summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorCraig Andrews <candrews@integralblue.com>2010-10-14 15:27:17 -0400
committerCraig Andrews <candrews@integralblue.com>2010-10-14 15:27:17 -0400
commit0721d8d3e257709d27994eb4ab4bbe60abc93e2e (patch)
tree58cb9e3b5f8df089353617b498c340ad9276519b /lib
parentf79dbaf9a76c10969dbc45fd43a0bb26f5f64ed4 (diff)
parentfc6711327bcb2319139171ad3353603753f13eaa (diff)
Merge remote branch 'statusnet/0.9.x' into 1.0.x
Diffstat (limited to 'lib')
-rw-r--r--lib/action.php56
-rw-r--r--lib/apiaction.php16
-rw-r--r--lib/apioauth.php43
-rw-r--r--lib/apioauthstore.php70
-rw-r--r--lib/clienterroraction.php26
-rw-r--r--lib/connectsettingsaction.php4
-rw-r--r--lib/default.php3
-rw-r--r--lib/error.php73
-rw-r--r--lib/htmloutputter.php76
-rw-r--r--lib/info.php118
-rw-r--r--lib/oauthstore.php30
-rw-r--r--lib/servererroraction.php23
-rw-r--r--lib/serverexception.php2
-rw-r--r--lib/statusnet.php15
-rw-r--r--lib/theme.php78
15 files changed, 447 insertions, 186 deletions
diff --git a/lib/action.php b/lib/action.php
index ddc058d41..55ee83bde 100644
--- a/lib/action.php
+++ b/lib/action.php
@@ -175,8 +175,9 @@ class Action extends HTMLOutputter // lawsuit
$this->element('link', array('rel' => 'shortcut icon',
'href' => Theme::path('favicon.ico')));
} else {
+ // favicon.ico should be HTTPS if the rest of the page is
$this->element('link', array('rel' => 'shortcut icon',
- 'href' => common_path('favicon.ico')));
+ 'href' => common_path('favicon.ico', StatusNet::isHTTPS())));
}
if (common_config('site', 'mobile')) {
@@ -397,7 +398,10 @@ class Action extends HTMLOutputter // lawsuit
Event::handle('EndShowSiteNotice', array($this));
}
if (common_logged_in()) {
- $this->showNoticeForm();
+ if (Event::handle('StartShowNoticeForm', array($this))) {
+ $this->showNoticeForm();
+ Event::handle('EndShowNoticeForm', array($this));
+ }
} else {
$this->showAnonymousMessage();
}
@@ -422,11 +426,35 @@ class Action extends HTMLOutputter // lawsuit
}
$this->elementStart('a', array('class' => 'url home bookmark',
'href' => $url));
- if (common_config('site', 'logo') || file_exists(Theme::file('logo.png'))) {
+
+ if (StatusNet::isHTTPS()) {
+ $logoUrl = common_config('site', 'ssllogo');
+ if (empty($logoUrl)) {
+ // if logo is an uploaded file, try to fall back to HTTPS file URL
+ $httpUrl = common_config('site', 'logo');
+ if (!empty($httpUrl)) {
+ $f = File::staticGet('url', $httpUrl);
+ if (!empty($f) && !empty($f->filename)) {
+ // this will handle the HTTPS case
+ $logoUrl = File::url($f->filename);
+ }
+ }
+ }
+ } else {
+ $logoUrl = common_config('site', 'logo');
+ }
+
+ if (empty($logoUrl) && file_exists(Theme::file('logo.png'))) {
+ // This should handle the HTTPS case internally
+ $logoUrl = Theme::path('logo.png');
+ }
+
+ if (!empty($logoUrl)) {
$this->element('img', array('class' => 'logo photo',
- 'src' => (common_config('site', 'logo')) ? common_config('site', 'logo') : Theme::path('logo.png'),
+ 'src' => $logoUrl,
'alt' => common_config('site', 'name')));
}
+
$this->text(' ');
$this->element('span', array('class' => 'fn org'), common_config('site', 'name'));
$this->elementEnd('a');
@@ -891,8 +919,26 @@ class Action extends HTMLOutputter // lawsuit
case 'cc': // fall through
default:
$this->elementStart('p');
+
+ $image = common_config('license', 'image');
+ $sslimage = common_config('license', 'sslimage');
+
+ if (StatusNet::isHTTPS()) {
+ if (!empty($sslimage)) {
+ $url = $sslimage;
+ } else if (preg_match('#^http://i.creativecommons.org/#', $image)) {
+ // CC support HTTPS on their images
+ $url = preg_replace('/^http/', 'https', $image);
+ } else {
+ // Better to show mixed content than no content
+ $url = $image;
+ }
+ } else {
+ $url = $image;
+ }
+
$this->element('img', array('id' => 'license_cc',
- 'src' => common_config('license', 'image'),
+ 'src' => $url,
'alt' => common_config('license', 'title'),
'width' => '80',
'height' => '15'));
diff --git a/lib/apiaction.php b/lib/apiaction.php
index d8249055a..fbc3a1451 100644
--- a/lib/apiaction.php
+++ b/lib/apiaction.php
@@ -1246,23 +1246,29 @@ class ApiAction extends Action
// Do not emit error header for JSONP
if (!isset($this->callback)) {
- header('HTTP/1.1 '.$code.' '.$status_string);
+ header('HTTP/1.1 ' . $code . ' ' . $status_string);
}
- if ($format == 'xml') {
+ switch($format) {
+ case 'xml':
$this->initDocument('xml');
$this->elementStart('hash');
$this->element('error', null, $msg);
$this->element('request', null, $_SERVER['REQUEST_URI']);
$this->elementEnd('hash');
$this->endDocument('xml');
- } elseif ($format == 'json'){
+ break;
+ case 'json':
$this->initDocument('json');
$error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']);
print(json_encode($error_array));
$this->endDocument('json');
- } else {
-
+ break;
+ case 'text':
+ header('Content-Type: text/plain; charset=utf-8');
+ print $msg;
+ break;
+ default:
// If user didn't request a useful format, throw a regular client error
throw new ClientException($msg, $code);
}
diff --git a/lib/apioauth.php b/lib/apioauth.php
index 1c87e4232..54cecf92a 100644
--- a/lib/apioauth.php
+++ b/lib/apioauth.php
@@ -30,13 +30,12 @@
if (!defined('STATUSNET')) {
exit(1);
}
-
+require_once INSTALLDIR . '/lib/apiaction.php';
require_once INSTALLDIR . '/lib/apioauthstore.php';
/**
- * Base action for API OAuth enpoints. Clean up the
- * the request, and possibly some other common things
- * here.
+ * Base action for API OAuth enpoints. Clean up the
+ * request. Some other common functions.
*
* @category API
* @package StatusNet
@@ -44,7 +43,7 @@ require_once INSTALLDIR . '/lib/apioauthstore.php';
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
-class ApiOauthAction extends Action
+class ApiOauthAction extends ApiAction
{
/**
* Is this a read-only action?
@@ -77,6 +76,12 @@ class ApiOauthAction extends Action
self::cleanRequest();
}
+ /*
+ * Clean up the request so the OAuth library doesn't find
+ * any extra parameters or anything else it's not expecting.
+ * I'm looking at you, p parameter.
+ */
+
static function cleanRequest()
{
// kill evil effects of magical slashing
@@ -86,31 +91,19 @@ class ApiOauthAction extends Action
}
// strip out the p param added in index.php
-
- // XXX: should we strip anything else? Or alternatively
- // only allow a known list of params?
unset($_GET['p']);
unset($_POST['p']);
- }
+ unset($_REQUEST['p']);
- function getCallback($url, $params)
- {
- foreach ($params as $k => $v) {
- $url = $this->appendQueryVar($url,
- OAuthUtil::urlencode_rfc3986($k),
- OAuthUtil::urlencode_rfc3986($v));
+ $queryArray = explode('&', $_SERVER['QUERY_STRING']);
+
+ for ($i = 0; $i < sizeof($queryArray); $i++) {
+ if (substr($queryArray[$i], 0, 2) == 'p=') {
+ unset($queryArray[$i]);
+ }
}
- return $url;
+ $_SERVER['QUERY_STRING'] = implode('&', $queryArray);
}
- function appendQueryVar($url, $k, $v) {
- $url = preg_replace('/(.*)(\?|&)' . $k . '=[^&]+?(&)(.*)/i', '$1$2$4', $url . '&');
- $url = substr($url, 0, -1);
- if (strpos($url, '?') === false) {
- return ($url . '?' . $k . '=' . $v);
- } else {
- return ($url . '&' . $k . '=' . $v);
- }
- }
}
diff --git a/lib/apioauthstore.php b/lib/apioauthstore.php
index eca93866f..f3bf0b857 100644
--- a/lib/apioauthstore.php
+++ b/lib/apioauthstore.php
@@ -71,33 +71,37 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
}
}
- function new_access_token($token, $consumer)
+ function new_access_token($token, $consumer, $verifier)
{
- common_debug('new_access_token("'.$token->key.'","'.$consumer->key.'")', __FILE__);
+ common_debug(
+ 'new_access_token("' . $token->key . '","' . $consumer->key. '","' . $verifier . '")',
+ __FILE__
+ );
$rt = new Token();
+
$rt->consumer_key = $consumer->key;
- $rt->tok = $token->key;
- $rt->type = 0; // request
+ $rt->tok = $token->key;
+ $rt->type = 0; // request
$app = Oauth_application::getByConsumerKey($consumer->key);
+ assert(!empty($app));
- if (empty($app)) {
- common_debug("empty app!");
- }
+ if ($rt->find(true) && $rt->state == 1 && $rt->verifier == $verifier) { // authorized
- if ($rt->find(true) && $rt->state == 1) { // authorized
common_debug('request token found.', __FILE__);
// find the associated user of the app
$appUser = new Oauth_application_user();
+
$appUser->application_id = $app->id;
- $appUser->token = $rt->tok;
+ $appUser->token = $rt->tok;
+
$result = $appUser->find(true);
if (!empty($result)) {
- common_debug("Oath app user found.");
+ common_debug("Ouath app user found.");
} else {
common_debug("Oauth app user not found. app id $app->id token $rt->tok");
return null;
@@ -106,10 +110,12 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
// go ahead and make the access token
$at = new Token();
- $at->consumer_key = $consumer->key;
- $at->tok = common_good_rand(16);
- $at->secret = common_good_rand(16);
- $at->type = 1; // access
+ $at->consumer_key = $consumer->key;
+ $at->tok = common_good_rand(16);
+ $at->secret = common_good_rand(16);
+ $at->type = 1; // access
+ $at->verifier = $verifier;
+ $at->verified_callback = $rt->verified_callback; // 1.0a
$at->created = DB_DataObject_Cast::dateTime();
if (!$at->insert()) {
@@ -183,4 +189,40 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
throw new Exception(_('Failed to delete revoked token.'));
}
}
+
+ /*
+ * Create a new request token. Overrided to support OAuth 1.0a callback
+ *
+ * @param OAuthConsumer $consumer the OAuth Consumer for this token
+ * @param string $callback the verified OAuth callback URL
+ *
+ * @return OAuthToken $token a new unauthorized OAuth request token
+ */
+
+ function new_request_token($consumer, $callback)
+ {
+ $t = new Token();
+ $t->consumer_key = $consumer->key;
+ $t->tok = common_good_rand(16);
+ $t->secret = common_good_rand(16);
+ $t->type = 0; // request
+ $t->state = 0; // unauthorized
+ $t->verified_callback = $callback;
+
+ if ($callback === 'oob') {
+ // six digit pin
+ $t->verifier = mt_rand(0, 9999999);
+ } else {
+ $t->verifier = common_good_rand(8);
+ }
+
+ $t->created = DB_DataObject_Cast::dateTime();
+ if (!$t->insert()) {
+ return null;
+ } else {
+ return new OAuthToken($t->tok, $t->secret);
+ }
+ }
+
+
}
diff --git a/lib/clienterroraction.php b/lib/clienterroraction.php
index 08bced5bd..9233c9bde 100644
--- a/lib/clienterroraction.php
+++ b/lib/clienterroraction.php
@@ -12,7 +12,7 @@
* @link http://status.net/
*
* StatusNet - the distributed open-source microblogging tool
- * Copyright (C) 2008, 2009, StatusNet, Inc.
+ * Copyright (C) 2008-2010 StatusNet, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
@@ -32,7 +32,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
exit(1);
}
-require_once INSTALLDIR.'/lib/error.php';
+require_once INSTALLDIR . '/lib/error.php';
/**
* Class for displaying HTTP client errors
@@ -90,4 +90,26 @@ class ClientErrorAction extends ErrorAction
$this->showPage();
}
+
+ /**
+ * To specify additional HTTP headers for the action
+ *
+ * @return void
+ */
+ function extraHeaders()
+ {
+ $status_string = @self::$status[$this->code];
+ header('HTTP/1.1 '.$this->code.' '.$status_string);
+ }
+
+ /**
+ * Page title.
+ *
+ * @return page title
+ */
+
+ function title()
+ {
+ return @self::$status[$this->code];
+ }
}
diff --git a/lib/connectsettingsaction.php b/lib/connectsettingsaction.php
index c2e759f0f..0f64fee8c 100644
--- a/lib/connectsettingsaction.php
+++ b/lib/connectsettingsaction.php
@@ -118,9 +118,9 @@ class ConnectSettingsNav extends Widget
}
$menu['oauthconnectionssettings'] = array(
- // TRANS: Menu item for OAth connection settings.
+ // TRANS: Menu item for OuAth connection settings.
_m('MENU','Connections'),
- // TRANS: Tooltip for connected applications (Connections through OAth) menu item.
+ // TRANS: Tooltip for connected applications (Connections through OAuth) menu item.
_('Authorized connected applications')
);
diff --git a/lib/default.php b/lib/default.php
index 79b54fc3b..279a7a3d1 100644
--- a/lib/default.php
+++ b/lib/default.php
@@ -37,6 +37,7 @@ $default =
'path' => $_path,
'logfile' => null,
'logo' => null,
+ 'ssllogo' => null,
'logdebug' => false,
'fancy' => false,
'locale_path' => INSTALLDIR.'/locale',
@@ -210,6 +211,8 @@ $default =
array('server' => null,
'dir' => INSTALLDIR . '/file/',
'path' => $_path . '/file/',
+ 'sslserver' => null,
+ 'sslpath' => null,
'ssl' => null,
'supported' => array('image/png',
'image/jpeg',
diff --git a/lib/error.php b/lib/error.php
index a6a29119f..762425dc4 100644
--- a/lib/error.php
+++ b/lib/error.php
@@ -33,6 +33,8 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
exit(1);
}
+require_once INSTALLDIR . '/lib/info.php';
+
/**
* Base class for displaying HTTP errors
*
@@ -42,7 +44,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
* @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
* @link http://status.net/
*/
-class ErrorAction extends Action
+class ErrorAction extends InfoAction
{
static $status = array();
@@ -52,7 +54,7 @@ class ErrorAction extends Action
function __construct($message, $code, $output='php://output', $indent=null)
{
- parent::__construct($output, $indent);
+ parent::__construct(null, $message, $output, $indent);
$this->code = $code;
$this->message = $message;
@@ -64,43 +66,6 @@ class ErrorAction extends Action
$this->prepare($_REQUEST);
}
- /**
- * To specify additional HTTP headers for the action
- *
- * @return void
- */
- function extraHeaders()
- {
- $status_string = @self::$status[$this->code];
- header('HTTP/1.1 '.$this->code.' '.$status_string);
- }
-
- /**
- * Display content.
- *
- * @return nothing
- */
- function showContent()
- {
- $this->element('div', array('class' => 'error'), $this->message);
- }
-
- /**
- * Page title.
- *
- * @return page title
- */
-
- function title()
- {
- return @self::$status[$this->code];
- }
-
- function isReadOnly($args)
- {
- return true;
- }
-
function showPage()
{
if ($this->minimal) {
@@ -116,32 +81,16 @@ class ErrorAction extends Action
exit();
}
- // Overload a bunch of stuff so the page isn't too bloated
-
- function showBody()
+ /**
+ * Display content.
+ *
+ * @return nothing
+ */
+ function showContent()
{
- $this->elementStart('body', array('id' => 'error'));
- $this->elementStart('div', array('id' => 'wrap'));
- $this->showHeader();
- $this->showCore();
- $this->showFooter();
- $this->elementEnd('div');
- $this->elementEnd('body');
+ $this->element('div', array('class' => 'error'), $this->message);
}
- function showCore()
- {
- $this->elementStart('div', array('id' => 'core'));
- $this->showContentBlock();
- $this->elementEnd('div');
- }
- function showHeader()
- {
- $this->elementStart('div', array('id' => 'header'));
- $this->showLogo();
- $this->showPrimaryNav();
- $this->elementEnd('div');
- }
}
diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php
index 9780dc424..d079fac06 100644
--- a/lib/htmloutputter.php
+++ b/lib/htmloutputter.php
@@ -352,58 +352,74 @@ class HTMLOutputter extends XMLOutputter
*/
function script($src, $type='text/javascript')
{
- if(Event::handle('StartScriptElement', array($this,&$src,&$type))) {
+ if (Event::handle('StartScriptElement', array($this,&$src,&$type))) {
$url = parse_url($src);
- if( empty($url['scheme']) && empty($url['host']) && empty($url['query']) && empty($url['fragment']))
- {
+ if (empty($url['scheme']) && empty($url['host']) && empty($url['query']) && empty($url['fragment'])) {
+
+ // XXX: this seems like a big assumption
+
if (strpos($src, 'plugins/') === 0 || strpos($src, 'local/') === 0) {
- $src = common_path($src) . '?version=' . STATUSNET_VERSION;
+ $src = common_path($src, StatusNet::isHTTPS()) . '?version=' . STATUSNET_VERSION;
- }else{
+ } else {
- $path = common_config('javascript', 'path');
+ if (StatusNet::isHTTPS()) {
- if (empty($path)) {
- $path = common_config('site', 'path') . '/js/';
- }
+ $sslserver = common_config('javascript', 'sslserver');
- if ($path[strlen($path)-1] != '/') {
- $path .= '/';
- }
+ if (empty($sslserver)) {
+ if (is_string(common_config('site', 'sslserver')) &&
+ mb_strlen(common_config('site', 'sslserver')) > 0) {
+ $server = common_config('site', 'sslserver');
+ } else if (common_config('site', 'server')) {
+ $server = common_config('site', 'server');
+ }
+ $path = common_config('site', 'path') . '/js/';
+ } else {
+ $server = $sslserver;
+ $path = common_config('javascript', 'sslpath');
+ if (empty($path)) {
+ $path = common_config('javascript', 'path');
+ }
+ }
- if ($path[0] != '/') {
- $path = '/'.$path;
- }
+ $protocol = 'https';
- $server = common_config('javascript', 'server');
+ } else {
- if (empty($server)) {
- $server = common_config('site', 'server');
- }
+ $path = common_config('javascript', 'path');
- $ssl = common_config('javascript', 'ssl');
+ if (empty($path)) {
+ $path = common_config('site', 'path') . '/js/';
+ }
- if (is_null($ssl)) { // null -> guess
- if (common_config('site', 'ssl') == 'always' &&
- !common_config('javascript', 'server')) {
- $ssl = true;
- } else {
- $ssl = false;
+ $server = common_config('javascript', 'server');
+
+ if (empty($server)) {
+ $server = common_config('site', 'server');
}
+
+ $protocol = 'http';
}
- $protocol = ($ssl) ? 'https' : 'http';
+ if ($path[strlen($path)-1] != '/') {
+ $path .= '/';
+ }
+
+ if ($path[0] != '/') {
+ $path = '/'.$path;
+ }
$src = $protocol.'://'.$server.$path.$src . '?version=' . STATUSNET_VERSION;
}
}
$this->element('script', array('type' => $type,
- 'src' => $src),
- ' ');
+ 'src' => $src),
+ ' ');
Event::handle('EndScriptElement', array($this,$src,$type));
}
@@ -453,7 +469,7 @@ class HTMLOutputter extends XMLOutputter
if(file_exists(Theme::file($src,$theme))){
$src = Theme::path($src, $theme);
}else{
- $src = common_path($src);
+ $src = common_path($src, StatusNet::isHTTPS());
}
$src.= '?version=' . STATUSNET_VERSION;
}
diff --git a/lib/info.php b/lib/info.php
new file mode 100644
index 000000000..395c6522e
--- /dev/null
+++ b/lib/info.php
@@ -0,0 +1,118 @@
+<?php
+
+/**
+ * Information action
+ *
+ * PHP version 5
+ *
+ * @category Action
+ * @package StatusNet
+ * @author Zach Copley <zach@status.net>
+ * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link http://status.net/
+ *
+ * StatusNet - the distributed open-source microblogging tool
+ * Copyright (C) 2010, StatusNet, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+if (!defined('STATUSNET') && !defined('LACONICA')) {
+ exit(1);
+}
+
+/**
+ * Base class for displaying dialog box like messages to the user
+ *
+ * @category Action
+ * @package StatusNet
+ * @author Zach Copley <zach@status.net>
+ * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link http://status.net/
+ *
+ * @see ErrorAction
+ */
+
+class InfoAction extends Action
+{
+ var $message = null;
+
+ function __construct($title, $message, $output='php://output', $indent=null)
+ {
+ parent::__construct($output, $indent);
+
+ $this->message = $message;
+ $this->title = $title;
+
+ // XXX: hack alert: usually we aren't going to
+ // call this page directly, but because it's
+ // an action it needs an args array anyway
+ $this->prepare($_REQUEST);
+ }
+
+ /**
+ * Page title.
+ *
+ * @return page title
+ */
+
+ function title()
+ {
+ return empty($this->title) ? '' : $this->title;
+ }
+
+ function isReadOnly($args)
+ {
+ return true;
+ }
+
+ // Overload a bunch of stuff so the page isn't too bloated
+
+ function showBody()
+ {
+ $this->elementStart('body', array('id' => 'error'));
+ $this->elementStart('div', array('id' => 'wrap'));
+ $this->showHeader();
+ $this->showCore();
+ $this->showFooter();
+ $this->elementEnd('div');
+ $this->elementEnd('body');
+ }
+
+ function showCore()
+ {
+ $this->elementStart('div', array('id' => 'core'));
+ $this->showContentBlock();
+ $this->elementEnd('div');
+ }
+
+ function showHeader()
+ {
+ $this->elementStart('div', array('id' => 'header'));
+ $this->showLogo();
+ $this->showPrimaryNav();
+ $this->elementEnd('div');
+ }
+
+ /**
+ * Display content.
+ *
+ * @return nothing
+ */
+ function showContent()
+ {
+ $this->element('div', array('class' => 'info'), $this->message);
+ }
+
+}
diff --git a/lib/oauthstore.php b/lib/oauthstore.php
index f3ee629fd..1c8e72500 100644
--- a/lib/oauthstore.php
+++ b/lib/oauthstore.php
@@ -55,6 +55,17 @@ class StatusNetOAuthDataStore extends OAuthDataStore
}
}
+ function getTokenByKey($token_key)
+ {
+ $t = new Token();
+ $t->tok = $token_key;
+ if ($t->find(true)) {
+ return $t;
+ } else {
+ return null;
+ }
+ }
+
// http://oauth.net/core/1.0/#nonce
// "The Consumer SHALL then generate a Nonce value that is unique for
// all requests with that timestamp."
@@ -317,13 +328,18 @@ class StatusNetOAuthDataStore extends OAuthDataStore
function add_avatar($profile, $url)
{
$temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar');
- copy($url, $temp_filename);
- $imagefile = new ImageFile($profile->id, $temp_filename);
- $filename = Avatar::filename($profile->id,
- image_type_to_extension($imagefile->type),
- null,
- common_timestamp());
- rename($temp_filename, Avatar::path($filename));
+ try {
+ copy($url, $temp_filename);
+ $imagefile = new ImageFile($profile->id, $temp_filename);
+ $filename = Avatar::filename($profile->id,
+ image_type_to_extension($imagefile->type),
+ null,
+ common_timestamp());
+ rename($temp_filename, Avatar::path($filename));
+ } catch (Exception $e) {
+ unlink($temp_filename);
+ throw $e;
+ }
return $profile->setOriginal($filename);
}
diff --git a/lib/servererroraction.php b/lib/servererroraction.php
index 9b5a553dc..54cc99099 100644
--- a/lib/servererroraction.php
+++ b/lib/servererroraction.php
@@ -96,4 +96,27 @@ class ServerErrorAction extends ErrorAction
$this->showPage();
}
+
+ /**
+ * To specify additional HTTP headers for the action
+ *
+ * @return void
+ */
+ function extraHeaders()
+ {
+ $status_string = @self::$status[$this->code];
+ header('HTTP/1.1 '.$this->code.' '.$status_string);
+ }
+
+ /**
+ * Page title.
+ *
+ * @return page title
+ */
+
+ function title()
+ {
+ return @self::$status[$this->code];
+ }
+
}
diff --git a/lib/serverexception.php b/lib/serverexception.php
index 7dc9765ad..0dfbd04ff 100644
--- a/lib/serverexception.php
+++ b/lib/serverexception.php
@@ -22,7 +22,7 @@
* @category Exception
* @package StatusNet
* @author Evan Prodromou <evan@status.net>
- * @copyright 2008 StatusNet, Inc.
+ * @copyright 2008-2010 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
diff --git a/lib/statusnet.php b/lib/statusnet.php
index 39f90a506..3d018f4e2 100644
--- a/lib/statusnet.php
+++ b/lib/statusnet.php
@@ -169,7 +169,6 @@ class StatusNet
return $sites;
}
-
/**
* Fire initialization events for all instantiated plugins.
*/
@@ -225,7 +224,7 @@ class StatusNet
{
return self::$is_api;
}
-
+
public function setApi($mode)
{
self::$is_api = $mode;
@@ -387,6 +386,18 @@ class StatusNet
}
}
}
+
+ /**
+ * Are we running from the web with HTTPS?
+ *
+ * @return boolean true if we're running with HTTPS; else false
+ */
+
+ static function isHTTPS()
+ {
+ // There are some exceptions to this; add them here!
+ return $_SERVER['HTTPS'];
+ }
}
class NoConfigException extends Exception
diff --git a/lib/theme.php b/lib/theme.php
index 992fce870..95b7c1de4 100644
--- a/lib/theme.php
+++ b/lib/theme.php
@@ -38,7 +38,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
* Themes are directories with some expected sub-directories and files
* in them. They're found in either local/theme (for locally-installed themes)
* or theme/ subdir of installation dir.
- *
+ *
* Note that the 'local' directory can be overridden as $config['local']['path']
* and $config['local']['dir'] etc.
*
@@ -104,56 +104,72 @@ class Theme
/**
* Build a full URL to the given theme's base directory, possibly
* using an offsite theme server path.
- *
+ *
* @param string $group configuration section name to pull paths from
* @param string $fallbackSubdir default subdirectory under INSTALLDIR
* @param string $name theme name
- *
+ *
* @return string URL
- *
+ *
* @todo consolidate code with that for other customizable paths
*/
protected function relativeThemePath($group, $fallbackSubdir, $name)
{
- $path = common_config($group, 'path');
+ if (StatusNet::isHTTPS()) {
- if (empty($path)) {
- $path = common_config('site', 'path') . '/';
- if ($fallbackSubdir) {
- $path .= $fallbackSubdir . '/';
+ $sslserver = common_config($group, 'sslserver');
+
+ if (empty($sslserver)) {
+ if (is_string(common_config('site', 'sslserver')) &&
+ mb_strlen(common_config('site', 'sslserver')) > 0) {
+ $server = common_config('site', 'sslserver');
+ } else if (common_config('site', 'server')) {
+ $server = common_config('site', 'server');
+ }
+ $path = common_config('site', 'path') . '/';
+ if ($fallbackSubdir) {
+ $path .= $fallbackSubdir . '/';
+ }
+ } else {
+ $server = $sslserver;
+ $path = common_config($group, 'sslpath');
+ if (empty($path)) {
+ $path = common_config($group, 'path');
+ }
}
- }
- if ($path[strlen($path)-1] != '/') {
- $path .= '/';
- }
+ $protocol = 'https';
- if ($path[0] != '/') {
- $path = '/'.$path;
- }
+ } else {
- $server = common_config($group, 'server');
+ $path = common_config($group, 'path');
- if (empty($server)) {
- $server = common_config('site', 'server');
- }
+ if (empty($path)) {
+ $path = common_config('site', 'path') . '/';
+ if ($fallbackSubdir) {
+ $path .= $fallbackSubdir . '/';
+ }
+ }
- $ssl = common_config($group, 'ssl');
+ $server = common_config($group, 'server');
- if (is_null($ssl)) { // null -> guess
- if (common_config('site', 'ssl') == 'always' &&
- !common_config($group, 'server')) {
- $ssl = true;
- } else {
- $ssl = false;
+ if (empty($server)) {
+ $server = common_config('site', 'server');
}
+
+ $protocol = 'http';
}
- $protocol = ($ssl) ? 'https' : 'http';
+ if ($path[strlen($path)-1] != '/') {
+ $path .= '/';
+ }
- $path = $protocol . '://'.$server.$path.$name;
- return $path;
+ if ($path[0] != '/') {
+ $path = '/'.$path;
+ }
+
+ return $protocol.'://'.$server.$path.$name;
}
/**
@@ -221,7 +237,7 @@ class Theme
/**
* Pull data from the theme's theme.ini file.
* @fixme calling getFile will fall back to default theme, this may be unsafe.
- *
+ *
* @return associative array of strings
*/
function getMetadata()