GitLab

1) Allowing $CFG to accept json encoded strings and to be decoded back to php
2) Making the $cfg->openbadgedisplayer_source a json encoded string
3) Allowing the openbadges have the defaults only on one place and warn when they are missing

behatnotneeded

Change-Id: Ica0349d6343d9f608b2272117d7412b288799278
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

behatnotneeded

Change-Id: I7f4f040abb6e9989eac6077ed28f946c44813927

Change-Id: Iee2e557aa7be11e588fa6973868208acf546d357
Signed-off-by: Dean Simeonoff <deans@catalyst.net.nz>

- Fixed 'Remove' button for existing attachments
- Fixed reloading of modal popup for 'Add a file' if form reloads with
error

behatnotneeded

Change-Id: Ib68e6a33beb6f85701281fcdf337fafd079c9528

behatnotneeded

Change-Id: Ic839970344a7b09d742f3f609ef2a80e6ea500af

Bug 1570744: Accidentally used set_cookie() instead of
setcookie(). This makes the cookie break if you use
the $cfg->cookieprefix setting.

behatnotneeded: Covered by existing tests

Change-Id: Idec3676222e3ff4eb22f7925de6bec10cfa35755

Make it clearer that changes are saved automatically
and shorten 2nd sentence.

behatnotneeded

Change-Id: I875afae34d950e77e43bf3b4ece895d42c23e1ec

We have existing code that tries to regenerate your
session ID when you log in. But it stopped working
in PHP 15.04 because the session has usually been
closed when it gets called.

Change-Id: I5f99cdf355892040866bb0113fd934e3d37bf33c
behatnotneeded: Can't be tested by behat

This patch does 2 things:

1. It loads the session much earlier during init.php. We wind
up creating one on *every* script load anyway, due to LiveUser's
constructor. Sometimes it gets created earlier if other code
tries to use it before then, which adds some unpredictability
to things. Moving it up to the top of init.php reduces that
unpredictability.

2. It turns out that in PHP 5.3, using header_remove('Set-Cookie')
to only doesn't remove session headers. But header_remove()
(with no params) to remove *all* cookies does remove them. So
I'm changing remove_duplicate_cookies() to use that instead.

3. Also in PHP 5.3, session headers are visible in headers_list().
In situations where your session id changes (due to session_destroy()
and session_regenerate_id()), our use of array_unique() meant we
would preserve the old and new session IDs and send both back
to the browser. This patch makes remove_duplicate_cookies() aware
of the current session ID, and it only preserves that one.

Change-Id: I7a90b8692a5f97429415aa9a17451a44cd2109dd
behatnotneeded: Covered by existing tests

Need to give the browser a chance to proceed, in case the
popup makes the page reload.

Change-Id: I271a00e38be3cb65f236f6aa46f20a14105ca230

Bug 1571421: In the exists-subquery the join-condition contains a reference to an outer table alias, which is not supported in MySql (though it seems to work in Postgres). This leads to a "site unavailable" e.g. when searching on the "shared with me" page.
The solution is to move the condition into the WHERE-part. This might actually improve performance because it allows the database engine to precalculate the join one single time and reuse it for each Exists-subquery

behatnotneeded

Change-Id: I5097154d939bf7ddba01d5845af7e8cbb42681b8
Signed-off-by: Tobias Zeuch <tobias.zeuch@rwth-aachen.de>

behatnotneeded

Change-Id: I15041cdfbaf3f8cd3519794dd1102928201c7551

Both from the block config and the extensions -> plugin config

behatnotneeded

Change-Id: I91413422b0416683898d9742f00936a806ea723e
signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

behatnotneeded

Change-Id: I19e0890d0129f5e77cc2f73bfc65a4d3e9c16ce1

behatnotneeded

Change-Id: I10dc5393b078efa3661d710809cdadf9721c0f43

This setting kills your Mahara session whenever you navigate
to Mahara from a link or redirect on another page. This totally
prevents SAML and other redirect-based auth methods from working,
makes it annoying to use links in email, and while it is mentioned
on the PHP manual's "Securing Sessions" page, it's only
recommended there if you also have "session.use_trans_id" enabled,
which we do not.

Change-Id: I8b3b14bae8043c5004cc8f36766f2db9422eac1c
behatnotneeded: Can't be tested by behat

And not record the constraint also

behatnotneeded - existing tests will do

Change-Id: Ia0ec5c9d6c99d2560bb5186b905e98ec47f04407
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

behatnotneeded

Change-Id: Id81a439cf2166ed04663099331540e579feec13c
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Allowing the select button to appear on group/institution places

behatnotneeded

Change-Id: Ie58ff61b915753c2de5e9f60cf8d17b345b0b6e4

In other places we check the LOWER(username) but for some reason
in find_by_username() we don't. We should do it here as well for
consistency.

behatnotneeded

Change-Id: Ie692aeace0c8aa2f6989683e094ac6625f153b98
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Making all elements named "tags" use ANY.tags.html
by default.

Also add a tag help file when viewing a note
under "Content" -> "Notes" and for "Plans" and
"Tasks" under "Plans".

behatnotneeded

Change-Id: Ib71b04d65507cc3b2c38ac9db87db2727521cb82