Allow users to share sessions between apps #12068

Merged
merged 2 commits into from Oct 3, 2016

Conversation

Projects
None yet
8 participants
@mbabker
Member

mbabker commented Sep 18, 2016

Summary of Changes

Joomla's default behavior when generating session names is to use the class name for the running application class, however it also supports using a configuration value for a "static" session name, and when this value is set a user can set their Joomla install to share sessions between the site and admin apps (or really any app class based on JApplicationCms). Let's expose this via the global configuration.

Testing Instructions

With the patch applied, you'll see a new "Shared Sessions" config value under the session settings in the global configuration, defaulted to No (so off). When you set this to on, you will be logged out of the admin (as explained in the tooltip) and will need to log in again. Once logged in again, if you visit the frontend, you'll be authenticated. The same goes if you log into the frontend then try accessing the admin.

Unfortunately the success message is lost because it is enqueued to the active session that saves the configuration and the redirected request will start a new session under the new name. There isn't much that can be done here unfortunately without getting to a state where we pollute user sessions with data from another session.

Documentation Changes Required

If someone had already enabled this by setting a public $session_name = 'whatever'; var in their configuration.php file, they will need to add public $shared_session = '1'; to it as well. The latter var is needed to track the state of this option correctly and if it's not set you'll lose your shared session configuration.

@andrepereiradasilva

This comment has been minimized.

Show comment
Hide comment
@andrepereiradasilva

andrepereiradasilva Sep 18, 2016

Contributor

didn't even know this existed!

Contributor

andrepereiradasilva commented Sep 18, 2016

didn't even know this existed!

@andrepereiradasilva

This comment has been minimized.

Show comment
Hide comment
@andrepereiradasilva

andrepereiradasilva Sep 18, 2016

Contributor

I have tested this item successfully on 8440fd0

works as described


This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/12068.

Contributor

andrepereiradasilva commented Sep 18, 2016

I have tested this item successfully on 8440fd0

works as described


This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/12068.

@zero-24 zero-24 added the New Feature label Sep 18, 2016

@zero-24 zero-24 added this to the Joomla 3.7.0 milestone Sep 18, 2016

@zero-24

This comment has been minimized.

Show comment
Hide comment
@zero-24

zero-24 Sep 18, 2016

Contributor

Looks cool. Just a quick question. On a site that comes from pre 3.7.0 when the new setting gots added to the configuration.php? Only on re save the config? Maybe i miss something (i need sleep ;)) and this is not a problem. It just come to my mind on reading this 👍 Thanks.

Contributor

zero-24 commented Sep 18, 2016

Looks cool. Just a quick question. On a site that comes from pre 3.7.0 when the new setting gots added to the configuration.php? Only on re save the config? Maybe i miss something (i need sleep ;)) and this is not a problem. It just come to my mind on reading this 👍 Thanks.

+ default="0"
+ label="COM_CONFIG_FIELD_SHARED_SESSION_LABEL"
+ description="COM_CONFIG_FIELD_SHARED_SESSION_DESC"
+ filter="integer">

This comment has been minimized.

@zero-24

zero-24 Sep 18, 2016

Contributor

Just a smal one please move the > to its own line ;)

@zero-24

zero-24 Sep 18, 2016

Contributor

Just a smal one please move the > to its own line ;)

This comment has been minimized.

@zero-24

zero-24 Sep 19, 2016

Contributor

Can you please add the line now as we have a PR for the other definitions in that file: #12080

Thanks

@zero-24

zero-24 Sep 19, 2016

Contributor

Can you please add the line now as we have a PR for the other definitions in that file: #12080

Thanks

@mbabker

This comment has been minimized.

Show comment
Hide comment
@mbabker

mbabker Sep 18, 2016

Member

This is copy/pasted from another field in this file. Suggest making the CS
change to all of them at once as a separate PR instead of this being the
only one done this way.

On Sunday, September 18, 2016, zero-24 notifications@github.com wrote:

@zero-24 commented on this pull request.

In administrator/components/com_config/model/form/application.xml
#12068 (review)
:

@@ -759,6 +759,18 @@
size="6" />

  <field
  •     name="shared_session"
    
  •     type="radio"
    
  •     class="btn-group btn-group-yesno"
    
  •     default="0"
    
  •     label="COM_CONFIG_FIELD_SHARED_SESSION_LABEL"
    
  •     description="COM_CONFIG_FIELD_SHARED_SESSION_DESC"
    
  •     filter="integer">
    

Just a smal one please move the > to its own line ;)


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#12068 (review),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAWfoX6EDdz5xQjDueM7Rr2OqdneMnAHks5qrYB9gaJpZM4J_9tC
.

Member

mbabker commented Sep 18, 2016

This is copy/pasted from another field in this file. Suggest making the CS
change to all of them at once as a separate PR instead of this being the
only one done this way.

On Sunday, September 18, 2016, zero-24 notifications@github.com wrote:

@zero-24 commented on this pull request.

In administrator/components/com_config/model/form/application.xml
#12068 (review)
:

@@ -759,6 +759,18 @@
size="6" />

  <field
  •     name="shared_session"
    
  •     type="radio"
    
  •     class="btn-group btn-group-yesno"
    
  •     default="0"
    
  •     label="COM_CONFIG_FIELD_SHARED_SESSION_LABEL"
    
  •     description="COM_CONFIG_FIELD_SHARED_SESSION_DESC"
    
  •     filter="integer">
    

Just a smal one please move the > to its own line ;)


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#12068 (review),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAWfoX6EDdz5xQjDueM7Rr2OqdneMnAHks5qrYB9gaJpZM4J_9tC
.

@mbabker

This comment has been minimized.

Show comment
Hide comment
@mbabker

mbabker Sep 18, 2016

Member

Nothing changes. The shared session config value is only used when
enabling/disabling the feature and the session name value isn't exposed via
the UI (this is the one that already exists in the code).

No need to change the config file for updates.

On Sunday, September 18, 2016, zero-24 notifications@github.com wrote:

Looks cool. Just a quick question. On a site that comes from pre 3.7.0
when the new setting gots added to the configuration.php? Only on re save
the config? Maybe i miss something (i need sleep ;)) and this is not a
problem. It just come to my mind on reading this 👍 Thanks.


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#12068 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAWfoYfokOyTDwb1GyU7I6e2AUjmnjYbks5qrYA6gaJpZM4J_9tC
.

Member

mbabker commented Sep 18, 2016

Nothing changes. The shared session config value is only used when
enabling/disabling the feature and the session name value isn't exposed via
the UI (this is the one that already exists in the code).

No need to change the config file for updates.

On Sunday, September 18, 2016, zero-24 notifications@github.com wrote:

Looks cool. Just a quick question. On a site that comes from pre 3.7.0
when the new setting gots added to the configuration.php? Only on re save
the config? Maybe i miss something (i need sleep ;)) and this is not a
problem. It just come to my mind on reading this 👍 Thanks.


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#12068 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAWfoYfokOyTDwb1GyU7I6e2AUjmnjYbks5qrYA6gaJpZM4J_9tC
.

@zero-24

This comment has been minimized.

Show comment
Hide comment
@zero-24

zero-24 Sep 18, 2016

Contributor

Thanks it is on my list to fix next week :)

Contributor

zero-24 commented Sep 18, 2016

Thanks it is on my list to fix next week :)

@brianteeman

This comment has been minimized.

Show comment
Hide comment
@brianteeman

brianteeman Sep 18, 2016

Contributor

yay to adding more parameters that. I will remind you of this when you bitch at someone else adding a param ;)

Contributor

brianteeman commented Sep 18, 2016

yay to adding more parameters that. I will remind you of this when you bitch at someone else adding a param ;)

@mbabker

This comment has been minimized.

Show comment
Hide comment
@mbabker

mbabker Sep 18, 2016

Member

I hate the number of parameters we have with a passion but this is one case
where it can't be avoided.

On Sunday, September 18, 2016, Brian Teeman notifications@github.com
wrote:

yay to adding more parameters that. I will remind you of this when you
bitch at someone else adding a param ;)


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#12068 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAWfoX9U2zum4341cWtoxZFemSyyFuBLks5qrYTHgaJpZM4J_9tC
.

Member

mbabker commented Sep 18, 2016

I hate the number of parameters we have with a passion but this is one case
where it can't be avoided.

On Sunday, September 18, 2016, Brian Teeman notifications@github.com
wrote:

yay to adding more parameters that. I will remind you of this when you
bitch at someone else adding a param ;)


You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#12068 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAWfoX9U2zum4341cWtoxZFemSyyFuBLks5qrYTHgaJpZM4J_9tC
.

@zero-24

This comment has been minimized.

Show comment
Hide comment
@zero-24

zero-24 Sep 20, 2016

Contributor

That works but it looks like the last logged users module is confused now as it does not show the admin or the frontend login.
image

Or did i something wrong?

Contributor

zero-24 commented Sep 20, 2016

That works but it looks like the last logged users module is confused now as it does not show the admin or the frontend login.
image

Or did i something wrong?

@mbabker

This comment has been minimized.

Show comment
Hide comment
@mbabker

mbabker Sep 20, 2016

Member

Well with this it won't differentiate it. The session would be "owned" by whatever client the user logged into. In either case it's not affecting session functionality, just that module which is dependent on us logging the extra session metadata needlessly on every request for things like a list of logged in users.

Member

mbabker commented Sep 20, 2016

Well with this it won't differentiate it. The session would be "owned" by whatever client the user logged into. In either case it's not affecting session functionality, just that module which is dependent on us logging the extra session metadata needlessly on every request for things like a list of logged in users.

@zero-24

This comment has been minimized.

Show comment
Hide comment
@zero-24

zero-24 Sep 20, 2016

Contributor

So we should just get rid of that module and the count at the bottom of the site? I guess this also affect the mod_whoisonline module?

Also i problem is that if you logout in the frontend (to test some things without beeing logged in) you got logged out from the backend too -> well this is expected i guess. ;)

Contributor

zero-24 commented Sep 20, 2016

So we should just get rid of that module and the count at the bottom of the site? I guess this also affect the mod_whoisonline module?

Also i problem is that if you logout in the frontend (to test some things without beeing logged in) you got logged out from the backend too -> well this is expected i guess. ;)

@mbabker

This comment has been minimized.

Show comment
Hide comment
@mbabker

mbabker Sep 20, 2016

Member

Also i problem is that if you logout in the frontend (to test some things without beeing logged in) you got logged out from the backend too -> well this is expected i guess. ;)

That's why it's a shared session 😉

Member

mbabker commented Sep 20, 2016

Also i problem is that if you logout in the frontend (to test some things without beeing logged in) you got logged out from the backend too -> well this is expected i guess. ;)

That's why it's a shared session 😉

@brianteeman

This comment has been minimized.

Show comment
Hide comment
@brianteeman

brianteeman Sep 21, 2016

Contributor

For me this change breaks the existing functionality of displaying the logged in users. I am currently failing to see the benefit of this change in functionality.


This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/12068.

Contributor

brianteeman commented Sep 21, 2016

For me this change breaks the existing functionality of displaying the logged in users. I am currently failing to see the benefit of this change in functionality.


This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/12068.

@mbabker

This comment has been minimized.

Show comment
Hide comment
@mbabker

mbabker Sep 21, 2016

Member

Works fine here.

The benefit to this change is it does not require users to separately log in to both the frontend and backend. That's really it. It's a function that is already supported by the Joomla code base, this PR simply exposes the existing support for it to the global configuration.

Member

mbabker commented Sep 21, 2016

Works fine here.

The benefit to this change is it does not require users to separately log in to both the frontend and backend. That's really it. It's a function that is already supported by the Joomla code base, this PR simply exposes the existing support for it to the global configuration.

@infograf768

This comment has been minimized.

Show comment
Hide comment
@infograf768

infograf768 Sep 21, 2016

Member

I guess we need changes, if the param is set, to the 2 who's online modules and status module:

screen shot 2016-09-21 at 17 55 15

Also, here, even after deleting the session and re-login, I get multiple results for the same user:

screen shot 2016-09-21 at 17 53 48
screen shot 2016-09-21 at 17 53 32

Member

infograf768 commented Sep 21, 2016

I guess we need changes, if the param is set, to the 2 who's online modules and status module:

screen shot 2016-09-21 at 17 55 15

Also, here, even after deleting the session and re-login, I get multiple results for the same user:

screen shot 2016-09-21 at 17 53 48
screen shot 2016-09-21 at 17 53 32

@infograf768

This comment has been minimized.

Show comment
Hide comment
@infograf768

infograf768 Sep 21, 2016

Member

Looks like the sessions are not deleted from the db:
Logged in and out a few times and I get:

screen shot 2016-09-21 at 18 04 30

Member

infograf768 commented Sep 21, 2016

Looks like the sessions are not deleted from the db:
Logged in and out a few times and I get:

screen shot 2016-09-21 at 18 04 30

@mbabker

This comment has been minimized.

Show comment
Hide comment
@mbabker

mbabker Sep 21, 2016

Member

A lot of this is simply because all of the extra metadata handling is designed to only support the notion of being logged in to either the site or the admin. The who's online module as an example only queries against the client ID, which is set by our metadata handler and isn't part of the session; as is the tracking is only good for whatever client you logged in to (so if you log into admin then visit site, the frontend online module won't have a clue you're logged in and authenticated; this is not a bug by any measure because sessions by design aren't limited to a "client" and this distinction is only made at the metadata tracking level which is not a part of the session at all but we store it in that table).

Session deletion is not touched by this patch at all. The session handler has no notion of this client tracking and simply deletes whatever session ID it was told to. Our "cleanup" routines (which shouldn't even run when the database handler is active) purge everything that should have expired based on the active configuration. Neither of those are touched here and frankly if that stops working simply by activating this then Joomla's sessions are even more borked than I realized.

Member

mbabker commented Sep 21, 2016

A lot of this is simply because all of the extra metadata handling is designed to only support the notion of being logged in to either the site or the admin. The who's online module as an example only queries against the client ID, which is set by our metadata handler and isn't part of the session; as is the tracking is only good for whatever client you logged in to (so if you log into admin then visit site, the frontend online module won't have a clue you're logged in and authenticated; this is not a bug by any measure because sessions by design aren't limited to a "client" and this distinction is only made at the metadata tracking level which is not a part of the session at all but we store it in that table).

Session deletion is not touched by this patch at all. The session handler has no notion of this client tracking and simply deletes whatever session ID it was told to. Our "cleanup" routines (which shouldn't even run when the database handler is active) purge everything that should have expired based on the active configuration. Neither of those are touched here and frankly if that stops working simply by activating this then Joomla's sessions are even more borked than I realized.

@andrepereiradasilva

This comment has been minimized.

Show comment
Hide comment
@andrepereiradasilva

andrepereiradasilva Sep 21, 2016

Contributor

humm ... when using shared session:

  • if i log in the site i get client_id = 0 in the database
  • if i log in the admin i get client_id = 1 in the database

maybe with shared sessions this should be null (or empty)?

Contributor

andrepereiradasilva commented Sep 21, 2016

humm ... when using shared session:

  • if i log in the site i get client_id = 0 in the database
  • if i log in the admin i get client_id = 1 in the database

maybe with shared sessions this should be null (or empty)?

@brianteeman

This comment has been minimized.

Show comment
Hide comment
@brianteeman

brianteeman Sep 21, 2016

Contributor
Contributor

brianteeman commented Sep 21, 2016

@andrepereiradasilva

This comment has been minimized.

Show comment
Hide comment
@andrepereiradasilva

andrepereiradasilva Sep 21, 2016

Contributor

I just don't see the benefits.i am only seeing the things that no longer work as expected

i disagree. i see the benifits of having the same session in site and admin. much more easy to use not having to login in site and admin.

and things works as expected.
as michael said it, this feature always exists in joomla, it's not just a parameter in global config.
if you active this in a global config setting in 3.6.2 you will get the same problems.


Michael, there are several places there are DB queries to the session client_id:

Contributor

andrepereiradasilva commented Sep 21, 2016

I just don't see the benefits.i am only seeing the things that no longer work as expected

i disagree. i see the benifits of having the same session in site and admin. much more easy to use not having to login in site and admin.

and things works as expected.
as michael said it, this feature always exists in joomla, it's not just a parameter in global config.
if you active this in a global config setting in 3.6.2 you will get the same problems.


Michael, there are several places there are DB queries to the session client_id:

@mbabker

This comment has been minimized.

Show comment
Hide comment
@mbabker

mbabker Sep 21, 2016

Member

If I'm going to keep getting brick walled I'm not going to pursue this further.

So here's the issue. Joomla is written in a very specific way that very statically (and borderline asininely) separates "church and state" (or frontend and backend). Some folks have commented that they would like a workflow where you can log in once and be logged in everywhere. The code already supports this feature, I'm exposing it via the UI with an extra tracking parameter so we don't have to instruct the user to create a properly dynamic name. Those who might already be using this feature all have the same issues being thrown up here regarding the extra metadata tracking features not working "as expected". The fix for that is to either set invalid data to the client ID (it should directly map to an ID retrievable via JApplicationHelper::getClientInfo()) or go through the code adding conditionals against the global configuration value to "trick" existing features to working the exact same way. The other option is to remove the feature and leave Joomla working in a very specific way matching a very specific vision of "key players".

Member

mbabker commented Sep 21, 2016

If I'm going to keep getting brick walled I'm not going to pursue this further.

So here's the issue. Joomla is written in a very specific way that very statically (and borderline asininely) separates "church and state" (or frontend and backend). Some folks have commented that they would like a workflow where you can log in once and be logged in everywhere. The code already supports this feature, I'm exposing it via the UI with an extra tracking parameter so we don't have to instruct the user to create a properly dynamic name. Those who might already be using this feature all have the same issues being thrown up here regarding the extra metadata tracking features not working "as expected". The fix for that is to either set invalid data to the client ID (it should directly map to an ID retrievable via JApplicationHelper::getClientInfo()) or go through the code adding conditionals against the global configuration value to "trick" existing features to working the exact same way. The other option is to remove the feature and leave Joomla working in a very specific way matching a very specific vision of "key players".

@brianteeman

This comment has been minimized.

Show comment
Hide comment
@brianteeman

brianteeman Sep 21, 2016

Contributor
Contributor

brianteeman commented Sep 21, 2016

@mbabker

This comment has been minimized.

Show comment
Hide comment
@mbabker

mbabker Sep 21, 2016

Member

Regarding each of those linked queries:

  • First two are related to the session metadata tracking using the conventional "one session per user per app" logic; we would have to decide how to handle "multi-client" tracking for the ID either by nulling it or using an arbitrary value (this ID should be treated as a foreign key mapping directly to a known application client)
  • Admin mod_status queries are to count the number of authenticated users per application; with this feature enabled there is not a distinction per application as the user is logged in globally
  • Admin mod_logged uses the client ID to decide whether the X icon to force end a session (which actually doesn't work completely IIRC) should be displayed; it only shows for site users
  • Frontend mod_whosonline queries are to count the guests and authenticated users for the site application; when enabled there's no distinction on applications
  • The user plugin's query deletes records if force logout is enabled; this one's pretty FUBAR too because it doesn't actually end the user's session, just deletes the metadata record and it's filtered per client

So if we want this metadata stuff to keep working (I still say we need a killswitch for it for those who have a desire to not log it and require the extra database query(s) per request), basically we need to decide how to track the metadata.

Member

mbabker commented Sep 21, 2016

Regarding each of those linked queries:

  • First two are related to the session metadata tracking using the conventional "one session per user per app" logic; we would have to decide how to handle "multi-client" tracking for the ID either by nulling it or using an arbitrary value (this ID should be treated as a foreign key mapping directly to a known application client)
  • Admin mod_status queries are to count the number of authenticated users per application; with this feature enabled there is not a distinction per application as the user is logged in globally
  • Admin mod_logged uses the client ID to decide whether the X icon to force end a session (which actually doesn't work completely IIRC) should be displayed; it only shows for site users
  • Frontend mod_whosonline queries are to count the guests and authenticated users for the site application; when enabled there's no distinction on applications
  • The user plugin's query deletes records if force logout is enabled; this one's pretty FUBAR too because it doesn't actually end the user's session, just deletes the metadata record and it's filtered per client

So if we want this metadata stuff to keep working (I still say we need a killswitch for it for those who have a desire to not log it and require the extra database query(s) per request), basically we need to decide how to track the metadata.

@andrepereiradasilva

This comment has been minimized.

Show comment
Hide comment
@andrepereiradasilva

andrepereiradasilva Sep 21, 2016

Contributor

First two are related to the session metadata tracking using the conventional "one session per user per app" logic; we would have to decide how to handle "multi-client" tracking for the ID either by nulling it or using an arbitrary value (this ID should be treated as a foreign key mapping directly to a known application client)

I would go for NULL. since there is no specific client id.

Admin mod_status queries are to count the number of authenticated users per application; with this feature enabled there is not a distinction per application as the user is logged in globally

We could check if the app config shared session parameter is setted and them show just "Users", and show "Site"/"Admin" (like now) otherwise

Admin mod_logged uses the client ID to decide whether the X icon to force end a session (which actually doesn't work completely IIRC) should be displayed; it only shows for site users

So here we don't need to do anything, because in shared session context we can't X a user that is logged in site and admin.
Or we make it so that you can X any user.

Frontend mod_whosonline queries are to count the guests and authenticated users for the site application; when enabled there's no distinction on applications

we could query client_id 0 or NULL

The user plugin's query deletes records if force logout is enabled; this one's pretty FUBAR too because it doesn't actually end the user's session, just deletes the metadata record and it's filtered per client

not sure about this one.

So if we want this metadata stuff to keep working (I still say we need a killswitch for it for those who have a desire to not log it and require the extra database query(s) per request), basically we need to decide how to track the metadata.

I would go for client_id NULL in shared_session. since there is no specific client id for the user session.

Contributor

andrepereiradasilva commented Sep 21, 2016

First two are related to the session metadata tracking using the conventional "one session per user per app" logic; we would have to decide how to handle "multi-client" tracking for the ID either by nulling it or using an arbitrary value (this ID should be treated as a foreign key mapping directly to a known application client)

I would go for NULL. since there is no specific client id.

Admin mod_status queries are to count the number of authenticated users per application; with this feature enabled there is not a distinction per application as the user is logged in globally

We could check if the app config shared session parameter is setted and them show just "Users", and show "Site"/"Admin" (like now) otherwise

Admin mod_logged uses the client ID to decide whether the X icon to force end a session (which actually doesn't work completely IIRC) should be displayed; it only shows for site users

So here we don't need to do anything, because in shared session context we can't X a user that is logged in site and admin.
Or we make it so that you can X any user.

Frontend mod_whosonline queries are to count the guests and authenticated users for the site application; when enabled there's no distinction on applications

we could query client_id 0 or NULL

The user plugin's query deletes records if force logout is enabled; this one's pretty FUBAR too because it doesn't actually end the user's session, just deletes the metadata record and it's filtered per client

not sure about this one.

So if we want this metadata stuff to keep working (I still say we need a killswitch for it for those who have a desire to not log it and require the extra database query(s) per request), basically we need to decide how to track the metadata.

I would go for client_id NULL in shared_session. since there is no specific client id for the user session.

@infograf768

This comment has been minimized.

Show comment
Hide comment
@infograf768

infograf768 Sep 22, 2016

Member

Neither of those are touched here and frankly if that stops working simply by activating this then Joomla's sessions are even more borked than I realized.

When I logged in this morning, the former entries in the session table were correctly deleted.

Member

infograf768 commented Sep 22, 2016

Neither of those are touched here and frankly if that stops working simply by activating this then Joomla's sessions are even more borked than I realized.

When I logged in this morning, the former entries in the session table were correctly deleted.

@mbabker

This comment has been minimized.

Show comment
Hide comment
@mbabker

mbabker Oct 2, 2016

Member

OK all the metadata junk is addressed now.

Member

mbabker commented Oct 2, 2016

OK all the metadata junk is addressed now.

@andrepereiradasilva

This comment has been minimized.

Show comment
Hide comment
@andrepereiradasilva

andrepereiradasilva Oct 2, 2016

Contributor

I have tested this item successfully on 8420cf9


This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/12068.

Contributor

andrepereiradasilva commented Oct 2, 2016

I have tested this item successfully on 8420cf9


This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/12068.

@zero-24

This comment has been minimized.

Show comment
Hide comment
@zero-24

zero-24 Oct 3, 2016

Contributor

I have tested this item successfully on 8420cf9

Thanks @mbabker 👍


This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/12068.

Contributor

zero-24 commented Oct 3, 2016

I have tested this item successfully on 8420cf9

Thanks @mbabker 👍


This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/12068.

@zero-24

This comment has been minimized.

Show comment
Hide comment
@zero-24

zero-24 Oct 3, 2016

Contributor

RTC ❤️


This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/12068.

Contributor

zero-24 commented Oct 3, 2016

RTC ❤️


This comment was created with the J!Tracker Application at issues.joomla.org/joomla-cms/12068.

@joomla-cms-bot joomla-cms-bot added the RTC label Oct 3, 2016

@rdeutz rdeutz merged commit 3c7ea6c into joomla:3.7.x Oct 3, 2016

3 checks passed

JTracker/HumanTestResults Human Test Results: 2 Successful 0 Failed.
Details
continuous-integration/drone the build was successful
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
@izharaazmi

This comment has been minimized.

Show comment
Hide comment
@izharaazmi

izharaazmi Oct 5, 2016

Contributor

Shared sessions are usually asked for by many clients. I remember at least 6 active clients of mine using session_name setting and maybe few more that I don't remember.

There are few side-effects of having this feature ON that we should be aware of.

The userState will also be shared being part of the session data. This means com_content.article.edit.data or com_content.articles.list.limit etc all will be passed/modified between the clients. That means edit forms, list paginations, list filters etc will be shared as well. If we are all okay with these and similar behaviour then it is okay to go with this.

What if we used session_name variable itself instead of an additional new parameter for shared session? That would have been more B/C. We won't even need to modify the session table's client_id NOT NULL setting.

On the Configuration UI we can still show the same thing as you are showing but internally we could set something like session_name = 'shared' and session_name = '' respectively for ON and OFF.

PS: Though it is not a good idea, but we can prevent the user from logging out after changing this setting by setting the shared session_name to administrator when ON.

Contributor

izharaazmi commented Oct 5, 2016

Shared sessions are usually asked for by many clients. I remember at least 6 active clients of mine using session_name setting and maybe few more that I don't remember.

There are few side-effects of having this feature ON that we should be aware of.

The userState will also be shared being part of the session data. This means com_content.article.edit.data or com_content.articles.list.limit etc all will be passed/modified between the clients. That means edit forms, list paginations, list filters etc will be shared as well. If we are all okay with these and similar behaviour then it is okay to go with this.

What if we used session_name variable itself instead of an additional new parameter for shared session? That would have been more B/C. We won't even need to modify the session table's client_id NOT NULL setting.

On the Configuration UI we can still show the same thing as you are showing but internally we could set something like session_name = 'shared' and session_name = '' respectively for ON and OFF.

PS: Though it is not a good idea, but we can prevent the user from logging out after changing this setting by setting the shared session_name to administrator when ON.

@joomla-cms-bot joomla-cms-bot removed the RTC label Oct 5, 2016

izharaazmi added a commit to izharaazmi/joomla-cms that referenced this pull request Oct 5, 2016

This is in continuation with @mbabker's #12068.
The implementation in the global configuration is a nice improvement. However the same effect can be achieved without introducing an new parameter 'shared_session'.
Database changes can also be avoided but it doesn't harm in any way, so I have skipped them.
@mbabker

This comment has been minimized.

Show comment
Hide comment
@mbabker

mbabker Oct 5, 2016

Member

What if we used session_name variable itself instead of an additional new parameter for shared session?

Explained on your PR why I went the way I did. I would not give the user the ability to set the value themselves unless they know what they're doing (they can edit the configuration.php file themselves if so). As this is used in part for generating data related to the session, it should be a random value.

The database changes are required as long as we have this crap metadata stuff. Otherwise we are knowingly inserting invalid data and that is unacceptable. Additionally with the parameter changed the filters need to account for this because sessions generated under the old parameter value will still exist in the database and those have become invalidated and will remain until the regular garbage collection routines are run.

Member

mbabker commented Oct 5, 2016

What if we used session_name variable itself instead of an additional new parameter for shared session?

Explained on your PR why I went the way I did. I would not give the user the ability to set the value themselves unless they know what they're doing (they can edit the configuration.php file themselves if so). As this is used in part for generating data related to the session, it should be a random value.

The database changes are required as long as we have this crap metadata stuff. Otherwise we are knowingly inserting invalid data and that is unacceptable. Additionally with the parameter changed the filters need to account for this because sessions generated under the old parameter value will still exist in the database and those have become invalidated and will remain until the regular garbage collection routines are run.

@mbabker

This comment has been minimized.

Show comment
Hide comment
@mbabker

mbabker Oct 5, 2016

Member

There are few side-effects of having this feature ON that we should be aware of.

The userState will also be shared being part of the session data. This means com_content.article.edit.data or com_content.articles.list.limit etc all will be passed/modified between the clients. That means edit forms, list paginations, list filters etc will be shared as well. If we are all okay with these and similar behaviour then it is okay to go with this.

Missed responding to this part earlier.

First, these are issues that already exist if you were using the parameter. This PR fixes some of the things related to user facing features, but not some of the backend handling.

Second, fixing some of this (i.e. the state variable names) constitutes a B/C break and would need to go into the 4.0 effort (you'd need to differentiate these things by client or some other unique identifier to ensure that com_content frontend doesn't mess with com_content backend).

As for the edit stuff, that's only going to be an issue if you're trying to open the edit form for the same item in both apps. And again fixing it would be a B/C issue.

Member

mbabker commented Oct 5, 2016

There are few side-effects of having this feature ON that we should be aware of.

The userState will also be shared being part of the session data. This means com_content.article.edit.data or com_content.articles.list.limit etc all will be passed/modified between the clients. That means edit forms, list paginations, list filters etc will be shared as well. If we are all okay with these and similar behaviour then it is okay to go with this.

Missed responding to this part earlier.

First, these are issues that already exist if you were using the parameter. This PR fixes some of the things related to user facing features, but not some of the backend handling.

Second, fixing some of this (i.e. the state variable names) constitutes a B/C break and would need to go into the 4.0 effort (you'd need to differentiate these things by client or some other unique identifier to ensure that com_content frontend doesn't mess with com_content backend).

As for the edit stuff, that's only going to be an issue if you're trying to open the edit form for the same item in both apps. And again fixing it would be a B/C issue.

@izharaazmi

This comment has been minimized.

Show comment
Hide comment
@izharaazmi

izharaazmi Oct 6, 2016

Contributor

Yes, I understand that this issue already exists and its nothing that this PR has caused. It was just a statutory warning to those who are going to or already using shared sessions 😉 .

And again fixing it would be a B/C issue.

Yes and No. Yes, if we do it as shared sessions. No, if we do it as shared login. But again its for another day, another PR.

Contributor

izharaazmi commented Oct 6, 2016

Yes, I understand that this issue already exists and its nothing that this PR has caused. It was just a statutory warning to those who are going to or already using shared sessions 😉 .

And again fixing it would be a B/C issue.

Yes and No. Yes, if we do it as shared sessions. No, if we do it as shared login. But again its for another day, another PR.

wilsonge added a commit that referenced this pull request Oct 29, 2016

[4.0] Merge staging (#12622)
* added show/hide introtext parameter to mod_articles_news

* added <?php if (!$params->get('intro_only')) : ?> back again since it might be a B/C setting/parameter

* added tabs in code

* Update mod_articles_news.xml

* Update _item.php

* corrected typo from last merge

* changed label and description

* Add JHtmlBootstrap for front-end editing. Fixes #11562

* Implementing Menu Items modals (New feature)

* Wrong class for chosen (#11820)

* 3.7.0: Using the new modal_menu field in various core places (#11694)

* Using the new modal_menu field in various core places

* Simplifying clearField

* Simplify conditional

* Parenthesis replaced by mdash

* Using modal_category field in various core locations

* 3.7.0: New Feature=>editor-xtd to insert menu items links in content (#11721)

* 3.7.0: New Feature=>editor-xtd to insert menu items links in content

* correcting some errors

* quoting for sql azure

* one more

* Changed icon + lang constants

* Chosen upgrade. Fixes #11779

Squashed commit of the following:

commit 48051c7
Author: Brian Teeman <brian@teeman.net>
Date:   Thu Aug 25 14:31:04 2016 +0100

    css change only

commit 90a89fd
Author: Brian Teeman <brian@teeman.net>
Date:   Thu Aug 25 14:28:58 2016 +0100

    Revert "css fix thanks @C-Lodder"

    This reverts commit f7320cf.

commit f7320cf
Author: Brian Teeman <brian@teeman.net>
Date:   Thu Aug 25 14:09:03 2016 +0100

    css fix thanks @C-Lodder

commit 42c9de3
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 18:10:33 2016 +0100

    fix permissions

commit b8fdd34
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 18:07:53 2016 +0100

    add minified version of js

commit 0ef056d
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 17:59:55 2016 +0100

    add documented js hacks

commit c68c275
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 17:48:01 2016 +0100

    add comment block

commit 983dbf5
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 17:08:47 2016 +0100

    rename liszt: chosen:

commit 8caad73
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 17:07:47 2016 +0100

    Revert "rename liszt: chosen: and add JUI hacks"

    This reverts commit 8611671.

commit 8611671
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 17:06:21 2016 +0100

    rename liszt: chosen: and add JUI hacks

commit 535bea0
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 16:45:14 2016 +0100

    replace chosen: with liszt:

commit 2686df5
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 16:43:35 2016 +0100

    replace _chosen with _chzn

commit 691be65
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 16:42:49 2016 +0100

    replace chosen- with chzn-

commit 863b5f9
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 16:37:20 2016 +0100

    update js with original version

commit 537735c
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 16:36:19 2016 +0100

    remove min js

commit e739562
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 16:35:21 2016 +0100

    replace chosen- with chzn-

commit db82431
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 16:33:46 2016 +0100

    update css file with original version

commit 24a955b
Author: Brian Teeman <brian@teeman.net>
Date:   Wed Aug 24 16:29:34 2016 +0100

    update sprites

commit 4856d5e
Merge: 4ddd833 f10ab35
Author: Brian Teeman <brian@teeman.net>
Date:   Tue Aug 23 16:23:34 2016 +0100

    Merge branch 'staging' of https://github.com/joomla/joomla-cms into staging

commit 4ddd833
Merge: b5ffa27 8258906
Author: Brian Teeman <brian@teeman.net>
Date:   Mon Aug 22 10:30:58 2016 +0100

    Merge branch 'staging' of https://github.com/joomla/joomla-cms into staging

commit b5ffa27
Merge: 24e6c45 e80e319
Author: Brian Teeman <brian@teeman.net>
Date:   Sun Aug 21 17:45:45 2016 +0100

    Merge branch 'staging' of https://github.com/joomla/joomla-cms into staging

commit 24e6c45
Merge: 962b424 c1b0295
Author: Brian Teeman <brian@teeman.net>
Date:   Fri Aug 19 21:08:30 2016 +0100

    Merge branch 'staging' of https://github.com/joomla/joomla-cms into staging

commit 962b424
Merge: 14f5b1c 4c539c4
Author: Brian Teeman <brian@teeman.net>
Date:   Thu Aug 18 12:06:49 2016 +0100

    Merge branch 'staging' of https://github.com/joomla/joomla-cms into staging

commit 14f5b1c
Merge: 2baa00b edb70c2
Author: Brian Teeman <brian@teeman.net>
Date:   Mon Aug 15 10:06:07 2016 +0100

    Merge branch 'staging' of https://github.com/joomla/joomla-cms into staging

commit 2baa00b
Merge: 97d1fb7 f827dfc
Author: Brian Teeman <brian@teeman.net>
Date:   Sun Aug 14 22:38:02 2016 +0100

    Merge branch 'staging' of https://github.com/joomla/joomla-cms into staging

commit 97d1fb7
Author: Brian Teeman <brian@teeman.net>
Date:   Sun Aug 14 16:28:13 2016 +0100

    Revert "toolbar"

    This reverts commit 8f995f1.

commit 8f995f1
Author: Brian Teeman <brian@teeman.net>
Date:   Sun Aug 14 16:27:57 2016 +0100

    toolbar

* Two search modules on same page: Invalid HTML. (#11229)

* Add postfix for unique id ($module->id)

* Respect postfixes for unique id in mod_search

* Reduce use of JFactory::getConfig() where practical

* Allow registering callback functions for the debug console. Fixes #11700

* Allow adding script options without inline JavaScript. Fixes #11671

* Adding "category on fly" functionality when create/edit contact. Fixes #11354

* New method for retrieving the strings from the store. Fixes #11692

* [html5] Hathor administrator template. Fixes #10634

* [Optimize] Generate thumbnail image method to avoid pixelated error in thumbnails. Fixes #7919

* Fix since tag

* Normalise Block this User button styling. Fixes #11421

* [html5] System administrator template. Fixes #10638

* URL checking improved in com_wrapper. Fixes #4670

    When adding the scheme to an URL use correct scheme (http or https) and port.
    Checking for "http" or "https" via strstr() in the URL matched also these strings embedded in the URL (e.g. in /static/http/index.html), due to that checks changed to strpos().

* Update en-GB.com_users.ini (#11909)

* Templates are in the scope of JDocument. Fixes #10847

* Small review/cleanup in JHtml. Fixes #10771

* Fix form field unit tests. Fixes #11910 Fixes #11413

* Improvements to article modals (with Create Article button). Fixes #11830

* [com_content] - Allow captcha when submit article. Fixes #10976

* Proxy JData to the Framework. Fixes #11588

* [newsfeed modal field] Adds Create News Feed button and other improvements. Fixes #11862

* Allow force refreshing the cache when getting fields in JTable. Fixes #11046

* Allow a custom page title to be defined for an article without a menu item. Fixes #10838

* Code review on com_content component. Fixes #10851

* [category modal field] Adds Create Category button and other improvements. Fixes #11857

* Joomla.JText uses scriptOptions 'joomla.jtext'. Fixes #11690

* Remove legacy frame breaking js code. Fixes #11679

* [contact modal field] Adds Create Contact button and other improvements. Fixes #11858

* Support collection of custom stats in admin stats module. Fixes #10870

* Use intro_image in newsfeed. Fixes #11402

* [com_tags] - Add count and link to tagged items. Fixes #10895

* Allow the vote plugin's position to be configured. Fixes #11375

* Return a 403 status code instead of a 404 for a not accessible category. Fixes #11624

* Add Sort by Modified Date in the Module mod_articles_news (#11128)

* Update mod_articles_news.xml

At present the sorting by date has the options to sort the articles by Published Up date and Created Date.  Adding another sort option to sort the articles by the Modified Date has been added.  This addition would be of help to list the articles that are modified recently.

* Update en-GB.mod_articles_news.ini

Added the following language string that would be used in the xml file of the module mod_articles_news.
MOD_ARTICLES_NEWS_FIELD_ORDERING_MODIFIED_DATE="Modified Date"

* Update mod_articles_news.xml

The value a.modified has been added to the Direction

* Cleanup deprecated unused files. Fixes #11762

* Add Polyfill js for legacy browsers (adds events and classlist polyfills). Fixes #11686

* [com_content] Add icons layout. Fixes #10423

* [3.7.x] Fixes issues with the category article view after #11624 (#11943)

* Update category.php

* Update category.php

* Fixing missing getItems in mock JMenu for (routing) unittests. Fixes #11936

* Enable caching of menu data in JMenuSite (#10797)

* Enable caching of menu data in JMenuSite

* Use a lambda function for the query instead

* Add Microseconds to JDate('now') (#11890)

* Update date.php

* Update date.php

* cleaner code

* simplify

* Update date.php

* Router options (#11962)

* Router options

* switch sentences

* [unit tests] Just need to check one microsecond now (3.7.x Branch) (#11966)

* Update JHtmlDateTest.php

* Update JFactoryTest.php

* Fix button classes (#11971)

* Fix javascript tests (#11993)

* fix javascript tests

* typo

* change the order to test Joomla.optionsStorage = null

* ordering again

* Add chosen to module order field (#11992)

* remove crap, add chosen

* s

* New Routing: Fix category routing without menu items

* [category item modal field] Apply on more fields for categories. Fixes #11920

* Patch #6712 - FieldCheckbox attribute default (#6794)

* Patch 6712 - FieldCheckbox attribute default

Checkbox field does not allow defining a value without being checked
#6712

* fix code style

* Added a clean line

Added a clean line befor the if @zero-24

* IS (list views) - Replace html/pagination.php::pagination_list_footer() by JLayouts. Fixes #11246

* Fix no menu item pages giving wrong links (#12020)

* Fix routing for non-sef menu items with Modern Routing (#12021)

* Phase out JString calls in libraries (#12058)

* Admin app - JString -> StringHelper (#12056)

* Site app & Plugins - JString -> StringHelper (#12057)

* New Feature, Multilanguage: Add the possibility of displaying associations in article info and in articles list. Replaces #11935 (#12042)

* Replaces

* Modifying to fit Thomas proposal

* modifying fetching flags param

* adding showon + some

* [JAccess] Improve ACL asset preloading performance/memory consumption (#12028)

* improve component asset preload speed

* Update user.php

* Update access.php

* Update access.php

* Update access.php

* Update access.php

* not convinced yet, but revert changes in juser

* make sure that components are always preloaded

* only a logged users (with user id) can be root.

* [com_content] - add articles ordering by votes, ratings (#11225)

* Add setDocumentTitle() function in JViewLegacy (#11399)

* setDocumentTitle() function in JViewLegacy

* PHPCS

* set new counts too center

* fir for  #11225

* There is no need for the extra spaces at the end of the line :)

* fix typo

fixed typo

* allow to hide session too in plugin system debug

* deprecate keychain for 3.0

* deprecate fof

* deprecate fof

* Update include.php

* deprecate old ciphers

* Fix Travis error in keychain (#12157)

* fix travis

* space

* Allow JHtmlDate::relative to set a custom format (#12164)

* Updated installation language files.

* Fix typo in cache memcached storage (#12150)

* div doesn't support type=button (#12131)

* JFile - error fix "Cannot pass parameter 2 by reference" (#11952)

* Fix of an error "Only variables should be passed by reference"

If you pass a string to methods ````append```` or ````write````, you will have an error ````Only variables should be passed by reference````

* Update file.php

* Update file.php

* Custom calendar is not applied to version history preview and compare dates (#12138)

* Custom calendar is not applied to version history preview and compare

* simplify code. Thanks Thomas.

* Update preview.php

* Update compare.php

* Update MediaElement.js to 2.23.0 (#11981)

* Allow JHtmlDate::relative to set a custom format

* Add doc block comment

* Proposed onAfterRenderModules event in modules rendering (#10113)

* Updated pull request #3105 to latest stage (2016-04-24) inclusive unit test

* CS fix

* Update JDocumentRendererHtmlModulesTest.php

* fix expected value for the unit test

in #10113 a unit test was added but failed, this is a fix

* Deprecate web router classes

* Localise the format for the calendar formfield (#12102)

* Localise the format for the calendar formfield

* Adding comment

* Support all formats

* Label - Mass Mail Users v2 (#12084)

* Added optional suffix text to Mass Mail Form page (#12078)

* Add Unpublished Content Language on Language Package Install (#11867)

* initial commit

* Update language.php

* Update en-GB.lib_joomla.ini

* Update en-GB.lib_joomla.ini

* ups

* Update language.php

* Update language.php

* Update language.php

* change native to $siteLanguageManifest['name']

* allow to install published content languages on install 1

* allow to install published content languages on install 2

* solve remaining issues

* cs

* fix language names and simplify

* cs

* improve code and deprecate unneed code

* fix title issues (as possible with current xml scenario)

* remove non existent metadata values

* shoudl not be row, it should be tableLanguage

* don't fallback to en-GB native title

* tinyMCE use document "scriptoptions", and allow to override tinyMCE Javascript parameters (#11157)

* tinymce initialization, use addScriptOptions and tinymce-init.js

* Finalize tinymce-init.js

* Small improve for code duplication

* Allow multiple editors with diferent options

* Setup default options for the editor script only once

* Minified version of tinymce-init

* code style

* Improve a bit

* Reply to email (#11015)

*  Reply to email

* Reply to email: configuration file chnages resolved

* #11015 Reply to email: suggested changes fixed

* Media form field bootstrapped with static preview (#10889)

* Bootstrap popup with mootols compatibility

* restore static preview

* 💩

* 😡

* fixes

- Delete extra </div>
- Move preview under the input field
- respect landscape/portrait images

* typo

* Utilise unionAll element in the select query, previously it was always being ignored. (#10817)

Rearrange union > unionAll > order to render a valid query when all these three are used together in a query.
Fix return type in method doc blocks.

Update test case for the JDatabaseQuery::toString method to test all the element for select query.

* Introduce new method isClient($identifier) in JApplicationCms class (#8971)

* Introduce new method isClient($identifier) in JApplicationCms class as a substitute for isSite and isAdmin methods.

Hence, remove usage of descendant class reference in the JApplication (legacy) and JApplicationCms for better OO structure and support more extensibility.

* Added unit tests for JApplicationCms::isClient($identifier);

* Fix, null == 0 passes. Avoiding strict check to allow use of '0' or '1' as string as well as integer.

* Removed support for integer argument which matched client_id as discussed with @mbabker, thanks.

* fix com_finder regression (#12236)

* Core.js AJAX method (#11585)

* Core.js even listeners

* Core.js: method for ajax requests

* Code style

* Some example and minified version

* Core.js even listeners, use IE fallback

* Core.js remove even listeners fallback

* 370: solving #11225 merge regression (#12238)

* 3.7.x: Porting #11225 to beez (#12240)

* Move keepalive to external js (#8545)

* Keepalive with data attributes

* cs

* cs

* cs empty line

* Not seconds ...

* object

* No double entities

We have to use JRoute without xhtml or else the admin keep alive URL get
double entities `&amp;amp;?`

* From chocolate to vanilla ...

Works with vanilla js!
Works if onload event is already fired when script is executed.
This way the js file can be loaded on render, asyncronous or deferered
to after the onload event.
Should be cross-browser compatible.

* improvements

* cs

* default options, move to jui folder, asynchronous loading

* simple correct to work with new script attributes PR (11289). Adds auto version hash.

* update to match #11289 JHtml script behaviour

* use __DEPLOY_VERSION__

* cs and simplify

* Update behavior.php

* Update keepalive.js

* Update keepalive.min.js

* Update keepalive.js

* Update keepalive.min.js

* fix conflicts 1

* use new addScriptOptions and Joomla.request methods

* fix unit tests

* fix last unit test

* [menu item modal field] Adds Create Menu Item button and other improvements (3.7.x branch) (#11916)

* Update modal.php

* Update edit.php

* Update view.html.php

* Update item_alias.xml

* Update default.xml

* Update logout.xml

* Update mod_login.xml

* Update mod_login.xml

* Update mod_menu.xml

* Update item.php

* Update menu.php

* Update menu.php

* Update en-GB.com_menus.ini

* minor cs

* corrections

* solve no item text issue

* New show_info option (hide/show) in com_contact and some minor changes (#8607)

* several improvments

* lang changes

* minor changes

* fix conflicts

* fix conflicts 2

* revert

* fix conflicts final

* [3.7.x] Lets use the correct API to get this string translated (com_postinstall) (#12247)

* add files joomla

* lets make the languagestring checker happy

* cs

* add missing string (#12246)

* fix missing string (#12245)

* Deprecate MooTools based helpers (#12268)

* Deprecate MooTools based helpers

* PHPCS sucks...

* fix redirect plugin messages (#12280)

* remove dublicate message (#12279)

* Allow users to share sessions between apps (#12068)

* Allow users to share sessions between apps

* Address all metadata related stuff

* warning (#12285)

merged on review

* [3.7.x] Fix Regression #12277: language selector blocked on edit when there are no associations (multilanguage) (#12283)

* category edit: check if there are associations

* contact edit: check if there are associations

* articles edit: check if there are associations

* menus edit: check if there are associations

* newsfeed edit: check if there are associations

* Admin - Simplify instantiation of Registry (#12270)

* [j3.7] New Feature Contact editor-xtd plugin (#12252)

* New editor-xtd contact plugin

* docs

* update sql

* add contact icon

* prevent loading in com_banners where it is useless

* Installation sql

* correct installation

* extra line feed

* __DEPLOY_VERSION__

* __DEPLOY_VERSION__

* com_admin script

* Update contact.php

* Update contact.php

* Update contact.php

* Update contact.xml

* Update en-GB.plg_editors-xtd_contact.sys.ini

* Update en-GB.plg_editors-xtd_contact.ini

* Update 3.7.0-2016-10-01.sql

* Update 3.7.0-2016-10-01.sql

* Update 3.7.0-2016-10-01.sql

* Routing: Remove IDs from SEF URLs (#11320)

Also fixes various bugs in the new router

* Run SEF plugin also when SEF URLs are not enabled (#11035)

* remove menu button

* Update note.xml

* string, not array

* Redo Isis flat repaint (Closes #11832) (#12319)

* Isis flat repaint - Initial commit

* Tags field refinement

* Fixed field height inconsistency

* RTL support added

* Minor fixes

* Installation flat repaint

* Revert install flat repaint

* Chzn flat styling separated to chzn-override.less

* Missing the in language string

* TinyMCE xtd-button close (again, really) and drop jquery (#12324)

* drop jquery, fix jModalClose()

* classList polyfill not needed here

* window.width (seriously?), merge options

* use Joomla.extend()

* my bad

* IE<9

* Add attribs to the script tag, add version to JHtml script methods and deprecate MD5SUM (alternative to 8540) (#11289)

* new method to add attrbibs to the script tag

* corrections

* defaultJsMimes

* add deprecated comment

* travis

* further simplify

* remove extra space

* forgot to convert mime to type

* add UTF-8, ENT_COMPAT to htmlspecialchars (like previous done in all other places)

* cs line size fix

* better coding

* small typo

* elseif

* deprecate MD5SUM and don't allow two version hashes

* add JLog deprected warnings for new method signatures

* cs line size

* fix conflicts 1

* fix conflicts 2

* refactor JHtml script method signature

* deprecate addScriptVersion add options for version and conditional statements

* Update head.php

* cs

* cs fix

* Change all self::getMd5Version to static::getMd5Version

* has changed

* has changed

* fix conflicts - part one

* fix conflicts

* correct unit test

* [3.7] Readme updates (#12387)

* [languages] Organize and new metadata (Native language and calendar type) (#12036)

* Update en-GB.xml

* Update en-GB.xml

* Update en-GB.xml

* Update en-GB.xml

* Update en-GB.xml

* Update en-GB.xml

* Update en-GB.xml

* fix unit tests

* add to install.xml in unit tests

* correct unit tests

* remove extra tab

* ident with tabs, not spaces!

* installation should have en-GB in name

* en-GB ...

* correct db jos_languages csv stub also

* add missing pkg_en-GB extension to extension stub and correct language extension names

* correct sql files

* correct sql files

* correct sql files

* add en-GB, instead of UK, to batch test

* correct JTableLanguageTest::testStore

* Update install.xml

* Update install.xml

* same replacements in test stub

* Update en-GB.com_languages.ini

* correct last unit test

* Update en-GB.xml

* Update JLanguageTest.php

* Update en-GB.xml

* Update en-GB.xml

* use the new nativeName is exists

* Make language flags in backend optional (#12051)

* Allow to select none image in language

* admin menu module: fall back to a label if no image is selected or image doesn't exist

* "Default" buttons in template styles and menuitems list views

* remove unneeded variable

* Remove empty flag span

* Show language code instead of flag in associations tooltip if no image is selected

* show language label instead of flag if no images is assigned

* Adjust Hathor overrides

* Codestyle fixes

* Missed contact JHtmlContact::association()

* Use a popover for the association tooltips

* Taking care of mod_languages

* Fix flag preview

* show sef in module assignments.

* Fixing frontend Associations

* Fixing menu assignment modal

* a e

* a i

* a o

* a u

* a a - javascript

* js

* Replace uses of JRegistry

* Simplify instantiation of Registry objects

* [3.7] Isis Flat Repaint - Minor Fixes (#12349)

* Removed text shadow

* Remove text-shadow

* Modal save mouseover fix

* Changed to individual removal of text-shadow

* sidebar-nav margin fix

* Fix hover color on all BS btn

* Re-align permissions chzn

* Show configured upload limit when uploading files (redo of #11255) (#12396)

* * Show configured upload limit when uploading installer package. Otherwise when uploading a larger file than the configured limit, the page reloads without any information about what went wrong.
* Show upload limits for file input everywhere. Refactor the calculation part to JUtility class.

* Honour template manager configuration to display upload size limit

* In Hathor: Honour template manager configuration to display upload size limit

* Add deprecated message that in 4.0 the html5 property will be default true (#12430)

* Will be replaced by $html5 and the default value will be true.

* Update html.php

* CodeMirror 5.19 (#12300)

* corrections/improvements (#12429)

* Fixing notice for non-existing views (#12434)

* [3.7.x] Admin login language field fix (#12442)

* Admin login lang fix

* Admin login lang field alignment

* New xtd_contact lang files missing in install.xml (#12452)

* Make more use of the autoloader (#12060)

* Fix error in mergeHeadData method for html document (#12013)

* Extend test for document html links

* Fix mergeHeadData method for html document->_links

* correct table html errors (#12129)

* [users list modal] ismoo parameter need to still exist after form submit (solve #12122) (#12137)

* ismoo parameter need to exist after form submit

* int

* default to 1

* Replaced rand() with mt_rand() projectwide (#12169)

* Replaced rand() with mt_rand() projectwide

* session package is from the framework so we need to revert that change at this point

* fof is an external lib so we need to revert that change at this point

* fof is an external lib so we need to revert that change at this point

* Use global as default option (#12186)

* Solving 12214 Plugin tooltip (#12215)

* JLayoutFile wrong type hint (#12231)

* JLayoutFile wrong type hint

* CS

* CS / Review for the editor plugins (#12260)

* cs review for the editor plugin

* cs

* Update image.php

* Call to undefined method stdClass::get()

* use the warning and error (#12265)

* error not notice (#12273)

* Remove deprecated function (#12296)

* Minor language string change for com_contact (#12339)

* Redo Isis flat repaint Installation (Closes #11917) (#12342)

* Installation flat repaint - Initial commit

* Install flat repaint - Initial commit

* Add missing period (#12356)

* Change language string (#12364)

* Allow loading plugin language strings from extension folder (#12403)

* some cs changes after #12396 (#12431)

* [3.7.x] Update js polyfills to 3.13.0 (#12513)

* Update polyfill.event-uncompressed.js

* Update polyfill.event.js

* update classlist polyfill

* Update polyfill.classlist.js

* minor changes

* minor changes in doc block

* move jquery to template (#12521)

* fixing typo in the comment (#12523)

Just a small typo in the comment.

* Update CREDITS (#12534)

* Update CREDITS

Removing old content that has been moved to a dedicated page on the Joomla! Documentation and adding a link to new contributors page on GitHub.

* Update CREDITS

* Updated installation language files

* 2fa handeling for mcrypt and openssl (#12497)

* handeling for mcrypt and openssl

* Language changes suggested bei Brian

* Prepare 3.6.4 Stable Release

* Mark _autoload function as public and not private. (#12478)

* Mark _autoload function public.

*  whitespace was hanging out

* Revert _load to private

* issing language strings in frontend lib.joomla.ini (#12468)

* forum link to https (#12467)

* [a11y] Protostar back to top (#12446)

* [a11y] Protostar - back to top link

* Oops Andre was right

* add anchor for non-js enabled browsers

* [3.7.x] Convert installation template to html5 (also move inline scripts to js) (#12444)

* convert to html5, use the api for inline scripts

* stupid mistake

* ok let's remove all that inline js ...

* Fix early exit from foreach in JForm::removeGroup (#11856)

* Fix early exit from foreach in JForm::removeGroup

The method is supposed to remove all instances of <fields> element but it exits the loop on first iteration only. Looks like a quick copy-paste from removeField may have caused this.

* Never returns false

* keepalive for editing forms (#12163)

* Remove retina 2x sprite (#12528)

* Set a proper default value for getParams always (#12463)

* Correct spelling (#12564)

* Remove JFilter mock (#12484)

We don't need JFilter hanging out in the JInstaller Adapter tests

* Stop allowing failures on PHP 7.1 (#12599)

* Improvements in the Associations Edit Workflow (#12344)

* changes in model preprocessForm to allow all associations fields to be dumped

* adjustement

* there is no need to block the language field now

* simplify association tab in the templates files

* let's make the layout more dynamic

* add the js behaviours

* solve one of strange bug ...

* improvements and allow associations on create

* correct language string

* render a warning message

* solve categoies issue

* add new language methods getContentLanguages and getInstalledLanguages

* let's now load all content languages, including the unpublished ones

* correct label for bug in categories modal field! all other model fields have this

* ups correction in js

* default pivot is language code

* doc blocks corrections

* cs

* language correction thanks brian

* fix conflicts final

* When $this->cursor is false, throw an Exception (#12359)

A call to pg_result_error_field() when $this->cursor is false from a query failing will result in an error `pg_result_error_field() expects parameter 1 to be resource, boolean given`

Try to get a valid error message and throw a JDatabaseExceptionExecuting Exception

* Implement a check / notification for an invalid or missing access file (#12608)

* Implement a check / notification for an invalid or missing access file

* Add language string for invalid or missing access file notification

* Add language string for invalid or missing access file notification

* Reduce log message as suggested by mbabker

* Reduce log message for #12608 as suggested by mbabker

* Reduce log message for #12608 as suggested by mbabker

* Change string to match actual translation text

* Grid within well changed to row-fluid (#11995)

* update doc block (#12569)

* Folder icons in front end (#12551)

* Add folder size to protostar .less

* compiled protostar

* rename folder value (#12579)

* [3.7.x] Regression Hathor modules and users manager (#12412)

* Native language (adjustments after 12036 merge) (#12394)

* restore native language

* remvoe space

* correct

* simplify

* improve code

* ups

* native language in unit test too

* Add detachObserver (#11037)

* Add detachObserver

Adds ability to detach observers

* Simple CS fix

* 3.6.4 Sample data: Escape quota in json data (#12501)

* [fix] new extensions not installed on already existing packages (#12545)

* $menu->params is already a Registry object. (#12557)

* Overridden strings in both back-end and front-end (#12576)

* [imp] remove hardcoded published column (#12585)

* Fix JUri path in language filter plugin (#12600)

* Custom fields (#11833)

* Update gallery.xml

* Update fields.php

* Update internal.php

* Update field.php

* Update dprules.php

* Update section.php

* Update base.php

* Update view.html.php

* Update view.html.php

* Update render.php

* Update modal_article.php

* Update sql.php

* Update fields.php

* Remove commented debug code

* Update fields.php

* #14 fixed Joomla Coding Standards and added function dock blocks code

* #14 fixed Joomla Conding Standards and added function dock blocks

* #14 Fixed class dock block mistake

* we did not require this any more

* #14 fixed Joomla Coding Standards and added function dock block in helper file at back-end

* #14 Fixed only Joomla Coding Standards in FieldsHelper file

* #14 removed where function, added dock blocks and fixed dock bocks coding standards errors

* #14 formatted as the function doc blocks

* #14 formatted as the function doc blocks

* Check the active menu correct

Closes #72

* Move the label field to the options tab

Closes #22

* Label has it's own field and must not stay in params

Regression from #22

* Backport from Digital-Peak/DPFields#32

* Fix the save and copy action

Closes #37

* Store data on reload

Closes #76

* Don't add always the All language to the query

Closes #38

* Count the items in the category manager from com_fields

Closes #61

* Corrected colspan when fields are assigned to a language

* #14 fixed conflict

* Don't save the All category

Closes #19

* Minor language updates

* Fix "Show On" tooltip's description

The tooltip's description for the 'Show On' field is not showing because it is currently looking for the label.

* Don't hardcode com_content.article

Closes #80

* Load the types form when the data is an array

* Create the links correct for the count item feature

Closes #82

* Show the value from com_fields instead of the the users helper

Closes #81

* Set the language correct on the fields cache

Closes #47

* Removed string conversion error

Closes #47

* Changed links to 3.7

* Remove legacy DPFields code

* Get data from state correctly

* Add joins to the com_fields in search plugin (#83)

Add joins to com_fields in the content search plugin

* Add new core rule core.edit.value (#75)

* Add 'onFieldBeforePrepare' and 'onFieldAfterPrepare' events

* Rename "Field Category" to "Field Group"

Closes #91

* Add option to disable custom fields per component

Closes #87

* Use select box to define the images directory

Closes #97

* Truncate correctly

Closes #101

* Change description field to plain textarea

Closes #94
CLoses #99

* Parameters are more clear and improved comment

Adapted change from
32c9048

* onFieldBeforePrepare and onFieldAfterPrepare events now triggered even when custom field value is empty

* Cast before access

* Create params even when they are empty

* Add com_fields menu entries on back end

Closes #109

* Extract the context correctly

Closes #112

* Add custom fields for contact

* Add inline group create

Closes #114

* Add simple context mapping

Closes #117

* Dont assign a not existing category when a field is saved with no catid

* Rename string with group and not category

Closes #124

* Category strings should be named Field Groups

Closes #126

* Show the fields on the blog listing

Closes #108

* Installer crashes somehow

Closes #132

* Merge the types set up into JFormField (#104)

* Merge field types into JFormFields

* Converting the rest of the fields

* Merge DP Field Rendering with Joomla Form Fields

* Remove the gallery scripts

* Rename the interface to JFormDomfieldinterface for auto loading

* Add article field as demo how a component can add fields

* Removing mustache, will be replaced later with a new parser

See #12 for the discussion

* Fixing composer setup, reverting to 3.6.x branch

* Fixing code style errors

Closes #14

* Rename upgrade file to 3.7

* Strip slashes from description

Related to #139

* Removing Simplepie from the database installer script

Reverts 8381e46
See comments for more information

* Show field group description in form

Closes #139

* List field changed key to value and value to name

Closes #121

* Use the first category as field filter when creating an article

Closes #144

* Dont show a user field on the front end

Closes #149

* Add always the fields path when adding the custom fields

Closes #150

* Added hint (placeholder) option

Closes #151

* Correct redirect after checkin action

Closes #154

* Check for group access levels when getting the fields (#153)

* Consider field group state

Closes #155

* Added missing language strings

Closes #129

* JArrayHelper => ArrayHelper

* reduce model method (#160)

* Fixing permission inheritance to edit the value of a field in the form (#157)

* Correct path for parameters folder when not in Joomla libraries

* Type selection (#162)

Closes #134

* Display class attributes (#143)

* User home (#161)

* Add home parameter to media field

* Correct path for paramneters folder when not in Joomla libraries

* Fixing code style errors

* Add new context for com_contact for contact form fields (#115)

* Add new context for com_contact for contact form fields

* Prepare the value on com_contact mail

* Fixing travis code style errors

* Use the correct variable name

Closes #163

* Show the all label when no category is assigned

Closes #165

* Don't set 0 as default hint when not present

Closes #166

* Fix Sniffer Whitespace errors

* Fix Sniffer Whitespace errors (#167)

* Cleanup field model

* Support fields plugins

* Add gallery plugin

* Moved since tag to 3.7

* Some brushup

* Update controller.php

* Update field.php

* Update fields.php

* Update controller.php

* Update fields.php

* Update internal.php

* Update fields.php

* Update fields.xml

* Update field.php

* Update fields.php

* Update type.php

* Update section.php

* Update field.php

* Update field.xml

* Update filter_fields.xml

* Update field.php

* Update view.html.php

* Update edit.php

* Update modal_options.php

* Update view.html.php

* Update default.php

* Update default_batch_body.php

* Update modal.php

* Update field.xml

* Update en-GB.com_fields.sys.ini

* Update en-GB.com_fields.ini

* Update en-GB.plg_fields_gallery.ini

* Update en-GB.plg_fields_gallery.sys.ini

* Update en-GB.plg_system_fields.ini

* Update en-GB.plg_system_fields.sys.ini

* Update modal_article.php

* Update controller.php

* Update field.php

* Update default_custom.php

* Update captcha.php

* Update editor.php

* Update media.php

* Update user.php

* Update editor.xml

* Update media.xml

* Update user.xml

* Update usergrouplist.xml

* Update abstractlist.php

* Update domfieldinterface.php

* Update field.php

* Update email.php

* Update file.php

* Update imagelist.php

* Update sql.php

* Update tel.php

* Update textarea.php

* Update url.php

* Update calendar.xml

* Update checkboxes.xml

* Update imagelist.xml

* Update integer.xml

* Update list.xml

* Update radio.xml

* Update sql.xml

* Update textarea.xml

* Update url.xml

* Update gallery.xml

* plugin

* plugin2

* typo

* Change to uft8mb4

* Add new extensions to the script file

* Revert merge conflict composer changes

* No needed changes

* Library form fields should be unaware of com_fields

* Default to https

* Order the tables correct

* Cleanup language strings

* Code errors from cleanup

* Remove tags support

* Add category filter

* Display fielg group label when editing a group

* Display all fields which are assigned to all languages correct

* Don't show fields on categories as it is not ready yet

* Update fields.php

* Don't transofrm the category name

* Correct quote name function used

* Revert "Display fielg group label when editing a group"

This reverts commit 1331332.

* Disable tags on custom field groups

* Don't include category state in filter on back end

* Remove debug code

* CS fix

* Shortening the line length

* Install SQL files for postgres

* Use JDatabaseQuery

* Option to show the user custom fields on the front on the contact view

* Comment for item_id table column

* Remove class for textareas

* Fix no menu item pages giving wrong links (#12020)

* [plg_system_logout] Load language files only when needed (#11736)

* Update logout.php

* cs and stuff

* Update logout.php

* Adding Options Button (#12033)

* fix paths (#12032)

* Fix routing for non-sef menu items with Modern Routing (#12021)

* [com_banners] - publishing time does not honor timezone (#11978)

* [com_banners ] -  publishing time does not honor timezone

* impress only when needed

impress only when needed

* CS fix

cs fix

* Order stylesheet attributes the same as link attributes (#12052)

* use joomla-projects docker

* Phase out JString calls in libraries (#12058)

* Admin app - JString -> StringHelper (#12056)

* Site app & Plugins - JString -> StringHelper (#12057)

* New Feature, Multilanguage: Add the possibility of displaying associations in article info and in articles list. Replaces #11935 (#12042)

* Replaces

* Modifying to fit Thomas proposal

* modifying fetching flags param

* adding showon + some

* [JAccess] Improve ACL asset preloading performance/memory consumption (#12028)

* improve component asset preload speed

* Update user.php

* Update access.php

* Update access.php

* Update access.php

* Update access.php

* not convinced yet, but revert changes in juser

* make sure that components are always preloaded

* only a logged users (with user id) can be root.

* [com_contact] - moved the captchaEnabled var from default to view (#11964)

* [com_contact] - moved the captchaEnabled var out of the default.php file to the view.html.php file

moved the captchaEnabled var out of the default.php file to the view.html.php file.

* moved captchaEnabled to the view

moved captchaEnabled to the view

* missed var  declarationi/initialization

missed var   $captchaSet  declarationi/initialization

* Session interaction refactoring (#10905)

* Allow lazy starting a session

* Defer starting sessions in the installer

* Defer starting session in JApplicationCms

* Deprecate creating sessions in JFactory

* Start restructuring session load sequence in JApplicationCms

* Add JSession object to onAfterSessionStart event trigger

* Override afterSessionStart for install app to not store the user

* Expand the database storage object for better API

* Fix session listener declaration

* Restructure session bootup and when the session metadata operations run

* 3.5 -> 3.6

* Remove option, out of scope

* Tweak things so the behavior is closer to current API

* Undefined variable

* Get store name from session object

* Remove this, out of scope

* PHPCS fix

* Deep rooted application dependencies are my absolute favorite

* Move comment, doc blocks, consistent method signature

* Again on the consistency, we don't like E_STRICT errors

* Nevermind, confused myself with checkSession, carry on...

* Until the day the unit tests no longer follow the doc block code styles...

* Lost line in merge

* One more merge conflict fix

* This internal coupling is addressed

* Fix query from merge

* [com_content] - add articles ordering by votes, ratings (#11225)

* Add setDocumentTitle() function in JViewLegacy (#11399)

* setDocumentTitle() function in JViewLegacy

* PHPCS

* JED turned to https (#12076)

* JED truned to https

JED truned to https
Minor fixes on proper use of Joomla!

* Update README.txt

Same as #12076

* JED turned https

* JED turned https

* JED turned https

* JED turned https

* JED turned https

* JED turned https

* JED turned https

* JED turned https

* JED turned https

* JED turned https

* JED turned https

* JED turned https

* JED turned https

* JED and community turned https

* JED, community and org turned https

* JED and community turned https

* JED and community turned https

* correct/add quotename (#12070)

* Label: Users Options: Login name > Username (#12073)

The language label "Change Login Name" is not consistent with the front-end label "Username".

This PR changes the language label to "Change Username" and the decription to "Allow users to change their Username when editing their profile."

The front-end login screens use the label "Username"
Login Component:
![login-component](https://cloud.githubusercontent.com/assets/1217850/18627996/579510ca-7e5e-11e6-9161-6268e9ccb213.png)

Login Module:
![login-module](https://cloud.githubusercontent.com/assets/1217850/18627997/579595ae-7e5e-11e6-8920-edf34631a3c7.png)

### Testing Instructions
#### Before the PR
Users > Manage > [Options] > [User Options]
The last entry is "Change Login Name" 
+ hover description "Allow users to change their Login name when editing their profile."

![login-back-end-options](https://cloud.githubusercontent.com/assets/1217850/18627995/5791ac32-7e5e-11e6-8b18-94a34372c422.png)


#### After the PR
Users > Manage > [Options] > [User Options]
The last entry is "Change Username" 
+ hover description "Allow users to change their Username when editing their profile."

![login-back-end-options-after](https://cloud.githubusercontent.com/assets/1217850/18627998/5799ceb2-7e5e-11e6-9a5e-234dcf2db14e.png)

* Update .travis.yml (#12079)

* Add vote order check

* [a11y] Protostar back to top (#12446)

* [a11y] Protostar - back to top link

* Oops Andre was right

* add anchor for non-js enabled browsers

* Added missing com_fields component from last merge

* Replace Platform version numbers in libraries/legacy (#12242)

* Remove variable declaration (Fix #12619)

* Misc. fixes

* Test fixes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment