From b0cb3c74025dd601dcf0ffbc33493c03b7bd1824 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 29 May 2009 12:00:49 -0700 Subject: Update Kohana to r4374 --- modules/unit_test/libraries/Unit_Test.php | 4 +- system/config/sql_types.php | 2 +- system/core/Event.php | 4 +- system/core/Kohana.php | 84 +++++++++++++++++++++++------- system/helpers/html.php | 4 +- system/helpers/valid.php | 6 +-- system/libraries/Controller.php | 12 ++++- system/libraries/drivers/Captcha/Alpha.php | 4 +- 8 files changed, 87 insertions(+), 33 deletions(-) diff --git a/modules/unit_test/libraries/Unit_Test.php b/modules/unit_test/libraries/Unit_Test.php index 7e3d2a4b..7558759c 100644 --- a/modules/unit_test/libraries/Unit_Test.php +++ b/modules/unit_test/libraries/Unit_Test.php @@ -2,7 +2,7 @@ /** * Unit_Test library. * - * $Id: Unit_Test.php 4158 2009-04-07 20:40:44Z zombor $ + * $Id: Unit_Test.php 4367 2009-05-27 21:23:57Z samsoir $ * * @package Unit_Test * @author Kohana Team @@ -66,7 +66,7 @@ class Unit_Test_Core { $class = substr($path, strrpos($path, '/') + 1, -(strlen(EXT))); // Skip hidden files - if (substr($class, 0, 1) === '.') + if ($class[0] === '.') continue; // Check for duplicate test class name diff --git a/system/config/sql_types.php b/system/config/sql_types.php index a4a44bda..4034c6f5 100644 --- a/system/config/sql_types.php +++ b/system/config/sql_types.php @@ -48,7 +48,7 @@ $config['enum'] = $config['set'] = $config['varchar']; $config['tinytext'] = $config['mediumtext'] = $config['longtext'] = $config['text']; // BLOB -$config['tinyblob'] = $config['mediumblob'] = $config['longblob'] = $config['clob'] = $config['bytea'] = $config['blob']; +$config['tsvector'] = $config['tinyblob'] = $config['mediumblob'] = $config['longblob'] = $config['clob'] = $config['bytea'] = $config['blob']; // CHARACTER $config['character'] = $config['char']; diff --git a/system/core/Event.php b/system/core/Event.php index 22a9f69d..90944c37 100644 --- a/system/core/Event.php +++ b/system/core/Event.php @@ -4,7 +4,7 @@ * to be added to 'events'. Events can be run multiple times, and can also * process event-specific data. By default, Kohana has several system events. * - * $Id: Event.php 3993 2009-02-17 18:42:50Z jheathco $ + * $Id: Event.php 4358 2009-05-27 17:24:25Z ixmatus $ * * @package Core * @author Kohana Team @@ -206,7 +206,7 @@ final class Event { foreach ($callbacks as $callback) { - call_user_func($callback); + call_user_func_array($callback, array(&$data)); } // Do this to prevent data from getting 'stuck' diff --git a/system/core/Kohana.php b/system/core/Kohana.php index 95e44d82..c934b12b 100644 --- a/system/core/Kohana.php +++ b/system/core/Kohana.php @@ -2,7 +2,7 @@ /** * Provides Kohana-specific helper functions. This is where the magic happens! * - * $Id: Kohana.php 4352 2009-05-14 20:26:53Z zombor $ + * $Id: Kohana.php 4372 2009-05-28 17:00:34Z ixmatus $ * * @package Core * @author Kohana Team @@ -54,6 +54,8 @@ final class Kohana { private static $internal_cache = array(); private static $write_cache; private static $internal_cache_path; + private static $internal_cache_key; + private static $internal_cache_encrypt; /** * Sets up the PHP environment. Adds error/exception handling, output @@ -91,6 +93,17 @@ final class Kohana { if (self::$cache_lifetime = self::config('core.internal_cache')) { + // Are we using encryption for caches? + self::$internal_cache_encrypt = self::config('core.internal_cache_encrypt'); + + if(self::$internal_cache_encrypt===TRUE) + { + self::$internal_cache_key = self::config('core.internal_cache_key'); + + // Be sure the key is of acceptable length for the mcrypt algorithm used + self::$internal_cache_key = substr(self::$internal_cache_key, 0, 24); + } + // Set the directory to be used for the internal cache if ( ! self::$internal_cache_path = self::config('core.internal_cache_path')) { @@ -585,8 +598,29 @@ final class Kohana { // Check the file modification time if ((time() - filemtime($path)) < $lifetime) { - // Cache is valid - return unserialize(file_get_contents($path)); + // Cache is valid! Now, do we need to decrypt it? + if(self::$internal_cache_encrypt===TRUE) + { + $data = file_get_contents($path); + + $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); + $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); + + $decrypted_text = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, self::$internal_cache_key, $data, MCRYPT_MODE_ECB, $iv); + + $cache = unserialize($decrypted_text); + + // If the key changed, delete the cache file + if(!$cache) + unlink($path); + + // If cache is false (as above) return NULL, otherwise, return the cache + return ($cache ? $cache : NULL); + } + else + { + return unserialize(file_get_contents($path)); + } } else { @@ -623,35 +657,50 @@ final class Kohana { } else { - // Write data to cache file - return (bool) file_put_contents($path, serialize($data)); + // Using encryption? Encrypt the data when we write it + if(self::$internal_cache_encrypt===TRUE) + { + // Encrypt and write data to cache file + $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); + $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); + + // Serialize and encrypt! + $encrypted_text = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, self::$internal_cache_key, serialize($data), MCRYPT_MODE_ECB, $iv); + + return (bool) file_put_contents($path, $encrypted_text); + } + else + { + // Write data to cache file + return (bool) file_put_contents($path, serialize($data)); + } } } /** - * Kohana output handler. + * Kohana output handler. Called during ob_clean, ob_flush, and their variants. * * @param string current output buffer * @return string */ public static function output_buffer($output) { + // Could be flushing, so send headers first if ( ! Event::has_run('system.send_headers')) { - // Run the send_headers event, specifically for cookies being set + // Run the send_headers event Event::run('system.send_headers'); } - - // Set final output - self::$output = $output; - + + self::$output = $output; + // Set and return the final output - return $output; + return self::$output; } /** - * Closes all open output buffers, either by flushing or cleaning all - * open buffers, including the Kohana output buffer. + * Closes all open output buffers, either by flushing or cleaning, and stores the Kohana + * output buffer for display during shutdown. * * @param boolean disable to clear buffers, rather than flushing * @return void @@ -669,11 +718,8 @@ final class Kohana { $close(); } - // This will flush the Kohana buffer, which sets self::$output + // Store the Kohana output buffer ob_end_clean(); - - // Reset the buffer level - self::$buffer_level = ob_get_level(); } } @@ -889,9 +935,9 @@ final class Kohana { } } + // Close all output buffers except for Kohana while (ob_get_level() > self::$buffer_level) { - // Close open buffers ob_end_clean(); } diff --git a/system/helpers/html.php b/system/helpers/html.php index f40c86dc..9ad20d89 100644 --- a/system/helpers/html.php +++ b/system/helpers/html.php @@ -2,7 +2,7 @@ /** * HTML helper class. * - * $Id: html.php 4141 2009-03-29 03:30:06Z zombor $ + * $Id: html.php 4368 2009-05-27 21:58:51Z samsoir $ * * @package Core * @author Kohana Team @@ -96,7 +96,7 @@ class html_Core { // Attributes empty? Use an empty string .(is_array($attributes) ? html::attributes($attributes) : '').'>' // Title empty? Use the parsed URL - .(($title === NULL) ? $site_url : $title).''; + .html::specialchars((($title === NULL) ? $site_url : $title), FALSE).''; } /** diff --git a/system/helpers/valid.php b/system/helpers/valid.php index 610076f3..8a3583b2 100644 --- a/system/helpers/valid.php +++ b/system/helpers/valid.php @@ -2,7 +2,7 @@ /** * Validation helper class. * - * $Id: valid.php 4187 2009-04-08 04:01:23Z zombor $ + * $Id: valid.php 4367 2009-05-27 21:23:57Z samsoir $ * * @package Core * @author Kohana Team @@ -161,13 +161,13 @@ class valid_Core { for ($i = $length - 1; $i >= 0; $i -= 2) { // Add up every 2nd digit, starting from the right - $checksum += substr($number, $i, 1); + $checksum += $number[$i]; } for ($i = $length - 2; $i >= 0; $i -= 2) { // Add up every 2nd digit doubled, starting from the right - $double = substr($number, $i, 1) * 2; + $double = $number[$i] * 2; // Subtract 9 from the double where value is greater than 10 $checksum += ($double >= 10) ? $double - 9 : $double; diff --git a/system/libraries/Controller.php b/system/libraries/Controller.php index d111f25e..2f64c211 100644 --- a/system/libraries/Controller.php +++ b/system/libraries/Controller.php @@ -3,7 +3,7 @@ * Kohana Controller class. The controller class must be extended to work * properly, so this class is defined as abstract. * - * $Id: Controller.php 3979 2009-02-13 16:46:12Z zombor $ + * $Id: Controller.php 4365 2009-05-27 21:09:27Z samsoir $ * * @package Core * @author Kohana Team @@ -69,7 +69,15 @@ abstract class Controller_Core { // Views are straight HTML pages with embedded PHP, so importing them // this way insures that $this can be accessed as if the user was in // the controller, which gives the easiest access to libraries in views - include $kohana_view_filename; + try + { + include $kohana_view_filename; + } + catch (Exception $e) + { + ob_end_clean(); + throw $e; + } // Fetch the output and close the buffer return ob_get_clean(); diff --git a/system/libraries/drivers/Captcha/Alpha.php b/system/libraries/drivers/Captcha/Alpha.php index b3a9c9d7..27795804 100644 --- a/system/libraries/drivers/Captcha/Alpha.php +++ b/system/libraries/drivers/Captcha/Alpha.php @@ -2,7 +2,7 @@ /** * Captcha driver for "alpha" style. * - * $Id: Alpha.php 3769 2008-12-15 00:48:56Z zombor $ + * $Id: Alpha.php 4367 2009-05-27 21:23:57Z samsoir $ * * @package Captcha * @author Kohana Team @@ -81,7 +81,7 @@ class Captcha_Alpha_Driver extends Captcha_Driver { // Draw "ghost" alphabetic character $text_color = imagecolorallocatealpha($this->image, mt_rand($color_limit + 8, 255), mt_rand($color_limit + 8, 255), mt_rand($color_limit + 8, 255), mt_rand(70, 120)); - $char = substr($chars, mt_rand(0, 14), 1); + $char = $chars[mt_rand(0, 14)]; imagettftext($this->image, $size * 2, mt_rand(-45, 45), ($x - (mt_rand(5, 10))), ($y + (mt_rand(5, 10))), $text_color, $font, $char); } -- cgit v1.2.3 From 34da188e81c39b472081417b96e75b1102e01707 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 29 May 2009 17:40:23 -0700 Subject: Revert test code inserted in 88a3d43ba9b9377ba6bbe21a4547220ae3a37276 which showed stack traces to non-admins. --- modules/gallery/views/kohana_error_page.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/modules/gallery/views/kohana_error_page.php b/modules/gallery/views/kohana_error_page.php index a091bca3..d9bf9698 100644 --- a/modules/gallery/views/kohana_error_page.php +++ b/modules/gallery/views/kohana_error_page.php @@ -58,9 +58,8 @@ <?= t("Something went wrong!") ?> - -admin ?> - + + admin ?>

-- cgit v1.2.3 From 055e0a7dc5d4fe65f92c5621a26432cda206f07f Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 29 May 2009 17:42:31 -0700 Subject: Remove a completed @todo --- modules/gallery/helpers/gallery_menu.php | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/gallery/helpers/gallery_menu.php b/modules/gallery/helpers/gallery_menu.php index 1dc9cb41..ccbc681c 100644 --- a/modules/gallery/helpers/gallery_menu.php +++ b/modules/gallery/helpers/gallery_menu.php @@ -49,7 +49,6 @@ class gallery_menu_Core { ->url(url::site("form/edit/{$item->type}s/$item->id"))); // @todo Move album options menu to the album quick edit pane - // @todo Create resized item quick edit pane menu if ($item->is_album()) { $options_menu ->append(Menu::factory("dialog") -- cgit v1.2.3 From 381dd0574a9d83ceed1dbf6bcb1f7e158d46c85c Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 29 May 2009 17:53:33 -0700 Subject: Don't show the add photo/album options to users who don't have the permission. This isn't a security hole, since they can't actually add stuff.. but they can try and fail which is a bad user experience. Also fix it up so that we show the option menu only if there's stuff to show, and cache some of the permissions for performance (which I'm guessing at-- didn't benchmark it). --- modules/gallery/helpers/gallery_menu.php | 48 +++++++++++++++++++------------- 1 file changed, 28 insertions(+), 20 deletions(-) diff --git a/modules/gallery/helpers/gallery_menu.php b/modules/gallery/helpers/gallery_menu.php index ccbc681c..7377bc9d 100644 --- a/modules/gallery/helpers/gallery_menu.php +++ b/modules/gallery/helpers/gallery_menu.php @@ -19,7 +19,8 @@ */ class gallery_menu_Core { static function site($menu, $theme) { - if (file_exists(MODPATH . "gallery/controllers/scaffold.php") && user::active()->admin) { + $is_admin = user::active()->admin; + if (file_exists(MODPATH . "gallery/controllers/scaffold.php") && $is_admin) { $menu->append($scaffold_menu = Menu::factory("submenu") ->id("scaffold") ->label("Scaffold")); @@ -36,38 +37,45 @@ class gallery_menu_Core { $item = $theme->item(); - if (user::active()->admin || ($item && access::can("edit", $item))) { + $can_edit = access::can("edit", $item) || $is_admin; + $can_add = access::can("add", $item) || $is_admin; + + if ($item && $can_edit || $can_add) { $menu->append($options_menu = Menu::factory("submenu") ->id("options_menu") ->label(t("Options"))); - if ($item && access::can("edit", $item)) { + if ($can_edit) { $options_menu ->append(Menu::factory("dialog") ->id("edit_item") ->label($item->is_album() ? t("Edit album") : t("Edit photo")) ->url(url::site("form/edit/{$item->type}s/$item->id"))); + } - // @todo Move album options menu to the album quick edit pane - if ($item->is_album()) { - $options_menu - ->append(Menu::factory("dialog") - ->id("add_item") - ->label(t("Add a photo")) - ->url(url::site("simple_uploader/app/$item->id"))) - ->append(Menu::factory("dialog") - ->id("add_album") - ->label(t("Add an album")) - ->url(url::site("form/add/albums/$item->id?type=album"))) - ->append(Menu::factory("dialog") - ->id("edit_permissions") - ->label(t("Edit permissions")) - ->url(url::site("permissions/browse/$item->id"))); - } + // @todo Move album options menu to the album quick edit pane + if ($item->is_album() && $can_add) { + $options_menu + ->append(Menu::factory("dialog") + ->id("add_item") + ->label(t("Add a photo")) + ->url(url::site("simple_uploader/app/$item->id"))) + ->append(Menu::factory("dialog") + ->id("add_album") + ->label(t("Add an album")) + ->url(url::site("form/add/albums/$item->id?type=album"))); + } + + if ($can_edit) { + $options_menu + ->append(Menu::factory("dialog") + ->id("edit_permissions") + ->label(t("Edit permissions")) + ->url(url::site("permissions/browse/$item->id"))); } } - if (user::active()->admin) { + if ($is_admin) { $menu->append($admin_menu = Menu::factory("submenu") ->id("admin_menu") ->label(t("Admin"))); -- cgit v1.2.3 From 2925a1c7978c436c11c0a6c4dac9fa3ddc0a2396 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 29 May 2009 17:54:20 -0700 Subject: Require "add" permission to show the add form. --- modules/gallery/controllers/simple_uploader.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/gallery/controllers/simple_uploader.php b/modules/gallery/controllers/simple_uploader.php index bdf9582f..ec2a5ab9 100644 --- a/modules/gallery/controllers/simple_uploader.php +++ b/modules/gallery/controllers/simple_uploader.php @@ -20,7 +20,7 @@ class Simple_Uploader_Controller extends Controller { public function app($id) { $item = ORM::factory("item", $id); - access::required("edit", $item); + access::required("add", $item); $v = new View("simple_uploader.html"); $v->item = $item; -- cgit v1.2.3 From 994830f611c7736716883a6b219fb2848ac3ea24 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 29 May 2009 18:04:54 -0700 Subject: Fix the code to specify which columns its inserting into. Without that it's fragile, and I broke it when I sorted the columns alphabetically a day or two ago. --- installer/installer.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/installer/installer.php b/installer/installer.php index 38fde1fe..ab2963ba 100644 --- a/installer/installer.php +++ b/installer/installer.php @@ -110,7 +110,8 @@ class installer { $data .= ";after_install|i:1"; $data .= ";last_activity|i:$now"; $data = base64_encode($data); - $sql = "INSERT INTO {sessions} VALUES('$session_id', $now, '$data')"; + $sql = "INSERT INTO {sessions}(`session_id`, `last_activity`, `data`) " . + "VALUES('$session_id', $now, '$data')"; $sql = self::prepend_prefix($config["prefix"], $sql); if (mysql_query($sql)) { setcookie("g3sid", $session_id, 0, "/", "", false, false); -- cgit v1.2.3 From 60d1bbc2d68f86b7ed4632cab03f61ee458d0751 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 29 May 2009 20:24:42 -0700 Subject: Move credits message into a variable, which can be changed in Admin > Settings > Advanced. It's stored in the variable as an internationalized string and localized at output time. --- installer/install.sql | 6 +++--- modules/gallery/helpers/gallery_installer.php | 3 +++ modules/gallery/helpers/gallery_theme.php | 4 ++-- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/installer/install.sql b/installer/install.sql index b021250a..860d552c 100755 --- a/installer/install.sql +++ b/installer/install.sql @@ -249,7 +249,7 @@ CREATE TABLE {search_records} ( FULLTEXT KEY `data` (`data`) ) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=utf8; SET character_set_client = @saved_cs_client; -INSERT INTO {search_records} VALUES (1,1,0,' Gallery '); +INSERT INTO {search_records} VALUES (1,1,0,' Gallery'); DROP TABLE IF EXISTS {sessions}; SET @saved_cs_client = @@character_set_client; SET character_set_client = utf8; @@ -333,6 +333,6 @@ CREATE TABLE {vars} ( `value` text, PRIMARY KEY (`id`), UNIQUE KEY `module_name` (`module_name`,`name`) -) ENGINE=InnoDB AUTO_INCREMENT=22 DEFAULT CHARSET=utf8; +) ENGINE=InnoDB AUTO_INCREMENT=24 DEFAULT CHARSET=utf8; SET character_set_client = @saved_cs_client; -INSERT INTO {vars} VALUES (1,'gallery','active_site_theme','default'),(2,'gallery','active_admin_theme','admin_default'),(3,'gallery','page_size','9'),(4,'gallery','thumb_size','200'),(5,'gallery','resize_size','640'),(6,'gallery','default_locale','en_US'),(7,'gallery','image_quality','75'),(9,'gallery','blocks_dashboard_sidebar','a:4:{i:809046100;a:2:{i:0;s:7:\"gallery\";i:1;s:11:\"block_adder\";}i:517357050;a:2:{i:0;s:7:\"gallery\";i:1;s:5:\"stats\";}i:864881363;a:2:{i:0;s:7:\"gallery\";i:1;s:13:\"platform_info\";}i:375523668;a:2:{i:0;s:7:\"gallery\";i:1;s:12:\"project_news\";}}'),(14,'gallery','blocks_dashboard_center','a:4:{i:306281171;a:2:{i:0;s:7:\"gallery\";i:1;s:7:\"welcome\";}i:636407494;a:2:{i:0;s:7:\"gallery\";i:1;s:12:\"photo_stream\";}i:1735763319;a:2:{i:0;s:7:\"gallery\";i:1;s:11:\"log_entries\";}i:1348141451;a:2:{i:0;s:7:\"comment\";i:1;s:15:\"recent_comments\";}}'),(17,'gallery','version','3.0 pre-beta git'),(18,'gallery','choose_default_tookit','1'),(20,'comment','spam_caught','0'); +INSERT INTO {vars} VALUES (1,'gallery','active_site_theme','default'),(2,'gallery','active_admin_theme','admin_default'),(3,'gallery','page_size','9'),(4,'gallery','thumb_size','200'),(5,'gallery','resize_size','640'),(6,'gallery','default_locale','en_US'),(7,'gallery','image_quality','75'),(9,'gallery','blocks_dashboard_sidebar','a:4:{i:1021536970;a:2:{i:0;s:7:\"gallery\";i:1;s:11:\"block_adder\";}i:62586177;a:2:{i:0;s:7:\"gallery\";i:1;s:5:\"stats\";}i:1314474428;a:2:{i:0;s:7:\"gallery\";i:1;s:13:\"platform_info\";}i:2072050158;a:2:{i:0;s:7:\"gallery\";i:1;s:12:\"project_news\";}}'),(14,'gallery','blocks_dashboard_center','a:4:{i:2103644216;a:2:{i:0;s:7:\"gallery\";i:1;s:7:\"welcome\";}i:1234407127;a:2:{i:0;s:7:\"gallery\";i:1;s:12:\"photo_stream\";}i:1844887955;a:2:{i:0;s:7:\"gallery\";i:1;s:11:\"log_entries\";}i:1497904257;a:2:{i:0;s:7:\"comment\";i:1;s:15:\"recent_comments\";}}'),(17,'gallery','version','3.0 pre-beta git'),(18,'gallery','choose_default_tookit','1'),(19,'gallery','credits','Powered by Gallery %version'),(21,'comment','spam_caught','0'); diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index fbbee194..b97adcd0 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -251,6 +251,9 @@ class gallery_installer { module::set_version("gallery", 1); module::set_var("gallery", "version", "3.0 pre-beta git"); module::set_var("gallery", "choose_default_tookit", 1); + + // @todo this string needs to be picked up by l10n_scanner + module::set_var("gallery", "credits", "Powered by Gallery %version"); } } diff --git a/modules/gallery/helpers/gallery_theme.php b/modules/gallery/helpers/gallery_theme.php index d45e1b98..f955e8f7 100644 --- a/modules/gallery/helpers/gallery_theme.php +++ b/modules/gallery/helpers/gallery_theme.php @@ -124,8 +124,8 @@ class gallery_theme_Core { } static function credits() { - return "
  • " . - t("Powered by Gallery %version", + return "
  • " . + t(module::get_var("gallery", "credits"), array("url" => "http://gallery.menalto.com", "version" => module::get_var("gallery", "version"))) . "
    • "; -- cgit v1.2.3 From cbec883d8a572fd8b94c9db78b652caf1a22de23 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 29 May 2009 20:59:34 -0700 Subject: Don't show "edit permissions" for non-albums. --- modules/gallery/helpers/gallery_menu.php | 36 +++++++++++++++++--------------- 1 file changed, 19 insertions(+), 17 deletions(-) diff --git a/modules/gallery/helpers/gallery_menu.php b/modules/gallery/helpers/gallery_menu.php index 7377bc9d..1f5151a3 100644 --- a/modules/gallery/helpers/gallery_menu.php +++ b/modules/gallery/helpers/gallery_menu.php @@ -54,24 +54,26 @@ class gallery_menu_Core { } // @todo Move album options menu to the album quick edit pane - if ($item->is_album() && $can_add) { - $options_menu - ->append(Menu::factory("dialog") - ->id("add_item") - ->label(t("Add a photo")) - ->url(url::site("simple_uploader/app/$item->id"))) - ->append(Menu::factory("dialog") - ->id("add_album") - ->label(t("Add an album")) - ->url(url::site("form/add/albums/$item->id?type=album"))); - } + if ($item->is_album()) { + if ($can_add) { + $options_menu + ->append(Menu::factory("dialog") + ->id("add_item") + ->label(t("Add a photo")) + ->url(url::site("simple_uploader/app/$item->id"))) + ->append(Menu::factory("dialog") + ->id("add_album") + ->label(t("Add an album")) + ->url(url::site("form/add/albums/$item->id?type=album"))); + } - if ($can_edit) { - $options_menu - ->append(Menu::factory("dialog") - ->id("edit_permissions") - ->label(t("Edit permissions")) - ->url(url::site("permissions/browse/$item->id"))); + if ($can_edit) { + $options_menu + ->append(Menu::factory("dialog") + ->id("edit_permissions") + ->label(t("Edit permissions")) + ->url(url::site("permissions/browse/$item->id"))); + } } } -- cgit v1.2.3 From ce285b8feba2f9c495fb153517c2a582421f50e0 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 29 May 2009 21:23:08 -0700 Subject: Use the relative_path_cache to look up items which should be a faster query than using the level + the components. --- modules/gallery/controllers/file_proxy.php | 69 +++++++++++++++--------------- modules/gallery/helpers/MY_url.php | 20 ++++++--- 2 files changed, 47 insertions(+), 42 deletions(-) diff --git a/modules/gallery/controllers/file_proxy.php b/modules/gallery/controllers/file_proxy.php index f3c5f109..2037ad98 100644 --- a/modules/gallery/controllers/file_proxy.php +++ b/modules/gallery/controllers/file_proxy.php @@ -41,56 +41,55 @@ class File_Proxy_Controller extends Controller { kohana::show_404(); } - $file = substr($request_uri, strlen($var_uri)); + $file_uri = substr($request_uri, strlen($var_uri)); // Make sure that we don't leave the var dir - if (strpos($file, "..") !== false) { + if (strpos($file_uri, "..") !== false) { kohana::show_404(); } - // We only handle var/resizes and var/albums - $paths = explode("/", $file); - $type = $paths[0]; + list ($type, $path) = explode("/", $file_uri, 2); if ($type != "resizes" && $type != "albums" && $type != "thumbs") { kohana::show_404(); } // If the last element is .album.jpg, pop that off since it's not a real item - if ($paths[count($paths)-1] == ".album.jpg") { - array_pop($paths); - } - if ($paths[count($paths)-1] == "") { - array_pop($paths); - } + $path = preg_replace("|/.album.jpg$|", "", $path); - // Find all items that match the level and name, then iterate over those to find a match. - // In most cases we'll get it in one. Note that for the level calculation, we just count the - // size of $paths. $paths includes the type ("thumbs", etc) but it doesn't include the root, - // so it's a wash. - $count = count($paths); - $compare_file = VARPATH . $file; - $item = null; - foreach (ORM::factory("item") - ->where("name", $paths[$count - 1]) - ->where("level", $count) - ->find_all() as $match) { - if ($type == "albums") { - $match_file = $match->file_path(); - } else if ($type == "resizes") { - $match_file = $match->resize_path(); - } else { - $match_file = $match->thumb_path(); - } - if ($match_file == $compare_file) { - $item = $match; - break; + // We now have the relative path to the item. Search for it in the path cache + $item = ORM::factory("item")->where("relative_path_cache", $path)->find(); + if (!$item->loaded) { + // We didn't turn it up. This may mean that the path cache is out of date, so look it up + // the hard way. + // + // Find all items that match the level and name, then iterate over those to find a match. + // In most cases we'll get it in one. Note that for the level calculation, we just count the + // size of $paths. + $paths = explode("/", $path); + $count = count($paths); + foreach (ORM::factory("item") + ->where("name", $paths[$count - 1]) + ->where("level", $count + 1) + ->find_all() as $match) { + if ($match->relative_path() == $path) { + $item = $match; + break; + } } } - if (!$item) { + if (!$item->loaded) { kohana::show_404(); } + if ($type == "albums") { + $file = $item->file_path(); + } else if ($type == "resizes") { + $file = $item->resize_path(); + } else { + $file = $item->thumb_path(); + } + // Make sure we have access to the item if (!access::can("view", $item)) { kohana::show_404(); @@ -106,14 +105,14 @@ class File_Proxy_Controller extends Controller { kohana::show_404(); } - if (!file_exists($match_file)) { + if (!file_exists($file)) { kohana::show_404(); } // Dump out the image header("Content-Type: $item->mime_type"); Kohana::close_buffers(false); - $fd = fopen($match_file, "rb"); + $fd = fopen($file, "rb"); fpassthru($fd); fclose($fd); } diff --git a/modules/gallery/helpers/MY_url.php b/modules/gallery/helpers/MY_url.php index 5e8bfc9e..019e416f 100644 --- a/modules/gallery/helpers/MY_url.php +++ b/modules/gallery/helpers/MY_url.php @@ -38,13 +38,19 @@ class url extends url_Core { return; } - $count = count(Router::$segments); - foreach (ORM::factory("item") - ->where("name", html_entity_decode(Router::$segments[$count - 1], ENT_QUOTES)) - ->where("level", $count + 1) - ->find_all() as $match) { - if ($match->relative_path() == html_entity_decode(Router::$current_uri, ENT_QUOTES)) { - $item = $match; + $current_uri = html_entity_decode(Router::$current_uri, ENT_QUOTES); + $item = ORM::factory("item")->where("relative_path_cache", $current_uri)->find(); + if (!$item->loaded) { + // It's possible that the relative path cache for the item we're looking for is out of date, + // so find it the hard way. + $count = count(Router::$segments); + foreach (ORM::factory("item") + ->where("name", html_entity_decode(Router::$segments[$count - 1], ENT_QUOTES)) + ->where("level", $count + 1) + ->find_all() as $match) { + if ($match->relative_path() == $current_uri) { + $item = $match; + } } } -- cgit v1.2.3