1
0
Fork 0

rev update, bug 428, 429, and ability to block globaldir submissions from demo sites

This commit is contained in:
friendica 2012-05-21 16:40:11 -07:00
parent 71fe343324
commit 54e2c1ca81
11 changed files with 205 additions and 66 deletions

View file

@ -222,3 +222,50 @@ Retry the installation. As soon as the database has been created,
% chmod 755 .htconfig.php
#####################################################################
- Some congiurations with "suhosin" security are configured without
an ability to run external processes. Friendica requires this ability.
Following are some notes provided by one of our members.
#####################################################################
On my server I use the php protection system Suhosin
[http://www.hardened-php.net/suhosin/]. One of the things it does is to block
certain functions like proc_open, as configured in /etc/php5/conf.d/suhosin.ini:
suhosin.executor.func.blacklist = proc_open, ...
For those sites like Friendica that really need these functions they can be
enabled, e.g. in /etc/apache2/sites-available/friendica:
<Directory /var/www/friendica/>
php_admin_value suhosin.executor.func.blacklist none
php_admin_value suhosin.executor.eval.blacklist none
</Directory>
This enables every function for Friendica if accessed via browser, but not for
the cronjob that is called via php command line. I attempted to enable it for
cron by using something like
*/10 * * * * cd /var/www/friendica/friendica/ && sudo -u www-data /usr/bin/php
-d suhosin.executor.func.blacklist=none -d suhosin.executor.eval.blacklist=none
-f include/poller.php
This worked well for simple test cases, but the friendica-cron still failed with
a fatal error:
suhosin[22962]: ALERT - function within blacklist called: proc_open() (attacker
'REMOTE_ADDR not set', file '/var/www/friendica/friendica/boot.php', line 1341)
After a while I noticed, that include/poller.php calls further php script via
proc_open. These scripts themselves also use proc_open and fail, because they
are NOT called with -d suhosin.executor.func.blacklist=none.
So the simple solution is to put the correct parameters into .htconfig.php:
// Location of PHP command line processor
$a->config['php_path'] = '/usr/bin/php -d suhosin.executor.func.blacklist=none
-d suhosin.executor.eval.blacklist=none';
This is obvious as soon as you notice that the friendica-cron uses proc_open to
execute php-scripts that also use proc_open, but it took me quite some time to
find that out. I hope this saves some time for other people using suhosin with
function blacklists.

View file

@ -9,7 +9,7 @@ require_once('include/nav.php');
require_once('include/cache.php');
define ( 'FRIENDICA_PLATFORM', 'Friendica');
define ( 'FRIENDICA_VERSION', '3.0.1348' );
define ( 'FRIENDICA_VERSION', '3.0.1349' );
define ( 'DFRN_PROTOCOL_VERSION', '2.23' );
define ( 'DB_UPDATE_VERSION', 1144 );

View file

@ -24,6 +24,9 @@ function directory_run($argv, $argc){
load_config('system');
load_hooks();
$a->set_baseurl(get_config('system','url'));
$dir = get_config('system','directory_submit_url');
@ -31,7 +34,12 @@ function directory_run($argv, $argc){
if(! strlen($dir))
return;
fetch_url($dir . '?url=' . bin2hex($argv[1]));
$arr = array('url' => $argv[1]);
call_hooks('globaldir_update', $arr);
if(strlen($arr['url']))
fetch_url($dir . '?url=' . bin2hex($arr['url']));
return;
}

View file

@ -417,7 +417,7 @@ function admin_page_site(&$a) {
'$maximagesize' => array('maximagesize', t("Maximum image size"), get_config('system','maximagesize'), t("Maximum size in bytes of uploaded images. Default is 0, which means no limits.")),
'$register_policy' => array('register_policy', t("Register policy"), $a->config['register_policy'], "", $register_choices),
'$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES), t("Will be displayed prominently on the registration page.")),
'$register_text' => array('register_text', t("Register text"), htmlentities($a->config['register_text'], ENT_QUOTES, 'UTF-8'), t("Will be displayed prominently on the registration page.")),
'$abandon_days' => array('abandon_days', t('Accounts abandoned after x days'), get_config('system','account_abandon_days'), t('Will not waste system resources polling external sites for abandonded accounts. Enter 0 for no time limit.')),
'$allowed_sites' => array('allowed_sites', t("Allowed friend domains"), get_config('system','allowed_sites'), t("Comma separated list of domains which are allowed to establish friendships with this site. Wildcards are accepted. Empty to allow any domains")),
'$allowed_email' => array('allowed_email', t("Allowed email domains"), get_config('system','allowed_email'), t("Comma separated list of domains which are allowed in email addresses for registrations to this site. Wildcards are accepted. Empty to allow any domains")),

View file

@ -977,9 +977,16 @@ function photos_content(&$a) {
$tpl = get_markup_template('photo_album.tpl');
if(count($r))
$twist = 'rotright';
foreach($r as $rr) {
if($twist == 'rotright')
$twist = 'rotleft';
else
$twist = 'rotright';
$o .= replace_macros($tpl,array(
'$id' => $rr['id'],
'$twist' => ' ' . $twist . rand(2,4),
'$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
'$phototitle' => t('View Photo'),
'$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg',
@ -1400,9 +1407,16 @@ function photos_content(&$a) {
$photos = array();
if(count($r)) {
$twist = 'rotright';
foreach($r as $rr) {
if($twist == 'rotright')
$twist = 'rotleft';
else
$twist = 'rotright';
$photos[] = array(
'id' => $rr['id'],
'twist' => ' ' . $twist . rand(2,4),
'link' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
'title' => t('View Photo'),
'src' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . ((($rr['scale']) == 6) ? 4 : $rr['scale']) . '.jpg',

View file

@ -6,9 +6,9 @@
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: 3.0.1348\n"
"Project-Id-Version: 3.0.1349\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2012-05-20 10:00-0700\n"
"POT-Creation-Date: 2012-05-21 10:00-0700\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -123,8 +123,8 @@ msgstr ""
#: ../../mod/crepair.php:166 ../../mod/fsuggest.php:107
#: ../../mod/events.php:428 ../../mod/photos.php:900 ../../mod/photos.php:958
#: ../../mod/photos.php:1193 ../../mod/photos.php:1233
#: ../../mod/photos.php:1273 ../../mod/photos.php:1304
#: ../../mod/photos.php:1200 ../../mod/photos.php:1240
#: ../../mod/photos.php:1280 ../../mod/photos.php:1311
#: ../../mod/install.php:251 ../../mod/install.php:289
#: ../../mod/localtime.php:45 ../../mod/contacts.php:322
#: ../../mod/settings.php:553 ../../mod/settings.php:699
@ -220,7 +220,7 @@ msgid "link to source"
msgstr ""
#: ../../mod/events.php:324 ../../view/theme/diabook/theme.php:126
#: ../../include/nav.php:52 ../../boot.php:1503
#: ../../include/nav.php:52 ../../boot.php:1522
msgid "Events"
msgstr ""
@ -345,18 +345,18 @@ msgstr ""
msgid "No"
msgstr ""
#: ../../mod/photos.php:43 ../../boot.php:1497
#: ../../mod/photos.php:43 ../../boot.php:1516
msgid "Photo Albums"
msgstr ""
#: ../../mod/photos.php:51 ../../mod/photos.php:151 ../../mod/photos.php:879
#: ../../mod/photos.php:950 ../../mod/photos.php:965 ../../mod/photos.php:1382
#: ../../mod/photos.php:1394 ../../addon/communityhome/communityhome.php:110
#: ../../mod/photos.php:950 ../../mod/photos.php:965 ../../mod/photos.php:1389
#: ../../mod/photos.php:1401 ../../addon/communityhome/communityhome.php:110
#: ../../view/theme/diabook/theme.php:593
msgid "Contact Photos"
msgstr ""
#: ../../mod/photos.php:58 ../../mod/photos.php:975 ../../mod/photos.php:1424
#: ../../mod/photos.php:58 ../../mod/photos.php:975 ../../mod/photos.php:1438
msgid "Upload New Photos"
msgstr ""
@ -387,7 +387,7 @@ msgstr ""
msgid "Delete Album"
msgstr ""
#: ../../mod/photos.php:242 ../../mod/photos.php:1194
#: ../../mod/photos.php:242 ../../mod/photos.php:1201
msgid "Delete Photo"
msgstr ""
@ -455,7 +455,7 @@ msgstr ""
msgid "Do not show a status post for this upload"
msgstr ""
#: ../../mod/photos.php:914 ../../mod/photos.php:1189
#: ../../mod/photos.php:914 ../../mod/photos.php:1196
msgid "Permissions"
msgstr ""
@ -463,108 +463,108 @@ msgstr ""
msgid "Edit Album"
msgstr ""
#: ../../mod/photos.php:984 ../../mod/photos.php:1407
#: ../../mod/photos.php:991 ../../mod/photos.php:1421
msgid "View Photo"
msgstr ""
#: ../../mod/photos.php:1019
#: ../../mod/photos.php:1026
msgid "Permission denied. Access to this item may be restricted."
msgstr ""
#: ../../mod/photos.php:1021
#: ../../mod/photos.php:1028
msgid "Photo not available"
msgstr ""
#: ../../mod/photos.php:1071
#: ../../mod/photos.php:1078
msgid "View photo"
msgstr ""
#: ../../mod/photos.php:1071
#: ../../mod/photos.php:1078
msgid "Edit photo"
msgstr ""
#: ../../mod/photos.php:1072
#: ../../mod/photos.php:1079
msgid "Use as profile photo"
msgstr ""
#: ../../mod/photos.php:1078 ../../include/conversation.php:483
#: ../../mod/photos.php:1085 ../../include/conversation.php:483
msgid "Private Message"
msgstr ""
#: ../../mod/photos.php:1100
#: ../../mod/photos.php:1107
msgid "View Full Size"
msgstr ""
#: ../../mod/photos.php:1168
#: ../../mod/photos.php:1175
msgid "Tags: "
msgstr ""
#: ../../mod/photos.php:1171
#: ../../mod/photos.php:1178
msgid "[Remove any tag]"
msgstr ""
#: ../../mod/photos.php:1182
#: ../../mod/photos.php:1189
msgid "New album name"
msgstr ""
#: ../../mod/photos.php:1185
#: ../../mod/photos.php:1192
msgid "Caption"
msgstr ""
#: ../../mod/photos.php:1187
#: ../../mod/photos.php:1194
msgid "Add a Tag"
msgstr ""
#: ../../mod/photos.php:1191
#: ../../mod/photos.php:1198
msgid "Example: @bob, @Barbara_Jensen, @jim@example.com, #California, #camping"
msgstr ""
#: ../../mod/photos.php:1211 ../../include/conversation.php:532
#: ../../mod/photos.php:1218 ../../include/conversation.php:532
msgid "I like this (toggle)"
msgstr ""
#: ../../mod/photos.php:1212 ../../include/conversation.php:533
#: ../../mod/photos.php:1219 ../../include/conversation.php:533
msgid "I don't like this (toggle)"
msgstr ""
#: ../../mod/photos.php:1213 ../../include/conversation.php:967
#: ../../mod/photos.php:1220 ../../include/conversation.php:967
msgid "Share"
msgstr ""
#: ../../mod/photos.php:1214 ../../mod/editpost.php:104
#: ../../mod/photos.php:1221 ../../mod/editpost.php:104
#: ../../mod/wallmessage.php:145 ../../mod/message.php:214
#: ../../mod/message.php:408 ../../include/conversation.php:364
#: ../../include/conversation.php:709 ../../include/conversation.php:986
msgid "Please wait"
msgstr ""
#: ../../mod/photos.php:1230 ../../mod/photos.php:1270
#: ../../mod/photos.php:1301 ../../include/conversation.php:555
#: ../../mod/photos.php:1237 ../../mod/photos.php:1277
#: ../../mod/photos.php:1308 ../../include/conversation.php:555
msgid "This is you"
msgstr ""
#: ../../mod/photos.php:1232 ../../mod/photos.php:1272
#: ../../mod/photos.php:1303 ../../include/conversation.php:557
#: ../../mod/photos.php:1239 ../../mod/photos.php:1279
#: ../../mod/photos.php:1310 ../../include/conversation.php:557
#: ../../boot.php:516
msgid "Comment"
msgstr ""
#: ../../mod/photos.php:1234 ../../mod/editpost.php:125
#: ../../mod/photos.php:1241 ../../mod/editpost.php:125
#: ../../include/conversation.php:567 ../../include/conversation.php:1004
msgid "Preview"
msgstr ""
#: ../../mod/photos.php:1331 ../../mod/settings.php:616
#: ../../mod/photos.php:1338 ../../mod/settings.php:616
#: ../../mod/settings.php:697 ../../mod/group.php:168 ../../mod/admin.php:647
#: ../../include/conversation.php:321 ../../include/conversation.php:587
msgid "Delete"
msgstr ""
#: ../../mod/photos.php:1413
#: ../../mod/photos.php:1427
msgid "View Album"
msgstr ""
#: ../../mod/photos.php:1422
#: ../../mod/photos.php:1436
msgid "Recent Photos"
msgstr ""
@ -1692,7 +1692,7 @@ msgstr ""
#: ../../addon/facebook/facebook.php:688
#: ../../addon/facebook/facebook.php:1178
#: ../../addon/public_server/public_server.php:62
#: ../../addon/testdrive/testdrive.php:61 ../../include/items.php:2738
#: ../../addon/testdrive/testdrive.php:67 ../../include/items.php:2738
#: ../../boot.php:696
msgid "Administrator"
msgstr ""
@ -2369,7 +2369,7 @@ msgstr ""
msgid "Invalid contact."
msgstr ""
#: ../../mod/notes.php:44 ../../boot.php:1509
#: ../../mod/notes.php:44 ../../boot.php:1528
msgid "Personal Notes"
msgstr ""
@ -2620,7 +2620,7 @@ msgstr ""
#: ../../mod/profperm.php:103 ../../view/theme/diabook/theme.php:123
#: ../../include/profile_advanced.php:7 ../../include/profile_advanced.php:74
#: ../../include/nav.php:50 ../../boot.php:1488
#: ../../include/nav.php:50 ../../boot.php:1507
msgid "Profile"
msgstr ""
@ -2835,7 +2835,7 @@ msgid "Access denied."
msgstr ""
#: ../../mod/fbrowser.php:23 ../../view/theme/diabook/theme.php:125
#: ../../include/nav.php:51 ../../boot.php:1494
#: ../../include/nav.php:51 ../../boot.php:1513
msgid "Photos"
msgstr ""
@ -4864,7 +4864,7 @@ msgid "Enable Geonames Plugin"
msgstr ""
#: ../../addon/public_server/public_server.php:126
#: ../../addon/testdrive/testdrive.php:88
#: ../../addon/testdrive/testdrive.php:94
#, php-format
msgid "Your account on %s will expire in a few days."
msgstr ""
@ -5141,11 +5141,11 @@ msgstr ""
msgid "Gravatar settings updated."
msgstr ""
#: ../../addon/testdrive/testdrive.php:89
#: ../../addon/testdrive/testdrive.php:95
msgid "Your Friendica test account is about to expire."
msgstr ""
#: ../../addon/testdrive/testdrive.php:90
#: ../../addon/testdrive/testdrive.php:96
#, php-format
msgid ""
"Hi %1$s,\n"
@ -6221,12 +6221,12 @@ msgstr ""
msgid "Finishes:"
msgstr ""
#: ../../include/delivery.php:455 ../../include/notifier.php:659
#: ../../include/delivery.php:455 ../../include/notifier.php:677
msgid "(no subject)"
msgstr ""
#: ../../include/delivery.php:462 ../../include/enotify.php:23
#: ../../include/notifier.php:666
#: ../../include/notifier.php:684
msgid "noreply"
msgstr ""
@ -6449,7 +6449,7 @@ msgstr ""
msgid "End this session"
msgstr ""
#: ../../include/nav.php:49 ../../boot.php:1482
#: ../../include/nav.php:49 ../../boot.php:1501
msgid "Status"
msgstr ""
@ -7278,18 +7278,18 @@ msgstr ""
msgid "Events this week:"
msgstr ""
#: ../../boot.php:1485
#: ../../boot.php:1504
msgid "Status Messages and Posts"
msgstr ""
#: ../../boot.php:1491
#: ../../boot.php:1510
msgid "Profile Details"
msgstr ""
#: ../../boot.php:1506
#: ../../boot.php:1525
msgid "Events and Calendar"
msgstr ""
#: ../../boot.php:1512
#: ../../boot.php:1531
msgid "Only You Can See This"
msgstr ""

View file

@ -1,6 +1,6 @@
<div class="photo-album-image-wrapper" id="photo-album-image-wrapper-$id">
<a href="$photolink" class="photo-album-photo-link" id="photo-album-photo-link-$id" title="$phototitle">
<img src="$imgsrc" alt="$imgalt" title="$phototitle" class="photo-album-photo lframe resize" id="photo-album-photo-$id" />
<img src="$imgsrc" alt="$imgalt" title="$phototitle" class="photo-album-photo lframe resize$twist" id="photo-album-photo-$id" />
<p class='caption'>$desc</p>
</a>
</div>

View file

@ -1,7 +1,7 @@
<div class="photo-top-image-wrapper lframe" id="photo-top-image-wrapper-$id">
<div class="photo-top-image-wrapper lframe" id="photo-top-image-wrapper-$photo.id">
<a href="$photo.link" class="photo-top-photo-link" id="photo-top-photo-link-$photo.id" title="$photo.title">
<img src="$photo.src" alt="$photo.alt" title="$photo.title" class="photo-top-photo" id="photo-top-photo-$photo.id" />
<img src="$photo.src" alt="$photo.alt" title="$photo.title" class="photo-top-photo$photo.twist" id="photo-top-photo-$photo.id" />
</a>
<div class="photo-top-album-name"><a href="$photo.album.link" class="photo-top-album-link" title="$photo.album.alt" >$photo.album.name</a></div>
</div>

View file

@ -8,3 +8,4 @@
{{ inc photo_top.tpl }}{{ endinc }}
{{ endfor }}
</div>
<div class="photos-end"></div>

View file

@ -1963,23 +1963,29 @@ aside input[type='text'] {
}
.photos {
/*.photos {
height: auto;
overflow: auto;
}*/
.photos-end {
clear: both;
margin-bottom: 25px;
}
.photo-album-image-wrapper {
float: left;
margin-top: 15px;
margin-right: 15px;
width: 200px; height: 200px;
margin-left: 15px;
/* width: 200px; height: 200px;
overflow: hidden;
position: relative;
position: relative; */
}
.photo-album-image-wrapper .caption {
display: none;
width: 100%;
position: absolute;
/* position: absolute; */
bottom: 0px;
padding: 0.5em 0.5em 0px 0.5em;
background-color: rgba(245, 245, 255, 0.8);
@ -1992,20 +1998,23 @@ aside input[type='text'] {
#photo-album-end {
clear: both;
margin-bottom: 25px;
}
.photo-top-image-wrapper {
position: relative;
/* position: relative; */
float: left;
margin-top: 15px;
margin-right: 15px;
width: 200px; height: 200px;
overflow: hidden;
margin-left: 15px;
margin-bottom: 15px;
/* width: 200px; height: 200px;
overflow: hidden; */
}
.photo-top-album-name {
width: 100%;
min-height: 2em;
position: absolute;
/* position: absolute; */
bottom: 0px;
padding: 0px 3px;
padding-top: 0.5em;

View file

@ -52,10 +52,70 @@ nav #site-location {
box-shadow: 3px 3px 10px -2px #000000;
}
.contact-entry-photo img, .profile-match-photo img, #photo-photo img, .directory-photo-img {
.contact-entry-photo img, .profile-match-photo img, #photo-photo img, .directory-photo-img, .photo-album-photo, .photo-top-photo {
border-radius: 3px;
-moz-border-radius: 3px;
box-shadow: 3px 3px 10px 0 #000000;
}
.photo-top-photo, .photo-album-photo {
padding: 10px;
max-width: 300px;
}
.rotleft1 {
-webkit-transform: rotate(-1deg);
-moz-transform: rotate(-1deg);
-ms-transform: rotate(-1deg);
-o-transform: rotate(-1deg);
}
.rotleft2 {
-webkit-transform: rotate(-2deg);
-moz-transform: rotate(-2deg);
-ms-transform: rotate(-2deg);
-o-transform: rotate(-2deg);
}
.rotleft3 {
-webkit-transform: rotate(-3deg);
-moz-transform: rotate(-3deg);
-ms-transform: rotate(-3deg);
-o-transform: rotate(-3deg);
}
.rotleft4 {
-webkit-transform: rotate(-4deg);
-moz-transform: rotate(-4deg);
-ms-transform: rotate(-4deg);
-o-transform: rotate(-4deg);
}
.rotright1 {
-webkit-transform: rotate(1deg);
-moz-transform: rotate(1deg);
-ms-transform: rotate(1deg);
-o-transform: rotate(1deg);
}
.rotright2 {
-webkit-transform: rotate(2deg);
-moz-transform: rotate(2deg);
-ms-transform: rotate(2deg);
-o-transform: rotate(2deg);
}
.rotright3 {
-webkit-transform: rotate(3deg);
-moz-transform: rotate(3deg);
-ms-transform: rotate(3deg);
-o-transform: rotate(3deg);
}
.rotright4 {
-webkit-transform: rotate(4deg);
-moz-transform: rotate(4deg);
-ms-transform: rotate(4deg);
-o-transform: rotate(4deg);
}