Commits · 254ccc73f71b45fd2eb0eaec93e8df0b8dd73a52 · mahara / mahara

07 Jul, 2010 9 commits
- Reorganise admin nav to include group categories page next to manage groups page · 254ccc73
  Richard Mansfield authored Jul 07, 2010
```
Restore group categories site option form on group categories page
Internationalise a couple of strings on manage groups page
Add manage groups section to admin home page
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  254ccc73
- Added feature to allow site admins to manage group admins + delete groups · 7ff30f84
  Josh Schmidt authored May 25, 2010
  
  7ff30f84
- Fix group category code for renamed column, ensure category is null for uncategorised groups. · 370f3af6
  Richard Mansfield authored Jul 07, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  370f3af6
- Fix IE bug in Manage Groups · 2deaa570
  Richard Mansfield authored Jul 07, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  2deaa570
- Changes to Group Category admin area: · 08749b8b
  Richard Mansfield authored Jul 07, 2010
```
- Move group config options back to site options
- Remove search plugin option & search fieldset
- Move group category management to a group categories page (still to be placed in menu)
- Don't display 'item saved' every time a category is added or edited
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  08749b8b
- groupcat cast var properly Signed-off-by: Dan Marsden <dan@catalyst.net.nz> · 0547639c
  Dan Marsden authored Jun 01, 2010
  
  0547639c
- WR#70652 use normal form so that group categories are reloaded. · 42296cfb
  Dan Marsden authored May 26, 2010
  
  42296cfb
- WR#70652 group category tidy up · bbc5c936
  Dan Marsden authored May 26, 2010
  
  bbc5c936
- First version of Group categories patch · 88ee5414
  Dan Marsden authored May 17, 2010
```
Signed-off-by: Dan Marsden <dan@catalyst.net.nz>
```
  88ee5414
04 Jul, 2010 4 commits
- Check sesskey when adding authinstances with no config form · 8a9bef26
  Richard Mansfield authored Jun 01, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  8a9bef26
- When deleting an institution, show its name on confirmation page · c0d05132
  Richard Mansfield authored Jun 01, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  c0d05132
- Enable auto_escape in header & footer and fix PAGEHEADING var to avoid double escaping · 3769fe88
  Richard Mansfield authored May 25, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  3769fe88
- Turn on auto_escape in more templates · 2795f939
  Richard Mansfield authored May 18, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  2795f939
11 Jun, 2010 4 commits
- Allow admins to disable T&C agreement on register page; disable for new... · f11ed65f
  Richard Mansfield authored Jun 11, 2010
```
Allow admins to disable T&C agreement on register page; disable for new installs due to default T&C text.
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  f11ed65f
- Allow admins to enable/disable footer links · edd88967
  Richard Mansfield authored Jun 11, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  edd88967
- Use 'hidden' class rather than 'invisible' on edit site menu page · 22195310
  Richard Mansfield authored Jun 11, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  22195310
- Close site options fieldsets by default · 01c490ce
  Richard Mansfield authored Jun 11, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  01c490ce
08 Jun, 2010 1 commit
- Close login sessions when closing site · ef2bf4d6
  Richard Mansfield authored Jun 08, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  ef2bf4d6
26 May, 2010 5 commits

Site option to turn off online users block (Bug #548084) · a6f27423

¨Lorena authored May 25, 2010


Signed-off-by: ¨Lorena <lorena.paoletti@gmail.com>
(cherry picked from commit 3fccdaa6ddb13526084b195e7fcf9b8ec12bf01e)

a6f27423

Extra validation for inline parameters (e.g. intval) · a62cb836
Francois Marier authored May 25, 2010
```
Signed-off-by: Francois Marier <francois@catalyst.net.nz>
```
a62cb836
Explicit typecasts to harden these queries · 408afd36
Francois Marier authored May 25, 2010
```
Signed-off-by: Francois Marier <francois@catalyst.net.nz>
```
408afd36

Convert inline parameters to a placeholders · a8129be9

Francois Marier authored May 20, 2010



These parameters were already sanitised.
Signed-off-by: Francois Marier <francois@catalyst.net.nz>

a8129be9

Escape some reserved words · 5295e94a

Francois Marier authored May 20, 2010

(based on http://www.petefreitag.com/tools/sql_reserved_words_checker/

)
Signed-off-by: Francois Marier <francois@catalyst.net.nz>

5295e94a

14 May, 2010 1 commit
- Split admin options into seperate fieldsets · 8c2c43fd
  Josh Schmidt authored May 13, 2010
```
(cherry picked from commit 664d41d66afcf8be768f7e17634c187195e73768)
```
  8c2c43fd
07 May, 2010 1 commit

lib/htmloutput.php: move all HTML output to a single file · 484a4f87

Francois Marier authored May 07, 2010



All HTML output (i.e. all echo/print statements going to the browser) should
now be in this file.

This is so that we can easily review all areas of Mahara where XSS bugs could
hide (other than templates and PHP pieforms).

Note that lib/errors.php echo statements can't be moved here since we want
that file to always work and can't include other code/files.
Signed-off-by: Francois Marier <francois@catalyst.net.nz>

484a4f87

28 Apr, 2010 1 commit

add information about mahara to the index page · ff53e73e

Evan Goldenberg authored Mar 11, 2010



A global admin option allows site administrators to disable the
information entirely, though it is enabled by default for all new and
existing sites.

Users can opt not to show the information, and an account setting is
present if they wish to have it shown again. The information is shown
between the home page text set by the admin, and the user's dashboard
view.
Signed-off-by: Evan Goldenberg <evang@catalyst.net.nz>

ff53e73e

20 Apr, 2010 1 commit
- Put view log file & stats images into subdirectories under dataroot · 50187098
  Richard Mansfield authored Apr 21, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  50187098
19 Apr, 2010 2 commits
- Add pie graphs for view types & group types · 9c1e947c
  Richard Mansfield authored Apr 19, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  9c1e947c
- Add institution members graph · 109f669c
  Richard Mansfield authored Apr 19, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  109f669c
07 Apr, 2010 4 commits

repair some damage done by my really bad merging skills · 79fb1a92
Evan Goldenberg authored Apr 07, 2010
```
Signed-off-by: Evan Goldenberg <evang@catalyst.net.nz>
```
79fb1a92

add pluggable anti spam features for forms · f307844a

Evan Goldenberg authored Mar 01, 2010



This is a pluggable anti-spam infrastructure for protecting forms in
Mahara again spam.

The contact and register forms have been modified to include the
following anti-spam features:
    - hashed field names
    - honey pot (invisible) fields
    - submission time monitoring

Additionally, content checking is provided by the following spam traps:
    - NoneSpamTrap: the base class for other spam traps, does no
      checking on its own
    - SimpleSpamTrap: provides basic checks that don't require an
      internet connection
    - AdvancedSpamTrap: provides better checks that require an internet
      connection, including checking for the existence of mailservers
      and the presence of blacklisted URLs

New spam traps can easily be created by adding a file to lib/antispam
with the name MyTrapNameSpamTrap.php. Added spam traps will be
automatically detected and available for selection in the site options
page.
Signed-off-by: Evan Goldenberg <evang@catalyst.net.nz>

f307844a

remove CAPTCHAs in preparation for new anti-spam features · 8fa27005
Evan Goldenberg authored Feb 25, 2010
```
Signed-off-by: Evan Goldenberg <evang@catalyst.net.nz>
```
8fa27005

Rename LEAP2A to Leap2A · 1d3049d2

Francois Marier authored Apr 07, 2010



The Leap2A specification has rebranded and thus we should reflect that
change in the next Mahara release.

I also updated a few URLs.
Signed-off-by: Francois Marier <francois@catalyst.net.nz>

1d3049d2

30 Mar, 2010 1 commit
- Add site setting to allow anonymous comments · cd45366d
  Richard Mansfield authored Mar 30, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  cd45366d
28 Mar, 2010 1 commit
- Use require_once() not require() in more places where local/lib.php may have already included libs · bd294fdc
  Richard Mansfield authored Mar 29, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  bd294fdc
25 Mar, 2010 1 commit
- Use require_once() not require() in places where local/lib.php may have already included some libs · 95f8ff65
  Richard Mansfield authored Mar 25, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  95f8ff65
18 Mar, 2010 1 commit
- Fix enabling of email on account settings page at admin level · afe3e75c
  Andrew Robert Nicols authored Mar 18, 2010
```
I'd made a call to $user->get when $user is a StdClass object.
Corrected to use $user->email and $user->id
```
  afe3e75c
17 Mar, 2010 2 commits
- Remove old requests for Plotkit.js · 0242b984
  Richard Mansfield authored Mar 18, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  0242b984
- Use Image_Graph not PlotKit for graphs on stats pages · deae9ed5
  Richard Mansfield authored Mar 17, 2010
```
Signed-off-by: Richard Mansfield <richardm@catalyst.net.nz>
```
  deae9ed5
10 Mar, 2010 1 commit

bulkimport: import one user at a time redirecting back to the page each time · e9e1969e

Francois Marier authored Mar 10, 2010



It turns out that the import code assumes that only one user will be imported
at a time and uses static variables in a few places.

By importing only one user per page load and redirecting back to the import
page, we can work-around this problem.
Signed-off-by: Francois Marier <francois@catalyst.net.nz>

e9e1969e