diff options
-rw-r--r-- | README | 4 | ||||
-rw-r--r-- | actions/deleteprofile.php | 289 | ||||
-rw-r--r-- | actions/finishimmediate.php | 68 | ||||
-rw-r--r-- | htaccess.sample | 42 |
4 files changed, 25 insertions, 378 deletions
@@ -817,6 +817,10 @@ private: If set to 'true', anonymous users will be redirected to the authentication will require it. Note that this does not turn off registration; use 'closed' or 'inviteonly' for the behaviour you want. +notice: A plain string that will appear on every page. A good place + to put introductory information about your service, or info about + upgrades and outages, or other community info. Any HTML will + be escaped. db -- diff --git a/actions/deleteprofile.php b/actions/deleteprofile.php deleted file mode 100644 index cc236f847..000000000 --- a/actions/deleteprofile.php +++ /dev/null @@ -1,289 +0,0 @@ -<?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -if (!defined('LACONICA')) { exit(1); } - -class DeleteprofileAction extends Action -{ - function handle($args) - { - parent::handle($args); - $this->serverError(_('Code not yet ready.')); - return; - if ('POST' === $_SERVER['REQUEST_METHOD']) { - $this->handle_post(); - } - else if ('GET' === $_SERVER['REQUEST_METHOD']) { - $this->show_form(); - } - } - - function get_instructions() - { - return _('Export and delete your user information.'); - } - - function form_header($title, $msg=null, $success=false) - { - common_show_header($title, - null, - array($msg, $success), - array($this, 'show_top')); - } - - function show_feeds_list($feeds) - { - $this->elementStart('div', array('class' => 'feedsdel')); - $this->element('p', null, 'Feeds:'); - $this->elementStart('ul', array('class' => 'xoxo')); - - foreach ($feeds as $key => $value) { - $this->common_feed_item($feeds[$key]); - } - $this->elementEnd('ul'); - $this->elementEnd('div'); - } - - //TODO move to common.php (and retrace its origin) - function common_feed_item($feed) - { - $user = common_current_user(); - $nickname = $user->nickname; - - switch($feed['item']) { - case 'notices': default: - $feed_classname = $feed['type']; - $feed_mimetype = "application/".$feed['type']."+xml"; - $feed_title = "$nickname's ".$feed['version']." notice feed"; - $feed['textContent'] = "RSS"; - break; - - case 'foaf': - $feed_classname = "foaf"; - $feed_mimetype = "application/".$feed['type']."+xml"; - $feed_title = "$nickname's FOAF file"; - $feed['textContent'] = "FOAF"; - break; - } - $this->elementStart('li'); - $this->element('a', array('href' => $feed['href'], - 'class' => $feed_classname, - 'type' => $feed_mimetype, - 'title' => $feed_title), - $feed['textContent']); - $this->elementEnd('li'); - } - - function show_form($msg=null, $success=false) - { - $this->form_header(_('Delete my account'), $msg, $success); - $this->element('h2', null, _('Delete my account confirmation')); - $this->show_confirm_delete_form(); - common_show_footer(); - } - - function show_confirm_delete_form() - { - $user = common_current_user(); - $notices = DB_DataObject::factory('notice'); - $notices->profile_id = $user->id; - $notice_count = (int) $notices->count(); - - $this->elementStart('form', array('method' => 'POST', - 'id' => 'delete', - 'action' => - common_local_url('deleteprofile'))); - - $this->hidden('token', common_session_token()); - $this->element('p', null, "Last chance to copy your notices and contacts by saving the two links below before deleting your account. Be careful, this operation cannot be undone."); - - $this->show_feeds_list(array(0=>array('href'=>common_local_url('userrss', array('limit' => $notice_count, 'nickname' => $user->nickname)), - 'type' => 'rss', - 'version' => 'RSS 1.0', - 'item' => 'notices'), - 1=>array('href'=>common_local_url('foaf',array('nickname' => $user->nickname)), - 'type' => 'rdf', - 'version' => 'FOAF', - 'item' => 'foaf'))); - - $this->checkbox('confirmation', _('Check if you are sure you want to delete your account.')); - - $this->submit('deleteaccount', _('Delete my account')); - $this->elementEnd('form'); - } - - function handle_post() - { - # CSRF protection - $token = $this->trimmed('token'); - if (!$token || $token != common_session_token()) { - $this->show_form(_('There was a problem with your session token. Try again, please.')); - return; - } - - if ($this->arg('deleteaccount') && $this->arg('confirmation')) { - $this->delete_account(); - } - $this->show_form(); - } - - function delete_account() - { - $user = common_current_user(); - assert(!is_null($user)); # should already be checked - - // deleted later through the profile - /* - $avatar = new Avatar; - $avatar->profile_id = $user->id; - $n_avatars_deleted = $avatar->delete(); - */ - - $fave = new Fave; - $fave->user_id = $user->id; - $n_faves_deleted = $fave->delete(); - - $confirmation = new Confirm_address; - $confirmation->user_id = $user->id; - $n_confirmations_deleted = $confirmation->delete(); - - // TODO foreign stuff... - - $invitation = new Invitation; - $invitation->user_id = $user->id; - $n_invitations_deleted = $invitation->delete(); - - $message_from = new Message; - $message_from->from_profile = $user->id; - $n_messages_from_deleted = $message_from->delete(); - - $message_to = new Message; - $message_to->to_profile = $user->id; - $n_messages_to_deleted = $message_to->delete(); - - $notice_inbox = new Notice_inbox; - $notice_inbox->user_id = $user->id; - $n_notices_inbox_deleted = $notice_inbox->delete(); - - $profile_tagger = new Profile_tag; - $profile_tagger->tagger = $user->id; - $n_profiles_tagger_deleted = $profile_tagger->delete(); - - $profile_tagged = new Profile_tag; - $profile_tagged->tagged = $user->id; - $n_profiles_tagged_deleted = $profile_tagged->delete(); - - $remember_me = new Remember_me; - $remember_me->user_id = $user->id; - $n_remember_mes_deleted = $remember_me->delete(); - - $reply= new Reply; - $reply->profile_id = $user->id; - $n_replies_deleted = $reply->delete(); - - // FIXME we're not removings replies to deleted notices. - // notices should take care of that themselves. - - $notice = new Notice; - $notice->profile_id = $user->id; - $n_notices_deleted = $notice->delete(); - - $subscriber = new Subscription; - $subscriber->subscriber = $user->id; - $n_subscribers_deleted = $subscriber->delete(); - - $subscribed = new Subscription; - $subscribed->subscribed = $user->id; - $n_subscribeds_deleted = $subscribed->delete(); - - $user_openid = new User_openid; - $user_openid->user_id = $user->id; - $n_user_openids_deleted = $user_openid->delete(); - - $profile = new Profile; - $profile->id = $user->id; - $profile->delete_avatars(); - $n_profiles_deleted = $profile->delete(); - $n_users_deleted = $user->delete(); - - // logout and redirect to public - common_set_user(null); - common_real_login(false); # not logged in - common_forgetme(); # don't log back in! - common_redirect(common_local_url('public')); - } - - function show_top($arr) - { - $msg = $arr[0]; - $success = $arr[1]; - if ($msg) { - $this->message($msg, $success); - } else { - $inst = $this->get_instructions(); - $output = common_markup_to_html($inst); - $this->elementStart('div', 'instructions'); - $this->raw($output); - $this->elementEnd('div'); - } - $this->settings_menu(); - } - - function settings_menu() - { - # action => array('prompt', 'title') - $menu = - array('profilesettings' => - array(_('Profile'), - _('Change your profile settings')), - 'emailsettings' => - array(_('Email'), - _('Change email handling')), - 'openidsettings' => - array(_('OpenID'), - _('Add or remove OpenIDs')), - 'smssettings' => - array(_('SMS'), - _('Updates by SMS')), - 'imsettings' => - array(_('IM'), - _('Updates by instant messenger (IM)')), - 'twittersettings' => - array(_('Twitter'), - _('Twitter integration options')), - 'othersettings' => - array(_('Other'), - _('Other options'))); - - $action = $this->trimmed('action'); - $this->elementStart('ul', array('id' => 'nav_views')); - foreach ($menu as $menuaction => $menudesc) { - if ($menuaction == 'imsettings' && - !common_config('xmpp', 'enabled')) { - continue; - } - common_menu_item(common_local_url($menuaction), - $menudesc[0], - $menudesc[1], - $action == $menuaction); - } - $this->elementEnd('ul'); - } -} - diff --git a/actions/finishimmediate.php b/actions/finishimmediate.php deleted file mode 100644 index 0964c39f4..000000000 --- a/actions/finishimmediate.php +++ /dev/null @@ -1,68 +0,0 @@ -<?php -/* - * Laconica - a distributed open-source microblogging tool - * Copyright (C) 2008, Controlez-Vous, Inc. - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU Affero General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Affero General Public License for more details. - * - * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -if (!defined('LACONICA')) { exit(1); } - -require_once(INSTALLDIR.'/lib/openid.php'); - -class FinishimmediateAction extends Action -{ - - function handle($args) - { - parent::handle($args); - - $consumer = oid_consumer(); - - $response = $consumer->complete(common_local_url('finishimmediate')); - - if ($response->status == Auth_OpenID_SUCCESS) { - $display = $response->getDisplayIdentifier(); - $canonical = ($response->endpoint->canonicalID) ? - $response->endpoint->canonicalID : $response->getDisplayIdentifier(); - - $user = oid_get_user($canonical); - - if ($user) { - oid_update_user($user, $sreg); - oid_set_last($display); # refresh for another year - common_set_user($user->nickname); - $this->go_backto(); - return; - } - } - - # Failure! Clear openid so we don't try it again - - oid_clear_last(); - $this->go_backto(); - return; - } - - function go_backto() - { - common_ensure_session(); - $backto = $_SESSION['openid_immediate_backto']; - if (!$backto) { - # gar. Well, push them to the public page - $backto = common_local_url('public'); - } - common_redirect($backto); - } -} diff --git a/htaccess.sample b/htaccess.sample index b0e3e93e0..8c8b2152a 100644 --- a/htaccess.sample +++ b/htaccess.sample @@ -85,27 +85,6 @@ RewriteRule ^peopletag/([a-zA-Z0-9]+)$ index.php?action=peopletag&tag=$1 [L,QSA] RewriteRule ^featured/?$ index.php?action=featured [L,QSA] RewriteRule ^favorited/?$ index.php?action=favorited [L,QSA] -RewriteRule ^(\w+)/subscriptions$ index.php?action=subscriptions&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/subscriptions/([a-zA-Z0-9]+)$ index.php?action=subscriptions&nickname=$1&tag=$2 [L,QSA] -RewriteRule ^(\w+)/subscribers/([a-zA-Z0-9]+)$ index.php?action=subscribers&nickname=$1&tag=$2 [L,QSA] -RewriteRule ^(\w+)/subscribers$ index.php?action=subscribers&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/nudge$ index.php?action=nudge&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/xrds$ index.php?action=xrds&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/rss$ index.php?action=userrss&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/all$ index.php?action=all&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/all/rss$ index.php?action=allrss&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/foaf$ index.php?action=foaf&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/replies$ index.php?action=replies&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/replies/rss$ index.php?action=repliesrss&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/avatar/(original|96|48|24)$ index.php?action=avatarbynickname&nickname=$1&size=$2 [L,QSA] -RewriteRule ^(\w+)/favorites$ index.php?action=showfavorites&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/favorites/rss$ index.php?action=favoritesrss&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/inbox$ index.php?action=inbox&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/outbox$ index.php?action=outbox&nickname=$1 [L,QSA] -RewriteRule ^(\w+)/microsummary$ index.php?action=microsummary&nickname=$1 [L,QSA] - -RewriteRule ^(\w+)$ index.php?action=showstream&nickname=$1 [L,QSA] - # Twitter-compatible API rewrites # XXX: Surely these can be refactored a little -- Zach RewriteRule ^api/statuses/public_timeline(.*)$ index.php?action=api&apiaction=statuses&method=public_timeline$1 [L,QSA] @@ -148,6 +127,27 @@ RewriteRule ^api/laconica/version(.*)$ index.php?action=api&apiaction=laconica&m RewriteRule ^api/laconica/config(.*)$ index.php?action=api&apiaction=laconica&method=config$1 [L,QSA] RewriteRule ^api/laconica/wadl\.xml$ index.php?action=api&apiaction=laconica&method=wadl.xml [L,QSA] +RewriteRule ^(\w+)/subscriptions$ index.php?action=subscriptions&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/subscriptions/([a-zA-Z0-9]+)$ index.php?action=subscriptions&nickname=$1&tag=$2 [L,QSA] +RewriteRule ^(\w+)/subscribers/([a-zA-Z0-9]+)$ index.php?action=subscribers&nickname=$1&tag=$2 [L,QSA] +RewriteRule ^(\w+)/subscribers$ index.php?action=subscribers&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/nudge$ index.php?action=nudge&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/xrds$ index.php?action=xrds&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/rss$ index.php?action=userrss&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/all$ index.php?action=all&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/all/rss$ index.php?action=allrss&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/foaf$ index.php?action=foaf&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/replies$ index.php?action=replies&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/replies/rss$ index.php?action=repliesrss&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/avatar/(original|96|48|24)$ index.php?action=avatarbynickname&nickname=$1&size=$2 [L,QSA] +RewriteRule ^(\w+)/favorites$ index.php?action=showfavorites&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/favorites/rss$ index.php?action=favoritesrss&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/inbox$ index.php?action=inbox&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/outbox$ index.php?action=outbox&nickname=$1 [L,QSA] +RewriteRule ^(\w+)/microsummary$ index.php?action=microsummary&nickname=$1 [L,QSA] + +RewriteRule ^(\w+)$ index.php?action=showstream&nickname=$1 [L,QSA] + <FilesMatch "\.(ini)"> Order allow,deny </FilesMatch> |