From 31325f0995bb61413b07f166d253b13fb27d085d Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 23 Jun 2009 13:51:23 -0700 Subject: Stop Twitter gateway notices from leaking via user faves pages --- actions/showfavorites.php | 17 ++++++++++++++--- classes/Fave.php | 46 ++++++++++++++++++++++++++++------------------ classes/Notice.php | 2 ++ classes/User.php | 4 ++-- 4 files changed, 46 insertions(+), 23 deletions(-) diff --git a/actions/showfavorites.php b/actions/showfavorites.php index 01f38a892..b723924a5 100644 --- a/actions/showfavorites.php +++ b/actions/showfavorites.php @@ -191,10 +191,21 @@ class ShowfavoritesAction extends CurrentUserDesignAction function showContent() { - $notice = $this->user->favoriteNotices(($this->page-1)*NOTICES_PER_PAGE, - NOTICES_PER_PAGE + 1); + $cur = common_current_user(); - if (!$notice) { + if (!empty($cur) && $cur->id == $this->user->id) { + + // Show imported/gateway notices as well as local if + // the user is looking at his own favorites + + $notice = $this->user->favoriteNotices(($this->page-1)*NOTICES_PER_PAGE, + NOTICES_PER_PAGE + 1, true); + } else { + $notice = $this->user->favoriteNotices(($this->page-1)*NOTICES_PER_PAGE, + NOTICES_PER_PAGE + 1, false); + } + + if (empty($notice)) { $this->serverError(_('Could not retrieve favorite notices.')); return; } diff --git a/classes/Fave.php b/classes/Fave.php index 572334ce4..f4cf6256f 100644 --- a/classes/Fave.php +++ b/classes/Fave.php @@ -37,52 +37,62 @@ class Fave extends Memcached_DataObject return Memcached_DataObject::pkeyGet('Fave', $kv); } - function stream($user_id, $offset=0, $limit=NOTICES_PER_PAGE) + function stream($user_id, $offset=0, $limit=NOTICES_PER_PAGE, $own=false) { $ids = Notice::stream(array('Fave', '_streamDirect'), - array($user_id), - 'fave:ids_by_user:'.$user_id, + array($user_id, $own), + ($own) ? 'fave:ids_by_user_own:'.$user_id : + 'fave:by_user:'.$user_id, $offset, $limit); return $ids; } - function _streamDirect($user_id, $offset, $limit, $since_id, $max_id, $since) + function _streamDirect($user_id, $own, $offset, $limit, $since_id, $max_id, $since) { $fav = new Fave(); - - $fav->user_id = $user_id; - - $fav->selectAdd(); - $fav->selectAdd('notice_id'); + $qry = null; + + if ($own) { + $qry = 'SELECT fave.* FROM fave '; + $qry .= 'WHERE fave.user_id = ' . $user_id . ' '; + } else { + $qry = 'SELECT fave.* FROM fave '; + $qry .= 'INNER JOIN notice ON fave.notice_id = notice.id '; + $qry .= 'WHERE fave.user_id = ' . $user_id . ' '; + $qry .= 'AND notice.is_local != ' . NOTICE_GATEWAY . ' '; + } if ($since_id != 0) { - $fav->whereAdd('notice_id > ' . $since_id); + $qry .= 'AND notice_id > ' . $since_id . ' '; } if ($max_id != 0) { - $fav->whereAdd('notice_id <= ' . $max_id); + $qry .= 'AND notice_id <= ' . $max_id . ' '; } if (!is_null($since)) { - $fav->whereAdd('modified > \'' . date('Y-m-d H:i:s', $since) . '\''); + $qry .= 'AND modified > \'' . date('Y-m-d H:i:s', $since) . '\' '; } // NOTE: we sort by fave time, not by notice time! - $fav->orderBy('modified DESC'); + $qry .= 'ORDER BY modified DESC '; if (!is_null($offset)) { - $fav->limit($offset, $limit); + $qry .= "LIMIT $offset, $limit"; } + $fav->query($qry); + $ids = array(); - if ($fav->find()) { - while ($fav->fetch()) { - $ids[] = $fav->notice_id; - } + while ($fav->fetch()) { + $ids[] = $fav->notice_id; } + $fav->free(); + unset($fav); + return $ids; } } diff --git a/classes/Notice.php b/classes/Notice.php index b6bbf66ca..6f9b73be4 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -471,8 +471,10 @@ class Notice extends Memcached_DataObject if ($fave->find()) { while ($fave->fetch()) { $cache->delete(common_cache_key('fave:ids_by_user:'.$fave->user_id)); + $cache->delete(common_cache_key('fave:by_user_own:'.$fave->user_id)); if ($blowLast) { $cache->delete(common_cache_key('fave:ids_by_user:'.$fave->user_id.';last')); + $cache->delete(common_cache_key('fave:by_user_own:'.$fave->user_id.';last')); } } } diff --git a/classes/User.php b/classes/User.php index e8c8c5a75..a01a3106f 100644 --- a/classes/User.php +++ b/classes/User.php @@ -424,9 +424,9 @@ class User extends Memcached_DataObject } } - function favoriteNotices($offset=0, $limit=NOTICES_PER_PAGE) + function favoriteNotices($offset=0, $limit=NOTICES_PER_PAGE, $own=false) { - $ids = Fave::stream($this->id, $offset, $limit); + $ids = Fave::stream($this->id, $offset, $limit, $own); return Notice::getStreamByIds($ids); } -- cgit v1.2.3-54-g00ecf From 3cfa2ebb05e131be3a85d9af7a14ed9466b291cb Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Tue, 23 Jun 2009 21:18:41 +0000 Subject: Updated default colour theme and IE6 colours for transparent values --- theme/default/css/display.css | 24 ++++++++++++------------ theme/default/css/ie.css | 6 +++--- theme/identica/css/ie.css | 6 +++--- 3 files changed, 18 insertions(+), 18 deletions(-) diff --git a/theme/default/css/display.css b/theme/default/css/display.css index 7e8b84b4c..f592e930f 100644 --- a/theme/default/css/display.css +++ b/theme/default/css/display.css @@ -11,7 +11,7 @@ body, a:active { -background-color:#C3D6DF; +background-color:#CEE1E9; } body { font-family: "Lucida Sans Unicode", "Lucida Grande", sans-serif; @@ -29,7 +29,7 @@ input, textarea, select, border-color:#AAAAAA; } #filter_tags ul li { -border-color:#C3D6DF; +border-color:#DDDDDD; } .form_settings input.form_action-primary { @@ -40,12 +40,12 @@ input.submit, #form_notice.warning #notice_text-count, .form_settings .form_note, .entity_remote_subscribe { -background-color:#A9BF4F; +background-color:#9BB43E; } input:focus, textarea:focus, select:focus, #form_notice.warning #notice_data-text { -border-color:#A9BF4F; +border-color:#9BB43E; box-shadow:3px 3px 3px rgba(194, 194, 194, 0.3); -moz-box-shadow:3px 3px 3px rgba(194, 194, 194, 0.3); -webkit-box-shadow:3px 3px 3px rgba(194, 194, 194, 0.3); @@ -71,14 +71,14 @@ color:#002E6E; .notice, .profile { -border-top-color:#D1D9E4; +border-top-color:#C8D1D5; } .section .profile { -border-top-color:#C3D6DF; +border-top-color:#87B4C8; } #aside_primary { -background-color:#CEE1E9; +background-color:#C8D1D5; } #notice_text-count { @@ -136,13 +136,13 @@ background-color:#EFF3DC; } #anon_notice { -background-color:#C3D6DF; +background-color:#87B4C8; color:#FFFFFF; border-color:#FFFFFF; } #showstream #anon_notice { -background-color:#A9BF4F; +background-color:#9BB43E; } #export_data li a { @@ -176,13 +176,13 @@ background-color:transparent; .form_group_leave input.submit .form_user_subscribe input.submit, .form_user_unsubscribe input.submit { -background-color:#A9BF4F; +background-color:#9BB43E; color:#FFFFFF; } .form_user_unsubscribe input.submit, .form_group_leave input.submit, .form_user_authorization input.reject { -background-color:#C3D6DF; +background-color:#87B4C8; } .entity_edit a { @@ -272,7 +272,7 @@ background:transparent url(../../base/images/icons/twotone/green/news.gif) no-re .pagination .nav_prev a, .pagination .nav_next a { background-repeat:no-repeat; -border-color:#D1D9E4; +border-color:#C8D1D5; } .pagination .nav_prev a { background-image:url(../../base/images/icons/twotone/green/arrow-left.gif); diff --git a/theme/default/css/ie.css b/theme/default/css/ie.css index 6501f4e48..cbbd49ce6 100644 --- a/theme/default/css/ie.css +++ b/theme/default/css/ie.css @@ -1,14 +1,14 @@ /* IE specific styles */ .notice-options input.submit { -color:#fff; +color:#FFFFFF; } #site_nav_local_views a { -background-color:#ACCCDA; +background-color:#C8D1D5; } #form_notice .form_note + label { background:transparent url(../../base/images/icons/twotone/green/clip-01.gif) no-repeat 0 45%; } #form_notice #notice_data-attach { filter: alpha(opacity=0); -} \ No newline at end of file +} diff --git a/theme/identica/css/ie.css b/theme/identica/css/ie.css index 69db16aad..97cabc30a 100644 --- a/theme/identica/css/ie.css +++ b/theme/identica/css/ie.css @@ -1,14 +1,14 @@ /* IE specific styles */ .notice-options input.submit { -color:#fff; +color:#FFFFFF; } #site_nav_local_views a { -background-color:#D0DFE7; +background-color:#D9DADB; } #form_notice .form_note + label { background:transparent url(../../base/images/icons/twotone/green/clip-01.gif) no-repeat 0 45%; } #form_notice #notice_data-attach { filter: alpha(opacity=0); -} \ No newline at end of file +} -- cgit v1.2.3-54-g00ecf From 2d3e990ed47ee1c7130e1febabe7133884a85c80 Mon Sep 17 00:00:00 2001 From: Sarven Capadisli Date: Tue, 23 Jun 2009 21:26:47 +0000 Subject: Using default theme design values (it was previously set to identica theme) --- lib/common.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/common.php b/lib/common.php index 76eb4a978..8eb464d7d 100644 --- a/lib/common.php +++ b/lib/common.php @@ -95,9 +95,9 @@ $config = 'server' => $_server, 'theme' => 'default', 'design' => - array('backgroundcolor' => '#F0F2F5', + array('backgroundcolor' => '#CEE1E9', 'contentcolor' => '#FFFFFF', - 'sidebarcolor' => '#CEE1E9', + 'sidebarcolor' => '#C8D1D5', 'textcolor' => '#000000', 'linkcolor' => '#002E6E', 'backgroundimage' => null, -- cgit v1.2.3-54-g00ecf From 57903bf2acafdc4d15bb9af4fba183b37ec47efe Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Tue, 23 Jun 2009 15:53:49 -0700 Subject: Make gateway notices available to the auth user in the API --- actions/twitapifavorites.php | 6 +++++- actions/twitapistatuses.php | 13 ++++++++++--- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/actions/twitapifavorites.php b/actions/twitapifavorites.php index e40fea91a..8256668f3 100644 --- a/actions/twitapifavorites.php +++ b/actions/twitapifavorites.php @@ -61,7 +61,11 @@ class TwitapifavoritesAction extends TwitterapiAction $since_id = (int)$this->arg('since_id', 0); $since = $this->arg('since'); - $notice = $user->favoriteNotices(($page-1)*$count, $count); + if (!empty($this->auth_user) && $this->auth_user->id == $user->id) { + $notice = $user->favoriteNotices(($page-1)*$count, $count, true); + } else { + $notice = $user->favoriteNotices(($page-1)*$count, $count, false); + } switch($apidata['content-type']) { case 'xml': diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php index 2bc404063..e1fbc5c76 100644 --- a/actions/twitapistatuses.php +++ b/actions/twitapistatuses.php @@ -75,8 +75,10 @@ class TwitapistatusesAction extends TwitterapiAction { parent::handle($args); + $this->auth_user = $apidata['user']; $user = $this->get_user($apidata['api_arg'], $apidata); - $this->auth_user = $user; + + common_debug("auth user = " . $this->auth_user->nickname); if (empty($user)) { $this->clientError(_('No such user!'), 404, @@ -100,8 +102,13 @@ class TwitapistatusesAction extends TwitterapiAction $since_id = (int)$this->arg('since_id', 0); $since = $this->arg('since'); - $notice = $user->noticesWithFriends(($page-1)*$count, - $count, $since_id, $max_id,$since); + if (!empty($this->auth_user) && $this->auth_user->id == $user->id) { + $notice = $user->noticeInbox(($page-1)*$count, + $count, $since_id, $max_id, $since); + } else { + $notice = $user->noticesWithFriends(($page-1)*$count, + $count, $since_id, $max_id, $since); + } switch($apidata['content-type']) { case 'xml': -- cgit v1.2.3-54-g00ecf