Merge branch 'master' of git://github.com/gallery/gallery3

6 files changed, 31 insertions, 21 deletions

diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php
index 72c4e104..f0a38fbe 100644
--- a/modules/gallery/controllers/file_proxy.php
+++ b/modules/gallery/controllers/file_proxy.php
@@ -99,12 +99,6 @@ class File_Proxy_Controller extends Controller {
       throw new Kohana_404_Exception();
     }
 
-    // Check that the content hasn't expired or it wasn't changed since cached
-    if (($last_modified = expires::get()) !== false &&
-        $item->updated < $last_modified)  {
-      expires::check(2592000);
-    }
-
     // Don't try to load a directory
     if ($type == "albums" && $item->is_album()) {
       throw new Kohana_404_Exception();
@@ -114,10 +108,15 @@ class File_Proxy_Controller extends Controller {
       throw new Kohana_404_Exception();
     }
 
+    header('Last-Modified: '.gmdate('D, d M Y H:i:s T', $item->updated));
+    header("Pragma:");
+    // Check that the content hasn't expired or it wasn't changed since cached
+    expires::check(2592000, $item->updated);
+
     // We don't need to save the session for this request
     Session::abort_save();
 
-    expires::set(2592000);  // 30 days
+    expires::set(2592000, $item->updated);  // 30 days
 
     // Dump out the image.  If the item is a movie, then its thumbnail will be a JPG.
     if ($item->is_movie() && $type != "albums") {
diff --git a/modules/gallery/controllers/logout.php b/modules/gallery/controllers/logout.php
index fe9c48ba..bfcf0f9e 100644
--- a/modules/gallery/controllers/logout.php
+++ b/modules/gallery/controllers/logout.php
@@ -19,6 +19,7 @@
  */
 class Logout_Controller extends Controller {
   public function index() {
+    access::verify_csrf();
     auth::logout();
     if ($continue_url = Input::instance()->get("continue")) {
       $item = url::get_item_from_uri($continue_url);
diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php
index 5565850d..679d65c2 100644
--- a/modules/gallery/helpers/gallery_event.php
+++ b/modules/gallery/helpers/gallery_event.php
@@ -117,11 +117,11 @@ class gallery_event_Core {
                       ->url(url::site("form/edit/users/{$user->id}"))
                       ->label($user->display_name()));
         $menu->append(Menu::factory("link")
-                    ->id("user_menu_logout")
-                    ->css_id("g-logout-link")
-                    ->url(url::site("logout?csrf=$csrf&amp;continue=" .
-                                    urlencode($item->url())))
-                    ->label(t("Logout")));
+                      ->id("user_menu_logout")
+                      ->css_id("g-logout-link")
+                      ->url(url::site("logout?csrf=$csrf&amp;continue=" .
+                                      urlencode(url::abs_current())))
+                      ->label(t("Logout")));
       }
     }
   }
diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php
index 414181d9..4a3d26e9 100644
--- a/modules/gallery/models/item.php
+++ b/modules/gallery/models/item.php
@@ -460,7 +460,7 @@ class Item_Model extends ORM_MPTT {
     // deal with it the hard way.
     $count = $db->from("items")
       ->where("parent_id", "=", $this->id)
-      ->where($this->sort_column, "=", NULL)
+      ->where($this->sort_column, "IS", null)
       ->merge_where($where)
       ->count_records();
 
diff --git a/modules/tag/models/tag.php b/modules/tag/models/tag.php
index d0d2117c..2b33c30d 100644
--- a/modules/tag/models/tag.php
+++ b/modules/tag/models/tag.php
@@ -27,7 +27,7 @@ class Tag_Model extends ORM {
    * @param string   $type   the type of item (album, photo)
    * @return ORM_Iterator
    */
-  public function items($limit=null, $offset=0, $type=null) {
+  public function items($limit=null, $offset=null, $type=null) {
     $model = ORM::factory("item")
       ->viewable()
       ->join("items_tags", "items.id", "items_tags.item_id")
diff --git a/system/helpers/expires.php b/system/helpers/expires.php
index ce0482c8..5f599e13 100644
--- a/system/helpers/expires.php
+++ b/system/helpers/expires.php
@@ -17,12 +17,16 @@ class expires_Core {
 	 * @param   integer Seconds before the content expires
 	 * @return  integer Timestamp when the content expires
 	 */
-	public static function set($seconds = 60)
+	public static function set($seconds = 60, $last_modified=null)
 	{
 		$now = time();
 		$expires = $now + $seconds;
+		if (empty($last_modified))
+		{
+                	$last_modified = $now;
+		}
 
-		header('Last-Modified: '.gmdate('D, d M Y H:i:s T', $now));
+		header('Last-Modified: '.gmdate('D, d M Y H:i:s T', $last_modified));
 
 		// HTTP 1.0
 		header('Expires: '.gmdate('D, d M Y H:i:s T', $expires));
@@ -66,26 +70,32 @@ class expires_Core {
 	 * @uses    expires::get()
 	 *
 	 * @param   integer         Maximum age of the content in seconds
+	 * @param   integer         Last modified timestamp in seconds
 	 * @return  integer|boolean Timestamp of the If-Modified-Since header or FALSE when header is lacking or malformed
 	 */
-	public static function check($seconds = 60)
+	public static function check($seconds = 60, $modified=null)
 	{
 		if ($last_modified = expires::get())
 		{
-			$expires = $last_modified + $seconds;
-			$max_age = $expires - time();
+			$now = time();
+
+		 	if (empty($modified))
+		 	{
+                	 	$modified = $now;
+		 	}
 
-			if ($max_age > 0)
+			if ($modified <= $last_modified)
 			{
 				// Content has not expired
 				header($_SERVER['SERVER_PROTOCOL'].' 304 Not Modified');
 				header('Last-Modified: '.gmdate('D, d M Y H:i:s T', $last_modified));
 
+				$expires = $now + $seconds;
 				// HTTP 1.0
 				header('Expires: '.gmdate('D, d M Y H:i:s T', $expires));
 
 				// HTTP 1.1
-				header('Cache-Control: max-age='.$max_age);
+				header('Cache-Control: max-age='.$seconds);
 
 				// Clear any output
 				Event::add('system.display', create_function('', 'Kohana::$output = "";'));