From c89b10ffe4adb1df724b6a7c5c31b42c7dd3376b Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Wed, 2 Dec 2009 09:47:02 -0800 Subject: Code style cleanup: dropped some unnecessary =& reference assignments where they're used only out of habit for PHP 4-style object semantics --- lib/schema.php | 18 +++++++++--------- lib/util.php | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) (limited to 'lib') diff --git a/lib/schema.php b/lib/schema.php index df7cb65f5..a8ba91b87 100644 --- a/lib/schema.php +++ b/lib/schema.php @@ -94,7 +94,7 @@ class Schema public function getTableDef($name) { - $res =& $this->conn->query('DESCRIBE ' . $name); + $res = $this->conn->query('DESCRIBE ' . $name); if (PEAR::isError($res)) { throw new Exception($res->getMessage()); @@ -213,7 +213,7 @@ class Schema $sql .= "); "; - $res =& $this->conn->query($sql); + $res = $this->conn->query($sql); if (PEAR::isError($res)) { throw new Exception($res->getMessage()); @@ -234,7 +234,7 @@ class Schema public function dropTable($name) { - $res =& $this->conn->query("DROP TABLE $name"); + $res = $this->conn->query("DROP TABLE $name"); if (PEAR::isError($res)) { throw new Exception($res->getMessage()); @@ -269,7 +269,7 @@ class Schema $name = "$table_".implode("_", $columnNames)."_idx"; } - $res =& $this->conn->query("ALTER TABLE $table ". + $res = $this->conn->query("ALTER TABLE $table ". "ADD INDEX $name (". implode(",", $columnNames).")"); @@ -291,7 +291,7 @@ class Schema public function dropIndex($table, $name) { - $res =& $this->conn->query("ALTER TABLE $table DROP INDEX $name"); + $res = $this->conn->query("ALTER TABLE $table DROP INDEX $name"); if (PEAR::isError($res)) { throw new Exception($res->getMessage()); @@ -314,7 +314,7 @@ class Schema { $sql = "ALTER TABLE $table ADD COLUMN " . $this->_columnSql($columndef); - $res =& $this->conn->query($sql); + $res = $this->conn->query($sql); if (PEAR::isError($res)) { throw new Exception($res->getMessage()); @@ -339,7 +339,7 @@ class Schema $sql = "ALTER TABLE $table MODIFY COLUMN " . $this->_columnSql($columndef); - $res =& $this->conn->query($sql); + $res = $this->conn->query($sql); if (PEAR::isError($res)) { throw new Exception($res->getMessage()); @@ -363,7 +363,7 @@ class Schema { $sql = "ALTER TABLE $table DROP COLUMN $columnName"; - $res =& $this->conn->query($sql); + $res = $this->conn->query($sql); if (PEAR::isError($res)) { throw new Exception($res->getMessage()); @@ -446,7 +446,7 @@ class Schema $sql = 'ALTER TABLE ' . $tableName . ' ' . implode(', ', $phrase); - $res =& $this->conn->query($sql); + $res = $this->conn->query($sql); if (PEAR::isError($res)) { throw new Exception($res->getMessage()); diff --git a/lib/util.php b/lib/util.php index 99a0a1db3..ab046e871 100644 --- a/lib/util.php +++ b/lib/util.php @@ -127,7 +127,7 @@ function common_check_user($nickname, $password) if (0 == strcmp(common_munge_password($password, $user->id), $user->password)) { //internal checking passed - $authenticatedUser =& $user; + $authenticatedUser = $user; } } } -- cgit v1.2.3-54-g00ecf From aef4cc0a59276938f0f0aec4d67374f578f2117a Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Thu, 3 Dec 2009 17:06:58 -0800 Subject: Make it impossible to block (and thus unsubscribe from your self-subscription) via the API. Additionally, make it impossible to block yourself or unsubscribe from yourself, period. I also made User use the subs.php helper function for unsubscribing during a block. Hopefully, these changes will get rid of the problem of people accidentally deleting their self-subscriptions once and for all (knock on wood). --- actions/apiblockcreate.php | 11 +++++++++++ classes/User.php | 36 +++++++++++++++++++++++++++--------- lib/subs.php | 6 ++++++ 3 files changed, 44 insertions(+), 9 deletions(-) (limited to 'lib') diff --git a/actions/apiblockcreate.php b/actions/apiblockcreate.php index 4f941f6c3..e79dec32d 100644 --- a/actions/apiblockcreate.php +++ b/actions/apiblockcreate.php @@ -98,6 +98,17 @@ class ApiBlockCreateAction extends ApiAuthAction return; } + // Don't allow blocking yourself! + + if ($this->user->id == $this->other->id) { + $this->clientError( + _("You cannot block yourself!"), + 403, + $this->format + ); + return; + } + if ($this->user->hasBlocked($this->other) || $this->user->block($this->other) ) { diff --git a/classes/User.php b/classes/User.php index f905ea2b7..4838fe1c7 100644 --- a/classes/User.php +++ b/classes/User.php @@ -502,6 +502,19 @@ class User extends Memcached_DataObject { // Add a new block record + // no blocking (and thus unsubbing from) yourself + + if ($this->id == $other->id) { + common_log(LOG_WARNING, + sprintf( + "Profile ID %d (%s) tried to block his or herself.", + $profile->id, + $profile->nickname + ) + ); + return false; + } + $block = new Profile_block(); // Begin a transaction @@ -520,15 +533,20 @@ class User extends Memcached_DataObject // Cancel their subscription, if it exists - $sub = Subscription::pkeyGet(array('subscriber' => $other->id, - 'subscribed' => $this->id)); - - if ($sub) { - $result = $sub->delete(); - if (!$result) { - common_log_db_error($sub, 'DELETE', __FILE__); - return false; - } + $result = subs_unsubscribe_to($this, $other); + + if ($result !== true) { + common_log(LOG_WARNING, + sprintf( + "Error trying to unsubscribe profile ID %d (%s) from user ID %d (%s): %s", + $other->id, + $other->nickname, + $this->id, + $this->nickname, + $result + ) + ); + return false; } $block->query('COMMIT'); diff --git a/lib/subs.php b/lib/subs.php index 2fc3160de..4b6b03967 100644 --- a/lib/subs.php +++ b/lib/subs.php @@ -127,6 +127,12 @@ function subs_unsubscribe_to($user, $other) if (!$user->isSubscribed($other)) return _('Not subscribed!'); + // Don't allow deleting self subs + + if ($user->id == $other->id) { + return _('Couldn\'t delete self-subscription.'); + } + $sub = DB_DataObject::factory('subscription'); $sub->subscriber = $user->id; -- cgit v1.2.3-54-g00ecf From 40afc7e9877855272caa5c65fb3575e4420b2966 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Fri, 4 Dec 2009 01:57:14 -0500 Subject: Add 4 new events: StartCssLinkElement, EndCssLinkElement, StartScriptElement, EndScriptElement --- EVENTS.txt | 21 +++++++++++++++++++++ lib/htmloutputter.php | 42 ++++++++++++++++++++++++------------------ 2 files changed, 45 insertions(+), 18 deletions(-) (limited to 'lib') diff --git a/EVENTS.txt b/EVENTS.txt index 34a222e8f..f4ec62033 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -574,3 +574,24 @@ EndShortenUrl: After a URL has been shortened - $shortenerName: name of the requested shortener - $shortenedUrl: short version of the url +StartCssLinkElement: Before a element is written +- $action +- &$src +- &$theme +- &$media + +EndCssLinkElement: After a element is written +- $action +- $src +- $theme +- $media + +StartScriptElement: Before a element is written +- $action +- &$src +- &$type + +EndScriptElement: After a element is written +- $action +- $src +- $type diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php index d267526c8..a7c596917 100644 --- a/lib/htmloutputter.php +++ b/lib/htmloutputter.php @@ -350,14 +350,17 @@ class HTMLOutputter extends XMLOutputter */ function script($src, $type='text/javascript') { - $url = parse_url($src); - if( empty($url->scheme) && empty($url->host) && empty($url->query) && empty($url->fragment)) - { - $src = common_path($src) . '?version=' . STATUSNET_VERSION; + if(Event::handle('StartScriptElement', array($this,&$src,&$type))) { + $url = parse_url($src); + if( empty($url->scheme) && empty($url->host) && empty($url->query) && empty($url->fragment)) + { + $src = common_path($src) . '?version=' . STATUSNET_VERSION; + } + $this->element('script', array('type' => $type, + 'src' => $src), + ' '); + Event::handle('EndScriptElement', array($this,$src,$type)); } - $this->element('script', array('type' => $type, - 'src' => $src), - ' '); } /** @@ -371,19 +374,22 @@ class HTMLOutputter extends XMLOutputter */ function cssLink($src,$theme=null,$media=null) { - $url = parse_url($src); - if( empty($url->scheme) && empty($url->host) && empty($url->query) && empty($url->fragment)) - { - if(file_exists(Theme::file($src,$theme))){ - $src = Theme::path($src, $theme) . '?version=' . STATUSNET_VERSION; - }else{ - $src = common_path($src); + if(Event::handle('StartCssLinkElement', array($this,&$src,&$theme,&$media))) { + $url = parse_url($src); + if( empty($url->scheme) && empty($url->host) && empty($url->query) && empty($url->fragment)) + { + if(file_exists(Theme::file($src,$theme))){ + $src = Theme::path($src, $theme) . '?version=' . STATUSNET_VERSION; + }else{ + $src = common_path($src); + } } + $this->element('link', array('rel' => 'stylesheet', + 'type' => 'text/css', + 'href' => $src, + 'media' => $media)); + Event::handle('EndCssLinkElement', array($this,$src,$theme,$media)); } - $this->element('link', array('rel' => 'stylesheet', - 'type' => 'text/css', - 'href' => $src, - 'media' => $media)); } /** -- cgit v1.2.3-54-g00ecf From 2c07d4a530e2e8ea6a48f08806f5026df1132152 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 4 Dec 2009 13:39:51 -0500 Subject: utility function to output inline JavaScript --- lib/htmloutputter.php | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php index d267526c8..3fabc4037 100644 --- a/lib/htmloutputter.php +++ b/lib/htmloutputter.php @@ -360,6 +360,25 @@ class HTMLOutputter extends XMLOutputter ' '); } + /** + * output a script (almost always javascript) tag with inline + * code. + * + * @param string $code relative or absolute script path + * @param string $type 'type' attribute value of the tag + * + * @return void + */ + + function inlineScript($code, $type='text/javascript') + { + $this->elementStart('script', array('type' => $type)); + $this->raw('/*raw($code); + $this->raw(' /*]]>*/'); // XHTML compat for Safari + $this->elementEnd('script'); + } + /** * output a css link * @@ -414,7 +433,6 @@ class HTMLOutputter extends XMLOutputter } } - /** * Internal script to autofocus the given element on page onload. * -- cgit v1.2.3-54-g00ecf From e074fe659903cb6cbd3dace96889f34a8c8796c9 Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Fri, 4 Dec 2009 15:34:25 -0500 Subject: add logging utilities to Plugin class --- lib/plugin.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'lib') diff --git a/lib/plugin.php b/lib/plugin.php index 87d7be5a7..2c77c3e12 100644 --- a/lib/plugin.php +++ b/lib/plugin.php @@ -76,4 +76,14 @@ class Plugin { return true; } + + protected function log($level, $msg) + { + common_log($level, get_class($this) . ': '.$msg); + } + + protected function debug($msg) + { + $this->log(LOG_DEBUG, $msg); + } } -- cgit v1.2.3-54-g00ecf From 4881be47c798688c3ae20f621d06e15adbc9c17e Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Fri, 4 Dec 2009 22:40:07 +0000 Subject: Don't depend on a User being available when looking up Design and timezone for a profile (because some profiles are remote, etc.) --- lib/api.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'lib') diff --git a/lib/api.php b/lib/api.php index 5a3bb5ee4..eacb80dbe 100644 --- a/lib/api.php +++ b/lib/api.php @@ -134,19 +134,17 @@ class ApiAction extends Action $twitter_user['protected'] = false; # not supported by StatusNet yet $twitter_user['followers_count'] = $profile->subscriberCount(); - $design = null; $user = $profile->getUser(); + $design = null; // Note: some profiles don't have an associated user + $defaultDesign = Design::siteDesign(); + if (!empty($user)) { $design = $user->getDesign(); } - if (empty($design)) { - $design = Design::siteDesign(); - } - $color = Design::toWebColor(empty($design->backgroundcolor) ? $defaultDesign->backgroundcolor : $design->backgroundcolor); $twitter_user['profile_background_color'] = ($color == null) ? '' : '#'.$color->hexValue(); $color = Design::toWebColor(empty($design->textcolor) ? $defaultDesign->textcolor : $design->textcolor); @@ -165,7 +163,7 @@ class ApiAction extends Action $timezone = 'UTC'; - if ($user->timezone) { + if (!empty($user) && !empty($user->timezone)) { $timezone = $user->timezone; } -- cgit v1.2.3-54-g00ecf From 4c8bed8ba0558c5834621331f253e05029fa4e43 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Fri, 4 Dec 2009 19:41:51 -0500 Subject: Use inlineScript() everywhere inline scripts are written --- lib/messageform.php | 3 +-- lib/noticeform.php | 3 +-- plugins/Facebook/FacebookPlugin.php | 4 +--- plugins/GoogleAnalyticsPlugin.php | 8 ++------ plugins/PiwikAnalyticsPlugin.php | 15 +++++---------- plugins/Realtime/RealtimePlugin.php | 6 +----- plugins/UserFlag/UserFlagPlugin.php | 4 +--- 7 files changed, 12 insertions(+), 31 deletions(-) (limited to 'lib') diff --git a/lib/messageform.php b/lib/messageform.php index b034be312..4df193c6d 100644 --- a/lib/messageform.php +++ b/lib/messageform.php @@ -154,8 +154,7 @@ class MessageForm extends Form $contentLimit = Message::maxContent(); - $this->out->element('script', array('type' => 'text/javascript'), - 'maxLength = ' . $contentLimit . ';'); + $this->out->inlineScript('maxLength = ' . $contentLimit . ';'); if ($contentLimit > 0) { $this->out->elementStart('dl', 'form_note'); diff --git a/lib/noticeform.php b/lib/noticeform.php index ec8624597..0dd3f2d77 100644 --- a/lib/noticeform.php +++ b/lib/noticeform.php @@ -178,8 +178,7 @@ class NoticeForm extends Form $contentLimit = Notice::maxContent(); - $this->out->element('script', array('type' => 'text/javascript'), - 'maxLength = ' . $contentLimit . ';'); + $this->out->inlineScript('maxLength = ' . $contentLimit . ';'); if ($contentLimit > 0) { $this->out->elementStart('dl', 'form_note'); diff --git a/plugins/Facebook/FacebookPlugin.php b/plugins/Facebook/FacebookPlugin.php index 047477d9c..40c911cce 100644 --- a/plugins/Facebook/FacebookPlugin.php +++ b/plugins/Facebook/FacebookPlugin.php @@ -185,7 +185,6 @@ class FacebookPlugin extends Plugin // XXX: Facebook says we don't need this FB_RequireFeatures(), // but we actually do, for IE and Safari. Gar. - $js = ''; $js = sprintf($js, $apikey, $login_url, $logout_url); @@ -227,7 +225,7 @@ class FacebookPlugin extends Plugin $js = str_replace(' ', '', $js); - $action->raw(" $js"); // leading two spaces to make it line up + $action->inlineScript($js); } } diff --git a/plugins/GoogleAnalyticsPlugin.php b/plugins/GoogleAnalyticsPlugin.php index 7f3d209ee..6891ee6a7 100644 --- a/plugins/GoogleAnalyticsPlugin.php +++ b/plugins/GoogleAnalyticsPlugin.php @@ -67,11 +67,7 @@ class GoogleAnalyticsPlugin extends Plugin 'pageTracker._trackPageview();'. '} catch(err) {}', $this->code); - $action->elementStart('script', array('type' => 'text/javascript')); - $action->raw($js1); - $action->elementEnd('script'); - $action->elementStart('script', array('type' => 'text/javascript')); - $action->raw($js2); - $action->elementEnd('script'); + $action->inlineScript($js1); + $action->inlineScript($js2); } } diff --git a/plugins/PiwikAnalyticsPlugin.php b/plugins/PiwikAnalyticsPlugin.php index 54faa0bdb..fefd09867 100644 --- a/plugins/PiwikAnalyticsPlugin.php +++ b/plugins/PiwikAnalyticsPlugin.php @@ -81,25 +81,20 @@ class PiwikAnalyticsPlugin extends Plugin function onEndShowScripts($action) { - $piwikCode = << - - - - ENDOFPIWIK; - $action->raw($piwikCode); + $action->inlineScript($piwikCode1); + $action->inlineScript($piwikCode2); return true; } } diff --git a/plugins/Realtime/RealtimePlugin.php b/plugins/Realtime/RealtimePlugin.php index 030df405b..3e33fdaf1 100644 --- a/plugins/Realtime/RealtimePlugin.php +++ b/plugins/Realtime/RealtimePlugin.php @@ -105,15 +105,11 @@ class RealtimePlugin extends Plugin $realtimeUI = ' RealtimeUpdate.initActions("'.$url.'", "'.$timeline.'", "'. $pluginPath .'");'; } - $action->elementStart('script', array('type' => 'text/javascript')); - $script = ' $(document).ready(function() { '. $realtimeUI. $this->_updateInitialize($timeline, $user_id). '}); '; - $action->raw($script); - - $action->elementEnd('script'); + $action->inlineScript($script); return true; } diff --git a/plugins/UserFlag/UserFlagPlugin.php b/plugins/UserFlag/UserFlagPlugin.php index e13c2555a..75dcca4fc 100644 --- a/plugins/UserFlag/UserFlagPlugin.php +++ b/plugins/UserFlag/UserFlagPlugin.php @@ -145,9 +145,7 @@ class UserFlagPlugin extends Plugin function onEndShowScripts($action) { - $action->elementStart('script', array('type' => 'text/javascript')); - $action->raw('/* 0) { SN.U.FormXHR($(".form_entity_flag")); } /*]]>*/'); - $action->elementEnd('script'); + $action->inlineScript('if ($(".form_entity_flag").length > 0) { SN.U.FormXHR($(".form_entity_flag")); }'); return true; } } -- cgit v1.2.3-54-g00ecf From 847013db692303cde10f5f161d9fedd787421a37 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Fri, 4 Dec 2009 19:44:45 -0500 Subject: only write the javascript CDATA blocks if the type is javascript (it's not the correct syntax for other languages) --- lib/htmloutputter.php | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php index a0066594f..539e356e8 100644 --- a/lib/htmloutputter.php +++ b/lib/htmloutputter.php @@ -367,7 +367,7 @@ class HTMLOutputter extends XMLOutputter * output a script (almost always javascript) tag with inline * code. * - * @param string $code relative or absolute script path + * @param string $code code to put in the script tag * @param string $type 'type' attribute value of the tag * * @return void @@ -376,9 +376,13 @@ class HTMLOutputter extends XMLOutputter function inlineScript($code, $type='text/javascript') { $this->elementStart('script', array('type' => $type)); - $this->raw('/*raw('/*raw($code); - $this->raw(' /*]]>*/'); // XHTML compat for Safari + if($type == 'text/javascript') { + $this->raw(' /*]]>*/'); // XHTML compat + } $this->elementEnd('script'); } -- cgit v1.2.3-54-g00ecf From 7ddf911f5d54ba4997b3d237ae7cd1effb74a120 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Fri, 4 Dec 2009 19:51:44 -0500 Subject: Add 2 new events: StartInlineScriptElement and EndInlineScriptElement --- EVENTS.txt | 10 ++++++++++ lib/htmloutputter.php | 19 +++++++++++-------- 2 files changed, 21 insertions(+), 8 deletions(-) (limited to 'lib') diff --git a/EVENTS.txt b/EVENTS.txt index f4ec62033..678df8b0a 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -595,3 +595,13 @@ EndScriptElement: After a element is written - $action - $src - $type + +StartInlineScriptElement: Before a element is written +- $action +- &$code +- &$type + +EndInlineScriptElement: After a element is written +- $action +- $code +- $type diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php index 539e356e8..0c2d18da3 100644 --- a/lib/htmloutputter.php +++ b/lib/htmloutputter.php @@ -375,15 +375,18 @@ class HTMLOutputter extends XMLOutputter function inlineScript($code, $type='text/javascript') { - $this->elementStart('script', array('type' => $type)); - if($type == 'text/javascript') { - $this->raw('/*raw($code); - if($type == 'text/javascript') { - $this->raw(' /*]]>*/'); // XHTML compat + if(Event::handle('StartInlineScriptElement', array($this,&$code,&$type))) { + $this->elementStart('script', array('type' => $type)); + if($type == 'text/javascript') { + $this->raw('/*raw($code); + if($type == 'text/javascript') { + $this->raw(' /*]]>*/'); // XHTML compat + } + $this->elementEnd('script'); + Event::handle('EndInlineScriptElement', array($this,$code,$type)); } - $this->elementEnd('script'); } /** -- cgit v1.2.3-54-g00ecf From b3086d3c68ed2d3ceff3ce8fc91a867fc07c441a Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Fri, 4 Dec 2009 20:19:55 -0500 Subject: Add style function to output style() tags Add 2 new events: StartStyleElement and EndStyleElement --- EVENTS.txt | 12 ++++++++++++ lib/htmloutputter.php | 21 +++++++++++++++++++++ 2 files changed, 33 insertions(+) (limited to 'lib') diff --git a/EVENTS.txt b/EVENTS.txt index 678df8b0a..a056aa0a1 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -586,6 +586,18 @@ EndCssLinkElement: After a element is written - $theme - $media +StartStyleElement: Before a element is written +- $action +- &$code +- &$type +- &$media + +EndStyleElement: After a element is written +- $action +- $code +- $type +- $media + StartScriptElement: Before a element is written - $action - &$src diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php index 0c2d18da3..a88a5b82c 100644 --- a/lib/htmloutputter.php +++ b/lib/htmloutputter.php @@ -418,6 +418,27 @@ class HTMLOutputter extends XMLOutputter } } + /** + * output a style (almost always css) tag with inline + * code. + * + * @param string $code code to put in the style tag + * @param string $type 'type' attribute value of the tag + * @param string $media 'media' attribute value of the tag + * + * @return void + */ + + function style($code, $type = 'text/css', $media = null) + { + if(Event::handle('StartStyleElement', array($this,&$code,&$type,&$media))) { + $this->elementStart('style', array('type' => $type, 'media' => $media)); + $this->raw($code); + $this->elementEnd('style'); + Event::handle('EndStyleElement', array($this,$code,$type,$media)); + } + } + /** * output an HTML textarea and associated elements * -- cgit v1.2.3-54-g00ecf From d41a0a5ed03b2f4bbf8e8b3984960103383090d1 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Fri, 4 Dec 2009 20:33:41 -0500 Subject: Use inlineScript() instead of element() to write inline javascript --- lib/htmloutputter.php | 7 ++----- plugins/MobileProfile/MobileProfilePlugin.php | 3 +-- 2 files changed, 3 insertions(+), 7 deletions(-) (limited to 'lib') diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php index a88a5b82c..cf93944e7 100644 --- a/lib/htmloutputter.php +++ b/lib/htmloutputter.php @@ -477,13 +477,10 @@ class HTMLOutputter extends XMLOutputter */ function autofocus($id) { - $this->elementStart('script', array('type' => 'text/javascript')); - $this->raw('/*inlineScript( ' $(document).ready(function() {'. ' var el = $("#' . $id . '");'. ' if (el.length) { el.focus(); }'. - ' });'. - ' /*]]>*/'); - $this->elementEnd('script'); + ' });'); } } diff --git a/plugins/MobileProfile/MobileProfilePlugin.php b/plugins/MobileProfile/MobileProfilePlugin.php index 8b5e5f31d..35678bedd 100644 --- a/plugins/MobileProfile/MobileProfilePlugin.php +++ b/plugins/MobileProfile/MobileProfilePlugin.php @@ -352,8 +352,7 @@ class MobileProfilePlugin extends WAP20Plugin $contentLimit = Notice::maxContent(); - $form->out->element('script', array('type' => 'text/javascript'), - 'maxLength = ' . $contentLimit . ';'); + $form->out->inlineScript('maxLength = ' . $contentLimit . ';'); if ($contentLimit > 0) { $form->out->element('div', array('id' => 'notice_text-count'), -- cgit v1.2.3-54-g00ecf From fa6675550885e005f6a69dfd317320dff6c4a3cd Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Fri, 4 Dec 2009 22:05:18 -0500 Subject: Append the StatusNet version to all local, static CSS references --- lib/htmloutputter.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php index cf93944e7..fd448ced5 100644 --- a/lib/htmloutputter.php +++ b/lib/htmloutputter.php @@ -405,10 +405,11 @@ class HTMLOutputter extends XMLOutputter if( empty($url->scheme) && empty($url->host) && empty($url->query) && empty($url->fragment)) { if(file_exists(Theme::file($src,$theme))){ - $src = Theme::path($src, $theme) . '?version=' . STATUSNET_VERSION; + $src = Theme::path($src, $theme); }else{ $src = common_path($src); } + $src.= '?version=' . STATUSNET_VERSION; } $this->element('link', array('rel' => 'stylesheet', 'type' => 'text/css', -- cgit v1.2.3-54-g00ecf From 51f0dd5e37db0e8d2a8690655555d399249942df Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Sat, 5 Dec 2009 01:03:04 -0500 Subject: Add configuration option to toggle the indenting of the output HTML. Defaults to indent enabled. --- actions/twitapisearchatom.php | 2 +- config.php.sample | 5 +++++ lib/action.php | 2 +- lib/default.php | 1 + lib/error.php | 2 +- lib/htmloutputter.php | 2 +- lib/rssaction.php | 2 +- lib/xmloutputter.php | 5 ++++- plugins/Facebook/facebookaction.php | 2 +- plugins/Facebook/facebookutil.php | 2 +- 10 files changed, 17 insertions(+), 8 deletions(-) (limited to 'lib') diff --git a/actions/twitapisearchatom.php b/actions/twitapisearchatom.php index 526ca2ae8..1cb8d7efe 100644 --- a/actions/twitapisearchatom.php +++ b/actions/twitapisearchatom.php @@ -71,7 +71,7 @@ class TwitapisearchatomAction extends ApiAction * @see Action::__construct */ - function __construct($output='php://output', $indent=true) + function __construct($output='php://output', $indent=null) { parent::__construct($output, $indent); } diff --git a/config.php.sample b/config.php.sample index 9fccb84f3..473eb74e2 100644 --- a/config.php.sample +++ b/config.php.sample @@ -236,6 +236,11 @@ $config['sphinx']['port'] = 3312; // Use a different hostname for SSL-encrypted pages // $config['site']['sslserver'] = 'secure.example.org'; +// Indent HTML and XML +// Enable (default) for easier to read markup for developers, +// disable to save some bandwidth. +// $config['site']['indent'] = true; + // If you have a lot of status networks on the same server, you can // store the site data in a database and switch as follows // Status_network::setupDB('localhost', 'statusnet', 'statuspass', 'statusnet'); diff --git a/lib/action.php b/lib/action.php index 8ad391755..87d8a4399 100644 --- a/lib/action.php +++ b/lib/action.php @@ -68,7 +68,7 @@ class Action extends HTMLOutputter // lawsuit * @see XMLOutputter::__construct * @see HTMLOutputter::__construct */ - function __construct($output='php://output', $indent=true) + function __construct($output='php://output', $indent=null) { parent::__construct($output, $indent); } diff --git a/lib/default.php b/lib/default.php index d4ef045ea..db90aeca3 100644 --- a/lib/default.php +++ b/lib/default.php @@ -53,6 +53,7 @@ $default = 'shorturllength' => 30, 'dupelimit' => 60, # default for same person saying the same thing 'textlimit' => 140, + 'indent' => true, ), 'db' => array('database' => 'YOU HAVE TO SET THIS IN config.php', diff --git a/lib/error.php b/lib/error.php index 3162cfe65..87a4d913b 100644 --- a/lib/error.php +++ b/lib/error.php @@ -50,7 +50,7 @@ class ErrorAction extends Action var $message = null; var $default = null; - function __construct($message, $code, $output='php://output', $indent=true) + function __construct($message, $code, $output='php://output', $indent=null) { parent::__construct($output, $indent); diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php index fd448ced5..2091c6e2c 100644 --- a/lib/htmloutputter.php +++ b/lib/htmloutputter.php @@ -67,7 +67,7 @@ class HTMLOutputter extends XMLOutputter * @param boolean $indent Whether to indent output, default true */ - function __construct($output='php://output', $indent=true) + function __construct($output='php://output', $indent=null) { parent::__construct($output, $indent); } diff --git a/lib/rssaction.php b/lib/rssaction.php index d591c99ed..62e3f21b6 100644 --- a/lib/rssaction.php +++ b/lib/rssaction.php @@ -52,7 +52,7 @@ class Rss10Action extends Action * @see Action::__construct */ - function __construct($output='php://output', $indent=true) + function __construct($output='php://output', $indent=null) { parent::__construct($output, $indent); } diff --git a/lib/xmloutputter.php b/lib/xmloutputter.php index 5f06e491d..15b18e7d9 100644 --- a/lib/xmloutputter.php +++ b/lib/xmloutputter.php @@ -67,10 +67,13 @@ class XMLOutputter * @param boolean $indent Whether to indent output, default true */ - function __construct($output='php://output', $indent=true) + function __construct($output='php://output', $indent=null) { $this->xw = new XMLWriter(); $this->xw->openURI($output); + if(is_null($indent)) { + $indent = common_config('site', 'indent'); + } $this->xw->setIndent($indent); } diff --git a/plugins/Facebook/facebookaction.php b/plugins/Facebook/facebookaction.php index c852bbf5e..b090e9bd9 100644 --- a/plugins/Facebook/facebookaction.php +++ b/plugins/Facebook/facebookaction.php @@ -44,7 +44,7 @@ class FacebookAction extends Action var $app_uri = null; var $app_name = null; - function __construct($output='php://output', $indent=true, $facebook=null, $flink=null) + function __construct($output='php://output', $indent=null, $facebook=null, $flink=null) { parent::__construct($output, $indent); diff --git a/plugins/Facebook/facebookutil.php b/plugins/Facebook/facebookutil.php index 6f50c173a..2abcbb14e 100644 --- a/plugins/Facebook/facebookutil.php +++ b/plugins/Facebook/facebookutil.php @@ -168,7 +168,7 @@ function facebookBroadcastNotice($notice) function updateProfileBox($facebook, $flink, $notice) { $fbaction = new FacebookAction($output = 'php://output', - $indent = true, $facebook, $flink); + $indent = null, $facebook, $flink); $fbaction->updateProfileBox($notice); } -- cgit v1.2.3-54-g00ecf From 2ab01e040e224943b1b15131a6e51fe6b5d6e580 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Sat, 5 Dec 2009 02:11:27 -0500 Subject: Add 2 new events to enable logger pluginization: StartLog and EndLog --- EVENTS.txt | 11 +++++++++++ lib/util.php | 25 ++++++++++++++----------- 2 files changed, 25 insertions(+), 11 deletions(-) (limited to 'lib') diff --git a/EVENTS.txt b/EVENTS.txt index a056aa0a1..e0516f8f4 100644 --- a/EVENTS.txt +++ b/EVENTS.txt @@ -617,3 +617,14 @@ EndInlineScriptElement: After a element is written - $action - $code - $type + +StartLog: Before writing to the logs +- &$priority +- &$msg +- &$filename + +EndLog: After writing to the logs +- $priority +- $msg +- $filename + diff --git a/lib/util.php b/lib/util.php index ab046e871..14d666503 100644 --- a/lib/util.php +++ b/lib/util.php @@ -1070,18 +1070,21 @@ function common_request_id() function common_log($priority, $msg, $filename=null) { - $msg = '[' . common_request_id() . '] ' . $msg; - $logfile = common_config('site', 'logfile'); - if ($logfile) { - $log = fopen($logfile, "a"); - if ($log) { - $output = common_log_line($priority, $msg); - fwrite($log, $output); - fclose($log); + if(Event::handle('StartLog', array(&$priority, &$msg, &$filename))){ + $msg = '[' . common_request_id() . '] ' . $msg; + $logfile = common_config('site', 'logfile'); + if ($logfile) { + $log = fopen($logfile, "a"); + if ($log) { + $output = common_log_line($priority, $msg); + fwrite($log, $output); + fclose($log); + } + } else { + common_ensure_syslog(); + syslog($priority, $msg); } - } else { - common_ensure_syslog(); - syslog($priority, $msg); + Event::handle('EndLog', array($priority, $msg, $filename)); } } -- cgit v1.2.3-54-g00ecf From 75cac0fd6b94f77ec8ff32ebc89ec513ee102831 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Sat, 5 Dec 2009 21:03:27 -0500 Subject: Added 'login' command that gives you a link that can be used to login to the website --- actions/login.php | 9 +++------ classes/Login_token.php | 42 ++++++++++++++++++++++++++++++++++++++++++ classes/statusnet.ini | 1 + db/08to09.sql | 11 ++++++++++- db/08to09_pg.sql | 10 +++++++++- db/statusnet.sql | 10 ++++++++++ db/statusnet_pg.sql | 12 +++++++++++- lib/command.php | 27 +++++++++++++++++++++++++++ lib/commandinterpreter.php | 6 ++++++ lib/router.php | 2 ++ 10 files changed, 121 insertions(+), 9 deletions(-) create mode 100644 classes/Login_token.php (limited to 'lib') diff --git a/actions/login.php b/actions/login.php index cd1326813..cee29fd09 100644 --- a/actions/login.php +++ b/actions/login.php @@ -79,6 +79,8 @@ class LoginAction extends Action $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->checkLogin(); + } else if (isset($args['user_id']) && isset($args['token'])){ + $this->checkLogin($args['user_id'],$args['token']); } else { common_ensure_session(); $this->showForm(); @@ -95,7 +97,7 @@ class LoginAction extends Action * @return void */ - function checkLogin() + function checkLogin($user_id=null, $token=null) { if(isset($token) && isset($user_id)){ //Token based login (from the LoginCommand) @@ -137,11 +139,6 @@ class LoginAction extends Action $user = common_check_user($nickname, $password); } - $nickname = common_canonical_nickname($this->trimmed('nickname')); - $password = $this->arg('password'); - - $user = common_check_user($nickname, $password); - if (!$user) { $this->showForm(_('Incorrect username or password.')); return; diff --git a/classes/Login_token.php b/classes/Login_token.php new file mode 100644 index 000000000..c172b30ab --- /dev/null +++ b/classes/Login_token.php @@ -0,0 +1,42 @@ +. + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } + +require_once INSTALLDIR.'/classes/Memcached_DataObject.php'; + +class Login_token extends Memcached_DataObject +{ + ###START_AUTOCODE + /* the code below is auto generated do not remove the above tag */ + + public $__table = 'login_token'; // table name + public $user_id; // int(4) primary_key not_null + public $token; // char(32) not_null + public $created; // datetime() not_null + public $modified; // timestamp() not_null default_CURRENT_TIMESTAMP + + /* Static get */ + function staticGet($k,$v=NULL) { return DB_DataObject::staticGet('Login_token',$k,$v); } + + /* the code above is auto generated do not remove the tag below */ + ###END_AUTOCODE +} diff --git a/classes/statusnet.ini b/classes/statusnet.ini index 835faeb0b..253f45879 100644 --- a/classes/statusnet.ini +++ b/classes/statusnet.ini @@ -260,6 +260,7 @@ modified = 384 [login_token__keys] user_id = K +token = K [message] id = 129 diff --git a/db/08to09.sql b/db/08to09.sql index 8d463fab4..64640f4ce 100644 --- a/db/08to09.sql +++ b/db/08to09.sql @@ -72,4 +72,13 @@ create table location_namespace ( created datetime not null comment 'date the record was created', modified timestamp comment 'date this record was modified' -) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin; \ No newline at end of file +) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin; + +create table login_token ( + user_id integer not null comment 'user owning this token' references user (id), + token char(32) not null comment 'token useable for logging in', + created datetime not null comment 'date this record was created', + modified timestamp comment 'date this record was modified', + + constraint primary key (user_id) +) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin; diff --git a/db/08to09_pg.sql b/db/08to09_pg.sql index b312d47dd..0bd47dea5 100644 --- a/db/08to09_pg.sql +++ b/db/08to09_pg.sql @@ -39,6 +39,15 @@ create table profile_role ( ); +create table login_token ( + user_id integer not null /* comment 'user owning this token'*/ references "user" (id), + token char(32) not null /* comment 'token useable for logging in'*/, + created timestamp not null DEFAULT CURRENT_TIMESTAMP /* comment 'date this record was created'*/, + modified timestamp /* comment 'date this record was modified'*/, + + primary key (user_id) +); + DROP index fave_user_id_idx; CREATE index fave_user_id_idx on fave (user_id,modified); @@ -60,4 +69,3 @@ ALTER TABLE profile ADD COLUMN lat decimal(10,7) /*comment 'latitude'*/ ; ALTER TABLE profile ADD COLUMN lon decimal(10,7) /*comment 'longitude'*/; ALTER TABLE profile ADD COLUMN location_id integer /* comment 'location id if possible'*/; ALTER TABLE profile ADD COLUMN location_ns integer /* comment 'namespace for location'*/; - \ No newline at end of file diff --git a/db/statusnet.sql b/db/statusnet.sql index f7b3b113b..18abcdfdb 100644 --- a/db/statusnet.sql +++ b/db/statusnet.sql @@ -575,3 +575,13 @@ create table location_namespace ( modified timestamp comment 'date this record was modified' ) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin; + +create table login_token ( + user_id integer not null comment 'user owning this token' references user (id), + token char(32) not null comment 'token useable for logging in', + created datetime not null comment 'date this record was created', + modified timestamp comment 'date this record was modified', + + constraint primary key (user_id) +) ENGINE=InnoDB CHARACTER SET utf8 COLLATE utf8_bin; + diff --git a/db/statusnet_pg.sql b/db/statusnet_pg.sql index cd72d66ea..81b329d1e 100644 --- a/db/statusnet_pg.sql +++ b/db/statusnet_pg.sql @@ -570,4 +570,14 @@ create table profile_role ( primary key (profile_id, role) -); \ No newline at end of file +); + +create table login_token ( + user_id integer not null /* comment 'user owning this token'*/ references "user" (id), + token char(32) not null /* comment 'token useable for logging in'*/, + created timestamp not null DEFAULT CURRENT_TIMESTAMP /* comment 'date this record was created'*/, + modified timestamp /* comment 'date this record was modified'*/, + + primary key (user_id) +); + diff --git a/lib/command.php b/lib/command.php index bcc551c81..7e98156b6 100644 --- a/lib/command.php +++ b/lib/command.php @@ -579,6 +579,32 @@ class OnCommand extends Command } } +class LoginCommand extends Command +{ + function execute($channel) + { + $login_token = Login_token::staticGet('user_id',$this->user->id); + if($login_token){ + $login_token->delete(); + } + $login_token = new Login_token(); + $login_token->user_id = $this->user->id; + $login_token->token = common_good_rand(16); + $login_token->created = common_sql_now(); + $result = $login_token->insert(); + if (!$result) { + common_log_db_error($login_token, 'INSERT', __FILE__); + $channel->error($this->user, sprintf(_('Could not create login token for %s'), + $this->user->nickname)); + return; + } + $channel->output($this->user, + sprintf(_('This link is useable only once, and is good for only 2 minutes: %s'), + common_local_url('login', + array('user_id'=>$login_token->user_id, 'token'=>$login_token->token)))); + } +} + class SubscriptionsCommand extends Command { function execute($channel) @@ -666,6 +692,7 @@ class HelpCommand extends Command "reply # - reply to notice with a given id\n". "reply - reply to the last notice from user\n". "join - join group\n". + "login - Get a link to login to the web interface\n". "drop - leave group\n". "stats - get your stats\n". "stop - same as 'off'\n". diff --git a/lib/commandinterpreter.php b/lib/commandinterpreter.php index 25f2e4b3e..665015afc 100644 --- a/lib/commandinterpreter.php +++ b/lib/commandinterpreter.php @@ -41,6 +41,12 @@ class CommandInterpreter return null; } return new HelpCommand($user); + case 'login': + if ($arg) { + return null; + } else { + return new LoginCommand($user); + } case 'subscribers': if ($arg) { return null; diff --git a/lib/router.php b/lib/router.php index 1a090861e..37525319f 100644 --- a/lib/router.php +++ b/lib/router.php @@ -88,6 +88,8 @@ class Router $m->connect('doc/:title', array('action' => 'doc')); + $m->connect('main/login?user_id=:user_id&token=:token', array('action'=>'login'), array('user_id'=> '[0-9]+', 'token'=>'.+')); + // main stuff is repetitive $main = array('login', 'logout', 'register', 'subscribe', -- cgit v1.2.3-54-g00ecf From 3b14b61fa745d4906796ac49e78ae712f61e9643 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Sat, 5 Dec 2009 21:04:20 -0500 Subject: Add a configuration option to disable the login command. $config['logincommand']['disabled'] = true; This commit should be reverted once the command has been sufficiently tested and trusted. --- actions/login.php | 5 ++++- lib/command.php | 5 +++++ 2 files changed, 9 insertions(+), 1 deletion(-) (limited to 'lib') diff --git a/actions/login.php b/actions/login.php index cee29fd09..a6f86c0ca 100644 --- a/actions/login.php +++ b/actions/login.php @@ -75,11 +75,14 @@ class LoginAction extends Action function handle($args) { parent::handle($args); + + $disabled = common_config('logincommand','disabled'); + if (common_is_real_login()) { $this->clientError(_('Already logged in.')); } else if ($_SERVER['REQUEST_METHOD'] == 'POST') { $this->checkLogin(); - } else if (isset($args['user_id']) && isset($args['token'])){ + } else if (!isset($disabled) && isset($args['user_id']) && isset($args['token'])){ $this->checkLogin($args['user_id'],$args['token']); } else { common_ensure_session(); diff --git a/lib/command.php b/lib/command.php index 7e98156b6..e2a665511 100644 --- a/lib/command.php +++ b/lib/command.php @@ -583,6 +583,11 @@ class LoginCommand extends Command { function execute($channel) { + $disabled = common_config('logincommand','disabled'); + if(isset($disabled)) { + $channel->error($this->user, _('Login command is disabled')); + return; + } $login_token = Login_token::staticGet('user_id',$this->user->id); if($login_token){ $login_token->delete(); -- cgit v1.2.3-54-g00ecf From 3536f01258dc43bee764c98fbdda5a6f1df7bcb2 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Tue, 8 Dec 2009 09:57:37 -0800 Subject: Make default & sample val for $config['queue']['queue_basename'] actually work! Now matches the recommendation in README which is in fact correct. Must include the /queue/ prefix (unless somthing else actually makes sense) --- config.php.sample | 2 +- lib/default.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/config.php.sample b/config.php.sample index 473eb74e2..91e6614c0 100644 --- a/config.php.sample +++ b/config.php.sample @@ -154,7 +154,7 @@ $config['sphinx']['port'] = 3312; // $config['queue']['subsystem'] = 'stomp'; // $config['queue']['stomp_server'] = 'tcp://localhost:61613'; // use different queue_basename for each statusnet instance managed by the server -// $config['queue']['queue_basename'] = 'statusnet'; +// $config['queue']['queue_basename'] = '/queue/statusnet/'; // The following customise the behaviour of the various daemons: // $config['daemon']['piddir'] = '/var/run'; diff --git a/lib/default.php b/lib/default.php index db90aeca3..ebb6f8d01 100644 --- a/lib/default.php +++ b/lib/default.php @@ -75,7 +75,7 @@ $default = array('enabled' => false, 'subsystem' => 'db', # default to database, or 'stomp' 'stomp_server' => null, - 'queue_basename' => 'statusnet', + 'queue_basename' => '/queue/statusnet/', 'stomp_username' => null, 'stomp_password' => null, ), -- cgit v1.2.3-54-g00ecf