File extensions can also be added to the upload type whitelist; they'll be normalized to types for the actual comparison, so only known extensions will work.
Warning: the format strings aren't actually being enforced here which is probably why they weren't caught earlier. Not quite sure why, it should be looked at!
Currently only one custom theme may be uploaded per site, saved with the name 'custom' and stored into the local/themes subdirectory.
Administrators can upload a .ZIP archive containing a theme through the design admin panel; its contents are validated to ensure that only legit files are saved, and a 5M size quota is enforced.
Theme upload requires the zip extension for PHP; if not present, theme uploading is disabled by default.
Uploading and the custom CSS can be controlled via $config['theme_upload']['enabled'] and $config['custom_css']['enabled'].
Configurable directory/path/server for 'local' subdirectory (currently only as used for themes; local plugins not yet switched over)
Can set $config['local']['dir'] etc; not currently exposed in the admin panels.
Per-site directories on a separate themes server could be set up such as:
$config['local']['dir'] = '/path/to/themes/local/' . $_nickname;
$config['local']['server'] = 'themes.example.com';
$config['local']['path'] = '/local/' . $_nickname;
$config['local']['ssl'] = 'never';
Fixed typo in RedirectingAction when no return-to data provided in form submission.
RedirectingAction::returnToArgs() has been renamed to returnToPrevious() to avoid conflict with Action::returnToArgs() which returns arguments to be passed to other actions as return-to arguments. All callers should now be updated.
More profile settings actions will now redirect through a login form if visited as a GET request, as would be expected from a bookmark, link sent in e-mail etc.
Added a 2-second default timeout for XMLRPC/extended pings, configurable as [ping,timeout].
No longer repeating the entire ping section if we had an HTTP error during a submission.
For now, dropping the bad item and continuing on with others. (Todo: individual retry and cleaner discards of blacklisted broken-for-now sites.)
Fix extraction of Atom <content type="text"> and <content type="html">; we were failing to escape plaintext source data to HTML, and doing an extraneous double-deescape on HTML source resulting in breakage of notices containing text that looks like HTML. Only <content type="xhtml"> was working correctly previously.
Fixes for RSS2 content processing: we were failing to load <content:encoded> at all due to using wrong element name, and were applying an extraneous de-escape for <description> rather than the escaping that is required to turn plaintext into HTML. (Per spec, <description> must be plaintext.)
I added the statusnet: prefix to the xml output. This prefix should
be declared on the root element of all relevant XML output.
I also added two StatusNet-specific fields:
* statusnet:html - rendered HTML. Clients shouldn't have to guess
at the correct HTML rendering for notices, especially since some
of the links depend on context.
* statusnet:profile_url - profile URL for a user. You can't count
on a user being a local user in a distributed microblogging world.
So, this shows the explicit profile_url.
This reverts commit 98f0d970da.
Per xopher we're not yet ready to push 0.9.2 theme directories live; we also haven't merged down various things from testing that need to be in the release such as installer fixes.
* Moved notification sending from Notice::saveReplies to distrib queue handler, so it'll pull from the reply set we've saved regardless of how we got it.
* Set up gettext infrastructure for command-line scripts; gets localization mail notifications etc working from background queues.
* Adjusted locale switching: common_switch_locale() works at runtime for bg scripts, forces a message catalog update
* added a few XXX (that's StatusNet for FIXME, right?)
** proposing de-duplication of a message appearing ~50 times
** marking bad pagination implementation
* moved the TRANS: comments in action.php down to exactly before the line in which the message appears. Otherwise gettext does not put them in the pot file
* fixed a XXX in action.php removing double spaces
Because N/S/E/W were on the same lines, and the "// TRANS:" comment must be directly above the line in which the message is located to work, I added the messages to a variable first.
Refactored some of the returnto handling code. It looks like we have several different ways of handling this in the software, icky!
Marked the session-based functions with fixmes (they'll stomp on other forms when multiple tabs/windows are used) and combined some commonish bits of code between ProfileFormAction and the group block & makeadmin actions where they're using hidden form parameters. Extended that to allow passing dynamic parameters (eg 'page') as well as static ones (action, target user/group).
May be slow or run out of memory if run on particularly prolific posters -- not yet optimized for that case.
Note that geodata that has already been sent out to other services (via ostatus, omb, twitter, etc) will not be removed from them.
This reverts commit 260f00d60b.
As mentioned in
260f00d60b (comment_8367)
Reverting this merge until the bugs are fixed and there is a general
agreement on the need for this enhancement.
Basic splitting/validation code submitted via http://status.net/wiki/XMPP/JID_validation -- Copyright 2009 Patrick Georgi <patrick@georgi-clan.de> Licensed under ISC-L, which is compatible with everything else that keeps the copyright notice intact.
Added PEAR Net_IDNA package to extlib to handle IDN normalization (also used by Validate's email verifier if present).
* added test suite, supplemented my own test cases with JID validation and normalization test cases from libpurple
* follows XMPP rules for validation of name part
* fixes for normalization with non-ASCII names
* will do domain checks if $config['email']['check_domain'] is on, checking for an XMPP-server SRV record or any lookup. (We don't actually need to ping those direct though.)
* some more obscure stringprep validation rules aren't quite followed yet, but we err on the side of permissiveness.
* we still don't actually let you save your address with a resource on it, as we strip resources when looking up users who've sent us presence or message updates. I would recommend saving the outgoing resource as a separate field if/when we add that..?
* respect count instead of listing all groups
* respect page parameter
* don't spew notice on undefined $id
* don't spew notice on undefined $group->homepage_url (dropped the element since there's nothing to go in it)
* respect count instead of listing all groups
* respect page parameter
* don't spew notice on undefined $id
* don't spew notice on undefined $group->homepage_url (dropped the element since there's nothing to go in it)
I swapped the settings from negative to positive ($config['queue']['stomp_transactions'] = false rather than $config['queue']['stomp_no_transactions'] = true), gave them defaults (both on for best ActiveMQ experience), and added notes to the README about configuring them.
Conflicts:
lib/attachmentlist.php
plugins/OStatus/classes/Ostatus_profile.php
Merge tried to delete things that it seems it shouldn't, very confusing order. Hope rest of the cherry-picking isn't a problem.
Moved the various classes used by the Activity class to their own
files. There were >10 classes in the same file, with around 1500 lines
in the file. Just too big.
This change makes autoloading work for these classes, so also removed
the hard require in lib/common.php.
RSS feeds have the format
<rss><channel><item/><item/><item/></channel></rss>. The element named
$rss was actually the <channel> element, so I renamed the variable so
I wouldn't hurt my head.
First steps to parsing RSS items as activities. RSS feeds don't seem
to have enough data to make good remote profiles, but this may work
with some "hints".
* Subscription::start was sometimes passing users instead of profiles to hooks, which broke OStatus subscription notifications; now normalizing to profiles for processing.
* H-card parsing would trigger a lot of PHP warnings and notices in hKit. Now suppressing warnings and notices for the duration of the call to keep them out of output when display_errors is on.
* H-card parsing would trigger a PHP fatal error if the source page was not well-formed XML and Tidy was not present on the system. Switched normalization to use the PHP DOM module which is always present, as we have no need for Tidy's extra features here.
* Trying to fetch avatars from Google profiles failed and triggered a PHP warning due to the relative URL not being resolved during h-card parsing. Now passing profile page URL into hKit by sneaking a <base> tag in while we normalize the HTML source.
* Profile pages without a "Link" header could trigger PHP notices due to a bad NULL -> array(NULL) conversion in LinkHeader::getLink(). Now checking that there was a return value before converting single return value into array.
We were double-unescaping for <content type="html">, turning <b> escaped chars into literal tags (which then may get removed entirely by the HTML scrubber).
For instance this was throwing an exception for DB_DataObject::staticGet when there's no match... definitely not what we want when all our code expects to get a nice null.
Example of this causing trouble: http://gitorious.org/statusnet/mainline/merge_requests/131
Revert "Don't attempt to retrieve the current user from the DB while processing a DB error"
This reverts commit 68347691b0.
Revert "Use PHP exceptions for PEAR error handling."
This reverts commit d8212977ce.
For instance this was throwing an exception for DB_DataObject::staticGet when there's no match... definitely not what we want when all our code expects to get a nice null.
Example of this causing trouble: http://gitorious.org/statusnet/mainline/merge_requests/131
Revert "Don't attempt to retrieve the current user from the DB while processing a DB error"
This reverts commit 68347691b0.
Revert "Use PHP exceptions for PEAR error handling."
This reverts commit d8212977ce.
While deletion is in progress, the account is locked with the 'deleted' role, which disables all actions with rights control.
Todo:
* Pretty up the notice on the profile page about the pending delete. Show status?
* Possibly more thorough account disabling, such as disallowing all use for login and access.
* Improve error recovery; worst case is that an account gets left locked in 'deleted' state but the queue jobs have gotten dropped out. This would leave the username in use and any undeleted notices in place.
Under MySQL, new tables will be created as InnoDB with UTF-8 (utf8/utf8_bin) same as core tables.
Existing plugin tables will have table engine and default charset/collation updated, and string columns will have charset updated, at checkschema time.
Switched from 'DESCRIBE' to INFORMATION_SCHEMA for pulling column information in order to get charset. A second hit to INFORMATION_SCHEMA is also needed to get table properties.
Indices were only being created at table creation time, which ain't so hot. Now also adding/dropping indices when they change.
Fixed up some schema defs in OStatus plugin that were a bit flaky, causing extra alter tables to be run.
TODO: Generalize this infrastructure a bit more up to base schema & pg schema classes.
I think this is a bug in Youtube's web server (sending chunked encoding of an empty body with a HEAD response, leaving the connection out of sync when it doesn't attempt to read a body) but the HTTP_Request2 library may need to be adjusted to watch out for that.
Keeps stray daemon subprocesses from floating around when we kill the parents via a signal!
Accomplished by opening a bidirectional pipe in the parent process; the children close out the writer end and keep the reader in their open sockets list. When the parent dies, the children see that the socket's been closed out and can perform an orderly shutdown.
The final whitespace should be dropped from the source messages after we've stabilized; trailing space is pretty unreliable to keep through translation tools and should be avoided. Use separator strings outside the messages!
OStatus plugin overrides these to allow using webfinger (user@example.com), profile URL (http://example.com/user) and bare profile URL (example.com/user) as arguments.
Gets Spanish, French, Russian etc UI localization working on Debian Lenny fresh installation set up in Spanish (so es_ES.UTF-8 is available but en_US.UTF-8 isn't).
The upstream class sets $this->basejid with host unconditionally, which wasn't previously an issue as the fulljid would always be filled in by the server at connect time before sending messages. With the new queued messaging, we need to make sure we've filled out $this->fulljid correctly without making a connection.
Now using $server if provided to build $this->basejid and $this->fulljid in the queued XMPP proxy class, so queued messages are sent correctly.
- switch 'en_US' to 'en', fixes the "admin panel switches to Arabic" bug
- tweak setting descriptions to clarify that most of the time we'll be using browser language
- add a backend switch to disable language detection (should this be exposed to ui?)
* 'testing' of gitorious.org:statusnet/mainline:
Using position relative only for the remote subscription in section
Added group subscription button to groups mini list
Added event hooks at the start and end of groups mini list
All 'connect' menu panels used to be optional, so Action tried to
figure out what the first item on the 'connect' menu should be.
This is no longer necessary because we have the non-optional OAuth
client connections panel now, which is not optional and can't be
turned off.
Also stripping id from foreign HTML messages (could interfere with UI) and disabled failing attachment popup for a.attachment links that don't have a proper id, so you can click through instead of getting an error.
Issues:
* any other links aren't marked and saved
* inconsistent behavior between local and remote attachments (local displays in lightbox, remote doesn't)
* if the enclosure'd object isn't referenced in the content, you won't be offered a link to it in our UI
We only need one author for user feeds: the user themselves. So, show
the user as the activity:subject, and don't repeat the same
activity:actor for every notice unnecessarily.
* 'testing' of gitorious.org:statusnet/mainline: (25 commits)
Fix a bunch of notice & warning-level messages that were breaking my inter-instance communications
more output in updateostatus.php
lost important fields when switching queries
show service debug info
pass listener URI into consumer for OMB
remove strict check on OMB exception strings
return correct HTTP status code for OMB errors
send smaller error pages for OMB API endpoints
Remove check for secret in token deletion on Subscription::cancel()
Better logging on bad token in subscription
Return empty array when no subscriptions to remote
drop tokens for OMB on unsubscribe
fix path for updateostatus.php
Script to convert OMB subscriptions to OStatus subscriptions
show service debug info
pass listener URI into consumer for OMB
remove strict check on OMB exception strings
return correct HTTP status code for OMB errors
send smaller error pages for OMB API endpoints
Remove check for secret in token deletion on Subscription::cancel()
...
In a federated system, "@nickname" is insufficient to uniquely
identify a user. However, it's a very convenient idiom. We need to
guess from context who 'nickname' refers to.
Previously, we were using the sender's profile (or what we knew about
them) as the only context. So, we assumed that they'd be mentioning to
someone they followed, or someone who followed them, or someone on
their own server.
Now, we include the notice information for context. We check to see if
the notice is a reply to another notice, and if the author of the
original notice has the nickname 'nickname', then the mention is
probably for them. Alternately, if the original notice mentions someone
with nickname 'nickname', then this notice is probably referring to
_them_.
Doing this kind of context sleuthing means we have to render the
content very late in the notice-saving process.
* 'testing' of gitorious.org:statusnet/mainline:
init_conversation.php script to copy old notice conversations into the conversation table
cache results of webfinger lookups
Parse an hcard for hints, if available
use new hcard method for webfinger
add hkit for hCard parsing
use new dedicated hcard method for Webfinger profile
Add an hcard action
* 'testing' of gitorious.org:statusnet/mainline:
OStatus: if no <link> available and no profileurl hint passed in, use object id if it's an HTTP(S) URL. Fixes profile link for Google accounts.
Tweak common_url_to_nickname to take the last path component; fixes pulling nicks from Google profile pages (path is "/profile/<nickname>")
Fix bug on subscribe/unsubscribe in profile lists. Bogus call to nonexisting profile->getProfile() was masked by DB_DataObject
A dedicated hcard action for users. Our profile page includes
an hcard, but it's so full of other hcards that it's ambiguous which
one is the "real" one. So, this one make sense for meaning, "This is
my hcard."
* 'testing' of gitorious.org:statusnet/mainline:
Not sure how this ended up in wrong-cased dir...
OStatus: fix remote groups to work with new user_groups/local_groups split.
Conflicts:
classes/User_group.php
- fix <activity:subject> generation so we get the profile info (what's available so far)
- use id instead of nickname for group join/leave forms so we can join/leave remote groups
while the rest of the groups UI remains limited to local groups
(plugins are responsible for making sure remote notifications and permission checks are done)
- fix remote notification when joining group through OStatus's remote subscribe form
* 'testing' of gitorious.org:statusnet/mainline:
Merge StatusNet core localization updates from 0.9.x branch
Fix update_po_templates.php to support the plural and context variants of _m() in plugins
Drop HTMLPurifier; we don't need its extra capabilities and we're already using htmLawed which is lighter-weight.
OStatus: handle update-profile Salmon pings
Revert "Updated jQuery Form Plugin from v2.17 to v2.36"
OStatus: disable HTMLPurify cache unless we've configured a writable path for it.
- add event hooks to profile update pings
- send Salmon pings with custom update-profile event to OStatus subscribees and groups (subscribers will see it on your next post)
- fix OStatus queues with overlong transport names, should work on DB queues now
- Ostatus_profile::notifyActivity() and ::notifyDeferred() now can take XML, Notice, or Activity for convenience
the shorthand that I've proposed at
http://microformats.org/wiki/geo-brainstorming#latitude_longitude_shorthand_and_geo_link
If anyone wants to pick up on where the discussion was left off or
get more implementation support by other sites and software, and be
recognized by parsers, I'd be happy to go back to the shorthand.
Because you know, it actually makes a lot of sense.
- added rel="ostatus:attention" links for group delivery
- added events for plugins to override group profile/permalink pages
- pulled Notice::saveGroups up to save-time so we can override;
it's relatively cheap and gives us a clean list of target
groups for distrib time even with customized delivery.
- fixed notice::getGroups to return group objects as expected
- added some doc on new parameters to Notice::saveNew
- 'groups' list of group IDs to push to in place of parsing
- messages that come in via PuSH and contain local group targets
are delivered to local group members
- messages that come in via PuSH and contain remote group targets
are delivered to local members of the remote group
Todo:
- handle group posts that only come through Salmon
- handle conflicts in case something comes in both through Salmon and PuSH
- better source verification
- need a cleaner interface to look up groups by URI
- need a way to handle remote groups with conflicting names
Combined the code that finds mentions of other profiles into one place.
common_find_mentions() finds mentions and calls hooks to allow
supplemental syntax for mentions (like OStatus).
common_linkify_mentions() links mentions.
common_linkify_mention() links a mention.
Notice::saveReplies() now uses common_find_mentions() instead of
trying to parse everything again.
I changed the way that tag: URIs are minted, so we now use the right
base. Ideally most of these would use HTTP URIs instead, but for
now at least they use the right base.
We've been making pretty crummy tag: URIs for a while. We should
continue to favor HTTP URIs, since it's nice to be able to discover
things about an object you've shared the ID of. Where that's not
possible, this makes nicer tag URIs.
The subs_* functions in subs.php have made a lot of assumptions
about users versus profiles. I've refactored the functions to
be methods of the Subscription class instead, and to use Profile
objects throughout.
Some of the checks for blocks or existing subscriptions depended
on users or profiles, so I've moved those methods around a bit.
I've left stubs for the subs_* functions until we get time to replace
them.
All breakout queues that we're going to need to listen to now need to be explicitly listed in $config['queue']['breakout'].
Until XMPP is moved to component model, this setting will let the individual processes work with their own queues:
$config['queue']['breakout'][] = 'xmpp/xmppout/' . $config['site']['nickname'];
- Multiplexing queues into groups and for multiple sites.
- Sharing vs breakout configurable per site and per queue via $config['queue']['breakout']
- Detect how many times a message is redelivered, discard if it's killed too many daemons
- count configurable with $config['queue']['max_retries']
- can dump the items to files in $config['queue']['dead_letter_dir']
Queue daemon memory & resource leak fixes:
- avoid unnecessary reconnections to memcached server (switch persistent connections back in on second initialization, assuming it's child process)
- monkey-patch for leaky .ini loads in DB_DataObject::databaseStructure() - was leaking 200k per active switch
- applied leak fixes to Status_network as well, using intermediate base Safe_DataObject for both it and Memcache_DataObject
Misc queue fixes:
- correct handling of child processes exiting due to signal termination instead of regular exit
- shutdown instead of infinite respawn loop if we're already past the soft memory limit at startup
- Added --all option for xmppdaemon... still opens one xmpp connection per site that has xmpp active
Cache updates:
- add Cache::increment() method with native support for memcached atomic increment