From c628029ef124698fe39522a5038af3f3e1a11a26 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 28 Aug 2009 10:42:34 -0700 Subject: Status_network had wrong ini file --- classes/Status_network.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'classes') diff --git a/classes/Status_network.php b/classes/Status_network.php index d526cb4d6..fe4f0b0c5 100644 --- a/classes/Status_network.php +++ b/classes/Status_network.php @@ -54,7 +54,7 @@ class Status_network extends DB_DataObject global $config; $config['db']['database_'.$dbname] = "mysqli://$dbuser:$dbpass@$dbhost/$dbname"; - $config['db']['ini_'.$dbname] = INSTALLDIR.'/classes/statusnet.ini'; + $config['db']['ini_'.$dbname] = INSTALLDIR.'/classes/status_network.ini'; $config['db']['table_status_network'] = $dbname; self::$cache = new Memcache(); -- cgit v1.2.3-54-g00ecf From efcfd209ef737f4dbe99401df282e7a341176ea7 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Tue, 1 Sep 2009 23:02:03 -0400 Subject: Check "Files" of type 'application/xhtml+xml' for oEmbed in addition to just text/html --- classes/File.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'classes') diff --git a/classes/File.php b/classes/File.php index f4d0a3a48..96a4de6e8 100644 --- a/classes/File.php +++ b/classes/File.php @@ -78,7 +78,7 @@ class File extends Memcached_DataObject $file_id = $x->insert(); if (isset($redir_data['type']) - && ('text/html' === substr($redir_data['type'], 0, 9)) + && (('text/html' === substr($redir_data['type'], 0, 9) || 'application/xhtml+xml' === substr($redir_data['type'], 0, 21))) && ($oembed_data = File_oembed::_getOembed($given_url))) { File_oembed::saveNew($oembed_data, $file_id); } -- cgit v1.2.3-54-g00ecf From 2a06f2ac5bac02dea23b63c8d256a17f316039c1 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Thu, 10 Sep 2009 21:21:01 -0400 Subject: If there is no mimetype set, the file shouldn't be considered an enclosure --- classes/File.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'classes') diff --git a/classes/File.php b/classes/File.php index 96a4de6e8..308d0a771 100644 --- a/classes/File.php +++ b/classes/File.php @@ -201,7 +201,7 @@ class File extends Memcached_DataObject if(isset($this->filename)){ return true; } - $notEnclosureMimeTypes = array('text/html','application/xhtml+xml'); + $notEnclosureMimeTypes = array('text/html','application/xhtml+xml',null); $mimetype = strtolower($this->mimetype); $semicolon = strpos($mimetype,';'); if($semicolon){ -- cgit v1.2.3-54-g00ecf From bb48698416c1a2ae5a173eb3735c16c587a6e611 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Sun, 13 Sep 2009 21:43:29 -0400 Subject: Add missing pkeyGet override to the Profile class --- classes/Profile.php | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'classes') diff --git a/classes/Profile.php b/classes/Profile.php index 6ad0e7a3a..c4fb3a543 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -47,6 +47,11 @@ class Profile extends Memcached_DataObject /* the code above is auto generated do not remove the tag below */ ###END_AUTOCODE + function &pkeyGet($kv) + { + return Memcached_DataObject::pkeyGet('Profile', $kv); + } + function getAvatar($width, $height=null) { if (is_null($height)) { -- cgit v1.2.3-54-g00ecf From 4a97ad9efeeb350159e1d0c82686d234ee0cdb12 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Tue, 15 Sep 2009 17:08:26 -0400 Subject: Remove unnecessary Profile::pkeyGet Thanks for the info, Evan. --- classes/Profile.php | 5 ----- plugins/Autocomplete/autocomplete.php | 2 +- 2 files changed, 1 insertion(+), 6 deletions(-) (limited to 'classes') diff --git a/classes/Profile.php b/classes/Profile.php index c4fb3a543..6ad0e7a3a 100644 --- a/classes/Profile.php +++ b/classes/Profile.php @@ -47,11 +47,6 @@ class Profile extends Memcached_DataObject /* the code above is auto generated do not remove the tag below */ ###END_AUTOCODE - function &pkeyGet($kv) - { - return Memcached_DataObject::pkeyGet('Profile', $kv); - } - function getAvatar($width, $height=null) { if (is_null($height)) { diff --git a/plugins/Autocomplete/autocomplete.php b/plugins/Autocomplete/autocomplete.php index 96d54af8d..4379a86f2 100644 --- a/plugins/Autocomplete/autocomplete.php +++ b/plugins/Autocomplete/autocomplete.php @@ -62,7 +62,7 @@ class AutocompleteAction extends Action $user->whereAdd('nickname like \'' . trim($user->escape($q), '\'') . '%\''); $user->find(); while($user->fetch()) { - $profile = Profile::pkeyGet(array('id' => $user->id)); + $profile = Profile::staticGet($user->id); $this->results[]=array('nickname' => $user->nickname, 'fullname'=> $profile->fullname, 'type'=>'user'); } } -- cgit v1.2.3-54-g00ecf From 15f9c80c28042a5f9d51ec8444e3c9c475360481 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Fri, 18 Sep 2009 17:53:06 -0400 Subject: Blacklist all files and directories in the web root (INSTALLDIR). Much more elegant than manually keep tracking of these invalid usernames. --- classes/User.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'classes') diff --git a/classes/User.php b/classes/User.php index 14d3cf54f..8386f1e18 100644 --- a/classes/User.php +++ b/classes/User.php @@ -120,11 +120,15 @@ class User extends Memcached_DataObject function allowed_nickname($nickname) { // XXX: should already be validated for size, content, etc. - static $blacklist = array('rss', 'xrds', 'doc', 'main', - 'settings', 'notice', 'user', - 'search', 'avatar', 'tag', 'tags', - 'api', 'message', 'group', 'groups', - 'local'); + + $blacklist = array(); + + //all directory and file names should be blacklisted + $d = dir(INSTALLDIR); + while (false !== ($entry = $d->read())) { + $blacklist[]=$entry; + } + $d->close(); $merged = array_merge($blacklist, common_config('nickname', 'blacklist')); return !in_array($nickname, $merged); } -- cgit v1.2.3-54-g00ecf