diff options
Diffstat (limited to 'modules/gallery/controllers')
-rw-r--r-- | modules/gallery/controllers/admin_advanced_settings.php | 2 | ||||
-rw-r--r-- | modules/gallery/controllers/admin_languages.php | 2 | ||||
-rw-r--r-- | modules/gallery/controllers/admin_maintenance.php | 47 | ||||
-rw-r--r-- | modules/gallery/controllers/admin_modules.php | 6 | ||||
-rw-r--r-- | modules/gallery/controllers/admin_themes.php | 7 | ||||
-rw-r--r-- | modules/gallery/controllers/albums.php | 13 | ||||
-rw-r--r-- | modules/gallery/controllers/combined.php | 91 | ||||
-rw-r--r-- | modules/gallery/controllers/file_proxy.php | 5 | ||||
-rw-r--r-- | modules/gallery/controllers/movies.php | 5 | ||||
-rw-r--r-- | modules/gallery/controllers/packager.php | 4 | ||||
-rw-r--r-- | modules/gallery/controllers/photos.php | 3 | ||||
-rw-r--r-- | modules/gallery/controllers/quick.php | 12 | ||||
-rw-r--r-- | modules/gallery/controllers/simple_uploader.php | 30 | ||||
-rw-r--r-- | modules/gallery/controllers/upgrader.php | 11 |
14 files changed, 200 insertions, 38 deletions
diff --git a/modules/gallery/controllers/admin_advanced_settings.php b/modules/gallery/controllers/admin_advanced_settings.php index 79bc1183..64007fdb 100644 --- a/modules/gallery/controllers/admin_advanced_settings.php +++ b/modules/gallery/controllers/admin_advanced_settings.php @@ -46,7 +46,7 @@ class Admin_Advanced_Settings_Controller extends Admin_Controller { module::set_var($module_name, $var_name, Input::instance()->post("value")); message::success( t("Saved value for %var (%module_name)", - array("var" => $var_name, "module_name" => $module_name))); + array("var" => p::clean($var_name), "module_name" => $module_name))); print json_encode(array("result" => "success")); } diff --git a/modules/gallery/controllers/admin_languages.php b/modules/gallery/controllers/admin_languages.php index 4639de89..d1b805da 100644 --- a/modules/gallery/controllers/admin_languages.php +++ b/modules/gallery/controllers/admin_languages.php @@ -119,7 +119,7 @@ class Admin_Languages_Controller extends Admin_Controller { private function _share_translations_form() { $form = new Forge("admin/languages/share", "", "post", array("id" => "gShareTranslationsForm")); $group = $form->group("sharing") - ->label(t("Sharing you own translations with the Gallery community is easy. Please do!")); + ->label(t("Sharing your own translations with the Gallery community is easy. Please do!")); $api_key = l10n_client::api_key(); $server_link = l10n_client::server_api_key_url(); $group->input("api_key") diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php index 7c5934a3..543961a1 100644 --- a/modules/gallery/controllers/admin_maintenance.php +++ b/modules/gallery/controllers/admin_maintenance.php @@ -59,6 +59,8 @@ class Admin_Maintenance_Controller extends Admin_Controller { $view = new View("admin_maintenance_task.html"); $view->task = $task; + $task->log(t("Task %task_name started (task id %task_id)", + array("task_name" => $task->name, "task_id" => $task->id))); log::info("tasks", t("Task %task_name started (task id %task_id)", array("task_name" => $task->name, "task_id" => $task->id)), html::anchor("admin/maintenance", t("maintenance"))); @@ -79,6 +81,8 @@ class Admin_Maintenance_Controller extends Admin_Controller { $view = new View("admin_maintenance_task.html"); $view->task = $task; + $task->log(t("Task %task_name resumed (task id %task_id)", + array("task_name" => $task->name, "task_id" => $task->id))); log::info("tasks", t("Task %task_name resumed (task id %task_id)", array("task_name" => $task->name, "task_id" => $task->id)), html::anchor("admin/maintenance", t("maintenance"))); @@ -86,6 +90,40 @@ class Admin_Maintenance_Controller extends Admin_Controller { } /** + * Show the task log + * @param string $task_id + */ + public function show_log($task_id) { + access::verify_csrf(); + + $task = ORM::factory("task", $task_id); + if (!$task->loaded) { + throw new Exception("@todo MISSING_TASK"); + } + $view = new View("admin_maintenance_show_log.html"); + $view->task = $task; + + print $view; + } + + /** + * Save the task log + * @param string $task_id + */ + public function save_log($task_id) { + access::verify_csrf(); + + $task = ORM::factory("task", $task_id); + if (!$task->loaded) { + throw new Exception("@todo MISSING_TASK"); + } + + header("Content-Type: application/text"); + header("Content-Disposition: filename=gallery3_task_log.txt"); + print $task->get_log(); + } + + /** * Cancel a task. * @param string $task_id */ @@ -123,7 +161,14 @@ class Admin_Maintenance_Controller extends Admin_Controller { public function remove_finished_tasks() { access::verify_csrf(); - Database::instance()->delete("tasks", array("done" => 1)); + + // Do it the long way so we can call delete and remove the cache. + $finished = ORM::factory("task") + ->where(array("done" => 1)) + ->find_all(); + foreach ($finished as $task) { + task::remove($task->id); + } message::success(t("All finished tasks removed")); url::redirect("admin/maintenance"); } diff --git a/modules/gallery/controllers/admin_modules.php b/modules/gallery/controllers/admin_modules.php index ed1f7665..af6dbbdc 100644 --- a/modules/gallery/controllers/admin_modules.php +++ b/modules/gallery/controllers/admin_modules.php @@ -40,11 +40,11 @@ class Admin_Modules_Controller extends Admin_Controller { $desired = $this->input->post($module_name) == 1; if ($info->active && !$desired && module::is_active($module_name)) { $changes->deactivate[] = $module_name; - $deactivated_names[] = $info->name; + $deactivated_names[] = t($info->name); module::deactivate($module_name); } else if (!$info->active && $desired && !module::is_active($module_name)) { $changes->activate[] = $module_name; - $activated_names[] = $info->name; + $activated_names[] = t($info->name); if (module::is_installed($module_name)) { module::upgrade($module_name); } else { @@ -56,7 +56,7 @@ class Admin_Modules_Controller extends Admin_Controller { module::event("module_change", $changes); - // @todo this type of collation is questionable from a i18n perspective + // @todo this type of collation is questionable from an i18n perspective if ($activated_names) { message::success(t("Activated: %names", array("names" => join(", ", $activated_names)))); } diff --git a/modules/gallery/controllers/admin_themes.php b/modules/gallery/controllers/admin_themes.php index aef6c2d1..da001c55 100644 --- a/modules/gallery/controllers/admin_themes.php +++ b/modules/gallery/controllers/admin_themes.php @@ -36,6 +36,9 @@ class Admin_Themes_Controller extends Admin_Controller { $file = THEMEPATH . "$theme_name/theme.info"; $theme_info = new ArrayObject(parse_ini_file($file), ArrayObject::ARRAY_AS_PROPS); + $theme_info->description = t($theme_info->description); + $theme_info->name = t($theme_info->name); + $themes[$theme_name] = $theme_info; } return $themes; @@ -66,11 +69,11 @@ class Admin_Themes_Controller extends Admin_Controller { if ($type == "admin" && $info->admin) { module::set_var("gallery", "active_admin_theme", $theme_name); message::success(t("Successfully changed your admin theme to <b>%theme_name</b>", - array("theme_name" => $info->name))); + array("theme_name" => t($info->name)))); } else if ($type == "site" && $info->site) { module::set_var("gallery", "active_site_theme", $theme_name); message::success(t("Successfully changed your Gallery theme to <b>%theme_name</b>", - array("theme_name" => $info->name))); + array("theme_name" => t($info->name)))); } url::redirect("admin/themes"); diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 22f50fb8..e6d01b90 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -111,7 +111,8 @@ class Albums_Controller extends Items_Controller { log::success("content", "Created an album", html::anchor("albums/$new_album->id", "view album")); - message::success(t("Created album %album_title", array("album_title" => $new_album->title))); + message::success( + t("Created album %album_title", array("album_title" => p::clean($new_album->title)))); print json_encode( array("result" => "success", @@ -143,7 +144,8 @@ class Albums_Controller extends Items_Controller { user::active()->id); log::success("content", "Added a photo", html::anchor("photos/$photo->id", "view photo")); - message::success(t("Added photo %photo_title", array("photo_title" => $photo->title))); + message::success( + t("Added photo %photo_title", array("photo_title" => p::clean($photo->title)))); print json_encode( array("result" => "success", @@ -179,10 +181,6 @@ class Albums_Controller extends Items_Controller { } } - // @todo - // @todo we need to make sure that filename / dirname components can't contain a / - // @todo - if ($valid) { $orig = clone $album; $album->title = $form->edit_album->title->value; @@ -197,7 +195,8 @@ class Albums_Controller extends Items_Controller { module::event("item_updated", $orig, $album); log::success("content", "Updated album", "<a href=\"albums/$album->id\">view</a>"); - message::success(t("Saved album %album_title", array("album_title" => $album->title))); + message::success( + t("Saved album %album_title", array("album_title" => p::clean($album->title)))); print json_encode( array("result" => "success", diff --git a/modules/gallery/controllers/combined.php b/modules/gallery/controllers/combined.php new file mode 100644 index 00000000..925d052d --- /dev/null +++ b/modules/gallery/controllers/combined.php @@ -0,0 +1,91 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Combined_Controller extends Controller { + /** + * Return the combined Javascript bundle associated with the given key. + */ + public function javascript($key) { + $key = substr($key, 0, strlen($key) - 3); // strip off the trailing .js + return $this->_emit("javascript", $key); + } + + /** + * Return the combined CSS bundle associated with the given key. + */ + public function css($key) { + $key = substr($key, 0, strlen($key) - 4); // strip off the trailing .css + return $this->_emit("css", $key); + } + + /** + * Print out a cached entry. + * @param string the combined entry type (either "javascript" or "css") + * @param string the key (typically an md5 sum) + */ + private function _emit($type, $key) { + $input = Input::instance(); + + // Our data is immutable, so if they already have a copy then it needs no updating. + if ($input->server("HTTP_IF_MODIFIED_SINCE")) { + header('HTTP/1.0 304 Not Modified'); + header("Expires: Tue, 19 Jan 2038 00:00:00 GMT"); + header("Cache-Control: max-age=2678400"); + header('Pragma: public'); + return; + } + + if (empty($key)) { + Kohana::show_404(); + } + + // We don't need to save the session for this request + Session::abort_save(); + + $cache = Cache::instance(); + $use_gzip = function_exists("gzencode") && + (strpos($input->server("HTTP_ACCEPT_ENCODING"), "gzip") !== false); + if ($use_gzip && $content = $cache->get("{$key}_gz")) { + header("Content-Encoding: gzip"); + } else { + // Fall back to non-gzipped if we have to + $content = $cache->get($key); + } + + if (empty($content)) { + Kohana::show_404(); + } + + // $type is either 'javascript' or 'css' + if ($type == "javascript") { + header("Content-Type: application/javascript; charset=UTF-8"); + } else { + header("Content-Type: text/css; charset=UTF-8"); + } + header("Expires: Tue, 19 Jan 2038 00:00:00 GMT"); + header("Cache-Control: max-age=2678400"); + header('Pragma: public'); + header("Last-Modified: " . gmdate("D, d M Y H:i:s T", time())); + + Kohana::close_buffers(false); + print $content; + } + +} + diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php index 0d64bcd9..c5b34033 100644 --- a/modules/gallery/controllers/file_proxy.php +++ b/modules/gallery/controllers/file_proxy.php @@ -32,8 +32,9 @@ class File_Proxy_Controller extends Controller { $request_uri = $this->input->server("REQUEST_URI"); $request_uri = preg_replace("/\?.*/", "", $request_uri); - // Unescape %7E ("~") and %20 (" ") - $request_uri = str_replace(array("%7E", "%20"), array("~", " "), $request_uri); + // Unescape %7E (~), %20 ( ) and %27 (') + // @todo: figure out why we have to do this and unescape everything appropriate + $request_uri = str_replace(array("%7E", "%20", "%27"), array("~", " ", "'"), $request_uri); // var_uri: http://example.com/gallery3/var/ $var_uri = url::file("var/"); diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index 86b0f177..30a5d78c 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -44,7 +44,7 @@ class Movies_Controller extends Items_Controller { ->where("id <=", $photo->id) ->count_all(); - $template = new Theme_View("page.html", "photo"); + $template = new Theme_View("page.html", "movie"); $template->set_global("item", $photo); $template->set_global("children", array()); $template->set_global("children_count", $photo->children_count()); @@ -94,7 +94,8 @@ class Movies_Controller extends Items_Controller { module::event("item_updated", $orig, $photo); log::success("content", "Updated photo", "<a href=\"photos/$photo->id\">view</a>"); - message::success(t("Saved photo %photo_title", array("photo_title" => $photo->title))); + message::success( + t("Saved photo %photo_title", array("photo_title" => p::clean($photo->title)))); print json_encode( array("result" => "success", diff --git a/modules/gallery/controllers/packager.php b/modules/gallery/controllers/packager.php index da0a7983..7b4d68f6 100644 --- a/modules/gallery/controllers/packager.php +++ b/modules/gallery/controllers/packager.php @@ -98,7 +98,7 @@ class Packager_Controller extends Controller { print "$sql_file is not writeable"; return; } - $command = "mysqldump --compact --add-drop-table -h{$conn['host']} " . + $command = "mysqldump --compact --skip-extended-insert --add-drop-table -h{$conn['host']} " . "-u{$conn['user']} $pass {$conn['database']} > $sql_file"; exec($command, $output, $status); if ($status) { @@ -153,7 +153,7 @@ class Packager_Controller extends Controller { $paths[] = "VARPATH . \"" . substr($name, strlen(VARPATH)) . "\""; } else { // @todo: serialize non-directories - print "Unknown file: $name"; + print "IGNORING FILE: $name\n"; return; } } diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index f5be5d59..6a62e859 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -87,7 +87,8 @@ class Photos_Controller extends Items_Controller { module::event("item_updated", $orig, $photo); log::success("content", "Updated photo", "<a href=\"photos/$photo->id\">view</a>"); - message::success(t("Saved photo %photo_title", array("photo_title" => $photo->title))); + message::success( + t("Saved photo %photo_title", array("photo_title" => p::clean($photo->title)))); print json_encode( array("result" => "success", diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php index e89d9701..de027c1b 100644 --- a/modules/gallery/controllers/quick.php +++ b/modules/gallery/controllers/quick.php @@ -89,7 +89,7 @@ class Quick_Controller extends Controller { access::required("view", $item->parent()); access::required("edit", $item->parent()); - $msg = t("Made <b>%title</b> this album's cover", array("title" => $item->title)); + $msg = t("Made <b>%title</b> this album's cover", array("title" => p::purify($item->title))); item::make_album_cover($item); message::success($msg); @@ -105,9 +105,10 @@ class Quick_Controller extends Controller { if ($item->is_album()) { print t( "Delete the album <b>%title</b>? All photos and movies in the album will also be deleted.", - array("title" => $item->title)); + array("title" => p::purify($item->title))); } else { - print t("Are you sure you want to delete <b>%title</b>?", array("title" => $item->title)); + print t("Are you sure you want to delete <b>%title</b>?", + array("title" => p::purify($item->title))); } $form = item::get_delete_form($item); @@ -121,11 +122,12 @@ class Quick_Controller extends Controller { access::required("edit", $item); if ($item->is_album()) { - $msg = t("Deleted album <b>%title</b>", array("title" => $item->title)); + $msg = t("Deleted album <b>%title</b>", array("title" => p::purify($item->title))); } else { - $msg = t("Deleted photo <b>%title</b>", array("title" => $item->title)); + $msg = t("Deleted photo <b>%title</b>", array("title" => p::purify($item->title))); } + $parent = $item->parent(); $item->delete(); message::success($msg); diff --git a/modules/gallery/controllers/simple_uploader.php b/modules/gallery/controllers/simple_uploader.php index e68df2b8..75a7b810 100644 --- a/modules/gallery/controllers/simple_uploader.php +++ b/modules/gallery/controllers/simple_uploader.php @@ -1,3 +1,4 @@ + <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor @@ -22,6 +23,9 @@ class Simple_Uploader_Controller extends Controller { $item = ORM::factory("item", $id); access::required("view", $item); access::required("add", $item); + if (!$item->is_album()) { + $item = $item->parent(); + } $v = new View("simple_uploader.html"); $v->item = $item; @@ -40,7 +44,7 @@ class Simple_Uploader_Controller extends Controller { $file_validation = new Validation($_FILES); $file_validation->add_rules( - "Filedata", "upload::valid", "upload::type[gif,jpg,jpeg,png,flv,mp4]"); + "Filedata", "upload::valid", "upload::required", "upload::type[gif,jpg,jpeg,png,flv,mp4]"); if ($file_validation->validate()) { // SimpleUploader.swf does not yet call /start directly, so simulate it here for now. if (!batch::in_progress()) { @@ -51,24 +55,32 @@ class Simple_Uploader_Controller extends Controller { try { $name = substr(basename($temp_filename), 10); // Skip unique identifier Kohana adds $title = item::convert_filename_to_title($name); - $path_info = pathinfo($temp_filename); + $path_info = @pathinfo($temp_filename); if (array_key_exists("extension", $path_info) && in_array(strtolower($path_info["extension"]), array("flv", "mp4"))) { - $movie = movie::create($album, $temp_filename, $name, $title); + $item = movie::create($album, $temp_filename, $name, $title); log::success("content", t("Added a movie"), - html::anchor("movies/$movie->id", t("view movie"))); + html::anchor("movies/$item->id", t("view movie"))); } else { - $photo = photo::create($album, $temp_filename, $name, $title); + $item = photo::create($album, $temp_filename, $name, $title); log::success("content", t("Added a photo"), - html::anchor("photos/$photo->id", t("view photo"))); + html::anchor("photos/$item->id", t("view photo"))); } } catch (Exception $e) { - unlink($temp_filename); - throw $e; + Kohana::log("alert", $e->__toString()); + if (file_exists($temp_filename)) { + unlink($temp_filename); + } + header("HTTP/1.1 500 Internal Server Error"); + print "ERROR:" . $e->getMessage(); + return; } unlink($temp_filename); + print "FILEID: $item->id"; + } else { + header("HTTP/1.1 400 Bad Request"); + print "ERROR: Invalid Upload"; } - print "File Received"; } public function finish() { diff --git a/modules/gallery/controllers/upgrader.php b/modules/gallery/controllers/upgrader.php index 91952fa9..0f6cbc2c 100644 --- a/modules/gallery/controllers/upgrader.php +++ b/modules/gallery/controllers/upgrader.php @@ -32,11 +32,18 @@ class Upgrader_Controller extends Controller { @unlink(TMPPATH . $upgrade_token); } + $available_upgrades = 0; + foreach (module::available() as $module) { + if ($module->version && $module->version != $module->code_version) { + $available_upgrades++; + } + } + $view = new View("upgrader.html"); $view->can_upgrade = user::active()->admin || $session->get("can_upgrade"); $view->upgrade_token = $upgrade_token; $view->available = module::available(); - $view->done = Input::instance()->get("done"); + $view->done = ($available_upgrades == 0); print $view; } @@ -67,7 +74,7 @@ class Upgrader_Controller extends Controller { if (php_sapi_name() == "cli") { print "Upgrade complete\n"; } else { - url::redirect("upgrader?done=1"); + url::redirect("upgrader"); } } } |