From c946ad1fcd87d4cb9c8f45b0b3c553b31fcebec8 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 25 Jun 2010 09:56:29 -0700 Subject: If we promote the

element to be the title, hide it so we're not showing it twice. --- lib/gallery.dialog.js | 1 + 1 file changed, 1 insertion(+) (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index f280a525..6ec8c634 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -40,6 +40,7 @@ $(".ui-dialog-titlebar").remove(); } else if ($("#g-dialog h1").length) { $("#g-dialog").dialog('option', 'title', $("#g-dialog h1:eq(0)").html()); + $("#g-dialog h1:eq(0)").hide(); } else if ($("#g-dialog fieldset legend").length) { $("#g-dialog").dialog('option', 'title', $("#g-dialog fieldset legend:eq(0)").html()); } -- cgit v1.2.3 From 8493a3d36f597e183490ae880b35a3d98f50a045 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Mon, 5 Jul 2010 08:23:17 -0700 Subject: If the admin request originates as a dialog link, don't display the entire page when reauthenticating the administrator. Just put the form in the dialog. --- lib/gallery.dialog.js | 3 ++- modules/gallery/controllers/admin.php | 11 ++++++-- modules/gallery/controllers/reauthenticate.php | 20 ++------------ modules/gallery/helpers/reauthenticate.php | 36 ++++++++++++++++++++++++++ 4 files changed, 49 insertions(+), 21 deletions(-) create mode 100644 modules/gallery/helpers/reauthenticate.php (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index 6ec8c634..dd1a5663 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -26,7 +26,8 @@ $("#g-dialog").gallery_show_loading(); - $.get(sHref, function(data) { + var url = sHref + (sHref.indexOf("?") == -1 ? "?" : "&") + "g-in-dialog"; + $.get(url, function(data) { $("#g-dialog").html(data).gallery_show_loading(); if ($("#g-dialog form").length) { diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php index c460f58c..d9bee284 100644 --- a/modules/gallery/controllers/admin.php +++ b/modules/gallery/controllers/admin.php @@ -38,7 +38,8 @@ class Admin_Controller extends Controller { return self::_reauth_check(); } if (auth::must_reauth_for_admin_area()) { - return self::_prompt_for_reauth($controller_name, $args); + print self::_prompt_for_reauth($controller_name, $args); + return; } if (request::method() == "post") { @@ -85,7 +86,13 @@ class Admin_Controller extends Controller { // Avoid anti-phishing protection by passing the url as session variable. Session::instance()->set("continue_url", url::abs_current(true)); } - url::redirect("reauthenticate"); + + // Check that we we not in a dialog. If we are, then use an ajax response. + if (strpos(Router::$query_string, "g-in-dialog") === false) { + url::redirect("reauthenticate"); + } else { + return reauthenticate::get_authenticate_form(); + } } } diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php index acb27f6a..9ddaff2e 100644 --- a/modules/gallery/controllers/reauthenticate.php +++ b/modules/gallery/controllers/reauthenticate.php @@ -22,7 +22,7 @@ class Reauthenticate_Controller extends Controller { if (!identity::active_user()->admin) { access::forbidden(); } - return self::_show_form(self::_form()); + return self::_show_form(reauthenticate::get_authenticate_form()); } public function auth() { @@ -31,7 +31,7 @@ class Reauthenticate_Controller extends Controller { } access::verify_csrf(); - $form = self::_form(); + $form = reauthenticate::get_authenticate_form(); $valid = $form->validate(); $user = identity::active_user(); if ($valid) { @@ -54,20 +54,4 @@ class Reauthenticate_Controller extends Controller { $view->content->user_name = identity::active_user()->name; print $view; } - - private static function _form() { - $form = new Forge("reauthenticate/auth", "", "post", array("id" => "g-reauthenticate-form")); - $form->set_attr('class', "g-narrow"); - $form->hidden("continue_url")->value(Session::instance()->get("continue_url", "admin")); - $group = $form->group("reauthenticate")->label(t("Re-authenticate")); - $group->password("password")->label(t("Password"))->id("g-password")->class(null) - ->callback("auth::validate_too_many_failed_auth_attempts") - ->callback("user::valid_password") - ->error_messages("invalid_password", t("Incorrect password")) - ->error_messages( - "too_many_failed_auth_attempts", - t("Too many incorrect passwords. Try again later")); - $group->submit("")->value(t("Submit")); - return $form; - } } diff --git a/modules/gallery/helpers/reauthenticate.php b/modules/gallery/helpers/reauthenticate.php new file mode 100644 index 00000000..1ad90e15 --- /dev/null +++ b/modules/gallery/helpers/reauthenticate.php @@ -0,0 +1,36 @@ + "g-reauthenticate-form")); + $form->set_attr('class', "g-narrow"); + $form->hidden("continue_url")->value(Session::instance()->get("continue_url", "admin")); + $group = $form->group("reauthenticate")->label(t("Re-authenticate")); + $group->password("password")->label(t("Password"))->id("g-password")->class(null) + ->callback("auth::validate_too_many_failed_auth_attempts") + ->callback("user::valid_password") + ->error_messages("invalid_password", t("Incorrect password")) + ->error_messages( + "too_many_failed_auth_attempts", + t("Too many incorrect passwords. Try again later")); + $group->submit("")->value(t("Submit")); + return $form; + } +} -- cgit v1.2.3 From 226d1f714635995722fe7927f8ec049fe3890011 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Mon, 5 Jul 2010 08:58:36 -0700 Subject: Revert "If the admin request originates as a dialog link, don't display the entire page when reauthenticating the administrator. Just put the form in the dialog." This reverts commit 8493a3d36f597e183490ae880b35a3d98f50a045. --- lib/gallery.dialog.js | 3 +-- modules/gallery/controllers/admin.php | 11 ++------ modules/gallery/controllers/reauthenticate.php | 20 ++++++++++++-- modules/gallery/helpers/reauthenticate.php | 36 -------------------------- 4 files changed, 21 insertions(+), 49 deletions(-) delete mode 100644 modules/gallery/helpers/reauthenticate.php (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index dd1a5663..6ec8c634 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -26,8 +26,7 @@ $("#g-dialog").gallery_show_loading(); - var url = sHref + (sHref.indexOf("?") == -1 ? "?" : "&") + "g-in-dialog"; - $.get(url, function(data) { + $.get(sHref, function(data) { $("#g-dialog").html(data).gallery_show_loading(); if ($("#g-dialog form").length) { diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php index d9bee284..c460f58c 100644 --- a/modules/gallery/controllers/admin.php +++ b/modules/gallery/controllers/admin.php @@ -38,8 +38,7 @@ class Admin_Controller extends Controller { return self::_reauth_check(); } if (auth::must_reauth_for_admin_area()) { - print self::_prompt_for_reauth($controller_name, $args); - return; + return self::_prompt_for_reauth($controller_name, $args); } if (request::method() == "post") { @@ -86,13 +85,7 @@ class Admin_Controller extends Controller { // Avoid anti-phishing protection by passing the url as session variable. Session::instance()->set("continue_url", url::abs_current(true)); } - - // Check that we we not in a dialog. If we are, then use an ajax response. - if (strpos(Router::$query_string, "g-in-dialog") === false) { - url::redirect("reauthenticate"); - } else { - return reauthenticate::get_authenticate_form(); - } + url::redirect("reauthenticate"); } } diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php index 9ddaff2e..acb27f6a 100644 --- a/modules/gallery/controllers/reauthenticate.php +++ b/modules/gallery/controllers/reauthenticate.php @@ -22,7 +22,7 @@ class Reauthenticate_Controller extends Controller { if (!identity::active_user()->admin) { access::forbidden(); } - return self::_show_form(reauthenticate::get_authenticate_form()); + return self::_show_form(self::_form()); } public function auth() { @@ -31,7 +31,7 @@ class Reauthenticate_Controller extends Controller { } access::verify_csrf(); - $form = reauthenticate::get_authenticate_form(); + $form = self::_form(); $valid = $form->validate(); $user = identity::active_user(); if ($valid) { @@ -54,4 +54,20 @@ class Reauthenticate_Controller extends Controller { $view->content->user_name = identity::active_user()->name; print $view; } + + private static function _form() { + $form = new Forge("reauthenticate/auth", "", "post", array("id" => "g-reauthenticate-form")); + $form->set_attr('class', "g-narrow"); + $form->hidden("continue_url")->value(Session::instance()->get("continue_url", "admin")); + $group = $form->group("reauthenticate")->label(t("Re-authenticate")); + $group->password("password")->label(t("Password"))->id("g-password")->class(null) + ->callback("auth::validate_too_many_failed_auth_attempts") + ->callback("user::valid_password") + ->error_messages("invalid_password", t("Incorrect password")) + ->error_messages( + "too_many_failed_auth_attempts", + t("Too many incorrect passwords. Try again later")); + $group->submit("")->value(t("Submit")); + return $form; + } } diff --git a/modules/gallery/helpers/reauthenticate.php b/modules/gallery/helpers/reauthenticate.php deleted file mode 100644 index 1ad90e15..00000000 --- a/modules/gallery/helpers/reauthenticate.php +++ /dev/null @@ -1,36 +0,0 @@ - "g-reauthenticate-form")); - $form->set_attr('class', "g-narrow"); - $form->hidden("continue_url")->value(Session::instance()->get("continue_url", "admin")); - $group = $form->group("reauthenticate")->label(t("Re-authenticate")); - $group->password("password")->label(t("Password"))->id("g-password")->class(null) - ->callback("auth::validate_too_many_failed_auth_attempts") - ->callback("user::valid_password") - ->error_messages("invalid_password", t("Incorrect password")) - ->error_messages( - "too_many_failed_auth_attempts", - t("Too many incorrect passwords. Try again later")); - $group->submit("")->value(t("Submit")); - return $form; - } -} -- cgit v1.2.3 From dbf3199e46d8a9c0ae37108f6afda35232ef4cdd Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 6 Jul 2010 14:12:00 -0700 Subject: Fix for ticket #1181. Use $.getJSON to retrieve the json contents of the dialog. Convert all the controllers that create the data to go into a dialog to return the html as part of a json object. --- lib/gallery.dialog.js | 5 +++-- modules/exif/controllers/exif.php | 2 +- modules/gallery/controllers/admin_advanced_settings.php | 2 +- modules/gallery/controllers/admin_maintenance.php | 6 +++--- modules/gallery/controllers/admin_themes.php | 2 +- modules/gallery/controllers/albums.php | 4 ++-- modules/gallery/controllers/flash_uploader.php | 3 ++- modules/gallery/controllers/login.php | 2 +- modules/gallery/controllers/move.php | 2 +- modules/gallery/controllers/movies.php | 2 +- modules/gallery/controllers/permissions.php | 2 +- modules/gallery/controllers/photos.php | 6 +++--- modules/gallery/controllers/quick.php | 17 +++++------------ modules/gallery/controllers/user_profile.php | 2 +- modules/gallery/tests/xss_data.txt | 1 + modules/gallery/views/move_browse.html.php | 13 ++++++++----- modules/gallery/views/quick_delete_confirm.html.php | 12 ++++++++++++ modules/organize/controllers/organize.php | 2 +- modules/server_add/controllers/server_add.php | 2 +- modules/tag/controllers/admin_tags.php | 2 +- modules/user/controllers/admin_users.php | 12 ++++++------ modules/user/controllers/users.php | 6 +++--- modules/watermark/controllers/admin_watermarks.php | 6 +++--- 23 files changed, 62 insertions(+), 51 deletions(-) create mode 100644 modules/gallery/views/quick_delete_confirm.html.php (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index 6ec8c634..1e91e3ae 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -1,3 +1,4 @@ + (function($) { $.widget("ui.gallery_dialog", { _init: function() { @@ -26,8 +27,8 @@ $("#g-dialog").gallery_show_loading(); - $.get(sHref, function(data) { - $("#g-dialog").html(data).gallery_show_loading(); + $.getJSON(sHref, function(data) { + $("#g-dialog").html(unescape(data.form)).gallery_show_loading(); if ($("#g-dialog form").length) { self.form_loaded(null, $("#g-dialog form")); diff --git a/modules/exif/controllers/exif.php b/modules/exif/controllers/exif.php index 2fe875e3..fe5b2ff4 100644 --- a/modules/exif/controllers/exif.php +++ b/modules/exif/controllers/exif.php @@ -28,6 +28,6 @@ class Exif_Controller extends Controller { $view = new View("exif_dialog.html"); $view->details = exif::get($item); - print $view; + print json_encode(array("form" => (string) $view)); } } diff --git a/modules/gallery/controllers/admin_advanced_settings.php b/modules/gallery/controllers/admin_advanced_settings.php index 6f4e9403..2bbbdf50 100644 --- a/modules/gallery/controllers/admin_advanced_settings.php +++ b/modules/gallery/controllers/admin_advanced_settings.php @@ -39,7 +39,7 @@ class Admin_Advanced_Settings_Controller extends Admin_Controller { $group->input("var_name")->label(t("Setting"))->value($var_name)->disabled(1); $group->textarea("value")->label(t("Value"))->value($value); $group->submit("")->value(t("Save")); - print $form; + print json_encode(array("form" => (string) $form)); } public function save($module_name, $var_name) { diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php index d6a2d191..489f5d54 100644 --- a/modules/gallery/controllers/admin_maintenance.php +++ b/modules/gallery/controllers/admin_maintenance.php @@ -64,7 +64,7 @@ class Admin_Maintenance_Controller extends Admin_Controller { log::info("tasks", t("Task %task_name started (task id %task_id)", array("task_name" => $task->name, "task_id" => $task->id)), html::anchor("admin/maintenance", t("maintenance"))); - print $view; + print json_encode(array("form" => (string) $view)); } /** @@ -86,7 +86,7 @@ class Admin_Maintenance_Controller extends Admin_Controller { log::info("tasks", t("Task %task_name resumed (task id %task_id)", array("task_name" => $task->name, "task_id" => $task->id)), html::anchor("admin/maintenance", t("maintenance"))); - print $view; + print json_encode(array("form" => (string) $view)); } /** @@ -103,7 +103,7 @@ class Admin_Maintenance_Controller extends Admin_Controller { $view = new View("admin_maintenance_show_log.html"); $view->task = $task; - print $view; + print json_encode(array("form" => (string) $view)); } /** diff --git a/modules/gallery/controllers/admin_themes.php b/modules/gallery/controllers/admin_themes.php index e59eadaf..b1bd438f 100644 --- a/modules/gallery/controllers/admin_themes.php +++ b/modules/gallery/controllers/admin_themes.php @@ -52,7 +52,7 @@ class Admin_Themes_Controller extends Admin_Controller { } else { $view->url = item::root()->url("theme=$theme_name"); } - print $view; + print json_encode(array("form" => (string) $view)); } public function choose($type, $theme_name) { diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index eaa09be5..8aed1341 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -168,7 +168,7 @@ class Albums_Controller extends Items_Controller { access::required("view", $album); access::required("add", $album); - print album::get_add_form($album); + print json_encode(array("form" => (string) album::get_add_form($album))); } public function form_edit($album_id) { @@ -176,6 +176,6 @@ class Albums_Controller extends Items_Controller { access::required("view", $album); access::required("edit", $album); - print album::get_edit_form($album); + print json_encode(array("form" => (string) album::get_edit_form($album))); } } diff --git a/modules/gallery/controllers/flash_uploader.php b/modules/gallery/controllers/flash_uploader.php index f7da5124..be3896cd 100644 --- a/modules/gallery/controllers/flash_uploader.php +++ b/modules/gallery/controllers/flash_uploader.php @@ -26,7 +26,8 @@ class Flash_Uploader_Controller extends Controller { $item = $item->parent(); } - print $this->_get_add_form($item); + print json_encode(array("form" => (string)$this->_get_add_form($item))); + //print $this->_get_add_form($item); } public function start() { diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php index 2b60316b..b823504b 100644 --- a/modules/gallery/controllers/login.php +++ b/modules/gallery/controllers/login.php @@ -22,7 +22,7 @@ class Login_Controller extends Controller { public function ajax() { $view = new View("login_ajax.html"); $view->form = auth::get_login_form("login/auth_ajax"); - print $view; + print json_encode(array("form" => (string) $view)); } public function auth_ajax() { diff --git a/modules/gallery/controllers/move.php b/modules/gallery/controllers/move.php index f8b85b6f..a99ef341 100644 --- a/modules/gallery/controllers/move.php +++ b/modules/gallery/controllers/move.php @@ -26,7 +26,7 @@ class Move_Controller extends Controller { $view = new View("move_browse.html"); $view->source = $source; $view->tree = $this->_get_tree_html($source, ORM::factory("item", 1)); - print $view; + print json_encode(array("form" => (string) $view)); } public function save($source_id) { diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index 16d22d90..c18dbcde 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -102,6 +102,6 @@ class Movies_Controller extends Items_Controller { access::required("view", $movie); access::required("edit", $movie); - print movie::get_edit_form($movie); + print json_encode(array("form" => (string) movie::get_edit_form($movie))); } } diff --git a/modules/gallery/controllers/permissions.php b/modules/gallery/controllers/permissions.php index fc06cb44..8fdda7b2 100644 --- a/modules/gallery/controllers/permissions.php +++ b/modules/gallery/controllers/permissions.php @@ -33,7 +33,7 @@ class Permissions_Controller extends Controller { $view->parents = $item->parents(); $view->form = $this->_get_form($item); - print $view; + print json_encode(array("form" => (string) $view)); } function form($id) { diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index f336d07c..9f17cebb 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -24,9 +24,9 @@ class Photos_Controller extends Items_Controller { // sure that we're actually receiving an object throw new Kohana_404_Exception(); } - + access::required("view", $photo); - + $where = array(array("type", "!=", "album")); $position = $photo->parent()->get_position($photo, $where); if ($position > 1) { @@ -102,6 +102,6 @@ class Photos_Controller extends Items_Controller { access::required("view", $photo); access::required("edit", $photo); - print photo::get_edit_form($photo); + print json_encode(array("form" => (string) photo::get_edit_form($photo))); } } diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php index 6cfbbc62..7df5bf18 100644 --- a/modules/gallery/controllers/quick.php +++ b/modules/gallery/controllers/quick.php @@ -90,17 +90,10 @@ class Quick_Controller extends Controller { access::required("view", $item); access::required("edit", $item); - if ($item->is_album()) { - print t( - "Delete the album %title? All photos and movies in the album will also be deleted.", - array("title" => html::purify($item->title))); - } else { - print t("Are you sure you want to delete %title?", - array("title" => html::purify($item->title))); - } - - $form = item::get_delete_form($item); - print $form; + $v = new View("quick_delete_confirm.html"); + $v->item = $item; + $v->form = item::get_delete_form($item); + print json_encode(array("form" => (string) $v)); } public function delete($id) { @@ -149,6 +142,6 @@ class Quick_Controller extends Controller { // Pass on the source item where this form was generated, so we have an idea where to return to. $form->hidden("from_id")->value((int)Input::instance()->get("from_id", 0)); - print $form; + print json_encode(array("form" => (string) $form)); } } diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php index c064e791..431918ff 100644 --- a/modules/gallery/controllers/user_profile.php +++ b/modules/gallery/controllers/user_profile.php @@ -44,7 +44,7 @@ class User_Profile_Controller extends Controller { public function contact($id) { $user = identity::lookup_user($id); - print user_profile::get_contact_form($user); + print json_encode(array("form" => (string) user_profile::get_contact_form($user))); } public function send($id) { diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 26edaebc..475f75c1 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -253,6 +253,7 @@ modules/gallery/views/permissions_form.html.php 75 DIRTY_JS $item- modules/gallery/views/permissions_form.html.php 80 DIRTY_JS $group->id modules/gallery/views/permissions_form.html.php 80 DIRTY_JS $permission->id modules/gallery/views/permissions_form.html.php 80 DIRTY_JS $item->id +modules/gallery/views/quick_delete_confirm.html.php 11 DIRTY $form modules/gallery/views/reauthenticate.html.php 9 DIRTY $form modules/gallery/views/upgrader.html.php 57 DIRTY_ATTR $done?"muted":"" modules/gallery/views/upgrader.html.php 61 DIRTY_ATTR $done?"muted":"" diff --git a/modules/gallery/views/move_browse.html.php b/modules/gallery/views/move_browse.html.php index ce3fc2fd..f77c724c 100644 --- a/modules/gallery/views/move_browse.html.php +++ b/modules/gallery/views/move_browse.html.php @@ -1,4 +1,5 @@ +
-

+

type == "photo"): ?> - + type == "movie"): ?> - + type == "album"): ?> - +

@@ -42,6 +43,8 @@
id") ?>"> - for_html_attr() ?>" disabled="disabled"/> + for_html_attr() ?>" + disabled="disabled" class="submit" />
+
diff --git a/modules/gallery/views/quick_delete_confirm.html.php b/modules/gallery/views/quick_delete_confirm.html.php new file mode 100644 index 00000000..176ffb96 --- /dev/null +++ b/modules/gallery/views/quick_delete_confirm.html.php @@ -0,0 +1,12 @@ + +
+

+ is_album()): ?> + %title? All photos and movies in the album will also be deleted.", + array("title" => html::purify($item->title))) ?> + + %title?", array("title" => html::purify($item->title))) ?> + +

+ +
diff --git a/modules/organize/controllers/organize.php b/modules/organize/controllers/organize.php index 135a6fc9..ebd40c8d 100644 --- a/modules/organize/controllers/organize.php +++ b/modules/organize/controllers/organize.php @@ -47,7 +47,7 @@ class Organize_Controller extends Controller { $v->controller_uri = url::site("organize") . "/"; $v->swf_uri = url::file("modules/organize/lib/Gallery3WebClient.swf?") . filemtime(MODPATH . "organize/lib/Gallery3WebClient.swf"); - print $v; + print json_encode(array("form" => (string) $v)); } function add_album_fields() { diff --git a/modules/server_add/controllers/server_add.php b/modules/server_add/controllers/server_add.php index 715274ab..d6c2459d 100644 --- a/modules/server_add/controllers/server_add.php +++ b/modules/server_add/controllers/server_add.php @@ -30,7 +30,7 @@ class Server_Add_Controller extends Admin_Controller { $view->tree = new View("server_add_tree.html"); $view->tree->files = $files; $view->tree->parents = array(); - print $view; + print json_encode(array("form" => (string) $view)); } public function children() { diff --git a/modules/tag/controllers/admin_tags.php b/modules/tag/controllers/admin_tags.php index 9e875d14..c2da7bc3 100644 --- a/modules/tag/controllers/admin_tags.php +++ b/modules/tag/controllers/admin_tags.php @@ -37,7 +37,7 @@ class Admin_Tags_Controller extends Admin_Controller { public function form_delete($id) { $tag = ORM::factory("tag", $id); if ($tag->loaded()) { - print tag::get_delete_form($tag); + print json_encode(array("form" => (string) tag::get_delete_form($tag))); } } diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php index e14be393..b9d06891 100644 --- a/modules/user/controllers/admin_users.php +++ b/modules/user/controllers/admin_users.php @@ -61,7 +61,7 @@ class Admin_Users_Controller extends Admin_Controller { } public function add_user_form() { - print $this->_get_user_add_form_admin(); + print json_encode(array("form" => (string) $this->_get_user_add_form_admin())); } public function delete_user($id) { @@ -95,7 +95,7 @@ class Admin_Users_Controller extends Admin_Controller { if (empty($user)) { throw new Kohana_404_Exception(); } - print $this->_get_user_delete_form_admin($user); + print json_encode(array("form" => (string) $this->_get_user_delete_form_admin($user))); } public function edit_user($id) { @@ -146,7 +146,7 @@ class Admin_Users_Controller extends Admin_Controller { throw new Kohana_404_Exception(); } - print $this->_get_user_edit_form_admin($user); + print json_encode(array("form" => (string) $this->_get_user_edit_form_admin($user))); } public function add_user_to_group($user_id, $group_id) { @@ -199,7 +199,7 @@ class Admin_Users_Controller extends Admin_Controller { } public function add_group_form() { - print $this->_get_group_add_form_admin(); + print json_encode(array("form" => (string) $this->_get_group_add_form_admin())); } public function delete_group($id) { @@ -230,7 +230,7 @@ class Admin_Users_Controller extends Admin_Controller { throw new Kohana_404_Exception(); } - print $this->_get_group_delete_form_admin($group); + print json_encode(array("form" => (string) $this->_get_group_delete_form_admin($group))); } public function edit_group($id) { @@ -272,7 +272,7 @@ class Admin_Users_Controller extends Admin_Controller { throw new Kohana_404_Exception(); } - print $this->_get_group_edit_form_admin($group); + print json_encode(array("form" => (string) $this->_get_group_edit_form_admin($group))); } /* User Form Definitions */ diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index 7f3f6b1f..4ddfb47c 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -139,7 +139,7 @@ class Users_Controller extends Controller { access::forbidden(); } - print $this->_get_edit_form($user); + print json_encode(array("form" => (string) $this->_get_edit_form($user))); } public function form_change_password($id) { @@ -148,7 +148,7 @@ class Users_Controller extends Controller { access::forbidden(); } - print $this->_get_change_password_form($user); + print json_encode(array("form" => (string) $this->_get_change_password_form($user))); } public function form_change_email($id) { @@ -157,7 +157,7 @@ class Users_Controller extends Controller { access::forbidden(); } - print $this->_get_change_email_form($user); + print json_encode(array("form" => (string) $this->_get_change_email_form($user))); } private function _get_change_password_form($user) { diff --git a/modules/watermark/controllers/admin_watermarks.php b/modules/watermark/controllers/admin_watermarks.php index 18b463ca..8b217b4a 100644 --- a/modules/watermark/controllers/admin_watermarks.php +++ b/modules/watermark/controllers/admin_watermarks.php @@ -35,7 +35,7 @@ class Admin_Watermarks_Controller extends Admin_Controller { } public function form_edit() { - print watermark::get_edit_form(); + print json_encode(array("form" => (string) watermark::get_edit_form())); } public function edit() { @@ -58,7 +58,7 @@ class Admin_Watermarks_Controller extends Admin_Controller { } public function form_delete() { - print watermark::get_delete_form(); + print json_encode(array("form" => (string) watermark::get_delete_form())); } public function delete() { @@ -88,7 +88,7 @@ class Admin_Watermarks_Controller extends Admin_Controller { } public function form_add() { - print watermark::get_add_form(); + print json_encode(array("form" => (string) watermark::get_add_form())); } public function add() { -- cgit v1.2.3 From 9538b3888dadbe3a6fac72e2a97f97c7db3d86f2 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 7 Jul 2010 08:58:38 -0700 Subject: Fix for ticket #1176. Have the gallery.dialog code add a g-in-dialog parameter to the url to let the controller know its in a dialog. The reauthenticate controller will format the password prompt as a page or a form content. If authentication is successful, then the original controller is called instead of being redirected to. --- lib/gallery.dialog.js | 3 +- modules/gallery/controllers/admin.php | 8 +++-- modules/gallery/controllers/reauthenticate.php | 45 ++++++++++++++++++++++++-- 3 files changed, 50 insertions(+), 6 deletions(-) (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index 1e91e3ae..e6bd7392 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -27,7 +27,8 @@ $("#g-dialog").gallery_show_loading(); - $.getJSON(sHref, function(data) { + var url = sHref + (sHref.indexOf("?") == -1 ? "?" : "&") + "g-in-dialog"; + $.getJSON(url, function(data) { $("#g-dialog").html(unescape(data.form)).gallery_show_loading(); if ($("#g-dialog form").length) { diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php index 40dd260b..7d2a0c43 100644 --- a/modules/gallery/controllers/admin.php +++ b/modules/gallery/controllers/admin.php @@ -82,10 +82,14 @@ class Admin_Controller extends Controller { } private static function _prompt_for_reauth($controller_name, $args) { - if (request::method() == "get" && !request::is_ajax()) { + if (request::method() == "get") { // Avoid anti-phishing protection by passing the url as session variable. - Session::instance()->set("continue_url", url::abs_current(true)); + $reauthenticate = array("continue_url" => url::abs_current(true), + "in_dialog" => strpos(Router::$query_string, "g-in-dialog") !== false, + "controller" => $controller_name, "args" => $args); + Session::instance()->set("reauthenticate", $reauthenticate); } + url::redirect("reauthenticate"); } } diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php index acb27f6a..fb1b13bc 100644 --- a/modules/gallery/controllers/reauthenticate.php +++ b/modules/gallery/controllers/reauthenticate.php @@ -22,7 +22,12 @@ class Reauthenticate_Controller extends Controller { if (!identity::active_user()->admin) { access::forbidden(); } - return self::_show_form(self::_form()); + $reauthenticate = Session::instance()->get("reauthenticate", array()); + if (empty($reauthenticate["in_dialog"])) { + self::_show_form(self::_form()); + } else { + print json_encode(array("form" => (string) self::_form())); + } } public function auth() { @@ -31,18 +36,30 @@ class Reauthenticate_Controller extends Controller { } access::verify_csrf(); + $reauthenticate = Session::instance()->get("reauthenticate", array()); + Kohana_Log::add("error", Kohana::debug($reauthenticate)); + $form = self::_form(); $valid = $form->validate(); $user = identity::active_user(); if ($valid) { message::success(t("Successfully re-authenticated!")); module::event("user_auth", $user); - url::redirect($form->continue_url->value); + Session::instance()->delete("reauthenticate"); + if (empty($reauthenticate["in_dialog"])) { + url::redirect($reauthenticate["continue_url"]); + } else { + self::_call_admin_function($reauthenticate); + } } else { $name = $user->name; log::warning("user", t("Failed re-authentication for %name", array("name" => $name))); module::event("user_auth_failed", $name); - return self::_show_form($form); + if (empty($reauthenticate["in_dialog"])) { + self::_show_form($form); + } else { + print json_encode(array("form" => (string) $form)); + } } } @@ -52,6 +69,7 @@ class Reauthenticate_Controller extends Controller { $view->content = new View("reauthenticate.html"); $view->content->form = $form; $view->content->user_name = identity::active_user()->name; + print $view; } @@ -70,4 +88,25 @@ class Reauthenticate_Controller extends Controller { $group->submit("")->value(t("Submit")); return $form; } + + private static function _call_admin_function($reauthenticate) { + $controller_name = $reauthenticate["controller"]; + $args = $reauthenticate["args"]; + if ($controller_name == "index") { + $controller_name = "dashboard"; + } + + $controller_name = "Admin_{$controller_name}_Controller"; + if ($args) { + $method = array_shift($args); + } else { + $method = "index"; + } + + if (!method_exists($controller_name, $method)) { + throw new Kohana_404_Exception(); + } + + call_user_func_array(array(new $controller_name, $method), $args); + } } -- cgit v1.2.3 From 591c5a11a396c6611a1e40f3c10253c5cfd78434 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Fri, 9 Jul 2010 06:08:20 -0700 Subject: Reset the postion option to center when the form data is reloaded, to force the dialog to recenter in case the contents have changed. --- lib/gallery.dialog.js | 1 + modules/gallery/views/form_uploadify.html.php | 2 ++ 2 files changed, 3 insertions(+) (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index e6bd7392..289345bc 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -119,6 +119,7 @@ if (data.form) { var formData = unescape(data.form); $("#g-dialog form").replaceWith(formData); + $("#g-dialog").dialog("option", "position", "center"); $("#g-dialog form :submit").removeClass("ui-state-disabled") .attr("disabled", null); self._ajaxify_dialog(); diff --git a/modules/gallery/views/form_uploadify.html.php b/modules/gallery/views/form_uploadify.html.php index 588fa16d..4676fcef 100644 --- a/modules/gallery/views/form_uploadify.html.php +++ b/modules/gallery/views/form_uploadify.html.php @@ -88,6 +88,7 @@ +

@@ -99,6 +100,7 @@

  • title) ?>
    • +
    -- cgit v1.2.3 From f26d5dbbdf559ab78d2c2d02d11b4833c98a0040 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Fri, 9 Jul 2010 10:40:22 -0700 Subject: Reset the title in case the dialog contents changed the dialog title. --- lib/gallery.dialog.js | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index 289345bc..1d0eae7e 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -37,15 +37,7 @@ self._layout(); $("#g-dialog").dialog("open"); - // Remove titlebar for progress dialogs or set title - if ($("#g-dialog #g-progress").length) { - $(".ui-dialog-titlebar").remove(); - } else if ($("#g-dialog h1").length) { - $("#g-dialog").dialog('option', 'title', $("#g-dialog h1:eq(0)").html()); - $("#g-dialog h1:eq(0)").hide(); - } else if ($("#g-dialog fieldset legend").length) { - $("#g-dialog").dialog('option', 'title', $("#g-dialog fieldset legend:eq(0)").html()); - } + self._set_title(); if ($("#g-dialog form").length) { self._ajaxify_dialog(); @@ -122,6 +114,7 @@ $("#g-dialog").dialog("option", "position", "center"); $("#g-dialog form :submit").removeClass("ui-state-disabled") .attr("disabled", null); + self._set_title(); self._ajaxify_dialog(); self.form_loaded(null, $("#g-dialog form")); if (typeof data.reset == 'function') { @@ -139,6 +132,18 @@ }); }, + _set_title: function() { + // Remove titlebar for progress dialogs or set title + if ($("#g-dialog #g-progress").length) { + $(".ui-dialog-titlebar").remove(); + } else if ($("#g-dialog h1").length) { + $("#g-dialog").dialog('option', 'title', $("#g-dialog h1:eq(0)").html()); + $("#g-dialog h1:eq(0)").hide(); + } else if ($("#g-dialog fieldset legend").length) { + $("#g-dialog").dialog('option', 'title', $("#g-dialog fieldset legend:eq(0)").html()); + } + }, + form_closing: function(event, ui) {}, dialog_closing: function(event, ui) {} }); -- cgit v1.2.3 From 155d2b809b5d416f39bc71ce10c2704b886eccef Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Thu, 15 Jul 2010 14:54:45 -0700 Subject: Rename g-in-dialog to the naming standard for query parameters and give it something more representative... 'gallery_dialog_request' --- lib/gallery.dialog.js | 2 +- modules/gallery/controllers/admin.php | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index 1d0eae7e..a36c561a 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -27,7 +27,7 @@ $("#g-dialog").gallery_show_loading(); - var url = sHref + (sHref.indexOf("?") == -1 ? "?" : "&") + "g-in-dialog"; + var url = sHref + (sHref.indexOf("?") == -1 ? "?" : "&") + "gallery_dialog_request=1"; $.getJSON(url, function(data) { $("#g-dialog").html(unescape(data.form)).gallery_show_loading(); diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php index 7d2a0c43..3befac7d 100644 --- a/modules/gallery/controllers/admin.php +++ b/modules/gallery/controllers/admin.php @@ -84,9 +84,9 @@ class Admin_Controller extends Controller { private static function _prompt_for_reauth($controller_name, $args) { if (request::method() == "get") { // Avoid anti-phishing protection by passing the url as session variable. - $reauthenticate = array("continue_url" => url::abs_current(true), - "in_dialog" => strpos(Router::$query_string, "g-in-dialog") !== false, - "controller" => $controller_name, "args" => $args); + $reauthenticate = + array("continue_url" => url::abs_current(true), + "in_dialog" => strpos(Router::$query_string, "gallery_dialog_request") !== false); Session::instance()->set("reauthenticate", $reauthenticate); } -- cgit v1.2.3 From 583950616ef7c89acc0b0cbb52e77ffdb0afbb3d Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 16 Jul 2010 11:58:13 -0700 Subject: Improve the fix for #1176 to use request::is_ajax() instead of tacking on a query param to urls that appear in dialogs. This keeps things simpler. --- lib/gallery.dialog.js | 3 +-- modules/gallery/controllers/admin.php | 5 +---- modules/gallery/controllers/reauthenticate.php | 17 ++++++----------- 3 files changed, 8 insertions(+), 17 deletions(-) (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index a36c561a..cc35f5cd 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -27,8 +27,7 @@ $("#g-dialog").gallery_show_loading(); - var url = sHref + (sHref.indexOf("?") == -1 ? "?" : "&") + "gallery_dialog_request=1"; - $.getJSON(url, function(data) { + $.getJSON(sHref, function(data) { $("#g-dialog").html(unescape(data.form)).gallery_show_loading(); if ($("#g-dialog form").length) { diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php index 3befac7d..eacacb28 100644 --- a/modules/gallery/controllers/admin.php +++ b/modules/gallery/controllers/admin.php @@ -84,10 +84,7 @@ class Admin_Controller extends Controller { private static function _prompt_for_reauth($controller_name, $args) { if (request::method() == "get") { // Avoid anti-phishing protection by passing the url as session variable. - $reauthenticate = - array("continue_url" => url::abs_current(true), - "in_dialog" => strpos(Router::$query_string, "gallery_dialog_request") !== false); - Session::instance()->set("reauthenticate", $reauthenticate); + Session::instance()->set("continue_url", url::abs_current(true)); } url::redirect("reauthenticate"); diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php index 7378ea73..3cff2b6a 100644 --- a/modules/gallery/controllers/reauthenticate.php +++ b/modules/gallery/controllers/reauthenticate.php @@ -22,11 +22,10 @@ class Reauthenticate_Controller extends Controller { if (!identity::active_user()->admin) { access::forbidden(); } - $reauthenticate = Session::instance()->get("reauthenticate", array()); - if (empty($reauthenticate["in_dialog"])) { - self::_show_form(self::_form()); - } else { + if (request::is_ajax()) { print json_encode(array("form" => (string) self::_form())); + } else { + self::_show_form(self::_form()); } } @@ -36,18 +35,15 @@ class Reauthenticate_Controller extends Controller { } access::verify_csrf(); - $reauthenticate = Session::instance()->get("reauthenticate", array()); - $form = self::_form(); $valid = $form->validate(); $user = identity::active_user(); if ($valid) { module::event("user_auth", $user); - Session::instance()->delete("reauthenticate"); - if (empty($reauthenticate["in_dialog"])) { + if (!request::is_ajax()) { message::success(t("Successfully re-authenticated!")); } - url::redirect($reauthenticate["continue_url"]); + url::redirect(Session::instance()->get_once("continue_url")); } else { $name = $user->name; log::warning("user", t("Failed re-authentication for %name", array("name" => $name))); @@ -72,8 +68,7 @@ class Reauthenticate_Controller extends Controller { private static function _form() { $form = new Forge("reauthenticate/auth", "", "post", array("id" => "g-reauthenticate-form")); - $form->set_attr('class', "g-narrow"); - $form->hidden("continue_url")->value(Session::instance()->get("continue_url", "admin")); + $form->set_attr("class", "g-narrow"); $group = $form->group("reauthenticate")->label(t("Re-authenticate")); $group->password("password")->label(t("Password"))->id("g-password")->class(null) ->callback("auth::validate_too_many_failed_auth_attempts") -- cgit v1.2.3 From 5c0998c4ac9ad7572df68f5c2cc351f0d03a7bd2 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 21 Jul 2010 07:20:24 -0700 Subject: Partial fix for #1225. Change the dialog and panel handling to look at the mime type returned to determine the content type. --- lib/gallery.dialog.js | 45 ++++++++++++++++++++++++++++++++++----------- lib/gallery.panel.js | 38 ++++++++++++++++++++++++++++++-------- 2 files changed, 64 insertions(+), 19 deletions(-) (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index cc35f5cd..7b9d4b94 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -27,19 +27,42 @@ $("#g-dialog").gallery_show_loading(); - $.getJSON(sHref, function(data) { - $("#g-dialog").html(unescape(data.form)).gallery_show_loading(); + $.ajax({ + url: sHref, + type: "GET", + beforeSend: function(xhr) { + // Until we convert to jquery 1.4, we need to save the + // XMLHttpRequest object + this.xhrData = xhr; + }, + success: function(data, textStatus, xhr) { + // Pre jquery 1.4, get the saved XMLHttpRequest object + if (xhr == undefined) { + xhr = this.xhrData; + } + var mimeType = /^(\w+\/\w+)\;?/.exec(xhr.getResponseHeader("Content-Type")); + + var content = ""; + if (mimeType[1] == "application/json") { + data = JSON.parse(data); + content = unescape(data.form); + } else { + content = data; + } - if ($("#g-dialog form").length) { - self.form_loaded(null, $("#g-dialog form")); - } - self._layout(); + $("#g-dialog").html(content).gallery_show_loading(); - $("#g-dialog").dialog("open"); - self._set_title(); + if ($("#g-dialog form").length) { + self.form_loaded(null, $("#g-dialog form")); + } + self._layout(); + + $("#g-dialog").dialog("open"); + self._set_title(); - if ($("#g-dialog form").length) { - self._ajaxify_dialog(); + if ($("#g-dialog form").length) { + self._ajaxify_dialog(); + } } }); $("#g-dialog").dialog("option", "self", self); @@ -108,7 +131,7 @@ }, success: function(data) { if (data.form) { - var formData = unescape(data.form); + var formData = unescape(data.content); $("#g-dialog form").replaceWith(formData); $("#g-dialog").dialog("option", "position", "center"); $("#g-dialog form :submit").removeClass("ui-state-disabled") diff --git a/lib/gallery.panel.js b/lib/gallery.panel.js index b94df223..e219f3d6 100644 --- a/lib/gallery.panel.js +++ b/lib/gallery.panel.js @@ -31,15 +31,37 @@ if (should_open) { $(parent).after(ePanel); $("#g-panel td").html(sHref); - $.getJSON(sHref, function(data) { - $("#g-panel td").html(unescape(data.form)); - self._ajaxify_panel(); - if ($(element).attr("open_text")) { - $(element).attr("orig_text", $(element).children(".g-button-text").text()); - $(element).children(".g-button-text").text($(element).attr("open_text")); + $.ajax({ + url: sHref, + type: "GET", + beforeSend: function(xhr) { + // Until we convert to jquery 1.4, we need to save the + // XMLHttpRequest object + this.xhrData = xhr; + }, + success: function(data, textStatus, xhr) { + // Pre jquery 1.4, get the saved XMLHttpRequest object + if (xhr == undefined) { + xhr = this.xhrData; + } + var mimeType = /^(\w+\/\w+)\;?/.exec(xhr.getResponseHeader("Content-Type")); + var content = ""; + if (mimeType[1] == "application/json") { + data = JSON.parse(data); + content = unescape(data.form); + } else { + content = data; + } + + $("#g-panel td").html(content); + self._ajaxify_panel(); + if ($(element).attr("open_text")) { + $(element).attr("orig_text", $(element).children(".g-button-text").text()); + $(element).children(".g-button-text").text($(element).attr("open_text")); + } + $("#g-panel").addClass(parentClass).show().slideDown("slow"); } - $("#g-panel").addClass(parentClass).show().slideDown("slow"); - }); + }); } return false; -- cgit v1.2.3 From 0cca2fdf9bc0e77e1015975efdb9fe7c07a75b5f Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Mon, 26 Jul 2010 07:57:49 -0700 Subject: Correct the name of the JSON member that contains the form data. --- lib/gallery.dialog.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index 7b9d4b94..f47c6d56 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -131,7 +131,7 @@ }, success: function(data) { if (data.form) { - var formData = unescape(data.content); + var formData = unescape(data.form); $("#g-dialog form").replaceWith(formData); $("#g-dialog").dialog("option", "position", "center"); $("#g-dialog form :submit").removeClass("ui-state-disabled") -- cgit v1.2.3 From a6ceb927e602dd693b011a17e625cc9c87d57d69 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Thu, 29 Jul 2010 08:59:10 -0700 Subject: Sometimes in dialogs, the form is wrapped in a view to provide additional information. We need to replace the contents of the entire dialog, not just the form, otherwise, there could be text floating around that doesn't make sense. --- lib/gallery.dialog.js | 2 +- lib/gallery.panel.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index f47c6d56..555e6f47 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -132,7 +132,7 @@ success: function(data) { if (data.form) { var formData = unescape(data.form); - $("#g-dialog form").replaceWith(formData); + $("#g-dialog").html(formData); $("#g-dialog").dialog("option", "position", "center"); $("#g-dialog form :submit").removeClass("ui-state-disabled") .attr("disabled", null); diff --git a/lib/gallery.panel.js b/lib/gallery.panel.js index e219f3d6..aee7185d 100644 --- a/lib/gallery.panel.js +++ b/lib/gallery.panel.js @@ -80,7 +80,7 @@ }, success: function(data) { if (data.form) { - $("#g-panel td form").replaceWith(data.form); + $("#g-panel td").html(data.form); self._ajaxify_panel(); } if (data.result == "success") { -- cgit v1.2.3 From 7607e1f932dda53144792d0b7e8674a34fbc7f9a Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 31 Jul 2010 21:16:17 -0700 Subject: Full pass over all the JSON encoding and JS dialog code. We now abide by the following rules: 1) An initial dialog or panel load can take either HTML or JSON, but the mime type must accurately reflect its payload. 2) dialog form submits can handle a pure HTML response, but the mime type must also be correct. This properly resolves the problem where the reauth code gets a JSON response first from the reauth code, and then an HTML response when you reauth and continue on to a given form -- try it out with Admin > Settings > Advanced. 3) All JSON replies must set the mime type correctly. The json::reply convenience function does this for us. 4) By default, any HTML content sent back in the JSON response should be in the "html" field, no longer the "form" field. The combination of these allows us to stop doing boilerplate code like this in our controllers: // Print our view, JSON encoded json::reply(array("form" => (string) $view)); instead, controllers can just return HTML, eg: // Print our view print $view; That's much more intuitive for developers. --- lib/gallery.dialog.js | 37 ++++++++++++++++++---- lib/gallery.panel.js | 6 ++-- modules/comment/controllers/comments.php | 6 ++-- modules/exif/controllers/exif.php | 2 +- .../controllers/admin_advanced_settings.php | 2 +- modules/gallery/controllers/admin_maintenance.php | 24 +++++++------- modules/gallery/controllers/admin_themes.php | 2 +- modules/gallery/controllers/albums.php | 8 ++--- modules/gallery/controllers/login.php | 4 +-- modules/gallery/controllers/move.php | 2 +- modules/gallery/controllers/movies.php | 4 +-- modules/gallery/controllers/permissions.php | 2 +- modules/gallery/controllers/photos.php | 4 +-- modules/gallery/controllers/quick.php | 7 ++-- modules/gallery/controllers/reauthenticate.php | 6 ++-- modules/gallery/controllers/uploader.php | 3 +- modules/gallery/controllers/user_profile.php | 4 +-- modules/organize/controllers/organize.php | 2 +- modules/server_add/controllers/server_add.php | 6 ++-- modules/tag/controllers/admin_tags.php | 8 ++--- modules/tag/controllers/tags.php | 2 +- modules/user/controllers/admin_users.php | 28 ++++++++-------- modules/user/controllers/password.php | 4 +-- modules/user/controllers/users.php | 14 ++++---- modules/watermark/controllers/admin_watermarks.php | 15 +++++---- 25 files changed, 114 insertions(+), 88 deletions(-) (limited to 'lib/gallery.dialog.js') diff --git a/lib/gallery.dialog.js b/lib/gallery.dialog.js index 555e6f47..f1d146ab 100644 --- a/lib/gallery.dialog.js +++ b/lib/gallery.dialog.js @@ -31,8 +31,8 @@ url: sHref, type: "GET", beforeSend: function(xhr) { - // Until we convert to jquery 1.4, we need to save the - // XMLHttpRequest object + // Until we convert to jquery 1.4, we need to save the XMLHttpRequest object so that we + // can detect the mime type of the reply this.xhrData = xhr; }, success: function(data, textStatus, xhr) { @@ -122,17 +122,42 @@ _ajaxify_dialog: function() { var self = this; $("#g-dialog form").ajaxForm({ - dataType: "json", beforeSubmit: function(formData, form, options) { form.find(":submit") .addClass("ui-state-disabled") .attr("disabled", "disabled"); return true; }, + beforeSend: function(xhr) { + // Until we convert to jquery 1.4, we need to save the XMLHttpRequest object so that we + // can detect the mime type of the reply + this.xhrData = xhr; + }, success: function(data) { - if (data.form) { - var formData = unescape(data.form); - $("#g-dialog").html(formData); + // Pre jquery 1.4, get the saved XMLHttpRequest object + xhr = this.xhrData; + if (xhr) { + var mimeType = /^(\w+\/\w+)\;?/.exec(xhr.getResponseHeader("Content-Type")); + + var content = ""; + if (mimeType[1] == "application/json") { + data = JSON.parse(data); + } else { + data = {"html": escape(data)}; + } + } else { + // Uploading files (eg: watermark) uses a fake xhr in jquery.form.js so + // all we have is in the data field, which should be some very simple JSON. + // Weirdly enough in Chrome the result gets wrapped in a 
     element and
+	     // looks like this:
+	     //   
    {"result":"success",
+	     //   "location":"\/~bharat\/gallery3\/index.php\/admin\/watermarks"}
    
+	     // bizarre.  Strip that off before parsing.
+	     data = JSON.parse(data.match("({.*})")[0]);
+	   }
+
+           if (data.html) {
+             $("#g-dialog").html(unescape(data.html));
              $("#g-dialog").dialog("option", "position", "center");
              $("#g-dialog form :submit").removeClass("ui-state-disabled")
                .attr("disabled", null);
diff --git a/lib/gallery.panel.js b/lib/gallery.panel.js
index aee7185d..e0605ca3 100644
--- a/lib/gallery.panel.js
+++ b/lib/gallery.panel.js
@@ -48,7 +48,7 @@
                var content = "";
                if (mimeType[1] == "application/json") {
                  data = JSON.parse(data);
-                 content = unescape(data.form);
+                 content = unescape(data.html);
                } else {
                  content = data;
                }
@@ -79,8 +79,8 @@
            return true;
          },
          success: function(data) {
-           if (data.form) {
-             $("#g-panel td").html(data.form);
+           if (data.html) {
+             $("#g-panel td").html(data.html);
              self._ajaxify_panel();
            }
            if (data.result == "success") {
diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php
index 8826469d..6ec4132b 100644
--- a/modules/comment/controllers/comments.php
+++ b/modules/comment/controllers/comments.php
@@ -57,11 +57,11 @@ class Comments_Controller extends Controller {
       $view->comment = $comment;
 
       json::reply(array("result" => "success",
-			"view" => (string) $view,
-			"form" => (string) comment::get_add_form($item)));
+			"view" => (string)$view,
+			"form" => (string)comment::get_add_form($item)));
     } else {
       $form = comment::prefill_add_form($form);
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "form" => (string)$form));
     }
   }
 
diff --git a/modules/exif/controllers/exif.php b/modules/exif/controllers/exif.php
index 51e33081..2fe875e3 100644
--- a/modules/exif/controllers/exif.php
+++ b/modules/exif/controllers/exif.php
@@ -28,6 +28,6 @@ class Exif_Controller extends Controller {
     $view = new View("exif_dialog.html");
     $view->details = exif::get($item);
 
-    json::reply(array("form" => (string) $view));
+    print $view;
   }
 }
diff --git a/modules/gallery/controllers/admin_advanced_settings.php b/modules/gallery/controllers/admin_advanced_settings.php
index 086f7603..cf197743 100644
--- a/modules/gallery/controllers/admin_advanced_settings.php
+++ b/modules/gallery/controllers/admin_advanced_settings.php
@@ -39,7 +39,7 @@ class Admin_Advanced_Settings_Controller extends Admin_Controller {
     $group->input("var_name")->label(t("Setting"))->value($var_name)->disabled(1);
     $group->textarea("value")->label(t("Value"))->value($value);
     $group->submit("")->value(t("Save"));
-    json::reply(array("form" => (string) $form));
+    print $form;
   }
 
   public function save($module_name, $var_name) {
diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php
index 5d06d224..3567b4f0 100644
--- a/modules/gallery/controllers/admin_maintenance.php
+++ b/modules/gallery/controllers/admin_maintenance.php
@@ -64,7 +64,7 @@ class Admin_Maintenance_Controller extends Admin_Controller {
     log::info("tasks", t("Task %task_name started (task id %task_id)",
                          array("task_name" => $task->name, "task_id" => $task->id)),
               html::anchor("admin/maintenance", t("maintenance")));
-    json::reply(array("form" => (string) $view));
+    print $view;
   }
 
   /**
@@ -86,7 +86,7 @@ class Admin_Maintenance_Controller extends Admin_Controller {
     log::info("tasks", t("Task %task_name resumed (task id %task_id)",
                          array("task_name" => $task->name, "task_id" => $task->id)),
               html::anchor("admin/maintenance", t("maintenance")));
-    json::reply(array("form" => (string) $view));
+    print $view;
   }
 
   /**
@@ -103,7 +103,7 @@ class Admin_Maintenance_Controller extends Admin_Controller {
     $view = new View("admin_maintenance_show_log.html");
     $view->task = $task;
 
-    json::reply(array("form" => (string) $view));
+    print $view;
   }
 
   /**
@@ -212,18 +212,18 @@ class Admin_Maintenance_Controller extends Admin_Controller {
       }
       // Using sprintf("%F") to avoid comma as decimal separator.
       json::reply(array("result" => "success",
-                              "task" => array(
-                                "percent_complete" => sprintf("%F", $task->percent_complete),
-                                "status" => (string) $task->status,
-                                "done" => (bool) $task->done),
-                              "location" => url::site("admin/maintenance")));
+                        "task" => array(
+                          "percent_complete" => sprintf("%F", $task->percent_complete),
+                          "status" => (string) $task->status,
+                          "done" => (bool) $task->done),
+                        "location" => url::site("admin/maintenance")));
 
     } else {
       json::reply(array("result" => "in_progress",
-                              "task" => array(
-                                "percent_complete" => sprintf("%F", $task->percent_complete),
-                                "status" => (string) $task->status,
-                                "done" => (bool) $task->done)));
+                        "task" => array(
+                          "percent_complete" => sprintf("%F", $task->percent_complete),
+                          "status" => (string) $task->status,
+                          "done" => (bool) $task->done)));
     }
   }
 }
diff --git a/modules/gallery/controllers/admin_themes.php b/modules/gallery/controllers/admin_themes.php
index 18a4d2ae..e59eadaf 100644
--- a/modules/gallery/controllers/admin_themes.php
+++ b/modules/gallery/controllers/admin_themes.php
@@ -52,7 +52,7 @@ class Admin_Themes_Controller extends Admin_Controller {
     } else {
       $view->url = item::root()->url("theme=$theme_name");
     }
-    json::reply(array("form" => (string) $view));
+    print $view;
   }
 
   public function choose($type, $theme_name) {
diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php
index 584e4f15..f3f5dee3 100644
--- a/modules/gallery/controllers/albums.php
+++ b/modules/gallery/controllers/albums.php
@@ -115,7 +115,7 @@ class Albums_Controller extends Items_Controller {
 
       json::reply(array("result" => "success", "location" => $album->url()));
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      print $form;
     }
   }
 
@@ -159,7 +159,7 @@ class Albums_Controller extends Items_Controller {
         json::reply(array("result" => "success"));
       }
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string)$form));
     }
   }
 
@@ -168,7 +168,7 @@ class Albums_Controller extends Items_Controller {
     access::required("view", $album);
     access::required("add", $album);
 
-    json::reply(array("form" => (string) album::get_add_form($album)));
+    print album::get_add_form($album);
   }
 
   public function form_edit($album_id) {
@@ -176,6 +176,6 @@ class Albums_Controller extends Items_Controller {
     access::required("view", $album);
     access::required("edit", $album);
 
-    json::reply(array("form" => (string) album::get_edit_form($album)));
+    print album::get_edit_form($album);
   }
 }
diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php
index d7ab399f..62d33345 100644
--- a/modules/gallery/controllers/login.php
+++ b/modules/gallery/controllers/login.php
@@ -22,7 +22,7 @@ class Login_Controller extends Controller {
   public function ajax() {
     $view = new View("login_ajax.html");
     $view->form = auth::get_login_form("login/auth_ajax");
-    json::reply(array("form" => (string) $view));
+    print $view;
   }
 
   public function auth_ajax() {
@@ -34,7 +34,7 @@ class Login_Controller extends Controller {
     } else {
       $view = new View("login_ajax.html");
       $view->form = $form;
-      json::reply(array("result" => "error", "form" => (string) $view));
+      json::reply(array("result" => "error", "html" => (string)$view));
     }
   }
 
diff --git a/modules/gallery/controllers/move.php b/modules/gallery/controllers/move.php
index c47cdd95..7b2d6165 100644
--- a/modules/gallery/controllers/move.php
+++ b/modules/gallery/controllers/move.php
@@ -26,7 +26,7 @@ class Move_Controller extends Controller {
     $view = new View("move_browse.html");
     $view->source = $source;
     $view->tree = $this->_get_tree_html($source, ORM::factory("item", 1));
-    json::reply(array("form" => (string) $view));
+    print $view;
   }
 
   public function save($source_id) {
diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php
index fe6669e6..02d2a497 100644
--- a/modules/gallery/controllers/movies.php
+++ b/modules/gallery/controllers/movies.php
@@ -93,7 +93,7 @@ class Movies_Controller extends Items_Controller {
         json::reply(array("result" => "success"));
       }
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string) $form));
     }
   }
 
@@ -102,6 +102,6 @@ class Movies_Controller extends Items_Controller {
     access::required("view", $movie);
     access::required("edit", $movie);
 
-    json::reply(array("form" => (string) movie::get_edit_form($movie)));
+    print movie::get_edit_form($movie);
   }
 }
diff --git a/modules/gallery/controllers/permissions.php b/modules/gallery/controllers/permissions.php
index 57f5ccb6..fc06cb44 100644
--- a/modules/gallery/controllers/permissions.php
+++ b/modules/gallery/controllers/permissions.php
@@ -33,7 +33,7 @@ class Permissions_Controller extends Controller {
     $view->parents = $item->parents();
     $view->form = $this->_get_form($item);
 
-    json::reply(array("form" => (string) $view));
+    print $view;
   }
 
   function form($id) {
diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php
index 7c834e64..8377e6c7 100644
--- a/modules/gallery/controllers/photos.php
+++ b/modules/gallery/controllers/photos.php
@@ -93,7 +93,7 @@ class Photos_Controller extends Items_Controller {
         json::reply(array("result" => "success"));
       }
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string)$form));
     }
   }
 
@@ -102,6 +102,6 @@ class Photos_Controller extends Items_Controller {
     access::required("view", $photo);
     access::required("edit", $photo);
 
-    json::reply(array("form" => (string) photo::get_edit_form($photo)));
+    print photo::get_edit_form($photo);
   }
 }
diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php
index 1d9194c7..fee601d9 100644
--- a/modules/gallery/controllers/quick.php
+++ b/modules/gallery/controllers/quick.php
@@ -94,7 +94,7 @@ class Quick_Controller extends Controller {
     $v = new View("quick_delete_confirm.html");
     $v->item = $item;
     $v->form = item::get_delete_form($item);
-    json::reply(array("form" => (string) $v));
+    print $v;
   }
 
   public function delete($id) {
@@ -127,8 +127,7 @@ class Quick_Controller extends Controller {
         $from_id != $id /* deleted the item we were viewing */) {
       json::reply(array("result" => "success", "reload" => 1));
     } else {
-      json::reply(array("result" => "success",
-                              "location" => $parent->url()));
+      json::reply(array("result" => "success", "location" => $parent->url()));
     }
   }
 
@@ -154,6 +153,6 @@ class Quick_Controller extends Controller {
     // Pass on the source item where this form was generated, so we have an idea where to return to.
     $form->hidden("from_id")->value((int)Input::instance()->get("from_id", 0));
 
-    json::reply(array("form" => (string) $form));
+    print $form;
   }
 }
diff --git a/modules/gallery/controllers/reauthenticate.php b/modules/gallery/controllers/reauthenticate.php
index 7f9e5edc..0486c0fe 100644
--- a/modules/gallery/controllers/reauthenticate.php
+++ b/modules/gallery/controllers/reauthenticate.php
@@ -18,7 +18,7 @@
  * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
  */
 class Reauthenticate_Controller extends Controller {
-  public function index($share_translations_form=null) {
+  public function index() {
     if (!identity::active_user()->admin) {
       access::forbidden();
     }
@@ -29,7 +29,7 @@ class Reauthenticate_Controller extends Controller {
       $v = new View("reauthenticate.html");
       $v->form = self::_form();
       $v->user_name = identity::active_user()->name;
-      json::reply(array("form" => (string) $v));
+      print $v;
     } else {
       self::_show_form(self::_form());
     }
@@ -58,7 +58,7 @@ class Reauthenticate_Controller extends Controller {
         $v = new View("reauthenticate.html");
         $v->form = $form;
         $v->user_name = identity::active_user()->name;
-        json::reply(array("form" => (string) $v));
+        json::reply(array("html" => (string)$v));
       } else {
         self::_show_form($form);
       }
diff --git a/modules/gallery/controllers/uploader.php b/modules/gallery/controllers/uploader.php
index c686c787..87520032 100644
--- a/modules/gallery/controllers/uploader.php
+++ b/modules/gallery/controllers/uploader.php
@@ -26,8 +26,7 @@ class Uploader_Controller extends Controller {
       $item = $item->parent();
     }
 
-    json::reply(array("form" => (string)$this->_get_add_form($item)));
-    //print $this->_get_add_form($item);
+    print $this->_get_add_form($item);
   }
 
   public function start() {
diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php
index 113be1fa..726d3e51 100644
--- a/modules/gallery/controllers/user_profile.php
+++ b/modules/gallery/controllers/user_profile.php
@@ -44,7 +44,7 @@ class User_Profile_Controller extends Controller {
 
   public function contact($id) {
     $user = identity::lookup_user($id);
-    json::reply(array("form" => (string) user_profile::get_contact_form($user)));
+    print user_profile::get_contact_form($user);
   }
 
   public function send($id) {
@@ -63,7 +63,7 @@ class User_Profile_Controller extends Controller {
       message::success(t("Sent message to %user_name", array("user_name" => $user->display_name())));
       json::reply(array("result" => "success"));
     } else {
-      json::reply(array("result" => "error", "form" => (string)$form));
+      json::reply(array("result" => "error", "html" => (string)$form));
     }
   }
 }
diff --git a/modules/organize/controllers/organize.php b/modules/organize/controllers/organize.php
index 99933c7e..3005eb67 100644
--- a/modules/organize/controllers/organize.php
+++ b/modules/organize/controllers/organize.php
@@ -47,7 +47,7 @@ class Organize_Controller extends Controller {
     $v->controller_uri = url::site("organize") . "/";
     $v->swf_uri = url::file("modules/organize/lib/Gallery3WebClient.swf?") .
       filemtime(MODPATH . "organize/lib/Gallery3WebClient.swf");
-    json::reply(array("form" => (string) $v));
+    print $v;
   }
 
   function add_album_fields() {
diff --git a/modules/server_add/controllers/server_add.php b/modules/server_add/controllers/server_add.php
index afa1f862..e4c3e69c 100644
--- a/modules/server_add/controllers/server_add.php
+++ b/modules/server_add/controllers/server_add.php
@@ -30,7 +30,7 @@ class Server_Add_Controller extends Admin_Controller {
     $view->tree = new View("server_add_tree.html");
     $view->tree->files = $files;
     $view->tree->parents = array();
-    json::reply(array("form" => (string) $view));
+    print $view;
   }
 
   public function children() {
@@ -112,8 +112,8 @@ class Server_Add_Controller extends Admin_Controller {
     // Prevent the JavaScript code from breaking by forcing a period as
     // decimal separator for all locales with sprintf("%F", $value).
     json::reply(array("done" => (bool)$task->done,
-                            "status" => (string)$task->status,
-                            "percent_complete" => sprintf("%F", $task->percent_complete)));
+                      "status" => (string)$task->status,
+                      "percent_complete" => sprintf("%F", $task->percent_complete)));
   }
 
   /**
diff --git a/modules/tag/controllers/admin_tags.php b/modules/tag/controllers/admin_tags.php
index 32c54945..0c82579b 100644
--- a/modules/tag/controllers/admin_tags.php
+++ b/modules/tag/controllers/admin_tags.php
@@ -37,7 +37,7 @@ class Admin_Tags_Controller extends Admin_Controller {
   public function form_delete($id) {
     $tag = ORM::factory("tag", $id);
     if ($tag->loaded()) {
-      json::reply(array("form" => (string) tag::get_delete_form($tag)));
+      print tag::get_delete_form($tag);
     }
   }
 
@@ -59,7 +59,7 @@ class Admin_Tags_Controller extends Admin_Controller {
 
       json::reply(array("result" => "success", "location" => url::site("admin/tags")));
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      print $form;
     }
   }
 
@@ -91,14 +91,14 @@ class Admin_Tags_Controller extends Admin_Controller {
       $tag->name = $in_place_edit->value();
       $tag->save();
 
-      $message = t("Renamed tag %old_name to %new_name",
+      $message = t("Renamed tag %old_name to %new_name",
                    array("old_name" => $old_name, "new_name" => $tag->name));
       message::success($message);
       log::success("tags", $message);
 
       json::reply(array("result" => "success", "location" => url::site("admin/tags")));
     } else {
-      json::reply(array("result" => "error", "form" => $in_place_edit->render()));
+      json::reply(array("result" => "error", "form" => (string)$in_place_edit->render()));
     }
   }
 
diff --git a/modules/tag/controllers/tags.php b/modules/tag/controllers/tags.php
index 7fa8534c..bc657644 100644
--- a/modules/tag/controllers/tags.php
+++ b/modules/tag/controllers/tags.php
@@ -69,7 +69,7 @@ class Tags_Controller extends Controller {
 
       json::reply(array("result" => "success", "cloud" => (string)tag::cloud(30)));
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string)$form));
     }
   }
 
diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php
index 64365f2b..b8487e01 100644
--- a/modules/user/controllers/admin_users.php
+++ b/modules/user/controllers/admin_users.php
@@ -56,12 +56,12 @@ class Admin_Users_Controller extends Admin_Controller {
       message::success(t("Created user %user_name", array("user_name" => $user->name)));
       json::reply(array("result" => "success"));
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      print json::reply(array("result" => "error", "html" => (string)$form));
     }
   }
 
   public function add_user_form() {
-    json::reply(array("form" => (string) $this->_get_user_add_form_admin()));
+    print $this->_get_user_add_form_admin();
   }
 
   public function delete_user($id) {
@@ -81,7 +81,7 @@ class Admin_Users_Controller extends Admin_Controller {
       $name = $user->name;
       $user->delete();
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string)$form));
     }
 
     $message = t("Deleted user %user_name", array("user_name" => $name));
@@ -95,7 +95,7 @@ class Admin_Users_Controller extends Admin_Controller {
     if (empty($user)) {
       throw new Kohana_404_Exception();
     }
-    json::reply(array("form" => (string) $this->_get_user_delete_form_admin($user)));
+    print $this->_get_user_delete_form_admin($user);
   }
 
   public function edit_user($id) {
@@ -136,7 +136,7 @@ class Admin_Users_Controller extends Admin_Controller {
       message::success(t("Changed user %user_name", array("user_name" => $user->name)));
       json::reply(array("result" => "success"));
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string) $form));
     }
   }
 
@@ -146,7 +146,7 @@ class Admin_Users_Controller extends Admin_Controller {
       throw new Kohana_404_Exception();
     }
 
-    json::reply(array("form" => (string) $this->_get_user_edit_form_admin($user)));
+    print $this->_get_user_edit_form_admin($user);
   }
 
   public function add_user_to_group($user_id, $group_id) {
@@ -194,12 +194,12 @@ class Admin_Users_Controller extends Admin_Controller {
         t("Created group %group_name", array("group_name" => $group->name)));
       json::reply(array("result" => "success"));
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string)$form));
     }
   }
 
   public function add_group_form() {
-    json::reply(array("form" => (string) $this->_get_group_add_form_admin()));
+    print $this->_get_group_add_form_admin();
   }
 
   public function delete_group($id) {
@@ -215,7 +215,7 @@ class Admin_Users_Controller extends Admin_Controller {
       $name = $group->name;
       $group->delete();
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string) $form));
     }
 
     $message = t("Deleted group %group_name", array("group_name" => $name));
@@ -230,7 +230,7 @@ class Admin_Users_Controller extends Admin_Controller {
       throw new Kohana_404_Exception();
     }
 
-    json::reply(array("form" => (string) $this->_get_group_delete_form_admin($group)));
+    print $this->_get_group_delete_form_admin($group);
   }
 
   public function edit_group($id) {
@@ -263,7 +263,7 @@ class Admin_Users_Controller extends Admin_Controller {
       $group->reload();
       message::error(
         t("Failed to change group %group_name", array("group_name" => $group->name)));
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string) $form));
     }
   }
 
@@ -273,7 +273,7 @@ class Admin_Users_Controller extends Admin_Controller {
       throw new Kohana_404_Exception();
     }
 
-    json::reply(array("form" => (string) $this->_get_group_edit_form_admin($group)));
+    print $this->_get_group_edit_form_admin($group);
   }
 
   /* User Form Definitions */
@@ -309,7 +309,7 @@ class Admin_Users_Controller extends Admin_Controller {
     }
 
     module::event("user_edit_form_admin", $user, $form);
-    $group->submit("")->value(t("Modify User"));
+    $group->submit("")->value(t("Modify user"));
     return $form;
   }
 
@@ -354,7 +354,7 @@ class Admin_Users_Controller extends Admin_Controller {
     $locales = array_merge(array("" => t("« none »")), $locales);
     $selected_locale = ($user && $user->locale) ? $user->locale : "";
     $form->dropdown("locale")
-      ->label(t("Language Preference"))
+      ->label(t("Language preference"))
       ->options($locales)
       ->selected($selected_locale);
   }
diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php
index 4058ef50..575720a8 100644
--- a/modules/user/controllers/password.php
+++ b/modules/user/controllers/password.php
@@ -27,10 +27,10 @@ class Password_Controller extends Controller {
       if ($form->validate()) {
         $this->_send_reset($form);
       } else {
-        json::reply(array("result" => "error", "form" => (string) $form));
+        json::reply(array("result" => "error", "html" => (string)$form));
       }
     } else {
-        json::reply(array("form" => (string) $form));
+      print $form;
     }
   }
 
diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php
index e98ab341..d13cccb2 100644
--- a/modules/user/controllers/users.php
+++ b/modules/user/controllers/users.php
@@ -57,7 +57,7 @@ class Users_Controller extends Controller {
       json::reply(array("result" => "success",
 			"resource" => url::site("users/{$user->id}")));
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string)$form));
     }
   }
 
@@ -92,7 +92,7 @@ class Users_Controller extends Controller {
       log::warning("user", t("Failed password change for %name", array("name" => $user->name)));
       $name = $user->name;
       module::event("user_auth_failed", $name);
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string)$form));
     }
   }
 
@@ -126,7 +126,7 @@ class Users_Controller extends Controller {
       log::warning("user", t("Failed email change for %name", array("name" => $user->name)));
       $name = $user->name;
       module::event("user_auth_failed", $name);
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string)$form));
     }
   }
 
@@ -136,7 +136,7 @@ class Users_Controller extends Controller {
       access::forbidden();
     }
 
-    json::reply(array("form" => (string) $this->_get_edit_form($user)));
+    print $this->_get_edit_form($user);
   }
 
   public function form_change_password($id) {
@@ -145,7 +145,7 @@ class Users_Controller extends Controller {
       access::forbidden();
     }
 
-    json::reply(array("form" => (string) $this->_get_change_password_form($user)));
+    print $this->_get_change_password_form($user);
   }
 
   public function form_change_email($id) {
@@ -154,7 +154,7 @@ class Users_Controller extends Controller {
       access::forbidden();
     }
 
-    json::reply(array("form" => (string) $this->_get_change_email_form($user)));
+    print $this->_get_change_email_form($user);
   }
 
   private function _get_change_password_form($user) {
@@ -231,7 +231,7 @@ class Users_Controller extends Controller {
     $locales = array_merge(array("" => t("« none »")), $locales);
     $selected_locale = ($user && $user->locale) ? $user->locale : "";
     $form->dropdown("locale")
-      ->label(t("Language Preference"))
+      ->label(t("Language preference"))
       ->options($locales)
       ->selected($selected_locale);
   }
diff --git a/modules/watermark/controllers/admin_watermarks.php b/modules/watermark/controllers/admin_watermarks.php
index 922b050b..0652b13c 100644
--- a/modules/watermark/controllers/admin_watermarks.php
+++ b/modules/watermark/controllers/admin_watermarks.php
@@ -35,7 +35,7 @@ class Admin_Watermarks_Controller extends Admin_Controller {
   }
 
   public function form_edit() {
-    json::reply(array("form" => (string) watermark::get_edit_form()));
+    print watermark::get_edit_form();
   }
 
   public function edit() {
@@ -53,12 +53,12 @@ class Admin_Watermarks_Controller extends Admin_Controller {
         array("result" => "success",
               "location" => url::site("admin/watermarks")));
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string)$form));
     }
   }
 
   public function form_delete() {
-    json::reply(array("form" => (string) watermark::get_delete_form()));
+    print watermark::get_delete_form();
   }
 
   public function delete() {
@@ -81,12 +81,12 @@ class Admin_Watermarks_Controller extends Admin_Controller {
       }
       json::reply(array("result" => "success", "location" => url::site("admin/watermarks")));
     } else {
-      json::reply(array("result" => "error", "form" => (string) $form));
+      json::reply(array("result" => "error", "html" => (string)$form));
     }
   }
 
   public function form_add() {
-    json::reply(array("form" => (string) watermark::get_add_form()));
+    print watermark::get_add_form();
   }
 
   public function add() {
@@ -120,7 +120,10 @@ class Admin_Watermarks_Controller extends Admin_Controller {
       log::success("watermark", t("Watermark saved"));
       json::reply(array("result" => "success", "location" => url::site("admin/watermarks")));
     } else {
-      json::reply(array("result" => "error", "form" => rawurlencode((string) $form)));
+      // rawurlencode the results because the JS code that uploads the file buffers it in an
+      // iframe which entitizes the HTML and makes it difficult for the JS to process.  If we url
+      // encode it now, it passes through cleanly.  See ticket #797.
+      json::reply(array("result" => "error", "html" => rawurlencode((string)$form)));
     }
   }
 
-- 
cgit v1.2.3