* Convert notices from helpers to partials.
* Eliminate PostSets::PostRelationship class in favor of post_sets/posts template.
* Eliminate COUNT(*) queries when calculating the number of child posts.
* Eliminate redundant parent load and parent exists queries.
Fix a couple regressions caused by the migration from jquery-ujs to
@rails/ujs in 9f4ac4c96:
* Add authenticity tokens to all remote forms. By default, Rails doesn't
doesn't include authenticity tokens in remote forms because it can cause
problems with fragment caching. This was fine with jquery-ujs because it
would insert the authenticity token when the remote form was
submitted, but apparently @rails/ujs doesn't do this. This broke
certain remote forms nested inside of jquery UI dialogs.
* Fix dialogs to trigger remote form submissions through @rails/ujs
instead of through jquery. This fixes a problem where remote forms that
returned a javascript response displayed the response as plaintext
instead of executing the returned javascript.
This was a search page that let you search for tags, aliases, and
implications at the same time. It never got much use and it's been
broken for a while now (the search form passed the wrong param to the
controller).
Re-enable post view counts, post search counts, and missed search
counts. These were disabled in 89adf88d5 because of a bug caused by the
upgrade to rack-2.0.8 in a58dd83ad.
The bug was that rack-2.0.8 changed `session.id` to return a value of a
new wrapper type that doesn't respond to `to_s`. Previously it just
returned a string. Now we have to call `session[:session_id]` or
`session.id.public_id` to get a plain string. This was an undocumented
breaking change in rack-2.0.8 to fix CVE-2019-16782.
Remove the login reminder page. The meaning of "login reminder" wasn't
clear (it's for recovering a forgotten username) and the functionality
was redundant. The password reset page can already be used to recover
forgotten usernames.
There was also a privacy leak, since the login reminder page could be
used to find out whether a given email is in use on Danbooru.
Add a new IP address search page at /ip_addresses. Replaces the old
search page at /moderator/ip_addrs.
On user profile pages, show the user's last known IP to mods. Also add
search links for finding other IPs or accounts associated with the user.
IP address search uses a big UNION ALL statement to merge IP addresses
across various tables into a single view. This makes searching easier,
but is known to timeout in certain cases.
Fixes#4207 (the new IP search page supports searching by subnet).
* Use more compact timestamps in post tooltips ("39 minutes ago" -> "39m ago")
* Move timestamps to the right (after favcount + score).
* Switch favorite icon from star to heart.
* Fix inconsistencies in how wiki pages were linked.
* Link directly to the wiki instead of to a title search that is expected
to redirect to the wiki.
Change wiki page search to redirect to exact matches only when using the
quick search bar. Fixes searches sometimes unexpectedly redirecting when
doing a regular (non-quick) search that happens to return a single result.
Also remove the logic that tries to expand the search when no results
are found. This will eventually be replaced with a smarter "did you mean?"
search.
Move the parsing for the [bur:<id>], [ta:<id>], [ti:<id>] pseudo tags to
the main parser in `DText.format_text`. This fixes a bug where wiki
links inside bulk update requests on the forum weren't properly
colorized because the text of the BUR was embedded after we scanned for
wiki links, not before.
This also ensures that tags inside bulk update requests will be recorded
in the dtext_links table, meaning that forum posts can be properly
searched by tags.
This incidentally means that these request pseudo tags can now be used
outside the forum.
* Remove the single alias and implication request forms. From now
on, bulk update requests are the only way to request aliases or
implications.
* Remove the forum topic ID field from the bulk update request form.
Instead, to attach a BUR to an existing topic you go to the topic then
you click "Request alias/implication" at the top of the page.
* Update the bulk update request form to give better examples for the
script format and to explain the difference between aliases and
implications.
Previously the search form on the /iqdb_queries page submitted directly
to the iqdb service (karasuma.donmai.us), which redirected back to
Danbooru with the search results.
This was different than API requests, which submitted to
/iqdb_queries.json which proxied the call to iqdb through Danbooru.
Because of this, searches on the /iqdb_queries page had different
behavior than API requests. Things like filesize limits and referrer
spoofing were handled differently.
Now searches on the /iqdb_queries page submit directly to Danbooru. This
is simpler and it means that API requests and HTML requests have the
same behavior.
* Add the source (twitter, pixiv, etc) and upload date ("X minutes ago")
to iqdb thumbnails.
* Link the filesize to the full file so you can compare files in new tabs.
* Link the similarity to a iqdb search so you can pivot your search to other posts.
* Don't truncate long sources in the sidebar on the post show page. Word
wrap them instead.
* Word wrap long external links in general (mainly links in dtext).
* Turn sources into links on modqueue page.
DText is processed in three phases: a preprocessing phase, the regular
parsing phases, and a postprocessing phase.
In the preprocessing phase we extract all the wiki links from all the
dtext messages on the page (more precisely, we do this in forum threads
and on comment pages, because these are the main places with lots of
dtext). This is so we can lookup all the tags and wiki pages in one
query, which is necessary because in the worst case (in certain forum
threads and in certain list_of_* wiki pages) there can be hundreds of
tags per page.
In the postprocessing phase we fixup the html generated by the ragel
parser to add CSS classes to wiki links. We do this in a postprocessing
step because it's easier than doing it in the ragel parser itself.
There are a handful of places where we need to strip markup from a piece
of dtext, primarily in <meta> description tags in the wiki. Currently
the dtext parser handles this by having a special mode where it parses
the text but doesn't output html tags. Here we refactor to instead parse
the text normally then strip out the html tags after the fact.
This is more flexible and allows us to simplify a lot of things in the
dtext parser. This also produces more readable output than before in
certain cases.
Tells browsers not to send the Referer header when following external
links. Among other things, this bypasses Pixiv's anti-hotlinking
protection when opening direct image sources from Pixiv.
Refactor things to store information about the current user as data
attributes on the <body> tag rather than as <meta> tags. These <meta>
tags are now deprecated and will be eventually removed.
* Store all of the current user's API attributes as data attributes on
the <body> tag.
* Add `CurrentUser.data` for getting data from the <body> tag, and
use it instead of `Utility.meta`.
* Add `CurrentUser.update` for updating the current user's settings.
* Fix a bug with the user named "Anonymous" not being able to edit notes.
* Factor out common sidebar layout template.
* Convert wiki pages and posts to use this template.
* Add data-layout attribute to <body> element indicating the current layout.
* On the posts show page, make the "»" link next to the source visible
to all users, not just builders.
* Make "»" link to the raw unnormalized source, instead of a `source:` search.
* Remove the special case for displaying old pixiv sources as `pixiv/moniker`.
