issue #938
- rather than using escape, use node-validatiors santize function which is designed for preventing xss vectors
- added listener for changes to both editor and settings page
- added more sanitization to the user model
- consistently use triple-braces when outputting blog post titles
Specified type='button' for the buttons in the form so they don't get
pseudo clicked on enter key in inputs. Added a keyup handler to check
for enter keys in the inputs and do the proper action based on where you
are in the form.
closes#812
- replace defaults with consistently named .png files
- change the settings saving code so that it doesn't double-save images and save the defaults to the db
* Smoother animations
* Removed blurring in Chrome temporarily
* Centering is now done in CSS (the height is calculated in JS to work in FF and Opera)
* Modals now need close: true to be set to enable the close icon and shortcuts for closing (ESC key, background clicking)
Issue #149
- added back button to content preview and settings
- added hammer.js interactions
- needs some tweaking for mobile view
- problems with touch events (additional click event after 300ms)
closes#701, closes#702
- if image upload is called from editor the url icon provides a text field and a save button
- if on settings pages (general and user) the save button will capture the entered url or uploaded url
- both modes have the reset button
- fixed bug that is created by url when image is dragged onto window
Closes#581.
* Basically adds the client side of node validator, that we're already using
* Validator is plonked onto `Ghost.Validator`
* Usage is identical as to https://github.com/chriso/node-validator
* Has sanitizing values et al
* `Ghost.Validator.error` is redefined, it populates Ghost.Validator._errors (Array)
* `Ghost.Validator.handleErrors` is supposed to print out the multiple error messages, if there are multiple (this is broken due to how notifications are presented `.html` instead of `.append`), and also apply class to element
* The ajax calls are wrapped in an if to prevent network traffic if something's not right on client side
* Added validation to general settings and user settings screens.
* On validation error, optionally adds `.input-error` to whatever element you reference, see below (if `el` exists on the error object). This is the only place where usage is different to the original implementation. Redeclared `error()` function in `init.js`
* Usage: `Ghost.Validate.check(valueToCheck, {message: "the error message", el: $('#the element')}).isEmail()`
* The element above will receive the `.input-error` class. `isEmail()` is one of the stuff you can check against.
closes#370
- Added new Backbone view for post settings menu
- Moved sass styles to global.scss for post settings menu items
- Added field to change post slug (permalink) using existing slug
validation
Closes#345
- added blog description to general screen
- removed content screen from sidebar
- removed beforeRender from settings front end
- removed content screen from tests
closes#280
- adds image uploader to user profile page.
- click on cover picture or change cover button to open file upload modal.
- created new upload modal that extends model to reduce some code duplication
closes#593
- added default setting of 6 posts per page
- added posts per page to settings page
- added limit to frontend.js (setting does not change API behavior)
* Bio field now counts down.
* Bio filed count now turns red when < 20
* Cover image now has gradient
* Change button now has square corners
* Removed "forgot password" link
* Change password button is now red
* Change password button is now aligned with the form
* Hover state on the profile picture now reads "Edit Picture"
issue #432
adds a modal template for image uploads
adds buttons to settings page to upload images for blog logo and icon
once image is uploaded displays an 'X' to reset back to dropzone
saves image and renders settings page.
ToDo
add url field when clicking on url icon
fix position of 'X' for both settings and editor
closes#603, issue #395
- Changed hard-coded 'JOE BLOGGS' to use author data
- We still had api calls loading data server side before rendering pages.. which is unnecessary.
- Only thing using this was editor title, which is now populated client side
- May improve content screen load time.
Closes#288
* I use SendGrid for sending the emails, and it works fine (provided you supply the correct credentials in `config.mail` in `config.js`)
* Generates a random 12 char long alphanumeric password, replaces user's pw, and sends an email about it.