| Age | Commit message (Collapse) | Author |
|---|
|
rules, thus no changes in Gallery_I18n.php or on the server side required.
|
|
|
|
(and fix the packager to truncate the cache table before packaging)
|
|
array from the Cache.
Until now, we loaded hundreds of translation messages row by row, and unserializing one by one at bootstrap time. That amounted to a significant percentage of the complete request time. This approach is more than 10x faster.
|
|
This reverts commit 5ddd7c9677b644396981de7df8176a3b168ffe21.
|
|
Adds a core.internal_cache_read_only config variable to Kohana's internals.
Kohana's internal_cache for find_file wasn't working in Gallery because the cache would be emptied on each request after reading it from disk and before most lookups would run.
1. Bootstrap sets initial core.modules (= include path): forge, kohana23_compat, gallery.
2. Kohana::setup() loads find_file cache from disk.
3. Gallery loads list of active modules and themes, and updates the core.modules value (=include path), which forces the internal find_file cache to be empties (which makes sense).
4. Request processing starts, and thus 80% of all Kohana::find_file() triggered is_file() invocations start off with an empty find_file cache.
In the case of my small Gallery installation, we're talking about 3100 is_file() invocations per request with or without internal_cache enabled. With this fix, this number is down to 800 invocations.
The basic idea is that we treat the cache as read only and don't write any (possibly dirty) values to it in memory until we're sure that the include path won't change later on in the request processing. Once we know the list of active modules and themes, we can update core.modules and finally flip the read-only state of the cache and start writing to it.
|
|
"display_all" is too coarse, and we should be letting event handlers
make the appropriate decision on what to display and when. This
duplicates some code, but it's now very clear in the event handlers
what's getting shown.
Throw a 404 if we try to view the user profile for a missing user.
The only feature change in this should be that we now display the
name, full name and website for a user to any other registered user,
which makes sense since these are typically public fields.
Don't show any of the edit buttons unless identity::is_writable()
|
|
dcddc68f58dac2f0fe71f5a00ea4af32618efa13
that casts $powered_by_string from SafeString to string.
|
|
This reverts commit 409121942590e12692eaf4e6e9e8b71bfe5ed60c.
|
|
break loose)."
This reverts commit dcddc68f58dac2f0fe71f5a00ea4af32618efa13.
|
|
|
|
Also fixed a UI bug: No longer showing the edit user buttons to admins in the profile view (to be consistent with the requirements in the controller).
|
|
BiDi algorithm. Also, properly marking the "Powere by" string for translation.
See: http://www.w3.org/International/tutorials/bidi-xhtml/#Slide0420
|
|
urls and returns the items associated with them.
|
|
Benefit: Getting the real deadline this way, not interfering with an ongoing maintenance task.
|
|
attributes, use & not &)
|
|
|
|
registered users (not to admins though). And show a login form to guests for 404 (incl. insufficient view permissions) errors.
|
|
This reverts commit 3439671bcfb99c1884285e4b4e53295f044e688f.
|
|
2) Standardize the structure of members so that client programs can consistently
parse the return information.
3) Added a summary parameter so that client programs can easily determine if the
information returned is summary (item type, item title) or the full meal deal
|
|
1009.
Side effect: Renaming auth::required_login() to login_page().
|
|
permission into the common auth::require_login() method.
|
|
move photos. Fixes ticket #957.
|
|
|
|
|
|
file will be protected by openbasedir, and is_readable will trigger an open basedir warning.
|
|
with CLDR data.
|
|
page when the admin area session expires, before the admin has a chance to send an XHR admin request, for which we wouldn't have a good answer.
|
|
active authentication every 20 minutes to access the admin area.
Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now.
|
|
version 28 as a preparation for admin area compartmentalization.
|
|
|
|
for a config value "force_rtl" which will layout the gallery pages in rtl mode
without having to change to an language that is no longer understandable to the
developer.
Adding the line "$config['force_rtl'] = true;" to the config/locales.php file
will make it happen.
|
|
|
|
separate from a successful or failed login.
1) Rename user_login_failed event to user_authenticate_failed
2) Rename failed_logins table to failed_auth (bump Gallery module to
v27 to rename the table)
3) auth::too_many_failed_logins -> auth::too_many_failures
4) auth::record_failed_auth_attempts -> auth::record_failed_attempts
auth::clear_failed_auth_attempts -> auth::clear_failed_attempts
|
|
shorter than 3 seconds. And fall back to the default thumbnail if that operation fails.
Thanks to lsowen for providing a patch!
|
|
Unicode in the source code for the locale names (as we do in other places already).
Note: Also fixing the localized name of Ukrainian. For some reason it was garbled before.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
mostly issues around uninitialized variables, calling non-static
functions in a static context, calling Session functions directly
instead of on its singleton, passing non-variables by reference, and
subclasses not using the same interface as the parent class.
|
|
So just create var/security_test and delete it when we're done.
|
|
|
|
auth::validate_too_many_failed_logins() to conceptually separate the
two.
|
|
And make the REST auth token less predictable by using a better source for randomness.
|
