Commit Graph

3570 Commits

Author SHA1 Message Date
Mikael Nordfeldth
723b49a22a throw exception instead of clientError 2016-03-09 14:17:55 +01:00
Mikael Nordfeldth
265fa12917 Relatively experimental change to store thumbnails in 'file/thumb/' (by default) 2016-03-07 22:33:34 +01:00
Mikael Nordfeldth
6ec72b2978 Move mail_confirm_address out of mail.php 2016-03-06 17:27:40 +01:00
Mikael Nordfeldth
bf34f730dd Use $this->scoped in AvatarsettingsAction 2016-03-05 01:03:48 +01:00
Mikael Nordfeldth
175b7e8541 Refactor some ConfirmaddressAction stuff 2016-03-02 15:31:48 +01:00
Mikael Nordfeldth
63c087a255 Consistent behaviour for ScopingNoticeStream $scoped
We don't guess the current profile anymore if the value of the profile === -1

Also sets $this->scoped for all ScopingNoticeStream inheritors, which just
like in an Action can be null if we're not scoped in any way (logged in).
2016-03-01 14:51:47 +01:00
Mikael Nordfeldth
da34491c59 Woops, undefined $type there. 2016-02-28 20:50:45 +01:00
mmn
d1b294e1ac Merge branch 'delete_group_logo' into 'nightly'
Now we can delete a group logo.

I added a function of deleting a group logo.

I'm not sure we should delete group's avatar through Avatar::deleteFromProfile like on line 426:
```php
Avatar::deleteFromProfile($this->group->getProfile());
```

See merge request !84
2016-02-28 18:45:31 +00:00
Mikael Nordfeldth
2696e13b19 Refactoring ApiStatusesDestroyAction 2016-02-28 19:35:03 +01:00
Mikael Nordfeldth
446c930823 Change to more recent code style in ApiStatusesDestroyAction 2016-02-28 19:23:13 +01:00
hannes
6a0007c410 moderators can delete others' notices using the api 2016-02-27 01:03:24 +00:00
Mikael Nordfeldth
1d0a448e07 Publish rel="me" in Link HTTP headers 2016-02-24 16:43:09 +01:00
Mikael Nordfeldth
afbdcf8938 Don't publish mbox_sha1sum in FOAF by default.
We say the email is private data, so reasonably we shouldn't reveal it
indirectly through a hash sum: http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2016-02-19 00:10:05 +01:00
Mikael Nordfeldth
73dbc5ca1b Use ToSelector choice again. 2016-02-17 23:44:15 +01:00
Mikael Nordfeldth
d9b649642d Show notice feed URLs (and author) 2016-02-17 23:32:56 +01:00
Mikael Nordfeldth
5fbb01130a By default, disallow users to set private_stream 2016-02-17 22:58:31 +01:00
Mikael Nordfeldth
47dc15c9f6 Describe that we don't allow empty fullnames. 2016-02-17 22:48:32 +01:00
Mikael Nordfeldth
d6bf90cfb7 If profile fullname is 0 chars use nickname 2016-02-17 22:43:45 +01:00
Mikael Nordfeldth
c7c34ec05a Only administrators can delete other privileged users. 2016-02-12 15:00:18 +01:00
Mikael Nordfeldth
e5ad98e601 Silence action can only be used on non-priviliged users 2016-02-12 14:22:25 +01:00
Mikael Nordfeldth
ec257d940a Either use or don't use HTTPS
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
2016-02-10 00:57:39 +01:00
Mikael Nordfeldth
7c90d7022b Require the license with HTML5 2016-02-08 17:56:35 +01:00
Mikael Nordfeldth
cd71188d3a SimpleCaptcha plugin to stop basic bots 2016-02-08 17:47:09 +01:00
Mikael Nordfeldth
a30d34be7f Returnto the previous page when deleting a notice. 2016-02-08 15:30:28 +01:00
Mikael Nordfeldth
25c15119bc Backupaccount is always readonly 2016-02-03 01:15:35 +01:00
Mikael Nordfeldth
19b743a9f5 Set time limit to increase time backupaccount can take
Wills till run out of memory probably, we should fix that.
2016-02-03 01:04:14 +01:00
Mikael Nordfeldth
a6898b033d Fullname and location are now text, not varchar, and can be >191|255 2016-01-28 19:12:30 +01:00
Mikael Nordfeldth
7e6783bb8f Replace htmLawed with HTMLPurifier 2016-01-28 19:01:13 +01:00
Mikael Nordfeldth
d73c264e25 Haha, forgot that the $content content must also be there! 2016-01-27 23:04:19 +01:00
Mikael Nordfeldth
a47563cf3d Don't add space if there's no string in new notice content 2016-01-27 22:41:53 +01:00
Mikael Nordfeldth
03d2b680f8 Allow empty new-notice content via web if there's an upload 2016-01-27 22:39:43 +01:00
Akio Nishimura
d13454fb84 Now we can delete a group logo. 2016-01-21 08:10:35 +09:00
Mikael Nordfeldth
a1530b0e68 Removing superflous debug stuff 2016-01-14 22:12:36 +01:00
Mikael Nordfeldth
8df38df5cb Get uploaded media_ids via File::getByID()
Filters out failed ones...
2016-01-14 22:05:03 +01:00
Mikael Nordfeldth
e5019c3858 Accept media_ids parameter from Twitter API v1.1 clients
They upload the media first and then provide media IDs in a comma
separated parameter (but we just split it to all whole integers).
2016-01-14 20:24:01 +01:00
Mikael Nordfeldth
b570f0d3cb Media files are accepted and uploaded via Twitter API now 2016-01-14 19:15:02 +01:00
Mikael Nordfeldth
0caf0612d0 Make Twitter Media upload API v1.1 reach us
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
Mikael Nordfeldth
1e5770bbcf $this->notice is never unset after prepare 2016-01-13 21:34:15 +01:00
Mikael Nordfeldth
adba38ce20 Deleted_notice is pluginified, don't call directly from core 2016-01-13 21:29:23 +01:00
mmn
e4a1dff98d Merge branch 'apiaccountregister_event_branch' into 'nightly'
APIStartRegistrationTry event



See merge request !77
2016-01-11 21:08:09 +00:00
hannes
543a7e421e APIStartRegistrationTry event 2016-01-11 20:04:31 +00:00
Mikael Nordfeldth
33194b3cff Attention goes to the parent notice author too 2016-01-08 02:58:31 +01:00
Mikael Nordfeldth
c48871cf1b Notice from web now saves context->attention too! ;) 2016-01-07 23:24:15 +01:00
Mikael Nordfeldth
1f02dc639e shortenLinks _after_ media upload to be consistent with api 2016-01-07 18:14:45 +01:00
Mikael Nordfeldth
6505504411 shortenLinks with a capital L 2016-01-07 18:12:29 +01:00
Mikael Nordfeldth
6924bb1d29 Gah and a 302 in the non-exception-handling redirect too 2016-01-06 20:09:59 +01:00
Mikael Nordfeldth
a9b5519293 Attachment thumbnail redirect is a 302 redirect
It SHOULD be cached but it might no longer be valid if we empty cache or something.
2016-01-06 20:07:40 +01:00
Mikael Nordfeldth
4d179c6b0c Our URLs are permanent redirects, mind you! 2016-01-06 20:06:14 +01:00
Mikael Nordfeldth
b596391fcd Avoid having to check for notices without rendered copies in upgrade.php
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Mikael Nordfeldth
0fd2ad649e Conversation IDs (again) no longer based on Notice ID 2016-01-06 13:58:46 +01:00