diff options
| -rw-r--r-- | .build_number | 2 | ||||
| -rw-r--r-- | index.php | 3 | ||||
| -rw-r--r-- | installer/install.sql | 1 | ||||
| -rw-r--r-- | modules/gallery/helpers/gallery_installer.php | 11 | ||||
| -rw-r--r-- | modules/gallery/libraries/ORM_MPTT.php | 3 | ||||
| -rw-r--r-- | modules/gallery/module.info | 2 | ||||
| -rw-r--r-- | themes/admin_wind/views/admin.html.php | 1 | ||||
| -rw-r--r-- | themes/wind/views/page.html.php | 3 |
8 files changed, 19 insertions, 7 deletions
diff --git a/.build_number b/.build_number index 83ac23ec..8c992dcc 100644 --- a/.build_number +++ b/.build_number @@ -3,4 +3,4 @@ ; process. You don't need to edit it. In fact.. ; ; DO NOT EDIT THIS FILE BY HAND! -build_number=255 +build_number=258 @@ -51,6 +51,9 @@ ini_set("display_errors", false); // Ajax code. ini_set("session.use_trans_sid", false); +// Restrict all response frames to the same origin for security +header("X-Frame-Options: SAMEORIGIN"); + define("EXT", ".php"); define("DOCROOT", getcwd() . "/"); define("KOHANA", "index.php"); diff --git a/installer/install.sql b/installer/install.sql index aee0900c..0156b9db 100644 --- a/installer/install.sql +++ b/installer/install.sql @@ -411,6 +411,7 @@ INSERT INTO {vars} VALUES (NULL,'gallery','email_from','unknown@unknown.com'); INSERT INTO {vars} VALUES (NULL,'gallery','email_reply_to','unknown@unknown.com'); INSERT INTO {vars} VALUES (NULL,'gallery','email_line_length','70'); INSERT INTO {vars} VALUES (NULL,'gallery','email_header_separator','s:1:\"\n\";'); +INSERT INTO {vars} VALUES (NULL,'gallery','lock_timeout','1'); INSERT INTO {vars} VALUES (NULL,'gallery','show_user_profiles_to','registered_users'); INSERT INTO {vars} VALUES (NULL,'gallery','extra_binary_paths','/usr/local/bin:/opt/local/bin:/opt/bin'); INSERT INTO {vars} VALUES (NULL,'gallery','timezone',NULL); diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index e556b49a..99bc3726 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -312,8 +312,9 @@ class gallery_installer { module::set_var("gallery", "show_user_profiles_to", "registered_users"); module::set_var("gallery", "extra_binary_paths", "/usr/local/bin:/opt/local/bin:/opt/bin"); module::set_var("gallery", "timezone", null); + module::set_var("gallery", "lock_timeout", 1); - module::set_version("gallery", 50); + module::set_version("gallery", 51); } static function upgrade($version) { @@ -713,6 +714,14 @@ class gallery_installer { } module::set_version("gallery", $version = 50); } + + if ($version == 50) { + // In v50, a lock_timeout variable was added so that administrators could edit the time out + // from 1 second to a higher variable if their system runs concurrent parallel uploads for + // instance. + module::set_var("gallery", "lock_timeout", 1); + module::set_version("gallery", $version = 51); + } } static function uninstall() { diff --git a/modules/gallery/libraries/ORM_MPTT.php b/modules/gallery/libraries/ORM_MPTT.php index 534dd13b..ce0b102c 100644 --- a/modules/gallery/libraries/ORM_MPTT.php +++ b/modules/gallery/libraries/ORM_MPTT.php @@ -324,7 +324,8 @@ class ORM_MPTT_Core extends ORM { * Lock the tree to prevent concurrent modification. */ protected function lock() { - $result = $this->db->query("SELECT GET_LOCK('{$this->table_name}', 1) AS l")->current(); + $timeout = module::get_var("gallery", "lock_timeout"); + $result = $this->db->query("SELECT GET_LOCK('{$this->table_name}', $timeout) AS l")->current(); if (empty($result->l)) { throw new Exception("@todo UNABLE_TO_LOCK_EXCEPTION"); } diff --git a/modules/gallery/module.info b/modules/gallery/module.info index a905a241..424c0c2d 100644 --- a/modules/gallery/module.info +++ b/modules/gallery/module.info @@ -1,6 +1,6 @@ name = "Gallery 3" description = "Gallery core application" -version = 50 +version = 51 author_name = "Gallery Team" author_url = "http://codex.gallery2.org/Gallery:Team" info_url = "http://codex.gallery2.org/Gallery3:Modules:gallery" diff --git a/themes/admin_wind/views/admin.html.php b/themes/admin_wind/views/admin.html.php index 0300f7af..9a149149 100644 --- a/themes/admin_wind/views/admin.html.php +++ b/themes/admin_wind/views/admin.html.php @@ -1,5 +1,4 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> -<?php header("X-Frame-Options: SAMEORIGIN"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" <?= $theme->html_attributes() ?> xml:lang="en" lang="en"> diff --git a/themes/wind/views/page.html.php b/themes/wind/views/page.html.php index c3e212c5..23021e4d 100644 --- a/themes/wind/views/page.html.php +++ b/themes/wind/views/page.html.php @@ -1,5 +1,4 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> -<?php header("X-Frame-Options: SAMEORIGIN"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" <?= $theme->html_attributes() ?> xml:lang="en" lang="en"> @@ -131,7 +130,7 @@ </div> </div> <div id="g-sidebar" class="yui-b"> - <? if ($theme->page_subtype != "login"): ?> + <? if (!in_array($theme->page_subtype, array("login", "error"))): ?> <?= new View("sidebar.html") ?> <? endif ?> </div> |