summaryrefslogtreecommitdiff
path: root/modules/gallery/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'modules/gallery/controllers')
-rw-r--r--modules/gallery/controllers/admin_dashboard.php2
-rw-r--r--modules/gallery/controllers/admin_maintenance.php4
-rw-r--r--modules/gallery/controllers/admin_modules.php1
-rw-r--r--modules/gallery/controllers/albums.php90
-rw-r--r--modules/gallery/controllers/combined.php2
-rw-r--r--modules/gallery/controllers/file_proxy.php2
-rw-r--r--modules/gallery/controllers/login.php11
-rw-r--r--modules/gallery/controllers/movies.php54
-rw-r--r--modules/gallery/controllers/packager.php9
-rw-r--r--modules/gallery/controllers/photos.php54
-rw-r--r--modules/gallery/controllers/quick.php1
-rw-r--r--modules/gallery/controllers/simple_uploader.php47
-rw-r--r--modules/gallery/controllers/user_profile.php4
13 files changed, 112 insertions, 169 deletions
diff --git a/modules/gallery/controllers/admin_dashboard.php b/modules/gallery/controllers/admin_dashboard.php
index 5f2cb41d..42a3c081 100644
--- a/modules/gallery/controllers/admin_dashboard.php
+++ b/modules/gallery/controllers/admin_dashboard.php
@@ -91,7 +91,5 @@ class Admin_Dashboard_Controller extends Admin_Controller {
}
block_manager::set_active($location, $new_blocks);
}
-
- $this->_force_block_adder();
}
}
diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php
index aa4fb29f..3062ea09 100644
--- a/modules/gallery/controllers/admin_maintenance.php
+++ b/modules/gallery/controllers/admin_maintenance.php
@@ -215,7 +215,7 @@ class Admin_Maintenance_Controller extends Admin_Controller {
print json_encode(array("result" => "success",
"task" => array(
"percent_complete" => $task->percent_complete,
- "status" => $task->status,
+ "status" => (string) $task->status,
"done" => (bool) $task->done),
"location" => url::site("admin/maintenance")));
@@ -223,7 +223,7 @@ class Admin_Maintenance_Controller extends Admin_Controller {
print json_encode(array("result" => "in_progress",
"task" => array(
"percent_complete" => $task->percent_complete,
- "status" => $task->status,
+ "status" => (string) $task->status,
"done" => (bool) $task->done)));
}
}
diff --git a/modules/gallery/controllers/admin_modules.php b/modules/gallery/controllers/admin_modules.php
index 84fee25d..081b3f12 100644
--- a/modules/gallery/controllers/admin_modules.php
+++ b/modules/gallery/controllers/admin_modules.php
@@ -67,6 +67,7 @@ class Admin_Modules_Controller extends Admin_Controller {
}
private function _do_save() {
+ $changes = new stdClass();
$changes->activate = array();
$changes->deactivate = array();
$activated_names = array();
diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php
index 2eeefdf1..a378f3ee 100644
--- a/modules/gallery/controllers/albums.php
+++ b/modules/gallery/controllers/albums.php
@@ -95,30 +95,36 @@ class Albums_Controller extends Items_Controller {
access::required("view", $album);
access::required("add", $album);
- $input = Input::instance();
$form = album::get_add_form($album);
- if ($form->validate()) {
- $new_album = album::create(
- $album,
- $input->post("name"),
- $input->post("title", $input->post("name")),
- $input->post("description"),
- identity::active_user()->id,
- $input->post("slug"));
+ try {
+ $valid = $form->validate();
+ $album = ORM::factory("item");
+ $album->type = "album";
+ $album->parent_id = $parent_id;
+ $album->name = $form->add_album->inputs["name"]->value;
+ $album->title = $form->add_album->title->value ?
+ $form->add_album->title->value : $form->add_album->inputs["name"]->value;
+ $album->description = $form->add_album->description->value;
+ $album->slug = $form->add_album->slug->value;
+ $album->validate();
+ } catch (ORM_Validation_Exception $e) {
+ // Translate ORM validation errors into form error messages
+ foreach ($e->validation->errors() as $key => $error) {
+ $form->add_album->inputs[$key]->add_error($error, 1);
+ }
+ $valid = false;
+ }
+ if ($valid) {
+ $album->save();
log::success("content", "Created an album",
- html::anchor("albums/$new_album->id", "view album"));
+ html::anchor("albums/$album->id", "view album"));
message::success(t("Created album %album_title",
- array("album_title" => html::purify($new_album->title))));
+ array("album_title" => html::purify($album->title))));
- print json_encode(
- array("result" => "success",
- "location" => $new_album->url()));
+ print json_encode(array("result" => "success", "location" => $album->url()));
} else {
- print json_encode(
- array(
- "result" => "error",
- "form" => $form->__toString()));
+ print json_encode(array("result" => "error", "form" => (string) $form));
}
}
@@ -129,42 +135,24 @@ class Albums_Controller extends Items_Controller {
access::required("edit", $album);
$form = album::get_edit_form($album);
- if ($valid = $form->validate()) {
- if ($album->id != 1 &&
- $form->edit_item->dirname->value != $album->name ||
- $form->edit_item->slug->value != $album->slug) {
- // Make sure that there's not a conflict
- if ($row = db::build()
- ->select(array("name", "slug"))
- ->from("items")
- ->where("parent_id", "=", $album->parent_id)
- ->where("id", "<>", $album->id)
- ->and_open()
- ->where("name", "=", $form->edit_item->dirname->value)
- ->or_where("slug", "=", $form->edit_item->slug->value)
- ->close()
- ->execute()
- ->current()) {
- if ($row->name == $form->edit_item->dirname->value) {
- $form->edit_item->dirname->add_error("name_conflict", 1);
- }
- if ($row->slug == $form->edit_item->slug->value) {
- $form->edit_item->slug->add_error("slug_conflict", 1);
- }
- $valid = false;
- }
- }
- }
-
- if ($valid) {
+ try {
+ $valid = $form->validate();
$album->title = $form->edit_item->title->value;
$album->description = $form->edit_item->description->value;
$album->sort_column = $form->edit_item->sort_order->column->value;
$album->sort_order = $form->edit_item->sort_order->direction->value;
- if ($album->id != 1) {
- $album->rename($form->edit_item->dirname->value);
- }
+ $album->name = $form->edit_item->inputs["name"]->value;
$album->slug = $form->edit_item->slug->value;
+ $album->validate();
+ } catch (ORM_Validation_Exception $e) {
+ // Translate ORM validation errors into form error messages
+ foreach ($e->validation->errors() as $key => $error) {
+ $form->edit_item->inputs[$key]->add_error($error, 1);
+ }
+ $valid = false;
+ }
+
+ if ($valid) {
$album->save();
module::event("item_edit_form_completed", $album, $form);
@@ -180,9 +168,7 @@ class Albums_Controller extends Items_Controller {
print json_encode(array("result" => "success"));
}
} else {
- print json_encode(
- array("result" => "error",
- "form" => $form->__toString()));
+ print json_encode(array("result" => "error", "form" => (string) $form));
}
}
diff --git a/modules/gallery/controllers/combined.php b/modules/gallery/controllers/combined.php
index e90a2f1a..7f3a3c7d 100644
--- a/modules/gallery/controllers/combined.php
+++ b/modules/gallery/controllers/combined.php
@@ -41,7 +41,7 @@ class Combined_Controller extends Controller {
$input = Input::instance();
// We don't need to save the session for this request
- Session::abort_save();
+ Session::instance()->abort_save();
// Our data is immutable, so if they already have a copy then it needs no updating.
if ($input->server("HTTP_IF_MODIFIED_SINCE")) {
diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php
index 646edf17..33952366 100644
--- a/modules/gallery/controllers/file_proxy.php
+++ b/modules/gallery/controllers/file_proxy.php
@@ -121,7 +121,7 @@ class File_Proxy_Controller extends Controller {
expires::check(2592000, $item->updated);
// We don't need to save the session for this request
- Session::abort_save();
+ Session::instance()->abort_save();
expires::set(2592000, $item->updated); // 30 days
diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php
index cfccaf17..1426f0d8 100644
--- a/modules/gallery/controllers/login.php
+++ b/modules/gallery/controllers/login.php
@@ -33,9 +33,7 @@ class Login_Controller extends Controller {
print json_encode(
array("result" => "success"));
} else {
- print json_encode(
- array("result" => "error",
- "form" => $form->__toString()));
+ print json_encode(array("result" => "error", "form" => (string) $form));
}
}
@@ -64,11 +62,10 @@ class Login_Controller extends Controller {
if ($valid) {
$user = identity::lookup_user_by_name($form->login->inputs["name"]->value);
if (empty($user) || !identity::is_correct_password($user, $form->login->password->value)) {
- log::warning(
- "user",
- t("Failed login for %name",
- array("name" => $form->login->inputs["name"]->value)));
$form->login->inputs["name"]->add_error("invalid_login", 1);
+ $name = $form->login->inputs["name"]->value;
+ log::warning("user", t("Failed login for %name", array("name" => $name)));
+ module::event("user_login_failed", $name);
$valid = false;
}
}
diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php
index 7a8e4d2a..b51282b3 100644
--- a/modules/gallery/controllers/movies.php
+++ b/modules/gallery/controllers/movies.php
@@ -61,48 +61,22 @@ class Movies_Controller extends Items_Controller {
access::required("edit", $movie);
$form = movie::get_edit_form($movie);
- $valid = $form->validate();
-
- if ($valid) {
- $new_ext = pathinfo($form->edit_item->filename->value, PATHINFO_EXTENSION);
- $old_ext = pathinfo($movie->name, PATHINFO_EXTENSION);
- if (strcasecmp($new_ext, $old_ext)) {
- $form->edit_item->filename->add_error("illegal_extension", 1);
- $valid = false;
- }
- }
-
- if ($valid) {
- if ($form->edit_item->filename->value != $movie->name ||
- $form->edit_item->slug->value != $movie->slug) {
- // Make sure that there's not a name or slug conflict
- if ($row = db::build()
- ->select(array("name", "slug"))
- ->from("items")
- ->where("parent_id", "=", $movie->parent_id)
- ->where("id", "<>", $movie->id)
- ->and_open()
- ->where("name", "=", $form->edit_item->filename->value)
- ->or_where("slug", "=", $form->edit_item->slug->value)
- ->close()
- ->execute()
- ->current()) {
- if ($row->name == $form->edit_item->filename->value) {
- $form->edit_item->filename->add_error("name_conflict", 1);
- }
- if ($row->slug == $form->edit_item->slug->value) {
- $form->edit_item->slug->add_error("slug_conflict", 1);
- }
- $valid = false;
- }
+ try {
+ $valid = $form->validate();
+ $movie->title = $form->edit_item->title->value;
+ $movie->description = $form->edit_item->description->value;
+ $movie->slug = $form->edit_item->slug->value;
+ $movie->name = $form->edit_item->inputs["name"]->value;
+ $movie->validate();
+ } catch (ORM_Validation_Exception $e) {
+ // Translate ORM validation errors into form error messages
+ foreach ($e->validation->errors() as $key => $error) {
+ $form->edit_item->inputs[$key]->add_error($error, 1);
}
+ $valid = false;
}
if ($valid) {
- $movie->title = $form->edit_item->title->value;
- $movie->description = $form->edit_item->description->value;
- $movie->slug = $form->edit_item->slug->value;
- $movie->rename($form->edit_item->filename->value);
$movie->save();
module::event("item_edit_form_completed", $movie, $form);
@@ -118,9 +92,7 @@ class Movies_Controller extends Items_Controller {
print json_encode(array("result" => "success"));
}
} else {
- print json_encode(
- array("result" => "error",
- "form" => $form->__toString()));
+ print json_encode(array("result" => "error", "form" => (string) $form));
}
}
diff --git a/modules/gallery/controllers/packager.php b/modules/gallery/controllers/packager.php
index cb64f1bf..66626483 100644
--- a/modules/gallery/controllers/packager.php
+++ b/modules/gallery/controllers/packager.php
@@ -164,7 +164,7 @@ class Packager_Controller extends Controller {
foreach($objects as $name => $file){
if ($file->getBasename() == "database.php") {
continue;
- } else if (basename($file->getPath()) == "logs") {
+ } else if (basename($file->getPath()) == "logs" && $file->getBasename() != ".htaccess") {
continue;
}
@@ -172,8 +172,8 @@ class Packager_Controller extends Controller {
$paths[] = "VARPATH . \"" . substr($name, strlen(VARPATH)) . "\"";
} else {
// @todo: serialize non-directories
- print "IGNORING FILE: $name\n";
- return;
+ $files["VARPATH . \"" . substr($name, strlen(VARPATH)) . "\""] =
+ base64_encode(file_get_contents($name));
}
}
// Sort the paths so that the var file is stable
@@ -185,6 +185,9 @@ class Packager_Controller extends Controller {
foreach ($paths as $path) {
fwrite($fd, "!file_exists($path) && mkdir($path);\n");
}
+ foreach ($files as $file => $contents) {
+ fwrite($fd, "file_put_contents($file, base64_decode(\"$contents\"));\n");
+ }
fclose($fd);
}
} \ No newline at end of file
diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php
index 56b454ce..b5da3884 100644
--- a/modules/gallery/controllers/photos.php
+++ b/modules/gallery/controllers/photos.php
@@ -61,48 +61,22 @@ class Photos_Controller extends Items_Controller {
access::required("edit", $photo);
$form = photo::get_edit_form($photo);
- $valid = $form->validate();
-
- if ($valid) {
- $new_ext = pathinfo($form->edit_item->filename->value, PATHINFO_EXTENSION);
- $old_ext = pathinfo($photo->name, PATHINFO_EXTENSION);
- if (strcasecmp($new_ext, $old_ext)) {
- $form->edit_item->filename->add_error("illegal_extension", 1);
- $valid = false;
- }
- }
-
- if ($valid) {
- if ($form->edit_item->filename->value != $photo->name ||
- $form->edit_item->slug->value != $photo->slug) {
- // Make sure that there's not a name or slug conflict
- if ($row = db::build()
- ->select(array("name", "slug"))
- ->from("items")
- ->where("parent_id", "=", $photo->parent_id)
- ->where("id", "<>", $photo->id)
- ->and_open()
- ->where("name", "=", $form->edit_item->filename->value)
- ->or_where("slug", "=", $form->edit_item->slug->value)
- ->close()
- ->execute()
- ->current()) {
- if ($row->name == $form->edit_item->filename->value) {
- $form->edit_item->filename->add_error("name_conflict", 1);
- }
- if ($row->slug == $form->edit_item->slug->value) {
- $form->edit_item->slug->add_error("slug_conflict", 1);
- }
- $valid = false;
- }
+ try {
+ $valid = $form->validate();
+ $photo->title = $form->edit_item->title->value;
+ $photo->description = $form->edit_item->description->value;
+ $photo->slug = $form->edit_item->slug->value;
+ $photo->name = $form->edit_item->inputs["name"]->value;
+ $photo->validate();
+ } catch (ORM_Validation_Exception $e) {
+ // Translate ORM validation errors into form error messages
+ foreach ($e->validation->errors() as $key => $error) {
+ $form->edit_item->inputs[$key]->add_error($error, 1);
}
+ $valid = false;
}
if ($valid) {
- $photo->title = $form->edit_item->title->value;
- $photo->description = $form->edit_item->description->value;
- $photo->slug = $form->edit_item->slug->value;
- $photo->rename($form->edit_item->filename->value);
$photo->save();
module::event("item_edit_form_completed", $photo, $form);
@@ -118,9 +92,7 @@ class Photos_Controller extends Items_Controller {
print json_encode(array("result" => "success"));
}
} else {
- print json_encode(
- array("result" => "error",
- "form" => $form->__toString()));
+ print json_encode(array("result" => "error", "form" => (string) $form));
}
}
diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php
index 7f9a9826..04aab8dc 100644
--- a/modules/gallery/controllers/quick.php
+++ b/modules/gallery/controllers/quick.php
@@ -47,6 +47,7 @@ class Quick_Controller extends Controller {
graphics::generate($item);
$parent = $item->parent();
+ // @todo: this is an inadequate way to regenerate the parent's thumbnail after rotation.
if ($parent->album_cover_item_id == $item->id) {
copy($item->thumb_path(), $parent->thumb_path());
$parent->thumb_width = $item->thumb_width;
diff --git a/modules/gallery/controllers/simple_uploader.php b/modules/gallery/controllers/simple_uploader.php
index 5d32e35f..16d1d241 100644
--- a/modules/gallery/controllers/simple_uploader.php
+++ b/modules/gallery/controllers/simple_uploader.php
@@ -40,39 +40,52 @@ class Simple_Uploader_Controller extends Controller {
access::required("add", $album);
access::verify_csrf();
+ // The Flash uploader not call /start directly, so simulate it here for now.
+ if (!batch::in_progress()) {
+ batch::start();
+ }
+
+ $form = $this->_get_add_form($album);
+
+ // Uploadify adds its own field to the form, so validate that separately.
$file_validation = new Validation($_FILES);
$file_validation->add_rules(
"Filedata", "upload::valid", "upload::required", "upload::type[gif,jpg,jpeg,png,flv,mp4]");
- if ($file_validation->validate()) {
- // SimpleUploader.swf does not yet call /start directly, so simulate it here for now.
- if (!batch::in_progress()) {
- batch::start();
- }
+ if ($form->validate() && $file_validation->validate()) {
$temp_filename = upload::save("Filedata");
try {
- $name = substr(basename($temp_filename), 10); // Skip unique identifier Kohana adds
- $title = item::convert_filename_to_title($name);
+ $item = ORM::factory("item");
+ $item->name = substr(basename($temp_filename), 10); // Skip unique identifier Kohana adds
+ $item->title = item::convert_filename_to_title($item->name);
+ $item->parent_id = $album->id;
+ $item->set_data_file($temp_filename);
+
$path_info = @pathinfo($temp_filename);
if (array_key_exists("extension", $path_info) &&
in_array(strtolower($path_info["extension"]), array("flv", "mp4"))) {
- $item = movie::create($album, $temp_filename, $name, $title);
+ $item->type = "movie";
+ $item->save();
log::success("content", t("Added a movie"),
html::anchor("movies/$item->id", t("view movie")));
} else {
- $item = photo::create($album, $temp_filename, $name, $title);
+ $item->type = "photo";
+ $item->save();
log::success("content", t("Added a photo"),
html::anchor("photos/$item->id", t("view photo")));
}
- // We currently have no way of showing errors if validation fails, so only call our event
- // handlers if validation passes.
- $form = $this->_get_add_form($album);
- if ($form->validate()) {
- module::event("add_photos_form_completed", $item, $form);
- }
+ module::event("add_photos_form_completed", $item, $form);
} catch (Exception $e) {
- Kohana_Log::add("alert", $e->__toString());
+ // The Flash uploader has no good way of reporting complex errors, so just keep it simple.
+ Kohana_Log::add("error", $e->getMessage() . "\n" . $e->getTraceAsString());
+
+ // Ugh. I hate to use instanceof, But this beats catching the exception separately since
+ // we mostly want to treat it the same way as all other exceptions
+ if ($e instanceof ORM_Validation_Exception) {
+ Kohana_Log::add("error", "Validation errors: " . print_r($e->validation->errors(), 1));
+ }
+
if (file_exists($temp_filename)) {
unlink($temp_filename);
}
@@ -84,7 +97,7 @@ class Simple_Uploader_Controller extends Controller {
print "FILEID: $item->id";
} else {
header("HTTP/1.1 400 Bad Request");
- print "ERROR: " . t("Invalid Upload");
+ print "ERROR: " . t("Invalid upload");
}
}
diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php
index a0e6619e..327d2ff1 100644
--- a/modules/gallery/controllers/user_profile.php
+++ b/modules/gallery/controllers/user_profile.php
@@ -53,11 +53,11 @@ class User_Profile_Controller extends Controller {
if ($form->validate()) {
Sendmail::factory()
->to($user->email)
- ->subject($form->message->subject->value)
+ ->subject(html::clean($form->message->subject->value))
->header("Mime-Version", "1.0")
->header("Content-type", "text/html; charset=iso-8859-1")
->reply_to($form->message->reply_to->value)
- ->message($form->message->message->value)
+ ->message(html::purify($form->message->message->value))
->send();
message::success(t("Sent message to %user_name", array("user_name" => $user->display_name())));
print json_encode(array("result" => "success"));
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-14 17:08:17 +0000