aboutsummaryrefslogtreecommitdiffstats
path: root/index.php
Commit message (Collapse)AuthorAgeFilesLines
* more work on sessions and cookies, as some anomalies appeared in caldav and ↵redmatrix2016-05-161-2/+9
| | | | firefox which suggested deeper issues
* register shutdown procedureredmatrix2016-05-091-1/+1
|
* Setup was horked after this commit and I couldn't easily make it right so ↵redmatrix2016-04-251-1/+1
| | | | | | | | reverting - will try again at a future date Revert "remove global db variable" This reverts commit c3b0c0f32a17649503db67f208cce6f9e0cdc322.
* remove global db variableredmatrix2016-04-251-1/+1
|
* reverse the logic of the jsenabled setting so that sessions without js are ↵redmatrix2016-04-121-12/+1
| | | | performance penalised instead of regular sessions.
* when setting the session handler as an object using the auto register ↵redmatrix2016-04-101-1/+0
| | | | shutdown flag, explicitly calling session_write_close() should no longer be required. It shouldn't cause any issues if it is called twice, but the session driver interface has been known to sometimes act in unexpected ways and there are lots of "subtleties" which can often be difficult to debug. The mentioned flag implies PHP 5.4 minimum but I believe we require that anyway.
* objectify all the session management stuffredmatrix2016-04-081-2/+2
|
* rework the "remember me" fix to be a bit less hackishredmatrix2016-04-061-5/+0
|
* Bug: "remember me" doesn'tredmatrix2016-04-031-0/+5
|
* change the App constructorredmatrix2016-03-311-1/+1
|
* create miniApp to convert existing settings files to the static App classredmatrix2016-03-311-1/+6
|
* static Appredmatrix2016-03-311-25/+25
|
* deprecate $a->get_baseurl()redmatrix2016-03-301-1/+1
|
* missing functionredmatrix2016-02-241-17/+3
|
* add router classredmatrix2016-02-191-188/+2
|
* rev updateredmatrix2016-02-051-0/+3
|
* add oembed provider for photosredmatrix2016-01-311-4/+7
|
* various issues from the forumsredmatrix2016-01-171-0/+4
|
* 'auto channel creation' - if the corresponding config variable is set, ↵redmatrix2016-01-121-3/+5
| | | | | | create a channel when an account is created. Plugins can provide the necessary channel details (probably from an extended registration form). If no details are provided, a social (mostly public) channel will be created using the LHS of the email address and you will be directed to your channel page (unless email verification is required, in which case this step will be delayed until successful validation and login). If the reddress is already assigned a random name(1000-9999) reddress will be assigned.
* change _newwin to _blank because the window named _newwin may be hard to ↵redmatrix2015-11-201-4/+2
| | | | find if you have lots of windows/tabs open.
* Throw HTTP error and display error message when database is unavailable. #179ken restivo2015-11-191-0/+6
|
* Merge branch 'master' of https://github.com/redmatrix/redmatrixredmatrix2015-07-191-0/+11
|\ | | | | | | | | | | | | | | | | Conflicts: include/identity.php include/widgets.php util/messages.po view/it/messages.po view/it/strings.php
| * allow plugins to provide module handlers for arbitrary modules that haven't ↵redmatrix2015-07-151-0/+11
| | | | | | | | been installed on the system.
* | we aren't using the module_aside functions or hooks any moreredmatrix2015-06-251-32/+0
|/
* Add PHP's xml module check and upload limits to setup.Klaus Weidenbach2015-05-241-69/+58
| | | | And some documentation.
* automated warning after a few days if poller is deadfriendica2015-03-021-0/+3
|
* fix 404 pages for derivative themes by pretending we've found a module ↵friendica2015-02-221-0/+3
| | | | called '404'. This way all the correct theme initialisation stuff will happen.
* local_user => local_channelfriendica2015-01-281-2/+2
|
* Merge remote-tracking branch 'upstream/master'Habeas Codice2014-11-131-11/+0
|\ | | | | | | | | | | | | | | | | | | | | | | Conflicts: boot.php include/dba/dba_driver.php include/diaspora.php include/follow.php include/session.php include/zot.php mod/photos.php mod/ping.php
| * Remove legacy custom/Thomas Willingham2014-11-041-11/+0
| |
* | PostgreSQL support initial commitHabeas Codice2014-11-131-2/+2
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
* Heads up: "custom/module.php" is deprecated. Please read this commit if you ↵friendica2014-10-301-1/+13
| | | | are affected.
* move all theme initialisation to one place - just after calling module_init. ↵friendica2014-10-201-8/+32
| | | | Revert if there are serious issues, but please note the issues in as much detail as possible so we can work through them.
* allow custom role permissions and fix site timezone.friendica2014-09-291-0/+4
|
* Language selection: case-insensitive and system languageAlexandre Hannud Abdo2014-05-231-3/+2
| | | | | | | Fixed ignoring HTTP_ACCEPT_LANGUAGE tags that had uppercase characters. Fixed defining a->language too soon to ever get the system lang
* try to fix random logoutsfriendica2014-05-121-1/+1
|
* better checking for SSL servers, even though it probably doesn't fix the ↵friendica2014-05-081-1/+1
| | | | cookie bug
* remove the redundant install checkfriendica2014-05-081-1/+1
|
* turn off ssl cookie protection by default since nobody that has problems ↵friendica2014-05-081-9/+11
| | | | | | | with it is apparently able to debug it. PLEASE turn it on by util/config system ssl_cookie_protection 1 if you use SSL. Please debug it if you have a problem and have any basic technical skills at all and tell us why it doesn't work so we can fix it and turn this on by default because it is very very very important.
* Do our best to provide sane cookie defaults.friendica2014-05-071-5/+5
|
* try againfriendica2014-05-051-2/+9
|
* revertfriendica2014-05-051-1/+2
|
* improved cookie securityfriendica2014-05-051-0/+1
|
* strip hard-wired zids from posted links as they will have the wrong identity ↵friendica2014-02-161-1/+1
| | | | when somebody tries to view the link
* don't load any configs from DB if installing - especially in style.pcssfriendica2014-02-021-5/+5
|
* better check for setup modulefriendica2014-02-021-1/+1
|
* some windows fixesfriendica2014-02-021-8/+12
|
* clean up logger commands. Placed apostrophs at the end from some comments to ↵Michael Meer2014-01-301-3/+1
| | | | keep the syntax highlighting in vi working
* attempt with fix URL for testing worksMichael Meer2014-01-301-2/+3
|
* prevent reload loop if JS is active, but no cookies acceptedzottel2014-01-161-1/+5
|