From 21206ecda0123d865838aab653b6ce6468a9a9f9 Mon Sep 17 00:00:00 2001 From: Matthias Pfefferle Date: Fri, 17 Nov 2023 18:44:13 +0100 Subject: [PATCH 1/3] search for followers and order the output list (#502) * search for followers and order the output list * re-use existing nonce! * verify nonce for search! --------- Co-authored-by: Matt Wiebe --- includes/model/class-follower.php | 2 +- includes/table/class-followers.php | 72 ++++++++++++++++++-------- templates/blog-user-followers-list.php | 2 +- templates/user-followers-list.php | 2 +- 4 files changed, 53 insertions(+), 25 deletions(-) diff --git a/includes/model/class-follower.php b/includes/model/class-follower.php index 7cf6dd4..b2833e9 100644 --- a/includes/model/class-follower.php +++ b/includes/model/class-follower.php @@ -315,7 +315,7 @@ class Follower extends Actor { $object->set_id( $post->guid ); $object->set_name( $post->post_title ); $object->set_summary( $post->post_excerpt ); - $object->set_published( gmdate( 'Y-m-d H:i:s', strtotime( $post->post_published ) ) ); + $object->set_published( gmdate( 'Y-m-d H:i:s', strtotime( $post->post_date ) ) ); $object->set_updated( gmdate( 'Y-m-d H:i:s', strtotime( $post->post_modified ) ) ); return $object; diff --git a/includes/table/class-followers.php b/includes/table/class-followers.php index 289a194..3045ddd 100644 --- a/includes/table/class-followers.php +++ b/includes/table/class-followers.php @@ -30,19 +30,24 @@ class Followers extends WP_List_Table { public function get_columns() { return array( - 'cb' => '', - 'avatar' => \__( 'Avatar', 'activitypub' ), - 'name' => \__( 'Name', 'activitypub' ), - 'username' => \__( 'Username', 'activitypub' ), - 'url' => \__( 'URL', 'activitypub' ), - 'updated' => \__( 'Last updated', 'activitypub' ), - //'errors' => \__( 'Errors', 'activitypub' ), - //'latest-error' => \__( 'Latest Error Message', 'activitypub' ), + 'cb' => '', + 'avatar' => \__( 'Avatar', 'activitypub' ), + 'post_title' => \__( 'Name', 'activitypub' ), + 'username' => \__( 'Username', 'activitypub' ), + 'url' => \__( 'URL', 'activitypub' ), + 'published' => \__( 'Followed', 'activitypub' ), + 'modified' => \__( 'Last updated', 'activitypub' ), ); } public function get_sortable_columns() { - return array(); + $sortable_columns = array( + 'post_title' => array( 'post_title', true ), + 'modified' => array( 'modified', false ), + 'published' => array( 'published', false ), + ); + + return $sortable_columns; } public function prepare_items() { @@ -55,8 +60,32 @@ class Followers extends WP_List_Table { $page_num = $this->get_pagenum(); $per_page = 20; - $followers = FollowerCollection::get_followers( $this->user_id, $per_page, $page_num ); - $counter = FollowerCollection::count_followers( $this->user_id ); + $args = array(); + + // phpcs:ignore WordPress.Security.NonceVerification.Recommended + if ( isset( $_GET['orderby'] ) ) { + // phpcs:ignore WordPress.Security.NonceVerification.Recommended + $args['orderby'] = sanitize_text_field( wp_unslash( $_GET['orderby'] ) ); + } + + // phpcs:ignore WordPress.Security.NonceVerification.Recommended + if ( isset( $_GET['order'] ) ) { + // phpcs:ignore WordPress.Security.NonceVerification.Recommended + $args['order'] = sanitize_text_field( wp_unslash( $_GET['order'] ) ); + } + + // phpcs:ignore WordPress.Security.NonceVerification.Recommended + if ( isset( $_GET['s'] ) && isset( $_REQUEST['_wpnonce'] ) ) { + $nonce = sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ); + if ( wp_verify_nonce( $nonce, 'bulk-' . $this->_args['plural'] ) ) { + // phpcs:ignore WordPress.Security.NonceVerification.Recommended + $args['s'] = sanitize_text_field( wp_unslash( $_GET['s'] ) ); + } + } + + $followers_with_count = FollowerCollection::get_followers_with_count( $this->user_id, $per_page, $page_num, $args ); + $followers = $followers_with_count['followers']; + $counter = $followers_with_count['total']; $this->items = array(); $this->set_pagination_args( @@ -69,14 +98,13 @@ class Followers extends WP_List_Table { foreach ( $followers as $follower ) { $item = array( - 'icon' => esc_attr( $follower->get_icon_url() ), - 'name' => esc_attr( $follower->get_name() ), - 'username' => esc_attr( $follower->get_preferred_username() ), - 'url' => esc_attr( $follower->get_url() ), - 'identifier' => esc_attr( $follower->get_id() ), - 'updated' => esc_attr( $follower->get_updated() ), - 'errors' => $follower->count_errors(), - 'latest-error' => $follower->get_latest_error_message(), + 'icon' => esc_attr( $follower->get_icon_url() ), + 'post_title' => esc_attr( $follower->get_name() ), + 'username' => esc_attr( $follower->get_preferred_username() ), + 'url' => esc_attr( $follower->get_url() ), + 'identifier' => esc_attr( $follower->get_id() ), + 'published' => esc_attr( $follower->get_published() ), + 'modified' => esc_attr( $follower->get_updated() ), ); $this->items[] = $item; @@ -116,11 +144,11 @@ class Followers extends WP_List_Table { } public function process_action() { - if ( ! isset( $_REQUEST['followers'] ) || ! isset( $_REQUEST['_apnonce'] ) ) { + if ( ! isset( $_REQUEST['followers'] ) || ! isset( $_REQUEST['_wpnonce'] ) ) { return false; } - $nonce = sanitize_text_field( wp_unslash( $_REQUEST['_apnonce'] ) ); - if ( ! wp_verify_nonce( $nonce, 'activitypub-followers-list' ) ) { + $nonce = sanitize_text_field( wp_unslash( $_REQUEST['_wpnonce'] ) ); + if ( ! wp_verify_nonce( $nonce, 'bulk-' . $this->_args['plural'] ) ) { return false; } diff --git a/templates/blog-user-followers-list.php b/templates/blog-user-followers-list.php index 42d1b8b..1eaa7ee 100644 --- a/templates/blog-user-followers-list.php +++ b/templates/blog-user-followers-list.php @@ -21,8 +21,8 @@ $followers_template = _n( 'Your blog profile currently has %s follower.', 'Your prepare_items(); + $table->search_box( 'Search', 'search' ); $table->display(); ?> - diff --git a/templates/user-followers-list.php b/templates/user-followers-list.php index ec19be9..8ea35a7 100644 --- a/templates/user-followers-list.php +++ b/templates/user-followers-list.php @@ -14,8 +14,8 @@ $followers_template = _n( 'Your author profile currently has %s follower.', 'You prepare_items(); + $table->search_box( 'Search', 'search' ); $table->display(); ?> - From c35ddf1935e42b640ac30858352316b883bfd7d8 Mon Sep 17 00:00:00 2001 From: Matt Wiebe Date: Fri, 17 Nov 2023 18:44:59 +0100 Subject: [PATCH 2/3] Attachments: dedupe earlier to prevent incorrect max_media (#565) --- includes/transformer/class-post.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/includes/transformer/class-post.php b/includes/transformer/class-post.php index 2117ce7..721bbec 100644 --- a/includes/transformer/class-post.php +++ b/includes/transformer/class-post.php @@ -185,7 +185,6 @@ class Post { $blocks = \parse_blocks( $this->wp_post->post_content ); $media_ids = self::get_media_ids_from_blocks( $blocks, $media_ids, $max_media ); } - $media_ids = \array_unique( $media_ids ); return \array_filter( \array_map( array( self::class, 'wp_attachment_to_activity_attachment' ), $media_ids ) ); } @@ -279,6 +278,9 @@ class Post { break; } + // depupe + $media_ids = \array_unique( $media_ids ); + // stop doing unneeded work if ( count( $media_ids ) >= $max_media ) { break; From d22656432578fb14e9f43692c031361717607318 Mon Sep 17 00:00:00 2001 From: Matthias Pfefferle Date: Sat, 18 Nov 2023 12:01:28 +0100 Subject: [PATCH 3/3] prepare v1.2.0 --- README.md | 11 ++++++++++- activitypub.php | 2 +- readme.txt | 11 ++++++++++- 3 files changed, 21 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 4c41fcd..fd03554 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ **Tags:** OStatus, fediverse, activitypub, activitystream **Requires at least:** 4.7 **Tested up to:** 6.4 -**Stable tag:** 1.1.0 +**Stable tag:** 1.2.0 **Requires PHP:** 5.6 **License:** MIT **License URI:** http://opensource.org/licenses/MIT @@ -105,6 +105,15 @@ Where 'blog' is the path to the subdirectory at which your blog resides. Project maintained on GitHub at [automattic/wordpress-activitypub](https://github.com/automattic/wordpress-activitypub). +### 1.2.0 ### + +* Add: Search and order followerer lists +* Add: Have a filter to defer signature verification +* Improved: "Follow Me" styles for dark themes +* Improved: Allow `p` and `br` tags only for AP comments +* Fixed: Deduplicate attachments earlier to prevent incorrect max_media + + ### 1.1.0 ### * Improved: audio and video attachments are now supported! diff --git a/activitypub.php b/activitypub.php index 380b438..55b8977 100644 --- a/activitypub.php +++ b/activitypub.php @@ -3,7 +3,7 @@ * Plugin Name: ActivityPub * Plugin URI: https://github.com/pfefferle/wordpress-activitypub/ * Description: The ActivityPub protocol is a decentralized social networking protocol based upon the ActivityStreams 2.0 data format. - * Version: 1.1.0 + * Version: 1.2.0 * Author: Matthias Pfefferle & Automattic * Author URI: https://automattic.com/ * License: MIT diff --git a/readme.txt b/readme.txt index eed006a..dde0ce5 100644 --- a/readme.txt +++ b/readme.txt @@ -3,7 +3,7 @@ Contributors: automattic, pfefferle, mediaformat, mattwiebe, akirk, jeherve, nur Tags: OStatus, fediverse, activitypub, activitystream Requires at least: 4.7 Tested up to: 6.4 -Stable tag: 1.1.0 +Stable tag: 1.2.0 Requires PHP: 5.6 License: MIT License URI: http://opensource.org/licenses/MIT @@ -105,6 +105,15 @@ Where 'blog' is the path to the subdirectory at which your blog resides. Project maintained on GitHub at [automattic/wordpress-activitypub](https://github.com/automattic/wordpress-activitypub). += 1.2.0 = + +* Add: Search and order followerer lists +* Add: Have a filter to defer signature verification +* Improved: "Follow Me" styles for dark themes +* Improved: Allow `p` and `br` tags only for AP comments +* Fixed: Deduplicate attachments earlier to prevent incorrect max_media + + = 1.1.0 = * Improved: audio and video attachments are now supported!