From 8f9a943f55c1342177d7687e3d891f5d1c9eff30 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Wed, 1 Jul 2009 17:57:39 -0700 Subject: Fix a bunch of XSS vulnerabilities turned up by manual inspection using the checklist in ticket #385. --- modules/gallery/helpers/l10n_client.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'modules/gallery/helpers/l10n_client.php') diff --git a/modules/gallery/helpers/l10n_client.php b/modules/gallery/helpers/l10n_client.php index 20f81ecc..e153532c 100644 --- a/modules/gallery/helpers/l10n_client.php +++ b/modules/gallery/helpers/l10n_client.php @@ -112,7 +112,9 @@ class l10n_client_Core { // {key:, ...} // ] $count = count($response); - log::info("translations", "Installed $count new / updated translation messages"); + log::info("translations", + t2("Installed 1 new / updated translation message", + "Installed %count new / updated translation messages", $count)); foreach ($response as $message_data) { // @todo Better input validation -- cgit v1.2.3 From ac797e609c8c319ca77f9b746a7cecad8dd69004 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 8 Jul 2009 09:08:15 -0700 Subject: Add task logging to the Update translations --- modules/gallery/helpers/gallery_task.php | 150 ++++++++++++++++--------------- modules/gallery/helpers/l10n_client.php | 9 +- 2 files changed, 84 insertions(+), 75 deletions(-) (limited to 'modules/gallery/helpers/l10n_client.php') diff --git a/modules/gallery/helpers/gallery_task.php b/modules/gallery/helpers/gallery_task.php index c673411d..9ce2c4a0 100644 --- a/modules/gallery/helpers/gallery_task.php +++ b/modules/gallery/helpers/gallery_task.php @@ -45,6 +45,7 @@ class gallery_task_Core { * @param Task_Model the task */ static function rebuild_dirty_images($task) { + $message = array(); try { $result = graphics::find_dirty_images_query(); $completed = $task->get("completed", 0); @@ -62,13 +63,12 @@ class gallery_task_Core { $success = graphics::generate($item); if (!$success) { $ignored[$item->id] = 1; - $message = t("Unable to rebuild images for '%title'", + $message[] = t("Unable to rebuild images for '%title'", array("title" => p::purify($item->title))); } else { - $message = t("Successfully rebuilt images for '%title'", + $message[] = t("Successfully rebuilt images for '%title'", array("title" => p::purify($item->title))); } - $task->log($message); } $completed++; @@ -101,88 +101,98 @@ class gallery_task_Core { $task->done = true; $task->state = "error"; $task->status = $e->getMessage(); - $task->log($e->__toString()); + $message[] = $e->__toString(); } + $task->log($message); } static function update_l10n(&$task) { - $start = microtime(true); - $dirs = $task->get("dirs"); - $files = $task->get("files"); - $cache = $task->get("cache", array()); - $i = 0; - - switch ($task->get("mode", "init")) { - case "init": // 0% - $dirs = array("gallery", "modules", "themes", "installer"); - $files = array(); - $task->set("mode", "find_files"); - $task->status = t("Finding files"); - break; - - case "find_files": // 0% - 10% - while (($dir = array_pop($dirs)) && microtime(true) - $start < 0.5) { - if (in_array(basename($dir), array("tests", "lib"))) { - continue; - } + $message = array(); + try { + $start = microtime(true); + $dirs = $task->get("dirs"); + $files = $task->get("files"); + $cache = $task->get("cache", array()); + $i = 0; - foreach (glob(DOCROOT . "$dir/*") as $path) { - $relative_path = str_replace(DOCROOT, "", $path); - if (is_dir($path)) { - $dirs[] = $relative_path; - } else { - $files[] = $relative_path; + switch ($task->get("mode", "init")) { + case "init": // 0% + $dirs = array("gallery", "modules", "themes", "installer"); + $files = array(); + $task->set("mode", "find_files"); + $task->status = t("Finding files"); + break; + + case "find_files": // 0% - 10% + while (($dir = array_pop($dirs)) && microtime(true) - $start < 0.5) { + if (in_array(basename($dir), array("tests", "lib"))) { + continue; } - } - } - $task->status = t2("Finding files: found 1 file", - "Finding files: found %count files", count($files)); + foreach (glob(DOCROOT . "$dir/*") as $path) { + $relative_path = str_replace(DOCROOT, "", $path); + if (is_dir($path)) { + $dirs[] = $relative_path; + } else { + $files[] = $relative_path; + } + } + } - if (!$dirs) { - $task->set("mode", "scan_files"); - $task->set("total_files", count($files)); - $task->status = t("Scanning files"); - $task->percent_complete = 10; - } - break; - - case "scan_files": // 10% - 90% - while (($file = array_pop($files)) && microtime(true) - $start < 0.5) { - $file = DOCROOT . $file; - switch (pathinfo($file, PATHINFO_EXTENSION)) { - case "php": - l10n_scanner::scan_php_file($file, $cache); - break; + $message[] = $task->status = t2("Finding files: found 1 file", + "Finding files: found %count files", count($files)); - case "info": - l10n_scanner::scan_info_file($file, $cache); - break; + if (!$dirs) { + $task->set("mode", "scan_files"); + $task->set("total_files", count($files)); + $task->status = t("Scanning files"); + $task->percent_complete = 10; + } + break; + + case "scan_files": // 10% - 90% + while (($file = array_pop($files)) && microtime(true) - $start < 0.5) { + $file = DOCROOT . $file; + switch (pathinfo($file, PATHINFO_EXTENSION)) { + case "php": + l10n_scanner::scan_php_file($file, $cache); + break; + + case "info": + l10n_scanner::scan_info_file($file, $cache); + break; + } } - } - $total_files = $task->get("total_files"); - $task->status = t2("Scanning files: scanned 1 file", - "Scanning files: scanned %count files", $total_files - count($files)); + $total_files = $task->get("total_files"); + $message[] = $task->status = t2("Scanning files: scanned 1 file", + "Scanning files: scanned %count files", $total_files - count($files)); - $task->percent_complete = 10 + 80 * ($total_files - count($files)) / $total_files; - if (empty($files)) { - $task->set("mode", "fetch_updates"); - $task->status = t("Fetching updates"); - $task->percent_complete = 90; + $task->percent_complete = 10 + 80 * ($total_files - count($files)) / $total_files; + if (empty($files)) { + $task->set("mode", "fetch_updates"); + $task->status = t("Fetching updates"); + $task->percent_complete = 90; + } + break; + + case "fetch_updates": // 90% - 100% + $message = array_merge($message, l10n_client::fetch_updates()); + $task->done = true; + $task->state = "success"; + $task->status = t("Translations installed/updated"); + $task->percent_complete = 100; } - break; - case "fetch_updates": // 90% - 100% - l10n_client::fetch_updates(); + $task->set("files", $files); + $task->set("dirs", $dirs); + $task->set("cache", $cache); + } catch (Exception $e) { $task->done = true; - $task->state = "success"; - $task->status = t("Translations installed/updated"); - $task->percent_complete = 100; + $task->state = "error"; + $task->status = $e->getMessage(); + $message[] = $e->__toString(); } - - $task->set("files", $files); - $task->set("dirs", $dirs); - $task->set("cache", $cache); + $task->log($message); } } \ No newline at end of file diff --git a/modules/gallery/helpers/l10n_client.php b/modules/gallery/helpers/l10n_client.php index e153532c..5b14abec 100644 --- a/modules/gallery/helpers/l10n_client.php +++ b/modules/gallery/helpers/l10n_client.php @@ -101,8 +101,7 @@ class l10n_client_Core { throw new Exception("@todo TRANSLATIONS_FETCH_REQUEST_FAILED " . $response_status); } if (empty($response_data)) { - log::info("translations", "Translations fetch request resulted in an empty response"); - return; + return array(t("Translations fetch request resulted in an empty response")); } $response = json_decode($response_data); @@ -112,9 +111,8 @@ class l10n_client_Core { // {key:, ...} // ] $count = count($response); - log::info("translations", - t2("Installed 1 new / updated translation message", - "Installed %count new / updated translation messages", $count)); + $message[] = t2("Installed 1 new / updated translation message", + "Installed %count new / updated translation messages", $count); foreach ($response as $message_data) { // @todo Better input validation @@ -152,6 +150,7 @@ class l10n_client_Core { $entry->translation = $translation; $entry->save(); } + return $message; } static function submit_translations() { -- cgit v1.2.3 From 6ac5238b83d58824eb9327406a2ee50b7e603214 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Wed, 8 Jul 2009 09:27:37 -0700 Subject: Add task logging to the "Update Search Index" task --- modules/gallery/helpers/l10n_client.php | 3 ++ modules/search/helpers/search.php | 4 +++ modules/search/helpers/search_task.php | 56 +++++++++++++++++++-------------- 3 files changed, 39 insertions(+), 24 deletions(-) (limited to 'modules/gallery/helpers/l10n_client.php') diff --git a/modules/gallery/helpers/l10n_client.php b/modules/gallery/helpers/l10n_client.php index 5b14abec..6d4da0eb 100644 --- a/modules/gallery/helpers/l10n_client.php +++ b/modules/gallery/helpers/l10n_client.php @@ -67,6 +67,9 @@ class l10n_client_Core { return true; } + /** + * @return an array of messages that will be written to the task log + */ static function fetch_updates() { $request->locales = array(); $request->messages = new stdClass(); diff --git a/modules/search/helpers/search.php b/modules/search/helpers/search.php index ea8dad81..34eaecbd 100644 --- a/modules/search/helpers/search.php +++ b/modules/search/helpers/search.php @@ -50,6 +50,9 @@ class search_Core { return array($count, new ORM_Iterator(ORM::factory("item"), $db->query($query))); } + /** + * @return string An error message suitable for inclusion in the task log + */ static function check_index() { list ($remaining) = search::stats(); if ($remaining) { @@ -76,6 +79,7 @@ class search_Core { $record->data = join(" ", $data); $record->dirty = 0; $record->save(); + return t("Search index updated for '%title'", array("title" => p::purify($item->title))); } static function stats() { diff --git a/modules/search/helpers/search_task.php b/modules/search/helpers/search_task.php index 876661e4..395bcd98 100644 --- a/modules/search/helpers/search_task.php +++ b/modules/search/helpers/search_task.php @@ -39,34 +39,42 @@ class search_task_Core { } static function update_index($task) { - $completed = $task->get("completed", 0); + try { + $completed = $task->get("completed", 0); - $start = microtime(true); - foreach (ORM::factory("item") - ->join("search_records", "items.id", "search_records.item_id", "left") - ->where("search_records.item_id", null) - ->orwhere("search_records.dirty", 1) - ->find_all() as $item) { - if (microtime(true) - $start > 1.5) { - break; - } + $start = microtime(true); + foreach (ORM::factory("item") + ->join("search_records", "items.id", "search_records.item_id", "left") + ->where("search_records.item_id", null) + ->orwhere("search_records.dirty", 1) + ->find_all() as $item) { + if (microtime(true) - $start > 1.5) { + break; + } - search::update($item); - $completed++; - } + $message[] = search::update($item); + $completed++; + } - list ($remaining, $total, $percent) = search::stats(); - $task->set("completed", $completed); - if ($remaining == 0 || !($remaining + $completed)) { + list ($remaining, $total, $percent) = search::stats(); + $task->set("completed", $completed); + if ($remaining == 0 || !($remaining + $completed)) { + $task->done = true; + $task->state = "success"; + site_status::clear("search_index_out_of_date"); + $task->percent_complete = 100; + } else { + $task->percent_complete = round(100 * $completed / ($remaining + $completed)); + } + $task->status = t2("one record updated, index is %percent% up-to-date", + "%count records updated, index is %percent% up-to-date", + $completed, array("percent" => $percent)); + } catch (Exception $e) { $task->done = true; - $task->state = "success"; - site_status::clear("search_index_out_of_date"); - $task->percent_complete = 100; - } else { - $task->percent_complete = round(100 * $completed / ($remaining + $completed)); + $task->state = "error"; + $task->status = $e->getMessage(); + $message[] = $e->__toString(); } - $task->status = t2("one record updated, index is %percent% up-to-date", - "%count records updated, index is %percent% up-to-date", - $completed, array("percent" => $percent)); + $task->log($message); } } -- cgit v1.2.3 From 5118afc959650469874733a1060fbe22364d8c28 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Thu, 9 Jul 2009 08:39:00 -0700 Subject: Revert "Add task logging to the "Update Search Index" task" This reverts commit 6ac5238b83d58824eb9327406a2ee50b7e603214. --- modules/gallery/helpers/l10n_client.php | 3 -- modules/search/helpers/search.php | 4 --- modules/search/helpers/search_task.php | 56 ++++++++++++++------------------- 3 files changed, 24 insertions(+), 39 deletions(-) (limited to 'modules/gallery/helpers/l10n_client.php') diff --git a/modules/gallery/helpers/l10n_client.php b/modules/gallery/helpers/l10n_client.php index 6d4da0eb..5b14abec 100644 --- a/modules/gallery/helpers/l10n_client.php +++ b/modules/gallery/helpers/l10n_client.php @@ -67,9 +67,6 @@ class l10n_client_Core { return true; } - /** - * @return an array of messages that will be written to the task log - */ static function fetch_updates() { $request->locales = array(); $request->messages = new stdClass(); diff --git a/modules/search/helpers/search.php b/modules/search/helpers/search.php index 34eaecbd..ea8dad81 100644 --- a/modules/search/helpers/search.php +++ b/modules/search/helpers/search.php @@ -50,9 +50,6 @@ class search_Core { return array($count, new ORM_Iterator(ORM::factory("item"), $db->query($query))); } - /** - * @return string An error message suitable for inclusion in the task log - */ static function check_index() { list ($remaining) = search::stats(); if ($remaining) { @@ -79,7 +76,6 @@ class search_Core { $record->data = join(" ", $data); $record->dirty = 0; $record->save(); - return t("Search index updated for '%title'", array("title" => p::purify($item->title))); } static function stats() { diff --git a/modules/search/helpers/search_task.php b/modules/search/helpers/search_task.php index 395bcd98..876661e4 100644 --- a/modules/search/helpers/search_task.php +++ b/modules/search/helpers/search_task.php @@ -39,42 +39,34 @@ class search_task_Core { } static function update_index($task) { - try { - $completed = $task->get("completed", 0); + $completed = $task->get("completed", 0); - $start = microtime(true); - foreach (ORM::factory("item") - ->join("search_records", "items.id", "search_records.item_id", "left") - ->where("search_records.item_id", null) - ->orwhere("search_records.dirty", 1) - ->find_all() as $item) { - if (microtime(true) - $start > 1.5) { - break; - } - - $message[] = search::update($item); - $completed++; + $start = microtime(true); + foreach (ORM::factory("item") + ->join("search_records", "items.id", "search_records.item_id", "left") + ->where("search_records.item_id", null) + ->orwhere("search_records.dirty", 1) + ->find_all() as $item) { + if (microtime(true) - $start > 1.5) { + break; } - list ($remaining, $total, $percent) = search::stats(); - $task->set("completed", $completed); - if ($remaining == 0 || !($remaining + $completed)) { - $task->done = true; - $task->state = "success"; - site_status::clear("search_index_out_of_date"); - $task->percent_complete = 100; - } else { - $task->percent_complete = round(100 * $completed / ($remaining + $completed)); - } - $task->status = t2("one record updated, index is %percent% up-to-date", - "%count records updated, index is %percent% up-to-date", - $completed, array("percent" => $percent)); - } catch (Exception $e) { + search::update($item); + $completed++; + } + + list ($remaining, $total, $percent) = search::stats(); + $task->set("completed", $completed); + if ($remaining == 0 || !($remaining + $completed)) { $task->done = true; - $task->state = "error"; - $task->status = $e->getMessage(); - $message[] = $e->__toString(); + $task->state = "success"; + site_status::clear("search_index_out_of_date"); + $task->percent_complete = 100; + } else { + $task->percent_complete = round(100 * $completed / ($remaining + $completed)); } - $task->log($message); + $task->status = t2("one record updated, index is %percent% up-to-date", + "%count records updated, index is %percent% up-to-date", + $completed, array("percent" => $percent)); } } -- cgit v1.2.3 From e7e2d99255259a708999727ae3a56777898a3426 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Thu, 9 Jul 2009 08:43:42 -0700 Subject: Revert "Revert "Add task logging to the "Update Search Index" task"" This reverts commit 5118afc959650469874733a1060fbe22364d8c28. --- modules/gallery/helpers/l10n_client.php | 3 ++ modules/search/helpers/search.php | 4 +++ modules/search/helpers/search_task.php | 56 +++++++++++++++++++-------------- 3 files changed, 39 insertions(+), 24 deletions(-) (limited to 'modules/gallery/helpers/l10n_client.php') diff --git a/modules/gallery/helpers/l10n_client.php b/modules/gallery/helpers/l10n_client.php index 5b14abec..6d4da0eb 100644 --- a/modules/gallery/helpers/l10n_client.php +++ b/modules/gallery/helpers/l10n_client.php @@ -67,6 +67,9 @@ class l10n_client_Core { return true; } + /** + * @return an array of messages that will be written to the task log + */ static function fetch_updates() { $request->locales = array(); $request->messages = new stdClass(); diff --git a/modules/search/helpers/search.php b/modules/search/helpers/search.php index ea8dad81..34eaecbd 100644 --- a/modules/search/helpers/search.php +++ b/modules/search/helpers/search.php @@ -50,6 +50,9 @@ class search_Core { return array($count, new ORM_Iterator(ORM::factory("item"), $db->query($query))); } + /** + * @return string An error message suitable for inclusion in the task log + */ static function check_index() { list ($remaining) = search::stats(); if ($remaining) { @@ -76,6 +79,7 @@ class search_Core { $record->data = join(" ", $data); $record->dirty = 0; $record->save(); + return t("Search index updated for '%title'", array("title" => p::purify($item->title))); } static function stats() { diff --git a/modules/search/helpers/search_task.php b/modules/search/helpers/search_task.php index 876661e4..395bcd98 100644 --- a/modules/search/helpers/search_task.php +++ b/modules/search/helpers/search_task.php @@ -39,34 +39,42 @@ class search_task_Core { } static function update_index($task) { - $completed = $task->get("completed", 0); + try { + $completed = $task->get("completed", 0); - $start = microtime(true); - foreach (ORM::factory("item") - ->join("search_records", "items.id", "search_records.item_id", "left") - ->where("search_records.item_id", null) - ->orwhere("search_records.dirty", 1) - ->find_all() as $item) { - if (microtime(true) - $start > 1.5) { - break; - } + $start = microtime(true); + foreach (ORM::factory("item") + ->join("search_records", "items.id", "search_records.item_id", "left") + ->where("search_records.item_id", null) + ->orwhere("search_records.dirty", 1) + ->find_all() as $item) { + if (microtime(true) - $start > 1.5) { + break; + } - search::update($item); - $completed++; - } + $message[] = search::update($item); + $completed++; + } - list ($remaining, $total, $percent) = search::stats(); - $task->set("completed", $completed); - if ($remaining == 0 || !($remaining + $completed)) { + list ($remaining, $total, $percent) = search::stats(); + $task->set("completed", $completed); + if ($remaining == 0 || !($remaining + $completed)) { + $task->done = true; + $task->state = "success"; + site_status::clear("search_index_out_of_date"); + $task->percent_complete = 100; + } else { + $task->percent_complete = round(100 * $completed / ($remaining + $completed)); + } + $task->status = t2("one record updated, index is %percent% up-to-date", + "%count records updated, index is %percent% up-to-date", + $completed, array("percent" => $percent)); + } catch (Exception $e) { $task->done = true; - $task->state = "success"; - site_status::clear("search_index_out_of_date"); - $task->percent_complete = 100; - } else { - $task->percent_complete = round(100 * $completed / ($remaining + $completed)); + $task->state = "error"; + $task->status = $e->getMessage(); + $message[] = $e->__toString(); } - $task->status = t2("one record updated, index is %percent% up-to-date", - "%count records updated, index is %percent% up-to-date", - $completed, array("percent" => $percent)); + $task->log($message); } } -- cgit v1.2.3