1. 22 Mar, 2019 1 commit
  2. 22 Feb, 2019 2 commits
  3. 03 Nov, 2018 1 commit
    • Daniel Thee Roperto's avatar
      Bug 1749339: Add pre_loginpage_hooks · bfdba337
      Daniel Thee Roperto authored and Robert Lyon's avatar Robert Lyon committed
       Add a pre-login hook to check if user is already logged in,
       giving each auth plugin the chance to authenticate or redirect the user as
      Change-Id: I690fd174a02e9ffd26b8e3c8f3efad041b54d3da
  4. 29 Oct, 2018 1 commit
  5. 24 Oct, 2018 1 commit
  6. 18 Oct, 2018 1 commit
    • Cecilia Vela Gurovic's avatar
      Bug 1797276: escape admin reserved word in Mysql8 · 06e3f6b8
      Cecilia Vela Gurovic authored
      reserved keyword found needing to be fixed:
      was set to reserved in mysql 8.0.2 and then changed
      back to unreserved in 8.0.12
      we need this patch for the version in between them
      Change-Id: Ife693b3d490ca5fd1112d0a55ff1ae74a9579aa5
  7. 27 Sep, 2018 1 commit
  8. 12 Sep, 2018 1 commit
  9. 31 Aug, 2018 1 commit
  10. 14 Aug, 2018 1 commit
    • Rebecca Blundell's avatar
      Bug 1752743: replace php 7.2 deprecated functions · c6c6c295
      Rebecca Blundell authored and Robert Lyon's avatar Robert Lyon committed
      replaced each() with foreach in core code.
      replaced create_function() with anonymous function in core code.
      Also removed some functions that were not used anymore
      Change-Id: I300396a1ec04c75d7882b7ec5c9de76c3763e70d
  11. 07 Aug, 2018 1 commit
    • Cecilia Vela Gurovic's avatar
      Bug 1741987: Update jquery - Events · 3d1abcc2
      Cecilia Vela Gurovic authored and Robert Lyon's avatar Robert Lyon committed
         Breaking change: .load(), .unload(), and .error() removed
         Breaking change: .on("ready", fn) removed
         Breaking change: event.pageX and event.pageY normalization removed
         Breaking change: jQuery.event.props and jQuery.event.fixHooks removed
         Breaking change: Delegated events with bad selectors throw immediately
         Deprecated: .bind() and .delegate()
           no calls to .bind() for events in core.
           Only calls to bind() refer to the js bind of arguments to functions.
           no calls to unbind() for event in core.
           Only calls to unbind refer to the unbind method defined in
           formChangeManager not related to the jQuery method.
          Warnings fix
          JQMIGRATE: jQuery.fn.click() event shorthand is deprecated
          - also applies to the other event shorthands, including:
           blur, focus, focusin, focusout, resize, scroll, dblclick, mousedown,
           mouseup, mousemove, mouseover, mouseout, mouseenter, mouseleave,
           change, select, submit, keydown, keypress, keyup, and contextmenu.
          JQMIGRATE: jQuery.fn.hover() is deprecated
          JQMIGRATE: jQuery(window).on('load'...) called after load event occurred
      	(for FileBrowser we can see this error when editing a block in a page)
      Change-Id: I1a50050f882b864ad63d273de160e0b441a77705
  12. 05 Jun, 2018 1 commit
    • Robert Lyon's avatar
      Bug 1774334: Correcting redirect on login for site in subdirectory · d9ce7d92
      Robert Lyon authored
      The fix in Bug 1774309 fails to work correctly when the site
      is in a subdirectory of the apache root.
      To test:
      1) Adjust your site's apache file and set the DocumentRoot to be
      parent of htdocs
      2) Change the 'wwwroot' db value for site to include the 'htdocs/' bit
      3) Restart the apache server
      4) Go to site, adding 'htdocs/' to url
      5) Try logging in
      before patch: end up not found page with url containing two 'htdocs/'
      after patch: end up at correct place
      Change-Id: Ic5e1de2c5edaf96bbdd9b2403f0f65e45a4b80c0
      Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
  13. 31 May, 2018 1 commit
  14. 29 May, 2018 1 commit
  15. 21 May, 2018 1 commit
  16. 02 May, 2018 1 commit
  17. 04 Apr, 2018 1 commit
  18. 03 Apr, 2018 1 commit
  19. 28 Mar, 2018 1 commit
  20. 27 Mar, 2018 1 commit
  21. 08 Mar, 2018 1 commit
  22. 05 Mar, 2018 1 commit
    • Gregor Anzelj's avatar
      Bug 845263: Password policy · 9c26c145
      Gregor Anzelj authored and Robert Lyon's avatar Robert Lyon committed
      Improve the password policy enforcement and configuration in Mahara.
      Have a pre-defined password policy of a minimum of 8 characters with
      type "alphanumeric mixed case + symbols".
      Also allow site administrators to set the desired password policy in
      Site Options > Security Settings. In all locations where password
      is set, the password input should also include a password strength
      Change-Id: I020af58a6cf1635fe295f5434783ce5b6f6daacb
  23. 14 Feb, 2018 2 commits
  24. 12 Feb, 2018 4 commits
  25. 09 Feb, 2018 1 commit
  26. 08 Feb, 2018 2 commits
  27. 05 Feb, 2018 1 commit
    • Maria Sorica's avatar
      Bug 1734174: Add the after login privacy page · 44a6284e
      Maria Sorica authored
      Upon login, if the user has not yet agreed to the most
      recent Privacy statement versions, he will be redirected
      to this page.
      On install admin user accepts default privacy
      Change-Id: I6afc3d4d4db0676782a8b1501a962862108eab6b
  28. 15 Jan, 2018 1 commit
    • Gregor Anzelj's avatar
      Bug 1667521: Make 'Registration reason' mandatory when 'Confirm registration' is turned on · d850130c
      Gregor Anzelj authored and Robert Lyon's avatar Robert Lyon committed
      We achieve this by having a new pieform rule called 'requiredby' where
      we can reference another field and when a certain value is set in that
      field it makes this field required.
      requiredby rule needs an array containing:
      - the 'reference', a string of the name of the related field within the same form
      - the 'required', an array containing the values of 'reference' element as keys
        and true/1 for value if this element is required.
      -- If the reference field returns true/false then required array would
         have either 'true' => 1 or 'false' => 1 depending on what setting
         is needed
      Change-Id: I9bc5d15b4035d4a11b81b9355a32044c66ee2199
  29. 26 Nov, 2017 1 commit
  30. 19 Nov, 2017 1 commit
  31. 09 Nov, 2017 1 commit
  32. 27 Oct, 2017 1 commit
    • Cecilia Vela Gurovic's avatar
      Security Bug 1701978: fix session cookie issues · d02855fc
      Cecilia Vela Gurovic authored
      1. when a user logs in it clears any obsolete
         usr_session cookies for the user
      2. recording the user-agent of the session
         and if it changes to prompt the user to
         login again
      3. when self adding / editing email address(es)
         send 2 emails
      	- one to the new email address asking user to confirm address
      	- and one to the primary email address to alert user
      	that a new email is being added to their account and
      	if this is bad how to contact their admin about the problem.
      Change-Id: Ia44b66cf831abd553b72aa8b1d58d2a2634863b8
  33. 24 Oct, 2017 1 commit
  34. 21 Sep, 2017 1 commit