| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Conflicts:
boot.php
include/dba/dba_driver.php
include/diaspora.php
include/follow.php
include/session.php
include/zot.php
mod/photos.php
mod/ping.php
|
| |
| |
| |
| |
| | |
Add some more Doxygen formating for boot.php and dba_driver.php.
Cleaning a bit up, too.
|
| |
| |
| |
| | |
places we need it but validate it anyway
|
| |
| |
| |
| | |
other types of forums or weird custom channel permissions. If the channel is auto-accept and taggable, it's a public forum.
|
| |
| |
| |
| | |
yourself
|
| |
| |
| |
| | |
view. Still need a button or setting to enable "unsafe viewing". This has no effect anywhere but in the album views. They can still be viewed by flipping through the individual photos with 'prev' and 'next'. We probably need a comprehensive strategy for how to deal with n-s-f-w photos in albums so consider this a band-aid which requires additional work and integration with other facilities which access these photos. It is entirely optional.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
the default connection permissions for those who don't have a predefined (or therefore have a "custom") permissions role. Unfortunately this includes most people that were using this software more than a month ago. The real changes are that the SELF address book entry no longer holds "auto-permissions" but instead holds your "default permissions" (if you have a pre-defined role, the defaults will be pulled from the role table).
The auto permissions have moved to a pconfig (uid.system.autoperms). A DB update will move these settings into their new homes.
What used to be the "Auto-permissions settings" page is now the "default permissions settings" page and a checkbox therein decides whether or not to apply the permissions automatically. A link to this page will only be shown when you have the "custom" role selected.
With luck nobody will notice anything wrong. But at least for the next few days, please review permissions that have been assigned to new connections (either automatically or manually) and make sure they make sense (e.g. they aren't "nothing"). You still need to take action when seeing a message "permissions have changed but not yet submitted" as we always let you review and perhaps adjust the settings _before_ a connection is established (unless you have autoperms turned on).
|
| | |
|
| |
| |
| |
| |
| |
| | |
that a directory is returning something in find_upstream_directory()
since this was spotted by a new install who thought *they* were
broken.
|
| |
| |
| |
| | |
no results.
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There were 11 main types of changes:
- UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but
it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just
copied from Friendica. All of these instances, the LIMIT 1 was simply removed.
- Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit
integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice
to boot). Proper explicit boolean conversions were added. New queries should use proper conventions.
- MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_
func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There
were no true toggles (XOR). New queries should refrain from using XOR when not necessary.
- There are several fields which the schema has marked as NOT NULL, but the inserts don't specify
them. The reason this works is because mysql totally ignores the constraint and adds an empty text
default automatically. Again, non-compliant, obviously. In these cases a default of empty text was
added.
- Several statements rely on a non-standard MySQL feature
(http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten
to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run
a zillion times faster, even on MySQL.
- A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG,
UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_
- INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes
around the value -- assist functions added in the dba_
- NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such
thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are
handled in Zot/item packets automagically by quoting all dates with dbescdate().
- char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the
code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works
better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype
for all text fields in the postgres schema. varchar was used in a couple of places where it actually
seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code
actually validates data, new bugs might come out from under the rug.
- postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted.
bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function
was added to handle this transparently.
- postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax.
Statements were updated to be standard.
These changes require corresponding changes in the coding standards. Please review those before
adding any code going forward.
Still on my TODO list:
- remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting
- Rewrite search queries for better results (both MySQL and Postgres)
|
|
|
|
| |
Revert if there are serious issues, but please note the issues in as much detail as possible so we can work through them.
|
| |
|
| |
|
| |
|
|
|
|
| |
via the conversation structure that needs to be dealt with.
|
|
|
|
|
| |
a while tends to have a longer ping, we should probably have a longer
ping
|
|
|
|
| |
and stuff, move yet another oauth1 library to library instead of having it in plugins where we'll end up with a white screen if we re-use it in another plugin; which I plan to do.
|
|
|
|
| |
world (via siteinfo/json). Otherwise we'll use the default channel of any accounts that have the account admin role.
|
| |
|
| |
|
|
|
|
| |
easily mis-typed sequence '0000-00-00 00:00:00'
|
| |
|
|
|
|
| |
bug, moved service class stuff from plugin to account.php where it belongs and load that by default instead of on demand
|
|
|
|
| |
kill us with complex joins. We can phase out the sign table once this all checks out.
|
| |
|
|
|
|
| |
emulation (and many other uses)
|
| |
|
| |
|
| |
|
|
|
|
| |
notifier is setup to take hublocs, not xchans.
|
|
|
|
|
|
| |
function to do the same thing.
If you have a problem with chatroom expiration, check that it was created with cr_expire set to 120 (minutes). Chatrooms created during the first couple of days of the chat feature didn't have this. You can set the DB value manually.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
since the password is required to remove a channel. Somebody looking at an open session on somebody else's computer can simply change the password and then proceed to maliciously remove the channel. This change gives the owner 2 days to discover that something is wrong and recover his/her password and potentially save their channel from getting erased by the vandal. This is most likely to happen if a relationship has gone bad, or something incriminating was found in your private messages when you left your computer briefly unattended.
|
|
|
|
| |
to load
|
|
|
|
| |
bookmark permission), also remove the unused 'unconnected contacts' view for now.
|
| |
|
|
|
|
| |
(was cloned from elsewhere and is not primary)
|
|
|
|
| |
writeable areas of the server except the config file and logs under the "store" directory. We'll do logs at a future time.
|
|
|
|
| |
REGISTER_OPEN is in effect.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
extended likes
|