Mikael Nordfeldth
1e6520fddd
Woops, forgot to skip the / in path
2016-02-26 14:13:46 +01:00
Mikael Nordfeldth
6a4470912f
Fiddling with merge request #98 to use internal routing functions
2016-02-26 14:10:32 +01:00
Mikael Nordfeldth
8356c2495c
Use mb_* and strict === comparison
2016-02-26 13:52:25 +01:00
mmn
722ff4d9c0
Merge branch 'foolproof_file_redirection_branch' into 'nightly'
...
Foolproof file redirection
This solves an issue when our internal /attachment/{file_id} links are shortened with an remote shorteners (which caused the /attachment/{file_id} links to be saved to the File table and a thumbnail of a thumbnail being generated)
See merge request !98
2016-02-26 12:49:10 +00:00
mmn
fae9e27365
Merge branch 'group-autocomplete' into 'nightly'
...
Fix !group autocomplete
"Call to undefined method User_group::getFullname"
See merge request !108
2016-02-26 12:30:19 +00:00
Mikael Nordfeldth
c58228195b
Make sure the saved Notice has an ID
2016-02-26 01:11:20 +01:00
Mikael Nordfeldth
519e3308ab
Use mb_strlen to see if something is an empty string
2016-02-26 01:04:59 +01:00
Mikael Nordfeldth
aeb2e282db
Commented on the mime extension matching regexp
2016-02-25 22:32:54 +01:00
Mikael Nordfeldth
bac37d1714
syntax error
2016-02-25 22:17:44 +01:00
Mikael Nordfeldth
e6e1705852
Make uploads work properly if we accept _all_ attachment types
...
Also introduced $config['attachments']['extblacklist'] that can disable
certain file extensions (or rewrite them, for example php => phps)
2016-02-25 22:15:54 +01:00
Mikael Nordfeldth
e69f878241
Notice getRendered() can now be called on uninserted notices
2016-02-25 15:48:37 +01:00
Mikael Nordfeldth
e3e3a91734
Correct comment on Notice->conversation in table schema
2016-02-24 19:34:44 +01:00
Chimo
54da2526ed
Fix !group autocomplete
...
"Call to undefined method User_group::getFullname"
2016-02-24 13:00:15 -05:00
Mikael Nordfeldth
731fd01139
Allow easy fetching of rel="me" values
2016-02-24 16:42:54 +01:00
Mikael Nordfeldth
3ef573f67c
Default to profile size in Avatar::defaultAvatar
2016-02-24 16:42:35 +01:00
Mikael Nordfeldth
d672547112
getAliases should be only a list (numeric array)
2016-02-23 14:33:09 +01:00
Mikael Nordfeldth
b59dacb806
getAliases for Profile and Notice
...
Also move fancyurlfix into site-wide $config['fix']['fancyurls']
TODO: getByUri should make use of this directly I guess?
2016-02-23 14:00:59 +01:00
Mikael Nordfeldth
d16a883e17
Allow lookup of User->getByUri (throws NoResultException)
2016-02-21 18:47:47 +01:00
hannes
501d081d3b
getKV doesn't throw exception
2016-02-16 19:16:05 +00:00
Mikael Nordfeldth
83f679fb57
Profile->isPrivileged() to check if users have more rights than to post etc.
2016-02-12 14:47:49 +01:00
Mikael Nordfeldth
e5ad98e601
Silence action can only be used on non-priviliged users
2016-02-12 14:22:25 +01:00
Mikael Nordfeldth
5dce08d068
Add Profile::ensureCurrent() to verify we _certainly_ got a Profile.
2016-02-12 13:52:48 +01:00
Mikael Nordfeldth
733debd9b3
Use thumbnail upscaling config value
2016-02-10 04:40:54 +01:00
Mikael Nordfeldth
dd229e855a
Allow finding the "original remote thumbnail"
...
This will probably cause older oEmbed images not to show, since they
probably were updated to use empty url entries because they were thought
of as local ones. During a migration period maybe you want to change
the default value of notNullUrl to 'false' in File_thumbnail::byFile(...)
2016-02-10 04:37:43 +01:00
Mikael Nordfeldth
893d888152
Add urlhash field to File_thumbnail for indexing
2016-02-10 04:15:41 +01:00
Mikael Nordfeldth
49b7648fea
Managed_DataObject gets onInsert and onUpdate
2016-02-10 03:37:27 +01:00
Mikael Nordfeldth
ec257d940a
Either use or don't use HTTPS
...
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
2016-02-10 00:57:39 +01:00
Mikael Nordfeldth
3dea259f52
Return intval from getID()
2016-02-08 12:21:46 +01:00
Mikael Nordfeldth
e903bd0bc3
Hacky support for geo URI detection
...
Won't work with common_purify yet because there is no geo uri scheme for it
2016-02-03 14:19:08 +01:00
Mikael Nordfeldth
6a4aa34b0c
Don't process further in redirection if HEAD gives 400 Bad request
2016-02-03 00:34:49 +01:00
Mikael Nordfeldth
40cffb9463
File::isProtected is static
2016-02-03 00:22:18 +01:00
Mikael Nordfeldth
c6ae883ad2
Don't trust local HTML either
...
If we reallyreally want to include <img> or <script> or whatever then we
have to do that after Notice::saveActivity sets ->rendered.
2016-01-30 00:00:37 +01:00
hannes
f708a5b016
Never save our /attachment/{file_id} links as links in the file table, return the old file
2016-01-29 00:36:30 +00:00
hannes
efd2326a29
the last url in the redirection chain can actually also be a redirection (e.g. if it's one of our /attachment/{file_id} links)
2016-01-29 00:34:32 +00:00
Mikael Nordfeldth
efe23ed404
updateWithKeys now understands multi-column keys
...
and automatically identifies _which_ columns are the right ones,
so for example 'uri' primary keys don't need to be explicitly set
2016-01-28 16:42:59 +01:00
hannes
a888294135
add our own protected urls
2016-01-25 19:00:46 +00:00
hannes
ca0c792ed3
File and File_redirection records are saved in File_redirection::where() now
2016-01-25 19:00:05 +00:00
hannes
48e1a2431b
save File and File_redirection records in File_redirection::where(), because then we will have to run where() over and over again
2016-01-25 18:55:48 +00:00
Mikael Nordfeldth
a9d18a077e
Harmonize, clarify, categorize URL schemes
...
Regular expression + avoid-redirection list now match each other.
2016-01-24 12:47:31 +01:00
Mikael Nordfeldth
1cec627d72
Allow bitcoin scheme to URLs
2016-01-24 12:44:28 +01:00
Mikael Nordfeldth
f74d2d555c
Working on some RSVP code stuff
2016-01-21 02:10:34 +01:00
Mikael Nordfeldth
5999171c11
Throw NoObjectTypeException on Notice->getObjectType if no string
2016-01-20 21:37:14 +01:00
Mikael Nordfeldth
7715ea993b
getVerb function in Notice class
2016-01-18 22:02:05 +01:00
Mikael Nordfeldth
6c46a93a81
Minor improvements on Notice::saveActivity
2016-01-18 19:29:45 +01:00
Mikael Nordfeldth
11b925c4ca
Use a function to getCreated()
2016-01-18 17:03:37 +01:00
Mikael Nordfeldth
deda83fdef
Distinguish notice saving errors from others for Salmon
2016-01-16 22:39:04 +01:00
Mikael Nordfeldth
a85a08ff35
Add a check in Notice->asActivityObject that we're actually returning such a thing!
2016-01-16 21:13:26 +01:00
Mikael Nordfeldth
fdfa71a033
Extremely verbose debugging is annoying
2016-01-16 18:04:04 +01:00
Mikael Nordfeldth
1f76c1e4a9
Initial user doesn't need as strict checking on email
2016-01-16 17:23:50 +01:00
Mikael Nordfeldth
0caf0612d0
Make Twitter Media upload API v1.1 reach us
...
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00