oqapi/webgui
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
14171 commits 2 branches 2 tags 120 MiB
Commit graph

14171 commits

This branch
This branch
All branches
Author SHA1 Message Date
Colin Kuskie
6f34c25e82 Prevent SSO fixation attacks against WebGUI by modifying Operation/SSO to log the user in as the user with a different session, and to require a flag in the config file to enable it. This feature will be removed in WebGUI 8. Fixes bug #12004. 2011-01-10 14:07:59 -08:00
Colin Kuskie
c65fd1946a There was no dying due to this bug, it was trapped during deserialization, not serialization. 
This reverts commit a0119e9e82.
 2011-01-10 13:53:13 -08:00
Colin Kuskie
a0119e9e82 When setting photo JSON, wrap the json serialization in an eval to trap errors. Addresses bug #12002. 2011-01-10 13:24:29 -08:00
Colin Kuskie
a96a9c3989 Update tests to handle new data being returned from USPS, for both domestic and international shipping. No driver changes required so far. 2011-01-10 13:24:00 -08:00
Colin Kuskie
727e45c97a Add indeces to the userLoginLog to help with cleanup. Fixes bug #12008 2011-01-10 10:39:28 -08:00
Paul Driver
702d00bb63 Merge branch 'master' of github.com:plainblack/webgui 2011-01-10 12:32:19 -06:00
Paul Driver
28f4b1b4d2 rfe #10521: Use monospaced font in template edit textarea 2011-01-10 12:31:15 -06:00
Colin Kuskie
dfffaf307c Add a test for tripping maximum assets to make sure it works. We will depend on the live tests for www_editSave to determine the opposite case. 2011-01-10 10:16:55 -08:00
Colin Kuskie
33698fcfde Remove old debugging code for validToken. 2011-01-10 10:16:34 -08:00
Paul Driver
5fc7b42a88 Template help for the additional topic variables 2011-01-10 11:31:56 -06:00
Paul Driver
82c6c58958 rfe #12016: add more functionality to story_loop 2011-01-10 10:32:47 -06:00
Paul Driver
61245baaaa Fix template preview to work with chunked content and template post-processing (in Layout, for instance) 2011-01-06 14:35:56 -06:00
Paul Driver
b3a1e6cfa3 IE fixes for preview, modal dialog instead of popup window 2011-01-05 16:32:33 -06:00
Paul Driver
cdda6235d7 jslinting the preview js 2011-01-05 12:47:38 -06:00
Paul Driver
9f9cac02fe whoops, forgot the js 2011-01-05 12:43:41 -06:00
Paul Driver
41ac1f153e Template Preview button 2011-01-05 12:40:35 -06:00
Doug Bell
ad8f1231fc fix 11985 Search.pl should warn on bad asset 2011-01-03 21:42:31 -06:00
Doug Bell
f78fb51b13 add changelog 2011-01-03 21:42:31 -06:00
Doug Bell
1c01079bdd fix 11976 use container url gives permission denied 2011-01-03 21:42:30 -06:00
Doug Bell
93525126a4 fix 11975 cannot paste threads: Cannot call method isa() 2011-01-03 21:42:30 -06:00
Doug Bell
78a4c1295a fix 11960 cart address fields marked as mandatory 2011-01-03 21:42:29 -06:00
Doug Bell
3fbcb4aca9 fix 11945 slow sql for duplicate email lookup 2011-01-03 21:28:41 -06:00
Colin Kuskie
67264660f7 Fix bad characters in the price column when importing products into a Shelf. Fixes bug #12001. 2011-01-03 19:13:59 -08:00
Colin Kuskie
cb7ffb3a21 Make sure that the StockData asset doesn't die when handling various date formats. Fixes bug #11986. 2011-01-03 17:59:58 -08:00
Colin Kuskie
a083737ab3 Do not extend recurrent for events in the trash. Do not extend them in the clipboard either, since it'll either make a mess in the clipboard or pop them up on the calendar automatically. Fixes bug #11995 2011-01-03 17:24:29 -08:00
Colin Kuskie
b911f05125 Commit events created by the ExtendCalendarRecurrences workflow activity. Fixes bug #11994. 2011-01-03 17:01:26 -08:00
Colin Kuskie
3e0da41f0a Allow for File and Image subclasses to be handled gracefully by the Thingy. 2011-01-02 12:57:54 -08:00
Colin Kuskie
648ea286ea Uh, and the code change for Visitor Account privileges. 2011-01-02 12:41:54 -08:00
Colin Kuskie
789a3476f9 The Account system should show Visitor a login instead of an insufficient privilege screen. Fixes bug #12012 2011-01-02 12:36:43 -08:00
Colin Kuskie
416b45f924 Duplicating events should duplicate relatedLinks. Add tests for setting and getting relatedLinks. Make recurrence use duplicate instead of addChild so that all collateral information like storageIds and relatedLinks are also duplicated. Fixes bug #12010. 2011-01-01 12:12:15 -08:00
Paul Driver
a9b4af6bc2 fixed #12009: Export JS errors in IE7 2010-12-28 09:24:54 -06:00
Martin Kamerbeek
aea8d184a6 Accidentally kept package in wrong dir. 2010-12-23 16:48:24 +00:00
Martin Kamerbeek
b22ed80dc7 Fixed #12007: Hardcoded js in cart view. 2010-12-23 16:45:15 +00:00
Martin Kamerbeek
90e3cd6b6f Merge branch 'master' of git@github.com:plainblack/webgui 
Conflicts:

	docs/changelog/7.x.x.txt
 2010-12-23 14:48:02 +00:00
Colin Kuskie
43903a9e0e Close all statement handles. 2010-12-23 00:32:16 -08:00
Colin Kuskie
b80b044202 Ham handed attempt to try and find the maximum revision date. 2010-12-23 00:24:56 -08:00
Colin Kuskie
4e0e62b202 Fix tests that were broken due to the language override merge. 2010-12-22 14:10:58 -08:00
Colin Kuskie
21e1c41596 Document the delete user bug fix. 2010-12-22 13:47:40 -08:00
Colin Kuskie
196d3b0437 Uncaching the user should be last thing that is done before removing data from the database. 2010-12-22 11:33:39 -08:00
Martin Kamerbeek
10ea82d6ec Don't let the cart crash on invalid addressIds 2010-12-22 13:31:16 +00:00
Martin Kamerbeek
f748aa1b83 Return a list of shipper to choose from in stead of none if no shipper has be chosen yet. 2010-12-22 13:11:56 +00:00
Arjan Widlaak
3d79b8b26c - fixed bug 11997: maximumAssets is ignored 
- fixed bug 11998: maximumAssets prevents editing existing assets if maximum is reached
 2010-12-17 23:06:27 +01:00
Graham Knop
e222cd97b6 move module loading to correct location 2010-12-13 19:01:38 -06:00
Colin Kuskie
b49c500701 Bad copy/paste on ajax error message. 2010-12-13 09:03:32 -08:00
Doug Bell
48f9687025 fix 11984 No JS allows invalid dates in Event 2010-12-08 14:32:47 -06:00
Colin Kuskie
f83b489837 Do not retry bad events for extending recurrence. 2010-12-08 11:28:21 -08:00
Doug Bell
9eded35263 fix warning and add changelog 2010-12-07 18:30:39 -06:00
Doug Bell
886de768af Merge remote branch 'xvaara/master' 
Conflicts:
	docs/changelog/7.x.x.txt
 2010-12-07 18:28:24 -06:00
Doug Bell
0a32122643 Merge branch 'carousel' 
Conflicts:
	lib/WebGUI/Asset/RichEdit.pm
 2010-12-07 17:23:10 -06:00
Scott Walters
078f5587c7 When FileUrl returns an error message instead of a filename and the thing hotlinks it (eg, img src), 
the evidence of the problem doesn't show up until the next hit.  Even more fun, the error message
gets lower-case-ified as part of conicialization so if you ack for it without -i, you won't even
find where the error came from.  So perhaps it's best to log the error sooner than later.
 2010-12-06 16:56:24 -05:00