diff options
Diffstat (limited to 'modules/gallery/controllers')
19 files changed, 399 insertions, 113 deletions
diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php index b92a32cd..98cac557 100644 --- a/modules/gallery/controllers/admin.php +++ b/modules/gallery/controllers/admin.php @@ -21,7 +21,7 @@ class Admin_Controller extends Controller { private $theme; public function __construct($theme=null) { - if (!(user::active()->admin)) { + if (!(identity::active_user()->admin)) { access::forbidden(); } diff --git a/modules/gallery/controllers/admin_dashboard.php b/modules/gallery/controllers/admin_dashboard.php index 3cb97b14..7e28f625 100644 --- a/modules/gallery/controllers/admin_dashboard.php +++ b/modules/gallery/controllers/admin_dashboard.php @@ -22,7 +22,7 @@ class Admin_Dashboard_Controller extends Admin_Controller { $view = new Admin_View("admin.html"); $view->content = new View("admin_dashboard.html"); $view->content->blocks = block_manager::get_html("dashboard_center"); - $view->sidebar = "<div id=\"gAdminDashboardSidebar\">" . + $view->sidebar = "<div id=\"g-admin-dashboard-sidebar\">" . block_manager::get_html("dashboard_sidebar") . "</div>"; print $view; @@ -34,7 +34,7 @@ class Admin_Dashboard_Controller extends Admin_Controller { $form = gallery_block::get_add_block_form(); if ($form->validate()) { list ($module_name, $id) = explode(":", $form->add_block->id->value); - $available = block_manager::get_available(); + $available = block_manager::get_available_admin_blocks(); if ($form->add_block->center->value) { block_manager::add("dashboard_center", $module_name, $id); @@ -66,7 +66,7 @@ class Admin_Dashboard_Controller extends Admin_Controller { } if (!empty($deleted)) { - $available = block_manager::get_available(); + $available = block_manager::get_available_admin_blocks(); $title = $available[join(":", $deleted)]; message::success(t("Removed <b>%title</b> block", array("title" => $title))); } diff --git a/modules/gallery/controllers/admin_identity.php b/modules/gallery/controllers/admin_identity.php new file mode 100644 index 00000000..acf71665 --- /dev/null +++ b/modules/gallery/controllers/admin_identity.php @@ -0,0 +1,76 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Admin_Identity_Controller extends Admin_Controller { + public function index() { + $view = new Admin_View("admin.html"); + $view->content = new View("admin_identity.html"); + $view->content->available = identity::providers(); + $view->content->active = module::get_var("gallery", "identity_provider", "user"); + print $view; + } + + public function confirm() { + access::verify_csrf(); + + $v = new View("admin_identity_confirm.html"); + $v->new_provider = $this->input->post("provider"); + + print $v; + } + + public function change() { + access::verify_csrf(); + + $active_provider = module::get_var("gallery", "identity_provider", "user"); + $providers = identity::providers(); + $new_provider = $this->input->post("provider"); + + if ($new_provider != $active_provider) { + + module::deactivate($active_provider); + + // Switch authentication + identity::reset(); + module::set_var("gallery", "identity_provider", $new_provider); + + module::install($new_provider); + module::activate($new_provider); + + module::event("identity_provider_changed", $active_provider, $new_provider); + + module::uninstall($active_provider); + + message::success(t("Changed to %description", + array("description" => $providers->$new_provider))); + + try { + Session::instance()->destroy(); + } catch (Exception $e) { + // We don't care if there was a problem destroying the session. + } + url::redirect(item::root()->abs_url()); + } + + message::info(t("The selected provider \"%description\" is already active.", + array("description" => $providers->$new_provider))); + url::redirect("admin/identity"); + } +} + diff --git a/modules/gallery/controllers/admin_languages.php b/modules/gallery/controllers/admin_languages.php index d91e5205..27537c7f 100644 --- a/modules/gallery/controllers/admin_languages.php +++ b/modules/gallery/controllers/admin_languages.php @@ -24,7 +24,7 @@ class Admin_Languages_Controller extends Admin_Controller { $v->content->available_locales = locales::available(); $v->content->installed_locales = locales::installed(); $v->content->default_locale = module::get_var("gallery", "default_locale"); - + if (empty($share_translations_form)) { $share_translations_form = $this->_share_translations_form(); } @@ -35,21 +35,21 @@ class Admin_Languages_Controller extends Admin_Controller { public function save() { access::verify_csrf(); - - locales::update_installed($this->input->post("installed_locales")); - - $installed_locales = array_keys(locales::installed()); + + locales::update_installed($this->input->post("installed_locales")); + + $installed_locales = array_keys(locales::installed()); $new_default_locale = $this->input->post("default_locale"); - if (!in_array($new_default_locale, $installed_locales)) { - if (!empty($installed_locales)) { - $new_default_locale = $installed_locales[0]; - } else { - $new_default_locale = "en_US"; - } - } - module::set_var("gallery", "default_locale", $new_default_locale); - - print json_encode(array("result" => "success")); + if (!in_array($new_default_locale, $installed_locales)) { + if (!empty($installed_locales)) { + $new_default_locale = $installed_locales[0]; + } else { + $new_default_locale = "en_US"; + } + } + module::set_var("gallery", "default_locale", $new_default_locale); + + print json_encode(array("result" => "success")); } public function share() { @@ -88,6 +88,8 @@ class Admin_Languages_Controller extends Admin_Controller { message::success(t("Your API key has been changed.")); } else if (!$old_key && $new_key) { message::success(t("Your API key has been saved.")); + } else if ($old_key && $new_key && $old_key == $new_key) { + message::info(t("Your API key was not changed.")); } log::success(t("gallery"), t("l10n_client API key changed.")); @@ -103,16 +105,17 @@ class Admin_Languages_Controller extends Admin_Controller { } private function _share_translations_form() { - $form = new Forge("admin/languages/share", "", "post", array("id" => "gShareTranslationsForm")); + $form = new Forge("admin/languages/share", "", "post", array("id" => "g-share-translations-form")); $group = $form->group("sharing") ->label(t("Sharing your own translations with the Gallery community is easy. Please do!")); $api_key = l10n_client::api_key(); $server_link = l10n_client::server_api_key_url(); $group->input("api_key") ->label(empty($api_key) - ? t("This is a unique key that will allow you to send translations to the remote server. To get your API key go to %server-link.", + ? t("This is a unique key that will allow you to send translations to the remote + server. To get your API key go to %server-link.", array("server-link" => html::mark_clean(html::anchor($server_link)))) - : t("API Key")) + : t("API key")) ->value($api_key) ->error_messages("invalid", t("The API key you provided is invalid.")); $group->submit("save")->value(t("Save settings")); diff --git a/modules/gallery/controllers/admin_sidebar.php b/modules/gallery/controllers/admin_sidebar.php new file mode 100644 index 00000000..77e83bc2 --- /dev/null +++ b/modules/gallery/controllers/admin_sidebar.php @@ -0,0 +1,68 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Admin_Sidebar_Controller extends Admin_Controller { + public function index() { + $view = new Admin_View("admin.html"); + $view->content = new View("admin_sidebar.html"); + $view->content->csrf = access::csrf_token(); + $view->content->available = new View("admin_sidebar_blocks.html"); + $view->content->active = new View("admin_sidebar_blocks.html"); + list($view->content->available->blocks, $view->content->active->blocks) = $this->_get_blocks(); + print $view; + } + + public function update() { + access::verify_csrf(); + + $available_blocks = block_manager::get_available_site_blocks(); + + $active_blocks = array(); + foreach ($this->input->get("block", array()) as $block_id) { + $active_blocks[md5($block_id)] = explode(":", (string) $block_id); + } + block_manager::set_active("site_sidebar", $active_blocks); + + $result = array("result" => "success"); + list($available, $active) = $this->_get_blocks(); + $v = new View("admin_sidebar_blocks.html"); + $v->blocks = $available; + $result["available"] = $v->render(); + $v = new View("admin_sidebar_blocks.html"); + $v->blocks = $active; + $result["active"] = $v->render(); + $message = t("Updated sidebar blocks"); + $result["message"] = (string) $message; + print json_encode($result); + } + + private function _get_blocks() { + $active_blocks = array(); + $available_blocks = block_manager::get_available_site_blocks(); + foreach (block_manager::get_active("site_sidebar") as $block) { + $id = "{$block[0]}:{$block[1]}"; + if (!empty($available_blocks[$id])) { + $active_blocks[$id] = $available_blocks[$id]; + unset($available_blocks[$id]); + } + } + return array($available_blocks, $active_blocks); + } +} + diff --git a/modules/gallery/controllers/admin_theme_options.php b/modules/gallery/controllers/admin_theme_options.php index 8970c3c9..27a67bdb 100644 --- a/modules/gallery/controllers/admin_theme_options.php +++ b/modules/gallery/controllers/admin_theme_options.php @@ -35,9 +35,9 @@ class Admin_Theme_Options_Controller extends Admin_Controller { $thumb_size = $form->edit_theme->thumb_size->value; $thumb_dirty = false; if (module::get_var("gallery", "thumb_size") != $thumb_size) { - graphics::remove_rule("gallery", "thumb", "resize"); + graphics::remove_rule("gallery", "thumb", "gallery_graphics::resize"); graphics::add_rule( - "gallery", "thumb", "resize", + "gallery", "thumb", "gallery_graphics::resize", array("width" => $thumb_size, "height" => $thumb_size, "master" => Image::AUTO), 100); module::set_var("gallery", "thumb_size", $thumb_size); @@ -46,9 +46,9 @@ class Admin_Theme_Options_Controller extends Admin_Controller { $resize_size = $form->edit_theme->resize_size->value; $resize_dirty = false; if (module::get_var("gallery", "resize_size") != $resize_size) { - graphics::remove_rule("gallery", "resize", "resize"); + graphics::remove_rule("gallery", "resize", "gallery_graphics::resize"); graphics::add_rule( - "gallery", "resize", "resize", + "gallery", "resize", "gallery_graphics::resize", array("width" => $resize_size, "height" => $resize_size, "master" => Image::AUTO), 100); module::set_var("gallery", "resize_size", $resize_size); diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 08a60132..4e37649c 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -28,7 +28,8 @@ class Albums_Controller extends Items_Controller { if ($album->id == 1) { $view = new Theme_View("page.html", "login"); $view->page_title = t("Log in to Gallery"); - $view->content = user::get_login_form("login/auth_html"); + $view->content = new View("login_ajax.html"); + $view->content->form = auth::get_login_form("login/auth_html"); print $view; return; } else { @@ -39,7 +40,8 @@ class Albums_Controller extends Items_Controller { $show = $this->input->get("show"); if ($show) { - $index = $album->get_position($show); + $child = ORM::factory("item", $show); + $index = $album->get_position($child); if ($index) { $page = ceil($index / $page_size); if ($page == 1) { @@ -63,6 +65,8 @@ class Albums_Controller extends Items_Controller { } $template = new Theme_View("page.html", "album"); + $template->set_global("page", $page); + $template->set_global("max_pages", $max_pages); $template->set_global("page_size", $page_size); $template->set_global("item", $album); $template->set_global("children", $album->viewable()->children($page_size, $offset)); @@ -109,7 +113,7 @@ class Albums_Controller extends Items_Controller { $this->input->post("name"), $this->input->post("title", $this->input->post("name")), $this->input->post("description"), - user::active()->id, + identity::active_user()->id, $this->input->post("slug")); log::success("content", "Created an album", @@ -144,7 +148,7 @@ class Albums_Controller extends Items_Controller { $_FILES["file"]["name"], $this->input->post("title", $this->input->post("name")), $this->input->post("description"), - user::active()->id); + identity::active_user()->id); log::success("content", "Added a photo", html::anchor("photos/$photo->id", "view photo")); message::success(t("Added photo %photo_title", @@ -198,6 +202,8 @@ class Albums_Controller extends Items_Controller { } if ($valid) { + $watching_album = $album->url() != ($location = parse_url(request::referrer(), PHP_URL_PATH)); + $album->title = $form->edit_item->title->value; $album->description = $form->edit_item->description->value; $album->sort_column = $form->edit_item->sort_order->column->value; @@ -214,7 +220,8 @@ class Albums_Controller extends Items_Controller { array("album_title" => html::purify($album->title)))); print json_encode( - array("result" => "success")); + array("result" => "success", + "location" => $watching_album ? $location : $album->url())); } else { print json_encode( array("result" => "error", diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php index 8cb90c50..acfd6eb9 100644 --- a/modules/gallery/controllers/file_proxy.php +++ b/modules/gallery/controllers/file_proxy.php @@ -32,10 +32,6 @@ class File_Proxy_Controller extends Controller { $request_uri = $this->input->server("REQUEST_URI"); $request_uri = preg_replace("/\?.*/", "", $request_uri); - // Unescape %7E (~), %20 ( ) and %27 (') - // @todo: figure out why we have to do this and unescape everything appropriate - $request_uri = str_replace(array("%7E", "%20", "%27"), array("~", " ", "'"), $request_uri); - // var_uri: http://example.com/gallery3/var/ $var_uri = url::file("var/"); diff --git a/modules/gallery/controllers/l10n_client.php b/modules/gallery/controllers/l10n_client.php index 6e19310b..6db67d3b 100644 --- a/modules/gallery/controllers/l10n_client.php +++ b/modules/gallery/controllers/l10n_client.php @@ -20,7 +20,7 @@ class L10n_Client_Controller extends Controller { public function save() { access::verify_csrf(); - if (!user::active()->admin) { + if (!identity::active_user()->admin) { access::forbidden(); } @@ -85,7 +85,7 @@ class L10n_Client_Controller extends Controller { public function toggle_l10n_mode() { access::verify_csrf(); - if (!user::active()->admin) { + if (!identity::active_user()->admin) { access::forbidden(); } @@ -102,9 +102,9 @@ class L10n_Client_Controller extends Controller { } private static function _l10n_client_search_form() { - $form = new Forge("l10n_client/search", "", "post", array("id" => "gL10nSearchForm")); + $form = new Forge("l10n_client/search", "", "post", array("id" => "g-l10n-search-form")); $group = $form->group("l10n_search"); - $group->input("l10n-search")->id("gL10nSearch"); + $group->input("l10n-search")->id("g-l10n-search"); $group->submit("l10n-search-filter-clear")->value(t("X")); return $form; diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php new file mode 100644 index 00000000..75ee6b9c --- /dev/null +++ b/modules/gallery/controllers/login.php @@ -0,0 +1,81 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Login_Controller extends Controller { + + public function ajax() { + $view = new View("login_ajax.html"); + $view->form = auth::get_login_form("login/auth_ajax"); + print $view; + } + + public function auth_ajax() { + access::verify_csrf(); + + list ($valid, $form) = $this->_auth("login/auth_ajax"); + if ($valid) { + print json_encode( + array("result" => "success")); + } else { + print json_encode( + array("result" => "error", + "form" => $form->__toString())); + } + } + + public function html() { + print auth::get_login_form("login/auth_html"); + } + + public function auth_html() { + access::verify_csrf(); + + list ($valid, $form) = $this->_auth("login/auth_html"); + if ($valid) { + url::redirect(item::root()->abs_url()); + } else { + print $form; + } + } + + private function _auth($url) { + $form = auth::get_login_form($url); + $valid = $form->validate(); + if ($valid) { + $user = identity::lookup_user_by_name($form->login->inputs["name"]->value); + if (empty($user) || !identity::is_correct_password($user, $form->login->password->value)) { + log::warning( + "user", + t("Failed login for %name", + array("name" => $form->login->inputs["name"]->value))); + $form->login->inputs["name"]->add_error("invalid_login", 1); + $valid = false; + } + } + + if ($valid) { + auth::login($user); + } + + // Either way, regenerate the session id to avoid session trapping + Session::instance()->regenerate(); + + return array($valid, $form); + } +}
\ No newline at end of file diff --git a/modules/gallery/controllers/logout.php b/modules/gallery/controllers/logout.php new file mode 100644 index 00000000..2b93655d --- /dev/null +++ b/modules/gallery/controllers/logout.php @@ -0,0 +1,33 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Logout_Controller extends Controller { + public function index() { + auth::logout(); + if ($continue_url = $this->input->get("continue")) { + $item = url::get_item_from_uri($continue_url); + if (access::can("view", $item)) { + // Don't use url::redirect() because it'll call url::site() and munge the continue url. + header("Location: $continue_url"); + } else { + url::redirect(item::root()->abs_url()); + } + } + } +}
\ No newline at end of file diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index 04e15315..5e78376b 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -22,42 +22,33 @@ class Movies_Controller extends Items_Controller { /** * @see REST_Controller::_show($resource) */ - public function _show($photo) { - access::required("view", $photo); + public function _show($movie) { + access::required("view", $movie); - // We sort by id ascending so for now, find sibling info by doing id based queries. - $next_item = ORM::factory("item") - ->viewable() - ->where("parent_id", $photo->parent_id) - ->where("id >", $photo->id) - ->orderby("id", "ASC") - ->find(); - $previous_item = ORM::factory("item") - ->viewable() - ->where("parent_id", $photo->parent_id) - ->where("id <", $photo->id) - ->orderby("id", "DESC") - ->find(); - $position = ORM::factory("item") - ->viewable() - ->where("parent_id", $photo->parent_id) - ->where("id <=", $photo->id) - ->count_all(); + $where = array("type != " => "album"); + $position = $movie->parent()->get_position($movie, $where); + if ($position > 1) { + list ($previous_item, $ignore, $next_item) = + $movie->parent()->children(3, $position - 2, $where); + } else { + $previous_item = null; + list ($next_item) = $movie->parent()->viewable()->children(1, $position, $where); + } $template = new Theme_View("page.html", "movie"); - $template->set_global("item", $photo); + $template->set_global("item", $movie); $template->set_global("children", array()); - $template->set_global("children_count", $photo->children_count()); - $template->set_global("parents", $photo->parents()); - $template->set_global("next_item", $next_item->loaded ? $next_item : null); - $template->set_global("previous_item", $previous_item->loaded ? $previous_item : null); - $template->set_global("sibling_count", $photo->parent()->children_count()); + $template->set_global("children_count", 0); + $template->set_global("parents", $movie->parents()); + $template->set_global("next_item", $next_item); + $template->set_global("previous_item", $previous_item); + $template->set_global("sibling_count", $movie->parent()->viewable()->children_count($where)); $template->set_global("position", $position); $template->content = new View("movie.html"); - $photo->view_count++; - $photo->save(); + $movie->view_count++; + $movie->save(); print $template; } @@ -65,21 +56,32 @@ class Movies_Controller extends Items_Controller { /** * @see REST_Controller::_update($resource) */ - public function _update($photo) { + public function _update($movie) { access::verify_csrf(); - access::required("view", $photo); - access::required("edit", $photo); + access::required("view", $movie); + access::required("edit", $movie); + + $form = movie::get_edit_form($movie); + $valid = $form->validate(); + + if ($valid) { + $new_ext = pathinfo($form->edit_item->filename->value, PATHINFO_EXTENSION); + $old_ext = pathinfo($movie->name, PATHINFO_EXTENSION); + if (strcasecmp($new_ext, $old_ext)) { + $form->edit_item->filename->add_error("illegal_extension", 1); + $valid = false; + } + } - $form = photo::get_edit_form($photo); - if ($valid = $form->validate()) { - if ($form->edit_item->filename->value != $photo->name || - $form->edit_item->slug->value != $photo->slug) { + if ($valid) { + if ($form->edit_item->filename->value != $movie->name || + $form->edit_item->slug->value != $movie->slug) { // Make sure that there's not a name or slug conflict if ($row = Database::instance() ->select(array("name", "slug")) ->from("items") - ->where("parent_id", $photo->parent_id) - ->where("id <>", $photo->id) + ->where("parent_id", $movie->parent_id) + ->where("id <>", $movie->id) ->open_paren() ->where("name", $form->edit_item->filename->value) ->orwhere("slug", $form->edit_item->slug->value) @@ -98,16 +100,16 @@ class Movies_Controller extends Items_Controller { } if ($valid) { - $photo->title = $form->edit_item->title->value; - $photo->description = $form->edit_item->description->value; - $photo->slug = $form->edit_item->slug->value; - $photo->rename($form->edit_item->filename->value); - $photo->save(); - module::event("item_edit_form_completed", $photo, $form); + $movie->title = $form->edit_item->title->value; + $movie->description = $form->edit_item->description->value; + $movie->slug = $form->edit_item->slug->value; + $movie->rename($form->edit_item->filename->value); + $movie->save(); + module::event("item_edit_form_completed", $movie, $form); - log::success("content", "Updated movie", "<a href=\"{$photo->url()}\">view</a>"); + log::success("content", "Updated movie", "<a href=\"{$movie->url()}\">view</a>"); message::success( - t("Saved movie %movie_title", array("movie_title" => $photo->title))); + t("Saved movie %movie_title", array("movie_title" => $movie->title))); print json_encode( array("result" => "success")); @@ -121,9 +123,9 @@ class Movies_Controller extends Items_Controller { /** * @see REST_Controller::_form_edit($resource) */ - public function _form_edit($photo) { - access::required("view", $photo); - access::required("edit", $photo); - print photo::get_edit_form($photo); + public function _form_edit($movie) { + access::required("view", $movie); + access::required("edit", $movie); + print movie::get_edit_form($movie); } } diff --git a/modules/gallery/controllers/packager.php b/modules/gallery/controllers/packager.php index ae87d74b..82c3c938 100644 --- a/modules/gallery/controllers/packager.php +++ b/modules/gallery/controllers/packager.php @@ -62,6 +62,7 @@ class Packager_Controller extends Controller { srand(0); gallery_installer::install(true); + module::load_modules(); foreach (array("user", "comment", "organize", "info", "rss", @@ -75,18 +76,18 @@ class Packager_Controller extends Controller { // We now have a clean install with just the packages that we want. Make sure that the // database is clean too. $i = 1; - foreach (array("blocks_dashboard_sidebar", "blocks_dashboard_center") as $key) { + foreach (array("dashboard_sidebar", "dashboard_center", "site_sidebar") as $key) { $blocks = array(); - foreach (unserialize(module::get_var("gallery", $key)) as $rnd => $value) { + foreach (unserialize(module::get_var("gallery", "blocks_{$key}")) as $rnd => $value) { $blocks[++$i] = $value; } - module::set_var("gallery", $key, serialize($blocks)); + module::set_var("gallery", "blocks_{$key}", serialize($blocks)); } $db = Database::instance(); $db->query("TRUNCATE {sessions}"); $db->query("TRUNCATE {logs}"); - $db->query("DELETE FROM {vars} WHERE `module_name` = 'core' AND `name` = '_cache'"); + $db->query("DELETE FROM {vars} WHERE `module_name` = 'gallery' AND `name` = '_cache'"); $db->update("users", array("password" => ""), array("id" => 1)); $db->update("users", array("password" => ""), array("id" => 2)); diff --git a/modules/gallery/controllers/permissions.php b/modules/gallery/controllers/permissions.php index 8d75862e..99943fbb 100644 --- a/modules/gallery/controllers/permissions.php +++ b/modules/gallery/controllers/permissions.php @@ -51,13 +51,13 @@ class Permissions_Controller extends Controller { function change($command, $group_id, $perm_id, $item_id) { access::verify_csrf(); - $group = ORM::factory("group", $group_id); + $group = identity::lookup_group($group_id); $perm = ORM::factory("permission", $perm_id); $item = ORM::factory("item", $item_id); access::required("view", $item); access::required("edit", $item); - if ($group->loaded && $perm->loaded && $item->loaded) { + if (!empty($group) && $perm->loaded && $item->loaded) { switch($command) { case "allow": access::allow($group, $perm->name, $item); @@ -74,7 +74,7 @@ class Permissions_Controller extends Controller { // If the active user just took away their own edit permissions, give it back. if ($perm->name == "edit") { - if (!access::user_can(user::active(), "edit", $item)) { + if (!access::user_can(identity::active_user(), "edit", $item)) { access::allow($group, $perm->name, $item); } } @@ -84,7 +84,7 @@ class Permissions_Controller extends Controller { private function _get_form($item) { $view = new View("permissions_form.html"); $view->item = $item; - $view->groups = ORM::factory("group")->find_all(); + $view->groups = identity::groups(); $view->permissions = ORM::factory("permission")->find_all(); return $view; } diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 79ad674a..b9adfd90 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -25,23 +25,24 @@ class Photos_Controller extends Items_Controller { public function _show($photo) { access::required("view", $photo); - $position = $photo->parent()->get_position($photo->id); + $where = array("type != " => "album"); + $position = $photo->parent()->get_position($photo, $where); if ($position > 1) { list ($previous_item, $ignore, $next_item) = - $photo->parent()->children(3, $position - 2); + $photo->parent()->children(3, $position - 2, $where); } else { $previous_item = null; - list ($next_item) = $photo->parent()->children(1, $position); + list ($next_item) = $photo->parent()->viewable()->children(1, $position, $where); } $template = new Theme_View("page.html", "photo"); $template->set_global("item", $photo); $template->set_global("children", array()); - $template->set_global("children_count", $photo->children_count()); + $template->set_global("children_count", 0); $template->set_global("parents", $photo->parents()); $template->set_global("next_item", $next_item); $template->set_global("previous_item", $previous_item); - $template->set_global("sibling_count", $photo->parent()->children_count()); + $template->set_global("sibling_count", $photo->parent()->viewable()->children_count($where)); $template->set_global("position", $position); $template->content = new View("photo.html"); @@ -63,7 +64,17 @@ class Photos_Controller extends Items_Controller { $form = photo::get_edit_form($photo); $valid = $form->validate(); - if ($valid = $form->validate()) { + + if ($valid) { + $new_ext = pathinfo($form->edit_item->filename->value, PATHINFO_EXTENSION); + $old_ext = pathinfo($photo->name, PATHINFO_EXTENSION); + if (strcasecmp($new_ext, $old_ext)) { + $form->edit_item->filename->add_error("illegal_extension", 1); + $valid = false; + } + } + + if ($valid) { if ($form->edit_item->filename->value != $photo->name || $form->edit_item->slug->value != $photo->slug) { // Make sure that there's not a name or slug conflict @@ -90,6 +101,8 @@ class Photos_Controller extends Items_Controller { } if ($valid) { + $watching_album = $photo->url() != ($location = parse_url(request::referrer(), PHP_URL_PATH)); + $photo->title = $form->edit_item->title->value; $photo->description = $form->edit_item->description->value; $photo->slug = $form->edit_item->slug->value; @@ -103,7 +116,8 @@ class Photos_Controller extends Items_Controller { array("photo_title" => html::purify($photo->title)))); print json_encode( - array("result" => "success")); + array("result" => "success", + "location" => $watching_album ? $location : $photo->url())); } else { print json_encode( array("result" => "error", diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php index 2ac54754..a1e7dcc3 100644 --- a/modules/gallery/controllers/quick.php +++ b/modules/gallery/controllers/quick.php @@ -36,7 +36,8 @@ class Quick_Controller extends Controller { } if ($degrees) { - graphics::rotate($item->file_path(), $item->file_path(), array("degrees" => $degrees)); + gallery_graphics::rotate($item->file_path(), $item->file_path(), + array("degrees" => $degrees)); list($item->width, $item->height) = getimagesize($item->file_path()); $item->resize_dirty= 1; diff --git a/modules/gallery/controllers/simple_uploader.php b/modules/gallery/controllers/simple_uploader.php index bc508319..d43d2f9d 100644 --- a/modules/gallery/controllers/simple_uploader.php +++ b/modules/gallery/controllers/simple_uploader.php @@ -79,7 +79,7 @@ class Simple_Uploader_Controller extends Controller { print "FILEID: $item->id"; } else { header("HTTP/1.1 400 Bad Request"); - print "ERROR: Invalid Upload"; + print "ERROR: " . t("Invalid Upload"); } } diff --git a/modules/gallery/controllers/upgrader.php b/modules/gallery/controllers/upgrader.php index 0f6cbc2c..48769bce 100644 --- a/modules/gallery/controllers/upgrader.php +++ b/modules/gallery/controllers/upgrader.php @@ -40,10 +40,10 @@ class Upgrader_Controller extends Controller { } $view = new View("upgrader.html"); - $view->can_upgrade = user::active()->admin || $session->get("can_upgrade"); + $view->can_upgrade = identity::active_user()->admin || $session->get("can_upgrade"); $view->upgrade_token = $upgrade_token; $view->available = module::available(); - $view->done = ($available_upgrades == 0); + $view->done = $available_upgrades == 0; print $view; } @@ -52,13 +52,17 @@ class Upgrader_Controller extends Controller { // @todo this may screw up some module installers, but we don't have a better answer at // this time. $_SERVER["HTTP_HOST"] = "example.com"; - } else if (!user::active()->admin && !Session::instance()->get("can_upgrade", false)) { + } else if (!identity::active_user()->admin && !Session::instance()->get("can_upgrade", false)) { access::forbidden(); } - // Upgrade gallery and user first - module::upgrade("gallery"); - module::upgrade("user"); + $available = module::available(); + // Upgrade gallery first + $gallery = $available["gallery"]; + if ($gallery->code_version != $gallery->version) { + module::upgrade("gallery"); + module::activate("gallery"); + } // Then upgrade the rest foreach (module::available() as $id => $module) { diff --git a/modules/gallery/controllers/welcome_message.php b/modules/gallery/controllers/welcome_message.php index 8fd1e0a0..af0d6997 100644 --- a/modules/gallery/controllers/welcome_message.php +++ b/modules/gallery/controllers/welcome_message.php @@ -19,12 +19,12 @@ */ class Welcome_Message_Controller extends Controller { public function index() { - if (!user::active()->admin) { + if (!identity::active_user()->admin) { url::redirect(item::root()->abs_url()); } $v = new View("welcome_message.html"); - $v->user = user::active(); + $v->user = identity::active_user(); print $v; } } |