aboutsummaryrefslogtreecommitdiffstats
path: root/mod/connedit.php
Commit message (Collapse)AuthorAgeFilesLines
* some work on the edit connection workflow explanation and connedit page. ↵friendica2015-01-021-9/+11
| | | | This needs a lot more attention, but it was screaming for any improvement in documenting why we tell you that the permissions have been changed but not saved.
* Put dir back - the fat lady didn't sing afterall.Thomas Willingham2014-12-041-1/+1
|
* Don't allow affinity of 0 in connedit.Thomas Willingham2014-12-021-0/+1
|
* Merge remote-tracking branch 'upstream/master'Habeas Codice2014-11-131-10/+19
|\ | | | | | | | | | | | | | | | | | | | | | | Conflicts: boot.php include/dba/dba_driver.php include/diaspora.php include/follow.php include/session.php include/zot.php mod/photos.php mod/ping.php
| * minor adjustments to make the form work as designedfriendica2014-11-041-2/+3
| |
| * ok heads up - potentially destabilising change. I've tried to sort out all ↵friendica2014-11-041-10/+18
| | | | | | | | | | | | | | | | | | | | the default connection permissions for those who don't have a predefined (or therefore have a "custom") permissions role. Unfortunately this includes most people that were using this software more than a month ago. The real changes are that the SELF address book entry no longer holds "auto-permissions" but instead holds your "default permissions" (if you have a pre-defined role, the defaults will be pulled from the role table). The auto permissions have moved to a pconfig (uid.system.autoperms). A DB update will move these settings into their new homes. What used to be the "Auto-permissions settings" page is now the "default permissions settings" page and a checkbox therein decides whether or not to apply the permissions automatically. A link to this page will only be shown when you have the "custom" role selected. With luck nobody will notice anything wrong. But at least for the next few days, please review permissions that have been assigned to new connections (either automatically or manually) and make sure they make sense (e.g. they aren't "nothing"). You still need to take action when seeing a message "permissions have changed but not yet submitted" as we always let you review and perhaps adjust the settings _before_ a connection is established (unless you have autoperms turned on).
* | PostgreSQL support initial commitHabeas Codice2014-11-131-2/+2
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
* add "repository" permissions role and make sure we have a sane "accept" ↵friendica2014-10-271-0/+6
| | | | default for the custom role.
* implement permission roles - the backend should be done except for maybe a ↵friendica2014-09-171-0/+22
| | | | couple of small tweaks. Now we just need to define the rest of the roles and create a chooser for them. Adam started on this some time back but I don't know where that has gone.
* Friendica photo import tool. This will bring in all your photos from the ↵friendica2014-08-121-1/+1
| | | | chosen Friendica account and import them into Red. Note that profile photos will also be imported, but will not be scaled for profiles, nor will they be attached to any profiles. They will appear however in your Profile Photos album. Photos that had any access restrictions in Friendica will be made private to only you. Comments and likes, captions, and tags are not transferred, only the actual photos. You will only be able to do this once. If something goes wrong but any photos were imported, a pconfig called frphotos.complete will be set and you'll have to remove it to start over. If you should remove this to start over, we also check each photo and will not over-write a photo you already brought over.
* fix ignore of unapproved connectionfriendica2014-08-071-5/+4
|
* clone sync of "unfriend" actionsfriendica2014-08-051-2/+12
|
* we didn't need the extra query - everything we require is already in memoryfriendica2014-07-291-37/+26
|
* implement the new friend activity post which has been missing for some time nowfriendica2014-07-291-8/+52
|
* Fix for #510: $a->poi wasn't set for tabs actions with commands, so ↵zottel2014-07-021-1/+1
| | | | connedit_clone wasn't executed.
* Setting to undo/clear auto permissionsfriendica2014-04-211-0/+1
|
* Now we also refresh permissions after the user posted connedit.sirius2014-04-201-2/+35
|
* a bit more work towards issue #395 - cleaning up some cases which were going ↵friendica2014-04-061-1/+1
| | | | to the url directly and which weren't going through chanview. Also worth noting - mentions in posts do not go through chanview. Perhaps it is time to kill chanview (except we then cannot implemented a "connected" or "connect" button since we don't have any control over the landing page). For the time being I'm just trying to trap as many of the "visit URL" links as possible and sending them to a common place. Then we can figure out how that common place should behave.
* new connection notificationfriendica2014-03-271-1/+1
|
* start new connections out with even more sane defaults than before by ↵friendica2014-03-071-0/+6
| | | | pre-filling the connedit form page. This still lets them change things before any damage has been done or before any privacy has leaked, but should reduce the number of new connections that can't comment.
* fixes to thing profile assignmentsfriendica2014-02-111-1/+1
|
* accept new connection broke yesterdayfriendica2014-02-031-1/+4
|
* don't draw attention to advanced permissions and their corresponding ↵friendica2014-02-021-4/+4
| | | | complexity and clearly mark the simple permissions which people are encouraged to use.
* comanchify connedit, groupfriendica2013-12-191-18/+0
|
* default photo issue, and connections page showing deleted accounts. Also ↵friendica2013-12-191-1/+1
| | | | show last updated on connedit page
* Add App::poi to store the "person of interest" for a given page. This is so ↵friendica2013-12-181-14/+14
| | | | we can comanchificate the vcard_from_xchan widget -- it will pick up the target xchan from the page environment.
* split off mod_connections into mod_connections & mod_connedit - lots of ↵friendica2013-12-181-206/+13
| | | | links to fix
* split mod/connections for comanchificationfriendica2013-12-171-0/+708