1
0
Fork 0
forked from OpenNeo/impress
Commit graph

107 commits

Author SHA1 Message Date
ce734fae7e advanced search behaves toggle-like in that the link stays in place, and OMG pagination on the right is sooo much better! 2014-04-02 19:04:47 -05:00
c1d9133451 add an item search form to closet so that new users will be less stumped 2014-04-02 14:53:58 -05:00
bda9f69ce9 reorganize form a bit; group like things 2014-04-02 14:18:14 -05:00
4ad806847b switch between basic and advanced forms 2014-04-02 13:54:27 -05:00
e0b5d3e73f advanced search fields mockup 2014-04-02 13:21:42 -05:00
39f5284752 first draft of advanced search form 2014-04-02 10:32:13 -05:00
f9fa3eb596 prank color artist credit 2014-03-31 21:05:28 -05:00
6e80c228c1 include prank message on wardrobe page 2014-03-30 22:37:33 -05:00
2ed3f3d4c6 more abstraction 2014-03-28 15:22:21 -05:00
8781d58540 extract prank_color_message to helper 2014-03-28 15:19:45 -05:00
32bab89ed4 add prank messages to outfits#show 2014-03-28 15:15:04 -05:00
8e93d603fa list prank colors as fake on the homepage, unless pranks are funny today 2014-03-27 22:44:18 -05:00
8ace3111f7 oops; put impress_user field on model-a-pet homepage form 2014-01-20 16:03:40 -06:00
03c76fe882 Update missing body ID prediction to handle, say, the Maraquan Mynci.
It turns out that some pets for seemingly nonstandard colors have the
standard body type anyway, and vice-versa. This implies that we should
stop relying on a color's standardness, but, for the time being, we've
just revised the prediction model:

Old model:
    * If I see a body_id, I find the corresponding color_ids, and it's wearable
      by all pet types with those color_ids.

New model:
    * If I see a body_id,
        * If it also belongs to a basic pet type, it's a standard body ID.
            * It therefore fits all pet types of standard color (if there's
              more than one body ID modeled already). (Not really,
              because of weird exceptions like Orange Chia. Should that be
              standard or not?)
        * If it doesn't also belong to a basic pet type, it's a nonstandard
          body ID.
            * It therefore only belongs to one color, and therefore the item
              fits all pet types of the same color.
2014-01-20 15:29:01 -06:00
fb6df82570 ugh, push temporary version without new items 2014-01-20 14:46:50 -06:00
00841e45d2 modeling i18n 2014-01-20 13:56:19 -06:00
72b174c9b3 store all neopets usernames for logged-in users, but breaks closet_hangers#index 2014-01-18 21:55:01 -06:00
8288b8a10d username form, backed by localstorage for guests; not yet backed by db for logged-in users 2014-01-17 11:12:56 -06:00
813cfbddea filter customizations by missing body ids 2014-01-10 16:25:03 -05:00
fd106d7dba basic modeling buttons
no behavior yet, nor are they filtered
2014-01-10 16:25:03 -05:00
949fa2a77a i18n newest items headers 2014-01-10 16:25:02 -05:00
342f8ef859 remove unused outfits.new.newest_items.header i18n key 2014-01-10 16:25:02 -05:00
7dd2646dbb add basic caching - TODO: avoid these computations in the controller 2014-01-10 16:25:02 -05:00
9a4e114964 oh yum, this is really starting to come together :) 2014-01-10 16:25:02 -05:00
85e1973f55 yummy mockups for newest items progress bars 2014-01-10 16:25:02 -05:00
7c6e607612 basic neopia api integration 2014-01-10 16:25:02 -05:00
c7237d7d44 fix a bunch of precompiled-asset-missing errors 2013-03-05 22:26:14 -06:00
7f2ce2839b appearance dropdown - wow, that was easy 2013-01-31 19:46:34 -06:00
1ef39f854c localize outfits#_outfit 2013-01-26 12:42:38 -06:00
52fee4f0c9 localize outfits#edit wear/unwear/closet/uncloset 2013-01-26 11:58:16 -06:00
8c348d4535 localize outfits#edit search helpers 2013-01-26 11:11:42 -06:00
f63e4ecc43 i18n for will_paginate, including dynamically in outfits#edit 2013-01-10 18:58:56 -06:00
5dddb6dbdc i18n for outfits/new.js 2013-01-10 18:24:12 -06:00
f82d3683f5 i18n for pet_query.js 2013-01-10 16:47:46 -06:00
7aa49f70be refactor outfits.new for hierarchy 2013-01-09 18:40:35 -06:00
87920b4b94 refactor tmd helper, move closet_hangers#index autocomplete to markdown 2013-01-09 17:30:40 -06:00
59a5c60f3b i18n for outfits/edit.js item partials: no-data-yet and icons 2013-01-09 17:15:25 -06:00
c3ebfee2e4 i18n for outfits/edit.js userbar message and outfit save errors 2013-01-09 17:15:25 -06:00
c92bf4fc7a i18n for outfits/edit.js sharing urls 2013-01-09 17:15:25 -06:00
addc41ddc9 i18n for outfits#edit base template - dynamic content in outfits/edit.js still needs examined 2013-01-09 17:15:25 -06:00
cd323cbf53 i18n for outfits#index - plus the translate_with_links helper, which can be used for refactoring other stuff 2013-01-09 17:15:25 -06:00
abca8eb29a i18n for outfits#show 2013-01-09 17:15:23 -06:00
744c10495d i18n for outfits#new (and layouts#application), including caching 2013-01-09 17:15:23 -06:00
5601511ad5 xss vulnerability in outfits#show
This one was actually pretty darn clever - nobody's abused it, but
I was reading a blog post where someone described this type of
issue, I realized it was a brilliant attack, and then realized
DTI was vulnerable. Oops. Thanks for the solution, Jamie!

http://jamie-wong.com/2012/08/22/what-i-did-at-khan-academy/#XSS+Fix
2012-10-20 17:56:38 -05:00
270f8caa3d remove sharing beta message - finally 2012-08-23 20:56:00 -05:00
99669b8e4e cache homepage latest contribution 2012-08-09 22:59:35 -04:00
f6d34841ec cache newest items on homepage and items#index 2012-08-09 22:35:30 -04:00
5e89287537 durr, don't cache new items on the homepage 2012-08-08 23:05:32 -04:00
5cec28e29b fix logout bug: stop caching authenticity_token fields
Many forms on the site contain a hidden authenticity_token field,
unique to each visitory. If a user submits a request with an
invalid authenticity_token, Rails assumes that it's a CSRF attempt
and logs out the user. So, if we happen to cache those forms with
authenticity_token fields, all users who use that form will have
the same authenticity_token (valid for only the first user who
saw the form, invalid for everyone else), and all requests made
through that form will log out the user. Bad news.

So, we stopped caching those forms. Yay!
2012-08-07 17:32:51 -04:00
72237f225c modeling hub 2012-08-06 21:15:31 -04:00