Commit Graph

2697 Commits

Author SHA1 Message Date
Zach Copley
5866493cae OAuth - better log messages 2010-10-19 12:07:59 -07:00
Brion Vibber
53d45d7ffb Merge branch '0.9.x' 2010-10-18 15:21:02 -07:00
Siebrand Mazeland
24b94ebb2c * fix bugs in parameter numbering for two messages
* add translator documentation
2010-10-18 22:47:50 +02:00
Evan Prodromou
7c05b0dafc options to nofollow external links in notices 2010-10-18 11:29:52 -04:00
Siebrand Mazeland
505ac6eba0 * add plural support where missing
* update translator documentation.
2010-10-16 14:38:12 +02:00
Siebrand Mazeland
31415b5853 Update translator documentation. 2010-10-16 14:31:41 +02:00
Brion Vibber
9a35e48ee2 Fix for ticket #2837: white screen when hitting 'make admin' button on group members list.
RedirectingAction->returnToArgs() has been renamed to returnToPrevious() to avoid confusion with the existing Action->returnToArgs which gives the arguments that would be used to pass to one of those. :)
Switching to the correct function call gets it working.

Thanks to Siebrand for catching it when I could debug it live!
2010-10-15 15:33:54 -07:00
Evan Prodromou
9b9ba29791 add SSL servers and paths to pathadminpanel.php 2010-10-15 13:46:21 -04:00
Evan Prodromou
fc6711327b let users set their SSL logo through the admin panel 2010-10-14 15:06:11 -04:00
Zach Copley
04f3f57e2e Merge branch 'oauth-1.0a' into 0.9.x 2010-10-12 17:52:04 -07:00
Zach Copley
d8e06e66e9 Print a proper error message 2010-10-12 16:19:53 -07:00
Brion Vibber
f4f16af8ac Add a basic group deletion for moderator users. 2010-10-12 15:49:20 -07:00
Zach Copley
a77bc11326 Output a log message when issuing a request token 2010-10-12 12:25:34 -07:00
Brion Vibber
f62e7c461f Fix PHP fatal error in DeletenoticeAction: died when we had a valid notice, but weren't logged in due to accessing $this->user before the login check. Moved check up to prepare() from handle() so it's done before usage 2010-10-08 10:33:43 -07:00
Zach Copley
459727bd61 Update ApiOauthAccessTokenAction to OAuth 1.0a 2010-10-07 18:32:27 -07:00
Zach Copley
f8808b0761 Added a comment about an open question: Should we allow pin-based
workflow for clients registered as web applications?
2010-10-07 14:19:42 -07:00
Zach Copley
b8f2cc4e6f Make the verifier pin display a little nicer 2010-10-07 13:51:47 -07:00
Zach Copley
69e621a3e8 - Update ApiOauthAuthorizeAction to 1.0a
- Fix enumerable bugs
- New page for displaying 1.0a verifier (still needs work)
2010-10-06 19:20:47 -07:00
Zach Copley
f97b863fd7 Update ApiOauthRequestTokenAction to support OAuth 1.0a 2010-10-06 13:40:03 -07:00
Brion Vibber
5c19d33b27 Bugfix in FB-sharing header for empty profile avatar 2010-10-01 14:42:12 -07:00
Brion Vibber
12f68c4ff2 Throw in a quick event hook to override the profile list type on showstream (should be made more general in future).
Replace with a NoticeList to have output include avatar and username -- but CSS still hides them in default theme.

Event::addHandler('ShowStreamNoticeList', 'awesome');
function awesome($notice, $action, &$pnl)
{
    $pnl = new NoticeList($notice, $action);
    return false;
}
2010-10-01 11:05:15 -07:00
Brion Vibber
8b8450f9ad Add helper metadata on individual notice pages to aid sharing to Facebook (use poster's avatar as image, indicate the text content) 2010-09-30 18:21:38 -07:00
Zach Copley
fd779009b8 Add Start/EndShowNoticeItem event hooks to single notice page 2010-09-29 16:35:12 -07:00
Brion Vibber
a6469aeed8 Fix PHP syntax errors introduced during localization fixups in a few files. 2010-09-25 12:10:36 -07:00
Zach Copley
da04858902 Update OAuth actions in show application page so it will display the right endpoint URLs 2010-09-23 16:16:32 -07:00
Evan Prodromou
0f1fc36a05 Merge branch '0.9.x' 2010-09-23 09:50:46 -04:00
Zach Copley
84331ca7bd Fix for ticket 2756 - Calls to OAuth endpoints are redirected to the
login page when a site is in private mode
2010-09-22 23:33:06 +00:00
Zach Copley
77609e0c4a Fix for ticket 2756 - Calls to OAuth endpoints are redirected to the
login page when a site is in private mode
2010-09-22 23:30:50 +00:00
Zach Copley
da4463cb76 License admin panel should allow empty or valid URLs for (license
URL and license image URL) when selecting private or allrightsreserved
licenses.
2010-09-21 13:06:23 -07:00
Brion Vibber
42dd460d3b Merge branch 'master' into 0.9.x 2010-09-21 12:48:16 -07:00
Brion Vibber
d342899677 Fix #2323: typo on oauth connections page 2010-09-20 18:07:19 -07:00
Brion Vibber
85bf20d95a Fix error when editing OAuth app registration and only changing the icon. 2010-09-20 16:57:07 -07:00
Brion Vibber
a47e664094 Fix for #2419: There is no function maxDescription in Oauth_application class (broke the 'description too long' error message when editing oauth app registrations) 2010-09-20 16:43:00 -07:00
Brion Vibber
64cdbe6c55 Ticket #2750: fixes to HTTP caching behavior across login/logout boundaries
* now ignoring if-modified-since if we failed an etag if-none-match comparison, per spec
* now including a hash of user id/nickname in most etags, so we'll update the view properly after login/logout

For API methods, checking the API-auth'ed user. (Many change results to include things like 'you're subscribed to this user' or 'this is one of your favorites', so user info is again needed)

There'll still be some last-modified stamps that aren't including user info properly, probably.
2010-09-20 13:42:58 -07:00
Zach Copley
55ad954b15 Basic license admin panel (maybe we can make it fancier later) 2010-09-17 16:38:12 -07:00
Zach Copley
afc799ddf8 Removed periods from instructions on some admin panels for consistency 2010-09-17 14:32:18 -07:00
Zach Copley
f4a1858b33 Fixed typo, and updated copyright dates while I was there 2010-09-17 14:20:05 -07:00
Brion Vibber
ead2f3375a Ticket #2701: old color settings now get reset when changing themes, so you don't end up with the previous theme's colors. 2010-09-13 13:37:13 -07:00
Siebrand Mazeland
bb2a4e7aac Update translator documentation. 2010-09-12 17:43:43 +02:00
Siebrand Mazeland
6b010ac79c Update/add translator documentation. 2010-09-12 17:27:38 +02:00
Siebrand Mazeland
a9fad9a7ac Add translator hint. 2010-09-12 17:08:49 +02:00
Evan Prodromou
255e96d3b5 add a hook for when someone deletes their own notice 2010-09-08 16:37:12 -04:00
Evan Prodromou
21bf50bad6 Merge branch 'noticetitle' into 0.9.x 2010-08-14 12:03:25 -07:00
Evan Prodromou
7dd46222a8 add StartNoticeSaveWeb and EndNoticeSaveWeb to hook web-based UI for notices 2010-08-13 11:21:07 -07:00
Brion Vibber
d9942a558a Fix regression in replies made from web (was saving reply_to value in wrong array key) 2010-08-12 15:18:16 -07:00
Brion Vibber
6ee3f35302 work in progress: prettier attachment mode for tinymce? 2010-08-11 15:56:40 -07:00
Brion Vibber
527561cd93 TinyMCE: core tweak; switching order of input processing so length limit is applied to stripped version of the text 2010-08-11 14:41:31 -07:00
Brion Vibber
3a85318bd0 First stab redoing argument loading for TinyMCE (to avoid hacking checks for all notice saves everywhere) 2010-08-10 16:55:03 -07:00
Siebrand Mazeland
46bffe3d69 Tweak message per suggestion of The Evil IP Address[1].
[1] http://translatewiki.net/w/i.php?title=Thread:Translating_talk:StatusNet/to_their_attention%3F&oldid=2220913
2010-08-01 00:16:39 +02:00
Zach Copley
0faa988e91 Fix for issue ID 2290: make sure errors are returned in the right
format, and use callback for errors when the request is JSONP
2010-07-29 20:31:22 +00:00
Zach Copley
4e8e77f6b0 Return HTTP 403 instead of 400 when silenced users try to post via API 2010-07-29 18:47:28 +00:00
Eric Helgeson
9b899eea75 Make some messages gender neutral. 2010-07-19 21:09:09 -05:00
Zach Copley
923d9ef71c - Fix bugs with block and friendship API methods
- Friendship API methods now use a Profile instead of User for target
2010-06-28 16:54:39 -07:00
Brion Vibber
696e4ba393 Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	plugins/OpenID/openidserver.php (cleaned up mismatched comment)
2010-06-26 10:17:36 -04:00
Brion Vibber
d9e56e15cc Merge branch 'master' into testing 2010-06-26 10:16:27 -04:00
Zach Copley
9eb5a976b0 Have API methods for search subclass ApiPrivateAuthAction 2010-06-24 18:11:50 -07:00
Brion Vibber
9d890e2be0 Catch a couple of missing XML namespace declarations on API XML output. Missing NS declarations were breaking XML parsing for some clients since beaecb18d5 2010-06-18 09:59:11 -07:00
Zach Copley
d3d499879c - More useful group info from api/statusnet/group/show
- Add statusnet:group_info tag to group Atom feeds
2010-06-16 14:29:24 -07:00
Brion Vibber
7f3b3620af Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x 2010-06-11 12:05:53 -07:00
Brion Vibber
47665e845a Merge branch 'testing' of gitorious.org:statusnet/mainline into testing 2010-06-11 12:04:03 -07:00
Brion Vibber
352a3edfb3 Ticket #2350: fix for incorrect FOAF sioc:follows entries for users who are followed by, but don't themselves follow the user whose FOAF we're displaying. 2010-06-10 11:42:58 -07:00
Brenda Wallace
5afd07e5e8 added missing author 2010-06-08 16:46:32 +12:00
Brenda Wallace
4617545ece added missing authors 2010-06-08 16:34:16 +12:00
Brenda Wallace
dc0f7189f2 added missing authors 2010-06-08 16:32:53 +12:00
Brion Vibber
09208f8d65 Basic custom CSS and theme uploading features. 'local' subdir can now be customized to a distinct directory and URL path to make it easier to separate custom themes for a multi-site farm running a common code base.
Currently only one custom theme may be uploaded per site, saved with the name 'custom' and stored into the local/themes subdirectory.
Administrators can upload a .ZIP archive containing a theme through the design admin panel; its contents are validated to ensure that only legit files are saved, and a 5M size quota is enforced.
Theme upload requires the zip extension for PHP; if not present, theme uploading is disabled by default.

Uploading and the custom CSS can be controlled via $config['theme_upload']['enabled'] and $config['custom_css']['enabled'].

Configurable directory/path/server for 'local' subdirectory (currently only as used for themes; local plugins not yet switched over)

Can set $config['local']['dir'] etc; not currently exposed in the admin panels.

Per-site directories on a separate themes server could be set up such as:
  $config['local']['dir'] = '/path/to/themes/local/' . $_nickname;
  $config['local']['server'] = 'themes.example.com';
  $config['local']['path'] = '/local/' . $_nickname;
  $config['local']['ssl'] = 'never';
2010-06-07 18:14:16 -07:00
Brion Vibber
8e33cdd36a break up the giant form function in design admin panel into individual sections to make it a little more manageable 2010-06-07 18:14:15 -07:00
Brion Vibber
d88b208edc Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	plugins/OpenID/openid.php
2010-06-07 10:19:40 -07:00
Evan Prodromou
135b398d4b Merge branch 'master' of gitorious.org:statusnet/mainline 2010-06-03 14:50:52 -04:00
Zach Copley
4bbb259baf - Fix bad argument being passed (error code) when invalid format specified
- Reformat whitespace
2010-06-03 10:52:16 -07:00
Evan Prodromou
a5de215267 Merge branch 'master' of gitorious.org:statusnet/mainline 2010-06-01 13:51:41 -07:00
Brion Vibber
3ba165cfab Merge branch 'master' into testing 2010-05-28 16:18:40 -07:00
Zach Copley
cef302cacd Bugfix: api/statuses/destroy.:format was outputting deleted notice
twice, causing parsers to fail.
2010-05-28 06:24:10 +00:00
Craig Andrews
6317f7d92b Assigning my copyrights to the Free Software Foundation 2010-05-27 18:27:33 -04:00
Brion Vibber
696aeea113 Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	lib/language.php
	plugins/OpenID/finishaddopenid.php
2010-05-27 14:57:32 -07:00
Brion Vibber
2f2fa10071 Merge branch 'master' of gitorious.org:statusnet/mainline into testing 2010-05-27 14:54:43 -07:00
Zach Copley
c5b61078e1 Pass auth user into Atom feed generators (needed for outputting favorited status in statusnet:notice_info tag) 2010-05-27 13:49:23 -07:00
Evan Prodromou
6d8e01ad13 Merge branch 'master' of gitorious.org:statusnet/mainline 2010-05-21 16:47:57 -04:00
Brion Vibber
6eae5d6a7e Merge branch 'testing' into 0.9.x 2010-05-21 13:15:08 -07:00
Brion Vibber
87b8a89aa7 Merge branch 'master' of gitorious.org:statusnet/mainline into testing 2010-05-21 13:12:25 -07:00
Brion Vibber
68305d4b68 Added block link to subscription notification emails; block action can now take a profile ID on the URL; added profile details to block page so there's an indication of who you're blocking before you pull the trigger.
Fixed typo in RedirectingAction when no return-to data provided in form submission.
RedirectingAction::returnToArgs() has been renamed to returnToPrevious() to avoid conflict with Action::returnToArgs() which returns arguments to be passed to other actions as return-to arguments. All callers should now be updated.
More profile settings actions will now redirect through a login form if visited as a GET request, as would be expected from a bookmark, link sent in e-mail etc.
2010-05-20 14:24:44 -07:00
Brion Vibber
7005ef6661 Merge branch 'testing' into 0.9.x
Conflicts:
	plugins/OpenID/openidlogin.php
2010-05-19 12:51:25 -07:00
Brion Vibber
a39a934dd4 Merge branch 'master' of gitorious.org:statusnet/mainline into testing 2010-05-19 10:59:14 -07:00
Zach Copley
5ea019c41a Remove errant double HTML entity encoding in API source attribution 2010-05-18 15:16:23 -07:00
Zach Copley
0dfef88cac HTML entity encode source link URLs in plain XML output and add rel="nofollow" to them 2010-05-18 15:15:52 -07:00
Zach Copley
c78f67aa73 Refactor and centralize notice source link calculation 2010-05-18 15:15:27 -07:00
Brion Vibber
14a76926a2 Redirect non-SSL hits to login & register actions to SSL if 'always' or 'sometimes' SSL modes are kicked in.
The forms would already submit to SSL, but people are happier if they start on a secure page!

Note: this really should be done for sensitive/all URLs in index.php, but it seems a bit awkward to reconstruct the SSL version of the link atm. Cleanup todo!
2010-05-18 21:52:17 +00:00
James Walker
6da59fab58 invalid mbox_sha1sum in the case where users don't have an email address
(reported by pedantic-web.org)
2010-05-18 10:09:16 -04:00
Brion Vibber
065ecc5573 Merge branch 'testing' into 0.9.x 2010-05-14 12:14:02 -07:00
Brion Vibber
2e808fdc82 More direct text for registration licensing/tos checkbox for private and all-rights-reserved sites. 2010-05-13 16:47:58 -07:00
Zach Copley
fba140f4e0 Fix for repeats from the API having null source attribution 2010-05-08 00:07:42 +00:00
Zach Copley
3c9686e80f Fix for repeats from the API having null source attribution 2010-05-07 16:32:24 -07:00
Zach Copley
869bc32d0d Remove errant double HTML entity encoding in API source attribution 2010-05-06 21:48:12 +00:00
Zach Copley
209fd12cd0 HTML entity encode source link URLs in plain XML output and add rel="nofollow" to them 2010-05-06 21:48:12 +00:00
Zach Copley
22fde00def Refactor and centralize notice source link calculation 2010-05-06 21:48:11 +00:00
Brion Vibber
e05415f621 Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	locale/ca/LC_MESSAGES/statusnet.po
	locale/de/LC_MESSAGES/statusnet.po
	locale/statusnet.pot
2010-05-05 17:07:50 -07:00
Zach Copley
b50f300566 Implement since_id and max_id param handling for /api/favorites 2010-05-05 14:46:36 -07:00
Evan Prodromou
3f2c805652 Merge branch 'master' of gitorious.org:statusnet/mainline 2010-04-30 15:00:55 -04:00
Zach Copley
f852a1931b Add docs for public_timeline 2010-04-22 15:48:58 -07:00
Zach Copley
1b561065b0 Some initial Doxygen-based documentation for the API 2010-04-22 13:11:49 -07:00
Evan Prodromou
beaecb18d5 Add statusnet: prefix for API to JSON and XML output
I added the statusnet: prefix to the xml output. This prefix should
be declared on the root element of all relevant XML output.

I also added two StatusNet-specific fields:

* statusnet:html - rendered HTML. Clients shouldn't have to guess
  at the correct HTML rendering for notices, especially since some
  of the links depend on context.
* statusnet:profile_url - profile URL for a user. You can't count
  on a user being a local user in a distributed microblogging world.
  So, this shows the explicit profile_url.
2010-04-22 08:49:33 -07:00