]>
git.mxchange.org Git - quix0rs-gnu-social.git/log
Mikael Nordfeldth [Wed, 17 Feb 2016 21:43:45 +0000 (22:43 +0100)]
If profile fullname is 0 chars use nickname
Mikael Nordfeldth [Wed, 17 Feb 2016 21:36:33 +0000 (22:36 +0100)]
Make the Link header give URI for WebFinger lookup
Mikael Nordfeldth [Wed, 17 Feb 2016 20:57:52 +0000 (21:57 +0100)]
Differentiate two similar log warning messages
Mikael Nordfeldth [Tue, 16 Feb 2016 01:24:38 +0000 (02:24 +0100)]
Gotta declare FullNoticeStream as abstract class
Mikael Nordfeldth [Tue, 16 Feb 2016 01:21:39 +0000 (02:21 +0100)]
FullNoticeStream selects all verbs.
Mikael Nordfeldth [Mon, 15 Feb 2016 08:59:34 +0000 (09:59 +0100)]
created column was ambigououuuouuus
Mikael Nordfeldth [Mon, 15 Feb 2016 08:59:18 +0000 (09:59 +0100)]
We only want POST and SHARE in the inbox/home timeline right?
Mikael Nordfeldth [Sun, 14 Feb 2016 19:53:26 +0000 (20:53 +0100)]
Show shares in public timeline
Also, the unselect rule for DELETE was useless anyway since it would
already have been filtered out by not having true.
(the => false stuff are for when you want ALL _except_ that)
Mikael Nordfeldth [Sun, 14 Feb 2016 19:46:13 +0000 (20:46 +0100)]
Use NoticeStream::filterVerbs for filtering in noticestreams
Mikael Nordfeldth [Sat, 13 Feb 2016 13:06:05 +0000 (14:06 +0100)]
Might as well put a FILTER_SANITIZE_EMAIL there
Not that I think we could break out of the directory since
we use basename, but you never know... maybe there's a unicode
bug in PHP or something.
Mikael Nordfeldth [Sat, 13 Feb 2016 12:57:15 +0000 (13:57 +0100)]
socialfy-your-domain updated for webfinger (not tested)
Mikael Nordfeldth [Sat, 13 Feb 2016 12:17:39 +0000 (13:17 +0100)]
Hide attachments in notices by silenced profiles
Mikael Nordfeldth [Sat, 13 Feb 2016 00:19:47 +0000 (01:19 +0100)]
listGet was not meant for that really
Mikael Nordfeldth [Sat, 13 Feb 2016 00:16:34 +0000 (01:16 +0100)]
Render RegiserThrottle extra profile data properly
Mikael Nordfeldth [Sat, 13 Feb 2016 00:10:01 +0000 (01:10 +0100)]
Don't depend on ModLog
Mikael Nordfeldth [Sat, 13 Feb 2016 00:02:18 +0000 (01:02 +0100)]
RegisterThrottle list-profiles-by-ip
Mikael Nordfeldth [Fri, 12 Feb 2016 23:51:43 +0000 (00:51 +0100)]
Show user registration IP to users who can see ModLog
Mikael Nordfeldth [Fri, 12 Feb 2016 14:00:18 +0000 (15:00 +0100)]
Only administrators can delete other privileged users.
Mikael Nordfeldth [Fri, 12 Feb 2016 13:47:49 +0000 (14:47 +0100)]
Profile->isPrivileged() to check if users have more rights than to post etc.
Mikael Nordfeldth [Fri, 12 Feb 2016 13:38:03 +0000 (14:38 +0100)]
Update the comment on silencing privileged users in ModHelper
Mikael Nordfeldth [Fri, 12 Feb 2016 13:22:25 +0000 (14:22 +0100)]
Silence action can only be used on non-priviliged users
Mikael Nordfeldth [Fri, 12 Feb 2016 12:52:48 +0000 (13:52 +0100)]
Add Profile::ensureCurrent() to verify we _certainly_ got a Profile.
Mikael Nordfeldth [Fri, 12 Feb 2016 01:29:33 +0000 (02:29 +0100)]
file and avatar dirs on instances with no such dirs in filesystem
Mikael Nordfeldth [Fri, 12 Feb 2016 01:21:11 +0000 (02:21 +0100)]
Fix Nickname::isSystemPath() work properly for routes
Mikael Nordfeldth [Fri, 12 Feb 2016 00:45:47 +0000 (01:45 +0100)]
Do not delete_orphan_files on an instance with Qvitter
Mikael Nordfeldth [Thu, 11 Feb 2016 23:05:36 +0000 (00:05 +0100)]
And LEFT JOIN to actually get all results
Mikael Nordfeldth [Thu, 11 Feb 2016 22:38:12 +0000 (23:38 +0100)]
...and avoid duplicate results...
Mikael Nordfeldth [Thu, 11 Feb 2016 21:54:29 +0000 (22:54 +0100)]
Aurhg, and get all the properties, not just id
Mikael Nordfeldth [Thu, 11 Feb 2016 21:49:45 +0000 (22:49 +0100)]
Haha, it essentially became a NOOP with the last commit
Mikael Nordfeldth [Thu, 11 Feb 2016 21:43:26 +0000 (22:43 +0100)]
Fixed the delete orphan script to include deleted notices
The file_to_post table sometimes had post_id with values that did not
exist in the notice table.
Mikael Nordfeldth [Thu, 11 Feb 2016 21:19:56 +0000 (22:19 +0100)]
Delete orphan files maintenance script
When deleting a profile it'll delete its notices and the coupling to
file entries, but not the file entries themselves (and thus not the
files). So if one to delete a person uploading offending images, then
the images are left behind and can be hotlinked. This will remove it.
Mikael Nordfeldth [Thu, 11 Feb 2016 20:18:44 +0000 (21:18 +0100)]
XMPP URI scheme for HTMLPurifier
Mikael Nordfeldth [Wed, 10 Feb 2016 23:04:14 +0000 (00:04 +0100)]
application/xml allowed in uploads
Mikael Nordfeldth [Wed, 10 Feb 2016 03:43:30 +0000 (04:43 +0100)]
Stricter exception check
Mikael Nordfeldth [Wed, 10 Feb 2016 03:40:54 +0000 (04:40 +0100)]
Use thumbnail upscaling config value
Mikael Nordfeldth [Wed, 10 Feb 2016 03:40:10 +0000 (04:40 +0100)]
Default to avoid upscaling of thumbnails. 45x45=>450x450 is ugly
Mikael Nordfeldth [Wed, 10 Feb 2016 03:37:43 +0000 (04:37 +0100)]
Allow finding the "original remote thumbnail"
This will probably cause older oEmbed images not to show, since they
probably were updated to use empty url entries because they were thought
of as local ones. During a migration period maybe you want to change
the default value of notNullUrl to 'false' in File_thumbnail::byFile(...)
Mikael Nordfeldth [Wed, 10 Feb 2016 03:15:41 +0000 (04:15 +0100)]
Add urlhash field to File_thumbnail for indexing
Mikael Nordfeldth [Wed, 10 Feb 2016 02:37:27 +0000 (03:37 +0100)]
Managed_DataObject gets onInsert and onUpdate
Mikael Nordfeldth [Wed, 10 Feb 2016 01:32:17 +0000 (02:32 +0100)]
background is not used, so removed from documentation
Mikael Nordfeldth [Wed, 10 Feb 2016 00:11:43 +0000 (01:11 +0100)]
Document site/sslproxy config value
Should be put into installation configuration too. Maybe a sample
and commented out entry in config.php as well.
Mikael Nordfeldth [Wed, 10 Feb 2016 00:05:02 +0000 (01:05 +0100)]
Use config site/sslproxy to force HTTPS (i.e. using reverse proxy to enable it)
Usage in config.php: $config['site']['sslproxy'] = true;
Add this to documentation...
Mikael Nordfeldth [Tue, 9 Feb 2016 23:57:39 +0000 (00:57 +0100)]
Either use or don't use HTTPS
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
Mikael Nordfeldth [Tue, 9 Feb 2016 23:38:14 +0000 (00:38 +0100)]
s/isHTTPS/useHTTPS/ for HTTPS URL generation
Mikael Nordfeldth [Mon, 8 Feb 2016 19:20:31 +0000 (20:20 +0100)]
bitcoin schema for HTMLPurifier
Mikael Nordfeldth [Mon, 8 Feb 2016 16:56:35 +0000 (17:56 +0100)]
Require the license with HTML5
Mikael Nordfeldth [Mon, 8 Feb 2016 16:51:21 +0000 (17:51 +0100)]
Log failed captcha entries
Mikael Nordfeldth [Mon, 8 Feb 2016 16:47:09 +0000 (17:47 +0100)]
SimpleCaptcha plugin to stop basic bots
Mikael Nordfeldth [Mon, 8 Feb 2016 14:30:28 +0000 (15:30 +0100)]
Returnto the previous page when deleting a notice.
Mikael Nordfeldth [Mon, 8 Feb 2016 11:21:58 +0000 (12:21 +0100)]
Use functions instead of accessing properties in twitterUserArray
Mikael Nordfeldth [Mon, 8 Feb 2016 11:21:46 +0000 (12:21 +0100)]
Return intval from getID()
Mikael Nordfeldth [Mon, 8 Feb 2016 11:14:35 +0000 (12:14 +0100)]
Don't return true on requiresAuth if screen_name==='0'
Mikael Nordfeldth [Mon, 8 Feb 2016 10:38:52 +0000 (11:38 +0100)]
Allow screennames that are === '0'
Mikael Nordfeldth [Sun, 7 Feb 2016 11:50:26 +0000 (12:50 +0100)]
Keep the rel="tag" in HTML when purifying
Mikael Nordfeldth [Sun, 7 Feb 2016 01:35:44 +0000 (02:35 +0100)]
Merge branch 'master' into mmn_fixes
Mikael Nordfeldth [Sun, 7 Feb 2016 01:33:53 +0000 (02:33 +0100)]
Hidespam by default
...why would something described as "Whether to hide silenced users from timelines"
be set to false by default? :)
Mikael Nordfeldth [Sun, 7 Feb 2016 01:33:53 +0000 (02:33 +0100)]
Hidespam by default
...why would something described as "Whether to hide silenced users from timelines"
be set to false by default? :)
Mikael Nordfeldth [Sun, 7 Feb 2016 00:59:21 +0000 (01:59 +0100)]
Use the -y parameter for ffmpeg/avconv to be non-interactive
Mikael Nordfeldth [Sun, 7 Feb 2016 00:57:56 +0000 (01:57 +0100)]
Write to the tmp file in VideoThumbnails
Mikael Nordfeldth [Sun, 7 Feb 2016 00:54:37 +0000 (01:54 +0100)]
Catch http exception in StoreRemoteMedia
Mikael Nordfeldth [Sun, 7 Feb 2016 00:52:20 +0000 (01:52 +0100)]
NoHttpResponseException extends HTTP_Request2_ConnectionException
Mikael Nordfeldth [Sun, 7 Feb 2016 00:02:59 +0000 (01:02 +0100)]
Support ffmpeg and avconv depending on which you have
Mikael Nordfeldth [Thu, 4 Feb 2016 11:16:36 +0000 (12:16 +0100)]
Unknown functionality of a script
Something added 6-8 years ago which we don't use anymore...
Mikael Nordfeldth [Thu, 4 Feb 2016 11:05:58 +0000 (12:05 +0100)]
Fix issue #127 by catching exceptions
update-profile-data.php threw exceptions on http connection issues
Mikael Nordfeldth [Thu, 4 Feb 2016 10:37:24 +0000 (11:37 +0100)]
ES3 compatibility layer not necessary (noone uses IE8 etc.)
All browsers with javascript support also support ES5 nowadays. Anyone
using older software should upgrade for other reasons, such as security.
Mikael Nordfeldth [Wed, 3 Feb 2016 18:32:51 +0000 (19:32 +0100)]
Forgot a break in a switch when rendering attachments.
Mikael Nordfeldth [Wed, 3 Feb 2016 14:26:19 +0000 (15:26 +0100)]
Disallow zero-length magnet URIs
magnet: would match, but now we have a zero-length lookahead which
requires the following character to be a question mark: magnet:?
Mikael Nordfeldth [Wed, 3 Feb 2016 13:36:51 +0000 (14:36 +0100)]
HTMLPurifierSchemes plugin to allow geo and magnet URIs
Mikael Nordfeldth [Wed, 3 Feb 2016 13:35:26 +0000 (14:35 +0100)]
HTMLPurifier caches were included accidentally
Mikael Nordfeldth [Wed, 3 Feb 2016 13:31:16 +0000 (14:31 +0100)]
Only allow our specified URI schemes
Mikael Nordfeldth [Wed, 3 Feb 2016 13:19:08 +0000 (14:19 +0100)]
Hacky support for geo URI detection
Won't work with common_purify yet because there is no geo uri scheme for it
Mikael Nordfeldth [Wed, 3 Feb 2016 11:55:00 +0000 (12:55 +0100)]
Configurable linkify for bare IPv4/IPv6
Mikael Nordfeldth [Wed, 3 Feb 2016 00:15:35 +0000 (01:15 +0100)]
Backupaccount is always readonly
Mikael Nordfeldth [Wed, 3 Feb 2016 00:08:36 +0000 (01:08 +0100)]
Don't allow account backups by default.
Mikael Nordfeldth [Wed, 3 Feb 2016 00:04:14 +0000 (01:04 +0100)]
Set time limit to increase time backupaccount can take
Wills till run out of memory probably, we should fix that.
Mikael Nordfeldth [Wed, 3 Feb 2016 00:03:58 +0000 (01:03 +0100)]
Proper error message on too much POST data
Mikael Nordfeldth [Tue, 2 Feb 2016 23:34:49 +0000 (00:34 +0100)]
Don't process further in redirection if HEAD gives 400 Bad request
Mikael Nordfeldth [Tue, 2 Feb 2016 23:22:18 +0000 (00:22 +0100)]
File::isProtected is static
Mikael Nordfeldth [Tue, 2 Feb 2016 23:18:37 +0000 (00:18 +0100)]
Get URL schemes by URL type
Mikael Nordfeldth [Fri, 29 Jan 2016 23:04:18 +0000 (00:04 +0100)]
Bump beta number to 4
We have better webfinger @mention@capability.example at least and
OpportunisticQM is somewhat refined.
Mikael Nordfeldth [Fri, 29 Jan 2016 23:03:25 +0000 (00:03 +0100)]
Merge branch 'master' into mmn_fixes
Mikael Nordfeldth [Fri, 29 Jan 2016 23:02:56 +0000 (00:02 +0100)]
Merge branch 'master' of git.gnu.io:gnu/gnu-social
Mikael Nordfeldth [Fri, 29 Jan 2016 23:00:37 +0000 (00:00 +0100)]
Don't trust local HTML either
If we reallyreally want to include <img> or <script> or whatever then we
have to do that after Notice::saveActivity sets ->rendered.
Mikael Nordfeldth [Fri, 29 Jan 2016 23:00:37 +0000 (00:00 +0100)]
Don't trust local HTML either
If we reallyreally want to include <img> or <script> or whatever then we
have to do that after Notice::saveActivity sets ->rendered.
Mikael Nordfeldth [Fri, 29 Jan 2016 15:15:06 +0000 (16:15 +0100)]
isPerson did not exist for Ostatus_profile
Mikael Nordfeldth [Fri, 29 Jan 2016 15:06:16 +0000 (16:06 +0100)]
Allow @localuser@mysite.example to be looked up as a mention
Mikael Nordfeldth [Fri, 29 Jan 2016 14:53:58 +0000 (15:53 +0100)]
Don't match @nickname on @nickname@server.com
Mikael Nordfeldth [Fri, 29 Jan 2016 14:21:01 +0000 (15:21 +0100)]
Use the profile URI when linking instead of URL
since we'll then get to /user/$id instead of /$nickname which is
good for future archives if someone changes their nickname...
Mikael Nordfeldth [Thu, 28 Jan 2016 19:31:46 +0000 (20:31 +0100)]
Don't use system include path
Sometimes systems have _old_ DB_DataObject classes lying around that
get included by default, so we just try to avoid anything that we don't
ship ourselves.
<MMN-o> BeS: I'll commit a patch that will make this issue go away
<BeS> MMN-o: that would be awesome!
<MMN-o> but it might upset bashrc who's working on a Debian package (where you're _supposed_ to include from /usr/php etc. :P)
<MMN-o> but I'll leave a comment along with it
Mikael Nordfeldth [Thu, 28 Jan 2016 19:18:06 +0000 (20:18 +0100)]
Strict Standards: Declaration of MysqlSchema::get()
should be compatible with Schema::get($conn = NULL)
Mikael Nordfeldth [Thu, 28 Jan 2016 18:11:43 +0000 (19:11 +0100)]
Fullname and location are now text, not varchar, and can be >191|255
Mikael Nordfeldth [Thu, 28 Jan 2016 18:03:24 +0000 (19:03 +0100)]
migrateProfilePrefs added to scripts/upgrade.php
Makes it easier for plugin developers to change the topics set in Profile_prefs
Mikael Nordfeldth [Thu, 28 Jan 2016 18:01:45 +0000 (19:01 +0100)]
Purify oembed html (again)
For a commit or two we didn't do this, because htmLawed failed to filter
out CDATA javascript properly, but now we use HTML Purifier which works.
Mikael Nordfeldth [Thu, 28 Jan 2016 17:57:36 +0000 (18:57 +0100)]
Replace htmLawed with HTMLPurifier
Mikael Nordfeldth [Thu, 28 Jan 2016 16:27:08 +0000 (17:27 +0100)]
Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes
mmn [Thu, 28 Jan 2016 16:26:33 +0000 (16:26 +0000)]
Merge branch 'oembed_fb_wp_branch' into 'nightly'
Oembed: Fix UTF-8 bug and better wp&fb data (updated!)
See merge request !97
Mikael Nordfeldth [Thu, 28 Jan 2016 15:42:59 +0000 (16:42 +0100)]
updateWithKeys now understands multi-column keys
and automatically identifies _which_ columns are the right ones,
so for example 'uri' primary keys don't need to be explicitly set
hannes [Thu, 28 Jan 2016 15:32:11 +0000 (15:32 +0000)]
add comment that DOMDocument('1.0', 'UTF-8') does not work
hannes [Thu, 28 Jan 2016 15:19:29 +0000 (15:19 +0000)]
fixes two issues when the oembed thumbnail is blank
Mikael Nordfeldth [Thu, 28 Jan 2016 13:43:01 +0000 (14:43 +0100)]
Changelog deleted in php-gettext