cpradio
ef440a4381
Escape the hyphen
2016-09-19 08:54:21 +08:00
cpradio
69691fa7a6
FIX: Backup validation wasn't escaping hyphens
...
Conflicts:
spec/controllers/admin/backups_controller_spec.rb
2016-09-19 08:53:54 +08:00
Guo Xiang Tan
82fe884a7f
SECURITY: Add filename validation for backup uploads.
2016-09-16 12:50:59 +08:00
Robin Ward
429f27ec96
SECURITY: Avoid mass assignment on user create
2016-08-05 11:57:13 -04:00
Neil Lalonde
5f67cd7b45
FIX: tag input detects when a tag is not allowed and won't offer to create it anyway
2016-08-03 13:18:56 -04:00
Guo Xiang Tan
bf683178a8
FIX: Remove tag plugin code from tag hashtag check.
2016-08-02 10:59:12 +08:00
Régis Hanol
681f566a66
FIX: staff members should be able to see raw email of deleted posts
2016-08-01 23:55:22 +02:00
Neil Lalonde
1f12e41029
FIX: query for tag with no sub-categories
2016-07-28 16:59:00 -04:00
Neil Lalonde
82e170d6a6
FIX: 404 when filtering by category, no sub-category, and a tag
2016-07-28 16:19:03 -04:00
Neil Lalonde
77847f0d46
FIX: meta description tags for tags
2016-07-28 11:49:23 -04:00
Robin Ward
2f8ab8cd30
SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions
2016-07-28 11:38:12 -04:00
Guo Xiang Tan
36ddb1787e
FEATURE: Add toggle topic visibility button in popup menu.
2016-07-28 16:57:04 +08:00
Sam
c6dbaca0dc
SECURITY: disable user entered badge SQL by default
...
- Hidden site settings now must be change via rails console
2016-07-28 09:03:00 +10:00
Sam
cb3afd11b4
SECURITY: limit route access when using external avatars
2016-07-28 09:00:43 +10:00
Régis Hanol
6dac9075dc
new 'convert_pasted_images_quality' site setting
2016-07-27 19:59:44 +02:00
Régis Hanol
be099bb637
only convert pasted images to HQ jpg when it's at least 5% smaller
2016-07-27 19:55:13 +02:00
Andre Pereira
8cbd585e20
FEATURE: Allow staff users to merge posts.
2016-07-27 12:04:14 +08:00
Neil Lalonde
3c0df3510a
FIX: tags index should show all tags belonging to a category even if they have never been used
2016-07-26 16:04:11 -04:00
Régis Hanol
749b981759
FEATURE: new 'convert_pasted_images_to_hq_jpg' site setting
2016-07-25 23:01:28 +02:00
Neil Lalonde
ece4fa82c9
FIX: add canonical link to tags topic lists
2016-07-25 16:16:19 -04:00
Neil Lalonde
11b3b5e30a
FIX: when topic list is filtered by tag and category, subsequent page fetches would ignore the category filter
2016-07-25 16:16:18 -04:00
Régis Hanol
d2e22ab215
extract bounce scores into site settings
2016-07-25 17:27:28 +02:00
Sam
df535c6346
FEATURE: refresh session cookie at most once an hour
...
This feature ensures session cookie lifespan is extended
when user is online.
Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
Neil Lalonde
7c092b0fe0
FEATURE: add filter to show topics that have not been tagged
2016-07-20 16:21:51 -04:00
Neil Lalonde
a74606c87c
PERF: tag groups index query
2016-07-15 17:16:26 -04:00
Régis Hanol
7b6d946613
FIX: searching received emails for TO was broken
2016-07-13 22:43:25 +02:00
Guo Xiang Tan
5fed886c8f
FIX: Update post replies when we move posts. ( #4324 )
2016-07-13 17:34:21 +02:00
Sam
4161ee210a
FEATURE: improved tag and category watching and tracking
...
- present tags watched on the user prefs page
- automatically watch or unwatch old topics based on watch status
New watching and tracking logic takes care of handling old topics
(either with or without read state)
When you watch a topic you now watch historically
Also removes confusing warnings from user.
2016-07-08 12:58:30 +10:00
Robin Ward
1eb64151f6
User interface for watching first post
2016-07-07 11:21:50 -04:00
Régis Hanol
c104e4c022
allow avatars up to 1000px
2016-07-05 18:49:33 +02:00
Guo Xiang Tan
f256e3afb6
Merge pull request #4297 from tgxworld/handle_user_enabled_readonly_mode
...
Handle user enabled readonly mode
2016-07-05 19:54:32 +08:00
Guo Xiang Tan
22ade1f811
FEATURE: Add event trigger when a user is logged out.
2016-07-04 17:20:30 +08:00
Sam
0c6d8e155c
Merge pull request #4300 from NuckChorris/patch-2
...
Log RecordInvalid when verbose_sso_logging enabled
2016-07-01 14:12:06 +10:00
Guo Xiang Tan
904d9735ab
Refactor desktop notifications to be more modular.
2016-07-01 00:11:32 +08:00
Peter Lejeck
e265b7b090
Log RecordInvalid when verbose_sso_logging enabled
2016-06-29 22:12:25 -07:00
Neil Lalonde
99e88ce39f
FIX: n+1 query when fetching tag groups
2016-06-29 18:41:22 -04:00
Guo Xiang Tan
64858c10fe
FIX: Set a not expiring key for user enabled readonly mode.
2016-06-29 15:10:01 +08:00
Guo Xiang Tan
20359788dc
Rename SiteSetting#use_https
to force_https
.
2016-06-29 15:02:43 +08:00
Guo Xiang Tan
e221414935
PERF: Remove N+1 queries on user messages page.
2016-06-29 09:30:54 +08:00
Sam
1411eedad3
FEATURE: offer to unwatch categories when unwatching category
2016-06-28 18:34:20 +10:00
Robin Ward
ccf9b70671
When restoring a backup, disable emails.
...
This prevents accidental sending of emails after a restore before
the admin has had a chance to review everything.
2016-06-24 17:15:15 -04:00
Arpit Jalan
3232ce8265
FIX: better error message when trying to approve post for closed/deleted topic
2016-06-24 15:11:45 +05:30
Régis Hanol
5bfc9cf69e
Allow API to create staged users
2016-06-23 12:27:05 +02:00
Régis Hanol
2ecd0da59f
REFACTOR: use same code path for handling emails via API and POP
2016-06-22 15:50:49 +02:00
Sam
2d425892c4
FIX: update list of invited users after inviting
2016-06-21 16:01:29 +10:00
Régis Hanol
7fca6f502f
fix and improve image downsizing algorithm
2016-06-20 12:35:07 +02:00
Sam
8866169879
FEATURE: can invite/revoke groups on private messages
2016-06-20 16:29:27 +10:00
Sam
7edf7b590f
SECURITY: restrict constantize classes in search controller
2016-06-17 13:47:34 +10:00
Sam
dd1a184955
Correct mailing list mode unsubscribe
2016-06-17 11:57:23 +10:00
Sam
852860de66
FEATURE: simpler and friendlier unsubscribe workflow
...
- All unsubscribes go to the exact same page
- You may unsubscribe from watching a category on that page
- You no longer need to be logged in to unsubscribe from a topic
- Simplified footer on emails
2016-06-17 11:28:49 +10:00