Commit graph

3313 commits

Author SHA1 Message Date
Robin Ward
2891f230d1 SECURITY: Make sure uploaded_urls have corresponding upload records 2016-07-28 13:54:17 -04:00
Robin Ward
dc1a830d3d SECURITY: SQL Injection in Admin List Active Users 2016-07-28 11:42:06 -04:00
Guo Xiang Tan
36ddb1787e FEATURE: Add toggle topic visibility button in popup menu. 2016-07-28 16:57:04 +08:00
Sam
16a383ea1e SECURITY: limit bad cookie auth attempts
- Also cleans up the _t cookie if it is invalid
2016-07-28 12:58:49 +10:00
Sam
ab68e0c9db FEATURE: allow "developer" account flagging via developers table
This mechanism for flagging developer accounts will eventually replace
DISCOURSE_DEVELOPER_EMAILS
2016-07-28 10:14:06 +10:00
Régis Hanol
11172b7c2d FIX: cropping GIF wasn't working 2016-07-27 18:48:02 +02:00
Andre Pereira
8cbd585e20 FEATURE: Allow staff users to merge posts. 2016-07-27 12:04:14 +08:00
Robin Ward
2a4006fe0c Add YandexBot to our list of crawlers 2016-07-26 13:21:37 -04:00
Neil Lalonde
ce595189ff Version bump to v1.6.0.beta12 2016-07-26 11:49:51 -04:00
Guo Xiang Tan
76e57ddef3 FIX: Log errors in ensure block of restorer. 2016-07-26 10:24:01 +08:00
Guo Xiang Tan
03aa13b2bb FEATURE: Work with compressed version of pg_dump during backup and restore. 2016-07-26 10:24:01 +08:00
Sam
b5fbff947b FIX: don't expire old sessions when logging in 2016-07-26 11:37:41 +10:00
Régis Hanol
b0f7e4ba00 FEATURE: deactive users after too many bounces 2016-07-25 18:57:06 +02:00
Régis Hanol
7648916314 new 'reset_bounce_score_after_days' site setting 2016-07-25 17:29:54 +02:00
Régis Hanol
d2e22ab215 extract bounce scores into site settings 2016-07-25 17:27:28 +02:00
Régis Hanol
9971e62254 FIX: migrate_from_s3 rake task 2016-07-25 12:12:10 +02:00
Sam
e01802a13b FIX: strip quote from search term when searching within topic 2016-07-25 15:06:25 +10:00
Sam
c1f62d8657 Revert "make upgrade a bit more seamless"
This reverts commit 78b88a1633.
2016-07-25 12:49:33 +10:00
Sam
78b88a1633 make upgrade a bit more seamless 2016-07-25 12:30:52 +10:00
Sam
df535c6346 FEATURE: refresh session cookie at most once an hour
This feature ensures session cookie lifespan is extended
when user is online.

Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
Arpit Jalan
a9207dafa7 FEATURE: configure session time via site setting for all the users (#4343) 2016-07-23 02:57:30 +05:30
Robin Ward
af266acac1 FIX: Plugin Custom emoji weren't working correctly on the server side 2016-07-22 12:59:43 -04:00
Sam
12dc511fea PERF: make score calculator cheaper when site has long topics 2016-07-22 09:48:44 +10:00
Robin Ward
c11f7bee99 FIX: Registering emoji via plugin.rb was broken 2016-07-21 14:15:51 -04:00
Neil Lalonde
7c092b0fe0 FEATURE: add filter to show topics that have not been tagged 2016-07-20 16:21:51 -04:00
Guo Xiang Tan
1adfa0a4b5 FEATURE: Add SiteSetting to disable readonly mode during backup. 2016-07-19 17:44:04 +08:00
Sam
1c964bf730 PERF: cache category topic ids 2016-07-19 12:34:54 +10:00
Robin Ward
7d4aed66c7 Email Cooker can onebox posts too 2016-07-18 15:00:12 -04:00
Robin Ward
12cfc8cedd FIX: Email cooker should support links within blockquotes 2016-07-18 14:38:40 -04:00
Robin Ward
6db50b820d FIX: Email cooker should link links that don't begin a line 2016-07-18 13:46:13 -04:00
Sam Saffron
46b34e3c62 FEATURE: remove user option for edit history public
Users can no longer opt-in for "public" edit history
if site owner disables it.

This feature adds cost and complexity to post rendering since
user options need to be premeptively loaded for every user in the
stream. It is also confusing to explain to communities with private edit
history.
2016-07-16 21:30:00 +10:00
Sam Saffron
6777bd2629 warm up v8 after fork 2016-07-16 15:11:34 +10:00
Robin Ward
56a7249498 Minor quoting improvements to email cooker 2016-07-15 15:37:16 -04:00
Régis Hanol
caa1aea995 FIX: ensure emojis have absolute URLs and uses CDN 2016-07-15 18:37:51 +02:00
Régis Hanol
6ed03bf3d9 FIX: always update bounce_score even when email was not auto_generated 2016-07-15 18:00:40 +02:00
Régis Hanol
8d2c878b34 FIX: only send 1 rejection email per day to prevent loops 2016-07-15 13:18:55 +02:00
Guo Xiang Tan
b981041f6f Make sure we log failures in ensure block. 2016-07-15 11:36:47 +08:00
Guo Xiang Tan
4aa3442824 Skip validations when creating a post by system user. 2016-07-15 11:36:29 +08:00
Guo Xiang Tan
5fe4837e28 Add PostCreator#create!. 2016-07-15 11:36:06 +08:00
Hu Ming
f8a12d4940 Add support for AWS cn (#4327) 2016-07-14 16:56:09 +02:00
Régis Hanol
926c021125 set 'List-Unsubscribe' email header to new unsubscribe url instead of user preferences url 2016-07-13 22:32:46 +02:00
Robin Ward
b8261a662b FIX: siteSettings weren't getting applied to plugin auth 2016-07-13 16:11:48 -04:00
Guo Xiang Tan
c3cab98998 FEATURE: Admins should be able to create polls even when plugin is disabled. 2016-07-13 18:05:19 +08:00
Jeff Atwood
15a46d419f tweak in-reply-to email CSS 2016-07-12 16:26:44 -07:00
Neil Lalonde
91e4af0d3d FIX: restore of a backup from an older Discourse version can create new tables in the wrong schema, leading to UndefinedTable errors 2016-07-12 16:26:45 -04:00
Robin Ward
b00fd79989 FIX: Even better email rendering fixes 2016-07-12 15:37:19 -04:00
Robin Ward
bb90129731 Improvements to email cook text rendering 2016-07-12 13:49:03 -04:00
Robin Ward
0c3b049176 FIX: Autolinking in email formatter was broken 2016-07-12 13:33:13 -04:00
Rafael dos Santos Silva
5915929166 FIX: Unicode aware text sentinel (#4301)
* FIX: Handle unicode text on Text Sentinel

Uses active_support to properly handle unicode text

* Adds test cases to unicode Text Sentinel
2016-07-12 11:08:55 -04:00
Arpit Jalan
166d753bd3 FIX: delete PostgreSQL dump before gzipping archive (#4323) 2016-07-12 14:23:26 +02:00