Commit Graph

3792 Commits

Author SHA1 Message Date
Zach Copley
0dcc3f8d71 We don't need to have editapplication (only showapplication) in the
sensitive array because it doesn't expose the consumer keypair
2010-10-25 12:10:52 -07:00
Zach Copley
3954ab39ae Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL if
available
2010-10-25 11:52:17 -07:00
Evan Prodromou
59a7d78acb Atom Service Document 2010-10-24 23:43:26 -04:00
Evan Prodromou
43a67b150a show a single notice in atom entry format 2010-10-24 15:58:53 -04:00
Evan Prodromou
69a1ecec9b check for a post 2010-10-24 15:04:12 -04:00
Brion Vibber
eb30c6651a Additional fixes found while looking at ticket #2532: when given a screen name as API parameter for a profile, do the nickname lookup on local users only. The profile table can't guarantee unique lookups, so using names isn't currently safe there. This won't affect anything using local nicknames correctly, and may avoid some weird bugs if there were conflicts between local and remote nicknames. 2010-10-22 13:53:10 -07:00
Brion Vibber
2d124e4aab Fix for ticket #2532: fixed API block create/destroy when specifying the target user/profile as a separate query parameter, such as api/blocks/create.xml?param=xxx
The router settings weren't quite right so we ended up with bogus regex values passed in as the 'id' parameter, which broke the regular fallback ordering of parameter checks.
2010-10-22 13:51:28 -07:00
Zach Copley
3969870cf3 Normalize HTML body ids to lowercase when the user is logged out as well. 2010-10-22 18:32:08 +00:00
Brion Vibber
d6f4588b9e Workaround for http_build_query() oddities in low-level router parent code when PHP config is set with non-default separator. 2010-10-21 19:10:43 -07:00
Zach Copley
0b134d3e69 Re-camelcase ApiOauthAuthorizeAction so it will be accessible when
a site is in pivate mode
2010-10-21 18:15:11 -07:00
Zach Copley
fb86e7c285 Normalize all action HTML body ids to lowercase 2010-10-21 13:03:56 -07:00
Zach Copley
648f79be10 Change OAuth authorization page's action name to be inline with
other web page action names so the body id outputs correctly. Fix
some other bugs.
2010-10-21 13:00:59 -07:00
Zach Copley
500157998a Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2010-10-21 01:18:53 +00:00
Zach Copley
f283a283b7 Fix syntax error 2010-10-21 01:17:59 +00:00
Siebrand Mazeland
fb12094f61 i18n/L10n updates, translator docs updated, superfluous whitespace removed. 2010-10-21 03:10:46 +02:00
Zach Copley
bfdb8385ec Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	actions/apioauthauthorize.php
	lib/apioauthstore.php
2010-10-20 17:28:28 -07:00
Zach Copley
e56385a7bb Use a new table (oauth_token_association) to associate authorized
request tokins with OAuth client applications and profiles.
2010-10-20 17:21:04 -07:00
Siebrand Mazeland
28ec9d6463 * translator documentation added.
* moved some translator comments that were not directly above the line with the message to the correct location.
* i18n for UI text.
* superfluous whitespace removed.
2010-10-21 01:12:56 +02:00
Brion Vibber
8004e2809d Fix for ticket #2845: singleuser nickname configuration was being overridden by site owner in router setup.
I've consolidated the checks for which user to use for single-user mode into User::singleUser(), which now uses the configured nickname by preference, falling back to the site owner if it's unset.
This is now called consistently from the places that needed to use the primary user's nickname in routing setup.

Setting $config['singleuser']['nickname'] should now work again as expected.
2010-10-20 14:34:25 -07:00
Siebrand Mazeland
e980da3d20 Add FIXME 2010-10-20 20:01:12 +02:00
Siebrand Mazeland
dc62cf1c0b * i18n/L10n fixes.
* translator documentation updated/added.
* superfluous whitespace removed.
2010-10-20 19:34:27 +02:00
Siebrand Mazeland
17f5cc4f29 Merge branch '0.9.x' of git://gitorious.org/statusnet/mainline into 0.9.x 2010-10-20 18:26:51 +02:00
Siebrand Mazeland
1459110124 Fix nasty bug in parameter for e-mail notification for favourite. 2010-10-20 11:16:21 +02:00
Zach Copley
5ca29ab0de Merge branch 'anon-consumer' into 0.9.x 2010-10-19 21:01:53 -07:00
Zach Copley
e8b6d7c946 Add support for an anonymous OAuth consumer. Note: this requires a
small DB tweak.  Oauth_application_user needs to have the primary
compound key: (profile_id, application_id, token).

http://status.net/open-source/issues/2761

This should also make it possible to have multiple access tokens
per application.

http://status.net/open-source/issues/2788
2010-10-19 20:54:53 -07:00
Siebrand Mazeland
25b9552ec3 More complete sentence and translator documentation added. 2010-10-20 00:53:42 +02:00
Siebrand Mazeland
4b4894b121 Many i18n/L10n updates and lots of descriptions for translators added. 2010-10-20 00:35:39 +02:00
Zach Copley
5ac694c74f Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-19 12:08:48 -07:00
Zach Copley
5866493cae OAuth - better log messages 2010-10-19 12:07:59 -07:00
Brion Vibber
e8da3618c2 Bump version/string: 0.9.6 "Man on the Moon" 2010-10-18 14:49:02 -07:00
Brion Vibber
edf8990aa9 fix notice on non-https views 2010-10-18 11:12:26 -07:00
Evan Prodromou
47ac8458ca default for nofollow external is sometimes 2010-10-18 11:41:18 -04:00
Evan Prodromou
7c05b0dafc options to nofollow external links in notices 2010-10-18 11:29:52 -04:00
Brion Vibber
a2090ecc97 Merge branch '2828' into 0.9.x 2010-10-14 16:52:01 -07:00
Brion Vibber
3f74f44603 Fix for ticket #2828: apostrophe in site name set in installer created a broken config.php.
Now running values through var_export() before putting them into the config.php, ensuring strings will be properly quoted.
2010-10-14 16:25:43 -07:00
Evan Prodromou
1a4dc03bfe document and default for site|ssllogo 2010-10-14 14:56:38 -04:00
Evan Prodromou
8f3b18f27f fix copy-and-paste error in javascript url creation 2010-10-14 14:53:20 -04:00
Evan Prodromou
72454db118 make the logo be compatible with HTTPS pages, if possible 2010-10-14 14:22:49 -04:00
Evan Prodromou
b31c49c5d4 Make HTTPS urls in File::url() if necessary 2010-10-14 14:22:17 -04:00
Evan Prodromou
97a7fb246c correctly use sslserver if it is set 2010-10-14 01:35:11 -04:00
Evan Prodromou
7436e5d13e use HTTPS for scripts and stylesheets if the current page is HTTPS 2010-10-14 01:09:02 -04:00
Evan Prodromou
ac63f8baae show HTTPS urls for JavaScript if HTTPS used for page 2010-10-14 01:00:13 -04:00
Evan Prodromou
74c5aa8f9a consolidate some theme path code between ssl and non-ssl 2010-10-14 00:59:53 -04:00
Evan Prodromou
ca0323d01b use HTTPS for favicon.ico if page is HTTPS 2010-10-14 00:50:26 -04:00
Evan Prodromou
d91f894ccb try to show HTTPS-encrypted theme files for HTTPS-encrypted pages 2010-10-14 00:46:32 -04:00
Evan Prodromou
40c64388e6 try and show an SSL image for the creative commons image 2010-10-14 00:31:13 -04:00
Evan Prodromou
cef10c7167 add static method StatusNet::isHTTPS() 2010-10-14 00:16:23 -04:00
Evan Prodromou
ddb60a8191 Merge remote branch 'gitorious/0.9.x' into 0.9.x 2010-10-13 15:18:32 -04:00
Brion Vibber
bca215563f Clean up remote avatar temporary files if we fail before saving them into avatars directory (OMB core, OStatus, WikiHowProfile, YammerImport) 2010-10-13 11:10:04 -07:00
Zach Copley
04f3f57e2e Merge branch 'oauth-1.0a' into 0.9.x 2010-10-12 17:52:04 -07:00
Zach Copley
5270e93131 Spelling - OAuth not Oath 2010-10-12 16:20:09 -07:00
Brion Vibber
f4f16af8ac Add a basic group deletion for moderator users. 2010-10-12 15:49:20 -07:00
Brion Vibber
9d9e80ea21 Followup to IIS installer tweaks in [9bb48c36]:
* skip 0-byte config files when initializing, go ahead and redirect to installer if no non-0-byte files
* tweak warning on installer.php to let you know if you have a 0-byte config.php that's not writable, as opposed to generally already having a config.php with data in it
2010-10-12 13:00:03 -07:00
Evan Prodromou
f11c1c77ca Merge remote branch 'gitorious/0.9.x' into 0.9.x 2010-10-12 11:16:14 -04:00
Zach Copley
459727bd61 Update ApiOauthAccessTokenAction to OAuth 1.0a 2010-10-07 18:32:27 -07:00
Brion Vibber
5e0f3e7bd4 Workaround for regression in input validation due to more PCRE oddities. Recommend redoing common_validate_utf8() using something more reliable, perhaps. :P 2010-10-07 12:32:10 -07:00
Zach Copley
8658e4f8c4 Use 7 digits for oob OAuth pin instead of 6 2010-10-07 11:01:17 -07:00
Evan Prodromou
fa45805d6d Events for showing the notice form 2010-10-07 10:22:57 -04:00
Zach Copley
69e621a3e8 - Update ApiOauthAuthorizeAction to 1.0a
- Fix enumerable bugs
- New page for displaying 1.0a verifier (still needs work)
2010-10-06 19:20:47 -07:00
Zach Copley
f71912440a - New base InfoAction for dialog box like msgs
- Fix titles on error pages
2010-10-06 19:06:57 -07:00
Zach Copley
f97b863fd7 Update ApiOauthRequestTokenAction to support OAuth 1.0a 2010-10-06 13:40:03 -07:00
Zach Copley
f4f56eea3a Override new_request_token() to store OAuth 1.0a verified callback URL 2010-10-06 13:40:03 -07:00
Zach Copley
63663dbd0e Stab that 'p' parameter! 2010-10-06 13:40:02 -07:00
Zach Copley
4247be5116 Add plain text error format to clientError() 2010-10-06 13:40:01 -07:00
Zach Copley
83566f014c Fix bad reference 2010-10-06 13:40:01 -07:00
Zach Copley
06d918d575 Strip out the special 'p' paramter added by index.php from
$_SERVER['QUERY_STRING'] before doing OAuth requests. Required by the
latest version of the OAuth lib.
2010-10-06 13:39:58 -07:00
Brion Vibber
ebfa8bce27 Basic validation of UTF-8 input via GET/POST vars: invalid UTF-8 sequences will cause the string to drop. Not necessarily super-thorough; should be improved in future to drop individual bad sequences, do normalization of combining forms, etc. General input validation (for ints, types of strings, etc) still would be good to have! 2010-10-06 13:00:30 -07:00
Brion Vibber
d946c82740 Urgh... fix for fix for horrific $ escaping problems (some awful mix of single and double-quoted strings in the terror that is mail.php) 2010-10-04 15:29:30 -07:00
Brion Vibber
d6b3d7fb1a Fix unescaped dollar signs in double-quoted strings due to localization updates (%1$s etc) 2010-10-04 14:24:04 -07:00
Brion Vibber
ad7623a87f Add a $config['plugins']['locale_path'] which can be set to override the individual plugins' locale subdirectories.
This will apply to *ALL* plugins in *ALL* languages, so should probably only be used when doing site customization...

You'd probably do:

  $config['site']['locale_path'] = '/srv/awesome/data/locale';
  $config['plugins']['locale_path'] = '/srv/awesome/data/locale';

with a structure like:
srv/
  awesome/
    data/
      locale/
        en/
          LC_MESSAGES/
            statusnet.po
            OpenID.po
            AnonymousFave.po

etc, all alongside each other. You could separate plugins from the core if you like.

Where locale files have not already been generated, you can build one for a plugin like so:

  php scripts/update_po_templates.php --plugin=MyPlugin

and pull out the template file:

  plugins/MyPlugin/locale/MyPlugin.pot

Edit that (make sure you at least set the CHARSET, probably to UTF-8) and save your customized .po
files into the structure as above, and use msgfmt to generate .mo files for final output.
2010-09-30 19:23:42 -07:00
Brion Vibber
6e58a926e3 ForceGroup plugin: optionally force new users to join a particular group or set of groups on registration; and/or to force posts by members of particular groups to be posted into those groups even if not explicitly mentioned. The posting feature requires a couple quick hook additions in core. 2010-09-30 18:05:44 -07:00
Zach Copley
8a28d9cc4d Merge branch 'anon-fave-plugin' 2010-09-30 13:57:39 -07:00
Brion Vibber
20f2167425 Merge branch 'master' of gitorious.org:statusnet/mainline into feedfix 2010-09-30 11:31:29 -07:00
Brion Vibber
1acc7d66c6 Always specify UTF-8 targt charset for html_entity_decode(); default is 8-bit ISO-8859-1 which causes things to break when we later pass them through things that expect to work with UTF-8. For instance, running through preg_replace() with the /u option results in NULL, leading to problems with OStatus and SubMirror generating their plaintext versions and doing length-cropping. 2010-09-30 11:29:31 -07:00
Zach Copley
0ac333ec80 Add Start/EndFavorNoticeForm and Start/EndDisFavorNoticeForm hooks 2010-09-29 16:35:14 -07:00
Zach Copley
331502a979 Add Start/EndShowNoticeInfo events 2010-09-29 16:35:13 -07:00
Zach Copley
21759c3132 New eventsi: Start/EndShowNoticeOptions and Start/EndShowFaveForm 2010-09-29 16:35:12 -07:00
Evan Prodromou
d2ef0cf233 add hooks to the feedlist widget to give fine-grained control over feed links 2010-09-29 19:23:46 +02:00
Siebrand Mazeland
b9177f5e2e * i18n/L10n and translator documentation updates.
* whitespace and indentation updates
2010-09-29 00:39:45 +02:00
Siebrand Mazeland
2d08750c47 Localisation updates from http://translatewiki.net
* add support for Hungarian (hu)
2010-09-28 01:02:08 +02:00
Zach Copley
84331ca7bd Fix for ticket 2756 - Calls to OAuth endpoints are redirected to the
login page when a site is in private mode
2010-09-22 23:33:06 +00:00
Evan Prodromou
b5cfcba471 Merge branch '0.9.x' into activityexport
Conflicts:
	plugins/OStatus/OStatusPlugin.php
2010-09-22 10:45:34 -04:00
Brion Vibber
42dd460d3b Merge branch 'master' into 0.9.x 2010-09-21 12:48:16 -07:00
Brion Vibber
1bc45e191d Merge branch 'twitter-avatar' 2010-09-21 12:46:16 -07:00
Brion Vibber
94de78fa0f Workaround for #2485: in profile output on feeds, fall back to the Twitter 73x73 avatar instead of going straight to the 96x96 default image on twitter-import profiles. 2010-09-21 12:38:04 -07:00
Evan Prodromou
28fdc733a7 change the location and title of the feeds section 2010-09-21 14:09:46 -04:00
Brion Vibber
aef42e2f65 Don't spew a notice warning to output while processing logging for PEAR DB errors 2010-09-20 16:52:22 -07:00
Brion Vibber
24bb6feba7 Clean up notice spew from accessing member variables of null when opening the add/edit oauth application form 2010-09-20 16:39:51 -07:00
Brion Vibber
64cdbe6c55 Ticket #2750: fixes to HTTP caching behavior across login/logout boundaries
* now ignoring if-modified-since if we failed an etag if-none-match comparison, per spec
* now including a hash of user id/nickname in most etags, so we'll update the view properly after login/logout

For API methods, checking the API-auth'ed user. (Many change results to include things like 'you're subscribed to this user' or 'this is one of your favorites', so user info is again needed)

There'll still be some last-modified stamps that aren't including user info properly, probably.
2010-09-20 13:42:58 -07:00
Brion Vibber
2f38c9c99c Fix bug in db queue manager: when receiving an invalid or deleted notice, we were running it through the 'temporary fail, release it to try again' path instead of the 'done, discard item' path. Should fix some infinite-loop-of-doom-in-queue cases. 2010-09-20 13:19:58 -07:00
Zach Copley
55ad954b15 Basic license admin panel (maybe we can make it fancier later) 2010-09-17 16:38:12 -07:00
Brion Vibber
20a0a4acff Explicitly mark a translator note on the command list help message that the command names must not be translated 2010-09-16 11:05:31 -07:00
Evan Prodromou
670ad53215 Merge branch '0.9.x' into activityexport 2010-09-15 23:31:20 -04:00
Siebrand Mazeland
85154a49d0 Add plural support for minutes/hours/days/months ago.
Reapply of revised b27882c916 that was reverted by Brion Vibber in 2d4c0f9a47.
2010-09-16 00:07:47 +02:00
Brion Vibber
2d4c0f9a47 Revert "Add plural support for minutes/hours/days/months ago." -- currently doesn't work and spews error messages
This reverts commit b27882c916.
2010-09-15 14:10:18 -07:00
Evan Prodromou
1ceb93cce4 move useractivitystream class to its own module 2010-09-15 15:18:01 -04:00
Evan Prodromou
0a5aa95746 flag to leave out author information in activity output 2010-09-15 07:11:50 -04:00
Evan Prodromou
d2877f4c3d change user attribute from private to protected so subclasses can use it 2010-09-15 07:08:28 -04:00
Siebrand Mazeland
c218eb5077 L10n: Fix punctuation. 2010-09-14 22:30:55 +02:00
Evan Prodromou
a2fe29388d Activity::asString() should format numerical not string time 2010-09-13 17:05:02 -04:00
Evan Prodromou
d207f19d22 accept null constructor for ActivityContext 2010-09-13 16:23:10 -04:00
Siebrand Mazeland
39802077a8 * update/add translator documentation
* remove superfluous whitespace
2010-09-13 21:10:55 +02:00
Siebrand Mazeland
8c94ebf537 * update/add translator documentation
* remove superfluous whitespace
2010-09-13 21:10:54 +02:00
Siebrand Mazeland
d6be5be548 Move translator hint to where gettext will actually see it and replace tab by spaces. 2010-09-13 21:10:53 +02:00
Siebrand Mazeland
a590f2cb0f Fix typos in translator comments. 2010-09-13 21:10:53 +02:00
Siebrand Mazeland
6817420e6c Remove trailing whitespace and update comment consistency on methods. 2010-09-13 21:10:52 +02:00
Siebrand Mazeland
b27882c916 Add plural support for minutes/hours/days/months ago. 2010-09-13 21:10:51 +02:00
Siebrand Mazeland
0d1b60b11d Update translator documentation. 2010-09-12 18:34:33 +02:00
Siebrand Mazeland
128607a270 Update translator documentation and add punctuation where missing to exception messages. 2010-09-12 18:24:44 +02:00
Siebrand Mazeland
e88ee4ec46 Fix i18n issue and add translator documentation. 2010-09-12 18:11:28 +02:00
Siebrand Mazeland
8adef3127c Update translator documentation. 2010-09-12 17:49:56 +02:00
Siebrand Mazeland
99f6a70937 * add two FIXMEs for gettext messages not being processed.
* update translator documentation.
2010-09-12 17:44:28 +02:00
Siebrand Mazeland
6b010ac79c Update/add translator documentation. 2010-09-12 17:27:38 +02:00
Siebrand Mazeland
9bc4aaeca3 Update incomplete documentation. 2010-09-12 17:17:43 +02:00
Brion Vibber
cb1d5049b8 Bump version to 0.9.5 2010-09-08 15:35:23 -07:00
Evan Prodromou
e6c84dec19 Pragma was accidentally triggering some underwear-catapult-connected hardware 2010-09-08 15:41:39 -04:00
Evan Prodromou
338aa4bf1d Merge branch 'apinamespace' into 0.9.x 2010-09-07 16:39:43 -04:00
Siebrand Mazeland
f2d6e1e375 Add basic support for Georgian (ka) 2010-09-05 10:45:03 +02:00
Evan Prodromou
6c14235d6c Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-09-02 22:56:18 -04:00
Evan Prodromou
388495f6b1 use etag preferably for caching 2010-09-02 22:26:20 -04:00
Evan Prodromou
c8a69f433c add some caching headers 2010-09-02 22:26:19 -04:00
Evan Prodromou
0c5ca46ba3 combine our standard scripts into one big script 2010-09-02 22:21:07 -04:00
Brion Vibber
e365e709c5 Merge branch 'master' into testing 2010-09-02 14:58:11 -07:00
Brion Vibber
cbcb9b0080 Fixes for Mac metadata files mucking up theme zip files 2010-09-02 14:24:46 -07:00
Brion Vibber
c24458a9f0 Ticket #2638: allow themes to specify a base theme to load with 'include' setting in a theme.ini file 2010-09-02 14:11:52 -07:00
Evan Prodromou
c7d81f2d9d hooks for showing <title> and <h1> elements 2010-09-02 17:10:25 -04:00
Evan Prodromou
7517409bf1 Merge branch 'testing' into 0.9.x 2010-09-02 16:56:52 -04:00
Brion Vibber
11f7fce3bb Fixes for custom theme upload:
* skip more files (.xcf image sources, .html docs)
* skip files before rejecting them for funky filenames!
* allow period in filenames (eg foo-1.4.ttf) but blacklist some unsafe extensions-within-extensions
2010-09-02 12:11:45 -07:00
Brion Vibber
4cbbfdab84 Fix for #2635: use ssl-sometimes settings for Twitter settings & auth pages 2010-09-02 10:55:26 -07:00
Siebrand Mazeland
f64fff379c * when using multiple parameters, number them
* fix double space to single space
* use consistent punctuation in messages
* complete translation hints for all commands
* add an i18n fixme for missing plural support
* trailing whitespace removed
2010-08-28 16:51:49 +02:00
Siebrand Mazeland
2eb894e535 Document UI text and number parameters. 2010-08-28 16:28:23 +02:00
Brion Vibber
a68c10280f Merge branch 'master' into 0.9.x 2010-08-16 16:56:15 -07:00
Brion Vibber
b2a5e0d09b StatusNet 0.9.4 "Orange Crush" 2010-08-16 10:09:33 -07:00
Brenda Wallace
7f9ab683b2 fixed a %d that should be a %s in an error message 2010-08-16 10:03:58 -07:00
Brenda Wallace
e687862ca1 fixed a %d that should be a %s in an error message 2010-08-16 13:26:27 +12:00
Evan Prodromou
9b7536351b hide the Whats Up Nickname if notice title enabled 2010-08-13 12:22:58 -07:00
Evan Prodromou
ed8d8eb5ee hooks to allow changing RSS content 2010-08-13 11:44:26 -07:00
Brion Vibber
f7d599f8ea Fix for ticket 2513: "Can't linkify" error when some links are shortened
When bogus SSL sites etc were hit through a shortening redirect, sometimes link resolution kinda blew up and the user would get a "Can't linkify" error, aborting their post.
Now catching this case and just passing through the URL without attempting to resolve it. Could benefit from an overall scrubbing of the freaky link/attachment code though...! :)

http://status.net/open-source/issues/2513
2010-08-12 15:25:32 -07:00
Brion Vibber
111fc33e1a Output "web" instead of gettext translation file metadata when notice.source is empty 2010-08-11 18:53:34 -07:00
Brion Vibber
d15a41c96e 0.9.4beta2 update some notes in README, note the fix from beta1 2010-08-11 10:32:52 -07:00
Siebrand Mazeland
db46d73a5f Add dummy support for Esperanto. 2010-08-11 12:46:54 +02:00
Brion Vibber
19e6b84050 StatusNet_network staticGet lookup fix 2010-08-10 17:22:26 -07:00
Brion Vibber
5c210f724a update version for 0.9.4beta1 2010-08-10 16:28:33 -07:00
Brion Vibber
08fc6053ec Fix for regression with OStatus mention processing (duplicated new and old style lead to trying to save a reply entry twice). 2010-08-10 13:49:11 -07:00
Brion Vibber
6a2659ed67 Workaround for index setup on SubMirror until I'm done w/ arbitrary index support for Schema setup. 2010-08-10 11:45:34 -07:00
Siebrand Mazeland
09dee24cbe Add two i18n related FIXMEs. 2010-08-08 21:13:21 +02:00
Brion Vibber
ebd2fc2f7c Partial fix for ticket #2489 -- problems with SNI SSL virtual host certificate validation.
Two prongs here:
* We attempt to enable SNI on the SSL stream context with the appropriate hostname... This requires PHP 5.3.2 and OpenSSL that supports the TLS extensions. Unfortunately this doesn't seem to be working in my testing.
* If set $config['http']['curl'] = true, we'll use the CURL backend if available. In my testing on Ubuntu 10.04, this works. No guarantees on other systems.

I'm not enabling CURL mode by default just yet; want to make sure there's no other surprises.
2010-08-06 10:14:07 -07:00
Brion Vibber
433c43c999 Merge branch 'testing' into 0.9.x 2010-08-05 11:02:53 -07:00
Brion Vibber
77a96e3d7c Merge branch 'master' into testing 2010-08-05 10:56:49 -07:00
Zach Copley
fd530a892f Fix for source attribution on notices; it was displaying the code instead of the source name sometimes. 2010-08-04 12:31:31 -07:00
James Walker
eaef724c49 urgh. typo 2010-08-02 14:24:50 -04:00
James Walker
e603632f13 add support for Salmon's new "mentioned" rel value 2010-08-02 14:06:14 -04:00
Brion Vibber
a1aea74fe2 Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-08-02 09:43:58 -07:00
Siebrand Mazeland
44d01f70a6 Localisation updates from http://translatewiki.net
* add support for Danish
2010-07-31 23:59:22 +02:00
Brion Vibber
1bb18e9bab Merge branch '2471' into 0.9.x 2010-07-30 17:52:12 -07:00
Brion Vibber
0caebc9308 Fix for ticket #2471: install.php returns unsuccessfully but doesn't display error message if PHP < 5.2.6 is used
http://status.net/open-source/issues/2471

Old bit of code didn't get updated for new installer
2010-07-30 13:16:47 -07:00
James Walker
47f19988d1 allow schema to work on more than one connection (namely, the Status_network DB) 2010-07-29 21:04:28 -04:00
James Walker
c2a26ba653 removing redundant constructor 2010-07-29 21:03:48 -04:00
Zach Copley
fb2e00eacc Merge branch 'master' into 0.9.x
Conflicts:
	classes/Notice.php
2010-07-29 20:44:11 +00:00
Zach Copley
0faa988e91 Fix for issue ID 2290: make sure errors are returned in the right
format, and use callback for errors when the request is JSONP
2010-07-29 20:31:22 +00:00
Evan Prodromou
e10621a52a Merge branch 'testing' of gitorious.org:statusnet/mainline into testing 2010-07-28 17:51:07 -04:00
Evan Prodromou
a01bc6b575 Merge branch 'googleadsadminpanel' into testing 2010-07-28 17:50:49 -04:00
Brion Vibber
ab2c3686b7 Merge branch 'testing' into 0.9.x 2010-07-28 11:59:42 -07:00
Evan Prodromou
dbb5e9e191 accept mailto: URIs as OStatus identifiers 2010-07-22 16:00:26 -07:00
Zach Copley
65862d8f7f Suppress HTTP error headers for JSONP API output 2010-07-16 14:40:22 -07:00
Evan Prodromou
453a06fff4 Exceptions are caught and continued on JSON, XML, Atom and RSS output in API 2010-07-13 11:11:29 -04:00
Evan Prodromou
1044f27e47 handle missing profile for notices better in Rss10Action 2010-07-13 10:59:15 -04:00
Evan Prodromou
d706a3e21b handle missing profile for notices better in NoticeList 2010-07-13 10:59:01 -04:00
Evan Prodromou
6968c96b44 log exceptions in atom feeds, but don't let them kill the output 2010-07-13 10:53:47 -04:00
Evan Prodromou
dfd65a4290 push exception on missing profile down to Notice::getProfile() 2010-07-13 10:51:25 -04:00
Evan Prodromou
ab149755b6 handle notices without profiles better in RSS output 2010-07-13 10:42:06 -04:00
Brion Vibber
1b3b7f9a42 Ticket 2427: fix regression in plugin i18n 2010-07-12 10:27:23 -07:00
Brion Vibber
974c4df029 Ticket 2433: Skip locale fallback list check on Windows ('locale -a' shell-out doesn't work there) 2010-07-12 09:56:32 -07:00
Zach Copley
923d9ef71c - Fix bugs with block and friendship API methods
- Friendship API methods now use a Profile instead of User for target
2010-06-28 16:54:39 -07:00
Brion Vibber
c9863bb864 Update version and code name: 0.9.3 Half a World Away 2010-06-28 15:08:01 -04:00
Brion Vibber
b2ad8ec571 Fix for PHP notice when given an integer degrees in decimalDegreesToDMS(); using math instead of string manipulation to split integer portion from decimal remainder. 2010-06-28 14:41:33 -04:00
Brion Vibber
53f14ddde6 Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x 2010-06-28 13:39:52 -04:00
Brion Vibber
9c7b66984c Enhanced upload file type detection. If given an original filename, we'll attempt to detect type from the extension if we were unable to make a definitive match from content. Generic octet-stream, zip, and MS Office type are explicitly singled out for re-checks, which fixes OpenOffice and MS Office documents to come up with the proper types when misdetected.
File extensions can also be added to the upload type whitelist; they'll be normalized to types for the actual comparison, so only known extensions will work.
2010-06-28 08:59:47 -07:00
Brion Vibber
c6b1e25d17 Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x 2010-06-26 15:09:30 -04:00
Brion Vibber
ef7e85c0ab Merge branch 'master' of gitorious.org:statusnet/mainline into testing 2010-06-26 15:09:08 -04:00
Brion Vibber
f0c5e7eca3 Fix for bug #2382: releasing claim on failed queue item works again with DB-based queues.
Warning: DB-based queue doesn't currently implement discarding of items after a retry limit. Failed items will be retried until they succeed.
2010-06-26 15:07:32 -04:00
Brion Vibber
696e4ba393 Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	plugins/OpenID/openidserver.php (cleaned up mismatched comment)
2010-06-26 10:17:36 -04:00
Brion Vibber
d9e56e15cc Merge branch 'master' into testing 2010-06-26 10:16:27 -04:00
Zach Copley
9eb5a976b0 Have API methods for search subclass ApiPrivateAuthAction 2010-06-24 18:11:50 -07:00
Zach Copley
1eec7f779f - Add profile_info tag to Atom author
- Normalize xmlns:statusnet links in the API
2010-06-22 16:28:06 -07:00
Siebrand Mazeland
87125a1395 Improve error message per discussion on http://translatewiki.net/wiki/Thread:Support/Unclear_message.
Spotted by Peter17 and changed per suggestion of McDutchie with approval of Brion.
2010-06-21 20:15:26 +02:00
Zach Copley
a6ce4eef0d Fix problem with AvatarLink in which it was sometimes leaving the width attribute empty 2010-06-16 18:27:51 -07:00
Zach Copley
d3d499879c - More useful group info from api/statusnet/group/show
- Add statusnet:group_info tag to group Atom feeds
2010-06-16 14:29:24 -07:00
Brion Vibber
d65d982681 Merge branch 'master' into testing 2010-06-16 12:37:14 -07:00
Evan Prodromou
327ed5b87e fix URL regex for tags to use UTF-8 2010-06-14 15:51:49 -04:00
Brion Vibber
a1b25b46bc Merge branch 'master' into testing 2010-06-14 10:53:22 -07:00
Brion Vibber
3da8914edb Fix for DB error reporting in installer (MySQL path) 2010-06-11 12:38:22 -07:00
Brion Vibber
7f3b3620af Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x 2010-06-11 12:05:53 -07:00
Brion Vibber
47665e845a Merge branch 'testing' of gitorious.org:statusnet/mainline into testing 2010-06-11 12:04:03 -07:00
Brion Vibber
ec15546476 Fix a couple bad format entries in router setup (format param had 'xmljson' instead of 'xml|json').
Warning: the format strings aren't actually being enforced here which is probably why they weren't caught earlier. Not quite sure why, it should be looked at!
2010-06-11 11:52:06 -07:00
Brenda Wallace
e121d472e7 Revert "added notice.location to group by"
This reverts commit 48dc899acb.
2010-06-09 16:30:50 +12:00
Brion Vibber
054ac909bf Merge branch 'integration' into testing 2010-06-07 18:19:12 -07:00
Brion Vibber
09208f8d65 Basic custom CSS and theme uploading features. 'local' subdir can now be customized to a distinct directory and URL path to make it easier to separate custom themes for a multi-site farm running a common code base.
Currently only one custom theme may be uploaded per site, saved with the name 'custom' and stored into the local/themes subdirectory.
Administrators can upload a .ZIP archive containing a theme through the design admin panel; its contents are validated to ensure that only legit files are saved, and a 5M size quota is enforced.
Theme upload requires the zip extension for PHP; if not present, theme uploading is disabled by default.

Uploading and the custom CSS can be controlled via $config['theme_upload']['enabled'] and $config['custom_css']['enabled'].

Configurable directory/path/server for 'local' subdirectory (currently only as used for themes; local plugins not yet switched over)

Can set $config['local']['dir'] etc; not currently exposed in the admin panels.

Per-site directories on a separate themes server could be set up such as:
  $config['local']['dir'] = '/path/to/themes/local/' . $_nickname;
  $config['local']['server'] = 'themes.example.com';
  $config['local']['path'] = '/local/' . $_nickname;
  $config['local']['ssl'] = 'never';
2010-06-07 18:14:16 -07:00
Brion Vibber
5a96b9e805 Merge branch 'master' of gitorious.org:statusnet/mainline into testing 2010-06-07 10:34:00 -07:00
Brion Vibber
d88b208edc Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	plugins/OpenID/openid.php
2010-06-07 10:19:40 -07:00
Brion Vibber
8b9436e8ae Option to divert PuSH items directly to the target site's queue when local 2010-06-03 18:06:55 -07:00
Brion Vibber
5f4c6ec626 Skip enqueueing to outgoing bridges on incoming remote messages. Twitter, Facebook, RSSCloud, and OStatus checks were enqueued on these when they'd never do anything but churn the queue servers.
Notice::isLocal() can replace a number of manual checks for $notice->is_local being LOCAL_PUBLIC or LOCAL_NONPUBLIC.
2010-06-03 16:58:45 -07:00
Brion Vibber
791b98046d Stomp blocking writes fix 2010-06-03 16:09:47 -07:00
Evan Prodromou
135b398d4b Merge branch 'master' of gitorious.org:statusnet/mainline 2010-06-03 14:50:52 -04:00
Brion Vibber
9bb48c36ea Installer tweak to aid with IIS setup: if config.php exists, but is both empty and writable, let the installer proceed and overwrite it. 2010-06-03 10:13:28 -07:00
Evan Prodromou
a5de215267 Merge branch 'master' of gitorious.org:statusnet/mainline 2010-06-01 13:51:41 -07:00
Brion Vibber
f4539b52ad Ticket 2329 followup: my clever 'let it use the default' was foiled by PHP gettext module not quite exposing a compatible interface as the backend gettext library. (Most funcs squash null domain parameter into '' empty string, which isn't interpreted as 'use the current default'.) 2010-05-28 16:03:09 -07:00
Craig Andrews
6317f7d92b Assigning my copyrights to the Free Software Foundation 2010-05-27 18:27:33 -04:00
Brion Vibber
696aeea113 Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	lib/language.php
	plugins/OpenID/finishaddopenid.php
2010-05-27 14:57:32 -07:00
Brion Vibber
2b318a3420 Merge branch 'master' of gitorious.org:statusnet/mainline 2010-05-27 14:22:24 -07:00
Brion Vibber
697a9948df Ticket #2329: fix for use of _m() translation functions from outside of plugin directories 2010-05-27 14:18:08 -07:00
Zach Copley
c5b61078e1 Pass auth user into Atom feed generators (needed for outputting favorited status in statusnet:notice_info tag) 2010-05-27 13:49:23 -07:00
Brion Vibber
2062298755 Add $config['queue']['stomp_enqueue_to'] override for which queue server to send to.
Must be set to a value that matches one of the entries in $config['queue']['stomp_server'] array, otherwise ignored.
2010-05-21 14:07:59 -07:00
Evan Prodromou
6d8e01ad13 Merge branch 'master' of gitorious.org:statusnet/mainline 2010-05-21 16:47:57 -04:00
Brion Vibber
6eae5d6a7e Merge branch 'testing' into 0.9.x 2010-05-21 13:15:08 -07:00
Brion Vibber
2c12d837c6 Disable SSL peer/hostname verification for HTTPClient unless we've configured a trusted CA bundle like this: $config['http']['ssl_cafile'] = '/usr/lib/ssl/certs/ca-certificates.crt';
The previous state was failing on all HTTPS hits due to HTTP_Request2 library turning on the validation check but not specifying a CA file.
2010-05-21 10:12:39 -07:00
Brion Vibber
68305d4b68 Added block link to subscription notification emails; block action can now take a profile ID on the URL; added profile details to block page so there's an indication of who you're blocking before you pull the trigger.
Fixed typo in RedirectingAction when no return-to data provided in form submission.
RedirectingAction::returnToArgs() has been renamed to returnToPrevious() to avoid conflict with Action::returnToArgs() which returns arguments to be passed to other actions as return-to arguments. All callers should now be updated.
More profile settings actions will now redirect through a login form if visited as a GET request, as would be expected from a bookmark, link sent in e-mail etc.
2010-05-20 14:24:44 -07:00
Brion Vibber
708d22848e Quick fix for creating OpenID accounts authenticating against a MediaWiki site; trim the 'User:' etc from the final path segment before generating a nickname from it. Avoids ending up with nicks like 'userbrion' on your first OpenID login! 2010-05-19 16:19:06 -07:00
Brion Vibber
7005ef6661 Merge branch 'testing' into 0.9.x
Conflicts:
	plugins/OpenID/openidlogin.php
2010-05-19 12:51:25 -07:00
Brion Vibber
74a89b1fc3 Locale switch cleanup: use common_switch_locale() which is safer for updating gettext state. Also moved a few calls to reduce chance of hitting an exception before switching back.
Should help with problems where xmppdaemon would get stuck in wrong locale.
2010-05-19 10:10:55 -07:00
Zach Copley
5ea019c41a Remove errant double HTML entity encoding in API source attribution 2010-05-18 15:16:23 -07:00
Zach Copley
3708341857 Allow OStatusPlugin to set the source attribution title 2010-05-18 15:16:13 -07:00
Zach Copley
6187266205 - OStatusPlugin should return true if it doesn't need to handle source
attribution
- Remove stray break statement from NoticeList
2010-05-18 15:16:03 -07:00
Zach Copley
0dfef88cac HTML entity encode source link URLs in plain XML output and add rel="nofollow" to them 2010-05-18 15:15:52 -07:00
Zach Copley
c78f67aa73 Refactor and centralize notice source link calculation 2010-05-18 15:15:27 -07:00
Zach Copley
d9fddff539 Add xmlns:statusnet and statusnet:notice_info element to Atom entries for notices 2010-05-18 15:15:14 -07:00
Brenda Wallace
48dc899acb added notice.location to group by 2010-05-17 14:17:49 +12:00
Brenda Wallace
6f19830c9a fix the column modify on stuff for postgres. change serial to bigserial 2010-05-17 13:50:37 +12:00
Brenda Wallace
9bb18541df added missing field to the group by. this makes postgres happy 2010-05-15 15:33:55 +12:00
Brenda Wallace
7bd6b62461 comment out the extra bit, cos there's always mysql-only stuff in therre.
this isn't a very good idea
2010-05-15 15:32:22 +12:00
Brenda Wallace
a467c0ebba caitalise the sql keywords 2010-05-15 15:31:54 +12:00
Brenda Wallace
191752138a indexes now working in postgres schemas 2010-05-15 15:14:11 +12:00
Brenda Wallace
7cf250ff18 removed sneaky debug echo that shouldn't be there 2010-05-15 15:08:22 +12:00
Brenda Wallace
599942f58a sorted enums and auto_increments on postgres.
Still needs inline indexes on table creation
2010-05-15 14:56:40 +12:00
Brion Vibber
065ecc5573 Merge branch 'testing' into 0.9.x 2010-05-14 12:14:02 -07:00
Brion Vibber
3d00cfd47f Windows server fix: Use platform EOL in debug log file 2010-05-11 12:22:14 -07:00
Brion Vibber
45392bef33 Installer tweak for Windows: normalize line endings to platform standard in generated config.php
Added a comment that the writable directory checks are insufficient to catch ACL problems on Windows; need a better check for that.
2010-05-11 12:16:13 -07:00
Zach Copley
fba140f4e0 Fix for repeats from the API having null source attribution 2010-05-08 00:07:42 +00:00
Zach Copley
3c9686e80f Fix for repeats from the API having null source attribution 2010-05-07 16:32:24 -07:00
Zach Copley
869bc32d0d Remove errant double HTML entity encoding in API source attribution 2010-05-06 21:48:12 +00:00
Zach Copley
ee8c9d1422 Allow OStatusPlugin to set the source attribution title 2010-05-06 21:48:12 +00:00
Zach Copley
ce177400f8 - OStatusPlugin should return true if it doesn't need to handle source
attribution
- Remove stray break statement from NoticeList
2010-05-06 21:48:12 +00:00
Zach Copley
209fd12cd0 HTML entity encode source link URLs in plain XML output and add rel="nofollow" to them 2010-05-06 21:48:12 +00:00
Zach Copley
22fde00def Refactor and centralize notice source link calculation 2010-05-06 21:48:11 +00:00
Zach Copley
b547079b28 Add xmlns:statusnet and statusnet:notice_info element to Atom entries for notices 2010-05-06 21:48:11 +00:00
Brion Vibber
e05415f621 Merge branch 'testing' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	locale/ca/LC_MESSAGES/statusnet.po
	locale/de/LC_MESSAGES/statusnet.po
	locale/statusnet.pot
2010-05-05 17:07:50 -07:00
Brion Vibber
c2bda7726c XMPP debugging: log the message source when discarding empty or unrecognized messages. 2010-05-05 13:11:36 -07:00
Brion Vibber
bb94b78e89 Handle timeout more gracefully in background pings
Added a 2-second default timeout for XMLRPC/extended pings, configurable as [ping,timeout].
No longer repeating the entire ping section if we had an HTTP error during a submission.
For now, dropping the bad item and continuing on with others. (Todo: individual retry and cleaner discards of blacklisted broken-for-now sites.)
2010-05-04 18:43:32 -07:00
Craig Andrews
4fe00a3075 When handling incoming mail, skip everything after a blank line if we already have content 2010-05-03 23:02:25 -04:00
Evan Prodromou
3f2c805652 Merge branch 'master' of gitorious.org:statusnet/mainline 2010-04-30 15:00:55 -04:00