summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2013-09-04Generalize request_type() to static_storage()Florian Pritz5-13/+17
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Set login session data in one goFlorian Pritz2-8/+12
This reduces the amount of db queries and cookies we create since each update triggers an db update and (which is a bug) sets a new cookie. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Only renew uri flashdata when needed.Florian Pritz1-1/+1
This saves us 2 to 4 (useless) db queries per page. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-03Merge branch 'working'Florian Pritz19-821/+190
2013-09-02Autofocus username text box on upload_formTillmann Karras1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Disable CSRF checks for CLI requestsFlorian Pritz1-1/+1
Otherwise we get an error in the Security class trying to access $_SERVER["REQUEST_METHOD"]. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Add GET parameter for json outputFlorian Pritz1-0/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02mfile/delete_id: Remove require_access callFlorian Pritz1-1/+0
We expect the controller to take care of that, no need to double check. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02claim_id: Fix error when called directly without last_upload dataFlorian Pritz1-0/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Replace echo with show_error; misc cleanupFlorian Pritz1-9/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Add CSRF protectionFlorian Pritz4-5/+51
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Provide json output for api functionsFlorian Pritz10-51/+84
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02muser: always verify api credentials; improve error messagesFlorian Pritz1-17/+18
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Allow to override config_item() options; add modification commentsFlorian Pritz2-1/+15
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02user_logged_in(): always load muserFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02remove left over security libraryFlorian Pritz1-737/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Display domain of email address when resetting passwordFlorian Pritz2-2/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-26add readmeFlorian Pritz1-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Remove empty line after ansi2htmlFlorian Pritz1-4/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Deduplicate initialisation code in controllersFlorian Pritz3-34/+40
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Only determine latest client version when neededFlorian Pritz1-6/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Add comment about ID blacklistFlorian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Validate IDs when generating thumbnail historyFlorian Pritz1-0/+5
The thumbnail function generates an invalid image (HTML error message) if the ID is invalid resulting in empty images. Catch those when creating the page to prevent that. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-17add NEWS file to track important changesFlorian Pritz1-0/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-15INSTALL: perl is no longer needed for a dev installFlorian Pritz1-1/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-15Switch to CI's caching classFlorian Pritz9-224/+31
This supports more caching backends and doesn't force users to install the memcache extension. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-14Use python-ansi2html instead of cpan moduleFlorian Pritz4-35/+518
Way, way, way, way faster. Did I mention it is faster? Also we now have line numbers because we can. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-13Coding style fixesFlorian Pritz2-8/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-13remove caching code from historyFlorian Pritz1-61/+52
Simply enabling it again would cause breakage (json handling). Just get rid of it. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-12apikeys: allow any chars in commentFlorian Pritz2-4/+3
No real point in restricting those, just leads to people wanting to use special chars that don't work. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11Merge branch 'working-split/api-keys' into workingFlorian Pritz13-19/+206
2013-08-11Allow more chars in apikey commentFlorian Pritz1-2/+2
"fb-client user@host" will be used by fb-client so this should work... Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11Document API keys on client pageFlorian Pritz1-0/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11Remove api keys dependency on usernameFlorian Pritz4-8/+11
We don't need it and getting the user name from the user drivers is way more complicated. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11Add API keys link to navFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11Add API key supportFlorian Pritz8-16/+191
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11data/local: add missing examples and gitignoreFlorian Pritz3-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-09Add logo to headerFlorian Pritz1-1/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-09Add delete support to thumbnail historyFlorian Pritz3-2/+54
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-08Add delete button to info popup on paste pageFlorian Pritz1-0/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-07Add favicon supportFlorian Pritz3-1/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-05Invert sorting order on thumbnail historyFlorian Pritz1-1/+1
Newest first to match the normal history's default. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-05Add history page with thumbnails of imagesFlorian Pritz7-0/+249
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-02Add os x install instructions for clientFlorian Pritz1-2/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-07-19Alternate message for a delete-timeout of 0 (never delete)Thore Bödecker1-3/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-07-18Add json support to upload_historyFlorian Pritz2-0/+11
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-07-18file/download: output html directly, don't use output classFlorian Pritz1-3/+6
$this->output->parse_exec_vars is a protected variable so we can't access it like the documentation suggests (yes this is a bug that should be reported...), but even if it worked I'm not confident the output class should be trusted with arbitrary input. Upstream might at some point add another "feature" so this is the safe way to go. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-07-18Fix missing conversion of timestamps on plaintext upload_historyFlorian Pritz1-1/+1
Got lost in 2a6a1c63cb21015009fe4fd13f62cdac64e1fe36 Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-07-16Decrease size of footerFlorian Pritz2-7/+13
Before it seemed a bit too prominent on pages with short content. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-07-16Fix handling of upload_max_age = 0Florian Pritz2-0/+4
cron code already handled this correctly, valid() didn't. Signed-off-by: Florian Pritz <bluewind@xinu.at>