Mikael Nordfeldth
2686635f60
Keep the rel="tag" in HTML when purifying
2016-02-07 12:50:26 +01:00
Mikael Nordfeldth
d6664f5735
Hidespam by default
...
...why would something described as "Whether to hide silenced users from timelines"
be set to false by default? :)
2016-02-07 02:33:53 +01:00
Mikael Nordfeldth
098c8b1df4
NoHttpResponseException extends HTTP_Request2_ConnectionException
2016-02-07 01:52:20 +01:00
Mikael Nordfeldth
60804d1902
ES3 compatibility layer not necessary (noone uses IE8 etc.)
...
All browsers with javascript support also support ES5 nowadays. Anyone
using older software should upgrade for other reasons, such as security.
2016-02-04 11:37:24 +01:00
Mikael Nordfeldth
d5ecbd05a1
Forgot a break in a switch when rendering attachments.
2016-02-03 19:32:51 +01:00
Mikael Nordfeldth
9960714896
Disallow zero-length magnet URIs
...
magnet: would match, but now we have a zero-length lookahead which
requires the following character to be a question mark: magnet:?
2016-02-03 15:26:19 +01:00
Mikael Nordfeldth
90045d66ea
HTMLPurifierSchemes plugin to allow geo and magnet URIs
2016-02-03 14:36:51 +01:00
Mikael Nordfeldth
349dba8be0
Only allow our specified URI schemes
2016-02-03 14:31:16 +01:00
Mikael Nordfeldth
e903bd0bc3
Hacky support for geo URI detection
...
Won't work with common_purify yet because there is no geo uri scheme for it
2016-02-03 14:19:08 +01:00
Mikael Nordfeldth
b1ed1f48ea
Configurable linkify for bare IPv4/IPv6
2016-02-03 12:55:00 +01:00
Mikael Nordfeldth
84930f89f9
Don't allow account backups by default.
2016-02-03 01:08:36 +01:00
Mikael Nordfeldth
19b743a9f5
Set time limit to increase time backupaccount can take
...
Wills till run out of memory probably, we should fix that.
2016-02-03 01:04:14 +01:00
Mikael Nordfeldth
9fcfb7cb1d
Proper error message on too much POST data
2016-02-03 01:03:58 +01:00
Mikael Nordfeldth
a2b914ce60
Get URL schemes by URL type
2016-02-03 00:18:37 +01:00
Mikael Nordfeldth
43abfe659b
Bump beta number to 4
...
We have better webfinger @mention@capability.example at least and
OpportunisticQM is somewhat refined.
2016-01-30 00:04:18 +01:00
Mikael Nordfeldth
367fc054dc
Merge branch 'master' into mmn_fixes
2016-01-30 00:03:25 +01:00
Mikael Nordfeldth
36f099958c
Don't match @nickname on @nickname@server.com
2016-01-29 15:53:58 +01:00
Mikael Nordfeldth
cb40f72c7e
Use the profile URI when linking instead of URL
...
since we'll then get to /user/$id instead of /$nickname which is
good for future archives if someone changes their nickname...
2016-01-29 15:21:01 +01:00
Mikael Nordfeldth
6b31feb70f
Strict Standards: Declaration of MysqlSchema::get()
...
should be compatible with Schema::get($conn = NULL)
2016-01-28 20:18:06 +01:00
Mikael Nordfeldth
7e6783bb8f
Replace htmLawed with HTMLPurifier
2016-01-28 19:01:13 +01:00
Mikael Nordfeldth
34093388a7
Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes
2016-01-27 22:43:37 +01:00
mmn
52778e1882
Merge branch 'json_encode_fail_branch' into 'nightly'
...
output error if json_encode fails
See merge request !86
2016-01-26 21:16:24 +00:00
mmn
42545c6625
Merge branch 'mention_branch' into 'nightly'
...
correct mentions if parent mentions multiple users with same nickname (don't use first one for all)
See merge request !82
2016-01-26 21:15:25 +00:00
Mikael Nordfeldth
a48055a3cc
Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes
2016-01-25 20:22:16 +01:00
hannes
e447964639
remove my ugly debug info
2016-01-25 19:10:35 +00:00
hannes
b1b6a0a69c
config['follow_redirects'] is the extlib's config! if max_redirs is set we want to do our own redirection following in this function
2016-01-25 19:03:26 +00:00
Mikael Nordfeldth
b15434375c
Show plain text files on attachment page.
2016-01-25 16:54:40 +01:00
Mikael Nordfeldth
a9d18a077e
Harmonize, clarify, categorize URL schemes
...
Regular expression + avoid-redirection list now match each other.
2016-01-24 12:47:31 +01:00
Mikael Nordfeldth
1cec627d72
Allow bitcoin scheme to URLs
2016-01-24 12:44:28 +01:00
hannes
4e50717e12
output error if json_encode fails
2016-01-23 15:01:27 +00:00
Mikael Nordfeldth
89dd44bf3e
default connect_timeout to 5 instead of extlib 10
2016-01-22 12:20:03 +01:00
Mikael Nordfeldth
3f9c1c142a
Removing unnecessary debug messages etc.
2016-01-21 02:49:34 +01:00
Mikael Nordfeldth
45446f17ad
Only set selectVerbs if it's not set in class var
2016-01-21 02:37:38 +01:00
Mikael Nordfeldth
d3a4a2225f
We want the profile stream to be as raw as possible!
2016-01-21 02:33:43 +01:00
Mikael Nordfeldth
f74d2d555c
Working on some RSVP code stuff
2016-01-21 02:10:34 +01:00
Mikael Nordfeldth
5999171c11
Throw NoObjectTypeException on Notice->getObjectType if no string
2016-01-20 21:37:14 +01:00
Mikael Nordfeldth
21cc737f5c
Cancelling RSVPs now seems to work.
2016-01-20 16:10:10 +01:00
hannes
de047f9727
correct mentions if parent mention multiple users with same nickname (don't use first one for all)
2016-01-19 13:41:25 +00:00
Mikael Nordfeldth
15d12b209d
Don't include delete verbs in profile notice stream.
2016-01-18 22:04:42 +01:00
Mikael Nordfeldth
f768de4b46
default connect_timeout to 5 instead of extlib 10
2016-01-18 22:01:45 +01:00
Mikael Nordfeldth
cae344b67b
Events are now saved but not displayed properly again
2016-01-18 20:57:44 +01:00
Mikael Nordfeldth
bdc38a7204
Initial user doesn't need as strict checking on email
2016-01-17 00:39:49 +01:00
Mikael Nordfeldth
deda83fdef
Distinguish notice saving errors from others for Salmon
2016-01-16 22:39:04 +01:00
Mikael Nordfeldth
4678546d33
We want exceptions to be noticable in activityhandlerplugin
2016-01-16 21:19:34 +01:00
Mikael Nordfeldth
3019f8f23f
dbqueuemanager logic
2016-01-16 21:05:34 +01:00
Mikael Nordfeldth
f53ebdeadb
Start handling salmon entries directly with Notice::saveActivity
...
More to come...
2016-01-16 17:25:29 +01:00
Mikael Nordfeldth
1f76c1e4a9
Initial user doesn't need as strict checking on email
2016-01-16 17:23:50 +01:00
mmn
44c10bb2aa
Merge branch 'oembed_branch' into 'nightly'
...
purify oembed html and don't allow cdata
hopefully we never need stuff in cdata
reason for this is that this link serves javascript in its oembed data: https://www.maketecheasier.com/switch-windows-10-to-linux/
see:
https://www.maketecheasier.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.maketecheasier.com%2Fswitch-windows-10-to-linux%2F
i don't feel we want that in our database.
See merge request !79
2016-01-15 13:11:35 +00:00
Mikael Nordfeldth
16088d9439
ErrorAction and InfoAction fixes, are now ManagedAction
2016-01-14 21:28:47 +01:00
Mikael Nordfeldth
bc0a903bd4
ErrorAction to autodiscoverable file.
2016-01-14 21:21:34 +01:00
Mikael Nordfeldth
b530d385bc
Exception object was not supplied there
2016-01-14 18:51:46 +01:00
Mikael Nordfeldth
0caf0612d0
Make Twitter Media upload API v1.1 reach us
...
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
Mikael Nordfeldth
6e49281adb
Use the Action class itself as error handler
2016-01-14 18:21:11 +01:00
Mikael Nordfeldth
c173c4faa5
Actually throw NoQueueHandlerException too.
2016-01-14 13:48:33 +01:00
Mikael Nordfeldth
df00a88cb4
Forgot to add NoRouteMapException to 6834f355f2
2016-01-14 13:07:00 +01:00
Mikael Nordfeldth
6834f355f2
Making ClientExceptions turn into ClientErrorAction
...
Got some 404s which were presented as 500
2016-01-14 02:47:28 +01:00
Mikael Nordfeldth
99261e0781
Don't LOG_ERR missing paths (misspelling clients aren't errors)
2016-01-14 02:22:47 +01:00
Mikael Nordfeldth
331abf173b
Forgot semicolon
2016-01-14 02:05:33 +01:00
Mikael Nordfeldth
f699ffeb8a
Exception handling in queue handler logic
2016-01-14 02:04:15 +01:00
Mikael Nordfeldth
0ddaa6ff75
Handle exceptions in QueueHandler classes
2016-01-14 01:47:13 +01:00
Mikael Nordfeldth
29b45bb87a
Unnecessary call to User::getKV
2016-01-13 20:08:17 +01:00
Mikael Nordfeldth
818aaa0578
We didn't get profiles from the new-style attention system
2016-01-13 18:35:25 +01:00
hannes
3e7e3de554
don't allow cdata elements in purified html
2016-01-13 16:01:27 +00:00
Mikael Nordfeldth
99da1ebe41
Catch NoHttpResponseException when using HTTPClient
2016-01-13 14:17:49 +01:00
Mikael Nordfeldth
3ed632decf
NoHttpResponseException needed instead of HTTP_Request2_Exception
...
HTTP_Request2_Exception assumed an HTTP response status code/line
2016-01-13 14:08:48 +01:00
Mikael Nordfeldth
e75472f460
Use the upstream function to get effectiveUrl
2016-01-13 14:00:05 +01:00
Akio Nishimura
eceafb84de
lib/language.php: rewrited jp as ja.
2016-01-13 13:23:06 +01:00
Mikael Nordfeldth
e49e113140
Ugly hack to show thumbnails of otherwise unrepresentable attachments
...
such as text/html, where the thumbnail has been retrieved via oEmbed/OpenGraph
2016-01-12 15:38:59 +01:00
Mikael Nordfeldth
8c28e54ccc
same as previous, but for mime_to_ext
2016-01-12 13:14:17 +01:00
Mikael Nordfeldth
dbe5d72e4c
If all file extensions are supported we have no list of comparisons
2016-01-12 13:08:54 +01:00
hannes
a1b509bb0b
forgot we need access to $html too
2016-01-11 20:58:34 +00:00
hannes
8d331b0f35
EndCommonPurify event
2016-01-11 20:54:19 +00:00
Mikael Nordfeldth
1a46d86ca6
lib/util.php quick function to do var_export($var,true)
...
Immensely useful when debugging and we want to put quotes around strings,
potentially stopping any "evil logging attacks" (where input data masks
as logging data).
2016-01-11 19:52:54 +01:00
Mikael Nordfeldth
c1f22f106b
Might as well put a $limit on preg_replace here
...
Since there will (should) never be more than one ^http in that string anyway.
2016-01-11 18:27:26 +01:00
Mikael Nordfeldth
5b2b969a77
Tag notice streams should only show post verbs
2016-01-11 15:15:23 +01:00
Mikael Nordfeldth
b13f8df79b
HTTPClient would return null instead of exception
...
This caused $response->isOK() tests to call a function on a non-existing object, causing all hell to break loose.
2016-01-11 02:36:59 +01:00
Mikael Nordfeldth
5ef10a14ef
Get group attentions too for outbound notices
2016-01-09 15:06:44 +01:00
Mikael Nordfeldth
55aa68b941
CancelGroupForm gets same typing as Join and Leave
2016-01-09 14:13:19 +01:00
Mikael Nordfeldth
fbec7c4e75
Issue #121 - use correct Group ID and strict User_group typing
2016-01-09 14:06:50 +01:00
Mikael Nordfeldth
d13483ca20
Wups, $poster could be undefined
2016-01-09 13:15:09 +01:00
Mikael Nordfeldth
33194b3cff
Attention goes to the parent notice author too
2016-01-08 02:58:31 +01:00
Mikael Nordfeldth
0463d96392
Add more info in logging call
...
There shouldn't be *HandleSalmonTarget, only verification of actor and
then Notice::saveActivity()!
2016-01-08 01:52:10 +01:00
Mikael Nordfeldth
e6f2676c5c
Default to not include delete verbs in notice streams
2016-01-07 23:33:47 +01:00
Mikael Nordfeldth
801ca3531b
common_find_attentions to populate activities from content text
2016-01-07 23:23:37 +01:00
Mikael Nordfeldth
1f02dc639e
shortenLinks _after_ media upload to be consistent with api
2016-01-07 18:14:45 +01:00
Mikael Nordfeldth
be58fd64f5
Use index for File url (urlhash)
2016-01-07 18:13:10 +01:00
Mikael Nordfeldth
d4be5349b3
think I have managed to show oEmbed images better now
2016-01-07 17:35:37 +01:00
Mikael Nordfeldth
5d4b1d0b88
Appropriate exception message in GroupNoProfileException
2016-01-07 12:14:48 +01:00
Mikael Nordfeldth
47c7e1b875
Breaking class definitions out into separate files and fixing typing
2016-01-06 19:46:56 +01:00
Mikael Nordfeldth
f1c4c64cd9
Don't update stored URLs just because we have a filename
...
This would overwrite remote URLs with local verisons which removes source href...
The reason one might have filenames for remote URLs is that StoreRemoteMedia plugin
fetches them and uses the filename field.
2016-01-06 19:24:03 +01:00
Mikael Nordfeldth
b596391fcd
Avoid having to check for notices without rendered copies in upgrade.php
...
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Mikael Nordfeldth
4a8e936e19
Somewhat more meaningful error message
2016-01-06 14:10:37 +01:00
Mikael Nordfeldth
4b22b0c42a
More listitems and lists into separate files + stronger typing
2016-01-06 01:36:46 +01:00
Mikael Nordfeldth
6d9f390ba8
Separating classes into files and stronger typing
2016-01-06 01:30:12 +01:00
Mikael Nordfeldth
da2f179ae9
Typing to Profile
2016-01-06 01:25:00 +01:00
Mikael Nordfeldth
e577e883f4
Subscriber lists to separate files and also Profile typing
2016-01-06 00:57:31 +01:00
Mikael Nordfeldth
1946197a1c
Merge request #10 by aroque but in a slightly different version
2016-01-06 00:48:03 +01:00
Mikael Nordfeldth
31c8416a8f
Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes
2016-01-06 00:24:41 +01:00
Mikael Nordfeldth
792b62874e
Require Profile for Profile->getLists
2016-01-06 00:18:10 +01:00
hannes
0b4b0de412
longurl in href
2016-01-05 23:14:51 +00:00
Mikael Nordfeldth
3d66d960a1
Require Profile for Profile->getOtherTags
2016-01-06 00:07:15 +01:00
hannes
8b78e01d4c
$longurl->url is just the same $canon we fed to File_redirection::where()
2016-01-05 23:06:02 +00:00
hannes
64f2f3d976
effectiveUrl seems to contain the url we want
2016-01-05 22:44:06 +00:00
Mikael Nordfeldth
df8c14d66a
ProfileMiniList->newListItem changed to match ProfileList->newListItem
2016-01-05 00:09:47 +01:00
Mikael Nordfeldth
de7e8c59e8
Version bump since we've fixed a lot of bugs
2016-01-04 02:19:37 +01:00
Mikael Nordfeldth
fb537fb7f4
We would end up with a Managed_DataObject if now match was found
...
meaning we'd return for example a Notice with empty id (translated into 0)
and thus Faves coming in from remote instances where the fave'd notice was
not found would result in faving the first Notice in a table-wide search,
i.e. often the first post on the instance.
Whoopie!
2016-01-04 02:04:18 +01:00
Mikael Nordfeldth
065e23b1c4
Code cleanup in lib/activityutils.php
2016-01-04 01:58:45 +01:00
Mikael Nordfeldth
00ace6c2df
More explicit catch
2016-01-04 01:53:33 +01:00
Mikael Nordfeldth
b4b57bba54
EmptyIdException to make sure we get the right in catch
2016-01-03 22:56:48 +01:00
Mikael Nordfeldth
3bddf01350
Somewhat better layout for approving/rejecting subrequests
2016-01-03 20:42:21 +01:00
Mikael Nordfeldth
c19964094b
Pending subscription requests now work as they should
...
A slight layout issue with the buttons still persists
2016-01-03 20:27:53 +01:00
Mikael Nordfeldth
df0f9547b5
Handle private streams better (failed to show profile before)
2016-01-03 19:16:29 +01:00
Mikael Nordfeldth
0dc7fcce5b
Fixes issue #94 with undefined 'fr'
...
I just copied the English example...
2016-01-03 00:45:47 +01:00
Mikael Nordfeldth
fe328ae5e4
Fix because qvitter supplies a twitter array value which is an array
...
works for json API, not for XML, so we make an exception here...
2016-01-02 02:01:54 +01:00
Mikael Nordfeldth
cf6e06a5dd
Avoid exception for invalid URL aborting rendering for parent notice if it fails
2016-01-02 00:09:10 +01:00
Mikael Nordfeldth
0dfafe2567
NewnoticeAction now uses Notice::saveActivity(...)
2016-01-01 20:18:54 +01:00
Mikael Nordfeldth
26a6eca94e
Location::fromOptions(Notice::locationOptions(...))
2016-01-01 19:29:31 +01:00
Mikael Nordfeldth
e02c10a589
common_render_content doesn't require a Profile now
2016-01-01 18:40:58 +01:00
Mikael Nordfeldth
10973dcf69
Don't require a notice object to common_linkify_mentions
2016-01-01 18:20:42 +01:00
Mikael Nordfeldth
86106b890a
Output fixed sizes of thumbnails so we don't get jumpy scrolling
2016-01-01 14:13:16 +01:00
Mikael Nordfeldth
7adf1c99fc
s/LOG_ERROR/LOG_ERR/
2015-12-31 13:04:50 +01:00
Mikael Nordfeldth
998db39b1a
Notification mails are sent again fixes ssue #99
...
The problem was that the ActivityVerbPostPlugin handled 'post' verbs
but didn't handle the notifications for them, so now we're returning
true in the event so the default behaviour (sending to 'getReplies'
recipients) is done by default.
2015-12-30 17:35:47 +01:00
Mikael Nordfeldth
c0ef167514
create storage directories automatically
2015-12-28 00:35:02 +01:00
Mikael Nordfeldth
2f836e2a59
GNU social config paths, removed StatusNet/Laconica
2015-12-28 00:09:06 +01:00
Mikael Nordfeldth
17a65ff873
background folder has never been used for GNU social
2015-12-28 00:00:51 +01:00
Mikael Nordfeldth
6026dcaed1
Report if the email was not sent!
2015-12-27 02:16:12 +01:00
Mikael Nordfeldth
62c4ffe889
Server exceptions should reasonably be 5xx
2015-12-27 02:15:37 +01:00
Mikael Nordfeldth
83c112e24b
Handle lack of parent nicely
2015-12-26 16:36:03 +01:00
Mikael Nordfeldth
306df3dc3b
Logging fixes
2015-12-26 16:27:06 +01:00
Mikael Nordfeldth
c2ea85a5e2
Merge branch 'master' into nightly
2015-12-14 22:07:06 +01:00
mmn
2addf8e456
Merge branch 'repost-of-uf2' into 'master'
...
Mark up link to original as a repost for repeats
http://indiewebcamp.com/repost
See merge request !46
2015-12-14 21:03:38 +00:00
Mikael Nordfeldth
ef4e61c91b
Merge branch 'master' into nightly
2015-12-14 22:03:04 +01:00
mmn
edd62e58fd
Merge branch 'at-mention-url' into 'master'
...
MentionURL Plugin
This plugin enables users to use the syntax `@twitter.com/singpolyma` to mention users the system does not know about, or to be more specific when a nickname is ambiguous.
See merge request !53
2015-12-14 21:01:42 +00:00
mmn
c114c6bbad
Merge branch 'php-minversion-detec' into 'nightly'
...
installer::checkPrereqs bump PHP version to 5.5.0
Related to #102
See merge request !63
2015-12-14 20:37:53 +00:00
Mikael Nordfeldth
d659e0aaf9
We have to print/echo when outputting json (thanks hannes)
2015-12-14 21:31:10 +01:00
Mikael Nordfeldth
8d1105fe73
We have to print/echo when outputting json (thanks hannes)
2015-12-14 21:29:39 +01:00
Mikael Nordfeldth
c498db147a
ircs URLs work fine in Firefox at least
2015-12-05 13:02:49 +01:00
Chimo
3e16e31080
installer::checkPrereqs bump PHP version to 5.5.0
2015-12-04 15:22:58 +00:00
Mikael Nordfeldth
4479d780e5
List groups with nickname instead of full name in sidebar
2015-11-30 02:21:17 +01:00
Mikael Nordfeldth
334a0d56e7
Oembed slimmed to only do discovery (soon we get og: discovery too)
2015-11-30 02:06:04 +01:00
Mikael Nordfeldth
8bab642cc7
quickGetJson for HTTP requests to return json objects
2015-11-30 02:05:06 +01:00
Mikael Nordfeldth
b7edac2610
HTTPClient get $params array and oEmbedHelper uses it
2015-11-30 01:28:18 +01:00
Mikael Nordfeldth
5b847eff12
bump beta version number
2015-11-23 00:42:13 +01:00
Mikael Nordfeldth
bca4bb8373
allow form ->li() to set $class
2015-11-23 00:40:28 +01:00
Mikael Nordfeldth
1630424797
Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into nightly
2015-11-20 18:50:26 +01:00
mmn
b33b40db45
Merge branch 'refactor-file-processNew' into 'nightly'
...
Refactor on File::processNew
The code was so involved there was even a comment asking for a refactor.
Now, File_redirection::where always returns a nice File_redirection
object instead of an array or string or nothing. The object is
either one which already existed or else a new, unsaved object.
Instead of duplicating "does it exist" checks everywhere, do it in
File_redirection::where. You either get what exists or something to save.
An unsaved File_redirection may be paired with an unsaved File.
You will want to save the File first (using ->saveFile()) and put the
id in File_redirection#file_id before saving.
See merge request !57
2015-11-20 17:50:01 +00:00
Mikael Nordfeldth
38c84a92c7
Merge request #59 which was directed at master
2015-11-20 18:47:21 +01:00
hannes
abb8d1273e
block check can't be done inside the same try-expression as Subscription::getSubscription(), since if that throws a NoResultException, the block check will not be done. and if you're blocking someone you are not subscribing to them.
2015-11-19 15:55:11 +00:00
Mikael Nordfeldth
f29daa22b6
Merge branch 'master' of git.gnu.io:gnu/gnu-social into nightly
2015-11-06 13:39:17 +01:00
mmn
dbdac9cfbe
Merge branch 'in-reply-to-uf2' into 'master'
...
Add direct link to parent notice
This is partly for usability, and partly to make Linkbacks for replies work (when the plugin is enabled).
See merge request !37
2015-11-06 12:39:02 +00:00