9 files changed, 72 insertions, 62 deletions

diff --git a/modules/gallery/helpers/MY_remote.php b/modules/gallery/helpers/MY_remote.php
index 3e13ba8d..05341330 100644
--- a/modules/gallery/helpers/MY_remote.php
+++ b/modules/gallery/helpers/MY_remote.php
@@ -63,6 +63,9 @@ class remote extends remote_Core {
    * WebHelper_simple::_parseLocation logic.
    */
   static function do_request($url, $method='GET', $headers=array(), $body='') {
+    if (!array_key_exists("User-Agent", $headers)) {
+      $headers["User-Agent"] = "Gallery3";
+    }
     /* Convert illegal characters */
     $url = str_replace(' ', '%20', $url);
 
diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php
index 52a36298..1a448e4a 100644
--- a/modules/gallery/helpers/access.php
+++ b/modules/gallery/helpers/access.php
@@ -727,8 +727,18 @@ class access_Core {
         fclose($fp);
       }
 
-      list ($response) = remote::do_request(url::abs_file("var/security_test/verify"));
-      $works = $response == "HTTP/1.1 200 OK";
+      // Proxy our authorization headers so that if the entire Gallery is covered by Basic Auth
+      // this callback will still work.
+      $headers = array();
+      if (function_exists("apache_request_headers")) {
+        $arh = apache_request_headers();
+        if (!empty($arh["Authorization"])) {
+          $headers["Authorization"] = $arh["Authorization"];
+        }
+      }
+      list ($status, $headers, $body) =
+        remote::do_request(url::abs_file("var/security_test/verify"), "GET", $headers);
+      $works = ($status == "HTTP/1.1 200 OK") && ($body == "success");
     } catch (Exception $e) {
       @dir::unlink(VARPATH . "security_test");
       throw $e;
diff --git a/modules/gallery/helpers/data_rest.php b/modules/gallery/helpers/data_rest.php
index 98c98894..791de9c0 100644
--- a/modules/gallery/helpers/data_rest.php
+++ b/modules/gallery/helpers/data_rest.php
@@ -72,7 +72,12 @@ class data_rest_Core {
       header("Content-Type: {$item->mime_type}");
     }
     Kohana::close_buffers(false);
-    readfile($file);
+
+    if (isset($p->encoding) && $p->encoding == "base64") {
+      print base64_encode(file_get_contents($file));
+    } else {
+      readfile($file);
+    }
 
     // We must exit here to keep the regular REST framework reply code from adding more bytes on
     // at the end or tinkering with headers.
diff --git a/modules/gallery/helpers/gallery.php b/modules/gallery/helpers/gallery.php
index ca8c92c9..b016f436 100644
--- a/modules/gallery/helpers/gallery.php
+++ b/modules/gallery/helpers/gallery.php
@@ -18,13 +18,17 @@
  * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
  */
 class gallery_Core {
-  const VERSION = "3.0 RC2 (Santa Fe)";
+  const VERSION = "3.0 (Santa Fe)";
 
   /**
    * If Gallery is in maintenance mode, then force all non-admins to get routed to a "This site is
    * down for maintenance" page.
    */
   static function maintenance_mode() {
+    // @todo: we need a mechanism here to identify controllers that are still legally accessible
+    // when the entire Gallery is in maintenance mode.  Perhaps a controller class function or
+    // method?
+    // https://sourceforge.net/apps/trac/gallery/ticket/1411
     if (Router::$controller != "login" &&
         Router::$controller != "combined" &&
         module::get_var("gallery", "maintenance_mode", 0) &&
@@ -41,8 +45,12 @@ class gallery_Core {
    * the login page.
    */
   static function private_gallery() {
+    // @todo: we need a mechanism here to identify controllers that are still legally accessible
+    // when the entire Gallery is private.  Perhaps a controller class function or method?
+    // https://sourceforge.net/apps/trac/gallery/ticket/1411
     if (Router::$controller != "login" &&
         Router::$controller != "combined" &&
+        Router::$controller != "digibug" &&
         identity::active_user()->guest &&
         !access::user_can(identity::guest(), "view", item::root()) &&
         php_sapi_name() != "cli") {
@@ -140,4 +148,17 @@ class gallery_Core {
     return $file_name;
   }
 
+  /**
+   * Set the PATH environment variable to the paths specified.
+   * @param  array   Array of paths.  Each array entry can contain a colon separated list of paths.
+   */
+  static function set_path_env($paths) {
+    $path_env = array();
+    foreach ($paths as $path) {
+      if ($path) {
+        array_push($path_env, $path);
+      }
+    }
+    putenv("PATH=" .  implode(":", $path_env));
+  }
 }
\ No newline at end of file
diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php
index 83961d6b..3d82bc69 100644
--- a/modules/gallery/helpers/gallery_installer.php
+++ b/modules/gallery/helpers/gallery_installer.php
@@ -309,7 +309,7 @@ class gallery_installer {
     module::set_var("gallery", "show_user_profiles_to", "registered_users");
     module::set_var("gallery", "extra_binary_paths", "/usr/local/bin:/opt/local/bin:/opt/bin");
 
-    module::set_version("gallery", 40);
+    module::set_version("gallery", 41);
   }
 
   static function upgrade($version) {
@@ -637,6 +637,11 @@ class gallery_installer {
       module::set_var("gallery", "extra_binary_paths", "/usr/local/bin:/opt/local/bin:/opt/bin");
       module::set_version("gallery", $version = 40);
     }
+
+    if ($version == 40) {
+      module::clear_var("gallery", "_cache");
+      module::set_version("gallery", $version = 41);
+    }
   }
 
   static function uninstall() {
diff --git a/modules/gallery/helpers/gallery_task.php b/modules/gallery/helpers/gallery_task.php
index 3b173928..d56edabb 100644
--- a/modules/gallery/helpers/gallery_task.php
+++ b/modules/gallery/helpers/gallery_task.php
@@ -84,6 +84,13 @@ class gallery_task_Core {
       $ignored = $task->get("ignored", array());
 
       $i = 0;
+
+      // If there's no work left to do, skip to the end.  This can happen if we resume a task long
+      // after the work got done in some other task.
+      if (!$result->count()) {
+        $completed = $total_count;
+      }
+
       foreach ($result as $row) {
         if (array_key_exists($row->id, $ignored)) {
           continue;
diff --git a/modules/gallery/helpers/graphics.php b/modules/gallery/helpers/graphics.php
index 2868a28d..dd521d84 100644
--- a/modules/gallery/helpers/graphics.php
+++ b/modules/gallery/helpers/graphics.php
@@ -313,11 +313,10 @@ class graphics_Core {
       $toolkits->graphicsmagick->installed = false;
       $toolkits->graphicsmagick->error = t("GraphicsMagick requires the <b>exec</b> function");
     } else {
-      $graphics_path = module::get_var("gallery", "graphics_toolkit_path", null);
-      $extra_binary_paths = module::get_var("gallery", "extra_binary_paths", null);
-
-      putenv("PATH=" . getenv("PATH") . (empty($graphics_path) ? "" : ":$graphics_path") .
-             ":" . $extra_binary_paths);
+      gallery::set_path_env(
+        array(module::get_var("gallery", "graphics_toolkit_path"),
+              getenv("PATH"),
+              module::get_var("gallery", "extra_binary_paths")));
 
       // @todo: consider refactoring the two segments below into a loop since they are so
       // similar.
diff --git a/modules/gallery/helpers/module.php b/modules/gallery/helpers/module.php
index 7863520e..64d0d1d6 100644
--- a/modules/gallery/helpers/module.php
+++ b/modules/gallery/helpers/module.php
@@ -425,48 +425,21 @@ class module_Core {
    * @return the value
    */
   static function get_var($module_name, $name, $default_value=null) {
-    // We cache all vars in gallery._cache so that we can load all vars at once for
-    // performance.
+    // We cache vars so we can load them all at once for performance.
     if (empty(self::$var_cache)) {
-      $row = db::build()
-        ->select("value")
-        ->from("vars")
-        ->where("module_name", "=", "gallery")
-        ->where("name", "=", "_cache")
-        ->execute()
-        ->current();
-      if ($row) {
-        self::$var_cache = unserialize($row->value);
-      } else {
-        // gallery._cache doesn't exist.  Create it now.
+      self::$var_cache = Cache::instance()->get("var_cache");
+      if (empty(self::$var_cache)) {
+        // Cache doesn't exist, create it now.
         foreach (db::build()
                  ->select("module_name", "name", "value")
                  ->from("vars")
                  ->order_by("module_name")
                  ->order_by("name")
                  ->execute() as $row) {
-          if ($row->module_name == "gallery" && $row->name == "_cache") {
-            // This could happen if there's a race condition
-            continue;
-          }
           // Mute the "Creating default object from empty value" warning below
           @self::$var_cache->{$row->module_name}->{$row->name} = $row->value;
         }
-        $cache = ORM::factory("var");
-        $cache->module_name = "gallery";
-        $cache->name = "_cache";
-        $cache->value = serialize(self::$var_cache);
-        try {
-          $cache->save();
-        } catch (Database_Exception $e) {
-          // There's a potential race condition here.  Don't fail if that happens because it's
-          // bound to be transient and not a huge deal, but at least put something in the logs.
-          if (stristr($e->getMessage(), "duplicate entry")) {
-            Kohana_Log::add("error", "Failed to cache vars");
-          } else {
-            throw $e;
-          }
-        }
+        Cache::instance()->set("var_cache", self::$var_cache, array("vars"));
       }
     }
 
@@ -495,11 +468,7 @@ class module_Core {
     $var->value = $value;
     $var->save();
 
-    db::build()
-      ->delete("vars")
-      ->where("module_name", "=", "gallery")
-      ->where("name", "=", "_cache")
-      ->execute();
+    Cache::instance()->delete("var_cache");
     self::$var_cache = null;
  }
 
@@ -524,11 +493,7 @@ class module_Core {
       ->where("name", "=", $name)
       ->execute();
 
-    db::build()
-      ->delete("vars")
-      ->where("module_name", "=", "gallery")
-      ->where("name", "=", "_cache")
-      ->execute();
+    Cache::instance()->delete("var_cache");
     self::$var_cache = null;
   }
 
@@ -546,11 +511,7 @@ class module_Core {
       $var->delete();
     }
 
-    db::build()
-      ->delete("vars")
-      ->where("module_name", "=", "gallery")
-      ->where("name", "=", "_cache")
-      ->execute();
+    Cache::instance()->delete("var_cache");
     self::$var_cache = null;
   }
 
diff --git a/modules/gallery/helpers/movie.php b/modules/gallery/helpers/movie.php
index 50339541..78358b6b 100644
--- a/modules/gallery/helpers/movie.php
+++ b/modules/gallery/helpers/movie.php
@@ -85,11 +85,10 @@ class movie_Core {
 
   static function find_ffmpeg() {
     if (!($ffmpeg_path = module::get_var("gallery", "ffmpeg_path")) || !file_exists($ffmpeg_path)) {
-      $graphics_path = module::get_var("gallery", "graphics_toolkit_path", null);
-      $extra_binary_paths = module::get_var("gallery", "extra_binary_paths", null);
-
-      putenv("PATH=" . getenv("PATH") . (empty($graphics_path) ? "" : ":$graphics_path") .
-             ":" . $extra_binary_paths);
+      gallery::set_path_env(
+        array(module::get_var("gallery", "graphics_toolkit_path"),
+              getenv("PATH"),
+              module::get_var("gallery", "extra_binary_paths")));
       if (function_exists("exec")) {
         $ffmpeg_path = exec("which ffmpeg");
       }