stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-05-20 11:29:24 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
5,143 Commits 4 Branches 0 Tags
c8a8097ef2ebbb78d7d20b99f1ea2af3da946bca
Commit Graph

3154 Commits

Author SHA1 Message Date
Bharat Mediratta
2bfcec9620 Prevent brute force login attacks by reducing login attempts to 1 per 
minute after there have been 5 consecutive failed login attempts.

Fix for ticket #589.
 2010-01-30 19:48:57 -08:00
Bharat Mediratta
86fd81ef26 Make url::merge() function use the same exact definition as url_Core::merge() 2010-01-30 17:41:48 -08:00
Bharat Mediratta
69897b4c66 Fix the valid_admin code -- it was considering all non-admins invalid. 
Fixes ticket #997 (highest prime under 1000!)
 2010-01-30 16:20:44 -08:00
Bharat Mediratta
dccb2b73ff Dump out validation errors so that we have some extra information in the logs. 2010-01-30 16:19:00 -08:00
Bharat Mediratta
10e208ea5c Fix #992: Digibug pops up a blank page and doesn't allow printing 
form::hidden() changed in K24 breaking this.  Also fixed the spelling
of "$order_params"
 2010-01-30 16:05:20 -08:00
Bharat Mediratta
a161436015 Remap parent_id and album_cover_item_id to and from RESTful urls. 2010-01-30 15:46:35 -08:00
Bharat Mediratta
923a515ffb The user must have some edit permission somewhere to create a tag 2010-01-30 11:48:43 -08:00
Bharat Mediratta
43cb6d9b56 Make the error page more robust in the case where there's a failure 
early on in the framework code before we can load Gallery_I18n.php
 2010-01-30 11:38:40 -08:00
Bharat Mediratta
dcba664f74 Use ? or & as appropriate when appending output=html. 2010-01-29 20:37:48 -08:00
Bharat Mediratta
a04d0d2789 Add missing permission checks. 
Make the tag relationship an associative array.
 2010-01-29 19:42:38 -08:00
Bharat Mediratta
a95609849e Use var_export instead of print_r for better clarity. 2010-01-29 14:53:40 -08:00
Bharat Mediratta
d4998e37d8 Don't forget to flush the relative_url_cache when updating the slug. 2010-01-29 14:25:57 -08:00
Bharat Mediratta
98bcb95b10 Go through all slugs and make them legal values. 
Upgrade gallery3 module to version 23
 2010-01-29 14:20:34 -08:00
Bharat Mediratta
844d40a759 Oops, forgot to bump the version to 2 in install(). 2010-01-29 14:12:07 -08:00
Bharat Mediratta
3e2adae953 Merge branch 'master' of git@github.com:gallery/gallery3 2010-01-29 14:07:15 -08:00
Bharat Mediratta
45cdac973d Oops, somebody (me?) forgot to update the gallery module version 
number in gallery_installer::install() so the install.sql was out of
sync.
 2010-01-29 14:06:36 -08:00
Tim Almdal
c4e3604315 Strongly type the argument list to the model::validate method. 2010-01-29 14:04:27 -08:00
Tim Almdal
e4d9ea3394 Merge branch 'master' of git@github.com:gallery/gallery3 
Conflicts:
	modules/gallery/views/in_place_edit.html.php
 2010-01-29 11:39:22 -08:00
Tim Almdal
1bc0d05760 Replace <?= form::close() ?> with </form>. Also add a call to access::csrf_form_field in the form template. Fixes ticket #996. 2010-01-29 11:36:35 -08:00
Bharat Mediratta
660130cf1a Work around a weirdness where empty() doesn't work on input values. 2010-01-29 11:23:28 -08:00
Bharat Mediratta
3f5ad7d77a Clean up form validation code. 2010-01-29 11:20:35 -08:00
Bharat Mediratta
c214dfd094 Clean up form validation code. 2010-01-29 10:54:59 -08:00
Bharat Mediratta
0d73738099 Stop using obsolete form::close() 
Update the way we include the hidden CSRF field for InPlaceEdit.
 2010-01-29 10:13:10 -08:00
Bharat Mediratta
743fbe7696 Add page_type to the rotate and delete context menu items so that the 
quick menu knows where to send you after the action is done.
 2010-01-28 23:22:38 -08:00
Bharat Mediratta
aacafaaf35 Add @todo. 2010-01-28 23:17:32 -08:00
Bharat Mediratta
9908f37eef Use identity::set_active_user() instead of auth::login() when we 
change providers otherwise the user_installer code is going to be
calling auth::login() which causes all kinds of unexpected weirdness,
like it triggers the handler in gallery_event which detects graphics
toolkits, and that's only supposed to run on the first admin login.
 2010-01-28 21:33:41 -08:00
Bharat Mediratta
70b235e13d In auth::login() make the user active before trying to save it, else 
the validation code fails because it expects there to be an active
user.
 2010-01-28 21:33:01 -08:00
Bharat Mediratta
3584856afc Use auth::login() when we initially log in the admin user. 2010-01-28 21:32:50 -08:00
Bharat Mediratta
f0ae2c8165 Localize edit form error messages. 2010-01-28 20:55:38 -08:00
Bharat Mediratta
3ed81869cb Cast the SafeString $task->status to (string) so that it doesn't come 
down to the JS as an object.
 2010-01-28 20:44:10 -08:00
Bharat Mediratta
e7cfbfe376 Merge branch 'master' of git@github.com:gallery/gallery3 2010-01-28 20:39:01 -08:00
Bharat Mediratta
56d04b1ed8 cast $task->done to bool so that it doesn't show up as "0" to the JS, 
which will interpret that as a true value, when it's not.
 2010-01-28 20:38:48 -08:00
Andy Staudacher
5c527513c6 Fix language preference block / language cookie reading. 
The preference block must have been broken by a jquery update, and the cookie reading by a Kohana update.
 2010-01-28 19:46:53 -08:00
Tim Almdal
b8fb891828 Make the return button work in chrome, FF, IE, safari and opera. 2010-01-28 11:46:28 -08:00
Tim Almdal
1d4ed5a32c Merge branch 'master' of git@github.com:gallery/gallery3 2010-01-28 09:55:47 -08:00
Tim Almdal
11fbcfeb25 Found another broken link for what should have been the user profile 2010-01-28 09:55:41 -08:00
Bharat Mediratta
df3db40ab7 Reviewed DIRTY_ATTR 2010-01-28 09:43:10 -08:00
Bharat Mediratta
fcc72bbbd0 Rename $class to $css_class for clarity. 2010-01-28 09:41:18 -08:00
Bharat Mediratta
86721d3884 Reviewed all DIRTY_JS entries 2010-01-28 09:40:04 -08:00
Bharat Mediratta
c011b0e1f6 Secure the t("Completed") call. 2010-01-28 09:37:33 -08:00
Bharat Mediratta
44b372077c Secure the t("Continue") strings in javascript. 2010-01-28 09:35:38 -08:00
Tim Almdal
c51fe96820 Make the varible for the profile name more descriptive and clean the label 2010-01-28 09:27:27 -08:00
Tim Almdal
75aec29350 Update the xss golden file for user profile changes. 2010-01-28 08:42:14 -08:00
Tim Almdal
f943a2deef Don't show a link to the user profile for the guest user 2010-01-28 08:14:33 -08:00
Tim Almdal
cedbc82dcc Do all the html::clean|purify calls in the views and not the controller. Also clean the subject line and email message body of the contact user email. 2010-01-28 07:44:58 -08:00
Bharat Mediratta
bbe70119ef Localize validation messages. 2010-01-27 23:05:57 -08:00
Bharat Mediratta
31e4c21719 Localize error messages. 2010-01-27 23:03:47 -08:00
Bharat Mediratta
0e5b5e2559 Fix capitalization of "internet address". 2010-01-27 23:00:49 -08:00
Bharat Mediratta
e5b25983a6 Localize all error messages. 2010-01-27 23:00:29 -08:00
Bharat Mediratta
a2fc1d3422 Localize error messages for the built-in rules. 2010-01-27 22:55:54 -08:00