| Age | Commit message (Collapse) | Author |
|---|
|
#1973 Handle redirected G2 URLs for tags, including g2_itemId passed
|
|
|
|
In MySQL queries, _ and % characters are treated as wildcards (similar to ? and *, respectively).
- Added escape_for_like function to MY_Database.php
- Added unit test to Database_Test
- Corrected the five unescaped instances in the code using this function.
|
|
|
|
|
|
|
|
against UTF-7, and create a $.gallery_autocomplete variant of jQuery's
autocomplete that expects the first line to be a <meta> tag and
discards it. More complete fix for #1871.
|
|
|
|
|
|
Akismet marks them as spam, we don't immediately flush them out of the
database on the next visit to Admin > Content > Comments.
Also warn the user about Akismet, and fix up the G2 import code to
reimport deleted comments.
|
|
happen if the G2 was imported with rewrite on, so the g2_url in the
g2_map table has a shortened url, but then rewrite is disabled and the
.htaccess mod_rewrite rules are sending over a &g2_view=core.DownloadItem
request. Fixes #1728.
|
|
present the user with feedback in the form. Fixes #1727.
|
|
find them. Fixes #1708.
|
|
|
|
|
|
|
|
in case the url had spaces in it. Fixes ticket #1388.
|
|
|
|
Fixes ticket #1387.
|
|
|
|
period. Fixes ticket #1171.
|
|
valid so check to see that it's ok before proceeding. This should resolve #458.
|
|
|
|
|
|
controller auth code audit test.
|
|
DownloadItem URLs aren't rewritten in G2).
Note: For a perfect solution, we should add 2 map entries for each of G2's ShowItem and DownloadItem URLs, one for short and one for long style URLs.
E.g. A G2 installation might have been using short style URLs not for its complete lifetime. And long style URLs are supposed to work in G2 even when short style URLs are enabled (and its used that way in bbcode / as a way to get permenant, id based URLs from G2).
|
|
previously omitted, but we already had core.DownloadItem redirects for derivatives)
|
|
accidentally declared as admin controller.
(The previous attempt to fix this isn't a bad change either, thus keeping the external permenant redirect).
|
|
of G2 yet.
|
|
mostly issues around uninitialized variables, calling non-static
functions in a static context, calling Session functions directly
instead of on its singleton, passing non-variables by reference, and
subclasses not using the same interface as the parent class.
|
|
|
|
We now expect to either get query parameters from the Gallery2 url so
we can pick off g2_itemId, or we'll get the rewrite url in the path
query param.
|
|
|
|
as we don't need to pass the parameters by reference."""
This reverts commit 05b5a2c9ed9e5c3ed05eec8748f4bebc381993c4.
|
|
don't need to pass the parameters by reference.""
This reverts commit 630099364515fd0fd0453b4b548048c8a32c831c.
|
|
to pass the parameters by reference."
This reverts commit 75cc4962a2c945e3e3ad37fda3b5de32d512b929.
Revert "Make sure that calls to the theme::get_var() have sane defaults in the event that the theme does not supply them."
This reverts commit 51f2b547672ab69a7a04d37b723c6afbeb584a59.
Revert "Update the installer to reflect the new location of the theme related options."
This reverts commit 678e22996d73b96833c48d94751344a6bd8f2899.
Revert "Create theme::get_var(), theme::set_var() methods to set the options of the active site theme. Change all refrences to theme options to use these methods. Update the version number of Gallery to 20 and move any them related options to the be stored under the active theme."
This reverts commit 26114972c3388f065220b94a0d5962f20a6ccd0c.
Revert "Currently Admin_Theme_Options controller assumes that all the themes will provide the same values. This change corrects that assumption and moves the management of the theme options, including creating the form and updating the theme options into the theme."
This reverts commit 1692ee130887a6ad1ba68aa34a96ad36161600f9.
|
|
that the theme does not supply them.
|
|
active site theme. Change all refrences to theme options to use these methods. Update the version number of Gallery to 20 and move any them related options to the be stored under the active theme.
|
|
shared images from wind to lib. Deleted unused images in the admin_wind. This will likely break a few ajax features.
|
|
else (or gets deleted).
Fixes ticket #458
|
|
and verifying user permissions, but there are several above-the-bar
changes:
1) Server add is now only available to admins. This is a hard
requirement because we have to limit server access (eg:
server_add::children) to a user subset and the current permission
model doesn't include that. Easiest fix is to restrict to admins.
Got rid of the server_add permission.
2) We now know check permissions at every level, which means in
controllers AND in helpers. This "belt and suspenders" approach will
give us defense in depth in case we overlook it in one area.
3) We now do CSRF checking in every controller method that changes the
code, in addition to the Forge auto-check. Again, defense in depth
and it makes scanning the code for security much simpler.
4) Moved Simple_Uploader_Controller::convert_filename_to_title to
item:convert_filename_to_title
5) Fixed a bug in sending notification emails.
6) Fixed the Organize code to verify that you only have access to your
own tasks. In general, added permission checks to organize which had
pretty much no validation code.
I did my best to verify every feature that I touched.
|
|
gallery module. This type of mass update is prone to some small bugs.
|
|
|
|
the user enters the path to G2 itself, we find the embed.php path from there.
|
|
|
|
Significantly speed up the process by copying Gallery2 thumbnails and
resizes wherever possible instead of regenerating them. This requires
us to figure out the dimensions of the original G2 derivative and make
sure that it matches in some reasonable way.
To allow users to take advantage of this, calculate the optimal thumb
and resize size to set in G3 to match what was used in G2. While
we're at it, give the user some idea of how much data is available in
G2 to import.
|
|
the wrong password) and import groups, with a basic UI. Needs a ton
more work.
|
