| Age | Commit message (Collapse) | Author |
|---|
|
Instead of overwriting Kohana_Exception::handle() (which we were doing
in MY_Kohana_Exception) we instead use their existing template system.
gallery/views/kohana/error.php overrides system/views/kohana/error.php
and is the standard error template for all exceptions. Our version of
error.php figures out the appropriate view based on context (cli,
authenticated admin, guest viewing a 404, guest viewing a system
error) and delegates appropriately. Each delegated view has a narrow
responsibility.
This paves the way for us to add new error views per module. For
example, the rest module will define its own template in
Rest_Exception and then its exceptions can be rendered the way that it
wants (json encoded, in that case).
|
|
|
|
they are...
|
|
clears the upload canvas in webkit-based browsers.
|
|
positioning to handle upload button positioning. Remove color definitions to allow jQuery UI theme to set button colors. Consolidate upload dialog CSS to modules/css/gallery.css. Closes #885.
|
|
passwords, hashes or personally identifiable information.
|
|
|
|
"display_all" is too coarse, and we should be letting event handlers
make the appropriate decision on what to display and when. This
duplicates some code, but it's now very clear in the event handlers
what's getting shown.
Throw a 404 if we try to view the user profile for a missing user.
The only feature change in this should be that we now display the
name, full name and website for a user to any other registered user,
which makes sense since these are typically public fields.
Don't show any of the edit buttons unless identity::is_writable()
|
|
double-clicking the token only selects that one word, not the word on
the line before (which happens on Chrome/Linux)
|
|
|
|
simplified HTML and CSS.
|
|
This reverts commit 409121942590e12692eaf4e6e9e8b71bfe5ed60c.
|
|
|
|
Also fixed a UI bug: No longer showing the edit user buttons to admins in the profile view (to be consistent with the requirements in the controller).
|
|
|
|
attributes, use & not &)
|
|
|
|
registered users (not to admins though). And show a login form to guests for 404 (incl. insufficient view permissions) errors.
|
|
right after initial install so that we're not requiring the user to
re-enter the auto-generated password to change their password and
email.
Fixes ticket #1007
|
|
|
|
This reverts commit 48cb5021c6bd7e65a13a0ff50a9e76f72da7d3a1.
|
|
populate the action buttons and other content such as the list of scheduled
tasks."
Leaving this api out of RC1.
This reverts commit 19fee6b5e4ceb8a5f90cafe4ad770856ece108ef.
Conflicts:
modules/gallery/views/admin_maintenance.html.php
|
|
the change user dialog.
a) the edit user form doesn't include the password anymore
b) the new admin would probably also like to change the email, so directing him to the profile page with options to change the pw / email.
Ideally, we'd have a special purpose edit profile page for the install experience, without prompting for the randomly generated password. But that's something for another task.
|
|
active authentication every 20 minutes to access the admin area.
Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now.
|
|
account's email address.
Still leaving the user/group admin page wide open though.
|
|
|
|
Fixes ticket #585.
Separate out the password change form from the regular edit user form.
Require the old password to enter a new one. While I'm at it, roll
the password strength javascript into a Form_Script element so that we
can get rid of the old view (which incidentally fixes a bug where the
password strength meter would go away on form errors).
|
|
|
|
|
|
the action buttons and other content such as the list of scheduled tasks.
|
|
|
|
string(""). Fixes ticket #987.
|
|
click guard. Fixes ticket #1000.
|
|
|
|
normalizes them to <br />, i.e. leading to a mismatch.
|
|
early on in the framework code before we can load Gallery_I18n.php
|
|
Conflicts:
modules/gallery/views/in_place_edit.html.php
|
|
access::csrf_form_field in the form template. Fixes ticket #996.
|
|
Update the way we include the hidden CSRF field for InPlaceEdit.
|
|
The preference block must have been broken by a jquery update, and the cookie reading by a Kohana update.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Also clean the subject line and email message body of the contact user email.
|
|
to use javascript to return to the previous page.
|
|
|
|
The show_user_profile is used to provide content to the user profile page. Add the list of the users comments to the profile page.
|
