From b26eff7f23b970a7983baf5e211ba88968effb9d Mon Sep 17 00:00:00 2001
From: Joe7 <jozsef.rnagy@site.hu>
Date: Mon, 3 Jan 2011 15:44:36 +0100
Subject: Bugfix: input validation validates description up to length of 65535
 chars, but DB trimmed data over 2048 chars. Converting column into TEXT type.
 Note: The effective maximum length of a VARCHAR in MySQL 5.0.3 and later is
 subject to the maximum row size (65,535 bytes, which is shared among all
 columns) and the character set used. In contrast to CHAR, VARCHAR values are
 stored as a one-byte or two-byte length prefix plus data. The length prefix
 indicates the number of bytes in the value. A column uses one length byte if
 values require no more than 255 bytes, two length bytes if values may require
 more than 255 bytes.

---
 modules/gallery/helpers/gallery_installer.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'modules/gallery/helpers')

diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php
index cb314527..90d6d4b7 100644
--- a/modules/gallery/helpers/gallery_installer.php
+++ b/modules/gallery/helpers/gallery_installer.php
@@ -309,7 +309,7 @@ class gallery_installer {
     module::set_var("gallery", "show_user_profiles_to", "registered_users");
     module::set_var("gallery", "extra_binary_paths", "/usr/local/bin:/opt/local/bin:/opt/bin");
 
-    module::set_version("gallery", 42);
+    module::set_version("gallery", 43);
   }
 
   static function upgrade($version) {
@@ -648,6 +648,11 @@ class gallery_installer {
       $db->query("ALTER TABLE {caches} DROP INDEX `key`, ADD UNIQUE `key` (`key`)");
       module::set_version("gallery", $version = 42);
     }
+
+    if ($version == 42) {
+      $db->query("ALTER TABLE {items} CHANGE `description` `description` TEXT DEFAULT NULL");
+      module::set_version("gallery", $version = 43);
+    }
   }
 
   static function uninstall() {
-- 
cgit v1.2.3


From e6a5f39b9113fa9cfc526b873947e365793d4e3e Mon Sep 17 00:00:00 2001
From: Joe7 <jozsef.rnagy@site.hu>
Date: Mon, 3 Jan 2011 20:07:12 +0100
Subject: case fix

---
 modules/gallery/helpers/gallery_installer.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/gallery/helpers')

diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php
index 90d6d4b7..834a27fa 100644
--- a/modules/gallery/helpers/gallery_installer.php
+++ b/modules/gallery/helpers/gallery_installer.php
@@ -650,7 +650,7 @@ class gallery_installer {
     }
 
     if ($version == 42) {
-      $db->query("ALTER TABLE {items} CHANGE `description` `description` TEXT DEFAULT NULL");
+      $db->query("ALTER TABLE {items} CHANGE `description` `description` text DEFAULT NULL");
       module::set_version("gallery", $version = 43);
     }
   }
-- 
cgit v1.2.3


From d74aad072d8ccca70efb1c8b673e8368566a1974 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Mon, 3 Jan 2011 12:25:51 -0800
Subject: Some small follow on fixes for #1559 and #1568: 1) Make database
 changes in gallery_installer::install() instead of    in installer/install.ql
 2) Bump the version number in modules/gallery/module.info

---
 installer/install.sql                         | 4 ++--
 modules/gallery/helpers/gallery_installer.php | 4 ++--
 modules/gallery/module.info                   | 2 +-
 3 files changed, 5 insertions(+), 5 deletions(-)

(limited to 'modules/gallery/helpers')

diff --git a/installer/install.sql b/installer/install.sql
index 84a975ae..6aae8014 100644
--- a/installer/install.sql
+++ b/installer/install.sql
@@ -43,7 +43,7 @@ CREATE TABLE {caches} (
   `expiration` int(9) NOT NULL,
   `cache` longblob,
   PRIMARY KEY (`id`),
-  KEY `key` (`key`),
+  UNIQUE KEY `key` (`key`),
   KEY `tags` (`tags`)
 ) DEFAULT CHARSET=utf8;
 /*!40101 SET character_set_client = @saved_cs_client */;
@@ -152,7 +152,7 @@ CREATE TABLE {items} (
   `album_cover_item_id` int(9) DEFAULT NULL,
   `captured` int(9) DEFAULT NULL,
   `created` int(9) DEFAULT NULL,
-  `description` varchar(2048) DEFAULT NULL,
+  `description` text,
   `height` int(9) DEFAULT NULL,
   `left_ptr` int(9) NOT NULL,
   `level` int(9) NOT NULL,
diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php
index 834a27fa..f7b8da5f 100644
--- a/modules/gallery/helpers/gallery_installer.php
+++ b/modules/gallery/helpers/gallery_installer.php
@@ -44,7 +44,7 @@ class gallery_installer {
                 `expiration` int(9) NOT NULL,
                 `cache` longblob,
                 PRIMARY KEY (`id`),
-                KEY (`key`),
+                UNIQUE KEY (`key`),
                 KEY (`tags`))
                 DEFAULT CHARSET=utf8;");
 
@@ -84,7 +84,7 @@ class gallery_installer {
                  `album_cover_item_id` int(9) default NULL,
                  `captured` int(9) default NULL,
                  `created` int(9) default NULL,
-                 `description` varchar(2048) default NULL,
+                 `description` text default NULL,
                  `height` int(9) default NULL,
                  `left_ptr` int(9) NOT NULL,
                  `level` int(9) NOT NULL,
diff --git a/modules/gallery/module.info b/modules/gallery/module.info
index 0cc3f6d1..eb579ab6 100644
--- a/modules/gallery/module.info
+++ b/modules/gallery/module.info
@@ -1,3 +1,3 @@
 name = "Gallery 3"
 description = "Gallery core application"
-version = 42
+version = 43
-- 
cgit v1.2.3


From e1e1e860cd1b19ebef491f0c0f82a3cd18e63721 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sat, 8 Jan 2011 16:51:25 -0800
Subject: Use the code version when installing a module that has no installer,
 instead of hardcoding version 1.  Fixes #1589.

---
 installer/install.sql              | 2 +-
 modules/gallery/helpers/module.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'modules/gallery/helpers')

diff --git a/installer/install.sql b/installer/install.sql
index 09fabc7d..0ed7f2f3 100644
--- a/installer/install.sql
+++ b/installer/install.sql
@@ -247,7 +247,7 @@ CREATE TABLE {modules} (
 INSERT INTO {modules} VALUES (1,1,'gallery',43,1);
 INSERT INTO {modules} VALUES (2,1,'user',3,2);
 INSERT INTO {modules} VALUES (3,1,'comment',3,3);
-INSERT INTO {modules} VALUES (4,1,'organize',1,4);
+INSERT INTO {modules} VALUES (4,1,'organize',3,4);
 INSERT INTO {modules} VALUES (5,1,'info',2,5);
 INSERT INTO {modules} VALUES (6,1,'rss',1,6);
 INSERT INTO {modules} VALUES (7,1,'search',1,7);
diff --git a/modules/gallery/helpers/module.php b/modules/gallery/helpers/module.php
index 7c5578af..6efe6162 100644
--- a/modules/gallery/helpers/module.php
+++ b/modules/gallery/helpers/module.php
@@ -168,7 +168,7 @@ class module_Core {
     if (method_exists($installer_class, "install")) {
       call_user_func_array(array($installer_class, "install"), array());
     } else {
-      module::set_version($module_name, 1);
+      module::set_version($module_name, module::available()->$module_name->code_version);
     }
 
     // Set the weight of the new module, which controls the order in which the modules are
-- 
cgit v1.2.3


From 92f66058d30a04681a01b886bdc652a70652cbfa Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sat, 8 Jan 2011 16:58:52 -0800
Subject: Revert "Warn admins after login if their PHP install has the"

This reverts commit 612ddd7050889974fc1f7e449e715b4c1129c0bb.
---
 modules/gallery/helpers/gallery_event.php | 4 ----
 1 file changed, 4 deletions(-)

(limited to 'modules/gallery/helpers')

diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php
index 689e21d1..13a0bdb4 100644
--- a/modules/gallery/helpers/gallery_event.php
+++ b/modules/gallery/helpers/gallery_event.php
@@ -178,10 +178,6 @@ class gallery_event_Core {
     }
     Session::instance()->set("active_auth_timestamp", time());
     auth::clear_failed_attempts($user);
-
-    if ($user->admin && ini_get("session.use_trans_sid")) {
-      message::info(t("PHP is configured with <a href=\"url\">session.use_trans_sid</a> enabled which will cause random logouts.  Please disable this setting.", array("url" => "http://www.php.net/manual/en/session.configuration.php#ini.session.use-trans-sid")));
-    }
   }
 
   static function user_auth_failed($name) {
-- 
cgit v1.2.3


From 713bd4eb6a9bc91a244680828ce881ee8ea5f836 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sat, 8 Jan 2011 18:10:43 -0800
Subject: Improve gallery::find_file() to do a better job of detecting the
 modules/themes directories. Fixes #1590.

---
 modules/gallery/helpers/gallery.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'modules/gallery/helpers')

diff --git a/modules/gallery/helpers/gallery.php b/modules/gallery/helpers/gallery.php
index 69aabc4f..282289b5 100644
--- a/modules/gallery/helpers/gallery.php
+++ b/modules/gallery/helpers/gallery.php
@@ -153,8 +153,15 @@ class gallery_Core {
     if (is_string($file_name)) {
       // make relative to DOCROOT
       $parts = explode("/", $file_name);
+      $count = count($parts);
       foreach ($parts as $idx => $part) {
-        if (in_array($part, array("application", "modules", "themes", "lib"))) {
+        // If this part is "modules" or "themes" make sure that the part 2 after this
+        // is the target directory, and if it is then we're done.  This check makes
+        // sure that if Gallery is installed in a directory called "modules" or "themes"
+        // We don't parse the directory structure incorrectly.
+        if (in_array($part, array("modules", "themes")) &&
+            $idx + 2 < $count &&
+            $parts[$idx + 2] == $directory) {
           break;
         }
         unset($parts[$idx]);
-- 
cgit v1.2.3