diff options
-rw-r--r-- | README | 80 | ||||
-rw-r--r-- | actions/register.php | 21 | ||||
-rw-r--r-- | actions/showapplication.php | 2 | ||||
-rw-r--r-- | classes/File.php | 2 | ||||
-rw-r--r-- | lib/common.php | 2 | ||||
-rw-r--r-- | plugins/UserFlag/UserFlagPlugin.php | 15 | ||||
-rw-r--r-- | plugins/UserFlag/clearflagform.php | 2 | ||||
-rw-r--r-- | plugins/UserFlag/userflag.css | 4 | ||||
-rwxr-xr-x[-rw-r--r--] | scripts/setconfig.php | 16 | ||||
-rw-r--r-- | theme/base/css/display.css | 6 | ||||
-rw-r--r-- | theme/base/images/icons/icons-01.gif | bin | 3650 -> 3758 bytes | |||
-rw-r--r-- | theme/base/images/icons/twotone/green/clear.gif | bin | 0 -> 82 bytes | |||
-rw-r--r-- | theme/base/images/icons/twotone/green/flag.gif (renamed from plugins/UserFlag/icon_flag.gif) | bin | 80 -> 80 bytes | |||
-rw-r--r-- | theme/base/logo.png | bin | 4988 -> 10107 bytes | |||
-rw-r--r-- | theme/default/css/display.css | 16 | ||||
-rw-r--r-- | theme/default/logo.png | bin | 6389 -> 10107 bytes | |||
-rw-r--r-- | theme/default/mobilelogo.png | bin | 2238 -> 4017 bytes | |||
-rw-r--r-- | theme/identica/css/display.css | 14 | ||||
-rw-r--r-- | theme/identica/mobilelogo.png | bin | 2238 -> 4017 bytes |
19 files changed, 149 insertions, 31 deletions
@@ -2,8 +2,8 @@ README ------ -StatusNet 0.9.0 ("Stand") Beta 4 -27 Jan 2010 +StatusNet 0.9.0 ("Stand") Beta 5 +1 Feb 2010 This is the README file for StatusNet (formerly Laconica), the Open Source microblogging platform. It includes installation instructions, @@ -78,6 +78,11 @@ New this version ================ This is a major feature release since version 0.8.2, released Nov 1 2009. +It is also a security release since 0.9.0beta4 January 27 2010. Beta +users are strongly encouraged to upgrade to deal with a security alert. + +http://status.net/wiki/Security_alert_0000002 + Notable changes this version: - Records of deleted notices are stored without the notice content. @@ -198,6 +203,77 @@ Notable changes this version: - Major refactoring of queue handlers to manage very large hosting site (like status.net) - SubscriptionThrottle plugin to prevent subscription spamming +- Don't enqueue into plugin or SMS queues when disabled (breaks unqueuehandler if SMS queue isn't attached) +- Improve name validation checks on local File references +- fix local file include vulnerability in doc.php +- Reusing fixed selector name for 'processing' in util.js +- Removed hAtom pattern from registration page. +- restructuring of User::registerNew() lost password munging +- Add a script to clear the cache for a given key +- buggy fetch for site owner +- Added missing concat of </li> in Realtime response +- Updated XHR binded events to work better in jQuery 1.4.1. Using .live() for event delegation instead of jQuery.data() and checking to see if an element was previously binded. +- Updated jQuery Form Plugin from v2.17 to v2.36 +- Updated jQuery JavaScript Library from v1.3.2 to v1.4.1 +- move schema.type.php to typeschema.php like other files +- Add Really Simple Discovery (RSD) support +- Add a robots.txt URL to the site root +- error clearing tags for profiles from memcached +- on exceptions, stomp logs the error and reenqueues +- add lat, lon, location and remove closing tag from geocode.php +- Use passed-in lat long in geocode.php +- better handling of null responses from geonames.org +- Globalized form notice data geo values +- Using jQuery chaining in FormNoticeXHR +- Using form object instead of form_id and find(). Slightly faster and easier to read. +- removed describeTable from base class, and fixed it up in pgsql +- getTableDef() mostly working in postgres +- move the schema DDL sql off into seperate files for each db we support +- plugin to limit number of registered users +- add hooks for user registration +- live fast, die young in bash scripts +- for single-user mode, retrieve either site owner or defined nickname +- method to get the site owner +- define a constant for the 'owner' role of a site +- add simple cache getter/setter static functions to Memcached_DataObject +- Adds notice author's name to @title in Realtime response +- Hides .author from XHR response in showstream +- Hides .author from XHR response in showstream +- Fix more fatal errors in queue edge cases +- Don't attempt to resend XMPP messages that can't be broadcast due to the profile being deleted. +- Wrap each bit of distrib queue handler's saving operation in a try/catch; log exceptions but let everything else continue. +- Log exceptions from queuedaemon.php if they're not already caught +- Move sessions settings to its own panel +- Fixes for status_network db object .ini and tag setter script +- Add a script to set tags for sites +- Adjust API authentication to also check for OAuth protocol params in the HTTP Authorization header, as defined in OAuth HTTP Authorization Scheme. +- Last-chance distribution if enqueueing fails +- Manual failover for stomp queues. +- lost config in index.php made all traffic go to master +- "Revert "move RW setup above user get in index.php so remember_me works"" +- Revert "move RW setup above user get in index.php so remember_me works" +- move RW setup above user get in index.php so remember_me works +- hide most DB_DataObject errors +- always set up database_rw, regardless, so cached sessions work +- update mysqltimestamps on insert and update +- additional debugging data for Sessions +- 'Sign in with Twitter' button img +- Update to biz theme +- Remove redundant session token field from form (was already being added by base class). +- 'Sign in with Twitter' button img +- Can now set $config['queue']['stomp_persistent'] = false; to explicitly disable persistence when we queue items +- Showing processing indicator for form_repeat on submit instead of form +- Removed avatar from repeat of username (matches noticelist) +- Removed unused variable assignment for avatar URL and added missing fn +- Don't preemptively close existing DB connections for web views (needed to keep # of conns from going insane on multi-site queue daemons, so just doing for CLI) May, or may not, help with mystery session problems +- dropping the setcookie() call from common_ensure_session() since we're pretty sure it's unnecessary +- append '/' on cookie path for now (may still need some refactoring) +- set session cookie correctly +- Fix for Mapstraction plugin's zoomed map links +- debug log line for control channel sub +- Move faceboookapp.js to the Facebook plugin +- fix for fix for bad realtime JS load +- default 24-hour expiry on Memcached objects where not specified. Prerequisites ============= diff --git a/actions/register.php b/actions/register.php index 063bbe2cc..698137346 100644 --- a/actions/register.php +++ b/actions/register.php @@ -303,6 +303,27 @@ class RegisterAction extends Action return ($user !== false); } + // overrrided to add entry-title class + function showPageTitle() { + if (Event::handle('StartShowPageTitle', array($this))) { + $this->element('h1', array('class' => 'entry-title'), $this->title()); + } + } + + // overrided to add hentry, and content-inner class + function showContentBlock() + { + $this->elementStart('div', array('id' => 'content', 'class' => 'hentry')); + $this->showPageTitle(); + $this->showPageNoticeBlock(); + $this->elementStart('div', array('id' => 'content_inner', + 'class' => 'entry-content')); + // show the actual content (forms, lists, whatever) + $this->showContent(); + $this->elementEnd('div'); + $this->elementEnd('div'); + } + /** * Instructions or a notice for the page * diff --git a/actions/showapplication.php b/actions/showapplication.php index d307ea452..020d62480 100644 --- a/actions/showapplication.php +++ b/actions/showapplication.php @@ -201,7 +201,7 @@ class ShowApplicationAction extends OwnerDesignAction $userCnt = $appUsers->count(); $this->raw(sprintf( - _('created by %1$s - %2$s access by default - %3$d users'), + _('Created by %1$s - %2$s access by default - %3$d users'), $profile->getBestName(), $defaultAccess, $userCnt diff --git a/classes/File.php b/classes/File.php index 8d91ce500..307fdb686 100644 --- a/classes/File.php +++ b/classes/File.php @@ -181,7 +181,7 @@ class File extends Memcached_DataObject */ static function validFilename($filename) { - return preg_match('^/[A-Za-z0-9._-]+$/', $filename); + return preg_match('/^[A-Za-z0-9._-]+$/', $filename); } /** diff --git a/lib/common.php b/lib/common.php index b482464aa..b95cd1175 100644 --- a/lib/common.php +++ b/lib/common.php @@ -22,7 +22,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); } //exit with 200 response, if this is checking fancy from the installer if (isset($_REQUEST['p']) && $_REQUEST['p'] == 'check-fancy') { exit; } -define('STATUSNET_VERSION', '0.9.0beta4'); +define('STATUSNET_VERSION', '0.9.0beta5'); define('LACONICA_VERSION', STATUSNET_VERSION); // compatibility define('STATUSNET_CODENAME', 'Stand'); diff --git a/plugins/UserFlag/UserFlagPlugin.php b/plugins/UserFlag/UserFlagPlugin.php index 8728e5703..ae3dfe036 100644 --- a/plugins/UserFlag/UserFlagPlugin.php +++ b/plugins/UserFlag/UserFlagPlugin.php @@ -183,21 +183,6 @@ class UserFlagPlugin extends Plugin } /** - * Add our plugin's CSS to page output - * - * @param Action $action action being shown - * - * @return boolean hook result - */ - - function onEndShowStatusNetStyles($action) - { - $action->cssLink(common_path('plugins/UserFlag/userflag.css'), - null, 'screen, projection, tv'); - return true; - } - - /** * Initialize any flagging buttons on the page * * @param Action $action action being shown diff --git a/plugins/UserFlag/clearflagform.php b/plugins/UserFlag/clearflagform.php index 5ad6055d3..eefd15c36 100644 --- a/plugins/UserFlag/clearflagform.php +++ b/plugins/UserFlag/clearflagform.php @@ -54,7 +54,7 @@ class ClearFlagForm extends ProfileActionForm function formClass() { - return 'form_entity_clearflag'; + return 'form_user_clearflag'; } /** diff --git a/plugins/UserFlag/userflag.css b/plugins/UserFlag/userflag.css deleted file mode 100644 index 98da24cc9..000000000 --- a/plugins/UserFlag/userflag.css +++ /dev/null @@ -1,4 +0,0 @@ -.entity_flag input.submit, -.entity_flag p { -background:url(icon_flag.gif) 5px 5px no-repeat; -} diff --git a/scripts/setconfig.php b/scripts/setconfig.php index b102f99b1..fe0e46d65 100644..100755 --- a/scripts/setconfig.php +++ b/scripts/setconfig.php @@ -28,6 +28,7 @@ setconfig.php [options] [section] [setting] <value> With three args, set the setting to the value. With two args, just show the setting. With -d, delete the setting. +With no args, lists all currently set values. [section] section to use (required) [setting] setting to use (required) @@ -39,6 +40,21 @@ END_OF_SETCONFIG_HELP; require_once INSTALLDIR.'/scripts/commandline.inc'; +if (empty($args)) { + $count = 0; + $config = new Config(); + $config->find(); + while ($config->fetch()) { + $count++; + printf("%-20s %-20s %s\n", $config->section, $config->setting, + var_export($config->value, true)); + } + if ($count == 0) { + print "No configuration set in database for this site.\n"; + } + exit(0); +} + if (count($args) < 2 || count($args) > 3) { show_help(); exit(1); diff --git a/theme/base/css/display.css b/theme/base/css/display.css index 0d6395d05..b5cfab7e9 100644 --- a/theme/base/css/display.css +++ b/theme/base/css/display.css @@ -632,7 +632,8 @@ margin-bottom:18px; .entity_profile .entity_url, .entity_profile .entity_note, .entity_profile .entity_tags, -.entity_profile .entity_aliases { +.entity_profile .entity_aliases, +.entity_profile .entity_statistics { margin-left:113px; margin-bottom:4px; } @@ -1411,6 +1412,9 @@ margin-bottom:18px; .hentry .entry-content li li { margin-left:18px; } +.hentry .entry-content .form_settings ul { +margin-left:0; +} #content #plugin_authors { min-width:122px; diff --git a/theme/base/images/icons/icons-01.gif b/theme/base/images/icons/icons-01.gif Binary files differindex f93d33d79..01a729c10 100644 --- a/theme/base/images/icons/icons-01.gif +++ b/theme/base/images/icons/icons-01.gif diff --git a/theme/base/images/icons/twotone/green/clear.gif b/theme/base/images/icons/twotone/green/clear.gif Binary files differnew file mode 100644 index 000000000..2666430ef --- /dev/null +++ b/theme/base/images/icons/twotone/green/clear.gif diff --git a/plugins/UserFlag/icon_flag.gif b/theme/base/images/icons/twotone/green/flag.gif Binary files differindex 68c8aee25..68c8aee25 100644 --- a/plugins/UserFlag/icon_flag.gif +++ b/theme/base/images/icons/twotone/green/flag.gif diff --git a/theme/base/logo.png b/theme/base/logo.png Binary files differindex 7c68b34f6..cf1839194 100644 --- a/theme/base/logo.png +++ b/theme/base/logo.png diff --git a/theme/default/css/display.css b/theme/default/css/display.css index 06711850f..6954de7ba 100644 --- a/theme/default/css/display.css +++ b/theme/default/css/display.css @@ -1,7 +1,7 @@ /** theme: default * * @package StatusNet - * @author Sarven Capadisli <csarven@status.net> + * @author Sarven Capadisli <csarven@status.net> * @copyright 2009 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ @@ -18,7 +18,7 @@ font-family: "Lucida Sans Unicode", "Lucida Grande", sans-serif; font-size:1em; } address { -margin-right:5.7%; +margin-right:5.3%; } input, textarea, select { border-width:2px; @@ -189,7 +189,10 @@ button.close, .notice-options .repeated, .form_notice label[for=notice_data-geo], button.minimize, -.form_reset_key input.submit { +.form_reset_key input.submit, +.entity_clear input.submit, +.entity_flag input.submit, +.entity_flag p { background-image:url(../../base/images/icons/icons-01.gif); background-repeat:no-repeat; background-color:transparent; @@ -338,6 +341,13 @@ background-position: 5px -1511px; .form_reset_key input.submit { background-position: 5px -1973px; } +.entity_clear input.submit { +background-position: 5px -2039px; +} +.entity_flag input.submit, +.entity_flag p { +background-position: 5px -2105px; +} /* NOTICES */ .notice .attachment { diff --git a/theme/default/logo.png b/theme/default/logo.png Binary files differindex 550d373fe..cf1839194 100644 --- a/theme/default/logo.png +++ b/theme/default/logo.png diff --git a/theme/default/mobilelogo.png b/theme/default/mobilelogo.png Binary files differindex b72f7aff5..66bb5f678 100644 --- a/theme/default/mobilelogo.png +++ b/theme/default/mobilelogo.png diff --git a/theme/identica/css/display.css b/theme/identica/css/display.css index 1ac96ab5b..9ac2730bd 100644 --- a/theme/identica/css/display.css +++ b/theme/identica/css/display.css @@ -1,7 +1,7 @@ /** theme: identica * * @package StatusNet - * @author Sarven Capadisli <csarven@status.net> + * @author Sarven Capadisli <csarven@status.net> * @copyright 2009 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ @@ -189,7 +189,10 @@ button.close, .notice-options .repeated, .form_notice label[for=notice_data-geo], button.minimize, -.form_reset_key input.submit { +.form_reset_key input.submit, +.entity_clear input.submit, +.entity_flag input.submit, +.entity_flag p { background-image:url(../../base/images/icons/icons-01.gif); background-repeat:no-repeat; background-color:transparent; @@ -337,6 +340,13 @@ background-position: 5px -1511px; .form_reset_key input.submit { background-position: 5px -1973px; } +.entity_clear input.submit { +background-position: 5px -2039px; +} +.entity_flag input.submit, +.entity_flag p { +background-position: 5px -2105px; +} /* NOTICES */ .notice .attachment { diff --git a/theme/identica/mobilelogo.png b/theme/identica/mobilelogo.png Binary files differindex b72f7aff5..66bb5f678 100644 --- a/theme/identica/mobilelogo.png +++ b/theme/identica/mobilelogo.png |