From: Evan Prodromou Date: Fri, 21 Aug 2009 19:42:11 +0000 (-0400) Subject: Merge branch '0.8.x' into 0.9.x X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=b2664e1ae2e2cf66585cdd8696d88efdd053eb3b;p=quix0rs-gnu-social.git Merge branch '0.8.x' into 0.9.x Conflicts: actions/updateprofile.php actions/userauthorization.php classes/User_group.php index.php install.php lib/accountsettingsaction.php lib/logingroupnav.php --- b2664e1ae2e2cf66585cdd8696d88efdd053eb3b diff --cc actions/updateprofile.php index b10554e8ba,f6cb277aa7..b020413b35 --- a/actions/updateprofile.php +++ b/actions/updateprofile.php @@@ -28,59 -17,167 +28,91 @@@ * along with this program. If not, see . */ -if (!defined('LACONICA')) { exit(1); } +if (!defined('LACONICA')) { + exit(1); +} -require_once(INSTALLDIR.'/lib/omb.php'); +require_once INSTALLDIR.'/lib/omb.php'; +require_once INSTALLDIR.'/extlib/libomb/service_provider.php'; +/** + * Handle an updateprofile action + * + * @category Action + * @package Laconica + * @author Evan Prodromou + * @author Robin Millette + * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3 + * @link http://laconi.ca/ + */ class UpdateprofileAction extends Action { - - function handle($args) - { - parent::handle($args); - try { - common_remove_magic_from_request(); - $req = OAuthRequest::from_request('POST', common_local_url('updateprofile')); - # Note: server-to-server function! - $server = omb_oauth_server(); - list($consumer, $token) = $server->verify_request($req); - if ($this->update_profile($req, $consumer, $token)) { - header('HTTP/1.1 200 OK'); - header('Content-type: text/plain'); - print "omb_version=".OMB_VERSION_01; - } - } catch (OAuthException $e) { - $this->serverError($e->getMessage()); - return; - } - } - function update_profile($req, $consumer, $token) + /** + * For initializing members of the class. + * + * @param array $argarray misc. arguments + * + * @return boolean true + */ + function prepare($argarray) { - parent::prepare($argarray); - $license = $_POST['omb_listenee_license']; - $site_license = common_config('license', 'url'); - if (!common_compatible_license($license, $site_license)) { - $this->clientError(sprintf(_('Listenee stream license ‘%s’ is not '. - 'compatible with site license ‘%s’.'), - $license, $site_license); + $version = $req->get_parameter('omb_version'); + if ($version != OMB_VERSION_01) { + $this->clientError(_('Unsupported OMB version'), 400); + return false; + } + # First, check to see if listenee exists + $listenee = $req->get_parameter('omb_listenee'); + $remote = Remote_profile::staticGet('uri', $listenee); + if (!$remote) { + $this->clientError(_('Profile unknown'), 404); + return false; + } + # Second, check to see if they should be able to post updates! + # We see if there are any subscriptions to that remote user with + # the given token. + + $sub = new Subscription(); + $sub->subscribed = $remote->id; + $sub->token = $token->key; + if (!$sub->find(true)) { + $this->clientError(_('You did not send us that profile'), 403); + return false; + } + + $profile = Profile::staticGet('id', $remote->id); + if (!$profile) { + # This one is our fault + $this->serverError(_('Remote profile with no matching profile'), 500); + return false; + } + $nickname = $req->get_parameter('omb_listenee_nickname'); + if ($nickname && !Validate::string($nickname, array('min_length' => 1, + 'max_length' => 64, + 'format' => NICKNAME_FMT))) { + $this->clientError(_('Nickname must have only lowercase letters and numbers and no spaces.')); + return false; + } + $license = $req->get_parameter('omb_listenee_license'); + if ($license && !common_valid_http_url($license)) { + $this->clientError(sprintf(_("Invalid license URL '%s'"), $license)); return false; } - $profile_url = $req->get_parameter('omb_listenee_profile'); - if ($profile_url && !common_valid_http_url($profile_url)) { - $this->clientError(sprintf(_("Invalid profile URL '%s'."), $profile_url)); - return false; - } - # optional stuff - $fullname = $req->get_parameter('omb_listenee_fullname'); - if ($fullname && mb_strlen($fullname) > 255) { - $this->clientError(_("Full name is too long (max 255 chars).")); - return false; - } - $homepage = $req->get_parameter('omb_listenee_homepage'); - if ($homepage && (!common_valid_http_url($homepage) || mb_strlen($homepage) > 255)) { - $this->clientError(sprintf(_("Invalid homepage '%s'"), $homepage)); - return false; - } - $bio = $req->get_parameter('omb_listenee_bio'); - if ($bio && mb_strlen($bio) > 140) { - $this->clientError(_("Bio is too long (max 140 chars).")); - return false; - } - $location = $req->get_parameter('omb_listenee_location'); - if ($location && mb_strlen($location) > 255) { - $this->clientError(_("Location is too long (max 255 chars).")); - return false; - } - $avatar = $req->get_parameter('omb_listenee_avatar'); - if ($avatar) { - if (!common_valid_http_url($avatar) || strlen($avatar) > 255) { - $this->clientError(sprintf(_("Invalid avatar URL '%s'"), $avatar)); - return false; - } - $size = @getimagesize($avatar); - if (!$size) { - $this->clientError(sprintf(_("Can't read avatar URL '%s'"), $avatar)); - return false; - } - if ($size[0] != AVATAR_PROFILE_SIZE || $size[1] != AVATAR_PROFILE_SIZE) { - $this->clientError(sprintf(_("Wrong size image at '%s'"), $avatar)); - return false; - } - if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, - IMAGETYPE_PNG))) { - $this->clientError(sprintf(_("Wrong image type for '%s'"), $avatar)); - return false; - } - } - - $orig_profile = clone($profile); + return true; + } - /* Use values even if they are an empty string. Parsing an empty string in - updateProfile is the specified way of clearing a parameter in OMB. */ - if (!is_null($nickname)) { - $profile->nickname = $nickname; - } - if (!is_null($profile_url)) { - $profile->profileurl = $profile_url; - } - if (!is_null($fullname)) { - $profile->fullname = $fullname; - } - if (!is_null($homepage)) { - $profile->homepage = $homepage; - } - if (!is_null($bio)) { - $profile->bio = $bio; - } - if (!is_null($location)) { - $profile->location = $location; - } + function handle($args) + { + parent::handle($args); - if (!$profile->update($orig_profile)) { - $this->serverError(_('Could not save new profile info'), 500); - return false; - } else { - if ($avatar) { - $temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar'); - copy($avatar, $temp_filename); - $imagefile = new ImageFile($profile->id, $temp_filename); - $filename = Avatar::filename($profile->id, - image_type_to_extension($imagefile->type), - null, - common_timestamp()); - rename($temp_filename, Avatar::path($filename)); - if (!$profile->setOriginal($filename)) { - $this->serverError(_('Could not save avatar info'), 500); - return false; - } - } - return true; + try { + $srv = new OMB_Service_Provider(null, omb_oauth_datastore(), + omb_oauth_server()); + $srv->handleUpdateProfile(); + } catch (Exception $e) { + $this->serverError($e->getMessage()); + return; } } --} - ?> ++} diff --cc actions/userauthorization.php index 54e0ee920b,7e397e8888..3e7be97479 --- a/actions/userauthorization.php +++ b/actions/userauthorization.php @@@ -60,10 -44,14 +60,14 @@@ class UserauthorizationAction extends A $this->sendAuthorization(); } else { if (!common_logged_in()) { - # Go log in, and then come back + /* Go log in, and then come back. */ common_set_returnto($_SERVER['REQUEST_URI']); - common_redirect(common_local_url('login')); + if (!common_config('site', 'openidonly')) { + common_redirect(common_local_url('login')); + } else { + common_redirect(common_local_url('openidlogin')); + } return; } @@@ -347,10 -536,15 +351,9 @@@ } if (!in_array($size[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG))) { - throw new OAuthException("Wrong image type for '$avatar'"); + throw new Exception(sprintf(_('Wrong image type for avatar URL '. + '‘%s’.'), $avatar)); } } - $callback = $_GET['oauth_callback']; - if ($callback && !common_valid_http_url($callback)) { - throw new OAuthException("Invalid callback URL '$callback'"); - } - if ($callback && $callback == common_local_url('finishremotesubscribe')) { - throw new OAuthException("Callback URL '$callback' is for local site."); - } } } - ?> diff --cc classes/User_group.php index e6e79ca6a3,ea19cbb97a..310ecff1ef --- a/classes/User_group.php +++ b/classes/User_group.php @@@ -298,19 -298,44 +298,60 @@@ class User_group extends Memcached_Data return $ids; } + static function maxDescription() + { + $desclimit = common_config('group', 'desclimit'); + // null => use global limit (distinct from 0!) + if (is_null($desclimit)) { + $desclimit = common_config('site', 'textlimit'); + } + return $desclimit; + } + + static function descriptionTooLong($desc) + { + $desclimit = self::maxDescription(); + return ($desclimit > 0 && !empty($desc) && (mb_strlen($desc) > $desclimit)); + } ++ + function asAtomEntry($namespace=false, $source=false) + { + $xs = new XMLStringer(true); + + if ($namespace) { + $attrs = array('xmlns' => 'http://www.w3.org/2005/Atom', + 'xmlns:thr' => 'http://purl.org/syndication/thread/1.0'); + } else { + $attrs = array(); + } + + $xs->elementStart('entry', $attrs); + + if ($source) { + $xs->elementStart('source'); + $xs->element('title', null, $profile->nickname . " - " . common_config('site', 'name')); + $xs->element('link', array('href' => $this->permalink())); + } + + if ($source) { + $xs->elementEnd('source'); + } + + $xs->element('title', null, $this->nickname); + $xs->element('summary', null, $this->description); + + $xs->element('link', array('rel' => 'alternate', + 'href' => $this->permalink())); + + $xs->element('id', null, $this->permalink()); + + $xs->element('published', null, common_date_w3dtf($this->created)); + $xs->element('updated', null, common_date_w3dtf($this->modified)); + + $xs->element('content', array('type' => 'html'), $this->description); + + $xs->elementEnd('entry'); + + return $xs->getString(); + } } diff --cc index.php index 372a8536ec,be62fe1f34..d8434a6cfe --- a/index.php +++ b/index.php @@@ -105,22 -105,27 +105,41 @@@ function checkMirror($action_obj, $args } } +function isLoginAction($action) +{ + static $loginActions = array('login', 'openidlogin', 'finishopenidlogin', + 'recoverpassword', 'api', 'doc', 'register'); + + $login = null; + + if (Event::handle('LoginAction', array($action, &$login))) { + $login = in_array($action, $loginActions); + } + + return $login; +} + function main() { + // fake HTTP redirects using lighttpd's 404 redirects + if (strpos($_SERVER['SERVER_SOFTWARE'], 'lighttpd') !== false) { + $_lighty_url = $base_url.$_SERVER['REQUEST_URI']; + $_lighty_url = @parse_url($_lighty_url); + + if ($_lighty_url['path'] != '/index.php' && $_lighty_url['path'] != '/') { + $_lighty_path = preg_replace('/^'.preg_quote(common_config('site','path')).'\//', '', substr($_lighty_url['path'], 1)); + $_SERVER['QUERY_STRING'] = 'p='.$_lighty_path; + if ($_lighty_url['query']) + $_SERVER['QUERY_STRING'] .= '&'.$_lighty_url['query']; + parse_str($_lighty_url['query'], $_lighty_query); + foreach ($_lighty_query as $key => $val) { + $_GET[$key] = $_REQUEST[$key] = $val; + } + $_GET['p'] = $_REQUEST['p'] = $_lighty_path; + } + } + $_SERVER['REDIRECT_URL'] = preg_replace("/\?.+$/", "", $_SERVER['REQUEST_URI']); + // quick check for fancy URL auto-detection support in installer. if (isset($_SERVER['REDIRECT_URL']) && (preg_replace("/^\/$/","",(dirname($_SERVER['REQUEST_URI']))) . '/check-fancy') === $_SERVER['REDIRECT_URL']) { die("Fancy URL support detection succeeded. We suggest you enable this to get fancy (pretty) URLs."); diff --cc js/util.js index 3a0a8d9a7a,f09ce838c4..4f731f30a1 --- a/js/util.js +++ b/js/util.js @@@ -17,11 -17,11 +17,13 @@@ */ $(document).ready(function(){ + var counterBlackout = false; + // count character on keyup function counter(event){ - var maxLength = 140; + if (maxLength <= 0) { + return; + } var currentLength = $("#notice_data-text").val().length; var remaining = maxLength - currentLength; var counter = $("#notice_text-count");