Mikael Nordfeldth
ec257d940a
Either use or don't use HTTPS
...
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
2016-02-10 00:57:39 +01:00
Mikael Nordfeldth
3dea259f52
Return intval from getID()
2016-02-08 12:21:46 +01:00
Mikael Nordfeldth
e903bd0bc3
Hacky support for geo URI detection
...
Won't work with common_purify yet because there is no geo uri scheme for it
2016-02-03 14:19:08 +01:00
Mikael Nordfeldth
6a4aa34b0c
Don't process further in redirection if HEAD gives 400 Bad request
2016-02-03 00:34:49 +01:00
Mikael Nordfeldth
40cffb9463
File::isProtected is static
2016-02-03 00:22:18 +01:00
Mikael Nordfeldth
c6ae883ad2
Don't trust local HTML either
...
If we reallyreally want to include <img> or <script> or whatever then we
have to do that after Notice::saveActivity sets ->rendered.
2016-01-30 00:00:37 +01:00
hannes
f708a5b016
Never save our /attachment/{file_id} links as links in the file table, return the old file
2016-01-29 00:36:30 +00:00
hannes
efd2326a29
the last url in the redirection chain can actually also be a redirection (e.g. if it's one of our /attachment/{file_id} links)
2016-01-29 00:34:32 +00:00
Mikael Nordfeldth
efe23ed404
updateWithKeys now understands multi-column keys
...
and automatically identifies _which_ columns are the right ones,
so for example 'uri' primary keys don't need to be explicitly set
2016-01-28 16:42:59 +01:00
hannes
a888294135
add our own protected urls
2016-01-25 19:00:46 +00:00
hannes
ca0c792ed3
File and File_redirection records are saved in File_redirection::where() now
2016-01-25 19:00:05 +00:00
hannes
48e1a2431b
save File and File_redirection records in File_redirection::where(), because then we will have to run where() over and over again
2016-01-25 18:55:48 +00:00
Mikael Nordfeldth
a9d18a077e
Harmonize, clarify, categorize URL schemes
...
Regular expression + avoid-redirection list now match each other.
2016-01-24 12:47:31 +01:00
Mikael Nordfeldth
1cec627d72
Allow bitcoin scheme to URLs
2016-01-24 12:44:28 +01:00
Mikael Nordfeldth
f74d2d555c
Working on some RSVP code stuff
2016-01-21 02:10:34 +01:00
Mikael Nordfeldth
5999171c11
Throw NoObjectTypeException on Notice->getObjectType if no string
2016-01-20 21:37:14 +01:00
Mikael Nordfeldth
7715ea993b
getVerb function in Notice class
2016-01-18 22:02:05 +01:00
Mikael Nordfeldth
6c46a93a81
Minor improvements on Notice::saveActivity
2016-01-18 19:29:45 +01:00
Mikael Nordfeldth
11b925c4ca
Use a function to getCreated()
2016-01-18 17:03:37 +01:00
Mikael Nordfeldth
deda83fdef
Distinguish notice saving errors from others for Salmon
2016-01-16 22:39:04 +01:00
Mikael Nordfeldth
a85a08ff35
Add a check in Notice->asActivityObject that we're actually returning such a thing!
2016-01-16 21:13:26 +01:00
Mikael Nordfeldth
fdfa71a033
Extremely verbose debugging is annoying
2016-01-16 18:04:04 +01:00
Mikael Nordfeldth
1f76c1e4a9
Initial user doesn't need as strict checking on email
2016-01-16 17:23:50 +01:00
Mikael Nordfeldth
0caf0612d0
Make Twitter Media upload API v1.1 reach us
...
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
Mikael Nordfeldth
45dd343126
Eventify Notice getAsTimestamp (for Deleted_notice)
2016-01-13 21:01:47 +01:00
Mikael Nordfeldth
961725205d
Try if Profile is a Person (in effect ActivityObject::PERSON)
2016-01-13 18:34:48 +01:00
Mikael Nordfeldth
e75472f460
Use the upstream function to get effectiveUrl
2016-01-13 14:00:05 +01:00
Mikael Nordfeldth
b696fb4eb1
Mimetypes like image/svg+xml were misinterpreted when guessing
...
We don't really need the mb_ in mb_strtolower but what the heck, why not. I love Unicode.
2016-01-12 13:46:25 +01:00
Mikael Nordfeldth
93c614c184
Do updateWithKeys properly if someone would like to update PRI
2016-01-11 19:52:33 +01:00
Mikael Nordfeldth
67801a5566
Not only local groups should be added to group inbox notificiation table
2016-01-09 15:14:38 +01:00
Mikael Nordfeldth
5ef10a14ef
Get group attentions too for outbound notices
2016-01-09 15:06:44 +01:00
Mikael Nordfeldth
c3c5a9974d
Do proper fromUri lookup on groups too
2016-01-09 14:36:47 +01:00
Mikael Nordfeldth
d1e609a886
Local user profile getUrl gives dynamically generated URL
2016-01-09 13:47:38 +01:00
Mikael Nordfeldth
f143925931
Actually return the group home URL
2016-01-09 13:33:30 +01:00
Mikael Nordfeldth
28cd5640c1
Save attentions to Reply table for backwards compatibility
...
local users only of course
2016-01-08 01:59:16 +01:00
Mikael Nordfeldth
c48871cf1b
Notice from web now saves context->attention too! ;)
2016-01-07 23:24:15 +01:00
Mikael Nordfeldth
6255e1dca3
saveAttentions, trying to move away from saveReply
2016-01-07 23:23:51 +01:00
Mikael Nordfeldth
3eebf2a353
Don't store the notice object for distrib queue handler, just id
2016-01-07 20:24:59 +01:00
Mikael Nordfeldth
d4be5349b3
think I have managed to show oEmbed images better now
2016-01-07 17:35:37 +01:00
Mikael Nordfeldth
9e5c71e701
Fixed group representation in Directory plugin, also some ->raw calls
2016-01-07 12:58:14 +01:00
Mikael Nordfeldth
839ae571d8
Define User_group::$profile_id among class variables
2016-01-07 12:12:27 +01:00
Mikael Nordfeldth
94392ab00c
Index the verb column since we do COUNT(*) based on it
2016-01-07 11:39:46 +01:00
Mikael Nordfeldth
05d3622939
Conversation entries where id==0 would screw up the "re-auto-increment" sequencing
2016-01-06 22:26:17 +01:00
Mikael Nordfeldth
f1c4c64cd9
Don't update stored URLs just because we have a filename
...
This would overwrite remote URLs with local verisons which removes source href...
The reason one might have filenames for remote URLs is that StoreRemoteMedia plugin
fetches them and uses the filename field.
2016-01-06 19:24:03 +01:00
Mikael Nordfeldth
346e34e543
Return dynamically generated URLs for thumbnails for all locally stored entries
2016-01-06 19:06:29 +01:00
Mikael Nordfeldth
4352d1739d
Always generate notice URLs on the fly for local notices
...
Related to issue #118
2016-01-06 16:24:33 +01:00
Mikael Nordfeldth
1a1e44cdfd
Issue #118 wanted better TOR support, now Avatar URLs are not stored
...
There was no reason to store the generated Avatar URLs because it's so
cheap to generate them on the fly.
2016-01-06 16:14:26 +01:00
Mikael Nordfeldth
7b2036a4b5
Note in the debug log if we render the HTML of a message
2016-01-06 15:37:30 +01:00
Mikael Nordfeldth
b596391fcd
Avoid having to check for notices without rendered copies in upgrade.php
...
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Mikael Nordfeldth
0fd2ad649e
Conversation IDs (again) no longer based on Notice ID
2016-01-06 13:58:46 +01:00
Mikael Nordfeldth
59d3bbe037
Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes
2016-01-06 00:53:20 +01:00
mmn
d45457e4a9
Merge branch 'nightly' into 'nightly'
...
only count post-notices (i.e. don't include activity-notices in statuses_count in the API)
See merge request !73
2016-01-05 23:53:08 +00:00
Mikael Nordfeldth
1946197a1c
Merge request #10 by aroque but in a slightly different version
2016-01-06 00:48:03 +01:00
hannes
32549cfd8c
$notices->verb = ActivityVerb::POST;
2016-01-05 23:29:48 +00:00
Mikael Nordfeldth
31c8416a8f
Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes
2016-01-06 00:24:41 +01:00
mmn
956e053da6
Merge branch 'lookup_url_fix' into 'nightly'
...
makes url lookup work and adds full url to href for shortened links
See merge request !74
2016-01-05 23:24:16 +00:00
Mikael Nordfeldth
792b62874e
Require Profile for Profile->getLists
2016-01-06 00:18:10 +01:00
hannes
1c25cffbd8
add $redir->redir_url to use in common_linkify()
2016-01-05 23:07:24 +00:00
Mikael Nordfeldth
3d66d960a1
Require Profile for Profile->getOtherTags
2016-01-06 00:07:15 +01:00
Mikael Nordfeldth
8ad6b8809a
Don't abort on too long notices in Notice::saveActivity
2016-01-05 17:31:09 +01:00
hannes
e10691abea
only count post-notices (i.e. don't include activity-notices in statuses_count in the API)
2016-01-05 14:19:33 +00:00
Mikael Nordfeldth
701f6ff608
Allow Profile->getCurrentNotice to send scoped profile info
...
not that we're using it anywhere (yet anyway).
2016-01-04 21:42:24 +01:00
Mikael Nordfeldth
6a16939830
Profile->getCurrentNotice handles PrivateStreamException
2016-01-04 21:38:41 +01:00
Mikael Nordfeldth
b4b57bba54
EmptyIdException to make sure we get the right in catch
2016-01-03 22:56:48 +01:00
Mikael Nordfeldth
7266a968f9
Err, forgot semicolon.
2016-01-03 22:22:58 +01:00
Mikael Nordfeldth
f467b89f40
Try-catch on profile deletion unsubscribe actions
2016-01-03 22:21:03 +01:00
Mikael Nordfeldth
c19964094b
Pending subscription requests now work as they should
...
A slight layout issue with the buttons still persists
2016-01-03 20:27:53 +01:00
Mikael Nordfeldth
b374e5f08b
If a user has a private stream, assume a moderated subscription policy
2016-01-03 19:33:26 +01:00
Mikael Nordfeldth
df0f9547b5
Handle private streams better (failed to show profile before)
2016-01-03 19:16:29 +01:00
Mikael Nordfeldth
336f099241
Don't store object type for verbs (as they don't have it)
2016-01-02 16:05:20 +01:00
Mikael Nordfeldth
0dfafe2567
NewnoticeAction now uses Notice::saveActivity(...)
2016-01-01 20:18:54 +01:00
Mikael Nordfeldth
f4309ed715
whitespace switch for code layout
2016-01-01 18:43:37 +01:00
Mikael Nordfeldth
e02c10a589
common_render_content doesn't require a Profile now
2016-01-01 18:40:58 +01:00
Mikael Nordfeldth
ad4beb9091
->getID() instead of ->id
2016-01-01 18:21:54 +01:00
Mikael Nordfeldth
10973dcf69
Don't require a notice object to common_linkify_mentions
2016-01-01 18:20:42 +01:00
Mikael Nordfeldth
86106b890a
Output fixed sizes of thumbnails so we don't get jumpy scrolling
2016-01-01 14:13:16 +01:00
Mikael Nordfeldth
7adf1c99fc
s/LOG_ERROR/LOG_ERR/
2015-12-31 13:04:50 +01:00
Mikael Nordfeldth
7f1ce07e9f
Logging destinations and unnecessary debug
2015-12-31 13:00:20 +01:00
Mikael Nordfeldth
6606781916
Proper error message in exception
2015-12-31 12:41:02 +01:00
Mikael Nordfeldth
df19791a8f
Wups, $notice not $stored in the old function...
2015-12-31 02:37:42 +01:00
Mikael Nordfeldth
8b0fdfb4a0
Notice conversation is perhaps not set yet
2015-12-31 02:35:13 +01:00
Mikael Nordfeldth
7cf6aaecd0
Don't do saveKnownReplies unless it's a verb=post
2015-12-31 02:31:35 +01:00
Mikael Nordfeldth
66289d3e76
Use recently implemented functions in saveKnownReplies
2015-12-31 02:22:49 +01:00
Mikael Nordfeldth
29847f172f
setPassword now runs validate too
2015-12-30 17:51:57 +01:00
Mikael Nordfeldth
d7a8ee99af
Added User->setPassword($password)
2015-12-30 17:44:24 +01:00
Mikael Nordfeldth
998db39b1a
Notification mails are sent again fixes ssue #99
...
The problem was that the ActivityVerbPostPlugin handled 'post' verbs
but didn't handle the notifications for them, so now we're returning
true in the event so the default behaviour (sending to 'getReplies'
recipients) is done by default.
2015-12-30 17:35:47 +01:00
hannes
08be0e5c67
fixes this issue: https://quitter.se/notice/4344600
2015-12-30 01:54:48 +00:00
Mikael Nordfeldth
4bc0b374bc
File_redirection should get URLs properly
2015-12-27 21:36:23 +01:00
Mikael Nordfeldth
556d6e198f
Confirm_address field address_extra _can_ be NULL
2015-12-27 15:01:28 +01:00
Mikael Nordfeldth
12d77ac3e4
varchar to text since there's no reason to limit the fields
...
They caused problems when quitter.se was upgrading because someone was
named ryanjjjjjjjjjjjjjjjjjjj[and more than 191 'j's] etc.
2015-12-27 11:50:11 +01:00
Mikael Nordfeldth
0ac71c2b7b
Duplicate URI means we have it already, I assume
2015-12-27 01:40:00 +01:00
mmn
48f31928e9
Merge branch 'autocomplete-group' into 'nightly'
...
Autocomplete group
Group autocompletion wasn't working for a couple of reasons:
1. $profile wasn't set (d8092207c0
)
2. Profile::getUri() wasn't working for Groups, causing Profile::getAcctUri() to throw a ProfileNoAcctUriException (3e830dad37
)
See merge request !68
2015-12-23 21:04:18 +00:00
Chimo
90945e548b
Profile_prefs::getAll fix prefs loop
...
DataObject::fetch doesn't return an object.
2015-12-17 14:58:06 +00:00
Chimo
71119e4980
Profile_prefs::getAll fix call to listFind
...
2nd argument needs to be an array
2015-12-17 14:55:39 +00:00
Chimo
3e830dad37
Make Profile::getUri work with Groups
...
and by extension Profile::getAcctUri
2015-12-15 21:50:10 -05:00
Mikael Nordfeldth
ef4c11d262
Better checks for defined array indexes
2015-12-15 11:50:57 +01:00
mmn
2dd968f94e
Merge branch 'group-join-rejections' into 'nightly'
...
Fix group-join request rejections
Relates to #105
See merge request !65
2015-12-14 20:48:18 +00:00
mmn
d5d8068632
Merge branch 'group-members-pending' into 'nightly'
...
Fix "pending members" group list
Related to #104
See merge request !64
2015-12-14 20:47:47 +00:00
Mikael Nordfeldth
20592f184d
getID() will complain loudly if something is wrong
...
(just ->id would not)
2015-12-14 21:44:59 +01:00
Mikael Nordfeldth
42c653a9d0
Merge commit '5c4a7a10' into nightly
...
hannes making sure notice is a repeat and not a delete activity notice
2015-12-14 21:42:08 +01:00