Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Change-Id: I663f6ffde03b6b3504d49a767ac0ff55d0ab8437
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit 056d42fc)
(cherry picked from commit 5b0b1f07)

Merge "Bug 1720034: Journal/Journal post title not being escaped in delete button" into 15.04_STABLE

1. when a user logs in it clears any obsolete
   usr_session cookies for the user
2. recording the user-agent of the session
   and if it changes to prompt the user to
   login again
3. when self adding / editing email address(es)
   send 2 emails
	- one to the new email address asking user to confirm address
	- and one to the primary email address to alert user
	that a new email is being added to their account and
	if this is bad how to contact their admin about the problem.

behatnotneeded
Change-Id: Ia44b66cf831abd553b72aa8b1d58d2a2634863b8

Which is only the user's name

Change-Id: I01d3dab89c0f48b6b734b31690f1b4036c7cf7a6
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit 974728dd)

to avoid having problems when the user emails another user

Change-Id: If694e969ea8a9d77badfffa095dc5fac3b6da417
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit dbbbb91c)
(cherry picked from commit bf1717cb)

behatnotneeded

Change-Id: I6f0c82a74e0d60614230aac1d4fc3884eae387a5
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit c367be4d)
(cherry picked from commit 465b7df2)

Before displaying it to screen

Change-Id: I0bfc727ca6e0feee649392fcd85a89b16f55201f
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit 648b191e)

an oversight from commit dde8e52b

Change-Id: Iba1c23b7b88cfb9526627f1b9c934bb94ecc4e5c
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit 873eeed0)
(cherry picked from commit 9ccdfe2d)

Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

To avoid potential hacking vectors for the site

behatnotneeded

Change-Id: I53088c5e73017bc59f156483509e1bb7e8c1710a
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

This patch only deals with:
1) removing passwords from existing event_log table data
2) stopping the recording of passwords into the event_log table
3) sets the reset password on next login for those users

It doesn't deal with removing the unnecessary cruft information
that will be handled by the bug 1692385

behatnotneeded

Change-Id: Id29148f78fa6918f5f5afcb89d211ccb3b60c95b
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Was checking against multi.surbl.com but that is returning a 127.0.0.1
A record response even if url was not blacklisted.

Switched it to multi.surbl.org

behatnotneeded

Change-Id: I339e2d69d9d351fd3b27ea6e32098b2efb0ea17c
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit b12695f1)
(cherry picked from commit 79c7d9ff)
(cherry picked from commit e9dd5d9f)
(cherry picked from commit 84e9f0ee)

behatnotneeded

Change-Id: I68b0b86fe46945dc539193df789fa9f27cc70077

Change facebook logo image file
Added dimension meta tags to follow facebook best practices
renamed the file to force all instances of the image in
facebook servers to update

behatnotneeded

Change-Id: I7891ad5ebec1a9fd17b6d98298fa62d4f0c5e71a

We were manually verifying the "hash" JSON field
in external/composer.lock, but this was removed
in Composer 1.3.0

Change-Id: If0862e0b63b6ee7d18f16ff393fba83a8653b2ba

Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Fixing some security issues in PHPMailer

behatnotneeded

Change-Id: I0c48250a59d2c6d44b5a0a99da3353494370605e

Change-Id: If416f9b458e91b0e22ab76a9fbae572932ca7f0e
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit 1d66962e)

Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

This patch removes all authentication functionality
from the browserid auth plugin. It adds a script,
accessible through the plugin's configuration page,
to migrate user accounts from browserid to
internal auth.

Also includes changes to allow users to be searched
by authtype, and to prevent non-useable plugins
from being enabled on the plugin config page.

Change-Id: I4e8bd9fc4d2fb2ccaa1845fda533c9373ec251bd
behatnotneeded: Can't test with behat
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>

The label tag had an incomplete 'for' attribute.

Change-Id: I2879b032cb63a33bb4a5caf40c9c70b2eea55d78
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit cf42e66b)

Created a new function get_raw_user_urlid() to fetch the correct string to
pass to generate_urlid()

behatnotneeded

Change-Id: I1901045ef8e89d224e1ab9556587224ff1d7e6a0
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit 9d7b93c7)
(cherry picked from commit d6426711)

behatnotneeded

Change-Id: I63080b651e08e8e747a891e9f7f2283bfecb72f1
Signed-off-by: Robert Lyon <robertl@catalyst.net.nz>
(cherry picked from commit 6cfb0274)
(cherry picked from commit 4a51beb3)