- 01 May, 2016 2 commits
-
-
Robert Lyon authored
* changes: bug 1555407 - Fixed overlapping carousel in collapsible block bug 1570667 - Fixed carousel styles - chevrons are now on the sides of the image - caption is below the image instead of on top Bug 1530606 - Styled First and last button on carousel block
-
Change-Id: Ia4ebd5bf2b3bdb8b75530ff58826e74794aa9f68 (cherry picked from commit 9551080b)
-
- 29 Apr, 2016 1 commit
-
-
Robert Lyon authored
-
- 28 Apr, 2016 5 commits
-
-
behatnotneeded Change-Id: I105728bdc5ed9c500e86efc99965c3936e543f17
-
- chevrons are now on the sides of the image - caption is below the image instead of on top behatnotneeded Change-Id: I145a81fd06ae92580a541dd3ade55fcd6ab1d000
-
behatnotneeded Change-Id: If377cc507a3ee524ffe28d72b87c3f906a045812 (cherry picked from commit 0ebe822b)
-
To avoid lines in error log Behatnotneeded Change-Id: I7024d0c1aa764d27c7d3a03dc8c01ae2e6031562 Signed-off-by:
Robert Lyon <robertl@catalyst.net.nz> (cherry picked from commit f600592d) (cherry picked from commit 865fa5b1)
-
behatnotneeded Change-Id: I1aa52a076843ff0dc4dcaf86a01e76b9673885b5 Signed-off-by:
Robert Lyon <robertl@catalyst.net.nz> (cherry picked from commit 0a6860a9)
-
- 26 Apr, 2016 1 commit
- 23 Apr, 2016 1 commit
-
-
Robert Lyon authored
behatnotneeded - unable to test other languages Change-Id: I417b1b1bd8fd8dcddcd1c7277d2da83d2c3c6f8e Signed-off-by:
Robert Lyon <robertl@catalyst.net.nz> (cherry picked from commit 8d58e3a6)
-
- 22 Apr, 2016 1 commit
-
-
Robert Lyon authored
In other places we check the LOWER(username) but for some reason in find_by_username() we don't. We should do it here as well for consistency. behatnotneeded Change-Id: Ie692aeace0c8aa2f6989683e094ac6625f153b98 Signed-off-by:
Robert Lyon <robertl@catalyst.net.nz> (cherry picked from commit fb330e38)
-
- 21 Apr, 2016 5 commits
-
-
Robert Lyon authored
-
Robert Lyon authored
-
Rather than having an increasing list of specific parameters that we know to have passwords, this patch censors the content of any parameter with a name that contains the string "password" or "pw". behatnotneeded: Can't test with Behat Change-Id: Ifaa2ec10cf749c173b1a8d0928c6cc052124a83f (cherry picked from commit ae452377)
-
When looping through all auth to see if a user can login behatnotneeded Change-Id: I51693fac3c650ff529ccfc98586c50f4d185f591 Signed-off-by:
Robert Lyon <robertl@catalyst.net.nz> (cherry picked from commit 4993ce1c)
-
Aaron Wells authored
We have existing code that tries to regenerate your session ID when you log in. But it stopped working in PHP 15.04 because the session has usually been closed when it gets called. Change-Id: I5f99cdf355892040866bb0113fd934e3d37bf33c behatnotneeded: Can't be tested by behat (cherry picked from commit a923f51b)
-
- 20 Apr, 2016 2 commits
-
-
Bug 1570744: Accidentally used set_cookie() instead of setcookie(). This makes the cookie break if you use the $cfg->cookieprefix setting. behatnotneeded: Covered by existing tests Change-Id: Idec3676222e3ff4eb22f7925de6bec10cfa35755
-
This patch does 2 things: 1. It loads the session much earlier during init.php. We wind up creating one on *every* script load anyway, due to LiveUser's constructor. Sometimes it gets created earlier if other code tries to use it before then, which adds some unpredictability to things. Moving it up to the top of init.php reduces that unpredictability. 2. It turns out that in PHP 5.3, using header_remove('Set-Cookie') to only doesn't remove session headers. But header_remove() (with no params) to remove *all* cookies does remove them. So I'm changing remove_duplicate_cookies() to use that instead. 3. Also in PHP 5.3, session headers are visible in headers_list(). In situations where your session id changes (due to session_destroy() and session_regenerate_id()), our use of array_unique() meant we would preserve the old and new session IDs and send both back to the browser. This patch makes remove_duplicate_cookies() aware of the current session ID, and it only preserves that one. Change-Id: I7a90b8692a5f97429415aa9a17451a44cd2109dd behatnotneeded: Covered by existing tests (cherry picked from commit 83ec33f2)
-
- 19 Apr, 2016 2 commits
-
-
Bug 1571421: In the exists-subquery the join-condition contains a reference to an outer table alias, which is not supported in MySql (though it seems to work in Postgres). This leads to a "site unavailable" e.g. when searching on the "shared with me" page. The solution is to move the condition into the WHERE-part. This might actually improve performance because it allows the database engine to precalculate the join one single time and reuse it for each Exists-subquery behatnotneeded Change-Id: I5097154d939bf7ddba01d5845af7e8cbb42681b8 Signed-off-by:
Tobias Zeuch <tobias.zeuch@rwth-aachen.de> (cherry picked from commit 65c21985)
- 15 Apr, 2016 2 commits
-
-
Robert Lyon authored
behatnotneeded Change-Id: Id81a439cf2166ed04663099331540e579feec13c Signed-off-by:
Robert Lyon <robertl@catalyst.net.nz> (cherry picked from commit 3b193503) (cherry picked from commit 62744917)
- 13 Apr, 2016 1 commit
-
-
This setting kills your Mahara session whenever you navigate to Mahara from a link or redirect on another page. This totally prevents SAML and other redirect-based auth methods from working, makes it annoying to use links in email, and while it is mentioned on the PHP manual's "Securing Sessions" page, it's only recommended there if you also have "session.use_trans_id" enabled, which we do not. Change-Id: I8b3b14bae8043c5004cc8f36766f2db9422eac1c behatnotneeded: Can't be tested by behat (cherry picked from commit 91807920)
-
- 11 Apr, 2016 3 commits
-
-
Robert Lyon authored
-
behatnotneeded Change-Id: Iffe40a00d119efca936a40500b762a625e5f348a
-
Allowing the select button to appear on group/institution places behatnotneeded Change-Id: Ie58ff61b915753c2de5e9f60cf8d17b345b0b6e4
-
- 07 Apr, 2016 1 commit
-
-
Bug 1566127 Change-Id: I8e249a93fbff7c3bf914099e53f1f29068a36a15 behatnotneeded: Covered by existing tests (cherry picked from commit d5aef398)
-
- 05 Apr, 2016 1 commit
-
-
Aaron Wells authored
Change-Id: I2bea376b7d403171a306c31fdc69e26a4aa1644b
-
- 31 Mar, 2016 2 commits
-
-
When there is no 'replayall' footer link present behatnotneeded Change-Id: Ifa1f2a3487c8ab568a8465a48b87fd817c7e1a07 (cherry picked from commit 2a357b58)
-
behatnotneeded: Changes on database columns types only. Change-Id: I0e80fe7b4ca7552c854f3496db6496e984bbdd53
-
- 30 Mar, 2016 2 commits
-
-
see more at http://php.net/manual/en/session.security.php behatnotneeded Change-Id: I70b427daa1ee29c233339ba245f56a02c1a8b3a5 (cherry picked from commit 38bfb5cf)
-
Robert Lyon authored
* changes: Move WebService "markTestSkipped" to setup (Bug 1515473) Call parent::setUp() in WebServiceTestBase (Bug 1515473)
-
- 28 Mar, 2016 1 commit
-
-
Robert Lyon authored
-
- 23 Mar, 2016 7 commits
-
-
Aaron Wells authored
Signed-off-by:
Aaron Wells <aaronw@catalyst.net.nz>
-
Aaron Wells authored
Signed-off-by:
Aaron Wells <aaronw@catalyst.net.nz>
-
It got merged before I noticed the comment about needing a behat test Change-Id: I1fd5bbdd88bc88cbde17992b9d7c9709f44b8e6f Signed-off-by:
Robert Lyon <robertl@catalyst.net.nz> (cherry picked from commit d78df1b8)
-
Robert Lyon authored
behatnotneeded Change-Id: Ie1b754da7d1cd1beaeadc0579890639e7d2623b7 Signed-off-by:
Robert Lyon <robertl@catalyst.net.nz> (cherry picked from commit d846632a)
-
Aaron Wells authored
Bug 1558361 behatnotneeded Change-Id: Ic7186f35eb38cf79e76dcd8347df18178ccc5a32
-
Aaron Wells authored
behatnotneeded - should be covered by existing tests Change-Id: Ia4592c9bd261c978dc911999e81f906fa0b13450
-
Aaron Wells authored
Also setting the note block's form change checker state to "dirty" by default, so that users will get a warning before navigating away to the other page. Change-Id: I20f586781df63e942a7a1c82e5e74fd5214c233f
-