Commit Graph

122 Commits

Author SHA1 Message Date
Evan Prodromou
806832e339 Revert "Ticket #2796: don't allow arbitrary overriding of the 'action' class and other parameters pulled from the URL mapper."
This reverts commit 4193a826d3.
2010-11-26 11:18:41 -05:00
Brion Vibber
4193a826d3 Ticket #2796: don't allow arbitrary overriding of the 'action' class and other parameters pulled from the URL mapper.
This protects against oddities such as manual invocation of the ClientError action, which can spoof error messages.
2010-11-19 15:30:52 -08:00
Brion Vibber
ab0ced4dfd Suppress notices in index.php running under lighttpd 2010-09-03 17:57:23 -07:00
Brenda Wallace
1cd029753f added 2 missing authors, foudn automatically in git logs 2010-06-08 16:27:10 +12:00
Craig Andrews
6317f7d92b Assigning my copyrights to the Free Software Foundation 2010-05-27 18:27:33 -04:00
Craig Andrews
42348bc167 add rsd to the list of login actions
Allows rsd.xml to be reached on private sites. Fixes http://status.net/trac/ticket/2309
2010-04-27 22:00:26 -04:00
Brion Vibber
26f49de0dd Merge branch 'testing' of git@gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	lib/attachmentlist.php
2010-03-22 12:37:45 -07:00
Brion Vibber
4168b9cec1 Log backtraces for non-ClientException exceptions caught at the top-level handler. 2010-03-22 11:33:56 -07:00
Brion Vibber
f62b8a80cf Pull back for now on switch of PEAR error mode to exceptions; seems to trigger out exceptions at various times we don't want them.
For instance this was throwing an exception for DB_DataObject::staticGet when there's no match... definitely not what we want when all our code expects to get a nice null.
Example of this causing trouble: http://gitorious.org/statusnet/mainline/merge_requests/131

Revert "Don't attempt to retrieve the current user from the DB while processing a DB error"

This reverts commit 68347691b0.

Revert "Use PHP exceptions for PEAR error handling."

This reverts commit d8212977ce.
2010-03-16 16:32:25 -07:00
Brion Vibber
88f66131a1 Pull back for now on switch of PEAR error mode to exceptions; seems to trigger out exceptions at various times we don't want them.
For instance this was throwing an exception for DB_DataObject::staticGet when there's no match... definitely not what we want when all our code expects to get a nice null.
Example of this causing trouble: http://gitorious.org/statusnet/mainline/merge_requests/131

Revert "Don't attempt to retrieve the current user from the DB while processing a DB error"

This reverts commit 68347691b0.

Revert "Use PHP exceptions for PEAR error handling."

This reverts commit d8212977ce.
2010-03-16 16:24:31 -07:00
Jeffery To
fa1262f51e Fixed IE7 prompting the user to download OpenSearch description xml after login (for a private site)
Flow:
1. Browser (IE7) is redirected to the login page.
2. Browser reads the page, sees OpenSearch descriptions, tries to
   download them. Each request gets recorded by SN as the page the user
   should be redirected to after logging in (returnto).
3. User logs in, then gets redirected to the returnto action, which is
   an OpenSearch description.

The OpenSearch descriptions aren't sensitive so making them public in a
private site should be okay.

(I recall fixing this in 0.8.x... :-( )
2010-03-16 11:38:51 -04:00
Brion Vibber
b218aee94e Merge commit 'origin/testing' into 0.9.x
Conflicts:
	lib/action.php
	lib/adminpanelaction.php
2010-03-04 06:07:28 -08:00
James Walker
4103e8584c Making one time passwords work on private sites 2010-03-03 18:17:40 -05:00
Brion Vibber
06db00d303 remove debug line 2010-03-03 15:15:46 -08:00
Brion Vibber
0881eba80e Language setting fixes:
- switch 'en_US' to 'en', fixes the "admin panel switches to Arabic" bug
- tweak setting descriptions to clarify that most of the time we'll be using browser language
- add a backend switch to disable language detection (should this be exposed to ui?)
2010-03-03 12:10:43 -08:00
Craig Andrews
68347691b0 Don't attempt to retrieve the current user from the DB while processing a DB error 2010-03-01 21:53:54 -05:00
Craig Andrews
d8212977ce Use PHP exceptions for PEAR error handling.
Allows for the common try/catch construct, which makes error handling cleaner and easier.
2010-03-01 21:44:41 -05:00
Evan Prodromou
dc62246443 Add a robots.txt URL to the site root
Adds a robots.txt file to the site root. Defaults defined by
'robotstxt' section of config. New events StartRobotsTxt and
EndRobotsTxt to let plugins add information. Probably not
useful if path is not /, but won't hurt anything, either.
2010-01-31 10:12:26 -05:00
Evan Prodromou
63a0e84a8b lost config in index.php made all traffic go to master 2010-01-28 16:52:42 -05:00
Evan Prodromou
a33194effb Revert "Revert "move RW setup above user get in index.php so remember_me works""
This reverts commit be7bca2303.
2010-01-28 16:52:05 -05:00
Evan Prodromou
be7bca2303 Revert "move RW setup above user get in index.php so remember_me works"
This reverts commit fa78953337.
2010-01-28 16:50:28 -05:00
Evan Prodromou
fa78953337 move RW setup above user get in index.php so remember_me works 2010-01-28 16:35:38 -05:00
Evan Prodromou
74a03cbe1f always set up database_rw, regardless, so cached sessions work 2010-01-28 14:27:35 -05:00
Evan Prodromou
4d7cdbf1c6 don't write Inbox if on a read-only page, but encache 2010-01-13 16:28:42 -08:00
Evan Prodromou
46b11070fe add inbox to list of always-readwrite tables 2010-01-11 18:31:49 -08:00
Jeffery To
c17d7b671d Set returnto when redirected to login of a private install (for 0.9.x)
Can't use returnToArgs() because we don't have an action object yet.
2009-12-18 09:46:15 -05:00
Brion Vibber
3d6a55a49f Fix ticket 1816: Database errors recorded as "Array"
PEAR error backtrace lines are now correctly formatted as strings in debug log, roughly as debug_print_backtrace() does (but with argument values swapped out for types to avoid being overly verbose).

Todo: exceptions and PEAR error objects should log backtraces the same way; right now it doesn't look like exceptions get backtraces logged.

Todo: At one line per line, it's potentially tough to figure out what backtrace goes with what event if traffic is heavy; even if not heavy it's awkward to jump back into a log file after grepping to find the backtrace. Consider using a random per-event ID which can go in the log output -- bonus points for exposing the error ID to users so ops can track down actual error details in logs from a user report.
2009-11-17 09:07:44 -08:00
Craig Andrews
ed690615de Added a User_username table that links the external username with a StatusNet user_id
Added EmailAuthenticationPlugin
Added ReverseUsernameAuthenticationPlugin
Changed the StartChangePassword and EndChangePassword events to take a user, instead of a nickname
User::allowed_nickname was declared non-static, but used as if it was static, so I made the declaration static
2009-11-12 20:12:36 -05:00
Craig Andrews
1845c8c773 Added an AutoRegister event
LDAP plugin can do autoregistration
2009-11-05 16:40:41 -05:00
Zach Copley
fbeae99884 Allow all API calls, even if the site is configured as private. The
API Actions will decide whether something requires auth or a redirect.
2009-11-04 21:33:59 -08:00
Craig Andrews
cdbf7b1da5 Allow non-users to view the site's xrds when the site is private. Getting to closer to allow OpenID login on private sites. 2009-10-30 13:48:18 -04:00
Brenda Wallace
00c0becd56 more doxygen 2009-10-03 17:48:38 +13:00
Brenda Wallace
852f0c59a4 added doxygen 2009-10-03 17:40:53 +13:00
Evan Prodromou
8284b3cb82 Merge branch '0.8.x' into 0.9.x
Conflicts:
	actions/requesttoken.php
	classes/File.php
	install.php
	lib/noticeform.php
2009-09-23 09:45:22 -04:00
Evan Prodromou
42ba05de5f revert output buffering (costly) for ETags (low priority) 2009-09-23 09:33:40 -04:00
Evan Prodromou
e80fad7ad9 handle Godaddy-style PATH_INFO which includes the script 2009-09-19 15:06:16 -04:00
Brenda Wallace
e9bdc69651 @author tags updated -- only one entry per name now 2009-09-19 12:28:08 +12:00
Brenda Wallace
39aa9b3a9f fixed up space on @author tags 2009-09-17 20:15:15 +12:00
Sarven Capadisli
83b0916457 Updated csarven emails to csarven@status.net and removed dupes 2009-09-16 11:14:26 +02:00
Evan Prodromou
1618d515e6 dedupe evans 2009-09-15 22:30:52 -04:00
Evan Prodromou
6f531745ca change all evans to evan@status.net 2009-09-15 22:28:59 -04:00
Brenda Wallace
5ca90e2c8c pulled @author from git logs
Conflicts:

	install.php
2009-09-14 19:19:11 +12:00
Brenda Wallace
87c59fe873 fixed indentation for the pear code styles 2009-09-14 19:08:54 +12:00
Brenda Wallace
738b6d1690 lotsa of multiline if statements and function calls changed style to meat pear code style 2009-09-14 19:08:45 +12:00
Brenda Wallace
a2f4fe7fc8 fixed up if statements 2009-09-14 19:08:37 +12:00
Brenda Wallace
acd9e7c056 added most of the required doxygen 2009-09-14 19:08:16 +12:00
Craig Andrews
b9e4b6dd49 Generate ETags for pages which don't specify themselves. 2009-09-13 17:30:50 -04:00
Evan Prodromou
5d09b6b3f0 Merge branch '0.8.x' into 0.9.x
Conflicts:
	EVENTS.txt
	actions/finishremotesubscribe.php
	actions/postnotice.php
	actions/public.php
	actions/remotesubscribe.php
	actions/showstream.php
	actions/updateprofile.php
	actions/userauthorization.php
	classes/laconica.ini
	lib/common.php
	lib/oauthstore.php
	lib/omb.php
2009-08-27 11:16:45 -07:00
Evan Prodromou
df86aa7214 define LACONICA and accept LACONICA for backwards compatibility 2009-08-26 10:41:36 -04:00
Evan Prodromou
3567b9d708 global search and replace for laconica -> statusnet 2009-08-25 18:53:24 -04:00