Commit Graph

3550 Commits

Author SHA1 Message Date
Mikael Nordfeldth
e5ad98e601 Silence action can only be used on non-priviliged users 2016-02-12 14:22:25 +01:00
Mikael Nordfeldth
ec257d940a Either use or don't use HTTPS
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
2016-02-10 00:57:39 +01:00
Mikael Nordfeldth
7c90d7022b Require the license with HTML5 2016-02-08 17:56:35 +01:00
Mikael Nordfeldth
cd71188d3a SimpleCaptcha plugin to stop basic bots 2016-02-08 17:47:09 +01:00
Mikael Nordfeldth
a30d34be7f Returnto the previous page when deleting a notice. 2016-02-08 15:30:28 +01:00
Mikael Nordfeldth
25c15119bc Backupaccount is always readonly 2016-02-03 01:15:35 +01:00
Mikael Nordfeldth
19b743a9f5 Set time limit to increase time backupaccount can take
Wills till run out of memory probably, we should fix that.
2016-02-03 01:04:14 +01:00
Mikael Nordfeldth
a6898b033d Fullname and location are now text, not varchar, and can be >191|255 2016-01-28 19:12:30 +01:00
Mikael Nordfeldth
7e6783bb8f Replace htmLawed with HTMLPurifier 2016-01-28 19:01:13 +01:00
Mikael Nordfeldth
d73c264e25 Haha, forgot that the $content content must also be there! 2016-01-27 23:04:19 +01:00
Mikael Nordfeldth
a47563cf3d Don't add space if there's no string in new notice content 2016-01-27 22:41:53 +01:00
Mikael Nordfeldth
03d2b680f8 Allow empty new-notice content via web if there's an upload 2016-01-27 22:39:43 +01:00
Mikael Nordfeldth
a1530b0e68 Removing superflous debug stuff 2016-01-14 22:12:36 +01:00
Mikael Nordfeldth
8df38df5cb Get uploaded media_ids via File::getByID()
Filters out failed ones...
2016-01-14 22:05:03 +01:00
Mikael Nordfeldth
e5019c3858 Accept media_ids parameter from Twitter API v1.1 clients
They upload the media first and then provide media IDs in a comma
separated parameter (but we just split it to all whole integers).
2016-01-14 20:24:01 +01:00
Mikael Nordfeldth
b570f0d3cb Media files are accepted and uploaded via Twitter API now 2016-01-14 19:15:02 +01:00
Mikael Nordfeldth
0caf0612d0 Make Twitter Media upload API v1.1 reach us
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
Mikael Nordfeldth
1e5770bbcf $this->notice is never unset after prepare 2016-01-13 21:34:15 +01:00
Mikael Nordfeldth
adba38ce20 Deleted_notice is pluginified, don't call directly from core 2016-01-13 21:29:23 +01:00
mmn
e4a1dff98d Merge branch 'apiaccountregister_event_branch' into 'nightly'
APIStartRegistrationTry event



See merge request !77
2016-01-11 21:08:09 +00:00
hannes
543a7e421e APIStartRegistrationTry event 2016-01-11 20:04:31 +00:00
Mikael Nordfeldth
33194b3cff Attention goes to the parent notice author too 2016-01-08 02:58:31 +01:00
Mikael Nordfeldth
c48871cf1b Notice from web now saves context->attention too! ;) 2016-01-07 23:24:15 +01:00
Mikael Nordfeldth
1f02dc639e shortenLinks _after_ media upload to be consistent with api 2016-01-07 18:14:45 +01:00
Mikael Nordfeldth
6505504411 shortenLinks with a capital L 2016-01-07 18:12:29 +01:00
Mikael Nordfeldth
6924bb1d29 Gah and a 302 in the non-exception-handling redirect too 2016-01-06 20:09:59 +01:00
Mikael Nordfeldth
a9b5519293 Attachment thumbnail redirect is a 302 redirect
It SHOULD be cached but it might no longer be valid if we empty cache or something.
2016-01-06 20:07:40 +01:00
Mikael Nordfeldth
4d179c6b0c Our URLs are permanent redirects, mind you! 2016-01-06 20:06:14 +01:00
Mikael Nordfeldth
b596391fcd Avoid having to check for notices without rendered copies in upgrade.php
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Mikael Nordfeldth
0fd2ad649e Conversation IDs (again) no longer based on Notice ID 2016-01-06 13:58:46 +01:00
Mikael Nordfeldth
4b22b0c42a More listitems and lists into separate files + stronger typing 2016-01-06 01:36:46 +01:00
Mikael Nordfeldth
6d9f390ba8 Separating classes into files and stronger typing 2016-01-06 01:30:12 +01:00
Mikael Nordfeldth
792b62874e Require Profile for Profile->getLists 2016-01-06 00:18:10 +01:00
Mikael Nordfeldth
3d66d960a1 Require Profile for Profile->getOtherTags 2016-01-06 00:07:15 +01:00
Mikael Nordfeldth
8ad6b8809a Don't abort on too long notices in Notice::saveActivity 2016-01-05 17:31:09 +01:00
Mikael Nordfeldth
c19964094b Pending subscription requests now work as they should
A slight layout issue with the buttons still persists
2016-01-03 20:27:53 +01:00
Mikael Nordfeldth
0dfafe2567 NewnoticeAction now uses Notice::saveActivity(...) 2016-01-01 20:18:54 +01:00
Mikael Nordfeldth
54325e266f upgrade script makes sure all notices have rendered copies 2016-01-01 18:30:38 +01:00
Mikael Nordfeldth
b0bf620c61 RecoverpasswordAction uses User->setPassword() 2015-12-30 17:53:43 +01:00
Mikael Nordfeldth
29847f172f setPassword now runs validate too 2015-12-30 17:51:57 +01:00
Chimo
c95f74018d Add AtomPub, Twitter-compat. API documentation to doc-src/ 2015-11-24 13:00:32 -05:00
mmn
3255e2e1b8 Merge branch 'page_title_showstream' into 'nightly'
Show page title in user's profile page

Enable page title on user's profile page to make it consistent with all other pages and better orient users.

![Screenshot_-_250715_-_14_50_00](https://git.gnu.io/aroque/gnu-social/uploads/06e92b233e88fdb66047fbc0571f9831/Screenshot_-_250715_-_14_50_00.png)

See merge request !22
2015-10-10 20:36:59 +00:00
mmn
89d3d9b2ce Merge branch 'usergroups_page' into 'nightly'
Improve display of user's groups page.

* Show page notice as for subscriptions
* Show instructions when user has no groups
* Add explanation of remote groups and link to skilledtest wiki

Here is how it looks when a logged in user is not following groups yet

![login_nogroups](https://git.gnu.io/aroque/gnu-social/uploads/34b1bdcdb9e7277ec3deff4594061c59/login_nogroups.png)

After following a group, you still see the instruction notice. This way you have links to searching groups and creating a new one.

![login_groups](https://git.gnu.io/aroque/gnu-social/uploads/cb50689bcdfca7adc5cdcbe620487aa4/login_groups.png)

Finally when logged out:

![nologin_groups](https://git.gnu.io/aroque/gnu-social/uploads/40d81ab909321f8729c2696dd3938d46/nologin_groups.png)

The current version on nightly has basically no text at all.

See merge request !25
2015-10-10 20:35:36 +00:00
Mikael Nordfeldth
a793d211d2 Match parent class definition of clientError 2015-10-10 20:51:53 +02:00
Mikael Nordfeldth
b4c51b2d39 Use an atom:link to ApiMediaUpload response instead of mediahref
'cause why not?
2015-10-10 20:41:14 +02:00
Mikael Nordfeldth
9728270acd Add mediahref in our incredibly arbitrary response 2015-10-10 17:15:29 +02:00
Mikael Nordfeldth
5d91c9a820 Don't send multiple error responses in ApiMediaUpload :) 2015-10-10 17:12:44 +02:00
Mikael Nordfeldth
dd149a76f3 AtomPub should work now, at least for post/note 2015-10-09 16:19:26 +02:00
Mikael Nordfeldth
216a04df86 Switching variable access in ApiTimelineUser to GNUsocial improvements 2015-10-09 11:23:20 +02:00
Mikael Nordfeldth
dac617d95a I think all the notice deletion calls are event-compatible now
This means we can handle DeleteNoticeAsProfile in plugins, such as
the ActivityModeration plugin.
2015-10-03 12:26:09 +02:00