Sam
1b81f73325
logged in requests were being treated as anon, causing major havoc
2013-10-17 10:37:18 +11:00
Neil Lalonde
cabe8f0d2d
Clean up ScreenUrl normalization and matching
2013-10-16 16:39:29 -04:00
Robin Ward
2a8db38c7a
FIX: Smoke test failure
2013-10-16 16:01:41 -04:00
Robin Ward
f27413219e
Support for MDTest
2013-10-16 10:28:42 -04:00
Sam
3d647a4b41
remove rack cache, it has been causing trouble
...
instead implement an aggressive anonymous cache that is stored in redis
this cache is sitting in the front of the middleware stack enabled only in production
TODO: expire it more intelligently when stuff is created
2013-10-16 16:39:18 +11:00
Robin Ward
b62913695c
Merge pull request #1528 from JEG2/master
...
Adding post details in preparation for the API importer code.
2013-10-15 08:19:19 -07:00
Robin Ward
5281b7f80c
Upgraded and refactored Sanitizing. Much less crap should get through now!
...
Conflicts:
app/assets/javascripts/discourse/components/syntax_highlighting.js
2013-10-15 10:53:11 -04:00
James Edward Gray II
1aa9fc982d
Adding post details in preparation for the API importer code.
2013-10-15 09:21:30 -05:00
Régis Hanol
4536b5fe04
added a job to clean up orphan uploads
2013-10-15 11:15:48 +02:00
Régis Hanol
d80f4fa3f7
Merge pull request #1523 from dbarbera/avatar_formats_fix
...
add image authorization on upload_avatar
2013-10-14 05:33:25 -07:00
Sam
7df4e4afb9
security fix, anon should not be treated as though they can create anything
2013-10-13 09:54:48 +11:00
dbarbera
9106596a9a
add image authorization on upload_avatar
2013-10-12 14:11:44 +02:00
Régis Hanol
23bf4436f5
FIX: avatar was attached to the user who uploaded it...
2013-10-12 10:55:41 +02:00
Robin Ward
af931f0444
Reverting the Sanitizer commit in case we have to do something urgent
...
before we deploy it early next week. It's in the branch `sanitizer` for
now.
This reverts commit 9e93d8ed52
.
2013-10-11 16:44:26 -04:00
Robin Ward
9e93d8ed52
Upgraded and refactored Sanitizing. Much less crap should get through now!
...
Conflicts:
app/assets/javascripts/discourse/components/syntax_highlighting.js
2013-10-11 16:25:40 -04:00
Neil Lalonde
3c2c6ab24b
Add sockpuppet spammer detection. Automatically flag posts if they are from new users (registered less than 24 hours ago) at the same IP address and one of them started the topic.
2013-10-11 13:34:05 -04:00
Régis Hanol
c38ba8acdd
add rss links to anonymous homepages
2013-10-11 18:43:29 +02:00
Sam
172a85ae14
prettier twitter links, extracted mini api
2013-10-11 11:46:35 +11:00
Sam
b0465c517e
(experimental) added framework for filtering all sorts of internals in discourse and consuming by plugins
2013-10-10 18:45:40 +11:00
Sam
ad2ed5fe51
rate limits for topics and posts on first day
...
max_topics_in_first_day and max_replies_in_first_day
2013-10-10 10:32:03 +11:00
Sam
7993845bfa
add current_user_provider so people can override current_user bevior cleanly, see
...
http://meta.discourse.org/t/amending-current-user-logic-in-discourse/10278
2013-10-09 15:11:54 +11:00
Neil Lalonde
bccb37b6f3
When creating a topic, don't select a category by default when allow_uncategorized_topics is false. Also, added category validation on the server to enforce allow_uncategorized_topics.
2013-10-08 14:41:20 -04:00
Sam
e18b93026a
defer view creation on so updates are not performed when people navigate to topics
2013-10-07 15:04:59 +11:00
Sam
5bf26ec34e
large refactor, ship a few columns from the user table into user_stats
2013-10-07 15:04:59 +11:00
Robin Ward
c8487f6bc7
FIX: Amazon spec
2013-10-04 12:49:39 -04:00
Sam Saffron
ad93fc959c
security issue, anon and logged in users could see the fact that a user sent another user a pm (but could not see the pm itself or title)
2013-10-03 16:48:03 -07:00
Robin Ward
3562d02905
Adjust smoke test to work with user expansion
2013-10-03 14:17:25 -04:00
Régis Hanol
af96ef2994
FIX: deleting a flagged post issue
...
cf. http://meta.discourse.org/t/deleting-a-flagged-post-issue/10061
The bug was only happening when you were about the delete the first post, which means deleting the entire topic.
2013-10-02 16:59:57 +02:00
Sam
f0a122a66c
move job files so they live underneath app/ and not in lib/
...
introduce new setting email_always, that will force emails to send to users regardless of presence on site
2013-10-01 17:04:02 +10:00
Robin Ward
3f0c03a20c
FIX: Prevent unauthorized list of private message titles. Also remove some unused code.
2013-09-30 14:35:11 -04:00
Régis Hanol
40c08eab14
do not break oneboxes' favicon after updating favicons
2013-09-30 19:09:57 +02:00
Robin Ward
37304b7eba
FIX: Too many new lines in long quotes
2013-09-27 15:08:56 -04:00
Régis Hanol
cd4cda5b4c
allow users to specify thumbnail size
2013-09-27 10:57:31 +02:00
Neil Lalonde
07d08b81c7
Show mobile view as default for nexus 7 tablet
2013-09-23 17:13:29 -07:00
Robin Ward
60abde2253
FIX: Broken spec
2013-09-19 18:40:46 -07:00
Robin Ward
99b6a62fcb
New composer message for people dominating a topic
2013-09-17 14:38:39 -04:00
Robin Ward
16dc0a7001
New user education notification was off by one. Also, remove the "basic" restriction on the
...
"posting too often" message.
2013-09-17 12:12:03 -04:00
Neil Lalonde
0fafe124db
Add enable_mobile_theme site setting. Uncheck it to disable the mobile theme.
2013-09-17 11:25:37 -04:00
Robin Ward
2baf5fda8e
Merge pull request #1438 from Elegios/composer_use_category_id
...
Make the composer and TopicCreator use category id instead of category name
2013-09-17 08:03:48 -07:00
Neil Lalonde
b15e629f46
Strip trailing slashes from ScreeningUrl records
2013-09-17 10:26:05 -04:00
Viktor Palmkvist
37673e3412
Make the composer and TopicCreator use category id instead of category name
...
Also fixes #1171
Includes backwards compatibility for topic creation
2013-09-17 12:13:19 +02:00
Neil Lalonde
c845071066
Fix an error with mobile custom header
2013-09-16 12:55:44 -04:00
Neil Lalonde
13f17b2a5c
Add ability to customize css and header for mobile
2013-09-16 12:28:02 -04:00
Nathan Nontell
d95172cb5d
Allow TextSentinel#seems_unpretentious? to accept words joined with dashes or forward slashes. (Issue 1133)
2013-09-16 09:45:57 -04:00
Matthieu Guillemot
3ba1f20674
New site settings to enable/disable the possibility of editing user's nickname or email address
2013-09-14 21:34:21 +09:00
Robin Ward
b39d39dbb6
FIX: Use post_count
instead of topic_reply_count
in education for replies.
2013-09-14 00:32:18 -04:00
Robin Ward
c365bd0070
Notify users posting sequential replies that there's a better way to do it.
2013-09-13 13:49:34 -04:00
Robin Ward
7d9a84b496
New User Education goes through a server side ComposerMessages check. Composer message for users
...
who don't have avatars.
2013-09-13 12:23:53 -04:00
Sam
4599e5d732
oops did not have autospec running
2013-09-12 15:55:18 +10:00
Robin Ward
fcff4e80d1
New user_stats
table to keep track of queried information on a user.
...
This is information that is not usually needed when representing a user
and is in a separate table with a has one relationship to avoid querying
it all the time.
2013-09-11 14:50:26 -04:00