gallery3.git - A clone of the Gallery3 code for testing and development.

Age	Commit message (Collapse)	Author
2010-02-19	Merge branch 'master' of git@github.com:gallery/gallery3	Tim Almdal

2010-02-19	Correct the view_fillsize permission to view_full. In addition, change the ↵	Tim Almdal
	name of the field containing the url to the fullsize image to file_url instead of fullzie_url
2010-02-19	Refactor away the "display_all" construct in User_Profile_Controller.	Bharat Mediratta
	"display_all" is too coarse, and we should be letting event handlers make the appropriate decision on what to display and when. This duplicates some code, but it's now very clear in the event handlers what's getting shown. Throw a 404 if we try to view the user profile for a missing user. The only feature change in this should be that we now display the name, full name and website for a user to any other registered user, which makes sense since these are typically public fields. Don't show any of the edit buttons unless identity::is_writable()
2010-02-19	Add spaces around %name in the "create a file" text so that	Bharat Mediratta
	double-clicking the token only selects that one word, not the word on the line before (which happens on Chrome/Linux)
2010-02-18	Merge branch 'master' of github.com:gallery/gallery3	Chad Kieffer

2010-02-18	First pass at user profile formatting updates. Moved buttons to the top, ↵	Chad Kieffer
	simplified HTML and CSS.
2010-02-18	Merge branch 'master' of github.com:gallery/gallery3	Chad Kieffer

2010-02-18	Don't need 'right' class here. Positioning is absolute to the right.	Chad Kieffer

2010-02-18	Fix for tickets #1024 and #1025: Fix formatting of album tree list in the ↵	Andy Staudacher
	organize dialog, and (magically) drag and drop move to another album works as well again. Tested in FF3.5, Chrome5 on Ubuntu Linux.
2010-02-18	Restore the user_profile.php change from reverted	Bharat Mediratta
	409121942590e12692eaf4e6e9e8b71bfe5ed60c that had this comment in the change: "Also fixed a UI bug: No longer showing the edit user buttons to admins in the profile view (to be consistent with the requirements in the controller)."
2010-02-18	Restore the gallery_installer change from reverted ↵	Bharat Mediratta
	dcddc68f58dac2f0fe71f5a00ea4af32618efa13 that casts $powered_by_string from SafeString to string.
2010-02-18	Revert "Fix for ticket #491: Make user and group names translatable."	Bharat Mediratta
	This reverts commit 409121942590e12692eaf4e6e9e8b71bfe5ed60c.
2010-02-18	Revert "Never assign a SafeString instance to a Model member (or hell will ↵	Bharat Mediratta
	break loose)." This reverts commit dcddc68f58dac2f0fe71f5a00ea4af32618efa13.
2010-02-18	Revert "Fix for ticket #1017: Handle the common case of t(html::clean($var)) ↵	Bharat Mediratta
	by casting SafeString instances to string in translate()." This reverts commit 4ca55a90ee2f8e1d8595b0ec53a601d6c65475f6.
2010-02-18	Fix for tickets #1024 and #1025: Fix formatting of album tree list in the ↵	Andy Staudacher
	organize dialog, and (magically) drag and drop move to another album works as well again. Tested in FF3.5, Chrome5 on Ubuntu Linux.
2010-02-18	Improve setlocale() call, using some of G2's locale fallback code to match ↵	Andy Staudacher
	the platform's locale names.
2010-02-18	Improve setlocale() call, using some of G2's locale fallback code to match ↵	Andy Staudacher
	the platform's locale names.
2010-02-16	Fix for ticket #1017: Handle the common case of t(html::clean($var)) by ↵	Andy Staudacher
	casting SafeString instances to string in translate().
2010-02-16	Fix for ticket #1020: Fix RSS feed validation of album / recent items feeds.	Andy Staudacher

2010-02-15	Put focus on password field in reauthenticate dialog.	Andy Staudacher

2010-02-15	Update of reviewed XSS audit data.	Andy Staudacher

2010-02-15	Input sanitization	Andy Staudacher

2010-02-15	Never assign a SafeString instance to a Model member (or hell will break loose).	Andy Staudacher

2010-02-15	return the absolute url not the relative for the full size, resize and thumb ↵	Tim Almdal
	images.
2010-02-14	Fix for ticket #491: Make user and group names translatable.	Andy Staudacher
	Also fixed a UI bug: No longer showing the edit user buttons to admins in the profile view (to be consistent with the requirements in the controller).
2010-02-14	Fix for ticket 901: Wrap Gallery version string into bdo tag to override the ↵	Andy Staudacher
	BiDi algorithm. Also, properly marking the "Powere by" string for translation. See: http://www.w3.org/International/tutorials/bidi-xhtml/#Slide0420
2010-02-14	Need to allow access to ::change_provider for CLI, to make packager work.	Andy Staudacher

2010-02-14	Enable session expiration. Currently, it's set to expire sessions after 7 ↵	Andy Staudacher
	days of inactivity.
2010-02-14	Minor security tightening of IdentityProvider::change_provider().	Andy Staudacher

2010-02-14	Create an items REST collection requests that accepts a list of resource ↵	Tim Almdal
	urls and returns the items associated with them.
2010-02-14	Remove the dirty flags from the information returned from the rest request ↵	Tim Almdal
	for an item. In addition, add links to the images.
2010-02-14	If the return object is empty still return the empty object in the json ↵	Tim Almdal
	response.
2010-02-14	Change JavaScript reauthentication check to check via XHR.	Andy Staudacher
	Benefit: Getting the real deadline this way, not interfering with an ongoing maintenance task.
2010-02-14	HTML validation, avoid empty <ul>	Andy Staudacher

2010-02-14	HTML validation fix (<script>)	Andy Staudacher

2010-02-14	Some HTML validation fixes (don't render empty <ul> lists, empty id ↵	Andy Staudacher
	attributes, use & not &)
2010-02-14	For consistency, use straight Kohana_404_Exception instead of the event system.	Andy Staudacher

2010-02-12	Tighten up the text.	Bharat Mediratta

2010-02-12	Fix for tickets 1009 and 603: Show a themed error page to guests / ↵	Andy Staudacher
	registered users (not to admins though). And show a login form to guests for 404 (incl. insufficient view permissions) errors.
2010-02-12	Revert "1) Add a depth parameter to retrieving an item thru the rest api"	Bharat Mediratta
	This reverts commit 3439671bcfb99c1884285e4b4e53295f044e688f.
2010-02-12	1) Add a depth parameter to retrieving an item thru the rest api	Tim Almdal
	2) Standardize the structure of members so that client programs can consistently parse the return information. 3) Added a summary parameter so that client programs can easily determine if the information returned is summary (item type, item title) or the full meal deal
2010-02-11	Get rid of unnecessary view file.	Andy Staudacher

2010-02-11	Include user name in logging message for failed password reset. As Bharat ↵	Andy Staudacher
	points out, t() ensures that parameters are escaped for XSS.
2010-02-11	Security: Fix leaking of album / photo names. Reject previous fix for ticket ↵	Andy Staudacher
	1009. Side effect: Renaming auth::required_login() to login_page().
2010-02-11	Fix for ticket 1010: Don't leak valid user names in "forgot password" form.	Andy Staudacher
	Includes fixes for user forms as well (edit user / email / password).
2010-02-11	Use the admin/users/edit_user_form version of the user editing form	Bharat Mediratta
	right after initial install so that we're not requiring the user to re-enter the auto-generated password to change their password and email. Fixes ticket #1007
2010-02-10	Merge branch 'master' of github.com:gallery/gallery3	Bharat Mediratta

2010-02-10	Refactor the code to display the login page if the user does not have view	Tim Almdal
	permission into the common auth::require_login() method.
2010-02-10	If the user does not have permission to view the album, photo or movie, redirect	Tim Almdal
	to a logon page to allow the user to login. Pass the target url as a session variable to allow the user to be redirected where they want to go if the login was successful. Fixes ticket #1009.
2010-02-10	Use the helper ulr:current instead of manually creating the continue url.	Tim Almdal