1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-27 01:02:42 +01:00
Commit graph

1906 commits

Author SHA1 Message Date
epriestley
f7b569e5d9 Don't use "/e" in PHPMailer Lite
Summary: PHP 5.4 raises an E_STRICT warning about "/e", and it's a generally awful idea, even though this case doesn't look exploitable. Silence the warning by using preg_replace_callback() instead of "/e".

Test Plan: Sent myself a message with a bunch of multibyte UTF8 characters in it, it came through cleanly.

Reviewers: btrahan, vrana, jungejason

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1056

Differential Revision: https://secure.phabricator.com/D2147
2012-04-08 10:02:16 -07:00
epriestley
b90d41dd90 Add an "--ignore-duplicates" flag to import_project_symbols.php
Summary: People are hella lazy and don't want to do this themselves.

Test Plan: Generated a symbol file with duplicates and piped it in, got an import under --ignore-duplicates.

Reviewers: kdeggelman, btrahan, vrana, jungejason

Reviewed By: jungejason

CC: aran

Differential Revision: https://secure.phabricator.com/D2145
2012-04-07 17:25:38 -07:00
epriestley
dd21f7e37c Make error views look less awful
Summary: These elements look heavy and out of place right now.

Test Plan: Looked at error views in uiexample page.

Reviewers: btrahan, vrana, jungejason

Reviewed By: jungejason

CC: aran

Differential Revision: https://secure.phabricator.com/D2144
2012-04-07 17:25:31 -07:00
epriestley
780da42126 Show user a notice when they view "My Projects" for feed but haven't joined any projects
Summary: Currently, we show them everything. Instead, show them an explicit notice.

Test Plan: Looked at "My Projects" feed with no projects.

Reviewers: btrahan, vrana, jungejason

Reviewed By: jungejason

CC: aran

Maniphest Tasks: T1015

Differential Revision: https://secure.phabricator.com/D2143
2012-04-07 17:25:24 -07:00
epriestley
ee278a302e Improve Diffusion blame views
Summary:
  - Make some effort to simplify the code.
  - Make "Skip Past This Commit" work in Git and Mercurial.
  - Make blame work in Mercurial.
  - Add tooltip hover state to show more information about commits.

Test Plan: Viewed blame views in SVN, Git, Hg. Clicked line numbers, hovered/clicked commits, hovered/clicked "blame past..."

Reviewers: btrahan, vrana, jungejason

Reviewed By: vrana

CC: aran

Maniphest Tasks: T378

Differential Revision: https://secure.phabricator.com/D2142
2012-04-07 17:24:35 -07:00
vrana
df67401e24 Add typehints to Diffusion browse file controller
Test Plan: Display commit.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2139
2012-04-07 16:03:55 -07:00
Jason Ge
bbeb850d63 Fix missing inline comments issue
Summary:
some inline comments are missing in the revision page. The
reason is that the inline comments got overwritten if multiple groups of
comments are modifying the same file
(https://secure.phabricator.com/diffusion/P/browse/master/src/applications/differential/view/revisioncomment/DifferentialRevisionCommentView.php;f6748bc1907d946ffe5a0957964a5eb5fe90514f$299).

Test Plan: the comments used to be missing renders now.

Reviewers: epriestley, nh

Reviewed By: epriestley

CC: hwang, aran

Differential Revision: https://secure.phabricator.com/D2135
2012-04-07 14:05:52 -07:00
Jason Ge
4f5ce3d9a3 Update ibrary map file
Summary: Update ibrary map file. It's probably caused by D2113.

Test Plan: arc unit passed for the testEverythingImplemented test case.

Reviewers: vrana, epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2134
2012-04-07 14:04:58 -07:00
epriestley
d4839f402c Minor, test fix for D2140? I think this fixes the issue in D2140, pushing to verify...
Auditors: 20after4, btrahan
2012-04-07 12:59:06 -07:00
vrana
5493c0e58e Fix typo 2012-04-07 11:45:31 -07:00
epriestley
ff4f72fdab Minor documentation updates.
Auditors: vrana, btrahan
2012-04-07 11:05:58 -07:00
epriestley
6c2e032dbe Minor, fix a heading in documentation.
Auditors: vrana, btrahan
2012-04-07 11:02:48 -07:00
epriestley
c894344505 Minor, fix some doc links.
Auditors: vrana, btrahan
2012-04-07 10:59:14 -07:00
vrana
d4c5761f41 Customizable MySQL implementation
Test Plan:
- /
- upgrade_schema.php
- Setup
- Try disabling mysql_connect.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2133
2012-04-07 10:54:12 -07:00
epriestley
34ca4a9ba7 Update arcanist documentation to reflect "land", a sane relative commit, and "--auto"
Summary: See D2080. The introduction of `arc land`, defaulting to `origin/master`, and --auto enormously simplifies the documentation.

Test Plan: Read documentation.

Reviewers: btrahan

Reviewed By: btrahan

CC: 20after4, aran

Maniphest Tasks: T894

Differential Revision: https://secure.phabricator.com/D2082
2012-04-07 10:39:51 -07:00
epriestley
869f24bf33 Fix reticle for diff-of-diffs
Summary:
The older logic was incorrect:

  - It chose `change.left` for `data.on_right` being true.
  - 'O' and 'N' mean 'old' and 'new', not 'left' and 'right'. In diff-of-diffs, both sides are 'N'.

So, select the changeset ID correctly (pick the right side one for on_right), and select the new file prefix correctly (N for new, O for old).

Test Plan: Waved my mouse over some inline comments in a diff-of-diffs, got reasonable-looking reticles.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1076

Differential Revision: https://secure.phabricator.com/D2138
2012-04-07 10:39:41 -07:00
vrana
7507981f22 Don't fatal with inaccessible database
Test Plan: Disable `mysql_connect()`.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2137
2012-04-07 10:31:36 -07:00
vrana
58d0ee2de0 Improve Windows support
Test Plan: Display stacktrace, verify that filenames are links.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2132
2012-04-07 10:15:54 -07:00
epriestley
3fdd8c497c Possible fix for T1076, pushing to verify.
I think the issue is that we don't set the left-side changesetID correctly. This seems to work correctly locally, but I'm not sure I got a good repro. Pushing to verify the production test cases provided in T1076.

Auditors: vrana, btrahan
2012-04-07 10:01:28 -07:00
vrana
9b043e5966 Bump required PHP version
Summary:
`mysql_set_charset()` is available since PHP 5.2.3.
I've searched also for other new functions and this is the newest.

Test Plan: /

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2126
2012-04-06 15:26:46 -07:00
Jason Ge
f6748bc190 The existing Audit code forgot to set authorPHID
Summary:
The audit tools has many false positive about Author Not
Matching with Revision. The fix is to set the authorPHID which was
missing in the existing code

Test Plan:
run reparse.php and it doesn't generate false positive result
anymore.

Reviewers: nh, epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2119
2012-04-06 14:16:42 -07:00
epriestley
f7c74e3fb8 Remove an extra </p>
Summary: renderMiniPanel() renders the entire <p>.

Test Plan: Looked at page source for homepage, verified there was no double </p>.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran

Maniphest Tasks: T1079

Differential Revision: https://secure.phabricator.com/D2128
2012-04-06 14:09:24 -07:00
vrana
a234a712cd Disable autoload in search for internal class
Test Plan:
/diffusion/symbol/Exception/?jump=1&type=class&lang=php
/diffusion/symbol/Countable/?jump=1&type=class&lang=php

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2124
2012-04-06 12:46:12 -07:00
vrana
e69ba98e20 Prepare for MySQLi support
Summary: This separates common MySQL stuff (identifiers and comments escaping, error codes, connection retries) from PHP extension specific stuff (connect, query, fetch, errors, escape string).

Test Plan:
/
Use `AphrontMySQLiDatabaseConnection` in `PhabricatorLiskDAO`, load homepage, edit task, save task.

Reviewers: epriestley

Reviewed By: epriestley

CC: nh, aran

Differential Revision: https://secure.phabricator.com/D2113
2012-04-06 12:43:56 -07:00
vrana
2211a0b07e Don't render <div> inside <span>
Test Plan: D1

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2121
2012-04-06 10:15:44 -07:00
vrana
23b65c13f4 Use Filesystem::readRandomBytes() in setup
Test Plan: Run setup.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2123
2012-04-06 10:10:33 -07:00
vrana
36ee5dba51 Jump to TOC after Show Diff
Summary: I've found it useful mainly on smaller screen or with lots of comments.

Test Plan: Show Diff

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2122
2012-04-06 09:56:28 -07:00
vrana
1f2028adf0 Render valid HTML
Summary: Also delete some dead code.

Test Plan: /D1

Reviewers: tuomaspelkonen, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D2120
2012-04-06 09:56:14 -07:00
vrana
6aa729b1c9 Support MySQL 5.5
Summary:
`116.utf8.sql` throws this under MySQL 5.5:

> Column length too big for column 'keyBody' (max = 21845); use BLOB or TEXT instead

I guess that's because MySQL 5.5 changed maximum length of UTF-8 character from 3 bytes to 4.

I've updated also `116.utf8.sql` for people with new installs.

Test Plan:
  upgrade_schema.php

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2117
2012-04-06 09:55:58 -07:00
vrana
23988ca482 Support Windows
Test Plan:
Enable setup.
Disable setup.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2118
2012-04-06 09:34:06 -07:00
vrana
426d6f2b1f Make getTransactionKey() protected
Test Plan: Search for `getTransactionKey`.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2115
2012-04-06 09:33:37 -07:00
vrana
bc5307f7d5 Fix whitespace 2012-04-06 01:00:32 -07:00
vrana
5f341c79cb Pass connection to mysql_set_charset() 2012-04-05 17:23:29 -07:00
vrana
64facecb87 Fix typo in AphrontMySQLDatabaseConnection 2012-04-05 17:19:07 -07:00
vrana
f698e860cf Remove duplicate remarkup rule
Summary: D2110

Test Plan:
  [[wiki]]
  [[http://example.com]]
  [[http://example.com | example.com]]

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2111
2012-04-05 16:31:17 -07:00
Nick Harper
efb49a6a09 Fix differential.createrevision conduit call
Summary:
This introduces some boundary checking for
PhabricatorOwnersOwner::loadAffiliatedUserPHIDs() if it gets passed an empty
array, which happened when I ran arc diff and it called
differential.createrevision.

Test Plan: ran arc diff

Reviewers: epriestley, meitros, jungejason

CC: aran

Differential Revision: https://secure.phabricator.com/D2112
2012-04-05 15:28:58 -07:00
vrana
ff2b58dab7 Fix MySQL column escaping
Summary:
MySQL doesn't treat `\` as escaping character in ##``##.
This isn't probably SQL injection hole because I've found no calls of this method with user input.
But better safe than sorry.

See also [[http://dev.mysql.com/doc/refman/5.1/en/server-sql-mode.html#sqlmode_no_backslash_escapes | NO_BACKSLASH_ESCAPES]].

Test Plan:
  lang=sql
  SELECT `a\`b`; -- Throws: Syntax error near '`'.
  -- Should throw: Unknown column 'a`b'.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2109
2012-04-05 15:11:05 -07:00
vrana
23d5d7a1a6 Delete unused CSS
Summary: Unused since D2062.

Test Plan:
View commit.
View task.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2108
2012-04-05 10:54:06 -07:00
vrana
d1b7059a2d Open editor from stack trace
Summary:
I've considered that user may have set editor but not checked out Phabricator repositories.
But stack trace is useful mainly for developers.

Test Plan:
Click on path in Unhandled Exception.
Repeat with disabled editor.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2107
2012-04-04 18:19:14 -07:00
Bob Trahan
09172a1937 Add pagers to server clients and client authorizations in OAuth Server GUI
Summary: ...also make the pager usage in ChatLog use the nice formatWhereClause functionality

Test Plan: set $page_size = 2 and paged around the data a bit

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Maniphest Tasks: T905

Differential Revision: https://secure.phabricator.com/D2106
2012-04-04 17:51:16 -07:00
epriestley
05b4c90bfd Allow Commits to be attached to Tasks using edges
Summary: Use Edges to attach Commits and Tasks. Note, no "edit attached commits" interface from tasks yet since the search backend needs a little work to list commits in a sensible way.

Test Plan: Attached commits to tasks. Looked at commits, looked at tasks.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T904

Differential Revision: https://secure.phabricator.com/D2105
2012-04-04 17:34:25 -07:00
Bob Trahan
cc586b0afa For discussion -- Stripe integration
Summary:
various stripe stuff, including

- external stripe library
- payment form
- test controller to play with payment form, sample business logic

My main questions / discussion topics are...

- is the stripe PHP library too big? (ie should I write something more simple just for phabricator?)
-- if its cool, what is the best way to include the client? (ie should I make it a submodule rather than the flat copy here?)
- is the JS I wrote (too) ridiculous?
-- particularly unhappy with the error message stuff being in JS *but* it seemed the best choice given the most juicy error messages come from the stripe JS such that the overall code complexity is lowest this way.
- how should the stripe JS be included?
-- flat copy like I did here?
-- some sort of external?
-- can we just load it off stripe servers at request time? (I like that from the "if stripe is down, stripe is down" perspective)
- wasn't sure if the date control was too silly and should just be baked into the form?
-- for some reason I feel like its good to be prepared to walk away from Stripe / switch providers here, though I think this is on the wrong side of pragmatic

Test Plan: - played around with sample client form

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2096
2012-04-04 16:09:29 -07:00
epriestley
877cb136e8 Add an assocations-like "Edges" framework
Summary:
We have a lot of cases where we store object relationships, but it's all kind of messy and custom. Some particular problems:

  - We go to great lengths to enforce order stability in Differential revisions, but the implementation is complex and inelegant.
  - Some relationships are stored on-object, so we can't pull the inverses easily. For example, Maniphest shows child tasks but not parent tasks.
  - I want to add more of these and don't want to continue building custom stuff.
  - UIs like the "attach stuff to other stuff" UI need custom branches for each object type.
  - Stuff like "allow commits to close tasks" is notrivial because of nonstandard metadata storage.

Provide an association-like "edge" framework to fix these problems. This is nearly identical to associations, with a few differences:

  - I put edge metadata in a separate table and don't load it by default, to keep edge rows small and allow large metadata if necessary. The on-edge metadata seemed to get abused a lot at Facebook.
  - I put a 'seq' column on the edges to ensure they have an explicit, stable ordering within a source and type.

This isn't actually used anywhere yet, but my first target is attaching commits to tasks for T904.

Test Plan: Made a mock page that used Editor and Query. Verified adding and removing edges, overwriting edges, writing and loading edge data, sequence number generation.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, 20after4

Differential Revision: https://secure.phabricator.com/D2088
2012-04-04 15:30:21 -07:00
vrana
bc61f36beb Replace elseif by else if
Summary:
Mostly written by me.
Omit external libraries.

Test Plan: http://phabricator.com/docs/phabricator/article/PHP_Coding_Standards.html

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2104
2012-04-04 15:24:47 -07:00
vrana
b8cb52a9da Return $this from shortcuts
Test Plan:
Search for `>setLineWidthFromChangesets(`.
Search for `>loadAndAttachAuxiliaryAttributes(`.

Reviewers: epriestley, jungejason

Reviewed By: jungejason

CC: aran

Differential Revision: https://secure.phabricator.com/D2102
2012-04-04 15:12:20 -07:00
vrana
582fc847f2 Use assert_instances_of() in Differential
Summary: NOTE: This is not produced by a script so there might be errors. Please review carefully.

Test Plan: Browse around Differential.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2103
2012-04-04 15:11:30 -07:00
epriestley
01767c482d Add a datepicker control
Summary: I looooove JS! It makes me giddy with glee!

Test Plan: Picked dates. See screenshots.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D2086
2012-04-04 12:14:10 -07:00
vrana
84398fc581 Allow system agents in commit message object lists
Summary:
When system agent adds a comment then he is added to CC.
When I amend and update then I get message "Commit message references nonexistent ..."

Test Plan: Update revision with system agent in CC.

Reviewers: epriestley

Reviewed By: epriestley

CC: michalburger1, aran

Differential Revision: https://secure.phabricator.com/D2100
2012-04-04 10:46:00 -07:00
vrana
6a0b25c188 Fix wrong assert_instances_of() added by D2091
Test Plan: Display revision.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2095
2012-04-03 19:26:05 -07:00
vrana
a309d5ba2f Replace leading double underscore in function names by single underscore
Summary:
> PHP reserves all symbols starting with __ as magical. http://php.net/userlandnaming.rules

I didn't touch third-party S3 library.

Test Plan: /

Reviewers: epriestley

Reviewed By: epriestley

CC: aran

Differential Revision: https://secure.phabricator.com/D2077
2012-04-03 18:55:52 -07:00