stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-04-10 16:05:21 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
7,776 Commits 4 Branches 0 Tags
master
Commit Graph

22 Commits

Author SHA1 Message Date
Bharat Mediratta
d45a737779 Update copyright to 2013. Fixes #1953. 2013-01-21 01:22:01 -05:00
Bharat Mediratta
bf2bb3e1ea Update copyright to 2012. #1822 2012-02-27 09:48:23 -08:00
Bharat Mediratta
423daa52d5 Update copyright to 2011. 2011-01-21 23:01:06 -08:00
Bharat Mediratta
5892712b23 If the user is not an admin, don't 403 -- instead just redirect them 
to the root album.  Fixes ticket #1356.
 2010-09-10 23:01:47 -07:00
Bharat Mediratta
7607e1f932 Full pass over all the JSON encoding and JS dialog code. We now abide 
by the following rules:

1) An initial dialog or panel load can take either HTML or JSON, but
   the mime type must accurately reflect its payload.

2) dialog form submits can handle a pure HTML response, but the mime
   type must also be correct.  This properly resolves the problem
   where the reauth code gets a JSON response first from the reauth
   code, and then an HTML response when you reauth and continue on to
   a given form -- try it out with Admin > Settings > Advanced.

3) All JSON replies must set the mime type correctly.  The json::reply
   convenience function does this for us.

4) By default, any HTML content sent back in the JSON response should be
   in the "html" field, no longer the "form" field.

The combination of these allows us to stop doing boilerplate code like
this in our controllers:

  // Print our view, JSON encoded
  json::reply(array("form" => (string) $view));

instead, controllers can just return HTML, eg:

  // Print our view
  print $view;

That's much more intuitive for developers.
 2010-07-31 21:16:17 -07:00
Tim Almdal
a6280641f5 Resend the entire dialog content (including the wrapping view) instead of just the form. 2010-07-31 15:44:56 -07:00
Tim Almdal
0c535c85ed Missing the user name on the reauthenticate form. 2010-07-31 15:44:56 -07:00
Tim Almdal
29f29d2261 When the admin controller redirects to the reauthenticate controller, the value of request::is_ajax() from the original request is lost. This patch stores its value in the session so the reauthenticate controller knows whether its in a dialog/panel or not. 2010-07-31 15:44:56 -07:00
Tim Almdal
91a2c04a24 More patches as part of #1225. Change the 'core' modules to use the json::reply 
method to set the content type header and encode the response as a json object
 2010-07-31 15:44:55 -07:00
Bharat Mediratta
583950616e Improve the fix for #1176 to use request::is_ajax() instead of tacking 
on a query param to urls that appear in dialogs.  This keeps things simpler.
 2010-07-16 11:58:13 -07:00
Tim Almdal
993e041274 Remove the code to call the controller directly and just use redirect. Now that all the form calls actually return the form as a json object, calling the form creation controller method i no longer required. 2010-07-15 14:57:43 -07:00
Bharat Mediratta
297f98fcee Fix reauth authentication to use the identity helper instead of the 
user helper directly.  Else it doesn't work with LDAP and other
identity systems.
 2010-07-13 12:52:59 -07:00
Tim Almdal
213807a807 remove debugging statement 2010-07-09 14:59:23 -07:00
Tim Almdal
72f801df7d Only add the 'Successfully re-authenticated' message to the status if the admin page is not displayed in a dialog. 2010-07-08 08:23:08 -07:00
Tim Almdal
9538b3888d Fix for ticket #1176. Have the gallery.dialog code add a g-in-dialog parameter to the url to let the controller know its in a dialog. The reauthenticate controller will format the password prompt as a page or a form content. If authentication is successful, then the original controller is called instead of being redirected to. 2010-07-07 08:58:38 -07:00
Tim Almdal
226d1f7146 Revert "If the admin request originates as a dialog link, don't display the entire page when reauthenticating the administrator. Just put the form in the dialog." 
This reverts commit 8493a3d36f.
 2010-07-05 08:58:36 -07:00
Tim Almdal
8493a3d36f If the admin request originates as a dialog link, don't display the entire page when reauthenticating the administrator. Just put the form in the dialog. 2010-07-05 08:23:17 -07:00
Bharat Mediratta
b61b50604b Push the continue url into the form for consistency with other 
login/continue code.
 2010-06-12 15:09:16 -07:00
Bharat Mediratta
6d81feacae Change the key for invalid passwords from "invalid" to 
"invalid_password" to remove ambiguity.
 2010-04-17 12:28:46 -07:00
Bharat Mediratta
c3c2b45280 Update the copyright to 2010. It's only 3 months into the year :-) 2010-03-03 10:15:34 -08:00
Andy Staudacher
f9d00aa742 Fix for ticket 1008: Redirect to destination after re-auth. 2010-02-08 00:30:36 -08:00
Andy Staudacher
f93528ffab Last partial fix for ticket 585: Compartmentalize the admin area and require active authentication every 20 minutes to access the admin area. 
Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now.
 2010-02-07 15:37:32 -08:00