5 files changed, 102 insertions, 152 deletions

diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php
index 2eeefdf1..7658a913 100644
--- a/modules/gallery/controllers/albums.php
+++ b/modules/gallery/controllers/albums.php
@@ -95,30 +95,36 @@ class Albums_Controller extends Items_Controller {
     access::required("view", $album);
     access::required("add", $album);
 
-    $input = Input::instance();
     $form = album::get_add_form($album);
-    if ($form->validate()) {
-      $new_album = album::create(
-        $album,
-        $input->post("name"),
-        $input->post("title", $input->post("name")),
-        $input->post("description"),
-        identity::active_user()->id,
-        $input->post("slug"));
+    try {
+      $valid = $form->validate();
+      $album = ORM::factory("item");
+      $album->type = "album";
+      $album->parent_id = $parent_id;
+      $album->name = $form->add_album->inputs["name"]->value;
+      $album->title = $form->add_album->title->value ?
+        $form->add_album->title->value : $form->add_album->inputs["name"]->value;
+      $album->description = $form->add_album->description->value;
+      $album->slug = $form->add_album->slug->value;
+      $album->validate();
+    } catch (ORM_Validation_Exception $e) {
+      // Translate ORM validation errors into form error messages
+      foreach ($e->validation->errors() as $key => $error) {
+        $form->add_album->inputs[$key]->add_error($error, 1);
+      }
+      $valid = false;
+    }
 
+    if ($valid) {
+      $album->save();
       log::success("content", "Created an album",
-                   html::anchor("albums/$new_album->id", "view album"));
+                   html::anchor("albums/$album->id", "view album"));
       message::success(t("Created album %album_title",
-                         array("album_title" => html::purify($new_album->title))));
+                         array("album_title" => html::purify($album->title))));
 
-      print json_encode(
-        array("result" => "success",
-              "location" => $new_album->url()));
+      print json_encode(array("result" => "success", "location" => $album->url()));
     } else {
-      print json_encode(
-        array(
-          "result" => "error",
-          "form" => $form->__toString()));
+      print json_encode(array("result" => "error", "form" => (string) $form));
     }
   }
 
@@ -129,42 +135,27 @@ class Albums_Controller extends Items_Controller {
     access::required("edit", $album);
 
     $form = album::get_edit_form($album);
-    if ($valid = $form->validate()) {
-      if ($album->id != 1 &&
-          $form->edit_item->dirname->value != $album->name ||
-          $form->edit_item->slug->value != $album->slug) {
-        // Make sure that there's not a conflict
-        if ($row = db::build()
-            ->select(array("name", "slug"))
-            ->from("items")
-            ->where("parent_id", "=", $album->parent_id)
-            ->where("id", "<>", $album->id)
-            ->and_open()
-            ->where("name", "=", $form->edit_item->dirname->value)
-            ->or_where("slug", "=", $form->edit_item->slug->value)
-            ->close()
-            ->execute()
-            ->current()) {
-          if ($row->name == $form->edit_item->dirname->value) {
-            $form->edit_item->dirname->add_error("name_conflict", 1);
-          }
-          if ($row->slug == $form->edit_item->slug->value) {
-            $form->edit_item->slug->add_error("slug_conflict", 1);
-          }
-          $valid = false;
-        }
-      }
-    }
-
-    if ($valid) {
+    try {
+      $valid = $form->validate();
       $album->title = $form->edit_item->title->value;
       $album->description = $form->edit_item->description->value;
       $album->sort_column = $form->edit_item->sort_order->column->value;
       $album->sort_order = $form->edit_item->sort_order->direction->value;
-      if ($album->id != 1) {
-        $album->rename($form->edit_item->dirname->value);
-      }
+      $album->name = $form->edit_item->dirname->value;
       $album->slug = $form->edit_item->slug->value;
+      $album->validate();
+    } catch (ORM_Validation_Exception $e) {
+      // Translate ORM validation errors into form error messages
+      foreach ($e->validation->errors() as $key => $error) {
+        if ($key == "name") {
+          $key = "dirname";
+        }
+        $form->edit_item->inputs[$key]->add_error($error, 1);
+      }
+      $valid = false;
+    }
+
+    if ($valid) {
       $album->save();
       module::event("item_edit_form_completed", $album, $form);
 
@@ -180,9 +171,7 @@ class Albums_Controller extends Items_Controller {
         print json_encode(array("result" => "success"));
       }
     } else {
-      print json_encode(
-        array("result" => "error",
-              "form" => $form->__toString()));
+      print json_encode(array("result" => "error", "form" => (string) $form));
     }
   }
 
diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php
index 75ee6b9c..464db491 100644
--- a/modules/gallery/controllers/login.php
+++ b/modules/gallery/controllers/login.php
@@ -33,9 +33,7 @@ class Login_Controller extends Controller {
       print json_encode(
         array("result" => "success"));
     } else {
-      print json_encode(
-        array("result" => "error",
-              "form" => $form->__toString()));
+      print json_encode(array("result" => "error", "form" => (string) $form));
     }
   }
 
diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php
index 7a8e4d2a..0908e281 100644
--- a/modules/gallery/controllers/movies.php
+++ b/modules/gallery/controllers/movies.php
@@ -61,48 +61,25 @@ class Movies_Controller extends Items_Controller {
     access::required("edit", $movie);
 
     $form = movie::get_edit_form($movie);
-    $valid = $form->validate();
-
-    if ($valid) {
-      $new_ext = pathinfo($form->edit_item->filename->value, PATHINFO_EXTENSION);
-      $old_ext = pathinfo($movie->name, PATHINFO_EXTENSION);
-      if (strcasecmp($new_ext, $old_ext)) {
-        $form->edit_item->filename->add_error("illegal_extension", 1);
-        $valid = false;
-      }
-    }
-
-    if ($valid) {
-      if ($form->edit_item->filename->value != $movie->name ||
-          $form->edit_item->slug->value != $movie->slug) {
-        // Make sure that there's not a name or slug conflict
-        if ($row = db::build()
-            ->select(array("name", "slug"))
-            ->from("items")
-            ->where("parent_id", "=", $movie->parent_id)
-            ->where("id", "<>", $movie->id)
-            ->and_open()
-            ->where("name", "=", $form->edit_item->filename->value)
-            ->or_where("slug", "=", $form->edit_item->slug->value)
-            ->close()
-            ->execute()
-            ->current()) {
-          if ($row->name == $form->edit_item->filename->value) {
-            $form->edit_item->filename->add_error("name_conflict", 1);
-          }
-          if ($row->slug == $form->edit_item->slug->value) {
-            $form->edit_item->slug->add_error("slug_conflict", 1);
-          }
-          $valid = false;
+    try {
+      $valid = $form->validate();
+      $movie->title = $form->edit_item->title->value;
+      $movie->description = $form->edit_item->description->value;
+      $movie->slug = $form->edit_item->slug->value;
+      $movie->name = $form->edit_item->filename->value;
+      $movie->validate();
+    } catch (ORM_Validation_Exception $e) {
+      // Translate ORM validation errors into form error messages
+      foreach ($e->validation->errors() as $key => $error) {
+        if ($key == "name") {
+          $key = "filename";
         }
+        $form->edit_item->inputs[$key]->add_error($error, 1);
       }
+      $valid = false;
     }
 
     if ($valid) {
-      $movie->title = $form->edit_item->title->value;
-      $movie->description = $form->edit_item->description->value;
-      $movie->slug = $form->edit_item->slug->value;
-      $movie->rename($form->edit_item->filename->value);
       $movie->save();
       module::event("item_edit_form_completed", $movie, $form);
 
@@ -118,9 +95,7 @@ class Movies_Controller extends Items_Controller {
         print json_encode(array("result" => "success"));
       }
     } else {
-      print json_encode(
-        array("result" => "error",
-              "form" => $form->__toString()));
+      print json_encode(array("result" => "error", "form" => (string) $form));
     }
   }
 
diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php
index 56b454ce..98f2126d 100644
--- a/modules/gallery/controllers/photos.php
+++ b/modules/gallery/controllers/photos.php
@@ -61,48 +61,25 @@ class Photos_Controller extends Items_Controller {
     access::required("edit", $photo);
 
     $form = photo::get_edit_form($photo);
-    $valid = $form->validate();
-
-    if ($valid) {
-      $new_ext = pathinfo($form->edit_item->filename->value, PATHINFO_EXTENSION);
-      $old_ext = pathinfo($photo->name, PATHINFO_EXTENSION);
-      if (strcasecmp($new_ext, $old_ext)) {
-        $form->edit_item->filename->add_error("illegal_extension", 1);
-        $valid = false;
-      }
-    }
-
-    if ($valid) {
-      if ($form->edit_item->filename->value != $photo->name ||
-          $form->edit_item->slug->value != $photo->slug) {
-        // Make sure that there's not a name or slug conflict
-        if ($row = db::build()
-            ->select(array("name", "slug"))
-            ->from("items")
-            ->where("parent_id", "=", $photo->parent_id)
-            ->where("id", "<>", $photo->id)
-            ->and_open()
-            ->where("name", "=", $form->edit_item->filename->value)
-            ->or_where("slug", "=", $form->edit_item->slug->value)
-            ->close()
-            ->execute()
-            ->current()) {
-          if ($row->name == $form->edit_item->filename->value) {
-            $form->edit_item->filename->add_error("name_conflict", 1);
-          }
-          if ($row->slug == $form->edit_item->slug->value) {
-            $form->edit_item->slug->add_error("slug_conflict", 1);
-          }
-          $valid = false;
+    try {
+      $valid = $form->validate();
+      $photo->title = $form->edit_item->title->value;
+      $photo->description = $form->edit_item->description->value;
+      $photo->slug = $form->edit_item->slug->value;
+      $photo->name = $form->edit_item->filename->value;
+      $photo->validate();
+    } catch (ORM_Validation_Exception $e) {
+      // Translate ORM validation errors into form error messages
+      foreach ($e->validation->errors() as $key => $error) {
+        if ($key == "name") {
+          $key = "filename";
         }
+        $form->edit_item->inputs[$key]->add_error($error, 1);
       }
+      $valid = false;
     }
 
     if ($valid) {
-      $photo->title = $form->edit_item->title->value;
-      $photo->description = $form->edit_item->description->value;
-      $photo->slug = $form->edit_item->slug->value;
-      $photo->rename($form->edit_item->filename->value);
       $photo->save();
       module::event("item_edit_form_completed", $photo, $form);
 
@@ -118,9 +95,7 @@ class Photos_Controller extends Items_Controller {
         print json_encode(array("result" => "success"));
       }
     } else {
-      print json_encode(
-        array("result" => "error",
-              "form" => $form->__toString()));
+      print json_encode(array("result" => "error", "form" => (string) $form));
     }
   }
 
diff --git a/modules/gallery/controllers/simple_uploader.php b/modules/gallery/controllers/simple_uploader.php
index 5d32e35f..16d1d241 100644
--- a/modules/gallery/controllers/simple_uploader.php
+++ b/modules/gallery/controllers/simple_uploader.php
@@ -40,39 +40,52 @@ class Simple_Uploader_Controller extends Controller {
     access::required("add", $album);
     access::verify_csrf();
 
+    // The Flash uploader not call /start directly, so simulate it here for now.
+    if (!batch::in_progress()) {
+      batch::start();
+    }
+
+    $form = $this->_get_add_form($album);
+
+    // Uploadify adds its own field to the form, so validate that separately.
     $file_validation = new Validation($_FILES);
     $file_validation->add_rules(
       "Filedata", "upload::valid",  "upload::required", "upload::type[gif,jpg,jpeg,png,flv,mp4]");
-    if ($file_validation->validate()) {
-      // SimpleUploader.swf does not yet call /start directly, so simulate it here for now.
-      if (!batch::in_progress()) {
-        batch::start();
-      }
 
+    if ($form->validate() && $file_validation->validate()) {
       $temp_filename = upload::save("Filedata");
       try {
-        $name = substr(basename($temp_filename), 10);  // Skip unique identifier Kohana adds
-        $title = item::convert_filename_to_title($name);
+        $item = ORM::factory("item");
+        $item->name = substr(basename($temp_filename), 10);  // Skip unique identifier Kohana adds
+        $item->title = item::convert_filename_to_title($item->name);
+        $item->parent_id = $album->id;
+        $item->set_data_file($temp_filename);
+
         $path_info = @pathinfo($temp_filename);
         if (array_key_exists("extension", $path_info) &&
             in_array(strtolower($path_info["extension"]), array("flv", "mp4"))) {
-          $item = movie::create($album, $temp_filename, $name, $title);
+          $item->type = "movie";
+          $item->save();
           log::success("content", t("Added a movie"),
                        html::anchor("movies/$item->id", t("view movie")));
         } else {
-          $item = photo::create($album, $temp_filename, $name, $title);
+          $item->type = "photo";
+          $item->save();
           log::success("content", t("Added a photo"),
                        html::anchor("photos/$item->id", t("view photo")));
         }
 
-        // We currently have no way of showing errors if validation fails, so only call our event
-        // handlers if validation passes.
-        $form = $this->_get_add_form($album);
-        if ($form->validate()) {
-          module::event("add_photos_form_completed", $item, $form);
-        }
+        module::event("add_photos_form_completed", $item, $form);
       } catch (Exception $e) {
-        Kohana_Log::add("alert", $e->__toString());
+        // The Flash uploader has no good way of reporting complex errors, so just keep it simple.
+        Kohana_Log::add("error", $e->getMessage() . "\n" . $e->getTraceAsString());
+
+        // Ugh.  I hate to use instanceof, But this beats catching the exception separately since
+        // we mostly want to treat it the same way as all other exceptions
+        if ($e instanceof ORM_Validation_Exception) {
+          Kohana_Log::add("error", "Validation errors: " . print_r($e->validation->errors(), 1));
+        }
+
         if (file_exists($temp_filename)) {
           unlink($temp_filename);
         }
@@ -84,7 +97,7 @@ class Simple_Uploader_Controller extends Controller {
       print "FILEID: $item->id";
     } else {
       header("HTTP/1.1 400 Bad Request");
-      print "ERROR: " . t("Invalid Upload");
+      print "ERROR: " . t("Invalid upload");
     }
   }