From f8890be62b6c1ab14001111f10a8cbcdf973cdc1 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Wed, 15 Dec 2010 11:57:46 -0800 Subject: Follow on to d2be26e407aeb620082bcad2d5a45272868b38a1 to convert tabs to spaces. --- modules/gallery/helpers/items_rest.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/items_rest.php b/modules/gallery/helpers/items_rest.php index 08aa3279..3c09faa8 100644 --- a/modules/gallery/helpers/items_rest.php +++ b/modules/gallery/helpers/items_rest.php @@ -84,9 +84,9 @@ class items_rest_Core { if ($item->type == "album") { $members = array(); foreach ($item->viewable()->children() as $child) { - if (empty($types) || in_array($child->type, $types)) { - $members[] = rest::url("item", $child); - } + if (empty($types) || in_array($child->type, $types)) { + $members[] = rest::url("item", $child); + } } $item_rest["members"] = $members; } -- cgit v1.2.3 From 45c63f4d118bfc99924edb8685442035349af6db Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Wed, 15 Dec 2010 12:48:56 -0800 Subject: Use mt_rand() instead of rand() since it provides better portability. Fixes #1527. --- installer/installer.php | 4 +-- modules/digibug/controllers/digibug.php | 2 +- modules/digibug/tests/Digibug_Controller_Test.php | 2 +- modules/gallery/controllers/upgrader.php | 2 +- modules/gallery/helpers/access.php | 2 +- modules/gallery/helpers/block_manager.php | 2 +- modules/gallery/helpers/gallery_installer.php | 4 +-- modules/gallery/models/item.php | 4 +-- modules/gallery/tests/Albums_Controller_Test.php | 2 +- modules/gallery/tests/Cache_Test.php | 30 +++++++++++------------ modules/gallery/tests/Item_Helper_Test.php | 2 +- modules/gallery/tests/Item_Model_Test.php | 4 +-- modules/gallery_unit_test/helpers/test.php | 12 ++++----- modules/rest/helpers/rest_event.php | 6 ++--- 14 files changed, 39 insertions(+), 39 deletions(-) (limited to 'modules/gallery/helpers') diff --git a/installer/installer.php b/installer/installer.php index 9a957b43..7d358e70 100644 --- a/installer/installer.php +++ b/installer/installer.php @@ -138,7 +138,7 @@ class installer { $char += ($char > 90) ? 13 : ($char > 57) ? 7 : 0; $salt .= chr($char); } - $password = substr(md5(time() * rand()), 0, 6); + $password = substr(md5(time() . mt_rand()), 0, 6); // Escape backslash in preparation for our UPDATE statement. $hashed_password = str_replace("\\", "\\\\", $salt . md5($salt . $password)); $sql = self::prepend_prefix($config["prefix"], @@ -152,7 +152,7 @@ class installer { } static function create_admin_session($config) { - $session_id = md5(time() * rand()); + $session_id = md5(time() . mt_rand()); $user_agent = $_SERVER["HTTP_USER_AGENT"]; $user_agent_len = strlen($user_agent); $now = time(); diff --git a/modules/digibug/controllers/digibug.php b/modules/digibug/controllers/digibug.php index 88d1ace0..a9e49de7 100644 --- a/modules/digibug/controllers/digibug.php +++ b/modules/digibug/controllers/digibug.php @@ -28,7 +28,7 @@ class Digibug_Controller extends Controller { $thumb_url = $item->thumb_url(true); } else { $proxy = ORM::factory("digibug_proxy"); - $proxy->uuid = md5(rand()); + $proxy->uuid = md5(mt_rand()); $proxy->item_id = $item->id; $proxy->save(); $full_url = url::abs_site("digibug/print_proxy/full/$proxy->uuid"); diff --git a/modules/digibug/tests/Digibug_Controller_Test.php b/modules/digibug/tests/Digibug_Controller_Test.php index 19a3f9da..6f9e20df 100644 --- a/modules/digibug/tests/Digibug_Controller_Test.php +++ b/modules/digibug/tests/Digibug_Controller_Test.php @@ -36,7 +36,7 @@ class Digibug_Controller_Test extends Gallery_Unit_Test_Case { access::deny(identity::registered_users(), "view_full", $album); $proxy = ORM::factory("digibug_proxy"); - $proxy->uuid = md5(rand()); + $proxy->uuid = md5(mt_rand()); $proxy->item_id = $photo->id; return $proxy->save(); } diff --git a/modules/gallery/controllers/upgrader.php b/modules/gallery/controllers/upgrader.php index b2646874..50f6b8f0 100644 --- a/modules/gallery/controllers/upgrader.php +++ b/modules/gallery/controllers/upgrader.php @@ -23,7 +23,7 @@ class Upgrader_Controller extends Controller { // Make sure we have an upgrade token if (!($upgrade_token = $session->get("upgrade_token", null))) { - $session->set("upgrade_token", $upgrade_token = md5(rand())); + $session->set("upgrade_token", $upgrade_token = md5(time() . mt_rand())); } // If the upgrade token exists, then bless this session diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php index 0b0dcbc1..6a948999 100644 --- a/modules/gallery/helpers/access.php +++ b/modules/gallery/helpers/access.php @@ -426,7 +426,7 @@ class access_Core { $session = Session::instance(); $csrf = $session->get("csrf"); if (empty($csrf)) { - $csrf = md5(rand()); + $csrf = md5(time() . mt_rand()); $session->set("csrf", $csrf); } return $csrf; diff --git a/modules/gallery/helpers/block_manager.php b/modules/gallery/helpers/block_manager.php index 2237b702..e7247edc 100644 --- a/modules/gallery/helpers/block_manager.php +++ b/modules/gallery/helpers/block_manager.php @@ -28,7 +28,7 @@ class block_manager_Core { static function add($location, $module_name, $block_id) { $blocks = block_manager::get_active($location); - $blocks[rand()] = array($module_name, $block_id); + $blocks[mt_rand()] = array($module_name, $block_id); block_manager::set_active($location, $blocks); } diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index 3d82bc69..9c42caad 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -459,7 +459,7 @@ class gallery_installer { $blocks = block_manager::get_active($location); $new_blocks = array(); foreach ($blocks as $block) { - $new_blocks[rand()] = $block; + $new_blocks[mt_rand()] = $block; } block_manager::set_active($location, $new_blocks); } @@ -507,7 +507,7 @@ class gallery_installer { ->execute() as $row) { $new_slug = item::convert_filename_to_slug($row->slug); if (empty($new_slug)) { - $new_slug = rand(); + $new_slug = mt_rand(); } db::build() ->update("items") diff --git a/modules/gallery/models/item.php b/modules/gallery/models/item.php index a4d24b8f..b6713fc3 100644 --- a/modules/gallery/models/item.php +++ b/modules/gallery/models/item.php @@ -390,7 +390,7 @@ class Item_Model_Core extends ORM_MPTT { if (file_exists($this->resize_path()) || file_exists($this->thumb_path())) { $pi = pathinfo($this->name); - $this->name = $pi["filename"] . "-" . rand() . "." . $pi["extension"]; + $this->name = $pi["filename"] . "-" . mt_rand() . "." . $pi["extension"]; parent::save(); } @@ -512,7 +512,7 @@ class Item_Model_Core extends ORM_MPTT { ->or_where("slug", "=", $this->slug) ->close() ->find()->id) { - $rand = rand(); + $rand = mt_rand(); if ($base_ext) { $this->name = "$base_name-$rand.$base_ext"; } else { diff --git a/modules/gallery/tests/Albums_Controller_Test.php b/modules/gallery/tests/Albums_Controller_Test.php index 6c64394d..86c74890 100644 --- a/modules/gallery/tests/Albums_Controller_Test.php +++ b/modules/gallery/tests/Albums_Controller_Test.php @@ -31,7 +31,7 @@ class Albums_Controller_Test extends Gallery_Unit_Test_Case { $album = test::random_album(); // Randomize to avoid conflicts. - $new_name = "new_name_" . rand(); + $new_name = "new_name_" . mt_rand(); $_POST["name"] = $new_name; $_POST["title"] = "new title"; diff --git a/modules/gallery/tests/Cache_Test.php b/modules/gallery/tests/Cache_Test.php index e8d8b6f4..6cee2862 100644 --- a/modules/gallery/tests/Cache_Test.php +++ b/modules/gallery/tests/Cache_Test.php @@ -27,7 +27,7 @@ class Cache_Test extends Gallery_Unit_Test_Case { public function cache_exists_test() { $this->assert_false($this->_driver->exists("test_key"), "test_key should not be defined"); - $id = md5(rand()); + $id = md5(mt_rand()); db::build() ->insert("caches") ->columns("key", "tags", "expiration", "cache") @@ -38,7 +38,7 @@ class Cache_Test extends Gallery_Unit_Test_Case { } public function cache_get_test() { - $id = md5(rand()); + $id = md5(mt_rand()); db::build() ->insert("caches") @@ -54,7 +54,7 @@ class Cache_Test extends Gallery_Unit_Test_Case { } public function cache_set_test() { - $id = md5(rand()); + $id = md5(mt_rand()); $original_data = array("field1" => "value1", "field2" => "value2"); $this->_driver->set(array($id => $original_data), array("tag1", "tag2"), 84600); @@ -63,15 +63,15 @@ class Cache_Test extends Gallery_Unit_Test_Case { } public function cache_get_tag_test() { - $id1 = md5(rand()); + $id1 = md5(mt_rand()); $value1 = array("field1" => "value1", "field2" => "value2"); $this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600); - $id2 = md5(rand()); + $id2 = md5(mt_rand()); $value2 = array("field3" => "value3", "field4" => "value4"); $this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 84600); - $id3 = md5(rand()); + $id3 = md5(mt_rand()); $value3 = array("field5" => "value5", "field6" => "value6"); $this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600); @@ -86,15 +86,15 @@ class Cache_Test extends Gallery_Unit_Test_Case { } public function cache_delete_id_test() { - $id1 = md5(rand()); + $id1 = md5(mt_rand()); $value1 = array("field1" => "value1", "field2" => "value2"); $this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600); - $id2 = md5(rand()); + $id2 = md5(mt_rand()); $value2 = array("field3" => "value3", "field4" => "value4"); $this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 846000); - $id3 = md5(rand()); + $id3 = md5(mt_rand()); $value3 = array("field5" => "value5", "field6" => "value6"); $this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600); @@ -106,15 +106,15 @@ class Cache_Test extends Gallery_Unit_Test_Case { } public function cache_delete_tag_test() { - $id1 = md5(rand()); + $id1 = md5(mt_rand()); $value1 = array("field1" => "value1", "field2" => "value2"); $this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600); - $id2 = md5(rand()); + $id2 = md5(mt_rand()); $value2 = array("field3" => "value3", "field4" => "value4"); $this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 846000); - $id3 = md5(rand()); + $id3 = md5(mt_rand()); $value3 = array("field5" => "value5", "field6" => "value6"); $this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600); @@ -126,15 +126,15 @@ class Cache_Test extends Gallery_Unit_Test_Case { } public function cache_delete_all_test() { - $id1 = md5(rand()); + $id1 = md5(mt_rand()); $value1 = array("field1" => "value1", "field2" => "value2"); $this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600); - $id2 = md5(rand()); + $id2 = md5(mt_rand()); $value2 = array("field3" => "value3", "field4" => "value4"); $this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 846000); - $id3 = md5(rand()); + $id3 = md5(mt_rand()); $value3 = array("field5" => "value5", "field6" => "value6"); $this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600); diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php index eb2458cb..c93cc239 100644 --- a/modules/gallery/tests/Item_Helper_Test.php +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -92,7 +92,7 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { } public function move_conflicts_result_in_a_rename_test() { - $rand = rand(); + $rand = mt_rand(); $photo1 = test::random_photo_unsaved(item::root()); $photo1->name = "{$rand}.jpg"; $photo1->slug = (string)$rand; diff --git a/modules/gallery/tests/Item_Model_Test.php b/modules/gallery/tests/Item_Model_Test.php index 1e6d54d0..0d6d10af 100644 --- a/modules/gallery/tests/Item_Model_Test.php +++ b/modules/gallery/tests/Item_Model_Test.php @@ -278,10 +278,10 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { public function basic_validation_test() { $item = ORM::factory("item"); - $item->album_cover_item_id = rand(); // invalid + $item->album_cover_item_id = mt_rand(); // invalid $item->description = str_repeat("x", 70000); // invalid $item->name = null; - $item->parent_id = rand(); + $item->parent_id = mt_rand(); $item->slug = null; $item->sort_column = "bogus"; $item->sort_order = "bogus"; diff --git a/modules/gallery_unit_test/helpers/test.php b/modules/gallery_unit_test/helpers/test.php index 1be82a74..d5149492 100644 --- a/modules/gallery_unit_test/helpers/test.php +++ b/modules/gallery_unit_test/helpers/test.php @@ -19,7 +19,7 @@ */ class test_Core { static function random_album_unsaved($parent=null) { - $rand = rand(); + $rand = mt_rand(); $album = ORM::factory("item"); $album->type = "album"; @@ -34,7 +34,7 @@ class test_Core { } static function random_photo_unsaved($parent=null) { - $rand = rand(); + $rand = mt_rand(); $photo = ORM::factory("item"); $photo->type = "photo"; $photo->parent_id = $parent ? $parent->id : 1; @@ -49,16 +49,16 @@ class test_Core { } static function random_user($password="password") { - $rand = "name_" . rand(); + $rand = "name_" . mt_rand(); return identity::create_user($rand, $rand, $password, "$rand@rand.com"); } static function random_group() { - return identity::create_group((string)rand()); + return identity::create_group((string)mt_rand()); } static function random_name($item=null) { - $rand = "name_" . rand(); + $rand = "name_" . mt_rand(); if ($item && $item->is_photo()) { $rand .= ".jpg"; } @@ -77,7 +77,7 @@ class test_Core { static function random_tag() { $tag = ORM::factory("tag"); - $tag->name = (string)rand(); + $tag->name = (string)mt_rand(); // Reload so that ORM coerces all fields into strings. return $tag->save()->reload(); diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php index d8c69e94..4d7a4a1b 100644 --- a/modules/rest/helpers/rest_event.php +++ b/modules/rest/helpers/rest_event.php @@ -43,7 +43,7 @@ class rest_event { static function user_add_form_admin_completed($user, $form) { $key = ORM::factory("user_access_key"); $key->user_id = $user->id; - $key->access_key = md5($user->name . rand()); + $key->access_key = md5($user->name . time() . mt_rand()); $key->save(); } @@ -64,7 +64,7 @@ class rest_event { if (!$key->loaded()) { $key->user_id = $user->id; - $key->access_key = md5($user->name . rand()); + $key->access_key = md5($user->name . time() . mt_rand()); $key->save(); } @@ -93,7 +93,7 @@ class rest_event { if (!$key->loaded()) { $key->user_id = $data->user->id; - $key->access_key = md5($data->user->name . rand()); + $key->access_key = md5($data->user->name . time() . mt_rand()); $key->save(); } $view->rest_key = $key->access_key; -- cgit v1.2.3 From cd48b89f3166e7fa732b5cb06d33fba018af9127 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Wed, 15 Dec 2010 14:57:00 -0800 Subject: Consolidate all the random code into a random helper that offers: random::hash() random::string() random::percent() random::int() So that we don't have lots of different ways to get random values all over the code. Follow-on to #1527. --- modules/digibug/controllers/digibug.php | 2 +- modules/digibug/tests/Digibug_Controller_Test.php | 2 +- modules/gallery/controllers/upgrader.php | 2 +- modules/gallery/helpers/access.php | 2 +- modules/gallery/helpers/block_manager.php | 2 +- modules/gallery/helpers/gallery_installer.php | 4 +- modules/gallery/helpers/item.php | 2 +- modules/gallery/helpers/random.php | 50 +++++++++++++++++++++++ modules/gallery/models/item.php | 6 +-- modules/gallery/tests/Albums_Controller_Test.php | 2 +- modules/gallery/tests/Cache_Test.php | 30 +++++++------- modules/gallery/tests/Item_Helper_Test.php | 2 +- modules/gallery/tests/Item_Model_Test.php | 14 +++---- modules/gallery_unit_test/helpers/test.php | 12 +++--- modules/rest/helpers/rest.php | 2 +- modules/rest/helpers/rest_event.php | 6 +-- modules/user/controllers/password.php | 2 +- 17 files changed, 96 insertions(+), 46 deletions(-) create mode 100644 modules/gallery/helpers/random.php (limited to 'modules/gallery/helpers') diff --git a/modules/digibug/controllers/digibug.php b/modules/digibug/controllers/digibug.php index a9e49de7..bc0c7c5e 100644 --- a/modules/digibug/controllers/digibug.php +++ b/modules/digibug/controllers/digibug.php @@ -28,7 +28,7 @@ class Digibug_Controller extends Controller { $thumb_url = $item->thumb_url(true); } else { $proxy = ORM::factory("digibug_proxy"); - $proxy->uuid = md5(mt_rand()); + $proxy->uuid = random::hash(); $proxy->item_id = $item->id; $proxy->save(); $full_url = url::abs_site("digibug/print_proxy/full/$proxy->uuid"); diff --git a/modules/digibug/tests/Digibug_Controller_Test.php b/modules/digibug/tests/Digibug_Controller_Test.php index 6f9e20df..d331b0ae 100644 --- a/modules/digibug/tests/Digibug_Controller_Test.php +++ b/modules/digibug/tests/Digibug_Controller_Test.php @@ -36,7 +36,7 @@ class Digibug_Controller_Test extends Gallery_Unit_Test_Case { access::deny(identity::registered_users(), "view_full", $album); $proxy = ORM::factory("digibug_proxy"); - $proxy->uuid = md5(mt_rand()); + $proxy->uuid = random::hash(); $proxy->item_id = $photo->id; return $proxy->save(); } diff --git a/modules/gallery/controllers/upgrader.php b/modules/gallery/controllers/upgrader.php index 50f6b8f0..66c71648 100644 --- a/modules/gallery/controllers/upgrader.php +++ b/modules/gallery/controllers/upgrader.php @@ -23,7 +23,7 @@ class Upgrader_Controller extends Controller { // Make sure we have an upgrade token if (!($upgrade_token = $session->get("upgrade_token", null))) { - $session->set("upgrade_token", $upgrade_token = md5(time() . mt_rand())); + $session->set("upgrade_token", $upgrade_token = random::hash()); } // If the upgrade token exists, then bless this session diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php index 6a948999..a7ac3f9f 100644 --- a/modules/gallery/helpers/access.php +++ b/modules/gallery/helpers/access.php @@ -426,7 +426,7 @@ class access_Core { $session = Session::instance(); $csrf = $session->get("csrf"); if (empty($csrf)) { - $csrf = md5(time() . mt_rand()); + $csrf = random::hash(); $session->set("csrf", $csrf); } return $csrf; diff --git a/modules/gallery/helpers/block_manager.php b/modules/gallery/helpers/block_manager.php index e7247edc..4bd649c2 100644 --- a/modules/gallery/helpers/block_manager.php +++ b/modules/gallery/helpers/block_manager.php @@ -28,7 +28,7 @@ class block_manager_Core { static function add($location, $module_name, $block_id) { $blocks = block_manager::get_active($location); - $blocks[mt_rand()] = array($module_name, $block_id); + $blocks[random::int()] = array($module_name, $block_id); block_manager::set_active($location, $blocks); } diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index 9c42caad..a6b8e6a2 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -459,7 +459,7 @@ class gallery_installer { $blocks = block_manager::get_active($location); $new_blocks = array(); foreach ($blocks as $block) { - $new_blocks[mt_rand()] = $block; + $new_blocks[random::int()] = $block; } block_manager::set_active($location, $new_blocks); } @@ -507,7 +507,7 @@ class gallery_installer { ->execute() as $row) { $new_slug = item::convert_filename_to_slug($row->slug); if (empty($new_slug)) { - $new_slug = mt_rand(); + $new_slug = random::int(); } db::build() ->update("items") diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php index 052b1c8e..664da812 100644 --- a/modules/gallery/helpers/item.php +++ b/modules/gallery/helpers/item.php @@ -232,7 +232,7 @@ class item_Core { // distributed so this is going to be more efficient with larger data sets. return ORM::factory("item") ->viewable() - ->where("rand_key", "<", ((float)mt_rand()) / (float)mt_getrandmax()) + ->where("rand_key", "<", random::percent()) ->order_by("rand_key", "DESC"); } } \ No newline at end of file diff --git a/modules/gallery/helpers/random.php b/modules/gallery/helpers/random.php new file mode 100644 index 00000000..a26762bd --- /dev/null +++ b/modules/gallery/helpers/random.php @@ -0,0 +1,50 @@ +loaded()) { // Set reasonable defaults $this->created = time(); - $this->rand_key = ((float)mt_rand()) / (float)mt_getrandmax(); + $this->rand_key = random::percent(); $this->thumb_dirty = 1; $this->resize_dirty = 1; $this->sort_column = "created"; @@ -390,7 +390,7 @@ class Item_Model_Core extends ORM_MPTT { if (file_exists($this->resize_path()) || file_exists($this->thumb_path())) { $pi = pathinfo($this->name); - $this->name = $pi["filename"] . "-" . mt_rand() . "." . $pi["extension"]; + $this->name = $pi["filename"] . "-" . random::int() . "." . $pi["extension"]; parent::save(); } @@ -512,7 +512,7 @@ class Item_Model_Core extends ORM_MPTT { ->or_where("slug", "=", $this->slug) ->close() ->find()->id) { - $rand = mt_rand(); + $rand = random::int(); if ($base_ext) { $this->name = "$base_name-$rand.$base_ext"; } else { diff --git a/modules/gallery/tests/Albums_Controller_Test.php b/modules/gallery/tests/Albums_Controller_Test.php index 86c74890..35a3bdbb 100644 --- a/modules/gallery/tests/Albums_Controller_Test.php +++ b/modules/gallery/tests/Albums_Controller_Test.php @@ -31,7 +31,7 @@ class Albums_Controller_Test extends Gallery_Unit_Test_Case { $album = test::random_album(); // Randomize to avoid conflicts. - $new_name = "new_name_" . mt_rand(); + $new_name = "new_name_" . random::string(6); $_POST["name"] = $new_name; $_POST["title"] = "new title"; diff --git a/modules/gallery/tests/Cache_Test.php b/modules/gallery/tests/Cache_Test.php index 6cee2862..b95ef0a2 100644 --- a/modules/gallery/tests/Cache_Test.php +++ b/modules/gallery/tests/Cache_Test.php @@ -27,7 +27,7 @@ class Cache_Test extends Gallery_Unit_Test_Case { public function cache_exists_test() { $this->assert_false($this->_driver->exists("test_key"), "test_key should not be defined"); - $id = md5(mt_rand()); + $id = random::hash(); db::build() ->insert("caches") ->columns("key", "tags", "expiration", "cache") @@ -38,7 +38,7 @@ class Cache_Test extends Gallery_Unit_Test_Case { } public function cache_get_test() { - $id = md5(mt_rand()); + $id = random::hash(); db::build() ->insert("caches") @@ -54,7 +54,7 @@ class Cache_Test extends Gallery_Unit_Test_Case { } public function cache_set_test() { - $id = md5(mt_rand()); + $id = random::hash(); $original_data = array("field1" => "value1", "field2" => "value2"); $this->_driver->set(array($id => $original_data), array("tag1", "tag2"), 84600); @@ -63,15 +63,15 @@ class Cache_Test extends Gallery_Unit_Test_Case { } public function cache_get_tag_test() { - $id1 = md5(mt_rand()); + $id1 = random::hash(); $value1 = array("field1" => "value1", "field2" => "value2"); $this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600); - $id2 = md5(mt_rand()); + $id2 = random::hash(); $value2 = array("field3" => "value3", "field4" => "value4"); $this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 84600); - $id3 = md5(mt_rand()); + $id3 = random::hash(); $value3 = array("field5" => "value5", "field6" => "value6"); $this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600); @@ -86,15 +86,15 @@ class Cache_Test extends Gallery_Unit_Test_Case { } public function cache_delete_id_test() { - $id1 = md5(mt_rand()); + $id1 = random::hash(); $value1 = array("field1" => "value1", "field2" => "value2"); $this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600); - $id2 = md5(mt_rand()); + $id2 = random::hash(); $value2 = array("field3" => "value3", "field4" => "value4"); $this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 846000); - $id3 = md5(mt_rand()); + $id3 = random::hash(); $value3 = array("field5" => "value5", "field6" => "value6"); $this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600); @@ -106,15 +106,15 @@ class Cache_Test extends Gallery_Unit_Test_Case { } public function cache_delete_tag_test() { - $id1 = md5(mt_rand()); + $id1 = random::hash(); $value1 = array("field1" => "value1", "field2" => "value2"); $this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600); - $id2 = md5(mt_rand()); + $id2 = random::hash(); $value2 = array("field3" => "value3", "field4" => "value4"); $this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 846000); - $id3 = md5(mt_rand()); + $id3 = random::hash(); $value3 = array("field5" => "value5", "field6" => "value6"); $this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600); @@ -126,15 +126,15 @@ class Cache_Test extends Gallery_Unit_Test_Case { } public function cache_delete_all_test() { - $id1 = md5(mt_rand()); + $id1 = random::hash(); $value1 = array("field1" => "value1", "field2" => "value2"); $this->_driver->set(array($id1 => $value1), array("tag1", "tag2"), 84600); - $id2 = md5(mt_rand()); + $id2 = random::hash(); $value2 = array("field3" => "value3", "field4" => "value4"); $this->_driver->set(array($id2 => $value2), array("tag2", "tag3"), 846000); - $id3 = md5(mt_rand()); + $id3 = random::hash(); $value3 = array("field5" => "value5", "field6" => "value6"); $this->_driver->set(array($id3 => $value3), array("tag3", "tag4"), 84600); diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php index c93cc239..26db5a63 100644 --- a/modules/gallery/tests/Item_Helper_Test.php +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -92,7 +92,7 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { } public function move_conflicts_result_in_a_rename_test() { - $rand = mt_rand(); + $rand = random::int(); $photo1 = test::random_photo_unsaved(item::root()); $photo1->name = "{$rand}.jpg"; $photo1->slug = (string)$rand; diff --git a/modules/gallery/tests/Item_Model_Test.php b/modules/gallery/tests/Item_Model_Test.php index 0d6d10af..4987d2f9 100644 --- a/modules/gallery/tests/Item_Model_Test.php +++ b/modules/gallery/tests/Item_Model_Test.php @@ -278,10 +278,10 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { public function basic_validation_test() { $item = ORM::factory("item"); - $item->album_cover_item_id = mt_rand(); // invalid + $item->album_cover_item_id = random::int(); // invalid $item->description = str_repeat("x", 70000); // invalid $item->name = null; - $item->parent_id = mt_rand(); + $item->parent_id = random::int(); $item->slug = null; $item->sort_column = "bogus"; $item->sort_order = "bogus"; @@ -411,24 +411,24 @@ class Item_Model_Test extends Gallery_Unit_Test_Case { public function urls_test() { $photo = test::random_photo(); $this->assert_true( - preg_match("|http://./var/resizes/name_\d+\.jpg\?m=\d+|", $photo->resize_url()), + preg_match("|http://./var/resizes/name_\w+\.jpg\?m=\d+|", $photo->resize_url()), $photo->resize_url() . " is malformed"); $this->assert_true( - preg_match("|http://./var/thumbs/name_\d+\.jpg\?m=\d+|", $photo->thumb_url()), + preg_match("|http://./var/thumbs/name_\w+\.jpg\?m=\d+|", $photo->thumb_url()), $photo->thumb_url() . " is malformed"); $this->assert_true( - preg_match("|http://./var/albums/name_\d+\.jpg\?m=\d+|", $photo->file_url()), + preg_match("|http://./var/albums/name_\w+\.jpg\?m=\d+|", $photo->file_url()), $photo->file_url() . " is malformed"); // Albums have special thumbnails. Empty album has cachebuster of 0 since it has no thumbnail $album = test::random_album(); $this->assert_true( - preg_match("|http://./var/thumbs/name_\d+/\.album\.jpg\?m=0|", $album->thumb_url()), + preg_match("|http://./var/thumbs/name_\w+/\.album\.jpg\?m=0|", $album->thumb_url()), $album->thumb_url() . " is malformed"); $photo = test::random_photo($album); $this->assert_true( - preg_match("|http://./var/thumbs/name_\d+/\.album\.jpg\?m=\d+|", $album->thumb_url()), + preg_match("|http://./var/thumbs/name_\w+/\.album\.jpg\?m=\d+|", $album->thumb_url()), $album->thumb_url() . " is malformed"); } diff --git a/modules/gallery_unit_test/helpers/test.php b/modules/gallery_unit_test/helpers/test.php index d5149492..65c7f6b4 100644 --- a/modules/gallery_unit_test/helpers/test.php +++ b/modules/gallery_unit_test/helpers/test.php @@ -19,7 +19,7 @@ */ class test_Core { static function random_album_unsaved($parent=null) { - $rand = mt_rand(); + $rand = random::string(6); $album = ORM::factory("item"); $album->type = "album"; @@ -34,7 +34,7 @@ class test_Core { } static function random_photo_unsaved($parent=null) { - $rand = mt_rand(); + $rand = random::string(6); $photo = ORM::factory("item"); $photo->type = "photo"; $photo->parent_id = $parent ? $parent->id : 1; @@ -49,16 +49,16 @@ class test_Core { } static function random_user($password="password") { - $rand = "name_" . mt_rand(); + $rand = "name_" . random::string(6); return identity::create_user($rand, $rand, $password, "$rand@rand.com"); } static function random_group() { - return identity::create_group((string)mt_rand()); + return identity::create_group(random::string(6)); } static function random_name($item=null) { - $rand = "name_" . mt_rand(); + $rand = "name_" . random::string(6); if ($item && $item->is_photo()) { $rand .= ".jpg"; } @@ -77,7 +77,7 @@ class test_Core { static function random_tag() { $tag = ORM::factory("tag"); - $tag->name = (string)mt_rand(); + $tag->name = random::string(6); // Reload so that ORM coerces all fields into strings. return $tag->save()->reload(); diff --git a/modules/rest/helpers/rest.php b/modules/rest/helpers/rest.php index 58943700..9406e209 100644 --- a/modules/rest/helpers/rest.php +++ b/modules/rest/helpers/rest.php @@ -104,7 +104,7 @@ class rest_Core { if (!$key->loaded()) { $key->user_id = identity::active_user()->id; - $key->access_key = md5(md5(uniqid(mt_rand(), true) . access::private_key())); + $key->access_key = md5(random::hash() . access::private_key()); $key->save(); } diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php index 4d7a4a1b..9e241bd0 100644 --- a/modules/rest/helpers/rest_event.php +++ b/modules/rest/helpers/rest_event.php @@ -43,7 +43,7 @@ class rest_event { static function user_add_form_admin_completed($user, $form) { $key = ORM::factory("user_access_key"); $key->user_id = $user->id; - $key->access_key = md5($user->name . time() . mt_rand()); + $key->access_key = random::hash($user->name); $key->save(); } @@ -64,7 +64,7 @@ class rest_event { if (!$key->loaded()) { $key->user_id = $user->id; - $key->access_key = md5($user->name . time() . mt_rand()); + $key->access_key = random::hash($user->name); $key->save(); } @@ -93,7 +93,7 @@ class rest_event { if (!$key->loaded()) { $key->user_id = $data->user->id; - $key->access_key = md5($data->user->name . time() . mt_rand()); + $key->access_key = random::hash($data->user->name); $key->save(); } $view->rest_key = $key->access_key; diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php index 2e5eac5f..567e56dc 100644 --- a/modules/user/controllers/password.php +++ b/modules/user/controllers/password.php @@ -51,7 +51,7 @@ class Password_Controller extends Controller { $user_name = $form->reset->inputs["name"]->value; $user = user::lookup_by_name($user_name); if ($user && !empty($user->email)) { - $user->hash = md5(uniqid(mt_rand(), true)); + $user->hash = random::hash(); $user->save(); $message = new View("reset_password.html"); $message->confirm_url = url::abs_site("password/do_reset?key=$user->hash"); -- cgit v1.2.3 From 53a2652fd6ba652b1b6604f8a4930403376a3ef5 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Thu, 16 Dec 2010 20:36:00 -0800 Subject: Create url::merge_querystring() which merges a query string into an existing url. Fixes #1537. --- modules/gallery/helpers/MY_url.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/MY_url.php b/modules/gallery/helpers/MY_url.php index 877c5ada..d3ab1b4d 100644 --- a/modules/gallery/helpers/MY_url.php +++ b/modules/gallery/helpers/MY_url.php @@ -101,4 +101,18 @@ class url extends url_Core { static function current($qs=false, $suffix=false) { return htmlspecialchars(parent::current($qs, $suffix)); } + + /** + * Merge extra an query string onto a given url safely. + * @param string the original url + * @param array the query string data in key=value form + */ + static function merge_querystring($url, $query_params) { + $qs = implode("&", $query_params); + if (strpos($url, "?") === false) { + return $url . "?$qs"; + } else { + return $url . "&$qs"; + } + } } -- cgit v1.2.3 From 7eaf49a6ca97afbe6c82fc830602e7006d53f704 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Thu, 16 Dec 2010 20:38:01 -0800 Subject: Create a "tree" rest resource that can return the entire album tree in a single fast request, among other operations. Fixes #1538. --- modules/gallery/helpers/tree_rest.php | 91 +++++++++++++++++++++++++++++++++++ 1 file changed, 91 insertions(+) create mode 100644 modules/gallery/helpers/tree_rest.php (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/tree_rest.php b/modules/gallery/helpers/tree_rest.php new file mode 100644 index 00000000..616bebe3 --- /dev/null +++ b/modules/gallery/helpers/tree_rest.php @@ -0,0 +1,91 @@ + + * Only traverse this far down into the tree. If there are more albums + * below this depth, provide RESTful urls to other tree resources in + * the members section. Default is infinite. + * + * type= + * Restrict the items displayed to the given type. Default is all types. + * + * fields= + * In the entity section only return these fields for each item. + * Default is all fields. + */ + static function get($request) { + $item = rest::resolve($request->url); + access::required("view", $item); + + $query_params = array(); + $p = $request->params; + $where = array(); + if (isset($p->type)) { + $where[] = array("type", "=", $p->type); + $query_params[] = "type={$p->type}"; + } + + if (isset($p->depth)) { + $lowest_depth = $item->level + $p->depth; + $where[] = array("level", "<=", $lowest_depth); + $query_params[] = "depth={$p->depth}"; + } + + $fields = array(); + if (isset($p->fields)) { + $fields = explode(",", $p->fields); + $query_params[] = "fields={$p->fields}"; + } + + $entity = array(); + $members = array(); + foreach ($item->viewable()->descendants(null, null, $where) as $child) { + $entity[] = array("url" => rest::url("item", $child), + "entity" => $child->as_restful_array($fields)); + if (isset($lowest_depth) && $child->level == $lowest_depth) { + $members[] = url::merge_querystring(rest::url("tree", $child), $query_params); + } + } + + $result = array( + "url" => $request->url, + "entity" => $entity, + "members" => $members, + "relationships" => rest::relationships("tree", $item)); + return $result; + } + + static function resolve($id) { + $item = ORM::factory("item", $id); + if (!access::can("view", $item)) { + throw new Kohana_404_Exception(); + } + return $item; + } + + static function url($item) { + return url::abs_site("rest/tree/{$item->id}"); + } +} -- cgit v1.2.3 From 16555935ee45a09b8d5b5b351222631ba2ce2132 Mon Sep 17 00:00:00 2001 From: Kriss Andsten Date: Fri, 17 Dec 2010 11:32:58 +0800 Subject: Fetch permissions for non-albumbs by parent rather than by item, allowing the result to be cached. --- modules/gallery/helpers/access.php | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php index a7ac3f9f..bfe02b3c 100644 --- a/modules/gallery/helpers/access.php +++ b/modules/gallery/helpers/access.php @@ -99,8 +99,15 @@ class access_Core { return true; } + /* + We do this for cache reasons - if you check n photos in an album, it makes more sense + to check the album permissions once and let the cache deal with that, rather than check + every item individually and generate cache misses. + */ + $id = ($item->type == 'album') ? $item->id : $item->parent_id; $resource = $perm_name == "view" ? - $item : model_cache::get("access_cache", $item->id, "item_id"); + $item : model_cache::get("access_cache", $id, "item_id"); + foreach ($user->groups() as $group) { if ($resource->__get("{$perm_name}_{$group->id}") === access::ALLOW) { return true; @@ -136,8 +143,15 @@ class access_Core { * @return boolean */ static function group_can($group, $perm_name, $item) { + /* + We do this for cache reasons - if you check n photos in an album, it makes more sense + to check the album permissions once and let the cache deal with that, rather than check + every item individually and generate cache misses. + */ + $id = ($item->type == 'album') ? $item->id : $item->parent_id; $resource = $perm_name == "view" ? - $item : model_cache::get("access_cache", $item->id, "item_id"); + $item : model_cache::get("access_cache", $id, "item_id"); + return $resource->__get("{$perm_name}_{$group->id}") === access::ALLOW; } -- cgit v1.2.3 From 6e58fced201705d73f5e080f16f482ae0f15e333 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Thu, 16 Dec 2010 21:01:51 -0800 Subject: Follow on to 16555935ee45a09b8d5b5b351222631ba2ce2132 to clean up the style a bit. Tracked in #1539. --- modules/gallery/helpers/access.php | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php index bfe02b3c..4148049a 100644 --- a/modules/gallery/helpers/access.php +++ b/modules/gallery/helpers/access.php @@ -99,15 +99,12 @@ class access_Core { return true; } - /* - We do this for cache reasons - if you check n photos in an album, it makes more sense - to check the album permissions once and let the cache deal with that, rather than check - every item individually and generate cache misses. - */ - $id = ($item->type == 'album') ? $item->id : $item->parent_id; + // Use the nearest parent album (including the current item) so that we take advantage + // of the cache when checking many items in a single album. + $id = ($item->type == "album") ? $item->id : $item->parent_id; $resource = $perm_name == "view" ? $item : model_cache::get("access_cache", $id, "item_id"); - + foreach ($user->groups() as $group) { if ($resource->__get("{$perm_name}_{$group->id}") === access::ALLOW) { return true; @@ -143,15 +140,12 @@ class access_Core { * @return boolean */ static function group_can($group, $perm_name, $item) { - /* - We do this for cache reasons - if you check n photos in an album, it makes more sense - to check the album permissions once and let the cache deal with that, rather than check - every item individually and generate cache misses. - */ - $id = ($item->type == 'album') ? $item->id : $item->parent_id; + // Use the nearest parent album (including the current item) so that we take advantage + // of the cache when checking many items in a single album. + $id = ($item->type == "album") ? $item->id : $item->parent_id; $resource = $perm_name == "view" ? $item : model_cache::get("access_cache", $id, "item_id"); - + return $resource->__get("{$perm_name}_{$group->id}") === access::ALLOW; } -- cgit v1.2.3 From e60edcdeba577e8cdbdbbc700cb3dfe9d0dd9443 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 17 Dec 2010 17:30:00 -0800 Subject: Include the root in the tree output. --- modules/gallery/helpers/tree_rest.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/tree_rest.php b/modules/gallery/helpers/tree_rest.php index 616bebe3..21928cbe 100644 --- a/modules/gallery/helpers/tree_rest.php +++ b/modules/gallery/helpers/tree_rest.php @@ -59,7 +59,8 @@ class tree_rest_Core { $query_params[] = "fields={$p->fields}"; } - $entity = array(); + $entity = array(array("url" => rest::url("item", $item), + "entity" => $item->as_restful_array($fields))); $members = array(); foreach ($item->viewable()->descendants(null, null, $where) as $child) { $entity[] = array("url" => rest::url("item", $child), -- cgit v1.2.3 From dbb9b8b1c8ee5395a65b6329c793e7a2c398ef00 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 17 Dec 2010 22:19:46 -0800 Subject: Sort the Admin > Settings menu instead of relying on module activation order. Requires making Menu::get() return a reference. Fixes #1545. --- modules/gallery/helpers/gallery_event.php | 3 +++ modules/gallery/libraries/Admin_View.php | 4 ++++ modules/gallery/libraries/Menu.php | 5 +++-- 3 files changed, 10 insertions(+), 2 deletions(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index b59bb9b9..cbb939bb 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -371,6 +371,9 @@ class gallery_event_Core { ->id("admin_menu") ->label(t("Admin"))); module::event("admin_menu", $admin_menu, $theme); + + $settings_menu = $admin_menu->get("settings_menu"); + sort($settings_menu->elements); } } } diff --git a/modules/gallery/libraries/Admin_View.php b/modules/gallery/libraries/Admin_View.php index 74ed4fb3..11f8ad14 100644 --- a/modules/gallery/libraries/Admin_View.php +++ b/modules/gallery/libraries/Admin_View.php @@ -44,6 +44,10 @@ class Admin_View_Core extends Gallery_View { public function admin_menu() { $menu = Menu::factory("root"); module::event("admin_menu", $menu, $this); + + $settings_menu = $menu->get("settings_menu"); + sort($settings_menu->elements); + return $menu->render(); } diff --git a/modules/gallery/libraries/Menu.php b/modules/gallery/libraries/Menu.php index 3ad6ebef..58852a72 100644 --- a/modules/gallery/libraries/Menu.php +++ b/modules/gallery/libraries/Menu.php @@ -223,12 +223,13 @@ class Menu_Core extends Menu_Element { /** * Retrieve a Menu_Element by id */ - public function get($id) { + public function &get($id) { if (array_key_exists($id, $this->elements)) { return $this->elements[$id]; } - return null; + $null = null; + return $null; } public function is_empty() { -- cgit v1.2.3 From 612ddd7050889974fc1f7e449e715b4c1129c0bb Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sat, 18 Dec 2010 11:55:04 -0800 Subject: Warn admins after login if their PHP install has the session.use_trans_sid feature enabled, since this will cause random logouts. Partial fix for #1316. --- modules/gallery/helpers/gallery_event.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index cbb939bb..5d3ee6ee 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -178,6 +178,10 @@ class gallery_event_Core { } Session::instance()->set("active_auth_timestamp", time()); auth::clear_failed_attempts($user); + + if ($user->admin && ini_get("session.use_trans_sid")) { + message::info(t("PHP is configured with session.use_trans_sid enabled which will cause random logouts. Please disable this setting.", array("url" => "http://www.php.net/manual/en/session.configuration.php#ini.session.use-trans-sid"))); + } } static function user_auth_failed($name) { -- cgit v1.2.3 From 48640005a4edac955d9087f62fed1ab5f756b686 Mon Sep 17 00:00:00 2001 From: Kriss Andsten Date: Tue, 21 Dec 2010 09:03:46 +0800 Subject: Packaging + tests of Bharat's find_by_path routine. --- modules/gallery/helpers/item.php | 25 +++++++++++++++- modules/gallery/tests/Item_Helper_Test.php | 48 ++++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+), 1 deletion(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php index 664da812..dbad59b9 100644 --- a/modules/gallery/helpers/item.php +++ b/modules/gallery/helpers/item.php @@ -208,7 +208,30 @@ class item_Core { return $model; } - + + static function find_by_path($path) { + $path = trim($path, '/'); + + // The root path name is NULL, not '', hence this workaround. + if ($path == '') { + return ORM::factory("item", 1); + } + + $paths = explode("/", $path); + $count = count($paths); + foreach (ORM::factory("item") + ->where('name', '=', $paths[$count - 1]) + ->where('level', '=', $count + 1) + ->find_all() as $item) { + if (urldecode($item->relative_path()) == $path) { + return $item; + } + } + + return false; + } + + /** * Return the root Item_Model * @return Item_Model diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php index 26db5a63..1fced654 100644 --- a/modules/gallery/tests/Item_Helper_Test.php +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -125,4 +125,52 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { $this->assert_same($photo2->id, $album->album_cover_item_id); $this->assert_same($photo2->id, $parent->album_cover_item_id); } + + public function find_by_path_does_the_right_thing_test() { + $level1 = test::random_album(); + $level2 = test::random_album($level1); + $level3 = test::random_photo($level2); + $level3->name = 'same.jpg'; + $level3->save(); + + $level2b = test::random_album($level1); + $level3b = test::random_photo($level2b); + $level3b->name = 'same.jpg'; + $level3b->save(); + + // Item in album + $this->assert_same( + item::find_by_path('/' . $level1->name . '/' . $level2->name . '/' . $level3->name)->id, + $level3->id); + + // Album, ends with a slash + $this->assert_same( + item::find_by_path($level1->name . '/' . $level2->name . '/')->id, + $level2->id); + + // Album, ends without a slash + $this->assert_same( + item::find_by_path('/' . $level1->name . '/' . $level2->name)->id, + $level2->id); + + // Return root if '' is passed + $this->assert_same( + item::find_by_path('')->id, + "1"); + + // Verify that we don't get confused by the part names + $this->assert_same( + item::find_by_path($level1->name . '/' . $level2->name . '/' . $level3->name)->id, + $level3->id); + + $this->assert_same( + item::find_by_path($level1->name . '/' . $level2b->name . '/' . $level3b->name)->id, + $level3b->id); + + // Verify that we don't get false positives + $this->assert_same( + item::find_by_path('foo/bar/baz'), + false); + + } } -- cgit v1.2.3 From addd384bbdca6a9f066403c1d2919f3e863e072e Mon Sep 17 00:00:00 2001 From: Kriss Andsten Date: Wed, 22 Dec 2010 07:55:26 +0800 Subject: Minor changes to satisfy the G3 code standards. --- modules/gallery/helpers/item.php | 15 ++++++++++----- modules/gallery/tests/Item_Helper_Test.php | 18 +++++++++--------- 2 files changed, 19 insertions(+), 14 deletions(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php index dbad59b9..f38d9888 100644 --- a/modules/gallery/helpers/item.php +++ b/modules/gallery/helpers/item.php @@ -208,20 +208,25 @@ class item_Core { return $model; } - + + /** + * Return an item by path. + * @param string $path + * @return object item + */ static function find_by_path($path) { - $path = trim($path, '/'); + $path = trim($path, "/"); // The root path name is NULL, not '', hence this workaround. if ($path == '') { - return ORM::factory("item", 1); + return ORM::factory("item", item::root()); } $paths = explode("/", $path); $count = count($paths); foreach (ORM::factory("item") - ->where('name', '=', $paths[$count - 1]) - ->where('level', '=', $count + 1) + ->where("name", "=", $paths[$count - 1]) + ->where("level", "=", $count + 1) ->find_all() as $item) { if (urldecode($item->relative_path()) == $path) { return $item; diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php index 1fced654..4bc64ff0 100644 --- a/modules/gallery/tests/Item_Helper_Test.php +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -130,46 +130,46 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { $level1 = test::random_album(); $level2 = test::random_album($level1); $level3 = test::random_photo($level2); - $level3->name = 'same.jpg'; + $level3->name = "same.jpg"; $level3->save(); $level2b = test::random_album($level1); $level3b = test::random_photo($level2b); - $level3b->name = 'same.jpg'; + $level3b->name = "same.jpg"; $level3b->save(); // Item in album $this->assert_same( - item::find_by_path('/' . $level1->name . '/' . $level2->name . '/' . $level3->name)->id, + item::find_by_path("/" . $level1->name . "/" . $level2->name . "/" . $level3->name)->id, $level3->id); // Album, ends with a slash $this->assert_same( - item::find_by_path($level1->name . '/' . $level2->name . '/')->id, + item::find_by_path($level1->name . "/" . $level2->name . "/")->id, $level2->id); // Album, ends without a slash $this->assert_same( - item::find_by_path('/' . $level1->name . '/' . $level2->name)->id, + item::find_by_path("/" . $level1->name . "/" . $level2->name)->id, $level2->id); // Return root if '' is passed $this->assert_same( - item::find_by_path('')->id, + item::find_by_path("")->id, "1"); // Verify that we don't get confused by the part names $this->assert_same( - item::find_by_path($level1->name . '/' . $level2->name . '/' . $level3->name)->id, + item::find_by_path($level1->name . "/" . $level2->name . "/" . $level3->name)->id, $level3->id); $this->assert_same( - item::find_by_path($level1->name . '/' . $level2b->name . '/' . $level3b->name)->id, + item::find_by_path($level1->name . "/" . $level2b->name . "/" . $level3b->name)->id, $level3b->id); // Verify that we don't get false positives $this->assert_same( - item::find_by_path('foo/bar/baz'), + item::find_by_path("foo/bar/baz"), false); } -- cgit v1.2.3 From f493130e59f26d41f090c5ca40e95b416b9b154b Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 21 Dec 2010 16:55:01 -0800 Subject: Tighten up item::find_by_path slightly. Augment the tests to cover special characters in the file name ("+" is an edge case differentiator between rawurlencode and urlencode). --- modules/gallery/helpers/item.php | 25 ++++++++++++------------- modules/gallery/tests/Item_Helper_Test.php | 2 +- 2 files changed, 13 insertions(+), 14 deletions(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php index f38d9888..3596a2bf 100644 --- a/modules/gallery/helpers/item.php +++ b/modules/gallery/helpers/item.php @@ -210,33 +210,32 @@ class item_Core { } /** - * Return an item by path. + * Find an item by its path. If there's no match, return an empty Item_Model. * @param string $path - * @return object item + * @return object Item_Model */ static function find_by_path($path) { $path = trim($path, "/"); - - // The root path name is NULL, not '', hence this workaround. - if ($path == '') { - return ORM::factory("item", item::root()); + + // The root path name is NULL not "", hence this workaround. + if ($path == "") { + return item::root(); } - + $paths = explode("/", $path); - $count = count($paths); foreach (ORM::factory("item") - ->where("name", "=", $paths[$count - 1]) - ->where("level", "=", $count + 1) + ->where("name", "=", end($paths)) + ->where("level", "=", count($paths) + 1) ->find_all() as $item) { if (urldecode($item->relative_path()) == $path) { return $item; } } - + return false; } - - + + /** * Return the root Item_Model * @return Item_Model diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php index d60380f0..4124e453 100644 --- a/modules/gallery/tests/Item_Helper_Test.php +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -135,7 +135,7 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { $level2b = test::random_album($level1); $level3b = test::random_photo($level2b); - $level3b->name = "same.jpg"; + $level3b->name = "has spaces+plusses.jpg"; $level3b->save(); // Item in album -- cgit v1.2.3 From 2a08cbf76da0f9984c0e182e6c448b516d8d7db3 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 21 Dec 2010 16:58:54 -0800 Subject: Return an empty Item_Model when item::find_by_path fails --- modules/gallery/helpers/item.php | 2 +- modules/gallery/tests/Item_Helper_Test.php | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php index 3596a2bf..08a04ad0 100644 --- a/modules/gallery/helpers/item.php +++ b/modules/gallery/helpers/item.php @@ -232,7 +232,7 @@ class item_Core { } } - return false; + return new Item_Model(); } diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php index 4124e453..0aa7504e 100644 --- a/modules/gallery/tests/Item_Helper_Test.php +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -166,8 +166,7 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { item::find_by_path("{$level1->name}/{$level2b->name}/{$level3b->name}")->id); // Verify that we don't get false positives - $this->assert_same( - false, - item::find_by_path("foo/bar/baz")); + $this->assert_false( + item::find_by_path("foo/bar/baz")->loaded()); } } -- cgit v1.2.3 From d9299f3b3f4b1a52f5b68399cfcaa96d5b367899 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 21 Dec 2010 19:33:47 -0800 Subject: Change item::find_by_path() to check the relative_path_cache first, and only fall back the name/level comparison if there's no cached entry. Update tests accordingly. --- modules/gallery/helpers/item.php | 16 ++++++++++++++++ modules/gallery/tests/Item_Helper_Test.php | 20 ++++++++++++++++---- 2 files changed, 32 insertions(+), 4 deletions(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php index 08a04ad0..bac189f4 100644 --- a/modules/gallery/helpers/item.php +++ b/modules/gallery/helpers/item.php @@ -211,6 +211,7 @@ class item_Core { /** * Find an item by its path. If there's no match, return an empty Item_Model. + * NOTE: the caller is responsible for performing security checks on the resulting item. * @param string $path * @return object Item_Model */ @@ -222,6 +223,21 @@ class item_Core { return item::root(); } + // Check to see if there's an item in the database with a matching relative_path_cache value. + // Since that field is urlencoded, we must urlencoded the components of the path. + foreach (explode("/", $path) as $part) { + $encoded_array[] = rawurlencode($part); + } + $encoded_path = join("/", $encoded_array); + $item = ORM::factory("item") + ->where("relative_path_cache", "=", $encoded_path) + ->find(); + if ($item->loaded()) { + return $item; + } + + // Since the relative_path_cache field is a cache, it can be unavailable. If we don't find + // anything, fall back to checking the path the hard way. $paths = explode("/", $path); foreach (ORM::factory("item") ->where("name", "=", end($paths)) diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php index 0aa7504e..13ecec2b 100644 --- a/modules/gallery/tests/Item_Helper_Test.php +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -129,14 +129,21 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { public function find_by_path_test() { $level1 = test::random_album(); $level2 = test::random_album($level1); - $level3 = test::random_photo($level2); + $level3 = test::random_photo_unsaved($level2); $level3->name = "same.jpg"; - $level3->save(); + $level3->save()->reload(); $level2b = test::random_album($level1); - $level3b = test::random_photo($level2b); + $level3b = test::random_photo_unsaved($level2b); $level3b->name = "has spaces+plusses.jpg"; - $level3b->save(); + $level3b->save()->reload(); + + // Make sure that some of the calls below use the fallback code. + db::build() + ->update("items") + ->set(array("relative_url_cache" => null, "relative_path_cache" => null)) + ->where("id", "IN", array($level3->id, $level3b->id)) + ->execute(); // Item in album $this->assert_same( @@ -168,5 +175,10 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { // Verify that we don't get false positives $this->assert_false( item::find_by_path("foo/bar/baz")->loaded()); + + // Verify that the fallback code works + $this->assert_same( + $level3b->id, + item::find_by_path("{$level1->name}/{$level2b->name}/{$level3b->name}")->id); } } -- cgit v1.2.3 From 98fd1e9957ff0d65d1bbb0eaa2df6c1e59487b25 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 21 Dec 2010 20:47:07 -0800 Subject: Implement item::find_by_relative_url with tests. --- modules/gallery/helpers/item.php | 26 +++++++++++ modules/gallery/tests/Item_Helper_Test.php | 70 +++++++++++++++++++++++++----- 2 files changed, 86 insertions(+), 10 deletions(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php index bac189f4..29dd8603 100644 --- a/modules/gallery/helpers/item.php +++ b/modules/gallery/helpers/item.php @@ -252,6 +252,32 @@ class item_Core { } + /** + * Locate an item using the URL. We assume that the url is in the form /a/b/c where each + * component matches up with an item slug. If there's no match, return an empty Item_Model + * NOTE: the caller is responsible for performing security checks on the resulting item. + * @param string $url the relative url fragment + * @return Item_Model + */ + static function find_by_relative_url($relative_url) { + // In most cases, we'll have an exact match in the relative_url_cache item field. + // but failing that, walk down the tree until we find it. The fallback code will fix caches + // as it goes, so it'll never be run frequently. + $item = ORM::factory("item")->where("relative_url_cache", "=", $relative_url)->find(); + if (!$item->loaded()) { + $segments = explode("/", $relative_url); + foreach (ORM::factory("item") + ->where("slug", "=", end($segments)) + ->where("level", "=", count($segments) + 1) + ->find_all() as $match) { + if ($match->relative_url() == $relative_url) { + $item = $match; + } + } + } + return $item; + } + /** * Return the root Item_Model * @return Item_Model diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php index 13ecec2b..42acfb18 100644 --- a/modules/gallery/tests/Item_Helper_Test.php +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -128,23 +128,19 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { public function find_by_path_test() { $level1 = test::random_album(); - $level2 = test::random_album($level1); + $level2 = test::random_album_unsaved($level1); + $level2->name = "plus + space"; + $level2->save()->reload(); + $level3 = test::random_photo_unsaved($level2); $level3->name = "same.jpg"; $level3->save()->reload(); $level2b = test::random_album($level1); $level3b = test::random_photo_unsaved($level2b); - $level3b->name = "has spaces+plusses.jpg"; + $level3b->name = "same.jpg"; $level3b->save()->reload(); - // Make sure that some of the calls below use the fallback code. - db::build() - ->update("items") - ->set(array("relative_url_cache" => null, "relative_path_cache" => null)) - ->where("id", "IN", array($level3->id, $level3b->id)) - ->execute(); - // Item in album $this->assert_same( $level3->id, @@ -163,7 +159,12 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { // Return root if "" is passed $this->assert_same(item::root()->id, item::find_by_path("")->id); - // Verify that we don't get confused by the part names + // Verify that we don't get confused by the part names, using the fallback code. + db::build() + ->update("items") + ->set(array("relative_path_cache" => null)) + ->where("id", "IN", array($level3->id, $level3b->id)) + ->execute(); $this->assert_same( $level3->id, item::find_by_path("{$level1->name}/{$level2->name}/{$level3->name}")->id); @@ -181,4 +182,53 @@ class Item_Helper_Test extends Gallery_Unit_Test_Case { $level3b->id, item::find_by_path("{$level1->name}/{$level2b->name}/{$level3b->name}")->id); } + + public function find_by_relative_url_test() { + $level1 = test::random_album(); + $level2 = test::random_album($level1); + $level3 = test::random_photo_unsaved($level2); + $level3->slug = "same"; + $level3->save()->reload(); + + $level2b = test::random_album($level1); + $level3b = test::random_photo_unsaved($level2b); + $level3b->slug = "same"; + $level3b->save()->reload(); + + // Item in album + $this->assert_same( + $level3->id, + item::find_by_relative_url("{$level1->slug}/{$level2->slug}/{$level3->slug}")->id); + + // Album, ends without a slash + $this->assert_same( + $level2->id, + item::find_by_relative_url("{$level1->slug}/{$level2->slug}")->id); + + // Return root if "" is passed + $this->assert_same(item::root()->id, item::find_by_relative_url("")->id); + + // Verify that we don't get confused by the part slugs, using the fallback code. + db::build() + ->update("items") + ->set(array("relative_url_cache" => null)) + ->where("id", "IN", array($level3->id, $level3b->id)) + ->execute(); + $this->assert_same( + $level3->id, + item::find_by_relative_url("{$level1->slug}/{$level2->slug}/{$level3->slug}")->id); + + $this->assert_same( + $level3b->id, + item::find_by_relative_url("{$level1->slug}/{$level2b->slug}/{$level3b->slug}")->id); + + // Verify that we don't get false positives + $this->assert_false( + item::find_by_relative_url("foo/bar/baz")->loaded()); + + // Verify that the fallback code works + $this->assert_same( + $level3b->id, + item::find_by_relative_url("{$level1->slug}/{$level2b->slug}/{$level3b->slug}")->id); + } } -- cgit v1.2.3 From 032e6fde5f99c3150a4ae70e410ce314d8c3877a Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Tue, 21 Dec 2010 20:47:14 -0800 Subject: Change MY_url::parse_url to use item::find_by_relative_url. --- modules/gallery/helpers/MY_url.php | 28 +--------------------------- 1 file changed, 1 insertion(+), 27 deletions(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/MY_url.php b/modules/gallery/helpers/MY_url.php index d3ab1b4d..8ac26602 100644 --- a/modules/gallery/helpers/MY_url.php +++ b/modules/gallery/helpers/MY_url.php @@ -31,7 +31,7 @@ class url extends url_Core { return; } - $item = self::get_item_from_uri(Router::$current_uri); + $item = item::find_by_relative_url(html_entity_decode(Router::$current_uri, ENT_QUOTES)); if ($item && $item->loaded()) { Router::$controller = "{$item->type}s"; Router::$controller_path = MODPATH . "gallery/controllers/{$item->type}s.php"; @@ -40,32 +40,6 @@ class url extends url_Core { } } - /** - * Locate an item using the URI. We assume that the uri is in the form /a/b/c where each - * component matches up with an item slug. - * @param string $uri the uri fragment - * @return Item_Model - */ - static function get_item_from_uri($uri) { - $current_uri = html_entity_decode($uri, ENT_QUOTES); - // In most cases, we'll have an exact match in the relative_url_cache item field. - // but failing that, walk down the tree until we find it. The fallback code will fix caches - // as it goes, so it'll never be run frequently. - $item = ORM::factory("item")->where("relative_url_cache", "=", $current_uri)->find(); - if (!$item->loaded()) { - $count = count(Router::$segments); - foreach (ORM::factory("item") - ->where("slug", "=", html_entity_decode(Router::$segments[$count - 1], ENT_QUOTES)) - ->where("level", "=", $count + 1) - ->find_all() as $match) { - if ($match->relative_url() == $current_uri) { - $item = $match; - } - } - } - return $item; - } - /** * Just like url::file() except that it returns an absolute URI */ -- cgit v1.2.3