Hello, I've just installed StatusNet 0.8.1 on my server. It worked perfectly except for two annoying bugs :
- The "logout" did not work ( http://status.net/trac/ticket/1508 ). It appeared that php was not saving the session when a redirection is made -- I don't kn ow the reason to that strange behaviour, but on my server it is so. Moreover, the login page was redirecting to index.php (without the '/'), which generates a 404. A fix is to add session_write_close in common_redirect so that php saves the modification made to session : --- statusnet-0.8.1/lib/util.php 2009-08-28 17:43:28.000000000 +0200 +++ mublog/lib/util.php 2009-11-01 14:36:40.000000000 +0100 @@ -175,6 +175,7 @@ if (is_null($user) && common_have_session()) { $_cur = null; unset($_SESSION['userid']); + return true; } else if (is_string($user)) { $nickname = $user; @@ -861,6 +862,7 @@ 302 => "Found", 303 => "See Other", 307 => "Temporary Redirect"); + session_write_close (); header('HTTP/1.1 '.$code.' '.$status[$code]); header("Location: $url"); @@ -974,6 +976,7 @@ function common_set_returnto($url) { common_ensure_session(); + if(preg_match('/index.php$/', $url)) $url = $url . '/'; $_SESSION['returnto'] = $url; } (Well the second part is a quick&dirty fix to the 404) - the subscription to users on other servers did not work (people from other server could subscribe to ones on my server but not the opposite) (the "Couldn't get a request token" bug - http://status.net/trac/ticket/1408) After a little digging, it is caused by the other server (here, identi.ca) that do not send a Content-Type to "application/x-www-form-urlencoded" during the POST request. A fix on my side was to disable the check of Content-Type but I guess it would be better to fix on identi.ca's side. --- statusnet-0.8.1/extlib/OAuth.php 2009-08-28 17:43:28.000000000 +0200 +++ mublog/extlib/OAuth.php 2009-11-01 18:10:27.000000000 +0100 @@ -199,10 +199,10 @@ } else { // collect request parameters from query string (GET) and post-data (POST) if appropriate (note: POST vars have priority) $req_parameters = $_GET; - if ($http_method == "POST" && @strstr($request_headers["Content-Type"], "application/x-www-form-urlencoded") ) { + + if ($http_method == "POST") { $req_parameters = array_merge($req_parameters, $_POST); } - // next check for the auth header, we need to do some extra stuff // if that is the case, namely suck in the parameters from GET or POST // so that we can include them in the signature With this patch, it seems to work fine -- i haven't done a lot of tests though. I hope that theses patches may help those who encounter these bugs. Regards, asmanur. _______________________________________________ StatusNet-dev mailing list [email protected] http://lists.status.net/mailman/listinfo/statusnet-dev
