summaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
Diffstat (limited to 'actions')
-rw-r--r--actions/all.php11
-rw-r--r--actions/avatarsettings.php6
-rw-r--r--actions/facebookhome.php5
-rw-r--r--actions/facebookinvite.php8
-rw-r--r--actions/finishopenidlogin.php2
-rw-r--r--actions/login.php34
-rw-r--r--actions/newnotice.php8
-rw-r--r--actions/openidlogin.php13
-rw-r--r--actions/opensearch.php4
-rw-r--r--actions/showstream.php65
-rw-r--r--actions/twitapistatuses.php1
11 files changed, 80 insertions, 77 deletions
diff --git a/actions/all.php b/actions/all.php
index 428466f24..b03ad7ec3 100644
--- a/actions/all.php
+++ b/actions/all.php
@@ -101,4 +101,15 @@ class AllAction extends Action
$this->pagination($this->page > 1, $cnt > NOTICES_PER_PAGE,
$this->page, 'all', array('nickname' => $this->user->nickname));
}
+
+ function showPageTitle()
+ {
+ $user =& common_current_user();
+ if ($user && ($user->id == $this->user->id)) {
+ $this->element('h1', NULL, _("You and friends"));
+ } else {
+ $this->element('h1', NULL, sprintf(_('%s and friends'), $this->user->nickname));
+ }
+ }
+
}
diff --git a/actions/avatarsettings.php b/actions/avatarsettings.php
index 643c0e567..68c6ce701 100644
--- a/actions/avatarsettings.php
+++ b/actions/avatarsettings.php
@@ -320,7 +320,7 @@ class AvatarsettingsAction extends AccountSettingsAction
$this->serverError(_('Lost our file data.'));
return;
}
-
+
// If image is not being cropped assume pos & dimentions of original
$dest_x = $this->arg('avatar_crop_x') ? $this->arg('avatar_crop_x'):0;
$dest_y = $this->arg('avatar_crop_y') ? $this->arg('avatar_crop_y'):0;
@@ -328,10 +328,10 @@ class AvatarsettingsAction extends AccountSettingsAction
$dest_h = $this->arg('avatar_crop_h') ? $this->arg('avatar_crop_h'):$filedata['height'];
$size = min($dest_w, $dest_h);
$size = ($size > MAX_ORIGINAL) ? MAX_ORIGINAL:$size;
-
+
$user = common_current_user();
$profile = $user->getProfile();
-
+
$imagefile = new ImageFile($user->id, $filedata['filepath']);
$filename = $imagefile->resize($size, $dest_x, $dest_y, $dest_w, $dest_h);
diff --git a/actions/facebookhome.php b/actions/facebookhome.php
index d943104c2..5946e6c98 100644
--- a/actions/facebookhome.php
+++ b/actions/facebookhome.php
@@ -148,14 +148,11 @@ class FacebookhomeAction extends FacebookAction
function showNoticeForm()
{
-
$post_action = "$this->app_uri/index.php";
$notice_form = new FacebookNoticeForm($this, $post_action, null,
$post_action, $this->user);
$notice_form->show();
-
-
}
function title()
@@ -169,7 +166,6 @@ class FacebookhomeAction extends FacebookAction
function showContent()
{
-
$notice = $this->user->noticesWithFriends(($this->page-1) *
NOTICES_PER_PAGE, NOTICES_PER_PAGE + 1);
@@ -179,7 +175,6 @@ class FacebookhomeAction extends FacebookAction
$this->pagination($this->page > 1, $cnt > NOTICES_PER_PAGE,
$this->page, 'index.php', array('nickname' => $this->user->nickname));
-
}
function showNoticeList($notice)
diff --git a/actions/facebookinvite.php b/actions/facebookinvite.php
index b7224783a..3c872f94b 100644
--- a/actions/facebookinvite.php
+++ b/actions/facebookinvite.php
@@ -73,7 +73,7 @@ class FacebookinviteAction extends FacebookAction
$friend_ids = $_POST['ids']; // XXX: Hmm... is this the best way to acces the list?
- $this->elementStart("ul");
+ $this->elementStart('ul', array('id' => 'facebook-friends'));
foreach ($friend_ids as $friend) {
$this->elementStart('li');
@@ -112,11 +112,11 @@ class FacebookinviteAction extends FacebookAction
$this->element('h2', null, sprintf(_('Friends already using %s:'),
common_config('site', 'name')));
- $this->elementStart("ul");
-
+ $this->elementStart('ul', array('id' => 'facebook-friends'));
+
foreach ($exclude_ids as $friend) {
$this->elementStart('li');
- $this->element('fb:profile-pic', array('uid' => $friend));
+ $this->element('fb:profile-pic', array('uid' => $friend, 'size' => 'square'));
$this->element('fb:name', array('uid' => $friend,
'capitalize' => 'true'));
$this->elementEnd('li');
diff --git a/actions/finishopenidlogin.php b/actions/finishopenidlogin.php
index 880a9505b..bc9151120 100644
--- a/actions/finishopenidlogin.php
+++ b/actions/finishopenidlogin.php
@@ -30,7 +30,7 @@ class FinishopenidloginAction extends Action
function handle($args)
{
parent::handle($args);
- if (common_logged_in()) {
+ if (common_is_real_login()) {
$this->clientError(_('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$token = $this->trimmed('token');
diff --git a/actions/login.php b/actions/login.php
index 7a3c6d374..71e467929 100644
--- a/actions/login.php
+++ b/actions/login.php
@@ -97,7 +97,7 @@ class LoginAction extends Action
{
// XXX: login throttle
- // CSRF protection - token set in common_notice_form()
+ // CSRF protection - token set in NoticeForm
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
$this->clientError(_('There was a problem with your session token. '.
@@ -107,35 +107,14 @@ class LoginAction extends Action
$nickname = common_canonical_nickname($this->trimmed('nickname'));
$password = $this->arg('password');
- if (common_check_user($nickname, $password)) {
- // success!
- if (!common_set_user($nickname)) {
- $this->serverError(_('Error setting user.'));
- return;
- }
- common_real_login(true);
- if ($this->boolean('rememberme')) {
- common_debug('Adding rememberme cookie for ' . $nickname);
- common_rememberme();
- }
- // success!
- $url = common_get_returnto();
- if ($url) {
- // We don't have to return to it again
- common_set_returnto(null);
- } else {
- $url = common_local_url('all',
- array('nickname' =>
- $nickname));
- }
- common_redirect($url);
- } else {
+
+ if (!common_check_user($nickname, $password)) {
$this->showForm(_('Incorrect username or password.'));
return;
}
// success!
- if (!common_set_user($user)) {
+ if (!common_set_user($nickname)) {
$this->serverError(_('Error setting user.'));
return;
}
@@ -143,11 +122,11 @@ class LoginAction extends Action
common_real_login(true);
if ($this->boolean('rememberme')) {
- common_debug('Adding rememberme cookie for ' . $nickname);
common_rememberme($user);
}
- // success!
+
$url = common_get_returnto();
+
if ($url) {
// We don't have to return to it again
common_set_returnto(null);
@@ -156,6 +135,7 @@ class LoginAction extends Action
array('nickname' =>
$nickname));
}
+
common_redirect($url);
}
diff --git a/actions/newnotice.php b/actions/newnotice.php
index 5142cb5ff..5e7691f33 100644
--- a/actions/newnotice.php
+++ b/actions/newnotice.php
@@ -90,7 +90,7 @@ class NewnoticeAction extends Action
$this->clientError(_('Not logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
- // CSRF protection - token set in common_notice_form()
+ // CSRF protection
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
$this->clientError(_('There was a problem with your session token. '.
@@ -141,9 +141,9 @@ class NewnoticeAction extends Action
if ($cmd) {
if ($this->boolean('ajax')) {
- $cmd->execute(new AjaxWebChannel());
+ $cmd->execute(new AjaxWebChannel($this));
} else {
- $cmd->execute(new WebChannel());
+ $cmd->execute(new WebChannel($this));
}
return;
}
@@ -195,7 +195,7 @@ class NewnoticeAction extends Action
function ajaxErrorMsg($msg)
{
- common_start_html('text/xml;charset=utf-8', true);
+ $this->startHTML('text/xml;charset=utf-8', true);
$this->elementStart('head');
$this->element('title', null, _('Ajax Error'));
$this->elementEnd('head');
diff --git a/actions/openidlogin.php b/actions/openidlogin.php
index 7a267a2bd..1a4372d73 100644
--- a/actions/openidlogin.php
+++ b/actions/openidlogin.php
@@ -26,7 +26,7 @@ class OpenidloginAction extends Action
function handle($args)
{
parent::handle($args);
- if (common_logged_in()) {
+ if (common_is_real_login()) {
$this->clientError(_('Already logged in.'));
} else if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$openid_url = $this->trimmed('openid_url');
@@ -59,7 +59,16 @@ class OpenidloginAction extends Action
function getInstructions()
{
- return _('Login with an [OpenID](%%doc.openid%%) account.');
+ if (common_logged_in() && !common_is_real_login() &&
+ common_get_returnto()) {
+ // rememberme logins have to reauthenticate before
+ // changing any profile settings (cookie-stealing protection)
+ return _('For security reasons, please re-login with your ' .
+ '[OpenID](%%doc.openid%%) ' .
+ 'before changing your settings.');
+ } else {
+ return _('Login with an [OpenID](%%doc.openid%%) account.');
+ }
}
function showPageNotice()
diff --git a/actions/opensearch.php b/actions/opensearch.php
index 7709249bb..2eb818306 100644
--- a/actions/opensearch.php
+++ b/actions/opensearch.php
@@ -67,7 +67,7 @@ class OpensearchAction extends Action
$short_name = _('Notice Search');
}
header('Content-Type: text/html');
- common_start_xml();
+ $this->startXML();
$this->elementStart('OpenSearchDescription', array('xmlns' => 'http://a9.com/-/spec/opensearch/1.1/'));
$short_name = common_config('site', 'name').' '.$short_name;
$this->element('ShortName', null, $short_name);
@@ -81,7 +81,7 @@ class OpensearchAction extends Action
$this->element('OutputEncoding', null, 'UTF-8');
$this->element('InputEncoding', null, 'UTF-8');
$this->elementEnd('OpenSearchDescription');
- common_end_xml();
+ $this->endXML();
}
function isReadOnly()
diff --git a/actions/showstream.php b/actions/showstream.php
index eab1fc0a2..4b1679969 100644
--- a/actions/showstream.php
+++ b/actions/showstream.php
@@ -140,7 +140,12 @@ class ShowstreamAction extends Action
function showPageTitle()
{
- $this->element('h1', NULL, $this->profile->nickname._("'s profile"));
+ $user =& common_current_user();
+ if ($user && ($user->id == $this->profile->id)) {
+ $this->element('h1', NULL, _("Your profile"));
+ } else {
+ $this->element('h1', NULL, sprintf(_('%s\'s profile'), $this->profile->nickname));
+ }
}
function showPageNoticeBlock()
@@ -170,26 +175,22 @@ class ShowstreamAction extends Action
function showFeeds()
{
- // Feeds
- $this->element('link', array('rel' => 'alternate',
- 'href' => common_local_url('api',
- array('apiaction' => 'statuses',
- 'method' => 'entity_timeline.rss',
- 'argument' => $this->user->nickname)),
- 'type' => 'application/rss+xml',
- 'title' => sprintf(_('Notice feed for %s'), $this->user->nickname)));
- $this->element('link', array('rel' => 'alternate feed',
- 'href' => common_local_url('api',
- array('apiaction' => 'statuses',
- 'method' => 'entity_timeline.atom',
- 'argument' => $this->user->nickname)),
- 'type' => 'application/atom+xml',
- 'title' => sprintf(_('Notice feed for %s'), $this->user->nickname)));
$this->element('link', array('rel' => 'alternate',
- 'href' => common_local_url('userrss', array('nickname' =>
- $this->user->nickname)),
- 'type' => 'application/rdf+xml',
- 'title' => sprintf(_('Notice feed for %s'), $this->user->nickname)));
+ 'type' => 'application/rss+xml',
+ 'href' => common_local_url('userrss',
+ array('nickname' => $this->user->nickname)),
+ 'title' => sprintf(_('Notice feed for %s (RSS)'),
+ $this->user->nickname)));
+
+ $this->element('link',
+ array('rel' => 'alternate',
+ 'href' => common_local_url('api',
+ array('apiaction' => 'statuses',
+ 'method' => 'user_timeline.atom',
+ 'argument' => $this->user->nickname)),
+ 'type' => 'application/atom+xml',
+ 'title' => sprintf(_('Notice feed for %s (Atom)'),
+ $this->user->nickname)));
}
function extraHead()
@@ -312,14 +313,22 @@ class ShowstreamAction extends Action
}
$this->elementEnd('div');
- //XXX: entity_actions doesn't need to be outputted if entity is looking at their own profile
$this->elementStart('div', 'entity_actions');
$this->element('h2', null, _('User actions'));
$this->elementStart('ul');
- $this->elementStart('li', array('class' => 'entity_subscribe'));
$cur = common_current_user();
+
+ if ($cur && $cur->id == $this->profile->id) {
+ $this->elementStart('li', 'entity_edit');
+ $this->element('a', array('href' => common_local_url('profilesettings'),
+ 'title' => _('Edit profile settings')),
+ _('Edit'));
+ $this->elementEnd('li');
+ }
+
if ($cur) {
if ($cur->id != $this->profile->id) {
+ $this->elementStart('li', 'entity_subscribe');
if ($cur->isSubscribed($this->profile)) {
$usf = new UnsubscribeForm($this, $this->profile);
$usf->show();
@@ -327,24 +336,24 @@ class ShowstreamAction extends Action
$sf = new SubscribeForm($this, $this->profile);
$sf->show();
}
+ $this->elementEnd('li');
}
} else {
+ $this->elementStart('li', 'entity_subscribe');
$this->showRemoteSubscribeLink();
+ $this->elementEnd('li');
}
- $this->elementEnd('li');
-
-// common_profile_new_message_nudge($cur, $this->user, $this->profile);
$user = User::staticGet('id', $this->profile->id);
if ($cur && $cur->id != $user->id && $cur->mutuallySubscribed($user)) {
- $this->elementStart('li', array('class' => 'entity_send-a-message'));
+ $this->elementStart('li', 'entity_send-a-message');
$this->element('a', array('href' => common_local_url('newmessage', array('to' => $user->id)),
'title' => _('Send a direct message to this user')),
_('Message'));
$this->elementEnd('li');
if ($user->email && $user->emailnotifynudge) {
- $this->elementStart('li', array('class' => 'entity_nudge'));
+ $this->elementStart('li', 'entity_nudge');
$nf = new NudgeForm($this, $user);
$nf->show();
$this->elementEnd('li');
@@ -353,7 +362,7 @@ class ShowstreamAction extends Action
if ($cur && $cur->id != $this->profile->id) {
$blocked = $cur->hasBlocked($this->profile);
- $this->elementStart('li', array('class' => 'entity_block'));
+ $this->elementStart('li', 'entity_block');
if ($blocked) {
$ubf = new UnblockForm($this, $this->profile);
$ubf->show();
diff --git a/actions/twitapistatuses.php b/actions/twitapistatuses.php
index a35f4b12e..18e24c0f5 100644
--- a/actions/twitapistatuses.php
+++ b/actions/twitapistatuses.php
@@ -450,7 +450,6 @@ class TwitapistatusesAction extends TwitterapiAction
if ($user->id == $notice->profile_id) {
$replies = new Reply;
$replies->get('notice_id', $notice_id);
- common_dequeue_notice($notice);
$replies->delete();
$notice->delete();