From 01bad461df11e60f6c92ad68980203cb9ef8425d Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 29 Nov 2009 12:39:21 -0800 Subject: Publish theme_edit_form and theme_edit_form_completed events so that themes can piggyback on the regular Admin > Appearance > Theme Options page. --- modules/gallery/helpers/theme.php | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/theme.php b/modules/gallery/helpers/theme.php index 75b48bcc..247aa5c4 100644 --- a/modules/gallery/helpers/theme.php +++ b/modules/gallery/helpers/theme.php @@ -85,6 +85,10 @@ class theme_Core { ->value(module::get_var("gallery", "footer_text")); $group->checkbox("show_credits")->label(t("Show site credits"))->id("g-footer-text") ->checked(module::get_var("gallery", "show_credits")); + + module::event("theme_edit_form", $form); + + $group = $form->group("buttons"); $group->submit("")->value(t("Save")); return $form; } -- cgit v1.2.3 From 1b41ad8c42ef02245147c75d8cb87e65712b1843 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Sun, 29 Nov 2009 22:47:33 -0800 Subject: Don't use PathInfo based urls to reroute access protection. Fixes ticket #922. --- modules/gallery/helpers/access.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php index c1c1f9d1..f54afa10 100644 --- a/modules/gallery/helpers/access.php +++ b/modules/gallery/helpers/access.php @@ -609,7 +609,7 @@ class access_Core { $dirs[] = dirname($album->thumb_path()); } - $base_url = url::site("file_proxy"); + $base_url = url::site("?kohana_uri=/file_proxy"); foreach ($dirs as $dir) { if ($value === self::DENY) { $fp = fopen("$dir/.htaccess", "w+"); -- cgit v1.2.3 From 299da7b54f17408a53f7771305bcdd22ef94ec36 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 30 Nov 2009 10:59:00 -0800 Subject: Don't allow the extra "/?" sequence (ie: "/index.php/?kohana_uri=...") in the generated .htaccess files. --- modules/gallery/helpers/access.php | 1 + 1 file changed, 1 insertion(+) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php index f54afa10..88a02ce2 100644 --- a/modules/gallery/helpers/access.php +++ b/modules/gallery/helpers/access.php @@ -610,6 +610,7 @@ class access_Core { } $base_url = url::site("?kohana_uri=/file_proxy"); + $base_url = str_replace("/?", "?", $base_url); foreach ($dirs as $dir) { if ($value === self::DENY) { $fp = fopen("$dir/.htaccess", "w+"); -- cgit v1.2.3 From 852653ef2415dc070c27ce151ed399525ddfa5a0 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Mon, 30 Nov 2009 11:10:58 -0800 Subject: Clean up item routing a bit. 1) The new default route is "albums", and Albums_Controller::index() does the right thing 2) Items_Controller redirects to the appropriate specific controller 3) All item controllers now have show() instead of _show(), so that the routing code in url::parse_url() can get to it. But that code is protected against receiving bogus requests. --- modules/gallery/config/routes.php | 2 +- modules/gallery/controllers/albums.php | 11 ++++++++++- modules/gallery/controllers/items.php | 8 +++++--- modules/gallery/controllers/movies.php | 7 ++++++- modules/gallery/controllers/photos.php | 7 ++++++- modules/gallery/helpers/MY_url.php | 3 ++- 6 files changed, 30 insertions(+), 8 deletions(-) (limited to 'modules/gallery/helpers') diff --git a/modules/gallery/config/routes.php b/modules/gallery/config/routes.php index 503d6f5b..63cc6150 100644 --- a/modules/gallery/config/routes.php +++ b/modules/gallery/config/routes.php @@ -25,4 +25,4 @@ $config["^admin_.*"] = null; $config["^form/(edit|add)/(\w+)/(.*)$"] = "$2/form_$1/$3"; // Default page is the root album -$config["_default"] = "albums/1"; +$config["_default"] = "albums"; diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index 43040b67..0cfee7cd 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -18,7 +18,16 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class Albums_Controller extends Items_Controller { - public function _show($album) { + public function index() { + $this->_show(ORM::factory("item", 1)); + } + + public function show($album) { + if (!is_object($album)) { + // show() must be public because we route to it in url::parse_url(), so make + // sure that we're actually receiving an object + Kohana::show_404(); + } $page_size = module::get_var("gallery", "page_size", 9); if (!access::can("view", $album)) { if ($album->id == 1) { diff --git a/modules/gallery/controllers/items.php b/modules/gallery/controllers/items.php index ec3681a3..b350c5a2 100644 --- a/modules/gallery/controllers/items.php +++ b/modules/gallery/controllers/items.php @@ -23,10 +23,12 @@ class Items_Controller extends Controller { if (!$item->loaded) { return Kohana::show_404(); } + // Redirect to the more specific resource type, since it will render - // differently. We could also just delegate here, but it feels more appropriate - // to have a single canonical resource mapping. + // differently. We can't delegate here because we may have gotten to this + // page via /items/ which means that we don't have a type-specific controller. Also, we + // want to drive a single canonical resource mapping where possible. access::required("view", $item); - return $this->_show($item); + url::redirect($item->abs_url()); } } diff --git a/modules/gallery/controllers/movies.php b/modules/gallery/controllers/movies.php index 3d5eac32..575b2b60 100644 --- a/modules/gallery/controllers/movies.php +++ b/modules/gallery/controllers/movies.php @@ -18,7 +18,12 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class Movies_Controller extends Items_Controller { - public function _show($movie) { + public function show($movie) { + if (!is_object($movie)) { + // show() must be public because we route to it in url::parse_url(), so make + // sure that we're actually receiving an object + Kohana::show_404(); + } access::required("view", $movie); $where = array("type != " => "album"); diff --git a/modules/gallery/controllers/photos.php b/modules/gallery/controllers/photos.php index f052eccd..ba4cfb83 100644 --- a/modules/gallery/controllers/photos.php +++ b/modules/gallery/controllers/photos.php @@ -18,7 +18,12 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class Photos_Controller extends Items_Controller { - public function _show($photo) { + public function show($photo) { + if (!is_object($photo)) { + // show() must be public because we route to it in url::parse_url(), so make + // sure that we're actually receiving an object + Kohana::show_404(); + } access::required("view", $photo); $where = array("type != " => "album"); diff --git a/modules/gallery/helpers/MY_url.php b/modules/gallery/helpers/MY_url.php index 368c947e..139aec21 100644 --- a/modules/gallery/helpers/MY_url.php +++ b/modules/gallery/helpers/MY_url.php @@ -35,7 +35,8 @@ class url extends url_Core { if ($item && $item->loaded) { Router::$controller = "{$item->type}s"; Router::$controller_path = MODPATH . "gallery/controllers/{$item->type}s.php"; - Router::$method = $item->id; + Router::$method = "show"; + Router::$arguments = array($item); } } -- cgit v1.2.3