From 7c30fca98186538eff731519bdd0c76527237192 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20H=C3=B6=C3=9Fl?= Date: Mon, 27 Feb 2012 22:17:57 +0000 Subject: Avoid a Notice --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 54f318e5e..c89dae27c 100755 --- a/boot.php +++ b/boot.php @@ -1335,7 +1335,7 @@ function profile_tabs($a, $is_owner=False, $nickname=Null){ array( 'label' => t('Profile'), 'url' => $url.'/?tab=profile', - 'sel' => (($tab=='profile')?'active':''), + 'sel' => ((isset($tab) && $tab=='profile')?'active':''), ), array( 'label' => t('Photos'), -- cgit v1.2.3 From 36a1a43f06dc2a0d55463c83154cce55fa3948ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20H=C3=B6=C3=9Fl?= Date: Tue, 28 Feb 2012 13:42:12 +0000 Subject: Avoid notices --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index c89dae27c..e39504e11 100755 --- a/boot.php +++ b/boot.php @@ -1209,7 +1209,7 @@ function current_theme(){ $a = get_app(); $system_theme = ((isset($a->config['system']['theme'])) ? $a->config['system']['theme'] : ''); - $theme_name = ((is_array($_SESSION) && x($_SESSION,'theme')) ? $_SESSION['theme'] : $system_theme); + $theme_name = ((isset($_SESSION) && x($_SESSION,'theme')) ? $_SESSION['theme'] : $system_theme); if($theme_name && file_exists('view/theme/' . $theme_name . '/style.css')) return($theme_name); -- cgit v1.2.3 From acf75e85c86a2e47549ee74d60c7d82dcc5c8cc4 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 12 Mar 2012 19:12:00 -0700 Subject: revup --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index b30f02c9f..ace358faa 100755 --- a/boot.php +++ b/boot.php @@ -9,7 +9,7 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1278' ); +define ( 'FRIENDICA_VERSION', '2.3.1279' ); define ( 'DFRN_PROTOCOL_VERSION', '2.22' ); define ( 'DB_UPDATE_VERSION', 1131 ); -- cgit v1.2.3 From dc84da520d7bde3f2e160d2573a549829fd022cf Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 13 Mar 2012 15:40:16 -0700 Subject: invite potential connectees to the free social web --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index ace358faa..8f0e8345f 100755 --- a/boot.php +++ b/boot.php @@ -9,7 +9,7 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1279' ); +define ( 'FRIENDICA_VERSION', '2.3.1280' ); define ( 'DFRN_PROTOCOL_VERSION', '2.22' ); define ( 'DB_UPDATE_VERSION', 1131 ); -- cgit v1.2.3 From 64e3e3590b8ef04a1fdb1cccabc3970295ef92f2 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 14 Mar 2012 16:09:13 -0700 Subject: revup --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 749ef6e3f..ba731ddee 100755 --- a/boot.php +++ b/boot.php @@ -9,7 +9,7 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1280' ); +define ( 'FRIENDICA_VERSION', '2.3.1281' ); define ( 'DFRN_PROTOCOL_VERSION', '2.22' ); define ( 'DB_UPDATE_VERSION', 1131 ); -- cgit v1.2.3 From f0a62d8908cef31982c1c2b24fc9dbc8b59b8bdb Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 14 Mar 2012 20:36:23 -0700 Subject: ssl_policy stuff --- boot.php | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index ba731ddee..22a4e39be 100755 --- a/boot.php +++ b/boot.php @@ -379,11 +379,22 @@ class App { $scheme = $this->scheme; - if(x($this->config,'ssl_policy')) { - if(($ssl) || ($this->config['ssl_policy'] == SSL_POLICY_FULL)) - $scheme = 'https'; - if(($this->config['ssl_policy'] == SSL_POLICY_SELFSIGN) && (local_user() || x($_POST,'auth-params'))) + if((x($this->config,'system')) && (x($this->config['system'],'ssl_policy'))) { + if($this->config['system']['ssl_policy'] == SSL_POLICY_FULL) $scheme = 'https'; + +// We need to populate the $ssl flag across the entire program before turning this on. +// Basically, we'll have $ssl = true on any links which can only be seen by a logged in user +// (and also the login link). Anything seen by an outsider will have it turned off. +// At present, setting SSL_POLICY_SELFSIGN will only force remote contacts to update their +// contact links to this site with "http:" if they are currently using "https:" + +// if($this->config['system']['ssl_policy'] == SSL_POLICY_SELFSIGN) { +// if($ssl) +// $scheme = 'https'; +// else +// $scheme = 'http'; +// } } $this->baseurl = $scheme . "://" . $this->hostname . ((isset($this->path) && strlen($this->path)) ? '/' . $this->path : '' ); -- cgit v1.2.3 From 93a8907f435e1b6ca55fa816ffb81b47a018db03 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 14 Mar 2012 21:29:44 -0700 Subject: force login to ssl on SSL_POLICY_SELFSIGN --- boot.php | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 22a4e39be..c4cfbe5bf 100755 --- a/boot.php +++ b/boot.php @@ -696,6 +696,7 @@ function get_guid($size=16) { if(! function_exists('login')) { function login($register = false, $hiddens=false) { + $a = get_app(); $o = ""; $reg = false; if ($register) { @@ -715,23 +716,26 @@ function login($register = false, $hiddens=false) { } + $dest_url = $a->get_baseurl(true) . '/' . $a->query_string; $o .= replace_macros($tpl,array( - '$logout' => t('Logout'), - '$login' => t('Login'), + + '$dest_url' => $dest_url, + '$logout' => t('Logout'), + '$login' => t('Login'), '$lname' => array('username', t('Nickname or Email address: ') , '', ''), '$lpassword' => array('password', t('Password: '), '', ''), '$openid' => !$noid, - '$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''), + '$lopenid' => array('openid_url', t('Or login using OpenID: '),'',''), - '$hiddens' => $hiddens, + '$hiddens' => $hiddens, - '$register' => $reg, + '$register' => $reg, - '$lostpass' => t('Forgot your password?'), - '$lostlink' => t('Password Reset'), + '$lostpass' => t('Forgot your password?'), + '$lostlink' => t('Password Reset'), )); call_hooks('login_hook',$o); -- cgit v1.2.3 From b44533e9fb685bb4b38073a90003d61911e1e24e Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 14 Mar 2012 21:40:36 -0700 Subject: roll protocol version due to ssl_policy settings --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index c4cfbe5bf..04f36093b 100755 --- a/boot.php +++ b/boot.php @@ -10,7 +10,7 @@ require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); define ( 'FRIENDICA_VERSION', '2.3.1281' ); -define ( 'DFRN_PROTOCOL_VERSION', '2.22' ); +define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); define ( 'DB_UPDATE_VERSION', 1131 ); define ( 'EOL', "
\r\n" ); -- cgit v1.2.3 From 7684f63ecdfce560f24475630144f6058df15ca9 Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 15 Mar 2012 16:38:26 -0700 Subject: track whether contact is a community page or not --- boot.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 04f36093b..86da3cd2e 100755 --- a/boot.php +++ b/boot.php @@ -9,9 +9,9 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1281' ); +define ( 'FRIENDICA_VERSION', '2.3.1282' ); define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); -define ( 'DB_UPDATE_VERSION', 1131 ); +define ( 'DB_UPDATE_VERSION', 1132 ); define ( 'EOL', "
\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); -- cgit v1.2.3 From 58940175e173c04c9bfa3498af40c65f6514a9ce Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 16 Mar 2012 15:07:45 -0700 Subject: wrong link in d* comment notifications --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 86da3cd2e..322340e5d 100755 --- a/boot.php +++ b/boot.php @@ -9,7 +9,7 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1282' ); +define ( 'FRIENDICA_VERSION', '2.3.1283' ); define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); define ( 'DB_UPDATE_VERSION', 1132 ); -- cgit v1.2.3 From 511d8a30a05f76a08582f2d7a9ccd78dbd744c57 Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 16 Mar 2012 23:51:49 -0700 Subject: scheme checking for webservers without $_SERVER['HTTPS'] --- boot.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 322340e5d..836900fc4 100755 --- a/boot.php +++ b/boot.php @@ -286,7 +286,12 @@ class App { startup(); - $this->scheme = ((isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'])) ? 'https' : 'http' ); + $this->scheme = 'http'; + if(x($_SERVER,'HTTPS') && $_SERVER['HTTPS']) + $this->scheme = 'https'; + elseif(x($_SERVER,'SERVER_PORT') && (intval($_SERVER['SERVER_PORT']) == 443)) + $this->scheme = 'https'; + if(x($_SERVER,'SERVER_NAME')) { $this->hostname = $_SERVER['SERVER_NAME']; -- cgit v1.2.3 From 26258bca77aa3385dacf36874f7f5603eaef9a6b Mon Sep 17 00:00:00 2001 From: friendica Date: Sat, 17 Mar 2012 02:36:59 -0700 Subject: compare ssl_policy precisely in case somebody was bitten by template processor bug --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 836900fc4..b0a631170 100755 --- a/boot.php +++ b/boot.php @@ -385,7 +385,7 @@ class App { $scheme = $this->scheme; if((x($this->config,'system')) && (x($this->config['system'],'ssl_policy'))) { - if($this->config['system']['ssl_policy'] == SSL_POLICY_FULL) + if(intval($this->config['system']['ssl_policy']) === intval(SSL_POLICY_FULL)) $scheme = 'https'; // We need to populate the $ssl flag across the entire program before turning this on. -- cgit v1.2.3 From 67fd539f53756723d844dd204639146587f5bb76 Mon Sep 17 00:00:00 2001 From: friendica Date: Sat, 17 Mar 2012 18:15:36 -0700 Subject: bug #337, call template_unescape() only at the end of template processing --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index b0a631170..b3c79079a 100755 --- a/boot.php +++ b/boot.php @@ -9,7 +9,7 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1283' ); +define ( 'FRIENDICA_VERSION', '2.3.1284' ); define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); define ( 'DB_UPDATE_VERSION', 1132 ); -- cgit v1.2.3 From 37f4cbd732de8af22038a06792087c30d4c67989 Mon Sep 17 00:00:00 2001 From: friendica Date: Sun, 18 Mar 2012 17:57:29 -0700 Subject: revup --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index b3c79079a..d5feaed2d 100755 --- a/boot.php +++ b/boot.php @@ -9,7 +9,7 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1284' ); +define ( 'FRIENDICA_VERSION', '2.3.1285' ); define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); define ( 'DB_UPDATE_VERSION', 1132 ); -- cgit v1.2.3 From 139a86dbd395f4601b29b9af97ac8ea190cce9f9 Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 19 Mar 2012 06:48:11 -0700 Subject: some openid fixes, use identity url from openid server and normalise it. --- boot.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index d5feaed2d..9779bb9a8 100755 --- a/boot.php +++ b/boot.php @@ -713,15 +713,16 @@ function login($register = false, $hiddens=false) { $noid = get_config('system','no_openid'); + $dest_url = $a->get_baseurl(true) . '/' . $a->query_string; + if(local_user()) { $tpl = get_markup_template("logout.tpl"); } else { $tpl = get_markup_template("login.tpl"); - + $_SESSION['return_url'] = $a->query_string; } - $dest_url = $a->get_baseurl(true) . '/' . $a->query_string; $o .= replace_macros($tpl,array( -- cgit v1.2.3 From 9e133d6412945f84f858d4bfde26c69f9e1afbfd Mon Sep 17 00:00:00 2001 From: friendica Date: Mon, 19 Mar 2012 15:03:09 -0700 Subject: refactor openid logins/registrations --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 9779bb9a8..be4b8ca0e 100755 --- a/boot.php +++ b/boot.php @@ -9,7 +9,7 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1285' ); +define ( 'FRIENDICA_VERSION', '2.3.1286' ); define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); define ( 'DB_UPDATE_VERSION', 1132 ); -- cgit v1.2.3 From 92ef36ad61bc96905b062a727d1f4558ed734bdb Mon Sep 17 00:00:00 2001 From: friendica Date: Tue, 20 Mar 2012 14:55:18 -0700 Subject: slightly relax overly strict permissions in community and search to match those in display - tl;dr public conversations are publicly visible --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index be4b8ca0e..fa081df1b 100755 --- a/boot.php +++ b/boot.php @@ -9,7 +9,7 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1286' ); +define ( 'FRIENDICA_VERSION', '2.3.1287' ); define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); define ( 'DB_UPDATE_VERSION', 1132 ); -- cgit v1.2.3 From 89028f2e2ff50aeb6747eecd6c2c8b5ed213b077 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 21 Mar 2012 13:55:37 -0700 Subject: add comix-plain --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index fa081df1b..910de6f82 100755 --- a/boot.php +++ b/boot.php @@ -9,7 +9,7 @@ require_once('include/nav.php'); require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); -define ( 'FRIENDICA_VERSION', '2.3.1287' ); +define ( 'FRIENDICA_VERSION', '2.3.1288' ); define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); define ( 'DB_UPDATE_VERSION', 1132 ); -- cgit v1.2.3 From ebdf0ee99e517c6718099fda2f1b2288c42e66da Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 22 Mar 2012 01:46:52 -0700 Subject: prevent re-registrations using a deleted username - not an issue with Friendica but could create a serious privacy issue with federated platforms --- boot.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'boot.php') diff --git a/boot.php b/boot.php index 910de6f82..04e16e64d 100755 --- a/boot.php +++ b/boot.php @@ -11,7 +11,7 @@ require_once('include/cache.php'); define ( 'FRIENDICA_PLATFORM', 'Friendica'); define ( 'FRIENDICA_VERSION', '2.3.1288' ); define ( 'DFRN_PROTOCOL_VERSION', '2.23' ); -define ( 'DB_UPDATE_VERSION', 1132 ); +define ( 'DB_UPDATE_VERSION', 1133 ); define ( 'EOL', "
\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); -- cgit v1.2.3