summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/g2_import/controllers/admin_g2_import.php1
-rw-r--r--modules/gallery/controllers/file_proxy.php14
-rw-r--r--modules/gallery/helpers/module.php12
-rw-r--r--modules/gallery/libraries/MY_Database.php2
-rw-r--r--modules/gallery/libraries/MY_Kohana_Exception.php6
-rw-r--r--modules/gallery/tests/Database_Test.php8
-rw-r--r--modules/gallery/tests/xss_data.txt187
-rw-r--r--modules/gallery/views/form_uploadify.html.php6
-rw-r--r--modules/image_block/controllers/image_block.php1
-rw-r--r--modules/info/helpers/info_block.php3
-rw-r--r--modules/search/views/search.html.php7
11 files changed, 135 insertions, 112 deletions
diff --git a/modules/g2_import/controllers/admin_g2_import.php b/modules/g2_import/controllers/admin_g2_import.php
index 5edd2a1b..2e435321 100644
--- a/modules/g2_import/controllers/admin_g2_import.php
+++ b/modules/g2_import/controllers/admin_g2_import.php
@@ -104,6 +104,7 @@ class Admin_g2_import_Controller extends Admin_Controller {
$path_prefix = Input::instance()->get("q");
foreach (glob("{$path_prefix}*") as $file) {
if (is_dir($file) && !is_link($file)) {
+ $file = html::clean($file);
$directories[] = $file;
// If we find an embed.php, include it as well
diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php
index 36c6bc2a..49aa9c5a 100644
--- a/modules/gallery/controllers/file_proxy.php
+++ b/modules/gallery/controllers/file_proxy.php
@@ -29,6 +29,13 @@
class File_Proxy_Controller extends Controller {
const ALLOW_PRIVATE_GALLERY = true;
public function __call($function, $args) {
+
+ // Force zlib compression off. Image and movie files are already compressed and
+ // recompressing them is CPU intensive.
+ if (ini_get("zlib.output_compression")) {
+ ini_set("zlib.output_compression", "Off");
+ }
+
// request_uri: gallery3/var/albums/foo/bar.jpg?m=1234
$request_uri = rawurldecode(Input::instance()->server("REQUEST_URI"));
@@ -128,7 +135,12 @@ class File_Proxy_Controller extends Controller {
// going to buffer up whatever file we're proxying (and it may be very large). This may
// affect embedding or systems with PHP's output_buffering enabled.
while (ob_get_level()) {
- ob_end_clean();
+ Kohana_Log::add("error","".print_r(ob_get_level(),1));
+ if (!@ob_end_clean()) {
+ // ob_end_clean() can return false if the buffer can't be removed for some reason
+ // (zlib output compression buffers sometimes cause problems).
+ break;
+ }
}
readfile($file);
diff --git a/modules/gallery/helpers/module.php b/modules/gallery/helpers/module.php
index 7292b106..e4f41d3d 100644
--- a/modules/gallery/helpers/module.php
+++ b/modules/gallery/helpers/module.php
@@ -110,10 +110,7 @@ class module_Core {
$identity_module = module::get_var("gallery", "identity_provider", "user");
$modules->$identity_module->locked = true;
- function natural_name_sort($a, $b) {
- return strnatcasecmp($a->name, $b->name);
- }
- $modules->uasort('natural_name_sort');
+ $modules->uasort(array("module", "module_comparator"));
self::$available = $modules;
}
@@ -121,6 +118,13 @@ class module_Core {
}
/**
+ * Natural name sort comparator
+ */
+ static function module_comparator($a, $b) {
+ return strnatcasecmp($a->name, $b->name);
+ }
+
+ /**
* Return a list of all the active modules in no particular order.
*/
static function active() {
diff --git a/modules/gallery/libraries/MY_Database.php b/modules/gallery/libraries/MY_Database.php
index fb54bfcd..4fbd62fd 100644
--- a/modules/gallery/libraries/MY_Database.php
+++ b/modules/gallery/libraries/MY_Database.php
@@ -58,7 +58,7 @@ abstract class Database extends Database_Core {
$open_brace = strpos($sql, "{") + 1;
$close_brace = strpos($sql, "}", $open_brace);
$name = substr($sql, $open_brace, $close_brace - $open_brace);
- $this->_table_names["{{$name}}"] = "{$prefix}$name";
+ $this->_table_names["{{$name}}"] = "`{$prefix}$name`";
} else if (strpos($sql, "RENAME TABLE") === 0) {
// Renaming a table; add it to the table cache.
// You must use the form "TO {new_table_name}" exactly for this to work.
diff --git a/modules/gallery/libraries/MY_Kohana_Exception.php b/modules/gallery/libraries/MY_Kohana_Exception.php
index dd04b25f..0c07ea5e 100644
--- a/modules/gallery/libraries/MY_Kohana_Exception.php
+++ b/modules/gallery/libraries/MY_Kohana_Exception.php
@@ -23,7 +23,7 @@ class Kohana_Exception extends Kohana_Exception_Core {
*/
public static function text($e) {
if ($e instanceof Kohana_404_Exception) {
- return "File not found: " . Router::$complete_uri;
+ return "File not found: " . rawurlencode(Router::$complete_uri);
} else {
return sprintf(
"%s [ %s ]: %s\n%s [ %s ]\n%s",
@@ -94,4 +94,8 @@ class Kohana_Exception extends Kohana_Exception_Core {
}
return $result;
}
+
+ public static function debug_path($file) {
+ return html::clean(parent::debug_path($file));
+ }
} \ No newline at end of file
diff --git a/modules/gallery/tests/Database_Test.php b/modules/gallery/tests/Database_Test.php
index 55006abc..fa9e5370 100644
--- a/modules/gallery/tests/Database_Test.php
+++ b/modules/gallery/tests/Database_Test.php
@@ -106,7 +106,7 @@ class Database_Test extends Gallery_Unit_Test_Case {
PRIMARY KEY (`id`),
UNIQUE KEY(`name`))
ENGINE=InnoDB DEFAULT CHARSET=utf8");
- $expected = "CREATE TABLE IF NOT EXISTS g_test (
+ $expected = "CREATE TABLE IF NOT EXISTS `g_test` (
`id` int(9) NOT NULL auto_increment,
`name` varchar(32) NOT NULL,
PRIMARY KEY (`id`),
@@ -121,9 +121,9 @@ class Database_Test extends Gallery_Unit_Test_Case {
" AND `right_ptr` <= 6)";
$sql = $db->add_table_prefixes($sql);
- $expected = "UPDATE g_test SET `name` = '{test string}' " .
+ $expected = "UPDATE `g_test` SET `name` = '{test string}' " .
"WHERE `item_id` IN " .
- " (SELECT `id` FROM g_test " .
+ " (SELECT `id` FROM `g_test` " .
" WHERE `left_ptr` >= 1 " .
" AND `right_ptr` <= 6)";
@@ -133,7 +133,7 @@ class Database_Test extends Gallery_Unit_Test_Case {
function prefix_replacement_for_rename_table_test() {
$db = Database::instance("mock");
$this->assert_same(
- "RENAME TABLE g_test TO g_new_test",
+ "RENAME TABLE `g_test` TO `g_new_test`",
$db->add_table_prefixes("RENAME TABLE {test} TO {new_test}"));
}
diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt
index 38042f85..2bfacb47 100644
--- a/modules/gallery/tests/xss_data.txt
+++ b/modules/gallery/tests/xss_data.txt
@@ -134,52 +134,51 @@ modules/gallery/views/admin_themes_buttonset.html.php 26 DIRTY_JS $info[
modules/gallery/views/admin_themes_buttonset.html.php 39 DIRTY_JS $info['discuss_url']
modules/gallery/views/admin_themes_preview.html.php 8 DIRTY_ATTR $url
modules/gallery/views/error_404.html.php 14 DIRTY $login_form
-modules/gallery/views/error_admin.html.php 178 DIRTY @gallery_block::get("platform_info")
-modules/gallery/views/error_admin.html.php 179 DIRTY @gallery_block::get("stats")
-modules/gallery/views/error_admin.html.php 184 DIRTY $type
-modules/gallery/views/error_admin.html.php 184 DIRTY $code
-modules/gallery/views/error_admin.html.php 187 DIRTY $message
-modules/gallery/views/error_admin.html.php 190 DIRTY_ATTR $error_id
-modules/gallery/views/error_admin.html.php 195 DIRTY Kohana_Exception::debug_path($file)
-modules/gallery/views/error_admin.html.php 195 DIRTY $line
-modules/gallery/views/error_admin.html.php 200 DIRTY_ATTR ($num==$line)?"highlight":""
-modules/gallery/views/error_admin.html.php 200 DIRTY $num
-modules/gallery/views/error_admin.html.php 200 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET)
-modules/gallery/views/error_admin.html.php 212 DIRTY_ATTR $source_id
-modules/gallery/views/error_admin.html.php 212 DIRTY_JS $source_id
-modules/gallery/views/error_admin.html.php 212 DIRTY Kohana_Exception::debug_path($step["file"])
-modules/gallery/views/error_admin.html.php 212 DIRTY $step["line"]
-modules/gallery/views/error_admin.html.php 214 DIRTY Kohana_Exception::debug_path($step["file"])
-modules/gallery/views/error_admin.html.php 214 DIRTY $step["line"]
-modules/gallery/views/error_admin.html.php 221 DIRTY $step["function"]
-modules/gallery/views/error_admin.html.php 222 DIRTY_ATTR $args_id
-modules/gallery/views/error_admin.html.php 222 DIRTY_JS $args_id
-modules/gallery/views/error_admin.html.php 226 DIRTY_ATTR $args_id
-modules/gallery/views/error_admin.html.php 231 DIRTY $name
-modules/gallery/views/error_admin.html.php 234 DIRTY Kohana_Exception::safe_dump($arg,$name)
-modules/gallery/views/error_admin.html.php 242 DIRTY_ATTR $source_id
-modules/gallery/views/error_admin.html.php 242 DIRTY_ATTR ($num==$step["line"])?"highlight":""
-modules/gallery/views/error_admin.html.php 242 DIRTY $num
-modules/gallery/views/error_admin.html.php 242 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET)
-modules/gallery/views/error_admin.html.php 252 DIRTY_ATTR $env_id=$error_id."environment"
-modules/gallery/views/error_admin.html.php 252 DIRTY_JS $env_id
-modules/gallery/views/error_admin.html.php 254 DIRTY_ATTR $env_id
-modules/gallery/views/error_admin.html.php 256 DIRTY_ATTR $env_id=$error_id."environment_included"
-modules/gallery/views/error_admin.html.php 256 DIRTY_JS $env_id
-modules/gallery/views/error_admin.html.php 256 DIRTY count($included)
-modules/gallery/views/error_admin.html.php 257 DIRTY_ATTR $env_id
-modules/gallery/views/error_admin.html.php 262 DIRTY Kohana_Exception::debug_path($file)
-modules/gallery/views/error_admin.html.php 269 DIRTY_ATTR $env_id=$error_id."environment_loaded"
-modules/gallery/views/error_admin.html.php 269 DIRTY_JS $env_id
-modules/gallery/views/error_admin.html.php 269 DIRTY count($included)
-modules/gallery/views/error_admin.html.php 270 DIRTY_ATTR $env_id
-modules/gallery/views/error_admin.html.php 275 DIRTY Kohana_Exception::debug_path($file)
-modules/gallery/views/error_admin.html.php 283 DIRTY_ATTR $env_id="$error_id.environment".strtolower($var)
-modules/gallery/views/error_admin.html.php 284 DIRTY_JS $env_id
-modules/gallery/views/error_admin.html.php 284 DIRTY $var
-modules/gallery/views/error_admin.html.php 285 DIRTY_ATTR $env_id
-modules/gallery/views/error_admin.html.php 291 DIRTY $key
-modules/gallery/views/error_admin.html.php 295 DIRTY Kohana_Exception::safe_dump($value,$key)
+modules/gallery/views/error_admin.html.php 179 DIRTY @gallery_block::get("platform_info")
+modules/gallery/views/error_admin.html.php 180 DIRTY @gallery_block::get("stats")
+modules/gallery/views/error_admin.html.php 185 DIRTY $type
+modules/gallery/views/error_admin.html.php 185 DIRTY $code
+modules/gallery/views/error_admin.html.php 191 DIRTY_ATTR $error_id
+modules/gallery/views/error_admin.html.php 196 DIRTY Kohana_Exception::debug_path($file)
+modules/gallery/views/error_admin.html.php 196 DIRTY $line
+modules/gallery/views/error_admin.html.php 201 DIRTY_ATTR ($num==$line)?"highlight":""
+modules/gallery/views/error_admin.html.php 201 DIRTY $num
+modules/gallery/views/error_admin.html.php 201 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET)
+modules/gallery/views/error_admin.html.php 213 DIRTY_ATTR $source_id
+modules/gallery/views/error_admin.html.php 213 DIRTY_JS $source_id
+modules/gallery/views/error_admin.html.php 213 DIRTY Kohana_Exception::debug_path($step["file"])
+modules/gallery/views/error_admin.html.php 213 DIRTY $step["line"]
+modules/gallery/views/error_admin.html.php 215 DIRTY Kohana_Exception::debug_path($step["file"])
+modules/gallery/views/error_admin.html.php 215 DIRTY $step["line"]
+modules/gallery/views/error_admin.html.php 222 DIRTY $step["function"]
+modules/gallery/views/error_admin.html.php 223 DIRTY_ATTR $args_id
+modules/gallery/views/error_admin.html.php 223 DIRTY_JS $args_id
+modules/gallery/views/error_admin.html.php 227 DIRTY_ATTR $args_id
+modules/gallery/views/error_admin.html.php 232 DIRTY $name
+modules/gallery/views/error_admin.html.php 235 DIRTY Kohana_Exception::safe_dump($arg,$name)
+modules/gallery/views/error_admin.html.php 243 DIRTY_ATTR $source_id
+modules/gallery/views/error_admin.html.php 243 DIRTY_ATTR ($num==$step["line"])?"highlight":""
+modules/gallery/views/error_admin.html.php 243 DIRTY $num
+modules/gallery/views/error_admin.html.php 243 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET)
+modules/gallery/views/error_admin.html.php 253 DIRTY_ATTR $env_id=$error_id."environment"
+modules/gallery/views/error_admin.html.php 253 DIRTY_JS $env_id
+modules/gallery/views/error_admin.html.php 255 DIRTY_ATTR $env_id
+modules/gallery/views/error_admin.html.php 257 DIRTY_ATTR $env_id=$error_id."environment_included"
+modules/gallery/views/error_admin.html.php 257 DIRTY_JS $env_id
+modules/gallery/views/error_admin.html.php 257 DIRTY count($included)
+modules/gallery/views/error_admin.html.php 258 DIRTY_ATTR $env_id
+modules/gallery/views/error_admin.html.php 263 DIRTY Kohana_Exception::debug_path($file)
+modules/gallery/views/error_admin.html.php 270 DIRTY_ATTR $env_id=$error_id."environment_loaded"
+modules/gallery/views/error_admin.html.php 270 DIRTY_JS $env_id
+modules/gallery/views/error_admin.html.php 270 DIRTY count($included)
+modules/gallery/views/error_admin.html.php 271 DIRTY_ATTR $env_id
+modules/gallery/views/error_admin.html.php 276 DIRTY Kohana_Exception::debug_path($file)
+modules/gallery/views/error_admin.html.php 284 DIRTY_ATTR $env_id="$error_id.environment".strtolower($var)
+modules/gallery/views/error_admin.html.php 285 DIRTY_JS $env_id
+modules/gallery/views/error_admin.html.php 285 DIRTY $var
+modules/gallery/views/error_admin.html.php 286 DIRTY_ATTR $env_id
+modules/gallery/views/error_admin.html.php 292 DIRTY $key
+modules/gallery/views/error_admin.html.php 296 DIRTY Kohana_Exception::safe_dump($value,$key)
modules/gallery/views/form_uploadify.html.php 16 DIRTY_JS url::site("uploader/status/_S/_E")
modules/gallery/views/form_uploadify.html.php 24 DIRTY_JS $flash_minimum_version
modules/gallery/views/form_uploadify.html.php 28 DIRTY_JS url::file("lib/uploadify/uploadify.swf")
@@ -188,7 +187,7 @@ modules/gallery/views/form_uploadify.html.php 31 DIRTY_JS implod
modules/gallery/views/form_uploadify.html.php 33 DIRTY_JS url::file("lib/uploadify/cancel.png")
modules/gallery/views/form_uploadify.html.php 34 DIRTY_JS $simultaneous_upload_limit
modules/gallery/views/form_uploadify.html.php 35 DIRTY_JS $size_limit_bytes
-modules/gallery/views/form_uploadify.html.php 162 DIRTY_ATTR request::protocol()
+modules/gallery/views/form_uploadify.html.php 164 DIRTY_ATTR request::protocol()
modules/gallery/views/in_place_edit.html.php 2 DIRTY form::open($action,array("method"=>"post","id"=>"g-in-place-edit-form","class"=>"g-short-form"))
modules/gallery/views/in_place_edit.html.php 3 DIRTY access::csrf_form_field()
modules/gallery/views/in_place_edit.html.php 6 DIRTY form::input("input",$form["input"]," class=\"textbox\"")
@@ -275,7 +274,6 @@ modules/gallery/views/upgrader.html.php 123 DIRTY_ATTR $don
modules/gallery/views/user_languages_block.html.php 2 DIRTY form::dropdown("g-select-session-locale",$installed_locales,$selected)
modules/gallery/views/user_profile.html.php 34 DIRTY_ATTR $user->avatar_url(40,$theme->url(,true))
modules/gallery/views/user_profile.html.php 43 DIRTY $info->view
-modules/image_block/views/image_block_block.html.php 4 DIRTY_JS $item->url()
modules/image_block/views/image_block_block.html.php 5 DIRTY $item->thumb_img(array("class"=>"g-thumbnail"))
modules/info/views/info_block.html.php 5 DIRTY $info["label"]
modules/info/views/info_block.html.php 5 DIRTY $info["value"]
@@ -290,7 +288,7 @@ modules/notification/views/item_updated.html.php 20 DIRTY $item-
modules/notification/views/user_profile_notification.html.php 5 DIRTY_ATTR $subscription->id
modules/notification/views/user_profile_notification.html.php 6 DIRTY_JS $subscription->url
modules/organize/views/organize_dialog.html.php 8 DIRTY_JS url::site("items/__ID__")
-modules/organize/views/organize_dialog.html.php 14 DIRTY_JS $album->title
+modules/organize/views/organize_dialog.html.php 14 DIRTY_JS html::clean($album->title)
modules/organize/views/organize_frame.html.php 12 DIRTY_JS url::file("modules/organize/vendor/ext/images/default/s.gif")
modules/organize/views/organize_frame.html.php 56 DIRTY_JS url::site("organize/album_info/__ID__")
modules/organize/views/organize_frame.html.php 94 DIRTY_JS access::csrf_token()
@@ -304,7 +302,7 @@ modules/organize/views/organize_frame.html.php 410 DIRTY_JS url::s
modules/organize/views/organize_frame.html.php 468 DIRTY_JS url::site("organize/reparent")
modules/organize/views/organize_frame.html.php 491 DIRTY_JS access::csrf_token()
modules/organize/views/organize_frame.html.php 507 DIRTY_JS access::can("edit",item::root())
-modules/organize/views/organize_frame.html.php 509 DIRTY_JS item::root()->title
+modules/organize/views/organize_frame.html.php 509 DIRTY_JS html::clean(item::root()->title)
modules/organize/views/organize_frame.html.php 511 DIRTY_JS item::root()->id
modules/organize/views/organize_frame.html.php 519 DIRTY_JS $album->id
modules/organize/views/organize_frame.html.php 520 DIRTY_JS $album->id
@@ -319,7 +317,7 @@ modules/rss/views/feed.mrss.php 16 DIRTY_JS $feed-
modules/rss/views/feed.mrss.php 19 DIRTY_JS $feed->next_page_uri
modules/rss/views/feed.mrss.php 21 DIRTY $pub_date
modules/rss/views/feed.mrss.php 22 DIRTY $pub_date
-modules/rss/views/feed.mrss.php 28 DIRTY date("D, d M Y H:i:s T",$item->created);
+modules/rss/views/feed.mrss.php 28 DIRTY date("D, d M Y H:i:s O",$item->created);
modules/rss/views/feed.mrss.php 35 DIRTY_ATTR $item->resize_url(true)
modules/rss/views/feed.mrss.php 37 DIRTY_ATTR $item->resize_height
modules/rss/views/feed.mrss.php 37 DIRTY_ATTR $item->resize_width
@@ -342,8 +340,9 @@ modules/rss/views/feed.mrss.php 69 DIRTY_ATTR $ite
modules/rss/views/rss_block.html.php 6 DIRTY_JS rss::url($url)
modules/search/views/search.html.php 27 DIRTY_ATTR $item_class
modules/search/views/search.html.php 28 DIRTY_JS $item->url()
-modules/search/views/search.html.php 29 DIRTY $item->thumb_img()
-modules/search/views/search.html.php 40 DIRTY $theme->paginator()
+modules/search/views/search.html.php 29 DIRTY $item->thumb_img(array("class"=>"g-thumbnail"))
+modules/search/views/search.html.php 31 DIRTY_ATTR $item_class
+modules/search/views/search.html.php 41 DIRTY $theme->paginator()
modules/server_add/views/admin_server_add.html.php 8 DIRTY_JS url::site("__ARGS__")
modules/server_add/views/admin_server_add.html.php 19 DIRTY $form
modules/server_add/views/admin_server_add.html.php 30 DIRTY_ATTR $id
@@ -379,22 +378,22 @@ modules/user/views/admin_users_group.html.php 24 DIRTY_JS $group
modules/watermark/views/admin_watermarks.html.php 20 DIRTY_ATTR $width
modules/watermark/views/admin_watermarks.html.php 20 DIRTY_ATTR $height
modules/watermark/views/admin_watermarks.html.php 20 DIRTY_ATTR $url
-themes/admin_wind/views/admin.html.php 4 DIRTY $theme->html_attributes()
-themes/admin_wind/views/admin.html.php 34 DIRTY $theme->admin_head()
-themes/admin_wind/views/admin.html.php 46 DIRTY_JS $theme->url()
-themes/admin_wind/views/admin.html.php 51 DIRTY $theme->get_combined("css")
-themes/admin_wind/views/admin.html.php 54 DIRTY $theme->get_combined("script")
-themes/admin_wind/views/admin.html.php 58 DIRTY $theme->admin_page_top()
-themes/admin_wind/views/admin.html.php 66 DIRTY $theme->admin_header_top()
-themes/admin_wind/views/admin.html.php 67 DIRTY_JS item::root()->url()
-themes/admin_wind/views/admin.html.php 70 DIRTY $theme->user_menu()
-themes/admin_wind/views/admin.html.php 73 DIRTY $theme->admin_menu()
-themes/admin_wind/views/admin.html.php 76 DIRTY $theme->admin_header_bottom()
-themes/admin_wind/views/admin.html.php 83 DIRTY $content
-themes/admin_wind/views/admin.html.php 89 DIRTY $sidebar
-themes/admin_wind/views/admin.html.php 94 DIRTY $theme->admin_footer()
-themes/admin_wind/views/admin.html.php 97 DIRTY $theme->admin_credits()
-themes/admin_wind/views/admin.html.php 102 DIRTY $theme->admin_page_bottom()
+themes/admin_wind/views/admin.html.php 5 DIRTY $theme->html_attributes()
+themes/admin_wind/views/admin.html.php 35 DIRTY $theme->admin_head()
+themes/admin_wind/views/admin.html.php 47 DIRTY_JS $theme->url()
+themes/admin_wind/views/admin.html.php 52 DIRTY $theme->get_combined("css")
+themes/admin_wind/views/admin.html.php 55 DIRTY $theme->get_combined("script")
+themes/admin_wind/views/admin.html.php 59 DIRTY $theme->admin_page_top()
+themes/admin_wind/views/admin.html.php 67 DIRTY $theme->admin_header_top()
+themes/admin_wind/views/admin.html.php 68 DIRTY_JS item::root()->url()
+themes/admin_wind/views/admin.html.php 71 DIRTY $theme->user_menu()
+themes/admin_wind/views/admin.html.php 74 DIRTY $theme->admin_menu()
+themes/admin_wind/views/admin.html.php 77 DIRTY $theme->admin_header_bottom()
+themes/admin_wind/views/admin.html.php 84 DIRTY $content
+themes/admin_wind/views/admin.html.php 90 DIRTY $sidebar
+themes/admin_wind/views/admin.html.php 95 DIRTY $theme->admin_footer()
+themes/admin_wind/views/admin.html.php 98 DIRTY $theme->admin_credits()
+themes/admin_wind/views/admin.html.php 103 DIRTY $theme->admin_page_bottom()
themes/admin_wind/views/block.html.php 3 DIRTY_ATTR $anchor
themes/admin_wind/views/block.html.php 5 DIRTY $id
themes/admin_wind/views/block.html.php 5 DIRTY_ATTR $css_id
@@ -404,13 +403,13 @@ themes/admin_wind/views/paginator.html.php 35 DIRTY_JS $first
themes/admin_wind/views/paginator.html.php 44 DIRTY_JS $previous_page_url
themes/admin_wind/views/paginator.html.php 70 DIRTY_JS $next_page_url
themes/admin_wind/views/paginator.html.php 79 DIRTY_JS $last_page_url
-themes/wind/views/album.html.php 16 DIRTY_ATTR $child->id
-themes/wind/views/album.html.php 16 DIRTY_ATTR $item_class
-themes/wind/views/album.html.php 18 DIRTY_JS $child->url()
-themes/wind/views/album.html.php 20 DIRTY $child->thumb_img(array("class"=>"g-thumbnail"))
-themes/wind/views/album.html.php 25 DIRTY_ATTR $item_class
-themes/wind/views/album.html.php 26 DIRTY_JS $child->url()
-themes/wind/views/album.html.php 44 DIRTY $theme->paginator()
+themes/wind/views/album.html.php 19 DIRTY_ATTR $child->id
+themes/wind/views/album.html.php 19 DIRTY_ATTR $item_class
+themes/wind/views/album.html.php 21 DIRTY_JS $child->url()
+themes/wind/views/album.html.php 23 DIRTY $child->thumb_img(array("class"=>"g-thumbnail"))
+themes/wind/views/album.html.php 28 DIRTY_ATTR $item_class
+themes/wind/views/album.html.php 29 DIRTY_JS $child->url()
+themes/wind/views/album.html.php 47 DIRTY $theme->paginator()
themes/wind/views/block.html.php 3 DIRTY_ATTR $anchor
themes/wind/views/block.html.php 5 DIRTY_ATTR $css_id
themes/wind/views/block.html.php 6 DIRTY $title
@@ -424,25 +423,23 @@ themes/wind/views/dynamic.html.php 17 DIRTY_ATTR $chi
themes/wind/views/dynamic.html.php 29 DIRTY $theme->paginator()
themes/wind/views/movie.html.php 5 DIRTY $theme->paginator()
themes/wind/views/movie.html.php 9 DIRTY $item->movie_img(array("class"=>"g-movie","id"=>"g-item-id-{$item->id}"))
-themes/wind/views/page.html.php 4 DIRTY $theme->html_attributes()
-themes/wind/views/page.html.php 10 DIRTY $page_title
-themes/wind/views/page.html.php 13 DIRTY $theme->item()->title
-themes/wind/views/page.html.php 17 DIRTY item::root()->title
-themes/wind/views/page.html.php 32 DIRTY $new_width
-themes/wind/views/page.html.php 33 DIRTY $new_height
-themes/wind/views/page.html.php 34 DIRTY $thumb_proportion
-themes/wind/views/page.html.php 74 DIRTY_JS $theme->url()
-themes/wind/views/page.html.php 79 DIRTY $theme->get_combined("css")
-themes/wind/views/page.html.php 82 DIRTY $theme->get_combined("script")
-themes/wind/views/page.html.php 92 DIRTY $header_text
-themes/wind/views/page.html.php 94 DIRTY_JS item::root()->url()
-themes/wind/views/page.html.php 98 DIRTY $theme->user_menu()
-themes/wind/views/page.html.php 113 DIRTY_ATTR $breadcrumb->last?"g-active":""
-themes/wind/views/page.html.php 114 DIRTY_ATTR $breadcrumb->first?"g-first":""
-themes/wind/views/page.html.php 115 DIRTY_JS $breadcrumb->url
-themes/wind/views/page.html.php 128 DIRTY $content
-themes/wind/views/page.html.php 134 DIRTY newView("sidebar.html")
-themes/wind/views/page.html.php 141 DIRTY $footer_text
+themes/wind/views/page.html.php 5 DIRTY $theme->html_attributes()
+themes/wind/views/page.html.php 11 DIRTY $page_title
+themes/wind/views/page.html.php 33 DIRTY $new_width
+themes/wind/views/page.html.php 34 DIRTY $new_height
+themes/wind/views/page.html.php 35 DIRTY $thumb_proportion
+themes/wind/views/page.html.php 75 DIRTY_JS $theme->url()
+themes/wind/views/page.html.php 80 DIRTY $theme->get_combined("css")
+themes/wind/views/page.html.php 83 DIRTY $theme->get_combined("script")
+themes/wind/views/page.html.php 93 DIRTY $header_text
+themes/wind/views/page.html.php 95 DIRTY_JS item::root()->url()
+themes/wind/views/page.html.php 99 DIRTY $theme->user_menu()
+themes/wind/views/page.html.php 114 DIRTY_ATTR $breadcrumb->last?"g-active":""
+themes/wind/views/page.html.php 115 DIRTY_ATTR $breadcrumb->first?"g-first":""
+themes/wind/views/page.html.php 116 DIRTY_JS $breadcrumb->url
+themes/wind/views/page.html.php 129 DIRTY $content
+themes/wind/views/page.html.php 135 DIRTY newView("sidebar.html")
+themes/wind/views/page.html.php 142 DIRTY $footer_text
themes/wind/views/paginator.html.php 33 DIRTY_JS $first_page_url
themes/wind/views/paginator.html.php 42 DIRTY_JS $previous_page_url
themes/wind/views/paginator.html.php 70 DIRTY_JS $next_page_url
diff --git a/modules/gallery/views/form_uploadify.html.php b/modules/gallery/views/form_uploadify.html.php
index ba4a3621..22332e82 100644
--- a/modules/gallery/views/form_uploadify.html.php
+++ b/modules/gallery/views/form_uploadify.html.php
@@ -59,8 +59,9 @@
var re = /^error: (.*)$/i;
var msg = re.exec(response);
$("#g-add-photos-status ul").append(
- "<li id=\"q" + queueID + "\" class=\"g-success\">" + fileObj.name + " - " +
+ "<li id=\"q" + queueID + "\" class=\"g-success\"><span></span> - " +
<?= t("Completed")->for_js() ?> + "</li>");
+ $("#g-add-photos-status li#q" + queueID + " span").text(fileObj.name);
setTimeout(function() { $("#q" + queueID).slideUp("slow").remove() }, 5000);
success_count++;
update_status();
@@ -92,7 +93,8 @@
error_msg + "</a>";
$("#g-add-photos-status ul").append(
- "<li id=\"q" + queueID + "\" class=\"g-error\">" + fileObj.name + msg + "</li>");
+ "<li id=\"q" + queueID + "\" class=\"g-error\"><span></span>" + msg + "</li>");
+ $("#g-add-photos-status li#q" + queueID + " span").text(fileObj.name);
$("#g-uploadify").uploadifyCancel(queueID);
error_count++;
update_status();
diff --git a/modules/image_block/controllers/image_block.php b/modules/image_block/controllers/image_block.php
index 94024b3b..4956c08d 100644
--- a/modules/image_block/controllers/image_block.php
+++ b/modules/image_block/controllers/image_block.php
@@ -20,6 +20,7 @@
class Image_Block_Controller extends Controller {
public function random($item_id) {
$item = ORM::factory("item", $item_id);
+ access::required("view", $item);
item::set_display_context_callback("Albums_Controller::get_display_context");
url::redirect($item->abs_url());
}
diff --git a/modules/info/helpers/info_block.php b/modules/info/helpers/info_block.php
index 3dcfa338..d62c900d 100644
--- a/modules/info/helpers/info_block.php
+++ b/modules/info/helpers/info_block.php
@@ -29,7 +29,8 @@ class info_block_Core {
if ($theme->item()) {
$block = new Block();
$block->css_id = "g-metadata";
- $block->title = $theme->item()->is_album() ? t("Album info") : t("Photo info");
+ $block->title = $theme->item()->is_album() ? t("Album info") :
+ ($theme->item()->is_movie() ? t("Movie info") : t("Photo info"));
$block->content = new View("info_block.html");
if ($theme->item->title && module::get_var("info", "show_title")) {
$info["title"] = array(
diff --git a/modules/search/views/search.html.php b/modules/search/views/search.html.php
index 3436a00c..4279cbab 100644
--- a/modules/search/views/search.html.php
+++ b/modules/search/views/search.html.php
@@ -26,11 +26,12 @@
<? $item_class = $item->is_album() ? "g-album" : "g-photo" ?>
<li class="g-item <?= $item_class ?>">
<a href="<?= $item->url() ?>">
- <?= $item->thumb_img() ?>
+ <?= $item->thumb_img(array("class" => "g-thumbnail")) ?>
<p>
+ <span class="<?= $item_class ?>"></span>
<?= html::purify(text::limit_chars($item->title, 32, "…")) ?>
- </p>
- <div>
+ </p>
+ <div>
<?= nl2br(html::purify(text::limit_chars($item->description, 64, "…"))) ?>
</div>
</a>
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 18:50:11 +0000