summaryrefslogtreecommitdiff
path: root/modules/gallery/controllers/reauthenticate.php
AgeCommit message (Collapse)Author
2013-01-21Update copyright to 2013. Fixes #1953.Bharat Mediratta
2012-02-27Update copyright to 2012. #1822Bharat Mediratta
2011-01-21Update copyright to 2011.Bharat Mediratta
2010-09-10If the user is not an admin, don't 403 -- instead just redirect themBharat Mediratta
to the root album. Fixes ticket #1356.
2010-07-31Full pass over all the JSON encoding and JS dialog code. We now abideBharat Mediratta
by the following rules: 1) An initial dialog or panel load can take either HTML or JSON, but the mime type must accurately reflect its payload. 2) dialog form submits can handle a pure HTML response, but the mime type must also be correct. This properly resolves the problem where the reauth code gets a JSON response first from the reauth code, and then an HTML response when you reauth and continue on to a given form -- try it out with Admin > Settings > Advanced. 3) All JSON replies must set the mime type correctly. The json::reply convenience function does this for us. 4) By default, any HTML content sent back in the JSON response should be in the "html" field, no longer the "form" field. The combination of these allows us to stop doing boilerplate code like this in our controllers: // Print our view, JSON encoded json::reply(array("form" => (string) $view)); instead, controllers can just return HTML, eg: // Print our view print $view; That's much more intuitive for developers.
2010-07-31Resend the entire dialog content (including the wrapping view) instead of ↵Tim Almdal
just the form.
2010-07-31Missing the user name on the reauthenticate form.Tim Almdal
2010-07-31When the admin controller redirects to the reauthenticate controller, the ↵Tim Almdal
value of request::is_ajax() from the original request is lost. This patch stores its value in the session so the reauthenticate controller knows whether its in a dialog/panel or not.
2010-07-31More patches as part of #1225. Change the 'core' modules to use the json::replyTim Almdal
method to set the content type header and encode the response as a json object
2010-07-16Improve the fix for #1176 to use request::is_ajax() instead of tackingBharat Mediratta
on a query param to urls that appear in dialogs. This keeps things simpler.
2010-07-15Remove the code to call the controller directly and just use redirect. Now ↵Tim Almdal
that all the form calls actually return the form as a json object, calling the form creation controller method i no longer required.
2010-07-13Fix reauth authentication to use the identity helper instead of theBharat Mediratta
user helper directly. Else it doesn't work with LDAP and other identity systems.
2010-07-09remove debugging statementTim Almdal
2010-07-08Only add the 'Successfully re-authenticated' message to the status if the ↵Tim Almdal
admin page is not displayed in a dialog.
2010-07-07Fix for ticket #1176. Have the gallery.dialog code add a g-in-dialog ↵Tim Almdal
parameter to the url to let the controller know its in a dialog. The reauthenticate controller will format the password prompt as a page or a form content. If authentication is successful, then the original controller is called instead of being redirected to.
2010-07-05Revert "If the admin request originates as a dialog link, don't display the ↵Tim Almdal
entire page when reauthenticating the administrator. Just put the form in the dialog." This reverts commit 8493a3d36f597e183490ae880b35a3d98f50a045.
2010-07-05If the admin request originates as a dialog link, don't display the entire ↵Tim Almdal
page when reauthenticating the administrator. Just put the form in the dialog.
2010-06-12Push the continue url into the form for consistency with otherBharat Mediratta
login/continue code.
2010-04-17Change the key for invalid passwords from "invalid" toBharat Mediratta
"invalid_password" to remove ambiguity.
2010-03-03Update the copyright to 2010. It's only 3 months into the year :-)Bharat Mediratta
2010-02-08Fix for ticket 1008: Redirect to destination after re-auth.Andy Staudacher
2010-02-07Last partial fix for ticket 585: Compartmentalize the admin area and require ↵Andy Staudacher
active authentication every 20 minutes to access the admin area. Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now.
generated by cgit v1.2.3 (git 2.51.0) at 2025-11-23 15:39:03 +0000