summaryrefslogtreecommitdiff
path: root/modules/gallery
AgeCommit message (Collapse)Author
2009-09-02Fix formatting, and use a properly named file inBharat Mediratta
change_photo_no_csrf_fails_test() so that GD doesn't bomb.
2009-09-02Deal with the aftermath of adding sharpen() calls. Since GD does notBharat Mediratta
support it, this causes crashes as soon as you try to use it, which breaks a bunch of our tests. Also, give the user some idea that sharpen() is missing in the UI. Fixes #689.
2009-09-02Refactor how we use $this->relative_path() so that we're not callingBharat Mediratta
it twice on both sides of a ternary operator.
2009-09-01Fix up incorrectly applied html::mark_clean(). Resolves #698, thanks fperwth!Bharat Mediratta
2009-09-01Allow anything to be made an album cover, except for direct childrenBharat Mediratta
of the root album (which has no visible album cover, so no point in offering that option). This fully resolves #705.
2009-09-01Remove unused l10n messageAndy Staudacher
2009-09-01Fix bug #522 - Handle "save settings" correctly in the "share translations" ↵Andy Staudacher
form.
2009-09-01Merge commit 'upstream/master'Andy Staudacher
2009-09-01Update XSS scanner golden fileAndy Staudacher
2009-09-01XSS / style fixes for newly detected issues (after fixing XSS scanner)Andy Staudacher
2009-09-01Remove debugging codeAndy Staudacher
2009-09-01Fix bug in XSS scanner for <script> block @ position 0 of inline_htmlAndy Staudacher
2009-08-31Set CSS cursor to hand for jQuery UI ui-state-hover elements. Fixes all but ↵Chad Kieffer
progress bar cursor. #669
2009-08-31Merge branch 'master' of git@github.com:gallery/gallery3Chad Kieffer
2009-08-31Don't include Make this the album's cover in context menu's for albums. #705Chad Kieffer
2009-08-31Update XSS test golden fileAndy Staudacher
2009-08-31Merge branch 'master' of git@github.com:gallery/gallery3Chad Kieffer
2009-08-31Merge commit 'upstream/master'Andy Staudacher
2009-08-31Fix XSS vectors in HTML attributes (mostly t() calls)Andy Staudacher
2009-08-31Add icons to context menu for albums. I'm open to other options, if folks ↵Chad Kieffer
think there's something better in the jQuery UI themeroller set.
2009-08-31Add XSS check for HTML attributesAndy Staudacher
2009-08-31Merge branch 'master' of git@github.com:gallery/gallery3Bharat Mediratta
2009-08-31Stay on the same page when editing albums/movies/photos. Fixes ticketBharat Mediratta
2009-08-31Add XSS check to ensure that html::js_string() is not preceded by a quote.Andy Staudacher
2009-08-31XSS review fixes (mostly adding missing html::mark_clean()) calls.Andy Staudacher
2009-08-31Adding XSS test for href="javascript: and onclick="..."Andy Staudacher
2009-08-31Rename mark_safe() to mark_clean()Andy Staudacher
2009-08-31Merge commit 'upstream/master'Andy Staudacher
2009-08-30Updating golden XSS-test data fileAndy Staudacher
2009-08-30Check for href="<?= $foo ?>" (malicious "javascript:..." string)Andy Staudacher
2009-08-30Updating XSS golden fileAndy Staudacher
2009-08-30Merge commit 'upstream/master'Andy Staudacher
Conflicts: modules/gallery/views/l10n_client.html.php modules/organize/views/organize_tree.html.php modules/server_add/helpers/server_add_event.php
2009-08-30Tabs to spaces cleanupAndy Staudacher
2009-08-30Finish this pass at the Admin Maintenance view. Re-introduce status icons, ↵Chad Kieffer
put Cancel All, Delete All buttons in the action heading cell.
2009-08-30Merge branch 'master' of git@github.com:gallery/gallery3Chad Kieffer
2009-08-30Apply hover effect to buttons in progress indicator dialog.Chad Kieffer
2009-08-30Updating uses of html::js_string and SafeString::for_js (value now contains ↵Andy Staudacher
string delimiters)
2009-08-30Rename clean_js to js_string and have it return a complete JS string (with ↵Andy Staudacher
delimiters) instead of just the string contents. Benefits: Using json_encode(), which is very robust. And as a user, it's clearer how to use this API compared to what it was before.
2009-08-30Use is_descendant() API inside move_to() for clarity.Bharat Mediratta
2009-08-30Improve no_tabs test to print out a complete list of files + line numbers + ↵Andy Staudacher
line snippet.
2009-08-30Add $theme-> methods to Xss whitelist for HTML safety.Andy Staudacher
Updating XSS golden file.
2009-08-30Change all instances of SafeString::of_safe_html() to html::mark_safe() in ↵Andy Staudacher
views.
2009-08-30Fixing typoAndy Staudacher
2009-08-29Minor cleanupAndy Staudacher
2009-08-29Update all code to use helper method html::clean(), html::purify(), ... ↵Andy Staudacher
instead of SafeString directly.
2009-08-29Adding html::clean(), ::purify(), etc.Andy Staudacher
2009-08-29Remove try/catch in resize() since that will swallow any exceptionsBharat Mediratta
that we generate when resizing.
2009-08-29Undo url helper changes - url methods no longer return a SafeString.Andy Staudacher
Adding SafeString::of_safe_html() calls where urls are passed as parameters to t() and t2().
2009-08-29you can close the l10n client directly from its interface now, without going ↵jhilden
back to the languages admin page
2009-08-29XSS fixesAndy Staudacher
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-28 05:28:45 +0000