summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorEvan Prodromou <evan@status.net>2010-08-03 16:04:54 -0700
committerEvan Prodromou <evan@status.net>2010-08-03 16:04:54 -0700
commit004e42e3e0606f0f9e5c8b6cd4512e5d870cd56e (patch)
treeab895f7609c8afeeadf3439c860b69d0cffcbb5e /lib
parentd2234580357349a6887a2321e69d11de7bb29106 (diff)
parentfdd9aa58e3caf87096e1c1dcfa8b2f286b04e4b1 (diff)
Merge remote branch 'gitorious/1.0.x' into 1.0.x
Diffstat (limited to 'lib')
-rw-r--r--lib/action.php12
-rw-r--r--lib/activity.php14
-rw-r--r--lib/activityutils.php12
-rw-r--r--lib/adminpanelaction.php3
-rw-r--r--lib/apiaction.php212
-rw-r--r--lib/apiauth.php22
-rw-r--r--lib/apibareauth.php3
-rw-r--r--lib/apiprivateauth.php1
-rw-r--r--lib/atomgroupnoticefeed.php24
-rw-r--r--lib/atomnoticefeed.php24
-rw-r--r--lib/atomusernoticefeed.php5
-rw-r--r--lib/authenticationplugin.php1
-rw-r--r--lib/authorizationplugin.php1
-rw-r--r--lib/avatarlink.php2
-rw-r--r--lib/common.php10
-rw-r--r--lib/connectsettingsaction.php4
-rw-r--r--lib/dbqueuemanager.php4
-rw-r--r--lib/default.php19
-rw-r--r--lib/distribqueuehandler.php17
-rw-r--r--lib/httpclient.php14
-rw-r--r--lib/implugin.php32
-rw-r--r--lib/installer.php29
-rw-r--r--lib/language.php27
-rw-r--r--lib/liberalstomp.php27
-rw-r--r--lib/mail.php34
-rw-r--r--lib/mailhandler.php4
-rw-r--r--lib/mediafile.php54
-rw-r--r--lib/noticelist.php72
-rw-r--r--lib/pgsqlschema.php55
-rw-r--r--lib/ping.php10
-rw-r--r--lib/plugin.php1
-rw-r--r--lib/popularnoticesection.php2
-rw-r--r--lib/profileformaction.php13
-rw-r--r--lib/redirectingaction.php9
-rw-r--r--lib/router.php33
-rw-r--r--lib/stompqueuemanager.php21
-rw-r--r--lib/theme.php82
-rw-r--r--lib/themeuploader.php311
-rw-r--r--lib/util.php103
-rw-r--r--lib/xrdsoutputter.php1
40 files changed, 1056 insertions, 268 deletions
diff --git a/lib/action.php b/lib/action.php
index 4296ae7de..2b3b707c5 100644
--- a/lib/action.php
+++ b/lib/action.php
@@ -235,6 +235,16 @@ class Action extends HTMLOutputter // lawsuit
Event::handle('EndShowDesign', array($this));
}
Event::handle('EndShowStyles', array($this));
+
+ if (common_config('custom_css', 'enabled')) {
+ $css = common_config('custom_css', 'css');
+ if (Event::handle('StartShowCustomCss', array($this, &$css))) {
+ if (trim($css) != '') {
+ $this->style($css);
+ }
+ Event::handle('EndShowCustomCss', array($this));
+ }
+ }
}
}
@@ -467,7 +477,7 @@ class Action extends HTMLOutputter // lawsuit
_m('MENU', 'Logout'), $tooltip, false, 'nav_logout');
}
else {
- if (!common_config('site', 'closed')) {
+ if (!common_config('site', 'closed') && !common_config('site', 'inviteonly')) {
// TRANS: Tooltip for main menu option "Register"
$tooltip = _m('TOOLTIP', 'Create an account');
$this->menuItem(common_local_url('register'),
diff --git a/lib/activity.php b/lib/activity.php
index 365bb6258..8e2da99bb 100644
--- a/lib/activity.php
+++ b/lib/activity.php
@@ -83,6 +83,7 @@ class Activity
const CREATOR = 'creator';
const CONTENTNS = 'http://purl.org/rss/1.0/modules/content/';
+ const ENCODED = 'encoded';
public $actor; // an ActivityObject
public $verb; // a string (the URL)
@@ -269,14 +270,21 @@ class Activity
$this->title = ActivityUtils::childContent($item, ActivityObject::TITLE, self::RSS);
- $contentEl = ActivityUtils::child($item, ActivityUtils::CONTENT, self::CONTENTNS);
+ $contentEl = ActivityUtils::child($item, self::ENCODED, self::CONTENTNS);
if (!empty($contentEl)) {
- $this->content = htmlspecialchars_decode($contentEl->textContent, ENT_QUOTES);
+ // <content:encoded> XML node's text content is HTML; no further processing needed.
+ $this->content = $contentEl->textContent;
} else {
$descriptionEl = ActivityUtils::child($item, self::DESCRIPTION, self::RSS);
if (!empty($descriptionEl)) {
- $this->content = htmlspecialchars_decode($descriptionEl->textContent, ENT_QUOTES);
+ // Per spec, <description> must be plaintext.
+ // In practice, often there's HTML... but these days good
+ // feeds are using <content:encoded> which is explicitly
+ // real HTML.
+ // We'll treat this following spec, and do HTML escaping
+ // to convert from plaintext to HTML.
+ $this->content = htmlspecialchars($descriptionEl->textContent);
}
}
diff --git a/lib/activityutils.php b/lib/activityutils.php
index a7e99fb11..401fd7fc2 100644
--- a/lib/activityutils.php
+++ b/lib/activityutils.php
@@ -213,11 +213,19 @@ class ActivityUtils
// slavishly following http://atompub.org/rfc4287.html#rfc.section.4.1.3.3
if (empty($type) || $type == 'text') {
- return $el->textContent;
+ // We have plaintext saved as the XML text content.
+ // Since we want HTML, we need to escape any special chars.
+ return htmlspecialchars($el->textContent);
} else if ($type == 'html') {
+ // We have HTML saved as the XML text content.
+ // No additional processing required once we've got it.
$text = $el->textContent;
- return htmlspecialchars_decode($text, ENT_QUOTES);
+ return $text;
} else if ($type == 'xhtml') {
+ // Per spec, the <content type="xhtml"> contains a single
+ // HTML <div> with XHTML namespace on it as a child node.
+ // We need to pull all of that <div>'s child nodes and
+ // serialize them back to an (X)HTML source fragment.
$divEl = ActivityUtils::child($el, 'div', 'http://www.w3.org/1999/xhtml');
if (empty($divEl)) {
return null;
diff --git a/lib/adminpanelaction.php b/lib/adminpanelaction.php
index 6c9947608..9e0b2d041 100644
--- a/lib/adminpanelaction.php
+++ b/lib/adminpanelaction.php
@@ -284,9 +284,10 @@ class AdminPanelAction extends Action
$this->clientError(_("Unable to delete design setting."));
return null;
}
+ return $result;
}
- return $result;
+ return null;
}
function canAdmin($name)
diff --git a/lib/apiaction.php b/lib/apiaction.php
index d5580abd3..e6b516453 100644
--- a/lib/apiaction.php
+++ b/lib/apiaction.php
@@ -28,14 +28,78 @@
* @author Toby Inkster <mail@tobyinkster.co.uk>
* @author Zach Copley <zach@status.net>
* @copyright 2009 StatusNet, Inc.
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
+/* External API usage documentation. Please update when you change how the API works. */
+
+/*! @mainpage StatusNet REST API
+
+ @section Introduction
+
+ Some explanatory text about the API would be nice.
+
+ @section API Methods
+
+ @subsection timelinesmethods_sec Timeline Methods
+
+ @li @ref publictimeline
+ @li @ref friendstimeline
+
+ @subsection statusmethods_sec Status Methods
+
+ @li @ref statusesupdate
+
+ @subsection usermethods_sec User Methods
+
+ @subsection directmessagemethods_sec Direct Message Methods
+
+ @subsection friendshipmethods_sec Friendship Methods
+
+ @subsection socialgraphmethods_sec Social Graph Methods
+
+ @subsection accountmethods_sec Account Methods
+
+ @subsection favoritesmethods_sec Favorites Methods
+
+ @subsection blockmethods_sec Block Methods
+
+ @subsection oauthmethods_sec OAuth Methods
+
+ @subsection helpmethods_sec Help Methods
+
+ @subsection groupmethods_sec Group Methods
+
+ @page apiroot API Root
+
+ The URLs for methods referred to in this API documentation are
+ relative to the StatusNet API root. The API root is determined by the
+ site's @b server and @b path variables, which are generally specified
+ in config.php. For example:
+
+ @code
+ $config['site']['server'] = 'example.org';
+ $config['site']['path'] = 'statusnet'
+ @endcode
+
+ The pattern for a site's API root is: @c protocol://server/path/api E.g:
+
+ @c http://example.org/statusnet/api
+
+ The @b path can be empty. In that case the API root would simply be:
+
+ @c http://example.org/api
+
+*/
+
if (!defined('STATUSNET')) {
exit(1);
}
+class ApiValidationException extends Exception { }
+
/**
* Contains most of the Twitter-compatible API output functions.
*
@@ -63,9 +127,12 @@ class ApiAction extends Action
var $count = null;
var $max_id = null;
var $since_id = null;
+ var $source = null;
var $access = self::READ_ONLY; // read (default) or read-write
+ static $reserved_sources = array('web', 'omb', 'ostatus', 'mail', 'xmpp', 'api');
+
/**
* Initialization.
*
@@ -89,6 +156,12 @@ class ApiAction extends Action
header('X-StatusNet-Warning: since parameter is disabled; use since_id');
}
+ $this->source = $this->trimmed('source');
+
+ if (empty($this->source) || in_array($this->source, self::$reserved_sources)) {
+ $this->source = 'api';
+ }
+
return true;
}
@@ -200,11 +273,13 @@ class ApiAction extends Action
// Is the requesting user following this user?
$twitter_user['following'] = false;
+ $twitter_user['statusnet:blocking'] = false;
$twitter_user['notifications'] = false;
if (isset($this->auth_user)) {
$twitter_user['following'] = $this->auth_user->isSubscribed($profile);
+ $twitter_user['statusnet:blocking'] = $this->auth_user->hasBlocked($profile);
// Notifications on?
$sub = Subscription::pkeyGet(array('subscriber' =>
@@ -224,6 +299,10 @@ class ApiAction extends Action
}
}
+ // StatusNet-specific
+
+ $twitter_user['statusnet:profile_url'] = $profile->profileurl;
+
return $twitter_user;
}
@@ -252,7 +331,23 @@ class ApiAction extends Action
$twitter_status['created_at'] = $this->dateTwitter($notice->created);
$twitter_status['in_reply_to_status_id'] = ($notice->reply_to) ?
intval($notice->reply_to) : null;
- $twitter_status['source'] = $this->sourceLink($notice->source);
+
+ $source = null;
+
+ $ns = $notice->getSource();
+ if ($ns) {
+ if (!empty($ns->name) && !empty($ns->url)) {
+ $source = '<a href="'
+ . htmlspecialchars($ns->url)
+ . '" rel="nofollow">'
+ . htmlspecialchars($ns->name)
+ . '</a>';
+ } else {
+ $source = $ns->code;
+ }
+ }
+
+ $twitter_status['source'] = $source;
$twitter_status['id'] = intval($notice->id);
$replier_profile = null;
@@ -309,25 +404,41 @@ class ApiAction extends Action
$twitter_status['user'] = $twitter_user;
}
+ // StatusNet-specific
+
+ $twitter_status['statusnet:html'] = $notice->rendered;
+
return $twitter_status;
}
function twitterGroupArray($group)
{
- $twitter_group=array();
- $twitter_group['id']=$group->id;
- $twitter_group['url']=$group->permalink();
- $twitter_group['nickname']=$group->nickname;
- $twitter_group['fullname']=$group->fullname;
- $twitter_group['original_logo']=$group->original_logo;
- $twitter_group['homepage_logo']=$group->homepage_logo;
- $twitter_group['stream_logo']=$group->stream_logo;
- $twitter_group['mini_logo']=$group->mini_logo;
- $twitter_group['homepage']=$group->homepage;
- $twitter_group['description']=$group->description;
- $twitter_group['location']=$group->location;
- $twitter_group['created']=$this->dateTwitter($group->created);
- $twitter_group['modified']=$this->dateTwitter($group->modified);
+ $twitter_group = array();
+
+ $twitter_group['id'] = $group->id;
+ $twitter_group['url'] = $group->permalink();
+ $twitter_group['nickname'] = $group->nickname;
+ $twitter_group['fullname'] = $group->fullname;
+
+ if (isset($this->auth_user)) {
+ $twitter_group['member'] = $this->auth_user->isMember($group);
+ $twitter_group['blocked'] = Group_block::isBlocked(
+ $group,
+ $this->auth_user->getProfile()
+ );
+ }
+
+ $twitter_group['member_count'] = $group->getMemberCount();
+ $twitter_group['original_logo'] = $group->original_logo;
+ $twitter_group['homepage_logo'] = $group->homepage_logo;
+ $twitter_group['stream_logo'] = $group->stream_logo;
+ $twitter_group['mini_logo'] = $group->mini_logo;
+ $twitter_group['homepage'] = $group->homepage;
+ $twitter_group['description'] = $group->description;
+ $twitter_group['location'] = $group->location;
+ $twitter_group['created'] = $this->dateTwitter($group->created);
+ $twitter_group['modified'] = $this->dateTwitter($group->modified);
+
return $twitter_group;
}
@@ -476,9 +587,13 @@ class ApiAction extends Action
}
}
- function showTwitterXmlStatus($twitter_status, $tag='status')
+ function showTwitterXmlStatus($twitter_status, $tag='status', $namespaces=false)
{
- $this->elementStart($tag);
+ $attrs = array();
+ if ($namespaces) {
+ $attrs['xmlns:statusnet'] = 'http://status.net/schema/api/1/';
+ }
+ $this->elementStart($tag, $attrs);
foreach($twitter_status as $element => $value) {
switch ($element) {
case 'user':
@@ -512,9 +627,13 @@ class ApiAction extends Action
$this->elementEnd('group');
}
- function showTwitterXmlUser($twitter_user, $role='user')
+ function showTwitterXmlUser($twitter_user, $role='user', $namespaces=false)
{
- $this->elementStart($role);
+ $attrs = array();
+ if ($namespaces) {
+ $attrs['xmlns:statusnet'] = 'http://status.net/schema/api/1/';
+ }
+ $this->elementStart($role, $attrs);
foreach($twitter_user as $element => $value) {
if ($element == 'status') {
$this->showTwitterXmlStatus($twitter_user['status']);
@@ -596,7 +715,7 @@ class ApiAction extends Action
{
$this->initDocument('xml');
$twitter_status = $this->twitterStatusArray($notice);
- $this->showTwitterXmlStatus($twitter_status);
+ $this->showTwitterXmlStatus($twitter_status, 'status', true);
$this->endDocument('xml');
}
@@ -612,7 +731,8 @@ class ApiAction extends Action
{
$this->initDocument('xml');
- $this->elementStart('statuses', array('type' => 'array'));
+ $this->elementStart('statuses', array('type' => 'array',
+ 'xmlns:statusnet' => 'http://status.net/schema/api/1/'));
if (is_array($notice)) {
foreach ($notice as $n) {
@@ -779,9 +899,13 @@ class ApiAction extends Action
$this->elementEnd('entry');
}
- function showXmlDirectMessage($dm)
+ function showXmlDirectMessage($dm, $namespaces=false)
{
- $this->elementStart('direct_message');
+ $attrs = array();
+ if ($namespaces) {
+ $attrs['xmlns:statusnet'] = 'http://status.net/schema/api/1/';
+ }
+ $this->elementStart('direct_message', $attrs);
foreach($dm as $element => $value) {
switch ($element) {
case 'sender':
@@ -858,7 +982,7 @@ class ApiAction extends Action
{
$this->initDocument('xml');
$dmsg = $this->directMessageArray($message);
- $this->showXmlDirectMessage($dmsg);
+ $this->showXmlDirectMessage($dmsg, true);
$this->endDocument('xml');
}
@@ -975,7 +1099,8 @@ class ApiAction extends Action
{
$this->initDocument('xml');
- $this->elementStart('users', array('type' => 'array'));
+ $this->elementStart('users', array('type' => 'array',
+ 'xmlns:statusnet' => 'http://status.net/schema/api/1/'));
if (is_array($user)) {
foreach ($user as $u) {
@@ -1293,43 +1418,6 @@ class ApiAction extends Action
}
}
- function sourceLink($source)
- {
- $source_name = _($source);
- switch ($source) {
- case 'web':
- case 'xmpp':
- case 'mail':
- case 'omb':
- case 'api':
- break;
- default:
-
- $name = null;
- $url = null;
-
- $ns = Notice_source::staticGet($source);
-
- if ($ns) {
- $name = $ns->name;
- $url = $ns->url;
- } else {
- $app = Oauth_application::staticGet('name', $source);
- if ($app) {
- $name = $app->name;
- $url = $app->source_url;
- }
- }
-
- if (!empty($name) && !empty($url)) {
- $source_name = '<a href="' . $url . '">' . $name . '</a>';
- }
-
- break;
- }
- return $source_name;
- }
-
/**
* Returns query argument or default value if not found. Certain
* parameters used throughout the API are lightly scrubbed and
diff --git a/lib/apiauth.php b/lib/apiauth.php
index d6ad7e021..91cb64262 100644
--- a/lib/apiauth.php
+++ b/lib/apiauth.php
@@ -30,10 +30,29 @@
* @author Sarven Capadisli <csarven@status.net>
* @author Zach Copley <zach@status.net>
* @copyright 2009-2010 StatusNet, Inc.
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
+/* External API usage documentation. Please update when you change how this method works. */
+
+/*! @page authentication Authentication
+
+ StatusNet supports HTTP Basic Authentication and OAuth for API calls.
+
+ @warning Currently, users who have created accounts without setting a
+ password via OpenID, Facebook Connect, etc., cannot use the API until
+ they set a password with their account settings panel.
+
+ @section HTTP Basic Auth
+
+
+
+ @section OAuth
+
+*/
+
if (!defined('STATUSNET')) {
exit(1);
}
@@ -54,7 +73,6 @@ class ApiAuthAction extends ApiAction
{
var $auth_user_nickname = null;
var $auth_user_password = null;
- var $oauth_source = null;
/**
* Take arguments for running, looks for an OAuth request,
@@ -163,7 +181,7 @@ class ApiAuthAction extends ApiAction
// set the source attr
- $this->oauth_source = $app->name;
+ $this->source = $app->name;
$appUser = Oauth_application_user::staticGet('token', $access_token);
diff --git a/lib/apibareauth.php b/lib/apibareauth.php
index 2d29c1ddd..da7af1261 100644
--- a/lib/apibareauth.php
+++ b/lib/apibareauth.php
@@ -32,6 +32,7 @@
* @author Sarven Capadisli <csarven@status.net>
* @author Zach Copley <zach@status.net>
* @copyright 2009 StatusNet, Inc.
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
@@ -106,4 +107,4 @@ class ApiBareAuthAction extends ApiAuthAction
return false;
}
-} \ No newline at end of file
+}
diff --git a/lib/apiprivateauth.php b/lib/apiprivateauth.php
index 5d0033005..5e78c65a1 100644
--- a/lib/apiprivateauth.php
+++ b/lib/apiprivateauth.php
@@ -31,6 +31,7 @@
* @author Sarven Capadisli <csarven@status.net>
* @author Zach Copley <zach@status.net>
* @copyright 2009 StatusNet, Inc.
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
diff --git a/lib/atomgroupnoticefeed.php b/lib/atomgroupnoticefeed.php
index b4810d04a..39a1fd456 100644
--- a/lib/atomgroupnoticefeed.php
+++ b/lib/atomgroupnoticefeed.php
@@ -50,12 +50,13 @@ class AtomGroupNoticeFeed extends AtomNoticeFeed
* Constructor
*
* @param Group $group the group for the feed
+ * @param User $cur the current authenticated user, if any
* @param boolean $indent flag to turn indenting on or off
*
* @return void
*/
- function __construct($group, $indent = true) {
- parent::__construct($indent);
+ function __construct($group, $cur = null, $indent = true) {
+ parent::__construct($cur, $indent);
$this->group = $group;
// TRANS: Title in atom group notice feed. %s is a group name.
@@ -95,4 +96,23 @@ class AtomGroupNoticeFeed extends AtomNoticeFeed
return $this->group;
}
+ function initFeed()
+ {
+ parent::initFeed();
+
+ $attrs = array();
+
+ if (!empty($this->cur)) {
+ $attrs['member'] = $this->cur->isMember($this->group)
+ ? 'true' : 'false';
+ $attrs['blocked'] = Group_block::isBlocked(
+ $this->group,
+ $this->cur->getProfile()
+ ) ? 'true' : 'false';
+ }
+
+ $attrs['member_count'] = $this->group->getMemberCount();
+
+ $this->element('statusnet:group_info', $attrs, null);
+ }
}
diff --git a/lib/atomnoticefeed.php b/lib/atomnoticefeed.php
index e4df731fe..6ed803ce4 100644
--- a/lib/atomnoticefeed.php
+++ b/lib/atomnoticefeed.php
@@ -44,9 +44,22 @@ if (!defined('STATUSNET'))
*/
class AtomNoticeFeed extends Atom10Feed
{
- function __construct($indent = true) {
+ var $cur;
+
+ /**
+ * Constructor - adds a bunch of XML namespaces we need in our
+ * notice-specific Atom feeds, and allows setting the current
+ * authenticated user (useful for API methods).
+ *
+ * @param User $cur the current authenticated user (optional)
+ * @param boolean $indent Whether to indent XML output
+ *
+ */
+ function __construct($cur = null, $indent = true) {
parent::__construct($indent);
+ $this->cur = $cur;
+
// Feeds containing notice info use these namespaces
$this->addNamespace(
@@ -79,6 +92,11 @@ class AtomNoticeFeed extends Atom10Feed
'ostatus',
'http://ostatus.org/schema/1.0'
);
+
+ $this->addNamespace(
+ 'statusnet',
+ 'http://status.net/schema/api/1/'
+ );
}
/**
@@ -110,7 +128,9 @@ class AtomNoticeFeed extends Atom10Feed
$source = $this->showSource();
$author = $this->showAuthor();
- $this->addEntryRaw($notice->asAtomEntry(false, $source, $author));
+ $cur = empty($this->cur) ? common_current_user() : $this->cur;
+
+ $this->addEntryRaw($notice->asAtomEntry(false, $source, $author, $cur));
}
function showSource()
diff --git a/lib/atomusernoticefeed.php b/lib/atomusernoticefeed.php
index acfcbd75f..785db4915 100644
--- a/lib/atomusernoticefeed.php
+++ b/lib/atomusernoticefeed.php
@@ -50,13 +50,14 @@ class AtomUserNoticeFeed extends AtomNoticeFeed
* Constructor
*
* @param User $user the user for the feed
+ * @param User $cur the current authenticated user, if any
* @param boolean $indent flag to turn indenting on or off
*
* @return void
*/
- function __construct($user, $indent = true) {
- parent::__construct($indent);
+ function __construct($user, $cur = null, $indent = true) {
+ parent::__construct($cur, $indent);
$this->user = $user;
if (!empty($user)) {
$profile = $user->getProfile();
diff --git a/lib/authenticationplugin.php b/lib/authenticationplugin.php
index 0a3763e2e..dbdf20629 100644
--- a/lib/authenticationplugin.php
+++ b/lib/authenticationplugin.php
@@ -22,6 +22,7 @@
* @category Plugin
* @package StatusNet
* @author Craig Andrews <candrews@integralblue.com>
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
diff --git a/lib/authorizationplugin.php b/lib/authorizationplugin.php
index 3790bccf4..d71f77243 100644
--- a/lib/authorizationplugin.php
+++ b/lib/authorizationplugin.php
@@ -22,6 +22,7 @@
* @category Plugin
* @package StatusNet
* @author Craig Andrews <candrews@integralblue.com>
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
diff --git a/lib/avatarlink.php b/lib/avatarlink.php
index e67799e2e..7d4256d6e 100644
--- a/lib/avatarlink.php
+++ b/lib/avatarlink.php
@@ -76,8 +76,8 @@ class AvatarLink
$alink = new AvatarLink();
$alink->url = $filename;
$alink->height = $size;
+ $alink->width = $size;
if (!empty($filename)) {
- $alink->width = $size;
$alink->type = self::mediatype($filename);
} else {
$alink->url = User_group::defaultLogo($size);
diff --git a/lib/common.php b/lib/common.php
index 45946c216..72a1b7075 100644
--- a/lib/common.php
+++ b/lib/common.php
@@ -22,10 +22,10 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
//exit with 200 response, if this is checking fancy from the installer
if (isset($_REQUEST['p']) && $_REQUEST['p'] == 'check-fancy') { exit; }
-define('STATUSNET_VERSION', '0.9.1');
+define('STATUSNET_VERSION', '0.9.2');
define('LACONICA_VERSION', STATUSNET_VERSION); // compatibility
-define('STATUSNET_CODENAME', 'Everybody Hurts');
+define('STATUSNET_CODENAME', 'King of Birds');
define('AVATAR_PROFILE_SIZE', 96);
define('AVATAR_STREAM_SIZE', 48);
@@ -132,6 +132,12 @@ require_once INSTALLDIR.'/lib/serverexception.php';
//set PEAR error handling to use regular PHP exceptions
function PEAR_ErrorToPEAR_Exception($err)
{
+ //DB_DataObject throws error when an empty set would be returned
+ //That behavior is weird, and not how the rest of StatusNet works.
+ //So just ignore those errors.
+ if ($err->getCode() == DB_DATAOBJECT_ERROR_NODATA) {
+ return;
+ }
if ($err->getCode()) {
throw new PEAR_Exception($err->getMessage(), $err->getCode());
}
diff --git a/lib/connectsettingsaction.php b/lib/connectsettingsaction.php
index b9c14799e..5d62fc56b 100644
--- a/lib/connectsettingsaction.php
+++ b/lib/connectsettingsaction.php
@@ -105,7 +105,9 @@ class ConnectSettingsNav extends Widget
# action => array('prompt', 'title')
$menu = array();
- if (common_config('xmpp', 'enabled')) {
+ $transports = array();
+ Event::handle('GetImTransports', array(&$transports));
+ if ($transports) {
$menu['imsettings'] =
array(_('IM'),
_('Updates by instant messenger (IM)'));
diff --git a/lib/dbqueuemanager.php b/lib/dbqueuemanager.php
index 3032e4ec7..3dda9fd1a 100644
--- a/lib/dbqueuemanager.php
+++ b/lib/dbqueuemanager.php
@@ -135,9 +135,7 @@ class DBQueueManager extends QueueManager
if (empty($qi->claimed)) {
$this->_log(LOG_WARNING, "[$queue:item $qi->id] Ignoring failure for unclaimed queue item");
} else {
- $orig = clone($qi);
- $qi->claimed = null;
- $qi->update($orig);
+ $qi->releaseClaim();
}
$this->stats('error', $queue);
diff --git a/lib/default.php b/lib/default.php
index dec08fc06..e0081f316 100644
--- a/lib/default.php
+++ b/lib/default.php
@@ -141,10 +141,17 @@ $default =
'dir' => null,
'path'=> null,
'ssl' => null),
+ 'theme_upload' =>
+ array('enabled' => extension_loaded('zip')),
'javascript' =>
array('server' => null,
'path'=> null,
'ssl' => null),
+ 'local' => // To override path/server for themes in 'local' dir (not currently applied to local plugins)
+ array('server' => null,
+ 'dir' => null,
+ 'path' => null,
+ 'ssl' => null),
'throttle' =>
array('enabled' => false, // whether to throttle edits; false by default
'count' => 20, // number of allowed messages in timespan
@@ -188,7 +195,8 @@ $default =
'cache' =>
array('base' => null),
'ping' =>
- array('notify' => array()),
+ array('notify' => array(),
+ 'timeout' => 2),
'inboxes' =>
array('enabled' => true), # ignored after 0.9.x
'newuser' =>
@@ -259,6 +267,9 @@ $default =
'linkcolor' => null,
'backgroundimage' => null,
'disposition' => null),
+ 'custom_css' =>
+ array('enabled' => true,
+ 'css' => ''),
'notice' =>
array('contentlimit' => null),
'message' =>
@@ -286,6 +297,7 @@ $default =
'OStatus' => null,
'WikiHashtags' => null,
'RSSCloud' => null,
+ 'ClientSideShorten' => null,
'OpenID' => null),
),
'pluginlist' => array(),
@@ -307,5 +319,8 @@ $default =
'url' =>
array('shortener' => 'ur1.ca',
'maxlength' => 25,
- 'maxnoticelength' => -1)
+ 'maxnoticelength' => -1),
+ 'http' => // HTTP client settings when contacting other sites
+ array('ssl_cafile' => false // To enable SSL cert validation, point to a CA bundle (eg '/usr/lib/ssl/certs/ca-certificates.crt')
+ ),
);
diff --git a/lib/distribqueuehandler.php b/lib/distribqueuehandler.php
index d2be7a92c..8f4b72d5c 100644
--- a/lib/distribqueuehandler.php
+++ b/lib/distribqueuehandler.php
@@ -49,19 +49,22 @@ class DistribQueueHandler
}
/**
- * Here's the meat of your queue handler -- you're handed a Notice
- * object, which you may do as you will with.
+ * Handle distribution of a notice after we've saved it:
+ * @li add to local recipient inboxes
+ * @li send email notifications to local @-reply targets
+ * @li run final EndNoticeSave plugin events
+ * @li put any remaining post-processing into the queues
*
* If this function indicates failure, a warning will be logged
* and the item is placed back in the queue to be re-run.
*
+ * @fixme addToInboxes is known to fail sometimes with large recipient sets
+ *
* @param Notice $notice
* @return boolean true on success, false on failure
*/
function handle($notice)
{
- // XXX: do we need to change this for remote users?
-
try {
$notice->addToInboxes();
} catch (Exception $e) {
@@ -69,6 +72,12 @@ class DistribQueueHandler
}
try {
+ $notice->sendReplyNotifications();
+ } catch (Exception $e) {
+ $this->logit($notice, $e);
+ }
+
+ try {
Event::handle('EndNoticeSave', array($notice));
// Enqueue for other handlers
} catch (Exception $e) {
diff --git a/lib/httpclient.php b/lib/httpclient.php
index 384626ae0..b69f718e5 100644
--- a/lib/httpclient.php
+++ b/lib/httpclient.php
@@ -132,7 +132,19 @@ class HTTPClient extends HTTP_Request2
// ought to be investigated to see if we can handle
// it gracefully in that case as well.
$this->config['protocol_version'] = '1.0';
-
+
+ // Default state of OpenSSL seems to have no trusted
+ // SSL certificate authorities, which breaks hostname
+ // verification and means we have a hard time communicating
+ // with other sites' HTTPS interfaces.
+ //
+ // Turn off verification unless we've configured a CA bundle.
+ if (common_config('http', 'ssl_cafile')) {
+ $this->config['ssl_cafile'] = common_config('http', 'ssl_cafile');
+ } else {
+ $this->config['ssl_verify_peer'] = false;
+ }
+
parent::__construct($url, $method, $config);
$this->setHeader('User-Agent', $this->userAgent());
}
diff --git a/lib/implugin.php b/lib/implugin.php
index 7302859a4..dafb8a416 100644
--- a/lib/implugin.php
+++ b/lib/implugin.php
@@ -107,10 +107,15 @@ abstract class ImPlugin extends Plugin
* receive a raw message
* Raw IM data is taken from the incoming queue, and passed to this function.
* It should parse the raw message and call handle_incoming()
+ *
+ * Returning false may CAUSE REPROCESSING OF THE QUEUE ITEM, and should
+ * be used for temporary failures only. For permanent failures such as
+ * unrecognized addresses, return true to indicate your processing has
+ * completed.
*
* @param object $data raw IM data
*
- * @return boolean success value
+ * @return boolean true if processing completed, false for temporary failures
*/
abstract function receive_raw_message($data);
@@ -185,9 +190,12 @@ abstract class ImPlugin extends Plugin
*/
function get_user_im_prefs_from_screenname($screenname)
{
- if($user_im_prefs = User_im_prefs::pkeyGet( array('transport' => $this->transport, 'screenname' => $screenname) )){
+ $user_im_prefs = User_im_prefs::pkeyGet(
+ array('transport' => $this->transport,
+ 'screenname' => $this->normalize($screenname)));
+ if ($user_im_prefs) {
return $user_im_prefs;
- }else{
+ } else {
return false;
}
}
@@ -203,9 +211,9 @@ abstract class ImPlugin extends Plugin
function get_screenname($user)
{
$user_im_prefs = $this->get_user_im_prefs_from_user($user);
- if($user_im_prefs){
+ if ($user_im_prefs) {
return $user_im_prefs->screenname;
- }else{
+ } else {
return false;
}
}
@@ -220,9 +228,12 @@ abstract class ImPlugin extends Plugin
*/
function get_user_im_prefs_from_user($user)
{
- if($user_im_prefs = User_im_prefs::pkeyGet( array('transport' => $this->transport, 'user_id' => $user->id) )){
+ $user_im_prefs = User_im_prefs::pkeyGet(
+ array('transport' => $this->transport,
+ 'user_id' => $user->id));
+ if ($user_im_prefs){
return $user_im_prefs;
- }else{
+ } else {
return false;
}
}
@@ -608,8 +619,13 @@ abstract class ImPlugin extends Plugin
function initialize()
{
+ if( ! common_config('queue', 'enabled'))
+ {
+ throw new ServerException("Queueing must be enabled to use IM plugins");
+ }
+
if(is_null($this->transport)){
- throw new Exception('transport cannot be null');
+ throw new ServerException('transport cannot be null');
}
}
}
diff --git a/lib/installer.php b/lib/installer.php
index d0e46f95c..bd9d69cd4 100644
--- a/lib/installer.php
+++ b/lib/installer.php
@@ -32,6 +32,7 @@
* @author Sarven Capadisli <csarven@status.net>
* @author Tom Adams <tom@holizz.com>
* @author Zach Copley <zach@status.net>
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license GNU Affero General Public License http://www.gnu.org/licenses/
* @version 0.9.x
* @link http://status.net
@@ -51,7 +52,7 @@ abstract class Installer
public static $dbModules = array(
'mysql' => array(
'name' => 'MySQL',
- 'check_module' => 'mysql', // mysqli?
+ 'check_module' => 'mysqli',
'installer' => 'mysql_db_installer',
),
'pgsql' => array(
@@ -81,9 +82,12 @@ abstract class Installer
{
$pass = true;
- if (file_exists(INSTALLDIR.'/config.php')) {
- $this->warning('Config file "config.php" already exists.');
- $pass = false;
+ $config = INSTALLDIR.'/config.php';
+ if (file_exists($config)) {
+ if (!is_writable($config) || filesize($config) > 0) {
+ $this->warning('Config file "config.php" already exists.');
+ $pass = false;
+ }
}
if (version_compare(PHP_VERSION, '5.2.3', '<')) {
@@ -128,6 +132,7 @@ abstract class Installer
$pass = false;
}
+ // @fixme this check seems to be insufficient with Windows ACLs
if (!is_writable(INSTALLDIR)) {
$this->warning(sprintf('Cannot write config file to: <code>%s</code></p>', INSTALLDIR),
sprintf('On your server, try this command: <code>chmod a+w %s</code>', INSTALLDIR));
@@ -341,7 +346,6 @@ abstract class Installer
* @param string $password
* @return mixed array of database connection params on success, false on failure
*
- * @fixme be consistent about using mysqli vs mysql!
* @fixme escape things in the connection string in case we have a funny pass etc
*/
function Mysql_Db_installer($host, $database, $username, $password)
@@ -349,14 +353,13 @@ abstract class Installer
$this->updateStatus("Starting installation...");
$this->updateStatus("Checking database...");
- $conn = mysql_connect($host, $username, $password);
- if (!$conn) {
+ $conn = mysqli_init();
+ if (!$conn->real_connect($host, $username, $password)) {
$this->updateStatus("Can't connect to server '$host' as '$username'.", true);
return false;
}
$this->updateStatus("Changing to database...");
- $res = mysql_select_db($database, $conn);
- if (!$res) {
+ if (!$conn->select_db($database)) {
$this->updateStatus("Can't change to database.", true);
return false;
}
@@ -411,6 +414,10 @@ abstract class Installer
"\$config['db']['database'] = '{$this->db['database']}';\n\n".
($this->db['type'] == 'pgsql' ? "\$config['db']['quote_identifiers'] = true;\n\n":'').
"\$config['db']['type'] = '{$this->db['type']}';\n\n";
+
+ // Normalize line endings for Windows servers
+ $cfg = str_replace("\n", PHP_EOL, $cfg);
+
// write configuration file out to install directory
$res = file_put_contents(INSTALLDIR.'/config.php', $cfg);
@@ -438,9 +445,9 @@ abstract class Installer
// FIXME: use PEAR::DB or PDO instead of our own switch
switch ($type) {
case 'mysqli':
- $res = mysql_query($stmt, $conn);
+ $res = $conn->query($stmt);
if ($res === false) {
- $error = mysql_error();
+ $error = $conn->error;
}
break;
case 'pgsql':
diff --git a/lib/language.php b/lib/language.php
index 8009adc9b..1805707ad 100644
--- a/lib/language.php
+++ b/lib/language.php
@@ -61,7 +61,7 @@ if (!function_exists('dpgettext')) {
* Not currently exposed in PHP's gettext module; implemented to be compat
* with gettext.h's macros.
*
- * @param string $domain domain identifier, or null for default domain
+ * @param string $domain domain identifier
* @param string $context context identifier, should be some key like "menu|file"
* @param string $msgid English source text
* @return string original or translated message
@@ -106,7 +106,7 @@ if (!function_exists('dnpgettext')) {
* Not currently exposed in PHP's gettext module; implemented to be compat
* with gettext.h's macros.
*
- * @param string $domain domain identifier, or null for default domain
+ * @param string $domain domain identifier
* @param string $context context identifier, should be some key like "menu|file"
* @param string $msg singular English source text
* @param string $plural plural English source text
@@ -180,7 +180,11 @@ function _m($msg/*, ...*/)
}
/**
- * Looks for which plugin we've been called from to set the gettext domain.
+ * Looks for which plugin we've been called from to set the gettext domain;
+ * if not in a plugin subdirectory, we'll use the default 'statusnet'.
+ *
+ * Note: we can't return null for default domain since most of the PHP gettext
+ * wrapper functions turn null into "" before passing to the backend library.
*
* @param array $backtrace debug_backtrace() output
* @return string
@@ -206,12 +210,19 @@ function _mdomain($backtrace)
if (DIRECTORY_SEPARATOR !== '/') {
$path = strtr($path, DIRECTORY_SEPARATOR, '/');
}
- $cut = strpos($path, '/plugins/');
- if ($cut) {
- $cut += strlen('/plugins/');
+ $plug = strpos($path, '/plugins/');
+ if ($plug === false) {
+ // We're not in a plugin; return default domain.
+ return 'statusnet';
+ } else {
+ $cut = $plug + 9;
$cut2 = strpos($path, '/', $cut);
- if ($cut && $cut2) {
- $final = substr($path, $cut, $cut2 - $cut);
+ if ($cut2) {
+ $cached[$path] = substr($path, $cut, $cut2 - $cut);
+ } else {
+ // We might be running directly from the plugins dir?
+ // If so, there's no place to store locale info.
+ return 'statusnet';
}
}
$cached[$path] = $final;
diff --git a/lib/liberalstomp.php b/lib/liberalstomp.php
index 3d38953fd..70c22c17e 100644
--- a/lib/liberalstomp.php
+++ b/lib/liberalstomp.php
@@ -147,5 +147,30 @@ class LiberalStomp extends Stomp
}
return $frame;
}
-}
+
+ /**
+ * Write frame to server
+ *
+ * @param StompFrame $stompFrame
+ */
+ protected function _writeFrame (StompFrame $stompFrame)
+ {
+ if (!is_resource($this->_socket)) {
+ require_once 'Stomp/Exception.php';
+ throw new StompException('Socket connection hasn\'t been established');
+ }
+
+ $data = $stompFrame->__toString();
+
+ // Make sure the socket's in a writable state; if not, wait a bit.
+ stream_set_blocking($this->_socket, 1);
+
+ $r = fwrite($this->_socket, $data, strlen($data));
+ stream_set_blocking($this->_socket, 0);
+ if ($r === false || $r == 0) {
+ $this->_reconnect();
+ $this->_writeFrame($stompFrame);
+ }
+ }
+ }
diff --git a/lib/mail.php b/lib/mail.php
index c38d9f2f5..ab5742e33 100644
--- a/lib/mail.php
+++ b/lib/mail.php
@@ -224,9 +224,6 @@ function mail_subscribe_notify_profile($listenee, $other)
if ($other->hasRight(Right::EMAILONSUBSCRIBE) &&
$listenee->email && $listenee->emailnotifysub) {
- // use the recipient's localization
- common_init_locale($listenee->language);
-
$profile = $listenee->getProfile();
$name = $profile->getBestName();
@@ -236,6 +233,9 @@ function mail_subscribe_notify_profile($listenee, $other)
$recipients = $listenee->email;
+ // use the recipient's localization
+ common_switch_locale($listenee->language);
+
$headers = _mail_prepare_headers('subscribe', $listenee->nickname, $other->nickname);
$headers['From'] = mail_notify_from();
$headers['To'] = $name . ' <' . $listenee->email . '>';
@@ -245,6 +245,11 @@ function mail_subscribe_notify_profile($listenee, $other)
$other->getBestName(),
common_config('site', 'name'));
+ $blocklink = sprintf(_("If you believe this account is being used abusively, " .
+ "you can block them from your subscribers list and " .
+ "report as spam to site administrators at %s"),
+ common_local_url('block', array('profileid' => $other->id)));
+
// TRANS: Main body of new-subscriber notification e-mail
$body = sprintf(_('%1$s is now listening to your notices on %2$s.'."\n\n".
"\t".'%3$s'."\n\n".
@@ -264,14 +269,15 @@ function mail_subscribe_notify_profile($listenee, $other)
($other->homepage) ?
// TRANS: Profile info line in new-subscriber notification e-mail
sprintf(_("Homepage: %s"), $other->homepage) . "\n" : '',
- ($other->bio) ?
+ (($other->bio) ?
// TRANS: Profile info line in new-subscriber notification e-mail
- sprintf(_("Bio: %s"), $other->bio) . "\n\n" : '',
+ sprintf(_("Bio: %s"), $other->bio) . "\n" : '') .
+ "\n\n" . $blocklink . "\n",
common_config('site', 'name'),
common_local_url('emailsettings'));
// reset localization
- common_init_locale();
+ common_switch_locale();
mail_send($recipients, $headers, $body);
}
}
@@ -473,7 +479,7 @@ function mail_confirm_sms($code, $nickname, $address)
function mail_notify_nudge($from, $to)
{
- common_init_locale($to->language);
+ common_switch_locale($to->language);
// TRANS: Subject for 'nudge' notification email
$subject = sprintf(_('You\'ve been nudged by %s'), $from->nickname);
@@ -491,7 +497,7 @@ function mail_notify_nudge($from, $to)
$from->nickname,
common_local_url('all', array('nickname' => $to->nickname)),
common_config('site', 'name'));
- common_init_locale();
+ common_switch_locale();
$headers = _mail_prepare_headers('nudge', $to->nickname, $from->nickname);
@@ -525,7 +531,7 @@ function mail_notify_message($message, $from=null, $to=null)
return true;
}
- common_init_locale($to->language);
+ common_switch_locale($to->language);
// TRANS: Subject for direct-message notification email
$subject = sprintf(_('New private message from %s'), $from->nickname);
@@ -549,7 +555,7 @@ function mail_notify_message($message, $from=null, $to=null)
$headers = _mail_prepare_headers('message', $to->nickname, $from->nickname);
- common_init_locale();
+ common_switch_locale();
return mail_to_user($to, $subject, $body, $headers);
}
@@ -577,7 +583,7 @@ function mail_notify_fave($other, $user, $notice)
$bestname = $profile->getBestName();
- common_init_locale($other->language);
+ common_switch_locale($other->language);
// TRANS: Subject for favorite notification email
$subject = sprintf(_('%s (@%s) added your notice as a favorite'), $bestname, $user->nickname);
@@ -605,7 +611,7 @@ function mail_notify_fave($other, $user, $notice)
$headers = _mail_prepare_headers('fave', $other->nickname, $user->nickname);
- common_init_locale();
+ common_switch_locale();
mail_to_user($other, $subject, $body, $headers);
}
@@ -636,7 +642,7 @@ function mail_notify_attn($user, $notice)
$bestname = $sender->getBestName();
- common_init_locale($user->language);
+ common_switch_locale($user->language);
if ($notice->hasConversation()) {
$conversationUrl = common_local_url('conversation',
@@ -679,7 +685,7 @@ function mail_notify_attn($user, $notice)
$headers = _mail_prepare_headers('mention', $user->nickname, $sender->nickname);
- common_init_locale();
+ common_switch_locale();
mail_to_user($user, $subject, $body, $headers);
}
diff --git a/lib/mailhandler.php b/lib/mailhandler.php
index 890f6d5b4..e9ba41839 100644
--- a/lib/mailhandler.php
+++ b/lib/mailhandler.php
@@ -265,6 +265,10 @@ class MailHandler
if (preg_match('/^\s*Begin\s+forward/', $line)) {
break;
}
+ // skip everything after a blank line if we already have content
+ if ($output !== '' && $line === '') {
+ break;
+ }
$output .= ' ' . $line;
}
diff --git a/lib/mediafile.php b/lib/mediafile.php
index 1c96c42d7..c96c78ab5 100644
--- a/lib/mediafile.php
+++ b/lib/mediafile.php
@@ -180,7 +180,8 @@ class MediaFile
return;
}
- $mimetype = MediaFile::getUploadedFileType($_FILES[$param]['tmp_name']);
+ $mimetype = MediaFile::getUploadedFileType($_FILES[$param]['tmp_name'],
+ $_FILES[$param]['name']);
$filename = null;
@@ -241,19 +242,41 @@ class MediaFile
return new MediaFile($user, $filename, $mimetype);
}
- static function getUploadedFileType($f) {
+ /**
+ * Attempt to identify the content type of a given file.
+ *
+ * @param mixed $f file handle resource, or filesystem path as string
+ * @param string $originalFilename (optional) for extension-based detection
+ * @return string
+ *
+ * @fixme is this an internal or public method? It's called from GetFileAction
+ * @fixme this seems to tie a front-end error message in, kinda confusing
+ * @fixme this looks like it could return a PEAR_Error in some cases, if
+ * type can't be identified and $config['attachments']['supported'] is true
+ *
+ * @throws ClientException if type is known, but not supported for local uploads
+ */
+ static function getUploadedFileType($f, $originalFilename=false) {
require_once 'MIME/Type.php';
+ require_once 'MIME/Type/Extension.php';
+ $mte = new MIME_Type_Extension();
$cmd = &PEAR::getStaticProperty('MIME_Type', 'fileCmd');
$cmd = common_config('attachments', 'filecommand');
$filetype = null;
+ // If we couldn't get a clear type from the file extension,
+ // we'll go ahead and try checking the content. Content checks
+ // are unambiguous for most image files, but nearly useless
+ // for office document formats.
+
if (is_string($f)) {
// assuming a filename
$filetype = MIME_Type::autoDetect($f);
+
} else {
// assuming a filehandle
@@ -262,7 +285,32 @@ class MediaFile
$filetype = MIME_Type::autoDetect($stream['uri']);
}
- if (common_config('attachments', 'supported') === true || in_array($filetype, common_config('attachments', 'supported'))) {
+ // The content-based sources for MIME_Type::autoDetect()
+ // are wildly unreliable for office-type documents. If we've
+ // gotten an unclear reponse back or just couldn't identify it,
+ // we'll try detecting a type from its extension...
+ $unclearTypes = array('application/octet-stream',
+ 'application/vnd.ms-office',
+ 'application/zip');
+
+ if ($originalFilename && (!$filetype || in_array($filetype, $unclearTypes))) {
+ $type = $mte->getMIMEType($originalFilename);
+ if (is_string($type)) {
+ $filetype = $type;
+ }
+ }
+
+ $supported = common_config('attachments', 'supported');
+ if (is_array($supported)) {
+ // Normalize extensions to mime types
+ foreach ($supported as $i => $entry) {
+ if (strpos($entry, '/') === false) {
+ common_log(LOG_INFO, "sample.$entry");
+ $supported[$i] = $mte->getMIMEType("sample.$entry");
+ }
+ }
+ }
+ if ($supported === true || in_array($filetype, $supported)) {
return $filetype;
}
$media = MIME_Type::getMedia($filetype);
diff --git a/lib/noticelist.php b/lib/noticelist.php
index 5265326b2..432ea78d5 100644
--- a/lib/noticelist.php
+++ b/lib/noticelist.php
@@ -488,54 +488,46 @@ class NoticeListItem extends Widget
function showNoticeSource()
{
- if ($this->notice->source) {
+ $ns = $this->notice->getSource();
+
+ if ($ns) {
+ $source_name = _($ns->code);
$this->out->text(' ');
$this->out->elementStart('span', 'source');
$this->out->text(_('from'));
- $source_name = _($this->notice->source);
$this->out->text(' ');
- switch ($this->notice->source) {
- case 'web':
- case 'xmpp':
- case 'mail':
- case 'omb':
- case 'system':
- case 'api':
- $this->out->element('span', 'device', $source_name);
- break;
- default:
+ $name = $source_name;
+ $url = $ns->url;
+ $title = null;
+
+ if (Event::handle('StartNoticeSourceLink', array($this->notice, &$name, &$url, &$title))) {
$name = $source_name;
- $url = null;
-
- if (Event::handle('StartNoticeSourceLink', array($this->notice, &$name, &$url, &$title))) {
- $ns = Notice_source::staticGet($this->notice->source);
-
- if ($ns) {
- $name = $ns->name;
- $url = $ns->url;
- } else {
- $app = Oauth_application::staticGet('name', $this->notice->source);
- if ($app) {
- $name = $app->name;
- $url = $app->source_url;
- }
- }
- }
- Event::handle('EndNoticeSourceLink', array($this->notice, &$name, &$url, &$title));
-
- if (!empty($name) && !empty($url)) {
- $this->out->elementStart('span', 'device');
- $this->out->element('a', array('href' => $url,
- 'rel' => 'external',
- 'title' => $title),
- $name);
- $this->out->elementEnd('span');
- } else {
- $this->out->element('span', 'device', $name);
+ $url = $ns->url;
+ }
+ Event::handle('EndNoticeSourceLink', array($this->notice, &$name, &$url, &$title));
+
+ // if $ns->name and $ns->url are populated we have
+ // configured a source attr somewhere
+ if (!empty($name) && !empty($url)) {
+
+ $this->out->elementStart('span', 'device');
+
+ $attrs = array(
+ 'href' => $url,
+ 'rel' => 'external'
+ );
+
+ if (!empty($title)) {
+ $attrs['title'] = $title;
}
- break;
+
+ $this->out->element('a', $attrs, $name);
+ $this->out->elementEnd('span');
+ } else {
+ $this->out->element('span', 'device', $name);
}
+
$this->out->elementEnd('span');
}
}
diff --git a/lib/pgsqlschema.php b/lib/pgsqlschema.php
index 715065d77..272f7eff6 100644
--- a/lib/pgsqlschema.php
+++ b/lib/pgsqlschema.php
@@ -41,6 +41,7 @@ if (!defined('STATUSNET')) {
* @category Database
* @package StatusNet
* @author Evan Prodromou <evan@status.net>
+ * @author Brenda Wallace <shiny@cpan.org>
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
@@ -79,7 +80,6 @@ class PgsqlSchema extends Schema
$row = array();
while ($res->fetchInto($row, DB_FETCHMODE_ASSOC)) {
-// var_dump($row);
$cd = new ColumnDef();
$cd->name = $row['field'];
@@ -143,6 +143,7 @@ class PgsqlSchema extends Schema
$uniques = array();
$primary = array();
$indices = array();
+ $onupdate = array();
$sql = "CREATE TABLE $name (\n";
@@ -155,7 +156,6 @@ class PgsqlSchema extends Schema
}
$sql .= $this->_columnSql($cd);
-
switch ($cd->key) {
case 'UNI':
$uniques[] = $cd->name;
@@ -170,13 +170,7 @@ class PgsqlSchema extends Schema
}
if (count($primary) > 0) { // it really should be...
- $sql .= ",\n primary key (" . implode(',', $primary) . ")";
- }
-
-
-
- foreach ($indices as $i) {
- $sql .= ",\nindex {$name}_{$i}_idx ($i)";
+ $sql .= ",\n PRIMARY KEY (" . implode(',', $primary) . ")";
}
$sql .= "); ";
@@ -185,10 +179,14 @@ class PgsqlSchema extends Schema
foreach ($uniques as $u) {
$sql .= "\n CREATE index {$name}_{$u}_idx ON {$name} ($u); ";
}
+
+ foreach ($indices as $i) {
+ $sql .= "CREATE index {$name}_{$i}_idx ON {$name} ($i)";
+ }
$res = $this->conn->query($sql);
if (PEAR::isError($res)) {
- throw new Exception($res->getMessage());
+ throw new Exception($res->getMessage(). ' SQL was '. $sql);
}
return true;
@@ -223,7 +221,7 @@ class PgsqlSchema extends Schema
*/
private function _columnTypeTranslation($type) {
$map = array(
- 'datetime' => 'timestamp'
+ 'datetime' => 'timestamp',
);
if(!empty($map[$type])) {
return $map[$type];
@@ -324,7 +322,7 @@ class PgsqlSchema extends Schema
public function modifyColumn($table, $columndef)
{
- $sql = "ALTER TABLE $table MODIFY COLUMN " .
+ $sql = "ALTER TABLE $table ALTER COLUMN TYPE " .
$this->_columnSql($columndef);
$res = $this->conn->query($sql);
@@ -397,16 +395,17 @@ class PgsqlSchema extends Schema
$todrop = array_diff($cur, $new);
$same = array_intersect($new, $cur);
$tomod = array();
-
foreach ($same as $m) {
$curCol = $this->_byName($td->columns, $m);
$newCol = $this->_byName($columns, $m);
+
if (!$newCol->equals($curCol)) {
- $tomod[] = $newCol->name;
+ // BIG GIANT TODO!
+ // stop it detecting different types and trying to modify on every page request
+// $tomod[] = $newCol->name;
}
}
-
if (count($toadd) + count($todrop) + count($tomod) == 0) {
// nothing to do
return true;
@@ -430,11 +429,12 @@ class PgsqlSchema extends Schema
foreach ($tomod as $columnName) {
$cd = $this->_byName($columns, $columnName);
- $phrase[] = 'MODIFY COLUMN ' . $this->_columnSql($cd);
+ /* brute force */
+ $phrase[] = 'DROP COLUMN ' . $columnName;
+ $phrase[] = 'ADD COLUMN ' . $this->_columnSql($cd);
}
$sql = 'ALTER TABLE ' . $tableName . ' ' . implode(', ', $phrase);
-
$res = $this->conn->query($sql);
if (PEAR::isError($res)) {
@@ -496,12 +496,21 @@ class PgsqlSchema extends Schema
*
* @return string correct SQL for that column
*/
-
private function _columnSql($cd)
{
$sql = "{$cd->name} ";
$type = $this->_columnTypeTranslation($cd->type);
+ //handle those mysql enum fields that postgres doesn't support
+ if (preg_match('!^enum!', $type)) {
+ $allowed_values = preg_replace('!^enum!', '', $type);
+ $sql .= " text check ({$cd->name} in $allowed_values)";
+ return $sql;
+ }
+ if (!empty($cd->auto_increment)) {
+ $type = "bigserial"; // FIXME: creates the wrong name for the sequence for some internal sequence-lookup function, so better fix this to do the real 'create sequence' dance.
+ }
+
if (!empty($cd->size)) {
$sql .= "{$type}({$cd->size}) ";
} else {
@@ -513,14 +522,10 @@ class PgsqlSchema extends Schema
} else {
$sql .= ($cd->nullable) ? "null " : "not null ";
}
-
- if (!empty($cd->auto_increment)) {
- $sql .= " auto_increment ";
- }
- if (!empty($cd->extra)) {
- $sql .= "{$cd->extra} ";
- }
+// if (!empty($cd->extra)) {
+// $sql .= "{$cd->extra} ";
+// }
return $sql;
}
diff --git a/lib/ping.php b/lib/ping.php
index 735af9ef1..be2933ae3 100644
--- a/lib/ping.php
+++ b/lib/ping.php
@@ -45,7 +45,15 @@ function ping_broadcast_notice($notice) {
$tags));
$request = HTTPClient::start();
- $httpResponse = $request->post($notify_url, array('Content-Type: text/xml'), $req);
+ $request->setConfig('connect_timeout', common_config('ping', 'timeout'));
+ $request->setConfig('timeout', common_config('ping', 'timeout'));
+ try {
+ $httpResponse = $request->post($notify_url, array('Content-Type: text/xml'), $req);
+ } catch (Exception $e) {
+ common_log(LOG_ERR,
+ "Exception pinging $notify_url: " . $e->getMessage());
+ continue;
+ }
if (!$httpResponse || mb_strlen($httpResponse->getBody()) == 0) {
common_log(LOG_WARNING,
diff --git a/lib/plugin.php b/lib/plugin.php
index 65ccdafbb..f63bdf309 100644
--- a/lib/plugin.php
+++ b/lib/plugin.php
@@ -91,6 +91,7 @@ class Plugin
$path = INSTALLDIR . "/plugins/$name/locale";
if (file_exists($path) && is_dir($path)) {
bindtextdomain($name, $path);
+ bind_textdomain_codeset($name, 'UTF-8');
}
}
}
diff --git a/lib/popularnoticesection.php b/lib/popularnoticesection.php
index 296ddbbb5..f70a972ef 100644
--- a/lib/popularnoticesection.php
+++ b/lib/popularnoticesection.php
@@ -72,7 +72,7 @@ class PopularNoticeSection extends NoticeSection
$qry .= ' GROUP BY notice.id,notice.profile_id,notice.content,notice.uri,' .
'notice.rendered,notice.url,notice.created,notice.modified,' .
'notice.reply_to,notice.is_local,notice.source,notice.conversation, ' .
- 'notice.lat,notice.lon,location_id,location_ns' .
+ 'notice.lat,notice.lon,location_id,location_ns,notice.repeat_of' .
' ORDER BY weight DESC';
$offset = 0;
diff --git a/lib/profileformaction.php b/lib/profileformaction.php
index 0ffafe5fb..51c89a922 100644
--- a/lib/profileformaction.php
+++ b/lib/profileformaction.php
@@ -60,7 +60,16 @@ class ProfileFormAction extends RedirectingAction
$this->checkSessionToken();
if (!common_logged_in()) {
- $this->clientError(_('Not logged in.'));
+ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+ $this->clientError(_('Not logged in.'));
+ } else {
+ // Redirect to login.
+ common_set_returnto($this->selfUrl());
+ $user = common_current_user();
+ if (Event::handle('RedirectToLogin', array($this, $user))) {
+ common_redirect(common_local_url('login'), 303);
+ }
+ }
return false;
}
@@ -97,7 +106,7 @@ class ProfileFormAction extends RedirectingAction
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$this->handlePost();
- $this->returnToArgs();
+ $this->returnToPrevious();
}
}
diff --git a/lib/redirectingaction.php b/lib/redirectingaction.php
index f11585274..3a358f891 100644
--- a/lib/redirectingaction.php
+++ b/lib/redirectingaction.php
@@ -53,12 +53,13 @@ class RedirectingAction extends Action
*
* To be called only after successful processing.
*
- * @fixme rename this -- it obscures Action::returnToArgs() which
- * returns a list of arguments, and is a bit confusing.
+ * Note: this was named returnToArgs() up through 0.9.2, which
+ * caused problems because there's an Action::returnToArgs()
+ * already which does something different.
*
* @return void
*/
- function returnToArgs()
+ function returnToPrevious()
{
// Now, gotta figure where we go back to
$action = false;
@@ -77,7 +78,7 @@ class RedirectingAction extends Action
if ($action) {
common_redirect(common_local_url($action, $args, $params), 303);
} else {
- $url = $this->defaultReturnToUrl();
+ $url = $this->defaultReturnTo();
}
common_redirect($url, 303);
}
diff --git a/lib/router.php b/lib/router.php
index a040abb83..ca3c2e880 100644
--- a/lib/router.php
+++ b/lib/router.php
@@ -136,6 +136,11 @@ class Router
$m->connect('main/'.$a, array('action' => $a));
}
+ // Also need a block variant accepting ID on URL for mail links
+ $m->connect('main/block/:profileid',
+ array('action' => 'block'),
+ array('profileid' => '[0-9]+'));
+
$m->connect('main/sup/:seconds', array('action' => 'sup'),
array('seconds' => '[0-9]+'));
@@ -258,7 +263,7 @@ class Router
$m->connect('tag', array('action' => 'publictagcloud'));
$m->connect('tag/:tag/rss',
array('action' => 'tagrss'),
- array('tag' => '[a-zA-Z0-9]+'));
+ array('tag' => '[\pL\pN_\-\.]{1,64}'));
$m->connect('tag/:tag',
array('action' => 'tag'),
array('tag' => '[\pL\pN_\-\.]{1,64}'));
@@ -535,7 +540,7 @@ class Router
$m->connect('api/favorites/:id.:format',
array('action' => 'ApiTimelineFavorites',
'id' => '[a-zA-Z0-9]+',
- 'format' => '(xmljson|rss|atom)'));
+ 'format' => '(xml|json|rss|atom)'));
$m->connect('api/favorites/create/:id.:format',
array('action' => 'ApiFavoriteCreate',
@@ -592,7 +597,7 @@ class Router
$m->connect('api/statusnet/groups/timeline/:id.:format',
array('action' => 'ApiTimelineGroup',
'id' => '[a-zA-Z0-9]+',
- 'format' => '(xmljson|rss|atom)'));
+ 'format' => '(xml|json|rss|atom)'));
$m->connect('api/statusnet/groups/show.:format',
array('action' => 'ApiGroupShow',
@@ -650,10 +655,16 @@ class Router
$m->connect('api/statusnet/groups/create.:format',
array('action' => 'ApiGroupCreate',
'format' => '(xml|json)'));
+
+ $m->connect('api/statusnet/groups/update/:id.:format',
+ array('action' => 'ApiGroupProfileUpdate',
+ 'id' => '[a-zA-Z0-9]+',
+ 'format' => '(xml|json)'));
+
// Tags
$m->connect('api/statusnet/tags/timeline/:tag.:format',
array('action' => 'ApiTimelineTag',
- 'format' => '(xmljson|rss|atom)'));
+ 'format' => '(xml|json|rss|atom)'));
// media related
$m->connect(
@@ -662,9 +673,9 @@ class Router
);
// search
- $m->connect('api/search.atom', array('action' => 'twitapisearchatom'));
- $m->connect('api/search.json', array('action' => 'twitapisearchjson'));
- $m->connect('api/trends.json', array('action' => 'twitapitrends'));
+ $m->connect('api/search.atom', array('action' => 'ApiSearchAtom'));
+ $m->connect('api/search.json', array('action' => 'ApiSearchJSON'));
+ $m->connect('api/trends.json', array('action' => 'ApiTrends'));
$m->connect('api/oauth/request_token',
array('action' => 'apioauthrequesttoken'));
@@ -751,12 +762,12 @@ class Router
$m->connect('tag/:tag/rss',
array('action' => 'userrss',
'nickname' => $nickname),
- array('tag' => '[a-zA-Z0-9]+'));
+ array('tag' => '[\pL\pN_\-\.]{1,64}'));
$m->connect('tag/:tag',
array('action' => 'showstream',
'nickname' => $nickname),
- array('tag' => '[a-zA-Z0-9]+'));
+ array('tag' => '[\pL\pN_\-\.]{1,64}'));
$m->connect('rsd.xml',
array('action' => 'rsd',
@@ -817,12 +828,12 @@ class Router
$m->connect(':nickname/tag/:tag/rss',
array('action' => 'userrss'),
array('nickname' => '[a-zA-Z0-9]{1,64}'),
- array('tag' => '[a-zA-Z0-9]+'));
+ array('tag' => '[\pL\pN_\-\.]{1,64}'));
$m->connect(':nickname/tag/:tag',
array('action' => 'showstream'),
array('nickname' => '[a-zA-Z0-9]{1,64}'),
- array('tag' => '[a-zA-Z0-9]+'));
+ array('tag' => '[\pL\pN_\-\.]{1,64}'));
$m->connect(':nickname/rsd.xml',
array('action' => 'rsd'),
diff --git a/lib/stompqueuemanager.php b/lib/stompqueuemanager.php
index 5d5c7ccfb..91faa8c36 100644
--- a/lib/stompqueuemanager.php
+++ b/lib/stompqueuemanager.php
@@ -115,14 +115,27 @@ class StompQueueManager extends QueueManager
*
* @param mixed $object
* @param string $queue
+ * @param string $siteNickname optional override to drop into another site's queue
*
* @return boolean true on success
* @throws StompException on connection or send error
*/
- public function enqueue($object, $queue)
+ public function enqueue($object, $queue, $siteNickname=null)
{
$this->_connect();
- return $this->_doEnqueue($object, $queue, $this->defaultIdx);
+ if (common_config('queue', 'stomp_enqueue_on')) {
+ // We're trying to force all writes to a single server.
+ // WARNING: this might do odd things if that server connection dies.
+ $idx = array_search(common_config('queue', 'stomp_enqueue_on'),
+ $this->servers);
+ if ($idx === false) {
+ common_log(LOG_ERR, 'queue stomp_enqueue_on setting does not match our server list.');
+ $idx = $this->defaultIdx;
+ }
+ } else {
+ $idx = $this->defaultIdx;
+ }
+ return $this->_doEnqueue($object, $queue, $idx, $siteNickname);
}
/**
@@ -132,10 +145,10 @@ class StompQueueManager extends QueueManager
* @return boolean true on success
* @throws StompException on connection or send error
*/
- protected function _doEnqueue($object, $queue, $idx)
+ protected function _doEnqueue($object, $queue, $idx, $siteNickname=null)
{
$rep = $this->logrep($object);
- $envelope = array('site' => common_config('site', 'nickname'),
+ $envelope = array('site' => $siteNickname ? $siteNickname : common_config('site', 'nickname'),
'handler' => $queue,
'payload' => $this->encode($object));
$msg = serialize($envelope);
diff --git a/lib/theme.php b/lib/theme.php
index 0be8c3b9d..a9d0cbc84 100644
--- a/lib/theme.php
+++ b/lib/theme.php
@@ -38,6 +38,9 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
* Themes are directories with some expected sub-directories and files
* in them. They're found in either local/theme (for locally-installed themes)
* or theme/ subdir of installation dir.
+ *
+ * Note that the 'local' directory can be overridden as $config['local']['path']
+ * and $config['local']['dir'] etc.
*
* This used to be a couple of functions, but for various reasons it's nice
* to have a class instead.
@@ -76,7 +79,7 @@ class Theme
if (file_exists($fulldir) && is_dir($fulldir)) {
$this->dir = $fulldir;
- $this->path = common_path('local/theme/'.$name.'/');
+ $this->path = $this->relativeThemePath('local', 'local', 'theme/' . $name);
return;
}
@@ -89,42 +92,63 @@ class Theme
if (file_exists($fulldir) && is_dir($fulldir)) {
$this->dir = $fulldir;
+ $this->path = $this->relativeThemePath('theme', 'theme', $name);
+ }
+ }
- $path = common_config('theme', 'path');
+ /**
+ * Build a full URL to the given theme's base directory, possibly
+ * using an offsite theme server path.
+ *
+ * @param string $group configuration section name to pull paths from
+ * @param string $fallbackSubdir default subdirectory under INSTALLDIR
+ * @param string $name theme name
+ *
+ * @return string URL
+ *
+ * @todo consolidate code with that for other customizable paths
+ */
- if (empty($path)) {
- $path = common_config('site', 'path') . '/theme/';
- }
+ protected function relativeThemePath($group, $fallbackSubdir, $name)
+ {
+ $path = common_config($group, 'path');
- if ($path[strlen($path)-1] != '/') {
- $path .= '/';
+ if (empty($path)) {
+ $path = common_config('site', 'path') . '/';
+ if ($fallbackSubdir) {
+ $path .= $fallbackSubdir . '/';
}
+ }
- if ($path[0] != '/') {
- $path = '/'.$path;
- }
+ if ($path[strlen($path)-1] != '/') {
+ $path .= '/';
+ }
- $server = common_config('theme', 'server');
+ if ($path[0] != '/') {
+ $path = '/'.$path;
+ }
- if (empty($server)) {
- $server = common_config('site', 'server');
- }
+ $server = common_config($group, 'server');
- $ssl = common_config('theme', 'ssl');
+ if (empty($server)) {
+ $server = common_config('site', 'server');
+ }
- if (is_null($ssl)) { // null -> guess
- if (common_config('site', 'ssl') == 'always' &&
- !common_config('theme', 'server')) {
- $ssl = true;
- } else {
- $ssl = false;
- }
+ $ssl = common_config($group, 'ssl');
+
+ if (is_null($ssl)) { // null -> guess
+ if (common_config('site', 'ssl') == 'always' &&
+ !common_config($group, 'server')) {
+ $ssl = true;
+ } else {
+ $ssl = false;
}
+ }
- $protocol = ($ssl) ? 'https' : 'http';
+ $protocol = ($ssl) ? 'https' : 'http';
- $this->path = $protocol . '://'.$server.$path.$name;
- }
+ $path = $protocol . '://'.$server.$path.$name;
+ return $path;
}
/**
@@ -236,7 +260,13 @@ class Theme
protected static function localRoot()
{
- return INSTALLDIR.'/local/theme';
+ $basedir = common_config('local', 'dir');
+
+ if (empty($basedir)) {
+ $basedir = INSTALLDIR . '/local';
+ }
+
+ return $basedir . '/theme';
}
/**
diff --git a/lib/themeuploader.php b/lib/themeuploader.php
new file mode 100644
index 000000000..370965db0
--- /dev/null
+++ b/lib/themeuploader.php
@@ -0,0 +1,311 @@
+<?php
+/**
+ * StatusNet, the distributed open-source microblogging tool
+ *
+ * Utilities for theme files and paths
+ *
+ * PHP version 5
+ *
+ * LICENCE: This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @category Paths
+ * @package StatusNet
+ * @author Brion Vibber <brion@status.net>
+ * @copyright 2010 StatusNet, Inc.
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link http://status.net/
+ */
+
+if (!defined('STATUSNET') && !defined('LACONICA')) {
+ exit(1);
+}
+
+/**
+ * Encapsulation of the validation-and-save process when dealing with
+ * a user-uploaded StatusNet theme archive...
+ *
+ * @todo extract theme metadata from css/display.css
+ * @todo allow saving multiple themes
+ */
+class ThemeUploader
+{
+ protected $sourceFile;
+ protected $isUpload;
+ private $prevErrorReporting;
+
+ public function __construct($filename)
+ {
+ if (!class_exists('ZipArchive')) {
+ throw new Exception(_("This server cannot handle theme uploads without ZIP support."));
+ }
+ $this->sourceFile = $filename;
+ }
+
+ public static function fromUpload($name)
+ {
+ if (!isset($_FILES[$name]['error'])) {
+ throw new ServerException(_("The theme file is missing or the upload failed."));
+ }
+ if ($_FILES[$name]['error'] != UPLOAD_ERR_OK) {
+ throw new ServerException(_("The theme file is missing or the upload failed."));
+ }
+ return new ThemeUploader($_FILES[$name]['tmp_name']);
+ }
+
+ /**
+ * @param string $destDir
+ * @throws Exception on bogus files
+ */
+ public function extract($destDir)
+ {
+ $zip = $this->openArchive();
+
+ // First pass: validate but don't save anything to disk.
+ // Any errors will trip an exception.
+ $this->traverseArchive($zip);
+
+ // Second pass: now that we know we're good, actually extract!
+ $tmpDir = $destDir . '.tmp' . getmypid();
+ $this->traverseArchive($zip, $tmpDir);
+
+ $zip->close();
+
+ if (file_exists($destDir)) {
+ $killDir = $tmpDir . '.old';
+ $this->quiet();
+ $ok = rename($destDir, $killDir);
+ $this->loud();
+ if (!$ok) {
+ common_log(LOG_ERR, "Could not move old custom theme from $destDir to $killDir");
+ throw new ServerException(_("Failed saving theme."));
+ }
+ } else {
+ $killDir = false;
+ }
+
+ $this->quiet();
+ $ok = rename($tmpDir, $destDir);
+ $this->loud();
+ if (!$ok) {
+ common_log(LOG_ERR, "Could not move saved theme from $tmpDir to $destDir");
+ throw new ServerException(_("Failed saving theme."));
+ }
+
+ if ($killDir) {
+ $this->recursiveRmdir($killDir);
+ }
+ }
+
+ /**
+ *
+ */
+ protected function traverseArchive($zip, $outdir=false)
+ {
+ $sizeLimit = 2 * 1024 * 1024; // 2 megabyte space limit?
+ $blockSize = 4096; // estimated; any entry probably takes this much space
+
+ $totalSize = 0;
+ $hasMain = false;
+ $commonBaseDir = false;
+
+ for ($i = 0; $i < $zip->numFiles; $i++) {
+ $data = $zip->statIndex($i);
+ $name = str_replace('\\', '/', $data['name']);
+
+ if (substr($name, -1) == '/') {
+ // A raw directory... skip!
+ continue;
+ }
+
+ // Check the directory structure...
+ $path = pathinfo($name);
+ $dirs = explode('/', $path['dirname']);
+ $baseDir = array_shift($dirs);
+ if ($commonBaseDir === false) {
+ $commonBaseDir = $baseDir;
+ } else {
+ if ($commonBaseDir != $baseDir) {
+ throw new ClientException(_("Invalid theme: bad directory structure."));
+ }
+ }
+
+ foreach ($dirs as $dir) {
+ $this->validateFileOrFolder($dir);
+ }
+
+ // Is this a safe or skippable file?
+ if ($this->skippable($path['filename'], $path['extension'])) {
+ // Documentation and such... booooring
+ continue;
+ } else {
+ $this->validateFile($path['filename'], $path['extension']);
+ }
+
+ $fullPath = $dirs;
+ $fullPath[] = $path['basename'];
+ $localFile = implode('/', $fullPath);
+ if ($localFile == 'css/display.css') {
+ $hasMain = true;
+ }
+
+ $size = $data['size'];
+ $estSize = $blockSize * max(1, intval(ceil($size / $blockSize)));
+ $totalSize += $estSize;
+ if ($totalSize > $sizeLimit) {
+ $msg = sprintf(_("Uploaded theme is too large; " .
+ "must be less than %d bytes uncompressed."),
+ $sizeLimit);
+ throw new ClientException($msg);
+ }
+
+ if ($outdir) {
+ $this->extractFile($zip, $data['name'], "$outdir/$localFile");
+ }
+ }
+
+ if (!$hasMain) {
+ throw new ClientException(_("Invalid theme archive: " .
+ "missing file css/display.css"));
+ }
+ }
+
+ protected function skippable($filename, $ext)
+ {
+ $skip = array('txt', 'rtf', 'doc', 'docx', 'odt');
+ if (strtolower($filename) == 'readme') {
+ return true;
+ }
+ if (in_array(strtolower($ext), $skip)) {
+ return true;
+ }
+ return false;
+ }
+
+ protected function validateFile($filename, $ext)
+ {
+ $this->validateFileOrFolder($filename);
+ $this->validateExtension($ext);
+ // @fixme validate content
+ }
+
+ protected function validateFileOrFolder($name)
+ {
+ if (!preg_match('/^[a-z0-9_-]+$/i', $name)) {
+ $msg = _("Theme contains invalid file or folder name. " .
+ "Stick with ASCII letters, digits, underscore, and minus sign.");
+ throw new ClientException($msg);
+ }
+ return true;
+ }
+
+ protected function validateExtension($ext)
+ {
+ $allowed = array('css', 'png', 'gif', 'jpg', 'jpeg');
+ if (!in_array(strtolower($ext), $allowed)) {
+ $msg = sprintf(_("Theme contains file of type '.%s', " .
+ "which is not allowed."),
+ $ext);
+ throw new ClientException($msg);
+ }
+ return true;
+ }
+
+ /**
+ * @return ZipArchive
+ */
+ protected function openArchive()
+ {
+ $zip = new ZipArchive;
+ $ok = $zip->open($this->sourceFile);
+ if ($ok !== true) {
+ common_log(LOG_ERR, "Error opening theme zip archive: " .
+ "{$this->sourceFile} code: {$ok}");
+ throw new Exception(_("Error opening theme archive."));
+ }
+ return $zip;
+ }
+
+ /**
+ * @param ZipArchive $zip
+ * @param string $from original path inside ZIP archive
+ * @param string $to final destination path in filesystem
+ */
+ protected function extractFile($zip, $from, $to)
+ {
+ $dir = dirname($to);
+ if (!file_exists($dir)) {
+ $this->quiet();
+ $ok = mkdir($dir, 0755, true);
+ $this->loud();
+ if (!$ok) {
+ common_log(LOG_ERR, "Failed to mkdir $dir while uploading theme");
+ throw new ServerException(_("Failed saving theme."));
+ }
+ } else if (!is_dir($dir)) {
+ common_log(LOG_ERR, "Output directory $dir not a directory while uploading theme");
+ throw new ServerException(_("Failed saving theme."));
+ }
+
+ // ZipArchive::extractTo would be easier, but won't let us alter
+ // the directory structure.
+ $in = $zip->getStream($from);
+ if (!$in) {
+ common_log(LOG_ERR, "Couldn't open archived file $from while uploading theme");
+ throw new ServerException(_("Failed saving theme."));
+ }
+ $this->quiet();
+ $out = fopen($to, "wb");
+ $this->loud();
+ if (!$out) {
+ common_log(LOG_ERR, "Couldn't open output file $to while uploading theme");
+ throw new ServerException(_("Failed saving theme."));
+ }
+ while (!feof($in)) {
+ $buffer = fread($in, 65536);
+ fwrite($out, $buffer);
+ }
+ fclose($in);
+ fclose($out);
+ }
+
+ private function quiet()
+ {
+ $this->prevErrorReporting = error_reporting();
+ error_reporting($this->prevErrorReporting & ~E_WARNING);
+ }
+
+ private function loud()
+ {
+ error_reporting($this->prevErrorReporting);
+ }
+
+ private function recursiveRmdir($dir)
+ {
+ $list = dir($dir);
+ while (($file = $list->read()) !== false) {
+ if ($file == '.' || $file == '..') {
+ continue;
+ }
+ $full = "$dir/$file";
+ if (is_dir($full)) {
+ $this->recursiveRmdir($full);
+ } else {
+ unlink($full);
+ }
+ }
+ $list->close();
+ rmdir($dir);
+ }
+
+}
diff --git a/lib/util.php b/lib/util.php
index 1f3aaf711..d8fb3b65e 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -34,6 +34,14 @@ function common_user_error($msg, $code=400)
$err->showPage();
}
+/**
+ * This should only be used at setup; processes switching languages
+ * to send text to other users should use common_switch_locale().
+ *
+ * @param string $language Locale language code (optional; empty uses
+ * current user's preference or site default)
+ * @return mixed success
+ */
function common_init_locale($language=null)
{
if(!$language) {
@@ -41,13 +49,24 @@ function common_init_locale($language=null)
}
putenv('LANGUAGE='.$language);
putenv('LANG='.$language);
- return setlocale(LC_ALL, $language . ".utf8",
+ $ok = setlocale(LC_ALL, $language . ".utf8",
$language . ".UTF8",
$language . ".utf-8",
$language . ".UTF-8",
$language);
+
+ return $ok;
}
+/**
+ * Initialize locale and charset settings and gettext with our message catalog,
+ * using the current user's language preference or the site default.
+ *
+ * This should generally only be run at framework initialization; code switching
+ * languages at runtime should call common_switch_language().
+ *
+ * @access private
+ */
function common_init_language()
{
mb_internal_encoding('UTF-8');
@@ -89,6 +108,32 @@ function common_init_language()
$locale_set = common_init_locale($language);
}
+ common_init_gettext();
+}
+
+/**
+ * @access private
+ */
+function common_init_gettext()
+{
+ setlocale(LC_CTYPE, 'C');
+ // So we do not have to make people install the gettext locales
+ $path = common_config('site','locale_path');
+ bindtextdomain("statusnet", $path);
+ bind_textdomain_codeset("statusnet", "UTF-8");
+ textdomain("statusnet");
+}
+
+/**
+ * Switch locale during runtime, and poke gettext until it cries uncle.
+ * Otherwise, sometimes it doesn't actually switch away from the old language.
+ *
+ * @param string $language code for locale ('en', 'fr', 'pt_BR' etc)
+ */
+function common_switch_locale($language=null)
+{
+ common_init_locale($language);
+
setlocale(LC_CTYPE, 'C');
// So we do not have to make people install the gettext locales
$path = common_config('site','locale_path');
@@ -97,6 +142,7 @@ function common_init_language()
textdomain("statusnet");
}
+
function common_timezone()
{
if (common_logged_in()) {
@@ -109,23 +155,38 @@ function common_timezone()
return common_config('site', 'timezone');
}
+function common_valid_language($lang)
+{
+ if ($lang) {
+ // Validate -- we don't want to end up with a bogus code
+ // left over from some old junk.
+ foreach (common_config('site', 'languages') as $code => $info) {
+ if ($info['lang'] == $lang) {
+ return true;
+ }
+ }
+ }
+ return false;
+}
+
function common_language()
{
+ // Allow ?uselang=xx override, very useful for debugging
+ // and helping translators check usage and context.
+ if (isset($_GET['uselang'])) {
+ $uselang = strval($_GET['uselang']);
+ if (common_valid_language($uselang)) {
+ return $uselang;
+ }
+ }
// If there is a user logged in and they've set a language preference
// then return that one...
if (_have_config() && common_logged_in()) {
$user = common_current_user();
- $user_language = $user->language;
-
- if ($user->language) {
- // Validate -- we don't want to end up with a bogus code
- // left over from some old junk.
- foreach (common_config('site', 'languages') as $code => $info) {
- if ($info['lang'] == $user_language) {
- return $user_language;
- }
- }
+
+ if (common_valid_language($user->language)) {
+ return $user->language;
}
}
@@ -826,7 +887,7 @@ function common_linkify($url) {
return XMLStringer::estring('a', $attrs, $url);
}
-function common_shorten_links($text)
+function common_shorten_links($text, $always = false)
{
common_debug("common_shorten_links() called");
@@ -836,7 +897,7 @@ function common_shorten_links($text)
common_debug("maxLength = $maxLength");
- if (mb_strlen($text) > $maxLength) {
+ if ($always || mb_strlen($text) > $maxLength) {
common_debug("Forcing shortening");
return common_replace_urls_callback($text, array('File_redirection', 'forceShort'));
} else {
@@ -1209,9 +1270,8 @@ function common_enqueue_notice($notice)
$transports[] = 'plugin';
}
- // @fixme move these checks into QueueManager and/or individual handlers
- if ($notice->is_local == Notice::LOCAL_PUBLIC ||
- $notice->is_local == Notice::LOCAL_NONPUBLIC) {
+ // We can skip these for gatewayed notices.
+ if ($notice->isLocal()) {
$transports = array_merge($transports, $localTransports);
}
@@ -1353,7 +1413,7 @@ function common_log_line($priority, $msg)
{
static $syslog_priorities = array('LOG_EMERG', 'LOG_ALERT', 'LOG_CRIT', 'LOG_ERR',
'LOG_WARNING', 'LOG_NOTICE', 'LOG_INFO', 'LOG_DEBUG');
- return date('Y-m-d H:i:s') . ' ' . $syslog_priorities[$priority] . ': ' . $msg . "\n";
+ return date('Y-m-d H:i:s') . ' ' . $syslog_priorities[$priority] . ': ' . $msg . PHP_EOL;
}
function common_request_id()
@@ -1908,6 +1968,15 @@ function common_url_to_nickname($url)
$path = preg_replace('@/$@', '', $parts['path']);
$path = preg_replace('@^/@', '', $path);
$path = basename($path);
+
+ // Hack for MediaWiki user pages, in the form:
+ // http://example.com/wiki/User:Myname
+ // ('User' may be localized.)
+ if (strpos($path, ':')) {
+ $parts = array_filter(explode(':', $path));
+ $path = $parts[count($parts) - 1];
+ }
+
if ($path) {
return common_nicknamize($path);
}
diff --git a/lib/xrdsoutputter.php b/lib/xrdsoutputter.php
index 4b77ed5a3..95dc73300 100644
--- a/lib/xrdsoutputter.php
+++ b/lib/xrdsoutputter.php
@@ -23,6 +23,7 @@
* @package StatusNet
* @author Craig Andrews <candrews@integralblue.com>
* @copyright 2008 StatusNet, Inc.
+ * @copyright 2009 Free Software Foundation, Inc http://www.fsf.org
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/