| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2010-02-06 | Fix for ticket 1004: Replace all uses of split with explode (none actually ↵ | Andy Staudacher | |
| required regular expressions). Thanks to Brian Hartsock for providing a patch! | |||
| 2010-02-06 | Fix for ticket 892: Avoid double escaping of HTML entities, instead use ↵ | Andy Staudacher | |
| Unicode in the source code for the locale names (as we do in other places already). Note: Also fixing the localized name of Ukrainian. For some reason it was garbled before. | |||
| 2010-02-06 | Merge commit 'upstream/master' | Andy Staudacher | |
| 2010-02-03 | Correct missing function name. | Tim Almdal | |
| 2010-02-02 | Protect password changes against brute force attacks. | Bharat Mediratta | |
| 2010-02-02 | Require the current password to change your password. | Bharat Mediratta | |
| Fixes ticket #585. Separate out the password change form from the regular edit user form. Require the old password to enter a new one. While I'm at it, roll the password strength javascript into a Form_Script element so that we can get rid of the old view (which incidentally fixes a bug where the password strength meter would go away on form errors). | |||
| 2010-02-02 | Add an upgrade path to prevent the item title field from being empty. | Bharat Mediratta | |
| 2010-02-02 | Merge branch 'master' of git@github.com:gallery/gallery3 | Bharat Mediratta | |
| 2010-02-02 | Merge branch 'master' into talmdal_dev | Tim Almdal | |
| 2010-02-02 | use html::purify to cleans the additional content on the admin maintence page. | Tim Almdal | |
| 2010-02-02 | Update the xss golden file to reflect the changes to the admin screen. | Tim Almdal | |
| 2010-02-02 | Refactor the admin maintenance screen so that events are used to pupluate ↵ | Tim Almdal | |
| the action buttons and other content such as the list of scheduled tasks. | |||
| 2010-02-02 | Merge commit 'upstream/master' | Andy Staudacher | |
| 2010-02-02 | Merge branch 'master' of git@github.com:gallery/gallery3 | Bharat Mediratta | |
| 2010-02-02 | Remove the test-transform:uppercase from the l10n css as it was causing ↵ | Tim Almdal | |
| problems with other text fields in IE and it violates our case standards. Fixes ticket #912 | |||
| 2010-02-02 | Change the view to display 'empty' when the variable value is a null ↵ | Tim Almdal | |
| string(""). Fixes ticket #987. | |||
| 2010-02-02 | Display the error message for the in place edit. Also improve the double ↵ | Tim Almdal | |
| click guard. Fixes ticket #1000. | |||
| 2010-02-01 | Merge branch 'master' of git@github.com:gallery/gallery3 | Bharat Mediratta | |
| 2010-02-01 | Localize the name "conflict" validation error when creating a new album. | Bharat Mediratta | |
| 2010-02-01 | Refactor starting a task into the task helper so we can call it multiple times. | Tim Almdal | |
| 2010-02-01 | Add the scheduler component to the admin maintenance screen. | Tim Almdal | |
| 2010-02-01 | Update the description to reflect we are only removing "expired" files. | Tim Almdal | |
| 2010-02-01 | Correct the internationalization of the status message. | Tim Almdal | |
| 2010-01-31 | Fix lots of warnings that pop up when we're in E_STRICT mode. They're | Bharat Mediratta | |
| mostly issues around uninitialized variables, calling non-static functions in a static context, calling Session functions directly instead of on its singleton, passing non-variables by reference, and subclasses not using the same interface as the parent class. | |||
| 2010-01-31 | Remove obsolete call to _force_block_adder() which has been broken for over ↵ | Bharat Mediratta | |
| a year. | |||
| 2010-01-31 | Minir l10n message cleanup. Avoid <br/> in messages since the server ↵ | Andy Staudacher | |
| normalizes them to <br />, i.e. leading to a mismatch. | |||
| 2010-01-31 | htaccess_works() can't use var/tmp anymore because that's locked down. | Bharat Mediratta | |
| So just create var/security_test and delete it when we're done. | |||
| 2010-01-31 | Elide data that isn't useful from the REST array. | Bharat Mediratta | |
| 2010-01-31 | Second attempt to fix the timezone issue. If the timezone is not set | Bharat Mediratta | |
| in phpinfo(), then force it to America/Los_Angeles for now. | |||
| 2010-01-31 | Update the timezone field to match the setting in | Bharat Mediratta | |
| system/config/locale.php. This fixes the "date_default_timezone_set() [function.date-default-timezone-set]: Timezone ID '' is invalid" error. | |||
| 2010-01-30 | Use Item_Model::as_restful_array() to simplify tests. | Bharat Mediratta | |
| 2010-01-30 | Add Item_Model::as_restful_array() for convenience. | Bharat Mediratta | |
| 2010-01-30 | Verified | Bharat Mediratta | |
| 2010-01-30 | Refactory auth::too_many_failed_logins() out of | Bharat Mediratta | |
| auth::validate_too_many_failed_logins() to conceptually separate the two. | |||
| 2010-01-30 | Protect REST login controller from brute force attacks too. | Andy Staudacher | |
| And make the REST auth token less predictable by using a better source for randomness. | |||
| 2010-01-30 | Update install.sql -- gallery version jumps from 23 to 25 due to a mistake | Bharat Mediratta | |
| in the version 24 upgrade code. Update packager to serialize files so that we can serialize the new .htaccess files Update init_var.php to include the newly serialized .htaccess files. Fixes ticket #587. | |||
| 2010-01-30 | Lock down web access to var/uploads, var/tmp and var/logs using .htaccess | Bharat Mediratta | |
| Fixes ticket #587. | |||
| 2010-01-30 | Prevent brute force login attacks by reducing login attempts to 1 per | Bharat Mediratta | |
| minute after there have been 5 consecutive failed login attempts. Fix for ticket #589. | |||
| 2010-01-30 | Make url::merge() function use the same exact definition as url_Core::merge() | Bharat Mediratta | |
| 2010-01-30 | Dump out validation errors so that we have some extra information in the logs. | Bharat Mediratta | |
| 2010-01-30 | Remap parent_id and album_cover_item_id to and from RESTful urls. | Bharat Mediratta | |
| 2010-01-30 | Make the error page more robust in the case where there's a failure | Bharat Mediratta | |
| early on in the framework code before we can load Gallery_I18n.php | |||
| 2010-01-29 | Don't forget to flush the relative_url_cache when updating the slug. | Bharat Mediratta | |
| 2010-01-29 | Go through all slugs and make them legal values. | Bharat Mediratta | |
| Upgrade gallery3 module to version 23 | |||
| 2010-01-29 | Merge branch 'master' of git@github.com:gallery/gallery3 | Bharat Mediratta | |
| 2010-01-29 | Oops, somebody (me?) forgot to update the gallery module version | Bharat Mediratta | |
| number in gallery_installer::install() so the install.sql was out of sync. | |||
| 2010-01-29 | Strongly type the argument list to the model::validate method. | Tim Almdal | |
| 2010-01-29 | Merge branch 'master' of git@github.com:gallery/gallery3 | Tim Almdal | |
| Conflicts: modules/gallery/views/in_place_edit.html.php | |||
| 2010-01-29 | Replace <?= form::close() ?> with </form>. Also add a call to ↵ | Tim Almdal | |
| access::csrf_form_field in the form template. Fixes ticket #996. | |||
| 2010-01-29 | Stop using obsolete form::close() | Bharat Mediratta | |
| Update the way we include the hidden CSRF field for InPlaceEdit. | |||
 |
index : gallery3.git | |
| A clone of the Gallery3 code for testing and development. | root |
| summaryrefslogtreecommitdiff |