diff options
27 files changed, 413 insertions, 187 deletions
diff --git a/lib/gallery.common.css b/lib/gallery.common.css index 87498b40..553eb496 100644 --- a/lib/gallery.common.css +++ b/lib/gallery.common.css @@ -304,13 +304,16 @@ tr.g-error td.g-error { } .g-success, -.g-allowed, -tr.g-success td.g-success { - background: #d9efc2 url('images/ico-success.png') no-repeat .4em 50%; +.g-allowed { + background: #d9efc2 url('images/ico-success.png') no-repeat .4em 50%; +} + +tr.g-success { + background-image: none; } tr.g-success td.g-success { - background-color: transparent; + background-image: url('images/ico-success.png'); } .g-warning, diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php index 3062ea09..8e4845a9 100644 --- a/modules/gallery/controllers/admin_maintenance.php +++ b/modules/gallery/controllers/admin_maintenance.php @@ -46,6 +46,15 @@ class Admin_Maintenance_Controller extends Admin_Controller { ->where("done", "=", 0)->order_by("updated", "DESC")->find_all(); $view->content->finished_tasks = ORM::factory("task") ->where("done", "=", 1)->order_by("updated", "DESC")->find_all(); + $task_buttons = + new ArrayObject(array((object)array("text" => t("run"), + "url" =>url::site("admin/maintenance/start")))); + module::event("admin_maintenance_task_buttons", $task_buttons); + $view->content->task_buttons = $task_buttons; + + $maintenance_content = new ArrayObject(); + module::event("admin_maintenance_content", $maintenance_content); + $view->content->task_maintenance_content = $maintenance_content; print $view; } @@ -56,13 +65,10 @@ class Admin_Maintenance_Controller extends Admin_Controller { public function start($task_callback) { access::verify_csrf(); - $tasks = task::get_definitions(); - $task = task::create($tasks[$task_callback], array()); + $task = task::start($task_callback); $view = new View("admin_maintenance_task.html"); $view->task = $task; - $task->log(t("Task %task_name started (task id %task_id)", - array("task_name" => $task->name, "task_id" => $task->id))); log::info("tasks", t("Task %task_name started (task id %task_id)", array("task_name" => $task->name, "task_id" => $task->id)), html::anchor("admin/maintenance", t("maintenance"))); diff --git a/modules/gallery/helpers/album.php b/modules/gallery/helpers/album.php index 389f6e48..15e0c3ca 100644 --- a/modules/gallery/helpers/album.php +++ b/modules/gallery/helpers/album.php @@ -36,7 +36,8 @@ class album_Core { $group->input("name")->label(t("Directory name")) ->error_messages("no_slashes", t("The directory name can't contain the \"/\" character")) ->error_messages("required", t("You must provide a directory name")) - ->error_messages("length", t("Your directory name is too long")); + ->error_messages("length", t("Your directory name is too long")) + ->error_messages("conflict", t("There is already a movie, photo or album with this name")); $group->input("slug")->label(t("Internet Address")) ->error_messages( "not_url_safe", @@ -51,7 +52,8 @@ class album_Core { } static function get_edit_form($parent) { - $form = new Forge("albums/update/{$parent->id}", "", "post", array("id" => "g-edit-album-form")); + $form = new Forge( + "albums/update/{$parent->id}", "", "post", array("id" => "g-edit-album-form")); $form->hidden("from_id"); $group = $form->group("edit_item")->label(t("Edit Album")); @@ -61,8 +63,7 @@ class album_Core { $group->textarea("description")->label(t("Description"))->value($parent->description); if ($parent->id != 1) { $group->input("name")->label(t("Directory Name"))->value($parent->name) - ->error_messages( - "conflict", t("There is already a movie, photo or album with this name")) + ->error_messages("conflict", t("There is already a movie, photo or album with this name")) ->error_messages("no_slashes", t("The directory name can't contain a \"/\"")) ->error_messages("no_trailing_period", t("The directory name can't end in \".\"")) ->error_messages("required", t("You must provide a directory name")) diff --git a/modules/gallery/helpers/auth.php b/modules/gallery/helpers/auth.php index 16f8915a..45561861 100644 --- a/modules/gallery/helpers/auth.php +++ b/modules/gallery/helpers/auth.php @@ -78,10 +78,16 @@ class auth_Core { } } + static function validate_too_many_failed_password_changes($password_input) { + if (self::too_many_failed_logins(identity::active_user()->name)) { + $password_input->add_error("too_many_failed_password_changes", 1); + } + } + /** * Record a failed login for this user */ - static function record_failed_login($name) { + static function record_failed_auth_attempts($name) { $failed_login = ORM::factory("failed_login") ->where("name", "=", $name) ->find(); @@ -96,7 +102,7 @@ class auth_Core { /** * Clear any failed logins for this user */ - static function record_successful_login($user) { + static function clear_failed_auth_attempts($user) { db::build() ->delete("failed_logins") ->where("name", "=", $user->name) diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index 6479e2c3..7b538c49 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -110,11 +110,19 @@ class gallery_event_Core { graphics::choose_default_toolkit(); module::clear_var("gallery", "choose_default_tookit"); } - auth::record_successful_login($user); + auth::clear_failed_auth_attempts($user); } static function user_login_failed($name) { - auth::record_failed_login($name); + auth::record_failed_auth_attempts($name); + } + + static function user_password_changed($user) { + auth::clear_failed_auth_attempts($user); + } + + static function user_password_change_failed($name) { + auth::record_failed_auth_attempts($name); } static function item_index_data($item, $data) { diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index bffef8e6..761843b0 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -287,7 +287,7 @@ class gallery_installer { // @todo this string needs to be picked up by l10n_scanner module::set_var("gallery", "credits", "Powered by <a href=\"%url\">Gallery %version</a>"); module::set_var("gallery", "simultaneous_upload_limit", 5); - module::set_version("gallery", 25); + module::set_version("gallery", 26); } static function upgrade($version) { @@ -514,6 +514,18 @@ class gallery_installer { } module::set_version("gallery", $version = 25); } + + if ($version == 25) { + db::build() + ->update("items") + ->set("title", new Database_Expression("`name`")) + ->and_open() + ->where("title", "IS", null) + ->or_where("title", "=", "") + ->close() + ->execute(); + module::set_version("gallery", $version = 26); + } } static function uninstall() { diff --git a/modules/gallery/helpers/task.php b/modules/gallery/helpers/task.php index 645850d1..aa0eb94d 100644 --- a/modules/gallery/helpers/task.php +++ b/modules/gallery/helpers/task.php @@ -35,6 +35,15 @@ class task_Core { return $tasks; } + static function start($task_callback, $context=array()) { + $tasks = task::get_definitions(); + $task = task::create($tasks[$task_callback], array()); + + $task->log(t("Task %task_name started (task id %task_id)", + array("task_name" => $task->name, "task_id" => $task->id))); + return $task; + } + static function create($task_def, $context) { $task = ORM::factory("task"); $task->callback = $task_def->callback; diff --git a/modules/gallery/module.info b/modules/gallery/module.info index 50a1505f..fd241066 100644 --- a/modules/gallery/module.info +++ b/modules/gallery/module.info @@ -1,3 +1,3 @@ name = "Gallery 3" description = "Gallery core application" -version = 25 +version = 26 diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 65b45a08..e53502ee 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -81,18 +81,19 @@ modules/gallery/views/admin_maintenance.html.php 24 DIRTY_ATTR log: modules/gallery/views/admin_maintenance.html.php 25 DIRTY_ATTR log::severity_class($task->severity) modules/gallery/views/admin_maintenance.html.php 26 DIRTY $task->name modules/gallery/views/admin_maintenance.html.php 29 DIRTY $task->description -modules/gallery/views/admin_maintenance.html.php 70 DIRTY_ATTR text::alternate("g-odd","g-even") -modules/gallery/views/admin_maintenance.html.php 70 DIRTY_ATTR $task->state=="stalled"?"g-warning":"" -modules/gallery/views/admin_maintenance.html.php 71 DIRTY_ATTR $task->state=="stalled"?"g-warning":"" -modules/gallery/views/admin_maintenance.html.php 72 DIRTY gallery::date_time($task->updated) -modules/gallery/views/admin_maintenance.html.php 75 DIRTY $task->name -modules/gallery/views/admin_maintenance.html.php 90 DIRTY $task->status -modules/gallery/views/admin_maintenance.html.php 141 DIRTY_ATTR text::alternate("g-odd","g-even") -modules/gallery/views/admin_maintenance.html.php 141 DIRTY_ATTR $task->state=="success"?"g-success":"g-error" -modules/gallery/views/admin_maintenance.html.php 142 DIRTY_ATTR $task->state=="success"?"g-success":"g-error" -modules/gallery/views/admin_maintenance.html.php 143 DIRTY gallery::date_time($task->updated) -modules/gallery/views/admin_maintenance.html.php 146 DIRTY $task->name -modules/gallery/views/admin_maintenance.html.php 158 DIRTY $task->status +modules/gallery/views/admin_maintenance.html.php 33 DIRTY_JS "{$button->url}/$task->callback?csrf=$csrf" +modules/gallery/views/admin_maintenance.html.php 76 DIRTY_ATTR text::alternate("g-odd","g-even") +modules/gallery/views/admin_maintenance.html.php 76 DIRTY_ATTR $task->state=="stalled"?"g-warning":"" +modules/gallery/views/admin_maintenance.html.php 77 DIRTY_ATTR $task->state=="stalled"?"g-warning":"" +modules/gallery/views/admin_maintenance.html.php 78 DIRTY gallery::date_time($task->updated) +modules/gallery/views/admin_maintenance.html.php 81 DIRTY $task->name +modules/gallery/views/admin_maintenance.html.php 96 DIRTY $task->status +modules/gallery/views/admin_maintenance.html.php 147 DIRTY_ATTR text::alternate("g-odd","g-even") +modules/gallery/views/admin_maintenance.html.php 147 DIRTY_ATTR $task->state=="success"?"g-success":"g-error" +modules/gallery/views/admin_maintenance.html.php 148 DIRTY_ATTR $task->state=="success"?"g-success":"g-error" +modules/gallery/views/admin_maintenance.html.php 149 DIRTY gallery::date_time($task->updated) +modules/gallery/views/admin_maintenance.html.php 152 DIRTY $task->name +modules/gallery/views/admin_maintenance.html.php 164 DIRTY $task->status modules/gallery/views/admin_maintenance_show_log.html.php 8 DIRTY_JS url::site("admin/maintenance/save_log/$task->id?csrf=$csrf") modules/gallery/views/admin_maintenance_show_log.html.php 13 DIRTY $task->name modules/gallery/views/admin_maintenance_task.html.php 55 DIRTY $task->name diff --git a/modules/gallery/views/admin_maintenance.html.php b/modules/gallery/views/admin_maintenance.html.php index ac597715..19375670 100644 --- a/modules/gallery/views/admin_maintenance.html.php +++ b/modules/gallery/views/admin_maintenance.html.php @@ -29,16 +29,22 @@ <?= $task->description ?> </td> <td> - <a href="<?= url::site("admin/maintenance/start/$task->callback?csrf=$csrf") ?>" + <? foreach ($task_buttons as $button): ?> + <a href="<?= "{$button->url}/$task->callback?csrf=$csrf" ?>" class="g-dialog-link g-button ui-icon-left ui-state-default ui-corner-all"> - <?= t("run") ?> + <?= html::clean($button->text) ?> </a> + <? endforeach ?> </td> </tr> <? endforeach ?> </table> </div> + <? foreach ($task_maintenance_content as $content): ?> + <?= html::purify($content) ?> + <? endforeach ?> + <? if ($running_tasks->count()): ?> <div id="g-running-tasks"> <h2> <?= t("Running tasks") ?> </h2> diff --git a/modules/gallery/views/user_profile.html.php b/modules/gallery/views/user_profile.html.php index f35f8c3f..78e1c579 100644 --- a/modules/gallery/views/user_profile.html.php +++ b/modules/gallery/views/user_profile.html.php @@ -57,13 +57,16 @@ </a> <? endif ?> <? if ($editable): ?> - <a class="g-button ui-icon-right ui-state-default ui-corner-all g-dialog-link" href="<?= url::site("form/edit/users/{$user->id}") ?>"> + <a class="g-button ui-icon-right ui-state-default ui-corner-all g-dialog-link" href="<?= url::site("form/edit/users/{$user->id}") ?>"> <?= t("Edit") ?> </a> + <a class="g-button ui-icon-right ui-state-default ui-corner-all g-dialog-link" href="<?= url::site("users/form_change_password/{$user->id}") ?>"> + <?= t("Change password") ?> + </a> <? endif ?> <a id="g-profile-return" class="g-button ui-icon-right ui-state-default ui-corner-all" href="#"> <?= t("Return") ?> </a> </div> -</div>
\ No newline at end of file +</div> diff --git a/modules/notification/helpers/notification.php b/modules/notification/helpers/notification.php index dfeab9fc..3e4854d7 100644 --- a/modules/notification/helpers/notification.php +++ b/modules/notification/helpers/notification.php @@ -107,8 +107,6 @@ class notification { t("Photo \"%title\" updated", array("title" => $original->title)) : t("Movie \"%title\" updated", array("title" => $original->title))); - Kohana_Log::add("error",print_r($v->render(),1)); - self::_notify($subscribers, $item, $v->render(), $v->subject); } diff --git a/modules/organize/controllers/organize.php b/modules/organize/controllers/organize.php index 4a4b9f13..38e8ca58 100644 --- a/modules/organize/controllers/organize.php +++ b/modules/organize/controllers/organize.php @@ -48,8 +48,12 @@ class Organize_Controller extends Controller { access::required("view", $target_album); access::required("add", $target_album); + $source_album = null; foreach (Input::instance()->post("source_ids") as $source_id) { $source = ORM::factory("item", $source_id); + if (empty($source_album)) { // get the source_album + $source_album = $source->parent(); + } if (!$source->contains($target_album)) { access::required("edit", $source); item::move($source, $target_album); @@ -57,8 +61,8 @@ class Organize_Controller extends Controller { } print json_encode( - array("tree" => (string)self::_expanded_tree(ORM::factory("item", 1), $target_album), - "grid" => (string)self::_get_micro_thumb_grid($target_album, 0))); + array("tree" => (string)self::_expanded_tree(ORM::factory("item", 1), $source_album), + "grid" => (string)self::_get_micro_thumb_grid($source_album, 0))); } function rearrange($target_id, $before_or_after) { @@ -69,6 +73,10 @@ class Organize_Controller extends Controller { access::required("view", $album); access::required("edit", $album); + if (locales::is_rtl()) { // invert the position if the locale is rtl + $before_or_after = $before_or_after == "after" ? "before" : "after"; + } + $source_ids = Input::instance()->post("source_ids", array()); if ($album->sort_column != "weight") { diff --git a/modules/organize/css/organize.css b/modules/organize/css/organize.css index d8923ea7..22d6e051 100644 --- a/modules/organize/css/organize.css +++ b/modules/organize/css/organize.css @@ -3,18 +3,18 @@ */ #g-organize { - height: auto; margin: 0 !important; + min-height: auto; padding: 0 !important; position: relative; width: 100%; } #g-organize-content-pane { - height: auto; + height: 100%; margin: 0 !important; padding: 0 !important; - position: relative; + position: absolute; width: 100%; } @@ -23,11 +23,15 @@ */ #g-organize #g-organize-tree-container { - height: 100%; - overflow: auto; margin: 0; + min-height: 100%; padding: 0; - width: 19%; + position: relative; + width: 20%; +} + +#g-organize #g-organize-tree-container h3 { + margin-bottom: 0.1em; } #g-organize-album-tree { @@ -38,6 +42,10 @@ padding: 0 0 .2em 1.2em; } +.rtl #g-organize-album-tree ul li { + padding: 0 1.2em .2em 0; +} + .g-organize-album span { cursor: pointer; } @@ -49,15 +57,27 @@ width: auto; } +.rtl .g-organize-album-text { + cursor: pointer; + display: block; + margin: 2px 2px 1px 1px; + width: auto; +} + +.g-organize-album-text:hover { + border-width: 1px; + border-style: dotted; +} + /******************************************************************* * Album panel styles */ #g-organize #g-organize-detail { - height: 100%; margin: 0 !important; - overflow: hidden; + min-height: 100%; padding: 0 !important; + position: relative; width: 80%; } @@ -68,35 +88,27 @@ #g-organize #g-organize-detail .g-message-block li { padding-bottom: .2em; padding-top: .2em; - width: inherit; -} - -#g-organize-microthumb-panel { - height: 100%; - margin: 0 !important; - position: relative; - padding: 0 !important; - width: 100%; + width: auto; } #g-organize-microthumb-grid { - height: 100%; - overflow: auto; + border-width: 1px; + border-style: solid; + bottom: 1.8em; + left: 0; + margin: 0 !important; + overflow-x: hidden; + overflow-y: auto; padding: .4em !important; - position: relative; + position: absolute; + right: 0; + top: 1.6em; } - .g-organize-microthumb-grid-cell { - margin: 6px; - padding: 0 !important; - position: relative; -} - -.g-organize-microthumb { display: block; height: 100px; - margin: 0; - padding: .4em 0; + margin: 6px; + padding: .4em 0 !important; position: relative; text-align: center; width: 110px; @@ -106,7 +118,7 @@ z-index: 2000 !important; } -.g-organize-microthumb .ui-icon { +.g-organize-microthumb-grid-cell .ui-icon { bottom: 0; left: 0; position: absolute; @@ -118,11 +130,22 @@ */ #g-organize-controls { + bottom: 0; + height: 1.9em; + left: 0; margin: 0 !important; - padding: .2em .4em; + padding: .1em .4em; + position: absolute; + right: 0; } +#g-organize-controls #g-organize-sort-order-text { + padding: .2em 0 0 0; +} + + #g-organize-controls select { + margin-left: .42em; display: inline; } diff --git a/modules/organize/css/organize_theme.css b/modules/organize/css/organize_theme.css new file mode 100644 index 00000000..3d289755 --- /dev/null +++ b/modules/organize/css/organize_theme.css @@ -0,0 +1,16 @@ +/** ******************************************************************* + * Organize styles that are theme overrideable + *********************************************************************/ +.g-organize-microthumb-grid-cell.ui-selected { + background: #DFEFFC !important; +} + +#g-organize-microthumb-grid, +#g-organize-drop-target-marker, +.g-organize-album-text:hover { + border-color: #79B7E7; +} + +#g-organize-drop-target-marker { + background-color: #79B7E7; +} diff --git a/modules/organize/helpers/organize_theme.php b/modules/organize/helpers/organize_theme.php index 61b6fe7d..c2914675 100644 --- a/modules/organize/helpers/organize_theme.php +++ b/modules/organize/helpers/organize_theme.php @@ -27,6 +27,7 @@ class organize_theme { // approach that lets us continue to use the Kohana cascading filesystem. $theme->script("organize.js"); $theme->css("organize.css"); + $theme->css("organize_theme.css"); } } } diff --git a/modules/organize/js/organize.js b/modules/organize/js/organize.js index 76eadf85..276fc3fa 100644 --- a/modules/organize/js/organize.js +++ b/modules/organize/js/organize.js @@ -4,18 +4,16 @@ handle: ".ui-selected", distance: 10, cursorAt: { left: -10, top: -10}, - appendTo: "#g-organize-microthumb-panel", + appendTo: "#g-organize-content-pane", helper: function(event, ui) { var selected = $(".ui-draggable.ui-selected img"); if (selected.length) { var set = $('<div class="g-drag-helper"></div>') .css({ - zIndex: 2000, - width: 80, - height: Math.ceil(selected.length / 5) * 16 + zIndex: 2000, + width: 80, + height: Math.ceil(selected.length / 5) * 16 }); - var offset = $(this).offset(); - var click = {left: event.pageX - offset.left, top: event.pageY - offset.top}; selected.each(function(i) { var row = parseInt(i / 5); @@ -37,17 +35,19 @@ }, start: function(event, ui) { - $("#g-organize-microthumb-panel .ui-selected").hide(); + $("#g-organize-microthumb-grid .ui-selected").hide(); }, drag: function(event, ui) { - var top = $("#g-organize-microthumb-panel").offset().top; - var height = $("#g-organize-microthumb-panel").height(); + var top = $("#g-organize-microthumb-grid").offset().top; + var height = $("#g-organize-microthumb-grid").height(); + var scrollTop = $("#g-organize-microthumb-grid").scrollTop(); if (ui.offset.top > height + top - 20) { - $("#g-organize-microthumb-panel").get(0).scrollTop += 100; + scrollTop += 100; } else if (ui.offset.top < top + 20) { - $("#g-organize-microthumb-panel").get(0).scrollTop = Math.max(0, $("#g-organize-microthumb-panel").get(0).scrollTop - 100); + scrollTop = Math.max(0, scrollTop - 100); } + $("#g-organize-microthumb-grid").scrollTop(scrollTop); } }, @@ -56,19 +56,11 @@ tolerance: "pointer", greedy: true, drop: function(event, ui) { - var before_or_after = null; - var target_id = null; - if ($(".currentDropTarget").length) { - before_or_after = $(".currentDropTarget").css("borderLeftStyle") == "solid" ? "before" : "after"; - target_id = $(".currentDropTarget").attr("ref"); - } else { - before_or_after = "after"; - target_id = $("#g-organize-microthumb-grid li:last").attr("ref"); - } + var target = $("#g-organize-drop-target-marker").data("drop_position"); $.organize.do_drop({ url: rearrange_url - .replace("__TARGET_ID__", target_id) - .replace("__BEFORE__", before_or_after), + .replace("__TARGET_ID__", target.id) + .replace("__BEFORE__", target.position ? "before" : "after"), source: $(ui.helper).children("img") }); } @@ -80,8 +72,8 @@ greedy: true, drop: function(event, ui) { if ($(event.target).hasClass("g-view-only")) { + $("#g-organize-drop-target-marker").remove(); $(".ui-selected").show(); - $(".g-organize-microthumb-grid-cell").css("borderStyle", "none"); } else { $.organize.do_drop({ url: move_url.replace("__ALBUM_ID__", $(event.target).attr("ref")), @@ -92,19 +84,31 @@ }, do_drop: function(options) { - $("#g-organize-microthumb-panel").selectable("destroy"); + $("#g-organize-microthumb-grid").selectable("destroy"); var source_ids = []; $(options.source).each(function(i) { source_ids.push($(this).attr("ref")); }); if (source_ids.length) { + var loading = $('<div class="g-dialog-loading-large"> </div>') + .css({bottom: 5, + opacity: .5, + left: 0, + position: "absolute", + right: 0, + top: 0, + zIndex: 2000 + }); + $("#g-organize-microthumb-grid").append(loading); + $.post(options.url, - { "source_ids[]": source_ids }, - function(data) { - $.organize._refresh(data); - }, - "json"); + { "source_ids[]": source_ids }, + function(data) { + $.organize._refresh(data); + $(".g-dialog-loading-large").remove(); + }, + "json"); } }, @@ -120,14 +124,45 @@ $.organize.set_handlers(); }, - mouse_move_handler: function(event) { + grid_mouse_leave_handler: function(event) { + if ($(".g-drag-helper").length && $("#g-organize-drop-target-marker").length) { + $("#g-organize-drop-target-marker").remove(); + } + }, + + grid_mouse_move_handler: function(event) { if ($(".g-drag-helper").length) { - $(".g-organize-microthumb-grid-cell").css({borderStyle: "hidden", margin: "6px"}); - $(".currentDropTarget").removeClass("currentDropTarget"); - var borderStyle = event.pageX < $(this).offset().left + $(this).width() / 2 ? - {borderLeftStyle: "solid", marginLeft: "2px"} : {borderRightStyle: "solid", marginRight: "2px"}; - $(this).addClass("currentDropTarget") - .css(borderStyle); + var cellSize = $("#g-organize").data("cellSize"); + var thumbnailCount = $(".g-organize-microthumb-grid-cell:visible").length; + + var scrollTop = $("#g-organize-microthumb-grid").scrollTop(); + var itemPos = { + col: Math.floor((event.pageX - $("#g-organize-microthumb-grid").offset().left) / cellSize.width), + row: Math.floor((event.pageY + scrollTop - $("#g-organize-microthumb-grid").offset().top) / cellSize.height) + }; + + var itemIndex = itemPos.row * cellSize.columns + itemPos.col; + var item = itemIndex < thumbnailCount ? $(".g-organize-microthumb-grid-cell:visible").get(itemIndex) : + $(".g-organize-microthumb-grid-cell:visible:last"); + + var before = event.pageX < ($(item).offset().left + $(item).width() / 2); + var left = (before && itemIndex < thumbnailCount ? $(item).position().left : $(item).position().left + cellSize.width) - 3; + var top = $(item).position().top + 6 + scrollTop; + + if ($("#g-organize-drop-target-marker").length) { + $("#g-organize-drop-target-marker").remove(); + } + var set = $('<div id="g-organize-drop-target-marker"></div>') + .css({zIndex: 2000, + width: 2, + height: 112, + borderWidth: 1, + borderStyle: "solid", + position: "absolute", + top: top, left: left + }) + .data("drop_position", {id: $(item).attr("ref"), position: before}); + $("#g-organize-microthumb-grid").append(set); } }, @@ -140,9 +175,16 @@ $(".sf-menu li.sfHover ul").css("z-index", 68); $("#g-dialog").dialog("option", "zIndex", 70); $("#g-dialog").bind("dialogopen", function(event, ui) { - $("#g-organize").height($("#g-dialog").innerHeight() - 20); - $("#g-organize-microthumb-grid").height($("#g-dialog").innerHeight() - 91); - $("#g-organize-tree-container").height($("#g-dialog").innerHeight() - 60); + var outerHeight = $(".g-organize-microthumb-grid-cell").outerHeight(true); + var outerWidth = $(".g-organize-microthumb-grid-cell").outerWidth(true); + var gridInnerWidth = $("#g-organize-microthumb-grid").innerWidth() - 2 * parseFloat($("#g-organize-microthumb-grid").css("paddingLeft")); + $("#g-organize") + .height($("#g-dialog").innerHeight() - 20) + .data("cellSize", { + height: outerHeight, + width: outerWidth, + columns: Math.floor(gridInnerWidth / outerWidth) + }); }); $("#g-dialog").bind("dialogclose", function(event, ui) { @@ -164,11 +206,13 @@ set_handlers: function() { $("#g-organize-microthumb-grid") .selectable({filter: ".g-organize-microthumb-grid-cell"}) + .mousemove($.organize.grid_mouse_move_handler) + .mouseleave($.organize.grid_mouse_leave_handler) .droppable($.organize.content_droppable); $(".g-organize-microthumb-grid-cell") - .draggable($.organize.micro_thumb_draggable) - .mouseleave($.organize.mouse_leave_handler) - .mousemove($.organize.mouse_move_handler); + // need to manually add this class in case we care calling with additional elements + .addClass("ui-selectee") + .draggable($.organize.micro_thumb_draggable); $(".g-organize-album").droppable($.organize.branch_droppable); $(".g-organize-album-text").click($.organize.show_album); $("#g-organize-album-tree .ui-icon-plus,#g-organize-album-tree .ui-icon-minus").click($.organize.toggle_branch); @@ -210,18 +254,18 @@ if ($(parent).hasClass("g-view-only")) { return; } - $("#g-organize-microthumb-panel").selectable("destroy"); + $("#g-organize-microthumb-grid").selectable("destroy"); var id = $(event.currentTarget).attr("ref"); $(".g-organize-album-text.ui-state-focus").removeClass("ui-state-focus"); $(".g-organize-album-text[ref=" + id + "]").addClass("ui-state-focus"); - var url = $("#g-organize-microthumb-panel").attr("ref").replace("__ITEM_ID__", id).replace("__OFFSET__", 0); + var url = $("#g-organize-microthumb-grid").attr("ref").replace("__ITEM_ID__", id).replace("__OFFSET__", 0); $.get(url, {}, - function(data) { - $("#g-organize-microthumb-grid").html(data.grid); - $("#g-organize-sort-column").attr("value", data.sort_column); - $("#g-organize-sort-order").attr("value", data.sort_order); - $.organize.set_handlers(); - }, + function(data) { + $("#g-organize-microthumb-grid").html(data.grid); + $("#g-organize-sort-column").attr("value", data.sort_column); + $("#g-organize-sort-order").attr("value", data.sort_order); + $.organize.set_handlers(); + }, "json"); }, diff --git a/modules/organize/views/organize_dialog.html.php b/modules/organize/views/organize_dialog.html.php index 435f5ae3..38d05b81 100644 --- a/modules/organize/views/organize_dialog.html.php +++ b/modules/organize/views/organize_dialog.html.php @@ -15,22 +15,28 @@ </ul> </div> <div id="g-organize-detail" class="g-left ui-helper-clearfix"> - <div id="g-organize-microthumb-panel" class="ui-widget" + <ul id="g-action-status" class="g-message-block"> + <li class="g-info"><?= t("Drag and drop photos to re-order or move between albums") ?></li> + </ul> + <div id="g-organize-microthumb-grid" class="ui-widget" ref="<?= url::site("organize/album/__ITEM_ID__/__OFFSET__") ?>"> - <ul id="g-action-status" class="g-message-block"> - <li class="g-info"><?= t("Drag and drop photos to re-order or move between albums") ?></li> - </ul> - <ul id="g-organize-microthumb-grid" class="ui-widget-content"> <?= $micro_thumb_grid ?> - </ul> </div> <div id="g-organize-controls" class="ui-widget-header"> <a id="g-organize-close" href="#" ref="done" class="g-button g-right ui-corner-all ui-state-default"><?= t("Close") ?></a> <form> - <?= t("Sort order") ?> - <?= form::dropdown(array("id" => "g-organize-sort-column"), album::get_sort_order_options(), $album->sort_column) ?> - <?= form::dropdown(array("id" => "g-organize-sort-order"), array("ASC" => "Ascending", "DESC" => "Descending"), $album->sort_order) ?> + <ul> + <li id="g-organize-sort-order-text" class="g-left"><?= t("Sort order") ?></li> + <li class="g-left"> + <?= form::dropdown(array("id" => "g-organize-sort-column"), + album::get_sort_order_options(), $album->sort_column) ?> + </li> + <li class="g-left"> + <?= form::dropdown(array("id" => "g-organize-sort-order"), + array("ASC" => t("Ascending"), "DESC" => t("Descending")), $album->sort_order) ?> + </li> + </ul> </form> </div> </div> diff --git a/modules/organize/views/organize_thumb_grid.html.php b/modules/organize/views/organize_thumb_grid.html.php index 9a9cd819..f5db53d4 100644 --- a/modules/organize/views/organize_thumb_grid.html.php +++ b/modules/organize/views/organize_thumb_grid.html.php @@ -1,12 +1,10 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> <? foreach ($album->children(25, $offset) as $child): ?> -<li class="g-organize-microthumb-grid-cell g-left ui-state-default" ref="<?= $child->id ?>"> - <div id="g-organize-microthumb-<?= $child->id ?>" - class="g-organize-microthumb <?= $child->is_album() ? "g-album" : "g-photo" ?> ui-state-active"> - <?= $child->thumb_img(array("class" => "g-thumbnail", "ref" => $child->id), 90, true) ?> - <span<?= $child->is_album() ? " class=\"ui-icon ui-icon-note\"" : "" ?>></span> - </div> -</li> +<div class="g-organize-microthumb-grid-cell g-left ui-state-default ui-state-active <?= $child->is_album() ? "g-album" : "g-photo" ?>" + ref="<?= $child->id ?>"> + <?= $child->thumb_img(array("class" => "g-thumbnail", "ref" => $child->id), 90, true) ?> + <span<?= $child->is_album() ? " class=\"ui-icon ui-icon-note\"" : "" ?>></span> +</div> <? endforeach ?> <? if ($album->children_count() > $offset): ?> diff --git a/modules/organize/views/organize_tree.html.php b/modules/organize/views/organize_tree.html.php index 513c0625..3912c1f6 100644 --- a/modules/organize/views/organize_tree.html.php +++ b/modules/organize/views/organize_tree.html.php @@ -1,9 +1,9 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> -<li class="g-organize-album ui-icon-left <?= access::can("edit", $album) ? "" : "g-view-only" ?>" +<li class="g-organize-album ui-icon-left g-left <?= access::can("edit", $album) ? "" : "g-view-only" ?>" ref="<?= $album->id ?>"> - <span class="ui-icon ui-icon-minus"> + <span class="ui-icon ui-icon-minus g-left"> </span> - <span class="g-organize-album-text <?= $selected && $album->id == $selected->id ? "ui-state-focus" : "" ?>" + <span class="g-organize-album-text g-left <?= $selected && $album->id == $selected->id ? "ui-state-focus" : "" ?>" ref="<?= $album->id ?>"> <?= html::clean($album->title) ?> </span> @@ -12,10 +12,10 @@ <? if ($selected && $child->contains($selected)): ?> <?= View::factory("organize_tree.html", array("selected" => $selected, "album" => $child)); ?> <? else: ?> - <li class="g-organize-album ui-icon-left <?= access::can("edit", $child) ? "" : "g-view-only" ?>" + <li class="g-organize-album ui-icon-left g-left <?= access::can("edit", $child) ? "" : "g-view-only" ?>" ref="<?= $child->id ?>"> - <span class="ui-icon ui-icon-plus"></span> - <span class="g-organize-album-text" ref="<?= $child->id ?>"> + <span class="ui-icon ui-icon-plus g-left"></span> + <span class="g-organize-album-text g-left <?= $selected && $child->id == $selected->id ? "ui-state-focus" : "" ?>" ref="<?= $child->id ?>"> <?= html::clean($child->title) ?> </span> </li> diff --git a/modules/rss/views/feed.mrss.php b/modules/rss/views/feed.mrss.php index a61ee96c..cdb4f0f0 100644 --- a/modules/rss/views/feed.mrss.php +++ b/modules/rss/views/feed.mrss.php @@ -1,5 +1,5 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> -<? echo "<?xml version=\"1.0\" ?>" ?> +<? echo '<?xml version="1.0" ?>' ?> <rss version="2.0" xmlns:media="http://search.yahoo.com/mrss/" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php index 03d9858b..df3d96c9 100644 --- a/modules/user/controllers/admin_users.php +++ b/modules/user/controllers/admin_users.php @@ -60,9 +60,7 @@ class Admin_Users_Controller extends Admin_Controller { } public function add_user_form() { - $v = new View("user_form.html"); - $v->form = $this->_get_user_add_form_admin(); - print $v; + print $this->_get_user_add_form_admin(); } public function delete_user($id) { @@ -147,13 +145,7 @@ class Admin_Users_Controller extends Admin_Controller { throw new Kohana_404_Exception(); } - $v = new View("user_form.html"); - $v->form = $this->_get_user_edit_form_admin($user); - // Don't allow the user to control their own admin bit, else you can lock yourself out - if ($user->id == identity::active_user()->id) { - $v->form->edit_user->admin->disabled(1); - } - print $v; + print $this->_get_user_edit_form_admin($user); } public function add_user_to_group($user_id, $group_id) { @@ -287,18 +279,32 @@ class Admin_Users_Controller extends Admin_Controller { $form = new Forge( "admin/users/edit_user/$user->id", "", "post", array("id" => "g-edit-user-form")); $group = $form->group("edit_user")->label(t("Edit user")); - $group->input("name")->label(t("Username"))->id("g-username")->value($user->name); - $group->inputs["name"]->error_messages( - "conflict", t("There is already a user with that username")); - $group->input("full_name")->label(t("Full name"))->id("g-fullname")->value($user->full_name); - self::_add_locale_dropdown($group, $user); - $group->password("password")->label(t("Password"))->id("g-password"); + $group->input("name")->label(t("Username"))->id("g-username")->value($user->name) + ->error_messages("conflict", t("There is already a user with that username")); + $group->input("full_name")->label(t("Full name"))->id("g-fullname")->value($user->full_name) + ->error_messages("length", t("This name is too long")); + $group->password("password")->label(t("Password"))->id("g-password") + ->error_messages("min_length", t("This password is too short")); + $group->script("") + ->text( + '$("form").ready(function(){$(\'input[name="password"]\').user_password_strength();});'); $group->password("password2")->label(t("Confirm password"))->id("g-password2") + ->error_messages("matches", t("The passwords you entered do not match")) ->matches($group->password); - $group->input("email")->label(t("Email"))->id("g-email")->value($user->email); - $group->input("url")->label(t("URL"))->id("g-url")->value($user->url); + $group->input("email")->label(t("Email"))->id("g-email")->value($user->email) + ->error_messages("required", t("You must enter a valid email address")) + ->error_messages("length", t("This email address is too long")) + ->error_messages("email", t("You must enter a valid email address")); + $group->input("url")->label(t("URL"))->id("g-url")->value($user->url) + ->error_messages("url", t("You must enter a valid URL")); + self::_add_locale_dropdown($group, $user); $group->checkbox("admin")->label(t("Admin"))->id("g-admin")->checked($user->admin); + // Don't allow the user to control their own admin bit, else you can lock yourself out + if ($user->id == identity::active_user()->id) { + $group->admin->disabled(1); + } + module::event("user_edit_form_admin", $user, $form); $group->submit("")->value(t("Modify User")); return $form; @@ -308,13 +314,25 @@ class Admin_Users_Controller extends Admin_Controller { $form = new Forge("admin/users/add_user", "", "post", array("id" => "g-add-user-form")); $group = $form->group("add_user")->label(t("Add user")); $group->input("name")->label(t("Username"))->id("g-username") + ->error_messages("required", t("A name is required")) + ->error_messages("length", t("This name is too long")) ->error_messages("conflict", t("There is already a user with that username")); - $group->input("full_name")->label(t("Full name"))->id("g-fullname"); - $group->password("password")->label(t("Password"))->id("g-password"); + $group->input("full_name")->label(t("Full name"))->id("g-fullname") + ->error_messages("length", t("This name is too long")); + $group->password("password")->label(t("Password"))->id("g-password") + ->error_messages("min_length", t("This password is too short")); + $group->script("") + ->text( + '$("form").ready(function(){$(\'input[name="password"]\').user_password_strength();});'); $group->password("password2")->label(t("Confirm password"))->id("g-password2") + ->error_messages("matches", t("The passwords you entered do not match")) ->matches($group->password); - $group->input("email")->label(t("Email"))->id("g-email"); - $group->input("url")->label(t("URL"))->id("g-url"); + $group->input("email")->label(t("Email"))->id("g-email") + ->error_messages("required", t("You must enter a valid email address")) + ->error_messages("length", t("This email address is too long")) + ->error_messages("email", t("You must enter a valid email address")); + $group->input("url")->label(t("URL"))->id("g-url") + ->error_messages("url", t("You must enter a valid URL")); self::_add_locale_dropdown($group); $group->checkbox("admin")->label(t("Admin"))->id("g-admin"); diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index d0c67dd1..166ff8b2 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -20,7 +20,6 @@ class Users_Controller extends Controller { public function update($id) { $user = user::lookup($id); - if ($user->guest || $user->id != identity::active_user()->id) { access::forbidden(); } @@ -29,9 +28,6 @@ class Users_Controller extends Controller { try { $valid = $form->validate(); $user->full_name = $form->edit_user->full_name->value; - if ($form->edit_user->password->value) { - $user->password = $form->edit_user->password->value; - } $user->email = $form->edit_user->email->value; $user->url = $form->edit_user->url->value; @@ -57,7 +53,7 @@ class Users_Controller extends Controller { $user->save(); module::event("user_edit_form_completed", $user, $form); - message::success(t("User information updated.")); + message::success(t("User information updated")); print json_encode( array("result" => "success", "resource" => url::site("users/{$user->id}"))); @@ -66,30 +62,93 @@ class Users_Controller extends Controller { } } + public function change_password($id) { + $user = user::lookup($id); + if ($user->guest || $user->id != identity::active_user()->id) { + access::forbidden(); + } + + $form = $this->_get_change_password_form($user); + try { + $valid = $form->validate(); + $user->password = $form->change_password->password->value; + $user->validate(); + } catch (ORM_Validation_Exception $e) { + // Translate ORM validation errors into form error messages + foreach ($e->validation->errors() as $key => $error) { + $form->change_password->inputs[$key]->add_error($error, 1); + } + $valid = false; + } + + if ($valid) { + $user->save(); + module::event("user_change_password_form_completed", $user, $form); + message::success(t("Password changed")); + module::event("user_password_change", $user); + print json_encode( + array("result" => "success", + "resource" => url::site("users/{$user->id}"))); + } else { + log::warning("user", t("Failed password change for %name", array("name" => $user->name))); + $name = $user->name; + module::event("user_password_change_failed", $name); + print json_encode(array("result" => "error", "form" => (string) $form)); + } + } + public function form_edit($id) { $user = user::lookup($id); if ($user->guest || $user->id != identity::active_user()->id) { access::forbidden(); } - $v = new View("user_form.html"); - $v->form = $this->_get_edit_form($user); - print $v; + print $this->_get_edit_form($user); + } + + public function form_change_password($id) { + $user = user::lookup($id); + if ($user->guest || $user->id != identity::active_user()->id) { + access::forbidden(); + } + + print $this->_get_change_password_form($user); + } + + private function _get_change_password_form($user) { + $form = new Forge( + "users/change_password/$user->id", "", "post", array("id" => "g-change-password-user-form")); + $group = $form->group("change_password")->label(t("Change your password")); + $group->password("old_password")->label(t("Old password"))->id("g-password") + ->callback("auth::validate_too_many_failed_password_changes") + ->callback("user::valid_password") + ->error_messages("invalid", t("Incorrect password")) + ->error_messages( + "too_many_failed_password_changes", + t("Too many incorrect passwords. Try again later")); + $group->password("password")->label(t("New password"))->id("g-password") + ->error_messages("min_length", t("Your new password is too short")); + $group->script("") + ->text( + '$("form").ready(function(){$(\'input[name="password"]\').user_password_strength();});'); + $group->password("password2")->label(t("Confirm new password"))->id("g-password2") + ->matches($group->password) + ->error_messages("matches", t("The passwords you entered do not match")); + + module::event("user_change_password_form", $user, $form); + $group->submit("")->value(t("Save")); + return $form; } private function _get_edit_form($user) { $form = new Forge("users/update/$user->id", "", "post", array("id" => "g-edit-user-form")); - $group = $form->group("edit_user")->label(t("Edit User: %name", array("name" => $user->name))); + $group = $form->group("edit_user")->label(t("Edit your profile")); $group->input("full_name")->label(t("Full Name"))->id("g-fullname")->value($user->full_name) ->error_messages("length", t("Your name is too long")); self::_add_locale_dropdown($group, $user); - $group->password("password")->label(t("Password"))->id("g-password") - ->error_messages("min_length", t("Your password is too short")); - $group->password("password2")->label(t("Confirm Password"))->id("g-password2") - ->matches($group->password) - ->error_messages("matches", t("The passwords you entered do not match")); $group->input("email")->label(t("Email"))->id("g-email")->value($user->email) ->error_messages("email", t("You must enter a valid email address")) + ->error_messages("length", t("Your email address is too long")) ->error_messages("required", t("You must enter a valid email address")); $group->input("url")->label(t("URL"))->id("g-url")->value($user->url); diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php index 3561021f..7ceca6a5 100644 --- a/modules/user/helpers/user.php +++ b/modules/user/helpers/user.php @@ -70,6 +70,12 @@ class user_Core { return false; } + static function valid_password($password_input) { + if (!user::is_correct_password(identity::active_user(), $password_input->value)) { + $password_input->add_error("invalid", 1); + } + } + /** * Create the hashed passwords. * @param string $password a plaintext password diff --git a/modules/user/models/user.php b/modules/user/models/user.php index baac9315..4404ee63 100644 --- a/modules/user/models/user.php +++ b/modules/user/models/user.php @@ -122,7 +122,7 @@ class User_Model extends ORM implements User_Definition { public function valid_name(Validation $v, $field) { if (db::build()->from("users") ->where("name", "=", $this->name) - ->where("id", "<>", $this->id) + ->merge_where($this->id ? array(array("id", "<>", $this->id)) : null) ->count_records() == 1) { $v->add_error("name", "conflict"); } @@ -136,7 +136,7 @@ class User_Model extends ORM implements User_Definition { return; } - if (!$this->loaded() || $this->password_length) { + if (!$this->loaded() || isset($this->password_length)) { $minimum_length = module::get_var("user", "mininum_password_length", 5); if ($this->password_length < $minimum_length) { $v->add_error("password", "min_length"); diff --git a/modules/user/views/user_form.html.php b/modules/user/views/user_form.html.php deleted file mode 100644 index 4ce2b532..00000000 --- a/modules/user/views/user_form.html.php +++ /dev/null @@ -1,7 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access.") ?> -<script type="text/javascript"> - $("form").ready(function(){ - $('input[name="password"]').user_password_strength(); - }); -</script> -<?= $form ?> diff --git a/themes/wind/css/screen.css b/themes/wind/css/screen.css index 12fa695d..630e8bbd 100644 --- a/themes/wind/css/screen.css +++ b/themes/wind/css/screen.css @@ -447,3 +447,4 @@ td { .rtl #g-view-menu #g-slideshow-link { background-image: url('../images/ico-view-slideshow-rtl.png'); } + |