stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-05-13 07:59:24 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,330 Commits 4 Branches 0 Tags
ad81861c331f60ec8c19ea11e47e2826660fa142
Commit Graph

993 Commits

Author SHA1 Message Date
Bharat Mediratta
ad81861c33 First pass at an XSS security test, along with the "p" helper which 
can clean HTML output.
 2009-05-31 00:11:02 -07:00
Bharat Mediratta
a5670d8d70 gate $can_edit and $can_add on whether or not we have an $item at all 
(fixes a bug where search doesn't render because it has no item).
 2009-05-30 17:14:17 -07:00
tim almdal
f0104ee43b remove scaffolding code 2009-05-29 21:53:49 -07:00
Bharat Mediratta
ce285b8feb Use the relative_path_cache to look up items which should be a faster 
query than using the level + the components.
 2009-05-29 21:23:08 -07:00
Bharat Mediratta
cbec883d8a Don't show "edit permissions" for non-albums. 2009-05-29 20:59:34 -07:00
Bharat Mediratta
60d1bbc2d6 Move credits message into a variable, which can be changed in Admin > 
Settings > Advanced.  It's stored in the variable as an
internationalized string and localized at output time.
 2009-05-29 20:24:42 -07:00
Bharat Mediratta
2925a1c797 Require "add" permission to show the add form. 2009-05-29 17:54:20 -07:00
Bharat Mediratta
381dd0574a Don't show the add photo/album options to users who don't have the 
permission.  This isn't a security hole, since they can't actually add
stuff.. but they can try and fail which is a bad user experience.

Also fix it up so that we show the option menu only if there's stuff
to show, and cache some of the permissions for performance (which I'm
guessing at-- didn't benchmark it).
 2009-05-29 17:53:33 -07:00
Bharat Mediratta
055e0a7dc5 Remove a completed @todo 2009-05-29 17:42:31 -07:00
Bharat Mediratta
34da188e81 Revert test code inserted in 88a3d43ba9 
which showed stack traces to non-admins.
 2009-05-29 17:40:23 -07:00
Bharat Mediratta
b0cb3c7402 Update Kohana to r4374 2009-05-29 12:00:49 -07:00
Bharat Mediratta
356bac0db0 Restore calls to module::load_modules() after install/activate/deactivate/uninstall events. 2009-05-28 21:18:46 -07:00
Bharat Mediratta
c4c70c537d Tweak path slightly 2009-05-28 21:18:31 -07:00
Bharat Mediratta
73f348b29e Protect get() against missing records. 2009-05-28 21:07:47 -07:00
Bharat Mediratta
d088a41747 Load the gallery module in load_modules(), but put it at the end of 
the module list (to match its location in the cascading filesystem)
 2009-05-28 21:00:06 -07:00
Bharat Mediratta
20a2d9f9a8 Reset the cascading file path properly before reinstalling. 2009-05-28 20:59:23 -07:00
Bharat Mediratta
3da5ee2f4c Print out exception traces for most errors 2009-05-28 18:21:39 -07:00
Bharat Mediratta
7fd6fcaf9b Force modules/gallery to be at the end of the module load path, so 
that all other modules can override the core code.
 2009-05-28 17:46:17 -07:00
Bharat Mediratta
1a095fffe5 Prepend all code files we copy from Gallery2 and put into var with our 
code preamble for security.

Update File_Structure_Test::code_files_start_with_preamble_test to
check all the php files in var, too.
 2009-05-28 02:19:53 -07:00
Bharat Mediratta
c8aa9ed440 Update tests to reflect cache-buster param on thumbnail urls. 2009-05-28 01:58:41 -07:00
Bharat Mediratta
534b8525ce Rename Core_Installer_Test -> Gallery_Installer_Test to match the 
change from application -> modules/gallery.
 2009-05-28 01:55:42 -07:00
Bharat Mediratta
6fdc84f5de Get rid of entire gallery2 session id param from the urls that we use to alert 
users about images that failed to import.
 2009-05-28 01:45:39 -07:00
Bharat Mediratta
8d2782ad1d Flush the model cache as appropriate every time we call ORM::save(). 
Fixes ticket #301
 2009-05-28 00:45:00 -07:00
Bharat Mediratta
ebb0761b8d Label the tag input field according to the item type. 
Fixes ticket #176.
 2009-05-28 00:32:24 -07:00
Bharat Mediratta
df51ea7fa4 Fix broken html::script() and url::file() references to the newly 
moved gallery module.
 2009-05-28 00:06:38 -07:00
Bharat Mediratta
1988d77039 Remove unnecessary (and broken) <form/> 2009-05-28 00:06:09 -07:00
Bharat Mediratta
3870892018 Commit an egregious hack to work around the fact that both Gallery 2 
and Gallery 3 have a class named Gallery.  Clone a subset of the
Gallery 2 files and munge them so that we can rename the Galery 2
version to G2_Gallery.

Also, update the disclaimer in Admin > Settings > Gallery 2 Import.
 2009-05-27 22:57:38 -07:00
Bharat Mediratta
24dce5a85d Fix up another place where we were incorrectly referencing the gallery module. 2009-05-27 21:18:09 -07:00
Bharat Mediratta
84ce0cdefd Normalize root update time in the installer 
Rebuild install.sql
 2009-05-27 19:59:54 -07:00
Bharat Mediratta
23884f7968 Fix a typo in the class name 2009-05-27 19:59:34 -07:00
Bharat Mediratta
5e7cc75a29 Convert a few more references of APPPATH to MODPATH/gallery 2009-05-27 16:29:33 -07:00
Bharat Mediratta
28b09a3046 Show the scaffolding link if the controller is around. 2009-05-27 16:23:05 -07:00
Bharat Mediratta
88a3d43ba9 Update all references to the core application to now point to the 
gallery module.  This type of mass update is prone to some small bugs.
 2009-05-27 16:17:29 -07:00
Bharat Mediratta
28b41056e3 Restructure things so that the application is now just another module. 
Kohana makes this type of transition fairly straightforward in that
all controllers/helpers/etc are still located in the cascading
filesystem without any extra effort, except that I've temporarily
added a hack to force modules/gallery into the module path.

Rename what's left of "core" to be "application" so that it conforms
more closely to the Kohana standard (basically, just
application/config/config.php which is the minimal thing that you need
in the application directory)

There's still considerable work left to be done here.
 2009-05-27 15:07:27 -07:00
Bharat Mediratta
cc6cd7e1f3 Regenerate the session id every time through login::_auth() to avoid session trapping. 2009-05-27 01:58:46 -07:00
Bharat Mediratta
0a66ddd2b4 Use a random value for the password reset hash to reduce the chances 
that it can be guessed by an attacker.
 2009-05-27 00:50:24 -07:00
Bharat Mediratta
500685ec73 Updated Forge to r179 2009-05-26 22:28:06 -07:00
Bharat Mediratta
6d1f85463b Update Kohana to r4357 2009-05-26 22:13:38 -07:00
Tim Almdal
908618960b Since organize is now in the preview stage and will probably be 
rewritten by beta2, pull all of its "tenticles" back into itself and
out of core or tags module.
 2009-05-26 14:43:31 +00:00
Bharat Mediratta
7e5e70548b clean up whitespace errors introduced in last commit 2009-05-26 06:01:04 +00:00
Bharat Mediratta
7aed923908 Restructure the module lifecycle. 
Install: <module>_installer::install() is called, any necessary tables
are created.

Activate: <module>_installer::activate() is called.  Module
controllers are routable, helpers are accessible, etc.  The module is
in use.

Deactivate: <module>_installer::deactivate() is called.  Module code
is not accessible or routable.  Module is *not* in use, but its tables
are still around.

Uninstall: <module>_installer::uninstall() is called.  Module is
completely removed from the database.

Admin > Modules will install and activate modules, but will only
deactivate (will NOT uninstall modules).
 2009-05-26 05:28:59 +00:00
Chad Kieffer
2966289b14 Quick fix for ticket #144. Reapply event handler for delete link gDialog when group is refreshed. 2009-05-26 05:05:04 +00:00
Chad Kieffer
94e36344b2 Link to gallery.panel.js from the head, not body. 2009-05-26 05:00:19 +00:00
Chad Kieffer
88e1f02c1a Split out re-used JavaScript for common functions (messages, valign), panel toggle, and forms to external files. 2009-05-26 03:59:35 +00:00
Chad Kieffer
916405bc4b White space fixes 2009-05-26 01:53:18 +00:00
Chad Kieffer
30592cabd2 Changed name to username in user admin form labels 2009-05-25 20:46:19 +00:00
Bharat Mediratta
c0584e1e08 Delete placeholder comments. 2009-05-25 06:12:46 +00:00
Bharat Mediratta
3756c849c4 Use phpass as our hashing mechanism, and check for it first (instead 
of checking G1/G2 techniquew first).
 2009-05-24 06:11:20 +00:00
Tim Almdal
ee0bd765b6 Implement a basic tag management interface with the organize drawer 2009-05-22 16:14:42 +00:00
Tim Almdal
0451351f51 Set a minimum distance (10px) that the cursor has to move inorder for 
the draggable functionality to be activated
 2009-05-22 16:13:37 +00:00