summaryrefslogtreecommitdiff
path: root/modules/gallery/helpers
AgeCommit message (Collapse)Author
2010-02-14Fix for ticket #491: Make user and group names translatable.Andy Staudacher
Also fixed a UI bug: No longer showing the edit user buttons to admins in the profile view (to be consistent with the requirements in the controller).
2010-02-14Fix for ticket 901: Wrap Gallery version string into bdo tag to override the ↵Andy Staudacher
BiDi algorithm. Also, properly marking the "Powere by" string for translation. See: http://www.w3.org/International/tutorials/bidi-xhtml/#Slide0420
2010-02-14Create an items REST collection requests that accepts a list of resource ↵Tim Almdal
urls and returns the items associated with them.
2010-02-14Change JavaScript reauthentication check to check via XHR.Andy Staudacher
Benefit: Getting the real deadline this way, not interfering with an ongoing maintenance task.
2010-02-14Some HTML validation fixes (don't render empty <ul> lists, empty id ↵Andy Staudacher
attributes, use &amp; not &)
2010-02-14For consistency, use straight Kohana_404_Exception instead of the event system.Andy Staudacher
2010-02-12Fix for tickets 1009 and 603: Show a themed error page to guests / ↵Andy Staudacher
registered users (not to admins though). And show a login form to guests for 404 (incl. insufficient view permissions) errors.
2010-02-12Revert "1) Add a depth parameter to retrieving an item thru the rest api"Bharat Mediratta
This reverts commit 3439671bcfb99c1884285e4b4e53295f044e688f.
2010-02-121) Add a depth parameter to retrieving an item thru the rest apiTim Almdal
2) Standardize the structure of members so that client programs can consistently parse the return information. 3) Added a summary parameter so that client programs can easily determine if the information returned is summary (item type, item title) or the full meal deal
2010-02-11Security: Fix leaking of album / photo names. Reject previous fix for ticket ↵Andy Staudacher
1009. Side effect: Renaming auth::required_login() to login_page().
2010-02-10Refactor the code to display the login page if the user does not have viewTim Almdal
permission into the common auth::require_login() method.
2010-02-09Rename item name and slug if necessary to avoid a conflict when weBharat Mediratta
move photos. Fixes ticket #957.
2010-02-09Whitespace.Bharat Mediratta
2010-02-08Change admin area timeout from 20 to 90 minutesAndy Staudacher
2010-02-08Suppress errors when checking for readability of /proc/loadavg. Often this ↵Andy Staudacher
file will be protected by openbasedir, and is_readable will trigger an open basedir warning.
2010-02-08Fix Arabic language name. Thanks shaibn for reporting the issue. Verified ↵Andy Staudacher
with CLDR data.
2010-02-07Addendum for ticket 585: Handle case C), redirect the admin to a non-admin ↵Andy Staudacher
page when the admin area session expires, before the admin has a chance to send an XHR admin request, for which we wouldn't have a good answer.
2010-02-07Last partial fix for ticket 585: Compartmentalize the admin area and require ↵Andy Staudacher
active authentication every 20 minutes to access the admin area. Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now.
2010-02-07Fix installer code for version 27, and introduce new module variable in ↵Andy Staudacher
version 28 as a preparation for admin area compartmentalization.
2010-02-07Merge branch 'master' of git@github.com:gallery/gallery3Tim Almdal
2010-02-07Refactor the is_rtl() helper into the Gallery_I18n class. This allows checkingTim Almdal
for a config value "force_rtl" which will layout the gallery pages in rtl mode without having to change to an language that is no longer understandable to the developer. Adding the line "$config['force_rtl'] = true;" to the config/locales.php file will make it happen.
2010-02-07Rename user_authenticate_xxx events to user_auth_xxx for brevity.Bharat Mediratta
2010-02-07Create the concept of a "failed authentication" as semanticallyBharat Mediratta
separate from a successful or failed login. 1) Rename user_login_failed event to user_authenticate_failed 2) Rename failed_logins table to failed_auth (bump Gallery module to v27 to rename the table) 3) auth::too_many_failed_logins -> auth::too_many_failures 4) auth::record_failed_auth_attempts -> auth::record_failed_attempts auth::clear_failed_auth_attempts -> auth::clear_failed_attempts
2010-02-06Fix ticket 930: Use the first frame as video thumbnail if the video is ↵Andy Staudacher
shorter than 3 seconds. And fall back to the default thumbnail if that operation fails. Thanks to lsowen for providing a patch!
2010-02-06Fix for ticket 892: Avoid double escaping of HTML entities, instead use ↵Andy Staudacher
Unicode in the source code for the locale names (as we do in other places already). Note: Also fixing the localized name of Ukrainian. For some reason it was garbled before.
2010-02-03Correct missing function name.Tim Almdal
2010-02-02Protect password changes against brute force attacks.Bharat Mediratta
2010-02-02Add an upgrade path to prevent the item title field from being empty.Bharat Mediratta
2010-02-02Merge branch 'master' of git@github.com:gallery/gallery3Bharat Mediratta
2010-02-01Merge branch 'master' of git@github.com:gallery/gallery3Bharat Mediratta
2010-02-01Localize the name "conflict" validation error when creating a new album.Bharat Mediratta
2010-02-01Refactor starting a task into the task helper so we can call it multiple times.Tim Almdal
2010-02-01Update the description to reflect we are only removing "expired" files.Tim Almdal
2010-02-01Correct the internationalization of the status message.Tim Almdal
2010-01-31Fix lots of warnings that pop up when we're in E_STRICT mode. They'reBharat Mediratta
mostly issues around uninitialized variables, calling non-static functions in a static context, calling Session functions directly instead of on its singleton, passing non-variables by reference, and subclasses not using the same interface as the parent class.
2010-01-31htaccess_works() can't use var/tmp anymore because that's locked down.Bharat Mediratta
So just create var/security_test and delete it when we're done.
2010-01-30Use Item_Model::as_restful_array() to simplify tests.Bharat Mediratta
2010-01-30Refactory auth::too_many_failed_logins() out ofBharat Mediratta
auth::validate_too_many_failed_logins() to conceptually separate the two.
2010-01-30Protect REST login controller from brute force attacks too.Andy Staudacher
And make the REST auth token less predictable by using a better source for randomness.
2010-01-30Lock down web access to var/uploads, var/tmp and var/logs using .htaccessBharat Mediratta
Fixes ticket #587.
2010-01-30Prevent brute force login attacks by reducing login attempts to 1 perBharat Mediratta
minute after there have been 5 consecutive failed login attempts. Fix for ticket #589.
2010-01-30Make url::merge() function use the same exact definition as url_Core::merge()Bharat Mediratta
2010-01-30Remap parent_id and album_cover_item_id to and from RESTful urls.Bharat Mediratta
2010-01-29Don't forget to flush the relative_url_cache when updating the slug.Bharat Mediratta
2010-01-29Go through all slugs and make them legal values.Bharat Mediratta
Upgrade gallery3 module to version 23
2010-01-29Oops, somebody (me?) forgot to update the gallery module versionBharat Mediratta
number in gallery_installer::install() so the install.sql was out of sync.
2010-01-28Add page_type to the rotate and delete context menu items so that theBharat Mediratta
quick menu knows where to send you after the action is done.
2010-01-28In auth::login() make the user active before trying to save it, elseBharat Mediratta
the validation code fails because it expects there to be an active user.
2010-01-28Use auth::login() when we initially log in the admin user.Bharat Mediratta
2010-01-28Fix language preference block / language cookie reading.Andy Staudacher
The preference block must have been broken by a jquery update, and the cookie reading by a Kohana update.
generated by cgit v1.2.3 (git 2.51.0) at 2025-11-12 01:21:02 +0000