Brion Vibber
54e98ffe22
Fix ticket #3013 : MAX_FILE_SIZE hidden fields were incorrectly placed
...
In order to apply to PHP's POST processing, the MAX_FILE_SIZE field must appear *before* the file upload field. They were incorrectly placed after, where they had no effect on POST processing.
2011-01-26 15:49:57 -08:00
Brion Vibber
621a7cb36d
Merge branch '0.9.x' into testing
2011-01-25 12:57:49 -08:00
Brion Vibber
820dd293c9
Fix for ticket #3007 : .bmp avatar uploads weren't being properly converted to PNG in all cases
...
Part of the reported issue was previuosly fixed by dc497ed0
(smaller size images being blanked).
This commit fixes the remaining bug with original-size avatars being left as BMP (which could include the 96px size for instance, which could cause problems in browsers not supporting BMP natively)
Added ImageFile::copyTo() as a convenient alias for resizeTo() when not resizing; this performs the BMP/XPM/XBM->PNG conversion if needed, or copies the original file.
Copying instead of using move_uploaded_file() is fine here since:
a) the files are cleaned up on script completion anyway (vs moving to remove it)
b) we're already performing getimagesize() and possibly load/resize on the file before this point (vs needing to move the file into a usable area to work with open_basedir restrictions that prevent working directly with uploaded files in the temp dir; since this would fail anyway, we lose nothing)
ImageFile::preferredType() now works on $this->type instead of asking for one, to make it handier to use from outside. (This is still needed in order for calling code to generate a target filename.)
Recommended for future:
* additional consolidation between the various ways of uploading avatars (touched avatarsettings, grouplogo, and apiaccountupdateprofileimage with similar minor changes)
* consolidate type checks and file naming into Avatar class
2011-01-24 12:22:47 -08:00
Siebrand Mazeland
6c0e43be9e
L10n consistency updates in wording and punctuation.
...
Translator documentation added/updated.
Superfluous whitespace removed.
2011-01-21 22:45:37 +01:00
Siebrand Mazeland
08cb576b52
Add translator documentation
...
Fix L10n issues
Remove superfluous whitespace
2011-01-21 16:35:00 +01:00
Brion Vibber
6fa0bea76d
Merge branch '0.9.x' into testing
2011-01-20 15:12:57 -08:00
Brion Vibber
6455461c19
Merge branch 'master' into 0.9.x
2011-01-20 15:08:31 -08:00
Zach Copley
05361bb686
OAuth: Fix rare problem in which request tokens were sometimes being
...
returned as access tokens.
2011-01-20 10:44:31 -08:00
Zach Copley
3a24b95edb
Fix a couple spelling mistakes in comments and remove redundant statement terminator
2011-01-20 10:44:05 -08:00
Zach Copley
882b6862a3
OAuth: Fix rare problem in which request tokens were sometimes being
...
returned as access tokens.
2011-01-19 23:00:24 -08:00
Zach Copley
114d9ebf28
Fix a couple spelling mistakes in comments and remove redundant statement terminator
2011-01-19 22:59:51 -08:00
Zach Copley
1543af748c
Merge branch 'testing' of gitorious.org:statusnet/mainline into testing
...
* 'testing' of gitorious.org:statusnet/mainline: (63 commits)
Add a scary 'experimental feture' warning & are-you-sure prompt on moveuser.php
fix wrong datatypes (saving string instead of array) in AtomPub notice processing
Account moving is a background activity
return a 409 Conflict when subscription already exists
OStatusPlugin does discovery in Profile::fromURI()
considerably more logging and error checking in AccountMover
add a log method to AccountMover
normalize accounts and check for return in HTTP for moving
move account-moving classes to their own libraries
execution protection on discovery.php
PHPCS discovery.php
Move discovery library from OStatus plugin to core
Revert "Revert "0.9.7alpha1""
first example of moving a user
Parse properties of links in XRD files
Add the Atom username to the XRD output
preserve activities in object
let callers pass in an XMLOutputter to output to
execution protection on discovery.php
PHPCS linkheader.php
...
2011-01-19 22:58:07 -08:00
Zach Copley
e475bdfe77
OAuth: Fix rare problem in which request tokens were sometimes being
...
returned as access tokens.
2011-01-19 22:55:00 -08:00
Zach Copley
6eca8188b6
Fix a couple spelling mistakes in comments and remove redundant statement terminator
2011-01-19 15:52:18 -08:00
Brion Vibber
963e7576f2
Merge branch 'testing' into moveaccount
2011-01-19 10:41:14 -08:00
Brion Vibber
397f7cd0d8
Refactor profile sidebar statistics output so plugins can hook it and add entries.
2011-01-18 13:32:00 -08:00
Brion Vibber
ff6df8061b
Refactor profile sidebar stats generation: factor out giant chunk of repeated method calls
2011-01-18 13:12:08 -08:00
Brion Vibber
9be770e609
Start cleaning up profile sidebar: link the header text on subscription/subscriber/groups sections to the tabs so users don't have to dance around looking for the link if they don't have enough to trigger a 'more' link.
...
Consolidated some of that link generation; sooooo much more dupe code to kill in this section!
2011-01-18 12:52:38 -08:00
Brion Vibber
56e2bc10d9
Cleanup stray PHP 4-style references in hook calls for navigation bars. We can't replace the live action from here, and don't need a reference to keep the object mutable. Dumping the references helps ensure we don't end up getting errors when things calling the hooks might forget to use the reference and the PHP error reporting settings expose this fact at us.
2011-01-18 12:34:27 -08:00
Evan Prodromou
2a59453d4c
Merge branch 'testing' into moveaccount
2011-01-17 17:34:03 -05:00
Evan Prodromou
fb681990d9
Account moving is a background activity
2011-01-17 17:31:56 -05:00
Evan Prodromou
dce2824747
considerably more logging and error checking in AccountMover
2011-01-17 15:25:58 -05:00
Evan Prodromou
feb3ae4c09
add a log method to AccountMover
2011-01-17 15:06:15 -05:00
Evan Prodromou
b11426dbf4
normalize accounts and check for return in HTTP for moving
2011-01-16 17:17:55 -05:00
Evan Prodromou
905aded81a
move account-moving classes to their own libraries
2011-01-16 17:17:55 -05:00
Evan Prodromou
81079fe522
execution protection on discovery.php
2011-01-16 17:17:55 -05:00
Evan Prodromou
fafb6733db
PHPCS discovery.php
2011-01-16 17:17:55 -05:00
Evan Prodromou
1152b0c3e8
Move discovery library from OStatus plugin to core
2011-01-16 17:16:01 -05:00
Evan Prodromou
a953b93194
Revert "Revert "0.9.7alpha1""
...
This reverts commit fd20554651
.
Conflicts:
lib/common.php
2011-01-16 17:15:26 -05:00
Evan Prodromou
fd7dd9b10f
Parse properties of links in XRD files
2011-01-16 17:15:26 -05:00
Evan Prodromou
8653d8a252
Add the Atom username to the XRD output
2011-01-16 17:15:26 -05:00
Evan Prodromou
aa9137ca71
preserve activities in object
2011-01-16 17:15:26 -05:00
Evan Prodromou
e433e559f8
let callers pass in an XMLOutputter to output to
2011-01-16 17:15:26 -05:00
Evan Prodromou
2a54919d1f
execution protection on discovery.php
2011-01-16 17:15:26 -05:00
Evan Prodromou
0649b96e9b
PHPCS linkheader.php
2011-01-16 17:15:26 -05:00
Evan Prodromou
02cf7d47f8
PHPCS discovery.php
2011-01-16 17:15:26 -05:00
Evan Prodromou
abf694ae5b
move linkheader.php to core
2011-01-16 17:15:26 -05:00
Evan Prodromou
7d1f609bf0
Move discovery library from OStatus plugin to core
2011-01-16 17:15:26 -05:00
Siebrand Mazeland
02f005fe5f
* L10n updates
...
* translator documentation added
2011-01-14 21:53:39 +01:00
Siebrand Mazeland
bf40b3e694
* remove i18n for debug message.
...
* add i18n for some exceptions.
* add translator documentation.
* L10n updates.
* remove superfluous whitespace.
2011-01-14 21:41:36 +01:00
Brion Vibber
cb56f445b8
Ticket #2166 : accept aliases for local group names in API
...
Also simplifies the code by using User_group::getForNickname instead of duplicating half of it :D
2011-01-07 16:23:54 -08:00
Brion Vibber
5616bfb5ff
Fix warning in subscribers/subscriptions list pages where we attempted to call free() an ArrayWrapper after it was used up, thus trying to forward the call to a nonexistent object.
...
Removed the free calls (unneeded since destructors now work), and added an error check w/ logging & an exception for future attempts to forward calls to nonexistent object.
2011-01-07 15:29:30 -08:00
Brion Vibber
0ec07e9c65
Use ReflectionFunction to check for a present-but-disabled dl() function instead of manually parsing the disable_functions php.ini setting.
...
We were checking the list as comma-delimited (per the description of it as comma-delimited), but in fact spaces are also accepted, and who knows what else.
2011-01-07 14:48:40 -08:00
Brion Vibber
35507cd039
Fix ticket #2392 : sending invitation email fails when site name contains double quotes
...
Gotta escape quotes!
2011-01-06 17:43:00 -08:00
Brion Vibber
f2a43769e7
Fix for atom/activity streams parsing: feed's <activity:subject> was being taken at a higher priority than entry's <atom:author>, which broke OStatus group posting since we retired <activity:actor>.
...
Added test case to ActivityParseTests.
2011-01-06 15:13:38 -08:00
Brion Vibber
4b29d0ebb6
Merge branch 'testing-sig' of gitorious.org:~brion/statusnet/brion-fixes into testing
2011-01-05 16:04:32 -08:00
Brion Vibber
f5650806cc
Switch autoloader from '__autoload' magic function name to registering our function with spl_autoload_register(); fixes compat problem with PHPUnit 3.5+ which seems to break the old __autoload
2011-01-05 23:27:17 +00:00
Evan Prodromou
60d8fcd0e7
Revert "Revert "0.9.7alpha1""
...
This reverts commit fd20554651
.
Conflicts:
lib/common.php
2011-01-05 10:52:44 -08:00
Evan Prodromou
a7e5c58a82
Merge branch 'revertversion' into 0.9.x
2011-01-03 10:51:42 -08:00
Evan Prodromou
fd20554651
Revert "0.9.7alpha1"
...
This reverts commit 3d62c1cf51
.
2011-01-03 10:51:29 -08:00
Evan Prodromou
98a0d7f538
Configuration options for using an HTTP proxy
...
We can make a lot of HTTP requests from the server side. This change
adds some configuration options for using an HTTP proxy, which can
cache hits from multiple sites (good for status.net-like services, for example).
2011-01-03 10:38:32 -08:00
Brion Vibber
80e2f4f529
Fix up edge case in nickname processing: overlong display forms should be rejected before normalization (storage of display forms will also have fields with limited length)
2010-12-30 17:11:16 -08:00
Evan Prodromou
66f6b2a342
Events to hook for NoticeListElement <li> generation
2010-12-30 16:57:05 -08:00
Evan Prodromou
3b5c3d2c84
UUID-generation tools
2010-12-30 12:15:34 -08:00
Evan Prodromou
c91b080a8e
version 0.9.8dev
2010-12-29 16:18:43 -08:00
Evan Prodromou
3d62c1cf51
0.9.7alpha1
2010-12-29 16:15:57 -08:00
Evan Prodromou
d8219c07be
update version to 0.9.7
2010-12-29 16:14:00 -08:00
Evan Prodromou
80191b56df
Show <activity:subject> in Atom group notice feed
...
Version 0.9.6 and below of StatusNet assume anything in <author> is a
Person. So, we include an <activity:subject> element, which will be
checked first by those versions of the code, only for group feeds.
At some point we'll take this out, but it's useful for now.
2010-12-29 15:33:57 -08:00
Evan Prodromou
d3b10959f4
Merge branch '0.9.x' into noactor
2010-12-29 15:29:29 -08:00
Evan Prodromou
26afe79ed9
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
2010-12-29 14:53:38 -08:00
Brion Vibber
90c7ff1983
Merge branch 'master' into 0.9.x
2010-12-28 11:37:38 -08:00
Brion Vibber
d3d9797496
Prevent group creation by silenced users.
...
* adds Right::CREATEGROUP
* logic in Profile::hasRight() checks for silencing
* NewgroupAction checks for the permission before letting you see or process the form in the UI
* User_group::register() logic does a low-level check on the specified initial group admin, and rejects creation if that user doesn't have the right; guaranteeing that API methods etc will also have this restriction applied sensibly.
2010-12-28 11:34:02 -08:00
Evan Prodromou
8814fb3822
Merge branch '0.9.x' into socialbookmark
2010-12-27 22:38:36 -08:00
Evan Prodromou
1996545947
add events for restoring activities
2010-12-27 22:28:20 -08:00
Evan Prodromou
6393326557
Merge branch '0.9.x' into socialbookmark
2010-12-27 20:49:31 -08:00
Evan Prodromou
c78170a275
Better job making an ActivityObject from an <atom:author>
2010-12-27 10:19:51 -08:00
Evan Prodromou
ab92496ddc
Stop using <activity:subject> for atom feeds
2010-12-27 10:03:34 -08:00
Evan Prodromou
f5128015be
Use outputTo() instead of asString() for including sub-elements
2010-12-27 09:46:25 -08:00
Evan Prodromou
1188d5bab2
Don't output deprecated <activity:actor> element
2010-12-27 09:25:26 -08:00
Brion Vibber
464e0f8115
Don't trust text/xml mime types; generic content detection gives useless stuff like that on SVG images! Todo: replace the extension check in this case with better content-based checks.
2010-12-22 13:56:19 -08:00
Evan Prodromou
402cac2f93
Merge branch '0.9.x' into socialbookmark
...
Conflicts:
lib/activityobject.php
2010-12-22 12:09:42 -08:00
Evan Prodromou
35d9a065fb
Revert "initialize ActivityObject::$extra"
...
This reverts commit 3e82000d57
.
2010-12-22 12:07:13 -08:00
Evan Prodromou
e11ca1e052
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
2010-12-22 12:05:40 -08:00
Brion Vibber
448dfb69d4
Initialize $extra member to empty array on ActivityObject
2010-12-22 12:03:05 -08:00
Evan Prodromou
3e82000d57
initialize ActivityObject::$extra
2010-12-22 12:02:50 -08:00
Evan Prodromou
5fe8301129
disable account deletion by default
2010-12-22 11:25:47 -08:00
Evan Prodromou
9a6ceb3303
Merge branch 'righttoleave' into 0.9.x
2010-12-22 11:22:51 -08:00
Evan Prodromou
17515aacac
drop previous in oembedhelperexception code
2010-12-20 18:32:43 -05:00
Evan Prodromou
f63355451d
fixup exception constructor for php 5.2
2010-12-20 18:28:42 -05:00
Evan Prodromou
24f9a991b6
Let activity objects write directly to activity's own outputter
2010-12-20 13:30:33 -05:00
Evan Prodromou
6a6dd81d1f
Let activity objects write directly to activity's own outputter
2010-12-20 13:26:57 -05:00
Evan Prodromou
688841fb41
ActivityObject has attribute for other elements
2010-12-19 10:16:44 -05:00
Evan Prodromou
25d03c42e6
Add events for representing objects as activity:object
...
Add 6 new events to make it easier to override the type of an activity object.
2010-12-18 17:24:41 -05:00
Brion Vibber
fb8312ebf4
Ticket #2959 : implement api/users/profile_image endpoint in Twitter-compat API
2010-12-17 17:10:52 -08:00
Evan Prodromou
573bbeced1
action to restore a user's backup from the Web interface
2010-12-17 18:56:48 -05:00
Evan Prodromou
1d6091cad2
Two bug fixes in activityimporter
2010-12-17 18:56:17 -05:00
Evan Prodromou
120802b807
change code order to make shorter lines
2010-12-17 18:55:00 -05:00
Evan Prodromou
1a81356622
I'm still not sure when it's useful to reset a notice's author
2010-12-17 17:37:43 -05:00
Evan Prodromou
4b41d05a13
Make restoreuser use new FeedImporter queue handler
2010-12-17 16:27:20 -05:00
Evan Prodromou
044763cf06
move activity importing code to two different queuehandler classes
2010-12-17 13:12:17 -05:00
Evan Prodromou
6469d75fb0
Move accountrestorer class to feed importer
2010-12-17 13:10:23 -05:00
Evan Prodromou
16fc5314fb
move code to get an author object for a feed to a library from Ostatus_profile
2010-12-17 13:09:37 -05:00
Brion Vibber
ed24c95ac2
Fix ticket #2929 : router cache now clears itself when switching singleuser mode in and out
2010-12-16 13:42:10 -08:00
Evan Prodromou
39804809dd
distribute flag for Notice::saveNew()
2010-12-16 16:17:38 -05:00
Evan Prodromou
2e2519afee
Move account restoration code to a shared library
...
Moved most of the heavy-lifting for account restoration out of
restoreuser.php and into its own class, with the hope that we'll do
the work from the Web eventually.
2010-12-15 17:53:38 -05:00
Evan Prodromou
e16cb8c03a
Merge branch '0.9.x' into righttoleave
2010-12-15 16:48:28 -05:00
Brion Vibber
6c67114198
Mark OembedAction, XrdAction, and (plugin) AutocompleteAction as read-only. Tweaked ApiStatusesShow and ApiTimelineUser to still claim read-only when hit with a HEAD request (usually link checkers or a precursor to a GET, and should be semantically equivalent to a GET without actually transferring data)
2010-12-14 16:14:15 -08:00
Brion Vibber
2ed1e9b126
AtomPub discovery fix: gets MarsEdit's auto API detection working.
...
Router entry for AtomPubService was slightly off, generating an incorrect link in the RSD data.
2010-12-14 14:43:50 -08:00
Evan Prodromou
d840578aa0
An action to delete your own account
...
The new DeleteaccountAction lets a user delete their own account
(subject to global rights set by the admin). It presents a form to
delete the account, with an "I am sure." text entry box.
It then schedules the account for deletion and logs the user out.
2010-12-14 12:38:43 -05:00
Evan Prodromou
5089d3065c
add an action to backup the current account in ActivityStreams format
2010-12-13 16:32:39 -05:00