aboutsummaryrefslogtreecommitdiffstats
path: root/mod/item.php
Commit message (Collapse)AuthorAgeFilesLines
* typoredmatrix2015-06-231-1/+1
|
* Merge pull request #356 from solstag/signature_edit_fixredmatrix2015-06-231-2/+2
|\ | | | | properly trims edited posts before signing so signature verification …
| * properly trims edited posts before signing so signature verification worksAlexandre Hannud Abdo2015-06-231-2/+2
| |
* | ensure we always sign a trimmed item body.redmatrix2015-06-221-1/+1
|/
* correctly fix attachment permissions from private mentionsAlexandre Hannud Abdo2015-06-101-21/+23
| | | | by postponing code that removes the attachment tag from the body
* move the photo and attachment permission syncing past the tag replacement so ↵redmatrix2015-06-011-34/+36
| | | | that attachments get the correct permissions when private mentions are used.
* preserve lock on edited commentsredmatrix2015-05-211-1/+4
|
* PRIVACY: possible privacy leakage under a defined set of circumstancesredmatrix2015-05-201-4/+13
|
* issue #176, sender copy of item not obscured if using private mentionfriendica2015-04-201-1/+1
|
* provide a separate input field for rpost attachmentsMario Vavti2015-04-161-1/+1
|
* item_check_service_class wasn't returning correct resultsfriendica2015-04-131-4/+8
|
* update features, allow sys account page deletionfriendica2015-04-081-0/+4
|
* add channel_lastpost timestamp to help optimise some outrageously expensive ↵friendica2015-03-261-0/+7
| | | | queries.
* item_check_service_class - the join is totally unnecessaryfriendica2015-03-251-20/+20
|
* operation snakebite, cont.friendica2015-03-221-7/+20
|
* The random bad signatures are because something somewhere is trimming the ↵friendica2015-03-171-1/+1
| | | | body text. It could be any one of hundreds of functions that touch the message body. We really want to trim the body text, so I'm putting back all the trim statements - in mod/item and item_store and item_store_update. The last fix for random bad sigs noted that one of the trims wasn't there, so the others were removed. The correct fix is for all the trims to be there. We will probably have a few (quite a few) bad sigs during the transition back to trimmed text but this should nail it for anybody on recent code and with new content.
* when fixing "naked links" make sure not to double link double urls as seen ↵friendica2015-03-061-1/+1
| | | | in archive.org - which has the complete unescaped target url, scheme and all, as part of its own.
* failure to auto update comments if it's your own.friendica2015-02-141-1/+1
|
* issue #896friendica2015-02-121-1/+1
|
* typofriendica2015-02-121-0/+1
|
* provide relief to sites that are severely impacted by the slow ITEM_UNSEEN ↵friendica2015-02-121-3/+3
| | | | searches. This does not incorporate any other flag optimisations as that will require a major DB update and possibly involve significant downtime. This is just to bite off a little chunk now and provide some much needed relief.
* item voting toolsfriendica2015-02-101-0/+5
|
* undo extra loggingfriendica2015-02-081-0/+1
|
* remote_user => remote_channelfriendica2015-01-281-2/+2
|
* local_user => local_channelfriendica2015-01-281-5/+5
|
* correct some activity object types (for comments), also fix a foreach ↵friendica2015-01-141-14/+21
| | | | warning resulting from recent tag work
* some back-end code to support location activity objects. Work in progress.friendica2015-01-141-0/+1
|
* provide a setting to control ALLOWCODE permissions at the channel level - it ↵friendica2015-01-131-2/+2
| | | | isn't always appropriate to apply this to all channels in an account.
* Allow tags in mail, many profile fields, and admin infoStefan Parviainen2015-01-131-1/+1
|
* Refactor mention code to make it more reusableStefan Parviainen2015-01-121-67/+15
|
* fix shares that are processed with markdown (regression, this was pulled ↵friendica2015-01-011-3/+5
| | | | from diaspora2bb a couple weeks back as it was affecting diaspora input, but here we're dealing with red input only)
* issue #777, make photo cache time configurable, read the comments.friendica2014-12-271-1/+2
|
* Show tags in other channels profile field to make it easier to navigate to ↵Stefan Parviainen2014-12-071-259/+3
| | | | the channels
* Merge remote-tracking branch 'upstream/master'Habeas Codice2014-11-131-14/+24
|\ | | | | | | | | | | | | | | | | | | | | | | Conflicts: boot.php include/dba/dba_driver.php include/diaspora.php include/follow.php include/session.php include/zot.php mod/photos.php mod/ping.php
| * some more work on sys publishingfriendica2014-11-111-11/+10
| |
| * a couple of places where we need to look for a sys channel euid.friendica2014-11-111-10/+18
| |
| * wall posted comment to a top-level wall post which arrived via a route (e.g. ↵friendica2014-11-031-0/+3
| | | | | | | | was posted to a forum) had no route, hence downstream recipients report route mismatch
* | PostgreSQL support initial commitHabeas Codice2014-11-131-3/+3
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There were 11 main types of changes: - UPDATE's and DELETE's sometimes had LIMIT 1 at the end of them. This is not only non-compliant but it would certainly not do what whoever wrote it thought it would. It is likely this mistake was just copied from Friendica. All of these instances, the LIMIT 1 was simply removed. - Bitwise operations (and even some non-zero int checks) erroneously rely on MySQL implicit integer-boolean conversion in the WHERE clauses. This is non-compliant (and bad programming practice to boot). Proper explicit boolean conversions were added. New queries should use proper conventions. - MySQL has a different operator for bitwise XOR than postgres. Rather than add yet another dba_ func, I converted them to "& ~" ("AND NOT") when turning off, and "|" ("OR") when turning on. There were no true toggles (XOR). New queries should refrain from using XOR when not necessary. - There are several fields which the schema has marked as NOT NULL, but the inserts don't specify them. The reason this works is because mysql totally ignores the constraint and adds an empty text default automatically. Again, non-compliant, obviously. In these cases a default of empty text was added. - Several statements rely on a non-standard MySQL feature (http://dev.mysql.com/doc/refman/5.5/en/group-by-handling.html). These queries can all be rewritten to be standards compliant. Interestingly enough, the newly rewritten standards compliant queries run a zillion times faster, even on MySQL. - A couple of function/operator name translations were needed (RAND/RANDOM, GROUP_CONCAT/STRING_AGG, UTC_NOW, REGEXP/~, ^/#) -- assist functions added in the dba_ - INTERVALs: postgres requires quotes around the value, mysql requires that there are not quotes around the value -- assist functions added in the dba_ - NULL_DATE's -- Postgres does not allow the invalid date '0000-00-00 00:00:00' (there is no such thing as year 0 or month 0 or day 0). We use '0001-01-01 00:00:00' for postgres. Conversions are handled in Zot/item packets automagically by quoting all dates with dbescdate(). - char(##) specifications in the schema creates fields with blank spaces that aren't trimmed in the code. MySQL apparently treats char(##) as varchar(##), again, non-compliant. Since postgres works better with text fields anyway, this ball of bugs was simply side-stepped by using 'text' datatype for all text fields in the postgres schema. varchar was used in a couple of places where it actually seemed appropriate (size constraint), but without rigorously vetting that all of the PHP code actually validates data, new bugs might come out from under the rug. - postgres doesn't store nul bytes and a few other non-printables in text fields, even when quoted. bytea fields were used when storing binary data (photo.data, attach.data). A new dbescbin() function was added to handle this transparently. - postgres does not support LIMIT #,# syntax. All databases support LIMIT # OFFSET # syntax. Statements were updated to be standard. These changes require corresponding changes in the coding standards. Please review those before adding any code going forward. Still on my TODO list: - remove quotes from non-reserved identifiers and make reserved identifiers use dba func for quoting - Rewrite search queries for better results (both MySQL and Postgres)
* if any privacy tags are created on a top level post, restrict the post; ↵friendica2014-10-281-1/+14
| | | | since it could have been quite sensitive. If there were errors processing the actual tag restrict the post to the profile owner. Also make the "privacy tag over-rides ACL" behaviour configurable. Default is that privacy tags over-ride the ACL.
* several unrelated things - auto_follow wasn't working for new accounts, ↵friendica2014-10-271-1/+2
| | | | error returned in private mention to a collection, and added auto-completion to photo tags; though it only matches people so the hover text is now wrong. Also made the photo edit form XHTML (XML) compliant.
* Issue #661Thomas Willingham2014-10-241-1/+1
|
* improved wall-to-wall detection for comments so we can handle Diaspora ↵friendica2014-10-221-6/+16
| | | | | | | signing and wall-to-wall attribution correctly. Do it at the point of submission. This also fixes a potential bug in yesterday's wall-to-wall permission setting, if it was a local comment to a remote post.
* private forum issuesfriendica2014-10-211-0/+15
|
* fix diaspora reshare tagsfriendica2014-10-101-1/+1
|
* add 'nopush' option to the post API so somebody could bulk load a bunch of ↵friendica2014-10-051-9/+16
| | | | existing content via the API without invoking the notifier and sending each out as a fresh post.
* try to sort out walltowall translation for diaspora recipientsfriendica2014-09-191-1/+3
|
* This is long overdue - use a symblic constant NULL_DATE instead of the ↵friendica2014-09-081-2/+2
| | | | easily mis-typed sequence '0000-00-00 00:00:00'
* provide a config option to prevent wall uploads (photos and files) from ↵friendica2014-09-021-0/+9
| | | | being set to the same ACL as the containing post, and instead are uploaded with public visibility (no ACL). This is to prevent folks on other networks from seeing prohibited signs for things uploaded into a private conversation. It is primarily useful when posting to collections that have mixed folks from red and other networks and an otherwise public (typical) profile. Consequently, these uploads will match your chosen default visibility for photos and storage and not that of the containing conversation item (and is only useful if the default visibility is public). This choice must be explained adequately because it represents a complex series of tradeoffs and side effects. It will reduce complaints from other networks about blocked content, but essentially forces you to use another method (dav or the photos page) if you wish to upload protected files/media.
* various diaspora issuesfriendica2014-08-291-0/+6
|
* switch everything over to crypto_encapsulate()friendica2014-08-231-2/+2
|