| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2009-08-30 | Rename clean_js to js_string and have it return a complete JS string (with ↵ | Andy Staudacher | |
| delimiters) instead of just the string contents. Benefits: Using json_encode(), which is very robust. And as a user, it's clearer how to use this API compared to what it was before. | |||
| 2009-08-30 | Use is_descendant() API inside move_to() for clarity. | Bharat Mediratta | |
| 2009-08-30 | Improve no_tabs test to print out a complete list of files + line numbers + ↵ | Andy Staudacher | |
| line snippet. | |||
| 2009-08-30 | Add $theme-> methods to Xss whitelist for HTML safety. | Andy Staudacher | |
| Updating XSS golden file. | |||
| 2009-08-30 | Change all instances of SafeString::of_safe_html() to html::mark_safe() in ↵ | Andy Staudacher | |
| views. | |||
| 2009-08-30 | Fixing typo | Andy Staudacher | |
| 2009-08-29 | Minor cleanup | Andy Staudacher | |
| 2009-08-29 | Update all code to use helper method html::clean(), html::purify(), ... ↵ | Andy Staudacher | |
| instead of SafeString directly. | |||
| 2009-08-29 | Adding html::clean(), ::purify(), etc. | Andy Staudacher | |
| 2009-08-29 | Remove try/catch in resize() since that will swallow any exceptions | Bharat Mediratta | |
| that we generate when resizing. | |||
| 2009-08-29 | Undo url helper changes - url methods no longer return a SafeString. | Andy Staudacher | |
| Adding SafeString::of_safe_html() calls where urls are passed as parameters to t() and t2(). | |||
| 2009-08-29 | you can close the l10n client directly from its interface now, without going ↵ | jhilden | |
| back to the languages admin page | |||
| 2009-08-29 | XSS fixes | Andy Staudacher | |
| 2009-08-29 | Fix for ticket #628: | Tim Almdal | |
| 1) increased gallery module version to 11 2) added image_sharpened parameter to the gallery module 3) sharpen all resizes. | |||
| 2009-08-29 | Fix invalida syntax on trying to parse the progress bar percentage | Tim Almdal | |
| 2009-08-29 | L10n fixes for the admin_languages page, and JS/XSS cleanup of the organize ↵ | Andy Staudacher | |
| views. | |||
| 2009-08-29 | Fix link in l10n UI (for SafeString changes) | Andy Staudacher | |
| 2009-08-29 | Merge commit 'upstream/master' | Andy Staudacher | |
| Conflicts: modules/akismet/views/admin_akismet.html.php modules/comment/helpers/comment_rss.php modules/gallery/helpers/gallery_rss.php modules/gallery/libraries/I18n.php modules/gallery/views/permissions_browse.html.php modules/gallery/views/simple_uploader.html.php modules/info/views/info_block.html.php modules/organize/controllers/organize.php modules/organize/views/organize.html.php modules/organize/views/organize_album.html.php themes/default/views/album.html.php themes/default/views/movie.html.php themes/default/views/photo.html.php | |||
| 2009-08-29 | Fixing all detected XSS vectors in PHP->JS code. | Andy Staudacher | |
| Xss: Rename UNKNOWN back to DIRTY, JS_XSS to DIRTY_JS. (using a different flag value to highlight potential XSS vectors in JS) | |||
| 2009-08-29 | Merge branch 'master' of git@github.com:gallery/gallery3 | Chad Kieffer | |
| 2009-08-29 | Update status message styles. Lighten backgrounds, don't show background on ↵ | Chad Kieffer | |
| Admin Maintenance rows, and added gModuleStatus class. | |||
| 2009-08-29 | Bugfix: Don't forget to copy the _is_purified_html flag when cloning a ↵ | Andy Staudacher | |
| SafeString. | |||
| 2009-08-29 | Refactor all calls of p::clean() to SafeString::of() and p::purify() to ↵ | Andy Staudacher | |
| SafeString::purify(). Removing any p::clean() calls for arguments to t() and t2() since their args are wrapped in a SafeString anyway. | |||
| 2009-08-29 | Add more factory methods for convenience: | Andy Staudacher | |
| SafeString::purify() and SafeString::of_safe_html(). Removing SafeString::mark_html_safe() since it's no longer needed. | |||
| 2009-08-29 | Merge branch 'talmdal_branch' of git@github.com:gallery/gallery3 | Bharat Mediratta | |
| 2009-08-29 | Clean up the test and get it working. | Bharat Mediratta | |
| 2009-08-29 | Adding SafeString::for_html_attr() | Andy Staudacher | |
| 2009-08-29 | Fix for 641... extend viewable functionality to comments. Viewable unit test ↵ | Tim Almdal | |
| is not working. | |||
| 2009-08-29 | Have url::site() and other methods return a SafeString, just as t() and t2(). | Andy Staudacher | |
| Benefits: - url::site() is often used in views and we can ensure in the url class that returned strings are indeed safe for use in HTML. Makes the list of vars of unknown safety status shorter. - url::site() is often used as message parameter to t() and t2(). The parameter would be HTML-escaped if it wasn't marked as safe HTML already. Makes the usage simpler / shorter. | |||
| 2009-08-29 | Merge branch 'master' of git@github.com:gallery/gallery3 | jhilden | |
| 2009-08-29 | * created new generic "Add" dropdown in the site menu. this should take care ↵ | jhilden | |
| of ticket #537 * removed start/stop translation menu items from the admin, since they are on the languags admin page now | |||
| 2009-08-29 | Standardize the access to the create_random_item method | Tim Almdal | |
| 2009-08-29 | improved translation interface so that it now can be closed without going to ↵ | jhilden | |
| the admin | |||
| 2009-08-29 | Merge branch 'master' of git@github.com:gallery/gallery3 | Bharat Mediratta | |
| 2009-08-29 | Adding SafeString which is going to replace p::clean() and p::purify(). | Andy Staudacher | |
| Refactoring of Xss_Security_Test. t() and t2() return a SafeString instance. TODO: - Update all code to use SafeString where appropriate. - Update golden fole of Xss_Security_Test - Stop reporting CLEAN vars in Xss_Security_Test | |||
| 2009-08-29 | Using SafeString in album controller / view | Andy Staudacher | |
| 2009-08-28 | improved translations admin interface | jhilden | |
| 2009-08-28 | Display the sort order in the Organize dialog, and allow users to | Bharat Mediratta | |
| change the sort order on the fly. | |||
| 2009-08-28 | improved UI for the languages admin | jhilden | |
| this should take care of bug #329 | |||
| 2009-08-28 | Rename sort columns: | Bharat Mediratta | |
| * Order Added => Manual * Capture Date => Date captured * Creation Date => Date uploaded * Updated Date => Date modified Set the default sort order to "created" which mimics what we had before, expt that it is not manual. | |||
| 2009-08-28 | Don't record mail failures when we throw the exception, record them | Bharat Mediratta | |
| when we catch the exception instead. | |||
| 2009-08-28 | Merge branch 'master' of git@github.com:talmdal/gallery3 | Bharat Mediratta | |
| 2009-08-28 | Add logging to sendmail library when exception encountered | Tim Almdal | |
| 2009-08-28 | Merge branch 'master' of git@github.com:gallery/gallery3 | jhilden | |
| 2009-08-27 | Merge branch 'master' of git://github.com/gallery/gallery3 | Tim Almdal | |
| 2009-08-27 | fixed CSS bug in the simple uploader #629 | jhilden | |
| and improved permissions UI to include breadcrumbs (consistent with the uploader dialog) | |||
| 2009-08-27 | Properly deal with invalid images. This fixes ticket #611 which shows | Bharat Mediratta | |
| a BMP masquerading as a .jpg causing us to be unable to rebuild resizes and thumbnails. Now if that happens, we discard the file, log it and move on. | |||
| 2009-08-27 | Merge branch 'master' of git://github.com/gallery/gallery3 | Tim Almdal | |
| 2009-08-27 | Remove 'ENGINE=InnoDB' specification from tables that we create. Use | Bharat Mediratta | |
| the system's default table specification. Fixes ticket #597. | |||
| 2009-08-27 | Convert tabs to spaces. | Bharat Mediratta | |
 |
index : gallery3.git | |
| A clone of the Gallery3 code for testing and development. | root |
| summaryrefslogtreecommitdiff |