Andreas/tracks
1
0
Fork 0
mirror of https://github.com/TracksApp/tracks.git synced 2026-02-03 14:31:47 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
tracks/tracks/app/views
History
bsag 5e4f0f9fe8 Improved the security of the new drag and drop features of the projects and contexts lists by checking that the logged in user owns those items. 
Also changed references to Form.focus_first which were defined in the removed file prototype-ex.js to Form.focusFirstElement, which is defined in prototype.js. Fixes #133.



git-svn-id: http://www.rousette.org.uk/svn/tracks-repos/trunk@149 a4c988fc-2ded-0310-b66e-134b36920a42
2005-10-10 21:14:34 +00:00
..
context Improved the security of the new drag and drop features of the projects and contexts lists by checking that the logged in user owns those items. 2005-10-10 21:14:34 +00:00
feed I'm seriously beginning to hate #188, but it really is fixed now. Really. The problem before was that due to a weird conjunction of due dates and creation dates on my sample set, it did actually work for me. now I use the same bit of code to display the actions on the home page and on the txt page, so it really is the same. If anyone opens that ticket again, woe betide them... :-D 2005-10-02 10:35:07 +00:00
layouts Quite a few changes in this revision: 2005-10-09 17:51:31 +00:00
login Merged tracks-mu-import branch changes r113:130 into the trunk 2005-08-08 01:54:05 +00:00
note Quite a few changes in this revision: 2005-10-09 17:51:31 +00:00
project Improved the security of the new drag and drop features of the projects and contexts lists by checking that the logged in user owns those items. 2005-10-10 21:14:34 +00:00
shared Added the sanitize method to all of the fields which get displayed on the page (context.name, project.name, project.description, todo.description, todo.notes, note.body). This stops harmful HTML codes being embedded in the page. Sanitize strips out javascript and on* attributes. The HTML gets rendered with the HTML entities escaped. 2005-08-28 14:20:42 +00:00
todo I'm seriously beginning to hate #188, but it really is fixed now. Really. The problem before was that due to a weird conjunction of due dates and creation dates on my sample set, it did actually work for me. now I use the same bit of code to display the actions on the home page and on the txt page, so it really is the same. If anyone opens that ticket again, woe betide them... :-D 2005-10-02 10:35:07 +00:00