$cac = new ClientErrorAction($cex->getMessage(), $cex->getCode());
$cac->showPage();
} catch (ServerException $sex) { // snort snort guffaw
- $sac = new ServerErrorAction($sex->getMessage(), $sex->getCode());
+ $sac = new ServerErrorAction($sex->getMessage(), $sex->getCode(), $sex);
$sac->showPage();
} catch (Exception $ex) {
- $sac = new ServerErrorAction($ex->getMessage());
+ $sac = new ServerErrorAction($ex->getMessage(), 500, $ex);
$sac->showPage();
}
}
function showRepresentation() {
if (empty($this->oembed->type)) {
if (empty($this->attachment->mimetype)) {
- $this->out->element('pre', null, 'oh well... not sure how to handle the following: ' . print_r($this->attachment, true));
+ $this->showFallback();
} else {
switch ($this->attachment->mimetype) {
case 'image/gif':
if ($this->attachment->filename) {
// Locally-uploaded HTML. Scrub and display inline.
$this->showHtmlFile($this->attachment);
+ break;
}
- break;
+ // Fall through to default
+
+ default:
+ $this->showFallback();
}
}
} else {
break;
default:
- $this->out->element('pre', null, 'oh well... not sure how to handle the following oembed: ' . print_r($this->oembed, true));
+ $this->showFallback();
}
}
}
return $scrubbed;
}
+
+ function showFallback()
+ {
+ // If we don't know how to display an attachment inline, we probably
+ // shouldn't have gotten to this point.
+ //
+ // But, here we are... displaying details on a file or remote URL
+ // either on the main view or in an ajax-loaded lightbox. As a lesser
+ // of several evils, we'll try redirecting to the actual target via
+ // client-side JS.
+
+ common_log(LOG_ERR, "Empty or unknown type for file id {$this->attachment->id}; falling back to client-side redirect.");
+ $this->out->raw('<script>window.location = ' . json_encode($this->attachment->url) . ';</script>');
+ }
}
504 => 'Gateway Timeout',
505 => 'HTTP Version Not Supported');
- function __construct($message='Error', $code=500)
+ function __construct($message='Error', $code=500, $ex=null)
{
parent::__construct($message, $code);
$this->default = 500;
// Server errors must be logged.
-
- common_log(LOG_ERR, "ServerErrorAction: $code $message");
+ $log = "ServerErrorAction: $code $message";
+ if ($ex) {
+ $log .= "\n" . $ex->getTraceAsString();
+ }
+ common_log(LOG_ERR, $log);
}
// XXX: Should these error actions even be invokable via URI?
$this->uri = Discovery::normalize($this->uri);
if (Discovery::isWebfinger($this->uri)) {
- list($nick, $domain) = explode('@', substr(urldecode($this->uri), 5));
- $nick = common_canonical_nickname($nick);
- $this->user = User::staticGet('nickname', $nick);
+ $parts = explode('@', substr(urldecode($this->uri), 5));
+ if (count($parts) == 2) {
+ list($nick, $domain) = $parts;
+ // @fixme confirm the domain too
+ $nick = common_canonical_nickname($nick);
+ $this->user = User::staticGet('nickname', $nick);
+ }
} else {
$this->user = User::staticGet('uri', $this->uri);
}
* @link http://status.net/
*/
-require_once 'Crypt/RSA.php';
-
class Magicsig extends Memcached_DataObject
{
public function generate($user_id)
{
- $rsa = new Crypt_RSA();
+ $rsa = new SafeCrypt_RSA();
$keypair = $rsa->createKey();
$rsa->loadKey($keypair['privatekey']);
- $this->privateKey = new Crypt_RSA();
+ $this->privateKey = new SafeCrypt_RSA();
$this->privateKey->loadKey($keypair['privatekey']);
- $this->publicKey = new Crypt_RSA();
+ $this->publicKey = new SafeCrypt_RSA();
$this->publicKey->loadKey($keypair['publickey']);
$this->user_id = $user_id;
{
common_log(LOG_DEBUG, "Adding ".$type." key: (".$mod .', '. $exp .")");
- $rsa = new Crypt_RSA();
+ $rsa = new SafeCrypt_RSA();
$rsa->signatureMode = CRYPT_RSA_SIGNATURE_PKCS1;
$rsa->setHash('sha256');
$rsa->modulus = new Math_BigInteger(base64_url_decode($mod), 256);
{
$activity = new Activity($entry, $feed);
+ switch ($activity->object->type) {
+ case ActivityObject::ARTICLE:
+ case ActivityObject::BLOGENTRY:
+ case ActivityObject::NOTE:
+ case ActivityObject::STATUS:
+ case ActivityObject::COMMENT:
+ break;
+ default:
+ throw new ClientException("Can't handle that kind of post.");
+ }
+
if ($activity->verb == ActivityVerb::POST) {
$this->processPost($activity, $source);
} else {
// return false;
}
- return Discovery_LRDD_Link_Header::parseHeader($link_header);
+ return array(Discovery_LRDD_Link_Header::parseHeader($link_header));
}
protected static function parseHeader($header)
preg_match('/^<[^>]+>/', $str, $uri_reference);
//if (empty($uri_reference)) return;
- $this->uri = trim($uri_reference[0], '<>');
+ $this->href = trim($uri_reference[0], '<>');
$this->rel = array();
$this->type = null;
--- /dev/null
+<?php
+
+require_once 'Crypt/RSA.php';
+
+/**
+ * Crypt_RSA stores a Math_BigInteger with value 0, which triggers a bug
+ * in Math_BigInteger's wakeup function which spews notices to log or output.
+ * This wrapper replaces it with a version that survives serialization.
+ */
+class SafeCrypt_RSA extends Crypt_RSA
+{
+ function __construct()
+ {
+ parent::__construct();
+ $this->zero = new SafeMath_BigInteger();
+ }
+}
+
--- /dev/null
+<?php
+
+require_once 'Math/BigInteger.php';
+
+/**
+ * Crypt_RSA stores a Math_BigInteger with value 0, which triggers a bug
+ * in Math_BigInteger's wakeup function which spews notices to log or output.
+ * This wrapper replaces it with a version that survives serialization.
+ */
+class SafeMath_BigInteger extends Math_BigInteger
+{
+ function __wakeup()
+ {
+ if ($this->hex == '') {
+ $this->hex = '0';
+ }
+ parent::__wakeup();
+ }
+}
+
projects / quix0rs-gnu-social.git / commitdiff