diff options
Diffstat (limited to 'modules/gallery/libraries')
| -rw-r--r-- | modules/gallery/libraries/Form_Uploadify.php | 2 | ||||
| -rw-r--r-- | modules/gallery/libraries/Gallery_View.php | 6 | ||||
| -rw-r--r-- | modules/gallery/libraries/MY_Database.php | 13 | ||||
| -rw-r--r-- | modules/gallery/libraries/ORM_MPTT.php | 5 | ||||
| -rw-r--r-- | modules/gallery/libraries/Theme_View.php | 6 | ||||
| -rw-r--r-- | modules/gallery/libraries/drivers/Cache/Database.php | 4 |
6 files changed, 29 insertions, 7 deletions
diff --git a/modules/gallery/libraries/Form_Uploadify.php b/modules/gallery/libraries/Form_Uploadify.php index 56793c69..1e58018d 100644 --- a/modules/gallery/libraries/Form_Uploadify.php +++ b/modules/gallery/libraries/Form_Uploadify.php @@ -46,7 +46,7 @@ class Form_Uploadify_Core extends Form_Input { $v->album = $this->data["album"]; $v->script_data = $this->data["script_data"]; $v->simultaneous_upload_limit = module::get_var("gallery", "simultaneous_upload_limit"); - $v->movies_allowed = (bool) movie::find_ffmpeg(); + $v->movies_allowed = movie::allow_uploads(); $v->extensions = legal_file::get_filters(); $v->suhosin_session_encrypt = (bool) ini_get("suhosin.session.encrypt"); diff --git a/modules/gallery/libraries/Gallery_View.php b/modules/gallery/libraries/Gallery_View.php index 64fea0ad..8f02b53c 100644 --- a/modules/gallery/libraries/Gallery_View.php +++ b/modules/gallery/libraries/Gallery_View.php @@ -82,8 +82,10 @@ class Gallery_View_Core extends View { * @param $types a comma separated list of types to combine, eg "script,css" */ public function start_combining($types) { - foreach (explode(",", $types) as $type) { - $this->combine_queue[$type] = array(); + if (gallery::allow_css_and_js_combining()) { + foreach (explode(",", $types) as $type) { + $this->combine_queue[$type] = array(); + } } } diff --git a/modules/gallery/libraries/MY_Database.php b/modules/gallery/libraries/MY_Database.php index 604b6484..33759b67 100644 --- a/modules/gallery/libraries/MY_Database.php +++ b/modules/gallery/libraries/MY_Database.php @@ -32,6 +32,9 @@ abstract class Database extends Database_Core { $config["connection"]["params"] = null; } parent::__construct($config); + if (gallery::show_profiler()) { + $this->config['benchmark'] = true; + } } /** @@ -85,4 +88,14 @@ abstract class Database extends Database_Core { static function set_default_instance($db) { self::$instances["default"] = $db; } + + /** + * Escape LIKE queries, add wildcards. In MySQL queries using LIKE, _ and % characters are + * treated as wildcards similar to ? and *, respectively. Therefore, we need to escape _, %, + * and \ (the escape character itself). + */ + static function escape_for_like($value) { + // backslash must go first to avoid double-escaping + return addcslashes($value, '\_%'); + } }
\ No newline at end of file diff --git a/modules/gallery/libraries/ORM_MPTT.php b/modules/gallery/libraries/ORM_MPTT.php index ada8bfad..0ad81331 100644 --- a/modules/gallery/libraries/ORM_MPTT.php +++ b/modules/gallery/libraries/ORM_MPTT.php @@ -152,8 +152,9 @@ class ORM_MPTT_Core extends ORM { * * @return array ORM */ - function parents() { + function parents($where=null) { return $this + ->merge_where($where) ->where("left_ptr", "<=", $this->left_ptr) ->where("right_ptr", ">=", $this->right_ptr) ->where("id", "<>", $this->id) @@ -324,7 +325,7 @@ class ORM_MPTT_Core extends ORM { * Lock the tree to prevent concurrent modification. */ protected function lock() { - $timeout = module::get_var("gallery", "lock_timeout"); + $timeout = module::get_var("gallery", "lock_timeout", 1); $result = $this->db->query("SELECT GET_LOCK('{$this->table_name}', $timeout) AS l")->current(); if (empty($result->l)) { throw new Exception("@todo UNABLE_TO_LOCK_EXCEPTION"); diff --git a/modules/gallery/libraries/Theme_View.php b/modules/gallery/libraries/Theme_View.php index 8d69f23b..986fc8a2 100644 --- a/modules/gallery/libraries/Theme_View.php +++ b/modules/gallery/libraries/Theme_View.php @@ -86,6 +86,12 @@ class Theme_View_Core extends Gallery_View { return $this->item; } + public function siblings($limit=null, $offset=null) { + return call_user_func_array( + $this->siblings_callback[0], + array_merge($this->siblings_callback[1], array($offset, $limit))); + } + public function tag() { return $this->tag; } diff --git a/modules/gallery/libraries/drivers/Cache/Database.php b/modules/gallery/libraries/drivers/Cache/Database.php index a7aae92c..8790d0e1 100644 --- a/modules/gallery/libraries/drivers/Cache/Database.php +++ b/modules/gallery/libraries/drivers/Cache/Database.php @@ -69,7 +69,7 @@ class Cache_Database_Driver extends Cache_Driver { ->select() ->from("caches"); foreach ($tags as $tag) { - $db->where("tags", "LIKE", "%<$tag>%"); + $db->where("tags", "LIKE", "%" . Database::escape_for_like("<$tag>") . "%"); } $db_result = $db->execute(); @@ -139,7 +139,7 @@ class Cache_Database_Driver extends Cache_Driver { // Delete all caches } else if ($is_tag === true) { foreach ($keys as $tag) { - $db->where("tags", "LIKE", "%<$tag>%"); + $db->where("tags", "LIKE", "%" . Database::escape_for_like("<$tag>") . "%"); } } else { $db->where("key", "IN", $keys); |