Commit Graph

309 Commits

Author SHA1 Message Date
Hannah Wolfe
f12a3cecf7 Fixing URL-based image uploads on settings screen 2013-10-17 21:54:51 +01:00
Hannah Wolfe
5916844835 Fixes for content screen
fixes #1125

- fixes an error in the console when there are no posts
- resolves the issue whereby content disappears after scroll
2013-10-17 21:06:01 +01:00
Hannah Wolfe
d9c9ca0e33 Merge pull request #4 from sebgie/sec/3
Sec/3
2013-10-17 10:49:40 -07:00
Sebastian Gierlinger
90176e1f40 Security improvements
no issue
- added CSRF protection
- changed session handling to express.session
- changed session handling to change session id
- added config property useCookieSession
- added file extension check for /ghost/upload
- removed /ghost/debug/db/reset
2013-10-17 15:28:28 +02:00
John O'Nolan
1bd8002858 Fixed further firefox display bugs
See #1090

Conflicts:
	core/client/tpl/settings/user-profile.hbs
2013-10-17 14:10:49 +01:00
John O'Nolan
c6d805cd28 Merge pull request #1090 from bnchdrff/user-image-ff-fix
fixes firefox user image disappearance
2013-10-17 14:04:34 +01:00
cobbspur
c52a10cd1a fixed image upload url synchronicity and url removed on cancel
closes #988, closes #956, closes #975

- fixed multiple ids and refactored triggers
- persistence requirement overridden
- trash can now removes url in editor
- if empty url is saved http:// is inserted and dropzone initialized

Conflicts:
	core/client/assets/lib/uploader.js
2013-10-11 18:15:17 +01:00
Hannah Wolfe
95f9fce3be Swapping escape to sanitze
issue #938

- rather than using escape, use node-validatiors santize function which is designed for preventing xss vectors
- added listener for changes to both editor and settings page
- added more sanitization to the user model
- consistently use triple-braces when outputting blog post titles
2013-10-09 19:13:16 +01:00
Hannah Wolfe
6bd62538af Merge branch '0.3.1-wip'
Conflicts:
	core/server/controllers/admin.js
2013-09-27 17:22:55 +01:00
Hannah Wolfe
d841e749f9 Adding extra class for url uploads 2013-09-27 13:34:39 +01:00
John O'Nolan
9df4955bcb Fix tiny alignment issue on Ghost logo 2013-09-27 11:23:24 +02:00
John O'Nolan
8ce4d4b7c5 Fixed fucked up modal padding 2013-09-27 11:21:23 +02:00
Hannah Wolfe
18ca744c98 Merge pull request #913 from ErisDS/0.3.1-html-handling
Treat markdown as text in editor
2013-09-26 14:53:37 -07:00
Hannah Wolfe
0ef99ad393 Merge pull request #912 from cobbspur/saveposition
fixes position of save button in image uploader
2013-09-26 13:26:01 -07:00
Hannah Wolfe
fc881229f4 Treat markdown as text in editor
closes #857

- markdown is inserted into codemirror with .text() not .html()
2013-09-26 21:06:52 +01:00
cobbspur
3119fc5388 fixes position of save button in image uploader
closes #911

- adds display block to save button centre class
2013-09-26 20:15:48 +01:00
cobbspur
2a55595191 Increased visibility of trash can in image uploader for broken url
closes #838

- adds a min height value to pre-image-uploader scss
2013-09-26 18:33:09 +01:00
John O'Nolan
58873a9fc3 Stripped obsolete CSS3 prefixes 2013-09-26 15:26:00 +01:00
John O'Nolan
d1957958e3 Cleanup indentation and quotes
Aligns all requirements vertically for easier reading + adds single quote standard consistently throughout Ghost, except in long strings.
2013-09-26 15:06:31 +01:00
Hannah Wolfe
b787cc6639 Image upload start event fired earlier
issue #882
2013-09-26 12:35:03 +01:00
cobbspur
90e4637ede Image Upload URl saves in the right place
closes #864

- adds trigger - uploadstart to url handler
2013-09-26 12:34:59 +01:00
Matthew Harrison-Jones
67132ff28b Bug Fix: Date Keyboard Shortcut no-longer crashes the browser 2013-09-26 11:22:02 +01:00
John O'Nolan
598915a125 Stripped obsolete CSS3 prefixes 2013-09-24 18:44:32 +02:00
Hannah Wolfe
32d1076d35 Correct validation message for short passwords
closes #833
2013-09-19 08:41:04 +01:00
Hannah Wolfe
5528423636 Client & Server side validation for posts per page
closes #839

- caused a 500 error
2013-09-19 07:55:37 +01:00
Hannah Wolfe
477c4c59fa Merge pull request #843 from cgiffard/500-errors
500 Series Error Handling & Stack Traces
2013-09-18 22:52:52 -07:00
Christopher Giffard
9c8b02949a 500 Series Error Handling & Stack Traces
Fixes #825

- Changes the way the error middleware is delivered in server.js, moving
  all the logic back into errorHandling.js
- Alters error logging to use console.error (probably more appropriate) instead
  of console.log
- Changes error tests to accomodate for these alterations
- Alters user-error and error hbs templates to incorporate stack traces
- Adds additional styling for error pages to accomodate stack traces
- Added logic to parse and deliver formatted stack traces

Notes:
======

- Jslint gets in the way of the regex I've got to use to parse the stack.
  (It cites 'security reasons' which are not relevant in this case.)
  I needed to add a condition to relax it at the top of errorHandling.js
- The stack trace should probably be added as a partial, but I figured it
  was out of scope for this PR.
2013-09-19 13:01:20 +10:00
William Dibbern
4ff6162d79 Expanded spelling of chars to characters
Fixes #834

- Updated error message for password length to use "characters" instead
of "chars".
2013-09-18 21:51:56 -05:00
John O'Nolan
a7a14fac22 New default user image 2013-09-18 22:34:01 +01:00
Hannah Wolfe
eb7a63bd1d Fixing tag save event
- lost in a bad merge somewhere
2013-09-18 20:04:39 +01:00
Hannah Wolfe
7193f05376 Default user image and cover
closes #812

- replace defaults with consistently named .png files
- change the settings saving code so that it doesn't double-save images and save the defaults to the db
2013-09-18 15:54:52 +01:00
Matthew Harrison-Jones
2cd763d7f5 Bug Fix: Images in the Settings no longer breakout of their container in Firefox 2013-09-18 10:20:34 +01:00
Hannah Wolfe
1fc7966a5c Merge pull request #808 from gotdibbs/Issue788
Corrected settings menu bugs
2013-09-17 19:14:59 -07:00
Hannah Wolfe
7be4362523 404 Page vertical centering
closes #791
2013-09-18 03:07:22 +01:00
William Dibbern
ebe70534c2 Corrected settings menu bugs
Fixes #788

- Toggles now close all any other open toggles.
- Added .active class for post settings menu to ensure highlight stays
on settings icon/button until it is closed, not just on hover.
2013-09-17 20:59:35 -05:00
Hannah Wolfe
00b60a7a74 Clear notifications before adding new ones
closes #783

 - I think there's probably a nicer solution than putting clearEverything() everywhere, but that would also probably involve significant refactoring.
2013-09-18 02:48:38 +01:00
John O'Nolan
60bb02ad6a Throttle scrolling. LIKE A BAWS.
See #481
2013-09-18 02:09:21 +01:00
Hannah Wolfe
a18f5e7181 Post settings menu success notifications
closes #786
2013-09-18 01:46:10 +01:00
ericterpstra
371f8ce0b1 Set post-settings date to 12:00 2013-09-17 18:54:01 -05:00
Hannah Wolfe
a4aefb2b8e Merge pull request #803 from nicoburns/fastclick
Fastclick
2013-09-17 16:34:53 -07:00
nicoburns
d7a47858ba Added FastClick to assumed globals for tests 2013-09-17 22:57:40 +01:00
Hannah Wolfe
b15b8d03da Clearing out images we don't use 2013-09-17 22:28:28 +01:00
nicoburns
f3a824bda5 Changed back button text
- Changed back button text from "Cancel" to "Back"
- Removed box-shadow from back buttons
2013-09-17 22:25:26 +01:00
nicoburns
3b3d7a7c34 Replaced Hammer.js with FastClick
Issue #149 Closes #519
- Uses FastClick to speed up click events instead of using Hammer.js tap
events
2013-09-17 22:11:13 +01:00
Hannah Wolfe
ae01e5eeae Editor notification cleanup
closes #666

- no more split messaging
2013-09-17 21:35:30 +01:00
James Inman
38ae87524d Notification cleanup
Closes #666.

* Adding new error notifications (removed post name, cleaned up statuses) when creating/updating a post
* Removing scheduled from the maps and changing the text of publish-on
* Made temporary "Scheduled publishing is not supported yet." message display in a proper error container, plus a slight grammar fix.
* Removed ; from the start of validation errors on post error, as the previous sentence finishes with a .
2013-09-17 21:19:07 +01:00
John O'Nolan
56620635db Merge pull request #800 from M165437/issue-149
Add back button to settings and content preview
2013-09-17 12:55:52 -07:00
Matthew Harrison-Jones
2305329041 Complete Modal Refactor
* Smoother animations
* Removed blurring in Chrome temporarily
* Centering is now done in CSS (the height is calculated in JS to work in FF and Opera)
* Modals now need close: true to be set to enable the close icon and shortcuts for closing (ESC key, background clicking)
2013-09-17 20:40:19 +01:00
Michael Schmidt-Voigt
08ed07372f Add back button to settings and content preview
Issue #149
- added back button to content preview and settings
- added hammer.js interactions
- needs some tweaking for mobile view
- problems with touch events (additional click event after 300ms)
2013-09-17 15:58:41 -03:00
cobbspur
757ed3a8f5 Added url functionality for image uploads
closes #701, closes #702

- if image upload is called from editor the url icon provides a text field and a save button
- if on settings pages (general and user) the save button will capture the entered url or uploaded url
- both modes have the reset button
- fixed bug that is created by url when image is dragged onto window
2013-09-17 19:15:32 +01:00