oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
14444 commits 2 branches 2 tags 120 MiB
Commit graph

1262 commits

Author SHA1 Message Date
Chris Hanson
65a981f8ab Corrected leaveVersionTag creating a version tag: 12138 2011-06-01 13:52:40 -05:00
Paul Driver
e901b95520 rfe #12108: Mail to Group preference field 2011-04-15 12:21:16 -05:00
Colin Kuskie
6f34c25e82 Prevent SSO fixation attacks against WebGUI by modifying Operation/SSO to log the user in as the user with a different session, and to require a flag in the config file to enable it. This feature will be removed in WebGUI 8. Fixes bug #12004. 2011-01-10 14:07:59 -08:00
Colin Kuskie
5c4066413c Fix username's in the Edit User screen. Fixes bug # 11950 2010-11-08 08:07:35 -08:00
Paul Driver
21ae5f0094 Better @INC fiddling and degenerate case for ProgressTree 2010-11-08 07:57:40 -06:00
Colin Kuskie
59e848c6a8 Don't send i18n values for form controls in www_manageRevisionsInTag. Fixes bug #11926 2010-11-01 15:00:43 -07:00
Paul Driver
7219e21f86 Merge branch 'fork' 2010-11-01 08:20:38 -05:00
Colin Kuskie
cb952501fc Prevent password fields from autocompleting, which can overwrite passwords when editing forms. Fixes bug #11923. 2010-10-25 10:29:16 -07:00
Paul Driver
da6b99807d Correcting some errant POD 2010-10-07 09:05:14 -07:00
Paul Driver
04fa1ca794 VersionTag rollback moved to Fork 2010-10-06 08:54:18 -07:00
Paul Driver
f2e0a4f667 Rename to WebGUI::Fork 2010-10-06 08:53:40 -07:00
Paul Driver
79de38dc4a WebGUI::BackgroundProcess (used now by AssetExport) 2010-10-06 08:53:39 -07:00
Colin Kuskie
adbec05e97 refix the hanging singleton workflow problem with spectre. Fixes bug #10189, again. 2010-10-05 11:07:53 -07:00
Colin Kuskie
055b72de7f Fix HTML table generation for Active Sessions. Fixes bug #11832 2010-09-02 13:16:34 -07:00
Doug Bell
6b1e02f764 fixed possible vulnerability loading help files 2010-08-11 15:54:48 -05:00
Doug Bell
b34d7a0ef3 better diagnostic message 2010-06-27 22:09:04 -05:00
Doug Bell
68b2c406f7 add multiple auth methods and www_ methods 2010-06-27 22:09:04 -05:00
Colin Kuskie
5a904a85db Do not delete cron tasks with errors, just notify spectre of the problem. Fixes bug #11604. 2010-06-03 10:56:03 -07:00
Colin Kuskie
414e60380f Do not allow any backdoors for Visitor to get into his account. Fixes bug #11572. 2010-05-17 08:27:01 -07:00
Colin Kuskie
ea5e82b626 Make sure that we can start a workflow via a cron job. Fixes bugs #11444 and #10189 2010-04-19 08:14:21 -07:00
Colin Kuskie
7b8f9027a0 Admin cannot be removed from admin group. An admin cannot remove themself from the Admin group. Fixes #11481. 2010-03-22 15:56:39 -07:00
Colin Kuskie
d6f61c07d1 Make the Deactivate account template user selectable for both LDAP and WebGUI. Fixes bug #11482 2010-03-22 10:43:29 -07:00
Colin Kuskie
9c0cdde323 Fix deleting users from groups in manageUsersInGroups. Need to use POST instead of GET. 2010-02-23 10:54:32 -08:00
Colin Kuskie
c785474fb4 Fix pagination isses in Active Sessions when a session is deleted. Fixes bug #11400 2010-02-11 08:50:40 -08:00
Colin Kuskie
38e6bfad3e Convert many search forms from POST to GET. Fixes bug ##11372 2010-01-25 15:53:49 -08:00
Colin Kuskie
7261ecd29d Fix an infinite loop in getting LDAP error messages. Fixes bug #11296 2009-12-07 18:43:09 -08:00
Colin Kuskie
e1c77cf314 Fix the issue with Assets with macro based content not showing the new content to Visitors. Fixes bug #11200. 2009-11-19 10:04:19 -08:00
Colin Kuskie
0103cba326 Disable the Send Stats workflow, to avoid confusion. Fixes bug #11245 2009-11-16 22:19:53 -08:00
Colin Kuskie
bc21f904da Fix status reporting for successful connects but bad binds. Fixes bug #11216 2009-11-13 09:49:36 -08:00
Colin Kuskie
7c94f6f8ba Fix pagination issues in the List LDAPLinks screen. 2009-11-12 22:21:34 -08:00
Colin Kuskie
858c148b2e Users always get default profile field values from the profile field. Fixes bug #11215 2009-11-10 10:02:35 -08:00
Colin Kuskie
c10363bcf6 Set a default for groups in addGroupsToGroupSave. Fixes bug #11203 2009-11-06 11:36:08 -08:00
JT Smith
630f1b0537 changed queue to an array 2009-11-03 12:04:24 -06:00
Colin Kuskie
6fa96efff4 Fix syntax errors in Operation/Group. 2009-10-30 15:26:07 -07:00
JT Smith
f1bc38de6c The auto add to group and auto delete from group operations that are used with the GroupAdd and GroupDelete macros were fixed to make the user log in if they aren't already. 
Conflicts:

	docs/changelog/7.x.x.txt
 2009-10-29 14:01:53 -05:00
Graham Knop
c1ce7470b9 added: Manage System Trash group setting 2009-10-28 11:10:58 -05:00
Graham Knop
c472e0c4b8 add clipboard admin setting 2009-10-28 11:10:31 -05:00
Doug Bell
8c3414dca0 fixed #11116: Deleted user's version tags and revisions 2009-10-26 17:52:08 -05:00
Colin Kuskie
a866f143d0 Fix bug 11098. Create a VersionTag method that only clear the session for a single user. 2009-10-07 08:51:05 -07:00
Graham Knop
60a4a9b140 mark $session->datetime->time as deprecated and remove its use from core code 2009-10-05 20:56:37 -05:00
Colin Kuskie
c7e7b6eed0 remove debug code from CSRF code. 2009-09-22 13:35:16 -07:00
Colin Kuskie
9ec062d5bc Usability improvement for the edit version tag screen. rfe #10862 2009-09-09 07:45:04 -07:00
Colin Kuskie
957eaa44c0 Change the i18n label for Help, to be Template Help since that's what it is. 2009-09-08 08:47:00 -07:00
Colin Kuskie
fe253042ea Reorganize AdSpace properties for prices and permissions. 
Remove click and impression prices.  Remove groupToPurchase.
Expose minimum clicks and impressions to the UI.
 2009-09-02 10:42:29 -07:00
Patrick Donelan
388a0b1267 Fixed a whole lot of brokenness in Inbox SMS/Email notifications 
WebGUI::Inbox::Message::create now passes isInbox flag to WebGUI::Mail::Send::create
so that per-user notification settings get used

SMS Gateway setting field is now 'text' instead of 'email' so that user can enter a
properly formed value (such as 'myemailgateway.com', which is not an email address).

Added SMS notification template as distinct from email notification template because
SMSs should not be HTML and in general you will want to make your SMS notification
message a lot shorter than your html email notification message (160 char limits in
many countries). As a result, SMSs are now sent as separate emails to gateway rather
than being CCd on email notification.

Added smsGatewaySubject setting because many SMS Gateways use email subject for
authentication. For consistency, also added Email notification email subject.

Fixed handling of different combinations of site-wide sendInboxNotificationsOnly with
per-user receiveInboxEmailNotifications and receiveInboxSmsEmailNotifications.
 * sendInboxNotificationsOnly && receiveInboxEmailNotifications = email notification
 * sendInboxNotificationsOnly && !receiveInboxEmailNotifications = no email
 * !sendInboxNotificationsOnly = ignore receiveInboxEmailNotifications
 * In all cases, SMS is optional and only dependent on receiveInboxSmsEmailNotifications

Updated tests and i18n
 2009-08-16 09:42:35 +00:00
Colin Kuskie
d14d468415 Set a default privacy value in the radio list when creating new profile fields. 2009-08-13 15:56:14 +00:00
Colin Kuskie
d2b9be686c Add the missing pending versions link to the manage assets in tag screen. 2009-08-08 16:23:08 +00:00
Colin Kuskie
6dea4f642a Don't close the connection for the default link (0) when doing connect checks. 2009-07-21 20:55:21 +00:00
Colin Kuskie
d26c6b402b Add CSRF code to ProfileSettings edit profile field and edit profile category. 2009-07-20 15:38:07 +00:00
Colin Kuskie
6aa3784636 Fix becomeUser and deleteUser CSRF protected submenu links. 2009-07-14 15:54:03 +00:00