cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1894 commits 4 branches 1 tag 499 MiB
Commit graph

28 commits

Author SHA1 Message Date
Andy Allan
272d73e9a7 i18n for messages 2009-05-31 15:37:18 +00:00
Shaun McDonald
2e41c35479 Adding the ability to see the min/max lat/lon for a changeset in the data browser. Adding file for the nice message that should show when a user is missing in the message controller. 2008-12-08 15:30:19 +00:00
Shaun McDonald
1a7ab3570c Deal with active record not found exceptions when creating message. Some tidying of html. For some reason in rails 2.1.2 having a comment at the end of a line, in the view, means that the closing tag needs to be on the next line. 2008-12-03 12:56:02 +00:00
Tom Hughes
e62eacd8d3 Remove bogus action attribute from the submit button - it should have 
no effect as there is no such attribute defined, but Opera seems to
decide that it should post the form to that URL instead of the one
give on the form element.
 2008-05-15 09:34:45 +00:00
Tom Hughes
895eb829c9 Backout message deletion functionality as it has unfortunate side effects 
as it also removes the message from the sender's outbox.
 2008-05-06 16:35:24 +00:00
Tom Hughes
a47fcb0857 Fix replying to diary comments, and tidy a few things up. 2008-05-05 23:01:05 +00:00
Steve Coast
ee1707a4a7 nicer reply messages, bug 529 2008-05-03 14:02:53 +00:00
Steve Coast
ee6165bf9b ability to delete messages 2008-05-03 13:25:34 +00:00
Tom Hughes
0d70728fe2 Escape user display names. 2008-03-04 16:51:13 +00:00
Steve Coast
cacf1879c3 user images 2008-02-23 15:18:59 +00:00
Tom Hughes
c3bd1f113b Tidy up message sensitisation a bit more, and add sensitisation of 
information in the diary RSS feeds.
 2008-01-16 10:02:42 +00:00
Tom Hughes
b416597507 Make the message reply link prefill the title with "Re: original title". 
Closes #634.
 2008-01-15 19:05:17 +00:00
Tom Hughes
9f909d7447 Add a few more escape calls to prevent nasty HTML being rendered. Also 
switch to using sanitize() instead of h() to escape message bodies. This
is not quite as safe as there is no guarantee that the HTML scanner it
uses will find everything, but is does allow benign HTML tags to be
displayed again.
 2008-01-15 18:22:08 +00:00
Tom Hughes
1e54573bae Escape message titles and bodies. This is an emergency fix as some genius 
has decided to report this XSS problem to a public mailing list. Unfortunately
it means that some functionality (links in messages etc) has been lost for now.
 2008-01-15 00:26:01 +00:00
Tom Hughes
2cbcabb3f6 HTML escape substituted parameter values to avoid injection attacks. 2007-11-23 00:49:55 +00:00
Tom Hughes
7b172efeb6 Don't indicate if a message has been read in the outbox view. 2007-11-21 23:54:14 +00:00
Mikel Maron
d736a158be message outbox 2007-11-21 18:24:29 +00:00
Steve Coast
2c0cd2730c a few message prettyness things 2007-09-04 14:20:42 +00:00
Tom Hughes
9fa8aab9f2 Revert SteveC's edit as blank title are now banned. 2007-09-04 14:08:17 +00:00
Steve Coast
c04e9ccf95 link to 'no subject' if message title/subject is blank 2007-09-04 13:43:31 +00:00
Tom Hughes
2e2189ecb9 Fix typo. 2007-08-22 00:20:53 +00:00
Tom Hughes
a894e75a1d Fix diary entry creation... 2007-08-22 00:19:58 +00:00
Dan Karran
9da455a322 Moving inbox styling definitions into the stylesheet. 2007-08-18 12:22:04 +00:00
Dan Karran
3c79240a6a Showing all messages in inbox, but sorting by date DESC and highlighting new ones. Adding link from message reading page back to inbox. Mark as read/unread. 2007-08-17 18:05:09 +00:00
Tom Hughes
b61e4f77e8 Improve handling of user to user messages. 2007-08-14 17:29:27 +00:00
Dan Karran
e6af088dda Seperating message receiving off into 'inbox' function. 2007-06-20 22:32:15 +00:00
Tom Hughes
aa52ebe674 User form_tag/end instead of start_form_tag/end_form_tag to avoid 
deprecation warnings.
 2007-06-10 23:22:56 +00:00
Nick Black
7d52305640 added messaging and friend stuff that wasn't checked in 2007-05-06 10:36:06 +00:00