gallery3.git - A clone of the Gallery3 code for testing and development.

Age	Commit message (Collapse)	Author
2010-02-18	Revert "Never assign a SafeString instance to a Model member (or hell will ↵	Bharat Mediratta
	break loose)." This reverts commit dcddc68f58dac2f0fe71f5a00ea4af32618efa13.
2010-02-18	Revert "Fix for ticket #1017: Handle the common case of t(html::clean($var)) ↵	Bharat Mediratta
	by casting SafeString instances to string in translate()." This reverts commit 4ca55a90ee2f8e1d8595b0ec53a601d6c65475f6.
2010-02-18	Improve setlocale() call, using some of G2's locale fallback code to match ↵	Andy Staudacher
	the platform's locale names.
2010-02-18	Improve setlocale() call, using some of G2's locale fallback code to match ↵	Andy Staudacher
	the platform's locale names.
2010-02-16	Fix for ticket #1017: Handle the common case of t(html::clean($var)) by ↵	Andy Staudacher
	casting SafeString instances to string in translate().
2010-02-15	Put focus on password field in reauthenticate dialog.	Andy Staudacher

2010-02-15	Update of reviewed XSS audit data.	Andy Staudacher

2010-02-15	Never assign a SafeString instance to a Model member (or hell will break loose).	Andy Staudacher

2010-02-15	return the absolute url not the relative for the full size, resize and thumb ↵	Tim Almdal
	images.
2010-02-14	Fix for ticket #491: Make user and group names translatable.	Andy Staudacher
	Also fixed a UI bug: No longer showing the edit user buttons to admins in the profile view (to be consistent with the requirements in the controller).
2010-02-14	Fix for ticket 901: Wrap Gallery version string into bdo tag to override the ↵	Andy Staudacher
	BiDi algorithm. Also, properly marking the "Powere by" string for translation. See: http://www.w3.org/International/tutorials/bidi-xhtml/#Slide0420
2010-02-14	Need to allow access to ::change_provider for CLI, to make packager work.	Andy Staudacher

2010-02-14	Enable session expiration. Currently, it's set to expire sessions after 7 ↵	Andy Staudacher
	days of inactivity.
2010-02-14	Minor security tightening of IdentityProvider::change_provider().	Andy Staudacher

2010-02-14	Create an items REST collection requests that accepts a list of resource ↵	Tim Almdal
	urls and returns the items associated with them.
2010-02-14	Remove the dirty flags from the information returned from the rest request ↵	Tim Almdal
	for an item. In addition, add links to the images.
2010-02-14	Change JavaScript reauthentication check to check via XHR.	Andy Staudacher
	Benefit: Getting the real deadline this way, not interfering with an ongoing maintenance task.
2010-02-14	HTML validation fix (<script>)	Andy Staudacher

2010-02-14	Some HTML validation fixes (don't render empty <ul> lists, empty id ↵	Andy Staudacher
	attributes, use & not &)
2010-02-14	For consistency, use straight Kohana_404_Exception instead of the event system.	Andy Staudacher

2010-02-12	Tighten up the text.	Bharat Mediratta

2010-02-12	Fix for tickets 1009 and 603: Show a themed error page to guests / ↵	Andy Staudacher
	registered users (not to admins though). And show a login form to guests for 404 (incl. insufficient view permissions) errors.
2010-02-12	Revert "1) Add a depth parameter to retrieving an item thru the rest api"	Bharat Mediratta
	This reverts commit 3439671bcfb99c1884285e4b4e53295f044e688f.
2010-02-12	1) Add a depth parameter to retrieving an item thru the rest api	Tim Almdal
	2) Standardize the structure of members so that client programs can consistently parse the return information. 3) Added a summary parameter so that client programs can easily determine if the information returned is summary (item type, item title) or the full meal deal
2010-02-11	Security: Fix leaking of album / photo names. Reject previous fix for ticket ↵	Andy Staudacher
	1009. Side effect: Renaming auth::required_login() to login_page().
2010-02-11	Use the admin/users/edit_user_form version of the user editing form	Bharat Mediratta
	right after initial install so that we're not requiring the user to re-enter the auto-generated password to change their password and email. Fixes ticket #1007
2010-02-10	Refactor the code to display the login page if the user does not have view	Tim Almdal
	permission into the common auth::require_login() method.
2010-02-10	If the user does not have permission to view the album, photo or movie, redirect	Tim Almdal
	to a logon page to allow the user to login. Pass the target url as a session variable to allow the user to be redirected where they want to go if the login was successful. Fixes ticket #1009.
2010-02-10	Use the helper ulr:current instead of manually creating the continue url.	Tim Almdal

2010-02-09	Merge branch 'master' of github.com:gallery/gallery3	Bharat Mediratta

2010-02-09	Formated upgrader for RTL languages. Closes ticket #883	Chad Kieffer

2010-02-09	Rename item name and slug if necessary to avoid a conflict when we	Bharat Mediratta
	move photos. Fixes ticket #957.
2010-02-09	Whitespace.	Bharat Mediratta

2010-02-09	Add unit tests for item::move() in preparation for renaming when there	Bharat Mediratta
	are conflicts (see ticket #957)
2010-02-08	Merge commit 'upstream/master'	Andy Staudacher

2010-02-08	Change admin area timeout from 20 to 90 minutes	Andy Staudacher

2010-02-08	Merge branch 'master' of github.com:gallery/gallery3	Bharat Mediratta

2010-02-08	Override Input::clean_input_keys() to sanitize malicious values out of	Bharat Mediratta
	strings instead of dying. This at least gives us graceful degradation. Fixes ticket #764, patch thanks to djnz.
2010-02-08	Suppress errors when checking for readability of /proc/loadavg. Often this ↵	Andy Staudacher
	file will be protected by openbasedir, and is_readable will trigger an open basedir warning.
2010-02-08	Fix for ticket 1008: Redirect to destination after re-auth.	Andy Staudacher

2010-02-08	Fix Arabic language name. Thanks shaibn for reporting the issue. Verified ↵	Andy Staudacher
	with CLDR data.
2010-02-07	Revert "Add the scheduler component to the admin maintenance screen."	Tim Almdal
	This reverts commit 48cb5021c6bd7e65a13a0ff50a9e76f72da7d3a1.
2010-02-07	Revert "Refactor the admin maintenance screen so that events are used to	Tim Almdal
	populate the action buttons and other content such as the list of scheduled tasks." Leaving this api out of RC1. This reverts commit 19fee6b5e4ceb8a5f90cafe4ad770856ece108ef. Conflicts: modules/gallery/views/admin_maintenance.html.php
2010-02-07	Change welcome message dialog to link to the user_profile page instead of ↵	Andy Staudacher
	the change user dialog. a) the edit user form doesn't include the password anymore b) the new admin would probably also like to change the email, so directing him to the profile page with options to change the pw / email. Ideally, we'd have a special purpose edit profile page for the install experience, without prompting for the randomly generated password. But that's something for another task.
2010-02-07	Addendum for ticket 585: Handle case C), redirect the admin to a non-admin ↵	Andy Staudacher
	page when the admin area session expires, before the admin has a chance to send an XHR admin request, for which we wouldn't have a good answer.
2010-02-07	Last partial fix for ticket 585: Compartmentalize the admin area and require ↵	Andy Staudacher
	active authentication every 20 minutes to access the admin area. Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now.
2010-02-07	Merge commit 'upstream/master'	Andy Staudacher

2010-02-07	Fix installer code for version 27, and introduce new module variable in ↵	Andy Staudacher
	version 28 as a preparation for admin area compartmentalization.
2010-02-07	Remove the redundant reference to ["force_rtl".	Tim Almdal

2010-02-07	Merge branch 'master' of git@github.com:gallery/gallery3	Tim Almdal