Commit Graph

115 Commits

Author SHA1 Message Date
Mikael Nordfeldth
0a2c51510c FormAction wants getInstructions to be protected
only showInstructions is public
2015-03-10 21:46:33 +01:00
Mikael Nordfeldth
1ea876296d A bunch of FormAction and ManagedAction synchronization 2015-03-08 20:41:42 +01:00
Mikael Nordfeldth
d6423bbbc8 Sensitive-test _is_ done in index.php 2015-03-08 19:17:01 +01:00
Mikael Nordfeldth
8dafce34c3 LoginAction somewhat converted to FormAction 2013-10-30 12:23:10 +01:00
Evan Prodromou
642901f4ae No such path 'index', so redirect to home timeline 2011-09-21 16:33:10 -04:00
Evan Prodromou
d594c83a5a Merge commit 'refs/merge-requests/159' of git://gitorious.org/statusnet/mainline into merge-requests/159 2011-09-21 16:31:38 -04:00
Siebrand Mazeland
d906ee1bcb Update translator documentation and L10n. 2011-05-05 12:47:26 +02:00
Evan Prodromou
90eb09624c let users login with email address 2011-05-02 15:17:08 -07:00
Sam Nicholls
4bf5158d43 Modified actions/login.php to redirect logged in users who hit login/ to
the site index.

Removed the throwing of a clientError in favour of a common_redirect to
index to fix Issue 2990: "If logged in, just redirect to home page on
/login"
2011-04-08 12:06:55 +01:00
Evan Prodromou
9b4533058c no profileblock on login actions 2011-03-16 10:05:07 -04:00
Evan Prodromou
a4b3edaf40 Login actions don't show the notice form 2011-03-09 10:11:59 -05:00
Siebrand Mazeland
b37e12ed34 * translator documntation updated
* superfluous whitespace remove
* minor L10n and i18n updates
2011-03-05 00:13:04 +01:00
Zach Copley
b7d0746694 Merge branch '0.9.x' into 1.0.x
Conflicts:
	actions/confirmaddress.php
	actions/emailsettings.php
	actions/hostmeta.php
	actions/imsettings.php
	actions/login.php
	actions/profilesettings.php
	actions/showgroup.php
	actions/smssettings.php
	actions/urlsettings.php
	actions/userauthorization.php
	actions/userdesignsettings.php
	classes/Memcached_DataObject.php
	index.php
	lib/accountsettingsaction.php
	lib/action.php
	lib/common.php
	lib/connectsettingsaction.php
	lib/designsettings.php
	lib/personalgroupnav.php
	lib/profileaction.php
	lib/userprofile.php
	plugins/ClientSideShorten/ClientSideShortenPlugin.php
	plugins/Facebook/FBConnectSettings.php
	plugins/Facebook/FacebookPlugin.php
	plugins/NewMenu/NewMenuPlugin.php
	plugins/NewMenu/newmenu.css
2011-02-28 15:39:43 -08:00
Siebrand Mazeland
a159352b65 * improve L10n consistency for English. For example proper punctuation for all button and label titles.
* fix some i18n bugs (in-message variables).
* update/add translator documentation.
* remove superfluous whitespace.
2011-02-17 00:40:47 +01:00
Craig Andrews
90c87553ee Redirect to https when making an http request for a sensitive action 2010-10-20 20:26:35 -04:00
Craig Andrews
3dd734b2c3 Remove CSRF protection from username/password login and from OpenID login. 2010-09-07 13:45:52 -04:00
Brion Vibber
14a76926a2 Redirect non-SSL hits to login & register actions to SSL if 'always' or 'sometimes' SSL modes are kicked in.
The forms would already submit to SSL, but people are happier if they start on a secure page!

Note: this really should be done for sensitive/all URLs in index.php, but it seems a bit awkward to reconstruct the SSL version of the link atm. Cleanup todo!
2010-05-18 21:52:17 +00:00
Brion Vibber
e547a2f54c Fix ticket #2289: registration links were showing in top nav bar, login page message when site set to invite-only or closed registration, when the 'register' action can't be used. 2010-04-19 18:45:50 +02:00
Evan Prodromou
5ec25a9691 inject session before redirect for login 2010-01-11 08:40:22 +00:00
Evan Prodromou
54d532e12f remove redirect to OTP on login from login, register 2010-01-10 22:58:33 -08:00
Evan Prodromou
8c6ec0b59e fix check for ssl diff in login 2010-01-10 00:23:26 -08:00
Evan Prodromou
304f3b4f18 correctly check for ssl enabled 2010-01-10 00:18:17 -08:00
Evan Prodromou
ed5828f30e Redirect to a one-time-password when ssl and regular server are different 2010-01-09 15:26:06 -08:00
Craig Andrews
b36ec6da87 Fixed incorrect disabling of login_token. 2009-12-10 13:22:46 -05:00
Craig Andrews
3b14b61fa7 Add a configuration option to disable the login command.
$config['logincommand']['disabled'] = true;

This commit should be reverted once the command has been sufficiently tested and trusted.
2009-12-05 21:05:33 -05:00
Craig Andrews
75cac0fd6b Added 'login' command that gives you a link that can be used to login to the website 2009-12-05 21:05:33 -05:00
Evan Prodromou
224d82793c Revert "Added 'login' command that gives you a link that can be used to login to the website"
This reverts commit b9d40f723b.

Conflicts:

	actions/login.php
	classes/statusnet.ini
	db/08to09.sql
	db/08to09_pg.sql
	db/statusnet_pg.sql
	lib/command.php
	lib/commandinterpreter.php
2009-11-20 02:50:43 -08:00
Eric Helgeson
26a86402cd Use the $user object nickname, as login name doesnt have to == nickname anymore with plugins such as ldap/etc 2009-11-19 15:00:28 -05:00
Craig Andrews
745ea277d8 Should not canonicalize nickname before calling common_check_user 2009-11-18 16:09:58 -05:00
Craig Andrews
3bff3b2b32 Improve the not authorized error message 2009-11-18 14:44:39 -05:00
Brion Vibber
088081675f Revert "Remove more contractions"
This reverts commit 5ab709b739.

Missed this one yesterday...
2009-11-09 20:01:46 +01:00
Siebrand Mazeland
5ab709b739 Remove more contractions
* doesn't
* won't
* isn't
* don't
2009-11-08 23:32:15 +01:00
Craig Andrews
b9d40f723b Added 'login' command that gives you a link that can be used to login to the website 2009-11-02 18:40:49 -05:00
Craig Andrews
d7ae0ed4fd Merge remote branch 'laconica/0.8.x' into 0.9.x
Conflicts:
	lib/omb.php
2009-09-09 22:52:38 -04:00
Sarven Capadisli
277b464054 Created autofocus method to give focus to an element (primarily a form
control) on page onload.

Updated some of the pages to use autofocus.
2009-09-03 19:42:50 +00:00
Evan Prodromou
5d09b6b3f0 Merge branch '0.8.x' into 0.9.x
Conflicts:
	EVENTS.txt
	actions/finishremotesubscribe.php
	actions/postnotice.php
	actions/public.php
	actions/remotesubscribe.php
	actions/showstream.php
	actions/updateprofile.php
	actions/userauthorization.php
	classes/laconica.ini
	lib/common.php
	lib/oauthstore.php
	lib/omb.php
2009-08-27 11:16:45 -07:00
Evan Prodromou
df86aa7214 define LACONICA and accept LACONICA for backwards compatibility 2009-08-26 10:41:36 -04:00
Evan Prodromou
865b716f09 change LACONICA to STATUSNET 2009-08-25 18:42:34 -04:00
Evan Prodromou
ae883ceb9b change controlyourself.ca to status.net 2009-08-25 18:19:04 -04:00
Evan Prodromou
d35b2d3f3c change laconi.ca to status.net 2009-08-25 18:16:46 -04:00
Evan Prodromou
c8b8f07af1 change Laconica and Control Yourself to StatusNet in PHP files 2009-08-25 18:12:20 -04:00
Evan Prodromou
bacef32aac Revert "Added a configuration option to disable OpenID."
This reverts commit 7dc3a90d12.

Conflicts:

	actions/login.php
	actions/register.php
	lib/accountsettingsaction.php
	lib/common.php
	lib/logingroupnav.php
2009-08-21 16:38:39 -04:00
Evan Prodromou
9f356b55c6 Merge branch '0.9.x' into openidplugin
Conflicts:
	actions/login.php
	actions/register.php
2009-08-21 16:27:43 -04:00
Jeffery To
7dc3a90d12 Added a configuration option to disable OpenID.
If $config['openid']['enabled'] is set to false, OpenID is removed from
the navigation and direct accesses to OpenID login pages redirect to the
login page.

If OpenID is enabled, $config['site']['openidonly'] is ignored, i.e.
OpenID is required to go OpenID-only.
2009-08-13 22:18:06 +08:00
Jeffery To
14b46e2183 Added configuration option to only allow OpenID logins.
If $config['site']['openidonly'] is set to true:
* the Login/Register pages will be removed from the navigation;
* directly accesses to the Login/Register pages will redirect to the
  OpenID login page;
* most links to the Login/Register pages will link to the OpenID login
  page instead.

The user will still need to set a password to access the API and RSS
feeds.
2009-08-10 13:57:39 +08:00
Evan Prodromou
5dc1291b59 move openid instructions to OpenIDPlugin 2009-08-04 13:27:22 -04:00
Evan Prodromou
e9e75fc9d5 isReadOnly() now takes arguments
Add an array of arguments to isReadOnly() method of actions, to let
them change their results depending on what actions are called.
Primarily used by the 'api' action. Ideally in the future that will be
multiple actions. But this might still be useful.
2009-04-13 15:49:26 -04:00
Evan Prodromou
c172cbafaa Try to do intelligent redirect codes
After fixing the redirect code output, there are a lot of weirdnesses
with e.g. form handling. Try to add explicit redirect codes where
needed -- principly when handling a POST.
2009-04-01 15:30:59 -04:00
Evan Prodromou
4aa9b95f51 use return value of common_check_user() in login.php 2009-02-20 16:58:19 -05:00
Evan Prodromou
7ea136ee1b Merge branch '0.7.x' of git://gitorious.org/laconica/sgmurphy-clone into sgmurphy-clone/0.7.x
Conflicts:

	actions/avatarsettings.php
2009-02-05 12:04:06 -05:00