Mikael Nordfeldth
e2a090c9cc
Use NoticeStream::filterVerbs for filtering in noticestreams
2016-02-14 20:46:13 +01:00
Mikael Nordfeldth
c23c3a4f53
Might as well put a FILTER_SANITIZE_EMAIL there
...
Not that I think we could break out of the directory since
we use basename, but you never know... maybe there's a unicode
bug in PHP or something.
2016-02-13 14:06:05 +01:00
Mikael Nordfeldth
4bf26eff4c
socialfy-your-domain updated for webfinger (not tested)
2016-02-13 13:57:15 +01:00
Mikael Nordfeldth
be14e15dac
Hide attachments in notices by silenced profiles
2016-02-13 13:17:39 +01:00
Mikael Nordfeldth
fbcca62ae1
listGet was not meant for that really
2016-02-13 01:19:47 +01:00
Mikael Nordfeldth
8ef2abf30b
Render RegiserThrottle extra profile data properly
2016-02-13 01:16:34 +01:00
Mikael Nordfeldth
799c2e47fe
Don't depend on ModLog
2016-02-13 01:10:01 +01:00
Mikael Nordfeldth
be35975b12
RegisterThrottle list-profiles-by-ip
2016-02-13 01:02:18 +01:00
Mikael Nordfeldth
557ad2d1fd
Show user registration IP to users who can see ModLog
2016-02-13 00:51:43 +01:00
Mikael Nordfeldth
c7c34ec05a
Only administrators can delete other privileged users.
2016-02-12 15:00:18 +01:00
Mikael Nordfeldth
83f679fb57
Profile->isPrivileged() to check if users have more rights than to post etc.
2016-02-12 14:47:49 +01:00
Mikael Nordfeldth
3cef75bcac
Update the comment on silencing privileged users in ModHelper
2016-02-12 14:47:44 +01:00
Mikael Nordfeldth
e5ad98e601
Silence action can only be used on non-priviliged users
2016-02-12 14:22:25 +01:00
Mikael Nordfeldth
5dce08d068
Add Profile::ensureCurrent() to verify we _certainly_ got a Profile.
2016-02-12 13:52:48 +01:00
Mikael Nordfeldth
f10625f8bc
file and avatar dirs on instances with no such dirs in filesystem
2016-02-12 02:29:33 +01:00
Mikael Nordfeldth
338df7e35b
Fix Nickname::isSystemPath() work properly for routes
2016-02-12 02:21:11 +01:00
Mikael Nordfeldth
c8753353ed
Do not delete_orphan_files on an instance with Qvitter
2016-02-12 01:45:47 +01:00
Mikael Nordfeldth
913595780f
And LEFT JOIN to actually get all results
2016-02-12 00:05:36 +01:00
Mikael Nordfeldth
1471defff3
...and avoid duplicate results...
2016-02-11 23:38:12 +01:00
Mikael Nordfeldth
05fea4cdc6
Aurhg, and get all the properties, not just id
2016-02-11 22:54:29 +01:00
Mikael Nordfeldth
2198f39597
Haha, it essentially became a NOOP with the last commit
2016-02-11 22:49:45 +01:00
Mikael Nordfeldth
6f2fbd448d
Fixed the delete orphan script to include deleted notices
...
The file_to_post table sometimes had post_id with values that did not
exist in the notice table.
2016-02-11 22:43:26 +01:00
Mikael Nordfeldth
38a187b93e
Delete orphan files maintenance script
...
When deleting a profile it'll delete its notices and the coupling to
file entries, but not the file entries themselves (and thus not the
files). So if one to delete a person uploading offending images, then
the images are left behind and can be hotlinked. This will remove it.
2016-02-11 22:19:56 +01:00
Mikael Nordfeldth
7fdcbd56d5
XMPP URI scheme for HTMLPurifier
2016-02-11 21:31:50 +01:00
Mikael Nordfeldth
67dfc0a046
application/xml allowed in uploads
2016-02-11 00:04:14 +01:00
Mikael Nordfeldth
b9d35659c8
Stricter exception check
2016-02-10 04:43:30 +01:00
Mikael Nordfeldth
733debd9b3
Use thumbnail upscaling config value
2016-02-10 04:40:54 +01:00
Mikael Nordfeldth
8806cce735
Default to avoid upscaling of thumbnails. 45x45=>450x450 is ugly
2016-02-10 04:40:10 +01:00
Mikael Nordfeldth
dd229e855a
Allow finding the "original remote thumbnail"
...
This will probably cause older oEmbed images not to show, since they
probably were updated to use empty url entries because they were thought
of as local ones. During a migration period maybe you want to change
the default value of notNullUrl to 'false' in File_thumbnail::byFile(...)
2016-02-10 04:37:43 +01:00
Mikael Nordfeldth
893d888152
Add urlhash field to File_thumbnail for indexing
2016-02-10 04:15:41 +01:00
Mikael Nordfeldth
49b7648fea
Managed_DataObject gets onInsert and onUpdate
2016-02-10 03:37:27 +01:00
Mikael Nordfeldth
d0b2d86ca1
background is not used, so removed from documentation
2016-02-10 02:32:17 +01:00
Mikael Nordfeldth
9f961597c6
Document site/sslproxy config value
...
Should be put into installation configuration too. Maybe a sample
and commented out entry in config.php as well.
2016-02-10 01:11:43 +01:00
Mikael Nordfeldth
a61235086b
Use config site/sslproxy to force HTTPS (i.e. using reverse proxy to enable it)
...
Usage in config.php: $config['site']['sslproxy'] = true;
Add this to documentation...
2016-02-10 01:05:02 +01:00
Mikael Nordfeldth
ec257d940a
Either use or don't use HTTPS
...
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
2016-02-10 00:57:39 +01:00
Mikael Nordfeldth
dcf29c2a07
s/isHTTPS/useHTTPS/ for HTTPS URL generation
2016-02-10 00:38:14 +01:00
Mikael Nordfeldth
eaa394ed7d
bitcoin schema for HTMLPurifier
2016-02-08 20:20:31 +01:00
Mikael Nordfeldth
7c90d7022b
Require the license with HTML5
2016-02-08 17:56:35 +01:00
Mikael Nordfeldth
ef5ed10eb9
Log failed captcha entries
2016-02-08 17:51:21 +01:00
Mikael Nordfeldth
cd71188d3a
SimpleCaptcha plugin to stop basic bots
2016-02-08 17:47:09 +01:00
Mikael Nordfeldth
a30d34be7f
Returnto the previous page when deleting a notice.
2016-02-08 15:30:28 +01:00
Mikael Nordfeldth
d98784e059
Use functions instead of accessing properties in twitterUserArray
2016-02-08 12:21:58 +01:00
Mikael Nordfeldth
3dea259f52
Return intval from getID()
2016-02-08 12:21:46 +01:00
Mikael Nordfeldth
2938b3e960
Don't return true on requiresAuth if screen_name==='0'
2016-02-08 12:14:35 +01:00
Mikael Nordfeldth
13cf744fb3
Allow screennames that are === '0'
2016-02-08 11:40:46 +01:00
Mikael Nordfeldth
2686635f60
Keep the rel="tag" in HTML when purifying
2016-02-07 12:50:26 +01:00
Mikael Nordfeldth
1126f70786
Merge branch 'master' into mmn_fixes
2016-02-07 02:35:44 +01:00
Mikael Nordfeldth
7c7f2f890f
Hidespam by default
...
...why would something described as "Whether to hide silenced users from timelines"
be set to false by default? :)
2016-02-07 02:35:21 +01:00
Mikael Nordfeldth
d6664f5735
Hidespam by default
...
...why would something described as "Whether to hide silenced users from timelines"
be set to false by default? :)
2016-02-07 02:33:53 +01:00
Mikael Nordfeldth
58e852f7f7
Use the -y parameter for ffmpeg/avconv to be non-interactive
2016-02-07 01:59:21 +01:00