stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-05-20 11:29:24 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
5,610 Commits 4 Branches 0 Tags
ae6af2f9b61d69a3adc36f52257cdbd9c4fedf4e
Commit Graph

242 Commits

Author SHA1 Message Date
Bharat Mediratta
dceecabbf1 Make login/logout continuation url code consistent. Where necessary, 
we specify the continue_url in the session, but we store it in the
login form so that we can propagate it across the session creation
that happens at login time.
 2010-06-12 15:16:47 -07:00
Bharat Mediratta
1240878df0 Fix-ups for d98b85f7d3 
- Pass the CSS selector of the active image in as an arg to site_menu
  so that quick operations know what they're operating on.
- Change the ids from g-{photo,movie}-id to the generic g-item-id
- Initialize ajax handlers for site menu on the photo and movie page
- Drop the movie context menu, it's now in the site menu
 2010-05-14 16:55:15 -07:00
Bharat Mediratta
c9edb943f9 Fix a bug introduced when we patched the "disallowed global data" 
security check.  Not sure why the patch worked for some and not for
others, but this should resolve it either way.  Fixes ticket #1123.
 2010-04-10 17:01:48 -07:00
Bharat Mediratta
c3c2b45280 Update the copyright to 2010. It's only 3 months into the year :-) 2010-03-03 10:15:34 -08:00
Andy Staudacher
a19b97f8d6 First step towards fixing ticket #1038: Allowing for custom page <title> in admin pages, just like in non-admin pages. 
TODO: Set $view->page_title in the many admin controllers we have. I just set it for admin_maintenance.php to show how it's intended to be used. I copied the title from views/admin_maintenance.html.php to the controller.
 2010-02-28 13:35:58 -08:00
Andy Staudacher
d9707ae749 Fix for ticket #1036 - Don't echo any sensitive information such as passwords, hashes or personally identifiable information. 2010-02-27 02:37:39 -08:00
Andy Staudacher
1d8862d957 Fix for ticket #1034: Fix db cache driver delete() call which was missed in a recent refactoring / fix. 2010-02-24 01:28:38 -08:00
Andy Staudacher
6afc5ccf5c Fix translation cache for installations with 0 translations in the DB. 2010-02-23 10:02:27 -08:00
Andy Staudacher
95374070db Merge commit 'upstream/master' 2010-02-22 00:00:25 -08:00
Andy Staudacher
334cd2368d Performance improvement: Load all translations of a locale as one serialized array from the Cache. 
Until now, we loaded hundreds of translation messages row by row, and unserializing one by one at bootstrap time. That amounted to a significant percentage of the complete request time. This approach is more than 10x faster.
 2010-02-21 23:50:01 -08:00
Andy Staudacher
6591ea2577 Fix delete() function of DB based Cache driver. It expected a scalar key / tag value, but it was always an array of keys / tags. 
(compare to system/libraries/Cache.php and the File.php driver)
 2010-02-21 23:48:23 -08:00
Bharat Mediratta
9b7542b9f1 Add Menu::add_before() 2010-02-21 17:14:19 -08:00
Bharat Mediratta
d3e07f8a97 Revert "Fix for ticket #1017: Handle the common case of t(html::clean($var)) by casting SafeString instances to string in translate()." 
This reverts commit 4ca55a90ee.
 2010-02-18 16:19:41 -08:00
Andy Staudacher
45910ffdc0 Improve setlocale() call, using some of G2's locale fallback code to match the platform's locale names. 2010-02-18 16:19:17 -08:00
Andy Staudacher
4ca55a90ee Fix for ticket #1017: Handle the common case of t(html::clean($var)) by casting SafeString instances to string in translate(). 2010-02-16 23:54:39 -08:00
Andy Staudacher
30dcaaa236 Need to allow access to ::change_provider for CLI, to make packager work. 2010-02-14 18:33:10 -08:00
Andy Staudacher
74471df777 Minor security tightening of IdentityProvider::change_provider(). 2010-02-14 16:12:18 -08:00
Andy Staudacher
2dad1d7cd1 Some HTML validation fixes (don't render empty <ul> lists, empty id attributes, use &amp; not &) 2010-02-14 07:15:57 -08:00
Andy Staudacher
d53f6d0e05 Fix for tickets 1009 and 603: Show a themed error page to guests / registered users (not to admins though). And show a login form to guests for 404 (incl. insufficient view permissions) errors. 2010-02-12 16:40:44 -08:00
Bharat Mediratta
6dfab72922 Override Input::clean_input_keys() to sanitize malicious values out of 
strings instead of dying.  This at least gives us graceful degradation.

Fixes ticket #764, patch thanks to djnz.
 2010-02-08 15:37:11 -08:00
Tim Almdal
6783de2457 Remove the redundant reference to ["force_rtl". 2010-02-07 14:17:58 -08:00
Tim Almdal
b6c0d3a48c Refactor the is_rtl() helper into the Gallery_I18n class. This allows checking 
for a config value "force_rtl" which will layout the gallery pages in rtl mode
without having to change to an language that is no longer understandable to the
developer.

Adding the line "$config['force_rtl'] = true;" to the config/locales.php file
will make it happen.
 2010-02-07 13:55:17 -08:00
Bharat Mediratta
adac97b537 Add prefix support for the target of RENAME TABLE. 2010-02-07 08:28:32 -08:00
Bharat Mediratta
c050acf30a Fix lots of warnings that pop up when we're in E_STRICT mode. They're 
mostly issues around uninitialized variables, calling non-static
functions in a static context, calling Session functions directly
instead of on its singleton, passing non-variables by reference, and
subclasses not using the same interface as the parent class.
 2010-01-31 16:07:41 -08:00
Bharat Mediratta
dccb2b73ff Dump out validation errors so that we have some extra information in the logs. 2010-01-30 16:19:00 -08:00
Bharat Mediratta
0d73738099 Stop using obsolete form::close() 
Update the way we include the hidden CSRF field for InPlaceEdit.
 2010-01-29 10:13:10 -08:00
Bharat Mediratta
9908f37eef Use identity::set_active_user() instead of auth::login() when we 
change providers otherwise the user_installer code is going to be
calling auth::login() which causes all kinds of unexpected weirdness,
like it triggers the handler in gallery_event which detects graphics
toolkits, and that's only supposed to run on the first admin login.
 2010-01-28 21:33:41 -08:00
Bharat Mediratta
4b32a71afc Convert back to using ORM::factory(..., $id) instead of calling where(). 2010-01-27 22:34:11 -08:00
Bharat Mediratta
804614711a Make only one attempt to restore the old identity provider in case of 
failure.  Else, we can get into an infinite recursion.
 2010-01-25 19:49:52 -08:00
Bharat Mediratta
fecac4a859 Merge branch 'master' of git@github.com:gallery/gallery3 into bharat_dev 
Conflicts:
	modules/gallery/tests/xss_data.txt
 2010-01-23 16:29:10 -08:00
Tim Almdal
abdeb21ccb Add a user_menu method to the Admin_View and then use this method to get the 
user menu.  Since the information displayed is identical in both admin and
theme views, it makes sense to combine the generation to it is done in a common
location.
 2010-01-23 13:29:49 -08:00
Tim Almdal
eabeeeb126 Trap any errors that may occur when trying to install a new identity provider and then reinstall the current one. 2010-01-22 13:38:05 -08:00
Tim Almdal
ae568b6182 Refactor the identity provider installation in to a common helper method (change_provider) with an initialization callback. 2010-01-22 12:09:11 -08:00
Bharat Mediratta
e2b6cfc2d9 Make move_to protected since we don't want folks calling it on 
Item_Model.  If there's a need to make this public, we should override
it in Item_Model and throw an exception there.
 2010-01-20 23:47:48 -08:00
Bharat Mediratta
949586c254 Oops, bug in save() -- we weren't returning the saved value! 2010-01-20 23:28:29 -08:00
Bharat Mediratta
f6c48d757c Delete MY_ORM::original(). We did not have proper containment to 
generate $original when we needed it, resulting in inconsistent
behavior.
 2010-01-20 22:56:37 -08:00
Bharat Mediratta
71a8375554 Whitespace. 2010-01-18 22:52:58 -08:00
Bharat Mediratta
dc570aaca9 Switch from ORM_MPTT::$db_builder to db::build(). 2010-01-18 22:52:23 -08:00
Bharat Mediratta
efa4e230da in move_to(), move the lock to before we do any calculations so that we have the latest data. 2010-01-18 21:40:00 -08:00
Bharat Mediratta
f20fa2cfed Change IdentityProvider::create_user() to take $email as well, since that's a required 
parameter for the Gallery driver.
 2010-01-17 20:37:25 -08:00
Bharat Mediratta
f0a290fc76 If we call original() and there's no $original yet, then consider this 
to be the original.  That should be safe because we're already
guarding __set, __unset and save.
 2010-01-17 13:29:36 -08:00
Bharat Mediratta
39ad9fa9a0 Get rid of add_rules_from() -- it's no longer necessary now that we're doing model based validation. 2010-01-16 21:25:17 -08:00
Bharat Mediratta
434d351b2f Merge branch 'master' of git@github.com:gallery/gallery3 into bharat_dev 
Conflicts:
	modules/gallery/models/item.php
 2010-01-16 00:15:23 -08:00
Bharat Mediratta
00c73a4b07 Revert "Fix for ticket #978. Don't reset the original property as part of the save processing, because that will overwrite the original values with all the new values. The problem with the original approach is that when changed event handlers used ->original(), it had already been reset as part of the save processing. Went back and forth on either leaving this alone and forcing callers to save the original prior to calling the save function, but there were a few event handlers that used ->original(). This seemed the easier change. So to reset the original you need to call reload() or clear(). There is now an optional parameter on the reload to only reload the original." 
This reverts commit daeaca110d.
 2010-01-15 23:53:43 -08:00
Bharat Mediratta
99073c3e20 Revert "Did the old commit then save trick" 
This reverts commit e41ad23a8e.
 2010-01-15 23:53:35 -08:00
Bharat Mediratta
916da15cbb Merge branch 'master' of git@github.com:gallery/gallery3 into bharat_dev 2010-01-15 13:36:16 -08:00
Bharat Mediratta
1066e64354 Call parent::save() before releasing the lock to make creating the hole and filling it an atomic operation. 2010-01-15 12:41:22 -08:00
Bharat Mediratta
50e3cc5837 Move model business logic out of album::create() and into 
Item_Model::save().  This makes creating albums similar to editing
them and makes it difficult to create an album poorly.  I expect to be
able to remove a lot of code from the photo and movie helper because
it's duplicated here.

In order to do this, I refactored ORM_MPTT::add_to_parent() into
ORM_MPTT::save() so we now add it to the parent when we do save.  This
allows us to call save() only once which saves a database call per
add.

The Albums_Controller logic is roughly the same as before.

Haven't updated the tests yet, they're going to fail miserably since
many of them depend on album::create() which is now gone.
 2010-01-15 12:15:20 -08:00
Tim Almdal
e41ad23a8e Did the old commit then save trick 2010-01-13 11:47:27 -08:00
Tim Almdal
daeaca110d Fix for ticket #978. Don't reset the original property as part of the save processing, because that will overwrite the original values with all the new values. The problem with the original approach is that when changed event handlers used ->original(), it had already been reset as part of the save processing. Went back and forth on either leaving this alone and forcing callers to save the original prior to calling the save function, but there were a few event handlers that used ->original(). This seemed the easier change. So to reset the original you need to call reload() or clear(). There is now an optional parameter on the reload to only reload the original. 2010-01-13 11:27:09 -08:00