Brion Vibber [Wed, 16 Jun 2010 19:30:37 +0000 (12:30 -0700)]
Switch OpenID server's redirects from 307 to 303 to avoid prompt for form data resubmission if we were sent here from a POST request, such as when verifying the site for the first time doing an OpenID login from Drupal.
Brion Vibber [Fri, 11 Jun 2010 18:52:06 +0000 (11:52 -0700)]
Fix a couple bad format entries in router setup (format param had 'xmljson' instead of 'xml|json').
Warning: the format strings aren't actually being enforced here which is probably why they weren't caught earlier. Not quite sure why, it should be looked at!
Brion Vibber [Thu, 10 Jun 2010 18:42:58 +0000 (11:42 -0700)]
Ticket #2350: fix for incorrect FOAF sioc:follows entries for users who are followed by, but don't themselves follow the user whose FOAF we're displaying.
Brion Vibber [Tue, 1 Jun 2010 20:53:44 +0000 (13:53 -0700)]
Fix memory leak in Inbox::addToInbox() (usage of raw DB_DataObject::staticGet, which leaks memory into a process-global cache).
On my test setup, this fixes inbox delivery to 10,000 local recipients from background queuedaemon running with a 32mb memory limit, completes the job within a minute from start.
Evan Prodromou [Mon, 3 May 2010 18:00:12 +0000 (14:00 -0400)]
Database tables to cache expensive query data
We need to bundle counts of notices and users by date. This can be
expensive for large sites. So, new tables are added to cache the
results of these queries, which don't change after the date is over.
Brion Vibber [Tue, 1 Jun 2010 18:41:17 +0000 (18:41 +0000)]
Mapstraction plugin fix: set icon dimensions (24x24 px); Google Maps provider otherwise defaults to stretching them to a funny shape instead of showing square avatars.
Brion Vibber [Fri, 28 May 2010 23:52:17 +0000 (16:52 -0700)]
OpenID: add option to enable asking for a username to append to the trusted provider's base URL. Good for hooking up with sites like WikiHow, where usernames are appended to a base URL to get a profile URL which is used as the provider.
$config['openid']['append_username'] = true;
or check 'Append a username to base URL' in OpenID admin panel.
Brion Vibber [Fri, 28 May 2010 23:03:09 +0000 (16:03 -0700)]
Ticket 2329 followup: my clever 'let it use the default' was foiled by PHP gettext module not quite exposing a compatible interface as the backend gettext library. (Most funcs squash null domain parameter into '' empty string, which isn't interpreted as 'use the current default'.)
Zach Copley [Wed, 26 May 2010 20:31:36 +0000 (20:31 +0000)]
Remove settting/getting a 'verb' for Facebook stream entries / status
updates. Facebook has disabled the ability to store user preferences
via their old REST API, causing our application to break. Also, verbs
in status updates seem to be deprecated, and stream posts don't seem
to have a verb.
Brion Vibber [Thu, 20 May 2010 19:21:29 +0000 (12:21 -0700)]
WikiHowProfile plugin; pulls avatar from WikiHow profile pages when registering or adding account with OpenID. (Full name, location, homepage, and bio are also on the profile page but not marked up in a way they can be easily retrieved yet.)
OpenID plugin: Added events at OpenID account creation and update time to allow additional customizations for particular sites.
Brion Vibber [Tue, 25 May 2010 20:09:21 +0000 (13:09 -0700)]
Hotpatch for infinite redirection-following loop seen processing URLs to http://clojure.org/ -- if we end up with an unstable redirect target (final item in a redirect chain ends up redirecting us somewhere else when we visit it again), just save the last version we saw instead of trying to start over.
Pretty much everything in File and File_redirection initial processing needs to be rewritten to be non-awful; this code is very hard to follow and very easy to make huge bugs. A fair amount of the complication is probably obsoleted by the redirection following being built into HTTPClient now.
Brion Vibber [Tue, 25 May 2010 18:36:42 +0000 (11:36 -0700)]
Backing out locale switch change to see if this affects our mystery memory leak.
Revert "Locale switch cleanup: use common_switch_locale() which is safer for updating gettext state. Also moved a few calls to reduce chance of hitting an exception before switching back."
Zach Copley [Mon, 24 May 2010 21:25:21 +0000 (21:25 +0000)]
Upgrade Facebook posting:
- Use FQL to check for publish stream permission instead of old REST API
- Better error handling, especially for error code 100
- More logging / better log messages
Brion Vibber [Mon, 24 May 2010 14:47:15 +0000 (07:47 -0700)]
Handle funky notice deletion cases more gracefully: if we already have a deleted_notice entry, don't freak out when we try to save it again on the second try.
Brion Vibber [Sun, 23 May 2010 00:43:56 +0000 (17:43 -0700)]
Hotpatch for Facebook mirror problems: drop messages when hitting rate limit (err 341) instead of retrying forever. On unknown errors, now throwing an exception so it'll hit the message retry limits.
Brion Vibber [Fri, 21 May 2010 21:07:59 +0000 (14:07 -0700)]
Add $config['queue']['stomp_enqueue_to'] override for which queue server to send to.
Must be set to a value that matches one of the entries in $config['queue']['stomp_server'] array, otherwise ignored.
Brion Vibber [Fri, 21 May 2010 17:12:39 +0000 (10:12 -0700)]
Disable SSL peer/hostname verification for HTTPClient unless we've configured a trusted CA bundle like this: $config['http']['ssl_cafile'] = '/usr/lib/ssl/certs/ca-certificates.crt';
The previous state was failing on all HTTPS hits due to HTTP_Request2 library turning on the validation check but not specifying a CA file.
Brion Vibber [Thu, 20 May 2010 19:46:36 +0000 (12:46 -0700)]
Added block link to subscription notification emails; block action can now take a profile ID on the URL; added profile details to block page so there's an indication of who you're blocking before you pull the trigger.
Fixed typo in RedirectingAction when no return-to data provided in form submission.
RedirectingAction::returnToArgs() has been renamed to returnToPrevious() to avoid conflict with Action::returnToArgs() which returns arguments to be passed to other actions as return-to arguments. All callers should now be updated.
More profile settings actions will now redirect through a login form if visited as a GET request, as would be expected from a bookmark, link sent in e-mail etc.
Brion Vibber [Wed, 19 May 2010 23:19:06 +0000 (16:19 -0700)]
Quick fix for creating OpenID accounts authenticating against a MediaWiki site; trim the 'User:' etc from the final path segment before generating a nickname from it. Avoids ending up with nicks like 'userbrion' on your first OpenID login!
Brion Vibber [Wed, 19 May 2010 22:12:39 +0000 (15:12 -0700)]
Add config option for RequireValidatedEmail plugin to skip the check for folks with a trusted OpenID association.
Also added an event that other plugins or local config can use to override the checks.
Brion Vibber [Wed, 19 May 2010 17:10:55 +0000 (10:10 -0700)]
Locale switch cleanup: use common_switch_locale() which is safer for updating gettext state. Also moved a few calls to reduce chance of hitting an exception before switching back.
Should help with problems where xmppdaemon would get stuck in wrong locale.
Brion Vibber [Tue, 18 May 2010 21:52:17 +0000 (21:52 +0000)]
Redirect non-SSL hits to login & register actions to SSL if 'always' or 'sometimes' SSL modes are kicked in.
The forms would already submit to SSL, but people are happier if they start on a secure page!
Note: this really should be done for sensitive/all URLs in index.php, but it seems a bit awkward to reconstruct the SSL version of the link atm. Cleanup todo!
projects / quix0rs-gnu-social.git / log