| Age | Commit message (Collapse) | Author |
|---|
|
gallery module.
|
|
Conflicts:
modules/gallery/controllers/admin_users.php
modules/gallery/controllers/password.php
modules/gallery/helpers/group.php
modules/gallery/helpers/user.php
modules/notification/helpers/notification.php
|
|
If you can change the extension, then you can alter the way the server
handles the file, which is a security problem. So for example, you
can change a .JPG to a .PHP and then if you put some malicious PHP
code in the EXIF data, you can get the server to execute
it. Vulnerability is low because only users who have edit permissions
could do this.
Fixes ticket #846
|
|
Make the filename field required for photos/movies.
Fixes ticket #838
|
|
|
|
and display if the Identity driver does not support writes. This is set in the config.identity.php
|
|
our approach to restfulness is that it assumes that the resource will be found in the gallery database. It may well be there, but in the case of using plugable drivers from users, it could be in a ldap directory, it could be the gallery3 database, but the model could be wrapped in a control structure. So it was just easier to remove the restfulness and just call user::lookup instead.
|
|
|
|
|
|
and applied updates to views. Moved over draggable/droppable styles. Use g-target consistently for drag/drop interactions. Minor re-ordering of selectors in gallery.common.css. Updates to css comments.
|
|
|
|
back to looking in just lib itself. This is not consistent behavior
with the rest of our module structure, though so we should probably
make it more consistent.
Fix up the permission images to use gallery::find_file again.
|
|
providing the default Identity implementation.
* Remove the user_event callbacks and move them to the gallery_event callbacks. This will insure that the active user is always loaded (because the gallery callbacks are always called first) to its available to other gallery_ready handlers. Moved the method set_request_locale to the locales helper as it is more related to locales.
* Move the user controllers and views into the gallery module.
* Move the theme and block processing out of the user module and into core.
|
|
drivers early in the process so the session deserialization works.
|
|
the other gallery graphics functions.
|
|
the other gallery graphics functions.
|
|
|
|
Create an Identity library that defines the interface the Gallery3 expects
Move the user and group helpers into the gallery module to provide the familiar
interface into the Identity library.
Create a Gallery Identity back-end that is supplied by the user module.
The vision here is that all user and group code that is gallery or ui specific
is contained within the core product. Anything that relates to manipulating a
user or group is contained in the back end code that can be replaced.
|
|
the module or theme. This checks for the existence of an application/modules or application/themes first."
This reverts commit e1e1461a77caf5bff457927f098366497de6ffff.
|
|
module or theme. This checks for the existence of an application/modules or application/themes first.
|
|
shared images from wind to lib. Deleted unused images in the admin_wind. This will likely break a few ajax features.
|
|
to the document root. Instead ignore all th path parts until one of application, modules, themes, or libs is found. Fixes ticket #827
|
|
|
|
and classes in the login/reset password dialog.
|
|
page like tags
|
|
installer to activate and deactive the side bar blocks when a module is activated or deactivated.
|
|
and deactivate the sidebar blocks when the module is deactivated.
|
|
default sidebar.
|
|
|
|
applicable to admin sidebar blocks.
|
|
* Extend block_manager to handle sidebar blocks. get_available has become get_available_admin_blocks, get_list becomes get_admin_list.
* Create new functions get_available_site_blocks which will look for gallery_block get_available_site_blocks.
* Refactor sidebar_blocks into a separate function and then call block_manager::get_html(site.sidebar). Convert image_block to use block management instead of theme::sidebar_blocks
* Change the block_manager api so that the theme is passed into the get method. convert info to the new sidebar block approach
* Convert the user module to use the new sidebar block structure. remove the installers for info and image_block modules.
* Convert tag and rss modules to the new sidebar framework. reset the version number to 1 for info and image_block modules.
* Change the get_html method to ignore empty blocks and change the individual handlers to return an empty string if no block is generated
* Add a warning message if no sidebar blocks are active and provide a link to the admin page that configures the sidebar.
|
|
|
|
arguments... context menu events have 4 arguments.
|
|
gallery_event::$function first
* Refactor gallery.php to move site_menu, admin_menu, and context_menu to gallery_event.php
* Change Theme_View and Admin_view to call module::event("site_menu|admin_menu|context_menu"...)
|
|
exceptions is that they only need to be logged if they can't be caught
and handled. If we don't throw it, then the error gets swallowed and
the code that errored out just blithely continues.
|
|
|
|
|
|
Gallery_View::script/css to use gallery::find_file
|
|
capitalize reserved words, use single quotes in the query to avoid
escaping the double quotes, remove table alias.
|
|
|
|
gallery_graphics:: to each of the defined rules operations
|
|
* moves the composite method back into core
* requires that the operation be fully qualified i.e. gallery_graphics::resize
* caches the graphics rules on each request
|
|
theme names.
Update installer.sql
|
|
the grapics library from module supplied rules and secondly, allow for modules to provide new processing rules callbacks. graphics::generate will now look for <module_name>_graphics::<rule> methods.
|
|
processing. It was getting all confused with trying to figure out the completed and remaining. Now on initiation it sets the total images that are dirty and then counts the completed until it equals the total, then exits. Fixes ticket #771
|
|
gallery_error::error_handler as static
|
|
|
|
version number
|
|
function, but allows the extension to supplied as part of the filename. Changed the Edit permission dialog to use the new api method to locate the icons from the active theme.
|
|
gallery vars
|
