From bb844c1139c84090b446e50234f64063365affc3 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 8 Jun 2009 08:48:42 +0800 Subject: Improve error handling support for corrupt images and report them appropriately in g2_import. Signed-off-by: Tim Almdal --- modules/g2_import/helpers/g2_import.php | 38 ++++++++++++++++++++++----------- modules/gallery/helpers/graphics.php | 7 +++--- modules/gallery/helpers/photo.php | 4 ++++ 3 files changed, 32 insertions(+), 17 deletions(-) diff --git a/modules/g2_import/helpers/g2_import.php b/modules/g2_import/helpers/g2_import.php index 51dc8705..a6c21489 100644 --- a/modules/g2_import/helpers/g2_import.php +++ b/modules/g2_import/helpers/g2_import.php @@ -407,13 +407,19 @@ class g2_import_Core { Kohana::log("alert", "$g2_path unsupported image type; using a placeholder gif"); $corrupt = 1; } - $item = photo::create( - $parent, - $g2_path, - $g2_item->getPathComponent(), - $g2_item->getTitle(), - self::extract_description($g2_item), - self::map($g2_item->getOwnerId())); + try { + $item = photo::create( + $parent, + $g2_path, + $g2_item->getPathComponent(), + $g2_item->getTitle(), + self::extract_description($g2_item), + self::map($g2_item->getOwnerId())); + } catch (Exception $e) { + Kohana::log("alert", "Corrupt image $g2_path\n" . + $e->getMessage() . "\n" . $e->getTraceAsString()); + $corrupt = 1; + } break; case "GalleryMovieItem": @@ -449,12 +455,18 @@ class g2_import_Core { // Why oh why did I ever approve the session id placeholder idea in G2? $g2_item_url = str_replace('&g2_GALLERYSID=TMP_SESSION_ID_DI_NOISSES_PMT', '', $g2_item_url); - $warning = - t("%title from Gallery 2 could not be processed; " . - "(imported as %title)", - array("g2_url" => $g2_item_url, - "g3_url" => $item->url(), - "title" => $g2_item->getTitle())); + if (!empty($item)) { + $warning = + t("%title from Gallery 2 could not be processed; " . + "(imported as %title)", + array("g2_url" => $g2_item_url, + "g3_url" => $item->url(), + "title" => $g2_item->getTitle())); + } else { + $warning = + t("%title from Gallery 2 could not be processed", + array("g2_url" => $g2_item_url, "title" => $g2_item->getTitle())); + } message::warning($warning); log::warning("g2_import", $warning); Kohana::log("alert", $warning); diff --git a/modules/gallery/helpers/graphics.php b/modules/gallery/helpers/graphics.php index 4846fa8a..25eb0891 100644 --- a/modules/gallery/helpers/graphics.php +++ b/modules/gallery/helpers/graphics.php @@ -166,12 +166,11 @@ class graphics_Core { $item->resize_dirty = 0; } $item->save(); - } catch (Kohana_Exception $e) { + } catch (Exception $e) { // Something went wrong rebuilding the image. Leave it dirty and move on. // @todo we should handle this better. Kohana::log("error", "Caught exception rebuilding image: {$item->title}\n" . - $e->getMessage() . "\n" . - $e->getTraceAsString()); + $e->getMessage() . "\n" . $e->getTraceAsString()); return false; } @@ -192,7 +191,7 @@ class graphics_Core { } if (filesize($input_file) == 0) { - throw new Exception("@todo MALFORMED_INPUT_FILE"); + throw new Exception("@todo EMPTY_INPUT_FILE"); } $dims = getimagesize($input_file); diff --git a/modules/gallery/helpers/photo.php b/modules/gallery/helpers/photo.php index c1c005f5..a4bc853b 100644 --- a/modules/gallery/helpers/photo.php +++ b/modules/gallery/helpers/photo.php @@ -53,6 +53,10 @@ class photo_Core { throw new Exception("@todo NAME_CANNOT_END_IN_PERIOD"); } + if (filesize($filename) == 0) { + throw new Exception("@todo EMPTY_INPUT_FILE"); + } + $image_info = getimagesize($filename); // Force an extension onto the name -- cgit v1.2.3 From 56f00333cdaa7f7716f35398a7a7a8082248d9be Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 9 Jun 2009 12:31:50 +0800 Subject: Fix the admin/themes url. Signed-off-by: Tim Almdal --- modules/gallery/views/admin_block_welcome.html.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/gallery/views/admin_block_welcome.html.php b/modules/gallery/views/admin_block_welcome.html.php index 488fa908..a453b006 100644 --- a/modules/gallery/views/admin_block_welcome.html.php +++ b/modules/gallery/views/admin_block_welcome.html.php @@ -10,7 +10,7 @@
  • choose a theme, or customize the way it looks.", - array("theme_url" => url::site("admin/theme"), + array("theme_url" => url::site("admin/themes"), "theme_details_url" => url::site("admin/theme_details"))) ?>
  • -- cgit v1.2.3 From cb7e375f6cc639b72c7e7ee43b2e2b9bab815697 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 9 Jun 2009 14:02:16 +0800 Subject: Try again to properly detect the base url, taking into account the sites that mangle SCRIPT_NAME Signed-off-by: Tim Almdal --- application/config/config.php | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/application/config/config.php b/application/config/config.php index d274a31b..2d66d1c0 100644 --- a/application/config/config.php +++ b/application/config/config.php @@ -22,9 +22,25 @@ * Base path of the web site. If this includes a domain, eg: localhost/kohana/ * then a full URL will be used, eg: http://localhost/kohana/. If it only includes * the path, and a site_protocol is specified, the domain will be auto-detected. + * + * Here we do our best to autodetect the base path to Gallery. If your url is something like: + * http://example.com/gallery3/index.php/album73/photo5.jpg?param=value + * + * We want the site_domain to be: + * /gallery3 + * + * In the above example, $_SERVER["SCRIPT_NAME"] contains "/gallery3/index.php" so + * dirname($_SERVER["SCRIPT_NAME"]) is what we need. Except some low end hosts (namely 1and1.com) + * break SCRIPT_NAME and it contains the extra path info, so in the above example it'd be: + * /gallery3/index.php/album73/photo5.jpg + * + * So dirname doesn't work. So we do a tricky workaround where we look up the SCRIPT_FILENAME (in + * this case it'd be "index.php" and we delete from that part onwards. If you work at 1and1 and + * you're reading this, please fix this bug! */ -$config["site_domain"] = dirname( - empty($_SERVER["ORIG_SCRIPT_NAME"]) ? $_SERVER["SCRIPT_NAME"] : $_SERVER["ORIG_SCRIPT_NAME"]); +$config["site_domain"] = + substr($_SERVER["SCRIPT_NAME"], 0, + strpos($_SERVER["SCRIPT_NAME"], basename($_SERVER["SCRIPT_FILENAME"]))); /** * Force a default protocol to be used by the site. If no site_protocol is -- cgit v1.2.3 From 1fc79046568a5fe0c75c520ae643d0c7279ad64b Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 9 Jun 2009 06:35:35 -0700 Subject: Create a new method in MY_url.php "get_item_from_uri" which loads the item based on the uri. Then use this helper method in logout.php to insure that the guest user has access to the "continue" uri. If they don't redirect to the root album and let it deal with access issues. --- modules/gallery/helpers/MY_url.php | 21 ++++++++++++++------- modules/user/controllers/logout.php | 7 ++++++- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/modules/gallery/helpers/MY_url.php b/modules/gallery/helpers/MY_url.php index c8645c4d..e9a5f860 100644 --- a/modules/gallery/helpers/MY_url.php +++ b/modules/gallery/helpers/MY_url.php @@ -46,7 +46,19 @@ class url extends url_Core { return; } - $current_uri = html_entity_decode(Router::$current_uri, ENT_QUOTES); + $item = self:: get_item_from_uri(Router::$current_uri); + if ($item && $item->loaded) { + Router::$controller = "{$item->type}s"; + Router::$controller_path = MODPATH . "gallery/controllers/{$item->type}s.php"; + Router::$method = $item->id; + } + } + + /** + * Return the item that the uri is referencing + */ + static function get_item_from_uri($uri) { + $current_uri = html_entity_decode($uri); $item = ORM::factory("item")->where("relative_path_cache", $current_uri)->find(); if (!$item->loaded) { // It's possible that the relative path cache for the item we're looking for is out of date, @@ -61,12 +73,7 @@ class url extends url_Core { } } } - - if ($item && $item->loaded) { - Router::$controller = "{$item->type}s"; - Router::$controller_path = MODPATH . "gallery/controllers/{$item->type}s.php"; - Router::$method = $item->id; - } + return $item; } /** diff --git a/modules/user/controllers/logout.php b/modules/user/controllers/logout.php index 6ceb7192..a541ed9b 100644 --- a/modules/user/controllers/logout.php +++ b/modules/user/controllers/logout.php @@ -26,7 +26,12 @@ class Logout_Controller extends Controller { log::info("user", t("User %name logged out", array("name" => $user->name)), html::anchor("user/$user->id", $user->name)); if ($this->input->get("continue")) { - url::redirect($this->input->get("continue")); + $item = url::get_item_from_uri($this->input->get("continue")); + if (access::can("view", $item)) { + url::redirect($this->input->get("continue")); + } else { + url::redirect(""); + } } } } \ No newline at end of file -- cgit v1.2.3 From 2f2fdb1a8f8c55022ed3b5a7157b803a38c291d3 Mon Sep 17 00:00:00 2001 From: Chad Kieffer Date: Tue, 9 Jun 2009 14:25:49 +0800 Subject: Show status message when album cover is set (#257) Signed-off-by: Tim Almdal --- modules/gallery/controllers/quick.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php index 6efcb9de..d6f5213f 100644 --- a/modules/gallery/controllers/quick.php +++ b/modules/gallery/controllers/quick.php @@ -87,9 +87,12 @@ class Quick_Controller extends Controller { access::required("view", $item->parent()); access::required("edit", $item->parent()); + $msg = t("Made %title this album's cover", array("title" => $item->title)); + item::make_album_cover($item); + message::success($msg); - print json_encode(array("result" => "success")); + print json_encode(array("result" => "success", "reload" => 1)); } public function delete($id) { -- cgit v1.2.3 From 01042b6d8528a396df1cfa145a43ca589f51ec7c Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 9 Jun 2009 06:44:08 -0700 Subject: Removed extra whitespace --- modules/gallery/helpers/MY_url.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/gallery/helpers/MY_url.php b/modules/gallery/helpers/MY_url.php index e9a5f860..7bee70ca 100644 --- a/modules/gallery/helpers/MY_url.php +++ b/modules/gallery/helpers/MY_url.php @@ -46,7 +46,7 @@ class url extends url_Core { return; } - $item = self:: get_item_from_uri(Router::$current_uri); + $item = self::get_item_from_uri(Router::$current_uri); if ($item && $item->loaded) { Router::$controller = "{$item->type}s"; Router::$controller_path = MODPATH . "gallery/controllers/{$item->type}s.php"; -- cgit v1.2.3 From b84ef45eb13f218c63cd904386db6bb737ef8bee Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 9 Jun 2009 07:18:41 -0700 Subject: Rather than just displaying the "unformatted" login screen when the root album is not viewable by a guest, display the root album as if it was empty. When the page finishes loading force the login dialog to be displayed. --- modules/gallery/controllers/albums.php | 12 ++++++++++-- themes/default/views/page.html.php | 7 +++++++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index efde4f09..0fd89f05 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -23,16 +23,24 @@ class Albums_Controller extends Items_Controller { * @see REST_Controller::_show($resource) */ public function _show($album) { + $page_size = module::get_var("gallery", "page_size", 9); if (!access::can("view", $album)) { if ($album->id == 1) { - print new Theme_View("login_page.html", "album"); + $template = new Theme_View("page.html", "album"); + $template->set_global("page_size", $page_size); + $template->set_global("item", $album); + $template->set_global("children", array()); + $template->set_global("children_count", 0); + $template->set_global("parents", $album->parents()); + $template->unauthorized = true; + $template->content = new View("album.html"); + print $template; return; } else { access::forbidden(); } } - $page_size = module::get_var("gallery", "page_size", 9); $show = $this->input->get("show"); if ($show) { diff --git a/themes/default/views/page.html.php b/themes/default/views/page.html.php index 6c77fb72..a17b643d 100644 --- a/themes/default/views/page.html.php +++ b/themes/default/views/page.html.php @@ -52,6 +52,13 @@ head() ?> + + + main_element_attributes() ?>> -- cgit v1.2.3 From 08d8d320466f676e74a7c04a2fe874fd3a568429 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 9 Jun 2009 16:18:47 -0700 Subject: Changed how directories are processed when the parent directory is selected and the branch was never opened on the client. This should fix some of the issues with the server_add as I was able to select the staging directory and then add over 400 images in a multi-tier structure. --- modules/server_add/controllers/server_add.php | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/modules/server_add/controllers/server_add.php b/modules/server_add/controllers/server_add.php index 2c6eb5e0..c92b4f7e 100644 --- a/modules/server_add/controllers/server_add.php +++ b/modules/server_add/controllers/server_add.php @@ -87,17 +87,20 @@ class Server_Add_Controller extends Controller { foreach (array_keys($paths) as $valid_path) { $path_length = strlen($valid_path); foreach ($input_files as $key => $path) { - if (!empty($path) && $valid_path != $path && strpos($path, $valid_path) === 0) { - $relative_path = substr(dirname($path), $path_length); - $name = basename($path); - $files[$valid_path][] = array("path" => $relative_path, - "parent_id" => $id, "name" => basename($path), + if (!empty($path)) { + if ($valid_path != $path && strpos($path, $valid_path) === 0) { + $relative_path = substr(dirname($path), $path_length); + $name = basename($path); + $files[$valid_path][] = array("path" => $relative_path, + "parent_id" => $id, "name" => basename($path), "type" => is_dir($path) ? "album" : "file"); - $total_count++; + $total_count++; + } if ($collapsed[$key] === "true") { $total_count += $this->_select_children($id, $valid_path, $path, $files[$valid_path]); } unset($input_files[$key]); + unset($collapsed[$key]); } } } -- cgit v1.2.3 From e7a3b6fa55d4eda9140b122bc50681b979229da3 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 9 Jun 2009 17:17:27 -0700 Subject: Created not_authorized.html.php which is a prettier login screen if the root album is not publicly browsable. --- modules/gallery/controllers/albums.php | 10 ++-------- themes/default/views/page.html.php | 7 ------- 2 files changed, 2 insertions(+), 15 deletions(-) diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 0fd89f05..9b837442 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -26,14 +26,8 @@ class Albums_Controller extends Items_Controller { $page_size = module::get_var("gallery", "page_size", 9); if (!access::can("view", $album)) { if ($album->id == 1) { - $template = new Theme_View("page.html", "album"); - $template->set_global("page_size", $page_size); - $template->set_global("item", $album); - $template->set_global("children", array()); - $template->set_global("children_count", 0); - $template->set_global("parents", $album->parents()); - $template->unauthorized = true; - $template->content = new View("album.html"); + $template = new Theme_View("not_authorized.html", "album"); + $template->content = new View("login_page.html"); print $template; return; } else { diff --git a/themes/default/views/page.html.php b/themes/default/views/page.html.php index a17b643d..6c77fb72 100644 --- a/themes/default/views/page.html.php +++ b/themes/default/views/page.html.php @@ -52,13 +52,6 @@ head() ?> - - - main_element_attributes() ?>> -- cgit v1.2.3 From cf86a7b8df9571eef7b507f174ee3f714776d14d Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 9 Jun 2009 17:22:35 -0700 Subject: Forgot this on the last commit --- themes/default/views/not_authorized.html.php | 69 ++++++++++++++++++++++++++++ 1 file changed, 69 insertions(+) create mode 100644 themes/default/views/not_authorized.html.php diff --git a/themes/default/views/not_authorized.html.php b/themes/default/views/not_authorized.html.php new file mode 100644 index 00000000..d009a4ac --- /dev/null +++ b/themes/default/views/not_authorized.html.php @@ -0,0 +1,69 @@ + + + + + + + <? if (empty($page_title)): ?> + <?= t("Gallery3 Login") ?> + <? if (!empty($item)): ?> + :: <?= p::clean($item->title) ?> + <? endif ?> + <? else: ?> + <?= $page_title ?> + <? endif ?> + <?= $theme->page_type ?> + + " type="image/x-icon" /> + " + media="screen,print,projection" /> + " + media="screen" /> + " + media="screen,print,projection" /> + " + media="screen,print,projection" /> + + + + + + + + + + + + head() ?> + + + main_element_attributes() ?>> + page_top() ?> +
    + site_status() ?> +
    + display("header.html") ?> +
    +
    +
    +
    +
    + messages() ?> + +
    +
    +
    +
    +
    +
    +
    + display("footer.html") ?> +
    +
    + page_bottom() ?> + + -- cgit v1.2.3 From 7e61bcbbecefb6b12343a8c6d3f700d282a3528b Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 9 Jun 2009 17:38:21 -0700 Subject: Add some window dressing to login_page.html in order to make it more in line with the overall look of the Gallery3 theme --- modules/gallery/controllers/albums.php | 4 +- themes/default/views/login_page.html.php | 48 ++++++++++++++++++- themes/default/views/not_authorized.html.php | 69 ---------------------------- 3 files changed, 47 insertions(+), 74 deletions(-) delete mode 100644 themes/default/views/not_authorized.html.php diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 9b837442..f37609e6 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -26,9 +26,7 @@ class Albums_Controller extends Items_Controller { $page_size = module::get_var("gallery", "page_size", 9); if (!access::can("view", $album)) { if ($album->id == 1) { - $template = new Theme_View("not_authorized.html", "album"); - $template->content = new View("login_page.html"); - print $template; + print new Theme_View("login_page.html"); return; } else { access::forbidden(); diff --git a/themes/default/views/login_page.html.php b/themes/default/views/login_page.html.php index 27f8571e..c4880727 100644 --- a/themes/default/views/login_page.html.php +++ b/themes/default/views/login_page.html.php @@ -7,11 +7,55 @@ <?= t("Please Login to Gallery") ?> + " type="image/x-icon" /> + " + media="screen,print,projection" /> + " + media="screen" /> + " + media="screen,print,projection" /> " media="screen,print,projection" /> + + + + + + + + + + + + head() ?> - - + main_element_attributes() ?>> + page_top() ?> +
    + site_status() ?> +
    + display("header.html") ?> +
    +
    +
    +
    +
    + messages() ?> + +
    +
    +
    +
    +
    +
    +
    + display("footer.html") ?> +
    +
    + page_bottom() ?> diff --git a/themes/default/views/not_authorized.html.php b/themes/default/views/not_authorized.html.php deleted file mode 100644 index d009a4ac..00000000 --- a/themes/default/views/not_authorized.html.php +++ /dev/null @@ -1,69 +0,0 @@ - - - - - - - <? if (empty($page_title)): ?> - <?= t("Gallery3 Login") ?> - <? if (!empty($item)): ?> - :: <?= p::clean($item->title) ?> - <? endif ?> - <? else: ?> - <?= $page_title ?> - <? endif ?> - <?= $theme->page_type ?> - - " type="image/x-icon" /> - " - media="screen,print,projection" /> - " - media="screen" /> - " - media="screen,print,projection" /> - " - media="screen,print,projection" /> - - - - - - - - - - - - head() ?> - - - main_element_attributes() ?>> - page_top() ?> -
    - site_status() ?> -
    - display("header.html") ?> -
    -
    -
    -
    -
    - messages() ?> - -
    -
    -
    -
    -
    -
    -
    - display("footer.html") ?> -
    -
    - page_bottom() ?> - - -- cgit v1.2.3 From 89b6570eccf4d7aa12c730c8115517a5e24fc890 Mon Sep 17 00:00:00 2001 From: Chad Kieffer Date: Tue, 9 Jun 2009 21:33:16 -0600 Subject: Update floats after .rtl addition. Both should work now. --- themes/default/css/screen.css | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/themes/default/css/screen.css b/themes/default/css/screen.css index f306f287..03c13cc1 100644 --- a/themes/default/css/screen.css +++ b/themes/default/css/screen.css @@ -92,11 +92,11 @@ a:hover, margin: .3em 1em; } -.rtl #gDialog .gCancel { +#gForgotPasswordLink, .rtl #gDialog .gCancel { float: right; } -.rtl #gForgotPasswordLink { +#gDialog .gCancel, .rtl #gForgotPasswordLink { float: left; } -- cgit v1.2.3 From 0157ed4cfe19e7a1721cbf3bf0b09db47795371f Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Wed, 10 Jun 2009 00:53:16 -0700 Subject: Update test code to match the change made in 47810c9aec1e6b190a1a90505899669a2c89b770 where we adjust the site_domain in config.php --- modules/gallery_unit_test/controllers/gallery_unit_test.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/modules/gallery_unit_test/controllers/gallery_unit_test.php b/modules/gallery_unit_test/controllers/gallery_unit_test.php index 56220a19..8f3353dc 100644 --- a/modules/gallery_unit_test/controllers/gallery_unit_test.php +++ b/modules/gallery_unit_test/controllers/gallery_unit_test.php @@ -23,6 +23,13 @@ class Gallery_Unit_Test_Controller extends Controller { print Kohana::show_404(); } + // Jump through some hoops to satisfy the way that we check for the site_domain in + // config.php. We structure this such that the code in config will leave us with a + // site_domain of "." (for historical reasons) + // @todo: for tests, we should force the site_domain to something like example.com + $_SERVER["SCRIPT_FILENAME"] = "index.php"; + $_SERVER["SCRIPT_NAME"] = "./index.php"; + $original_config = DOCROOT . "var/database.php"; $test_config = VARPATH . "database.php"; if (!file_exists($original_config)) { -- cgit v1.2.3 From f9d492ba2d7a1d521ba4ba228543682e6a1d2b7f Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Wed, 10 Jun 2009 01:05:13 -0700 Subject: Create 3 separate CLI targets: test / package / upgrade Convert single to double quotes Get rid of strtr() + DIRECTORY_SEPARATOR crap. --- index.php | 59 ++++++++++++++++++++++++++++++++++------------------------- 1 file changed, 34 insertions(+), 25 deletions(-) diff --git a/index.php b/index.php index f5b24ee7..1aff88f7 100644 --- a/index.php +++ b/index.php @@ -18,55 +18,64 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ // Set this to true to disable demo/debugging controllers -define('IN_PRODUCTION', true); +define("IN_PRODUCTION", true); // Gallery requires PHP 5.2+ -version_compare(PHP_VERSION, '5.2.3', '<') and exit('Gallery requires PHP 5.2.3 or newer.'); +version_compare(PHP_VERSION, "5.2.3", "<") and exit("Gallery requires PHP 5.2.3 or newer."); // Gallery requires short_tags to be on -!ini_get('short_open_tag') and exit('Gallery requires short_open_tag to be on.'); +!ini_get("short_open_tag") and exit("Gallery requires short_open_tag to be on."); // Set the error reporting level. Use E_ALL unless you have a special need. error_reporting(0); // Disabling display_errors will effectively disable Kohana error display // and logging. You can turn off Kohana errors in application/config/config.php -ini_set('display_errors', false); +ini_set("display_errors", false); -define('EXT', '.php'); -define('DOCROOT', strtr(getcwd() . '/', DIRECTORY_SEPARATOR, '/')); -define('KOHANA', 'index.php'); +define("EXT", ".php"); +define("DOCROOT", getcwd() . "/"); +define("KOHANA", "index.php"); // If the front controller is a symlink, change to the real docroot is_link(basename(__FILE__)) and chdir(dirname(realpath(__FILE__))); // Define application and system paths -define('APPPATH', strtr(realpath('application') . '/', DIRECTORY_SEPARATOR, '/')); -define('MODPATH', strtr(realpath('modules') . '/', DIRECTORY_SEPARATOR, '/')); -define('THEMEPATH', strtr(realpath('themes') . '/', DIRECTORY_SEPARATOR, '/')); -define('SYSPATH', strtr(realpath('system') . '/', DIRECTORY_SEPARATOR, '/')); +define("APPPATH", realpath("application") . "/"); +define("MODPATH", realpath("modules") . "/"); +define("THEMEPATH", realpath("themes") . "/"); +define("SYSPATH", realpath("system") . "/"); -// Force a test run if we're in command line mode. -if (PHP_SAPI == 'cli') { - if ($_SERVER['argv'][1] != "package") { - array_splice($_SERVER['argv'], 1, 0, 'gallery_unit_test'); - define('TEST_MODE', 1); - @mkdir('test/var/logs', 0777, true); - define('VARPATH', strtr(realpath('test/var') . '/', DIRECTORY_SEPARATOR, '/')); +// Force a test run if we"re in command line mode. +if (PHP_SAPI == "cli") { + switch ($_SERVER["argv"][1]) { + case "upgrade": + array_splice($_SERVER["argv"], 1, 1, "upgrader/upgrade"); + define("TEST_MODE", 0); + define("VARPATH", realpath("var") . "/"); + break; + + case "package": + define("TEST_MODE", 0); + define("VARPATH", realpath("var") . "/"); + break; + + case "test": + array_splice($_SERVER["argv"], 1, 1, "gallery_unit_test"); + define("TEST_MODE", 1); + @mkdir("test/var/logs", 0777, true); + define("VARPATH", realpath("test/var") . "/"); @copy("var/database.php", VARPATH . "database.php"); - } else { - define('TEST_MODE', 0); - define('VARPATH', strtr(realpath('var') . '/', DIRECTORY_SEPARATOR, '/')); } } else { - define('TEST_MODE', 0); - define('VARPATH', strtr(realpath('var') . '/', DIRECTORY_SEPARATOR, '/')); + define("TEST_MODE", 0); + define("VARPATH", realpath("var") . "/"); } -define('TMPPATH', VARPATH . '/tmp/'); +define("TMPPATH", VARPATH . "/tmp/"); if (file_exists("local.php")) { include("local.php"); } // Initialize. -require SYSPATH . 'core/Bootstrap' . EXT; +require SYSPATH . "core/Bootstrap" . EXT; -- cgit v1.2.3 From f20bf46868485ba17308fe8e03edcb79077f7e10 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Wed, 10 Jun 2009 01:21:57 -0700 Subject: Consider the CLI sapi the equivalent of an admin --- modules/gallery/views/kohana_error_page.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/gallery/views/kohana_error_page.php b/modules/gallery/views/kohana_error_page.php index d9bf9698..6bf48549 100644 --- a/modules/gallery/views/kohana_error_page.php +++ b/modules/gallery/views/kohana_error_page.php @@ -59,7 +59,7 @@ - admin ?> + admin ?>

    -- cgit v1.2.3 From 73de6eedd9100bf88eed4c8d638f118485869cd3 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Wed, 10 Jun 2009 01:23:18 -0700 Subject: Rename package -> packager (it's a noun which has verbs on it). Force a HTTP_HOST so that url::base() works. --- modules/gallery/controllers/package.php | 169 ------------------------------ modules/gallery/controllers/packager.php | 171 +++++++++++++++++++++++++++++++ 2 files changed, 171 insertions(+), 169 deletions(-) delete mode 100644 modules/gallery/controllers/package.php create mode 100644 modules/gallery/controllers/packager.php diff --git a/modules/gallery/controllers/package.php b/modules/gallery/controllers/package.php deleted file mode 100644 index f5146fc8..00000000 --- a/modules/gallery/controllers/package.php +++ /dev/null @@ -1,169 +0,0 @@ -_reset(); // empty and reinstall the standard modules - $this->_dump_database(); // Dump the database - $this->_dump_var(); // Dump the var directory - } catch (Exception $e) { - print $e->getTraceAsString(); - return; - } - - print "Successfully wrote install.sql and init_var.php\n"; - } - - private function _reset() { - $db = Database::instance(); - - // Drop all tables - foreach ($db->list_tables() as $table) { - $db->query("DROP TABLE IF EXISTS `$table`"); - } - - // Clean out data - dir::unlink(VARPATH . "uploads"); - dir::unlink(VARPATH . "albums"); - dir::unlink(VARPATH . "resizes"); - dir::unlink(VARPATH . "thumbs"); - dir::unlink(VARPATH . "modules"); - dir::unlink(VARPATH . "tmp"); - - $db->clear_cache(); - module::$modules = array(); - module::$active = array(); - - // Use a known random seed so that subsequent packaging runs will reuse the same random - // numbers, keeping our install.sql file more stable. - srand(0); - - gallery_installer::install(true); - module::load_modules(); - - foreach (array("user", "comment", "organize", "info", "rss", - "search", "slideshow", "tag") as $module_name) { - module::install($module_name); - module::activate($module_name); - } - } - - private function _dump_database() { - // We now have a clean install with just the packages that we want. Make sure that the - // database is clean too. - $i = 1; - foreach (array("blocks_dashboard_sidebar", "blocks_dashboard_center") as $key) { - $blocks = array(); - foreach (unserialize(module::get_var("gallery", $key)) as $rnd => $value) { - $blocks[++$i] = $value; - } - module::set_var("gallery", $key, serialize($blocks)); - } - - $db = Database::instance(); - $db->query("TRUNCATE {sessions}"); - $db->query("TRUNCATE {logs}"); - $db->query("DELETE FROM {vars} WHERE `module_name` = 'core' AND `name` = '_cache'"); - $db->update("users", array("password" => ""), array("id" => 1)); - $db->update("users", array("password" => ""), array("id" => 2)); - - $dbconfig = Kohana::config('database.default'); - $conn = $dbconfig["connection"]; - $pass = $conn["pass"] ? "-p{$conn['pass']}" : ""; - $sql_file = DOCROOT . "installer/install.sql"; - if (!is_writable($sql_file)) { - print "$sql_file is not writeable"; - return; - } - $command = "mysqldump --compact --add-drop-table -h{$conn['host']} " . - "-u{$conn['user']} $pass {$conn['database']} > $sql_file"; - exec($command, $output, $status); - if ($status) { - print "
    ";
-      print "$command\n";
-      print "Failed to dump database\n";
-      print implode("\n", $output);
-      return;
-    }
-
-    // Post-process the sql file
-    $buf = "";
-    $root = ORM::factory("item", 1);
-    $root_created_timestamp = $root->created;
-    $root_updated_timestamp = $root->updated;
-    foreach (file($sql_file) as $line) {
-      // Prefix tables
-      $line = preg_replace(
-        "/(CREATE TABLE|IF EXISTS|INSERT INTO) `{$dbconfig['table_prefix']}(\w+)`/", "\\1 {\\2}",
-        $line);
-
-      // Normalize dates
-      $line = preg_replace("/,$root_created_timestamp,/", ",UNIX_TIMESTAMP(),", $line);
-      $line = preg_replace("/,$root_updated_timestamp,/", ",UNIX_TIMESTAMP(),", $line);
-      $buf .= $line;
-    }
-    $fd = fopen($sql_file, "wb");
-    fwrite($fd, $buf);
-    fclose($fd);
-  }
-
-  private function _dump_var() {
-    $objects = new RecursiveIteratorIterator(
-      new RecursiveDirectoryIterator(VARPATH),
-      RecursiveIteratorIterator::SELF_FIRST);
-
-    $var_file = DOCROOT . "installer/init_var.php";
-    if (!is_writable($var_file)) {
-      print "$var_file is not writeable";
-      return;
-    }
-
-    $paths = array();
-    foreach($objects as $name => $file){
-      if ($file->getBasename() == "database.php") {
-        continue;
-      } else if (basename($file->getPath()) == "logs") {
-        continue;
-      }
-
-      if ($file->isDir()) {
-        $paths[] = "VARPATH . \"" . substr($name, strlen(VARPATH)) . "\"";
-      } else {
-        // @todo: serialize non-directories
-        print "Unknown file: $name";
-        return;
-      }
-    }
-    // Sort the paths so that the var file is stable
-    sort($paths);
-
-    $fd = fopen($var_file, "w");
-    fwrite($fd, "\n");
-    fwrite($fd, "_reset();                // empty and reinstall the standard modules
+      $this->_dump_database();        // Dump the database
+      $this->_dump_var();             // Dump the var directory
+    } catch (Exception $e) {
+      print $e->getTraceAsString();
+      return;
+    }
+
+    print "Successfully wrote install.sql and init_var.php\n";
+  }
+
+  private function _reset() {
+    $db = Database::instance();
+
+    // Drop all tables
+    foreach ($db->list_tables() as $table) {
+      $db->query("DROP TABLE IF EXISTS `$table`");
+    }
+
+    // Clean out data
+    dir::unlink(VARPATH . "uploads");
+    dir::unlink(VARPATH . "albums");
+    dir::unlink(VARPATH . "resizes");
+    dir::unlink(VARPATH . "thumbs");
+    dir::unlink(VARPATH . "modules");
+    dir::unlink(VARPATH . "tmp");
+
+    $db->clear_cache();
+    module::$modules = array();
+    module::$active = array();
+
+    // Use a known random seed so that subsequent packaging runs will reuse the same random
+    // numbers, keeping our install.sql file more stable.
+    srand(0);
+
+    gallery_installer::install(true);
+    module::load_modules();
+
+    foreach (array("user", "comment", "organize", "info", "rss",
+                   "search", "slideshow", "tag") as $module_name) {
+      module::install($module_name);
+      module::activate($module_name);
+    }
+  }
+
+  private function _dump_database() {
+    // We now have a clean install with just the packages that we want.  Make sure that the
+    // database is clean too.
+    $i = 1;
+    foreach (array("blocks_dashboard_sidebar", "blocks_dashboard_center") as $key) {
+      $blocks = array();
+      foreach (unserialize(module::get_var("gallery", $key)) as $rnd => $value) {
+        $blocks[++$i] = $value;
+      }
+      module::set_var("gallery", $key, serialize($blocks));
+    }
+
+    $db = Database::instance();
+    $db->query("TRUNCATE {sessions}");
+    $db->query("TRUNCATE {logs}");
+    $db->query("DELETE FROM {vars} WHERE `module_name` = 'core' AND `name` = '_cache'");
+    $db->update("users", array("password" => ""), array("id" => 1));
+    $db->update("users", array("password" => ""), array("id" => 2));
+
+    $dbconfig = Kohana::config('database.default');
+    $conn = $dbconfig["connection"];
+    $pass = $conn["pass"] ? "-p{$conn['pass']}" : "";
+    $sql_file = DOCROOT . "installer/install.sql";
+    if (!is_writable($sql_file)) {
+      print "$sql_file is not writeable";
+      return;
+    }
+    $command = "mysqldump --compact --add-drop-table -h{$conn['host']} " .
+      "-u{$conn['user']} $pass {$conn['database']} > $sql_file";
+    exec($command, $output, $status);
+    if ($status) {
+      print "
    ";
+      print "$command\n";
+      print "Failed to dump database\n";
+      print implode("\n", $output);
+      return;
+    }
+
+    // Post-process the sql file
+    $buf = "";
+    $root = ORM::factory("item", 1);
+    $root_created_timestamp = $root->created;
+    $root_updated_timestamp = $root->updated;
+    foreach (file($sql_file) as $line) {
+      // Prefix tables
+      $line = preg_replace(
+        "/(CREATE TABLE|IF EXISTS|INSERT INTO) `{$dbconfig['table_prefix']}(\w+)`/", "\\1 {\\2}",
+        $line);
+
+      // Normalize dates
+      $line = preg_replace("/,$root_created_timestamp,/", ",UNIX_TIMESTAMP(),", $line);
+      $line = preg_replace("/,$root_updated_timestamp,/", ",UNIX_TIMESTAMP(),", $line);
+      $buf .= $line;
+    }
+    $fd = fopen($sql_file, "wb");
+    fwrite($fd, $buf);
+    fclose($fd);
+  }
+
+  private function _dump_var() {
+    $objects = new RecursiveIteratorIterator(
+      new RecursiveDirectoryIterator(VARPATH),
+      RecursiveIteratorIterator::SELF_FIRST);
+
+    $var_file = DOCROOT . "installer/init_var.php";
+    if (!is_writable($var_file)) {
+      print "$var_file is not writeable";
+      return;
+    }
+
+    $paths = array();
+    foreach($objects as $name => $file){
+      if ($file->getBasename() == "database.php") {
+        continue;
+      } else if (basename($file->getPath()) == "logs") {
+        continue;
+      }
+
+      if ($file->isDir()) {
+        $paths[] = "VARPATH . \"" . substr($name, strlen(VARPATH)) . "\"";
+      } else {
+        // @todo: serialize non-directories
+        print "Unknown file: $name";
+        return;
+      }
+    }
+    // Sort the paths so that the var file is stable
+    sort($paths);
+
+    $fd = fopen($var_file, "w");
+    fwrite($fd, "\n");
+    fwrite($fd, "
Date: Wed, 10 Jun 2009 01:23:44 -0700
Subject: Add CLI sapi support

---
 modules/gallery/controllers/upgrader.php | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/modules/gallery/controllers/upgrader.php b/modules/gallery/controllers/upgrader.php
index 0d5bb4f6..0833e253 100644
--- a/modules/gallery/controllers/upgrader.php
+++ b/modules/gallery/controllers/upgrader.php
@@ -32,7 +32,11 @@ class Upgrader_Controller extends Controller {
 
   public function upgrade() {
     // Todo: give the admin a chance to log in here
-    if (!user::active()->admin) {
+    if (php_sapi_name() == "cli") {
+      // @todo this may screw up some module installers, but we don't have a better answer at
+      // this time.
+      $_SERVER["HTTP_HOST"] = "example.com";
+    } else if (!user::active()->admin) {
       access::forbidden();
     }
 
@@ -51,6 +55,10 @@ class Upgrader_Controller extends Controller {
       }
     }
 
-    url::redirect("upgrader?done=1");
+    if (php_sapi_name() == "cli") {
+      print "Upgrade complete\n";
+    } else {
+      url::redirect("upgrader?done=1");
+    }
   }
 }
-- 
cgit v1.2.3


From 66014819b4e7fd8a5438eb800675641f7d213e27 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta 
Date: Wed, 10 Jun 2009 01:23:58 -0700
Subject: refactor CLI support and add a help message.

---
 index.php | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/index.php b/index.php
index 1aff88f7..b2170fb1 100644
--- a/index.php
+++ b/index.php
@@ -46,16 +46,12 @@ define("MODPATH", realpath("modules") . "/");
 define("THEMEPATH", realpath("themes") . "/");
 define("SYSPATH", realpath("system") . "/");
 
-// Force a test run if we"re in command line mode.
+// We only accept a few controllers on the command line
 if (PHP_SAPI == "cli") {
-  switch ($_SERVER["argv"][1]) {
+  switch ($arg_1 = $_SERVER["argv"][1]) {
   case "upgrade":
-    array_splice($_SERVER["argv"], 1, 1, "upgrader/upgrade");
-    define("TEST_MODE", 0);
-    define("VARPATH", realpath("var") . "/");
-    break;
-
   case "package":
+    $_SERVER["argv"] = array("index.php", "{$arg_1}r/$arg_1");
     define("TEST_MODE", 0);
     define("VARPATH", realpath("var") . "/");
     break;
@@ -66,6 +62,10 @@ if (PHP_SAPI == "cli") {
     @mkdir("test/var/logs", 0777, true);
     define("VARPATH", realpath("test/var") . "/");
     @copy("var/database.php", VARPATH . "database.php");
+
+  default:
+    print "Usage: php index.php { upgrade | package | test }\n";
+    exit(1);
   }
 } else {
   define("TEST_MODE", 0);
-- 
cgit v1.2.3


From 0c5cb026a72c3e894cbb7c6a637267f867cc323a Mon Sep 17 00:00:00 2001
From: Tim Almdal 
Date: Wed, 10 Jun 2009 08:26:40 -0700
Subject: Only add the comment rss feeds if the comment module is active. fix
 for #365

---
 modules/rss/helpers/rss_theme.php | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/modules/rss/helpers/rss_theme.php b/modules/rss/helpers/rss_theme.php
index d47d3313..54bba210 100644
--- a/modules/rss/helpers/rss_theme.php
+++ b/modules/rss/helpers/rss_theme.php
@@ -40,12 +40,16 @@ class rss_theme_Core {
     $block->css_id = "gRss";
     $block->title = t("Available RSS Feeds");
     $block->content = new View("rss_block.html");
-    $block->content->feeds = array(
-      t("New photos or movies") => url::site("rss/updates"),
-      t("All new comments") => url::site("rss/comments"),
-      sprintf(t("Comments on %s"),
-              $theme->item()->title) => url::site("rss/comments/{$theme->item()->id}")
-    );
+    // @todo consider pushing the code for the feeds back to the associated modules
+    // and create an event 'generate_rss_feeds' that modules can respond to create
+    // the list of feeds.
+    $feeds = array(t("New photos or movies") => url::site("rss/updates"));
+    if (module::is_active("comment")) {
+      $feeds[t("All new comments")] = url::site("rss/comments");
+      $feeds[sprintf(t("Comments on %s"), $theme->item()->title)] =
+        url::site("rss/comments/{$theme->item()->id}");
+    }
+    $block->content->feeds = $feeds;
     return $block;
   }
 }
-- 
cgit v1.2.3


From 5a6fc93496555ad2af73e37fd36979fce2ca3203 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta 
Date: Wed, 10 Jun 2009 20:22:10 -0700
Subject: Improve our warning message to also mention that you need to have
 mod_rewrite installed.

---
 modules/gallery/views/permissions_browse.html.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/gallery/views/permissions_browse.html.php b/modules/gallery/views/permissions_browse.html.php
index 8bb2e830..36394877 100644
--- a/modules/gallery/views/permissions_browse.html.php
+++ b/modules/gallery/views/permissions_browse.html.php
@@ -27,7 +27,7 @@
   
   
      
     
    • 
-      AllowOverride FileInfo Options to fix this.", array("attrs" => "href=\"http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride\" target=\"_blank\"")) ?>
+      mod_rewrite and set AllowOverride FileInfo Options to fix this.", array("mod_rewrite_attrs" => "href=\"http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html\" target=\"_blank\"", "apache_attrs" => "href=\"http://httpd.apache.org/docs/2.0/mod/core.html#allowoverride\" target=\"_blank\"")) ?>
     
      • 
   
    
   
-- 
cgit v1.2.3


From 0d5826ab9ff919a9a191e654cb3a3032d31494f4 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta 
Date: Wed, 10 Jun 2009 20:37:38 -0700
Subject: Fix log links.  html::anchor() implicitly calls url::site(), calling
 it a second time mangles the urls.

Fixes ticket #360.
---
 modules/gallery/controllers/admin_maintenance.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php
index c169de75..7c5934a3 100644
--- a/modules/gallery/controllers/admin_maintenance.php
+++ b/modules/gallery/controllers/admin_maintenance.php
@@ -61,7 +61,7 @@ class Admin_Maintenance_Controller extends Admin_Controller {
 
     log::info("tasks", t("Task %task_name started (task id %task_id)",
                          array("task_name" => $task->name, "task_id" => $task->id)),
-              html::anchor(url::site("admin/maintenance"), t("maintenance")));
+              html::anchor("admin/maintenance", t("maintenance")));
     print $view;
   }
 
@@ -81,7 +81,7 @@ class Admin_Maintenance_Controller extends Admin_Controller {
 
     log::info("tasks", t("Task %task_name resumed (task id %task_id)",
                          array("task_name" => $task->name, "task_id" => $task->id)),
-              html::anchor(url::site("admin/maintenance"), t("maintenance")));
+              html::anchor("admin/maintenance", t("maintenance")));
     print $view;
   }
 
@@ -152,14 +152,14 @@ class Admin_Maintenance_Controller extends Admin_Controller {
       case "success":
         log::success("tasks", t("Task %task_name completed (task id %task_id)",
                                 array("task_name" => $task->name, "task_id" => $task->id)),
-                     html::anchor(url::site("admin/maintenance"), t("maintenance")));
+                     html::anchor("admin/maintenance", t("maintenance")));
         message::success(t("Task completed successfully"));
         break;
 
       case "error":
         log::error("tasks", t("Task %task_name failed (task id %task_id)",
                               array("task_name" => $task->name, "task_id" => $task->id)),
-                   html::anchor(url::site("admin/maintenance"), t("maintenance")));
+                   html::anchor("admin/maintenance", t("maintenance")));
         message::success(t("Task failed"));
         break;
       }
-- 
cgit v1.2.3


From 4118ca4f1db76447da8846fc4835fea702687d21 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta 
Date: Wed, 10 Jun 2009 21:05:24 -0700
Subject: Provide a way for non-admins to authenticate and use the upgrader,
 without using our regular code paths.

---
 modules/gallery/controllers/upgrader.php | 19 ++++++++++++++-----
 modules/gallery/views/upgrader.html.php  | 16 ++++++++++++++++
 2 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/modules/gallery/controllers/upgrader.php b/modules/gallery/controllers/upgrader.php
index 0833e253..5eb96fdd 100644
--- a/modules/gallery/controllers/upgrader.php
+++ b/modules/gallery/controllers/upgrader.php
@@ -19,24 +19,33 @@
  */
 class Upgrader_Controller extends Controller {
   public function index() {
-    // Todo: give the admin a chance to log in here
-    if (!user::active()->admin) {
-      access::forbidden();
+    $session = Session::instance();
+
+    // Make sure we have an upgrade token
+    if (!($upgrade_token = $session->get("upgrade_token", null))) {
+      $session->set("upgrade_token", $upgrade_token = md5(rand()));
+    }
+
+    // If the upgrade token exists, then bless this session
+    if (file_exists(TMPPATH . $upgrade_token)) {
+      $session->set("can_upgrade", true);
+      @unlink(TMPPATH . $upgrade_token);
     }
 
     $view = new View("upgrader.html");
+    $view->can_upgrade = user::active()->admin || $session->get("can_upgrade");
+    $view->upgrade_token = $upgrade_token;
     $view->available = module::available();
     $view->done = Input::instance()->get("done");
     print $view;
   }
 
   public function upgrade() {
-    // Todo: give the admin a chance to log in here
     if (php_sapi_name() == "cli") {
       // @todo this may screw up some module installers, but we don't have a better answer at
       // this time.
       $_SERVER["HTTP_HOST"] = "example.com";
-    } else if (!user::active()->admin) {
+    } else if (!user::active()->admin && !Session::instance()->get("can_upgrade", false)) {
       access::forbidden();
     }
 
diff --git a/modules/gallery/views/upgrader.html.php b/modules/gallery/views/upgrader.html.php
index 6b9a0110..fa21e196 100644
--- a/modules/gallery/views/upgrader.html.php
+++ b/modules/gallery/views/upgrader.html.php
@@ -9,6 +9,9 @@
       font-family: Trebuchet MS;
       font-size: 1.1em;
     }
+    h1 {
+      font-size: 1.4em;
+    }
     div#outer {
       width: 650px;
       background: white;
@@ -93,11 +96,17 @@
     .gray_on_done {
       opacity: ;
     }
+    pre {
+      display: inline;
+      margin: 0px;
+      padding: 0px;
+    }
   
   
     
    
       " />
       
    
+        
         
         
    
           
    
@@ -158,6 +167,13 @@
           
         
    
         
+        
+        
      
    
+        
    
+          gallery3/var/tmp directory.", array("name" => "
    $upgrade_token")) ?>
+        
    
+        ">
+