Commit Graph

714 Commits

Author SHA1 Message Date
Evan Prodromou
75f285ddf6 merge in changes for CSRF, too
darcs-hash:20080830162223-84dde-573e490dc4fde68512ea4ec28599019d2740cfcf.gz
2008-08-30 12:22:23 -04:00
CiaranG
bfb22a9932 XMPP daemon updates including help, sub and subsub commands, plus subscribe/unsubcribe logic broken out into standalone module for sharing
darcs-hash:20080816083422-f6e2c-fb8b4e0581719bd8c3f433e661ec9742e1b84cbc.gz
2008-08-16 04:34:22 -04:00
Evan Prodromou
9bff7c9a76 removed the preview, so use "Send" for the button
darcs-hash:20080827011921-84dde-622d4c8eab1b05ce999bba4554b85c08a5840c79.gz
2008-08-26 21:19:21 -04:00
Evan Prodromou
c55e3089c5 fix format string, again again
darcs-hash:20080827010138-84dde-db15d5a4408a9cca08822b4c4946e2dfc60ea3db.gz
2008-08-26 21:01:38 -04:00
Evan Prodromou
37991eace8 lost the names when making a new function send_invitation
darcs-hash:20080827005418-84dde-7e7a4be646c520542e8c065ba90ba759c100b481.gz
2008-08-26 20:54:18 -04:00
Evan Prodromou
ebf5d52f74 send personal message through to send_invitation function
darcs-hash:20080827005155-84dde-02a097e286800519fe5294cb7005ead533db478f.gz
2008-08-26 20:51:55 -04:00
Evan Prodromou
0ce9b20566 fix runon string in invites format
darcs-hash:20080827004854-84dde-a558664ac7f02ff319e3c29ac4516f491abef29a.gz
2008-08-26 20:48:54 -04:00
Evan Prodromou
6a57f42606 fix format for subject
darcs-hash:20080827004755-84dde-d3275abf281b1d4790806357d3d0bcba634f28f3.gz
2008-08-26 20:47:55 -04:00
Evan Prodromou
b158658caa save invitation code and improve format of outgoing mail
darcs-hash:20080827004410-84dde-226101a8482f511ff9df7546342f84dd94ceca54.gz
2008-08-26 20:44:10 -04:00
Evan Prodromou
11be8376dd correct output on invitations
darcs-hash:20080827003529-84dde-614dc517061e76d180823c0aaf3fc9f434f6480c.gz
2008-08-26 20:35:29 -04:00
Evan Prodromou
e248066b74 updates for invitations
Add the code to registration to handle invitation codes.

Some edge cases on invitations: is the user already subbed to this
person? Tell them. Is the person already on the system? Sub the user
to them, then, and tell the user.

Add some code to User to auto-sub invitees whenever the email address
changes. Call it from a new registration with an invite code, and also
from confirmaddress.

Some whitespace cleanup in the files touched.

darcs-hash:20080827001927-84dde-b50e5d921ca3f2fb894821730ff93cac09d2ba66.gz
2008-08-26 20:19:27 -04:00
Evan Prodromou
19614f33a4 skip preview, just send the darn thing
darcs-hash:20080826021227-84dde-22f709bf330bcfa46b93eadd11700723bf640a6b.gz
2008-08-25 22:12:27 -04:00
Evan Prodromou
1e78f020e9 fix instructions
darcs-hash:20080825193738-84dde-d58e63ee015a52ccf065d17a2fc16d2d1899f805.gz
2008-08-25 15:37:38 -04:00
Evan Prodromou
55fe8f8ff8 start the invite form
darcs-hash:20080825192946-84dde-c48e79699e5c0bc51ce5ab1fa921c49abbf2c4f5.gz
2008-08-25 15:29:46 -04:00
Evan Prodromou
a64330b77c blow subscriptions cache when the user deletes a notice
darcs-hash:20080920175339-84dde-e46d0e7b86e0752e8331cdfba26257b3ff9e601c.gz
2008-09-20 13:53:39 -04:00
CiaranG
95d9920d78 Fix typo in finishremotesubscribe
darcs-hash:20080904201921-f6e2c-44a5fc1dbf699b9c2b6919eaabd7db12c7c65ef8.gz
2008-09-04 16:19:21 -04:00
Evan Prodromou
9078e95e5f fix bad args in postnotice for new notices
darcs-hash:20080904195720-84dde-f286bfe898ef3e08f07fd977bfe692e9cff6c375.gz
2008-09-04 15:57:20 -04:00
CiaranG
fff677e6c4 Resolve remote subscribe and omb problems with quotes (Tickets #604 and #567)
darcs-hash:20080904065504-f6e2c-f0c770f52624e7151a93f2ed2b8813657ca88c14.gz
2008-09-04 02:55:04 -04:00
Garret Buell
4d1528734d RequirePassword
Require a password with at least 6 characters when registering.

darcs-hash:20080830195036-e3c0d-6b4cac221674240e1a8383675b69863f54dd2525.gz
2008-08-30 15:50:36 -04:00
Evan Prodromou
44f02dd9c1 move broadcast in OMB postnotice for bad case
darcs-hash:20080828221420-84dde-713f564d28d2e548a09a325443b37d6dc1e9a7e7.gz
2008-08-28 18:14:20 -04:00
Evan Prodromou
adeb19f1f7 clean up username entered at login
darcs-hash:20080829225258-84dde-6fee5f0beea62f023c13436b8d7044241bc0d01a.gz
2008-08-29 18:52:58 -04:00
Zach Copley
9fb08ec45e CSRF protection in remotesubscribe
darcs-hash:20080829054038-7b5ce-d0503a8eb7f89a9d2de4aadd4550f4342b943b09.gz
2008-08-29 01:40:38 -04:00
Zach Copley
a034e13bf0 CSRF protection in emailsettings
darcs-hash:20080829053337-7b5ce-6d94638c57d185e5d44e02ad458593a3f4de36d9.gz
2008-08-29 01:33:37 -04:00
Evan Prodromou
2dc50d7e37 CSRF protection in user registration
darcs-hash:20080829054017-84dde-c9268e5c815934dcbca2451dd6c9016f2ac4a03a.gz
2008-08-29 01:40:17 -04:00
Zach Copley
47726844a0 CSRF protection in recoverpassword
darcs-hash:20080829052824-7b5ce-39a8fd299b7a85793ad7a19fe00c93813ca882b6.gz
2008-08-29 01:28:24 -04:00
Evan Prodromou
98e941753b session token in userauthorization form
darcs-hash:20080829052847-84dde-a64918a75f8300ec8fb230202881691066147652.gz
2008-08-29 01:28:47 -04:00
Evan Prodromou
63438008e0 csrf protection in userauthorization
darcs-hash:20080829052732-84dde-0ebb7e32236b480cc3aa2eb7a4bb2b41ff6177d6.gz
2008-08-29 01:27:32 -04:00
Evan Prodromou
9b741c4f9a better client error on CSRF problem with subscribe/unsubscribe
darcs-hash:20080829051628-84dde-2a339a35c422afb9ec04f757771764ed43b2c28b.gz
2008-08-29 01:16:28 -04:00
Evan Prodromou
4272da4e9e CSRF protection for subscription/unsubscription
darcs-hash:20080829051104-84dde-9bd23c28c2c8a720046060a33ff3e5f246c47116.gz
2008-08-29 01:11:04 -04:00
Zach Copley
2e239e3fbb CSRF protection in imsettings.php
darcs-hash:20080829035707-7b5ce-69a9ff98390ff8b9671ede948d78fdb37371aac6.gz
2008-08-28 23:57:07 -04:00
Zach Copley
6be7cbc5cd CSRF protection in smssettings.php
darcs-hash:20080829035118-7b5ce-57613e88b29617ea422c7f7003e81ef885e3debb.gz
2008-08-28 23:51:18 -04:00
Evan Prodromou
6afb7f576e add csrf protection to profile settings
darcs-hash:20080829043909-84dde-c70a633c93ab89560bc300817bda66eebf6176cf.gz
2008-08-29 00:39:09 -04:00
Evan Prodromou
9a65f45c45 CSRF protection in openidsettings
darcs-hash:20080829042908-84dde-1d1a22dfd3d89c5521aeb9069dc64c5f6dad3a27.gz
2008-08-29 00:29:08 -04:00
Evan Prodromou
d0a466bdb7 swap around some stuff to show the form correctly on a CSRF error in openidlogin
darcs-hash:20080829040925-84dde-7195734eeb3df6439c099c1139caf77e2c2ea3c1.gz
2008-08-29 00:09:25 -04:00
Evan Prodromou
42a6492152 CSRF protection for OpenID form
darcs-hash:20080829035934-84dde-cf36fd802bed76fdf15ac39b838494a414d5cc1e.gz
2008-08-28 23:59:34 -04:00
Evan Prodromou
d6dd35a66a add a token for CSRF avoidance
darcs-hash:20080829034854-84dde-a636b446dc254aaa77ac65f63be01e49c192bf32.gz
2008-08-28 23:48:54 -04:00
Evan Prodromou
93e67c7133 show error in delete notice
darcs-hash:20080829025559-84dde-bd29b5e6750a1ff72bd39e8e76bde325b0313fb8.gz
2008-08-28 22:55:59 -04:00
Evan Prodromou
dd55916d56 CSRF protection in deletenotice
darcs-hash:20080829025127-84dde-b3e2eb64b7dd8302037f471f6dba6949e2e15ecc.gz
2008-08-28 22:51:27 -04:00
Evan Prodromou
d3c86d0016 add CSRF protection to avatar
darcs-hash:20080829023919-84dde-38e4bf6bddc120a221af5f856d9f88b7a532096b.gz
2008-08-28 22:39:19 -04:00
Evan Prodromou
d146355875 return after failed token
darcs-hash:20080829023731-84dde-8920bbaf1e1f171829d0acff3f89ec987deb6368.gz
2008-08-28 22:37:31 -04:00
Evan Prodromou
ff566a149d add session token check to password change
darcs-hash:20080829014515-84dde-bce51f66ba0b3b4347a55a70b2b266b72c242304.gz
2008-08-28 21:45:15 -04:00
Evan Prodromou
b1ff7d7a2b fix error storing uris of remote notices
darcs-hash:20080826211108-84dde-b277bdb1476b9cec0c0d93fa8d565c4642ba16c8.gz
2008-08-26 17:11:08 -04:00
Evan Prodromou
3fda5a684f notify user of remote subscriptions
darcs-hash:20080824200517-84dde-9662d89dbcd948e3ef7b7f8d4e82d90b4891c684.gz
2008-08-24 16:05:17 -04:00
Evan Prodromou
a20a038542 be a little more liberal for sites that accidentally put whitespace before the xml decl
darcs-hash:20080824013803-84dde-9c5d9ce9c588cfb9baddae64366e3417f0a5fee9.gz
2008-08-23 21:38:03 -04:00
Evan Prodromou
7d6e1bb47f request token is not readonly
darcs-hash:20080824011706-84dde-bf35373c3bfc631f8285f8630155195c3c5cc304.gz
2008-08-23 21:17:06 -04:00
CiaranG
92645bbc57 XMPP sub/unsub and help commands
darcs-hash:20080822191032-f6e2c-a3a7efbbaad1ec7c48ef132a8ba34fc8b8651969.gz
2008-08-22 15:10:32 -04:00
Evan Prodromou
ea40dabb39 better error reporting in user authorization action
darcs-hash:20080822212111-84dde-2770093fcfaa6fe03abb1143d3828f0622382b45.gz
2008-08-22 17:21:11 -04:00
Evan Prodromou
a91cd75c17 local-only is optional on public timeline
darcs-hash:20080822210307-84dde-c90f6e7953d11c5b12c7a084ac23e5578412932c.gz
2008-08-22 17:03:07 -04:00
zach
0b87bf6c54 Twitter-compatible API - RESTfulness checks as per Twitter
darcs-hash:20080819214923-462f3-83ab492cb93c1ba643beb70853578cbd7ac35d61.gz
2008-08-19 17:49:23 -04:00
zach
9c29b9ad62 Twitter-compatible API - /statuses/show - better err msg if notice doesn't exist
darcs-hash:20080819202318-462f3-bc08a105c6b41b6a89a2358962440f68a9a79c7f.gz
2008-08-19 16:23:18 -04:00
zach
e980ebc714 Twitter-compatible API - Added /statuses/followers to methods that
require bareauth only if no nickname/id is supplied.

darcs-hash:20080819195431-462f3-93d27cf980fd09aeb30ea741639c1650baecad60.gz
2008-08-19 15:54:31 -04:00
zach
55f5bea21e Twitter-compatible API - /statuses/destroy method implemented
darcs-hash:20080819194610-462f3-eb736e4cfc817b479e1e8e52db03b5f44cdb3d2a.gz
2008-08-19 15:46:10 -04:00
zach
e440b9cea0 Twitter-compatible API - moved show() to the right file
darcs-hash:20080819003931-462f3-4b5b838a2fc5f872391581a189d33abdd8eeb744.gz
2008-08-18 20:39:31 -04:00
zach
d57bc1b8e9 Twitter-compatible API - running all strings through gettext() now
darcs-hash:20080819002903-462f3-94e62891db9b9de049a918034742e545f663e840.gz
2008-08-18 20:29:03 -04:00
Evan Prodromou
d1277820f8 add remote flag to broadcast of notices
darcs-hash:20080819182824-84dde-84d93fae2c4b0d6acee646999bad8e8bb9752c7b.gz
2008-08-19 14:28:24 -04:00
Evan Prodromou
0dce3d959b broadcast remote notices
darcs-hash:20080819182724-84dde-d2cece72dfb7f4f9f5b5cb4574812fdd32daa601.gz
2008-08-19 14:27:24 -04:00
Evan Prodromou
ee858bc880 accept 140 chars in API, too
darcs-hash:20080817192710-84dde-47e8da809c930c7c4528e3cb920d9a448e56d4c0.gz
2008-08-17 15:27:10 -04:00
Evan Prodromou
1c021edad5 typo in forgotten password string
darcs-hash:20080817163324-84dde-0b7f3449b7f6e96704518340351ada9ec0e56bbb.gz
2008-08-17 12:33:24 -04:00
Evan Prodromou
bee7caaafc debug for content too long
darcs-hash:20080817152419-84dde-5df1554695bd8560e5affa0ff74f7d0ab7c7c3ff.gz
2008-08-17 11:24:19 -04:00
Evan Prodromou
164a15d253 accept 140-character UTF-8 strings to content
darcs-hash:20080817151751-84dde-b3fc3ee57872f53a465fd9b45f4255e5e3be3450.gz
2008-08-17 11:17:51 -04:00
Evan Prodromou
5b01880685 name omb_listener param so we can refer to it in error msg
darcs-hash:20080816151057-84dde-e9df2c91a2711b235aa936a28e250715fc7c6d50.gz
2008-08-16 11:10:57 -04:00
zach
35d1714621 Twitter-compatible API: support for new in_reply_to_status_id in statuses/update
darcs-hash:20080815185317-ca946-11c3f9f7255180d5d6ea7b115b3e33b2abb7fe93.gz
2008-08-15 14:53:17 -04:00
zach
a95242bd1d Twitter-compatible API: removed redundant decoding step; already taken care of by util.php's common_render_content()
darcs-hash:20080813193327-ca946-c0160fbcc04771e39e303470d3418e84973a8189.gz
2008-08-13 15:33:27 -04:00
Evan Prodromou
7554f2561c move user registration to a single static method
darcs-hash:20080814002038-84dde-8505d4e083056b770db128129a95be639d8e7f0a.gz
2008-08-13 20:20:38 -04:00
Evan Prodromou
0bba990e2f fix problem with new notices
darcs-hash:20080811181158-84dde-338f926bd4c161ea55ef8600fac254f216413ad4.gz
2008-08-11 14:11:58 -04:00
zach
3a124c5f53 Twitter-compatible API - /statuses/update.format now decodes HTML chars, such as &
darcs-hash:20080731224911-ca946-1cb52c7592d48174437c1896c41a4dd853a9e5c7.gz
2008-07-31 18:49:11 -04:00
Evan Prodromou
37c5e8ca3c make tag dropoff configurable
darcs-hash:20080811175820-84dde-f3d934495fa90fadde5f7d5d0c37c5f2a575a9d8.gz
2008-08-11 13:58:20 -04:00
Evan Prodromou
12aba8ba32 emergency fixup for bad notices in notice search
darcs-hash:20080811175318-84dde-080db6e81589e794761daab868706704d39e2f1b.gz
2008-08-11 13:53:18 -04:00
Evan Prodromou
4c8dfadf2d make init of lang environment happen earlier, or when user language may have changed
darcs-hash:20080806034515-84dde-e32cbfec2890f50b610d0441659180038b060473.gz
2008-08-05 23:45:15 -04:00
Evan Prodromou
f2203d1df6 better handling of unconfirmed email addresses
darcs-hash:20080804133253-84dde-4b1ceb6feabaaad503f8777d6f21545b2bb87e85.gz
2008-08-04 09:32:53 -04:00
Evan Prodromou
506843e55d use an outstanding unconfirmed email address for password recovery if available
darcs-hash:20080804130914-84dde-77e1683ec76b26e9a3838d82cbe7827246db22dd.gz
2008-08-04 09:09:14 -04:00
Evan Prodromou
222b974b23 change no-such-user error to a 404 instead of a 400
darcs-hash:20080804132001-84dde-e6fae9837f87d80356317e4815516dd9ff03e674.gz
2008-08-04 09:20:01 -04:00
ehs
48fcfb8b0d added conneg for action/userbyid so that foaf can be delivered to clients that want application/rdf+xml
darcs-hash:20080801164623-b1e77-1e8786743cc02e3d6f2320edff0f2f474f4ed76b.gz
2008-08-01 12:46:23 -04:00
Evan Prodromou
4bd68f89c3 ksort() the tags list
darcs-hash:20080731041000-84dde-09a4b1d69cc42b7380582d1a2f5d718b6e57dcd2.gz
2008-07-31 00:10:00 -04:00
zach
93d25bec33 Twitter-compatible API: implemented /users/show.format method
(and some API bug fixes)

darcs-hash:20080730213226-ca946-eb89bad91eee630ac286d537ba42f0042b8d2109.gz
2008-07-30 17:32:26 -04:00
Mike Cochrane
16daa87a39 Resolve conflicts
darcs-hash:20080731004922-533db-96d62078f226ffc18db71d222d1c47524ac1319d.gz
2008-07-30 20:49:22 -04:00
Mike Cochrane
9d89e7b4ac Update some gettext strings and number the arguements so life is easier for translators
darcs-hash:20080729080641-533db-560337e226a02dd6fc671f090883d4bedd50eaaa.gz
2008-07-29 04:06:41 -04:00
Evan Prodromou
ba3ca4f6bb show the right stuff on profile page, too
darcs-hash:20080730033939-84dde-21b90f9c8b5fcede12a71f12fee20a4faaf1c549.gz
2008-07-29 23:39:39 -04:00
Evan Prodromou
2090e0aa78 show where a notice came from
darcs-hash:20080730032651-84dde-0685ec5f899129bc75745ca8d1d083f56f3f1ff5.gz
2008-07-29 23:26:51 -04:00
Evan Prodromou
e998cc3960 remember to broadcast in api, and also use the right ID
darcs-hash:20080730030012-84dde-9ceea12e90a4b4b4bbe35cb6cb50b6bcbb6085b7.gz
2008-07-29 23:00:12 -04:00
Evan Prodromou
d79dc8344b refactor notice-adding code to one static method on Notice
darcs-hash:20080730022856-84dde-f19e4ff5d5ae2603b63b8aebd8f878ec90b3ce22.gz
2008-07-29 22:28:56 -04:00
Evan Prodromou
575f705451 if-else instead of ?:
darcs-hash:20080729194735-84dde-246582a47d4a384375d153bff0e724c778c4b3af.gz
2008-07-29 15:47:35 -04:00
Evan Prodromou
f26ed46266 relative info, too
darcs-hash:20080729194457-84dde-fd0545edb3af519ccc43ee3ac50ad5eb14c35dad.gz
2008-07-29 15:44:57 -04:00
Evan Prodromou
8fd20f58e6 show the weight in output (for my own edification)
darcs-hash:20080729194246-84dde-4a47578d8727720097dab9362cb356bd8f4d2a7d.gz
2008-07-29 15:42:46 -04:00
Evan Prodromou
7d43f211c0 change tag output to a tag cloud
darcs-hash:20080729193533-84dde-1e7deeb0c7d7fb7686653be17d197e871aded8be.gz
2008-07-29 15:35:33 -04:00
Mike Cochrane
213ecbf35d Correct variable name
darcs-hash:20080724234601-533db-c9fe139144a5ec9f58b8ab612331fa31bd55967b.gz
2008-07-24 19:46:01 -04:00
Mike Cochrane
278006e4cc Lazy/Auto load the class files as needed
darcs-hash:20080724234533-533db-ec2e235401e7f670ee8094ba8d70dc95c3e6dd63.gz
2008-07-24 19:45:33 -04:00
mikec
a4fa34cecb Resolve conflicts after pull from evan
darcs-hash:20080721135637-edabd-cca33bc0a0936423b9fd2ffdf9413236123d680e.gz
2008-07-21 09:56:37 -04:00
mikec
334c652e80 Publish MicroIDs for email and mpp on profile and notice pages.
darcs-hash:20080721120036-edabd-838335c0e23c80a657d353955b25b52a9a8624b2.gz
2008-07-21 08:00:36 -04:00
mikec
fbf2a58ac3 Get text wrappers around strings so they can be in the native language of the site and use fancy urls if appropriate
darcs-hash:20080721090110-edabd-aea47e1cbcc2527fdb0274cb29638d2abc108a35.gz
2008-07-21 05:01:10 -04:00
matthew.gregg
ed37d83fa3 Opensearch updates
This adds htaccess and searches for people and notices.

darcs-hash:20080720195505-982e4-3f03e6ab4c466ae131e025b6a3c26c7bb9a99c03.gz
2008-07-20 15:55:05 -04:00
Mike Cochrane
88717d8805 User definable timezones. Work in UTC internally and display per user/site default. http://laconi.ca/PITS/00011
darcs-hash:20080720141325-533db-87cb60501434c9dc0ac13716ba5d8b17754431f5.gz
2008-07-20 10:13:25 -04:00
Mike Cochrane
060fecf5ec Clean up delete code. Add missing htaccess rule. Exit after errors so the code doesn't continue running.
darcs-hash:20080720124552-533db-81be2c04445f146e477b1bb7e6e8e7d0eb27431d.gz
2008-07-20 08:45:52 -04:00
Mike Cochrane
26f6c917a7 Fix errors from delete code when viewing a user's profile while not logged in.
darcs-hash:20080720122715-533db-64247879e336666835880cd3de10bc2ef27e46c7.gz
2008-07-20 08:27:15 -04:00
Mike Cochrane
3c56b10036 Add rel
darcs-hash:20080720101947-533db-a7ddbd4d33b492196cf9a4287dfbfa3e341d6f40.gz
2008-07-20 06:19:47 -04:00
Mike Cochrane
fdfb806801 Sort tags by highest frequency then most recent
darcs-hash:20080720094832-533db-91b0cf2e0589ca4008b3011d5acd41449caa0904.gz
2008-07-20 05:48:32 -04:00
matthew.gregg
e20362a60a Adds Opensearch description
darcs-hash:20080720015823-982e4-b33e1ef01cd071e958c9c51625190513b86594f3.gz
2008-07-19 21:58:23 -04:00
matthew.gregg
6dd211530f Patch for PITS 00032, 00033, 00034
darcs-hash:20080719003417-982e4-7004f8a4dfb447f941457c30b0b2289eee5582e6.gz
2008-07-18 20:34:17 -04:00
matthew.gregg
faa3933fbb Added notice deletion http://laconi.ca/PITS/00045
Removes selected notice and any replies that reference it.
Attempts to de-queue anything pending.

This patch does not archive notices.

darcs-hash:20080716032045-982e4-a0b5d37ecfa84796f1681dda54110094ad1424c6.gz
2008-07-15 23:20:45 -04:00
Mike Cochrane
1467300152 Set constant to propper value, not debug value
darcs-hash:20080720082641-533db-fa5b327a6670fd77f55cc028fc3a3a66664d4bb3.gz
2008-07-20 04:26:41 -04:00