stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-05-30 08:19:10 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,679 Commits 4 Branches 0 Tags
640d84aba46f4dcd813d7c9ade320f665c1958c0
Commit Graph

1969 Commits

Author SHA1 Message Date
Chad Kieffer
6feab02c86 Merge branch 'master' of git@github.com:gallery/gallery3 2009-09-02 22:36:19 -06:00
Chad Kieffer
02409d3b99 Fix bg images in tables bug in webkit and ie. #718 2009-09-02 22:35:54 -06:00
Bharat Mediratta
d007f31686 Undo rest of the indentation issue accidentally created in 8312eb and 
partially fixed in 2c30dc
 2009-09-02 21:29:22 -07:00
Bharat Mediratta
9237ab9bc1 Change graphics::generate() API so that it doesn't return a boolean, 
instead it throws an exception if there's a problem.  The normal case
for graphics::generate is that it's going to succeed.  It'll only fail
if something un-handleable went wrong, so just use the resulting
exception.
 2009-09-02 15:29:00 -07:00
Tim Almdal
2c30dc2d5b fix a leading space that was causing the file_structure_test to fail 2009-09-02 14:28:00 -07:00
Bharat Mediratta
b842a9d9ca Fix formatting, and use a properly named file in 
change_photo_no_csrf_fails_test() so that GD doesn't bomb.
 2009-09-02 11:58:04 -07:00
Bharat Mediratta
b9293755c0 Deal with the aftermath of adding sharpen() calls. Since GD does not 
support it, this causes crashes as soon as you try to use it, which
breaks a bunch of our tests.  Also, give the user some idea that
sharpen() is missing in the UI.  Fixes #689.
 2009-09-02 11:57:20 -07:00
Bharat Mediratta
79754c2ef4 Run 'graphics::choose_default_toolkit();' to pick a toolkit, which we 
normally do as part of a regular install.
 2009-09-02 11:53:10 -07:00
Bharat Mediratta
a09a6a06be Refactor how we use $this->relative_path() so that we're not calling 
it twice on both sides of a ternary operator.
 2009-09-02 11:28:41 -07:00
Bharat Mediratta
d5cd6a92e7 Rename $comment_model to $comments, this time without stomping on the 
pre-existing variable.
 2009-09-01 20:40:18 -07:00
Bharat Mediratta
eab5d71d06 Revert "Rename $comment_model to $comments." 
This reverts commit d85a8b20bb.
 2009-09-01 20:39:08 -07:00
Bharat Mediratta
ecc0d89cd4 Fix up incorrectly applied html::mark_clean(). Resolves #698, thanks fperwth! 2009-09-01 20:34:19 -07:00
Bharat Mediratta
b14b9e0d7b Allow anything to be made an album cover, except for direct children 
of the root album (which has no visible album cover, so no point in
offering that option).  This fully resolves #705.
 2009-09-01 20:23:44 -07:00
Bharat Mediratta
2ec11c5c4d Merge branch 'master' of git@github.com:gallery/gallery3 2009-09-01 20:17:57 -07:00
Bharat Mediratta
03c5c11775 Allow the RSS feed page size to be customizeable, up to 100 items (to 
mitigate DoS attacks).

Have PicLens request a 100-item page to mitigate the bug where it
refuses to load the 2nd page.

Mitigates #23.
 2009-09-01 20:13:23 -07:00
Andy Staudacher
95ea310aff Remove unused l10n message 2009-09-01 14:39:08 -07:00
Andy Staudacher
1d30691452 Add missing mark_clean() for t() calls with %attr parameter. 2009-09-01 12:14:23 -07:00
Andy Staudacher
b50d7f0d69 Fix bug #522 - Handle "save settings" correctly in the "share translations" form. 2009-09-01 11:11:22 -07:00
Andy Staudacher
295fc0c14c Merge commit 'upstream/master' 2009-09-01 01:30:45 -07:00
Andy Staudacher
fe37483aca Update XSS scanner golden file 2009-09-01 01:29:42 -07:00
Andy Staudacher
53711225ac XSS / style fixes for newly detected issues (after fixing XSS scanner) 2009-09-01 01:28:52 -07:00
Andy Staudacher
94c201f265 XSS escape in form helper and forge where missing. 2009-09-01 01:17:39 -07:00
Andy Staudacher
ff1979e12e Fix XSS in tags JS 2009-09-01 01:12:02 -07:00
Andy Staudacher
d2cea7905e Remove debugging code 2009-09-01 00:53:17 -07:00
Andy Staudacher
c0d4937e43 Fix bug in XSS scanner for <script> block @ position 0 of inline_html 2009-09-01 00:52:21 -07:00
Bharat Mediratta
dfb2e3dd02 Add an icon to the context menu option. 2009-08-31 23:27:46 -07:00
Chad Kieffer
39ca803af7 Set CSS cursor to hand for jQuery UI ui-state-hover elements. Fixes all but progress bar cursor. #669 2009-08-31 23:51:27 -06:00
Chad Kieffer
7331e2e77c Merge branch 'master' of git@github.com:gallery/gallery3 2009-08-31 23:16:35 -06:00
Chad Kieffer
19e49bea06 Don't include Make this the album's cover in context menu's for albums. #705 2009-08-31 23:07:17 -06:00
Andy Staudacher
285e2b9cbe Update XSS test golden file 2009-08-31 21:57:15 -07:00
Chad Kieffer
7b2c03c2b9 Merge branch 'master' of git@github.com:gallery/gallery3 2009-08-31 22:56:11 -06:00
Andy Staudacher
5ca13fe5e8 Merge commit 'upstream/master' 2009-08-31 21:53:17 -07:00
Andy Staudacher
2bc73e2e36 Fix XSS vectors in HTML attributes (mostly t() calls) 2009-08-31 21:51:57 -07:00
Chad Kieffer
559f9a4b9d Add icons to context menu for albums. I'm open to other options, if folks think there's something better in the jQuery UI themeroller set. 2009-08-31 22:51:36 -06:00
Andy Staudacher
8c3a2db380 Fix typo in description 2009-08-31 21:28:37 -07:00
Andy Staudacher
50c8b96405 Add XSS check for HTML attributes 2009-08-31 21:17:35 -07:00
Bharat Mediratta
81073aeb5b Merge branch 'master' of git@github.com:gallery/gallery3 2009-08-31 21:11:57 -07:00
Bharat Mediratta
c887170555 Stay on the same page when editing albums/movies/photos. Fixes ticket 2009-08-31 21:10:22 -07:00
Bharat Mediratta
0513713fde Add 'organize album' to the context menu. 2009-08-31 21:05:21 -07:00
Andy Staudacher
48050aca41 Add XSS check to ensure that html::js_string() is not preceded by a quote. 2009-08-31 19:53:53 -07:00
Andy Staudacher
8312eb116e XSS review fixes (mostly adding missing html::mark_clean()) calls. 2009-08-31 02:12:01 -07:00
Andy Staudacher
26f6d8192f Adding XSS test for href="javascript: and onclick="..." 2009-08-31 01:11:50 -07:00
Andy Staudacher
ddb84c84e1 Rename mark_safe() to mark_clean() 2009-08-31 00:42:18 -07:00
Andy Staudacher
6d26b0dd6e Merge commit 'upstream/master' 2009-08-31 00:32:41 -07:00
Andy Staudacher
2bf9b8ee55 Fix double -> single quotes (::js_string returns a double-quotes delimited string) 2009-08-30 23:11:13 -07:00
Andy Staudacher
afb0111fe6 Updating golden XSS-test data file 2009-08-30 21:36:14 -07:00
Andy Staudacher
bd52a85f98 (mostly harmless) XSS fix in server add 2009-08-30 21:34:55 -07:00
Andy Staudacher
fc294c2777 XSS fixes in admin_comments.html.php 2009-08-30 21:26:23 -07:00
Andy Staudacher
0a0c7a78e6 Check for href="<?= $foo ?>" (malicious "javascript:..." string) 2009-08-30 21:25:21 -07:00
Andy Staudacher
3aef420d48 Updating XSS golden file 2009-08-30 18:37:01 -07:00