Commit Graph

3325 Commits

Author SHA1 Message Date
Mikael Nordfeldth
8912cdc7a4 Validate::uri replaced with filter_var for HTTP[S] URL checks
Also, a bug in checking the OAuth callback URL for validity was fixed,
where it referenced the wrong variable when going through form data.
2013-10-07 14:46:09 +02:00
Mikael Nordfeldth
2c0790be54 Let the SearchEngine take care of the search, and showJsonTimeline is good enough for now
I bet JSONSearchResultsList is a good idea, but we have no immediate use of it right now.

And it's better if the SearchEngine can take care of all that jazz.
2013-10-06 23:09:57 +02:00
Mikael Nordfeldth
87370f0cb1 URL shortening can now be disabled for the 'maxurllength'
Also, URL shortening now consistently uses 'maxurllength'...
2013-10-06 22:35:49 +02:00
Mikael Nordfeldth
34a6624452 Qvitter API changes (thanks hannes2peer)
I implemented changes from quitter.se's new API that their front-end qvitter
uses, https://github.com/hannesmannerheim/qvitter/blob/master/api-changes-1.1.1/CHANGES

However I left out the URL shortening commens, since I believe whatever behaviour
they experienced that caused them to implement this was a bug (or many) and should
be fixed in their proper areas and that shortening should not be entirely left
out in API calls.
2013-10-06 21:51:50 +02:00
Mikael Nordfeldth
fb94a16217 Moved Avatar retrieval into Avatar class
Backwards compatible functions are still in Profile class.
2013-10-06 15:55:06 +02:00
Mikael Nordfeldth
78f9629bf3 Moved shareLocation preference check to Profile class 2013-10-06 13:38:09 +02:00
Mikael Nordfeldth
cc34bb48c7 OAuth related syntax fixes, nothing big
Making better use of class autoloading too.
2013-10-06 12:43:18 +02:00
Mikael Nordfeldth
48da97f204 MediaFile code improvements, preparing to implement multi-attachments
Maybe in the future we can use this for anonymous file uploads too?
With some kind of anonymous/pseudonymous profile. That'd be neat.
2013-10-05 18:47:45 +02:00
Mikael Nordfeldth
39f43e415d Do not name anything getOriginal (because DB_DataObject calls that)
Avatar->getOriginal has been renamed getUploaded
Notice->getOriginal has been renamed getParent
2013-10-02 15:01:11 +02:00
Mikael Nordfeldth
7979918ba9 Various minor Avatar fixes, but pretty necessary.
One typing thing. And a missed exception case.

Get src from displayUrl() instead of url for example.
2013-10-02 14:49:01 +02:00
Mikael Nordfeldth
1d46ca45d1 PHP Notice: Undefined variable: logo
It was reported in actions/apitimelinetag.php on line 142
2013-10-01 17:07:16 +02:00
Mikael Nordfeldth
b0dfc70a54 Properly unlink all old avatars when deleting/uploading a new
We're also now using $config['image']['jpegquality'] to determine the
quality setting for resized images.

To set Avatar max size, adjust $config['avatar']['maxsize']

The getAvatar call now throws exceptions too. Related changes applied.
Now let's move Profile->avatarUrl to the Avatar class!
2013-10-01 17:00:10 +02:00
Mikael Nordfeldth
a23c4aa236 Avatar resizing improvements and better code reuse
* getOriginal added to Avatar class
    This is a static function that retrieves the original avatar in a leaner
    way than Profile->getOriginalAvatar() did (see below).
    This will throw an Exception if there was none to be found.

* getProfileAvatars added to Avatar class
    This gets all Avatars from a profile and returns them in an array.

* newSize added to Avatar class
    This will scale an original avatar or throw an Exception (originally from
    Avatar::getOriginal) if one wasn't found.

* deleteFromProfile added to Avatar class
    Deletes all avatars for a Profile. This makes the code much smarter when
    removing all avatars from a user.
    Previously only specific, hardcoded (through constants) sizes would be
    deleted. If you ever changed lib/framework.php then many oddsized avatars
    would remain with the old method.

* Migrated Profile class to new Avatar::getOriginal support
    Profile class now uses Avatar::getOriginal through its own
    $this->getOriginalAvatar and thus remains backwards compatible.

* Updating stock GNU Social to use Avatar::getOriginal
    All places where core StatusNet code used the
    $profile->getOriginalAvatar, it will now useAvatar::getOriginal with
    proper error handling.

* Updated Profile class to use Avatar::newSize
    When doing setOriginal, the scaling will be done with the new method
    introduced in this merge.
    This also edits the _fillAvatar function to avoid adding NULL values to
    the array (which causes errors when attempting to access array entries as
    objects). See issue #3478 at http://status.net/open-source/issues/3478
2013-09-30 22:23:03 +02:00
Mikael Nordfeldth
a0e107f17f Implemented WebFinger and replaced our XRD with PEAR XML_XRD
New plugins:
* LRDD
    LRDD implements client-side RFC6415 and RFC7033 resource descriptor
    discovery procedures. I.e. LRDD, host-meta and WebFinger stuff.

    OStatus and OpenID now depend on the LRDD plugin (XML_XRD).

* WebFinger
    This plugin implements the server-side of RFC6415 and RFC7033. Note:
    WebFinger technically doesn't handle XRD, but we serve both that and
    JRD (JSON Resource Descriptor), depending on Accept header and one
    ugly hack to check for old StatusNet installations.

    WebFinger depends on LRDD.

We might make this even prettier by using Net_WebFinger, but it is not
currently RFC7033 compliant (no /.well-known/webfinger resource GETs).

Disabling the WebFinger plugin would effectively render your site non-
federated (which might be desired on a private site).

Disabling the LRDD plugin would make your site unable to do modern web
URI lookups (making life just a little bit harder).
2013-09-30 22:04:52 +02:00
Joshua Judson Rosen
90858804bc Allow the hostmeta to indirect from one domain to another.
e.g.: rozzin@hackerposse.com => rozzin@status.hackerposse.com.
2013-09-29 23:13:45 +02:00
Mikael Nordfeldth
858d9cc3c4 maxNoticeLength test for url-shortening failed on maxContent==0
maxContent==0 implies that a notice text can be infinitely long, but
this value was directly transferred to maxNoticeLength, where 0 was
tested if it was longer than the notice length - which of course always
was false.

This commit fixes the problem for infinite length notices that always
got shortened.
2013-09-25 22:48:32 +02:00
Mikael Nordfeldth
64df40e409 Filling in missing endHTML calls for Action AJAX
This completes 1c6f9df80e where a lot
of other functions were fixed (by conforming to startHTML and endHTML)
2013-09-24 02:32:17 +02:00
Mikael Nordfeldth
1c6f9df80e PHP5.5 fix: Better use of startXML for Action classes (mostly AJAX)
I had a problem with PHP5.5 that caused ajax responses to be empty. This
fixes it, as the problem was related to pretty inconsistent calling to
headers, XMLWriter::startDocument etc. etc.
2013-09-24 01:18:33 +02:00
Marcel van der Boom
e9f2a1847d Wrong call signature used for Event::handle
Call needs 2nd parameter to be array.
2013-09-23 14:43:44 +02:00
Mikael Nordfeldth
5f1fea1488 FavorAction upgraded to extend FormAction
Includes some minor changes to other things as well, such as the session
token input element now having the same 'name' attribute as everyone else.
(it still retains a 'token-'+noticeid 'id' attribute for clientside JS)
2013-09-23 13:06:09 +02:00
Mikael Nordfeldth
63306081bc Subscription "get by" functions now don't use ArrayWrappers
They were getting in the way of some strict-typing stuff.
2013-09-21 18:38:14 +02:00
Mikael Nordfeldth
93e878d7ca Make better use of Subscription class
removed lib/subs.php as it was essentially only a wrapper for Subscription
2013-09-19 17:29:05 +02:00
Mikael Nordfeldth
c3001ff82b url shortening fixes for api config and not ur1.ca
Will have to change the 'maxnoticelength' code to stop shortening ALL
links if the setting for infinitely long notices is configured.
2013-09-19 01:11:47 +02:00
Mikael Nordfeldth
31bace8cfd updated and moved jquery-jcrop (no longer .min.js)
This won't run properly if other scripts stop javascript execution before
it's time to crop (such as in the Bookmark plugin, which when writing this
hasn't been migrated to Jquery 2.x - so it stops on a '.die' call).

Some images were cleaned up from the theme/base/images/illustrations too.
2013-09-14 13:31:16 +02:00
Jean Baptiste Favre
f0d86cdb64 Add 'twitter:title' meta tag support. 2013-09-10 11:16:34 +02:00
Jean Baptiste Favre
ade8c6992e Twitter cards implementation. Currently only supports 'photo' cards. 2013-09-10 11:16:27 +02:00
Mikael Nordfeldth
a9c4bcd71f Removing unnecessary require_once lines (autoload!) 2013-09-09 23:06:56 +02:00
Mikael Nordfeldth
747fe9d59b Tidying up getUser calls to profiles and some events
getUser calls are much more strict, and one place where this was found was
in the (un)subscribe start/end event handlers, which resulted in making the
Subscription class a bit stricter, regarding ::start and ::cancel at least.
Several minor fixes in many files were made due to this.

This does NOT touch the Foreign_link function, which should also have a more
strict getUser call. That is a future project.
2013-09-09 23:03:34 +02:00
Mikael Nordfeldth
c5bf6cb05e Using a bit more of $this->scoped (Action parent class)
$this->scoped is the currently active profile, which is intended
to replace the $user object in the long run...
2013-09-09 20:45:20 +02:00
Mikael Nordfeldth
b2a0aa20bf NewapplicationAction converted to FormAction
Cutting down on a bunch of redundant code. We're reusing a lot of stuff
from FormAction and Action now instead of having copies of code all over.
2013-09-02 12:13:46 +02:00
Mikael Nordfeldth
f0e967fefd needLogin renamed checkLogin and made a property
Action extended classes now can set 'needLogin' as a protected property,
which is defaulted to 'false'. However, FormAction defaults this to 'true'
because most of the form actions will require a current login to be valid.

NewgroupAction, NewmessageAction, NewnoticeAction are all affected by this
commit and in the future we will migrate each potential formaction to the
proper class parent tree. :)
2013-09-02 11:58:47 +02:00
Mikael Nordfeldth
e5e3aeb4e6 newmessage (and Message class) fixed for FormAction
Also added a needLogin function to the Action class, which will do
redirect to login page with proper returnto setting.
2013-09-02 11:05:30 +02:00
Mikael Nordfeldth
89b10666bb IMPORTANT: parent::handlePost() in NewnoticeAction
otherwise we don't do csrf checking etc...
2013-09-02 11:05:21 +02:00
Mikael Nordfeldth
0612e5ec87 NewnoticeAction converted to extend FormAction
There are still several improvements which can be made, such as not
having an entirely separate setup of ajax form functions. Instead
those should be implemented in FormAction. But at least now we got
rid of the redundant code use in prepare/handle.
2013-09-01 20:56:35 +02:00
Mikael Nordfeldth
83000f6f5e Proper definition of $args array in NewgroupAction->prepare
Also, there is no need to do 'return' after throwing a ClientError
Exception. And we'll use the Action->clientError for logging benefits
until the error handling is properly done all the way to backend.
2013-09-01 19:44:09 +02:00
Mikael Nordfeldth
cfa699e445 NewgroupAction converted to extend FormAction
Had to change Action function 'prepare' to 'protected', as you can't
(of course) protect something that's been public in a parent class. The
other way around seems fine for PHP... Eventually all actions will have
protected 'prepare' (use execute/run)

A feature of the previously fixed initialization of Action classes, is
that we now have $this->scoped which is the current profile in use. As
of now that is always a local User, except the corresponding Profile
object.

Also, instead of calling 'showForm' everywhere, in case of an error we
just throw an exception of some sort and pass the message along there.

I've also introduced in FormAction the 'showInstructions' function in
order to get a unified instructions/info/error display method.

TODO: Improve info/error message handling, and what/when/where to show.
2013-08-31 18:01:13 +02:00
Mikael Nordfeldth
2a4dc77a63 The overloaded DB_DataObject function staticGet is now called getKV
I used this hacky sed-command (run it from your GNU Social root, or change the first grep's path to where it actually lies) to do a rough fix on all ::staticGet calls and rename them to ::getKV

   sed -i -s -e '/DataObject::staticGet/I!s/::staticGet/::getKV/Ig' $(grep -R ::staticGet `pwd`/* | grep -v -e '^extlib' | grep -v DataObject:: |grep -v "function staticGet"|cut -d: -f1 |sort |uniq)

If you're applying this, remember to change the Managed_DataObject and Memcached_DataObject function definitions of staticGet to getKV!

This might of course take some getting used to, or modification fo StatusNet plugins, but the result is that all the static calls (to staticGet) are now properly made without breaking PHP Strict Standards. Standards are there to be followed (and they caused some very bad confusion when used with get_called_class)

Reasonably any plugin or code that tests for the definition of 'GNUSOCIAL' or similar will take this change into consideration.
2013-08-18 13:13:56 +02:00
Mikael Nordfeldth
ea837cea67 added missing return statement after showForm call
Issue #3125 at http://status.net/open-source/issues/3125 (and its duplicate 3127) describe buggy behaviour when trying to create a new group - i.e. the group is still created but with nickname NULL.

The reason the group is created is that when failing Nickname::normalize, the function trySave() in actions/newgroup.php doesn't call 'return' - meaning it just keeps going despite the error thrown. It a

So the simple solution to this bug was adding a return call at line 128, inside the catch just after the showForm(...) call.
2013-08-12 12:44:19 +02:00
Mikael Nordfeldth
3ad3535cd8 Merge commit 'refs/merge-requests/230' of git://gitorious.org/statusnet/mainline into merge-requests/230 2013-08-12 12:37:46 +02:00
Jean Baptiste Favre
c23efdbdb0 PHP 5.4 compatibility: remove call-time pass by reference 2013-06-19 11:16:05 +02:00
Jean Baptiste Favre
fcdd4d2cf0 Fix introduced bug, trying to shorten an empty status. 2013-06-15 19:07:43 +02:00
Jean Baptiste Favre
58a2630933 Code cleaning. Do call shortenLinks only once, right before saving new notice. 2013-06-15 19:07:43 +02:00
Jean Baptiste Favre
344a10be8b Code cleaning, remove 'TEST' tags. 2013-06-15 19:07:43 +02:00
Jean Baptiste Favre
ec072e0af7 Notice update with media attachment may fail through API when status text + attachment length get higher than max notice length. Calling URL shortener can make global length less than maxlength, though allowing notice update. 2013-06-15 19:07:43 +02:00
Jean Baptiste Favre
6d47fadf42 Fix introduced bug, trying to shorten an empty status. 2013-06-15 19:04:32 +02:00
Jean Baptiste Favre
54374365e9 Code cleaning. Do call shortenLinks only once, right before saving new notice. 2013-06-15 19:04:31 +02:00
Jean Baptiste Favre
f803b22752 Code cleaning, remove 'TEST' tags. 2013-06-15 19:04:31 +02:00
Jean Baptiste Favre
6387e0a90d Notice update with media attachment may fail through API when status text + attachment length get higher than max notice length. Calling URL shortener can make global length less than maxlength, though allowing notice update. 2013-06-15 19:04:31 +02:00
Jean Baptiste Favre
180cc39c4a Fix for #3649 issue. 2013-06-15 17:01:10 +02:00
Jean Baptiste Favre
b23a744fba Fix for #3649 issue. 2013-06-15 16:58:50 +02:00
Jean Baptiste Favre
359f3ca113 Fix for #3651: oAuth apps list does only show the latest registered application 2013-06-15 14:19:15 +02:00
Jean Baptiste Favre
4284f28dec Fix for #3651: oAuth apps list does only show the latest registered application 2013-06-15 14:09:46 +02:00
Evan Prodromou
6aaee4e5fe $this->q => $q 2012-11-11 22:55:22 -05:00
Evan Prodromou
edf2879021 Divert tag and url searches 2012-11-11 21:27:11 -05:00
Evan Prodromou
64288a62f8 Adding a search notice stream object 2012-11-11 21:05:13 -05:00
Evan Prodromou
c809dd24c5 Don't show big invite button if invites are disabled 2012-10-17 10:10:42 -04:00
Evan Prodromou
86e3cbbcce Don't show big invite button if invites are disabled 2012-10-17 10:09:40 -04:00
Evan Prodromou
46f6b2c119 Don't call free on the results of a member query 2012-07-04 14:45:50 -04:00
Evan Prodromou
ae84e8f524 Use the current logged-in use for home timeline 2012-07-03 12:22:59 -04:00
Evan Prodromou
b4da5f3785 Merge branch 'master' into 1.0.x
Conflicts:
	plugins/Blacklist/BlacklistPlugin.php
2012-03-08 06:08:11 -06:00
Siebrand Mazeland
de7ad991f9 Consistency update. 2012-03-05 00:38:39 +01:00
Evan Prodromou
23bafaba26 add canonical rel 2012-01-26 11:02:29 -05:00
Evan Prodromou
25f1e16952 Revert "don't show profile page of silenced users"
This reverts commit 7bb59ad2a1.
2011-12-31 09:34:59 -08:00
Evan Prodromou
7bb59ad2a1 don't show profile page of silenced users 2011-12-31 09:09:07 -08:00
Evan Prodromou
c9fbe2ead7 remove common_debug() from search.json, search.atom 2011-12-30 22:23:50 -08:00
Evan Prodromou
eb05bdfcaf remove debug message I'm sick of seeing 2011-12-30 22:16:22 -08:00
Michele macno Azzolari
ad2fd9abd4 Fix whitescreen on recoverpassword with unknown user 2011-12-02 15:48:29 -05:00
Siebrand Mazeland
c2db2483a0 Remove trailing whitespace in UI text. 2011-10-29 14:34:50 +02:00
Evan Prodromou
b8079549ce Include the current profile in popular notice section for all 2011-10-20 10:54:33 -04:00
Evan Prodromou
22fead1b46 Squashed commit of the following:
commit fb1dfa9e98ded23fb5bdebae6465424a8cb8acd6
Author: Evan Prodromou <evan@status.net>
Date:   Thu Oct 20 10:40:07 2011 -0400

    Use popular notice stream for favorited page

commit e1d409ff738e39061ad35589d546ce9bed456975
Author: Evan Prodromou <evan@status.net>
Date:   Thu Oct 20 10:32:23 2011 -0400

    Use a caching stream for popular notice section

    Instead of a big cached query, we now use a caching notice stream for
    the popular notice section. It uses a single-table query at the
    bottom, then scopes the notices and filters for silenced users. This
    should be much nicer to our database servers.

    Also clears the popular cache when someone favors or disfavors
    something. A nice optimization would be to save the last weights and
    re-calculate them at invalidation time, adding the new notice (or not)
    depending on its own score. That will have to wait for another day,
    though.

commit e9b7ab4c26c95e755adaff53c3957dcfca31c16b
Author: Evan Prodromou <evan@status.net>
Date:   Thu Oct 20 10:31:14 2011 -0400

    Let CachingNoticeStream users skip the ';last' optimization
2011-10-20 10:40:39 -04:00
Siebrand Mazeland
7602f605d5 Remove unneeded trailing space. 2011-10-10 15:06:39 +02:00
Siebrand Mazeland
436068dc0d Use getBestName() instead of nickname per FIXMEs.
Update translator documentation.
2011-10-10 15:05:43 +02:00
Evan Prodromou
c85abebc36 Remove missing twittersettings page from subscriptions helper 2011-10-03 09:13:54 -04:00
Evan Prodromou
82badb19c7 Move docs menu to site primary menu 2011-09-30 14:24:27 -04:00
Evan Prodromou
636455ad82 Fix conflict between URL parameter and POST parameter with groups
Group edit page is at /group/:nickname/edit. There's also a form
parameter named 'nickname'. The two were conflicting.

I changed the form parameter to 'newnickname' and it works.

I'm not sure how this ever worked before, though.
2011-09-30 11:48:00 -04:00
Evan Prodromou
cd6e0a920f slightly better usergroups pagination 2011-09-30 11:38:54 -04:00
Evan Prodromou
9ba736c032 Add a dummy 'top' action to take you to the main page of the site 2011-09-30 09:45:17 -04:00
Evan Prodromou
32845a1051 Make lists work in single-user mode
Added routes to the router for list pages in single-user mode.

For each of the actions in those routes, use the global single-user
nickname rather than a nickname URL argument to determine the tagger ID.

In nav, and for Ajax, provide the right nicknames.
2011-09-29 12:29:12 -04:00
Evan Prodromou
9f954eddc5 remove unsupported hcard action 2011-09-27 11:43:41 -04:00
Evan Prodromou
5eddfd1eab remove unlinked publicpeopletagcloud 2011-09-27 10:55:10 -04:00
Evan Prodromou
2678b937b1 fix problem with missing list subscribers 2011-09-26 16:15:38 -04:00
Evan Prodromou
8e04dce947 Old-school settings page
A page to set or remove old-school settings.
2011-09-24 10:14:45 -04:00
Evan Prodromou
ae0b4d49c7 optional conversation tree view 2011-09-24 09:29:12 -04:00
Evan Prodromou
ddc121c085 New table for all old-school UI prefs 2011-09-24 07:12:34 -04:00
Evan Prodromou
02a30cf47c start using stream mode prefs instead of separate parameter 2011-09-23 17:50:38 -04:00
Evan Prodromou
66c97a1a1e switch between conversation and stream for public and group 2011-09-23 17:28:54 -04:00
Evan Prodromou
dba9d71abd Support mode in all 2011-09-23 17:18:21 -04:00
Evan Prodromou
642901f4ae No such path 'index', so redirect to home timeline 2011-09-21 16:33:10 -04:00
Evan Prodromou
d594c83a5a Merge commit 'refs/merge-requests/159' of git://gitorious.org/statusnet/mainline into merge-requests/159 2011-09-21 16:31:38 -04:00
Zach Copley
b6b13a6bc7 Don't access current user without session 2011-09-21 00:40:27 +00:00
Evan Prodromou
bd33036fae use a dummy notice stream for retweets_of_me under high load 2011-09-19 22:17:40 -04:00
Evan Prodromou
32f7d3edc2 inverted switch for performance on public page 2011-09-19 22:01:47 -04:00
Evan Prodromou
ddf166e144 setting to turn off expensive queries 2011-09-19 21:55:11 -04:00
Evan Prodromou
b44bb472eb disable public tag cloud on public sites 2011-09-19 19:37:58 -04:00
Evan Prodromou
319639a232 hide popular notice section on non-private sites 2011-09-19 16:19:12 -04:00
Evan Prodromou
e8785927a3 log the problem when there's an exception leaving a group 2011-09-18 19:28:44 -04:00
Evan Prodromou
cf2457f03f correct link for apitimelinegroup 2011-09-18 17:33:25 -04:00
Evan Prodromou
be4e3593f5 declare attributes of TagAction 2011-09-18 12:52:38 -04:00
Evan Prodromou
951601633b better handling of tagged notice streams 2011-09-18 12:33:35 -04:00
Evan Prodromou
b80b0d6520 use correct redirect on logout of single-user site 2011-09-17 15:08:04 -04:00