| Age | Commit message (Collapse) | Author |
|---|
|
changing providers.
|
|
Create a helper class called identity to simplify call the Identity Provider. Move the contents of MY_Session.php to the new helper class and remove the MY_Session class
|
|
from the context menu or from its photo or album page.
Fixes ticket #745. Thanks to jankoprowski for the referrer approach.
|
|
|
|
part of the response. This insures that if the internet address changes, then
the page will reload properly.
|
|
|
|
to use it to get the group it is modifying
|
|
What I've tested to this point, is you can install a new provider, switch to it, login as administrator, uninstall the default user module, reinstall the user module, switch back to the user module and login.
|
|
the user module
Bagging the User_Definition and Group_Definition abstract classes and replacing them with interfaces with the same names.
Make sure all the unit tests work.
|
|
Conflicts:
modules/user/views/admin_users.html.php
|
|
to visually separate the view's title and description from everything else. Primary admin view title should always be h1, and only one h1 per view. Removed some unused admin CSS id's.
|
|
Identity provider if more than two are Identity providers are installed
|
|
MY_Session class to provide the user state changes in the session and a login.php helper that has the login form.
|
|
and group.php. Tried creating a identity helper, but the helper identity.php was confused with the library Identity.php. So got around this by making the methods on Identity static and calling the instance within the static methods. Also temporarily moved the user.php and group.php back into the user module.
|
|
module. The premise is that the plugable user module will provide the update screens if the user backend supports updates.
|
|
|
|
|
|
|
|
|
|
|
|
Conflicts:
modules/gallery/controllers/admin_users.php
modules/gallery/controllers/password.php
modules/gallery/helpers/group.php
modules/gallery/helpers/user.php
modules/notification/helpers/notification.php
|
|
If you can change the extension, then you can alter the way the server
handles the file, which is a security problem. So for example, you
can change a .JPG to a .PHP and then if you put some malicious PHP
code in the EXIF data, you can get the server to execute
it. Vulnerability is low because only users who have edit permissions
could do this.
Fixes ticket #846
|
|
|
|
|
|
our approach to restfulness is that it assumes that the resource will be found in the gallery database. It may well be there, but in the case of using plugable drivers from users, it could be in a ldap directory, it could be the gallery3 database, but the model could be wrapped in a control structure. So it was just easier to remove the restfulness and just call user::lookup instead.
|
|
providing the default Identity implementation.
* Remove the user_event callbacks and move them to the gallery_event callbacks. This will insure that the active user is always loaded (because the gallery callbacks are always called first) to its available to other gallery_ready handlers. Moved the method set_request_locale to the locales helper as it is more related to locales.
* Move the user controllers and views into the gallery module.
* Move the theme and block processing out of the user module and into core.
|
|
the other gallery graphics functions.
|
|
the other gallery graphics functions.
|
|
the module or theme. This checks for the existence of an application/modules or application/themes first."
This reverts commit e1e1461a77caf5bff457927f098366497de6ffff.
|
|
module or theme. This checks for the existence of an application/modules or application/themes first.
|
|
shared images from wind to lib. Deleted unused images in the admin_wind. This will likely break a few ajax features.
|
|
|
|
* Extend block_manager to handle sidebar blocks. get_available has become get_available_admin_blocks, get_list becomes get_admin_list.
* Create new functions get_available_site_blocks which will look for gallery_block get_available_site_blocks.
* Refactor sidebar_blocks into a separate function and then call block_manager::get_html(site.sidebar). Convert image_block to use block management instead of theme::sidebar_blocks
* Change the block_manager api so that the theme is passed into the get method. convert info to the new sidebar block approach
* Convert the user module to use the new sidebar block structure. remove the installers for info and image_block modules.
* Convert tag and rss modules to the new sidebar framework. reset the version number to 1 for info and image_block modules.
* Change the get_html method to ignore empty blocks and change the individual handlers to return an empty string if no block is generated
* Add a warning message if no sidebar blocks are active and provide a link to the admin page that configures the sidebar.
|
|
* moves the composite method back into core
* requires that the operation be fully qualified i.e. gallery_graphics::resize
* caches the graphics rules on each request
|
|
the movie edit form. Fixes ticket #726.
|
|
|
|
|
|
Fixes ticket #620
|
|
that the key was not changed as it as identical. This addresses the obscure issue raised in ticket #756
|
|
Conflicts:
modules/gallery/controllers/albums.php
|
|
|
|
Force the children_count to be zero, movies have no children.
Rename $photo to $movie everywhere.
|
|
This is not currently necessary (nor is it a security hole) because we
don't constrain permissions at the child level in the core, but it
makes our security audits easier and will enable the scenario where
somebody writes a module to add per-photo permissions.
|
|
row has a null value in the sort field. Fix for #627
Note: this changes get_position() to take an Item_Model instead of an id!
|
|
database type. Changed the packager to not remove the engine specification if the table is search_records. Fixes Ticket #774
|
|
|
|
album, just ignore the parameter.
|
|
up tacking onto the base url.
|
|
clearer what its purpose is. Add some spacing in the theme for it
so that it's less cramped.
|
|
filename over).
|
