| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2010-12-15 | Follow on to 1057436b7c483c60b3c128fab993a3b78fac7093 -- cache the | Bharat Mediratta | |
| users and groups as an array so that multiple calls will not call ORM_Iterator->current() repeatedly. | |||
| 2010-12-15 | Cache the result of User_Model::groups() and Group_Model::users() and | Bharat Mediratta | |
| invalidate it on save/delete for efficiency. Fixes #1529. | |||
| 2010-12-15 | Consolidate all the random code into a random helper that offers: | Bharat Mediratta | |
| random::hash() random::string() random::percent() random::int() So that we don't have lots of different ways to get random values all over the code. Follow-on to #1527. | |||
| 2010-10-25 | All modules should be named Xxx_Core for extensibility. Fixes #1458. | Bharat Mediratta | |
| 2010-09-22 | Remove the 4 character minimum for group name length. Fixes ticket #1396. | Bharat Mediratta | |
| 2010-09-14 | The full_name field is required to be NOT NULL. Not really sure why | Bharat Mediratta | |
| this is a hard requirement, but for now in User_Model::save() let's use the empty string if the field itself is null. Fixes ticket #1371. | |||
| 2010-09-11 | Implement IdentityProvider_Gallery_Driver::admin_user() properly such | Bharat Mediratta | |
| that it's not hardcoded to return the user with id 2. Create user::admin_user() which finds an appropriate admin and returns it. Fixes #1358. | |||
| 2010-09-10 | Transfer deleted files to the active user. Or at least say that's what ↵ | Bharat Mediratta | |
| we're going to do, we actually transfer them to one of the admins | |||
| 2010-09-08 | Show the number of photos/albums the user owns in the Admin > Users | Bharat Mediratta | |
| page, and improve the message to explain what's going to happen to the deleted user's items. Partial fix for #1344, which I can't reproduce now. | |||
| 2010-09-06 | Fix some broken identity APIs: | Bharat Mediratta | |
| - add_user_to_group and remove_user_from_group should take Group_Definition instances to be consistent - add_user_to_group and remove_user_from_group in drivers/IdentityProvider.php should not be static | |||
| 2010-08-15 | We use UTF-8 everywhere. Fixes ticket #1285. | Bharat Mediratta | |
| 2010-08-08 | Whitespace fix | Bharat Mediratta | |
| 2010-08-08 | Convert tabs to spaces to fix File_Structure_Test. | Bharat Mediratta | |
| 2010-08-01 | Fix the i18n error message for missing/incorrect password. Fixes ticket #1265. | Bharat Mediratta | |
| 2010-08-01 | Merge branch 'dialog' of github.com:gallery/gallery3 into dialog | Tim Almdal | |
| 2010-08-01 | Merge branch 'master' into dialog | Tim Almdal | |
| 2010-08-01 | Add a localized error message for missing usernames. Fixes ticket #1266. | Bharat Mediratta | |
| 2010-07-31 | Full pass over all the JSON encoding and JS dialog code. We now abide | Bharat Mediratta | |
| by the following rules: 1) An initial dialog or panel load can take either HTML or JSON, but the mime type must accurately reflect its payload. 2) dialog form submits can handle a pure HTML response, but the mime type must also be correct. This properly resolves the problem where the reauth code gets a JSON response first from the reauth code, and then an HTML response when you reauth and continue on to a given form -- try it out with Admin > Settings > Advanced. 3) All JSON replies must set the mime type correctly. The json::reply convenience function does this for us. 4) By default, any HTML content sent back in the JSON response should be in the "html" field, no longer the "form" field. The combination of these allows us to stop doing boilerplate code like this in our controllers: // Print our view, JSON encoded json::reply(array("form" => (string) $view)); instead, controllers can just return HTML, eg: // Print our view print $view; That's much more intuitive for developers. | |||
| 2010-07-31 | More patches as part of #1225. Change the 'core' modules to use the json::reply | Tim Almdal | |
| method to set the content type header and encode the response as a json object | |||
| 2010-07-31 | Partial fix for #1225 addresses the issues with the user edit forms. | Tim Almdal | |
| 2010-07-23 | More patches as part of #1225. Change the 'core' modules to use the json::reply | Tim Almdal | |
| method to set the content type header and encode the response as a json object | |||
| 2010-07-23 | Partial fix for #1225 addresses the issues with the user edit forms. | Tim Almdal | |
| 2010-07-20 | Show the old group name in the error message when we fail to modify a group. ↵ | Bharat Mediratta | |
| Fixes ticket #1233. | |||
| 2010-07-20 | Fix a bunch of missing or invalid error messages. Fixes ticket #1232. | Bharat Mediratta | |
| 2010-07-20 | Add internationalized error messages for adding and editing groups. | Bharat Mediratta | |
| 2010-07-06 | Fix for ticket #1181. Use $.getJSON to retrieve the json contents of the ↵ | Tim Almdal | |
| dialog. Convert all the controllers that create the data to go into a dialog to return the html as part of a json object. | |||
| 2010-06-15 | Removed self-closing slash from opening <li> tag. | ckieffer | |
| 2010-04-30 | Add page_title to admin views. Closes #1038. | ckieffer | |
| 2010-04-17 | Change the key for invalid passwords from "invalid" to | Bharat Mediratta | |
| "invalid_password" to remove ambiguity. | |||
| 2010-04-17 | Add user::valid_username() as a validation helper. | Bharat Mediratta | |
| 2010-03-03 | Update the copyright to 2010. It's only 3 months into the year :-) | Bharat Mediratta | |
| 2010-02-27 | Fix for ticket #1037: Only show language drop-down when there's actually a ↵ | Andy Staudacher | |
| choice. | |||
| 2010-02-27 | Add more randomness to reset password mechanism. | Andy Staudacher | |
| 2010-02-20 | Add link to edit user group names. Closes ticket #1028. | Chad Kieffer | |
| 2010-02-18 | Revert "Fix for ticket #491: Make user and group names translatable." | Bharat Mediratta | |
| This reverts commit 409121942590e12692eaf4e6e9e8b71bfe5ed60c. | |||
| 2010-02-18 | Revert "Never assign a SafeString instance to a Model member (or hell will ↵ | Bharat Mediratta | |
| break loose)." This reverts commit dcddc68f58dac2f0fe71f5a00ea4af32618efa13. | |||
| 2010-02-15 | Never assign a SafeString instance to a Model member (or hell will break loose). | Andy Staudacher | |
| 2010-02-14 | Fix for ticket #491: Make user and group names translatable. | Andy Staudacher | |
| Also fixed a UI bug: No longer showing the edit user buttons to admins in the profile view (to be consistent with the requirements in the controller). | |||
| 2010-02-11 | Get rid of unnecessary view file. | Andy Staudacher | |
| 2010-02-11 | Include user name in logging message for failed password reset. As Bharat ↵ | Andy Staudacher | |
| points out, t() ensures that parameters are escaped for XSS. | |||
| 2010-02-11 | Fix for ticket 1010: Don't leak valid user names in "forgot password" form. | Andy Staudacher | |
| Includes fixes for user forms as well (edit user / email / password). | |||
| 2010-02-09 | Fix password reset confirmation | Andy Staudacher | |
| 2010-02-07 | Last partial fix for ticket 585: Compartmentalize the admin area and require ↵ | Andy Staudacher | |
| active authentication every 20 minutes to access the admin area. Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now. | |||
| 2010-02-07 | Rename user_authenticate_xxx events to user_auth_xxx for brevity. | Bharat Mediratta | |
| 2010-02-07 | Create the concept of a "failed authentication" as semantically | Bharat Mediratta | |
| separate from a successful or failed login. 1) Rename user_login_failed event to user_authenticate_failed 2) Rename failed_logins table to failed_auth (bump Gallery module to v27 to rename the table) 3) auth::too_many_failed_logins -> auth::too_many_failures 4) auth::record_failed_auth_attempts -> auth::record_failed_attempts auth::clear_failed_auth_attempts -> auth::clear_failed_attempts | |||
| 2010-02-06 | Partial fix for ticket 585: Require current password when changing an ↵ | Andy Staudacher | |
| account's email address. Still leaving the user/group admin page wide open though. | |||
| 2010-02-06 | Fix for ticket 1004: Replace all uses of split with explode (none actually ↵ | Andy Staudacher | |
| required regular expressions). Thanks to Brian Hartsock for providing a patch! | |||
| 2010-02-06 | Fix up Admin_Users_Controller() form handling now that user_form.html | Bharat Mediratta | |
| is gone. Fixes ticket #1005. | |||
| 2010-02-02 | Protect password changes against brute force attacks. | Bharat Mediratta | |
| 2010-02-02 | Require the current password to change your password. | Bharat Mediratta | |
| Fixes ticket #585. Separate out the password change form from the regular edit user form. Require the old password to enter a new one. While I'm at it, roll the password strength javascript into a Form_Script element so that we can get rid of the old view (which incidentally fixes a bug where the password strength meter would go away on form errors). | |||
 |
index : gallery3.git | |
| A clone of the Gallery3 code for testing and development. | root |
| summaryrefslogtreecommitdiff |