diff options
Diffstat (limited to 'lib')
34 files changed, 1812 insertions, 288 deletions
diff --git a/lib/action.php b/lib/action.php index 427b85427..0e5d7ae36 100644 --- a/lib/action.php +++ b/lib/action.php @@ -274,15 +274,15 @@ class Action extends HTMLOutputter // lawsuit if (Event::handle('StartShowScripts', array($this))) { if (Event::handle('StartShowJQueryScripts', array($this))) { $this->script('jquery.min.js'); - $this->script('jquery.form.js'); - $this->script('jquery.cookie.js'); - $this->inlineScript('if (typeof window.JSON !== "object") { $.getScript("'.common_path('js/json2.js').'"); }'); + $this->script('jquery.form.min.js'); + $this->script('jquery.cookie.min.js'); + $this->inlineScript('if (typeof window.JSON !== "object") { $.getScript("'.common_path('js/json2.min.js').'"); }'); $this->script('jquery.joverlay.min.js'); Event::handle('EndShowJQueryScripts', array($this)); } if (Event::handle('StartShowStatusNetScripts', array($this)) && Event::handle('StartShowLaconicaScripts', array($this))) { - $this->script('util.js'); + $this->script('util.min.js'); $this->showScriptMessages(); // Frame-busting code to avoid clickjacking attacks. $this->inlineScript('if (window.top !== window.self) { window.top.location.href = window.self.location.href; }'); @@ -300,9 +300,11 @@ class Action extends HTMLOutputter // lawsuit * events and appending to the array. Try to avoid adding strings that won't be used, as * they'll be added to HTML output. */ + function showScriptMessages() { $messages = array(); + if (Event::handle('StartScriptMessages', array($this, &$messages))) { // Common messages needed for timeline views etc... @@ -310,11 +312,14 @@ class Action extends HTMLOutputter // lawsuit $messages['showmore_tooltip'] = _m('TOOLTIP', 'Show more'); $messages = array_merge($messages, $this->getScriptMessages()); + + Event::handle('EndScriptMessages', array($this, &$messages)); } - Event::handle('EndScriptMessages', array($this, &$messages)); - if ($messages) { + + if (!empty($messages)) { $this->inlineScript('SN.messages=' . json_encode($messages)); } + return $messages; } @@ -1404,4 +1409,15 @@ class Action extends HTMLOutputter // lawsuit $this->clientError(_('There was a problem with your session token.')); } } + + /** + * Check if the current request is a POST + * + * @return boolean true if POST; otherwise false. + */ + + function isPost() + { + return ($_SERVER['REQUEST_METHOD'] == 'POST'); + } } diff --git a/lib/activity.php b/lib/activity.php index e974ca991..d3eeadcee 100644 --- a/lib/activity.php +++ b/lib/activity.php @@ -101,6 +101,11 @@ class Activity public $categories = array(); // list of AtomCategory objects public $enclosures = array(); // list of enclosure URL references + public $extra = array(); // extra elements as array(tag, attrs, content) + public $source; // ActivitySource object representing 'home feed' + public $selfLink; // <link rel='self' type='application/atom+xml'> + public $editLink; // <link rel='edit' type='application/atom+xml'> + /** * Turns a regular old Atom <entry> into a magical activity * @@ -235,6 +240,11 @@ class Activity foreach (ActivityUtils::getLinks($entry, 'enclosure') as $link) { $this->enclosures[] = $link->getAttribute('href'); } + + // From APP. Might be useful. + + $this->selfLink = ActivityUtils::getLink($entry, 'self', 'application/atom+xml'); + $this->editLink = ActivityUtils::getLink($entry, 'edit', 'application/atom+xml'); } function _fromRssItem($item, $channel) @@ -319,38 +329,86 @@ class Activity function asString($namespace=false, $author=true) { + $c = Cache::instance(); + + $str = $c->get(Cache::codeKey('activity:as-string:'.$this->id)); + + if (!empty($str)) { + return $str; + } + $xs = new XMLStringer(true); if ($namespace) { $attrs = array('xmlns' => 'http://www.w3.org/2005/Atom', + 'xmlns:thr' => 'http://purl.org/syndication/thread/1.0', 'xmlns:activity' => 'http://activitystrea.ms/spec/1.0/', 'xmlns:georss' => 'http://www.georss.org/georss', 'xmlns:ostatus' => 'http://ostatus.org/schema/1.0', 'xmlns:poco' => 'http://portablecontacts.net/spec/1.0', - 'xmlns:media' => 'http://purl.org/syndication/atommedia'); + 'xmlns:media' => 'http://purl.org/syndication/atommedia', + 'xmlns:statusnet' => 'http://status.net/schema/api/1/'); } else { $attrs = array(); } $xs->elementStart('entry', $attrs); - $xs->element('id', null, $this->id); - $xs->element('title', null, $this->title); - $xs->element('published', null, self::iso8601Date($this->time)); - $xs->element('content', array('type' => 'html'), $this->content); + if ($this->verb == ActivityVerb::POST && count($this->objects) == 1) { - if (!empty($this->summary)) { - $xs->element('summary', null, $this->summary); - } + $obj = $this->objects[0]; + + $xs->element('id', null, $obj->id); + $xs->element('activity:object-type', null, $obj->type); + + if (!empty($obj->title)) { + $xs->element('title', null, $obj->title); + } else { + // XXX need a better default title + $xs->element('title', null, _('Post')); + } + + if (!empty($obj->content)) { + $xs->element('content', array('type' => 'html'), $obj->content); + } + + if (!empty($obj->summary)) { + $xs->element('summary', null, $obj->summary); + } + + if (!empty($obj->link)) { + $xs->element('link', array('rel' => 'alternate', + 'type' => 'text/html'), + $obj->link); + } + + // XXX: some object types might have other values here. + + } else { + $xs->element('id', null, $this->id); + $xs->element('title', null, $this->title); + + $xs->element('content', array('type' => 'html'), $this->content); + + if (!empty($this->summary)) { + $xs->element('summary', null, $this->summary); + } + + if (!empty($this->link)) { + $xs->element('link', array('rel' => 'alternate', + 'type' => 'text/html'), + $this->link); + } - if (!empty($this->link)) { - $xs->element('link', array('rel' => 'alternate', - 'type' => 'text/html'), - $this->link); } - // XXX: add context + $xs->element('activity:verb', null, $this->verb); + $published = self::iso8601Date($this->time); + + $xs->element('published', null, $published); + $xs->element('updated', null, $published); + if ($author) { $xs->elementStart('author'); $xs->element('uri', array(), $this->actor->id); @@ -361,14 +419,61 @@ class Activity $xs->raw($this->actor->asString('activity:actor')); } - $xs->element('activity:verb', null, $this->verb); - - if (!empty($this->objects)) { + if ($this->verb != ActivityVerb::POST || count($this->objects) != 1) { foreach($this->objects as $object) { $xs->raw($object->asString()); } } + if (!empty($this->context)) { + + if (!empty($this->context->replyToID)) { + if (!empty($this->context->replyToUrl)) { + $xs->element('thr:in-reply-to', + array('ref' => $this->context->replyToID, + 'href' => $this->context->replyToUrl)); + } else { + $xs->element('thr:in-reply-to', + array('ref' => $this->context->replyToID)); + } + } + + if (!empty($this->context->replyToUrl)) { + $xs->element('link', array('rel' => 'related', + 'href' => $this->context->replyToUrl)); + } + + if (!empty($this->context->conversation)) { + $xs->element('link', array('rel' => 'ostatus:conversation', + 'href' => $this->context->conversation)); + } + + foreach ($this->context->attention as $attnURI) { + $xs->element('link', array('rel' => 'ostatus:attention', + 'href' => $attnURI)); + $xs->element('link', array('rel' => 'mentioned', + 'href' => $attnURI)); + } + + // XXX: shoulda used ActivityVerb::SHARE + + if (!empty($this->context->forwardID)) { + if (!empty($this->context->forwardUrl)) { + $xs->element('ostatus:forward', + array('ref' => $this->context->forwardID, + 'href' => $this->context->forwardUrl)); + } else { + $xs->element('ostatus:forward', + array('ref' => $this->context->forwardID)); + } + } + + if (!empty($this->context->location)) { + $loc = $this->context->location; + $xs->element('georss:point', null, $loc->lat . ' ' . $loc->lon); + } + } + if ($this->target) { $xs->raw($this->target->asString('activity:target')); } @@ -377,9 +482,86 @@ class Activity $xs->raw($cat->asString()); } + // can be either URLs or enclosure objects + + foreach ($this->enclosures as $enclosure) { + if (is_string($enclosure)) { + $xs->element('link', array('rel' => 'enclosure', + 'href' => $enclosure)); + } else { + $attributes = array('rel' => 'enclosure', + 'href' => $enclosure->url, + 'type' => $enclosure->mimetype, + 'length' => $enclosure->size); + if ($enclosure->title) { + $attributes['title'] = $enclosure->title; + } + $xs->element('link', $attributes); + } + } + + // Info on the source feed + + if (!empty($this->source)) { + $xs->elementStart('source'); + + $xs->element('id', null, $this->source->id); + $xs->element('title', null, $this->source->title); + + if (array_key_exists('alternate', $this->source->links)) { + $xs->element('link', array('rel' => 'alternate', + 'type' => 'text/html', + 'href' => $this->source->links['alternate'])); + } + + if (array_key_exists('self', $this->source->links)) { + $xs->element('link', array('rel' => 'self', + 'type' => 'application/atom+xml', + 'href' => $this->source->links['self'])); + } + + if (array_key_exists('license', $this->source->links)) { + $xs->element('link', array('rel' => 'license', + 'href' => $this->source->links['license'])); + } + + if (!empty($this->source->icon)) { + $xs->element('icon', null, $this->source->icon); + } + + if (!empty($this->source->updated)) { + $xs->element('updated', null, $this->source->updated); + } + + $xs->elementEnd('source'); + } + + if (!empty($this->selfLink)) { + $xs->element('link', array('rel' => 'self', + 'type' => 'application/atom+xml', + 'href' => $this->selfLink)); + } + + if (!empty($this->editLink)) { + $xs->element('link', array('rel' => 'edit', + 'type' => 'application/atom+xml', + 'href' => $this->editLink)); + } + + // For throwing in extra elements; used for statusnet:notice_info + + foreach ($this->extra as $el) { + list($tag, $attrs, $content) = $el; + $xs->element($tag, $attrs, $content); + } + $xs->elementEnd('entry'); - return $xs->getString(); + $str = $xs->getString(); + + $c->set(Cache::codeKey('activity:as-string:'.$this->id), $str); + + return $str; } private function _child($element, $tag, $namespace=self::SPEC) diff --git a/lib/activitycontext.php b/lib/activitycontext.php index ff3bc9411..fd0dfe06c 100644 --- a/lib/activitycontext.php +++ b/lib/activitycontext.php @@ -39,6 +39,8 @@ class ActivityContext public $location; public $attention = array(); public $conversation; + public $forwardID; // deprecated, use ActivityVerb::SHARE instead + public $forwardUrl; // deprecated, use ActivityVerb::SHARE instead const THR = 'http://purl.org/syndication/thread/1.0'; const GEORSS = 'http://www.georss.org/georss'; diff --git a/lib/activitysource.php b/lib/activitysource.php new file mode 100644 index 000000000..56266057f --- /dev/null +++ b/lib/activitysource.php @@ -0,0 +1,56 @@ +<?php +/** + * StatusNet, the distributed open-source microblogging tool + * + * Activity source, to save in <atom:source> + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Feed + * @package StatusNet + * @author Evan Prodromou <evan@status.net> + * @author Zach Copley <zach@status.net> + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +/** + * Feed data to store in the <atom:source> element + * + * I wanted to use Atom10Feed but it seems more heavyweight than what's + * needed here. + * + * @category OStatus + * @package StatusNet + * @author Evan Prodromou <evan@status.net> + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPLv3 + * @link http://status.net/ + */ + +class ActivitySource +{ + public $id; + public $title; + public $icon; + public $updated; + public $links; +} diff --git a/lib/apiaction.php b/lib/apiaction.php index 82685e62e..7eba1b3b8 100644 --- a/lib/apiaction.php +++ b/lib/apiaction.php @@ -728,6 +728,12 @@ class ApiAction extends Action $this->endDocument('xml'); } + function showSingleAtomStatus($notice) + { + header('Content-Type: application/atom+xml; charset=utf-8'); + print $notice->asAtomEntry(true, true, true, $this->auth_user); + } + function show_single_json_status($notice) { $this->initDocument('json'); @@ -1361,11 +1367,16 @@ class ApiAction extends Action return; } + private static function is_decimal($str) + { + return preg_match('/^[0-9]+$/', $str); + } + function getTargetUser($id) { if (empty($id)) { // Twitter supports these other ways of passing the user ID - if (is_numeric($this->arg('id'))) { + if (self::is_decimal($this->arg('id'))) { return User::staticGet($this->arg('id')); } else if ($this->arg('id')) { $nickname = common_canonical_nickname($this->arg('id')); @@ -1373,7 +1384,7 @@ class ApiAction extends Action } else if ($this->arg('user_id')) { // This is to ensure that a non-numeric user_id still // overrides screen_name even if it doesn't get used - if (is_numeric($this->arg('user_id'))) { + if (self::is_decimal($this->arg('user_id'))) { return User::staticGet('id', $this->arg('user_id')); } } else if ($this->arg('screen_name')) { @@ -1384,7 +1395,7 @@ class ApiAction extends Action return $this->auth_user; } - } else if (is_numeric($id)) { + } else if (self::is_decimal($id)) { return User::staticGet($id); } else { $nickname = common_canonical_nickname($id); @@ -1397,7 +1408,7 @@ class ApiAction extends Action if (empty($id)) { // Twitter supports these other ways of passing the user ID - if (is_numeric($this->arg('id'))) { + if (self::is_decimal($this->arg('id'))) { return Profile::staticGet($this->arg('id')); } else if ($this->arg('id')) { // Screen names currently can only uniquely identify a local user. @@ -1407,7 +1418,7 @@ class ApiAction extends Action } else if ($this->arg('user_id')) { // This is to ensure that a non-numeric user_id still // overrides screen_name even if it doesn't get used - if (is_numeric($this->arg('user_id'))) { + if (self::is_decimal($this->arg('user_id'))) { return Profile::staticGet('id', $this->arg('user_id')); } } else if ($this->arg('screen_name')) { @@ -1415,7 +1426,7 @@ class ApiAction extends Action $user = User::staticGet('nickname', $nickname); return $user ? $user->getProfile() : null; } - } else if (is_numeric($id)) { + } else if (self::is_decimal($id)) { return Profile::staticGet($id); } else { $nickname = common_canonical_nickname($id); @@ -1427,7 +1438,7 @@ class ApiAction extends Action function getTargetGroup($id) { if (empty($id)) { - if (is_numeric($this->arg('id'))) { + if (self::is_decimal($this->arg('id'))) { return User_group::staticGet($this->arg('id')); } else if ($this->arg('id')) { $nickname = common_canonical_nickname($this->arg('id')); @@ -1440,7 +1451,7 @@ class ApiAction extends Action } else if ($this->arg('group_id')) { // This is to ensure that a non-numeric user_id still // overrides screen_name even if it doesn't get used - if (is_numeric($this->arg('group_id'))) { + if (self::is_decimal($this->arg('group_id'))) { return User_group::staticGet('id', $this->arg('group_id')); } } else if ($this->arg('group_name')) { @@ -1453,7 +1464,7 @@ class ApiAction extends Action } } - } else if (is_numeric($id)) { + } else if (self::is_decimal($id)) { return User_group::staticGet($id); } else { $nickname = common_canonical_nickname($id); diff --git a/lib/atomcategory.php b/lib/atomcategory.php index 4cc3b4f4d..9763023f7 100644 --- a/lib/atomcategory.php +++ b/lib/atomcategory.php @@ -72,6 +72,6 @@ class AtomCategory } $xs = new XMLStringer(); $xs->element('category', $attribs); - return $xs->asString(); + return $xs->getString(); } } diff --git a/lib/attachmentlist.php b/lib/attachmentlist.php index f6b09fb49..7e536925b 100644 --- a/lib/attachmentlist.php +++ b/lib/attachmentlist.php @@ -79,23 +79,33 @@ class AttachmentList extends Widget $atts = new File; $att = $atts->getAttachments($this->notice->id); if (empty($att)) return 0; + $this->showListStart(); + + foreach ($att as $n=>$attachment) { + $item = $this->newListItem($attachment); + $item->show(); + } + + $this->showListEnd(); + + return count($att); + } + + function showListStart() + { $this->out->elementStart('dl', array('id' =>'attachments', 'class' => 'entry-content')); // TRANS: DT element label in attachment list. $this->out->element('dt', null, _('Attachments')); $this->out->elementStart('dd'); $this->out->elementStart('ol', array('class' => 'attachments')); + } - foreach ($att as $n=>$attachment) { - $item = $this->newListItem($attachment); - $item->show(); - } - + function showListEnd() + { $this->out->elementEnd('dd'); $this->out->elementEnd('ol'); $this->out->elementEnd('dl'); - - return count($att); } /** @@ -187,7 +197,10 @@ class AttachmentListItem extends Widget } function linkAttr() { - return array('class' => 'attachment', 'href' => $this->attachment->url, 'id' => 'attachment-' . $this->attachment->id); + return array('class' => 'attachment', + 'href' => $this->attachment->url, + 'id' => 'attachment-' . $this->attachment->id, + 'title' => $this->title()); } function showLink() { @@ -203,10 +216,32 @@ class AttachmentListItem extends Widget } function showRepresentation() { + $thumb = $this->getThumbInfo(); + if ($thumb) { + $this->out->element('img', array('alt' => '', 'src' => $thumb->url, 'width' => $thumb->width, 'height' => $thumb->height)); + } + } + + /** + * Pull a thumbnail image reference for the given file, and if necessary + * resize it to match currently thumbnail size settings. + * + * @return File_Thumbnail or false/null + */ + function getThumbInfo() + { $thumbnail = File_thumbnail::staticGet('file_id', $this->attachment->id); - if (!empty($thumbnail)) { - $this->out->element('img', array('alt' => '', 'src' => $thumbnail->url, 'width' => $thumbnail->width, 'height' => $thumbnail->height)); + if ($thumbnail) { + $maxWidth = common_config('attachments', 'thumb_width'); + $maxHeight = common_config('attachments', 'thumb_height'); + if ($thumbnail->width > $maxWidth) { + $thumb = clone($thumbnail); + $thumb->width = $maxWidth; + $thumb->height = intval($thumbnail->height * $maxWidth / $thumbnail->width); + return $thumb; + } } + return $thumbnail; } /** @@ -234,6 +269,9 @@ class AttachmentListItem extends Widget } } +/** + * used for one-off attachment action + */ class Attachment extends AttachmentListItem { function showLink() { @@ -417,15 +455,6 @@ class Attachment extends AttachmentListItem function showFallback() { - // If we don't know how to display an attachment inline, we probably - // shouldn't have gotten to this point. - // - // But, here we are... displaying details on a file or remote URL - // either on the main view or in an ajax-loaded lightbox. As a lesser - // of several evils, we'll try redirecting to the actual target via - // client-side JS. - - common_log(LOG_ERR, "Empty or unknown type for file id {$this->attachment->id}; falling back to client-side redirect."); - $this->out->raw('<script>window.location = ' . json_encode($this->attachment->url) . ';</script>'); + // still needed: should show a link? } } diff --git a/lib/cache.php b/lib/cache.php index 3d78c79ad..8dc97a642 100644 --- a/lib/cache.php +++ b/lib/cache.php @@ -87,6 +87,55 @@ class Cache } /** + * Create a cache key for data dependent on code + * + * For cache elements that are dependent on changes in code, this creates + * a more-or-less fingerprint of the current running code and adds it to + * the cache key. In the case of an upgrade of core, or addition or + * removal of plugins, a new unique fingerprint is generated and used. + * + * There can still be problems with a) differences in versions of the + * plugins and b) people running code between official versions. This is + * usually a problem only for experienced users like developers, who know + * how to clear their cache. + * + * For sites that run code between versions (like the status.net cloud), + * there's an additional build number configuration setting. + * + * @param string $extra the real part of the key + * + * @return string full key + */ + + static function codeKey($extra) + { + static $prefix = null; + + if (empty($prefix)) { + + $plugins = StatusNet::getActivePlugins(); + $names = array(); + + foreach ($plugins as $plugin) { + $names[] = $plugin[0]; + } + + $names = array_unique($names); + asort($names); + + // Unique enough. + + $uniq = crc32(implode(',', $names)); + + $build = common_config('site', 'build'); + + $prefix = STATUSNET_VERSION.':'.$build.':'.$uniq; + } + + return Cache::key($prefix.':'.$extra); + } + + /** * Make a string suitable for use as a key * * Useful for turning primary keys of tables into cache keys. diff --git a/lib/command.php b/lib/command.php index a25ea4a9d..852d0a8f7 100644 --- a/lib/command.php +++ b/lib/command.php @@ -139,7 +139,7 @@ class Command { $user = null; if (Event::handle('StartCommandGetUser', array($this, $arg, &$user))) { - $user = User::staticGet('nickname', $arg); + $user = User::staticGet('nickname', Nickname::normalize($arg)); } Event::handle('EndCommandGetUser', array($this, $arg, &$user)); if (!$user){ @@ -479,7 +479,7 @@ class MessageCommand extends Command return; } - $this->text = common_shorten_links($this->text); + $this->text = $this->user->shortenLinks($this->text); if (Message::contentTooLong($this->text)) { // XXX: i18n. Needs plural support. @@ -582,7 +582,7 @@ class ReplyCommand extends Command return; } - $this->text = common_shorten_links($this->text); + $this->text = $this->user->shortenLinks($this->text); if (Notice::contentTooLong($this->text)) { // XXX: i18n. Needs plural support. diff --git a/lib/currentuserdesignaction.php b/lib/currentuserdesignaction.php index 490f87d13..e84c77768 100644 --- a/lib/currentuserdesignaction.php +++ b/lib/currentuserdesignaction.php @@ -22,7 +22,7 @@ * @category Action * @package StatusNet * @author Evan Prodromou <evan@status.net> - * @copyright 2009 StatusNet, Inc. + * @copyright 2009-2010 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ @@ -40,12 +40,33 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { * @category Action * @package StatusNet * @author Evan Prodromou <evan@status.net> + * @author Zach Copley <zach@status.net> * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ * */ class CurrentUserDesignAction extends Action { + + protected $cur = null; // The current user + + /** + * For initializing members of the class. Set a the + * current user here. + * + * @param array $argarray misc. arguments + * + * @return boolean true + */ + function prepare($argarray) + { + parent::prepare($argarray); + + $this->cur = common_current_user(); + + return true; + } + /** * A design for this action * @@ -55,11 +76,9 @@ class CurrentUserDesignAction extends Action */ function getDesign() { - $cur = common_current_user(); - - if (!empty($cur)) { + if (!empty($this->cur)) { - $design = $cur->getDesign(); + $design = $this->cur->getDesign(); if (!empty($design)) { return $design; @@ -68,4 +87,10 @@ class CurrentUserDesignAction extends Action return parent::getDesign(); } + + function getCurrentUser() + { + return $this->cur; + } } + diff --git a/lib/default.php b/lib/default.php index f524e194c..5c4484121 100644 --- a/lib/default.php +++ b/lib/default.php @@ -59,7 +59,8 @@ $default = 'textlimit' => 140, 'indent' => true, 'use_x_sendfile' => false, - 'notice' => null // site wide notice text + 'notice' => null, // site wide notice text + 'build' => 1, // build number, for code-dependent cache ), 'db' => array('database' => 'YOU HAVE TO SET THIS IN config.php', @@ -251,6 +252,10 @@ $default = 'monthly_quota' => 15000000, 'uploads' => true, 'filecommand' => '/usr/bin/file', + 'show_thumbs' => true, // show thumbnails in notice lists for uploaded images, and photos and videos linked remotely that provide oEmbed info + 'thumb_width' => 100, + 'thumb_height' => 75, + 'process_links' => true, // check linked resources for embeddable photos and videos; this will hit referenced external web sites when processing new messages. ), 'application' => array('desclimit' => null), @@ -331,4 +336,6 @@ $default = array('ssl_cafile' => false, // To enable SSL cert validation, point to a CA bundle (eg '/usr/lib/ssl/certs/ca-certificates.crt') 'curl' => false, // Use CURL backend for HTTP fetches if available. (If not, PHP's socket streams will be used.) ), + 'router' => + array('cache' => true), // whether to cache the router object. Defaults to true, turn off for devel ); diff --git a/lib/designform.php b/lib/designform.php index 4163cfc1a..7702b873f 100644 --- a/lib/designform.php +++ b/lib/designform.php @@ -127,19 +127,24 @@ class DesignForm extends Form $this->out->elementEnd('fieldset'); $this->out->elementStart('fieldset', array('id' => 'settings_design_color')); + // TRANS: Fieldset legend on profile design page to change profile page colours. $this->out->element('legend', null, _('Change colours')); $this->colourData(); $this->out->elementEnd('fieldset'); $this->out->elementStart('fieldset'); + // TRANS: Button text on profile design page to immediately reset all colour settings to default. $this->out->submit('defaults', _('Use defaults'), 'submit form_action-default', + // TRANS: Title for button on profile design page to reset all colour settings to default. 'defaults', _('Restore default designs')); $this->out->element('input', array('id' => 'settings_design_reset', 'type' => 'reset', - 'value' => 'Reset', + // TRANS: Button text on profile design page to reset all colour settings to default without saving. + 'value' => _m('BUTTON', 'Reset'), 'class' => 'submit form_action-primary', + // TRANS: Title for button on profile design page to reset all colour settings to default without saving. 'title' => _('Reset back to default'))); } @@ -148,10 +153,13 @@ class DesignForm extends Form $this->out->elementStart('ul', 'form_data'); $this->out->elementStart('li'); $this->out->element('label', array('for' => 'design_background-image_file'), + // TRANS: Label in form on profile design page. + // TRANS: Field contains file name on user's computer that could be that user's custom profile background image. _('Upload file')); $this->out->element('input', array('name' => 'design_background-image_file', 'type' => 'file', 'id' => 'design_background-image_file')); + // TRANS: Instructions for form on profile design page. $this->out->element('p', 'form_guide', _('You can upload your personal ' . 'background image. The maximum file size is 2Mb.')); $this->out->element('input', array('name' => 'MAX_FILE_SIZE', @@ -182,7 +190,8 @@ class DesignForm extends Form $this->out->element('label', array('for' => 'design_background-image_on', 'class' => 'radio'), - _('On')); + // TRANS: Radio button on profile design page that will enable use of the uploaded profile image. + _m('RADIO', 'On')); $attrs = array('name' => 'design_background-image_onoff', 'type' => 'radio', @@ -198,12 +207,16 @@ class DesignForm extends Form $this->out->element('label', array('for' => 'design_background-image_off', 'class' => 'radio'), - _('Off')); + // TRANS: Radio button on profile design page that will disable use of the uploaded profile image. + _m('RADIO', 'Off')); + // TRANS: Form guide for a set of radio buttons on the profile design page that will enable or disable + // TRANS: use of the uploaded profile image. $this->out->element('p', 'form_guide', _('Turn background image on or off.')); $this->out->elementEnd('li'); $this->out->elementStart('li'); $this->out->checkbox('design_background-image_repeat', + // TRANS: Checkbox label on profile design page that will cause the profile image to be tiled. _('Tile background image'), ($this->design->disposition & BACKGROUND_TILE) ? true : false); $this->out->elementEnd('li'); @@ -221,6 +234,7 @@ class DesignForm extends Form $bgcolor = new WebColor($this->design->backgroundcolor); $this->out->elementStart('li'); + // TRANS: Label on profile design page for setting a profile page background colour. $this->out->element('label', array('for' => 'swatch-1'), _('Background')); $this->out->element('input', array('name' => 'design_background', 'type' => 'text', @@ -234,6 +248,7 @@ class DesignForm extends Form $ccolor = new WebColor($this->design->contentcolor); $this->out->elementStart('li'); + // TRANS: Label on profile design page for setting a profile page content colour. $this->out->element('label', array('for' => 'swatch-2'), _('Content')); $this->out->element('input', array('name' => 'design_content', 'type' => 'text', @@ -247,6 +262,7 @@ class DesignForm extends Form $sbcolor = new WebColor($this->design->sidebarcolor); $this->out->elementStart('li'); + // TRANS: Label on profile design page for setting a profile page sidebar colour. $this->out->element('label', array('for' => 'swatch-3'), _('Sidebar')); $this->out->element('input', array('name' => 'design_sidebar', 'type' => 'text', @@ -260,6 +276,7 @@ class DesignForm extends Form $tcolor = new WebColor($this->design->textcolor); $this->out->elementStart('li'); + // TRANS: Label on profile design page for setting a profile page text colour. $this->out->element('label', array('for' => 'swatch-4'), _('Text')); $this->out->element('input', array('name' => 'design_text', 'type' => 'text', @@ -273,6 +290,7 @@ class DesignForm extends Form $lcolor = new WebColor($this->design->linkcolor); $this->out->elementStart('li'); + // TRANS: Label on profile design page for setting a profile page links colour. $this->out->element('label', array('for' => 'swatch-5'), _('Links')); $this->out->element('input', array('name' => 'design_links', 'type' => 'text', @@ -298,7 +316,9 @@ class DesignForm extends Form function formActions() { - $this->out->submit('save', _('Save'), 'submit form_action-secondary', + // TRANS: Button text on profile design page to save settings. + $this->out->submit('save', _m('BUTTON','Save'), 'submit form_action-secondary', + // TRANS: Title for button on profile design page to save settings. 'save', _('Save design')); } } diff --git a/lib/designsettings.php b/lib/designsettings.php index 58578f188..d0601c553 100644 --- a/lib/designsettings.php +++ b/lib/designsettings.php @@ -48,10 +48,8 @@ require_once INSTALLDIR . '/lib/webcolor.php'; * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ - class DesignSettingsAction extends AccountSettingsAction { - var $submitaction = null; /** @@ -59,9 +57,9 @@ class DesignSettingsAction extends AccountSettingsAction * * @return string Title of the page */ - function title() { + // TRANS: Page title for profile design page. return _('Profile design'); } @@ -70,9 +68,9 @@ class DesignSettingsAction extends AccountSettingsAction * * @return instructions for use */ - function getInstructions() { + // TRANS: Instructions for profile design page. return _('Customize the way your profile looks ' . 'with a background image and a colour palette of your choice.'); } @@ -84,11 +82,11 @@ class DesignSettingsAction extends AccountSettingsAction * * @return nothing */ - function showDesignForm($design) { $form = new DesignForm($this, $design, $this->selfUrl()); $form->show(); + } /** @@ -99,7 +97,6 @@ class DesignSettingsAction extends AccountSettingsAction * * @return void */ - function handlePost() { if ($_SERVER['REQUEST_METHOD'] == 'POST') { @@ -111,8 +108,10 @@ class DesignSettingsAction extends AccountSettingsAction && empty($_POST) && ($_SERVER['CONTENT_LENGTH'] > 0) ) { - $msg = _('The server was unable to handle that much POST ' . - 'data (%s bytes) due to its current configuration.'); + // TRANS: Form validation error in design settings form. POST should remain untranslated. + $msg = _m('The server was unable to handle that much POST data (%s byte) due to its current configuration.', + 'The server was unable to handle that much POST data (%s bytes) due to its current configuration.', + intval($_SERVER['CONTENT_LENGTH'])); $this->showForm(sprintf($msg, $_SERVER['CONTENT_LENGTH'])); return; @@ -132,6 +131,7 @@ class DesignSettingsAction extends AccountSettingsAction } else if ($this->arg('defaults')) { $this->restoreDefaults(); } else { + // TRANS: Unknown form validation error in design settings form. $this->showForm(_('Unexpected form submission.')); } } @@ -141,7 +141,6 @@ class DesignSettingsAction extends AccountSettingsAction * * @return void */ - function showStylesheets() { parent::showStylesheets(); @@ -153,7 +152,6 @@ class DesignSettingsAction extends AccountSettingsAction * * @return void */ - function showScripts() { parent::showScripts(); @@ -171,7 +169,6 @@ class DesignSettingsAction extends AccountSettingsAction * * @return nothing */ - function saveBackgroundImage($design) { // Now that we have a Design ID we can add a file to the design. @@ -217,6 +214,7 @@ class DesignSettingsAction extends AccountSettingsAction if ($result === false) { common_log_db_error($design, 'UPDATE', __FILE__); + // TRANS: Error message displayed if design settings could not be saved. $this->showForm(_('Couldn\'t update your design.')); return; } @@ -228,7 +226,6 @@ class DesignSettingsAction extends AccountSettingsAction * * @return nothing */ - function restoreDefaults() { $design = $this->getWorkingDesign(); @@ -239,12 +236,13 @@ class DesignSettingsAction extends AccountSettingsAction if ($result === false) { common_log_db_error($design, 'DELETE', __FILE__); + // TRANS: Error message displayed if design settings could not be saved after clicking "Use defaults". $this->showForm(_('Couldn\'t update your design.')); return; } } + // TRANS: Success message displayed if design settings were saved after clicking "Use defaults". $this->showForm(_('Design defaults restored.'), true); } - } diff --git a/lib/framework.php b/lib/framework.php index acfca9f0e..70987e086 100644 --- a/lib/framework.php +++ b/lib/framework.php @@ -115,6 +115,17 @@ require_once 'markdown.php'; // XXX: other formats here +/** + * Avoid the NICKNAME_FMT constant; use the Nickname class instead. + * + * Nickname::DISPLAY_FMT is more suitable for inserting into regexes; + * note that it includes the [] and repeating bits, so should be wrapped + * directly in a capture paren usually. + * + * For validation, use Nickname::normalize(), Nickname::isValid() etc. + * + * @deprecated + */ define('NICKNAME_FMT', VALIDATE_NUM.VALIDATE_ALPHA_LOWER); require_once INSTALLDIR.'/lib/util.php'; diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php index d079fac06..fdb693f92 100644 --- a/lib/htmloutputter.php +++ b/lib/htmloutputter.php @@ -119,9 +119,16 @@ class HTMLOutputter extends XMLOutputter $language = $this->getLanguage(); - $this->elementStart('html', array('xmlns' => 'http://www.w3.org/1999/xhtml', - 'xml:lang' => $language, - 'lang' => $language)); + $attrs = array( + 'xmlns' => 'http://www.w3.org/1999/xhtml', + 'xml:lang' => $language, + 'lang' => $language + ); + + if (Event::handle('StartHtmlElement', array($this, &$attrs))) { + $this->elementStart('html', $attrs); + Event::handle('EndHtmlElement', array($this, &$attrs)); + } } function getLanguage() diff --git a/lib/imagefile.php b/lib/imagefile.php index b70fd248e..159deead6 100644 --- a/lib/imagefile.php +++ b/lib/imagefile.php @@ -115,10 +115,46 @@ class ImageFile return new ImageFile(null, $_FILES[$param]['tmp_name']); } + /** + * Compat interface for old code generating avatar thumbnails... + * Saves the scaled file directly into the avatar area. + * + * @param int $size target width & height -- must be square + * @param int $x (default 0) upper-left corner to crop from + * @param int $y (default 0) upper-left corner to crop from + * @param int $w (default full) width of image area to crop + * @param int $h (default full) height of image area to crop + * @return string filename + */ function resize($size, $x = 0, $y = 0, $w = null, $h = null) { + $targetType = $this->preferredType($this->type); + $outname = Avatar::filename($this->id, + image_type_to_extension($targetType), + $size, + common_timestamp()); + $outpath = Avatar::path($outname); + $this->resizeTo($outpath, $size, $size, $x, $y, $w, $h); + return $outname; + } + + /** + * Create and save a thumbnail image. + * + * @param string $outpath + * @param int $width target width + * @param int $height target height + * @param int $x (default 0) upper-left corner to crop from + * @param int $y (default 0) upper-left corner to crop from + * @param int $w (default full) width of image area to crop + * @param int $h (default full) height of image area to crop + * @return string full local filesystem filename + */ + function resizeTo($outpath, $width, $height, $x=0, $y=0, $w=null, $h=null) + { $w = ($w === null) ? $this->width:$w; $h = ($h === null) ? $this->height:$h; + $targetType = $this->preferredType($this->type); if (!file_exists($this->filepath)) { throw new Exception(_('Lost our file.')); @@ -126,20 +162,16 @@ class ImageFile } // Don't crop/scale if it isn't necessary - if ($size === $this->width - && $size === $this->height + if ($width === $this->width + && $height === $this->height && $x === 0 && $y === 0 && $w === $this->width - && $h === $this->height) { + && $h === $this->height + && $this->type == $targetType) { - $outname = Avatar::filename($this->id, - image_type_to_extension($this->type), - $size, - common_timestamp()); - $outpath = Avatar::path($outname); @copy($this->filepath, $outpath); - return $outname; + return $outpath; } switch ($this->type) { @@ -166,7 +198,7 @@ class ImageFile return; } - $image_dest = imagecreatetruecolor($size, $size); + $image_dest = imagecreatetruecolor($width, $height); if ($this->type == IMAGETYPE_GIF || $this->type == IMAGETYPE_PNG || $this->type == IMAGETYPE_BMP) { @@ -189,30 +221,9 @@ class ImageFile } } - imagecopyresampled($image_dest, $image_src, 0, 0, $x, $y, $size, $size, $w, $h); - - if($this->type == IMAGETYPE_BMP) { - //we don't want to save BMP... it's an inefficient, rare, antiquated format - //save png instead - $this->type = IMAGETYPE_PNG; - } else if($this->type == IMAGETYPE_WBMP) { - //we don't want to save WBMP... it's a rare format that we can't guarantee clients will support - //save png instead - $this->type = IMAGETYPE_PNG; - } else if($this->type == IMAGETYPE_XBM) { - //we don't want to save XBM... it's a rare format that we can't guarantee clients will support - //save png instead - $this->type = IMAGETYPE_PNG; - } - - $outname = Avatar::filename($this->id, - image_type_to_extension($this->type), - $size, - common_timestamp()); - - $outpath = Avatar::path($outname); + imagecopyresampled($image_dest, $image_src, 0, 0, $x, $y, $width, $height, $w, $h); - switch ($this->type) { + switch ($targetType) { case IMAGETYPE_GIF: imagegif($image_dest, $outpath); break; @@ -230,7 +241,31 @@ class ImageFile imagedestroy($image_src); imagedestroy($image_dest); - return $outname; + return $outpath; + } + + /** + * Several obscure file types should be normalized to PNG on resize. + * + * @param int $type + * @return int + */ + function preferredType($type) + { + if($type == IMAGETYPE_BMP) { + //we don't want to save BMP... it's an inefficient, rare, antiquated format + //save png instead + return IMAGETYPE_PNG; + } else if($type == IMAGETYPE_WBMP) { + //we don't want to save WBMP... it's a rare format that we can't guarantee clients will support + //save png instead + return IMAGETYPE_PNG; + } else if($type == IMAGETYPE_XBM) { + //we don't want to save XBM... it's a rare format that we can't guarantee clients will support + //save png instead + return IMAGETYPE_PNG; + } + return $type; } function unlink() diff --git a/lib/inlineattachmentlist.php b/lib/inlineattachmentlist.php new file mode 100644 index 000000000..de5008e87 --- /dev/null +++ b/lib/inlineattachmentlist.php @@ -0,0 +1,108 @@ +<?php +/** + * StatusNet, the distributed open-source microblogging tool + * + * widget for displaying notice attachments thumbnails + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category UI + * @package StatusNet + * @author Brion Vibber <brion@status.net> + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +class InlineAttachmentList extends AttachmentList +{ + function showListStart() + { + $this->out->elementStart('div', array('class' => 'entry-content thumbnails')); + } + + function showListEnd() + { + $this->out->elementEnd('div'); + } + + /** + * returns a new list item for the current attachment + * + * @param File $notice the current attachment + * + * @return ListItem a list item for displaying the attachment + */ + function newListItem($attachment) + { + return new InlineAttachmentListItem($attachment, $this->out); + } +} + +class InlineAttachmentListItem extends AttachmentListItem +{ + function show() + { + if ($this->attachment->isEnclosure()) { + parent::show(); + } + } + + function showLink() { + $this->out->elementStart('a', $this->linkAttr()); + $this->showRepresentation(); + $this->out->elementEnd('a'); + } + + /** + * Build HTML attributes for the link + * @return array + */ + function linkAttr() + { + $attr = parent::linkAttr(); + $attr['class'] = 'attachment-thumbnail'; + return $attr; + } + + /** + * start a single notice. + * + * @return void + */ + function showStart() + { + // XXX: RDFa + // TODO: add notice_type class e.g., notice_video, notice_image + $this->out->elementStart('span', array('class' => 'inline-attachment')); + } + + /** + * finish the notice + * + * Close the last elements in the notice list item + * + * @return void + */ + function showEnd() + { + $this->out->elementEnd('span'); + } +} diff --git a/lib/jsonsearchresultslist.php b/lib/jsonsearchresultslist.php index 0d72ddf7a..80d4036aa 100644 --- a/lib/jsonsearchresultslist.php +++ b/lib/jsonsearchresultslist.php @@ -101,6 +101,10 @@ class JSONSearchResultsList $this->max_id = (int)$this->notice->id; } + if ($this->since_id && $this->notice->id <= $this->since_id) { + break; + } + if ($cnt > $this->rpp) { break; } diff --git a/lib/mailhandler.php b/lib/mailhandler.php index 69eb26bdd..459657ffe 100644 --- a/lib/mailhandler.php +++ b/lib/mailhandler.php @@ -55,7 +55,7 @@ class MailHandler return true; } $msg = $this->cleanup_msg($msg); - $msg = common_shorten_links($msg); + $msg = $user->shortenLinks($msg); if (Notice::contentTooLong($msg)) { $this->error($from, sprintf(_('That\'s too long. Maximum notice size is %d character.', 'That\'s too long. Maximum notice size is %d characters.', diff --git a/lib/mediafile.php b/lib/mediafile.php index 23338cc0e..a41d7c76b 100644 --- a/lib/mediafile.php +++ b/lib/mediafile.php @@ -48,11 +48,14 @@ class MediaFile { if ($user == null) { $this->user = common_current_user(); + } else { + $this->user = $user; } $this->filename = $filename; $this->mimetype = $mimetype; $this->fileRecord = $this->storeFile(); + $this->thumbnailRecord = $this->storeThumbnail(); $this->fileurl = common_local_url('attachment', array('attachment' => $this->fileRecord->id)); @@ -102,6 +105,52 @@ class MediaFile return $file; } + /** + * Generate and store a thumbnail image for the uploaded file, if applicable. + * + * @return File_thumbnail or null + */ + function storeThumbnail() + { + if (substr($this->mimetype, 0, strlen('image/')) != 'image/') { + // @fixme video thumbs would be nice! + return null; + } + try { + $image = new ImageFile($this->fileRecord->id, + File::path($this->filename)); + } catch (Exception $e) { + // Unsupported image type. + return null; + } + + $outname = File::filename($this->user->getProfile(), 'thumb-' . $this->filename, $this->mimetype); + $outpath = File::path($outname); + + $maxWidth = common_config('attachments', 'thumb_width'); + $maxHeight = common_config('attachments', 'thumb_height'); + list($width, $height) = $this->scaleToFit($image->width, $image->height, $maxWidth, $maxHeight); + + $image->resizeTo($outpath, $width, $height); + File_thumbnail::saveThumbnail($this->fileRecord->id, + File::url($outname), + $width, + $height); + } + + function scaleToFit($width, $height, $maxWidth, $maxHeight) + { + $aspect = $maxWidth / $maxHeight; + $w1 = $maxWidth; + $h1 = intval($height * $maxWidth / $width); + if ($h1 > $maxHeight) { + $w2 = intval($width * $maxHeight / $height); + $h2 = $maxHeight; + return array($w2, $h2); + } + return array($w1, $h1); + } + function rememberFile($file, $short) { $this->maybeAddRedir($file->id, $short); @@ -278,6 +327,9 @@ class MediaFile static function getUploadedFileType($f, $originalFilename=false) { require_once 'MIME/Type.php'; require_once 'MIME/Type/Extension.php'; + + // We have to disable auto handling of PEAR errors + PEAR::staticPushErrorHandling(PEAR_ERROR_RETURN); $mte = new MIME_Type_Extension(); $cmd = &PEAR::getStaticProperty('MIME_Type', 'fileCmd'); @@ -330,6 +382,8 @@ class MediaFile } } if ($supported === true || in_array($filetype, $supported)) { + // Restore PEAR error handlers for our DB code... + PEAR::staticPopErrorHandling(); return $filetype; } $media = MIME_Type::getMedia($filetype); @@ -344,6 +398,8 @@ class MediaFile // TRANS: %s is the file type that was denied. $hint = sprintf(_('"%s" is not a supported file type on this server.'), $filetype); } + // Restore PEAR error handlers for our DB code... + PEAR::staticPopErrorHandling(); throw new ClientException($hint); } diff --git a/lib/messageform.php b/lib/messageform.php index b116964da..9d3f955a8 100644 --- a/lib/messageform.php +++ b/lib/messageform.php @@ -133,6 +133,8 @@ class MessageForm extends Form $mutual_users = $user->mutuallySubscribedUsers(); $mutual = array(); + // TRANS Label entry in drop-down selection box in direct-message inbox/outbox. This is the default entry in the drop-down box, doubling as instructions and a brake against accidental submissions with the first user in the list. + $mutual[0] = _('Select recipient:'); while ($mutual_users->fetch()) { if ($mutual_users->id != $user->id) { @@ -143,6 +145,11 @@ class MessageForm extends Form $mutual_users->free(); unset($mutual_users); + if (count($mutual) == 1) { + // TRANS Entry in drop-down selection box in direct-message inbox/outbox when no one is available to message. + $mutual[0] = _('No mutual subscribers.'); + } + $this->out->dropdown('to', _('To'), $mutual, null, false, ($this->to) ? $this->to->id : null); diff --git a/lib/nickname.php b/lib/nickname.php new file mode 100644 index 000000000..a0c9378cd --- /dev/null +++ b/lib/nickname.php @@ -0,0 +1,176 @@ +<?php +/* + * StatusNet - the distributed open-source microblogging tool + * Copyright (C) 2008, 2009, StatusNet, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +class Nickname +{ + /** + * Regex fragment for pulling an arbitrarily-formated nickname. + * + * Not guaranteed to be valid after normalization; run the string through + * Nickname::normalize() to get the canonical form, or Nickname::isValid() + * if you just need to check if it's properly formatted. + * + * This and CANONICAL_FMT replace the old NICKNAME_FMT, but be aware + * that these should not be enclosed in []s. + */ + const DISPLAY_FMT = '[0-9a-zA-Z_]+'; + + /** + * Regex fragment for checking a canonical nickname. + * + * Any non-matching string is not a valid canonical/normalized nickname. + * Matching strings are valid and canonical form, but may still be + * unavailable for registration due to blacklisting et. + * + * Only the canonical forms should be stored as keys in the database; + * there are multiple possible denormalized forms for each valid + * canonical-form name. + * + * This and DISPLAY_FMT replace the old NICKNAME_FMT, but be aware + * that these should not be enclosed in []s. + */ + const CANONICAL_FMT = '[0-9a-z]{1,64}'; + + /** + * Maximum number of characters in a canonical-form nickname. + */ + const MAX_LEN = 64; + + /** + * Nice simple check of whether the given string is a valid input nickname, + * which can be normalized into an internally canonical form. + * + * Note that valid nicknames may be in use or reserved. + * + * @param string $str + * @return boolean + */ + public static function isValid($str) + { + try { + self::normalize($str); + return true; + } catch (NicknameException $e) { + return false; + } + } + + /** + * Validate an input nickname string, and normalize it to its canonical form. + * The canonical form will be returned, or an exception thrown if invalid. + * + * @param string $str + * @return string Normalized canonical form of $str + * + * @throws NicknameException (base class) + * @throws NicknameInvalidException + * @throws NicknameEmptyException + * @throws NicknameTooLongException + */ + public static function normalize($str) + { + $str = trim($str); + $str = str_replace('_', '', $str); + $str = mb_strtolower($str); + + $len = mb_strlen($str); + if ($len < 1) { + throw new NicknameEmptyException(); + } else if ($len > self::MAX_LEN) { + throw new NicknameTooLongException(); + } + if (!self::isCanonical($str)) { + throw new NicknameInvalidException(); + } + + return $str; + } + + /** + * Is the given string a valid canonical nickname form? + * + * @param string $str + * @return boolean + */ + public static function isCanonical($str) + { + return preg_match('/^(?:' . self::CANONICAL_FMT . ')$/', $str); + } +} + +class NicknameException extends ClientException +{ + function __construct($msg=null, $code=400) + { + if ($msg === null) { + $msg = $this->defaultMessage(); + } + parent::__construct($msg, $code); + } + + /** + * Default localized message for this type of exception. + * @return string + */ + protected function defaultMessage() + { + return null; + } +} + +class NicknameInvalidException extends NicknameException { + /** + * Default localized message for this type of exception. + * @return string + */ + protected function defaultMessage() + { + // TRANS: Validation error in form for registration, profile and group settings, etc. + return _('Nickname must have only lowercase letters and numbers and no spaces.'); + } +} + +class NicknameEmptyException extends NicknameException +{ + /** + * Default localized message for this type of exception. + * @return string + */ + protected function defaultMessage() + { + // TRANS: Validation error in form for registration, profile and group settings, etc. + return _('Nickname cannot be empty.'); + } +} + +class NicknameTooLongException extends NicknameInvalidException +{ + /** + * Default localized message for this type of exception. + * @return string + */ + protected function defaultMessage() + { + // TRANS: Validation error in form for registration, profile and group settings, etc. + return sprintf(_m('Nickname cannot be more than %d character long.', + 'Nickname cannot be more than %d characters long.', + Nickname::MAX_LEN), + Nickname::MAX_LEN); + } +} diff --git a/lib/noticelist.php b/lib/noticelist.php index bdf2530b3..c6f964662 100644 --- a/lib/noticelist.php +++ b/lib/noticelist.php @@ -208,6 +208,7 @@ class NoticeListItem extends Widget $this->showStart(); if (Event::handle('StartShowNoticeItem', array($this))) { $this->showNotice(); + $this->showNoticeAttachments(); $this->showNoticeInfo(); $this->showNoticeOptions(); Event::handle('EndShowNoticeItem', array($this)); @@ -327,11 +328,8 @@ class NoticeListItem extends Widget function showAvatar() { - if ('shownotice' === $this->out->trimmed('action')) { - $avatar_size = AVATAR_PROFILE_SIZE; - } else { - $avatar_size = AVATAR_STREAM_SIZE; - } + $avatar_size = AVATAR_STREAM_SIZE; + $avatar = $this->profile->getAvatar($avatar_size); $this->out->element('img', array('src' => ($avatar) ? @@ -386,6 +384,13 @@ class NoticeListItem extends Widget $this->out->elementEnd('p'); } + function showNoticeAttachments() { + if (common_config('attachments', 'show_thumbs')) { + $al = new InlineAttachmentList($this->notice, $this->out); + $al->show(); + } + } + /** * show the link to the main page for the notice * diff --git a/lib/oembedhelper.php b/lib/oembedhelper.php new file mode 100644 index 000000000..84cf10586 --- /dev/null +++ b/lib/oembedhelper.php @@ -0,0 +1,318 @@ +<?php +/* + * StatusNet - the distributed open-source microblogging tool + * Copyright (C) 2008-2010, StatusNet, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +if (!defined('STATUSNET')) { + exit(1); +} + + +/** + * Utility class to wrap basic oEmbed lookups. + * + * Blacklisted hosts will use an alternate lookup method: + * - Twitpic + * + * Whitelisted hosts will use known oEmbed API endpoints: + * - Flickr, YFrog + * + * Sites that provide discovery links will use them directly; a bug + * in use of discovery links with query strings is worked around. + * + * Others will fall back to oohembed (unless disabled). + * The API endpoint can be configured or disabled through config + * as 'oohembed'/'endpoint'. + */ +class oEmbedHelper +{ + protected static $apiMap = array( + 'flickr.com' => 'http://www.flickr.com/services/oembed/', + 'yfrog.com' => 'http://www.yfrog.com/api/oembed', + ); + protected static $functionMap = array( + 'twitpic.com' => 'oEmbedHelper::twitPic', + ); + + /** + * Perform or fake an oEmbed lookup for the given resource. + * + * Some known hosts are whitelisted with API endpoints where we + * know they exist but autodiscovery data isn't available. + * If autodiscovery links are missing and we don't recognize the + * host, we'll pass it to oohembed.com's public service which + * will either proxy or fake info on a lot of sites. + * + * A few hosts are blacklisted due to known problems with oohembed, + * in which case we'll look up the info another way and return + * equivalent data. + * + * Throws exceptions on failure. + * + * @param string $url + * @param array $params + * @return object + */ + public static function getObject($url, $params=array()) + { + $host = parse_url($url, PHP_URL_HOST); + if (substr($host, 0, 4) == 'www.') { + $host = substr($host, 4); + } + + // Blacklist: systems with no oEmbed API of their own, which are + // either missing from or broken on oohembed.com's proxy. + // we know how to look data up in another way... + if (array_key_exists($host, self::$functionMap)) { + $func = self::$functionMap[$host]; + return call_user_func($func, $url, $params); + } + + // Whitelist: known API endpoints for sites that don't provide discovery... + if (array_key_exists($host, self::$apiMap)) { + $api = self::$apiMap[$host]; + } else { + try { + $api = self::discover($url); + } catch (Exception $e) { + // Discovery failed... fall back to oohembed if enabled. + $oohembed = common_config('oohembed', 'endpoint'); + if ($oohembed) { + $api = $oohembed; + } else { + throw $e; + } + } + } + return self::getObjectFrom($api, $url, $params); + } + + /** + * Perform basic discovery. + * @return string + */ + static function discover($url) + { + // @fixme ideally skip this for non-HTML stuff! + $body = self::http($url); + return self::discoverFromHTML($url, $body); + } + + /** + * Partially ripped from OStatus' FeedDiscovery class. + * + * @param string $url source URL, used to resolve relative links + * @param string $body HTML body text + * @return mixed string with URL or false if no target found + */ + static function discoverFromHTML($url, $body) + { + // DOMDocument::loadHTML may throw warnings on unrecognized elements, + // and notices on unrecognized namespaces. + $old = error_reporting(error_reporting() & ~(E_WARNING | E_NOTICE)); + $dom = new DOMDocument(); + $ok = $dom->loadHTML($body); + error_reporting($old); + + if (!$ok) { + throw new oEmbedHelper_BadHtmlException(); + } + + // Ok... now on to the links! + $feeds = array( + 'application/json+oembed' => false, + ); + + $nodes = $dom->getElementsByTagName('link'); + for ($i = 0; $i < $nodes->length; $i++) { + $node = $nodes->item($i); + if ($node->hasAttributes()) { + $rel = $node->attributes->getNamedItem('rel'); + $type = $node->attributes->getNamedItem('type'); + $href = $node->attributes->getNamedItem('href'); + if ($rel && $type && $href) { + $rel = array_filter(explode(" ", $rel->value)); + $type = trim($type->value); + $href = trim($href->value); + + if (in_array('alternate', $rel) && array_key_exists($type, $feeds) && empty($feeds[$type])) { + // Save the first feed found of each type... + $feeds[$type] = $href; + } + } + } + } + + // Return the highest-priority feed found + foreach ($feeds as $type => $url) { + if ($url) { + return $url; + } + } + + throw new oEmbedHelper_DiscoveryException(); + } + + /** + * Actually do an oEmbed lookup to a particular API endpoint. + * + * @param string $api oEmbed API endpoint URL + * @param string $url target URL to look up info about + * @param array $params + * @return object + */ + static function getObjectFrom($api, $url, $params=array()) + { + $params['url'] = $url; + $params['format'] = 'json'; + $data = self::json($api, $params); + return self::normalize($data); + } + + /** + * Normalize oEmbed format. + * + * @param object $orig + * @return object + */ + static function normalize($orig) + { + $data = clone($orig); + + if (empty($data->type)) { + throw new Exception('Invalid oEmbed data: no type field.'); + } + + if ($data->type == 'image') { + // YFrog does this. + $data->type = 'photo'; + } + + if (isset($data->thumbnail_url)) { + if (!isset($data->thumbnail_width)) { + // !?!?! + $data->thumbnail_width = common_config('attachments', 'thumb_width'); + $data->thumbnail_height = common_config('attachments', 'thumb_height'); + } + } + + return $data; + } + + /** + * Using a local function for twitpic lookups, as oohembed's adapter + * doesn't return a valid result: + * http://code.google.com/p/oohembed/issues/detail?id=19 + * + * This code fetches metadata from Twitpic's own API, and attempts + * to guess proper thumbnail size from the original's size. + * + * @todo respect maxwidth and maxheight params + * + * @param string $url + * @param array $params + * @return object + */ + static function twitPic($url, $params=array()) + { + $matches = array(); + if (preg_match('!twitpic\.com/(\w+)!', $url, $matches)) { + $id = $matches[1]; + } else { + throw new Exception("Invalid twitpic URL"); + } + + // Grab metadata from twitpic's API... + // http://dev.twitpic.com/docs/2/media_show + $data = self::json('http://api.twitpic.com/2/media/show.json', + array('id' => $id)); + $oembed = (object)array('type' => 'photo', + 'url' => 'http://twitpic.com/show/full/' . $data->short_id, + 'width' => $data->width, + 'height' => $data->height); + if (!empty($data->message)) { + $oembed->title = $data->message; + } + + // Thumbnail is cropped and scaled to 150x150 box: + // http://dev.twitpic.com/docs/thumbnails/ + $thumbSize = 150; + $oembed->thumbnail_url = 'http://twitpic.com/show/thumb/' . $data->short_id; + $oembed->thumbnail_width = $thumbSize; + $oembed->thumbnail_height = $thumbSize; + + return $oembed; + } + + /** + * Fetch some URL and return JSON data. + * + * @param string $url + * @param array $params query-string params + * @return object + */ + static protected function json($url, $params=array()) + { + $data = self::http($url, $params); + return json_decode($data); + } + + /** + * Hit some web API and return data on success. + * @param string $url + * @param array $params + * @return string + */ + static protected function http($url, $params=array()) + { + $client = HTTPClient::start(); + if ($params) { + $query = http_build_query($params, null, '&'); + if (strpos($url, '?') === false) { + $url .= '?' . $query; + } else { + $url .= '&' . $query; + } + } + $response = $client->get($url); + if ($response->isOk()) { + return $response->getBody(); + } else { + throw new Exception('Bad HTTP response code: ' . $response->getStatus()); + } + } +} + +class oEmbedHelper_Exception extends Exception +{ +} + +class oEmbedHelper_BadHtmlException extends oEmbedHelper_Exception +{ + function __construct($previous=null) + { + return parent::__construct('Bad HTML in discovery data.', 0, $previous); + } +} + +class oEmbedHelper_DiscoveryException extends oEmbedHelper_Exception +{ + function __construct($previous=null) + { + return parent::__construct('No oEmbed discovery data.', 0, $previous); + } +} diff --git a/lib/popularity.php b/lib/popularity.php new file mode 100644 index 000000000..7ab259a39 --- /dev/null +++ b/lib/popularity.php @@ -0,0 +1,92 @@ +<?php +/** + * StatusNet, the distributed open-source microblogging tool + * + * Wrapper for fetching lists of popular notices. + * + * PHP version 5 + * + * LICENCE: This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Widget + * @package StatusNet + * @author Evan Prodromou <evan@status.net> + * @author Brion Vibber <brion@status.net> + * @copyright 2010 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET') && !defined('LACONICA')) { + exit(1); +} + +/** + * Wrapper for fetching notices ranked according to popularity, + * broken out so it can be called from multiple actions with + * less code duplication. + */ +class Popularity +{ + public $limit = NOTICES_PER_PAGE; + public $offset = 0; + public $tag = false; + public $expiry = 600; + + /** + * Run a cached query to fetch notices, whee! + * + * @return Notice + */ + function getNotices() + { + // @fixme there should be a common func for this + if (common_config('db', 'type') == 'pgsql') { + if (!empty($this->tag)) { + $tag = pg_escape_string($this->tag); + } + } else { + if (!empty($this->tag)) { + $tag = mysql_escape_string($this->tag); + } + } + $weightexpr = common_sql_weight('fave.modified', common_config('popular', 'dropoff')); + $cutoff = sprintf("fave.modified > '%s'", + common_sql_date(time() - common_config('popular', 'cutoff'))); + $qry = "SELECT notice.*, $weightexpr as weight "; + if(isset($tag)) { + $qry .= 'FROM notice_tag, notice JOIN fave ON notice.id = fave.notice_id ' . + "WHERE $cutoff and notice.id = notice_tag.notice_id and '$tag' = notice_tag.tag"; + } else { + $qry .= 'FROM notice JOIN fave ON notice.id = fave.notice_id ' . + "WHERE $cutoff"; + } + $qry .= ' GROUP BY notice.id,notice.profile_id,notice.content,notice.uri,' . + 'notice.rendered,notice.url,notice.created,notice.modified,' . + 'notice.reply_to,notice.is_local,notice.source,notice.conversation, ' . + 'notice.lat,notice.lon,location_id,location_ns,notice.repeat_of'; + $qry .= ' HAVING \'silenced\' NOT IN (SELECT role FROM profile_role WHERE profile_id=notice.profile_id)'; + $qry .= ' ORDER BY weight DESC'; + + $offset = $this->offset; + $limit = $this->limit + 1; + + $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset; + + $notice = Memcached_DataObject::cachedQuery('Notice', + $qry, + 1200); + return $notice; + } +}
\ No newline at end of file diff --git a/lib/popularnoticesection.php b/lib/popularnoticesection.php index f70a972ef..a4f038b24 100644 --- a/lib/popularnoticesection.php +++ b/lib/popularnoticesection.php @@ -48,42 +48,13 @@ class PopularNoticeSection extends NoticeSection { function getNotices() { - // @fixme there should be a common func for this - if (common_config('db', 'type') == 'pgsql') { - if (!empty($this->out->tag)) { - $tag = pg_escape_string($this->out->tag); - } - } else { - if (!empty($this->out->tag)) { - $tag = mysql_escape_string($this->out->tag); - } + $pop = new Popularity(); + if (!empty($this->out->tag)) { + $pop->tag = $this->out->tag; } - $weightexpr = common_sql_weight('fave.modified', common_config('popular', 'dropoff')); - $cutoff = sprintf("fave.modified > '%s'", - common_sql_date(time() - common_config('popular', 'cutoff'))); - $qry = "SELECT notice.*, $weightexpr as weight "; - if(isset($tag)) { - $qry .= 'FROM notice_tag, notice JOIN fave ON notice.id = fave.notice_id ' . - "WHERE $cutoff and notice.id = notice_tag.notice_id and '$tag' = notice_tag.tag"; - } else { - $qry .= 'FROM notice JOIN fave ON notice.id = fave.notice_id ' . - "WHERE $cutoff"; - } - $qry .= ' GROUP BY notice.id,notice.profile_id,notice.content,notice.uri,' . - 'notice.rendered,notice.url,notice.created,notice.modified,' . - 'notice.reply_to,notice.is_local,notice.source,notice.conversation, ' . - 'notice.lat,notice.lon,location_id,location_ns,notice.repeat_of' . - ' ORDER BY weight DESC'; - - $offset = 0; - $limit = NOTICES_PER_SECTION + 1; - - $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset; - - $notice = Memcached_DataObject::cachedQuery('Notice', - $qry, - 1200); - return $notice; + $pop->limit = NOTICES_PER_SECTION; + $pop->expiry = 1200; + return $pop->getNotices(); } function title() diff --git a/lib/profileaction.php b/lib/profileaction.php index 504b77566..4bfc4d48d 100644 --- a/lib/profileaction.php +++ b/lib/profileaction.php @@ -101,7 +101,7 @@ class ProfileAction extends OwnerDesignAction function showSubscriptions() { - $profile = $this->user->getSubscriptions(0, PROFILES_PER_MINILIST + 1); + $profile = $this->profile->getSubscriptions(0, PROFILES_PER_MINILIST + 1); $this->elementStart('div', array('id' => 'entity_subscriptions', 'class' => 'section')); @@ -134,7 +134,7 @@ class ProfileAction extends OwnerDesignAction function showSubscribers() { - $profile = $this->user->getSubscribers(0, PROFILES_PER_MINILIST + 1); + $profile = $this->profile->getSubscribers(0, PROFILES_PER_MINILIST + 1); $this->elementStart('div', array('id' => 'entity_subscribers', 'class' => 'section')); @@ -173,7 +173,7 @@ class ProfileAction extends OwnerDesignAction $subs_count = $this->profile->subscriptionCount(); $subbed_count = $this->profile->subscriberCount(); $notice_count = $this->profile->noticeCount(); - $group_count = $this->user->getGroups()->N; + $group_count = $this->profile->getGroups()->N; $age_days = (time() - strtotime($this->profile->created)) / 86400; if ($age_days < 1) { // Rather than extrapolating out to a bajillion... @@ -241,7 +241,7 @@ class ProfileAction extends OwnerDesignAction function showGroups() { - $groups = $this->user->getGroups(0, GROUPS_PER_MINILIST + 1); + $groups = $this->profile->getGroups(0, GROUPS_PER_MINILIST + 1); $this->elementStart('div', array('id' => 'entity_groups', 'class' => 'section')); @@ -249,7 +249,7 @@ class ProfileAction extends OwnerDesignAction $this->element('h2', null, _('Groups')); if ($groups) { - $gml = new GroupMiniList($groups, $this->user, $this); + $gml = new GroupMiniList($groups, $this->profile, $this); $cnt = $gml->show(); if ($cnt == 0) { $this->element('p', null, _('(None)')); diff --git a/lib/router.php b/lib/router.php index efead04ab..9dfa6e00b 100644 --- a/lib/router.php +++ b/lib/router.php @@ -33,13 +33,15 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { require_once 'Net/URL/Mapper.php'; -class StatusNet_URL_Mapper extends Net_URL_Mapper { +class StatusNet_URL_Mapper extends Net_URL_Mapper +{ private static $_singleton = null; + private $_actionToPath = array(); private function __construct() { } - + public static function getInstance($id = '__default__') { if (empty(self::$_singleton)) { @@ -53,10 +55,47 @@ class StatusNet_URL_Mapper extends Net_URL_Mapper { $result = null; if (Event::handle('StartConnectPath', array(&$path, &$defaults, &$rules, &$result))) { $result = parent::connect($path, $defaults, $rules); + if (array_key_exists('action', $defaults)) { + $action = $defaults['action']; + } elseif (array_key_exists('action', $rules)) { + $action = $rules['action']; + } else { + $action = null; + } + $this->_mapAction($action, $result); Event::handle('EndConnectPath', array($path, $defaults, $rules, $result)); } return $result; } + + protected function _mapAction($action, $path) + { + if (!array_key_exists($action, $this->_actionToPath)) { + $this->_actionToPath[$action] = array(); + } + $this->_actionToPath[$action][] = $path; + return; + } + + public function generate($values = array(), $qstring = array(), $anchor = '') + { + if (!array_key_exists('action', $values)) { + return parent::generate($values, $qstring, $anchor); + } + + $action = $values['action']; + + if (!array_key_exists($action, $this->_actionToPath)) { + return parent::generate($values, $qstring, $anchor); + } + + $oldPaths = $this->paths; + $this->paths = $this->_actionToPath[$action]; + $result = parent::generate($values, $qstring, $anchor); + $this->paths = $oldPaths; + + return $result; + } } /** @@ -87,11 +126,43 @@ class Router function __construct() { - if (!$this->m) { - $this->m = $this->initialize(); + if (empty($this->m)) { + if (!common_config('router', 'cache')) { + $this->m = $this->initialize(); + } else { + $k = self::cacheKey(); + $c = Cache::instance(); + $m = $c->get($k); + if (!empty($m)) { + $this->m = $m; + } else { + $this->m = $this->initialize(); + $c->set($k, $this->m); + } + } } } + /** + * Create a unique hashkey for the router. + * + * The router's url map can change based on the version of the software + * you're running and the plugins that are enabled. To avoid having bad routes + * get stuck in the cache, the key includes a list of plugins and the software + * version. + * + * There can still be problems with a) differences in versions of the plugins and + * b) people running code between official versions, but these tend to be more + * sophisticated users who can grok what's going on and clear their caches. + * + * @return string cache key string that should uniquely identify a router + */ + + static function cacheKey() + { + return Cache::codeKey('router'); + } + function initialize() { $m = StatusNet_URL_Mapper::getInstance(); @@ -151,6 +222,8 @@ class Router array('action' => 'publicxrds')); $m->connect('.well-known/host-meta', array('action' => 'hostmeta')); + $m->connect('main/xrd', + array('action' => 'userxrd')); // these take a code @@ -221,10 +294,10 @@ class Router $m->connect('notice/new', array('action' => 'newnotice')); $m->connect('notice/new?replyto=:replyto', array('action' => 'newnotice'), - array('replyto' => '[A-Za-z0-9_-]+')); + array('replyto' => Nickname::DISPLAY_FMT)); $m->connect('notice/new?replyto=:replyto&inreplyto=:inreplyto', array('action' => 'newnotice'), - array('replyto' => '[A-Za-z0-9_-]+'), + array('replyto' => Nickname::DISPLAY_FMT), array('inreplyto' => '[0-9]+')); $m->connect('notice/:notice/file', @@ -248,7 +321,7 @@ class Router array('id' => '[0-9]+')); $m->connect('message/new', array('action' => 'newmessage')); - $m->connect('message/new?to=:to', array('action' => 'newmessage'), array('to' => '[A-Za-z0-9_-]+')); + $m->connect('message/new?to=:to', array('action' => 'newmessage'), array('to' => Nickname::DISPLAY_FMT)); $m->connect('message/:message', array('action' => 'showmessage'), array('message' => '[0-9]+')); @@ -279,7 +352,7 @@ class Router foreach (array('edit', 'join', 'leave', 'delete') as $v) { $m->connect('group/:nickname/'.$v, array('action' => $v.'group'), - array('nickname' => '[a-zA-Z0-9]+')); + array('nickname' => Nickname::DISPLAY_FMT)); $m->connect('group/:id/id/'.$v, array('action' => $v.'group'), array('id' => '[0-9]+')); @@ -288,20 +361,20 @@ class Router foreach (array('members', 'logo', 'rss', 'designsettings') as $n) { $m->connect('group/:nickname/'.$n, array('action' => 'group'.$n), - array('nickname' => '[a-zA-Z0-9]+')); + array('nickname' => Nickname::DISPLAY_FMT)); } $m->connect('group/:nickname/foaf', array('action' => 'foafgroup'), - array('nickname' => '[a-zA-Z0-9]+')); + array('nickname' => Nickname::DISPLAY_FMT)); $m->connect('group/:nickname/blocked', array('action' => 'blockedfromgroup'), - array('nickname' => '[a-zA-Z0-9]+')); + array('nickname' => Nickname::DISPLAY_FMT)); $m->connect('group/:nickname/makeadmin', array('action' => 'makeadmin'), - array('nickname' => '[a-zA-Z0-9]+')); + array('nickname' => Nickname::DISPLAY_FMT)); $m->connect('group/:id/id', array('action' => 'groupbyid'), @@ -309,7 +382,7 @@ class Router $m->connect('group/:nickname', array('action' => 'showgroup'), - array('nickname' => '[a-zA-Z0-9]+')); + array('nickname' => Nickname::DISPLAY_FMT)); $m->connect('group/', array('action' => 'groups')); $m->connect('group', array('action' => 'groups')); @@ -335,7 +408,7 @@ class Router $m->connect('api/statuses/friends_timeline/:id.:format', array('action' => 'ApiTimelineFriends', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/home_timeline.:format', @@ -344,7 +417,7 @@ class Router $m->connect('api/statuses/home_timeline/:id.:format', array('action' => 'ApiTimelineHome', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/user_timeline.:format', @@ -353,7 +426,7 @@ class Router $m->connect('api/statuses/user_timeline/:id.:format', array('action' => 'ApiTimelineUser', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/mentions.:format', @@ -362,7 +435,7 @@ class Router $m->connect('api/statuses/mentions/:id.:format', array('action' => 'ApiTimelineMentions', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/replies.:format', @@ -371,7 +444,7 @@ class Router $m->connect('api/statuses/replies/:id.:format', array('action' => 'ApiTimelineMentions', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json|rss|atom)')); $m->connect('api/statuses/retweeted_by_me.:format', @@ -392,7 +465,7 @@ class Router $m->connect('api/statuses/friends/:id.:format', array('action' => 'ApiUserFriends', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); $m->connect('api/statuses/followers.:format', @@ -401,17 +474,17 @@ class Router $m->connect('api/statuses/followers/:id.:format', array('action' => 'ApiUserFollowers', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); $m->connect('api/statuses/show.:format', array('action' => 'ApiStatusesShow', - 'format' => '(xml|json)')); + 'format' => '(xml|json|atom)')); $m->connect('api/statuses/show/:id.:format', array('action' => 'ApiStatusesShow', 'id' => '[0-9]+', - 'format' => '(xml|json)')); + 'format' => '(xml|json|atom)')); $m->connect('api/statuses/update.:format', array('action' => 'ApiStatusesUpdate', @@ -444,7 +517,7 @@ class Router $m->connect('api/users/show/:id.:format', array('action' => 'ApiUserShow', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); // direct messages @@ -482,12 +555,12 @@ class Router $m->connect('api/friendships/create/:id.:format', array('action' => 'ApiFriendshipsCreate', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); $m->connect('api/friendships/destroy/:id.:format', array('action' => 'ApiFriendshipsDestroy', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); // Social graph @@ -544,17 +617,17 @@ class Router $m->connect('api/favorites/:id.:format', array('action' => 'ApiTimelineFavorites', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json|rss|atom)')); $m->connect('api/favorites/create/:id.:format', array('action' => 'ApiFavoriteCreate', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); $m->connect('api/favorites/destroy/:id.:format', array('action' => 'ApiFavoriteDestroy', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); // blocks @@ -564,7 +637,7 @@ class Router $m->connect('api/blocks/create/:id.:format', array('action' => 'ApiBlockCreate', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); $m->connect('api/blocks/destroy.:format', @@ -573,7 +646,7 @@ class Router $m->connect('api/blocks/destroy/:id.:format', array('action' => 'ApiBlockDestroy', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); // help @@ -609,7 +682,7 @@ class Router $m->connect('api/statusnet/groups/timeline/:id.:format', array('action' => 'ApiTimelineGroup', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json|rss|atom)')); $m->connect('api/statusnet/groups/show.:format', @@ -618,12 +691,12 @@ class Router $m->connect('api/statusnet/groups/show/:id.:format', array('action' => 'ApiGroupShow', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); $m->connect('api/statusnet/groups/join.:format', array('action' => 'ApiGroupJoin', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); $m->connect('api/statusnet/groups/join/:id.:format', @@ -632,7 +705,7 @@ class Router $m->connect('api/statusnet/groups/leave.:format', array('action' => 'ApiGroupLeave', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); $m->connect('api/statusnet/groups/leave/:id.:format', @@ -649,7 +722,7 @@ class Router $m->connect('api/statusnet/groups/list/:id.:format', array('action' => 'ApiGroupList', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json|rss|atom)')); $m->connect('api/statusnet/groups/list_all.:format', @@ -662,7 +735,7 @@ class Router $m->connect('api/statusnet/groups/membership/:id.:format', array('action' => 'ApiGroupMembership', - 'id' => '[a-zA-Z0-9]+', + 'id' => Nickname::DISPLAY_FMT, 'format' => '(xml|json)')); $m->connect('api/statusnet/groups/create.:format', @@ -699,6 +772,13 @@ class Router $m->connect('api/oauth/authorize', array('action' => 'ApiOauthAuthorize')); + $m->connect('api/statusnet/app/service/:id.xml', + array('action' => 'ApiAtomService', + 'id' => Nickname::DISPLAY_FMT)); + + $m->connect('api/statusnet/app/service.xml', + array('action' => 'ApiAtomService')); + // Admin $m->connect('admin/site', array('action' => 'siteadminpanel')); @@ -727,8 +807,7 @@ class Router if (common_config('singleuser', 'enabled')) { - $user = User::singleUser(); - $nickname = $user->nickname; + $nickname = User::singleUserNickname(); foreach (array('subscriptions', 'subscribers', 'all', 'foaf', 'xrds', @@ -799,54 +878,54 @@ class Router 'replies', 'inbox', 'outbox', 'microsummary', 'hcard') as $a) { $m->connect(':nickname/'.$a, array('action' => $a), - array('nickname' => '[a-zA-Z0-9]{1,64}')); + array('nickname' => Nickname::DISPLAY_FMT)); } foreach (array('subscriptions', 'subscribers') as $a) { $m->connect(':nickname/'.$a.'/:tag', array('action' => $a), array('tag' => '[a-zA-Z0-9]+', - 'nickname' => '[a-zA-Z0-9]{1,64}')); + 'nickname' => Nickname::DISPLAY_FMT)); } foreach (array('rss', 'groups') as $a) { $m->connect(':nickname/'.$a, array('action' => 'user'.$a), - array('nickname' => '[a-zA-Z0-9]{1,64}')); + array('nickname' => Nickname::DISPLAY_FMT)); } foreach (array('all', 'replies', 'favorites') as $a) { $m->connect(':nickname/'.$a.'/rss', array('action' => $a.'rss'), - array('nickname' => '[a-zA-Z0-9]{1,64}')); + array('nickname' => Nickname::DISPLAY_FMT)); } $m->connect(':nickname/favorites', array('action' => 'showfavorites'), - array('nickname' => '[a-zA-Z0-9]{1,64}')); + array('nickname' => Nickname::DISPLAY_FMT)); $m->connect(':nickname/avatar/:size', array('action' => 'avatarbynickname'), array('size' => '(original|96|48|24)', - 'nickname' => '[a-zA-Z0-9]{1,64}')); + 'nickname' => Nickname::DISPLAY_FMT)); $m->connect(':nickname/tag/:tag/rss', array('action' => 'userrss'), - array('nickname' => '[a-zA-Z0-9]{1,64}'), + array('nickname' => Nickname::DISPLAY_FMT), array('tag' => '[\pL\pN_\-\.]{1,64}')); $m->connect(':nickname/tag/:tag', array('action' => 'showstream'), - array('nickname' => '[a-zA-Z0-9]{1,64}'), + array('nickname' => Nickname::DISPLAY_FMT), array('tag' => '[\pL\pN_\-\.]{1,64}')); $m->connect(':nickname/rsd.xml', array('action' => 'rsd'), - array('nickname' => '[a-zA-Z0-9]{1,64}')); + array('nickname' => Nickname::DISPLAY_FMT)); $m->connect(':nickname', array('action' => 'showstream'), - array('nickname' => '[a-zA-Z0-9]{1,64}')); + array('nickname' => Nickname::DISPLAY_FMT)); } // user stuff diff --git a/lib/search_engines.php b/lib/search_engines.php index 332db3f89..19703e03f 100644 --- a/lib/search_engines.php +++ b/lib/search_engines.php @@ -52,10 +52,10 @@ class MySQLSearch extends SearchEngine { if ('profile' === $this->table) { $this->target->whereAdd('MATCH(nickname, fullname, location, bio, homepage) ' . - 'AGAINST (\''.addslashes($q).'\' IN BOOLEAN MODE)'); + 'AGAINST (\''.$this->target->escape($q).'\' IN BOOLEAN MODE)'); if (strtolower($q) != $q) { $this->target->whereAdd('MATCH(nickname, fullname, location, bio, homepage) ' . - 'AGAINST (\''.addslashes(strtolower($q)).'\' IN BOOLEAN MODE)', 'OR'); + 'AGAINST (\''.$this->target->escape(strtolower($q)).'\' IN BOOLEAN MODE)', 'OR'); } return true; } else if ('notice' === $this->table) { @@ -64,13 +64,13 @@ class MySQLSearch extends SearchEngine $this->target->whereAdd('notice.is_local != ' . Notice::GATEWAY); if (strtolower($q) != $q) { - $this->target->whereAdd("( MATCH(content) AGAINST ('" . addslashes($q) . + $this->target->whereAdd("( MATCH(content) AGAINST ('" . $this->target->escape($q) . "' IN BOOLEAN MODE)) OR ( MATCH(content) " . - "AGAINST ('" . addslashes(strtolower($q)) . + "AGAINST ('" . $this->target->escape(strtolower($q)) . "' IN BOOLEAN MODE))"); } else { $this->target->whereAdd('MATCH(content) ' . - 'AGAINST (\''.addslashes($q).'\' IN BOOLEAN MODE)'); + 'AGAINST (\''.$this->target->escape($q).'\' IN BOOLEAN MODE)'); } return true; @@ -89,9 +89,9 @@ class MySQLLikeSearch extends SearchEngine ' fullname LIKE "%%%1$s%%" OR '. ' location LIKE "%%%1$s%%" OR '. ' bio LIKE "%%%1$s%%" OR '. - ' homepage LIKE "%%%1$s%%")', addslashes($q)); + ' homepage LIKE "%%%1$s%%")', $this->target->escape($q, true)); } else if ('notice' === $this->table) { - $qry = sprintf('content LIKE "%%%1$s%%"', addslashes($q)); + $qry = sprintf('content LIKE "%%%1$s%%"', $this->target->escape($q, true)); } else { throw new ServerException('Unknown table: ' . $this->table); } @@ -107,12 +107,12 @@ class PGSearch extends SearchEngine function query($q) { if ('profile' === $this->table) { - return $this->target->whereAdd('textsearch @@ plainto_tsquery(\''.addslashes($q).'\')'); + return $this->target->whereAdd('textsearch @@ plainto_tsquery(\''.$this->target->escape($q).'\')'); } else if ('notice' === $this->table) { // XXX: We need to filter out gateway notices (notice.is_local = -2) --Zach - return $this->target->whereAdd('to_tsvector(\'english\', content) @@ plainto_tsquery(\''.addslashes($q).'\')'); + return $this->target->whereAdd('to_tsvector(\'english\', content) @@ plainto_tsquery(\''.$this->target->escape($q).'\')'); } else { throw new ServerException('Unknown table: ' . $this->table); } diff --git a/lib/statusnet.php b/lib/statusnet.php index d94d856c9..4c2aacd8f 100644 --- a/lib/statusnet.php +++ b/lib/statusnet.php @@ -396,7 +396,11 @@ class StatusNet static function isHTTPS() { // There are some exceptions to this; add them here! - return !empty($_SERVER['HTTPS']); + if(empty($_SERVER['HTTPS'])) { + return false; + } else { + return $_SERVER['HTTPS'] !== 'off'; + } } } diff --git a/lib/theme.php b/lib/theme.php index 95b7c1de4..5caa046c2 100644 --- a/lib/theme.php +++ b/lib/theme.php @@ -51,7 +51,6 @@ if (!defined('STATUSNET') && !defined('LACONICA')) { * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ - class Theme { var $name = null; @@ -65,14 +64,14 @@ class Theme * * @param string $name Name of the theme; defaults to config value */ - function __construct($name=null) { if (empty($name)) { $name = common_config('site', 'theme'); } if (!self::validName($name)) { - throw new ServerException("Invalid theme name."); + // TRANS: Server exception displayed if a theme name was invalid. + throw new ServerException(_('Invalid theme name.')); } $this->name = $name; @@ -95,7 +94,6 @@ class Theme $fulldir = $instroot.'/'.$name; if (file_exists($fulldir) && is_dir($fulldir)) { - $this->dir = $fulldir; $this->path = $this->relativeThemePath('theme', 'theme', $name); } @@ -113,11 +111,9 @@ class Theme * * @todo consolidate code with that for other customizable paths */ - protected function relativeThemePath($group, $fallbackSubdir, $name) { if (StatusNet::isHTTPS()) { - $sslserver = common_config($group, 'sslserver'); if (empty($sslserver)) { @@ -140,9 +136,7 @@ class Theme } $protocol = 'https'; - } else { - $path = common_config($group, 'path'); if (empty($path)) { @@ -179,7 +173,6 @@ class Theme * * @return string full pathname, like /var/www/mublog/theme/default/logo.png */ - function getFile($relative) { return $this->dir.'/'.$relative; @@ -192,7 +185,6 @@ class Theme * * @return string full URL, like 'http://example.com/theme/default/logo.png' */ - function getPath($relative) { return $this->path.'/'.$relative; @@ -258,7 +250,6 @@ class Theme * * @return string File path to the theme file */ - static function file($relative, $name=null) { $theme = new Theme($name); @@ -273,7 +264,6 @@ class Theme * * @return string URL of the file */ - static function path($relative, $name=null) { $theme = new Theme($name); @@ -285,7 +275,6 @@ class Theme * * @return array list of available theme names */ - static function listAvailable() { $local = self::subdirsOf(self::localRoot()); @@ -305,7 +294,6 @@ class Theme * * @return array relative filenames of subdirs, or empty array */ - protected static function subdirsOf($dir) { $subdirs = array(); @@ -330,7 +318,6 @@ class Theme * * @return string local root dir for themes */ - protected static function localRoot() { $basedir = common_config('local', 'dir'); @@ -347,7 +334,6 @@ class Theme * * @return string root dir for StatusNet themes */ - protected static function installRoot() { $instroot = common_config('theme', 'dir'); diff --git a/lib/userprofile.php b/lib/userprofile.php index ca060842b..2813f735e 100644 --- a/lib/userprofile.php +++ b/lib/userprofile.php @@ -98,6 +98,10 @@ class UserProfile extends Widget if (Event::handle('StartProfilePageAvatar', array($this->out, $this->profile))) { $avatar = $this->profile->getAvatar(AVATAR_PROFILE_SIZE); + if (!$avatar) { + // hack for remote Twitter users: no 96px, but large Twitter size is 73px + $avatar = $this->profile->getAvatar(73); + } $this->out->elementStart('dl', 'entity_depiction'); $this->out->element('dt', null, _('Photo')); @@ -109,10 +113,8 @@ class UserProfile extends Widget 'alt' => $this->profile->nickname)); $this->out->elementEnd('dd'); - $user = User::staticGet('id', $this->profile->id); - $cur = common_current_user(); - if ($cur && $cur->id == $user->id) { + if ($cur && $cur->id == $this->profile->id) { $this->out->elementStart('dd'); $this->out->element('a', array('href' => common_local_url('avatarsettings')), _('Edit Avatar')); $this->out->elementEnd('dd'); @@ -278,7 +280,7 @@ class UserProfile extends Widget } $this->out->elementEnd('li'); - if ($cur->mutuallySubscribed($this->user)) { + if ($cur->mutuallySubscribed($this->profile)) { // message @@ -290,7 +292,7 @@ class UserProfile extends Widget // nudge - if ($this->user->email && $this->user->emailnotifynudge) { + if ($this->user && $this->user->email && $this->user->emailnotifynudge) { $this->out->elementStart('li', 'entity_nudge'); $nf = new NudgeForm($this->out, $this->user); $nf->show(); @@ -319,6 +321,9 @@ class UserProfile extends Widget } $this->out->elementEnd('li'); + // Some actions won't be applicable to non-local users. + $isLocal = !empty($this->user); + if ($cur->hasRight(Right::SANDBOXUSER) || $cur->hasRight(Right::SILENCEUSER) || $cur->hasRight(Right::DELETEUSER)) { @@ -327,7 +332,7 @@ class UserProfile extends Widget $this->out->elementStart('ul'); if ($cur->hasRight(Right::SANDBOXUSER)) { $this->out->elementStart('li', 'entity_sandbox'); - if ($this->user->isSandboxed()) { + if ($this->profile->isSandboxed()) { $usf = new UnSandboxForm($this->out, $this->profile, $r2args); $usf->show(); } else { @@ -339,7 +344,7 @@ class UserProfile extends Widget if ($cur->hasRight(Right::SILENCEUSER)) { $this->out->elementStart('li', 'entity_silence'); - if ($this->user->isSilenced()) { + if ($this->profile->isSilenced()) { $usf = new UnSilenceForm($this->out, $this->profile, $r2args); $usf->show(); } else { @@ -349,7 +354,7 @@ class UserProfile extends Widget $this->out->elementEnd('li'); } - if ($cur->hasRight(Right::DELETEUSER)) { + if ($isLocal && $cur->hasRight(Right::DELETEUSER)) { $this->out->elementStart('li', 'entity_delete'); $df = new DeleteUserForm($this->out, $this->profile, $r2args); $df->show(); @@ -359,7 +364,7 @@ class UserProfile extends Widget $this->out->elementEnd('li'); } - if ($cur->hasRight(Right::GRANTROLE)) { + if ($isLocal && $cur->hasRight(Right::GRANTROLE)) { $this->out->elementStart('li', 'entity_role'); $this->out->element('p', null, _('User role')); $this->out->elementStart('ul'); @@ -387,7 +392,7 @@ class UserProfile extends Widget $r2args['action'] = $action; $this->out->elementStart('li', "entity_role_$role"); - if ($this->user->hasRole($role)) { + if ($this->profile->hasRole($role)) { $rf = new RevokeRoleForm($role, $label, $this->out, $this->profile, $r2args); $rf->show(); } else { diff --git a/lib/util.php b/lib/util.php index 1d4f5a549..3d4adcf4b 100644 --- a/lib/util.php +++ b/lib/util.php @@ -533,14 +533,29 @@ function common_user_cache_hash($user=false) } } -// get canonical version of nickname for comparison +/** + * get canonical version of nickname for comparison + * + * @param string $nickname + * @return string + * + * @throws NicknameException on invalid input + * @deprecated call Nickname::normalize() directly. + */ function common_canonical_nickname($nickname) { - // XXX: UTF-8 canonicalization (like combining chars) - return strtolower($nickname); + return Nickname::normalize($nickname); } -// get canonical version of email for comparison +/** + * get canonical version of email for comparison + * + * @fixme actually normalize + * @fixme reject invalid input + * + * @param string $email + * @return string + */ function common_canonical_email($email) { // XXX: canonicalize UTF-8 @@ -548,15 +563,33 @@ function common_canonical_email($email) return $email; } +/** + * Partial notice markup rendering step: build links to !group references. + * + * @param string $text partially rendered HTML + * @param Notice $notice in whose context we're working + * @return string partially rendered HTML + */ function common_render_content($text, $notice) { $r = common_render_text($text); $id = $notice->profile_id; $r = common_linkify_mentions($r, $notice); - $r = preg_replace('/(^|[\s\.\,\:\;]+)!([A-Za-z0-9]{1,64})/e', "'\\1!'.common_group_link($id, '\\2')", $r); + $r = preg_replace('/(^|[\s\.\,\:\;]+)!(' . Nickname::DISPLAY_FMT . ')/e', + "'\\1!'.common_group_link($id, '\\2')", $r); return $r; } +/** + * Finds @-mentions within the partially-rendered text section and + * turns them into live links. + * + * Should generally not be called except from common_render_content(). + * + * @param string $text partially-rendered HTML + * @param Notice $notice in-progress or complete Notice object for context + * @return string partially-rendered HTML + */ function common_linkify_mentions($text, $notice) { $mentions = common_find_mentions($text, $notice); @@ -613,6 +646,21 @@ function common_linkify_mention($mention) return $output; } +/** + * Find @-mentions in the given text, using the given notice object as context. + * References will be resolved with common_relative_profile() against the user + * who posted the notice. + * + * Note the return data format is internal, to be used for building links and + * such. Should not be used directly; rather, call common_linkify_mentions(). + * + * @param string $text + * @param Notice $notice notice in whose context we're building links + * + * @return array + * + * @access private + */ function common_find_mentions($text, $notice) { $mentions = array(); @@ -647,20 +695,15 @@ function common_find_mentions($text, $notice) } } - preg_match_all('/^T ([A-Z0-9]{1,64}) /', - $text, - $tmatches, - PREG_OFFSET_CAPTURE); - - preg_match_all('/(?:^|\s+)@(['.NICKNAME_FMT.']{1,64})/', - $text, - $atmatches, - PREG_OFFSET_CAPTURE); - - $matches = array_merge($tmatches[1], $atmatches[1]); + $matches = common_find_mentions_raw($text); foreach ($matches as $match) { - $nickname = common_canonical_nickname($match[0]); + try { + $nickname = Nickname::normalize($match[0]); + } catch (NicknameException $e) { + // Bogus match? Drop it. + continue; + } // Try to get a profile for this nickname. // Start with conversation context, then go to @@ -726,6 +769,31 @@ function common_find_mentions($text, $notice) return $mentions; } +/** + * Does the actual regex pulls to find @-mentions in text. + * Should generally not be called directly; for use in common_find_mentions. + * + * @param string $text + * @return array of PCRE match arrays + */ +function common_find_mentions_raw($text) +{ + $tmatches = array(); + preg_match_all('/^T (' . Nickname::DISPLAY_FMT . ') /', + $text, + $tmatches, + PREG_OFFSET_CAPTURE); + + $atmatches = array(); + preg_match_all('/(?:^|\s+)@(' . Nickname::DISPLAY_FMT . ')\b/', + $text, + $atmatches, + PREG_OFFSET_CAPTURE); + + $matches = array_merge($tmatches[1], $atmatches[1]); + return $matches; +} + function common_render_text($text) { $r = htmlspecialchars($text); @@ -737,7 +805,14 @@ function common_render_text($text) return $r; } -function common_replace_urls_callback($text, $callback, $notice_id = null) { +/** + * Find links in the given text and pass them to the given callback function. + * + * @param string $text + * @param function($text, $arg) $callback: return replacement text + * @param mixed $arg: optional argument will be passed on to the callback + */ +function common_replace_urls_callback($text, $callback, $arg = null) { // Start off with a regex $regex = '#'. '(?:^|[\s\<\>\(\)\[\]\{\}\\\'\\\";]+)(?![\@\!\#])'. @@ -778,10 +853,21 @@ function common_replace_urls_callback($text, $callback, $notice_id = null) { '#ixu'; //preg_match_all($regex,$text,$matches); //print_r($matches); - return preg_replace_callback($regex, curry('callback_helper',$callback,$notice_id) ,$text); + return preg_replace_callback($regex, curry('callback_helper',$callback,$arg) ,$text); } -function callback_helper($matches, $callback, $notice_id) { +/** + * Intermediate callback for common_replace_links(), helps resolve some + * ambiguous link forms before passing on to the final callback. + * + * @param array $matches + * @param callable $callback + * @param mixed $arg optional argument to pass on as second param to callback + * @return string + * + * @access private + */ +function callback_helper($matches, $callback, $arg=null) { $url=$matches[1]; $left = strpos($matches[0],$url); $right = $left+strlen($url); @@ -824,11 +910,7 @@ function callback_helper($matches, $callback, $notice_id) { } }while($original_url!=$url); - if(empty($notice_id)){ - $result = call_user_func_array($callback, array($url)); - }else{ - $result = call_user_func_array($callback, array(array($url,$notice_id)) ); - } + $result = call_user_func_array($callback, array($url, $arg)); return substr($matches[0],0,$left) . $result . substr($matches[0],$right); } @@ -864,7 +946,7 @@ function common_linkify($url) { $canon = File_redirection::_canonUrl($url); - $longurl_data = File_redirection::where($canon); + $longurl_data = File_redirection::where($canon, common_config('attachments', 'process_links')); if (is_array($longurl_data)) { $longurl = $longurl_data['url']; } elseif (is_string($longurl_data)) { @@ -888,12 +970,14 @@ function common_linkify($url) { $f = File::staticGet('url', $longurl); if (empty($f)) { - // XXX: this writes to the database. :< - $f = File::processNew($longurl); + if (common_config('attachments', 'process_links')) { + // XXX: this writes to the database. :< + $f = File::processNew($longurl); + } } if (!empty($f)) { - if ($f->getEnclosure() || File_oembed::staticGet('file_id',$f->id)) { + if ($f->getEnclosure()) { $is_attachment = true; $attachment_id = $f->id; @@ -926,7 +1010,23 @@ function common_linkify($url) { return XMLStringer::estring('a', $attrs, $url); } -function common_shorten_links($text, $always = false) +/** + * Find and shorten links in a given chunk of text if it's longer than the + * configured notice content limit (or unconditionally). + * + * Side effects: may save file and file_redirection records for referenced URLs. + * + * Pass the $user option or call $user->shortenLinks($text) to ensure the proper + * user's options are used; otherwise the current web session user's setitngs + * will be used or ur1.ca if there is no active web login. + * + * @param string $text + * @param boolean $always (optional) + * @param User $user (optional) + * + * @return string + */ +function common_shorten_links($text, $always = false, User $user=null) { common_debug("common_shorten_links() called"); @@ -938,10 +1038,10 @@ function common_shorten_links($text, $always = false) if ($always || mb_strlen($text) > $maxLength) { common_debug("Forcing shortening"); - return common_replace_urls_callback($text, array('File_redirection', 'forceShort')); + return common_replace_urls_callback($text, array('File_redirection', 'forceShort'), $user); } else { common_debug("Not forcing shortening"); - return common_replace_urls_callback($text, array('File_redirection', 'makeShort')); + return common_replace_urls_callback($text, array('File_redirection', 'makeShort'), $user); } } @@ -1003,9 +1103,9 @@ function common_tag_link($tag) $canonical = common_canonical_tag($tag); if (common_config('singleuser', 'enabled')) { // regular TagAction isn't set up in 1user mode - $user = User::singleUser(); + $nickname = User::singleUserNickname(); $url = common_local_url('showstream', - array('nickname' => $user->nickname, + array('nickname' => $nickname, 'tag' => $canonical)); } else { $url = common_local_url('tag', array('tag' => $canonical)); @@ -1030,6 +1130,13 @@ function common_valid_profile_tag($str) return preg_match('/^[A-Za-z0-9_\-\.]{1,64}$/', $str); } +/** + * + * @param <type> $sender_id + * @param <type> $nickname + * @return <type> + * @access private + */ function common_group_link($sender_id, $nickname) { $sender = Profile::staticGet($sender_id); @@ -1052,13 +1159,37 @@ function common_group_link($sender_id, $nickname) } } +/** + * Resolve an ambiguous profile nickname reference, checking in following order: + * - profiles that $sender subscribes to + * - profiles that subscribe to $sender + * - local user profiles + * + * WARNING: does not validate or normalize $nickname -- MUST BE PRE-VALIDATED + * OR THERE MAY BE A RISK OF SQL INJECTION ATTACKS. THIS FUNCTION DOES NOT + * ESCAPE SQL. + * + * @fixme validate input + * @fixme escape SQL + * @fixme fix or remove mystery third parameter + * @fixme is $sender a User or Profile? + * + * @param <type> $sender the user or profile in whose context we're looking + * @param string $nickname validated nickname of + * @param <type> $dt unused mystery parameter; in Notice reply-to handling a timestamp is passed. + * + * @return Profile or null + */ function common_relative_profile($sender, $nickname, $dt=null) { + // Will throw exception on invalid input. + $nickname = Nickname::normalize($nickname); + // Try to find profiles this profile is subscribed to that have this nickname $recipient = new Profile(); // XXX: use a join instead of a subquery - $recipient->whereAdd('EXISTS (SELECT subscribed from subscription where subscriber = '.$sender->id.' and subscribed = id)', 'AND'); - $recipient->whereAdd("nickname = '" . trim($nickname) . "'", 'AND'); + $recipient->whereAdd('EXISTS (SELECT subscribed from subscription where subscriber = '.intval($sender->id).' and subscribed = id)', 'AND'); + $recipient->whereAdd("nickname = '" . $recipient->escape($nickname) . "'", 'AND'); if ($recipient->find(true)) { // XXX: should probably differentiate between profiles with // the same name by date of most recent update @@ -1067,8 +1198,8 @@ function common_relative_profile($sender, $nickname, $dt=null) // Try to find profiles that listen to this profile and that have this nickname $recipient = new Profile(); // XXX: use a join instead of a subquery - $recipient->whereAdd('EXISTS (SELECT subscriber from subscription where subscribed = '.$sender->id.' and subscriber = id)', 'AND'); - $recipient->whereAdd("nickname = '" . trim($nickname) . "'", 'AND'); + $recipient->whereAdd('EXISTS (SELECT subscriber from subscription where subscribed = '.intval($sender->id).' and subscriber = id)', 'AND'); + $recipient->whereAdd("nickname = '" . $recipient->escape($nickname) . "'", 'AND'); if ($recipient->find(true)) { // XXX: should probably differentiate between profiles with // the same name by date of most recent update @@ -1512,6 +1643,7 @@ function common_request_id() function common_log($priority, $msg, $filename=null) { if(Event::handle('StartLog', array(&$priority, &$msg, &$filename))){ + $msg = (empty($filename)) ? $msg : basename($filename) . ' - ' . $msg; $msg = '[' . common_request_id() . '] ' . $msg; $logfile = common_config('site', 'logfile'); if ($logfile) { @@ -1923,15 +2055,13 @@ function common_database_tablename($tablename) * or ur1.ca if configured, or not at all if no shortening is set up. * * @param string $long_url original URL + * @param User $user to specify a particular user's options * @param boolean $force Force shortening (used when notice is too long) - * * @return string may return the original URL if shortening failed * * @fixme provide a way to specify a particular shortener - * @fixme provide a way to specify to use a given user's shortening preferences */ - -function common_shorten_url($long_url, $force = false) +function common_shorten_url($long_url, User $user=null, $force = false) { common_debug("Shortening URL '$long_url' (force = $force)"); diff --git a/lib/xrdaction.php b/lib/xrdaction.php new file mode 100644 index 000000000..43826b32b --- /dev/null +++ b/lib/xrdaction.php @@ -0,0 +1,135 @@ +<?php +/* + * StatusNet - the distributed open-source microblogging tool + * Copyright (C) 2010, StatusNet, Inc. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + */ + +/** + * @package OStatusPlugin + * @maintainer James Walker <james@status.net> + */ + +if (!defined('STATUSNET')) { + exit(1); +} + +class XrdAction extends Action +{ + const PROFILEPAGE = 'http://webfinger.net/rel/profile-page'; + const UPDATESFROM = 'http://schemas.google.com/g/2010#updates-from'; + const HCARD = 'http://microformats.org/profile/hcard'; + + public $uri; + + public $user; + + public $xrd; + + function handle() + { + $nick = $this->user->nickname; + $profile = $this->user->getProfile(); + + if (empty($this->xrd)) { + $xrd = new XRD(); + } else { + $xrd = $this->xrd; + } + + if (empty($xrd->subject)) { + $xrd->subject = self::normalize($this->uri); + } + + if (Event::handle('StartXrdActionAliases', array(&$xrd, $this->user))) { + + // Possible aliases for the user + + $uris = array($this->user->uri, $profile->profileurl); + + // FIXME: Webfinger generation code should live somewhere on its own + + $path = common_config('site', 'path'); + + if (empty($path)) { + $uris[] = sprintf('acct:%s@%s', $nick, common_config('site', 'server')); + } + + foreach ($uris as $uri) { + if ($uri != $xrd->subject) { + $xrd->alias[] = $uri; + } + } + + Event::handle('EndXrdActionAliases', array(&$xrd, $this->user)); + } + + if (Event::handle('StartXrdActionLinks', array(&$xrd, $this->user))) { + + $xrd->links[] = array('rel' => self::PROFILEPAGE, + 'type' => 'text/html', + 'href' => $profile->profileurl); + + // hCard + $xrd->links[] = array('rel' => self::HCARD, + 'type' => 'text/html', + 'href' => common_local_url('hcard', array('nickname' => $nick))); + + // XFN + $xrd->links[] = array('rel' => 'http://gmpg.org/xfn/11', + 'type' => 'text/html', + 'href' => $profile->profileurl); + // FOAF + $xrd->links[] = array('rel' => 'describedby', + 'type' => 'application/rdf+xml', + 'href' => common_local_url('foaf', + array('nickname' => $nick))); + + + Event::handle('EndXrdActionLinks', array(&$xrd, $this->user)); + } + + + header('Content-type: application/xrd+xml'); + print $xrd->toXML(); + } + + /** + * Given a "user id" make sure it's normalized to either a webfinger + * acct: uri or a profile HTTP URL. + */ + + public static function normalize($user_id) + { + if (substr($user_id, 0, 5) == 'http:' || + substr($user_id, 0, 6) == 'https:' || + substr($user_id, 0, 5) == 'acct:') { + return $user_id; + } + + if (strpos($user_id, '@') !== FALSE) { + return 'acct:' . $user_id; + } + + return 'http://' . $user_id; + } + + public static function isWebfinger($user_id) + { + $uri = self::normalize($user_id); + + return (substr($uri, 0, 5) == 'acct:'); + } +} |