Merge remote branch 'upstream/master'

This commit is contained in:
zottel 2012-03-22 16:03:14 +01:00
commit e7d80a79ff
22 changed files with 349 additions and 20 deletions

View file

@ -5,9 +5,6 @@ AddType audio/ogg .oga
<FilesMatch "\.(out|log)$">
Deny from all
</FilesMatch>
<Files "(include|library)">
Deny from all
</Files>
<IfModule mod_rewrite.c>
RewriteEngine on

View file

@ -11,7 +11,7 @@ require_once('include/cache.php');
define ( 'FRIENDICA_PLATFORM', 'Friendica');
define ( 'FRIENDICA_VERSION', '2.3.1288' );
define ( 'DFRN_PROTOCOL_VERSION', '2.23' );
define ( 'DB_UPDATE_VERSION', 1132 );
define ( 'DB_UPDATE_VERSION', 1133 );
define ( 'EOL', "<br />\r\n" );
define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' );

View file

@ -861,3 +861,9 @@ INDEX ( `term` )
) ENGINE = MyISAM DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `userd` (
`id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`username` CHAR( 255 ) NOT NULL,
INDEX ( `username` )
) ENGINE = MyISAM DEFAULT CHARSET=utf8;

View file

@ -15,6 +15,12 @@ function user_remove($uid) {
call_hooks('remove_user',$r[0]);
// save username (actually the nickname as it is guaranteed
// unique), so it cannot be re-registered in the future.
q("insert into userd ( username ) values ( '%s' )",
$r[0]['nickname']
);
q("DELETE FROM `contact` WHERE `uid` = %d", intval($uid));
q("DELETE FROM `group` WHERE `uid` = %d", intval($uid));

View file

@ -86,7 +86,7 @@ function delegate_content(&$a) {
$r = q("select nurl from contact where substring_index(contact.nurl,'/',3) = '%s'
and contact.uid = %d and contact.self = 0 and network = '%s' ",
dbesc($a->get_baseurl()),
dbesc(normalise_link($a->get_baseurl())),
intval(local_user()),
dbesc(NETWORK_DFRN)
);

View file

@ -150,6 +150,16 @@ function register_post(&$a) {
if(count($r))
$err .= t('Nickname is already registered. Please choose another.') . EOL;
// Check deleted accounts that had this nickname. Doesn't matter to us,
// but could be a security issue for federated platforms.
$r = q("SELECT * FROM `userd`
WHERE `username` = '%s' LIMIT 1",
dbesc($nickname)
);
if(count($r))
$err .= t('Nickname was once registered here and may not be re-used. Please choose another.') . EOL;
if(strlen($err)) {
notice( $err );
return;

View file

@ -64,6 +64,11 @@ function user_allow($hash) {
}
// This does not have to go through user_remove() and save the nickname
// permanently against re-registration, as the person was not yet
// allowed to have friends on this system
function user_deny($hash) {
$register = q("SELECT * FROM `register` WHERE `hash` = '%s' LIMIT 1",

224
tests/template_test.php Executable file
View file

@ -0,0 +1,224 @@
<?php
/**
* this file contains tests for the template engine
*
* @package test.util
*/
/** required, it is the file under test */
require_once('include/template_processor.php');
require_once('include/text.php');
class TemplateMockApp {
public $theme_info=array();
}
if(!function_exists('current_theme')) {
function current_theme() {
return 'clean';
}
}
if(!function_exists('x')) {
function x($s,$k = NULL) {
return false;
}
}
if(!function_exists('get_app')) {
function get_app() {
return new TemplateMockApp();
}
}
/**
* TestCase for the template engine
*
* @author Alexander Kampmann
* @package test.util
*/
class TemplateTest extends PHPUnit_Framework_TestCase {
public function setUp() {
global $t;
$t=new Template;
}
public function testListToShort() {
@list($first, $second)=array('first');
$this->assertTrue(is_null($second));
}
public function testSimpleVariableString() {
$tpl='Hello $name!';
$text=replace_macros($tpl, array('$name'=>'Anna'));
$this->assertEquals('Hello Anna!', $text);
}
public function testSimpleVariableInt() {
$tpl='There are $num new messages!';
$text=replace_macros($tpl, array('$num'=>172));
$this->assertEquals('There are 172 new messages!', $text);
}
public function testConditionalElse() {
$tpl='There{{ if $num!=1 }} are $num new messages{{ else }} is 1 new message{{ endif }}!';
$text1=replace_macros($tpl, array('$num'=>1));
$text22=replace_macros($tpl, array('$num'=>22));
$this->assertEquals('There is 1 new message!', $text1);
$this->assertEquals('There are 22 new messages!', $text22);
}
public function testConditionalNoElse() {
$tpl='{{ if $num!=0 }}There are $num new messages!{{ endif }}';
$text0=replace_macros($tpl, array('$num'=>0));
$text22=replace_macros($tpl, array('$num'=>22));
$this->assertEquals('', $text0);
$this->assertEquals('There are 22 new messages!', $text22);
}
public function testConditionalFail() {
$tpl='There {{ if $num!=1 }} are $num new messages{{ else }} is 1 new message{{ endif }}!';
$text1=replace_macros($tpl, array());
//$this->assertEquals('There is 1 new message!', $text1);
}
public function testSimpleFor() {
$tpl='{{ for $messages as $message }} $message {{ endfor }}';
$text=replace_macros($tpl, array('$messages'=>array('message 1', 'message 2')));
$this->assertEquals(' message 1 message 2 ', $text);
}
public function testFor() {
$tpl='{{ for $messages as $message }} from: $message.from to $message.to {{ endfor }}';
$text=replace_macros($tpl, array('$messages'=>array(array('from'=>'Mike', 'to'=>'Alex'), array('from'=>'Alex', 'to'=>'Mike'))));
$this->assertEquals(' from: Mike to Alex from: Alex to Mike ', $text);
}
public function testKeyedFor() {
$tpl='{{ for $messages as $from=>$to }} from: $from to $to {{ endfor }}';
$text=replace_macros($tpl, array('$messages'=>array('Mike'=>'Alex', 'Sven'=>'Mike')));
$this->assertEquals(' from: Mike to Alex from: Sven to Mike ', $text);
}
public function testForEmpty() {
$tpl='messages: {{for $messages as $message}} from: $message.from to $message.to {{ endfor }}';
$text=replace_macros($tpl, array('$messages'=>array()));
$this->assertEquals('messages: ', $text);
}
public function testForWrongType() {
$tpl='messages: {{for $messages as $message}} from: $message.from to $message.to {{ endfor }}';
$text=replace_macros($tpl, array('$messages'=>11));
$this->assertEquals('messages: ', $text);
}
public function testForConditional() {
$tpl='new messages: {{for $messages as $message}}{{ if $message.new }} $message.text{{endif}}{{ endfor }}';
$text=replace_macros($tpl, array('$messages'=>array(
array('new'=>true, 'text'=>'new message'),
array('new'=>false, 'text'=>'old message'))));
$this->assertEquals('new messages: new message', $text);
}
public function testConditionalFor() {
$tpl='{{ if $enabled }}new messages:{{for $messages as $message}} $message.text{{ endfor }}{{endif}}';
$text=replace_macros($tpl, array('$enabled'=>true,
'$messages'=>array(
array('new'=>true, 'text'=>'new message'),
array('new'=>false, 'text'=>'old message'))));
$this->assertEquals('new messages: new message old message', $text);
}
public function testFantasy() {
$tpl='Fantasy: {{fantasy $messages}}';
$text=replace_macros($tpl, array('$messages'=>'no no'));
$this->assertEquals('Fantasy: {{fantasy no no}}', $text);
}
public function testInc() {
$tpl='{{inc field_input.tpl with $field=$myvar}}{{ endinc }}';
$text=replace_macros($tpl, array('$myvar'=>array('myfield', 'label', 'value', 'help')));
$this->assertEquals(" \n"
." <div class='field input'>\n"
." <label for='id_myfield'>label</label>\n"
." <input name='myfield' id='id_myfield' value=\"value\">\n"
." <span class='field_help'>help</span>\n"
." </div>\n", $text);
}
public function testIncNoVar() {
$tpl='{{inc field_input.tpl }}{{ endinc }}';
$text=replace_macros($tpl, array('$field'=>array('myfield', 'label', 'value', 'help')));
$this->assertEquals(" \n <div class='field input'>\n <label for='id_myfield'>label</label>\n"
." <input name='myfield' id='id_myfield' value=\"value\">\n"
." <span class='field_help'>help</span>\n"
." </div>\n", $text);
}
public function testDoubleUse() {
$tpl='Hello $name! {{ if $enabled }} I love you! {{ endif }}';
$text=replace_macros($tpl, array('$name'=>'Anna', '$enabled'=>false));
$this->assertEquals('Hello Anna! ', $text);
$tpl='Hey $name! {{ if $enabled }} I hate you! {{ endif }}';
$text=replace_macros($tpl, array('$name'=>'Max', '$enabled'=>true));
$this->assertEquals('Hey Max! I hate you! ', $text);
}
public function testIncDouble() {
$tpl='{{inc field_input.tpl with $field=$var1}}{{ endinc }}'
.'{{inc field_input.tpl with $field=$var2}}{{ endinc }}';
$text=replace_macros($tpl, array('$var1'=>array('myfield', 'label', 'value', 'help'),
'$var2'=>array('myfield2', 'label2', 'value2', 'help2')));
$this->assertEquals(" \n"
." <div class='field input'>\n"
." <label for='id_myfield'>label</label>\n"
." <input name='myfield' id='id_myfield' value=\"value\">\n"
." <span class='field_help'>help</span>\n"
." </div>\n"
." \n"
." <div class='field input'>\n"
." <label for='id_myfield2'>label2</label>\n"
." <input name='myfield2' id='id_myfield2' value=\"value2\">\n"
." <span class='field_help'>help2</span>\n"
." </div>\n", $text);
}
}

View file

@ -27,11 +27,32 @@ class AntiXSSTest extends PHPUnit_Framework_TestCase {
*/
public function testXmlify() {
$text="<tag>I want to break\n this!11!<?hard?></tag>";
$xml=xmlify($text); //test whether it actually may be part of a xml document
$xml=xmlify($text);
$retext=unxmlify($text);
$this->assertEquals($text, $retext);
}
/**
* xmlify and put in a document
*/
public function testXmlifyDocument() {
$tag="<tag>I want to break</tag>";
$xml=xmlify($tag);
$text='<text>'.$xml.'</text>';
$xml_parser=xml_parser_create();
//should be possible to parse it
$values=array(); $index=array();
$this->assertEquals(1, xml_parse_into_struct($xml_parser, $text, $values, $index));
$this->assertEquals(array('TEXT'=>array(0)),
$index);
$this->assertEquals(array(array('tag'=>'TEXT', 'type'=>'complete', 'level'=>1, 'value'=>$tag)),
$values);
xml_parser_free($xml_parser);
}
/**
* test hex2bin and reverse

View file

@ -1,6 +1,6 @@
<?php
define( 'UPDATE_VERSION' , 1132 );
define( 'UPDATE_VERSION' , 1133 );
/**
*
@ -1127,3 +1127,12 @@ function update_1131() {
}
function update_1132() {
q("CREATE TABLE IF NOT EXISTS `userd` (
`id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`username` CHAR( 255 ) NOT NULL,
INDEX ( `username` )
) ENGINE = MYISAM ");
}

View file

@ -58,7 +58,7 @@
<a href="#" id="tagger-$item.id" onclick="itemTag($item.id); return false;" class="tag-item icon tagged" title="$item.star.tagger"></a>
{{ endif }}
{{ if $item.filer }}
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.star.filer"></a>
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.filer"></a>
{{ endif }}
<div class="wall-item-delete-wrapper" id="wall-item-delete-wrapper-$item.id" >
{{ if $item.drop.dropping }}<a href="item/drop/$item.id" onclick="return confirmDelete();" class="icon drophide" title="$item.drop.delete" onmouseover="imgbright(this);" onmouseout="imgdull(this);" ></a>{{ endif }}

View file

@ -62,7 +62,7 @@
<a href="#" id="tagger-$item.id" onclick="itemTag($item.id); return false;" class="tag-item icon tagged" title="$item.star.tagger"></a>
{{ endif }}
{{ if $item.filer }}
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.star.filer"></a>
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.filer"></a>
{{ endif }}
<div class="wall-item-delete-wrapper" id="wall-item-delete-wrapper-$item.id" >

View file

@ -58,7 +58,7 @@
<a href="#" id="tagger-$item.id" onclick="itemTag($item.id); return false;" class="tag-item icon tagged" title="$item.star.tagger"></a>
{{ endif }}
{{ if $item.filer }}
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.star.filer"></a>
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.filer"></a>
{{ endif }}
<div class="wall-item-delete-wrapper" id="wall-item-delete-wrapper-$item.id" >
{{ if $item.drop.dropping }}<a href="item/drop/$item.id" onclick="return confirmDelete();" class="icon drophide" title="$item.drop.delete" onmouseover="imgbright(this);" onmouseout="imgdull(this);" ></a>{{ endif }}

View file

@ -62,7 +62,7 @@
<a href="#" id="tagger-$item.id" onclick="itemTag($item.id); return false;" class="tag-item icon tagged" title="$item.star.tagger"></a>
{{ endif }}
{{ if $item.filer }}
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.star.filer"></a>
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.filer"></a>
{{ endif }}
<div class="wall-item-delete-wrapper" id="wall-item-delete-wrapper-$item.id" >

View file

@ -58,7 +58,7 @@
<a href="#" id="tagger-$item.id" onclick="itemTag($item.id); return false;" class="tag-item icon tagged" title="$item.star.tagger"></a>
{{ endif }}
{{ if $item.filer }}
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.star.filer"></a>
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.filer"></a>
{{ endif }}
<div class="wall-item-delete-wrapper" id="wall-item-delete-wrapper-$item.id" >
{{ if $item.drop.dropping }}<a href="item/drop/$item.id" onclick="return confirmDelete();" class="icon drophide" title="$item.drop.delete" onmouseover="imgbright(this);" onmouseout="imgdull(this);" ></a>{{ endif }}

View file

@ -62,7 +62,7 @@
<a href="#" id="tagger-$item.id" onclick="itemTag($item.id); return false;" class="tag-item icon tagged" title="$item.star.tagger"></a>
{{ endif }}
{{ if $item.filer }}
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.star.filer"></a>
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.filer"></a>
{{ endif }}
<div class="wall-item-delete-wrapper" id="wall-item-delete-wrapper-$item.id" >

View file

@ -72,6 +72,8 @@
@NoticeColor: @Grey1;
@NoticeBackgroundColor: #511919;
@FieldHelpColor: @Grey3;
@ThreadBackgroundColor: #f6f7f8;
@ShinyBorderColor: @Green4;

View file

@ -615,7 +615,7 @@ aside #profiles-menu {
}
#contact-block .contact-block-content {
clear: both;
overflow: idden;
overflow: hidden;
height: auto;
}
#contact-block .contact-block-link {
@ -623,7 +623,7 @@ aside #profiles-menu {
margin: 0px 2px 2px 0px;
}
#contact-block .contact-block-link img {
widht: 48px;
width: 48px;
height: 48px;
}
/* mail view */
@ -787,7 +787,7 @@ section {
}
.wall-item-decor {
position: absolute;
left: 790px;
left: 97%;
top: -10px;
width: 16px;
}
@ -968,6 +968,10 @@ section {
background: url("../../../images/tag.png") no-repeat center right;
color: #ffffff;
}
.filesavetags {
padding: 3px 0px 3px 0px;
opacity: 0.5;
}
.wwto {
position: absolute !important;
width: 25px;
@ -1304,6 +1308,37 @@ ul.tabs li {
ul.tabs li .active {
border-bottom: 1px solid #009100;
}
/** group editor **/
#group-edit-desc {
margin-top: 1em;
color: #999999;
}
#group-update-wrapper {
height: auto;
overflow: auto;
}
#group-update-wrapper #group {
width: 300px;
float: left;
margin-right: 20px;
}
#group-update-wrapper #contacts {
width: 300px;
float: left;
}
#group-update-wrapper #group-separator {
display: none;
}
#group-update-wrapper .contact_list {
height: 300px;
border: 1px solid #364e59;
overflow: auto;
}
#group-update-wrapper .contact_list .contact-block-div {
width: 50px;
height: 50px;
float: left;
}
/**
* Form fields
*/
@ -1326,7 +1361,7 @@ ul.tabs li .active {
.field .field_help {
display: block;
margin-left: 200px;
color: #666666;
color: #999999;
}
.field .onoff {
float: left;

View file

@ -113,7 +113,7 @@ header {
#banner {
overflow: hidden;
text-align: center;
text-align: center;
width: 100%;
a, a:active, a:visited, a:link, a:hover { color: @Grey1; text-decoration: none; outline: none; vertical-align: bottom; }
#logo-img { height: 22px; margin-top:5px;}
@ -448,7 +448,7 @@ section {
margin-bottom: 20px;
width: 780px;
}
.wall-item-decor { position: absolute; left: 790px; top: -10px; width: 16px;}
.wall-item-decor { position: absolute; left: 97%; top: -10px; width: 16px;}
.unstarred { display: none; }
.wall-item-container {
@ -570,6 +570,10 @@ section {
color: @TagColor;
}
}
.filesavetags {
padding: 3px 0px 3px 0px;
opacity: 0.5;
}
.wwto {
position: absolute !important;

View file

@ -787,7 +787,7 @@ section {
}
.wall-item-decor {
position: absolute;
left: 790px;
left: 97%;
top: -10px;
width: 16px;
}
@ -968,6 +968,10 @@ section {
background: url("../../../images/tag.png") no-repeat center right;
color: #ffffff;
}
.filesavetags {
padding: 3px 0px 3px 0px;
opacity: 0.5;
}
.wwto {
position: absolute !important;
width: 25px;

View file

@ -51,6 +51,9 @@
<a href="#" id="unstar-$item.id" onclick="dostar($item.id); return false;" class="$item.star.classundo" title="$item.star.undo">$item.star.undo</a>
<a href="#" id="tagger-$item.id" onclick="itemTag($item.id); return false;" class="$item.star.classtagger" title="$item.star.tagger">$item.star.tagger</a>
{{ endif }}
{{ if $item.filer }}
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.filer">$item.filer</a>
{{ endif }}
{{ if $item.vote }}
<a href="#" id="like-$item.id" title="$item.vote.like.0" onclick="dolike($item.id,'like'); return false">$item.vote.like.1</a>

View file

@ -58,6 +58,9 @@
<a href="#" id="tagger-$item.id" onclick="itemTag($item.id); return false;" class="$item.star.classtagger" title="$item.star.tagger">$item.star.tagger</a>
{{ endif }}
{{ if $item.filer }}
<a href="#" id="filer-$item.id" onclick="itemFiler($item.id); return false;" class="filer-item filer-icon" title="$item.filer">$item.filer</a>
{{ endif }}
{{ if $item.vote }}
<a href="#" id="like-$item.id" title="$item.vote.like.0" onclick="dolike($item.id,'like'); return false">$item.vote.like.1</a>