diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/apiaction.php | 64 | ||||
| -rw-r--r-- | lib/apiauth.php | 3 | ||||
| -rw-r--r-- | lib/atomnoticefeed.php | 9 | ||||
| -rw-r--r-- | lib/default.php | 6 | ||||
| -rw-r--r-- | lib/httpclient.php | 14 | ||||
| -rw-r--r-- | lib/installer.php | 5 | ||||
| -rw-r--r-- | lib/mail.php | 30 | ||||
| -rw-r--r-- | lib/noticelist.php | 72 | ||||
| -rw-r--r-- | lib/ping.php | 10 | ||||
| -rw-r--r-- | lib/profileformaction.php | 13 | ||||
| -rw-r--r-- | lib/redirectingaction.php | 9 | ||||
| -rw-r--r-- | lib/router.php | 5 | ||||
| -rw-r--r-- | lib/util.php | 28 | ||||
| -rw-r--r-- | lib/xmppmanager.php | 4 |
14 files changed, 167 insertions, 105 deletions
diff --git a/lib/apiaction.php b/lib/apiaction.php index 6ee0a94d9..320aa0316 100644 --- a/lib/apiaction.php +++ b/lib/apiaction.php @@ -63,9 +63,12 @@ class ApiAction extends Action var $count = null; var $max_id = null; var $since_id = null; + var $source = null; var $access = self::READ_ONLY; // read (default) or read-write + static $reserved_sources = array('web', 'omb', 'ostatus', 'mail', 'xmpp', 'api'); + /** * Initialization. * @@ -89,6 +92,12 @@ class ApiAction extends Action header('X-StatusNet-Warning: since parameter is disabled; use since_id'); } + $this->source = $this->trimmed('source'); + + if (empty($this->source) || in_array($this->source, self::$reserved_sources)) { + $this->source = 'api'; + } + return true; } @@ -255,7 +264,23 @@ class ApiAction extends Action $twitter_status['created_at'] = $this->dateTwitter($notice->created); $twitter_status['in_reply_to_status_id'] = ($notice->reply_to) ? intval($notice->reply_to) : null; - $twitter_status['source'] = $this->sourceLink($notice->source); + + $source = null; + + $ns = $notice->getSource(); + if ($ns) { + if (!empty($ns->name) && !empty($ns->url)) { + $source = '<a href="' + . htmlspecialchars($ns->url) + . '" rel="nofollow">' + . htmlspecialchars($ns->name) + . '</a>'; + } else { + $source = $ns->code; + } + } + + $twitter_status['source'] = $source; $twitter_status['id'] = intval($notice->id); $replier_profile = null; @@ -1311,43 +1336,6 @@ class ApiAction extends Action } } - function sourceLink($source) - { - $source_name = _($source); - switch ($source) { - case 'web': - case 'xmpp': - case 'mail': - case 'omb': - case 'api': - break; - default: - - $name = null; - $url = null; - - $ns = Notice_source::staticGet($source); - - if ($ns) { - $name = $ns->name; - $url = $ns->url; - } else { - $app = Oauth_application::staticGet('name', $source); - if ($app) { - $name = $app->name; - $url = $app->source_url; - } - } - - if (!empty($name) && !empty($url)) { - $source_name = '<a href="' . $url . '">' . $name . '</a>'; - } - - break; - } - return $source_name; - } - /** * Returns query argument or default value if not found. Certain * parameters used throughout the API are lightly scrubbed and diff --git a/lib/apiauth.php b/lib/apiauth.php index e78de618e..95acbbd7b 100644 --- a/lib/apiauth.php +++ b/lib/apiauth.php @@ -54,7 +54,6 @@ class ApiAuthAction extends ApiAction { var $auth_user_nickname = null; var $auth_user_password = null; - var $oauth_source = null; /** * Take arguments for running, looks for an OAuth request, @@ -162,7 +161,7 @@ class ApiAuthAction extends ApiAction // set the source attr - $this->oauth_source = $app->name; + $this->source = $app->name; $appUser = Oauth_application_user::staticGet('token', $access_token); diff --git a/lib/atomnoticefeed.php b/lib/atomnoticefeed.php index e4df731fe..35a45118c 100644 --- a/lib/atomnoticefeed.php +++ b/lib/atomnoticefeed.php @@ -79,6 +79,11 @@ class AtomNoticeFeed extends Atom10Feed 'ostatus', 'http://ostatus.org/schema/1.0' ); + + $this->addNamespace( + 'statusnet', + 'http://status.net/ont/' + ); } /** @@ -110,7 +115,9 @@ class AtomNoticeFeed extends Atom10Feed $source = $this->showSource(); $author = $this->showAuthor(); - $this->addEntryRaw($notice->asAtomEntry(false, $source, $author)); + $cur = common_current_user(); + + $this->addEntryRaw($notice->asAtomEntry(false, $source, $author, $cur)); } function showSource() diff --git a/lib/default.php b/lib/default.php index fa4ece10a..950c6018d 100644 --- a/lib/default.php +++ b/lib/default.php @@ -188,7 +188,8 @@ $default = 'cache' => array('base' => null), 'ping' => - array('notify' => array()), + array('notify' => array(), + 'timeout' => 2), 'inboxes' => array('enabled' => true), # ignored after 0.9.x 'newuser' => @@ -303,4 +304,7 @@ $default = array('subscribers' => true, 'members' => true, 'peopletag' => true), + 'http' => // HTTP client settings when contacting other sites + array('ssl_cafile' => false // To enable SSL cert validation, point to a CA bundle (eg '/usr/lib/ssl/certs/ca-certificates.crt') + ), ); diff --git a/lib/httpclient.php b/lib/httpclient.php index 384626ae0..b69f718e5 100644 --- a/lib/httpclient.php +++ b/lib/httpclient.php @@ -132,7 +132,19 @@ class HTTPClient extends HTTP_Request2 // ought to be investigated to see if we can handle // it gracefully in that case as well. $this->config['protocol_version'] = '1.0'; - + + // Default state of OpenSSL seems to have no trusted + // SSL certificate authorities, which breaks hostname + // verification and means we have a hard time communicating + // with other sites' HTTPS interfaces. + // + // Turn off verification unless we've configured a CA bundle. + if (common_config('http', 'ssl_cafile')) { + $this->config['ssl_cafile'] = common_config('http', 'ssl_cafile'); + } else { + $this->config['ssl_verify_peer'] = false; + } + parent::__construct($url, $method, $config); $this->setHeader('User-Agent', $this->userAgent()); } diff --git a/lib/installer.php b/lib/installer.php index 589a19a66..58ffbfef7 100644 --- a/lib/installer.php +++ b/lib/installer.php @@ -128,6 +128,7 @@ abstract class Installer $pass = false; } + // @fixme this check seems to be insufficient with Windows ACLs if (!is_writable(INSTALLDIR)) { $this->warning(sprintf('Cannot write config file to: <code>%s</code></p>', INSTALLDIR), sprintf('On your server, try this command: <code>chmod a+w %s</code>', INSTALLDIR)); @@ -409,6 +410,10 @@ abstract class Installer "\$config['db']['database'] = '{$this->db['database']}';\n\n". ($this->db['type'] == 'pgsql' ? "\$config['db']['quote_identifiers'] = true;\n\n":''). "\$config['db']['type'] = '{$this->db['type']}';\n\n"; + + // Normalize line endings for Windows servers + $cfg = str_replace("\n", PHP_EOL, $cfg); + // write configuration file out to install directory $res = file_put_contents(INSTALLDIR.'/config.php', $cfg); diff --git a/lib/mail.php b/lib/mail.php index 5fc584e28..ab5742e33 100644 --- a/lib/mail.php +++ b/lib/mail.php @@ -224,9 +224,6 @@ function mail_subscribe_notify_profile($listenee, $other) if ($other->hasRight(Right::EMAILONSUBSCRIBE) && $listenee->email && $listenee->emailnotifysub) { - // use the recipient's localization - common_init_locale($listenee->language); - $profile = $listenee->getProfile(); $name = $profile->getBestName(); @@ -236,6 +233,9 @@ function mail_subscribe_notify_profile($listenee, $other) $recipients = $listenee->email; + // use the recipient's localization + common_switch_locale($listenee->language); + $headers = _mail_prepare_headers('subscribe', $listenee->nickname, $other->nickname); $headers['From'] = mail_notify_from(); $headers['To'] = $name . ' <' . $listenee->email . '>'; @@ -245,6 +245,11 @@ function mail_subscribe_notify_profile($listenee, $other) $other->getBestName(), common_config('site', 'name')); + $blocklink = sprintf(_("If you believe this account is being used abusively, " . + "you can block them from your subscribers list and " . + "report as spam to site administrators at %s"), + common_local_url('block', array('profileid' => $other->id))); + // TRANS: Main body of new-subscriber notification e-mail $body = sprintf(_('%1$s is now listening to your notices on %2$s.'."\n\n". "\t".'%3$s'."\n\n". @@ -264,14 +269,15 @@ function mail_subscribe_notify_profile($listenee, $other) ($other->homepage) ? // TRANS: Profile info line in new-subscriber notification e-mail sprintf(_("Homepage: %s"), $other->homepage) . "\n" : '', - ($other->bio) ? + (($other->bio) ? // TRANS: Profile info line in new-subscriber notification e-mail - sprintf(_("Bio: %s"), $other->bio) . "\n\n" : '', + sprintf(_("Bio: %s"), $other->bio) . "\n" : '') . + "\n\n" . $blocklink . "\n", common_config('site', 'name'), common_local_url('emailsettings')); // reset localization - common_init_locale(); + common_switch_locale(); mail_send($recipients, $headers, $body); } } @@ -473,7 +479,7 @@ function mail_confirm_sms($code, $nickname, $address) function mail_notify_nudge($from, $to) { - common_init_locale($to->language); + common_switch_locale($to->language); // TRANS: Subject for 'nudge' notification email $subject = sprintf(_('You\'ve been nudged by %s'), $from->nickname); @@ -491,7 +497,7 @@ function mail_notify_nudge($from, $to) $from->nickname, common_local_url('all', array('nickname' => $to->nickname)), common_config('site', 'name')); - common_init_locale(); + common_switch_locale(); $headers = _mail_prepare_headers('nudge', $to->nickname, $from->nickname); @@ -525,7 +531,7 @@ function mail_notify_message($message, $from=null, $to=null) return true; } - common_init_locale($to->language); + common_switch_locale($to->language); // TRANS: Subject for direct-message notification email $subject = sprintf(_('New private message from %s'), $from->nickname); @@ -549,7 +555,7 @@ function mail_notify_message($message, $from=null, $to=null) $headers = _mail_prepare_headers('message', $to->nickname, $from->nickname); - common_init_locale(); + common_switch_locale(); return mail_to_user($to, $subject, $body, $headers); } @@ -577,7 +583,7 @@ function mail_notify_fave($other, $user, $notice) $bestname = $profile->getBestName(); - common_init_locale($other->language); + common_switch_locale($other->language); // TRANS: Subject for favorite notification email $subject = sprintf(_('%s (@%s) added your notice as a favorite'), $bestname, $user->nickname); @@ -605,7 +611,7 @@ function mail_notify_fave($other, $user, $notice) $headers = _mail_prepare_headers('fave', $other->nickname, $user->nickname); - common_init_locale(); + common_switch_locale(); mail_to_user($other, $subject, $body, $headers); } diff --git a/lib/noticelist.php b/lib/noticelist.php index 4f997a328..81da9edc0 100644 --- a/lib/noticelist.php +++ b/lib/noticelist.php @@ -480,54 +480,46 @@ class NoticeListItem extends Widget function showNoticeSource() { - if ($this->notice->source) { + $ns = $this->notice->getSource(); + + if ($ns) { + $source_name = _($ns->code); $this->out->text(' '); $this->out->elementStart('span', 'source'); $this->out->text(_('from')); - $source_name = _($this->notice->source); $this->out->text(' '); - switch ($this->notice->source) { - case 'web': - case 'xmpp': - case 'mail': - case 'omb': - case 'system': - case 'api': - $this->out->element('span', 'device', $source_name); - break; - default: + $name = $source_name; + $url = $ns->url; + $title = null; + + if (Event::handle('StartNoticeSourceLink', array($this->notice, &$name, &$url, &$title))) { $name = $source_name; - $url = null; - - if (Event::handle('StartNoticeSourceLink', array($this->notice, &$name, &$url, &$title))) { - $ns = Notice_source::staticGet($this->notice->source); - - if ($ns) { - $name = $ns->name; - $url = $ns->url; - } else { - $app = Oauth_application::staticGet('name', $this->notice->source); - if ($app) { - $name = $app->name; - $url = $app->source_url; - } - } - } - Event::handle('EndNoticeSourceLink', array($this->notice, &$name, &$url, &$title)); - - if (!empty($name) && !empty($url)) { - $this->out->elementStart('span', 'device'); - $this->out->element('a', array('href' => $url, - 'rel' => 'external', - 'title' => $title), - $name); - $this->out->elementEnd('span'); - } else { - $this->out->element('span', 'device', $name); + $url = $ns->url; + } + Event::handle('EndNoticeSourceLink', array($this->notice, &$name, &$url, &$title)); + + // if $ns->name and $ns->url are populated we have + // configured a source attr somewhere + if (!empty($name) && !empty($url)) { + + $this->out->elementStart('span', 'device'); + + $attrs = array( + 'href' => $url, + 'rel' => 'external' + ); + + if (!empty($title)) { + $attrs['title'] = $title; } - break; + + $this->out->element('a', $attrs, $name); + $this->out->elementEnd('span'); + } else { + $this->out->element('span', 'device', $name); } + $this->out->elementEnd('span'); } } diff --git a/lib/ping.php b/lib/ping.php index 735af9ef1..be2933ae3 100644 --- a/lib/ping.php +++ b/lib/ping.php @@ -45,7 +45,15 @@ function ping_broadcast_notice($notice) { $tags)); $request = HTTPClient::start(); - $httpResponse = $request->post($notify_url, array('Content-Type: text/xml'), $req); + $request->setConfig('connect_timeout', common_config('ping', 'timeout')); + $request->setConfig('timeout', common_config('ping', 'timeout')); + try { + $httpResponse = $request->post($notify_url, array('Content-Type: text/xml'), $req); + } catch (Exception $e) { + common_log(LOG_ERR, + "Exception pinging $notify_url: " . $e->getMessage()); + continue; + } if (!$httpResponse || mb_strlen($httpResponse->getBody()) == 0) { common_log(LOG_WARNING, diff --git a/lib/profileformaction.php b/lib/profileformaction.php index 0ffafe5fb..51c89a922 100644 --- a/lib/profileformaction.php +++ b/lib/profileformaction.php @@ -60,7 +60,16 @@ class ProfileFormAction extends RedirectingAction $this->checkSessionToken(); if (!common_logged_in()) { - $this->clientError(_('Not logged in.')); + if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $this->clientError(_('Not logged in.')); + } else { + // Redirect to login. + common_set_returnto($this->selfUrl()); + $user = common_current_user(); + if (Event::handle('RedirectToLogin', array($this, $user))) { + common_redirect(common_local_url('login'), 303); + } + } return false; } @@ -97,7 +106,7 @@ class ProfileFormAction extends RedirectingAction if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->handlePost(); - $this->returnToArgs(); + $this->returnToPrevious(); } } diff --git a/lib/redirectingaction.php b/lib/redirectingaction.php index f11585274..3a358f891 100644 --- a/lib/redirectingaction.php +++ b/lib/redirectingaction.php @@ -53,12 +53,13 @@ class RedirectingAction extends Action * * To be called only after successful processing. * - * @fixme rename this -- it obscures Action::returnToArgs() which - * returns a list of arguments, and is a bit confusing. + * Note: this was named returnToArgs() up through 0.9.2, which + * caused problems because there's an Action::returnToArgs() + * already which does something different. * * @return void */ - function returnToArgs() + function returnToPrevious() { // Now, gotta figure where we go back to $action = false; @@ -77,7 +78,7 @@ class RedirectingAction extends Action if ($action) { common_redirect(common_local_url($action, $args, $params), 303); } else { - $url = $this->defaultReturnToUrl(); + $url = $this->defaultReturnTo(); } common_redirect($url, 303); } diff --git a/lib/router.php b/lib/router.php index a9d07276f..afe44f92a 100644 --- a/lib/router.php +++ b/lib/router.php @@ -136,6 +136,11 @@ class Router $m->connect('main/'.$a, array('action' => $a)); } + // Also need a block variant accepting ID on URL for mail links + $m->connect('main/block/:profileid', + array('action' => 'block'), + array('profileid' => '[0-9]+')); + $m->connect('main/sup/:seconds', array('action' => 'sup'), array('seconds' => '[0-9]+')); diff --git a/lib/util.php b/lib/util.php index c0013bb3d..59d5132ec 100644 --- a/lib/util.php +++ b/lib/util.php @@ -34,6 +34,14 @@ function common_user_error($msg, $code=400) $err->showPage(); } +/** + * This should only be used at setup; processes switching languages + * to send text to other users should use common_switch_locale(). + * + * @param string $language Locale language code (optional; empty uses + * current user's preference or site default) + * @return mixed success + */ function common_init_locale($language=null) { if(!$language) { @@ -50,6 +58,15 @@ function common_init_locale($language=null) return $ok; } +/** + * Initialize locale and charset settings and gettext with our message catalog, + * using the current user's language preference or the site default. + * + * This should generally only be run at framework initialization; code switching + * languages at runtime should call common_switch_language(). + * + * @access private + */ function common_init_language() { mb_internal_encoding('UTF-8'); @@ -1365,7 +1382,7 @@ function common_log_line($priority, $msg) { static $syslog_priorities = array('LOG_EMERG', 'LOG_ALERT', 'LOG_CRIT', 'LOG_ERR', 'LOG_WARNING', 'LOG_NOTICE', 'LOG_INFO', 'LOG_DEBUG'); - return date('Y-m-d H:i:s') . ' ' . $syslog_priorities[$priority] . ': ' . $msg . "\n"; + return date('Y-m-d H:i:s') . ' ' . $syslog_priorities[$priority] . ': ' . $msg . PHP_EOL; } function common_request_id() @@ -1908,6 +1925,15 @@ function common_url_to_nickname($url) $path = preg_replace('@/$@', '', $parts['path']); $path = preg_replace('@^/@', '', $path); $path = basename($path); + + // Hack for MediaWiki user pages, in the form: + // http://example.com/wiki/User:Myname + // ('User' may be localized.) + if (strpos($path, ':')) { + $parts = array_filter(explode(':', $path)); + $path = $parts[count($parts) - 1]; + } + if ($path) { return common_nicknamize($path); } diff --git a/lib/xmppmanager.php b/lib/xmppmanager.php index cca54db08..829eaa36c 100644 --- a/lib/xmppmanager.php +++ b/lib/xmppmanager.php @@ -253,12 +253,12 @@ class XmppManager extends IoManager $from = jabber_normalize_jid($pl['from']); if ($pl['type'] != 'chat') { - $this->log(LOG_WARNING, "Ignoring message of type ".$pl['type']." from $from."); + $this->log(LOG_WARNING, "Ignoring message of type ".$pl['type']." from $from: " . $pl['xml']->toString()); return; } if (mb_strlen($pl['body']) == 0) { - $this->log(LOG_WARNING, "Ignoring message with empty body from $from."); + $this->log(LOG_WARNING, "Ignoring message with empty body from $from: " . $pl['xml']->toString()); return; } |