summaryrefslogtreecommitdiff
path: root/inc/actions.php
Commit message (Collapse)AuthorAge
* Remove references to (un)?subscribens.Adrian Lang2011-10-30
|
* bind security token to usernameAndreas Gohr2011-10-15
| | | | | | | This makes the security token more robust agains session fixation attacks. A CSRF warning will no longer abort a page save but lead to the preview mode to avoid information loss when a user logs in during editing (eg in another tab).
* fullscreen media managerKate Arzamastseva2011-06-09
|
* Check permissions + security token in lock + draft modification FS#2265Michael Hamann2011-05-24
| | | | | | | This disables lock and draft creation for pages the user can't edit. It additionally adds a security token to the draft creation and deletion request so - at least for logged in users - drafts can't be created, modified or deleted so easily anymore.
* execute edit action when draft was specified but no draft exists FS#2240Andreas Gohr2011-05-02
|
* check manager/admin role earlier for admin plugins FS#2180Andreas Gohr2011-03-04
|
* deleted redundant lineAnika Henke2011-02-22
|
* Change sitemap filename to sitemap.xml(.gz). Closes FS#2127Guillaume Turri2011-01-03
|
* Delete superfluous assignment created by the last commitMichael Hamann2010-12-13
|
* Copy changes from ajax_lock to act_draftsaveMichael Hamann2010-12-12
|
* Remove enc=utf-8 in VIM modeline as it is not allowed in VIM 7.3Michael Hamann2010-11-29
| | | | | | As of VIM 7.3 it is no longer possible to specify the encoding in the modeline. This gives an error message whenever such a file is opened, thus this commit removes the enc setting from the modeline.
* Send 403 header for permission denied screens when send404 is enabledRobin Getz2010-11-20
|
* Handle do=check before ACL checkingRobin Getz2010-11-20
|
* Merge remote branch 'origin/master' into sitemapMichael Hamann2010-10-10
|\
| * Add back globals for templatesAdrian Lang2010-09-29
| |
| * Small fixes / cleanupAdrian Lang2010-09-28
| |
* | Action handler for sitemaps improvedMichael Hamann2010-09-22
| | | | | | | | | | The action handler for the sitemap now makes use of the sitemapper methods for determining the filename and uses http conditional requests.
* | Transformed the sitemapper into a classMichael Hamann2010-09-22
| | | | | | | | This makes it possible to autoload the sitemapper when needed.
* | Sitemap rewriteMichael Hamann2010-09-22
|/
* make use of tpl_get_action in tpl_actiondropdown FS#2005Andreas Gohr2010-08-27
|
* do not require special permissions to look at index FS#1720Andreas Gohr2010-06-27
|
* check for user in act_subscription FS#1935Andreas Gohr2010-06-26
|
* msgs are saved in send_redirect now, less code duplication neededAndreas Gohr2010-06-13
|
* Let actionOK detect auth backend capabilitiesAdrian Lang2010-05-17
|
* Call act_edit for locked pagesAdrian Lang2010-03-29
| | | | | | 50e988b accidentally stopped act_dispatch from calling act_edit for locked pages, thus showing a generic »page not writable« message instead of a page lock message.
* Merge branch 'requireall'Andreas Gohr2010-03-12
|\ | | | | | | | | Conflicts: inc/fulltext.php
| * removed more unneeded require_once() callsAndreas Gohr2010-02-01
| |
| * first attempt to centralize all include loadingAndreas Gohr2010-01-31
| | | | | | | | | | | | | | | | Classes are loaded throug PHP5's class autoloader, all other includes are just loaded by default. This skips a lot of require_once calls. Parser and Plugin stuff isn't handled by the class loader yet.
* | Move & rename HTML_PAGE_FROMTEMPLATE to common.phpAdrian Lang2010-03-10
| | | | | | | | | | The new COMMON_PAGE_FROMTEMPLATE is triggered by pageTemplate AFTER the template has been read but before performing the template replacements.
* | Correct edit conflict detectionAdrian Lang2010-03-10
| | | | | | | | | | Edit conflicts occur when a page has been edited since starting the current edit. In order to detect them, the date of the newest revision is saved.
* | Remove wordblock action, issue a msg insteadAdrian Lang2010-03-09
| |
* | Move data preprocessing out of html_editAdrian Lang2010-03-09
| |
* | Add security token to subscription manage pageAdrian Lang2010-02-09
|/
* nicer subscription stylesAndreas Gohr2010-01-20
| | | | | | Ignore-this: e1b3b815b5ebb0da320bff997c4fed4b darcs-hash:20091130130311-6e07b-03ccfc52abb3dcc0764eed5784d81f8416841328.gz
* Add redirect after successful subscriptionAdrian Lang2010-01-20
| | | | darcs-hash:20091130093642-e4919-318eed562f0e7777d342dfbe4c8fc352eee58ddf.gz
* Fix subscription data validation bug (pass by ref)Adrian Lang2010-01-20
| | | | darcs-hash:20091127143223-e4919-023dd4bfab074c1206580649a2927958c28f38f5.gz
* Some language changes in subscription managementAndreas Gohr2010-01-20
| | | | | | | | Ignore-this: 9d6c368419814c7b8cb94f778377ede7 A few language strings were dropped, others updated or added darcs-hash:20091123151813-6e07b-4d01fe03fa2c3bd5944bc05abdd05a24fb79c186.gz
* Add events to subscription.Adrian Lang2010-01-20
|
* New mail subscription with digestAdrian Lang2010-01-20
|
* some more coding standard compliance updatesAndreas Gohr2010-01-15
|
* Emit less E_NOTICEs and E_STRICTsAdrian Lang2009-11-04
| | | | | | | | | | | | | Changes of behaviour are: * Allow the user name, title & description \e2\80\9c0\e2\80\9d * Default to Port 443 if using HTTPS * Set $INFO['isadmin'] and $INFO['ismanager'] to \e2\80\9cfalse\e2\80\9d even if no user is logged in * Do not pass empty fragment field in the event data for event ACTION_SHOW_REDIRECT * Handle chunked encoding in HTTPClient darcs-hash:20091104100115-e4919-5cf6397d4a457e3f98a8ca49fbdab03f2147721d.gz
* Send export_raw as attachement to avoid IE's content sniffing [security]Andreas Gohr2009-09-29
| | | | | | | | | | Ignore-this: 9b6ef0179df729d4bc41c2d746965134 With MSIE's content-sniffing [1], the export_raw mode could be used for XSS attacks against MSIE users. Sending the export as a download circumvents that. [1] http://www.splitbrain.org/blog/2007-02/12-internet_explorer_facilitates_cross_site_scripting darcs-hash:20090929182832-7ad00-085deb3fa8cc939b55cd293a8f4780b4b170d2e6.gz
* One click revert for managersAndreas Gohr2009-09-11
| | | | | | | | | Ignore-this: e3c9b5f941b2f1aa83ca375861203a2f This patch adds another button for users with the $conf['manager'] role when viewing an old revision. It allows them to revert to this revision with a single click. darcs-hash:20090911081833-7ad00-5a64feb7e3e1b37178295c290a6c97c3923e82e3.gz
* Fixed header support for renderer plugins when run the first time FS#1608Andreas Gohr2009-02-14
| | | | | | Ignore-this: 23dc9e7eda7fd430071d6de62c218842 darcs-hash:20090214114700-7ad00-67030b0174425844e54866612d5cd25a3af5bcf6.gz
* Work around IIS bug for redirects FS#1576Andreas Gohr2009-01-27
| | | | | | | | | | | | | Ignore-this: 37b33f575e4c0b31e4af93185bf74f0f When IIS is running PHP in CGI mode it will not send cookie headers on 302 redirections. This is a known bug (KB176113). This patch will detect affected servers. Instead of a 302 redirect a Refresh: header is issued. This is supported by all known browsers should have the same effect as a real redirect. darcs-hash:20090127204506-7ad00-ce474f3b0db003e86e09d5e9a9bd7c96887ac01c.gz
* fixed PHP4 incompatibility in sectionID() FS#1553Andreas Gohr2008-12-26
| | | | darcs-hash:20081226161244-7ad00-8c843ea6a06a0d36fc322d109497239ab6ea229c.gz
* removed some illogical path setupsAndreas Gohr2008-12-13
| | | | darcs-hash:20081213090400-7ad00-4e21cd75978bb07513f32f5d750658e8d777c59e.gz
* Better creation of section IDs FS#1536Andreas Gohr2008-12-01
| | | | | | | | This patch enhances the creation of section IDs for number only headlines. It also moves section ID creation to a function in pageutils.php removing some duplicate functionality in inc/action.php darcs-hash:20081201215539-7ad00-48f3c153a2c126d9fb06aa90e4f1b857f76ebec7.gz
* yfixed typo that caused screwed up charset in export_rawAnika Henke2008-11-21
| | | | darcs-hash:20081121203311-f7d6d-5cf707afd1c1c4a0d0efc664855cda65233163a2.gz
* show update profile dialog only when logged inMichael Klier2008-11-17
| | | | darcs-hash:20081117154409-23886-d0ad833c6bcf96bcc54f6998397de90ff07b7686.gz
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-16 11:22:58 +0000