summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/action.php2
-rw-r--r--lib/api.php6
-rw-r--r--lib/command.php24
-rw-r--r--lib/common.php2
-rw-r--r--lib/mail.php7
-rw-r--r--lib/mailhandler.php4
-rw-r--r--lib/mediafile.php12
-rw-r--r--lib/noticeform.php2
-rw-r--r--lib/router.php13
-rw-r--r--lib/snapshot.php8
-rw-r--r--lib/subscriptionlist.php2
-rw-r--r--lib/util.php60
12 files changed, 97 insertions, 45 deletions
diff --git a/lib/action.php b/lib/action.php
index 1b4cb5cec..a521bcb50 100644
--- a/lib/action.php
+++ b/lib/action.php
@@ -141,7 +141,7 @@ class Action extends HTMLOutputter // lawsuit
function showTitle()
{
$this->element('title', null,
- sprintf(_("%s - %s"),
+ sprintf(_("%1\$s - %2\$s"),
$this->title(),
common_config('site', 'name')));
}
diff --git a/lib/api.php b/lib/api.php
index 4ed49e452..d21851d50 100644
--- a/lib/api.php
+++ b/lib/api.php
@@ -140,12 +140,14 @@ class ApiAction extends Action
// Note: some profiles don't have an associated user
+ $defaultDesign = Design::siteDesign();
+
if (!empty($user)) {
$design = $user->getDesign();
}
if (empty($design)) {
- $design = Design::siteDesign();
+ $design = $defaultDesign;
}
$color = Design::toWebColor(empty($design->backgroundcolor) ? $defaultDesign->backgroundcolor : $design->backgroundcolor);
@@ -787,7 +789,7 @@ class ApiAction extends Action
$from = $message->getFrom();
- $entry['title'] = sprintf('Message from %s to %s',
+ $entry['title'] = sprintf('Message from %1$s to %2$s',
$from->nickname, $message->getTo()->nickname);
$entry['content'] = common_xml_safe_str($message->rendered);
diff --git a/lib/command.php b/lib/command.php
index 67140c348..f846fb823 100644
--- a/lib/command.php
+++ b/lib/command.php
@@ -650,25 +650,17 @@ class LoginCommand extends Command
$channel->error($this->user, _('Login command is disabled'));
return;
}
- $login_token = Login_token::staticGet('user_id',$this->user->id);
- if($login_token){
- $login_token->delete();
- }
- $login_token = new Login_token();
- $login_token->user_id = $this->user->id;
- $login_token->token = common_good_rand(16);
- $login_token->created = common_sql_now();
- $result = $login_token->insert();
- if (!$result) {
- common_log_db_error($login_token, 'INSERT', __FILE__);
- $channel->error($this->user, sprintf(_('Could not create login token for %s'),
- $this->user->nickname));
- return;
+
+ try {
+ $login_token = Login_token::makeNew($this->user);
+ } catch (Exception $e) {
+ $channel->error($this->user, $e->getMessage());
}
+
$channel->output($this->user,
sprintf(_('This link is useable only once, and is good for only 2 minutes: %s'),
- common_local_url('login',
- array('user_id'=>$login_token->user_id, 'token'=>$login_token->token))));
+ common_local_url('otp',
+ array('user_id' => $login_token->user_id, 'token' => $login_token->token))));
}
}
diff --git a/lib/common.php b/lib/common.php
index fb5e5919e..7342c177a 100644
--- a/lib/common.php
+++ b/lib/common.php
@@ -197,7 +197,7 @@ function _have_config()
// XXX: Find a way to use htmlwriter for this instead of handcoded markup
if (!_have_config()) {
echo '<p>'. _('No configuration file found. ') .'</p>';
- echo '<p>'. _('I looked for configuration files in the following places: ') .'<br/> '. implode($_config_files, '<br/>');
+ echo '<p>'. _('I looked for configuration files in the following places: ') .'<br /> '. implode($_config_files, '<br />');
echo '<p>'. _('You may wish to run the installer to fix this.') .'</p>';
echo '<a href="install.php">'. _('Go to the installer.') .'</a>';
exit;
diff --git a/lib/mail.php b/lib/mail.php
index 472a88e06..c724764cc 100644
--- a/lib/mail.php
+++ b/lib/mail.php
@@ -251,11 +251,11 @@ function mail_subscribe_notify_profile($listenee, $other)
common_config('site', 'name'),
$other->profileurl,
($other->location) ?
- sprintf(_("Location: %s\n"), $other->location) : '',
+ sprintf(_("Location: %s"), $other->location) . "\n" : '',
($other->homepage) ?
- sprintf(_("Homepage: %s\n"), $other->homepage) : '',
+ sprintf(_("Homepage: %s"), $other->homepage) . "\n" : '',
($other->bio) ?
- sprintf(_("Bio: %s\n\n"), $other->bio) : '',
+ sprintf(_("Bio: %s"), $other->bio) . "\n\n" : '',
common_config('site', 'name'),
common_local_url('emailsettings'));
@@ -652,4 +652,3 @@ function mail_notify_attn($user, $notice)
common_init_locale();
mail_to_user($user, $subject, $body);
}
-
diff --git a/lib/mailhandler.php b/lib/mailhandler.php
index 32a8cd9bc..85be89f18 100644
--- a/lib/mailhandler.php
+++ b/lib/mailhandler.php
@@ -139,7 +139,7 @@ class MailHandler
$headers['From'] = $to;
$headers['To'] = $from;
- $headers['Subject'] = "Command complete";
+ $headers['Subject'] = _('Command complete');
return mail_send(array($from), $headers, $response);
}
@@ -225,7 +225,7 @@ class MailHandler
function unsupported_type($type)
{
- $this->error(null, "Unsupported message type: " . $type);
+ $this->error(null, sprintf(_('Unsupported message type: %s'), $type));
}
function cleanup_msg($msg)
diff --git a/lib/mediafile.php b/lib/mediafile.php
index 29d752f0c..e3d5b1dbc 100644
--- a/lib/mediafile.php
+++ b/lib/mediafile.php
@@ -176,7 +176,7 @@ class MediaFile
// Should never actually get here
@unlink($_FILES[$param]['tmp_name']);
- throw new ClientException(_('File exceeds user\'s quota!'));
+ throw new ClientException(_('File exceeds user\'s quota.'));
return;
}
@@ -198,7 +198,7 @@ class MediaFile
}
} else {
- throw new ClientException(_('Could not determine file\'s mime-type!'));
+ throw new ClientException(_('Could not determine file\'s MIME type.'));
return;
}
@@ -213,7 +213,7 @@ class MediaFile
// Should never actually get here
- throw new ClientException(_('File exceeds user\'s quota!'));
+ throw new ClientException(_('File exceeds user\'s quota.'));
return;
}
@@ -234,7 +234,7 @@ class MediaFile
$stream['uri'] . ' ' . $filepath));
}
} else {
- throw new ClientException(_('Could not determine file\'s mime-type!'));
+ throw new ClientException(_('Could not determine file\'s MIME type.'));
return;
}
@@ -272,7 +272,7 @@ class MediaFile
$hint = '';
}
throw new ClientException(sprintf(
- _('%s is not a supported filetype on this server.'), $filetype) . $hint);
+ _('%s is not a supported file type on this server.'), $filetype) . $hint);
}
static function respectsQuota($user, $filesize)
@@ -286,4 +286,4 @@ class MediaFile
}
}
-} \ No newline at end of file
+}
diff --git a/lib/noticeform.php b/lib/noticeform.php
index f0b704e87..02e35a8d7 100644
--- a/lib/noticeform.php
+++ b/lib/noticeform.php
@@ -211,7 +211,7 @@ class NoticeForm extends Form
'title' => common_local_url('geocode')));
$this->out->checkbox('notice_data-geo', _('Share my location'), true);
$this->out->elementEnd('div');
- $this->out->inlineScript(' var NoticeDataGeoShareDisable_text = "'._('Do not share my location.').'";'.
+ $this->out->inlineScript(' var NoticeDataGeoShareDisable_text = "'._('Do not share my location').'";'.
' var NoticeDataGeoInfoMinimize_text = "'._('Hide this info').'";');
}
diff --git a/lib/router.php b/lib/router.php
index 287d3c79f..6b87ed27f 100644
--- a/lib/router.php
+++ b/lib/router.php
@@ -88,7 +88,10 @@ class Router
$m->connect('doc/:title', array('action' => 'doc'));
- $m->connect('main/login?user_id=:user_id&token=:token', array('action'=>'login'), array('user_id'=> '[0-9]+', 'token'=>'.+'));
+ $m->connect('main/otp/:user_id/:token',
+ array('action' => 'otp'),
+ array('user_id' => '[0-9]+',
+ 'token' => '.+'));
// main stuff is repetitive
@@ -442,19 +445,19 @@ class Router
// Social graph
$m->connect('api/friends/ids/:id.:format',
- array('action' => 'apiFriends',
+ array('action' => 'apiuserfriends',
'ids_only' => true));
$m->connect('api/followers/ids/:id.:format',
- array('action' => 'apiFollowers',
+ array('action' => 'apiuserfollowers',
'ids_only' => true));
$m->connect('api/friends/ids.:format',
- array('action' => 'apiFriends',
+ array('action' => 'apiuserfriends',
'ids_only' => true));
$m->connect('api/followers/ids.:format',
- array('action' => 'apiFollowers',
+ array('action' => 'apiuserfollowers',
'ids_only' => true));
// account
diff --git a/lib/snapshot.php b/lib/snapshot.php
index 2a10c6b93..a16087ac0 100644
--- a/lib/snapshot.php
+++ b/lib/snapshot.php
@@ -173,8 +173,12 @@ class Snapshot
// XXX: Use OICU2 and OAuth to make authorized requests
$reporturl = common_config('snapshot', 'reporturl');
- $request = HTTPClient::start();
- $request->post($reporturl, null, $this->stats);
+ try {
+ $request = HTTPClient::start();
+ $request->post($reporturl, null, $this->stats);
+ } catch (Exception $e) {
+ common_log(LOG_WARNING, "Error in snapshot: " . $e->getMessage());
+ }
}
/**
diff --git a/lib/subscriptionlist.php b/lib/subscriptionlist.php
index 89f63e321..e1207774f 100644
--- a/lib/subscriptionlist.php
+++ b/lib/subscriptionlist.php
@@ -123,7 +123,7 @@ class SubscriptionListItem extends ProfileListItem
}
$this->out->elementEnd('ul');
} else {
- $this->out->text(_('(none)'));
+ $this->out->text(_('(None)'));
}
$this->out->elementEnd('dd');
$this->out->elementEnd('dl');
diff --git a/lib/util.php b/lib/util.php
index 50bd0e2ac..3e52f5db1 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -119,6 +119,11 @@ function common_language()
function common_munge_password($password, $id)
{
+ if (is_object($id) || is_object($password)) {
+ $e = new Exception();
+ common_log(LOG_ERR, __METHOD__ . ' object in param to common_munge_password ' .
+ str_replace("\n", " ", $e->getTraceAsString()));
+ }
return md5($password . $id);
}
@@ -166,15 +171,27 @@ function common_ensure_session()
if (common_config('sessions', 'handle')) {
Session::setSaveHandler();
}
+ if (array_key_exists(session_name(), $_GET)) {
+ $id = $_GET[session_name()];
+ common_log(LOG_INFO, 'Setting session from GET parameter: '.$id);
+ } else if (array_key_exists(session_name(), $_COOKIE)) {
+ $id = $_COOKIE[session_name()];
+ common_log(LOG_INFO, 'Setting session from COOKIE: '.$id);
+ }
+ if (isset($id)) {
+ session_id($id);
+ setcookie(session_name(), $id);
+ }
@session_start();
if (!isset($_SESSION['started'])) {
$_SESSION['started'] = time();
- if (!empty($c)) {
+ if (!empty($id)) {
common_log(LOG_WARNING, 'Session cookie "' . $_COOKIE[session_name()] . '" ' .
' is set but started value is null');
}
}
}
+ common_debug("Session ID = " . session_id());
}
// Three kinds of arguments:
@@ -809,20 +826,50 @@ function common_path($relative, $ssl=false)
} else if (common_config('site', 'server')) {
$serverpart = common_config('site', 'server');
} else {
- common_log(LOG_ERR, 'Site Sever not configured, unable to determine site name.');
+ common_log(LOG_ERR, 'Site server not configured, unable to determine site name.');
}
} else {
$proto = 'http';
if (common_config('site', 'server')) {
$serverpart = common_config('site', 'server');
} else {
- common_log(LOG_ERR, 'Site Sever not configured, unable to determine site name.');
+ common_log(LOG_ERR, 'Site server not configured, unable to determine site name.');
}
}
+ $relative = common_inject_session($relative, $serverpart);
+
return $proto.'://'.$serverpart.'/'.$pathpart.$relative;
}
+function common_inject_session($url, $serverpart = null)
+{
+ if (common_have_session()) {
+
+ if (empty($serverpart)) {
+ $serverpart = parse_url($url, PHP_URL_HOST);
+ }
+
+ $currentServer = $_SERVER['HTTP_HOST'];
+
+ // Are we pointing to another server (like an SSL server?)
+
+ if (!empty($currentServer) &&
+ 0 != strcasecmp($currentServer, $serverpart)) {
+ // Pass the session ID as a GET parameter
+ $sesspart = session_name() . '=' . session_id();
+ $i = strpos($url, '?');
+ if ($i === false) { // no GET params, just append
+ $url .= '?' . $sesspart;
+ } else {
+ $url = substr($url, 0, $i + 1).$sesspart.'&'.substr($url, $i + 1);
+ }
+ }
+ }
+
+ return $url;
+}
+
function common_date_string($dt)
{
// XXX: do some sexy date formatting
@@ -1010,7 +1057,12 @@ function common_profile_url($nickname)
function common_root_url($ssl=false)
{
- return common_path('', $ssl);
+ $url = common_path('', $ssl);
+ $i = strpos($url, '?');
+ if ($i !== false) {
+ $url = substr($url, 0, $i);
+ }
+ return $url;
}
// returns $bytes bytes of random data as a hexadecimal string