item::move(source, target) helper when the parent member has changed.
Using the move method insures that names and slugs that could conflict
in the target album are resolved properly. Changed the item::move
method so it returns a message to be displayed if the caller chooses.
And changed the move controller to display the message returned by the
move if the item name was renamed as part of the move."
Rolling this back for a couple of reasons:
1) Bug in move.php ("message.info" is not a function name)
2) Having the message come back from the API call as a side-effect is
sloppy. We should find a cleaner way to do this checking.
3) having item::move() call save() on any changed values in the ORM
is counter-intuitive. Move should move, save should save.
I think the right approach here is to roll the move() code properly into
save().
This reverts commit 2492280cc0.
method, which encapsulates saving an item and handling name and slug
conflicts. Call this instead of doing a save directly."
Rolled this back because it fails KISS. We already have an API for
saving models with Item_Model::save() that's consistent with all of
our other model code. Adding a new way to save items is confusing and
inconsistent.
This reverts commit 9504f71efc.
we specify the continue_url in the session, but we store it in the
login form so that we can propagate it across the session creation
that happens at login time.
it requires us to reproduce a bunch of complex routing logic.
Instead, just have the logout link generating code generate a link
that's visible to guests.
TODO: Set $view->page_title in the many admin controllers we have. I just set it for admin_maintenance.php to show how it's intended to be used. I copied the title from views/admin_maintenance.html.php to the controller.
Until now, we loaded hundreds of translation messages row by row, and unserializing one by one at bootstrap time. That amounted to a significant percentage of the complete request time. This approach is more than 10x faster.
"display_all" is too coarse, and we should be letting event handlers
make the appropriate decision on what to display and when. This
duplicates some code, but it's now very clear in the event handlers
what's getting shown.
Throw a 404 if we try to view the user profile for a missing user.
The only feature change in this should be that we now display the
name, full name and website for a user to any other registered user,
which makes sense since these are typically public fields.
Don't show any of the edit buttons unless identity::is_writable()
to a logon page to allow the user to login. Pass the target url as a session
variable to allow the user to be redirected where they want to go if the login
was successful. Fixes ticket #1009.
populate the action buttons and other content such as the list of scheduled
tasks."
Leaving this api out of RC1.
This reverts commit 19fee6b5e4.
Conflicts:
modules/gallery/views/admin_maintenance.html.php
Also renaming auth::validate_too_many_failed_password_changes to validate_too_many_failed_auth_attempts since it's used in this generalized way in 3 places now.
separate from a successful or failed login.
1) Rename user_login_failed event to user_authenticate_failed
2) Rename failed_logins table to failed_auth (bump Gallery module to
v27 to rename the table)
3) auth::too_many_failed_logins -> auth::too_many_failures
4) auth::record_failed_auth_attempts -> auth::record_failed_attempts
auth::clear_failed_auth_attempts -> auth::clear_failed_attempts
mostly issues around uninitialized variables, calling non-static
functions in a static context, calling Session functions directly
instead of on its singleton, passing non-variables by reference, and
subclasses not using the same interface as the parent class.
in the version 24 upgrade code.
Update packager to serialize files so that we can serialize the new
.htaccess files
Update init_var.php to include the newly serialized .htaccess files.
Fixes ticket #587.
