stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-05-20 11:29:24 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,042 Commits 4 Branches 0 Tags
b2d0b3ebbb1764593e387a2e07e0d4e67f4f5474
Commit Graph

331 Commits

Author SHA1 Message Date
Chad Kieffer
5f56cbf997 Wrap all admin views in g-block and g-block content. This provides the means to visually separate the view's title and description from everything else. Primary admin view title should always be h1, and only one h1 per view. Removed some unused admin CSS id's. 2009-10-18 20:22:10 -06:00
Chad Kieffer
ad0497a8d2 Drop our g-clearfix in favor of using jQuery UI's ui-helper-clearfix. 2009-10-17 12:58:31 -06:00
Tim Almdal
f5dd8d487e Move all the edit/update forms for users and groups back to the user module. 2009-10-15 08:56:31 -07:00
Tim Almdal
0d5d4c81bc Move the ui for user adminsitration back to the user module. 2009-10-14 21:20:30 -07:00
Tim Almdal
14e14003de refactor the user and group helpers into the gallery core module. 2 reason, first it makes sense that users and groups are a gallery requirement and belong in core. secondly, prepares the way for the Identity refactor. 2009-10-13 13:37:37 -07:00
Tim Almdal
2af4806011 Refactor the ui component of the user module into the gallery core module. 2009-10-13 13:19:17 -07:00
Tim Almdal
1c313e9d2d Continue to refactor locale and gallery3 ui from the user module to the gallery module 2009-10-13 12:46:27 -07:00
Tim Almdal
f8eee90705 remove the unused private function user::_md5Salt() 2009-10-13 12:38:21 -07:00
Tim Almdal
2c711d8908 refactor locale related functionality out of the user module and into the gallery module. 2009-10-13 12:33:00 -07:00
Tim Almdal
1ee7d24766 Add support for the in filter to get_user_list and get_group_list. Convert the notifications to use user::get_user_list instead of accessing the table directly. 2009-10-09 01:27:26 -07:00
Tim Almdal
00ee91837f Convert direct lookups for the user table using ORM to using the user::lookup_by_name and user_lookup API methods. 
Convert the Admin_User controller
Convert the login and password change controller
Change the item model to call user::lookup to get the owner.
On the log model, delete the relationship between the log and user table, and replace with a
call to user::lookup
(cherry picked from commit 194cc3b27a)
Create the get_user_list, lookup_by_name, lookup_by_hash and get_group_list api functions
 2009-10-09 01:26:35 -07:00
Tim Almdal
f67bfd0992 Change the users.php controller so its no longer restful. The problem with our approach to restfulness is that it assumes that the resource will be found in the gallery database. It may well be there, but in the case of using plugable drivers for users management, there are no guarantees that it is in our database or it could be in a ldap directory. So it was just easier to remove the restfulness and just call user::lookup instead. 
(cherry picked from commit b3211cb2a8)
 2009-10-08 23:22:07 -07:00
Chad Kieffer
121fcab5c8 Replaced most clear fix hacks with generic class. 2009-10-07 00:46:02 -06:00
Chad Kieffer
d581bbbd1e Renamed more CSS selectors from gName to g-name. 2009-10-04 15:53:00 -06:00
Chad Kieffer
3e6ba7acc3 Renamed most, if not all css selectors from gName to g-name. Moved a few shared images from wind to lib. Deleted unused images in the admin_wind. This will likely break a few ajax features. 2009-10-04 00:27:22 -06:00
Chad Kieffer
9145331fd4 Renamed and moved gOdd/gEven CSS classes. 2009-10-03 12:33:53 -06:00
Chad Kieffer
e1e8904e4a Convert gDialog and gCancel over to g-dialog and g-cancel. Refactor CSS id's and classes in the login/reset password dialog. 2009-09-30 22:49:36 -06:00
Chad Kieffer
8f3691d502 Apply button style and hover effect to password reset button. 2009-09-30 22:20:34 -06:00
Chad Kieffer
1f252f0609 Missed g-right application on add group 2009-09-30 21:52:51 -06:00
Chad Kieffer
0c3c13d27f Removed blank line. 2009-09-30 21:12:00 -06:00
Tim Almdal
a210878725 Merge branch 'master' into talmdal_dev 2009-09-30 07:37:14 -07:00
Tim Almdal
60d35b8992 Use the block_manager to manage site sidebar panels. Fixes ticket #110. 
* Extend block_manager to handle sidebar blocks. get_available has become get_available_admin_blocks, get_list becomes get_admin_list.
* Create new functions get_available_site_blocks which will look for gallery_block get_available_site_blocks.
* Refactor sidebar_blocks into a separate function and then call block_manager::get_html(site.sidebar). Convert image_block to use block management instead of theme::sidebar_blocks
* Change the block_manager api so that the theme is passed into the get method. convert info to the new sidebar block approach
* Convert the user module to use the new sidebar block structure. remove the installers for info and image_block modules.
* Convert tag and rss modules to the new sidebar framework. reset the version number to 1 for info and image_block modules.
* Change the get_html method to ignore empty blocks and change the individual handlers to return an empty string if no block is generated
* Add a warning message if no sidebar blocks are active and provide a link to the admin page that configures the sidebar.
 2009-09-30 07:31:12 -07:00
Chad Kieffer
72672bda39 Replaced gButtonLink with g-button. 2009-09-30 08:04:49 -06:00
Chad Kieffer
daa3a2b43c First round of CSS refactor updates. Added calls to gallery.common.css from wind and admin_wind. Replaced basic text align and block float classes. Removed section #2 from both themes screen styles. 2009-09-30 00:32:52 -06:00
Andy Staudacher
e168e0dfae CSRF / auth fixes, golden data file checkpoint 2009-09-15 21:50:48 -07:00
Bharat Mediratta
7fddd2aced Use abs_url() inside url::redirect() calls so that we don't just wind 
up tacking onto the base url.
 2009-09-10 21:31:50 -07:00
Bharat Mediratta
2aad580f53 Move specialized (pretty) url generation back into Item_Model so that 
we're not relying on overriding url::site() to do tricks around item
urls.  This means that you won't get item urls by doing
url::site("albums/37"), for example, but it also means that we won't
get pretty urls where we don't expect them (like in the action of a
<form> element).

Incidentally, this will help us move over to using the slug format
because if you've got a bad character in a url, the edit forms will
now work on it since they'll be id based.
 2009-09-08 13:44:52 -07:00
Bharat Mediratta
d8f5b0f5a3 Change click() to change() so that we immediately update the UI when 
the user picks a new option.
 2009-09-05 21:14:25 -07:00
Andy Staudacher
beb232a1cc Revert previous edit. Prefer « none » (sweet, nice Unicode characters) instead of HTML entities. 2009-09-05 17:43:47 -07:00
Andy Staudacher
047196b23c Add missing view for language selection 2009-09-05 17:39:49 -07:00
Bharat Mediratta
add134cc75 placeholder for a missing view 2009-09-04 20:29:12 -07:00
Bharat Mediratta
a25640f9b2 Shorten the name in the block so that it doesn't wrap. 
Use &laquo; and &raquo; in the << none >> text.
 2009-09-04 20:28:46 -07:00
Andy Staudacher
75e99c9ea3 When changing user preferences, reset the session based locale preferences. 2009-09-04 11:17:11 -07:00
Andy Staudacher
001623c755 Add new locale preferences: Adding per session (cookie) locale preferences and check the browser's / OS' locale preferences. 
Ticket 582.
 2009-09-04 11:06:20 -07:00
Andy Staudacher
53711225ac XSS / style fixes for newly detected issues (after fixing XSS scanner) 2009-09-01 01:28:52 -07:00
Andy Staudacher
2bc73e2e36 Fix XSS vectors in HTML attributes (mostly t() calls) 2009-08-31 21:51:57 -07:00
Andy Staudacher
ddb84c84e1 Rename mark_safe() to mark_clean() 2009-08-31 00:42:18 -07:00
Andy Staudacher
effccfd41d Change all instances of SafeString::of_safe_html() to html::mark_safe() in views. 2009-08-30 07:00:56 -07:00
Andy Staudacher
b9bd1681a3 Update all code to use helper method html::clean(), html::purify(), ... instead of SafeString directly. 2009-08-29 22:54:20 -07:00
Andy Staudacher
b4b638be44 Undo url helper changes - url methods no longer return a SafeString. 
Adding SafeString::of_safe_html() calls where urls are passed as parameters to t() and t2().
 2009-08-29 16:28:30 -07:00
Andy Staudacher
a5dfc81a8f Merge commit 'upstream/master' 
Conflicts:

	modules/akismet/views/admin_akismet.html.php
	modules/comment/helpers/comment_rss.php
	modules/gallery/helpers/gallery_rss.php
	modules/gallery/libraries/I18n.php
	modules/gallery/views/permissions_browse.html.php
	modules/gallery/views/simple_uploader.html.php
	modules/info/views/info_block.html.php
	modules/organize/controllers/organize.php
	modules/organize/views/organize.html.php
	modules/organize/views/organize_album.html.php
	themes/default/views/album.html.php
	themes/default/views/movie.html.php
	themes/default/views/photo.html.php
 2009-08-29 14:17:48 -07:00
Andy Staudacher
c01ac42c46 Refactor all calls of p::clean() to SafeString::of() and p::purify() to SafeString::purify(). 
Removing any p::clean() calls for arguments to t() and t2() since their args are wrapped in a SafeString anyway.
 2009-08-29 12:48:40 -07:00
Bharat Mediratta
50c624ed1b Fix active() to not use user::guest() as the fallback for our Session::get() call. 2009-08-29 12:20:03 -07:00
Andy Staudacher
020281d932 Adding SafeString which is going to replace p::clean() and p::purify(). 
Refactoring of Xss_Security_Test.
t() and t2() return a SafeString instance.

TODO:
 - Update all code to use SafeString where appropriate.
 - Update golden fole of Xss_Security_Test
 - Stop reporting CLEAN vars in Xss_Security_Test
 2009-08-29 10:45:47 -07:00
Bharat Mediratta
4828db003f Remove 'ENGINE=InnoDB' specification from tables that we create. Use 
the system's default table specification.  Fixes ticket #597.
 2009-08-27 15:47:54 -07:00
Bharat Mediratta
e586389f65 Don't ask for csrf when we're resetting passwords. They're not gonna have one. Duh! 
Fixes #642.
 2009-08-27 13:29:45 -07:00
Bharat Mediratta
5c25973ee8 Require a valid url for users. Fixes ticket #612. 2009-08-09 00:02:17 -07:00
Tim Almdal
445a8fb1b6 Change galleryPanel and galleryDialog widgets to gallery_panel and gallery_dialog respectively 
Signed-off-by: Bharat Mediratta <bharat@menalto.com>
 2009-08-08 02:08:42 +08:00
Tim Almdal
a302a9c3fa Refactor the gallery dialog into a jQuery widget 
Signed-off-by: Bharat Mediratta <bharat@menalto.com>
 2009-08-08 02:08:28 +08:00
Bharat Mediratta
1591c3871a Don't show the ajaxy login link in the top right corner if we're on the login page itself. 
Signed-off-by: Bharat Mediratta <bharat@menalto.com>
 2009-08-08 01:40:54 +08:00