Commit Graph

13230 Commits

Author SHA1 Message Date
Brion Vibber
eb30c6651a Additional fixes found while looking at ticket #2532: when given a screen name as API parameter for a profile, do the nickname lookup on local users only. The profile table can't guarantee unique lookups, so using names isn't currently safe there. This won't affect anything using local nicknames correctly, and may avoid some weird bugs if there were conflicts between local and remote nicknames. 2010-10-22 13:53:10 -07:00
Brion Vibber
2d124e4aab Fix for ticket #2532: fixed API block create/destroy when specifying the target user/profile as a separate query parameter, such as api/blocks/create.xml?param=xxx
The router settings weren't quite right so we ended up with bogus regex values passed in as the 'id' parameter, which broke the regular fallback ordering of parameter checks.
2010-10-22 13:51:28 -07:00
Brion Vibber
783f28c8b1 Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-22 12:14:45 -07:00
Brion Vibber
e292d8fb65 Fix for 140-char replies being unexpectedly cropped when bridged to Twitter.
This drops the '@' -> ' @' hack for CURL meta-chars in outgoing Twitter bridge, added in commit 04b95c25 back in the day.
The Twitter bridge has since been switched from using direct CURL calls to using HTTPClient, which even with the CURL backend enabled doesn't trigger this issue, as POST parameters are formatted directly.
Prepending the space before we did the message cropping was leading to 140-char messages getting cropped unnecessarily, which was confusing:

Examples of broken messages:
http://identi.ca/notice/57172587 vs http://twitter.com/marjoleink/status/28398050691
http://identi.ca/notice/57172878 vs http://twitter.com/marjoleink/status/28398492563
2010-10-22 12:10:11 -07:00
Zach Copley
3969870cf3 Normalize HTML body ids to lowercase when the user is logged out as well. 2010-10-22 18:32:08 +00:00
Zach Copley
ae557ed436 Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-22 11:23:37 -07:00
Zach Copley
3913b6a5d8 Updated styling for OAuth authorization page's desktop mode.
TODO: move these styles into the main CSS file.
2010-10-22 11:21:44 -07:00
Brion Vibber
6841a8d093 RegisterThrottlePlugin tweak for silencing checks: make sure we don't crash during registration if another profile registered from this address has been since deleted.
Followup to commit 1caa08429f
2010-10-22 11:07:19 -07:00
Evan Prodromou
1caa08429f Collective guilt for registrants from the same IP address
If someone tries to register from an IP address that a silenced user
has registered from, prevent it.

When silencing someone, silence everyone else who registered from the
same IP address.
2010-10-22 13:29:51 -04:00
Evan Prodromou
1d85bfece1 New events when granting and revoking roles
Four new events for when roles are granted or revoked.
2010-10-22 10:31:50 -04:00
Evan Prodromou
07bc50eaed Merge branch 'bettercachelog' into 0.9.x 2010-10-22 09:25:13 -04:00
Evan Prodromou
568cb8a205 Merge remote branch 'gitorious/1.0.x' into 1.0.x 2010-10-22 09:24:50 -04:00
Evan Prodromou
e1e79e6236 Merge remote branch 'gitorious/0.9.x' into 0.9.x 2010-10-22 09:24:49 -04:00
Evan Prodromou
2484d8edc2 more detailed information in cachelogplugin 2010-10-22 09:24:19 -04:00
Brion Vibber
d6f4588b9e Workaround for http_build_query() oddities in low-level router parent code when PHP config is set with non-default separator. 2010-10-21 19:10:43 -07:00
Zach Copley
131c339c5a Pass OAuth authorize page's mode paramater to OpenID plugin so it can create a correct
returnto URL
2010-10-22 02:08:38 +00:00
Zach Copley
ac45f661f6 Fix regression (whoops!) 2010-10-21 18:38:54 -07:00
Zach Copley
c5a84ef76f Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-21 18:16:35 -07:00
Zach Copley
0b134d3e69 Re-camelcase ApiOauthAuthorizeAction so it will be accessible when
a site is in pivate mode
2010-10-21 18:15:11 -07:00
Zach Copley
aa6ec40c51 Fix syntax errors 2010-10-22 00:48:26 +00:00
Zach Copley
ce0d81c190 OAuth - inform consumer when user refused to authorize a request token
http://status.net/open-source/issues/2848
2010-10-21 17:11:59 -07:00
Zach Copley
94f7bfa50a Don't show 'anonymous' app in OAuth application list. 2010-10-21 16:42:59 -07:00
Zach Copley
4ab110e071 Fix bad reference. 2010-10-21 14:52:41 -07:00
Zach Copley
a548861dbf OAuth - proper callback handling and better styling for authorization
page when in desktop mode
2010-10-21 14:45:42 -07:00
Zach Copley
fb86e7c285 Normalize all action HTML body ids to lowercase 2010-10-21 13:03:56 -07:00
Zach Copley
648f79be10 Change OAuth authorization page's action name to be inline with
other web page action names so the body id outputs correctly. Fix
some other bugs.
2010-10-21 13:00:59 -07:00
Zach Copley
bab012bd67 New "desktop" mode for the OAuth authorization page. If mode=deskstop
is specified in the request the page is probably meant to be displayed
in a small webview of another application, so suppress header, aside
and footer.
2010-10-21 12:23:04 -07:00
James Walker
8ac8f3d2dc Memcache::set() 3rd param should be flags (4th is expire). This throws a "2 lowest bytes reserved" error in Memcache > 3.0.3 2010-10-21 12:20:14 -04:00
Siebrand Mazeland
cb74822e7a i18n/L10n consistency updates. 2010-10-21 13:20:21 +02:00
Zach Copley
500157998a Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x 2010-10-21 01:18:53 +00:00
Zach Copley
f283a283b7 Fix syntax error 2010-10-21 01:17:59 +00:00
Siebrand Mazeland
fb12094f61 i18n/L10n updates, translator docs updated, superfluous whitespace removed. 2010-10-21 03:10:46 +02:00
Zach Copley
bfdb8385ec Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
	actions/apioauthauthorize.php
	lib/apioauthstore.php
2010-10-20 17:28:28 -07:00
Craig Andrews
90c87553ee Redirect to https when making an http request for a sensitive action 2010-10-20 20:26:35 -04:00
Zach Copley
e56385a7bb Use a new table (oauth_token_association) to associate authorized
request tokins with OAuth client applications and profiles.
2010-10-20 17:21:04 -07:00
Siebrand Mazeland
31f52ec37c Update translator documentation and remove superfluous whitespace. 2010-10-21 02:02:37 +02:00
Siebrand Mazeland
1603b7afc9 i18n/L10n updates, translator comments added/fixed, superfluous whitespace removed. 2010-10-21 01:53:42 +02:00
Brion Vibber
8fd44a13bf Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-20 16:19:24 -07:00
Brion Vibber
bd7c8825ce Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-20 16:18:48 -07:00
Samantha Doherty
16aec72984 Wee fixin for overflowing notice content in sidebar. 2010-10-20 19:18:21 -04:00
Brion Vibber
152e4f8e89 Merge branch '0.9.x' into openid-oauth 2010-10-20 16:16:28 -07:00
Brion Vibber
e611ec5dee Fix option settings on oauth_post_notice.php 2010-10-20 16:16:00 -07:00
Brion Vibber
c24f4ddfdb Pretty up the OpenID variant of the OAuth login form a bit; change the 'Allow' button to 'Continue' so we're not confused why we get the form again after authenticating. 2010-10-20 16:14:32 -07:00
Siebrand Mazeland
28ec9d6463 * translator documentation added.
* moved some translator comments that were not directly above the line with the message to the correct location.
* i18n for UI text.
* superfluous whitespace removed.
2010-10-21 01:12:56 +02:00
Brion Vibber
bcc06d05e8 Initial OpenID+OAuth thingy. 2010-10-20 15:59:27 -07:00
Brion Vibber
9d401e2b15 Fix --oauth-token-secret on oauth_verify_creds.php 2010-10-20 15:17:56 -07:00
Brion Vibber
8004e2809d Fix for ticket #2845: singleuser nickname configuration was being overridden by site owner in router setup.
I've consolidated the checks for which user to use for single-user mode into User::singleUser(), which now uses the configured nickname by preference, falling back to the site owner if it's unset.
This is now called consistently from the places that needed to use the primary user's nickname in routing setup.

Setting $config['singleuser']['nickname'] should now work again as expected.
2010-10-20 14:34:25 -07:00
Siebrand Mazeland
75ebf3c348 Localisation updates from http://translatewiki.net. 2010-10-20 22:16:13 +02:00
Zach Copley
3d6a0f730d Revert DB change for OAuth. Change compound key for oauth_application_user
back to (profile_id, application_id). I think we can get away without
a DB change by only issuing one anonymous access token per user.
2010-10-20 11:41:04 -07:00
Siebrand Mazeland
ac4afb31e8 Consistent punctuation. 2010-10-20 20:29:59 +02:00