summaryrefslogtreecommitdiff
path: root/modules/gallery
AgeCommit message (Collapse)Author
2010-01-30VerifiedBharat Mediratta
2010-01-30Refactory auth::too_many_failed_logins() out ofBharat Mediratta
auth::validate_too_many_failed_logins() to conceptually separate the two.
2010-01-30Protect REST login controller from brute force attacks too.Andy Staudacher
And make the REST auth token less predictable by using a better source for randomness.
2010-01-30Update install.sql -- gallery version jumps from 23 to 25 due to a mistakeBharat Mediratta
in the version 24 upgrade code. Update packager to serialize files so that we can serialize the new .htaccess files Update init_var.php to include the newly serialized .htaccess files. Fixes ticket #587.
2010-01-30Lock down web access to var/uploads, var/tmp and var/logs using .htaccessBharat Mediratta
Fixes ticket #587.
2010-01-30Prevent brute force login attacks by reducing login attempts to 1 perBharat Mediratta
minute after there have been 5 consecutive failed login attempts. Fix for ticket #589.
2010-01-30Make url::merge() function use the same exact definition as url_Core::merge()Bharat Mediratta
2010-01-30Dump out validation errors so that we have some extra information in the logs.Bharat Mediratta
2010-01-30Remap parent_id and album_cover_item_id to and from RESTful urls.Bharat Mediratta
2010-01-30Make the error page more robust in the case where there's a failureBharat Mediratta
early on in the framework code before we can load Gallery_I18n.php
2010-01-29Don't forget to flush the relative_url_cache when updating the slug.Bharat Mediratta
2010-01-29Go through all slugs and make them legal values.Bharat Mediratta
Upgrade gallery3 module to version 23
2010-01-29Merge branch 'master' of git@github.com:gallery/gallery3Bharat Mediratta
2010-01-29Oops, somebody (me?) forgot to update the gallery module versionBharat Mediratta
number in gallery_installer::install() so the install.sql was out of sync.
2010-01-29Strongly type the argument list to the model::validate method.Tim Almdal
2010-01-29Merge branch 'master' of git@github.com:gallery/gallery3Tim Almdal
Conflicts: modules/gallery/views/in_place_edit.html.php
2010-01-29Replace <?= form::close() ?> with </form>. Also add a call to ↵Tim Almdal
access::csrf_form_field in the form template. Fixes ticket #996.
2010-01-29Stop using obsolete form::close()Bharat Mediratta
Update the way we include the hidden CSRF field for InPlaceEdit.
2010-01-28Add page_type to the rotate and delete context menu items so that theBharat Mediratta
quick menu knows where to send you after the action is done.
2010-01-28Add @todo.Bharat Mediratta
2010-01-28Use identity::set_active_user() instead of auth::login() when weBharat Mediratta
change providers otherwise the user_installer code is going to be calling auth::login() which causes all kinds of unexpected weirdness, like it triggers the handler in gallery_event which detects graphics toolkits, and that's only supposed to run on the first admin login.
2010-01-28In auth::login() make the user active before trying to save it, elseBharat Mediratta
the validation code fails because it expects there to be an active user.
2010-01-28Use auth::login() when we initially log in the admin user.Bharat Mediratta
2010-01-28Cast the SafeString $task->status to (string) so that it doesn't comeBharat Mediratta
down to the JS as an object.
2010-01-28Fix language preference block / language cookie reading.Andy Staudacher
The preference block must have been broken by a jquery update, and the cookie reading by a Kohana update.
2010-01-28Make the return button work in chrome, FF, IE, safari and opera.Tim Almdal
2010-01-28Merge branch 'master' of git@github.com:gallery/gallery3Tim Almdal
2010-01-28Found another broken link for what should have been the user profileTim Almdal
2010-01-28Reviewed DIRTY_ATTRBharat Mediratta
2010-01-28Rename $class to $css_class for clarity.Bharat Mediratta
2010-01-28Reviewed all DIRTY_JS entriesBharat Mediratta
2010-01-28Secure the t("Completed") call.Bharat Mediratta
2010-01-28Secure the t("Continue") strings in javascript.Bharat Mediratta
2010-01-28Make the varible for the profile name more descriptive and clean the labelTim Almdal
2010-01-28Update the xss golden file for user profile changes.Tim Almdal
2010-01-28Don't show a link to the user profile for the guest userTim Almdal
2010-01-28Do all the html::clean|purify calls in the views and not the controller. ↵Tim Almdal
Also clean the subject line and email message body of the contact user email.
2010-01-27Localize validation messages.Bharat Mediratta
2010-01-27Fix capitalization of "internet address".Bharat Mediratta
2010-01-27Localize all error messages.Bharat Mediratta
2010-01-27Localize error messages for the built-in rules.Bharat Mediratta
2010-01-27Remove unnecessary rules() in the form.Bharat Mediratta
2010-01-27Convert back to using ORM::factory(..., $id) instead of calling where().Bharat Mediratta
2010-01-27Convert __toString() to use (string) cast instead.Bharat Mediratta
2010-01-27Prevent accidentally deleting the root album.Bharat Mediratta
2010-01-27Change "resource" to "entity" in REST responses. They're allBharat Mediratta
resources, but we differentiate resources as collections and entities.
2010-01-27Merge branch 'master' of git@github.com:gallery/gallery3 into bharat_devBharat Mediratta
Conflicts: modules/gallery/tests/Access_Helper_Test.php
2010-01-27Verified and updatedBharat Mediratta
2010-01-27Switch to using test helper. Also, reload the album before runningBharat Mediratta
access::deny since the mptt pointers will have changed.
2010-01-26Merge branch 'master' of git@github.com:gallery/gallery3Tim Almdal
generated by cgit v1.2.3 (git 2.51.0) at 2025-11-11 07:02:41 +0000