aboutsummaryrefslogtreecommitdiffstats
path: root/comments.php (unfollow)
Commit message (Collapse)AuthorFilesLines
2011-06-07bug:2328 wrong variable givenmistic1001-1/+1
git-svn-id: http://piwigo.org/svn/trunk@11261 68402e56-0260-453c-a942-63ccdbb3a9ee
2011-06-04transmit comment ID to template on comments and picture_commentmistic1001-0/+1
git-svn-id: http://piwigo.org/svn/trunk@11236 68402e56-0260-453c-a942-63ccdbb3a9ee
2011-05-09restore HOME links, change parameter name for remove menu on certain pagemistic1001-1/+1
git-svn-id: http://piwigo.org/svn/trunk@10824 68402e56-0260-453c-a942-63ccdbb3a9ee
2011-05-07merge spread_menus to the coremistic1001-0/+8
git-svn-id: http://piwigo.org/svn/trunk@10812 68402e56-0260-453c-a942-63ccdbb3a9ee
2011-03-14bug:2221flop251-1/+1
git-svn-id: http://piwigo.org/svn/trunk@9679 68402e56-0260-453c-a942-63ccdbb3a9ee
2011-01-18Happy new year 2011plegall1-2/+2
Change "Piwigo - a PHP based picture gallery" into "Piwigo - a PHP based photo gallery" git-svn-id: http://piwigo.org/svn/trunk@8728 68402e56-0260-453c-a942-63ccdbb3a9ee
2011-01-16feature 2102 : rename item/image/picture to photo (public side)rvelices1-1/+1
git-svn-id: http://piwigo.org/svn/trunk@8711 68402e56-0260-453c-a942-63ccdbb3a9ee
2010-10-30feature 1915: add protection on user registration against robots rvelices1-1/+1
git-svn-id: http://piwigo.org/svn/trunk@7495 68402e56-0260-453c-a942-63ccdbb3a9ee
2010-10-29merge r7487 from branch 2.1 to trunkplegall1-1/+7
bug 1973 fixed: aboid SQL syntax error if the category id given in the URL is unknown. git-svn-id: http://piwigo.org/svn/trunk@7488 68402e56-0260-453c-a942-63ccdbb3a9ee
2010-09-13merge r6909 from branch 2.1 to trunkplegall1-0/+2
bug 1850 fixed: strong check of $_GET['cat'] git-svn-id: http://piwigo.org/svn/trunk@6910 68402e56-0260-453c-a942-63ccdbb3a9ee
2010-06-24Bug 1735 fixed : amend commit 6596nikrou1-1/+10
Need to add permissions filter to retrieve categories git-svn-id: http://piwigo.org/svn/trunk@6601 68402e56-0260-453c-a942-63ccdbb3a9ee
2010-06-24Bug 1735 fixed : Comment page is not PostgreSQL compatiblenikrou1-16/+23
Fixed by adding all fields except category_id in group by clause category_id is retrieved later in an another query. Fixed also problem of FROM_UNIXTIME function not POstgreSQL compatible. git-svn-id: http://piwigo.org/svn/trunk@6596 68402e56-0260-453c-a942-63ccdbb3a9ee
2010-03-20fix bug (a comment could be displayed several times in the comments liat)rvelices1-15/+14
git-svn-id: http://piwigo.org/svn/trunk@5199 68402e56-0260-453c-a942-63ccdbb3a9ee
2010-03-19increase copyright year to 2010plegall1-1/+1
git-svn-id: http://piwigo.org/svn/trunk@5196 68402e56-0260-453c-a942-63ccdbb3a9ee
2010-03-19bug 1328: backport the pwg_token on trunkplegall1-62/+134
bug 1329: backport the check_input_parameter on trunk feature 1026: add pwg_token feature for edit/delete comment. Heavy refactoring on this feature to make the code simpler and easier to maintain (I hope). git-svn-id: http://piwigo.org/svn/trunk@5195 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-11-29Feature_1255 :nikrou1-1/+2
- single quotes in queries - start using $conf['dblayer'] git-svn-id: http://piwigo.org/svn/trunk@4385 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-11-25Feature 1255: modification in sql queriesnikrou1-4/+4
- manage random function - manage regex syntax - manage quote (single instead of double) - manage interval git-svn-id: http://piwigo.org/svn/trunk@4367 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-11-21Feature 1255 : limit params in sql queries were in wrong order (LIMIT count ↵nikrou1-1/+1
OFFSET offset) git-svn-id: http://piwigo.org/svn/trunk@4334 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-11-21Feature 1255 : improve sqlnikrou1-1/+1
Replace in queries LIMIT N,M by LIMIT N OFFSET M git-svn-id: http://piwigo.org/svn/trunk@4331 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-11-20Feature 1244 resolvednikrou1-3/+3
Replace all mysql functions in core code by ones independant of database engine Fix small php code synxtax : hash must be accessed with [ ] and not { }. git-svn-id: http://piwigo.org/svn/trunk@4325 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-11-04bug 1220 : fix regression in display when search by author or by keyword ↵nikrou1-2/+2
contains quote. git-svn-id: http://piwigo.org/svn/trunk@4182 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-10-28bug 1220 : fix XSS vulnerability.nikrou1-6/+17
filter on since parameter (is_numeric) use only htmlspecialchars to filter vars to display revert rev:3600 add left join on users table Todo : use only left join on users table when a search by author is made git-svn-id: http://piwigo.org/svn/trunk@4139 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-07-16- fix php warning from comment_list.tplrvelices1-20/+2
- author name is saved always in #comments (even for registered users) so that - sql queries are simpler on the comments page (one less table in a big join) - when a user is deleted, we can keep the username in the #comments (there might be still a bug that author_id is not updated when a user is deleted) git-svn-id: http://piwigo.org/svn/trunk@3600 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-07-04merge r3519 from branch 2.0 to trunkvdigital1-0/+4
Minor: prevent for non numeric values (except all) git-svn-id: http://piwigo.org/svn/trunk@3520 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-07-01- remove unnecessary addslashes in comments.cpprvelices1-14/+14
- in template use modifier |@default instead of |default (generated code is faster because we indicate that the input is scalar and not an array) git-svn-id: http://piwigo.org/svn/trunk@3487 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-06-24Fix two problem with Feature 1026 :nikrou1-4/+4
use of $conf['user_fields']['username'] and $conf['user_fields']['id'] instead of username and id escape comment content before editing it. git-svn-id: http://piwigo.org/svn/trunk@3452 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-06-23Feature 1026 step 2 :nikrou1-8/+23
add author_id column so that guest cannot modify old users comments git-svn-id: http://piwigo.org/svn/trunk@3450 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-06-23Feature 1026 : Modify / delete comments for usersnikrou1-17/+52
+ update config table content + minor modification of Sylvia theme + need refactoring git-svn-id: http://piwigo.org/svn/trunk@3445 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-06-10remove duplicate retrieved fieldnikrou1-1/+0
git-svn-id: http://piwigo.org/svn/trunk@3405 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-03-05Create navigation_bar.tpl file.patdenice1-1/+1
Move create_navigation_bar function from functions_html.inc.php to functions.inc.php. git-svn-id: http://piwigo.org/svn/trunk@3172 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-02-04- removed second parameter $type from function format_datervelices1-1/+1
git-svn-id: http://piwigo.org/svn/trunk@3122 68402e56-0260-453c-a942-63ccdbb3a9ee
2009-01-04Administration: happy new year 2009, all PHP headers updated. plegall1-1/+1
git-svn-id: http://piwigo.org/svn/trunk@3049 68402e56-0260-453c-a942-63ccdbb3a9ee
2008-10-16merge 2755 and 2756 from branch 2.0 to trunkrvelices1-2/+2
- 2755 fix vulnerability http://www.milw0rm.com/exploits/6755 - 2756 security paranoia: protect session/remember me cookies from XSS attacks (works only if php>=5.2 and with IE/FF maybe others) git-svn-id: http://piwigo.org/svn/trunk@2757 68402e56-0260-453c-a942-63ccdbb3a9ee
2008-04-05Bug fixed: as rvelices notified me by email, my header replacement script wasplegall1-24/+0
bugged (r2297 was repeating new and old header). By the way, I've also removed the replacement keywords. We were using them because it was a common usage with CVS but it is advised not to use them with Subversion. Personnaly, it is a problem when I search differences between 2 Piwigo installations outside Subversion. git-svn-id: http://piwigo.org/svn/trunk@2299 68402e56-0260-453c-a942-63ccdbb3a9ee
2008-04-04Modification: new header on PHP files, PhpWebGallery renamed Piwigo.plegall1-0/+21
git-svn-id: http://piwigo.org/svn/trunk@2297 68402e56-0260-453c-a942-63ccdbb3a9ee
2008-03-08- security fix (profile)rvelices1-1/+1
- les langues a la hache - fix some copy/paste errors git-svn-id: http://piwigo.org/svn/trunk@2268 68402e56-0260-453c-a942-63ccdbb3a9ee
2008-02-28- migrate many templates to smartyrvelices1-81/+32
git-svn-id: http://piwigo.org/svn/trunk@2223 68402e56-0260-453c-a942-63ccdbb3a9ee
2007-10-11- changed htmlentities to htmlspecialchars in comments.php (utf-8 issue)rvelices1-2/+2
- web service explorer in utf-8 - removed warning in function load_language - feature: show_queries also shows number of selected rows or number of affected rows git-svn-id: http://piwigo.org/svn/trunk@2134 68402e56-0260-453c-a942-63ccdbb3a9ee
2007-09-27- admin, comments and tags pages include page_header later in the code (as ↵rvelices1-4/+2
in picture and index) allowing plugins to change the header until the very end - fix in admin.php : picture_modify requires cache invalidation - fix in site_update.php : some echo func calls changed to $template->output .= ... - upgraded prototype.js to latest version 1.5.1.1 git-svn-id: http://piwigo.org/svn/trunk@2107 68402e56-0260-453c-a942-63ccdbb3a9ee
2007-06-07Resolved issue 0000702: Code Injection with picture commentrub1-1/+1
git-svn-id: http://piwigo.org/svn/trunk@2030 68402e56-0260-453c-a942-63ccdbb3a9ee
2007-05-15keyword search was not working comments.phprvelices1-1/+1
git-svn-id: http://piwigo.org/svn/trunk@2012 68402e56-0260-453c-a942-63ccdbb3a9ee
2007-02-28feature 657: permalinks for categoriesrvelices1-7/+2
git-svn-id: http://piwigo.org/svn/trunk@1866 68402e56-0260-453c-a942-63ccdbb3a9ee
2007-02-27- refactoring page['category'] before 1.7 releaservelices1-3/+2
page['category'] is not an id anymore, but an associative array of category info all of page['cat_xxx'] or page['uppercats'] merged into one simplifies calls to make_index_url give plugins a clean start for page variables for version 1.7 git-svn-id: http://piwigo.org/svn/trunk@1861 68402e56-0260-453c-a942-63ccdbb3a9ee
2007-02-22- user comments are not saved in the database with htmlspecialchars anymorervelices1-4/+0
- web service: added the possibility to enter a user comment using the service... - new comment functions from picture_comment.inc.php git-svn-id: http://piwigo.org/svn/trunk@1849 68402e56-0260-453c-a942-63ccdbb3a9ee
2007-02-14- thumbnails creation for all local sites (not only site id 1)rvelices1-1/+1
- urls for images in notification (rss & mail) is now correct - removed "Recent pictures" from title in when the flat view is in effect - removed unnecessary class="" from comments.tpl - english language correction - removed unused web service files - set rating star button left & right margin to 0 (javascript) - admin menu - put site manager and synchronize together git-svn-id: http://piwigo.org/svn/trunk@1814 68402e56-0260-453c-a942-63ccdbb3a9ee
2007-01-11plugins improvements: allow plugins to fail the installation/activationrvelices1-63/+31
comments.php improvements: - no more double sql escaping on author & keyword (once in common.inc.php and once in comments.php) - now can search comment content on all special char ( ', ", <, >, & ) - author & keyword are correctly redisplayed in browser when they are MySql escaped git-svn-id: http://piwigo.org/svn/trunk@1716 68402e56-0260-453c-a942-63ccdbb3a9ee
2007-01-03Fixed: HTML vulnerability (Cross Site Scripting)rub1-2/+2
git-svn-id: http://piwigo.org/svn/trunk@1696 68402e56-0260-453c-a942-63ccdbb3a9ee
2006-12-21Feature Issue ID 0000601: Filter all public pages with only recent elementsrub1-21/+32
It's a finalized version. Obsolete code of draft are removed. You can filter categories and images with recent date period on your screen selection. In the future, filter could be easy done on other type data (plugin?) You can flat categories and sub-categories with a recent date period of your choice. Next, perhaps, a panel to choice recent date for the 2 features. On draft, there have problem with MySql 5, be careful! Css problem not resolved: - Menu "Categories" is bad centered - Icon on dark too on the top git-svn-id: http://piwigo.org/svn/trunk@1677 68402e56-0260-453c-a942-63ccdbb3a9ee
2006-12-10Undo 597: Unvalidated commentsvdigital1-9/+0
git-svn-id: http://piwigo.org/svn/trunk@1647 68402e56-0260-453c-a942-63ccdbb3a9ee
2006-12-090000597: Unvalidated comments are displayed on public sidevdigital1-0/+9
Just add a comment filter to avoid showing unvalidated comment to non admin people. git-svn-id: http://piwigo.org/svn/trunk@1646 68402e56-0260-453c-a942-63ccdbb3a9ee