89d2340e37
UX: Add margins for poll links in preview.
2016-07-29 15:19:56 +08:00
ffbfcd7ee2
Fix build.
2016-07-29 14:47:23 +08:00
e336e56153
FIX: Incorrect sort for poll results.
2016-07-29 14:42:55 +08:00
f9ef1e1997
Opps this broke polls.
2016-07-29 14:28:09 +08:00
6538363c18
PERF: Reduce the number of queries when voting.
2016-07-29 14:02:48 +08:00
fc7ebc342c
Merge pull request #4354 from tgxworld/remove_button_look_on_polls
...
UX: Remove button styles on polls.
2016-07-29 11:41:13 +08:00
32c962cfd8
UX: Remove button styles on polls.
2016-07-29 11:09:23 +08:00
1552908fc0
Merge pull request #4353 from fantasticfears/translation
...
Explicit on site settings and fixing minor parts
2016-07-29 10:40:41 +08:00
8e30ab31c2
Merge pull request #4351 from tgxworld/allow_non_number_poll_results_to_be_sorted
...
FEATURE: Allow poll results to be sorted.
2016-07-29 10:38:29 +08:00
a7f2b2ded6
FEATURE: Allow poll results to be sorted.
2016-07-29 10:37:27 +08:00
1f12e41029
FIX: query for tag with no sub-categories
2016-07-28 16:59:00 -04:00
82e170d6a6
FIX: 404 when filtering by category, no sub-category, and a tag
2016-07-28 16:19:03 -04:00
9adfccfad1
FIX: Regression with escaping on badge page
...
In this branch (stable) we can't run the sanitizer because the bundle is not
loaded. The long badge description is not sanitized, but it
has to be created by an admin so it's extremely low risk.
In the beta / tests-passed branches the text is sanitized.
2016-07-28 16:11:41 -04:00
efc6408b1d
FIX: Regression with escaping on badge page
2016-07-28 15:57:06 -04:00
5d062206db
SECURITY: Make sure uploaded_urls have corresponding upload records
2016-07-28 15:41:03 -04:00
f416634ea0
SECURITY: Cross-Site Scripting in Category and Group Settings
2016-07-28 15:30:53 -04:00
80834df757
SECURITY: SQL Injection in Admin List Active Users
2016-07-28 15:29:16 -04:00
90a3cc7f18
SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions
2016-07-28 15:29:05 -04:00
d9289b6da9
Merge pull request #4352 from tgxworld/full_width_for_polls
...
UX: Polls should take up full width of post's container.
2016-07-28 11:59:08 -07:00
2891f230d1
SECURITY: Make sure uploaded_urls have corresponding upload records
2016-07-28 13:54:17 -04:00
cf5b756b1a
SECURITY: Cross-Site Scripting in Category and Group Settings
2016-07-28 11:57:59 -04:00
77847f0d46
FIX: meta description tags for tags
2016-07-28 11:49:23 -04:00
dc1a830d3d
SECURITY: SQL Injection in Admin List Active Users
2016-07-28 11:42:06 -04:00
2f8ab8cd30
SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions
2016-07-28 11:38:12 -04:00
bc81c8b2a0
Explicit on site settings and fixing minor parts
2016-07-28 23:35:24 +08:00
bb3f4a10f3
UX: Polls should take up full width of post's container.
2016-07-28 23:06:25 +08:00
85a91c8b81
Remove unused property.
2016-07-28 21:28:49 +08:00
0128fdfc46
FIX: Discourse.ajax is deprecated.
2016-07-28 18:20:24 +08:00
c449bbe882
Merge pull request #4347 from tgxworld/unlist_topic_creation
...
FEATURE: Add toggle topic visibility button in popup menu.
2016-07-28 17:18:34 +08:00
36ddb1787e
FEATURE: Add toggle topic visibility button in popup menu.
2016-07-28 16:57:04 +08:00
16a383ea1e
SECURITY: limit bad cookie auth attempts
...
- Also cleans up the _t cookie if it is invalid
2016-07-28 12:58:49 +10:00
0ba8da9658
reduce amount of cache setting
2016-07-28 10:20:29 +10:00
83f80341b3
FIX: topic id cache should be a multi process cache
2016-07-28 10:20:14 +10:00
ab68e0c9db
FEATURE: allow "developer" account flagging via developers table
...
This mechanism for flagging developer accounts will eventually replace
DISCOURSE_DEVELOPER_EMAILS
2016-07-28 10:14:06 +10:00
f319923753
SECURITY: limit route access when using external avatars
2016-07-28 09:04:32 +10:00
c6dbaca0dc
SECURITY: disable user entered badge SQL by default
...
- Hidden site settings now must be change via rails console
2016-07-28 09:03:00 +10:00
cb3afd11b4
SECURITY: limit route access when using external avatars
2016-07-28 09:00:43 +10:00
437ad5b05a
Remove extra characters returned from Transifex
2016-07-27 17:55:29 -04:00
6a8f57d602
Update translations
2016-07-27 17:55:28 -04:00
7109442ef0
Stop using Transifex workaround, but keep the code just in case
2016-07-27 17:55:28 -04:00
37a78752e9
phpBB3 importer: fixes for internal links and guest users ( #4350 )
...
* phpBB3 importer: ignore query parameters in internal links
* phpBB3 importer: Don't fail if guest usernames differ only by case
* phpBB3 importer: Import username as name for guest users
2016-07-27 22:57:33 +02:00
fccc0c93c5
Store the original username during import ( #4349 )
2016-07-27 22:30:15 +02:00
e848c336bb
FIX: only prevent clicks on links in the preview
2016-07-27 20:53:45 +02:00
c4b52b1a19
GET is a more RESTy verb for '/users/:username/emails'
2016-07-27 20:15:28 +02:00
6dac9075dc
new 'convert_pasted_images_quality' site setting
2016-07-27 19:59:44 +02:00
be099bb637
only convert pasted images to HQ jpg when it's at least 5% smaller
2016-07-27 19:55:13 +02:00
a3f39866ab
Update translations using temporary workaround for Transifex bugs
2016-07-27 13:29:13 -04:00
ea59283c1e
FIX: PM automatic groups via URL
2016-07-27 19:16:31 +02:00
11172b7c2d
FIX: cropping GIF wasn't working
2016-07-27 18:48:02 +02:00
56d2626187
support 'read_restricted' categories in importers
2016-07-27 18:38:23 +02:00
