summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README4
-rw-r--r--actions/deleteprofile.php289
-rw-r--r--actions/finishimmediate.php68
-rw-r--r--htaccess.sample42
4 files changed, 25 insertions, 378 deletions
diff --git a/README b/README
index 1ef31a8c1..a0758e5ee 100644
--- a/README
+++ b/README
@@ -817,6 +817,10 @@ private: If set to 'true', anonymous users will be redirected to the
authentication will require it. Note that this does not turn
off registration; use 'closed' or 'inviteonly' for the
behaviour you want.
+notice: A plain string that will appear on every page. A good place
+ to put introductory information about your service, or info about
+ upgrades and outages, or other community info. Any HTML will
+ be escaped.
db
--
diff --git a/actions/deleteprofile.php b/actions/deleteprofile.php
deleted file mode 100644
index cc236f847..000000000
--- a/actions/deleteprofile.php
+++ /dev/null
@@ -1,289 +0,0 @@
-<?php
-/*
- * Laconica - a distributed open-source microblogging tool
- * Copyright (C) 2008, Controlez-Vous, Inc.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
-if (!defined('LACONICA')) { exit(1); }
-
-class DeleteprofileAction extends Action
-{
- function handle($args)
- {
- parent::handle($args);
- $this->serverError(_('Code not yet ready.'));
- return;
- if ('POST' === $_SERVER['REQUEST_METHOD']) {
- $this->handle_post();
- }
- else if ('GET' === $_SERVER['REQUEST_METHOD']) {
- $this->show_form();
- }
- }
-
- function get_instructions()
- {
- return _('Export and delete your user information.');
- }
-
- function form_header($title, $msg=null, $success=false)
- {
- common_show_header($title,
- null,
- array($msg, $success),
- array($this, 'show_top'));
- }
-
- function show_feeds_list($feeds)
- {
- $this->elementStart('div', array('class' => 'feedsdel'));
- $this->element('p', null, 'Feeds:');
- $this->elementStart('ul', array('class' => 'xoxo'));
-
- foreach ($feeds as $key => $value) {
- $this->common_feed_item($feeds[$key]);
- }
- $this->elementEnd('ul');
- $this->elementEnd('div');
- }
-
- //TODO move to common.php (and retrace its origin)
- function common_feed_item($feed)
- {
- $user = common_current_user();
- $nickname = $user->nickname;
-
- switch($feed['item']) {
- case 'notices': default:
- $feed_classname = $feed['type'];
- $feed_mimetype = "application/".$feed['type']."+xml";
- $feed_title = "$nickname's ".$feed['version']." notice feed";
- $feed['textContent'] = "RSS";
- break;
-
- case 'foaf':
- $feed_classname = "foaf";
- $feed_mimetype = "application/".$feed['type']."+xml";
- $feed_title = "$nickname's FOAF file";
- $feed['textContent'] = "FOAF";
- break;
- }
- $this->elementStart('li');
- $this->element('a', array('href' => $feed['href'],
- 'class' => $feed_classname,
- 'type' => $feed_mimetype,
- 'title' => $feed_title),
- $feed['textContent']);
- $this->elementEnd('li');
- }
-
- function show_form($msg=null, $success=false)
- {
- $this->form_header(_('Delete my account'), $msg, $success);
- $this->element('h2', null, _('Delete my account confirmation'));
- $this->show_confirm_delete_form();
- common_show_footer();
- }
-
- function show_confirm_delete_form()
- {
- $user = common_current_user();
- $notices = DB_DataObject::factory('notice');
- $notices->profile_id = $user->id;
- $notice_count = (int) $notices->count();
-
- $this->elementStart('form', array('method' => 'POST',
- 'id' => 'delete',
- 'action' =>
- common_local_url('deleteprofile')));
-
- $this->hidden('token', common_session_token());
- $this->element('p', null, "Last chance to copy your notices and contacts by saving the two links below before deleting your account. Be careful, this operation cannot be undone.");
-
- $this->show_feeds_list(array(0=>array('href'=>common_local_url('userrss', array('limit' => $notice_count, 'nickname' => $user->nickname)),
- 'type' => 'rss',
- 'version' => 'RSS 1.0',
- 'item' => 'notices'),
- 1=>array('href'=>common_local_url('foaf',array('nickname' => $user->nickname)),
- 'type' => 'rdf',
- 'version' => 'FOAF',
- 'item' => 'foaf')));
-
- $this->checkbox('confirmation', _('Check if you are sure you want to delete your account.'));
-
- $this->submit('deleteaccount', _('Delete my account'));
- $this->elementEnd('form');
- }
-
- function handle_post()
- {
- # CSRF protection
- $token = $this->trimmed('token');
- if (!$token || $token != common_session_token()) {
- $this->show_form(_('There was a problem with your session token. Try again, please.'));
- return;
- }
-
- if ($this->arg('deleteaccount') && $this->arg('confirmation')) {
- $this->delete_account();
- }
- $this->show_form();
- }
-
- function delete_account()
- {
- $user = common_current_user();
- assert(!is_null($user)); # should already be checked
-
- // deleted later through the profile
- /*
- $avatar = new Avatar;
- $avatar->profile_id = $user->id;
- $n_avatars_deleted = $avatar->delete();
- */
-
- $fave = new Fave;
- $fave->user_id = $user->id;
- $n_faves_deleted = $fave->delete();
-
- $confirmation = new Confirm_address;
- $confirmation->user_id = $user->id;
- $n_confirmations_deleted = $confirmation->delete();
-
- // TODO foreign stuff...
-
- $invitation = new Invitation;
- $invitation->user_id = $user->id;
- $n_invitations_deleted = $invitation->delete();
-
- $message_from = new Message;
- $message_from->from_profile = $user->id;
- $n_messages_from_deleted = $message_from->delete();
-
- $message_to = new Message;
- $message_to->to_profile = $user->id;
- $n_messages_to_deleted = $message_to->delete();
-
- $notice_inbox = new Notice_inbox;
- $notice_inbox->user_id = $user->id;
- $n_notices_inbox_deleted = $notice_inbox->delete();
-
- $profile_tagger = new Profile_tag;
- $profile_tagger->tagger = $user->id;
- $n_profiles_tagger_deleted = $profile_tagger->delete();
-
- $profile_tagged = new Profile_tag;
- $profile_tagged->tagged = $user->id;
- $n_profiles_tagged_deleted = $profile_tagged->delete();
-
- $remember_me = new Remember_me;
- $remember_me->user_id = $user->id;
- $n_remember_mes_deleted = $remember_me->delete();
-
- $reply= new Reply;
- $reply->profile_id = $user->id;
- $n_replies_deleted = $reply->delete();
-
- // FIXME we're not removings replies to deleted notices.
- // notices should take care of that themselves.
-
- $notice = new Notice;
- $notice->profile_id = $user->id;
- $n_notices_deleted = $notice->delete();
-
- $subscriber = new Subscription;
- $subscriber->subscriber = $user->id;
- $n_subscribers_deleted = $subscriber->delete();
-
- $subscribed = new Subscription;
- $subscribed->subscribed = $user->id;
- $n_subscribeds_deleted = $subscribed->delete();
-
- $user_openid = new User_openid;
- $user_openid->user_id = $user->id;
- $n_user_openids_deleted = $user_openid->delete();
-
- $profile = new Profile;
- $profile->id = $user->id;
- $profile->delete_avatars();
- $n_profiles_deleted = $profile->delete();
- $n_users_deleted = $user->delete();
-
- // logout and redirect to public
- common_set_user(null);
- common_real_login(false); # not logged in
- common_forgetme(); # don't log back in!
- common_redirect(common_local_url('public'));
- }
-
- function show_top($arr)
- {
- $msg = $arr[0];
- $success = $arr[1];
- if ($msg) {
- $this->message($msg, $success);
- } else {
- $inst = $this->get_instructions();
- $output = common_markup_to_html($inst);
- $this->elementStart('div', 'instructions');
- $this->raw($output);
- $this->elementEnd('div');
- }
- $this->settings_menu();
- }
-
- function settings_menu()
- {
- # action => array('prompt', 'title')
- $menu =
- array('profilesettings' =>
- array(_('Profile'),
- _('Change your profile settings')),
- 'emailsettings' =>
- array(_('Email'),
- _('Change email handling')),
- 'openidsettings' =>
- array(_('OpenID'),
- _('Add or remove OpenIDs')),
- 'smssettings' =>
- array(_('SMS'),
- _('Updates by SMS')),
- 'imsettings' =>
- array(_('IM'),
- _('Updates by instant messenger (IM)')),
- 'twittersettings' =>
- array(_('Twitter'),
- _('Twitter integration options')),
- 'othersettings' =>
- array(_('Other'),
- _('Other options')));
-
- $action = $this->trimmed('action');
- $this->elementStart('ul', array('id' => 'nav_views'));
- foreach ($menu as $menuaction => $menudesc) {
- if ($menuaction == 'imsettings' &&
- !common_config('xmpp', 'enabled')) {
- continue;
- }
- common_menu_item(common_local_url($menuaction),
- $menudesc[0],
- $menudesc[1],
- $action == $menuaction);
- }
- $this->elementEnd('ul');
- }
-}
-
diff --git a/actions/finishimmediate.php b/actions/finishimmediate.php
deleted file mode 100644
index 0964c39f4..000000000
--- a/actions/finishimmediate.php
+++ /dev/null
@@ -1,68 +0,0 @@
-<?php
-/*
- * Laconica - a distributed open-source microblogging tool
- * Copyright (C) 2008, Controlez-Vous, Inc.
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
-if (!defined('LACONICA')) { exit(1); }
-
-require_once(INSTALLDIR.'/lib/openid.php');
-
-class FinishimmediateAction extends Action
-{
-
- function handle($args)
- {
- parent::handle($args);
-
- $consumer = oid_consumer();
-
- $response = $consumer->complete(common_local_url('finishimmediate'));
-
- if ($response->status == Auth_OpenID_SUCCESS) {
- $display = $response->getDisplayIdentifier();
- $canonical = ($response->endpoint->canonicalID) ?
- $response->endpoint->canonicalID : $response->getDisplayIdentifier();
-
- $user = oid_get_user($canonical);
-
- if ($user) {
- oid_update_user($user, $sreg);
- oid_set_last($display); # refresh for another year
- common_set_user($user->nickname);
- $this->go_backto();
- return;
- }
- }
-
- # Failure! Clear openid so we don't try it again
-
- oid_clear_last();
- $this->go_backto();
- return;
- }
-
- function go_backto()
- {
- common_ensure_session();
- $backto = $_SESSION['openid_immediate_backto'];
- if (!$backto) {
- # gar. Well, push them to the public page
- $backto = common_local_url('public');
- }
- common_redirect($backto);
- }
-}
diff --git a/htaccess.sample b/htaccess.sample
index b0e3e93e0..8c8b2152a 100644
--- a/htaccess.sample
+++ b/htaccess.sample
@@ -85,27 +85,6 @@ RewriteRule ^peopletag/([a-zA-Z0-9]+)$ index.php?action=peopletag&tag=$1 [L,QSA]
RewriteRule ^featured/?$ index.php?action=featured [L,QSA]
RewriteRule ^favorited/?$ index.php?action=favorited [L,QSA]
-RewriteRule ^(\w+)/subscriptions$ index.php?action=subscriptions&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/subscriptions/([a-zA-Z0-9]+)$ index.php?action=subscriptions&nickname=$1&tag=$2 [L,QSA]
-RewriteRule ^(\w+)/subscribers/([a-zA-Z0-9]+)$ index.php?action=subscribers&nickname=$1&tag=$2 [L,QSA]
-RewriteRule ^(\w+)/subscribers$ index.php?action=subscribers&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/nudge$ index.php?action=nudge&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/xrds$ index.php?action=xrds&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/rss$ index.php?action=userrss&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/all$ index.php?action=all&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/all/rss$ index.php?action=allrss&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/foaf$ index.php?action=foaf&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/replies$ index.php?action=replies&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/replies/rss$ index.php?action=repliesrss&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/avatar/(original|96|48|24)$ index.php?action=avatarbynickname&nickname=$1&size=$2 [L,QSA]
-RewriteRule ^(\w+)/favorites$ index.php?action=showfavorites&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/favorites/rss$ index.php?action=favoritesrss&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/inbox$ index.php?action=inbox&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/outbox$ index.php?action=outbox&nickname=$1 [L,QSA]
-RewriteRule ^(\w+)/microsummary$ index.php?action=microsummary&nickname=$1 [L,QSA]
-
-RewriteRule ^(\w+)$ index.php?action=showstream&nickname=$1 [L,QSA]
-
# Twitter-compatible API rewrites
# XXX: Surely these can be refactored a little -- Zach
RewriteRule ^api/statuses/public_timeline(.*)$ index.php?action=api&apiaction=statuses&method=public_timeline$1 [L,QSA]
@@ -148,6 +127,27 @@ RewriteRule ^api/laconica/version(.*)$ index.php?action=api&apiaction=laconica&m
RewriteRule ^api/laconica/config(.*)$ index.php?action=api&apiaction=laconica&method=config$1 [L,QSA]
RewriteRule ^api/laconica/wadl\.xml$ index.php?action=api&apiaction=laconica&method=wadl.xml [L,QSA]
+RewriteRule ^(\w+)/subscriptions$ index.php?action=subscriptions&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/subscriptions/([a-zA-Z0-9]+)$ index.php?action=subscriptions&nickname=$1&tag=$2 [L,QSA]
+RewriteRule ^(\w+)/subscribers/([a-zA-Z0-9]+)$ index.php?action=subscribers&nickname=$1&tag=$2 [L,QSA]
+RewriteRule ^(\w+)/subscribers$ index.php?action=subscribers&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/nudge$ index.php?action=nudge&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/xrds$ index.php?action=xrds&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/rss$ index.php?action=userrss&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/all$ index.php?action=all&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/all/rss$ index.php?action=allrss&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/foaf$ index.php?action=foaf&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/replies$ index.php?action=replies&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/replies/rss$ index.php?action=repliesrss&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/avatar/(original|96|48|24)$ index.php?action=avatarbynickname&nickname=$1&size=$2 [L,QSA]
+RewriteRule ^(\w+)/favorites$ index.php?action=showfavorites&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/favorites/rss$ index.php?action=favoritesrss&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/inbox$ index.php?action=inbox&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/outbox$ index.php?action=outbox&nickname=$1 [L,QSA]
+RewriteRule ^(\w+)/microsummary$ index.php?action=microsummary&nickname=$1 [L,QSA]
+
+RewriteRule ^(\w+)$ index.php?action=showstream&nickname=$1 [L,QSA]
+
<FilesMatch "\.(ini)">
Order allow,deny
</FilesMatch>