Mikael Nordfeldth
0a2c51510c
FormAction wants getInstructions to be protected
...
only showInstructions is public
2015-03-10 21:46:33 +01:00
Mikael Nordfeldth
1ea876296d
A bunch of FormAction and ManagedAction synchronization
2015-03-08 20:41:42 +01:00
Mikael Nordfeldth
d6423bbbc8
Sensitive-test _is_ done in index.php
2015-03-08 19:17:01 +01:00
Mikael Nordfeldth
8dafce34c3
LoginAction somewhat converted to FormAction
2013-10-30 12:23:10 +01:00
Evan Prodromou
642901f4ae
No such path 'index', so redirect to home timeline
2011-09-21 16:33:10 -04:00
Evan Prodromou
d594c83a5a
Merge commit 'refs/merge-requests/159' of git://gitorious.org/statusnet/mainline into merge-requests/159
2011-09-21 16:31:38 -04:00
Siebrand Mazeland
d906ee1bcb
Update translator documentation and L10n.
2011-05-05 12:47:26 +02:00
Evan Prodromou
90eb09624c
let users login with email address
2011-05-02 15:17:08 -07:00
Sam Nicholls
4bf5158d43
Modified actions/login.php to redirect logged in users who hit login/ to
...
the site index.
Removed the throwing of a clientError in favour of a common_redirect to
index to fix Issue 2990: "If logged in, just redirect to home page on
/login"
2011-04-08 12:06:55 +01:00
Evan Prodromou
9b4533058c
no profileblock on login actions
2011-03-16 10:05:07 -04:00
Evan Prodromou
a4b3edaf40
Login actions don't show the notice form
2011-03-09 10:11:59 -05:00
Siebrand Mazeland
b37e12ed34
* translator documntation updated
...
* superfluous whitespace remove
* minor L10n and i18n updates
2011-03-05 00:13:04 +01:00
Zach Copley
b7d0746694
Merge branch '0.9.x' into 1.0.x
...
Conflicts:
actions/confirmaddress.php
actions/emailsettings.php
actions/hostmeta.php
actions/imsettings.php
actions/login.php
actions/profilesettings.php
actions/showgroup.php
actions/smssettings.php
actions/urlsettings.php
actions/userauthorization.php
actions/userdesignsettings.php
classes/Memcached_DataObject.php
index.php
lib/accountsettingsaction.php
lib/action.php
lib/common.php
lib/connectsettingsaction.php
lib/designsettings.php
lib/personalgroupnav.php
lib/profileaction.php
lib/userprofile.php
plugins/ClientSideShorten/ClientSideShortenPlugin.php
plugins/Facebook/FBConnectSettings.php
plugins/Facebook/FacebookPlugin.php
plugins/NewMenu/NewMenuPlugin.php
plugins/NewMenu/newmenu.css
2011-02-28 15:39:43 -08:00
Siebrand Mazeland
a159352b65
* improve L10n consistency for English. For example proper punctuation for all button and label titles.
...
* fix some i18n bugs (in-message variables).
* update/add translator documentation.
* remove superfluous whitespace.
2011-02-17 00:40:47 +01:00
Craig Andrews
90c87553ee
Redirect to https when making an http request for a sensitive action
2010-10-20 20:26:35 -04:00
Craig Andrews
3dd734b2c3
Remove CSRF protection from username/password login and from OpenID login.
2010-09-07 13:45:52 -04:00
Brion Vibber
14a76926a2
Redirect non-SSL hits to login & register actions to SSL if 'always' or 'sometimes' SSL modes are kicked in.
...
The forms would already submit to SSL, but people are happier if they start on a secure page!
Note: this really should be done for sensitive/all URLs in index.php, but it seems a bit awkward to reconstruct the SSL version of the link atm. Cleanup todo!
2010-05-18 21:52:17 +00:00
Brion Vibber
e547a2f54c
Fix ticket #2289 : registration links were showing in top nav bar, login page message when site set to invite-only or closed registration, when the 'register' action can't be used.
2010-04-19 18:45:50 +02:00
Evan Prodromou
5ec25a9691
inject session before redirect for login
2010-01-11 08:40:22 +00:00
Evan Prodromou
54d532e12f
remove redirect to OTP on login from login, register
2010-01-10 22:58:33 -08:00
Evan Prodromou
8c6ec0b59e
fix check for ssl diff in login
2010-01-10 00:23:26 -08:00
Evan Prodromou
304f3b4f18
correctly check for ssl enabled
2010-01-10 00:18:17 -08:00
Evan Prodromou
ed5828f30e
Redirect to a one-time-password when ssl and regular server are different
2010-01-09 15:26:06 -08:00
Craig Andrews
b36ec6da87
Fixed incorrect disabling of login_token.
2009-12-10 13:22:46 -05:00
Craig Andrews
3b14b61fa7
Add a configuration option to disable the login command.
...
$config['logincommand']['disabled'] = true;
This commit should be reverted once the command has been sufficiently tested and trusted.
2009-12-05 21:05:33 -05:00
Craig Andrews
75cac0fd6b
Added 'login' command that gives you a link that can be used to login to the website
2009-12-05 21:05:33 -05:00
Evan Prodromou
224d82793c
Revert "Added 'login' command that gives you a link that can be used to login to the website"
...
This reverts commit b9d40f723b
.
Conflicts:
actions/login.php
classes/statusnet.ini
db/08to09.sql
db/08to09_pg.sql
db/statusnet_pg.sql
lib/command.php
lib/commandinterpreter.php
2009-11-20 02:50:43 -08:00
Eric Helgeson
26a86402cd
Use the $user object nickname, as login name doesnt have to == nickname anymore with plugins such as ldap/etc
2009-11-19 15:00:28 -05:00
Craig Andrews
745ea277d8
Should not canonicalize nickname before calling common_check_user
2009-11-18 16:09:58 -05:00
Craig Andrews
3bff3b2b32
Improve the not authorized error message
2009-11-18 14:44:39 -05:00
Brion Vibber
088081675f
Revert "Remove more contractions"
...
This reverts commit 5ab709b739
.
Missed this one yesterday...
2009-11-09 20:01:46 +01:00
Siebrand Mazeland
5ab709b739
Remove more contractions
...
* doesn't
* won't
* isn't
* don't
2009-11-08 23:32:15 +01:00
Craig Andrews
b9d40f723b
Added 'login' command that gives you a link that can be used to login to the website
2009-11-02 18:40:49 -05:00
Craig Andrews
d7ae0ed4fd
Merge remote branch 'laconica/0.8.x' into 0.9.x
...
Conflicts:
lib/omb.php
2009-09-09 22:52:38 -04:00
Sarven Capadisli
277b464054
Created autofocus method to give focus to an element (primarily a form
...
control) on page onload.
Updated some of the pages to use autofocus.
2009-09-03 19:42:50 +00:00
Evan Prodromou
5d09b6b3f0
Merge branch '0.8.x' into 0.9.x
...
Conflicts:
EVENTS.txt
actions/finishremotesubscribe.php
actions/postnotice.php
actions/public.php
actions/remotesubscribe.php
actions/showstream.php
actions/updateprofile.php
actions/userauthorization.php
classes/laconica.ini
lib/common.php
lib/oauthstore.php
lib/omb.php
2009-08-27 11:16:45 -07:00
Evan Prodromou
df86aa7214
define LACONICA and accept LACONICA for backwards compatibility
2009-08-26 10:41:36 -04:00
Evan Prodromou
865b716f09
change LACONICA to STATUSNET
2009-08-25 18:42:34 -04:00
Evan Prodromou
ae883ceb9b
change controlyourself.ca to status.net
2009-08-25 18:19:04 -04:00
Evan Prodromou
d35b2d3f3c
change laconi.ca to status.net
2009-08-25 18:16:46 -04:00
Evan Prodromou
c8b8f07af1
change Laconica and Control Yourself to StatusNet in PHP files
2009-08-25 18:12:20 -04:00
Evan Prodromou
bacef32aac
Revert "Added a configuration option to disable OpenID."
...
This reverts commit 7dc3a90d12
.
Conflicts:
actions/login.php
actions/register.php
lib/accountsettingsaction.php
lib/common.php
lib/logingroupnav.php
2009-08-21 16:38:39 -04:00
Evan Prodromou
9f356b55c6
Merge branch '0.9.x' into openidplugin
...
Conflicts:
actions/login.php
actions/register.php
2009-08-21 16:27:43 -04:00
Jeffery To
7dc3a90d12
Added a configuration option to disable OpenID.
...
If $config['openid']['enabled'] is set to false, OpenID is removed from
the navigation and direct accesses to OpenID login pages redirect to the
login page.
If OpenID is enabled, $config['site']['openidonly'] is ignored, i.e.
OpenID is required to go OpenID-only.
2009-08-13 22:18:06 +08:00
Jeffery To
14b46e2183
Added configuration option to only allow OpenID logins.
...
If $config['site']['openidonly'] is set to true:
* the Login/Register pages will be removed from the navigation;
* directly accesses to the Login/Register pages will redirect to the
OpenID login page;
* most links to the Login/Register pages will link to the OpenID login
page instead.
The user will still need to set a password to access the API and RSS
feeds.
2009-08-10 13:57:39 +08:00
Evan Prodromou
5dc1291b59
move openid instructions to OpenIDPlugin
2009-08-04 13:27:22 -04:00
Evan Prodromou
e9e75fc9d5
isReadOnly() now takes arguments
...
Add an array of arguments to isReadOnly() method of actions, to let
them change their results depending on what actions are called.
Primarily used by the 'api' action. Ideally in the future that will be
multiple actions. But this might still be useful.
2009-04-13 15:49:26 -04:00
Evan Prodromou
c172cbafaa
Try to do intelligent redirect codes
...
After fixing the redirect code output, there are a lot of weirdnesses
with e.g. form handling. Try to add explicit redirect codes where
needed -- principly when handling a POST.
2009-04-01 15:30:59 -04:00
Evan Prodromou
4aa9b95f51
use return value of common_check_user() in login.php
2009-02-20 16:58:19 -05:00
Evan Prodromou
7ea136ee1b
Merge branch '0.7.x' of git://gitorious.org/laconica/sgmurphy-clone into sgmurphy-clone/0.7.x
...
Conflicts:
actions/avatarsettings.php
2009-02-05 12:04:06 -05:00