diff options
Diffstat (limited to 'modules')
25 files changed, 532 insertions, 462 deletions
diff --git a/modules/comment/views/comments.html.php b/modules/comment/views/comments.html.php index 1b9f8bbb..da45f57b 100644 --- a/modules/comment/views/comments.html.php +++ b/modules/comment/views/comments.html.php @@ -16,10 +16,13 @@ <? else: ?> <?= t("No comments yet.") ?> <? endif ?> - </p> - <ul><li class="g-no-comments"> </li></ul> - <? else: ?> + </p> + <ul> + <li class="g-no-comments"> </li> + </ul> + <? endif ?> + <? if ($comments->count()): ?> <ul> <? foreach ($comments as $comment): ?> <li id="g-comment-<?= $comment->id ?>"> diff --git a/modules/gallery/helpers/MY_url.php b/modules/gallery/helpers/MY_url.php index 57ce9623..877c5ada 100644 --- a/modules/gallery/helpers/MY_url.php +++ b/modules/gallery/helpers/MY_url.php @@ -70,8 +70,7 @@ class url extends url_Core { * Just like url::file() except that it returns an absolute URI */ static function abs_file($path) { - return url::base( - false, (empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off') ? 'http' : 'https') . $path; + return url::base(false, request::protocol()) . $path; } /** @@ -79,8 +78,7 @@ class url extends url_Core { * doesn't take a protocol parameter. */ static function abs_site($path) { - return url::site( - $path, (empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off') ? 'http' : 'https'); + return url::site($path, request::protocol()); } /** diff --git a/modules/gallery/helpers/item_rest.php b/modules/gallery/helpers/item_rest.php index 0839b144..6869181d 100644 --- a/modules/gallery/helpers/item_rest.php +++ b/modules/gallery/helpers/item_rest.php @@ -161,20 +161,22 @@ class item_rest_Core { case "photo": case "movie": if (empty($request->file)) { - throw new Rest_Exception("file: Upload failed", 400); + throw new Rest_Exception( + "Bad Request", 400, array("errors" => array("file" => t("Upload failed")))); } - $item->type = $entity->type; - $item->parent_id = $parent->id; - $item->set_data_file($request->file); - $item->name = $entity->name; - $item->title = isset($entity->title) ? $entity->title : $entity->name; - $item->description = isset($entity->description) ? $entity->description : null; - $item->slug = isset($entity->slug) ? $entity->slug : null; - $item->save(); - break; + $item->type = $entity->type; + $item->parent_id = $parent->id; + $item->set_data_file($request->file); + $item->name = $entity->name; + $item->title = isset($entity->title) ? $entity->title : $entity->name; + $item->description = isset($entity->description) ? $entity->description : null; + $item->slug = isset($entity->slug) ? $entity->slug : null; + $item->save(); + break; default: - throw new Rest_Exception("Invalid type: $entity->type", 400); + throw new Rest_Exception( + "Bad Request", 400, array("errors" => array("type" => "invalid"))); } return array("url" => rest::url("item", $item)); diff --git a/modules/gallery/libraries/MY_Kohana_Exception.php b/modules/gallery/libraries/MY_Kohana_Exception.php index df7557ae..72cb2ac0 100644 --- a/modules/gallery/libraries/MY_Kohana_Exception.php +++ b/modules/gallery/libraries/MY_Kohana_Exception.php @@ -29,68 +29,6 @@ class Kohana_Exception extends Kohana_Exception_Core { $e->getTraceAsString()); } - public static function handle(Exception $e) { - if ($e instanceof ORM_Validation_Exception) { - Kohana_Log::add("error", "Validation errors: " . print_r($e->validation->errors(), 1)); - } - try { - $user = identity::active_user(); - $try_themed_view = $user && !$user->admin; - } catch (Exception $e2) { - $try_themed_view = false; - } - - if ($try_themed_view) { - try { - return self::_show_themed_error_page($e); - } catch (Exception $e3) { - Kohana_Log::add("error", "Exception in exception handling code: " . self::text($e3)); - return parent::handle($e); - } - } else { - return parent::handle($e); - } - } - - /** - * Shows a themed error page. - * @see Kohana_Exception::handle - */ - private static function _show_themed_error_page(Exception $e) { - // Create a text version of the exception - $error = Kohana_Exception::text($e); - - // Add this exception to the log - Kohana_Log::add('error', $error); - - // Manually save logs after exceptions - Kohana_Log::save(); - - if (!headers_sent()) { - if ($e instanceof Kohana_Exception) { - $e->sendHeaders(); - } else { - header("HTTP/1.1 500 Internal Server Error"); - } - } - - $view = new Theme_View("page.html", "other", "error"); - if ($e instanceof Kohana_404_Exception) { - $view->page_title = t("Dang... Page not found!"); - $view->content = new View("error_404.html"); - $user = identity::active_user(); - $view->content->is_guest = $user && $user->guest; - if ($view->content->is_guest) { - $view->content->login_form = new View("login_ajax.html"); - $view->content->login_form->form = auth::get_login_form("login/auth_html"); - } - } else { - $view->page_title = t("Dang... Something went wrong!"); - $view->content = new View("error.html"); - } - print $view; - } - /** * @see Kohana_Exception::dump() */ diff --git a/modules/gallery/tests/File_Structure_Test.php b/modules/gallery/tests/File_Structure_Test.php index 39df9f06..96e0b758 100644 --- a/modules/gallery/tests/File_Structure_Test.php +++ b/modules/gallery/tests/File_Structure_Test.php @@ -23,13 +23,18 @@ class File_Structure_Test extends Gallery_Unit_Test_Case { public function no_trailing_closing_php_tag_test() { $dir = new GalleryCodeFilterIterator( new RecursiveIteratorIterator(new RecursiveDirectoryIterator(DOCROOT))); + $count = 0; foreach ($dir as $file) { + $count++; if (!preg_match("|\.html\.php$|", $file->getPathname())) { $this->assert_false( preg_match('/\?\>\s*$/', file_get_contents($file)), "{$file->getPathname()} ends in ?>"); } } + + $this->assert_true($count > 500, "We should have analyzed at least this 500 files"); + $this->assert_true($count < 1000, "We shouldn't be shipping 1000 files!"); } public function view_files_correct_suffix_test() { @@ -42,8 +47,8 @@ class File_Structure_Test extends Gallery_Unit_Test_Case { if (strpos($file, "views")) { $this->assert_true( - preg_match("#/views/.*?(\.html|mrss|txt)\.php$#", $file->getPathname()), - "{$file->getPathname()} should end in .{html,mrss,txt}.php"); + preg_match("#/views/.*?\.(html|mrss|txt|json)\.php$#", $file->getPathname()), + "{$file->getPathname()} should end in .{html,mrss,txt,json}.php"); } } } diff --git a/modules/gallery/tests/Gallery_Filters.php b/modules/gallery/tests/Gallery_Filters.php index debbe846..052990d5 100644 --- a/modules/gallery/tests/Gallery_Filters.php +++ b/modules/gallery/tests/Gallery_Filters.php @@ -32,6 +32,7 @@ class GalleryCodeFilterIterator extends FilterIterator { return !( $file_name == "." || $file_name == ".." || + strpos($path_name, DOCROOT . ".git") !== false || strpos($path_name, DOCROOT . "test") !== false || strpos($path_name, DOCROOT . "var") !== false || strpos($path_name, MODPATH . "forge") !== false || diff --git a/modules/gallery/tests/Item_Rest_Helper_Test.php b/modules/gallery/tests/Item_Rest_Helper_Test.php index 0b5e0471..a2ab534b 100644 --- a/modules/gallery/tests/Item_Rest_Helper_Test.php +++ b/modules/gallery/tests/Item_Rest_Helper_Test.php @@ -43,6 +43,8 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $album1)), "tags" => array( "url" => rest::url("item_tags", $album1), "members" => array())), @@ -58,6 +60,8 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $album1)), "tags" => array( "url" => rest::url("item_tags", $album1), "members" => array())), @@ -73,6 +77,8 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $album1)), "tags" => array( "url" => rest::url("item_tags", $album1), "members" => array())), @@ -100,6 +106,8 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $album1)), "tags" => array( "url" => rest::url("item_tags", $album1), "members" => array())), @@ -123,6 +131,8 @@ class Item_Rest_Helper_Test extends Gallery_Unit_Test_Case { array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $album1)), "tags" => array( "url" => rest::url("item_tags", $album1), "members" => array())), diff --git a/modules/gallery/tests/Items_Rest_Helper_Test.php b/modules/gallery/tests/Items_Rest_Helper_Test.php index 17e979a5..8e53110a 100644 --- a/modules/gallery/tests/Items_Rest_Helper_Test.php +++ b/modules/gallery/tests/Items_Rest_Helper_Test.php @@ -36,12 +36,16 @@ class Items_Rest_Helper_Test extends Gallery_Unit_Test_Case { array("url" => rest::url("item", $photo1), "entity" => $photo1->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $photo1)), "tags" => array( "url" => rest::url("item_tags", $photo1), "members" => array()))), array("url" => rest::url("item", $album2), "entity" => $album2->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $album2)), "tags" => array( "url" => rest::url("item_tags", $album2), "members" => array())), @@ -69,6 +73,8 @@ class Items_Rest_Helper_Test extends Gallery_Unit_Test_Case { array("url" => rest::url("item", $album2), "entity" => $album2->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $album2)), "tags" => array( "url" => rest::url("item_tags", $album2), "members" => array())), @@ -96,6 +102,8 @@ class Items_Rest_Helper_Test extends Gallery_Unit_Test_Case { array("url" => rest::url("item", $photo1), "entity" => $photo1->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $photo1)), "tags" => array( "url" => rest::url("item_tags", $photo1), "members" => array())))), @@ -121,12 +129,16 @@ class Items_Rest_Helper_Test extends Gallery_Unit_Test_Case { array("url" => rest::url("item", $photo1), "entity" => $photo1->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $photo1)), "tags" => array( "url" => rest::url("item_tags", $photo1), "members" => array()))), array("url" => rest::url("item", $album2), "entity" => $album2->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $album2)), "tags" => array( "url" => rest::url("item_tags", $album2), "members" => array())), @@ -162,6 +174,8 @@ class Items_Rest_Helper_Test extends Gallery_Unit_Test_Case { array("url" => rest::url("item", $album1), "entity" => $album1->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $album1)), "tags" => array( "url" => rest::url("item_tags", $album1), "members" => array())), @@ -172,6 +186,8 @@ class Items_Rest_Helper_Test extends Gallery_Unit_Test_Case { array("url" => rest::url("item", $album2), "entity" => $album2->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $album2)), "tags" => array( "url" => rest::url("item_tags", $album2), "members" => array())), @@ -180,6 +196,8 @@ class Items_Rest_Helper_Test extends Gallery_Unit_Test_Case { array("url" => rest::url("item", $photo2), "entity" => $photo2->as_restful_array(), "relationships" => array( + "comments" => array( + "url" => rest::url("item_comments", $photo2)), "tags" => array( "url" => rest::url("item_tags", $photo2), "members" => array())))), diff --git a/modules/gallery/tests/controller_auth_data.txt b/modules/gallery/tests/controller_auth_data.txt index 94e7a07f..8263f79d 100644 --- a/modules/gallery/tests/controller_auth_data.txt +++ b/modules/gallery/tests/controller_auth_data.txt @@ -23,6 +23,8 @@ modules/gallery/controllers/user_profile.php show modules/gallery/controllers/user_profile.php contact DIRTY_AUTH modules/gallery/controllers/user_profile.php send DIRTY_AUTH modules/gallery/controllers/welcome_message.php index DIRTY_AUTH +modules/organize/controllers/organize.php dialog DIRTY_CSRF +modules/organize/controllers/organize.php add_album_fields DIRTY_AUTH modules/rest/controllers/rest.php index DIRTY_CSRF|DIRTY_AUTH modules/rest/controllers/rest.php __call DIRTY_CSRF|DIRTY_AUTH modules/rss/controllers/rss.php feed DIRTY_CSRF|DIRTY_AUTH diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 7fce42a1..4ead8a3f 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -33,8 +33,8 @@ modules/comment/views/comment.mrss.php 29 DIRTY $child modules/comment/views/comment.mrss.php 34 DIRTY_ATTR $child->thumb_url modules/comment/views/comment.mrss.php 35 DIRTY_ATTR $child->thumb_height modules/comment/views/comment.mrss.php 35 DIRTY_ATTR $child->thumb_width -modules/comment/views/comments.html.php 21 DIRTY_ATTR $comment->id -modules/comment/views/comments.html.php 24 DIRTY_ATTR $comment->author()->avatar_url(40,$theme->url(,true)) +modules/comment/views/comments.html.php 28 DIRTY_ATTR $comment->id +modules/comment/views/comments.html.php 31 DIRTY_ATTR $comment->author()->avatar_url(40,$theme->url(,true)) modules/comment/views/user_profile_comments.html.php 5 DIRTY_ATTR $comment->id modules/comment/views/user_profile_comments.html.php 10 DIRTY_JS $comment->item()->url() modules/comment/views/user_profile_comments.html.php 11 DIRTY $comment->item()->thumb_img(array(),50) @@ -122,6 +122,50 @@ modules/gallery/views/admin_themes.html.php 76 DIRTY $info- modules/gallery/views/admin_themes.html.php 78 DIRTY $info->description modules/gallery/views/admin_themes_preview.html.php 7 DIRTY_ATTR $url modules/gallery/views/error_404.html.php 14 DIRTY $login_form +modules/gallery/views/error_admin.html.php 150 DIRTY $type +modules/gallery/views/error_admin.html.php 150 DIRTY $code +modules/gallery/views/error_admin.html.php 153 DIRTY $message +modules/gallery/views/error_admin.html.php 156 DIRTY_ATTR $error_id +modules/gallery/views/error_admin.html.php 161 DIRTY Kohana_Exception::debug_path($file) +modules/gallery/views/error_admin.html.php 161 DIRTY $line +modules/gallery/views/error_admin.html.php 166 DIRTY_ATTR ($num==$line)?"highlight":"" +modules/gallery/views/error_admin.html.php 166 DIRTY $num +modules/gallery/views/error_admin.html.php 166 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET) +modules/gallery/views/error_admin.html.php 178 DIRTY_ATTR $source_id +modules/gallery/views/error_admin.html.php 178 DIRTY_JS $source_id +modules/gallery/views/error_admin.html.php 178 DIRTY Kohana_Exception::debug_path($step["file"]) +modules/gallery/views/error_admin.html.php 178 DIRTY $step["line"] +modules/gallery/views/error_admin.html.php 180 DIRTY Kohana_Exception::debug_path($step["file"]) +modules/gallery/views/error_admin.html.php 180 DIRTY $step["line"] +modules/gallery/views/error_admin.html.php 187 DIRTY $step["function"] +modules/gallery/views/error_admin.html.php 188 DIRTY_ATTR $args_id +modules/gallery/views/error_admin.html.php 188 DIRTY_JS $args_id +modules/gallery/views/error_admin.html.php 192 DIRTY_ATTR $args_id +modules/gallery/views/error_admin.html.php 197 DIRTY $name +modules/gallery/views/error_admin.html.php 200 DIRTY Kohana_Exception::safe_dump($arg,$name) +modules/gallery/views/error_admin.html.php 208 DIRTY_ATTR $source_id +modules/gallery/views/error_admin.html.php 208 DIRTY_ATTR ($num==$step["line"])?"highlight":"" +modules/gallery/views/error_admin.html.php 208 DIRTY $num +modules/gallery/views/error_admin.html.php 208 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET) +modules/gallery/views/error_admin.html.php 218 DIRTY_ATTR $env_id=$error_id."environment" +modules/gallery/views/error_admin.html.php 218 DIRTY_JS $env_id +modules/gallery/views/error_admin.html.php 220 DIRTY_ATTR $env_id +modules/gallery/views/error_admin.html.php 222 DIRTY_ATTR $env_id=$error_id."environment_included" +modules/gallery/views/error_admin.html.php 222 DIRTY_JS $env_id +modules/gallery/views/error_admin.html.php 222 DIRTY count($included) +modules/gallery/views/error_admin.html.php 223 DIRTY_ATTR $env_id +modules/gallery/views/error_admin.html.php 228 DIRTY Kohana_Exception::debug_path($file) +modules/gallery/views/error_admin.html.php 235 DIRTY_ATTR $env_id=$error_id."environment_loaded" +modules/gallery/views/error_admin.html.php 235 DIRTY_JS $env_id +modules/gallery/views/error_admin.html.php 235 DIRTY count($included) +modules/gallery/views/error_admin.html.php 236 DIRTY_ATTR $env_id +modules/gallery/views/error_admin.html.php 241 DIRTY Kohana_Exception::debug_path($file) +modules/gallery/views/error_admin.html.php 249 DIRTY_ATTR $env_id="$error_id.environment".strtolower($var) +modules/gallery/views/error_admin.html.php 250 DIRTY_JS $env_id +modules/gallery/views/error_admin.html.php 250 DIRTY $var +modules/gallery/views/error_admin.html.php 251 DIRTY_ATTR $env_id +modules/gallery/views/error_admin.html.php 257 DIRTY $key +modules/gallery/views/error_admin.html.php 261 DIRTY Kohana_Exception::safe_dump($value,$key) modules/gallery/views/form_uploadify.html.php 9 DIRTY_JS url::file("lib/uploadify/uploadify.swf") modules/gallery/views/form_uploadify.html.php 10 DIRTY_JS url::site("simple_uploader/add_photo/{$album->id}") modules/gallery/views/form_uploadify.html.php 14 DIRTY_JS url::file("lib/uploadify/cancel.png") @@ -235,16 +279,16 @@ modules/notification/views/item_updated.html.php 20 DIRTY_JS $item- modules/notification/views/item_updated.html.php 20 DIRTY $item->abs_url() modules/notification/views/user_profile_notification.html.php 5 DIRTY_ATTR $subscription->id modules/notification/views/user_profile_notification.html.php 6 DIRTY_JS $subscription->url -modules/organize/views/organize_dialog.html.php 92 DIRTY_JS $domain -modules/organize/views/organize_dialog.html.php 93 DIRTY_JS $access_key -modules/organize/views/organize_dialog.html.php 94 DIRTY_JS $protocol -modules/organize/views/organize_dialog.html.php 95 DIRTY_JS $file_filter -modules/organize/views/organize_dialog.html.php 96 DIRTY_JS $sort_order -modules/organize/views/organize_dialog.html.php 97 DIRTY_JS $sort_fields -modules/organize/views/organize_dialog.html.php 98 DIRTY_JS $album->id -modules/organize/views/organize_dialog.html.php 99 DIRTY_JS $rest_uri -modules/organize/views/organize_dialog.html.php 100 DIRTY_JS $controller_uri -modules/organize/views/organize_dialog.html.php 124 DIRTY_JS $swf_url +modules/organize/views/organize_dialog.html.php 90 DIRTY_JS $domain +modules/organize/views/organize_dialog.html.php 91 DIRTY_JS $access_key +modules/organize/views/organize_dialog.html.php 92 DIRTY_JS request::protocol() +modules/organize/views/organize_dialog.html.php 93 DIRTY_JS $file_filter +modules/organize/views/organize_dialog.html.php 94 DIRTY_JS $sort_order +modules/organize/views/organize_dialog.html.php 95 DIRTY_JS $sort_fields +modules/organize/views/organize_dialog.html.php 96 DIRTY_JS $album->id +modules/organize/views/organize_dialog.html.php 97 DIRTY_JS $rest_uri +modules/organize/views/organize_dialog.html.php 98 DIRTY_JS $controller_uri +modules/organize/views/organize_dialog.html.php 122 DIRTY_JS $swf_uri modules/recaptcha/views/admin_recaptcha.html.php 11 DIRTY $form modules/recaptcha/views/admin_recaptcha.html.php 23 DIRTY_JS $public_key modules/recaptcha/views/form_recaptcha.html.php 7 DIRTY_JS $public_key @@ -316,13 +360,13 @@ themes/admin_wind/views/admin.html.php 43 DIRTY $theme themes/admin_wind/views/admin.html.php 51 DIRTY $theme->admin_header_top() themes/admin_wind/views/admin.html.php 52 DIRTY_JS item::root()->url() themes/admin_wind/views/admin.html.php 55 DIRTY $theme->user_menu() -themes/admin_wind/views/admin.html.php 57 DIRTY $theme->admin_menu() -themes/admin_wind/views/admin.html.php 59 DIRTY $theme->admin_header_bottom() -themes/admin_wind/views/admin.html.php 66 DIRTY $content -themes/admin_wind/views/admin.html.php 72 DIRTY $sidebar -themes/admin_wind/views/admin.html.php 77 DIRTY $theme->admin_footer() -themes/admin_wind/views/admin.html.php 79 DIRTY $theme->admin_credits() -themes/admin_wind/views/admin.html.php 83 DIRTY $theme->admin_page_bottom() +themes/admin_wind/views/admin.html.php 58 DIRTY $theme->admin_menu() +themes/admin_wind/views/admin.html.php 61 DIRTY $theme->admin_header_bottom() +themes/admin_wind/views/admin.html.php 68 DIRTY $content +themes/admin_wind/views/admin.html.php 74 DIRTY $sidebar +themes/admin_wind/views/admin.html.php 79 DIRTY $theme->admin_footer() +themes/admin_wind/views/admin.html.php 81 DIRTY $theme->admin_credits() +themes/admin_wind/views/admin.html.php 85 DIRTY $theme->admin_page_bottom() themes/admin_wind/views/block.html.php 3 DIRTY_ATTR $anchor themes/admin_wind/views/block.html.php 5 DIRTY $id themes/admin_wind/views/block.html.php 5 DIRTY_ATTR $css_id diff --git a/modules/gallery/views/error_admin.html.php b/modules/gallery/views/error_admin.html.php new file mode 100644 index 00000000..40eb7374 --- /dev/null +++ b/modules/gallery/views/error_admin.html.php @@ -0,0 +1,272 @@ +<?php defined("SYSPATH") or die("No direct script access.") ?> +<? $error_id = uniqid("error") ?> +<? if (!function_exists("t")) { function t($msg) { return $msg; } } ?> +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> + <head> + <style type="text/css"> + body { + background: #fff; + font-size: 14px; + line-height: 130%; + } + + div.big_box { + padding: 10px; + background: #eee; + border: solid 1px #ccc; + font-family: sans-serif; + color: #111; + width: 60em; + margin: 20px auto; + } + + div#framework_error { + text-align: center; + } + + div#error_details { + text-align: left; + } + + code { + font-family: monospace; + font-size: 12px; + margin: 20px 20px 20px 0px; + color: #333; + white-space: pre-wrap; + white-space: -moz-pre-wrap; + word-wrap: break-word; + } + + code .line { + padding-left: 10px; + } + + h3 { + font-family: sans-serif; + margin: 2px 0px 0px 0px; + padding: 8px 0px 0px 0px; + border-top: 1px solid #ddd; + } + + p { + padding: 0px; + margin: 0px 0px 10px 0px; + } + + li, pre { + padding: 0px; + margin: 0px; + } + + .collapsed { + display: none; + } + + .highlight { + font-weight: bold; + color: darkred; + } + + #kohana_error .message { + display: block; + padding-bottom: 10px; + } + + .source { + border: solid 1px #ccc; + background: #efe; + margin-bottom: 5px; + } + + table { + width: 100%; + display: block; + margin: 0 0 0.4em; + padding: 0; + border-collapse: collapse; + background: #efe; + } + + table td { + border: solid 1px #ddd; + text-align: left; + vertical-align: top; + padding: 0.4em; + } + + .args table td.key { + width: 200px; + } + + .number { + padding-right: 1em; + } + </style> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> + <title><?= t("Something went wrong!") ?></title> + + <script type="text/javascript"> + function koggle(elem) { + elem = document.getElementById(elem); + if (elem.style && elem.style["display"]) { + // Only works with the "style" attr + var disp = elem.style["display"]; + } else { + if (elem.currentStyle) { + // For MSIE, naturally + var disp = elem.currentStyle["display"]; + } else { + if (window.getComputedStyle) { + // For most other browsers + var disp = document.defaultView.getComputedStyle(elem, null).getPropertyValue('display'); + } + } + } + + // Toggle the state of the "display" style + elem.style.display = disp == 'block' ? 'none' : 'block'; + return false; + } + </script> + </head> + <body> + <? try { $user = identity::active_user(); } catch (Exception $e) { } ?> + <div class="big_box" id="framework_error"> + <h1> + <?= t("Dang... Something went wrong!") ?> + </h1> + <h2> + <?= t("We tried really hard, but it's broken.") ?> + </h2> + </div> + <div class="big_box" id="error_details"> + <h2> + <?= t("Hey wait, you're an admin! We can tell you stuff.") ?> + </h2> + <div id="kohana_error"> + <h3> + <span class="type"> + <?= $type?> [ <?= $code ?> ]: + </span> + <span class="message"> + <?= $message?> + </span> + </h3> + <div id="<?= $error_id ?>" class="content"> + <ol class="trace"> + <li class="snippet"> + <p> + <span class="file"> + <?= Kohana_Exception::debug_path($file)?>[ <?= $line?> ] + </span> + </p> + + <div class="source"> + <? if (Kohana_Exception::$source_output and $source_code = Kohana_Exception::debug_source($file, $line)): ?><code><? foreach ($source_code as $num => $row): ?><span class="line <?= ($num == $line) ? "highlight" : ""?>"><span class="number"><?= $num ?></span><?= htmlspecialchars($row, ENT_NOQUOTES, Kohana::CHARSET) ?></span><? endforeach ?></code> + <? endif ?> + </div> + </li> + + <? if (Kohana_Exception::$trace_output): ?> + <? foreach (Kohana_Exception::trace($trace) as $i => $step): ?> + <li class="snippet"> + <p> + <span class="file"> + <? if ($step["file"]): $source_id = "$error_id.source.$i" ?> + <? if (Kohana_Exception::$source_output and $step["source"]): ?> + <a href="#<?= $source_id ?>" onclick="return koggle('<?= $source_id ?>')"><?= Kohana_Exception::debug_path($step["file"])?>[ <?= $step["line"]?> ]</a> + <? else: ?> + <span class="file"><?= Kohana_Exception::debug_path($step["file"])?>[ <?= $step["line"]?> ]</span> + <? endif ?> + <? else: ?> + {<?= t("PHP internal call")?>} + <? endif?> + </span> + » + <?= $step["function"]?>(<? if ($step["args"]): $args_id = "$error_id.args.$i" ?> + <a href="#<?= $args_id ?>" onclick="return koggle('<?= $args_id ?>')"><?= t("arguments")?></a> + <? endif?>) + </p> + <? if (isset($args_id)): ?> + <div id="<?= $args_id ?>" class="args collapsed"> + <table cellspacing="0"> + <? foreach ($step["args"] as $name => $arg): ?> + <tr> + <td class="key"> + <pre><?= $name?></pre> + </td> + <td class="value"> + <pre><?= Kohana_Exception::safe_dump($arg, $name) ?></pre> + </td> + </tr> + <? endforeach?> + </table> + </div> + <? endif?> + <? if (Kohana_Exception::$source_output and $step["source"] and isset($source_id)): ?> + <pre id="<?= $source_id ?>" class="source collapsed"><code><? foreach ($step["source"] as $num => $row): ?><span class="line <?= ($num == $step["line"]) ? "highlight" : "" ?>"><span class="number"><?= $num ?></span><?= htmlspecialchars($row, ENT_NOQUOTES, Kohana::CHARSET) ?></span><? endforeach ?></code></pre> + <? endif?> + </li> + <? unset($args_id, $source_id) ?> + <? endforeach?> + </ol> + <? endif ?> + + </div> + <h2> + <a href="#<?= $env_id = $error_id."environment" ?>" onclick="return koggle('<?= $env_id ?>')"><?= t("Environment")?></a> + </h2> + <div id="<?= $env_id ?>" class="content collapsed"> + <? $included = get_included_files()?> + <h3><a href="#<?= $env_id = $error_id."environment_included" ?>" onclick="return koggle('<?= $env_id ?>')"><?= t("Included files")?></a>(<?= count($included)?>)</h3> + <div id="<?= $env_id ?>" class="collapsed"> + <table cellspacing="0"> + <? foreach ($included as $file): ?> + <tr> + <td> + <pre><?= Kohana_Exception::debug_path($file)?></pre> + </td> + </tr> + <? endforeach?> + </table> + </div> + <? $included = get_loaded_extensions()?> + <h3><a href="#<?= $env_id = $error_id."environment_loaded" ?>" onclick="return koggle('<?= $env_id ?>')"><?= t("Loaded extensions")?></a>(<?= count($included)?>)</h3> + <div id="<?= $env_id ?>" class="collapsed"> + <table cellspacing="0"> + <? foreach ($included as $file): ?> + <tr> + <td> + <pre><?= Kohana_Exception::debug_path($file)?></pre> + </td> + </tr> + <? endforeach?> + </table> + </div> + <? foreach (array("_SESSION", "_GET", "_POST", "_FILES", "_COOKIE", "_SERVER") as $var): ?> + <? if ( empty($GLOBALS[$var]) OR ! is_array($GLOBALS[$var])) continue ?> + <h3><a href="#<?= $env_id = "$error_id.environment" . strtolower($var) ?>" + onclick="return koggle('<?= $env_id ?>')">$<?= $var?></a></h3> + <div id="<?= $env_id ?>" class="collapsed"> + <table cellspacing="0"> + <? foreach ($GLOBALS[$var] as $key => $value): ?> + <tr> + <td class="key"> + <code> + <?= $key?> + </code> + </td> + <td class="value"> + <pre><?= Kohana_Exception::safe_dump($value, $key) ?></pre> + </td> + </tr> + <? endforeach?> + </table> + </div> + <? endforeach?> + </div> + </div> + </div> + </body> +</html> diff --git a/modules/gallery/views/error_cli.txt.php b/modules/gallery/views/error_cli.txt.php new file mode 100644 index 00000000..9f476f54 --- /dev/null +++ b/modules/gallery/views/error_cli.txt.php @@ -0,0 +1,3 @@ +<?php defined("SYSPATH") or die("No direct script access.") ?> +<? echo Kohana_Exception::text($e), "\n"; + diff --git a/modules/gallery/views/error_user.html.php b/modules/gallery/views/error_user.html.php new file mode 100644 index 00000000..74c6a8fb --- /dev/null +++ b/modules/gallery/views/error_user.html.php @@ -0,0 +1,42 @@ +<?php defined("SYSPATH") or die("No direct script access.") ?> +<? if (!function_exists("t")) { function t($msg) { return $msg; } } ?> +<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> + <head> + <style type="text/css"> + body { + background: #fff; + font-size: 14px; + line-height: 130%; + } + + div.big_box { + padding: 10px; + background: #eee; + border: solid 1px #ccc; + font-family: sans-serif; + color: #111; + width: 60em; + margin: 20px auto; + } + + div#framework_error { + text-align: center; + } + </style> + <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> + <title><?= t("Something went wrong!") ?></title> + </head> + <body> + <div class="big_box" id="framework_error"> + <h1> + <?= t("Dang... Something went wrong!") ?> + </h1> + <h2> + <?= t("We tried really hard, but it's broken.") ?> + </h2> + <p> + <?= t("Talk to your Gallery administrator for help fixing this!") ?> + </p> + </div> + </body> +</html> diff --git a/modules/gallery/views/kohana/error.php b/modules/gallery/views/kohana/error.php index d55105a0..cc9d2e84 100644 --- a/modules/gallery/views/kohana/error.php +++ b/modules/gallery/views/kohana/error.php @@ -1,280 +1,42 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> -<? $error_id = uniqid("error") ?> -<? if (!function_exists("t")) { function t($msg) { return $msg; } } ?> -<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> - <head> - <style type="text/css"> - body { - background: #fff; - font-size: 14px; - line-height: 130%; - } - - div.big_box { - padding: 10px; - background: #eee; - border: solid 1px #ccc; - font-family: sans-serif; - color: #111; - width: 60em; - margin: 20px auto; - } - - div#framework_error { - text-align: center; - } - - div#error_details { - text-align: left; - } - - code { - font-family: monospace; - font-size: 12px; - margin: 20px 20px 20px 0px; - color: #333; - white-space: pre-wrap; - white-space: -moz-pre-wrap; - word-wrap: break-word; - } - - code .line { - padding-left: 10px; - } - - h3 { - font-family: sans-serif; - margin: 2px 0px 0px 0px; - padding: 8px 0px 0px 0px; - border-top: 1px solid #ddd; - } - - p { - padding: 0px; - margin: 0px 0px 10px 0px; - } - - li, pre { - padding: 0px; - margin: 0px; - } - - .collapsed { - display: none; - } - - .highlight { - font-weight: bold; - color: darkred; - } - - #kohana_error .message { - display: block; - padding-bottom: 10px; - } - - .source { - border: solid 1px #ccc; - background: #efe; - margin-bottom: 5px; - } - - table { - width: 100%; - display: block; - margin: 0 0 0.4em; - padding: 0; - border-collapse: collapse; - background: #efe; - } - - table td { - border: solid 1px #ddd; - text-align: left; - vertical-align: top; - padding: 0.4em; - } - - .args table td.key { - width: 200px; - } - - .number { - padding-right: 1em; - } - </style> - <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> - <title><?= t("Something went wrong!") ?></title> - - <script type="text/javascript"> - function koggle(elem) { - elem = document.getElementById(elem); - if (elem.style && elem.style["display"]) { - // Only works with the "style" attr - var disp = elem.style["display"]; - } else { - if (elem.currentStyle) { - // For MSIE, naturally - var disp = elem.currentStyle["display"]; - } else { - if (window.getComputedStyle) { - // For most other browsers - var disp = document.defaultView.getComputedStyle(elem, null).getPropertyValue('display'); - } - } - } - - // Toggle the state of the "display" style - elem.style.display = disp == 'block' ? 'none' : 'block'; - return false; - } - </script> - </head> - <body> - <? try { $user = identity::active_user(); } catch (Exception $e) { } ?> - <? $admin = php_sapi_name() == "cli" || (class_exists("User_Model") && isset($user) && $user->admin) ?> - <div class="big_box" id="framework_error"> - <h1> - <?= t("Dang... Something went wrong!") ?> - </h1> - <h2> - <?= t("We tried really hard, but it's broken.") ?> - </h2> - <? if (!$admin): ?> - <p> - <?= t("Talk to your Gallery administrator for help fixing this!") ?> - </p> - <? endif ?> - </div> - <? if ($admin): ?> - <div class="big_box" id="error_details"> - <h2> - <?= t("Hey wait, you're an admin! We can tell you stuff.") ?> - </h2> - <div id="kohana_error"> - <h3> - <span class="type"> - <?= $type?> [ <?= $code ?> ]: - </span> - <span class="message"> - <?= $message?> - </span> - </h3> - <div id="<?= $error_id ?>" class="content"> - <ol class="trace"> - <li class="snippet"> - <p> - <span class="file"> - <?= Kohana_Exception::debug_path($file)?>[ <?= $line?> ] - </span> - </p> - - <div class="source"> - <? if (Kohana_Exception::$source_output and $source_code = Kohana_Exception::debug_source($file, $line)): ?><code><? foreach ($source_code as $num => $row): ?><span class="line <?= ($num == $line) ? "highlight" : ""?>"><span class="number"><?= $num ?></span><?= htmlspecialchars($row, ENT_NOQUOTES, Kohana::CHARSET) ?></span><? endforeach ?></code> - <? endif ?> - </div> - </li> - - <? if (Kohana_Exception::$trace_output): ?> - <? foreach (Kohana_Exception::trace($trace) as $i => $step): ?> - <li class="snippet"> - <p> - <span class="file"> - <? if ($step["file"]): $source_id = "$error_id.source.$i" ?> - <? if (Kohana_Exception::$source_output and $step["source"]): ?> - <a href="#<?= $source_id ?>" onclick="return koggle('<?= $source_id ?>')"><?= Kohana_Exception::debug_path($step["file"])?>[ <?= $step["line"]?> ]</a> - <? else: ?> - <span class="file"><?= Kohana_Exception::debug_path($step["file"])?>[ <?= $step["line"]?> ]</span> - <? endif ?> - <? else: ?> - {<?= t("PHP internal call")?>} - <? endif?> - </span> - » - <?= $step["function"]?>(<? if ($step["args"]): $args_id = "$error_id.args.$i" ?> - <a href="#<?= $args_id ?>" onclick="return koggle('<?= $args_id ?>')"><?= t("arguments")?></a> - <? endif?>) - </p> - <? if (isset($args_id)): ?> - <div id="<?= $args_id ?>" class="args collapsed"> - <table cellspacing="0"> - <? foreach ($step["args"] as $name => $arg): ?> - <tr> - <td class="key"> - <pre><?= $name?></pre> - </td> - <td class="value"> - <pre><?= Kohana_Exception::safe_dump($arg, $name) ?></pre> - </td> - </tr> - <? endforeach?> - </table> - </div> - <? endif?> - <? if (Kohana_Exception::$source_output and $step["source"] and isset($source_id)): ?> - <pre id="<?= $source_id ?>" class="source collapsed"><code><? foreach ($step["source"] as $num => $row): ?><span class="line <?= ($num == $step["line"]) ? "highlight" : "" ?>"><span class="number"><?= $num ?></span><?= htmlspecialchars($row, ENT_NOQUOTES, Kohana::CHARSET) ?></span><? endforeach ?></code></pre> - <? endif?> - </li> - <? unset($args_id, $source_id) ?> - <? endforeach?> - </ol> - <? endif ?> - - </div> - <h2> - <a href="#<?= $env_id = $error_id."environment" ?>" onclick="return koggle('<?= $env_id ?>')"><?= t("Environment")?></a> - </h2> - <div id="<?= $env_id ?>" class="content collapsed"> - <? $included = get_included_files()?> - <h3><a href="#<?= $env_id = $error_id."environment_included" ?>" onclick="return koggle('<?= $env_id ?>')"><?= t("Included files")?></a>(<?= count($included)?>)</h3> - <div id="<?= $env_id ?>" class="collapsed"> - <table cellspacing="0"> - <? foreach ($included as $file): ?> - <tr> - <td> - <pre><?= Kohana_Exception::debug_path($file)?></pre> - </td> - </tr> - <? endforeach?> - </table> - </div> - <? $included = get_loaded_extensions()?> - <h3><a href="#<?= $env_id = $error_id."environment_loaded" ?>" onclick="return koggle('<?= $env_id ?>')"><?= t("Loaded extensions")?></a>(<?= count($included)?>)</h3> - <div id="<?= $env_id ?>" class="collapsed"> - <table cellspacing="0"> - <? foreach ($included as $file): ?> - <tr> - <td> - <pre><?= Kohana_Exception::debug_path($file)?></pre> - </td> - </tr> - <? endforeach?> - </table> - </div> - <? foreach (array("_SESSION", "_GET", "_POST", "_FILES", "_COOKIE", "_SERVER") as $var): ?> - <? if ( empty($GLOBALS[$var]) OR ! is_array($GLOBALS[$var])) continue ?> - <h3><a href="#<?= $env_id = "$error_id.environment" . strtolower($var) ?>" - onclick="return koggle('<?= $env_id ?>')">$<?= $var?></a></h3> - <div id="<?= $env_id ?>" class="collapsed"> - <table cellspacing="0"> - <? foreach ($GLOBALS[$var] as $key => $value): ?> - <tr> - <td class="key"> - <code> - <?= $key?> - </code> - </td> - <td class="value"> - <pre><?= Kohana_Exception::safe_dump($value, $key) ?></pre> - </td> - </tr> - <? endforeach?> - </table> - </div> - <? endforeach?> - </div> - </div> - </div> - <? endif ?> - </body> -</html> +<? +// This is the template for all HTML errors. If you're throwing an exception and you want your +// error to appear differently, extend Kohana_Exception and specify a different template. + +// Log validation exceptions to ease debugging +if ($e instanceof ORM_Validation_Exception) { + Kohana_Log::add("error", "Validation errors: " . print_r($e->validation->errors(), 1)); +} + +if (php_sapi_name() == "cli") { + include Kohana::find_file("views", "error_cli.txt"); + return; +} + +try { + // Admins get a special error page + $user = identity::active_user(); + if ($user && $user->admin) { + include Kohana::find_file("views", "error_admin.html"); + return; + } +} catch (Exception $ignored) { +} + +// Try to show a themed error page for 404 errors +if ($e instanceof Kohana_404_Exception) { + $view = new Theme_View("page.html", "other", "error"); + $view->page_title = t("Dang... Page not found!"); + $view->content = new View("error_404.html"); + $user = identity::active_user(); + $view->content->is_guest = $user && $user->guest; + if ($view->content->is_guest) { + $view->content->login_form = new View("login_ajax.html"); + $view->content->login_form->form = auth::get_login_form("login/auth_html"); + } + print $view; + return; +} + +header("HTTP/1.1 500 Internal Server Error"); +include Kohana::find_file("views", "error_user.html"); diff --git a/modules/organize/controllers/organize.php b/modules/organize/controllers/organize.php index 1d188ade..135a6fc9 100644 --- a/modules/organize/controllers/organize.php +++ b/modules/organize/controllers/organize.php @@ -25,34 +25,27 @@ class Organize_Controller extends Controller { access::required("view", $album); access::required("edit", $album); - $v = new View("organize_dialog.html"); - $v->album = $album; - - $v->domain = $input->server("SERVER_NAME"); - $user = identity::active_user(); - $v->access_key = rest::get_access_key($user->id)->access_key; - - $v->protocol = (empty($_SERVER["HTTPS"]) OR $_SERVER["HTTPS"] === "off") ? "http" : "https"; - - $v->file_filter = addslashes(json_encode( - array("photo" => array("label" => "Images", - "types" => array("*.jpg", "*.jpeg", "*.png", "*.gif")), - "movie" => array("label" => "Movies", "types" => array("*.flv", "*.mp4"))))); - - $v->sort_order = addslashes( - json_encode(array("ASC" => (string)t("Ascending"), "DESC" => (string)t("Descending")))); $sort_fields = array(); foreach (album::get_sort_order_options() as $field => $description) { $sort_fields[$field] = (string)$description; } - $v->sort_fields = addslashes(json_encode($sort_fields)); + $sort_order = array("ASC" => (string)t("Ascending"), "DESC" => (string)t("Descending")); + $file_filter = json_encode( + array("photo" => array("label" => "Images", + "types" => array("*.jpg", "*.jpeg", "*.png", "*.gif")), + "movie" => array("label" => "Movies", "types" => array("*.flv", "*.mp4")))); + $v = new View("organize_dialog.html"); + $v->album = $album; + $v->domain = $input->server("SERVER_NAME"); + $v->access_key = rest::access_key(); + $v->file_filter = addslashes($file_filter); + $v->sort_order = addslashes(json_encode($sort_order)); + $v->sort_fields = addslashes(json_encode($sort_fields)); $v->rest_uri = url::site("rest") . "/"; - $v->controller_uri = url::site("organize") . "/"; - - $v->swf_url = url::file("modules/organize/lib/Gallery3WebClient.swf?") . + $v->swf_uri = url::file("modules/organize/lib/Gallery3WebClient.swf?") . filemtime(MODPATH . "organize/lib/Gallery3WebClient.swf"); print $v; } diff --git a/modules/organize/lib/Gallery3WebClient.swf b/modules/organize/lib/Gallery3WebClient.swf Binary files differindex 82735217..40249a73 100644 --- a/modules/organize/lib/Gallery3WebClient.swf +++ b/modules/organize/lib/Gallery3WebClient.swf diff --git a/modules/organize/views/organize_dialog.html.php b/modules/organize/views/organize_dialog.html.php index 4224c10b..c41e5960 100644 --- a/modules/organize/views/organize_dialog.html.php +++ b/modules/organize/views/organize_dialog.html.php @@ -87,11 +87,9 @@ function getGalleryParameters() { return { - dialogWidth: $("#g-dialog:parent").width(), - dialogHeight: $("#g-dialog").height(), domain: "<?= $domain ?>", accessKey: "<?= $access_key ?>", - protocol: "<?= $protocol ?>", + protocol: "<?= request::protocol() ?>", fileFilter: "<?= $file_filter ?>", sortOrder: "<?= $sort_order ?>", sortFields: "<?= $sort_fields ?>", @@ -121,7 +119,7 @@ attributes.id = "Gallery3WebClient"; attributes.name = "Gallery3WebClient"; attributes.align = "middle"; - swfobject.embedSWF("<?= $swf_url ?>", + swfobject.embedSWF("<?= $swf_uri ?>", "flashContent", size.width() - 100, size.height() - 135, swfVersionStr, xiSwfUrlStr, flashvars, params, attributes); </script> diff --git a/modules/rest/controllers/rest.php b/modules/rest/controllers/rest.php index 3e364bff..f8a46515 100644 --- a/modules/rest/controllers/rest.php +++ b/modules/rest/controllers/rest.php @@ -34,8 +34,7 @@ class Rest_Controller extends Controller { auth::login($user); - $key = rest::get_access_key($user->id); - rest::reply($key->access_key); + rest::reply(rest::access_key()); } public function __call($function, $args) { @@ -82,41 +81,12 @@ class Rest_Controller extends Controller { } $response = call_user_func(array($handler_class, $handler_method), $request); - } catch (Exception $e) { - $response = $this->_format_exception_response($e); + rest::reply($response); + } catch (ORM_Validation_Exception $e) { + // Note: this is totally insufficient because it doesn't take into account localization. We + // either need to map the result values to localized strings in the application code, or every + // client needs its own l10n string set. + throw new Rest_Exception("Bad Request", 400, $e->validation->errors()); } - - rest::reply($response); - } - - private function _format_exception_response($e) { - // Add this exception to the log - Kohana_Log::add('error', Kohana_Exception::text($e)); - - $rest_exception = array(); - if ($e instanceof ORM_Validation_Exception) { - $detail_response = true; - $rest_exception["code"] = 400; - $rest_exception["message"] = "Validation errors"; - $rest_exception["fields"] = $e->validation->errors(); - } else if ($e instanceof Rest_Exception) { - $rest_exception["code"] = $e->getCode(); - if ($e->getMessage() != "Bad Request") { - $rest_exception["message"] = "Bad Request"; - $rest_exception["fields"] = array("type", $e->getMessage()); - } else { - $rest_exception["message"] = $e->getMessage(); - } - } else { - $rest_exception["code"] = 500; - $rest_exception["message"] = t("Remote server call failed. Please contact the Adminstrator."); - } - - if (!headers_sent()) { - header($rest_exception["code"] == 500 ? "HTTP/1.1 500 Internal Server Error" : - "HTTP/1.1 400 Bad Request"); - } - - return $rest_exception; } }
\ No newline at end of file diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php index b382cb29..bcb12d58 100644 --- a/modules/rest/helpers/rest.php +++ b/modules/rest/helpers/rest.php @@ -66,17 +66,18 @@ class rest_Core { identity::set_active_user($user); } - static function get_access_key($user_id) { + static function access_key() { $key = ORM::factory("user_access_key") - ->where("user_id", "=", $user_id) + ->where("user_id", "=", identity::active_user()->id) ->find(); if (!$key->loaded()) { - $key->user_id = $user_id; + $key->user_id = identity::active_user()->id; $key->access_key = md5(md5(uniqid(mt_rand(), true) . access::private_key())); $key->save(); } - return $key; + + return $key->access_key; } /** diff --git a/modules/rest/libraries/Rest_Exception.php b/modules/rest/libraries/Rest_Exception.php index aa5b3281..087da939 100644 --- a/modules/rest/libraries/Rest_Exception.php +++ b/modules/rest/libraries/Rest_Exception.php @@ -18,13 +18,20 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class Rest_Exception_Core extends Kohana_Exception { - public function __construct($message, $code) { + var $response = array(); + + public function __construct($message, $code, $response=array()) { parent::__construct($message, null, $code); + $this->response = $response; } public function sendHeaders() { if (!headers_sent()) { - header("HTTP/1.1 " . $this->getCode() . "Bad Request"); + header("HTTP/1.1 " . $this->getCode() . " " . $this->getMessage()); } } + + public function getTemplate() { + return "error_rest.json"; + } }
\ No newline at end of file diff --git a/modules/rest/tests/Rest_Controller_Test.php b/modules/rest/tests/Rest_Controller_Test.php index fe83283d..0c8a4a98 100644 --- a/modules/rest/tests/Rest_Controller_Test.php +++ b/modules/rest/tests/Rest_Controller_Test.php @@ -21,8 +21,7 @@ class Rest_Controller_Test extends Gallery_Unit_Test_Case { public function setup() { $this->_save = array($_GET, $_POST, $_SERVER); - $key = rest::get_access_key(1); // admin user - $_SERVER["HTTP_X_GALLERY_REQUEST_KEY"] = $key->access_key; + $_SERVER["HTTP_X_GALLERY_REQUEST_KEY"] = rest::access_key(); } public function teardown() { @@ -83,11 +82,10 @@ class Rest_Controller_Test extends Gallery_Unit_Test_Case { $_SERVER["REQUEST_METHOD"] = "GET"; $_GET["key"] = "value"; - $key = rest::get_access_key(1); // admin user $this->assert_array_equal_to_json( array("params" => array("key" => "value"), "method" => "get", - "access_key" => $key->access_key, + "access_key" => rest::access_key(), "url" => "http://./index.php/gallery_unit_test"), test::call_and_capture(array(new Rest_Controller(), "mock"))); } @@ -96,11 +94,10 @@ class Rest_Controller_Test extends Gallery_Unit_Test_Case { $_SERVER["REQUEST_METHOD"] = "POST"; $_POST["key"] = "value"; - $key = rest::get_access_key(1); // admin user $this->assert_array_equal_to_json( array("params" => array("key" => "value"), "method" => "post", - "access_key" => $key->access_key, + "access_key" => rest::access_key(), "url" => "http://./index.php/gallery_unit_test"), test::call_and_capture(array(new Rest_Controller(), "mock"))); } @@ -110,11 +107,10 @@ class Rest_Controller_Test extends Gallery_Unit_Test_Case { $_SERVER["HTTP_X_GALLERY_REQUEST_METHOD"] = "put"; $_POST["key"] = "value"; - $key = rest::get_access_key(1); // admin user $this->assert_array_equal_to_json( array("params" => array("key" => "value"), "method" => "put", - "access_key" => $key->access_key, + "access_key" => rest::access_key(), "url" => "http://./index.php/gallery_unit_test"), test::call_and_capture(array(new Rest_Controller(), "mock"))); } @@ -124,11 +120,10 @@ class Rest_Controller_Test extends Gallery_Unit_Test_Case { $_SERVER["HTTP_X_GALLERY_REQUEST_METHOD"] = "delete"; $_POST["key"] = "value"; - $key = rest::get_access_key(1); // admin user $this->assert_array_equal_to_json( array("params" => array("key" => "value"), "method" => "delete", - "access_key" => $key->access_key, + "access_key" => rest::access_key(), "url" => "http://./index.php/gallery_unit_test"), test::call_and_capture(array(new Rest_Controller(), "mock"))); } diff --git a/modules/rest/views/error_rest.json.php b/modules/rest/views/error_rest.json.php new file mode 100644 index 00000000..179ce7f9 --- /dev/null +++ b/modules/rest/views/error_rest.json.php @@ -0,0 +1,2 @@ +<?php defined("SYSPATH") or die("No direct script access.") ?> +<?= json_encode($e->response);
\ No newline at end of file diff --git a/modules/slideshow/helpers/slideshow_theme.php b/modules/slideshow/helpers/slideshow_theme.php index c23326cf..3203b7bc 100644 --- a/modules/slideshow/helpers/slideshow_theme.php +++ b/modules/slideshow/helpers/slideshow_theme.php @@ -19,7 +19,7 @@ */ class slideshow_theme_Core { static function page_bottom($theme) { - $proto = (empty($_SERVER["HTTPS"]) || $_SERVER["HTTPS"] === "off") ? "http" : "https"; + $proto = request::protocol(); return "<script src=\"$proto://apps.cooliris.com/slideshow/go.js\" " . "type=\"text/javascript\"></script>"; } diff --git a/modules/tag/helpers/tags_rest.php b/modules/tag/helpers/tags_rest.php index 975cf140..4f40e7f4 100644 --- a/modules/tag/helpers/tags_rest.php +++ b/modules/tag/helpers/tags_rest.php @@ -29,9 +29,13 @@ class tags_rest_Core { static function get($request) { $tags = array(); - $p = $request->params; - $num = isset($p->num) ? min((int)$p->num, 100) : 10; - $start = isset($p->start) ? (int)$p->start : 0; + $num = 10; + $start = 0; + if (isset($request->params)) { + $p = $request->params; + $num = isset($p->num) ? min((int)$p->num, 100) : 10; + $start = isset($p->start) ? (int)$p->start : 0; + } foreach (ORM::factory("tag")->find_all($num, $start) as $tag) { $tags[] = rest::url("tag", $tag); diff --git a/modules/tag/tests/Tags_Rest_Helper_Test.php b/modules/tag/tests/Tags_Rest_Helper_Test.php index 99332c7c..1b909e50 100644 --- a/modules/tag/tests/Tags_Rest_Helper_Test.php +++ b/modules/tag/tests/Tags_Rest_Helper_Test.php @@ -45,7 +45,7 @@ class Tags_Rest_Helper_Test extends Gallery_Unit_Test_Case { } public function post_test() { - identity::set_active_user(identity::guest()); + identity::set_active_user(identity::admin_user()); $request = new stdClass(); $request->params = new stdClass(); |