Commit Graph

147 Commits

Author SHA1 Message Date
Jeffery To
c17d7b671d Set returnto when redirected to login of a private install (for 0.9.x)
Can't use returnToArgs() because we don't have an action object yet.
2009-12-18 09:46:15 -05:00
Brion Vibber
3d6a55a49f Fix ticket 1816: Database errors recorded as "Array"
PEAR error backtrace lines are now correctly formatted as strings in debug log, roughly as debug_print_backtrace() does (but with argument values swapped out for types to avoid being overly verbose).

Todo: exceptions and PEAR error objects should log backtraces the same way; right now it doesn't look like exceptions get backtraces logged.

Todo: At one line per line, it's potentially tough to figure out what backtrace goes with what event if traffic is heavy; even if not heavy it's awkward to jump back into a log file after grepping to find the backtrace. Consider using a random per-event ID which can go in the log output -- bonus points for exposing the error ID to users so ops can track down actual error details in logs from a user report.
2009-11-17 09:07:44 -08:00
Craig Andrews
ed690615de Added a User_username table that links the external username with a StatusNet user_id
Added EmailAuthenticationPlugin
Added ReverseUsernameAuthenticationPlugin
Changed the StartChangePassword and EndChangePassword events to take a user, instead of a nickname
User::allowed_nickname was declared non-static, but used as if it was static, so I made the declaration static
2009-11-12 20:12:36 -05:00
Craig Andrews
1845c8c773 Added an AutoRegister event
LDAP plugin can do autoregistration
2009-11-05 16:40:41 -05:00
Zach Copley
fbeae99884 Allow all API calls, even if the site is configured as private. The
API Actions will decide whether something requires auth or a redirect.
2009-11-04 21:33:59 -08:00
Craig Andrews
cdbf7b1da5 Allow non-users to view the site's xrds when the site is private. Getting to closer to allow OpenID login on private sites. 2009-10-30 13:48:18 -04:00
Brenda Wallace
00c0becd56 more doxygen 2009-10-03 17:48:38 +13:00
Brenda Wallace
852f0c59a4 added doxygen 2009-10-03 17:40:53 +13:00
Evan Prodromou
8284b3cb82 Merge branch '0.8.x' into 0.9.x
Conflicts:
	actions/requesttoken.php
	classes/File.php
	install.php
	lib/noticeform.php
2009-09-23 09:45:22 -04:00
Evan Prodromou
42ba05de5f revert output buffering (costly) for ETags (low priority) 2009-09-23 09:33:40 -04:00
Evan Prodromou
e80fad7ad9 handle Godaddy-style PATH_INFO which includes the script 2009-09-19 15:06:16 -04:00
Brenda Wallace
e9bdc69651 @author tags updated -- only one entry per name now 2009-09-19 12:28:08 +12:00
Brenda Wallace
39aa9b3a9f fixed up space on @author tags 2009-09-17 20:15:15 +12:00
Sarven Capadisli
83b0916457 Updated csarven emails to csarven@status.net and removed dupes 2009-09-16 11:14:26 +02:00
Evan Prodromou
1618d515e6 dedupe evans 2009-09-15 22:30:52 -04:00
Evan Prodromou
6f531745ca change all evans to evan@status.net 2009-09-15 22:28:59 -04:00
Brenda Wallace
5ca90e2c8c pulled @author from git logs
Conflicts:

	install.php
2009-09-14 19:19:11 +12:00
Brenda Wallace
87c59fe873 fixed indentation for the pear code styles 2009-09-14 19:08:54 +12:00
Brenda Wallace
738b6d1690 lotsa of multiline if statements and function calls changed style to meat pear code style 2009-09-14 19:08:45 +12:00
Brenda Wallace
a2f4fe7fc8 fixed up if statements 2009-09-14 19:08:37 +12:00
Brenda Wallace
acd9e7c056 added most of the required doxygen 2009-09-14 19:08:16 +12:00
Craig Andrews
b9e4b6dd49 Generate ETags for pages which don't specify themselves. 2009-09-13 17:30:50 -04:00
Evan Prodromou
5d09b6b3f0 Merge branch '0.8.x' into 0.9.x
Conflicts:
	EVENTS.txt
	actions/finishremotesubscribe.php
	actions/postnotice.php
	actions/public.php
	actions/remotesubscribe.php
	actions/showstream.php
	actions/updateprofile.php
	actions/userauthorization.php
	classes/laconica.ini
	lib/common.php
	lib/oauthstore.php
	lib/omb.php
2009-08-27 11:16:45 -07:00
Evan Prodromou
df86aa7214 define LACONICA and accept LACONICA for backwards compatibility 2009-08-26 10:41:36 -04:00
Evan Prodromou
3567b9d708 global search and replace for laconica -> statusnet 2009-08-25 18:53:24 -04:00
Evan Prodromou
865b716f09 change LACONICA to STATUSNET 2009-08-25 18:42:34 -04:00
Evan Prodromou
4737563b95 a distributed -> the distributed 2009-08-25 18:14:12 -04:00
Evan Prodromou
c8b8f07af1 change Laconica and Control Yourself to StatusNet in PHP files 2009-08-25 18:12:20 -04:00
Evan Prodromou
9f356b55c6 Merge branch '0.9.x' into openidplugin
Conflicts:
	actions/login.php
	actions/register.php
2009-08-21 16:27:43 -04:00
Evan Prodromou
b2664e1ae2 Merge branch '0.8.x' into 0.9.x
Conflicts:
	actions/updateprofile.php
	actions/userauthorization.php
	classes/User_group.php
	index.php
	install.php
	lib/accountsettingsaction.php
	lib/logingroupnav.php
2009-08-21 15:42:11 -04:00
Craig Andrews
091152b6a5 Merge commit 'jeff-themovie/0.8.x-private-returnto' into 0.8.x 2009-08-11 10:42:04 -04:00
Jeffery To
e432df76d5 Set returnto when redirected to login of a private install 2009-08-11 21:55:24 +08:00
Jeffery To
fedadd5c5b Added opensearch to the list of public actions.
IE7+ will ask for this (opensearch/people and opensearch/notice) on every page access, and as the content is not sensitive, returning it is better than a 307 redirect.
2009-08-11 21:00:51 +08:00
Jeffery To
14b46e2183 Added configuration option to only allow OpenID logins.
If $config['site']['openidonly'] is set to true:
* the Login/Register pages will be removed from the navigation;
* directly accesses to the Login/Register pages will redirect to the
  OpenID login page;
* most links to the Login/Register pages will link to the OpenID login
  page instead.

The user will still need to set a password to access the API and RSS
feeds.
2009-08-10 13:57:39 +08:00
Christopher Vollick
69fb7817ef $args Was Out Of Scope in CheckMirror.
It looks like when the code was factored out no one noticed this variable doesn't exist here.
2009-08-07 13:33:27 -04:00
Evan Prodromou
628a937108 say that it's OK to do OpenID login in private mode 2009-08-04 13:01:23 -04:00
Evan Prodromou
abffaebebd event for determining if an action is a login action 2009-08-04 11:13:47 -04:00
Tom Adams
961d2a812f lighttpd rewrites now possible in other directories. 2009-08-04 01:24:30 +01:00
Tom Adams
06a41d4516 Enable 404-based rewrites for lighttpd installations in / 2009-08-04 01:24:28 +01:00
Tom Adams
63e8f15448 /check-fancy now works when installed in root dir. 2009-07-29 21:50:21 -04:00
Jeffery To
ae6a3e258d Adds HTTP basic authentication for private RSS 1.0 feeds 2009-07-14 03:45:12 +08:00
Evan Prodromou
fb84c35035 don't need config in main anymore 2009-06-27 07:43:58 -07:00
Evan Prodromou
71dad1ff62 use the session class to store sessions 2009-06-27 06:20:24 -07:00
Evan Prodromou
09010c4c2b show backtrace on error 2009-06-25 11:08:55 -07:00
Evan Prodromou
aec6456c91 Update copyright dates in files modified in 2009 2009-06-20 16:12:55 -07:00
Evan Prodromou
793a6a1155 change Controlez-Vous to Control Yourself 2009-06-20 16:00:04 -07:00
Evan Prodromou
9addfeacfd better handling of PEAR errors 2009-06-14 14:01:11 -07:00
Evan Prodromou
0b53a820c2 Merge branch '0.8.x' of git@gitorious.org:laconica/dev into 0.8.x 2009-05-26 17:28:12 -04:00
Evan Prodromou
76aa85fe5e Merge branch '0.8.x' into stats
Conflicts:
	README
2009-05-25 22:47:23 -04:00
Robin Millette
01ce677ae3 Small bugfix to installer fixing fancy URL detection. 2009-05-25 16:49:32 +00:00
Sarven Capadisli
8b5bcae58f Merge branch '0.7.x' into 0.8.x
Conflicts:

	EVENTS.txt
2009-05-18 23:28:08 +00:00
Robin Millette
5897dfa4c3 Refactored new sections code to proper classes and added notice link to links in notice sections. 2009-05-17 22:06:08 -04:00
Robin Millette
f3ea79a12a Added site path field to installer + fancy URL javascript auto-detection. 2009-05-17 00:05:07 -04:00
Evan Prodromou
6b4410d9ea add a hook to muck around with the arguments array after it's initialized 2009-05-15 15:07:23 -04:00
Evan Prodromou
b140bcdee4 Added Snapshot::check() to main function for index.php 2009-04-23 03:35:18 -04:00
Evan Prodromou
e9e75fc9d5 isReadOnly() now takes arguments
Add an array of arguments to isReadOnly() method of actions, to let
them change their results depending on what actions are called.
Primarily used by the 'api' action. Ideally in the future that will be
multiple actions. But this might still be useful.
2009-04-13 15:49:26 -04:00
Evan Prodromou
745cdd206c fixup config errors 2009-03-11 23:43:03 -04:00
Evan Prodromou
8cc19b90ee Merge branch '0.7.x' of git@gitorious.org:laconica/dev into 0.7.x 2009-03-04 11:05:58 -08:00
Evan Prodromou
f9babf6a7d Check for config file when running
When running the full system, check for a config file, and throw an
error if none is found.
2009-03-04 06:24:33 -08:00
CiaranG
7279554681 Additional (optional, defaults to off) logging of PEAR error details, which allows database issues to be more easily diagnosed. 2009-03-04 00:23:34 +00:00
Evan Prodromou
424388611a accidentally used as a global in index.php 2009-02-20 16:46:26 -05:00
Evan Prodromou
5c59c0d90c avoid notices on undefined array elements 2009-02-20 16:44:56 -05:00
Evan Prodromou
a845d06c77 ignore no-data error, since we use it all the time 2009-02-12 06:49:34 -05:00
Evan Prodromou
b5cc7e4aab Handle DB_DataObject errors better
We try to handle DB_DataObject errors a little bit better. Previously,
they just spit out a cryptic string to the browser with a suggestion
to turn on debugging (not a good idea!). So, we catch the error, write
the full error message to the log, and then tell users that the can
contact the admins if they need to.
2009-02-11 14:45:06 -05:00
Evan Prodromou
bba1dbdb40 Use a router singleton 2009-02-11 00:45:11 -05:00
Evan Prodromou
7b9e69eb89 integrate URL routing into core code 2009-02-10 22:32:38 -05:00
Evan Prodromou
9e23b5c5d7 Change action autoloading to allow actions in plugins
Since plugins may define custom actions, we shouldn't require that
there be a file in our actions/ subdir for every action. So, I changed
the (admittedly hackish) auto-loading code in index.php so it instead
checks whether a class exists with the expected name. This, in turn,
uses the increasingly hacking __autoload() function, which I changed
to auto-load stuff named "BlahblahAction" from the actions subdir if
available.
2009-02-09 11:46:26 -05:00
Evan Prodromou
f4e8cc6d9f Add InitializePlugin and CleanupPlugin events
We add two events to allow plugins to initialize and cleanup.
2009-02-09 08:44:30 -05:00
Evan Prodromou
5466f6a6d0 Better exception handling in index
Some better exception handling in Web entry point.
2009-02-09 07:25:35 -05:00
Evan Prodromou
aa06d760b3 Index and Action use Exceptions
Main Web entry point accepts exceptions, and main code in Action
throws them.
2009-02-09 07:15:52 -05:00
Evan Prodromou
f294eab92a is_readonly() -> isReadOnly() 2009-01-15 23:07:49 +00:00
Evan Prodromou
b8c0091390 first step of phpcs-cleanup of index.php
darcs-hash:20081221002332-84dde-5834e12499fff0a23a8a6a76018f8beaa5ea8a96.gz
2008-12-20 19:23:32 -05:00
Evan Prodromou
3ee84b3bfa allow recoverpassword in private mode
darcs-hash:20081203185254-5ed1f-3dea8c6396ee3a05e2fff7ec02023f50c3d38515.gz
2008-12-03 13:52:54 -05:00
Evan Prodromou
301f5a176c allow registrations even when site is private (for invites, etc.)
darcs-hash:20081203184748-5ed1f-b3c3236d17457a112db53595d64c5a41e9a9d2a2.gz
2008-12-03 13:47:48 -05:00
Evan Prodromou
a84394f827 add finishopenidlogin to list of actions that anon users can do
darcs-hash:20081203183638-5ed1f-f54d43e62dca66d9ebbd1203549e63c165510b22.gz
2008-12-03 13:36:38 -05:00
Evan Prodromou
8c10b0ac4d fine-tuning the privacy flag
darcs-hash:20081203183432-5ed1f-7626661b797f64594f990ee06d9e13b73b265b49.gz
2008-12-03 13:34:32 -05:00
Evan Prodromou
06b234c397 allow doc and api calls from private
darcs-hash:20081203182830-5ed1f-ad1c3c585984cb4e27b078964d6f96bd7d8e05d8.gz
2008-12-03 13:28:30 -05:00
Evan Prodromou
624940a9f4 if the site is marked as private, redirect anon users to login
darcs-hash:20081203182421-5ed1f-9a8569a5b38ca15c7ae83438a59a05f8b07215bd.gz
2008-12-03 13:24:21 -05:00
Evan Prodromou
96df5916ad change Action::init() to Action::prepare() to avoid conflict with RSS10Action::init()
darcs-hash:20081203173225-5ed1f-e5ebfb202ed4a84c90851d0faa025ad09774d2c3.gz
2008-12-03 12:32:25 -05:00
Evan Prodromou
09a9b76ffe init() returns boolean success value
darcs-hash:20081202040549-5ed1f-b23a6b80b6e1823a97a7b446d9c4e59f8744b904.gz
2008-12-01 23:05:49 -05:00
Evan Prodromou
d268703d69 add init, last_modified to actions
darcs-hash:20081202034736-5ed1f-e096ab5e9a77d2bb74c949659966d400cbc9a149.gz
2008-12-01 22:47:36 -05:00
Evan Prodromou
4c8dfadf2d make init of lang environment happen earlier, or when user language may have changed
darcs-hash:20080806034515-84dde-e32cbfec2890f50b610d0441659180038b060473.gz
2008-08-05 23:45:15 -04:00
Evan Prodromou
fdc7950e33 use a random mirror
darcs-hash:20080724171213-84dde-4668d0e57ce1766da7df22a5372aa94466b2fae5.gz
2008-07-24 13:12:13 -04:00
Mike Cochrane
87b494f1eb Convert _t() to _() for gettext.
darcs-hash:20080708094531-533db-83399a46e6ec4c0fcc6249b0235961f969d1ae73.gz
2008-07-08 05:45:31 -04:00
Gina Haeussge
e3e047b24a Validate action parameter
Make sure the action request parameter only consists of a-z, A-Z, 0-9, _ or -
to discourage tampering with the following require_once.

darcs-hash:20080704194114-2b4f5-2bec30d7d40d7c7bd2c747ef3c805dbf720f6159.gz
2008-07-04 15:41:14 -04:00
Evan Prodromou
a69dbe7cd5 remove check immediate
After getting a lot of problems and bugs with this, I'm removing the
check_immediate code. Instead, I'm going to add this functionality in
JavaScript. I think that's a preferred practice, anyways.

darcs-hash:20080622173341-34904-3c406ca9a33dbe3afeacebef1a63d0dd101669c4.gz
2008-06-22 13:33:41 -04:00
Evan Prodromou
171b4f72ee immediate mode for openid
darcs-hash:20080619134710-84dde-6086a4ac7bbd72a251fe5ce6fe3156e3270ebd74.gz
2008-06-19 09:47:10 -04:00
Evan Prodromou
52600ce0b0 trim whitespace
darcs-hash:20080520191412-84dde-a607dbe848279639630edd1ab4616d05cc2318d1.gz
2008-05-20 15:14:12 -04:00
Evan Prodromou
749178f343 better headers
Added H1 headers to all pages. Added H2 headers to sections of pages,
where appropriate.

Moved a lot of TODOs around.

Made the public stream the default if no action is specified.

darcs-hash:20080519141219-84dde-f9917a8351596060faa7ff5d231417773764a8fd.gz
2008-05-19 10:12:19 -04:00
Evan Prodromou
80ee6ee1d2 change from class call on action to obj call
darcs-hash:20080517163917-84dde-c9e0953e6074e66d427164e7cfad1ca1cf27553b.gz
2008-05-17 12:39:17 -04:00
Evan Prodromou
669f494922 add action class to default loads
darcs-hash:20080517161817-84dde-a28288b093f40eda0d8444f54eca818b2c65a735.gz
2008-05-17 12:18:17 -04:00
Evan Prodromou
eb4c69ef27 correct placement of common
darcs-hash:20080517154942-84dde-d671f0805fc47c4321d84d3e1c1aea6a11d46395.gz
2008-05-17 11:49:42 -04:00
Evan Prodromou
3b14b7901c fixes to make it all lint
Ran everything through php -l, found out that it didn't compile.

So: fixed the am-I-running-in-Laconica check at the top of each file.
Some syntax fixes in shownotice, showstream, common.

darcs-hash:20080517154701-84dde-8d38da89c5b9cb3b40704adb04a4de880c204181.gz
2008-05-17 11:47:01 -04:00
Evan Prodromou
b6cfd2dffe license block for source code
Added GNU Affero GPL license block to source code.

Added name "LACONICA". I think it should work fine.

darcs-hash:20080514192648-84dde-a430dc438a4e3741c62ccf30ee7f85ecc968b159.gz
2008-05-14 15:26:48 -04:00
Evan Prodromou
0036795582 deny access to include files
darcs-hash:20080514190009-84dde-30f0f1b5955d71cd85563e12078ab02bf8645524.gz
2008-05-14 15:00:09 -04:00
Evan Prodromou
67a347bafb considerable coding
darcs-hash:20080514145436-84dde-d0994cb35d3fe8545d3f08abeec3cdfe7559c67d.gz
2008-05-14 10:54:36 -04:00
Evan Prodromou
c47de27c11 beginnings of PHP
darcs-hash:20080507164807-84dde-ef7d205a0fedca42064a337786d2f203cdcc5a45.gz
2008-05-07 12:48:07 -04:00