over
wherever common_path() is called; just DTRT automatically instead.
2014-12-02 14:47:03 +01:00
Mikael Nordfeldth
8ad4d1baf8
Version bump to 1.1.3 since conversation tracking
2014-11-27 17:12:36 +01:00
Mikael Nordfeldth
343291262e
ostatus:conversation element instead of link rel=""
...
Mainly because the atom:link element requires a "web resource" but we
wish to supply a URI which might not be HTTP. We'll leave the old
atom:link element however since it's in the OStatus 1.0 Draft2 docs
and nothing newer has been released yet.
2014-11-27 13:47:31 +01:00
Mikael Nordfeldth
a3ded586b6
Namespaced elements now available in xmloutputter
2014-11-27 13:36:29 +01:00
Joshua Judson Rosen
9fd2541b52
QueueManager: don't assume all non-XML strings are JSON
...
Some of the standard plugins queue simple, unstructured numbers--
e.g.: EmailSummary and OfflineBackup both queue user-IDs.
2014-11-23 23:24:16 -05:00
Mikael Nordfeldth
34f6ea1d04
Present WWW-Authenticate on failure to authenticate
2014-11-10 12:17:39 +01:00
Mikael Nordfeldth
b6a168c82e
Unnecessary to check PHP_AUTH_USER here
...
it was implied from $this->auth_user_nickname above
2014-11-10 12:10:21 +01:00
Mikael Nordfeldth
17647dc3ff
$header was always true due to previous if statement
2014-11-10 11:59:01 +01:00
Mikael Nordfeldth
e91deb683f
Checking user properties for instanceof User
2014-11-10 11:57:53 +01:00
Mikael Nordfeldth
403cb858be
Less verbose logic for checking api authentication
2014-11-10 11:43:08 +01:00
Mikael Nordfeldth
6f5086fc52
Integrate qvitter ApiAuthAction (thanks hannes2peer)
2014-11-10 11:39:19 +01:00
Mikael Nordfeldth
769febf22e
DirectMessage added to default plugins
...
I think the migration from core to plugin is done now for DMs.
This is required since we support the Twitter-based API by default,
which is implemented in many of the mobile clients etc. But you can
disable the DirectMessage for your instance of you wish, of course.
2014-11-07 16:37:00 +01:00
Mikael Nordfeldth
48ba963ddd
Inline documentation updated to reflect on plugin move of DMs
2014-11-07 16:26:29 +01:00
Mikael Nordfeldth
046d070ad4
MessageCommand moved to DirectMessage plugin
2014-11-07 16:23:34 +01:00
Mikael Nordfeldth
38d9b4d3a4
UserActivityStream export of DMs moved to plugin
2014-11-07 16:08:16 +01:00
Mikael Nordfeldth
d493fd0772
DirectMessage API functions moved to plugin
2014-11-07 16:00:27 +01:00
Mikael Nordfeldth
68143ff916
DirectMessage moved into a plugin, not done yet
...
We still have to move some API calls into the new plugin.
2014-11-07 15:53:35 +01:00
Mikael Nordfeldth
e90a1f44c4
Show permalinks only for local notices
...
the "from [site]" already links to the permalink
2014-11-05 19:53:59 +01:00
Mikael Nordfeldth
7ea067a0dc
Notice_source checks in better code style
2014-11-05 19:44:22 +01:00
Mikael Nordfeldth
5e4f93cc7d
Conversation link as default, permalink for /notice
2014-11-05 19:34:39 +01:00