Zach Copley
9fb08ec45e
CSRF protection in remotesubscribe
...
darcs-hash:20080829054038-7b5ce-d0503a8eb7f89a9d2de4aadd4550f4342b943b09.gz
2008-08-29 01:40:38 -04:00
Zach Copley
a034e13bf0
CSRF protection in emailsettings
...
darcs-hash:20080829053337-7b5ce-6d94638c57d185e5d44e02ad458593a3f4de36d9.gz
2008-08-29 01:33:37 -04:00
Evan Prodromou
2dc50d7e37
CSRF protection in user registration
...
darcs-hash:20080829054017-84dde-c9268e5c815934dcbca2451dd6c9016f2ac4a03a.gz
2008-08-29 01:40:17 -04:00
Zach Copley
47726844a0
CSRF protection in recoverpassword
...
darcs-hash:20080829052824-7b5ce-39a8fd299b7a85793ad7a19fe00c93813ca882b6.gz
2008-08-29 01:28:24 -04:00
Evan Prodromou
98e941753b
session token in userauthorization form
...
darcs-hash:20080829052847-84dde-a64918a75f8300ec8fb230202881691066147652.gz
2008-08-29 01:28:47 -04:00
Evan Prodromou
63438008e0
csrf protection in userauthorization
...
darcs-hash:20080829052732-84dde-0ebb7e32236b480cc3aa2eb7a4bb2b41ff6177d6.gz
2008-08-29 01:27:32 -04:00
Evan Prodromou
9b741c4f9a
better client error on CSRF problem with subscribe/unsubscribe
...
darcs-hash:20080829051628-84dde-2a339a35c422afb9ec04f757771764ed43b2c28b.gz
2008-08-29 01:16:28 -04:00
Evan Prodromou
4272da4e9e
CSRF protection for subscription/unsubscription
...
darcs-hash:20080829051104-84dde-9bd23c28c2c8a720046060a33ff3e5f246c47116.gz
2008-08-29 01:11:04 -04:00
Zach Copley
2e239e3fbb
CSRF protection in imsettings.php
...
darcs-hash:20080829035707-7b5ce-69a9ff98390ff8b9671ede948d78fdb37371aac6.gz
2008-08-28 23:57:07 -04:00
Zach Copley
6be7cbc5cd
CSRF protection in smssettings.php
...
darcs-hash:20080829035118-7b5ce-57613e88b29617ea422c7f7003e81ef885e3debb.gz
2008-08-28 23:51:18 -04:00
Evan Prodromou
6afb7f576e
add csrf protection to profile settings
...
darcs-hash:20080829043909-84dde-c70a633c93ab89560bc300817bda66eebf6176cf.gz
2008-08-29 00:39:09 -04:00
Evan Prodromou
9a65f45c45
CSRF protection in openidsettings
...
darcs-hash:20080829042908-84dde-1d1a22dfd3d89c5521aeb9069dc64c5f6dad3a27.gz
2008-08-29 00:29:08 -04:00
Evan Prodromou
d0a466bdb7
swap around some stuff to show the form correctly on a CSRF error in openidlogin
...
darcs-hash:20080829040925-84dde-7195734eeb3df6439c099c1139caf77e2c2ea3c1.gz
2008-08-29 00:09:25 -04:00
Evan Prodromou
42a6492152
CSRF protection for OpenID form
...
darcs-hash:20080829035934-84dde-cf36fd802bed76fdf15ac39b838494a414d5cc1e.gz
2008-08-28 23:59:34 -04:00
Evan Prodromou
d6dd35a66a
add a token for CSRF avoidance
...
darcs-hash:20080829034854-84dde-a636b446dc254aaa77ac65f63be01e49c192bf32.gz
2008-08-28 23:48:54 -04:00
Evan Prodromou
93e67c7133
show error in delete notice
...
darcs-hash:20080829025559-84dde-bd29b5e6750a1ff72bd39e8e76bde325b0313fb8.gz
2008-08-28 22:55:59 -04:00
Evan Prodromou
dd55916d56
CSRF protection in deletenotice
...
darcs-hash:20080829025127-84dde-b3e2eb64b7dd8302037f471f6dba6949e2e15ecc.gz
2008-08-28 22:51:27 -04:00
Evan Prodromou
d3c86d0016
add CSRF protection to avatar
...
darcs-hash:20080829023919-84dde-38e4bf6bddc120a221af5f856d9f88b7a532096b.gz
2008-08-28 22:39:19 -04:00
Evan Prodromou
d146355875
return after failed token
...
darcs-hash:20080829023731-84dde-8920bbaf1e1f171829d0acff3f89ec987deb6368.gz
2008-08-28 22:37:31 -04:00
Evan Prodromou
ff566a149d
add session token check to password change
...
darcs-hash:20080829014515-84dde-bce51f66ba0b3b4347a55a70b2b266b72c242304.gz
2008-08-28 21:45:15 -04:00
Evan Prodromou
b1ff7d7a2b
fix error storing uris of remote notices
...
darcs-hash:20080826211108-84dde-b277bdb1476b9cec0c0d93fa8d565c4642ba16c8.gz
2008-08-26 17:11:08 -04:00
Evan Prodromou
3fda5a684f
notify user of remote subscriptions
...
darcs-hash:20080824200517-84dde-9662d89dbcd948e3ef7b7f8d4e82d90b4891c684.gz
2008-08-24 16:05:17 -04:00
Evan Prodromou
a20a038542
be a little more liberal for sites that accidentally put whitespace before the xml decl
...
darcs-hash:20080824013803-84dde-9c5d9ce9c588cfb9baddae64366e3417f0a5fee9.gz
2008-08-23 21:38:03 -04:00
Evan Prodromou
7d6e1bb47f
request token is not readonly
...
darcs-hash:20080824011706-84dde-bf35373c3bfc631f8285f8630155195c3c5cc304.gz
2008-08-23 21:17:06 -04:00
CiaranG
92645bbc57
XMPP sub/unsub and help commands
...
darcs-hash:20080822191032-f6e2c-a3a7efbbaad1ec7c48ef132a8ba34fc8b8651969.gz
2008-08-22 15:10:32 -04:00
Evan Prodromou
ea40dabb39
better error reporting in user authorization action
...
darcs-hash:20080822212111-84dde-2770093fcfaa6fe03abb1143d3828f0622382b45.gz
2008-08-22 17:21:11 -04:00
Evan Prodromou
a91cd75c17
local-only is optional on public timeline
...
darcs-hash:20080822210307-84dde-c90f6e7953d11c5b12c7a084ac23e5578412932c.gz
2008-08-22 17:03:07 -04:00
zach
0b87bf6c54
Twitter-compatible API - RESTfulness checks as per Twitter
...
darcs-hash:20080819214923-462f3-83ab492cb93c1ba643beb70853578cbd7ac35d61.gz
2008-08-19 17:49:23 -04:00
zach
9c29b9ad62
Twitter-compatible API - /statuses/show - better err msg if notice doesn't exist
...
darcs-hash:20080819202318-462f3-bc08a105c6b41b6a89a2358962440f68a9a79c7f.gz
2008-08-19 16:23:18 -04:00
zach
e980ebc714
Twitter-compatible API - Added /statuses/followers to methods that
...
require bareauth only if no nickname/id is supplied.
darcs-hash:20080819195431-462f3-93d27cf980fd09aeb30ea741639c1650baecad60.gz
2008-08-19 15:54:31 -04:00
zach
55f5bea21e
Twitter-compatible API - /statuses/destroy method implemented
...
darcs-hash:20080819194610-462f3-eb736e4cfc817b479e1e8e52db03b5f44cdb3d2a.gz
2008-08-19 15:46:10 -04:00
zach
e440b9cea0
Twitter-compatible API - moved show() to the right file
...
darcs-hash:20080819003931-462f3-4b5b838a2fc5f872391581a189d33abdd8eeb744.gz
2008-08-18 20:39:31 -04:00
zach
d57bc1b8e9
Twitter-compatible API - running all strings through gettext() now
...
darcs-hash:20080819002903-462f3-94e62891db9b9de049a918034742e545f663e840.gz
2008-08-18 20:29:03 -04:00
Evan Prodromou
d1277820f8
add remote flag to broadcast of notices
...
darcs-hash:20080819182824-84dde-84d93fae2c4b0d6acee646999bad8e8bb9752c7b.gz
2008-08-19 14:28:24 -04:00
Evan Prodromou
0dce3d959b
broadcast remote notices
...
darcs-hash:20080819182724-84dde-d2cece72dfb7f4f9f5b5cb4574812fdd32daa601.gz
2008-08-19 14:27:24 -04:00
Evan Prodromou
ee858bc880
accept 140 chars in API, too
...
darcs-hash:20080817192710-84dde-47e8da809c930c7c4528e3cb920d9a448e56d4c0.gz
2008-08-17 15:27:10 -04:00
Evan Prodromou
1c021edad5
typo in forgotten password string
...
darcs-hash:20080817163324-84dde-0b7f3449b7f6e96704518340351ada9ec0e56bbb.gz
2008-08-17 12:33:24 -04:00
Evan Prodromou
bee7caaafc
debug for content too long
...
darcs-hash:20080817152419-84dde-5df1554695bd8560e5affa0ff74f7d0ab7c7c3ff.gz
2008-08-17 11:24:19 -04:00
Evan Prodromou
164a15d253
accept 140-character UTF-8 strings to content
...
darcs-hash:20080817151751-84dde-b3fc3ee57872f53a465fd9b45f4255e5e3be3450.gz
2008-08-17 11:17:51 -04:00
Evan Prodromou
5b01880685
name omb_listener param so we can refer to it in error msg
...
darcs-hash:20080816151057-84dde-e9df2c91a2711b235aa936a28e250715fc7c6d50.gz
2008-08-16 11:10:57 -04:00
zach
35d1714621
Twitter-compatible API: support for new in_reply_to_status_id in statuses/update
...
darcs-hash:20080815185317-ca946-11c3f9f7255180d5d6ea7b115b3e33b2abb7fe93.gz
2008-08-15 14:53:17 -04:00
zach
a95242bd1d
Twitter-compatible API: removed redundant decoding step; already taken care of by util.php's common_render_content()
...
darcs-hash:20080813193327-ca946-c0160fbcc04771e39e303470d3418e84973a8189.gz
2008-08-13 15:33:27 -04:00
Evan Prodromou
7554f2561c
move user registration to a single static method
...
darcs-hash:20080814002038-84dde-8505d4e083056b770db128129a95be639d8e7f0a.gz
2008-08-13 20:20:38 -04:00
Evan Prodromou
0bba990e2f
fix problem with new notices
...
darcs-hash:20080811181158-84dde-338f926bd4c161ea55ef8600fac254f216413ad4.gz
2008-08-11 14:11:58 -04:00
zach
3a124c5f53
Twitter-compatible API - /statuses/update.format now decodes HTML chars, such as &
...
darcs-hash:20080731224911-ca946-1cb52c7592d48174437c1896c41a4dd853a9e5c7.gz
2008-07-31 18:49:11 -04:00
Evan Prodromou
37c5e8ca3c
make tag dropoff configurable
...
darcs-hash:20080811175820-84dde-f3d934495fa90fadde5f7d5d0c37c5f2a575a9d8.gz
2008-08-11 13:58:20 -04:00
Evan Prodromou
12aba8ba32
emergency fixup for bad notices in notice search
...
darcs-hash:20080811175318-84dde-080db6e81589e794761daab868706704d39e2f1b.gz
2008-08-11 13:53:18 -04:00
Evan Prodromou
4c8dfadf2d
make init of lang environment happen earlier, or when user language may have changed
...
darcs-hash:20080806034515-84dde-e32cbfec2890f50b610d0441659180038b060473.gz
2008-08-05 23:45:15 -04:00
Evan Prodromou
f2203d1df6
better handling of unconfirmed email addresses
...
darcs-hash:20080804133253-84dde-4b1ceb6feabaaad503f8777d6f21545b2bb87e85.gz
2008-08-04 09:32:53 -04:00
Evan Prodromou
506843e55d
use an outstanding unconfirmed email address for password recovery if available
...
darcs-hash:20080804130914-84dde-77e1683ec76b26e9a3838d82cbe7827246db22dd.gz
2008-08-04 09:09:14 -04:00
Evan Prodromou
222b974b23
change no-such-user error to a 404 instead of a 400
...
darcs-hash:20080804132001-84dde-e6fae9837f87d80356317e4815516dd9ff03e674.gz
2008-08-04 09:20:01 -04:00
ehs
48fcfb8b0d
added conneg for action/userbyid so that foaf can be delivered to clients that want application/rdf+xml
...
darcs-hash:20080801164623-b1e77-1e8786743cc02e3d6f2320edff0f2f474f4ed76b.gz
2008-08-01 12:46:23 -04:00
Evan Prodromou
4bd68f89c3
ksort() the tags list
...
darcs-hash:20080731041000-84dde-09a4b1d69cc42b7380582d1a2f5d718b6e57dcd2.gz
2008-07-31 00:10:00 -04:00
zach
93d25bec33
Twitter-compatible API: implemented /users/show.format method
...
(and some API bug fixes)
darcs-hash:20080730213226-ca946-eb89bad91eee630ac286d537ba42f0042b8d2109.gz
2008-07-30 17:32:26 -04:00
Mike Cochrane
16daa87a39
Resolve conflicts
...
darcs-hash:20080731004922-533db-96d62078f226ffc18db71d222d1c47524ac1319d.gz
2008-07-30 20:49:22 -04:00
Mike Cochrane
9d89e7b4ac
Update some gettext strings and number the arguements so life is easier for translators
...
darcs-hash:20080729080641-533db-560337e226a02dd6fc671f090883d4bedd50eaaa.gz
2008-07-29 04:06:41 -04:00
Evan Prodromou
ba3ca4f6bb
show the right stuff on profile page, too
...
darcs-hash:20080730033939-84dde-21b90f9c8b5fcede12a71f12fee20a4faaf1c549.gz
2008-07-29 23:39:39 -04:00
Evan Prodromou
2090e0aa78
show where a notice came from
...
darcs-hash:20080730032651-84dde-0685ec5f899129bc75745ca8d1d083f56f3f1ff5.gz
2008-07-29 23:26:51 -04:00
Evan Prodromou
e998cc3960
remember to broadcast in api, and also use the right ID
...
darcs-hash:20080730030012-84dde-9ceea12e90a4b4b4bbe35cb6cb50b6bcbb6085b7.gz
2008-07-29 23:00:12 -04:00
Evan Prodromou
d79dc8344b
refactor notice-adding code to one static method on Notice
...
darcs-hash:20080730022856-84dde-f19e4ff5d5ae2603b63b8aebd8f878ec90b3ce22.gz
2008-07-29 22:28:56 -04:00
Evan Prodromou
575f705451
if-else instead of ?:
...
darcs-hash:20080729194735-84dde-246582a47d4a384375d153bff0e724c778c4b3af.gz
2008-07-29 15:47:35 -04:00
Evan Prodromou
f26ed46266
relative info, too
...
darcs-hash:20080729194457-84dde-fd0545edb3af519ccc43ee3ac50ad5eb14c35dad.gz
2008-07-29 15:44:57 -04:00
Evan Prodromou
8fd20f58e6
show the weight in output (for my own edification)
...
darcs-hash:20080729194246-84dde-4a47578d8727720097dab9362cb356bd8f4d2a7d.gz
2008-07-29 15:42:46 -04:00
Evan Prodromou
7d43f211c0
change tag output to a tag cloud
...
darcs-hash:20080729193533-84dde-1e7deeb0c7d7fb7686653be17d197e871aded8be.gz
2008-07-29 15:35:33 -04:00
Mike Cochrane
213ecbf35d
Correct variable name
...
darcs-hash:20080724234601-533db-c9fe139144a5ec9f58b8ab612331fa31bd55967b.gz
2008-07-24 19:46:01 -04:00
Mike Cochrane
278006e4cc
Lazy/Auto load the class files as needed
...
darcs-hash:20080724234533-533db-ec2e235401e7f670ee8094ba8d70dc95c3e6dd63.gz
2008-07-24 19:45:33 -04:00
mikec
a4fa34cecb
Resolve conflicts after pull from evan
...
darcs-hash:20080721135637-edabd-cca33bc0a0936423b9fd2ffdf9413236123d680e.gz
2008-07-21 09:56:37 -04:00
mikec
334c652e80
Publish MicroIDs for email and mpp on profile and notice pages.
...
darcs-hash:20080721120036-edabd-838335c0e23c80a657d353955b25b52a9a8624b2.gz
2008-07-21 08:00:36 -04:00
mikec
fbf2a58ac3
Get text wrappers around strings so they can be in the native language of the site and use fancy urls if appropriate
...
darcs-hash:20080721090110-edabd-aea47e1cbcc2527fdb0274cb29638d2abc108a35.gz
2008-07-21 05:01:10 -04:00
matthew.gregg
ed37d83fa3
Opensearch updates
...
This adds htaccess and searches for people and notices.
darcs-hash:20080720195505-982e4-3f03e6ab4c466ae131e025b6a3c26c7bb9a99c03.gz
2008-07-20 15:55:05 -04:00
Mike Cochrane
88717d8805
User definable timezones. Work in UTC internally and display per user/site default. http://laconi.ca/PITS/00011
...
darcs-hash:20080720141325-533db-87cb60501434c9dc0ac13716ba5d8b17754431f5.gz
2008-07-20 10:13:25 -04:00
Mike Cochrane
060fecf5ec
Clean up delete code. Add missing htaccess rule. Exit after errors so the code doesn't continue running.
...
darcs-hash:20080720124552-533db-81be2c04445f146e477b1bb7e6e8e7d0eb27431d.gz
2008-07-20 08:45:52 -04:00
Mike Cochrane
26f6c917a7
Fix errors from delete code when viewing a user's profile while not logged in.
...
darcs-hash:20080720122715-533db-64247879e336666835880cd3de10bc2ef27e46c7.gz
2008-07-20 08:27:15 -04:00
Mike Cochrane
3c56b10036
Add rel
...
darcs-hash:20080720101947-533db-a7ddbd4d33b492196cf9a4287dfbfa3e341d6f40.gz
2008-07-20 06:19:47 -04:00
Mike Cochrane
fdfb806801
Sort tags by highest frequency then most recent
...
darcs-hash:20080720094832-533db-91b0cf2e0589ca4008b3011d5acd41449caa0904.gz
2008-07-20 05:48:32 -04:00
matthew.gregg
e20362a60a
Adds Opensearch description
...
darcs-hash:20080720015823-982e4-b33e1ef01cd071e958c9c51625190513b86594f3.gz
2008-07-19 21:58:23 -04:00
matthew.gregg
6dd211530f
Patch for PITS 00032, 00033, 00034
...
darcs-hash:20080719003417-982e4-7004f8a4dfb447f941457c30b0b2289eee5582e6.gz
2008-07-18 20:34:17 -04:00
matthew.gregg
faa3933fbb
Added notice deletion http://laconi.ca/PITS/00045
...
Removes selected notice and any replies that reference it.
Attempts to de-queue anything pending.
This patch does not archive notices.
darcs-hash:20080716032045-982e4-a0b5d37ecfa84796f1681dda54110094ad1424c6.gz
2008-07-15 23:20:45 -04:00
Mike Cochrane
1467300152
Set constant to propper value, not debug value
...
darcs-hash:20080720082641-533db-fa5b327a6670fd77f55cc028fc3a3a66664d4bb3.gz
2008-07-20 04:26:41 -04:00
Mike Cochrane
f08fe3d1c2
Add tag action
...
darcs-hash:20080720081838-533db-bfe217657f0c3327fa8facc66b41b00f6c8f1948.gz
2008-07-20 04:18:38 -04:00
Mike Cochrane
5d84485001
First cut at hastags support.
...
darcs-hash:20080720055702-533db-193ed842b0d0a952bef71a3c5287213ada0ef15c.gz
2008-07-20 01:57:02 -04:00
Mike Cochrane
4b8ae3e339
Resolve conflict
...
darcs-hash:20080714025853-533db-e215a2ab0277acafc1c01d2c12c20ec452ed53e2.gz
2008-07-13 22:58:53 -04:00
Mike Cochrane
d9aea8cb9a
Fixed location of bracket for gettext.
...
darcs-hash:20080713053033-533db-c1b4e827abd764dc173173556ec889290b0643bf.gz
2008-07-13 01:30:33 -04:00
Evan Prodromou
2e0b64a9ba
add local flag for stuff posted over the API
...
darcs-hash:20080727023516-84dde-7ebc4ccc8065dd1df9a414d5c39df70dbfebf487.gz
2008-07-26 22:35:16 -04:00
Evan Prodromou
e97c06e8e2
let admins prevent registration
...
darcs-hash:20080724235508-84dde-8bac4d9dd772adb9f27d083b3d0b6ed5b7526dbf.gz
2008-07-24 19:55:08 -04:00
Evan Prodromou
3a262a3bcd
ensure that there's a session before redirecting the user
...
darcs-hash:20080724231833-84dde-965c41484ecf9b85b1979e8ac76314a6b0d951ee.gz
2008-07-24 19:18:33 -04:00
zach
7e6870db91
base class is_readonly() now returns false by default
...
darcs-hash:20080722212056-ca946-e4bd9eef8e3d8991414932e9fc7b8c9a31f818c0.gz
2008-07-22 17:20:56 -04:00
zach
877eb138c4
Twitter-compatible API: made is_readonly() method smarter
...
darcs-hash:20080722182919-ca946-dce04d84290711066154567458da2dd3253dd957.gz
2008-07-22 14:29:19 -04:00
zach
038f762bce
Added is_readonly() method to all Actions
...
darcs-hash:20080722171501-ca946-160bad6c4f80be2b3b105ea9b913f1c0f9edb0ef.gz
2008-07-22 13:15:01 -04:00
zach
80facfa16d
Twitter-compatible API - location_update was spitting out the wrong profile. Fixed.
...
darcs-hash:20080721174438-ca946-1f1ddc79f8117561e98a17b143714f5daae1283e.gz
2008-07-21 13:44:38 -04:00
Evan Prodromou
e304f42b47
lost the nickname changing from profile to user
...
darcs-hash:20080722173613-84dde-f074a753a46f36e4e174ea85b66c472d436efd62.gz
2008-07-22 13:36:13 -04:00
Evan Prodromou
ccfccfd645
hide magic self subscription
...
darcs-hash:20080722163511-84dde-3ac60595640e545335cc13d120f3e99ba5d1f513.gz
2008-07-22 12:35:11 -04:00
Evan Prodromou
39de5b81b3
don't get a count anywhere
...
darcs-hash:20080722163200-84dde-736d11972503a37c062fe51c38c58eaf38a11862.gz
2008-07-22 12:32:00 -04:00
Evan Prodromou
42ac47915b
don't get a count from query
...
darcs-hash:20080722163116-84dde-3b17b13022b3d97483e911a99ebd23cc4b8da784.gz
2008-07-22 12:31:16 -04:00
Evan Prodromou
9515303b14
notices and counts
...
darcs-hash:20080722162332-84dde-75801a271f50789377aa7a3467223286c372ec6c.gz
2008-07-22 12:23:32 -04:00
Evan Prodromou
81e6d50c53
blow off DB_DataObject joins, write SQL from scratch
...
darcs-hash:20080722161549-84dde-fedeed101bdef172f4a7aabf2278f1a2277a6d88.gz
2008-07-22 12:15:49 -04:00
Evan Prodromou
64ed01f0af
centralize and optimize with-friends query
...
darcs-hash:20080722160213-84dde-2e466b9cc4601a8cb7237770a7df17a2f9dcadb9.gz
2008-07-22 12:02:13 -04:00
Evan Prodromou
ab1f2ff9d0
every user is subscribed to themselves
...
darcs-hash:20080722144154-84dde-80beabad9a681f2e12edb34ceb4ac249f4ce6705.gz
2008-07-22 10:41:54 -04:00
Evan Prodromou
5f79bcdf51
public timeline only gets local notices
...
darcs-hash:20080722142050-84dde-b948048b7f85e24c59dc063ef298bcc4c386d33a.gz
2008-07-22 10:20:50 -04:00
Evan Prodromou
b1282b1b9f
mark incoming notices as local or not
...
darcs-hash:20080722141828-84dde-160fe4582c1949af1f6b049b3336cad493e30510.gz
2008-07-22 10:18:28 -04:00