From c4fce2cc680c3257cf6ea7844b8ee9e61c02db09 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Wed, 15 Jul 2009 20:32:53 -0700 Subject: Remove a completed @todo. --- modules/gallery/controllers/albums.php | 4 ---- 1 file changed, 4 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index d141d157..e6d01b90 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -181,10 +181,6 @@ class Albums_Controller extends Items_Controller { } } - // @todo - // @todo we need to make sure that filename / dirname components can't contain a / - // @todo - if ($valid) { $orig = clone $album; $album->title = $form->edit_album->title->value; -- cgit v1.2.3 From 5b3b675b6d8a1cd9a5f2b9455c551791e18d88ff Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Thu, 16 Jul 2009 11:19:34 -0700 Subject: Non-trivial changes to the event handling code: 1) The item_updated event no longer takes the old and new items. Instead we overload ORM to track the original data and make that available via the item. This will allow us to move event publishing down into the API methods which in turn will give us more stability since we won't require each controller to remember to do it. 2) ORM class now tracks the original values. It doesn't track the original relationships (no need for that, yet) 3) Added new events: item_deleted group_deleted user_deleted --- modules/akismet/helpers/akismet_event.php | 6 ++--- modules/comment/controllers/admin_comments.php | 4 ++-- modules/comment/helpers/comment_event.php | 2 +- modules/exif/helpers/exif_event.php | 2 +- modules/g2_import/helpers/g2_import_event.php | 2 +- modules/gallery/controllers/albums.php | 2 +- modules/gallery/controllers/movies.php | 2 +- modules/gallery/controllers/photos.php | 2 +- modules/gallery/helpers/gallery_event.php | 4 ++-- modules/gallery/libraries/MY_ORM.php | 27 +++++++++++++++++++++- modules/gallery/models/item.php | 3 +++ modules/gallery/tests/Item_Model_Test.php | 16 +++++++++++++ modules/notification/helpers/notification.php | 19 ++++++++------- .../notification/helpers/notification_event.php | 10 ++++---- modules/notification/helpers/notification_menu.php | 2 +- modules/notification/views/item_updated.html.php | 16 ++++++------- modules/organize/controllers/organize.php | 4 ++-- modules/search/helpers/search_event.php | 6 ++--- modules/tag/helpers/tag_event.php | 2 +- modules/user/models/group.php | 2 ++ modules/user/models/user.php | 2 ++ 21 files changed, 91 insertions(+), 44 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/akismet/helpers/akismet_event.php b/modules/akismet/helpers/akismet_event.php index 80fe0127..bffc0fd7 100644 --- a/modules/akismet/helpers/akismet_event.php +++ b/modules/akismet/helpers/akismet_event.php @@ -40,14 +40,14 @@ class akismet_event_Core { $comment->save(); } - static function comment_updated($old, $new) { + static function comment_updated($comment) { if (!module::get_var("akismet", "api_key")) { return; } - if ($old->state != "spam" && $new->state == "spam") { + if ($comment->original("state") != "spam" && $comment->state == "spam") { akismet::submit_spam($new); - } else if ($old->state == "spam" && $new->state != "spam") { + } else if ($comment->original("state") == "spam" && $comment->state != "spam") { akismet::submit_ham($new); } } diff --git a/modules/comment/controllers/admin_comments.php b/modules/comment/controllers/admin_comments.php index 3e8d3c46..ea76b188 100644 --- a/modules/comment/controllers/admin_comments.php +++ b/modules/comment/controllers/admin_comments.php @@ -113,8 +113,8 @@ class Admin_Comments_Controller extends Admin_Controller { if ($comment->loaded) { $comment->state = $state; $comment->save(); - module::event("comment_updated", $orig, $comment); - if ($orig->state == "published" || $comment->state == "published") { + module::event("comment_updated", $comment); + if ($comment->original("state") == "published" || $comment->state == "published") { module::event("item_related_update", $comment->item()); } } diff --git a/modules/comment/helpers/comment_event.php b/modules/comment/helpers/comment_event.php index a3beb27a..3850a001 100644 --- a/modules/comment/helpers/comment_event.php +++ b/modules/comment/helpers/comment_event.php @@ -18,7 +18,7 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class comment_event_Core { - static function item_before_delete($item) { + static function item_deleted($item) { Database::instance()->delete("comments", array("item_id" => $item->id)); } } diff --git a/modules/exif/helpers/exif_event.php b/modules/exif/helpers/exif_event.php index f5677653..24243f4d 100644 --- a/modules/exif/helpers/exif_event.php +++ b/modules/exif/helpers/exif_event.php @@ -22,7 +22,7 @@ class exif_event_Core { exif::extract($item); } - static function item_before_delete($item) { + static function item_deleted($item) { Database::instance()->delete("exif_records", array("item_id" => $item->id)); } } diff --git a/modules/g2_import/helpers/g2_import_event.php b/modules/g2_import/helpers/g2_import_event.php index 13f5b1a0..77b489a7 100644 --- a/modules/g2_import/helpers/g2_import_event.php +++ b/modules/g2_import/helpers/g2_import_event.php @@ -18,7 +18,7 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class g2_import_event_Core { - static function item_before_delete($item) { + static function item_deleted($item) { Database::instance()->delete("g2_maps", array("g3_id" => $item->id)); } diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index e6d01b90..c378e3ce 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -192,7 +192,7 @@ class Albums_Controller extends Items_Controller { } $album->save(); - module::event("item_updated", $orig, $album); + module::event("item_updated", $album); log::success("content", "Updated album", "id\">view"); message::success( diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index 30a5d78c..fc511082 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -91,7 +91,7 @@ class Movies_Controller extends Items_Controller { $photo->rename($form->edit_photo->filename->value); $photo->save(); - module::event("item_updated", $orig, $photo); + module::event("item_updated", $photo); log::success("content", "Updated photo", "id\">view"); message::success( diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 6a62e859..77627009 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -84,7 +84,7 @@ class Photos_Controller extends Items_Controller { $photo->rename($form->edit_photo->filename->value); $photo->save(); - module::event("item_updated", $orig, $photo); + module::event("item_updated", $photo); log::success("content", "Updated photo", "id\">view"); message::success( diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index aa11b7c0..2f3a64d3 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -23,7 +23,7 @@ class gallery_event_Core { access::add_group($group); } - static function group_before_delete($group) { + static function group_deleted($group) { access::delete_group($group); } @@ -31,7 +31,7 @@ class gallery_event_Core { access::add_item($item); } - static function item_before_delete($item) { + static function item_deleted($item) { access::delete_item($item); } diff --git a/modules/gallery/libraries/MY_ORM.php b/modules/gallery/libraries/MY_ORM.php index 2bd9b4eb..319cbe09 100644 --- a/modules/gallery/libraries/MY_ORM.php +++ b/modules/gallery/libraries/MY_ORM.php @@ -18,6 +18,9 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class ORM extends ORM_Core { + // Track the original value of this ORM instance so that we can look it up in ORM::original() + protected $original = null; + public function open_paren() { $this->db->open_paren(); return $this; @@ -30,7 +33,29 @@ class ORM extends ORM_Core { public function save() { model_cache::clear($this->object_name, $this->{$this->primary_key}, $this->primary_key); - return parent::save(); + $result = parent::save(); + $this->original = $this->object; + return $result; + } + + public function __set($column, $value) { + if (!isset($this->original)) { + $this->original = $this->object; + } + + return parent::__set($column, $value); + } + + public function __unset($column) { + if (!isset($this->original)) { + $this->original = $this->object; + } + + return parent::__unset($column); + } + + public function original($column) { + return $this->original[$column]; } } diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index 51037073..80f19d26 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -93,6 +93,7 @@ class Item_Model extends ORM_MPTT { } public function delete() { + $old = clone $this; module::event("item_before_delete", $this); $parent = $this->parent(); @@ -114,6 +115,8 @@ class Item_Model extends ORM_MPTT { @unlink($resize_path); @unlink($thumb_path); } + + module::event("item_deleted", $old); } /** diff --git a/modules/gallery/tests/Item_Model_Test.php b/modules/gallery/tests/Item_Model_Test.php index 615b8997..a21cdc13 100644 --- a/modules/gallery/tests/Item_Model_Test.php +++ b/modules/gallery/tests/Item_Model_Test.php @@ -140,4 +140,20 @@ class Item_Model_Test extends Unit_Test_Case { } $this->assert_false(true, "Item_Model::rename should not accept / characters"); } + + public function save_original_values_test() { + print "START\n"; + $item = $this->create_random_item(); + $item->title = "ORIGINAL_VALUE"; + $item->save(); + + print "CHANGE\n"; + $item->title = "NEW_VALUE"; + + //printf("
%s
",print_r($item,1));flush(); + + print "COMPARE\n"; + $this->assert_same("ORIGINAL_VALUE", $item->original("title")); + $this->assert_same("NEW_VALUE", $item->title); + } } diff --git a/modules/notification/helpers/notification.php b/modules/notification/helpers/notification.php index 8ee0c6ba..e246af2c 100644 --- a/modules/notification/helpers/notification.php +++ b/modules/notification/helpers/notification.php @@ -82,17 +82,16 @@ class notification { return $subscribers; } - static function send_item_updated($old, $new) { + static function send_item_updated($item) { $v = new View("item_updated.html"); - $v->old = $old; - $v->new = $new; - $v->subject = $old->is_album() ? - t("Album %title updated", array("title" => $old->title)) : - ($old->is_photo() ? - t("Photo %title updated", array("title" => $old->title)) - : t("Movie %title updated", array("title" => $old->title))); - - self::_notify_subscribers($old, $v->render(), $v->subject); + $v->item = $item; + $v->subject = $item->is_album() ? + t("Album %title updated", array("title" => $item->original("title"))) : + ($item->is_photo() ? + t("Photo %title updated", array("title" => $item->original("title"))) + : t("Movie %title updated", array("title" => $item->original("title")))); + + self::_notify_subscribers($item, $v->render(), $v->subject); } static function send_item_add($item) { diff --git a/modules/notification/helpers/notification_event.php b/modules/notification/helpers/notification_event.php index 1cf9ff58..536557c6 100644 --- a/modules/notification/helpers/notification_event.php +++ b/modules/notification/helpers/notification_event.php @@ -18,15 +18,15 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class notification_event_Core { - static function item_updated($old, $new) { - notification::send_item_updated($old, $new); + static function item_updated($item) { + notification::send_item_updated($item); } static function item_created($item) { notification::send_item_add($item); } - static function item_before_delete($item) { + static function item_deleted($item) { notification::send_item_deleted($item); if (notification::is_watching($item)) { @@ -40,8 +40,8 @@ class notification_event_Core { } } - static function comment_updated($old, $new) { - if ($new->state == "published" && $old->state != "published") { + static function comment_updated($item) { + if ($item->state == "published" && $item->original("state") != "published") { notification::send_comment_published($new); } } diff --git a/modules/notification/helpers/notification_menu.php b/modules/notification/helpers/notification_menu.php index 696aad62..87478b8a 100644 --- a/modules/notification/helpers/notification_menu.php +++ b/modules/notification/helpers/notification_menu.php @@ -21,7 +21,7 @@ class notification_menu_Core { static function site($menu, $theme) { if (!user::active()->guest) { $item = $theme->item(); - + if ($item && $item->is_album()) { $watching = notification::is_watching($item); diff --git a/modules/notification/views/item_updated.html.php b/modules/notification/views/item_updated.html.php index 0620c50c..39f9113b 100644 --- a/modules/notification/views/item_updated.html.php +++ b/modules/notification/views/item_updated.html.php @@ -7,27 +7,27 @@

- title != $new->title): ?> + original("title") != $item->title): ?> - + - + - + - description != $new->description): ?> + original("description") != $item->description): ?> - + - description)): ?> + description)): ?> - +
title) ?>title) ?> title) ?>title) ?>
url(array(), true) ?>url(array(), true) ?>
description) ?>description) ?>
description) ?>description) ?>
diff --git a/modules/organize/controllers/organize.php b/modules/organize/controllers/organize.php index 6792573d..54e04071 100644 --- a/modules/organize/controllers/organize.php +++ b/modules/organize/controllers/organize.php @@ -279,7 +279,7 @@ class Organize_Controller extends Controller { $item->rename($form->dirname->value); $item->save(); - module::event("item_updated", $orig, $item); + module::event("item_updated", $item); if ($item->is_album()) { log::success("content", "Updated album", "id\">view"); @@ -322,7 +322,7 @@ class Organize_Controller extends Controller { $item->sort_order = $form->direction->value; $item->save(); - module::event("item_updated", $orig, $item); + module::event("item_updated", $item); log::success("content", "Updated album", "id\">view"); $message = t("Saved album %album_title", array("album_title" => p::purify($item->title))); diff --git a/modules/search/helpers/search_event.php b/modules/search/helpers/search_event.php index b9657395..764fdd18 100644 --- a/modules/search/helpers/search_event.php +++ b/modules/search/helpers/search_event.php @@ -22,11 +22,11 @@ class search_event_Core { search::update($item); } - static function item_updated($old_item, $new_item) { - search::update($new_item); + static function item_updated($item) { + search::update($item); } - static function item_before_delete($item) { + static function item_deleted($item) { ORM::factory("search_record") ->where("item_id", $item->id) ->delete_all(); diff --git a/modules/tag/helpers/tag_event.php b/modules/tag/helpers/tag_event.php index 7a170bf8..0164f556 100644 --- a/modules/tag/helpers/tag_event.php +++ b/modules/tag/helpers/tag_event.php @@ -59,7 +59,7 @@ class tag_event_Core { return; } - static function item_before_delete($item) { + static function item_deleted($item) { $db = Database::instance(); $db->query("UPDATE {tags} SET `count` = `count` - 1 WHERE `count` > 0 " . "AND `id` IN (SELECT `tag_id` from {items_tags} WHERE `item_id` = $item->id)"); diff --git a/modules/user/models/group.php b/modules/user/models/group.php index 45948887..e0724e30 100644 --- a/modules/user/models/group.php +++ b/modules/user/models/group.php @@ -27,7 +27,9 @@ class Group_Model extends ORM { * @see ORM::delete() */ public function delete($id=null) { + $old = clone $this; module::event("group_before_delete", $this); parent::delete($id); + module::event("group_deleted", $old); } } \ No newline at end of file diff --git a/modules/user/models/user.php b/modules/user/models/user.php index b447892e..e3260270 100644 --- a/modules/user/models/user.php +++ b/modules/user/models/user.php @@ -44,8 +44,10 @@ class User_Model extends ORM { * @see ORM::delete() */ public function delete($id=null) { + $old = clone $this; module::event("user_before_delete", $this); parent::delete($id); + module::event("user_deleted", $old); } /** -- cgit v1.2.3 From 0f766b149d0cee7af664f2321fddc6f04cda70ac Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Thu, 16 Jul 2009 12:29:16 -0700 Subject: Second non-trivial change to the event code. We now publish model related events from within the model handling code. The only exception to this currently is item_created which is challenging because we have to save the item using ORM_MPTT::add_to_parent() before the object itself is fully set up. When we get that down to one call to save() we can publish that event from within the model also. --- modules/comment/controllers/admin_comments.php | 4 ---- modules/comment/controllers/comments.php | 1 - modules/comment/helpers/comment.php | 5 ----- modules/comment/models/comment.php | 17 ++++++++++++++++- modules/exif/helpers/exif_event.php | 4 +++- modules/gallery/controllers/albums.php | 3 --- modules/gallery/controllers/movies.php | 3 --- modules/gallery/controllers/photos.php | 3 --- modules/gallery/helpers/album.php | 2 ++ modules/gallery/helpers/movie.php | 2 ++ modules/gallery/helpers/photo.php | 2 ++ modules/gallery/models/item.php | 7 ++++++- modules/organize/controllers/organize.php | 4 ---- modules/user/helpers/group.php | 1 - modules/user/helpers/user.php | 1 - modules/user/models/group.php | 13 +++++++++++++ modules/user/models/user.php | 13 +++++++++++++ 17 files changed, 57 insertions(+), 28 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/comment/controllers/admin_comments.php b/modules/comment/controllers/admin_comments.php index ea76b188..a164f79f 100644 --- a/modules/comment/controllers/admin_comments.php +++ b/modules/comment/controllers/admin_comments.php @@ -113,10 +113,6 @@ class Admin_Comments_Controller extends Admin_Controller { if ($comment->loaded) { $comment->state = $state; $comment->save(); - module::event("comment_updated", $comment); - if ($comment->original("state") == "published" || $comment->state == "published") { - module::event("item_related_update", $comment->item()); - } } } diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php index 02c38491..9fb4796e 100644 --- a/modules/comment/controllers/comments.php +++ b/modules/comment/controllers/comments.php @@ -152,7 +152,6 @@ class Comments_Controller extends REST_Controller { $comment->url = $form->edit_comment->url->value; $comment->text = $form->edit_comment->text->value; $comment->save(); - module::event("comment_updated", $comment); print json_encode( array("result" => "success", diff --git a/modules/comment/helpers/comment.php b/modules/comment/helpers/comment.php index 08cba096..3d743325 100644 --- a/modules/comment/helpers/comment.php +++ b/modules/comment/helpers/comment.php @@ -61,11 +61,6 @@ class comment_Core { $comment->server_remote_port = substr($input->server("REMOTE_PORT"), 0, 16); $comment->save(); - module::event("comment_created", $comment); - if ($comment->state == "published") { - module::event("item_related_update", $comment->item()); - } - return $comment; } diff --git a/modules/comment/models/comment.php b/modules/comment/models/comment.php index 22c465df..551fb245 100644 --- a/modules/comment/models/comment.php +++ b/modules/comment/models/comment.php @@ -61,8 +61,23 @@ class Comment_Model extends ORM { $this->updated = time(); if (!$this->loaded && empty($this->created)) { $this->created = $this->updated; + $created = true; } } - return parent::save(); + parent::save(); + + if (isset($created)) { + module::event("comment_created", $this); + } else { + module::event("comment_updated", $this); + } + + // We only notify on the related items if we're making a visible change, which means moving in + // or out of a published state + if ($this->original("state") == "published" || $this->state == "published") { + module::event("item_related_update", $this->item()); + } + + return $this; } } diff --git a/modules/exif/helpers/exif_event.php b/modules/exif/helpers/exif_event.php index 24243f4d..826ec959 100644 --- a/modules/exif/helpers/exif_event.php +++ b/modules/exif/helpers/exif_event.php @@ -19,7 +19,9 @@ */ class exif_event_Core { static function item_created($item) { - exif::extract($item); + if (!$item->is_album()) { + exif::extract($item); + } } static function item_deleted($item) { diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index c378e3ce..9980b676 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -182,7 +182,6 @@ class Albums_Controller extends Items_Controller { } if ($valid) { - $orig = clone $album; $album->title = $form->edit_album->title->value; $album->description = $form->edit_album->description->value; $album->sort_column = $form->edit_album->sort_order->column->value; @@ -192,8 +191,6 @@ class Albums_Controller extends Items_Controller { } $album->save(); - module::event("item_updated", $album); - log::success("content", "Updated album", "id\">view"); message::success( t("Saved album %album_title", array("album_title" => p::clean($album->title)))); diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index fc511082..d954ad8d 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -85,14 +85,11 @@ class Movies_Controller extends Items_Controller { } if ($valid) { - $orig = clone $photo; $photo->title = $form->edit_photo->title->value; $photo->description = $form->edit_photo->description->value; $photo->rename($form->edit_photo->filename->value); $photo->save(); - module::event("item_updated", $photo); - log::success("content", "Updated photo", "id\">view"); message::success( t("Saved photo %photo_title", array("photo_title" => p::clean($photo->title)))); diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 77627009..9ce6ed23 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -78,14 +78,11 @@ class Photos_Controller extends Items_Controller { } if ($valid) { - $orig = clone $photo; $photo->title = $form->edit_photo->title->value; $photo->description = $form->edit_photo->description->value; $photo->rename($form->edit_photo->filename->value); $photo->save(); - module::event("item_updated", $photo); - log::success("content", "Updated photo", "id\">view"); message::success( t("Saved photo %photo_title", array("photo_title" => p::clean($photo->title)))); diff --git a/modules/gallery/helpers/album.php b/modules/gallery/helpers/album.php index 1197f243..f1a6c060 100644 --- a/modules/gallery/helpers/album.php +++ b/modules/gallery/helpers/album.php @@ -71,6 +71,8 @@ class album_Core { mkdir(dirname($album->thumb_path())); mkdir(dirname($album->resize_path())); + // @todo: publish this from inside Item_Model::save() when we refactor to the point where + // there's only one save() happening here. module::event("item_created", $album); return $album; diff --git a/modules/gallery/helpers/movie.php b/modules/gallery/helpers/movie.php index d62ead76..4f4169d5 100644 --- a/modules/gallery/helpers/movie.php +++ b/modules/gallery/helpers/movie.php @@ -102,6 +102,8 @@ class movie_Core { copy($filename, $movie->file_path()); + // @todo: publish this from inside Item_Model::save() when we refactor to the point where + // there's only one save() happening here. module::event("item_created", $movie); // Build our thumbnail diff --git a/modules/gallery/helpers/photo.php b/modules/gallery/helpers/photo.php index e8a4f357..ce964c14 100644 --- a/modules/gallery/helpers/photo.php +++ b/modules/gallery/helpers/photo.php @@ -105,6 +105,8 @@ class photo_Core { copy($filename, $photo->file_path()); + // @todo: publish this from inside Item_Model::save() when we refactor to the point where + // there's only one save() happening here. module::event("item_created", $photo); // Build our thumbnail/resizes diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index 80f19d26..94e2fcf7 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -350,9 +350,14 @@ class Item_Model extends ORM_MPTT { $this->created = $this->updated; $r = ORM::factory("item")->select("MAX(weight) as max_weight")->find(); $this->weight = $r->max_weight + 1; + $created = 1; } } - return parent::save(); + parent::save(); + if (!isset($created)) { + module::event("item_updated", $this); + } + return $this; } /** diff --git a/modules/organize/controllers/organize.php b/modules/organize/controllers/organize.php index 54e04071..27852904 100644 --- a/modules/organize/controllers/organize.php +++ b/modules/organize/controllers/organize.php @@ -279,8 +279,6 @@ class Organize_Controller extends Controller { $item->rename($form->dirname->value); $item->save(); - module::event("item_updated", $item); - if ($item->is_album()) { log::success("content", "Updated album", "id\">view"); $message = t("Saved album %album_title", array("album_title" => p::purify($item->title))); @@ -322,8 +320,6 @@ class Organize_Controller extends Controller { $item->sort_order = $form->direction->value; $item->save(); - module::event("item_updated", $item); - log::success("content", "Updated album", "id\">view"); $message = t("Saved album %album_title", array("album_title" => p::purify($item->title))); print json_encode(array("form" => $form->__toString(), "message" => $message)); diff --git a/modules/user/helpers/group.php b/modules/user/helpers/group.php index 1dace840..04e6efd6 100644 --- a/modules/user/helpers/group.php +++ b/modules/user/helpers/group.php @@ -39,7 +39,6 @@ class group_Core { $group->name = $name; $group->save(); - module::event("group_created", $group); return $group; } diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php index a59588f8..4105d745 100644 --- a/modules/user/helpers/user.php +++ b/modules/user/helpers/user.php @@ -202,7 +202,6 @@ class user_Core { $user->add(group::registered_users()); $user->save(); - module::event("user_created", $user); return $user; } diff --git a/modules/user/models/group.php b/modules/user/models/group.php index e0724e30..bb3fb58b 100644 --- a/modules/user/models/group.php +++ b/modules/user/models/group.php @@ -32,4 +32,17 @@ class Group_Model extends ORM { parent::delete($id); module::event("group_deleted", $old); } + + public function save() { + if (!$this->loaded) { + $created = 1; + } + parent::save(); + if (isset($created)) { + module::event("group_created", $this); + } else { + module::event("group_updated", $this); + } + return $this; + } } \ No newline at end of file diff --git a/modules/user/models/user.php b/modules/user/models/user.php index e3260270..0234f186 100644 --- a/modules/user/models/user.php +++ b/modules/user/models/user.php @@ -59,4 +59,17 @@ class User_Model extends ORM { return sprintf("http://www.gravatar.com/avatar/%s.jpg?s=%d&r=pg%s", md5($this->email), $size, $default ? "&d=" . urlencode($default) : ""); } + + public function save() { + if (!$this->loaded) { + $created = 1; + } + parent::save(); + if (isset($created)) { + module::event("user_created", $this); + } else { + module::event("user_updated", $this); + } + return $this; + } } \ No newline at end of file -- cgit v1.2.3 From 709d6c5faf7ece54046c0e2bc431a559a6b9d735 Mon Sep 17 00:00:00 2001 From: hiwilson Date: Sun, 19 Jul 2009 17:02:20 +0800 Subject: (1)Add tag edit field in album/photo edit form. (2)provide edit functionality. (3)support multi-word tagging. --- modules/gallery/controllers/albums.php | 2 + modules/gallery/controllers/movies.php | 2 + modules/gallery/controllers/photos.php | 2 + modules/gallery/helpers/album.php | 3 ++ modules/gallery/helpers/photo.php | 2 + modules/tag/helpers/tag.php | 67 ++++++++++++++++++++++++++++++++++ modules/tag/helpers/tag_event.php | 18 +++++++++ 7 files changed, 96 insertions(+) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 9980b676..0e1c27e5 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -191,6 +191,8 @@ class Albums_Controller extends Items_Controller { } $album->save(); + module::event("album_edit_form_completed", $album, $form); + log::success("content", "Updated album", "id\">view"); message::success( t("Saved album %album_title", array("album_title" => p::clean($album->title)))); diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index d954ad8d..110ea620 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -90,6 +90,8 @@ class Movies_Controller extends Items_Controller { $photo->rename($form->edit_photo->filename->value); $photo->save(); + module::event("photo_edit_form_completed", $photo, $form); + log::success("content", "Updated photo", "id\">view"); message::success( t("Saved photo %photo_title", array("photo_title" => p::clean($photo->title)))); diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 9ce6ed23..5d37636d 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -83,6 +83,8 @@ class Photos_Controller extends Items_Controller { $photo->rename($form->edit_photo->filename->value); $photo->save(); + module::event("photo_edit_form_completed", $photo, $form); + log::success("content", "Updated photo", "id\">view"); message::success( t("Saved photo %photo_title", array("photo_title" => p::clean($photo->title)))); diff --git a/modules/gallery/helpers/album.php b/modules/gallery/helpers/album.php index f1a6c060..63182c36 100644 --- a/modules/gallery/helpers/album.php +++ b/modules/gallery/helpers/album.php @@ -126,6 +126,9 @@ class album_Core { ->options(array("ASC" => t("Ascending"), "DESC" => t("Descending"))) ->selected($parent->sort_order); + + module::event("album_edit_form", $parent, $form); + $group->hidden("type")->value("album"); $group->submit("")->value(t("Modify")); $form->add_rules_from(ORM::factory("item")); diff --git a/modules/gallery/helpers/photo.php b/modules/gallery/helpers/photo.php index ce964c14..bf38e1ee 100644 --- a/modules/gallery/helpers/photo.php +++ b/modules/gallery/helpers/photo.php @@ -147,6 +147,8 @@ class photo_Core { ->callback("item::validate_no_trailing_period") ->error_messages("no_trailing_period", t("The photo name can't end in \".\"")); + module::event("photo_edit_form", $photo, $form); + $group->submit("")->value(t("Modify")); $form->add_rules_from(ORM::factory("item")); return $form; diff --git a/modules/tag/helpers/tag.php b/modules/tag/helpers/tag.php index ab5ee303..ba8a438e 100644 --- a/modules/tag/helpers/tag.php +++ b/modules/tag/helpers/tag.php @@ -50,6 +50,59 @@ class tag_Core { return $tag; } + /** + * Modify the tags associate with an item. + * + * @param Item_Model $item an item + * @param string $new_tags_string a string of new tags name seperated by ; + * @return null + * @throws Exception("@todo {$tag_name} WAS_NOT_ADDED_TO {$item->id}") + * @throws Exception("@todo {$tag_name} WAS_NOT_DELETED_TO {$item->id}") + */ + static function update($item, $new_tags_string) { + $old_tags = self::get_tags($item); + + $new_tags = preg_split("/[,;]/", $new_tags_string); + foreach ($new_tags as $i => $new_tag) { + $new_tags[$i] = trim($new_tag); + } + + $add_tags = array_diff($new_tags, $old_tags); + foreach ($add_tags as $tag_name) { + if (empty($tag_name)) continue; + $tag = ORM::factory("tag")->where("name", $tag_name)->find(); + if (!$tag->loaded) { + $tag->name = $tag_name; + $tag->count = 0; + $tag->save(); + } + if (!$tag->has($item)) { + if (!$tag->add($item, $tag)) { + throw new Exception("@todo {$tag->name} WAS_NOT_ADDED_TO {$item->id}"); + } + $tag->count++; + $tag->save(); + } + } + + $del_tags = array_diff($old_tags, $new_tags); + foreach ($del_tags as $tag_name) { + $tag = ORM::factory("tag")->where("name", $tag_name)->find(); + if ($tag->has($item)) { + if (!$tag->remove($item, $tag)) { + throw new Exception("@todo {$tag->name} WAS_NOT_DELETED_TO {$item->id}"); + } + $tag->save(); + $tag->count--; + if ($tag->count <= 0) { + $tag->delete(); + } else { + $tag->save(); + } + } + } + } + /** * Return the N most popular tags. * @@ -127,4 +180,18 @@ class tag_Core { $group->submit("")->value(t("Delete Tag")); return $form; } + + static function get_tags($item) { + $records = ORM::factory("item") + ->select("tags.name as tag_name") + ->join("items_tags", "items.id", "items_tags.item_id", "left") + ->join("tags", "items_tags.tag_id", "tags.id", "left") + ->where("items.id", $item->id) + ->find_all(); + $tags = array(); + foreach ($records as $record) { + $tags[] = $record->tag_name; + } + return $tags; + } } \ No newline at end of file diff --git a/modules/tag/helpers/tag_event.php b/modules/tag/helpers/tag_event.php index 0164f556..0b9504b3 100644 --- a/modules/tag/helpers/tag_event.php +++ b/modules/tag/helpers/tag_event.php @@ -67,4 +67,22 @@ class tag_event_Core { "SELECT `tag_id` from {items_tags} WHERE `item_id` = $item->id)"); $db->delete("items_tags", array("item_id" => "$item->id")); } + + static function album_edit_form($album, $form) { + $tag_value = implode('; ', tag::get_tags($album)); + $form->edit_album->input("tags")->label(t("Tags ( seperate by , or ; )"))->value($tag_value); + } + + static function album_edit_form_completed($album, $form) { + tag::update($album, $form->edit_album->tags->value); + } + + static function photo_edit_form($photo, $form) { + $tag_value = implode('; ', tag::get_tags($photo)); + $form->edit_photo->input("tags")->label(t("Tags ( seperate by , or ; )"))->value($tag_value); + } + + static function photo_edit_form_completed($photo, $form) { + tag::update($photo, $form->edit_photo->tags->value); + } } -- cgit v1.2.3 From 60d605888094f34b4f5185adcdfd01c0338eb8cc Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 20 Jul 2009 08:51:12 -0700 Subject: Make some API changes simplify the tag editing code. We now have a good pattern for allowing modules to add their own hooks to item forms! 1) Album, photo and movie forms now all use edit_item as the group and we publish item_edit_form and item_edit_form_completed events which makes it much easier in the module to handle all events. They can still differentiate based on $item->type if they want to. 2) Added tag::clear_all() and tag::compact() functions which takes the place of hiwilson's tag::update() function and is now used in tag_event::item_delete(). This provides a simple API that allows us to have a lot less event handling code. It's less efficient than what hiwilson was doing before in that it will delete and re-add tags, but if that ever turns out to be a performance issue we can do something about it then. --- modules/gallery/controllers/albums.php | 17 ++++--- modules/gallery/controllers/movies.php | 13 +++--- modules/gallery/controllers/photos.php | 15 +++--- modules/gallery/helpers/album.php | 4 +- modules/gallery/helpers/photo.php | 4 +- modules/tag/helpers/tag.php | 85 ++++++++-------------------------- modules/tag/helpers/tag_event.php | 38 +++++++-------- 7 files changed, 60 insertions(+), 116 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 0e1c27e5..56b74cb1 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -174,24 +174,23 @@ class Albums_Controller extends Items_Controller { ->from("items") ->where("parent_id", $album->parent_id) ->where("id <>", $album->id) - ->where("name", $form->edit_album->dirname->value) + ->where("name", $form->edit_item->dirname->value) ->count_records()) { - $form->edit_album->dirname->add_error("conflict", 1); + $form->edit_item->dirname->add_error("conflict", 1); $valid = false; } } if ($valid) { - $album->title = $form->edit_album->title->value; - $album->description = $form->edit_album->description->value; - $album->sort_column = $form->edit_album->sort_order->column->value; - $album->sort_order = $form->edit_album->sort_order->direction->value; + $album->title = $form->edit_item->title->value; + $album->description = $form->edit_item->description->value; + $album->sort_column = $form->edit_item->sort_order->column->value; + $album->sort_order = $form->edit_item->sort_order->direction->value; if ($album->id != 1) { - $album->rename($form->edit_album->dirname->value); + $album->rename($form->edit_item->dirname->value); } $album->save(); - - module::event("album_edit_form_completed", $album, $form); + module::event("item_edit_form_completed", $album, $form); log::success("content", "Updated album", "id\">view"); message::success( diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index 110ea620..c8227d74 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -77,20 +77,19 @@ class Movies_Controller extends Items_Controller { ->from("items") ->where("parent_id", $photo->parent_id) ->where("id <>", $photo->id) - ->where("name", $form->edit_photo->filename->value) + ->where("name", $form->edit_item->filename->value) ->count_records()) { - $form->edit_photo->filename->add_error("conflict", 1); + $form->edit_item->filename->add_error("conflict", 1); $valid = false; } } if ($valid) { - $photo->title = $form->edit_photo->title->value; - $photo->description = $form->edit_photo->description->value; - $photo->rename($form->edit_photo->filename->value); + $photo->title = $form->edit_item->title->value; + $photo->description = $form->edit_item->description->value; + $photo->rename($form->edit_item->filename->value); $photo->save(); - - module::event("photo_edit_form_completed", $photo, $form); + module::event("item_edit_form_completed", $photo, $form); log::success("content", "Updated photo", "id\">view"); message::success( diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 5d37636d..8ee24da8 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -63,27 +63,26 @@ class Photos_Controller extends Items_Controller { $form = photo::get_edit_form($photo); if ($valid = $form->validate()) { - if ($form->edit_photo->filename->value != $photo->name) { + if ($form->edit_item->filename->value != $photo->name) { // Make sure that there's not a conflict if (Database::instance() ->from("items") ->where("parent_id", $photo->parent_id) ->where("id <>", $photo->id) - ->where("name", $form->edit_photo->filename->value) + ->where("name", $form->edit_item->filename->value) ->count_records()) { - $form->edit_photo->filename->add_error("conflict", 1); + $form->edit_item->filename->add_error("conflict", 1); $valid = false; } } } if ($valid) { - $photo->title = $form->edit_photo->title->value; - $photo->description = $form->edit_photo->description->value; - $photo->rename($form->edit_photo->filename->value); + $photo->title = $form->edit_item->title->value; + $photo->description = $form->edit_item->description->value; + $photo->rename($form->edit_item->filename->value); $photo->save(); - - module::event("photo_edit_form_completed", $photo, $form); + module::event("item_edit_form_completed", $photo, $form); log::success("content", "Updated photo", "id\">view"); message::success( diff --git a/modules/gallery/helpers/album.php b/modules/gallery/helpers/album.php index 63182c36..5f10bd02 100644 --- a/modules/gallery/helpers/album.php +++ b/modules/gallery/helpers/album.php @@ -96,7 +96,7 @@ class album_Core { static function get_edit_form($parent) { $form = new Forge("albums/{$parent->id}", "", "post", array("id" => "gEditAlbumForm")); $form->hidden("_method")->value("put"); - $group = $form->group("edit_album")->label(t("Edit Album")); + $group = $form->group("edit_item")->label(t("Edit Album")); $group->input("title")->label(t("Title"))->value($parent->title); $group->textarea("description")->label(t("Description"))->value($parent->description); @@ -127,7 +127,7 @@ class album_Core { "DESC" => t("Descending"))) ->selected($parent->sort_order); - module::event("album_edit_form", $parent, $form); + module::event("item_edit_form", $parent, $form); $group->hidden("type")->value("album"); $group->submit("")->value(t("Modify")); diff --git a/modules/gallery/helpers/photo.php b/modules/gallery/helpers/photo.php index bf38e1ee..5cf37de1 100644 --- a/modules/gallery/helpers/photo.php +++ b/modules/gallery/helpers/photo.php @@ -137,7 +137,7 @@ class photo_Core { static function get_edit_form($photo) { $form = new Forge("photos/$photo->id", "", "post", array("id" => "gEditPhotoForm")); $form->hidden("_method")->value("put"); - $group = $form->group("edit_photo")->label(t("Edit Photo")); + $group = $form->group("edit_item")->label(t("Edit Photo")); $group->input("title")->label(t("Title"))->value($photo->title); $group->textarea("description")->label(t("Description"))->value($photo->description); $group->input("filename")->label(t("Filename"))->value($photo->name) @@ -147,7 +147,7 @@ class photo_Core { ->callback("item::validate_no_trailing_period") ->error_messages("no_trailing_period", t("The photo name can't end in \".\"")); - module::event("photo_edit_form", $photo, $form); + module::event("item_edit_form", $photo, $form); $group->submit("")->value(t("Modify")); $form->add_rules_from(ORM::factory("item")); diff --git a/modules/tag/helpers/tag.php b/modules/tag/helpers/tag.php index ba8a438e..1fb2e940 100644 --- a/modules/tag/helpers/tag.php +++ b/modules/tag/helpers/tag.php @@ -50,59 +50,6 @@ class tag_Core { return $tag; } - /** - * Modify the tags associate with an item. - * - * @param Item_Model $item an item - * @param string $new_tags_string a string of new tags name seperated by ; - * @return null - * @throws Exception("@todo {$tag_name} WAS_NOT_ADDED_TO {$item->id}") - * @throws Exception("@todo {$tag_name} WAS_NOT_DELETED_TO {$item->id}") - */ - static function update($item, $new_tags_string) { - $old_tags = self::get_tags($item); - - $new_tags = preg_split("/[,;]/", $new_tags_string); - foreach ($new_tags as $i => $new_tag) { - $new_tags[$i] = trim($new_tag); - } - - $add_tags = array_diff($new_tags, $old_tags); - foreach ($add_tags as $tag_name) { - if (empty($tag_name)) continue; - $tag = ORM::factory("tag")->where("name", $tag_name)->find(); - if (!$tag->loaded) { - $tag->name = $tag_name; - $tag->count = 0; - $tag->save(); - } - if (!$tag->has($item)) { - if (!$tag->add($item, $tag)) { - throw new Exception("@todo {$tag->name} WAS_NOT_ADDED_TO {$item->id}"); - } - $tag->count++; - $tag->save(); - } - } - - $del_tags = array_diff($old_tags, $new_tags); - foreach ($del_tags as $tag_name) { - $tag = ORM::factory("tag")->where("name", $tag_name)->find(); - if ($tag->has($item)) { - if (!$tag->remove($item, $tag)) { - throw new Exception("@todo {$tag->name} WAS_NOT_DELETED_TO {$item->id}"); - } - $tag->save(); - $tag->count--; - if ($tag->count <= 0) { - $tag->delete(); - } else { - $tag->save(); - } - } - } - } - /** * Return the N most popular tags. * @@ -180,18 +127,24 @@ class tag_Core { $group->submit("")->value(t("Delete Tag")); return $form; } - - static function get_tags($item) { - $records = ORM::factory("item") - ->select("tags.name as tag_name") - ->join("items_tags", "items.id", "items_tags.item_id", "left") - ->join("tags", "items_tags.tag_id", "tags.id", "left") - ->where("items.id", $item->id) - ->find_all(); - $tags = array(); - foreach ($records as $record) { - $tags[] = $record->tag_name; - } - return $tags; + + /** + * Delete all tags associated with an item + */ + static function clear_all($item) { + $db = Database::instance(); + $db->query("UPDATE {tags} SET `count` = `count` - 1 WHERE `count` > 0 " . + "AND `id` IN (SELECT `tag_id` from {items_tags} WHERE `item_id` = $item->id)"); + $db->delete("items_tags", array("item_id" => "$item->id")); + } + + /** + * Get rid of any tags that have no associated items. + */ + static function compact() { + // @todo There's a potential race condition here which we can solve by adding a lock around + // this and all the cases where we create/update tags. I'm loathe to do that since it's an + // extremely rare case. + Database::instance() ->delete("tags", array("count" => 0)); } } \ No newline at end of file diff --git a/modules/tag/helpers/tag_event.php b/modules/tag/helpers/tag_event.php index 0b9504b3..d13d1340 100644 --- a/modules/tag/helpers/tag_event.php +++ b/modules/tag/helpers/tag_event.php @@ -60,29 +60,23 @@ class tag_event_Core { } static function item_deleted($item) { - $db = Database::instance(); - $db->query("UPDATE {tags} SET `count` = `count` - 1 WHERE `count` > 0 " . - "AND `id` IN (SELECT `tag_id` from {items_tags} WHERE `item_id` = $item->id)"); - $db->query("DELETE FROM {tags} WHERE `count` = 0 AND `id` IN (" . - "SELECT `tag_id` from {items_tags} WHERE `item_id` = $item->id)"); - $db->delete("items_tags", array("item_id" => "$item->id")); + tag::clear_all($item); + tag::compact(); } - - static function album_edit_form($album, $form) { - $tag_value = implode('; ', tag::get_tags($album)); - $form->edit_album->input("tags")->label(t("Tags ( seperate by , or ; )"))->value($tag_value); - } - - static function album_edit_form_completed($album, $form) { - tag::update($album, $form->edit_album->tags->value); - } - - static function photo_edit_form($photo, $form) { - $tag_value = implode('; ', tag::get_tags($photo)); - $form->edit_photo->input("tags")->label(t("Tags ( seperate by , or ; )"))->value($tag_value); + + static function item_edit_form($item, $form) { + $tag_value = implode("; ", tag::item_tags($item)); + $form->edit_item->input("tags")->label(t("Tags (separate by , or ;)")) + ->value($tag_value); } - - static function photo_edit_form_completed($photo, $form) { - tag::update($photo, $form->edit_photo->tags->value); + + static function item_edit_form_completed($item, $form) { + tag::clear_all($item); + foreach (preg_split("/[,;]/", $form->edit_item->tags->value) as $tag_name) { + if ($tag_name) { + tag::add($item, $tag_name); + } + } + tag::compact(); } } -- cgit v1.2.3 From 078c77a62b623322956457bfd7bfbdaf56203b00 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Fri, 24 Jul 2009 14:18:15 -0700 Subject: Add tag autocomplete to the album and photo edit pop up dialogs. This required putting a wrapper view around the forms and passing this view as the parameter to the item_edit_form event. The view contains a $script variable that the modules can add script to be included in the form html when rendered as part of the ajax response. --- modules/gallery/controllers/albums.php | 5 +++-- modules/gallery/controllers/movies.php | 5 +++-- modules/gallery/controllers/photos.php | 5 +++-- modules/gallery/helpers/album.php | 14 ++++++++------ modules/gallery/helpers/photo.php | 14 ++++++++------ modules/gallery/tests/xss_data.txt | 2 ++ modules/gallery/views/item_edit.html.php | 9 +++++++++ modules/tag/helpers/tag_event.php | 10 ++++++++-- modules/tag/js/tag.js | 2 +- 9 files changed, 45 insertions(+), 21 deletions(-) create mode 100644 modules/gallery/views/item_edit.html.php (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 56b74cb1..4fefd3a1 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -166,7 +166,8 @@ class Albums_Controller extends Items_Controller { access::required("view", $album); access::required("edit", $album); - $form = album::get_edit_form($album); + $view = album::get_edit_form($album); + $form = $view->form; if ($valid = $form->validate()) { // Make sure that there's not a conflict if ($album->id != 1 && @@ -202,7 +203,7 @@ class Albums_Controller extends Items_Controller { } else { print json_encode( array("result" => "error", - "form" => $form->__toString())); + "form" => $view->__toString())); } } diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index c8227d74..1391c4b4 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -70,7 +70,8 @@ class Movies_Controller extends Items_Controller { access::required("view", $photo); access::required("edit", $photo); - $form = photo::get_edit_form($photo); + $view = photo::get_edit_form($photo); + $form = $view->form; if ($valid = $form->validate()) { // Make sure that there's not a conflict if (Database::instance() @@ -101,7 +102,7 @@ class Movies_Controller extends Items_Controller { } else { print json_encode( array("result" => "error", - "form" => $form->__toString())); + "form" => $view->__toString())); } } diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 8ee24da8..9d9b25a1 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -61,7 +61,8 @@ class Photos_Controller extends Items_Controller { access::required("view", $photo); access::required("edit", $photo); - $form = photo::get_edit_form($photo); + $view = photo::get_edit_form($photo); + $form = $view->form; if ($valid = $form->validate()) { if ($form->edit_item->filename->value != $photo->name) { // Make sure that there's not a conflict @@ -94,7 +95,7 @@ class Photos_Controller extends Items_Controller { } else { print json_encode( array("result" => "error", - "form" => $form->__toString())); + "form" => $view->__toString())); } } diff --git a/modules/gallery/helpers/album.php b/modules/gallery/helpers/album.php index 5f10bd02..0263e0e1 100644 --- a/modules/gallery/helpers/album.php +++ b/modules/gallery/helpers/album.php @@ -94,9 +94,11 @@ class album_Core { } static function get_edit_form($parent) { - $form = new Forge("albums/{$parent->id}", "", "post", array("id" => "gEditAlbumForm")); - $form->hidden("_method")->value("put"); - $group = $form->group("edit_item")->label(t("Edit Album")); + $view = new View("item_edit.html"); + $view->script = array(); + $view->form = new Forge("albums/{$parent->id}", "", "post", array("id" => "gEditAlbumForm")); + $view->form->hidden("_method")->value("put"); + $group = $view->form->group("edit_item")->label(t("Edit Album")); $group->input("title")->label(t("Title"))->value($parent->title); $group->textarea("description")->label(t("Description"))->value($parent->description); @@ -127,11 +129,11 @@ class album_Core { "DESC" => t("Descending"))) ->selected($parent->sort_order); - module::event("item_edit_form", $parent, $form); + module::event("item_edit_form", $parent, $view); $group->hidden("type")->value("album"); $group->submit("")->value(t("Modify")); - $form->add_rules_from(ORM::factory("item")); - return $form; + $view->form->add_rules_from(ORM::factory("item")); + return $view; } } diff --git a/modules/gallery/helpers/photo.php b/modules/gallery/helpers/photo.php index 5cf37de1..299195e9 100644 --- a/modules/gallery/helpers/photo.php +++ b/modules/gallery/helpers/photo.php @@ -135,9 +135,11 @@ class photo_Core { } static function get_edit_form($photo) { - $form = new Forge("photos/$photo->id", "", "post", array("id" => "gEditPhotoForm")); - $form->hidden("_method")->value("put"); - $group = $form->group("edit_item")->label(t("Edit Photo")); + $view = new View("item_edit.html"); + $view->script = array(); + $view->form = new Forge("photos/$photo->id", "", "post", array("id" => "gEditPhotoForm")); + $view->form->hidden("_method")->value("put"); + $group = $view->form->group("edit_item")->label(t("Edit Photo")); $group->input("title")->label(t("Title"))->value($photo->title); $group->textarea("description")->label(t("Description"))->value($photo->description); $group->input("filename")->label(t("Filename"))->value($photo->name) @@ -147,11 +149,11 @@ class photo_Core { ->callback("item::validate_no_trailing_period") ->error_messages("no_trailing_period", t("The photo name can't end in \".\"")); - module::event("item_edit_form", $photo, $form); + module::event("item_edit_form", $photo, $view); $group->submit("")->value(t("Modify")); - $form->add_rules_from(ORM::factory("item")); - return $form; + $view->form->add_rules_from(ORM::factory("item")); + return $view; } /** diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index 981bf31e..2940a8df 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -207,6 +207,8 @@ modules/gallery/views/admin_themes_preview.html.php 4 DIRTY $info->na modules/gallery/views/admin_themes_preview.html.php 7 DIRTY $url modules/gallery/views/after_install.html.php 11 $user->name modules/gallery/views/after_install.html.php 15 DIRTY $user->id +modules/gallery/views/item_edit.html.php 4 DIRTY $script +modules/gallery/views/item_edit.html.php 8 DIRTY $form modules/gallery/views/kohana_error_page.php 102 DIRTY $message modules/gallery/views/kohana_error_page.php 104 DIRTY $file modules/gallery/views/kohana_error_page.php 104 DIRTY $line diff --git a/modules/gallery/views/item_edit.html.php b/modules/gallery/views/item_edit.html.php new file mode 100644 index 00000000..9aa2fb64 --- /dev/null +++ b/modules/gallery/views/item_edit.html.php @@ -0,0 +1,9 @@ + + + + +
+ +
\ No newline at end of file diff --git a/modules/tag/helpers/tag_event.php b/modules/tag/helpers/tag_event.php index e1ab1b73..58034900 100644 --- a/modules/tag/helpers/tag_event.php +++ b/modules/tag/helpers/tag_event.php @@ -64,9 +64,15 @@ class tag_event_Core { tag::compact(); } - static function item_edit_form($item, $form) { + static function item_edit_form($item, $view) { + $url = url::site("tags/autocomplete"); + $view->script[] = "$('#gEditFormContainer form').ready(function() { + $('#gEditFormContainer form input[id=tags]').autocomplete( + '$url', {max: 30, formatResult: formatTagAutoCompleteResult} + ); + });"; $tag_value = implode("; ", tag::item_tags($item)); - $form->edit_item->input("tags")->label(t("Tags (separate by , or ;)")) + $view->form->edit_item->input("tags")->label(t("Tags (separate by , or ;)")) ->value($tag_value); } diff --git a/modules/tag/js/tag.js b/modules/tag/js/tag.js index 282da1ea..bbf44166 100644 --- a/modules/tag/js/tag.js +++ b/modules/tag/js/tag.js @@ -68,7 +68,7 @@ function editInPlace(element) { } function formatTagAutoCompleteResult(row) { - var text = $("#gAddTagForm input:text").val(); + var text = $(".ac_loading").val(); if (/[\s,;]/.test(text)) { for (var i= text.length - 1; i >= 0; i--) { var chr = text.charAt(i); -- cgit v1.2.3 From a7f4d7aced009007d36e48685648e9bc3382f8cb Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 28 Jul 2009 20:40:28 +0800 Subject: Revert commit 078c77a62b623322956457bfd7bfbdaf56203b00 and change the tag_event:item_edit_form to use the new Form_Script library to inject script into a form. Signed-off-by: Tim Almdal --- modules/gallery/controllers/albums.php | 5 ++--- modules/gallery/controllers/movies.php | 5 ++--- modules/gallery/controllers/photos.php | 5 ++--- modules/gallery/helpers/album.php | 14 ++++++-------- modules/gallery/helpers/photo.php | 14 ++++++-------- modules/gallery/tests/xss_data.txt | 2 -- modules/gallery/views/item_edit.html.php | 9 --------- modules/tag/helpers/tag_event.php | 18 +++++++----------- modules/tag/js/tag.js | 1 + 9 files changed, 26 insertions(+), 47 deletions(-) delete mode 100644 modules/gallery/views/item_edit.html.php (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 4fefd3a1..56b74cb1 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -166,8 +166,7 @@ class Albums_Controller extends Items_Controller { access::required("view", $album); access::required("edit", $album); - $view = album::get_edit_form($album); - $form = $view->form; + $form = album::get_edit_form($album); if ($valid = $form->validate()) { // Make sure that there's not a conflict if ($album->id != 1 && @@ -203,7 +202,7 @@ class Albums_Controller extends Items_Controller { } else { print json_encode( array("result" => "error", - "form" => $view->__toString())); + "form" => $form->__toString())); } } diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index 1391c4b4..c8227d74 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -70,8 +70,7 @@ class Movies_Controller extends Items_Controller { access::required("view", $photo); access::required("edit", $photo); - $view = photo::get_edit_form($photo); - $form = $view->form; + $form = photo::get_edit_form($photo); if ($valid = $form->validate()) { // Make sure that there's not a conflict if (Database::instance() @@ -102,7 +101,7 @@ class Movies_Controller extends Items_Controller { } else { print json_encode( array("result" => "error", - "form" => $view->__toString())); + "form" => $form->__toString())); } } diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 9d9b25a1..8ee24da8 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -61,8 +61,7 @@ class Photos_Controller extends Items_Controller { access::required("view", $photo); access::required("edit", $photo); - $view = photo::get_edit_form($photo); - $form = $view->form; + $form = photo::get_edit_form($photo); if ($valid = $form->validate()) { if ($form->edit_item->filename->value != $photo->name) { // Make sure that there's not a conflict @@ -95,7 +94,7 @@ class Photos_Controller extends Items_Controller { } else { print json_encode( array("result" => "error", - "form" => $view->__toString())); + "form" => $form->__toString())); } } diff --git a/modules/gallery/helpers/album.php b/modules/gallery/helpers/album.php index f146bfb3..6065f580 100644 --- a/modules/gallery/helpers/album.php +++ b/modules/gallery/helpers/album.php @@ -94,11 +94,9 @@ class album_Core { } static function get_edit_form($parent) { - $view = new View("item_edit.html"); - $view->script = array(); - $view->form = new Forge("albums/{$parent->id}", "", "post", array("id" => "gEditAlbumForm")); - $view->form->hidden("_method")->value("put"); - $group = $view->form->group("edit_item")->label(t("Edit Album")); + $form = new Forge("albums/{$parent->id}", "", "post", array("id" => "gEditAlbumForm")); + $form->hidden("_method")->value("put"); + $group = $form->group("edit_item")->label(t("Edit Album")); $group->input("title")->label(t("Title"))->value($parent->title); $group->textarea("description")->label(t("Description"))->value($parent->description); @@ -130,11 +128,11 @@ class album_Core { "DESC" => t("Descending"))) ->selected($parent->sort_order); - module::event("item_edit_form", $parent, $view); + module::event("item_edit_form", $parent, $form); $group->hidden("type")->value("album"); $group->submit("")->value(t("Modify")); - $view->form->add_rules_from(ORM::factory("item")); - return $view; + $form->add_rules_from(ORM::factory("item")); + return $form; } } diff --git a/modules/gallery/helpers/photo.php b/modules/gallery/helpers/photo.php index 299195e9..5cf37de1 100644 --- a/modules/gallery/helpers/photo.php +++ b/modules/gallery/helpers/photo.php @@ -135,11 +135,9 @@ class photo_Core { } static function get_edit_form($photo) { - $view = new View("item_edit.html"); - $view->script = array(); - $view->form = new Forge("photos/$photo->id", "", "post", array("id" => "gEditPhotoForm")); - $view->form->hidden("_method")->value("put"); - $group = $view->form->group("edit_item")->label(t("Edit Photo")); + $form = new Forge("photos/$photo->id", "", "post", array("id" => "gEditPhotoForm")); + $form->hidden("_method")->value("put"); + $group = $form->group("edit_item")->label(t("Edit Photo")); $group->input("title")->label(t("Title"))->value($photo->title); $group->textarea("description")->label(t("Description"))->value($photo->description); $group->input("filename")->label(t("Filename"))->value($photo->name) @@ -149,11 +147,11 @@ class photo_Core { ->callback("item::validate_no_trailing_period") ->error_messages("no_trailing_period", t("The photo name can't end in \".\"")); - module::event("item_edit_form", $photo, $view); + module::event("item_edit_form", $photo, $form); $group->submit("")->value(t("Modify")); - $view->form->add_rules_from(ORM::factory("item")); - return $view; + $form->add_rules_from(ORM::factory("item")); + return $form; } /** diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt index cc9261e5..82b039d7 100644 --- a/modules/gallery/tests/xss_data.txt +++ b/modules/gallery/tests/xss_data.txt @@ -207,8 +207,6 @@ modules/gallery/views/admin_themes_preview.html.php 4 DIRTY $info->na modules/gallery/views/admin_themes_preview.html.php 7 DIRTY $url modules/gallery/views/after_install.html.php 11 $user->name modules/gallery/views/after_install.html.php 15 DIRTY $user->id -modules/gallery/views/item_edit.html.php 4 DIRTY $script -modules/gallery/views/item_edit.html.php 8 DIRTY $form modules/gallery/views/kohana_error_page.php 102 DIRTY $message modules/gallery/views/kohana_error_page.php 104 DIRTY $file modules/gallery/views/kohana_error_page.php 104 DIRTY $line diff --git a/modules/gallery/views/item_edit.html.php b/modules/gallery/views/item_edit.html.php deleted file mode 100644 index 9aa2fb64..00000000 --- a/modules/gallery/views/item_edit.html.php +++ /dev/null @@ -1,9 +0,0 @@ - - - - -
- -
\ No newline at end of file diff --git a/modules/tag/helpers/tag_event.php b/modules/tag/helpers/tag_event.php index 0cb49ffa..0fe8a393 100644 --- a/modules/tag/helpers/tag_event.php +++ b/modules/tag/helpers/tag_event.php @@ -64,19 +64,15 @@ class tag_event_Core { tag::compact(); } - static function item_edit_form($item, $view) { + static function item_edit_form($item, $form) { $url = url::site("tags/autocomplete"); - $view->script[] = "$('#gEditFormContainer form').ready(function() { - $('#gEditFormContainer form input[id=tags]').autocomplete( - '$url', - {max: 30, - multiple: true, - multipleSeparator: ',', - cacheLength: 1} - ); - });"; + $form->script("") + ->text("$('form input[id=tags]').ready(function() { + $('form input[id=tags]').autocomplete( + '$url', {max: 30, multiple: true, multipleSeparator: ',', cacheLength: 1}); + });"); $tag_value = implode(", ", tag::item_tags($item)); - $view->form->edit_item->input("tags")->label(t("Tags (comma separated)")) + $form->edit_item->input("tags")->label(t("Tags (comma separated)")) ->value($tag_value); } diff --git a/modules/tag/js/tag.js b/modules/tag/js/tag.js index a5aaa3f8..765c2a35 100644 --- a/modules/tag/js/tag.js +++ b/modules/tag/js/tag.js @@ -66,3 +66,4 @@ function editInPlace(element) { }; ajaxify_editInPlaceForm(); } + -- cgit v1.2.3 From f5c4d23e5756c460099f04ca5a57c0002292d9da Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Tue, 28 Jul 2009 21:33:25 +0800 Subject: Convert the album add dialog to use the new Form_Script library Signed-off-by: Tim Almdal --- modules/gallery/controllers/albums.php | 5 ++--- modules/gallery/helpers/album.php | 2 ++ 2 files changed, 4 insertions(+), 3 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 56b74cb1..cdfa823d 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -122,7 +122,7 @@ class Albums_Controller extends Items_Controller { print json_encode( array( "result" => "error", - "form" => $form->__toString() . html::script("modules/gallery/js/albums_form_add.js"))); + "form" => $form->__toString())); } } @@ -216,8 +216,7 @@ class Albums_Controller extends Items_Controller { switch ($this->input->get("type")) { case "album": - print album::get_add_form($album) . - html::script("modules/gallery/js/albums_form_add.js"); + print album::get_add_form($album); break; case "photo": diff --git a/modules/gallery/helpers/album.php b/modules/gallery/helpers/album.php index 6065f580..8a7c9951 100644 --- a/modules/gallery/helpers/album.php +++ b/modules/gallery/helpers/album.php @@ -90,6 +90,8 @@ class album_Core { $group->hidden("type")->value("album"); $group->submit("")->value(t("Create")); $form->add_rules_from(ORM::factory("item")); + $form->script("") + ->url(url::abs_file("modules/gallery/js/albums_form_add.js")); return $form; } -- cgit v1.2.3 From a2e2a2178b1b84a9895fdddd020c5ec8dddf89c5 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sat, 29 Aug 2009 10:40:34 -0700 Subject: Using SafeString in album controller / view --- modules/gallery/controllers/albums.php | 6 +++--- themes/default/views/album.html.php | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index cdfa823d..ec3eb426 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -112,7 +112,7 @@ class Albums_Controller extends Items_Controller { log::success("content", "Created an album", html::anchor("albums/$new_album->id", "view album")); message::success( - t("Created album %album_title", array("album_title" => p::clean($new_album->title)))); + t("Created album %album_title", array("album_title" => $new_album->title))); print json_encode( array("result" => "success", @@ -145,7 +145,7 @@ class Albums_Controller extends Items_Controller { log::success("content", "Added a photo", html::anchor("photos/$photo->id", "view photo")); message::success( - t("Added photo %photo_title", array("photo_title" => p::clean($photo->title)))); + t("Added photo %photo_title", array("photo_title" => $photo->title))); print json_encode( array("result" => "success", @@ -194,7 +194,7 @@ class Albums_Controller extends Items_Controller { log::success("content", "Updated album", "id\">view"); message::success( - t("Saved album %album_title", array("album_title" => p::clean($album->title)))); + t("Saved album %album_title", array("album_title" => $album->title))); print json_encode( array("result" => "success", diff --git a/themes/default/views/album.html.php b/themes/default/views/album.html.php index 65ea3381..c2f95731 100644 --- a/themes/default/views/album.html.php +++ b/themes/default/views/album.html.php @@ -2,8 +2,8 @@
album_top() ?> -

title) ?>

-
description)) ?>
+

title)->purified_html() ?>

+
description)->purified_html()) ?>
    @@ -20,7 +20,7 @@ thumb_bottom($child) ?> thumb_menu($child) ?> -

    title) ?>

    +

    title) ?>

      thumb_info($child) ?>
    -- cgit v1.2.3 From 8312eb116e65195e3fc70d59b3b0817b9c807287 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Mon, 31 Aug 2009 02:12:01 -0700 Subject: XSS review fixes (mostly adding missing html::mark_clean()) calls. --- modules/akismet/controllers/admin_akismet.php | 3 +- .../controllers/admin_advanced_settings.php | 2 +- modules/gallery/controllers/admin_maintenance.php | 2 +- modules/gallery/controllers/albums.php | 238 ++++++++++----------- modules/gallery/controllers/photos.php | 3 +- modules/gallery/helpers/graphics.php | 4 +- modules/notification/controllers/notification.php | 4 +- modules/slideshow/helpers/slideshow_event.php | 2 +- 8 files changed, 130 insertions(+), 128 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/akismet/controllers/admin_akismet.php b/modules/akismet/controllers/admin_akismet.php index 9ba89bd4..ca3a1473 100644 --- a/modules/akismet/controllers/admin_akismet.php +++ b/modules/akismet/controllers/admin_akismet.php @@ -45,7 +45,8 @@ class Admin_Akismet_Controller extends Admin_Controller { message::success(t("Your Akismet key has been saved.")); } - log::success("akismet", t("Akismet key changed to $new_key")); + log::success("akismet", t("Akismet key changed to %new_key", + array("new_key" => $new_key))); module::set_var("akismet", "api_key", $new_key); akismet::check_config(); url::redirect("admin/akismet"); diff --git a/modules/gallery/controllers/admin_advanced_settings.php b/modules/gallery/controllers/admin_advanced_settings.php index 43c77340..79bc1183 100644 --- a/modules/gallery/controllers/admin_advanced_settings.php +++ b/modules/gallery/controllers/admin_advanced_settings.php @@ -46,7 +46,7 @@ class Admin_Advanced_Settings_Controller extends Admin_Controller { module::set_var($module_name, $var_name, Input::instance()->post("value")); message::success( t("Saved value for %var (%module_name)", - array("var" => html::clean($var_name), "module_name" => $module_name))); + array("var" => $var_name, "module_name" => $module_name))); print json_encode(array("result" => "success")); } diff --git a/modules/gallery/controllers/admin_maintenance.php b/modules/gallery/controllers/admin_maintenance.php index 543961a1..66bcce55 100644 --- a/modules/gallery/controllers/admin_maintenance.php +++ b/modules/gallery/controllers/admin_maintenance.php @@ -34,7 +34,7 @@ class Admin_Maintenance_Controller extends Admin_Controller { "%count tasks are stalled", $stalled_count), t('view', - array("url" => url::site("admin/maintenance")))); + array("url" => html::mark_clean(url::site("admin/maintenance"))))); } $view = new Admin_View("admin.html"); diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index ec3eb426..78f12c80 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -1,118 +1,118 @@ -id == 1) { - $view = new Theme_View("page.html", "login"); - $view->page_title = t("Log in to Gallery"); - $view->content = user::get_login_form("login/auth_html"); - print $view; - return; - } else { - access::forbidden(); - } - } - - $show = $this->input->get("show"); - - if ($show) { - $index = $album->get_position($show); - $page = ceil($index / $page_size); - if ($page == 1) { - url::redirect("albums/$album->id"); - } else { - url::redirect("albums/$album->id?page=$page"); - } - } - - $page = $this->input->get("page", "1"); - $children_count = $album->viewable()->children_count(); - $offset = ($page - 1) * $page_size; - $max_pages = max(ceil($children_count / $page_size), 1); - - // Make sure that the page references a valid offset - if ($page < 1) { - url::redirect("albums/$album->id"); - } else if ($page > $max_pages) { - url::redirect("albums/$album->id?page=$max_pages"); - } - - $template = new Theme_View("page.html", "album"); - $template->set_global("page_size", $page_size); - $template->set_global("item", $album); - $template->set_global("children", $album->viewable()->children($page_size, $offset)); - $template->set_global("children_count", $children_count); - $template->set_global("parents", $album->parents()); - $template->content = new View("album.html"); - - // We can't use math in ORM or the query builder, so do this by hand. It's important - // that we do this with math, otherwise concurrent accesses will damage accuracy. - Database::instance()->query( - "UPDATE {items} SET `view_count` = `view_count` + 1 WHERE `id` = $album->id"); - - print $template; - } - - /** - * @see REST_Controller::_create($resource) - */ - public function _create($album) { - access::verify_csrf(); - access::required("view", $album); - access::required("add", $album); - - switch ($this->input->post("type")) { - case "album": - return $this->_create_album($album); - - case "photo": - return $this->_create_photo($album); - - default: - access::forbidden(); - } - } - - private function _create_album($album) { - access::required("view", $album); - access::required("add", $album); - - $form = album::get_add_form($album); - if ($form->validate()) { - $new_album = album::create( - $album, - $this->input->post("name"), - $this->input->post("title", $this->input->post("name")), - $this->input->post("description"), - user::active()->id); - - log::success("content", "Created an album", - html::anchor("albums/$new_album->id", "view album")); - message::success( - t("Created album %album_title", array("album_title" => $new_album->title))); + id == 1) { + $view = new Theme_View("page.html", "login"); + $view->page_title = t("Log in to Gallery"); + $view->content = user::get_login_form("login/auth_html"); + print $view; + return; + } else { + access::forbidden(); + } + } + + $show = $this->input->get("show"); + + if ($show) { + $index = $album->get_position($show); + $page = ceil($index / $page_size); + if ($page == 1) { + url::redirect("albums/$album->id"); + } else { + url::redirect("albums/$album->id?page=$page"); + } + } + + $page = $this->input->get("page", "1"); + $children_count = $album->viewable()->children_count(); + $offset = ($page - 1) * $page_size; + $max_pages = max(ceil($children_count / $page_size), 1); + + // Make sure that the page references a valid offset + if ($page < 1) { + url::redirect("albums/$album->id"); + } else if ($page > $max_pages) { + url::redirect("albums/$album->id?page=$max_pages"); + } + + $template = new Theme_View("page.html", "album"); + $template->set_global("page_size", $page_size); + $template->set_global("item", $album); + $template->set_global("children", $album->viewable()->children($page_size, $offset)); + $template->set_global("children_count", $children_count); + $template->set_global("parents", $album->parents()); + $template->content = new View("album.html"); + + // We can't use math in ORM or the query builder, so do this by hand. It's important + // that we do this with math, otherwise concurrent accesses will damage accuracy. + Database::instance()->query( + "UPDATE {items} SET `view_count` = `view_count` + 1 WHERE `id` = $album->id"); + + print $template; + } + + /** + * @see REST_Controller::_create($resource) + */ + public function _create($album) { + access::verify_csrf(); + access::required("view", $album); + access::required("add", $album); + + switch ($this->input->post("type")) { + case "album": + return $this->_create_album($album); + + case "photo": + return $this->_create_photo($album); + + default: + access::forbidden(); + } + } + + private function _create_album($album) { + access::required("view", $album); + access::required("add", $album); + + $form = album::get_add_form($album); + if ($form->validate()) { + $new_album = album::create( + $album, + $this->input->post("name"), + $this->input->post("title", $this->input->post("name")), + $this->input->post("description"), + user::active()->id); + + log::success("content", "Created an album", + html::anchor("albums/$new_album->id", "view album")); + message::success(t("Created album %album_title", + array("album_title" => html::purify($new_album->title)))); print json_encode( array("result" => "success", @@ -144,8 +144,8 @@ class Albums_Controller extends Items_Controller { user::active()->id); log::success("content", "Added a photo", html::anchor("photos/$photo->id", "view photo")); - message::success( - t("Added photo %photo_title", array("photo_title" => $photo->title))); + message::success(t("Added photo %photo_title", + array("photo_title" => html::purify($photo->title)))); print json_encode( array("result" => "success", @@ -193,8 +193,8 @@ class Albums_Controller extends Items_Controller { module::event("item_edit_form_completed", $album, $form); log::success("content", "Updated album", "id\">view"); - message::success( - t("Saved album %album_title", array("album_title" => $album->title))); + message::success(t("Saved album %album_title", + array("album_title" => html::purify($album->title)))); print json_encode( array("result" => "success", diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 3447b4c6..3b9662c7 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -86,7 +86,8 @@ class Photos_Controller extends Items_Controller { log::success("content", "Updated photo", "id\">view"); message::success( - t("Saved photo %photo_title", array("photo_title" => $photo->title))); + t("Saved photo %photo_title", + array("photo_title" => html::purify($photo->title)))); print json_encode( array("result" => "success", diff --git a/modules/gallery/helpers/graphics.php b/modules/gallery/helpers/graphics.php index acbcb9b2..521dc5a4 100644 --- a/modules/gallery/helpers/graphics.php +++ b/modules/gallery/helpers/graphics.php @@ -326,9 +326,9 @@ class graphics_Core { t2("One of your photos is out of date. Click here to fix it", "%count of your photos are out of date. Click here to fix them", $count, - array("attrs" => sprintf( + array("attrs" => html::mark_clean(sprintf( 'href="%s" class="gDialogLink"', - url::site("admin/maintenance/start/gallery_task::rebuild_dirty_images?csrf=__CSRF__")))), + url::site("admin/maintenance/start/gallery_task::rebuild_dirty_images?csrf=__CSRF__"))))), "graphics_dirty"); } } diff --git a/modules/notification/controllers/notification.php b/modules/notification/controllers/notification.php index ffb4b46a..5745de5d 100644 --- a/modules/notification/controllers/notification.php +++ b/modules/notification/controllers/notification.php @@ -26,10 +26,10 @@ class Notification_Controller extends Controller { if (notification::is_watching($item)) { notification::remove_watch($item); - message::success(sprintf(t("You are no longer watching %s"), $item->title)); + message::success(sprintf(t("You are no longer watching %s"), html::purify($item->title))); } else { notification::add_watch($item); - message::success(sprintf(t("You are now watching %s"), $item->title)); + message::success(sprintf(t("You are now watching %s"), html::purify($item->title))); } url::redirect($item->url(array(), true)); } diff --git a/modules/slideshow/helpers/slideshow_event.php b/modules/slideshow/helpers/slideshow_event.php index 1b881de4..77e296e8 100644 --- a/modules/slideshow/helpers/slideshow_event.php +++ b/modules/slideshow/helpers/slideshow_event.php @@ -23,7 +23,7 @@ class slideshow_event_Core { site_status::warning( t("The Slideshow module requires the RSS module. " . "Activate the RSS module now", - array("url" => url::site("admin/modules"))), + array("url" => html::mark_clean(url::site("admin/modules")))), "slideshow_needs_rss"); } else { site_status::clear("slideshow_needs_rss"); -- cgit v1.2.3 From c8871705550914f295f887d4a05bdec6a42a8d9e Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 31 Aug 2009 21:10:22 -0700 Subject: Stay on the same page when editing albums/movies/photos. Fixes ticket --- modules/gallery/controllers/albums.php | 3 +-- modules/gallery/controllers/movies.php | 3 +-- modules/gallery/controllers/photos.php | 3 +-- 3 files changed, 3 insertions(+), 6 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 78f12c80..8ceff0f9 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -197,8 +197,7 @@ array("album_title" => html::purify($album->title)))); print json_encode( - array("result" => "success", - "location" => url::site("albums/$album->id"))); + array("result" => "success")); } else { print json_encode( array("result" => "error", diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index 09b16759..c40cde9e 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -96,8 +96,7 @@ class Movies_Controller extends Items_Controller { t("Saved photo %photo_title", array("photo_title" => $photo->title))); print json_encode( - array("result" => "success", - "location" => url::site("photos/$photo->id"))); + array("result" => "success")); } else { print json_encode( array("result" => "error", diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 3b9662c7..dd6d3ab5 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -90,8 +90,7 @@ class Photos_Controller extends Items_Controller { array("photo_title" => html::purify($photo->title)))); print json_encode( - array("result" => "success", - "location" => url::site("photos/$photo->id"))); + array("result" => "success")); } else { print json_encode( array("result" => "error", -- cgit v1.2.3 From 2c30dc2d5b451ebd5623becd71c42b43be91d0b9 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 2 Sep 2009 14:28:00 -0700 Subject: fix a leading space that was causing the file_structure_test to fail --- modules/gallery/controllers/albums.php | 38 +++++++++++++++++----------------- 1 file changed, 19 insertions(+), 19 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 8ceff0f9..627ee052 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -1,22 +1,22 @@ - Date: Wed, 2 Sep 2009 21:29:22 -0700 Subject: Undo rest of the indentation issue accidentally created in 8312eb and partially fixed in 2c30dc --- modules/gallery/controllers/albums.php | 192 ++++++++++++++++----------------- 1 file changed, 96 insertions(+), 96 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 627ee052..5f62f798 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -17,102 +17,102 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ - class Albums_Controller extends Items_Controller { - - /** - * @see REST_Controller::_show($resource) - */ - public function _show($album) { - $page_size = module::get_var("gallery", "page_size", 9); - if (!access::can("view", $album)) { - if ($album->id == 1) { - $view = new Theme_View("page.html", "login"); - $view->page_title = t("Log in to Gallery"); - $view->content = user::get_login_form("login/auth_html"); - print $view; - return; - } else { - access::forbidden(); - } - } - - $show = $this->input->get("show"); - - if ($show) { - $index = $album->get_position($show); - $page = ceil($index / $page_size); - if ($page == 1) { - url::redirect("albums/$album->id"); - } else { - url::redirect("albums/$album->id?page=$page"); - } - } - - $page = $this->input->get("page", "1"); - $children_count = $album->viewable()->children_count(); - $offset = ($page - 1) * $page_size; - $max_pages = max(ceil($children_count / $page_size), 1); - - // Make sure that the page references a valid offset - if ($page < 1) { - url::redirect("albums/$album->id"); - } else if ($page > $max_pages) { - url::redirect("albums/$album->id?page=$max_pages"); - } - - $template = new Theme_View("page.html", "album"); - $template->set_global("page_size", $page_size); - $template->set_global("item", $album); - $template->set_global("children", $album->viewable()->children($page_size, $offset)); - $template->set_global("children_count", $children_count); - $template->set_global("parents", $album->parents()); - $template->content = new View("album.html"); - - // We can't use math in ORM or the query builder, so do this by hand. It's important - // that we do this with math, otherwise concurrent accesses will damage accuracy. - Database::instance()->query( - "UPDATE {items} SET `view_count` = `view_count` + 1 WHERE `id` = $album->id"); - - print $template; - } - - /** - * @see REST_Controller::_create($resource) - */ - public function _create($album) { - access::verify_csrf(); - access::required("view", $album); - access::required("add", $album); - - switch ($this->input->post("type")) { - case "album": - return $this->_create_album($album); - - case "photo": - return $this->_create_photo($album); - - default: - access::forbidden(); - } - } - - private function _create_album($album) { - access::required("view", $album); - access::required("add", $album); - - $form = album::get_add_form($album); - if ($form->validate()) { - $new_album = album::create( - $album, - $this->input->post("name"), - $this->input->post("title", $this->input->post("name")), - $this->input->post("description"), - user::active()->id); - - log::success("content", "Created an album", - html::anchor("albums/$new_album->id", "view album")); - message::success(t("Created album %album_title", - array("album_title" => html::purify($new_album->title)))); +class Albums_Controller extends Items_Controller { + + /** + * @see REST_Controller::_show($resource) + */ + public function _show($album) { + $page_size = module::get_var("gallery", "page_size", 9); + if (!access::can("view", $album)) { + if ($album->id == 1) { + $view = new Theme_View("page.html", "login"); + $view->page_title = t("Log in to Gallery"); + $view->content = user::get_login_form("login/auth_html"); + print $view; + return; + } else { + access::forbidden(); + } + } + + $show = $this->input->get("show"); + + if ($show) { + $index = $album->get_position($show); + $page = ceil($index / $page_size); + if ($page == 1) { + url::redirect("albums/$album->id"); + } else { + url::redirect("albums/$album->id?page=$page"); + } + } + + $page = $this->input->get("page", "1"); + $children_count = $album->viewable()->children_count(); + $offset = ($page - 1) * $page_size; + $max_pages = max(ceil($children_count / $page_size), 1); + + // Make sure that the page references a valid offset + if ($page < 1) { + url::redirect("albums/$album->id"); + } else if ($page > $max_pages) { + url::redirect("albums/$album->id?page=$max_pages"); + } + + $template = new Theme_View("page.html", "album"); + $template->set_global("page_size", $page_size); + $template->set_global("item", $album); + $template->set_global("children", $album->viewable()->children($page_size, $offset)); + $template->set_global("children_count", $children_count); + $template->set_global("parents", $album->parents()); + $template->content = new View("album.html"); + + // We can't use math in ORM or the query builder, so do this by hand. It's important + // that we do this with math, otherwise concurrent accesses will damage accuracy. + Database::instance()->query( + "UPDATE {items} SET `view_count` = `view_count` + 1 WHERE `id` = $album->id"); + + print $template; + } + + /** + * @see REST_Controller::_create($resource) + */ + public function _create($album) { + access::verify_csrf(); + access::required("view", $album); + access::required("add", $album); + + switch ($this->input->post("type")) { + case "album": + return $this->_create_album($album); + + case "photo": + return $this->_create_photo($album); + + default: + access::forbidden(); + } + } + + private function _create_album($album) { + access::required("view", $album); + access::required("add", $album); + + $form = album::get_add_form($album); + if ($form->validate()) { + $new_album = album::create( + $album, + $this->input->post("name"), + $this->input->post("title", $this->input->post("name")), + $this->input->post("description"), + user::active()->id); + + log::success("content", "Created an album", + html::anchor("albums/$new_album->id", "view album")); + message::success(t("Created album %album_title", + array("album_title" => html::purify($new_album->title)))); print json_encode( array("result" => "success", -- cgit v1.2.3 From f28353f4e1c573a33dc1c3375585ab040f8be2fc Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 7 Sep 2009 21:01:51 -0700 Subject: Add the 'Internet Address' field to all items, along with proper validation for the fields. --- modules/gallery/controllers/albums.php | 20 ++++++++++++++++---- modules/gallery/controllers/movies.php | 20 ++++++++++++++++---- modules/gallery/controllers/photos.php | 31 +++++++++++++++++++++---------- modules/gallery/helpers/album.php | 17 ++++++++++++++--- modules/gallery/helpers/photo.php | 16 +++++++++++++--- 5 files changed, 80 insertions(+), 24 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 5f62f798..732a1789 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -168,15 +168,27 @@ class Albums_Controller extends Items_Controller { $form = album::get_edit_form($album); if ($valid = $form->validate()) { - // Make sure that there's not a conflict if ($album->id != 1 && - Database::instance() + $form->edit_item->dirname->value != $album->name || + $form->edit_item->slug->value != $album->slug) { + // Make sure that there's not a conflict + $row = Database::instance() + ->select(array("name", "slug")) ->from("items") ->where("parent_id", $album->parent_id) ->where("id <>", $album->id) + ->open_paren() ->where("name", $form->edit_item->dirname->value) - ->count_records()) { - $form->edit_item->dirname->add_error("conflict", 1); + ->orwhere("slug", $form->edit_item->slug->value) + ->close_paren() + ->get() + ->current(); + if ($row->name == $form->edit_item->dirname->value) { + $form->edit_item->dirname->add_error("name_conflict", 1); + } + if ($row->slug == $form->edit_item->slug->value) { + $form->edit_item->slug->add_error("slug_conflict", 1); + } $valid = false; } } diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index c40cde9e..2ba6bb5b 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -72,14 +72,26 @@ class Movies_Controller extends Items_Controller { $form = photo::get_edit_form($photo); if ($valid = $form->validate()) { - // Make sure that there's not a conflict - if (Database::instance() + if ($form->edit_item->filename->value != $photo->name || + $form->edit_item->slug->value != $photo->slug) { + // Make sure that there's not a name or slug conflict + $row = Database::instance() + ->select(array("name", "slug")) ->from("items") ->where("parent_id", $photo->parent_id) ->where("id <>", $photo->id) + ->open_paren() ->where("name", $form->edit_item->filename->value) - ->count_records()) { - $form->edit_item->filename->add_error("conflict", 1); + ->orwhere("slug", $form->edit_item->slug->value) + ->close_paren() + ->get() + ->current(); + if ($row->name == $form->edit_item->filename->value) { + $form->edit_item->filename->add_error("name_conflict", 1); + } + if ($row->slug == $form->edit_item->slug->value) { + $form->edit_item->slug->add_error("slug_conflict", 1); + } $valid = false; } } diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index dd6d3ab5..159501c0 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -62,18 +62,29 @@ class Photos_Controller extends Items_Controller { access::required("edit", $photo); $form = photo::get_edit_form($photo); + $valid = $form->validate(); if ($valid = $form->validate()) { - if ($form->edit_item->filename->value != $photo->name) { - // Make sure that there's not a conflict - if (Database::instance() - ->from("items") - ->where("parent_id", $photo->parent_id) - ->where("id <>", $photo->id) - ->where("name", $form->edit_item->filename->value) - ->count_records()) { - $form->edit_item->filename->add_error("conflict", 1); - $valid = false; + if ($form->edit_item->filename->value != $photo->name || + $form->edit_item->slug->value != $photo->slug) { + // Make sure that there's not a name or slug conflict + $row = Database::instance() + ->select(array("name", "slug")) + ->from("items") + ->where("parent_id", $photo->parent_id) + ->where("id <>", $photo->id) + ->open_paren() + ->where("name", $form->edit_item->filename->value) + ->orwhere("slug", $form->edit_item->slug->value) + ->close_paren() + ->get() + ->current(); + if ($row->name == $form->edit_item->filename->value) { + $form->edit_item->filename->add_error("name_conflict", 1); } + if ($row->slug == $form->edit_item->slug->value) { + $form->edit_item->slug->add_error("slug_conflict", 1); + } + $valid = false; } } diff --git a/modules/gallery/helpers/album.php b/modules/gallery/helpers/album.php index d995b6ad..bae480b7 100644 --- a/modules/gallery/helpers/album.php +++ b/modules/gallery/helpers/album.php @@ -97,10 +97,14 @@ class album_Core { ->label(t("Add an album to %album_title", array("album_title" => $parent->title))); $group->input("title")->label(t("Title")); $group->textarea("description")->label(t("Description")); - $group->input("name")->label(t("Directory Name")) + $group->input("name")->label(t("Directory name")) ->callback("item::validate_no_slashes") ->error_messages("no_slashes", t("The directory name can't contain the \"/\" character")); - $group->input("slug")->label(t("Internet Address")); + $group->input("slug")->label(t("Internet Address")) + ->callback("item::validate_url_safe") + ->error_messages( + "not_url_safe", + t("The internet address should contain only letters, numbers, hyphens and underscores")); $group->hidden("type")->value("album"); $group->submit("")->value(t("Create")); $form->add_rules_from(ORM::factory("item")); @@ -119,11 +123,18 @@ class album_Core { if ($parent->id != 1) { $group->input("dirname")->label(t("Directory Name"))->value($parent->name) ->rules("required") + ->error_messages("name_conflict", t("There is already a photo or album with this name")) ->callback("item::validate_no_slashes") ->error_messages("no_slashes", t("The directory name can't contain a \"/\"")) ->callback("item::validate_no_trailing_period") ->error_messages("no_trailing_period", t("The directory name can't end in \".\"")); - $group->input("slug")->label(t("Internet Address"))->value($parent->slug); + $group->input("slug")->label(t("Internet Address"))->value($parent->slug) + ->error_messages( + "slug_conflict", t("There is already a photo or album with this internet address")) + ->callback("item::validate_url_safe") + ->error_messages( + "not_url_safe", + t("The internet address should contain only letters, numbers, hyphens and underscores")); } $sort_order = $group->group("sort_order", array("id" => "gAlbumSortOrder")) diff --git a/modules/gallery/helpers/photo.php b/modules/gallery/helpers/photo.php index 12515330..a56c7e3c 100644 --- a/modules/gallery/helpers/photo.php +++ b/modules/gallery/helpers/photo.php @@ -144,7 +144,11 @@ class photo_Core { $group->input("title")->label(t("Title")); $group->textarea("description")->label(t("Description")); $group->input("name")->label(t("Filename")); - $group->input("slug")->label(t("Internet Address"))->value($photo->slug); + $group->input("slug")->label(t("Internet Address"))->value($photo->slug) + ->callback("item::validate_url_safe") + ->error_messages( + "not_url_safe", + t("The internet address should contain only letters, numbers, hyphens and underscores")); $group->upload("file")->label(t("File"))->rules("required|allow[jpg,png,gif,flv,mp4]"); $group->hidden("type")->value("photo"); $group->submit("")->value(t("Upload")); @@ -159,12 +163,18 @@ class photo_Core { $group->input("title")->label(t("Title"))->value($photo->title); $group->textarea("description")->label(t("Description"))->value($photo->description); $group->input("filename")->label(t("Filename"))->value($photo->name) - ->error_messages("conflict", t("There is already a file with this name")) + ->error_messages("name_conflict", t("There is already a photo or album with this name")) ->callback("item::validate_no_slashes") ->error_messages("no_slashes", t("The photo name can't contain a \"/\"")) ->callback("item::validate_no_trailing_period") ->error_messages("no_trailing_period", t("The photo name can't end in \".\"")); - $group->input("slug")->label(t("Internet Address"))->value($photo->slug); + $group->input("slug")->label(t("Internet Address"))->value($photo->slug) + ->callback("item::validate_url_safe") + ->error_messages( + "slug_conflict", t("There is already a photo or album with this internet address")) + ->error_messages( + "not_url_safe", + t("The internet address should contain only letters, numbers, hyphens and underscores")); module::event("item_edit_form", $photo, $form); -- cgit v1.2.3 From 78a42d9b8397e36bdd2a84e1fd6b4f49f0873b78 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 7 Sep 2009 21:09:52 -0700 Subject: 1. Actually set the slug to the new value in the controllers. 2. Fix up an issue where we were crashing if there were no conflicting rows 3. Amend Item_Model so that if you change the slug, it flushes the cache for all children --- modules/gallery/controllers/albums.php | 36 ++++++++++++++++++---------------- modules/gallery/controllers/movies.php | 36 ++++++++++++++++++---------------- modules/gallery/controllers/photos.php | 36 ++++++++++++++++++---------------- modules/gallery/models/item.php | 13 +++++++++--- 4 files changed, 67 insertions(+), 54 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 732a1789..b7a9f339 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -172,24 +172,25 @@ class Albums_Controller extends Items_Controller { $form->edit_item->dirname->value != $album->name || $form->edit_item->slug->value != $album->slug) { // Make sure that there's not a conflict - $row = Database::instance() - ->select(array("name", "slug")) - ->from("items") - ->where("parent_id", $album->parent_id) - ->where("id <>", $album->id) - ->open_paren() - ->where("name", $form->edit_item->dirname->value) - ->orwhere("slug", $form->edit_item->slug->value) - ->close_paren() - ->get() - ->current(); - if ($row->name == $form->edit_item->dirname->value) { - $form->edit_item->dirname->add_error("name_conflict", 1); + if ($row = Database::instance() + ->select(array("name", "slug")) + ->from("items") + ->where("parent_id", $album->parent_id) + ->where("id <>", $album->id) + ->open_paren() + ->where("name", $form->edit_item->dirname->value) + ->orwhere("slug", $form->edit_item->slug->value) + ->close_paren() + ->get() + ->current()) { + if ($row->name == $form->edit_item->dirname->value) { + $form->edit_item->dirname->add_error("name_conflict", 1); + } + if ($row->slug == $form->edit_item->slug->value) { + $form->edit_item->slug->add_error("slug_conflict", 1); + } + $valid = false; } - if ($row->slug == $form->edit_item->slug->value) { - $form->edit_item->slug->add_error("slug_conflict", 1); - } - $valid = false; } } @@ -201,6 +202,7 @@ class Albums_Controller extends Items_Controller { if ($album->id != 1) { $album->rename($form->edit_item->dirname->value); } + $album->slug = $form->edit_item->slug->value; $album->save(); module::event("item_edit_form_completed", $album, $form); diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index 2ba6bb5b..c549dbf8 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -75,30 +75,32 @@ class Movies_Controller extends Items_Controller { if ($form->edit_item->filename->value != $photo->name || $form->edit_item->slug->value != $photo->slug) { // Make sure that there's not a name or slug conflict - $row = Database::instance() - ->select(array("name", "slug")) - ->from("items") - ->where("parent_id", $photo->parent_id) - ->where("id <>", $photo->id) - ->open_paren() - ->where("name", $form->edit_item->filename->value) - ->orwhere("slug", $form->edit_item->slug->value) - ->close_paren() - ->get() - ->current(); - if ($row->name == $form->edit_item->filename->value) { - $form->edit_item->filename->add_error("name_conflict", 1); + if ($row = Database::instance() + ->select(array("name", "slug")) + ->from("items") + ->where("parent_id", $photo->parent_id) + ->where("id <>", $photo->id) + ->open_paren() + ->where("name", $form->edit_item->filename->value) + ->orwhere("slug", $form->edit_item->slug->value) + ->close_paren() + ->get() + ->current()) { + if ($row->name == $form->edit_item->filename->value) { + $form->edit_item->filename->add_error("name_conflict", 1); + } + if ($row->slug == $form->edit_item->slug->value) { + $form->edit_item->slug->add_error("slug_conflict", 1); + } + $valid = false; } - if ($row->slug == $form->edit_item->slug->value) { - $form->edit_item->slug->add_error("slug_conflict", 1); - } - $valid = false; } } if ($valid) { $photo->title = $form->edit_item->title->value; $photo->description = $form->edit_item->description->value; + $photo->slug = $form->edit_item->slug->value; $photo->rename($form->edit_item->filename->value); $photo->save(); module::event("item_edit_form_completed", $photo, $form); diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 159501c0..959097b2 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -67,30 +67,32 @@ class Photos_Controller extends Items_Controller { if ($form->edit_item->filename->value != $photo->name || $form->edit_item->slug->value != $photo->slug) { // Make sure that there's not a name or slug conflict - $row = Database::instance() - ->select(array("name", "slug")) - ->from("items") - ->where("parent_id", $photo->parent_id) - ->where("id <>", $photo->id) - ->open_paren() - ->where("name", $form->edit_item->filename->value) - ->orwhere("slug", $form->edit_item->slug->value) - ->close_paren() - ->get() - ->current(); - if ($row->name == $form->edit_item->filename->value) { - $form->edit_item->filename->add_error("name_conflict", 1); + if ($row = Database::instance() + ->select(array("name", "slug")) + ->from("items") + ->where("parent_id", $photo->parent_id) + ->where("id <>", $photo->id) + ->open_paren() + ->where("name", $form->edit_item->filename->value) + ->orwhere("slug", $form->edit_item->slug->value) + ->close_paren() + ->get() + ->current()) { + if ($row->name == $form->edit_item->filename->value) { + $form->edit_item->filename->add_error("name_conflict", 1); + } + if ($row->slug == $form->edit_item->slug->value) { + $form->edit_item->slug->add_error("slug_conflict", 1); + } + $valid = false; } - if ($row->slug == $form->edit_item->slug->value) { - $form->edit_item->slug->add_error("slug_conflict", 1); - } - $valid = false; } } if ($valid) { $photo->title = $form->edit_item->title->value; $photo->description = $form->edit_item->description->value; + $photo->slug = $form->edit_item->slug->value; $photo->rename($form->edit_item->filename->value); $photo->save(); module::event("item_edit_form_completed", $photo, $form); diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index ed1294e4..a2c49154 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -329,11 +329,18 @@ class Item_Model extends ORM_MPTT { */ public function __set($column, $value) { if ($column == "name") { - // Clear the relative path as it is no longer valid. $this->relative_path_cache = null; } else if ($column == "slug") { - // Clear the relative url as it is no longer valid. - $this->relative_url_cache = null; + if ($this->slug != $value) { + // Clear the relative url cache for this item and all children + $this->relative_url_cache = null; + if ($this->is_album()) { + Database::instance() + ->update("items", + array("relative_url_cache" => null), + array("left_ptr >" => $this->left_ptr, "right_ptr <" => $this->right_ptr)); + } + } } parent::__set($column, $value); } -- cgit v1.2.3 From 2aad580f53dbc06bb170c710467b47a5a532c6c8 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 8 Sep 2009 13:44:52 -0700 Subject: Move specialized (pretty) url generation back into Item_Model so that we're not relying on overriding url::site() to do tricks around item urls. This means that you won't get item urls by doing url::site("albums/37"), for example, but it also means that we won't get pretty urls where we don't expect them (like in the action of a
    element). Incidentally, this will help us move over to using the slug format because if you've got a bad character in a url, the edit forms will now work on it since they'll be id based. --- modules/gallery/controllers/admin_themes.php | 4 +- modules/gallery/controllers/after_install.php | 2 +- modules/gallery/controllers/albums.php | 16 ++++---- modules/gallery/controllers/move.php | 2 +- modules/gallery/controllers/movies.php | 2 +- modules/gallery/controllers/photos.php | 2 +- modules/gallery/controllers/quick.php | 2 +- modules/gallery/helpers/MY_url.php | 19 ---------- modules/gallery/helpers/gallery.php | 44 +++++++++++----------- modules/gallery/helpers/gallery_rss.php | 4 +- modules/gallery/helpers/item.php | 8 ++++ modules/gallery/models/item.php | 21 +++++++++-- .../views/admin_block_photo_stream.html.php | 2 +- modules/gallery/views/upgrader.html.php | 2 +- .../notification/views/comment_published.html.php | 4 +- modules/notification/views/item_deleted.html.php | 4 +- modules/search/views/search.html.php | 2 +- modules/user/controllers/login.php | 2 +- modules/user/controllers/logout.php | 2 +- modules/user/controllers/password.php | 2 +- themes/admin_default/views/admin.html.php | 6 +-- themes/default/views/page.html.php | 4 +- 22 files changed, 80 insertions(+), 76 deletions(-) (limited to 'modules/gallery/controllers/albums.php') diff --git a/modules/gallery/controllers/admin_themes.php b/modules/gallery/controllers/admin_themes.php index da001c55..24f91aba 100644 --- a/modules/gallery/controllers/admin_themes.php +++ b/modules/gallery/controllers/admin_themes.php @@ -38,7 +38,7 @@ class Admin_Themes_Controller extends Admin_Controller { $theme_info = new ArrayObject(parse_ini_file($file), ArrayObject::ARRAY_AS_PROPS); $theme_info->description = t($theme_info->description); $theme_info->name = t($theme_info->name); - + $themes[$theme_name] = $theme_info; } return $themes; @@ -54,7 +54,7 @@ class Admin_Themes_Controller extends Admin_Controller { if ($type == "admin") { $view->url = url::site("admin?theme=$theme_name"); } else { - $view->url = url::site("albums/1?theme=$theme_name"); + $view->url = item::root()->url("theme=$theme_name"); } print $view; } diff --git a/modules/gallery/controllers/after_install.php b/modules/gallery/controllers/after_install.php index f066afe4..b640092f 100644 --- a/modules/gallery/controllers/after_install.php +++ b/modules/gallery/controllers/after_install.php @@ -20,7 +20,7 @@ class After_Install_Controller extends Controller { public function index() { if (!user::active()->admin) { - url::redirect("albums/1"); + url::redirect(item::root()->url()); } $v = new View("after_install.html"); diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index b7a9f339..abcabfa6 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -42,9 +42,9 @@ class Albums_Controller extends Items_Controller { $index = $album->get_position($show); $page = ceil($index / $page_size); if ($page == 1) { - url::redirect("albums/$album->id"); + url::redirect($album->url()); } else { - url::redirect("albums/$album->id?page=$page"); + url::redirect($album->url("page=$page")); } } @@ -55,9 +55,9 @@ class Albums_Controller extends Items_Controller { // Make sure that the page references a valid offset if ($page < 1) { - url::redirect("albums/$album->id"); + url::redirect($album->url()); } else if ($page > $max_pages) { - url::redirect("albums/$album->id?page=$max_pages"); + url::redirect($album->url("page=$max_pages")); } $template = new Theme_View("page.html", "album"); @@ -116,8 +116,8 @@ class Albums_Controller extends Items_Controller { print json_encode( array("result" => "success", - "location" => url::site("albums/$new_album->id"), - "resource" => url::site("albums/$new_album->id"))); + "location" => $new_album->url(), + "resource" => $new_album->url())); } else { print json_encode( array( @@ -149,8 +149,8 @@ class Albums_Controller extends Items_Controller { print json_encode( array("result" => "success", - "resource" => url::site("photos/$photo->id"), - "location" => url::site("photos/$photo->id"))); + "resource" => $photo->url(), + "location" => $photo->url())); } else { print json_encode( array("result" => "error", diff --git a/modules/gallery/controllers/move.php b/modules/gallery/controllers/move.php index 93ef05a6..87b73436 100644 --- a/modules/gallery/controllers/move.php +++ b/modules/gallery/controllers/move.php @@ -43,7 +43,7 @@ class Move_Controller extends Controller { print json_encode( array("result" => "success", - "location" => url::site("albums/{$target->id}"))); + "location" => $target->url())); } public function show_sub_tree($source_id, $target_id) { diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index c549dbf8..1c266cc8 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -105,7 +105,7 @@ class Movies_Controller extends Items_Controller { $photo->save(); module::event("item_edit_form_completed", $photo, $form); - log::success("content", "Updated photo", "id\">view"); + log::success("content", "Updated photo", "url()}\">view"); message::success( t("Saved photo %photo_title", array("photo_title" => $photo->title))); diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index 959097b2..79ad674a 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -97,7 +97,7 @@ class Photos_Controller extends Items_Controller { $photo->save(); module::event("item_edit_form_completed", $photo, $form); - log::success("content", "Updated photo", "id\">view"); + log::success("content", "Updated photo", "url()}\">view"); message::success( t("Saved photo %photo_title", array("photo_title" => html::purify($photo->title)))); diff --git a/modules/gallery/controllers/quick.php b/modules/gallery/controllers/quick.php index 20731f9c..2ac54754 100644 --- a/modules/gallery/controllers/quick.php +++ b/modules/gallery/controllers/quick.php @@ -121,7 +121,7 @@ class Quick_Controller extends Controller { print json_encode(array("result" => "success", "reload" => 1)); } else { print json_encode(array("result" => "success", - "location" => url::site("albums/$parent->id"))); + "location" => $parent->url())); } } diff --git a/modules/gallery/helpers/MY_url.php b/modules/gallery/helpers/MY_url.php index 1ca9a58f..368c947e 100644 --- a/modules/gallery/helpers/MY_url.php +++ b/modules/gallery/helpers/MY_url.php @@ -18,25 +18,6 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class url extends url_Core { - static function site($uri, $protocol=false) { - if (($pos = strpos($uri, "?")) !== false) { - list ($uri, $query) = explode("?", $uri, 2); - $query = "?$query"; - } else { - $query = ""; - } - - // @todo if we're only doing this for Item_Model, why not just put this - // all into Item_Model::url()? It'd make url::site() faster. Downside is that - // anywhere we refer to an item by id, eg url::site("albums/123") would have - // to load the item and do $item->url(); - $parts = explode("/", $uri, 3); - if ($parts[0] == "albums" || $parts[0] == "photos" || $parts[0] == "movies") { - $uri = model_cache::get("item", $parts[1])->relative_url(); - } - return parent::site($uri . $query, $protocol); - } - static function parse_url() { if (Router::$controller) { return; diff --git a/modules/gallery/helpers/gallery.php b/modules/gallery/helpers/gallery.php index f72ef982..813134eb 100644 --- a/modules/gallery/helpers/gallery.php +++ b/modules/gallery/helpers/gallery.php @@ -82,9 +82,9 @@ class gallery_Core { static function site_menu($menu, $theme) { if ($theme->page_type != "login") { $menu->append(Menu::factory("link") - ->id("home") - ->label(t("Home")) - ->url(url::site("albums/1"))); + ->id("home") + ->label(t("Home")) + ->url(item::root()->url())); $item = $theme->item(); @@ -92,39 +92,39 @@ class gallery_Core { $can_add = $item && access::can("add", $item); if ($can_add) { - $menu->append($add_menu = Menu::factory("submenu") - ->id("add_menu") - ->label(t("Add"))); + $menu->append($add_menu = Menu::factory("submenu") + ->id("add_menu") + ->label(t("Add"))); $add_menu->append(Menu::factory("dialog") - ->id("add_photos_item") - ->label(t("Add photos")) - ->url(url::site("simple_uploader/app/$item->id"))); + ->id("add_photos_item") + ->label(t("Add photos")) + ->url(url::site("simple_uploader/app/$item->id"))); if ($item->is_album()) { - $add_menu->append(Menu::factory("dialog") - ->id("add_album_item") - ->label(t("Add an album")) - ->url(url::site("form/add/albums/$item->id?type=album"))); - } + $add_menu->append(Menu::factory("dialog") + ->id("add_album_item") + ->label(t("Add an album")) + ->url(url::site("form/add/albums/$item->id?type=album"))); + } } $menu->append($options_menu = Menu::factory("submenu") - ->id("options_menu") - ->label(t("Photo options"))); + ->id("options_menu") + ->label(t("Photo options"))); if ($item && ($can_edit || $can_add)) { if ($can_edit) { $options_menu->append(Menu::factory("dialog") - ->id("edit_item") - ->label($item->is_album() ? t("Edit album") : t("Edit photo")) - ->url(url::site("form/edit/{$item->type}s/$item->id"))); + ->id("edit_item") + ->label($item->is_album() ? t("Edit album") : t("Edit photo")) + ->url(url::site("form/edit/{$item->type}s/$item->id"))); } if ($item->is_album()) { $options_menu->label(t("Album options")); if ($can_edit) { $options_menu->append(Menu::factory("dialog") - ->id("edit_permissions") - ->label(t("Edit permissions")) - ->url(url::site("permissions/browse/$item->id"))); + ->id("edit_permissions") + ->label(t("Edit permissions")) + ->url(url::site("permissions/browse/$item->id"))); } } } diff --git a/modules/gallery/helpers/gallery_rss.php b/modules/gallery/helpers/gallery_rss.php index dee6ae40..f30df092 100644 --- a/modules/gallery/helpers/gallery_rss.php +++ b/modules/gallery/helpers/gallery_rss.php @@ -40,7 +40,7 @@ class gallery_rss_Core { $feed->max_pages = ceil($all_children->find_all()->count() / $limit); $feed->title = t("Recent Updates"); - $feed->link = url::abs_site("albums/1"); + $feed->link = item::root()->abs_url(); $feed->description = t("Recent Updates"); return $feed; @@ -54,7 +54,7 @@ class gallery_rss_Core { $feed->max_pages = ceil( $item->viewable()->descendants_count(array("type" => "photo")) / $limit); $feed->title = html::purify($item->title); - $feed->link = url::abs_site("albums/{$item->id}"); + $feed->link = $item->abs_url(); $feed->description = nl2br(html::purify($item->description)); return $feed; diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php index 8da88b6e..d907a177 100644 --- a/modules/gallery/helpers/item.php +++ b/modules/gallery/helpers/item.php @@ -184,4 +184,12 @@ class item_Core { return $model; } + + /** + * Return the root Item_Model + * @return Item_Model + */ + static function root() { + return model_cache::get("item", 1); + } } \ No newline at end of file diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index 0ec5d048..6e9debea 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -168,9 +168,24 @@ class Item_Model extends ORM_MPTT { * * @param string $query the query string (eg "show=3") */ - public function url($query=array(), $full_uri=false) { - $url = ($full_uri ? url::abs_site("{$this->type}s/$this->id") - : url::site("{$this->type}s/$this->id")); + public function url($query=null) { + $relative_url = $this->relative_url(); + $url = url::site($relative_url); + if ($query) { + $url .= "?$query"; + } + return $url; + } + + /** + * album: url::abs_site("albums/2") + * photo: url::abs_site("photos/3") + * + * @param string $query the query string (eg "show=3") + */ + public function abs_url($query=null) { + $relative_url = $this->relative_url(); + $url = url::abs_site($relative_url); if ($query) { $url .= "?$query"; } diff --git a/modules/gallery/views/admin_block_photo_stream.html.php b/modules/gallery/views/admin_block_photo_stream.html.php index 1b9d8ff5..4968c39b 100644 --- a/modules/gallery/views/admin_block_photo_stream.html.php +++ b/modules/gallery/views/admin_block_photo_stream.html.php @@ -2,7 +2,7 @@
    • - id") ?>" title="title)->for_html_attr() ?>"> + width, $photo->height, 72) ?> src="thumb_url() ?>" alt="title)->for_html_attr() ?>" /> diff --git a/modules/gallery/views/upgrader.html.php b/modules/gallery/views/upgrader.html.php index 04200920..5f93c2d5 100644 --- a/modules/gallery/views/upgrader.html.php +++ b/modules/gallery/views/upgrader.html.php @@ -18,7 +18,7 @@

      Gallery is up to date.", - array("url" => html::mark_clean(url::site("albums/1")))) ?> + array("url" => html::mark_clean(item::root()->url()))) ?>

      diff --git a/modules/notification/views/comment_published.html.php b/modules/notification/views/comment_published.html.php index e39e39c6..a8ca1899 100644 --- a/modules/notification/views/comment_published.html.php +++ b/modules/notification/views/comment_published.html.php @@ -25,8 +25,8 @@ - - item()->url(array(), true) ?>#comments + + item()->abs_url() ?>#comments diff --git a/modules/notification/views/item_deleted.html.php b/modules/notification/views/item_deleted.html.php index a51782ff..a95cdd89 100644 --- a/modules/notification/views/item_deleted.html.php +++ b/modules/notification/views/item_deleted.html.php @@ -15,8 +15,8 @@ - - parent()->url(array(), true) ?> + + parent()->abs_url() ?> diff --git a/modules/search/views/search.html.php b/modules/search/views/search.html.php index 7963948d..91d9eec8 100644 --- a/modules/search/views/search.html.php +++ b/modules/search/views/search.html.php @@ -28,7 +28,7 @@
    • - id") ?>"> + thumb_img() ?>

      title) ?> diff --git a/modules/user/controllers/login.php b/modules/user/controllers/login.php index b81b17b2..dcac0723 100644 --- a/modules/user/controllers/login.php +++ b/modules/user/controllers/login.php @@ -48,7 +48,7 @@ class Login_Controller extends Controller { list ($valid, $form) = $this->_auth("login/auth_html"); if ($valid) { - url::redirect("albums/1"); + url::redirect(item::root()->url()); } else { print $form; } diff --git a/modules/user/controllers/logout.php b/modules/user/controllers/logout.php index fc3ced56..3bf274a6 100644 --- a/modules/user/controllers/logout.php +++ b/modules/user/controllers/logout.php @@ -31,7 +31,7 @@ class Logout_Controller extends Controller { // Don't use url::redirect() because it'll call url::site() and munge the continue url. header("Location: $continue_url"); } else { - url::redirect("albums/1"); + url::redirect(item::root()->url()); } } } diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php index a6522369..8c18916e 100644 --- a/modules/user/controllers/password.php +++ b/modules/user/controllers/password.php @@ -130,7 +130,7 @@ class Password_Controller extends Controller { $user->hash = null; $user->save(); message::success(t("Password reset successfully")); - url::redirect("albums/1"); + url::redirect(item::root()->url()); } else { print $view; } diff --git a/themes/admin_default/views/admin.html.php b/themes/admin_default/views/admin.html.php index 9c5f1413..5564484c 100644 --- a/themes/admin_default/views/admin.html.php +++ b/themes/admin_default/views/admin.html.php @@ -43,10 +43,10 @@

      admin_header_top() ?>
        -
        • -         +
      • url(), "← ".t("Back to the Gallery")) ?>
        • +
      -