From f64824b35c1c6e42ffd3106a7ce2a3c430f1e589 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Thu, 28 May 2009 11:40:44 +0800
Subject: Remove extra line from a bad merge

Signed-off-by: Bharat Mediratta <bharat@menalto.com>
---
 .gitignore | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/.gitignore b/.gitignore
index 702fa990..a20370a7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,8 +1,5 @@
 # Ignore the var subdirectory
 var
-index.local.php
-
-
 
 # Ignore the index.local.php
 index.local.php
-- 
cgit v1.2.3


From 993eecfee61e502660f490bec5b394640b917bd1 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Thu, 28 May 2009 12:05:35 +0800
Subject: Rename index.local.php to local.php so that tab completion on i<tab>
 works. Makes running tests easier.

Signed-off-by: Bharat Mediratta <bharat@menalto.com>
---
 .gitignore | 2 +-
 index.php  | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.gitignore b/.gitignore
index a20370a7..6ebdd994 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,5 +2,5 @@
 var
 
 # Ignore the index.local.php
-index.local.php
+local.php
 
diff --git a/index.php b/index.php
index d8fc2742..b92f7353 100644
--- a/index.php
+++ b/index.php
@@ -59,8 +59,8 @@ if (PHP_SAPI == 'cli') {
 }
 define('TMPPATH', VARPATH . '/tmp');
 
-if (file_exists("index.local.php")) {
-  include("index.local.php");
+if (file_exists("local.php")) {
+  include("local.php");
 }
 
 // Initialize.
-- 
cgit v1.2.3


From 3b3531cbb834c192339292df8ab3e9220a48d924 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sat, 30 May 2009 15:34:03 -0700
Subject: Add a / to the end of TMPPATH to match other paths.

---
 index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.php b/index.php
index b92f7353..a70053a8 100644
--- a/index.php
+++ b/index.php
@@ -57,7 +57,7 @@ if (PHP_SAPI == 'cli') {
   define('TEST_MODE', 0);
   define('VARPATH', strtr(realpath('var') . '/', DIRECTORY_SEPARATOR, '/'));
 }
-define('TMPPATH', VARPATH . '/tmp');
+define('TMPPATH', VARPATH . '/tmp/');
 
 if (file_exists("local.php")) {
   include("local.php");
-- 
cgit v1.2.3


From a5670d8d708c35589a695640694199c7b026877b Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sat, 30 May 2009 17:14:17 -0700
Subject: gate $can_edit and $can_add on whether or not we have an $item at all
 (fixes a bug where search doesn't render because it has no item).

---
 modules/gallery/helpers/gallery_menu.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/gallery/helpers/gallery_menu.php b/modules/gallery/helpers/gallery_menu.php
index 0f0e676d..09c2d91a 100644
--- a/modules/gallery/helpers/gallery_menu.php
+++ b/modules/gallery/helpers/gallery_menu.php
@@ -28,8 +28,8 @@ class gallery_menu_Core {
 
     $item = $theme->item();
 
-    $can_edit = access::can("edit", $item) || $is_admin;
-    $can_add = access::can("add", $item) || $is_admin;
+    $can_edit = $item && access::can("edit", $item) || $is_admin;
+    $can_add = $item && (access::can("add", $item) || $is_admin);
 
     if ($item && $can_edit || $can_add) {
       $menu->append($options_menu = Menu::factory("submenu")
-- 
cgit v1.2.3


From 18483908976d9dbfa6f0877f380a9ff9ae83ff8c Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 00:10:12 -0700
Subject: Convert single quotes to double quotes

---
 application/config/config.php | 46 +++++++++++++++++++++----------------------
 1 file changed, 23 insertions(+), 23 deletions(-)

diff --git a/application/config/config.php b/application/config/config.php
index d6da2ad1..6a30d91c 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -23,34 +23,34 @@
  * then a full URL will be used, eg: http://localhost/kohana/. If it only includes
  * the path, and a site_protocol is specified, the domain will be auto-detected.
  */
-$config['site_domain'] = dirname($_SERVER['SCRIPT_NAME']);
+$config["site_domain"] = dirname($_SERVER["SCRIPT_NAME"]);
 
 /**
  * Force a default protocol to be used by the site. If no site_protocol is
  * specified, then the current protocol is used, or when possible, only an
  * absolute path (with no protocol/domain) is used.
  */
-$config['site_protocol'] = '';
+$config["site_protocol"] = "";
 
 /**
  * Name of the front controller for this application. Default: index.php
  *
  * This can be removed by using URL rewriting.
  */
-$config['index_page'] = 'index.php';
+$config["index_page"] = "index.php";
 
 /**
  * Fake file extension that will be added to all generated URLs. Example: .html
  */
-$config['url_suffix'] = '';
+$config["url_suffix"] = "";
 
 /**
  * Length of time of the internal cache in seconds. 0 or FALSE means no caching.
  * The internal cache stores file paths and config entries across requests and
  * can give significant speed improvements at the expense of delayed updating.
  */
-$config['internal_cache'] = FALSE;
-$config['internal_cache_path'] = VARPATH . "tmp/";
+$config["internal_cache"] = FALSE;
+$config["internal_cache_path"] = VARPATH . "tmp/";
 
 /**
  * Enable or disable gzip output compression. This can dramatically decrease
@@ -59,20 +59,20 @@ $config['internal_cache_path'] = VARPATH . "tmp/";
  *
  * Do not enable this option if you are using output compression in php.ini!
  */
-$config['output_compression'] = FALSE;
+$config["output_compression"] = FALSE;
 
 /**
  * Enable or disable global XSS filtering of GET, POST, and SERVER data. This
  * option also accepts a string to specify a specific XSS filtering tool.
  */
-$config['global_xss_filtering'] = TRUE;
+$config["global_xss_filtering"] = TRUE;
 
 /**
  * Enable or disable hooks. Setting this option to TRUE will enable
  * all hooks. By using an array of hook filenames, you can control
  * which hooks are enabled. Setting this option to FALSE disables hooks.
  */
-$config['enable_hooks'] = TRUE;
+$config["enable_hooks"] = TRUE;
 
 /**
  * Log thresholds:
@@ -82,21 +82,21 @@ $config['enable_hooks'] = TRUE;
  *  3 - Notices
  *  4 - Debugging
  */
-$config['log_threshold'] = 3;
+$config["log_threshold"] = 3;
 
 /**
  * Message logging directory.
  */
-$config['log_directory'] = VARPATH . "logs";
-if (@!is_writable($config['log_directory'])) {
-  $config['log_threshold'] = 0;
+$config["log_directory"] = VARPATH . "logs";
+if (@!is_writable($config["log_directory"])) {
+  $config["log_threshold"] = 0;
 }
 
 /**
  * Enable or disable displaying of Kohana error pages. This will not affect
  * logging. Turning this off will disable ALL error pages.
  */
-$config['display_errors'] = TRUE;
+$config["display_errors"] = TRUE;
 
 /**
  * Enable or disable statistics in the final output. Stats are replaced via
@@ -104,33 +104,33 @@ $config['display_errors'] = TRUE;
  *
  * @see http://docs.kohanaphp.com/general/configuration
  */
-$config['render_stats'] = TRUE;
+$config["render_stats"] = TRUE;
 
 /**
  * Filename prefixed used to determine extensions. For example, an
  * extension to the Controller class would be named MY_Controller.php.
  */
-$config['extension_prefix'] = 'MY_';
+$config["extension_prefix"] = "MY_";
 
 /**
  * Additional resource paths, or "modules". Each path can either be absolute
  * or relative to the docroot. Modules can include any resource that can exist
  * in your application directory, configuration files, controllers, views, etc.
  */
-$config['modules'] = array(
-  MODPATH . 'forge',
-  MODPATH . 'gallery',  // gallery must be *last* in the order
+$config["modules"] = array(
+  MODPATH . "forge",
+  MODPATH . "gallery",  // gallery must be *last* in the order
 );
 
 if (TEST_MODE) {
-  array_splice($config['modules'], 0, 0,
-               array(MODPATH . 'gallery_unit_test',
-                     MODPATH . 'unit_test'));
+  array_splice($config["modules"], 0, 0,
+               array(MODPATH . "gallery_unit_test",
+                     MODPATH . "unit_test"));
 }
 
 /**
  * Setting the maintenance_mode to block all non administrative access.  In
  * this mode a user can attempt to logon, but will be unable to access anything.
- * The application will be have normally if an adminstrator logs on.
+ * The application will behave normally if an adminstrator logs on.
  */
 //$config["maintenance_mode"] = true;
-- 
cgit v1.2.3


From ad81861c331f60ec8c19ea11e47e2826660fa142 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 00:11:02 -0700
Subject: First pass at an XSS security test, along with the "p" helper which
 can clean HTML output.

---
 modules/gallery/helpers/p.php               |  33 +++++++
 modules/gallery/tests/Xss_Security_Test.php | 138 ++++++++++++++++++++++++++++
 2 files changed, 171 insertions(+)
 create mode 100644 modules/gallery/helpers/p.php
 create mode 100644 modules/gallery/tests/Xss_Security_Test.php

diff --git a/modules/gallery/helpers/p.php b/modules/gallery/helpers/p.php
new file mode 100644
index 00000000..69032840
--- /dev/null
+++ b/modules/gallery/helpers/p.php
@@ -0,0 +1,33 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class p_Core {
+  static function attr($dirty_html) {
+    // return $dirty_html;
+    return htmlentities($dirty_html, ENT_QUOTES);
+    // return str_replace('"', '&quot;', $dirty_html);
+    // return str_replace('"', '&quot;', Purify::instance()->purify($dirty_html));
+  }
+
+  function clean($dirty_html) {
+    // return $dirty_html;
+    return htmlentities($dirty_html, ENT_QUOTES);
+    // return Purify::instance()->purify($dirty_html);
+  }
+}
diff --git a/modules/gallery/tests/Xss_Security_Test.php b/modules/gallery/tests/Xss_Security_Test.php
new file mode 100644
index 00000000..22c4a767
--- /dev/null
+++ b/modules/gallery/tests/Xss_Security_Test.php
@@ -0,0 +1,138 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+class Xss_Security_Test extends Unit_Test_Case {
+
+  static function scan_php_file($file, &$cache) {
+    $code = file_get_contents($file);
+    $raw_tokens = token_get_all($code);
+    unset($code);
+
+    $tokens = array();
+    $func_token_list = array("t" => array(), "t2" => array());
+    $token_number = 0;
+    // Filter out HTML / whitespace, and build a lookup for global function calls.
+    foreach ($raw_tokens as $token) {
+      if ((!is_array($token)) || (($token[0] != T_WHITESPACE) && ($token[0] != T_INLINE_HTML))) {
+        if (is_array($token)) {
+          if ($token[0] == T_STRING && in_array($token[1], array("t", "t2"))) {
+            $func_token_list[$token[1]][] = $token_number;
+          }
+        }
+        $tokens[] = $token;
+        $token_number++;
+      }
+    }
+    unset($raw_tokens);
+
+    if (!empty($func_token_list["t"])) {
+      l10n_scanner::_parse_t_calls($tokens, $func_token_list["t"], $cache);
+    }
+    if (!empty($func_token_list["t2"])) {
+      l10n_scanner::_parse_plural_calls($tokens, $func_token_list["t2"], $cache);
+    }
+  }
+
+  public function find_unescaped_variables_in_views_test() {
+    // foreach (glob("*/*/views/*.php") as $view) {
+    foreach (array("modules/search/views/search.html.php") as $view) {
+      $expr = null;
+      $line = null;
+      $level = 0;
+      $php = 0;
+      $str = null;
+      $in_p_clean = 0;
+      foreach (token_get_all(file_get_contents($view)) as $token) {
+        if (false /* useful for debugging */) {
+          if (is_array($token)) {
+            printf("[$str] [$in_p_clean] %-15s %s\n", token_name($token[0]), $token[1]);
+          } else {
+            printf("[$str] [$in_p_clean] %-15s %s\n", "<char>", $token);
+          }
+        }
+
+        // If we find a "(" after a "p::clean" then start counting levels of parens and assume
+        // that we're inside a p::clean() call until we find the matching close paren.
+        if ($token[0] == "(" && $str == "p::clean") {
+          $in_p_clean = 1;
+        } else if ($token[0] == "(" && $in_p_clean) {
+          $in_p_clean++;
+        } else if ($token[0] == ")" && $in_p_clean) {
+          $in_p_clean--;
+        }
+
+        // Concatenate runs of strings for convenience, which we use above to figure out if we're
+        // inside a p::clean() call or not
+        if ($token[0] == T_STRING || $token[0] == T_DOUBLE_COLON) {
+          $str .= $token[1];
+        } else {
+          $str = null;
+        }
+
+        // Scan for any occurrences of < ? = $variable ? > and store it in $expr
+        if ($token[0] == T_OPEN_TAG_WITH_ECHO) {
+          $php++;
+        } else if ($php && $token[0] == T_CLOSE_TAG) {
+          $php--;
+        } else if ($php && $token[0] == T_VARIABLE) {
+          if (!$expr) {
+            $entry = array($token[2], $in_p_clean);
+          }
+          $expr .= $token[1];
+        } else if ($expr) {
+          if ($token[0] == T_OBJECT_OPERATOR) {
+            $expr .= $token[1];
+          } else if ($token[0] == T_STRING) {
+            $expr .= $token[1];
+          } else if ($token == "(") {
+            $expr .= $token;
+            $level++;
+          } else if ($level > 0 && $token == ")") {
+            $expr .= $token;
+            $level--;
+          } else if ($level > 0) {
+            $expr .= is_array($token) ? $token[1] : $token;
+          } else {
+            $entry[] = $expr;
+            $found[$view][] = $entry;
+            $expr = null;
+            $entry = null;
+          }
+        }
+      }
+    }
+
+    $canonical = MODPATH . "gallery/tests/xss_data.txt";
+    $new = TMPPATH . "xss_data.txt";
+    $fd = fopen($new, "wb");
+    ksort($found);
+    foreach ($found as $view => $entries) {
+      foreach ($entries as $entry) {
+        fwrite($fd,
+               sprintf("%-60s %-3s %-9s %s\n",
+                       $view, $entry[0], $entry[1] ? "CLEAN" : "NOT_CLEAN", $entry[2]));
+      }
+    }
+    fclose($fd);
+
+    exec("diff $canonical $new", $output, $return_value);
+    $this->assert_false(
+      $return_value, "XSS golden file mismatch.  Output:\n" . implode("\n", $output) );
+  }
+}
-- 
cgit v1.2.3


From 708f27f483d70660446ea2132b02cb7b39225f98 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 00:11:48 -0700
Subject: Run p::clean() on any variables that contain data entered by users.

---
 .../comment/views/admin_block_recent_comments.html.php |  6 +++---
 modules/comment/views/admin_comments.html.php          | 10 +++++-----
 modules/comment/views/comment.html.php                 |  6 +++---
 modules/comment/views/comments.html.php                |  6 +++---
 modules/exif/views/exif_dialog.html.php                |  4 ++--
 modules/gallery/views/admin_advanced_settings.html.php |  8 ++++----
 modules/gallery/views/admin_block_log_entries.html.php |  2 +-
 .../gallery/views/admin_block_photo_stream.html.php    |  4 ++--
 modules/gallery/views/admin_maintenance.html.php       |  2 +-
 modules/gallery/views/after_install.html.php           |  2 +-
 modules/gallery/views/move_tree.html.php               |  8 ++++----
 modules/gallery/views/permissions_browse.html.php      |  4 ++--
 modules/gallery/views/permissions_form.html.php        |  2 +-
 modules/gallery/views/simple_uploader.html.php         |  6 +++---
 modules/info/views/info_block.html.php                 |  8 ++++----
 modules/notification/views/comment_published.html.php  | 18 +++++++++++-------
 modules/notification/views/item_added.html.php         | 14 +++++++++-----
 modules/search/views/search.html.php                   | 10 ++++++----
 18 files changed, 65 insertions(+), 55 deletions(-)

diff --git a/modules/comment/views/admin_block_recent_comments.html.php b/modules/comment/views/admin_block_recent_comments.html.php
index d7b8d2b0..d5aab84c 100644
--- a/modules/comment/views/admin_block_recent_comments.html.php
+++ b/modules/comment/views/admin_block_recent_comments.html.php
@@ -4,13 +4,13 @@
   <li class="<?= ($i % 2 == 0) ? "gEvenRow" : "gOddRow" ?>">
     <img src="<?= $comment->author()->avatar_url(32, $theme->url("images/avatar.jpg", true)) ?>"
          class="gAvatar"
-         alt="<?= $comment->author_name() ?>"
+         alt="<?= p::clean($comment->author_name()) ?>"
          width="32"
          height="32" />
     <?= date("Y-M-d H:i:s", $comment->created) ?>
     <?= t("<a href=#>%author_name</a> said <em>%comment_text</em>",
-          array("author_name" => $comment->author_name(),
-                "comment_text" => text::limit_words($comment->text, 50))); ?>
+        array("author_name" => p::clean($comment->author_name()),
+                "comment_text" => text::limit_words(p::clean($comment->text), 50))); ?>
   </li>
   <? endforeach ?>
 </ul>
diff --git a/modules/comment/views/admin_comments.html.php b/modules/comment/views/admin_comments.html.php
index 16816636..79bdb1f3 100644
--- a/modules/comment/views/admin_comments.html.php
+++ b/modules/comment/views/admin_comments.html.php
@@ -108,12 +108,12 @@
         <a href="#">
           <img src="<?= $comment->author()->avatar_url(40, $theme->url("images/avatar.jpg", true)) ?>"
                class="gAvatar"
-               alt="<?= $comment->author_name() ?>"
+               alt="<?= p::clean($comment->author_name()) ?>"
                width="40"
                height="40" />
         </a>
-        <p><a href="mailto:<?= $comment->author_email() ?>"
-           title="<?= $comment->author_email() ?>"> <?= $comment->author_name() ?> </a></p>
+        <p><a href="mailto:<?= p::clean($comment->author_email()) ?>"
+              title="<?= p::clean($comment->author_email()) ?>"> <?= p::clean($comment->author_name()) ?> </a></p>
       </td>
       <td>
         <div class="right">
@@ -122,7 +122,7 @@
             <a href="<?= $item->url() ?>">
               <? if ($item->has_thumb()): ?>
               <img src="<?= $item->thumb_url() ?>"
-                 alt="<?= $item->title ?>"
+                 alt="<?= p::clean($item->title) ?>"
                  <?= photo::img_dimensions($item->thumb_width, $item->thumb_height, 75) ?>
               />
               <? else: ?>
@@ -132,7 +132,7 @@
           </div>
         </div>
         <p><?= date("Y-M-d", $comment->created); ?></p>
-        <?= $comment->text ?>
+        <?= p::clean($comment->text) ?>
       </td>
       <td>
         <ul class="gButtonSetVertical">
diff --git a/modules/comment/views/comment.html.php b/modules/comment/views/comment.html.php
index 1a674142..0337173b 100644
--- a/modules/comment/views/comment.html.php
+++ b/modules/comment/views/comment.html.php
@@ -4,14 +4,14 @@
     <a href="#">
       <img src="<?= $comment->author()->avatar_url(40, $theme->url("images/avatar.jpg", true)) ?>"
            class="gAvatar"
-           alt="<?= $comment->author_name() ?>"
+           alt="<?= p::clean($comment->author_name()) ?>"
            width="40"
            height="40" />
     </a>
     <?= t("on ") . date("Y-M-d H:i:s", $comment->created) ?>
-    <a href="#"><?= $comment->author_name() ?></a> <?= t("said") ?>
+    <a href="#"><?= p::clean($comment->author_name()) ?></a> <?= t("said") ?>
   </p>
   <div>
-    <?= $comment->text ?>
+    <?= p::clean($comment->text) ?>
   </div>
 </li>
diff --git a/modules/comment/views/comments.html.php b/modules/comment/views/comments.html.php
index 25928ab5..95f07baf 100644
--- a/modules/comment/views/comments.html.php
+++ b/modules/comment/views/comments.html.php
@@ -12,16 +12,16 @@
       <a href="#">
         <img src="<?= $comment->author()->avatar_url(40, $theme->url("images/avatar.jpg", true)) ?>"
              class="gAvatar"
-             alt="<?= $comment->author_name() ?>"
+             alt="<?= p::clean($comment->author_name()) ?>"
              width="40"
              height="40" />
       </a>
       <?= t("on %date <a href=#>%name</a> said",
             array("date" => date("Y-M-d H:i:s", $comment->created),
-                  "name" => $comment->author_name())); ?>
+                  "name" => p::clean($comment->author_name()))); ?>
     </p>
     <div>
-      <?= $comment->text ?>
+      <?= p::clean($comment->text) ?>
     </div>
   </li>
   <? endforeach ?>
diff --git a/modules/exif/views/exif_dialog.html.php b/modules/exif/views/exif_dialog.html.php
index d7985a30..6494b2b0 100644
--- a/modules/exif/views/exif_dialog.html.php
+++ b/modules/exif/views/exif_dialog.html.php
@@ -14,14 +14,14 @@
          <?= $details[$i]["caption"] ?>
          </td>
          <td class="gOdd">
-         <?= $details[$i]["value"] ?>
+         <?= p::clean($details[$i]["value"]) ?>
          </td>
          <? if (!empty($details[++$i])): ?>
            <td class="gEven">
            <?= $details[$i]["caption"] ?>
            </td>
            <td class="gOdd">
-           <?= $details[$i]["value"] ?>
+           <?= p::clean($details[$i]["value"]) ?>
            </td>
          <? else: ?>
            <td class="gEven"></td><td class="gOdd"></td>
diff --git a/modules/gallery/views/admin_advanced_settings.html.php b/modules/gallery/views/admin_advanced_settings.html.php
index 9f90d671..77aff050 100644
--- a/modules/gallery/views/admin_advanced_settings.html.php
+++ b/modules/gallery/views/admin_advanced_settings.html.php
@@ -20,12 +20,12 @@
     <? if ($var->module_name == "gallery" && $var->name == "_cache") continue ?>
     <tr class="setting">
       <td> <?= $var->module_name ?> </td>
-      <td> <?= $var->name ?> </td>
+      <td> <?= p::clean($var->name) ?> </td>
       <td>
-        <a href="<?= url::site("admin/advanced_settings/edit/$var->module_name/$var->name") ?>"
+        <a href="<?= url::site("admin/advanced_settings/edit/$var->module_name/" . p::clean($var->name)) ?>"
           class="gDialogLink"
-          title="<?= t("Edit %var (%module_name)", array("var" => $var->name, "module_name" => $var->module_name)) ?>">
-          <?= $var->value ?>
+          title="<?= t("Edit %var (%module_name)", array("var" => p::clean($var->name), "module_name" => $var->module_name)) ?>">
+          <?= p::clean($var->value) ?>
       </a>
       </td>
     </tr>
diff --git a/modules/gallery/views/admin_block_log_entries.html.php b/modules/gallery/views/admin_block_log_entries.html.php
index db6313e1..5d8f3084 100644
--- a/modules/gallery/views/admin_block_log_entries.html.php
+++ b/modules/gallery/views/admin_block_log_entries.html.php
@@ -2,7 +2,7 @@
 <ul>
   <? foreach ($entries as $entry): ?>
   <li class="<?= log::severity_class($entry->severity) ?>">
-    <a href="<?= url::site("user/$entry->user_id") ?>"><?= $entry->user->name ?></a>
+    <a href="<?= url::site("user/$entry->user_id") ?>"><?= p::clean($entry->user->name) ?></a>
     <?= date("Y-M-d H:i:s", $entry->timestamp) ?>
     <?= $entry->message ?>
     <?= $entry->html ?>
diff --git a/modules/gallery/views/admin_block_photo_stream.html.php b/modules/gallery/views/admin_block_photo_stream.html.php
index e8a4d933..1e1329d1 100644
--- a/modules/gallery/views/admin_block_photo_stream.html.php
+++ b/modules/gallery/views/admin_block_photo_stream.html.php
@@ -2,9 +2,9 @@
 <ul>
 <? foreach ($photos as $photo): ?>
   <li class="gItem gPhoto">
-    <a href="<?= url::site("photos/$photo->id") ?>" title="<?= $photo->title ?>">
+    <a href="<?= url::site("photos/$photo->id") ?>" title="<?= p::clean($photo->title) ?>">
       <img <?= photo::img_dimensions($photo->width, $photo->height, 72) ?>
-        src="<?= $photo->thumb_url() ?>" alt="<?= $photo->title ?>" />
+        src="<?= $photo->thumb_url() ?>" alt="<?= p::clean($photo->title) ?>" />
     </a>
   </li>
 <? endforeach ?>
diff --git a/modules/gallery/views/admin_maintenance.html.php b/modules/gallery/views/admin_maintenance.html.php
index bc060a7b..66c4eea0 100644
--- a/modules/gallery/views/admin_maintenance.html.php
+++ b/modules/gallery/views/admin_maintenance.html.php
@@ -90,7 +90,7 @@
           <?= $task->status ?>
         </td>
         <td>
-          <?= $task->owner()->name ?>
+          <?= p::clean($task->owner()->name) ?>
         </td>
         <td>
           <? if ($task->state == "stalled"): ?>
diff --git a/modules/gallery/views/after_install.html.php b/modules/gallery/views/after_install.html.php
index aa26858a..d6ba8e7c 100644
--- a/modules/gallery/views/after_install.html.php
+++ b/modules/gallery/views/after_install.html.php
@@ -8,7 +8,7 @@
 </p>
 
 <p>
-  <?= t("You're logged in to the <b>%user_name</b> account.  The very first thing you should do is to change your password to something that you'll remember.", array("user_name" => $user->name)) ?>
+  <?= t("You're logged in to the <b>%user_name</b> account.  The very first thing you should do is to change your password to something that you'll remember.", array("user_name" => p::clean($user->name))) ?>
 </p>
 
 <p>
diff --git a/modules/gallery/views/move_tree.html.php b/modules/gallery/views/move_tree.html.php
index a3a4bc8f..91a2f9da 100644
--- a/modules/gallery/views/move_tree.html.php
+++ b/modules/gallery/views/move_tree.html.php
@@ -1,18 +1,18 @@
 <?php defined("SYSPATH") or die("No direct script access.") ?>
 <?= $parent->thumb_tag(array(), 25); ?>
 <? if (!access::can("edit", $parent) || $source->is_descendant($parent)): ?>
-<a href="javascript:load_tree('<?= $parent->id ?>',1)"> <?= $parent->title ?> <?= t("(locked)") ?> </a>
+<a href="javascript:load_tree('<?= $parent->id ?>',1)"> <?= p::clean($parent->title) ?> <?= t("(locked)") ?> </a>
 <? else: ?>
-<a href="javascript:load_tree('<?= $parent->id ?>',0)"> <?= $parent->title ?></a>
+<a href="javascript:load_tree('<?= $parent->id ?>',0)"> <?= p::clean($parent->title) ?></a>
 <? endif ?>
 <ul id="tree_<?= $parent->id ?>">
   <? foreach ($children as $child): ?>
   <li id="node_<?= $child->id ?>" class="node">
     <?= $child->thumb_tag(array(), 25); ?>
     <? if (!access::can("edit", $child) || $source->is_descendant($child)): ?>
-    <a href="javascript:load_tree('<?= $child->id ?>',1)"> <?= $child->title ?> <?= t("(locked)") ?></a>
+    <a href="javascript:load_tree('<?= $child->id ?>',1)"> <?= p::clean($child->title) ?> <?= t("(locked)") ?></a>
     <? else: ?>
-    <a href="javascript:load_tree('<?= $child->id ?>',0)"> <?= $child->title ?> </a>
+    <a href="javascript:load_tree('<?= $child->id ?>',0)"> <?= p::clean($child->title) ?> </a>
     <? endif ?>
   </li>
   <? endforeach ?>
diff --git a/modules/gallery/views/permissions_browse.html.php b/modules/gallery/views/permissions_browse.html.php
index 749bee4f..5cd9cf82 100644
--- a/modules/gallery/views/permissions_browse.html.php
+++ b/modules/gallery/views/permissions_browse.html.php
@@ -35,14 +35,14 @@
     <? foreach ($parents as $parent): ?>
     <li>
       <a href="javascript:show(<?= $parent->id ?>)">
-        <?= $parent->title ?>
+        <?= p::clean($parent->title) ?>
       </a>
       <div class="form" id="edit-<?= $parent->id ?>"></div>
       <ul>
         <? endforeach ?>
         <li>
           <a href="javascript:show(<?= $item->id ?>)">
-            <?= $item->title ?>
+            <?= p::clean($item->title) ?>
           </a>
           <div class="form" id="edit-<?= $item->id ?>">
             <?= $form ?>
diff --git a/modules/gallery/views/permissions_form.html.php b/modules/gallery/views/permissions_form.html.php
index 94103705..adf2bd94 100644
--- a/modules/gallery/views/permissions_form.html.php
+++ b/modules/gallery/views/permissions_form.html.php
@@ -6,7 +6,7 @@
     <tr>
       <th> </th>
       <? foreach ($groups as $group): ?>
-      <th> <?= $group->name ?> </th>
+      <th> <?= p::clean($group->name) ?> </th>
       <? endforeach ?>
     </tr>
 
diff --git a/modules/gallery/views/simple_uploader.html.php b/modules/gallery/views/simple_uploader.html.php
index b6725c31..abda6d26 100644
--- a/modules/gallery/views/simple_uploader.html.php
+++ b/modules/gallery/views/simple_uploader.html.php
@@ -5,7 +5,7 @@
 <!-- hack to set the title for the dialog -->
 <form id="gAddPhotosForm" action="<?= url::site("simple_uploader/finish") ?>">
   <fieldset>
-    <legend> <?= t("Add photos to %album_title", array("album_title" => $item->title)) ?> </legend>
+    <legend> <?= t("Add photos to %album_title", array("album_title" => p::clean($item->title))) ?> </legend>
   </fieldset>
 </form>
 
@@ -25,9 +25,9 @@
   </p>
   <ul class="gBreadcrumbs">
     <? foreach ($item->parents() as $parent): ?>
-    <li> <?= $parent->title ?> </li>
+    <li> <?= p::clean($parent->title) ?> </li>
     <? endforeach ?>
-    <li class="active"> <?= $item->title ?> </li>
+    <li class="active"> <?= p::clean($item->title) ?> </li>
   </ul>
 
   <p><?= t("Upload Queue") ?></p>
diff --git a/modules/info/views/info_block.html.php b/modules/info/views/info_block.html.php
index 880d5d3e..db664894 100644
--- a/modules/info/views/info_block.html.php
+++ b/modules/info/views/info_block.html.php
@@ -3,18 +3,18 @@
   <tbody>
     <tr>
       <th><?= t("Title:") ?></th>
-      <td><?= $item->title; ?></td>
+      <td><?= p::clean($item->title) ?></td>
     </tr>
     <? if ($item->description): ?>
     <tr>
       <th><?= t("Description:") ?></th>
-      <td><?= $item->description; ?></td>
+      <td><?= p::clean($item->description) ?></td>
     </tr>
     <? endif ?>
     <? if ($item->id != 1): ?>
     <tr>
       <th><?= t("Name:") ?></th>
-      <td><?= $item->name; ?></td>
+      <td><?= p::clean($item->name) ?></td>
     </tr>
     <? endif ?>
     <? if ($item->captured): ?>
@@ -26,7 +26,7 @@
     <? if ($item->owner): ?>
     <tr>
       <th><?= t("Owner:") ?></th>
-      <td><a href="#"><?= $item->owner->name ?></a></td>
+      <td><a href="#"><?= p::clean($item->owner->name) ?></a></td>
     </tr>
     <? endif ?>
   </tbody>
diff --git a/modules/notification/views/comment_published.html.php b/modules/notification/views/comment_published.html.php
index 23588c72..ff2ba0bc 100644
--- a/modules/notification/views/comment_published.html.php
+++ b/modules/notification/views/comment_published.html.php
@@ -1,30 +1,34 @@
 <?php defined("SYSPATH") or die("No direct script access.") ?>
 <html>
   <head>
-    <title><?= $subject ?> </title>
+    <title><?= p::clean($subject) ?> </title>
   </head>
   <body>
-    <h2><?= $subject ?></h2>
+    <h2><?= p::clean($subject) ?></h2>
     <table>
       <tr>
         <td><?= t("Comment:") ?></td>
-        <td><?= $comment->text ?></td>
+        <td><?= p::clean($comment->text) ?></td>
       </tr>
       <tr>
         <td><?= t("Author Name:") ?></td>
-        <td><?= $comment->author_name() ?></td>
+        <td><?= p::clean($comment->author_name()) ?></td>
       </tr>
       <tr>
         <td><?= t("Author Email:") ?></td>
-        <td><?= $comment->author_email() ?></td>
+        <td><?= p::clean($comment->author_email()) ?></td>
       </tr>
       <tr>
         <td><?= t("Author URL:") ?></td>
-        <td><?= $comment->author_url() ?></td>
+        <td><?= p::clean($comment->author_url()) ?></td>
       </tr>
       <tr>
         <td><?= t("Url:") ?></td>
-        <td><a href="<?= $comment->item()->url(array(), true) ?>#comments"><?= $comment->item()->url(array(), true) ?>#comments</a></td>
+        <td>
+          <a href="<?= $comment->item()->url(array(), true) ?>#comments">
+            <?= $comment->item()->url(array(), true) ?>#comments
+          </a>
+        </td>
       </tr>
     </table>
   </body>
diff --git a/modules/notification/views/item_added.html.php b/modules/notification/views/item_added.html.php
index b67b9f38..32857c08 100644
--- a/modules/notification/views/item_added.html.php
+++ b/modules/notification/views/item_added.html.php
@@ -1,23 +1,27 @@
 <?php defined("SYSPATH") or die("No direct script access.") ?>
 <html>
   <head>
-    <title><?= $subject ?> </title>
+    <title><?= p::clean($subject) ?> </title>
   </head>
   <body>
-    <h2><?= $subject ?></h2>
+    <h2><?= p::clean($subject) ?></h2>
     <table>
       <tr>
         <td><?= t("Title:") ?></td>
-        <td><?= $item->title ?></td>
+        <td><?= p::clean($item->title) ?></td>
       </tr>
       <tr>
         <td><?= t("Url:") ?></td>
-        <td><a href="<?= $item->url(array(), true) ?>"><?= $item->url(array(), true) ?></a></td>
+        <td>
+          <a href="<?= $item->url(array(), true) ?>">
+            <?= $item->url(array(), true) ?>
+          </a>
+        </td>
       </tr>
       <? if ($item->description): ?>
       <tr>
         <td><?= t("Description:") ?></td>
-        <td><?= $item->description ?></td>
+        <td><?= p::clean($item->description) ?></td>
       </tr>
       <? endif ?>
     </table>
diff --git a/modules/search/views/search.html.php b/modules/search/views/search.html.php
index fb1fd8a9..de4343ae 100644
--- a/modules/search/views/search.html.php
+++ b/modules/search/views/search.html.php
@@ -8,7 +8,7 @@
     <ul>
       <li>
         <label for="q"><?= t("Search the gallery") ?></label>
-        <input name="q" id="q" type="text" value="<?= $q ?>"/>
+        <input name="q" id="q" type="text" value="<?= p::clean($q) ?>"/>
       </li>
       <li>
         <input type="submit" value="<?= t("Search") ?>" />
@@ -31,10 +31,10 @@
       <a href="<?= url::site("items/$item->id") ?>">
         <?= $item->thumb_tag() ?>
         <p>
-          <?= $item->title ?>
+          <?= p::clean($item->title) ?>
         </p>
         <div>
-          <?= $item->description ?>
+          <?= p::clean($item->description) ?>
         </div>
       </a>
     </li>
@@ -43,7 +43,9 @@
   <?= $theme->pager() ?>
 
   <? else: ?>
-  <p><?= t("No results found for '") . $q . "'" ?></p>
+  <p>
+    <?= t("No results found for <b>%term</b>", array("term" => p::clean($q))) ?>
+  </p>
 
   <? endif; ?>
 </div>
-- 
cgit v1.2.3


From a049de28ace48a3970371caf24d7c389d8d93cd7 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 00:13:28 -0700
Subject: Update the clean/dirty format, check all ffiles instead of just one
 (which was for debugging)

---
 modules/gallery/tests/Xss_Security_Test.php | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/modules/gallery/tests/Xss_Security_Test.php b/modules/gallery/tests/Xss_Security_Test.php
index 22c4a767..8bee8c42 100644
--- a/modules/gallery/tests/Xss_Security_Test.php
+++ b/modules/gallery/tests/Xss_Security_Test.php
@@ -50,8 +50,7 @@ class Xss_Security_Test extends Unit_Test_Case {
   }
 
   public function find_unescaped_variables_in_views_test() {
-    // foreach (glob("*/*/views/*.php") as $view) {
-    foreach (array("modules/search/views/search.html.php") as $view) {
+    foreach (glob("*/*/views/*.php") as $view) {
       $expr = null;
       $line = null;
       $level = 0;
@@ -125,8 +124,8 @@ class Xss_Security_Test extends Unit_Test_Case {
     foreach ($found as $view => $entries) {
       foreach ($entries as $entry) {
         fwrite($fd,
-               sprintf("%-60s %-3s %-9s %s\n",
-                       $view, $entry[0], $entry[1] ? "CLEAN" : "NOT_CLEAN", $entry[2]));
+               sprintf("%-60s %-3s %-5s %s\n",
+                       $view, $entry[0], $entry[1] ? "CLEAN" : "DIRTY", $entry[2]));
       }
     }
     fclose($fd);
-- 
cgit v1.2.3


From 9369ccab7fb3413d63e218cec81b4cf43442fd98 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 01:02:51 -0700
Subject: Run all variables that come from user-entered data through p::clean()

---
 modules/notification/views/item_deleted.html.php   | 12 +++++++----
 modules/notification/views/item_updated.html.php   | 12 +++++------
 modules/organize/views/organize.html.php           |  2 +-
 modules/organize/views/organize_album.html.php     |  2 +-
 modules/rss/views/comment.mrss.php                 | 14 ++++++-------
 modules/rss/views/feed.mrss.php                    | 14 ++++++-------
 modules/server_add/views/server_add_tree.html.php  |  2 +-
 .../views/server_add_tree_dialog.html.php          |  6 +++---
 modules/tag/views/admin_tags.html.php              |  2 +-
 modules/tag/views/tag_cloud.html.php               |  2 +-
 modules/user/views/admin_users.html.php            |  8 ++++----
 modules/user/views/admin_users_group.html.php      | 12 +++++++----
 modules/user/views/login.html.php                  |  2 +-
 modules/user/views/reset_password.html.php         | 23 +++++++++++-----------
 14 files changed, 61 insertions(+), 52 deletions(-)

diff --git a/modules/notification/views/item_deleted.html.php b/modules/notification/views/item_deleted.html.php
index ac9ab594..2d6d5738 100644
--- a/modules/notification/views/item_deleted.html.php
+++ b/modules/notification/views/item_deleted.html.php
@@ -1,20 +1,24 @@
 <?php defined("SYSPATH") or die("No direct script access.") ?>
 <html>
   <head>
-    <title><?= $subject ?> </title>
+    <title><?= p::clean($subject) ?> </title>
   </head>
   <body>
-    <h2><?= $subject ?></h2>
+    <h2><?= p::clean($subject) ?></h2>
     <table>
       <tr>
         <td colspan="2">
           <?= t("To view the changed album %title use the link below.",
-              array("title" => $item->parent()->title)) ?>
+              array("title" => p::clean($item->parent()->title))) ?>
         </td>
       </tr>
       <tr>
         <td><?= t("Url:") ?></td>
-        <td><a href="<?= $item->parent()->url(array(), true) ?>"><?= $item->parent()->url(array(), true) ?></a></td>
+        <td>
+          <a href="<?= $item->parent()->url(array(), true) ?>">
+            <?= $item->parent()->url(array(), true) ?>
+          </a>
+        </td>
       </tr>
     </table>
   </body>
diff --git a/modules/notification/views/item_updated.html.php b/modules/notification/views/item_updated.html.php
index cba522e8..0620c50c 100644
--- a/modules/notification/views/item_updated.html.php
+++ b/modules/notification/views/item_updated.html.php
@@ -1,18 +1,18 @@
 <?php defined("SYSPATH") or die("No direct script access.") ?>
 <html>
   <head>
-    <title><?= $subject ?> </title>
+    <title><?= p::clean($subject) ?> </title>
   </head>
   <body>
-    <h2> <?= $subject ?> </h2>
+    <h2> <?= p::clean($subject) ?> </h2>
     <table>
       <tr>
         <? if ($old->title != $new->title): ?>
         <td><?= t("New Title:") ?></td>
-        <td><?= $new->title ?></td>
+        <td><?= p::clean($new->title) ?></td>
         <? else: ?>
         <td><?= t("Title:") ?></td>
-        <td><?= $new->title ?></td>
+        <td><?= p::clean($new->title) ?></td>
         <? endif ?>
       </tr>
       <tr>
@@ -22,12 +22,12 @@
       <? if ($old->description != $new->description): ?>
       <tr>
         <td><?= t("New Description:") ?></td>
-        <td><?= $new->description ?></td>
+        <td><?= p::clean($new->description) ?></td>
       </tr>
       <? elseif (!empty($new->description)): ?>
       <tr>
         <td><?= t("Description:") ?></td>
-        <td><?= $new->description ?></td>
+        <td><?= p::clean($new->description) ?></td>
       </tr>
       <? endif ?>
     </table>
diff --git a/modules/organize/views/organize.html.php b/modules/organize/views/organize.html.php
index 2f2c3a62..6e5bfcea 100644
--- a/modules/organize/views/organize.html.php
+++ b/modules/organize/views/organize.html.php
@@ -16,7 +16,7 @@ var CONFIRM_DELETE = "<?= t("Do you really want to delete the selected albums an
   });
 </script>
 <fieldset style="display: none">
-  <legend><?= t("Organize %name", array("name" => $item->title)) ?></legend>
+  <legend><?= t("Organize %name", array("name" => p::clean($item->title))) ?></legend>
 </fieldset>
 <div id="doc3" class="yui-t7">
   <div id="bd">
diff --git a/modules/organize/views/organize_album.html.php b/modules/organize/views/organize_album.html.php
index 9c4d042a..ae2d5d51 100644
--- a/modules/organize/views/organize_album.html.php
+++ b/modules/organize/views/organize_album.html.php
@@ -7,7 +7,7 @@
 
     <div id="gOrganizeBranch-<?= $album->id ?>" ref="<?= $album->id ?>"
           class="<?= $selected ? "gBranchSelected" : "" ?> gBranchText">
-      <?= $album->title ?>
+      <?= p::clean($album->title) ?>
     </div>
     <div id="gOrganizeChildren-<?= $album->id ?>"
           class="<?= $album_icon == "ui-icon-plus" ? "gBranchCollapsed" : "" ?>">
diff --git a/modules/rss/views/comment.mrss.php b/modules/rss/views/comment.mrss.php
index 8b7e4f70..d2177026 100644
--- a/modules/rss/views/comment.mrss.php
+++ b/modules/rss/views/comment.mrss.php
@@ -6,9 +6,9 @@
    xmlns:fh="http://purl.org/syndication/history/1.0">
   <channel>
     <generator>gallery3</generator>
-    <title><?= $title ?></title>
+    <title><?= p::clean($title) ?></title>
     <link><?= $link ?></link>
-    <description><?= htmlspecialchars($description) ?></description>
+    <description><?= p::clean($description) ?></description>
     <language>en-us</language>
     <atom:link rel="self" href="<?= $feed_link ?>" type="application/rss+xml" />
     <fh:complete/>
@@ -22,17 +22,17 @@
     <lastBuildDate><?= $pub_date ?></lastBuildDate>
     <? foreach ($children as $child): ?>
     <item>
-      <title><?= $child["title"]?></title>
-      <link><?= $child["item_link"] ?></link>
-      <author><?= $child["author"] ?></author>
+      <title><?= p::clean($child["title"]) ?></title>
+      <link><?= p::clean($child["item_link"]) ?></link>
+      <author><?= p::clean($child["author"]) ?></author>
       <guid isPermaLink="true"><?= $child["item_link"] ?></guid>
       <pubDate><?= $child["pub_date"] ?></pubDate>
       <content:encoded>
         <![CDATA[
-          <p><?= $child["text"] ?></p>
+          <p><?= p::clean($child["text"]) ?></p>
           <p>
             <img alt="" src="<?= $child["thumb_url"] ?>"
-                        height="<?= $child["thumb_height"] ?>" width="<?= $child["thumb_width"] ?>" />
+                 height="<?= $child["thumb_height"] ?>" width="<?= $child["thumb_width"] ?>" />
             <br />
           </p>
         ]]>
diff --git a/modules/rss/views/feed.mrss.php b/modules/rss/views/feed.mrss.php
index c581e5e0..0beebbcf 100644
--- a/modules/rss/views/feed.mrss.php
+++ b/modules/rss/views/feed.mrss.php
@@ -6,9 +6,9 @@
    xmlns:fh="http://purl.org/syndication/history/1.0">
   <channel>
     <generator>gallery3</generator>
-    <title><?= htmlspecialchars($title) ?></title>
+    <title><?= p::clean($title) ?></title>
     <link><?= $link ?></link>
-    <description><?= htmlspecialchars($description) ?></description>
+    <description><?= p::clean($description) ?></description>
     <language>en-us</language>
     <atom:link rel="self" href="<?= $feed_link ?>" type="application/rss+xml" />
     <fh:complete/>
@@ -22,25 +22,25 @@
     <lastBuildDate><?= $pub_date ?></lastBuildDate>
     <? foreach ($children as $child): ?>
     <item>
-      <title><?= htmlspecialchars($child->title) ?></title>
+      <title><?= p::clean($child->title) ?></title>
       <link><?= url::abs_site("{$child->type}s/{$child->id}") ?></link>
       <guid isPermaLink="true"><?= url::abs_site("{$child->type}s/{$child->id}") ?></guid>
       <pubDate><?= date("D, d M Y H:i:s T", $child->created); ?></pubDate>
       <content:encoded>
         <![CDATA[
-          <span><?= $child->description ?></span>
+          <span><?= p::clean($child->description) ?></span>
           <p>
           <? if ($child->type == "photo" || $child->type == "album"): ?>
             <img alt="" src="<?= $child->resize_url(true) ?>"
-                 title="<?= htmlspecialchars($child->title) ?>"
+                 title="<?= p::clean($child->title) ?>"
                  height="<?= $child->resize_height ?>" width="<?= $child->resize_width ?>" /><br />
           <? else: ?>
             <a href="<?= url::abs_site("{$child->type}s/{$child->id}") ?>">
             <img alt="" src="<?= $child->thumb_url(true) ?>"
-                 title="<?= htmlspecialchars($child->title) ?>"
+                 title="<?= p::clean($child->title) ?>"
                  height="<?= $child->thumb_height ?>" width="<?= $child->thumb_width ?>" /></a><br />
           <? endif ?>
-            <?= $child->description ?>
+            <?= p::clean($child->description) ?>
           </p>
         ]]>
       </content:encoded>
diff --git a/modules/server_add/views/server_add_tree.html.php b/modules/server_add/views/server_add_tree.html.php
index 69ff09a6..b7b494e4 100644
--- a/modules/server_add/views/server_add_tree.html.php
+++ b/modules/server_add/views/server_add_tree.html.php
@@ -16,7 +16,7 @@ $("#<?= $tree_id ?>").ready(function() {
     <? if (!empty($file_info["is_dir"])): ?>
     <span class="ui-icon ui-icon-plus"></span>
     <? endif ?>
-    <label> <?= form::checkbox("checkbox[]", $file_info["path"]) . " $file" ?> </label>
+    <label> <?= form::checkbox("checkbox[]", p::clean($file_info["path"])) . " " . p::clean($file) ?> </label>
   </li>
   <? endforeach ?>
 </ul>
diff --git a/modules/server_add/views/server_add_tree_dialog.html.php b/modules/server_add/views/server_add_tree_dialog.html.php
index c8eb6a1c..f600ce60 100644
--- a/modules/server_add/views/server_add_tree_dialog.html.php
+++ b/modules/server_add/views/server_add_tree_dialog.html.php
@@ -5,14 +5,14 @@
 </script>
 <?= html::script("modules/server_add/js/server_add.js"); ?>
 <div id="gServerAdd">
-  <h1 style="display: none;"><?= sprintf(t("Add Photos to '%s'"), $album_title) ?></h1>
+  <h1 style="display: none;"><?= t("Add Photos to '%title'", array("title" => p::clean($album_title))) ?></h1>
 
   <p id="gDescription"><?= t("Photos will be added to album:") ?></p>
   <ul class="gBreadcrumbs">
     <? foreach ($parents as $parent): ?>
-    <li><?= $parent->title ?></li>
+    <li><?= p::clean($parent->title) ?></li>
     <? endforeach ?>
-    <li class="active"><?= $album_title ?></li>
+    <li class="active"><?= p::clean($album_title) ?></li>
   </ul>
 
   <?= form::open($action, array("method" => "post")) ?>
diff --git a/modules/tag/views/admin_tags.html.php b/modules/tag/views/admin_tags.html.php
index 133b452f..62e3a2a1 100644
--- a/modules/tag/views/admin_tags.html.php
+++ b/modules/tag/views/admin_tags.html.php
@@ -48,7 +48,7 @@
           <? endif ?>
 
           <li>
-            <span id="gTag-<?= $tag->id ?>" class="gEditable tag-name"><?= $tag->name ?></span>
+            <span id="gTag-<?= $tag->id ?>" class="gEditable tag-name"><?= p::clean($tag->name) ?></span>
             <span class="understate">(<?= $tag->count ?>)</span>
             <a href="<?= url::site("admin/tags/form_delete/$tag->id") ?>"
                class="gDialogLink delete-link gButtonLink">
diff --git a/modules/tag/views/tag_cloud.html.php b/modules/tag/views/tag_cloud.html.php
index 9deedb20..eba615fc 100644
--- a/modules/tag/views/tag_cloud.html.php
+++ b/modules/tag/views/tag_cloud.html.php
@@ -3,7 +3,7 @@
   <? foreach ($tags as $tag): ?>
   <li class="size<?=(int)(($tag->count / $max_count) * 7) ?>">
     <span><?= $tag->count ?> photos are tagged with </span>
-    <a href="<?=url::site("tags/$tag->id") ?>"><?= $tag->name ?></a>
+    <a href="<?= url::site("tags/$tag->id") ?>"><?= p::clean($tag->name) ?></a>
   </li>
   <? endforeach ?>
 </ul>
diff --git a/modules/user/views/admin_users.html.php b/modules/user/views/admin_users.html.php
index bec74d28..859f3c8e 100644
--- a/modules/user/views/admin_users.html.php
+++ b/modules/user/views/admin_users.html.php
@@ -68,16 +68,16 @@
         <td id="user-<?= $user->id ?>" class="core-info gDraggable">
           <img src="<?= $user->avatar_url(20, $theme->url("images/avatar.jpg", true)) ?>"
                title="<?= t("Drag user onto group below to add as a new member") ?>"
-               alt="<?= $user->name ?>"
+               alt="<?= p::clean($user->name) ?>"
                width="20"
                height="20" />
-          <?= $user->name ?>
+          <?= p::clean($user->name) ?>
         </td>
         <td>
-          <?= $user->full_name ?>
+          <?= p::clean($user->full_name) ?>
         </td>
         <td>
-          <?= $user->email ?>
+          <?= p::clean($user->email) ?>
         </td>
         <td>
           <?= ($user->last_login == 0) ? "" : date("j-M-y", $user->last_login) ?>
diff --git a/modules/user/views/admin_users_group.html.php b/modules/user/views/admin_users_group.html.php
index a25e687a..820b3031 100644
--- a/modules/user/views/admin_users_group.html.php
+++ b/modules/user/views/admin_users_group.html.php
@@ -1,8 +1,8 @@
 <?php defined("SYSPATH") or die("No direct script access.") ?>
-<strong><?= $group->name ?></strong>
+<strong><?= p::clean($group->name) ?></strong>
 <? if (!$group->special): ?>
 <a href="<?= url::site("admin/users/delete_group_form/$group->id") ?>"
-  title="<?= t("Delete " . $group->name) ?>"
+  title="<?= t("Delete %name", array("name" => p::clean($group->name))) ?>"
   class="gDialogLink gButtonLink ui-state-default ui-corner-all">
   <span class="ui-icon ui-icon-trash"><?= t("delete") ?></span></a>
 <? else: ?>
@@ -13,11 +13,15 @@
 <ul>
   <? foreach ($group->users as $i => $user): ?>
   <li class="gUser">
-    <?= $user->name ?>
+    <?= p::clean($user->name) ?>
     <? if (!$group->special): ?>
     <a href="javascript:remove_user(<?= $user->id ?>, <?= $group->id ?>)"
        class="gButtonLink ui-state-default ui-corner-all ui-icon-left">
-      <span class="ui-icon ui-icon-closethick">Remove <?= $user->name ?> from <?= $group->name ?></span></a>
+      <span class="ui-icon ui-icon-closethick">
+        <?= t("Remove %user from %group",
+              array("user" => p::clean($user->name), "group" => p::clean($group->name))) ?>
+      </span>
+    </a>
     <? endif ?>
   </li>
   <? endforeach ?>
diff --git a/modules/user/views/login.html.php b/modules/user/views/login.html.php
index d9a558b5..cce2fb54 100644
--- a/modules/user/views/login.html.php
+++ b/modules/user/views/login.html.php
@@ -11,7 +11,7 @@
                 '<a href="' . url::site("form/edit/users/{$user->id}") .
                 '" title="' . t("Edit Your Profile") .
                 '" id="gUserProfileLink" class="gDialogLink">' .
-                (empty($user->full_name) ? $user->name : $user->full_name) . '</a>')) ?></li>
+                p::clean(empty($user->full_name) ? $user->name : $user->full_name) . '</a>')) ?></li>
   <li><a href="<?= url::site("logout?continue=" . url::current(true)) ?>"
       id="gLogoutLink"><?= t("Logout") ?></a></li>
   <? endif; ?>
diff --git a/modules/user/views/reset_password.html.php b/modules/user/views/reset_password.html.php
index 39845d61..4c4672ee 100644
--- a/modules/user/views/reset_password.html.php
+++ b/modules/user/views/reset_password.html.php
@@ -1,14 +1,15 @@
 <?php defined("SYSPATH") or die("No direct script access.") ?>
 <html>
-<head>
-  <title><?= $title ?> </title>
-</head>
-<body>
-  <h2><?= t("Password Reset Request") ?> </h2>
-  <p>
-    <?= sprintf(t("A request to reset your password (user: %s) at %s."), $name, url::base(false, "http")) ?>
-    <?= sprintf(t("To confirm this request please click on the link below")) ?><br />
-    <a href="<?= $url ?>"><?= t("Reset Password") ?></a>
-  </p>
-</body>
+  <head>
+    <title><?= t("Password Reset Request") ?> </title>
+  </head>
+  <body>
+    <h2><?= t("Password Reset Request") ?> </h2>
+    <p>
+      <?= t("Hello, %name,", array("name" => p::clean($user->full_name ? $user->full_name : $user->name))) ?>
+    </p>
+    <p>
+      <?= t("We received a request to reset your password for <a href=\"%site_url\">%site_url</a>.  If you made this request, you can confirm it by <a href=\"%confirm_url\">clicking this link</a>.  If you didn't request this password reset, it's ok to ignore this mail.", array("site_url" => url::base(false, "http"), "confirm_url" => $confirm_url)) ?>
+    </p>
+  </body>
 </html>
-- 
cgit v1.2.3


From 712fdb55458f5d89fb5e5e4f4f99b8e1c130ba60 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 01:03:24 -0700
Subject: Clean up view variables

---
 modules/user/controllers/password.php | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php
index 8604b7c4..c3e66634 100644
--- a/modules/user/controllers/password.php
+++ b/modules/user/controllers/password.php
@@ -57,9 +57,8 @@ class Password_Controller extends Controller {
       $user->hash = md5(rand());
       $user->save();
       $message = new View("reset_password.html");
-      $message->url = url::abs_site("password/do_reset?key=$user->hash");
-      $message->name = $user->full_name;
-      $message->title = t("Password Reset Request");
+      $message->confirm_url = url::abs_site("password/do_reset?key=$user->hash");
+      $message->user = $user;
 
       Sendmail::factory()
         ->to($user->email)
-- 
cgit v1.2.3


From 2e16c9557c8a1641b3dd5826492f826a1a96bfb0 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 01:06:51 -0700
Subject: Run all variables containing user-entered text through p::clean()

---
 themes/default/views/album.html.php   | 6 +++---
 themes/default/views/dynamic.html.php | 4 ++--
 themes/default/views/header.html.php  | 8 ++++++--
 themes/default/views/movie.html.php   | 4 ++--
 themes/default/views/page.html.php    | 2 +-
 themes/default/views/photo.html.php   | 4 ++--
 6 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/themes/default/views/album.html.php b/themes/default/views/album.html.php
index f4baa210..6e17696d 100644
--- a/themes/default/views/album.html.php
+++ b/themes/default/views/album.html.php
@@ -2,8 +2,8 @@
 <? // @todo Set hover on AlbumGrid list items for guest users ?>
 <div id="gInfo">
   <?= $theme->album_top() ?>
-  <h1><?= $item->title ?></h1>
-  <div class="gDescription"><?= $item->description ?></div>
+  <h1><?= p::clean($item->title) ?></h1>
+  <div class="gDescription"><?= p::clean($item->description) ?></div>
 </div>
 
 <ul id="gAlbumGrid">
@@ -18,7 +18,7 @@
       <?= $child->thumb_tag(array("class" => "gThumbnail")) ?>
     </a>
     <?= $theme->thumb_bottom($child) ?>
-    <h2><span></span><a href="<?= $child->url() ?>"><?= $child->title ?></a></h2>
+    <h2><span></span><a href="<?= $child->url() ?>"><?= p::clean($child->title) ?></a></h2>
     <ul class="gMetadata">
       <?= $theme->thumb_info($child) ?>
     </ul>
diff --git a/themes/default/views/dynamic.html.php b/themes/default/views/dynamic.html.php
index 8d2d2123..12b5192c 100644
--- a/themes/default/views/dynamic.html.php
+++ b/themes/default/views/dynamic.html.php
@@ -3,7 +3,7 @@
   <div id="gAlbumHeaderButtons">
     <?= $theme->dynamic_top() ?>
   </div>
-  <h1><?= $tag->name ?></h1>
+  <h1><?= p::clean($tag->name) ?></h1>
 </div>
 
 <ul id="gAlbumGrid">
@@ -16,7 +16,7 @@
            width="<?= $child->thumb_width ?>"
            height="<?= $child->thumb_height ?>" />
     </a>
-    <h2><?= $child->title ?></h2>
+    <h2><?= p::clean($child->title) ?></h2>
     <?= $theme->thumb_bottom($child) ?>
     <ul class="gMetadata">
       <?= $theme->thumb_info($child) ?>
diff --git a/themes/default/views/header.html.php b/themes/default/views/header.html.php
index 9d058e35..1e70b7ac 100644
--- a/themes/default/views/header.html.php
+++ b/themes/default/views/header.html.php
@@ -17,8 +17,12 @@
 <? if (!empty($parents)): ?>
 <ul class="gBreadcrumbs">
   <? foreach ($parents as $parent): ?>
-  <li><a href="<?= url::site("albums/{$parent->id}?show=$item->id") ?>"><?= $parent->title ?></a></li>
+  <li>
+    <a href="<?= url::site("albums/{$parent->id}?show=$item->id") ?>">
+      <?= p::clean($parent->title) ?>
+    </a>
+  </li>
   <? endforeach ?>
-  <li class="active"><?= $item->title ?></li>
+  <li class="active"><?= p::clean($item->title) ?></li>
 </ul>
 <? endif ?>
diff --git a/themes/default/views/movie.html.php b/themes/default/views/movie.html.php
index bde147ad..0cdf63fa 100644
--- a/themes/default/views/movie.html.php
+++ b/themes/default/views/movie.html.php
@@ -32,8 +32,8 @@
   </script>
 
   <div id="gInfo">
-    <h1><?= $item->title ?></h1>
-    <div><?= $item->description ?></div>
+    <h1><?= p::clean($item->title) ?></h1>
+    <div><?= p::clean($item->description) ?></div>
   </div>
 
   <?= $theme->photo_bottom() ?>
diff --git a/themes/default/views/page.html.php b/themes/default/views/page.html.php
index fc61f52d..b3ee88b0 100644
--- a/themes/default/views/page.html.php
+++ b/themes/default/views/page.html.php
@@ -8,7 +8,7 @@
       <? if (empty($page_title)): ?>
         <?= t("Browse Photos") ?>
         <? if (!empty($item)): ?>
-        :: <?= $item->title ?>
+        :: <?= p::clean($item->title) ?>
         <? endif ?>
       <? else: ?>
         <?= $page_title ?>
diff --git a/themes/default/views/photo.html.php b/themes/default/views/photo.html.php
index ab46a528..fab6f138 100644
--- a/themes/default/views/photo.html.php
+++ b/themes/default/views/photo.html.php
@@ -37,8 +37,8 @@
   </div>
 
   <div id="gInfo">
-    <h1><?= $item->title ?></h1>
-    <div><?= $item->description ?></div>
+    <h1><?= p::clean($item->title) ?></h1>
+    <div><?= p::clean($item->description) ?></div>
   </div>
 
   <?= $theme->photo_bottom() ?>
-- 
cgit v1.2.3


From af0031e02946a53062ce2c9dd209a50fb1a12e0c Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 01:10:52 -0700
Subject: Xss scanner golden file.  Up to date.

---
 modules/gallery/tests/xss_data.txt | 618 +++++++++++++++++++++++++++++++++++++
 1 file changed, 618 insertions(+)
 create mode 100644 modules/gallery/tests/xss_data.txt

diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt
new file mode 100644
index 00000000..68bf2302
--- /dev/null
+++ b/modules/gallery/tests/xss_data.txt
@@ -0,0 +1,618 @@
+modules/akismet/views/admin_akismet.html.php                 14  DIRTY $form
+modules/akismet/views/admin_akismet_stats.html.php           9   DIRTY $api_key
+modules/akismet/views/admin_akismet_stats.html.php           9   DIRTY $blog_url
+modules/comment/views/admin_block_recent_comments.html.php   4   DIRTY $i
+modules/comment/views/admin_block_recent_comments.html.php   5   DIRTY $comment->author()->avatar_url(32, $theme->url("images/avatar.jpg", true))
+modules/comment/views/admin_block_recent_comments.html.php   7   CLEAN $comment->author_name()
+modules/comment/views/admin_block_recent_comments.html.php   10  DIRTY $comment->created
+modules/comment/views/admin_block_recent_comments.html.php   12  CLEAN $comment->author_name()
+modules/comment/views/admin_block_recent_comments.html.php   13  CLEAN $comment->text
+modules/comment/views/admin_comments.html.php                4   DIRTY $csrf
+modules/comment/views/admin_comments.html.php                15  DIRTY $csrf
+modules/comment/views/admin_comments.html.php                42  DIRTY $menu
+modules/comment/views/admin_comments.html.php                65  DIRTY $spam_caught
+modules/comment/views/admin_comments.html.php                72  DIRTY $counts->spam
+modules/comment/views/admin_comments.html.php                75  DIRTY $csrf
+modules/comment/views/admin_comments.html.php                106 DIRTY $comment->id
+modules/comment/views/admin_comments.html.php                106 DIRTY $i
+modules/comment/views/admin_comments.html.php                109 DIRTY $comment->author()->avatar_url(40, $theme->url("images/avatar.jpg", true))
+modules/comment/views/admin_comments.html.php                111 CLEAN $comment->author_name()
+modules/comment/views/admin_comments.html.php                115 CLEAN $comment->author_email()
+modules/comment/views/admin_comments.html.php                116 CLEAN $comment->author_email()
+modules/comment/views/admin_comments.html.php                116 CLEAN $comment->author_name()
+modules/comment/views/admin_comments.html.php                122 DIRTY $item->url()
+modules/comment/views/admin_comments.html.php                124 DIRTY $item->thumb_url()
+modules/comment/views/admin_comments.html.php                125 CLEAN $item->title
+modules/comment/views/admin_comments.html.php                126 DIRTY $item->thumb_width
+modules/comment/views/admin_comments.html.php                126 DIRTY $item->thumb_height
+modules/comment/views/admin_comments.html.php                134 DIRTY $comment->created
+modules/comment/views/admin_comments.html.php                135 CLEAN $comment->text
+modules/comment/views/admin_comments.html.php                141 DIRTY $comment->id
+modules/comment/views/admin_comments.html.php                150 DIRTY $comment->id
+modules/comment/views/admin_comments.html.php                159 DIRTY $comment->id
+modules/comment/views/admin_comments.html.php                167 DIRTY $comment->id
+modules/comment/views/admin_comments.html.php                174 DIRTY $comment->id
+modules/comment/views/admin_comments.html.php                181 DIRTY $comment->id
+modules/comment/views/admin_comments.html.php                194 DIRTY $pager
+modules/comment/views/comment.html.php                       2   DIRTY $comment->id
+modules/comment/views/comment.html.php                       5   DIRTY $comment->author()->avatar_url(40, $theme->url("images/avatar.jpg", true))
+modules/comment/views/comment.html.php                       7   CLEAN $comment->author_name()
+modules/comment/views/comment.html.php                       11  DIRTY $comment->created
+modules/comment/views/comment.html.php                       12  CLEAN $comment->author_name()
+modules/comment/views/comment.html.php                       15  CLEAN $comment->text
+modules/comment/views/comments.html.php                      10  DIRTY $comment->id
+modules/comment/views/comments.html.php                      13  DIRTY $comment->author()->avatar_url(40, $theme->url("images/avatar.jpg", true))
+modules/comment/views/comments.html.php                      15  CLEAN $comment->author_name()
+modules/comment/views/comments.html.php                      20  DIRTY $comment->created
+modules/comment/views/comments.html.php                      21  CLEAN $comment->author_name()
+modules/comment/views/comments.html.php                      24  CLEAN $comment->text
+modules/exif/views/exif_dialog.html.php                      14  DIRTY $details
+modules/exif/views/exif_dialog.html.php                      14  DIRTY $i
+modules/exif/views/exif_dialog.html.php                      17  CLEAN $details
+modules/exif/views/exif_dialog.html.php                      17  CLEAN $i
+modules/exif/views/exif_dialog.html.php                      21  DIRTY $details
+modules/exif/views/exif_dialog.html.php                      21  DIRTY $i
+modules/exif/views/exif_dialog.html.php                      24  CLEAN $details
+modules/exif/views/exif_dialog.html.php                      24  CLEAN $i
+modules/exif/views/exif_sidebar.html.php                     2   DIRTY $item->id
+modules/g2_import/views/admin_g2_import.html.php             8   DIRTY $form
+modules/g2_import/views/admin_g2_import.html.php             26  DIRTY $g2_stats
+modules/g2_import/views/admin_g2_import.html.php             29  DIRTY $g2_stats
+modules/g2_import/views/admin_g2_import.html.php             32  DIRTY $g2_stats
+modules/g2_import/views/admin_g2_import.html.php             35  DIRTY $g2_stats
+modules/g2_import/views/admin_g2_import.html.php             38  DIRTY $g2_stats
+modules/g2_import/views/admin_g2_import.html.php             41  DIRTY $g2_stats
+modules/g2_import/views/admin_g2_import.html.php             45  DIRTY $g2_stats
+modules/g2_import/views/admin_g2_import.html.php             53  DIRTY $g2_sizes
+modules/g2_import/views/admin_g2_import.html.php             54  DIRTY $thumb_size
+modules/g2_import/views/admin_g2_import.html.php             62  DIRTY $g2_sizes
+modules/g2_import/views/admin_g2_import.html.php             63  DIRTY $resize_size
+modules/gallery/views/admin_advanced_settings.html.php       22  DIRTY $var->module_name
+modules/gallery/views/admin_advanced_settings.html.php       23  CLEAN $var->name
+modules/gallery/views/admin_advanced_settings.html.php       25  DIRTY $var->module_name
+modules/gallery/views/admin_advanced_settings.html.php       25  CLEAN $var->name
+modules/gallery/views/admin_advanced_settings.html.php       27  CLEAN $var->name
+modules/gallery/views/admin_advanced_settings.html.php       27  DIRTY $var->module_name
+modules/gallery/views/admin_advanced_settings.html.php       28  CLEAN $var->value
+modules/gallery/views/admin_block_log_entries.html.php       4   DIRTY $entry->severity
+modules/gallery/views/admin_block_log_entries.html.php       5   DIRTY $entry->user_id
+modules/gallery/views/admin_block_log_entries.html.php       5   CLEAN $entry->user->name
+modules/gallery/views/admin_block_log_entries.html.php       6   DIRTY $entry->timestamp
+modules/gallery/views/admin_block_log_entries.html.php       7   DIRTY $entry->message
+modules/gallery/views/admin_block_log_entries.html.php       8   DIRTY $entry->html
+modules/gallery/views/admin_block_news.html.php              5   DIRTY $entry
+modules/gallery/views/admin_block_news.html.php              5   DIRTY $entry
+modules/gallery/views/admin_block_news.html.php              7   DIRTY $entry
+modules/gallery/views/admin_block_photo_stream.html.php      5   DIRTY $photo->id
+modules/gallery/views/admin_block_photo_stream.html.php      5   CLEAN $photo->title
+modules/gallery/views/admin_block_photo_stream.html.php      6   DIRTY $photo->width
+modules/gallery/views/admin_block_photo_stream.html.php      6   DIRTY $photo->height
+modules/gallery/views/admin_block_photo_stream.html.php      7   DIRTY $photo->thumb_url()
+modules/gallery/views/admin_block_photo_stream.html.php      7   CLEAN $photo->title
+modules/gallery/views/admin_block_platform.html.php          16  DIRTY $load_average
+modules/gallery/views/admin_block_stats.html.php             7   DIRTY $album_count
+modules/gallery/views/admin_block_stats.html.php             10  DIRTY $photo_count
+modules/gallery/views/admin_dashboard.html.php               5   DIRTY $csrf
+modules/gallery/views/admin_dashboard.html.php               37  DIRTY $blocks
+modules/gallery/views/admin_graphics.html.php                6   DIRTY $csrf
+modules/gallery/views/admin_graphics.html.php                21  DIRTY $active
+modules/gallery/views/admin_graphics.html.php                25  DIRTY $available
+modules/gallery/views/admin_graphics_gd.html.php             2   DIRTY $is_active
+modules/gallery/views/admin_graphics_gd.html.php             2   DIRTY $tk->gd
+modules/gallery/views/admin_graphics_gd.html.php             11  DIRTY $tk->gd
+modules/gallery/views/admin_graphics_gd.html.php             19  DIRTY $tk->gd
+modules/gallery/views/admin_graphics_graphicsmagick.html.php 2   DIRTY $is_active
+modules/gallery/views/admin_graphics_graphicsmagick.html.php 2   DIRTY $tk->graphicsmagick
+modules/gallery/views/admin_graphics_graphicsmagick.html.php 11  DIRTY $tk->graphicsmagick
+modules/gallery/views/admin_graphics_imagemagick.html.php    2   DIRTY $is_active
+modules/gallery/views/admin_graphics_imagemagick.html.php    2   DIRTY $tk->imagemagick
+modules/gallery/views/admin_graphics_imagemagick.html.php    11  DIRTY $tk->imagemagick
+modules/gallery/views/admin_languages.html.php               5   DIRTY $settings_form
+modules/gallery/views/admin_languages.html.php               8   DIRTY $csrf
+modules/gallery/views/admin_languages.html.php               14  DIRTY $share_translations_form
+modules/gallery/views/admin_maintenance.html.php             23  DIRTY $task->severity
+modules/gallery/views/admin_maintenance.html.php             25  DIRTY $task->name
+modules/gallery/views/admin_maintenance.html.php             28  DIRTY $task->description
+modules/gallery/views/admin_maintenance.html.php             31  DIRTY $task->callback
+modules/gallery/views/admin_maintenance.html.php             31  DIRTY $csrf
+modules/gallery/views/admin_maintenance.html.php             44  DIRTY $csrf
+modules/gallery/views/admin_maintenance.html.php             70  DIRTY $task->state
+modules/gallery/views/admin_maintenance.html.php             72  DIRTY $task->updated
+modules/gallery/views/admin_maintenance.html.php             75  DIRTY $task->name
+modules/gallery/views/admin_maintenance.html.php             86  DIRTY $task->percent_complete
+modules/gallery/views/admin_maintenance.html.php             90  DIRTY $task->status
+modules/gallery/views/admin_maintenance.html.php             93  CLEAN $task->owner()->name
+modules/gallery/views/admin_maintenance.html.php             97  DIRTY $task->id
+modules/gallery/views/admin_maintenance.html.php             97  DIRTY $csrf
+modules/gallery/views/admin_maintenance.html.php             101 DIRTY $task->id
+modules/gallery/views/admin_maintenance.html.php             101 DIRTY $csrf
+modules/gallery/views/admin_maintenance.html.php             113 DIRTY $csrf
+modules/gallery/views/admin_maintenance.html.php             140 DIRTY $task->state
+modules/gallery/views/admin_maintenance.html.php             142 DIRTY $task->updated
+modules/gallery/views/admin_maintenance.html.php             145 DIRTY $task->name
+modules/gallery/views/admin_maintenance.html.php             157 DIRTY $task->status
+modules/gallery/views/admin_maintenance.html.php             160 DIRTY $task->owner()->name
+modules/gallery/views/admin_maintenance.html.php             164 DIRTY $task->id
+modules/gallery/views/admin_maintenance.html.php             164 DIRTY $csrf
+modules/gallery/views/admin_maintenance.html.php             168 DIRTY $task->id
+modules/gallery/views/admin_maintenance.html.php             168 DIRTY $csrf
+modules/gallery/views/admin_maintenance.html.php             171 DIRTY $task->id
+modules/gallery/views/admin_maintenance.html.php             171 DIRTY $csrf
+modules/gallery/views/admin_maintenance_task.html.php        5   DIRTY $task->id
+modules/gallery/views/admin_maintenance_task.html.php        5   DIRTY $csrf
+modules/gallery/views/admin_modules.html.php                 19  DIRTY $i
+modules/gallery/views/admin_modules.html.php                 22  DIRTY $data
+modules/gallery/views/admin_modules.html.php                 22  DIRTY $module_name
+modules/gallery/views/admin_modules.html.php                 23  DIRTY $module_info->name
+modules/gallery/views/admin_modules.html.php                 24  DIRTY $module_info->version
+modules/gallery/views/admin_modules.html.php                 25  DIRTY $module_info->description
+modules/gallery/views/admin_theme_details.html.php           5   DIRTY $form
+modules/gallery/views/admin_themes.html.php                  5   DIRTY $csrf
+modules/gallery/views/admin_themes.html.php                  18  DIRTY $site
+modules/gallery/views/admin_themes.html.php                  19  DIRTY $themes
+modules/gallery/views/admin_themes.html.php                  19  DIRTY $site
+modules/gallery/views/admin_themes.html.php                  20  DIRTY $themes
+modules/gallery/views/admin_themes.html.php                  20  DIRTY $site
+modules/gallery/views/admin_themes.html.php                  22  DIRTY $themes
+modules/gallery/views/admin_themes.html.php                  22  DIRTY $site
+modules/gallery/views/admin_themes.html.php                  33  DIRTY $id
+modules/gallery/views/admin_themes.html.php                  33  DIRTY $info->name
+modules/gallery/views/admin_themes.html.php                  34  DIRTY $id
+modules/gallery/views/admin_themes.html.php                  35  DIRTY $info->name
+modules/gallery/views/admin_themes.html.php                  36  DIRTY $info->name
+modules/gallery/views/admin_themes.html.php                  38  DIRTY $info->description
+modules/gallery/views/admin_themes.html.php                  56  DIRTY $admin
+modules/gallery/views/admin_themes.html.php                  57  DIRTY $themes
+modules/gallery/views/admin_themes.html.php                  57  DIRTY $admin
+modules/gallery/views/admin_themes.html.php                  58  DIRTY $themes
+modules/gallery/views/admin_themes.html.php                  58  DIRTY $admin
+modules/gallery/views/admin_themes.html.php                  60  DIRTY $themes
+modules/gallery/views/admin_themes.html.php                  60  DIRTY $admin
+modules/gallery/views/admin_themes.html.php                  71  DIRTY $id
+modules/gallery/views/admin_themes.html.php                  71  DIRTY $info->name
+modules/gallery/views/admin_themes.html.php                  72  DIRTY $id
+modules/gallery/views/admin_themes.html.php                  73  DIRTY $info->name
+modules/gallery/views/admin_themes.html.php                  74  DIRTY $info->name
+modules/gallery/views/admin_themes.html.php                  76  DIRTY $info->description
+modules/gallery/views/admin_themes_preview.html.php          3   DIRTY $type
+modules/gallery/views/admin_themes_preview.html.php          3   DIRTY $theme_name
+modules/gallery/views/admin_themes_preview.html.php          3   DIRTY $csrf
+modules/gallery/views/admin_themes_preview.html.php          4   DIRTY $info->name
+modules/gallery/views/admin_themes_preview.html.php          7   DIRTY $url
+modules/gallery/views/after_install.html.php                 11  CLEAN $user->name
+modules/gallery/views/after_install.html.php                 15  DIRTY $user->id
+modules/gallery/views/kohana_error_page.php                  98  DIRTY $message
+modules/gallery/views/kohana_error_page.php                  100 DIRTY $file
+modules/gallery/views/kohana_error_page.php                  100 DIRTY $line
+modules/gallery/views/kohana_error_page.php                  112 DIRTY $trace
+modules/gallery/views/kohana_profiler.php                    32  DIRTY $profile->render()
+modules/gallery/views/kohana_profiler.php                    34  DIRTY $execution_time
+modules/gallery/views/l10n_client.html.php                   13  DIRTY $string
+modules/gallery/views/l10n_client.html.php                   14  DIRTY $string
+modules/gallery/views/l10n_client.html.php                   18  DIRTY $l10n_search_form
+modules/gallery/views/l10n_client.html.php                   25  DIRTY $l10n_form
+modules/gallery/views/l10n_client.html.php                   29  DIRTY $string_list
+modules/gallery/views/move_browse.html.php                   4   DIRTY $source->id
+modules/gallery/views/move_browse.html.php                   39  DIRTY $tree
+modules/gallery/views/move_browse.html.php                   42  DIRTY $source->id
+modules/gallery/views/move_tree.html.php                     2   DIRTY $parent->thumb_tag(array(), 25)
+modules/gallery/views/move_tree.html.php                     4   DIRTY $parent->id
+modules/gallery/views/move_tree.html.php                     4   CLEAN $parent->title
+modules/gallery/views/move_tree.html.php                     6   DIRTY $parent->id
+modules/gallery/views/move_tree.html.php                     6   CLEAN $parent->title
+modules/gallery/views/move_tree.html.php                     8   DIRTY $parent->id
+modules/gallery/views/move_tree.html.php                     10  DIRTY $child->id
+modules/gallery/views/move_tree.html.php                     11  DIRTY $child->thumb_tag(array(), 25)
+modules/gallery/views/move_tree.html.php                     13  DIRTY $child->id
+modules/gallery/views/move_tree.html.php                     13  CLEAN $child->title
+modules/gallery/views/move_tree.html.php                     15  DIRTY $child->id
+modules/gallery/views/move_tree.html.php                     15  CLEAN $child->title
+modules/gallery/views/permissions_browse.html.php            15  DIRTY $csrf
+modules/gallery/views/permissions_browse.html.php            37  DIRTY $parent->id
+modules/gallery/views/permissions_browse.html.php            38  CLEAN $parent->title
+modules/gallery/views/permissions_browse.html.php            40  DIRTY $parent->id
+modules/gallery/views/permissions_browse.html.php            44  DIRTY $item->id
+modules/gallery/views/permissions_browse.html.php            45  CLEAN $item->title
+modules/gallery/views/permissions_browse.html.php            47  DIRTY $item->id
+modules/gallery/views/permissions_browse.html.php            48  DIRTY $form
+modules/gallery/views/permissions_form.html.php              9   CLEAN $group->name
+modules/gallery/views/permissions_form.html.php              15  DIRTY $permission->display_name
+modules/gallery/views/permissions_form.html.php              24  DIRTY $lock->id
+modules/gallery/views/permissions_form.html.php              32  DIRTY $group->id
+modules/gallery/views/permissions_form.html.php              32  DIRTY $permission->id
+modules/gallery/views/permissions_form.html.php              32  DIRTY $item->id
+modules/gallery/views/permissions_form.html.php              36  DIRTY $group->id
+modules/gallery/views/permissions_form.html.php              36  DIRTY $permission->id
+modules/gallery/views/permissions_form.html.php              36  DIRTY $item->id
+modules/gallery/views/permissions_form.html.php              43  DIRTY $group->id
+modules/gallery/views/permissions_form.html.php              43  DIRTY $permission->id
+modules/gallery/views/permissions_form.html.php              43  DIRTY $item->id
+modules/gallery/views/permissions_form.html.php              47  DIRTY $group->id
+modules/gallery/views/permissions_form.html.php              47  DIRTY $permission->id
+modules/gallery/views/permissions_form.html.php              47  DIRTY $item->id
+modules/gallery/views/permissions_form.html.php              56  DIRTY $group->id
+modules/gallery/views/permissions_form.html.php              56  DIRTY $permission->id
+modules/gallery/views/permissions_form.html.php              56  DIRTY $item->id
+modules/gallery/views/permissions_form.html.php              63  DIRTY $group->id
+modules/gallery/views/permissions_form.html.php              63  DIRTY $permission->id
+modules/gallery/views/permissions_form.html.php              63  DIRTY $item->id
+modules/gallery/views/permissions_form.html.php              74  DIRTY $group->id
+modules/gallery/views/permissions_form.html.php              74  DIRTY $permission->id
+modules/gallery/views/permissions_form.html.php              74  DIRTY $item->id
+modules/gallery/views/permissions_form.html.php              79  DIRTY $group->id
+modules/gallery/views/permissions_form.html.php              79  DIRTY $permission->id
+modules/gallery/views/permissions_form.html.php              79  DIRTY $item->id
+modules/gallery/views/quick_pane.html.php                    9   DIRTY $item->id
+modules/gallery/views/quick_pane.html.php                    9   DIRTY $page_type
+modules/gallery/views/quick_pane.html.php                    10  DIRTY $title
+modules/gallery/views/quick_pane.html.php                    12  DIRTY $title
+modules/gallery/views/quick_pane.html.php                    17  DIRTY $item->id
+modules/gallery/views/quick_pane.html.php                    17  DIRTY $csrf
+modules/gallery/views/quick_pane.html.php                    17  DIRTY $page_type
+modules/gallery/views/quick_pane.html.php                    24  DIRTY $item->id
+modules/gallery/views/quick_pane.html.php                    24  DIRTY $csrf
+modules/gallery/views/quick_pane.html.php                    24  DIRTY $page_type
+modules/gallery/views/quick_pane.html.php                    41  DIRTY $item->id
+modules/gallery/views/quick_pane.html.php                    42  DIRTY $title
+modules/gallery/views/quick_pane.html.php                    44  DIRTY $title
+modules/gallery/views/quick_pane.html.php                    61  DIRTY $disabledState
+modules/gallery/views/quick_pane.html.php                    61  DIRTY $item->id
+modules/gallery/views/quick_pane.html.php                    61  DIRTY $csrf
+modules/gallery/views/quick_pane.html.php                    61  DIRTY $page_type
+modules/gallery/views/quick_pane.html.php                    62  DIRTY $title
+modules/gallery/views/quick_pane.html.php                    64  DIRTY $title
+modules/gallery/views/quick_pane.html.php                    78  DIRTY $item->id
+modules/gallery/views/quick_pane.html.php                    78  DIRTY $csrf
+modules/gallery/views/quick_pane.html.php                    78  DIRTY $page_type
+modules/gallery/views/quick_pane.html.php                    78  DIRTY $message
+modules/gallery/views/quick_pane.html.php                    78  DIRTY $title
+modules/gallery/views/quick_pane.html.php                    80  DIRTY $title
+modules/gallery/views/quick_pane.html.php                    93  DIRTY $item->id
+modules/gallery/views/quick_pane.html.php                    98  DIRTY $item->id
+modules/gallery/views/quick_pane.html.php                    103 DIRTY $item->id
+modules/gallery/views/simple_uploader.html.php               8   CLEAN $item->title
+modules/gallery/views/simple_uploader.html.php               28  CLEAN $parent->title
+modules/gallery/views/simple_uploader.html.php               30  CLEAN $item->title
+modules/gallery/views/simple_uploader.html.php               77  DIRTY $item->id
+modules/gallery/views/simple_uploader.html.php               81  DIRTY $csrf
+modules/image_block/views/image_block_block.html.php         3   DIRTY $item->url()
+modules/image_block/views/image_block_block.html.php         4   DIRTY $item->thumb_tag(array("class" => "gThumbnail"))
+modules/info/views/info_block.html.php                       6   CLEAN $item->title
+modules/info/views/info_block.html.php                       11  CLEAN $item->description
+modules/info/views/info_block.html.php                       17  CLEAN $item->name
+modules/info/views/info_block.html.php                       23  DIRTY $item->captured
+modules/info/views/info_block.html.php                       29  CLEAN $item->owner->name
+modules/notification/views/comment_published.html.php        4   CLEAN $subject
+modules/notification/views/comment_published.html.php        7   CLEAN $subject
+modules/notification/views/comment_published.html.php        11  CLEAN $comment->text
+modules/notification/views/comment_published.html.php        15  CLEAN $comment->author_name()
+modules/notification/views/comment_published.html.php        19  CLEAN $comment->author_email()
+modules/notification/views/comment_published.html.php        23  CLEAN $comment->author_url()
+modules/notification/views/comment_published.html.php        28  DIRTY $comment->item()->url(array(), true)
+modules/notification/views/comment_published.html.php        29  DIRTY $comment->item()->url(array(), true)
+modules/notification/views/item_added.html.php               4   CLEAN $subject
+modules/notification/views/item_added.html.php               7   CLEAN $subject
+modules/notification/views/item_added.html.php               11  CLEAN $item->title
+modules/notification/views/item_added.html.php               16  DIRTY $item->url(array(), true)
+modules/notification/views/item_added.html.php               17  DIRTY $item->url(array(), true)
+modules/notification/views/item_added.html.php               24  CLEAN $item->description
+modules/notification/views/item_deleted.html.php             4   CLEAN $subject
+modules/notification/views/item_deleted.html.php             7   CLEAN $subject
+modules/notification/views/item_deleted.html.php             12  CLEAN $item->parent()->title
+modules/notification/views/item_deleted.html.php             18  DIRTY $item->parent()->url(array(), true)
+modules/notification/views/item_deleted.html.php             19  DIRTY $item->parent()->url(array(), true)
+modules/notification/views/item_updated.html.php             4   CLEAN $subject
+modules/notification/views/item_updated.html.php             7   CLEAN $subject
+modules/notification/views/item_updated.html.php             12  CLEAN $new->title
+modules/notification/views/item_updated.html.php             15  CLEAN $new->title
+modules/notification/views/item_updated.html.php             20  DIRTY $new->url(array(), true)
+modules/notification/views/item_updated.html.php             20  DIRTY $new->url(array(), true)
+modules/notification/views/item_updated.html.php             25  CLEAN $new->description
+modules/notification/views/item_updated.html.php             30  CLEAN $new->description
+modules/organize/views/organize.html.php                     10  DIRTY $item->id
+modules/organize/views/organize.html.php                     12  DIRTY $csrf
+modules/organize/views/organize.html.php                     13  DIRTY $csrf
+modules/organize/views/organize.html.php                     19  CLEAN $item->title
+modules/organize/views/organize.html.php                     33  DIRTY $album_tree
+modules/organize/views/organize.html.php                     48  DIRTY $button_pane
+modules/organize/views/organize_album.html.php               3   DIRTY $album->id
+modules/organize/views/organize_album.html.php               4   DIRTY $album->id
+modules/organize/views/organize_album.html.php               4   DIRTY $album->id
+modules/organize/views/organize_album.html.php               5   DIRTY $album_icon
+modules/organize/views/organize_album.html.php               5   DIRTY $album_icon
+modules/organize/views/organize_album.html.php               8   DIRTY $album->id
+modules/organize/views/organize_album.html.php               8   DIRTY $album->id
+modules/organize/views/organize_album.html.php               9   DIRTY $selected
+modules/organize/views/organize_album.html.php               10  CLEAN $album->title
+modules/organize/views/organize_album.html.php               12  DIRTY $album->id
+modules/organize/views/organize_album.html.php               13  DIRTY $album_icon
+modules/organize/views/organize_album.html.php               14  DIRTY $children
+modules/organize/views/organize_edit.html.php                4   DIRTY $idx
+modules/organize/views/organize_edit.html.php                4   DIRTY $pane
+modules/organize/views/organize_edit.html.php                10  DIRTY $idx
+modules/organize/views/organize_edit.html.php                10  DIRTY $pane
+modules/organize/views/organize_thumb_grid.html.php          7   DIRTY $child->id
+modules/organize/views/organize_thumb_grid.html.php          7   DIRTY $child->id
+modules/organize/views/organize_thumb_grid.html.php          8   DIRTY $child->id
+modules/organize/views/organize_thumb_grid.html.php          8   DIRTY $item_class
+modules/organize/views/organize_thumb_grid.html.php          9   DIRTY $child->thumb_tag(array("class" => "gThumbnail"), $thumbsize, true)
+modules/recaptcha/views/admin_recaptcha.html.php             5   DIRTY $form->get_key_url
+modules/recaptcha/views/admin_recaptcha.html.php             8   DIRTY $form
+modules/recaptcha/views/admin_recaptcha.html.php             21  DIRTY $public_key
+modules/rss/views/comment.mrss.php                           9   CLEAN $title
+modules/rss/views/comment.mrss.php                           10  DIRTY $link
+modules/rss/views/comment.mrss.php                           11  CLEAN $description
+modules/rss/views/comment.mrss.php                           13  DIRTY $feed_link
+modules/rss/views/comment.mrss.php                           16  DIRTY $previous_page_link
+modules/rss/views/comment.mrss.php                           19  DIRTY $next_page_link
+modules/rss/views/comment.mrss.php                           21  DIRTY $pub_date
+modules/rss/views/comment.mrss.php                           22  DIRTY $pub_date
+modules/rss/views/comment.mrss.php                           25  CLEAN $child
+modules/rss/views/comment.mrss.php                           26  CLEAN $child
+modules/rss/views/comment.mrss.php                           27  CLEAN $child
+modules/rss/views/comment.mrss.php                           28  DIRTY $child
+modules/rss/views/comment.mrss.php                           29  DIRTY $child
+modules/rss/views/comment.mrss.php                           32  CLEAN $child
+modules/rss/views/comment.mrss.php                           34  DIRTY $child
+modules/rss/views/comment.mrss.php                           35  DIRTY $child
+modules/rss/views/comment.mrss.php                           35  DIRTY $child
+modules/rss/views/feed.mrss.php                              9   CLEAN $title
+modules/rss/views/feed.mrss.php                              10  DIRTY $link
+modules/rss/views/feed.mrss.php                              11  CLEAN $description
+modules/rss/views/feed.mrss.php                              13  DIRTY $feed_link
+modules/rss/views/feed.mrss.php                              16  DIRTY $previous_page_link
+modules/rss/views/feed.mrss.php                              19  DIRTY $next_page_link
+modules/rss/views/feed.mrss.php                              21  DIRTY $pub_date
+modules/rss/views/feed.mrss.php                              22  DIRTY $pub_date
+modules/rss/views/feed.mrss.php                              25  CLEAN $child->title
+modules/rss/views/feed.mrss.php                              26  DIRTY $child->type
+modules/rss/views/feed.mrss.php                              26  DIRTY $child->id
+modules/rss/views/feed.mrss.php                              27  DIRTY $child->type
+modules/rss/views/feed.mrss.php                              27  DIRTY $child->id
+modules/rss/views/feed.mrss.php                              28  DIRTY $child->created
+modules/rss/views/feed.mrss.php                              31  CLEAN $child->description
+modules/rss/views/feed.mrss.php                              34  DIRTY $child->resize_url(true)
+modules/rss/views/feed.mrss.php                              35  CLEAN $child->title
+modules/rss/views/feed.mrss.php                              36  DIRTY $child->resize_height
+modules/rss/views/feed.mrss.php                              36  DIRTY $child->resize_width
+modules/rss/views/feed.mrss.php                              38  DIRTY $child->type
+modules/rss/views/feed.mrss.php                              38  DIRTY $child->id
+modules/rss/views/feed.mrss.php                              39  DIRTY $child->thumb_url(true)
+modules/rss/views/feed.mrss.php                              40  CLEAN $child->title
+modules/rss/views/feed.mrss.php                              41  DIRTY $child->thumb_height
+modules/rss/views/feed.mrss.php                              41  DIRTY $child->thumb_width
+modules/rss/views/feed.mrss.php                              43  CLEAN $child->description
+modules/rss/views/feed.mrss.php                              47  DIRTY $child->thumb_url(true)
+modules/rss/views/feed.mrss.php                              48  DIRTY $child->thumb_path()
+modules/rss/views/feed.mrss.php                              49  DIRTY $child->thumb_height
+modules/rss/views/feed.mrss.php                              50  DIRTY $child->thumb_width
+modules/rss/views/feed.mrss.php                              54  DIRTY $child->resize_url(true)
+modules/rss/views/feed.mrss.php                              55  DIRTY $child->resize_path()
+modules/rss/views/feed.mrss.php                              56  DIRTY $child->mime_type
+modules/rss/views/feed.mrss.php                              57  DIRTY $child->resize_height
+modules/rss/views/feed.mrss.php                              58  DIRTY $child->resize_width
+modules/rss/views/feed.mrss.php                              62  DIRTY $child->file_url(true)
+modules/rss/views/feed.mrss.php                              63  DIRTY $child->file_path()
+modules/rss/views/feed.mrss.php                              64  DIRTY $child->mime_type
+modules/rss/views/feed.mrss.php                              65  DIRTY $child->height
+modules/rss/views/feed.mrss.php                              66  DIRTY $child->width
+modules/rss/views/feed.mrss.php                              70  DIRTY $child->file_url(true)
+modules/rss/views/feed.mrss.php                              71  DIRTY $child->file_path()
+modules/rss/views/feed.mrss.php                              72  DIRTY $child->height
+modules/rss/views/feed.mrss.php                              73  DIRTY $child->width
+modules/rss/views/feed.mrss.php                              74  DIRTY $child->mime_type
+modules/rss/views/rss_block.html.php                         6   DIRTY $url
+modules/rss/views/rss_block.html.php                         8   DIRTY $text
+modules/search/views/search.html.php                         11  CLEAN $q
+modules/search/views/search.html.php                         30  DIRTY $item_class
+modules/search/views/search.html.php                         31  DIRTY $item->id
+modules/search/views/search.html.php                         32  DIRTY $item->thumb_tag()
+modules/search/views/search.html.php                         34  CLEAN $item->title
+modules/search/views/search.html.php                         37  CLEAN $item->description
+modules/search/views/search.html.php                         43  DIRTY $theme->pager()
+modules/search/views/search.html.php                         47  CLEAN $q
+modules/server_add/views/admin_server_add.html.php           11  DIRTY $path
+modules/server_add/views/admin_server_add.html.php           11  DIRTY $csrf
+modules/server_add/views/admin_server_add.html.php           12  DIRTY $id
+modules/server_add/views/admin_server_add.html.php           16  DIRTY $path
+modules/server_add/views/admin_server_add.html.php           24  DIRTY $form
+modules/server_add/views/server_add_tree.html.php            3   DIRTY $tree_id
+modules/server_add/views/server_add_tree.html.php            4   DIRTY $tree_id
+modules/server_add/views/server_add_tree.html.php            8   DIRTY $tree_id
+modules/server_add/views/server_add_tree.html.php            13  DIRTY $tree_id
+modules/server_add/views/server_add_tree.html.php            15  DIRTY $file_info
+modules/server_add/views/server_add_tree.html.php            19  CLEAN $file_info
+modules/server_add/views/server_add_tree.html.php            19  CLEAN $file
+modules/server_add/views/server_add_tree_dialog.html.php     8   CLEAN $album_title
+modules/server_add/views/server_add_tree_dialog.html.php     13  CLEAN $parent->title
+modules/server_add/views/server_add_tree_dialog.html.php     15  CLEAN $album_title
+modules/server_add/views/server_add_tree_dialog.html.php     18  DIRTY $action
+modules/server_add/views/server_add_tree_dialog.html.php     20  DIRTY $tree
+modules/tag/views/admin_tags.html.php                        14  DIRTY $csrf
+modules/tag/views/admin_tags.html.php                        28  DIRTY $tags->count()
+modules/tag/views/admin_tags.html.php                        36  DIRTY $current_letter
+modules/tag/views/admin_tags.html.php                        46  DIRTY $current_letter
+modules/tag/views/admin_tags.html.php                        51  DIRTY $tag->id
+modules/tag/views/admin_tags.html.php                        51  CLEAN $tag->name
+modules/tag/views/admin_tags.html.php                        52  DIRTY $tag->count
+modules/tag/views/admin_tags.html.php                        53  DIRTY $tag->id
+modules/tag/views/tag_block.html.php                         3   DIRTY $cloud
+modules/tag/views/tag_block.html.php                         5   DIRTY $form
+modules/tag/views/tag_cloud.html.php                         4   DIRTY $tag->count
+modules/tag/views/tag_cloud.html.php                         4   DIRTY $max_count
+modules/tag/views/tag_cloud.html.php                         5   DIRTY $tag->count
+modules/tag/views/tag_cloud.html.php                         6   DIRTY $tag->id
+modules/tag/views/tag_cloud.html.php                         6   CLEAN $tag->name
+modules/user/views/admin_users.html.php                      3   DIRTY $csrf
+modules/user/views/admin_users.html.php                      36  DIRTY $csrf
+modules/user/views/admin_users.html.php                      67  DIRTY $user->id
+modules/user/views/admin_users.html.php                      67  DIRTY $user->admin
+modules/user/views/admin_users.html.php                      68  DIRTY $user->id
+modules/user/views/admin_users.html.php                      69  DIRTY $user->avatar_url(20, $theme->url("images/avatar.jpg", true))
+modules/user/views/admin_users.html.php                      71  CLEAN $user->name
+modules/user/views/admin_users.html.php                      74  CLEAN $user->name
+modules/user/views/admin_users.html.php                      77  CLEAN $user->full_name
+modules/user/views/admin_users.html.php                      80  CLEAN $user->email
+modules/user/views/admin_users.html.php                      83  DIRTY $user->last_login
+modules/user/views/admin_users.html.php                      83  DIRTY $user->last_login
+modules/user/views/admin_users.html.php                      86  DIRTY $user->id
+modules/user/views/admin_users.html.php                      91  DIRTY $user->id
+modules/user/views/admin_users.html.php                      121 DIRTY $group->id
+modules/user/views/admin_users.html.php                      123 DIRTY $v
+modules/user/views/admin_users_group.html.php                2   CLEAN $group->name
+modules/user/views/admin_users_group.html.php                4   DIRTY $group->id
+modules/user/views/admin_users_group.html.php                5   CLEAN $group->name
+modules/user/views/admin_users_group.html.php                16  CLEAN $user->name
+modules/user/views/admin_users_group.html.php                18  DIRTY $user->id
+modules/user/views/admin_users_group.html.php                18  DIRTY $group->id
+modules/user/views/admin_users_group.html.php                22  CLEAN $user->name
+modules/user/views/admin_users_group.html.php                22  CLEAN $group->name
+modules/user/views/login.html.php                            11  DIRTY $user->id
+modules/user/views/login.html.php                            14  CLEAN $user->full_name
+modules/user/views/login.html.php                            14  CLEAN $user->name
+modules/user/views/login.html.php                            14  CLEAN $user->full_name
+modules/user/views/login_ajax.html.php                       37  DIRTY $form
+modules/user/views/reset_password.html.php                   9   CLEAN $user->full_name
+modules/user/views/reset_password.html.php                   9   CLEAN $user->full_name
+modules/user/views/reset_password.html.php                   9   CLEAN $user->name
+modules/user/views/reset_password.html.php                   12  DIRTY $confirm_url
+modules/watermark/views/admin_watermarks.html.php            19  DIRTY $width
+modules/watermark/views/admin_watermarks.html.php            19  DIRTY $height
+modules/watermark/views/admin_watermarks.html.php            19  DIRTY $url
+modules/watermark/views/admin_watermarks.html.php            21  DIRTY $position
+themes/admin_default/views/admin.html.php                    17  DIRTY $theme->url("css/screen.css")
+themes/admin_default/views/admin.html.php                    20  DIRTY $theme->url("css/fix-ie.css")
+themes/admin_default/views/admin.html.php                    29  DIRTY $theme->url("js/jquery.dropshadow.js")
+themes/admin_default/views/admin.html.php                    30  DIRTY $theme->url("js/ui.init.js")
+themes/admin_default/views/admin.html.php                    31  DIRTY $theme->admin_head()
+themes/admin_default/views/admin.html.php                    35  DIRTY $theme->admin_page_top()
+themes/admin_default/views/admin.html.php                    41  DIRTY $theme->site_status()
+themes/admin_default/views/admin.html.php                    43  DIRTY $theme->admin_header_top()
+themes/admin_default/views/admin.html.php                    50  DIRTY $theme->admin_menu()
+themes/admin_default/views/admin.html.php                    52  DIRTY $theme->admin_header_bottom()
+themes/admin_default/views/admin.html.php                    58  DIRTY $theme->messages()
+themes/admin_default/views/admin.html.php                    59  DIRTY $content
+themes/admin_default/views/admin.html.php                    65  DIRTY $sidebar
+themes/admin_default/views/admin.html.php                    70  DIRTY $theme->admin_footer()
+themes/admin_default/views/admin.html.php                    72  DIRTY $theme->admin_credits()
+themes/admin_default/views/admin.html.php                    76  DIRTY $theme->admin_page_bottom()
+themes/admin_default/views/block.html.php                    2   DIRTY $id
+themes/admin_default/views/block.html.php                    2   DIRTY $css_id
+themes/admin_default/views/block.html.php                    5   DIRTY $id
+themes/admin_default/views/block.html.php                    5   DIRTY $csrf
+themes/admin_default/views/block.html.php                    10  DIRTY $title
+themes/admin_default/views/block.html.php                    13  DIRTY $content
+themes/admin_default/views/pager.html.php                    9   DIRTY $from_to_msg
+themes/admin_default/views/pager.html.php                    11  DIRTY $url
+themes/admin_default/views/pager.html.php                    16  DIRTY $previous_page
+themes/admin_default/views/pager.html.php                    16  DIRTY $url
+themes/admin_default/views/pager.html.php                    21  DIRTY $next_page
+themes/admin_default/views/pager.html.php                    21  DIRTY $url
+themes/admin_default/views/pager.html.php                    26  DIRTY $last_page
+themes/admin_default/views/pager.html.php                    26  DIRTY $url
+themes/default/views/album.html.php                          4   DIRTY $theme->album_top()
+themes/default/views/album.html.php                          5   CLEAN $item->title
+themes/default/views/album.html.php                          6   CLEAN $item->description
+themes/default/views/album.html.php                          15  DIRTY $child->id
+themes/default/views/album.html.php                          15  DIRTY $item_class
+themes/default/views/album.html.php                          16  DIRTY $theme->thumb_top($child)
+themes/default/views/album.html.php                          17  DIRTY $child->url()
+themes/default/views/album.html.php                          18  DIRTY $child->thumb_tag(array("class" => "gThumbnail"))
+themes/default/views/album.html.php                          20  DIRTY $theme->thumb_bottom($child)
+themes/default/views/album.html.php                          21  DIRTY $child->url()
+themes/default/views/album.html.php                          21  CLEAN $child->title
+themes/default/views/album.html.php                          23  DIRTY $theme->thumb_info($child)
+themes/default/views/album.html.php                          28  DIRTY $theme->album_bottom()
+themes/default/views/album.html.php                          30  DIRTY $theme->pager()
+themes/default/views/block.html.php                          2   DIRTY $anchor
+themes/default/views/block.html.php                          3   DIRTY $css_id
+themes/default/views/block.html.php                          4   DIRTY $title
+themes/default/views/block.html.php                          6   DIRTY $content
+themes/default/views/dynamic.html.php                        4   DIRTY $theme->dynamic_top()
+themes/default/views/dynamic.html.php                        6   CLEAN $tag->name
+themes/default/views/dynamic.html.php                        11  DIRTY $child->is_album()
+themes/default/views/dynamic.html.php                        12  DIRTY $theme->thumb_top($child)
+themes/default/views/dynamic.html.php                        13  DIRTY $child->url()
+themes/default/views/dynamic.html.php                        14  DIRTY $child->id
+themes/default/views/dynamic.html.php                        15  DIRTY $child->thumb_url()
+themes/default/views/dynamic.html.php                        16  DIRTY $child->thumb_width
+themes/default/views/dynamic.html.php                        17  DIRTY $child->thumb_height
+themes/default/views/dynamic.html.php                        19  CLEAN $child->title
+themes/default/views/dynamic.html.php                        20  DIRTY $theme->thumb_bottom($child)
+themes/default/views/dynamic.html.php                        22  DIRTY $theme->thumb_info($child)
+themes/default/views/dynamic.html.php                        27  DIRTY $theme->dynamic_bottom()
+themes/default/views/dynamic.html.php                        29  DIRTY $theme->pager()
+themes/default/views/footer.html.php                         2   DIRTY $theme->footer()
+themes/default/views/footer.html.php                         4   DIRTY $footer_text
+themes/default/views/footer.html.php                         7   DIRTY $theme->credits()
+themes/default/views/header.html.php                         2   DIRTY $theme->header_top()
+themes/default/views/header.html.php                         4   DIRTY $header_text
+themes/default/views/header.html.php                         7   DIRTY $theme->url("images/logo.png")
+themes/default/views/header.html.php                         12  DIRTY $theme->site_menu()
+themes/default/views/header.html.php                         15  DIRTY $theme->header_bottom()
+themes/default/views/header.html.php                         21  DIRTY $parent->id
+themes/default/views/header.html.php                         21  DIRTY $item->id
+themes/default/views/header.html.php                         22  CLEAN $parent->title
+themes/default/views/header.html.php                         26  CLEAN $item->title
+themes/default/views/login_page.html.php                     10  DIRTY $theme->url("images/favicon.ico")
+themes/default/views/login_page.html.php                     17  DIRTY $theme->url("css/screen.css")
+themes/default/views/login_page.html.php                     20  DIRTY $theme->url("css/fix-ie.css")
+themes/default/views/login_page.html.php                     28  DIRTY $theme->url("js/ui.init.js")
+themes/default/views/movie.html.php                          4   DIRTY $theme->photo_top()
+themes/default/views/movie.html.php                          7   DIRTY $position
+themes/default/views/movie.html.php                          7   DIRTY $sibling_count
+themes/default/views/movie.html.php                          9   DIRTY $previous_item->url()
+themes/default/views/movie.html.php                          12  DIRTY $next_item->url()
+themes/default/views/movie.html.php                          16  DIRTY $item->id
+themes/default/views/movie.html.php                          17  DIRTY $item->file_url(true)
+themes/default/views/movie.html.php                          18  DIRTY $item->width
+themes/default/views/movie.html.php                          18  DIRTY $item->height
+themes/default/views/movie.html.php                          21  DIRTY $item->id
+themes/default/views/movie.html.php                          35  CLEAN $item->title
+themes/default/views/movie.html.php                          36  CLEAN $item->description
+themes/default/views/movie.html.php                          39  DIRTY $theme->photo_bottom()
+themes/default/views/page.html.php                           11  CLEAN $item->title
+themes/default/views/page.html.php                           14  DIRTY $page_title
+themes/default/views/page.html.php                           16  DIRTY $theme->page_type
+themes/default/views/page.html.php                           18  DIRTY $theme->url("images/favicon.ico")
+themes/default/views/page.html.php                           25  DIRTY $theme->url("css/screen.css")
+themes/default/views/page.html.php                           28  DIRTY $theme->url("css/fix-ie.css")
+themes/default/views/page.html.php                           37  DIRTY $new_width
+themes/default/views/page.html.php                           38  DIRTY $new_height
+themes/default/views/page.html.php                           39  DIRTY $thumb_proportion
+themes/default/views/page.html.php                           51  DIRTY $theme->url("js/jquery.scrollTo.js")
+themes/default/views/page.html.php                           52  DIRTY $theme->url("js/jquery.localscroll.js")
+themes/default/views/page.html.php                           53  DIRTY $theme->url("js/ui.init.js")
+themes/default/views/page.html.php                           54  DIRTY $theme->head()
+themes/default/views/page.html.php                           58  DIRTY $theme->page_top()
+themes/default/views/page.html.php                           60  DIRTY $theme->site_status()
+themes/default/views/page.html.php                           62  DIRTY $theme->display("header.html")
+themes/default/views/page.html.php                           68  DIRTY $theme->messages()
+themes/default/views/page.html.php                           69  DIRTY $content
+themes/default/views/page.html.php                           74  DIRTY $theme->display("sidebar.html")
+themes/default/views/page.html.php                           78  DIRTY $theme->display("footer.html")
+themes/default/views/page.html.php                           81  DIRTY $theme->page_bottom()
+themes/default/views/pager.html.php                          11  DIRTY $url
+themes/default/views/pager.html.php                          18  DIRTY $previous_page
+themes/default/views/pager.html.php                          18  DIRTY $url
+themes/default/views/pager.html.php                          25  DIRTY $from_to_msg
+themes/default/views/pager.html.php                          28  DIRTY $next_page
+themes/default/views/pager.html.php                          28  DIRTY $url
+themes/default/views/pager.html.php                          35  DIRTY $last_page
+themes/default/views/pager.html.php                          35  DIRTY $url
+themes/default/views/photo.html.php                          3   DIRTY $theme->photo_top()
+themes/default/views/photo.html.php                          8   DIRTY $previous_item->url()
+themes/default/views/photo.html.php                          15  DIRTY $position
+themes/default/views/photo.html.php                          15  DIRTY $sibling_count
+themes/default/views/photo.html.php                          18  DIRTY $next_item->url()
+themes/default/views/photo.html.php                          28  DIRTY $theme->resize_top($item)
+themes/default/views/photo.html.php                          32  DIRTY $item->resize_tag(array("id" => "gPhotoId-{$item->id}", "class" => "gResize"))
+themes/default/views/photo.html.php                          36  DIRTY $theme->resize_bottom($item)
+themes/default/views/photo.html.php                          40  CLEAN $item->title
+themes/default/views/photo.html.php                          41  CLEAN $item->description
+themes/default/views/photo.html.php                          44  DIRTY $theme->photo_bottom()
+themes/default/views/sidebar.html.php                        2   DIRTY $theme->sidebar_top()
+themes/default/views/sidebar.html.php                        6   DIRTY $theme->album_menu()
+themes/default/views/sidebar.html.php                        8   DIRTY $theme->photo_menu()
+themes/default/views/sidebar.html.php                        13  DIRTY $theme->sidebar_blocks()
+themes/default/views/sidebar.html.php                        14  DIRTY $theme->sidebar_bottom()
-- 
cgit v1.2.3


From 9a6f18075a8e0ad070e54d5bf361a3f993915b02 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 01:14:28 -0700
Subject: Rename "text" to "title" for clarity.

---
 modules/rss/views/rss_block.html.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/modules/rss/views/rss_block.html.php b/modules/rss/views/rss_block.html.php
index 10106af9..f964329c 100644
--- a/modules/rss/views/rss_block.html.php
+++ b/modules/rss/views/rss_block.html.php
@@ -1,13 +1,13 @@
 <?php defined("SYSPATH") or die("No direct script access.") ?>
 <ul id="gFeeds">
-<? foreach($feeds as $text => $url): ?>
+<? foreach($feeds as $title => $url): ?>
   <li style="clear: both;">
     <span class="ui-icon-left">
     <a href="<?= $url ?>">
       <span class="ui-icon ui-icon-signal-diag"></span>
-      <?= $text ?>
+      <?= $title ?>
     </a>
     </span>
   </li>
 <? endforeach ?>
-</ul>
\ No newline at end of file
+</ul>
-- 
cgit v1.2.3


From 897ca2806d46134aa00167c5d9d9ab34eee65e37 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 01:22:48 -0700
Subject: Updated for renamed variable

---
 modules/gallery/tests/xss_data.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt
index 68bf2302..c79f859a 100644
--- a/modules/gallery/tests/xss_data.txt
+++ b/modules/gallery/tests/xss_data.txt
@@ -402,7 +402,7 @@ modules/rss/views/feed.mrss.php                              72  DIRTY $child->h
 modules/rss/views/feed.mrss.php                              73  DIRTY $child->width
 modules/rss/views/feed.mrss.php                              74  DIRTY $child->mime_type
 modules/rss/views/rss_block.html.php                         6   DIRTY $url
-modules/rss/views/rss_block.html.php                         8   DIRTY $text
+modules/rss/views/rss_block.html.php                         8   DIRTY $title
 modules/search/views/search.html.php                         11  CLEAN $q
 modules/search/views/search.html.php                         30  DIRTY $item_class
 modules/search/views/search.html.php                         31  DIRTY $item->id
-- 
cgit v1.2.3


From f9a741782da848c707ac0a122c35e86061a0fbb2 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 12:33:10 -0700
Subject: Switch to using html::specialchars() for cleaning.

---
 modules/gallery/helpers/p.php | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/modules/gallery/helpers/p.php b/modules/gallery/helpers/p.php
index 69032840..c3074c23 100644
--- a/modules/gallery/helpers/p.php
+++ b/modules/gallery/helpers/p.php
@@ -18,16 +18,7 @@
  * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
  */
 class p_Core {
-  static function attr($dirty_html) {
-    // return $dirty_html;
-    return htmlentities($dirty_html, ENT_QUOTES);
-    // return str_replace('"', '&quot;', $dirty_html);
-    // return str_replace('"', '&quot;', Purify::instance()->purify($dirty_html));
-  }
-
   function clean($dirty_html) {
-    // return $dirty_html;
-    return htmlentities($dirty_html, ENT_QUOTES);
-    // return Purify::instance()->purify($dirty_html);
+    return html::specialchars($dirty_html);
   }
 }
-- 
cgit v1.2.3


From 181c97ef4b29bb3c68a6c9b5d2f8165e8b44ba29 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 12:53:03 -0700
Subject: Relax the regex we use to extract the movie size so that it works
 with the new version of ffmpeg that I have on my dev box (ffmpeg
 0.5-svn17737+3:0.svn20090303-1)

---
 modules/gallery/helpers/movie.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/modules/gallery/helpers/movie.php b/modules/gallery/helpers/movie.php
index 15225fe7..3aa40dc9 100644
--- a/modules/gallery/helpers/movie.php
+++ b/modules/gallery/helpers/movie.php
@@ -118,8 +118,7 @@ class movie_Core {
 
     $cmd = escapeshellcmd($ffmpeg) . " -i " . escapeshellarg($filename) . " 2>&1";
     $result = `$cmd`;
-    if (preg_match("/Stream.*?Video:.*?(\d+)x(\d+).*\ +([0-9\.]+) (fps|tb).*/",
-                   $result, $regs)) {
+    if (preg_match("/Stream.*?Video:.*?(\d+)x(\d+)/", $result, $regs)) {
       list ($width, $height) = array($regs[1], $regs[2]);
     } else {
       list ($width, $height) = array(0, 0);
-- 
cgit v1.2.3


From 277c96c2f64e4bac4aaf729221564cdca1e12af2 Mon Sep 17 00:00:00 2001
From: jhilden <jakobhilden@gmail.com>
Date: Sun, 31 May 2009 18:25:43 -0400
Subject: user admin facelift

* added drag & drop help message for empty groups
* fixed overflow issue with more than ~10 members in one group
* CSS improvements
---
 modules/user/views/admin_users.html.php       |  2 +-
 modules/user/views/admin_users_group.html.php | 38 ++++++++++++++++-----------
 themes/admin_default/css/screen.css           | 36 ++++++++++++++++++++++---
 3 files changed, 56 insertions(+), 20 deletions(-)

diff --git a/modules/user/views/admin_users.html.php b/modules/user/views/admin_users.html.php
index 859f3c8e..a99c9506 100644
--- a/modules/user/views/admin_users.html.php
+++ b/modules/user/views/admin_users.html.php
@@ -118,7 +118,7 @@
   <div class="gBlockContent">
     <ul>
       <? foreach ($groups as $i => $group): ?>
-      <li id="group-<?= $group->id ?>" class="gGroup">
+      <li id="group-<?= $group->id ?>" class="gGroup <?= ($group->special ? "gDefaultGroup" : "") ?>" />
         <? $v = new View("admin_users_group.html"); $v->group = $group; ?>
         <?= $v ?>
       </li>
diff --git a/modules/user/views/admin_users_group.html.php b/modules/user/views/admin_users_group.html.php
index 820b3031..dfc8232f 100644
--- a/modules/user/views/admin_users_group.html.php
+++ b/modules/user/views/admin_users_group.html.php
@@ -1,28 +1,34 @@
 <?php defined("SYSPATH") or die("No direct script access.") ?>
-<strong><?= p::clean($group->name) ?></strong>
-<? if (!$group->special): ?>
-<a href="<?= url::site("admin/users/delete_group_form/$group->id") ?>"
-  title="<?= t("Delete %name", array("name" => p::clean($group->name))) ?>"
-  class="gDialogLink gButtonLink ui-state-default ui-corner-all">
-  <span class="ui-icon ui-icon-trash"><?= t("delete") ?></span></a>
-<? else: ?>
-<a title="<?= t("This group cannot be deleted") ?>"
-   class="gDialogLink gButtonLink ui-state-disabled ui-corner-all ui-icon-left">
-  <span class="ui-icon ui-icon-trash"><?= t("delete") ?></span></a>
-<? endif ?>
+<h4>
+  <?= p::clean($group->name) ?>
+  <? if (!$group->special): ?>
+  <a href="<?= url::site("admin/users/delete_group_form/$group->id") ?>"
+    title="<?= t("Delete the %name group", array("name" => p::clean($group->name))) ?>"
+    class="gDialogLink gButtonLink ui-state-default ui-corner-all">
+    <span class="ui-icon ui-icon-trash"><?= t("delete") ?></span></a>
+  <? else: ?>
+  <a title="<?= t("This default group cannot be deleted") ?>"
+     class="gDialogLink gButtonLink ui-state-disabled ui-corner-all ui-icon-left">
+    <span class="ui-icon ui-icon-trash"><?= t("delete") ?></span></a>
+  <? endif ?>
+</h4>
+
+<? if ($group->users->count() > 0): ?>
 <ul>
   <? foreach ($group->users as $i => $user): ?>
   <li class="gUser">
     <?= p::clean($user->name) ?>
     <? if (!$group->special): ?>
     <a href="javascript:remove_user(<?= $user->id ?>, <?= $group->id ?>)"
-       class="gButtonLink ui-state-default ui-corner-all ui-icon-left">
-      <span class="ui-icon ui-icon-closethick">
-        <?= t("Remove %user from %group",
-              array("user" => p::clean($user->name), "group" => p::clean($group->name))) ?>
-      </span>
+       class="gButtonLink ui-state-default ui-corner-all ui-icon-left"
+       title="<?= t("Remove %user from %group group",
+              array("user" => p::clean($user->name), "group" => p::clean($group->name))) ?>">
+      <span class="ui-icon ui-icon-closethick"><?= t("remove") ?></span>
     </a>
     <? endif ?>
   </li>
   <? endforeach ?>
 </ul>
+<? else: ?>
+<div><p>Drag &amp; drop users from the User Admin above into this group box to add group members.</p></div>
+<? endif ?>
diff --git a/themes/admin_default/css/screen.css b/themes/admin_default/css/screen.css
index 2d5f086c..38fcf089 100644
--- a/themes/admin_default/css/screen.css
+++ b/themes/admin_default/css/screen.css
@@ -192,6 +192,9 @@
 #gUserAdminList {
   margin-bottom: 1em;
 }
+#gUserAdminList td {
+  vertical-align: bottom;
+}
 
 #gUserAdminList .gDraggable:hover {
   border: 1px dashed black;
@@ -211,11 +214,38 @@ li.gGroup {
   float: left;
   display: block;
   width: 200px;
-  height: 200px;
   border: 1px solid gray;
-  padding: .5em;
-  margin-right: 0 1em 1em 0;
+  padding: 0;
+  margin: 0 1em 1em 0;
+}
+li.gGroup h4 {
+  background-color: #EEEEEE;
+  border-bottom: 1px dashed #CCCCCC;
+  padding: .5em 0 .5em .5em;
+}
+li.gGroup .gButtonLink {
+  padding: 0;
+}
+li.gGroup ul, li.gGroup div {
+  height: 180px;
+  margin: 1px;
   overflow: auto;
+  padding-top: .2em;
+}
+li.gGroup div p {
+  color: gray;
+  text-align: center;
+  padding: 2em .5em 0 .5em
+}
+li.gGroup .gUser {
+  padding: .2em 0 0 .5em;
+}
+li.gGroup .gUser .gButtonLink {
+  vertical-align: middle;
+}
+
+li.gDefaultGroup h4, li.gDefaultGroup .gUser {
+  color: gray;
 }
 
 #gAdminAdvancedSettings tr.setting:hover {
-- 
cgit v1.2.3


From 9322f51e23e450a2508b83eec06c890b70ca52a9 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 19:31:55 -0700
Subject: Localize a string

---
 modules/user/views/admin_users_group.html.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/modules/user/views/admin_users_group.html.php b/modules/user/views/admin_users_group.html.php
index dfc8232f..bfd79dba 100644
--- a/modules/user/views/admin_users_group.html.php
+++ b/modules/user/views/admin_users_group.html.php
@@ -30,5 +30,9 @@
   <? endforeach ?>
 </ul>
 <? else: ?>
-<div><p>Drag &amp; drop users from the User Admin above into this group box to add group members.</p></div>
+<div>
+  <p>
+    <?= t("Drag &amp; drop users from the User Admin above into this group box to add group members.") ?>
+  </p>
+</div>
 <? endif ?>
-- 
cgit v1.2.3


From 0ec3f1b830a5b183b9901ab19c934596516e4c69 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 19:32:13 -0700
Subject: Update for changes to admin_users_group.html.php

---
 modules/gallery/tests/xss_data.txt | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt
index c79f859a..4aaa520d 100644
--- a/modules/gallery/tests/xss_data.txt
+++ b/modules/gallery/tests/xss_data.txt
@@ -458,15 +458,16 @@ modules/user/views/admin_users.html.php                      83  DIRTY $user->la
 modules/user/views/admin_users.html.php                      86  DIRTY $user->id
 modules/user/views/admin_users.html.php                      91  DIRTY $user->id
 modules/user/views/admin_users.html.php                      121 DIRTY $group->id
+modules/user/views/admin_users.html.php                      121 DIRTY $group->special
 modules/user/views/admin_users.html.php                      123 DIRTY $v
-modules/user/views/admin_users_group.html.php                2   CLEAN $group->name
-modules/user/views/admin_users_group.html.php                4   DIRTY $group->id
-modules/user/views/admin_users_group.html.php                5   CLEAN $group->name
-modules/user/views/admin_users_group.html.php                16  CLEAN $user->name
-modules/user/views/admin_users_group.html.php                18  DIRTY $user->id
-modules/user/views/admin_users_group.html.php                18  DIRTY $group->id
-modules/user/views/admin_users_group.html.php                22  CLEAN $user->name
-modules/user/views/admin_users_group.html.php                22  CLEAN $group->name
+modules/user/views/admin_users_group.html.php                3   CLEAN $group->name
+modules/user/views/admin_users_group.html.php                5   DIRTY $group->id
+modules/user/views/admin_users_group.html.php                6   CLEAN $group->name
+modules/user/views/admin_users_group.html.php                20  CLEAN $user->name
+modules/user/views/admin_users_group.html.php                22  DIRTY $user->id
+modules/user/views/admin_users_group.html.php                22  DIRTY $group->id
+modules/user/views/admin_users_group.html.php                25  CLEAN $user->name
+modules/user/views/admin_users_group.html.php                25  CLEAN $group->name
 modules/user/views/login.html.php                            11  DIRTY $user->id
 modules/user/views/login.html.php                            14  CLEAN $user->full_name
 modules/user/views/login.html.php                            14  CLEAN $user->name
-- 
cgit v1.2.3


From 1f7cec2e754ad2eb933cf76cd59a88bf49853f49 Mon Sep 17 00:00:00 2001
From: bharat <bharat@coral.ithought.org>
Date: Mon, 1 Jun 2009 00:21:18 -0400
Subject: Change E_NONE -> 0 .. turns out E_NONE is a figment of my imagination
 according to http://us.php.net/manual/sl/function.error-reporting.php

---
 index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.php b/index.php
index a70053a8..3acbea74 100644
--- a/index.php
+++ b/index.php
@@ -27,7 +27,7 @@ version_compare(PHP_VERSION, '5.2.3', '<') and exit('Gallery requires PHP 5.2.3
 !ini_get('short_open_tag') and exit('Gallery requires short_open_tag to be on.');
 
 // Set the error reporting level.  Use E_ALL unless you have a special need.
-error_reporting(E_NONE);
+error_reporting(0);
 
 // Disabling display_errors will  effectively disable Kohana error display
 // and logging. You can turn off Kohana errors in application/config/config.php
-- 
cgit v1.2.3


From c96b81db6521c8d2b0f3601557011661b0a2d9b8 Mon Sep 17 00:00:00 2001
From: bharat <bharat@coral.ithought.org>
Date: Mon, 1 Jun 2009 00:22:21 -0400
Subject: Fix a warning

---
 installer/installer.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/installer/installer.php b/installer/installer.php
index ab2963ba..1a36ddb5 100644
--- a/installer/installer.php
+++ b/installer/installer.php
@@ -50,6 +50,7 @@ class installer {
 
   static function unpack_sql($config) {
     $prefix = $config["prefix"];
+    $buf = null;
     foreach (file(DOCROOT . "installer/install.sql") as $line) {
       $buf .= $line;
       if (preg_match("/;$/", $buf)) {
@@ -133,4 +134,4 @@ class installer {
   static function prepend_prefix($prefix, $sql) {
     return  preg_replace("#{([a-zA-Z0-9_]+)}#", "{$prefix}$1", $sql);
   }
-}
\ No newline at end of file
+}
-- 
cgit v1.2.3


From 8ebd941c81070b1454ff5e4ab97b4f3e14cbf345 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 21:48:43 -0700
Subject: Properly call user::login when we automatically login the admin user
 immediately after install.  Fixes ticket #323.

---
 modules/user/helpers/user.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php
index 5d70b8c9..9e9d4ca1 100644
--- a/modules/user/helpers/user.php
+++ b/modules/user/helpers/user.php
@@ -123,6 +123,7 @@ class user_Core {
     // upconvert into a user.
     if ($user === 2) {
       $user = model_cache::get("user", 2);
+      user::login($user);
       $session->set("user", $user);
     }
 
-- 
cgit v1.2.3


From 297fb737ac1e8b5a50a3220cb0841457b042ac92 Mon Sep 17 00:00:00 2001
From: bharat <bharat@coral.ithought.org>
Date: Mon, 1 Jun 2009 01:07:05 -0400
Subject: Convert %7E to ~ when proxying files to work around Firefox's
 overzealous security model.

---
 modules/gallery/controllers/file_proxy.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php
index 2037ad98..1901bd9f 100644
--- a/modules/gallery/controllers/file_proxy.php
+++ b/modules/gallery/controllers/file_proxy.php
@@ -32,9 +32,13 @@ class File_Proxy_Controller extends Controller {
     $request_uri = $this->input->server("REQUEST_URI");
     $request_uri = preg_replace("/\?.*/", "", $request_uri);
 
+    // Firefox converts ~ to %7E breaking our url comparison, below.  Convert that back here.
+    $request_uri = str_replace("%7E", "~", $request_uri);
+
     // var_uri: http://example.com/gallery3/var/
     $var_uri = url::file("var/");
 
+
     // Make sure that the request is for a file inside var
     $offset = strpos($request_uri, $var_uri);
     if ($offset === false) {
-- 
cgit v1.2.3


From 54ae9fac88512f1bac05a5952fca9ade2eab0898 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 22:12:14 -0700
Subject: Remove extra blank line

---
 modules/gallery/controllers/file_proxy.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php
index 1901bd9f..dfdb4f34 100644
--- a/modules/gallery/controllers/file_proxy.php
+++ b/modules/gallery/controllers/file_proxy.php
@@ -38,7 +38,6 @@ class File_Proxy_Controller extends Controller {
     // var_uri: http://example.com/gallery3/var/
     $var_uri = url::file("var/");
 
-
     // Make sure that the request is for a file inside var
     $offset = strpos($request_uri, $var_uri);
     if ($offset === false) {
-- 
cgit v1.2.3


From 33df7de391eebdab2cb09ca97207cb81f4274cd1 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 22:25:53 -0700
Subject: Accidentally broke the AllowOverride info url in the migration from
 core -> modules/gallery.  Fixed, and incidentally make the link appear in a
 new tab/window.

---
 modules/gallery/views/permissions_browse.html.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/gallery/views/permissions_browse.html.php b/modules/gallery/views/permissions_browse.html.php
index 5cd9cf82..8bb2e830 100644
--- a/modules/gallery/views/permissions_browse.html.php
+++ b/modules/gallery/views/permissions_browse.html.php
@@ -27,7 +27,7 @@
   <? if (!$htaccess_works): ?>
   <ul id="gMessage">
     <li class="gError">
-      <?= t("Oh no!  Your server needs a configuration change in order for you to hide photos!  Ask your server administrator to set <a href=\"%url\"><i>AllowOverride FileInfo Options</i></a> to fix this.", array("url" => "http://httpd.apache.org/docs/2.0/mod/gallery.html#allowoverride")) ?>
+      <?= t("Oh no!  Your server needs a configuration change in order for you to hide photos!  Ask your server administrator to set <a %attrs><i>AllowOverride FileInfo Options</i></a> to fix this.", array("attrs" => "href=\"http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride\" target=\"_blank\"")) ?>
     </li>
   </ul>
   <? endif ?>
-- 
cgit v1.2.3


From 9a7e642cd6cc3d250d9d413c3ce0414e92e9d769 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 22:30:48 -0700
Subject: Don't let relative_path() try to update the database if the
 Item_Model is not loaded, else you get weird errors.

---
 modules/gallery/models/item.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php
index 4b8cac8e..9406f5d9 100644
--- a/modules/gallery/models/item.php
+++ b/modules/gallery/models/item.php
@@ -287,6 +287,10 @@ class Item_Model extends ORM_MPTT {
    * @return string
    */
   public function relative_path() {
+    if (!$this->loaded) {
+      return;
+    }
+
     if (!isset($this->relative_path_cache)) {
       $paths = array();
       foreach (Database::instance()
-- 
cgit v1.2.3


From 79a05adb9d941671cefbdf6b1cc97f0cd84fabf3 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 22:33:28 -0700
Subject: Clear the site status message on deactivate, not on uninstall.

---
 modules/recaptcha/helpers/recaptcha_installer.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/recaptcha/helpers/recaptcha_installer.php b/modules/recaptcha/helpers/recaptcha_installer.php
index 6269c632..f74bf558 100644
--- a/modules/recaptcha/helpers/recaptcha_installer.php
+++ b/modules/recaptcha/helpers/recaptcha_installer.php
@@ -29,7 +29,7 @@ class recaptcha_installer {
     recaptcha::check_config();
   }
 
-  static function uninstall() {
+  static function deactivate() {
     site_status::clear("recaptcha_config");
   }
 }
-- 
cgit v1.2.3