diff options
Diffstat (limited to 'modules/gallery/tests')
18 files changed, 1340 insertions, 752 deletions
diff --git a/modules/gallery/tests/Access_Helper_Test.php b/modules/gallery/tests/Access_Helper_Test.php index d71bf971..59cec453 100644 --- a/modules/gallery/tests/Access_Helper_Test.php +++ b/modules/gallery/tests/Access_Helper_Test.php @@ -64,6 +64,43 @@ class Access_Helper_Test extends Unit_Test_Case { $this->assert_false(array_key_exists("access_test_{$group->id}", $fields)); } + public function user_can_access_test() { + $access_test = group::create("access_test"); + + $root = ORM::factory("item", 1); + access::allow($access_test, "view", $root); + + $item = album::create($root, rand(), "test album"); + + access::deny(group::everybody(), "view", $item); + access::deny(group::registered_users(), "view", $item); + + $user = user::create("access_test", "Access Test", ""); + foreach ($user->groups as $group) { + $user->remove($group); + } + $user->add($access_test); + $user->save(); + + $this->assert_true(access::user_can($user, "view", $item), "Should be able to view"); + } + + public function user_can_no_access_test() { + $root = ORM::factory("item", 1); + $item = album::create($root, rand(), "test album"); + + access::deny(group::everybody(), "view", $item); + access::deny(group::registered_users(), "view", $item); + + $user = user::create("access_test", "Access Test", ""); + foreach ($user->groups as $group) { + $user->remove($group); + } + $user->save(); + + $this->assert_false(access::user_can($user, "view", $item), "Should be unable to view"); + } + public function adding_and_removing_items_adds_ands_removes_rows_test() { $root = ORM::factory("item", 1); $item = album::create($root, rand(), "test album"); @@ -324,4 +361,40 @@ class Access_Helper_Test extends Unit_Test_Case { $this->assert_false(file_exists($album->resize_path() . "/.htaccess")); $this->assert_false(file_exists($album->thumb_path() . "/.htaccess")); } + + public function moved_items_inherit_new_permissions_test() { + user::set_active(user::lookup_by_name("admin")); + + $root = ORM::factory("item", 1); + $public_album = album::create($root, rand(), "public album"); + $public_photo = photo::create($public_album, MODPATH . "gallery/images/gallery.png", "", ""); + access::allow(group::everybody(), "view", $public_album); + + $root->reload(); // Account for MPTT changes + + $private_album = album::create($root, rand(), "private album"); + access::deny(group::everybody(), "view", $private_album); + $private_photo = photo::create($private_album, MODPATH . "gallery/images/gallery.png", "", ""); + + // Make sure that we now have a public photo and private photo. + $this->assert_true(access::group_can(group::everybody(), "view", $public_photo)); + $this->assert_false(access::group_can(group::everybody(), "view", $private_photo)); + + // Swap the photos + item::move($public_photo, $private_album); + $private_album->reload(); // Reload to get new MPTT pointers and cached perms. + $public_album->reload(); + $private_photo->reload(); + $public_photo->reload(); + + item::move($private_photo, $public_album); + $private_album->reload(); // Reload to get new MPTT pointers and cached perms. + $public_album->reload(); + $private_photo->reload(); + $public_photo->reload(); + + // Make sure that the public_photo is now private, and the private_photo is now public. + $this->assert_false(access::group_can(group::everybody(), "view", $public_photo)); + $this->assert_true(access::group_can(group::everybody(), "view", $private_photo)); + } } diff --git a/modules/gallery/tests/Albums_Controller_Test.php b/modules/gallery/tests/Albums_Controller_Test.php index 7674e85f..d65946c7 100644 --- a/modules/gallery/tests/Albums_Controller_Test.php +++ b/modules/gallery/tests/Albums_Controller_Test.php @@ -52,7 +52,7 @@ class Albums_Controller_Test extends Unit_Test_Case { ob_end_clean(); $this->assert_equal( - json_encode(array("result" => "success", "location" => "http://./index.php/test")), + json_encode(array("result" => "success")), $results); $this->assert_equal("new title", $this->_album->title); $this->assert_equal("new description", $this->_album->description); diff --git a/modules/gallery/tests/Database_Test.php b/modules/gallery/tests/Database_Test.php index bd3d2f53..d83212ad 100644 --- a/modules/gallery/tests/Database_Test.php +++ b/modules/gallery/tests/Database_Test.php @@ -103,15 +103,15 @@ class Database_Test extends Unit_Test_Case { $sql = "UPDATE {test_tables} SET `name` = '{test string}' " . "WHERE `item_id` IN " . " (SELECT `id` FROM {items} " . - " WHERE `left` >= 1 " . - " AND `right` <= 6)"; + " WHERE `left_ptr` >= 1 " . + " AND `right_ptr` <= 6)"; $sql = $db->add_table_prefixes($sql); $expected = "UPDATE g3test_test_tables SET `name` = '{test string}' " . "WHERE `item_id` IN " . " (SELECT `id` FROM g3test_items " . - " WHERE `left` >= 1 " . - " AND `right` <= 6)"; + " WHERE `left_ptr` >= 1 " . + " AND `right_ptr` <= 6)"; $this->assert_same($expected, $sql); } diff --git a/modules/gallery/tests/DrawForm_Test.php b/modules/gallery/tests/DrawForm_Test.php index 2c5aaba4..dde54257 100644 --- a/modules/gallery/tests/DrawForm_Test.php +++ b/modules/gallery/tests/DrawForm_Test.php @@ -80,5 +80,44 @@ class DrawForm_Test extends Unit_Test_Case { $this->assert_same($expected, $rendered); } + function form_script_test() { + $form = new Forge("test/controller", "", "post", array("id" => "gTestGroupForm")); + $group = $form->group("test_group")->label(t("Test Group")); + $group->input("title")->label(t("Title")); + $group->textarea("description")->label(t("Text Area")); + $form->script("") + ->url(url::file("test.js")) + ->text("alert('Test Javascript');"); + $group->submit("")->value(t("Submit")); + $rendered = $form->__toString(); + + $expected = "<form action=\"http://./index.php/test/controller\" method=\"post\" " . + "id=\"gTestGroupForm\">\n" . + "<input type=\"hidden\" name=\"csrf\" value=\"" . access::csrf_token() . "\" />\n" . + " <fieldset>\n" . + " <legend>Test Group</legend>\n" . + " <ul>\n" . + " <li>\n" . + " <label for=\"title\" >Title</label>\n" . + " <input type=\"text\" id=\"title\" name=\"title\" value=\"\" " . + "class=\"textbox\" />\n" . + " </li>\n" . + " <li>\n" . + " <label for=\"description\" >Text Area</label>\n" . + " <textarea id=\"description\" name=\"description\" " . + "class=\"textarea\" ></textarea>\n" . + " </li>\n" . + " <li>\n" . + " <input type=\"submit\" value=\"Submit\" class=\"submit\" />\n" . + " </li>\n" . + " </ul>\n" . + " </fieldset>\n" . + "<script type=\"text/javascript\" src=\"http://./test.js\"></script>\n\n" . + "<script type=\"text/javascript\">\n" . + "alert('Test Javascript');\n" . + "</script>\n" . + "</form>\n"; + $this->assert_same($expected, $rendered); + } } diff --git a/modules/gallery/tests/File_Structure_Test.php b/modules/gallery/tests/File_Structure_Test.php index 8a97e00b..9018f4c6 100644 --- a/modules/gallery/tests/File_Structure_Test.php +++ b/modules/gallery/tests/File_Structure_Test.php @@ -177,10 +177,20 @@ class File_Structure_Test extends Unit_Test_Case { new GalleryCodeFilterIterator( new RecursiveIteratorIterator( new RecursiveDirectoryIterator(DOCROOT)))); + $errors = array(); foreach ($dir as $file) { - $this->assert_false( - preg_match('/\t/', file_get_contents($file)), - "{$file->getPathname()} has tabs in it"); + $file_as_string = file_get_contents($file); + if (preg_match('/\t/', $file_as_string)) { + foreach (split("\n", $file_as_string) as $l => $line) { + if (preg_match('/\t/', $line)) { + $errors[] = "$file:$l has tab(s) ($line)"; + } + } + } + $file_as_string = null; + } + if ($errors) { + $this->assert_false(true, "tab(s) found:\n" . join("\n", $errors)); } } diff --git a/modules/gallery/tests/Gallery_Installer_Test.php b/modules/gallery/tests/Gallery_Installer_Test.php index 27157d6e..36ced2bb 100644 --- a/modules/gallery/tests/Gallery_Installer_Test.php +++ b/modules/gallery/tests/Gallery_Installer_Test.php @@ -34,13 +34,13 @@ class Gallery_Installer_Test extends Unit_Test_Case { } public function install_creates_root_item_test() { - $max_right = ORM::factory("item") - ->select("MAX(`right`) AS `right`") - ->find()->right; + $max_right_ptr = ORM::factory("item") + ->select("MAX(`right_ptr`) AS `right_ptr`") + ->find()->right_ptr; $root = ORM::factory('item')->find(1); $this->assert_equal("Gallery", $root->title); - $this->assert_equal(1, $root->left); - $this->assert_equal($max_right, $root->right); + $this->assert_equal(1, $root->left_ptr); + $this->assert_equal($max_right_ptr, $root->right_ptr); $this->assert_equal(null, $root->parent_id); $this->assert_equal(1, $root->level); } diff --git a/modules/gallery/tests/Html_Helper_Test.php b/modules/gallery/tests/Html_Helper_Test.php new file mode 100644 index 00000000..1662b866 --- /dev/null +++ b/modules/gallery/tests/Html_Helper_Test.php @@ -0,0 +1,57 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Html_Helper_Test extends Unit_Test_Case { + public function clean_test() { + $safe_string = html::clean("hello <p >world</p>"); + $this->assert_equal("hello <p >world</p>", + $safe_string); + $this->assert_true($safe_string instanceof SafeString); + } + + public function purify_test() { + $safe_string = html::purify("hello <p >world</p>"); + $expected = method_exists("purifier", "purify") + ? "hello <p>world</p>" + : "hello <p >world</p>"; + $this->assert_equal($expected, $safe_string->unescaped()); + $this->assert_true($safe_string instanceof SafeString); + } + + public function mark_clean_test() { + $safe_string = html::mark_clean("hello <p >world</p>"); + $this->assert_true($safe_string instanceof SafeString); + $safe_string_2 = html::clean($safe_string); + $this->assert_equal("hello <p >world</p>", + $safe_string_2); + } + + public function js_string_test() { + $string = html::js_string("hello's <p >world</p>"); + $this->assert_equal('"hello\'s <p >world<\\/p>"', + $string); + } + + public function clean_attribute_test() { + $safe_string = SafeString::of_safe_html("hello's <p >world</p>"); + $safe_string = html::clean_attribute($safe_string); + $this->assert_equal("hello's <p >world</p>", + $safe_string); + } +}
\ No newline at end of file diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php new file mode 100644 index 00000000..33fcdb73 --- /dev/null +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -0,0 +1,70 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Item_Helper_Test extends Unit_Test_Case { + + public function viewable_test() { + $root = ORM::factory("item", 1); + $album = album::create($root, rand(), rand(), rand()); + $item = self::_create_random_item($album); + user::set_active(user::guest()); + + // We can see the item when permissions are granted + access::allow(group::everybody(), "view", $album); + $this->assert_equal( + 1, + ORM::factory("item")->viewable()->where("id", $item->id)->count_all()); + + // We can't see the item when permissions are denied + access::deny(group::everybody(), "view", $album); + $this->assert_equal( + 0, + ORM::factory("item")->viewable()->where("id", $item->id)->count_all()); + } + + public function validate_url_safe_test() { + $input = new MockInput(); + $input->value = "Ab_cd-ef-d9"; + item::validate_url_safe($input); + $this->assert_true(!isset($input->not_url_safe)); + + $input->value = "ab&cd"; + item::validate_url_safe($input); + $this->assert_equal(1, $input->not_url_safe); + } + + public function convert_filename_to_slug_test() { + $this->assert_equal("foo", item::convert_filename_to_slug("{[foo]}")); + $this->assert_equal("foo-bar", item::convert_filename_to_slug("{[foo!@#!$@#^$@($!(@bar]}")); + } + + private static function _create_random_item($album) { + // Set all required fields (values are irrelevant) + $item = ORM::factory("item"); + $item->name = rand(); + $item->type = "photo"; + return $item->add_to_parent($album); + } +} + +class MockInput { + function add_error($error, $value) { + $this->$error = $value; + } +}
\ No newline at end of file diff --git a/modules/gallery/tests/Item_Model_Test.php b/modules/gallery/tests/Item_Model_Test.php index 615b8997..84210e4c 100644 --- a/modules/gallery/tests/Item_Model_Test.php +++ b/modules/gallery/tests/Item_Model_Test.php @@ -19,12 +19,12 @@ */ class Item_Model_Test extends Unit_Test_Case { public function saving_sets_created_and_updated_dates_test() { - $item = self::create_random_item(); + $item = self::_create_random_item(); $this->assert_true(!empty($item->created)); $this->assert_true(!empty($item->updated)); } - private function create_random_item() { + private static function _create_random_item() { $item = ORM::factory("item"); /* Set all required fields (values are irrelevant) */ $item->name = rand(); @@ -33,7 +33,7 @@ class Item_Model_Test extends Unit_Test_Case { } public function updating_doesnt_change_created_date_test() { - $item = self::create_random_item(); + $item = self::_create_random_item(); // Force the creation date to something well known $db = Database::instance(); @@ -47,7 +47,7 @@ class Item_Model_Test extends Unit_Test_Case { } public function updating_view_count_only_doesnt_change_updated_date_test() { - $item = self::create_random_item(); + $item = self::_create_random_item(); $item->reload(); $this->assert_same(0, $item->view_count); @@ -64,7 +64,7 @@ class Item_Model_Test extends Unit_Test_Case { public function move_photo_test() { // Create a test photo - $item = self::create_random_item(); + $item = self::_create_random_item(); file_put_contents($item->thumb_path(), "thumb"); file_put_contents($item->resize_path(), "resize"); @@ -128,7 +128,7 @@ class Item_Model_Test extends Unit_Test_Case { public function item_rename_wont_accept_slash_test() { // Create a test photo - $item = self::create_random_item(); + $item = self::_create_random_item(); $new_name = rand() . "/"; @@ -140,4 +140,24 @@ class Item_Model_Test extends Unit_Test_Case { } $this->assert_false(true, "Item_Model::rename should not accept / characters"); } + + public function save_original_values_test() { + $item = self::_create_random_item(); + $item->title = "ORIGINAL_VALUE"; + $item->save(); + $item->title = "NEW_VALUE"; + + $this->assert_same("ORIGINAL_VALUE", $item->original()->title); + $this->assert_same("NEW_VALUE", $item->title); + } + + public function urls_are_rawurlencoded_test() { + $item = self::_create_random_item(); + $item->slug = "foo bar"; + $item->name = "foo bar.jpg"; + $item->save(); + + $this->assert_equal("foo%20bar", $item->relative_url()); + $this->assert_equal("foo%20bar.jpg", $item->relative_path()); + } } diff --git a/modules/gallery/tests/Locales_Helper_Test.php b/modules/gallery/tests/Locales_Helper_Test.php new file mode 100644 index 00000000..85b8e206 --- /dev/null +++ b/modules/gallery/tests/Locales_Helper_Test.php @@ -0,0 +1,86 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Locales_Helper_Test extends Unit_Test_Case { + static $installed_locales; + static $default_locale; + + public function setup() { + self::$installed_locales = locales::installed(); + self::$default_locale = module::get_var("gallery", "default_locale"); + locales::update_installed(array_keys(locales::available())); + module::set_var("gallery", "default_locale", "no_NO"); + } + + public function teardown() { + locales::update_installed(array_keys(self::$installed_locales)); + module::set_var("gallery", "default_locale", self::$default_locale); + } + + public function locale_from_http_request_test() { + $_SERVER["HTTP_ACCEPT_LANGUAGE"] = "de-de"; + $locale = locales::locale_from_http_request(); + $this->assert_equal("de_DE", $locale); + } + + public function locale_from_http_request_fallback_test() { + $_SERVER["HTTP_ACCEPT_LANGUAGE"] = "de"; + $locale = locales::locale_from_http_request(); + $this->assert_equal("de_DE", $locale); + } + + public function locale_from_http_request_by_qvalue_test() { + $_SERVER["HTTP_ACCEPT_LANGUAGE"] = "de-de;q=0.8,fr-fr;q=0.9"; + $locale = locales::locale_from_http_request(); + $this->assert_equal("fr_FR", $locale); + } + + public function locale_from_http_request_default_qvalue_test() { + $_SERVER["HTTP_ACCEPT_LANGUAGE"] = "de-de;q=0.8,it-it,fr-fr;q=0.9"; + $locale = locales::locale_from_http_request(); + $this->assert_equal("it_IT", $locale); + } + + public function locale_from_http_request_lang_fallback_qvalue_adjustment_test() { + $_SERVER["HTTP_ACCEPT_LANGUAGE"] = ",fr-fr;q=0.4,de-ch;q=0.8"; + $locale = locales::locale_from_http_request(); + $this->assert_equal("de_DE", $locale); + } + + public function locale_from_http_request_best_match_vs_installed_test() { + locales::update_installed(array("no_NO", "pt_PT", "ja_JP")); + $_SERVER["HTTP_ACCEPT_LANGUAGE"] = "en,en-us,ja_JP;q=0.7,no-fr;q=0.9"; + $locale = locales::locale_from_http_request(); + $this->assert_equal("ja_JP", $locale); + } + + public function locale_from_http_request_best_match_vs_installed_2_test() { + locales::update_installed(array("no_NO", "pt_PT", "ja_JP")); + $_SERVER["HTTP_ACCEPT_LANGUAGE"] = "en,en-us,ja_JP;q=0.5,no-fr;q=0.9"; + $locale = locales::locale_from_http_request(); + $this->assert_equal("no_NO", $locale); + } + + public function locale_from_http_request_no_match_vs_installed_test() { + locales::update_installed(array("no_NO", "pt_PT", "ja_JP")); + $_SERVER["HTTP_ACCEPT_LANGUAGE"] = "en,en-us,de"; + $locale = locales::locale_from_http_request(); + $this->assert_equal(null, $locale); + } +}
\ No newline at end of file diff --git a/modules/gallery/tests/Movie_Helper_Test.php b/modules/gallery/tests/Movie_Helper_Test.php index 627651bb..23544934 100644 --- a/modules/gallery/tests/Movie_Helper_Test.php +++ b/modules/gallery/tests/Movie_Helper_Test.php @@ -22,7 +22,7 @@ class Movie_Helper_Test extends Unit_Test_Case { $rand = rand(); $root = ORM::factory("item", 1); try { - $movie = movie::create($root, MODPATH . "gallery/tests/test.jpg", "$rand/.jpg", $rand, $rand); + $movie = movie::create($root, MODPATH . "gallery/tests/test.flv", "$rand/.flv", $rand, $rand); } catch (Exception $e) { // pass return; @@ -35,7 +35,7 @@ class Movie_Helper_Test extends Unit_Test_Case { $rand = rand(); $root = ORM::factory("item", 1); try { - $movie = movie::create($root, MODPATH . "gallery/tests/test.jpg", "$rand.jpg.", $rand, $rand); + $movie = movie::create($root, MODPATH . "gallery/tests/test.flv", "$rand.flv.", $rand, $rand); } catch (Exception $e) { $this->assert_equal("@todo NAME_CANNOT_END_IN_PERIOD", $e->getMessage()); return; @@ -43,4 +43,14 @@ class Movie_Helper_Test extends Unit_Test_Case { $this->assert_true(false, "Shouldn't create a movie with trailing . in the name"); } + + public function create_movie_creates_reasonable_slug_test() { + $rand = rand(); + $root = ORM::factory("item", 1); + $album = album::create($root, $rand, $rand, $rand); + $movie = movie::create( + $album, MODPATH . "gallery/tests/test.flv", "This (is) my file%name.flv", $rand, $rand); + + $this->assert_equal("This-is-my-file-name", $movie->slug); + } } diff --git a/modules/gallery/tests/ORM_MPTT_Test.php b/modules/gallery/tests/ORM_MPTT_Test.php index 200c8a74..a749542b 100644 --- a/modules/gallery/tests/ORM_MPTT_Test.php +++ b/modules/gallery/tests/ORM_MPTT_Test.php @@ -33,8 +33,8 @@ class ORM_MPTT_Test extends Unit_Test_Case { $album->sort_order = "ASC"; $album->add_to_parent($root); - $this->assert_equal($album->parent()->right - 2, $album->left); - $this->assert_equal($album->parent()->right - 1, $album->right); + $this->assert_equal($album->parent()->right_ptr - 2, $album->left_ptr); + $this->assert_equal($album->parent()->right_ptr - 1, $album->right_ptr); $this->assert_equal($album->parent()->level + 1, $album->level); $this->assert_equal($album->parent()->id, $album->parent_id); } @@ -48,10 +48,10 @@ class ORM_MPTT_Test extends Unit_Test_Case { $album1_1_2 = self::create_item_and_add_to_parent($album1_1); $album1->reload(); - $this->assert_equal(9, $album1->right - $album1->left); + $this->assert_equal(9, $album1->right_ptr - $album1->left_ptr); $album1_1->reload(); - $this->assert_equal(5, $album1_1->right - $album1_1->left); + $this->assert_equal(5, $album1_1->right_ptr - $album1_1->left_ptr); } public function delete_hierarchy_test() { @@ -66,7 +66,7 @@ class ORM_MPTT_Test extends Unit_Test_Case { $album1->reload(); // Now album1 contains only album1_2 - $this->assert_equal(3, $album1->right - $album1->left); + $this->assert_equal(3, $album1->right_ptr - $album1->left_ptr); } public function move_to_test() { @@ -85,8 +85,8 @@ class ORM_MPTT_Test extends Unit_Test_Case { $album1_1->reload(); $album1_2->reload(); - $this->assert_equal(3, $album1_1->right - $album1_1->left); - $this->assert_equal(3, $album1_2->right - $album1_2->left); + $this->assert_equal(3, $album1_1->right_ptr - $album1_1->left_ptr); + $this->assert_equal(3, $album1_2->right_ptr - $album1_2->left_ptr); $this->assert_equal( array($album1_1_2->id => "move_to_test_1_1_2"), @@ -97,6 +97,19 @@ class ORM_MPTT_Test extends Unit_Test_Case { $album1_2->children()->select_list()); } + public function cant_move_parent_into_own_subtree_test() { + $album1 = album::create(item::root(), "move_to_test", "move_to_test"); + $album2 = album::create($album1, "move_to_test", "move_to_test"); + $album3 = album::create($album2, "move_to_test", "move_to_test"); + + try { + $album1->move_to($album3); + $self->assert_true(false, "We should be unable to move an item inside its own hierarchy"); + } catch (Exception $e) { + // pass + } + } + public function parent_test() { $root = ORM::factory("item", 1); $album = self::create_item_and_add_to_parent($root); @@ -177,8 +190,8 @@ class ORM_MPTT_Test extends Unit_Test_Case { $parent->reload(); $this->assert_equal(3, $parent->descendants()->count()); - $this->assert_equal(2, $parent->descendants(null, 0, "photo")->count()); - $this->assert_equal(1, $parent->descendants(null, 0, "album")->count()); + $this->assert_equal(2, $parent->descendants(null, 0, array("type" => "photo"))->count()); + $this->assert_equal(1, $parent->descendants(null, 0, array("type" => "album"))->count()); } public function descendant_limit_test() { @@ -215,7 +228,7 @@ class ORM_MPTT_Test extends Unit_Test_Case { $parent->reload(); $this->assert_equal(3, $parent->descendants_count()); - $this->assert_equal(2, $parent->descendants_count("photo")); - $this->assert_equal(1, $parent->descendants_count("album")); + $this->assert_equal(2, $parent->descendants_count(array("type" => "photo"))); + $this->assert_equal(1, $parent->descendants_count(array("type" => "album"))); } } diff --git a/modules/gallery/tests/Photo_Helper_Test.php b/modules/gallery/tests/Photo_Helper_Test.php index cc1f20da..da455bf8 100644 --- a/modules/gallery/tests/Photo_Helper_Test.php +++ b/modules/gallery/tests/Photo_Helper_Test.php @@ -43,8 +43,8 @@ class Photo_Helper_Test extends Unit_Test_Case { $this->assert_equal($image_info[0], $photo->width); $this->assert_equal($image_info[1], $photo->height); - $this->assert_equal($photo->parent()->right - 2, $photo->left); - $this->assert_equal($photo->parent()->right - 1, $photo->right); + $this->assert_equal($photo->parent()->right_ptr - 2, $photo->left_ptr); + $this->assert_equal($photo->parent()->right_ptr - 1, $photo->right_ptr); } public function create_conflicting_photo_test() { @@ -81,6 +81,16 @@ class Photo_Helper_Test extends Unit_Test_Case { $this->assert_equal("http://./var/resizes/{$rand}/{$rand}.jpg", $photo->resize_url()); } + public function create_photo_creates_reasonable_slug_test() { + $rand = rand(); + $root = ORM::factory("item", 1); + $album = album::create($root, $rand, $rand, $rand); + $photo = photo::create( + $album, MODPATH . "gallery/tests/test.jpg", "This (is) my file%name.jpg", $rand, $rand); + + $this->assert_equal("This-is-my-file-name", $photo->slug); + } + public function create_photo_shouldnt_allow_names_with_slash_test() { $rand = rand(); $root = ORM::factory("item", 1); diff --git a/modules/gallery/tests/Photos_Controller_Test.php b/modules/gallery/tests/Photos_Controller_Test.php index f7d3f72f..0159b420 100644 --- a/modules/gallery/tests/Photos_Controller_Test.php +++ b/modules/gallery/tests/Photos_Controller_Test.php @@ -20,57 +20,54 @@ class Photos_Controller_Test extends Unit_Test_Case { public function setup() { $this->_post = $_POST; - $this->_photo = null; } public function teardown() { $_POST = $this->_post; - if ($this->_photo) { - $this->_photo->delete(); - } } public function change_photo_test() { $controller = new Photos_Controller(); $root = ORM::factory("item", 1); - $this->_photo = photo::create($root, MODPATH . "gallery/tests/test.jpg", "test.jpeg", "test", - "test"); - $orig_name = $this->_photo->name; + $photo = photo::create( + $root, MODPATH . "gallery/tests/test.jpg", "test.jpeg", + "test", "test", user::active(), "slug"); + $orig_name = $photo->name; $_POST["filename"] = "test.jpeg"; $_POST["name"] = "new name"; $_POST["title"] = "new title"; $_POST["description"] = "new description"; + $_POST["slug"] = "new-slug"; $_POST["csrf"] = access::csrf_token(); access::allow(group::everybody(), "edit", $root); ob_start(); - $controller->_update($this->_photo); + $controller->_update($photo); $results = ob_get_contents(); ob_end_clean(); - $this->assert_equal( - json_encode(array("result" => "success", - "location" => "http://./index.php/test.jpeg")), - $results); - $this->assert_equal("new title", $this->_photo->title); - $this->assert_equal("new description", $this->_photo->description); + $this->assert_equal(json_encode(array("result" => "success")), $results); + $this->assert_equal("new-slug", $photo->slug); + $this->assert_equal("new title", $photo->title); + $this->assert_equal("new description", $photo->description); // We don't change the name, yet. - $this->assert_equal($orig_name, $this->_photo->name); + $this->assert_equal($orig_name, $photo->name); } public function change_photo_no_csrf_fails_test() { $controller = new Photos_Controller(); $root = ORM::factory("item", 1); - $this->_photo = photo::create($root, MODPATH . "gallery/tests/test.jpg", "test", "test", "test"); + $photo = photo::create( + $root, MODPATH . "gallery/tests/test.jpg", "test.jpg", "test", "test"); $_POST["name"] = "new name"; $_POST["title"] = "new title"; $_POST["description"] = "new description"; access::allow(group::everybody(), "edit", $root); try { - $controller->_update($this->_photo); + $controller->_update($photo); $this->assert_true(false, "This should fail"); } catch (Exception $e) { // pass diff --git a/modules/gallery/tests/SafeString_Test.php b/modules/gallery/tests/SafeString_Test.php new file mode 100644 index 00000000..2c07d934 --- /dev/null +++ b/modules/gallery/tests/SafeString_Test.php @@ -0,0 +1,139 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class SafeString_Test extends Unit_Test_Case { + public function toString_escapes_for_html_test() { + $safe_string = new SafeString("hello <p>world</p>"); + $this->assert_equal("hello <p>world</p>", + $safe_string); + } + + public function toString_for_safe_string_test() { + $safe_string = SafeString::of_safe_html("hello <p>world</p>"); + $this->assert_equal("hello <p>world</p>", + $safe_string); + } + + public function for_html_test() { + $safe_string = new SafeString("hello <p>world</p>"); + $this->assert_equal("hello <p>world</p>", + $safe_string->for_html()); + } + + public function safestring_of_safestring_test() { + $safe_string = new SafeString("hello <p>world</p>"); + $safe_string_2 = new SafeString($safe_string); + $this->assert_true($safe_string_2 instanceof SafeString); + $raw_string = $safe_string_2->unescaped(); + $this->assert_false(is_object($raw_string)); + $this->assert_equal("hello <p>world</p>", $raw_string); + $this->assert_equal("hello <p>world</p>", $safe_string_2); + } + + public function for_js_test() { + $safe_string = new SafeString('"<em>Foo</em>\'s bar"'); + $js_string = $safe_string->for_js(); + $this->assert_equal('"\\"<em>Foo<\\/em>\'s bar\\""', + $js_string); + } + + public function for_html_attr_test() { + $safe_string = new SafeString('"<em>Foo</em>\'s bar"'); + $attr_string = $safe_string->for_html_attr(); + $this->assert_equal('"<em>Foo</em>'s bar"', + $attr_string); + } + + public function for_html_attr_with_safe_html_test() { + $safe_string = SafeString::of_safe_html('"<em>Foo</em>\'s bar"'); + $attr_string = $safe_string->for_html_attr(); + $this->assert_equal('"<em>Foo</em>'s bar"', + $attr_string); + } + + public function string_safestring_equality_test() { + $safe_string = new SafeString("hello <p>world</p>"); + $this->assert_equal("hello <p>world</p>", + $safe_string->unescaped()); + $escaped_string = "hello <p>world</p>"; + $this->assert_equal($escaped_string, $safe_string); + + $this->assert_true($escaped_string == $safe_string); + $this->assert_false($escaped_string === $safe_string); + $this->assert_false("meow" == $safe_string); + } + + public function of_test() { + $safe_string = SafeString::of("hello <p>world</p>"); + $this->assert_equal("hello <p>world</p>", $safe_string->unescaped()); + } + + public function of_safe_html_test() { + $safe_string = SafeString::of_safe_html("hello <p>world</p>"); + $this->assert_equal("hello <p>world</p>", $safe_string->for_html()); + } + + public function purify_test() { + $safe_string = SafeString::purify("hello <p >world</p>"); + $expected = method_exists("purifier", "purify") + ? "hello <p>world</p>" + : "hello <p >world</p>"; + $this->assert_equal($expected, $safe_string); + } + + public function purify_twice_test() { + $safe_string = SafeString::purify("hello <p >world</p>"); + $safe_string_2 = SafeString::purify($safe_string); + $expected = method_exists("purifier", "purify") + ? "hello <p>world</p>" + : "hello <p >world</p>"; + $this->assert_equal($expected, $safe_string_2); + } + + public function purify_safe_html_test() { + $safe_string = SafeString::of_safe_html("hello <p >world</p>"); + $actual = SafeString::purify($safe_string); + $this->assert_equal("hello <p >world</p>", $actual); + } + + public function of_fluid_api_test() { + $escaped_string = SafeString::of("Foo's bar")->for_js(); + $this->assert_equal('"Foo\'s bar"', $escaped_string); + } + + public function safestring_of_safestring_preserves_safe_status_test() { + $safe_string = SafeString::of_safe_html("hello's <p>world</p>"); + $safe_string_2 = new SafeString($safe_string); + $this->assert_equal("hello's <p>world</p>", $safe_string_2); + $this->assert_equal('"hello\'s <p>world<\\/p>"', $safe_string_2->for_js()); + } + + public function safestring_of_safestring_preserves_html_safe_status_test() { + $safe_string = SafeString::of_safe_html("hello's <p>world</p>"); + $safe_string_2 = new SafeString($safe_string); + $this->assert_equal("hello's <p>world</p>", $safe_string_2); + $this->assert_equal('"hello\'s <p>world<\\/p>"', $safe_string_2->for_js()); + } + + public function safestring_of_safestring_safe_status_override_test() { + $safe_string = new SafeString("hello <p>world</p>"); + $safe_string_2 = SafeString::of_safe_html($safe_string); + $this->assert_equal("hello <p>world</p>", $safe_string_2); + } +} diff --git a/modules/gallery/tests/Xss_Security_Test.php b/modules/gallery/tests/Xss_Security_Test.php index e179482c..85624517 100644 --- a/modules/gallery/tests/Xss_Security_Test.php +++ b/modules/gallery/tests/Xss_Security_Test.php @@ -19,87 +19,447 @@ */ class Xss_Security_Test extends Unit_Test_Case { public function find_unescaped_variables_in_views_test() { + $found = array(); foreach (glob("*/*/views/*.php") as $view) { - $expr = null; - $level = 0; - $php = 0; - $str = null; - $in_p_clean = 0; + // List of all tokens without whitespace, simplifying parsing. + $tokens = array(); foreach (token_get_all(file_get_contents($view)) as $token) { - if (false /* useful for debugging */) { - if (is_array($token)) { - printf("[$str] [$in_p_clean] %-15s %s\n", token_name($token[0]), $token[1]); - } else { - printf("[$str] [$in_p_clean] %-15s %s\n", "<char>", $token); - } + if (!is_array($token) || ($token[0] != T_WHITESPACE)) { + $tokens[] = $token; } + } + + $frame = null; + $script_block = 0; + $in_script_block = false; + $inline_html = ""; + $in_attribute_js_context = false; + $in_attribute = false; + $href_attribute_start = false; + $preceded_by_quote = false; + + for ($token_number = 0; $token_number < count($tokens); $token_number++) { + $token = $tokens[$token_number]; + + // Are we in a <script> ... </script> block? + if (is_array($token) && $token[0] == T_INLINE_HTML) { + $inline_html = $token[1]; + // T_INLINE_HTML blocks can be split. Need to handle the case + // where one token has "<scr" and the next has "ipt" + while (self::_token_matches(array(T_INLINE_HTML), $tokens, $token_number + 1)) { + $token_number++; + $token = $tokens[$token_number]; + $inline_html .= $token[1]; + } - // If we find a "(" after a "p::clean" then start counting levels of parens and assume - // that we're inside a p::clean() call until we find the matching close paren. - if ($token[0] == "(" && $str == "p::clean") { - $in_p_clean = 1; - } else if ($token[0] == "(" && $in_p_clean) { - $in_p_clean++; - } else if ($token[0] == ")" && $in_p_clean) { - $in_p_clean--; + $inline_html = str_replace("\n", " ", $inline_html); + + if ($frame) { + $frame->expr_append($inline_html); + } + + // Note: This approach won't catch <script src="..."> blocks if the src + // URL is generated via < ? = url::site() ? > or some other PHP. + // Assume that all such script blocks with a src URL have an + // empty element body. + // But we'll catch closing tags for such blocks, so don't keep track + // of opening / closing tag count since it would be meaningless. + + // Handle multiple start / end blocks on the same line? + $opening_script_pos = $closing_script_pos = -1; + if (preg_match_all('{</script>}i', $inline_html, $matches, PREG_OFFSET_CAPTURE)) { + $last_match = array_pop($matches[0]); + if (is_array($last_match)) { + $closing_script_pos = $last_match[1]; + } else { + $closing_script_pos = $last_match; + } + } + if (preg_match_all('{<script\b[^>]*>}i', $inline_html, $matches, PREG_OFFSET_CAPTURE)) { + $last_match = array_pop($matches[0]); + if (is_array($last_match)) { + $opening_script_pos = $last_match[1]; + } else { + $opening_script_pos = $last_match; + } + } + if ($opening_script_pos != $closing_script_pos) { + $in_script_block = $opening_script_pos > $closing_script_pos; + } } - // Concatenate runs of strings for convenience, which we use above to figure out if we're - // inside a p::clean() call or not - if ($token[0] == T_STRING || $token[0] == T_DOUBLE_COLON) { - $str .= $token[1]; - } else { - $str = null; + $preceded_by_quote = preg_match('{[\'"]\s*$}i', $inline_html); + + $pos = false; + if (($in_attribute || $in_attribute_js_context) && + ($pos = strpos($inline_html, $delimiter)) !== false) { + $in_attribute_js_context = false; + $in_attribute = false; + $href_attribute_start = false; + } + if (!$in_attribute_js_context || !$in_attribute) { + $pos = ($pos === false) ? 0 : $pos; + if (preg_match('{\bhref\s*=\s*(")javascript:[^"]*$}i', $inline_html, $matches, 0, $pos) || + preg_match("{\bhref\s*=\s*(')javascript:[^']*$}i", $inline_html, $matches, 0, $pos) || + preg_match("{\bon[a-z]+\s*=\s*(')[^']*$}i", $inline_html, $matches, 0, $pos) || + preg_match('{\bon[a-z]+\s*=\s*(")[^"]*$}i', $inline_html, $matches, 0, $pos)) { + $in_attribute_js_context = true; + $in_attribute = true; + $delimiter = $matches[1]; + $inline_html = ""; + } else if (preg_match('{\b([a-z]+)\s*=\s*(")([^"]*)$}i', $inline_html, $matches, 0, $pos) || + preg_match("{\b([a-z]+)\s*=\s*(')([^']*)$}i", $inline_html, $matches, 0, $pos)) { + $in_attribute = true; + $delimiter = $matches[2]; + $inline_html = ""; + $href_attribute_start = strtolower($matches[1]) == "href" && empty($matches[3]); + } } - // Scan for any occurrences of < ? = $variable ? > and store it in $expr - if ($token[0] == T_OPEN_TAG_WITH_ECHO) { - $php++; - } else if ($php && $token[0] == T_CLOSE_TAG) { - $php--; - } else if ($php && $token[0] == T_VARIABLE) { - if (!$expr) { - $entry = array($token[2], $in_p_clean); + // Look and report each instance of < ? = ... ? > + if (!is_array($token)) { + // A single char token, e.g: ; ( ) + if ($frame) { + $frame->expr_append($token); } - $expr .= $token[1]; - } else if ($expr) { - if ($token[0] == T_OBJECT_OPERATOR) { - $expr .= $token[1]; - } else if ($token[0] == T_STRING) { - $expr .= $token[1]; - } else if ($token == "(") { - $expr .= $token; - $level++; - } else if ($level > 0 && $token == ")") { - $expr .= $token; - $level--; - } else if ($level > 0) { - $expr .= is_array($token) ? $token[1] : $token; - } else { - $entry[] = $expr; - $found[$view][] = $entry; - $expr = null; - $entry = null; + } else if ($token[0] == T_OPEN_TAG_WITH_ECHO) { + // No need for a stack here - assume < ? = cannot be nested. + $frame = self::_create_frame($token, $in_script_block, + $href_attribute_start, $in_attribute_js_context, + $in_attribute, $preceded_by_quote); + $href_attribute_start = false; + } else if ($frame && $token[0] == T_CLOSE_TAG) { + // Store the < ? = ... ? > block that just ended here. + $found[$view][] = $frame; + $frame = null; + } else if ($frame && $token[0] == T_VARIABLE) { + $frame->expr_append($token[1]); + if ($token[1] == '$theme') { + if (self::_token_matches(array(T_OBJECT_OPERATOR, "->"), $tokens, $token_number + 1) && + self::_token_matches(array(T_STRING), $tokens, $token_number + 2) && + in_array($tokens[$token_number + 2][1], + array("thumb_proportion", "site_menu", "album_menu", "tag_menu", "photo_menu", + "context_menu", "pager", "site_status", "messages", "album_blocks", + "album_bottom", "album_top", "body_attributes", "credits", + "dynamic_bottom", "dynamic_top", "footer", "head", "header_bottom", + "header_top", "page_bottom", "page_top", "photo_blocks", "photo_bottom", + "photo_top", "resize_bottom", "resize_top", "sidebar_blocks", "sidebar_bottom", + "sidebar_top", "thumb_bottom", "thumb_info", "thumb_top")) && + self::_token_matches("(", $tokens, $token_number + 3)) { + + $method = $tokens[$token_number + 2][1]; + $frame->expr_append("->$method("); + + $token_number += 3; + $token = $tokens[$token_number]; + + $frame->is_safe_html(true); + } else if (self::_token_matches(array(T_OBJECT_OPERATOR, "->"), $tokens, $token_number + 1) && + self::_token_matches(array(T_STRING), $tokens, $token_number + 2) && + in_array($tokens[$token_number + 2][1], + array("css", "script", "url")) && + self::_token_matches("(", $tokens, $token_number + 3) && + // Only allow constant strings here + self::_token_matches(array(T_CONSTANT_ENCAPSED_STRING), $tokens, $token_number + 4)) { + + $method = $tokens[$token_number + 2][1]; + $frame->expr_append("->$method("); + + $token_number += 4; + $token = $tokens[$token_number]; + + $frame->is_safe_html(true); + } } + } else if ($frame && $token[0] == T_STRING) { + $frame->expr_append($token[1]); + // t() and t2() are special in that they're guaranteed to return a SafeString(). + if (in_array($token[1], array("t", "t2"))) { + if (self::_token_matches("(", $tokens, $token_number + 1)) { + $frame->is_safe_html(true); + $frame->expr_append("("); + + $token_number++; + $token = $tokens[$token_number]; + } + } else if ($token[1] == "SafeString") { + // Looking for SafeString::of(... + if (self::_token_matches(array(T_DOUBLE_COLON, "::"), $tokens, $token_number + 1) && + self::_token_matches(array(T_STRING), $tokens, $token_number + 2) && + in_array($tokens[$token_number + 2][1], array("of", "purify")) && + self::_token_matches("(", $tokens, $token_number + 3)) { + // Not checking for of_safe_html(). We want such calls to be marked dirty (thus reviewed). + + $frame->is_safe_html(true); + + $method = $tokens[$token_number + 2][1]; + $frame->expr_append("::$method("); + + $token_number += 3; + $token = $tokens[$token_number]; + } + } else if ($token[1] == "json_encode") { + if (self::_token_matches("(", $tokens, $token_number + 1)) { + $frame->is_safe_js(true); + $frame->expr_append("("); + + $token_number++; + $token = $tokens[$token_number]; + } + } else if ($token[1] == "url") { + // url methods return safe HTML + if (self::_token_matches(array(T_DOUBLE_COLON, "::"), $tokens, $token_number + 1) && + self::_token_matches(array(T_STRING), $tokens, $token_number + 2) && + in_array($tokens[$token_number + 2][1], + array("site", "current", "base", "file", "abs_site", "abs_current", + "abs_file", "merge")) && + self::_token_matches("(", $tokens, $token_number + 3)) { + $frame->is_safe_html(true); + $frame->is_safe_href_attr(true); + $frame->is_safe_attr(true); + + $method = $tokens[$token_number + 2][1]; + $frame->expr_append("::$method("); + + $token_number += 3; + $token = $tokens[$token_number]; + } + } else if ($token[1] == "html") { + if (self::_token_matches(array(T_DOUBLE_COLON, "::"), $tokens, $token_number + 1) && + self::_token_matches(array(T_STRING), $tokens, $token_number + 2) && + in_array($tokens[$token_number + 2][1], + array("clean", "purify", "js_string", "clean_attribute")) && + self::_token_matches("(", $tokens, $token_number + 3)) { + // Not checking for mark_clean(). We want such calls to be marked dirty (thus reviewed). + + $method = $tokens[$token_number + 2][1]; + $frame->expr_append("::$method("); + + $token_number += 3; + $token = $tokens[$token_number]; + + if ("js_string" == $method) { + $frame->is_safe_js(true); + } else { + $frame->is_safe_html(true); + } + if ("clean_attribute" == $method) { + $frame->is_safe_attr(true); + } + } + } + } else if ($frame && $token[0] == T_OBJECT_OPERATOR) { + $frame->expr_append($token[1]); + + if (self::_token_matches(array(T_STRING), $tokens, $token_number + 1) && + in_array($tokens[$token_number + 1][1], + array("for_js", "for_html", "purified_html", "for_html_attr")) && + self::_token_matches("(", $tokens, $token_number + 2)) { + $method = $tokens[$token_number + 1][1]; + $frame->expr_append("$method("); + + $token_number += 2; + $token = $tokens[$token_number]; + + if ("for_js" == $method) { + $frame->is_safe_js(true); + } else { + $frame->is_safe_html(true); + } + if ("for_html_attr" == $method) { + $frame->is_safe_attr(true); + } + } + } else if ($frame) { + $frame->expr_append($token[1]); } } } - $canonical = MODPATH . "gallery/tests/xss_data.txt"; + /* + * Generate the report + * + * States for uses of < ? = X ? >: + * DIRTY_JS: + * In <script> block + * X can be anything without calling ->for_js() + * At the start of a href= attribute + * X = anything but a url method + * In href="javascript: or onclick="...": + * X = anything (manual review required) + * DIRTY: + * Outside <script> block: + * X can be anything without a call to ->for_html() or ->purified_html() + * CLEAN: + * Outside <script> block: + * X = is SafeString (t(), t2(), url::site()) + * X = * and for_html() or purified_html() is called + * Inside <script> block: + * X = * with ->for_js() or json_encode(...) + * Start of href attribute: + * X = url method + */ $new = TMPPATH . "xss_data.txt"; $fd = fopen($new, "wb"); ksort($found); - foreach ($found as $view => $entries) { - foreach ($entries as $entry) { - fwrite($fd, - sprintf("%-60s %-3s %-5s %s\n", - $view, $entry[0], $entry[1] ? "" : "DIRTY", $entry[2])); + foreach ($found as $view => $frames) { + foreach ($frames as $frame) { + $state = "DIRTY"; + if ($frame->in_script_block() && $frame->in_href_attribute()) { + // This parser assumes this state does not occur. + $state = "ILLEGAL"; + } else if ($frame->in_script_block()) { + $state = "DIRTY_JS"; + if ($frame->is_safe_js() && !$frame->preceded_by_quote()) { + $state = "CLEAN"; + } + } else if ($frame->in_attribute_js_context()) { + // Manual review required + $state = "DIRTY_JS"; + } else if ($frame->in_href_attribute()) { + $state = "DIRTY_JS"; + if ($frame->is_safe_href_attr()) { + $state = "CLEAN"; + } + } else if ($frame->in_attribute()) { + $state = "DIRTY_ATTR"; + if ($frame->is_safe_attr()) { + $state = "CLEAN"; + } + } else { + if ($frame->is_safe_html()) { + $state = "CLEAN"; + } + } + + if ("CLEAN" == $state) { + // Don't print CLEAN instances - No need to update the golden + // file when adding / moving clean instances. + continue; + } + + fprintf($fd, "%-60s %-3s %-8s %s\n", + $view, $frame->line(), $state, $frame->expr()); } } fclose($fd); + // Compare with the expected report from our golden file. + $canonical = MODPATH . "gallery/tests/xss_data.txt"; exec("diff $canonical $new", $output, $return_value); $this->assert_false( - $return_value, "XSS golden file mismatch. Output:\n" . implode("\n", $output) ); + $return_value, "XSS golden file mismatch. Output:\n" . implode("\n", $output) ); + } + + private static function _create_frame($token, $in_script_block, + $href_attribute_start, $in_attribute_js_context, + $in_attribute, $preceded_by_quote) { + return new Xss_Security_Test_Frame($token[2], $in_script_block, + $href_attribute_start, $in_attribute_js_context, + $in_attribute, $preceded_by_quote); + } + + private static function _token_matches($expected_token, &$tokens, $token_number) { + if (!isset($tokens[$token_number])) { + return false; + } + + $token = $tokens[$token_number]; + + if (is_array($expected_token)) { + for ($i = 0; $i < count($expected_token); $i++) { + if ($expected_token[$i] != $token[$i]) { + return false; + } + } + return true; + } else { + return $expected_token == $token; + } + } +} + +class Xss_Security_Test_Frame { + private $_expr = ""; + private $_in_script_block = false; + private $_is_safe_html = false; + private $_is_safe_js = false; + private $_in_href_attribute = false; + private $_is_safe_href_attr = false; + private $_in_attribute_js_context = false; + private $_in_attribute = false; + private $_preceded_by_quote = false; + private $_is_safe_attr = false; + private $_line; + + function __construct($line_number, $in_script_block, + $href_attribute_start, $in_attribute_js_context, + $in_attribute, $preceded_by_quote) { + $this->_line = $line_number; + $this->_in_script_block = $in_script_block; + $this->_in_href_attribute = $href_attribute_start; + $this->_in_attribute_js_context = $in_attribute_js_context; + $this->_in_attribute = $in_attribute; + $this->_preceded_by_quote = $preceded_by_quote; + } + + function expr() { + return $this->_expr; + } + + function expr_append($append_value) { + return $this->_expr .= $append_value; + } + + function in_script_block() { + return $this->_in_script_block; + } + + function in_href_attribute() { + return $this->_in_href_attribute; + } + + function in_attribute() { + return $this->_in_attribute; + } + + function in_attribute_js_context() { + return $this->_in_attribute_js_context; + } + + function is_safe_html($new_val=NULL) { + if ($new_val !== NULL) { + $this->_is_safe_html = (bool) $new_val; + } + return $this->_is_safe_html; + } + + function is_safe_href_attr($new_val=NULL) { + if ($new_val !== NULL) { + $this->_is_safe_href_attr = (bool) $new_val; + } + return $this->_is_safe_href_attr; + } + + function is_safe_attr($new_val=NULL) { + if ($new_val !== NULL) { + $this->_is_safe_attr = (bool) $new_val; + } + return $this->_is_safe_attr; + } + + function is_safe_js($new_val=NULL) { + if ($new_val !== NULL) { + $this->_is_safe_js = (bool) $new_val; + } + return $this->_is_safe_js; + } + + function preceded_by_quote() { + return $this->_preceded_by_quote; + } + + function line() { + return $this->_line; } } diff --git a/modules/gallery/tests/test.flv b/modules/gallery/tests/test.flv Binary files differnew file mode 100644 index 00000000..799d137e --- /dev/null +++ b/modules/gallery/tests/test.flv diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 982343f6..193d2ca1 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -1,642 +1,346 @@ -modules/akismet/views/admin_akismet.html.php 14 DIRTY $form -modules/akismet/views/admin_akismet_stats.html.php 9 DIRTY $api_key -modules/akismet/views/admin_akismet_stats.html.php 9 DIRTY $blog_url -modules/comment/views/admin_block_recent_comments.html.php 4 DIRTY $i -modules/comment/views/admin_block_recent_comments.html.php 5 DIRTY $comment->author()->avatar_url(32, $theme->theme_url("images/avatar.jpg", true)) -modules/comment/views/admin_block_recent_comments.html.php 7 $comment->author_name() -modules/comment/views/admin_block_recent_comments.html.php 10 DIRTY $comment->created -modules/comment/views/admin_block_recent_comments.html.php 12 $comment->author_name() -modules/comment/views/admin_block_recent_comments.html.php 13 $comment->text -modules/comment/views/admin_comments.html.php 4 DIRTY $csrf -modules/comment/views/admin_comments.html.php 15 DIRTY $csrf -modules/comment/views/admin_comments.html.php 42 DIRTY $menu -modules/comment/views/admin_comments.html.php 65 DIRTY $spam_caught -modules/comment/views/admin_comments.html.php 72 DIRTY $counts->spam -modules/comment/views/admin_comments.html.php 75 DIRTY $csrf -modules/comment/views/admin_comments.html.php 106 DIRTY $comment->id -modules/comment/views/admin_comments.html.php 106 DIRTY $i -modules/comment/views/admin_comments.html.php 109 DIRTY $comment->author()->avatar_url(40, $theme->theme_url("images/avatar.jpg", true)) -modules/comment/views/admin_comments.html.php 111 $comment->author_name() -modules/comment/views/admin_comments.html.php 115 $comment->author_email() -modules/comment/views/admin_comments.html.php 116 $comment->author_email() -modules/comment/views/admin_comments.html.php 116 $comment->author_name() -modules/comment/views/admin_comments.html.php 122 DIRTY $item->url() -modules/comment/views/admin_comments.html.php 124 DIRTY $item->thumb_url() -modules/comment/views/admin_comments.html.php 125 $item->title -modules/comment/views/admin_comments.html.php 126 DIRTY $item->thumb_width -modules/comment/views/admin_comments.html.php 126 DIRTY $item->thumb_height -modules/comment/views/admin_comments.html.php 134 DIRTY $comment->created -modules/comment/views/admin_comments.html.php 135 $comment->text -modules/comment/views/admin_comments.html.php 141 DIRTY $comment->id -modules/comment/views/admin_comments.html.php 150 DIRTY $comment->id -modules/comment/views/admin_comments.html.php 159 DIRTY $comment->id -modules/comment/views/admin_comments.html.php 168 DIRTY $comment->id -modules/comment/views/admin_comments.html.php 175 DIRTY $comment->id -modules/comment/views/admin_comments.html.php 183 DIRTY $comment->id -modules/comment/views/admin_comments.html.php 196 DIRTY $pager -modules/comment/views/comment.html.php 2 DIRTY $comment->id -modules/comment/views/comment.html.php 5 DIRTY $comment->author()->avatar_url(40, $theme->theme_url("images/avatar.jpg", true)) -modules/comment/views/comment.html.php 7 $comment->author_name() -modules/comment/views/comment.html.php 12 DIRTY $comment->created -modules/comment/views/comment.html.php 13 $comment->author_name() -modules/comment/views/comment.html.php 16 $comment->text -modules/comment/views/comment.mrss.php 9 $feed->title -modules/comment/views/comment.mrss.php 10 DIRTY $feed->uri -modules/comment/views/comment.mrss.php 11 $feed->description -modules/comment/views/comment.mrss.php 13 DIRTY $feed->uri -modules/comment/views/comment.mrss.php 16 DIRTY $feed->previous_page_uri -modules/comment/views/comment.mrss.php 19 DIRTY $feed->next_page_uri -modules/comment/views/comment.mrss.php 21 DIRTY $pub_date -modules/comment/views/comment.mrss.php 22 DIRTY $pub_date -modules/comment/views/comment.mrss.php 25 $child->title -modules/comment/views/comment.mrss.php 26 $child->item_uri -modules/comment/views/comment.mrss.php 27 $child->author -modules/comment/views/comment.mrss.php 28 DIRTY $child->item_uri -modules/comment/views/comment.mrss.php 29 DIRTY $child->pub_date -modules/comment/views/comment.mrss.php 32 $child->text -modules/comment/views/comment.mrss.php 34 DIRTY $child->thumb_url -modules/comment/views/comment.mrss.php 35 DIRTY $child->thumb_height -modules/comment/views/comment.mrss.php 35 DIRTY $child->thumb_width -modules/comment/views/comments.html.php 10 DIRTY $comment->id -modules/comment/views/comments.html.php 13 DIRTY $comment->author()->avatar_url(40, $theme->theme_url("images/avatar.jpg", true)) -modules/comment/views/comments.html.php 15 $comment->author_name() -modules/comment/views/comments.html.php 20 DIRTY $comment->created -modules/comment/views/comments.html.php 21 $comment->author_name() -modules/comment/views/comments.html.php 24 $comment->text -modules/digibug/views/digibug_form.html.php 5 DIRTY $order_parms -modules/exif/views/exif_dialog.html.php 14 DIRTY $details -modules/exif/views/exif_dialog.html.php 14 DIRTY $i -modules/exif/views/exif_dialog.html.php 17 $details -modules/exif/views/exif_dialog.html.php 17 $i -modules/exif/views/exif_dialog.html.php 21 DIRTY $details -modules/exif/views/exif_dialog.html.php 21 DIRTY $i -modules/exif/views/exif_dialog.html.php 24 $details -modules/exif/views/exif_dialog.html.php 24 $i -modules/exif/views/exif_sidebar.html.php 2 DIRTY $item->id -modules/g2_import/views/admin_g2_import.html.php 28 DIRTY $form -modules/g2_import/views/admin_g2_import.html.php 40 DIRTY $g2_sizes -modules/g2_import/views/admin_g2_import.html.php 41 DIRTY $thumb_size -modules/g2_import/views/admin_g2_import.html.php 49 DIRTY $g2_sizes -modules/g2_import/views/admin_g2_import.html.php 50 DIRTY $resize_size -modules/g2_import/views/admin_g2_import.html.php 62 DIRTY $g2_stats -modules/g2_import/views/admin_g2_import.html.php 65 DIRTY $g2_stats -modules/g2_import/views/admin_g2_import.html.php 68 DIRTY $g2_stats -modules/g2_import/views/admin_g2_import.html.php 71 DIRTY $g2_stats -modules/g2_import/views/admin_g2_import.html.php 74 DIRTY $g2_stats -modules/g2_import/views/admin_g2_import.html.php 77 DIRTY $g2_stats -modules/g2_import/views/admin_g2_import.html.php 81 DIRTY $g2_stats -modules/g2_import/views/admin_g2_import.html.php 88 DIRTY $csrf -modules/gallery/views/admin_advanced_settings.html.php 22 DIRTY $var->module_name -modules/gallery/views/admin_advanced_settings.html.php 23 $var->name -modules/gallery/views/admin_advanced_settings.html.php 25 DIRTY $var->module_name -modules/gallery/views/admin_advanced_settings.html.php 25 $var->name -modules/gallery/views/admin_advanced_settings.html.php 27 $var->name -modules/gallery/views/admin_advanced_settings.html.php 27 DIRTY $var->module_name -modules/gallery/views/admin_advanced_settings.html.php 29 $var->value -modules/gallery/views/admin_block_log_entries.html.php 4 DIRTY $entry->severity -modules/gallery/views/admin_block_log_entries.html.php 5 DIRTY $entry->user_id -modules/gallery/views/admin_block_log_entries.html.php 5 $entry->user->name -modules/gallery/views/admin_block_log_entries.html.php 6 DIRTY $entry->timestamp -modules/gallery/views/admin_block_log_entries.html.php 7 DIRTY $entry->message -modules/gallery/views/admin_block_log_entries.html.php 8 DIRTY $entry->html -modules/gallery/views/admin_block_news.html.php 5 DIRTY $entry -modules/gallery/views/admin_block_news.html.php 5 DIRTY $entry -modules/gallery/views/admin_block_news.html.php 7 DIRTY $entry -modules/gallery/views/admin_block_photo_stream.html.php 5 DIRTY $photo->id -modules/gallery/views/admin_block_photo_stream.html.php 5 $photo->title -modules/gallery/views/admin_block_photo_stream.html.php 6 DIRTY $photo->width -modules/gallery/views/admin_block_photo_stream.html.php 6 DIRTY $photo->height -modules/gallery/views/admin_block_photo_stream.html.php 7 DIRTY $photo->thumb_url() -modules/gallery/views/admin_block_photo_stream.html.php 7 $photo->title -modules/gallery/views/admin_block_platform.html.php 16 DIRTY $load_average -modules/gallery/views/admin_block_stats.html.php 7 DIRTY $album_count -modules/gallery/views/admin_block_stats.html.php 10 DIRTY $photo_count -modules/gallery/views/admin_dashboard.html.php 5 DIRTY $csrf -modules/gallery/views/admin_dashboard.html.php 35 DIRTY $blocks -modules/gallery/views/admin_graphics.html.php 6 DIRTY $csrf -modules/gallery/views/admin_graphics.html.php 21 DIRTY $active -modules/gallery/views/admin_graphics.html.php 25 DIRTY $available -modules/gallery/views/admin_graphics_gd.html.php 2 DIRTY $is_active -modules/gallery/views/admin_graphics_gd.html.php 2 DIRTY $tk->gd -modules/gallery/views/admin_graphics_gd.html.php 11 DIRTY $tk->gd -modules/gallery/views/admin_graphics_gd.html.php 19 DIRTY $tk->gd -modules/gallery/views/admin_graphics_graphicsmagick.html.php 2 DIRTY $is_active -modules/gallery/views/admin_graphics_graphicsmagick.html.php 2 DIRTY $tk->graphicsmagick -modules/gallery/views/admin_graphics_graphicsmagick.html.php 11 DIRTY $tk->graphicsmagick -modules/gallery/views/admin_graphics_imagemagick.html.php 2 DIRTY $is_active -modules/gallery/views/admin_graphics_imagemagick.html.php 2 DIRTY $tk->imagemagick -modules/gallery/views/admin_graphics_imagemagick.html.php 11 DIRTY $tk->imagemagick -modules/gallery/views/admin_languages.html.php 5 DIRTY $settings_form -modules/gallery/views/admin_languages.html.php 8 DIRTY $csrf -modules/gallery/views/admin_languages.html.php 14 DIRTY $share_translations_form -modules/gallery/views/admin_maintenance.html.php 23 DIRTY $task->severity -modules/gallery/views/admin_maintenance.html.php 25 DIRTY $task->name -modules/gallery/views/admin_maintenance.html.php 28 DIRTY $task->description -modules/gallery/views/admin_maintenance.html.php 31 DIRTY $task->callback -modules/gallery/views/admin_maintenance.html.php 31 DIRTY $csrf -modules/gallery/views/admin_maintenance.html.php 44 DIRTY $csrf -modules/gallery/views/admin_maintenance.html.php 70 DIRTY $task->state -modules/gallery/views/admin_maintenance.html.php 72 DIRTY $task->updated -modules/gallery/views/admin_maintenance.html.php 75 DIRTY $task->name -modules/gallery/views/admin_maintenance.html.php 86 DIRTY $task->percent_complete -modules/gallery/views/admin_maintenance.html.php 90 DIRTY $task->status -modules/gallery/views/admin_maintenance.html.php 93 $task->owner()->name -modules/gallery/views/admin_maintenance.html.php 97 DIRTY $task->id -modules/gallery/views/admin_maintenance.html.php 97 DIRTY $csrf -modules/gallery/views/admin_maintenance.html.php 101 DIRTY $task->id -modules/gallery/views/admin_maintenance.html.php 101 DIRTY $csrf -modules/gallery/views/admin_maintenance.html.php 113 DIRTY $csrf -modules/gallery/views/admin_maintenance.html.php 140 DIRTY $task->state -modules/gallery/views/admin_maintenance.html.php 142 DIRTY $task->updated -modules/gallery/views/admin_maintenance.html.php 145 DIRTY $task->name -modules/gallery/views/admin_maintenance.html.php 157 DIRTY $task->status -modules/gallery/views/admin_maintenance.html.php 160 DIRTY $task->owner()->name -modules/gallery/views/admin_maintenance.html.php 164 DIRTY $task->id -modules/gallery/views/admin_maintenance.html.php 164 DIRTY $csrf -modules/gallery/views/admin_maintenance.html.php 168 DIRTY $task->id -modules/gallery/views/admin_maintenance.html.php 168 DIRTY $csrf -modules/gallery/views/admin_maintenance.html.php 171 DIRTY $task->id -modules/gallery/views/admin_maintenance.html.php 171 DIRTY $csrf -modules/gallery/views/admin_maintenance_task.html.php 5 DIRTY $task->id -modules/gallery/views/admin_maintenance_task.html.php 5 DIRTY $csrf -modules/gallery/views/admin_maintenance_task.html.php 26 DIRTY $task->name -modules/gallery/views/admin_modules.html.php 19 DIRTY $i -modules/gallery/views/admin_modules.html.php 22 DIRTY $data -modules/gallery/views/admin_modules.html.php 22 DIRTY $module_name -modules/gallery/views/admin_modules.html.php 23 DIRTY $module_info->name -modules/gallery/views/admin_modules.html.php 24 DIRTY $module_info->version -modules/gallery/views/admin_modules.html.php 25 DIRTY $module_info->description -modules/gallery/views/admin_theme_options.html.php 5 DIRTY $form -modules/gallery/views/admin_themes.html.php 5 DIRTY $csrf -modules/gallery/views/admin_themes.html.php 18 DIRTY $site -modules/gallery/views/admin_themes.html.php 19 DIRTY $themes -modules/gallery/views/admin_themes.html.php 19 DIRTY $site -modules/gallery/views/admin_themes.html.php 20 DIRTY $themes -modules/gallery/views/admin_themes.html.php 20 DIRTY $site -modules/gallery/views/admin_themes.html.php 22 DIRTY $themes -modules/gallery/views/admin_themes.html.php 22 DIRTY $site -modules/gallery/views/admin_themes.html.php 33 DIRTY $id -modules/gallery/views/admin_themes.html.php 33 DIRTY $info->name -modules/gallery/views/admin_themes.html.php 34 DIRTY $id -modules/gallery/views/admin_themes.html.php 35 DIRTY $info->name -modules/gallery/views/admin_themes.html.php 36 DIRTY $info->name -modules/gallery/views/admin_themes.html.php 38 DIRTY $info->description -modules/gallery/views/admin_themes.html.php 56 DIRTY $admin -modules/gallery/views/admin_themes.html.php 57 DIRTY $themes -modules/gallery/views/admin_themes.html.php 57 DIRTY $admin -modules/gallery/views/admin_themes.html.php 58 DIRTY $themes -modules/gallery/views/admin_themes.html.php 58 DIRTY $admin -modules/gallery/views/admin_themes.html.php 60 DIRTY $themes -modules/gallery/views/admin_themes.html.php 60 DIRTY $admin -modules/gallery/views/admin_themes.html.php 71 DIRTY $id -modules/gallery/views/admin_themes.html.php 71 DIRTY $info->name -modules/gallery/views/admin_themes.html.php 72 DIRTY $id -modules/gallery/views/admin_themes.html.php 73 DIRTY $info->name -modules/gallery/views/admin_themes.html.php 74 DIRTY $info->name -modules/gallery/views/admin_themes.html.php 76 DIRTY $info->description -modules/gallery/views/admin_themes_preview.html.php 3 DIRTY $type -modules/gallery/views/admin_themes_preview.html.php 3 DIRTY $theme_name -modules/gallery/views/admin_themes_preview.html.php 3 DIRTY $csrf -modules/gallery/views/admin_themes_preview.html.php 4 DIRTY $info->name -modules/gallery/views/admin_themes_preview.html.php 7 DIRTY $url -modules/gallery/views/after_install.html.php 11 $user->name -modules/gallery/views/after_install.html.php 15 DIRTY $user->id -modules/gallery/views/kohana_error_page.php 98 DIRTY $message -modules/gallery/views/kohana_error_page.php 100 DIRTY $file -modules/gallery/views/kohana_error_page.php 100 DIRTY $line -modules/gallery/views/kohana_error_page.php 112 DIRTY $trace -modules/gallery/views/kohana_profiler.php 32 DIRTY $profile->render() -modules/gallery/views/kohana_profiler.php 34 DIRTY $execution_time -modules/gallery/views/l10n_client.html.php 17 DIRTY $string -modules/gallery/views/l10n_client.html.php 19 DIRTY $string -modules/gallery/views/l10n_client.html.php 20 DIRTY $string -modules/gallery/views/l10n_client.html.php 22 DIRTY $string -modules/gallery/views/l10n_client.html.php 28 DIRTY $l10n_search_form -modules/gallery/views/l10n_client.html.php 72 DIRTY $string_list -modules/gallery/views/l10n_client.html.php 73 DIRTY $plural_forms -modules/gallery/views/move_browse.html.php 4 DIRTY $source->id -modules/gallery/views/move_browse.html.php 39 DIRTY $tree -modules/gallery/views/move_browse.html.php 42 DIRTY $source->id -modules/gallery/views/move_tree.html.php 2 DIRTY $parent->thumb_img(array(), 25) -modules/gallery/views/move_tree.html.php 4 DIRTY $parent->id -modules/gallery/views/move_tree.html.php 4 $parent->title -modules/gallery/views/move_tree.html.php 6 DIRTY $parent->id -modules/gallery/views/move_tree.html.php 6 $parent->title -modules/gallery/views/move_tree.html.php 8 DIRTY $parent->id -modules/gallery/views/move_tree.html.php 10 DIRTY $child->id -modules/gallery/views/move_tree.html.php 11 DIRTY $child->thumb_img(array(), 25) -modules/gallery/views/move_tree.html.php 13 DIRTY $child->id -modules/gallery/views/move_tree.html.php 13 $child->title -modules/gallery/views/move_tree.html.php 15 DIRTY $child->id -modules/gallery/views/move_tree.html.php 15 $child->title -modules/gallery/views/movieplayer.html.php 2 DIRTY $item->file_url(true) -modules/gallery/views/movieplayer.html.php 2 DIRTY $attrs -modules/gallery/views/movieplayer.html.php 4 DIRTY $attrs -modules/gallery/views/permissions_browse.html.php 15 DIRTY $csrf -modules/gallery/views/permissions_browse.html.php 37 DIRTY $parent->id -modules/gallery/views/permissions_browse.html.php 38 $parent->title -modules/gallery/views/permissions_browse.html.php 40 DIRTY $parent->id -modules/gallery/views/permissions_browse.html.php 44 DIRTY $item->id -modules/gallery/views/permissions_browse.html.php 45 $item->title -modules/gallery/views/permissions_browse.html.php 47 DIRTY $item->id -modules/gallery/views/permissions_browse.html.php 48 DIRTY $form -modules/gallery/views/permissions_form.html.php 9 $group->name -modules/gallery/views/permissions_form.html.php 15 DIRTY $permission->display_name -modules/gallery/views/permissions_form.html.php 24 DIRTY $lock->id -modules/gallery/views/permissions_form.html.php 32 DIRTY $group->id -modules/gallery/views/permissions_form.html.php 32 DIRTY $permission->id -modules/gallery/views/permissions_form.html.php 32 DIRTY $item->id -modules/gallery/views/permissions_form.html.php 36 DIRTY $group->id -modules/gallery/views/permissions_form.html.php 36 DIRTY $permission->id -modules/gallery/views/permissions_form.html.php 36 DIRTY $item->id -modules/gallery/views/permissions_form.html.php 43 DIRTY $group->id -modules/gallery/views/permissions_form.html.php 43 DIRTY $permission->id -modules/gallery/views/permissions_form.html.php 43 DIRTY $item->id -modules/gallery/views/permissions_form.html.php 47 DIRTY $group->id -modules/gallery/views/permissions_form.html.php 47 DIRTY $permission->id -modules/gallery/views/permissions_form.html.php 47 DIRTY $item->id -modules/gallery/views/permissions_form.html.php 56 DIRTY $group->id -modules/gallery/views/permissions_form.html.php 56 DIRTY $permission->id -modules/gallery/views/permissions_form.html.php 56 DIRTY $item->id -modules/gallery/views/permissions_form.html.php 63 DIRTY $group->id -modules/gallery/views/permissions_form.html.php 63 DIRTY $permission->id -modules/gallery/views/permissions_form.html.php 63 DIRTY $item->id -modules/gallery/views/permissions_form.html.php 74 DIRTY $group->id -modules/gallery/views/permissions_form.html.php 74 DIRTY $permission->id -modules/gallery/views/permissions_form.html.php 74 DIRTY $item->id -modules/gallery/views/permissions_form.html.php 79 DIRTY $group->id -modules/gallery/views/permissions_form.html.php 79 DIRTY $permission->id -modules/gallery/views/permissions_form.html.php 79 DIRTY $item->id -modules/gallery/views/quick_pane.html.php 3 DIRTY $button->class -modules/gallery/views/quick_pane.html.php 3 DIRTY $button->href -modules/gallery/views/quick_pane.html.php 4 DIRTY $button->title -modules/gallery/views/quick_pane.html.php 5 DIRTY $button->icon -modules/gallery/views/quick_pane.html.php 6 DIRTY $button->title -modules/gallery/views/quick_pane.html.php 20 DIRTY $button->class -modules/gallery/views/quick_pane.html.php 20 DIRTY $button->href -modules/gallery/views/quick_pane.html.php 21 DIRTY $button->title -modules/gallery/views/quick_pane.html.php 22 DIRTY $button->title -modules/gallery/views/simple_uploader.html.php 7 DIRTY $csrf -modules/gallery/views/simple_uploader.html.php 9 $item->title -modules/gallery/views/simple_uploader.html.php 29 $parent->title -modules/gallery/views/simple_uploader.html.php 31 $item->title -modules/gallery/views/simple_uploader.html.php 85 DIRTY $item->id -modules/gallery/views/simple_uploader.html.php 89 DIRTY $csrf -modules/gallery/views/upgrader.html.php 44 DIRTY $module->version -modules/gallery/views/upgrader.html.php 44 DIRTY $module->code_version -modules/gallery/views/upgrader.html.php 45 DIRTY $id -modules/gallery/views/upgrader.html.php 46 DIRTY $module->name -modules/gallery/views/upgrader.html.php 49 DIRTY $module->version -modules/gallery/views/upgrader.html.php 52 DIRTY $module->code_version -modules/gallery/views/upgrader.html.php 75 DIRTY $module->name -modules/gallery/views/upgrader.html.php 84 DIRTY $upgrade_token -modules/image_block/views/image_block_block.html.php 3 DIRTY $item->url() -modules/image_block/views/image_block_block.html.php 4 DIRTY $item->thumb_img(array("class" => "gThumbnail")) -modules/info/views/info_block.html.php 5 $item->title -modules/info/views/info_block.html.php 10 $item->description -modules/info/views/info_block.html.php 16 $item->name -modules/info/views/info_block.html.php 22 DIRTY $item->captured -modules/info/views/info_block.html.php 29 DIRTY $item->owner->url -modules/info/views/info_block.html.php 29 $item->owner->full_name -modules/info/views/info_block.html.php 31 $item->owner->name -modules/notification/views/comment_published.html.php 4 $subject -modules/notification/views/comment_published.html.php 7 $subject -modules/notification/views/comment_published.html.php 11 $comment->text -modules/notification/views/comment_published.html.php 15 $comment->author_name() -modules/notification/views/comment_published.html.php 19 $comment->author_email() -modules/notification/views/comment_published.html.php 23 $comment->author_url() -modules/notification/views/comment_published.html.php 28 DIRTY $comment->item()->url(array(), true) -modules/notification/views/comment_published.html.php 29 DIRTY $comment->item()->url(array(), true) -modules/notification/views/item_added.html.php 4 $subject -modules/notification/views/item_added.html.php 7 $subject -modules/notification/views/item_added.html.php 11 $item->title -modules/notification/views/item_added.html.php 16 DIRTY $item->url(array(), true) -modules/notification/views/item_added.html.php 17 DIRTY $item->url(array(), true) -modules/notification/views/item_added.html.php 24 $item->description -modules/notification/views/item_deleted.html.php 4 $subject -modules/notification/views/item_deleted.html.php 7 $subject -modules/notification/views/item_deleted.html.php 12 $item->parent()->title -modules/notification/views/item_deleted.html.php 18 DIRTY $item->parent()->url(array(), true) -modules/notification/views/item_deleted.html.php 19 DIRTY $item->parent()->url(array(), true) -modules/notification/views/item_updated.html.php 4 $subject -modules/notification/views/item_updated.html.php 7 $subject -modules/notification/views/item_updated.html.php 12 $new->title -modules/notification/views/item_updated.html.php 15 $new->title -modules/notification/views/item_updated.html.php 20 DIRTY $new->url(array(), true) -modules/notification/views/item_updated.html.php 20 DIRTY $new->url(array(), true) -modules/notification/views/item_updated.html.php 25 $new->description -modules/notification/views/item_updated.html.php 30 $new->description -modules/organize/views/organize.html.php 10 DIRTY $item->id -modules/organize/views/organize.html.php 12 DIRTY $csrf -modules/organize/views/organize.html.php 13 DIRTY $csrf -modules/organize/views/organize.html.php 19 $item->title -modules/organize/views/organize.html.php 33 DIRTY $album_tree -modules/organize/views/organize.html.php 48 DIRTY $button_pane -modules/organize/views/organize_album.html.php 3 DIRTY $album->id -modules/organize/views/organize_album.html.php 4 DIRTY $album->id -modules/organize/views/organize_album.html.php 4 DIRTY $album->id -modules/organize/views/organize_album.html.php 5 DIRTY $album_icon -modules/organize/views/organize_album.html.php 5 DIRTY $album_icon -modules/organize/views/organize_album.html.php 8 DIRTY $album->id -modules/organize/views/organize_album.html.php 8 DIRTY $album->id -modules/organize/views/organize_album.html.php 9 DIRTY $selected -modules/organize/views/organize_album.html.php 10 $album->title -modules/organize/views/organize_album.html.php 12 DIRTY $album->id -modules/organize/views/organize_album.html.php 13 DIRTY $album_icon -modules/organize/views/organize_album.html.php 14 DIRTY $children -modules/organize/views/organize_edit.html.php 4 DIRTY $idx -modules/organize/views/organize_edit.html.php 4 DIRTY $pane -modules/organize/views/organize_edit.html.php 10 DIRTY $idx -modules/organize/views/organize_edit.html.php 10 DIRTY $pane -modules/organize/views/organize_thumb_grid.html.php 7 DIRTY $child->id -modules/organize/views/organize_thumb_grid.html.php 7 DIRTY $child->id -modules/organize/views/organize_thumb_grid.html.php 8 DIRTY $child->id -modules/organize/views/organize_thumb_grid.html.php 8 DIRTY $item_class -modules/organize/views/organize_thumb_grid.html.php 9 DIRTY $child->thumb_img(array("class" => "gThumbnail"), $thumbsize, true) -modules/recaptcha/views/admin_recaptcha.html.php 6 DIRTY $form->get_key_url -modules/recaptcha/views/admin_recaptcha.html.php 10 DIRTY $form -modules/recaptcha/views/admin_recaptcha.html.php 23 DIRTY $public_key -modules/recaptcha/views/form_recaptcha.html.php 7 DIRTY $public_key -modules/rss/views/feed.mrss.php 9 $feed->title -modules/rss/views/feed.mrss.php 10 DIRTY $feed->uri -modules/rss/views/feed.mrss.php 11 $feed->description -modules/rss/views/feed.mrss.php 13 DIRTY $feed->uri -modules/rss/views/feed.mrss.php 16 DIRTY $feed->previous_page_uri -modules/rss/views/feed.mrss.php 19 DIRTY $feed->next_page_uri -modules/rss/views/feed.mrss.php 21 DIRTY $pub_date -modules/rss/views/feed.mrss.php 22 DIRTY $pub_date -modules/rss/views/feed.mrss.php 25 $child->title -modules/rss/views/feed.mrss.php 26 DIRTY $child->type -modules/rss/views/feed.mrss.php 26 DIRTY $child->id -modules/rss/views/feed.mrss.php 27 DIRTY $child->type -modules/rss/views/feed.mrss.php 27 DIRTY $child->id -modules/rss/views/feed.mrss.php 28 DIRTY $child->created -modules/rss/views/feed.mrss.php 31 $child->description -modules/rss/views/feed.mrss.php 34 DIRTY $child->resize_url(true) -modules/rss/views/feed.mrss.php 35 $child->title -modules/rss/views/feed.mrss.php 36 DIRTY $child->resize_height -modules/rss/views/feed.mrss.php 36 DIRTY $child->resize_width -modules/rss/views/feed.mrss.php 38 DIRTY $child->type -modules/rss/views/feed.mrss.php 38 DIRTY $child->id -modules/rss/views/feed.mrss.php 39 DIRTY $child->thumb_url(true) -modules/rss/views/feed.mrss.php 40 $child->title -modules/rss/views/feed.mrss.php 41 DIRTY $child->thumb_height -modules/rss/views/feed.mrss.php 41 DIRTY $child->thumb_width -modules/rss/views/feed.mrss.php 43 $child->description -modules/rss/views/feed.mrss.php 47 DIRTY $child->thumb_url(true) -modules/rss/views/feed.mrss.php 48 DIRTY $child->thumb_path() -modules/rss/views/feed.mrss.php 49 DIRTY $child->thumb_height -modules/rss/views/feed.mrss.php 50 DIRTY $child->thumb_width -modules/rss/views/feed.mrss.php 54 DIRTY $child->resize_url(true) -modules/rss/views/feed.mrss.php 55 DIRTY $child->resize_path() -modules/rss/views/feed.mrss.php 56 DIRTY $child->mime_type -modules/rss/views/feed.mrss.php 57 DIRTY $child->resize_height -modules/rss/views/feed.mrss.php 58 DIRTY $child->resize_width -modules/rss/views/feed.mrss.php 62 DIRTY $child->file_url(true) -modules/rss/views/feed.mrss.php 63 DIRTY $child->file_path() -modules/rss/views/feed.mrss.php 64 DIRTY $child->mime_type -modules/rss/views/feed.mrss.php 65 DIRTY $child->height -modules/rss/views/feed.mrss.php 66 DIRTY $child->width -modules/rss/views/feed.mrss.php 70 DIRTY $child->file_url(true) -modules/rss/views/feed.mrss.php 71 DIRTY $child->file_path() -modules/rss/views/feed.mrss.php 72 DIRTY $child->height -modules/rss/views/feed.mrss.php 73 DIRTY $child->width -modules/rss/views/feed.mrss.php 74 DIRTY $child->mime_type -modules/rss/views/rss_block.html.php 6 DIRTY $url -modules/rss/views/rss_block.html.php 8 DIRTY $title -modules/search/views/search.html.php 11 $q -modules/search/views/search.html.php 30 DIRTY $item_class -modules/search/views/search.html.php 31 DIRTY $item->id -modules/search/views/search.html.php 32 DIRTY $item->thumb_img() -modules/search/views/search.html.php 34 $item->title -modules/search/views/search.html.php 37 $item->description -modules/search/views/search.html.php 43 DIRTY $theme->pager() -modules/search/views/search.html.php 47 $q -modules/server_add/views/admin_server_add.html.php 14 DIRTY $path -modules/server_add/views/admin_server_add.html.php 14 DIRTY $csrf -modules/server_add/views/admin_server_add.html.php 15 DIRTY $id -modules/server_add/views/admin_server_add.html.php 19 DIRTY $path -modules/server_add/views/admin_server_add.html.php 24 DIRTY $form -modules/server_add/views/server_add_tree.html.php 4 DIRTY $tree_id -modules/server_add/views/server_add_tree.html.php 6 DIRTY $file_info -modules/server_add/views/server_add_tree.html.php 10 $file_info -modules/server_add/views/server_add_tree.html.php 10 DIRTY $checked -modules/server_add/views/server_add_tree.html.php 10 $file -modules/server_add/views/server_add_tree_dialog.html.php 10 $album_title -modules/server_add/views/server_add_tree_dialog.html.php 15 $parent->title -modules/server_add/views/server_add_tree_dialog.html.php 17 $album_title -modules/server_add/views/server_add_tree_dialog.html.php 20 DIRTY $action -modules/server_add/views/server_add_tree_dialog.html.php 22 DIRTY $tree -modules/tag/views/admin_tags.html.php 13 DIRTY $csrf -modules/tag/views/admin_tags.html.php 27 DIRTY $tags->count() -modules/tag/views/admin_tags.html.php 35 DIRTY $current_letter -modules/tag/views/admin_tags.html.php 45 DIRTY $current_letter -modules/tag/views/admin_tags.html.php 50 DIRTY $tag->id -modules/tag/views/admin_tags.html.php 50 $tag->name -modules/tag/views/admin_tags.html.php 51 DIRTY $tag->count -modules/tag/views/admin_tags.html.php 52 DIRTY $tag->id -modules/tag/views/tag_block.html.php 3 DIRTY $cloud -modules/tag/views/tag_block.html.php 5 DIRTY $form -modules/tag/views/tag_cloud.html.php 4 DIRTY $tag->count -modules/tag/views/tag_cloud.html.php 4 DIRTY $max_count -modules/tag/views/tag_cloud.html.php 5 DIRTY $tag->count -modules/tag/views/tag_cloud.html.php 6 DIRTY $tag->id -modules/tag/views/tag_cloud.html.php 6 $tag->name -modules/user/views/admin_users.html.php 3 DIRTY $csrf -modules/user/views/admin_users.html.php 36 DIRTY $csrf -modules/user/views/admin_users.html.php 67 DIRTY $user->id -modules/user/views/admin_users.html.php 67 DIRTY $user->admin -modules/user/views/admin_users.html.php 68 DIRTY $user->id -modules/user/views/admin_users.html.php 69 DIRTY $user->avatar_url(20, $theme->theme_url("images/avatar.jpg", true)) -modules/user/views/admin_users.html.php 71 $user->name -modules/user/views/admin_users.html.php 74 $user->name -modules/user/views/admin_users.html.php 77 $user->full_name -modules/user/views/admin_users.html.php 80 $user->email -modules/user/views/admin_users.html.php 83 DIRTY $user->last_login -modules/user/views/admin_users.html.php 83 DIRTY $user->last_login -modules/user/views/admin_users.html.php 86 DIRTY $user->id -modules/user/views/admin_users.html.php 91 DIRTY $user->id -modules/user/views/admin_users.html.php 121 DIRTY $group->id -modules/user/views/admin_users.html.php 121 DIRTY $group->special -modules/user/views/admin_users.html.php 123 DIRTY $v -modules/user/views/admin_users_group.html.php 3 $group->name -modules/user/views/admin_users_group.html.php 5 DIRTY $group->id -modules/user/views/admin_users_group.html.php 6 $group->name -modules/user/views/admin_users_group.html.php 20 $user->name -modules/user/views/admin_users_group.html.php 22 DIRTY $user->id -modules/user/views/admin_users_group.html.php 22 DIRTY $group->id -modules/user/views/admin_users_group.html.php 25 $user->name -modules/user/views/admin_users_group.html.php 25 $group->name -modules/user/views/login.html.php 12 DIRTY $user->id -modules/user/views/login.html.php 15 $user->full_name -modules/user/views/login.html.php 15 $user->name -modules/user/views/login.html.php 15 $user->full_name -modules/user/views/login.html.php 18 DIRTY $csrf -modules/user/views/login_ajax.html.php 37 DIRTY $form -modules/user/views/reset_password.html.php 9 $user->full_name -modules/user/views/reset_password.html.php 9 $user->full_name -modules/user/views/reset_password.html.php 9 $user->name -modules/user/views/reset_password.html.php 12 DIRTY $confirm_url -modules/watermark/views/admin_watermarks.html.php 19 DIRTY $width -modules/watermark/views/admin_watermarks.html.php 19 DIRTY $height -modules/watermark/views/admin_watermarks.html.php 19 DIRTY $url -modules/watermark/views/admin_watermarks.html.php 21 DIRTY $position -themes/admin_default/views/admin.html.php 10 DIRTY $theme->css("lib/yui/reset-fonts-grids.css") -themes/admin_default/views/admin.html.php 11 DIRTY $theme->css("lib/themeroller/ui.base.css") -themes/admin_default/views/admin.html.php 12 DIRTY $theme->css("lib/superfish/css/superfish.css") -themes/admin_default/views/admin.html.php 13 DIRTY $theme->css("themes/default/css/screen.css") -themes/admin_default/views/admin.html.php 14 DIRTY $theme->theme_css("css/screen.css") -themes/admin_default/views/admin.html.php 16 DIRTY $theme->theme_url("css/fix-ie.css") -themes/admin_default/views/admin.html.php 20 DIRTY $theme->script("lib/jquery.js") -themes/admin_default/views/admin.html.php 21 DIRTY $theme->script("lib/jquery.form.js") -themes/admin_default/views/admin.html.php 22 DIRTY $theme->script("lib/jquery-ui.js") -themes/admin_default/views/admin.html.php 23 DIRTY $theme->script("lib/gallery.common.js") -themes/admin_default/views/admin.html.php 28 DIRTY $theme->script("lib/gallery.dialog.js") -themes/admin_default/views/admin.html.php 29 DIRTY $theme->script("lib/superfish/js/superfish.js") -themes/admin_default/views/admin.html.php 30 DIRTY $theme->theme_script("js/jquery.dropshadow.js") -themes/admin_default/views/admin.html.php 31 DIRTY $theme->theme_script("js/ui.init.js") -themes/admin_default/views/admin.html.php 33 DIRTY $theme->admin_head() -themes/admin_default/views/admin.html.php 36 DIRTY $theme->body_attributes() -themes/admin_default/views/admin.html.php 37 DIRTY $theme->admin_page_top() -themes/admin_default/views/admin.html.php 43 DIRTY $theme->site_status() -themes/admin_default/views/admin.html.php 45 DIRTY $theme->admin_header_top() -themes/admin_default/views/admin.html.php 48 DIRTY $csrf -themes/admin_default/views/admin.html.php 52 DIRTY $theme->admin_menu() -themes/admin_default/views/admin.html.php 54 DIRTY $theme->admin_header_bottom() -themes/admin_default/views/admin.html.php 60 DIRTY $theme->messages() -themes/admin_default/views/admin.html.php 61 DIRTY $content -themes/admin_default/views/admin.html.php 67 DIRTY $sidebar -themes/admin_default/views/admin.html.php 72 DIRTY $theme->admin_footer() -themes/admin_default/views/admin.html.php 74 DIRTY $theme->admin_credits() -themes/admin_default/views/admin.html.php 78 DIRTY $theme->admin_page_bottom() -themes/admin_default/views/block.html.php 2 DIRTY $id -themes/admin_default/views/block.html.php 2 DIRTY $css_id -themes/admin_default/views/block.html.php 5 DIRTY $id -themes/admin_default/views/block.html.php 5 DIRTY $csrf -themes/admin_default/views/block.html.php 10 DIRTY $title -themes/admin_default/views/block.html.php 13 DIRTY $content -themes/admin_default/views/pager.html.php 13 DIRTY $url -themes/admin_default/views/pager.html.php 20 DIRTY $previous_page -themes/admin_default/views/pager.html.php 20 DIRTY $url -themes/admin_default/views/pager.html.php 27 DIRTY $from_to_msg -themes/admin_default/views/pager.html.php 30 DIRTY $next_page -themes/admin_default/views/pager.html.php 30 DIRTY $url -themes/admin_default/views/pager.html.php 37 DIRTY $last_page -themes/admin_default/views/pager.html.php 37 DIRTY $url -themes/default/views/album.html.php 4 DIRTY $theme->album_top() -themes/default/views/album.html.php 5 $item->title -themes/default/views/album.html.php 6 $item->description -themes/default/views/album.html.php 16 DIRTY $child->id -themes/default/views/album.html.php 16 DIRTY $item_class -themes/default/views/album.html.php 17 DIRTY $theme->thumb_top($child) -themes/default/views/album.html.php 18 DIRTY $child->url() -themes/default/views/album.html.php 19 DIRTY $child->thumb_img(array("class" => "gThumbnail")) -themes/default/views/album.html.php 21 DIRTY $theme->thumb_bottom($child) -themes/default/views/album.html.php 22 DIRTY $theme->thumb_menu($child) -themes/default/views/album.html.php 23 DIRTY $child->url() -themes/default/views/album.html.php 23 $child->title -themes/default/views/album.html.php 25 DIRTY $theme->thumb_info($child) -themes/default/views/album.html.php 33 DIRTY $addurl -themes/default/views/album.html.php 39 DIRTY $theme->album_bottom() -themes/default/views/album.html.php 41 DIRTY $theme->pager() -themes/default/views/block.html.php 2 DIRTY $anchor -themes/default/views/block.html.php 3 DIRTY $css_id -themes/default/views/block.html.php 4 DIRTY $title -themes/default/views/block.html.php 6 DIRTY $content -themes/default/views/dynamic.html.php 4 DIRTY $theme->dynamic_top() -themes/default/views/dynamic.html.php 6 $tag->name -themes/default/views/dynamic.html.php 11 DIRTY $child->is_album() -themes/default/views/dynamic.html.php 12 DIRTY $theme->thumb_top($child) -themes/default/views/dynamic.html.php 13 DIRTY $child->url() -themes/default/views/dynamic.html.php 14 DIRTY $child->id -themes/default/views/dynamic.html.php 15 DIRTY $child->thumb_url() -themes/default/views/dynamic.html.php 16 DIRTY $child->thumb_width -themes/default/views/dynamic.html.php 17 DIRTY $child->thumb_height -themes/default/views/dynamic.html.php 19 $child->title -themes/default/views/dynamic.html.php 20 DIRTY $theme->thumb_bottom($child) -themes/default/views/dynamic.html.php 22 DIRTY $theme->thumb_info($child) -themes/default/views/dynamic.html.php 27 DIRTY $theme->dynamic_bottom() -themes/default/views/dynamic.html.php 29 DIRTY $theme->pager() -themes/default/views/footer.html.php 2 DIRTY $theme->footer() -themes/default/views/footer.html.php 4 DIRTY $footer_text -themes/default/views/footer.html.php 9 DIRTY $theme->credits() -themes/default/views/header.html.php 2 DIRTY $theme->header_top() -themes/default/views/header.html.php 4 DIRTY $header_text -themes/default/views/header.html.php 7 DIRTY $theme->theme_url("images/logo.png") -themes/default/views/header.html.php 12 DIRTY $theme->site_menu() -themes/default/views/header.html.php 15 DIRTY $theme->header_bottom() -themes/default/views/header.html.php 21 DIRTY $parent->id -themes/default/views/header.html.php 21 DIRTY $item->id -themes/default/views/header.html.php 22 $parent->title -themes/default/views/header.html.php 26 $item->title -themes/default/views/movie.html.php 3 DIRTY $theme->photo_top() -themes/default/views/movie.html.php 6 DIRTY $position -themes/default/views/movie.html.php 6 DIRTY $sibling_count -themes/default/views/movie.html.php 8 DIRTY $previous_item->url() -themes/default/views/movie.html.php 11 DIRTY $next_item->url() -themes/default/views/movie.html.php 15 DIRTY $item->movie_img(array("class" => "gMovie", "id" => "gMovieId-{$item->id}")) -themes/default/views/movie.html.php 18 $item->title -themes/default/views/movie.html.php 19 $item->description -themes/default/views/movie.html.php 25 DIRTY $theme->photo_bottom() -themes/default/views/page.html.php 9 DIRTY $page_title -themes/default/views/page.html.php 13 $theme->item()->title -themes/default/views/page.html.php 15 $theme->item()->title -themes/default/views/page.html.php 17 $theme->item()->title -themes/default/views/page.html.php 20 $theme->tag()->name -themes/default/views/page.html.php 26 DIRTY $theme->theme_url("images/favicon.ico") -themes/default/views/page.html.php 27 DIRTY $theme->css("lib/yui/reset-fonts-grids.css") -themes/default/views/page.html.php 28 DIRTY $theme->css("lib/superfish/css/superfish.css") -themes/default/views/page.html.php 29 DIRTY $theme->css("lib/themeroller/ui.base.css") -themes/default/views/page.html.php 30 DIRTY $theme->theme_css("css/screen.css") -themes/default/views/page.html.php 32 DIRTY $theme->theme_url("css/fix-ie.css") -themes/default/views/page.html.php 41 DIRTY $new_width -themes/default/views/page.html.php 42 DIRTY $new_height -themes/default/views/page.html.php 43 DIRTY $thumb_proportion -themes/default/views/page.html.php 48 DIRTY $theme->script("lib/jquery.js") -themes/default/views/page.html.php 49 DIRTY $theme->script("lib/jquery.form.js") -themes/default/views/page.html.php 50 DIRTY $theme->script("lib/jquery-ui.js") -themes/default/views/page.html.php 51 DIRTY $theme->script("lib/gallery.common.js") -themes/default/views/page.html.php 56 DIRTY $theme->script("lib/gallery.dialog.js") -themes/default/views/page.html.php 57 DIRTY $theme->script("lib/gallery.form.js") -themes/default/views/page.html.php 58 DIRTY $theme->script("lib/superfish/js/superfish.js") -themes/default/views/page.html.php 59 DIRTY $theme->script("lib/jquery.localscroll.js") -themes/default/views/page.html.php 60 DIRTY $theme->theme_script("js/ui.init.js") -themes/default/views/page.html.php 64 DIRTY $theme->script("lib/jquery.scrollTo.js") -themes/default/views/page.html.php 65 DIRTY $theme->script("lib/gallery.show_full_size.js") -themes/default/views/page.html.php 67 DIRTY $theme->script("lib/flowplayer.js") -themes/default/views/page.html.php 70 DIRTY $theme->head() -themes/default/views/page.html.php 73 DIRTY $theme->body_attributes() -themes/default/views/page.html.php 74 DIRTY $theme->page_top() -themes/default/views/page.html.php 76 DIRTY $theme->site_status() -themes/default/views/page.html.php 84 DIRTY $theme->messages() -themes/default/views/page.html.php 85 DIRTY $content -themes/default/views/page.html.php 99 DIRTY $theme->page_bottom() -themes/default/views/pager.html.php 13 DIRTY $url -themes/default/views/pager.html.php 20 DIRTY $previous_page -themes/default/views/pager.html.php 20 DIRTY $url -themes/default/views/pager.html.php 27 DIRTY $from_to_msg -themes/default/views/pager.html.php 30 DIRTY $next_page -themes/default/views/pager.html.php 30 DIRTY $url -themes/default/views/pager.html.php 37 DIRTY $last_page -themes/default/views/pager.html.php 37 DIRTY $url -themes/default/views/photo.html.php 8 DIRTY $theme->item()->file_url() -themes/default/views/photo.html.php 8 DIRTY $theme->item()->width -themes/default/views/photo.html.php 8 DIRTY $theme->item()->height -themes/default/views/photo.html.php 16 DIRTY $theme->photo_top() -themes/default/views/photo.html.php 21 DIRTY $previous_item->url() -themes/default/views/photo.html.php 28 DIRTY $position -themes/default/views/photo.html.php 28 DIRTY $sibling_count -themes/default/views/photo.html.php 31 DIRTY $next_item->url() -themes/default/views/photo.html.php 41 DIRTY $theme->resize_top($item) -themes/default/views/photo.html.php 43 DIRTY $item->file_url() -themes/default/views/photo.html.php 45 DIRTY $item->resize_img(array("id" => "gPhotoId-{$item->id}", "class" => "gResize")) -themes/default/views/photo.html.php 49 DIRTY $theme->resize_bottom($item) -themes/default/views/photo.html.php 53 $item->title -themes/default/views/photo.html.php 54 $item->description -themes/default/views/photo.html.php 60 DIRTY $theme->photo_bottom() -themes/default/views/sidebar.html.php 2 DIRTY $theme->sidebar_top() -themes/default/views/sidebar.html.php 6 DIRTY $theme->album_menu() -themes/default/views/sidebar.html.php 8 DIRTY $theme->photo_menu() -themes/default/views/sidebar.html.php 10 DIRTY $theme->tag_menu() -themes/default/views/sidebar.html.php 15 DIRTY $theme->sidebar_blocks() -themes/default/views/sidebar.html.php 16 DIRTY $theme->sidebar_bottom() +modules/akismet/views/admin_akismet.html.php 16 DIRTY $form +modules/akismet/views/admin_akismet_stats.html.php 9 DIRTY_ATTR $api_key +modules/akismet/views/admin_akismet_stats.html.php 9 DIRTY_ATTR urlencode($blog_url) +modules/comment/views/admin_block_recent_comments.html.php 4 DIRTY_ATTR ($i%2==0)?"gEvenRow":"gOddRow" +modules/comment/views/admin_block_recent_comments.html.php 5 DIRTY_ATTR $comment->author()->avatar_url(32,$theme->url(,true)) +modules/comment/views/admin_block_recent_comments.html.php 10 DIRTY gallery::date_time($comment->created) +modules/comment/views/admin_comments.html.php 42 DIRTY $menu +modules/comment/views/admin_comments.html.php 106 DIRTY_ATTR $comment->id +modules/comment/views/admin_comments.html.php 106 DIRTY_ATTR ($i%2==0)?"gOddRow":"gEvenRow" +modules/comment/views/admin_comments.html.php 109 DIRTY_ATTR $comment->author()->avatar_url(40,$theme->url(,true)) +modules/comment/views/admin_comments.html.php 122 DIRTY_JS $item->url() +modules/comment/views/admin_comments.html.php 124 DIRTY_ATTR $item->thumb_url() +modules/comment/views/admin_comments.html.php 126 DIRTY photo::img_dimensions($item->thumb_width,$item->thumb_height,75) +modules/comment/views/admin_comments.html.php 134 DIRTY gallery::date($comment->created) +modules/comment/views/admin_comments.html.php 141 DIRTY_JS $comment->id +modules/comment/views/admin_comments.html.php 150 DIRTY_JS $comment->id +modules/comment/views/admin_comments.html.php 159 DIRTY_JS $comment->id +modules/comment/views/admin_comments.html.php 168 DIRTY_JS $comment->id +modules/comment/views/admin_comments.html.php 175 DIRTY_JS $comment->id +modules/comment/views/admin_comments.html.php 183 DIRTY_JS $comment->id +modules/comment/views/admin_comments.html.php 196 DIRTY $pager +modules/comment/views/comment.html.php 2 DIRTY_ATTR $comment->id; +modules/comment/views/comment.html.php 5 DIRTY_ATTR $comment->author()->avatar_url(40,$theme->url(,true)) +modules/comment/views/comment.mrss.php 10 DIRTY $feed->uri +modules/comment/views/comment.mrss.php 13 DIRTY_JS $feed->uri +modules/comment/views/comment.mrss.php 16 DIRTY_JS $feed->previous_page_uri +modules/comment/views/comment.mrss.php 19 DIRTY_JS $feed->next_page_uri +modules/comment/views/comment.mrss.php 21 DIRTY $pub_date +modules/comment/views/comment.mrss.php 22 DIRTY $pub_date +modules/comment/views/comment.mrss.php 28 DIRTY $child->item_uri +modules/comment/views/comment.mrss.php 29 DIRTY $child->pub_date +modules/comment/views/comment.mrss.php 34 DIRTY_ATTR $child->thumb_url +modules/comment/views/comment.mrss.php 35 DIRTY_ATTR $child->thumb_height +modules/comment/views/comment.mrss.php 35 DIRTY_ATTR $child->thumb_width +modules/comment/views/comments.html.php 16 DIRTY_ATTR $comment->id +modules/comment/views/comments.html.php 19 DIRTY_ATTR $comment->author()->avatar_url(40,$theme->url(,true)) +modules/digibug/views/digibug_form.html.php 4 DIRTY form::open("http://www.digibug.com/dapi/order.php") +modules/digibug/views/digibug_form.html.php 5 DIRTY form::hidden($order_parms) +modules/digibug/views/digibug_form.html.php 6 DIRTY form::close() +modules/exif/views/exif_dialog.html.php 14 DIRTY $details[$i]["caption"] +modules/exif/views/exif_dialog.html.php 21 DIRTY $details[$i]["caption"] +modules/g2_import/views/admin_g2_import.html.php 28 DIRTY $form +modules/gallery/views/admin_advanced_settings.html.php 22 DIRTY $var->module_name +modules/gallery/views/admin_block_log_entries.html.php 4 DIRTY_ATTR log::severity_class($entry->severity) +modules/gallery/views/admin_block_log_entries.html.php 6 DIRTY gallery::date_time($entry->timestamp) +modules/gallery/views/admin_block_log_entries.html.php 7 DIRTY $entry->message +modules/gallery/views/admin_block_log_entries.html.php 8 DIRTY $entry->html +modules/gallery/views/admin_block_news.html.php 5 DIRTY_JS $entry["link"] +modules/gallery/views/admin_block_news.html.php 5 DIRTY $entry["title"] +modules/gallery/views/admin_block_news.html.php 7 DIRTY text::limit_words(strip_tags($entry["description"]),25); +modules/gallery/views/admin_block_photo_stream.html.php 5 DIRTY_JS $photo->url() +modules/gallery/views/admin_block_photo_stream.html.php 6 DIRTY photo::img_dimensions($photo->width,$photo->height,72) +modules/gallery/views/admin_block_photo_stream.html.php 7 DIRTY_ATTR $photo->thumb_url() +modules/gallery/views/admin_dashboard.html.php 5 DIRTY_JS $csrf +modules/gallery/views/admin_dashboard.html.php 35 DIRTY $blocks +modules/gallery/views/admin_graphics.html.php 22 DIRTY newView("admin_graphics_none.html") +modules/gallery/views/admin_graphics.html.php 24 DIRTY newView("admin_graphics_$active.html",array("tk"=>$tk->$active,"is_active"=>true)) +modules/gallery/views/admin_graphics.html.php 31 DIRTY newView("admin_graphics_$id.html",array("tk"=>$tk->$id,"is_active"=>false)) +modules/gallery/views/admin_graphics_gd.html.php 2 DIRTY_ATTR $is_active?" gSelected":"" +modules/gallery/views/admin_graphics_gd.html.php 2 DIRTY_ATTR $tk->installed?" gInstalledToolkit":" gUnavailable" +modules/gallery/views/admin_graphics_gd.html.php 19 DIRTY $tk->error +modules/gallery/views/admin_graphics_graphicsmagick.html.php 2 DIRTY_ATTR $is_active?" gSelected":"" +modules/gallery/views/admin_graphics_graphicsmagick.html.php 2 DIRTY_ATTR $tk->installed?" gInstalledToolkit":" gUnavailable" +modules/gallery/views/admin_graphics_graphicsmagick.html.php 18 DIRTY $tk->error +modules/gallery/views/admin_graphics_imagemagick.html.php 2 DIRTY_ATTR $is_active?" gSelected":"" +modules/gallery/views/admin_graphics_imagemagick.html.php 2 DIRTY_ATTR $tk->installed?" gInstalledToolkit":" gUnavailable" +modules/gallery/views/admin_graphics_imagemagick.html.php 18 DIRTY $tk->error +modules/gallery/views/admin_languages.html.php 9 DIRTY access::csrf_form_field() +modules/gallery/views/admin_languages.html.php 27 DIRTY_ATTR (isset($installed_locales[$code]))?"installed":"" +modules/gallery/views/admin_languages.html.php 27 DIRTY_ATTR ($default_locale==$code)?" default":"" +modules/gallery/views/admin_languages.html.php 28 DIRTY form::checkbox("installed_locales[]",$code,isset($installed_locales[$code])) +modules/gallery/views/admin_languages.html.php 29 DIRTY $display_name +modules/gallery/views/admin_languages.html.php 31 DIRTY form::radio("default_locale",$code,($default_locale==$code),((isset($installed_locales[$code]))?'':'disabled="disabled"')) +modules/gallery/views/admin_languages.html.php 102 DIRTY $share_translations_form +modules/gallery/views/admin_maintenance.html.php 24 DIRTY_ATTR ($i%2==0)?"gOddRow":"gEvenRow" +modules/gallery/views/admin_maintenance.html.php 24 DIRTY_ATTR log::severity_class($task->severity) +modules/gallery/views/admin_maintenance.html.php 25 DIRTY_ATTR log::severity_class($task->severity) +modules/gallery/views/admin_maintenance.html.php 26 DIRTY $task->name +modules/gallery/views/admin_maintenance.html.php 29 DIRTY $task->description +modules/gallery/views/admin_maintenance.html.php 72 DIRTY_ATTR ($i%2==0)?"gOddRow":"gEvenRow" +modules/gallery/views/admin_maintenance.html.php 72 DIRTY_ATTR $task->state=="stalled"?"gWarning":"" +modules/gallery/views/admin_maintenance.html.php 73 DIRTY_ATTR $task->state=="stalled"?"gWarning":"" +modules/gallery/views/admin_maintenance.html.php 74 DIRTY gallery::date_time($task->updated) +modules/gallery/views/admin_maintenance.html.php 77 DIRTY $task->name +modules/gallery/views/admin_maintenance.html.php 92 DIRTY $task->status +modules/gallery/views/admin_maintenance.html.php 145 DIRTY_ATTR ($i%2==0)?"gOddRow":"gEvenRow" +modules/gallery/views/admin_maintenance.html.php 145 DIRTY_ATTR $task->state=="success"?"gSuccess":"gError" +modules/gallery/views/admin_maintenance.html.php 146 DIRTY_ATTR $task->state=="success"?"gSuccess":"gError" +modules/gallery/views/admin_maintenance.html.php 147 DIRTY gallery::date_time($task->updated) +modules/gallery/views/admin_maintenance.html.php 150 DIRTY $task->name +modules/gallery/views/admin_maintenance.html.php 162 DIRTY $task->status +modules/gallery/views/admin_maintenance_show_log.html.php 8 DIRTY_JS url::site("admin/maintenance/save_log/$task->id?csrf=$csrf") +modules/gallery/views/admin_maintenance_show_log.html.php 13 DIRTY $task->name +modules/gallery/views/admin_maintenance_task.html.php 55 DIRTY $task->name +modules/gallery/views/admin_modules.html.php 9 DIRTY access::csrf_form_field() +modules/gallery/views/admin_modules.html.php 19 DIRTY_ATTR ($i%2==0)?"gOddRow":"gEvenRow" +modules/gallery/views/admin_modules.html.php 22 DIRTY form::checkbox($data,'1',module::is_active($module_name)) +modules/gallery/views/admin_modules.html.php 24 DIRTY $module_info->version +modules/gallery/views/admin_theme_options.html.php 5 DIRTY $form +modules/gallery/views/admin_themes.html.php 3 DIRTY_JS url::site("admin/themes/choose") +modules/gallery/views/admin_themes.html.php 5 DIRTY_JS $csrf +modules/gallery/views/admin_themes.html.php 20 DIRTY $themes[$site]->name +modules/gallery/views/admin_themes.html.php 22 DIRTY $themes[$site]->description +modules/gallery/views/admin_themes.html.php 36 DIRTY $info->name +modules/gallery/views/admin_themes.html.php 38 DIRTY $info->description +modules/gallery/views/admin_themes.html.php 58 DIRTY $themes[$admin]->name +modules/gallery/views/admin_themes.html.php 60 DIRTY $themes[$admin]->description +modules/gallery/views/admin_themes.html.php 74 DIRTY $info->name +modules/gallery/views/admin_themes.html.php 76 DIRTY $info->description +modules/gallery/views/admin_themes_preview.html.php 7 DIRTY_ATTR $url +modules/gallery/views/kohana_error_page.php 102 DIRTY $message +modules/gallery/views/kohana_error_page.php 116 DIRTY $trace +modules/gallery/views/kohana_profiler.php 32 DIRTY $profile->render(); +modules/gallery/views/l10n_client.html.php 21 DIRTY_ATTR $string["translation"]===""?"untranslated":"translated" +modules/gallery/views/l10n_client.html.php 23 DIRTY $string["source"]["one"] +modules/gallery/views/l10n_client.html.php 24 DIRTY $string["source"]["other"] +modules/gallery/views/l10n_client.html.php 26 DIRTY $string["source"] +modules/gallery/views/l10n_client.html.php 32 DIRTY $l10n_search_form +modules/gallery/views/l10n_client.html.php 41 DIRTY access::csrf_form_field() +modules/gallery/views/l10n_client.html.php 42 DIRTY form::hidden("l10n-message-key") +modules/gallery/views/l10n_client.html.php 43 DIRTY form::textarea("l10n-edit-translation","",' rows="5" class="translationField"') +modules/gallery/views/l10n_client.html.php 46 DIRTY form::textarea("l10n-edit-plural-translation-zero","",' rows="2"') +modules/gallery/views/l10n_client.html.php 50 DIRTY form::textarea("l10n-edit-plural-translation-one","",' rows="2"') +modules/gallery/views/l10n_client.html.php 54 DIRTY form::textarea("l10n-edit-plural-translation-two","",' rows="2"') +modules/gallery/views/l10n_client.html.php 58 DIRTY form::textarea("l10n-edit-plural-translation-few","",' rows="2"') +modules/gallery/views/l10n_client.html.php 62 DIRTY form::textarea("l10n-edit-plural-translation-many","",' rows="2"') +modules/gallery/views/l10n_client.html.php 67 DIRTY form::textarea("l10n-edit-plural-translation-other","",' rows="2"') +modules/gallery/views/maintenance.html.php 46 DIRTY user::get_login_form("login/auth_html") +modules/gallery/views/move_browse.html.php 4 DIRTY_JS url::site("move/show_sub_tree/{$source->id}/__TARGETID__") +modules/gallery/views/move_browse.html.php 39 DIRTY $tree +modules/gallery/views/move_browse.html.php 43 DIRTY access::csrf_form_field() +modules/gallery/views/move_tree.html.php 2 DIRTY $parent->thumb_img(array(),25); +modules/gallery/views/move_tree.html.php 4 DIRTY_JS $parent->id +modules/gallery/views/move_tree.html.php 6 DIRTY_JS $parent->id +modules/gallery/views/move_tree.html.php 8 DIRTY_ATTR $parent->id +modules/gallery/views/move_tree.html.php 10 DIRTY_ATTR $child->id +modules/gallery/views/move_tree.html.php 11 DIRTY $child->thumb_img(array(),25); +modules/gallery/views/move_tree.html.php 13 DIRTY_JS $child->id +modules/gallery/views/move_tree.html.php 15 DIRTY_JS $child->id +modules/gallery/views/movieplayer.html.php 2 DIRTY html::anchor($item->file_url(true),"",$attrs) +modules/gallery/views/movieplayer.html.php 5 DIRTY_JS $attrs["id"] +modules/gallery/views/movieplayer.html.php 7 DIRTY_JS url::abs_file("lib/flowplayer.swf") +modules/gallery/views/movieplayer.html.php 13 DIRTY_JS url::abs_file("lib/flowplayer.h264streaming.swf") +modules/gallery/views/permissions_browse.html.php 3 DIRTY_JS url::site("permissions/form/__ITEM__") +modules/gallery/views/permissions_browse.html.php 16 DIRTY_JS url::site("permissions/change/__CMD__/__GROUP__/__PERM__/__ITEM__?csrf=$csrf") +modules/gallery/views/permissions_browse.html.php 42 DIRTY_ATTR $parent->id +modules/gallery/views/permissions_browse.html.php 44 DIRTY_JS $parent->id +modules/gallery/views/permissions_browse.html.php 52 DIRTY_ATTR $item->id +modules/gallery/views/permissions_browse.html.php 53 DIRTY_JS $item->id +modules/gallery/views/permissions_browse.html.php 60 DIRTY $form +modules/gallery/views/permissions_form.html.php 24 DIRTY_JS $lock->id +modules/gallery/views/permissions_form.html.php 32 DIRTY_JS $group->id +modules/gallery/views/permissions_form.html.php 32 DIRTY_JS $permission->id +modules/gallery/views/permissions_form.html.php 32 DIRTY_JS $item->id +modules/gallery/views/permissions_form.html.php 36 DIRTY_JS $group->id +modules/gallery/views/permissions_form.html.php 36 DIRTY_JS $permission->id +modules/gallery/views/permissions_form.html.php 36 DIRTY_JS $item->id +modules/gallery/views/permissions_form.html.php 43 DIRTY_JS $group->id +modules/gallery/views/permissions_form.html.php 43 DIRTY_JS $permission->id +modules/gallery/views/permissions_form.html.php 43 DIRTY_JS $item->id +modules/gallery/views/permissions_form.html.php 47 DIRTY_JS $group->id +modules/gallery/views/permissions_form.html.php 47 DIRTY_JS $permission->id +modules/gallery/views/permissions_form.html.php 47 DIRTY_JS $item->id +modules/gallery/views/permissions_form.html.php 56 DIRTY_JS $group->id +modules/gallery/views/permissions_form.html.php 56 DIRTY_JS $permission->id +modules/gallery/views/permissions_form.html.php 56 DIRTY_JS $item->id +modules/gallery/views/permissions_form.html.php 63 DIRTY_JS $group->id +modules/gallery/views/permissions_form.html.php 63 DIRTY_JS $permission->id +modules/gallery/views/permissions_form.html.php 63 DIRTY_JS $item->id +modules/gallery/views/permissions_form.html.php 74 DIRTY_JS $group->id +modules/gallery/views/permissions_form.html.php 74 DIRTY_JS $permission->id +modules/gallery/views/permissions_form.html.php 74 DIRTY_JS $item->id +modules/gallery/views/permissions_form.html.php 79 DIRTY_JS $group->id +modules/gallery/views/permissions_form.html.php 79 DIRTY_JS $permission->id +modules/gallery/views/permissions_form.html.php 79 DIRTY_JS $item->id +modules/gallery/views/upgrader.html.php 44 DIRTY_ATTR $module->version==$module->code_version?"current":"upgradeable" +modules/gallery/views/upgrader.html.php 45 DIRTY_ATTR $id +modules/gallery/views/upgrader.html.php 49 DIRTY $module->version +modules/gallery/views/upgrader.html.php 52 DIRTY $module->code_version +modules/image_block/views/image_block_block.html.php 3 DIRTY_JS $item->url() +modules/image_block/views/image_block_block.html.php 4 DIRTY $item->thumb_img(array("class"=>"gThumbnail")) +modules/info/views/info_block.html.php 22 DIRTY date("M j, Y H:i:s",$item->captured) +modules/info/views/info_block.html.php 29 DIRTY_JS $item->owner->url +modules/notification/views/comment_published.html.php 28 DIRTY_JS $comment->item()->abs_url() +modules/notification/views/comment_published.html.php 29 DIRTY $comment->item()->abs_url() +modules/notification/views/item_added.html.php 16 DIRTY_JS $item->abs_url() +modules/notification/views/item_added.html.php 17 DIRTY $item->abs_url() +modules/notification/views/item_deleted.html.php 18 DIRTY_JS $item->parent()->abs_url() +modules/notification/views/item_deleted.html.php 19 DIRTY $item->parent()->abs_url() +modules/notification/views/item_updated.html.php 20 DIRTY_JS $item->abs_url() +modules/notification/views/item_updated.html.php 20 DIRTY $item->abs_url() +modules/organize/views/organize_dialog.html.php 3 DIRTY_JS url::site("organize/move_to/__ALBUM_ID__?csrf=$csrf") +modules/organize/views/organize_dialog.html.php 4 DIRTY_JS url::site("organize/rearrange/__TARGET_ID__/__BEFORE__?csrf=$csrf") +modules/organize/views/organize_dialog.html.php 5 DIRTY_JS url::site("organize/sort_order/__ALBUM_ID__/__COL__/__DIR__?csrf=$csrf") +modules/organize/views/organize_dialog.html.php 6 DIRTY_JS url::site("organize/tree/__ALBUM_ID__") +modules/organize/views/organize_dialog.html.php 22 DIRTY $album_tree +modules/organize/views/organize_dialog.html.php 29 DIRTY $micro_thumb_grid +modules/organize/views/organize_dialog.html.php 37 DIRTY form::dropdown(array("id"=>"gOrganizeSortColumn"),album::get_sort_order_options(),$album->sort_column) +modules/organize/views/organize_dialog.html.php 38 DIRTY form::dropdown(array("id"=>"gOrganizeSortOrder"),array("ASC"=>"Ascending","DESC"=>"Descending"),$album->sort_order) +modules/organize/views/organize_thumb_grid.html.php 3 DIRTY_ATTR $child->id +modules/organize/views/organize_thumb_grid.html.php 4 DIRTY_ATTR $child->id +modules/organize/views/organize_thumb_grid.html.php 5 DIRTY_ATTR $child->is_album()?"gAlbum":"gPhoto" +modules/organize/views/organize_thumb_grid.html.php 6 DIRTY $child->thumb_img(array("class"=>"gThumbnail","ref"=>$child->id),90,true) +modules/organize/views/organize_thumb_grid.html.php 14 DIRTY_JS url::site("organize/album/$album->id/".($offset+25)) +modules/organize/views/organize_tree.html.php 2 DIRTY_ATTR access::can("edit",$album)?"":"gViewOnly" +modules/organize/views/organize_tree.html.php 3 DIRTY_ATTR $album->id +modules/organize/views/organize_tree.html.php 6 DIRTY_ATTR $selected&&$album->id==$selected->id?"selected":"" +modules/organize/views/organize_tree.html.php 7 DIRTY_ATTR $album->id +modules/organize/views/organize_tree.html.php 13 DIRTY View::factory("organize_tree.html",array("selected"=>$selected,"album"=>$child)); +modules/organize/views/organize_tree.html.php 15 DIRTY_ATTR access::can("edit",$child)?"":"gViewOnly" +modules/organize/views/organize_tree.html.php 16 DIRTY_ATTR $child->id +modules/organize/views/organize_tree.html.php 19 DIRTY_ATTR $child->id +modules/recaptcha/views/admin_recaptcha.html.php 10 DIRTY $form +modules/recaptcha/views/admin_recaptcha.html.php 23 DIRTY_JS $public_key +modules/recaptcha/views/form_recaptcha.html.php 7 DIRTY_JS $public_key +modules/rss/views/feed.mrss.php 10 DIRTY $feed->uri +modules/rss/views/feed.mrss.php 13 DIRTY_JS $feed->uri +modules/rss/views/feed.mrss.php 16 DIRTY_JS $feed->previous_page_uri +modules/rss/views/feed.mrss.php 19 DIRTY_JS $feed->next_page_uri +modules/rss/views/feed.mrss.php 21 DIRTY $pub_date +modules/rss/views/feed.mrss.php 22 DIRTY $pub_date +modules/rss/views/feed.mrss.php 28 DIRTY date("D, d M Y H:i:s T",$child->created); +modules/rss/views/feed.mrss.php 34 DIRTY_ATTR $child->resize_url(true) +modules/rss/views/feed.mrss.php 36 DIRTY_ATTR $child->resize_height +modules/rss/views/feed.mrss.php 36 DIRTY_ATTR $child->resize_width +modules/rss/views/feed.mrss.php 39 DIRTY_ATTR $child->thumb_url(true) +modules/rss/views/feed.mrss.php 41 DIRTY_ATTR $child->thumb_height +modules/rss/views/feed.mrss.php 41 DIRTY_ATTR $child->thumb_width +modules/rss/views/feed.mrss.php 47 DIRTY_ATTR $child->thumb_url(true) +modules/rss/views/feed.mrss.php 48 DIRTY_ATTR @filesize($child->thumb_path()) +modules/rss/views/feed.mrss.php 49 DIRTY_ATTR $child->thumb_height +modules/rss/views/feed.mrss.php 50 DIRTY_ATTR $child->thumb_width +modules/rss/views/feed.mrss.php 54 DIRTY_ATTR $child->resize_url(true) +modules/rss/views/feed.mrss.php 55 DIRTY_ATTR @filesize($child->resize_path()) +modules/rss/views/feed.mrss.php 56 DIRTY_ATTR $child->mime_type +modules/rss/views/feed.mrss.php 57 DIRTY_ATTR $child->resize_height +modules/rss/views/feed.mrss.php 58 DIRTY_ATTR $child->resize_width +modules/rss/views/feed.mrss.php 62 DIRTY_ATTR $child->file_url(true) +modules/rss/views/feed.mrss.php 63 DIRTY_ATTR @filesize($child->file_path()) +modules/rss/views/feed.mrss.php 64 DIRTY_ATTR $child->mime_type +modules/rss/views/feed.mrss.php 65 DIRTY_ATTR $child->height +modules/rss/views/feed.mrss.php 66 DIRTY_ATTR $child->width +modules/rss/views/feed.mrss.php 70 DIRTY_ATTR $child->file_url(true) +modules/rss/views/feed.mrss.php 71 DIRTY_ATTR @filesize($child->file_path()) +modules/rss/views/feed.mrss.php 72 DIRTY_ATTR $child->height +modules/rss/views/feed.mrss.php 73 DIRTY_ATTR $child->width +modules/rss/views/feed.mrss.php 74 DIRTY_ATTR $child->mime_type +modules/rss/views/rss_block.html.php 6 DIRTY_JS rss::url($url) +modules/search/views/search.html.php 30 DIRTY_ATTR $item_class +modules/search/views/search.html.php 31 DIRTY_JS $item->url() +modules/search/views/search.html.php 32 DIRTY $item->thumb_img() +modules/server_add/views/admin_server_add.html.php 15 DIRTY_ATTR $id +modules/server_add/views/admin_server_add.html.php 24 DIRTY $form +modules/server_add/views/server_add_tree.html.php 12 DIRTY_JS html::js_string($dir) +modules/server_add/views/server_add_tree.html.php 20 DIRTY_ATTR is_dir($file)?"ui-icon-folder-collapsed":"ui-icon-document" +modules/server_add/views/server_add_tree_dialog.html.php 3 DIRTY_JS url::site("server_add/children?path=__PATH__") +modules/server_add/views/server_add_tree_dialog.html.php 4 DIRTY_JS url::site("server_add/start?item_id={$item->id}&csrf=$csrf") +modules/server_add/views/server_add_tree_dialog.html.php 23 DIRTY $tree +modules/tag/views/admin_tags.html.php 13 DIRTY_JS $csrf +modules/tag/views/admin_tags.html.php 50 DIRTY_ATTR $tag->id +modules/tag/views/admin_tags.html.php 51 DIRTY $tag->count +modules/tag/views/tag_block.html.php 15 DIRTY $cloud +modules/tag/views/tag_block.html.php 17 DIRTY $form +modules/tag/views/tag_cloud.html.php 4 DIRTY_ATTR (int)(($tag->count/$max_count)*7) +modules/tag/views/tag_cloud.html.php 5 DIRTY $tag->count +modules/user/views/admin_users.html.php 3 DIRTY_JS url::site("admin/users/add_user_to_group/__USERID__/__GROUPID__?csrf=$csrf") +modules/user/views/admin_users.html.php 26 DIRTY_JS url::site("admin/users/group/__GROUPID__") +modules/user/views/admin_users.html.php 36 DIRTY_JS url::site("admin/users/remove_user_from_group/__USERID__/__GROUPID__?csrf=$csrf") +modules/user/views/admin_users.html.php 67 DIRTY_ATTR $user->id +modules/user/views/admin_users.html.php 67 DIRTY_ATTR text::alternate("gOddRow","gEvenRow") +modules/user/views/admin_users.html.php 67 DIRTY_ATTR $user->admin?"admin":"" +modules/user/views/admin_users.html.php 68 DIRTY_ATTR $user->id +modules/user/views/admin_users.html.php 69 DIRTY_ATTR $user->avatar_url(20,$theme->url(,true)) +modules/user/views/admin_users.html.php 83 DIRTY ($user->last_login==0)?"":gallery::date($user->last_login) +modules/user/views/admin_users.html.php 121 DIRTY_ATTR $group->id +modules/user/views/admin_users.html.php 121 DIRTY_ATTR ($group->special?"gDefaultGroup":"") +modules/user/views/admin_users.html.php 123 DIRTY $v +modules/user/views/admin_users_group.html.php 22 DIRTY_JS $user->id +modules/user/views/admin_users_group.html.php 22 DIRTY_JS $group->id +modules/user/views/login_ajax.html.php 6 DIRTY_JS url::site("password/reset") +modules/user/views/login_ajax.html.php 37 DIRTY $form +modules/user/views/user_languages_block.html.php 2 DIRTY form::dropdown("gSelectSessionLocale",$installed_locales,$selected) +modules/watermark/views/admin_watermarks.html.php 19 DIRTY_ATTR $width +modules/watermark/views/admin_watermarks.html.php 19 DIRTY_ATTR $height +modules/watermark/views/admin_watermarks.html.php 19 DIRTY_ATTR $url +themes/admin_default/views/admin.html.php 15 DIRTY_JS $theme->url() +themes/admin_default/views/admin.html.php 32 DIRTY $theme->admin_head() +themes/admin_default/views/admin.html.php 36 DIRTY $theme->admin_page_top() +themes/admin_default/views/admin.html.php 44 DIRTY $theme->admin_header_top() +themes/admin_default/views/admin.html.php 49 DIRTY_JS item::root()->url() +themes/admin_default/views/admin.html.php 53 DIRTY $theme->admin_menu() +themes/admin_default/views/admin.html.php 55 DIRTY $theme->admin_header_bottom() +themes/admin_default/views/admin.html.php 62 DIRTY $content +themes/admin_default/views/admin.html.php 68 DIRTY $sidebar +themes/admin_default/views/admin.html.php 73 DIRTY $theme->admin_footer() +themes/admin_default/views/admin.html.php 75 DIRTY $theme->admin_credits() +themes/admin_default/views/admin.html.php 79 DIRTY $theme->admin_page_bottom() +themes/admin_default/views/block.html.php 2 DIRTY $id +themes/admin_default/views/block.html.php 2 DIRTY_ATTR $css_id +themes/admin_default/views/block.html.php 10 DIRTY $title +themes/admin_default/views/block.html.php 13 DIRTY $content +themes/admin_default/views/pager.html.php 13 DIRTY_JS str_replace('{page}',1,$url) +themes/admin_default/views/pager.html.php 20 DIRTY_JS str_replace('{page}',$previous_page,$url) +themes/admin_default/views/pager.html.php 27 DIRTY $from_to_msg +themes/admin_default/views/pager.html.php 30 DIRTY_JS str_replace('{page}',$next_page,$url) +themes/admin_default/views/pager.html.php 37 DIRTY_JS str_replace('{page}',$last_page,$url) +themes/default/views/album.html.php 16 DIRTY_ATTR $child->id +themes/default/views/album.html.php 16 DIRTY_ATTR $item_class +themes/default/views/album.html.php 18 DIRTY_JS $child->url() +themes/default/views/album.html.php 19 DIRTY $child->thumb_img(array("class"=>"gThumbnail")) +themes/default/views/album.html.php 23 DIRTY_JS $child->url() +themes/default/views/block.html.php 2 DIRTY_ATTR $anchor +themes/default/views/block.html.php 3 DIRTY_ATTR $css_id +themes/default/views/block.html.php 4 DIRTY $title +themes/default/views/block.html.php 6 DIRTY $content +themes/default/views/dynamic.html.php 11 DIRTY_ATTR $child->is_album()?"gAlbum":"" +themes/default/views/dynamic.html.php 13 DIRTY_JS $child->url() +themes/default/views/dynamic.html.php 14 DIRTY_ATTR $child->id +themes/default/views/dynamic.html.php 15 DIRTY_ATTR $child->thumb_url() +themes/default/views/dynamic.html.php 16 DIRTY_ATTR $child->thumb_width +themes/default/views/dynamic.html.php 17 DIRTY_ATTR $child->thumb_height +themes/default/views/movie.html.php 8 DIRTY_JS $previous_item->url() +themes/default/views/movie.html.php 18 DIRTY_JS $next_item->url() +themes/default/views/movie.html.php 28 DIRTY $item->movie_img(array("class"=>"gMovie","id"=>"gMovieId-{$item->id}")) +themes/default/views/page.html.php 9 DIRTY $page_title +themes/default/views/page.html.php 32 DIRTY_JS $theme->url() +themes/default/views/page.html.php 41 DIRTY $new_width +themes/default/views/page.html.php 42 DIRTY $new_height +themes/default/views/page.html.php 43 DIRTY $thumb_proportion +themes/default/views/page.html.php 82 DIRTY $header_text +themes/default/views/page.html.php 84 DIRTY_JS item::root()->url() +themes/default/views/page.html.php 98 DIRTY_JS $parent->url("show={$theme->item()->id}") +themes/default/views/page.html.php 112 DIRTY $content +themes/default/views/page.html.php 118 DIRTY newView("sidebar.html") +themes/default/views/page.html.php 125 DIRTY $footer_text +themes/default/views/pager.html.php 13 DIRTY_JS str_replace('{page}',1,$url) +themes/default/views/pager.html.php 20 DIRTY_JS str_replace('{page}',$previous_page,$url) +themes/default/views/pager.html.php 27 DIRTY $from_to_msg +themes/default/views/pager.html.php 30 DIRTY_JS str_replace('{page}',$next_page,$url) +themes/default/views/pager.html.php 37 DIRTY_JS str_replace('{page}',$last_page,$url) +themes/default/views/photo.html.php 8 DIRTY_JS $theme->item()->width +themes/default/views/photo.html.php 8 DIRTY_JS $theme->item()->height +themes/default/views/photo.html.php 21 DIRTY_JS $previous_item->url() +themes/default/views/photo.html.php 31 DIRTY_JS $next_item->url() +themes/default/views/photo.html.php 43 DIRTY_JS $item->file_url() +themes/default/views/photo.html.php 45 DIRTY $item->resize_img(array("id"=>"gPhotoId-{$item->id}","class"=>"gResize")) |