diff options
Diffstat (limited to 'modules/gallery/controllers')
| -rw-r--r-- | modules/gallery/controllers/admin.php | 8 | ||||
| -rw-r--r-- | modules/gallery/controllers/admin_advanced_settings.php | 2 | ||||
| -rw-r--r-- | modules/gallery/controllers/admin_maintenance.php | 6 | ||||
| -rw-r--r-- | modules/gallery/controllers/admin_themes.php | 2 | ||||
| -rw-r--r-- | modules/gallery/controllers/albums.php | 4 | ||||
| -rw-r--r-- | modules/gallery/controllers/flash_uploader.php | 3 | ||||
| -rw-r--r-- | modules/gallery/controllers/login.php | 2 | ||||
| -rw-r--r-- | modules/gallery/controllers/move.php | 2 | ||||
| -rw-r--r-- | modules/gallery/controllers/movies.php | 2 | ||||
| -rw-r--r-- | modules/gallery/controllers/permissions.php | 2 | ||||
| -rw-r--r-- | modules/gallery/controllers/photos.php | 6 | ||||
| -rw-r--r-- | modules/gallery/controllers/quick.php | 17 | ||||
| -rw-r--r-- | modules/gallery/controllers/reauthenticate.php | 46 | ||||
| -rw-r--r-- | modules/gallery/controllers/user_profile.php | 2 |
14 files changed, 70 insertions, 34 deletions
diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php index 40dd260b..7d2a0c43 100644 --- a/modules/gallery/controllers/admin.php +++ b/modules/gallery/controllers/admin.php @@ -82,10 +82,14 @@ class Admin_Controller extends Controller { } private static function _prompt_for_reauth($controller_name, $args) { - if (request::method() == "get" && !request::is_ajax()) { + if (request::method() == "get") { // Avoid anti-phishing protection by passing the url as session variable. - Session::instance()->set("continue_url", url::abs_current(true)); + $reauthenticate = array("continue_url" => url::abs_current(true), + "in_dialog" => strpos(Router::$query_string, "g-in-dialog") !== false, + "controller" => $controller_name, "args" => $args); + Session::instance()->set("reauthenticate", $reauthenticate); } + url::redirect("reauthenticate"); } } diff --git a/modules/gallery/controllers/admin_advanced_settings.php b/modules/gallery/controllers/admin_advanced_settings.php index 6f4e9403..2bbbdf50 100644 --- a/modules/gallery/controllers/admin_advanced_settings.php +++ b/modules/gallery/controllers/admin_advanced_settings.php @@ -39,7 +39,7 @@ class Admin_Advanced_Settings_Controller extends Admin_Controller { $group->input("var_name")->label(t("Setting"))->value($var_name)->disabled(1); $group->textarea("value")->label(t("Value"))->value($value); $group->submit("")->value(t("Save")); - print $form; + print json_encode(array("form" => (string) $form)); } public function save($module_name, $var_name) { diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php index d6a2d191..489f5d54 100644 --- a/modules/gallery/controllers/admin_maintenance.php +++ b/modules/gallery/controllers/admin_maintenance.php @@ -64,7 +64,7 @@ class Admin_Maintenance_Controller extends Admin_Controller { log::info("tasks", t("Task %task_name started (task id %task_id)", array("task_name" => $task->name, "task_id" => $task->id)), html::anchor("admin/maintenance", t("maintenance"))); - print $view; + print json_encode(array("form" => (string) $view)); } /** @@ -86,7 +86,7 @@ class Admin_Maintenance_Controller extends Admin_Controller { log::info("tasks", t("Task %task_name resumed (task id %task_id)", array("task_name" => $task->name, "task_id" => $task->id)), html::anchor("admin/maintenance", t("maintenance"))); - print $view; + print json_encode(array("form" => (string) $view)); } /** @@ -103,7 +103,7 @@ class Admin_Maintenance_Controller extends Admin_Controller { $view = new View("admin_maintenance_show_log.html"); $view->task = $task; - print $view; + print json_encode(array("form" => (string) $view)); } /** diff --git a/modules/gallery/controllers/admin_themes.php b/modules/gallery/controllers/admin_themes.php index e59eadaf..b1bd438f 100644 --- a/modules/gallery/controllers/admin_themes.php +++ b/modules/gallery/controllers/admin_themes.php @@ -52,7 +52,7 @@ class Admin_Themes_Controller extends Admin_Controller { } else { $view->url = item::root()->url("theme=$theme_name"); } - print $view; + print json_encode(array("form" => (string) $view)); } public function choose($type, $theme_name) { diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index eaa09be5..8aed1341 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -168,7 +168,7 @@ class Albums_Controller extends Items_Controller { access::required("view", $album); access::required("add", $album); - print album::get_add_form($album); + print json_encode(array("form" => (string) album::get_add_form($album))); } public function form_edit($album_id) { @@ -176,6 +176,6 @@ class Albums_Controller extends Items_Controller { access::required("view", $album); access::required("edit", $album); - print album::get_edit_form($album); + print json_encode(array("form" => (string) album::get_edit_form($album))); } } diff --git a/modules/gallery/controllers/flash_uploader.php b/modules/gallery/controllers/flash_uploader.php index bc8b964f..6bfdd851 100644 --- a/modules/gallery/controllers/flash_uploader.php +++ b/modules/gallery/controllers/flash_uploader.php @@ -26,7 +26,8 @@ class Flash_Uploader_Controller extends Controller { $item = $item->parent(); } - print $this->_get_add_form($item); + print json_encode(array("form" => (string)$this->_get_add_form($item))); + //print $this->_get_add_form($item); } public function start() { diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php index 2b60316b..b823504b 100644 --- a/modules/gallery/controllers/login.php +++ b/modules/gallery/controllers/login.php @@ -22,7 +22,7 @@ class Login_Controller extends Controller { public function ajax() { $view = new View("login_ajax.html"); $view->form = auth::get_login_form("login/auth_ajax"); - print $view; + print json_encode(array("form" => (string) $view)); } public function auth_ajax() { diff --git a/modules/gallery/controllers/move.php b/modules/gallery/controllers/move.php index f8b85b6f..a99ef341 100644 --- a/modules/gallery/controllers/move.php +++ b/modules/gallery/controllers/move.php @@ -26,7 +26,7 @@ class Move_Controller extends Controller { $view = new View("move_browse.html"); $view->source = $source; $view->tree = $this->_get_tree_html($source, ORM::factory("item", 1)); - print $view; + print json_encode(array("form" => (string) $view)); } public function save($source_id) { diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index 16d22d90..c18dbcde 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -102,6 +102,6 @@ class Movies_Controller extends Items_Controller { access::required("view", $movie); access::required("edit", $movie); - print movie::get_edit_form($movie); + print json_encode(array("form" => (string) movie::get_edit_form($movie))); } } diff --git a/modules/gallery/controllers/permissions.php b/modules/gallery/controllers/permissions.php index fc06cb44..8fdda7b2 100644 --- a/modules/gallery/controllers/permissions.php +++ b/modules/gallery/controllers/permissions.php @@ -33,7 +33,7 @@ class Permissions_Controller extends Controller { $view->parents = $item->parents(); $view->form = $this->_get_form($item); - print $view; + print json_encode(array("form" => (string) $view)); } function form($id) { diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index f336d07c..9f17cebb 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -24,9 +24,9 @@ class Photos_Controller extends Items_Controller { // sure that we're actually receiving an object throw new Kohana_404_Exception(); } - + access::required("view", $photo); - + $where = array(array("type", "!=", "album")); $position = $photo->parent()->get_position($photo, $where); if ($position > 1) { @@ -102,6 +102,6 @@ class Photos_Controller extends Items_Controller { access::required("view", $photo); access::required("edit", $photo); - print photo::get_edit_form($photo); + print json_encode(array("form" => (string) photo::get_edit_form($photo))); } } diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php index dc0c380a..253a279b 100644 --- a/modules/gallery/controllers/quick.php +++ b/modules/gallery/controllers/quick.php @@ -91,17 +91,10 @@ class Quick_Controller extends Controller { access::required("view", $item); access::required("edit", $item); - if ($item->is_album()) { - print t( - "Delete the album <b>%title</b>? All photos and movies in the album will also be deleted.", - array("title" => html::purify($item->title))); - } else { - print t("Are you sure you want to delete <b>%title</b>?", - array("title" => html::purify($item->title))); - } - - $form = item::get_delete_form($item); - print $form; + $v = new View("quick_delete_confirm.html"); + $v->item = $item; + $v->form = item::get_delete_form($item); + print json_encode(array("form" => (string) $v)); } public function delete($id) { @@ -161,6 +154,6 @@ class Quick_Controller extends Controller { // Pass on the source item where this form was generated, so we have an idea where to return to. $form->hidden("from_id")->value((int)Input::instance()->get("from_id", 0)); - print $form; + print json_encode(array("form" => (string) $form)); } } diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php index acb27f6a..d35259e5 100644 --- a/modules/gallery/controllers/reauthenticate.php +++ b/modules/gallery/controllers/reauthenticate.php @@ -22,7 +22,12 @@ class Reauthenticate_Controller extends Controller { if (!identity::active_user()->admin) { access::forbidden(); } - return self::_show_form(self::_form()); + $reauthenticate = Session::instance()->get("reauthenticate", array()); + if (empty($reauthenticate["in_dialog"])) { + self::_show_form(self::_form()); + } else { + print json_encode(array("form" => (string) self::_form())); + } } public function auth() { @@ -31,18 +36,29 @@ class Reauthenticate_Controller extends Controller { } access::verify_csrf(); + $reauthenticate = Session::instance()->get("reauthenticate", array()); + $form = self::_form(); $valid = $form->validate(); $user = identity::active_user(); if ($valid) { - message::success(t("Successfully re-authenticated!")); module::event("user_auth", $user); - url::redirect($form->continue_url->value); + Session::instance()->delete("reauthenticate"); + if (empty($reauthenticate["in_dialog"])) { + message::success(t("Successfully re-authenticated!")); + url::redirect($reauthenticate["continue_url"]); + } else { + self::_call_admin_function($reauthenticate); + } } else { $name = $user->name; log::warning("user", t("Failed re-authentication for %name", array("name" => $name))); module::event("user_auth_failed", $name); - return self::_show_form($form); + if (empty($reauthenticate["in_dialog"])) { + self::_show_form($form); + } else { + print json_encode(array("form" => (string) $form)); + } } } @@ -52,6 +68,7 @@ class Reauthenticate_Controller extends Controller { $view->content = new View("reauthenticate.html"); $view->content->form = $form; $view->content->user_name = identity::active_user()->name; + print $view; } @@ -70,4 +87,25 @@ class Reauthenticate_Controller extends Controller { $group->submit("")->value(t("Submit")); return $form; } + + private static function _call_admin_function($reauthenticate) { + $controller_name = $reauthenticate["controller"]; + $args = $reauthenticate["args"]; + if ($controller_name == "index") { + $controller_name = "dashboard"; + } + + $controller_name = "Admin_{$controller_name}_Controller"; + if ($args) { + $method = array_shift($args); + } else { + $method = "index"; + } + + if (!method_exists($controller_name, $method)) { + throw new Kohana_404_Exception(); + } + + call_user_func_array(array(new $controller_name, $method), $args); + } } diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php index c064e791..431918ff 100644 --- a/modules/gallery/controllers/user_profile.php +++ b/modules/gallery/controllers/user_profile.php @@ -44,7 +44,7 @@ class User_Profile_Controller extends Controller { public function contact($id) { $user = identity::lookup_user($id); - print user_profile::get_contact_form($user); + print json_encode(array("form" => (string) user_profile::get_contact_form($user))); } public function send($id) { |