summaryrefslogtreecommitdiff
path: root/app/helpers
AgeCommit message (Collapse)Author
33 hoursAddress brakeman security findingsHEADmastererdgeist
- Replace permit! with permit(:locale, :page_path) in AdminHelper#language_selector
33 hoursPrevent xss by not allowing return_to to point to javascript resourceserdgeist
4 daysStage 7 click-testing fixeserdgeist
- aggregate: switch to shortcode syntax [aggregate ...]; fix paragraph wrapping by excising the shortcode and its surrounding <p> before sanitize, concatenating collection output outside sanitized content - page.rb: remove aggregate XML unwrapping from rewrite_links_in_body (no longer needed with shortcode approach) - rss builders: explicit CGI.escapeHTML on title/abstract; Builder 3.3.0 does not escape when target buffer is html_safe (ActionView default) - tinymce: disable menubar and promotion nag; add code plugin, remove paste plugin (built into TinyMCE 8 core); configure via admin_interface.js directly (config/tinymce.yml affects tinymce() helper only, not tinymce.init)
4 daysFix routes after removing the routing-filtererdgeist
6 daysStage 5 click-testing fixeserdgeist
- Fix link_to :method → button_to for all PUT/DELETE actions - Add button_to CSS reset to admin.css for visual consistency - Fix admin layout: replace broken jquery/jquery_ujs pipeline refs with admin_bundle via sprockets; add sprockets-rails, jquery-ui-rails gems - Add app/assets/javascripts/admin_bundle.js pipeline manifest - Fix event_information helper: use safe_join to avoid double-escaping - Fix nodes_helper: to_s(:db) → to_fs(:db) for event times - Fix revisions view: eliminate nested forms; diff button uses vanilla JS to collect radio button values before POST - Fix config/environments/development.rb and test.rb: cache_classes → enable_reloading - Add routing_filter_rails71_patch.rb version guard - Move LockedByAnotherUser to own file for Zeitwerk autoloading - Fix Globalize fallbacks via config.i18n.fallbacks in application.rb
6 daysStage 5 fixes: RouteWithParams removal, Globalize fallbacks, search stub, to_s(:db) → to_fs(:db), LockedByAnotherUser autoload, test environment configerdgeist
- Remove safe_path helper and content_path shim from link_helper.rb - Update all safe_path call sites in views to use named route helpers directly - Fix Globalize fallbacks via config.i18n.fallbacks in application.rb, remove i18n initializer - Stub Node.search returning none (search disabled pending PostgreSQL upgrade) - Replace to_s(:db) with to_fs(:db) in node.rb, nodes_helper.rb, link_helper.rb, admin view - Move LockedByAnotherUser to app/models/locked_by_another_user.rb for Zeitwerk autoloading - Fix config/environments/test.rb: config.assets removed, cache_classes → enable_reloading, test_order removed, minitest pinned to ~> 5.25 - Fix config/environments/development.rb: cache_classes → enable_reloading - Park search vector migration in doc/ pending PostgreSQL and plpgsql availability
6 daysStage 4: Rails 5.2 -> 6.1 on Ruby 2.7.2erdgeist
- routing-filter 0.6.3 -> 0.7.0 (Rails 6.1 compatibility) - RSS named routes rss_xml/rss_rdf added - RouteWithParams workarounds: will_paginate_patch, content_path shim, safe_path helper - Paperclip removed, replaced with FileAttachment concern (preserves URL scheme) - Assets resource moved to /admin/assets (Sprockets middleware conflict) - ApplicationRecord base class added, all models migrated - Strong parameters added to Assets, Occurrences, Events, MenuItems controllers - update_attributes -> update throughout - render :nothing -> head :ok/:not_found throughout - language_selector rewritten (removes :overwrite_params) - Environment files updated for Rails 6.1 (eager_load, public_file_server, ActionMailer) - Arel::Visitors::DepthFirst and Integer/Float duration patches removed from test_helper - AssetsController tests added (10 tests covering upload, variants, destroy, auth) - ImageMagick geometry: 460x250! for headline crop (not # which is invalid in IM6) 129 runs, 311 assertions, 5 failures (all pre-existing), 0 errors
7 daysRails 4.2 view fixeserdgeist
- Replace :confirm => with :data => { :confirm => } in all link_to calls - Fix link_to_path helper: use content_path named route instead of hash-style routing - Fix admin/_menu.html.erb: use named routes for logout and admin index - Fix admin layout: load jquery/jquery_ujs before jquery-ui, remove duplicate jQuery 1.3.2 - Add csrf_meta_tags to admin layout
7 daysFix tagged content aggregator, assets path, and add regression testserdgeist
- Replace tagged_with calls in Page.aggregate, TagsController, RssController with direct SQL joins (acts-as-taggable-on 3.5 broken on Rails 3.2) - Fix Paperclip :path/:url to use plain :id format matching existing uploads - Add proper regression tests for aggregator, tags, and rss controllers - Fix assert_select assertions to target div.body div.article_partial
8 daysStage 1 complete: Rails 2.3.5 to Rails 3.2.22.5 upgradeerdgeist
- Converted plugins to gems (Gemfile) - Updated config structure (application.rb, boot.rb, environment.rb) - Converted routes to Rails 3 DSL - Converted named_scope to scope throughout models - Converted find(:all, :conditions) to where() chains - Fixed has_many :order to use ordering scope - Updated session store and secret token configuration - Fixed exception_notification middleware configuration - Patched Ruby 2.4 / Rails 3.2 incompatibilities: - Integer/Float duration arithmetic (ActiveSupport) - Arel visit_Integer for PostgreSQL adapter - create_database String/Integer coercion - ActionController consider_all_requests_local - Migrated taggings schema for acts-as-taggable-on - Replaced dynamic_form gem with custom form_error_messages helper - Fixed Rails 3 block helper syntax (form_for, form_tag, fields_for) - Fixed admin layout yield - Updated test suite for Rails 3 APIs
8 daysUpdate deployed state to what's currently runningerdgeist
2025-01-28Big overhaul patch and style changesCharlie Root
2011-02-11reject events with no corresponding pagehukl
spaces
2009-11-08fixed typo - evilhukl
2009-10-20allow to overwrite the original user in edit viewhukl
2009-10-20link helper fixhukl
2009-10-17changed some node related methods and implementation of unlockhukl
2009-10-17added sanitize statements to hopefully all critical templates to protect against cross site scripting.hukl
added section to environment.rb listing the whitelisted tags and attributes and examples on how to extend the list
2009-10-08fixed the helper to merge the html options properlyhukl
2009-10-08enabled shadowbox for headline images on public pages. if js is disabled the regular html version is renderedhukl
2009-10-07implemented complete restful user management interface including functional tests. this enables basic user operation. note that only admins are allowed to ↵hukl
create, edit, destroy other users
2009-09-10and one more tiny modification on the atom feedhukl
2009-09-10more rss feed enhancementshukl
2009-09-10added public rss controller plus template to render the latest 20 updates into a neat little atom feedhukl
2009-09-10show the next event if none are found for the next 14 days. Closes #19hukl
2009-09-07enabling featured articleshukl
2009-09-06added public search controller with corresponding viewhukl
2009-09-05added tag resource, widget and auxillary fileshukl
2009-09-04fixed the aggregate tag parsinghukl
2009-09-03took almost an hour to find the reason for the invalid html! anyway - fixed now!hukl
2009-09-01added expirimental routing for image galerieshukl
added plain image gallery template refinements
2009-08-15added pagination for aggregators. costed me the whole day. crappy plugins ARGH! More work to do!hukl
2009-08-15order of menu items sethukl
2009-08-08more readable dates for event meta datahukl
2009-08-08added menu items resourcehukl
2009-08-08added dynamic main menuhukl
2009-07-19fixed link_for_path issuehukl
2009-07-19intermediate commit introducing main menu and calendar widget which will get refactored soon. need another feature firsthukl
2009-04-27truncated titles with title attribute in recent changes viewhukl
2009-04-25Integrated basic Asset upload functionality. You can upload files now and use their url in pages.hukl
2009-04-22fixes for new event formhukl
2009-04-18linkshukl
2009-04-18adding event information to the metadata section allowing to add and edit eventshukl
2009-04-13rebuilding the admin interfacehukl
2009-03-21do not truncate title anymorehukl
2009-03-18Refactored Chaos Calendar by wrapping libical and introducing event and occurrence model. More improvements to come. Enables us to create events with ↵hukl
reoccurrence and intervals etc.
2009-03-15first revision and diff interfacehukl
2009-03-10remove event resource temporarily until its finalizedhukl
2009-03-10added calendar backend. more features and integration to comeerdgeist
2009-03-08enhanced the link_to_path helper and fixed the menu linkshukl