summaryrefslogtreecommitdiffstats
path: root/application/controllers
AgeCommit message (Collapse)AuthorFilesLines
2014-10-29Simplify creation of initial userFlorian Pritz1-0/+67
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-10-29Make email sender configurableFlorian Pritz1-8/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-10-19Clean up the postgres changesFlorian Pritz2-8/+7
Style cleanup and some regression fixes Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-10-10Merge remote-tracking branch 'rafi/master' into rafiFlorian Pritz2-110/+117
2014-10-03Support EXIF orientation in colorboxFlorian Pritz1-0/+2
This also reindents colorbox.css. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-10-03Rework image manipulation classFlorian Pritz1-3/+3
This is the first of hopefully more classes using namespaces and proper classes that can be used as objects rather than CI's singleton approach. The namespace is mainly used to gain nice autoloading capabilities and it's not really yet used for separation. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-10-03Move thumbnail code to dedicated classFlorian Pritz1-4/+6
This also moves the code from mfile->image_dimension() to the only place where it was called. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-09-28file/cron: Protecting identifiersRafael Bodill1-1/+2
2014-09-19where_in for in array queries a proper count usageRafael Bodill2-4/+4
2014-09-19Fix timestamp adjusting for a list of arraysRafael Bodill1-2/+6
2014-09-19Correct unsupported open/close where query statementsRafael Bodill1-3/+1
2014-09-19File controller uses query builder, except 2 queriesRafael Bodill1-32/+36
2014-09-18User controller queries built dynamicallyRafael Bodill1-74/+72
2014-09-18Query builder in user login and controllerRafael Bodill1-5/+7
2014-08-29Set title on code render pageFlorian Pritz1-0/+2
This got lost in the multipaste change. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-08-29add multipaste supportFlorian Pritz1-139/+367
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-07-23Move migration code to CLI callable functionFlorian Pritz3-10/+52
This is necessary to prevent migrations from running multiple times in parallel. A git hook can be used to run this after checkout so impact should be fairly low. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-04-12Add foreign keys to databaseFlorian Pritz1-1/+1
Changing the referrer value for the root admin from 0 to NULL to make the foreign key check work. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-02-23user/create_apikey: Use empty comment if unsetFlorian Pritz1-0/+1
False gets converted to "0" when being stored in the DB which we don't want. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-02-21Implement multiple access levels for api keysFlorian Pritz2-6/+15
This allows to use an api key to write a completly standalone client. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2014-02-15Work around PHP 5.3 limitationFlorian Pritz1-3/+5
$this in anonymous functions is only supported in PHP >= 5.4 Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-11-09use cache_function() everywhereFlorian Pritz1-15/+13
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-11-09cache file/thumbnail responsesFlorian Pritz1-5/+13
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-10-22Remove unnecessary TODOFlorian Pritz1-1/+0
It's fine if users can invite an unlimited amount of people. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-10-22Update CSP header; change order to fix svg display in firefoxFlorian Pritz1-1/+1
Apparently firefox doesn't like "style-src * 'unsafe-inline'", but wants "style-src 'unsafe-inline' *" otherwise it doesn't honor 'unsafe-inline'. In chromium both behave the same. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-10-06Fix display error when redering markdownLukas Epple1-2/+4
Initial-patch-by: Lukas Epple <lukas.epple@me.com> Switch from <table> to <div> like we did for pygments. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-25Remove chmod on uploaded filesFlorian Pritz1-2/+0
It interferes with multiuser setups if you use X-Sendfile and it isn't really needed anyway because you can set an upload_path outside the docroot and because the default path is protected by an .htaccess file. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-23Implement rangeDownload() as driver and provide sendfile implementations for ↵Pierre Schmitz1-2/+4
Nginx and Lighttpd * The rangeDownload() function has been moved to libraries/Ddownload/drivers/Ddownload_php.php * The nginx and lighttpd drivers can be set via $config['download_driver'] Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
2013-09-22Move user_logged_in check to controller constructorFlorian Pritz2-3/+0
TL;DR: Allows us to show a proper error page if encryption_key is missing from the config. muser->logged_in() can load the session class which will die if encryption_key is not set in the config causing an error to be displayed. Because the header is also loaded when we display an error loading the class will be tried again. CI maintains an array with information which classes have been tried to be loaded and will simply return true without loading again. muser->logged_in() will then try to access $this->session which doesn't exist. Since all of this happens when we are already in the header the error message appears in the navigation being hard to read. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-16Remove executable bitsFlorian Pritz1-0/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-08user/create_apikey: Add JSON supportFlorian Pritz1-0/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Remove left over var_dump()Florian Pritz1-2/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Remove unneeded "as" in sql queryFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Replace is_cli_client() with stateful_client where applicableFlorian Pritz1-4/+4
Stateless clients (cli client and clients using api keys) can't reclaim IDs (no cookie) so they should be required to log in asap and they will always get an error if they didn't log in. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04Generalize request_type() to static_storage()Florian Pritz2-4/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02claim_id: Fix error when called directly without last_upload dataFlorian Pritz1-0/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Replace echo with show_error; misc cleanupFlorian Pritz1-9/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Provide json output for api functionsFlorian Pritz2-29/+43
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02Display domain of email address when resetting passwordFlorian Pritz1-1/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Remove empty line after ansi2htmlFlorian Pritz1-4/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Deduplicate initialisation code in controllersFlorian Pritz2-34/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Only determine latest client version when neededFlorian Pritz1-6/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22Validate IDs when generating thumbnail historyFlorian Pritz1-0/+5
The thumbnail function generates an invalid image (HTML error message) if the ID is invalid resulting in empty images. Catch those when creating the page to prevent that. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-15Switch to CI's caching classFlorian Pritz1-3/+3
This supports more caching backends and doesn't force users to install the memcache extension. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-14Use python-ansi2html instead of cpan moduleFlorian Pritz1-14/+8
Way, way, way, way faster. Did I mention it is faster? Also we now have line numbers because we can. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-13Coding style fixesFlorian Pritz1-4/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-13remove caching code from historyFlorian Pritz1-61/+52
Simply enabling it again would cause breakage (json handling). Just get rid of it. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-12apikeys: allow any chars in commentFlorian Pritz1-3/+2
No real point in restricting those, just leads to people wanting to use special chars that don't work. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11Allow more chars in apikey commentFlorian Pritz1-2/+2
"fb-client user@host" will be used by fb-client so this should work... Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11Add API key supportFlorian Pritz2-5/+70
Signed-off-by: Florian Pritz <bluewind@xinu.at>