| Age | Commit message (Collapse) | Author |
|---|
|
registered users (not to admins though). And show a login form to guests for 404 (incl. insufficient view permissions) errors.
|
|
1009.
Side effect: Renaming auth::required_login() to login_page().
|
|
permission into the common auth::require_login() method.
|
|
to a logon page to allow the user to login. Pass the target url as a session
variable to allow the user to be redirected where they want to go if the login
was successful. Fixes ticket #1009.
|
|
|
|
|
|
This reverts commit 48cb5021c6bd7e65a13a0ff50a9e76f72da7d3a1.
|
|
populate the action buttons and other content such as the list of scheduled
tasks."
Leaving this api out of RC1.
This reverts commit 19fee6b5e4ceb8a5f90cafe4ad770856ece108ef.
Conflicts:
modules/gallery/views/admin_maintenance.html.php
|
|
active authentication every 20 minutes to access the admin area.
Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now.
|
|
|
|
separate from a successful or failed login.
1) Rename user_login_failed event to user_authenticate_failed
2) Rename failed_logins table to failed_auth (bump Gallery module to
v27 to rename the table)
3) auth::too_many_failed_logins -> auth::too_many_failures
4) auth::record_failed_auth_attempts -> auth::record_failed_attempts
auth::clear_failed_auth_attempts -> auth::clear_failed_attempts
|
|
the action buttons and other content such as the list of scheduled tasks.
|
|
|
|
|
|
mostly issues around uninitialized variables, calling non-static
functions in a static context, calling Session functions directly
instead of on its singleton, passing non-variables by reference, and
subclasses not using the same interface as the parent class.
|
|
a year.
|
|
in the version 24 upgrade code.
Update packager to serialize files so that we can serialize the new
.htaccess files
Update init_var.php to include the newly serialized .htaccess files.
Fixes ticket #587.
|
|
minute after there have been 5 consecutive failed login attempts.
Fix for ticket #589.
|
|
|
|
down to the JS as an object.
|
|
Also clean the subject line and email message body of the contact user email.
|
|
Conflicts:
modules/gallery/libraries/MY_ORM.php
|
|
to use javascript to return to the previous page.
|
|
|
|
|
|
The show_user_profile is used to provide content to the user profile page. Add the list of the users comments to the profile page.
|
|
user in messages or pages.
Partial fix for ticket #889 and a fix for #931.
|
|
Conflicts:
modules/gallery/tests/xss_data.txt
|
|
printing the form. Fixes ticket #980.
|
|
provider and then reinstall the current one.
|
|
installers to can_activate to reflect that it is doing more than just checking the environment.
|
|
providers are installed in the admin module screen.
|
|
|
|
which is called prior to installation. The method allows the module to provide
an error message or warnings if the module can not be installed or activated
without issues. The admin module controller also will fire a pre_deactivate
event, which allows modules to indicate issues that may arise be deactivating the
specified module.
These messages are displayed in a dialog box prior to installation in order to
allow the gallery administrator to determine the appropriate action before proceeding.
Lays the foundation for implementing a fix for ticket #937
|
|
longer casting in ORM.
Task->done is now a string, boolean false is stored as integer 0 and loaded as string "0". On the client side that's interpreted as truthy in JavaScript.
Fix: cast "0" to (bool) before encoding to JSON.
|
|
consistency between field names than deal with underlying issues with
Forge bitching about the "name" property.
|
|
consistency between field names than deal with underlying issues with
Forge bitching about the "name" property.
|
|
|
|
|
|
logic from movie::create() into Item_Model
|
|
|
|
approach.
- Rearrange Simple_Uploader_Controller::add_photo() to validate
the form early in the process, and switch to using model based
validation.
- Move thumbnail generation into gallery_event::item_created() so
that it's decoupled from the model.
- Delete photo::create() and move all of its logic into
Item_Model::save().
- Add Item_Model::$data_file to track the data file associated
with new movies and photos.
- Do some cleanup on the validation callbacks -- it turns out the
2nd argument is the field name not the value.
|
|
|
|
Item_Model::save(). This makes creating albums similar to editing
them and makes it difficult to create an album poorly. I expect to be
able to remove a lot of code from the photo and movie helper because
it's duplicated here.
In order to do this, I refactored ORM_MPTT::add_to_parent() into
ORM_MPTT::save() so we now add it to the parent when we do save. This
allows us to call save() only once which saves a database call per
add.
The Albums_Controller logic is roughly the same as before.
Haven't updated the tests yet, they're going to fail miserably since
many of them depend on album::create() which is now gone.
|
|
|
|
now only Albums_Controller::update() supports the pattern. All
form and controller based validation happening when editing an
album has been moved over.
Model based validation means that our REST controllers share the
same validation as web controllers. We'll have consistency
enforced at the model level, which is a Good Thing.
The basic pattern is now:
1) Rules are in the model
2) ORM::validate() (which is called by ORM::save() but you can
call it directly, too) checks the model for all the rules and
throws an ORM_Validation_Exception if there are failures
3) Actions are no longer taken when you call Item_Model::__set().
Instead, they're all queued up and executed when you call
Item_Model::save().
Notes:
- item::validate_xxx() functions are now in Item_Model::
- We still call $form->validate() because the form can have
rules (and forms triggered by events will likely continue to
have rules.
|
|
operands. '=' is no longer assumed. Fixes ticket #979
|
|
ticket #975
|
|
path. Otherwise, we will encode the slashes and won't find the item.
|
|
Fixes ticket #954.
|
