1. 13 Apr, 2016 1 commit
    • Aaron Wells's avatar
      Remove session.referer_check (Bug 1566366) · c9b8ff02
      Aaron Wells authored
      This setting kills your Mahara session whenever you navigate
      to Mahara from a link or redirect on another page. This totally
      prevents SAML and other redirect-based auth methods from working,
      makes it annoying to use links in email, and while it is mentioned
      on the PHP manual's "Securing Sessions" page, it's only
      recommended there if you also have "session.use_trans_id" enabled,
      which we do not.
      
      Change-Id: I8b3b14bae8043c5004cc8f36766f2db9422eac1c
      behatnotneeded: Can't be tested by behat
      (cherry picked from commit 91807920)
      c9b8ff02
  2. 30 Mar, 2016 1 commit
  3. 15 Jun, 2015 1 commit
    • Pat Kira's avatar
      Form styling (bootstrap) · 737386ee
      Pat Kira authored
      Bug 1465107: Use Bootstrap CSS Framework
      
      Change-Id: Ic24bdd78f9207c4f09adce6b20ca55583c1403b8
      737386ee
  4. 23 Apr, 2015 1 commit
  5. 06 Mar, 2015 1 commit
  6. 05 Mar, 2015 1 commit
  7. 03 Mar, 2015 1 commit
    • Nigel Cunningham's avatar
      (Bug1352028) Add a JSON progress bar for bulk operations. · 55a8deb8
      Nigel Cunningham authored
      This patch adds a JSON progress meter (I'll call it that to avoid confusion
      with progress bars) to the bulk uploading of users, groups and group
      memberships and the bulk export and import of users (LEAP), so the user can see
      the progress of the operation and not just the submit button changed to
      'Processing..' and whatever indication their browser gives while waiting for
      content.
      
      The bulk export and import are minor rewrites, replacing the old iframe based
      progress bar and the associated multiple pages and additional template file in
      the case of the bulk export, and the recursive redirect-to-self of the bulk
      import.
      
      To accomplish the display of the progress bar during the operation, we make the
      PHP session be closed (read only) except when changes need to be made. This is
      for the most part a straightforward change in session.php as it's the only
      direct accessor. In other places, we replace direct accessing of the session
      variable ($_SESSION) with use of the session class ($SESSION) so that it can
      reopen the session, make the change and close the session again.
      
      There is one more aspect to all of this: with previous behaviour, multiple
      requests for the same session would queue, taking the session lock in turn.
      After this patch is applied, they can proceed in parallel, allowing greater
      throughput. There is no additional locking requirement because the issues are
      the same as those already dealt with in allowing multiple PHP threads to
      process requests from different sessions at the same time.
      
      I have sought to make the progress meter nice and generic, so it can be used in
      the other bulk imports and exports too.
      
      Paradoxically, these changes don't just make the import seem to be faster, it
      actually is.. at least in the case of users and groups.
      
      Times for importing 1000 users, groups and memberships, averaged over 3 runs
      each (Wall time, not CPU time - but the relationship is the same).
      
                      Without Progress     With Progress
      Users                166s               155s
      Groups                85s                78s
      Memberships           20s                19s
      
      Change-Id: Iec15c57db32c77994edb80c71d65591de51a95e4
      Signed-off-by: default avatarNigel Cunningham <nigelc@catalyst-au.net>
      55a8deb8
  8. 09 Feb, 2014 1 commit
  9. 12 Nov, 2013 1 commit
  10. 07 Nov, 2013 2 commits
  11. 05 Nov, 2013 1 commit
    • Robert Lyon's avatar
      Allowing for SESSION messages to have render position (bug #1248318) · c1be6b9d
      Robert Lyon authored
      - the add_ok_msg, add_error_msg, and add_info_msg functions now take a
      'placement' parameter. When set it will only display the message at that
      location. Defaults to 'messages', the current place they are displayed.
      eg:
      $SESSION->add_ok_msg('hello world!', false, 'loginbox');
      
      - to get the message to display at new location one needs to add to
      the relevant template
       {dynamic}{insert_messages placement=[placement]}{/dynamic}
      where [placement] = the placement parameter you are after
      eg:
       {dynamic}{insert_messages placement='loginbox'}{/dynamic}
      
      Change-Id: I202d7e3e8d86ca1c74c4488f30e6c25686ac32e0
      Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
      c1be6b9d
  12. 14 Oct, 2013 1 commit
  13. 28 Aug, 2013 1 commit
  14. 12 Aug, 2013 1 commit
  15. 18 Jun, 2012 1 commit
  16. 30 Nov, 2011 1 commit
    • Richard Mansfield's avatar
      Revert "Remove temporary session folder code (bug #817940)" · b5277b71
      Richard Mansfield authored
      This reverts commit 8e8132fb.
      
      That commit was not ready to be merged.  As it says in the commit
      message, "if the session directory goes away somehow between updates,
      there is currently _no_ way to restore it without one of these two
      options. This may need to be considered before merging in this
      change."
      
      We can revert this revert when we have a good alternative for creating
      the session directories.
      
      Change-Id: I5141832da3225e202feef19dccabfea9ff35beeb
      b5277b71
  17. 11 Nov, 2011 1 commit
  18. 26 Aug, 2011 1 commit
    • Melissa Draper's avatar
      Remove temporary session folder code (bug #817940) · 8e8132fb
      Melissa Draper authored
      This patch removes the 'temporary' code that was checking for the
      existance of the session directories at each session creation. This
      check is performed at install and at update, however if the session
      directory goes away somehow between updates, there is currently
      _no_ way to restore it without one of these two options. This may
      need to be considered before merging in this change.
      
      Change-Id: Ia6020c0b73ce9e172e718c9638a312b1f0162295
      Signed-off-by: default avatarMelissa Draper <melissa@catalyst.net.nz>
      8e8132fb
  19. 13 May, 2011 1 commit
  20. 06 May, 2011 2 commits
  21. 22 Dec, 2010 1 commit
  22. 08 Jun, 2010 1 commit
  23. 04 Jun, 2010 1 commit
  24. 15 Sep, 2009 1 commit
  25. 10 Jul, 2009 1 commit
  26. 13 Jun, 2009 1 commit
  27. 05 May, 2009 1 commit
    • Nigel McNie's avatar
      Add a method for nuking a session. · 800e212e
      Nigel McNie authored
      This probably needs calling in a few places, especially when the currently logged in user changes while the session is hanging around.
      800e212e
  28. 16 Feb, 2008 2 commits
  29. 04 Dec, 2007 1 commit
  30. 03 Dec, 2007 1 commit
  31. 30 Jun, 2007 1 commit
  32. 30 May, 2007 1 commit
  33. 10 May, 2007 1 commit
  34. 19 Mar, 2007 1 commit
  35. 06 Mar, 2007 1 commit
  36. 21 Feb, 2007 1 commit
  37. 14 Feb, 2007 1 commit