stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-05-20 03:19:13 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,474 Commits 4 Branches 0 Tags
57adefc5baa7a2b0dfcd3e736e80c2fa86d3bfa2
Commit Graph

148 Commits

Author SHA1 Message Date
Tim Almdal
fc41d09134 Revert "Simplify the maintenance of the xss golden file by having each module contibute its own golden file to a consolidated one. This will make it easier for -contrib modules or themes to be included in the xss security test w/o having to keep modifying a central golden file." 
This reverts commit 4fe5801c88.
 2009-11-18 10:54:01 -08:00
Tim Almdal
4fe5801c88 Simplify the maintenance of the xss golden file by having each module contibute its own golden file to a consolidated one. This will make it easier for -contrib modules or themes to be included in the xss security test w/o having to keep modifying a central golden file. 2009-11-18 10:34:39 -08:00
Tim Almdal
3f600d46e4 Update the xss golden file so tests pass. 2009-11-18 08:53:35 -08:00
Bharat Mediratta
9379308f91 Xss data update 2009-11-15 19:36:02 -08:00
Bharat Mediratta
64ef86a8ee Updated xss data. 2009-11-15 19:27:35 -08:00
Bharat Mediratta
731ff800cd Use 'git ls-files' instead of glob() so that we only check files known 
to Git.  This means that local files which we choose to exclude from
git don't have to follow the same permission model.
 2009-11-15 19:20:43 -08:00
Bharat Mediratta
5a27ce7e8f Save/restore $_SERVER before/after tests to avoid contamination. 
Fix albums/photos tests to make sure we're really getting the
  HTTP_REFERER back.
 2009-11-15 19:10:56 -08:00
Tim Almdal
f176bc7299 Correct spacing 2009-11-06 23:19:48 -08:00
Tim Almdal
808fd4d3a0 Update the modified with a local fix for Kohana ticket #2298 2009-11-01 09:32:42 -08:00
Tim Almdal
5212deb5b1 Merge branch 'master' into talmdal_dev 2009-10-24 10:09:57 -07:00
Tim Almdal
607662d66b When an item is renamed or move insure that the target file name doesn't exist. fixes ticket #694 2009-10-24 10:08:48 -07:00
Tim Almdal
d0186436de Merge branch 'master' into talmdal_dev 
Conflicts:
	modules/gallery/tests/Albums_Controller_Test.php
	modules/user/helpers/user.php
 2009-10-23 10:01:40 -07:00
Tim Almdal
aa85d27eab Initialize the slug field when doing the update tests 2009-10-23 09:52:03 -07:00
Tim Almdal
703f22abcb Only look for tests that are in the active modules. Update the controller golden file to reflect the current location of files. 2009-10-23 09:41:33 -07:00
Tim Almdal
b3e175006c Move the filters that the File_Structure_Test use into a seperate file so other tests. can use them. Add a No_Direct_ORM_Access_Test to find all places that the user or group table are accessed outside of the user module. This test will fail at this point, as it in preparation for the IdentityProvider refactor. 2009-10-23 07:48:07 -07:00
Tim Almdal
36adc11f05 move the direct orm test to the users module. 2009-10-22 13:30:32 -07:00
Tim Almdal
f4176ae97d Rename No_Direct_access_Test and change the require_once to fully qualify the path to Gallery_Filters.php 2009-10-22 13:29:12 -07:00
Tim Almdal
6b51de49c5 Change the modifier on activate and deactivate methods to static as they are in a helper class. 2009-10-22 13:28:23 -07:00
Tim Almdal
3c936d661a Change the name of identity library from Identity to IdentityProvider. Create a helper class called identity to simplify call the Identity Provider. Move the contents of MY_Session.php to the new helper class and remove the MY_Session class 2009-10-22 13:11:03 -07:00
Tim Almdal
b994ea9d62 use the appropriate API's 2009-10-21 11:53:41 -07:00
Tim Almdal
182c8414a1 Add the Gallery File Filters and a test to check that the user/group table is only accessed from the user module. 2009-10-21 11:48:40 -07:00
Tim Almdal
ea2ab0c654 Create a No_Direct_Access test which initially checks to insure there is no direct access to the users and groups table defined by the user module. 2009-10-21 09:32:27 -07:00
Tim Almdal
098b57bf18 Simplify the user interface by moving the password reset functionality into the user module 
Bagging the User_Definition and Group_Definition abstract classes and replacing them with interfaces with the same names.
Make sure all the unit tests work.
 2009-10-19 12:53:44 -07:00
Tim Almdal
78ee4193b7 Remove all non Identity API methods from Identity.php. Created an MY_Session class to provide the user state changes in the session and a login.php helper that has the login form. 2009-10-16 10:06:58 -07:00
Tim Almdal
00eacd659f Start simplifying the interface by moving the static methods from user.php and group.php. Tried creating a identity helper, but the helper identity.php was confused with the library Identity.php. So got around this by making the methods on Identity static and calling the instance within the static methods. Also temporarily moved the user.php and group.php back into the user module. 2009-10-16 08:53:31 -07:00
Tim Almdal
79b4b8bdc6 update the Access_Helper_Test to use the user::lookup_by_name API method. 2009-10-09 01:27:27 -07:00
Chad Kieffer
d581bbbd1e Renamed more CSS selectors from gName to g-name. 2009-10-04 15:53:00 -06:00
Chad Kieffer
3e6ba7acc3 Renamed most, if not all css selectors from gName to g-name. Moved a few shared images from wind to lib. Deleted unused images in the admin_wind. This will likely break a few ajax features. 2009-10-04 00:27:22 -06:00
Chad Kieffer
9145331fd4 Renamed and moved gOdd/gEven CSS classes. 2009-10-03 12:33:53 -06:00
Tim Almdal
970158f4d9 Fix unit tests by updating the xss golden file and declaring gallery_error::error_handler as static 2009-09-24 16:59:33 -07:00
Tim Almdal
65051a4bf7 Rename the default themes to wind and admin_wind. Change xss_data.txt file to reflect this move. Not completely moved yet, but the git st is rather large so lets commit this now as a base for the cleanup. 2009-09-23 15:06:17 -07:00
Tim Almdal
719b111219 Correct indentation 2009-09-23 14:38:38 -07:00
Andy Staudacher
2e23ae98c4 - Add theme->movie_menu() to whitelisted methods. 
- xss_data checkpoint
 2009-09-17 14:12:43 -07:00
Andy Staudacher
39632c4689 Also check for rss feeds in controller auth check 2009-09-15 23:01:26 -07:00
Andy Staudacher
7608870537 Controller auth / CSRF fixes 2009-09-15 22:51:49 -07:00
Andy Staudacher
dc3d45e760 Add exception for REST controllers (no fixes necessary). 2009-09-15 22:01:59 -07:00
Andy Staudacher
e168e0dfae CSRF / auth fixes, golden data file checkpoint 2009-09-15 21:50:48 -07:00
Andy Staudacher
61bbe1d78c First functional version of Controller_Auth_Test 2009-09-15 21:03:23 -07:00
Andy Staudacher
17254799d1 Initial skeleton of Controller_Auth code audit test (non functional). 2009-09-15 20:27:04 -07:00
Andy Staudacher
59eadacc67 Improve language preference (Acccept-Language header matching): Boost same-language match over exact locale match for lower qvalue. 2009-09-15 11:19:32 -07:00
Bharat Mediratta
823fa2fc83 Updated for url format changes applied in 2aad580f53. 2009-09-12 10:33:46 -07:00
Bharat Mediratta
7ec490b600 rawurlencode() path components in relative_path_cache and 
relative_url_cache so that they're safe for browser use.
 2009-09-11 11:04:35 -07:00
Bharat Mediratta
752c857116 Rename ORM_MPTT::is_descendant() to ORM_MPTT::contains() to make the 
API a little clearer.  Write a test for it, too.
 2009-09-10 10:28:43 -07:00
Bharat Mediratta
6e65a8208f Fix a thinko-- of course we want urls to be the path to the file itself. 2009-09-08 21:52:15 -07:00
Bharat Mediratta
0709f7526d Change $this->_photo to just $photo 2009-09-08 21:33:45 -07:00
Bharat Mediratta
5d76a73596 Fix test to support new slug code. 2009-09-08 21:32:21 -07:00
Bharat Mediratta
48becbe017 Update item::convert_filename_to_slug() to eliminate leading and 
trailing hyphens.
 2009-09-08 20:03:55 -07:00
Bharat Mediratta
2f666f4c52 Add item::validate_url_safe() with a test. 2009-09-07 20:07:37 -07:00
Bharat Mediratta
991bb0c063 Update golden file. 2009-09-07 16:21:58 -07:00
Bharat Mediratta
3f997562de Add support for a per-item "slug" which will be the user-visible url 
component for that given item.  Album hierarchies are represented by
nested slugs.  By default, we convert the filename to a slug when you
create an album, photo or movie.
 2009-09-07 15:42:08 -07:00