stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-06-03 10:19:47 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
7,522 Commits 4 Branches 0 Tags
a5700a2f3cee5ef02ae1bba97bf8b2cdac8fa4a2
Commit Graph

4686 Commits

Author SHA1 Message Date
Chad Kieffer
559f9a4b9d Add icons to context menu for albums. I'm open to other options, if folks think there's something better in the jQuery UI themeroller set. 2009-08-31 22:51:36 -06:00
Andy Staudacher
8c3a2db380 Fix typo in description 2009-08-31 21:28:37 -07:00
Andy Staudacher
50c8b96405 Add XSS check for HTML attributes 2009-08-31 21:17:35 -07:00
Bharat Mediratta
81073aeb5b Merge branch 'master' of git@github.com:gallery/gallery3 2009-08-31 21:11:57 -07:00
Bharat Mediratta
c887170555 Stay on the same page when editing albums/movies/photos. Fixes ticket 2009-08-31 21:10:22 -07:00
Bharat Mediratta
0513713fde Add 'organize album' to the context menu. 2009-08-31 21:05:21 -07:00
Andy Staudacher
48050aca41 Add XSS check to ensure that html::js_string() is not preceded by a quote. 2009-08-31 19:53:53 -07:00
Andy Staudacher
8312eb116e XSS review fixes (mostly adding missing html::mark_clean()) calls. 2009-08-31 02:12:01 -07:00
Andy Staudacher
26f6d8192f Adding XSS test for href="javascript: and onclick="..." 2009-08-31 01:11:50 -07:00
Andy Staudacher
ddb84c84e1 Rename mark_safe() to mark_clean() 2009-08-31 00:42:18 -07:00
Andy Staudacher
6d26b0dd6e Merge commit 'upstream/master' 2009-08-31 00:32:41 -07:00
Andy Staudacher
2bf9b8ee55 Fix double -> single quotes (::js_string returns a double-quotes delimited string) 2009-08-30 23:11:13 -07:00
Andy Staudacher
afb0111fe6 Updating golden XSS-test data file 2009-08-30 21:36:14 -07:00
Andy Staudacher
bd52a85f98 (mostly harmless) XSS fix in server add 2009-08-30 21:34:55 -07:00
Andy Staudacher
fc294c2777 XSS fixes in admin_comments.html.php 2009-08-30 21:26:23 -07:00
Andy Staudacher
0a0c7a78e6 Check for href="<?= $foo ?>" (malicious "javascript:..." string) 2009-08-30 21:25:21 -07:00
Andy Staudacher
3aef420d48 Updating XSS golden file 2009-08-30 18:37:01 -07:00
Andy Staudacher
e7f5e0a9a3 Merge commit 'upstream/master' 
Conflicts:

	modules/gallery/views/l10n_client.html.php
	modules/organize/views/organize_tree.html.php
	modules/server_add/helpers/server_add_event.php
 2009-08-30 18:27:40 -07:00
Andy Staudacher
df38a890a6 Tabs to spaces cleanup 2009-08-30 18:07:13 -07:00
Chad Kieffer
80ae2fe4bf Finish this pass at the Admin Maintenance view. Re-introduce status icons, put Cancel All, Delete All buttons in the action heading cell. 2009-08-30 23:51:31 -06:00
Bharat Mediratta
1747335bde Merge branch 'master' of git@github.com:/gallery/gallery3 2009-08-30 17:13:59 -07:00
Chad Kieffer
ce733e0f48 Merge branch 'master' of git@github.com:gallery/gallery3 2009-08-30 22:33:12 -06:00
Chad Kieffer
93b542ccd8 Apply hover effect to buttons in progress indicator dialog. 2009-08-30 22:32:23 -06:00
Bharat Mediratta
c10b5cc69c Minor refactoring. 2009-08-30 17:00:33 -07:00
Bharat Mediratta
7015948357 Merge branch 'master' of git@github.com:/gallery/gallery3 2009-08-30 16:20:52 -07:00
Bharat Mediratta
74e204b557 Don't mark colors !important. 2009-08-30 16:17:53 -07:00
Bharat Mediratta
0dba5857fa Make comments consistent. 2009-08-30 16:16:39 -07:00
Bharat Mediratta
4593297533 Remove extra padding line 2009-08-30 16:15:54 -07:00
Bharat Mediratta
d47a4de029 Get rid of as much jitter as possible in the organize tree. 2009-08-30 16:11:28 -07:00
Bharat Mediratta
2cf52a4718 Tighten up a class attr. 2009-08-30 15:54:56 -07:00
Bharat Mediratta
6fdb5cddf8 Make the lasso more prominent and the colors consistent. 2009-08-30 15:45:35 -07:00
Bharat Mediratta
a015078cca Change the higlight/selection behavior so that we don't use opacity to 
indicate selection state.  It's too difficult to tell opacity
differences on light colored photos.  This approach models what
WinXP does.
 2009-08-30 15:42:43 -07:00
Bharat Mediratta
64d40397fe Simplify over-targetted CSS. 2009-08-30 15:34:47 -07:00
Andy Staudacher
00c73ec852 Updating uses of html::js_string and SafeString::for_js (value now contains string delimiters) 2009-08-30 15:34:46 -07:00
Andy Staudacher
beb711d6a0 Rename clean_js to js_string and have it return a complete JS string (with delimiters) instead of just the string contents. 
Benefits: Using json_encode(), which is very robust. And as a user, it's clearer how to use this API compared to what it was before.
 2009-08-30 15:21:02 -07:00
Bharat Mediratta
db03c5d799 Don't try to move an item into its own descendant hierarchy. Just leave it out of the move for now. 2009-08-30 15:09:13 -07:00
Bharat Mediratta
dee0abfab9 Use is_descendant() API inside move_to() for clarity. 2009-08-30 15:04:39 -07:00
Bharat Mediratta
53390ba79a CSS rename: gMicroThumbXxx -> gOrganizeMicroThumbXxx to make it clear 
that this is organize only.
 2009-08-30 14:58:26 -07:00
Bharat Mediratta
5cce88cd04 Rename gAlbumText to gOrganizeAlbumText for consistency since this is 
an organize-only construct.
 2009-08-30 14:50:53 -07:00
Bharat Mediratta
a498d37763 remove unused #gOrganizeDialog 2009-08-30 14:49:51 -07:00
Bharat Mediratta
c615918829 Manage the selection so we don't automatically select an album 
whenever we expand a tree.
 2009-08-30 14:40:55 -07:00
Bharat Mediratta
d1ade6620e Precalculate the organize tree based on the selected album and render 
it right away while still allowing incremental tree loading.
 2009-08-30 14:35:27 -07:00
Bharat Mediratta
af6bfa3c71 Change the processing time for search_task and exif_task to start the 
1.5 second counter only after we've done any expensive queries.  This
guarantees at least some time to do work.

Fixes ticket #693.
 2009-08-30 13:29:05 -07:00
Andy Staudacher
b5813f92c7 Improve no_tabs test to print out a complete list of files + line numbers + line snippet. 2009-08-30 07:42:37 -07:00
Andy Staudacher
22aa0b3092 Add $theme-> methods to Xss whitelist for HTML safety. 
Updating XSS golden file.
 2009-08-30 07:25:49 -07:00
Andy Staudacher
effccfd41d Change all instances of SafeString::of_safe_html() to html::mark_safe() in views. 2009-08-30 07:00:56 -07:00
Andy Staudacher
52b542b253 Fixing typo 2009-08-30 06:55:24 -07:00
Andy Staudacher
d3b0302690 Minor cleanup 2009-08-29 23:15:28 -07:00
Andy Staudacher
b9bd1681a3 Update all code to use helper method html::clean(), html::purify(), ... instead of SafeString directly. 2009-08-29 22:54:20 -07:00
Andy Staudacher
952c885609 Adding html::clean(), ::purify(), etc. 2009-08-29 22:31:23 -07:00