1. 08 Aug, 2016 1 commit
    • Aaron Wells's avatar
      Bug 1570221 Don't print parameter values to logs when in production mode · b984a1b4
      Aaron Wells authored
      The best way to prevent sensitive data from being printed to the logs
      is to avoid printing the value of *any* parameter. For instance, a
      password parameter may have an unusual name, or it may be passed
      through a general-purpose function like "strlen()".
      
      Since parameter values are useful for debugging, we can still print
      them when not in production mode (although with known password
      params still scrubbed out).
      
      Note this patch both scrubs likely password params, and hides their
      scrubbed value. That's mostly because I'm lazy, but it also obscures
      the password's actual length.
      
      Change-Id: I4a1ab4c89a169c6b29a7b63384c2412cee761ab7
      behatnotneeded: Can't test with behat
      (cherry picked from commit 9a297249)
      b984a1b4
  2. 01 Oct, 2015 1 commit
  3. 14 Apr, 2015 1 commit
  4. 27 Mar, 2015 1 commit
  5. 28 Oct, 2014 1 commit
  6. 06 Oct, 2014 1 commit
  7. 01 Jul, 2014 1 commit
  8. 02 Apr, 2014 3 commits
  9. 25 Mar, 2014 1 commit
    • Aaron Wells's avatar
      Prevent new users from taking spammy actions · 7b08f438
      Aaron Wells authored
      Bug 1252101
      
      1. New users get 2 "new user points" on their user record
      
      2. While they have these, they're on probation and can't post
      links in public places, or make public pages.
      
      3. "new user points" are decreased each time a non-probationary
      user responds to a forum post by the user
      
      4. Admins & Staff are automatically non-probationary
      
      Change-Id: Ibccd2e330945f66b07aac062c4f51b67a0c0dba2
      7b08f438
  10. 09 Mar, 2014 1 commit
  11. 27 Feb, 2014 1 commit
    • Aaron Wells's avatar
      Replace obsolete TinyMCE GoogleSpell with in-browser spellcheck as default · 75797883
      Aaron Wells authored
      Bug 1212541: The web service the TinyMCE GoogleSpell code was using,
      is no longer in existence. This patch changes things so that TinyMCE will
      let the browser's spellchecker work, by default.
      
      The "pathtoaspell" is now null by default. If pathtoaspell is null, we
      eliminate the TinyMCE spellcheck button and set the "gecko_spellcheck"
      flag to let the browser spellcheck work. If pathtoaspell is not null,
      we show the TinyMCE spellcheck button as before.
      
      Change-Id: I9fd2b12169669d3d9705a1e23dc6c03af6f01948
      75797883
  12. 29 Jan, 2014 1 commit
  13. 22 Jan, 2014 1 commit
  14. 13 Jan, 2014 2 commits
    • Aaron Wells's avatar
      Silence most E_STRICT errors · 8d17e071
      Aaron Wells authored
      Bug 1268746: In PHP 5.4 E_ALL changed to include E_STRICT, causing Mahara to throw
      a lot of strict standards errors. This should silence most of them.
      
      HOWEVER, because most strict standards happen at compile-time, this will have no
      effect on strict standards errors caused in the files that have already been
      loaded by the time we call error_reporting() and set_error_handler(), which includes:
       - The file invoked directly by the URL
       - init.php
       - errors.php
       - config.php
       - config-defaults.php
      
      Change-Id: I7a7fdf7facb1f30e186a0e8a27f1c3b7473200da
      8d17e071
    • Aaron Wells's avatar
      Updating $cfg->productionmode description · 2d0a6ccd
      Aaron Wells authored
      Change-Id: Ic4cf6ce503c340c4f2833e5b6b81d7271b0edafe
      2d0a6ccd
  15. 06 Jan, 2014 1 commit
  16. 31 Dec, 2013 1 commit
  17. 17 Dec, 2013 1 commit
  18. 15 Dec, 2013 1 commit
    • Aaron Wells's avatar
      Allow a $cfg->bounces_ratio of 0 · 044a5f39
      Aaron Wells authored
      Bug 1261233: If you set the ratio to 0, you'll bounce someone
      as soon as they hit bounces_min, regardless of what the sent/bounced
      ratio is
      
      Change-Id: Ibe8223054fa70ea27748d78b099afa079be7f900
      044a5f39
  19. 19 Nov, 2013 1 commit
  20. 12 Nov, 2013 1 commit
  21. 11 Nov, 2013 1 commit
  22. 22 Oct, 2013 1 commit
  23. 14 Oct, 2013 1 commit
  24. 19 Sep, 2013 2 commits
  25. 05 Sep, 2013 2 commits
  26. 04 Sep, 2013 1 commit
  27. 22 Aug, 2013 1 commit
  28. 20 Aug, 2013 1 commit
  29. 19 Aug, 2013 1 commit
  30. 29 May, 2013 1 commit
  31. 03 Feb, 2013 1 commit
  32. 07 Sep, 2012 1 commit
    • Son Nguyen's avatar
      Allow users to choose institution themes for browsing if in multiple · 7cf320bc
      Son Nguyen authored
      institutions (Bug #793308)
      
      - Add a help file to explain the user setting: 'Theme'
      - By default, users can choose one of their institution's themes as
      their prefered theme.
      - if site admins set $cfg->sitethemeprefs = true in config.php,
      users can ALSO choose standard site's themes as preferred theme for
      browsing the site.
      - remove the option 'No theme selected'
      - sort the themes in alphabetical order
      
      Change-Id: I6f144747338e88eb1f90c79f0f7934449fe0ab63
      Signed-off-by: default avatarSon Nguyen <son.nguyen@catalyst.net.nz>
      7cf320bc
  33. 06 Aug, 2012 1 commit
    • Hugh Davenport's avatar
      Add cron job to poll an imap mailbox for bounces · ed5e91ab
      Hugh Davenport authored
      Bug #993018
      
      Checks an imap mailbox, assumes that you have set up a
      seperate mailbox for recieving the mailbounces.
      
      To enable this change, the php imap extension must be loaded
      
      This uses 9b9b2a5c for the
      mail bounce checking. It also adds a few extra config.php
      settings that need to be set for this cronjob to work.
      
      The config settings that need to be set are:
      $cfg->bounces_handle = true
      $cfg->bouncedomain
      $cfg->imapserver
      
      There are also some other options shown in lib/config-defaults.php
      for power users.
      
      By default, email will only be disabled when more than 4 bounces
      have been received, and the ratio between bounces and emails sent
      to the user is above 0.2
      
      Change-Id: I0bbc4cae26fd5284e4cbdc25b01ea4b566dd045a
      Signed-off-by: default avatarHugh Davenport <hugh@catalyst.net.nz>
      ed5e91ab
  34. 18 Jun, 2012 1 commit
  35. 08 Jun, 2012 1 commit