]> git.mxchange.org Git - quix0rs-gnu-social.git/log
quix0rs-gnu-social.git
8 years agoMerge branch 'group-autocomplete' into 'nightly'
mmn [Fri, 26 Feb 2016 12:30:19 +0000 (12:30 +0000)]
Merge branch 'group-autocomplete' into 'nightly'

Fix !group autocomplete

"Call to undefined method User_group::getFullname"

See merge request !108

8 years agoMerge branch 'remove-openid' into 'nightly'
mmn [Fri, 26 Feb 2016 12:30:01 +0000 (12:30 +0000)]
Merge branch 'remove-openid' into 'nightly'

Fix: Cannot remove OpenID

OpenidsettingsAction::removeOpenID() was comparing and int with a string
so always displayed "That OpenID does not belong to you."

See merge request !107

8 years agoMake sure the saved Notice has an ID
Mikael Nordfeldth [Fri, 26 Feb 2016 00:11:20 +0000 (01:11 +0100)]
Make sure the saved Notice has an ID

8 years agoUse mb_strlen to see if something is an empty string
Mikael Nordfeldth [Fri, 26 Feb 2016 00:04:59 +0000 (01:04 +0100)]
Use mb_strlen to see if something is an empty string

8 years agoMentioning matches (@this too) now.
Mikael Nordfeldth [Thu, 25 Feb 2016 23:08:51 +0000 (00:08 +0100)]
Mentioning matches (@this too) now.

8 years agoUser friendlieness in scripts/delete_notice.php
Mikael Nordfeldth [Thu, 25 Feb 2016 23:06:04 +0000 (00:06 +0100)]
User friendlieness in scripts/delete_notice.php

8 years agoAllow sgf files if they're recognized in mime search
Mikael Nordfeldth [Thu, 25 Feb 2016 23:05:07 +0000 (00:05 +0100)]
Allow sgf files if they're recognized in mime search

They are Go game files used on lamatriz.org. Note that my server
doesn't actually recognize these files and can identify the mime type,
but my browser did for some reason.

8 years agoCommented on the mime extension matching regexp
Mikael Nordfeldth [Thu, 25 Feb 2016 21:32:07 +0000 (22:32 +0100)]
Commented on the mime extension matching regexp

8 years agoTry to get mime data before hashing (cpu intensive)
Mikael Nordfeldth [Thu, 25 Feb 2016 21:31:45 +0000 (22:31 +0100)]
Try to get mime data before hashing (cpu intensive)

8 years agosyntax error
Mikael Nordfeldth [Thu, 25 Feb 2016 21:17:44 +0000 (22:17 +0100)]
syntax error

8 years agoMake uploads work properly if we accept _all_ attachment types
Mikael Nordfeldth [Thu, 25 Feb 2016 21:15:54 +0000 (22:15 +0100)]
Make uploads work properly if we accept _all_ attachment types

Also introduced $config['attachments']['extblacklist'] that can disable
certain file extensions (or rewrite them, for example php => phps)

8 years agoMerge branch 'master' into mmn_fixes
Mikael Nordfeldth [Thu, 25 Feb 2016 19:13:39 +0000 (20:13 +0100)]
Merge branch 'master' into mmn_fixes

8 years agoNotice getRendered() can now be called on uninserted notices
Mikael Nordfeldth [Thu, 25 Feb 2016 14:48:37 +0000 (15:48 +0100)]
Notice getRendered() can now be called on uninserted notices

8 years agosocialfy-your-domain made people think you needed manual interaction
Mikael Nordfeldth [Thu, 25 Feb 2016 11:32:33 +0000 (12:32 +0100)]
socialfy-your-domain made people think you needed manual interaction

I don't know why, but people started following those instructions for no
apparent reason and it ended up causing a bunch of federation issues or
homegrown cron script messes.

Maybe changing the name to "another" instead of "your" domain will make
people stop doing stuff randomly.

8 years agoMerge branch 'master' into mmn_fixes
Mikael Nordfeldth [Thu, 25 Feb 2016 18:47:51 +0000 (19:47 +0100)]
Merge branch 'master' into mmn_fixes

8 years ago$metadata->thumbnail_url is not guaranteed to be set
Mikael Nordfeldth [Thu, 25 Feb 2016 18:46:17 +0000 (19:46 +0100)]
$metadata->thumbnail_url is not guaranteed to be set

We should probably have a separate class for this, so we can more
easily combine different technologies similar to oEmbed/OpenGraph.

8 years ago$metadata->thumbnail_url is not guaranteed to be set
Mikael Nordfeldth [Thu, 25 Feb 2016 18:46:17 +0000 (19:46 +0100)]
$metadata->thumbnail_url is not guaranteed to be set

We should probably have a separate class for this, so we can more
easily combine different technologies similar to oEmbed/OpenGraph.

8 years agoNotice getRendered() can now be called on uninserted notices
Mikael Nordfeldth [Thu, 25 Feb 2016 14:48:37 +0000 (15:48 +0100)]
Notice getRendered() can now be called on uninserted notices

8 years agosocialfy-your-domain made people think you needed manual interaction
Mikael Nordfeldth [Thu, 25 Feb 2016 11:32:33 +0000 (12:32 +0100)]
socialfy-your-domain made people think you needed manual interaction

I don't know why, but people started following those instructions for no
apparent reason and it ended up causing a bunch of federation issues or
homegrown cron script messes.

Maybe changing the name to "another" instead of "your" domain will make
people stop doing stuff randomly.

8 years agoCorrect comment on Notice->conversation in table schema
Mikael Nordfeldth [Wed, 24 Feb 2016 18:34:12 +0000 (19:34 +0100)]
Correct comment on Notice->conversation in table schema

8 years agoFix !group autocomplete
Chimo [Tue, 23 Feb 2016 01:33:25 +0000 (20:33 -0500)]
Fix !group autocomplete

"Call to undefined method User_group::getFullname"

8 years agoFix: Cannot remove OpenID
Chimo [Wed, 24 Feb 2016 17:42:41 +0000 (12:42 -0500)]
Fix: Cannot remove OpenID

OpenidsettingsAction::removeOpenID() was comparing and int with a string
so always displayed "That OpenID does not belong to you."

8 years agoInclude feeds in Link HTTP headers, for easier discovery
Mikael Nordfeldth [Wed, 24 Feb 2016 15:48:44 +0000 (16:48 +0100)]
Include feeds in Link HTTP headers, for easier discovery

8 years agoPublish rel="me" in Link HTTP headers
Mikael Nordfeldth [Wed, 24 Feb 2016 15:43:09 +0000 (16:43 +0100)]
Publish rel="me" in Link HTTP headers

8 years agoAllow easy fetching of rel="me" values
Mikael Nordfeldth [Wed, 24 Feb 2016 15:42:54 +0000 (16:42 +0100)]
Allow easy fetching of rel="me" values

8 years agoDefault to profile size in Avatar::defaultAvatar
Mikael Nordfeldth [Wed, 24 Feb 2016 15:42:35 +0000 (16:42 +0100)]
Default to profile size in Avatar::defaultAvatar

8 years agoUse in_array instead. Now we get third party responses to contextually interesting...
Mikael Nordfeldth [Tue, 23 Feb 2016 23:19:27 +0000 (00:19 +0100)]
Use in_array instead. Now we get third party responses to contextually interesting threads

I think this solves much of the "third party conversation" issues, assuming involved parties
are using modern GNU social instances.

8 years agoCheck the notice context for users in UsersalmonAction
Mikael Nordfeldth [Tue, 23 Feb 2016 22:56:43 +0000 (23:56 +0100)]
Check the notice context for users in UsersalmonAction

8 years agoProperly attach activityobjects
Mikael Nordfeldth [Tue, 23 Feb 2016 22:50:57 +0000 (23:50 +0100)]
Properly attach activityobjects

For some reason they were written to ->object, which is incorrect as
we use the objects[] array (which usually just holds one entry though)

8 years agoCheck that the user is in the context of a salmon slap
Mikael Nordfeldth [Tue, 23 Feb 2016 22:42:41 +0000 (23:42 +0100)]
Check that the user is in the context of a salmon slap

8 years agogetAliases should be only a list (numeric array)
Mikael Nordfeldth [Tue, 23 Feb 2016 13:33:09 +0000 (14:33 +0100)]
getAliases should be only a list (numeric array)

8 years agoLet OpenID match against aliases (fix fancyurl stuff etc.)
Mikael Nordfeldth [Tue, 23 Feb 2016 13:15:08 +0000 (14:15 +0100)]
Let OpenID match against aliases (fix fancyurl stuff etc.)

8 years agogetAliases for Profile and Notice
Mikael Nordfeldth [Tue, 23 Feb 2016 13:00:59 +0000 (14:00 +0100)]
getAliases for Profile and Notice

Also move fancyurlfix into site-wide $config['fix']['fancyurls']

TODO: getByUri should make use of this directly I guess?

8 years agoVerify that authenticated API calls are made from our domain name.
Mikael Nordfeldth [Mon, 22 Feb 2016 14:19:10 +0000 (15:19 +0100)]
Verify that authenticated API calls are made from our domain name.

Evil forms on other websites could otherwise potentially be configured
to have action="https://gnusocial.example/api/statuses/update.json" or
whatever. XHR is already blocked with CORS stuff.

Really, why do browsers allow cross domain POSTs at all? Sigh. The web.

8 years agoMake WebFinger fancyurlfix configurable
Mikael Nordfeldth [Sun, 21 Feb 2016 19:05:32 +0000 (20:05 +0100)]
Make WebFinger fancyurlfix configurable

8 years agoWebFinger aliases with 'index.php/'
Mikael Nordfeldth [Sun, 21 Feb 2016 19:00:07 +0000 (20:00 +0100)]
WebFinger aliases with 'index.php/'

8 years agoClaim that we are the URL without index.php/ in webfinger response
Mikael Nordfeldth [Sun, 21 Feb 2016 18:09:39 +0000 (19:09 +0100)]
Claim that we are the URL without index.php/ in webfinger response

8 years agothrow new, not just throw
Mikael Nordfeldth [Sun, 21 Feb 2016 18:01:37 +0000 (19:01 +0100)]
throw new, not just throw

8 years agoLet the WebFingerPlugin lookup profile resources with index.php/ too
Mikael Nordfeldth [Sun, 21 Feb 2016 17:48:48 +0000 (18:48 +0100)]
Let the WebFingerPlugin lookup profile resources with index.php/ too

8 years agocommon_fake_local_fancy_url to remove index.php/ from a local URL
Mikael Nordfeldth [Sun, 21 Feb 2016 17:48:18 +0000 (18:48 +0100)]
common_fake_local_fancy_url to remove index.php/ from a local URL

8 years agoAllow lookup of User->getByUri (throws NoResultException)
Mikael Nordfeldth [Sun, 21 Feb 2016 17:47:47 +0000 (18:47 +0100)]
Allow lookup of User->getByUri (throws NoResultException)

8 years agoKeep a unique set of WebFingerResource aliases
Mikael Nordfeldth [Sun, 21 Feb 2016 17:47:32 +0000 (18:47 +0100)]
Keep a unique set of WebFingerResource aliases

8 years agoDon't publish mbox_sha1sum in FOAF by default.
Mikael Nordfeldth [Thu, 18 Feb 2016 23:10:05 +0000 (00:10 +0100)]
Don't publish mbox_sha1sum in FOAF by default.

We say the email is private data, so reasonably we shouldn't reveal it
indirectly through a hash sum: http://xmlns.com/foaf/spec/#term_mbox_sha1sum

8 years agoOnly show "public:site" in ToSelector if notice/allowprivate is true
Mikael Nordfeldth [Wed, 17 Feb 2016 23:33:16 +0000 (00:33 +0100)]
Only show "public:site" in ToSelector if notice/allowprivate is true

8 years agoPut "Everyone" and "Everyone at [local instance]" at the top of ToSelector
Mikael Nordfeldth [Wed, 17 Feb 2016 23:32:09 +0000 (00:32 +0100)]
Put "Everyone" and "Everyone at [local instance]" at the top of ToSelector

8 years agoNoAcctUriException->profile not $e directly
Mikael Nordfeldth [Wed, 17 Feb 2016 23:13:59 +0000 (00:13 +0100)]
NoAcctUriException->profile not $e directly

8 years agoSort ToSelector by AcctUri
Mikael Nordfeldth [Wed, 17 Feb 2016 23:05:09 +0000 (00:05 +0100)]
Sort ToSelector by AcctUri

8 years agoUse ToSelector choice again.
Mikael Nordfeldth [Wed, 17 Feb 2016 22:44:15 +0000 (23:44 +0100)]
Use ToSelector choice again.

8 years agoShow notice feed URLs (and author)
Mikael Nordfeldth [Wed, 17 Feb 2016 22:32:56 +0000 (23:32 +0100)]
Show notice feed URLs (and author)

8 years agoTo-selector padlock only shown if site config notice/allowprivate is true
Mikael Nordfeldth [Wed, 17 Feb 2016 22:05:44 +0000 (23:05 +0100)]
To-selector padlock only shown if site config notice/allowprivate is true

8 years agoBy default, disallow users to set private_stream
Mikael Nordfeldth [Wed, 17 Feb 2016 21:58:31 +0000 (22:58 +0100)]
By default, disallow users to set private_stream

8 years agoDescribe that we don't allow empty fullnames.
Mikael Nordfeldth [Wed, 17 Feb 2016 21:48:16 +0000 (22:48 +0100)]
Describe that we don't allow empty fullnames.

8 years agoIf profile fullname is 0 chars use nickname
Mikael Nordfeldth [Wed, 17 Feb 2016 21:43:45 +0000 (22:43 +0100)]
If profile fullname is 0 chars use nickname

8 years agoMake the Link header give URI for WebFinger lookup
Mikael Nordfeldth [Wed, 17 Feb 2016 21:36:33 +0000 (22:36 +0100)]
Make the Link header give URI for WebFinger lookup

8 years agoDifferentiate two similar log warning messages
Mikael Nordfeldth [Wed, 17 Feb 2016 20:57:52 +0000 (21:57 +0100)]
Differentiate two similar log warning messages

8 years agoGotta declare FullNoticeStream as abstract class
Mikael Nordfeldth [Tue, 16 Feb 2016 01:24:38 +0000 (02:24 +0100)]
Gotta declare FullNoticeStream as abstract class

8 years agoFullNoticeStream selects all verbs.
Mikael Nordfeldth [Tue, 16 Feb 2016 01:21:39 +0000 (02:21 +0100)]
FullNoticeStream selects all verbs.

8 years agocreated column was ambigououuuouuus
Mikael Nordfeldth [Mon, 15 Feb 2016 08:59:34 +0000 (09:59 +0100)]
created column was ambigououuuouuus

8 years agoWe only want POST and SHARE in the inbox/home timeline right?
Mikael Nordfeldth [Mon, 15 Feb 2016 08:59:18 +0000 (09:59 +0100)]
We only want POST and SHARE in the inbox/home timeline right?

8 years agoShow shares in public timeline
Mikael Nordfeldth [Sun, 14 Feb 2016 19:53:26 +0000 (20:53 +0100)]
Show shares in public timeline

Also, the unselect rule for DELETE was useless anyway since it would
already have been filtered out by not having true.

(the => false stuff are for when you want ALL _except_ that)

8 years agoUse NoticeStream::filterVerbs for filtering in noticestreams
Mikael Nordfeldth [Sun, 14 Feb 2016 19:46:13 +0000 (20:46 +0100)]
Use NoticeStream::filterVerbs for filtering in noticestreams

8 years agoMight as well put a FILTER_SANITIZE_EMAIL there
Mikael Nordfeldth [Sat, 13 Feb 2016 13:06:05 +0000 (14:06 +0100)]
Might as well put a FILTER_SANITIZE_EMAIL there

Not that I think we could break out of the directory since
we use basename, but you never know... maybe there's a unicode
bug in PHP or something.

8 years agosocialfy-your-domain updated for webfinger (not tested)
Mikael Nordfeldth [Sat, 13 Feb 2016 12:57:15 +0000 (13:57 +0100)]
socialfy-your-domain updated for webfinger (not tested)

8 years agoHide attachments in notices by silenced profiles
Mikael Nordfeldth [Sat, 13 Feb 2016 12:17:39 +0000 (13:17 +0100)]
Hide attachments in notices by silenced profiles

8 years agolistGet was not meant for that really
Mikael Nordfeldth [Sat, 13 Feb 2016 00:19:47 +0000 (01:19 +0100)]
listGet was not meant for that really

8 years agoRender RegiserThrottle extra profile data properly
Mikael Nordfeldth [Sat, 13 Feb 2016 00:16:34 +0000 (01:16 +0100)]
Render RegiserThrottle extra profile data properly

8 years agoDon't depend on ModLog
Mikael Nordfeldth [Sat, 13 Feb 2016 00:10:01 +0000 (01:10 +0100)]
Don't depend on ModLog

8 years agoRegisterThrottle list-profiles-by-ip
Mikael Nordfeldth [Sat, 13 Feb 2016 00:02:18 +0000 (01:02 +0100)]
RegisterThrottle list-profiles-by-ip

8 years agoShow user registration IP to users who can see ModLog
Mikael Nordfeldth [Fri, 12 Feb 2016 23:51:43 +0000 (00:51 +0100)]
Show user registration IP to users who can see ModLog

8 years agoOnly administrators can delete other privileged users.
Mikael Nordfeldth [Fri, 12 Feb 2016 14:00:18 +0000 (15:00 +0100)]
Only administrators can delete other privileged users.

8 years agoProfile->isPrivileged() to check if users have more rights than to post etc.
Mikael Nordfeldth [Fri, 12 Feb 2016 13:47:49 +0000 (14:47 +0100)]
Profile->isPrivileged() to check if users have more rights than to post etc.

8 years agoUpdate the comment on silencing privileged users in ModHelper
Mikael Nordfeldth [Fri, 12 Feb 2016 13:38:03 +0000 (14:38 +0100)]
Update the comment on silencing privileged users in ModHelper

8 years agoSilence action can only be used on non-priviliged users
Mikael Nordfeldth [Fri, 12 Feb 2016 13:22:25 +0000 (14:22 +0100)]
Silence action can only be used on non-priviliged users

8 years agoAdd Profile::ensureCurrent() to verify we _certainly_ got a Profile.
Mikael Nordfeldth [Fri, 12 Feb 2016 12:52:48 +0000 (13:52 +0100)]
Add Profile::ensureCurrent() to verify we _certainly_ got a Profile.

8 years agofile and avatar dirs on instances with no such dirs in filesystem
Mikael Nordfeldth [Fri, 12 Feb 2016 01:29:33 +0000 (02:29 +0100)]
file and avatar dirs on instances with no such dirs in filesystem

8 years agoFix Nickname::isSystemPath() work properly for routes
Mikael Nordfeldth [Fri, 12 Feb 2016 01:21:11 +0000 (02:21 +0100)]
Fix Nickname::isSystemPath() work properly for routes

8 years agoDo not delete_orphan_files on an instance with Qvitter
Mikael Nordfeldth [Fri, 12 Feb 2016 00:45:47 +0000 (01:45 +0100)]
Do not delete_orphan_files on an instance with Qvitter

8 years agoAnd LEFT JOIN to actually get all results
Mikael Nordfeldth [Thu, 11 Feb 2016 23:05:36 +0000 (00:05 +0100)]
And LEFT JOIN to actually get all results

8 years ago...and avoid duplicate results...
Mikael Nordfeldth [Thu, 11 Feb 2016 22:38:12 +0000 (23:38 +0100)]
...and avoid duplicate results...

8 years agoAurhg, and get all the properties, not just id
Mikael Nordfeldth [Thu, 11 Feb 2016 21:54:29 +0000 (22:54 +0100)]
Aurhg, and get all the properties, not just id

8 years agoHaha, it essentially became a NOOP with the last commit
Mikael Nordfeldth [Thu, 11 Feb 2016 21:49:45 +0000 (22:49 +0100)]
Haha, it essentially became a NOOP with the last commit

8 years agoFixed the delete orphan script to include deleted notices
Mikael Nordfeldth [Thu, 11 Feb 2016 21:43:26 +0000 (22:43 +0100)]
Fixed the delete orphan script to include deleted notices

The file_to_post table sometimes had post_id with values that did not
exist in the notice table.

8 years agoDelete orphan files maintenance script
Mikael Nordfeldth [Thu, 11 Feb 2016 21:19:56 +0000 (22:19 +0100)]
Delete orphan files maintenance script

When deleting a profile it'll delete its notices and the coupling to
file entries, but not the file entries themselves (and thus not the
files). So if one to delete a person uploading offending images, then
the images are left behind and can be hotlinked. This will remove it.

8 years agoXMPP URI scheme for HTMLPurifier
Mikael Nordfeldth [Thu, 11 Feb 2016 20:18:44 +0000 (21:18 +0100)]
XMPP URI scheme for HTMLPurifier

8 years agoapplication/xml allowed in uploads
Mikael Nordfeldth [Wed, 10 Feb 2016 23:04:14 +0000 (00:04 +0100)]
application/xml allowed in uploads

8 years agoStricter exception check
Mikael Nordfeldth [Wed, 10 Feb 2016 03:43:30 +0000 (04:43 +0100)]
Stricter exception check

8 years agoUse thumbnail upscaling config value
Mikael Nordfeldth [Wed, 10 Feb 2016 03:40:54 +0000 (04:40 +0100)]
Use thumbnail upscaling config value

8 years agoDefault to avoid upscaling of thumbnails. 45x45=>450x450 is ugly
Mikael Nordfeldth [Wed, 10 Feb 2016 03:40:10 +0000 (04:40 +0100)]
Default to avoid upscaling of thumbnails. 45x45=>450x450 is ugly

8 years agoAllow finding the "original remote thumbnail"
Mikael Nordfeldth [Wed, 10 Feb 2016 03:37:43 +0000 (04:37 +0100)]
Allow finding the "original remote thumbnail"

This will probably cause older oEmbed images not to show, since they
probably were updated to use empty url entries because they were thought
of as local ones. During a migration period maybe you want to change
the default value of notNullUrl to 'false' in File_thumbnail::byFile(...)

8 years agoAdd urlhash field to File_thumbnail for indexing
Mikael Nordfeldth [Wed, 10 Feb 2016 03:15:41 +0000 (04:15 +0100)]
Add urlhash field to File_thumbnail for indexing

8 years agoManaged_DataObject gets onInsert and onUpdate
Mikael Nordfeldth [Wed, 10 Feb 2016 02:37:27 +0000 (03:37 +0100)]
Managed_DataObject gets onInsert and onUpdate

8 years agobackground is not used, so removed from documentation
Mikael Nordfeldth [Wed, 10 Feb 2016 01:32:17 +0000 (02:32 +0100)]
background is not used, so removed from documentation

8 years agoDocument site/sslproxy config value
Mikael Nordfeldth [Wed, 10 Feb 2016 00:11:43 +0000 (01:11 +0100)]
Document site/sslproxy config value

Should be put into installation configuration too. Maybe a sample
and commented out entry in config.php as well.

8 years agoUse config site/sslproxy to force HTTPS (i.e. using reverse proxy to enable it)
Mikael Nordfeldth [Wed, 10 Feb 2016 00:05:02 +0000 (01:05 +0100)]
Use config site/sslproxy to force HTTPS (i.e. using reverse proxy to enable it)

Usage in config.php: $config['site']['sslproxy'] = true;

Add this to documentation...

8 years agoEither use or don't use HTTPS
Mikael Nordfeldth [Tue, 9 Feb 2016 23:57:39 +0000 (00:57 +0100)]
Either use or don't use HTTPS

The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...

8 years agos/isHTTPS/useHTTPS/ for HTTPS URL generation
Mikael Nordfeldth [Tue, 9 Feb 2016 23:38:14 +0000 (00:38 +0100)]
s/isHTTPS/useHTTPS/ for HTTPS URL generation

8 years agobitcoin schema for HTMLPurifier
Mikael Nordfeldth [Mon, 8 Feb 2016 19:20:31 +0000 (20:20 +0100)]
bitcoin schema for HTMLPurifier

8 years agoRequire the license with HTML5
Mikael Nordfeldth [Mon, 8 Feb 2016 16:56:35 +0000 (17:56 +0100)]
Require the license with HTML5

8 years agoLog failed captcha entries
Mikael Nordfeldth [Mon, 8 Feb 2016 16:51:21 +0000 (17:51 +0100)]
Log failed captcha entries

8 years agoSimpleCaptcha plugin to stop basic bots
Mikael Nordfeldth [Mon, 8 Feb 2016 16:47:09 +0000 (17:47 +0100)]
SimpleCaptcha plugin to stop basic bots