summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/gallery/libraries/Gallery_View.php130
-rw-r--r--modules/gallery/tests/xss_data.txt48
2 files changed, 100 insertions, 78 deletions
diff --git a/modules/gallery/libraries/Gallery_View.php b/modules/gallery/libraries/Gallery_View.php
index 8f02b53c..3f59db6a 100644
--- a/modules/gallery/libraries/Gallery_View.php
+++ b/modules/gallery/libraries/Gallery_View.php
@@ -82,10 +82,9 @@ class Gallery_View_Core extends View {
* @param $types a comma separated list of types to combine, eg "script,css"
*/
public function start_combining($types) {
- if (gallery::allow_css_and_js_combining()) {
- foreach (explode(",", $types) as $type) {
- $this->combine_queue[$type] = array();
- }
+ foreach (explode(",", $types) as $type) {
+ // Initialize the core group so it gets included first.
+ $this->combine_queue[$type] = array("core" => array());
}
}
@@ -135,70 +134,93 @@ class Gallery_View_Core extends View {
/**
* Combine a series of files into a single one and cache it in the database.
* @param $type the data type (script or css)
- * @param $group the group of scripts or css we want
+ * @param $group the group of scripts or css we want (null will combine all groups)
*/
- public function get_combined($type, $group="core") {
- $links = array();
-
- if (empty($this->combine_queue[$type][$group])) {
- return;
+ public function get_combined($type, $group=null) {
+ if (is_null($group)) {
+ $groups = array_keys($this->combine_queue[$type]);
+ } else {
+ $groups = array($group);
}
- // Include the url in the cache key so that if the Gallery moves, we don't use old cached
- // entries.
- $key = array(url::abs_file(""));
+ $buf = "";
+ foreach ($groups as $group) {
+ if (empty($this->combine_queue[$type][$group])) {
+ continue;
+ }
- foreach (array_keys($this->combine_queue[$type][$group]) as $path) {
- $stats = stat($path);
- // 7 == size, 9 == mtime, see http://php.net/stat
- $key[] = "$path $stats[7] $stats[9]";
- }
+ // Include the url in the cache key so that if the Gallery moves, we don't use old cached
+ // entries.
+ $key = array(url::abs_file(""));
+ foreach (array_keys($this->combine_queue[$type][$group]) as $path) {
+ $stats = stat($path);
+ // 7 == size, 9 == mtime, see http://php.net/stat
+ $key[] = "$path $stats[7] $stats[9]";
+ }
+ $key = md5(join(" ", $key));
- $key = md5(join(" ", $key));
- $cache = Cache::instance();
- $contents = $cache->get($key);
+ if (gallery::allow_css_and_js_combining()) {
+ // Combine enabled - if we're at the start of the buffer, add a comment.
+ if (!$buf) {
+ $type_text = ($type == "css") ? "CSS" : "JS";
+ $buf .= "<!-- LOOKING FOR YOUR $type_text? It's all been combined into the link(s) below -->\n";
+ }
- if (empty($contents)) {
- $combine_data = new stdClass();
- $combine_data->type = $type;
- $combine_data->contents = $this->combine_queue[$type][$group];
- module::event("before_combine", $combine_data);
+ $cache = Cache::instance();
+ $contents = $cache->get($key);
- $contents = "";
- foreach (array_keys($this->combine_queue[$type][$group]) as $path) {
- if ($type == "css") {
- $contents .= "/* $path */\n" . $this->process_css($path) . "\n";
- } else {
- $contents .= "/* $path */\n" . file_get_contents($path) . "\n";
- }
- }
+ if (empty($contents)) {
+ $combine_data = new stdClass();
+ $combine_data->type = $type;
+ $combine_data->contents = $this->combine_queue[$type][$group];
+ module::event("before_combine", $combine_data);
- $combine_data = new stdClass();
- $combine_data->type = $type;
- $combine_data->contents = $contents;
- module::event("after_combine", $combine_data);
+ $contents = "";
+ foreach (array_keys($this->combine_queue[$type][$group]) as $path) {
+ if ($type == "css") {
+ $contents .= "/* $path */\n" . $this->process_css($path) . "\n";
+ } else {
+ $contents .= "/* $path */\n" . file_get_contents($path) . "\n";
+ }
+ }
- $cache->set($key, $combine_data->contents, array($type), 30 * 84600);
+ $combine_data = new stdClass();
+ $combine_data->type = $type;
+ $combine_data->contents = $contents;
+ module::event("after_combine", $combine_data);
- $use_gzip = function_exists("gzencode") &&
- (int) ini_get("zlib.output_compression") === 0;
- if ($use_gzip) {
- $cache->set("{$key}_gz", gzencode($combine_data->contents, 9, FORCE_GZIP),
- array($type, "gzip"), 30 * 84600);
- }
+ $cache->set($key, $combine_data->contents, array($type), 30 * 84600);
- }
+ $use_gzip = function_exists("gzencode") &&
+ (int) ini_get("zlib.output_compression") === 0;
+ if ($use_gzip) {
+ $cache->set("{$key}_gz", gzencode($combine_data->contents, 9, FORCE_GZIP),
+ array($type, "gzip"), 30 * 84600);
+ }
+ }
- unset($this->combine_queue[$type][$group]);
- if (empty($this->combine_queue[$type])) {
- unset($this->combine_queue[$type]);
- }
+ if ($type == "css") {
+ $buf .= html::stylesheet("combined/css/$key", "screen,print,projection", true);
+ } else {
+ $buf .= html::script("combined/javascript/$key", true);
+ }
+ } else {
+ // Don't combine - just return the CSS and JS links (with the key as a cache buster).
+ foreach (array_keys($this->combine_queue[$type][$group]) as $path) {
+ if ($type == "css") {
+ $buf .= html::stylesheet("$path?m=$key", "screen,print,projection", false);
+ } else {
+ $buf .= html::script("$path?m=$key", false);
+ }
+ }
+ }
- if ($type == "css") {
- return html::stylesheet("combined/css/$key", "screen,print,projection", true);
- } else {
- return html::script("combined/javascript/$key", true);
+ unset($this->combine_queue[$type][$group]);
+ if (empty($this->combine_queue[$type])) {
+ unset($this->combine_queue[$type]);
+ }
}
+ return $buf;
}
/**
diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt
index 5daaa371..2152858a 100644
--- a/modules/gallery/tests/xss_data.txt
+++ b/modules/gallery/tests/xss_data.txt
@@ -388,19 +388,19 @@ modules/watermark/views/admin_watermarks.html.php 20 DIRTY_ATTR $url
themes/admin_wind/views/admin.html.php 4 DIRTY $theme->html_attributes()
themes/admin_wind/views/admin.html.php 34 DIRTY $theme->admin_head()
themes/admin_wind/views/admin.html.php 46 DIRTY_JS $theme->url()
-themes/admin_wind/views/admin.html.php 51 DIRTY $theme->get_combined("css")
-themes/admin_wind/views/admin.html.php 54 DIRTY $theme->get_combined("script")
-themes/admin_wind/views/admin.html.php 58 DIRTY $theme->admin_page_top()
-themes/admin_wind/views/admin.html.php 66 DIRTY $theme->admin_header_top()
-themes/admin_wind/views/admin.html.php 67 DIRTY_JS item::root()->url()
-themes/admin_wind/views/admin.html.php 70 DIRTY $theme->user_menu()
-themes/admin_wind/views/admin.html.php 73 DIRTY $theme->admin_menu()
-themes/admin_wind/views/admin.html.php 76 DIRTY $theme->admin_header_bottom()
-themes/admin_wind/views/admin.html.php 83 DIRTY $content
-themes/admin_wind/views/admin.html.php 89 DIRTY $sidebar
-themes/admin_wind/views/admin.html.php 94 DIRTY $theme->admin_footer()
-themes/admin_wind/views/admin.html.php 97 DIRTY $theme->admin_credits()
-themes/admin_wind/views/admin.html.php 102 DIRTY $theme->admin_page_bottom()
+themes/admin_wind/views/admin.html.php 50 DIRTY $theme->get_combined("css")
+themes/admin_wind/views/admin.html.php 51 DIRTY $theme->get_combined("script")
+themes/admin_wind/views/admin.html.php 55 DIRTY $theme->admin_page_top()
+themes/admin_wind/views/admin.html.php 63 DIRTY $theme->admin_header_top()
+themes/admin_wind/views/admin.html.php 64 DIRTY_JS item::root()->url()
+themes/admin_wind/views/admin.html.php 67 DIRTY $theme->user_menu()
+themes/admin_wind/views/admin.html.php 70 DIRTY $theme->admin_menu()
+themes/admin_wind/views/admin.html.php 73 DIRTY $theme->admin_header_bottom()
+themes/admin_wind/views/admin.html.php 80 DIRTY $content
+themes/admin_wind/views/admin.html.php 86 DIRTY $sidebar
+themes/admin_wind/views/admin.html.php 91 DIRTY $theme->admin_footer()
+themes/admin_wind/views/admin.html.php 94 DIRTY $theme->admin_credits()
+themes/admin_wind/views/admin.html.php 99 DIRTY $theme->admin_page_bottom()
themes/admin_wind/views/block.html.php 3 DIRTY_ATTR $anchor
themes/admin_wind/views/block.html.php 5 DIRTY $id
themes/admin_wind/views/block.html.php 5 DIRTY_ATTR $css_id
@@ -436,17 +436,17 @@ themes/wind/views/page.html.php 32 DIRTY $new_w
themes/wind/views/page.html.php 33 DIRTY $new_height
themes/wind/views/page.html.php 34 DIRTY $thumb_proportion
themes/wind/views/page.html.php 68 DIRTY_JS $theme->url()
-themes/wind/views/page.html.php 73 DIRTY $theme->get_combined("css")
-themes/wind/views/page.html.php 76 DIRTY $theme->get_combined("script")
-themes/wind/views/page.html.php 86 DIRTY $header_text
-themes/wind/views/page.html.php 88 DIRTY_JS item::root()->url()
-themes/wind/views/page.html.php 92 DIRTY $theme->user_menu()
-themes/wind/views/page.html.php 107 DIRTY_ATTR $breadcrumb->last?"g-active":""
-themes/wind/views/page.html.php 108 DIRTY_ATTR $breadcrumb->first?"g-first":""
-themes/wind/views/page.html.php 109 DIRTY_JS $breadcrumb->url
-themes/wind/views/page.html.php 122 DIRTY $content
-themes/wind/views/page.html.php 128 DIRTY newView("sidebar.html")
-themes/wind/views/page.html.php 135 DIRTY $footer_text
+themes/wind/views/page.html.php 72 DIRTY $theme->get_combined("css")
+themes/wind/views/page.html.php 73 DIRTY $theme->get_combined("script")
+themes/wind/views/page.html.php 83 DIRTY $header_text
+themes/wind/views/page.html.php 85 DIRTY_JS item::root()->url()
+themes/wind/views/page.html.php 89 DIRTY $theme->user_menu()
+themes/wind/views/page.html.php 104 DIRTY_ATTR $breadcrumb->last?"g-active":""
+themes/wind/views/page.html.php 105 DIRTY_ATTR $breadcrumb->first?"g-first":""
+themes/wind/views/page.html.php 106 DIRTY_JS $breadcrumb->url
+themes/wind/views/page.html.php 119 DIRTY $content
+themes/wind/views/page.html.php 125 DIRTY newView("sidebar.html")
+themes/wind/views/page.html.php 132 DIRTY $footer_text
themes/wind/views/paginator.html.php 33 DIRTY_JS $first_page_url
themes/wind/views/paginator.html.php 42 DIRTY_JS $previous_page_url
themes/wind/views/paginator.html.php 70 DIRTY_JS $next_page_url
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 03:17:57 +0000