CONFIGURE

@@ -120,8 +120,9 @@ db
 --
 
 This section is a reference to the configuration options for
-DB_DataObject (see <http://ur1.ca/7xp>). The ones that you may want to
-set are listed below for clarity.
+DB_DataObject (see
+<http://pear.php.net/manual/en/package.database.db-dataobject.intro-configuration.php>).
+The ones that you may want to set are listed below for clarity.
 
 database: a DSN (Data Source Name) for your StatusNet database. This is
     in the format 'protocol://username:password@hostname/databasename',
@@ -322,8 +323,8 @@ server: If set, defines another server where avatars are stored in the
     the client to speed up page loading, either with another
     virtual server or with an NFS or SAMBA share. Clients
     typically only make 2 connections to a single server at a
-    time <http://ur1.ca/6ih>, so this can parallelize the job.
-    Defaults to null.
+    time <https://www.w3.org/Protocols/rfc2616/rfc2616-sec8.html#sec8.1.4>,
+    so this can parallelize the job. Defaults to null.
 ssl: Whether to access avatars using HTTPS. Defaults to null, meaning
     to guess based on site-wide SSL settings.
 
@@ -496,9 +497,9 @@ Profile management.
 
 biolimit: max character length of bio; 0 means no limit; null means to use
     the site text limit default.
-backup: whether users can backup their own profiles. Defaults to true.
+backup: whether users can backup their own profiles. Defaults to false.
 restore: whether users can restore their profiles from backup files. Defaults
-	 to true.
+	 to false.
 delete: whether users can delete their own accounts. Defaults to false.
 move: whether users can move their accounts to another server. Defaults
       to true.
@@ -672,7 +673,7 @@ Web crawlers. See http://www.robotstxt.org/ for more information
 on the format of this file.
 
 crawldelay: if non-empty, this value is provided as the Crawl-Delay:
-    for the robots.txt file. see http://ur1.ca/l5a0
+    for the robots.txt file. see <https://en.wikipedia.org/wiki/Robots_exclusion_standard#Crawl-delay_directive>
     for more information. Default is zero, no explicit delay.
 disallow: Array of (virtual) directories to disallow. Default is 'main',
     'search', 'message', 'settings', 'admin'. Ignored when site

INSTALL

@@ -26,16 +26,12 @@ PHP modules
 The following software packages are *required* for this software to
 run correctly.
 
-- PHP 5.5+      For newer versions, some functions that are used may be
-                disabled by default, such as the pcntl_* family. See the
-                section on 'Queues and daemons' for more information.
-- MariaDB 5+    GNU Social uses, by default, a MariaDB server for data
-                storage. Versions 5.x and 10.x have both reportedly
-                worked well. It is also possible to run MySQL 5.5+.
-- Web server    Apache, lighttpd and nginx will all work. CGI mode is
-                recommended and also some variant of 'suexec' (or a
-                proper setup php-fpm pool)
-                NOTE: mod_rewrite or its equivalent is extremely useful.
+- PHP 5.6+      PHP7.x is also supported.
+- MariaDB 5+    MariaDB 10.x is also supported.
+- Web server    Apache, lighttpd and nginx will all work, see sample
+                configuration files in the web root. Please use PHP-FPM
+                and configure mod_rewrite (or equivalent) for an optimal
+                experience.
 
 Your PHP installation must include the following PHP extensions for a
 functional setup of GNU Social:
@@ -49,9 +45,22 @@ functional setup of GNU Social:
 - php5-mysqlnd  The native driver for PHP5 MariaDB connections. If you
                   use MySQL, 'php5-mysql' or 'php5-mysqli' may be enough.
 
-The above package names are for Debian based systems. In the case of
-Arch Linux, PHP is compiled with support for most extensions but they
-require manual enabling in the relevant php.ini file (mostly php5-gmp).
+Or, for PHP7, some or all of these will be necessary. PHP7 works and on
+the development servers we are successful running PHP7.2. This is a good
+list of PHP modules you will want installed with PHP7:
+    php7.0-bcmath
+    php7.0-curl
+    php7.0-exif
+    php7.0-gd
+    php7.0-intl
+    php7.0-mbstring
+    php7.0-mysql
+    php7.0-opcache
+    php7.0-readline
+    php7.0-xmlwriter
+
+NOTE: In Arch Linux, at least PHP5 requires manual enabling in the
+relevant php.ini for some modules, most notably 'gmp'.
 
 Better performance
 ------------------
@@ -61,19 +70,10 @@ For some functionality, you will also need the following extensions:
 - opcache       Improves performance a _lot_. Included in PHP, must be
                 enabled manually in php.ini for most distributions. Find
                 and set at least:  opcache.enable=1
-- mailparse     Efficient parsing of email requires this extension.
-                Submission by email or SMS-over-email uses this.
-- sphinx        A client for the sphinx server, an alternative to MySQL
-                or Postgresql fulltext search. You will also need a
-                Sphinx server to serve the search queries.
 - gettext       For multiple languages. Default on many PHP installs;
                 will be emulated if not present.
 - exif          For thumbnails to be properly oriented.
 
-You may also experience better performance from your site if you configure
-a PHP cache/accelerator. Most distributions come with "opcache" support.
-Enable it in your php.ini where it is documented together with its settings.
-
 Installation
 ============
 

README.md

@@ -107,6 +107,7 @@ So far it includes the following changes:
 
 - Backing up a user's account is more and more complete.
 - Emojis 😸 (utf8mb4 support)
+- Fully qualified group mentions (!group@example.com)
 
 The last release, 1.1.3, gave us these improvements:
 

UPGRADE

@@ -11,6 +11,9 @@ and follow this procedure:
 0. Backup your data. The StatusNet upgrade discussions below have some
     guidelines to back up the database and files (mysqldump and rsync).
 
+    MAKE SURE YOU ARE THE SAME USER THAT RUNS THE PHP FILES WHILE PERFORMING
+    THE COMMANDS BELOW (I usually prepend the commands with 'sudo -u social')
+
 1. Stop your queue daemons (you can run this command even if you do not
     use the queue daemons):
     $ bash scripts/stopdaemons.sh

actions/addpeopletag.php

@@ -65,7 +65,7 @@ class AddpeopletagAction extends Action
      *
      * @return boolean success flag
      */
-    function prepare($args)
+    function prepare(array $args = array())
     {
         parent::prepare($args);
 
@@ -119,7 +119,7 @@ class AddpeopletagAction extends Action
      *
      * @return void
      */
-    function handle($args)
+    function handle()
     {
         // Throws exception on error
         $ptag = Profile_tag::setTag($this->user->id, $this->tagged->id,

actions/all.php

@@ -170,12 +170,6 @@ class AllAction extends ShowstreamAction
             }
             $ibs->show();
         }
-        // XXX: make this a little more convenient
-
-        if (!common_config('performance', 'high')) {
-            $pop = new InboxTagCloudSection($this, $this->target);
-            $pop->show();
-        }
     }
 }
 

actions/allrss.php

@@ -46,7 +46,7 @@ class AllrssAction extends TargetedRss10Action
 {
     protected function getNotices()
     {
-        $stream = new InboxNoticeStream($this->target);
+        $stream = new InboxNoticeStream($this->target, $this->scoped);
         return $stream->getNotices(0, $this->limit)->fetchAll();
     }
 

actions/apiaccountupdatedeliverydevice.php

@@ -54,7 +54,7 @@ class ApiAccountUpdateDeliveryDeviceAction extends ApiAuthAction
      *
      * @return boolean success flag
      */
-    function prepare($args)
+    function prepare(array $args = array())
     {
         parent::prepare($args);
 
@@ -73,9 +73,9 @@ class ApiAccountUpdateDeliveryDeviceAction extends ApiAuthAction
      *
      * @return void
      */
-    function handle($args)
+    function handle()
     {
-        parent::handle($args);
+        parent::handle();
 
         if (!in_array($this->format, array('xml', 'json'))) {
             $this->clientError(

actions/apiatomservice.php

@@ -51,7 +51,7 @@ class ApiAtomServiceAction extends ApiBareAuthAction
      * @return boolean success flag
      *
      */
-    function prepare($args)
+    function prepare(array $args = array())
     {
         parent::prepare($args);
         $this->user = $this->getTargetUser($this->arg('id'));
@@ -71,9 +71,9 @@ class ApiAtomServiceAction extends ApiBareAuthAction
      *
      * @return void
      */
-    function handle($args)
+    function handle()
     {
-        parent::handle($args);
+        parent::handle();
 
         header('Content-Type: application/atomsvc+xml');
 

actions/apigrouplistall.php

@@ -58,7 +58,7 @@ class ApiGroupListAllAction extends ApiPrivateAuthAction
      *
      * @return boolean success flag
      */
-    function prepare($args)
+    function prepare(array $args = array())
     {
         parent::prepare($args);
 
@@ -77,9 +77,9 @@ class ApiGroupListAllAction extends ApiPrivateAuthAction
      *
      * @return void
      */
-    function handle($args)
+    function handle()
     {
-        parent::handle($args);
+        parent::handle();
 
         $sitename   = common_config('site', 'name');
         // TRANS: Message is used as a title when listing the lastest 20 groups. %s is a site name.

actions/apihelptest.php

@@ -28,9 +28,7 @@
  * @link      http://status.net/
  */
 
-if (!defined('STATUSNET')) {
-    exit(1);
-}
+if (!defined('GNUSOCIAL')) { exit(1); }
 
 /**
  * Returns the string "ok" in the requested format with a 200 OK HTTP status code.
@@ -44,29 +42,9 @@ if (!defined('STATUSNET')) {
  */
 class ApiHelpTestAction extends ApiPrivateAuthAction
 {
-    /**
-     * Take arguments for running
-     *
-     * @param array $args $_REQUEST args
-     *
-     * @return boolean success flag
-     */
-    function prepare($args)
-    {
-        parent::prepare($args);
-        return true;
-    }
-
-    /**
-     * Handle the request
-     *
-     * @param array $args $_REQUEST data (unused)
-     *
-     * @return void
-     */
-    function handle($args)
+    protected function handle()
     {
-        parent::handle($args);
+        parent::handle();
 
         if ($this->format == 'xml') {
             $this->initDocument('xml');
@@ -77,12 +55,8 @@ class ApiHelpTestAction extends ApiPrivateAuthAction
             print '"ok"';
             $this->endDocument('json');
         } else {
-            $this->clientError(
-                // TRANS: Client error displayed when coming across a non-supported API method.
-                _('API method not found.'),
-                404,
-                $this->format
-            );
+            // TRANS: Client error displayed when coming across a non-supported API method.
+            throw new ClientException(_('API method not found.'), 404);
         }
     }
 

actions/apilistsubscriber.php

@@ -33,7 +33,7 @@ class ApiListSubscriberAction extends ApiBareAuthAction
 {
     var $list   = null;
 
-    function prepare($args)
+    function prepare(array $args = array())
     {
         parent::prepare($args);
 
@@ -52,9 +52,9 @@ class ApiListSubscriberAction extends ApiBareAuthAction
         return true;
     }
 
-    function handle($args)
+    function handle()
     {
-        parent::handle($args);
+        parent::handle();
 
         $arr = array('profile_tag_id' => $this->list->id,
                       'profile_id' => $this->target->id);

actions/apioauthaccesstoken.php

@@ -52,9 +52,9 @@ class ApiOAuthAccessTokenAction extends ApiOAuthAction
      *
      * @return void
      */
-    function handle($args)
+    function handle()
     {
-        parent::handle($args);
+        parent::handle();
 
         $datastore   = new ApiGNUsocialOAuthDataStore();
         $server      = new OAuthServer($datastore);

actions/apioauthauthorize.php

@@ -60,7 +60,7 @@ class ApiOAuthAuthorizeAction extends ApiOAuthAction
         return false;
     }
 
-    function prepare($args)
+    function prepare(array $args = array())
     {
         parent::prepare($args);
 
@@ -88,9 +88,9 @@ class ApiOAuthAuthorizeAction extends ApiOAuthAction
      *
      * @return void
      */
-    function handle($args)
+    function handle()
     {
-        parent::handle($args);
+        parent::handle();
 
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 

actions/apioauthrequesttoken.php

@@ -49,7 +49,7 @@ class ApiOAuthRequestTokenAction extends ApiOAuthAction
      *
      * @return boolean success flag
      */
-    function prepare($args)
+    function prepare(array $args = array())
     {
         parent::prepare($args);
 
@@ -69,9 +69,9 @@ class ApiOAuthRequestTokenAction extends ApiOAuthAction
      *
      * @return void
      */
-    function handle($args)
+    function handle()
     {
-        parent::handle($args);
+        parent::handle();
 
         $datastore   = new ApiGNUsocialOAuthDataStore();
         $server      = new OAuthServer($datastore);

actions/apisearchatom.php

@@ -88,7 +88,7 @@ class ApiSearchAtomAction extends ApiPrivateAuthAction
      *
      * @return boolean success
      */
-    function prepare($args)
+    function prepare(array $args = array())
     {
         parent::prepare($args);
 
@@ -128,9 +128,9 @@ class ApiSearchAtomAction extends ApiPrivateAuthAction
      *
      * @return void
      */
-    function handle($args)
+    function handle()
     {
-        parent::handle($args);
+        parent::handle();
         common_debug("In apisearchatom handle()");
         $this->showAtom();
     }

actions/apisearchjson.php

@@ -57,7 +57,7 @@ class ApiSearchJSONAction extends ApiPrivateAuthAction
      *
      * @return boolean true if nothing goes wrong
      */
-    function prepare($args)
+    function prepare(array $args = array())
     {
         parent::prepare($args);
 
@@ -95,9 +95,9 @@ class ApiSearchJSONAction extends ApiPrivateAuthAction
      *
      * @return void
      */
-    function handle($args)
+    function handle()
     {
-        parent::handle($args);
+        parent::handle();
         $this->showResults();
     }
 

actions/apistatusesdestroy.php

@@ -34,9 +34,7 @@
  * @link      http://status.net/
  */
 
-if (!defined('STATUSNET')) {
-    exit(1);
-}
+if (!defined('GNUSOCIAL')) { exit(1); }
 
 /**
  * Deletes one of the authenticating user's statuses (notices).
@@ -55,87 +53,46 @@ if (!defined('STATUSNET')) {
  */
 class ApiStatusesDestroyAction extends ApiAuthAction
 {
-    var $status = null;
-
-    /**
-     * Take arguments for running
-     *
-     * @param array $args $_REQUEST args
-     *
-     * @return boolean success flag
-     */
-    function prepare($args)
+    protected function prepare(array $args=array())
     {
         parent::prepare($args);
 
-        $this->user = $this->auth_user;
-        $this->notice_id = (int)$this->trimmed('id');
+        if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) {
+            // TRANS: Client error displayed trying to delete a status not using POST or DELETE.
+            // TRANS: POST and DELETE should not be translated.
+            throw new ClientException(_('This method requires a POST or DELETE.'));
+        }
 
-        if (empty($notice_id)) {
-            $this->notice_id = (int)$this->arg('id');
+        // FIXME: Return with a Not Acceptable status code?
+        if (!in_array($this->format, array('xml', 'json'))) {
+            // TRANS: Client error displayed when coming across a non-supported API method.
+            throw new ClientException(_('API method not found.'), 404);
         }
 
-        $this->notice = Notice::getKV((int)$this->notice_id);
+        try {
+            $this->notice = Notice::getByID($this->trimmed('id'));
+        } catch (NoResultException $e) {
+            // TRANS: Client error displayed trying to delete a status with an invalid ID.
+            throw new ClientException(_('No status found with that ID.'), 404);
+        }
 
         return true;
      }
 
-    /**
-     * Handle the request
-     *
-     * Delete the notice and all related replies
-     *
-     * @param array $args $_REQUEST data (unused)
-     *
-     * @return void
-     */
-    function handle($args)
+    protected function handle()
     {
-        parent::handle($args);
+        parent::handle();
 
-        if (!in_array($this->format, array('xml', 'json'))) {
-            $this->clientError(
-                // TRANS: Client error displayed when coming across a non-supported API method.
-                _('API method not found.'),
-                404
-            );
-            return;
+        if (!$this->scoped->sameAs($this->notice->getProfile()) && !$this->scoped->hasRight(Right::DELETEOTHERSNOTICE)) {
+            // TRANS: Client error displayed trying to delete a status of another user.
+            throw new AuthorizationException(_('You may not delete another user\'s status.'));
         }
 
-        if (!in_array($_SERVER['REQUEST_METHOD'], array('POST', 'DELETE'))) {
-            $this->clientError(
-                // TRANS: Client error displayed trying to delete a status not using POST or DELETE.
-                // TRANS: POST and DELETE should not be translated.
-                _('This method requires a POST or DELETE.'),
-                400,
-                $this->format
-            );
-            return;
-        }
-
-        if (empty($this->notice)) {
-            $this->clientError(
-                // TRANS: Client error displayed trying to delete a status with an invalid ID.
-                _('No status found with that ID.'),
-                404, $this->format
-            );
-            return;
-        }
-
-        if ($this->user->id == $this->notice->profile_id) {
-            if (Event::handle('StartDeleteOwnNotice', array($this->user, $this->notice))) {
-                $this->notice->deleteAs($this->scoped);
-                Event::handle('EndDeleteOwnNotice', array($this->user, $this->notice));
-            }
-	        $this->showNotice();
-        } else {
-            $this->clientError(
-                // TRANS: Client error displayed trying to delete a status of another user.
-                _('You may not delete another user\'s status.'),
-                403,
-                $this->format
-            );
+        if (Event::handle('StartDeleteOwnNotice', array($this->scoped->getUser(), $this->notice))) {
+            $this->notice->deleteAs($this->scoped);
+            Event::handle('EndDeleteOwnNotice', array($this->scoped->getUser(), $this->notice));
         }
+        $this->showNotice();
     }
 
     /**

actions/apistatusesupdate.php

@@ -46,7 +46,7 @@
     /api/statuses/update.:format
 
     @par Formats (:format)
-    xml, json
+    xml, json, atom
 
     @par HTTP Method(s)
     POST
@@ -174,7 +174,7 @@ class ApiStatusesUpdateAction extends ApiAuthAction
             foreach (array_unique($matches[0]) as $match) {
                 try {
                     $this->media_ids[$match] = File::getByID($match);
-                } catch (EmptyIdException $e) {
+                } catch (EmptyPkeyValueException $e) {
                     // got a zero from the client, at least Twidere does this on occasion
                 } catch (NoResultException $e) {
                     // File ID was not found. Do we abort and report to the client?
@@ -339,6 +339,8 @@ class ApiStatusesUpdateAction extends ApiAuthAction
                 $this->showSingleXmlStatus($this->notice);
             } elseif ($this->format == 'json') {
                 $this->show_single_json_status($this->notice);
+            } elseif ($this->format == 'atom') {
+                $this->showSingleAtomStatus($this->notice);
             }
         }
     }

actions/apitrends.php

@@ -53,7 +53,7 @@ class ApiTrendsAction extends ApiPrivateAuthAction
      *
      * @return boolean false if user doesn't exist
      */
-    function prepare($args)
+    function prepare(array $args = array())