| Age | Commit message (Collapse) | Author |
|---|
|
to reflect this move. Not completely moved yet, but the git st is rather large so lets commit this now as a base for the cleanup.
|
|
|
|
string delimiters)
|
|
|
|
instead of SafeString directly.
|
|
Conflicts:
modules/akismet/views/admin_akismet.html.php
modules/comment/helpers/comment_rss.php
modules/gallery/helpers/gallery_rss.php
modules/gallery/libraries/I18n.php
modules/gallery/views/permissions_browse.html.php
modules/gallery/views/simple_uploader.html.php
modules/info/views/info_block.html.php
modules/organize/controllers/organize.php
modules/organize/views/organize.html.php
modules/organize/views/organize_album.html.php
themes/default/views/album.html.php
themes/default/views/movie.html.php
themes/default/views/photo.html.php
|
|
Xss: Rename UNKNOWN back to DIRTY, JS_XSS to DIRTY_JS.
(using a different flag value to highlight potential XSS vectors in JS)
|
|
SafeString::purify().
Removing any p::clean() calls for arguments to t() and t2() since their args are wrapped in a SafeString anyway.
|
|
1) move creating the "Add a comment" button into the comments.html.php
2) use $.get() to retrieve the comment add form
|
|
and album covers in the context menu.
Notes:
- This requires context_menu() to have a CSS selector that refers to the
<img> that we're operating on, otherwise we don't know how to find the
thumbnail, etc.
- Create Menu_Element_Ajax_Link which has an ajax_handler attribute
that contains a snippet of JS that we're going to run when the ajax
call returns.
- Add $.gallery_replace_image in gallery.common.js
- Add lib/gallery.ajax.js which can be used to ajaxify any link, and have
ui.init.js in the themes call that on all .gAjaxLink elements.
|
|
Conflicts:
themes/default/js/ui.init.js
|
|
and have some basic namespacing:
showMessage --> gallery_show_message
vAlign --> gallery_valign
showLoading --> gallery_show_loading
Convert gallery.show_full_size.js to be a jQuery function and give it a namespace:
show_full_size --> gallery_show_full_size
|
|
|
|
item::description. In addition add p::clean or p::purify to places that
xss cleaning had missed (i.e. rss feeds)
|
|
approach using html::specialchars and purify uses HTMLPurifier to intelligently
cleanse the output fields. Use purifier for text and title fields where it is
likely that a user would enter html to format their data.
|
|
|
|
available to themes that want to use it. It should probably
eventually be generalized away from just being for full sized images,
but it's a step in the right direction.
Fixes ticket #427.
|
|
so that right clicking works.
Turn the full size rendering code into a function and call it with
arguments, instead of creating a hacky named data structure to hold
the info.
Further partial fixes for ticket #427.
|
|
Partial fix for ticket #427.
|
|
|
|
|
|
|
|
|
|
that we might want it to appear more than once in views.
|
|
image. There's no security hole here, it's just a bad user
experience.
|
|
we use in albums
|
|
|
|
debugging
|
|
100%. Think this is a jQuery UI CSS issue and I haven't figured out an override for it yet.
|
|
layout.
|
|
|
|
link.
|
|
|
|
an abstraction for when we add movie support.
|
|
classes to newly added span classes in the pager templates directly, will likely move these out and apply through ui.init.js later.
|
|
- And refactor printf to our string interpolation / pluralization syntax
- Also, a slight change to the translations_incomings table, using binary(16) instead of char(32) as message key.
|
|
back to below the photo.
|
|
1) drop unnecessary semicolon
2) start with <?php for extra security in the case that the server itself doesn't
have short_tags enabled (the app won't work, but we need to make sure that we're
still secure)
|
|
next/prev sib if one didn't exist. (that's what we were supposed to
be doing in the first place, anyway)
|
|
|
|
grotty looking stuff in themes.
|
|
interface.
|
|
1) Deleted in-place-editing. We'll be replacing this with a real edit
system that groups settings together and is more coherent.
2) Tweaked the way that dialog boxes work to get the ajax stuff working
again. It's imperfect and does not work properly for uploading images.
This is going to get redone also, but this is a good resting point.
3) Created edit forms for albums and photos. Moved _update and _create out
of Items_Controller and into the individual subclasses.
4) Created access::required which is a shorthand for:
if (!access::can(...)) {
access::forbidden();
}
5) Added validation rules to Items_Model
6) Converted login to use the regular modal dialog approach in the theme.
|
|
|
|
|
|
search to header_top. Reduced borders. Started album grid improvements. Minor white space improvements. Still need to handle text/photo alignment in album grid, improve placement of search.
|
|
site menu
|
|
Updated album/item view icons.
|
|
|
|
|
