summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/action.php56
-rw-r--r--lib/apiaction.php16
-rw-r--r--lib/apioauth.php43
-rw-r--r--lib/apioauthstore.php70
-rw-r--r--lib/clienterroraction.php26
-rw-r--r--lib/common.php4
-rw-r--r--lib/connectsettingsaction.php4
-rw-r--r--lib/default.php6
-rw-r--r--lib/deletegroupform.php123
-rw-r--r--lib/dofollowlistitem.php88
-rw-r--r--lib/error.php73
-rw-r--r--lib/htmloutputter.php76
-rw-r--r--lib/info.php118
-rw-r--r--lib/installer.php42
-rw-r--r--lib/oauthstore.php30
-rw-r--r--lib/right.php1
-rw-r--r--lib/router.php2
-rw-r--r--lib/servererroraction.php23
-rw-r--r--lib/serverexception.php2
-rw-r--r--lib/statusnet.php15
-rw-r--r--lib/theme.php78
-rw-r--r--lib/util.php14
22 files changed, 713 insertions, 197 deletions
diff --git a/lib/action.php b/lib/action.php
index ddc058d41..55ee83bde 100644
--- a/lib/action.php
+++ b/lib/action.php
@@ -175,8 +175,9 @@ class Action extends HTMLOutputter // lawsuit
$this->element('link', array('rel' => 'shortcut icon',
'href' => Theme::path('favicon.ico')));
} else {
+ // favicon.ico should be HTTPS if the rest of the page is
$this->element('link', array('rel' => 'shortcut icon',
- 'href' => common_path('favicon.ico')));
+ 'href' => common_path('favicon.ico', StatusNet::isHTTPS())));
}
if (common_config('site', 'mobile')) {
@@ -397,7 +398,10 @@ class Action extends HTMLOutputter // lawsuit
Event::handle('EndShowSiteNotice', array($this));
}
if (common_logged_in()) {
- $this->showNoticeForm();
+ if (Event::handle('StartShowNoticeForm', array($this))) {
+ $this->showNoticeForm();
+ Event::handle('EndShowNoticeForm', array($this));
+ }
} else {
$this->showAnonymousMessage();
}
@@ -422,11 +426,35 @@ class Action extends HTMLOutputter // lawsuit
}
$this->elementStart('a', array('class' => 'url home bookmark',
'href' => $url));
- if (common_config('site', 'logo') || file_exists(Theme::file('logo.png'))) {
+
+ if (StatusNet::isHTTPS()) {
+ $logoUrl = common_config('site', 'ssllogo');
+ if (empty($logoUrl)) {
+ // if logo is an uploaded file, try to fall back to HTTPS file URL
+ $httpUrl = common_config('site', 'logo');
+ if (!empty($httpUrl)) {
+ $f = File::staticGet('url', $httpUrl);
+ if (!empty($f) && !empty($f->filename)) {
+ // this will handle the HTTPS case
+ $logoUrl = File::url($f->filename);
+ }
+ }
+ }
+ } else {
+ $logoUrl = common_config('site', 'logo');
+ }
+
+ if (empty($logoUrl) && file_exists(Theme::file('logo.png'))) {
+ // This should handle the HTTPS case internally
+ $logoUrl = Theme::path('logo.png');
+ }
+
+ if (!empty($logoUrl)) {
$this->element('img', array('class' => 'logo photo',
- 'src' => (common_config('site', 'logo')) ? common_config('site', 'logo') : Theme::path('logo.png'),
+ 'src' => $logoUrl,
'alt' => common_config('site', 'name')));
}
+
$this->text(' ');
$this->element('span', array('class' => 'fn org'), common_config('site', 'name'));
$this->elementEnd('a');
@@ -891,8 +919,26 @@ class Action extends HTMLOutputter // lawsuit
case 'cc': // fall through
default:
$this->elementStart('p');
+
+ $image = common_config('license', 'image');
+ $sslimage = common_config('license', 'sslimage');
+
+ if (StatusNet::isHTTPS()) {
+ if (!empty($sslimage)) {
+ $url = $sslimage;
+ } else if (preg_match('#^http://i.creativecommons.org/#', $image)) {
+ // CC support HTTPS on their images
+ $url = preg_replace('/^http/', 'https', $image);
+ } else {
+ // Better to show mixed content than no content
+ $url = $image;
+ }
+ } else {
+ $url = $image;
+ }
+
$this->element('img', array('id' => 'license_cc',
- 'src' => common_config('license', 'image'),
+ 'src' => $url,
'alt' => common_config('license', 'title'),
'width' => '80',
'height' => '15'));
diff --git a/lib/apiaction.php b/lib/apiaction.php
index 0ebf88282..afba8ab63 100644
--- a/lib/apiaction.php
+++ b/lib/apiaction.php
@@ -1244,23 +1244,29 @@ class ApiAction extends Action
// Do not emit error header for JSONP
if (!isset($this->callback)) {
- header('HTTP/1.1 '.$code.' '.$status_string);
+ header('HTTP/1.1 ' . $code . ' ' . $status_string);
}
- if ($format == 'xml') {
+ switch($format) {
+ case 'xml':
$this->initDocument('xml');
$this->elementStart('hash');
$this->element('error', null, $msg);
$this->element('request', null, $_SERVER['REQUEST_URI']);
$this->elementEnd('hash');
$this->endDocument('xml');
- } elseif ($format == 'json'){
+ break;
+ case 'json':
$this->initDocument('json');
$error_array = array('error' => $msg, 'request' => $_SERVER['REQUEST_URI']);
print(json_encode($error_array));
$this->endDocument('json');
- } else {
-
+ break;
+ case 'text':
+ header('Content-Type: text/plain; charset=utf-8');
+ print $msg;
+ break;
+ default:
// If user didn't request a useful format, throw a regular client error
throw new ClientException($msg, $code);
}
diff --git a/lib/apioauth.php b/lib/apioauth.php
index 1c87e4232..54cecf92a 100644
--- a/lib/apioauth.php
+++ b/lib/apioauth.php
@@ -30,13 +30,12 @@
if (!defined('STATUSNET')) {
exit(1);
}
-
+require_once INSTALLDIR . '/lib/apiaction.php';
require_once INSTALLDIR . '/lib/apioauthstore.php';
/**
- * Base action for API OAuth enpoints. Clean up the
- * the request, and possibly some other common things
- * here.
+ * Base action for API OAuth enpoints. Clean up the
+ * request. Some other common functions.
*
* @category API
* @package StatusNet
@@ -44,7 +43,7 @@ require_once INSTALLDIR . '/lib/apioauthstore.php';
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
-class ApiOauthAction extends Action
+class ApiOauthAction extends ApiAction
{
/**
* Is this a read-only action?
@@ -77,6 +76,12 @@ class ApiOauthAction extends Action
self::cleanRequest();
}
+ /*
+ * Clean up the request so the OAuth library doesn't find
+ * any extra parameters or anything else it's not expecting.
+ * I'm looking at you, p parameter.
+ */
+
static function cleanRequest()
{
// kill evil effects of magical slashing
@@ -86,31 +91,19 @@ class ApiOauthAction extends Action
}
// strip out the p param added in index.php
-
- // XXX: should we strip anything else? Or alternatively
- // only allow a known list of params?
unset($_GET['p']);
unset($_POST['p']);
- }
+ unset($_REQUEST['p']);
- function getCallback($url, $params)
- {
- foreach ($params as $k => $v) {
- $url = $this->appendQueryVar($url,
- OAuthUtil::urlencode_rfc3986($k),
- OAuthUtil::urlencode_rfc3986($v));
+ $queryArray = explode('&', $_SERVER['QUERY_STRING']);
+
+ for ($i = 0; $i < sizeof($queryArray); $i++) {
+ if (substr($queryArray[$i], 0, 2) == 'p=') {
+ unset($queryArray[$i]);
+ }
}
- return $url;
+ $_SERVER['QUERY_STRING'] = implode('&', $queryArray);
}
- function appendQueryVar($url, $k, $v) {
- $url = preg_replace('/(.*)(\?|&)' . $k . '=[^&]+?(&)(.*)/i', '$1$2$4', $url . '&');
- $url = substr($url, 0, -1);
- if (strpos($url, '?') === false) {
- return ($url . '?' . $k . '=' . $v);
- } else {
- return ($url . '&' . $k . '=' . $v);
- }
- }
}
diff --git a/lib/apioauthstore.php b/lib/apioauthstore.php
index eca93866f..f3bf0b857 100644
--- a/lib/apioauthstore.php
+++ b/lib/apioauthstore.php
@@ -71,33 +71,37 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
}
}
- function new_access_token($token, $consumer)
+ function new_access_token($token, $consumer, $verifier)
{
- common_debug('new_access_token("'.$token->key.'","'.$consumer->key.'")', __FILE__);
+ common_debug(
+ 'new_access_token("' . $token->key . '","' . $consumer->key. '","' . $verifier . '")',
+ __FILE__
+ );
$rt = new Token();
+
$rt->consumer_key = $consumer->key;
- $rt->tok = $token->key;
- $rt->type = 0; // request
+ $rt->tok = $token->key;
+ $rt->type = 0; // request
$app = Oauth_application::getByConsumerKey($consumer->key);
+ assert(!empty($app));
- if (empty($app)) {
- common_debug("empty app!");
- }
+ if ($rt->find(true) && $rt->state == 1 && $rt->verifier == $verifier) { // authorized
- if ($rt->find(true) && $rt->state == 1) { // authorized
common_debug('request token found.', __FILE__);
// find the associated user of the app
$appUser = new Oauth_application_user();
+
$appUser->application_id = $app->id;
- $appUser->token = $rt->tok;
+ $appUser->token = $rt->tok;
+
$result = $appUser->find(true);
if (!empty($result)) {
- common_debug("Oath app user found.");
+ common_debug("Ouath app user found.");
} else {
common_debug("Oauth app user not found. app id $app->id token $rt->tok");
return null;
@@ -106,10 +110,12 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
// go ahead and make the access token
$at = new Token();
- $at->consumer_key = $consumer->key;
- $at->tok = common_good_rand(16);
- $at->secret = common_good_rand(16);
- $at->type = 1; // access
+ $at->consumer_key = $consumer->key;
+ $at->tok = common_good_rand(16);
+ $at->secret = common_good_rand(16);
+ $at->type = 1; // access
+ $at->verifier = $verifier;
+ $at->verified_callback = $rt->verified_callback; // 1.0a
$at->created = DB_DataObject_Cast::dateTime();
if (!$at->insert()) {
@@ -183,4 +189,40 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
throw new Exception(_('Failed to delete revoked token.'));
}
}
+
+ /*
+ * Create a new request token. Overrided to support OAuth 1.0a callback
+ *
+ * @param OAuthConsumer $consumer the OAuth Consumer for this token
+ * @param string $callback the verified OAuth callback URL
+ *
+ * @return OAuthToken $token a new unauthorized OAuth request token
+ */
+
+ function new_request_token($consumer, $callback)
+ {
+ $t = new Token();
+ $t->consumer_key = $consumer->key;
+ $t->tok = common_good_rand(16);
+ $t->secret = common_good_rand(16);
+ $t->type = 0; // request
+ $t->state = 0; // unauthorized
+ $t->verified_callback = $callback;
+
+ if ($callback === 'oob') {
+ // six digit pin
+ $t->verifier = mt_rand(0, 9999999);
+ } else {
+ $t->verifier = common_good_rand(8);
+ }
+
+ $t->created = DB_DataObject_Cast::dateTime();
+ if (!$t->insert()) {
+ return null;
+ } else {
+ return new OAuthToken($t->tok, $t->secret);
+ }
+ }
+
+
}
diff --git a/lib/clienterroraction.php b/lib/clienterroraction.php
index 08bced5bd..9233c9bde 100644
--- a/lib/clienterroraction.php
+++ b/lib/clienterroraction.php
@@ -12,7 +12,7 @@
* @link http://status.net/
*
* StatusNet - the distributed open-source microblogging tool
- * Copyright (C) 2008, 2009, StatusNet, Inc.
+ * Copyright (C) 2008-2010 StatusNet, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
@@ -32,7 +32,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
exit(1);
}
-require_once INSTALLDIR.'/lib/error.php';
+require_once INSTALLDIR . '/lib/error.php';
/**
* Class for displaying HTTP client errors
@@ -90,4 +90,26 @@ class ClientErrorAction extends ErrorAction
$this->showPage();
}
+
+ /**
+ * To specify additional HTTP headers for the action
+ *
+ * @return void
+ */
+ function extraHeaders()
+ {
+ $status_string = @self::$status[$this->code];
+ header('HTTP/1.1 '.$this->code.' '.$status_string);
+ }
+
+ /**
+ * Page title.
+ *
+ * @return page title
+ */
+
+ function title()
+ {
+ return @self::$status[$this->code];
+ }
}
diff --git a/lib/common.php b/lib/common.php
index 236f2d68a..c2117164c 100644
--- a/lib/common.php
+++ b/lib/common.php
@@ -22,10 +22,10 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
//exit with 200 response, if this is checking fancy from the installer
if (isset($_REQUEST['p']) && $_REQUEST['p'] == 'check-fancy') { exit; }
-define('STATUSNET_VERSION', '0.9.5');
+define('STATUSNET_VERSION', '0.9.6');
define('LACONICA_VERSION', STATUSNET_VERSION); // compatibility
-define('STATUSNET_CODENAME', 'What\'s The Frequency, Kenneth?');
+define('STATUSNET_CODENAME', 'Man on the Moon');
define('AVATAR_PROFILE_SIZE', 96);
define('AVATAR_STREAM_SIZE', 48);
diff --git a/lib/connectsettingsaction.php b/lib/connectsettingsaction.php
index bb2e86176..325276c5f 100644
--- a/lib/connectsettingsaction.php
+++ b/lib/connectsettingsaction.php
@@ -116,9 +116,9 @@ class ConnectSettingsNav extends Widget
}
$menu['oauthconnectionssettings'] = array(
- // TRANS: Menu item for OAth connection settings.
+ // TRANS: Menu item for OuAth connection settings.
_m('MENU','Connections'),
- // TRANS: Tooltip for connected applications (Connections through OAth) menu item.
+ // TRANS: Tooltip for connected applications (Connections through OAuth) menu item.
_('Authorized connected applications')
);
diff --git a/lib/default.php b/lib/default.php
index 45e35e83d..a19453fce 100644
--- a/lib/default.php
+++ b/lib/default.php
@@ -37,6 +37,7 @@ $default =
'path' => $_path,
'logfile' => null,
'logo' => null,
+ 'ssllogo' => null,
'logdebug' => false,
'fancy' => false,
'locale_path' => INSTALLDIR.'/locale',
@@ -210,6 +211,8 @@ $default =
array('server' => null,
'dir' => INSTALLDIR . '/file/',
'path' => $_path . '/file/',
+ 'sslserver' => null,
+ 'sslpath' => null,
'ssl' => null,
'supported' => array('image/png',
'image/jpeg',
@@ -314,7 +317,8 @@ $default =
'nofollow' =>
array('subscribers' => true,
'members' => true,
- 'peopletag' => true),
+ 'peopletag' => true,
+ 'external' => 'sometimes'), // Options: 'sometimes', 'never', default = 'sometimes'
'http' => // HTTP client settings when contacting other sites
array('ssl_cafile' => false, // To enable SSL cert validation, point to a CA bundle (eg '/usr/lib/ssl/certs/ca-certificates.crt')
'curl' => false, // Use CURL backend for HTTP fetches if available. (If not, PHP's socket streams will be used.)
diff --git a/lib/deletegroupform.php b/lib/deletegroupform.php
new file mode 100644
index 000000000..9d8012d33
--- /dev/null
+++ b/lib/deletegroupform.php
@@ -0,0 +1,123 @@
+<?php
+/**
+ * StatusNet, the distributed open-source microblogging tool
+ *
+ * Form for joining a group
+ *
+ * PHP version 5
+ *
+ * LICENCE: This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @category Form
+ * @package StatusNet
+ * @author Evan Prodromou <evan@status.net>
+ * @author Sarven Capadisli <csarven@status.net>
+ * @author Brion Vibber <brion@status.net>
+ * @copyright 2009, 2010 StatusNet, Inc.
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link http://status.net/
+ */
+
+if (!defined('STATUSNET')) {
+ exit(1);
+}
+
+/**
+ * Form for deleting a group
+ *
+ * @category Form
+ * @package StatusNet
+ * @author Evan Prodromou <evan@status.net>
+ * @author Sarven Capadisli <csarven@status.net>
+ * @author Brion Vibber <brion@status.net>
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link http://status.net/
+ *
+ * @see UnsubscribeForm
+ * @fixme merge a bunch of this stuff with similar form types to reduce boilerplate
+ */
+
+class DeleteGroupForm extends Form
+{
+ /**
+ * group for user to delete
+ */
+
+ var $group = null;
+
+ /**
+ * Constructor
+ *
+ * @param HTMLOutputter $out output channel
+ * @param group $group group to join
+ */
+
+ function __construct($out=null, $group=null)
+ {
+ parent::__construct($out);
+
+ $this->group = $group;
+ }
+
+ /**
+ * ID of the form
+ *
+ * @return string ID of the form
+ */
+
+ function id()
+ {
+ return 'group-delete-' . $this->group->id;
+ }
+
+ /**
+ * class of the form
+ *
+ * @return string of the form class
+ */
+
+ function formClass()
+ {
+ return 'form_group_delete';
+ }
+
+ /**
+ * Action of the form
+ *
+ * @return string URL of the action
+ */
+
+ function action()
+ {
+ return common_local_url('deletegroup',
+ array('id' => $this->group->id));
+ }
+
+ function formData()
+ {
+ $this->out->hidden($this->id() . '-returnto-action', 'groupbyid', 'returnto-action');
+ $this->out->hidden($this->id() . '-returnto-id', $this->group->id, 'returnto-id');
+ }
+
+ /**
+ * Action elements
+ *
+ * @return void
+ */
+
+ function formActions()
+ {
+ $this->out->submit('submit', _('Delete'));
+ }
+}
diff --git a/lib/dofollowlistitem.php b/lib/dofollowlistitem.php
new file mode 100644
index 000000000..80e2d0b0a
--- /dev/null
+++ b/lib/dofollowlistitem.php
@@ -0,0 +1,88 @@
+<?php
+/**
+ * StatusNet, the distributed open-source microblogging tool
+ *
+ * widget for displaying a list of notices
+ *
+ * PHP version 5
+ *
+ * LICENCE: This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @category UI
+ * @package StatusNet
+ * @author Evan Prodromou <evan@status.net>
+ * @copyright 2010 StatusNet, Inc.
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3
+ * @link http://status.net/
+ */
+
+if (!defined('STATUSNET')) {
+ exit(1);
+}
+
+require_once INSTALLDIR.'/lib/noticelist.php';
+
+/**
+ * StatusNet, the distributed open-source microblogging tool
+ *
+ * Widget superclass for notice list items that remove rel=nofollow
+ *
+ * When nofollow|external = 'sometimes', notices get rendered and saved
+ * with rel=nofollow for external links. We want to remove that relationship
+ * on some pages (profile, single notice, faves). This superclass for
+ * some noticelistitems will strip that bit of code out when showing
+ * notice content
+ *
+ * @category UI
+ * @package StatusNet
+ * @author Evan Prodromou <evan@status.net>
+ * @copyright 2010 StatusNet, Inc.
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3
+ * @link http://status.net/
+ */
+
+class DoFollowListItem extends NoticeListItem
+{
+ /**
+ * show the content of the notice
+ *
+ * Trims out the rel=nofollow for external links
+ * if nofollow|external = 'sometimes'
+ *
+ * @return void
+ */
+
+ function showContent()
+ {
+ // FIXME: URL, image, video, audio
+ $this->out->elementStart('p', array('class' => 'entry-content'));
+
+ if (!empty($this->notice->rendered)) {
+ $html = $this->notice->rendered;
+ } else {
+ $html = common_render_content($this->notice->content, $this->notice);
+ }
+
+ if (common_config('nofollow', 'external') == 'sometimes') {
+ // remove the nofollow part
+ // XXX: cache the results here
+
+ $html = preg_replace('/rel="(.*)nofollow ?/', 'rel="\1', $html);
+ }
+
+ $this->out->raw($html);
+
+ $this->out->elementEnd('p');
+ }
+} \ No newline at end of file
diff --git a/lib/error.php b/lib/error.php
index a6a29119f..762425dc4 100644
--- a/lib/error.php
+++ b/lib/error.php
@@ -33,6 +33,8 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
exit(1);
}
+require_once INSTALLDIR . '/lib/info.php';
+
/**
* Base class for displaying HTTP errors
*
@@ -42,7 +44,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
* @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
* @link http://status.net/
*/
-class ErrorAction extends Action
+class ErrorAction extends InfoAction
{
static $status = array();
@@ -52,7 +54,7 @@ class ErrorAction extends Action
function __construct($message, $code, $output='php://output', $indent=null)
{
- parent::__construct($output, $indent);
+ parent::__construct(null, $message, $output, $indent);
$this->code = $code;
$this->message = $message;
@@ -64,43 +66,6 @@ class ErrorAction extends Action
$this->prepare($_REQUEST);
}
- /**
- * To specify additional HTTP headers for the action
- *
- * @return void
- */
- function extraHeaders()
- {
- $status_string = @self::$status[$this->code];
- header('HTTP/1.1 '.$this->code.' '.$status_string);
- }
-
- /**
- * Display content.
- *
- * @return nothing
- */
- function showContent()
- {
- $this->element('div', array('class' => 'error'), $this->message);
- }
-
- /**
- * Page title.
- *
- * @return page title
- */
-
- function title()
- {
- return @self::$status[$this->code];
- }
-
- function isReadOnly($args)
- {
- return true;
- }
-
function showPage()
{
if ($this->minimal) {
@@ -116,32 +81,16 @@ class ErrorAction extends Action
exit();
}
- // Overload a bunch of stuff so the page isn't too bloated
-
- function showBody()
+ /**
+ * Display content.
+ *
+ * @return nothing
+ */
+ function showContent()
{
- $this->elementStart('body', array('id' => 'error'));
- $this->elementStart('div', array('id' => 'wrap'));
- $this->showHeader();
- $this->showCore();
- $this->showFooter();
- $this->elementEnd('div');
- $this->elementEnd('body');
+ $this->element('div', array('class' => 'error'), $this->message);
}
- function showCore()
- {
- $this->elementStart('div', array('id' => 'core'));
- $this->showContentBlock();
- $this->elementEnd('div');
- }
- function showHeader()
- {
- $this->elementStart('div', array('id' => 'header'));
- $this->showLogo();
- $this->showPrimaryNav();
- $this->elementEnd('div');
- }
}
diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php
index 44b029604..42bff4490 100644
--- a/lib/htmloutputter.php
+++ b/lib/htmloutputter.php
@@ -352,58 +352,74 @@ class HTMLOutputter extends XMLOutputter
*/
function script($src, $type='text/javascript')
{
- if(Event::handle('StartScriptElement', array($this,&$src,&$type))) {
+ if (Event::handle('StartScriptElement', array($this,&$src,&$type))) {
$url = parse_url($src);
- if( empty($url['scheme']) && empty($url['host']) && empty($url['query']) && empty($url['fragment']))
- {
+ if (empty($url['scheme']) && empty($url['host']) && empty($url['query']) && empty($url['fragment'])) {
+
+ // XXX: this seems like a big assumption
+
if (strpos($src, 'plugins/') === 0 || strpos($src, 'local/') === 0) {
- $src = common_path($src) . '?version=' . STATUSNET_VERSION;
+ $src = common_path($src, StatusNet::isHTTPS()) . '?version=' . STATUSNET_VERSION;
- }else{
+ } else {
- $path = common_config('javascript', 'path');
+ if (StatusNet::isHTTPS()) {
- if (empty($path)) {
- $path = common_config('site', 'path') . '/js/';
- }
+ $sslserver = common_config('javascript', 'sslserver');
- if ($path[strlen($path)-1] != '/') {
- $path .= '/';
- }
+ if (empty($sslserver)) {
+ if (is_string(common_config('site', 'sslserver')) &&
+ mb_strlen(common_config('site', 'sslserver')) > 0) {
+ $server = common_config('site', 'sslserver');
+ } else if (common_config('site', 'server')) {
+ $server = common_config('site', 'server');
+ }
+ $path = common_config('site', 'path') . '/js/';
+ } else {
+ $server = $sslserver;
+ $path = common_config('javascript', 'sslpath');
+ if (empty($path)) {
+ $path = common_config('javascript', 'path');
+ }
+ }
- if ($path[0] != '/') {
- $path = '/'.$path;
- }
+ $protocol = 'https';
- $server = common_config('javascript', 'server');
+ } else {
- if (empty($server)) {
- $server = common_config('site', 'server');
- }
+ $path = common_config('javascript', 'path');
- $ssl = common_config('javascript', 'ssl');
+ if (empty($path)) {
+ $path = common_config('site', 'path') . '/js/';
+ }
- if (is_null($ssl)) { // null -> guess
- if (common_config('site', 'ssl') == 'always' &&
- !common_config('javascript', 'server')) {
- $ssl = true;
- } else {
- $ssl = false;
+ $server = common_config('javascript', 'server');
+
+ if (empty($server)) {
+ $server = common_config('site', 'server');
}
+
+ $protocol = 'http';
}
- $protocol = ($ssl) ? 'https' : 'http';
+ if ($path[strlen($path)-1] != '/') {
+ $path .= '/';
+ }
+
+ if ($path[0] != '/') {
+ $path = '/'.$path;
+ }
$src = $protocol.'://'.$server.$path.$src . '?version=' . STATUSNET_VERSION;
}
}
$this->element('script', array('type' => $type,
- 'src' => $src),
- ' ');
+ 'src' => $src),
+ ' ');
Event::handle('EndScriptElement', array($this,$src,$type));
}
@@ -453,7 +469,7 @@ class HTMLOutputter extends XMLOutputter
if(file_exists(Theme::file($src,$theme))){
$src = Theme::path($src, $theme);
}else{
- $src = common_path($src);
+ $src = common_path($src, StatusNet::isHTTPS());
}
$src.= '?version=' . STATUSNET_VERSION;
}
diff --git a/lib/info.php b/lib/info.php
new file mode 100644
index 000000000..395c6522e
--- /dev/null
+++ b/lib/info.php
@@ -0,0 +1,118 @@
+<?php
+
+/**
+ * Information action
+ *
+ * PHP version 5
+ *
+ * @category Action
+ * @package StatusNet
+ * @author Zach Copley <zach@status.net>
+ * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link http://status.net/
+ *
+ * StatusNet - the distributed open-source microblogging tool
+ * Copyright (C) 2010, StatusNet, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+if (!defined('STATUSNET') && !defined('LACONICA')) {
+ exit(1);
+}
+
+/**
+ * Base class for displaying dialog box like messages to the user
+ *
+ * @category Action
+ * @package StatusNet
+ * @author Zach Copley <zach@status.net>
+ * @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
+ * @link http://status.net/
+ *
+ * @see ErrorAction
+ */
+
+class InfoAction extends Action
+{
+ var $message = null;
+
+ function __construct($title, $message, $output='php://output', $indent=null)
+ {
+ parent::__construct($output, $indent);
+
+ $this->message = $message;
+ $this->title = $title;
+
+ // XXX: hack alert: usually we aren't going to
+ // call this page directly, but because it's
+ // an action it needs an args array anyway
+ $this->prepare($_REQUEST);
+ }
+
+ /**
+ * Page title.
+ *
+ * @return page title
+ */
+
+ function title()
+ {
+ return empty($this->title) ? '' : $this->title;
+ }
+
+ function isReadOnly($args)
+ {
+ return true;
+ }
+
+ // Overload a bunch of stuff so the page isn't too bloated
+
+ function showBody()
+ {
+ $this->elementStart('body', array('id' => 'error'));
+ $this->elementStart('div', array('id' => 'wrap'));
+ $this->showHeader();
+ $this->showCore();
+ $this->showFooter();
+ $this->elementEnd('div');
+ $this->elementEnd('body');
+ }
+
+ function showCore()
+ {
+ $this->elementStart('div', array('id' => 'core'));
+ $this->showContentBlock();
+ $this->elementEnd('div');
+ }
+
+ function showHeader()
+ {
+ $this->elementStart('div', array('id' => 'header'));
+ $this->showLogo();
+ $this->showPrimaryNav();
+ $this->elementEnd('div');
+ }
+
+ /**
+ * Display content.
+ *
+ * @return nothing
+ */
+ function showContent()
+ {
+ $this->element('div', array('class' => 'info'), $this->message);
+ }
+
+}
diff --git a/lib/installer.php b/lib/installer.php
index c046eadea..a9d809011 100644
--- a/lib/installer.php
+++ b/lib/installer.php
@@ -392,6 +392,30 @@ abstract class Installer
}
/**
+ * Return a parseable PHP literal for the given value.
+ * This will include quotes for strings, etc.
+ *
+ * @param mixed $val
+ * @return string
+ */
+ function phpVal($val)
+ {
+ return var_export($val, true);
+ }
+
+ /**
+ * Return an array of parseable PHP literal for the given values.
+ * These will include quotes for strings, etc.
+ *
+ * @param mixed $val
+ * @return array
+ */
+ function phpVals($map)
+ {
+ return array_map(array($this, 'phpVal'), $map);
+ }
+
+ /**
* Write a stock configuration file.
*
* @return boolean success
@@ -400,24 +424,32 @@ abstract class Installer
*/
function writeConf()
{
+ $vals = $this->phpVals(array(
+ 'sitename' => $this->sitename,
+ 'server' => $this->server,
+ 'path' => $this->path,
+ 'db_database' => $this->db['database'],
+ 'db_type' => $this->db['type'],
+ ));
+
// assemble configuration file in a string
$cfg = "<?php\n".
"if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }\n\n".
// site name
- "\$config['site']['name'] = '{$this->sitename}';\n\n".
+ "\$config['site']['name'] = {$vals['sitename']};\n\n".
// site location
- "\$config['site']['server'] = '{$this->server}';\n".
- "\$config['site']['path'] = '{$this->path}'; \n\n".
+ "\$config['site']['server'] = {$vals['server']};\n".
+ "\$config['site']['path'] = {$vals['path']}; \n\n".
// checks if fancy URLs are enabled
($this->fancy ? "\$config['site']['fancy'] = true;\n\n":'').
// database
- "\$config['db']['database'] = '{$this->db['database']}';\n\n".
+ "\$config['db']['database'] = {$vals['db_database']};\n\n".
($this->db['type'] == 'pgsql' ? "\$config['db']['quote_identifiers'] = true;\n\n":'').
- "\$config['db']['type'] = '{$this->db['type']}';\n\n";
+ "\$config['db']['type'] = {$vals['db_type']};\n\n";
// Normalize line endings for Windows servers
$cfg = str_replace("\n", PHP_EOL, $cfg);
diff --git a/lib/oauthstore.php b/lib/oauthstore.php
index f3ee629fd..1c8e72500 100644
--- a/lib/oauthstore.php
+++ b/lib/oauthstore.php
@@ -55,6 +55,17 @@ class StatusNetOAuthDataStore extends OAuthDataStore
}
}
+ function getTokenByKey($token_key)
+ {
+ $t = new Token();
+ $t->tok = $token_key;
+ if ($t->find(true)) {
+ return $t;
+ } else {
+ return null;
+ }
+ }
+
// http://oauth.net/core/1.0/#nonce
// "The Consumer SHALL then generate a Nonce value that is unique for
// all requests with that timestamp."
@@ -317,13 +328,18 @@ class StatusNetOAuthDataStore extends OAuthDataStore
function add_avatar($profile, $url)
{
$temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar');
- copy($url, $temp_filename);
- $imagefile = new ImageFile($profile->id, $temp_filename);
- $filename = Avatar::filename($profile->id,
- image_type_to_extension($imagefile->type),
- null,
- common_timestamp());
- rename($temp_filename, Avatar::path($filename));
+ try {
+ copy($url, $temp_filename);
+ $imagefile = new ImageFile($profile->id, $temp_filename);
+ $filename = Avatar::filename($profile->id,
+ image_type_to_extension($imagefile->type),
+ null,
+ common_timestamp());
+ rename($temp_filename, Avatar::path($filename));
+ } catch (Exception $e) {
+ unlink($temp_filename);
+ throw $e;
+ }
return $profile->setOriginal($filename);
}
diff --git a/lib/right.php b/lib/right.php
index deb451fde..bacbea5f2 100644
--- a/lib/right.php
+++ b/lib/right.php
@@ -60,5 +60,6 @@ class Right
const MAKEGROUPADMIN = 'makegroupadmin';
const GRANTROLE = 'grantrole';
const REVOKEROLE = 'revokerole';
+ const DELETEGROUP = 'deletegroup';
}
diff --git a/lib/router.php b/lib/router.php
index 00b299373..b1cc8d529 100644
--- a/lib/router.php
+++ b/lib/router.php
@@ -276,7 +276,7 @@ class Router
$m->connect('group/new', array('action' => 'newgroup'));
- foreach (array('edit', 'join', 'leave') as $v) {
+ foreach (array('edit', 'join', 'leave', 'delete') as $v) {
$m->connect('group/:nickname/'.$v,
array('action' => $v.'group'),
array('nickname' => '[a-zA-Z0-9]+'));
diff --git a/lib/servererroraction.php b/lib/servererroraction.php
index 9b5a553dc..54cc99099 100644
--- a/lib/servererroraction.php
+++ b/lib/servererroraction.php
@@ -96,4 +96,27 @@ class ServerErrorAction extends ErrorAction
$this->showPage();
}
+
+ /**
+ * To specify additional HTTP headers for the action
+ *
+ * @return void
+ */
+ function extraHeaders()
+ {
+ $status_string = @self::$status[$this->code];
+ header('HTTP/1.1 '.$this->code.' '.$status_string);
+ }
+
+ /**
+ * Page title.
+ *
+ * @return page title
+ */
+
+ function title()
+ {
+ return @self::$status[$this->code];
+ }
+
}
diff --git a/lib/serverexception.php b/lib/serverexception.php
index 7dc9765ad..0dfbd04ff 100644
--- a/lib/serverexception.php
+++ b/lib/serverexception.php
@@ -22,7 +22,7 @@
* @category Exception
* @package StatusNet
* @author Evan Prodromou <evan@status.net>
- * @copyright 2008 StatusNet, Inc.
+ * @copyright 2008-2010 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
diff --git a/lib/statusnet.php b/lib/statusnet.php
index 7cb831696..33bf32b10 100644
--- a/lib/statusnet.php
+++ b/lib/statusnet.php
@@ -169,7 +169,6 @@ class StatusNet
return $sites;
}
-
/**
* Fire initialization events for all instantiated plugins.
*/
@@ -220,7 +219,7 @@ class StatusNet
{
return self::$is_api;
}
-
+
public function setApi($mode)
{
self::$is_api = $mode;
@@ -368,6 +367,18 @@ class StatusNet
}
}
}
+
+ /**
+ * Are we running from the web with HTTPS?
+ *
+ * @return boolean true if we're running with HTTPS; else false
+ */
+
+ static function isHTTPS()
+ {
+ // There are some exceptions to this; add them here!
+ return !empty($_SERVER['HTTPS']);
+ }
}
class NoConfigException extends Exception
diff --git a/lib/theme.php b/lib/theme.php
index 992fce870..95b7c1de4 100644
--- a/lib/theme.php
+++ b/lib/theme.php
@@ -38,7 +38,7 @@ if (!defined('STATUSNET') && !defined('LACONICA')) {
* Themes are directories with some expected sub-directories and files
* in them. They're found in either local/theme (for locally-installed themes)
* or theme/ subdir of installation dir.
- *
+ *
* Note that the 'local' directory can be overridden as $config['local']['path']
* and $config['local']['dir'] etc.
*
@@ -104,56 +104,72 @@ class Theme
/**
* Build a full URL to the given theme's base directory, possibly
* using an offsite theme server path.
- *
+ *
* @param string $group configuration section name to pull paths from
* @param string $fallbackSubdir default subdirectory under INSTALLDIR
* @param string $name theme name
- *
+ *
* @return string URL
- *
+ *
* @todo consolidate code with that for other customizable paths
*/
protected function relativeThemePath($group, $fallbackSubdir, $name)
{
- $path = common_config($group, 'path');
+ if (StatusNet::isHTTPS()) {
- if (empty($path)) {
- $path = common_config('site', 'path') . '/';
- if ($fallbackSubdir) {
- $path .= $fallbackSubdir . '/';
+ $sslserver = common_config($group, 'sslserver');
+
+ if (empty($sslserver)) {
+ if (is_string(common_config('site', 'sslserver')) &&
+ mb_strlen(common_config('site', 'sslserver')) > 0) {
+ $server = common_config('site', 'sslserver');
+ } else if (common_config('site', 'server')) {
+ $server = common_config('site', 'server');
+ }
+ $path = common_config('site', 'path') . '/';
+ if ($fallbackSubdir) {
+ $path .= $fallbackSubdir . '/';
+ }
+ } else {
+ $server = $sslserver;
+ $path = common_config($group, 'sslpath');
+ if (empty($path)) {
+ $path = common_config($group, 'path');
+ }
}
- }
- if ($path[strlen($path)-1] != '/') {
- $path .= '/';
- }
+ $protocol = 'https';
- if ($path[0] != '/') {
- $path = '/'.$path;
- }
+ } else {
- $server = common_config($group, 'server');
+ $path = common_config($group, 'path');
- if (empty($server)) {
- $server = common_config('site', 'server');
- }
+ if (empty($path)) {
+ $path = common_config('site', 'path') . '/';
+ if ($fallbackSubdir) {
+ $path .= $fallbackSubdir . '/';
+ }
+ }
- $ssl = common_config($group, 'ssl');
+ $server = common_config($group, 'server');
- if (is_null($ssl)) { // null -> guess
- if (common_config('site', 'ssl') == 'always' &&
- !common_config($group, 'server')) {
- $ssl = true;
- } else {
- $ssl = false;
+ if (empty($server)) {
+ $server = common_config('site', 'server');
}
+
+ $protocol = 'http';
}
- $protocol = ($ssl) ? 'https' : 'http';
+ if ($path[strlen($path)-1] != '/') {
+ $path .= '/';
+ }
- $path = $protocol . '://'.$server.$path.$name;
- return $path;
+ if ($path[0] != '/') {
+ $path = '/'.$path;
+ }
+
+ return $protocol.'://'.$server.$path.$name;
}
/**
@@ -221,7 +237,7 @@ class Theme
/**
* Pull data from the theme's theme.ini file.
* @fixme calling getFile will fall back to default theme, this may be unsafe.
- *
+ *
* @return associative array of strings
*/
function getMetadata()
diff --git a/lib/util.php b/lib/util.php
index c05fcf15a..5a94182bd 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -145,7 +145,6 @@ function common_switch_locale($language=null)
textdomain("statusnet");
}
-
function common_timezone()
{
if (common_logged_in()) {
@@ -860,7 +859,8 @@ function common_linkify($url) {
$longurl = $url;
}
}
- $attrs = array('href' => $canon, 'title' => $longurl, 'rel' => 'external');
+
+ $attrs = array('href' => $canon, 'title' => $longurl);
$is_attachment = false;
$attachment_id = null;
@@ -896,6 +896,16 @@ function common_linkify($url) {
$attrs['id'] = "attachment-{$attachment_id}";
}
+ // Whether to nofollow
+
+ $nf = common_config('nofollow', 'external');
+
+ if ($nf == 'never') {
+ $attrs['rel'] = 'external';
+ } else {
+ $attrs['rel'] = 'nofollow external';
+ }
+
return XMLStringer::estring('a', $attrs, $url);
}