diff options
Diffstat (limited to 'modules/gallery/controllers')
28 files changed, 107 insertions, 42 deletions
diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php index 8fc5432d..b70f9634 100644 --- a/modules/gallery/controllers/admin.php +++ b/modules/gallery/controllers/admin.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/admin_advanced_settings.php b/modules/gallery/controllers/admin_advanced_settings.php index cf197743..fd652988 100644 --- a/modules/gallery/controllers/admin_advanced_settings.php +++ b/modules/gallery/controllers/admin_advanced_settings.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/admin_dashboard.php b/modules/gallery/controllers/admin_dashboard.php index 76c42612..8dfb6615 100644 --- a/modules/gallery/controllers/admin_dashboard.php +++ b/modules/gallery/controllers/admin_dashboard.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/admin_graphics.php b/modules/gallery/controllers/admin_graphics.php index de98035d..a2d19d4a 100644 --- a/modules/gallery/controllers/admin_graphics.php +++ b/modules/gallery/controllers/admin_graphics.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/admin_languages.php b/modules/gallery/controllers/admin_languages.php index 573ededf..2e2651fc 100644 --- a/modules/gallery/controllers/admin_languages.php +++ b/modules/gallery/controllers/admin_languages.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -74,9 +74,11 @@ class Admin_Languages_Controller extends Admin_Controller { private function _save_api_key($form) { $new_key = $form->sharing->api_key->value; - if ($new_key && !l10n_client::validate_api_key($new_key)) { - $form->sharing->api_key->add_error("invalid", 1); - $valid = false; + if ($new_key) { + list($connected, $valid) = l10n_client::validate_api_key($new_key); + if (!$valid) { + $form->sharing->api_key->add_error($connected ? "invalid" : "no_connection", 1); + } } else { $valid = true; } @@ -119,7 +121,9 @@ class Admin_Languages_Controller extends Admin_Controller { array("server-link" => html::mark_clean(html::anchor($server_link)))) : t("API key")) ->value($api_key) - ->error_messages("invalid", t("The API key you provided is invalid.")); + ->error_messages("invalid", t("The API key you provided is invalid.")) + ->error_messages( + "no_connection", t("Could not connect to remote server to validate the API key.")); $group->submit("save")->value(t("Save settings")); if ($api_key && $this->_outgoing_translations_count()) { // TODO: UI improvement: hide API key / save button when API key is set. diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php index 80247a0f..ce828a75 100644 --- a/modules/gallery/controllers/admin_maintenance.php +++ b/modules/gallery/controllers/admin_maintenance.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/admin_modules.php b/modules/gallery/controllers/admin_modules.php index 650b7e9e..787785ea 100644 --- a/modules/gallery/controllers/admin_modules.php +++ b/modules/gallery/controllers/admin_modules.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/admin_sidebar.php b/modules/gallery/controllers/admin_sidebar.php index 2e49097a..42c4bb18 100644 --- a/modules/gallery/controllers/admin_sidebar.php +++ b/modules/gallery/controllers/admin_sidebar.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/admin_theme_options.php b/modules/gallery/controllers/admin_theme_options.php index 57f32f96..055e063c 100644 --- a/modules/gallery/controllers/admin_theme_options.php +++ b/modules/gallery/controllers/admin_theme_options.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/admin_themes.php b/modules/gallery/controllers/admin_themes.php index a88e1e89..cd8a5530 100644 --- a/modules/gallery/controllers/admin_themes.php +++ b/modules/gallery/controllers/admin_themes.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/admin_upgrade_checker.php b/modules/gallery/controllers/admin_upgrade_checker.php new file mode 100644 index 00000000..a5cfcfc8 --- /dev/null +++ b/modules/gallery/controllers/admin_upgrade_checker.php @@ -0,0 +1,57 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2011 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Admin_Upgrade_Checker_Controller extends Admin_Controller { + function check_now() { + access::verify_csrf(); + upgrade_checker::fetch_version_info(); + $message = upgrade_checker::get_upgrade_message(); + if ($message) { + $message .= t( + " <a href=\"%hide-url\"><i>(remind me later)</i></a>", + array("url" => url::site("admin/upgrade_checker/remind_me_later?csrf=__CSRF__"))); + site_status::info($message, "upgrade_checker"); + } else { + site_status::clear("upgrade_checker"); + } + url::redirect("admin/dashboard"); + } + + function remind_me_later() { + access::verify_csrf(); + site_status::clear("upgrade_checker"); + if ($referer = Input::instance()->server("HTTP_REFERER")) { + url::redirect($referer); + } else { + url::redirect(item::root()->abs_url()); + } + } + + function set_auto($val) { + access::verify_csrf(); + module::set_var("gallery", "upgrade_checker_auto_enabled", (bool)$val); + + if ((bool)$val) { + message::success(t("Automatic upgrade checking is enabled.")); + } else { + message::success(t("Automatic upgrade checking is disabled.")); + } + url::redirect("admin/dashboard"); + } +} diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 25df0da7..ccf6c1cb 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -37,7 +37,7 @@ class Albums_Controller extends Items_Controller { if ($show) { $child = ORM::factory("item", $show); - $index = $album->get_position($child); + $index = item::get_position($child); if ($index) { $page = ceil($index / $page_size); if ($page == 1) { diff --git a/modules/gallery/controllers/combined.php b/modules/gallery/controllers/combined.php index 64f8d22b..ef640bd9 100644 --- a/modules/gallery/controllers/combined.php +++ b/modules/gallery/controllers/combined.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php index 22854fbd..d1e42106 100644 --- a/modules/gallery/controllers/file_proxy.php +++ b/modules/gallery/controllers/file_proxy.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -27,10 +27,13 @@ * input is sanitized against the database before we perform any file I/O. */ class File_Proxy_Controller extends Controller { + const ALLOW_PRIVATE_GALLERY = true; public function __call($function, $args) { - // request_uri: gallery3/var/trunk/albums/foo/bar.jpg + // request_uri: gallery3/var/albums/foo/bar.jpg?m=1234 $request_uri = rawurldecode(Input::instance()->server("REQUEST_URI")); + // get rid of query parameters + // request_uri: gallery3/var/albums/foo/bar.jpg $request_uri = preg_replace("/\?.*/", "", $request_uri); // var_uri: gallery3/var/ @@ -42,13 +45,11 @@ class File_Proxy_Controller extends Controller { throw new Kohana_404_Exception(); } + // file_uri: albums/foo/bar.jpg $file_uri = substr($request_uri, strlen($var_uri)); - // Make sure that we don't leave the var dir - if (strpos($file_uri, "..") !== false) { - throw new Kohana_404_Exception(); - } - + // type: albums + // path: foo/bar.jpg list ($type, $path) = explode("/", $file_uri, 2); if ($type != "resizes" && $type != "albums" && $type != "thumbs") { throw new Kohana_404_Exception(); diff --git a/modules/gallery/controllers/items.php b/modules/gallery/controllers/items.php index 39b0f638..9dd49547 100644 --- a/modules/gallery/controllers/items.php +++ b/modules/gallery/controllers/items.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/l10n_client.php b/modules/gallery/controllers/l10n_client.php index 6833a9ae..05b88829 100644 --- a/modules/gallery/controllers/l10n_client.php +++ b/modules/gallery/controllers/l10n_client.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php index adb2e50b..b203b7d3 100644 --- a/modules/gallery/controllers/login.php +++ b/modules/gallery/controllers/login.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/logout.php b/modules/gallery/controllers/logout.php index 20fa8074..dd0f7ddc 100644 --- a/modules/gallery/controllers/logout.php +++ b/modules/gallery/controllers/logout.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index bf50abd5..8e81c594 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -28,10 +28,10 @@ class Movies_Controller extends Items_Controller { access::required("view", $movie); $where = array(array("type", "!=", "album")); - $position = $movie->parent()->get_position($movie, $where); + $position = item::get_position($movie, $where); if ($position > 1) { list ($previous_item, $ignore, $next_item) = - $movie->parent()->children(3, $position - 2, $where); + $movie->parent()->viewable()->children(3, $position - 2, $where); } else { $previous_item = null; list ($next_item) = $movie->parent()->viewable()->children(1, $position, $where); diff --git a/modules/gallery/controllers/packager.php b/modules/gallery/controllers/packager.php index 9da34f9c..c5335c72 100644 --- a/modules/gallery/controllers/packager.php +++ b/modules/gallery/controllers/packager.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/permissions.php b/modules/gallery/controllers/permissions.php index fc06cb44..023610c1 100644 --- a/modules/gallery/controllers/permissions.php +++ b/modules/gallery/controllers/permissions.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index d500a92e..054300a1 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -28,10 +28,10 @@ class Photos_Controller extends Items_Controller { access::required("view", $photo); $where = array(array("type", "!=", "album")); - $position = $photo->parent()->get_position($photo, $where); + $position = item::get_position($photo, $where); if ($position > 1) { list ($previous_item, $ignore, $next_item) = - $photo->parent()->children(3, $position - 2, $where); + $photo->parent()->viewable()->children(3, $position - 2, $where); } else { $previous_item = null; list ($next_item) = $photo->parent()->viewable()->children(1, $position, $where); diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php index 3db4f5df..17abc39f 100644 --- a/modules/gallery/controllers/quick.php +++ b/modules/gallery/controllers/quick.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php index 53a96374..ef0e4632 100644 --- a/modules/gallery/controllers/reauthenticate.php +++ b/modules/gallery/controllers/reauthenticate.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/upgrader.php b/modules/gallery/controllers/upgrader.php index 66c71648..365ba28e 100644 --- a/modules/gallery/controllers/upgrader.php +++ b/modules/gallery/controllers/upgrader.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -94,6 +94,9 @@ class Upgrader_Controller extends Controller { // If the upgrade failed, this will get recreated site_status::clear("upgrade_now"); + // Clear any upgrade check strings, we are probably up to date. + site_status::clear("upgrade_checker"); + if (php_sapi_name() == "cli") { if ($failed) { print "Upgrade completed ** WITH FAILURES **\n"; diff --git a/modules/gallery/controllers/uploader.php b/modules/gallery/controllers/uploader.php index 168e8b2d..6b1455e4 100644 --- a/modules/gallery/controllers/uploader.php +++ b/modules/gallery/controllers/uploader.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php index 4922416c..f30fe78a 100644 --- a/modules/gallery/controllers/user_profile.php +++ b/modules/gallery/controllers/user_profile.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/modules/gallery/controllers/welcome_message.php b/modules/gallery/controllers/welcome_message.php index b20f0a94..f2a5aeb1 100644 --- a/modules/gallery/controllers/welcome_message.php +++ b/modules/gallery/controllers/welcome_message.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access."); /** * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2010 Bharat Mediratta + * Copyright (C) 2000-2011 Bharat Mediratta * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by |