Commit Graph

220 Commits

Author SHA1 Message Date
Mikael Nordfeldth
4526c3f712 If /var/run was unwritable stopdaemons did not find pid file 2015-04-13 21:51:35 +02:00
Mikael Nordfeldth
8439efe77d Filter out img, video and audio tags in notice HTML
Because we don't want to auto-fetch items from a remote server. Such
items should be delivered as attachment metadata and portrayed in the
way the local instance chooses.

Choices for portrayal are either simply nullifying this and embedding
the data, linking the file remotely requiring a manual click or maybe
use remote oEmbed data etc. to download files locally so no remote
requests have to be made.
2015-03-15 14:35:29 +01:00
Mikael Nordfeldth
dcfcceb6f2 Share plugin now handles showing form in NoticeOptionItems 2015-03-12 16:33:34 +01:00
Mikael Nordfeldth
9ef224fceb ActivityVerb is a core plugin 2015-03-10 17:24:23 +01:00
Mikael Nordfeldth
0da7512597 No separate placeholder input element for replyforms
Also we're moving the rendering of these out into a separate plugin. Not
done yet, some javascript should be moved out as well.
2015-03-06 20:22:01 +01:00
Mikael Nordfeldth
325e784ccd Don't store duplicates of files.
If a new file is uploaded, it will be matched with a previously uploaded
file so we don't have to store duplicates. SHA256 is random enough and
also unlikely enough to cause collisions.
2015-02-24 21:11:25 +01:00
Mikael Nordfeldth
96099807e1 Default install to site profile community 2015-02-20 01:00:28 +01:00
Mikael Nordfeldth
7ba7f43199 Don't linkify bare domains by default
It's too farfetched to assume any text.com in a notice is an HTTP URL.
For example stuff like pasting from log entries, with domain.com:1234
where 1234 is a _PID_ or something, not a port number for http://...
2015-02-17 20:54:32 +01:00
Mikael Nordfeldth
a89e91da79 By default, don't allow nick changes for profiles
This goes for both users and groups, since they share nickname namespace.

If you want to enable nickname changes, just add this to your config:

   $config['profile']['changenick'] = true;

This commit should cover all changes in our usual web forms as well as through
the API.
2015-02-04 21:25:14 +01:00
Mikael Nordfeldth
fdae6f0fb3 neo-gnu is now default-theme. perty. 2015-02-02 18:22:59 +01:00
Mikael Nordfeldth
d140e135c0 Default textlimit for notices is now 1000 chars 2015-01-26 23:32:08 +01:00
Mikael Nordfeldth
67d09532dd Improved animated image thumbnail freedom of choice
Default is now to take still thumbnails of animated GIFs and then
show them as originals in an AttachmentListItem. The still frames
are mostly used with front-ends like qvitter.
2015-01-26 16:33:39 +01:00
Mikael Nordfeldth
a8e613e508 Animated GIF restructuring, ImageMagick only used for resizing animated sequences. 2015-01-25 23:00:00 +01:00
Mikael Nordfeldth
4dd6d7869e Maybe we can detect animated files in core 2015-01-25 22:11:46 +01:00
Mikael Nordfeldth
2dd1f3fe67 Default value for max thumbnail size increased
Because people have high resolution screens nowadays ;)
2015-01-23 15:04:54 +01:00
Mikael Nordfeldth
964d13792b ssl_verify_host option in config (default is true) 2015-01-22 12:21:57 +01:00
Mikael Nordfeldth
fac9f4e545 Merge branch 'nightly' of gitorious.org:social/mainline into nightly 2015-01-21 23:45:49 +01:00
Mikael Nordfeldth
9c5aa67a63 Enable AntiBrute by default. 2015-01-21 23:43:04 +01:00
Mikael Nordfeldth
5981b5c8d9 CC license fixes (no remote image, https for href) 2015-01-08 18:13:33 +01:00
Mikael Nordfeldth
769febf22e DirectMessage added to default plugins
I think the migration from core to plugin is done now for DMs.

This is required since we support the Twitter-based API by default,
which is implemented in many of the mobile clients etc. But you can
disable the DirectMessage for your instance of you wish, of course.
2014-11-07 16:37:00 +01:00
Mikael Nordfeldth
db7cc7fa75 Favorite functionality put into plugin (not done yet)
Now we have to fix any code in the core which directly uses the Fave class
or any other favorite stuff, since it is pluginised and thus might not be
available on some installations.
2014-06-24 15:58:53 +02:00
Mikael Nordfeldth
d7c40e77b2 Show more links work with AJAX-retrieved HTML
Attachment_ajaxAction has been removed since AttachmentAction handles
AJAX calls splendidly.
2014-05-19 00:56:21 +02:00
Mikael Nordfeldth
202eaa53e0 Don't report all linked URLs to remote sites
noembed.com acts as a proxy for oEmbed requests, but that also means they
get all the links we post on our instances, given that they're used as a
default endpoint.
2014-05-18 23:25:40 +02:00
Mikael Nordfeldth
c93a5252c1 Don't show or preview text/html attachments
htmLawed cleans stuff out properly, but there's no very good way right
now to show text/html attachments, since everything gets jumbled up with
our own CSS etc. Best would be an iframe or just a new tab or so.
2014-05-18 23:11:49 +02:00
Mikael Nordfeldth
80fbec173b Improved imageboard-style notice feeds on web UI 2014-05-18 14:05:29 +02:00
Mikael Nordfeldth
52738b0267 Directory to default plugins (disabled for singleuser) 2014-05-09 10:49:00 +02:00
Mikael Nordfeldth
c15216f00b OStatus enabled by default, only disabled for private siteprofile 2014-05-09 10:31:55 +02:00
Mikael Nordfeldth
34114e87be OpportunisticQM moved from core to default plugins.
This makes it easier to disable, but remember that you must then
either enable and maintain queue daemons or disable queueing (and
handle whatever remaining queue items are stored in the database)!
2014-05-06 23:32:32 +02:00
Mikael Nordfeldth
1776c90cb9 Moved oEmbed stuff out to a plugin (Oembed). 2014-05-06 23:32:13 +02:00
Mikael Nordfeldth
030639d02d EmailAuthentication enabled by default
The login field said "Username or email address" already, so...
2014-04-28 12:39:57 +02:00
Mikael Nordfeldth
d59eb5e184 Dynamically generate thumbnails (see full text)
The File object now stores width and height of files that can
supply this kind of information. Formats which we can not read
natively in PHP do not currently benefit from this. However an
event hook will be introduced later.

The CreateFileImageThumbnail event is renamed to:
CreateFileImageThumbnailSource to clarify that the hooks should not
generate their own thumbnails but only the source image. Also it now
accepts File objects, not MediaFile objects.

The thumbnail generation is documented in the source code. For
developers, call 'getThumbnail' on a File object and hope for the best.

Default thumbnail sizes have increased to be more appealing.
2014-04-21 20:46:11 +02:00
Mikael Nordfeldth
54f3b4be47 Thumbnails are now by default squares of 150px 2014-04-18 11:07:59 +02:00
Mikael Nordfeldth
71bda34e72 Thumbnail default set to 150px square 2014-04-17 15:15:12 +02:00
Mikael Nordfeldth
6faed0e451 MediaFile loses dependency on PEAR::MIME
At the same time we remove the "filecommand" setting, since we will
likely not have use of it thanks to PECL fileinfo.

Also the "supported" list for attachment mime types has changed
format, so we can keep track of at least some known file extensions.
2014-03-08 03:34:50 +01:00
Mikael Nordfeldth
074339ea13 WebM should be allowed to upload!
Evan had left _two_ "video/mpeg", just so you know.
2014-03-08 00:29:47 +01:00
Mikael Nordfeldth
00db57949f Always queue inbox distribution 2014-03-06 01:50:54 +01:00
Jean Baptiste Favre
7f4e6aaafa Introduce new config option common_config('queue','daemon').Allows to dynamically enable scripts/queuedaemon.php into scripts/getvaliddaemons.php 2014-03-01 12:16:38 +01:00
Mikael Nordfeldth
c0c8250ff7 minify removed from core (use plugin if desired)
My reasoning: Minifying makes third party review harder. A visitor on
a GNU social site should have no problem reading, understanding and
modifying javascripts for their own liking. A minified script is much
more difficult to use, reuse, modify and share.

Free software is not minified.
2014-02-24 01:05:13 +01:00
Mikael Nordfeldth
5487c596fc Remove callback sneakery by StatusNet 2014-02-23 14:57:12 +01:00
Mikael Nordfeldth
09e06bbc19 Queues should be enabled by default (thanks postblue) 2013-12-02 13:51:55 +01:00
Mikael Nordfeldth
9400795a5f Cron split into Cronish and OpportunisticQM
/main/cron changed to /main/runqueue

The key-required functionality is not throughly tested yet.
2013-11-20 21:20:42 +01:00
Mikael Nordfeldth
0cd93c2761 Cron plugin added and now default queue handler
Generally the Cron plugin will run if there's still execution time for
1 second since starting the Action processing. If you want to change
this (such as disabling, 0 seconds, or maybe running bigger chunks,
for like 4 seconds) you can do this, where 'n' is time in seconds.

   addPlugin('Cron', array('secs_per_action', n));

Add 'rel_to_pageload'=>false to the array if you want to run the queue
for a certain amount of seconds _despite_ maybe already having run that
long in the previous parts of Action processing.

Perhaps you want to run the cron script remotely, using a machine capable
of background processing (or locally, to avoid running daemon processes),
simply do an HTTP GET request to the route /main/cron of your GNU social.
Setting secs_per_action to 0 in the plugin config will imply that you run
all your queue handling by calling /main/cron (which runs as long as it can).

/main/cron will output "0" if it has finished processing, "1" if it should
be called again to complete processing (because it ran out of time due to
PHP's max_execution_time INI setting).

The Cron plugin also runs events as close to hourly, daily and weekly
as you get, based on the opportunistic method of running whenever a user
visits the site. This means of course that the cron events should be as
fast as possible, not only to avoid delaying page load for users but
also to minimize the risk of running into PHP's max_execution_time. One
suggestion is to only use the events to add new queue items for later processing.

These events are called CronHourly, CronDaily, CronWeekly - however there
is no guarantee that all events will execute, so some kind of failsafe,
transaction-ish method must be implemented in the future.
2013-11-19 14:13:33 +01:00
Mikael Nordfeldth
450ae3043b Plugins should be initialized with an empty array, not null 2013-11-19 13:52:41 +01:00
Mikael Nordfeldth
c942bdcb43 Comment and typing improvements
To make the StatusNet::addPlugin() accept only arrays,
the lib/default.php had to be changed because all plugins
had 'null' as default value instead of an array.
2013-11-19 13:29:26 +01:00
Mikael Nordfeldth
e45edd6ae2 Use addPlugin! (esp. XMPP folks should do this)
If you're using XMPP by setting $config['xmpp'][*] then you should do:

    addPlugin('Xmpp', $config['xmpp']);

because setting it directly in $config[''] won't do anything.

Also, default resource for XMPP is now 'gnusocial'. If you want something
more random, set it in your addPlugin config array.
2013-10-30 12:28:39 +01:00
Mikael Nordfeldth
fcba540a14 Removed legacy OMB. Use OStatus for remote profiles. 2013-10-28 16:22:09 +01:00
Mikael Nordfeldth
2a5ba1f74b Core and Default plugins separated, now loads on install
_flow_ reported on IRC that install.php had stopped working. This was
because default plugins had been put into two separate lists, and the
list with AuthCrypt was never loaded when performing an installation.

Core plugins cannot be disabled.

I also removed the Memcache autodetection thing since it should be
solved in a more elegant manner.
2013-10-19 14:38:15 +02:00
Mikael Nordfeldth
87370f0cb1 URL shortening can now be disabled for the 'maxurllength'
Also, URL shortening now consistently uses 'maxurllength'...
2013-10-06 22:35:49 +02:00
Mikael Nordfeldth
753019baf2 60 chars was too little, 100 chars seems better. For me. 2013-10-06 20:28:07 +02:00
Mikael Nordfeldth
b0dfc70a54 Properly unlink all old avatars when deleting/uploading a new
We're also now using $config['image']['jpegquality'] to determine the
quality setting for resized images.

To set Avatar max size, adjust $config['avatar']['maxsize']

The getAvatar call now throws exceptions too. Related changes applied.
Now let's move Profile->avatarUrl to the Avatar class!
2013-10-01 17:00:10 +02:00