Commit Graph

3262 Commits

Author SHA1 Message Date
Mikael Nordfeldth
a0e107f17f Implemented WebFinger and replaced our XRD with PEAR XML_XRD
New plugins:
* LRDD
    LRDD implements client-side RFC6415 and RFC7033 resource descriptor
    discovery procedures. I.e. LRDD, host-meta and WebFinger stuff.

    OStatus and OpenID now depend on the LRDD plugin (XML_XRD).

* WebFinger
    This plugin implements the server-side of RFC6415 and RFC7033. Note:
    WebFinger technically doesn't handle XRD, but we serve both that and
    JRD (JSON Resource Descriptor), depending on Accept header and one
    ugly hack to check for old StatusNet installations.

    WebFinger depends on LRDD.

We might make this even prettier by using Net_WebFinger, but it is not
currently RFC7033 compliant (no /.well-known/webfinger resource GETs).

Disabling the WebFinger plugin would effectively render your site non-
federated (which might be desired on a private site).

Disabling the LRDD plugin would make your site unable to do modern web
URI lookups (making life just a little bit harder).
2013-09-30 22:04:52 +02:00
Joshua Judson Rosen
90858804bc Allow the hostmeta to indirect from one domain to another.
e.g.: rozzin@hackerposse.com => rozzin@status.hackerposse.com.
2013-09-29 23:13:45 +02:00
Mikael Nordfeldth
858d9cc3c4 maxNoticeLength test for url-shortening failed on maxContent==0
maxContent==0 implies that a notice text can be infinitely long, but
this value was directly transferred to maxNoticeLength, where 0 was
tested if it was longer than the notice length - which of course always
was false.

This commit fixes the problem for infinite length notices that always
got shortened.
2013-09-25 22:48:32 +02:00
Mikael Nordfeldth
64df40e409 Filling in missing endHTML calls for Action AJAX
This completes 1c6f9df80e where a lot
of other functions were fixed (by conforming to startHTML and endHTML)
2013-09-24 02:32:17 +02:00
Mikael Nordfeldth
1c6f9df80e PHP5.5 fix: Better use of startXML for Action classes (mostly AJAX)
I had a problem with PHP5.5 that caused ajax responses to be empty. This
fixes it, as the problem was related to pretty inconsistent calling to
headers, XMLWriter::startDocument etc. etc.
2013-09-24 01:18:33 +02:00
Marcel van der Boom
e9f2a1847d Wrong call signature used for Event::handle
Call needs 2nd parameter to be array.
2013-09-23 14:43:44 +02:00
Mikael Nordfeldth
5f1fea1488 FavorAction upgraded to extend FormAction
Includes some minor changes to other things as well, such as the session
token input element now having the same 'name' attribute as everyone else.
(it still retains a 'token-'+noticeid 'id' attribute for clientside JS)
2013-09-23 13:06:09 +02:00
Mikael Nordfeldth
63306081bc Subscription "get by" functions now don't use ArrayWrappers
They were getting in the way of some strict-typing stuff.
2013-09-21 18:38:14 +02:00
Mikael Nordfeldth
93e878d7ca Make better use of Subscription class
removed lib/subs.php as it was essentially only a wrapper for Subscription
2013-09-19 17:29:05 +02:00
Mikael Nordfeldth
c3001ff82b url shortening fixes for api config and not ur1.ca
Will have to change the 'maxnoticelength' code to stop shortening ALL
links if the setting for infinitely long notices is configured.
2013-09-19 01:11:47 +02:00
Mikael Nordfeldth
31bace8cfd updated and moved jquery-jcrop (no longer .min.js)
This won't run properly if other scripts stop javascript execution before
it's time to crop (such as in the Bookmark plugin, which when writing this
hasn't been migrated to Jquery 2.x - so it stops on a '.die' call).

Some images were cleaned up from the theme/base/images/illustrations too.
2013-09-14 13:31:16 +02:00
Jean Baptiste Favre
f0d86cdb64 Add 'twitter:title' meta tag support. 2013-09-10 11:16:34 +02:00
Jean Baptiste Favre
ade8c6992e Twitter cards implementation. Currently only supports 'photo' cards. 2013-09-10 11:16:27 +02:00
Mikael Nordfeldth
a9c4bcd71f Removing unnecessary require_once lines (autoload!) 2013-09-09 23:06:56 +02:00
Mikael Nordfeldth
747fe9d59b Tidying up getUser calls to profiles and some events
getUser calls are much more strict, and one place where this was found was
in the (un)subscribe start/end event handlers, which resulted in making the
Subscription class a bit stricter, regarding ::start and ::cancel at least.
Several minor fixes in many files were made due to this.

This does NOT touch the Foreign_link function, which should also have a more
strict getUser call. That is a future project.
2013-09-09 23:03:34 +02:00
Mikael Nordfeldth
c5bf6cb05e Using a bit more of $this->scoped (Action parent class)
$this->scoped is the currently active profile, which is intended
to replace the $user object in the long run...
2013-09-09 20:45:20 +02:00
Mikael Nordfeldth
b2a0aa20bf NewapplicationAction converted to FormAction
Cutting down on a bunch of redundant code. We're reusing a lot of stuff
from FormAction and Action now instead of having copies of code all over.
2013-09-02 12:13:46 +02:00
Mikael Nordfeldth
f0e967fefd needLogin renamed checkLogin and made a property
Action extended classes now can set 'needLogin' as a protected property,
which is defaulted to 'false'. However, FormAction defaults this to 'true'
because most of the form actions will require a current login to be valid.

NewgroupAction, NewmessageAction, NewnoticeAction are all affected by this
commit and in the future we will migrate each potential formaction to the
proper class parent tree. :)
2013-09-02 11:58:47 +02:00
Mikael Nordfeldth
e5e3aeb4e6 newmessage (and Message class) fixed for FormAction
Also added a needLogin function to the Action class, which will do
redirect to login page with proper returnto setting.
2013-09-02 11:05:30 +02:00
Mikael Nordfeldth
89b10666bb IMPORTANT: parent::handlePost() in NewnoticeAction
otherwise we don't do csrf checking etc...
2013-09-02 11:05:21 +02:00
Mikael Nordfeldth
0612e5ec87 NewnoticeAction converted to extend FormAction
There are still several improvements which can be made, such as not
having an entirely separate setup of ajax form functions. Instead
those should be implemented in FormAction. But at least now we got
rid of the redundant code use in prepare/handle.
2013-09-01 20:56:35 +02:00
Mikael Nordfeldth
83000f6f5e Proper definition of $args array in NewgroupAction->prepare
Also, there is no need to do 'return' after throwing a ClientError
Exception. And we'll use the Action->clientError for logging benefits
until the error handling is properly done all the way to backend.
2013-09-01 19:44:09 +02:00
Mikael Nordfeldth
cfa699e445 NewgroupAction converted to extend FormAction
Had to change Action function 'prepare' to 'protected', as you can't
(of course) protect something that's been public in a parent class. The
other way around seems fine for PHP... Eventually all actions will have
protected 'prepare' (use execute/run)

A feature of the previously fixed initialization of Action classes, is
that we now have $this->scoped which is the current profile in use. As
of now that is always a local User, except the corresponding Profile
object.

Also, instead of calling 'showForm' everywhere, in case of an error we
just throw an exception of some sort and pass the message along there.

I've also introduced in FormAction the 'showInstructions' function in
order to get a unified instructions/info/error display method.

TODO: Improve info/error message handling, and what/when/where to show.
2013-08-31 18:01:13 +02:00
Mikael Nordfeldth
2a4dc77a63 The overloaded DB_DataObject function staticGet is now called getKV
I used this hacky sed-command (run it from your GNU Social root, or change the first grep's path to where it actually lies) to do a rough fix on all ::staticGet calls and rename them to ::getKV

   sed -i -s -e '/DataObject::staticGet/I!s/::staticGet/::getKV/Ig' $(grep -R ::staticGet `pwd`/* | grep -v -e '^extlib' | grep -v DataObject:: |grep -v "function staticGet"|cut -d: -f1 |sort |uniq)

If you're applying this, remember to change the Managed_DataObject and Memcached_DataObject function definitions of staticGet to getKV!

This might of course take some getting used to, or modification fo StatusNet plugins, but the result is that all the static calls (to staticGet) are now properly made without breaking PHP Strict Standards. Standards are there to be followed (and they caused some very bad confusion when used with get_called_class)

Reasonably any plugin or code that tests for the definition of 'GNUSOCIAL' or similar will take this change into consideration.
2013-08-18 13:13:56 +02:00
Mikael Nordfeldth
ea837cea67 added missing return statement after showForm call
Issue #3125 at http://status.net/open-source/issues/3125 (and its duplicate 3127) describe buggy behaviour when trying to create a new group - i.e. the group is still created but with nickname NULL.

The reason the group is created is that when failing Nickname::normalize, the function trySave() in actions/newgroup.php doesn't call 'return' - meaning it just keeps going despite the error thrown. It a

So the simple solution to this bug was adding a return call at line 128, inside the catch just after the showForm(...) call.
2013-08-12 12:44:19 +02:00
Mikael Nordfeldth
3ad3535cd8 Merge commit 'refs/merge-requests/230' of git://gitorious.org/statusnet/mainline into merge-requests/230 2013-08-12 12:37:46 +02:00
Jean Baptiste Favre
c23efdbdb0 PHP 5.4 compatibility: remove call-time pass by reference 2013-06-19 11:16:05 +02:00
Jean Baptiste Favre
fcdd4d2cf0 Fix introduced bug, trying to shorten an empty status. 2013-06-15 19:07:43 +02:00
Jean Baptiste Favre
58a2630933 Code cleaning. Do call shortenLinks only once, right before saving new notice. 2013-06-15 19:07:43 +02:00
Jean Baptiste Favre
344a10be8b Code cleaning, remove 'TEST' tags. 2013-06-15 19:07:43 +02:00
Jean Baptiste Favre
ec072e0af7 Notice update with media attachment may fail through API when status text + attachment length get higher than max notice length. Calling URL shortener can make global length less than maxlength, though allowing notice update. 2013-06-15 19:07:43 +02:00
Jean Baptiste Favre
6d47fadf42 Fix introduced bug, trying to shorten an empty status. 2013-06-15 19:04:32 +02:00
Jean Baptiste Favre
54374365e9 Code cleaning. Do call shortenLinks only once, right before saving new notice. 2013-06-15 19:04:31 +02:00
Jean Baptiste Favre
f803b22752 Code cleaning, remove 'TEST' tags. 2013-06-15 19:04:31 +02:00
Jean Baptiste Favre
6387e0a90d Notice update with media attachment may fail through API when status text + attachment length get higher than max notice length. Calling URL shortener can make global length less than maxlength, though allowing notice update. 2013-06-15 19:04:31 +02:00
Jean Baptiste Favre
180cc39c4a Fix for #3649 issue. 2013-06-15 17:01:10 +02:00
Jean Baptiste Favre
b23a744fba Fix for #3649 issue. 2013-06-15 16:58:50 +02:00
Jean Baptiste Favre
359f3ca113 Fix for #3651: oAuth apps list does only show the latest registered application 2013-06-15 14:19:15 +02:00
Jean Baptiste Favre
4284f28dec Fix for #3651: oAuth apps list does only show the latest registered application 2013-06-15 14:09:46 +02:00
Evan Prodromou
6aaee4e5fe $this->q => $q 2012-11-11 22:55:22 -05:00
Evan Prodromou
edf2879021 Divert tag and url searches 2012-11-11 21:27:11 -05:00
Evan Prodromou
64288a62f8 Adding a search notice stream object 2012-11-11 21:05:13 -05:00
Evan Prodromou
c809dd24c5 Don't show big invite button if invites are disabled 2012-10-17 10:10:42 -04:00
Evan Prodromou
86e3cbbcce Don't show big invite button if invites are disabled 2012-10-17 10:09:40 -04:00
Evan Prodromou
46f6b2c119 Don't call free on the results of a member query 2012-07-04 14:45:50 -04:00
Evan Prodromou
ae84e8f524 Use the current logged-in use for home timeline 2012-07-03 12:22:59 -04:00
Evan Prodromou
b4da5f3785 Merge branch 'master' into 1.0.x
Conflicts:
	plugins/Blacklist/BlacklistPlugin.php
2012-03-08 06:08:11 -06:00
Siebrand Mazeland
de7ad991f9 Consistency update. 2012-03-05 00:38:39 +01:00
Evan Prodromou
23bafaba26 add canonical rel 2012-01-26 11:02:29 -05:00
Evan Prodromou
25f1e16952 Revert "don't show profile page of silenced users"
This reverts commit 7bb59ad2a1.
2011-12-31 09:34:59 -08:00