diff options
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/exif/helpers/exif_task.php | 4 | ||||
| -rw-r--r-- | modules/gallery/controllers/reauthenticate.php | 11 | ||||
| -rw-r--r-- | modules/gallery/controllers/upgrader.php | 21 | ||||
| -rw-r--r-- | modules/gallery/helpers/gallery_event.php | 4 | ||||
| -rw-r--r-- | modules/gallery/models/item.php | 50 | ||||
| -rw-r--r-- | modules/gallery/tests/Item_Model_Test.php | 57 | ||||
| -rw-r--r-- | modules/gallery/tests/controller_auth_data.txt | 2 | ||||
| -rw-r--r-- | modules/gallery/tests/xss_data.txt | 37 | ||||
| -rw-r--r-- | modules/gallery/views/upgrader.html.php | 2 | ||||
| -rw-r--r-- | modules/organize/views/organize_dialog.html.php | 6 | ||||
| -rw-r--r-- | modules/rest/views/error_rest.json.php | 4 | ||||
| -rw-r--r-- | modules/search/helpers/search_task.php | 4 | ||||
| -rw-r--r-- | modules/tag/controllers/tag.php | 49 | ||||
| -rw-r--r-- | modules/tag/controllers/tags.php | 28 | ||||
| -rw-r--r-- | modules/tag/models/tag.php | 2 | ||||
| -rw-r--r-- | modules/user/helpers/user.php | 14 | ||||
| -rw-r--r-- | modules/user/libraries/drivers/IdentityProvider/Gallery.php | 2 | ||||
| -rw-r--r-- | modules/user/views/admin_users_delete_user.html.php | 2 |
18 files changed, 185 insertions, 114 deletions
diff --git a/modules/exif/helpers/exif_task.php b/modules/exif/helpers/exif_task.php index a754865a..5963d03f 100644 --- a/modules/exif/helpers/exif_task.php +++ b/modules/exif/helpers/exif_task.php @@ -50,7 +50,7 @@ class exif_task_Core { ->where("exif_records.item_id", "IS", null) ->or_where("exif_records.dirty", "=", 1) ->close() - ->find_all() as $item) { + ->find_all(100) as $item) { // The query above can take a long time, so start the timer after its done // to give ourselves a little time to actually process rows. if (!isset($start)) { @@ -60,7 +60,7 @@ class exif_task_Core { exif::extract($item); $completed++; - if (microtime(true) - $start > 1.5) { + if (microtime(true) - $start > .75) { break; } } diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php index 0486c0fe..53a96374 100644 --- a/modules/gallery/controllers/reauthenticate.php +++ b/modules/gallery/controllers/reauthenticate.php @@ -19,12 +19,19 @@ */ class Reauthenticate_Controller extends Controller { public function index() { + $is_ajax = Session::instance()->get_once("is_ajax_request", request::is_ajax()); if (!identity::active_user()->admin) { - access::forbidden(); + if ($is_ajax) { + // We should never be able to get here since Admin_Controller::_reauth_check() won't work + // for non-admins. + access::forbidden(); + } else { + url::redirect(item::root()->abs_url()); + } } + // On redirects from the admin controller, the ajax request indicator is lost, // so we store it in the session. - $is_ajax = Session::instance()->get_once("is_ajax_request", request::is_ajax()); if ($is_ajax) { $v = new View("reauthenticate.html"); $v->form = self::_form(); diff --git a/modules/gallery/controllers/upgrader.php b/modules/gallery/controllers/upgrader.php index 6613d671..b2646874 100644 --- a/modules/gallery/controllers/upgrader.php +++ b/modules/gallery/controllers/upgrader.php @@ -54,8 +54,16 @@ class Upgrader_Controller extends Controller { // @todo this may screw up some module installers, but we don't have a better answer at // this time. $_SERVER["HTTP_HOST"] = "example.com"; - } else if (!identity::active_user()->admin && !Session::instance()->get("can_upgrade", false)) { - access::forbidden(); + } else { + if (!identity::active_user()->admin && !Session::instance()->get("can_upgrade", false)) { + access::forbidden(); + } + + try { + access::verify_csrf(); + } catch (Exception $e) { + url::redirect("upgrader"); + } } $available = module::available(); @@ -87,7 +95,14 @@ class Upgrader_Controller extends Controller { site_status::clear("upgrade_now"); if (php_sapi_name() == "cli") { - print "Upgrade complete\n"; + if ($failed) { + print "Upgrade completed ** WITH FAILURES **\n"; + print "The following modules were not successfully upgraded:\n"; + print " " . implode($failed, "\n ") . "\n"; + print "Try getting newer versions or deactivating those modules\n"; + } else { + print "Upgrade complete\n"; + } } else { url::redirect("upgrader?failed=" . join(",", $failed)); } diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index 0ba98025..5b1db987 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -211,9 +211,9 @@ class gallery_event_Core { if (Router::$controller == "admin") { $continue_url = url::abs_site(""); - } else if (isset($theme->item)) { + } else if ($item = $theme->item()) { if (access::user_can(identity::guest(), "view", $theme->item)) { - $continue_url = $theme->item->abs_url(); + $continue_url = $item->abs_url(); } else { $continue_url = item::root()->abs_url(); } diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index cdba0241..3ceb5e37 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -357,26 +357,7 @@ class Item_Model extends ORM_MPTT { } } - // Randomize the name or slug if there's a conflict. Preserve the extension. - // @todo Improve this. Random numbers are not user friendly - $base_name = pathinfo($this->name, PATHINFO_FILENAME); - $base_ext = pathinfo($this->name, PATHINFO_EXTENSION); - $base_slug = $this->slug; - while (ORM::factory("item") - ->where("parent_id", "=", $this->parent_id) - ->and_open() - ->where("name", "=", $this->name) - ->or_where("slug", "=", $this->slug) - ->close() - ->find()->id) { - $rand = rand(); - if ($base_ext) { - $this->name = "$base_name-$rand.$base_ext"; - } else { - $this->name = "$base_name-$rand"; - } - $this->slug = "$base_slug-$rand"; - } + $this->_randomize_name_or_slug_on_conflict(); parent::save(); @@ -427,6 +408,8 @@ class Item_Model extends ORM_MPTT { $this->relative_url_cache = null; } + $this->_randomize_name_or_slug_on_conflict(); + parent::save(); // Now update the filesystem and any database caches if there were significant value @@ -505,6 +488,33 @@ class Item_Model extends ORM_MPTT { } /** + * Check to see if there's another item that occupies the same name or slug that this item + * intends to use, and if so choose a new name/slug while preserving the extension. + * @todo Improve this. Random numbers are not user friendly + */ + private function _randomize_name_or_slug_on_conflict() { + $base_name = pathinfo($this->name, PATHINFO_FILENAME); + $base_ext = pathinfo($this->name, PATHINFO_EXTENSION); + $base_slug = $this->slug; + while (ORM::factory("item") + ->where("parent_id", "=", $this->parent_id) + ->where("id", "<>", $this->id) + ->and_open() + ->where("name", "=", $this->name) + ->or_where("slug", "=", $this->slug) + ->close() + ->find()->id) { + $rand = rand(); + if ($base_ext) { + $this->name = "$base_name-$rand.$base_ext"; + } else { + $this->name = "$base_name-$rand"; + } + $this->slug = "$base_slug-$rand"; + } + } + + /** * Return the Item_Model representing the cover for this album. * @return Item_Model or null if there's no cover */ diff --git a/modules/gallery/tests/Item_Model_Test.php b/modules/gallery/tests/Item_Model_Test.php index bd123098..90c54e3c 100644 --- a/modules/gallery/tests/Item_Model_Test.php +++ b/modules/gallery/tests/Item_Model_Test.php @@ -136,20 +136,17 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { $this->assert_true(false, "Shouldn't get here"); } - public function item_rename_fails_with_existing_name_test() { + public function item_rename_over_existing_name_gets_uniqified_test() { // Create a test photo $item = test::random_photo(); $item2 = test::random_photo(); - try { - $item->name = $item2->name; - $item->save(); - } catch (ORM_Validation_Exception $e) { - $this->assert_true(in_array("conflict", $e->validation->errors())); - return; - } + $item->name = $item2->name; + $item->save(); - $this->assert_false(true, "rename should conflict"); + // foo.jpg should become foo-####.jpg + $this->assert_true( + preg_match("/" . str_replace(".jpg", "", $item2->name) . "-\d+\.jpg/", $item->name)); } public function move_album_test() { @@ -208,24 +205,21 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { $this->assert_equal("file", file_get_contents($photo->file_path())); } - public function move_album_fails_conflicting_target_test() { + public function move_album_with_conflicting_target_gets_uniqified_test() { $album = test::random_album(); $source = test::random_album_unsaved($album); $source->name = $album->name; $source->save(); // $source and $album have the same name, so if we move $source into the root they should - // conflict. + // conflict and get randomized - try { - $source->parent_id = item::root()->id; - $source->save(); - } catch (ORM_Validation_Exception $e) { - $this->assert_equal( - array("name" => "conflict", "slug" => "conflict"), $e->validation->errors()); - return; - } - $this->assert_true(false, "Shouldn't get here"); + $source->parent_id = item::root()->id; + $source->save(); + + // foo should become foo-#### + $this->assert_true(preg_match("/{$album->name}-\d+/", $source->name)); + $this->assert_true(preg_match("/{$album->slug}-\d+/", $source->slug)); } public function move_album_fails_wrong_target_type_test() { @@ -245,7 +239,7 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { $this->assert_true(false, "Shouldn't get here"); } - public function move_photo_fails_conflicting_target_test() { + public function move_photo_with_conflicting_target_gets_uniqified_test() { $photo1 = test::random_photo(); $album = test::random_album(); $photo2 = test::random_photo_unsaved($album); @@ -253,18 +247,17 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { $photo2->save(); // $photo1 and $photo2 have the same name, so if we move $photo1 into the root they should - // conflict. + // conflict and get uniqified. - try { - $photo2->parent_id = item::root()->id; - $photo2->save(); - } catch (Exception $e) { - // pass - $this->assert_equal( - array("name" => "conflict", "slug" => "conflict"), $e->validation->errors()); - return; - } - $this->assert_true(false, "Shouldn't get here"); + $photo2->parent_id = item::root()->id; + $photo2->save(); + + // foo.jpg should become foo-####.jpg + $this->assert_true( + preg_match("/" . str_replace(".jpg", "", $photo1->name) . "-\d+\.jpg/", $photo2->name)); + + // foo should become foo + $this->assert_true(preg_match("/{$photo1->slug}/", $photo2->name)); } public function move_album_inside_descendent_fails_test() { diff --git a/modules/gallery/tests/controller_auth_data.txt b/modules/gallery/tests/controller_auth_data.txt index 212577c7..03032fd9 100644 --- a/modules/gallery/tests/controller_auth_data.txt +++ b/modules/gallery/tests/controller_auth_data.txt @@ -15,7 +15,7 @@ modules/gallery/controllers/login.php html modules/gallery/controllers/login.php auth_html DIRTY_AUTH modules/gallery/controllers/logout.php index DIRTY_AUTH modules/gallery/controllers/quick.php form_edit DIRTY_CSRF -modules/gallery/controllers/upgrader.php index DIRTY_AUTH +modules/gallery/controllers/upgrader.php index DIRTY_CSRF|DIRTY_AUTH modules/gallery/controllers/uploader.php start DIRTY_AUTH modules/gallery/controllers/uploader.php status DIRTY_AUTH modules/gallery/controllers/uploader.php finish DIRTY_AUTH diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 8d26092b..6821c963 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -42,7 +42,7 @@ modules/digibug/views/digibug_form.html.php 4 DIRTY form:: modules/digibug/views/digibug_form.html.php 6 DIRTY form::hidden($key,$value) modules/exif/views/exif_dialog.html.php 14 DIRTY $details[$i]["caption"] modules/exif/views/exif_dialog.html.php 21 DIRTY $details[$i]["caption"] -modules/g2_import/views/admin_g2_import.html.php 30 DIRTY $form +modules/g2_import/views/admin_g2_import.html.php 9 DIRTY $form modules/gallery/views/admin_advanced_settings.html.php 21 DIRTY_ATTR text::alternate("g-odd","g-even") modules/gallery/views/admin_advanced_settings.html.php 22 DIRTY $var->module_name modules/gallery/views/admin_block_log_entries.html.php 4 DIRTY_ATTR log::severity_class($entry->severity) @@ -248,14 +248,15 @@ modules/gallery/views/permissions_form.html.php 80 DIRTY_JS $permi modules/gallery/views/permissions_form.html.php 80 DIRTY_JS $item->id modules/gallery/views/quick_delete_confirm.html.php 11 DIRTY $form modules/gallery/views/reauthenticate.html.php 9 DIRTY $form -modules/gallery/views/upgrader.html.php 59 DIRTY_ATTR $done?"muted":"" -modules/gallery/views/upgrader.html.php 63 DIRTY_ATTR $done?"muted":"" -modules/gallery/views/upgrader.html.php 71 DIRTY_ATTR $module->version==$module->code_version?"current":"upgradeable" -modules/gallery/views/upgrader.html.php 72 DIRTY_ATTR $id -modules/gallery/views/upgrader.html.php 76 DIRTY $module->version -modules/gallery/views/upgrader.html.php 79 DIRTY $module->code_version -modules/gallery/views/upgrader.html.php 101 DIRTY_ATTR $done?"muted":"" -modules/gallery/views/upgrader.html.php 104 DIRTY_ATTR $done?"muted":"" +modules/gallery/views/upgrader.html.php 76 DIRTY_ATTR $done?"muted":"" +modules/gallery/views/upgrader.html.php 94 DIRTY_ATTR $done?"muted":"" +modules/gallery/views/upgrader.html.php 102 DIRTY_ATTR $module->version==$module->code_version?"current":"upgradeable" +modules/gallery/views/upgrader.html.php 102 DIRTY_ATTR in_array($id,$failed)?"failed":"" +modules/gallery/views/upgrader.html.php 103 DIRTY_ATTR $id +modules/gallery/views/upgrader.html.php 107 DIRTY $module->version +modules/gallery/views/upgrader.html.php 110 DIRTY $module->code_version +modules/gallery/views/upgrader.html.php 120 DIRTY_ATTR $done?"muted":"" +modules/gallery/views/upgrader.html.php 123 DIRTY_ATTR $done?"muted":"" modules/gallery/views/user_languages_block.html.php 2 DIRTY form::dropdown("g-select-session-locale",$installed_locales,$selected) modules/gallery/views/user_profile.html.php 34 DIRTY_ATTR $user->avatar_url(40,$theme->url(,true)) modules/gallery/views/user_profile.html.php 43 DIRTY $info->view @@ -338,15 +339,17 @@ modules/tag/views/tag_cloud.html.php 6 DIRTY_JS $tag-> modules/user/views/admin_users.html.php 3 DIRTY_JS url::site("admin/users/add_user_to_group/__USERID__/__GROUPID__?csrf=$csrf") modules/user/views/admin_users.html.php 26 DIRTY_JS url::site("admin/users/group/__GROUPID__") modules/user/views/admin_users.html.php 36 DIRTY_JS url::site("admin/users/remove_user_from_group/__USERID__/__GROUPID__?csrf=$csrf") -modules/user/views/admin_users.html.php 71 DIRTY_ATTR $user->id -modules/user/views/admin_users.html.php 71 DIRTY_ATTR text::alternate("g-odd","g-even") -modules/user/views/admin_users.html.php 71 DIRTY_ATTR $user->admin?"g-admin":"" modules/user/views/admin_users.html.php 72 DIRTY_ATTR $user->id -modules/user/views/admin_users.html.php 73 DIRTY_ATTR $user->avatar_url(20,$theme->url(,true)) -modules/user/views/admin_users.html.php 87 DIRTY ($user->last_login==0)?"":gallery::date($user->last_login) -modules/user/views/admin_users.html.php 123 DIRTY_ATTR $group->id -modules/user/views/admin_users.html.php 123 DIRTY_ATTR ($group->special?"g-default-group":"") -modules/user/views/admin_users.html.php 125 DIRTY $v +modules/user/views/admin_users.html.php 72 DIRTY_ATTR text::alternate("g-odd","g-even") +modules/user/views/admin_users.html.php 72 DIRTY_ATTR $user->admin?"g-admin":"" +modules/user/views/admin_users.html.php 73 DIRTY_ATTR $user->id +modules/user/views/admin_users.html.php 74 DIRTY_ATTR $user->avatar_url(20,$theme->url(,true)) +modules/user/views/admin_users.html.php 88 DIRTY ($user->last_login==0)?"":gallery::date($user->last_login) +modules/user/views/admin_users.html.php 91 DIRTY db::build()->from("items")->where("owner_id","=",$user->id)->count_records() +modules/user/views/admin_users.html.php 127 DIRTY_ATTR $group->id +modules/user/views/admin_users.html.php 127 DIRTY_ATTR ($group->special?"g-default-group":"") +modules/user/views/admin_users.html.php 129 DIRTY $v +modules/user/views/admin_users_delete_user.html.php 6 DIRTY $form modules/user/views/admin_users_group.html.php 24 DIRTY_JS $user->id modules/user/views/admin_users_group.html.php 24 DIRTY_JS $group->id modules/watermark/views/admin_watermarks.html.php 20 DIRTY_ATTR $width diff --git a/modules/gallery/views/upgrader.html.php b/modules/gallery/views/upgrader.html.php index c2d8a552..1ec49c77 100644 --- a/modules/gallery/views/upgrader.html.php +++ b/modules/gallery/views/upgrader.html.php @@ -84,7 +84,7 @@ </div> <? else: ?> <div id="upgrade_button" class="button button-active"> - <a id="upgrade_link" href="<?= url::site("upgrader/upgrade") ?>"> + <a id="upgrade_link" href="<?= url::site("upgrader/upgrade?csrf=" . access::csrf_token()) ?>"> <?= t("Upgrade all") ?> </a> </div> diff --git a/modules/organize/views/organize_dialog.html.php b/modules/organize/views/organize_dialog.html.php index 769d6e9a..3ea1143d 100644 --- a/modules/organize/views/organize_dialog.html.php +++ b/modules/organize/views/organize_dialog.html.php @@ -19,7 +19,11 @@ <script type="text/javascript"> $("#g-dialog").bind("dialogclose", function(event, ui) { // @todo do a call to organize/closing to end the batch - window.location = $(this).data("reload.location"); + if ($(this).data("reload.location")) { + window.location = $(this).data("reload.location"); + } else { + window.location.reload(); + } }); function closeOrganizeDialog() { diff --git a/modules/rest/views/error_rest.json.php b/modules/rest/views/error_rest.json.php index 179ce7f9..8c99ef45 100644 --- a/modules/rest/views/error_rest.json.php +++ b/modules/rest/views/error_rest.json.php @@ -1,2 +1,6 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> +<? +// Log error response to ease debugging +Kohana_Log::add("error", "Rest error details: " . print_r($e->response, 1)); +?> <?= json_encode($e->response);
\ No newline at end of file diff --git a/modules/search/helpers/search_task.php b/modules/search/helpers/search_task.php index 08f75d66..48a6688b 100644 --- a/modules/search/helpers/search_task.php +++ b/modules/search/helpers/search_task.php @@ -47,7 +47,7 @@ class search_task_Core { ->join("search_records", "items.id", "search_records.item_id", "left") ->where("search_records.item_id", "IS", null) ->or_where("search_records.dirty", "=", 1) - ->find_all() as $item) { + ->find_all(100) as $item) { // The query above can take a long time, so start the timer after its done // to give ourselves a little time to actually process rows. if (!isset($start)) { @@ -57,7 +57,7 @@ class search_task_Core { search::update($item); $completed++; - if (microtime(true) - $start > 1.5) { + if (microtime(true) - $start > .75) { break; } } diff --git a/modules/tag/controllers/tag.php b/modules/tag/controllers/tag.php new file mode 100644 index 00000000..0e924f3d --- /dev/null +++ b/modules/tag/controllers/tag.php @@ -0,0 +1,49 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2010 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class Tag_Controller extends Controller { + public function __call($function, $args) { + $tag_name = $function; + $tag = ORM::factory("tag")->where("name", "=", $tag_name)->find(); + $page_size = module::get_var("gallery", "page_size", 9); + $page = (int) Input::instance()->get("page", "1"); + $children_count = $tag->items_count(); + $offset = ($page-1) * $page_size; + $max_pages = max(ceil($children_count / $page_size), 1); + + // Make sure that the page references a valid offset + if ($page < 1) { + url::redirect($album->abs_url()); + } else if ($page > $max_pages) { + url::redirect($album->abs_url("page=$max_pages")); + } + + $template = new Theme_View("page.html", "collection", "tag"); + $template->set_global("page", $page); + $template->set_global("max_pages", $max_pages); + $template->set_global("page_size", $page_size); + $template->set_global("tag", $tag); + $template->set_global("children", $tag->items($page_size, $offset)); + $template->set_global("children_count", $children_count); + $template->content = new View("dynamic.html"); + $template->content->title = t("Tag: %tag_name", array("tag_name" => $tag->name)); + + print $template; + } +} diff --git a/modules/tag/controllers/tags.php b/modules/tag/controllers/tags.php index bc657644..aa39b6cd 100644 --- a/modules/tag/controllers/tags.php +++ b/modules/tag/controllers/tags.php @@ -18,34 +18,6 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class Tags_Controller extends Controller { - public function show($tag_id) { - $tag = ORM::factory("tag", $tag_id); - $page_size = module::get_var("gallery", "page_size", 9); - $page = (int) Input::instance()->get("page", "1"); - $children_count = $tag->items_count(); - $offset = ($page-1) * $page_size; - $max_pages = max(ceil($children_count / $page_size), 1); - - // Make sure that the page references a valid offset - if ($page < 1) { - url::redirect($album->abs_url()); - } else if ($page > $max_pages) { - url::redirect($album->abs_url("page=$max_pages")); - } - - $template = new Theme_View("page.html", "collection", "tag"); - $template->set_global("page", $page); - $template->set_global("max_pages", $max_pages); - $template->set_global("page_size", $page_size); - $template->set_global("tag", $tag); - $template->set_global("children", $tag->items($page_size, $offset)); - $template->set_global("children_count", $children_count); - $template->content = new View("dynamic.html"); - $template->content->title = t("Tag: %tag_name", array("tag_name" => $tag->name)); - - print $template; - } - public function index() { // Far from perfection, but at least require view permission for the root album $album = ORM::factory("item", 1); diff --git a/modules/tag/models/tag.php b/modules/tag/models/tag.php index e8bd69c5..269a0f39 100644 --- a/modules/tag/models/tag.php +++ b/modules/tag/models/tag.php @@ -124,7 +124,7 @@ class Tag_Model extends ORM { * @param string $query the query string (eg "page=3") */ public function url($query=null) { - $url = url::site("tags/show/$this->id"); + $url = url::site("tag/{$this->name}"); if ($query) { $url .= "?$query"; } diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php index 55153263..be50d6d1 100644 --- a/modules/user/helpers/user.php +++ b/modules/user/helpers/user.php @@ -36,6 +36,20 @@ class user_Core { } /** + * Return an admin user. Prefer the currently logged in user, if possible. + * + * @return User_Model + */ + static function admin_user() { + $active = identity::active_user(); + if ($active->admin) { + return $active; + } + + return ORM::factory("user")->where("admin", "=", 1)->order_by("id", "ASC")->find(); + } + + /** * Is the password provided correct? * * @param user User Model diff --git a/modules/user/libraries/drivers/IdentityProvider/Gallery.php b/modules/user/libraries/drivers/IdentityProvider/Gallery.php index 44433ad7..73ac9bd0 100644 --- a/modules/user/libraries/drivers/IdentityProvider/Gallery.php +++ b/modules/user/libraries/drivers/IdentityProvider/Gallery.php @@ -32,7 +32,7 @@ class IdentityProvider_Gallery_Driver implements IdentityProvider_Driver { * @see IdentityProvider_Driver::guest. */ public function admin_user() { - return self::lookup_user(2); + return user::admin_user(); } /** diff --git a/modules/user/views/admin_users_delete_user.html.php b/modules/user/views/admin_users_delete_user.html.php index 4b79a305..44777ae5 100644 --- a/modules/user/views/admin_users_delete_user.html.php +++ b/modules/user/views/admin_users_delete_user.html.php @@ -1,7 +1,7 @@ <?php defined("SYSPATH") or die("No direct script access.") ?> <div id="g-admin-users-delete-user"> <p> - <?= t("Really delete <b>%name</b>? Any photos, movies or albums owned by this user will transfer ownership to <b>%new_owner</b>.", array("name" => $user->display_name(), "new_owner" => identity::admin_user()->display_name())) ?> + <?= t("Really delete <b>%name</b>? Any photos, movies or albums owned by this user will transfer ownership to <b>%new_owner</b>.", array("name" => $user->display_name(), "new_owner" => identity::active_user()->display_name())) ?> </p> <?= $form ?> </div> |