stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-06-02 01:39:21 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
5,143 Commits 4 Branches 0 Tags
c8a8097ef2ebbb78d7d20b99f1ea2af3da946bca
Commit Graph

64 Commits

Author SHA1 Message Date
Bharat Mediratta
2bfcec9620 Prevent brute force login attacks by reducing login attempts to 1 per 
minute after there have been 5 consecutive failed login attempts.

Fix for ticket #589.
 2010-01-30 19:48:57 -08:00
Bharat Mediratta
743fbe7696 Add page_type to the rotate and delete context menu items so that the 
quick menu knows where to send you after the action is done.
 2010-01-28 23:22:38 -08:00
Tim Almdal
c51fe96820 Make the varible for the profile name more descriptive and clean the label 2010-01-28 09:27:27 -08:00
Tim Almdal
cedbc82dcc Do all the html::clean|purify calls in the views and not the controller. Also clean the subject line and email message body of the contact user email. 2010-01-28 07:44:58 -08:00
Bharat Mediratta
4ca91bf618 Merge branch 'master' of git@github.com:gallery/gallery3 into bharat_dev 
Conflicts:
	modules/gallery/tests/Access_Helper_Test.php
 2010-01-27 19:20:38 -08:00
Andy Staudacher
119297e2ad Apply html::clean() to UI visible strings, and show language names instead of locale tags to be consistent with the user edit form. 2010-01-25 23:05:41 -08:00
Bharat Mediratta
1606961153 Merge branch 'master' of git@github.com:gallery/gallery3 into bharat_dev 
Conflicts:
	modules/gallery/libraries/MY_ORM.php
 2010-01-25 19:49:17 -08:00
Tim Almdal
7c06e21ec4 Refactor creating the user profile page content into the the event module. The show_user_profile is used to provide content to the user profile page. Add the list of the users comments to the profile page. 2010-01-24 15:27:33 -08:00
Tim Almdal
ed5b07b335 Create a user profile page that is used as a landing page when referencing a user in messages or pages. 
Partial fix for ticket #889 and a fix for #931.
 2010-01-23 21:38:01 -08:00
Bharat Mediratta
fecac4a859 Merge branch 'master' of git@github.com:gallery/gallery3 into bharat_dev 
Conflicts:
	modules/gallery/tests/xss_data.txt
 2010-01-23 16:29:10 -08:00
Tim Almdal
abdeb21ccb Add a user_menu method to the Admin_View and then use this method to get the 
user menu.  Since the information displayed is identical in both admin and
theme views, it makes sense to combine the generation to it is done in a common
location.
 2010-01-23 13:29:49 -08:00
Tim Almdal
79bcfc93c3 Merge branch 'master' of git@github.com:gallery/gallery3 2010-01-22 13:38:23 -08:00
Tim Almdal
dabd5b84b2 Remove the identity manager screens and controller as alterntive identity providers are installed in the admin module screen. 2010-01-22 12:22:31 -08:00
Tim Almdal
603c3049a1 Treat identity providers just like other modules and use the admin_module to 
install and switch to a different identity provider.
 2010-01-22 09:39:29 -08:00
Bharat Mediratta
2744b2e938 Merge branch 'master' of git@github.com:gallery/gallery3 into bharat_dev 2010-01-22 00:27:56 -08:00
Andy Staudacher
07ba5fe43a Use Unicode instead of HTML entity (since the l10n server normalizes this way and rejects submissions that change under the normalization step) 2010-01-21 23:53:21 -08:00
Bharat Mediratta
b5a6a6a5d5 Oops, log::failure() doesn't exist. Use log::error(). 2010-01-16 11:44:21 -08:00
Bharat Mediratta
bf085a1a17 Convert photo uploading over to the new model based validation 
approach.

- Rearrange Simple_Uploader_Controller::add_photo() to validate
  the form early in the process, and switch to using model based
  validation.

- Move thumbnail generation into gallery_event::item_created() so
  that it's decoupled from the model.

- Delete photo::create() and move all of its logic into
  Item_Model::save().

- Add Item_Model::$data_file to track the data file associated
  with new movies and photos.

- Do some cleanup on the validation callbacks -- it turns out the
  2nd argument is the field name not the value.
 2010-01-16 00:51:31 -08:00
Bharat Mediratta
6b8a52d328 Fix the logout link to send you back to the current url. The old 
approach depended on having an $item, which is not the case on all
pages (eg: tag pages).  Also, check the CSRF in the logout controller,
else you can use the logout link as a blind forwarder.
 2010-01-04 21:37:51 -08:00
Bharat Mediratta
20bd09ff00 A more thorough fix for #745 and #940. Stop using the referer to 
guess how to send the user back.  Instead, proxy the originating item
id through the edit forms so that we can tell exactly what page we
were on when we began editing.  If we were viewing the item, then
redirect to its new url (in case it changed) to fix ticket #745.  But
if we were viewing some other item, then just stay on the current page
to fix #940.

The page_type approach didn't work because you'd have the same
"collection" page_type when doing a context menu edit for an album.
 2009-12-31 17:21:19 -08:00
Tim Almdal
41969cc9e4 Another holdover from the K2.4 conversion. In R2.4 the url::current(true) was returning an empty string. This fixes ticket #955. 2009-12-29 15:48:21 -08:00
Bharat Mediratta
9d19e272d6 Convert some database queries. 2009-12-17 21:16:51 -08:00
Bharat Mediratta
dec084fe08 Update database queries. 2009-12-06 21:34:09 -08:00
Bharat Mediratta
1fd0e14359 Convert all DB where() calls to take 3 arguments. 
Convert all open_paren() calls to and_open() or or_open() as appropriate.
 2009-11-26 12:09:04 -08:00
Bharat Mediratta
befb824420 Fixes #898 2009-11-20 21:16:59 -08:00
Tim Almdal
f5b0ce1f47 Revert "Currently Admin_Theme_Options controller assumes that all the themes will provide the same values. This change corrects that assumption and moves the management of the theme options, including creating the form and updating the theme options into the theme." 
This reverts commit 1692ee1308.
 2009-11-19 11:44:09 -08:00
Tim Almdal
1692ee1308 Currently Admin_Theme_Options controller assumes that all the themes will provide the same values. This change corrects that assumption and moves the management of the theme options, including creating the form and updating the theme options into the theme. 2009-11-18 14:37:49 -08:00
Bharat Mediratta
1067e68292 Redesign the way that we consider page types to create buckets of page 
types, and a subtype for specifics.  Currently the top level bucket

   collection, item, other

Here are the core subtypes so far:

   collection: album, search, tag
   item: movie, photo
   other: login, reset, comment-fragment, comment

It's legal to create new page_subtypes whenever you want.  Use the
appropriate page_type to get the coarse grain behavior that you want.
 2009-11-17 14:04:45 -08:00
Tim Almdal
47e0d91fcc Remove debugging statement 2009-11-07 21:51:57 -08:00
Tim Almdal
b5f2dbc2c4 Create a user_menu for the top of the page. Change the login, edit profile and logout portions of the banner to be rendered by the Theme_View::user_menu callback. This fires the user_menu event. Fixes Ticket #871. 2009-11-06 14:08:46 -08:00
Bharat Mediratta
96cbfe23a6 Respect the "theme" variable if we're an admin. This requires us to 
change the order of operations in gallery_event::gallery_ready() so
that we load users before themes.  Fixes ticket #836.
 2009-11-03 14:03:36 -08:00
Tim Almdal
376eb5673f Convert the event handlers for the "identity provider changed" and "user_deleted" events to use ORM or the Kohana query builder to build the database update calls instead of coding the sql directly. 2009-11-01 10:22:56 -08:00
Tim Almdal
c3dcfd136b Move the identity provider menu item under the settings menu and make the User/Groups administration a first level menu item. As discussed via -devel mailing list. 2009-10-31 14:41:55 -07:00
Tim Almdal
903b5f6f67 Add identity_change handlers to resolve the ownership issues of comments, subscription, items and tasks. 2009-10-31 14:23:05 -07:00
Tim Almdal
90465012d1 Patch to clean up loose ends when a user is deleted. 
* For items and tasks the owner id is set to admin
* For notification subscriptions, the subscription is deleted
* For comments, I've extracted the user name, email and url and set the guest_name, guest_email and guest_url columns while setting the author_id to identity::guest()->id
Fix for ticket #777.
 2009-10-30 14:23:57 -07:00
Tim Almdal
4bf2475684 Missed a couple of inconsistent capitalizations 2009-10-29 11:23:04 -07:00
Tim Almdal
53dd35b5c8 Just show the Identity admin menu item all the time. This gives a place to hang other user related module administartion menu links. 2009-10-29 08:30:39 -07:00
Tim Almdal
6fb116c53b Merge branch 'master' into talmdal_dev 2009-10-26 06:24:51 -07:00
Chad Kieffer
eb93e343e2 Make "move item in photo view" comment a todo. 2009-10-25 23:02:58 -06:00
Tim Almdal
f0f7bc2d12 Undo the merge from master because it is actually identity not user in this branch. 2009-10-25 08:10:27 -07:00
Tim Almdal
174e8ef3f7 Merge branch 'master' into talmdal_dev 2009-10-25 08:08:09 -07:00
Tim Almdal
576337c508 Replace reference to identity with the reference to user. Dangers of flipping back and forth between branches. 2009-10-25 08:07:05 -07:00
Bharat Mediratta
b33762a9f8 Update themes::load_theme() to work with mod_rewrite's short urls. 
Conflicts:

	modules/gallery/helpers/gallery_event.php
 2009-10-24 10:38:48 -07:00
Bharat Mediratta
91e9df7834 Update themes::load_theme() to work with mod_rewrite's short urls. 2009-10-24 10:37:12 -07:00
Tim Almdal
e5cf93c22a This is the one i should have checked in last time 2009-10-23 20:14:29 -07:00
Tim Almdal
cdf5a4fcbf Merge branch 'master' into talmdal_dev 
Conflicts:
	modules/gallery/helpers/gallery_event.php
 2009-10-23 19:58:15 -07:00
Tim Almdal
68411cc903 Allow themes to override event handlers. In gallery::ready() grab the server 
PATH_INFO and pass it to the theme::load_themes method.  If it starts with
\"/admin\", then set the theme to the active admin theme, otherwise set it to
the active site theme.  Fixes ticket #841: Themes cannot overload event classes."
 2009-10-23 17:58:55 -07:00
Tim Almdal
3c936d661a Change the name of identity library from Identity to IdentityProvider. Create a helper class called identity to simplify call the Identity Provider. Move the contents of MY_Session.php to the new helper class and remove the MY_Session class 2009-10-22 13:11:03 -07:00
Tim Almdal
7f9441c33d Changes to Identity interface to allow for multiple Identity providers. What I've tested to this point, is you can install a new provider, switch to it, login as administrator, uninstall the default user module, reinstall the user module, switch back to the user module and login. 2009-10-20 16:32:22 -07:00
Tim Almdal
c9a030dd08 Add a menu item to manage the Identity drivers if there is more than one installed 2009-10-18 09:21:34 -07:00