summaryrefslogtreecommitdiff
path: root/modules/gallery/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'modules/gallery/controllers')
-rw-r--r--modules/gallery/controllers/admin_advanced_settings.php2
-rw-r--r--modules/gallery/controllers/admin_languages.php2
-rw-r--r--modules/gallery/controllers/admin_maintenance.php47
-rw-r--r--modules/gallery/controllers/admin_modules.php6
-rw-r--r--modules/gallery/controllers/admin_themes.php7
-rw-r--r--modules/gallery/controllers/albums.php13
-rw-r--r--modules/gallery/controllers/combined.php91
-rw-r--r--modules/gallery/controllers/file_proxy.php5
-rw-r--r--modules/gallery/controllers/movies.php5
-rw-r--r--modules/gallery/controllers/packager.php4
-rw-r--r--modules/gallery/controllers/photos.php3
-rw-r--r--modules/gallery/controllers/quick.php12
-rw-r--r--modules/gallery/controllers/simple_uploader.php30
-rw-r--r--modules/gallery/controllers/upgrader.php11
14 files changed, 200 insertions, 38 deletions
diff --git a/modules/gallery/controllers/admin_advanced_settings.php b/modules/gallery/controllers/admin_advanced_settings.php
index 79bc1183..64007fdb 100644
--- a/modules/gallery/controllers/admin_advanced_settings.php
+++ b/modules/gallery/controllers/admin_advanced_settings.php
@@ -46,7 +46,7 @@ class Admin_Advanced_Settings_Controller extends Admin_Controller {
module::set_var($module_name, $var_name, Input::instance()->post("value"));
message::success(
t("Saved value for %var (%module_name)",
- array("var" => $var_name, "module_name" => $module_name)));
+ array("var" => p::clean($var_name), "module_name" => $module_name)));
print json_encode(array("result" => "success"));
}
diff --git a/modules/gallery/controllers/admin_languages.php b/modules/gallery/controllers/admin_languages.php
index 4639de89..d1b805da 100644
--- a/modules/gallery/controllers/admin_languages.php
+++ b/modules/gallery/controllers/admin_languages.php
@@ -119,7 +119,7 @@ class Admin_Languages_Controller extends Admin_Controller {
private function _share_translations_form() {
$form = new Forge("admin/languages/share", "", "post", array("id" => "gShareTranslationsForm"));
$group = $form->group("sharing")
- ->label(t("Sharing you own translations with the Gallery community is easy. Please do!"));
+ ->label(t("Sharing your own translations with the Gallery community is easy. Please do!"));
$api_key = l10n_client::api_key();
$server_link = l10n_client::server_api_key_url();
$group->input("api_key")
diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php
index 7c5934a3..543961a1 100644
--- a/modules/gallery/controllers/admin_maintenance.php
+++ b/modules/gallery/controllers/admin_maintenance.php
@@ -59,6 +59,8 @@ class Admin_Maintenance_Controller extends Admin_Controller {
$view = new View("admin_maintenance_task.html");
$view->task = $task;
+ $task->log(t("Task %task_name started (task id %task_id)",
+ array("task_name" => $task->name, "task_id" => $task->id)));
log::info("tasks", t("Task %task_name started (task id %task_id)",
array("task_name" => $task->name, "task_id" => $task->id)),
html::anchor("admin/maintenance", t("maintenance")));
@@ -79,6 +81,8 @@ class Admin_Maintenance_Controller extends Admin_Controller {
$view = new View("admin_maintenance_task.html");
$view->task = $task;
+ $task->log(t("Task %task_name resumed (task id %task_id)",
+ array("task_name" => $task->name, "task_id" => $task->id)));
log::info("tasks", t("Task %task_name resumed (task id %task_id)",
array("task_name" => $task->name, "task_id" => $task->id)),
html::anchor("admin/maintenance", t("maintenance")));
@@ -86,6 +90,40 @@ class Admin_Maintenance_Controller extends Admin_Controller {
}
/**
+ * Show the task log
+ * @param string $task_id
+ */
+ public function show_log($task_id) {
+ access::verify_csrf();
+
+ $task = ORM::factory("task", $task_id);
+ if (!$task->loaded) {
+ throw new Exception("@todo MISSING_TASK");
+ }
+ $view = new View("admin_maintenance_show_log.html");
+ $view->task = $task;
+
+ print $view;
+ }
+
+ /**
+ * Save the task log
+ * @param string $task_id
+ */
+ public function save_log($task_id) {
+ access::verify_csrf();
+
+ $task = ORM::factory("task", $task_id);
+ if (!$task->loaded) {
+ throw new Exception("@todo MISSING_TASK");
+ }
+
+ header("Content-Type: application/text");
+ header("Content-Disposition: filename=gallery3_task_log.txt");
+ print $task->get_log();
+ }
+
+ /**
* Cancel a task.
* @param string $task_id
*/
@@ -123,7 +161,14 @@ class Admin_Maintenance_Controller extends Admin_Controller {
public function remove_finished_tasks() {
access::verify_csrf();
- Database::instance()->delete("tasks", array("done" => 1));
+
+ // Do it the long way so we can call delete and remove the cache.
+ $finished = ORM::factory("task")
+ ->where(array("done" => 1))
+ ->find_all();
+ foreach ($finished as $task) {
+ task::remove($task->id);
+ }
message::success(t("All finished tasks removed"));
url::redirect("admin/maintenance");
}
diff --git a/modules/gallery/controllers/admin_modules.php b/modules/gallery/controllers/admin_modules.php
index ed1f7665..af6dbbdc 100644
--- a/modules/gallery/controllers/admin_modules.php
+++ b/modules/gallery/controllers/admin_modules.php
@@ -40,11 +40,11 @@ class Admin_Modules_Controller extends Admin_Controller {
$desired = $this->input->post($module_name) == 1;
if ($info->active && !$desired && module::is_active($module_name)) {
$changes->deactivate[] = $module_name;
- $deactivated_names[] = $info->name;
+ $deactivated_names[] = t($info->name);
module::deactivate($module_name);
} else if (!$info->active && $desired && !module::is_active($module_name)) {
$changes->activate[] = $module_name;
- $activated_names[] = $info->name;
+ $activated_names[] = t($info->name);
if (module::is_installed($module_name)) {
module::upgrade($module_name);
} else {
@@ -56,7 +56,7 @@ class Admin_Modules_Controller extends Admin_Controller {
module::event("module_change", $changes);
- // @todo this type of collation is questionable from a i18n perspective
+ // @todo this type of collation is questionable from an i18n perspective
if ($activated_names) {
message::success(t("Activated: %names", array("names" => join(", ", $activated_names))));
}
diff --git a/modules/gallery/controllers/admin_themes.php b/modules/gallery/controllers/admin_themes.php
index aef6c2d1..da001c55 100644
--- a/modules/gallery/controllers/admin_themes.php
+++ b/modules/gallery/controllers/admin_themes.php
@@ -36,6 +36,9 @@ class Admin_Themes_Controller extends Admin_Controller {
$file = THEMEPATH . "$theme_name/theme.info";
$theme_info = new ArrayObject(parse_ini_file($file), ArrayObject::ARRAY_AS_PROPS);
+ $theme_info->description = t($theme_info->description);
+ $theme_info->name = t($theme_info->name);
+
$themes[$theme_name] = $theme_info;
}
return $themes;
@@ -66,11 +69,11 @@ class Admin_Themes_Controller extends Admin_Controller {
if ($type == "admin" && $info->admin) {
module::set_var("gallery", "active_admin_theme", $theme_name);
message::success(t("Successfully changed your admin theme to <b>%theme_name</b>",
- array("theme_name" => $info->name)));
+ array("theme_name" => t($info->name))));
} else if ($type == "site" && $info->site) {
module::set_var("gallery", "active_site_theme", $theme_name);
message::success(t("Successfully changed your Gallery theme to <b>%theme_name</b>",
- array("theme_name" => $info->name)));
+ array("theme_name" => t($info->name))));
}
url::redirect("admin/themes");
diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php
index 22f50fb8..e6d01b90 100644
--- a/modules/gallery/controllers/albums.php
+++ b/modules/gallery/controllers/albums.php
@@ -111,7 +111,8 @@ class Albums_Controller extends Items_Controller {
log::success("content", "Created an album",
html::anchor("albums/$new_album->id", "view album"));
- message::success(t("Created album %album_title", array("album_title" => $new_album->title)));
+ message::success(
+ t("Created album %album_title", array("album_title" => p::clean($new_album->title))));
print json_encode(
array("result" => "success",
@@ -143,7 +144,8 @@ class Albums_Controller extends Items_Controller {
user::active()->id);
log::success("content", "Added a photo", html::anchor("photos/$photo->id", "view photo"));
- message::success(t("Added photo %photo_title", array("photo_title" => $photo->title)));
+ message::success(
+ t("Added photo %photo_title", array("photo_title" => p::clean($photo->title))));
print json_encode(
array("result" => "success",
@@ -179,10 +181,6 @@ class Albums_Controller extends Items_Controller {
}
}
- // @todo
- // @todo we need to make sure that filename / dirname components can't contain a /
- // @todo
-
if ($valid) {
$orig = clone $album;
$album->title = $form->edit_album->title->value;
@@ -197,7 +195,8 @@ class Albums_Controller extends Items_Controller {
module::event("item_updated", $orig, $album);
log::success("content", "Updated album", "<a href=\"albums/$album->id\">view</a>");
- message::success(t("Saved album %album_title", array("album_title" => $album->title)));
+ message::success(
+ t("Saved album %album_title", array("album_title" => p::clean($album->title))));
print json_encode(
array("result" => "success",
diff --git a/modules/gallery/controllers/combined.php b/modules/gallery/controllers/combined.php
new file mode 100644
index 00000000..925d052d
--- /dev/null
+++ b/modules/gallery/controllers/combined.php
@@ -0,0 +1,91 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+class Combined_Controller extends Controller {
+ /**
+ * Return the combined Javascript bundle associated with the given key.
+ */
+ public function javascript($key) {
+ $key = substr($key, 0, strlen($key) - 3); // strip off the trailing .js
+ return $this->_emit("javascript", $key);
+ }
+
+ /**
+ * Return the combined CSS bundle associated with the given key.
+ */
+ public function css($key) {
+ $key = substr($key, 0, strlen($key) - 4); // strip off the trailing .css
+ return $this->_emit("css", $key);
+ }
+
+ /**
+ * Print out a cached entry.
+ * @param string the combined entry type (either "javascript" or "css")
+ * @param string the key (typically an md5 sum)
+ */
+ private function _emit($type, $key) {
+ $input = Input::instance();
+
+ // Our data is immutable, so if they already have a copy then it needs no updating.
+ if ($input->server("HTTP_IF_MODIFIED_SINCE")) {
+ header('HTTP/1.0 304 Not Modified');
+ header("Expires: Tue, 19 Jan 2038 00:00:00 GMT");
+ header("Cache-Control: max-age=2678400");
+ header('Pragma: public');
+ return;
+ }
+
+ if (empty($key)) {
+ Kohana::show_404();
+ }
+
+ // We don't need to save the session for this request
+ Session::abort_save();
+
+ $cache = Cache::instance();
+ $use_gzip = function_exists("gzencode") &&
+ (strpos($input->server("HTTP_ACCEPT_ENCODING"), "gzip") !== false);
+ if ($use_gzip && $content = $cache->get("{$key}_gz")) {
+ header("Content-Encoding: gzip");
+ } else {
+ // Fall back to non-gzipped if we have to
+ $content = $cache->get($key);
+ }
+
+ if (empty($content)) {
+ Kohana::show_404();
+ }
+
+ // $type is either 'javascript' or 'css'
+ if ($type == "javascript") {
+ header("Content-Type: application/javascript; charset=UTF-8");
+ } else {
+ header("Content-Type: text/css; charset=UTF-8");
+ }
+ header("Expires: Tue, 19 Jan 2038 00:00:00 GMT");
+ header("Cache-Control: max-age=2678400");
+ header('Pragma: public');
+ header("Last-Modified: " . gmdate("D, d M Y H:i:s T", time()));
+
+ Kohana::close_buffers(false);
+ print $content;
+ }
+
+}
+
diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php
index 0d64bcd9..c5b34033 100644
--- a/modules/gallery/controllers/file_proxy.php
+++ b/modules/gallery/controllers/file_proxy.php
@@ -32,8 +32,9 @@ class File_Proxy_Controller extends Controller {
$request_uri = $this->input->server("REQUEST_URI");
$request_uri = preg_replace("/\?.*/", "", $request_uri);
- // Unescape %7E ("~") and %20 (" ")
- $request_uri = str_replace(array("%7E", "%20"), array("~", " "), $request_uri);
+ // Unescape %7E (~), %20 ( ) and %27 (')
+ // @todo: figure out why we have to do this and unescape everything appropriate
+ $request_uri = str_replace(array("%7E", "%20", "%27"), array("~", " ", "'"), $request_uri);
// var_uri: http://example.com/gallery3/var/
$var_uri = url::file("var/");
diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php
index 86b0f177..30a5d78c 100644
--- a/modules/gallery/controllers/movies.php
+++ b/modules/gallery/controllers/movies.php
@@ -44,7 +44,7 @@ class Movies_Controller extends Items_Controller {
->where("id <=", $photo->id)
->count_all();
- $template = new Theme_View("page.html", "photo");
+ $template = new Theme_View("page.html", "movie");
$template->set_global("item", $photo);
$template->set_global("children", array());
$template->set_global("children_count", $photo->children_count());
@@ -94,7 +94,8 @@ class Movies_Controller extends Items_Controller {
module::event("item_updated", $orig, $photo);
log::success("content", "Updated photo", "<a href=\"photos/$photo->id\">view</a>");
- message::success(t("Saved photo %photo_title", array("photo_title" => $photo->title)));
+ message::success(
+ t("Saved photo %photo_title", array("photo_title" => p::clean($photo->title))));
print json_encode(
array("result" => "success",
diff --git a/modules/gallery/controllers/packager.php b/modules/gallery/controllers/packager.php
index da0a7983..7b4d68f6 100644
--- a/modules/gallery/controllers/packager.php
+++ b/modules/gallery/controllers/packager.php
@@ -98,7 +98,7 @@ class Packager_Controller extends Controller {
print "$sql_file is not writeable";
return;
}
- $command = "mysqldump --compact --add-drop-table -h{$conn['host']} " .
+ $command = "mysqldump --compact --skip-extended-insert --add-drop-table -h{$conn['host']} " .
"-u{$conn['user']} $pass {$conn['database']} > $sql_file";
exec($command, $output, $status);
if ($status) {
@@ -153,7 +153,7 @@ class Packager_Controller extends Controller {
$paths[] = "VARPATH . \"" . substr($name, strlen(VARPATH)) . "\"";
} else {
// @todo: serialize non-directories
- print "Unknown file: $name";
+ print "IGNORING FILE: $name\n";
return;
}
}
diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php
index f5be5d59..6a62e859 100644
--- a/modules/gallery/controllers/photos.php
+++ b/modules/gallery/controllers/photos.php
@@ -87,7 +87,8 @@ class Photos_Controller extends Items_Controller {
module::event("item_updated", $orig, $photo);
log::success("content", "Updated photo", "<a href=\"photos/$photo->id\">view</a>");
- message::success(t("Saved photo %photo_title", array("photo_title" => $photo->title)));
+ message::success(
+ t("Saved photo %photo_title", array("photo_title" => p::clean($photo->title))));
print json_encode(
array("result" => "success",
diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php
index e89d9701..de027c1b 100644
--- a/modules/gallery/controllers/quick.php
+++ b/modules/gallery/controllers/quick.php
@@ -89,7 +89,7 @@ class Quick_Controller extends Controller {
access::required("view", $item->parent());
access::required("edit", $item->parent());
- $msg = t("Made <b>%title</b> this album's cover", array("title" => $item->title));
+ $msg = t("Made <b>%title</b> this album's cover", array("title" => p::purify($item->title)));
item::make_album_cover($item);
message::success($msg);
@@ -105,9 +105,10 @@ class Quick_Controller extends Controller {
if ($item->is_album()) {
print t(
"Delete the album <b>%title</b>? All photos and movies in the album will also be deleted.",
- array("title" => $item->title));
+ array("title" => p::purify($item->title)));
} else {
- print t("Are you sure you want to delete <b>%title</b>?", array("title" => $item->title));
+ print t("Are you sure you want to delete <b>%title</b>?",
+ array("title" => p::purify($item->title)));
}
$form = item::get_delete_form($item);
@@ -121,11 +122,12 @@ class Quick_Controller extends Controller {
access::required("edit", $item);
if ($item->is_album()) {
- $msg = t("Deleted album <b>%title</b>", array("title" => $item->title));
+ $msg = t("Deleted album <b>%title</b>", array("title" => p::purify($item->title)));
} else {
- $msg = t("Deleted photo <b>%title</b>", array("title" => $item->title));
+ $msg = t("Deleted photo <b>%title</b>", array("title" => p::purify($item->title)));
}
+ $parent = $item->parent();
$item->delete();
message::success($msg);
diff --git a/modules/gallery/controllers/simple_uploader.php b/modules/gallery/controllers/simple_uploader.php
index e68df2b8..75a7b810 100644
--- a/modules/gallery/controllers/simple_uploader.php
+++ b/modules/gallery/controllers/simple_uploader.php
@@ -1,3 +1,4 @@
+
<?php defined("SYSPATH") or die("No direct script access.");
/**
* Gallery - a web based photo album viewer and editor
@@ -22,6 +23,9 @@ class Simple_Uploader_Controller extends Controller {
$item = ORM::factory("item", $id);
access::required("view", $item);
access::required("add", $item);
+ if (!$item->is_album()) {
+ $item = $item->parent();
+ }
$v = new View("simple_uploader.html");
$v->item = $item;
@@ -40,7 +44,7 @@ class Simple_Uploader_Controller extends Controller {
$file_validation = new Validation($_FILES);
$file_validation->add_rules(
- "Filedata", "upload::valid", "upload::type[gif,jpg,jpeg,png,flv,mp4]");
+ "Filedata", "upload::valid", "upload::required", "upload::type[gif,jpg,jpeg,png,flv,mp4]");
if ($file_validation->validate()) {
// SimpleUploader.swf does not yet call /start directly, so simulate it here for now.
if (!batch::in_progress()) {
@@ -51,24 +55,32 @@ class Simple_Uploader_Controller extends Controller {
try {
$name = substr(basename($temp_filename), 10); // Skip unique identifier Kohana adds
$title = item::convert_filename_to_title($name);
- $path_info = pathinfo($temp_filename);
+ $path_info = @pathinfo($temp_filename);
if (array_key_exists("extension", $path_info) &&
in_array(strtolower($path_info["extension"]), array("flv", "mp4"))) {
- $movie = movie::create($album, $temp_filename, $name, $title);
+ $item = movie::create($album, $temp_filename, $name, $title);
log::success("content", t("Added a movie"),
- html::anchor("movies/$movie->id", t("view movie")));
+ html::anchor("movies/$item->id", t("view movie")));
} else {
- $photo = photo::create($album, $temp_filename, $name, $title);
+ $item = photo::create($album, $temp_filename, $name, $title);
log::success("content", t("Added a photo"),
- html::anchor("photos/$photo->id", t("view photo")));
+ html::anchor("photos/$item->id", t("view photo")));
}
} catch (Exception $e) {
- unlink($temp_filename);
- throw $e;
+ Kohana::log("alert", $e->__toString());
+ if (file_exists($temp_filename)) {
+ unlink($temp_filename);
+ }
+ header("HTTP/1.1 500 Internal Server Error");
+ print "ERROR:" . $e->getMessage();
+ return;
}
unlink($temp_filename);
+ print "FILEID: $item->id";
+ } else {
+ header("HTTP/1.1 400 Bad Request");
+ print "ERROR: Invalid Upload";
}
- print "File Received";
}
public function finish() {
diff --git a/modules/gallery/controllers/upgrader.php b/modules/gallery/controllers/upgrader.php
index 91952fa9..0f6cbc2c 100644
--- a/modules/gallery/controllers/upgrader.php
+++ b/modules/gallery/controllers/upgrader.php
@@ -32,11 +32,18 @@ class Upgrader_Controller extends Controller {
@unlink(TMPPATH . $upgrade_token);
}
+ $available_upgrades = 0;
+ foreach (module::available() as $module) {
+ if ($module->version && $module->version != $module->code_version) {
+ $available_upgrades++;
+ }
+ }
+
$view = new View("upgrader.html");
$view->can_upgrade = user::active()->admin || $session->get("can_upgrade");
$view->upgrade_token = $upgrade_token;
$view->available = module::available();
- $view->done = Input::instance()->get("done");
+ $view->done = ($available_upgrades == 0);
print $view;
}
@@ -67,7 +74,7 @@ class Upgrader_Controller extends Controller {
if (php_sapi_name() == "cli") {
print "Upgrade complete\n";
} else {
- url::redirect("upgrader?done=1");
+ url::redirect("upgrader");
}
}
}