| Age | Commit message (Collapse) | Author |
|---|
|
SafeString::purify().
Removing any p::clean() calls for arguments to t() and t2() since their args are wrapped in a SafeString anyway.
|
|
Refactoring of Xss_Security_Test.
t() and t2() return a SafeString instance.
TODO:
- Update all code to use SafeString where appropriate.
- Update golden fole of Xss_Security_Test
- Stop reporting CLEAN vars in Xss_Security_Test
|
|
don't break encapsulation. In the logout controller, don't run the
url through url::redirect because that uses url::site(). Just set the
Location header directly.
This fixes ticket #483.
|
|
|
|
uses the full name if there is one, or falls back to the name if
that's all we have.
|
|
|
|
and verifying user permissions, but there are several above-the-bar
changes:
1) Server add is now only available to admins. This is a hard
requirement because we have to limit server access (eg:
server_add::children) to a user subset and the current permission
model doesn't include that. Easiest fix is to restrict to admins.
Got rid of the server_add permission.
2) We now know check permissions at every level, which means in
controllers AND in helpers. This "belt and suspenders" approach will
give us defense in depth in case we overlook it in one area.
3) We now do CSRF checking in every controller method that changes the
code, in addition to the Forge auto-check. Again, defense in depth
and it makes scanning the code for security much simpler.
4) Moved Simple_Uploader_Controller::convert_filename_to_title to
item:convert_filename_to_title
5) Fixed a bug in sending notification emails.
6) Fixed the Organize code to verify that you only have access to your
own tasks. In general, added permission checks to organize which had
pretty much no validation code.
I did my best to verify every feature that I touched.
|
|
|
|
|
|
|
|
FullName"
|
|
We now have two clear and separate login approaches:
login/ajax
login/html
Choose the one that's appropriate. Totally simplified the maintenance
page to be separate from the theme and dead simple, and use login/html
approach there. Totally simplified the top level login
(login_page.html.php) to just be a login page, not the rest of the
chrome on the page and use the login/ajax approach there.
Don't use access::required in albums and then catch the exception,
instead use access::can and check the return code.
Improve the text for maintenance mode.
|
|
as the Modify profile and logout links.
|
|
|
|
- And refactor printf to our string interpolation / pluralization syntax
- Also, a slight change to the translations_incomings table, using binary(16) instead of char(32) as message key.
|
|
avatar. Sidebar block display white space updates. Combined gLoginMenu and gCredits css.
|
|
1) drop unnecessary semicolon
2) start with <?php for extra security in the case that the server itself doesn't
have short_tags enabled (the app won't work, but we need to make sure that we're
still secure)
|
|
communicate. Almost all controllers now use JSON to speak to the
theme when we're dealing with form processing. This means tht we only
send the form back and forth, but we use a JSON protocol to tell the
browser success/error status as well as the location of any newly
created resources, or where the browser should redirect the user.
Lots of small changes:
1) Admin -> Edit Profile is gone. Instead I fixed the "Modify Profile" link
in the top right corner to be a modal dialog
2) We use json_encode everywhere. No more Atom/XML for now. We can bring those
back later, though. For now there's a lot of code duplication but that'll be
easy to clean up.
3) REST_Controller is no longer abstract. All methods its subclasses should create
throw exceptions, which means that subclasses don't have to implement stubs for
those methods.
4) New pattern: helper method get_add_form calls take an Item_Model,
not an id since we have to load the Item_Model in the controller
anyway to check permissions.
5) User/Groups REST resources are separate from User/Group in the site
admin. They do different things, we should avoid confusing overlap.
|
|
|
|
context of dialog display (don't show legends, fieldset border, or submit button).
Let's make sure that all forms generated are complete and well formed and then use JS and CSS to control their display and behavior in different contexts.
|
|
errors don't display on first failed attempt, will fix later. Moved jquery js, images, css out to respective folders.
|
|
other functionality. This makes our user/group and access code
fully consistent.
|
|
specific form IDs that can be styled differently depending on which container they appear. Added gDescription class, dropped gUnderState for semantics. CSS cleanup.
|
|
|
|
user login form. Added gHide, gShowBlock, gShowInline, gClose classes to handle show and hide functions. Half-baked idea which will need refinement.
|
|
|
|
* Remove user registration link and popup from the theme; this
shouldn't be done in a popup. Use ajaxform to simplify the way
that we load the login popup.
* Create form.html.php, this is a template for Forge based forms.
* Move user validation rules into User_Model and let forms
populate the rules into their forms as useful.
* Undo r18688's changes regarding the REST code. We should never
accept a null resource, this breaks the REST abstraction.
* Change login and user controllers to use Forge which lets us delete
login.html.php and user.html.php since those now are generated by
the theme-owned form template
|
|
generate the post data
|
|
|
|
|
|
.gInline for forms like login, search, tags. Updated comment, login, search, and tagging forms. All form styles live in screen.css now. Still a lot to do, but this is a good foundation.
|
|
html for the login form is retrieve via an ajax call when the user clicks on login. Can't login with a valid id yet, but you certainly get error messages when things are wrong :-)
|
|
|
|
|
|
|
|
login link in the header wil open up a login box like the mockup
|
