gallery3.git - A clone of the Gallery3 code for testing and development.

Age	Commit message (Collapse)	Author
2009-11-19	Revert "Create theme::get_var(), theme::set_var() methods to set the options ↵	Tim Almdal
	of the active site theme. Change all refrences to theme options to use these methods. Update the version number of Gallery to 20 and move any them related options to the be stored under the active theme." This reverts commit 26114972c3388f065220b94a0d5962f20a6ccd0c.
2009-11-19	Revert "Make sure that calls to the theme::get_var() have sane defaults in ↵	Tim Almdal
	the event that the theme does not supply them." This reverts commit 51f2b547672ab69a7a04d37b723c6afbeb584a59.
2009-11-19	Make sure that calls to the theme::get_var() have sane defaults in the event ↵	Tim Almdal
	that the theme does not supply them.
2009-11-18	Create theme::get_var(), theme::set_var() methods to set the options of the ↵	Tim Almdal
	active site theme. Change all refrences to theme options to use these methods. Update the version number of Gallery to 20 and move any them related options to the be stored under the active theme.
2009-10-04	Renamed most, if not all css selectors from gName to g-name. Moved a few ↵	Chad Kieffer
	shared images from wind to lib. Deleted unused images in the admin_wind. This will likely break a few ajax features.
2009-06-23	Gracefully handle the case when the gallery2 instances moves somewhere	Bharat Mediratta
	else (or gets deleted). Fixes ticket #458
2009-06-01	Security pass over all controller code. Mostly adding CSRF checking	Bharat Mediratta
	and verifying user permissions, but there are several above-the-bar changes: 1) Server add is now only available to admins. This is a hard requirement because we have to limit server access (eg: server_add::children) to a user subset and the current permission model doesn't include that. Easiest fix is to restrict to admins. Got rid of the server_add permission. 2) We now know check permissions at every level, which means in controllers AND in helpers. This "belt and suspenders" approach will give us defense in depth in case we overlook it in one area. 3) We now do CSRF checking in every controller method that changes the code, in addition to the Forge auto-check. Again, defense in depth and it makes scanning the code for security much simpler. 4) Moved Simple_Uploader_Controller::convert_filename_to_title to item:convert_filename_to_title 5) Fixed a bug in sending notification emails. 6) Fixed the Organize code to verify that you only have access to your own tasks. In general, added permission checks to organize which had pretty much no validation code. I did my best to verify every feature that I touched.
2009-05-27	Update all references to the core application to now point to the	Bharat Mediratta
	gallery module. This type of mass update is prone to some small bugs.
2009-05-13	Gee it's May already. Update copyright to 2009.	Bharat Mediratta

2009-05-12	Deal with the user-entered g2 embed.php path a little more sanely so that if ↵	Bharat Mediratta
	the user enters the path to G2 itself, we find the embed.php path from there.
2009-05-09	Don't try to put g2_stats and g2_size into the view if g2 is not initialized.	Bharat Mediratta

2009-05-09	Usability and performance improvements	Bharat Mediratta
	Significantly speed up the process by copying Gallery2 thumbnails and resizes wherever possible instead of regenerating them. This requires us to figure out the dimensions of the original G2 derivative and make sure that it matches in some reasonable way. To allow users to take advantage of this, calculate the optimal thumb and resize size to set in G3 to match what was used in G2. While we're at it, give the user some idea of how much data is available in G2 to import.
2009-04-15	Very early round of Gallery 2 import code. It can import users (with	Bharat Mediratta
	the wrong password) and import groups, with a basic UI. Needs a ton more work.