6 files changed, 70 insertions, 12 deletions

diff --git a/plugins/Facebook/facebookutil.php b/plugins/Facebook/facebookutil.php
index 83664995a..ab2d42726 100644
--- a/plugins/Facebook/facebookutil.php
+++ b/plugins/Facebook/facebookutil.php
@@ -104,9 +104,13 @@ function facebookBroadcastNotice($notice)
 
             $status = "$prefix $notice->content";
 
+            common_debug("FacebookPlugin - checking for publish_stream permission for user $user->id");
+
             $can_publish = $facebook->api_client->users_hasAppPermission('publish_stream',
                                                                          $fbuid);
 
+            common_debug("FacebookPlugin - checking for status_update permission for user $user->id");
+
             $can_update  = $facebook->api_client->users_hasAppPermission('status_update',
                                                                          $fbuid);
             if (!empty($attachments) && $can_publish == 1) {
@@ -114,15 +118,15 @@ function facebookBroadcastNotice($notice)
                 $facebook->api_client->stream_publish($status, $fbattachment,
                                                       null, null, $fbuid);
                 common_log(LOG_INFO,
-                           "Posted notice $notice->id w/attachment " .
+                           "FacebookPlugin - Posted notice $notice->id w/attachment " .
                            "to Facebook user's stream (fbuid = $fbuid).");
             } elseif ($can_update == 1 || $can_publish == 1) {
                 $facebook->api_client->users_setStatus($status, $fbuid, false, true);
                 common_log(LOG_INFO,
-                           "Posted notice $notice->id to Facebook " .
+                           "FacebookPlugin - Posted notice $notice->id to Facebook " .
                            "as a status update (fbuid = $fbuid).");
             } else {
-                $msg = "Not sending notice $notice->id to Facebook " .
+                $msg = "FacebookPlugin - Not sending notice $notice->id to Facebook " .
                   "because user $user->nickname hasn't given the " .
                   'Facebook app \'status_update\' or \'publish_stream\' permission.';
                 common_log(LOG_WARNING, $msg);
@@ -138,7 +142,7 @@ function facebookBroadcastNotice($notice)
 
             $code = $e->getCode();
 
-            $msg = "Facebook returned error code $code: " .
+            $msg = "FacebookPlugin - Facebook returned error code $code: " .
               $e->getMessage() . ' - ' .
               "Unable to update Facebook status (notice $notice->id) " .
               "for $user->nickname (user id: $user->id)!";
diff --git a/plugins/OStatus/lib/discoveryhints.php b/plugins/OStatus/lib/discoveryhints.php
index ca54a0f5f..34c9be277 100644
--- a/plugins/OStatus/lib/discoveryhints.php
+++ b/plugins/OStatus/lib/discoveryhints.php
@@ -84,7 +84,7 @@ class DiscoveryHints {
             $hints['fullname'] = implode(' ', $hcard['n']);
         }
 
-        if (array_key_exists('photo', $hcard)) {
+        if (array_key_exists('photo', $hcard) && count($hcard['photo'])) {
             $hints['avatar'] = $hcard['photo'][0];
         }
 
diff --git a/plugins/RequireValidatedEmail/README b/plugins/RequireValidatedEmail/README
index 46ee24d5f..84b1485b2 100644
--- a/plugins/RequireValidatedEmail/README
+++ b/plugins/RequireValidatedEmail/README
@@ -12,6 +12,20 @@ registered prior to that timestamp.
   addPlugin('RequireValidatedEmail',
             array('grandfatherCutoff' => 'Dec 7, 2009');
 
+You can also exclude the validation checks from OpenID accounts
+connected to a trusted provider, by providing a list of regular
+expressions to match their provider URLs.
+
+For example, to trust WikiHow and Wikipedia users:
+
+  addPlugin('RequireValidatedEmailPlugin', array(
+     'trustedOpenIDs' => array(
+         '!^http://\w+\.wikihow\.com/!',
+         '!^http://\w+\.wikipedia\.org/!',
+     ),
+  ));
+
+
 
 Todo:
 * add a more visible indicator that validation is still outstanding
diff --git a/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php b/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php
index ccefa14f6..009a2f78e 100644
--- a/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php
+++ b/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php
@@ -37,6 +37,20 @@ class RequireValidatedEmailPlugin extends Plugin
     // without the validation requirement.
     public $grandfatherCutoff=null;
 
+    // If OpenID plugin is installed, users with a verified OpenID
+    // association whose provider URL matches one of these regexes
+    // will be considered to be sufficiently valid for our needs.
+    //
+    // For example, to trust WikiHow and Wikipedia OpenID users:
+    //
+    // addPlugin('RequireValidatedEmailPlugin', array(
+    //    'trustedOpenIDs' => array(
+    //        '!^http://\w+\.wikihow\.com/!',
+    //        '!^http://\w+\.wikipedia\.org/!',
+    //    ),
+    // ));
+    public $trustedOpenIDs=array();
+
     function __construct()
     {
         parent::__construct();
@@ -90,13 +104,17 @@ class RequireValidatedEmailPlugin extends Plugin
      */
     protected function validated($user)
     {
-        if ($this->grandfathered($user)) {
-            return true;
-        }
-
         // The email field is only stored after validation...
         // Until then you'll find them in confirm_address.
-        return !empty($user->email);
+        $knownGood = !empty($user->email) ||
+                     $this->grandfathered($user) ||
+                     $this->hasTrustedOpenID($user);
+
+        // Give other plugins a chance to override, if they can validate
+        // that somebody's ok despite a non-validated email.
+        Event::handle('RequireValidatedEmailPlugin_Override', array($user, &$knownGood));
+
+        return $knownGood;
     }
 
     /**
@@ -118,6 +136,28 @@ class RequireValidatedEmailPlugin extends Plugin
         return false;
     }
 
+    /**
+     * Override for RequireValidatedEmail plugin. If we have a user who's
+     * not validated an e-mail, but did come from a trusted provider,
+     * we'll consider them ok.
+     */
+    function hasTrustedOpenID($user)
+    {
+        if ($this->trustedOpenIDs && class_exists('User_openid')) {
+            foreach ($this->trustedOpenIDs as $regex) {
+                $oid = new User_openid();
+                $oid->user_id = $user->id;
+                $oid->find();
+                while ($oid->fetch()) {
+                    if (preg_match($regex, $oid->canonical)) {
+                        return true;
+                    }
+                }
+            }
+        }
+        return false;
+    }
+
     function onPluginVersion(&$versions)
     {
         $versions[] = array('name' => 'Require Validated Email',
diff --git a/plugins/UserFlag/clearflag.php b/plugins/UserFlag/clearflag.php
index bd6732e2d..f032527ed 100644
--- a/plugins/UserFlag/clearflag.php
+++ b/plugins/UserFlag/clearflag.php
@@ -81,7 +81,7 @@ class ClearflagAction extends ProfileFormAction
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $this->handlePost();
             if (!$this->boolean('ajax')) {
-                $this->returnToArgs();
+                $this->returnToPrevious();
             }
         }
     }
diff --git a/plugins/UserFlag/flagprofile.php b/plugins/UserFlag/flagprofile.php
index 2d0f0abb9..018c1e8ac 100644
--- a/plugins/UserFlag/flagprofile.php
+++ b/plugins/UserFlag/flagprofile.php
@@ -87,7 +87,7 @@ class FlagprofileAction extends ProfileFormAction
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             $this->handlePost();
             if (!$this->boolean('ajax')) {
-                $this->returnToArgs();
+                $this->returnToPrevious();
             }
         }
     }