Commit Graph

2516 Commits

Author SHA1 Message Date
Brion Vibber
87b8a89aa7 Merge branch 'master' of gitorious.org:statusnet/mainline into testing 2010-05-21 13:12:25 -07:00
Brion Vibber
68305d4b68 Added block link to subscription notification emails; block action can now take a profile ID on the URL; added profile details to block page so there's an indication of who you're blocking before you pull the trigger.
Fixed typo in RedirectingAction when no return-to data provided in form submission.
RedirectingAction::returnToArgs() has been renamed to returnToPrevious() to avoid conflict with Action::returnToArgs() which returns arguments to be passed to other actions as return-to arguments. All callers should now be updated.
More profile settings actions will now redirect through a login form if visited as a GET request, as would be expected from a bookmark, link sent in e-mail etc.
2010-05-20 14:24:44 -07:00
Brion Vibber
a39a934dd4 Merge branch 'master' of gitorious.org:statusnet/mainline into testing 2010-05-19 10:59:14 -07:00
Zach Copley
5ea019c41a Remove errant double HTML entity encoding in API source attribution 2010-05-18 15:16:23 -07:00
Zach Copley
0dfef88cac HTML entity encode source link URLs in plain XML output and add rel="nofollow" to them 2010-05-18 15:15:52 -07:00
Zach Copley
c78f67aa73 Refactor and centralize notice source link calculation 2010-05-18 15:15:27 -07:00
Brion Vibber
14a76926a2 Redirect non-SSL hits to login & register actions to SSL if 'always' or 'sometimes' SSL modes are kicked in.
The forms would already submit to SSL, but people are happier if they start on a secure page!

Note: this really should be done for sensitive/all URLs in index.php, but it seems a bit awkward to reconstruct the SSL version of the link atm. Cleanup todo!
2010-05-18 21:52:17 +00:00
James Walker
6da59fab58 invalid mbox_sha1sum in the case where users don't have an email address
(reported by pedantic-web.org)
2010-05-18 10:09:16 -04:00
Brion Vibber
2e808fdc82 More direct text for registration licensing/tos checkbox for private and all-rights-reserved sites. 2010-05-13 16:47:58 -07:00
Zach Copley
fba140f4e0 Fix for repeats from the API having null source attribution 2010-05-08 00:07:42 +00:00
Zach Copley
b50f300566 Implement since_id and max_id param handling for /api/favorites 2010-05-05 14:46:36 -07:00
Brion Vibber
369885f04f Merge branch 'master' into testing 2010-04-19 18:47:11 +02:00
Brion Vibber
e547a2f54c Fix ticket #2289: registration links were showing in top nav bar, login page message when site set to invite-only or closed registration, when the 'register' action can't be used. 2010-04-19 18:45:50 +02:00
Siebrand Mazeland
166c1edba9 Fix inconsistencies in clientError() messages
* use correct punctuation
* single quotes when replace was possible
* wording updated when needed
2010-04-09 16:11:20 -07:00
Siebrand Mazeland
5c6c9b6f5f Update message formatting for serverError to use a starting capital and a leading period. 2010-04-09 15:29:41 -07:00
Brion Vibber
58d5d7baee Clean up badly formatted strings in OembedAction 2010-04-09 15:29:25 -07:00
Brion Vibber
f4ad0acd84 Merge branch 'master' of git@gitorious.org:statusnet/mainline into testing 2010-04-09 12:01:53 -07:00
Evan Prodromou
4e3fad4f0d fix attributes on homepage output 2010-04-09 14:11:18 -04:00
Brion Vibber
756dd15515 i18n cleanup: fix bad string breakdown in license agreement checkbox on registration form.
Note that much of that form is duplicated several times for Twitter, Facebook, and OpenID registrations -- these need to be refactored to avoid having multiple out-of-sync copies of code and messages.
2010-04-09 10:12:23 -07:00
Brion Vibber
b76b0d3a5f Cleanup bad i18n format for page title on bookmarklet posting window 2010-04-09 09:44:30 -07:00
Brion Vibber
7baf671570 Avoid E_NOTICE spew when listing group members who aren't admins 2010-04-09 08:38:42 -07:00
Christopher Vollick
a93d0dc16a Undefined Variable in foafgroup.php
Probably just left over from the past.
2010-04-09 08:38:34 -07:00
Brion Vibber
2be04e2a63 Avoid E_NOTICE spew when listing group members who aren't admins 2010-04-09 08:37:24 -07:00
Christopher Vollick
eefde36fcf Undefined Variable in foafgroup.php
Probably just left over from the past.
2010-04-09 08:35:13 -07:00
Brion Vibber
5dbaaed4e6 Maintain 'page' parameter for block from subscribers list, block & make-admin from group members list.
Refactored some of the returnto handling code. It looks like we have several different ways of handling this in the software, icky!
Marked the session-based functions with fixmes (they'll stomp on other forms when multiple tabs/windows are used) and combined some commonish bits of code between ProfileFormAction and the group block & makeadmin actions where they're using hidden form parameters. Extended that to allow passing dynamic parameters (eg 'page') as well as static ones (action, target user/group).
2010-04-08 19:06:55 -07:00
Brion Vibber
b71f276ed5 Merge branch 'master' into testing 2010-04-05 10:42:41 -07:00
Evan Prodromou
2a489018b1 use nofollow for subscribers list 2010-04-05 11:18:03 -04:00
Evan Prodromou
16827a66ba use nofollow for group members list 2010-04-05 11:17:51 -04:00
Evan Prodromou
95229bc7a0 use homepage link attributes method for peopletaglist 2010-04-05 11:17:36 -04:00
Evan Prodromou
0b30230b5a Merge branch 'nofollow' 2010-04-05 11:04:47 -04:00
Evan Prodromou
2882e40540 nofollow for peopletag pages 2010-04-05 11:03:14 -04:00
Evan Prodromou
96761c14ea override linkAttributes() method for groupmembersminilist 2010-04-05 10:47:07 -04:00
Evan Prodromou
ffc1ac02c3 add an event for group members minilist 2010-04-05 10:12:27 -04:00
Brion Vibber
d4940fe148 Ticket #2272: Block confirmation form should let enter trigger the 'yes' button
Setting focus into the form to make it easier to submit by keyboard. Enter or space will now trigger the button right off without having to mouse around to find the button after we've clicked into the conf form, and keyboarders can also get to the 'no' button more easily.
2010-04-03 10:29:24 -07:00
Brion Vibber
f2b60b78b6 Ticket #2272: Block confirmation form should let enter trigger the 'yes' button
Setting focus into the form to make it easier to submit by keyboard. Enter or space will now trigger the button right off without having to mouse around to find the button after we've clicked into the conf form, and keyboarders can also get to the 'no' button more easily.
2010-04-03 10:26:43 -07:00
Brion Vibber
b42e044f6e Merge branch 'master' into testing 2010-04-02 15:48:17 -07:00
Evan Prodromou
d60c1f1a9f Revert "Revert "if user allows location sharing but turned off browser location use profile location""
This reverts commit 8b24ad8a9c.
2010-04-01 12:58:06 -04:00
Evan Prodromou
8b24ad8a9c Revert "if user allows location sharing but turned off browser location use profile location"
This reverts commit 4b80ce0be8.
2010-04-01 12:52:12 -04:00
Evan Prodromou
4b80ce0be8 if user allows location sharing but turned off browser location use profile location 2010-04-01 12:09:33 -04:00
Brion Vibber
0841fa712e Ticket #1281: JID validation now more or less follows spec instead of calling e-mail validator
Basic splitting/validation code submitted via http://status.net/wiki/XMPP/JID_validation -- Copyright 2009 Patrick Georgi <patrick@georgi-clan.de> Licensed under ISC-L, which is compatible with everything else that keeps the copyright notice intact.

Added PEAR Net_IDNA package to extlib to handle IDN normalization (also used by Validate's email verifier if present).

* added test suite, supplemented my own test cases with JID validation and normalization test cases from libpurple
* follows XMPP rules for validation of name part
* fixes for normalization with non-ASCII names
* will do domain checks if $config['email']['check_domain'] is on, checking for an XMPP-server SRV record or any lookup. (We don't actually need to ping those direct though.)
* some more obscure stringprep validation rules aren't quite followed yet, but we err on the side of permissiveness.
* we still don't actually let you save your address with a resource on it, as we strip resources when looking up users who've sent us presence or message updates. I would recommend saving the outgoing resource as a separate field if/when we add that..?
2010-03-30 17:35:27 -07:00
Brion Vibber
f694f254a4 Fix for error output on invalid user ID to api groups list 2010-03-30 11:47:49 -07:00
Brion Vibber
37b41d227d Fix for error output on invalid user ID to api groups list 2010-03-30 11:47:23 -07:00
Brion Vibber
034e88bcbc Fixes for apigrouplist - notice spew from undefined var, notice spew from missing escape in sprintf format 2010-03-30 11:45:41 -07:00
Brion Vibber
0284e1315c Quick fixes for grouplistall:
* respect count instead of listing all groups
* respect page parameter
* don't spew notice on undefined $id
* don't spew notice on undefined $group->homepage_url (dropped the element since there's nothing to go in it)
2010-03-30 11:45:35 -07:00
Brion Vibber
0fa894be9d Fixes for apigrouplist - notice spew from undefined var, notice spew from missing escape in sprintf format 2010-03-30 11:44:13 -07:00
Brion Vibber
ca897ef346 Quick fixes for grouplistall:
* respect count instead of listing all groups
* respect page parameter
* don't spew notice on undefined $id
* don't spew notice on undefined $group->homepage_url (dropped the element since there's nothing to go in it)
2010-03-30 11:10:29 -07:00
Brion Vibber
d38ce90fa1 Fix to profile location in FOAF output: longitude was repeating the latitude by mistake 2010-03-29 17:54:22 -07:00
Brion Vibber
17f1ea703d Fix to profile location in FOAF output: longitude was repeating the latitude by mistake 2010-03-29 17:53:31 -07:00
Zach Copley
15736ea435 Really make sure we return 'true' and 'false' strings for boolean vals in api/statusnet/config.:format. 2010-03-26 19:59:05 +00:00
Sarven Capadisli
b4a4438abd Using unique @for, @id pair for jabber and sms options in subscriptions 2010-03-25 22:20:20 +01:00