summaryrefslogtreecommitdiff
path: root/modules/gallery/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'modules/gallery/controllers')
-rw-r--r--modules/gallery/controllers/admin_users.php4
-rw-r--r--modules/gallery/controllers/movies.php13
-rw-r--r--modules/gallery/controllers/password.php4
-rw-r--r--modules/gallery/controllers/photos.php12
4 files changed, 27 insertions, 6 deletions
diff --git a/modules/gallery/controllers/admin_users.php b/modules/gallery/controllers/admin_users.php
index 9b7c81f1..34b3a426 100644
--- a/modules/gallery/controllers/admin_users.php
+++ b/modules/gallery/controllers/admin_users.php
@@ -22,8 +22,8 @@ class Admin_Users_Controller extends Admin_Controller {
$view = new Admin_View("admin.html");
$view->content = new View("admin_users.html");
$view->content->writable = user::is_writable();
- $view->content->users = user::users(array("orderby" => array("name" => "ASC")));
- $view->content->groups = group::groups(array("orderby" => array("name" => "ASC")));
+ $view->content->users = user::get_user_list(array("orderby" => array("name" => "ASC")));
+ $view->content->groups = group::get_group_list(array("orderby" => array("name" => "ASC")));
print $view;
}
diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php
index 2a917c58..01a9fc8b 100644
--- a/modules/gallery/controllers/movies.php
+++ b/modules/gallery/controllers/movies.php
@@ -61,7 +61,18 @@ class Movies_Controller extends Items_Controller {
access::required("edit", $movie);
$form = movie::get_edit_form($movie);
- if ($valid = $form->validate()) {
+ $valid = $form->validate();
+
+ if ($valid) {
+ $new_ext = pathinfo($form->edit_item->filename->value, PATHINFO_EXTENSION);
+ $old_ext = pathinfo($photo->name, PATHINFO_EXTENSION);
+ if (strcasecmp($new_ext, $old_ext)) {
+ $form->edit_item->filename->add_error("illegal_extension", 1);
+ $valid = false;
+ }
+ }
+
+ if ($valid) {
if ($form->edit_item->filename->value != $movie->name ||
$form->edit_item->slug->value != $movie->slug) {
// Make sure that there's not a name or slug conflict
diff --git a/modules/gallery/controllers/password.php b/modules/gallery/controllers/password.php
index 817ff01c..e8b08960 100644
--- a/modules/gallery/controllers/password.php
+++ b/modules/gallery/controllers/password.php
@@ -32,7 +32,7 @@ class Password_Controller extends Controller {
if (request::method() == "post") {
$this->_change_password();
} else {
- $user = user::lookyp_by_hash(Input::instance()->get("key"));
+ $user = user::lookup_by_hash(Input::instance()->get("key"));
if (!empty($user)) {
print $this->_new_password_form($user->hash);
} else {
@@ -116,7 +116,7 @@ class Password_Controller extends Controller {
private function _change_password() {
$view = $this->_new_password_form();
if ($view->content->validate()) {
- $user = user::lookyp_by_hash(Input::instance()->get("key"));
+ $user = user::lookup_by_hash(Input::instance()->get("key"));
if (empty($user)) {
throw new Exception("@todo FORBIDDEN", 503);
}
diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php
index 81e7519e..fbff53ce 100644
--- a/modules/gallery/controllers/photos.php
+++ b/modules/gallery/controllers/photos.php
@@ -63,7 +63,17 @@ class Photos_Controller extends Items_Controller {
$form = photo::get_edit_form($photo);
$valid = $form->validate();
- if ($valid = $form->validate()) {
+
+ if ($valid) {
+ $new_ext = pathinfo($form->edit_item->filename->value, PATHINFO_EXTENSION);
+ $old_ext = pathinfo($photo->name, PATHINFO_EXTENSION);
+ if (strcasecmp($new_ext, $old_ext)) {
+ $form->edit_item->filename->add_error("illegal_extension", 1);
+ $valid = false;
+ }
+ }
+
+ if ($valid) {
if ($form->edit_item->filename->value != $photo->name ||
$form->edit_item->slug->value != $photo->slug) {
// Make sure that there's not a name or slug conflict
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-14 01:10:26 +0000