- 01 Nov, 2011 1 commit
-
-
Melissa Draper authored
Change-Id: I2a2ba2a54de22fb82c36ffd8ca807f7e237ceff1 Signed-off-by:Melissa Draper <melissa@catalyst.net.nz>
-
- 31 Oct, 2011 1 commit
-
-
Francois Marier authored
As described in bug #884223, if an administator is masquerading as another user, they should be prevented from jumping as that other user. Change-Id: Ie07f3b807a61bbbb94c9051fb7c4b8df03d19f24 Signed-off-by:
Andrew Robert Nicols <andrew.nicols@luns.net.uk> Signed-off-by:
Francois Marier <francois@catalyst.net.nz>
-
- 28 Oct, 2011 1 commit
-
-
Hugh Davenport authored
Change-Id: Ieb595b301b6319a5213a4012fe1b8c3a00e16223 Signed-off-by:Hugh Davenport <hugh@catalyst.net.nz>
-
- 27 Oct, 2011 4 commits
-
-
Melissa Draper authored
To deter brute-forcing of passwords (and prevent ensuing DoS attacks), this patch temporarily lock accounts after 5 tries, and every 5 minutes counts above 0 get reset. Change-Id: Iee9739a69b95b906b6f485f7d90041b50968dcc6 Signed-off-by: -
Melissa Draper authored
Add get_string support for the DoB field and descriptions. The strings are strfdateofbirth for the date, and dateofbirthformatguide for the description. Change-Id: I2a5eb8cc7c17bff3a4298bc9776a7439fc4bd1f7 Signed-off-by: -
Richard Mansfield authored
When a plans block is first dropped on a page, the javascript is not loaded and initialised correctly. This commit makes the following changes: - Rewrites the task title links after the callback from getScript - Sets the block's artefactplugin so the js file is found correctly - Removes any onclick from task titles before rewriting (in case there are two plans blocks on a page) - Hides the pagination on first load, as the paginator object is not present at that point. Change-Id: I40a04f66b3b8c2818f660c42b898b97cbdedb1f5 Signed-off-by:Richard Mansfield <richard.mansfield@catalyst.net.nz>
-
Richard Mansfield authored
When fetching & evaluating js files using getScript, there's a time delay, so it's better to pass initialisation js for each block as a callback to getScript, otherwise the js from the file is not always loaded in time. Change-Id: I819f911acb2a729f4cf3c52b06a285a793ba819f Signed-off-by:
-
- 26 Oct, 2011 2 commits
-
-
Richard Mansfield authored
Commit 9496078b overwrote the $js variable in build_configure_form, losing any inline javascript from the form's elements. Change-Id: I541d510134b238789fbcea88512ed12889a2e7ab Signed-off-by:
-
Richard Mansfield authored
Change-Id: I28d09af1c1048363c16b5b29621dacf5b3ce5509 Signed-off-by:
-
- 25 Oct, 2011 5 commits
-
-
Richard Mansfield authored
Change-Id: I699fe4418e2c21ec227feb8fc5a5940f529c8f73 Signed-off-by: -
Richard Mansfield authored
The test for whether a blocktype plugin's js file was internal (and needed a wwwroot added) is case sensitive, and ignored https. Change-Id: Idc81123d0367df739a698ab688b4d4a59e023da0 Signed-off-by: -
Richard Mansfield authored
When running through the list of a user's groups for display in the Share with my groups buttons, a group with a long name can cause another group's button to have the long-named group's short name displayed. The php array pointer is not moved when items are added to the array. Change-Id: If90b63ec721bfbee2b2c1ad2c7d29d855c9ce1f2 Signed-off-by: -
Richard Mansfield authored
When a plans block is first added to the page, the javascript overlay of the task titles was not evaluated. This is fixed by moving javascript functions for the plans block into a new javascript file and pulling the script onto the page with the same method used by the configuration form javascript. A new get_instance_inline_javascript method is added to initialise the block when it's first configured. Change-Id: I148a1e8a667c26fe58b3f915768ada4743718c5b Signed-off-by: -
Richard Mansfield authored
Moving this code into its own function will allow it to be used for block instance rendering javascript as well as the configuration form. Change-Id: I42dba8425a8455aaa9faae19d50414e33c5988db Signed-off-by:
-
- 12 Oct, 2011 9 commits
-
-
Richard Mansfield authored
Change-Id: Iab7aac11915b19d0c3e306949513dfc90e6a82c6 Signed-off-by: -
Richard Mansfield authored
Change-Id: Ib2d1cd9068a48d7f199dd3d056ab52ef93a3d59b Signed-off-by: -
Richard Mansfield authored
Trying to access blocktype/wall/deletepost.php with a bad wallpost id creates a new empty View object, and attempts to commit it to the db when the View destructor is called. This fails with an sql error, and then a PHP Fatal error. Change-Id: I7e462cc4ea6cda0611e432336839d153bbd0a42e Signed-off-by: -
Richard Mansfield authored
This was previously added in commit 80006487 but deleted again by commit 1fec6736 . See bug #597479. Change-Id: If27ac8e9f5c7de0f72fce2c0306e40a046134ab2 Signed-off-by:
-
Richard Mansfield authored
Friend request notifications from deleted users stay in the inbox, and contain a url to the deleted user's profile. We should just delete these notifications, because they're no longer useful. Change-Id: I224197238e3d5ca2f90bd28514a07f6d5d6b9852 Signed-off-by: -
Richard Mansfield authored
The artefact_access_role subselect can return a lot of rows when artefact_access_role is joined to group_member without also going through artefact. Also, the artefact_access_role & artefact_access_usr checks are moved in to subselects in the where clause, because that appears to make the query run faster. Change-Id: Ibba16c8db59213fe4861262a950d628937f5ec13 Signed-off-by: -
Richard Mansfield authored
This seems to speed the query up, probably because there are usually not many files inside the admin public folder. Change-Id: I99a3eff6e4b52e4942f490331d6f2cc48a3a5b0d Signed-off-by: -
Richard Mansfield authored
Change-Id: Ied14a399ba2b5552187784b53ec5b8213979638d Signed-off-by: -
Hugh Davenport authored
Bug #872619 Regression from 79810c3d Basically, a default parameter of null was given, then trim was called, which made it into the string '' which then failed the test is_null in the files it was used. This reorders the functions so that the trim is called after the test to see whether the default should be used. This means that the default value is never trimmed, and can be null. One exception to this, is the param_boolean which doesn't test to see whether it is the default that is returned, so a check is made first to see whether it is null. Change-Id: I66d7253a8414dec7eb3ea67ebd363ea068a32012 Signed-off-by:
-
- 10 Oct, 2011 1 commit
-
-
Richard Mansfield authored
Instead of displaying content inside the editors on these pages, it is useful if the user can see the html content as it would be displayed to someone else. The default on these pages is now to display the various resume fields as html, with an edit button beside each field to open up the editor. Also combines some code to create & submit several similar resume forms into functions in artefact/resume/lib.php Change-Id: I649d7788a7e70dfd5dd3eb1ce648f37a7c057aa0 Signed-off-by:
-
- 09 Oct, 2011 2 commits
-
-
Francois Marier authored
These strings should have been part of d6446942 and can be seen as missing strings on http://mahara.example.com/tags.php Bug #869925 Change-Id: I171bdf6278dd94b477a9f9164e171dfa85b77885 Signed-off-by:
-
Andrew Robert Nicols authored
Change-Id: I2aaf8068fac96725caee93e01b787f13ff8585eb Signed-off-by:
-
- 07 Oct, 2011 1 commit
-
-
Francois Marier authored
Thanks to Melissa Newman for the fix. Change-Id: Ied9197dd0e95df388e741af807ef498aeb85a102 Signed-off-by:
-
- 06 Oct, 2011 5 commits
-
-
Richard Mansfield authored
As a result of profile view access changes in bug #807278, profile views are displayed on the share page. So the 'editing' version of view titles needs to be displayed in two places (my views/ group views etc., and on the share page). It makes sense to use the same View methods in both cases, and remove the old logic to get the view title and url from the template. Change-Id: Ifa36651dc3358acd71ca63407df79799ddd47299 Signed-off-by: -
Richard Mansfield authored
The profile view title is now displayed on the share page, due to recent changes in profile view access (see bug #807278). However the view title from the database is now displayed on the share page instead of the translatable string. Change-Id: Ic691469731923faa0cef0c204b1207a9152e9fe2 Signed-off-by: -
Richard Mansfield authored
When constructing a View, we only need to perform the deleted group check when pulling a view record out of the db, not every time we create a View. This change allows faster creation of View objects in those cases where we already have all the data at hand. Change-Id: I4d13446f31d841323692923a1cfc2647a2f3b2ed Signed-off-by: -
Richard Mansfield authored
When deciding who can moderate comments on a group view, the 'moderating' roles are stored in the view object, but they don't need to be, because they only depend on the group settings. So we can remove moderating roles from the View object, and get them directly using the group id when required. Change-Id: I69f5cd467e474a1fd9c0c589322c6a3935aa3482 Signed-off-by: -
Richard Mansfield authored
When creating a new BlockInstance object for a view, pass the view object to the BlockInstance constructor when we already have it handy. This stops the BlockInstance from having to pull the view out of the database again in its get_view method, and can save several queries when rendering a view. Change-Id: I717f154031794afec1ca0d353c1d358f297c5c1e Signed-off-by:
-
- 05 Oct, 2011 1 commit
-
-
Richard Mansfield authored
Previously the only group artefacts were files, and group file permissions can be updated within the filebrowser elements. Now that there are group notes, the permissions need to be able to be modified. Done as a pieform element in case other group artefact types are added in future. Change-Id: I308cf44f95d29a4d13722726c9f007e248ee81fe Signed-off-by:
-
- 04 Oct, 2011 7 commits
-
-
Richard Mansfield authored
In the artefact chooser for the textbox configuration form, add the name of the artefact owner beside the title of each artefact. This makes it easier to distinguish between notes with the same title, and more obvious when selecting (for example) group artefacts for inclusion in a personal view. Change-Id: I21f8636e7d9ee49237c636c2c56949c62ff1612b Signed-off-by: -
Melissa Draper authored
The fix in commit 884ccae4 was incomplete. It didn't pick up when there was an existing ? in the baseurl. This patch adds that check. Change-Id: I9666ae146ecf7ba8d8654e2cf97806f91f468d03 Signed-off-by:
-
Francois Marier authored
Thanks to Melissa Newman for the solution! Change-Id: Icc8f03e7b5a69f653ed37cd00db148e092de8ed3 Signed-off-by: -
Kristina Hoeppner authored
Some more changes were necessary. It's the same file as for review 760 for Mahara 1.4 Change-Id: I0ee9d521b619f9afc3e8038122f00f4b0b0cfeff Signed-off-by:Kristina D.C. Hoeppner <kristina@catalyst.net.nz>
-
Richard Mansfield authored
When configuring a textbox containing a read-only artefact (or one which has copies in other blocks), the user will often want to create a new copy of the note instead of reusing the note. This patch adds a 'copy' link beside the read-only message, which will unhide the tinymce box and set a flag to ensure that a new html artefact gets created on submission. Change-Id: I5214c5b0ae615cd9f32dfc5c71efc942b5961756 Signed-off-by: -
Richard Mansfield authored
When configuring a textbox that includes an html artefact owned by someone other than the view owner, it must be made clear to the user that the textbox cannot be edited within the current view. In this case, the sanitised html from the artefactchooser is displayed inside a grey box in the config form, and the tinymce editor is hidden. A help file has been added to explain why the user cannot edit the selected artefact. (When tinymce includes an toggle for its read-only mode, this can be simplified) Change-Id: I81b44928b7ac83ffaebba04d4ab34d3964743bf4 Signed-off-by: -
Richard Mansfield authored
When we are going to display an html artefact description outside a tinymce window, in 'read-only' mode, we need it to be cleaned up by the server in advance. This patch adds returns a safe version of an artefact description along with the original description, when requested in the artefactchooser configuration. Change-Id: I8725e56608214bba0a262de78e6dac8fcf5a4dd8 Signed-off-by:
-
