| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Stateless clients (cli client and clients using api keys) can't reclaim
IDs (no cookie) so they should be required to log in asap and they will
always get an error if they didn't log in.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This reduces the amount of db queries and cookies we create since each
update triggers an db update and (which is a bug) sets a new cookie.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This saves us 2 to 4 (useless) db queries per page.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Otherwise we get an error in the Security class trying to access
$_SERVER["REQUEST_METHOD"].
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
We expect the controller to take care of that, no need to double check.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
The thumbnail function generates an invalid image (HTML error message)
if the ID is invalid resulting in empty images. Catch those when
creating the page to prevent that.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This supports more caching backends and doesn't force users to install
the memcache extension.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Way, way, way, way faster. Did I mention it is faster?
Also we now have line numbers because we can.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Simply enabling it again would cause breakage (json handling). Just get
rid of it.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
No real point in restricting those, just leads to people wanting to use
special chars that don't work.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
"fb-client user@host" will be used by fb-client so this should work...
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
We don't need it and getting the user name from the user drivers is way
more complicated.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Newest first to match the normal history's default.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
$this->output->parse_exec_vars is a protected variable so we can't
access it like the documentation suggests (yes this is a bug that
should be reported...), but even if it worked I'm not confident the
output class should be trusted with arbitrary input. Upstream might at
some point add another "feature" so this is the safe way to go.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Got lost in 2a6a1c63cb21015009fe4fd13f62cdac64e1fe36
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Before it seemed a bit too prominent on pages with short content.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
cron code already handled this correctly, valid() didn't.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Having it there makes adding your own header via
data/local/header.inc.php easier.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Only login when necessary.
This also makes test_login() work properly (before the automatic login
would have intercepted the failure and in case of a good login
test_login() would test the credentials a second time.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
